- openSUSE ARM

New Arm Tumbleweed snapshot 20230929 released!
by Guillaume Gardet 02 Oct '23

02 Oct '23

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: ImageMagick (7.1.1.15 -> 7.1.1.17) Mesa (23.1.7 -> 23.1.8) Mesa-drivers (23.1.7 -> 23.1.8) MozillaFirefox (117.0.1 -> 118.0.1) apache2-mod_php8 apparmor argyllcms (2.3.1 -> 3.0.0) autoyast2 (4.6.2 -> 5.0.1) avahi avahi-glib2 branding-openSUSE cairo (1.17.8 -> 1.18.0) distribution-logos-openSUSE (20220322 -> 20230921) drbd firewalld flashrom (1.2 -> 1.3.0) git glibc gnome-control-center gnome-mahjongg (3.40.0 -> 3.40.0+35) gnome-music gnome-tweaks (42.beta+60 -> 45.0) gnustep-base gpg2 (2.3.8 -> 2.4.0) gpgme gpgmeqt grantleetheme graphite2 gstreamer (1.22.5 -> 1.22.6) gstreamer-plugins-bad (1.22.5 -> 1.22.6) gstreamer-plugins-base (1.22.5 -> 1.22.6) gstreamer-plugins-good (1.22.5 -> 1.22.6) gstreamer-plugins-libav (1.22.5 -> 1.22.6) gstreamer-plugins-rs (0.10.11 -> 1.22.6) gstreamer-plugins-ugly (1.22.5 -> 1.22.6) highway (1.0.5 -> 1.0.7) imlib2 (1.12.0 -> 1.12.1) java-11-openjdk kcalutils kio libHX (4.14 -> 4.15) libapparmor libblockdev (2.28 -> 3.0.2) libbytesize libdrm libguestfs libjxl libnma libqt5-qtbase libreoffice (7.6.1.1 -> 7.6.1.2) libsecret (0.21.0 -> 0.21.1) libsolv (0.7.24 -> 0.7.25) libssh libstorage-ng (4.5.141 -> 4.5.143) libvpx llvm17 (16.0.6 -> 17.0.1) mozjs115 (115.2.0 -> 115.2.1) mpg123 (1.31.3 -> 1.32.2) open-vm-tools openssl-3 (3.1.2 -> 3.1.3) openssl (3.1.2 -> 3.1.3) ovmf (202305 -> 202308) p11-kit (0.24.1 -> 0.25.0) perl-HTTP-Message (6.44 -> 6.450.0) perl-Net-DNS (1.39 -> 1.400.0) php8 polkit-default-privs (1550+20230912.0978001 -> 1550+20230920.74aeded) python-alembic (1.11.2 -> 1.12.0) python-constantly python-greenlet (2.0.2 -> 3.0.0~rc3) python-netaddr (0.8.0 -> 0.9.0) python-qt5-sip (12.12.1 -> 12.12.2) python-reportlab (3.6.12 -> 3.6.13) python-tornado6 (6.3.2 -> 6.3.3) rdma-core (47.0 -> 48.0) rubygem-agama (3.devel43 -> 4) sddm sdl12_compat (1.2.64 -> 1.2.68) smartmontools stoken (0.92 -> 0.93) swtpm (0.8.0 -> 0.8.1) systemd tracker tuned (2.20.0.18+git.7b1a20b -> 2.21.0.0+git.670541d) udisks2 (2.9.4 -> 2.10.0) unar vsftpd xdg-utils (1.1.3+20230830 -> 1.1.3+20230831) yast2-bootloader (4.6.2 -> 5.0.2) yast2-installation (4.6.7 -> 5.0.1) yast2-python-bindings (4.6.0 -> 5.0.1) yast2-schema (4.6.1 -> 5.0.1) yast2-storage-ng (4.6.12 -> 5.0.1) yast2-trans (84.87.20230913.43f962446c -> 84.87.20230922.91d997adab) yast2-users (4.6.4 -> 5.0.1) === Details === ==== ImageMagick ==== Version update (7.1.1.15 -> 7.1.1.17) Subpackages: ImageMagick-config-7-SUSE ImageMagick-extra libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10 - version update to 7.1.1.17 * upstream changelog: https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-17---2023… - modified patches % ImageMagick-library-installable-in-parallel.patch (refreshed) - follow upstream, create open, limited, secure and websafe alternative configuration packages with different policy.xml - removing p7zip redundant dependency ==== Mesa ==== Version update (23.1.7 -> 23.1.8) Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libOSMesa8 libgbm1 - Backport upstream patches for compatibility with LLVM 17: * U_llvmpipe-only-include-old-Transform-includes-when-ne.patch removes unneeded includes of header files that no longer exist. * U_clover-llvm-move-to-modern-pass-manager.patch migrates Clover to the new pass manager, since the old PM has been removed. - disable nine on arm/aarch64 in the hope to fix build on this platform; there is no need for Direct3D/Wine for arm/aarch64 anyway ... - Update to bugfix release 23.1.8: - -> https://docs.mesa3d.org/relnotes/23.1.8.html ==== Mesa-drivers ==== Version update (23.1.7 -> 23.1.8) Subpackages: Mesa-dri Mesa-gallium Mesa-libva - Backport upstream patches for compatibility with LLVM 17: * U_llvmpipe-only-include-old-Transform-includes-when-ne.patch removes unneeded includes of header files that no longer exist. * U_clover-llvm-move-to-modern-pass-manager.patch migrates Clover to the new pass manager, since the old PM has been removed. - disable nine on arm/aarch64 in the hope to fix build on this platform; there is no need for Direct3D/Wine for arm/aarch64 anyway ... - Update to bugfix release 23.1.8: - -> https://docs.mesa3d.org/relnotes/23.1.8.html ==== MozillaFirefox ==== Version update (117.0.1 -> 118.0.1) - Mozilla Firefox 118.0.1 MFSA 2023-44 (bsc#1215814) * CVE-2023-5217 (bmo#1855550), Heap buffer overflow in libvpx - Mozilla Firefox 118.0 MFSA 2023-41 (bsc#1215575) * CVE-2023-5168 (bmo#1846683) Out-of-bounds write in FilterNodeD2D1 * CVE-2023-5169 (bmo#1846685) Out-of-bounds write in PathOps * CVE-2023-5170 (bmo#1846686) Memory leak from a privileged process * CVE-2023-5171 (bmo#1851599) Use-after-free in Ion Compiler * CVE-2023-5172 (bmo#1852218) Memory Corruption in Ion Hints * CVE-2023-5173 (bmo#1823172) Out-of-bounds write in HTTP Alternate Services * CVE-2023-5174 (bmo#1848454) Double-free in process spawning on Windows * CVE-2023-5175 (bmo#1849704) Use-after-free of ImageBitmap during process shutdown * CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824, bmo#1843962, bmo#1848890, bmo#1850180, bmo#1850983, bmo#1851195) Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 - requires NSS 3.93 - add mozilla-bmo1822730.patch - deactivated KDE integration temporarily (removed mozilla-kde.patch and firefox-kde.patch for now) ==== apache2-mod_php8 ==== - add missing references to rpm changelog - 15sp4 only: [bsc#1200772], [jsc#SLE-24723] add pecl, pear [jsc#SLE-23639] version update ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-docs apparmor-parser apparmor-profiles apparmor-utils python3-apparmor - Fix pam_apparmor %post and %postun scripts to handle pam-config errors (bsc#1215596) ==== argyllcms ==== Version update (2.3.1 -> 3.0.0) - Update to 3.0.0: * Updated ccast/axTLS to get ChromCast working again with latest Google CC operating software. * Extensive re-write/re-factor of icclib to make it more future-proof. See https://www.argyllcms.com/doc/ChangesSummary.html for details. * Added ref/ColorCheckerPassport.ti2 and ref/ColorCheckerHalfPassport.ti2 to allow measuring ColorCheckerPassport with instrument. * Fixed bug in Munki spectro hi-res mode with some instruments. Luminance matching between normal and hi-res was sometimes quite poor. * Added ARGYLL_CREATE_DISPLAY_PROFILE_WITHOUT_CHAD environment variable. * Changed colprof -U flag to -u. Changed dispcal -J flag to -K to accommodate a potential new flag for colprof and dispcal. * Added workaround for bug in madHcNet64.dll32/64.dll which sometimes causes failure. * Added delay after USB set_config on OS X to help Spyder 3/4 on Ventura OS. * Added -Y parameter to dispwin to override automatic patch delay. * Changed i1d3 driver to cope with Rev. B "0x83" error robustly. This should fix any issues measuring low level Red only patch values on OLED displays, but with slower measurements when this occurs. * Added spotread -Y S option to save spectral sensitivity curves and added corresponding support in i1d3 driver. This allows for comparison of different instruments factory calibrations. * Added a -h scale parameter to dispread, to allow the automatic instrument calibration test patch values to be scaled down from their default 100% value. This is useful with HDR displays. * Added manifest to MSWindows executables to use UTF-8 code pages on Windows 1903 and later. This should improve non-ASCII filename and path handling. * Added a Violet colorant to the targen colorant list. * Fixed problem with OS X 64 bit backwards compatibility where it failed to locate serial instruments when the binaries are run on OS X V12 or latter machines. * Fixed bug in i1Pro3 driver where it was not returning the correct measurement conditions enum. * Fixed spotread so that ambient measure for monochrome sources doesn't error out due to bad CCT/VCT/VDT. Also change -T so that it suppresses CCT etc. if ambient mode is used. * Added hacky workaround to strange Mac M2/rosetta bug in del_i1proimp(). - Make the argyllcms-doc package noarch. ==== autoyast2 ==== Version update (4.6.2 -> 5.0.1) Subpackages: autoyast2-installation - Added several LUKS-related elements to the partitioning schema (jsc#PED-3878, jsc#PED-5518). - 5.0.1 - 5.0.0 (#bsc1185510) ==== avahi ==== Subpackages: libavahi-client3 libavahi-common3 libavahi-core7 - Don't require sudo. There is no indication it's actually used for anything. ==== avahi-glib2 ==== Subpackages: libavahi-glib1 libavahi-gobject0 libavahi-ui-gtk3-0 - Don't require sudo. There is no indication it's actually used for anything. ==== branding-openSUSE ==== Subpackages: grub2-branding-openSUSE libreoffice-branding-openSUSE plymouth-branding-openSUSE wallpaper-branding-openSUSE yast2-qt-branding-openSUSE - Enable grub2-branding on ppc64le. patterns-microos-base has Requires (grub2-branding-openSUSE if grub2). So we need the branding. ==== cairo ==== Version update (1.17.8 -> 1.18.0) Subpackages: libcairo-gobject2 libcairo-script-interpreter2 libcairo2 - Update to version 1.18.0: + The first stable cairo release in five years should be cause for celebration. + All the API added in the 1.17 development cycle is now considered stable, and will not change. + Many thanks to all the contributors for this release. + The cairo-sphinx tool has been removed; we could not find any instruction on how to use it, and no user answered our call for help. If you were using cairo-sphinx, please reach out to the cairo maintainers. + Cairo now implements Type 3 color fonts for PDF. + Multiple documentation fixes, to ensure that the cairo API reference is up to date. Also fixed multiple compiler warnings generated when building cairo. + The XML surface has been removed; it was disabled by default when building cairo, and we could not find any downstream distributor that would enable it. + The Tee surface is now automatically enabled. Downstream distributors of cairo have been enabling for years it in order to build Firefox. + Fixed multiple issues with the DWrite font backend. + Improved the Quartz surface; mainly, Quartz surfaces now use the main display ColorSpace, speeding up rendering operations. + Cairo now hides all private symbols by default on every platform; the old "slim" symbols hack to alias internally used symbols has been dropped, in favor of using `-Bsymbolic-functions` with toolchains that support it. + Fixed multiple memory leaks in the code base and test suite, and general maintenance. + Added new API to expose the Pixman dithering filter to cairo patterns; this is currently implemented only for image surfaces. - Drop patches fixed upstream: + cairo-1.17.8-fix-tee-compilation.patch + cairo-1.17.8-ft-font-missing-glyph.patch - Rebase patches with quilt. - Stop passing xml=disabled to meson setup, xml backend is dropped. ==== distribution-logos-openSUSE ==== Version update (20220322 -> 20230921) Subpackages: distribution-logos-openSUSE-Tumbleweed distribution-logos-openSUSE-icons - Add Aeon branding ==== drbd ==== - drbd: fix build error against kernel v6.5.4 (boo#1215699) * add upstream patch + 0001-drbd-allow-transports-to-take-additional-krefs-on-a-.patch + 0002-drbd-improve-decision-about-marking-a-failed-disk-Ou.patch + 0003-drbd-fix-error-path-in-drbd_get_listener.patch + 0004-drbd-build-fix-spurious-re-build-attempt-of-compat.p.patch + 0005-drbd-log-error-code-when-thread-fails-to-start.patch + 0006-drbd-log-numeric-value-of-drbd_state_rv-as-well-as-s.patch + 0007-drbd-stop-defining-__KERNEL_SYSCALLS__.patch + 0008-compat-block-introduce-holder-ops.patch + 0009-drbd-reduce-net_ee-not-empty-info-to-a-dynamic-debug.patch + 0010-drbd-do-not-send-P_CURRENT_UUID-to-DRBD-8-peer-when-.patch + 0011-compat-block-pass-a-gendisk-to-open.patch + 0012-drbd-Restore-DATA_CORKED-and-CONTROL_CORKED-bits.patch + 0013-drbd-remove-unused-extern-for-conn_try_outdate_peer.patch + 0014-drbd-include-source-of-state-change-in-log.patch + 0015-compat-block-use-the-holder-as-indication-for-exclus.patch + 0016-drbd-Fix-net-options-set-defaults-to-not-clear-the-t.patch + 0017-drbd-propagate-exposed-UUIDs-only-into-established-c.patch + 0018-drbd-rework-autopromote.patch + 0019-compat-block-remove-the-unused-mode-argument-to-rele.patch + 0020-drbd-do-not-allow-auto-demote-to-be-interrupted-by-s.patch * add suse special patch + bsc-1215699_fix-build-error-against-kernel-v6.5.4.patch ==== firewalld ==== Subpackages: firewalld-bash-completion firewalld-zsh-completion python3-firewall - python3-dbus isn't correct either, it's python3-dbus-python. - Correct Requires, python3-slip-dbus -> python3-dbus. ==== flashrom ==== Version update (1.2 -> 1.3.0) - Update to 1.3.0 - See changelog at https://www.flashrom.org/Flashrom/1.3 - Removed patches (merged upstream): - flashrom-install-man-file.patch - flashrom-j-link-spi.patch ==== git ==== Subpackages: git-core git-email git-svn git-web perl-Git - Downgrade openssh dependency to recommends (bsc#1215533) ==== glibc ==== Subpackages: glibc-devel glibc-extra glibc-locale glibc-locale-base nscd - fstat-implementation.patch: io: Do not implement fstat with fstatat - getaddrinfo-memory-leak.patch: Fix leak in getaddrinfo introduced by the fix for CVE-2023-4806 (CVE-2023-5156, bsc#1215714, BZ #30884) - getcanonname-use-after-free.patch: getaddrinfo: Fix use after free in getcanonname (CVE-2023-4806, bsc#1215281, BZ #30843) - Do not build any cross packages in SLES - no-aaaa-read-overflow.patch: Stack read overflow with large TCP responses in no-aaaa mode (CVE-2023-4527, bsc#1215280, BZ #30842) - Add systemd to passwd, group and shadow lookups (jsc#PED-5188) - ppc64-flock-fob64.patch: io: Fix record locking contants for powerpc64 with __USE_FILE_OFFSET64 (BZ #30804) - libio-io-vtables.patch: libio: Fix oversized __io_vtables - call-init-proxy-objects.patch: elf: Do not run constructors for proxy objects - dtors-reverse-ctor-order.patch: elf: Always call destructors in reverse constructor order (BZ #30785) - intl-c-utf-8-like-c-locale.patch: intl: Treat C.UTF-8 locale like C locale (BZ #16621) - glibc-disable-gettext-for-c-utf8.patch: Removed ==== gnome-control-center ==== Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-user-faces - Add gnome-control-center-add-user-button.patch: Show add user button when user is a normal user (bsc#1215556 glgo#GNOME/Settings!1927). ==== gnome-mahjongg ==== Version update (3.40.0 -> 3.40.0+35) - Update to version 3.40.0+35: + window: always show number of moves left + gnome-mahjongg: update 'moves left' on tile match and restart + game: Only create a single timer + User help: Correct dead IRC link + Updated translations. - Switch to service, git checkout of current head. ==== gnome-music ==== - Explicitly create the pycache/.pyc files, not relying on the generation done by meson. Should make the package reproducible. ==== gnome-tweaks ==== Version update (42.beta+60 -> 45.0) - Update to version 45.0: + This release removes several features now found in GNOME Settings. There are also some small interface refreshments in preparation for the GTK4 upgrade. More significantly, the core interface has been refactored to use layout files. + Updated translations. - Switch compression to zst both in service and tarball produced. ==== gnustep-base ==== - use pkgconfig(icu-uc) to use the current libicu. (jsc#PED-6193) ==== gpg2 ==== Version update (2.3.8 -> 2.4.0) Subpackages: dirmngr - Install the systemd user units in the _userunitdir [bsc#1201564] * Note that, there is no activation by default. * Rework excludes in the spec's files section. - Temporarily revert back to the pre-2.4 default for key generation. The new rfc4880bis has been set as the default in 2.4 version and might create incompatible keys. Note that, rfc4880bis can still be used with the option flag --rfc4880bis as in previous versions. * More info in the gnupg-devel ML: https://lists.gnupg.org/pipermail/gnupg-devel/2022-December/035183.html * Reverted commit https://dev.gnupg.org/rGcaf4b3fc16e9 * Add gnupg-revert-rfc4880bis.patch - Allow 8192 bit RSA keys in keygen UI when large_rsa is set * Add gnupg-allow-large-rsa.patch - Fix broken GPGME QT tests: Upstram dev task dev.gnupg.org/T6313 * The original patch has been modified to expand the changes also to the tests/gpgme/Makefile.in file. * Add gnupg-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch - Updated to require libgpg-error-devel >= 1.46 - Rebased patches: * gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch * gnupg-add_legacy_FIPS_mode_option.patch - GnuPG 2.4.0: * common: Fix translations in --help for gpgrt < 1.47. * gpg: Do not continue the export after a cancel for the primary key. * gpg: Replace use of PRIu64 in log_debug. * Update NEWS for 2.4.0. * tests: Fix make check with GPGME. * agent: Allow arguments to "scd serialno" in restricted mode. * scd:p15: Skip deleted records. * build: Remove Windows CE support. * wkd: Do not send/install/mirror expired user ids. * gpgsm: Print the revocation time also with --verify. * gpgsm: Fix "problem re-searching certificate" case. * gpgsm: Print revocation date and reason in cert listings. * gpgsm: Silence the "non-critical certificate policy not allowed". * gpgsm: Always use the chain model if the root-CA requests this. * gpg: New export option "mode1003". * gpg: Remove a mostly duplicated function. * tests: Simplify fake-pinentry to use the option only. * tests: Fix fake-pinentry for Windows. * tests: Fix make check-all. * agent: Fix import of protected v5 keys. * gpgsm: Change default algo to AES-256. * tests: Put a workaround for semihosted environment. * tests: More fix for semihosted environment. * tests: Support semihosted environment. * tests: Fix tests under cms. * tests,w32: Fix for semihosted environment. * w32: Fix for tests on semihosted environment. * w32: Fix gnupg_unsetenv. * wkd: New option --add-revocs and some fixes. * wkd: Make use of --debug extprog. * gpg: New export-filter export-revocs. * gpg: Fix double-free in gpg --card-edit. * gpg: Make --require-compliance work with out --status-fd. * gpg: New option --list-filter. * dirmngr: Silence ocsp debug output. * tests: Fix to support --enable-all-tests and variants. * tests:w32: Fix for non-dot file name for Windows. * tests:gpgscm:w32: Fix for GetTempPath. * tests: Keep .log files in objdir. * tests: Use 233 for invalid value of FD. * w32: Fix gnupg_tmpfile for possible failure. * scd: Redact --debug cardio output of a VERIFY APDU. * common: Remove Windows CE support in common. * gpgsm: Fix colon outout of ECC encryption certificates. * scd:nks: Fix ECC signing if key not given by keygrip. * dirmngr: Fix verification of ECDSA signed CRLs. * agent: Allow trustlist on Windows in Unicode homedirs. * gpg: Fix verification of cleartext signatures with overlong lines. * gpg: Move w32_system function. * gpg: New option --quick-update-pref. * gpg: New list-options show-pref and show-pref-verbose. * tests: Add tests to check that OCB is only used for capable keys. * gpg: Make --list-packets work w/o --no-armor for plain OCB packets. * tests: Add symmetric decryption tests. * tests: Add tr:assert-same function. * agent: Avoid blanks in the ssh key's comment. * build: Update m4 files. * gpg: Merge --rfc4880bis features into --gnupg. * gpg: Allow only OCB for AEAD encryption. * gpg: New option --compatibility-flags. * gpgsm: Also announce AES256-CBC in signatures. * gpg: Fix trusted introducer for user-ids with only the mbox. * gpg: Import stray revocation certificates. * agent: Automatically convert to extended key format by KEYATTR. * card: New commands "gpg" and "gpgsm". * card: Also show fingerprints of known X.509 certificates. * scd:nks: Support non-ESIGN signing with the Signature Card v2. * gpgsm: Allow ECC encryption keys with just keyAgreement specified. * gpgsm: Use macro constants for cert_usage_p. * build: Update gpg-error.m4. * agent,common,dirmngr,tests,tools: Remove spawn PREEXEC argument. * gpg: Move NETLIBS after GPG_ERROR_LIBS. * gpg: Use GCRY_KDF_ONESTEP_KDF with newer libgcrypt in future. * common,w32: Fix struct stat on Windows. * agent,w32: Support Win32-OpenSSH emulation by gpg-agent. * common: Don't use FD2INT for POSIX-only code. * dirmngr: Fix build with no LDAP support. ==== gpgme ==== Subpackages: libgpgme11 libgpgmepp6 - Use GCC 12 for building the Qt6 library on Leap 15. The default compiler is too old. - Use '%{without xxx}' rather than '!%{with xxx}' in spec file - Use GCC 12 for building the Qt6 library. The default compiler is too old. - Use '%{without xxx}' rather than '!%{with xxx}' in spec file ==== gpgmeqt ==== - Use GCC 12 for building the Qt6 library on Leap 15. The default compiler is too old. - Use '%{without xxx}' rather than '!%{with xxx}' in spec file - Use GCC 12 for building the Qt6 library. The default compiler is too old. - Use '%{without xxx}' rather than '!%{with xxx}' in spec file ==== grantleetheme ==== - Fix runtime dependencies (boo#1212455, boo#1215517) ==== graphite2 ==== - fixed license string [bsc#1207676]: LGPL-2.1-or-later OR MPL-2.0 OR GPL-2.0-or-later ==== gstreamer ==== Version update (1.22.5 -> 1.22.6) Subpackages: gstreamer-utils libgstreamer-1_0-0 typelib-1_0-Gst-1_0 - Update to version 1.22.6: + Highlighted bugfixes: - Security fixes for the MXF demuxer and H.265 video parser - Fix latency regression in H.264 hardware decoder base class - androidmedia: fix HEVC codec profile registration and fix coded_data handling - decodebin3: fix switching from a raw stream to an encoded stream - gst-inspect: prettier and more correct signal and action signals printing - rtmp2: Allow NULL flash version, omitting the field, for better RTMP server compatibility - rtspsrc: better compatibility with buggy RTSP servers that don't set a clock-rate - rtpjitterbuffer: fix integer overflow that led to more packets being declared lost than have been lost - v4l2: fix video encoding regression on RPi and fix support for left and top padding - waylandsink: Crop surfaces to their display width height - cerbero: Recognise Manjaro; add Rust support for MSVC ARM64; cmake detection fixes - Various bug fixes, memory leak fixes, and other stability and reliability improvements + gstreamer: - gst-inspect: prettier and more correct signal printing, and print action signals in g_signal_emit_by_name() format - gst-launch: Disable fault signal handlers on macOS - Rebase reduce-required-meson.patch ==== gstreamer-plugins-bad ==== Version update (1.22.5 -> 1.22.6) Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0 - Update to version 1.22.6: + audiolatency: Forward latency query and event upstream + av1parser: Fix segmentation params update + codecparsers: Fix MPEG-1 aspect ratio table + d3d11convert: Passthrough allocation query on same caps + h264decoder: Update latency dynamically + h265parser: - Allow partially broken hvcC data - Fix possible overflow using max_sub_layers_minus1 + hlssink2: Always use forward slash separator + mdns: Fix a crash on context error + mxfdemux: Fix integer overflow causing out of bounds writes when handling invalid uncompressed video and check channels for AES3 + nvencoder: Fix negotiation error when interlace-mode is unspecified + rtmp2: Allow NULL flash version, omitting the field + rtmp2sink: fix crash if message conversion failed + transcodebin: Fixes for upstream selectable support + va: Fix in error logs functions mismatches + waylandsink: - Crop surfaces to their display width height - Fix cropping for video with non-square aspect ratio + webrtc: Fix docs for create-data-channel action signal - Rebase reduce-required-meson.patch ==== gstreamer-plugins-base ==== Version update (1.22.5 -> 1.22.6) Subpackages: libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstAudio-1_0 typelib-1_0-GstPbutils-1_0 typelib-1_0-GstTag-1_0 typelib-1_0-GstVideo-1_0 - Update to version 1.22.6: + audio: Make sure to stop ringbuffer on error + decodebin3: - Avoid identity, sinkpad, parsebin leakage when reset input - Ensure the slot is unlinked before linking to decoder + sdp: - Fix wrong debug log error message for missing clock-rate in caps - Parse zero clock-rate as default - Rebase reduce-required-meson.patch ==== gstreamer-plugins-good ==== Version update (1.22.5 -> 1.22.6) Subpackages: gstreamer-plugins-good-extra gstreamer-plugins-good-gtk gstreamer-plugins-good-jack gstreamer-plugins-good-qtqml - Update to version 1.22.6: + adaptivedemux2: fix memory leak + pulsedeviceprovider: fix incorrect usage of GST_ELEMENT_ERROR + qt: - Unbreak build with qt-egl enabled but viv_fb missing - Fix searching of qt5/qt6 tools with qmake in Meson + qtdemux: - Fix premature EOS when some files are played in push mode - Attach cbcs crypt info at the right moment + rtpjitterbuffer: Avoid integer overflow in max saveable packets calculation with negative offset + videoflip: fix concurrent access when modifying the tag list + v4l2: - allocator: Don't close foreign dmabuf - bufferpool: . Fix large encoded stream regression . Problems when checking for truncated buffer - Fix support for left and top padding + v4l2object: clear format lists if source change event is received - Rebase reduce-required-meson.patch - Add libqt5-linguist BuildRequires: New dependency. ==== gstreamer-plugins-libav ==== Version update (1.22.5 -> 1.22.6) - Update to version 1.22.6: + No changes, stable bump only. - Rebase reduce-required-meson.patch. ==== gstreamer-plugins-rs ==== Version update (0.10.11 -> 1.22.6) - Update to version 1.22.6: + fallbackswitch: locking/deadlock fixes + onvifmetadataparse: Skip metadata frames with unrepresentable UTC time + transcriberbin: Configure audioresample in front of transcriber + webrtcsink: - Propagate GstContext messages - Add support for d3d11 memory and qsvh264enc - Fix TWCC extension adding - Don't forget to setup encoders for discoveries - NVIDIA V4L2 encoders always require NVMM memory + meson: Fix handling of optional deps, and don't require Python-3.8 - Switch service to do the tag released with the other gstreamer packages. Gstreamer-plugins-rs are now released at the same time as the gstreamer main packages. - Switch compression to zst both in service and tarball produced. ==== gstreamer-plugins-ugly ==== Version update (1.22.5 -> 1.22.6) - Update to version 1.22.6: + No changes, stable bump only. - Rebase reduce-required-meson.patch. ==== highway ==== Version update (1.0.5 -> 1.0.7) - Update to release 1.0.7 * Add LoadNOr, GatherIndexN, ScatterIndexN * Add additional float<->int conversions * Codegen improvements for 8-bit shift, PPC Compress/Expand - Update to release 1.0.6 * Add MaskedGatherIndex, MaskedScatterIndex, LoadN, StoreN, SatWidenMulPairwiseAdd, SumOfMulQuadAccumulate, PromoteUpperLowerTo. * Add F64 for Wasm, F64 AbsDiff * Validate all D args in x86 function signatures ==== imlib2 ==== Version update (1.12.0 -> 1.12.1) Subpackages: imlib2-loaders libImlib2-1 - update to 1.12.1: * Fix some clang complaints * scaling: MMX asm scaling causes segv, disable for now * loading: Call module exit function also when not dlclosing module on unload * loaders: Fix build with -m32 --enable-debug * test_load_2: Add forgotten xeyes.png * test_save: Fix for jxl loader on ix86 * test_scale: MMX scaling is disabled * RAW loader: Don't unload loader * loaders: Fix CPPFLAGS order * imlib2_grab, imlib2_view: Unset context colormap * x11_grab: Use correct depth when grabbing ==== java-11-openjdk ==== Subpackages: java-11-openjdk-headless - Added patch: * reproducible-properties.patch + use SOURCE_DATE_EPOCH for timestamp in the generated properties files ==== kcalutils ==== - Fix runtime dependencies (boo#1215517) ==== kio ==== Subpackages: kio-core - Add upstream crash fix (kde#474451) * 0001-Don-t-crash-if-KMountPoint-gives-nothing-back-while-.patch ==== libHX ==== Version update (4.14 -> 4.15) - Update to release 4.15 * Add functions to compute Least Positive Residue (HX_flpr, HX_flprf) * Make HX_strrtrim work on strings longer than INT_MAX ==== libapparmor ==== - Fix pam_apparmor %post and %postun scripts to handle pam-config errors (bsc#1215596) ==== libblockdev ==== Version update (2.28 -> 3.0.2) - Update to version 3.0.2: * Use ntfsinfo instead of ntfscluster for faster bd_fs_ntfs_get_info. * Restrict list of exported symbols via -export-symbols-regex. * lib: Silence the missing DEFAULT_CONF_DIR_PATH. * loop: Report BD_LOOP_ERROR_DEVICE on empty loop devices. * fs: Fix unused error in extract_e2fsck_progress. * fs: Use read-only mount where possible for generic FS functions. * fs: Document that generic functions can mount filesystems. * fs: Avoid excess logging in extract_e2fsck_progress. - Restructure all sub-packages in the spec file to enhance maintainability. - Update to 3.0.1: * New bugfix release of the libblockdev library with multiple fixes. * loop: Define LOOP_SET_BLOCK_SIZE is not defined. And remove bd_loop_get_autoclear definition. * crypto: Remove stray struct redefinition. * fs: Simplify struct BDFSInfo. And add missing copy and free functions to the header file. * vdo_stats: Remove unused libparted include. * lvm: Make _vglock_start_stop static. Fix declaration for bd_lvm_vdolvpoolname. And add bd_lvm_segdata_copy/free to the header file. * Make the conf.d directory versioned. - Changes from version 3.0.0: * New major release of the libblockdev library. This release contains a large API overhaul. * VDO a KBD plugins were removed. * New NVMe plugin was added. * Runtime dependencies are no longer checked during plugin initialization. * Part plugin was rewritten to use libfdisk instead of libparted * Crypto plugin API went through an extensive rewrite. * Support for new technologies was added to the crypto plugin: FileVault2 encryption, DM Integrity, LUKS2 tokens. * Filesystem plugin adds support for btrfs, F2FS, NILFS2, exFAT and UDF. * Support for new filesystem operations was added to the plugin: setting label and UUID, generic mkfs function and API for getting feature support for filesystems. * dmraid support was removed from the DM plugin. * Python 2 support was dropped. - Drop no longer needed libblockdev-fix-libkmod-include.patch - Drop no longer supported sub-packages with their dependencies, and their configure options, following upstream changes: python2 (python-devel), bcache, dmraid (dmraid-devel BuildRequires) and kbd. - Add (gcc >= 11 or gcc11) boolean BuildRequires to ensure the package is buildable on Leap 15.5, where the gcc meta-package is of version 7. - Bump the SO version to 3 for the shared library and GI bindings sub-packages. - Add ext2fs, fdisk, and libkeyutils pkgconfig() BuildRequires. The first is a new dependency for the FS plugin. The second, for the PART plugin. And the latter, for the CRYPTO plugin (before, the explicit_bzero() function would be searched for). - Add libnvme-devel >= 1.3 BuildRequires, and pass --with-nvme to configure, needed for the NVMe plugin (new upstream addition). - Pass --with-tools to configure, ensuring we keep building the libblockdev tools. ==== libbytesize ==== - Rename python3-libbytesize sub-package to python3-bytesize. This is the expected name by its consumers. ==== libdrm ==== Subpackages: libdrm2 libdrm_amdgpu1 libdrm_nouveau2 libdrm_radeon1 - provide/obsolete dropped packages libkms1/libkms-devel (bsc#1215526) - adjusted n_libdrm-drop-valgrind-dep-generic.patch, n_libdrm-drop-valgrind-dep-intel.patch to generated 2.4.116 pkgconfig files in order to fix build against sle15/Leap 15.x ==== libguestfs ==== Subpackages: libguestfs-appliance libguestfs-xfs libguestfs0 - bsc#1215543 - guestfs regression: file: Use -S option with -z Omit-file--S-option-on-older-distros-that-lack-support.patch See also bsc#1215461 - bsc#1215586 - guestfs regression: non functional network due to missing sysconfig-netconfig libguestfs.spec ==== libjxl ==== - Switch from LCMS to SKCMS: libjxl core can use either, but plugins can only use SKCMS. Exercising two CMS simultaneously also is silly. Delete 0001-Remove-LCMS-mutex.patch . - Build plugins: * Add _service file to generate skcms tarball (needed to build plugins). * Add skcms tarball as source and copy extracted dir to ./third_party/ so cmake can find it. * Split out new packages: * gdk-pixbuf-loader-jxl: Pixbuf loader for supported apps. * gimp-plugin-jxl: Plugin to allow gimp to work with JPEG XL files. * jxl-thumbnailer: Thumbnailer and mime files to allow generating thumbnails for JPEG XL files. ==== libnma ==== Subpackages: libnma-glib-schema libnma-gtk4-0 libnma0 typelib-1_0-NMA4-1_0 - Add libnma-glib-schema Requires to libnma-gtk4-0 sub-package, ensure libnma-glib-schema gets installed by default now that gnome-control-center have ported to gtk4. ==== libqt5-qtbase ==== Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5OpenGL5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-mysql libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 libqt5-qtbase-platformtheme-gtk3 - switch icu-devel requires to pkgconfig to allow switching libicu versions ==== libreoffice ==== Version update (7.6.1.1 -> 7.6.1.2) Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-en libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit - libreoffice-draw requires libreoffice-impress from 7.5 onwards, bsc#1215595 - Update to 7.6.1.2: https://wiki.documentfoundation.org/Releases/7.6.1/RC2 ==== libsecret ==== Version update (0.21.0 -> 0.21.1) Subpackages: libsecret-1-0 typelib-1_0-Secret-1 - Update to version 0.21.1: + Fix updating credentials by another process in the same Flatpak sandbox. + Migrate to g_memdup2. + Updated translations. ==== libsolv ==== Version update (0.7.24 -> 0.7.25) Subpackages: libsolv-tools python3-solv ruby-solv - support complex deps in SOLVABLE_PREREQ_IGNOREINST - fix minimization not prefering installed packages in some cases - reduce memory usage in repo_updateinfoxml - fix lock-step interfering with architecture selection - fix choice rule handing for package downgrades - fix complex dependencies with an "else" part sometimes leading to unsolved dependencies - bump version to 0.7.25 ==== libssh ==== Subpackages: libssh-config libssh4 - Enable crypto-policies support: [bsc#1211301] * Rebase libssh_client.config libssh_server.config ==== libstorage-ng ==== Version update (4.5.141 -> 4.5.143) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#949 - reduce manual memory handing - 4.5.143 - merge gh#openSUSE/libstorage-ng#948 - fixed memory leak - more consistent function naming - 4.5.142 ==== libvpx ==== - Fixing CVE-2023-5217 heap buffer overflow (boo#1215778) added CVE-2023-5217.patch ==== llvm17 ==== Version update (16.0.6 -> 17.0.1) Subpackages: clang-tools libclang13 - Update to version 17.0.1. * For details, see the release notes: - https://releases.llvm.org/17.0.1/docs/ReleaseNotes.html - https://releases.llvm.org/17.0.1/tools/clang/docs/ReleaseNotes.html - https://releases.llvm.org/17.0.1/tools/clang/tools/extra/docs/ReleaseNotes.