openSUSE ARM
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
December 2024
- 1 participants
- 6 discussions
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
Mesa
Mesa-drivers
grub2
libeconf (0.7.4 -> 0.7.5)
libgcrypt
libzypp (17.35.14 -> 17.35.15)
openSUSE-release (20241209 -> 20241210)
python-pycurl
sqlite3 (3.47.1 -> 3.47.2)
xkeyboard-config
=== Details ===
==== Mesa ====
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- aarch64: disable build of etnaviv driver on sle15-sp7 due to
python3-pycparser >= 2.20 not available
- don't apply patches of previous changelog for s390x; Mesa 24.1.7
doesn't suffer from this issue, only Mesa 24.3.1 ...
- 0001-dri-don-t-fetch-X11-modifiers-if-we-don-t-support-th.patch
0002-egl-wayland-only-supply-LINEAR-modifier-when-support.patch
0003-egl-wayland-fallback-to-implicit-modifiers-if-advert.patch
* fixes mesa 24.3.1 gallium crash/segfault on GPUs without
format modifiers (mesa issue#12253, mesa MR#32535, boo#1234302)
==== Mesa-drivers ====
Subpackages: Mesa-dri Mesa-gallium Mesa-libva
- aarch64: disable build of etnaviv driver on sle15-sp7 due to
python3-pycparser >= 2.20 not available
- don't apply patches of previous changelog for s390x; Mesa 24.1.7
doesn't suffer from this issue, only Mesa 24.3.1 ...
- 0001-dri-don-t-fetch-X11-modifiers-if-we-don-t-support-th.patch
0002-egl-wayland-only-supply-LINEAR-modifier-when-support.patch
0003-egl-wayland-fallback-to-implicit-modifiers-if-advert.patch
* fixes mesa 24.3.1 gallium crash/segfault on GPUs without
format modifiers (mesa issue#12253, mesa MR#32535, boo#1234302)
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-common grub2-snapper-plugin grub2-systemd-sleep-plugin
- Update PowerPC SBAT patches to upstream (bsc#1233730)
* 0007-grub-mkimage-Create-new-ELF-note-for-SBAT.patch
* 0008-grub-mkimage-Add-SBAT-metadata-into-ELF-note-for-Pow.patch
- Replaced patches
* 0007-mkimage-create-new-ELF-Note-for-SBAT.patch
* 0008-mkimage-adding-sbat-data-into-sbat-ELF-Note-on-power.patch
- Fix missing requires in SLE package (bsc#1234264) (bsc#1234272)
==== libeconf ====
Version update (0.7.4 -> 0.7.5)
- Update to version 0.7.5:
* Removed PATH_MAX (Issue #220)
* Add ROOT_PREFIX as option to replace TESTSDIR hack
* CI: valgrind doesn't work together with sanitizers
* econf_readConfig: don't allocate econf_file in error case
* tests: use cleanup to free key_file for some tests
* libeconf: don't allocate array from size 0
* libeconf: fix use of uninitialized stat result if file does not exist
* econftool: dynamically allocate xdg_config_dir
* Disable clang <= 17, enable valgrind
* Disable whitespace check
* Disable deprecation warning for econftool and example
* Add new CI with different compilers and valgrind
* Test econf_readConfig()
* Disable deprecation warning for tests
* Implement econf_*freep functions for automatic cleanup
* Cleanup *free functions
==== libgcrypt ====
- Remove unrecognized option: --enable-m-guard
==== libzypp ====
Version update (17.35.14 -> 17.35.15)
- Url query part: `=` is a safe char in value (bsc#1234304)
- RpmDb: Recognize rpmdb.sqlite as database file (#593)
- Fix typo (fixes #592)
- cmake: check location of fcgi header and adjust include
accordingly. On Debian and derivatives the fcgi headers
are not stored in a fastcgi/ subdirectory.(#590)
- version 17.35.15 (35)
==== openSUSE-release ====
Version update (20241209 -> 20241210)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== python-pycurl ====
- Switch to %pyproject_*.
==== sqlite3 ====
Version update (3.47.1 -> 3.47.2)
Subpackages: libsqlite3-0 sqlite3-tcl
- Update to release 3.47.2:
* Fix a problem in text-to-floating-point conversion that affects
text values where the first 16 significant digits are
'1844674407370955'. This issue was introduced in 3.47.0 and
only arises on x64 and i386 hardware.
* Other minor bug fixes.
- Enable the session extension, because NodeJS 22 needs it.
==== xkeyboard-config ====
- python-3.11.patch/buildrequire python311-base
* fixes build on Leap 15.6 and sle15-sp7
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
openSUSE-release (20241208 -> 20241209)
swtpm
vim (9.1.0836 -> 9.1.0908)
xorg-x11-server
=== Details ===
==== openSUSE-release ====
Version update (20241208 -> 20241209)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== swtpm ====
Subpackages: swtpm-selinux
- Fix build without %check (boo#1227364)
==== vim ====
Version update (9.1.0836 -> 9.1.0908)
Subpackages: vim-data vim-data-common xxd
- update to 9.1.0908
- refresh vim-7.3-mktemp_tutor.patch
* 9.1.0908: not possible to configure :messages
* 9.1.0907: printoptions:portrait does not change postscript Orientation
* runtime(doc): Add vietnamese.txt to helps main TOC
* 9.1.0906: filetype: Nvidia PTX files are not recognized
* runtime(doc): updated version9.txt with changes from v9.1.0905
* 9.1.0905: Missing information in CompleteDone event
* 9.1.0904: Vim9: copy-paste error in class_defining_member()
* 9.1.0903: potential overflow in spell_soundfold_wsal()
* runtime(netrw): do not detach when launching external programs in gvim
* runtime(doc): make tag alignment more consistent in filetype.txt
* runtime(doc): fix wrong syntax and style of vietnamese.txt
* translation(it): update Italian manpage for vimtutor
* runtime(lua): add optional lua function folding
* Filelist: include translations for Chapter 2 tutor
* translation(vi): Update Vietnamese translation
* runtime(doc): include vietnamese.txt
* runtime(tutor): fix another typo in tutor2
* runtime(doc): fix typo in vimtutor manpage
* translation(it): update Italian manpage for vimtutor
* translation(it): include Italian version of tutor chapter 2
* runtime(tutor): regenerated some translated tutor1 files
* runtime(tutor): fix typo in Chapter 2
* 9.1.0902: filetype: Conda configuration files are not recognized
* runtime(doc): Tweak documentation style a bit
* runtime(tutor): update the tutor files and re-number the chapters
* runtime(tutor): Update the makefiles for tutor1 and tutor2 files
* 9.1.0901: MS-Windows: vimtutor batch script can be improved
* runtime(doc): remove buffer-local completeopt todo item
* 9.1.0900: Vim9: digraph_getlist() does not accept bool arg
* runtime(typst): provide a formatlistpat in ftplugin
* runtime(doc): Update documentation for "noselect" in 'completeopt'
* 9.1.0899: default for 'backspace' can be set in C code
* runtime(helptoc): reload cached g:helptoc.shell_prompt when starting toc
* translation(ru): Updated messages translation
* 9.1.0898: runtime(compiler): pytest compiler not included
