October 2024

Slowroll for ARM
by Kasimir 30 Oct '24

30 Oct '24

Hello everyone, is Slowroll actually planned for ARM? Greetings Kasimir

1 0

New Arm Tumbleweed snapshot 20241028 released!
by Guillaume Gardet 29 Oct '24

29 Oct '24

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.… [View More]

1 0

New Arm Tumbleweed snapshot 20241027 released!
by Guillaume Gardet 28 Oct '24

28 Oct '24

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.… [View More]

1 0

New Arm Tumbleweed snapshot 20241023 released!
by Guillaume Gardet 24 Oct '24

24 Oct '24

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.… [View More]org/openSUSE:Submitting_bug_reports Packages changed: bind (9.20.2 -> 9.20.3) brltty (6.6 -> 6.7) dav1d (1.4.3 -> 1.5.0) dtc (1.7.0 -> 1.7.1) evolution (3.54.0 -> 3.54.1) evolution-data-server (3.54.0 -> 3.54.1) evolution-ews (3.54.0 -> 3.54.1) freerdp (3.8.0 -> 3.9.0) gcc13 ghostscript (10.03.1 -> 10.04.0) gimp gjs (1.82.0 -> 1.82.1) gnome-control-center (47.0.1+8 -> 47.1.1) gnome-online-accounts (3.52.0 -> 3.52.1) gnome-remote-desktop (46.5 -> 47.1) gnome-shell (47.0 -> 47.1) gnome-shell-extensions (47.0 -> 47.1) gnome-sudoku (47.0 -> 47.1.1) gnome-terminal (3.54.0 -> 3.54.1) gnome-text-editor (47.0 -> 47.1) grub2 gtk2 gtk3 gvfs (1.56.0 -> 1.56.1) hwinfo (23.2 -> 23.3) kernel-firmware (20241001 -> 20241018) libheif libjcat (0.2.1 -> 0.2.2) libnbd (1.20.2 -> 1.20.3) libpipeline (1.5.7 -> 1.5.8) libspelling (0.4.3 -> 0.4.4) libunistring (1.2 -> 1.3) libvirt man (2.12.1 -> 2.13.0) meson (1.5.2 -> 1.6.0) mutter (47.0+19 -> 47.1) nautilus (47.0+8 -> 47.0+14) nbdkit (1.40.3 -> 1.40.4) ncurses (6.5.20240928 -> 6.5.20241019) nvidia-open-driver-G06-signed-cuda (555.42.06_k6.11.3_1 -> 555.42.06_k6.11.3_2) open-vm-tools (12.4.5 -> 12.5.0) openSUSE-release (20241018 -> 20241023) openssl-3 ovmf (202405 -> 202408) patterns-base perl-XML-Parser pipewire postgresql17 python-anyio (4.6.0 -> 4.6.2.post1) python-certifi (2024.7.4 -> 2024.8.30) python-charset-normalizer (3.3.2 -> 3.4.0) python-cryptography (43.0.1 -> 43.0.3) python-numpy (2.1.1 -> 2.1.2) qt6-base rng-tools samba (4.21.0+git.363.84c94ca948f -> 4.21.1+git.367.e1da597d86e) selinux-policy (20240930 -> 20241021) subversion (1.14.3 -> 1.14.4) supermin texlive tigervnc totem (43.0 -> 43.1) tree-sitter (0.24.2 -> 0.24.3) u-boot-rpiarm64 unar unbound (1.21.1 -> 1.22.0) virtiofsd (1.11.1 -> 1.12.0) vte (0.78.0 -> 0.78.1) webkit2gtk3 (2.46.1 -> 2.46.2) wireplumber xf86-input-evdev (2.10.6 -> 2.11.0) xf86-input-libinput (1.4.0 -> 1.5.0) xfsprogs (6.10.1 -> 6.11.0) xz (5.6.2 -> 5.6.3) yast2-auth-client (5.0.0 -> 5.0.1) yast2-installation (5.0.14 -> 5.0.15) zlib-ng-compat (2.2.1 -> 2.2.2) === Details === ==== bind ==== Version update (9.20.2 -> 9.20.3) Subpackages: bind-doc bind-utils - Update to release 9.20.3 New Features: * Log query response status to the query log. * Log a query response summary using the new responses category. Logging can be controlled via the responselog option and via rndc responselog. * Added WALLET type. * Add the new record type WALLET (262). This provides a mapping from a domain name to a cryptographic currency wallet. Multiple mappings can exist if multiple records exist. Feature Changes: * Set logging category for notify/xfer-in-related messages. * Some notify and xfer-in-related log messages were logged at the âgeneralâ category level instead of their own category. This has been fixed. * Allow IXFR-to-AXFR fallback on DNS_R_TOOMANYRECORDS. * This change allows fallback from an IXFR failure to AXFR when the reason is DNS_R_TOOMANYRECORDS. Bug Fixes: * Fix a statistics channel counter bug when âforward onlyâ zones are used. * When resolving a zone with a âforward onlyâ policy, and finding out that all the forwarders were marked as âbadâ, the âServerQuotaâ counter of the statistics channel was incorrectly increased. This has been fixed. * Fix a bug in the static-stub implementation. * Static-stub addresses and addresses from other sources were being mixed together, resulting in static-stub queries going to addresses not specified in the configuration, or alternatively, static-stub addresses being used instead of the correct server addresses. * Donât allow statistics-channels if libxml2 and libjson-c are not configured. * When BIND 9 is not configured with the libxml2 and libjson-c libraries, the use of the statistics-channels option is a fatal error. * Separate DNSSEC validation from long-running tasks. * Split CPU-intensive and long-running tasks into separate threadpools in a way that the long-running tasks - like RPZ, catalog zone processing, or zone file operations - donât block CPU-intensive operations like DNSSEC validations. * Fix an assertion failure when processing access control lists. * The named process could terminate unexpectedly when processing ACLs. This has been fixed. * Fix a bug in Offline KSK using a ZSK with an unlimited lifetime. * If the ZSK had an unlimited lifetime, the timing metadata Inactive and Delete could not be found and were treated as an error, preventing the zone from being signed. This has been fixed. * Limit the outgoing UDP send queue size. * If the operating system UDP queue got full and the outgoing UDP sending started to be delayed, BIND 9 could exhibit memory spikes as it tried to enqueue all the outgoing UDP messages. It now tries to deliver the outgoing UDP messages synchronously; if that fails, it drops the outgoing DNS message that would get queued up and then timeout on the client side. * Do not set SO_INCOMING_CPU. * Remove the SO_INCOMING_CPU setting as kernel scheduling performs better without constraints. * Fix the rndc dumpdb commandâs error reporting. * The rndc dumpdb command was not reporting errors that occurred when named started up the database dump process. This has been fixed. * Fix long-running incoming transfers. * Incoming transfers that took longer than 30 seconds would stop reading from the TCP stream and the incoming transfer would be indefinitely stuck, causing BIND 9 to hang during shutdown. * This has been fixed, and the max-transfer-time-in and max-transfer-idle-in timeouts are now honored. * Fix an assertion failure when receiving DNS responses over TCP. * When matching the received Query ID in the TCP connection, an invalid Query ID could cause an assertion failure. This has been fixed. ==== brltty ==== Version update (6.6 -> 6.7) Subpackages: brltty-driver-at-spi2 brltty-driver-brlapi brltty-driver-speech-dispatcher brltty-driver-xwindow libbrlapi0_8 python3-brlapi system-user-brltty xbrlapi - Update to version 6.7: + Too many changes; please read ChangeLog - Drop e6707d5e.patch: fixed upstream. - API version is now 0.8.6. - Added patch: * brltty-reproducible-jar-mtime.patch + Use SOURCE_DATE_EPOCH for reproducible jar mtime + Applied if building with Java >= 17 ==== dav1d ==== Version update (1.4.3 -> 1.5.0) - Update to version 1.5.0 * WARNING: we removed some of the SSE2 optimizations, so if you care about systems without SSSE3, you should be careful when updating! * Optimize index offset calculations for decode_coefs * picture: copy HDR10+ and T35 metadata only to visible frames * SSSE3 new optimizations for 6-tap (8bit and hbd) * AArch64/SVE: Add HBD subpel filters using 128-bit SVE2 * AArch64: Add USMMLA implempentation for 6-tap H/HV * AArch64: Optimize Armv8.0 NEON for HBD horizontal filters and 6-tap filters * Power9: Optimized ITX till 16x4. * Loongarch: numerous optimizations * RISC-V optimizations for pal, cdef_filter, ipred, mc_blend, mc_bdir, itx * Allow playing videos in full-screen mode in dav1dplay ==== dtc ==== Version update (1.7.0 -> 1.7.1) - Update to 1.7.1: * dtc * Fix check for 10-bit I2C addresses * Improve documentation of -@ option * Update to libyaml >= 0.2.3 * Improvements & fixes for device graph checks * Add -L / --local-fixups option * Add check for length of interrupt-map properties * libfdt * Add fdt_path_getprop_namelen() * Add fdt_get_symbol() and fdt_get_symbol_namelen() * Correct documentation of fdt_path_offset() * Correct documentation of fdt_appendprop_addrrange() * Validate aliases is fdt_get_alias_namelen() * Don't overwrite phandles when applying overlays * Require Python 3 * pylibfdt * Support boolean properties * Fixes for current Python versions * General * Assorted bugfixes * Assorted build improvements * Assorted typo fixes in docs * Some additional testcases * Move to GitHub Actions based CI ==== evolution ==== Version update (3.54.0 -> 3.54.1) Subpackages: evolution-plugin-spamassassin - Update to version 3.54.1: + Bug Fixes: Missing sender's S/MIME certificate import button + Miscellaneous: - libgnomecanvas: Add few checks for argument validity - WebKitGTK 2.46.1: Middle mouse button inserts primary clipboard twice + Updated translations. ==== evolution-data-server ==== Version update (3.54.0 -> 3.54.1) Subpackages: libcamel-1_2-64 libebackend-1_2-11 libebook-1_2-21 libebook-contacts-1_2-4 libecal-2_0-3 libedata-book-1_2-27 libedata-cal-2_0-2 libedataserver-1_2-27 libedataserverui-1_2-4 - Update to version 3.54.1: + Bug Fixes: - Pass GError instead of CamelException to camel_movemail_solaris - Fix argument types in ENABLE_BROKEN_SPOOL code - Use GIConv instead of iconv_t with iconv wrappers - ESoupSession: Sometimes accesses server without OAuth2 token + Updated translations. ==== evolution-ews ==== Version update (3.54.0 -> 3.54.1) - Update to version 3.54.1: + Bug Fixes: - m365: Mails do not have set size in summary - m365: Fails to save a message in the Drafts folder - m365: Cannot delete instance of a recurring event + Miscellaneous: - m365: Camel: Correct message ID calculation for folder summary - m365: Read 'bodyPreview' for mail messages - m365: Handle SyncStateNotFound error + Updated translations. ==== freerdp ==== Version update (3.8.0 -> 3.9.0) Subpackages: libfreerdp3-3 librdtk0-0 libwinpr3-3 - Update to 3.9.0 So, what is new: * Support for RDPEAR (remote credential guard) /remoteGuard option for non windows clients * Global configuration file support, allowing to configure certificate accept/ignore/... default settings for all users * Simplified manpage generation, eliminates docbook and xmlto dependencies speeding up builds * New API for client channels to run tasks on RDP thread * New extended transport layer API * RDPECAM MJPEG support * the first updates of timezone definitions from our automated ci Noteworthy changes: * Fix bugs in SSE4.1/AVX2 image copy (#10720) * Add warnings for invalid monitor settings during connect (#10672) * Fix ALSA microphone support (#10664) * Fix modal windows in RAILS mode (#10629) * Update experimental SDL3 client (SDL3 API should now have been stabilized, various pull requests) * Fix keyboard layouts, the external JSON did miss a few (#10639) ==== gcc13 ==== Subpackages: cpp13 libgccjit0-gcc13 - Remove epiphany build, newlib no longer builds for it. - Add gcc13-pr116657.patch to fix for parsing tzdata 2024b [gcc#116657] ==== ghostscript ==== Version update (10.03.1 -> 10.04.0) Subpackages: ghostscript-x11 - update to 10.04.0 (bsc#1232173): * Amongst other general bugs fixes, this release addresses: + CVE-2024-46951 + CVE-2024-46952 + CVE-2024-46953 + CVE-2024-46954 + CVE-2024-46955 + CVE-2024-46956 ==== gimp ==== Subpackages: gimp-plugin-aa libgimp-2_0-0 libgimpui-2_0-0 - Add gtk-update-icon-cache BuildRequires: Ensure /usr/bin/gtk-update-icon-cache is present during build, as configure checks for it. ==== gjs ==== Version update (1.82.0 -> 1.82.1) Subpackages: libgjs0 typelib-1_0-GjsPrivate-1_0 - Update to version 1.82.1: + Fixed gnome-shell crash when switching user after upgrade from Fedora 40 to Fedora 41 ==== gnome-control-center ==== Version update (47.0.1+8 -> 47.1.1) Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-user-faces gnome-control-center-users - Update to version 47.1.1: + Fix crash on display scales > 1 due to conflicting type registration. - Update to version 47.1: + About: Allow FQDN hostnames + Appearance: Fix thumbnailing of backgrounds causing OOM kills + Date and Time: Fix resize issue in the time format row when shown in small window sizes + Online Accounts: Fix untranslated account provider info string + Region and Language: Update language row after closing language selector + Remote Desktop: Hide "Remote Desktop" row when gnome-remote-desktop is not available + Wacom: - Don't crash when handling an unknown stylus ID - Don't show Map Buttons for fallback devices - Handle all external remotes like an external TV remote-like device - Make assets recolaborable, supporting dark-style, high-contrast, and accent colors - Support HDPI for tablet/stylus illustration images + Updated translations. ==== gnome-online-accounts ==== Version update (3.52.0 -> 3.52.1) Subpackages: libgoa-1_0-0 libgoa-backend-1_0-2 - Update to version 3.52.1: + Bugs fixed: - goakerberosprovider: don't assume all errors are auth errors - goaoauthprovider: fix expected NULL GError + Updated translations. ==== gnome-remote-desktop ==== Version update (46.5 -> 47.1) - Update to version 47.1: + General code improvements + Updated translations. - Update to version 47.0: + Updated translations. - Update to version 47.rc: + Reduce resource usage of unauthenticated sessions + Updated translations. - Changes from version 47.beta: + Gracefully handle file descriptor limits + Introduce standalone configuration D-Bus service + Improve grdctl status reporting + Gracefully handle invalid x224Crq data + Fix file descriptor leak + Updated translations. - Changes from version 47.alpha: + Support persistent remote login sessions + Support entering new credentials via standard input when using grdctl + Use access portal dialogs for warning about connection insecurity + Avoid crash when getting invalid PipeWire buffers + Updated translations. ==== gnome-shell ==== Version update (47.0 -> 47.1) Subpackages: gnome-extensions gnome-shell-calendar - Update to version 47.1: + Improve quick settings accessibility + Use accent color in tablet configuration UI + Improve accuracy of inset box shadows + Fix `PopupSwitchMenuItem::toggled` passing wrong state + Consider text direction when handling arrow keys in sliders + Fix layout issues with new dialog style + Fix uneven padding in notification headers + Fixed crash + Misc. cleanups and bug + Updated translations. ==== gnome-shell-extensions ==== Version update (47.0 -> 47.1) Subpackages: gnome-shell-classic gnome-shell-extensions-common - Update to version 47.1: + classic: Add missing top-bar indicators + window-list: - Fix window state styling - Fix "ignore-workspace" setting getting reset + Misc. bug fixes and cleanups ==== gnome-sudoku ==== Version update (47.0 -> 47.1.1) - Update to version 47.1.1: + Fix metainfo screenshots - Update to version 47.1: + Fix tooltip font color in light mode + Fix a case when the highlighter doesn't get cleared with undo + Fix view not grabbing the focus on start blocking keyboard shortcuts + Fix reset zoom shortcut not working + Fix pause button having no tooltip + Fix meson build requirements + Updated translations. ==== gnome-terminal ==== Version update (3.54.0 -> 3.54.1) Subpackages: gnome-shell-search-provider-gnome-terminal nautilus-extension-terminal - Update to version 3.54.1: + prefs: Follow the theme variant setting + Updated translations. ==== gnome-text-editor ==== Version update (47.0 -> 47.1) - Update to version 47.1: + Fix document to default to implicit trailing newlines + Improve text wrapping for banners on small form factors ==== grub2 ==== Subpackages: grub2-arm64-efi grub2-common grub2-snapper-plugin grub2-systemd-sleep-plugin - Fix error: /boot/grub2/x86_64-efi/bli.mod not found (bsc#1231591) - Keep grub packaging and dependencies in the SLE-12 and SLE-15 builds - Power guest secure boot with key management (jsc#PED-3520) (jsc#PED-9892) * 0001-ieee1275-Platform-Keystore-PKS-Support.patch * 0002-ieee1275-Read-the-DB-and-DBX-secure-boot-variables.patch * 0003-appendedsig-The-creation-of-trusted-and-distrusted-l.patch * 0004-appendedsig-While-verifying-the-kernel-use-trusted-a.patch * 0005-appendedsig-The-grub-command-s-trusted-and-distruste.patch * 0006-appendedsig-documentation.patch * 0007-mkimage-create-new-ELF-Note-for-SBAT.patch * 0008-mkimage-adding-sbat-data-into-sbat-ELF-Note-on-power.patch * grub2.spec : Building signed grub.elf with SBAT metadata - Support for NVMe multipath splitter (jsc#PED-10538) * 0001-ieee1275-support-added-for-multiple-nvme-bootpaths.patch - Deleted path (jsc#PED-10538) * 0001-grub2-Can-t-setup-a-default-boot-device-correctly-on.patch * 0001-grub2-Set-multiple-device-path-for-a-nvmf-boot-devic.patch - Fix not a directory error from the minix filesystem, as leftover data on disk may contain its magic header so it gets misdetected (bsc#1231604) * grub2-install-fix-not-a-directory-error.patch ==== gtk2 ==== Subpackages: gtk2-data gtk2-tools libgtk-2_0-0 - Eliminate usage of update-alternatives: + Drop gtk-update-icon-cache and relevant man page. We rely solely on GTK3 to perform this caching task. ==== gtk3 ==== Subpackages: gtk3-data gtk3-immodule-amharic gtk3-immodule-inuktitut gtk3-immodule-thai gtk3-immodule-tigrigna gtk3-immodule-vietnamese gtk3-schema gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0 - Eliminate usage of update-alternatives: GTK2 no longer provides gtk-update-icon-cache, thus eliminating the need for this extra complexity. ==== gvfs ==== Version update (1.56.0 -> 1.56.1) Subpackages: gvfs-backend-afc gvfs-backend-goa gvfs-backend-samba gvfs-backends gvfs-fuse - Update to version 1.56.1: + udisks2: Increasing reference count when updating volume to fix crashes + onedrive: - Use names instead of id for events to fix monitoring - Add missing replace stream to fix crashes - onedrive: Fix double free during cache rebuild to fix crashes + dav: Recognize the 409 status to fix creation of parent directories + Updated translations. ==== hwinfo ==== Version update (23.2 -> 23.3) Subpackages: libhd23 - merge gh#openSUSE/hwinfo#148 - avoid reporting of spurious usb storage devices (bsc#1223330) - 23.3 ==== kernel-firmware ==== Version update (20241001 -> 20241018) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20241018 (git commit 2f0464118f40): * check_whence.py: skip some validation if git ls-files fails * qcom: Add Audio firmware for X1E80100 CRD/QCPs * amdgpu: DMCUB updates forvarious AMDGPU ASICs * brcm: replace NVRAM for Jetson TX1 * rtlwifi: Update firmware for RTL8192FU to v7.3 * make: separate installation and de-duplication targets * check_whence.py: check the permissions * Remove execute bit from firmware files * configure: remove unused file * rtl_nic: add firmware rtl8125d-1 - Update to version 20241014 (git commit 99f9c7ed1f4a): * iwlwifi: add gl/Bz FW for core91-69 release * iwlwifi: update ty/So/Ma firmwares for core91-69 release * iwlwifi: update cc/Qu/QuZ firmwares for core91-69 release * cirrus: cs35l56: Add firmware for Cirrus CS35L56 for a Lenovo Laptop * cirrus: cs35l56: Add firmware for Cirrus CS35L56 for some ASUS laptops * cirrus: cs35l56: Add firmware for Cirrus Amps for some HP laptops * linux-firmware: update firmware for en8811h 2.5G ethernet phy * QCA: Add Bluetooth firmwares for WCN785x with UART transport - Update to version 20241011 (git commit 808cba847c70): * mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher * ath12k: WCN7850 hw2.0: update board-2.bin (bsc#1230596) * ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1 * ath12k: QCN9274 hw2.0: add board-2.bin * copy-firmware.sh: rename variables in symlink hanlding * copy-firmware.sh: remove no longer reachable test -L * copy-firmware.sh: remove no longer reachable test -f * copy-firmware.sh: call ./check_whence.py before parsing the file * copy-firmware.sh: warn if the destination folder is not empty * copy-firmware.sh: add err() helper * copy-firmware.sh: fix indentation * copy-firmware.sh: reset and consistently handle destdir * Revert "copy-firmware: Support additional compressor options" * copy-firmware.sh: flesh out and fix dedup-firmware.sh * Style update yaml files * editorconfig: add initial config file * check_whence.py: annotate replacement strings as raw * check_whence.py: LC_ALL=C sort -u the filelist * check_whence.py: ban link-to-a-link * check_whence.py: use consistent naming * Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin * tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31 - Skip invocation of check_whence.py at copying: copy-file-skip-check.patch - Refresh copy-file-ignore-README.patch - Drop obsoleted --ignore-duplicates option to copy-firmware.sh - Drop the ath12k workaround again - Update to version 20241010 (git commit d4e688aa74a0): * rtlwifi: Add firmware v39.0 for RTL8192DU * Revert "ath12k: WCN7850 hw2.0: update board-2.bin" (replaced with a newer firmware in this package instead) - update aliases - Update to version 20241004 (git commit bbb77872a8a7): * amdgpu: DMCUB DCN35 update * brcm: Add BCM4354 NVRAM for Jetson TX1 * brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram ==== libheif ==== Subpackages: gdk-pixbuf-loader-libheif libheif-aom libheif-dav1d libheif-ffmpeg libheif-jpeg libheif-openjpeg libheif-rav1e libheif-svtenc libheif1 - build *-test subpackage with multibuild for running the test suite - added sources + _multibuild ==== libjcat ==== Version update (0.2.1 -> 0.2.2) - Update to version 0.2.2: + New Features: - Add bt-logindex blob kind. + Bugfixes: - Increase test coverage for ED25519 support. - Save the auto-generated private key with 0600 file permissions. - Switch ED25519 support to not directly using Nettle. ==== libnbd ==== Version update (1.20.2 -> 1.20.3) Subpackages: libnbd0 - Update to version 1.20.3: * Version 1.20.3. * interop: Skip nbd-server test on Alpine * ci: Update CI files * rust: Parse perlpod L<https://...> (external links) to rust markup * podwrapper: Add some simple checks for cross-references within manual pages. * docs/libnbd-release-notes-1.10.pod: Remove broken link to "nbd_connect(3)" * docs/nbd_create.pod: Cross-reference nbd_shutdown(3) * docs: Use "oldstyle servers" in preference to "older servers" * docs: Mention newstyle and oldstyle servers in main docs * README: Fix bold markdown * README: Mention 'make install DESTDIR=...' * README: Mention the ./run script * build: Prefer "for developers" in ./configure --help output * build: Fix ./configure --help output for --enable-python-code-style * .gitignore: Remove unused line * ci: Drop Alma Linux 8 * lib/crypto.c: Check <gnutls/socket.h> works before including it * docs/libnbd-security.pod: Assign CVE-2024-7383 * jsc#PED-8910 ==== libpipeline ==== Version update (1.5.7 -> 1.5.8) - Update to 1.5.8 (27 August 2024): * Upgrade to Gnulib `stable-202407`. Building libpipeline now requires Automake >= 1.14. * Use C23-style `nullptr`. ==== libspelling ==== Version update (0.4.3 -> 0.4.4) - Update to version 0.4.4: + Adds a few dozen translations for menu items. - Add lang subpackage and macros. Also provide libspelling from the shared lib, allow install of lang subpackage. ==== libunistring ==== Version update (1.2 -> 1.3) - update to 1.3: * Support Unicode version 16.0.0 ==== libvirt ==== Subpackages: libvirt-client libvirt-daemon-common libvirt-daemon-config-network libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lock libvirt-daemon-log libvirt-daemon-plugin-lockd libvirt-daemon-qemu libvirt-libs - spec: Use default_firewall_backend prjconf setting - spec: Loosen nwfilter dependency boo#1231798 ==== man ==== Version update (2.12.1 -> 2.13.0) - Update to man-db 2.13.0 (29 August 2024) * Drop support for versions of groff before 1.21 (released on 2010-12-31). * Fix `man-suffixed-extension` test failure when not using the GNU hierarchy organization. * Fix `-Wmissing-variable-declarations` warnings with GCC 14. * Fix `-Wflex-array-member-not-at-end` warning with GCC 14. * Upgrade to Gnulib `stable-202407`. * Support running the test suite against an installed package; this is useful for systems such as Debian's autopkgtest framework. - Remove patch man-db-2.6.3-chinese.dif as not supported anymore due to newer groff versions - Port patches * man-db-2.6.3-listall.dif * man-db-2.7.1-zio.dif * man-db-2.9.4.patch * man-propose-online.patch ==== meson ==== Version update (1.5.2 -> 1.6.0) Subpackages: meson-vim - Update ro version 1.6.0: + Support for OpenXL compiler in AIX. + Default to printing deprecations when no minimum version is specified. + Cargo subprojects is experimental. + Dependencies from CMake subprojects now use only PUBLIC link flags. + New built-in option for default both_libraries. + New as_static and as_shared methods on internal dependencies. + Support for DIA SDK. + Support for LLVM-based flang compiler. + nvc and nvc++ now support setting std. + Tools can be selected when calling has_tools() on the Qt modules. + Simple tool to test build reproducibility. + Support for variable in system dependencies. + test() and benchmark() functions accept new types. + Zig 0.11 can be used as a C/C++ compiler frontend. ==== mutter ==== Version update (47.0+19 -> 47.1) - Update to version 47.1: + gwakeup: Reduce wake-ups to only first item in queue + x11: Reduce chances XPending does recvmsg() syscall + Fix grabbing tablet devices + Fix misplaced windows and random resizes on scaled monitors + Fix explicit sync with virtual monitors w/o pipewire streams + Improve detecting preferred primary devices + Fixed crashes + Misc. bug fixes and cleanups + Updated translations. - Update to version 47.0+24: * stage-impl: Ensure that a sync object is created in headless mode * backends/x11: Avoid potential crash in pad_switch_mode * display: Do not crash attempting to display OSD for unknown Wacom device * wayland/drm-lease: Do not add connector twice on lease disappeared * wayland/drm-lease: Hold device fd when listing leases ==== nautilus ==== Version update (47.0+8 -> 47.0+14) Subpackages: gnome-shell-search-provider-nautilus libnautilus-extension4 - Update to version 47.0+14: * nautilus-tag-manager: Drop tinysparql 2to3 migration * Updated translations. ==== nbdkit ==== Version update (1.40.3 -> 1.40.4) Subpackages: nbdkit-basic-filters nbdkit-basic-plugins nbdkit-curl-plugin nbdkit-nbd-plugin nbdkit-python-plugin nbdkit-server nbdkit-ssh-plugin - Exclude tests when building for ix86 - Update to version 1.40.4: * Version 1.40.4. * ci: Update CI files * docs/nbdkit-service.pod: Add KeepAlive and User/Group settings * tests/test-ondemand.sh: Refine qemu exportname skips * tests/test-ondemand.sh: Work around bug in qemu 9.1 exportname handling * ondemand: Serialize the .open method * ondemand: Delete the disk if creation fails * ondemand, tmpdisk: Don't allow parameters containing '-' * ondemand: Be less strict about filenames * tests: bzip2, curl, ext2, file, gzip, memory, offset, xz: Don't leak 'data' returned by guestfs_cat * Fix documented default value for xz-max-depth * bzip2: Fix version where this filter first appeared * filters/qcow2dec/qcow2dec.c: Fix format specifier in error message * tests: old-plugins: Fix srcdir != builddir * tests: Rearrange some filter tests in alphabetical order * server: Clear conn->magic when freeing a connection * jsc#PED-8910 ==== ncurses ==== Version update (6.5.20240928 -> 6.5.20241019) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20241019 + fixes for compiler warnings/cppcheck. + build-fixes for DJGPP configuration (patches by Stas Sergeev) - Add ncurses patch 20241006 + fixes for compiler warnings/cppcheck. + use xterm+alt+title in wezterm -TD ==== nvidia-open-driver-G06-signed-cuda ==== Version update (555.42.06_k6.11.3_1 -> 555.42.06_k6.11.3_2) - cuda-flavor * provide nvidia-open-driver-G06-kmp = %version to workaround broken cuda-drivers - nv-prefer-signed-open-driver * added comments for requirements - latest change hardcoded to 555.42.06; we no longer need this for 560 - nv-prefer-signed-open-driver: * added specicic versions of cuda-drivers/cuda-drivers-xxx as preconditions for requiring specific version of nvidia-compute-G06 - nv-prefer-signed-open-driver: * no longer require a specific version of nvidia-open-driver-G06-signed-cuda-kmp, so it can select the correct open driver KMP matching the cuda-runtime version - cuda-flavor: * added nvidia-compute-G06 = %version to preconditions for requiring kernel-firmware-nvidia-gspx-G06, since nvidia-compute-utils-G06 does not have a version-specific requires on nvidia-compute-G06 - cuda-flavor: * require kernel-firmware-nvidia-gspx-G06 instead of kernel-firmware-nvidia-gspx-G06-cuda (which provides also kernel-firmware-nvidia-gspx-G06) * trigger removal of driver modules also on kernel-firmware-nvidia-gspx-G06 - no longer hard-require kernel firmware package, but install it automatically once nvidia-compute-utils-G06 gets installed - trigger removal of driver modules with non-existing or wrong firmware when (new) firmware gets installed ==== open-vm-tools ==== Version update (12.4.5 -> 12.5.0) Subpackages: libvmtools0 open-vm-tools-desktop - convert to obs_scm - update to 12.5.0 (boo#1231826): There are no new features in the open-vm-tools 12.5.0 release. This is primarily a maintenance release that addresses a few critical problems, including: * A Github pull request has been integrated. Please see the Resolved Issues section of the Release Notes. * For a more complete list of issues resolved in this release, see the Resolved Issues section of the Release Notes. For complete details, see: https://github.com/vmware/open-vm-tools/releases/tag/stable-12.5.0 Release Notes are available at: https://github.com/vmware/open-vm-tools/blob/stable-12.5.0/ReleaseNotes.md The granular changes that have gone into the 12.5.0 release are in the ChangeLog at: https://github.com/vmware/open-vm-tools/blob/stable-12.5.0/open-vm-tools/Ch… ==== openSUSE-release ==== Version update (20241018 -> 20241023) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== openssl-3 ==== Subpackages: libopenssl3 - Security fix: [bsc#1231741, CVE-2024-9143] * Low-level invalid GF(2^m) parameters lead to OOB memory access * Add openssl-CVE-2024-9143.patch - Security fix: [bsc#1220262, CVE-2023-50782] * Implicit rejection in PKCS#1 v1.5 * Add openssl-CVE-2023-50782.patch ==== ovmf ==== Version update (202405 -> 202408) Subpackages: qemu-uefi-aarch64 - Removed the following patch files because they are merged to edk2-stable202408: - ovmf-EmbeddedPkg-Library-Support-SOURCE_DATE_EPOCH-in-Vir.patch - ovmf-NetworkPkg-TcpDxe-Fixed-system-stuck-on-PXE-boot-flo.patch - Update to edk2-stable202408 - Features (https://github.com/tianocore/edk2/releases) CryptoPkg:Add more crypto APIs (AESGCM/PEM/X509/RSA/PKCS5/PKCS7/Authenticode) based on Mbedtls CryptoPkg: Enable Openssl native instruction support for AARCH64 CryptoPkg: Add support for aes128-sha256 and aes256-sha256 cipher UefiCpuPkg: S3 cleanup MdePkg/BaseLib: Add CRC16 CCITT False Implementation DynamicTablesPkg: ACPI TPM2 generator DynamicTablesPkg: Prepare for supporting other archs BaseTools: Add VS2022 support OvmfPkg: Add LoongArchVirt instance to OvmfPkg and enable it - Patches (git log --oneline --date-order edk2-stable202405..edk2-stable202408): b158dad150 EmulatorPkg: VS2022 Support on WinHost. b0f43dd3fd DynamicTablesPkg: Add parser for Tpm2 CM object d24df10cee DynamicTablesPkg: Add HexDump for CM Object parser 75a9afa540 DynamicTablesPkg: ACPI TPM2 generator 2bff58935f MdePkg: Tpm2Acpi.h: Max size for Parameters field ab6ad2fbdb NetworkPkg/DxeHttpLib: Support HTTP CONNECT message in Tx path. 9761137743 RedfishPkg: Allow deletion of the bootstrap account a29a9cce5f MdePkg/BaseLib: Add CRC16 CCITT False Implementation. 472be4d139 MdeModulePkg ConPlatform: Support IAD-style USB input devices. 1b37b3659b .github/request-reviews.yml: Use GitHub App authentication 51ada84cd5 .github/request-reviews.yml: Move workflow Py code to file 59ad8aeda6 .github/request-reviews.yml: Formatting (non-functional) 32a099c358 .github/request-reviews.yml: Improve doc and dbg messages f617b6ee0e .github/request-reviews.yml: Only post non-collab message once 09ad1a0072 .github/request-reviews.yml: Add non-collab admin notification e86647decd .github/request-reviews.yml: Update PR reviewer exclusion eaf2b82eda .github/request-reviews.yml: Removed unused functionality d3e9e10770 .github/request-reviews.yml: Switch to PyGithub 98f17cdcf4 .github/request-reviews.yml: Switch to GitPython 057c26710a .github/request-reviews.yml: Cache PIP modules 38c4cd4e88 .github/request-reviews.yml: Use sparse checkout 5d43165ff8 UefiCpuPkg: rename and simplify IsAddressValid function cff0641360 UefiCpuPkg: remove unneeded code in SmmProfilePFHandler 8b8ac5d986 UefiCpuPkg: rename the SmiDefaultPFHandler function cae90a8390 UefiCpuPkg: Remove duplicate code in SmiPfHandler b5c9bbff8e UefiCpuPkg:CpuDeadLoop in SmiPFHandler if SMM profile is disabled b3631ca944 UefiCpuPkg: remove unnecessary manipulation for smm page table 9f29fbd33b UefiCpuPkg: always create full mapping SMM page table 47bb9f9a97 UefiCpuPkg: Revert "UefiCpuPkg/PiSmmCpuDxeSmm: Fix system..." 68b4c4b481 BaseTools/Capsule: Support Different Hash Algorithm for Payload Digest 5ff99e0dab MdePkg /IoRemappingTable: Define additional IORT SMMUv3 node flags. 159f1aee56 BaseTools/WinRcPath: Improve Performance. f203a6db92 OvmfPkg: Pass correct virtio-scsi request size 24a375fcdd UefiCpuPkg/PiSmmCpuDxeSmm: Avoid use global variable in InitSmmS3Cr3 8f3e132512 UefiCpuPkg/PiSmmCpuDxeSmm: Clean redundant SmmS3Cr3 Init 66b4a2f91d UefiCpuPkg/PiSmmCpuDxeSmm: clean unused PCD for S3 4f5de749cb DynamicTablesPkg/DynamicTableManagerDxe: Adds X64 GetAcpiTablePresenceInfo bc0fc75637 DynamicTablesPkg/AcpiFadtLib: Adds FADT X64 generator 967cbd87b7 DynamicTablesPkg: Adds X64 namespace object 87d3a6272c UefiCpuPkg/PiSmmCpuDxeSmm: Iterate page table to find proper entry 24f8b97a9d UefiCpuPkg/PiSmmCpuDxeSmm: Remove assert check for PDE entry not exist f73b97fe7f UefiCpuPkg/PiSmmCpuDxeSmm: Check PDE entry exist or not before use 9d8a5fbd0c UefiCpuPkg/PiSmmCpuDxeSmm: Enable single step after SmmProfile start bbee1cc852 DynamicTablesPkg: Fix some spelling mistakes found by cspell c26490ea29 EmbeddedPkg: Fix some spelling mistakes found by cspell 669c5aa240 UefiPayloadPkg: Fix some spelling mistakes found by cspell 1f6dbab8d9 RedfishPkg: Fix some spelling mistakes found by cspell ecb0d1e2cb MdePkg: Fix some spelling mistakes found by cspell 394cbc4ab2 ArmVirtPkg: Fix some spelling mistakes found by cspell 7b1646d454 ArmPlatformPkg: Fix some spelling mistakes found by cspell cf60ca4366 .pytool: Sort the list of words in cspell.base.yaml bd23183ac9 .pytool: Add "MPIDR" to the list of known words in cspell.base.yaml b0e7a75a49 ShellPkg/AcpiView: Add MPAM Parser 3c8133ba87 ShellPkg: acpiview: Add routines to print reserved fields 8a036c8913 ShellPkg: acpiview: Add routine to print 16 chars 9e865f9579 ShellPkg/AcpiView: Update print-formatter prototype 107d0c3800 ShellPkg/AcpiView: Update field-validator prototype 29619603d2 MdePkg/IndustryStandard: Add definitions for MPAM ACPI specification 5c9b889b81 IntelFsp2WrapperPkg/FspmWrapperPeim: Fix FspT/M address for measurement 2d5390053f ArmVirtPkg: Switch all PrePeiCore users to new Sec.inf e85e29309e ArmPlatformPkg: Clone PrePeiUniCore into Sec 91117d70d8 ArmPlatformPkg: Clone PrePiUniCore into PeilessSec bbe26ca2cc ArmPlatformPkg/PrePi: Make some functions STATIC 12dc8d420b ArmPkg/ArmArchTimerLib: Drop pointless constructor e76b248d8f ArmPlatformPkg/PrePi: Drop call to TimerConstructor() 8c10017aa7 ArmVirtPkg/PrePi: Drop call to TimerConstructor() 1941a901f0 ArmPlatformPkg/PrePi: Drop secondary stack handling 9c1bc36ad1 ArmPlatformPkg/PrePeiCore: Drop secondary stack handling 96c8e75681 ArmPlatformPkg/PrePeiCore: Drop MPCore variant cee49c82d5 ArmPlatformPkg/PrePi: Drop MPCore variant 4fc1c513f8 ArmPlatformPkg: Drop bogus reference to MPCore related PCD caac25e22e ArmVirtPkg: Drop bogus reference to MPCore related PCD a679ceca97 CryptoPkg: Enable Openssl Accel builds for AARCH64 368f9b62a2 CryptoPkg/OpensslLib: Add AArch64Cap for arch specific hooks 9403422f21 CryptoPkg/OpensslLib: Generate files for AARCH64 native support 952ecf53f9 CryptoPkg/OpensslLib: Add native instruction support for AARCH64 1715d67231 MdePkg/BaseRngLib: Prefer ArmReadIdAA64Isar0Reg() over ArmReadIdIsar0() 30e53f8b5e MdePkg/BaseLib: AARCH64: Add ArmReadIdAA64Isar0Reg() a72d93e163 MdePkg/BaseLib: AARCH64: Add ArmReadCntPctReg() 71b9bda1ac BaseTools/Scripts/BinToPcd.py: Update regex strings to use raw strings. 85fad9912c MdePkg: Add PCI Express 6.0 Header Support 7e5a5ae154 MdePkg/Acpi65.h: Fix GUID value eed43245df CodeQlQueries.qls: Pin to the 1.1.0 codeq/cpp-queries pack ... changelog too long, skipping 406 lines ... downstream patch for corss compiling x86_64 2MB image on aarch64. ==== patterns-base ==== Subpackages: patterns-base-apparmor patterns-base-base patterns-base-basesystem patterns-base-basic_desktop patterns-base-console patterns-base-enhanced_base patterns-base-minimal_base patterns-base-selinux patterns-base-sw_management patterns-base-transactional_base patterns-base-x11 patterns-base-x11_enhanced - In case of doubt, also favor libz1-32bit over libz-ng1-compat for the time being. ==== perl-XML-Parser ==== - Get package to show provides perl(XML::Parser::Expat) and other submodules ==== pipewire ==== Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Add patch from upstream to fix a crash with broadcasting sinks: * 0001-bluez5-fix-crash-with-broadcast-sinks.patch - Add patch from upstream to actually clear the mix io areas when being asked to clear it. Otherwise crashes might happen: * 0002-jack-actually-clear-the-mix-io.patch ==== postgresql17 ==== Subpackages: libpq5 postgresql17-contrib postgresql17-llvmjit postgresql17-server - Use cmake(LLVM) < instead of <= to also allow building against LLVM 18.1 and newer 18.x versions ==== python-anyio ==== Version update (4.6.0 -> 4.6.2.post1) - update to 4.6.2: * Fixed regression caused by (\#807) that prevented the use of parametrized async fixtures - update to 4.6.1: * Fixed TaskGroup and CancelScope producing cyclic references in tracebacks when raising exceptions (\#806) (PR by @graingert) ==== python-certifi ==== Version update (2024.7.4 -> 2024.8.30) - update to 2024.8.30: added certs: * TWCA CYBER Root CA O=TAIWAN-CA OU=Root CA * SecureSign Root CA12 O=Cybertrust Japan Co., Ltd. * SecureSign Root CA14 O=Cybertrust Japan Co., Ltd. * SecureSign Root CA15 O=Cybertrust Japan Co., Ltd. ==== python-charset-normalizer ==== Version update (3.3.2 -> 3.4.0) - update to 3.4.0: * Argument `--no-preemptive` in the CLI to prevent the detector to search for hints. * Support for Python 3.13 * Relax the TypeError exception thrown when trying to compare a CharsetMatch with anything else than a CharsetMatch. * Improved the general reliability of the detector based on user feedbacks. (#520) (#509) (#498) (#407) * Declared charset in content (preemptive detection) not changed when converting to utf-8 bytes. ==== python-cryptography ==== Version update (43.0.1 -> 43.0.3) - update to 43.0.3: * Fixed release metadata for cryptography-vectors * Fixed compilation when using LibreSSL 4.0.0. ==== python-numpy ==== Version update (2.1.1 -> 2.1.2) - update to 2.1.2 * #27333: MAINT: prepare 2.1.x for further development * #27400: BUG: apply critical sections around populating the dispatch cache * #27406: BUG: Stub out get_build_msvc_version if distutils.msvccompiler... * #27416: BUILD: fix missing include for std::ptrdiff_t for C++23 language... * #27433: BLD: pin setuptools to avoid breaking numpy.distutils * #27437: BUG: Allow unsigned shift argument for np.roll * #27439: BUG: Disable SVE VQSort * #27471: BUG: rfftn axis bug * #27479: BUG: Fix extra decref of PyArray_UInt8DType. * #27480: CI: use PyPI not scientific-python-nightly-wheels for CI doc... * #27481: MAINT: Check for SVE support on demand * #27484: BUG: initialize the promotion state to be weak * #27501: MAINT: Bump pypa/cibuildwheel from 2.20.0 to 2.21.2 * #27506: BUG: avoid segfault on bad arguments in ndarray.__array_function__ ==== qt6-base ==== Subpackages: libQt6Concurrent6 libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6OpenGLWidgets6 libQt6PrintSupport6 libQt6Sql6 libQt6Test6 libQt6Widgets6 libQt6Xml6 qt6-network-tls qt6-networkinformation-glib qt6-networkinformation-nm qt6-platformtheme-gtk3 qt6-printsupport-cups qt6-sql-mysql qt6-sql-sqlite - Add patch to fix qxmpp test failures (gh#qxmpp-project/qxmpp#659): * 0001-QUuid-restore-sorting-order-of-Qt-6.8.patch - Add patch to fix potential crash with QDirIterator (QTBUG-130142): * 0001-QDirIterator-don-t-crash-with-next-after-hasNext-ret.patch ==== rng-tools ==== - add patch rng-tools-missing-includes.patch add missing include statements to fix compilation with recent gcc ==== samba ==== Version update (4.21.0+git.363.84c94ca948f -> 4.21.1+git.367.e1da597d86e) Subpackages: libldb2 python3-ldb samba-ad-dc-libs samba-client samba-client-libs samba-gpupdate samba-ldb-ldap samba-libs samba-libs-python3 samba-python3 samba-winbind samba-winbind-libs - Adjust spec to split out rpcd_* binaries into a separate sub package; (bsc#1231414). - Update to 4.21.1 * DH reconnect error handling can lead to stale sharemode entries; (bso#15624). * "inherit permissions = yes" triggers assert() in vfs_default when creating a stream; (bso#15695). * Samba 4.21.0 broke FreeIPA domain member integration; (bso#15715). * Missing conversion for msDS-UserTGTLifetime, msDS- ComputerTGTLifetime and msDS-ServiceTGTLifetime on "samba- tool domain auth policy modify"; (bso#15692). * irpc_destructor may crash during shutdown; (bso#15280). * Durable handle is not granted when a previous OPEN exists with NoOplock; (bso#15649). * Durable handle is granted but reconnect fails; (bso#15651). * Disconnected durable handles with RH lease should not be purged by a new non conflicting open; (bso#15708). * net ads testjoin and other commands use the wrong secrets.tdb in a cluster; (bso#15714). * 4.21 using --with-system-mitkrb5 requires MIT krb5 1.16 as rfc 8009 etypes are used; (bso#15726). * VFS_OPEN_HOW_WITH_BACKUP_INTENT breaks shadow_copy2; (bso#15730). * Samba 4.20.0 DLZ module crashes BIND on startup; (bso#15643). * Cannot build libldb lmdb backend on a build without AD DC; (bso#15721). * Consistent log level for sighup handler; (bso#15706). ==== selinux-policy ==== Version update (20240930 -> 20241021) Subpackages: selinux-policy-targeted - Update to version 20241021: * rsync: add rsync_exec_commands boolean and enable it by default (bsc#1231494) * Allow snapperd to execute systemctl (bsc#1231489) - Update to version 20241018: * Allow slpd to create TCPDIAG netlink socket (bsc#1231491) * Allow slpd to use sys_chroot (bsc#1231491) * Allow openvswitch-ipsec use strongswan (bsc#1231493) ==== subversion ==== Version update (1.14.3 -> 1.14.4) Subpackages: libsvn_auth_gnome_keyring-1-0 libsvn_auth_kwallet-1-0 subversion-bash-completion subversion-perl - Update to 1.14.4: * Fix unbounded memory usage in propget and proplist --xml * Fix cmdline parsing bugs in --change (-c) argument * Improve help message for svnmucc PUT * mailer.py: Fix inconsistency in Config.which_group() arguments * Convert path to local style in error message from diff API * Fix `invalid escape sequence` in .py scripts for Python 3.12 * swig-py: Fix `none_dealloc` error caused by refcount issue * Fix a msgid in svnadmin.c which was not a valid C string - drop patches included upstream: * subversion-1.14.3-gcc14-2.patch * subversion-1.14.3-gcc14.patch ==== supermin ==== - Detect the correct kernel on aarch64 (jsc#PED-10545) detect-aarch64-kernel.patch ==== texlive ==== - Use zlib-ng-compat-devel - Let texlive-pdfjam-bin depend on /usr/bin/pdflatex (boo#1231783) ==== tigervnc ==== Subpackages: libXvnc1 xorg-x11-Xvnc xorg-x11-Xvnc-module - Do not ship rcFOO symlinks for CODE 16 (PED-266). - No longer use update alternatives on CODE 16: there are no alternatives for vncviewer present. ==== totem ==== Version update (43.0 -> 43.1) Subpackages: totem-plugins totem-video-thumbnailer - Update to version 43.1: + Fix scroll-by-page GTK setting breaking slider + Fix a number of MPRIS playback controls not working correctly + Fix a number of opensubtitles dialogue problems + Fix hyphens appearing in filenames + Force using newer GStreamer va-api plugins, fixing scrambled videos in some cases + Fix error showing the keyboard shortcuts + Fix assertion when backends send out audio or image files even though we asked them to be filtered out + Updated translations. - Drop patch fixed upstream: + ac2d02530d3b555e44907162be05536a5927b2a0.patch ==== tree-sitter ==== Version update (0.24.2 -> 0.24.3) - update to 0.24.3: * build: fix incorrect variable checks * fix(lib): correct unexpected side effect in get_column when the lexer is at EOF * build(deps): bump wasmtime to v25.0.2 ==== u-boot-rpiarm64 ==== Subpackages: u-boot-rpiarm64-doc Patch queue updated from https://github.com/openSUSE/u-boot.git tumbleweed-2024.10 * Patches added: 0018-Revert-riscv-dts-jh7110-Update-qspi.patch boo#1231674 ==== unar ==== - Fix build against GCC14 ==== unbound ==== Version update (1.21.1 -> 1.22.0) Subpackages: libunbound8 unbound-anchor - Update to 1.22.0: Features: * Add iter-scrub-ns, iter-scrub-cname and max-global-quota configuration options. * Merge patch to fix for glue that is outside of zone, with `harden-unverified-glue`, from Karthik Umashankar (Microsoft). Enabling this option protects the Unbound resolver against bad glue, that is unverified out of zone glue, by resolving them. It uses the records as last resort if there is no other working glue. * Add redis-command-timeout: 20 and redis-connect-timeout: 200, that can set the timeout separately for commands and the connection set up to the redis server. If they are not specified, the redis-timeout value is used. * Log timestamps in ISO8601 format with timezone. This adds the option `log-time-iso: yes` that logs in ISO8601 format. * DNS over QUIC. This adds `quic-port: 853` and `quic-size: 8m` that enable dnsoverquic, and the counters `num.query.quic` and `mem.quic` in the statistics output. The feature needs to be enabled by compiling with libngtcp2, with `--with-libngtcp2=path` and libngtcp2 needs openssl+quic, pass that with `--with-ssl=path` to compile unbound as well. Bug Fixes: * unbound-control-setup hangs while testing for openssl presence starting from version 1.21.0. * Fix error: "memory exhausted" when defining more than 9994 local-zones. * Fix documentation for cache_fill_missing function. * Fix Loads of logs: "validation failure: key for validation <domain>. is marked as invalid because of a previous" for non-DNSSEC signed zone. * Fix that when rpz is applied the message does not get picked up by the validator. That stops validation failures for the message. * Fix that stub-zone and forward-zone clauses do not exhaust memory for long content. * Fix to print port number in logs for auth zone transfer activities. * b.root renumbering. * Add new IANA trust anchor. * Fix config file read for dnstap-sample-rate. * Fix alloc-size and calloc-transposed-args compiler warnings. * Fix to limit NSEC and NSEC3 TTL when aggressive nsec is enabled (RFC9077). * Fix dns64 with prefetch that the prefetch is stored in cache. * Attempt to further fix doh_downstream_buffer_size.tdir flakiness. * More clear text for prefetch and minimal-responses in the unbound.conf man page. * Fix cache update when serve expired is used. Expired records are favored over resolution and validation failures when serve-expired is used. * Fix negative cache NSEC3 parameter compares for zero length NSEC3 salt. * Fix unbound-control-setup hangs sometimes depending on the openssl version. * Fix Cannot override tcp-upstream and tls-upstream with forward-tcp-upstream and forward-tls-upstream. * Fix to limit NSEC TTL for messages from cachedb. Fix to limit the prefetch ttl for messages after a CNAME with short TTL. * Fix to disable detection of quic configured ports when quic is not compiled in. * Fix harden-unverified-glue for AAAA cache_fill_missing lookups. * Fix contrib/aaaa-filter-iterator.patch for change in call signature for cache_fill_missing. * Fix to display warning if quic-port is set but dnsoverquic is not enabled when compiled. * Fix dnsoverquic to extend the number of streams when one is closed. * Fix for dnstap with dnscrypt and dnstap without dnsoverquic. * Fix for dnsoverquic and dnstap to use the correct dnstap environment. - Update keyring ==== virtiofsd ==== Version update (1.11.1 -> 1.12.0) - Update to version 1.12.0: * Bump version to v1.12.0 * Add file-handles migration mode * Serialize mount FD map * Deserialize file handles * Build mount FD map on deserialization * Add MigrationMode::FileHandles * PassthroughFsV2 * Allow deserializing serializable file handles * Extract serialized::Inode.deserialize_root_node() ==== vte ==== Version update (0.78.0 -> 0.78.1) Subpackages: libvte-2_91-0 typelib-1_0-Vte-2_91 - Update to version 0.78.1: + build: - Prepend python to minifont coverage cmd - Add missing includes + widget: - Improve the robustness of ringview updating - Make sure to update the ringview after a widget resize - termprops: Fix for double termprops + draw: - gsk: . Use fill_n to fill background . Draw cell background using scaled texture - Fix background drawing offset + tests: Remove excessive constrexpr ==== webkit2gtk3 ==== Version update (2.46.1 -> 2.46.2) Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Update to version 2.46.2: + Own well-known bus name on a11y bus. + Improve memory consumption when putImageData is used repeatedly on accelerated canvas. + Disable cached web process suspension for now to prevent leaks. + Improve text kerning with different combinations of antialias and hinting settings. + Destroy all network sessions on process exit. + Fix visible rectangle calculation when there are animations. + Fix the build with ENABLE_NOTIFICATIONS=OFF. + Fix the build with ENABLE_FULLSCREEN_API=OFF. + Fix the build with ENABLE_WEB_AUDIO=OFF. + Fix the build on ppc64le. + Fix several crashes and rendering issues. - Drop bug281495.patch: fixed upstream. ==== wireplumber ==== Subpackages: libwireplumber-0_5-0 wireplumber-audio wireplumber-zsh-completion - Add patch from upstream to fix switching automatically the profile of non-bluetooth devices (boo#1231815): * 0001-autoswitch-bluetooth-profile-switch-only-Bluetooth-devices.patch - Add patch from upstream to fix switching automatically the profile when starting some apps and then switching to the previous profile: * 0002-autoswitch-bluetooth-profile-Switch-to-HSP_HFP-on-timeout.patch - Add patches from upstream to fix a couple of memory leaks: * 0003-m-mixer-api-Fix-memory-in-leak-wp_mixer_api_set_volume.patch * 0004-module-dbus-connection-fix-GCancellable-leak.patch ==== xf86-input-evdev ==== Version update (2.10.6 -> 2.11.0) - update to version 2.11.0 * FTBFS fixes on non-linux platforms and dropping some ancient quirks * Fixes for the Compose and Kana LEDs * we remap some higher keycodes to FK20 and friends, paving the way for systemd/udev to map those properly in their hwdb files ==== xf86-input-libinput ==== Version update (1.4.0 -> 1.5.0) - Update to version 1.5.0: * the compose and kana LEDs are now supported * tablet tools now have a property to indicate the tool serial and hw id (if any) * libinput's tablet tool pressure range config is now supported * libinput's clickfinger button map config is now supported * we remap some higher keycodes to FK20 and friends, paving the way for systemd/udev to map those properly in their hwdb files ==== xfsprogs ==== Version update (6.10.1 -> 6.11.0) Subpackages: libhandle1 - update to 6.11.0 - mkfs: break up the rest of the rtinit() function - mkfs: clean up the rtinit() function - xfs_repair: use library functions for orphanage creation - xfs_repair: use library functions to reset root/rbm/rsum inodes - xfs_repair: don't crash in get_inode_parent - xfs_repair: fix exchrange upgrade - xfs_db: port the iunlink command to use the libxfs iunlink function - xfs_db/mdrestore/repair: don't use the incore struct xfs_sb for offsets into struct xfs_dsb - xfs_db/mkfs/xfs_repair: port to use XFS_ICREATE_UNLINKABLE - xfs_db: port the unlink command to use libxfs_droplink - libxfs: implement get_random_u32 - libxfs: remove libxfs_dir_ialloc - libxfs: backport inode init code from the kernel - libxfs: pack icreate initialization parameters into a separate structure - xfs_io: add RWF_ATOMIC support to pwrite - libfrog: emulate deprecated attrlist functionality in libattr - misc: clean up code around attr_list_by_handle calls - fsck.xfs: fix fsck.xfs run by different shells when fsck.mode=force is set - libxfs: provide a memfd_create() wrapper if not present in libc - xfs_io: Fix fscrypt macros ordering - man: Update unit for fsx_extsize and fsx_cowextsize - xfs_db: release ip resource before returning from get_next_unlinked() - libxfs: kernel sync - ------------------------------------------------------------------ ==== xz ==== Version update (5.6.2 -> 5.6.3) Subpackages: liblzma5 - Update to 5.6.3: * liblzma: - Fix x86-64 inline assembly compatibility with GNU Binutils older than 2.27. - Fix the build with GCC 4.2 on OpenBSD/sparc64. * xzdec: Display an error instead of failing silently if the unsupported option -M is specified. * lzmainfo: Fix integer overflows when rounding the dictionary and uncompressed sizes to the nearest mebibyte. * Autotools-based build: - Fix feature checks with link-time optimization (-flto). - Solaris: Fix a compatibility issue in version.sh. It matters if one wants to regenerate configure by running autoconf. * CMake: - Use paths relative to ${prefix} in liblzma.pc when possible. This is done only with CMake >= 3.20. - Prefer a C11 compiler over a C99 compiler but accept both. - Link Threads::Threads against liblzma using PRIVATE so that - pthread and such flags won't unnecessarily get included in the usage requirements of shared liblzma. That is, target_link_libraries(foo PRIVATE liblzma::liblzma) no longer adds -pthread if using POSIX threads and linking against shared liblzma. The threading flags are still added if linking against static liblzma. * Updated translations: Catalan, Chinese (simplified), and Brazilian Portuguese. ==== yast2-auth-client ==== Version update (5.0.0 -> 5.0.1) - Use new smb.conf parameter "sync machine password to keytab" (gh#yast/yast-auth-client#122). - Skip whitespace-only lines when parsing krb5.conf - 5.0.1 ==== yast2-installation ==== Version update (5.0.14 -> 5.0.15) - Improve handling spaces when list of blacklisted modules are specified (bsc#1231313) - 5.0.15 ==== zlib-ng-compat ==== Version update (2.2.1 -> 2.2.2) - Update to 2.2.2: * Changelog at https://github.com/zlib-ng/zlib-ng/releases/tag/2.2.2 - Install the ld.so configuration file also with the -32bit package, as otherwise biarch installs won't find that library (boo#1232065). [View Less]