… - https://releases.llvm.org/17.0.1/projects/libcxx/docs/ReleaseNotes.html - https://releases.llvm.org/17.0.1/tools/lld/docs/ReleaseNotes.html - Rebase patches: * libcxx-test-library-path.patch * llvm_build_tablegen_component_as_shared_library.patch * llvm-do-not-install-static-libraries.patch * llvm-normally-versioned-libllvm.patch * llvm-remove-clang-only-flags.patch * opt-viewer-Find-style-css-in-usr-share.patch - Simplify check-no-llvm-exegesis.patch by removing test directory. - Drop patches that have landed upstream: * openmp-drop-rpath.patch - Add openmp-dont-run-gpu-arch.patch: the binaries are not available in our build, and neither are the toolchains they test for (NV CUDA and AMD HSA). ==== mozjs115 ==== Version update (115.2.0 -> 115.2.1) - Update to version 115.2.1: + Security fix: CVE-2023-4863: Heap buffer overflow in libwebp. ==== mpg123 ==== Version update (1.31.3 -> 1.32.2) Subpackages: libmpg123-0 mpg123-openal - Update to version 1.32.2 * libmpg123: Re-introduce _64 symbols on native 64 bit offset platforms. This was a regression since 1.31 series. Sorry, too much cleanup, not enough testing. * build: + Better O_LARGEFILE logic, avoiding redefintion. * ports/cmake: + Require C99 (bug 360, among other points, thanks to Ozkan Sezer). + Fix broken O_LARGEFILE logic (bug 360). + Typo fix and cleanup, also manual SSE switch for Android on old x86 (bug 359). - Update to version 1.32.1 * Include man pages again in tarball and install. We cannot avoid the empty man directory when disabling programs with autoconf. * Fix signal handler prototype, avoiding some justified warnings. * ports/cmake: + Include CheckTypeSize, which seems to be needed sometimes + Avoid O_LARGEFILE redefinition, logic closer to autoconf. - Update to version 1.32.0 * build + Move version handling out of configure.ac to ease other build systems. + Include "fmt123.h" instead of <fmt123.h> in main API headers to make it more likely the correct one is included (at least gcc picks the one in the same directory as the including header first). + All headers are build-independent now. + Fix build for picky linkers by avoiding definition of wrap_getcpuflags() where it is not used (spurious linker error to non-exitent getcpuflags(), bug 353). + Handle deprecation of C99 detection macro in autoconf 2.70. + No use of AC_SYS_LARGEFILE anymore for explicit handling and differing choice for the libraries and frontend programs. + Added --enable-portable and --disable-largefile to configure, removing the other largefile-related options. + Added --disable-components --enable-libmpg123 to only build libmpg123 (and likewise --enable-libout123, - -enable-libout123-modules, --enable-libsyn123) to autoconf build. CMake build has something similar with BUILD_PROGRAMS and BUILD_LIBOUT123, which leave only libmpg123 and libsyn123 if disabled). + Consistent formatting of ./configure --help with AS_HELP_STRING(). * mpg123 + Added --libversion. + Added proper A-B looping with terminal control key 'o', renamed --pauseloop to --presetloop. + Really get rid of mpg123_position() usage. (It was all lies before!) + Fix terminal progress info when seeking in stopped mode (1.31 regression). + Patch up interaction of output buffer with generic remote control, adding non-interruptible drain after P 3, and dropping buffer on QUIT. + Uppercase some generic control replies for consinstency: SILENCE, PROGRESS, MUTE, UNMUTE * libmpg123, libout123, libsyn123 + Bumped API version for version query functions. + Replaced nearly all symbol renames with explicit INT123_ prefix declarations (intsym.h close to empty now). * libout123 + Add sleep builtin output module (silent, but proper timing). * libsyn123 + Introduced SYN123_PORTABLE_API for an API without off_t and ssize_t (see NEWS.libsyn123). * libmpg123 + Internal I/O using explicit largefile support via off64_t, lseek64, fallback to plain 32 bit off_t. + Added explicit 64 bit API with 64 suffix (mpg123_tell64(), not mpg123_tell_64()). This allows full avoidance of ambiguus off_t. The API is always using 64 bit integers, regardless of internal implementation. + Introduced MPG123_PORTABLE_API for an API subset without off_t and ssize_t. + Made mpg123_seek() and friends ignore offset sign for SEEK_END (always seeking towards beginning, assuming negative offset) to make lseek()-conforming usage possible. Seeking beyond the end never made sense, so no loss of valid functionality. * Overall use of INT123_strerror(), trying to use thread-safe strerror_l() if possible. ==== open-vm-tools ==== Subpackages: libvmtools0 open-vm-tools-desktop - 15 sp4 currently uses open-vm-tools rpms from 15 sp3. As such, enable the spec file fix for bug (bsc#1205927) for 15 sp3 onwards. - open-vm-tools is built with containerinfo plugin from 15 sp3 onwards ==== openssl-3 ==== Version update (3.1.2 -> 3.1.3) Subpackages: libopenssl3 - Update to 3.1.3: * Fix POLY1305 MAC implementation corrupting XMM registers on Windows (CVE-2023-4807) ==== openssl ==== Version update (3.1.2 -> 3.1.3) - Update to 3.1.3 ==== ovmf ==== Version update (202305 -> 202308) Subpackages: qemu-uefi-aarch64 - Update to edk2-stable202308 - Features (https://github.com/tianocore/edk2/releases) CryptoPkg: consume OpenSSL 3.0 Replace the OVMF-specific SataControllerDxe with the generic one in MdeModulePkg Remove the duplicated definitions from BaseTools Arm GIC Library and Driver improvements Use restricted memory mappings in PEI Add SmmCpuFeaturesLib implementation for AMD Processor family Add USB Network RNDIS Drivers Support Standalone MM based variable services in PEI on ARM systems Add RISC-V MMU support Add RISC-V support to CLANGDWARF toolchain - Patches (git log --oneline --date-order edk2-stable202305..edk2-stable202308): 819cfc6b42 OvmfPkg/RiscVVirt: Fix issues in VarStore Blockmap config 00b51e0d78 MdeModulePkg: HeapGuard: Don't Assume Pool Head Allocated In First Page 48089f3a7c OvmfPkg/Bhyve: build platform info HOB eaffa1d7ff UefiCpuPkg:Wake up APs after power-up or RESET through SIPI. 1d76560146 OvmfPkg: Disable PcdFirstTimeWakeUpAPsBySipi. 98e9d29e06 UefiCpuPkg: Add PcdFirstTimeWakeUpAPsBySipi 055c7bd1a7 UefiCpuPkg: Add SendStartupIpiAllExcludingSelf 991515a058 CryptoPkg: remove BN and EC accel for size optimization e91bfffd4f CryptoPkg/openssl: update CI config for openssl 3.0 46226fb5d3 CryptoPkg: remove strcmp to syscall c0aeb92663 CryptoPkg: run configure.py to update all generated files dfa6147a79 CryptoPkg: add more dummy implement of openssl for size optimization 2bead79cfc CryptoPkg: add implemention of _ftol2_sse() to avoid build error b2ff8e45db CryptoPkg: add define of maximum unsigned size_t 4b5faa5775 CryptoPkg: add missing gcc instructions 43e0ede26b CryptoPkg: Enable memcpy sys call in RISCV64 build f0d3e59754 CryptoPkg: Align with 4096 when build with OpensslFullAccel bdf3142eb7 CryptoPkg/TlsLib: use unsigned long for ErrorCode 20193b20b5 CryptoPkg: disable C4133 warning in openssl libraries bf1ff73c8c CryptoPkg: Add instrinsics to support building openssl3 on IA32 windows cea8e3b513 CryptoPkg: adapt 3.0 change in SslNull.c ea7a37d352 CryptoPkg: use UEFI provider as default 9b9b331e0f CryptoPkg: Move all UEFI implement of openssl to OpensslStub 5e1900f266 CryptoPkg/openssl: adapt EcSm2Null.c for openssl 3.0 174a306ccd CryptoPkg/openssl: store dummy update for openssl 3.0 3af00aec7f CryptoPkg/openssl: move compiler_flags to buildinf.c c638d1f672 CryptoPkg/openssl: adapt rand_pool.c to openssl 3.0 changes eac38f74c4 CryptoPkg/TlsLib: ERR_GET_FUNC is gone 2a6dc1211f CryptoPkg/BaseCryptLib: drop BIO_* dummy functions 63c8d160ae CryptoPkg/BaseCryptLib: adapt CryptSm3.c to openssl 3.0 changes. 84158d0ebe CryptoPkg/BaseCryptLib: no openssl deprecation warnings please ac492c3ead CryptoPkg/openssl: UefiAsm.conf update for openssl 3.0 81f5aa0700 CryptoPkg/openssl: add openssl3 configure scripts 7cede6d5f4 CryptoPkg/openssl: update Openssl*.inf files for openssl 3.0 49a113a7a4 CryptoPkg/openssl: cleanup all openssl1.1.1 generated files and code 9d6d237c3c CryptoPkg/openssl: update submodule to openssl-3.0.9 136931c4db MedPkg/Include: Add PCI_EXPRESS_EXTENDED_CAPABILITY_DVSEC_ID 3c274c0d83 MdePkg: Add new status codes to PrintLib 107ddf1de9 MdePkg: Add missing status codes 2d8c17a9b6 OvmfPkg/PlatformCI: Boot OVMF in SMP mode. bae848ee25 OvmfPkg/PlatformCI VS2019: Disable workaround for cpuhp bugfix 744c42bfd8 OvmfPkg/PlatformCI: Use recent Qemu on Windows 01ad4134c3 MdeModulePkg: Solve boot hang Xhci driver when use USB DVD with empty disk ef05145136 ArmPkg: DefaultExceptionHandlerLib: Do Not Allocate Memory 7672d1cca5 MdeModulePkg/SetupBrowser: Load storage via GetVariable for EfiVarStore fa789cc68a BaseTools: scan Edk2ToolsBuild.py make output 5cadb8ce21 BaseTools: BinToPcd: Resolve xdrlib deprecation d11968fcc5 MdeModulePkg/Bus/Ata/AtaAtapiPassThru: Fix UNUSED_VALUE Coverity issue c7c1170a45 MdeModulePkg/Bus/Ata/AtaAtapiPassThru: Fix SIGN_EXTENSION Coverity issue 677f2c6f15 OvmfPkg/RiscVVirt: Update README for CLANGDWARF support 3f49462558 BaseTools/tools_def: Add CLANGDWARF support for RISC-V 0f9fd06919 OvmfPkg/RiscVVirt: SecEntry: Remove unnecessary assembly directives 8543840cfd OvmfPkg/RiscVVirt: use 'auto' alignment and FIXED for XIP modules 70f3e62dc7 OvmfPkg/BhyvePkg: enable bus enumeration f284981506 Revert "OvmfPkg/Bhyve: remove IncompatiblePciDeviceSupport DXE driver" 1c923b9f25 Revert "OvmfPkg/Bhyve: consume PciHostBridgeLibScan" c7a7f09c1d UefiCpuPkg: Decouple the SEV-ES functionality. 25a6745fe8 RedfishPkg/RedfishDiscoverDxe: fix netmask check issue dcf05f958e MdePkg/Include/IndustryStandard: Remove VS20xx workaround 5309ddc83b EmulatorPkg/Win/Host: Fix RUNTIME_FUNCTION redefinition error 925c445fd3 OvmfPkg/RiscVVirt: Avoid printing hard coded timeout value 7427dd3fc0 OvmfPkg/RiscVVirt: Check "no-map" and mark EfiReservedMemoryType c6b512962e UnitTestFrameworkPkg: UnitTestPersistenceLib: Save Unit Test Cache Option b2de9ec5a7 CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1u 6510dcf6f7 NetworkPkg/HttpDxe: fix driver binding start issue. a52044a9e6 OvmfPkg/IoMmuDxe: add locking to IoMmuAllocateBounceBuffer 08aacbf056 OvmfPkg/CloudHv: update Maintainers.txt entry 4d1014093f UefiCpuPkg: Uses gMmst in MmSaveStateLib 39ded59c09 OvmfPkg/PeilessStartupLib: Updated with PcdSecureBootSupported 3399f64588 RedfishPkg/RedfishRestExDxe: reset session when TCP timeout happens dd49d448b0 MdeModulePkg/Bus/Pci/EhciDxe: Fix FORWARD_NULL Coverity issues f220dcbba8 UefiCpuPkg: RISC-V: Support MMU with SV39/48/57 mode cc13dcc576 OvmfPkg: RiscVVirt: Remove satp bare mode setting 33d0a3cc92 OvmfPkg/RiscVVirt: Add VirtNorFlashDxe to APRIORI list a8a72fc1ff OvmfPkg/RiscVVirt: SEC: Add IO memory resource hob for platform devices a9fc9bb466 OvmfPkg/RiscVVirt: VirtNorFlashPlatformLib: Fix wrong flash size fbec9aec00 MdePkg/Register: RISC-V: Add satp mode bits shift definition 7178047402 MdePkg/BaseLib: RISC-V: Support getting satp register value e674096acc OvmfPkg/ResetVector: Fix assembler bit test flag check ff3382a51c MdeModulePkg/Bus/Usb/UsbNetwork/UsbCdcNcm: Add USB Cdc NCM devices support 5e400d22a0 MdeModulePkg/Bus/Usb/UsbNetwork/UsbCdcEcm: Add USB Cdc ECM devices support fc0d5922f1 MdeModulePkg/Bus/Usb/UsbNetwork/UsbRndis: Add USB RNDIS devices support 8dab4eebe4 UefiPayloadPkg: Integrate UiApp and BootManagerMenuApp into MultiFv 964a4f032d UefiCpuPkg: Eliminate the second INIT-SIPI-SIPI sequence. 629c1dacc9 UefiCpuPkg: ApWakeupFunction directly use CpuMpData. 8bb018afaf UefiCpuPkg: Create MpHandOff. ... changelog too long, skipping 204 lines ... qemu-uefi-riscv64.bin ==== p11-kit ==== Version update (0.24.1 -> 0.25.0) Subpackages: libp11-kit0 p11-kit-tools - Add d1d4b0ac316a27c739ff91e6c4153f1154e96e5a.patch: Fix probing of C_GetInterface. - Update to 0.25.0: * add PKCS#11 3.0 support * add support for profile objects * add ability to adjust module and config paths at run-time via system environmental exports * make terminal output nicer * p11-kit: add command to print merged configuration * p11-kit: add commands to list, add and delete profiles of a token * trust: add command to check format of .p11-kit files * virtual: fix libffi type signatures for PKCS#11 3.0 functions * server: fix umask setting when --group is specified * server: check SHELL only when neither --sh nor --csh is specified * rpc: use space string in C_InitToken * rpc: fix two off-by-one errors identified by asan * modules: make logging message more translatable * pkcs11.h: support CRYPTOKI_GNU for IBM vendor mechanisms * pkcs11.h: add IBM specific mechanism and attributes * pkcs11.h: add ChaCha20/Salsa20 and Poly1305 mechanisms * pkcs11.h: add AES-GCM mechanism parameters for message-based encryption * po: update translations from Transifex - Update upstream p11-kit.keyring file - Add missing lang files - Switch to using Meson as the build system ==== perl-HTTP-Message ==== Version update (6.44 -> 6.450.0) - updated to 6.45 see /usr/share/doc/packages/perl-HTTP-Message/Changes 6.45 2023-09-27 14:27:31Z - Allow for file ownership conflicts with Docker and GitHub Actions (GH#193) (Olaf Alders) - Add the 'status_code' function for getting all status codes as hash (GH#194) (Dai Okabayashi) ==== perl-Net-DNS ==== Version update (1.39 -> 1.400.0) - updated to 1.40 see /usr/share/doc/packages/perl-Net-DNS/Changes ==== php8 ==== Subpackages: php8-cli php8-ctype php8-dom php8-gd php8-gettext php8-iconv php8-mbstring php8-mysql php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter - add missing references to rpm changelog - 15sp4 only: [bsc#1200772], [jsc#SLE-24723] add pecl, pear [jsc#SLE-23639] version update ==== polkit-default-privs ==== Version update (1550+20230912.0978001 -> 1550+20230920.74aeded) - Update to version 1550+20230920.74aeded: * udisks2: add additional NVME action (bsc#1214897) ==== python-alembic ==== Version update (1.11.2 -> 1.12.0) - Clean up the SPEC file - update to 1.12.0 * Added new feature to the "code formatter" function which allows standalone executable tools to be run against code, without going through the Python interpreter. Known as the `exec` runner, it complements the existing `console_scripts` runner by allowing non-Python tools such as `ruff` to be used. * Change the default value of `.EnvironmentContext.configure.compare_type` to `True`. As Alembic's autogenerate for types was dramatically improved in version 1.4 released in 2020, the type comparison feature is now much more reliable so is now enabled by default. * Fixed issue where the `ForeignKeyConstraint.match` parameter would not be rendered in autogenerated migrations. * Fixed issue where the `revision_environment` directive in `alembic.ini` was ignored by the `alembic merge` command, leading to issues when other configurational elements depend upon `env.py` being invoked within the command. * Added support for `op.drop_constraint()` to support PostgreSQL `ExcludeConstraint` objects, as well as other constraint-like objects that may be present in third party dialects, by resolving the `type_` parameter to be `None` for this case. Autogenerate has also been enhanced to exclude the `type_` parameter from rendering within this command when `type_` is `None`. ==== python-constantly ==== - Clean up the SPEC file - use unbundled versioneer to build package ==== python-greenlet ==== Version update (2.0.2 -> 3.0.0~rc3) - update to 3.0.0~rc3: * Fix an intermittent error during process termination on some platforms (GCC/Linux/libstdc++). * Fix some potential bugs (assertion failures and memory leaks) in previously-untested error handling code. In some cases, this means that the process will execute a controlled ``abort()`` after severe trouble when previously the process might have continued for some time with a corrupt state. It is unlikely those errors occurred in practice. * Fix some assertion errors and potential bugs with re-entrant switches. * Fix a potential crash when certain compilers compile greenlet with high levels of optimization. The symptom would be that switching to a greenlet for the first time immediately crashes. * Fix a potential crash when the callable object passed to the greenlet constructor (or set as the ``greenlet.run`` attribute) has a destructor attached to it that switches. Typically, triggering this issue would require an unlikely subclass of ``greenlet.greenlet``. * Python 3.11+: Fix rare switching errors that could occur when a garbage collection was triggered during the middle of a switch, and Python-level code in ``__del__`` or weakref callbacks switched to a different greenlet and ultimately switched back to the original greenlet. This often manifested as a ``SystemError``: "switch returned NULL without an exception set." * Python 3.12: Fix walking the frame stack of suspended greenlets. Previously accessing ``glet.gr_frame.f_back`` would crash due to `changes in CPython's undocumented internal frame handling * Make the platform-specific low-level C/assembly snippets stop using the ``register`` storage class. Newer versions of standards remove this storage class, and it has been generally ignored by many compilers for some time. See `PR 347 <https://github.com/python-greenlet/greenlet/pull/347>`_ from Khem Raj. * Add initial support for Python 3.12. See `issue <https://github.com/python-greenlet/greenlet/issues/323>`_ and `PR <https://github.com/python-greenlet/greenlet/pull/327>`_; thanks go to (at least) Michael Droettboom, Andreas Motl, Thomas A Caswell, raphaelauv, Hugo van Kemenade, Mark Shannon, and Petr Viktorin. * Remove support for end-of-life Python versions, including Python 2.7, Python 3.5 and Python 3.6. * Require a compiler that supports ``noinline`` directives. See `issue 271 <https://github.com/python-greenlet/greenlet/issues/266>`_. * Require a compiler that supports C++11. ==== python-netaddr ==== Version update (0.8.0 -> 0.9.0) - Update to version 0.9.0 Added: * Add hash capabilities to OUI. Fixed: * Backwards incompatible: Handle RFC 6164 IPv6 addresses (don't reserve first IP address in point-to-point subnets). * Technically backwards incompatible: Fix for is_loopback behaviour â consider IPNetwork('::1/128') to be loopback. * Fix print syntax in the documentation to be Python 3 compatible * Fix the Sphinx syntax in the documentation. Other: * Deprecate Python 3.6. * Eliminate unnecessary evals. ==== python-qt5-sip ==== Version update (12.12.1 -> 12.12.2) - Update to ABI version 12.12.2 * Match python-sip6-devel 6.7.10+ ==== python-reportlab ==== Version update (3.6.12 -> 3.6.13) - Update to 3.6.13 * fixes for python 3.12.0a1 * tables.py error improvement * allow exclusions in tests in runAll.py and setup.py * implement a safer toColor with rl_config.toColorCanUse option ==== python-tornado6 ==== Version update (6.3.2 -> 6.3.3) - Update to 6.3.3 * The Content-Length header and chunked Transfer-Encoding sizes are now parsed more strictly (according to the relevant RFCs) to avoid potential request-smuggling vulnerabilities when deployed behind certain proxies. - Add py312-datetime.patch to fix build with Python 3.12 ==== rdma-core ==== Version update (47.0 -> 48.0) Subpackages: libefa1 libibverbs libibverbs1 libmana1 libmlx4-1 libmlx5-1 librdmacm1 rdma-ndd - Update to v48.0 - No release notes available. - Drop missing-quoting.patch which was fixed upstream. ==== rubygem-agama ==== Version update (3.devel43 -> 4) - Version 4 - Do not automatically probe after selecting a new product (gh#openSUSE/agama#748). - Use a single D-Bus service to expose the manager and the users settings (gh#openSUSE/agama#753, follow-up of gh#openSUSE/agama#729). - Do not crash when it is not possible to handle a product change in the manager service (related to bsc#1215197). - When selecting the product, do not perform any change if the product is still the same. - The software and the storage services do not dispatch actions during progress reporting anymore (related to bsc#1215197). - New storage proposal settings (gh#openSUSE/agama#738). - Extend the Ruby-based services logs with information about each step (gh#openSUSE/agama#732). - Raise the D-Bus service start timeout for troubleshoting purposes (related to bsc#1214737). - Adapt the locale and questions clients to use the same D-Bus service (gh#openSUSE/agama#729). - Respect UI locale in dbus services (gh#openSUSE/agama#725) - Copy the proxy configuration to the target system when needed (bsc#1212677, gh#openSUSE/agama#711). - Install the ppc64-diag package when running on ppc64le (related to bsc#1206898). - Set the manager service as busy during the startup phase (bsc#1213194). - Add proxy setup support (bsc#1212677, gh#openSUSE/agama#696). ==== sddm ==== Subpackages: sddm-branding-openSUSE - Remove unnecessary Requires(post*) - Config file changes: * No longer own sddm.conf. The migration for this conflicts with the other migration code, so: * Drop code for migrating from Current=maui (Leap <= 42.2) and the monolithic /etc/sddm.conf (Leap <= 42.3) - Add patch and drop unnecessary BuildRequirements of extra-cmake-modules and kf5-filesystem: * 0001-Drop-unnecessary-ECM-dependency-and-dead-uninstall-t.patch - Split the greeter into a subpackage and use _multibuild to build both daemon and greeter for Qt 5 and Qt 6. Add patches to allow for greeter coinstallation: * 0002-Make-sddm-greeter-for-Qt-5-and-Qt-6-coinstallable.patch * 0003-Let-themes-specify-the-used-version-of-Qt.patch - Refresh 0001-Read-the-DISPLAYMANAGER_AUTOLOGIN-value-from-sysconf.patch - Don't set CMAKE_BUILD_TYPE=Release - Make branding packages noarch - Add %check ==== sdl12_compat ==== Version update (1.2.64 -> 1.2.68) - Update to release 1.2.68 * sync dr_mp3 with mainstream * Add null check to SDL_LoadWAV_RW to avoid crashes * Add quirk entry: deactivate GL scaling for Trine (2011 Humble Bundle version) and Mark of the Ninja (HB) * Add quirk entry: set Hyperspace Delivery Boy to run in 16bpp mode * Add quirk handling: add ability to force XInitThreads before main() * Allocate the video surface object statically as a global * Add a hint to clamp the reported screen bit depth ==== smartmontools ==== - Do not quit with an error when no drives to monitor are available (bsc#990406 bsc#1167051). - Add smartd_service_dont_quit.patch - Refresh harden_smartd.service.patch - Run through spec-cleaner, use autosetup ==== stoken ==== Version update (0.92 -> 0.93) - Version update to 0.93: * upstream moved to github * Drop support for versions of nettle older than 2014 * Further v4 token work * fixes in README * Add --both option to print current and next token * Support for v4 token decode * Remove bashisms (Alon Bar-Lev) ==== swtpm ==== Version update (0.8.0 -> 0.8.1) Subpackages: swtpm-selinux - Update to version 0.8.1: - swtpm: - Restore logging to stderr on log open failure - swtpm_setup: - Exit with '0' upon --version rather than '1'. - Initialized @argv in get_swtpm_capabilities() - swtpm_localca: - Add missing NULL option to end of array - SELinux: - Add rules for user_tpm_t:sockfile to allow unlink - Add rules for sock_file on user_tmp_t ==== systemd ==== Subpackages: libsystemd0 libudev1 systemd-container systemd-coredump udev - systemd.spec: during package updates, restart localed, timedated and hostnamed if they're running. - systemd.spec: when enabling units prefer enabling service units over socket ones for socket activable services. The services shipped by systemd automatically redirect the enablement request to the socket unit. ==== tracker ==== Subpackages: libtracker-sparql-3_0-0 tracker-data-files typelib-1_0-Tracker-3_0 - use pkgconfig(icu-i18n) to use the current libicu. (jsc#PED-6193) ==== tuned ==== Version update (2.20.0.18+git.7b1a20b -> 2.21.0.0+git.670541d) - Update to version 2.21.0.0+git.670541d: * new release (2.21.0) * api: fixed stop method not to require any parameter * new release (2.21.0-rc.1) * gui: multiple fixes and warnings removal * gui: fixed inconsistent tabs and spaces, introduced by #516 * Serialize SIGHUP processing * No errors when physical_package_id file does not exist * Update tests: disable systemd rate limiting. * network-latency: enable rcu_normal_after_boot=1 kernel parameter * remove ktimer_lockless_check sysfs setting from realtime-virtual profiles * move rtentsk to network-latency profile * move "tsc=reliable" setting from realtime to network-latency tuned configuration * unify common sysctl settings between realtime and cpu-partitioning profiles * Rename rollback-related constants and variables * Add rollback option to tuned-main.conf * Recast README into MarkDown with various minor corrections and improvements * Remove setting ip forwarding via openshift profile * Fix logging in [scheduler] plug-in * fixed sap-hana docu regarding processor power settings * Added sap-hana-kvm-guest profile * tests/beakerlib: Add new test which covers socket API. * plugin_net: expand variables properly * fix typo * add error dialog when no active profile set ==== udisks2 ==== Version update (2.9.4 -> 2.10.0) Subpackages: libudisks2-0 libudisks2-0_btrfs - Add Obsoletes tags for libudisks2-0_bcache and libudisks2-0_zram modules, dropped on latest version bump, so they get removed from end users' systems upon system upgrade. - Drop unnecessary/discouraged %{?systemd_requires} from spec file. - Update to version 2.10.0: + This release brings large number of internal changes, while keeping the promise of API stability. This development cycle was mostly driven by libblockdev 3.0 API overhaul. + Partitioning was ported to libfdisk. + The kbd and vdo libblockdev plugins were removed and so were zram, bcache and vdo udisks modules. + Definition of supported filesystems was moved to libblockdev and filesystem operations were unified. + Native NVMe support has been added through libnvme. + Syntax of configurable mount options was extended to separate filesystem signature and filesystem driver used for mounting. + A number of workarounds was placed around the org.freedesktop.UDisks2.Filesystem.Size property value retrieval to avoid excessive I/O traffic whenever possible. + Bash and Zsh completion enhancements. + lvm2 module uevent handling improvements. + ATA Secure Erase is now allowed only on top-level block objects. + Extra iSCSI node parameters are now honoured properly. + FIPS mode fixes. + Added support for resolving devices by PARTLABEL and PARTUUID. + Full support for setting filesystem and partition UUIDs. + Dynamic mountpoint name sanitization and ACL fixes. + Added support for LVM2 RAID. + UUID of Bitlocker volumes is now properly exposed. + Added an option to force/avoid creation of mdraid write-intent bitmap. + Updated translations. - Drop default_luks_encryption macro definition. It's no longer needed as upstream defaults to LUKS2 now. - Drop bcache, vdo and zram sub-packages, following upstream changes, and libblockdev-kbd(-devel) BuildRequires/Requires. - Drop bogus build requirement on libblockdev-lvm-dbus-devel, and move libblockdev-lvm-devel BuildRequires to the lvm2 module sub-package. - Move libconfig and libstoragemgmt pkgconfig() BuildRequires to the lsm module sub-package, and libblockdev-btrfs-devel BuildRequires to the btrfs modules sub-package, which is where they belong. - Add libblockdev-nvme-devel BuildRequires and libblockdev-nvme Requires as new required dependencies. - Drop harden_udisks2-zram-setup@.service.patch: It's unneeded now that the zram module has been deprecated. - Drop merged upstream patches: 0001-udisksata-Move-the-low-level-PM-state-call.patch, 0001-udiskslinuxfilesystem-Make-the-size-property-retriev.patch, 0001-udiskslinuxmountoptions-Do-not-free-static-daemon-re.patch, 0001-udiskslinuxprovider-Only-update-related-objects-on-u.patch. - Split Bash and Zsh (new to this release) completion scripts to sub-packages of their own. - Amend GPL-2.0-or-later License tags to LGPL-2.0-or-later for the btrfs, lvm2 and lsm UDisks modules sub-packages. This correction is based on what's explicitly stated on the source code from UDisks modules' folders under the modules/ top-level directory. ==== unar ==== - use pkgconfig(icu-uc) to use the current libicu. (jsc#PED-6193) ==== vsftpd ==== - Enable crypto-policies support: [bsc#1211301] * Add vsftpd-use-system-wide-crypto-policy.patch ==== xdg-utils ==== Version update (1.1.3+20230830 -> 1.1.3+20230831) - Update to version 1.1.3+20230831: * Revert putting process in background from !55 - revert _service to the original state - revert drop of xdg-terminal-don-t-run-kreadconfig-if-KDE_SESSION_VE.patch (bsc#1215384) ==== yast2-bootloader ==== Version update (4.6.2 -> 5.0.2) - Fixed testsuite for architectures other than x86_64. - 5.0.2 - Supporting systemd-boot for architecture x86_64. This feature can be enabled/disabled by the "enable_systemd_boot" flag in the product description file for each product (default is disabled). - 5.0.1 - 5.0.0 (#bsc1185510) - support 32 bit UEFI firmware on x86_64/i386 architecture (bsc#1208003, jsc#PED-2569) - 4.6.3 ==== yast2-installation ==== Version update (4.6.7 -> 5.0.1) - Adapt code for changes in yast2-bootloader done for systemd-boot experimental support (jsc#PED-1906) - 5.0.1 - 5.0.0 (#bsc1185510) ==== yast2-python-bindings ==== Version update (4.6.0 -> 5.0.1) - Fix inspect.getargspec() removed in python3.11; (bsc#1215226); - 5.0.1 - 5.0.0 (#bsc1185510) ==== yast2-schema ==== Version update (4.6.1 -> 5.0.1) - Added several LUKS-related elements to the partitioning schema (jsc#PED-3878, jsc#PED-5518). - 5.0.1 - 5.0.0 (#bsc1185510) ==== yast2-storage-ng ==== Version update (4.6.12 -> 5.0.1) - AutoYaST: official support for LUKS2 (jsc#PED-3878, jsc#PED-5518) - 5.0.1 - 5.0.0 (#bsc1185510) ==== yast2-trans ==== Version update (84.87.20230913.43f962446c -> 84.87.20230922.91d997adab) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sr yast2-trans-sv yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20230922.91d997adab: * New POT for text domain 'packager'. * New POT for text domain 'iscsi-client'. ==== yast2-users ==== Version update (4.6.4 -> 5.0.1) - Don't use obsolete method Dir.exists? (bsc#1215637) - 5.0.1 - 5.0.0 (#bsc1185510)

