openSUSE ARM
Threads by month
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- 4 participants
- 1971 discussions
I have been trying the current Leap 15.5. aarch64 appliance on a Raspberry
Pi 3 B+. Most things are working. But I have a problem with the GUI login /
desktop.
I started with the KDE variant. ssdm would not start. I saw that it
complained that there was not enough memory for some texture, and it
exited. So I switches to xddm. That would start. But when KDE should start,
I get a functioning mouse cursor, but nothing else, Just a black
background. With a mouse.
I then tried xfce. Then the login part went fine with no changes. But the
desktop was still a problem like with KDE. Except the screen background was
white. I see that some processes related to the desktop are running. I
don't know xfce well enough to know if some critical thing is not running.
When installing Raspbian on the device, the desktop works. But perhaps its
lxde that uses far less resources?
Should I expect that all these desktops start on a Pi 3 B+? I now that
there might be performance issues. But should they at least start. And int
he case of KDE/sddm, should the login at least function?
I'm confused where to look next.
--
Roger Oberholtzer
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
NetworkManager
NetworkManager-applet
PackageKit (1.2.5 -> 1.2.8)
PackageKit-branding-openSUSE
accountsservice
avahi
avahi-glib2
dracut (059+suse.522.g0fc72191 -> 059+suse.530.gba7b6a35)
evince
gcr
gcr3
gdm
glib2
gnome-control-center (45.1+14 -> 45.1+22)
gnome-keyring
gnome-menus-branding-openSUSE
gnome-music
gnome-session
gnome-settings-daemon
gnome-shell
grub2
gsettings-desktop-schemas
gstreamer-plugins-bad
gstreamer-plugins-base
gstreamer-plugins-ugly
gtk2
gtk2-engines
gtk2-metatheme-sonar
gtk3
gvfs
kernel-firmware (20231107 -> 20231127)
kio-extras5
libcanberra
libdrm
libsecret
libsemanage
libxslt (1.1.38 -> 1.1.39)
mozjs115
mutter
pcsc-lite (2.0.0 -> 2.0.1)
polkit-gnome
python-Pygments (2.16.1 -> 2.17.2)
python-SQLAlchemy (2.0.21 -> 2.0.23)
python-argcomplete (3.1.4 -> 3.1.6)
python-certifi (2023.7.22 -> 2023.11.17)
python-cryptography (41.0.5 -> 41.0.7)
python-gevent (23.9.0 -> 23.9.1)
python-greenlet (3.0.0 -> 3.0.1)
python-httpx (0.25.0 -> 0.25.2)
python-idna (3.4 -> 3.6)
python-mysqlclient (2.1.1 -> 2.2.0)
python-pyOpenSSL (23.2.0 -> 23.3.0)
python-pyasn1 (0.5.0 -> 0.5.1)
python-pycryptodome (3.18.0 -> 3.19.0)
python-reportlab (4.0.5 -> 4.0.7)
python-simplejson (3.19.1 -> 3.19.2)
python-zipp (3.15.0 -> 3.17.0)
rubygem-autoprefixer-rails (10.4.15.0 -> 10.4.16.0)
rubygem-bcrypt (3.1.19 -> 3.1.20)
rubygem-debase-ruby_core_source (3.2.2 -> 3.2.3)
rubygem-hoe (4.0.5 -> 4.1.0)
rubygem-mustermann-grape (1.0.2 -> 1.1.0)
rubygem-nio4r (2.5.9 -> 2.6.1)
rubygem-nokogiri (1.15.4 -> 1.15.5)
rubygem-pkg-config (1.5.5 -> 1.5.6)
rubygem-raindrops (0.20.0 -> 0.20.1)
rubygem-spring (4.1.2 -> 4.1.3)
rubygem-sshkit (1.21.5 -> 1.21.6)
rubygem-unf_ext (0.0.8.2 -> 0.0.9.1)
rubygem-xdg (7.0.2 -> 7.1.3)
rubygem-xmlhash (1.3.8 -> 1.3.9)
system-config-printer
thin-provisioning-tools
tigervnc
tracker-miners
util-linux
util-linux-systemd
virt-manager
vte
webkit2gtk3
webkit2gtk3-soup2
xdg-desktop-portal (1.18.1 -> 1.18.2)
xdg-desktop-portal-gnome (45.0 -> 45.1)
xfce4-dict (0.8.5 -> 0.8.6)
yast2-core (5.0.0 -> 5.0.1)
zenity (3.99.2 -> 3.99.90)
=== Details ===
==== NetworkManager ====
Subpackages: NetworkManager-bluetooth NetworkManager-pppoe NetworkManager-tui NetworkManager-wwan libnm0 typelib-1_0-NM-1_0
- Use %patch -p N instead of deprecated %patchN.
==== NetworkManager-applet ====
Subpackages: NetworkManager-connection-editor
- Use %autosetup instead of %setup/%patch.
==== PackageKit ====
Version update (1.2.5 -> 1.2.8)
Subpackages: PackageKit-backend-zypp PackageKit-gstreamer-plugin PackageKit-gtk3-module libpackagekit-glib2-18 typelib-1_0-PackageKitGlib-1_0
- Update to version 1.2.8:
+ Libraries:
- offline-updates:
. Make package update list deduplication more efficient.
. Add only one entry per package to 'offline-update-competed'
file.
- PkClient: Replace the GSimpleAsyncResult with the GTask API.
- pk-client:
. Fix use-before-set of PkProgress on cancellation.
. Move cancellable disconnect to dispose.
. Rework refcounting for PkClientState.
+ Backends: Changes to apt, dnf, PiSi and BSD backends.
- Changes from version 1.2.7:
+ New Features:
- pkclient: Add an option to count download size with
dependencies.
- pk-transaction: Add support for getting the RemainingTime
property.
+ Backends:
- zypp: Fix ambiguous reference to 'filesystem' class.
- Changes to dnf, apt, alpm backends.
- Changes from version 1.2.6:
+ New Features:
- Expose transaction sender as read-only property on the bus.
- pkmon: Display transaction sender binary name in log.
- pk-transaction: Add Packages signal.
- pk-transaction: Combine some D-Bus PropertiesChanged signal
emissions.
- pk-transaction: Add UpdateDetails signal.
+ Backends:
- zypp:
. implement upgrade-system method.
. Clean up trailing whitespaces.
. Avoid statuReset() on locked packages.
. restore pool status after simulating an update.
. Disable upgrade-system support in SLE.
. build the pool before calling is_tumbleweed().
. update libzypp dependency version.
. Don't refresh repos before searching.
. Check if packages are locked before removing.
. add repository data in package id.
. Remove trailing whitespace.
+ Changes to alpm, aptcc, apt, and nix backends.
- Rebase patches:
+ PackageKit-dnf-Add-support-for-AppStream-repodata-basenames-use.patch
+ PackageKit-dynamic-export.patch
+ PackageKit-zypp-disable-upgrade-system-in-sle.patch
- Drop upstream fixed patches:
+ PackageKit-zypp-add-repo-in-packageid.patch
+ PackageKit-zypp-add-upgrade-system.patch
+ PackageKit-zypp-avoid-statuReset.patch
+ PackageKit-zypp-dont-refresh-before-searching.patch
+ PackageKit-zypp-dont-remove-locked-packages.patch
+ PackageKit-zypp-fix-ambiguous-filesystem-reference.patch
+ PackageKit-zypp-fix-is-tumbleweed-check.patch
+ PackageKit-zypp-restore-pool-status-after-simulating-update.patch
+ PackageKit-zypp-update-libzypp-dependency-version.patch
==== PackageKit-branding-openSUSE ====
- Use %patch -p N instead of deprecated %patchN.
- Rebase PackageKit-branding-vendor.patch to apply against
PackageKit 1.2.7 and later.
==== accountsservice ====
Subpackages: libaccountsservice0 typelib-1_0-AccountsService-1_0
- Use %patch -p N instead of deprecated %patchN.
==== avahi ====
Subpackages: libavahi-client3 libavahi-common3 libavahi-core7
- Reformat avahi-gacdir.patch to apply as patch -p1.
- Use %autopatch instead of deprecated %patchN format.
==== avahi-glib2 ====
Subpackages: libavahi-glib1 libavahi-gobject0 libavahi-ui-gtk3-0
- Reformat avahi-gacdir.patch to apply as patch -p1.
- Use %autopatch instead of deprecated %patchN format.
==== dracut ====
Version update (059+suse.522.g0fc72191 -> 059+suse.530.gba7b6a35)
- Update to version 059+suse.530.gba7b6a35:
* fix(dracut.sh): skip README for AMD microcode generation (bsc#1217083)
* fix(90kernel-modules): add intel_lpss_pci for MacBook Pro 2017
* feat(kernel-modules): install SPMI modules on ARM/RISC-V
* feat(kernel-modules): add Qualcomm IPC router to enable USB
* fix(pcsc): add --disable-polkit to pcscd.service
* fix(pcsc): add opensc load module file
==== evince ====
Subpackages: evince-plugin-comicsdocument evince-plugin-djvudocument evince-plugin-dvidocument evince-plugin-pdfdocument evince-plugin-tiffdocument evince-plugin-xpsdocument libevdocument3-4 libevview3-3 typelib-1_0-EvinceDocument-3_0 typelib-1_0-EvinceView-3_0
- Use %patch -P N instead of deprecated %patchN.
==== gcr ====
Subpackages: gcr-ssh-agent gcr-ssh-askpass gcr-viewer libgck-2-2 libgcr-4-4 typelib-1_0-Gck-2 typelib-1_0-Gcr-4
- Use %patch -p N instead of deprecated %patchN.
==== gcr3 ====
Subpackages: gcr3-data gcr3-prompter gcr3-ssh-agent gcr3-ssh-askpass libgck-1-0 libgcr-3-1
- Use %patch -p N instead of deprecated %patchN.
==== gdm ====
Subpackages: gdm-schema gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0
- Use %patch -p N instead of deprecated %patchN.
==== glib2 ====
Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 libgthread-2_0-0
- Use %autosetup instead of %setup/%patch.
==== gnome-control-center ====
Version update (45.1+14 -> 45.1+22)
Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-user-faces
- Use %patch -p N instead of deprecated %patchN.
- Update to version 45.1+22:
+ apps: Fix status page glitch on initialization
+ po: Fix missing closing tag in pt_BR locale
+ background: Improve preview performance
+ applications: Fix File & Link Associations UI
+ Updated translations.
==== gnome-keyring ====
Subpackages: gnome-keyring-pam libgck-modules-gnome-keyring
- Use %patch -p N instead of deprecated %patchN.
==== gnome-menus-branding-openSUSE ====
- Use %patch -p N instead of deprecated %patchN.
==== gnome-music ====
- Use %patch -P N instead of deprecated %patchN.
==== gnome-session ====
Subpackages: gnome-session-core gnome-session-default-session gnome-session-wayland
- Use %patch -p N instead of deprecated %patchN.
==== gnome-settings-daemon ====
- Use %patch -p N instead of deprecated %patchN.
- Add a059909d62da0c11774f1089d02937699fabf150.patch: power: Fix
enum mismatch warning
- Add 41d0dc1db4d75c37ba67fe903105b4e162d42f1a.patch: power: Fix
uninitialised variable warning
- Renumber patches, ensure we have a patch0 when upstream patches
are available in future release.
==== gnome-shell ====
Subpackages: gnome-extensions gnome-shell-calendar
- Use %patch -p N instead of deprecated %patchN.
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin
- Fix unattended boot with TPM2 allows downgrading kernel and rootfs, also
enhancing the overall security posture (bsc#1216680)
* 0001-Improve-TPM-key-protection-on-boot-interruptions.patch
* 0002-Restrict-file-access-on-cryptodisk-print.patch
* 0003-Restrict-ls-and-auto-file-completion-on-cryptodisk-p.patch
* 0004-Key-revocation-on-out-of-bound-file-access.patch
- grub2.spec: Fix openQA test failure in SLE-15-SP6 due to missing
font in memdisk
==== gsettings-desktop-schemas ====
- Use %autosetup instead of %setup/%patch.
==== gstreamer-plugins-bad ====
Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0
- Use %patch -p N instead of deprecated %patchN.
==== gstreamer-plugins-base ====
Subpackages: libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstAudio-1_0 typelib-1_0-GstPbutils-1_0 typelib-1_0-GstTag-1_0 typelib-1_0-GstVideo-1_0
- Use %autosetup instead of %setup/%patch.
==== gstreamer-plugins-ugly ====
- Move libgstasf plugin from BUILD_ORIG to main package, stop
passing asfdemux=disabled to meson setup.
==== gtk2 ====
Subpackages: gtk2-data gtk2-immodule-amharic gtk2-immodule-inuktitut gtk2-immodule-thai gtk2-immodule-tigrigna gtk2-immodule-vietnamese gtk2-tools libgtk-2_0-0
- Use %patch -p N instead of deprecated %patchN.
==== gtk2-engines ====
Subpackages: gtk2-engine-clearlooks gtk2-engine-crux gtk2-engine-glide gtk2-engine-hcengine gtk2-engine-industrial gtk2-engine-mist gtk2-engine-redmond95 gtk2-engine-thinice gtk2-theme-clearlooks gtk2-theme-crux gtk2-theme-industrial gtk2-theme-mist gtk2-theme-redmond95 gtk2-theme-thinice
- Use %autosetup instead of %setup/%patch.
- Fix baselibs.conf: reference correct name of hcengine.
==== gtk2-metatheme-sonar ====
Subpackages: metatheme-sonar-common sonar-icon-theme
- Use %patch -p N instead of deprecated %patchN.
==== gtk3 ====
Subpackages: gtk3-data gtk3-immodule-amharic gtk3-immodule-inuktitut gtk3-immodule-thai gtk3-immodule-tigrigna gtk3-immodule-vietnamese gtk3-schema gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0
- Use %patch -p N instead of deprecated %patchN.
==== gvfs ====
Subpackages: gvfs-backend-afc gvfs-backend-goa gvfs-backend-samba gvfs-backends gvfs-fuse
- Use %patch -p N instead of deprecated %patchN.
==== kernel-firmware ====
Version update (20231107 -> 20231127)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Update to version 20231127 (git commit 4124f8f928d5):
* Make rdfind optional
* ice: update ice DDP wireless_edge package to 1.3.13.0
* linux-firmware: update firmware for mediatek bluetooth chip (MT7922)
* linux-firmware: update firmware for mediatek bluetooth chip (MT7921)
* linux-firmware: update firmware for MT7922 WiFi device
* linux-firmware: update firmware for MT7921 WiFi device
* Makefile, copy-firmware: Use portable "command -v" to detect installed programs
* amdgpu: update DMCUB firmware to 0.0.194.0 for DCN321 and DCN32
* powervr: add firmware for Imagination Technologies AXE-1-16M GPU
* ice: update ice DDP comms package to 1.3.45.0
* ice: update ice DDP package to 1.3.35.0
* mediatek: Remove an unused packed library
* amdgpu: update DMCUB firmware to 0.0.193.0 for DCN31 and DCN314
- Drop obsoleted copy-file-skip-rdfind.patch; use --ignore-duplicates
- Update to version 20231120 (git commit 9552083a783e):
* mediatek: Sync shared memory structure changes
* Intel Bluetooth: Update firmware file for Intel Bluetooth BE200
* i915: Update MTL DMC to v2.19
* Make email replies more resilient
* Try both utf-8 and windows-1252 for decoding email
- Update to version 20231116 (git commit 6723a8d90923):
* iwlwifi: fix for the new FWs from core83-55 release
* Enable deb and rpm builds on tags
* linux-firmware: Add firmware for Cirrus CS35L41 on HP G11 Laptops
* linux-firmware: Add firmware for Cirrus CS35L41 on 2024 ASUS Zenbook Laptops
- Update to version 20231115 (git commit a07fd0b96b5a):
* iwlwifi: add new FWs from core83-55 release
* iwlwifi: update cc/Qu/QuZ firmwares for core83-55 release
* Add a workaround for gitlab.freedesktop.org pull requests
* Add extra debugging output when processing pull requests
* Process pull requets directly from mbox
* linux-firmware: add firmware for mt7988 internal 2.5G ethernet phy
* Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX101
* Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX203
* Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX211
* Intel Bluetooth: Update firmware file for SolarF Intel Bluetooth AX101
* Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX101
* Intel Bluetooth: Update firmware file for SolarF Intel Bluetooth AX203
* Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX203
* Intel Bluetooth: Update firmware file for SolarF Intel Bluetooth AX211
* Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX211
* Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX210
- Update to version 20231110 (git commit 74158e7ac86d):
* amdgpu: DMCUB updates for various AMDGPU ASICs
* Ensure rdfind is installed
* Add checks for destination directory being specified
* Fix symlink creation for some files
* Fix classification of some pull requests
* nvidia: add GSP-RM version 535.113.01 firmware images
- Skip rdfind (not included in our distro as default):
copy-file-skip-rdfind.patch
- Fix make-files.sh to handle symlinked directories
==== kio-extras5 ====
Subpackages: libkioarchive5
- Add missing BuildRequires again, they got removed for some reason
(boo#1211933)
- Mention all plugins in %files explicitly
==== libcanberra ====
Subpackages: canberra-gtk-play libcanberra-gtk-module-common libcanberra-gtk0 libcanberra-gtk2-module libcanberra-gtk3-0 libcanberra-gtk3-module libcanberra0
- Use %autosetup instead of %setup/%patch.
==== libdrm ====
Subpackages: libdrm2 libdrm_amdgpu1 libdrm_nouveau2 libdrm_radeon1
- adjusted n_libdrm-drop-valgrind-dep-generic.patch,
n_libdrm-drop-valgrind-dep-intel.patch to fix build on sle15-sp6
==== libsecret ====
Subpackages: libsecret-1-0 typelib-1_0-Secret-1
- Use %patch -p N instead of deprecated %patchN.
==== libsemanage ====
Subpackages: libsemanage-conf libsemanage-migrate-store libsemanage2
- Remove dependency on /usr/bin/python3, making scripts to depends on
the real python3 binary, not the link. bsc#1212476
==== libxslt ====
Version update (1.1.38 -> 1.1.39)
Subpackages: libexslt0 libxslt-tools libxslt1
- Update to version 1.1.39:
* Bug fixes: extensions: Don't search imports for extension
prefixes
* Improvements:
- transform: Check maximum depth when processing default
templates
- build:
. Add more missing include
. Add missing includes
- python: Don't set deprecated global
- imports: Limit nesting depth
- extensions: Report top-level elements in
xsltDebugDumpExtensions
- Add extern "C" { } block to xsltlocale.h
* Portability:
- python: Make it compatible with python3.12
- date:
. Fix check for localtime_s
. Fix check for gmtime_s
* Build systems:
- pkg-config files include cflags for static builds
- Handle NOCONFIG case when setting locations from CMake target
properties
- autotools: Make xslt-config executable
* Tests:
- tests: Structured error handler now passes a const xmlError
- python: Fix tests on MinGW
- fuzz: Fix xmlFuzzEntityLoader after recent libxml2 changes
==== mozjs115 ====
- Use %patch -p N instead of deprecated %patchN.
==== mutter ====
- Use %patch -p N instead of deprecated %patchN.
==== pcsc-lite ====
Version update (2.0.0 -> 2.0.1)
Subpackages: libpcsclite1
- version 2.0.1
* SCardConnect(): return SCARD_W_SECURITY_VIOLATION when needed (polkit)
* SCardCancel(): return SCARD_S_SUCCESS even if the client already finished
* polkit is enabled by default
* libpcscspy: fix a crash with NULL pointers
* Doxygen: fix SCardBeginTransaction() documentation
* fix pcscd internal thread safety issues (clang -fsanitize=thread)
* Some other minor improvements
==== polkit-gnome ====
- Use %autosetup instead of %setup/%patch.
==== python-Pygments ====
Version update (2.16.1 -> 2.17.2)
- update to 2.17.2:
* Fix a packaging issue on macOS
* Updated lexers:
* TOML: Fix bug making lexing of single-quoted strings too
eager
* Cypher: fix comment matching, add missing keywords
* Fortran: add ``elseif`` keyword
* Lean: make it available as ``lean3``, in preparation for
* a possible switch to ``lean`` highlighting as Lean 4
* JSON: add MIME types and file extensions for several line-
delimited JSON formats
* Nix: many improvements
* OCaml: Add ``and`` keyword, remove ``value`` from keywords
* Python: add ``starlark`` and ``bazel`` aliases
* Snowball: Treat ``len`` like ``size``
* Spice: add ``panic`` keyword and ``->`` operator
* squid.conf: fix catastrophic backtracking
* TOML: rewritten, with many fixes
* Turtle: support blank nodes
* Wikitext: fix erroneous highlighting of LanguageConverter
markup
* CMake: support ``[=[ bracketed arguments ]=]```
* Fix ctags support and tests
* Include ``Lexer.add_filter`` in the documentation
* Add a ``Lean3Lexer`` alias
* The ``pygments.styles`` module contains a new ``STYLES``
variable with a dictionary of built-in styles. The old
``STYLE_MAP`` variable, which uses a different format,
is kept for backwards compatibility.
* On Windows, add a new installation extra (``windows-
terminal``) which pulls in dependencies for colored
console output. See :doc:`cmdline` for more details.
* Support more file types in ``autopygmentize`` script
* Change color of numbers in ``rrt`` style
* Fix error when trying to look up plugin formatters by file
extension of the output format
* Use Hatchling as a build backend instead of setuptools.
* This change is transparent to most users. Distribution
packagers who build without build isolation need to add
hatchling as a build dependency and remove setuptools.
People downloading source distributions and wheels from PyPI
directly should note that they now have ``pygments`` in their
file names instead of ``Pygments``.
* Improve the test framework to also check for lost tokens when
processing the snippets and example files
* Improve the *Dracula* style definition to make it easier to
maintain
==== python-SQLAlchemy ====
Version update (2.0.21 -> 2.0.23)
- update to 2.0.23:
* https://docs.sqlalchemy.org/en/20/changelog/changelog_20.html#change-2.0.23
* https://docs.sqlalchemy.org/en/20/changelog/changelog_20.html#change-2.0.22
==== python-argcomplete ====
Version update (3.1.4 -> 3.1.6)
- update to 3.1.6:
* Respect user choice in activate-global-python-argcomplete
* Escape colon in zsh completions. Fixes #456
* Call \_default as a fallback in zsh global completion
==== python-certifi ====
Version update (2023.7.22 -> 2023.11.17)
- update to 2023.11.17:
Added certs:
* Subject: CN=TrustAsia Global Root CA G3 O=TrustAsia Technologies, Inc.
* Subject: CN=TrustAsia Global Root CA G4 O=TrustAsia Technologies, Inc.
* Subject: CN=CommScope Public Trust ECC Root-01 O=CommScope
* Subject: CN=CommScope Public Trust ECC Root-02 O=CommScope
* Subject: CN=CommScope Public Trust RSA Root-01 O=CommScope
* Subject: CN=CommScope Public Trust RSA Root-02 O=CommScope
Removed certs:
* Subject: CN=Autoridad de Certificacion Firmaprofesional CIF A62634068
==== python-cryptography ====
Version update (41.0.5 -> 41.0.7)
- update to 41.0.7 (CVE-2023-49083, bsc#1217592):
* Fixed compilation when using LibreSSL 3.8.2.
* Fixed a null-pointer-dereference and segfault that could
occur when loading certificates from a PKCS#7 bundle.
Credit to **pkuzco** for reporting the issue. **CVE-2023-49083**
==== python-gevent ====
Version update (23.9.0 -> 23.9.1)
- update to 23.9.1:
* Require greenlet 3.0 on Python 3.11 and Python 3.12; greenlet
3.0 is recommended for all platforms.
==== python-greenlet ====
Version update (3.0.0 -> 3.0.1)
- update to 3.0.1:
* Fix a potential crash on Python 3.8 at interpreter shutdown
time. This was a regression from earlier 3.0.x releases.
==== python-httpx ====
Version update (0.25.0 -> 0.25.2)
- update to 0.25.2:
* Add missing type hints to few `__init__()` methods. (#2938)
* Add support for Python 3.12. (#2854)
* Add support for httpcore 1.0 (#2885)
* Raise `ValueError` on `Response.encoding` being set after
`Response.text` has been accessed. (#2852)
- drop newer-httpcore.patch (upstream)
==== python-idna ====
Version update (3.4 -> 3.6)
- update to 3.6:
* Fix regression to include tests in source distribution.
* Update to Unicode 15.1.0
* String codec name is now "idna2008" as overriding the system codec
"idna" was not working.
* Fix typing error for codec encoding
* "setup.cfg" has been added for this release due to some downstream
* lack of adherence to PEP 517. Should be removed in a future release
so please prepare accordingly.
* Removed reliance on a symlink for the "idna-data" tool to comport
with PEP 517 and the Python Packaging User Guide for sdist
archives.
* Added security reporting protocol for project
==== python-mysqlclient ====
Version update (2.1.1 -> 2.2.0)
- update to 2.2.0:
* Use ``pkg-config`` instead of ``mysql_config`` (#586)
* Raise ProgrammingError on -inf (#557)
* Raise IntegrityError for ER_BAD_NULL. (#579)
* Windows: Use MariaDB Connector/C 3.3.4 (#585)
* Use pkg-config instead of mysql_config (#586)
* Add collation option (#564)
* Drop Python 3.7 support (#593)
* Use pyproject.toml for build (#598)
* Add Cursor.mogrify (#477)
* Partial support of ssl_mode option with mariadbclient (#475)
* Discard remaining results without creating Python objects
* Fix executemany with binary prefix (#605)
==== python-pyOpenSSL ====
Version update (23.2.0 -> 23.3.0)
- update to 23.3.0:
* Dropped support for Python 3.6.
* The minimum ``cryptography`` version is now 41.0.5.