1 0

New Arm Tumbleweed snapshot 20241018 released!
by Guillaume Gardet 20 Oct '24

20 Oct '24

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.… [View More]org/openSUSE:Submitting_bug_reports Packages changed: cups cups-filters glib2 (2.82.1 -> 2.82.2) gucharmap (15.1.5 -> 16.0.1) intlfonts (1.2.1 -> 1.4.2) kinfocenter6 kwin6 (6.2.1 -> 6.2.1.1) microos-tools (4.0 -> 4.0+git1) oath-toolkit openSUSE-release (20241017 -> 20241018) patterns-base plasma6-workspace (6.2.1 -> 6.2.1.1) polkit-default-privs (1550+20240708.7e0e3f4 -> 1550+20241017.007e12d) python-Babel python-requests qemu webkit2gtk3 (2.45.92 -> 2.46.1) === Details === ==== cups ==== Subpackages: cups-client cups-config libcups2 libcupsimage2 - Drop rcFOO symlinks for CODE16 (PED-266). ==== cups-filters ==== - Drop rcFOO symlinks for CODE16 (PED-266). ==== glib2 ==== Version update (2.82.1 -> 2.82.2) Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 libgthread-2_0-0 typelib-1_0-GLib-2_0 typelib-1_0-GModule-2_0 typelib-1_0-GObject-2_0 typelib-1_0-Gio-2_0 - Update to version 2.82.2: + Bugs fixed: - glib/gvariant: incorrect use of G_ANALYZER_ANALYZING - Multicast cannot be joined on Mac OS on non-default interface - glib/gvariant: Fix check for G_ANALYZER_ANALYZING - macos: Fix URL launcher - gopenuriportal: Fix two memory leaks - gio: Fix multicast iface selection on macOS - gdatainputstream: Fix length return value on UTF-8 validation failure + Updated translations. ==== gucharmap ==== Version update (15.1.5 -> 16.0.1) Subpackages: libgucharmap_2_90-7 - Update to version 16.0.1: + unicode: Update strings in preparation for unicode 16.0.0. + Updated translations. ==== intlfonts ==== Version update (1.2.1 -> 1.4.2) - UTF-8 should be allowed in changelog - Update to version 1.4.2 + 2021-03-12 handa <handa(a)gnu.org> * Version 1.4.2 released. * Chinese/cns[1-7]-16.bdf, Chinese/cns[1-7]-24.bdf: Delete them again. * Chinese.BIG/cns[1-7]-40.bdf, Chinese.BIG/cc4[08].bdf: Delete them again. * README.split: Delete it. + 2021-02-06 handa <handa(a)gnu.org> * Version 1.4.1 released. + 2018-06-22 K. Handa <handa(a)gnu.org> Thanks to Akira Urushibata <afu(a)wta.att.ne.jp> for reporting these bugs. * Asian/xtis18.bdf: Sort glyphs by ENCODING. * Asian/ind1c24-mule.bdf: Fix ENCODINGs 9082. + 2012-12-14 Kenichi Handa <handa(a)gnu.org> * Version 1.4.0 released. + 2012-12-14 Kenichi Handa <handa(a)gnu.org> * .cvsignore: New file. * make-dist: Fix unpaired string quotation. * Makefile.in (SUBDIRS_BIG): Delete Chienese.BIG. * COPYING: New file (GPL). * Chinese/fonts.alias: Delete entries correponding to deleted fonts. * Chinese/cns[1-7]-16.bdf, Chinese/cns[1-7]-24.bdf: Delete them. * Chinese.BIG/cns[1-7]-40.bdf, Chinese.BIG/cc4[08].bdf: Delete them. * COPYRIGHT: Delete it. + 2006-04-26 Kenichi Handa <handa(a)m17n.org> * make-dist (version): Extract release number. (files): Include make-dist. (release): New variable. * Chinese.X/gb16fs.bdf, Chinese.X/gb16st.bdf, Chinese.X/gb24st.bdf: Fix 0x2736 and 0x2737 (exchanged). + 2006-04-10 Claudio Fontana <claudio(a)gnu.org> * Makefile.in: Add DESTDIR variable to support staged installations. + 2003-07-03 Kenichi Handa <handa(a)m17n.org> * Japanese.BIG/j83-32.bdf, Japanese.BIG/j83-48.bdf: Deleted. * Japanese.BIG/jiskan32.bdf, Japanese.BIG/jiskan48.bdf: New fonts. + 2001-05-14 Milan Zamazal <pdm(a)debian.org> * Chinese/fonts.alias: New aliases for Big5 and GB8565 fonts. + 2001-04-20 Kenichi Handa <handa(a)etl.go.jp> * Misc/bmp16-etl.bdf: Fix BBX for ENCODING 8224. + 2001-03-27 Kenichi Handa <handa(a)etl.go.jp> * Chinese/fonts.alias: Add aliases for CNS fonts. + 2001-03-05 Pavel JanÃk ml. <Pavel(a)Janik.cz> * configure.in (fontdir): Fix help string. + 2000-12-15 Kenichi Handa <handa(a)etl.go.jp> * Version 1.3 released. + 2000-12-15 Kenichi Handa <handa(a)etl.go.jp> * */*-elt.bdf: Copyright notice udpated. * European/koi*.bdf: Properties CHARSET_REGISTRY and CHARSET_ENCODING fixed. + 2000-11-17 Kenichi Handa <handa(a)etl.go.jp> * COPYRIGHT: New file. + 2000-08-18 Kenichi Handa <handa(a)etl.go.jp> * European/lt1-16i-etl.bdf, European/lt1-24b-etl.bdf, European/lt1-24bi-etl: Glyphs improved. + 2000-07-01 Kenichi Handa <handa(a)etl.go.jp> * Asian/thai18.bdf, Asian/thai18b.bdf, Asian/thai18i.bdf, Asian/thai18bi, Asian/thai24.bdf, Asian/xtis18.bdf, Asian/xtis24.bdf: Add property COPYRIGHT stating that they are public domain. * Asian/tib16-mule.bdf, Asian/tib1c16-mule.bdf, Asian/tib24-mule, Asian/tib1c24-mule: Generated from tib32p-mule.bdf and tuned by hand. * Ethiopic/ethio16f-uni.bdf, Ethiopic/ethio24f-uni: Updated from original ftp site. * Ethiopic/ethio12-uni.bdf: New font. * Ethiopic.BIG/ethio300-uni.bdf: New font. * Japanese/j90-16.bdf: Kana glyphs improved. * Japanese/j00-1-16.bdf, Japanese/j00-2-16.bdf: New fonts. + 2000-06-31 Toru Tomabechi <Toru.Tomabechi(a)orient.unil.ch> * Asian/tib9p-mule.bdf, Asian/tib14p-mule.bdf, Asian/tib16p-mule.bdf, Asian/tib18p-mule.bdf, Asian/tib24p-mule.bdf, Asian/tib32p-mule.bdf: New fonts. + 2000-06-23 Kenichi Handa <handa(a)etl.go.jp> * Chinese.BIG/cnsX-40.bdf: Rebuild form bitmap files in CJK LaTeX. * Chinese/cns1-16.bdf, Chinese/cns2-16.bdf: Updated from the original ftp site. * Chinese/cns[1-7]-24.bdf, Chinese/cns[3-7]-16.bdf: Rebuild from cnsX-40.bdf. * Chinese/taipei16.bdf: Updated from the original ftp site. * European/lt1-{32,48,60}-etl.bdf: New fonts. + 1999-12-07 Kenichi Handa <handa(a)etl.go.jp> * Chinese/taipei16.bdf: Properties fixed. - Due to unknown license the Chinese BIG fonts are removed - The Asian/tib16-mule.bdf, Asian/tib1c16-mule.bdf, Asian/tib1c24-mule.bdf, and Asian/tib24-mule.bdf are back as receated from free source ==== kinfocenter6 ==== - Add patches to fix the memory info page by switching from pkexec to KAuth: * 0001-kcms-pull-dmidecode-helper-into-a-separate-dir.patch * 0002-refactor-dmidecode-helper-support-multiple-methods.patch * 0003-kcms-memory-use-KAuth-dmidecode-helper.patch ==== kwin6 ==== Version update (6.2.1 -> 6.2.1.1) Subpackages: kwin6-x11 libkwin6 - Update to 6.2.1.1: * New bugfix release - Changes since 6.2.1: * backends/drm: don't skip colorops when matching the pipeline (kde#494611) * backends/drm: transform damage to match the framebuffer (kde#494837) * Set WAYLAND_DISPLAY before starting wayland server * scene/itemrenderer_opengl: use the color pipeline to check if color transformations are needed (kde#493295) * temporarily revert version number for respin * backends/drm: don't scale infiniteRegion() * backends/drm: fix crash with multi gpu * ci: Require tests to pass only on Linux * Report correct input timestamps for popup keyboard events * backends/drm: disable hdr if we removed the capabilities for it (kde#494706) * wayland/color management: ignore obviously wrong HDR metadata (kde#494502) * update version for new release ==== microos-tools ==== Version update (4.0 -> 4.0+git1) Subpackages: selinux-autorelabel - Update to version 4.0+git1: * Regenerate initrd after selinux-autorelabel installation ==== oath-toolkit ==== - Update 0001-usersfile-fix-potential-security-issues-in-PAM-modul.patch with bsc#1231699 improvements for security fix CVE-2024-47191 ==== openSUSE-release ==== Version update (20241017 -> 20241018) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== patterns-base ==== Subpackages: patterns-base-apparmor patterns-base-base patterns-base-basesystem patterns-base-basic_desktop patterns-base-console patterns-base-enhanced_base patterns-base-minimal_base patterns-base-selinux patterns-base-sw_management patterns-base-transactional_base patterns-base-x11 patterns-base-x11_enhanced - Add "Requires: selinux-policy-base" to selinux pattern so that selinux-policy-targeted will be installed on systems that disable "Recommends" (bsc#1231720) ==== plasma6-workspace ==== Version update (6.2.1 -> 6.2.1.1) Subpackages: plasma6-session plasma6-session-x11 plasma6-workspace-libs sddm-qt6-branding-openSUSE - Update to 6.2.1.1: * New bugfix release - Changes since 6.2.1: * temporarily revert version number for respin * startkde: Specify --type=method_call to correctly notify ksplash * applets/devicenotifier: reduce string allocation * klipper: correct boolean in desktop file * PanelView: Fix popups position when NoBackground hint is set (kde#494193) * update version for new release ==== polkit-default-privs ==== Version update (1550+20240708.7e0e3f4 -> 1550+20241017.007e12d) - Update to version 1550+20241017.007e12d: * profiles: whitelist additional kinfocenter action (bsc#1231659) * Update rule for kpmcore (bsc#1203315) ==== python-Babel ==== - Clean up {Build,}Requires to match reality. ==== python-requests ==== - Add patch inject-default-ca-bundles.patch: * Inject the default CA bundles if they are not specified. (bsc#1226321, bsc#1231500) ==== qemu ==== Subpackages: qemu-arm qemu-audio-spice qemu-block-curl qemu-block-nfs qemu-block-rbd qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-host qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-img qemu-ipxe qemu-ksm qemu-pr-helper qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios - Bug and CVE fixes: * softmmu/physmem: fix memory leak in dirty_memory_extend() * softmmu: Support concurrent bounce buffers (bsc#1230915, CVE-2024-8612) * accel/kvm: check for KVM_CAP_READONLY_MEM on VM (bsc#1231519) - Fix bsc#1231519 and bsc#1230140: * accel/kvm: check for KVM_CAP_READONLY_MEM on VM * target/ppc: Fix lxvx/stxvx facility check ==== webkit2gtk3 ==== Version update (2.45.92 -> 2.46.1) Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Add bug281492.patch: fix crash in AccessibilityAtspi::textAttributes. - Add bug281495.patch: fix crash in ProcessLauncher socket monitor callback. - Update to version 2.46.1: + Fix login QR code not shown in WhatsApp web. + Disable PSON by default again in GTK 3 API versions. + Disable DMABuf video sink by default to prevent file descriptor leaks. + Fix the build with GCC 13. + Fix several crashes and rendering issues. - Update to version 2.46.0 (boo#1231039): + Use Skia instead of cairo for 2D rendering and enable GPU rendering by default. + Enable offscreen canvas by default. + Add support for system tracing with Sysprof. + Implement printing using the Print portal. + Add new API to load settings from a config file. + Add a new setting to enable or disable the 2D canvas acceleration (enabled by default). + Undeprecate console messages API and make it available in 6.0 API. + Security fixes: CVE-2024-40866, CVE-2024-44187. [View Less]