1 0

New Arm Tumbleweed snapshot 20230910 released!
by Guillaume Gardet 11 Sep '23

11 Sep '23

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: GraphicsMagick Mesa (23.1.6 -> 23.1.7) Mesa-drivers (23.1.6 -> 23.1.7) aaa_base (84.87+git20230329.b39efbc -> 84.87+git20230815.cab7b44) btrfsprogs (6.3 -> 6.5) busybox-links coreutils (9.3 -> 9.4) dracut (059+suse.491.g87f19c22 -> 059+suse.497.ga7feaf12) gcab (1.5 -> 1.6) javapackages-tools kdump kexec-tools (2.0.26.0 -> 2.0.27) lastlog2 (1.1.0 -> 1.2.0) libportal (0.6 -> 0.7) libstorage-ng (4.5.139 -> 4.5.141) libvirt (9.6.0 -> 9.7.0) luajit (2.1.0~beta3+git.1669107176.46aa45d -> 5.1.2.1.0+git.1693350652.41fb94d) nodejs20 open-vm-tools (12.2.0 -> 12.3.0) pam-config (2.5 -> 2.8) perl-Bootloader (1.6 -> 1.8) python-click (8.1.6 -> 8.1.7) python-libvirt-python (9.6.0 -> 9.7.0) python-psutil python-zope.event (4.6 -> 5.0) python311 (3.11.4 -> 3.11.5) python311-core (3.11.4 -> 3.11.5) sssd (2.9.1 -> 2.9.2) === Details === ==== GraphicsMagick ==== Subpackages: libGraphicsMagick++-Q16-12 libGraphicsMagick-Q16-3 libGraphicsMagick3-config - revert to 1.3.40 [bsc#1214831] https://sourceforge.net/p/graphicsmagick/news/2023/08/because-1341-is-disca… - modified patches % GraphicsMagick-disable-insecure-coders.patch (refreshed) - deleted patches - GraphicsMagick-fix-regression-NULL-instead-of-empty-string.patch (not needed) - GraphicsMagick-name-key-return-input-file-base-name.patch (not needed) - fix regression in 1.3.41 https://sourceforge.net/p/graphicsmagick/bugs/722/ - added patches fix 17179:91afa18a6161 + GraphicsMagick-fix-regression-NULL-instead-of-empty-string.patch fix 17180:bb42cd90ce6f + GraphicsMagick-name-key-return-input-file-base-name.patch - version update to 1.3.41 Bug fixes: * Blob: Immediately reject attempts to write blobs to formats which can not support blobs. * TranslateTextEx(): An empty string argument should return an empty string rather than a NULL string. * SetImageAttribute(): Fix bounds issue when concatenating string. * JPEG: Do not set image resolution if the values provided are outside of the valid range. * Fixes for NaN when reading formats based on floating point. * HEIF: Fix reading images with rotation/transformation. * BMP: Do not decode primaries or gamma unless colorspace is LCS_CALIBRATED_RGB. Add/correct bmp_info.size "biSize" logic which decides if header chunks are present (or invalid). * MNG: Fixes for resizing using X_method 5. * GM command (convert, montage, mogrify): Many command-line parser fixes/checks for invalid command line syntax which causes unexpected behavior, or core dumps. * TopoL: Given that a writer is now provided, issues found in the reader (and writer) due to continual fuzz-testing have been fixed, as encountered. * GetImageClippingPathAttribute(): Check for and use clipping path name (ID=2999) to get the real attribute name. * ReadIPTCProfile(): Fix malformed IPTC data parsing. New Features: * TopoL: Now provides a writer. * WPG: Now provides a writer. * gm batch: Implement simple Test Anything Protocol (TAP) test counting and "ok N"/"not ok N" messaging. * TIFF: Support '-define tiff:photometric=minisblack' and '-define tiff:photometric=miniswhite' to be able to adjust the sense used when writing bilevel TIFF images. * TIFF: Require that TIFFTAG_EXTRASAMPLES be used appropriately to indicate the intention of extra channels. * utilities/tests/gen-tiff-images/genimages: Script for writing (and then reading) thousands (5568 permutations) of TIFF format variants. * EXIF and PNG: Retrieve image orientation from EXIF (if present) and store in image. * HEIF: Retrieve image orientation from EXIF and store in image. Behavior Changes: * The ability to extend existing image attribute text by calling SetImageAttribute() multiple times with the same key is now deprecated, and will soon be removed. In the mean time, the annoying message "SetImageAttribute: Extending attribute value text is deprecated!" is printed to the standard error output to help expose code which is using this feature. - modified patches % GraphicsMagick-disable-insecure-coders.patch (refreshed) - deleted patches - strlcpy-wrong-sizing.patch (upstreamed) ==== Mesa ==== Version update (23.1.6 -> 23.1.7) Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libOSMesa8 libgbm1 - Update to bugfix release 23.1.7: - -> https://docs.mesa3d.org/relnotes/23.1.7.html - mini-cleanup for python package BuildRequires in specfile - added python3-dataclasses package for sle15/Leap15 to finally fix build for these build targets; dataclasses module is in standard library of python >= 3.7 ... ==== Mesa-drivers ==== Version update (23.1.6 -> 23.1.7) Subpackages: Mesa-dri Mesa-gallium Mesa-libva - Update to bugfix release 23.1.7: - -> https://docs.mesa3d.org/relnotes/23.1.7.html - mini-cleanup for python package BuildRequires in specfile - added python3-dataclasses package for sle15/Leap15 to finally fix build for these build targets; dataclasses module is in standard library of python >= 3.7 ... ==== aaa_base ==== Version update (84.87+git20230329.b39efbc -> 84.87+git20230815.cab7b44) Subpackages: aaa_base-extras - Update to version 84.87+git20230815.cab7b44: * Remove broken autocompletion overrides and restore default bash behavior * Add foot to DIR_COLORS * files/u/s/sysconf_addword: avoid bashism, fix shellcheck warnings * files/u/s/smart_agetty: replace shebang with /bin/sh * files/u/s/service: avoid bashism, fix shellcheck warnings * files/u/s/refresh_initrd: make POSIX compliant * files/u/b/safe-rm: make POSIX compliant * aaa_base.post: replace shebang with /usr/sh * files/u/b/old: make POSIX compliant ==== btrfsprogs ==== Version update (6.3 -> 6.5) Subpackages: btrfsprogs-bash-completion btrfsprogs-udev-rules libbtrfs0 libbtrfsutil1 - update to 6.5: * crc32c implementation speedup (3x) * btrfstune: * be more strict about option combinations and refuse changing features from incompatible groups * metadata_uuid changes fixes * libbtrfs: fix ABI breakage introduced in 6.3.1, revert struct subvol_info and subvol_uuid_search changes (bsc#1212217) * CI updates * pull request build tests enabled * published static binaries built with backward compatibility (-march=x86-64) * other * documentation updates * new and updated tests * experimental feature updates (json, list-chunks, checksum switch) * code refactoring * remove btrfs-fragments - update to 6.3.3: * add btrfs-find-root to btrfs.box * replace: properly enqueue if there's another replace running * other: * CI updates, more tests enabled, code coverage, badges * documentation updates * build warning fixes - Let btrfsprogs-bash-completion conflict with btrfsprogs <= 6.2.1 as there is a file conflict with the bash completion scripts still being bundled with btrfsprogs in these versions. - update to 6.3.2: * fix mkfs and others on big endian hosts * mkfs: don't print changed defaults notice with --quiet * scrub: fix wrong stats of processed bytes in background and foreground mode * convert: actually create free-space-tree instead of v1 space cache * print-tree: recognize and print CHANGING_FSID_V2 flag (for the metadata_uuid change in progress) * other: documentation updates - update to 6.3.1: * convert: fix checksum of a block relocated from 0-1M range * qgroup show: fix formatting of limit values in json output * receive: report paret subovl UUID on errors * btrfsune: new option --convert-to-free-space-tree to convert from block-group-tree back to extent tree for block group tracking * mkfs: make option --rootdir more verbose and report start when filling from the given directory starts * experimental: * btrfstune: checksum switch logic reimplemented, conversion of all metadata and data now works, resume from various states also supported * other: * test updates and fixes * CI cleanups and old files removed * integration with Github actions - Remove patch: btrfs-progs-qgroup-show-fix-formatting-of-limit-valu.patch (upstreamed) ==== busybox-links ==== Subpackages: busybox-bzip2 busybox-coreutils busybox-ed busybox-findutils busybox-gawk busybox-grep busybox-gzip busybox-misc busybox-psmisc busybox-sed busybox-sendmail busybox-tar busybox-which busybox-xz - Add conflict for coreutils-systemd, package got splitted ==== coreutils ==== Version update (9.3 -> 9.4) - Update to 9.4: Bug fixes: * b2sum --check will no longer read unallocated memory when presented with malformed checksum lines. [bug introduced in coreutils-9.2] * cp --parents again succeeds when preserving mode for absolute directories. Previously it would have failed with a "No such file or directory" error. [bug introduced in coreutils-9.1] * cp --sparse=never will avoid copy-on-write (reflinking) and copy offloading, to ensure no holes present in the destination copy. [bug introduced in coreutils-9.0] * cksum again diagnoses read errors in its default CRC32 mode. [bug introduced in coreutils-9.0] * cksum --check now ensures filenames with a leading backslash character are escaped appropriately in the status output. This also applies to the standalone checksumming utilities. [bug introduced in coreutils-8.25] * dd again supports more than two multipliers for numbers. Previously numbers of the form '1024x1024x32' gave "invalid number" errors. [bug introduced in coreutils-9.1] * factor, numfmt, and tsort now diagnose read errors on the input. [This bug was present in "the beginning".] * install --strip now supports installing to files with a leading hyphen. Previously such file names would have caused the strip process to fail. [This bug was present in "the beginning".] * ls now shows symlinks specified on the command line that can't be traversed. Previously a "Too many levels of symbolic links" diagnostic was given. [This bug was present in "the beginning".] * pr --length=1 --double-space no longer enters an infinite loop. [This bug was present in "the beginning".] * tac now handles short reads on its input. Previously it may have exited erroneously, especially with large input files with no separators. [This bug was present in "the beginning".] * uptime no longer incorrectly prints "0 users" on OpenBSD, and is being built again on FreeBSD and Haiku. [bugs introduced in coreutils-9.2] * wc -l and cksum no longer crash with an "Illegal instruction" error on x86 Linux kernels that disable XSAVE YMM. This was seen on Xen VMs. [bug introduced in coreutils-9.0] Changes in behavior: * cp -v and mv -v will no longer output a message for each file skipped due to -i, or -u. Instead they only output this information with --debug. I.e., 'cp -u -v' etc. will have the same verbosity as before coreutils-9.3. * cksum -b no longer prints base64-encoded checksums. Rather that short option is reserved to better support emulation of the standalone checksum utilities with cksum. * mv dir x now complains differently if x/dir is a nonempty directory. Previously it said "mv: cannot move 'dir' to 'x/dir': Directory not empty", where it was unclear whether 'dir' or 'x/dir' was the problem. Now it says "mv: cannot overwrite 'x/dir': Directory not empty". Similarly for other renames where the destination must be the problem. [problem introduced in coreutils-6.0] - Enable systemd-logind support - Add gnulib-readutmp.patch: Fix seg.fault of who, pinky, uptime [dgo#65617] - Create -systemd flavor with binaries linked against libsystemd - Drop coreutils-invalid-ids.patch to get consistent behavior, most tools where already removed from that patch. - coreutils-misc.patch: adjust paths - coreutils-skip-some-sort-tests-on-ppc.patch: adjust paths - coreutils-test_without_valgrind.patch: adjust paths - coreutils-i18n.patch: update from Fedora ==== dracut ==== Version update (059+suse.491.g87f19c22 -> 059+suse.497.ga7feaf12) - Update to version 059+suse.497.ga7feaf12: * chore(suse): disable fips and ima subpackages for i?86 * fix(dracut.sh): remove microcode check based on CONFIG_MICROCODE_[AMD|INTEL] * chore(suse): update SUSE maintainers doc ==== gcab ==== Version update (1.5 -> 1.6) Subpackages: libgcab-1_0-0 - Update to version 1.6: + New Features: Allow specifying the allowed compression formats at runtime. This would allow us, for example, to disable the slightly scary LZX compression format when parsing unknown files. + Bugfixes: Do not require git when building from a tarball. ==== javapackages-tools ==== Subpackages: javapackages-filesystem - Modified patch: * 0001-Make-the-alias-generation-reproducible.patch -> 0001-Make-maven_depmap-order-of-aliases-reproducible.patch + replace by the version of patch integrated by upstream - Added patch: * 0002-Do-not-bomb-on-relativePath-construct.patch + integrated patch fixing parent recursion with empty <relativePath/> element ==== kdump ==== - update calibrate values, newly added SLE15-SP6 values ==== kexec-tools ==== Version update (2.0.26.0 -> 2.0.27) - update to 2.0.27: * ppc64: add --reuse-cmdline parameter support * kexec: make -a the default * x86: add devicetree support * ppc64: document elf-ppc64 options and --dt-no-old-root * LoongArch: kdump: set up kernel image segment * arm64: zboot support - Disable Xen support in ALP ==== lastlog2 ==== Version update (1.1.0 -> 1.2.0) Subpackages: liblastlog2-1 - Version 1.2.0 - show_lastlogin: Don't read if no database - Fix -flto for clang - Documentation fixes ==== libportal ==== Version update (0.6 -> 0.7) Subpackages: libportal-1 libportal-gtk3-1 libportal-gtk4-1 - Update to version 0.7: + Add support for the new SetStatus() method of the Background portal. + Add support for the new ConnectToEIS() method of the Remote Desktop portal. + Improve unit and integration tests. + Documentation improvements. + CI improvements. ==== libstorage-ng ==== Version update (4.5.139 -> 4.5.141) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - Translated using Weblate (Swedish) (bsc#1149754) - 4.5.141 - merge gh#openSUSE/libstorage-ng#947 - handle json output of btrfs version 6.5 - 4.5.140 ==== libvirt ==== Version update (9.6.0 -> 9.7.0) Subpackages: libvirt-client libvirt-daemon-common libvirt-daemon-config-network libvirt-daemon-driver-interface libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lock libvirt-daemon-log libvirt-daemon-plugin-lockd libvirt-daemon-proxy libvirt-daemon-qemu libvirt-libs - Update to libvirt 9.7.0 (jsc#PED-3279) - Many incremental improvements and bug fixes, see https://libvirt.org/news.html#v9-7-0-2023-09-01 - spec: Unconditionally enable modular daemons (jsc#PED-6303) - spec: ESX hypervisor driver in ALP-based products - spec: Disable glusterfs storage backend in ALP-based products ==== luajit ==== Version update (2.1.0~beta3+git.1669107176.46aa45d -> 5.1.2.1.0+git.1693350652.41fb94d) - Update to version 5.1.2.1.0+git.1693350652.41fb94d: * Add randomized register allocation for fuzz testing. * ARM64: Improve register allocation for integer IR_MUL/IR_MULOV. * ARM64: Fix register allocation for IR_*LOAD. * Update external MSDN URL in code. * FFI/ARM64/OSX: Handle non-standard OSX C calling conventions. * FFI: Unify stack setup for C calls in interpreter. * ARM64: Prevent STP fusion for conditional code emitted by TBAR. * ARM64: Fix LDP/STP fusing for unaligned accesses. * Handle table unsinking in the presence of IRFL_TAB_NOMM. * Use fallback name for install files without valid .git or .relver. * Handle non-.git checkout with .relver in .bat-file builds. * Fix external C call stack check when using LUAJIT_MODE_WRAPCFUNC. * Fix predict_next() in parser (again). - Update luajit-lua-versioned.patch to work with the git checkout created tarball. The point of the patch is to extend the version number so that it is always bigger than 2.2.0 version of moonjit, which is Obsoleted by this package. - Update to version 2.1.0~beta3+git.1692716794.03c3112: * Fix typo. * Handle the case when .git is not a directory. * Add .gitattributes to dynamically resolve .relver. * Add .gitattributes to dynamically resolve .relver. * Fix for last commit: also remove symlink on uninstall. * Switch to rolling releases: mark v2.1 as production. * Fix Windows build scripts for rolling releases. * Switch MSVC and console build scripts to rolling releases. * Switch build system to rolling releases. * Update documentation for switch to rolling releases. * Bump copyright date. * Remove work-in-progress notice in string buffer docs. * MIPS: Fix "bad FP FLOAD" assertion. * Ensure forward progress on trace exit to BC_ITERN. * ARM64: Add support for ARM64e pointer authentication codes (PAC). * DynASM/ARM64: Add instructions for ARM64e PAC. * Fix maxslots when recording BC_VARG, part 3. * Fix predict_next() in parser. * MIPS32: Declare that the assembler part uses the FR=0 model. * ARM64: Fix assembly of HREFK (again). * Fix frame for more types of on-trace error messages. * Add workaround for bytecode dump of builtins. * DynASM: Fix regression due to warning fix. * Fix base register coalescing in side trace. * ARM64: Fix assembly of HREFK. * Fix maxslots when recording BC_VARG, part 2. * Fix maxslots when recording BC_TSETM. * Fix maxslots when recording BC_VARG. * Fix register mask for stack check in head of side trace. * FFI: Fix ffi.metatype() for non-raw types. * ARM64: Fix LDP code generation. * MIPSr6: Add missing files to Makefile install target. * DynASM: Fix warnings. * Fix frame for on-trace out-of-memory error. * Fix handling of instable types in TNEW/TDUP load forwarding. * Fix compiler warning. * Fix last commit. * Print errors from __gc finalizers instead of rethrowing them. * Fix TDUP load forwarding after table rehash. * Fix canonicalization of +-0.0 keys for IR_NEWREF. * Improve error reporting on stack overflow. * Allow building sources with mixed LF/CRLF line-endings. * Fix compiler warning. * Don't fail for Clang builds, which pretend to be an ancient GCC. * Avoid negation of signed integers in C that may hold INT*_MIN. * Correct fix for stack check when recording BC_VARG. * Disable FMA by default. Use -Ofma or jit.opt.start("+fma") to enable. * FFI: Fix dangling reference to CType. Improve checks. * ARM64: Fix code generation for IR_SLOAD with typecheck + conversion. * PS4/PS5: Fix build scripts. * Avoid assertion in case of stack overflow from stitched trace. ==== nodejs20 ==== Subpackages: npm20 - f0ff63fbc32ea55f3d92c5c89fdb91ec47786859.patch: fixes issues with Angular and other software that tries to load ECM modules in somewhat circular fashion ending up with multiple executions. ==== open-vm-tools ==== Version update (12.2.0 -> 12.3.0) Subpackages: libvmtools0 open-vm-tools-desktop - Update to 12.3.0 (build 22234872) (boo#1214850) - There are no new features in the open-vm-tools 12.3.0 release. This is primarily a maintenance release that addresses a few critical problems, including: - This release integrates CVE-2023-20900 without the need for a patch. For more information on this vulnerability and its impact on VMware products, see https://www.vmware.com/security/advisories/VMSA-2023-0019.html. - A tools.conf configuration setting is available to temporaily direct Linux quiesced snaphots to restore pre open-vm-tools 12.2.0 behavior of ignoring file systems already frozen. - Building of the VMware Guest Authentication Service (VGAuth) using "xml-security-c" and "xerces-c" is being deprecated. - A number of Coverity reported issues have been addressed. - A number of GitHub issues and pull requests have been handled. Please see the Resolves Issues section of the Release Notes. - For issues resolved in this release, see the Resolved Issues section of the Release Notes. - For complete details, see: https://github.com/vmware/open-vm-tools/releases/tag/stable-12.3.0 - Release Notes are available at https://github.com/vmware/open-vm-tools/blob/stable-12.3.0/ReleaseNotes.md - The granular changes that have gone into the 12.3.0 release are in the ChangeLog at https://github.com/vmware/open-vm-tools/blob/stable-12.3.0/open-vm-tools/Ch… - Fix (bsc#1205927) - hv_vmbus module is loaded unnecessarily in VMware guests - jsc-PED-1344 - reinable building containerinfo plugin for SLES 15 SP4. - Drop patch now contained in 12.3.0: + 0001-build-put-l-specifiers-into-LIBADD-not-LDFLAGS.patch + 0002-build-use-grpc-pkgconfig-to-retrieve-flags-libraries.patch + 2023-20867-Remove-some-dead-code.patch + CVE-20230-20900.patch ==== pam-config ==== Version update (2.5 -> 2.8) - Update to version 2.8 - Replace aad module with himmelblau - Update to version 2.7 - Add support for aad module - Update to version 2.6 - Remove pam_cracklib from config even if no successor is installed - Run update in %posttrans after all other PAM modules got installed/removed - Both are required for [bsc#1214885] ==== perl-Bootloader ==== Version update (1.6 -> 1.8) - merge gh#openSUSE/perl-bootloader#158 - skip warning about unsupported options when in compat mode - 1.8 - merge gh#openSUSE/perl-bootloader#156 - bootloader_entry script can have an optional 'force-default' argument (bsc#1215064) - 1.7 ==== python-click ==== Version update (8.1.6 -> 8.1.7) - update to 8.1.7: * Fix issue with regex flags in shell completion. * Bash version detection issues a warning instead of an error. * Fix issue with completion script for Fish shell. ==== python-libvirt-python ==== Version update (9.6.0 -> 9.7.0) - Update to 9.7.0 - Add all new APIs and constants in libvirt 9.7.0 - jsc#PED-3279 ==== python-psutil ==== - BuildRequire /usr/bin/who: called by the test suite. With coreutils 9.4 'who' is no longer part of the main package but is shipped as part of coreutils-systemd. ==== python-zope.event ==== Version update (4.6 -> 5.0) - update to 5.0: * Drop support for Python 2.7, 3.5, 3.6. ==== python311 ==== Version update (3.11.4 -> 3.11.5) Subpackages: python311-curses python311-dbm - Update to 3.11.5 (bsc#1214692): - Security - gh-108310: Fixed an issue where instances of ssl.SSLSocket were vulnerable to a bypass of the TLS handshake and included protections (like certificate verification) and treating sent unencrypted data as if it were post-handshake TLS encrypted data. Security issue reported as CVE-2023-40217 by Aapo Oksman. Patch by Gregory P. Smith. - Core and Builtins - gh-104432: Fix potential unaligned memory access on C APIs involving returned sequences of char * pointers within the grp and socket modules. These were revealed using a - fsaniziter=alignment build on ARM macOS. Patch by Christopher Chavez. - gh-77377: Ensure that multiprocessing synchronization objects created in a fork context are not sent to a different process created in a spawn context. This changes a segfault into an actionable RuntimeError in the parent process. - gh-106092: Fix a segmentation fault caused by a use-after-free bug in frame_dealloc when the trashcan delays the deallocation of a PyFrameObject. - gh-106719: No longer suppress arbitrary errors in the __annotations__ getter and setter in the type and module types. - gh-106723: Propagate frozen_modules to multiprocessing spawned process interpreters. - gh-105979: Fix crash in _imp.get_frozen_object() due to improper exception handling. - gh-105840: Fix possible crashes when specializing function calls with too many __defaults__. - gh-105588: Fix an issue that could result in crashes when compiling malformed ast nodes. - gh-105375: Fix bugs in the builtins module where exceptions could end up being overwritten. - gh-105375: Fix bug in the compiler where an exception could end up being overwritten. - gh-105375: Improve error handling in PyUnicode_BuildEncodingMap() where an exception could end up being overwritten. - gh-105235: Prevent out-of-bounds memory access during mmap.find() calls. - gh-101006: Improve error handling when read marshal data. - Library - gh-105736: Harmonized the pure Python version of OrderedDict with the C version. Now, both versions set up their internal state in __new__. Formerly, the pure Python version did the set up in __init__. - gh-107963: Fix multiprocessing.set_forkserver_preload() to check the given list of modules names. Patch by Dong-hee Na. - gh-106242: Fixes os.path.normpath() to handle embedded null characters without truncating the path. - gh-107845: tarfile.data_filter() now takes the location of symlinks into account when determining their target, so it will no longer reject some valid tarballs with LinkOutsideDestinationError. - gh-107715: Fix doctest.DocTestFinder.find() in presence of class names with special characters. Patch by Gertjan van Zwieten. - gh-100814: Passing a callable object as an option value to a Tkinter image now raises the expected TclError instead of an AttributeError. - gh-106684: Close asyncio.StreamWriter when it is not closed by application leading to memory leaks. Patch by Kumar Aditya. - gh-107077: Seems that in some conditions, OpenSSL will return SSL_ERROR_SYSCALL instead of SSL_ERROR_SSL when a certification verification has failed, but the error parameters will still contain ERR_LIB_SSL and SSL_R_CERTIFICATE_VERIFY_FAILED. We are now detecting this situation and raising the appropiate ssl.SSLCertVerificationError. Patch by Pablo Galindo - gh-107396: tarfiles; Fixed use before assignment of self.exception for gzip decompression - gh-62519: Make gettext.pgettext() search plural definitions when translation is not found. - gh-83006: Document behavior of shutil.disk_usage() for non-mounted filesystems on Unix. - gh-106186: Do not report MultipartInvariantViolationDefect defect when the email.parser.Parser class is used to parse emails with headersonly=True. - gh-106831: Fix potential missing NULL check of d2i_SSL_SESSION result in _ssl.c. - gh-106774: Update the bundled copy of pip to version 23.2.1. - gh-106752: Fixed several bug in zipfile.Path in name/suffix/suffixes/stem operations when no filename is present and the Path is not at the root of the zipfile. - gh-106602: Add __copy__ and __deepcopy__ in enum - gh-106530: Revert a change to colorsys.rgb_to_hls() that caused division by zero for certain almost-white inputs. Patch by Terry Jan Reedy. - gh-106052: re module: fix the matching of possessive quantifiers in the case of a subpattern containing backtracking. - gh-106510: Improve debug output for atomic groups in regular expressions. - gh-105497: Fix flag mask inversion when unnamed flags exist. - gh-90876: Prevent multiprocessing.spawn from failing to import in environments where sys.executable is None. This regressed in 3.11 with the addition of support for path-like objects in multiprocessing. - gh-106350: Detect possible memory allocation failure in the libtommath function mp_init() used by the _tkinter module. - gh-102541: Make pydoc.doc catch bad module ImportError when output stream is not None. ... changelog too long, skipping 124 lines ... data: *consumed was not set. ==== python311-core ==== Version update (3.11.4 -> 3.11.5) Subpackages: libpython3_11-1_0 python311-base - Update to 3.11.5 (bsc#1214692): - Security - gh-108310: Fixed an issue where instances of ssl.SSLSocket were vulnerable to a bypass of the TLS handshake and included protections (like certificate verification) and treating sent unencrypted data as if it were post-handshake TLS encrypted data. Security issue reported as CVE-2023-40217 by Aapo Oksman. Patch by Gregory P. Smith. - Core and Builtins - gh-104432: Fix potential unaligned memory access on C APIs involving returned sequences of char * pointers within the grp and socket modules. These were revealed using a - fsaniziter=alignment build on ARM macOS. Patch by Christopher Chavez. - gh-77377: Ensure that multiprocessing synchronization objects created in a fork context are not sent to a different process created in a spawn context. This changes a segfault into an actionable RuntimeError in the parent process. - gh-106092: Fix a segmentation fault caused by a use-after-free bug in frame_dealloc when the trashcan delays the deallocation of a PyFrameObject. - gh-106719: No longer suppress arbitrary errors in the __annotations__ getter and setter in the type and module types. - gh-106723: Propagate frozen_modules to multiprocessing spawned process interpreters. - gh-105979: Fix crash in _imp.get_frozen_object() due to improper exception handling. - gh-105840: Fix possible crashes when specializing function calls with too many __defaults__. - gh-105588: Fix an issue that could result in crashes when compiling malformed ast nodes. - gh-105375: Fix bugs in the builtins module where exceptions could end up being overwritten. - gh-105375: Fix bug in the compiler where an exception could end up being overwritten. - gh-105375: Improve error handling in PyUnicode_BuildEncodingMap() where an exception could end up being overwritten. - gh-105235: Prevent out-of-bounds memory access during mmap.find() calls. - gh-101006: Improve error handling when read marshal data. - Library - gh-105736: Harmonized the pure Python version of OrderedDict with the C version. Now, both versions set up their internal state in __new__. Formerly, the pure Python version did the set up in __init__. - gh-107963: Fix multiprocessing.set_forkserver_preload() to check the given list of modules names. Patch by Dong-hee Na. - gh-106242: Fixes os.path.normpath() to handle embedded null characters without truncating the path. - gh-107845: tarfile.data_filter() now takes the location of symlinks into account when determining their target, so it will no longer reject some valid tarballs with LinkOutsideDestinationError. - gh-107715: Fix doctest.DocTestFinder.find() in presence of class names with special characters. Patch by Gertjan van Zwieten. - gh-100814: Passing a callable object as an option value to a Tkinter image now raises the expected TclError instead of an AttributeError. - gh-106684: Close asyncio.StreamWriter when it is not closed by application leading to memory leaks. Patch by Kumar Aditya. - gh-107077: Seems that in some conditions, OpenSSL will return SSL_ERROR_SYSCALL instead of SSL_ERROR_SSL when a certification verification has failed, but the error parameters will still contain ERR_LIB_SSL and SSL_R_CERTIFICATE_VERIFY_FAILED. We are now detecting this situation and raising the appropiate ssl.SSLCertVerificationError. Patch by Pablo Galindo - gh-107396: tarfiles; Fixed use before assignment of self.exception for gzip decompression - gh-62519: Make gettext.pgettext() search plural definitions when translation is not found. - gh-83006: Document behavior of shutil.disk_usage() for non-mounted filesystems on Unix. - gh-106186: Do not report MultipartInvariantViolationDefect defect when the email.parser.Parser class is used to parse emails with headersonly=True. - gh-106831: Fix potential missing NULL check of d2i_SSL_SESSION result in _ssl.c. - gh-106774: Update the bundled copy of pip to version 23.2.1. - gh-106752: Fixed several bug in zipfile.Path in name/suffix/suffixes/stem operations when no filename is present and the Path is not at the root of the zipfile. - gh-106602: Add __copy__ and __deepcopy__ in enum - gh-106530: Revert a change to colorsys.rgb_to_hls() that caused division by zero for certain almost-white inputs. Patch by Terry Jan Reedy. - gh-106052: re module: fix the matching of possessive quantifiers in the case of a subpattern containing backtracking. - gh-106510: Improve debug output for atomic groups in regular expressions. - gh-105497: Fix flag mask inversion when unnamed flags exist. - gh-90876: Prevent multiprocessing.spawn from failing to import in environments where sys.executable is None. This regressed in 3.11 with the addition of support for path-like objects in multiprocessing. - gh-106350: Detect possible memory allocation failure in the libtommath function mp_init() used by the _tkinter module. - gh-102541: Make pydoc.doc catch bad module ImportError when output stream is not None. ... changelog too long, skipping 124 lines ... data: *consumed was not set. ==== sssd ==== Version update (2.9.1 -> 2.9.2) Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-krb5-common sssd-ldap - Update to release 2.9.2 * sssctl cert-show and cert-show cert-eval-rule can now be run as non-root user. * New option local_auth_policy is added to control which offline authentication methods will be enabled by SSSD.