* 9.1.0897: filetype: pyrex files are not detected
* runtime(compiler): update eslint compiler
* 9.1.0896: completion list wrong after v9.1.0891
* runtime(doc): document changed default value for 'history'
* 9.1.0895: default history value is too small
* 9.1.0894: No test for what the spotbug compiler parses
* 9.1.0893: No test that undofile format does not regress
* translation(de): update German manpages
* runtime(compiler): include spotbugs Java linter
* 9.1.0892: the max value of 'tabheight' is limited by other tabpages
* runtime(po): remove poDiffOld/New, add po-format flags to syntax file
* 9.1.0891: building the completion list array is inefficient
* patch 9.1.0890: %! item not allowed for 'rulerformat'
* runtime(gzip): load undofile if there exists one
* 9.1.0889: Possible unnecessary redraw after adding/deleting lines
* 9.1.0888: leftcol property not available in getwininfo()
* 9.1.0887: Wrong expression in sign.c
* 9.1.0886: filetype: debian control file not detected
* runtime(c3): include c3 filetype plugin
* 9.1.0885: style of sign.c can be improved
* 9.1.0884: gcc warns about uninitialized variable
* runtime(apache): Update syntax directives for apache server 2.4.62
* translation(ru): updated vimtutor translation, update MAINTAINERS file
* 9.1.0883: message history cleanup is missing some tests
* runtime(doc): Expand docs on :! vs. :term
* runtime(netrw): Fixing powershell execution issues on Windows
* 9.1.0882: too many strlen() calls in insexpand.c
* 9.1.0881: GUI: message dialog may not get focus
* runtime(netrw): update netrw's decompress logic
* runtime(apache): Update syntax keyword definition
* runtime(misc): add Italian LICENSE and (top-level) README file
* 9.1.0880: filetype: C3 files are not recognized
* runtime(doc): add helptag for :HelpToc command
* 9.1.0879: source is not consistently formatted
* Add clang-format config file
* runtime(compiler): fix escaping of arguments passed to :CompilerSet
* 9.1.0878: termdebug: cannot enable DEBUG mode
* 9.1.0877: tests: missing test for termdebug + decimal signs
* 9.1.0876: filetype: openCL files are not recognized
* 9.1.0875: filetype: hyprlang detection can be improved
* 9.1.0874: filetype: karel files are not detected
* 9.1.0873: filetype: Vivado files are not recognized
* 9.1.0872: No test for W23 message
* 9.1.0871: getcellpixels() can be further improved
* 9.1.0870: too many strlen() calls in eval.c
* 9.1.0869: Problem: curswant not set on gm in folded line
* 9.1.0868: the warning about missing clipboard can be improved
* runtime(doc): Makefile does not clean up all temporary files
* 9.1.0867: ins_compl_add() has too many args
* editorconfig: don't trim trailing whitespaces in runtime/doc
* translation(am): Remove duplicate keys in desktop files
* runtime(doc): update helptags
* runtime(filetype): remove duplicated *.org file pattern
* runtime(cfg): only consider leading // as starting a comment
* 9.1.0866: filetype: LLVM IR files are not recognized
* 9.1.0865: filetype: org files are not recognized
* 9.1.0864: message history is fixed to 200
* 9.1.0863: getcellpixels() can be further improved
* runtime(sh): better function support for bash/zsh in indent script
* runtime(netrw): small fixes to netrw#BrowseX
* 9.1.0862: 'wildmenu' not enabled by default in nocp mode
* runtime(doc): update how to report issues for mac Vim
... changelog too long, skipping 57 lines ...
* runtime(vimtutor): Add a second chapter
==== xorg-x11-server ====
Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra
- re-added and re-enabled u_xfree86-activate-GPU-screens-on-autobind.patch
in order to fix the regression of a black screen in login screen
(SDDM) on some hybrid graphics Laptop (Intel Meteor Lake-P/
NVIDIA GeForce RTX 4060) (boo#1234301)
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
libcap (2.70 -> 2.73)
logrotate (3.21.0 -> 3.22.0)
mozjs128 (128.4.0 -> 128.5.1)
polkit-default-privs (1550+20241111.762abac -> 1550+20241129.21d7d0b)
python311
python311-core
selinux-policy (20241105 -> 20241118)
systemd (256.7 -> 256.9)
=== Details ===
==== libcap ====
Version update (2.70 -> 2.73)
- update to 2.73:
* https://sites.google.com/site/fullycapable/release-notes-for-libcap?authuse…
==== logrotate ====
Version update (3.21.0 -> 3.22.0)
- Skip test-0110.sh which fails after update in the build chroot
but not with identical settings on TW.
* Add logrotate-3.22-skip-failing-test.patch
- update to 3.22.0:
* fix calculations for time differences
* fix extension for zip compression
* fix omitted copy for logs with `mail` and `rotate 0`
* fix wrongly skipping copy with `copytruncate` and `compress`
* fix ambiguities between `mode`, `UID` and `GID` parsing when
not specifying all options
* fix hang when encountering a named pipe
* on prerotate failure logs are preserved instead of rotated
* in case a configuration file was skipped due to unsafe
permissions the
* exit status after rotattion will be `1`
* the state is no longer written to non-regular files
* the systemd timer now correctly utilizes load distribution
* add dateformat specifier `%z` for timezone offsets
* change default mode for created `olddir` directories to
`0755`
* support quoted user and group names in `su`, `create`, and
`createolddir`
- update logroate.keyring: new maintainer
==== mozjs128 ====
Version update (128.4.0 -> 128.5.1)
- Update to version 128.5.1:
+ Fixed an issue that prevented some websites from loading when
using SSL Inspection. (bmo#1933747)
- Changes from version 128.5.0:
+ Various security fixes and other quality improvements.
+ CVE-2024-11691: Out-of-bounds write in Apple GPU drivers via
WebGL.
+ CVE-2024-11692: Select list elements could be shown over
another site.
+ CVE-2024-11694: CSP Bypass and XSS Exposure via Web
Compatibility Shims.
+ CVE-2024-11695: URL Bar Spoofing via Manipulated Punycode and
Whitespace Characters.
+ CVE-2024-11696: Unhandled Exception in Add-on Signature
Verification.
+ CVE-2024-11697: Improper Keypress Handling in Executable File
Confirmation Dialog.
==== polkit-default-privs ====
Version update (1550+20241111.762abac -> 1550+20241129.21d7d0b)
- Update to version 1550+20241129.21d7d0b:
* profiles: adjust tuned settings to new upstream default (bsc#1232412)
* profiles: add tuned methods for instance handling / PPD (bsc#1232412)
- Add format_spec_file service in manual mode
- Update to version 1550+20241127.a20426b:
* profiles: whitelist systemd v257 actions (bsc#1233295)
- _service: switch from "disabled" mode to "manual" mode, which is a more
fitting setting which is available now.