1 0

New Arm Tumbleweed snapshot 20241017 released!
by Guillaume Gardet 18 Oct '24

18 Oct '24

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.… [View More]org/openSUSE:Submitting_bug_reports Packages changed: openSUSE-release (20241016 -> 20241017) qt6-base (6.7.3 -> 6.8.0) qt6-declarative (6.7.3 -> 6.8.0) qt6-imageformats (6.7.3 -> 6.8.0) qt6-multimedia (6.7.3 -> 6.8.0) qt6-networkauth (6.7.3 -> 6.8.0) qt6-positioning (6.7.3 -> 6.8.0) qt6-qt5compat (6.7.3 -> 6.8.0) qt6-quick3d (6.7.3 -> 6.8.0) qt6-quicktimeline (6.7.3 -> 6.8.0) qt6-sensors (6.7.3 -> 6.8.0) qt6-shadertools (6.7.3 -> 6.8.0) qt6-speech (6.7.3 -> 6.8.0) qt6-svg (6.7.3 -> 6.8.0) qt6-tools (6.7.3 -> 6.8.0) qt6-translations (6.7.3 -> 6.8.0) qt6-virtualkeyboard (6.7.3 -> 6.8.0) qt6-wayland (6.7.3 -> 6.8.0) qt6-webchannel (6.7.3 -> 6.8.0) qt6-webengine (6.7.3 -> 6.8.0) qt6-webview (6.7.3 -> 6.8.0) systemd (256.6 -> 256.7) yast2-installation (5.0.12 -> 5.0.14) === Details === ==== openSUSE-release ==== Version update (20241016 -> 20241017) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== qt6-base ==== Version update (6.7.3 -> 6.8.0) Subpackages: libQt6Concurrent6 libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6OpenGLWidgets6 libQt6PrintSupport6 libQt6Sql6 libQt6Test6 libQt6Widgets6 libQt6Xml6 qt6-network-tls qt6-networkinformation-glib qt6-networkinformation-nm qt6-platformtheme-gtk3 qt6-printsupport-cups qt6-sql-mysql qt6-sql-sqlite - Update to 6.8.0: * https://www.qt.io/blog/qt-6.8-released - Add upstream change (needed for kde 493116's bugfix): * 0001-QAbstractItemModelPrivate-add-resetting-member.patch - Drop patch, merged upstream: * 0001-Revert-xcb-handle-XI2-input-button-and-motion-events.patch ==== qt6-declarative ==== Version update (6.7.3 -> 6.8.0) Subpackages: libQt6LabsAnimation6 libQt6LabsFolderListModel6 libQt6LabsQmlModels6 libQt6LabsSettings6 libQt6LabsSharedImage6 libQt6LabsWavefrontMesh6 libQt6Qml6 libQt6QmlCore6 libQt6QmlLocalStorage6 libQt6QmlModels6 libQt6QmlNetwork6 libQt6QmlWorkerScript6 libQt6QmlXmlListModel6 libQt6Quick6 libQt6QuickControls2-6 libQt6QuickControls2Impl6 libQt6QuickDialogs2-6 libQt6QuickDialogs2QuickImpl6 libQt6QuickDialogs2Utils6 libQt6QuickEffects6 libQt6QuickLayouts6 libQt6QuickParticles6 libQt6QuickShapes6 libQt6QuickTemplates2-6 libQt6QuickTest6 libQt6QuickWidgets6 qt6-declarative-imports - Update memory constraints for s390x and use %limit_build - Update disk constraints - Add upstream change to fix compilation failures (kde#494281, QTBUG-129797) * 0001-Compiler-Wrap-raw-string-literals-in-QStringLiteral-.patch - Update to 6.8.0: * https://www.qt.io/blog/qt-6.8-released - Add upstream changes: * 0001-Revert-QQmlDelegateModel-fix-delegates-not-being-cre.patch * 0002-QQmlDelegateModel-fix-delegates-not-being-created-in.patch (kde#493116, QTBUG-127340) - Merge some -devel and -private-devel packages that only have private API. ==== qt6-imageformats ==== Version update (6.7.3 -> 6.8.0) - Update to 6.8.0: * https://www.qt.io/blog/qt-6.8-released ==== qt6-multimedia ==== Version update (6.7.3 -> 6.8.0) Subpackages: libQt6Multimedia6 libQt6MultimediaQuick6 libQt6MultimediaWidgets6 libQt6Quick3DSpatialAudio6 libQt6SpatialAudio6 qt6-multimedia-imports - Update to 6.8.0: * https://www.qt.io/blog/qt-6.8-released - Add patch to fix build on x86: * 0001-Fix-build-on-x86-arch.patch - Add patch to use system Eigen headers * 0001-Build-with-system-eigen-3.patch ==== qt6-networkauth ==== Version update (6.7.3 -> 6.8.0) - Update to 6.8.0: * https://www.qt.io/blog/qt-6.8-released ==== qt6-positioning ==== Version update (6.7.3 -> 6.8.0) Subpackages: libQt6Positioning6 libQt6PositioningQuick6 qt6-positioning-imports - Update to 6.8.0: * https://www.qt.io/blog/qt-6.8-released ==== qt6-qt5compat ==== Version update (6.7.3 -> 6.8.0) Subpackages: libQt6Core5Compat6 qt6-qt5compat-imports - Update to 6.8.0: * https://www.qt.io/blog/qt-6.8-released ==== qt6-quick3d ==== Version update (6.7.3 -> 6.8.0) Subpackages: libQt6Quick3D6 libQt6Quick3DAssetImport6 libQt6Quick3DAssetUtils6 libQt6Quick3DEffects6 libQt6Quick3DHelpers6 libQt6Quick3DHelpersImpl6 libQt6Quick3DParticleEffects6 libQt6Quick3DParticles6 libQt6Quick3DRuntimeRender6 libQt6Quick3DUtils6 qt6-quick3d-imports - Update to 6.8.0: * https://www.qt.io/blog/qt-6.8-released ==== qt6-quicktimeline ==== Version update (6.7.3 -> 6.8.0) - Update to 6.8.0: * https://www.qt.io/blog/qt-6.8-released ==== qt6-sensors ==== Version update (6.7.3 -> 6.8.0) Subpackages: libQt6Sensors6 - Update to 6.8.0: * https://www.qt.io/blog/qt-6.8-released ==== qt6-shadertools ==== Version update (6.7.3 -> 6.8.0) - Update to 6.8.0: * https://www.qt.io/blog/qt-6.8-released ==== qt6-speech ==== Version update (6.7.3 -> 6.8.0) Subpackages: libQt6TextToSpeech6 qt6-texttospeech - Update to 6.8.0: * https://www.qt.io/blog/qt-6.8-released ==== qt6-svg ==== Version update (6.7.3 -> 6.8.0) Subpackages: libQt6Svg6 libQt6SvgWidgets6 - Update to 6.8.0: * https://www.qt.io/blog/qt-6.8-released ==== qt6-tools ==== Version update (6.7.3 -> 6.8.0) Subpackages: libQt6Designer6 libQt6Help6 libQt6UiTools6 qt6-tools-qdbus - Update to 6.8.0: * https://www.qt.io/blog/qt-6.8-released - Drop patch, no longer needed: * fix-llvm19-build.patch ==== qt6-translations ==== Version update (6.7.3 -> 6.8.0) - Update to 6.8.0: * https://www.qt.io/blog/qt-6.8-released ==== qt6-virtualkeyboard ==== Version update (6.7.3 -> 6.8.0) Subpackages: libQt6HunspellInputMethod6 libQt6VirtualKeyboard6 qt6-virtualkeyboard-imports - Update to 6.8.0: * https://www.qt.io/blog/qt-6.8-released ==== qt6-wayland ==== Version update (6.7.3 -> 6.8.0) Subpackages: libQt6WaylandClient6 libQt6WaylandCompositor6 libQt6WaylandEglClientHwIntegration6 libQt6WaylandEglCompositorHwIntegration6 libQt6WlShellIntegration6 - Update to 6.8.0: * https://www.qt.io/blog/qt-6.8-released - Rebase 0001-update-wayland_xml-to-version-1_23_0.patch ==== qt6-webchannel ==== Version update (6.7.3 -> 6.8.0) Subpackages: libQt6WebChannel6 libQt6WebChannelQuick6 qt6-webchannel-imports - Update to 6.8.0: * https://www.qt.io/blog/qt-6.8-released ==== qt6-webengine ==== Version update (6.7.3 -> 6.8.0) Subpackages: libQt6WebEngineCore6 libQt6WebEngineQuick6 libQt6WebEngineWidgets6 qt6-webengine-imports - Add patch to avoid a build failure on ARM (QTBUG-129985): * QtWebEngine_6.8_skip_xnnpack.patch - Update to 6.8.0: * https://www.qt.io/blog/qt-6.8-released - Drop patch: * qtwebengine-ffmpeg-7.patch ==== qt6-webview ==== Version update (6.7.3 -> 6.8.0) - Update to 6.8.0: * https://www.qt.io/blog/qt-6.8-released ==== systemd ==== Version update (256.6 -> 256.7) Subpackages: libsystemd0 libudev1 systemd-container udev - Import commit c7671762b39ead7f8f9e70064256f5efaccedeca (merge of v256.7) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/8a0ae4d90aff1d067a125ff9366eafc… - Clean up some remnants from when homed was in the experimental sub-package (bsc#1231048) ==== yast2-installation ==== Version update (5.0.12 -> 5.0.14) - Fix for previous change which contain typo in class name causing crash in microos installer (gh#yast/yast-installation#1126) - 5.0.14 - Move microos system role dialog from yast2-caasp here to be able to drop yast2-caasp (gh#yast/yast-caasp#49) - 5.0.13 [View Less]

1 0

New Arm Tumbleweed snapshot 20241016 released!
by Guillaume Gardet 18 Oct '24

18 Oct '24

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.… [View More]

1 0

New Arm Tumbleweed snapshot 20241015 released!
by Guillaume Gardet 16 Oct '24

16 Oct '24

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.… [View More]org/openSUSE:Submitting_bug_reports Packages changed: flashrom kdepim-runtime kernel-source (6.11.2 -> 6.11.3) libadwaita (1.6.0 -> 1.6.1) libftdi1 (1.5.12+git.0684c1b -> 1.5.42+git.de9f01e) libmnl nano (8.1 -> 8.2) openSUSE-release (20241014 -> 20241015) openssh ovmf === Details === ==== flashrom ==== - Fix build error under Leap. ==== kdepim-runtime ==== - Make use of libkolabxml optional (boo#1060506) ==== kernel-source ==== Version update (6.11.2 -> 6.11.3) - Linux 6.11.3 (bsc#1012628). - static_call: Handle module init failure correctly in static_call_del_module() (bsc#1012628). - static_call: Replace pointless WARN_ON() in static_call_module_notify() (bsc#1012628). - jump_label: Fix static_key_slow_dec() yet again (bsc#1012628). - scsi: st: Fix input/output error on empty drive reset (bsc#1012628). - scsi: pm8001: Do not overwrite PCI queue mapping (bsc#1012628). - drm/i915/psr: Do not wait for PSR being idle on on Panel Replay (bsc#1012628). - drm/i915/display: BMG supports UHBR13.5 (bsc#1012628). - drm/i915/dp: Fix AUX IO power enabling for eDP PSR (bsc#1012628). - drm/amdgpu: Fix get each xcp macro (bsc#1012628). - drm/amd/display: handle nulled pipe context in DCE110's set_drr() (bsc#1012628). - ksmbd: fix warning: comparison of distinct pointer types lacks a cast (bsc#1012628). - mailbox: ARM_MHU_V3 should depend on ARM64 (bsc#1012628). - mailbox: rockchip: fix a typo in module autoloading (bsc#1012628). - mailbox: bcm2835: Fix timeout during suspend mode (bsc#1012628). - ceph: fix a memory leak on cap_auths in MDS client (bsc#1012628). - ceph: remove the incorrect Fw reference check when dirtying pages (bsc#1012628). - drm/i915/dp: Fix colorimetry detection (bsc#1012628). - ieee802154: Fix build error (bsc#1012628). - net: sparx5: Fix invalid timestamps (bsc#1012628). - net/mlx5: Fix error path in multi-packet WQE transmit (bsc#1012628). - net/mlx5: Added cond_resched() to crdump collection (bsc#1012628). - net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() (bsc#1012628). - net/mlx5e: SHAMPO, Fix overflow of hd_per_wq (bsc#1012628). - net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice (bsc#1012628). - netfilter: uapi: NFTA_FLOWTABLE_HOOK is NLA_NESTED (bsc#1012628). - net: ieee802154: mcr20a: Use IRQF_NO_AUTOEN flag in request_irq() (bsc#1012628). - net: wwan: qcom_bam_dmux: Fix missing pm_runtime_disable() (bsc#1012628). - selftests: netfilter: Fix nft_audit.sh for newer nft binaries (bsc#1012628). - netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1012628). - selftests: netfilter: Add missing return value (bsc#1012628). - Bluetooth: MGMT: Fix possible crash on mgmt_index_removed (bsc#1012628). - Bluetooth: L2CAP: Fix uaf in l2cap_connect (bsc#1012628). - Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq() (bsc#1012628). - afs: Fix missing wire-up of afs_retry_request() (bsc#1012628). - afs: Fix the setting of the server responding flag (bsc#1012628). - net: dsa: improve shutdown sequence (bsc#1012628). - net: Add netif_get_gro_max_size helper for GRO (bsc#1012628). - net: Fix gso_features_check to check for both dev->gso_{ipv4_,}max_size (bsc#1012628). - net: ethernet: lantiq_etop: fix memory disclosure (bsc#1012628). - net: fec: Restart PPS after link state change (bsc#1012628). - net: fec: Reload PTP registers after link-state change (bsc#1012628). - net: avoid potential underflow in qdisc_pkt_len_init() with UFO (bsc#1012628). - net: add more sanity checks to qdisc_pkt_len_init() (bsc#1012628). - net: stmmac: dwmac4: extend timeout for VLAN Tag register busy bit check (bsc#1012628). - ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (bsc#1012628). - netfs: Fix missing wakeup after issuing writes (bsc#1012628). - net: test for not too small csum_start in virtio_net_hdr_to_skb() (bsc#1012628). - ppp: do not assume bh is held in ppp_channel_bridge_input() (bsc#1012628). - net: phy: realtek: Check the index value in led_hw_control_get (bsc#1012628). - bridge: mcast: Fail MDB get request on empty entry (bsc#1012628). - net/ncsi: Disable the ncsi work before freeing the associated structure (bsc#1012628). - iomap: constrain the file range passed to iomap_file_unshare (bsc#1012628). - dt-bindings: net: xlnx,axi-ethernet: Add missing reg minItems (bsc#1012628). - sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (bsc#1012628). - ASoC: topology: Fix incorrect addressing assignments (bsc#1012628). - drm/panthor: Fix race when converting group handle to group object (bsc#1012628). - ASoC: atmel: mchp-pdmc: Skip ALSA restoration if substream runtime is uninitialized (bsc#1012628). - drm/connector: hdmi: Fix writing Dynamic Range Mastering infoframes (bsc#1012628). ... changelog too long, skipping 886 lines ... - commit 3cbf0fa ==== libadwaita ==== Version update (1.6.0 -> 1.6.1) Subpackages: libadwaita-1-0 typelib-1_0-Adw-1 - Update to version 1.6.1: + Fix meson syntax in readme + AdwAboutDialog/Window: Fix natural width + AdwAlertDialog: Fix a crash when setting content-width/height before present() + AdwBottomSheet: - Fix natural height - Fix criticals in dispose in some cases + AdwBreakpointBin: Fix natural size + AdwClamp: Fix get/set_unit() version + AdwExpanderRow: Make suffix spacing match action rows and entry rows + AdwTabBar: - Don't select tabs when clicking close or indicator buttons - Only handle middle clicks started and ended on the same tab + AdwTabOverview: Only handle middle clicks started and ended on the same thumbnail + AdwViewSwitcher: Have a minimum height outside header bars + Docs: - Indicate and explain out of gamut colors on CSS variables page - Update deprecated meson syntax - Typo fixes - Link clamp/layout/scrollable docs between each other + Updated translations. ==== libftdi1 ==== Version update (1.5.12+git.0684c1b -> 1.5.42+git.de9f01e) - Update to version 1.5.42+git.de9f01e: * CMake: bump the minimal required version to 3.5 * python: move from distutils to sysconfig * CMake: use ${PC_LIBUSB_LIBRARIES} instead of a library name * CMake: fix multiarch support * CMake: make the project compatible with building as a subproject * ftdipp/CMakeLists.txt: remove VIM modline settings * CMake: rework subdirectory handling * CMake: rework findlibusb module * CMake: report CMake version * CMake: use dedicated recipe for documentation generation D 0001-Fix-race-during-build-of-python-bindings.patch Patch got integrated mainline ==== libmnl ==== - Enable building documentation ==== nano ==== Version update (8.1 -> 8.2) - GNU nano 8.2: * At a Yes-No prompt, beside Y and the localized initial for "Yes", also ^Y is accepted. Similarly, ^N for "No", and ^A for "All". * A text-highlighting bug with Alt+Home/Alt+End is fixed. ==== openSUSE-release ==== Version update (20241014 -> 20241015) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - Use %{with ...} instead of 0%{with ...} ==== ovmf ==== Subpackages: qemu-uefi-aarch64 - Add ovmf-MdePkg-DebugLib-Enable-FILE-NAME-as-DEBUG-ASSERT-for.patch '5c8bdb190f6d MdePkg DebugLib: Enable FILE NAME as DEBUG ASSERT for GCC12' (bsc#1230425) - Using gcc12 for building x86_64 ovmf image: As the item 'Changed the approach for creating the edk2 source code tarball' in 'Update to edk2-stable202405' change log. We modified the folder name in edk2-edk2-stable%{version}.tar.gz source code tarball to avoid the size problem against FD_SIZE_2MB config. (bsc#1230425) We can use gcc-12 to avoid the size problem because gcc-12 supported __FILE_NAME__ macro for reproducing the size of firmware image. So we applied the above 5c8bdb190f6d patch and aldo the following SLE15-SP7/ Leap 15.7 specific patch for setting the gcc-12 as the default compiler for x86_64 ovmf: - ovmf-BaseTools-Using-gcc12-for-building-image.patch 'BaseTools: Using gcc12 for building x86_64 ovmf image' - This patch only be applied to x86_64 image when building on SUSE 15.5/15.6/15.7 codebases. Here is the pseudocode in ovmf.spec: ifarch x86_64 if sle_version >= 150500 && sle_version <= 150700 Patch13 ovmf-BaseTools-Using-gcc12-for-building-image.patch endif endif The main target is SLE15-SP7 and Leap 15.7. The SUSE 15.5/15.6 is for building in Virtualization development project on OBS: - Changed the edk2-edk2-stable202405.tar.gz back to the tarball which directly downloading from https://github.com/tianocore/edk2. Because we moved to gcc-12 for reducing the size of firmware image. - Against this change, we modified the setup command in %prep section in ovmf.spec back to original statement: new: %setup -q -n edk2-edk2-stable%{version} old: %setup -q -n edk2 [View Less]

1 0

New Arm Tumbleweed snapshot 20241014 released!
by Guillaume Gardet 15 Oct '24

15 Oct '24

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.… [View More]org/openSUSE:Submitting_bug_reports Packages changed: audit audit-secondary openSUSE-release (20241013 -> 20241014) openssh python-zope.interface (7.0.3 -> 7.1.0) xf86-video-mach64 (6.9.7 -> 6.10.0) xf86-video-mga (2.0.1 -> 2.1.0) xf86-video-r128 (6.12.1 -> 6.13.0) === Details === ==== audit ==== Subpackages: libaudit1 libauparse0 - Update audit.spec: add requirement for 'awk' package (bsc#1231236) ==== audit-secondary ==== Subpackages: audit audit-rules python3-audit system-group-audit - Update audit.spec (bsc#1231236): * add requirement for 'awk' package * move some %post logic from audit to audit-rules ==== openSUSE-release ==== Version update (20241013 -> 20241014) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - Add a patch to fix a regression introduced in 9.6 that makes X11 forwarding very slow. Submitted to upstream in https://bugzilla.mindrot.org/show_bug.cgi?id=3655#c4 . Fixes bsc#1229449: * fix-x11-regression-bsc1229449.patch - Remove empty line at the end of sshd-sle.pamd (bsc#1227456) ==== python-zope.interface ==== Version update (7.0.3 -> 7.1.0) - Update to 7.1.0: * Declare support for Python 3.13. * Fix segmentation faults on Python 3.13. (#323) - Drop patch fix-testsuite-segfault.patch, included upstream. - Switch to autosetup macros. - Cherry-pick upstream patch to fix testsuite segfault with Python 3.13 * fix-testsuite-segfault.patch ==== xf86-video-mach64 ==== Version update (6.9.7 -> 6.10.0) - Update to version 6.10.0 * This release raises the minimum supported version of the Xorg server from 1.4 (released in 2007) to 1.18 (released in 2015). This includes the removal of the XAA code, which cannot be compiled for any Xserver newer than the 1.12 series, as it was removed in the Xorg 1.13 release. ==== xf86-video-mga ==== Version update (2.0.1 -> 2.1.0) - Update to version 2.1.0 * This release raises the minimum supported version of the Xorg server to 1.18 (released in 2015). This includes the removal of the XAA code, which cannot be compiled for any Xserver newer than the 1.12 series, as XAA support was removed in the Xorg 1.13 release. - adjusted u_Change-shadow-fb-implementation-from-DDX-based-to-miext-damage-based.patch - refreshed patches ==== xf86-video-r128 ==== Version update (6.12.1 -> 6.13.0) - Update to 6.13.0 * This release raises the minimum supported version of the Xorg server to 1.18 (released in 2015). This includes the removal of the XAA code, which cannot be compiled for any Xserver newer than the 1.12 series, as XAA support was removed in the Xorg 1.13 release. [View Less]

1 0

New Arm Tumbleweed snapshot 20241013 released!
by Guillaume Gardet 14 Oct '24

14 Oct '24

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.… [View More]

1 0

New Arm Tumbleweed snapshot 20241007 released!
by Guillaume Gardet 08 Oct '24

08 Oct '24

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.… [View More]

1 0

My work adding support for RK3588
by Jianfeng Liu 08 Oct '24

08 Oct '24

Hi all, RK3588 is the latese flagship soc from rockchip, and some boards are already supported by mainline u-boot and kernel. I have created a submit request of u-boot: https://build.opensuse.org/request/show/1206198, which has updated u-boot to 2024.10 and added support to rk3588 and a board armsom-sige7, which is supported by mainline u-boot since 2024.10 and mainline kernel since 6.11: https://docs.armsom.org/armsom-sige7 I have also generated a bootable image with this JeOS project: … [View More]

1 0

New Arm Tumbleweed snapshot 20241006 released!
by Guillaume Gardet 07 Oct '24

07 Oct '24

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.… [View More]

1 0

New Arm Tumbleweed snapshot 20241001 released!
by Guillaume Gardet 02 Oct '24

02 Oct '24

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.… [View More]org/openSUSE:Submitting_bug_reports Packages changed: coreutils coreutils-systemd cups (2.4.10 -> 2.4.11) desktop-translations fprintd (1.94.3 -> 1.94.4) gnutls libgtop (2.41.3 -> 2.41.3+4) libjpeg-turbo librsvg (2.58.4 -> 2.59.1) mtools (4.0.44 -> 4.0.45) ncurses (6.5.20240922 -> 6.5.20240928) openSUSE-release (20240930 -> 20241001) selinux-policy (20240925 -> 20240930) suse-module-tools (16.0.51 -> 16.0.52) xen (4.19.0_02 -> 4.19.0_04) === Details === ==== coreutils ==== - coreutils-i18n.patch: fold(1): fix fold -b with UTF8 locale. Sync fix in I18N patch from Fedora/Redhat and add a test. (RHEL-60295) Original report: https://access.redhat.com/solutions/3459791 ==== coreutils-systemd ==== - coreutils-i18n.patch: fold(1): fix fold -b with UTF8 locale. Sync fix in I18N patch from Fedora/Redhat and add a test. (RHEL-60295) Original report: https://access.redhat.com/solutions/3459791 ==== cups ==== Version update (2.4.10 -> 2.4.11) Subpackages: cups-client cups-config libcups2 libcupsimage2 - Version upgrade to 2.4.11: See https://github.com/openprinting/cups/releases CUPS 2.4.11 brings several bug fixes regarding IPP response validation, processing PPD values, Web UI support (checkbox support, modifying printers) and others fixes. Detailed list (from CHANGES.md): * Updated the maximum file descriptor limit for `cupsd` to 64k-1 (Issue #989) * Fixed `lpoptions -d` with a discovered but not added printer (Issue #833) * Fixed incorrect error message for HTTP/IPP errors (Issue #893) * Fixed JobPrivateAccess and SubscriptionPrivateAccess support for "all" (Issue #990) * Fixed issues with cupsGetDestMediaByXxx (Issue #993) * Fixed adding and modifying of printers via the web interface (Issue #998) * Fixed HTTP PeerCred authentication for domain users (Issue #1001) * Fixed checkbox support (Issue #1008) * Fixed printer state notifications (Issue #1013) * Fixed IPP Everywhere printer setup (Issue #1033) Issues are those at https://github.com/OpenPrinting/cups/issues In particular CUPS 2.4.11 contains those commit regarding IPP response validation and processing PPD values: * "Quote PPD localized strings" https://github.com/OpenPrinting/cups/commit/1e6ca5913eceee906038bc04cc7ccfb… plus a cleanup to "Fix warnings for unused vars" https://github.com/OpenPrinting/cups/commit/2abe1ba8a66864aa82cd9836b37e571… - Adapted downgrade-autoconf-requirement.patch for CUPS 2.4.11 - avoid_C99_mode_for_loop_initial_declarations.patch is no longer needed because the issue is fixed upstream. ==== desktop-translations ==== - Add support for the new tool %suse_translate_desktop. (boo#1158957) - Generate desktop-translation-devel for purpose of translation check. (boo#1158957) ==== fprintd ==== Version update (1.94.3 -> 1.94.4) Subpackages: fprintd-pam - update to 1.94.4 * Support building in other non-linux unix platforms (FreeBSD tested) * Bump minimum glib dependency version to 2.64 * Allow interactive DBus authorization on fprintd-tools * Use prefix to determine the PAM modules dir * Translation updates ==== gnutls ==== Subpackages: libgnutls-dane0 libgnutls30 - Build with liboqs to support the X25519Kyber768 post-quantum key exchange algorithm. ==== libgtop ==== Version update (2.41.3 -> 2.41.3+4) - Update to version 2.41.3+4: + Reproducible Builds: Do not embed build-server kernel version on Linux (boo#1230850). + Updated translations. ==== libjpeg-turbo ==== - update to 3.0.4: * Fixed an issue whereby the CPU usage of the default marker processor in the decompressor grew exponentially with the number of markers. This caused an unreasonable slow-down in `jpeg_read_header()` if an application called `jpeg_save_markers()` to save markers of a particular type and then attempted to decompress a JPEG image containing an excessive number of markers of that type. * Hardened the default marker processor in the decompressor to guard against an issue (exposed by 3.0 beta2[6]) whereby attempting to decompress a specially-crafted malformed JPEG image (specifically an image with a complete 12-bit-per-sample Start Of Frame segment followed by an incomplete 8-bit-per-sample Start Of Frame segment) using buffered-image mode and input prefetching caused a segfault if the `fill_input_buffer()` method in the calling application's custom source manager incorrectly returned `FALSE` in response to a prematurely-terminated JPEG data stream. * Fixed an issue in cjpeg whereby, when generating a 12-bit-per-sample or 16-bit-per-sample lossless JPEG image, specifying a point transform value greater than 7 resulted in an error ("Invalid progressive/lossless parameters") unless the `-precision` option was specified before the `-lossless` option. * Fixed a regression introduced by 3.0.3[3] that made it impossible for calling applications to generate 12-bit-per-sample arithmetic-coded lossy JPEG images using the TurboJPEG API. * Fixed an error ("Destination buffer is not large enough") that occurred when attempting to generate a full-color lossless JPEG image using the TurboJPEG Java API's `byte[] TJCompressor.compress()` method if the value of `TJ.PARAM_SUBSAMP` was not `TJ.SAMP_444`. * Fixed a segfault in djpeg that occurred if a negative width was specified with the `-crop` option. Since the cropping region width was read into an unsigned 32-bit integer, a negative width was interpreted as a very large value. With certain negative width and positive left boundary values, the bounds checks in djpeg and `jpeg_crop_scanline()` overflowed and did not detect the out-of-bounds width, which caused a buffer overrun in the upsampling or color conversion routine. Both bounds checks now use 64-bit integers to guard against overflow, and djpeg now checks for negative numbers when it parses the crop specification from the command line. * Fixed an issue whereby the TurboJPEG lossless transformation function and methods checked the specified cropping region against the source image dimensions and level of chrominance subsampling rather than the destination image dimensions and level of chrominance subsampling, which caused some cropping regions to be unduly rejected when performing 90-degree rotation, 270-degree rotation, transposition, transverse transposition, or grayscale conversion. * Fixed an issue whereby the TurboJPEG lossless transformation function and methods did not honor `TJXOPT_COPYNONE`/`TJTransform.OPT_COPYNONE` unless it was specified for all lossless transforms. ==== librsvg ==== Version update (2.58.4 -> 2.59.1) Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0 - Update to version 2.59.1: + Two mitigations for crashes found throuh fuzz testing: - Cairo is easy to crash by giving it path coordinates that are outside of the range that it can represent internally with its fixed-point arithmetic. Fuzzers usually produce SVGs with very large numbers for coordinates, which overflow Cairo's arithmetic. This is just a *mitigation*, not a complete fix: librsvg will now check if path coordinates are outside of Cairo's supported range, and it will not render shapes with problematic coordinates. However, fuzzers may still produce coordinates that are in range but that still make Cairo crash. I am starting to learn Cairo's code to see if this can be fixed gradually. - Update to version 2.59.0: + The biggest change in this release is that librsvg now uses the Meson build system instead of autotools. + With Meson, librsvg now builds a lot more reliably on Windows and MacOS. + Librsvg now uses Meson instead of Autotools + There is a -Davif meson option to include support for AVIF in the image-rs crate, which librsvg uses to load raster images. + Librsvg now explicitly builds only its supported raster formats for image-rs: JPEG, PNG, GIF, WEBP, and optional compile-time support for AVIF). Other raster image formats are not supported, to minimize the attack surface. + Librsvg now supports cancellable rendering; you can start rendering an RsvgHandle in one thread, and stop it from another thread with a GCancellable. In the C API, you can use the rsvg_handle_set_cancellable_for_rendering() function; in the Rust API, CairoRenderer now has a with_cancellable() method. + For Rust users, there is now a 'librsvg-rebind' crate that binds the C API for use from Rust. Internally this links to the system's librsvg shared library, in contrast with the 'librsvg' crate, which is statically linked and which has a native Rust API. The 'librsvg-rebind' crate is for cases where the additional code size from static linking is not desired. This librsvg-rebind crate is available from crates.io. + A bunch of fixes to bugs found through fuzz testing. - Use ldconfig_scriptlets macro for some of the post(un) handling. - Update to version 2.58.94: + The minimum supported Rust version (MSRV) is 1.77.2. + Fix assertion failures with large Hue value in hsl() or hwb() colors. + Limit the baseFrequency for feTurbulence to avoid integer overflow. + Only make exported symbols visible in the library's binary. + Fix the -Davif=enabled feature; it was not being handled correctly at compilation time. + Ensure compatibility with Binutils < 2.39. + Build fixes for Windows. - Update to version 2.58.92: + Librsvg is now part of Google's oss-fuzz and is fuzz-tested automatically - see https://gnome.pages.gitlab.gnome.org/librsvg/devel-docs/oss_fuzz.html for details. + This release has two bug fixes from fuzz testing, and a new API call: - Don't leak XML entities when the XML document fails to parse. - Fix stack overflow in <use> reference cycle. - Librsvg now supports cancellable rendering; you can start rendering an RsvgHandle in one thread, and stop it from another thread with a GCancellable. In the C API, you can use the rsvg_handle_set_cancellable_for_rendering() function; in the Rust API, CairoRenderer now has a with_cancellable() method. + Many build fixes for Windows, MacOS, iOS, and cross-compilation + Continued refactoring for a render tree. + Many fixes to the documentation. - Update to version 2.58.91: + Librsvg now requires cairo version 1.18.0 or later. + Librsvg now explicitly builds only its supported raster formats for image-rs: JPEG, PNG, GIF, WEBP, and optional compile-time support for AVIF. Other raster image formats are not supported, to minimize the attack surface. + Don't generate gdk-pixbuf loaders cache if DESTDIR is set. + Documentation updates for meson. + Document the fact that the default DPI in the C API for RsvgHandle is 90 DPI, unlike rsvg-convert and the Rust API, which use 96 DPI. + Document the security considerations for the image-rs crate and the raster image formats that librsvg supports. + Fix and fine-tune compilation on Windows (MSVC and msys2), MacOS, and Android. + Fix installation when only compiling the static library. + Update Pango for CI and fix a test file. The test suite now includes the DejaVu Sans font, which supports extra glyphs/languages for the test suite. - Changesfrom version 2.58.90: + librsvg has been ported to the Meson build system. Librsvg no longer uses autotools! + Changes in this release: - Librsvg now uses Meson instead of Autotools. - There is a -Davif meson option to include support for AVIF in the image-rs crate, which librsvg uses to load raster images. - Start revamping the fuzzing infrastructure. - Add cargo-c and pkgconfig(dav1d) BuildRequires: new dependencies. ==== mtools ==== Version update (4.0.44 -> 4.0.45) - version update to 4.0.45 * Fixed iconv descriptor leak * Fixed size of error message buffer ==== ncurses ==== Version update (6.5.20240922 -> 6.5.20240928) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20240928 + improve error-message from infocmp when a terminal entry cannot be opened (patch by Branden Robinson). + improve filtering of -L options in misc/gen-pkgconfig.in and in misc/ncurses-config.in + add check in wresize() for out-of-range dimensions (report by Peter Bierma). ==== openSUSE-release ==== Version update (20240930 -> 20241001) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== selinux-policy ==== Version update (20240925 -> 20240930) Subpackages: selinux-policy-targeted - Update to version 20240930: * Label yast binaries correctly ==== suse-module-tools ==== Version update (16.0.51 -> 16.0.52) Subpackages: suse-module-tools-scriptlets - Update to version 16.0.52: * rpm-script: create vmlinuz and initrd also in image build environments (bsc#1231040, bsc#1230858) * regenerate-initrd-posttrans: Fix SKIP_REGENERATE_INITRD_ALL (bsc#1228929) ==== xen ==== Version update (4.19.0_02 -> 4.19.0_04) Subpackages: xen-libs xen-tools-domU - bsc#1230366 - VUL-0: CVE-2024-45817: xen: x86: Deadlock in vlapic_error() (XSA-462) 66f2af41-x86-vLAPIC-undue-recursion-of-vlapic_error.patch Drop xsa462.patch - Upstream bug fixes (bsc#1027519) 66cf737b-x86-Dom0-disable-SMAP-for-PV-only.patch 66d6dca8-libxl-nul-termination-in-xen_console_read_line.patch 66d8690f-SUPPORT-split-XSM-from-Flask.patch 66e29480-x86-HVM-properly-reject-indirect-VRAM-writes.patch 66e44ae2-x86-ucode-AMD-buffer-underrun.patch 66f2fd92-x86-ucode-Intel-stricter-sanity-check.patch - bsc#1230366 - VUL-0: CVE-2024-45817: xen: x86: Deadlock in vlapic_error() (XSA-462) xsa462.patch [View Less]