1 0

New Arm Tumbleweed snapshot 20230907 released!
by Guillaume Gardet 08 Sep '23

08 Sep '23

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: alsa (1.2.9 -> 1.2.10) alsa-ucm-conf (1.2.9 -> 1.2.10) alsa-utils (1.2.9 -> 1.2.10) at-spi2-core (2.48.3 -> 2.48.4) bluez (5.68 -> 5.69) crypto-policies drbd (9.0.30~1+git.8e9c0812 -> 9.1.16) drbd-utils (9.19.0 -> 9.25.0) elfutils-debuginfod glib2 (2.76.4 -> 2.76.5) gnome-shell (44.3 -> 44.4) grep grub2 javapackages-tools (6.1.0 -> 6.2.0) konsole libadwaita (1.3.4 -> 1.3.5) libei (1.0.0 -> 1.1.0) libgphoto2 (2.5.30 -> 2.5.31) libstorage-ng (4.5.136 -> 4.5.139) lsb-release man mozilla-nss (3.92 -> 3.93) mozjs102 (102.14.0 -> 102.15.0) multipath-tools (0.9.5+68+suse.d1b6a1c -> 0.9.6+71+suse.f07325e) mutter (44.3 -> 44.4) nodejs20 (20.5.1 -> 20.6.0) open-isns perl-URI (5.19 -> 5.210.0) pigz (2.7 -> 2.8) python-async_timeout (4.0.2 -> 4.0.3) python-chardet (5.1.0 -> 5.2.0) python-lxml python-outcome python-psycopg2 (2.9.6 -> 2.9.7) python-setuptools (67.8.0 -> 68.1.2) qpdf (11.5.0 -> 11.6.0) rdma-core shaderc (2023.4 -> 2023.6) suse-module-tools (16.0.34 -> 16.0.35) unbound (1.17.1 -> 1.18.0) vsftpd webkit2gtk3 webkit2gtk3-soup2 wireless-regdb (20230721 -> 20230901) yast2-trans (84.87.20230818.ea489402e5 -> 84.87.20230901.be24cb382f) zvbi (0.2.41 -> 0.2.42) zypper (1.14.62 -> 1.14.64) === Details === ==== alsa ==== Version update (1.2.9 -> 1.2.10) Subpackages: libasound2 libatopology2 - Update to version 1.2.10: * MIDI 2.0 feature support * build fixes for various platforms * various documentation fixes * misc topology fixes * ucm fixes and cleanups For details, see: https://www.alsa-project.org/wiki/Changes_v1.2.9_v1.2.10#alsa-lib - Took upstream fix for possible build errors: 0001-control.h-Fix-ump-header-file-detection.patch ==== alsa-ucm-conf ==== Version update (1.2.9 -> 1.2.10) - Update to version 1.2.10: * updates / fixes for various devices: mtk-rt5650, usb-audio, tegra es8316, sof-essx8336, pinephone, Steinberg UR44C, AMD ACP RPL, ACP63, sof-hda-dsp, etc For details, see: https://www.alsa-project.org/wiki/Changes_v1.2.9_v1.2.10#alsa-ucm-conf - Upstream regression fix: 0001-SplitPCM-Device-argument-may-not-be-set.patch ==== alsa-utils ==== Version update (1.2.9 -> 1.2.10) - Update to alsa-utils 1.2.10: * MIDI 2.0 / UMP support for sequencer programs * nhlt: add nhlt-dmic-info utility * Build fixes and cleanups * speaker-test: allow large buffer and period time setup - up to 100 seconds * various topology fixes For details, see: https://www.alsa-project.org/wiki/Changes_v1.2.9_v1.2.10#alsa-utils - Fix the builds with old gcc: 0001-axfer-use-ATTRIBUTE_UNUSED-instead-remove-argument-n.patch 0002-amidi-use-ATTRIBUTE_UNUSED-instead-remove-argument-n.patch 0003-alsaloop-use-ATTRIBUTE_UNUSED-instead-remove-argumen.patch 0004-bat-use-ATTRIBUTE_UNUSED-instead-remove-argument-nam.patch 0005-seq-use-ATTRIBUTE_UNUSED-instead-remove-argument-nam.patch 0006-alsaucm-use-ATTRIBUTE_UNUSED-instead-remove-argument.patch 0007-topology-use-ATTRIBUTE_UNUSED-instead-remove-argumen.patch ==== at-spi2-core ==== Version update (2.48.3 -> 2.48.4) Subpackages: libatk-1_0-0 libatk-bridge-2_0-0 libatspi0 typelib-1_0-Atk-1_0 typelib-1_0-Atspi-2_0 - Update to version 2.48.4: + Add atspi_get_version() to return the runtime version of the AT-SPI library. + collection: - Fix match testing for attributes. - Avoid locking up if an object has a very large child count. + Fix possible NULL pointer dereference when deregistering an event listener. + Various fixes for the new key grabbing API. ==== bluez ==== Version update (5.68 -> 5.69) Subpackages: bluez-auto-enable-devices bluez-cups bluez-zsh-completion libbluetooth3 - update to 5.69 * Fix issue with BAP enabling state correctly when resuming. * Fix issue with detaching source ASEs only after Stop Ready. * Fix issue with handling VCP audio location and descriptor. * Fix issue with generating IRK for adapter with privacy enabled. * Add support for BAP broadcast sink. - Add three new man pages ==== crypto-policies ==== Subpackages: crypto-policies-scripts - Tests: Fix pylint versioning for TW and fix the parsing of the policygenerators to account for the commented lines correctly. * Add crypto-policies-pylint.patch * Rebase crypto-policies-policygenerators.patch - FIPS: Adapt the fips-mode-setup script to use the pbl command from the perl-Bootloader package to replace grubby. Add a note for transactional systems [jsc#PED-4578]. * Rebase crypto-policies-FIPS.patch ==== drbd ==== Version update (9.0.30~1+git.8e9c0812 -> 9.1.16) Subpackages: drbd-kmp-64kb drbd-kmp-default - Update DRBD version from 9.0.30+ to 9.1.16 (PED-6362) * 9.1.16 (api:genl2/proto:86-121/transport:18) * shorten times DRBD keeps IRQs on one CPU disabled. Could lead to connection interruption under specific conditions * fix a corner case where resync did not start after resync-pause state flapped * fix online adding of volumes/minors to an already connected resource * fix a possible split-brain situation with quorum enabled with ping-timeout set to (unusual) high value * fix a locking problem that could lead to kernel OOPS * ensure resync can continue (bitmap-based) after interruption also when it started as a full-resync first * correctly handle meta-data when forgetting diskless peers * fix a possibility of getting a split-brain although quorum enabled * correctly propagate UUIDs after resync following a resize operation. Consequence could be a full resync instead of a bitmap-based one * fix a rare race condition that can cause a drbd device to end up with WFBitMapS/Established replication states * 9.1.15 (api:genl2/proto:86-121/transport:18) * fix how flush requests are marked when submitted to the Linux IO stack on the secondary node * when establishing a connection failed with a two-pc timeout, a receiver thread deadlocked, causing drbdsetup calls to block on that resource (difficult to trigger) * fixed a NULL-ptr deref (a OOPS) caused by a rare race condition while taking a resource down * fix a possible hard kernel-lockup, can only be triggerd when a CPU-mask is configured * updated kernel compatibility to at least Linux head and also fixed a bug in the compat checks/rules that caused OOPSes of the previous drbd releases when compiled with Linux-6.2 (or on RHEL 9.2 kernel). * fix an aspect of the data-generation (UUID) handling where DRBD failed to do a resync when a diskless node in the remaining partition promotes and demotes while a diskful node is isolated * fix an aspect of the data-generation (UUID) handling where DRBD considered a node to have unrelated data; this bug was triggered by a sequence involving removing two nodes from a cluster and readding one with the "day-0" UUIDs. * do not block specific state changes (promote, demote, attach, and detach) when only some nodes add a new minor * 9.1.14 (api:genl2/proto:86-121/transport:18) * fix a race with concurrent promotion and demotion, which can lead to an unexpected "split-brain" later on * fix a specific case where promotion was allowed where it should not * fix a race condition between auto-promote and a second two-phase commit that can lead to a DRBD thread locking up in an endless loop * fix several bugs with "resync-after": - missing resync-resume when minor numbers run in opposite direction as the resync-after dependencies - a race that might lead to an OOPS in add_timer() * fix an OOPS when reading from in_flight_summary in debugfs * fix a race that might lead to an endless loop of printing "postponing start_resync" while starting a resync * fix diskless node with a diskfull with a 4KiB backend * simplify remembering two-pc parents, maybe fixing a one-time-seen bug * derive abort_local_transaction timeout from ping-timeout * 9.1.13 (api:genl2/proto:86-121/transport:18) * when calculating if a partition has quorum, take into account if the missing nodes might have quorum * fix forget-peer for diskless peers * clear the resync_again counter upon disconnect * also call the unfence handler when no resync happens * do not set bitmap bits when attaching to an up-to-date disk (late) * work on bringing the out-of-tree DRBD9 closer to DRBD in the upstream kernel; Use lru_cahche.ko from the installed kernel whenever possible * 9.1.12 (api:genl2/proto:86-121/transport:18) * fix a race that could result in connection attempts getting aborted with the message "sock_recvmsg returned -11" * rate limit messages in case the peer can not write the backing storage and it does not finish the necessary state transitions * reduced the receive timeout during connecting to the intended 5 seconds (ten times ping-ack timeout) * losing the connection at a specific point in time during establishing a connection could cause a transition to StandAlone; fixed that, so that it keeps trying to connect * fix a race that could lead to a fence-peer handler being called unexpectedly when the fencing policy is changed at the moment before promoting * 9.1.11 (api:genl2/proto:86-121/transport:18) * The change introduced with 9.1.10 created another problem that might lead to premature request completion (kernel crash); reverted that change and fix it in another way * 9.1.10 (api:genl2/proto:86-121/transport:18) * fix a regression introduced with 9.1.9; using protocol A on SMP with heavy IO can might cause kernel crash * 9.1.9 (api:genl2/proto:86-121/transport:18) * fix a mistake in the compat generation code; it broke DRBD on partitions on kernel older than linux 5.10 (this was introduced with drbd-9.1.8; not affected: logical volumes) * fix for a bug (introduced with drbd-9.0.0), that caused possible inconsistencies in the mirror when using the 'resync-after' option * fix a bug that could cause a request to get stuck after an unlucky timing with a loss of connection * close a very small timing window between connect and promote that could lead to the new-current-uuid not being transmitted to the concurrently connecting peer, which might lead to denied connections later on * fix a recently introduced OOPS when adding new volumes to a connected resource ... changelog too long, skipping 131 lines ... - bsc-1206791-09-pmem-use-fs_dax_get_by_bdev-instead-of-dax_get_by_ho.patch ==== drbd-utils ==== Version update (9.19.0 -> 9.25.0) - Update to 9.25.0 (PED-5842) * drbdsetup,v9,show: fix meta disk format for json * drbdmeta: {hex,}dump superblock * drbdmon: major rewrite * build: gcc v12 cleanups * misc: put locks into separate dir * selinux: add fowner fsetsid, they dropped a global noaudit rule * v9: Support user-defined block-size * doc,v9: improvements all over the place * drbdadm,v9: implement drbdadm role <res:peer> * drbdadm,v9: pass --verbose/--statistics to drbdsetup status * drbd{adm,meta}: add repair-md subcommand * drbdadm,v9,resync-after: fix too strict check * drbdadm,v9,floating: fixup fake uname for 9.2.x strict_names=1 * drbdadm,v9,parser: fixup globs, also rm GNU libc specific extensions * drbdadm,v9,parser: allow via outside-address for NATed peers * parser,v9: deprecate named connections * drbd-selinux: add sub package, minor packaging/spec changes * drbdadm: allow files from expanded glob to vanish * drbdadm,v9: fix potential segfault in postparse * drbdadm,v9: fix sh-ip when set on connection/path * drbdmeta: fix apply-al for bitmap sizes > 4GiB * drbd-service-shim.sh: add secondary --force * ocf: fix for dropped --peer option * drbdsetup,v9: show susupend reason in json output * drbdsetup,v9: add secondary --force * drbdsetup,v9: fix *susp_str() for events2 diff mode * drdbdadm,v9: fix sh-resource * drdbdadm,v9: rm --peer=connect_to_host * ocf: deal with situation where PM node name and actual node name do not match * notify.sh: deal with unset DRBD_PEER env variable * crm-fence-peer: fix timeout with Pacemaker 2.0.5 * drbdmeta: don't wait for confirmation if not a TTY * drbdadm,v9: Pass '--force' to certain drbdmeta commands * drbdmeta: do init in chunks; allow different methods * build: various minor fixes (udev detection, POSIX, compiler flags, allow doc building with asciidoctor,...) * drbd.ocf: fix type (relevant for certain pcs versions) * crm-fence-peer: fix timeout with Pacemaker 2.1 * v9,proxy: allow multiple sharing a proxy node * v9,drbdsetup: quote resource name in "show" * build: allow building for RHEL9.0, minor cleanups * reactor/systemd: allow proper actions (e.g., reboot) if demotion fails. - introduce new systemd service: drbd-demote-or-escalate@.service - remove v83 v84 binaries (incompatible with kmp) - drop patches which are already included in latest code: - 0001-crm-fence-peer-fix-timeout-with-Pacemaker-2.1-milli-.patch - 0002-crm-fence-peer-fix-timeout-with-Pacemaker-2.0.5-mill.patch - add upstream patch: + 0001-drbdadm-v9-do-not-segfault-when-re-configuring-proxy.patch + 0002-user-drbrdmon-add-missing-stdint.h-includes.patch + 0003-Introduce-default_types.h-header.patch - change patch name: - 0001-Disable-quorum-in-default-configuration-bsc-1032142.patch + bsc-1032142_Disable-quorum-in-default-configuration.patch - rebase patch: + pie-fix.patch + rpmlint-build-error.patch ==== elfutils-debuginfod ==== Subpackages: debuginfod-client debuginfod-profile libdebuginfod1 - Conditionalize config(debuginfod-profile) Requires tag in the debuginfod-client sub-package, with the help of the %sle_version macro, so only Tumbleweed (currently the only distro supported by debuginfod.opensuse.org) sets it. ==== glib2 ==== Version update (2.76.4 -> 2.76.5) Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 libgthread-2_0-0 - Update to version 2.76.5: + Bugs fixed: - Possible SEGV (null pointer deref) in distribute_method_call(). - Possible SEGV (null pointer deref) in _g_resource_file_new(). - Backport !3529 âgmenuexporter: synchronization in org_gtk_Menus_get_interface.â to glib-2-76. - Backport !3547 âglib/gfileutils.c: use 64 bits for value in get_tmp_file()â to glib-2-76. - Backport !3554 âgresourcefile: Fix crash if called with a badly escaped URIâ to glib-2-76. - Backport !3555 âgkeyfile: Fix overwriting of GErrorâ to glib-2-76. - Backport !3539 âgdbusmessage: Validate required headers have the right typeâ to glib-2-76. ==== gnome-shell ==== Version update (44.3 -> 44.4) Subpackages: gnome-extensions gnome-shell-calendar - Update to version 44.4: + Fix accessibility of quick settings sliders. + Allow notification dismissal with backspace. + Misc. bug fixes and cleanups. + Updated translations. ==== grep ==== - export CONFIG_SHELL=/bin/sh before running configure: results in the shell script (egrep/fgrep) to receive a /bin/sh shebang instead of requiring bash (the local shell used to build). ==== grub2 ==== Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin - grub2-mkconfig-riscv64.patch: Handle riscv64 in mkconfig ==== javapackages-tools ==== Version update (6.1.0 -> 6.2.0) Subpackages: javapackages-filesystem - Upgrade to upstream version 6.2.0 * Ãntegrate our changes from javapackages-6.1.0-maven-depmap.patch - Removed patch: * javapackages-6.1.0-maven-depmap.patch + upstreamed - Added patch: * 0001-Make-the-alias-generation-reproducible.patch + separate patch for our reproducible changes that was not part of the integrated pull request ==== konsole ==== Subpackages: konsole-part konsole-part-lang konsole-zsh-completion - Add upstream crash fix (kde#473043) * 0001-Fix-crashes-in-testTerminalInterface.patch ==== libadwaita ==== Version update (1.3.4 -> 1.3.5) Subpackages: libadwaita-1-0 typelib-1_0-Adw-1 - Update to version 1.3.5: + Set the correct gettext domain on all widgets. + AdwExpanderRow: Accessibility fixes. + AdwStyleManager: Fix over-releasing a string on macOS. + Demo: Correctly dismiss the last toast in the dialogs demo. + Stylesheet: - Fix menubutton.card corners. - Fix button.card focus ring transition. - Avoid background overdraw in GtkColumnView. + Updated translations. ==== libei ==== Version update (1.0.0 -> 1.1.0) - Update to release 1.1 * Correct documentation for ei_touch_(get|set)_user_data - Update to release 1.0.901 (1.1.0~rc1) * ei_device_get_region_at() and its libeis equivalent was added as a helper to obtain a device's region at a given point. * ei_region_get_mapping_id() returns the mapping id previously set by the EIS implementation via eis_region_set_mapping_id(). This mapping id can be used to identify external resources that have a relationship with this region. This is a protocol addition and bumps the ei_device protocol to version 2. ==== libgphoto2 ==== Version update (2.5.30 -> 2.5.31) Subpackages: libgphoto2-6 libgphoto2_port12 - updated to 2.5.31 release ptp2: * do better event queueing during capture (makes capture faster, avoids losing events) * Canon EOS: OLC logic rewritten to be table driven, more debugging of the content, config "testolc" to generate debugoutput. Supports more cameras better. * Canon EOS: various bugfixes * Sony Alpha: Added config options: focusarea, liveviewsettingeffect * Olympus: Enabled OM-1 capture * Battery Level: also support ENUM style battery reporting for Canon * Nikon 1: S1 also does not support everything * Sony Alpha: small changes in config setters * merged some improvements from NorthOfYou fork for Canon EOS, Nikon and Sony * New ids: - Canon EOS 850D, R7, R10, R5 C, R6m2 - Fuji X-H2, X-T5 - GOPRO HERO 11 BLACK, 11 BLACK mini - new ids also imported from libmtp - Nikon Z30, Z8 - OMSYSTEM OM-1 - Pentax KP (PTP mode) - Ricoh GR IIIx - Sigma fp L - Sony A7S III, ILCE-1, ILME-FX3, 7RM5 aka A7-RV, digigr8: * fixed init to not switch to webcam mode pentax: * Added Pentax KP general: * disable log formatting when we are not logging (speeds up large downloads, as we are not hex dumping the whole data and immediately discard the result) * libltdl usage now thread-safe. (some other library pieces are not threadsafe yet) * some time_t 32bit vs 64bit fixes * some cleanups and warning fixes translations: * updated swedish, spanish * added georgian, friulian - libgphoto2-enable-vusb-ptp.patch: upstream ==== libstorage-ng ==== Version update (4.5.136 -> 4.5.139) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#946 - improved json parse functions to handle string and integer - 4.5.139 - merge gh#openSUSE/libstorage-ng#945 - fixed parsing of lsscsi version for older lsscsi versions (bsc#1214814) - 4.5.138 - merge gh#openSUSE/libstorage-ng#944 - add awk to GitHub action for Tumbleweed - 4.5.137 ==== lsb-release ==== - add 797e459ecaa482bf8e7bfe02cf5f1cea367ba9e9.patch to fix bashisms ==== man ==== - Fix the content in patch file man-propose-online.patch ==== mozilla-nss ==== Version update (3.92 -> 3.93) Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs mozilla-nss-tools - Update to NSS 3.93: + bmo#1849471 - Update zlib in NSS to 1.3. + bmo#1848183 - softoken: iterate hashUpdate calls for long inputs. + bmo#1813401 - regenerate NameConstraints test certificates (boo#1214980). - Rebase nss-fips-pct-pubkeys.patch. ==== mozjs102 ==== Version update (102.14.0 -> 102.15.0) - Update to version 102.15.0: + Various security fixes and other quality improvements. + CVE-2023-4573: Memory corruption in IPC CanvasTranslator + CVE-2023-4574: Memory corruption in IPC ColorPickerShownCallback + CVE-2023-4575: Memory corruption in IPC FilePickerShownCallback + CVE-2023-4576: Integer Overflow in RecordedSourceSurfaceCreation + CVE-2023-4581: XLL file extensions were downloadable without warnings + CVE-2023-4584: Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2 ==== multipath-tools ==== Version update (0.9.5+68+suse.d1b6a1c -> 0.9.6+71+suse.f07325e) Subpackages: kpartx libmpath0 - Update to version 0.9.6+71+suse.f07325e: * avoid changing SCSI timeouts in "multipath -d" (bsc#1213809) - Update to version 0.9.6+70+suse.63925e8: Upstream feature additions and bug fixes: * ignore nvme devices by default if nvme native multipath is enabled * add "group_by_tpg" path_grouping_policy * add config options "detect_pgpolicy" and "detect_pgpolicy_use_tpg" * libmultipath: add ALUA tpg path wildcard "%A" * make prioritizer timeouts consistent with checker timeouts * fix dev_loss_tmo even if not set in configuration (bsc#1212440) * libmultipath: fix max_sectors_kb on adding path * fix warnings reported by udevadm verify ==== mutter ==== Version update (44.3 -> 44.4) - Update to version 44.4: + Fix xwayland-allow-byte-swapped-clients setting. + Fix restoring focus when leaving the overview. + Fix touch move operations on subsurfaces. + Fix flickering when DRI driver isn't available. + Fix unexpected cursor changes over non-resizable windows. + Fix restoring maximized state of SSD windows. + Fix window focus unexpectedly moving to secondary monitor when changing workspaces. + Fixed crash. + Misc. bug fixes and cleanups. + Updated translations. ==== nodejs20 ==== Version update (20.5.1 -> 20.6.0) Subpackages: npm20 - Update to 20.6.0: * add support for .env files to configure envrionment variables * import.meta.resolve unflagged * deps: npm updated to 9.8.1 - nodejs.keyring: updated to include current upstream releasers ==== open-isns ==== - Disable SLP by default for Factory and ALP (bsc#1214884) ==== perl-URI ==== Version update (5.19 -> 5.210.0) - updated to 5.21 see /usr/share/doc/packages/perl-URI/Changes 5.21 2023-08-23 16:02:14Z - Fix version declarations in icap.pm and icaps.pm (GH#131) (Olaf Alders) 5.20 2023-08-23 14:13:23Z - Remove Shebang and Taint from all tests. - Fix t/query.t to get rid of a warning about join() on array with undef - Add icap and icaps URIs (GH#130) (david-dick) ==== pigz ==== Version update (2.7 -> 2.8) - version update to 2.8 - Fixed a version bug when compiling with the just-released zlib 1.3 - Will save a modification time only for regular files (just like gzip since 1.10) - Will write all available uncompressed data on an error, for partial data recovery - deleted patches - pigz-2.7-NOTHREAD-tests.patch (upstreamed) ==== python-async_timeout ==== Version update (4.0.2 -> 4.0.3) - update to 4.0.3: * Fixed compatibility with asyncio.timeout() on Python 3.11+. * Added support for Python 3.11. * Dropped support for Python 3.6. ==== python-chardet ==== Version update (5.1.0 -> 5.2.0) - update to 5.2.0: * Adds support for running chardet CLI via `python -m chardet` ==== python-lxml ==== - skip html5lib tests - cyclic dependency with html5lib tests - remove python 2.x from testing ==== python-outcome ==== - drop outdated depndendy on async_generator (see https://github.com/python-trio/outcome/issues/12) ==== python-psycopg2 ==== Version update (2.9.6 -> 2.9.7) - update to 2.9.7: * Fix propagation of exceptions raised during module initialization * Fix building when pg_config returns an empty string ==== python-setuptools ==== Version update (67.8.0 -> 68.1.2) - update to 68.1.2 * Fix editable install finder handling of nested packages, by only handling 1 level of nesting and relying on importlib.machinery to find the remaining modules based on the parent package path. - add sphinx72.patch: address circular imports in sphinx 7.2+ - update to 68.1.0 * Removed code referencing bdist_wininst in install_scripts. * Promote pyproject.tomlâs [tool.setuptools] out of beta. * Automatically add files listed in Extension.depends to sdists, as long as they are contained in the project directory * Require Python 3.8 or later. * Use default encoding to create .pth files with editable_wheel. * Detects (and complain about) scripts and gui-scripts set via setup.py when pyproject.toml does not include them in dynamic. - update to 68.0.0: * Removed verification for existing ``depends.txt`` file * Remove autofixing of broken ``.egg-info`` directories containing the ``-`` character in their base name (without suffix). * Remove deprecated APIs in ``easy_install``: ``get_script_args``, ``get_script_header`` and ``get_writer``. * Removed ``egg_info.get_pkg_info_revision`` (deprecated * Removed ``setuptools.dist._get_unpatched`` (deprecated * Removed support for SVN in ``setuptools.package_index`` (deprecated since 2018). * Removed support for invalid ``pyproject.toml`` files. * Added symlink support to launcher for installed executables -- by :user:`eugene-sevostianov-sc` * Updated vendored ``packaging`` version from 23.0 to 23.1 -- by :user:`MetRonnie` * Implemented workaround for old versions of ``vswhere``, which miss the * ``-requiresAny`` parameter, such as the ones distributed together with Visual Studio 2017 < 15.6. * Changed ``DistutilsMetaFinder`` to skip ``spec_for_pip`` on Python >= 3.12. * Removed ``_distutils_hack.remove_shim`` on Python >= 3.12 (since ``distutils`` was removed from the standard library, ``DistutilsMetaFinder`` cannot be disabled on Python >= 3.12). * #3920: Add a link to deprecation warning in ``pkg_resources`` and improve ``stacklevel`` for better visibility. - drop use-tarfile-extraction_filter.patch (upstream) ==== qpdf ==== Version update (11.5.0 -> 11.6.0) - version update to 11.6.0 - Bug fixes: - Fix corner case in the ASCII85 decoder. - Properly report warnings when ``--pages`` is used and the warnings appear in other than the primary file. - Improve ``--bash-completion`` and ``--zsh-completion`` to better support paths with spaces in them. - Move detection of random number device from compile-time to runtime to improve cross compilation. - Fix bugs around attempting to copy ``/Pages`` objects with ``copyForeignObject`` (which explicitly doesn't allow this). ==== rdma-core ==== Subpackages: libefa1 libibverbs libibverbs1 libmana1 libmlx4-1 libmlx5-1 librdmacm1 rdma-ndd - Add missing-quoting.patch - Use normal GNU tar option syntax - Remove old RPM spec logic (%defattr) ==== shaderc ==== Version update (2023.4 -> 2023.6) - Update to release 2023.6 * Build system updates only ==== suse-module-tools ==== Version update (16.0.34 -> 16.0.35) Subpackages: suse-module-tools-scriptlets - Update to version 16.0.35: * split off regenerate-initrd-posttrans in the kernel-scriptlets package (boo#1213459) * wm2: Update for usrmerge (boo#1214428) ==== unbound ==== Version update (1.17.1 -> 1.18.0) Subpackages: libunbound8 unbound-anchor - Update to 1.18.0: * Features: - Ðdd a metric about the maximum number of collisions in lrushah. - Set max-udp-size default to 1232. This is the same default value as the default value for edns-buffer-size. It restricts client edns buffer size choices, and makes unbound behave similar to other DNS resolvers. - Add harden-unknown-additional option. It removes unknown records from the authority section and additional section. - Added new static zone type block_a to suppress all A queries for specific zones. - [FR] Ability to use Redis unix sockets. - [FR] Ability to set the Redis password. - Features/dropqueuedpackets, with sock-queue-timeout option that drops packets that have been in the socket queue for too long. Added statistics num.queries_timed_out and query.queue_time_us.max that track the socket queue timeouts. - 'eqvinox' Lamparter: NAT64 support. - [FR] Use kernel timestamps for dnstap. - Add cachedb hit stat. Introduces 'num.query.cachedb' as a new statistical counter. - Add SVCB dohpath support. - Add validation EDEs to queries where the CD bit is set. - Add prefetch support for subnet cache entries. - Add EDE (RFC8914) caching. - Add support for EDE caching in cachedb and subnetcache. - Downstream DNS Server Cookies a la RFC7873 and RFC9018. Create server cookies for clients that send client cookies. This needs to be explicitly turned on in the config file with: `answer-cookie: yes`. * Bug Fixes - Response change to NODATA for some ANY queries since 1.12. - Fix not following cleared RD flags potentially enables amplification DDoS attacks. - Set default for harden-unknown-additional to no. So that it does not hamper future protocol developments. - Fix to ignore entirely empty responses, and try at another authority. This turns completely empty responses, a type of noerror/nodata into a servfail, but they do not conform to RFC2308, and the retry can fetch improved content. - Allow TTL refresh of expired error responses. - Fix: Unexpected behavior with client-subnet-always-forward and serve-expired - Fix unbound-dnstap-socket test program to reply the finish frame over a TLS connection correctly. - Fix: reserved identifier violation - Fix: Unencrypted query is sent when forward-tls-upstream: yes is used without tls-cert-bundle - Extra consistency check to make sure that when TLS is requested, either we set up a TLS connection or we return an error. - Fix: NXDOMAIN instead of NOERROR rcode when asked for existing CNAME record. - Fix: Bad interaction with 0 TTL records and serve-expired - Fix RPZ IP responses with trigger rpz-drop on cache entries. - Fix RPZ removal of client-ip, nsip, nsdname triggers from IXFR. - Fix dereference of NULL variable warning in mesh_do_callback. - Fix ip_ratelimit test to work with dig that enables DNS cookies. - Fix for iter_dec_attempts that could cause a hang, part of capsforid and qname minimisation, depending on the settings. - Fix uninitialized memory passed in padding bytes of cmsg to sendmsg. - Fix stat_values test to work with dig that enables DNS cookies. - unbound.service: Main process exited, code=killed, status=11/SEGV. Fixes cachedb configuration handling. - Fix: processQueryResponse() THROWAWAY should be mindful of fail_reply. ==== vsftpd ==== - Use pam macros to install pam config in /usr/lib/pam.d - Adjust vsftpd.pam to include postlogin config (replace wtmp with wtmpdb for Y2038 [jsc#3144]) ==== webkit2gtk3 ==== Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Expand lang sub-package in spec file unconditionally to handle previous name change from WebKit2GTK-lang to WebKitGTK-lang. This change affected the automatic generated Requires tag on WebKit2GTK-%{_apiver}, then getting out of sync of what's being required and what's being provided. Now, any sub-package that was providing WebKit2GTK-%{_apiver} will provide WebKitGTK-%{_apiver} instead (boo#1214835, boo#1214640). ==== webkit2gtk3-soup2 ==== Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles - Expand lang sub-package in spec file unconditionally to handle previous name change from WebKit2GTK-lang to WebKitGTK-lang. This change affected the automatic generated Requires tag on WebKit2GTK-%{_apiver}, then getting out of sync of what's being required and what's being provided. Now, any sub-package that was providing WebKit2GTK-%{_apiver} will provide WebKitGTK-%{_apiver} instead (boo#1214835, boo#1214640). ==== wireless-regdb ==== Version update (20230721 -> 20230901) - Update to version 20230901: * wireless-regdb: update regulatory database based on preceding changes * wireless-regdb: Update regulatory rules for Australia (AU) for June 2023 ==== yast2-trans ==== Version update (84.87.20230818.ea489402e5 -> 84.87.20230901.be24cb382f) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sr yast2-trans-sv yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20230901.be24cb382f: * Translated using Weblate (Slovak) * Translated using Weblate (Dutch) * Translated using Weblate (Japanese) * Translated using Weblate (Czech) * Translated using Weblate (Catalan) * New POT for text domain 'bootloader'. * Translated using Weblate (Kurdish) * Translated using Weblate (Kurdish) ==== zvbi ==== Version update (0.2.41 -> 0.2.42) - version update to 0.2.42 * Fix several compiler warnings. * Apply patch to consider ERASE_PAGE flag with single page transmissions. ==== zypper ==== Version update (1.14.62 -> 1.14.64) Subpackages: zypper-log zypper-needs-restarting - Fix name of the bash completion script (bsc#1215007) In 1.14.63 the location of the bash completion script was changed to /usr/share/bash-completion/completions/. But the patch failed to also rename the completion script. The original script name zypper.sh is not recognized at the new location. - Update notes about failing signature checks (bsc#1214395) It might be a transient issue if the server is in the midst of receiving new data. Retry after a few minutes might work. - Improve the SIGINT handler to be signal safe (bsc#1214292) This patch updates the SIGINT handling strategy to be signal safe. Meaning the signal handler will do not much more than setting a flag, which we are going to check in the normal program flow as much as possible. - version 1.14.64 - Changed location of bash completion script (bsc#1213854). This changes the location of zypper.sh bash completion script from /usr/share/bash-completion/completions/. - version 1.14.63