* Removed ``OpenSSL.crypto.loads_pkcs7`` and
``OpenSSL.crypto.loads_pkcs12`` which had been deprecated for
3 years.
* Added ``OpenSSL.SSL.OP_LEGACY_SERVER_CONNECT`` to allow
legacy insecure renegotiation between OpenSSL and unpatched
servers.
* Deprecated ``OpenSSL.crypto.PKCS12`` (which was intended to
have been deprecated at the same time as
``OpenSSL.crypto.load_pkcs12``).
* Deprecated ``OpenSSL.crypto.NetscapeSPKI``.
* Deprecated ``OpenSSL.crypto.CRL``
* Deprecated ``OpenSSL.crypto.Revoked``
* Deprecated ``OpenSSL.crypto.load_crl`` and
``OpenSSL.crypto.dump_crl``
* Deprecated ``OpenSSL.crypto.sign`` and
``OpenSSL.crypto.verify``
* Deprecated ``OpenSSL.crypto.X509Extension``
* Changed ``OpenSSL.crypto.X509Store.add_crl`` to also accept
* ``cryptography``'s ``x509.CertificateRevocationList``
arguments in addition
* to the now deprecated ``OpenSSL.crypto.CRL`` arguments.
* Fixed ``test_set_default_verify_paths`` test so that it is
skipped if no network connection is available.
==== python-pyasn1 ====
Version update (0.5.0 -> 0.5.1)
- update to 0.5.1:
* Added support for PyPy 3.10 and Python 3.12
* Updated RTD configuration to include a dummy index.rst
redirecting to contents.html, ensuring compatibility with
third-party documentation and search indexes.
* Fixed the API breakage wih decoder.decode(substrateFun=...).
* A substrateFun passed to ``decoder.decode()`` can now be
either v0.4 Non-Streaming or v0.5 Streaming.
pyasn1 will detect and handle both cases transparently.
* A substrateFun passed to one of the new streaming decoders is
* still expected to be v0.5 Streaming only.
==== python-pycryptodome ====
Version update (3.18.0 -> 3.19.0)
- update to 3.19.0:
* The ``update()`` methods of TupleHash128 and TupleHash256
objects can now hash multiple items (byte strings) at once.
* Added support for ECDH, with ``Crypto.Protocol.DH``.
* GH#754: due to a bug in ``cffi``, do not use it on Windows
with Python 3.12+.
==== python-reportlab ====
Version update (4.0.5 -> 4.0.7)
- update to 4.0.7:
* allow testutils.makeSuiteForClasses to specify a prefix for
test method names
* SpiderChart can have direct draw flowable labels
* fix and improve tests for python -mreportlab.lib.rl_accel
* fix barchart 3D stacked case & fix barchart valueAxis
reverseDirection behaviour.
* fix importlib usage in reportlab init, reported by Frank
Epperlein and others
* add value axes extraMinMaxValues as aid to parallel axes
* add styles str2alignment maps
left/right/center/centre/justify etc
* fix validators.isSubclassOf
* test ddfStyle as instance first in textlabels.py
* allow Pie Doughnut classes to control label class
- drop importlib.patch (upstream)
==== python-simplejson ====
Version update (3.19.1 -> 3.19.2)
- update to 3.19.2:
* Updated test & build matrix to include Python 3.12
==== python-zipp ====
Version update (3.15.0 -> 3.17.0)
- update to 3.17.0:
* Added ``CompleteDirs.inject`` classmethod to make available
for use elsewhere.
* Avoid matching path separators for '?' in glob.
* In ``Path.match``, Windows path separators are no longer
honored. The fact that they were was incidental and never
supported. (#92)
* Fixed name/suffix/suffixes/stem operations when no filename
is present and the Path is not at the root of the zipfile.
(#96)
* Reworked glob utilizing the namelist directly. (#101)
* Replaced the ``fnmatch.translate`` with a fresh glob-to-regex
translator for more correct matching behavior. (#98)
* Require Python 3.8 or later.
==== rubygem-autoprefixer-rails ====
Version update (10.4.15.0 -> 10.4.16.0)
- ## 10.4.16.0
* Improved performance (by Romain Menke).
==== rubygem-bcrypt ====
Version update (3.1.19 -> 3.1.20)
- 3.1.20 Nov 17 2023
- Limit packaged files -- decrease gem filesize by ~28% [GH #272 by @pusewicz]
==== rubygem-debase-ruby_core_source ====
Version update (3.2.2 -> 3.2.3)
- ## [3.2.3](https://github.com/ruby-debug/debase-ruby_core_source/compare/3.2.3.…
* ruby-3.3.0-preview3 sources added
* ruby-3.3.0-preview2 sources removed
==== rubygem-hoe ====
Version update (4.0.5 -> 4.1.0)
- New upstream release 4.1.0, see bundled History.rdoc
==== rubygem-mustermann-grape ====
Version update (1.0.2 -> 1.1.0)
- New upstream release 1.1.0, see bundled CHANGELOG.md
==== rubygem-nio4r ====
Version update (2.5.9 -> 2.6.1)
- New upstream release 2.6.1, see bundled changes.md
==== rubygem-nokogiri ====
Version update (1.15.4 -> 1.15.5)
- 1.15.5:
[#]# 1.15.5 / 2023-11-17
[#]## Dependencies
* [CRuby] Vendored libxml2 is updated to v2.11.6 from v2.11.5. For details please see https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.6
* [CRuby] Vendored libxslt is updated to v1.1.39 from v1.1.38. For details please see https://gitlab.gnome.org/GNOME/libxslt/-/releases/v1.1.39
==== rubygem-pkg-config ====
Version update (1.5.5 -> 1.5.6)
- New upstream release 1.5.6, see bundled NEWS
==== rubygem-raindrops ====
Version update (0.20.0 -> 0.20.1)
- New upstream release 0.20.1, see bundled NEWS
==== rubygem-spring ====
Version update (4.1.2 -> 4.1.3)
- New upstream release 4.1.3, no changelog found
==== rubygem-sshkit ====
Version update (1.21.5 -> 1.21.6)
- New upstream release 1.21.6, see bundled CHANGELOG.md
==== rubygem-unf_ext ====
Version update (0.0.8.2 -> 0.0.9.1)
- # Changelog
[#]# [0.0.9.1](https://github.com/knu/ruby-unf_ext/tree/v0.0.9.1) (2023-11-16)
[Full Changelog](https://github.com/knu/ruby-unf_ext/compare/v0.0.9...v0.0.9.1)
- Fix use of designated initializers. [\#75](https://github.com/knu/ruby-unf_ext/pull/75) ([igorpeshansky](https://github.com/igorpeshansky))
[#]# [0.0.9](https://github.com/knu/ruby-unf_ext/tree/v0.0.9) (2023-11-11)
[Full Changelog](https://github.com/knu/ruby-unf_ext/compare/v0.0.8.2...v0.0.9)
- Use the newer TypedData extension API [\#72](https://github.com/knu/ruby-unf_ext/pull/72) ([casperisfine](https://github.com/casperisfine))
- Update Actions - updates OS's, add Ruby 3,2, etc [\#71](https://github.com/knu/ruby-unf_ext/pull/71) ([MSP-Greg](https://github.com/MSP-Greg))
- Add cross compilation for Ruby 3.2 [\#69](https://github.com/knu/ruby-unf_ext/pull/69) ([johnnyshields](https://github.com/johnnyshields))
==== rubygem-xdg ====
Version update (7.0.2 -> 7.1.3)
- New upstream release 7.1.3, no changelog found
==== rubygem-xmlhash ====
Version update (1.3.8 -> 1.3.9)
- New upstream release 1.3.9, see bundled History.txt
==== system-config-printer ====
Subpackages: python3-cupshelpers system-config-printer-applet system-config-printer-common system-config-printer-dbus-service udev-configure-printer
- Use %autosetup -p1 instead of multiple %patch lines. Allows us to
get rid of deprecated %patchN.
==== thin-provisioning-tools ====
- Update vendored dependencies
==== tigervnc ====
Subpackages: libXvnc1 xorg-x11-Xvnc xorg-x11-Xvnc-module
- introduced n_dont_sign_java_client.patch and changed
n_tigervnc-date-time.patch to allow the build to be reproducible
(bsc#1208478):
* Dont sign the Java client so the jar file won't contain a
signed file with a variable timestamp.
* The signing was necessary for accessing the system clipboard
when the Java client runs as an applet.
(This shouldn't harm due to the deprecation of Java applets
was done in version 9).
==== tracker-miners ====
Subpackages: tracker-miner-files
- Use %patch -p N instead of deprecated %patchN.
==== util-linux ====
Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1
- Remove /etc/filesystem, the content is outdated
(/etc cleanup, [jsc#PED-240])
- Add libuuid-avoid-truncate-clocks.txt-to-improve-performance.patch
==== util-linux-systemd ====
- Remove /etc/filesystem, the content is outdated
(/etc cleanup, [jsc#PED-240])
- Add libuuid-avoid-truncate-clocks.txt-to-improve-performance.patch
==== virt-manager ====
Subpackages: virt-install virt-manager-common
- Upstream bug fixes (bsc#1027942) (jsc#PED-2104)
001-cli-disk-Add-driver.metadata_cache-options.patch
002-tests-cli-Fix-test-output-after-previous-commit.patch
003-fsdetails-Fix-an-error-with-source.socket-of-virtiofs.patch
004-cli-Drop-unnecessary-disk-prop-aliases.patch
005-tests-testdriver-Add-filesystem-socket-example.patch
006-virtinstall-split-no_install-conditional-apart-to-track-code-coverage.patch
007-virtinstall-fix-regression-with-boot-and-no-install-method.patch
008-tests-Add-a-compat-check-for-linux2020-in-amd-sev-test-case.patch
009-cli-cpu-Add-maxphysaddr.mode-bits-options.patch
010-virt-install-help-required-options-are-wrong.patch
011-cloner-Sync-uuid-and-sysinfo-system-uuid.patch
012-virt-install-unattended-and-cloud-init-conflict.patch
013-virt-install-Reuse-cli.fail_conflicting.patch
014-cli-support-boot-loader.stateless-.patch
015-diskbackend-Drop-support-for-sheepdog.patch
016-Fix-pylint-pycodestyle-warnings-with-latest-versions.patch
017-tests-cpio-set-owner-to-00.patch
018-addhardware-Fix-backtrace-when-controller.index-is-None.patch
019-Clean-up-FileChooser-usage-a-bit.patch
020-guest-Query-availability-of-usb-redirdevs-in-domcaps.patch
021-guest-Query-availability-of-spicevmc-channels-in-domcaps.patch
022-tests-Add-domcaps-coverage-for-usb-redir-spicevmc-channel-checks.patch
023-tests-Update-to-latest-kvm-domcaps.patch
024-progress-Fix-showing-correct-final-total.patch
025-virtinstall-Fix-the-allocating-disk-size-printed-by-the-progress-bar.patch
026-virtinstall-Hide-total_size-in-the-progress-bar-if-it-doesnt-need.patch
027-asyncjob-Fix-backtrace-when-no-cursor-theme-installed.patch
029-asyncjob-Remove-unused-import.patch
030-Packit-initial-enablement.patch
031-virt-install-Recommend-boot-uefi.patch
032-virt-install-Document-Secure-Boot-setups.patch
033-cloner-clone-serial-files.patch
034-tests-cli-test-serial-file-clone.patch
035-man-virt-install-Add-a-note-about-different-behavior-of-boot-on-s390x.patch
036-tests-uitests-Fix-window-reposition-on-f38.patch
037-tests-livetests-work-around-qemu-media-change-regression.patch
038-tests-uitests-Fix-manager-window-repositioning-test.patch
039-tests-Default-uitests-to-verbosity-2.patch
040-uitests-Make-hotplug-test-pass-on-both-f37-and-f38.patch
041-uitests-More-attempts-at-making-manager-reposition-test-reliable.patch
042-tests-uitests-make-menu-operations-more-robust.patch
043-rpm-convert-license-to-SPDX-format.patch
044-uitests-Drop-hotplug-work-around-f38-libvirt-is-fixed-now.patch
045-virtinst-delay-lookup_capsinfo-until-we-really-need-it.patch
046-virtinst-suppress-lookup_capsinfo-exception-in-machine-type-alias-check.patch
047-tests-data-refresh-Fedora-tree-URLs-in-virt-install-osinfo-expected-XMLs.patch
048-tests-Add-unit-test-coverage-for-539.patch
049-fix-indentation-of-multiline-log.exception-invocations.patch
050-virt-clone-Copy-disk-permissions-as-well.patch
051-data-appstream-add-launchable-tag.patch
052-Fix-some-pylint.patch
055-connectauth-Drop-sanity-checking-for-libvirtd.patch
056-delete-Fix-ambiguity-that-confused-pylint.patch
057-Fix-filesystem-socket.source.patch
- Replaced patches
11a887ec-cli-disk-Add-driver.metadata_cache-options.patch
1cb0be40-virtinstall-split-no_install-conditional-apart-to-track-code-coverage.patch
58f5e36d-fsdetails-Fix-an-error-with-source.socket-of-virtiofs.patch
67832d30-addhardware-Fix-backtrace-when-controller-index-is-None.patch
7295ebfb-tests-cli-Fix-test-output-after-previous-commit.patch
999ccb85-virt-install-unattended-and-cloud-init-conflict.patch
b0d05167-cloner-Sync-uuid-and-sysinfo-system-uuid.patch
c22a876e-tests-Add-a-compat-check-for-linux2020-in-amd-sev-test-case.patch
e94786c0-virtinstall-fix-regression-with-boot-and-no-install-method.patch
fbdf0516-cli-cpu-Add-maxphysaddr.mode-bits-options.patch
- Dropped patches
virtman-check-for-libvirt-modular-daemons.patch
virtman-fix-osinfo-tests.patch
- Supportconfig: Adapt plugin to modern supportconfig
The supportconfig 'scplugin.rc' file is deprecated in favor of
supportconfig.rc'. Adapt the virt-manager plugin to the new scheme.
virt-manager-supportconfig
==== vte ====
Subpackages: libvte-2_91-0 typelib-1_0-Vte-2_91
- Use %patch -p N instead of deprecated %patchN.
==== webkit2gtk3 ====
Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles
- Adjust path to (openSUSE renamed) gst-plugin-scanner in the code
using sed.
==== webkit2gtk3-soup2 ====
Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles
- Adjust path to (openSUSE renamed) gst-plugin-scanner in the code
using sed.
==== xdg-desktop-portal ====
Version update (1.18.1 -> 1.18.2)
- Update to version 1.18.2:
+ Pass the token to the OpenURI portal and, when missing, an
empty string.
+ Fix various memory and file descriptor leaks in the Document
portal.
+ Make files and folders openend with the Document portal close
properly. This should fix cases where the Document portal
prevented external devices from unmounting, due to files inside
them not getting closed after applications stop using them.
+ Implement FUSE getlk and setlk callbacks.This should enable
using sqlite3 through the Document portal.
+ Properly resolve fd symlinks before opening them with
O_NOFOLLOW.
+ Fix cases where the portal id is assumed to match the .desktop
file name.
+ Allow sending directories in the file transfer portal. This
should make it possible to, among other things, drag and drop
folders and files simultaneously from and to sandboxed
applications.
+ Fallback to a hardcoded check to xdg-desktop-portal-gtk in the
absence of any other portal or configuration file, as a last
resort mechanism.
+ Various smaller fixes to the build system.
==== xdg-desktop-portal-gnome ====
Version update (45.0 -> 45.1)
- Update to version 45.1:
+ accountdialog: Fix crash when pressing Escape
+ Send remote file URIs as local FUSE URIs
+ Various fixes to screencast and input capture
+ Expose org.gnome.desktop.calendar through the Settings portal
+ Put dialogs in separate window groups
+ Updated translations.
==== xfce4-dict ====
Version update (0.8.5 -> 0.8.6)
Subpackages: xfce4-dict-lang xfce4-panel-plugin-dict
- Update to version 0.8.6
* Use getaddrinfo(3) to support IPv6 DICT servers
* Add icons at missing sizes, clean up SVG metadata
==== yast2-core ====
Version update (5.0.0 -> 5.0.1)
- Do not test YCP on non-UTF-8 strings (bsc#1217523)
- 5.0.1
==== zenity ====
Version update (3.99.2 -> 3.99.90)
- Update to version 3.99.90:
+ build: Make building manpage dependent upon manpage option
+ text: Handle long inputs properly
+ colview: Use g_signal_connect_object
+ tree/colview: Return correct value when filtered using search;
code cleanups
+ colview: Add missing declaration to header
+ build:
- Make implicit declarations an error
- Make zenity4 compile against gtk 4.12 without deprecation
warnings
+ tree:
- Fix reading input from a named pipe
- --checklist or --radiolist with < 2 cols should be an error
- Fix output for non-check/radio multiple selections
+ util: Replace gtk_window_destroy() with
gtk_application_remove_window().
+ Updated translations.
1
0
Hello! I have an interesting problem on my Radxa RockPi 5B (Rockchip
RK3588) SOC: I have Leap Micro 5.5 running (Kernel
5.14.21-150500.55.36-default) and VMs cannot have more than one vCPU.
When I boot a VM (here: Leap 15.5) with e.g. 2 vCPUs, I get the
following error message:
[ 0.003395][ T1] psci: failed to boot CPU1 (-22)
[ 0.003409][ T1] CPU1: failed to boot: -22
And then after some time the system boots, but only with one CPU:
# cat /proc/cpuinfo
processor : 0
BogoMIPS : 48.00
Features : fp asimd evtstrm aes pmull sha1 sha2 crc32 atomics fphp asimdh
p cpuid asimdrdm lrcpc dcpop asimddp
CPU implementer : 0x41
CPU architecture: 8
CPU variant : 0x4
CPU part : 0xd0b
CPU revision : 0
I also observe that one full core is constantly busy on the hypervisor,
or more specifically by the qemu-system-aarch64 process therein.
Anyone an idea what's going on here?
Best,
phoenix
2
2
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
MozillaFirefox (119.0.1 -> 120.0)
gstreamer-plugins-bad
icewm (3.4.3 -> 3.4.4)
inxi (3.3.27 -> 3.3.31)
kyotocabinet (1.2.77 -> 1.2.80)
libdrm (2.4.117 -> 2.4.118)
nghttp2 (1.57.0 -> 1.58.0)
pam-config (2.9 -> 2.10)
pipewire (0.3.85 -> 1.0.0)
policycoreutils
python-charset-normalizer (3.3.0 -> 3.3.2)
python-lxml
python-setproctitle (1.3.2 -> 1.3.3)
restorecond
tango-icon-theme
tpm2-0-tss
transmission (4.0.3 -> 4.0.4)
usbutils (015 -> 017)
wireplumber (0.4.15 -> 0.4.16)
xwayland
=== Details ===
==== MozillaFirefox ====
Version update (119.0.1 -> 120.0)
- Mozilla Firefox 120.0
https://www.mozilla.org/en-US/firefox/120.0/releasenotes
MFSA 2023-49 (bsc#1217230)
* CVE-2023-6204 (bmo#1841050)
Out-of-bound memory access in WebGL2 blitFramebuffer
* CVE-2023-6205 (bmo#1854076)
Use-after-free in MessagePort::Entangled
* CVE-2023-6206 (bmo#1857430)
Clickjacking permission prompts using the fullscreen
transition
* CVE-2023-6207 (bmo#1861344)
Use-after-free in ReadableByteStreamQueueEntry::Buffer
* CVE-2023-6208 (bmo#1855345)
Using Selection API would copy contents into X11 primary
selection.
* CVE-2023-6209 (bmo#1858570)
Incorrect parsing of relative URLs starting with "///"
* CVE-2023-6210 (bmo#1801501)
Mixed-content resources not blocked in a javascript: pop-up
* CVE-2023-6211 (bmo#1850200)
Clickjacking to load insecure pages in HTTPS-only mode
* CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252,
bmo#1856072, bmo#1856091, bmo#1859030, bmo#1860943,
bmo#1862782)
Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5,
and Thunderbird 115.5
* CVE-2023-6213 (bmo#1849265, bmo#1851118, bmo#1854911)
Memory safety bugs fixed in Firefox 120
- rebased patches
==== gstreamer-plugins-bad ====
Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0
- Stop passing sctp=disabled and pass sctp=enabled to meson setup
instead, enable build of sctp plugin.
==== icewm ====
Version update (3.4.3 -> 3.4.4)
Subpackages: icewm-config-upstream icewm-default icewm-lang icewm-lite
- update to 3.4.4:
* Use fcsmart for capturing loadText data.
* Support TIFF and WEBP in icewmbg.
* More permissive parsing of a PAM image header in icesh.
* Remove obsolete winoption examples and add one for
plank.
* Use --disable-librsvg instead of --disable-rsvg.
* Add `supportsFormat` to check for support of additional
image formats.
* Support JXL, JP2, RAW, SVG, TGA image formats in
icewmbg.
* Test if a color can be considered dark for issue #715.
* Brighten the color of inactive preview icons for dark
themes for issue
* Fix a crash when a ping timeout dialog is destroyed for
issue #729.
* Let icewmbg interpret command-line arguments relative
to the current working directory.
* Clarify prefoverride and closes #750
* When mapping a client by PID, search for the best
match.
* Don't enforce the use of clang++ in the debug build.
* Fix ordering in the 4th configuration
* Fix minor warnings from recent CMake and GCC
* Translated using Weblate (Portuguese (Brazil))
==== inxi ====
Version update (3.3.27 -> 3.3.31)
- Updated to version 3.3.31:
+ /usr/share/doc/packages/inxi/inxi.changelog.
- Updated spec file for new location of inxi at codeberg.org.
==== kyotocabinet ====
Version update (1.2.77 -> 1.2.80)
- update to 1.2.80:
- configure.in supports strict C99 rules.
- Fixed errors of kcdirtest on BtrFS.
- Fixed build warnings.
==== libdrm ====
Version update (2.4.117 -> 2.4.118)
Subpackages: libdrm2 libdrm_amdgpu1 libdrm_nouveau2 libdrm_radeon1
- update to 2.4.118:
* improve SMPTE color LUT accuracy
* util: factor out and optimize C8 SMPTE color LUT
* util: add support for DRM_FORMAT_C[124]
* util: store number of colors for indexed formats
* util: add SMPTE pattern support for C4 format
* util: add SMPTE pattern support for C1 format
* util: add SMPTE pattern support for C2 format
* modetest: add support for DRM_FORMAT_C[124]
* modetest: add SMPTE pattern support for C[124] formats
* intel: determine target endianness using meson
* util: fix 32 bpp patterns on big-endian
* util: fix 16 bpp patterns on big-endian
* util: add missing big-endian RGB16 frame buffer formats
* modetest: add support for parsing big-endian formats
* util: add test pattern support for big-endian XRGB1555/RGB565
* util: fix pwetty on big-endian
* util: add pwetty support for big-endian RGB565
* modetest: add support for big-endian XRGB1555/RGB565
* modetest: add support for DRM_FORMAT_NV{15,20,30}
* modetest: switch usage to proper options grammar
* xf86drm: add drmGetNodeTypeFromDevId
* Sync headers with drm-next
* xf86drmMode: add drmModeCloseFB()
==== nghttp2 ====
Version update (1.57.0 -> 1.58.0)
- update to 1.58.0:
* Update manual pages
* Bump neverbleed
* Bump ngtcp2
* Prefer clock_gettime if __CYGWIN__ defined
* Do not require strict c++ mode
* nghttpx: Stricter transfer-encoding checks
* Refactor character comparison
* Integration servertester h3
* integration: Enable http3 test with cmake
==== pam-config ====
Version update (2.9 -> 2.10)
- Update to version 2.10
- Enable session and account support for kanidm and himmelblau
==== pipewire ====
Version update (0.3.85 -> 1.0.0)
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools
- Update to version 1.0.0 (El Presidente):
* Highlights
- Fix a memfd/dmabuf leak when uploading buffers while shutting
down.
- Handle concurrent jack_port_get_buffer() calls because ardour
seems to be doing this.
- Improve time reporting (less jitter) in ALSA when using IRQ.
- Many doc improvements.
* PipeWire
- Respect PIPEWIRE_DLCLOSE everywhere, remove pw_in_valgrind().
- Remove a warning when a client tries to change ignored
properties.
* Modules
- Fix a memfd/dmabuf leak when uploading buffers while shutting
down.
- Fix a potential segfault when copying mix structures. (#3658)
- Avoid races in setrlimit in module-rt.
- Fix a memory leak in filter-chain.
- Set rtp.ptime on senders, not receivers.
- The ROC modules were ported to ROC 0.3
* SPA
- Improve time reporting (less jitter) in ALSA when using IRQ.
(#3657)
- Add latency param query in libcamera.
- Fix some compiler warnings.
- The EVL plugin was updated.
* Bluetooth
- LC3 codec and compatibility improvements.
* Pulse server
- Fix emission of events when a sink/source state changes.
(#3660)
* JACK
- Improve transport and time handling. Use unique ids to make
consistent snapshots of the current time and transport.
- Avoid enumerating port params that we are not going to use.
- Optimize buffer reuse.
- Handle concurrent jack_port_get_buffer() calls because ardour
seems to be doing this. (#3632)
* Docs
- Many doc improvements.
- Add man pages for pw-dump, pw-loopback, modules,
pipewire-pulse.
- Manpages are now made with Doxygen.