1 0

New Arm Tumbleweed snapshot 20240124 released!
by Guillaume Gardet 02 Oct '24

02 Oct '24

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.… [View More]org/openSUSE:Submitting_bug_reports Packages changed: Mesa (23.2.1 -> 23.3.3) Mesa-drivers (23.2.1 -> 23.3.3) NetworkManager-applet (1.34.0 -> 1.36.0) abseil-cpp apache2-mod_php8 (8.2.14 -> 8.2.15) cepces (0.3.7 -> 0.3.8) coreutils coreutils-systemd cronie dracut (059+suse.533.g5a7cf9fa -> 059+suse.538.ge7a5cff9) ed (1.19 -> 1.20) emacs-flim gdm gnome-shell grub2 ibus java-11-openjdk (11.0.21.0 -> 11.0.22.0) kdump (2.0.0 -> 2.0.1) kernel-firmware (20240102 -> 20240115) kernel-source (6.6.11 -> 6.7.1) libeconf (0.6.0 -> 0.6.1) libguestfs libidn (1.41 -> 1.42) libmspack libnvme (1.6+5.g68c6ffb -> 1.7.1+0.g13ba383) libp11 libplacebo (6.338.1 -> 6.338.2) libstorage-ng (4.5.174 -> 4.5.175) libvirt (9.10.0 -> 10.0.0) ncurses (6.4.20240113 -> 6.4.20240120) nvidia-open-driver-G06-signed (545.29.06_k6.6.11_1 -> 545.29.06_k6.7.1_1) nvme-cli (2.6 -> 2.7.1) pam (1.5.3 -> 1.6.0) pam-full-src (1.5.3 -> 1.6.0) php8 (8.2.14 -> 8.2.15) pipewire ppp python-Pillow (10.1.0 -> 10.2.0) python-SQLAlchemy (2.0.24 -> 2.0.25) python-Twisted python-anyio (3.7.1 -> 4.2.0) python-authheaders (0.16.0 -> 0.16.1) python-falcon python-gevent python-libvirt-python (9.10.0 -> 10.0.0) python-service_identity (23.1.0 -> 24.1.0) python-trio (0.22.0 -> 0.23.2) qca-qt5 (2.3.7+git12 -> 2.3.8+git1) qpdf (11.7.0 -> 11.8.0) rdma-core (49.0 -> 49.1) rpm-config-SUSE (20230712 -> 20240118) rsyslog sdbootutil (1+git20231221.42797ab -> 1+git20240122.c0d8f76) shaderc (2023.7 -> 2023.8) sssd (2.9.3 -> 2.9.4) systemd tevent (0.15.0 -> 0.16.0) tpm2-0-tss util-linux util-linux-systemd virt-manager vulkan-loader (1.3.268.0 -> 1.3.275.0) vulkan-tools (1.3.268.0 -> 1.3.275.0) yast2-pkg-bindings (5.0.2 -> 5.0.4) yast2-trans (84.87.20240112.f631673f01 -> 84.87.20240120.54f4b9f06a) zbar (0.23.90 -> 0.23.93) zchunk (1.3.2 -> 1.4.0) === Details === ==== Mesa ==== Version update (23.2.1 -> 23.3.3) Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libOSMesa8 libgbm1 - split python36-buildfix.patch into two patches python36-buildfix1.patch and python36-buildfix2.patch; apply the latter only on sle15-sp6/Leap 15.6 since on newer python releases than 3.6 it changes behaviour to remove required=True option - python36-buildfix.patch * src/freedreno/registers/gen_header.py: hopefully fixes aarch64 build - u_0001-intel-genxml-Drop-from-__future__-import-annotations.patch u_0002-intel-genxml-Add-a-untyped-OrderedDict-fallback-for-.patch python36-buildfix.patch * fixes build against python 3.6 - let Mesa-dri require libvulkan1 to get zink/swrast driver fallbacks working (hopefully); probably related: https://gitlab.freedesktop.org/mesa/mesa/-/commit/2a71f06f2938678d89d5ed137… - Update to bugfix release 23.3.3 - -> https://docs.mesa3d.org/relnotes/23.3.3.html - Update to bugfix release 23.3.2 - -> https://docs.mesa3d.org/relnotes/23.3.2.html - Update to version 23.3.0: * It includes NVK, a new reverse-engineered Vulkan driver for Nvidia hardware. This driver is still in experimental phase, not quite ready for prime time yet, but adventurous users can give it a go! * New extensions & features (in no particular order): - VK_EXT_pipeline_robustness on ANV - VK_KHR_maintenance5 on RADV - OpenGL ES 3.1 on Asahi - GL_ARB_compute_shader on Asahi - GL_ARB_shader_atomic_counters on Asahi - GL_ARB_shader_image_load_store on Asahi - GL_ARB_shader_image_size on Asahi - GL_ARB_shader_storage_buffer_object on Asahi - GL_ARB_sample_shading on Asahi - GL_OES_sample_variables on Asahi - GL_OES_shader_multisample_interpolation on Asahi - GL_OES_gpu_shader5 on Asahi - EGL_ANDROID_blob_cache works when disk caching is disabled - VK_KHR_cooperative_matrix on RADV/GFX11+ - Drop patches fixed upstream: * U_clover-llvm-move-to-modern-pass-manager.patch * U_radeonsi-prefix-function-with-si_-to-prevent-name-co.patch - Refresh patches with quilt. - Use %patch -p N instead of deprecated %patchN. ==== Mesa-drivers ==== Version update (23.2.1 -> 23.3.3) Subpackages: Mesa-dri Mesa-gallium Mesa-libva - split python36-buildfix.patch into two patches python36-buildfix1.patch and python36-buildfix2.patch; apply the latter only on sle15-sp6/Leap 15.6 since on newer python releases than 3.6 it changes behaviour to remove required=True option - python36-buildfix.patch * src/freedreno/registers/gen_header.py: hopefully fixes aarch64 build - u_0001-intel-genxml-Drop-from-__future__-import-annotations.patch u_0002-intel-genxml-Add-a-untyped-OrderedDict-fallback-for-.patch python36-buildfix.patch * fixes build against python 3.6 - let Mesa-dri require libvulkan1 to get zink/swrast driver fallbacks working (hopefully); probably related: https://gitlab.freedesktop.org/mesa/mesa/-/commit/2a71f06f2938678d89d5ed137… - Update to bugfix release 23.3.3 - -> https://docs.mesa3d.org/relnotes/23.3.3.html - Update to bugfix release 23.3.2 - -> https://docs.mesa3d.org/relnotes/23.3.2.html - Update to version 23.3.0: * It includes NVK, a new reverse-engineered Vulkan driver for Nvidia hardware. This driver is still in experimental phase, not quite ready for prime time yet, but adventurous users can give it a go! * New extensions & features (in no particular order): - VK_EXT_pipeline_robustness on ANV - VK_KHR_maintenance5 on RADV - OpenGL ES 3.1 on Asahi - GL_ARB_compute_shader on Asahi - GL_ARB_shader_atomic_counters on Asahi - GL_ARB_shader_image_load_store on Asahi - GL_ARB_shader_image_size on Asahi - GL_ARB_shader_storage_buffer_object on Asahi - GL_ARB_sample_shading on Asahi - GL_OES_sample_variables on Asahi - GL_OES_shader_multisample_interpolation on Asahi - GL_OES_gpu_shader5 on Asahi - EGL_ANDROID_blob_cache works when disk caching is disabled - VK_KHR_cooperative_matrix on RADV/GFX11+ - Drop patches fixed upstream: * U_clover-llvm-move-to-modern-pass-manager.patch * U_radeonsi-prefix-function-with-si_-to-prevent-name-co.patch - Refresh patches with quilt. - Use %patch -p N instead of deprecated %patchN. ==== NetworkManager-applet ==== Version update (1.34.0 -> 1.36.0) Subpackages: NetworkManager-connection-editor - Update to version 1.36.0: + Support WiFi's cloned-mac "stable-ssid". + Update translations. ==== abseil-cpp ==== - fix build for non-SUSE distributions ==== apache2-mod_php8 ==== Version update (8.2.14 -> 8.2.15) - version update to 8.2.15 * This is a bug fix release. - modified patches % php-ar-flags.patch (refreshed) % php-build-reproducible-phar.patch (refreshed) ==== cepces ==== Version update (0.3.7 -> 0.3.8) Subpackages: cepces-certmonger cepces-selinux python3-cepces - Update to version 0.3.8: * Fix WSTEP BinarySecurityToken attribute namespaces * Migrate to SPNEGO auth mech ==== coreutils ==== - coreutils-9.4.split-CVE-2024-0684.patch: Add upstream patch: split: do not shrink hold buffer. (CVE-2024-0684) - coreutils-i18n.patch: Update from Fedora to fix build on i686 on GCC14. ==== coreutils-systemd ==== - coreutils-9.4.split-CVE-2024-0684.patch: Add upstream patch: split: do not shrink hold buffer. (CVE-2024-0684) - coreutils-i18n.patch: Update from Fedora to fix build on i686 on GCC14. ==== cronie ==== Subpackages: cron - Update to 1.7.1: * crond: Wait on finishing the job with -n option to check the exit status * crond: Do not set the return path to <> if non-default MAILFROM is set * /etc/sysconfig/crond and /etc/default/anacron files are optional - Remove test-for-etc-default-anacron.patch - Set safe permissions for crontab backups. Add * safe-backup-permissions.patch - Fix anacron not working when /etc/default/anacron does not exist, fixes bsc#1218377 * test-for-etc-default-anacron.patch ==== dracut ==== Version update (059+suse.533.g5a7cf9fa -> 059+suse.538.ge7a5cff9) - Update to version 059+suse.538.ge7a5cff9: * fix(livenet): split `imgsize` calculation to avoid misleading error message * fix(livenet): check also `content-length` from live image header * fix(livenet): propagate error code * fix(dracut): correct regression with multiple `rd.break=` options ==== ed ==== Version update (1.19 -> 1.20) - update to 1.20: * New command-line options for jumping to a line number or match * Improved handling of file names containing control characters * Tweak workflow for fewer 'buffer modified' warnings * Tilde expansion is now performed on file names * Warn on modifying a buffer from a read-only file * Create missing intermediate directories when writing to a file * Documentation updates - drop obsolete makeinfo marcos ==== emacs-flim ==== - Use %patch0 to fix compilation with rpm-4.19 ==== gdm ==== Subpackages: gdm-schema gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0 - Make Patch0 only applies on s390 and s390x. ==== gnome-shell ==== Subpackages: gnome-extensions gnome-shell-calendar - Adapt to version 45.3(bsc#1216072): + Rebase gnome-shell-domain.patch + Rebase gnome-shell-fate324570-Make-GDM-background-image-configurable.patch ==== grub2 ==== Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin - allow to boot memtest86 if stored in /usr/lib/memtest86+ * SR#1071109 can then work ==== ibus ==== Subpackages: libibus-1_0-5 typelib-1_0-IBus-1_0 - Use %_libexecdir as the basis of %_ibus_libexecdir (bsc#1174075) ==== java-11-openjdk ==== Version update (11.0.21.0 -> 11.0.22.0) Subpackages: java-11-openjdk-headless - Upgrade to upstream tag jdk-11.0.22+7 (January 2024 CPU) * Security fixes + JDK-8308204: Enhanced certificate processing + JDK-8314295, CVE-2024-20919, bsc#1218903: Enhance verification of verifier + JDK-8314284, CVE-2024-20926, bsc#1218906: Enhance Nashorn performance + JDK-8314307, CVE-2024-20921, bsc#1218905: Improve loop handling + JDK-8314468, CVE-2024-20918, bsc#1218907: Improve Compiler loops + JDK-8316976, CVE-2024-20945, bsc#1218909: Improve signature handling + JDK-8317547, CVE-2024-20952, bsc#1218911: Enhance TLS connection support * Other fixes + JDK-6381945: (cal) Japanese calendar unit test system should avoid multiple static imports + JDK-6445283: ProgressMonitorInputStream not large file aware (>2GB) + JDK-8026393: jarsigner never shows a warning in badKeyUsage case + JDK-8041447: Test javax/swing/dnd/7171812/bug7171812.java fails with java.lang.RuntimeException: Test failed, scroll on drag doesn't work + JDK-8053479: (dc) DatagramChannel.read() throws exception instead of discarding data when buffer too small + JDK-8067250: [mlvm] vm/mlvm/mixed/stress/regression/b6969574 fails and perf regression + JDK-8153090: TAB key cannot change input focus after the radio button in the Color Selection dialog + JDK-8168408: Test java/awt/Focus/ActualFocusedWindowTest/ /ActualFocusedWindowBlockingTest.java fails intermittentently on windows + JDK-8183374: Refactor java/lang/Runtime shell tests to java + JDK-8185531: [TESTBUG] Improve test configuration for shared strings + JDK-8195589: T6587786.java failed after JDK-8189997 + JDK-8197825: [Test] Intermittent timeout with javax/swing JColorChooser Test + JDK-8205467: javax/management/remote/mandatory/connection/ /MultiThreadDeadLockTest.java possible deadlock + JDK-8207166: jdk/jshell/ /JdiHangingLaunchExecutionControlTest.java - launch timeout + JDK-8210168: JCK test .vm.classfmt.ins.code__002.code__00201m1 .code__00201m1 hangs with -noverify + JDK-8210265: Crash in HSpaceCounters::update_used() + JDK-8211045: [Testbug] Fix for 8144279 didn't define a test case! + JDK-8212997: [TESTBUG] Remove defmeth tests for class file versions 50 and 51 + JDK-8213898: CDS dumping of springboot asserts in G1ArchiveAllocator::alloc_new_region + JDK-8214694: cleanup rawtypes warnings in open jndi tests + JDK-8217329: JTREG: Clean up, remove unused imports in gc folder + JDK-8218178: vmTestbase/vm/mlvm/mixed/stress/regression/ /b6969574/INDIFY_Test.java fails with -Xcomp + JDK-8220083: Remove hard-coded 127.0.0.1 loopback address in JDK networking tests + JDK-8221396: Clean up serviceability/sa/TestUniverse.java + JDK-8223145: Replace wildcard address with loopback or local host in tests - part 1 + JDK-8223788: [macos] JSpinner buttons in JColorChooser dialog may capture focus using TAB Key. + JDK-8224035: Replace wildcard address with loopback or local host in tests - part 9 + JDK-8224204: Replace wildcard address with loopback or local host in tests - part 10 + JDK-8226825: Replace wildcard address with loopback or local host in tests - part 19 + JDK-8230435: Replace wildcard address with loopback or local host in tests - part 22 + JDK-8230858: Replace wildcard address with loopback or local host in tests - part 23 + JDK-8231556: Wrong font ligatures used when 2 versions of same font used + JDK-8231931: [TESTBUG] serviceability/sa/TestUniverse.java looks for wrong string with Shenandoah + JDK-8232135: Add diagnostic output to test java/util/ProcessBuilder/Basic.java + JDK-8232513: java/net/DatagramSocket/PortUnreachable.java still fails intermittently with BindException + JDK-8232933: Javac inferred type does not conform to equality constraint + JDK-8233000: Mark vmTestbase/vm/mlvm/meth/stress/compiler/ /deoptimize test as stress test + JDK-8233847: (sctp) Flx link-local IPv6 scope handling and test cleanup. + JDK-8237858: PlainSocketImpl.socketAccept() handles EINTR incorrectly + JDK-8238740: java/net/httpclient/whitebox/FlowTestDriver.java should not specify a TLS protocol + JDK-8240235: jdk.test.lib.util.JarUtils updates jar files incorrectly + JDK-8240604: Rewrite sun/management/jmxremote/bootstrap/ /CustomLauncherTest.java test to make binaries from source file + JDK-8240754: Instrument FlowTest.java to provide more debug ... changelog too long, skipping 247 lines ... DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.22 ==== kdump ==== Version update (2.0.0 -> 2.0.1) - upgrade to version 2.0.1 * load.sh: fix fadump (bsc#1218589) ==== kernel-firmware ==== Version update (20240102 -> 20240115) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20240115 (git commit efeb548d2a2b): * Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX101 * Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX203 * Intel Bluetooth: Update firmware file for SolarF Intel Bluetooth AX203 * Intel Bluetooth: Update firmware file for SolarF Intel Bluetooth AX211 * Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX211 * amdgpu: DMCUB updates for DCN314 * cirrus: Add firmware file for cs42l43 * amdgpu: DMCUB updates for DCN312 - Update to version 20240111 (git commit b3132c18d0be): * qcom: Update the firmware for Adreno a630 family of GPUs * cirrus: Add CS35L41 firmware for Legion Slim 7 Gen 8 laptops * linux-firmware: Add firmware for Cirrus CS35L41 for various Dell laptops - Update to version 20240110 (git commit 31db82d69905): * linux-firmware: update firmware for qat_4xxx devices * linux-firmware: update firmware for w1u_uart * amdgpu: DMCUB updates for DCN314 * Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX211 * Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX101 * Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX203 * Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX210 - Update to version 20240105 (git commit 5a6ae745d8a4): * amlogic/bluetooth: add firmware bin of W1 serial soc(w1u_uart) - Drop superfluous Provides from uncompressed kernel-firmware package that may confuse dependencies (bsc#1218307) - Minor adjustment and updates of scripts / templates ==== kernel-source ==== Version update (6.6.11 -> 6.7.1) - Linux 6.7.1 (bsc#1012628). - mm/memory_hotplug: fix memmap_on_memory sysfs value retrieval (bsc#1012628). - docs: kernel_feat.py: fix potential command injection (bsc#1012628). - scripts/decode_stacktrace.sh: optionally use LLVM utilities (bsc#1012628). - coresight: etm4x: Fix width of CCITMIN field (bsc#1012628). - PCI: Add ACS quirk for more Zhaoxin Root Ports (bsc#1012628). - leds: ledtrig-tty: Free allocated ttyname buffer on deactivate (bsc#1012628). - parport: parport_serial: Add Brainboxes device IDs and geometry (bsc#1012628). - parport: parport_serial: Add Brainboxes BAR details (bsc#1012628). - uio: Fix use-after-free in uio_open (bsc#1012628). - binder: fix comment on binder_alloc_new_buf() return value (bsc#1012628). - binder: fix trivial typo of binder_free_buf_locked() (bsc#1012628). - binder: fix use-after-free in shinker's callback (bsc#1012628). - binder: use EPOLLERR from eventpoll.h (bsc#1012628). - Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d" (bsc#1012628). - ksmbd: free ppace array on error in parse_dacl (bsc#1012628). - ksmbd: don't allow O_TRUNC open on read-only share (bsc#1012628). - drm/amd/display: Pass pwrseq inst for backlight and ABM (bsc#1012628). - bus: moxtet: Add spi device table (bsc#1012628). - bus: moxtet: Mark the irq as shared (bsc#1012628). - ACPI: resource: Add another DMI match for the TongFang GMxXGxx (bsc#1012628). - ALSA: hda: cs35l41: Support more HP models without _DSD (bsc#1012628). - ALSA: hda/realtek: Fix mute and mic-mute LEDs for HP Envy X360 13-ay0xxx (bsc#1012628). - ALSA: hda/realtek: enable SND_PCI_QUIRK for Lenovo Legion Slim 7 Gen 8 (2023) serie (bsc#1012628). - ALSA: hda: Add driver properties for cs35l41 for Lenovo Legion Slim 7 Gen 8 serie (bsc#1012628). - ALSA: hda: cs35l41: Prevent firmware load if SPI speed too low (bsc#1012628). - ALSA: hda: cs35l41: Support additional Dell models without _DSD (bsc#1012628). - ALSA: hda/realtek: Add quirks for Dell models (bsc#1012628). - f2fs: explicitly null-terminate the xattr list (bsc#1012628). - commit b2e8ed6 - media: solo6x10: replace max(a, min(b, c)) by clamp(b, a, c) (fix build and make it faster). - Delete patches.rpmify/Revert-minmax-allow-comparisons-of-int-against-unsig.patch. - Delete patches.rpmify/Revert-minmax-allow-min-max-clamp-if-the-arguments-h.patch. - Delete patches.rpmify/Revert-minmax-fix-indentation-of-__cmp_once-and-__cl.patch. - Delete patches.rpmify/Revert-minmax-relax-check-to-allow-comparison-betwee.patch. Replace the reverts by an upstream workaround. - commit 9bff21f - mm: huge_memory: don't force huge page alignment on 32 bit (bsc#1218841). - Delete patches.suse/Revert-mm-align-larger-anonymous-mappings-on-THP-bou.patch. Replace the revert by an upstream fix. - commit d54abef - Update patches.suse/futex-Avoid-reusing-outdated-pi_state.patch (bsc#1218801). Update to v2. - commit eeba83a - Revert "mm: align larger anonymous mappings on THP boundaries" (bsc#1218841). - commit 69537e9 - futex: Avoid reusing outdated pi_state (bsc#1218841). - commit 9859079 ==== libeconf ==== Version update (0.6.0 -> 0.6.1) - Update to version 0.6.1: * reading lines which have a length greater than BUFSIZE (#195) * Improved data quote check in read_file (#193) ==== libguestfs ==== Subpackages: libguestfs-appliance libguestfs-xfs libguestfs0 - Copy sorted packagelist to packages during supermin appliance setup. (bsc#1215586) libguestfs.spec ==== libidn ==== Version update (1.41 -> 1.42) - update to 1.42: * build system tweaks * Updated translations and gnulib * fixes for other platforms ==== libmspack ==== - The following bugs and CVEs are not affecting TW: * CVE-2018-18584 * CVE-2018-18585 * CVE-2018-18586 * CVE-2019-1010305 * bsc#1113038 * bsc#1113039 * bsc#1113040 * bsc#1130489 * bsc#1141680 ==== libnvme ==== Version update (1.6+5.g68c6ffb -> 1.7.1+0.g13ba383) Subpackages: libnvme-mi1 libnvme1 - Update to version 1.7.1+0.g13ba383: * tree: do no free ns on error in nvme_ns_init - Update to version 1.7+0.gf38b1d7: * tree: do not open blk device on default * tree: read all attributes from sysfs when available * ioctl: set data length when retrieving LBA status * types: fix regression for vendor-specific field in nvme_id_ns * util: use cleanup functions * linux: use cleanup functions * json: use cleanup functions * fabrics: use cleanup functions * tree: use cleanup functions * cleanup: add cleanup functions * tree: fix incorrect return value * tree: Fix clearing application strings * libnvme: reshuffle nvme_generate_tls_key_identity() * libnvme: fixup error codes * libnvme: Implement 'nvme_generate_tls_key_identity()' * libnvme: support NVMe TLS identities version 1 * libnvme: Add base64 functions * libnvme: separate out 'gen_tls_identity' and reshuffle 'derive_nvme_keys' * libnvme: separate out a function 'select_hmac' * libnvme: fix a memory leak when calling read_ssns() * libnvme: fix a memory leak in read_discovery() * fabrics: avoid redundant args in nvme_discovery_log() * fabrics: have nvmf_get_discovery_log() call nvmf_get_discovery_wargs() * fabrics: fetch smaller Discovery Log Page header * fabrics: avoid redundant Get Log Page on retry * fabrics: clear RAE for discovery log page commands * json-schema: add keyring and tls_key details * types: add Host Behavior Support field definitions * mi: Cast values to u32 if shift overflows int * types: Cast values to u32 if shift overflows int * test: Avoid unaligned pointer dereferences * nbft: Avoid unaligned pointer dereferences * types: add cross-namespace copy formats, status codes, ONCS bits * nvme: Add length field to Hkdf-Expand-Label computation * ioctl: use lsp arg in nvme_get_log_boot_partition * fabrics: use SECTYPE to determine whether to use TLS * fabrics: Allocate aligned payloads for id_ctrl and discovery log calls * linux: Allocate aligned payloads for id_ctrl and id_ns calls * ioctl: MSB variable-size storage/reference tags ==== libp11 ==== - Add support for OpenSSL 3.x: Add libp11-configure-treat-all-openssl-3.x-releases-the-same.patch ==== libplacebo ==== Version update (6.338.1 -> 6.338.2) - Update libplacebo to version 6.338.2. See details in: https://code.videolan.org/videolan/libplacebo/-/tags/v6.338.2 ==== libstorage-ng ==== Version update (4.5.174 -> 4.5.175) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - Translated using Weblate (Indonesian) (bsc#1149754) - 4.5.175 ==== libvirt ==== Version update (9.10.0 -> 10.0.0) Subpackages: libvirt-client libvirt-daemon-common libvirt-daemon-config-network libvirt-daemon-driver-interface libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lock libvirt-daemon-log libvirt-daemon-plugin-lockd libvirt-daemon-qemu libvirt-libs - Add temporary build fix for ppc64le bsc#1218823 - Update to libvirt 10.0.0 - jsc#PED-3226, jsc#PED-3279, jsc#PED-4931, jsc#PED-5432, jsc#PED-6851 - Many incremental improvements and bug fixes, see https://libvirt.org/news.html#v10-0-0-2024-01-15 ==== ncurses ==== Version update (6.4.20240113 -> 6.4.20240120) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20240120 + improve formatting/style of manpages (patches by Branden Robinson). + amend discussion of aliases in tput.1 + use ansi+sgrbold, ansi+sgrdim, ansi+sgrso, ansi+sgrul, ansi+tabs ecma+color, ecma+sgr, vt100+4bsd, vt100+pfkeys, vt220+pcedit xterm+256color, xterm+acs, xterm+nopcfkeys, xterm+pcf2 to trim -TD + modify configure scripts/makefiles to omit KEY_RESIZE if the corresponding SIGWINCH feature is disabled. ==== nvidia-open-driver-G06-signed ==== Version update (545.29.06_k6.6.11_1 -> 545.29.06_k6.7.1_1) - kernel-6.7.patch * fixes build against kernel 6.7 (boo#1219117) ==== nvme-cli ==== Version update (2.6 -> 2.7.1) Subpackages: nvme-cli-bash-completion - Update to version 2.7.1: * nvme-print-json: Revert field name changes (bsc#1218306) - Update to version 2.7: * nvme-print-json: include vs for identify namespace * nvme-print-stdout: enhance connect message * fabrics: fix connect error if hostid file does not exist * fabrics: fix invalid output format error during nvme connect * wdc: Fix vs-smart-add-log Command for SN650 and SN655 * nvme: restric hmac options for gen-tls-key * wdc: Fix UUID index fallback mechanism * plugins/ocp: Add OCP Telemetry String log page, Telemetry log page * completions: Add bash completions for telemetry string log page * plugins/solidigm: Added OCP 2.0 compatibility version command * plugins/solidigm: Added OCP 2.0 vs-drive-info command. * plugins/ocp: Fix printing order of various Latency Monitor Log buckets * nvme: validate output format split status from flag return value * nvme: simplify cleanup_nvme_dev() * cleanup: remove unused cleanup_charp() * wdc: Add support for SN861 2nd pci device id * nvme: replace libhugetlbfs with mmap and madvise * util/mem: move alloc helper to util section * nvme: auto cleanup filedescriptors * nvme: auto cleanup buffers * nvme: return error code in get_persistent_event_log * nvme: sanitize nvme-gen-tls-key * nvme: print out the resulting TLS identity for 'nvme check-tls-key' * nvme: Add version '1' identifier for nvme-gen-tls-key * subprojects/libnvme: update wrapper for TP8018 * plugins/solidigm: Added re_sku_count smart atrribute * doc: Fix nvme-connect manpage --application option string * plugins/ocp: changed command clear-pcie-correctable-error-counters to match OCP 2.0 spec. * plugins/solidigm: Added command to clear PCIe Correctable Error Counters according to OCP 2.0 * plugins/ocp: Reorganized clear feature code for better reuse * nvme: fixup length calculation for 'nvme gen-tls-key --secret' * doc: remove invalid hostkey info for --dhchap-secret * nvme-print-json: use human helper everywhere * nvme-print-json: remove obj_print helper * plugins/ocp: update nvme_show_select_result call * mailmap: only show contributer's name * nvme-print-json: Change to report status and message in array * nvme-print-json: Change to report feature select in array * nvme-print-json: Change to report error and data in array * nvme-print-json: Add show_init/finish calls to report features in array * nvme-print: Add nvme_show_error_status() to merge error message and status * nvme-print-json: Use r instead of root and use obj_add_***(r, ..., ...) * nvme-print-json: Delete static const char string global variables * nvme-print-json: Add remaining controller registers readable format * nvme-print-json: Add readable format cap, vs, cc, csts, nssr and crto registers * nvme-print-json: Combine duplicated json key and val string variables * nvme-print-json: Replase json_array_add_value_string() to array_add_str() * nvme-print-json: Replase json_object_add_value_uint128() to obj/root_add_uint128() * nvme-print-json: Replase json_object_add_value_object() to obj/root_add_obj() * nvme-print-json: Replase json_array_add_value_object() to array_add_obj() * nvme-print-json: Replase json_object_add_value_array() to obj/root_add_array() * nvme-print-json: Replase json_object_add_value_uint() to obj/root_add_uint() * nvme-print-json: Replase json_object_add_value_int() to obj/root_add_int() * nvme-print-json: Replase json_object_add_value_uint64() to obj/root_add_uint64() * nvme-print-json: Replase json_object_add_value_string() to obj/root_add_str() * nvme-print-json: Update feature_show_fields_*** to use root/obj_add_***() * nvme-print-json: Update lba_status_log to use root_add_***() and obj_add_***() * nvme-print-json: Replace lba_status_log printf() to root_add_result() * nvme-print-json: Add list_item print function * nvme-print-json: Add lba_status_info print function * nvme-print-json: Add lba_range print function * nvme-print-json: Add id_ctrl_rpmbs print function * nvme-print-json: Unify json_list and jroot object names to root * nvme-print-json: Add json_zns_changed print function * nvme-print-json: Add root_add_result() to output result message * nvme-print-json: Split persistent_event_log print function * nvme-print-json: Remove unnecessary string newline code * nvme-print-json: Replace effects_log_list print to use json_print() * nvme-print-json: Print persistent_event_log no log data result correctly * nvme-print-json: Add static "result" and "erorr" strings variables * nvme-print-json: Add single_property printf function * nvme: Replace get feature command stderr output to nvme_show_error() * nvme-print-json: Change d() output to use d_json() * nvme: Fix get-feature command mixed stdout and json outputs * nvme-print-json: Add remaining feature fields print functions * nvme-print-json: Update formatting and codying style * build: Add -std=c99 to CFLAGS for muon on CentOS 7 * fabrics: add udev rule to avoid renaming nbft interfaces * fabrics: autoconnect: add service unit for connecting NBFT subsystems * fabrics: autoconnect: explicitly express module dependency * Updates to codeql config * libnvme-wrap: exit on VOID_FN lookup failure * plugins/ocp:Added the ocp C6h feature api * plugin/ocp_fid_c6h:Added the ocp C6h feature api * nvme-copy: support cross-namespace copy * nvme/plugins: fix mismatch operator * nvme: fix overflow possiblity * nvme: reduce identify cmd issue * nvme: allow set-features to take input from stdin * Fix common misspellings from codespell project * nvme-print: Correct to print correct ascii character string length * print-stdout: print Host Behavior Support correctly * build: Bump libnvme wrap * plugins/solidigm: Added support for temperature statistics log page * Add support for codeql sweeps * doc: Add virt-mgmt command ... changelog too long, skipping 44 lines ... * update NetApp udev rule file name ==== pam ==== Version update (1.5.3 -> 1.6.0) - Add post 1.6.0 release fixes for pam_env and pam_unix: - pam_env-fix-enable-vendordir-fallback.patch - pam_env-fix_vendordir.patch - pam_env-remove-escaped-newlines.patch - pam_unix-fix-password-aging-disabled.patch - Update to version 1.6.0 - Added support of configuration files with arbitrarily long lines. - build: fixed build outside of the source tree. - libpam: added use of getrandom(2) as a source of randomness if available. - libpam: fixed calculation of fail delay with very long delays. - libpam: fixed potential infinite recursion with includes. - libpam: implemented string to number conversions validation when parsing controls in configuration. - pam_access: added quiet_log option. - pam_access: fixed truncation of very long group names. - pam_canonicalize_user: new module to canonicalize user name. - pam_echo: fixed file handling to prevent overflows and short reads. - pam_env: added support of '\' character in environment variable values. - pam_exec: allowed expose_authtok for password PAM_TYPE. - pam_exec: fixed stack overflow with binary output of programs. - pam_faildelay: implemented parameter ranges validation. - pam_listfile: changed to treat \r and \n exactly the same in configuration. - pam_mkhomedir: hardened directory creation against timing attacks. - Please note that using *at functions leads to more open file handles during creation. - pam_namespace: fixed potential local DoS (CVE-2024-22365). - pam_nologin: fixed file handling to prevent short reads. - pam_pwhistory: helper binary is now built only if SELinux support is enabled. - pam_pwhistory: implemented reliable usernames handling when remembering passwords. - pam_shells: changed to allow shell entries with absolute paths only. - pam_succeed_if: fixed treating empty strings as numerical value 0. - pam_unix: added support of disabled password aging. - pam_unix: synchronized password aging with shadow. - pam_unix: implemented string to number conversions validation. - pam_unix: fixed truncation of very long user names. - pam_unix: corrected rounds retrieval for configured encryption method. - pam_unix: implemented reliable usernames handling when remembering passwords. - pam_unix: changed to always run the helper to obtain shadow password entries. - pam_unix: unix_update helper binary is now built only if SELinux support is enabled. - pam_unix: added audit support to unix_update helper. - pam_userdb: added gdbm support. - Multiple minor bug fixes, portability fixes, documentation improvements, and translation updates. - The following patches are obsolete with the update: - pam_access-doc-IPv6-link-local.patch - pam_access-hostname-debug.patch - pam_shells-fix-econf-memory-leak.patch - pam_shells-fix-econf-memory-leak.patch - disable-examples.patch - pam-login_defs-check.sh: adjust checksum, SHA_CRYPT_MAX_ROUNDS is no longer used. ==== pam-full-src ==== Version update (1.5.3 -> 1.6.0) - Add post 1.6.0 release fixes for pam_env and pam_unix: - pam_env-fix-enable-vendordir-fallback.patch - pam_env-fix_vendordir.patch - pam_env-remove-escaped-newlines.patch - pam_unix-fix-password-aging-disabled.patch - Update to version 1.6.0 - Added support of configuration files with arbitrarily long lines. - build: fixed build outside of the source tree. - libpam: added use of getrandom(2) as a source of randomness if available. - libpam: fixed calculation of fail delay with very long delays. - libpam: fixed potential infinite recursion with includes. - libpam: implemented string to number conversions validation when parsing controls in configuration. - pam_access: added quiet_log option. - pam_access: fixed truncation of very long group names. - pam_canonicalize_user: new module to canonicalize user name. - pam_echo: fixed file handling to prevent overflows and short reads. - pam_env: added support of '\' character in environment variable values. - pam_exec: allowed expose_authtok for password PAM_TYPE. - pam_exec: fixed stack overflow with binary output of programs. - pam_faildelay: implemented parameter ranges validation. - pam_listfile: changed to treat \r and \n exactly the same in configuration. - pam_mkhomedir: hardened directory creation against timing attacks. - Please note that using *at functions leads to more open file handles during creation. - pam_namespace: fixed potential local DoS (CVE-2024-22365). - pam_nologin: fixed file handling to prevent short reads. - pam_pwhistory: helper binary is now built only if SELinux support is enabled. - pam_pwhistory: implemented reliable usernames handling when remembering passwords. - pam_shells: changed to allow shell entries with absolute paths only. - pam_succeed_if: fixed treating empty strings as numerical value 0. - pam_unix: added support of disabled password aging. - pam_unix: synchronized password aging with shadow. - pam_unix: implemented string to number conversions validation. - pam_unix: fixed truncation of very long user names. - pam_unix: corrected rounds retrieval for configured encryption method. - pam_unix: implemented reliable usernames handling when remembering passwords. - pam_unix: changed to always run the helper to obtain shadow password entries. - pam_unix: unix_update helper binary is now built only if SELinux support is enabled. - pam_unix: added audit support to unix_update helper. - pam_userdb: added gdbm support. - Multiple minor bug fixes, portability fixes, documentation improvements, and translation updates. - The following patches are obsolete with the update: - pam_access-doc-IPv6-link-local.patch - pam_access-hostname-debug.patch - pam_shells-fix-econf-memory-leak.patch - pam_shells-fix-econf-memory-leak.patch - disable-examples.patch - pam-login_defs-check.sh: adjust checksum, SHA_CRYPT_MAX_ROUNDS is no longer used. ==== php8 ==== Version update (8.2.14 -> 8.2.15) Subpackages: php8-cli php8-ctype php8-dom php8-gd php8-gettext php8-iconv php8-mbstring php8-mysql php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter - version update to 8.2.15 * This is a bug fix release. - modified patches % php-ar-flags.patch (refreshed) % php-build-reproducible-phar.patch (refreshed) ==== pipewire ==== Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Add patches from upstream to fix building the package in Factory with libcamera 0.2.0: * 0001-spa-libcamera-use-CameraConfigurationorientation.patch * 0002-spa-libcamera-bump-minimum-supported-version-to-0.2.0.patch ==== ppp ==== - Backport ppp-pidfiles.patch and ppp-mkdir-run.patch from the upcoming 2.5.1 release and make sure that pppd's pid, resolv and database files are created under /run/ppp (bsc#1218370). - Reflect the rp-pppoe -> pppoe name change also in pppoe-peers. ==== python-Pillow ==== Version update (10.1.0 -> 10.2.0) - Update to 10.2.0: * Add ``keep_rgb`` option when saving JPEG to prevent conversion of RGB colorspace * Trim glyph size in ImageFont.getmask() * Deprecate IptcImagePlugin helpers * Allow uncompressed TIFF images to be saved in chunks * Concatenate multiple JPEG EXIF markers * Changed IPTC tile tuple to match other plugins * Do not assign new fp attribute when exiting context manager * Support arbitrary masks for uncompressed RGB DDS images * Support setting ROWSPERSTRIP tag * Apply ImageFont.MAX_STRING_LENGTH to ImageFont.getmask() * Optimise ``ImageColor`` using ``functools.lru_cache`` * Restricted environment keys for ImageMath.eval() (CVE-2023-50447, bsc#1219048) * Optimise ``ImageMode.getmode`` using ``functools.lru_cache`` * Fix incorrect color blending for overlapping glyphs * Attempt memory mapping when tile args is a string * Fill identical pixels with transparency in subsequent frames when saving GIF * Corrected duration when combining multiple GIF frames into single frame * Handle disposing GIF background from outside palette * Seek past the data when skipping a PSD layer * Import plugins relative to the module * Translate encoder error codes to strings; deprecate ``ImageFile.raise_oserror()`` * Support reading BC4U and DX10 BC1 images * Optimize ImageStat.Stat.extrema * Handle pathlib.Path in FreeTypeFont * Added support for reading DX10 BC4 DDS images * Optimized ImageStat.Stat.count * Correct PDF palette size when saving * Fixed closing file pointer with olefile 0.47 * Raise ValueError when TrueType font size is not greater than zero * If absent, do not try to close fp when closing image * Allow configuring JPEG restart marker interval on save * Decrement reference count for PyObject * Implement ``streamtype=1`` option for tables-only JPEG encoding * If save_all PNG only has one frame, do not create animated image * Fixed frombytes() for images with a zero dimension - Switch to autosetup and pyproject macros. ==== python-SQLAlchemy ==== Version update (2.0.24 -> 2.0.25) - update to 2.0.25: * preliminary support for Python 3.12 pep-695 type alias structures * see https://docs.sqlalchemy.org/en/20/changelog/changelog_20.html#change-2.0.25 ==== python-Twisted ==== Subpackages: python311-Twisted python311-Twisted-tls - Add twisted-pr12054-testinvokationpy3.12.1.patch * Pull request gh#twisted/twisted#12054 fixes failing tests on python312 gh#twisted/twisted#12052 - Fix rpmlint errors ==== python-anyio ==== Version update (3.7.1 -> 4.2.0) - update to 4.2.0: * Add support for byte-based paths in connect_unix, create_unix_listeners, create_unix_datagram_socket, and create_connected_unix_datagram_socket. (PR by Lura Skye) * Enabled the Event and CapacityLimiter classes to be instantiated outside an event loop thread * Broadly improved/fixed the type annotations. Among other things, many functions and methods that take variadic positional arguments now make use of PEP 646 TypeVarTuple to allow the positional arguments to be validated by static type checkers. These changes affected numerous methods and functions, including: * anyio.run() * TaskGroup.start_soon() * anyio.from_thread.run() * anyio.from_thread.run_sync() * anyio.to_thread.run_sync() * anyio.to_process.run_sync() * BlockingPortal.call() * BlockingPortal.start_task_soon() * BlockingPortal.start_task() (also resolves #560) * Fixed various type annotations of anyio.Path to match Typeshed: * anyio.Path.__lt__() * anyio.Path.__le__() * anyio.Path.__gt__() * anyio.Path.__ge__() * anyio.Path.__truediv__() * anyio.Path.__rtruediv__() * anyio.Path.hardlink_to() * anyio.Path.samefile() * anyio.Path.symlink_to() * anyio.Path.with_segments() (PR by Ganden Schaffner) * Fixed adjusting the total number of tokens in a CapacityLimiter on asyncio failing to wake up tasks waiting to acquire the limiter in certain edge cases (fixed with help from Egor Blagov) * Fixed loop_factory and use_uvloop options not being used on the asyncio backend * Fixed cancellation propagating on asyncio from a task group to child tasks if the task hosting the task group is in a shielded cancel scope - update to 4.1.0: * Adapted to API changes made in Trio v0.23 * Removed a checkpoint when exiting a task group * Renamed the ``cancellable`` argument in ``anyio.to_thread.run_sync()`` to * ``abandon_on_cancel`` (and deprecated the old parameter name) * Added support for voluntary thread cancellation via * ``anyio.from_thread.check_cancelled()`` * Bumped minimum version of trio to v0.23 * Exposed the ``ResourceGuard`` class in the public API * Fixed ``RuntimeError: Runner is closed`` when running higher- scoped async generator fixtures in some cases * Fixed discrepancy between ``asyncio`` and ``trio`` where reraising a cancellation exception in an ``except*`` block would incorrectly bubble out of its cancel scope * Any exceptions raising out of a task groups are now nested inside an ``ExceptionGroup`` (or ``BaseExceptionGroup`` if one or more ``BaseException`` were included) * Fixed task group not raising a cancellation exception on asyncio at exit if no child tasks were spawned and an outer cancellation scope had been cancelled before * Ensured that exiting a ``TaskGroup`` always hits a yield point, regardless of whether there are running child tasks to be waited on * On asyncio, cancel scopes will defer cancelling tasks that are scheduled to resume with a finished future * On asyncio and Python 3.9/3.10, cancel scopes now only suppress cancellation exceptions if the cancel message matches the scope * Task groups on all backends now raise a single cancellation exception when an outer cancel scope is cancelled, and no exceptions other than cancellation exceptions are raised in the group * **BACKWARDS INCOMPATIBLE** Changes the pytest plugin to run all tests and fixtures in the same task, allowing fixtures to set context variables for tests and other fixtures ``anyio.Path.relative_to()`` and * ``anyio.Path.is_relative_to()`` to only accept one argument, as passing multiple arguments is deprecated as of Python 3.12 * **BACKWARDS INCOMPATIBLE** Dropped support for spawning tasks from old-style coroutine functions (``(a)asyncio.coroutine``) * **BACKWARDS INCOMPATIBLE** The ``policy`` option on the ``asyncio`` backend was changed to ``loop_factory`` to accommodate ``asyncio.Runner`` * Dropped support for Python 3.7 * Added support for Python 3.12 * Fixed ``from_thread.run`` failing when used to call sniffio- dependent functions on asyncio from a thread running trio or curio * Fixed deadlock when using ``from_thread.start_blocking_portal(backend="asyncio")`` * in a thread running trio or curio (PR by Ganden Schaffner) * Improved type annotations: * The ``item_type`` argument of ``create_memory_object_stream`` was deprecated. * To indicate the item type handled by the stream, use * ``create_memory_object_stream[T_Item]()`` instead. Type checking should no longer fail when annotating memory object - drop tests-test_fileio.py-don-t-follow-symlinks-in-dev.patch (upstream) ==== python-authheaders ==== Version update (0.16.0 -> 0.16.1) - update to 0.16.1: * Clean up unnecessary escaping of semi-colons in test data and adjust related code to resolve SyntaxWarning with Python 3.12 (#29) * Set python_requires >3.7 and clean up cruft in setup.py * Use importlib.resources instead of importlib_resources - switch to PEP517 build ==== python-falcon ==== Subpackages: python-falcon-doc python311-falcon - remove unneeded build dependency python-ujson ==== python-gevent ==== - Clean obsolete old python and old distribution directives * Only 15.5+ with the sle15 python module and Tumbleweed have the required Python 3.8+ * Drop fix-no-return-in-nonvoid-function.patch - Update test suite execution * Use -u-network flag to disable network tests * Add gevent-opensuse-nocolor-tests.patch -- Avoid colorization of test output in obs runners * Add gevent-fix-unittest-returncode-py312-c1.patch and gevent-fix-unittest-returncode-py312-c2.patch gh#gevent/gevent#2012 ==== python-libvirt-python ==== Version update (9.10.0 -> 10.0.0) - Update to 10.0.0 - Add all new APIs and constants in libvirt 10.0.0 - jsc#PED-3226, jsc#PED-3279, jsc#PED-4931, jsc#PED-5432, jsc#PED-6851 ==== python-service_identity ==== Version update (23.1.0 -> 24.1.0) - update to 24.1.0: * If a certificate doesn't contain any `subjectAltName`s, we now raise `service_identity.CertificateError` instead of `service_identity.VerificationError` to make the problem easier to debug. ==== python-trio ==== Version update (0.22.0 -> 0.23.2) - We don't need isort for the tests: Avoid it for Ring1 - Clean dependencies - update to 0.23.2: * TypeVarTuple is now used to fully type :meth:`nursery.start_soon() <trio.Nursery.start_soon>`, :func:`trio.run()`, :func:`trio.to_thread.run_sync()`, and other similar functions accepting (func, *args). This means type checkers will be able to verify types are used correctly. :meth:`nursery.start() <trio.Nursery.start>` is not fully typed yet however. (#2881) * Make pyright recognize :func:`open_memory_channel` as generic. (#2873) backlink Unknown interpreted text role "func". * Make pyright recognize :func:`open_memory_channel` as generic. * Unknown interpreted text role "func". * Moved the metadata into PEP 621-compliant :file:`pyproject.toml`. (#2860) - update to 0.23.1: * Don't crash on import in Anaconda interpreters. * Add type hints. * When exiting a nursery block, the parent task always waits for child tasks to exit. This wait cannot be cancelled. However, previously, if you tried to cancel it, it *would* inject a `Cancelled` exception, even though it wasn't cancelled. Most users probably never noticed either way, but injecting a `Cancelled` here is not really useful, and in some rare cases caused confusion or problems, so Trio no longer does that. * If called from a thread spawned by `trio.to_thread.run_sync`, `trio.from_thread.run` and `trio.from_thread.run_sync` now reuse the task and cancellation status of the host task; * this means that context variables and cancel scopes naturally propagate 'through' threads spawned by Trio. You can also use `trio.from_thread.check_cancelled` to efficiently check for cancellation without reentering the Trio thread. * :func:`trio.lowlevel.start_guest_run` now does a bit more setup of the guest run before it returns to its caller, so that the caller can immediately make calls to :func:`trio.current_time`, :func:`trio.lowlevel.spawn_system_task`, :func:`trio.lowlevel.current_trio_token`, etc. * When a starting function raises before calling :func:`trio.TaskStatus.started`, :func:`trio.Nursery.start` will no longer wrap the exception in an undocumented :exc:`ExceptionGroup`. * To better reflect the underlying thread handling semantics, the keyword argument for `trio.to_thread.run_sync` that was previously called ``cancellable`` is now named ``abandon_on_cancel``. * The old ``cancellable`` name is now deprecated. - Update to 0.22.2: * Fix PermissionError when importing trio due to trying to access pthread. * Breaking change: Timeout functions now raise ValueError if passed math.nan. This includes trio.sleep, trio.sleep_until, trio.move_on_at, trio.move_on_after, trio.fail_at and trio.fail_after. * Added support for naming threads created with trio.to_thread.run_sync, requires pthreads so is only available on POSIX platforms with glibc installed. * trio.socket.socket now prints the address it tried to connect to upon failure. * Fixed a crash that can occur when running Trio within an embedded Python interpreter, by handling the TypeError that is raised when trying to (re-)install a C signal handler. * Fix sniffio.current_async_library() when Trio tasks are spawned from a non-Trio context (such as when using trio-asyncio). Previously, a regular Trio task would inherit the non-Trio library name, and spawning a system task would cause the non-Trio caller to start thinking it was Trio. * Documented that Nursery.start_soon does not guarantee task ordering. ==== qca-qt5 ==== Version update (2.3.7+git12 -> 2.3.8+git1) Subpackages: libqca-qt5-2 qca-qt5-plugins - Update to version 2.3.8+git1: * CI: Enable Android builds - There's a v2.3.8 tag now so the version matches properly again ==== qpdf ==== Version update (11.7.0 -> 11.8.0) - Temporary workaround for test fuzz-16214 (bsc#1218902) * Add openssl3_2-fuzz-16214.patch - Update to 11.8.0: * Bug fixes: - When flattening annotations, preserve hyperlinks and other annotations that inherently have no appearance information. * CLI Enhancements - Introduce x in the numeric range syntax to allow exclusion of pages within a page range. See Page Ranges for details. - Support comma-separated numeric values with --collate to select different numbers of pages from different groups. - Add --set-page-labels option to completely override page labels in the output. * Library Enhancements - Add API to support --set-page-labels: - QPDFJob::Config::setPageLabels - pdf_page_label_e enumerated type - QPDFPageLabelDocumentHelper::pageLabelDict - Improve file recovery logic to better handle files with cross-reference streams. This should enable qpdf to recover some files that it would previously have reported âunable to find trailer dictionary.â ==== rdma-core ==== Version update (49.0 -> 49.1) Subpackages: libefa1 libibverbs libibverbs1 libmana1 libmlx4-1 libmlx5-1 librdmacm1 rdma-ndd - Update to v49.1 (jsc#PED-6891, jsc#PED-6864, jsc#PED-6839, jsc#PED-6836, jsc#PED-6828, jsc#PED-6824, jsc#PED-6958, jsc#PED-6943, jsc#PED-6933, jsc#PED-6916) - No release notes available. ==== rpm-config-SUSE ==== Version update (20230712 -> 20240118) - Update to version 20240118: * find-provides.ksyms: Fix ksym provides on Tumbleweed/ALP - Update to version 20240115: * macros.initrd: %regenerate_initrd_post: don't fail if mkdir is unavailable * scripts: Do full ksyms dependencies on Tumbleweed (bsc#1215015) ==== rsyslog ==== - suppress installation errors when systemd is not running (bsc#1218799) ==== sdbootutil ==== Version update (1+git20231221.42797ab -> 1+git20240122.c0d8f76) Subpackages: sdbootutil-rpm-scriptlets sdbootutil-snapper - Update to version 1+git20240122.c0d8f76: * Integrate with kernel-install * Rework kernel listing a bit * Add checks to list-entries * List entries for current system only by default * Fall back to loader.conf if setting efivar failed * Runtime determine kernel image name * Add list-snapshots * Add list-entries command - Update to version 1+git20240118.7e744b4: * Bind mount /etc inside the snapshot ==== shaderc ==== Version update (2023.7 -> 2023.8) - Update to release 2023.8 * API: Expose rlaxed Vulkan rules from glslang ==== sssd ==== Version update (2.9.3 -> 2.9.4) Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-krb5-common sssd-ldap - Update to release 2.9.4 * Fixes a crash when PAM passkey processing incorrectly handles non-passkey data. * Fixed group membership handling when members are coming from different forest domains and using ldap token groups is prohibited. * Files provider was erroneously taking into consideration ``local_auth_policy`` config option, thus breaking smartcard authentication of local user in setups that did not explicitly specify this option. This is now fixed. ==== systemd ==== Subpackages: libsystemd0 libudev1 systemd-boot systemd-container systemd-coredump udev - Add patches that implement [jsc#PED-5659] 5003-cgroup-rename-TasksMax-structure-to-CGroupTasksMax.patch 5004-bus-print-properties-ignore-CGROUP_LIMIT_MAX-for-Mem.patch 5005-bus-print-properties-prettify-more-unset-properties.patch 5006-cgroup-Add-EffectiveMemoryMax-EffectiveMemoryHigh-an.patch 5007-test-Convert-rlimit-test-to-subtest-of-generic-limit.patch 5008-test-Add-effective-cgroup-limits-testing.patch 5009-cgroup-Restrict-effective-limits-with-global-resourc.patch 5010-cgroup-Rename-effective-limits-internal-table.patch They are temporarily put in quarantine to get broader testing but should be eventually moved to the git repo. - remove pam-config call from post scriptlet of systemd-32bit * the full package already does that ==== tevent ==== Version update (0.15.0 -> 0.16.0) Subpackages: libtevent0 python3-tevent - Update to version 0.16.0 * the epoll backend is no longer limited to 2 event handlers per low level fd. * finally add support for TEVENT_FD_ERROR ==== tpm2-0-tss ==== Subpackages: libtss2-esys0 libtss2-mu0 libtss2-rc0 libtss2-sys1 libtss2-tcti-device0 libtss2-tctildr0 - Fix tmpfiles %ghost file names - Move tmpfiles config to different package: * tmpfiles_create was being called with bad input (version ?) * it avoids breaking SLPP for libtss2-fapi1 (hence the prior warning in spec) - tss sysusers requires should be pre not post ==== util-linux ==== Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 - Minor multibuild fixes (PED-307): * Restore /bin symlinks in util-linux-systemd if building with ul_extra_bin_sbin. * Restore compatibility supplements and split-provides. * Update safety check instructions. ==== util-linux-systemd ==== - Minor multibuild fixes (PED-307): * Restore /bin symlinks in util-linux-systemd if building with ul_extra_bin_sbin. * Restore compatibility supplements and split-provides. * Update safety check instructions. ==== virt-manager ==== Subpackages: virt-install virt-manager-common - bsc#1218983 - [SLE15SP6] virt-manager:test testCLI0264virt_xml fails with libvirt 10.0.0. Disable this test for now. virt-manager.spec ==== vulkan-loader ==== Version update (1.3.268.0 -> 1.3.275.0) - Update to release SDK-1.3.275.0 * Instance extensions unsupported by physical devices now return ERROR_EXTENSION_NOT_PRESENT * Unload drivers which report 0 physical devices ==== vulkan-tools ==== Version update (1.3.268.0 -> 1.3.275.0) - Update to release SDK-1.3.275.0 * icd: Add vkGetMemoryFdKHR support * icd: Add vkGetMemoryHostPointerPropertiesEXT support * vulkaninfo: Autogenerate Format list * icd: Add basic VkDisplayKHR support * icd: Add vkRegisterDisplayEventEXT * icd: Add video support ==== yast2-pkg-bindings ==== Version update (5.0.2 -> 5.0.4) - Fixed repository and service probing with libzypp 7.31.26 and newer, convert the type to string by pkg-bindings, not by libzypp which might change it (bsc#1218399) - 5.0.4 - Added new pkg calls for managing and resolving the solver conflicts. Added PkgSolveProblems(), PkgSetSolveSolutions() and PkgResetSolveSolutions() calls. (gh#openSUSE/agama#944) - Libzypp 17.31.26+ uses "N/A" for unknown repository types instead of "NONE", support both cases (bsc#1218859) - 5.0.3 ==== yast2-trans ==== Version update (84.87.20240112.f631673f01 -> 84.87.20240120.54f4b9f06a) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20240120.54f4b9f06a: * New POT for text domain 'sap-installation-wizard'. * Translated using Weblate (Indonesian) * Translated using Weblate (Indonesian) * Translated using Weblate (Indonesian) ==== zbar ==== Version update (0.23.90 -> 0.23.93) - Update to 0.23.93: * Set a better dpi resolution when parsing PDF files * Fix memory recycle bug of empty symbols * Fix compilation with python 3.11 and 3.12 * CVE-2023-40889: Fix array out-of-bounds access * Stop ignoring non-binary entries that follow binary ones * Increase allocated buffer memory for symbols * barcodetest.py: fix error code print logic * convert: Crash fixing while using camera * Add some pod information for additional functions * perl skip more tests if DISPLAY not set and set prereqs in Makefile.PL * Fixes rt.cpan.org 122061 - test fails when DISPLAY not set * Update Barcode::ZBar * isaac: ensure proper order of parsing expression * Enforce x11 backend even on wayland * zbarimg: add the --polygon option * xml output: Add polygon containing code bar. * configure.ac: drop support for Qt4 and prepare for Qt6 support * win: fix compiling error in Visual studio * Enforce a coding style * configure.ac: fix some issues with gtk parameter * zbargtk: fix version check macros * zbar: Address some header issues * zbar, test: fix compilation issues with FreeBSD * zbar: Function stdcall declaration issue. * symbol: make it compatible with MSC * zbar: change the code to make it c90 standard compatible * test: fix decode test - Drop upstreamed patches: * zbar-CVE-2023-40889.patch * zbar-CVE-2023-40890.patch * py311.patch - Add patch to fix build see gh#mchehab/zbar#277: * zbar-configure.patch * zbar-pkgconfig.patch ==== zchunk ==== Version update (1.3.2 -> 1.4.0) - update to 1.4.0: * Rework hash code to support openSSL 3.x EVP API * memory leak fix * tests for invalid zchunk files * More statistics in zchunk_delta_info * avoid infinite loop under certain conditions * Add zck_get_chunk_ctx function to get context from chunk [View Less]