==== python311 ====
Subpackages: python311-curses python311-dbm
- Add add-loongarch64-support.patch to support loongarch64
- Fix changelog
==== python311-core ====
Subpackages: libpython3_11-1_0 python311-base
- Add add-loongarch64-support.patch to support loongarch64
- Fix changelog
==== selinux-policy ====
Version update (20241105 -> 20241118)
Subpackages: selinux-policy-targeted
- Fix minimum policy by readding snapper module (bsc#1234037)
- Update to version 20241118:
* Add workaround for /run/rpmdb lockfile (bsc#1231127)
* Add dedicated health-checker module (bsc#1231127)
- Packaging rework: moving all config files to git repository
https://gitlab.suse.de/selinux/selinux-policy
- Moved booleans to dist/*/booleans.conf and dropped from package:
* booleans-minimum.conf
- user facing change: boolean settings are now the same as in upstream
* booleans-mls.conf
- user facing change: boolean settings are now the same as in upstream
* booleans-targeted.conf
- user facing change: kerberos_enabled boolean was not enabled due to a bug, now it is enabled
- Moved booleans.subs_dist to dist/booleans.subs_dist and dropped from package
- Moved customizable_types to dist/customizable_types and dropped from package
- user facing change: using upstream version
- Moved file_contexts.subs_dist to config/file_contexts.subs_dist and dropped from package
- user facing change: changed systemd entries in file_contexts.subs_dist:
/run/systemd/system -> dropped from file
/run/systemd/generator.early /run/systemd/generator
/run/systemd/generator.late /run/systemd/generator
- Moved modules config to dist/<policytype>/modules.conf and dropped from package:
- user facing change: minimum policy: modules base and contrib are merged into modules.lst
and modules-enabled.lst was added which contains the enabled modules, replacing modules-minimum-disable.lst
* modules-minimum-base.conf
* modules-minimum-contrib.conf
* modules-minimum-disable.lst
* Added: modules-minimum.lst
- user facing change: mls policy: modules base + contrib are merged into modules.lst
* modules-mls-base.conf
* modules-mls-contrib.conf
- user facing change: targeted policy: modules base + contrib are merged into modules.lst:
* modules-targeted-base.conf
* modules-targeted-contrib.conf
- Moved securetty config to config/appconfig-<policytype>/securetty_types and dropped from package
- user facing change: using upstream version for all policy types
* securetty_types-minimum
* securetty_types-mls
* securetty_types-targeted
- Moved setrans config to dist/<policytype>/setrans.conf and dropped from package
* setrans-minimum.conf
* setrans-mls.conf
* setrans-targeted.conf
- Moved users config to dist/<policytype>/users and dropped from package
* users-minimum
- user facing change: added guest_u and xguest_u
* users-mls
* users-targeted
- Fix debug-build.sh to follow symlinks when creating
the tarball
- Update embedded container-selinux version to commit:
* 3f06c141bebc00a07eec4c0ded038aac4f2ae3f0
- Update to version 20241107:
* Re-add kanidm module to dist/targeted/modules.conf
* Add SUSE-specific file contexts to file_contexts.subs_dist
* Disallow execstack in dist/minimum/booleans.conf
* Add SUSE-specific booleans to dist/targeted/booleans.conf
* Add SUSE specific modules to targeted modules.conf
* Label /var/cache/systemd/home with systemd_homed_cache_t
* Allow login_userdomain connect to systemd-homed over a unix socket
* Allow boothd connect to systemd-homed over a unix socket
* Allow systemd-homed get attributes of a tmpfs filesystem
* Allow abrt-dump-journal-core connect to systemd-homed over a unix socket
* Allow aide connect to systemd-homed over a unix socket
* Label /dev/hfi1_[0-9]+ devices
* Remove the openct module sources
* Remove the timidity module sources
* Enable the slrn module
* Remove i18n_input module sources
* Enable the distcc module
* Remove the ddcprobe module sources
* Remove the timedatex module sources
* Remove the djbdns module sources
* Confine iio-sensor-proxy
* Allow staff user nlmsg_write
* Update policy for xdm with confined users
* Allow virtnodedev watch mdevctl config dirs
* Allow ssh watch home config dirs
* Allow ssh map home configs files
* Allow ssh read network sysctls
* Allow chronyc sendto to chronyd-restricted
* Allow cups sys_ptrace capability in the user namespace
* Add policy for systemd-homed
* Remove fc entry for /usr/bin/pump
* Label /usr/bin/noping and /usr/bin/oping with ping_exec_t
* Allow accountsd read gnome-initial-setup tmp files
* Allow xdm write to gnome-initial-setup fifo files
* Allow rngd read and write generic usb devices
* Allow qatlib search the content of the kernel debugging filesystem
* Allow qatlib connect to systemd-machined over a unix socket
* mls/modules.conf - fix typo
* Use dist/targeted/modules.conf in build workflow
* Fix default and dist config files
* Allow unprivileged user watch /run/systemd
* CI: update to actions/checkout@v4
* Allow boothd connect to kernel over a unix socket
* Clean up and sync securetty_types
* Bring config files from dist-git into the source repo
* Confine gnome-remote-desktop
* Allow virtstoraged execute mount programs in the mount domain
* Make mdevctl_conf_t member of the file_type attribute
==== systemd ====
Version update (256.7 -> 256.9)
Subpackages: libsystemd0 libudev1 systemd-boot systemd-container systemd-experimental udev
- Add 5005-Revert-boot-Make-initrd_prepare-semantically-equival.patch
Revert commit d64193a2a652b15db9cb9ed10c6b77a17ca46cd2 until the regression it
caused, reported at https://github.com/systemd/systemd/issues/35439, is fixed
(see also bsc#1233752 for its downstream counterpart).
- Disable EFI support on architectures that are not EFI-compliant
- Import commit 290170c8550bf2de4b5085ecdf7f056769944444 (merge of v256.9)
This merge includes the following fix:
cf7b3cc182 pid1: make clear that $WATCHDOG_USEC is set for the shutdown binary, noone else (bsc#1232227)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/c7671762b39ead7f8f9e70064256f5e…
- Import commit aee28e4c20a053ea27f8be69f2ea981e43bcb0b6
aee28e4c20 udev-builtin-path_id: SAS wide ports must have num_phys > 1 (bsc#1231610)
280989cfa4 core: when switching root remove /run/systemd before executing the binary specified by init= (bsc#1227580)
- Drop 5003-core-when-switching-root-remove-run-systemd-before-e.patch, this
patch has been integrated in branch 'SUSE/v256', see above.
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
7zip (24.08 -> 24.09)
desktop-file-utils (0.27 -> 0.28)
elfutils (0.191 -> 0.192)
elfutils-debuginfod (0.191 -> 0.192)
ell (0.69 -> 0.71)
flatpak (1.15.10 -> 1.15.12)
iptables
kernel-firmware (20241125 -> 20241128)
kirigami-addons6 (1.5.0 -> 1.6.0)
libdb-4_8
libosinfo (1.11.0 -> 1.12.0)
libostree (2024.8 -> 2024.9)
libraw
openSUSE-release (20241202 -> 20241203)
update-bootloader (1.19 -> 1.21)
=== Details ===
==== 7zip ====
Version update (24.08 -> 24.09)
- Update to 24.09:
* The default dictionary size values for LZMA/LZMA2 compression methods
were increased
* 7-Zip now can calculate the following hash checksums: SHA-512, SHA-384, SHA3-256 and MD5.
* APM and HFS support was improved.
* If an archive update operation uses a temporary archive folder and
the archive is moved to the destination folder, 7-Zip shows the progress of moving
the archive file, as this operation can take a long time if the archive is large.
* The bug was fixed: 7-Zip File Manager didn't propagate Zone.Identifier stream
for extracted files from nested archives (if there is open archive inside another open
archive).
* Some bugs were fixed.
==== desktop-file-utils ====
Version update (0.27 -> 0.28)
- Update to version 0.28:
* common
+ Increase GLib requirement to 2.26 (Corentin Noël).
+ Fix install failing on second run (Raziel Anarki).
+ Fix use of deprecated Meson feature resulting in a warning (Raziel
Anarki).
* desktop-file-validate
+ Allow groups with the same name as interfaces in Implements (Corentin
Noël).
+ Add support for the COSMIC environment (Ryan Brue).
==== elfutils ====
Version update (0.191 -> 0.192)
Subpackages: libasm1 libdw1 libelf1
- Remove files packaged by elfutils-debuginfod
- update to 0.192
CONDUCT: A new code of conduct has been adopted. See the
CONDUCT file for more information.
debuginfod: Add per-file signature verification for integrity
checking, using RPM IMA scheme from Fedora/RHEL.
New API for metadata queries: file name -> buildid.
Server-side extraction of files from kernel debuginfo
packages is significantly faster. Now takes < 0.25 seconds,
down from ~50 seconds.
libdw: New functions dwfl_set_sysroot, dwfl_frame_unwound_source
and dwfl_unwound_source_str.
stacktrace: Experimental new tool that can process a stream of stack
samples from the Sysprof profiler and unwind them into call
chains. Enable on x86 with --enable-stacktrace. See
README.eu-stacktrace in the development branch for detailed
usage instructions:
https://sourceware.org/cgit/elfutils/tree/README.eu-stacktrace?h=users/serh…
==== elfutils-debuginfod ====
Version update (0.191 -> 0.192)
Subpackages: debuginfod-client debuginfod-profile libdebuginfod1
- Add pkgconfig(json-c) to reenable debuginfod support
- Add fish to enable profile support for fish
- Remove files packaged by libelf-devel
- update to 0.192
CONDUCT: A new code of conduct has been adopted. See the
CONDUCT file for more information.
debuginfod: Add per-file signature verification for integrity
checking, using RPM IMA scheme from Fedora/RHEL.