1 0

New Arm Tumbleweed snapshot 20230904 released!
by Guillaume Gardet 06 Sep '23

06 Sep '23

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: AppStream (0.16.2 -> 0.16.3) Mesa (23.1.5 -> 23.1.6) Mesa-drivers (23.1.5 -> 23.1.6) MozillaFirefox (116.0.3 -> 117.0) SDL2 (2.28.2 -> 2.28.3) abseil-cpp akonadi-calendar (23.04.3 -> 23.08.0) akonadi-calendar-tools (23.04.3 -> 23.08.0) akonadi-contact (23.04.3 -> 23.08.0) akonadi-import-wizard (23.04.3 -> 23.08.0) akonadi-mime (23.04.3 -> 23.08.0) akonadi-notes (23.04.3 -> 23.08.0) akonadi-search (23.04.3 -> 23.08.0) akonadi-server (23.04.3 -> 23.08.0) akregator (23.04.3 -> 23.08.0) analitza (23.04.3 -> 23.08.0) apache2-mod_php8 (8.2.9 -> 8.2.10) ark (23.04.3 -> 23.08.0) augeas (1.13.0 -> 1.14.1) baloo5-widgets (23.04.3 -> 23.08.0) blinken (23.04.3 -> 23.08.0) branding-openSUSE busybox busybox-links calendarsupport (23.04.3 -> 23.08.0) djvulibre dolphin (23.04.3 -> 23.08.0) dos2unix (7.5.0 -> 7.5.1) ell (0.57 -> 0.58) eventviews (23.04.3 -> 23.08.0) ffmpegthumbs (23.04.3 -> 23.08.0) filelight (23.04.3 -> 23.08.0) freerdp (2.10.0 -> 2.11.0) gcc13 git (2.41.0 -> 2.42.0) glibc glslang (12.2.0 -> 12.3.1+sdk261) gmp gnome-maps (44.3 -> 44.4) grantleetheme (23.04.3 -> 23.08.0) grub2 (2.06 -> 2.12~rc1) gsl gtkmm4 gwenview5 (23.04.3 -> 23.08.0) gzip (1.12 -> 1.13) highway (1.0.4 -> 1.0.5) imlib2 incidenceeditor (23.04.3 -> 23.08.0) kaccounts-integration (23.04.3 -> 23.08.0) kaccounts-providers (23.04.3 -> 23.08.0) kaddressbook (23.04.3 -> 23.08.0) kalgebra (23.04.3 -> 23.08.0) kamera (23.04.3 -> 23.08.0) kanagram (23.04.3 -> 23.08.0) kapptemplate (23.04.3 -> 23.08.0) kate (23.04.3 -> 23.08.0) kbd (2.6.1 -> 2.6.2) kbruch (23.04.3 -> 23.08.0) kcachegrind (23.04.3 -> 23.08.0) kcalc (23.04.3 -> 23.08.0) kcalutils (23.04.3 -> 23.08.0) kcharselect (23.04.3 -> 23.08.0) kcolorchooser (23.04.3 -> 23.08.0) kde-print-manager (23.04.3 -> 23.08.0) kdeconnect-kde (23.04.3 -> 23.08.0) kdeedu-data (23.04.3 -> 23.08.0) kdegraphics-thumbnailers (23.04.3 -> 23.08.0) kdenetwork-filesharing (23.04.3 -> 23.08.0) kdepim-addons (23.04.3 -> 23.08.0) kdepim-runtime (23.04.3 -> 23.08.0) kdevelop5 (23.04.3 -> 23.08.0) kdialog (23.04.3 -> 23.08.0) kdump (1.9.5 -> 1.9.6) kernel-firmware (20230814 -> 20230829) kernel-source (6.4.11 -> 6.4.12) kgeography (23.04.3 -> 23.08.0) khangman (23.04.3 -> 23.08.0) khelpcenter5 (23.04.3 -> 23.08.0) kidentitymanagement (23.04.3 -> 23.08.0) kig (23.04.3 -> 23.08.0) kimageformats kimap (23.04.3 -> 23.08.0) kio-extras5 (23.04.3 -> 23.08.0) kio_audiocd (23.04.3 -> 23.08.0) kipi-plugins (23.04.3 -> 23.08.0) kiten (23.04.3 -> 23.08.0) kitinerary (23.04.3 -> 23.08.0) kldap (23.04.3 -> 23.08.0) kleopatra (23.04.3 -> 23.08.0) kmag (23.04.3 -> 23.08.0) kmahjongg (23.04.3 -> 23.08.0) kmail (23.04.3 -> 23.08.0) kmail-account-wizard (23.04.3 -> 23.08.0) kmailtransport (23.04.3 -> 23.08.0) kmbox (23.04.3 -> 23.08.0) kmime (23.04.3 -> 23.08.0) kmines (23.04.3 -> 23.08.0) kmousetool (23.04.3 -> 23.08.0) kmplot (23.04.3 -> 23.08.0) knotes (23.04.3 -> 23.08.0) kompare (23.04.3 -> 23.08.0) konsole (23.04.3 -> 23.08.0) kontact (23.04.3 -> 23.08.0) kontactinterface (23.04.3 -> 23.08.0) konversation (23.04.3 -> 23.08.0) korganizer (23.04.3 -> 23.08.0) kpat (23.04.3 -> 23.08.0) kpimtextedit (23.04.3 -> 23.08.0) kpkpass (23.04.3 -> 23.08.0) kqtquickcharts (23.04.3 -> 23.08.0) kreversi (23.04.3 -> 23.08.0) ksanecore (23.04.3 -> 23.08.0) ksmtp (23.04.3 -> 23.08.0) ksudoku (23.04.3 -> 23.08.0) ktextaddons (1.1.0 -> 1.4.1) ktnef (23.04.3 -> 23.08.0) ktouch (23.04.3 -> 23.08.0) kwalletmanager5 (23.04.3 -> 23.08.0) kwordquiz (23.04.3 -> 23.08.0) lib2geom libbytesize (2.8 -> 2.9) libdrm (2.4.115 -> 2.4.116) libgravatar (23.04.3 -> 23.08.0) libinput (1.23.0 -> 1.24.0) libisoburn (1.5.4 -> 1.5.6) libkcddb (23.04.3 -> 23.08.0) libkcompactdisc (23.04.3 -> 23.08.0) libkdcraw (23.04.3 -> 23.08.0) libkdegames (23.04.3 -> 23.08.0) libkdepim (23.04.3 -> 23.08.0) libkeduvocdocument (23.04.3 -> 23.08.0) libkexiv2 (23.04.3 -> 23.08.0) libkgapi (23.04.3 -> 23.08.0) libkipi (23.04.3 -> 23.08.0) libkleo (23.04.3 -> 23.08.0) libkmahjongg (23.04.3 -> 23.08.0) libkomparediff2 (23.04.3 -> 23.08.0) libksane (23.04.3 -> 23.08.0) libksieve (23.04.3 -> 23.08.0) libnl3 (3.7.0 -> 3.8.0) libostree (2023.2 -> 2023.6) libqt5-qtwebengine (5.15.14 -> 5.15.15) libreoffice (7.6.0.3 -> 7.6.1.1) libunistring libunwind (1.7.0 -> 1.7.2) libvirt libwpe (1.14.0 -> 1.14.1) libxcb (1.15 -> 1.16) libxml2 libxml2-python libzip (1.10.0 -> 1.10.1) libzypp (17.31.19 -> 17.31.20) lokalize (23.04.3 -> 23.08.0) mailcommon (23.04.3 -> 23.08.0) mailimporter (23.04.3 -> 23.08.0) mbox-importer (23.04.3 -> 23.08.0) messagelib (23.04.3 -> 23.08.0) mobipocket (23.04.3 -> 23.08.0) mozilla-nss (3.91 -> 3.92) mpfr (4.2.0 -> 4.2.1) mutter ncurses (6.4.20230812 -> 6.4.20230819) nodejs20 okular (23.04.3 -> 23.08.0) open-vm-tools openexr (3.1.9 -> 3.1.11) pam pam-full-src parley (23.04.3 -> 23.08.0) php8 (8.2.9 -> 8.2.10) pim-data-exporter (23.04.3 -> 23.08.0) pim-sieve-editor (23.04.3 -> 23.08.0) pipewire (0.3.77 -> 0.3.79) polkit-default-privs (1550+20230606.5001571 -> 1550+20230829.1a9a761) postfix publicsuffix (20230717 -> 20230826) python-dnspython (2.3.0 -> 2.4.2) python-pip (23.1.2 -> 23.2.1) python-rich (13.4.2 -> 13.5.2) qalculate (4.7.0 -> 4.8.0) salt samba (4.18.5+git.313.c8e274c7852 -> 4.18.6+git.320.cfda27bacb) signon-kwallet-extension (23.04.3 -> 23.08.0) skanlite (23.04.3 -> 23.08.0) spectacle (23.04.3 -> 23.08.0) step (23.04.3 -> 23.08.0) suse-module-tools (16.0.33 -> 16.0.34) umbrello (23.04.3 -> 23.08.0) unbound virtiofsd (1.6.1 -> 1.7.2) vulkan-loader (1.3.250.0 -> 1.3.261.0) vulkan-tools (1.3.250.0 -> 1.3.261.0) xdg-utils (1.1.3+20210805 -> 1.1.3+20230830) xf86-input-libinput (1.3.0 -> 1.4.0) xwayland (23.1.2 -> 23.2.0) === Details === ==== AppStream ==== Version update (0.16.2 -> 0.16.3) Subpackages: libAppStreamQt2 libappstream4 - Update to 0.16.3: Features: * compose: Allow creating metadata with complete URLs and no base URL Bugfixes: * Fix tweaking of appstream.pc when building as subproject * Do not override default-priority when parsing multiple metadata files * Ensure stemmer always has the right locale and token-search works * Require a more recent libxmlb to avoid crashes Miscellaneous: * Work around invalid null-dereference warning in GCC 13 - Drop patch, merged upstream: * 0001-Do-not-override-default-priority-when-parsing-multip.patch ==== Mesa ==== Version update (23.1.5 -> 23.1.6) Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libOSMesa8 libgbm1 - Update to bugfix release 23.1.6: - -> https://docs.mesa3d.org/relnotes/23.1.6.html ==== Mesa-drivers ==== Version update (23.1.5 -> 23.1.6) Subpackages: Mesa-dri Mesa-gallium Mesa-libva - Update to bugfix release 23.1.6: - -> https://docs.mesa3d.org/relnotes/23.1.6.html ==== MozillaFirefox ==== Version update (116.0.3 -> 117.0) - Mozilla Firefox 117.0 https://www.mozilla.org/en-US/firefox/117.0/releasenotes MFSA 2023-34 (bsc#1214606) * CVE-2023-4573 (bmo#1846687) Memory corruption in IPC CanvasTranslator * CVE-2023-4574 (bmo#1846688) Memory corruption in IPC ColorPickerShownCallback * CVE-2023-4575 (bmo#1846689) Memory corruption in IPC FilePickerShownCallback * CVE-2023-4576 (bmo#1846694) Integer Overflow in RecordedSourceSurfaceCreation * CVE-2023-4577 (bmo#1847397) Memory corruption in JIT UpdateRegExpStatics * CVE-2023-4578 (bmo#1839007) Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception * CVE-2023-4579 (bmo#1842766) Persisted search terms were formatted as URLs * CVE-2023-4580 (bmo#1843046) Push notifications saved to disk unencrypted * CVE-2023-4581 (bmo#1843758) XLL file extensions were downloadable without warnings * CVE-2023-4582 (bmo#1773874) Buffer Overflow in WebGL glGetProgramiv * CVE-2023-4583 (bmo#1842030) Browsing Context potentially not cleared when closing Private Window * CVE-2023-4584 (bmo#1843968, bmo#1845205, bmo#1846080, bmo#1846526, bmo#1847529) Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2 * CVE-2023-4585 (bmo#1751583, bmo#1841082, bmo#1847904, bmo#1848999) Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2 - requires NSS = 3.92 rustc = 1.71 ==== SDL2 ==== Version update (2.28.2 -> 2.28.3) - Update to release 2.28.3 * Added a gamepad mapping for the G-Shark GS-GP702 * Fixed touchpad events for the Razer Wolverine V2 Pro in PS5 mode ==== abseil-cpp ==== - Fix build on older systems by requiring C++17 compliant compiler - Added patch: * cmake.patch + lower the cmake requirement to 3.5 in order to be able to build on SLE12SP5 ==== akonadi-calendar ==== Version update (23.04.3 -> 23.08.0) Subpackages: akonadi-plugin-calendar kalendarac libKPim5AkonadiCalendar5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - Changes since 23.07.80: * Fix linking with self-built gpgmepp * Explicitly search for KPim{5,6}Libkleo - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Make sure to extract only email * Fix generate emails (don't create "foo" <foo <foo(a)kde.org> >) * Avoid too big dialogbox * Generate properties for CalendarSettings * Add Akonadi::CalendarUtils::displayName overload that takes ETM instead of ETMCalendar * Don't link twice against KF::Codecs * Add messagelib dependency * Sign/encrypt iTIP emails (kde#297956) * make free/busy invokable from QML * Fix platforms name * Remove the never set "MailTransport" setting * Remove CI 6 job. We will use kf6 branch for kf6 works * Simplify default mail transport code * Don't needlessly link against KIOWidgets * Add akonadi-mime dependency explicitly * Adapt to KMailTransportAkonadi being integrated into AkonadiMime * Expose missing kidentitymanagement * Add TodoModel (coming from eventviews) * Bump library version * Move SearchCollectionHelper to akonadi-calendar * Move CalendarSupport::createMimeData here * not export symbol of private methods * Add QCH support * Add missing lib * Use correct INSTALL_TARGETS_DEFAULT_ARGS ==== akonadi-calendar-tools ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Remove unused libkdepim dependency * Remove the HTML export feature ==== akonadi-contact ==== Version update (23.04.3 -> 23.08.0) Subpackages: akonadi-plugin-contacts libKPim5AkonadiContact5 libKPim5ContactEditor5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - Changes since 23.07.80: * Use CTRL+E for editing contact - Update to 23.07.80 * New feature release - Too many changes since 23.04.3, only listing bugfixes: * Fix creating new contact with familiy and sur-name (kde#451237) ==== akonadi-import-wizard ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKPim5ImportWizard5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * not export symbol of private methods * Fix install headers * Remove duplicate alias ==== akonadi-mime ==== Version update (23.04.3 -> 23.08.0) Subpackages: akonadi-plugin-mime libKPim5AkonadiMime5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * increase version * Second step: move/adapt class from kmailtransportakonadi * not export symbol of private methods * Fix generate qch * Use correct INSTALL_TARGETS_DEFAULT_ARGS ==== akonadi-notes ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add missing Q_REQUIRED_RESULT * Use correct INSTALL_TARGETS_DEFAULT_ARGS ==== akonadi-search ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKPim5AkonadiSearch5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Disable broken test * Enable testing again * Parse html with rust * Remove CI 6 job. We will use kf6 branch for kf6 works * Add specific debug category for email * Add basic test for calendar indexer * Use smart pointers in Index * Add debug output for calendar indexer * Modernize codebase of CalendarIndexer * not export symbol of private methods * Exclude more duplicate contact * Avoid to show duplicate mails * [runner] Filter out email matches where writing doesn't make sense * Port to new api * Use correct INSTALL_TARGETS_DEFAULT_ARGS ==== akonadi-server ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKPim5AkonadiAgentBase5 libKPim5AkonadiCore5 libKPim5AkonadiPrivate5 libKPim5AkonadiWidgets5 libKPim5AkonadiXml5 - Fix Provides/Obsoletes: the removed package was named akonadi-server-sqlite, not akonadi-sqlite - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - Changes since 23.07.80: * Debugging helper: indicate resource name in "Unknown resource" error msg - Update to 23.07.80 * New feature release - Too many changes since 23.04.3, only listing bugfixes: * Check for config file in the location of CONFIG_INSTALL_DIR (kde#418265) * Fix wrong for clause in Akonadi::Session (kde#468343) ==== akregator ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Remove CI 6 job. We will use kf6 branch for kf6 works * Port to Qt6 * Adapt to new api * Comment print code Qt6 for the moment * Adapt to new api * Add separator * Show header in qtc6 ==== analitza ==== Version update (23.04.3 -> 23.08.0) Subpackages: libAnalitza8 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - No code change since 23.04.3 ==== apache2-mod_php8 ==== Version update (8.2.9 -> 8.2.10) - version update to 8.2.10 * This is a bug fix release. * https://www.php.net/ChangeLog-8.php#8.2.10 ==== ark ==== Version update (23.04.3 -> 23.08.0) Subpackages: libkerfuffle23 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Make sure welcomeview messages are extracted (kde#472341) * Port QString::count() which is deprecated in qt6 * Disable doc build for Qt6 for now * Adjust CI to KF6 * Adapt part metadata handling to KF6 * Adapt part factory to KF6 * Remove unused include * Convert desktop file metadata to JSON for KF6 * Allow building against KF6 libs * doc: usa a non-deprecated entity in the man page * loadtest: add test for a simple static library * loadtest: test number of entries * lastPathSegment: don't strip slash if it is the only character in the path (kde#469795) * Update homepage URL to https://apps.kde.org/ark (kde#469583) * Port sidebar to QDockWidget * Small code improvements * Fix leaking actions * Call showWelcomeScreen() only when needed * Bump KF_MIN_VERSION to 5.101 * New welcome screen UI ==== augeas ==== Version update (1.13.0 -> 1.14.1) Subpackages: augeas-lenses libaugeas0 libfa1 - Update to 1.14.1 * General changes/additions - internal.c: update #if to only use GNU-specific strerror_r() when GLIBC is defined (#791) Dimitry Andric - augeas.c: Fix bug from PR#691 where the nodes of a newly created file are lost upon a subsequent load operation (#810) George Hansper - HACKING.md: describe testing (#796) Laszlo Ersek - Add GitHub Actions (#714) RaphaÃ«l Pinson - augprint.c: remove #include <malloc.h> , add #include <libgen.h> (#792) Ruoyu Zhong * Lens changes/additions - TOML: support trailing commas in arrays (#809) Bao - Tmpfiles: allow '=', '~', '^' for letter types, allow ":" as prefix for the mode (#805) Pino Toscano - Sshd: Add keyword PubkeyAcceptedAlgorithms as comma-separated list of items (#806) Dave Re - Cmdline: Allow whitespace at the end of kernel commnd line (#798) rwmjones - Update to 1.14.0 * General changes/additions - Update submodule gnulib to 2f7479a16a3395f1429c7795f10c5d19b9b4453e (#781) - Add bash-completion for augtool, augmatch, augprint (#783) George Hansper - Fix: Allow values to contain arbitrary unbalanced square brackets (#782) George Hansper - Add package bash to build stage in Dockerfile (#776) George Hansper - Add augprint tool for creating idempotent augtool scripts (#752) George Hansper - Replace deprecated 'security_context_t' with 'char *' (#747) Leo-Schmit - src/syntax.c: Fix whitespace which confuses static checkers (#725) rwmjones - README.md: Add oss-fuzz status badge (#702) Sergey Nizovtsev - Package augmatch, too (#688) oleksandriegorov - Add Github workflow to create releases with complete source tarballs (#744) Hilko Bengen * Lens changes/additions - Resolv: add option trust-ad (#784) George Hansper - Sos: new lens for /etc/sos/sos.conf (based on IniFile) (#779) George Hansper - Pg_Hba: unquoted auth-method may contain hyphens (#777) George Hansper - Sysctl: Allow keys to contain * and : and / characters (#755) M Filka - Semanage: Fix parsing of ignoredirs (#758) Richard W M Jones - Systemd: allow empty quoted environment variable values (#757) Michal Vasko - Systemd: allow values starting with whitespaces for Exec* and Environment service entries. (#757) Michal Vasko - Toml: workaround to allow writing toml files (#742) Richard - Kdump: parse "auto_reset_crashkernel" (#754) Laszlo Ersek - Keepalived: add parameters notify_stop and notify_deleted (#749) Adam Bambuch - Chrony: add new directives and options (#745) Miroslav Lichvar - Redis: Allow redis lens to set 'SAVE ""' as a valid option (#738) Mitch Hagstrand - ClamAV: update ClamAV lens to autoload /etc/clamav/*.conf (#748) Guillaume Ross - AuthselectPam: new lens for /etc/authselect/custom/*/*-auth and /etc/authselect/custom/*/postlogin (#743) Heston Snodgrass - Sshd: Parse GSSAPIKexAlgorithms PubkeyAcceptedKeyTypes CASignatureAlgorithms as comma-seperated lists instead of simple strings (#721) Edward Garbade - Yum: Add additional unit tests (#677) Pat Riehecky - Cockpit: new lens for /etc/cockpit/cockpit.conf (#675) Pat Riehecky * Rebased patch gcc9-disable-broken-test.patch * Deleted patches: - sysctl_parsing.patch - augeas-1.13.0-replace_security_context_t-patch ==== baloo5-widgets ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Too many changes since 23.04.3, only listing bugfixes: * Fix displaying image dimensions with exiv2 0.28 (kde#470859) * Allow FileMetata properties on desktop and recentlyused (kde#460117) ==== blinken ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Add Flatpak CI/CD Integration ==== branding-openSUSE ==== Subpackages: grub2-branding-openSUSE libreoffice-branding-openSUSE plymouth-branding-openSUSE wallpaper-branding-openSUSE yast2-qt-branding-openSUSE - Remove grub2 BuildRequires in grub2-branding (bsc#1214769) ==== busybox ==== Subpackages: busybox-static - Add ash-fix-segfault-d417193cf.patch: fix stack overflow vulnerability in ash (CVE-2022-48174, bsc#1214538) ==== busybox-links ==== Subpackages: busybox-bzip2 busybox-coreutils busybox-ed busybox-findutils busybox-gawk busybox-grep busybox-gzip busybox-misc busybox-psmisc busybox-sed busybox-sendmail busybox-tar busybox-which busybox-xz - Don't build the Dockerfile in OBS, it's for development only ==== calendarsupport ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKPim5CalendarSupport5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Make calendar priting work with any KCalendarCore::Calendar * Remove unused KIMAP dependency * Remove CI 6 job. We will use kf6 branch for kf6 works * Add KConfig to the public link interface * Remove CalendarSupport::createMimeData * not export symbol of private methods * Remove unused alias now * Use correct INSTALL_TARGETS_DEFAULT_ARGS ==== djvulibre ==== - security update - added patches fix CVE-2021-46310 [bsc#1214670], divide by zero in IW44Image.cpp + djvulibre-CVE-2021-46310.patch fix CVE-2021-46312 [bsc#1214672], divide by zero in IW44EncodeCodec.cpp + djvulibre-CVE-2021-46312.patch ==== dolphin ==== Version update (23.04.3 -> 23.08.0) Subpackages: dolphin-part dolphin-zsh-completion libdolphinvcs5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - Changes since 23.07.90: * Don't compute size for non-local urls (kde#472912) - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Use ellipsis everywhere instead of three dots * Move focus from hiding selection mode bars to view (kde#469621) * Fix Refresh tooltip text and add Refresh whatsThis text (kde#469263) * Hide application/x-trash files following showHidenFiles * Tabbar: duplicate tab when double clicking on it (kde#470388) * Settings Add ViewModes > Content display * Expand or collapse all selected folders on Key Right/Left * KDirectoryContentsCounter: show intermediate dir size counting results, improve stopping, improve data caching * Add a TODO KF6 to solve bug 464722 * Fix build without KF5Activities * Disable Qt6 CIÂ build in master, use kf6 branch for Qt6 * Fix test regression in DolphinMainWindowTest::testGoActions * Revert "Adapt autotest to new expected "Space" key behaviour" * Fix activating the Selection Mode with a keyboard shortcut (kde#465489) * Add DolphinTabPage::inactiveViewContainer() * Improve copying and moving items between panels * FilterBar: improve keyboard behavior and tab ordering * TerminalPanel: better check if terminal needs to change its currentWorkingDirectory when unmounting * DolphinView: allow selectUrls to be considered for selection in more cases (kde#407161) * Reuse existing proxy style (kde#468548) * Make "don't run me with sudo/kdesu" message informative * Add test for openFiles() * Context menu: allow to show copy to/move to inactive split view (kde#356436) * panels/information: Add option to not show information for hovered item (kde#364956) * Prevent dragging on non-writable directories ==== dos2unix ==== Version update (7.5.0 -> 7.5.1) - update to 7.5.1: * Fix problem of converting a symbolic link target that is on another file system * Updated Chinese and Serbian translations ==== ell ==== Version update (0.57 -> 0.58) - Update to version 0.58 * Add support for handling sysctl settings. ==== eventviews ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKPim5EventViews5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - Changes since 23.07.80: * Fix korganizer crashes when graphically moving or resizing a copied recurring event (kde#472789) - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Avoid crashes if findCalendar or calendar2 return empty (kde#470584) * Invalidate model to apply sortCompletedTodosSeparately pref (kde#458254) * Remove TodoModel from eventviews * Switch to the TodoModel copy coming from akonadi-calendar * Remove CI 6 job. We will use kf6 branch for kf6 works * Explicitly link against KConfig * Remove the background coloring from TodoModel * Add a ColorTodoProxyModel providing the colored background feature * Adapt to CalendarSupport::createMimeData having moved to akoandi-calendar * Remove tooltips on TodoModel * not export symbol of private methods * Allow to build test + fix generated QCH target * Use correct INSTALL_TARGETS_DEFAULT_ARGS * Const'ify pointer ==== ffmpegthumbs ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release ==== filelight ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - Changes since 23.07.80: * windows: get the compressed size for compressed and sparse files (kde#473024) * posix: undo apfs hack - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Now we can build doc/po files * QQC2DesktopStyle is build in kf6 too * De-conditionalize icon naming * Don't iterate over element that are immedialtely removed * Remove unused includes * Make source file non-executable * Fix ignore path support. Fix crash when we load root path * Remove extra ; * Add menu separator before delete action * Allow to build against kf6/kf5 * Fix Context Menu Items * Add 23.04.0 Windows artifact * make qml cache disabling conditional on statvfs * disable qml disk cache (kde#466415) * use the default loading text for polish (kde#468395) * Set a sane default window size (kde#468118) * Explicitly look for KF{5,6}CoreAddons * Drop no longer used QtSvg dependency ==== freerdp ==== Version update (2.10.0 -> 2.11.0) Subpackages: libfreerdp2-2 libwinpr2-2 - Update to 2.11.0 * Various input validation fixes * Added various CMake options #9317 * LibreSSL build fixes #8709 * Big endian support * Mouse grabbing support * wayland scrolling fix * Update h264 to use new FFMPEG API * early bail from update_read_window_state_order breaks protocol * rdpecam/server: Remove wrong assertion * bounds checks for gdi/gfx rectangles * enforce rdpdr client side state checks * deactivate mouse grabbing by default * channels/cliprdr: Fix writing incorrect PDU type for unlock PDUs - Drop patch, now upstream: * Update_h264_to_use_new_FFMPEG_API.patch ==== gcc13 ==== Subpackages: cpp13 libasan8 libatomic1 libgcc_s1 libgccjit0 libgfortran5 libgomp1 libhwasan0 libitm1 liblsan0 libobjc4 libstdc++6 libstdc++6-devel-gcc13 libstdc++6-locale libstdc++6-pp libtsan2 libubsan1 - Disable building glibc cross compilers on SLE based code streams, the required cross-glibc packages are not available there. - Disable building avr cross on non-openSUSE code streams since avr-libc isn't available there. - Disable building newlib cross compilers on non-openSUSE code streams since newlib isn't available there. - Fix typo preventing s390x compiler build. - Raise s390x architecture baseline to z14 for ALP. [PED-253] - Turn cross compiler to ppc64le to a glibc cross. - Turn cross compiler to s390x to a glibc cross. [bsc#1214460] - Raise Power architecture baseline to Power9 only for ALP (boo#1213915). ==== git ==== Version update (2.41.0 -> 2.42.0) Subpackages: git-core git-email git-gui git-svn git-web gitk perl-Git - git 2.42.0: * "git pack-refs" learns "--include" and "--exclude" to tweak the ref hierarchy to be packed using pattern matching. * 'git worktree add' learned how to create a worktree based on an orphaned branch with `--orphan`. * "git pack-objects" learned to invoke a new hook program that enumerates extra objects to be used as anchoring points to keep otherwise unreachable objects in cruft packs. * Add more "git var" for toolsmiths to learn various locations Git is configured with either via the configuration or hard-coded defaults. * 'git notes append' was taught '--separator' to specify string to insert between paragraphs. * The "git for-each-ref" family of commands learned placeholders related to GPG signature verification. * "git diff --no-index" learned to read from named pipes as if they were regular files, to allow "git diff <(process) <(substitution)" some shells support. * Help newbies by suggesting that there are cases where force-pushing is a valid and sensible thing to update a branch at a remote repository, rather than reconciling with merge/rebase. * "git blame --contents=file" has been taught to work in a bare repository. * "git branch -f X" to repoint the branch X said that X was "checked out" in another worktree, even when branch X was not and instead being bisected or rebased. The message was reworded to say the branch was "in use". * Tone down the warning on SHA-256 repositories being an experimental curiosity. We do not have support for them to interoperate with traditional SHA-1 repositories, but at this point, we do not plan to make breaking changes to SHA-256 repositories and there is no longer need for such a strongly phrased warning. * "git diff-tree" has been taught to take advantage of the sparse-index feature. * The object traversal using reachability bitmap done by "pack-object" has been tweaked to take advantage of the fact that using "boundary" commits as representative of all the uninteresting ones can save quite a lot of object enumeration. * "git worktree" learned to work better with sparse index feature. * When the external merge driver is killed by a signal, its output should not be trusted as a resolution with conflicts that is proposed by the driver, but the code did. * The set-up code for the get_revision() API now allows feeding options like --all and --not in the --stdin mode. * Move functions that are not about pure string manipulation out of strbuf.[ch] * "imap-send" codepaths got cleaned up to get rid of unused parameters. * Enumerating refs in the packed-refs file, while excluding refs that match certain patterns, has been optimized. * Mark-up unused parameters in the code so that we can eventually enable -Wunused-parameter by default. * Instead of inventing a custom counter variables for debugging, use existing trace2 facility in the fsync customization codepath. * "git branch --list --format=<format>" and friends are taught a new "%(describe)" placeholder. * Clarify how to choose the starting point for a new topic in developer guidance document. * The implementation of "get_sha1_hex()" that reads a hexadecimal string that spells a full object name has been extended to cope with any hash function used in the repository, but the "sha1" in its name survived. Rename it to get_hash_hex(), a name that is more consistent within its friends like get_hash_hex_algop(). * Command line parser fix, and a small parse-options API update. * bug fixes ==== glibc ==== Subpackages: glibc-devel glibc-extra glibc-locale glibc-locale-base nscd - Add cross-ppc64le package - posix-memalign-fragmentation.patch: malloc: Enable merging of remainders in memalign, remove bin scanning from memalign (BZ #30723) - Limit build counter sync to i686 flavor, to reduce needs for rebuilds - Add cross-s390x package (bsc#1214460) - Require that elf/check-localplt does not fail - glibc-2.3.90-langpackdir.diff: add hidden alias for __strcpy_chk - cache-amd-legacy.patch: x86: Fix for cache computation on AMD legacy cpus - cache-intel-shared.patch: x86: Fix incorrect scope of setting `shared_per_thread` (BZ# 30745) ==== glslang ==== Version update (12.2.0 -> 12.3.1+sdk261) - Update to release 12.3.1+SDK-1.3.261.0 * Add support for pre and post HLSL qualifier validation * HLSL: support binary literals * Implement support for GL_KHR_cooperative_matrix extension * Remove OSDependent TLS functions - Add 0001-Revert-CMake-Make-glslang-default-resource-limits-ST.patch ==== gmp ==== - Add gmp-6.3.0-s390x-fix.patch to fix s390x optimized code on z13. ==== gnome-maps ==== Version update (44.3 -> 44.4) - Update to version 44.4: + Fix for potential security issue. + Restrict GraphHopper geocoder to supported languages. ==== grantleetheme ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Remove CI 6 job. We will use kf6 branch for kf6 works * not export symbol of private methods * Fix show text in qt6 * Add QCh support * Remove unused variable * Remove unused alias now * Remove compat support as all was ported * Use correct INSTALL_TARGETS_DEFAULT_ARGS ==== grub2 ==== Version update (2.06 -> 2.12~rc1) Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin - Implement NV index mode for TPM 2.0 key protector 0001-protectors-Implement-NV-index.patch - Fall back to passphrase mode when the key protector fails to unlock the disk 0002-cryptodisk-Fallback-to-passphrase.patch - Wipe out the cached key cleanly 0003-cryptodisk-wipe-out-the-cached-keys-from-protectors.patch - Make diskfiler to look up cryptodisk devices first 0004-diskfilter-look-up-cryptodisk-devices-first.patch ==== gsl ==== Subpackages: libgsl27 libgslcblas0 - 989a193268b963aa1047814f7f1402084fb7d859.patch: fix stack out of bounds read in gsl_stats_quantile_from_sorted_data() (bsc#1214681, CVE-2020-353570) ==== gtkmm4 ==== - Add explicit pkgconfig(epoxy) BuildRequires, previously pulled in by gtk4. ==== gwenview5 ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - Changes since 23.07.80: * Make image switching seamless when animations are disabled (kde#472351) * Delay showing loading indicator - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add new format commit to ignore list * Run clang-format * Don't ignore the second of two fast middle-clicks to toggle zoom * Fix KActivities and Purpose detection in KF6 * Pass exivData as argument to avoid crash in exiv2 library (kde#470880) * Use non-deprecated Phonon includes * Fix color management settings (kde#468706) * Adapt to KIconThemes changes * Fix build with exiv2 >= 0.28 * Fix running wrong application in 'Open with...' menu (kde#469824) * Add an action to open in a new window (kde#469179) * Add wayland to third-party deps * ZoomComboBox: improve autocomplete * Update AppData file's features list to reflect recent changes * ZoomComboBox: use fuzzy comparing for qreal * Remove "Delete" and "Create Folder" actions from sidebar (kde#458987) * Don't set the default icon size for KFilePlacesView in *.ui file (kde#468755) * ZoomSlider: directly zoom instead of page step on left click * Improve ZoomComboBox * Don't show Gwenview in its own "Open With" menu (kde#462088) * Inhibit screen locking and sleep only when the app is in the foreground (kde#386517) * Adapt to KF6 KParts change * Save a shallow copy of the original image when rotating (kde#439697) * flatpak: Use v5.104.0 tag for baloo frameworks * flatpak: Fix whitespace * Make it build against KF6 * Don't strip away scheme for non-local URLs in window title ==== gzip ==== Version update (1.12 -> 1.13) - Update to 1.13: * zless now diagnoses gzip failures, if using less 623 or later. * When SIGPIPE is ignored, gzip now exits with status 2 (warning) instead of status 1 (error) when writing to a broken pipe. This is more useful with programs like 'less' that treat gzip exit status 2 as a non-failure. * 'gzip -d' no longer fails to report invalid compressed data that uses a dictionary distance outside the input window. [bug present since the beginning] * Port to C23, which does not allow K&R-style function definitions with parameters, and which does not define __alignas_is_defined. - Refreshed manpage-no-date.patch - export CONFIG_SHELL=/bin/sh before running configure: results in the shell script (zcat/zgrep/â¦) to receive a /bin/sh shebang instead of requiring bash (the local shell used to build). - Use for i in $(seq 1 9) instead of bashism for in in {1..9}, and drop buildshell definition to require bash. ==== highway ==== Version update (1.0.4 -> 1.0.5) - Update to release 1.0.5 * Add Insert/ExtractBlock, BroadcastBlock/Lane, NumBlocks * Add integer Le/Ge and [Neg]MulAdd, extend DemoteTo/PromoteTo * Add Leading/TrailingZeroCount, HighestSetBitIndex, ReverseBits * Add MaskedLoadOr, tuple Get/Set/Create, ReduceSum, WidenMulPairwiseAdd * Add [ZeroExtend]ResizeBitCast, BitwiseIfThenElse, Find[Known]LastTrue * Add AESRoundInv, AESKeyGenAssist * Add contrib/math Atan2/SinCos, contrib/unroller * Add fp16/bf16 support (Armv8, SVE, RVV), HWY_DYNAMIC_POINTER * Add OrderedTruncate2To, Per4LaneBlockShuffle, TwoTablesLookupLanes * Add SlideUp/Down[Blocks/Lanes], Slide1Up/Down, ReverseLaneBytes * Add SetBeforeFirst, SetAtOrBefore/AfterFirst, SetOnlyFirst * Add 8-bit Reverse2/4/8, Shl/Shr, RotateRight, Reverse, Mul * Add 8/16-bit DupEven/Odd, TableLookupLanes * Add F64 ApproximateReciprocal[Sqrt], 32/64-bit SaturatedAdd/Sub ==== imlib2 ==== Subpackages: imlib2-loaders libImlib2-1 - Disable MMX code, it's broken in 1.12.0 (boo#1214528) ==== incidenceeditor ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKPim5IncidenceEditor5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - Changes since 23.07.80: * Fix show attentee emails - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Fix platforms info * Remove CI 6 job. We will use kf6 branch for kf6 works * Remove MailTransportAkonadi * Adapt to KMailTransportAkonadi being moved into AkonadiMime * Move KPim/KF deps where they belong and sort * not export symbol of private methods * Allow to generate qch target * Use correct INSTALL_TARGETS_DEFAULT_ARGS ==== kaccounts-integration ==== Version update (23.04.3 -> 23.08.0) Subpackages: libkaccounts2 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Remove unused QVariantList argument from KQuckConfigModule constructor * Use icon.name. Allow to show module in qt6 * install kded in kf<version> * Allow building against KF6 * Require libaccounts-qt 1.16 * Add libaccounts-qt and signond to third-party deps * cmake: Add external deps as system includes ==== kaccounts-providers ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - No code change since 23.04.3 ==== kaddressbook ==== Version update (23.04.3 -> 23.08.0) Subpackages: kaddressbook-doc libKPim5AddressbookImportExport5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Port away from ContactDefaultActions * Remove broken download theme button * Fix checking if item is valid (kde#468185) * Use geo: URIs now that we depend on KContacts 5.105 * Drop unused KPimTextEdit dependency * Remove CI 6 job. We will use kf6 branch for kf6 works * Adapt to new akonadi-contact/akonadi-contact-editor api * Use tel:/sms: standard URIs, prepare for using geo: URIs as well * not export symbol of private methods * Adjust to KPart changes in KF6 * Fix install headers * Adapt to new api * Use correct INSTALL_TARGETS_DEFAULT_ARGS ==== kalgebra ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Properly install applet * Search XmlGui. kf6 fix * Add Flatpak CI/CD Integration ==== kamera ==== Version update (23.04.3 -> 23.08.0) Subpackages: kamera-lang kio_kamera - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add git blame ignore file * Fix previous commit * Don't crash when stating unexpected URL * Introduce RAII wrapper for gphoto list * Drop support for gphoto < 2.5 * Add and make use of ECM clang-format integration * Add explicit moc includes to sources for moc-covered headers * Remove unused includes * Fix layout * Don't add label when it's nullptr * Build doc/po in kf6 too * Make it compile against last kcmmodule * Ignore .cache * Add .h in qtc6 ==== kanagram ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Fix a minor bug Removing letters while a guess is being checked is no longer possible. * Search XmlGui. kf6 fix * Add Flatpak CI/CD Integration ==== kapptemplate ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Allow to build against qt6 * Manually format the rest of files * Run clang-format on sources * Enable clang-format * Copy gitignore from systemsettings ==== kate ==== Version update (23.04.3 -> 23.08.0) Subpackages: kate-plugins - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - Changes since 23.07.90: * Fix crash when adding/removing suppression * Use QFontMetrics::lineSpacing to calculate the line y offset (kde#473362) - Update to 23.07.90 * New feature release - Changes since 23.07.80: * block session auto save in some more places * File Browser plugin: make search string partial-matching (kde#472374) * Fix