2 1

New Arm Tumbleweed snapshot 20240111 released!
by Guillaume Gardet 02 Oct '24

02 Oct '24

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.… [View More]org/openSUSE:Submitting_bug_reports Packages changed: certmonger (0.79.15 -> 0.79.19) eog (45.1 -> 45.2) git gnome-remote-desktop (45.0 -> 45.1) gnome-shell (45.2 -> 45.3) grub2 (2.12~rc1 -> 2.12) gstreamer-plugins-rs gvfs (1.52.1 -> 1.52.2) hwdata (0.377 -> 0.378) libcap-ng (0.8.3 -> 0.8.4) libgxps (0.3.2 -> 0.3.2+5) libstorage-ng (4.5.170 -> 4.5.171) libxkbcommon libzypp (17.31.27 -> 17.31.28) mdadm mpg123 (1.32.3 -> 1.32.4) mutter (45.2 -> 45.3) ncurses (6.4.20231202 -> 6.4.20240106) nodejs21 (21.4.0 -> 21.5.0) publicsuffix (20231213 -> 20240107) redis (7.2.3 -> 7.2.4) sg3_utils (1.48+6.7f43e14 -> 1.48+7.63e63cb) shadow transmission (4.0.4 -> 4.0.5) yast2-core (5.0.1 -> 5.0.2) yast2-packager (5.0.1 -> 5.0.2) === Details === ==== certmonger ==== Version update (0.79.15 -> 0.79.19) - Update to 0.79.19 - Removed 0001-Disable-DSA-in-the-RPM-spec.patch - Added 0001-Update-tests-to-be-compatible-with-OpenSSL-3.2.patch ==== eog ==== Version update (45.1 -> 45.2) - Update to version 45.2: + data: Update appdata. + Updated translations. ==== git ==== Subpackages: git-core git-email git-web perl-Git - gitweb AppArmor profile: allow reading etc/gitweb-common.conf (boo#1218664) ==== gnome-remote-desktop ==== Version update (45.0 -> 45.1) - Update to version 45.1: + session: - Assert region size to be greater than 0 - Add debug message to also output new EI regions - Scale absolute pointer position with respect to the EI region - Clear all EI related instances before dbus session stop call - Only notify keysym when EI keyboard is available - Add struct for absolute pointer motion events + vnc-pipewire-stream: Don't remove buffer while dequeueing it + rdp-pipewire-stream: Don't remove buffer while dequeueing it + Adapt usage of abs pointer motion events to GrdEventPointerMotionAbs + Updated translations. ==== gnome-shell ==== Version update (45.2 -> 45.3) Subpackages: gnome-extensions gnome-shell-calendar - Update to version 45.3: + Allow any enter key to be used to screenshot. + Fix spinner in light style variant. + Improve formatting of extension errors. + Fixed crash. + Misc. bug fixes and cleanups. + Updated translations. - Drop gnome-shell_nb_fix_trans.patch: fixed upstream. ==== grub2 ==== Version update (2.12~rc1 -> 2.12) Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin - Version bump to 2.12 (PED-5589) * Added: - grub-2.12.tar.xz - fix_no_extra_deps_in_release_tarball.patch * Removed: - grub-2.12~rc1.tar.xz * Patch dropped as it merged into new version: - 0001-disk-cryptodisk-Fix-missing-change-when-updating-to-.patch - 0001-fs-btrfs-Zero-file-data-not-backed-by-extents.patch - 0001-fs-ntfs-Fix-an-OOB-write-when-parsing-the-ATTRIBUTE_.patch - 0002-fs-ntfs-Fix-an-OOB-read-when-reading-data-from-the-r.patch - 0003-fs-ntfs-Fix-an-OOB-read-when-parsing-directory-entri.patch - 0004-fs-ntfs-Fix-an-OOB-read-when-parsing-bitmaps-for-ind.patch - 0005-fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-label.patch - 0006-fs-ntfs-Make-code-more-readable.patch - 0001-kern-ieee1275-init-Restrict-high-memory-in-presence-.patch - 0001-fs-xfs-Incorrect-short-form-directory-data-boundary-.patch - 0002-fs-xfs-Fix-XFS-directory-extent-parsing.patch - 0003-fs-xfs-add-large-extent-counters-incompat-feature-su.patch - 0001-mkstandalone-ensure-stable-timestamps-for-generated-.patch - 0002-mkstandalone-ensure-deterministic-tar-file-creation-.patch * Patch adjusted for the updated base version: - use-grub2-as-a-package-name.patch - grub2-s390x-04-grub2-install.patch - grub2-btrfs-04-grub2-install.patch - grub2-ppc64le-disable-video.patch - 0002-AUDIT-0-http-boot-tracker-bug.patch - 0001-Unify-the-check-to-enable-btrfs-relative-path.patch - 0003-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch - 0004-Add-suport-for-signing-grub-with-an-appended-signatu.patch - 0016-grub-install-support-embedding-x509-certificates.patch - 0021-appended-signatures-documentation.patch - 0022-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch - safe_tpm_pcr_snapshot.patch ==== gstreamer-plugins-rs ==== - Increase memory for s390x builds in _constraints. - Update both vendor files and include jsonwebtoken 9.2 in them. - The ring crate only supports s390x since v0.17.0 and jsonwebtoken 8 uses an older version, so we now patch livekit-api to use jsonwebtoken 9(.2) which allows to build the package in s390x (bsc#1218563). ==== gvfs ==== Version update (1.52.1 -> 1.52.2) Subpackages: gvfs-backend-afc gvfs-backend-goa gvfs-backend-samba gvfs-backends gvfs-fuse - Update to version 1.52.2: + smb: Fix livelock when mounting share without enough permissions. + smb: Fi moving files across filesystem boundaries. + Updated transltions. ==== hwdata ==== Version update (0.377 -> 0.378) - update to 0.378: * Update pci, usb and vendor ids ==== libcap-ng ==== Version update (0.8.3 -> 0.8.4) - Update to version 0.8.4 * In capng_change_id, clear PR_SET_KEEPCAPS if returning an error * pscap: add -p option for reporting a specified process * Annotate function prototypes to warn if results are unused * Drop python2 support ==== libgxps ==== Version update (0.3.2 -> 0.3.2+5) - Update to version 0.3.2+5: + DOAP: Fix 'bug-database' value to point to GNOME GitLab Issues + images: - For jpeg images try to get the image resolution from exif first - Add support for jpeg images with CMYK color space + Fix compiler warnings + Fix meson warnings - Switch to git checkout via source service, use explicit commit. - Use ldconfig_scriptlets macro for post(un) handling. - Update URL to new home. - Drop no longer needed libgxps-rpmlintrc. ==== libstorage-ng ==== Version update (4.5.170 -> 4.5.171) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#977 - provide light_probe function with SystemInfo parameter - 4.5.171 ==== libxkbcommon ==== Subpackages: libxkbcommon-x11-0 libxkbcommon0 libxkbregistry0 - add libxkbregistry-devel to baselibs for use by wine-32bit. (bsc#1218640) ==== libzypp ==== Version update (17.31.27 -> 17.31.28) - Fix to build with libxml 2.12.x (fixes #505) - version 17.31.28 (22) ==== mdadm ==== - Update mdadm to latest upstream state upto commit 582945c2d3bb. (jsc#PED-7542) 1) The testing changes are not included here. 2) Code clean up, and more helper routines added for Manage.c, Monitor.c, mdadm.c, ReadMe.c, super-intel.c, super0.c, super1.c, Create.c, Incremental.c and so on. 3) Man page update for mdadm.8.in. 4) Several memory leak and double free fixes. 5) Check /etc/initrd-release for whether systemd running on an initrd. - Manage: Block unsafe member failing 0062-Manage-Block-unsafe-member-failing.patch - Mdmonitor: Split alert() into separate functions 0063-Mdmonitor-Split-alert-into-separate-functions.patch - Monitor: block if monitor modes are combined. 0064-Monitor-block-if-monitor-modes-are-combined.patch - Update mdadm Monitor manual. 0065-Update-mdadm-Monitor-manual.patch - mdadm: create ident_init() 0066-mdadm-create-ident_init.patch - mdadm: Add option validation for --update-subarray 0067-mdadm-Add-option-validation-for-update-subarray.patch - Fix --update-subarray on active volume 0068-Fix-update-subarray-on-active-volume.patch - Add code specific update options to enum. 0069-Add-code-specific-update-options-to-enum.patch - super-ddf: Remove update_super_ddf. 0070-super-ddf-Remove-update_super_ddf.patch - super0: refactor the code for enum 0071-super0-refactor-the-code-for-enum.patch - super1: refactor the code for enum 0072-super1-refactor-the-code-for-enum.patch - super-intel: refactor the code for enum 0073-super-intel-refactor-the-code-for-enum.patch - Change update to enum in update_super and update_subarray 0074-Change-update-to-enum-in-update_super-and-update_sub.patch - Manage&Incremental: code refactor, string to enum 0075-Manage-Incremental-code-refactor-string-to-enum.patch - Change char* to enum in context->update & refactor code 0076-Change-char-to-enum-in-context-update-refactor-code.patch - mdadm/udev: Don't handle change event on raw devices 0077-mdadm-udev-Don-t-handle-change-event-on-raw-devices.patch - Manage: do not check array state when drive is removed 0078-Manage-do-not-check-array-state-when-drive-is-remove.patch - incremental, manage: do not verify if remove is safe 0079-incremental-manage-do-not-verify-if-remove-is-safe.patch - super-intel: make freesize not required for chunk size 0080-super-intel-make-freesize-not-required-for-chunk-siz.patch - manage: move comment with function description 0081-manage-move-comment-with-function-description.patch - Fix NULL dereference in super_by_fd 0082-Fix-NULL-dereference-in-super_by_fd.patch - Mdmonitor: Make alert_info global 0083-Mdmonitor-Make-alert_info-global.patch - Mdmonitor: Pass events to alert() using enums instead of 0084-Mdmonitor-Pass-events-to-alert-using-enums-instead-o.patch - Mdmonitor: Add helper functions 0085-Mdmonitor-Add-helper-functions.patch - Add helpers to determine whether directories or files are 0086-Add-helpers-to-determine-whether-directories-or-file.patch - Mdmonitor: Refactor write_autorebuild_pid() 0087-Mdmonitor-Refactor-write_autorebuild_pid.patch - Mdmonitor: Refactor check_one_sharer() for better error 0088-Mdmonitor-Refactor-check_one_sharer-for-better-error.patch - util.c: reorder code lines in parse_layout_faulty() 0089-util.c-reorder-code-lines-in-parse_layout_faulty.patch - util.c: fix memleak in parse_layout_faulty() 0090-util.c-fix-memleak-in-parse_layout_faulty.patch - Detail.c: fix memleak in Detail() 0091-Detail.c-fix-memleak-in-Detail.patch - isuper-intel.c: fix double free in load_imsm_mpb() 0092-isuper-intel.c-fix-double-free-in-load_imsm_mpb.patch - super-intel.c: fix memleak in find_disk_attached_hba() 0093-super-intel.c-fix-memleak-in-find_disk_attached_hba.patch - super-ddf.c: fix memleak in get_vd_num_of_subarray() 0094-super-ddf.c-fix-memleak-in-get_vd_num_of_subarray.patch - Create: goto abort_locked instead of return 1 in error path 0095-Create-goto-abort_locked-instead-of-return-1-in-erro.patch - Create: remove safe_mode_delay local variable 0096-Create-remove-safe_mode_delay-local-variable.patch - Create: Factor out add_disks() helpers 0097-Create-Factor-out-add_disks-helpers.patch - mdadm: Introduce pr_info() 0098-mdadm-Introduce-pr_info.patch - mdadm: Add --write-zeros option for Create 0099-mdadm-Add-write-zeros-option-for-Create.patch - manpage: Add --write-zeroes option to manpage 0100-manpage-Add-write-zeroes-option-to-manpage.patch - Define alignof using _Alignof when using C11 or newer 0101-Define-alignof-using-_Alignof-when-using-C11-or-newe.patch - Use existence of /etc/initrd-release to detect initrd. 0102-Use-existence-of-etc-initrd-release-to-detect-initrd.patch - Create: Fix checking for container in update_metadata 0103-Create-Fix-checking-for-container-in-update_metadata.patch ==== mpg123 ==== Version update (1.32.3 -> 1.32.4) Subpackages: libmpg123-0 mpg123-openal - Update to version 1.32.4 build: * Reorganize shared headers, API headers into src/include. * Use relative include paths, avoiding internal directories in CPPFLAGS except for config.h. * Group C99 feature checks and make several standard headers mandatory. * Get rid of SIZE_P, OFF_P and friends. * Only enforce dummy module together with libout123, to be able to build individual modules using --disable-components logic. out123: * added --libversion libmpg123: * Avoid indirect branches into the assembly routines by using C wrappers also for dct36, relieving us of the need to care for bti / endbr i nstructions for control flow integrity. ==== mutter ==== Version update (45.2 -> 45.3) - Update to version 45.3: + Fix handling of relative mode for tablets. + Fix forcing EGLStream with NVIDIA proprietary driver. + Sync geometry only when window is mapped. + Improve repick due to transform changes. + wayland/client: Add make_desktop() method. + Fix occasional artifacts at top of X11 fullscreen windows. + background: Fix background color around image. + Fixed crashes. + Plugged leaks. + Misc. bug fixes and cleanups. + Updated translations. ==== ncurses ==== Version update (6.4.20231202 -> 6.4.20240106) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add foot to terminfo-base. It's the most compliant wayland terminal emulator according to https://github.com/dankamongmen/notcurses/blob/master/TERMINALS.md - Add ncurses patch 20240106 + use ansi+arrows, ansi+apparrows, ansi+csr, ansi+erase, ansi+idc, ansi+idc1, ansi+idl, ansi+idl1, ansi+inittabs to trim -TD + minor manpage formatting changes for consistency. + modify doc-html test package's install-directory, per lintian. + add attr_get.3x to man_db.renames.in (patch by Sven Joachim). - Add ncurses patch 20231230 + improve formatting/style of manpages (patches by Branden Robinson). + add ms-vt100-16color, winconsole -TD + add rio, rio-direct -TD + add mostlike -TD + add wezterm, contour -TD - Add ncurses patch 20231223 + improve formatting/style of manpages (patches by Branden Robinson). - Add ncurses patch 20231217 + improve formatting/style of manpages (patches by Branden Robinson). + correct an assignment in infocmp "-u" for detecting if a boolean is unset in a base entry and set in a use'd chunk, i.e., if it was cancelled. + modify infocmp "-u" option to not report cancels for strings which were already cancelled in a use'd chunk. + join two lines in infotocap.3x to eliminate a spurious "description" link in installed manpages (report by Sven Joachim). + fix typo in NEWS (report by Sven Joachim). - Port patches * ncurses-5.9-ibm327x.dif * ncurses-6.4.dif ==== nodejs21 ==== Version update (21.4.0 -> 21.5.0) Subpackages: npm21 - Update to 21.5.0: * module: merge config with package_json_reader * src: move package resolver to c++ * doc: + deprecate hash constructor + deprecate dirent.path - linker_lto_jobs.patch: refreshed ==== publicsuffix ==== Version update (20231213 -> 20240107) - Update to version 20240107: * Remove homeoffice.gov.uk (#1909) * util: gTLD data autopull updates for 2024-01-06T15:12:04 UTC (#1918) ==== redis ==== Version update (7.2.3 -> 7.2.4) - redis 7.2.4: (boo#1218646) - Security fixes - (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution. - Bug fixes - Fix crashes of cluster commands clusters with mixed versions of 7.0 and 7.2 (#12805, #12832) - Fix slot ownership not being properly handled when deleting a slot from a node (#12564) - Fix atomicity issues with the RedisModuleEvent_Key module API event (#12733) ==== sg3_utils ==== Version update (1.48+6.7f43e14 -> 1.48+7.63e63cb) Subpackages: libsgutils2-1_48-2 - Fix spurious warning for non-SCSI devices (boo#1218666) ==== shadow ==== Subpackages: libsubid4 login_defs - bsc#1199026 bsc#1203823: Remove pam_keyinit from PAM configuration. This was introduced for bsc#1144060. ==== transmission ==== Version update (4.0.4 -> 4.0.5) Subpackages: transmission-common transmission-gtk - Update to version 4.0.5: + Fixed 4.0.0 bug where the IP address field in UDP announces were not encoded in network byte order. + Fixed a bug that incorrectly escaped JSON strings in some locales. + Fixed 4.0.4 decreased download speeds for people who set a low upload bandwidth limit. + Fixed bug that prevented editing trackers on magnet links. + Fixed HTTP tracker announces and scrapes sometimes failing after adding a torrent file by HTTPS URL. + In RPC responses, change the default sort order of torrents to match Transmission 3.00. + Fixed tr_sys_path_copy() behavior on some Synology Devices. + Fix: only append .added suffix to watchdir files. + Fixed crash when opening torrent file from "Recently used" section in GTK 4. ==== yast2-core ==== Version update (5.0.1 -> 5.0.2) - Don't close file descriptors in .target.bash calls (bsc#1218064) avoiding "[ASYNC BUG] rb_thread_wakeup_timer_thread: write(3) EBADF" with Ruby 3.3 - 5.0.2 ==== yast2-packager ==== Version update (5.0.1 -> 5.0.2) - After installation disable the empty installation repository from the SLE15 Online medium (bsc#1182303) - 5.0.2 [View Less]