New API for metadata queries: file name -> buildid.
Server-side extraction of files from kernel debuginfo
packages is significantly faster. Now takes < 0.25 seconds,
down from ~50 seconds.
libdw: New functions dwfl_set_sysroot, dwfl_frame_unwound_source
and dwfl_unwound_source_str.
stacktrace: Experimental new tool that can process a stream of stack
samples from the Sysprof profiler and unwind them into call
chains. Enable on x86 with --enable-stacktrace. See
README.eu-stacktrace in the development branch for detailed
usage instructions:
https://sourceware.org/cgit/elfutils/tree/README.eu-stacktrace?h=users/serh…
==== ell ====
Version update (0.69 -> 0.71)
- Update to release 0.71
* Build fixes for GCC's new default -std=c23 mode.
==== flatpak ====
Version update (1.15.10 -> 1.15.12)
Subpackages: flatpak-remote-flathub flatpak-selinux flatpak-zsh-completion libflatpak0 system-user-flatpak
- Update to version 1.15.12:
+ Return to using the process ID of the Flatpak app in the cgroup
name. Using the instance ID in 1.15.11 caused crashes when
installing apps, extensions or runtimes that use the "extra
data" mechanism, which does not set up an instance ID.
- Changes from version 1.15.11:
+ Dependencies:
- In distributions that compile Flatpak to use a separate
xdg-dbus-proxy executable, version 0.1.6 is recommended (but
not required).
- The minimum xdg-dbus-proxy continues to be 0.1.0.
+ Enhancements:
- Allow applications like WebKit to connect the AT-SPI
accessibility tree of processes in a sub-sandbox with the
tree in the main process.
. New sandboxing parameter flatpak run --a11y-own-name, which
is like --own-name but for the accessibility bus.
. flatpak-portal API v7: add new sandbox-a11y-own-names
option, which accepts names matching ${FLATPAK_ID}.*
. Apps may call the org.a11y.atspi.Socket.Embedded method on
names matching ${FLATPAK_ID}.Sandboxed.* by default
. flatpak run -vv $app_id shows all applicable sandboxing
parameters and their source, including overrides, as debug
messages
- Introduce USB device listing
. Apps can list which USB devices they want to access ahead
of time by using the --usb parameter. Check the manpages
for the more information about the accepted syntax.
. Denying access to USB devices is also possible with the
- -no-usb parameter. The syntax is equal to --usb.
. Both options merely store metadata, and aren't used by
Flatpak itself. This metadata is intended to be used by the
(as of now, still in progress) USB portal to decide which
devices the app can enumerate and request access.
- Add support for KDE search completion
- Use the instance id of the Flatpak app as part of the cgroup
name. This better matches the naming conventions for cgroup.
+ Bug fixes:
- Update libglnx to 2024-08-23
- fix build in environments that use -Werror=return-type, such
as openSUSE Tumbleweed
- add a fallback definition for G_PID_FORMAT with older GLib
- avoid warnings for g_steal_fd() with newer GLib
- improve compatibility of g_closefrom() backport with newer
GLib
- Update meson wrap file for xdg-dbus-proxy to version 0.1.6:
- compatibility with D-Bus implementations that pipeline the
authentication handshake, such as sd-bus and zbus
- compatibility with D-Bus implementations that use
non-consecutive serial numbers, such as godbus and zbus
- broadcast signals can be allowed without having to add TALK
permission
- fix memory leaks
+ Internal changes:
- Better const-correctness
- Fix a shellcheck warning in the tests
- Drop libglnx.patch: Fixed upstream.
==== iptables ====
Subpackages: libip4tc2 libip6tc2 libxtables12 xtables-plugins
- Add iptables-nft-fix-interface-comparisons.patch
* fix '-C' commands for nft backend (bsc#1233690)
==== kernel-firmware ====
Version update (20241125 -> 20241128)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Update to version 20241128 (git commit ea71da6f0690):
* i915: Update Xe2LPD DMC to v2.24
* cirrus: cs35l56: Add firmware for Cirrus CS35L56 for various Dell laptops
* iwlwifi: add Bz-gf FW for core89-91 release
* amdgpu: update smu 13.0.10 firmware
* amdgpu: update sdma 6.0.3 firmware
* amdgpu: update psp 13.0.10 firmware
* amdgpu: update gc 11.0.3 firmware
* amdgpu: add smu 13.0.14 firmware
* amdgpu: add sdma 4.4.5 firmware
* amdgpu: add psp 13.0.14 firmware
* amdgpu: add gc 9.4.4 firmware
* amdgpu: update vcn 3.1.2 firmware
* amdgpu: update psp 13.0.5 firmware
* amdgpu: update psp 13.0.8 firmware
* amdgpu: update vega20 firmware
* amdgpu: update vega12 firmware
* amdgpu: update psp 14.0.4 firmware
* amdgpu: update gc 11.5.2 firmware
* amdgpu: update vega10 firmware
* amdgpu: update vcn 4.0.0 firmware
* amdgpu: update smu 13.0.0 firmware
* amdgpu: update psp 13.0.0 firmware
* amdgpu: update gc 11.0.0 firmware
* amdgpu: update beige goby firmware
* amdgpu: update vangogh firmware
* amdgpu: update dimgrey cavefish firmware
* amdgpu: update navy flounder firmware
* amdgpu: update psp 13.0.11 firmware
* amdgpu: update gc 11.0.4 firmware
* amdgpu: update vcn 4.0.2 firmware
* amdgpu: update psp 13.0.4 firmware
* amdgpu: update gc 11.0.1 firmware
* amdgpu: update sienna cichlid firmware
* amdgpu: update vpe 6.1.1 firmware
* amdgpu: update vcn 4.0.6 firmware
* amdgpu: update psp 14.0.1 firmware
* amdgpu: update gc 11.5.1 firmware
* amdgpu: update vcn 4.0.5 firmware
* amdgpu: update psp 14.0.0 firmware
* amdgpu: update gc 11.5.0 firmware
* amdgpu: update navi14 firmware
* amdgpu: update arcturus firmware
* amdgpu: update renoir firmware
* amdgpu: update navi12 firmware
* amdgpu: update sdma 4.4.2 firmware
* amdgpu: update psp 13.0.6 firmware
* amdgpu: update gc 9.4.3 firmware
* amdgpu: update vcn 4.0.4 firmware
* amdgpu: update psp 13.0.7 firmware
* amdgpu: update gc 11.0.2 firmware
* amdgpu: update navi10 firmware
* amdgpu: update aldebaran firmware
- Update aliases from 6.13-rc1
==== kirigami-addons6 ====
Version update (1.5.0 -> 1.6.0)
Subpackages: libKirigamiAddonsStatefulApp6
- Update to 1.6.0
https://carlschwan.eu/2024/11/30/kirigami-addons-1.6.0/
* Improvements to AboutPage
* New component: RadioSelector
* New component: FormPlaceholderMessageDelegate
* Fixed issues in DatePicker
==== libdb-4_8 ====
Subpackages: db48-utils
- fix build for LoongArch64
==== libosinfo ====
Version update (1.11.0 -> 1.12.0)
Subpackages: libosinfo-1_0-0 typelib-1_0-Libosinfo-1_0
- Update to version 1.12.0 (jsc#PED-8910)
* Some memory leak fixes
* Adapt to change in libxml2
* Several CI improvements
* Several translations improvements
- Drop 0001-osinfo-Make-xmlError-struct-constant-in-propagate_li.patch
==== libostree ====
Version update (2024.8 -> 2024.9)
Subpackages: libostree-1-1
- Update to version 2024.9:
+ deploy: Don't recompute verity checksums if not enabled
(performance improvement)
+ prepare-root: allow sysroot.readonly=true with kernel cmdline
ro
+ various bug fixes
==== libraw ====
- Limit fdupes to %_libdir
==== openSUSE-release ====
Version update (20241202 -> 20241203)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== update-bootloader ====
Version update (1.19 -> 1.21)
- merge gh#openSUSE/perl-bootloader#185
- provide default settings in cases where kernel and initrd
symlinks are missing (bsc#1233956)
- update test results
- 1.21
- merge gh#openSUSE/perl-bootloader#184
- bash in SLE15 works differently than in TW; adjust for
differences (bsc#1231018)
- 1.20
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
avahi
avahi-glib2
cppcheck (2.16.0 -> 2.16.1)
google-noto-fonts (20240901 -> 20241201)
libHX
m4
openSUSE-release (20241130 -> 20241202)
selinux-policy (20241118 -> 20241105)
yast2-trans (84.87.20241123.891024d88b -> 84.87.20241201.a42621795a)
=== Details ===
==== avahi ====
Subpackages: libavahi-client3 libavahi-common3 libavahi-core7
- Add avahi-CVE-2024-52616.patch:
Backporting 1dade81c from upstream: Properly randomize query id
of DNS packets.