- Add docs for pulse-modules
==== policycoreutils ====
Subpackages: policycoreutils-python-utils python3-policycoreutils
- Change deprecated `%patch1 -p1` syntax to supported `%patch -P1 -p1`
(bsc#1216669)
==== python-charset-normalizer ====
Version update (3.3.0 -> 3.3.2)
- update to 3.3.2:
* Unintentional memory usage regression when using large
payload that match several encoding (#376)
* Regression on some detection case showcased in the
documentation (#371)
* Noise (md) probe that identify malformed arabic
representation due to the presence of letters in isolated
form
* Optional mypyc compilation upgraded to version 1.6.1 for
Python >= 3.8
* Improved the general detection reliability based on reports
from the community
==== python-lxml ====
- Add libxml2212-tests.patch to fix tests with new libxml2
==== python-setproctitle ====
Version update (1.3.2 -> 1.3.3)
- update to 1.3.3:
* Add support for Python 3.12
* Fix package metadata to include Python 3.11, 3.12.
==== restorecond ====
- Change deprecated `%patch1 -p1` syntax to supported `%patch -P1 -p1`
(bsc#1216669)
==== tango-icon-theme ====
- Use %patch -P N instead of deprecated %patchN.
==== tpm2-0-tss ====
Subpackages: libtss2-esys0 libtss2-mu0 libtss2-rc0 libtss2-sys1 libtss2-tctildr0
- libtss2-fapi1 requires system-user-tss for tmpfile creation
==== transmission ====
Version update (4.0.3 -> 4.0.4)
Subpackages: transmission-common transmission-gtk
- Update to version 4.0.4:
+ Fixed bug in sending torrent metadata to peers.
+ Avoid unnecessary heap memory allocations.
+ Fixed filename collision edge case when renaming files.
+ Fixed locale errors that broke number rounding when displaying
statistics, e.g. upload / download ratios.
+ Always use a fixed-length key query in tracker announces. This
isn't required by the spec, but some trackers rely on that
fixed length because it's common practice by other BitTorrent
clients.
+ Fixed potential Windows crash when getstdhandle() returns NULL.
+ Fixed 4.0.0 bug where the port numbers in LDP announces are
sometimes malformed.
+ Fixed a bug that prevented editing the query part of a tracker
URL.
+ Fixed a bug where Transmission may not announce LPD on its
listening interface.
+ Made small performance improvements in libtransmission.
+ Qt Client:
- Fixed torrent name rendering when showing magnet links in
compact view.
- Fixed bug that broke the "Move torrent file to trash"
setting.
- Fixed Qt 6.4 deprecation warning.
- Fixed poor resolution of Qt application icon.
+ GTK Client: Fixed missing 'Remove torrent' tooltip.
+ Web Client:
- Don't show null as a tier name in the inspector's tier list.
- Fixed truncated play / pause icons.
- Fixed overflow when rendering peer lists and made speed
indicators honor prefers-color-scheme media queries.
- Made the main menu accessible even on smaller displays.
+ transmission-cli:
- Fixed "no such file or directory" warning when adding a
magnet link.
- Fixed bug that caused the wrong decimal separator to be used
in some locales.
+ transmission-remote: Fixed display bug that failed to show some
torrent labels.
+ Everything Else:
- Ran all PNG files through lossless compressors to make them
smaller.
- Fixed potential build issue when compiling on macOS with gcc.
==== usbutils ====
Version update (015 -> 017)
- update to 017:
* lsusb: fix up [unknown] vendor and product strings.
* lsusb: fix build warning for
dump_billboard_alt_mode_capability_desc()
* lsusb: add fallback names for 'lsusb -v' output
* names: simplify get_vendor_product_with_fallback() a
bit
* rezso (1):
* Honor system libdir and includedir
* usbutils 016
* usbutils: lsusb-t: print entries for devices with no
interfaces
* Fix a typo in usb-spec.h
* lsusb.py.in: Display (device) power/wakeup via -w
option.
* Fix an incorrect length value in hid descriptor.
* Fix misalignments in hid device descripptor.
* Use bigger buffer to place speed value string
* lsusb -h returns an error
* lsusb -h fixups
* lsusb -t: sort in bus order, not reverse order
* lsusb -t: print ports and busses and devices with same
width
* lsusb -t: assign_interface_to_parent() fixups
* lsusb.8.in: fix up missing '-' in text
* README.md: add source location
* lsusb.py: fix up wakeup logic for devices that do not
support it
* lsusb.py.in: add another default path for usb.ids
* names.c: if a string can not be found in the usb.ids
file, return [unknown]
* lsusb-t: if a driver is not bound to an interface,
report "[none]"
* Generate usbutils.pc pkgconfig file
* usbreset: Allow idProduct and idVendor to be 0
* usb-devices: make shellcheck happy
* lsusb: Add function that sorts the output by device ID.
* lsusb: Additional sorting by bus number.
* lsusb: This is a more compact implementation of the
device list sort implemented within this pull request. The
output remains the same as the one demonstrated in the
previous commit.
==== wireplumber ====
Version update (0.4.15 -> 0.4.16)
Subpackages: libwireplumber-0_4-0 wireplumber-audio
- Update to version 0.4.16:
* Additions:
- Added a new "sm-objects" script that allows loading objects
on demand via metadata entries that describe the object to
load; this can be used to load pipewire modules, such as
filters or network sources/sinks, on demand
- Added a mechanism to override device profile priorities in
the configuration, mainly as a way to re-prioritize Bluetooth
codecs, but this also can be used for other devices
- Added a mechanism in the endpoints policy to allow connecting
filters between a certain endpoint's virtual sink and the
device sink; this is specifically intended to allow plugging
a filter-chain to act as equalizer on the Multimedia endpoint
- Added wp_core_get_own_bound_id() method in WpCore
* Changes:
- PipeWire 0.3.68 is now required
- policy-dsp now has the ability to hide hardware nodes behind
the DSP sink to prevent hardware misuse or damage
- JSON parsing in Lua now allows keys inside objects to be
without quotes
- Added optional argument in the Lua JSON parse() method to
limit recursions, making it possible to partially parse a
JSON object
- It is now possible to pass nil in Lua object constructors
that expect an optional properties object; previously,
omitting the argument was the only way to skip the properties
- The endpoints policy now marks the endpoint nodes as
"passive" instead of marking their links, adjusting for the
behavior change in PipeWire 0.3.68
- Removed the "passive" property from si-standard-link, since
only nodes are marked as passive now
* Fixes:
- Fixed the wpctl clear-default command to completely clear all
the default nodes state instead of only the last set default
- Reduced the amount of globals that initially match the
interest in the object manager
- Used an idle callback instead of pw_core_sync() in the object
manager to expose tmp globals
- Remove patches included upstream:
* 0001-object-manager-reduce-the-amount-of-globals-that-initially.patch
* 0002-object-manager-use-an-idle-callback-to-expose-tmp-globals.patch
* 0001-policy-dsp-add-ability-to-hide-parent-nodes.patch
- Update split-config-file.py
==== xwayland ====
- This release contains the following patches mentioned in previous
sle15 releases
* U_Xext-fix-invalid-event-type-mask-in-XTestSwapFakeInp.patch:
fixes regression introduced with security update for
CVE-2022-46340 (bsc#1205874)
* U_bsc1216135-Xi-randr-fix-handling-of-PropModeAppend-Prepend.patch:
fix handling of PropModeAppend/Prepend ((CVE-2023-5367, ZDI-CAN-22153,
bsc#1216135)
* U_bsc1216261-0001-mi-fix-CloseScreen-initialization-order.patch,
U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch:
Server Damage Object Use-After-Free Local Privilege Escalation
Vulnerability (CVE-2023-5574, ZDI-CAN-21213, bsc#1216261)
* U_bsc1216261-0003-dix-always-initialize-pScreen-CloseScreen.patch:
fixes a regresion, which can trigger a segfault in Xwayland on
exit, introduced by
U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch
(CVE-2023-5574, ZDI-CAN-21213, bsc#1216261)
1
0
What do I need to do to install opensuse on a Raspberry Pi 5? Is there
already in image in the build system?
Bill
4
3
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
Mesa
Mesa-drivers
apache2-mod_php8 (8.2.12 -> 8.2.13)
avahi
avahi-glib2
gstreamer-plugins-bad
kded
kernel-firmware-nvidia-gspx-G06 (545.29.02 -> 545.29.06)
libadwaita
libbpf (1.2.2 -> 1.3.0)
libdrm
libgcrypt
libqt5-qtwebengine (5.15.15 -> 5.15.16)
libsolv (0.7.26 -> 0.7.27)
libstorage-ng (4.5.157 -> 4.5.158)
multipath-tools (0.9.6+115+suse.07776fb -> 0.9.7+76+suse.5f857af)
nvidia-open-driver-G06-signed (545.29.02_k6.6.2_1 -> 545.29.06_k6.6.2_1)
php8 (8.2.12 -> 8.2.13)
python-Twisted (22.10.0 -> 23.10.0)
python-anyio (3.6.2 -> 3.7.1)
python-charset-normalizer (3.2.0 -> 3.3.0)
python-linux-procfs (0.7.1 -> 0.7.3)
python-markdown-it-py (2.2.0 -> 3.0.0)
python-mdit-py-plugins (0.3.0 -> 0.4.0)
python-pexpect (4.8.0 -> 4.9.0)
python311 (3.11.5 -> 3.11.6)
python311-core (3.11.5 -> 3.11.6)
raspberrypi-firmware (2023.04.25 -> 2023.11.21)
raspberrypi-firmware-config (2023.04.25 -> 2023.11.21)
raspberrypi-firmware-dt (2023.05.02 -> 2023.11.21)
ruby-common
selinux-policy (20231030 -> 20231124)
webkit2gtk3
webkit2gtk3-soup2
yast2-trans (84.87.20231117.f12231d4de -> 84.87.20231121.7869d671a6)
=== Details ===
==== Mesa ====
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libOSMesa8 libgbm1
- buildrequire 'pkgconfig(SPIRV-Tools)' also with disabled rusticl
(new dep since some time)
- re-disable rusticl on sle15-sp6 to prevent more deps (rust-bindgen)
- buildrequire 'pkgconfig(LLVMSPIRVLib)' also with disabled rusticl
(new dep since some time)
- enable rusticl on sle15-sp6
- let sle15-sp6 require llvm17/clang17
==== Mesa-drivers ====
Subpackages: Mesa-dri Mesa-gallium Mesa-libva
- buildrequire 'pkgconfig(SPIRV-Tools)' also with disabled rusticl
(new dep since some time)
- re-disable rusticl on sle15-sp6 to prevent more deps (rust-bindgen)
- buildrequire 'pkgconfig(LLVMSPIRVLib)' also with disabled rusticl
(new dep since some time)
- enable rusticl on sle15-sp6
- let sle15-sp6 require llvm17/clang17
==== apache2-mod_php8 ====
Version update (8.2.12 -> 8.2.13)
- version update to 8.2.13
* This is a bug fix release.
https://www.php.net/ChangeLog-8.php#8.2.13
==== avahi ====
Subpackages: libavahi-client3 libavahi-common3 libavahi-core7
- avahi-autoipd: drop the post script part migrating the user
owning files in /var/lib/avahi-autoipd: the code was aiding
migrations from SLE<=11/openSUSE<=12.3, which are no longer in
scope for upgrades nowadays.
- avahi-autoipd: guard %post chown with -h, to not follow symlinks
(boo#1217398).
==== avahi-glib2 ====
Subpackages: libavahi-glib1 libavahi-gobject0 libavahi-ui-gtk3-0
- avahi-autoipd: drop the post script part migrating the user
owning files in /var/lib/avahi-autoipd: the code was aiding
migrations from SLE<=11/openSUSE<=12.3, which are no longer in
scope for upgrades nowadays.
- avahi-autoipd: guard %post chown with -h, to not follow symlinks
(boo#1217398).
==== gstreamer-plugins-bad ====
Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0
- Move pkgconfig(dvdnav) and pkgconfig(dvdread) BuildRequires out
of BUILD_ORIG conditional, and stop passing resindvd=disabled and
siren=disabled to meson setup, build dvd and siren 7 support in
main package.
==== kded ====
- Pull in kconf_update5
==== kernel-firmware-nvidia-gspx-G06 ====
Version update (545.29.02 -> 545.29.06)
- update firmware to version 545.29.06
==== libadwaita ====
Subpackages: libadwaita-1-0 typelib-1_0-Adw-1
- Add 3e3967d5f69180644519936991cad10136e84ca9.patch: Fix building
against libappstream 1.0 (boo#1217047).
==== libbpf ====
Version update (1.2.2 -> 1.3.0)
- update to 1.3.0:
* support for `netfilter` programs is added
`SEC("netfilter")` is now available
* API function `bpf_program__attach_netfilter()` is now
available
* support for `tcx` BPF programs is added:
* the following new SEC definitions are now available:
SEC("tc/egress"), SEC("tc/ingress"), SEC("tcx/egress"),
SEC("tcx/ingress")
* the following SEC definitions are now considered legacy:
SEC("tc"), SEC("action"), SEC("classifier")
* functions `bpf_prog_attach_opts()` and
`bpf_prog_query_opts()` are extended to work with `tcx`
programs, plus two new API functions are added:
* the following new SEC definitions are now available:
SEC("uprobe.multi"), SEC("uprobe.multi.s"),
SEC("uretprobe.multi"), SEC("uretprobe.multi.s")
* support for section `SEC("usdt.s")` is added for sleepable
`usdt` programs;
* support for Unix domain socket cgroup BPF programs is added
the following new SEC definitions are now available:
SEC("cgroup/connect_unix"),SEC("cgroup/sendmsg_unix"),
SEC("cgroup/recvmsg_unix"), SEC("cgroup/getpeername_unix"),
SEC("cgroup/getsockname_unix")
* new `LIBBPF_OPTS_RESET()` utility macro;
* new `bpf_object__unpin()` function to complement existing
`bpf_object__pin()`;
* new API functions for work with ring buffers
* uprobe SEC matcher extended to allow golang symbols;
* uprobe support for symbols versioning;
* `bpf_map__set_value_size()` can now be used to resize memory
mapped region for memory mapped maps;
* `struct bpf_xdp_query_opts` extended with `xdp_zc_max_segs`
output field;
* basic BTF sanity check pass added to reject bogus BTF.
* fix for btf_dump__dump_type_data() when type contains
bitfields;
* fix for correct work of offsetof() and container_of() macro
with CO-RE;
* no longer attempt to load modules BTF when resolving CO-RE
relocations if CAP_SYS_ADMIN are absent;
* regex based function search for "kprobe.multi/" programs no
longer attempts to trace functions that cannot be traced;
* bpf_program__set_type() no longer resets sec_def if it is set
to a custom fallback SEC handler;
* fix for memory leak possible after
bpf_program__set_attach_target() call;
==== libdrm ====
Subpackages: libdrm2 libdrm_amdgpu1 libdrm_nouveau2 libdrm_radeon1
- adjusted n_libdrm-drop-valgrind-dep-generic.patch,
n_libdrm-drop-valgrind-dep-intel.patch
==== libgcrypt ====
- Re-create HMAC checksum after RPM build strips the library
(bsc#1217058)
==== libqt5-qtwebengine ====
Version update (5.15.15 -> 5.15.16)
- Update to version 5.15.16:
* Bump version to 5.15.16
* Add check for system ffmpeg compatibility
* Fix handling of external URLs in PDFs
* Update Chromium:
* [Backport] CVE-2023-5996: Use after free in WebAudio
* [Backport] CVE-2023-5482 and CVE-2023-5849
* [Backport] CVE-2023-45853: Buffer overflow in MiniZip
* [Backport] Security bug 1478470
* [Backport] Security bug 1472365 and 1472366
* [Backport] CVE-2023-5218: Use after free in Site Isolation
* [Backport] Security bug 1486316
* FIXUP: [Backport] [PA] Support 16kb pagesize on Linux+ARM64
* [Backport] Add Intel Meteorlake GPU series type
* [Backport] Add Intel Raptorlake GPU series type
* [Backport] Add a few missing IntelGpuSeriesTypes in
gpu_util.cc
* [Backport] Add Intel Alchemist GPU series type
* [Backport] Add Alderlake to intel_gpu_series field in gpu
control list.
* [Backport] Add missing Intel GPU series types.
* [Backport] Add Alderlake's GPU to list supporting two NV12
overlay planes.
* [Backport] CVE-2023-5217: Heap buffer overflow in vp8
encoding in libvpx
* [Backport] Security bug 1479104
* [Backport] [PA] Support 16kb pagesize on Linux+ARM64
* [Backport] Replace uses of re2::StringPiece::set().
* Fix build with GCC 13
* Fix errors and warnings for perfetto
* Remove nodiscard attribute from cpwl_combo_box.h
* Bump V8_PATCH_LEVEL
* [Backport] CVE-2023-4762: Type Confusion in V8
* [Backport] CVE-2023-4362: Heap buffer overflow in Mojom IDL
* [Backport] CVE-2023-4354: Heap buffer overflow in Skia
* [Backport] CVE-2023-4351: Use after free in Network
* Disable Windows IME for GPU thread
* [Backport] CVE-2023-4863: Heap buffer overflow in WebP
* [Backport] Security bug 1465224
* [Backport] Dependency for security bug 1465224
* [Backport] CVE-2023-4071: Heap buffer overflow in Visuals
* [Backport] CVE-2023-4076: Use after free in WebRTC
* [Backport] CVE-2023-4074: Use after free in Blink Task
Scheduling
==== libsolv ====
Version update (0.7.26 -> 0.7.27)
Subpackages: libsolv-tools python3-solv ruby-solv
- add zstd support for the installcheck tool
- add putinowndirpool cache to make file list handling in
repo_write much faster
- bump version to 0.7.27
==== libstorage-ng ====
Version update (4.5.157 -> 4.5.158)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- merge gh#openSUSE/libstorage-ng#966
- fixed build with libxml 2.12.0
- 4.5.158
==== multipath-tools ====
Version update (0.9.6+115+suse.07776fb -> 0.9.7+76+suse.5f857af)
Subpackages: kpartx libmpath0
- Update to version 0.9.7+76+suse.5f857af:
* Update to upstream 0.9.7 (jsc#PED-6464)
* added max_retries config option to limit SCSI retries
* added auto_resize config option to enable resizing multipath maps automatically
* fixed memory and error handling for code using aio (marginal path code,
directio path checker)
* dropped modules-load.d/multipath.conf; replaced by a dependency on
modprobe(a)dm-multipath.service (systemd >= 245: SLE15-SP3 and later only)
and a softdep on sd_mod for the SCSI device handlers
(bsc#1217377)
* On SLE/Leap suse-module-tools doesn't ship a scsi_mod->sd_mod softdep yet.
Add it here, too. It will be overridden by s-m-t when it's added there.
* drop usr_prefix= setting in SLE build recipes (set to /usr by upstream
automatically)
==== nvidia-open-driver-G06-signed ====
Version update (545.29.02_k6.6.2_1 -> 545.29.06_k6.6.2_1)
- Update to 545.29.06
==== php8 ====
Version update (8.2.12 -> 8.2.13)
Subpackages: php8-cli php8-ctype php8-dom php8-gd php8-gettext php8-iconv php8-mbstring php8-mysql php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter
- version update to 8.2.13
* This is a bug fix release.
https://www.php.net/ChangeLog-8.php#8.2.13
==== python-Twisted ====
Version update (22.10.0 -> 23.10.0)
Subpackages: python311-Twisted python311-Twisted-tls
- Update to 23.10.0
* reactor.spawnProcess() now uses posix_spawnp when possible, making it much more efficient (#5710)
* Twisted now officially supports Python 3.11. (#10343)
* twisted.internet.defer.race has been added as a way to get the first available result from a list of Deferreds. (#11817)
* The CI suite was updated to execute the tests using a Python 3.12 pre-release (#11857)
* PyAsn1 has been removed as a conch dependency.
* Due to changes in the way raw private key byte serialization are handled in Cryptography, and widespread support
for Ed25519 in current versions of OpenSSL, we no longer support PyNaCl as a fallback for Ed25519 keys in Conch. (#11871)
* In Twisted 16.3.0, we changed twisted.web to stop dispatching HTTP/1.1 pipelined requests to application code.
There was a bug in this change which still allowed clients which could send multiple full HTTP requests in a single TCP segment
to trigger asynchronous processing of later requests, which could lead to out-of-order responses. This has now been corrected
and twisted.web should never process a pipelined request over HTTP/1.1 until the previous request has fully completed.
(CVE-2023-46137, GHSA-cq7q-gv5w-rwx2) (#11976)
* Drop support for Python 3.7. Remove twisted[contextvars] extra (contextvars are always available in Python 3.7+) (#11913)
* When using CPython, functions wrapped by twisted.internet.defer.inlineCallbacks can have their arguments and return values
freed immediately after completion (due to there no longer being circular references). (#11885)
- Delete merged patches:
* regenerate-cert-to-work-with-latest-service-identity.patch
* no-pygtkcompat.patch
* support-new-glibc.patch
* CVE-2023-46137-HTTP-pipeline-response.patch
* remove-pynacl-optional-dependency.patch
* py311-tests-compat.patch
==== python-anyio ====
Version update (3.6.2 -> 3.7.1)
- update to 3.7.1:
* Fixed sending large buffers via UNIX stream sockets on
asyncio
* Fixed several minor documentation issues (broken links to
classes, missing classes or attributes)
* Dropped support for Python 3.6
* Improved type annotations:
* Several functions and methods that were previously annotated
as accepting ``Coroutine[Any, Any, Any]`` as the return type
of the callable have been amended to accept ``Awaitable[Any]``
instead, to allow a slightly broader set of coroutine-like
inputs, like ``async_generator_asend`` objects returned from
the ``asend()`` method of async generators, and to match
the ``trio`` annotations:
* ``anyio.run()``
* ``anyio.from_thread.run()``
* ``TaskGroup.start_soon()``
* ``TaskGroup.start()``
* ``BlockingPortal.call()``
* ``BlockingPortal.start_task_soon()``
* ``BlockingPortal.start_task()``
* Changed ``TLSAttribute.shared_ciphers`` to match the
documented semantics of ``SSLSocket.shared_ciphers``
of always returning ``None`` for client-side streams
* Fixed ``CapacityLimiter`` on the asyncio backend to order
waiting tasks in the FIFO order (instead of LIFO)
* Fixed ``CancelScope.cancel()`` not working on asyncio if
called before entering the scope
* Fixed ``open_signal_receiver()`` inconsistently yielding
integers instead of ``signal.Signals`` instances on the
``trio`` backend
* Fixed ``to_thread.run_sync()`` hanging on asyncio if the
target callable raises ``StopIteration``
* Fixed ``start_blocking_portal()`` raising an unwarranted
* ``RuntimeError: This portal is not running`` if a task raises
an exception that causes the event loop to be closed
* Fixed ``current_effective_deadline()`` not returning ``-inf``
on asyncio when the currently active cancel scope has been
cancelled (PR by Ganden Schaffner)
* Fixed the ``OP_IGNORE_UNEXPECTED_EOF`` flag in an SSL context
created by default in ``TLSStream.wrap()`` being inadvertently
set on Python 3.11.3 and 3.10.11
* Fixed ``CancelScope`` to properly handle asyncio task
uncancellation on Python 3.11
* Fixed ``OSError`` when trying to use
``create_tcp_listener()`` to bind to a link-local
* IPv6 address (and worked around related bugs in ``uvloop``)
* Worked around a `PyPy bug
<https://foss.heptapod.net/pypy/pypy/-/issues/3938>`_
when using ``anyio.getaddrinfo()`` with for IPv6 link-local
addresses containing interface names
- drop fix-failing-tls-tests.patch
support-trio-0.22.patch: obsolete
- update to 3.7.1:
* Fixed sending large buffers via UNIX stream sockets on
asyncio
* Fixed several minor documentation issues (broken links to
classes, missing classes or
* attributes)
* **3.7.0**
* Dropped support for Python 3.6
* Improved type annotations:
* Several functions and methods that were previously annotated
as accepting
* ``Coroutine[Any, Any, Any]`` as the return type of the
callable have been amended to
* accept ``Awaitable[Any]`` instead, to allow a slightly
broader set of coroutine-like
* inputs, like ``async_generator_asend`` objects returned from
the ``asend()`` method
* of async generators, and to match the ``trio`` annotations:
* ``anyio.run()``
* ``anyio.from_thread.run()``
* ``TaskGroup.start_soon()``
* ``TaskGroup.start()``
* ``BlockingPortal.call()``
* ``BlockingPortal.start_task_soon()``
* ``BlockingPortal.start_task()``
* Note that this change involved only changing the type
annotations; run-time
* functionality was not altered.
* The ``TaskStatus`` class is now a generic protocol, and
should be parametrized to
* indicate the type of the value passed to
``task_status.started()``
* The ``Listener`` class is now covariant in its stream type
* ``create_memory_object_stream()`` now allows passing only
``item_type``
* Object receive streams are now covariant and object send
streams are correspondingly
* contravariant
* Changed ``TLSAttribute.shared_ciphers`` to match the
documented semantics of
* ``SSLSocket.shared_ciphers`` of always returning ``None`` for
client-side streams
* Fixed ``CapacityLimiter`` on the asyncio backend to order
waiting tasks in the FIFO
* order (instead of LIFO) (PR by Conor Stevenson)
* Fixed ``CancelScope.cancel()`` not working on asyncio if
... changelog too long, skipping 30 lines ...
* interface names
==== python-charset-normalizer ====
Version update (3.2.0 -> 3.3.0)
- update to 3.3.0:
* Allow to execute the CLI (e.g. normalizer) through `python -m
charset_normalizer.cli` or `python -m charset_normalizer`
* Support for 9 forgotten encoding that are supported by Python
but unlisted in `encoding.aliases` as they have no alias
* Optional mypyc compilation upgraded to version 1.5.1 for
Python >= 3.7
* Unable to properly sort CharsetMatch when both chaos/noise
and coherence were close due to an unreachable condition in
\_\_lt\_\_ (#350)
==== python-linux-procfs ====
Version update (0.7.1 -> 0.7.3)
- update to 0.7.3:
* python 3.12 support (remove distutils)
* drop spec files and add SPDX licenses
==== python-markdown-it-py ====
Version update (2.2.0 -> 3.0.0)
- Update to version 3.0.0:
* drop python 3.7 support
* Update from upstream markdown-it 12.2.0 to 13.0.0
- A key change is the addition of a new Token type, text_special,
which is used to represent HTML entities and backslash escaped
characters.