2 1

New Arm Tumbleweed snapshot 20240414 released!
by Guillaume Gardet 02 Oct '24

02 Oct '24

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.… [View More]org/openSUSE:Submitting_bug_reports Packages changed: apache2 (2.4.58 -> 2.4.59) apache2-manual (2.4.58 -> 2.4.59) apache2-prefork (2.4.58 -> 2.4.59) apache2-utils (2.4.58 -> 2.4.59) btrfsmaintenance emacs emacs-jinx (1.4 -> 1.6) f2fs-tools (1.15.0 -> 1.16.0) freerdp2 gcr (4.2.1 -> 4.3.0) gettext-runtime gnome-control-center gnome-online-accounts (3.50.0 -> 3.50.1) gnome-text-editor (46.0 -> 46.1) gobject-introspection gom (0.5.0 -> 0.5.1) gptfdisk (1.0.9 -> 1.0.10) grep gupnp jack kernel-source (6.8.4 -> 6.8.5) lensfun liblouis libquicktime libssh miniupnpc (2.2.5 -> 2.2.6) multipath-tools (0.9.8+87+suse.f72b9f3 -> 0.9.8+88+suse.d504d83) openSUSE-build-key openSUSE-release (20240410 -> 20240414) openssh ovmf pam (1.6.0 -> 1.6.1) pam-config (2.11 -> 2.11+git.20240411) pam-full-src (1.6.0 -> 1.6.1) patterns-kde perl pipewire postfix python-Pillow schily texlive transactional-update (4.6.0 -> 4.6.5) update-alternatives (1.22.5 -> 1.22.6) vim (9.1.0151 -> 9.1.0301) xfce4-branding-openSUSE (4.18.0+git1.8b02118 -> 4.18.0+git4.79f6d44) xorg-x11-server xz zxcvbn === Details === ==== apache2 ==== Version update (2.4.58 -> 2.4.59) - Update to 2.4.59: * ) mod_deflate: Fixes and better logging for handling various error and edge cases. [Eric Covener, Yann Ylavic, Joe Orton, Eric Norris <enorris etsy.com>] * ) Add CGIScriptTimeout to mod_cgi. [Eric Covener] * ) mod_xml2enc: Tolerate libxml2 2.12.0 and later. PR 68610 [ttachi <tachihara AT hotmail.com>] * ) mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable. [Jean-Frederic Clere] * ) mod_ssl: Use OpenSSL-standard functions to assemble CA name lists for SSLCACertificatePath/SSLCADNRequestPath. Names will now be consistently sorted. PR 61574. [Joe Orton] * ) mod_xml2enc: Update check to accept any text/ media type or any XML media type per RFC 7303, avoiding corruption of Microsoft OOXML formats. PR 64339. [Joseph Heenan <joseph.heenan fintechlabs.io>, Joe Orton] * ) mod_http2: v2.0.26 with the following fixes: - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes <https://github.com/icing/mod_h2/issues/272>. - Fixed small memory leak in h2 header bucket free. Thanks to Michael Kaufmann for finding this and providing the fix. * ) htcacheclean: In -a/-A mode, list all files per subdirectory rather than only one. PR 65091. [Artem Egorenkov <aegorenkov.91 gmail.com>] * ) mod_ssl: SSLProxyMachineCertificateFile/Path may reference files which include CA certificates; those CA certs are treated as if configured with SSLProxyMachineCertificateChainFile. [Joe Orton] * ) htpasswd, htdbm, dbmmanage: Update help&docs to refer to "hashing", rather than "encrypting" passwords. [Michele Preziuso <mpreziuso kaosdynamics.com>] * ) mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047. [Giovanni Bechis, Yann Ylavic] * ) htpasswd: Add support for passwords using SHA-2. [Joe Orton, Yann Ylavic] * ) core: Allow mod_env to override system environment vars. [Joe Orton] * ) Allow mod_dav_fs to tolerate race conditions between PROPFIND and an operation which removes a directory/file between apr_dir_read() and apr_stat(). Current behaviour is to abort the connection which seems inferior to tolerating (and logging) the error. [Joe Orton] * ) mod_ldap: HTML-escape data in the ldap-status handler. [Eric Covener, Chamal De Silva] * ) mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set. Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available, notably with OpenSSL >= 3. PR 68080. [Yann Ylavic, Joe Orton] * ) mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice). [Yann Ylavic] * ) mod_ssl: release memory to the OS when needed. [Giovanni Bechis] * ) mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when some dollar substitution (backreference) happens in the hostname or port part of the URL. [Yann Ylavic] * ) mod_proxy: Allow to set a TTL for how long DNS resolutions to backend systems are cached. [Yann Ylavic] * ) mod_proxy: Add optional third argument for ProxyRemote, which configures Basic authentication credentials to pass to the remote proxy. PR 37355. [Joe Orton] ==== apache2-manual ==== Version update (2.4.58 -> 2.4.59) - Update to 2.4.59: * ) mod_deflate: Fixes and better logging for handling various error and edge cases. [Eric Covener, Yann Ylavic, Joe Orton, Eric Norris <enorris etsy.com>] * ) Add CGIScriptTimeout to mod_cgi. [Eric Covener] * ) mod_xml2enc: Tolerate libxml2 2.12.0 and later. PR 68610 [ttachi <tachihara AT hotmail.com>] * ) mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable. [Jean-Frederic Clere] * ) mod_ssl: Use OpenSSL-standard functions to assemble CA name lists for SSLCACertificatePath/SSLCADNRequestPath. Names will now be consistently sorted. PR 61574. [Joe Orton] * ) mod_xml2enc: Update check to accept any text/ media type or any XML media type per RFC 7303, avoiding corruption of Microsoft OOXML formats. PR 64339. [Joseph Heenan <joseph.heenan fintechlabs.io>, Joe Orton] * ) mod_http2: v2.0.26 with the following fixes: - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes <https://github.com/icing/mod_h2/issues/272>. - Fixed small memory leak in h2 header bucket free. Thanks to Michael Kaufmann for finding this and providing the fix. * ) htcacheclean: In -a/-A mode, list all files per subdirectory rather than only one. PR 65091. [Artem Egorenkov <aegorenkov.91 gmail.com>] * ) mod_ssl: SSLProxyMachineCertificateFile/Path may reference files which include CA certificates; those CA certs are treated as if configured with SSLProxyMachineCertificateChainFile. [Joe Orton] * ) htpasswd, htdbm, dbmmanage: Update help&docs to refer to "hashing", rather than "encrypting" passwords. [Michele Preziuso <mpreziuso kaosdynamics.com>] * ) mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047. [Giovanni Bechis, Yann Ylavic] * ) htpasswd: Add support for passwords using SHA-2. [Joe Orton, Yann Ylavic] * ) core: Allow mod_env to override system environment vars. [Joe Orton] * ) Allow mod_dav_fs to tolerate race conditions between PROPFIND and an operation which removes a directory/file between apr_dir_read() and apr_stat(). Current behaviour is to abort the connection which seems inferior to tolerating (and logging) the error. [Joe Orton] * ) mod_ldap: HTML-escape data in the ldap-status handler. [Eric Covener, Chamal De Silva] * ) mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set. Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available, notably with OpenSSL >= 3. PR 68080. [Yann Ylavic, Joe Orton] * ) mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice). [Yann Ylavic] * ) mod_ssl: release memory to the OS when needed. [Giovanni Bechis] * ) mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when some dollar substitution (backreference) happens in the hostname or port part of the URL. [Yann Ylavic] * ) mod_proxy: Allow to set a TTL for how long DNS resolutions to backend systems are cached. [Yann Ylavic] * ) mod_proxy: Add optional third argument for ProxyRemote, which configures Basic authentication credentials to pass to the remote proxy. PR 37355. [Joe Orton] ==== apache2-prefork ==== Version update (2.4.58 -> 2.4.59) - Update to 2.4.59: * ) mod_deflate: Fixes and better logging for handling various error and edge cases. [Eric Covener, Yann Ylavic, Joe Orton, Eric Norris <enorris etsy.com>] * ) Add CGIScriptTimeout to mod_cgi. [Eric Covener] * ) mod_xml2enc: Tolerate libxml2 2.12.0 and later. PR 68610 [ttachi <tachihara AT hotmail.com>] * ) mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable. [Jean-Frederic Clere] * ) mod_ssl: Use OpenSSL-standard functions to assemble CA name lists for SSLCACertificatePath/SSLCADNRequestPath. Names will now be consistently sorted. PR 61574. [Joe Orton] * ) mod_xml2enc: Update check to accept any text/ media type or any XML media type per RFC 7303, avoiding corruption of Microsoft OOXML formats. PR 64339. [Joseph Heenan <joseph.heenan fintechlabs.io>, Joe Orton] * ) mod_http2: v2.0.26 with the following fixes: - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes <https://github.com/icing/mod_h2/issues/272>. - Fixed small memory leak in h2 header bucket free. Thanks to Michael Kaufmann for finding this and providing the fix. * ) htcacheclean: In -a/-A mode, list all files per subdirectory rather than only one. PR 65091. [Artem Egorenkov <aegorenkov.91 gmail.com>] * ) mod_ssl: SSLProxyMachineCertificateFile/Path may reference files which include CA certificates; those CA certs are treated as if configured with SSLProxyMachineCertificateChainFile. [Joe Orton] * ) htpasswd, htdbm, dbmmanage: Update help&docs to refer to "hashing", rather than "encrypting" passwords. [Michele Preziuso <mpreziuso kaosdynamics.com>] * ) mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047. [Giovanni Bechis, Yann Ylavic] * ) htpasswd: Add support for passwords using SHA-2. [Joe Orton, Yann Ylavic] * ) core: Allow mod_env to override system environment vars. [Joe Orton] * ) Allow mod_dav_fs to tolerate race conditions between PROPFIND and an operation which removes a directory/file between apr_dir_read() and apr_stat(). Current behaviour is to abort the connection which seems inferior to tolerating (and logging) the error. [Joe Orton] * ) mod_ldap: HTML-escape data in the ldap-status handler. [Eric Covener, Chamal De Silva] * ) mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set. Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available, notably with OpenSSL >= 3. PR 68080. [Yann Ylavic, Joe Orton] * ) mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice). [Yann Ylavic] * ) mod_ssl: release memory to the OS when needed. [Giovanni Bechis] * ) mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when some dollar substitution (backreference) happens in the hostname or port part of the URL. [Yann Ylavic] * ) mod_proxy: Allow to set a TTL for how long DNS resolutions to backend systems are cached. [Yann Ylavic] * ) mod_proxy: Add optional third argument for ProxyRemote, which configures Basic authentication credentials to pass to the remote proxy. PR 37355. [Joe Orton] ==== apache2-utils ==== Version update (2.4.58 -> 2.4.59) - Update to 2.4.59: * ) mod_deflate: Fixes and better logging for handling various error and edge cases. [Eric Covener, Yann Ylavic, Joe Orton, Eric Norris <enorris etsy.com>] * ) Add CGIScriptTimeout to mod_cgi. [Eric Covener] * ) mod_xml2enc: Tolerate libxml2 2.12.0 and later. PR 68610 [ttachi <tachihara AT hotmail.com>] * ) mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable. [Jean-Frederic Clere] * ) mod_ssl: Use OpenSSL-standard functions to assemble CA name lists for SSLCACertificatePath/SSLCADNRequestPath. Names will now be consistently sorted. PR 61574. [Joe Orton] * ) mod_xml2enc: Update check to accept any text/ media type or any XML media type per RFC 7303, avoiding corruption of Microsoft OOXML formats. PR 64339. [Joseph Heenan <joseph.heenan fintechlabs.io>, Joe Orton] * ) mod_http2: v2.0.26 with the following fixes: - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes <https://github.com/icing/mod_h2/issues/272>. - Fixed small memory leak in h2 header bucket free. Thanks to Michael Kaufmann for finding this and providing the fix. * ) htcacheclean: In -a/-A mode, list all files per subdirectory rather than only one. PR 65091. [Artem Egorenkov <aegorenkov.91 gmail.com>] * ) mod_ssl: SSLProxyMachineCertificateFile/Path may reference files which include CA certificates; those CA certs are treated as if configured with SSLProxyMachineCertificateChainFile. [Joe Orton] * ) htpasswd, htdbm, dbmmanage: Update help&docs to refer to "hashing", rather than "encrypting" passwords. [Michele Preziuso <mpreziuso kaosdynamics.com>] * ) mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047. [Giovanni Bechis, Yann Ylavic] * ) htpasswd: Add support for passwords using SHA-2. [Joe Orton, Yann Ylavic] * ) core: Allow mod_env to override system environment vars. [Joe Orton] * ) Allow mod_dav_fs to tolerate race conditions between PROPFIND and an operation which removes a directory/file between apr_dir_read() and apr_stat(). Current behaviour is to abort the connection which seems inferior to tolerating (and logging) the error. [Joe Orton] * ) mod_ldap: HTML-escape data in the ldap-status handler. [Eric Covener, Chamal De Silva] * ) mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set. Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available, notably with OpenSSL >= 3. PR 68080. [Yann Ylavic, Joe Orton] * ) mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice). [Yann Ylavic] * ) mod_ssl: release memory to the OS when needed. [Giovanni Bechis] * ) mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when some dollar substitution (backreference) happens in the hostname or port part of the URL. [Yann Ylavic] * ) mod_proxy: Allow to set a TTL for how long DNS resolutions to backend systems are cached. [Yann Ylavic] * ) mod_proxy: Add optional third argument for ProxyRemote, which configures Basic authentication credentials to pass to the remote proxy. PR 37355. [Joe Orton] ==== btrfsmaintenance ==== - Use full URL for Source0 (.gz compressed as upstream does not ship .bz2 ones). ==== emacs ==== Subpackages: emacs-el emacs-eln emacs-info emacs-nox etags - Modify patch emacs-25.1-custom-fonts.patch * include math.h for all kinds of fonts handling (boo#1222637) - Modify patch emacs-27.1-Xauthority4server.patch * Add After=graphical-session.target in emacs.service (boo#1222172) ==== emacs-jinx ==== Version update (1.4 -> 1.6) - Rebase 0001-Only-export-necessary-symbols.-Fixes-105.patch against 1.6 - Update to version 1.6: * Fix jinx-mode reentrancy issue #gh/minad/jinx#158 * Ensure that directory local variables work correctly with Jinx. It is possible to turn Jinx on or off via dir-locals, and also configure the language and local words. * jinx-mod: Add global ref Qcons * jinx-next: Unfold hidden misspelling ==== f2fs-tools ==== Version update (1.15.0 -> 1.16.0) - update to 1.16.0: * Various bug fixes in fsck and mkfs for zoned device support. ==== freerdp2 ==== Subpackages: libfreerdp2-2 libwinpr2-2 - Add patch to avoid unneeded dependencies when using winpr-devel: * 0001-Don-t-add-winpr-cli-tools-to-exported-CMake-targets.patch ==== gcr ==== Version update (4.2.1 -> 4.3.0) Subpackages: gcr-ssh-agent gcr-ssh-askpass gcr-viewer libgck-2-2 libgcr-4-4 typelib-1_0-Gck-2 typelib-1_0-Gcr-4 - Update to version 4.3.0: + certificate: Add API to retrieve version. + Bump required GnuTLS version to 3.8.5. + Avoid potential integer overflow spotted by UBSan> + Support GnuTLS as an alternative crypto backend. + Updated translations. ==== gettext-runtime ==== Subpackages: libtextstyle0 - Add missing Requires: find to gettext-tools ==== gnome-control-center ==== Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-user-faces gnome-control-center-users - Add gnome-control-center-datetime-Avoid-emitting-the-time-changed-signal.patch: Avoid emitting the time-changed signal (bsc#1222149, bsc#1221799, glgo#GNOME/gnome-control-center#2943). ==== gnome-online-accounts ==== Version update (3.50.0 -> 3.50.1) Subpackages: libgoa-1_0-0 libgoa-backend-1_0-2 - Update to version 3.50.1: + Fix translation domain in account dialogs. + Fix OAuth 2.0 URI handler for some users. + Fix crash in Kerberos/Fedora provider. + Improved WebDAV support for Fastmail and mailbox.org. + Fixes for WebDAV discovery. + OAuth 2.0 PKCE support. + Fix issues caught by static analysis. + Update Microsoft Client ID. + Updated translations. ==== gnome-text-editor ==== Version update (46.0 -> 46.1) - Update to version 46.1: + Remove DBusActicatable=true from the .desktop file to fix an issue where you could spawn Text Editor via D-Bus and not have the session restored at startup. + AppData fixes. + Updated translations. - Drop data-desktop-disable-DBusActivatable.patch: fixed upstream. ==== gobject-introspection ==== Subpackages: girepository-1_0 libgirepository-1_0-1 - gi-find-deps.sh: further expand on the java script scanner. ==== gom ==== Version update (0.5.0 -> 0.5.1) - Update to version 0.5.1: + Reduce object inflation overhead in GType system usage. + Avoid some allocations in hot paths. + Avoid hashtables for resourcegroup items. + Avoid use of weak pointers when unnecessary. ==== gptfdisk ==== Version update (1.0.9 -> 1.0.10) - Update to release 1.0.10 * Fix failure & crash of sgdisk when compiled with latest popt * Fix NULL dereference when duplicating string argument * Allow partition dynamically allocated by --largest-new to be referenced by other options * Truncate decimal inputs (e.g. "9.5G" becomes "9G") * New partition type codes from the Discoverable Partitions Specification - Delete 0001-Fix-failure-crash-of-sgdisk-when-compiled-with-lates.patch gptfdisk-1.0.9-libuuid.patch, gptfdisk-fix-null-pointer-dereference.patch (merged) ==== grep ==== - restore texinfo macros for SLE15 ==== gupnp ==== - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [bsc#1212476] ==== jack ==== Subpackages: jack-dbus libjack0 - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [bsc#1212476] ==== kernel-source ==== Version update (6.8.4 -> 6.8.5) - gcc-plugins/stackleak: Avoid .head.text section (git-fixes). - commit 542f698 - Linux 6.8.5 (bsc#1012628). - x86: set SPECTRE_BHI_ON as default (bsc#1012628). - KVM: x86: Add BHI_NO (bsc#1012628). - x86/bhi: Mitigate KVM by default (bsc#1012628). - x86/bhi: Add BHI mitigation knob (bsc#1012628 bsc#1217339 CVE-2024-2201). - Update config files (set SPECTRE_BHI_ON=y which is the default later). - x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1012628). - x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1012628). - x86/bhi: Add support for clearing branch history at syscall entry (bsc#1012628). - x86/syscall: Don't force use of indirect calls for system calls (bsc#1012628). - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (bsc#1012628). - x86/efistub: Remap kernel text read-only before dropping NX attribute (bsc#1012628). - x86/sev: Move early startup code into .head.text section (bsc#1012628). - x86/sme: Move early SME kernel encryption handling into .head.text (bsc#1012628). - x86/boot: Move mem_encrypt= parsing to the decompressor (bsc#1012628). - efi/libstub: Add generic support for parsing mem_encrypt= (bsc#1012628). - bpf: support deferring bpf_link dealloc to after RCU grace period (bsc#1012628). - bpf: put uprobe link's path and task in release callback (bsc#1012628). - Revert "x86/mpparse: Register APIC address only once" (bsc#1012628). - drm/xe: Rework rebinding (bsc#1012628). - drm/xe: Use ring ops TLB invalidation for rebinds (bsc#1012628). - drm/i915/gt: Enable only one CCS for compute workload (bsc#1012628). - drm/i915/gt: Do not generate the command streamer for all the CCS (bsc#1012628). - drm/i915/gt: Disable HW load balancing for CCS (bsc#1012628). - drm/i915/dp: Fix the computation for compressed_bpp for DISPLAY < 13 (bsc#1012628). - drm/i915/mst: Reject FEC+MST on ICL (bsc#1012628). - drm/i915/mst: Limit MST+DSC to TGL+ (bsc#1012628). - smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1012628). - smb: client: fix potential UAF in smb2_is_network_name_deleted() (bsc#1012628). - smb: client: fix potential UAF in is_valid_oplock_break() (bsc#1012628). - smb: client: fix potential UAF in smb2_is_valid_lease_break() (bsc#1012628). - smb: client: fix potential UAF in smb2_is_valid_oplock_break() (bsc#1012628). - smb: client: fix potential UAF in cifs_dump_full_key() (bsc#1012628). - smb: client: fix potential UAF in cifs_stats_proc_show() (bsc#1012628). - smb: client: fix potential UAF in cifs_stats_proc_write() (bsc#1012628). - smb: client: fix potential UAF in cifs_debug_files_proc_show() (bsc#1012628). - smb3: retrying on failed server close (bsc#1012628). - smb: client: serialise cifs_construct_tcon() with cifs_mount_mutex (bsc#1012628). - smb: client: handle DFS tcons in cifs_construct_tcon() (bsc#1012628). - smb: client: refresh referral without acquiring refpath_lock (bsc#1012628). - smb: client: guarantee refcounted children from parent session (bsc#1012628). - smb: client: fix UAF in smb2_reconnect_server() (bsc#1012628). - riscv: process: Fix kernel gp leakage (bsc#1012628). - riscv: Fix spurious errors from __get/put_kernel_nofault (bsc#1012628). - s390/entry: align system call table on 8 bytes (bsc#1012628). - selftests/mm: include strings.h for ffsl (bsc#1012628). - mm/secretmem: fix GUP-fast succeeding on secretmem folios (bsc#1012628). - arm64/ptrace: Use saved floating point state type to determine SVE layout (bsc#1012628). - riscv: Fix vector state restore in rt_sigreturn() (bsc#1012628). - aio: Fix null ptr deref in aio_complete() wakeup (bsc#1012628). - perf/x86/intel/ds: Don't clear ->pebs_data_cfg for the last PEBS event (bsc#1012628). - x86/coco: Require seeding RNG with RDRAND on CoCo systems (bsc#1012628). - x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (bsc#1012628). - x86/mm/pat: fix VM_PAT handling in COW mappings (bsc#1012628). - of: module: prevent NULL pointer dereference in vsnprintf() (bsc#1012628). - of: dynamic: Synchronize of_changeset_destroy() with the devlink removals (bsc#1012628). - driver core: Introduce device_link_wait_removal() (bsc#1012628). - ASoC: SOF: Intel: hda: Compensate LLP in case it is not reset (bsc#1012628). - ASoC: SOF: ipc4-pcm: Correct the delay calculation (bsc#1012628). ... changelog too long, skipping 395 lines ... - commit f362b5c ==== lensfun ==== Subpackages: lensfun-data liblensfun1 - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [bsc#1212476] ==== liblouis ==== Subpackages: liblouis-data liblouis20 python3-louis - Run python tests in %check ==== libquicktime ==== - Fix build with GCC 14, bsc#1221701 * fix-gcc14-build.patch ==== libssh ==== Subpackages: libssh-config libssh4 - Don't change the path for crypto-policies libssh.config (bsc#1222716) ==== miniupnpc ==== Version update (2.2.5 -> 2.2.6) - update to 2.2.6: * includes charset="utf-8" in Content-Type * fix memory allocation error in minissdpc.c * Make User-Agent compliant. * add new binary listdevices => upnp-listdevices - added %check section to run unit tests ==== multipath-tools ==== Version update (0.9.8+87+suse.f72b9f3 -> 0.9.8+88+suse.d504d83) Subpackages: kpartx libmpath0 - Update to version 0.9.8+88+suse.d504d83: * Revert "libmultipath: fix max_sectors_kb on adding path" (bsc#1222458) ==== openSUSE-build-key ==== - SLM 6.0 key (ALP / SLF1) RSA 4096 bit key - gpg-pubkey-09d9ea69-645b99ce.asc - 2024 SUSE Linux Enterprise 15 SP6 RSA 4096 bit key - gpg-pubkey-3fa1d6ce-63c9481c.asc - SLM 6.0 key (ALP / SLF1) RSA 4096 bit reserve key - gpg-pubkey-73f03759-626bd414.asc - 2024 SUSE Linux Enterprise 15 SP6 RSA 4096 bit reserve key - gpg-pubkey-d588dc46-63c939db.asc - obsoleted a incorrectly used DSA1024 key (used in Slowroll). ==== openSUSE-release ==== Version update (20240410 -> 20240414) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - Fix duplicate loading of dropins. (boo#1222467) ==== ovmf ==== Subpackages: qemu-uefi-aarch64 - Add ovmf-EmbeddedPkg-Library-Support-SOURCE_DATE_EPOCH-in-Vir.patch Support SOURCE_DATE_EPOCH in VirtualRealTimeClockLib for reproducible. (bsc#1217704) ==== pam ==== Version update (1.6.0 -> 1.6.1) - Update to version 1.6.1 - pam_env: fixed --disable-econf --enable-vendordir support. - pam_unix: do not warn if password aging is disabled. - pam_unix: try to set uid to 0 before unix_chkpwd invocation. - pam_unix: allow empty passwords with non-empty hashes. - Multiple minor bug fixes, build fixes, portability fixes, documentation improvements, and translation updates. - Remove backports: - pam_env-fix_vendordir.patch - pam_env-fix-enable-vendordir-fallback.patch - pam_env-remove-escaped-newlines.patch - pam_unix-fix-password-aging-disabled.patch ==== pam-config ==== Version update (2.11 -> 2.11+git.20240411) - Update to version 2.11+git.20240411: * Configure Himmelblau correctly w/ other services present * Configure other services correctly w/ Himmelblau present * Himmelblau session is only optional ==== pam-full-src ==== Version update (1.6.0 -> 1.6.1) - Update to version 1.6.1 - pam_env: fixed --disable-econf --enable-vendordir support. - pam_unix: do not warn if password aging is disabled. - pam_unix: try to set uid to 0 before unix_chkpwd invocation. - pam_unix: allow empty passwords with non-empty hashes. - Multiple minor bug fixes, build fixes, portability fixes, documentation improvements, and translation updates. - Remove backports: - pam_env-fix_vendordir.patch - pam_env-fix-enable-vendordir-fallback.patch - pam_env-remove-escaped-newlines.patch - pam_unix-fix-password-aging-disabled.patch ==== patterns-kde ==== Subpackages: patterns-kde-kde patterns-kde-kde_edutainment patterns-kde-kde_games patterns-kde-kde_ide patterns-kde-kde_imaging patterns-kde-kde_internet patterns-kde-kde_multimedia patterns-kde-kde_office patterns-kde-kde_pim patterns-kde-kde_plasma patterns-kde-kde_utilities patterns-kde-kde_utilities_opt patterns-kde-kde_yast - xwaylandvideobridge has always been unversioned (boo#1222640) ==== perl ==== Subpackages: perl-base - Revert commit 7af2d2037375d58e700f9e1b217efb2c4db66133 as suggested by upstream perl * fixed locale being clobbered by perl [bsc#1220195] * new patch: perl-locale-backport.diff ==== pipewire ==== Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Move the jack spa plugin from the pipewire-spa-plugins-0_2 package to a new pipewire-spa-plugins-0_2-jack package. This allows to not Suggest the pipewire-libjack package from pipewire-spa-plugins-0_2 since that's only used to connect pipewire as a client to a jack server which is not common at all (boo#1222253). ==== postfix ==== - Move qshape(1) out of -doc, install it as a binary with the main package ==== python-Pillow ==== - Reenable tests for s390x and ppc, bsc#1222553 gh#python-pillow/Pillow#1204 ==== schily ==== Subpackages: libcdrdeflt1_0 libdeflt1_0 libfile1_0 libfind4_0 librmt1_0 librscg1_0 libscg1_0 libscgcmd1_0 libschily2_0 mkisofs spax star - Update to release 2024.03.21 * mkisofs: produce less scrollback when logging progress to ttys. ==== texlive ==== - Add patch source-dvipdfm-x.dif * dvipdfmx: repeated inclusion of the same image did not share the image data, but had separate copies for each inclusion. ==== transactional-update ==== Version update (4.6.0 -> 4.6.5) Subpackages: dracut-transactional-update libtukit4 transactional-update-zypp-config tukit - Version 4.6.5 - Rework soft-reboot support introduced in 4.6.0: - On transactional systems with systemd 254 the system could hang with with a soft-reboot, as /var and /etc have to be mounted in /run/nextroot explicitly. As a soft-reboot can also be triggered by an admin the mounting of the corresponding mount points was moved to a systemd service to be independent of t-u itself. - Support for systemd 255 - Don't decrease reboot level on multiple commands - Various other bugfixes - soft-reboot support is disabled by default now to gather more feedback - libtukit: Fix kexec reboot method to boot kernel / initrd of next snapshot - tukit: Don't clone lock file handle on exec [boo#1222411] - t-u: Always use zypper of installed system [bsc#1221346] - t-u: Remove remaining telemetrics references - Add prepare-nextroot-for-softreboot service - Add (empty) %check section ==== update-alternatives ==== Version update (1.22.5 -> 1.22.6) - Update to version 1.22.6. The changelog for this version isn't very large, so it's provided in full: * dpkg-deb: Fix up compressor parameters for default legacy format. * Perl modules: - Dpkg::Vendor::Debian: Make it possible to disable qa=-bug-implicit-func. - Dpkg::Vendor::Debian: Unconditionally set qa bug-implicit-func. * Documentation: - man: Document dpkg versions supporting SOURCE_DATE_EPOCH for various tools. * Code internals: - libdpkg: Use array access instead of pointer arithmetic for meminfo parser. - libdpkg: Use a macro to define the zstd default compression level. * Build system: - Test with minimal library dependencies in CI. - Add gen-release script. * Packaging: - Fix typo in man page reference in changelog. * Test suite: - Refactor OpenPGP backend and commands list. - Refactor certfile and keyfile filenames for OpenPGP test. - Skip OpenPGP tests if the backend does not have a verify command. * Localization: - Fix typos in Swedish man pages translations. - Fix typos in Swedish man pages translations. - Update Dutch man pages translations. - Update Portuguese man pages translations. - Update German man pages translation. ==== vim ==== Version update (9.1.0151 -> 9.1.0301) Subpackages: vim-data vim-data-common xxd - update to 9.1.0301 * Vim9: heredoc start may be recognized in string * Missing test for what patch v9.1.0285 fixes * Vim9: return type not set for a lambda assigned to script var * add runtime/doc/tags-* to ignore files * Updated translation * Update documentation * Patch 9.1.0296 causes too many issues * Fix a few issues with gvim.nsi * regexp: engines do not handle case-folding well * filetype: pip config files are not recognized * Text height function does not respect it's argument * filetype: lxqt config files are not recognized * filetype: XDG mimeapps.list file is not recognized * filetype: libreoffice config files are not recognized * filetype: xilinx files are not recognized * filetype: some TeX files are not recognized * Vim9: comment may be treated as heredoc start * Vim9: E1027 with defcompile for abstract methods * Still problems with cursor position for CTRL-D/U * fix inaccuracies in pandoc compiler * make testclean is not able to delete failed screendumps * Update base-syntax, no curly-brace names in Vim9 script * Several small issues in doc and tests * Finding highlighting attributes is inefficient * Update cuda keywords, remove uncommonly used enumeration constants * several issues with 'smoothscroll' support * filetype: roc files are not recognized * filetype: zathurarc files not recognized * Cannot highlight the Command-line * No pandoc syntax support * filetype: R history files are not recognized * filetype: keymap files are not recognized * autocmd may change cwd after :tcd and :lcd * Update syntax generator, autocmd event list parsing * Normalise builtin-function optional parameter formatting * Correctly distribute libsodium with the installer * a few minor issues to fix * Test for TextChanged is still flaky with ASAN * Two tests in test_filechanged.vim are slow * File name entered in GUI dialog is ignored * fix :compiler leaving behind a g:makeprg variable * Remove more fallback :CompilerSet definitions from compiler plugins * filetype: earthfile files are not recognized * console dialog cannot save unnamed buffers * Fill in a few details regarding :enums * Remove fallback :CompilerSet definition from compiler plugins * libgpm may delete some signal handlers * Improve the matching of contextual keywords * Vim9: Problem with lambda blocks in enums and classes * Test for TextChanged is flaky with ASAN * Vim9: protected class and funcrefs accessible outside the class * Problems with "zb" and scrolling to new topline with 'smoothscroll' * filetype not detected when editing remote files * sort filetype.txt in the alphabetical order * Normal mode TextChanged isn't tested properly * half-page scrolling broke backward compatibility * Vim9: :call may not find imported class members * Finding autocmd events is inefficient * Vim9: no indication of script nr in stack trace of classes * [security]: Heap buffer overflow when calling complete_add() in 'cfu' * filetype: typespec files are not recognized * improve syntax highlighting for YAML * Vim9: segfault with static in super class * Filetype test fails * update syntax * filetype: ldscripts cannot be recognized * filetype: rock_manifest and config.ld files are not recognized * filetype: yarn lock files are not recognized * filetype: bundle config files are not recognized * filetype: fontconfig files are not recognized * filetype: zsh theme, history and zunit files are not recognized * filetype: bash history files are not recognized * filetype: netrw history file is not recognized * filetype: octave history files are not recognized * filetype: mysql history files are not recognized * filetype: some python tools config files are not recognized * filetype: gnuplot history files are not recognised * filetype: jupyterlab and sublime config are not recognized * filetype: mplstyle files are not recognized * filetype: texlua files are not recognized * filetype: supertux files are not recognized * filetype: support for Intel HEX files is lacking * Vim9: string() output of enum is problematic * Conceal test fails when rightleft feature is disabled * Filetype may be undetected when SwapExists sets ft in other buf * TextChanged autocommand not triggered under some circumstances * ensure compiler! sets global options * Distinguish Vim9 builtin object methods from namesake builtin functions * add support for Debian specific @includes * Error E877 is not translated * fix path of uganda.nsis.txt in german.nsi file * Two unrelated things are tested by a single test * Improve docs for empty(), len(), and string() on objects * Recording may still be wrong in Select mode * Not able to assign enum values to an enum static variable * test_matchparen not run in CI * cursor may move too many lines over "right" & "below" virt text * code duplication in loop to add active text properties ... changelog too long, skipping 119 lines ... * Coverity complains about ignoring return value ==== xfce4-branding-openSUSE ==== Version update (4.18.0+git1.8b02118 -> 4.18.0+git4.79f6d44) Subpackages: libgarcon-branding-openSUSE libxfce4ui-branding-openSUSE thunar-volman-branding-openSUSE xfce4-notifyd-branding-openSUSE xfce4-panel-branding-openSUSE xfce4-power-manager-branding-openSUSE xfce4-session-branding-openSUSE xfce4-settings-branding-openSUSE xfdesktop-branding-openSUSE xfwm4-branding-openSUSE - Update to version 4.18.0+git4.79f6d44: * Fix wallpaper folder structure * Better split tumbleweed and leap wallpapers * Added old wallpaper symlinks still needed by leap ==== xorg-x11-server ==== Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra - U_render-Avoid-possible-double-free-in-ProcRenderAddGl.patch * fixes regression for security fix for CVE-2024-31083 (bsc#1222312, boo#1222442, gitlab xserver issue #1659) ==== xz ==== Subpackages: liblzma5 - revert the switch to tar_scm which dropped the signature validation - switch back to tarballs because the upstream tarballs are not gone - reinstanciate keyring from Lasse - go back to the last release signed by Lasse (5.4.2) - revert multibuild, drop service and rpmlintrc - use real_ver for the Source, move everything else back to %version like before the hectic XZ downgrade - remove payload setting, we are using zstd now - Switch to using tar_scm for fetching the sources as the upstream tarballs on github are gone - introduce _multibuild to allow building the translations outside of Ring0 and everything else in Ring0 - add rpmlintrc to silence harmless warnings ==== zxcvbn ==== - Make use of distro build flags [View Less]