(CVE-2024-52616, bsc#1233420)
==== avahi-glib2 ====
Subpackages: libavahi-glib1 libavahi-gobject0 libavahi-ui-gtk3-0
- Add avahi-CVE-2024-52616.patch:
Backporting 1dade81c from upstream: Properly randomize query id
of DNS packets.
(CVE-2024-52616, bsc#1233420)
==== cppcheck ====
Version update (2.16.0 -> 2.16.1)
- update to 2.16.1
* SymbolDatabase: does not select l-value method properly
==== google-noto-fonts ====
Version update (20240901 -> 20241201)
Subpackages: google-noto-sans-fonts google-noto-sans-symbols-fonts google-noto-sans-symbols2-fonts
- Update to 20241201
* Base Noto Sans and Noto Serif is updated
==== libHX ====
- keyring update
==== m4 ====
- fix build for loongarch64
==== openSUSE-release ====
Version update (20241130 -> 20241202)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== selinux-policy ====
Version update (20241118 -> 20241105)
Subpackages: selinux-policy-targeted
==== yast2-trans ====
Version update (84.87.20241123.891024d88b -> 84.87.20241201.a42621795a)
Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu
- Update to version 84.87.20241201.a42621795a:
* Translated using Weblate (Finnish)
* New POT for text domain 'storage'.
* Translated using Weblate (Georgian)
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
389-ds (3.1.1~git13.a9c7ff9 -> 3.1.1~git57.65773c3)
Mesa
Mesa-drivers
MozillaFirefox (132.0.2 -> 133.0)
cairo
container-selinux (2.232.1 -> 2.233.0)
file (5.45 -> 5.46)
gimp
glib2
gnome-session
gpgme
gpgmeqt6
grub2
libpwquality
libreoffice (24.8.2.1 -> 24.8.3.2)
libssh (0.10.6 -> 0.11.1)
openSUSE-release (20241127 -> 20241130)
python-gobject
python-setuptools (72.1.0 -> 75.6.0)
python311-packaging (24.1 -> 24.2)
qt6-wayland
selinux-policy (20241105 -> 20241118)
sqlite3 (3.46.1 -> 3.47.1)
system-config-printer
unbound
webkit2gtk3 (2.46.3 -> 2.46.4)
yast2-storage-ng (5.0.21 -> 5.0.22)
=== Details ===
==== 389-ds ====
Version update (3.1.1~git13.a9c7ff9 -> 3.1.1~git57.65773c3)
Subpackages: lib389 libsvrcore0
- Remove 389-ds-link-icu-uc.patch - upstreamed
- Update to version 3.1.1~git57.65773c3:
* Issue 6340 - RFE - extract keys once (#6413)
* Issue 6415 - BUG - Incorrect icu linking (#6416)
* Issue 6420 - Update dsidm user get_dn test (#6421)
* Issue 6258 - Resolve race condition for two tests in health_config.py
* Bump cross-spawn from 7.0.3 to 7.0.6 in /src/cockpit/389-console (#6407)
* Issue 6386 - backup/restore broken after db log rotation (#6406)
* Issue 6401 - Remove logging macros
* Issue 6404 - UI - Add npm pretter package
* Issue 6374 - nsslapd-mdb-max-dbs autotuning doesn't work properly (#6400)
* Issue 5842 - Add log buffering for error log
* Issue 6397 - Remove deprecated setting for HR time stamps in logs
* Issue 6390 - Adjust cleanAllRUV max per txn and interval limits
* Issue 6349 - RFE - extract keys once (#6363) (#6394)
* Issue 6387 - Use make macro in the spec file
* Issue 6359 - Add exception to GPL license in license tag
* Issue 6381 - CleanAllRUV - move changelog purging to the very end of the task
* Issue 5920 - pamModuleIsThreadSafe is missing in the schema
* Issue 6377 - syntax error in setup.py (#6378)
* Issue 6349 - RFE - Use previously extracted key path (#6363)
* Issue 6067 - Update dsidm to prioritize basedn from .dsrc over interactive input (#6362)
* Issue 6347 - better fix for desyncronized vlv cache (#6358)
* Issue 6243 - dsctl bdb2mdb should cleanly fail if bundled libdb is not available (#6351)
* Issue 6331 - UI - Instance fails to load when DB backup directory doesn't exist (#6332)
* Issue 6356 - On LMDB, after an update the impact VLV index, the vlv recno cache is not systematically cleared (#6357)
* Issue 6056 - WebUI supports only instances with BDB (#6299)
* Issue 6339 - Address Coverity scan issues in memberof and bdb_layer (#6353)
* Issue 6328 - vlv control may not be logged (#6354)
* Issue 6347 - VLV search sometime fails with operation error (#6349)
* Issue 6343 - Improve online import robustness when the server is under load
* Issue 6345 - Ensure all slapi_log_err calls end format strings with newline character \n (#6346)
* Issue 6064 - bdb2mdb shows errors (#6341)
* Issue 6336 - Fix failing CI tests (roles) due to slow import (#6337)
* Fix duplicate detection logic by ensuring exact match on string length (#6333)
* Issue 6304 - RFE when memberof is enabled, defer updates of members from the update of the group (#6305)
* Issue 6329 - lmdb typo in error log notice message (#6330)
* Issue 6324 - Provide more information in the error message during setup_ol_tls_conn() (#6325)
* Issue 5965 - UI, CLI - Fix Account Policy Plugin functionality issues (#6323)
* Issue 6188 - Check if nsslapd-haproxy-trusted-ip attribute is returned in default schema
* Issue 6319 - bdb subpackage has `%description` in the wrong place
* Issue 6321 - lib389 get_db_lib function may returns the wrong db type (#6322)
* Issue 6245 - Fix some other coverity scan regressions (#6273)
* Issue 6316 - lmdb reindex is broken if index type is specified (#6318)
* Issue 6090 - Fix dbscan options and man pages (#6315)
* Issue 6307 - Wrong set of entries returned for some search filters (#6308)
==== Mesa ====
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- trying to make buildservice happy by adding both tarballs to
specfile ...
- on s390x build Mesa 24.1.7 to fix colors with Xvnc (boo#1233167)
- adjusted patches for Mesa 24.1.7:
* python36-buildfix1-s390x.patch
* u_dep_xcb-s390x.patch
* u_mesa-CVE-2023-45913-s390x.patch
==== Mesa-drivers ====
Subpackages: Mesa-dri Mesa-gallium Mesa-libva
- trying to make buildservice happy by adding both tarballs to
specfile ...