- This ensures that (core) typographic transformation rules are not
incorrectly applied to these texts.
- The final core rule is now the new text_join rule, which joins
adjacent text/text_special tokens, and so no text_special tokens
should be present in the final token stream.
- Any custom typographic rules should be inserted before text_join.
- A new linkify rule has also been added to the inline chain, which
will linkify full URLs (e.g. https://example.com), and fixes
collision of emphasis and linkifier (so
http://example.org/foo._bar_-_baz is now a single link, not
emphasized).
- Emails and fuzzy links are not affected by this.
* REFACTOR: Replace most character code use with strings
- The use of StateBase.srcCharCode is deprecated (with
backward-compatibility), and all core uses are replaced by
StateBase.src.
- Conversion of source string characters to an integer
representing the Unicode character is prevalent in the upstream
JavaScript implementation, to improve performance. However, it
is unnecessary in Python and leads to harder to read code and
performance deprecations (during the conversion in the StateBase
initialisation).
* Centralise indented code block tests
- For CommonMark, the presence of indented code blocks prevent any
other block element from having an indent of greater than 4
spaces.
- Certain Markdown flavors and derivatives, such as mdx and djot,
disable these code blocks though, since it is more common to use
code fences and/or arbitrary indenting is desirable.
- Previously, disabling code blocks did not remove the indent
limitation, since most block elements had the 3 space limitation
hard-coded.
- This change centralised the logic of applying this limitation
(in StateBlock.is_code_block), and only applies it when indented
code blocks are enabled.
* Maintenance changes
- Strict type annotation checking has been applied to the whole
code base, ruff is now used for linting, and fuzzing tests have
been added to the CI, to integrate with Google OSS-Fuzz testing,
thanks to @DavidKorczynski.
==== python-mdit-py-plugins ====
Version update (0.3.0 -> 0.4.0)
- Update to version 0.4.0:
* UPGRADE: Drop python 3.7 and support 3.11 (#77)
* UPGRADE: Allow markdown-it-py v3 (#85)
- Make field_list compatible with latest upstream (#75)
- Convert state.srcCharCode -> state.src (#84)
- Remove unnecessary method arg by @chrisjsewell in( #76)
- Centralise code block test (#83 and #87)
- This means that disabling the code block rule in
markdown-it-py v3+ will now allow all syntax blocks to be
indented by any amount of whitespace.
* Improve dollarmath plugin: Add allow_blank_lines option, thanks
to @eric-wieser (#46)
* Improve admon plugin: Add ??? support, thanks to @KyleKing (#58)
* MAINTAIN: Make type checking strict (#86)
- v0.3.5:
* FIX: Regression in dollarmath by @chrisjsewell in #69
* Fix regression in amsmath by @chrisjsewell in #70
* Correct project documentation link by @andersk in #73
* RELEASE v0.3.5 by @chrisjsewell in #74
- v0.3.4:
* NEW: Add attrs_block_plugin by @chrisjsewell in #66
* Improve field lists by @chrisjsewell in #65
* Update pre-commit by @chrisjsewell in #64 (moving from flake8 to ruff)
- v0.3.3:
* FIX: attrs: span with end of inline before attrs by @chrisjsewell in #57
- v0.3.2:
* MAINTAIN: Fix pre-commit configuration by @hukkin in #54
* NEW: Add span parsing to inline attributes plugin by @chrisjsewell in #55
* FIX: Task list item marker can be followed by any GFM whitespace by @hukkin in #42
* NEW: Port admon plugin by @KyleKing in #53
* RELEASE: v0.3.2 by @chrisjsewell in #56
- v0.3.1:
* MAINTAIN: Remove upper bound from Python version constraint by @cjolowicz in #40
* MAINTAIN: Update pre-commit by @chrisjsewell in #47
* FIX: Parsing when newline is between footnote ID and first paragraph by @hukkin in #49
* Anchor ids in separate renders should not affect each other. by @distractedmosfet in #43
* PEP 621 package build, drop Python 3.6 by @chrisjsewell in #51
* NEW: Add attrs_plugin by @chrisjsewell in #50
* RELEASE: v0.3.1 by @chrisjsewell in #52
==== python-pexpect ====
Version update (4.8.0 -> 4.9.0)
- update to 4.9:
* Add support for Python 3.12 #769.
* Clean up temporary files after UnicodeTests #753.
* Add Python 3.5, 3.6 and 3.12.0-rc.1 to test matrix #763.
* Set prompt correctly for zsh #712.
* Add zsh convenience function to replwrap module #751.
* Rework async unittests to rely on
unittest.IsolatedAsyncioTestCase #764.
* Make test_expect.py work on POSIX systems that are not Linux
based #698.
* Add support for ``socket``, which allows sockets to be used
crossplatform #745.
* Update async to work on newer versions of python #732.
* Remove deprecated RSAAuthentication option (SSHv1) #744.
* Multiple CI fixes #743 #737 #742 #739 #722.
* Use Github Actions for CI #734.
* Remove pytest-capturelog from testing requirements #730.
* Fix usage for Solaris #663 #604 #560.
* Fix threading for new versions of python #684.
* Fix documentation builds for use with Sphinx 3 #638.
* Use ``sys.executable`` for tests and wrapper, allowing the
calling python executable to be used instead #623.
* Update documentation about Wexpect #623.
* Added project urls to ``setup.py`` #620.
* Provide examples for how to use Pexpect and Pyte #587.
* Coerce compiled regex patterns type according to spawn
encoding #560.
* Several doc updates #626 #635 #643 #644 #728.
drop 31fab7b0edbe9b3401507b5dfa4db6aaf3fabca5.patch,
684.patch, 715.patch, 742.patch,
dae602d37493bae239e0e8db5b3dabafebfd59db.patch,
fix-fail-no-alias.patch, no-python-binary.patch: upstream
==== python311 ====
Version update (3.11.5 -> 3.11.6)
Subpackages: python311-curses python311-dbm
- Remove not needed patch 103213-fetch-CONFIG_ARGS.patch
- Refresh patches:
- bpo-31046_ensurepip_honours_prefix.patch
- fix_configure_rst.patch
- Update to 3.11.6:
- Core and Builtins
- gh-109351: Fix crash when compiling an invalid AST involving a
named (walrus) expression.
- gh-109207: Fix a SystemError in __repr__ of symtable entry
object.
- gh-109179: Fix bug where the C traceback display drops notes
from SyntaxError.
- gh-88943: Improve syntax error for non-ASCII character that
follows a numerical literal. It now points on the invalid
non-ASCII character, not on the valid numerical literal.
- gh-108959: Fix caret placement for error locations for subscript
and binary operations that involve non-semantic parentheses and
spaces. Patch by Pablo Galindo
- gh-108520: Fix
multiprocessing.synchronize.SemLock.__setstate__() to properly
initialize multiprocessing.synchronize.SemLock._is_fork_ctx.
This fixes a regression when passing a SemLock accross nested
processes.
- Rename multiprocessing.synchronize.SemLock.is_fork_ctx to
multiprocessing.synchronize.SemLock._is_fork_ctx to avoid
exposing it as public API.
- Library
- gh-110036: On Windows, multiprocessing Popen.terminate() now
catchs PermissionError and get the process exit code. If the
process is still running, raise again the PermissionError.
Otherwise, the process terminated as expected: store its exit
code. Patch by Victor Stinner.
- gh-110038: Fixed an issue that caused KqueueSelector.select() to
not return all the ready events in some cases when a file
descriptor is registered for both read and write.
- gh-109631: re functions such as re.findall(), re.split(),
re.search() and re.sub() which perform short repeated matches
can now be interrupted by user.
- gh-109593: Avoid deadlocking on a reentrant call to the
multiprocessing resource tracker. Such a reentrant call, though
unlikely, can happen if a GC pass invokes the finalizer for a
multiprocessing object such as SemLock.
- gh-109613: Fix os.stat() and os.DirEntry.stat(): check for
exceptions. Previously, on Python built in debug mode, these
functions could trigger a fatal Python error (and abort the
process) when a function succeeded with an exception set. Patch
by Victor Stinner.
- gh-109375: The pdb alias command now prevents registering
aliases without arguments.
- gh-107219: Fix a race condition in concurrent.futures. When a
process in the process pool was terminated abruptly (while the
future was running or pending), close the connection write end.
If the call queue is blocked on sending bytes to a worker
process, closing the connection write end interrupts the send,
so the queue can be closed. Patch by Victor Stinner.
- gh-50644: Attempts to pickle or create a shallow or deep copy of
codecs streams now raise a TypeError. Previously, copying failed
with a RecursionError, while pickling produced wrong results
that eventually caused unpickling to fail with a RecursionError.
- gh-108987: Fix _thread.start_new_thread() race condition. If a
thread is created during Python finalization, the newly spawned
thread now exits immediately instead of trying to access freed
memory and lead to a crash. Patch by Victor Stinner.
- gh-108843: Fix an issue in ast.unparse() when unparsing
f-strings containing many quote types.
- gh-108682: Enum: raise TypeError if super().__new__() is called
from a custom __new__.
- gh-105829: Fix concurrent.futures.ProcessPoolExecutor deadlock
- gh-64662: Fix support for virtual tables in
sqlite3.Connection.iterdump(). Patch by Aviv Palivoda.
- gh-107913: Fix possible losses of errno and winerror values in
OSError exceptions if they were cleared or modified by the
cleanup code before creating the exception object.
- gh-104372: On Linux where subprocess can use the vfork() syscall
for faster spawning, prevent the parent process from blocking
other threads by dropping the GIL while it waits for the
vforkâed child process exec() outcome. This prevents spawning a
binary from a slow filesystem from blocking the rest of the
application.
- gh-84867: unittest.TestLoader no longer loads test cases from
exact unittest.TestCase and unittest.FunctionTestCase classes.
- Documentation
- gh-109209: The minimum Sphinx version required for the
documentation is now 4.2.
- gh-105052: Update timeit doc to specify that time in seconds is
just the default.
- gh-102823: Document the return type of x // y when x and y have
type float.
- Tests
- gh-110031: Skip test_threading tests using thread+fork if Python
is built with Address Sanitizer (ASAN). Patch by Victor Stinner.
- gh-110088: Fix test_asyncio timeouts: donât measure the maximum
duration, a test should not measure a CI performance. Only
measure the minimum duration when a task has a timeout or delay.
Add CLOCK_RES to test_asyncio.utils. Patch by Victor Stinner.
- gh-110033: Fix test_interprocess_signal() of test_signal. Make
sure that the subprocess.Popen object is deleted before the test
raising an exception in a signal handler. Otherwise,
Popen.__del__() can get the exception which is logged as
... changelog too long, skipping 106 lines ...
multissltests to use 1.1.1w, 3.0.11, and 3.1.3.
==== python311-core ====
Version update (3.11.5 -> 3.11.6)
Subpackages: libpython3_11-1_0 python311-base
- Remove not needed patch 103213-fetch-CONFIG_ARGS.patch
- Refresh patches:
- bpo-31046_ensurepip_honours_prefix.patch
- fix_configure_rst.patch
- Update to 3.11.6:
- Core and Builtins
- gh-109351: Fix crash when compiling an invalid AST involving a
named (walrus) expression.
- gh-109207: Fix a SystemError in __repr__ of symtable entry
object.
- gh-109179: Fix bug where the C traceback display drops notes
from SyntaxError.
- gh-88943: Improve syntax error for non-ASCII character that
follows a numerical literal. It now points on the invalid
non-ASCII character, not on the valid numerical literal.
- gh-108959: Fix caret placement for error locations for subscript
and binary operations that involve non-semantic parentheses and
spaces. Patch by Pablo Galindo
- gh-108520: Fix
multiprocessing.synchronize.SemLock.__setstate__() to properly
initialize multiprocessing.synchronize.SemLock._is_fork_ctx.
This fixes a regression when passing a SemLock accross nested
processes.
- Rename multiprocessing.synchronize.SemLock.is_fork_ctx to
multiprocessing.synchronize.SemLock._is_fork_ctx to avoid
exposing it as public API.
- Library
- gh-110036: On Windows, multiprocessing Popen.terminate() now
catchs PermissionError and get the process exit code. If the
process is still running, raise again the PermissionError.
Otherwise, the process terminated as expected: store its exit
code. Patch by Victor Stinner.
- gh-110038: Fixed an issue that caused KqueueSelector.select() to
not return all the ready events in some cases when a file
descriptor is registered for both read and write.
- gh-109631: re functions such as re.findall(), re.split(),
re.search() and re.sub() which perform short repeated matches
can now be interrupted by user.
- gh-109593: Avoid deadlocking on a reentrant call to the
multiprocessing resource tracker. Such a reentrant call, though
unlikely, can happen if a GC pass invokes the finalizer for a
multiprocessing object such as SemLock.
- gh-109613: Fix os.stat() and os.DirEntry.stat(): check for
exceptions. Previously, on Python built in debug mode, these
functions could trigger a fatal Python error (and abort the
process) when a function succeeded with an exception set. Patch
by Victor Stinner.
- gh-109375: The pdb alias command now prevents registering
aliases without arguments.
- gh-107219: Fix a race condition in concurrent.futures. When a
process in the process pool was terminated abruptly (while the
future was running or pending), close the connection write end.
If the call queue is blocked on sending bytes to a worker
process, closing the connection write end interrupts the send,
so the queue can be closed. Patch by Victor Stinner.
- gh-50644: Attempts to pickle or create a shallow or deep copy of
codecs streams now raise a TypeError. Previously, copying failed
with a RecursionError, while pickling produced wrong results
that eventually caused unpickling to fail with a RecursionError.
- gh-108987: Fix _thread.start_new_thread() race condition. If a
thread is created during Python finalization, the newly spawned
thread now exits immediately instead of trying to access freed
memory and lead to a crash. Patch by Victor Stinner.
- gh-108843: Fix an issue in ast.unparse() when unparsing
f-strings containing many quote types.
- gh-108682: Enum: raise TypeError if super().__new__() is called
from a custom __new__.
- gh-105829: Fix concurrent.futures.ProcessPoolExecutor deadlock
- gh-64662: Fix support for virtual tables in
sqlite3.Connection.iterdump(). Patch by Aviv Palivoda.
- gh-107913: Fix possible losses of errno and winerror values in
OSError exceptions if they were cleared or modified by the
cleanup code before creating the exception object.
- gh-104372: On Linux where subprocess can use the vfork() syscall
for faster spawning, prevent the parent process from blocking
other threads by dropping the GIL while it waits for the
vforkâed child process exec() outcome. This prevents spawning a
binary from a slow filesystem from blocking the rest of the
application.
- gh-84867: unittest.TestLoader no longer loads test cases from
exact unittest.TestCase and unittest.FunctionTestCase classes.
- Documentation
- gh-109209: The minimum Sphinx version required for the
documentation is now 4.2.
- gh-105052: Update timeit doc to specify that time in seconds is
just the default.
- gh-102823: Document the return type of x // y when x and y have
type float.
- Tests
- gh-110031: Skip test_threading tests using thread+fork if Python
is built with Address Sanitizer (ASAN). Patch by Victor Stinner.
- gh-110088: Fix test_asyncio timeouts: donât measure the maximum
duration, a test should not measure a CI performance. Only
measure the minimum duration when a task has a timeout or delay.
Add CLOCK_RES to test_asyncio.utils. Patch by Victor Stinner.
- gh-110033: Fix test_interprocess_signal() of test_signal. Make
sure that the subprocess.Popen object is deleted before the test
raising an exception in a signal handler. Otherwise,
Popen.__del__() can get the exception which is logged as
... changelog too long, skipping 106 lines ...
multissltests to use 1.1.1w, 3.0.11, and 3.1.3.
==== raspberrypi-firmware ====
Version update (2023.04.25 -> 2023.11.21)
- Update to 8972935 (2023-11-21)
* firmware: config: Add [pi5] to config.txt on 2711 and earlier platforms
* firmware: arm_dt: Add support for the HAT map
See: raspberrypi/linux#5610
* firmware: arm_dt: Ensure strings are NUL-terminated
* firmware: video_decode: Add support for 32bpp RGB conversion
* firmware: Image format patches
* firmware: platform: Fixes for arm side display when throttling
* firmware: dtoverlay: Support literal assignments of path strings
* firmware: arm_loader: Fix non-standard console UARTs
* firmware: arm_loader: Improve UART console selection
* firmware: arm_loader: Remove unwanted assert
* firmware: arm_loader: initramfs must match the kernel
* firmware: arm_loader: Don't overwrite kernel path, check before loading stub
* firmware: arm_loader: Use os_prefix when looking for stubs
* firmware: arm_loader: Add auto_initramfs support
* firmware: arm_loader: Set WiFi MAC address if all zeroes
* firmware: platform: Don't set GPIOs 28&29 to RGMII if NO_RGMII trait is set
==== raspberrypi-firmware-config ====
Version update (2023.04.25 -> 2023.11.21)
- Update to 8972935 (2023-11-21)
* firmware: config: Add [pi5] to config.txt on 2711 and earlier platforms
* firmware: arm_dt: Add support for the HAT map
See: raspberrypi/linux#5610
* firmware: arm_dt: Ensure strings are NUL-terminated
* firmware: video_decode: Add support for 32bpp RGB conversion
* firmware: Image format patches
* firmware: platform: Fixes for arm side display when throttling
* firmware: dtoverlay: Support literal assignments of path strings
* firmware: arm_loader: Fix non-standard console UARTs
* firmware: arm_loader: Improve UART console selection
* firmware: arm_loader: Remove unwanted assert
* firmware: arm_loader: initramfs must match the kernel
* firmware: arm_loader: Don't overwrite kernel path, check before loading stub
* firmware: arm_loader: Use os_prefix when looking for stubs
* firmware: arm_loader: Add auto_initramfs support
* firmware: arm_loader: Set WiFi MAC address if all zeroes
* firmware: platform: Don't set GPIOs 28&29 to RGMII if NO_RGMII trait is set
- Add _multibuild to define 2nd spec file as additional flavor.
Eliminates the need for source package links in OBS.
==== raspberrypi-firmware-dt ====
Version update (2023.05.02 -> 2023.11.21)
- Update to 77f41f30fe (2023-11-21):
* switch to 6.6 branch
- Rebase patches:
* 0001-ARM-dts-bcm2711-rpi-Reuse-bcm2836-vchiq-driver.patch
* 0001-ARM-dts-bcm27xx-Use-better-name-for-spidev.patch
==== ruby-common ====
- gem_cleanup macro: yet another place which got hit by ruby 3.3
replace `gem env gemdir` with
`ruby -r rubygems -e 'puts Gem.default_dir'`
- Fix for the previous change. we need to set the GEM_HOME before
even wrapping into the re-exec with ruby.
- add workaround for https://github.com/rubygems/rubygems/commit/64273fd7e3
for now we will always set GEM_HOME to ensure that this new logic
does not break our paths
- ensure that gems built against an jemalloc enabled ruby
also pulls a ruby version that is built with jemalloc
==== selinux-policy ====
Version update (20231030 -> 20231124)
Subpackages: selinux-policy-targeted
- Update to version 20231124:
* Allow virtnetworkd_t to execute bin_t (bsc#1216903)
- Add new modules that were missed in the last update to
modules-mls-contrib.conf
- Add new modules that were missed in the last update to
modules-targeted-contrib.conf
==== webkit2gtk3 ====
Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles
- Ensure max_link_jobs and max_compile_jobs have valid values even
when %{jobs} is not defined (like when building outside of OBS).
==== webkit2gtk3-soup2 ====
Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles
- Ensure max_link_jobs and max_compile_jobs have valid values even
when %{jobs} is not defined (like when building outside of OBS).
==== yast2-trans ====
Version update (84.87.20231117.f12231d4de -> 84.87.20231121.7869d671a6)
Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu
- Update to version 84.87.20231121.7869d671a6:
* New POT for text domain 'hana-ha'.
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
ImageMagick (7.1.1.20 -> 7.1.1.21)
aria2 (1.36.0 -> 1.37.0)
dhcp
ell (0.59 -> 0.60)
fwupd (1.9.8 -> 1.9.9)
git (2.42.1 -> 2.43.0)
grub2
kernel-source (6.6.1 -> 6.6.2)
libX11
libblockdev
libfido2 (1.13.0 -> 1.14.0)
libheif (1.17.3 -> 1.17.5)
librdkafka (2.1.1 -> 2.3.0)
llvm17 (17.0.4 -> 17.0.5)
mariadb-connector-c (3.3.5 -> 3.3.7)
mdadm
nghttp2
nvidia-open-driver-G06-signed (545.29.02_k6.6.1_1 -> 545.29.02_k6.6.2_1)
openvpn (2.6.7 -> 2.6.8)
ovmf
p11-kit (0.25.2 -> 0.25.3)
python-numpy (1.25.2 -> 1.26.2)
python-pip (23.2.1 -> 23.3.1)
readline
sssd
transactional-update (4.4.0 -> 4.5.0)
xen (4.18.0_02 -> 4.18.0_04)
xkeyboard-config
yast2-trans (84.87.20231104.b73ad6fbc9 -> 84.87.20231117.f12231d4de)
=== Details ===
==== ImageMagick ====
Version update (7.1.1.20 -> 7.1.1.21)
Subpackages: ImageMagick-config-7-SUSE ImageMagick-extra libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10
- version update to 7.1.1.21
https://github.com/ImageMagick/Website/blob/main/ChangeLog.md
- modified patches
[bsc#1217014][bsc#1216811]
% ImageMagick-s390x-disable-tests.patch (refreshed)
- deleted patches
- ImageMagick-correct-time-to-live.patch (upstreamed)
- added patches
https://github.com/ImageMagick/ImageMagick/commit/8f3c56fabc619c1672865257e…
https://github.com/ImageMagick/ImageMagick/commit/3a7b915d9a810ce742987b37c…
+ ImageMagick-infinite-resource-time-limit.patch
==== aria2 ====
Version update (1.36.0 -> 1.37.0)
Subpackages: libaria2-0
- Update to version 1.37.0
* Fix header in --http-accept-gzip documentation
* Allow empty dist name in bencode which is needed for hybrid torrent
* Fix undefined behavior/crash in GZipEncoder
* Fix Metalink4 parsing with foreign namespaces
* fix wrong dht.dat binary file structure in docs
* Increase ByteArrayDiskWriter maximum size
* Logger: Fix format string overflow in writeHeader()
* Cap infoHashLength in .aria2 file
* Various documentation fixes and rewords
==== dhcp ====
Subpackages: dhcp-relay dhcp-server
- Remove dhclient-script (boo#1216822).
==== ell ====
Version update (0.59 -> 0.60)
- update to 0.60:
* Fix issue with missing NETLINK_EXT_ACK definition.
* Fix issue with incorrect derivation of ECC compressed points.
* Add support for ECC usage from SPAKE2+ key exchange protocol.
==== fwupd ====
Version update (1.9.8 -> 1.9.9)
Subpackages: fwupd-bash-completion libfwupd2 typelib-1_0-Fwupd-2_0
- Update to version 1.9.9 (boo#1217295):
+ This release adds the following features:
- Add a new generic request for the device power cable.
+ This release adds support for the following hardware:
- Lenovo X1 Yoga Gen7 530E.
- Advantech BMC devices.
==== git ====
Version update (2.42.1 -> 2.43.0)
Subpackages: git-core git-email git-web perl-Git
- update to 2.43.0:
* The "--rfc" option of "git format-patch" used to be a valid way to
override an earlier "--subject-prefix=<something>" on the command
line and replace it with "[RFC PATCH]", but from this release, it
merely prefixes the string "RFC " in front of the given subject
prefix. If you are negatively affected by this change, please use
"--subject-prefix=PATCH --rfc" as a replacement.
* In Git 2.42, "git rev-list --stdin" learned to take non-revisions
(like "--not") from the standard input, but the way such a "--not" was
handled was quite confusing, which has been rethought. The updated
rule is that "--not" given from the command line only affects revs
given from the command line that comes but not revs read from the
standard input, and "--not" read from the standard input affects
revs given from the standard input and not revs given from the
command line.
* A message written in olden time prevented a branch from getting
checked out, saying it is already checked out elsewhere. But these
days, we treat a branch that is being bisected or rebased just like
a branch that is checked out and protect it from getting modified
with the same codepath. The message has been rephrased to say that
the branch is "in use" to avoid confusion.
* Hourly and other schedules of "git maintenance" jobs are randomly
distributed now.
* "git cmd -h" learned to signal which options can be negated by
listing such options like "--[no-]opt".
* The way authentication related data other than passwords (e.g.,
oauth token and password expiration data) are stored in libsecret
keyrings has been rethought.
* Update the libsecret and wincred credential helpers to correctly
match which credential to erase; they erased the wrong entry in
some cases.
* Git GUI updates.
* "git format-patch" learned a new "--description-file" option that
lets cover letter description to be fed; this can be used on
detached HEAD where there is no branch description available, and
also can override the branch description if there is one.
* Use of the "--max-pack-size" option to allow multiple packfiles to
be created is now supported even when we are sending unreachable
objects to cruft packs.
* "git format-patch --rfc --subject-prefix=<foo>" used to ignore the
"--subject-prefix" option and used "[RFC PATCH]"; now we will add
"RFC" prefix to whatever subject prefix is specified.
* "git log --format" has been taught the %(decorate) placeholder for
further customization over what the "--decorate" option offers.
* The default log message created by "git revert", when reverting a
commit that records a revert, has been tweaked, to encourage people
to describe complex "revert of revert of revert" situations better in
their own words.