diagnostics tab overlay * check that blocking level is zero * avoid that the session save timer messes up session saving (kde#470293) * Add missing $ to fix installed translated documentation * Add missing KI18n links * handle tab deletion/creation * diagnostics: Handle suppressions from multiple providers * diagnostics: Refactor diagnostics removal * Remove Designer's "." normaloff file data from icon properties in .ui files * ensure we don't use m_quickOpen uninited * remove deprecated Id * ensure proper parent for dialog * ensure proper parent for dialog - Update to 23.07.80 * New feature release - Too many changes since 23.04.3, only listing bugfixes: * lsp: always honor server when using Completion.textEdit.newText (kde#468130) * Add open action to tabbar context menu (kde#471471) * use word-completion-minimal-word-length as configured (kde#470494) * Allow opening new tab in front of currently active tab optionally (kde#471225) * Fix double drive letters on "Run Current Doc" (kde#469340) * ensure sidebars are properly collapsed (kde#460160) * Don't ask user if he wants to save modified document when deleting (kde#448861) * Fix --version, --help, -h, -v not working (kde#468318) * CompilerExplorer: Fix crash when minimizing (kde#468294) * Fix preview for markdown files not loaded on mode change (kde#384972) * Include markdownpart in flatpak builds (kde#466349) * Fix asking to save untitled empty doc on close (kde#462347) * Intoduce open links plugin (kde#93087) * Konsole: Show error when konsole not found (kde#438308) * Intoduce KateTextHintManager (kde#467322) * Use internal diff view in KateMWonHDDialog (kde#441120) * ensure projects view is focused (kde#465786) * Allow opening multiple files from welcome view (kde#467097) * Cleanup/improve MWModOnHDDialog (kde#464088) * Search: Fix crash on clicking clear (kde#467255) ==== kbd ==== Version update (2.6.1 -> 2.6.2) Subpackages: kbd-legacy - Update to version 2.6.2: - loadkeys: * Don't look for keymap in the current directory. - keymaps: * Add colemak mod-dh keymaps. - Refresh kbd-1.15.5-loadkeys-search-path.patch ==== kbruch ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers ==== kcachegrind ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Make qt6 CI support * Fix signal/Slot in qt6 * Use new signal/slot method * Fix signal/slot in kf6 * Make compile against kf6 * Fix some deprecated methods * Prepare to build against qt6 * Add CMakePresets.json support ==== kcalc ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Add Flatpak CI/CD Integration ==== kcalutils ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Remove the unused HtmlExport code * Remove CI 6 job. We will use kf6 branch for kf6 works * Adapt to KCalendarCore API changes * Fix show text in qt6 * Fix generate qch + generate target qch * Remove search configwidgets * Use correct INSTALL_TARGETS_DEFAULT_ARGS ==== kcharselect ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * It compiles fine without deprecated methods ==== kcolorchooser ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add Flatpak CI/CD Integration ==== kde-print-manager ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release ==== kdeconnect-kde ==== Version update (23.04.3 -> 23.08.0) Subpackages: kdeconnect-kde-zsh-completion - Remove the kdeconnect_open handler to work around kde#472697 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - Changes since 23.07.90: * Remove QIcon loading to avoid pre-stage D-Bus session cache * Fix potential race condition - Update to 23.07.90 * New feature release - Changes since 23.07.80: * Set `GVFS_REMOTE_VOLUME_MONITOR_IGNORE` to avoid potential crashes - Update to 23.07.80 * New feature release - Too many changes since 23.04.3, only listing bugfixes: * Fix kdeconnect_open desktop file type (kde#424782) * When receiving files, delay de-duplicating filenames (kde#470078) * Use explicit constructor for QSslCertificate with value initialized argument (kde#469428) * Fix inactive "Send Arrow" in smsapp after first message sent (kde#455149) * Improve bigscreen plugin description (kde#468143) * Run command settings: add import and export buttons (kde#409388) * Use `org.freedesktop.DBus.Monitoring` to monitor notifications (kde#447385) - Drop patch, merged upstream: * Use-org-freedesktop-DBus-Monitoring-to-monitor-notifications.patch ==== kdeedu-data ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Use latest-kf6 branch for Qt6 ==== kdegraphics-thumbnailers ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Allow building against KF6 ==== kdenetwork-filesharing ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Make "Samba is missing" UI strings a bit more user-friendly * Fix plugin install dir major version * Fix view margins and layouts * Show appropriate error messages when KAuth actions fail ==== kdepim-addons ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Consider field alignments for secondary/auxiliary boarding pass fields * Don't require calendar invite to be inside a message/rfc822 message * Use QStandardPaths * Fix i18n * limit string size * Show who a hotel reservation is for * Do not report success if no keys where considered for import * Fix merging of hotel reservations * Use KConfigDialogManager for the DKIM settings * Remove CI 6 job. We will use kf6 branch for kf6 works * Adapt to KMailTransportAkonadi being moved into AkonadiMime * Adapt to new akonadi-contact/akonadi-contact-editor api * Fix icons shown in inline vCards * Add missing ConfigGui lib * Adblock: Do not show "data" URLs in debug log ==== kdepim-runtime ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - Changes since 23.07.90: * Fix race condition when building - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Too many changes since 23.04.3, only listing bugfixes: * Implement retrieveItems(Item::List) for googleresource (kde#448106) * Fix crash trying to access password of empty account (kde#435427) * Skip EWS items where there is no registered handler (kde#440831) * Fix Bug 467719 Font is erroneously hardcoded. (kde#467719) ==== kdevelop5 ==== Version update (23.04.3 -> 23.08.0) Subpackages: kdevplatform - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * gdb: skip to GDB version string (kde#409702, kde#428688, kde#446786) * Don't cast out-of-enum-range -1 to CommonIntegralTypes (kde#471995) * Add explicit moc includes to sources for moc-covered headers * Port to latest LibKompareDiff2 5.4 * AStylePlugin: don't concatenate preview/sample strings * CustomScriptPlugin::previewText: don't concatenate strings * Fix compile with newer astyle * Show Configure KDevelop... dialog faster * Remove useless deleteGroupRecursive(KConfigGroup) * Don't call IBasicVersionControl::isVersionControlled in a loop * standardoutputview: add settings to limit the number of output views * OutputWidget: assert m_tabwidget before dereferencing it * Extract OutputWidget::closeView() * Optimize OutputWidget::closeActiveView() * OutputWidget: prefer QHash::const_iterator * Fix typos in source comments + documentation * Fix test_files-clang failure with Clang 16 * Make Detailed completion:Never option work * Fix hardcoded CMake documentation tooltip background color (kde#469180) * Drop support for Okteta < 0.26.0 (Kasten 0.4.0) * Okteta plugin: add Structures tool also on big endian platforms ==== kdialog ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Adapt to KIconThemes changes * update README (kde#455994) * fix: slider's ticks and related doc (kde#467867) * Bump min required KF version to 5.100 * Remove unnecssary " - KDialog" in window title (kde#467840) * Port kdialog to kf6 ==== kdump ==== Version update (1.9.5 -> 1.9.6) - upgrade to version 1.9.6 * use newer /sys/kernel/fadump/ instead of /sys/kernel/fadump_ * use kexec -a which falls back to kexec_load(2) automatically * update s390 udev rules * drop systemd device timeout generator ==== kernel-firmware ==== Version update (20230814 -> 20230829) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20230829 (git commit 49f9e3479fb5): * i915: Update MTL DMC to v2.16 * copy-firmware: Introduce 'RawFile' keyword * copy-firmware: Support additional compressor options * linux-firmware: Update firmware file for Intel Bluetooth AX203 * linux-firmware: Update firmware file for Intel Bluetooth AX203 * linux-firmware: Update firmware file for Intel Bluetooth AX211 * linux-firmware: Update firmware file for Intel Bluetooth AX211 * linux-firmware: Update firmware file for Intel Bluetooth AX210 * linux-firmware: Update firmware file for Intel Bluetooth AX200 * linux-firmware: Update firmware file for Intel Bluetooth AX201 * linux-firmware: update firmware for qat_4xxx devices * linux-firmware: Update AMD SEV firmware * amdgpu: update DMCUB to 0.0.181.0 for various AMDGPU ASICs * rtw89: 8852b: update fw to v0.29.29.3 * rtw89: 8851b: update fw to v0.29.41.2 * i915: add GSC 102.0.0.1655 for MTL * amdgpu: DMCUB updates for various AMDGPU asics - Switch to the compressed / split installation as default, make uncompressed / raw package as a multibuild flavor, instead as a preliminary work for dropping the big kernel-firmware (bsc#1214789) - Use the standard copy-file.sh for split package installation, too Another scirpt, make-files.sh, is provided for generating file lists - Ignore README in copy-file.sh: copy-file-ignore-README.patch - Workaround for installing raw files for ucode-amd: amd-ucode-rawfile.patch - Drop the obsolsted revert of rtw8822c_fw.bin - Update aliases from 6.5 ==== kernel-source ==== Version update (6.4.11 -> 6.4.12) Subpackages: kernel-64kb kernel-default - Revert 101bd907b424 ("misc: rtsx: judge ASPM Mode to set PETXCFG Reg") (boo#1214428 boo#1214397). - commit 91a1158 - Linux 6.4.12 (bsc#1012628). - crypto, cifs: fix error handling in extract_iter_to_sg() (bsc#1012628). - net: phy: at803x: Use devm_regulator_get_enable_optional() (bsc#1012628). - net: phy: at803x: fix the wol setting functions (bsc#1012628). - drm/amd/display: Update DTBCLK for DCN32 (bsc#1012628). - drm/scheduler: set entity to NULL in drm_sched_entity_pop_job() (bsc#1012628). - drm/amdgpu: fix calltrace warning in amddrm_buddy_fini (bsc#1012628). - drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 (bsc#1012628). - drm/amdgpu: fix memory leak in mes self test (bsc#1012628). - Revert "drm/amd/display: disable SubVP + DRR to prevent underflow" (bsc#1012628). - ASoC: Intel: sof_sdw: add quirk for MTL RVP (bsc#1012628). - ASoC: Intel: sof_sdw: add quirk for LNL RVP (bsc#1012628). - PCI: tegra194: Fix possible array out of bounds access (bsc#1012628). - ASoC: cs35l56: Move DSP part string generation so that it is done only once (bsc#1012628). - ASoC: SOF: amd: Add pci revision id check (bsc#1012628). - drm/stm: ltdc: fix late dereference check (bsc#1012628). - arm64: dts: qcom: ipq5332: add QFPROM node (bsc#1012628). - drm: rcar-du: remove R-Car H3 ES1.* workarounds (bsc#1012628). - ASoC: amd: vangogh: Add check for acp config flags in vangogh platform (bsc#1012628). - RDMA/mana_ib: Use v2 version of cfg_rx_steer_req to enable RX coalescing (bsc#1012628). - ARM: dts: imx6dl: prtrvt, prtvt7, prti6q, prtwd2: fix USB related warnings (bsc#1012628). - ASoC: Intel: sof_sdw_rt_sdca_jack_common: test SOF_JACK_JDSRC in _exit (bsc#1012628). - ASoC: Intel: sof_sdw: add quick for Dell SKU 0BDA (bsc#1012628). - ASoC: Intel: sof_sdw: Add support for Rex soundwire (bsc#1012628). - iopoll: Call cpu_relax() in busy loops (bsc#1012628). - ASoC: SOF: Intel: fix SoundWire/HDaudio mutual exclusion (bsc#1012628). - dma-remap: use kvmalloc_array/kvfree for larger dma memory remap (bsc#1012628). - accel/habanalabs: add pci health check during heartbeat (bsc#1012628). - accel/habanalabs: fix mem leak in capture user mappings (bsc#1012628). - dt-bindings: input: goodix: Add "goodix,no-reset-during-suspend" property (bsc#1012628). - HID: i2c-hid: goodix: Add support for "goodix,no-reset-during-suspend" property (bsc#1012628). - HID: logitech-hidpp: Add USB and Bluetooth IDs for the Logitech G915 TKL Keyboard (bsc#1012628). - iommu/amd: Introduce Disable IRTE Caching Support (bsc#1012628). - drm/amdgpu: install stub fence into potential unused fence pointers (bsc#1012628). - drm/amd/display: Remove v_startup workaround for dcn3+ (bsc#1012628). - drm/amd/display: Apply 60us prefetch for DCFCLK <= 300Mhz (bsc#1012628). - drm/amdgpu: unmap and remove csa_va properly (bsc#1012628). - RDMA/mlx5: Return the firmware result upon destroying QP/RQ (bsc#1012628). - RDMA/bnxt_re: consider timeout of destroy ah as success (bsc#1012628). - drm/amd/display: Skip DPP DTO update if root clock is gated (bsc#1012628). - drm/amd/display: Enable dcn314 DPP RCO (bsc#1012628). - ASoC: SOF: core: Free the firmware trace before calling snd_sof_shutdown() (bsc#1012628). - HID: intel-ish-hid: ipc: Add Arrow Lake PCI device ID (bsc#1012628). - Revert "[PATCH] uml: export symbols added by GCC hardened" (bsc#1012628). - smb: client: fix warning in cifs_smb3_do_mount() (bsc#1012628). - cifs: fix session state check in reconnect to avoid use-after-free issue (bsc#1012628). - serial: stm32: Ignore return value of uart_remove_one_port() in .remove() (bsc#1012628). - led: qcom-lpg: Fix resource leaks in for_each_available_child_of_node() loops (bsc#1012628). - media: v4l2-mem2mem: add lock to protect parameter num_rdy (bsc#1012628). - media: camss: set VFE bpl_alignment to 16 for sdm845 and sm8250 (bsc#1012628). - usb: gadget: u_serial: Avoid spinlock recursion in __gs_console_push (bsc#1012628). - usb: gadget: uvc: queue empty isoc requests if no video buffer is available (bsc#1012628). - media: platform: mediatek: vpu: fix NULL ptr dereference (bsc#1012628). - thunderbolt: Read retimer NVM authentication status prior tb_retimer_set_inbound_sbtx() (bsc#1012628). - xhci: get rid of XHCI_PLAT quirk that used to prevent MSI setup (bsc#1012628). - usb: chipidea: imx: don't request QoS for imx8ulp (bsc#1012628). - usb: chipidea: imx: turn off vbus comparator when suspend ... changelog too long, skipping 325 lines ... - commit 5b41c27 ==== kgeography ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Allow building against KF6 ==== khangman ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Adapt to new api * Add Quit shortcut * Add Flatpak CI/CD ==== khelpcenter5 ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * doc: do not use a few deprecated entities ==== kidentitymanagement ==== Version update (23.04.3 -> 23.08.0) Subpackages: kidentitymanagement-lang libKPim5IdentityManagement5 libKPim5IdentityManagementWidgets5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Fix platforms info * Remove CI 6 job. We will use kf6 branch for kf6 works * not export symbol of private methods * Use correct INSTALL_TARGETS_DEFAULT_ARGS ==== kig ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Fix loading kig part (kde#469962) * Add Flatpak CI/CD ==== kimageformats ==== - Add patch to support avif 1.0: * 0001-Support-libavif-1.0.patch ==== kimap ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Fix platforms info * Remove CI 6 job. We will use kf6 branch for kf6 works * Add missing Q_REQUIRED_RESULT * Use correct INSTALL_TARGETS_DEFAULT_ARGS ==== kio-extras5 ==== Version update (23.04.3 -> 23.08.0) Subpackages: libkioarchive5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - Changes since 23.07.90: * [Thumbnail] Fix lookup of legacy thumbnailer plugins - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Remove no longer used about: KIO worker * mtp: Configure fails if smb is not being compiled * Remove explicit plugin id from Krita thumbnailer * Add explicit moc includes to sources for moc-covered headers * audiocreator: Check tag against null (kde#427448) * smb: Set the credentials in the auth callback for DFS * mtp: support moving through get-put and increase concurrency to 2 (kde#325574) * mtp: implement chmod and chown as no-op operations * style++ * mtp: fix file writing * mtp: unpack nesting in rename * mtp: make querypath return optional * mtp: don't leak children * mtp: use LIBMTP_Get_Children to implement async listing * Use external kdsoap-ws-discovery-client on FreeBSD * Allow building against KF6 * libkioarchive: bump version as reference for new include setup * libkioarchive: install version header * libkioarchive: install header into own visibility subdir * recentlyused: better handle list root dirs / /files /locations, allow to writing to subdirs ==== kio_audiocd ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release ==== kipi-plugins ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers ==== kiten ==== Version update (23.04.3 -> 23.08.0) Subpackages: fonts-KanjiStrokeOrders - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Use C++11 auto to replace some of the duplicated typenames * More C++11 gardening * Add Flatpak CI/CD ==== kitinerary ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - Changes since 23.07.90: * Add extractor script for Aer Lingus PDF boarding passes * Increase upper aspect ratio limit for PDF417 barcodes * Support ZSSK network tickets * Improve ZSSK barcode trigger pattern * Add extractor script for Iberia PDF boarding passes * Add extractor script for KLM/Air France PDF boarding passes * Manually extract boarding time for Lufthansa PDF boarding passes * Determine trigger nodes also for ancestor filters * Skip generic flight time extraction if any of those is already present * Allow to match on the PDF document author field as well * Add DSB extractor script * Fix RSP-6 date/time parsing (kde#473326) * Fix wrong ticket token type prefixes in a few extractor scripts (kde#473325) - Update to 23.07.90 * New feature release - Changes since 23.07.80: * Fix Spring Airlines multi-leg extraction * Add extractor script for Cinemaxx events * Run generic iCal extraction unconditionally in prior to extractors scripts * Track used extractor in the document node rather than the engine * Add cooltix.hu event ticket extractor script * Allow to filter against the PDF document creator field as well * Reduce the lower bound for 2D vector barcodes * Add LH extractor script to the qrc file * Extract discount program information from ERA FCB tickets * Make Aer Lingus booking number extraction more robust - Update to 23.07.80 * New feature release - Too many changes to list here. ==== kldap ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKPim5Ldap5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Fix platforms info * Fix category description * Remove CI 6 job. We will use kf6 branch for kf6 works * not export symbol of private methods * Fix merge conflict (previous commit) * Fix qch variable name * Perform initialization in initialization list * Remove unused variable * Remove compat support as all was ported * Use correct INSTALL_TARGETS_DEFAULT_ARGS * const'ify * Remove unused include * Coding style * Move variable where they will be used. + const'ify * Use Q_REQUIRED_RESULT * Initiliaze variable in headers * Use debug category * ldap KIO worker: follow generic category name schene kf.kio.workers.* ==== kleopatra ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Too many changes to list here. ==== kmag ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release ==== kmahjongg ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Use ECMDeprecationSettings * Use the i18n function properly (kde#469200) * Add Flatpak CI/CD ==== kmail ==== Version update (23.04.3 -> 23.08.0) Subpackages: kmail-application-icons ktnef - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Too many changes since 23.04.3, only listing bugfixes: * Add info when email is empty. (kde#472168) ==== kmail-account-wizard ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Link against KWallet explicitly * Adapt to KMailTransportAkonadi being moved into AkonadiMime ==== kmailtransport ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKPim5MailTransport5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - Changes since 23.07.80: * Drop unused KPimMime dependency - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Port the last KWallet use to QtKeychain * Fix platforms name * Remove unused TransportMananger::createDefaultTransport() * Remove KWallet from the public link interface * Remove CI 6 job. We will use kf6 branch for kf6 works * Clean up kde-ci.yml * Remove Akonadi dependancy * Remove kmailtransportakonadi now as we ported all users * Plugin moved to kdepim-runtime * Use std::move * create on stack * Remvoe unused public area * const'ify variable * const'ify * We need ConfigGui as public * Perform initialization in initialization list * Drop KCM * Use correct INSTALL_TARGETS_DEFAULT_ARGS * Remove old alias ==== kmbox ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Remove CI 6 job. We will use kf6 branch for kf6 works * Generate PACKAGE_INCLUDE_QCHTARGETS first * Use correct INSTALL_TARGETS_DEFAULT_ARGS ==== kmime ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Fix platforms name * Remove CI 6 job. We will use kf6 branch for kf6 works * Use correct INSTALL_TARGETS_DEFAULT_ARGS ==== kmines ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Add Flatpak CI/CD ==== kmousetool ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release ==== kmplot ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - Changes since 23.07.80: * Add missing dependencies - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Port to KF6 * Add Flatpak CI/CD ==== knotes ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * settings/notesharedglobalconfig.kcfg : fix typo in label of entry "Port" * Adapt to build against last textaddons * Remove CI 6 job. We will use kf6 branch for kf6 works * Fix category description * Remove prefix includes (make it compiles against qt6) * Compile fine without deprecated methods * Use new TextAddonsWidgets/LineEditCatchReturnKey * Fix compile against last kf6 * Remove kconfigwidget * We don't need ConfigWidgets * Port to new api * const'ify pointer * Const'ify pointer + initialize variable * Add parent ==== kompare ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Port to latest LibKompareDiff2 5.4 * Move check after cmake include => QT_MAJOR_VERSION is defined * Enable build also against KF6 * Add Flatpak CI/CD ==== konsole ==== Version update (23.04.3 -> 23.08.0) Subpackages: konsole-part konsole-part-lang konsole-zsh-completion - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - Changes since 23.07.90: * ScreenWindow::updateCurrentLine: Better bound currentLine - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Too many changes since 23.04.3, only listing bugfixes: * Fixed search bar false positive after clear scrollback (and reset) (kde#407317) * Hides redundant widgets on dialog for emoji font selection (kde#469563) * Eliminate compilation warnings for plugins from using QAction::setShortcut(s) (kde#462615) * Adjust selection point coords when scrollback shrinks (kde#470346) * Disable keyboard selection mode on resize (kde#467872) * Do not allow an invalid parent to be set in profiles (kde#467790) * Invalidate selection reference points on resize (kde#464040) * Draw selected background for right half of double width char if selected (kde#468465) * Fix crash in ProfileSettings (kde#423136) ==== kontact ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - Changes since 23.07.80: * Drop no longer needed Akonadi dependency - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Return plugin name that we can use with --module command line * doc: use a non-deprecated entity for Frameworks * Remove CI 6 job. We will use kf6 branch for kf6 works * It's alpha version * Port to new api * Show all headers in qtc6 * Remove duplicate header * Use PimCommon directly ==== kontactinterface ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Fix platforms info * Remove CI 6 job. We will use kf6 branch for kf6 works * not export symbol of private methods * Warning is not useful now * Fix generate QCH target * Remove compat support as all was ported * Use correct INSTALL_TARGETS_DEFAULT_ARGS ==== konversation ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - Changes since 23.07.80: * caps: prevent connection hang when none are requested (kde#471940) - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Disable Qt6 CI builds * Highlights sounds file picker: fix setting file filter by MIME types (kde#433667) * doc: use a non-deprecated entity for Frameworks ==== korganizer ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Adapt code to GenerateProperties=true in CalendarSettings * Adapt to CollectionAnnotationsAttribute being moved to Akonadi * Don't beep in case some internal sanity checks fail * Remove CI 6 job. We will use kf6 branch for kf6 works * We don't need KMailTransportAkonadi here * Adapt to new akonadi-contact/akonadi-contact-editor api * Make collection filtering work again * Use QRegularExpression::wildcardToRegularExpression * Adapt to new api * Add missing ';' * Use QProcess * Use kcmshell6 in kf6 * Drop duplicate KPimEventViews dep * Adapt to new api * Start to port to new api * aboutdata is not used now * Comment debug include as it's unused until we port code ==== kpat ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Remove optimization from mod3 solver that doesn't hold true in all cases (kde#470393) * Solve the simple simon autodrop problem less aggressively (kde#469991) * Reinit Golf solver correctly after switching games (kde#470166) ==== kpimtextedit ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKPim5TextEdit5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Fix platforms name * Install QCH targets file to backwards compatible path * Remove unused include * Allow to add emoji support * Add missing Q_REQUIRED_RESULT * Remove old code (now we use ktextaddons) * Allow to use new TextEmoticonsWidgets lib * Rename signal * This class is never used. Don't install header/export it * Make KF::TextEditTextToSpeech a private link dependency * Fix license + move data from src/emoticon/emoji.json to src/emoticon/data/emoji.json * Use new emoji.json * Define json as binary (help to commit) * Remove unused includes * Use new emoji.json * continue to implement emoji model * Start to reimplement emoji support as in ruqola * Remove unused files * Remove CI 6 job. We will use kf6 branch for kf6 works * not export symbol of private methods * Disable for the moment it crashs in qt6 * Remove unused configwidgets * For the moment disable it on qt6 as it crashs. I need to investigate why * Use correct INSTALL_TARGETS_DEFAULT_ARGS * Rename variables * Remove unused include * Remove unused variable ==== kpkpass ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Select pkpass message catalog based on QLocale::uiLanguages * Don't fail on empty entries in the message catalog * Remove CI 6 job. We will use kf6 branch for kf6 works * Generate PACKAGE_INCLUDE_QCHTARGETS first ==== kqtquickcharts ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - No code change since 23.04.3 ==== kreversi ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * No need to remove QT_NO_CAST_FROM_BYTEARRAY * increase ecm_set_disabled_deprecation_versions * fix board position in portrait mode (kde#445131) ==== ksanecore ==== Version update (23.04.3 -> 23.08.0) Subpackages: ksanecore-lang libKSaneCore1 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Crop the image after a scan finished (kde#457097) * Also call renewImage() for 8-bit Gray images (kde#469683) * Have export macros header include version header (Qt6-only) * Support reading the gamma table ==== ksmtp ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Remove CI 6 job. We will use kf6 branch for kf6 works * Install *version.h in SMTP directory * Fix QCH target * Fix target name * Fix install qch target * Use correct INSTALL_TARGETS_DEFAULT_ARGS ==== ksudoku ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers ==== ktextaddons ==== Version update (1.1.0 -> 1.4.1) Subpackages: libKF5TextEditTextToSpeech1 libKF5TextGrammarCheck1 libKF5TextTranslator1 - Update to 1.4.1. No changelog - Update to 1.3.2. No changelog ==== ktnef ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Remove CI 6 job. We will use kf6 branch for kf6 works * Omit default notebook argument * Add QCh support * Use correct INSTALL_TARGETS_DEFAULT_ARGS ==== ktouch ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Enable i18n for accuracy value ==== kwalletmanager5 ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release ==== kwordquiz ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - Changes since 23.07.80: * Fix minor typo * Update flashcard image - Update to 23.07.80 * New feature release - Too many changes since 23.04.3, only listing bugfixes: * Add the option to compare asnwers in a non case sensitive way (kde#467585) ==== lib2geom ==== - Add -DNDEBUG to CFLAGS explicitly, since the i586 build depends on it. ==== libbytesize ==== Version update (2.8 -> 2.9) - Update to version 2.9: * This release contains fixes for some small issues. * Updated translations. ==== libdrm ==== Version update (2.4.115 -> 2.4.116) Subpackages: libdrm2 libdrm_amdgpu1 libdrm_nouveau2 libdrm_radeon1 - Update to 2.4.116 * nouveau: add interface to make buffer objects global * xf86drm: update DRM_NODE_NAME_MAX supporting more nodes * xf86drm: use drm device name to identify drm node type * meson: drop pthread-stubs dependency on BSDs * amdgpu: add marketing names from amd-5.4.3 (22.40.3) * tests/amdgpu: Fix Usage string * tests/amdgpu: Add all 9 options to the help output * tests/amdgpu: Allow to exclude a test or a suite of tests * amdgpu: add an environment variable that overrides the context priority * amdgpu: remove va::dev member * tests/amdgpu/vcn: change vbv_buffer name to input * tests/amdgpu/vcn: fix drm test failure * tests/amdgpu/vcn: fix session buffer issue for vcn1-vcn3 * tests/amdgpu/vcn:update decoder unit test * xf86drm: bump DRM_MAX_MINOR to 64 * xf86drm: drop control nodes implementation * Sync headers with drm-next * xf86drm: add drmSyncobjEventfd * build: bump version to 2.4.116 * xf86drmMode: constify drmModeCrtcSetGamma * tests/util: Add vkms driver * test/amdgpu/hotunplug: add apu check for hotplug test ==== libgravatar ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKPim5Gravatar5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Fix platforms info * Use KConfigDialogManager * Remove unused GravatarConfigWidget * Remove CI 6 job. We will use kf6 branch for kf6 works * not export symbol of private methods * GRAVATAR_KF5_COMPAT doesn't exist now * Fix install QCH target * Not necessary to create compat lib now * Use correct INSTALL_TARGETS_DEFAULT_ARGS ==== libinput ==== Version update (1.23.0 -> 1.24.0) Subpackages: libinput-udev libinput10 - Update to release 1.24.0 * On Apple touchpads, natural scrolling is now enabled by default and palm detection is disabled - the touchpads are good enough that they don't need our help. * Built-in tablet devices now always have touch arbitration enabled, so we no longer need to add a quirk for each of them. And speaking of tablets: the pressure offset limit for worn-out devices is now at 50% of the range. Modern pens have a precise enough range that even worn out pen can still provide satisfactory pressure sensitivity. This pressure offset is now detected on worn-out pens that do not support distance. * Finally, where a relative device's rotation is 180 degrees (e.g. a trackball used upside-down) we now flip the scroll wheel direction as well. * The rest of the changes is the usual mix of janitorial patches and device-specific quirks. ==== libisoburn ==== Version update (1.5.4 -> 1.5.6) Subpackages: libisoburn1 xorriso - update to 1.5.6: (jsc#PED-5018) * Bug fix: False -status failure with -boot_image --interval:appended_partition * Bug fix: -no_rc prevented pre-scanning of arguments for stdio output and others. Introduced by mistake in a62f6af5, 2011.10.18.162119. * Bug fix: -not_leaf and -not_paths were not applied to -extract and alike * Bug fix: -report_system_area cmd misperceived -part_like_isohybrid with - isohybrid-gpt-basdat * Bug fix: -report_system_area cmd misperceived combination of isohybrid and appended partition in GPT * Bug fix: -as mkisofs option -part_like_isohybrid did not cause a MBR partition table if the partitions are data files in the ISO rather than appended * Bug fix: Split file directories (-split_size) were created with wrong permissions * Bug fix: libisofs did not mark clones of imported files as imported. This could cause that original and clone occupy data storage in the newly written session. Thanks to Ivan Shmakov. * Bug fix: Partition offset was preserved from -indev rather than from -outdev * Bug fix: libisofs could misrepresent Rock Ridge information if many symbolic links or AAIP data were recorded in a directory * Bug fix: Data files named /boot.catalog or ./boot.cat could be left out of the emerging ISO if the boot catalog was set to be hidden * Bug fix: -toc reported wrong track LBA with overwritable media with unrecognized content (pseudo-closed) * Bug fix: -find test -has_xattr matched "isofs." attributes in -xattr mode "any" * New API call isoburn_assess_written_features() * New API calls isoburn_igopt_set_max_ce_entries(), isoburn_igopt_get_max_ce_entries() * New flag bit12 with isoburn_read_iso_head(): Read even if start of multi-session emulation is damaged * New -boot_image settings gpt_iso_bootable= and gpt_iso_not_ro= * New -as mkisofs options --gpt-iso-bootable and --gpt-iso-not-ro * New -as cdrecord option --obs_pad. Automatic no_emul_toc with -as cdrecord. * New parameters "obs_pad" and "bdr_obs_exempt" for -dvd_obs * New -as cdrecord option --bdr_obs_exempt * New command -assess_indev_features * New -find test -size * New -compliance rules max_ce_entries=, max_ce_drop= * Allowed lseekable device files with -cut_out. ==== libkcddb ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKF5Cddb5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release ==== libkcompactdisc ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKF5CompactDisc5 libkcompactdisc-lang - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release ==== libkdcraw ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Have export macros header include version header (Qt6-only) * Rename to KF6 when building against Qt6 ==== libkdegames ==== Version update (23.04.3 -> 23.08.0) Subpackages: kdegames-carddecks-default libKF5KDEGames7 libkdegames-qt5-imports - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Have export macros header include version header (Qt6-only) * Default EXCLUDE_DEPRECATED_BEFORE_AND_AT to 7.5.0 for Qt6 build * Prepare "KDEGames6" as name for Qt6/KF6-based variant * Use variable to control base name of CMake config files ==== libkdepim ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKPim5Libkdepim5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Avoid spurious checkcombobox toggle where indexes don't match (kde#347045) * Fix platforms name * Remove unused public method * Remove unused dependencies * Remove CI 6 job. We will use kf6 branch for kf6 works * not export symbol of private methods * Fix QCH support * Remove configwidgets * Use correct INSTALL_TARGETS_DEFAULT_ARGS ==== libkeduvocdocument ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKEduVocDocument5 libkeduvocdocument-lang - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Run clang format * Have export macros header include version header (Qt6-only) ==== libkexiv2 ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Default EXCLUDE_DEPRECATED_BEFORE_AND_AT to 5.1.0 for Qt6 build * Fix build with exiv2 >= 0.28 * Simplify 7bit ASCII detection * .gitignore ignore CMakeLists.txt.user * Have export macros header include version header (Qt6-only) * Fix KF6 CI dependencies * Rename to KF6 when building against Qt6 * Explicitly disable deprecated API when building against Qt6 ==== libkgapi ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKPim5GAPICalendar5 libKPim5GAPICore5 libKPim5GAPIPeople5 libKPim5GAPITasks5 libkgapi-lang sasl2-kdexoauth2 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Convert urls and calendarurls from KContacts to KGAPI * Fix syncing name * Fix copy paste error in license * Remove CI 6 job. We will use kf6 branch for kf6 works * Add QCH support * fix install _version.h file * Add missing Q_REQUIRED_RESULT ==== libkipi ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKF5Kipi32_0_0 libkipi-data - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Fix install include in kf6 too ==== libkleo ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKPim5libkleo5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - Changes since 23.07.90: * [tests] Check that setSigningKeys also works for explicit protocol. * [fix] setSigningKeys is ignored for unknown protocol. - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Too many changes to list here. ==== libkmahjongg ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKF5KMahjongglib5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Have export macros header include version header (Qt6-only) * Prepare "KMahjongglib6" as name for Qt6/KF6-based variant ==== libkomparediff2 ==== Version update (23.04.3 -> 23.08.0) Subpackages: libkomparediff2-5 libkomparediff2-lang - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * API dox: tech kapidox about all macros used * API dox: note new CamelCase header includes * Remove unused private class members, deprecate constructor with related arg * Install also CamelCase headers * Change headers prefix to komparediff2/, with back-compat for libkomparediff2 * Rename export header/macro base name: diff2 -> komparediff2, w/ back-compat * Add EXCLUDE_DEPRECATED_BEFORE_AND_AT option, add a 5.4 deprecation version * Bump version to 5.4 * Add Windows CI * Enable build