- on s390x build Mesa 24.1.7 to fix colors with Xvnc (boo#1233167)
- adjusted patches for Mesa 24.1.7:
* python36-buildfix1-s390x.patch
* u_dep_xcb-s390x.patch
* u_mesa-CVE-2023-45913-s390x.patch
==== MozillaFirefox ====
Version update (132.0.2 -> 133.0)
Subpackages: MozillaFirefox-branding-upstream
- Mozilla Firefox 133.0
https://www.mozilla.org/en-US/firefox/133.0/releasenotes
MFSA 2024-63 (bsc#1233695)
* CVE-2024-11691 (bmo#1914707, bmo#1924184)
Memory corruption in Apple GPU drivers
* CVE-2024-11700 (bmo#1836921)
Potential Tapjacking Exploit for Intent Confirmation on Android
* CVE-2024-11692 (bmo#1909535)
Select list elements could be shown over another site
* CVE-2024-11701 (bmo#1914797)
Misleading Address Bar State During Navigation Interruption
* CVE-2024-11702 (bmo#1918884)
Inadequate Clipboard Protection in Private Browsing Mode on
Android
* CVE-2024-11693 (bmo#1921458)
Download Protections were bypassed by .library-ms files on
Windows
* CVE-2024-11694 (bmo#1924167)
CSP Bypass and XSS Exposure via Web Compatibility Shims
* CVE-2024-11695 (bmo#1925496)
URL Bar Spoofing via Manipulated Punycode and Whitespace Characters
* CVE-2024-11703 (bmo#1928779)
Password access without authentication via PIN bypass on Android
* CVE-2024-11696 (bmo#1929600)
Unhandled Exception in Add-on Signature Verification
* CVE-2024-11697 (bmo#1842187)
Improper Keypress Handling in Executable File Confirmation Dialog
* CVE-2024-11704 (bmo#1899402)
Potential Double-Free Vulnerability in PKCS#7 Decryption Handling
* CVE-2024-11698 (bmo#1916152)
Fullscreen Lock-Up When Modal Dialog Interrupts Transition on macOS
* CVE-2024-11705 (bmo#1921768)
Null Pointer Dereference in NSC_DeriveKey
* CVE-2024-11706 (bmo#1923767)
Null Pointer Dereference in PKCS#12 Utility
* CVE-2024-11708 (bmo#1922912)
Data race with PlaybackParams
* CVE-2024-11699 (bmo#1880582, bmo#1929911)
Memory safety bugs fixed in Firefox 133, Firefox ESR 128.5,
and Thunderbird 128.5
- requires NSS 3.106
- remove obsolete mozilla-python313.patch
- add mozilla-python313.patch to fix build with python 3.13+
==== cairo ====
Subpackages: libcairo-gobject2 libcairo-script-interpreter2 libcairo2
- Convert to source service: allows for easier upgrades by the
GNOME team.
==== container-selinux ====
Version update (2.232.1 -> 2.233.0)
- Update to version 2.233.0:
* container_engine_t: small change to allow non root exec in a container
* RPM: explicitly list ghosted paths and skip mode verification
* container-selinux install on non selinux-policy-targeted systems (#332)
* set container_log_t type for /var/log/kube-apiserver
* Allow kubelet_t to create a sock file kubelet_var_lib_t
* dontaudit spc_t to mmap_zero
* Packit: update targets (#330)
* container_engine_t: another round of small improvements (#327)
* Allow container_device_plugin_t to use the network (#325)
* RPM: cleanup changelog (#324)
* TMT: Simplify tests
==== file ====
Version update (5.45 -> 5.46)
Subpackages: file-magic libmagic1
- Update to 5.46:
* Add OFFPOSITIVE
* avoid leaking symbols in libmagic
* PR/562: jsummers: Search/regex offsets are absolute to the
beginning of the file, so adjust them by subtracting the
offset that the "use" starts so that we don't double-count it.
* PR/543: matshch: bump nbuf so we can get the flags into the buffer.
* Add Android elf notes (enh)
* Add limit for number of magic warnings allowed
* check regex bounds (found by clusterfuzz)
- Remove patch file-5.45-type_t.dif now upstream
- Port patches
* file-4.24-autoconf.dif
* file-5.17-option.dif
* file-5.18-javacheck.dif
* file-5.19-biorad.dif
* file-5.19-printf.dif
* file-5.19-zip2.0.dif
* file-5.22-elf.dif
* file-5.28-btrfs-image.dif
* file-5.45-type_t.dif
* file-secure_getenv.patch
- Port patch file-5.45.dif and rename it to file-5.46.dif
* Note that our kernel magics do not fit anymore as
upstream now has a huge rework and extended features
==== gimp ====
Subpackages: gimp-plugin-aa libgimp-2_0-0 libgimpui-2_0-0
- Fix jpeg-xl disabling, use proper with/without
- Disable jpeg-xl support on SLES < 16.0 (SP6, SP7)
libjxl is only in Leap/PackageHUB but not in SLES.
Leap gets gimp binary rpms from SLES.
(helps to fix bsc#1233157)
- Re-adding dropped references compared to SLES 15 SP6 changelog
CVE-2022-32990 CVE-2023-44441 CVE-2023-44442
CVE-2023-44443 CVE-2023-44444
bsc#1201192 bsc#1217160 bsc#1217161 bsc#1217162 bsc#1217163
==== glib2 ====
Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 libgthread-2_0-0 typelib-1_0-GLib-2_0 typelib-1_0-GModule-2_0 typelib-1_0-GObject-2_0 typelib-1_0-Gio-2_0
- Have the glib2-tools postun trigger exit normally if
glib2-compile-schemas can't be run. Fixes error when uninstalling
if libgio is uninstalled first (bsc#1231463).
==== gnome-session ====
Subpackages: gnome-session-core gnome-session-wayland gnome-session-xsession
- Build gnome-session-wayland also on s390x: It was originally
excluded because xwayland did not exist. That has been solved in
2021 though.
==== gpgme ====
Subpackages: libgpgme11 libgpgmepp6
- Add gpgme-fix-python-install.patch: Fix the installation of the
python bindings without having to move them around manually.
==== gpgmeqt6 ====
- Add gpgme-fix-python-install.patch: Fix the installation of the
python bindings without having to move them around manually.
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-common grub2-snapper-plugin grub2-systemd-sleep-plugin
- Support s390x Secure Execution (jsc#PED-9531)
* grub2-s390x-secure-execution-support.patch
- Update grub2-s390x-set-hostonly.patch to add the patch header
and the description
==== libpwquality ====
Subpackages: libpwquality1 pam_pwquality
- Drop python 2.x support (it's been 4 years).
- Add python3-setuptools BuildRequires which is needed for
distutils.
==== libreoffice ====
Version update (24.8.2.1 -> 24.8.3.2)
Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-en libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-qt6 libreoffice-writer libreofficekit
- Update to 24.8.3.2 (24.8.3 final)
* Release notes:
https://wiki.documentfoundation.org/Releases/24.8.3/RC1
https://wiki.documentfoundation.org/Releases/24.8.3/RC2
- Update bundled dependencies:
* curl 8.10.1 -> 8.11.0
- New translation: Tagalog
==== libssh ====
Version update (0.10.6 -> 0.11.1)
Subpackages: libssh-config libssh4
- Update to version 0.11.1:
* Fixed default TTY modes that are set when stdin is not
connected to tty.
* Fixed zlib cleanup procedure, which could crash on i386.
* Various test fixes improving their stability.
* Remove 0001-disable-timeout-test-on-slow-buildsystems.patch
to enable slow tests also in s390 s390x ppc64le.
- Set BuildArch: noarch for the config package as it only ships
configuration files.
- Update to version 0.11.0
https://www.libssh.org/2024/08/08/libssh-0-11-0-release/
- Updated 0001-disable-timeout-test-on-slow-buildsystems.patch
- Removed libssh-fix-ipv6-hostname-regression.patch
==== openSUSE-release ====
Version update (20241127 -> 20241130)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== python-gobject ====
Subpackages: python311-gobject python311-gobject-Gdk python311-gobject-cairo
- Add python-pygobject provides: help packages to eliminate rpmlint
warnings when comparing requrements.txt vs the packages depdency.
'pygobject' is the proper upstream name.
==== python-setuptools ====
Version update (72.1.0 -> 75.6.0)
- remove duplicated "uses_network" skip
- Skip over the tests which require network.
- Don't use pytest-xdist, it breaks test suite.