* The command-line completion support (in contrib/) learned to
complete "git commit --trailer=" for possible trailer keys.
* "git update-index" learned the "--show-index-version" option to
inspect the index format version used by the on-disk index file.
* "git diff" learned the "diff.statNameWidth" configuration variable,
to give the default width for the name part in the "--stat" output.
* "git range-diff --notes=foo" compared "log --notes=foo --notes" of
the two ranges, instead of using just the specified notes tree,
which has been corrected to use only the specified notes tree.
* The command line completion script (in contrib/) can be told to
complete aliases by including ": git <cmd> ;" in the alias to tell
it that the alias should be completed in a similar way to how "git
<cmd>" is completed. The parsing code for the alias has been
loosened to allow ';' without an extra space before it.
* "git for-each-ref" and friends learned to apply mailmap to
authorname and other fields in a more flexible way than using
separate placeholder letters like %a[eElL] every time we want to
come up with small variants.
* "git repack" machinery learned to pay attention to the "--filter="
option.
* "git repack" learned the "--max-cruft-size" option to prevent cruft
packs from growing without bounds.
* "git merge-tree" learned to take strategy backend specific options
via the "-X" option, like "git merge" does.
* "git log" and friends learned the "--dd" option that is a
short-hand for "--diff-merges=first-parent -p".
* The attribute subsystem learned to honor the "attr.tree"
configuration variable that specifies which tree to read the
.gitattributes files from.
* "git merge-file" learns a mode to read three variants of the
contents to be merged from blob objects.
* see https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.4…
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin
- Update the TPM2 patches to skip the persistent SRK handle if not
specified and improve the error messages
+ 0003-protectors-Add-TPM2-Key-Protector.patch
+ 0005-util-grub-protect-Add-new-tool.patch
+ 0004-tpm2-Support-authorized-policy.patch
==== kernel-source ====
Version update (6.6.1 -> 6.6.2)
- Linux 6.6.2 (bsc#1012628).
- hwmon: (nct6775) Fix incorrect variable reuse in fan_div
calculation (bsc#1012628).
- numa: Generalize numa_map_to_online_node() (bsc#1012628).
- sched/topology: Fix sched_numa_find_nth_cpu() in CPU-less case
(bsc#1012628).
- sched/topology: Fix sched_numa_find_nth_cpu() in non-NUMA case
(bsc#1012628).
- sched/fair: Fix cfs_rq_is_decayed() on !SMP (bsc#1012628).
- iov_iter, x86: Be consistent about the __user tag on
copy_mc_to_user() (bsc#1012628).
- sched/uclamp: Set max_spare_cap_cpu even if max_spare_cap is 0
(bsc#1012628).
- sched/uclamp: Ignore (util == 0) optimization in feec() when
p_util_max = 0 (bsc#1012628).
- objtool: Propagate early errors (bsc#1012628).
- sched: Fix stop_one_cpu_nowait() vs hotplug (bsc#1012628).
- nfsd: Handle EOPENSTALE correctly in the filecache
(bsc#1012628).
- vfs: fix readahead(2) on block devices (bsc#1012628).
- writeback, cgroup: switch inodes with dirty timestamps to
release dying cgwbs (bsc#1012628).
- x86/srso: Fix SBPB enablement for (possible) future fixed HW
(bsc#1012628).
- x86/srso: Print mitigation for retbleed IBPB case (bsc#1012628).
- x86/srso: Fix vulnerability reporting for missing microcode
(bsc#1012628).
- x86/srso: Fix unret validation dependencies (bsc#1012628).
- futex: Don't include process MM in futex key on no-MMU
(bsc#1012628).
- x86/numa: Introduce numa_fill_memblks() (bsc#1012628).
- ACPI/NUMA: Apply SRAT proximity domain to entire CFMWS window
(bsc#1012628).
- cgroup/cpuset: Fix load balance state in
update_partition_sd_lb() (bsc#1012628).
- x86/sev-es: Allow copy_from_kernel_nofault() in earlier boot
(bsc#1012628).
- x86/boot: Fix incorrect startup_gdt_descr.size (bsc#1012628).
- cpu/SMT: Make SMT control more robust against enumeration
failures (bsc#1012628).
- x86/apic: Fake primary thread mask for XEN/PV (bsc#1012628).
- srcu: Fix callbacks acceleration mishandling (bsc#1012628).
- drivers/clocksource/timer-ti-dm: Don't call clk_get_rate()
in stop function (bsc#1012628).
- x86/nmi: Fix out-of-order NMI nesting checks & false positive
warning (bsc#1012628).
- pstore/platform: Add check for kstrdup (bsc#1012628).
- perf: Optimize perf_cgroup_switch() (bsc#1012628).
- selftests/x86/lam: Zero out buffer for readlink() (bsc#1012628).
- PCI/MSI: Provide stubs for IMS functions (bsc#1012628).
- string: Adjust strtomem() logic to allow for smaller sources
(bsc#1012628).
- genirq/matrix: Exclude managed interrupts in
irq_matrix_allocated() (bsc#1012628).
- irqchip/sifive-plic: Fix syscore registration for multi-socket
systems (bsc#1012628).
- wifi: ath12k: fix undefined behavior with __fls in dp
(bsc#1012628).
- wifi: cfg80211: add flush functions for wiphy work
(bsc#1012628).
- wifi: mac80211: move radar detect work to wiphy work
(bsc#1012628).
- wifi: mac80211: move scan work to wiphy work (bsc#1012628).
- wifi: mac80211: move offchannel works to wiphy work
(bsc#1012628).
- wifi: mac80211: move sched-scan stop work to wiphy work
(bsc#1012628).
- wifi: mac80211: fix RCU usage warning in mesh fast-xmit
(bsc#1012628).
- wifi: cfg80211: fix off-by-one in element defrag (bsc#1012628).
- wifi: mac80211: fix # of MSDU in A-MSDU calculation
(bsc#1012628).
- wifi: iwlwifi: honor the enable_ini value (bsc#1012628).
- wifi: iwlwifi: don't use an uninitialized variable
(bsc#1012628).
- i40e: fix potential memory leaks in i40e_remove() (bsc#1012628).
- iavf: Fix promiscuous mode configuration flow messages
(bsc#1012628).
- selftests/bpf: Correct map_fd to data_fd in tailcalls
(bsc#1012628).
- bpf, x64: Fix tailcall infinite loop (bsc#1012628).
- wifi: cfg80211: fix kernel-doc for wiphy_delayed_work_flush()
(bsc#1012628).
- udp: introduce udp->udp_flags (bsc#1012628).
- udp: move udp->no_check6_tx to udp->udp_flags (bsc#1012628).
- udp: move udp->no_check6_rx to udp->udp_flags (bsc#1012628).
- udp: move udp->gro_enabled to udp->udp_flags (bsc#1012628).
- udp: add missing WRITE_ONCE() around up->encap_rcv
(bsc#1012628).
- udp: move udp->accept_udp_{l4|fraglist} to udp->udp_flags
(bsc#1012628).
- udp: lockless UDP_ENCAP_L2TPINUDP / UDP_GRO (bsc#1012628).
- udp: annotate data-races around udp->encap_type (bsc#1012628).
- udplite: remove UDPLITE_BIT (bsc#1012628).
- udplite: fix various data-races (bsc#1012628).
- selftests/bpf: Skip module_fentry_shadow test when bpf_testmod
is not available (bsc#1012628).
- tcp: call tcp_try_undo_recovery when an RTOd TFO SYNACK is ACKed
(bsc#1012628).
... changelog too long, skipping 987 lines ...
- commit 9ecdaa5
==== libX11 ====
Subpackages: libX11-6 libX11-data libX11-xcb1
- this update is needed due to jsc#PED-7282; it includes the
security fix for CVE-2022-3555 (bsc#1204425, bsc#1208881) and
a fix for a race condition in libX11 that causes various
applications to crash randomly (boo#1181963)
==== libblockdev ====
Subpackages: libbd_btrfs3 libbd_crypto3 libbd_fs3 libbd_loop3 libbd_lvm3 libbd_mdraid3 libbd_nvme3 libbd_part3 libbd_swap3 libbd_utils3 libblockdev3
- Add %{_libdir}/libbd_s390.so for s390x because missing file identitied
==== libfido2 ====
Version update (1.13.0 -> 1.14.0)
- update to 1.14.0:
* fido2-cred -M, fido2-token -G: support raw client data
via -w flag.
* New API calls:
* * fido_assert_authdata_raw_len;
* * fido_assert_authdata_raw_ptr;
* * fido_assert_set_winhello_appid.
- add keyring for gpg validation
==== libheif ====
Version update (1.17.3 -> 1.17.5)
Subpackages: gdk-pixbuf-loader-libheif libheif-aom libheif-dav1d libheif-ffmpeg libheif-jpeg libheif-openjpeg libheif-rav1e libheif1
- update to 1.17.5:
* Fixes installation of the Gnome "heif.thumbnailer" config
file.
- update to 1.17.4:
* ispe boxes in AVIF images with clap boxes were written with
the wrong size (would only happen with svt-av1 encoder),
always output MIAF brand for AVIF images
* fix kvazaar encoding with odd image sizes and encodings with
non-4:2:0 chroma
==== librdkafka ====
Version update (2.1.1 -> 2.3.0)
- update to 2.3.0:
* Partial support of topic identifiers. Topic identifiers in
metadata response available through the new
`rd_kafka_DescribeTopics` function
* KIP-117 Add support for AdminAPI `DescribeCluster()` and
`DescribeTopics()`
* Return authorized operations in Describe Responses.
* KIP-580: Added Exponential Backoff mechanism for
retriable requests with `retry.backoff.ms` as minimum backoff
and `retry.backoff.max.ms` as the
maximum backoff, with 20% jitter (#4422).
* Fixed ListConsumerGroupOffsets not fetching offsets for all
the topics in a group with Apache Kafka version below 2.4.0.
* Add missing destroy that leads to leaking partition structure
memory when there are partition leader changes and a stale
leader epoch is received (#4429).
* Fix a segmentation fault when closing a consumer using the
cooperative-sticky assignor before the first assignment
* Fix for insufficient buffer allocation when allocating rack
information (@wolfchimneyrock, #4449).
* Fix for infinite loop of OffsetForLeaderEpoch requests on
quick leader changes. (#4433).
* Fix for stored offsets not being committed if they lacked the
leader epoch (#4442).
* Upgrade OpenSSL to v3.0.11 (while building from source) with
various security fixes, check the release notes
* Fix to ensure permanent errors during offset validation
continue being retried and don't cause an offset reset (#4447).
* Fix to ensure max.poll.interval.ms is reset when
rd_kafka_poll is called with consume_cb (#4431).
* Fix for idempotent producer fatal errors, triggered after a
possibly persisted message state (#4438).
* Fix `rd_kafka_query_watermark_offsets` continuing beyond
timeout expiry (#4460).
* Fix `rd_kafka_query_watermark_offsets` not refreshing the
partition leader after a leader change and subsequent
`NOT_LEADER_OR_FOLLOWER` error (#4225).
==== llvm17 ====
Version update (17.0.4 -> 17.0.5)
- Update to version 17.0.5.
* This release contains bug-fixes for the LLVM 17.0.0 release.
This release is API and ABI compatible with 17.0.0.
- Rebase llvm-do-not-install-static-libraries.patch.
- Also test clang-tools-extra (at least most parts) and lld.
- Adapt test in lld-default-sha1.patch.
- Don't disable testing if qemu_user_space_build has been set to 0.
==== mariadb-connector-c ====
Version update (3.3.5 -> 3.3.7)
- update to 3.3.7:
* https://mariadb.com/kb/en/mariadb-connector-c-3-3-7-release-notes/
* https://mariadb.com/kb/en/mariadb-connector-c-3-3-6-release-notes/
==== mdadm ====
- No longer recommend smtp-daemon: this was a remainder from the
cron configuration, which was removed back in 2018.
==== nghttp2 ====
- fix unversioned provides to be in sync with nghttp3
==== nvidia-open-driver-G06-signed ====
Version update (545.29.02_k6.6.1_1 -> 545.29.02_k6.6.2_1)
- no longer try to overwrite NVreg_OpenRMEnableSupporteGpus driver
option setting; apparently it's ignored by the driver (boo#1215981,
comment#26)
- use different modprobe.d config file to resolve conflict with
older driver package (boo#1217370); overwrite
NVreg_OpenRMEnableSupporteGpus driver option setting (disable it),
since letting it enabled is supposed to break booting (boo#1215981,
comment#23)
==== openvpn ====
Version update (2.6.7 -> 2.6.8)
- update to 2.6.8:
* SIGSEGV crash: Do not check key_state buffers that are in S_UNDEF
state - the new sanity check function introduced in 2.6.7 sometimes
tried to use a NULL pointer after an unsuccessful TLS handshake
* CVE-2023-46850 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly
use a send buffer after it has been free()d in some circumstances,
causing some free()d memory to be sent to the peer. All configurations
using TLS (e.g. not using --secret) are affected by this issue.
* CVE-2023-46849 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly
restore --fragment configuration in some circumstances, leading to a
division by zero when --fragment is used. On platforms where division
by zero is fatal, this will cause an OpenVPN crash.
* DCO: warn if DATA_V1 packets are sent by the other side - this a hard
incompatibility between a 2.6.x client connecting to a 2.4.0-2.4.4
server, and the only fix is to use --disable-dco.
* Remove OpenSSL Engine method for loading a key. This had to be removed
because the original author did not agree to relicensing the code with
the new linking exception added. This was a somewhat obsolete feature
anyway as it only worked with OpenSSL 1.x, which is end-of-support.
* add warning if p2p NCP client connects to a p2mp server - this is a
combination that used to work without cipher negotiation (pre 2.6 on
both ends), but would fail in non-obvious ways with 2.6 to 2.6.
* add warning to --show-groups that not all supported groups are listed
(this is due the internal enumeration in OpenSSL being a bit weird,
omitting X448 and X25519 curves).
* --dns: remove support for exclude-domains argument (this was a new 2.6
option, with no backend support implemented yet on any platform, and it
turns out that no platform supported it at all - so remove option again)
* warn user if INFO control message too long, do not forward to management
client (safeguard against protocol-violating server implementations)
* DCO-WIN: get and log driver version (for easier debugging).
* print "peer temporary key details" in TLS handshake
* log OpenSSL errors on failure to set certificate, for example if the
algorithms used are in acceptable to OpenSSL (misleading message would be
printed in cryptoapi / pkcs11 scenarios)
* add CMake build system for MinGW and MSVC builds
* remove old MSVC build system
* improve cmocka unit test building for Windows
==== ovmf ====
Subpackages: qemu-uefi-aarch64
- Sync change log to prepare for sending edk2-stable202308 ovmf to SLE15-SP6
(jsc#PED-6233, jsc#PED-5523)
- Removed the following backported patches because they are merged
to edk2 mainline:
- ovmf-SecurityPkg-DxeImageVerificationLib-Check-result-of-.patch
494127613b SecurityPkg/DxeImageVerificationLib: Check result of GetEfiGlobalVariable2
(CVE-2019-14560, bsc#1174246)
==== p11-kit ====
Version update (0.25.2 -> 0.25.3)
Subpackages: libp11-kit0 p11-kit-tools
- Update to 0.25.3:
* rpc: fix serialization of NULL mechanism pointer [#601]
* fix meson build failure in macOS (appleframeworks not found) [#603]
==== python-numpy ====
Version update (1.25.2 -> 1.26.2)
- Update to 1.26.2:
* TYP: Trim down the ``_NestedSequence.__getitem__`` signature
* BUG: fix choose refcount leak
* TST: fix running the test suite in builds without BLAS/LAPACK
* BUG: random: Fix generation of nan by dirichlet.
* TST: fix distutils tests for deprecations in recent setuptools...
* MAINT: Remove versioneer
* MAINT: Pin upper version of sphinx.
* ENH: Add prefix to _ALIGN Macro
* BUG: cleanup warnings [skip azp][skip circle][skip travis][skip...
* BUG: ``asv dev`` has been removed, use ``asv run``.
* BUG: Fix meson build failure due to unchanged inplace auto-generated...
* BUG: fix issue with git-version script, needs a shebang to run
* BUG: Use a default assignment for git_hash [skip ci]
* BUG: fix NPY_cast_info error handling in choose
* BUG: Fix common block handling in f2py
* BUG: Fix assumed length f2py regression
* MAINT: Harmonize fortranobject
* TYP: add kind argument to numpy.isin type specification
* BUG: fix comparisons between masked and unmasked structured arrays
* ENH: Adopt new macOS Accelerate BLAS/LAPACK Interfaces, including...
* TYP: Add the missing ``casting`` keyword to ``np.clip``
* TST: convert cython test from setup.py to meson
* MAINT: Fixup ``fromnumeric.pyi``
* BUG, ENH: Fix ``iso_c_binding`` type maps
* TYP: Allow ``binary_repr`` to accept any object
* TYP: Explicitly declare ``dtype`` and ``generic`` hashable
* ENH: Refactor the typing "reveal" tests using `typing.assert_type`
* ENH: ``meson`` backend for ``f2py``
* MAINT: Refactor partial load Workaround for Clang
* BUG: Fix data stmt handling for complex values in f2py
* TYP: Add annotations for the py3.12 buffer protocol
* DOC: Updated the f2py docs to remove a note on -fimplicit-none
* BUG: Fix SIMD f32 trunc test on s390x when baseline is none
* BUG: Fix DATA statements for f2py
* API: Add ``NumpyUnpickler`` for backporting
* MAINT: Xfail test failing on PyPy.
* ENH: meson: implement BLAS/LAPACK auto-detection
* DOC: add a 1.26.1 release notes section for BLAS/LAPACK build
* MAINT: Backport ``numpy._core`` stubs. Remove ``NumpyUnpickler``
* BUG: loongarch doesn't use REAL(10)
* MAINT: align test_dispatcher s390x targets with _umath_tests_mtargets
* ENH: Add Cython enumeration for NPY_FR_GENERIC
* MAINT: Remove unhelpful error replacements from ``import_array()``
* BUG: Avoid intp conversion regression in Cython 3
* MAINT: Add missing ``noexcept`` to shuffle helpers
* DOC: Fix license identifier for OpenBLAS
* BLD: improve detection of Netlib libblas/libcblas/liblapack
* MAINT: Make bitfield integers unsigned
* BUG: Make n a long int for np.random.multinomial
* BUG: ensure passing ``np.dtype`` to itself doesn't crash
- Update BuildRequires as appropiate, build system changed from setuptools
to meson.
- Drop patch ignore-pkg_resources-deprecation.patch, no longer required
- f2py3 no longer shipped
==== python-pip ====
Version update (23.2.1 -> 23.3.1)
- Update to 23.3.1:
- Bug Fixes
- Handle a timezone indicator of Z when parsing dates in the
self check. (#12338)
- Fix bug where installing the same package at the same time
with multiple pip processes could fail. (#12361)
- Update to 23.3:
- Process
- Added reference to vulnerability reporting guidelines to
pip's security policy.
- Features
- Improve extras resolution for multiple constraints on same
base package. (#11924)
- Improve use of datastructures to make candidate selection
1.6x faster. (#12204)
- Allow pip install --dry-run to use platform and ABI
overriding options. (#12215)
- Add is_yanked boolean entry to the installation report
(--report) to indicate whether the requirement was yanked
from the index, but was still selected by pip conform to
PEP 592. (#12224)
- Bug Fixes
- Ignore errors in temporary directory cleanup (show a
warning instead). (#11394)
- Normalize extras according to PEP 685 from package metadata
in the resolver for comparison. This ensures extras are
correctly compared and merged as long as the package
providing the extra(s) is built with values normalized
according to the standard. Note, however, that this
does not solve cases where the package itself contains
unnormalized extra values in the metadata. (#11649)
- Prevent downloading sdists twice when PEP 658 metadata is
present. (#11847)
- Include all requested extras in the install report
(--report). (#11924)
- Removed uses of datetime.datetime.utcnow from non-vendored
code. (#12005)
- Consistently report whether a dependency comes from an
extra. (#12095)
- Fix completion script for zsh (#12166)
- Fix improper handling of the new onexc argument of
shutil.rmtree() in Python 3.12. (#12187)
- Filter out yanked links from the available versions
error message: "(from versions: 1.0, 2.0, 3.0)" will
not contain yanked versions conform PEP 592. The yanked
versions (if any) will be mentioned in a separate error
message. (#12225)
- Fix crash when the git version number contains something
else than digits and dots. (#12280)
- Use -r=... instead of -r ... to specify references with
Mercurial. (#12306, CVE-2023-5752, bsc#1217353)
- Redact password from URLs in some additional
places. (#12350)
- pip uses less memory when caching large packages. As a
result, there is a new on-disk cache format stored in a new
directory ($PIP_CACHE_DIR/http-v2). (#2984)
- Vendored Libraries
- Upgrade certifi to 2023.7.22
- Add truststore 0.8.0
- Upgrade urllib3 to 1.26.17
- Improved Documentation
- Document that pip search support has been removed from PyPI
(#12059)
- Clarify --prefer-binary in CLI and docs (#12122)
- Document that using OS-provided Python can cause pip's test
suite to report false failures. (#12334)
- Adjust pip-shipped-requests-cabundle.patch.
==== readline ====
Subpackages: libreadline8 readline-doc
- Add upstream patch readline82-002
* It's possible for readline to try to zero out a line that's not null-
terminated, leading to a memory fault.
- Add upstream patch readline82-003
- Add upstream patch readline82-004
- Add upstream patch readline82-005
* If an application is using readline in callback mode, and a signal arrives
after readline checks for it in rl_callback_read_char() but before it
restores the application's signal handlers, it won't get processed until the
next time the application calls rl_callback_read_char(). Readline needs to
check for and resend any pending signals after restoring the application's
signal handlers.
- Add upstream patch readline82-006
* This is a variant of the same issue as the one fixed by patch 5. In this
case, the signal arrives and is pending before readline calls rl_getc().
When this happens, the pending signal will be handled by the loop, but may
alter or destroy some state that the callback uses. Readline needs to treat
this case the same way it would if a signal interrupts pselect/select, so
compound operations like searches and reading numeric arguments get cleaned
up properly.
- Add upstream patch readline82-007
* If readline is called with no prompt, it should display a newline if return
is typed on an empty line. It should still suppress the final newline if
return is typed on the last (empty) line of a multi-line command.
==== sssd ====
Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-krb5-common sssd-ldap
- Adapt spec file for SLE 15 SP6/Leap 15.6; (jsc#PED-6714);
* Remove package sssd-common, merged into sssd
* Continue building deprecated files provider and infopipe
responder
* Disable selinux and semanage
* Provide rcsssd shortcut
==== transactional-update ====
Version update (4.4.0 -> 4.5.0)
Subpackages: dracut-transactional-update libtukit4 transactional-update-zypp-config tukit tukitd
- Version 4.5.0
- libtukit: Use permissions of real /etc when creating overlay
[bsc#1215878]
- libtukit, tukit: Support "rollback" via library now
- tukitd: Implement Snapshot delete and rollback methods
- tukit: Check for missing arguments with "close" and "abort"
commands
- t-u: Warn user when using "kdump" if it isn't configured to
avoid confusion with "setup-kdump" [boo#1215725]
- t-u: Abort if mkdumprd run is not successful
- t-u: Use defaut from config file if t-u is called without
arguments [gh#openSUSE/transactional-update#101]
- Improved README.md [gh#openSUSE/transactional-update#59] and
API docs
- Code cleanup
==== xen ====
Version update (4.18.0_02 -> 4.18.0_04)
Subpackages: xen-libs xen-tools-domU
- Enable the Kconfig options REQUIRE_NX and DIT_DEFAULT to
provide better hypervisor security
xen.spec
- Upstream bug fixes (bsc#1027519)
654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch
65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch
655b2ba9-fix-sched_move_domain.patch
- Pass XEN_BUILD_DATE + _TIME to override build date (boo#1047218)
==== xkeyboard-config ====
- the current source supersedes old sle15-sp5 patches (see
changelog below)
* U_Map-evdev-keycodes-KEY_RFKILL-and-KEY_WWAN-to-XF86RF.patch
* U_Updating-Old-Hungarian.patch
* U_Fix-media-keys-lag-on-ABNT2-keyboard.patch
* U_Add-the-new-AZERTY-layout-norm-NF-Z71-300.patch
- includes fixes for
* missing mappings for evdev keys KEY_RFKILL and KEY_WWAN
(boo#1123784)
* capslock in Old Hungarian layout (boo#1153774)
* wrong keyboard mapping causing input delays with ABNT2 keyboards
(bsc#1191242)
- includes backport of French standardized AZERTY layout (AFNOR:
NF Z71-300) (bsc#1188867)
- supersedes a patch called 'U_fixed-keycode-comment.patch' from
sle15-sp5, which wasn't applied there any longer either.
<I247> = 247; // #define KEY_UWB 239
is defined in keycodes/evdev since a long time ...
==== yast2-trans ====
Version update (84.87.20231104.b73ad6fbc9 -> 84.87.20231117.f12231d4de)
Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu
- Update to version 84.87.20231117.f12231d4de:
* New POT for text domain 'cc'.
1
0
Hello list,
after struggling with Ubuntu LTS 22.04.3 on my Raspi 4 for a while I ended at
a point with a RTL_433 stick not working because of a bug (after updating) in the
USB system (Kernel up to latest 5.15.0-1043).
So I consider trying Suse TW.
I found this page:
http://download.opensuse.org/ports/aarch64/tumbleweed/appliances/
Is this the right place?
Which appliance to choose for starting? JeOS, minimal?
My platform is headless, no X11 is needed but WLAN and some Python stuff.