also against KF6 * Qt6 builds: link explicitly Qt6::Core5Compat * Use forward declaration instead of include, to not extend public interface * Have export macros header include version header (Qt6-only) * Use full version incl. patch level with project() call ==== libksane ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKF5Sane5 libksane-lang - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Have export macros header include version header (Qt6-only) * Install version header into own include base dir ==== libksieve ==== Version update (23.04.3 -> 23.08.0) Subpackages: libksieve5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add host name too * Fix platforms name * Remove CI 6 job. We will use kf6 branch for kf6 works * Add KSIEVEUI_NO_EXPORT * Use Q_REQUIRED_RESULT * not export symbol of private methods * Fix qch support * configWidget is not necessary * compat lib is not necessary now * Fix i18n ==== libnl3 ==== Version update (3.7.0 -> 3.8.0) Subpackages: libnl-config libnl3-200 - Update to release 3.8 * addr: create an all-zero addresses when parsing "any" or "default" * addr: allow constructing all-zero addresses * route: construct all-zero addresses for default route destination * bridge: Add support for link_info of a bridge * bridge: extend libnl with options needed for VLAN aware forwarding * route/link: add accessor API for IPv6 DEVCONF * neigh: add support of NHID attribute * route: add nh type ==== libostree ==== Version update (2023.2 -> 2023.6) Subpackages: libostree-1-1 - Update to version 2023.6: + Signing with ed25519 can now be backed by openssl. + composefs changes: - Now enabled at build time (but disabled at runtime) by default. - composefs now supports signature verification. Note that composefs continues to be classified as experimental. - Configuration format has changed. The old ot-composefs kernel argument is no longer honored in favor of a configuration file that should be present in the initramfs. + ostree-prepare-root other changes: - A new configuration file in the initramfs is honored: /etc/ostree/prepare-root.conf. - This configuration file can also specify the readonly-sysroot default, which is now recommended. - The sysroot.readonly flag can now also be configured from here, and this is recommended. + ostree admin set-default: A long-overdue CLI verb to change the default deployment for the next boot. + sysroot other bugfixes and changes: - It is now supported to have /usr/etc with an empty /etc. This is preparatory for supporting a transient /etc. - Finally fix the global sync timeout at shutdown. - 'ostree admin deploy' now honors --stateroot as that term is prefered over --os. + trivial-httpd: The remnants of the deprecated 'ostree trivial-httpd' CLI are now completely gone. - Update to version 2023.5: + This is a bugfix release for the recent 2023.4. + Key bugs fixed: - Revert "fetcher: Always open tmpfiles in repo location". - Fix return value of generator on non-ostree systems. + Other changes: - lib/deploy: Use off_t not __off_t. - prepare-root: Adjust to composefs mount struct changes. - Changes from version 2023.4: + Notable bugfixe: fix ostree deployment on 64-bit inode fs. + New Feauture: Composefs. + HTTP/pull fixes: - ostree-fetcher-curl: explicitly use HTTP1.1 when HTTP2 is disabled. - Increase the metadata size limit to 128MB. - fetcher: Always open tmpfiles in repo location. + Other changes: - lib/deploy: Use fallocate for early prune space check. - prepare-root: Move sysroot.tmp creation earlier. - lib/deploy: Disambiguate error messages for early prune space check. - lib/deploy: skip fallocate call when requested size is 0. - test-concurrency: Don't lower timeout. - pull: Add error prefixing for corrupt checksums. - Add more error prefixing when parsing commit objects. - Changes from version 2023.3: + Many fixes and improvements. + treegen: Require at least one mutation. + rust: Bump MSRV to 1.64. + fetcher/soup3: Rewrite without threads. + fetcher: add libsoup3 backend. + lib/sysroot-cleanup: Convert bootdir listing to dfd-relative. + lib/sysroot-cleanup: Make some static utility functions global. + libotutil: add utility functions for calculating directory size. + lib/sysroot-deploy: Nuke finalize-failure.stamp on successful finalization. + lib/sysroot-deploy: Add experimental support for automatic early prune. - Define libversion and soversion and replace hard coded values with them to ease package maintenance. - Add pkgconfig(libsoup-3.0) >= 3.0.0 build requirement and pass - -with-soup3 to configure. Libcurl needs it for tests and for the trivial-httpd binary, also we've been waiting for upstream to port to Soup 3, in order to re-enable it. - Pass --with-composefs to configure, under the condition of building with composefs, while defining %bcond_with composefs (not enabled, by default) for now. - Switch fuse with fuse3 pkgconfig() module BuildRequires, because Fuse 3 is preffered over Fuse 2. - Drop --with-gjs option passed to configure. It's not recognized anymore, and configure script looks for gjs binary instead, acting accordingly. - Add %ghost /run/ostree to the main package files directive. This directory is created via %{_tmpfilesdir}/ostree-tmpfiles.conf. - Mark /etc/grub.d/*ostree and /etc/dracut.conf.d/ostree.conf with %config to instruct RPM those are config files. - Make the grub2 sub-package as noarch, since it doesn't have any binaries. - Refresh ostree-grub2-location.patch with Quilt. ==== libqt5-qtwebengine ==== Version update (5.15.14 -> 5.15.15) - Update to version 5.15.15: * Update Chromium: * [Backport] Security bug 1454860 * Further fixes for building with GCC 13 * Fixup [Backport] CVE-2023-2935: Type Confusion in V8 * [Backport] Security bug 1447430 * [Backport] CVE-2023-2930: Use after free in Extensions * [Backport] CVE-2023-3079: Type Confusion in V8 * [Backport] CVE-2023-3216: Type Confusion in V8 * [Backport] CVE-2023-2933: Use after free in PDF * [Backport] CVE-2023-2935: Type Confusion in V8 * [Backport] CVE-2023-2932: Use after free in PDF * [Backport] CVE-2023-2931: Use after free in PDF * [Backport] Security bug 1444195 * [Backport] Security bug 1428743 * [Backport] CVE-2023-2721: Use after free in Navigation ==== libreoffice ==== Version update (7.6.0.3 -> 7.6.1.1) Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-en libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit - Update to 7.6.1.1: https://wiki.documentfoundation.org/Releases/7.6.1/RC1 ==== libunistring ==== - Run testsuite also under qemu emulation ==== libunwind ==== Version update (1.7.0 -> 1.7.2) - Update to 1.7.2: * Don't override sp on arm and mips64. * Add direct dependent libraries to remotes. * Fix make install failure. - Update to 1.7.1: * Bump to release 1.7.1 to fix source tarball naming issue ==== libvirt ==== Subpackages: libvirt-client libvirt-daemon-common libvirt-daemon-config-network libvirt-daemon-driver-interface libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lock libvirt-daemon-log libvirt-daemon-plugin-lockd libvirt-daemon-proxy libvirt-daemon-qemu libvirt-libs - spec: Disable Apparmor support in ALP-based products - spec: Disable interface driver in ALP-based products - spec: Disable sanlock plugin in ALP-based products - spec: Disable numad support in ALP-based products ==== libwpe ==== Version update (1.14.0 -> 1.14.1) - Update to version 1.14.1: + Fix the build with older glibc C library versions. ==== libxcb ==== Version update (1.15 -> 1.16) Subpackages: libxcb-composite0 libxcb-damage0 libxcb-dpms0 libxcb-dri2-0 libxcb-dri3-0 libxcb-glx0 libxcb-present0 libxcb-randr0 libxcb-record0 libxcb-render0 libxcb-res0 libxcb-shape0 libxcb-shm0 libxcb-sync1 libxcb-xfixes0 libxcb-xinerama0 libxcb-xinput0 libxcb-xkb1 libxcb-xv0 libxcb1 - Update to version 1.16 * gitlab CI: add a basic build test * configure.ac: drop dependency `pthread-stubs` on Solaris * configure.ac: Remove obsolete AC_HEADER_STDC * Raise minimum required version of Python from 2.6 to 3.0 * Fix windows build. * Fix indentation. * Fix a compiler warning * Fix handling of documented enum parameters * Allow full paths to sockets on non-macOS * DISPLAY starting with / or unix: is always a socket path * Add tests for unix socket parsing * autogen.sh: use quoted string variables * c_client: Fix crash in xcb_randr_set_monitor * configure.ac: drop `pthread-stubs` dependency on DragonFly and FreeBSD * xcb_conn: Add a check for NULL to silence a UBSan runtime error * configure.ac: Require xcb-proto >= 1.16.0 * Fix xcb_connect() call with a custom xcb_auth_info_t * autogen: add default patch prefix * Build DOUBLE-BUFFER extension. * Require xcb-proto >= 1.15.1, which has Dbe * configure.ac: drop dependency `pthread-stubs` on macOS * autogen.sh: use exec instead of waiting for configure to finish * Improve tutorial example - adjusted bug-262309_xcb-xauthlocalhostname.diff, n_If-auth-with-credentials-for-hostname-fails-retry-with-XAUTHLOCALHOSTNAME.patch - added libxcb-dbe0 subpackage for libxcb-dbe.so.0* ==== libxml2 ==== Subpackages: libxml2-2 libxml2-tools - Security fix: CVE-2023-39615 (bsc#1214768) * crafted xml can cause global buffer overflow * Added file libxml2-CVE-2023-39615.patch ==== libxml2-python ==== - Security fix: CVE-2023-39615 (bsc#1214768) * crafted xml can cause global buffer overflow * Added file libxml2-CVE-2023-39615.patch ==== libzip ==== Version update (1.10.0 -> 1.10.1) - version update to 1.10.1 * Add `ZIP_LENGTH_TO_END` and `ZIP_LENGTH_UNCHECKED`. Unless `ZIP_LENGTH_UNCHECKED` is used as `length`, it is an error for a file to shrink between the time when the source is created and when its data is read. ==== libzypp ==== Version update (17.31.19 -> 17.31.20) - Fixup changes for 17.31.16. Remove faulty reference to a bug actually fixed in 2019. - version 17.31.20 (22) ==== lokalize ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - Changes since 23.07.80: * Fix constructing pot branch dirs for symlinked dirs (kde#472605) - Update to 23.07.80 * New feature release - Too many changes since 23.04.3, only listing bugfixes: * Update entry reference after deleting nonexistent file in TM (kde#461950) * Make progress bar percentage localizable (kde#459212) * Initialize files in base and branch catalogs at the same time (kde#462902) ==== mailcommon ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKPim5MailCommon5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Adapt to CollectionAnnitationsAttribute being moved to Akonadi * Fix platforms name * KMail filter dialogue: Add icons to import/export/Sieve buttons * Remove CI 6 job. We will use kf6 branch for kf6 works * Adapt to new akonadi-contact/akonadi-contact-editor api * not export symbol of private methods * Remove unused signal * Fix install qch target * Don't duplicate mailcommon_export.h (fix install it) * Remove search configwidgets * We need to search PimCommonAkonadi otherwise we need to check on several apps * Use correct INSTALL_TARGETS_DEFAULT_ARGS ==== mailimporter ==== Version update (23.04.3 -> 23.08.0) Subpackages: libKPim5MailImporter5 libKPim5MailImporterAkonadi5 - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Fix platforms name * Remove CI 6 job. We will use kf6 branch for kf6 works * Remove unused files * not export symbol of private methods * Fix typo * Generate version first * Fix generate QCH + remove compat lib * PimCommon is only necessary not PimCommonAkonadi * Use correct INSTALL_TARGETS_DEFAULT_ARGS ==== mbox-importer ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Remove CI 6 job. We will use kf6 branch for kf6 works ==== messagelib ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - Changes since 23.07.80: * Fix Do not change color from original HTML mail" also makes plain text mail not adhere to color scheme (kde#471857) - Update to 23.07.80 * New feature release - Too many changes since 23.04.3, only listing bugfixes: * Fix references to message parts in encrypted messages (kde#469383) * Look for matching subkey if no key was found for fingerprint (kde#469304) ==== mobipocket ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Have export macros header include version header (Qt6-only) ==== mozilla-nss ==== Version update (3.91 -> 3.92) Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs mozilla-nss-tools - update to NSS 3.92 * bmo#1822935 - Set nssckbi version number to 2.62 * bmo#1833270 - Add 4 Atos TrustedRoot Root CA certificates to NSS * bmo#1839992 - Add 4 SSL.com Root CA certificates * bmo#1840429 - Add Sectigo E46 and R46 Root CA certificates * bmo#1840437 - Add LAWtrust Root CA2 (4096) * bmo#1822936 - Remove E-Tugra Certification Authority root * bmo#1827224 - Remove Camerfirma Chambers of Commerce Root. * bmo#1840505 - Remove Hongkong Post Root CA 1 * bmo#1842928 - Remove E-Tugra Global Root CA ECC v3 and RSA v3 * bmo#1842937 - Avoid redefining BYTE_ORDER on hppa Linux ==== mpfr ==== Version update (4.2.0 -> 4.2.1) - Update to mpfr 4.2.1 * Includes all fixes from mpfr-4.2.0-cummulative.patch which is subsequently removed. * Improved MPFR manual. * Configure tests: replaced the test of the link with GMP, in order to avoid the use of a function without a prototype (Autoconf issue), as this is obsolescent in ISO C. The new test should be more robust. ==== mutter ==== - Add mutter-fix-clipped-redraw.patch: Previous refactor forget to check has_buffer_age, which leads into force full redraw and causes redraw issue with xterm on qemu. This patch fixes it. (bsc#1210744, glgo#GNOME/mutter!3221) - Drop mutter-revert-window_draw_issues.patch: Proper fix is added. ==== ncurses ==== Version update (6.4.20230812 -> 6.4.20230819) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20230819 + various manpage-formatting fixes. + correct formatting of table header in curs_inopts.3x (Branden Robinson). + correct manpage description of panel_hidden (report by Benjamin Mordaunt). ==== nodejs20 ==== Subpackages: npm20 - Temporarily bundle ICU for SLE15 SP6 (jsc#PED-4819) ==== okular ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - Changes since 23.07.80: * No need to lookup paths for images without a dot. * Better suggested signed name * Bump SOVERSION of okularcore * Fix playing of external audio files * Fix phonon not being correctly detected * Fix markdown converter with libdiscount 3 * Forms: Don't run focusin action when gaining focus because of window management (kde#472756) - Update to 23.07.80 * New feature release - Too many changes since 23.04.3, only listing bugfixes: * Handle absolute urls in Document::processAction (kde#472440) * Avoid accidental scrolling when performing pinch gesture (kde#421755) * Surface Digitally Sign action more obviously in hamburger menu (kde#470752) * Make default PDF printing scale mode configurable (kde#463732) * Let user "Save As..." when document has been externally modified (kde#402017) * Reuse an existing action to toggle sidebar visibility (kde#468317) * JS: Implement field.valueAsString (kde#468036) * Fix crash when executing the Save action (kde#467603) * JS: Make field.value return a number if possible (kde#467852) ==== open-vm-tools ==== Subpackages: libvmtools0 open-vm-tools-desktop - Fix (bsc#1214566) - (CVE-2023-20900) - VUL-0: CVE-2023-20900: open-vm-tools: SAML token signature bypass vulnerability + Add patch: CVE-20230-20900.patch ==== openexr ==== Version update (3.1.9 -> 3.1.11) Subpackages: libIex-3_1-30 libIlmThread-3_1-30 libOpenEXR-3_1-30 - version update to 3.1.11 [#]# Version 3.1.11 (August 13, 2023) Patch release that fixes a build failure with `-march=x86-64-v3` * Initialize `regs[]` to 0 in `check_for_x86_simd` * Fix CPUID detection with `-march=x86-64-v3` [#]# Version 3.1.10 (August 2, 2023) Patch release that addresses miscellaneous build issues, test failures, and performance regressions, as well as: * OSS-fuzz [59457](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59457) Heap-buffer-overflow in `LossyDctDecoder_execute` * Readdress #1456: disallow NaNs in `testOptimizedInterleavePatterns` * Revert pre-computed values * Fix handling for corrupt number of DC components * Add `OPENEXR_MISSING_ARM_VLD1` workaround to `internal_dwa_simd.h` * Fix Huffman performance regression on Linux/clang * Fix range check in dwa compressor * Fix build with i386 and musl libc * Fix the code contains unhandled character * Fix cpu detection of sse2 on non-64 x86 * Fix the code contains unhandled character * Fix gcc-11 warnings: signed/unsigned integer comparison, unused variables * Fix macOS and Windows build failures when threading is disabled * Fix build error on win_arm64 - deleted patches - 1488.patch (upstreamed) ==== pam ==== - Fix building without SELinux ==== pam-full-src ==== - Fix building without SELinux ==== parley ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Fix error in appending file extension (kde#405515) * Fix out of bounds read ==== php8 ==== Version update (8.2.9 -> 8.2.10) Subpackages: php8-cli php8-ctype php8-dom php8-gd php8-gettext php8-iconv php8-mbstring php8-mysql php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter - version update to 8.2.10 * This is a bug fix release. * https://www.php.net/ChangeLog-8.php#8.2.10 ==== pim-data-exporter ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Remove CI 6 job. We will use kf6 branch for kf6 works * Remove search configwidgets ==== pim-sieve-editor ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Remove CI 6 job. We will use kf6 branch for kf6 works ==== pipewire ==== Version update (0.3.77 -> 0.3.79) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Update to version 0.3.79: * Highlights - Fix a regression in suspend that could cause silence. - Fix a regression in JACK port registration that could cause all kinds of JACK problems. - Fix a typo in the neon sample conversion functions that could cause distortion. - Add BAP broadcast source and sink support. - pw-top now has a batch mode to dump the output to stdout. - Many more bugfixes and improvements. * PipeWire - Fix a regression in shutdown where a node might not first suspend properly. This cause loss of sound in some cases. - Failure to compile a regular expression in the config file will now be reported and ! can be used to negate the match. - Fix a regression where some nodes might not set running in some cases. - Nodes are now suspended before the format is cleared, which might fix some crashes. * Tools - pw-top now has a batch mode to dump the output to stdout. * SPA - The queued samples in audioconvert are now correctly reported in the delay. - Make it easier to add a custom profile in ACP. - Fix a typo in the neon sample conversion functions that could cause distortion. - device.profile.pro=true is added for pro audio nodes. - An xrun counter was added to spa_io_clock to detect and track skipped data because of xruns. * Pulse-server - Add alsa-sink and alsa-source modules. * Bluetooth - Fix a regression where only the BAP off profile is shown. - Add BAP broadcast source and sink support. * JACK - Also emit a latency notify when the buffer size changes. - Fix a regression in JACK port registration. - jack_port_tie() is now supported. * ALSA - Improve property handling, support lists and ranges in addition to fixed values. - Remove patches already included upstream: * 0001-jack-make-sure-we-can-always-find-our-own-ports.patch * 0001-audioconvert-fix-typo-in-neon-function.patch * 0001-impl-node-improve-suspend.patch * 0001-bluez5-fix-BAP-profiles-showing.patch - Update to version 0.3.78: * Highlights - An old regression was fixed with where some nodes would not run. - A regression was fixed where removed events would not be shown in some cases. This would result in duplicate entries in audio clients. - Fix an off-by-one in the vban audio receiver. Tweak the rate adaption a little. - ACP will now set a UCM verb before probing the pro-audio devices. - More bugfixes and improvements. * PipeWire - An old regression was fixed with where some nodes would not run. (#3405) - Suspend was improved a little to avoid races when the session manager would suspend right when a driver was starting. * Modules - module-rtp-sap does not use the deprecated inet_aton anymore. - Fix an off-by-one in the vban audio receiver. Tweak the rate adaption a little. (#3380) * SPA - ACP will now set a UCM verb before probing the pro-audio devices. (#3407) - The mandatory flag will be set now on the video modifiers. - EVL was updated to Xenomai4 r46 and xbuf creation was improved. - An option was added to force colors in the log even when logging to !tty. - The return type of spa_pod_builder_control() was fixed. - inotify errors are handled better now. (#3439) * pulse-server - A regression was fixed where removed events would not be shown in some cases. (#3414) * Bluetooth - Improve compatibility with more devices, avoid reusing the same transport for different media-sink instances to avoid encoder resets. - Improve enumeration of codec profiles for BAP and A2DP. * JACK - Ensure we can't iterate ports from a deactivated client. Also make sure the JACK clients with the node.always-process=false always show their ports. (#3416) * GStreamer - A potential crash was fixed in the device provider when stopping. - Remove patches already included upstream: * 0001-context-Dont-stop-setting-runnable-when-meeting-the-driving.patch * 0001-gst-Prevent-a-crash-when-stopping-device-provider.patch * 0001-jack-ports-become-visible-when-the-registration-is-queued.patch * 0002-jack-handle-node.always-process-=-false-jack-nodes.patch * 0001-pulse-server-set-all-change_mask-flags-when-removing.patch ... changelog too long, skipping 9 lines ... * 0001-bluez5-fix-BAP-profiles-showing.patch ==== polkit-default-privs ==== Version update (1550+20230606.5001571 -> 1550+20230829.1a9a761) - Update to version 1550+20230829.1a9a761: * deepin-api: provide backward compatibility whitelisting (bsc#1214101) ==== postfix ==== - CVE-2023-32182: postfix: config_postfix SUSE specific script potentially bad /tmp file usage (bsc#1211196) Use temp file created by mktemp ==== publicsuffix ==== Version update (20230717 -> 20230826) - Update to version 20230826: * util: gTLD data autopull updates for 2023-08-26T15:11:07 UTC (#1835) * util: gTLD data autopull updates for 2023-08-23T15:12:41 UTC (#1832) * Update tld-update.yml (#1827) * util: gTLD data autopull updates for 2023-08-12T15:10:57 UTC (#1829) * util: gTLD data autopull updates for 2023-08-09T15:14:39 UTC (#1828) * tools: include IANA TLD URL in new gtld updates. (#1817) * util: gTLD data autopull updates for 2023-08-05T15:11:19 UTC (#1822) * Update tld-update.yml to automatically add labels when autopull catches deltas and generates PR (#1815) * ci: update test workflow triggers to include PRs. (#1818) * util: gTLD data autopull updates for 2023-08-02T15:11:59 UTC (#1816) * unbroke URL assembly * Add IANA DB URL instead of blanking out contract date * tools: skip contract date rendering, small CI fixups. (#1812) * util: gTLD data autopull updates for 2023-07-28T15:13:22 UTC (#1805) ==== python-dnspython ==== Version update (2.3.0 -> 2.4.2) - update to version 2.4.2: * Async queries could wait forever instead of respecting the timeout if the timeout was 0 and a packet was lost. The timeout is now respected. * Restore HTTP/2 support which was accidentally broken during the https refactoring done as part of 2.4.0. * When an inception time and lifetime are specified, the signer now sets the expiration to the inception time plus lifetime, instead of the current time plus the lifetime. - update to version 2.4.1: * Importing dns.dnssecalgs without the cryptography module installed no longer causes an ImportError. * A number of timeout bugs with the asyncio backend have been fixed. * DNS-over-QUIC for the asyncio backend now works for IPv6. * Dnspython now enforces that the candidate DNSKEYs for DNSSEC signatures have protocol 3 and have the ZONE flag set. This is a standards compliance issue more than a security issue as the legitimate authority would have to have published the non-compliant keys as well as updated their DS record in order for the records to validate (the DS digest includes both flags and protocol). Dnspython will not make invalid keys by default, but does allow them to be created and used for testing purposes. * Dependency specifications for optional features in the package metadata have been improved. - update to version 2.4.0: * Python 3.8 or newer is required. * The stub resolver now uses instances of ``dns.nameserver.Nameserver`` to represent remote recursive resolvers, and can communicate using DNS over UDP/TCP, HTTPS, TLS, and QUIC. In additional to being able to specify an IPv4, IPv6, or HTTPS URL as a nameserver, instances of ``dns.nameserver.Nameserver`` are now permitted. * The DNS-over-HTTPS bootstrap address no longer causes URL rewriting. * DNS-over-HTTPS now only uses httpx; support for requests has been dropped. A source port may now be supplied when using httpx. * DNSSEC zone signing with NSEC records is now supported. Thank you very much (again!) Jakob Schlyter! * The resolver and async resolver now have the ``try_ddr()`` method, which will try to use Discovery of Designated Resolvers (DDR) to upgrade the connection from the stub resolver to the recursive server so that it uses DNS-over-HTTPS, DNS-over-TLS, or DNS-over-QUIC. This feature is currently experimental as the standard is still in draft stage. * The resolver and async resolver now have the ``make_resolver_at()`` and ``resolve_at()`` functions, as a convenience for making queries to specific recursive servers. * Curio support has been removed. ==== python-pip ==== Version update (23.1.2 -> 23.2.1) - Finally drop csv23, it has been removed upstream since 2021. - Shift around sle15_python_module_pythons. - Upgrade to 23.2.1 * Bug fixes - Disable PEP 658 metadata fetching with the legacy resolver. - Upgrade to 23.2 * Process - Deprecate support for eggs for Python 3.11 or later, when the new importlib.metadata backend is used to load distribution metadata. This only affects the egg distribution format (with the .egg extension); distributions using the .egg-info metadata format (but are not actually eggs) are not affected. For more information about eggs, see relevant section in the setuptools documentation. * Deprecations and Removals - Deprecate legacy version and version specifiers that donât conform to PEP 440 - freeze no longer excludes the setuptools, distribute, and wheel from the output when running on Python 3.12 or later, where they are not included in a virtual environment by default. Use - -exclude if you wish to exclude any of these packages. * Features - make rejection messages slightly different between 1 and 8, so the user can make the difference. * Bug Fixes - Fix pip completion --zsh. - Prevent downloading files twice when PEP 658 metadata is present - Add permission check before configuration - Fix deprecation warnings in Python 3.12 for usage of shutil.rmtree - Ignore invalid or unreadable origin.json files in the cache of locally built wheels. - Fix installation of packages with PEP658 metadata using non-canonicalized names - Correctly parse dist-info-metadata values from JSON-format index data. - Fail with an error if the --python option is specified after the subcommand name. - Fix slowness when using importlib.metadata (the default way for pip to read metadata in Python 3.11+) and there is a large overlap between already installed and to-be-installed packages. - Pass the -r flag to mercurial to be explicit that a revision is passed and protect against hg options injection as part of VCS URLs. Users that do not have control on VCS URLs passed to pip are advised to upgrade. * Vendored Libraries - Upgrade certifi to 2023.5.7 - Upgrade platformdirs to 3.8.1 - Upgrade pygments to 2.15.1 - Upgrade pyparsing to 3.1.0 - Upgrade Requests to 2.31.0 - Upgrade rich to 13.4.2 - Upgrade setuptools to 68.0.0 - Updated typing_extensions to 4.6.0 - Upgrade typing_extensions to 4.7.1 - Upgrade urllib3 to 1.26.16 ==== python-rich ==== Version update (13.4.2 -> 13.5.2) - specfile: * update copyright year - update to version 13.5.2: * Fixed + Fixed Text.expand_tab assertion error - changes from version 13.5.1: * Fixed + Fix tilde character (~) not included in link regex when printing to console #3057 - changes from version 13.5.0: * Fixed + Fixed Text.expand_tabs not expanding spans. + Fixed TimeElapsedColumn from showing negative. + Fix for escaping strings with a trailing backslash #2987 + Fixed exception in Markdown with partial table #3053 + Fixed the HTML export template so that the <html> tag comes before the <head> tag #3021 + Fixed issue with custom classes overwriting __eq__ #2875 + Fix rich.pretty.install breakage in iPython #3013 * Added + Added Text.extend_style method. + Added Span.extend method. * Changed + Text.tab_size now defaults to None to indicate that Console.tab_size should be used. ==== qalculate ==== Version update (4.7.0 -> 4.8.0) Subpackages: libqalculate22 qalculate-data - Version update to 4.8.0 * Concise (e.g. "1.2345(67)") and relative (e.g. "5+/-2%") notation for output and input (disabled by default for concise notation) of interval * Optimize rest of unit expression when converting to partial (insufficient) expression (e.g. 18MAÃ100ns to J = 1.8 J/V) * Round high precision intervals enclosing integers for integer arguments * Add support for specifying position of sign bit in floating point functions * New derived units: Debye, CÂ·m, Daraf, F^-1, V/C, N/C, kcal, kcal/g, kJ * Use international foot as base unit for rod * Fix fibonacci() for non-integers and recursive use * Fix conversion options presented for speed units (and possibly other) * Update dialogs for editing of variables, functions, units, etc. to match the corresponding dialogs in the Qt UI (GTK) * Show user-defined objects in a separate category in menus and dialogs (GTK) * Add option to disable tooltips in keypad or everywhere (GTK, Qt) * Add option to disable units and to interpret unrecognized symbols as variables (unknowns) to preferences (Qt) * Make closing of application with Escape key optional and disabled by default (GTK, Qt) * Hide name column in conversion list when applied to current result (Qt) * Add temporary option to unknown variable edit dialog (GTK, Qt) * Add Microship (PIC16/17) 24 and 32 bit floating point formats (GTK, Qt) * Fix initial height of list and description in units window (GTK) * Minor bug fixes and feature enhancements ==== salt ==== Subpackages: python3-salt salt-master salt-minion salt-transactional-update - Revert usage of long running REQ channel to prevent possible missing responses on requests and dublicated responses (bsc#1213960, bsc#1213630, bsc#1213257) - Added: * revert-usage-of-long-running-req-channel-bsc-1213960.patch - Fix gitfs cachedir basename to avoid hash collisions (bsc#1193948, bsc#1214797, CVE-2023-20898) - Added: * fixed-gitfs-cachedir_basename-to-avoid-hash-collisio.patch - Make sure configured user is properly set by Salt (bsc#1210994) - Do not fail on bad message pack message (bsc#1213441, CVE-2023-20897, bsc#1214796) - Fix broken tests to make them running in the testsuite - Prevent possible exceptions on salt.utils.user.get_group_dict (bsc#1212794) - Added: * do-not-fail-on-bad-message-pack-message-bsc-1213441-.patch * fix-tests-to-make-them-running-with-salt-testsuite.patch * prevent-possible-exceptions-on-salt.utils.user.get_g.patch * make-sure-configured-user-is-properly-set-by-salt-bs.patch ==== samba ==== Version update (4.18.5+git.313.c8e274c7852 -> 4.18.6+git.320.cfda27bacb) Subpackages: libsamba-policy0-python3 samba-ad-dc-libs samba-client samba-client-libs samba-gpupdate samba-ldb-ldap samba-libs samba-libs-python3 samba-python3 samba-winbind samba-winbind-libs - Update to 4.18.6 * reply_sesssetup_and_X() can dereference uninitialized tmp pointer; (bso#15420); * Missing return in reply_exit_done(); (bso#15430); * post-exec password redaction for samba-tool is more reliable for fully random passwords as it no longer uses regular expressions containing the password value itself; (bso#15289); * Windows client join fails if a second container CN=System exists somewhere; (bso#9959); * Spotlight sometimes returns no results on latest macOS; (bso#15342); * Renaming results in NT_STATUS_SHARING_VIOLATION if previously attempted to remove the destination; (bso#15417); * Spotlight results return wrong date in result list; (bso#15427); * "net offlinejoin provision" does not work as non-root user; (bso#15414); * rpcserver no longer accepts double backslash in dfs pathname; (bso#15400); * cm_prepare_connection() calls close(fd) for the second time; (bso#15433); * 2-3min delays at reconnect with smb2_validate_sequence_number: bad message_id 2; (bso#15346); * samba-tool ntacl get segfault if aio_pthread appended; (bso#15441); * DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED can't be parsed; (bso#15446); * Python tarfile extraction needs change to avoid a warning (CVE-2007-4559 mitigation); (bso#15390); * Regression DFS not working with widelinks = true; (bso#15435); * mdssvc: Do an early talloc_free() in _mdssvc_open(); (bso#15449); - Move libcluster-samba4.so from samba-libs to samba-client-libs; (bsc#1213940); ==== signon-kwallet-extension ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - No code change since 23.04.3 ==== skanlite ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - No code change since 23.04.3 ==== spectacle ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - Changes since 23.07.80: * Fix crash in QApplication::screenRemoved lambda - Update to 23.07.80 * New feature release - Too many changes since 23.04.3, only listing bugfixes: * Avoid auto quitting on auto save (kde#469646) * Use ecm_query_qt to query Qt binaries dir (kde#471095) * Multiply annotation shadow opacity by stroke or fill opacity (kde#464170) * Allow making annotation colors fully transparent via checkboxes (kde#468077) * Hide redundant header on Wayland (kde#468818) * Fix wrong image position in rectangle capture mode with scaling (kde#462860) * Fix quitting Spectacle with Escape affecting windows below it (kde#428478) * Don't close all windows if activated by DBus with GUI and no CLI options (kde#467118) * Fix window title file name template on wayland (kde#465524) * Use deleteLater() to delete SpectacleWindows (kde#467401) * AnnotationDocument: Divide image size by devicePixelRatio in addImage() (kde#467398) ==== step ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - Changes since 23.04.3: * Add explicit moc includes to sources for moc-covered headers * Allow building against KF6 ==== suse-module-tools ==== Version update (16.0.33 -> 16.0.34) Subpackages: suse-module-tools-scriptlets * support old-style markers under /run/regenerate-initrd (bsc#1214877) * Fix comment in regenerate-initrd-posttrans ==== umbrello ==== Version update (23.04.3 -> 23.08.0) - Update to 23.08.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.08.0/ - No code change since 23.07.90 - Update to 23.07.90 * New feature release - No code change since 23.07.80 - Update to 23.07.80 * New feature release - No code change since 23.04.3 ==== unbound ==== Subpackages: libunbound8 unbound-anchor - openSUSE:Factory libunbound-devel-mini flavor is configured to sync build counter with unbound package. This means it always triggers a bootstrap no matter which of the packages got initially triggered. I am not sure if this is needed at all, if yes, please accept this request and forward with an explenation. If not, just decline it and we will remove the build counter syncing in factory as well. This adds the !BcntSyncTag: unbound to the mini spec file Details: https://lists.opensuse.org/archives/list/factory@lists.opensuse.org/thread/… - Add _multibuild to define additional spec files as additional flavors. Eliminates the need for source package links in OBS. ==== virtiofsd ==== Version update (1.6.1 -> 1.7.2) - Update to upstream version v1.7.2 (jsc#4980) - Add supplementary group extension support - Prevent EPERM failures with O_NOATIME - Fix cache timeouts - seccomp: Allow SYS_sched_yield - Allow to provide the same argument multiple times - Add the -V/--version options - Upgrade vendored dependencies ==== vulkan-loader ==== Version update (1.3.250.0 -> 1.3.261.0) - Update to release SDK-1.3.261.0 * Warn when ICD Manifest version differs from vkEnumerateInstanceVersion * Enable VK_KHR_maintenance_5 support ==== vulkan-tools ==== Version update (1.3.250.0 -> 1.3.261.0) - Update to release SDK-1.3.261.0 * icd: Fix OOB writes in QueuePerfCounters * icd: Add support for vkGetDescriptorSetLayoutSupport, vkGetRenderAreaGranularity, VK_KHR_cooperative_matrix, VK_EXT_host_image_copy * vulkaninfo: Make -j=<GPU> work ==== xdg-utils ==== Version update (1.1.3+20210805 -> 1.1.3+20230830) - Update to 1.1.3+20230830 * Patches: - 0001-Don-t-run-kreadconfig-if-KDE_SESSION_VERSION-is-5.patch - support-deepin-desktop.patch - xdg-utils-egrep.patch are merged upstream * Support for KDE Plasma 6 ==== xf86-input-libinput ==== Version update (1.3.0 -> 1.4.0) - Update to version 1.4.0: * Tablets now have BTN_STYLUS3 mapped to X button 8 (i.e. the first usable one after the LMR buttons). * Tablet now have the left-handed property available so we can actually change them to left-handed. ==== xwayland ==== Version update (23.1.2 -> 23.2.0) - enable libei and libdecor only for TW, since it does not exist yet on sle15-sp5 - Update to version 23.2.0: * Optional support for emulated input (EI) via the libei library, support for the tearing control protocol, and the XWayland rootful mode is now resizable with libdecor. - Add pkgconfig(libei-1.0) BuildRequires, build new optional emulated input support. - Add pkgconfig(libdecor-0) BuildRequires, build optional CSD support.