- update to 75.6.0:
* Preserve original PKG-INFO into METADATA when creating wheel
(instead of calling wheel.metadata.pkginfo_to_metadata). This
helps to be more compliant with the flow specified in PEP
517.
* Changed the WindowsSdkVersion, FrameworkVersion32 and
FrameworkVersion64 properties of setuptools.msvc.PlatformInfo
to return an empty tuple instead of None as a fallthrough
case -- by :user:`Avasam`
- update to 75.5.0:
* Removed support for
SETUPTOOLS_DANGEROUSLY_SKIP_PYPROJECT_VALIDATION, as it is
deemed prone to errors.
* Added support for the environment variable
SETUPTOOLS_DANGEROUSLY_SKIP_PYPROJECT_VALIDATION=true,
allowing users to bypass the validation of pyproject.toml.
This option should be used only as a last resort when
resolving dependency issues, as it may lead to improper
functioning. Users who enable this setting are responsible
for ensuring that pyproject.toml complies with setuptools
requirements. (#4611) Attention! This environment variable
was removed in a later version of setuptools.
* Require Python 3.9 or later. (#4718)
* Remove dependency on importlib_resources and the vendored
copy of the library. Instead, setuptools consistently rely on
stdlib's importlib.resources (available on Python 3.9+).
(#4718)
* Setuptools' bdist_wheel implementation no longer produces
wheels with the m SOABI flag (pymalloc-related). This flag
was removed on Python 3.8+ (see :obj:`sys.abiflags`). (#4718)
* Updated vendored packaging version to 24.2. (#4740)
* Merge with pypa/distutils@251797602, including fix for
dirutil.mkpath handling in pypa/distutils#304.
* Allowed using dict as an ordered type in
setuptools.dist.check_requirements -- by :user:`Avasam`
* Ensured methods in setuptools.modified preferably raise a
consistent distutils.errors.DistutilsError type (except in
the deprecated use case of SETUPTOOLS_USE_DISTUTILS=stdlib)
- - by :user:`Avasam`
* Fix the ABI tag when building a wheel using the debug build
of Python 3.13 on Windows. Previously, the ABI tag was
missing the "d" flag.
* Fix clashes for optional-dependencies in pyproject.toml and
extra_requires in setup.cfg/setup.py. As per PEP 621,
optional-dependencies have to be honoured and dynamic
behaviour is not allowed.
* #4560
* Made errors when parsing Distribution data more explicit
about the expected type (tuple[str, ...] | list[str]) -- by
:user:`Avasam`
* Fix a TypeError when a Distribution's old included attribute
was a tuple -- by :user:`Avasam`
* Add workaround for bdist_wheel --dist-info-dir errors when
customisation does not inherit from setuptools.
* Re-use pre-existing .dist-info dir when creating wheels via
the build backend APIs (PEP 517) and the metadata_directory
argument is passed -- by :user:`pelson`.
* Changed egg_info command to avoid adding an empty .egg-info
directory while iterating over entry-points. This avoids
triggering integration problems with
importlib.metadata/importlib_metadata (reference:
pypa/pyproject-hooks#206).
* Deprecated bdist_wheel.universal configuration.
* Removed reference to upload_docs module in entry points.
* Declare also the dependencies used by distutils (adds
jaraco.collections).
* Removed upload_docs command.
* Merge with pypa/distutils@7283751. Removed the register and
upload commands and the config module that backs them
(pypa/distutils#294). Removed the borland compiler. Replaced
vendored dependencies with natural dependencies. Cygwin C
compiler now gets compilers from sysconfig
(pypa/distutils#296).
* Fix cross-platform compilation using
distutils._msvccompiler.MSVCCompiler -- by :user:`saschanaz`
and :user:`Avasam`
* Fixed TypeError in sdist filelist processing by adding
support for pathlib Paths for the build_base.
* Removed degraded and deprecated test_integration
(easy_install) from the test suite.
* Fixed TypeError in msvc.EnvironmentInfo.return_env when no
runtime redistributables are installed.
* Added support for defining ext-modules via pyproject.toml
(EXPERIMENTAL, may change in future releases).
* Merge with pypa/distutils@3dcdf8567, removing the duplicate
vendored copy of packaging.
* Restored setuptools.msvc.Environmentinfo as it is used
externally.
* Changed the type of error raised by
setuptools.command.easy_install.CommandSpec.from_param on
unsupported argument from AttributeError to TypeError -- by
:user:`Avasam`
* Added detection of ARM64 variant of MSVC -- by
:user:`saschanaz`
* Made setuptools.package_index.Credential a typing.NamedTuple
- - by :user:`Avasam`
... changelog too long, skipping 43 lines ...
get_msvcr() (pypa/distutils#274).
==== python311-packaging ====
Version update (24.1 -> 24.2)
- update to 24.2:
* PEP 639: Implement License-Expression and License-File
(:issue:`828`)
* Use !r formatter for error messages with filenames
(:issue:`844`)
* Add support for PEP 730 iOS tags (:issue:`832`)
* Fix prerelease detection for > and < (:issue:`794`)
* Fix uninformative error message (:issue:`830`)
* Refactor canonicalize_version (:issue:`793`)
* Patch python_full_version unconditionally (:issue:`825`)
* Fix doc for canonicalize_version to mention strip_trailing_zero
and a typo in a docstring (:issue:`801`)
* Fix typo in Version __str__ (:issue:`817`)
* Support creating a SpecifierSet from an iterable of Specifier
objects (:issue:`775`)
==== qt6-wayland ====
Subpackages: libQt6WaylandClient6 libQt6WaylandCompositor6 libQt6WaylandEglClientHwIntegration6 libQt6WaylandEglCompositorHwIntegration6 libQt6WlShellIntegration6
- Add patch to fix crash when unplugging a graphics tablet:
* 0001-client-Redo-management-of-tablet-object-proxies.patch
==== selinux-policy ====
Version update (20241105 -> 20241118)
Subpackages: selinux-policy-targeted
- Update to version 20241118:
* Add workaround for /run/rpmdb lockfile (bsc#1231127)
* Add dedicated health-checker module (bsc#1231127)
- Packaging rework: moving all config files to git repository
https://gitlab.suse.de/selinux/selinux-policy
- Moved booleans to dist/*/booleans.conf and dropped from package:
* booleans-minimum.conf
- user facing change: boolean settings are now the same as in upstream
* booleans-mls.conf
- user facing change: boolean settings are now the same as in upstream
* booleans-targeted.conf
- user facing change: kerberos_enabled boolean was not enabled due to a bug, now it is enabled
- Moved booleans.subs_dist to dist/booleans.subs_dist and dropped from package
- Moved customizable_types to dist/customizable_types and dropped from package
- user facing change: using upstream version
- Moved file_contexts.subs_dist to config/file_contexts.subs_dist and dropped from package
- user facing change: changed systemd entries in file_contexts.subs_dist:
/run/systemd/system -> dropped from file
/run/systemd/generator.early /run/systemd/generator
/run/systemd/generator.late /run/systemd/generator
- Moved modules config to dist/<policytype>/modules.conf and dropped from package:
- user facing change: minimum policy: modules base and contrib are merged into modules.lst
and modules-enabled.lst was added which contains the enabled modules, replacing modules-minimum-disable.lst
* modules-minimum-base.conf
* modules-minimum-contrib.conf
* modules-minimum-disable.lst
* Added: modules-minimum.lst
- user facing change: mls policy: modules base + contrib are merged into modules.lst
* modules-mls-base.conf
* modules-mls-contrib.conf
- user facing change: targeted policy: modules base + contrib are merged into modules.lst:
* modules-targeted-base.conf
* modules-targeted-contrib.conf
- Moved securetty config to config/appconfig-<policytype>/securetty_types and dropped from package
- user facing change: using upstream version for all policy types
* securetty_types-minimum
* securetty_types-mls
* securetty_types-targeted
- Moved setrans config to dist/<policytype>/setrans.conf and dropped from package
* setrans-minimum.conf
* setrans-mls.conf
* setrans-targeted.conf
- Moved users config to dist/<policytype>/users and dropped from package