Thanks in advance
Joe
3
2
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
dracut (059+suse.511.g0bdb16ac -> 059+suse.522.g0fc72191)
drbd
gnutls (3.8.1 -> 3.8.2)
hplip
inkscape (1.3 -> 1.3.1)
libksba (1.6.4 -> 1.6.5)
libreoffice (7.6.2.1 -> 7.6.3.1)
libsolv (0.7.25 -> 0.7.26)
libxml2 (2.11.5 -> 2.11.6)
libxml2-python (2.11.5 -> 2.11.6)
rubygem-google-protobuf (3.23.1 -> 3.25.1)
rubygem-rgl (0.5.10 -> 0.6.6)
rubygem-webrick (1.7.0 -> 1.8.1)
sssd
texlive
virglrenderer
=== Details ===
==== dracut ====
Version update (059+suse.511.g0bdb16ac -> 059+suse.522.g0fc72191)
- Update to version 059+suse.522.g0fc72191:
* fix(install.d): do not create rescue entry when working with UKIs
* fix(install.d): skip if $KERNEL_INSTALL_INITRD_GENERATOR is set otherwise
* feat(resume): do not attempt to install systemd-hibernate-resume@.service
* feat(install.d): add sort-key field to rescue BLS entries
* fix(install.d): do not generate a new initrd if any INITRD_FILE is provided
* fix(install.d): do not create initramfs if the supplied image is UKI
* feat(install.d): allow using dracut in combination with ukify
* fix(resume): add new systemd-hibernate-resume.service
* feat(systemd): install systemd-executor
==== drbd ====
- drbd: fix build error against kernel v6.6.1 (boo#1217078)
* add upstream patches
+ 0021-compat-sock-Remove-sendpage-in-favour-of-sendmsg-MSG.patch
+ 0022-compat-block-replace-fmode_t-with-a-block-specific-t.patch
+ 0023-compat-genetlink-remove-userhdr-from-struct-genl_inf.patch
* remove patch which are already included in upstream patches:
- bsc-1215699_fix-build-error-against-kernel-v6.5.4.patch
==== gnutls ====
Version update (3.8.1 -> 3.8.2)
Subpackages: libgnutls-dane0 libgnutls30
- Update to 3.8.2: [bsc#1217277, CVE-2023-5981]
* libgnutls: Fix timing side-channel inside RSA-PSK key exchange.
[GNUTLS-SA-2023-10-23, CVSS: medium] [CVE-2023-5981]
* libgnutls: Add API functions to perform ECDH and DH key agreement
The functionality has been there for a long time though they were
not available as part of the public API. This enables applications
to implement custom protocols leveraging non-interactive key
agreement with ECDH and DH.
* libgnutls: Added support for AES-GCM-SIV ciphers (RFC 8452)
The new algorithms GNUTLS_CIPHER_AES_128_SIV_GCM and
GNUTLS_CIPHER_AES_256_SIV_GCM have been added to be used through
the AEAD interface. Note that, unlike
GNUTLS_CIPHER_AES_{128,256}_SIV_GCM, the authentication tag is
appended to the ciphertext, not prepended.
* libgnutls: transparent KTLS support is extended to FreeBSD kernel
The kernel TLS feature can now be enabled on FreeBSD as well as
Linux when compiled with the --enable-ktls configure option.
* gnutls-cli: New option --starttls-name
Depending on deployment, application protocols such as XMPP may
require a different origin address than the external address to be
presented prior to STARTTLS negotiation. The --starttls-name can
be used to specify specify the addresses separately.
* API and ABI modifications:
- gnutls_pubkey_import_dh_raw: New function
- gnutls_privkey_import_dh_raw: New function
- gnutls_pubkey_export_dh_raw: New function
- gnutls_privkey_export_dh_raw: New function
- gnutls_x509_privkey_import_dh_raw: New function
- gnutls_privkey_derive_secret: New function
- GNUTLS_KEYGEN_DH: New enum member of gnutls_keygen_types_t
- GNUTLS_CIPHER_AES_128_SIV_GCM: Added
- GNUTLS_CIPHER_AES_256_SIV_GCM: Added
* Rebase gnutls-FIPS-140-3-references.patch
* Remove upstream: gnutls-GNUTLS_NO_EXTENSIONS-compatibility.patch
==== hplip ====
Subpackages: hplip-hpijs hplip-sane hplip-udev-rules
- hppsfilter: booklet printing: change insecure fixed /tmp file paths
(bsc#1214399)
* add hppsfilter-booklet-printing-change-insecure-fixed-tm.patch
==== inkscape ====
Version update (1.3 -> 1.3.1)
Subpackages: inkscape-extensions-extra inkscape-extensions-fig inkscape-extensions-gimp
- Update to version 1.3.1:
+ more than 30 crash/freeze fixes
+ a new feature to disable snapping to grid lines
+ a new feature to split text into its letters
+ the Shape Builder tool now creates an appropriate number of nodes
+ PDF files that could not be opened with Inkscape 1.3 can now be opened / imported again
+ See the full release notes
https://inkscape.org/doc/release_notes/1.3.1/Inkscape_1.3.1.html
==== libksba ====
Version update (1.6.4 -> 1.6.5)
- Update to 1.6.5:
* Add Brainpool curve detection using parameters with compressed
base point. [rKeb23f853f178]
* New configure option --with-libtool-modification. [T6619]
* Release-info: https://dev.gnupg.org/T6822
==== libreoffice ====
Version update (7.6.2.1 -> 7.6.3.1)
Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-en libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit
- Update to 7.6.3.1:
https://wiki.documentfoundation.org/Releases/7.6.3/RC1
https://wiki.documentfoundation.org/Releases/7.6.2/RC2
- Update bundled dependencies:
libcmis-0.5.2.tar.xz -> libcmis-0.6.0.tar.xz
poppler-23.06.0.tar.xz -> poppler-23.09.0.tar.xz
- Add bundled() markers
==== libsolv ====
Version update (0.7.25 -> 0.7.26)
Subpackages: libsolv-tools python3-solv ruby-solv
- fix evr roundtrip in testcases
- do not use deprecated headerUnload with newer rpm versions
- bump version to 0.7.26
==== libxml2 ====
Version update (2.11.5 -> 2.11.6)
Subpackages: libxml2-2 libxml2-tools
- Update to version 2.11.6:
* Regressions:
- threads: Fix --with-thread-alloc
- xinclude: Fix âlastâ pointer in xmlXIncludeCopyNode
* Bug fixes: parser: Fix potential use-after-free in
xmlParseCharDataInternal
==== libxml2-python ====
Version update (2.11.5 -> 2.11.6)
- Update to version 2.11.6:
* Regressions:
- threads: Fix --with-thread-alloc
- xinclude: Fix âlastâ pointer in xmlXIncludeCopyNode
* Bug fixes: parser: Fix potential use-after-free in
xmlParseCharDataInternal
==== rubygem-google-protobuf ====
Version update (3.23.1 -> 3.25.1)
- New upstream release 3.25.1
- Add 0001-ruby-return-0-from-shared_convert.c-shared_message.c.patch to fix
build failures with -Werror=return-type
- Fix spurious +x permissions in the sources
==== rubygem-rgl ====
Version update (0.5.10 -> 0.6.6)
- New upstream release 0.6.6, see bundled CHANGELOG.md
==== rubygem-webrick ====
Version update (1.7.0 -> 1.8.1)
- New upstream release 1.8.1, no changelog found
==== sssd ====
Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-krb5-common sssd-ldap
- Fix spec file for Leap
- /usr/etc migration, restore /etc/sssd/sssd.conf.rpmsave after
update (bsc#1216865)
- Do not install the KRB5 IDP plugin, it is useless without the
OIDC child
- Drop no longer valid --without-secrets configure switch
==== texlive ====
Subpackages: libkpathsea6 libsynctex2
- Silent some rpmlint errors
- Catch all lua based binaries for boo#1216650
- texlive-latex-bin-bin: Ensure the same version of libz1 is
installed in system as against what texlive was compiled
(boo#1216650).
==== virglrenderer ====
- Add pkgconfig(libva) BuildRequires: Enable support for hardware
video acceleration
- Add pkgconfig(vulkan) BuildRequires: Enable support for venus on
Tumbleweed (build failed on leap)
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
AppStream (0.16.3 -> 0.16.4)
avahi
avahi-glib2
bash (5.2.15 -> 5.2.21)
bind (9.18.19 -> 9.18.20)
btrfsprogs (6.5.1 -> 6.6.2)
createrepo_c
dnsmasq
emacs
flatpak (1.15.4 -> 1.15.6)
freerdp
fwupd (1.9.7 -> 1.9.8)
gdb
gnome-bluetooth (42.6 -> 42.7)
gnome-control-center (45.1 -> 45.1+14)
google-noto-fonts
grub2
gstreamer (1.22.6 -> 1.22.7)
gstreamer-plugins-bad (1.22.6 -> 1.22.7)
gstreamer-plugins-base (1.22.6 -> 1.22.7)
gstreamer-plugins-good (1.22.6 -> 1.22.7)
gstreamer-plugins-libav (1.22.6 -> 1.22.7)
gstreamer-plugins-rs (1.22.6 -> 0.11.2)
gstreamer-plugins-ugly (1.22.6 -> 1.22.7)
harfbuzz (8.2.2 -> 8.3.0)
jq
libadwaita (1.4.0 -> 1.4.0+12)
libgcrypt (1.10.2 -> 1.10.3)
libportal
libstorage-ng (4.5.156 -> 4.5.157)
libuv (1.46.0 -> 1.47.0)
lua54
makedumpfile (1.7.3 -> 1.7.4)
nodejs21 (21.1.0 -> 21.2.0)
openssl-1_1
openssl-3
ovmf
patterns-media
perl-IO-Socket-SSL (2.083 -> 2.84.0)
perl-Mail-AuthenticationResults (2.20230112 -> 2.20231031)
pipewire (0.3.84 -> 0.3.85)
plasma5-openSUSE (84.87~git20230131T131056~433af24 -> 84.87~git20231117T211718~757fefa)
poppler (23.10.0 -> 23.11.0)
poppler-qt5 (23.10.0 -> 23.11.0)
python-Twisted
python-psutil (5.9.5 -> 5.9.6)
python-rich (13.5.2 -> 13.7.0)
python-sniffio
qemu
qt6-base
rubygem-jaro_winkler (1.5.4 -> 1.5.6)
rubygem-llhttp-ffi (0.4.0 -> 0.5.0)
rubygem-nokogiri (1.13.9 -> 1.15.4)
rubygem-passenger (6.0.17 -> 6.0.18)
rubygem-rails-html-sanitizer (1.5.0 -> 1.6.0)
shared-mime-info (2.3 -> 2.4)
tgt (1.0.85 -> 1.0.89)
vte
webkit2gtk3 (2.42.1 -> 2.42.2)
webkit2gtk3-soup2 (2.42.1 -> 2.42.2)
xen (4.17.2_04 -> 4.18.0_02)
xfce4-notifyd
xfce4-whiskermenu-plugin (2.8.0 -> 2.8.1)
=== Details ===
==== AppStream ====
Version update (0.16.3 -> 0.16.4)
Subpackages: libAppStreamQt2 libappstream4
- Update to version 0.16.4:
* Features:
- Allow hyphens in the last segment of a component-ID
- Implement the developer element for unique developer IDs
- Add meson overrides
* Bugfixes:
- meson: Prevent building attempts with MSVC
- meson: Avoid potentially bad sed backup filename when fixing
.pc file
* Miscellaneous: Make sed invocation more portable
- Rebase patch with quilt.
==== avahi ====
Subpackages: libavahi-client3 libavahi-common3 libavahi-core7
- avahi-autoipd: only migrate files owned by avahi user if said
user exists: if the user does not exist (fresh installs), then
there is no chance any file is owned by the user (boo#1216730).
==== avahi-glib2 ====
Subpackages: libavahi-glib1 libavahi-gobject0 libavahi-ui-gtk3-0
- avahi-autoipd: only migrate files owned by avahi user if said
user exists: if the user does not exist (fresh installs), then
there is no chance any file is owned by the user (boo#1216730).
==== bash ====
Version update (5.2.15 -> 5.2.21)
Subpackages: bash-doc bash-sh
- Declare token YYEOF to be able to support older bison versions
as well
- Be sure to have a usable bison installed at build time
- Add upstream patches
* bash52-021
There is an off-by-one error that causes command substitutions to fail when
they appear in a word expansion inside a here-document.
* bash52-020
The parser did not allow `time' to appear as the first reserved word in a
command substitution.
* bash52-019
There are some cases where the shell reaped a background (asynchronous) job
and would incorrectly try to set the terminal's process group back to the
shell's. In these cases it never set the terminal process group to that
jobs's process group initially, so resetting it is incorrect.
* bash52-018
There are two problems with returning tokens to yyparse() when the shell
encounters a syntax error or when it reads EOF.
When reading a WORD token, the parser has to return the correct value to
yyparse. Previous versions returned a value < 0, which the bash parser
translated into YYERRCODE for bison, and in newer versions of bison, the
appropriate reset actions didn't happen. We should return YYUNDEF, which
bison uses for `invalid token'. Since we can return a token < 0 for both
invalid tokens and EOF, the bash tokenizer needs to differentiate between
those two cases.
* bash52-017
In certain cases, using the `.' builtin in a subshell would optimize away
the rest of the commands in the subshell.
* bash52-016
If an expression in an arithmetic for loop expands to NULL, the shell
would crash.
- Correct offsets of patches
* bash-4.3-sigrestart.patch
* bash-5.2.dif
==== bind ====
Version update (9.18.19 -> 9.18.20)
Subpackages: bind-doc bind-utils
- Update to release 9.18.20
Feature Changes:
* The IP addresses for B.ROOT-SERVERS.NET have been updated to
170.247.170.2 and 2801:1b8:10::b.
Bug Fixes:
* If the unsigned version of an inline-signed zone contained
DNSSEC records, it was incorrectly scheduled for resigning.
This has been fixed.
* Looking up stale data from the cache did not take local
authoritative data into account. This has been fixed.
* An assertion failure was triggered when lock-file was used at
the same time as the named -X command-line option. This has
been fixed.
* The lock-file file was being removed when it should not have
been, making the statement ineffective when named was started
three or more times. This has been fixed.
- Disable SLP by default for Factory and ALP (bsc#1214884)
==== btrfsprogs ====
Version update (6.5.1 -> 6.6.2)
Subpackages: btrfsprogs-bash-completion btrfsprogs-udev-rules libbtrfs0 libbtrfsutil1
- update to 6.6.2
* squota: change key number of EXTENT_OWNER_REF_KEY, sync with kernel 6.7-rc1
* property set/get: completely skip char devices, trying to set properties
and open /dev/watchdog* causes a reboot
* other: build warnings, test updates, documentation updates
- update to 6.6.1
* fix device scanning ioctl definition, accidental change to the 'forget' ioctl
that breaks mounting multi-device filesystems
- update to 6.6
* new global option --dry-run, now implemented for 'subvolume delete'
* fi defrag: new option --step to defragment files in steps, report progress
* balance: removed support for obsolete short syntax 'btrfs balance /path'
* mkfs: print zone count for each device in the overview
* check:
* verify inline ref ordering
* deprecate --clear-space-cache, moved to the 'rescue' group
* rescue clear-space-cache: new command moved from 'btrfs check' implementing
the same as option --clear-space-cache (to be deprecated and removed in the
future)
* dump-tree: output sequence number for inline refs
* fixes:
* fi resize: fallback to lowest devid when 1 does not exist, previously the
command would fail with "No such device"
* fi usage: fix "devices 0 != 1" message and broken output on multi-device
filesystem
* open files in non-blocking mode when reading fsid, this could hang when
trying to open fifo files or some special character devices, was observed
with 'prop set/get'
* experimental:
* mkfs: parametric zone size for emulated zoned mode
* other:
* cleanups refactoring
* new and updated tests
* CI updates
* documentation updates
- update to 6.5.3
* mkfs:
* add short aliases for -O specification, block-group-tree (bgt),
free-space-tree (fst), raid-stripe-tree (rst)
* don't try to resize the image (namely when backed by file) when --rootdir
contains sparse file larger than the image
* also copy xattr/permissions/ugid/timestamps of the top --rootdir directory
* add new option --device-uuid to let user specify exact uuid of the
device item (only for single device filesystems)
* check:
* on zoned devices, use correct super block offsets when repairing
* check inline extent refs order
* subvolume create: add new option --parent to create missing path
components of the given path (like mkdir -p)
* rescue clear-ino-cache: new command moved from 'btrfs check' implementing
the same as option --clear-ino-cache (to be deprecated and removed in the
future)
* dump-tree: allow '-' in tree identifier names for option -t
* btrfstune:
* drop short option and add long option to enable squota
* tune space reservation and batch size for block-group-tree conversion
* scrub status: print correct value of "Bytes scrubbed" for unfinished runs
* qgroup show: fix crash when attempting to print path of stale qgroups
* experimental features:
* move build of raid-stripe-tree out for testing but it's still considered
experimental
* other:
* shell completion updates
* sync raid-stripe-tree code with kernel
* build fixes
* new and updated tests
- update to 6.5.2
* new feature support:
* raid-stripe-tree, new tree to track extent mapping for raid profiles,
allows raid1*, raid0 and raid10 on zoned devices (kernel 6.7)
* simple quotas, simplified accounting that does not track exclusive and
shared extents (kernel 6.7)
* mkfs with duplicate UUID on a single device, temp-fsid (kernel 6.7)
* metadata_uuid: enhanced capabilities to repair partially updated fsid on
multiple devices
* other:
* updated tests and CI
* sync sources with kernel
==== createrepo_c ====
Subpackages: libcreaterepo_c1 python3-createrepo_c
- remove unneeded file-devel dependency
==== dnsmasq ====
- SLP got dropped, remove config (bsc#1214884)
==== emacs ====
Subpackages: emacs-el emacs-eln emacs-info emacs-nox emacs-x11 etags
- only use valgrind on 64 bit architectures
==== flatpak ====
Version update (1.15.4 -> 1.15.6)
Subpackages: flatpak-remote-flathub libflatpak0 system-user-flatpak
- Update to version 1.15.6:
+ In distributions that compile Flatpak to use a separate
bubblewrap (bwrap) executable, version 0.8.0 is now required.
+ Enabling the optional Wayland security context feature requires
libwayland-client, wayland-scanner >= 1.15 and
wayland-protocols >= 1.32.
+ Add --device=input, for access to evdev devices in /dev/input
+ Update bundled copy of bubblewrap to version 0.8.0, and rely on
its features:
+ Improve error message if seccomp is disabled in kernel config
+ Security hardening: set user namespace limit to 0, to prevent
creation of nested user namespaces in a more robust way
+ For subsandboxes started by flatpak-portal, inherit
environment variables from the flatpak run that started the
original instance rather than from flatpak-portal, fixing
behaviour of FLATPAK_GL_DRIVERS and similar features
+ Stop http transfers if a download in progress becomes very slow
+ Make it easier to configure extra languages, by picking them up
from AccountsService if configured there
+ Add new flatpak_transaction_add_rebase_and_uninstall() API,
allowing end-of-life apps to be replaced by their intended
replacement more reliably
+ Create a private Wayland socket with the "security context"
extension if available, allowing the compositor to identify
connections from sandboxed apps as belonging to the sandbox
+ Update libglnx to 2023-08-29
+ Use features of newer GLib versions if available
+ Turn off system-level crash reporting infrastructure during
some unit tests that involve intentional assertion failures
+ Add anchors to link to sections of flatpak-metadata
documentation
+ Bug fixes:
- Avoid warnings processing symbolic links with GLib >= 2.77.0,
and with GLib 2.76.0 (GLib 2.76.1 or later silences these
warnings)
- Bypass page cache for backend requests in revokefs, fixing
installation errors with libostree 2023.4
- Show AppStream metadata in flatpak remote-info as intended
- Don't let Flatpak apps inherit VK_DRIVER_FILES or
VK_ICD_FILENAMES from the host system, which would be wrong
for the sandbox
- Fix build failure with prereleases of libappstream 0.17.x
- Forward-compatibility with libappstream 1.0
- Fix installation with Meson if configured with
- Dauto_sideloading=true
- Fix a memory leak
- Fix compiler warnings
- Make the tests fail more comprehensibly if a required tool is
missing
- Clean up /var/tmp/flatpak-cache-* directories on boot
- Don't force GIO_USE_VFS=local for programs launched via
flatpak-spawn
- Clarify documentation for D-Bus name ownership
+ Internal changes:
- Split up large source files into smaller modules, reducing
internal circular dependencies
- Re-synchronize code backported from GLib with the version in
GLib
- Clarify documentation for D-Bus name ownership
- Make the flags used to apply "extra data" clearer
- Use glnx_opendirat() where possible
+ Updated translations.
- Add pkgconfig(wayland-client), pkgconfig(wayland-scanner) and
pkgconfig(wayland-protocols) BuildRequires and pass
with-wayland-security-context=yes to configure: Enable the
optional Wayland security context.
==== freerdp ====
Subpackages: libfreerdp2-2 libwinpr2-2
- Fix winpr-devel dependencies. WinePRTargets-*.cmake defines
CMake targets for winpr-hash and winpr-makecert. They have to be
present.
==== fwupd ====
Version update (1.9.7 -> 1.9.8)
Subpackages: fwupd-bash-completion libfwupd2 typelib-1_0-Fwupd-2_0
- Re-add fwupd-bsc1130056-change-shim-path.patch: patch was dropped
in error (boo#1217138).
- Update to version 1.9.8:
+ This release adds the following features:
- Add a DP AUX device subclass and port the Synaptics MST
plugin to it
- Add a feature flag for non-generic requests where
translations are required
- Hide generic VID/PIDs to avoid accidental firmware matches
- Optionally set the modem carrier configuration as the branch
name
- Rename 'fwupdmgr sync-bkc' to 'fwupdmgr sync' and also
consider the branch
- Require additional requirements for devices using non-OEM USB
VIDs
- Set the waiting-for-user status when sending a request
- Support uSWID SBoM data with LZMA compressed payloads
+ This release adds support for the following hardware:
- Kinetic SST/MST DisplayPort converters
- Wacom Cintiq Pros (DTH172, DTH227)
==== gdb ====
- Maintenance script qa.sh:
* Update PR31004 kfail.
- Patches added (backport from gdb-patches):
* gdb-fix-segfault-in-for_each_block-part-1.patch
- Maintenance script qa.sh:
* Update PR28561 kfail.
* Remove PR31015 kfail.
* Remove PR30547 kfail.
- Patches added (backport from master):
* gdb-symtab-add-producer_is_gas.patch
* gdb-symtab-work-around-gas-pr28629.patch
* gdb-tdep-fix-nr-array-elements-in-ppc64_aggregate_ca.patch
* gdb-testsuite-fix-gdb.python-py-breakpoint.exp-with-.patch
* gdb-tui-fix-segfault-in-tui_find_disassembly_address.patch
* gdb-tui-fix-wmaybe-uninitialized-in-tui_find_disasse.patch
* gdb-testsuite-add-wait_for_msg-arg-to-term-resize-fi.patch
- Patches added (backport from gdb-patches):
* gdb-fix-segfault-in-for_each_block-part-2.patch
* gdb-tui-allow-command-window-of-1-or-2-lines.patch
* gdb-tui-fix-resizing-of-terminal-to-1-or-2-lines.patch
- Maintenance script qa.sh:
* Remove PR28467, PR29418, PR29420, PR29814 and PR29408 kfail.
* Remove gdb.tui/tui-layout-asm-short-prog.exp kfail.
* Remove commit f68eca29d3b, 29004660c94, 301fe55e9c4,
4d88ae0c7b5, e7d69e72bfd, 8b272d7671f, 85819864f7c, 167f3beb655
and a0eda3df5b7 kfails.
* Add PR31015 kfail.
* Remove PR29793 kfail.
* Remove gdb.arch/powerpc-bcl-prologue.exp kfail.
* Remove PR29813 and PR29816 kfail.
- Maintenance script qa.sh:
* Update PR28561 kfail.
* Update PR29781 kfail.
- Maintenance script qa-local.sh:
* Add "Verify quilt setup" step.
- Patches added (backport from master):
* gdb-symtab-handle-self-reference-die.patch
* gdb-symtab-handle-self-reference-in-inherit_abstract.patch
* gdb-symtab-add-optimized-out-static-var-to-cooked-in.patch
- Maintenance script qa.sh:
* Add comment to kfail for PR30528.
* Add UNRESOLVED kfail for gdb.base/gcore-excessive-memory.exp.
* Add UNRESOLVED kfail for PR31001.
* Remove PR27238 kfail.
* Add powerpc64le hw watchpoint kfails.
* Add PR31004 kfail.
* Add PR30531 kfail.
- Patches added (backport from master):
* xcoffread.c-fix-werror-dangling-pointer-issue-with-m.patch
* avoid-manual-memory-management-in-go-lang.c.patch
* gdb-go-handle-v3-go_0-mangled-prefix.patch
- Patches added (backport from master):
* gdb-symtab-don-t-deduplicate-variables-in-gdb-index.patch
- Patches dropped (requires unsupported command):
* gdb-testsuite-add-wait-for-index-cache-in-gdb.dwarf2.patch
- Maintenance script qa.sh:
* Added PR30528 kfail.