2 1

New Arm Tumbleweed snapshot 20240410 released!
by Guillaume Gardet 02 Oct '24

02 Oct '24

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.… [View More]org/openSUSE:Submitting_bug_reports Packages changed: SDL2 (2.30.1 -> 2.30.2) cryptsetup (2.7.1 -> 2.7.2) dracut-pcr-signature (0.2+0 -> 0.3+0) gcc13 kbd openSUSE-release (20240409 -> 20240410) power-profiles-daemon publicsuffix (20240326 -> 20240410) sdbootutil (1+git20240408.49e4021 -> 1+git20240410.3325802) spamassassin (4.0.0 -> 4.0.1) systemd-default-settings (0.9 -> 0.10) wicked wsdd (0.7.1 -> 0.8) xen (4.18.1_02 -> 4.18.2_02) xwayland (23.2.5 -> 23.2.6) === Details === ==== SDL2 ==== Version update (2.30.1 -> 2.30.2) - Update to release 2.30.2 * Fixed performance regression initialing controllers on Linux * Added support for the 6-button SEGA Mega Drive Control Pad for Nintendo Online * Add support for MadCatz Saitek Side Panel Control Deck * Added support for the Hori Fighting Stick EX2 * Added support for the Yawman Arrow flightstick * Added a gamepad mapping for the Defender Joystick Cobra R4 * Fixed the gamepad mapping for the Sanwa Supply JY-P76USV controller * Allow using SDL_RWFromFile() with named pipes ==== cryptsetup ==== Version update (2.7.1 -> 2.7.2) Subpackages: cryptsetup-doc libcryptsetup12 - update to 2.7.2: * Fix activation of OPAL-only encrypted LUKS device with tokens * Fix formatting of OPAL devices with 4096-byte sector size * Fix incorrect OPAL locking range alignment calculation if used over an unaligned device partition. * Do not check the passphrase quality for OPAL Admin PIN, as this passphrase already exists. * Update license for FAQ document to CC BY-SA 4.0. NOTE: Please note that with OPAL-only (--hw-opal-only) encryption, the configured OPAL administrator PIN (passphrase) allows unlocking all configured locking ranges without LUKS keyslot decryption (without knowledge of LUKS passphrase). Because of many observed problems with compatibility, cryptsetup currently DOES NOT use OPAL single-user mode, which would allow such decoupling of OPAL admin PIN access. ==== dracut-pcr-signature ==== Version update (0.2+0 -> 0.3+0) - Update to version 0.3+0: * Various small improvements ==== gcc13 ==== Subpackages: cpp13 libgccjit0-gcc13 libstdc++6-devel-gcc13 - Add gcc13-pr101523.patch to avoid combine spending too much compile-time and memory doing nothing on s390x. [boo#1188441] - Make requirement to lld version specific to avoid requiring the meta-package. - Add gcc13-pr111731.patch to fix unwinding for JIT code. [bsc#1221239] ==== kbd ==== - Move legacy keymaps that have no acceptable xkb counterpart and its includes back to kbd. (bsc#1194609) - Stop requiring kbd-legacy. All YaST supported languages should now have its keymaps in kbd. - Remove kbd-1.15.2-prtscr_no_sigquit.patch rejected by the upstream. The problem is fixed for a long time, this is an additional modification. (PED-7977, https://github.com/legionus/kbd/pull/111) - Drop kbd_fonts.tar.bz2 containing just several 30 years old inferior fonts with an unknown author and uncertain license. - Add structured comments to patches. ==== openSUSE-release ==== Version update (20240409 -> 20240410) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== power-profiles-daemon ==== - Revert "Remove duplicate DBus service files net.hadess.PowerProfiles" workaround to boo#1222179 (see comment 10). ==== publicsuffix ==== Version update (20240326 -> 20240410) - Update to version 20240410: * Removing `ravendb.me` (#1841) * Updating psl: Adding myfritz.link (follow up PR#77) (#1761) * Add `framer.ai` (#1831) * chore: add `is-a.dev` (#1949) * Add StackBlitz (#1939) * Add `unison-services.cloud` (#1839) * Add `is-cool.dev`, `is-local.org`, `is-not-a.dev` and `localplayer.dev` (#1672) * Add grayjayleagues.com (#1742) * Add `runcontainers.dev` for Libre IT Ltd (#1783) * Add `heliohost.us`, `helioho.st`(#1825) * Remove `123sait.ru` (#1844) * Add MyDNS.JP Dynamic DNS Service (#1937) * add `scrypted.io` (#1826) * Add `darklang.io` (#1880) * Update `cloudns.net` dynamic dns domains listing (#1593) * Add wildcard to `snowflake.app` and `privatelink.snowflake.app` (#1743) * Add `preview.csb.app` and `csb.app` (#1648) * Add `nimsite.uk` (#1797) * add getlocalcert.net domains (#1798) * Add wadl.top (#1924) * ADD: `can.re` (#1651) * Add cdn77-storage.com and rsc.contentproxy9.cz (#1882) * add `srv.us`, `xmit.co` * Add at.emf.camp (#1955) * util: gTLD data autopull updates for 2024-03-28T15:13:37 UTC (#1952) ==== sdbootutil ==== Version update (1+git20240408.49e4021 -> 1+git20240410.3325802) Subpackages: sdbootutil-rpm-scriptlets sdbootutil-snapper - Update to version 1+git20240410.3325802: * fallback for machine-id ==== spamassassin ==== Version update (4.0.0 -> 4.0.1) Subpackages: perl-Mail-SpamAssassin spamassassin-spamc - fix iXhash2-meta-rules.patch - update to patch release version 4.0.1 - Incompatibilities with some versions of perl and some perl modules that have been released since the release of SpamAssassin 4.0.0 - Problems using cpan to install SpamAssassin when certain required or optional modules are not already installed - Support for space characters in the path name of some executables used by certain plugins - Improved handling of URL shortener link redirects - Improved TxRep locking management - Added Mail::SpamAssassin::Plugin::AuthRes plugin to use Authentication-Results header fields in other plugins - Added a Pyzor Perl implementation - Perl crash when certain uri_detail rules processed some messages with UTF-8 characters - Inconsistent handling of newlines in header rules - Text or HTML content placed in octet-stream attachments by spammers to bypass SpamAssassin scanning - Implemented TCP fallback for truncated DNS UDP replies - Refresh patch-URIDNSBL - Drop undocumented patch-SQL_ASCII_SORT breaking sqlite - Drop most of iXhash2-meta-rules.patch (additional services no longer exist) ==== systemd-default-settings ==== Version update (0.9 -> 0.10) Subpackages: systemd-default-settings-branding-SLE systemd-default-settings-branding-openSUSE - Import 0.10 5088997 SLE: Disable pids controller limit under user instances (jsc#SLE-10123) ==== wicked ==== Subpackages: wicked-service - client: do not convert sec to msec twice (bsc#1222105) [+ 0005-client-do-to-not-convert-sec-to-msec-twice-bsc-1222105.patch] ==== wsdd ==== Version update (0.7.1 -> 0.8) - Fix build for SLE_15 - Update to version 0.8 * Configuration files for firewalld added * Show device type and allow filtering in API's list command * Add option --metadata-timeout to set the timeout for the HTTP-based metadata exchange * The employed UUID is now read from /etc/{machine-id,hostid} before falling by back to the UUID derivation from the host name. * Handle addresses with zone id by ignoring the interface part * Do not crash with asyncio future error when non-existing interface is provided - Remove some bashism from wsdd-init.sh - Use the unmodified service files from wsdd for Leap 15.5 and below, else reuse ws-discovery-udp service from firewalld ==== xen ==== Version update (4.18.1_02 -> 4.18.2_02) Subpackages: xen-libs xen-tools-domU - Update to Xen 4.18.2 security bug fix release (bsc#1027519) xen-4.18.2-testing-src.tar.bz2 * No upstream changelog found in sources or webpage - bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may trigger Xen bug check (XSA-454) - bsc#1222302 - VUL-0: CVE-2024-31142: xen: x86: Incorrect logic for BTC/SRSO mitigations (XSA-455) - bsc#1222453 - VUL-0: CVE-2024-2201: xen: x86: Native Branch History Injection (XSA-456) - Dropped patch contained in new tarball 65f83951-x86-mm-use-block_lock_speculation-in.patch ==== xwayland ==== Version update (23.2.5 -> 23.2.6) - Update to 23.2.6 * This is a quick bug fix release to address a regression introduced by the fix for CVE-2024-31083 in xwayland-23.2.5. [View Less]

2 1

New Arm Tumbleweed snapshot 20231114 released!
by Guillaume Gardet 02 Oct '24

02 Oct '24

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.… [View More]

2 1

New Arm Tumbleweed snapshot 20231203 released!
by Guillaume Gardet 02 Oct '24

02 Oct '24

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.… [View More]org/openSUSE:Submitting_bug_reports Packages changed: NetworkManager-branding-openSUSE avahi avahi-glib2 blog (2.27 -> 2.28) brltty dialog erofs-utils ethtool (6.5 -> 6.6) evolution (3.50.1 -> 3.50.2) evolution-data-server (3.50.1 -> 3.50.2) evolution-ews (3.50.1 -> 3.50.2) firewalld (2.0.1 -> 2.0.2) fontconfig fonts-config (20200609+git0.42e2b1b -> 20230604+git0.630c8206607c) gcc13 (13.2.1+git7813 -> 13.2.1+git8109) gnome-disk-utility (45.0 -> 45.1) gnome-software (45.1 -> 45.2) gnome-sudoku (45.2 -> 45.3) gobject-introspection gpgme (1.23.1 -> 1.23.2) gpgmeqt (1.23.1 -> 1.23.2) gtk2 gtk4 (4.12.3 -> 4.12.4) guestfs-tools (1.50.1 -> 1.51.5) inkscape (1.3.1 -> 1.3.2) iproute2 (6.5 -> 6.6) irqbalance (1.9.2.24.git+184c950 -> 1.9.3.8.git+c963f48) jasper (4.1.0 -> 4.1.1) kernel-firmware (20231127 -> 20231128) kernel-source (6.6.2 -> 6.6.3) libHX (4.17 -> 4.19) libadwaita (1.4.0+12 -> 1.4.1) libavif (1.0.0 -> 1.0.2) libkolabxml libnotify (0.8.2 -> 0.8.3) librsvg libselinux-bindings llvm17 (17.0.5 -> 17.0.6) ncurses (6.4.20231111 -> 6.4.20231125) netcfg openssh openssl-1_1 perl (5.38.0 -> 5.38.2) perl-CGI (4.590.0 -> 4.600.0) perl-Net-DNS (1.400.0 -> 1.410.0) polkit-default-privs (1550+20231103.3b4a82f -> 1550+20231129.269abcd) python-immutables (0.19 -> 0.20) python-psycopg2 (2.9.7 -> 2.9.9) qemu (8.1.2 -> 8.1.3) rdma-core (48.0 -> 49.0) snapper (0.10.6 -> 0.10.7) systemd tree unar (1.10.7 -> 1.10.8) update-alternatives (1.22.0 -> 1.22.1) usbutils vim (9.0.2103 -> 9.0.2136) virt-v2v xdmbgrd xfce4-whiskermenu-plugin (2.8.1 -> 2.8.2) xxhash zxing-cpp === Details === ==== NetworkManager-branding-openSUSE ==== - Fix most rpmlint warnings: + suse-zypp-packageand: use current Supplements: (A and B) syntax over packagand(A:B) + summary-ended-with-dot: Remove dot at the end of Summary: + no-%build-section: Add empty %build section + branding-supplements-missing: Fixes as part of suse-zypp-packageand. ==== avahi ==== Subpackages: libavahi-client3 libavahi-common3 libavahi-core7 - Add avahi-CVE-2023-38472.patch: Fix reachable assertion in avahi_rdata_parse (bsc#1216853, CVE-2023-38472). ==== avahi-glib2 ==== Subpackages: libavahi-glib1 libavahi-gobject0 libavahi-ui-gtk3-0 - Add avahi-CVE-2023-38472.patch: Fix reachable assertion in avahi_rdata_parse (bsc#1216853, CVE-2023-38472). ==== blog ==== Version update (2.27 -> 2.28) Subpackages: blog-plymouth libblogger2 - Update to version 2.28 * UTMP support is gone, remove dependency also add support for initramfs at shutdown. ==== brltty ==== Subpackages: brltty-driver-at-spi2 brltty-driver-brlapi brltty-driver-speech-dispatcher brltty-driver-xwindow libbrlapi0_8 python3-brlapi system-user-brltty xbrlapi - Disable parallel build again ==== dialog ==== Subpackages: libdialog15 - don't install config file, dialog has built in defaults anyway - add support for /usr/etc (dialog-1.3-usretc.diff) ==== erofs-utils ==== - Enable lzma/xz compression; make `mkfs.erofs -z lzma` work. ==== ethtool ==== Version update (6.5 -> 6.6) Subpackages: ethtool-bash-completion - update to upstream release 6.6 * Feature: support for more CMIS transceiver modules (-m) * Fix: fix build on systems with old kernel uapi headers ==== evolution ==== Version update (3.50.1 -> 3.50.2) Subpackages: evolution-plugin-spamassassin - Update to version 3.50.2: + EContactCard: Card sometimes hides values. + docs: Add API indexes for new symbols in 3.50. + Fix a memory leak in ECompEditor. + ECompoEditor: Some attachments can be hidden. + Calendar: Go to day/today in Year View doesn't update internal view dates. + EYearView: Fix a crash when moving through search results. + Bug Fixes: - EAttachment: Ask for GFileInfo's icon only when attribute is set. - Mail: Subject header not decoded with encrypted messages. - On empty mailbox new mail is automaticly selected and marked read. - Contacts: Update preview on contact change in List View. - Mail: Search with "current folder and subfolders" in local Trash fails. - "Do not sign meeting requests" has no effect. ==== evolution-data-server ==== Version update (3.50.1 -> 3.50.2) Subpackages: libcamel-1_2-64 libebackend-1_2-11 libebook-1_2-21 libebook-contacts-1_2-4 libecal-2_0-2 libedata-book-1_2-27 libedata-cal-2_0-2 libedataserver-1_2-27 libedataserverui-1_2-4 - Update to version 3.50.2: + Bug Fixes: - alarm-notify: . Some reminders could be lost . Birthday floating date shifted by one day - CamelGpgContext: Don't leak istream in gpg_sign_sync(). - e-xml-utils: Fix build with libxml2 2.12. + Miscellaneous: - OAuth2: Add scheme handler for OAuth2 prompts in external browser. - EReminderWatcher: Last-notified time not always set. + Updated translations. ==== evolution-ews ==== Version update (3.50.1 -> 3.50.2) - Update to version 3.50.2: + Calendar: Don't convert UTC times to local timezone + Updated translations. ==== firewalld ==== Version update (2.0.1 -> 2.0.2) Subpackages: firewalld-bash-completion python3-firewall - update to 2.0.2: * fix(policy): runtime dispatch update if *-zone=ANY (e8b9637) * fix(nm): release NM client after a timeout (d534f07) ==== fontconfig ==== Subpackages: libfontconfig1 - Run autoreconf for Leap 15.x to fix build breakage ==== fonts-config ==== Version update (20200609+git0.42e2b1b -> 20230604+git0.630c8206607c) - Update to 20230604+git0.630c8206607c: * Fix uninitialised use of the HOME environment variable (bsc#1086804,bsc#1210700) * font match and pattern match can't put in one file. * source han are packaged nowadays, no need to give alias; just give CFF fontformat fonts in zh-/ja/ko hintfull * split 59-family-prefer-lang-specific to cjk/noto and raw, the former two may be generated by scripts in later version * emoji support(part1): add emoji family * delete 10-group-tt*.conf, since fontconfig 2.14 introduces 09-autohint-if-no-hinting.conf (bsc#1217542) * Fix fonts-config does not read user config with `-u` option given * widen comparison operator for emoji fonts - Fix typos in the configs: 0001-Fix-typos-in-32-emoji-reject.conf-and-59-family-pref.patch - Enable 09-autohint-if-no-hinting.conf from fontconfig ==== gcc13 ==== Version update (13.2.1+git7813 -> 13.2.1+git8109) Subpackages: cpp13 libasan8 libatomic1 libgcc_s1 libgccjit0 libgfortran5 libgomp1 libhwasan0 libitm1 liblsan0 libobjc4 libstdc++6 libstdc++6-locale libstdc++6-pp libtsan2 libubsan1 - Update to gcc-13 branch head, 741743c028dc00f27b9c8b1d5, git8109 * Includes fix for building mariadb on i686. [bsc#1217667] * Remove pr111411.patch contained in the update. - Avoid update-alternatives dependency for accelerator crosses. - Package tool links to llvm in cross-amdgcn-gcc13 rather than in cross-amdgcn-newlib13-devel since that also has the dependence. - Depend on llvmVER instead of llvm with VER equal to %product_libs_llvm_ver where available and adjust tool discovery accordingly. This should also properly trigger re-builds when the patchlevel version of llvmVER changes, possibly changing the binary names we link to. [bsc#1217450] ==== gnome-disk-utility ==== Version update (45.0 -> 45.1) - Update to version 45.1: + creatediskimage: Fix crash if image creation has errors. + Update appdata + Updted translations. ==== gnome-software ==== Version update (45.1 -> 45.2) Subpackages: gnome-software-plugin-packagekit - Update to version 45.2: + Updated translations. ==== gnome-sudoku ==== Version update (45.2 -> 45.3) - Update to version 45.3: + Adjust red warning color to be brighter, to help colorblind users + Fix earmarks not being checked for warnings + Fix crash when using arrow keys with no cell selected + Fix criticals when adding earmarks introduced in 45.2 ==== gobject-introspection ==== Subpackages: girepository-1_0 libgirepository-1_0-1 - Drop BuildRequires on pkgconfig(cairo)/pkgconfig(cairo-gobject), cairo is only needed for some tests. ==== gpgme ==== Version update (1.23.1 -> 1.23.2) Subpackages: libgpgme11 libgpgmepp6 - Update to 1.23.2: * Preserve more specific existing failure code. [T6575] * qt: Start dirmngr with gpgconf to avoid multiple instances. [T6833] * qt: On Windows, use UTF-8 when logging the error text. [T5960] * qt: Remove left-over partial files more persistently. [T6584] * qt: Use a temporary file name when creating signed or encrypted archives. [T6721] * qt: Build Qt 6 bindings with -fPIC if requested or Qt 6 was built with this flag. [T6781] * Notes: - qt: DefaultKeyGenerationJob DEPRECATED. * Release-info: https://dev.gnupg.org/T6782 ==== gpgmeqt ==== Version update (1.23.1 -> 1.23.2) - Update to 1.23.2: * Preserve more specific existing failure code. [T6575] * qt: Start dirmngr with gpgconf to avoid multiple instances. [T6833] * qt: On Windows, use UTF-8 when logging the error text. [T5960] * qt: Remove left-over partial files more persistently. [T6584] * qt: Use a temporary file name when creating signed or encrypted archives. [T6721] * qt: Build Qt 6 bindings with -fPIC if requested or Qt 6 was built with this flag. [T6781] * Notes: - qt: DefaultKeyGenerationJob DEPRECATED. * Release-info: https://dev.gnupg.org/T6782 ==== gtk2 ==== Subpackages: gtk2-data gtk2-immodule-amharic gtk2-immodule-inuktitut gtk2-immodule-thai gtk2-immodule-tigrigna gtk2-immodule-vietnamese gtk2-tools libgtk-2_0-0 - Add gtk2-check-attribute.patch (bsc#1217622): check for attribute availability before accessing it. Starting from GLib 2.76, the standard attribute getters in the GFileInfo object will warn if the attribute is unset, instead of silently bailing out and returning a default value. ==== gtk4 ==== Version update (4.12.3 -> 4.12.4) Subpackages: gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0 - Update to version 4.12.4: + a11y: Tweak name computation for some corner cases. + gdk: - gl: Improve our use of GLES a bit (use vertex arrays and GL_BGRA if available) - Fix some errors in our memory format tables + gsk: - gl: handle texture-scale nodes more faithfully - gl: Fix icon padding in the atlas + Tools: Add a --undecorated option to gtk4-rendernode-tool. + Updated translations. ==== guestfs-tools ==== Version update (1.50.1 -> 1.51.5) - Remove obsolete requirement for ocaml-gettext-stub-devel - Require OCaml 4.07+ - Update to version 1.51.5 * No upstream changelog found in sources or webpage * customize: Change --chown to use UID:GID:FILENAME * Implement virt-customize --tar-in * Dropped the virt-dib tool * Various bug fixes and language translations ==== inkscape ==== Version update (1.3.1 -> 1.3.2) Subpackages: inkscape-extensions-extra inkscape-extensions-fig inkscape-extensions-gimp - Update to version 1.3.2: + important bugfix release, fixes a data loss bug in 1.3.1 + Stars, polygons, spirals, 3D boxes are now saved correctly + The data that was lost when saving these shapes, can be recovered in 1.3.2 if you manually make an edit: To fix all missing shapes at once, you can select all elements in all layers (Ctrl + Alt + A, need to unlock them first), and move them right and back left again with a press on the arrow keys + See the full release notes https://inkscape.org/release/inkscape-1.3.2 ==== iproute2 ==== Version update (6.5 -> 6.6) Subpackages: iproute2-bash-completion - Update to release 6.6 * bridge: Add backup nexthop ID support * tc: Classifier support for SPI field * tc: support the netem seed parameter for loss and corruption events * tc: remove support for CBQ * tc: remove support for RSVP classifier * tc: remove tcindex classifier * tc: remove dsmark qdisc * tc: drop support for ATM qdisc ==== irqbalance ==== Version update (1.9.2.24.git+184c950 -> 1.9.3.8.git+c963f48) Subpackages: irqbalance-ui - Update to version 1.9.3.8.git+c963f48: * Enable systemd feature support by default when building with meson * Add support for linking against libnl when building with meson * Turn NUMA support into an enabled feature, when building with meson * Set project version of meson build to 1.9.3 * Install man pages when building with meson * When building with meson, make sure to link against numa * Updating to version 1.9.3 * Automatically use systemd journal and run in foreground when under systemd - Update to version 1.9.2.34.git+5069982: * activate_mapping: avoid logging error when there is none * activate_mapping: only blacklist irq if error is considered permanent * activate_mapping: report error reason * activate_mapping: make sure to catch all errors * activate_mapping: avoid use-after-free when affinity cannot be set * Revert "activate_mapping: fflush the buffered data to smp_affinity" * activate_mapping: fflush the buffered data to smp_affinity ==== jasper ==== Version update (4.1.0 -> 4.1.1) - Update to 4.1.1: * Disallow in-source builds by default #364 * Fix a potential integer overflow problem in the jas_get_total_mem_size function (for the Windows platform) #363 ==== kernel-firmware ==== Version update (20231127 -> 20231128) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20231128 (git commit d9f6088f7e91): * Add a COPYOPTS variable * rtl_bt: Update RTL8852A BT USB firmware to 0xDFC8_145F ==== kernel-source ==== Version update (6.6.2 -> 6.6.3) - Linux 6.6.3 (bsc#1012628). - locking/ww_mutex/test: Fix potential workqueue corruption (bsc#1012628). - btrfs: abort transaction on generation mismatch when marking eb as dirty (bsc#1012628). - lib/generic-radix-tree.c: Don't overflow in peek() (bsc#1012628). - x86/retpoline: Make sure there are no unconverted return thunks due to KCSAN (bsc#1012628). - perf/core: Bail out early if the request AUX area is out of bound (bsc#1012628). - srcu: Fix srcu_struct node grpmask overflow on 64-bit systems (bsc#1012628). - selftests/lkdtm: Disable CONFIG_UBSAN_TRAP in test config (bsc#1012628). - clocksource/drivers/timer-imx-gpt: Fix potential memory leak (bsc#1012628). - clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware (bsc#1012628). - srcu: Only accelerate on enqueue time (bsc#1012628). - smp,csd: Throw an error if a CSD lock is stuck for too long (bsc#1012628). - cpu/hotplug: Don't offline the last non-isolated CPU (bsc#1012628). - workqueue: Provide one lock class key per work_on_cpu() callsite (bsc#1012628). - x86/mm: Drop the 4 MB restriction on minimal NUMA node memory size (bsc#1012628). - wifi: plfxlc: fix clang-specific fortify warning (bsc#1012628). - wifi: ath12k: Ignore fragments from uninitialized peer in dp (bsc#1012628). - wifi: mac80211_hwsim: fix clang-specific fortify warning (bsc#1012628). - wifi: mac80211: don't return unset power in ieee80211_get_tx_power() (bsc#1012628). - atl1c: Work around the DMA RX overflow issue (bsc#1012628). - bpf: Detect IP == ksym.end as part of BPF program (bsc#1012628). - wifi: ath9k: fix clang-specific fortify warnings (bsc#1012628). - wifi: ath12k: fix possible out-of-bound read in ath12k_htt_pull_ppdu_stats() (bsc#1012628). - wifi: ath10k: fix clang-specific fortify warning (bsc#1012628). - wifi: ath12k: fix possible out-of-bound write in ath12k_wmi_ext_hal_reg_caps() (bsc#1012628). - ACPI: APEI: Fix AER info corruption when error status data has multiple sections (bsc#1012628). - net: sfp: add quirk for Fiberstone GPON-ONU-34-20BI (bsc#1012628). - wifi: mt76: mt7921e: Support MT7992 IP in Xiaomi Redmibook 15 Pro (2023) (bsc#1012628). - wifi: mt76: fix clang-specific fortify warnings (bsc#1012628). - net: annotate data-races around sk->sk_tx_queue_mapping (bsc#1012628). - net: annotate data-races around sk->sk_dst_pending_confirm (bsc#1012628). - wifi: ath12k: mhi: fix potential memory leak in ath12k_mhi_register() (bsc#1012628). - wifi: ath10k: Don't touch the CE interrupt registers after power up (bsc#1012628). - net: sfp: add quirk for FS's 2.5G copper SFP (bsc#1012628). - vsock: read from socket's error queue (bsc#1012628). - bpf: Ensure proper register state printing for cond jumps (bsc#1012628). - wifi: iwlwifi: mvm: fix size check for fw_link_id (bsc#1012628). - Bluetooth: btusb: Add date->evt_skb is NULL check (bsc#1012628). - Bluetooth: Fix double free in hci_conn_cleanup (bsc#1012628). - ACPI: EC: Add quirk for HP 250 G7 Notebook PC (bsc#1012628). - tsnep: Fix tsnep_request_irq() format-overflow warning (bsc#1012628). - gpiolib: acpi: Add a ignore interrupt quirk for Peaq C1010 (bsc#1012628). - platform/chrome: kunit: initialize lock for fake ec_dev (bsc#1012628). - of: address: Fix address translation when address-size is greater than 2 (bsc#1012628). - platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e (bsc#1012628). - drm/gma500: Fix call trace when psb_gem_mm_init() fails (bsc#1012628). - drm/amdkfd: ratelimited SQ interrupt messages (bsc#1012628). - drm/komeda: drop all currently held locks if deadlock happens (bsc#1012628). - drm/amd/display: Blank phantom OTG before enabling (bsc#1012628). - drm/amd/display: Don't lock phantom pipe on disabling (bsc#1012628). - drm/amd/display: add seamless pipe topology transition check (bsc#1012628). - drm/edid: Fixup h/vsync_end instead of h/vtotal (bsc#1012628). - md: don't rely on 'mddev->pers' to be set in mddev_suspend() (bsc#1012628). - drm/amdgpu: not to save bo in the case of RAS err_event_athub (bsc#1012628). - drm/amdkfd: Fix a race condition of vram buffer unref in svm code (bsc#1012628). - drm/amdgpu: update retry times for psp vmbx wait (bsc#1012628). - drm/amd: Update `update_pcie_parameters` functions to use uint8_t arguments (bsc#1012628). - drm/amd/display: use full update for clip size increase of large plane source (bsc#1012628). ... changelog too long, skipping 797 lines ... - commit 1be1eb4 ==== libHX ==== Version update (4.17 -> 4.19) - Update to release 4.19 * string: fixed HX_strtoull_unit with negative fractions producing 0 sometimes * opt: fix HX_getopt losing argv on HXOPT_KEEP_ARGV - Delete 0001-string-resolve-testsuite-failure-with-aarch64.patch (merged) - Update to release 4.18 * opt: new HX_getopt5 API for the parser with untangled in and out variables * string: HX_strtoull_units handles negative values now (like strtoull) * string: HX_strtoull_units & HX_strtoull_(n)sec now set errno=ERANGE for nonrepresentable results * string: HX_strtoull_sec rejects unitless numbers now - Add 0001-string-resolve-testsuite-failure-with-aarch64.patch ==== libadwaita ==== Version update (1.4.0+12 -> 1.4.1) Subpackages: libadwaita-1-0 typelib-1_0-Adw-1 - Update to version 1.4.1: + Fix build with MSVC + Fix build with libappstream 1.0 + AdwCarousel: Fix carousel scroll behavior with page reordering + AdwComboRow: - Fix focus when opening the popover - Set the correct state on the selected checkmark + AdwNavigationView: Fix a warning message + AdwTabOverview: Allow child focus on out animations + AdwTabView: - Keep view alive during ::page-detached - Fix crashes when using :pages + Docs: Fix erroneous <child> use in breakpoints migration guide + Updated translations. - Drop 3e3967d5f69180644519936991cad10136e84ca9.patch: Fixed upstream. ==== libavif ==== Version update (1.0.0 -> 1.0.2) - update to 1.0.2: * Update avifCropRectConvertCleanApertureBox() to the revised requirements in ISO/IEC 23000-22:2019/Amd. 2:2021 Section 7.3.6.7. * CVE-2023-6350: Out of bounds memory to alphaItemIndices (boo#1217614) * CVE-2023-6351: use-after-free in colorProperties (boo#1217615) - drop fix-gdkpixbuf.patch ==== libkolabxml ==== - Switch to %autosetup and %ldconfig_scriptlets - Replace the package URL ==== libnotify ==== Version update (0.8.2 -> 0.8.3) Subpackages: libnotify-tools libnotify4 typelib-1_0-Notify-0_7 - Update to version 0.8.3: + This release contains a critical stability/minor security update which affects Electron applications that utilize Portal notifications (eg, through Flatpak). It is highly recommended that all users of libnotify 0.8.x update to this release. + Please note that this fix has increased the minimum required version of glib to 2.62.0. + notification: - Use g_signal_connect_object - Move disconnect to dispose ==== librsvg ==== Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0 - Run service with new obs-service-cargo, drop cargo_config as source and clean up spec and service, and switch to zst as buildtime compression. ==== libselinux-bindings ==== - Also build python3-selinux for toolchain compability on SLE ==== llvm17 ==== Version update (17.0.5 -> 17.0.6) - Update to version 17.0.6. * This release contains bug-fixes for the LLVM 17.0.0 release. This release is API and ABI compatible with 17.0.0. - Rebase patches: * llvm-do-not-install-static-libraries.patch * llvm-normally-versioned-libllvm.patch - Use major version only instead of full (patch-level) version for versioned executables: we don't support parallel installation of multiple versions of the same LLVM major version. (boo#1217450) Also drop the clang-X.Y symlink that was introduced for boo#1012260, because Y is always 0. - Manage clang-cpp with update-alternatives like other binaries. ==== ncurses ==== Version update (6.4.20231111 -> 6.4.20231125) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20231125 + add information about "ttycap", termcap's forerunner, to tset.1 (patch by Branden Robinson). + improve formatting/style of manpages, including section reordering (patches by Branden Robinson). + modify usage messages in configure script, bracketing optional values (report by Branden Robinson). - Add ncurses patch 20231121 + amend fix for Debian #1055882, correcting nul terminator check in waddnstr (Debian #1056340). - Add ncurses patch 20231118 + improve description of length-parameter and error-returns in several manpages: curs_addchstr.3x, curs_addstr.3x, curs_addwstr.3x, curs_in_wch.3x, curs_in_wchstr.3x, curs_inchstr.3x, curs_ins_wstr.3x, curs_insstr.3x, curs_instr.3x, curs_inwstr.3x + amend parameter check for entire string versus specific length in winsnstr() and wins_nwstr() to match Solaris. + make similar correction to wins_nwstr(). + correct loop termination condition in waddnstr() and waddnwstr() (Debian #1055882, cf: 20201205). ==== netcfg ==== - Fix syntax of localhost entries in hosts [bsc#1217355] - Remove empty netgroup example file from /etc [jsc#PED-240]. NIS, the main consumer, got already dropped. - Remove empty ethers example file, /usr/etc should not contain examples, for the format there is the manual page, does not support IPv6. ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - Enhanced SELinux functionality. Added * openssh-7.8p1-role-mls.patch Proper handling of MLS systems and basis for other SELinux improvements * openssh-6.6p1-privsep-selinux.patch Properly set contexts during privilege separation * openssh-6.6p1-keycat.patch Add ssh-keycat command to allow retrival of authorized_keys on MLS setups with polyinstantiation * openssh-6.6.1p1-selinux-contexts.patch Additional changes to set the proper context during privilege separation * openssh-7.6p1-cleanup-selinux.patch Various changes and putting the pieces together For now we don't ship the ssh-keycat command, but we need the patch for the other SELinux infrastructure This change fixes issues like bsc#1214788, where the ssh daemon needs to act on behalf of a user and needs a proper context for this ==== openssl-1_1 ==== Subpackages: libopenssl1_1 - Skip SHA1 test in 20-test_dgst.t when in FIPS mode * Add openssl-Skip_SHA1-test-in-FIPS-mode.patch - FIPS: add openssl-1_1-fips-bsc1190652_release_num_in_version_string.patch * bsc#1190652 - Provide a service to output module name/identifier and version - Sync patches with SLE: * Merge openssl-keep_EVP_KDF_functions_version.patch into openssl-1.1.1-evp-kdf.patch * Refresh openssl-1_1-fips-bsc1215215_fips_in_version_string.patch * Remove openssl-no-date.patch ==== perl ==== Version update (5.38.0 -> 5.38.2) Subpackages: perl-base perl-doc - Update to perl 5.38.2 * fixes [CVE-2023-47038] Write past buffer end via illegal user-defined Unicode property [bnc#1217084] * fixes [CVE-2023-47039] Perl for Windows binary hijacking vulnerability [bnc#1217085] ==== perl-CGI ==== Version update (4.590.0 -> 4.600.0) - updated to 4.60 see /usr/share/doc/packages/perl-CGI/Changes 4.60 2023-11-01 [ TESTING ] - move t/changes.t to xt/ as is now broken by the recent rewrite of Test::CPAN::Changes (GH #260) ==== perl-Net-DNS ==== Version update (1.400.0 -> 1.410.0) - updated to 1.41 see /usr/share/doc/packages/perl-Net-DNS/Changes ==== polkit-default-privs ==== Version update (1550+20231103.3b4a82f -> 1550+20231129.269abcd) - Update to version 1550+20231129.269abcd: * profiles: whitelist cinnamon-settings-daemon wacom-oled-helper (bsc#1217532) ==== python-immutables ==== Version update (0.19 -> 0.20) - update to 0.20: * Enable support for pattern matching (#96) * add support for aix/sunos (#98) * Python 3.12 compatibility (#105) * Add __contains__ to MapKeys (#99) * Add PEP 585 GenericAlias support (#101) * Move metadata to `pyproject.toml`, fix test fixture inclusion in sdist (#111) - drop python312.patch (upstream) ==== python-psycopg2 ==== Version update (2.9.7 -> 2.9.9) - update to 2.9.9: * Add support for Python 3.12. * Drop support for Python 3.6. * Wheel package bundled with PostgreSQL 16 libpq in order to add support for recent features, such as ``sslcertmode``. ==== qemu ==== Version update (8.1.2 -> 8.1.3) Subpackages: qemu-arm qemu-audio-spice qemu-block-curl qemu-block-nfs qemu-block-rbd qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-host qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-img qemu-ipxe qemu-ksm qemu-pr-helper qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios - Align to upstream stable release. It includes many of the patches we had backported ourself, to fix bugs and issues, plus more. See here for details: * https://lore.kernel.org/qemu-devel/1700589639.257680.3420728.nullmailer@tls… * https://gitlab.com/qemu-project/qemu/-/commits/stable-8.1?ref_type=heads An (incomplete!) list of such backports is: * Update version for 8.1.3 release * hw/mips: LOONGSON3V depends on UNIMP device * target/arm: HVC at EL3 should go to EL3, not EL2 * s390x/pci: only limit DMA aperture if vfio DMA limit reported * target/riscv/kvm: support KVM_GET_REG_LIST * target/riscv/kvm: improve 'init_multiext_cfg' error msg * tracetool: avoid invalid escape in Python string * tests/tcg/s390x: Test LAALG with negative cc_src * target/s390x: Fix LAALG not updating cc_src * tests/tcg/s390x: Test CLC with inaccessible second operand * target/s390x: Fix CLC corrupting cc_src * tests/qtest: ahci-test: add test exposing reset issue with pending callback * hw/ide: reset: cancel async DMA operation before resetting state * target/mips: Fix TX79 LQ/SQ opcodes * target/mips: Fix MSA BZ/BNZ opcodes displacement * ui/gtk-egl: apply scale factor when calculating window's dimension * ui/gtk: force realization of drawing area * ati-vga: Implement fallback for pixman routines * ... - Backports and bugfixes: * [openSUSE] Make Sphinx build reproducible (boo#1102408) * target/s390x/arch_dump: Add arch cleanup function for PV dumps (bsc#1217227) * dump: Add arch cleanup function (bsc#1217227) * target/s390x/dump: Remove unneeded dump info function pointer init (bsc#1217227) ==== rdma-core ==== Version update (48.0 -> 49.0) Subpackages: libefa1 libibverbs libibverbs1 libmana1 libmlx4-1 libmlx5-1 librdmacm1 rdma-ndd - Update to v49.0 (jsc#PED-6891, jsc#PED-6864, jsc#PED-6839, jsc#PED-6836, jsc#PED-6828, jsc#PED-6824, jsc#PED-6958, jsc#PED-6943, jsc#PED-6933, jsc#PED-6916) - No release notes available. ==== snapper ==== Version update (0.10.6 -> 0.10.7) Subpackages: libsnapper7 snapper-zypp-plugin - report plugin failures (gh#openSUSE/snapper#846) - version 0.10.7 - fix building with libxml 2.12.0 (gh#openSUSE/snapper#848) - fix diff for lvm based configs (bsc#1216191) - make SystemCmd take vector of strings ==== systemd ==== Subpackages: libsystemd0 libudev1 systemd-boot systemd-container systemd-coredump udev - udev: Tighten permissions for DRM render nodes (bsc#1217118). Note that this implicitly enables `uaccess`, so any logged-in user still gets access regardless of group membership. Some use cases, e.g. remote access via ssh, might require you to add the desired user to the `render` group. See: https://lists.opensuse.org/archives/list/factory@lists.opensuse.org/thread/… ==== tree ==== - Build with openSUSE flags ==== unar ==== Version update (1.10.7 -> 1.10.8) - Update to version 1.10.8 * Fix a major memory leak in CSBzip2Handle * Fix Quarantine attribute for created directories * Fix crash corrupted iso * Fix crash during unarchive sitx format with symlink on deleted file * Implement Clang modules support * [TUN-189] Add Alternarive CRC calcuation for Mac Binary format * [WARC-1] Add basic support of WARC 1.1 archives * [TUN-138] Fix case with directories in Solid RAR5 archives * [TUN-184] Fix old archives with RAR 1.5 - Update source URL - Add universal-detector as source ==== update-alternatives ==== Version update (1.22.0 -> 1.22.1) - Update to version 1.22.1. The full changelog is very large. Please check it here: https://git.dpkg.org/cgit/dpkg/dpkg.git/tree/debian/changelog?h=1.22.1 - Refresh update-alternatives-suse.patch so it applies cleanly. ==== usbutils ==== - Split out devel package, containing the .pc file: + The .pc file declares dependencies on other devel packages, which is not wanted on regular end-user systems. + Drop rpmlintrc file. ==== vim ==== Version update (9.0.2103 -> 9.0.2136) Subpackages: vim-data vim-data-common xxd - Update to version 9.0.2136 * MSVC errorformat can be improved * No test for mode() when executing Ex commands * Revise Makefile * Update syntax file * ml_get error when scrolling * Cannot detect overstrike mode in Cmdline mode * Duplicate Netbeans Error Message * not all nushell files detected * Updated German translations * add additional nginx keywords * add Make_mvc.mak file for tutor * updated Russian translations for tutorials * updated Italian translation * some errors with translation Makefiles * [security]: use-after-free in call_dfunc() * Update doc Makefiles with comments from #13567 * add indentation plugin (fixes #13574) * runtime(swig): add syntax and filetype plugins * translation Makefiles can be improved * unused assignments when checking 'listchars' * File info disappears when 'cmdheight' has decreased * INT overflow detection logic can be simplified * Problem with initializing the length of range() lists * [security]: prevent overflow in indenting * [security]: use-after-free in ex_substitute * Fix handling of very long filename on longlist style * un-used assignment in do_source_buffer_init * remove dead-condition in ex_class * [security]: avoid double-free in get_style_font_variants * [security] use-after-free in qf_free_items * expand $COMSPEC without applying 'wildignore' * Improve keymap file highlighting * include new doc-Makefiles * Fix whitespace and formatting of some help files * minor typo fixes * No test for defining sign without attribute * crash when callback function aborts because of recursiveness * overflow detection not accurate when adding digits * Coverity warns for another overflow in shift_line() * Refactor doc-Makefiles * document proper notation of gVim, document vim-security list * Update Serbian messages translation * [security]: overflow in shift_line * [security]: overflow in get_number * [security]: overflow in ex address parsing * [security]: overflow in nv_z_get_count * [security]: overflow with count for :s command * [security]: FPE in adjust_plines_for_skipcol * [security]: Use-after-free in win_close() * comment out strange error condition check * skipcol not reset when topline changed * wast filetype should be replaced by wat filetype * fix typo in pi_gzip.txt ==== virt-v2v ==== Subpackages: virt-v2v-bash-completion - Remove obsolete requirement for ocaml-gettext-stub-devel - Require OCaml 4.07+ - Align ExclusiveArch with libguestfs ==== xdmbgrd ==== - USe %{optflags} to build package ==== xfce4-whiskermenu-plugin ==== Version update (2.8.1 -> 2.8.2) Subpackages: xfce4-whiskermenu-plugin-lang - Update to version 2.8.2 * Fix crash when searching. (Issue #120) * Translation updates ==== xxhash ==== - Make use of openSUSE build flags ==== zxing-cpp ==== - Add back %{optflags} in c++ flags This was unintentionally disabled when c++17 was forced [View Less]