* users-minimum
- user facing change: added guest_u and xguest_u
* users-mls
* users-targeted
- Fix debug-build.sh to follow symlinks when creating
the tarball
- Update embedded container-selinux version to commit:
* 3f06c141bebc00a07eec4c0ded038aac4f2ae3f0
- Update to version 20241107:
* Re-add kanidm module to dist/targeted/modules.conf
* Add SUSE-specific file contexts to file_contexts.subs_dist
* Disallow execstack in dist/minimum/booleans.conf
* Add SUSE-specific booleans to dist/targeted/booleans.conf
* Add SUSE specific modules to targeted modules.conf
* Label /var/cache/systemd/home with systemd_homed_cache_t
* Allow login_userdomain connect to systemd-homed over a unix socket
* Allow boothd connect to systemd-homed over a unix socket
* Allow systemd-homed get attributes of a tmpfs filesystem
* Allow abrt-dump-journal-core connect to systemd-homed over a unix socket
* Allow aide connect to systemd-homed over a unix socket
* Label /dev/hfi1_[0-9]+ devices
* Remove the openct module sources
* Remove the timidity module sources
* Enable the slrn module
* Remove i18n_input module sources
* Enable the distcc module
* Remove the ddcprobe module sources
* Remove the timedatex module sources
* Remove the djbdns module sources
* Confine iio-sensor-proxy
* Allow staff user nlmsg_write
* Update policy for xdm with confined users
* Allow virtnodedev watch mdevctl config dirs
* Allow ssh watch home config dirs
* Allow ssh map home configs files
* Allow ssh read network sysctls
* Allow chronyc sendto to chronyd-restricted
* Allow cups sys_ptrace capability in the user namespace
* Add policy for systemd-homed
* Remove fc entry for /usr/bin/pump
* Label /usr/bin/noping and /usr/bin/oping with ping_exec_t
* Allow accountsd read gnome-initial-setup tmp files
* Allow xdm write to gnome-initial-setup fifo files
* Allow rngd read and write generic usb devices
* Allow qatlib search the content of the kernel debugging filesystem
* Allow qatlib connect to systemd-machined over a unix socket
* mls/modules.conf - fix typo
* Use dist/targeted/modules.conf in build workflow
* Fix default and dist config files
* Allow unprivileged user watch /run/systemd
* CI: update to actions/checkout@v4
* Allow boothd connect to kernel over a unix socket
* Clean up and sync securetty_types
* Bring config files from dist-git into the source repo
* Confine gnome-remote-desktop
* Allow virtstoraged execute mount programs in the mount domain
* Make mdevctl_conf_t member of the file_type attribute
==== sqlite3 ====
Version update (3.46.1 -> 3.47.1)
Subpackages: libsqlite3-0 sqlite3-tcl
- Update to release 3.47.1:
* Fix the makefiles so that they once again honored DESTDIR for
the "install" target.
* Add the SQLITE_IOCAP_SUBPAGE_READ capability to the VFS, to
work around issues on some non-standard VFSes caused by making
SQLITE_DIRECT_OVERFLOW_READ the default in version 3.45.0.
* Fix incorrect answers to certain obscure IN queries caused by
new query optimizations added in the 3.47.0 release.
* Other minor bug fixes.
- Update to release 3.47.0:
* Allow arbitrary expressions in the second argument to the RAISE
function.
* If the RHS of the ->> operator is negative, then access array
elements counting from the right.
* Fix a problem with rolling back hot journal files in the
seldom-used unix-dotfile VFS.
* FTS5 tables can now be dropped even if they use a non-standard
tokenizer that has not been registered.
* Fix the group_concat() aggregate function so that it returns an
empty string, not a NULL, if it receives a single input value
which is an empty string.
* Enhance the generate_series() table-valued function so that it
is able to recognize and use constraints on its output value.
Preupdate hooks now recognize when a column added by ALTER
TABLE ADD COLUMN has a non-null default value.
* Improved reuse of subqueries associated with the IN operator,
especially when the IN operator has been duplicated due to
predicate push-down.
* Use a Bloom filter on subqueries on the right-hand side of the
IN operator, in cases where that seems likely to improve
performance.
* Ensure that queries like "SELECT func(a) FROM tab GROUP BY 1"
only invoke the func() function once per row.
* No attempt is made to create automatic indexes on a column
that is known to be non-selective because of its use in other
indexes that have been analyzed.
* Adjustments to the query planner so that it produces better
plans for star queries with a large number of dimension
tables.
* Add the "order-by-subquery" optimization, that seeks to
disable sort operations in outer queries if the desired order
is obtained naturally due to ORDER BY clauses in subqueries.
* The "indexed-subtype-expr" optimization strives to use
expressions that are part of an index rather than recomputing
the expression based on table values, as long as the query
planner can prove that the subtype of the expression will
never be used.
* Miscellaneous coding tweaks for faster runtimes.
* Add the experimental sqlite3_rsync program.
* Add extension functions median(), percentile(),
percentile_cont(), and percentile_disc() to the CLI.
* Add the .www dot-command to the CLI.
* The sqlite3_analyzer utility now provides a break-out of
statistics for WITHOUT ROWID tables.
* The sqldiff utility avoids creating an empty database if its
second argument does not exist.
* Enhance the sqlite_dbpage table-valued function such that
INSERT can be used to increase or decrease the size of the
database file.
* SQLite no longer makes any use of the "long double" data type,
as hardware support for long double is becoming less common
and long double creates challenges for some compiler tool
chains. Instead, SQLite uses Dekker's algorithm when extended
precision is needed.
* The TCL Interface for SQLite supports TCL9. Everything
probably still works for TCL 8.5 and later, though this is not
guaranteed. Users are encouraged to upgrade to TCL9.
* Fix a corruption-causing bug in the JavaScript "opfs" VFS.
Correct "mode=ro" handling for the "opfs" VFS. Work around a
couple of browser-specific OPFS quirks.
* Add the fts5_tokenizer_v2 API and the locale=1 option, for
creating custom locale-aware tokenizers and fts5 tables that
may take advantage of them.
* Add the contentless_unindexed=1 option, for creating
contentless fts5 tables that store the values of any UNINDEXED
columns persistently in the database.
* Allow an FTS5 table to be dropped even if it uses a custom
tokenizer whose implementation is not available.
==== system-config-printer ====
Subpackages: python3-cupshelpers system-config-printer-applet system-config-printer-common system-config-printer-dbus-service udev-configure-printer
- Add installation-root-dir-from-setup.patch
gh#OpenPrinting/system-config-printer#361 to fix cupshelpers
installation.
==== unbound ====
Subpackages: libunbound8 unbound-anchor
- add workaround for bug
https://github.com/NLnetLabs/unbound/issues/509
Starting up with 127.0.0.1 in the /etc/resolv.conf leads to long
delays if the anchor update is being run as ExecStartPre in the
unbound service
==== webkit2gtk3 ====
Version update (2.46.3 -> 2.46.4)
Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles
- Update to version 2.46.4:
+ Improve memory consumption and performance of Canvas
getImageData.
+ Fix preserve-3D intersection rendering.
+ Fix video dimensions since GStreamer 1.24.9.
+ Fix the HTTP-based remote Web Inspector not loading in
Chromium.
+ Fix content filters not working on about:blank iframes.
+ Fix several crashes and rendering issues.
+ Security fixes: CVE-2024-44308, CVE-2024-44309.
- Drop patches fixed upstream:
+ 9e9ea966373d3858668f6a29d8ba91a5807c8dd8.patch
+ webkit2gtk3-CVE-2024-44308.patch
+ webkit2gtk3-CVE-2024-44309.patch
==== yast2-storage-ng ====
Version update (5.0.21 -> 5.0.22)
- Mount '/mnt/run' as private to avoid mount points propagation
(gh#yast/yast-storage-ng#1395)
- 5.0.22
1
0