- Patches added (manual import from fedora rawhide @ 52a4dab):
* gdb-rhbz1773651-gdb-index-internal-error.patch
- Patches added (backport from master):
* gdb-support-rseq-auxvs.patch
* gdb-symtab-fix-line-number-of-static-const-class-mem.patch
* gdb-symtab-fix-too-many-symbols-in-gdbpy_lookup_stat.patch
* gdb-symtab-handle-pu-in-iterate_over_some_symtabs.patch
* gdb-symtab-work-around-pr-gas-29517.patch
* gdb-testsuite-add-kfail-for-pr-ada-30908.patch
* gdb-testsuite-add-xfail-for-gdb-29965-in-gdb.threads.patch
* gdb-testsuite-fix-gdb.ada-mi_task_arg.exp-with-newer.patch
* gdb-testsuite-fix-gdb.arch-i386-signal.exp-on-x86_64.patch
* gdb-testsuite-fix-gdb.cp-m-static.exp-regression-on-.patch
* gdb-testsuite-fix-gdb.dwarf2-nullptr_t.exp-with-cc-w.patch
* gdb-testsuite-fix-regexps-in-gdb.base-step-over-sysc.patch
* gdb-symtab-find-main-language-without-symtab-expansi.patch
* gdb-testsuite-add-wait-for-index-cache-in-gdb.dwarf2.patch
- Patches moved (from "Backport from gdb-patches" to
"Backports from master, available in next release"):
* gdb-cli-handle-pending-c-after-rl_callback_read_char.patch
* gdb-testsuite-add-have_host_locale.patch
- Maintenance script qa.sh:
* Remove PR28463, PR28108, PR29247 and PR29160 kfails.
* Remove PR30540, PR30908, PR29965 kfails.
* Remove gdb.ada/mi_task_arg.exp kfail.
- Limit "Suggests: %{python}-Pygments" to SLE-15 and later.
- Mention import-fedora.sh to fix warning.
- Maintenance script qa.sh:
* Update kfail for PR28561.
- Maintenance script import-fedora.sh:
* New script. Move skipped patches list from gdb.spec to script.
- Update to fedora 38 @ 82cc8e0.
- Patch renamed:
* pass-const-frame_info_ptr-reference-for-skip_-langua.patch ->
gdb-rhbz2192105-ftbs-dangling-pointer
- Patches added:
* gdb-bz2237392-dwarf-obstack-allocation.patch
* gdb-bz2237515-debuginfod-double-free.patch
* gdb-rhbz2160211-excessive-core-file-warnings.patch
* gdb-rhbz2196395-debuginfod-legacy-openssl-crash.patch
* gdb-rhbz2233961-CVE-2022-4806.patch
* gdb-rhbz2233965-memory-leak.patch
... changelog too long, skipping 14 lines ...
* Remove PR27813 kfail and corresponding todo.
==== gnome-bluetooth ====
Version update (42.6 -> 42.7)
Subpackages: libgnome-bluetooth-3_0-13 libgnome-bluetooth-ui-3_0-13 typelib-1_0-GnomeBluetooth-3_0
- Update to version 42.7:
+ Fix bugs that stopped the Obex Push server from automatically
accepting files from paired devices.
+ Fix bugs that caused the device's Connection switch to appear
out of sync with the connection state.
+ Build fixes.
+ Updated translations.
==== gnome-control-center ====
Version update (45.1 -> 45.1+14)
Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-user-faces
- Update to version 45.1+14:
+ user-accounts: Sync lock tooltip for the Avatar
+ privacy: Fix crash from free bug in cc-camera-page
+ default-apps: Workaround AdwComboRow item selection at startup
+ network-connection-editor: Align Routes labels
+ Updated translations.
==== google-noto-fonts ====
- make build reproducible (boo#1047218)
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin
- Fix XFS regression in 2.12~rc1 and support large extent counters
* 0001-fs-xfs-Incorrect-short-form-directory-data-boundary-.patch
* 0002-fs-xfs-Fix-XFS-directory-extent-parsing.patch
* 0003-fs-xfs-add-large-extent-counters-incompat-feature-su.patch
==== gstreamer ====
Version update (1.22.6 -> 1.22.7)
Subpackages: gstreamer-utils libgstreamer-1_0-0 typelib-1_0-Gst-1_0
- Update to version 1.22.7:
+ Highlighted bugfixes:
- Security fixes for the MXF demuxer and AV1 codec parser
- glfilter: Memory leak fix for OpenGL filter elements
- d3d11videosink: Fix toggling between fullscreen and maximized, and window switching in fullscreen mode
- DASH / HLS adaptive streaming fixes
- Decklink card device provider device name string handling fixes
- interaudiosrc: handle non-interleaved audio properly
- openh264: Fail gracefully if openh264 encoder/decoder creation fails
- rtspsrc: improved whitespace handling in response headers by certain cameras
- v4l2codecs: avoid wrap-around after 1000000 frames; tiled formats handling fixes
- video-scaler, audio-resampler: downgraded "Can't find exact taps" debug log messages
- wasapi2: Don't use global volume control object
- Rust plugins: various improvements in aws, fmp4mux, hlssink3, livesync, ndisrc, rtpav1depay, rsfilesink, s3sink, sccparse
- WebRTC: various webrtchttp, webrtcsrc, and webrtcsink improvements and fixes
- Cerbero build tools: recognise Windows 11; restrict parallelism of gst-plugins-rs build on small systems
- Packages: ca-certificates update; fix gio module loading and TLS support on macOS
+ gstreamer:
- debugutils: provide gst_debug_bin_to_dot_data() implementation even if debug system is disabled
- Rebase reduce-required-meson.patch
==== gstreamer-plugins-bad ====
Version update (1.22.6 -> 1.22.7)
Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0
- Update to version 1.22.7:
+ audiobuffersplit: disable max-silence-time if set to 0
+ libde265: Do not decode the non 4:2:0 8 bits format
+ codecparsers: av1: Clip max tile rows and cols values
+ codecs: h265: Do not free slice header before using it
+ d3d11converter: Fix 10/12bits planar output
+ d3d11decoder: Fix crash on negotiate() when decoder is not
configured
+ d3d11videosink: Fix toggling between fullscreen and maximized
+ d3d11videosink: Fix window switching in case of fullscreen mode
+ d3d11screencapturesrc: Fix mouse cursor blending
+ decklink: Fix broken COM string conversion
+ decklink: Decklink Device Provider wrongly parses SDK strings
+ gstwayland: Don't depend on wayland-protocols
+ interaudiosrc: Add audio meta to buffers containing
non-interleaved samples
+ kmssink: Add TIDSS auto-detection
+ mfvideoencoder: Fix typo in template caps
+ mxfdemux: Store GstMXFDemuxEssenceTrack in their own fixed
allocation
+ nvcodec: fix bounds for auto-select GPU enumeration
+ openh264: Fail gracefully if openh264 encoder/decoder creation
fails
+ tsmux: More cleanups
+ tsmux: Fill padding packets with stuffing bytes
+ v4l2codecs: Fix tiled formats stride conversion
+ v4l2videodec: Correctly free caps to avoid memory leak
+ wasapi2: Don't use global volume control object
+ wasapi2device: Ignore activation failed device
- Rebase reduce-required-meson.patch
==== gstreamer-plugins-base ====
Version update (1.22.6 -> 1.22.7)
Subpackages: libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstAudio-1_0 typelib-1_0-GstPbutils-1_0 typelib-1_0-GstTag-1_0 typelib-1_0-GstVideo-1_0
- Update to version 1.22.7:
+ audioaggregator, audiomixer: Make access to the pad list
thread-safe while mixing
+ basetextoverlay: Fix overlay never rendering again if width
reaches 1px
+ glfiter: Protect GstGLContext access
+ glfilter: Only add parent meta if inbuf != outbuf
+ macOS: fix huge memory leak with glfilter-based elements
+ rtspconnection: Ignore trailing whitespace in rtsp headers
+ video-scaler, audio-resampler: downgrade 'can't find exact
taps' to debug
- Rebase reduce-required-meson.patch
==== gstreamer-plugins-good ====
Version update (1.22.6 -> 1.22.7)
Subpackages: gstreamer-plugins-good-extra gstreamer-plugins-good-gtk gstreamer-plugins-good-jack gstreamer-plugins-good-qtqml
- Update to version 1.22.7:
+ adaptivedemux2: Do not submit_transfer when cancelled
+ adaptivedemux2: Call GTasks's return functions for blocking
tasks
+ flacenc: Correctly handle up to 255 cue entries
+ flvmux: set the src segment position as running time
+ imagesequencesrc: fix deadlock when feeding the same image in
a loop
+ pngenc: output one frame only in snapshot mode and mark output
frames as I-frames
+ qmlglsrc: sync on the streaming thread
+ souphttpsrc: Chain up to finalize to fix memory leak
+ wavparse: fix buffer leak with adtl tag
+ v4l2codecs: Avoid QBUF/DQBUF struct timeval .tv_usec
wrap-around at frame 1000000
+ v4l2codecs: Fix tiled formats stride conversion
- Rebase reduce-required-meson.patch
==== gstreamer-plugins-libav ====
Version update (1.22.6 -> 1.22.7)
- Update to version 1.22.7:
+ No changes, stable bump only.
- Rebase reduce-required-meson.patch.
==== gstreamer-plugins-rs ====
Version update (1.22.6 -> 0.11.2)
- Use xz format in the _service file since services in SLE SP6
don't support zstd.
- Update to version 0.11.2:
+ Fixed
- filesink / s3sink: Set sync=false to allow processing faster
than real-time.
- hlssink3: Various minor bugfixes and cleanups.
- livesync: Various minor bugfixes and cleanups that should
make the element work more reliable.
- s3sink: Fix handling of non-ASCII characters in URIs and
keys.
- sccparse: Parse SCC files that are incorrectly created by
CCExtractor.
- ndisrc: Assume > 8 channels are unpositioned.
- rtpav1depay: Skip unexpected leading fragments instead of
repeatedly warning
- about the stream possibly being corrupted.
- rtpav1depay: Don't push stale temporal delimiters downstream
but wait until a complete OBU is collected.
- whipwebrtcsink: Use correct URL during redirects.
- webrtcsink: Make sure to not miss any ICE candidates.
- webrtcsink: Fix deadlock when calling set-local-description.
- webrtcsrc: Fix reference cycles that prevented the element
from being freed.
- webrtcsrc: Define signaller property as CONSTRUCT_ONLY to
make it actually possible to set different signallers.
- webrtc: Update livekit signaller to livekit 0.2.
- meson: Various fixes to the meson-based build system.
+ Added
- audiornnoise: Attach audio level meta to output buffers.
- hlssink3: Allow adding EXT-X-PROGRAM-DATE-TIME tag to the
manifest.
- webrtcsrc: Add turn-servers property.
+ Changed
- aws/webrtc: Update to AWS SDK 0.57/0.35.
- The last update to 1.22.6 was actually a downgrade to the 0.9
branch that upstream seems to tag following the gstreamer version
number but we should stick to the gstreamer-plugins-rs versioning
scheme.
- To see the changes between 0.10.11 and 0.11.2, please check:
https://gitlab.freedesktop.org/gstreamer/gst-plugins-rs/-/blob/main/CHANGEL…
- Add a vendor-for-dav1d-1.3.0.tar.zst vendor file specifically
for Tumbleweed where dav1d 1.3.0 is used and is not supported by
the dav1d crate used in 0.11.2 by default, so in this manually
created vendor file, the dav1d 0.10 crate is forced.
- Add ix86 to excluded arches.
==== gstreamer-plugins-ugly ====
Version update (1.22.6 -> 1.22.7)
- Update to version 1.22.7:
+ No changes, stable bump only.
- Rebase reduce-required-meson.patch.
==== harfbuzz ====
Version update (8.2.2 -> 8.3.0)
Subpackages: libharfbuzz-gobject0 libharfbuzz-icu0 libharfbuzz-subset0 libharfbuzz0 typelib-1_0-HarfBuzz-0_0
- Update to version 8.3.0:
+ Improve memory barrier to fix potential segfaults
+ Various subsetting and instancing fixes.
+ Rename âhb-subsetâ option â--instanceâ to â--variationsâ to
match the other tools, old option kept as an alias
- -devel: fix no-library-dependency-on libharbuzz-cairo0
==== jq ====
Subpackages: libjq1
- build with valgrind only on 64 bit architectures
==== libadwaita ====
Version update (1.4.0 -> 1.4.0+12)
Subpackages: libadwaita-1-0 typelib-1_0-Adw-1
- Update to version 1.4.0+12:
+ docs: Use `<property>` instead of `<child> for
`AdwNavigationSplitView`
+ navigation-view: Add missing space to warning message
+ tab-view: Fix typo causing crash on AdwTabPages dispose
+ combo-row: Make the selected indicator a presentational element
+ tab-view: pages model can outlive it's view
+ tab-view: keep view alive during ::page-detached
+ about-window: Fix build with newer libappstream (boo#1217047)
+ combo-row: Preserve focus when opening the popover
+ Revert "Add some default options to the GTK subproject"
+ Updated translations.
==== libgcrypt ====
Version update (1.10.2 -> 1.10.3)
- Update to 1.10.3:
* Bug fixes:
- Fix public key computation for other EdDSA curves. [rC469919751d6e]
- Remove out of core handler diagnostic in FIPS mode. [T6515]
- Check that the digest size is not zero in gcry_pk_sign_md and
gcry_pk_verify_md. [T6539]
- Make store an s-exp with \0 is considered to be binary. [T6747]
- Various constant-time improvements.
* Portability:
- Use getrandom call only when supported by the platform. [T6442]
- Change the default for --with-libtool-modification to never. [T6619]
* Release-info: https://dev.gnupg.org/T6817
* Remove patch upstream libgcrypt-1.10.0-out-of-core-handler.patch
==== libportal ====
Subpackages: libportal-gtk3-1 libportal-gtk4-1 typelib-1_0-Xdp-1_0
- Rename package name from libportal-1 to libportal1, this is
necessary to conform to the shared library policy:
https://en.opensuse.org/openSUSE:Shared_library_packaging_policy#Package_na…
==== libstorage-ng ====
Version update (4.5.156 -> 4.5.157)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- merge gh#openSUSE/libstorage-ng#965
- refactored class SystemCmd
- fixed passing huge amount of data to stdin
- coding style
- 4.5.157
==== libuv ====
Version update (1.46.0 -> 1.47.0)
- libuv.keyring: added keyid 79A67C55A3679C8B
Jameson Nash <vtjnash(a)gmail.com>
- refresh fix_tests.patch
- Update to 1.47.0
* test: fix license blurb (Ben Noordhuis)
* linux: fix harmless warn_unused_result warning (Shuduo Sang)
* darwin: fix build warnings (å°æ)
* linux: don't use io_uring on pre-5.10.186 kernels (Ben Noordhuis)
* fs: fix WTF-8 decoding issue (Jameson Nash)
* test: enable disabled tcp_connect6_error_fault Ben Noordhuis)(
* test: enable disabled fs_link (Ben Noordhuis)
* test: enable disabled spawn_same_stdout_stderr (Ben Noordhuis)
* linux: handle UNAME26 personality (Ben Noordhuis)
* build: move cmake_minimum_required version to 3.9 (Keith Winstein)
* unix: set ipv6 scope id for link-local addresses (Ben Noordhuis)
* unix: match kqueue and epoll code (Trevor Norris)
* win,spawn: allow `%PATH%` to be unset (Kyle Edwards)
* doc: switch to Furo, a more modern Sphinx theme (Saúl Ibarra Corretgé)
* darwin: make TCP_KEEPINTVL and TCP_KEEPCNT available (å°æ)
* win,fs: avoid winapi macro redefinition (Brad King)
* linux: add missing riscv syscall numbers (michalbiesek)
* doc: fix broken "Shared library" Wikipedia link (Alois Klink)
* unix: get mainline kernel version in Ubuntu (Santiago Gimeno)
* unix: get mainline kernel version in Debian (Ben Noordhuis)
* unix: disable io_uring close on selected kernels (Santiago Gimeno)
* test: skip tests when ipv6 is not available (Santiago Gimeno)
* ibmi: implement ifaddrs, getifaddrs, freeifaddrs (Abdirahim Musse)
* unix: reset signal counters after fork (SmorkalovG)
* unix: remove pread/preadv conditionals (Ben Noordhuis)
* unix: remove pwrite/pwritev conditionals (Ben Noordhuis)
* darwin: remove workaround for data corruption bug (Ben Noordhuis)
* src: default to stream=stderr in handle printer (Ben Noordhuis)
* test: switch to new-style ASSERT_EQ macros (Pleuvens)
* zos: correctly get cpu model in uv_cpu_info() (jolai)
* test: fix get_passwd2 on IBM i (Abdirahim Musse)
* unix: don't malloc on sync uv_fs_read (Ben Noordhuis)
* freebsd: get fs event path with fcntl(F_KINFO) (David Carlier)
* test: switch from ASSERT_* to ASSERT_PTR_* (Pleuvens)
* darwin: workaround apple pthread_cond_wait bug (Julien Roncaglia)
* doc: uv_close should be called after exit callback (Pleuvens)
* test: 192.0.2.0/24 is the actual -TEST-NET-1 (prubel)
* unix: add back preadv/pwritev fallback (Ben Noordhuis)
* unix: rename variable for consistency (Ben Noordhuis)
* unix: merge read/write code into single functions (Ben Noordhuis)
* doc: filename arg to uv_fs_event_cb can be NULL (Ben Noordhuis)
* build,win: we need to link against shell32.lib (Per Allansson)
* unix: no preadv/pwritev workaround if not needed (Jeffrey H. Johnson)
* build: add CI for Windows ARM64 (build only) (Per Allansson)
* linux: disable io_uring on 32 bits arm systems (Ben Noordhuis)
* misc: export WTF8 conversion utilities (Jameson Nash)
* build: fix libuv.a file name for cmake (Jameson Nash)
* build: add windows ubsan and clang ci (Matheus Izvekov)
* win: improve accuracy of ProductName between arch (Christian Heimlich))
==== lua54 ====
- Add skip-tests_big-endian.patch to skip little-endian-only
tests (bsc#1216930).
==== makedumpfile ====
Version update (1.7.3 -> 1.7.4)
- Enable build for riscv64.
- Reduce compatibility cruft.
- Update to 1.7.4:
* Add riscv64 support
* Support kernels up to v6.6 (x86_64)
- Drop upstreamed patches:
* ppc64-do-page-traversal-if-vmemmap_list-not-po.patch
* Support-struct-module_memory-on-Linux-6.4-and-.patch
- Build with a bundled eppic git snapshot.
==== nodejs21 ====
Version update (21.1.0 -> 21.2.0)
Subpackages: npm21
- Update to 21.2.0
* esm: add import.meta.dirname and import.meta.filename
* fs: add stacktrace to fs/promises
* lib:
+ add --no-experimental-global-navigator CLI flag
+ add navigator.language & navigator.languages
+ add navigator.platform
* stream:
+ add support for deflate-raw format to webstreams compression
+ use Array for Readable buffer
+ optimize creation
* test_runner:
+ adds built in lcov reporter
+ test_runner: add Date to the supported mock APIs
+ test_runner, cli: add --test-timeout flag
For details see
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V21.md#21…
- nodejs20-zlib-1.3.patch: upstreamed, dropped
- node-gyp-addon-gypi.patch: rebased
- fix_ci_tests.patch: partially upstreamed
==== openssl-1_1 ====
Subpackages: libopenssl1_1
- Security fix: [bsc#1216922, CVE-2023-5678]
* Fix excessive time spent in DH check / generation with large Q
parameter value.
* Applications that use the functions DH_generate_key() to generate
an X9.42 DH key may experience long delays. Likewise,
applications that use DH_check_pub_key(), DH_check_pub_key_ex
() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42
DH parameters may experience long delays. Where the key or
parameters that are being checked have been obtained from an
untrusted source this may lead to a Denial of Service.
* Add openssl-CVE-2023-5678.patch
- Remove trailing spaces from changelog
==== openssl-3 ====
Subpackages: libopenssl3
- Security fix: [bsc#1216922, CVE-2023-5678]
* Fix excessive time spent in DH check / generation with large Q
parameter value.
* Applications that use the functions DH_generate_key() to generate
an X9.42 DH key may experience long delays. Likewise,
applications that use DH_check_pub_key(), DH_check_pub_key_ex
() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42
DH parameters may experience long delays. Where the key or
parameters that are being checked have been obtained from an
untrusted source this may lead to a Denial of Service.
* Add openssl-CVE-2023-5678.patch
==== ovmf ====
Subpackages: qemu-uefi-aarch64
- Add ovmf-UefiCpuPkg-BaseXApicX2ApicLib-fix-CPUID_V2_EXTENDED_.patch
fix CPUID_V2_EXTENDED_TOPOLOGY detection (bsc#1216472)
- Sync change log to prepare for sending edk2-stable202308 ovmf to SLE15-SP6
(jsc#PED-6233, jsc#PED-5523)
- Removed the following backported patches because they are merged
to edk2 mainline:
- ovmf-MdeModulePkg-PiSmmCore-SmmEntryPoint-underflow-CVE-2.patch
cab1f02565 MdeModulePkg/PiSmmCore: SmmEntryPoint underflow (CVE-2021-38578)
(bsc#1196741)
==== patterns-media ====
- Drop libpurple-meanwhile plugin from the DVD; as the
media-rest_dvd pattern was not installable for so long, some cruft
that has not been missing from the DVD has accumulated.
- Do not recommend 32bit libraries on the DVD, except glibc-32bit.
- Drop seamonkey from the rest_dvd pattern recommends: it did not
end up on the DVD anyway due to other locks.
- Drop hylafax as well: has not been on the DVD until below pattern
fix was merged.
- Also drop patterns-network_admin: quite large with nagios and
wireshark.
- Drop pulseaudio (which was missing for a while already) as we
switched long ago to pipewire.
- No longer require breeze5-wallpapers: this has been locked from
the DVD for a long time already, but the requirement here
actually makes the entire patterns-media-rest_dvd fall off the
DVD.
==== perl-IO-Socket-SSL ====
Version update (2.083 -> 2.84.0)
- updated to 2.084
see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes
2.084 2023/11/06
- various fixes for edge cases and build: #136, #141, #142, #143, #145
- update documentation to reflect default SSL_version
==== perl-Mail-AuthenticationResults ====
Version update (2.20230112 -> 2.20231031)
- updated to 2.20231031
see /usr/share/doc/packages/perl-Mail-AuthenticationResults/Changes
2.20231031 2023-10-31 23:57:33+00:00 UTC
- Option to set more strict quoting of string
==== pipewire ====
Version update (0.3.84 -> 0.3.85)
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools
- Update to version 0.3.85 (1.0RC5):
* Highlights
- Fix an issue where a link could end up paused while not
negotiated.
- Fix an infinite recursion issue when finding runnable nodes.
- Support XDG base directories when loading ACP config.
- Fix MIDI event recording preview in Ardour.
- Many more small fixes, cleanups and improvements.
* PipeWire
- Fix an issue where a link could end up paused while not
negotiated. (#3619)
- Fix an infinite recursion issue when finding runnable nodes
by stopping the scan on feedback links around the driver.
(#3621)
- The system service now has better socket permissions.
* Modules
- Add support for uclamp. This allows the scheduler to make
better informed decisions about where tasks should be placed,
and what pstate to set for the CPU it is running on.
- Emit warnings when applications are not doing the right
locking instead of crashing.
- Improve media.name for RAOP sinks. (#3801)
- Support pause/resume in pipe-tunnel. (#3197)
- Remove time rlimit when probing for realtime to avoid
SIGXCPU.
* SPA
- Fix a bug where the resampler would be activated even when
there is an ALSA pitch element. (#3628)
- Improve resume from suspend in ALSA. (#3646)
- Add option to expose ALSA controls as prop params.
- Support XDG base directories when loading ACP config. This
makes it possible to override the ACP config files.
* Bluetooth
- Schedule nodes in the same ISO group together.
- More BAP fixes and cleanups.
* JACK
- Fix MIDI events from peer ports. This makes the MIDI event
recording preview of Ardour work correctly.
* GStreamer
- Fix some error handling in the source and sink.
* ALSA plugin
- Improve poll descriptor handling. (#3648)
* Docs
- Many improvements to the layout and organization.
==== plasma5-openSUSE ====
Version update (84.87~git20230131T131056~433af24 -> 84.87~git20231117T211718~757fefa)
Subpackages: plasma5-defaults-openSUSE plasma5-theme-openSUSE plasma5-workspace-branding-openSUSE sddm-theme-openSUSE
- Update to version 84.87~git20231117T211718~757fefa:
* Fix active titlebar color with OpenSUSEdark(alternate) color schemes
==== poppler ====
Version update (23.10.0 -> 23.11.0)
Subpackages: libpoppler-cpp0 libpoppler-glib8 poppler-tools
- version update to 23.11.0
core:
* CairoOutputDev: Use internal downscaling algorithm if image exceeds Cairo's maximum dimensions.
* Internal code improvements
* Fix crash on malformed files
utils:
* pdftocairo: Add option to document logical structure if output is pdf
* pdftocairo: EPS output should not contain %%PageOrientation
==== poppler-qt5 ====
Version update (23.10.0 -> 23.11.0)
- version update to 23.11.0
core:
* CairoOutputDev: Use internal downscaling algorithm if image exceeds Cairo's maximum dimensions.
* Internal code improvements
* Fix crash on malformed files
utils:
* pdftocairo: Add option to document logical structure if output is pdf
* pdftocairo: EPS output should not contain %%PageOrientation
==== python-Twisted ====
Subpackages: python311-Twisted python311-Twisted-tls
- Add CVE-2023-46137-HTTP-pipeline-response.patch (bsc#1216588,
CVE-2023-46137) serializing pipelined HTTP requests.
==== python-psutil ====
Version update (5.9.5 -> 5.9.6)
- update to version 5.9.6:
* Enhancements
+ 1703: cpu_percent() and cpu_times_percent() are now thread
safe, meaning they can be called from different threads and
still return meaningful and independent results.
+ 2266: if Process class is passed a very high PID, raise
NoSuchProcess instead of OverflowError. (patch by Xuehai Pan)
+ 2246: drop python 3.4 & 3.5 support. (patch by Matthieu
Darbois)
+ 2290: PID reuse is now pre-emptively checked for
Process.ppid() and Process.parents().