2 1

New Arm Tumbleweed snapshot 20240930 released!
by Guillaume Gardet 01 Oct '24

01 Oct '24

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.… [View More]org/openSUSE:Submitting_bug_reports Packages changed: ModemManager (1.20.6 -> 1.22.0) amarok (3.1.0 -> 3.1.1) apache2-mod_php8 (8.3.11 -> 8.3.12) atftp audit (3.1.1 -> 4.0) audit-secondary (3.1.1 -> 4.0) cheese flashrom (1.3.0 -> 1.4.0) gtkmm4 (4.14.0 -> 4.16.0) gtksourceview5 (5.12.1 -> 5.14.0) libnetfilter_conntrack (1.0.9 -> 1.1.0) libopenmpt (0.7.9 -> 0.7.10) libreoffice (24.8.1.2 -> 24.8.2.1) libwnck mozilla-nss (3.103 -> 3.104) openSUSE-release (20240927 -> 20240930) pangomm (2.52.0 -> 2.54.0) perl-IO-Socket-SSL (2.88.0 -> 2.89.0) php8 (8.3.11 -> 8.3.12) pipewire (1.2.4 -> 1.2.5) python-cryptography (43.0.0 -> 43.0.1) python-greenlet (3.1.0 -> 3.1.1) ruby-common subversion tigervnc === Details === ==== ModemManager ==== Version update (1.20.6 -> 1.22.0) Subpackages: ModemManager-bash-completion libmm-glib0 - Update to version 1.22.0: + A new "MSG" (message) log verbosity level is introduced, which is also the new default one if none explicitly defined. This level takes the place of the old "INFO" level, as a level including the most important messages that should be logged without needing to be warnings or errors. The new "INFO" level is more verbose than "MSG" but less verbose than "DBG", and may be useful as default in systems where active debugging of WWAN related issues is required. E.g. all user operations triggered via DBus method calls are logged in "INFO" level. + Introduced the concept of "personal information" which should by default not be included in log messages. Enabling personal information in logs requires to run the daemon with the '--log-personal-info' option. This feature is mostly implemented for QMI and MBIM specific logs, but hasn't yet been included in generic daemon logs or when using the AT protocol. Changes and fixes related to this feature will be cherry-picked and included in the future stable branch updates. - Update URL and Source adresses. ==== amarok ==== Version update (3.1.0 -> 3.1.1) - Update to 3.1.1 * Most of the context view QML items ported from QtControls 1 to QtControls 2 * Default to no fadeout on pause and stop (kde#491603) * Actually show the file browser panel toolbar * Fix track editor autocompletions (kde#491520) * Ensure home icon is shown in browser breadcrumb widgets (kde#491354) ==== apache2-mod_php8 ==== Version update (8.3.11 -> 8.3.12) - Add /srv/www directories to filelist [bsc#1231027] - version update to 8.3.12 CGI: Fixed bug GHSA-p99j-rfp4-xqvq (Bypass of CVE-2024-4577, Parameter Injection Vulnerability). (CVE-2024-8926) Fixed bug GHSA-94p6-54jq-9mwp (cgi.force_redirect configuration is bypassable due to the environment variable collision). (CVE-2024-8927) Core: Fixed bug GH-15408 (MSan false-positve on zend_max_execution_timer). Fixed bug GH-15515 (Configure error grep illegal option q). Fixed bug GH-15514 (Configure error: genif.sh: syntax error). Fixed bug GH-15565 (--disable-ipv6 during compilation produces error EAI_SYSTEM not found). Fixed bug GH-15587 (CRC32 API build error on arm 32-bit). Fixed bug GH-15330 (Do not scan generator frames more than once). Fixed uninitialized lineno in constant AST of internal enums. Curl: Fixed bug GH-15547 (curl_multi_select overflow on timeout argument). DOM: Fixed bug GH-15551 (Segmentation fault (access null pointer) in ext/dom/xml_common.h). Fixed bug GH-15654 (Signed integer overflow in ext/dom/nodelist.c). Fileinfo: Fixed bug GH-15752 (Incorrect error message for finfo_file with an empty filename argument). FPM: Fixed bug GHSA-865w-9rf3-2wh5 (Logs from childrens may be altered). (CVE-2024-9026) MySQLnd: Fixed bug GH-15432 (Heap corruption when querying a vector). Opcache: Fixed bug GH-15661 (Access null pointer in Zend/Optimizer/zend_inference.c). Fixed bug GH-15658 (Segmentation fault in Zend/zend_vm_execute.h). SAPI: Fixed bug GHSA-9pqp-7h25-4f32 (Erroneous parsing of multipart form data). (CVE-2024-8925) Standard: Fixed bug GH-15552 (Signed integer overflow in ext/standard/scanf.c). Streams: Fixed bug GH-15628 (php_stream_memory_get_buffer() not zero-terminated). ==== atftp ==== - Delete /usr/sbin/rc* symlink & specfile housekeeping - Make atftpd.socket listen on AF_INET6 as well - Deactivate FORTIFY_SOURCE for the time being due to a glibc bug ==== audit ==== Version update (3.1.1 -> 4.0) Subpackages: libaudit1 libauparse0 - Update to 4.0 - Drop python2 support - Drop auvirt and autrace programs - Drop SysVinit support - Require the use of the 5.0 or later kernel headers - New README.md file - Rewrite legacy service functions in terms of systemctl - Consolidate and update end of event detection to a common function - Split off rule loading from auditd.service into audit-rules.service - Refactor libaudit.h to split out logging functions and record numbers - Speed up aureport --summary reports - Limit libaudit python bindings to logging functions - Add a metrics function for auparse - Change auditctl to use pidfd_send_signal for signaling auditd - Adjust watches to optimize syscalls hooked when watch file access - Drop nispom rules - Add intepretations for fsconfig, fsopen, fsmount, & move_mount - Many code fixups (cgzones) - Update syscall and interpretation tables to the 6.8 kernel (from v3.1.2) - When processing a run level change, make auditd exit - In auditd, fix return code when rules added in immutable mode - In auparse, when files are given, also consider EUID for access - Auparse now interprets unnamed/anonymous sockets (Enzo Matsumiya) - Disable Python bindings from setting rules due to swig bug (S. Trofimovich) - Update all lookup tables for the 6.5 kernel - Don't be as paranoid about auditctl -R file permissions - In ausearch, correct subject/object search to be an and if both are given - Adjust formats for 64 bit time_t - Fix segfault in python bindings around the feed API - Add feed_has_data, get_record_num, and get/goto_field_num to python bindings - Update spec: * Add fix-auparse-test.patch (downstream): Upstream tests uses a static value (42) for 'gdm' uid/gid (based on Fedora values, apparently). Replace these occurrences with 'unknown(123456)' * Replace '--with-python' with '--with-python3' on %configure * Add new headers 'audit_logging.h' and 'audit-records.h' for audit-devel ==== audit-secondary ==== Version update (3.1.1 -> 4.0) Subpackages: audit python3-audit system-group-audit - Update audit-secondary.spec: * Add "Requires: audit-rules" for audit package * Remove preun/postun handling of audit-rules.service - Update to 4.0 - Drop python2 support - Drop auvirt and autrace programs - Drop SysVinit support - Require the use of the 5.0 or later kernel headers - New README.md file - Rewrite legacy service functions in terms of systemctl - Consolidate and update end of event detection to a common function - Split off rule loading from auditd.service into audit-rules.service - Refactor libaudit.h to split out logging functions and record numbers - Speed up aureport --summary reports - Limit libaudit python bindings to logging functions - Add a metrics function for auparse - Change auditctl to use pidfd_send_signal for signaling auditd - Adjust watches to optimize syscalls hooked when watch file access - Drop nispom rules - Add intepretations for fsconfig, fsopen, fsmount, & move_mount - Many code fixups (cgzones) - Update syscall and interpretation tables to the 6.8 kernel (from v3.1.2) - When processing a run level change, make auditd exit - In auditd, fix return code when rules added in immutable mode - In auparse, when files are given, also consider EUID for access - Auparse now interprets unnamed/anonymous sockets (Enzo Matsumiya) - Disable Python bindings from setting rules due to swig bug (S. Trofimovich) - Update all lookup tables for the 6.5 kernel - Don't be as paranoid about auditctl -R file permissions - In ausearch, correct subject/object search to be an and if both are given - Adjust formats for 64 bit time_t - Fix segfault in python bindings around the feed API - Add feed_has_data, get_record_num, and get/goto_field_num to python bindings - Update spec: * Move rules-related files into new subpackage `audit-rules': * Files moved: - /sbin/auditctl, /sbin/augenrules, /etc/audit/{audit.rules,rules.d/audit.rules,audit-stop.rules} - manpages for auditctl, augenrules, and audit.rules - /etc/audit is now owned by `audit-rules' as well * Add new file /usr/lib/systemd/system/audit-rules.service * Remove in-house create-augenrules-service.patch that generated augenrules.service systemd unit service * Remove ownership of /usr/share/audit * Create /usr/share/audit-rules directory on %install * Remove audit-userspace-517-compat.patch (fixed upstream) * Remove libev-werror.patch (fixed upstream) * Remove audit-allow-manual-stop.patch (fixed upstream) * Add fix-auparse-test.patch (downstream): Upstream tests uses a static value (42) for 'gdm' uid/gid (based on Fedora values, apparently). Replace these occurrences with 'unknown(123456)' * Replace '--with-python' with '--with-python3' on %configure * Remove autrace and auvirt references (upstream) * Replace README with README.md - Drop `--enable-systemd' from %configure as SysV-style scripts aren't supported in upstream since 113ae191758c ("Drop support for SysVinit") ==== cheese ==== Subpackages: libcheese-common libcheese-gtk25 libcheese8 typelib-1_0-Cheese-3_0 - Add 73.patch: Fix JSON validation. Fixes startup with json-glib 1.10. ==== flashrom ==== Version update (1.3.0 -> 1.4.0) - Add doc and bash-completion subpackages - Update to 1.4.0: - Full changelog: https://www.flashrom.org/release_notes/v_1_4.html ==== gtkmm4 ==== Version update (4.14.0 -> 4.16.0) - Update to version 4.16.0: + Almost identical to 4.15.1. - Update to version 4.15.1: + Gdk: - DrawContext: Deprecate begin_frame(), end_frame(), is_in_frame(), get_frame_region(). - Surface: Deprecate set_opaque_region(). - Cursor: Rename create(const SlotGetTexture& slot, .....). Call it create_from_slot(). It was added in 4.15.0, but some create() calls in old code became ambiguous. + Gtk: - Window: Add set_interactive_debugging(). - TextBuffer: Add enum TextBuffer::NotifyFlags, add_commit_notify(), remove_commit_notify(). + Build: Require gtk4 >= 4.15.5. - Drop gtkmm4-docs-without-timestamp.patch: Fixed upstream. ==== gtksourceview5 ==== Version update (5.12.1 -> 5.14.0) - Update to version 5.14.0: + Fix an issue where the gutter would not redraw when focus changes. + Add support for Groff syntax. - Changes from version 5.13.1: + Documentation improvements + Improve performance of BuilderBlocks font loading. Some of this effort required changes to the TTF, so user testing with a wide variety of languages is desired. This should reduce startup time of GtkSourceView using applications. + gtk-doc.lang: highlight `backtick` spans + c.lang: highlight [[]] style attributes + java.lang: improve escaped character matching + Adwaita.xml, Adwaita-dark.xml: style updates to track platform changes for GNOME 47. - Changes from version 5.13.0: + Ensure gutter renderers are released during dispose + Make default auto-indenter keep indentation when cursor is at line start + python3.lang: Fix f-string in curly braces to have no-spellcheck applied + Updated translations. ==== libnetfilter_conntrack ==== Version update (1.0.9 -> 1.1.0) - Update to release 1.1.0 * Enhancements for filtering dump and flush commands, see struct nfct_filter_dump and nfct_nlmsg_build_filter(). * ctnetlink event BPF fixes (endianness issue, IPv6 matching) and enhancements (zone matching). ==== libopenmpt ==== Version update (0.7.9 -> 0.7.10) - Update to 0.7.10: * [Change] FST was added to the list of supported file extension. AMP uses this extension for multichannel MODs. * [Bug] The Android NDK build system did not enable C++20 when available. * Fixed inconsistency in length calculation and actual playback length with tempo commands below 32 BPM in various formats (MDL, MED among others). * MED: Command 09 (set speed) was limited to 20 ticks per row instead of 32 ticks per row. * MED: Allow tempo parameters < 32 BPM. * MED: Disallow free panning if hardware mixing is enabled. * For MOD-style vibrato, a speed parameter of 0 was not treated as effect memory. Vibrato speed is now correct for both vibrato commands. * MED: Fix pattern index exhaustion in modules with multiple subsongs. * OKT: Don't drop global commands when setting paired channel volume, and try to write channel volume on the next row in this situation. * PTM: Use square root pan law, like in XM files. * SFX: Ignore unused data at end of oneshot samples which sometimes caused clicky noises. * SFX: More accurate implementation of arpeggio effect. ==== libreoffice ==== Version update (24.8.1.2 -> 24.8.2.1) Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-en libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-qt6 libreoffice-writer libreofficekit - Update to 24.8.2.1 (24.8.2 final) * Release notes: https://wiki.documentfoundation.org/Releases/24.8.2/RC1 - Update bundled dependencies: * curl 8.9.1 -> 8.10.1 * tiff 4.6.0t -> 4.7.0 ==== libwnck ==== Subpackages: libwnck-3-0 typelib-1_0-Wnck-3_0 - BuildRequire gettext-devel instead of gettext: allow OBS to shortcut through gettext-runtime-mini. ==== mozilla-nss ==== Version update (3.103 -> 3.104) Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs mozilla-nss-sysinit mozilla-nss-tools - Fix build error under Leap by rebasing nss-fips-safe-memset.patch. - update to NSS 3.104 * bmo#1910071 - Copy original corpus to heap-allocated buffer * bmo#1910079 - Fix min ssl version for DTLS client fuzzer * bmo#1908990 - Remove OS2 support just like we did on NSPR * bmo#1910605 - clang-format NSS improvements * bmo#1902078 - Adding basicutil.h to use HexString2SECItem function * bmo#1908990 - removing dirent.c from build * bmo#1902078 - Allow handing in keymaterial to shlibsign to make the output reproducible * bmo#1908990 - remove nec4.3, sunos4, riscos and SNI references * bmo#1908990 - remove other old OS (BSDI, old HP UX, NCR, openunix, sco, unixware or reliantUnix * bmo#1908990 - remove mentions of WIN95 * bmo#1908990 - remove mentions of WIN16 * bmo#1913750 - More explicit directory naming * bmo#1913755 - Add more options to TLS server fuzz target * bmo#1913675 - Add more options to TLS client fuzz target * bmo#1835240 - Use OSS-Fuzz corpus in NSS CI * bmo#1908012 - set nssckbi version number to 2.70. * bmo#1914499 - Remove Email Trust bit from ACCVRAIZ1 root cert. * bmo#1908009 - Remove Email Trust bit from certSIGN ROOT CA. * bmo#1908006 - Add Cybertrust Japan Roots to NSS. * bmo#1908004 - Add Taiwan CA Roots to NSS. * bmo#1911354 - remove search by decoded serial in nssToken_FindCertificateByIssuerAndSerialNumber * bmo#1913132 - Fix tstclnt CI build failure * bmo#1913047 - vfyserv: ensure peer cert chain is in db for CERT_VerifyCertificateNow * bmo#1912427 - Enable all supported protocol versions for UDP * bmo#1910361 - Actually use random PSK hash type * bmo#1911576 - Initialize NSS DB once * bmo#1910361 - Additional ECH cipher suites and PSK hash types * bmo#1903604 - Automate corpus file generation for TLS client Fuzzer * bmo#1910364 - Fix crash with UNSAFE_FUZZER_MODE * bmo#1910605 - clang-format shlibsign.c - remove obsolete nss-reproducible-builds.patch ==== openSUSE-release ==== Version update (20240927 -> 20240930) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== pangomm ==== Version update (2.52.0 -> 2.54.0) - Update to version 2.54.0: + Color: Add parse_with_alpha(). + Context: Add set/get_round_glyph_positions(). + Item: Add default constructor, get_char_offset(). + Layout: Add set/get_justify_last_line(), get_direction(), get_caret_pos(). + LayoutIter: Add operator bool(), get_run_baseline(). + LayoutLine: Add is_paragraph_start(), get_resolved_direction(), get_height(). + TabArray: Add TabArray(const Glib::ustring& text) constructor, operator bool(), set_positions_in_pixels(), to_string(), set/get_decimal_point(), sort(). + Documentation: - Language::get_scripts(): Improve documentation. - Don't link to removed parts of library.gnome.org. + Build: - Require pango >= 1.54.0. - Meson build: Require meson >= 0.62.0. - Use Meson's pkgconfig module instead of using the *.pc.in templates. - Drop pangomm-docs-without-timestamp.patch, fixed upstream. ==== perl-IO-Socket-SSL ==== Version update (2.88.0 -> 2.89.0) - updated to 2.89.0 (2.089) see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes 2.089 2024/08/29 - new option SSL_force_fingerprint to enforce fingerprint matching even if certificate validation would be successful without - document _get_ssl_object and _get_ctx_object for cases, where direct use of Net::SSLeay functions is needed ==== php8 ==== Version update (8.3.11 -> 8.3.12) Subpackages: php8-ctype php8-dom php8-iconv php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter - Add /srv/www directories to filelist [bsc#1231027] - version update to 8.3.12 CGI: Fixed bug GHSA-p99j-rfp4-xqvq (Bypass of CVE-2024-4577, Parameter Injection Vulnerability). (CVE-2024-8926) Fixed bug GHSA-94p6-54jq-9mwp (cgi.force_redirect configuration is bypassable due to the environment variable collision). (CVE-2024-8927) Core: Fixed bug GH-15408 (MSan false-positve on zend_max_execution_timer). Fixed bug GH-15515 (Configure error grep illegal option q). Fixed bug GH-15514 (Configure error: genif.sh: syntax error). Fixed bug GH-15565 (--disable-ipv6 during compilation produces error EAI_SYSTEM not found). Fixed bug GH-15587 (CRC32 API build error on arm 32-bit). Fixed bug GH-15330 (Do not scan generator frames more than once). Fixed uninitialized lineno in constant AST of internal enums. Curl: Fixed bug GH-15547 (curl_multi_select overflow on timeout argument). DOM: Fixed bug GH-15551 (Segmentation fault (access null pointer) in ext/dom/xml_common.h). Fixed bug GH-15654 (Signed integer overflow in ext/dom/nodelist.c). Fileinfo: Fixed bug GH-15752 (Incorrect error message for finfo_file with an empty filename argument). FPM: Fixed bug GHSA-865w-9rf3-2wh5 (Logs from childrens may be altered). (CVE-2024-9026) MySQLnd: Fixed bug GH-15432 (Heap corruption when querying a vector). Opcache: Fixed bug GH-15661 (Access null pointer in Zend/Optimizer/zend_inference.c). Fixed bug GH-15658 (Segmentation fault in Zend/zend_vm_execute.h). SAPI: Fixed bug GHSA-9pqp-7h25-4f32 (Erroneous parsing of multipart form data). (CVE-2024-8925) Standard: Fixed bug GH-15552 (Signed integer overflow in ext/standard/scanf.c). Streams: Fixed bug GH-15628 (php_stream_memory_get_buffer() not zero-terminated). ==== pipewire ==== Version update (1.2.4 -> 1.2.5) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Update to version 1.2.5: + Highlights - Fix an fd mismatch in the protocol in some cases that could lead to fd leaks and crashes. - Fix a bug where the mixer was not updated after setting the port, which would cause muted audio at boot or resume from suspend. - Fix a potential use-after-free in module-rt when stopping a thread. - Cached objects are now freed in the JACK API to avoid memory leaks. - Some more fixes and improvements. + PipeWire - RequestProcess commands are now only sent after the node completes the state change to RUNNING. - More FreeBSD fixes. - Handle ACTIVE links going to < PAUSED as well. This improves renegotiation in some cases. - Fix an fd mismatch in the protocol in some cases that could lead to fd leaks and crashes. + Modules - Many of the network modules can now also accept hostnames instead of IP addresses. - Fix a potential use-after-free in module-rt when stopping the thread. + SPA - Support for elogind was added. - Some more errors are checked when converting JSON to POD. - Fix a bug where the mixer was not updated after setting the port, which would cause muted audio at boot or resume from suspend. + JACK - The BBT transport handling was improved. Some fields were added to be able to handle the JACK semantics correctly. - Buffers are now aligned according to the maximum CPU alignment instead of the hardcoded 16 bytes alignment. - Cached objects are now freed correctly. + Doc - Some small doc updates. - Don't try to enable apparmor support if without_apparmor is defined (as in SLFO). ==== python-cryptography ==== Version update (43.0.0 -> 43.0.1) - update to 43.0.1: * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.3.2. ==== python-greenlet ==== Version update (3.1.0 -> 3.1.1) - Fix build error under Leap. - Update to 3.1.1 * Fix crashes on 32-bit PPC Linux. Note that there is no CI for this, and support is best effort; there may be other issues lurking. * Remove unnecessary logging sometimes during interpreter shutdown. * Fix some crashes on 32-bit PPC MacOS. This is a very old platform, and is only known to be tested on beta versions of an operating system that was never released, using the GCC 14 only provided by MacPorts; it may or may not work on the final MacOS X release that supported 32-bit PowerPC. It has the known issue of leaking memory when greenlets are used in multiple threads. Help debugging this would be appreciated. ==== ruby-common ==== - update gem_packages.spec.erb: dont strip the newline at the end of main:filelist output ==== subversion ==== Subpackages: libsvn_auth_gnome_keyring-1-0 libsvn_auth_kwallet-1-0 subversion-bash-completion subversion-perl - Use strip-nondeterminism to normalize jar mtimes ==== tigervnc ==== Subpackages: libXvnc1 xorg-x11-Xvnc xorg-x11-Xvnc-module - Added patch: * n_tigervnc-reproducible-jar-mtime.patch + Use SOURCE_DATE_EPOCH for reproducible jar mtime + Applied if building with Java >= 17 [View Less]

1 0

Main

Development

Information

Community

Social Media

Other

openSUSE ARM