+ 2312: use ruff Python linter instead of flake8 + isort. It's
an order of magnitude faster + it adds a ton of new code
quality checks.
* Bug fixes
+ 2195, [Linux]: no longer print exception at import time in
case /proc/stat can't be read due to permission error.
+ 2268: bytes2human() utility function was unable to properly
represent negative values.
+ 2284, [Linux]: Process.memory_full_info() may incorrectly
raise ZombieProcess if it's determined via
/proc/pid/smaps_rollup.
+ 2288, [Linux]: correctly raise ZombieProcess on
Process.exe(), Process.cmdline() and Process.memory_maps()
instead of returning a "null" value.
+ 2290: differently from what stated in the doc, PID reuse is
not pre-emptively checked for Process.nice() (set),
Process.ionice(), (set), Process.cpu_affinity() (set),
Process.rlimit() (set), Process.parent().
- refresh skip_rlimit_tests_on_python2.patch
- drop removal of shebang: fixed upstream
==== python-rich ====
Version update (13.5.2 -> 13.7.0)
- update to version 13.7.0:
* Added
+ Adds missing parameters to Panel.fit #3142
+ Fixed
+ Some text goes missing during wrapping when it contains
double width characters #3176
+ Ensure font is correctly inherited in exported HTML #3104
+ Fixed typing for FloatPrompt.
- additional changes from 13.6.0:
* Added Python 3.12 to classifiers.
- additional changes from 13.5.3:
* Fixed
+ Markdown table rendering issue with inline styles and links
[#3115]
+ Fix Markdown code blocks on a light background #3123
==== python-sniffio ====
- Remove dependency on curio completely.
==== qemu ====
Subpackages: qemu-arm qemu-audio-spice qemu-block-curl qemu-block-nfs qemu-block-rbd qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-host qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-img qemu-ipxe qemu-ksm qemu-pr-helper qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios
- Fix bsc#1216638:
* target/s390x: Fix LAALG not updating cc_src
* target/s390x: Fix CLC corrupting cc_src
==== qt6-base ====
Subpackages: libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6Sql6 libQt6Test6 libQt6Widgets6 qt6-network-tls qt6-platformtheme-gtk3
- Make libQt6Network6 require the network plugins
==== rubygem-jaro_winkler ====
Version update (1.5.4 -> 1.5.6)
- New upstream release 1.5.6, no changelog found
==== rubygem-llhttp-ffi ====
Version update (0.4.0 -> 0.5.0)
- New upstream release 0.5.0, see bundled CHANGELOG.md
==== rubygem-nokogiri ====
Version update (1.13.9 -> 1.15.4)
- Bump mini_portile2 version in the spec
- 1.15.4:
[#]# 1.15.4 / 2023-08-11
[#]## Dependencies
* [CRuby] Vendored libxml2 is updated to v2.11.5 from v2.11.4. For details please see https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.5
[#]## Fixed
* Fixed a typo in a HTML5 parser error message. [[#2927](https://github.com/sparklemotion/nokogiri/issues/2927)] (Thanks, [@anishathalye](https://github.com/anishathalye)!)
* [CRuby] `ObjectSpace.memsize_of` is now safe to call on `Document`s with complex DTDs. In previous versions, this debugging method could result in a segfault. [[#2923](https://github.com/sparklemotion/nokogiri/issues/2923), [#2924](https://github.com/sparklemotion/nokogiri/issues/2924)]
---
sha256 checksums:
```
14091a07e07045a440213f7d5ced732fa7654ae8b6c7d180137f4124c5284ab8 nokogiri-1.15.4-aarch64-linux.gem
572ddc19934d010e98821a946d89462ae66b310fecc3fe12c48b0025c2f76855 nokogiri-1.15.4-arm-linux.gem
707288e293f4fc82a008f90b7ba0180d9f803f6a239a13e424378fedf8cf93e9 nokogiri-1.15.4-arm64-darwin.gem
04745925f63af61144eccef38a703928629cf97c34dbb1c42e3def17ac77ec92 nokogiri-1.15.4-java.gem
a0bfb65461a0453afed1a41b235fe84d5b9c7f4d70afd45f0dc2fdec8909faf1 nokogiri-1.15.4-x64-mingw-ucrt.gem
b9d01b9202e33cc23d19b2c1fc18ff4029cdda9b4f937a4baaefd4124a2158ba nokogiri-1.15.4-x64-mingw32.gem
f6ae258d7ed5f81715118282aa45486e68fd44b9747d0244a236e9ed5b94c45d nokogiri-1.15.4-x86-linux.gem
3f65b2426ece8da908bd5df5b6262ce525393f5245f8258a245bb4c3f5759b98 nokogiri-1.15.4-x86-mingw32.gem
d756605c540034debd7f486ae27802e6b1b129013fd6b1bb823783ef6f2bc5d7 nokogiri-1.15.4-x86_64-darwin.gem
872ced3d72d797ed9b5a76c67141c6cee7589711358e11c73e9c53724ffd1842 nokogiri-1.15.4-x86_64-linux.gem
e4a801e5ef643cc0036f0a7e93433d18818b31d48c9c287596b68e92c0173c4d nokogiri-1.15.4.gem
```
1.15.3:
[#]# 1.15.3 / 2023-07-05
[#]## Fixed
* Passing an object that is not a kind of `XML::Node` as the first parameter to `CDATA.new` now raises a `TypeError`. Previously this would result in either a segfault (CRuby) or a Java exception (JRuby). [[#2920](https://github.com/sparklemotion/nokogiri/issues/2920)]
* Passing an object that is not a kind of `XML::Node` as the first parameter to `Schema.from_document` now raises a `TypeError`. Previously this would result in either a segfault (CRuby) or a Java exception (JRuby). [[#2920](https://github.com/sparklemotion/nokogiri/issues/2920)]
* [CRuby] Passing an object that is not a kind of `XML::Node` as the second parameter to `Text.new` now raises a `TypeError`. Previously this would result in a segfault. [[#2920](https://github.com/sparklemotion/nokogiri/issues/2920)]
* [CRuby] Replacing a node's children via methods like `Node#inner_html=`, `#children=`, and `#replace` no longer defensively dups the node's next sibling if it is a Text node. This behavior was originally adopted to work around libxml2's memory management (see [#283](https://github.com/sparklemotion/nokogiri/issues/283) and [#595](https://github.com/sparklemotion/nokogiri/issues/595)) but should not have included operations involving `xmlAddChild()`. [[#2916](https://github.com/sparklemotion/nokogiri/issues/2916)]
* [JRuby] Fixed NPE when serializing an unparented HTML node. [[#2559](https://github.com/sparklemotion/nokogiri/issues/2559), [#2895](https://github.com/sparklemotion/nokogiri/issues/2895)] (Thanks, [@cbasguti](https://github.com/cbasguti)!)
---
sha256 checksums:
```
70dadf636ae026f475f07c16b12c685544d4f8a764777df629abf1f7af0f2fb5 nokogiri-1.15.3-aarch64-linux.gem
83871fa3f544dc601e27abbdef87315a77fe1270fe4904986bd3a7df9ca3d56f nokogiri-1.15.3-arm-linux.gem
fa4a027478df9004a2ce91389af7b7b5a4fc790c23492dca43b210a0f8770596 nokogiri-1.15.3-arm64-darwin.gem
95d410f995364d9780c4147d8fca6974447a1ccd3a1e1b092f0408836a36cc9c nokogiri-1.15.3-java.gem
599a46b6e4f5a34dd21da06bdbd69611728304af5ef42bb183e4b4ca073fd7a3 nokogiri-1.15.3-x64-mingw-ucrt.gem
92ebfb637c9b7ba92a221b49ea3328c7e5ee79a28307d75ef55bfe4b5807face nokogiri-1.15.3-x64-mingw32.gem
ee314666eca832fa71b5bb4c090be46a80aded857aa26121b3b51f3ed658a646 nokogiri-1.15.3-x86-linux.gem
44b7f18817894a5b697bab3d757b12bb7857a0218c1b2e0000929456a2178b34 nokogiri-1.15.3-x86-mingw32.gem
1f0bc0343f9dd1db8dd42e4c9110dd24fc11a7f923b9fa0f866e7f90739e4e7a nokogiri-1.15.3-x86_64-darwin.gem
ca244ed58568d7265088f83c568d2947102fb00bac14b5bc0e63f678dcd6323d nokogiri-1.15.3-x86_64-linux.gem
876631295a85315dac37e7a71386d62d9eb452a891083cfe7505cca4805088cb nokogiri-1.15.3.gem
```
1.15.2:
[#]# 1.15.2 / 2023-05-24
[#]## Dependencies
* [JRuby] Vendored org.nokogiri:nekodtd is updated to v0.1.11.noko2. This is functionally equivalent to v0.1.11.noko1 but restores support for Java 8.
[#]## Fixed
* [JRuby] Java 8 support is restored, fixing a regression present in v1.14.0..v1.14.4 and v1.15.0..v1.15.1. [[#2887](https://github.com/sparklemotion/nokogiri/issues/2887)]
---
sha256 checksums:
```
497c698f0cc0f283934c9c93064249d113408e97e5f3677b0b5111af24a67c29 nokogiri-1.15.2-aarch64-linux.gem
505ad4b80cedd12bc3c53065079cc825e7f3d4094ca7b54176ae6f3734dbe2cc nokogiri-1.15.2-arm-linux.gem
bbedeaf45ce1494f51806e5fab0d31816fc4584f8e2ec757dd516b9b30847ee4 nokogiri-1.15.2-arm64-darwin.gem
b15ba3c1aa5b3726d7aceb44f635250653467c5b0d04248fa0f6a6afc6515fb0 nokogiri-1.15.2-java.gem
bc3cc9631c9dd7a74a59554215474da657f956ccb126391d082a2a8c45d3ee14 nokogiri-1.15.2-x64-mingw-ucrt.gem
1fd27732b161a497275798e502b31e97dfe1ab58aac02c0d6ace9cbe1fd6a38c nokogiri-1.15.2-x64-mingw32.gem
931383c6351d79903149b5c6a988e88daada59d7069f3a01b4dcf6730d411cc6 nokogiri-1.15.2-x86-linux.gem
3f4a6350ca1d87d185f4bf509d953820c7191d1cf4213cc3bac9c492b9b4a720 nokogiri-1.15.2-x86-mingw32.gem
b57eeec09ee1c4010e317f50d2897fb9c1133d02598260db229e81127b337930 nokogiri-1.15.2-x86_64-darwin.gem
5bca696b9283ad7ce97b9c0dfdf029a62c26e92f39f440a65795e377d44f119a nokogiri-1.15.2-x86_64-linux.gem
20dc800b8fbe4c4f4b5b164e6aa3ab82a371bcb27eb685c166961c34dd8a22d7 nokogiri-1.15.2.gem
```
1.14.5:
[#]# 1.14.5 / 2023-05-24
[#]## Note
To ensure that JRuby users on Java 8 can apply the security changes from v1.14.4, we're cutting this release on the v1.14.x branch. We don't expect to make any more v1.14.x releases.
[#]## Dependencies
* [JRuby] Vendored org.nokogiri:nekodtd is updated to v0.1.11.noko2. This is functionally equivalent to v0.1.11.noko1 but restores support for Java 8.
[#]## Fixed
* [JRuby] Java 8 support is restored, fixing a regression introduced in v1.14.0. [[#2887](https://github.com/sparklemotion/nokogiri/issues/2887)]
---
sha256 checksums:
```
60e521687e7fb81dbaa2c942d48efc22083780bc76d45586dc0a324bf0fb0e97 nokogiri-1.14.5-aarch64-linux.gem
80ea31d2534b14409e37437934c1c614de9844c806f72fc64134f50e0f3c1131 nokogiri-1.14.5-arm-linux.gem
3ab8ff3b62f4ff5826406007befea2d7ac33de2ee0c66209dd72ec16d0e8f5bf nokogiri-1.14.5-arm64-darwin.gem
edc932157786888c8f83b49c811ac0ec26a5b23f8e3c69590c311cc14b7e6bf0 nokogiri-1.14.5-java.gem
75e476c4e0c91f0f8f00f7c8e697bb3f5c9932f948658cf90babdbebbd6f6c27 nokogiri-1.14.5-x64-mingw-ucrt.gem
73bd6ee2dbabd1a337c6878a8d349a872f04a3448505fbe7c773a1dfbb69e310 nokogiri-1.14.5-x64-mingw32.gem
a9e4dc50c1cc327bfca3516281eba3fe972fd80bac64c7cdee4bcf07fbfd817d nokogiri-1.14.5-x86-linux.gem
aea78a61c684f36213d38777a7cd09aa272c5193f11cbaf2b455bcaeebd4196b nokogiri-1.14.5-x86-mingw32.gem
7375a81e5fba6a5ada3e47cd02a53ca54d0d25ae73b8ebc6e3a962e46947a7b9 nokogiri-1.14.5-x86_64-darwin.gem
0b2150ae90a676a504cbab018d24188eb526bc886ab18b4303102df6b3077160 nokogiri-1.14.5-x86_64-linux.gem
23f69ddeb1e8ead5341bbbbca18d37de29c0265bc90e94bc5d9663b254dfdcbc nokogiri-1.14.5.gem
```
1.15.1:
[#]# 1.15.1 / 2023-05-19
[#]## Dependencies
* [CRuby] Vendored libxml2 is updated to v2.11.4 from v2.11.3. For details please see https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.4
[#]## Fixed
* [CRuby] The libxml2 update fixes an encoding regression when push-parsing UTF-8 sequences. [[#2882](https://github.com/sparklemotion/nokogiri/issues/2882), upstream [issue](https://gitlab.gnome.org/GNOME/libxml2/-/issues/542) and [commit](https://gitlab.gnome.org/GNOME/libxml2/-/commit/e0f3016f71297314502…
---
sha256 checksums:
```
... changelog too long, skipping 324 lines ...
```
==== rubygem-passenger ====
Version update (6.0.17 -> 6.0.18)
Subpackages: ruby3.2-rubygem-passenger rubygem-passenger-apache2
- New upstream release 6.0.18, see bundled CHANGELOG
==== rubygem-rails-html-sanitizer ====
Version update (1.5.0 -> 1.6.0)
- Updated to version 1.6.0
* Dependencies have been updated:
- Loofah `~>2.21` and Nokogiri `~>1.14` for HTML5 parser support
- As a result, required Ruby version is now `>= 2.7.0`
Security updates will continue to be made on the `1.5.x` release branch as long as Rails 6.1
(which supports Ruby 2.5) is still in security support.
* Mike Dalessio*
* HTML5 standards-compliant sanitizers are now available on platforms supported by
Nokogiri::HTML5. These are available as:
- `Rails::HTML5::FullSanitizer`
- `Rails::HTML5::LinkSanitizer`
- `Rails::HTML5::SafeListSanitizer`
And a new "vendor" is provided at `Rails::HTML5::Sanitizer` that can be used in a future version
of Rails.
Note that for symmetry `Rails::HTML4::Sanitizer` is also added, though its behavior is identical
to the vendor class methods on `Rails::HTML::Sanitizer`.
Users may call `Rails::HTML::Sanitizer.best_supported_vendor` to get back the HTML5 vendor if it's
supported, else the legacy HTML4 vendor.
* Mike Dalessio*
* Module namespaces have changed, but backwards compatibility is provided by aliases.
The library defines three additional modules:
- `Rails::HTML` for general functionality (replacing `Rails::Html`)
- `Rails::HTML4` containing sanitizers that parse content as HTML4
- `Rails::HTML5` containing sanitizers that parse content as HTML5
The following aliases are maintained for backwards compatibility:
- `Rails::Html` points to `Rails::HTML`
- `Rails::HTML::FullSanitizer` points to `Rails::HTML4::FullSanitizer`
- `Rails::HTML::LinkSanitizer` points to `Rails::HTML4::LinkSanitizer`
- `Rails::HTML::SafeListSanitizer` points to `Rails::HTML4::SafeListSanitizer`
* Mike Dalessio*
* `LinkSanitizer` always returns UTF-8 encoded strings. `SafeListSanitizer` and `FullSanitizer`
already ensured this encoding.
* Mike Dalessio*
* `SafeListSanitizer` allows `time` tag and `lang` attribute by default.
* Mike Dalessio*
* The constant `Rails::Html::XPATHS_TO_REMOVE` has been removed. It's not necessary with the
existing sanitizers, and should have been a private constant all along anyway.
* Mike Dalessio*
- Removed comparison against a very old ruby code no longer maintained
- Updated description in spec file
==== shared-mime-info ====
Version update (2.3 -> 2.4)
- Update to 2.4
* Restore mimetype name for *.bz2 and *.tar.bz2
* Improve detection of application/mac-binhex40
* Add application/x-msdownload and subtypes
* Add Windows app store types
* Give Windows Installer packages the package icon
* Lower priority for text/x-mpsub's magic, so it doesn't match
pcb-drillFile.drl
* Add application/x-powershell
* Add application/wasm
* Change comment of text/x-mpsub
* Change comment of text/x-mpl2
* Add text/x-component
* Give higher priority to the more specific image/apng magic
* Recognize *.jfif as image/jpeg
* Add application/its+xml
* Add text/x-vb
* Add text/x-basic
* Add new group "chemical" in update-mime-database
* Add mimetype for Protein Data Bank (pdb) files
* Remove too generic magic from application/x-pak
* Add application/json5
* Add text/vbscript.encode
* Add text/jscript.encode
* Add text/jscript as synonym of text/javascript
* Fix backwards relationship between text/javascript and
application/ecmascript
* Add application/vnd.cups-ppd
* Add application/x-ms-shortcut
* Give application/x-mswinurl the link icon
==== tgt ====
Version update (1.0.85 -> 1.0.89)
- Update to version v1.0.89 (from 1.0.85):
* tgt 1.0.89
* tgtd.initd
add missing
* Prevents threads from looping indefinitely
* tgt 1.0.88
* Create tgtd.confd
/etc/conf.d/tgtd config file for openrc init system
* openrc init script
An openrc init script for tgtd.
* tgt 1.0.87
* fix posix_fallocate ret check
"posix_fallocate() returns zero on success, or an error number on failure. Note that errno is not set."
* Add rotation_rate parameter to tgtadm.8.xml
Add `rotation_rate` parameter and description.
* tgt 1.0.86
* fix: unused function errors
* add github actions CI
just build test.
* README: minor update
update URLs.
remove too old kernel version info.
==== vte ====
Subpackages: libvte-2_91-0 typelib-1_0-Vte-2_91
- Update vte-revert-back-to-c++17.patch
* revert more C++20 features
==== webkit2gtk3 ====
Version update (2.42.1 -> 2.42.2)
Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles
- Update to version 2.42.2 (boo#1217210):
+ Bump Safari version in user agent header.
+ Fix CSP regression that broke Unity WebGL applications.
+ Fix the build with GBM disabled.
+ Fix several crashes and rendering issues.
+ Security fixes: CVE-2023-41983, CVE-2023-42852.
==== webkit2gtk3-soup2 ====
Version update (2.42.1 -> 2.42.2)
Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles
- Update to version 2.42.2 (boo#1217210):
+ Bump Safari version in user agent header.
+ Fix CSP regression that broke Unity WebGL applications.
+ Fix the build with GBM disabled.
+ Fix several crashes and rendering issues.
+ Security fixes: CVE-2023-41983, CVE-2023-42852.
==== xen ====
Version update (4.17.2_04 -> 4.18.0_02)
Subpackages: xen-libs xen-tools-domU
- Update to Xen 4.18.0 FCS release (jsc#PED-4984)
xen-4.18.0-testing-src.tar.bz2
* Repurpose command line gnttab_max_{maptrack_,}frames options so they don't
cap toolstack provided values.
* Ignore VCPUOP_set_singleshot_timer's VCPU_SSHOTTMR_future flag. The only
known user doesn't use it properly, leading to in-guest breakage.
* The "dom0" option is now supported on Arm and "sve=" sub-option can be used
to enable dom0 guest to use SVE/SVE2 instructions.
* Physical CPU Hotplug downgraded to Experimental and renamed "ACPI CPU
Hotplug" for clarity
* On x86, support for features new in Intel Sapphire Rapids CPUs:
- PKS (Protection Key Supervisor) available to HVM/PVH guests.
- VM-Notify used by Xen to mitigate certain micro-architectural pipeline
livelocks, instead of crashing the entire server.
- Bus-lock detection, used by Xen to mitigate (by rate-limiting) the system
wide impact of a guest misusing atomic instructions.
* xl/libxl can customize SMBIOS strings for HVM guests.
* Add support for AVX512-FP16 on x86.
* On Arm, Xen supports guests running SVE/SVE2 instructions. (Tech Preview)
* On Arm, add suport for Firmware Framework for Arm A-profile (FF-A) Mediator
(Tech Preview)
* Add Intel Hardware P-States (HWP) cpufreq driver.
* On Arm, experimental support for dynamic addition/removal of Xen device tree
nodes using a device tree overlay binary (.dtbo).
* Introduce two new hypercalls to map the vCPU runstate and time areas by
physical rather than linear/virtual addresses.
* On x86, support for enforcing system-wide operation in Data Operand
Independent Timing Mode.
* The project has now officially adopted 6 directives and 65 rules of MISRA-C.
* On x86, the "pku" command line option has been removed. It has never
behaved precisely as described, and was redundant with the unsupported
"cpuid=no-pku". Visibility of PKU to guests should be via its vm.cfg file.
* xenpvnetboot removed as unable to convert to Python 3.
* xencons is no longer supported or present. See 5d22d69b30
- Droppped patches contained in new tarballs
63e4da00-dont-log-errors-when-trying-to-load-PVH-xenstore-stubdom.patch
643e3810-CONFIG_DEBUG_INFO-no-EXPERT.patch
643e387f-xen-update-CONFIG_DEBUG_INFO-help-text.patch
6447a8fd-x86-EFI-permit-crash-dump-analysis.patch
64d33a57-libxenstat-Linux-nul-terminate-string.patch
aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch
xen.stubdom.newlib.patch
xsa446.patch
xsa445.patch
xsa438.patch
xsa439-00.patch
xsa439-01.patch
xsa439-02.patch
xsa439-03.patch
xsa439-04.patch
xsa439-05.patch
xsa439-06.patch
xsa439-07.patch
xsa439-08.patch
xsa439-09.patch
xsa443-10.patch
xsa443-11.patch
xsa440.patch
- Dropped xen-utils-0.1.tar.bz2
The xen-list and xen-destroy commands are removed. Originally
created as a better replacement for 'xm'. The 'xl' equivalent
commands should be used instead.
- Dropped libxl.pvscsi.patch
Support for PVSCSI devices in the guest is no longer supported.
- bsc#1216807 - VUL-0: CVE-2023-46836: xen: x86: BTC/SRSO fixes not
fully effective (XSA-446)
xsa446.patch
- bsc#1216654 - VUL-0: CVE-2023-46835: xen: x86/AMD: mismatch in
IOMMU quarantine page table levels (XSA-445)
xsa445.patch
- Supportconfig: Adapt plugin to modern supportconfig
The supportconfig 'scplugin.rc' file is deprecated in favor of
supportconfig.rc'. Adapt the xen plugin to the new scheme.
xen-supportconfig
- bsc#1215145 - VUL-0: CVE-2023-34322: xen: top-level shadow
reference dropped too early for 64-bit PV guests (XSA-438)
650abbfe-x86-shadow-defer-PV-top-level-release.patch
- bsc#1215474 - VUL-0: CVE-2023-20588: xen: AMD CPU transitional
execution leak via division by zero (XSA-439)
64e5b4ac-x86-AMD-extend-Zenbleed-check.patch
65087000-x86-spec-ctrl-SPEC_CTRL_EXIT_TO_XEN-confusion.patch
65087001-x86-spec-ctrl-fold-DO_SPEC_CTRL_EXIT_TO_XEN.patch
65087002-x86-spec-ctrl-SPEC_CTRL-ENTRY-EXIT-asm-macros.patch
65087003-x86-spec-ctrl-SPEC_CTRL-ENTER-EXIT-comments.patch
65087004-x86-entry-restore_all_xen-stack_end.patch
65087005-x86-entry-track-IST-ness-of-entry.patch
65087006-x86-spec-ctrl-VERW-on-IST-exit-to-Xen.patch
65087007-x86-AMD-Zen-1-2-predicates.patch
65087008-x86-spec-ctrl-Zen1-DIV-leakage.patch
- bsc#1215746 - VUL-0: CVE-2023-34326: xen: x86/AMD: missing IOMMU
TLB flushing (XSA-442)
65263470-AMD-IOMMU-flush-TLB-when-flushing-DTE.patch
- bsc#1215747 - VUL-0: CVE-2023-34325: xen: Multiple
vulnerabilities in libfsimage disk handling (XSA-443)
65263471-libfsimage-xfs-remove-dead-code.patch
65263472-libfsimage-xfs-amend-mask32lo.patch
65263473-libfsimage-xfs-sanity-check-superblock.patch
65263474-libfsimage-xfs-compile-time-check.patch
65263475-pygrub-remove-unnecessary-hypercall.patch
... changelog too long, skipping 63 lines ...
xsa444-2.patch
==== xfce4-notifyd ====
Subpackages: xfce4-notifyd-lang
- relax branding requires (remove -version-release), so we can use
xfce4-branding-openSUSE based branding. (bsc#1217193 bsc#1216470)
- BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to
shortcut over systemd-mini.
==== xfce4-whiskermenu-plugin ====
Version update (2.8.0 -> 2.8.1)
Subpackages: xfce4-whiskermenu-plugin-lang
- Update to version 2.8.1
* Fix missing commandline option in man page. (Issue #119)
* Fix incorrect category icons by disabling fallbacks. (Issue #116)
* Remember order of recently used when searching.
* Translation updates
1
0