1 0

New Arm Tumbleweed snapshot 20230828 released!
by Guillaume Gardet 31 Aug '23

31 Aug '23

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: 389-ds (2.4.0~git18.37ec5cd -> 2.4.0~git74.4297d88) GraphicsMagick ImageMagick (7.1.1.12 -> 7.1.1.15) Mesa (23.1.4 -> 23.1.5) Mesa-drivers (23.1.4 -> 23.1.5) MozillaFirefox (115.0.3 -> 116.0.3) NetworkManager (1.42.8 -> 1.44.0) NetworkManager-vpnc SDL2 (2.28.1 -> 2.28.2) a52dec (0.7.5+svn613 -> 0.8.0) accountsservice amavisd-new apache2 apache2-manual apache2-mod_php8 (8.2.8 -> 8.2.9) apache2-prefork apache2-utils at-spi2-core attica-qt5 (5.108.0 -> 5.109.0) baloo5 (5.108.0 -> 5.109.0) bash-completion bind (9.18.17 -> 9.18.18) bluez (5.66 -> 5.68) bluez-qt (5.108.0 -> 5.109.0) breeze5-icons (5.108.0 -> 5.109.0) brltty (6.5 -> 6.6) busybox-links ca-certificates-mozilla (2.60 -> 2.62) catfish (4.16.4 -> 4.18.0) ceph chrony (4.3 -> 4.4) clamav (0.103.8 -> 0.103.9) colord dcraw dracut (059+suse.476.g5e324584 -> 059+suse.491.g87f19c22) emacs (28.2 -> 29.1) firewalld fixmath frameworkintegration (5.108.0 -> 5.109.0) fuse3 (3.15.1 -> 3.16.1) gcc13 (13.1.1+git7597 -> 13.2.1+git7683) gdb gdbm gdm giflib glibc (2.37 -> 2.38) glu gmp (6.2.1 -> 6.3.0) gnome-bluetooth (42.5 -> 42.6) gnome-disk-utility gnome-settings-daemon gnome-software (44.3 -> 44.4) gnome-terminal (3.48.1 -> 3.48.2) gnutls (3.8.0 -> 3.8.1) gpgme (1.21.0 -> 1.22.0) gpgmeqt (1.21.0 -> 1.22.0) grub2 gspell (1.12.1 -> 1.12.2) gtk3 gtk4 (4.10.4 -> 4.12.0) gupnp (1.6.4 -> 1.6.5) harfbuzz (8.0.1 -> 8.1.1) hwdata (0.372 -> 0.373) imlib2 (1.11.1 -> 1.12.0) java-11-openjdk (11.0.20.0 -> 11.0.20.1) javapackages-tools kactivities-stats (5.108.0 -> 5.109.0) kactivities5 (5.108.0 -> 5.109.0) karchive (5.108.0 -> 5.109.0) kauth (5.108.0 -> 5.109.0) kbookmarks (5.108.0 -> 5.109.0) kcalendarcore (5.108.0 -> 5.109.0) kcmutils (5.108.0 -> 5.109.0) kcodecs (5.108.0 -> 5.109.0) kcompletion (5.108.0 -> 5.109.0) kconfig (5.108.0 -> 5.109.0) kconfigwidgets (5.108.0 -> 5.109.0) kcontacts (5.108.0 -> 5.109.0) kcoreaddons (5.108.0 -> 5.109.0) kcrash (5.108.0 -> 5.109.0) kdav (5.108.0 -> 5.109.0) kdbusaddons (5.108.0 -> 5.109.0) kdeclarative (5.108.0 -> 5.109.0) kded (5.108.0 -> 5.109.0) kdelibs4support (5.108.0 -> 5.109.0) kdesu (5.108.0 -> 5.109.0) kdnssd-framework (5.108.0 -> 5.109.0) kdoctools (5.108.0 -> 5.109.0) kernel-firmware (20230724 -> 20230814) kernel-source (6.4.6 -> 6.4.11) kfilemetadata5 (5.108.0 -> 5.109.0) kglobalaccel (5.108.0 -> 5.109.0) kguiaddons (5.108.0 -> 5.109.0) kholidays (5.108.0 -> 5.109.0) khtml (5.108.0 -> 5.109.0) ki18n (5.108.0 -> 5.109.0) kiconthemes (5.108.0 -> 5.109.0) kidletime (5.108.0 -> 5.109.0) kimageformats (5.108.0 -> 5.109.0) kinit (5.108.0 -> 5.109.0) kio (5.108.0 -> 5.109.0) kirigami-addons (0.10.0 -> 0.11.0) kirigami2 (5.108.0 -> 5.109.0) kitemmodels (5.108.0 -> 5.109.0) kitemviews (5.108.0 -> 5.109.0) kjobwidgets (5.108.0 -> 5.109.0) kjs (5.108.0 -> 5.109.0) kmod knewstuff (5.108.0 -> 5.109.0) knotifications (5.108.0 -> 5.109.0) knotifyconfig (5.108.0 -> 5.109.0) kpackage (5.108.0 -> 5.109.0) kparts (5.108.0 -> 5.109.0) kpeople5 (5.108.0 -> 5.109.0) kplotting (5.108.0 -> 5.109.0) kpty (5.108.0 -> 5.109.0) kquickcharts (5.108.0 -> 5.109.0) kross (5.108.0 -> 5.109.0) krunner (5.108.0 -> 5.109.0) kservice (5.108.0 -> 5.109.0) ktexteditor (5.108.0 -> 5.109.0) ktextwidgets (5.108.0 -> 5.109.0) kunitconversion (5.108.0 -> 5.109.0) kwallet (5.108.0 -> 5.109.0) kwayland (5.108.0 -> 5.109.0) kwidgetsaddons (5.108.0 -> 5.109.0) kwindowsystem (5.108.0 -> 5.109.0) kxmlgui (5.108.0 -> 5.109.0) less (633 -> 643) libKF5ModemManagerQt (5.108.0 -> 5.109.0) libKF5NetworkManagerQt (5.108.0 -> 5.109.0) libXaw3d (1.6.4 -> 1.6.5) libadwaita (1.3.3 -> 1.3.4) libcloudproviders (0.3.1 -> 0.3.2) libetonyek libfprint (1.94.5+tod1 -> 1.94.6+tod1) libgit2 (1.7.0 -> 1.7.1) libgweather4 (4.2.0 -> 4.3.2) libimobiledevice (1.3.0+179git.20230430 -> 1.3.0+190git.20230705) liblangtag (0.6.3 -> 0.6.4) liblc3 (1.0.3 -> 1.0.4) libpaper (2.1.0 -> 2.1.1) libplacebo (6.292.0 -> 6.292.1) libreoffice (7.5.4.2 -> 7.6.0.3) libreoffice-share-linker libselinux libsemanage libsoup2 libssh libstorage-ng (4.5.133 -> 4.5.136) libupnp (1.14.17 -> 1.14.18) libvirt (9.5.0 -> 9.6.0) libxmlb (0.3.11 -> 0.3.13) libzypp (17.31.17 -> 17.31.19) lsb-release luajit lvm2 lvm2-device-mapper man (2.10.2 -> 2.11.2) mc (4.8.29 -> 4.8.30) mokutil mozjs102 (102.12.0 -> 102.14.0) mutter ncurses (6.4.20230715 -> 6.4.20230812) nodejs20 (20.3.1 -> 20.5.1) okteta (0.26.12 -> 0.26.13) openSUSE-repos-Tumbleweed (20230731.a018a46 -> 20230810.a7534f6) openssl-3 (3.1.1 -> 3.1.2) openssl (3.1.1 -> 3.1.2) opensuse-welcome (0.1.9+git.0.66be0d8 -> 0.1.9+git.35.4b9444a) openvpn (2.6.5 -> 2.6.6) osinfo-db (20230518 -> 20230719) pam pam-full-src pam_mount (2.19 -> 2.20) patterns-base pentaho-libxml (1.1.3 -> 1.1.6) perl (5.36.1 -> 5.38.0) perl-Authen-SASL (2.16 -> 2.170.0) perl-Convert-ASN1 (0.33 -> 0.340.0) perl-Image-ExifTool (12.64 -> 12.65) perl-LWP-Protocol-https (6.10 -> 6.110.0) php8 (8.2.8 -> 8.2.9) pipewire (0.3.76 -> 0.3.77) plasma-framework (5.108.0 -> 5.109.0) plasma5-desktop (5.27.7 -> 5.27.7.1) plasma5-workspace plymouth postgresql15 (15.3 -> 15.4) prison-qt5 (5.108.0 -> 5.109.0) procmail (3.22 -> 3.24) procps procps4 purpose (5.108.0 -> 5.109.0) python-M2Crypto python-Pillow python-PyYAML (6.0 -> 6.0.1) python-Pygments (2.15.1 -> 2.16.1) python-SQLAlchemy python-alembic (1.10.4 -> 1.11.2) python-certifi (2023.5.7 -> 2023.7.22) python-click (8.1.3 -> 8.1.6) python-cryptography (41.0.2 -> 41.0.3) python-gevent (22.10.2 -> 23.7.0) python-gssapi python-immutables python-importlib-resources (5.12.0 -> 6.0.1) python-ldap python-libvirt-python (9.5.0 -> 9.6.0) python-lxml (4.9.2 -> 4.9.3) python-mailman python-numpy (1.24.2 -> 1.25.2) python-passlib python-pexpect python-psutil python-pycups python-pyzmq (25.0.2 -> 25.1.1) python-semanage python-typing_extensions (4.5.0 -> 4.7.1) python311 python311-core qemu (8.0.3 -> 8.0.4) qqc2-desktop-style (5.108.0 -> 5.109.0) qt6-declarative qtkeychain-qt5 (0.13.2 -> 0.14.1) rdma-core re2c (3.0 -> 3.1) rebootmgr (2.0 -> 2.1) rpm rubygem-moneta (1.5.2 -> 1.6.0) sac salt setools (4.4.2 -> 4.4.3) shadow (4.13 -> 4.14.0) signon (8.60 -> 8.61) smartmontools (7.3 -> 7.4) solid (5.108.0 -> 5.109.0) sonnet (5.108.0 -> 5.109.0) speech-dispatcher (0.11.4 -> 0.11.5) srt (1.5.1 -> 1.5.2) suse-module-tools (16.0.32 -> 16.0.33) syndication (5.108.0 -> 5.109.0) syntax-highlighting (5.108.0 -> 5.109.0) system-config-printer systemd (253.7 -> 253.8) sysvinit (3.07 -> 3.08) tango-icon-theme tar telepathy-logger threadweaver (5.108.0 -> 5.109.0) tracker-miners unixODBC (2.3.11 -> 2.3.12) upower (1.90.1 -> 1.90.2) util-linux util-linux-systemd w3m webkit2gtk3 (2.40.4 -> 2.40.5) webkit2gtk3-soup2 (2.40.4 -> 2.40.5) wpebackend-fdo (1.14.0 -> 1.14.2) wtmpdb (0.7.1 -> 0.9.1) xdg-desktop-portal-gnome (44.1 -> 44.2) xen (4.17.1_06 -> 4.17.2_02) xfce4-terminal (1.0.4 -> 1.1.0) xmlsec1 xz (5.4.3 -> 5.4.4) yast2-apparmor (4.6.1 -> 4.6.2) yast2-country (4.6.2 -> 4.6.3) yast2-installation (4.6.5 -> 4.6.7) yast2-packager (4.6.1 -> 4.6.2) yast2-trans (84.87.20230729.64eca7e0a1 -> 84.87.20230818.ea489402e5) zsh zxing-cpp === Details === ==== 389-ds ==== Version update (2.4.0~git18.37ec5cd -> 2.4.0~git74.4297d88) Subpackages: lib389 libsvrcore0 - Update to version 2.4.0~git74.4297d88: * issue 5890 part 2 - Need a tester for testing multiple listening thread feature (#5897) * Issue i5846 - Crash when lmdb import is aborted (#5881) * Issue 5894 - lmdb import error fails with Could not store the entry (#5895) * Issue 5890 - Need a tester for testing multiple listening thread feature (#5891) * Issue 5082 - slugify: ModuleNotFoundError when running test cases - Update to version 2.4.0~git69.89c2de5: * Issue 4551 - Part 2 - Fix build warning of previous PR (#5888) * Issue 5834 - AccountPolicyPlugin erroring for some users (#5866) * Issue 5872 - part 2 - fix is_dbi regression (#5887) * Issue 4758 - Add tests for WebUI * Issue 5848 - dsconf should prevent setting the replicaID for hub and consumer roles (#5849) * Issue 5883 - Remove connection mutex contention risk on autobind (#5886) * Issue 5872 - `dbscan()` in lib389 can return bytes * Bump version to 2.4.3 * Issue 5729 - Memory leak in factory_create_extension (#5814) * Issue 5870 - ns-slapd crashes at startup if a backend has no suffix (#5871) ==== GraphicsMagick ==== Subpackages: libGraphicsMagick++-Q16-12 libGraphicsMagick-Q16-3 libGraphicsMagick3-config - add strlcpy-wrong-sizing.patch: fix incorrect usages of strlcpy and strlcat detected by glibc 2.38's fortify ==== ImageMagick ==== Version update (7.1.1.12 -> 7.1.1.15) Subpackages: ImageMagick-config-7-SUSE ImageMagick-extra libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10 - version update to 7.1.1.15 * upstream changelog: https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-15---2023… - modified patches % ImageMagick-library-installable-in-parallel.patch (refreshed) - deleted patches - ImageMagick-CVE-2023-3428.patch (upstreamed) ==== Mesa ==== Version update (23.1.4 -> 23.1.5) Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libOSMesa8 libgbm1 - Update to bugfix release 23.1.5 - -> https://docs.mesa3d.org/relnotes/23.1.4.html ==== Mesa-drivers ==== Version update (23.1.4 -> 23.1.5) Subpackages: Mesa-dri Mesa-gallium Mesa-libva - Update to bugfix release 23.1.5 - -> https://docs.mesa3d.org/relnotes/23.1.4.html ==== MozillaFirefox ==== Version update (115.0.3 -> 116.0.3) - Mozilla Firefox 116.0.3 * Fixed an issue for OPFS users that broke access to files that were locally cached in a previous version (bmo#1847989, bmo#1847619) * Fixed an issue that was breaking screensharing for some users on Wayland (bmo#1841851) * Fixed an issue where a fullscreen notification was persistently being shown to a user, even after disabling it (bmo#1847901) * Fixed an issue where Firefox would hang when doing a Google search (bmo#1847066) - After further testing on memory consumption during linking, it's safe to remove most of the memory reducing options for ix86 linker. A combination of these actually resulted in the OOM condition. It's even possible to add basic debugging info while keeping linker memory consumption at about 2GB - Mozilla Firefox 116.0.2 * fixes for other platforms - Workarold ld bug causing OOM when linking on 32-bit - Remove -j1 limit on x86. The build runs on 64-bit kernel with a 32-bit userland. This means there is plenty of memory available but userland is limited to just under 4GB per process. - Mozilla Firefox 116.0.1 * fixes for other platforms - ship vaapitest binary for supported archs - re-enable ppc64le - ship v4l2test binary for supported archs - drop obsolete mozilla-bmo1775202.patch - Mozilla Firefox 116.0 * https://www.mozilla.org/en-US/firefox/116.0/releasenotes/ MFSA 2023-29 (bsc#1213746) * CVE-2023-4045 (bmo#1833876) Offscreen Canvas could have bypassed cross-origin restrictions * CVE-2023-4046 (bmo#1837686) Incorrect value used during WASM compilation * CVE-2023-4047 (bmo#1839073) Potential permissions request bypass via clickjacking * CVE-2023-4048 (bmo#1841368) Crash in DOMParser due to out-of-memory conditions * CVE-2023-4049 (bmo#1842658) Fix potential race conditions when releasing platform objects * CVE-2023-4050 (bmo#1843038) Stack buffer overflow in StorageManager * CVE-2023-4051 (bmo#1821884) Full screen notification obscured by file open dialog * CVE-2023-4052 (bmo#1824420) File deletion and privilege escalation through Firefox uninstaller * CVE-2023-4053 (bmo#1839079) Full screen notification obscured by external program * CVE-2023-4054 (bmo#1840777) Lack of warning when opening appref-ms files * CVE-2023-4055 (bmo#1782561) Cookie jar overflow caused unexpected cookie jar state * CVE-2023-4056 (bmo#1820587, bmo#1824634, bmo#1839235, bmo#1842325, bmo#1843847) Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14 * CVE-2023-4057 (bmo#1841682) Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1 * CVE-2023-4058 (bmo#1819160, bmo#1828024) Memory safety bugs fixed in Firefox 116 - require NSS 3.91 - remove obsolete mozilla-fix-top-level-asm.patch - re-enable LTO ==== NetworkManager ==== Version update (1.42.8 -> 1.44.0) Subpackages: NetworkManager-bluetooth NetworkManager-pppoe NetworkManager-tui NetworkManager-wwan libnm0 typelib-1_0-NM-1_0 - Update to version 1.44.0: + Introduce a new "link" setting that holds properties related to the kernel link such as "tx-queue-length", "gso-max-size", "gso-max-segments", "gro-max-size". + Support sending a DHCPv6 prefix delegation hint via the "ipv6.dhcp-pd-hint" connection property. + Support new bond options: "arp_missed_max", "lacp_active", "ns_ip6_target". + Add new "initial-eps-bearer-configure" and "initial-eps-bearer-apn" properties in the GSM setting. + Setting "connection.stable-id=default${CONNECTION}" changed behavior to be identical to the built-in default value when the stable-id is not set. + Add a "[keyfile].rename" option to NetworkManager.conf to force renaming profiles on disk when their name changes. + The ifcfg-rh plugin is deprecated; it will only receive bugfixes and no new features. A warning is emitted the log when a connection in ifcfg-rh format is found. + To automatically migrate existing ifcfg-rh connections to the keyfile format, a new configuration option "main.migrate-ifcfg-rh" is provided. Migration is disabled by default, but the default value can be changed at build time via "--with-config-migrate-ifcfg-rh-default=yes". + When configuring hostnames in non-public TLD (like "example.local"), use the TLD as default search domain instead of the full hostname. + Always apply DNS options from the [global-dns] configuration section + The NetworkManager daemon now acquires the D-Bus name only after populating the D-Bus tree. This can add a delay during startup but it is required to avoid race conditions with other services depending on NM. + Add a "version-id" argument to the Update2() D-Bus call to guard against concurrent modifications of profiles. + Don't use tentative IPv6 addresses to resolve the system hostname via DNS. + Track the number of autoconnect retries left for each device and connection. Previously it was tracked only per connection and this lead to unexpected behaviors in case of multiconnect profiles. + Set VLAN filtering options on bridge via netlink instead of sysfs. + nm-cloud-setup now supports IMDSv2 on Amazon EC2. + nmtui now allows to enable or disable Wi-Fi and WWAN radios. + Honor ignore-carrier=no for bond/bridge/team devices. + Add version mismatch warning when running nmcli commands. - Rebase patches with quilt. ==== NetworkManager-vpnc ==== Subpackages: NetworkManager-vpnc-gnome - Add nm-vpnc-editor-interface-name.patch: properties: Don't set interface name as empty string by default (glgo#GNOME/NetworkManager-vpnc/commit/f4df2db6c, bsc#1213769). ==== SDL2 ==== Version update (2.28.1 -> 2.28.2) - Update to release 2.28.2 * Fixed 8BitDo gamepad mapping when in XInput mode on Linux * Fixed controller lockup initializing some unofficial PS4 replica controllers * Fixed video initialization on headless Linux systems using VNC ==== a52dec ==== Version update (0.7.5+svn613 -> 0.8.0) - Minor spec cleaning, use ldconfig_scriptlets macro, be more explicit in listing of files (use less globs). - Update to release 0.8.0 * Build system modernization - Drop altivec.patch (inapplicable) - Remove obsolete Groups tag (fate#326485) ==== accountsservice ==== Subpackages: libaccountsservice0 typelib-1_0-AccountsService-1_0 - Rebase as-fate318433-prevent-same-account-multi-logins.patch: (bsc#1213884). ==== amavisd-new ==== Subpackages: amavisd-new-docs - Package failed to rebuild on Perl version changes due to missing %{perl_requires} ==== apache2 ==== - Enable building of mod_md ==== apache2-manual ==== - Enable building of mod_md ==== apache2-mod_php8 ==== Version update (8.2.8 -> 8.2.9) - version update to 8.2.9 * This is a security release. * Fixes CVE-2023-3824 [bsc#1214103] and CVE-2023-3823 [bsc#1214106] * https://www.php.net/ChangeLog-8.php#8.2.9 - deleted patches - php-unicode-allow-redistribution.patch (upstreamed) - deleted sources - repack.sh (not needed) ==== apache2-prefork ==== - Enable building of mod_md ==== apache2-utils ==== - Enable building of mod_md ==== at-spi2-core ==== Subpackages: libatk-1_0-0 libatk-bridge-2_0-0 libatspi0 typelib-1_0-Atk-1_0 typelib-1_0-Atspi-2_0 - Support build environments like SLE 15 SP5 and Leap 15.5 which had %{_distconfdir) not defined yet. ==== attica-qt5 ==== Version update (5.108.0 -> 5.109.0) Subpackages: libKF5Attica5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== baloo5 ==== Version update (5.108.0 -> 5.109.0) Subpackages: baloo5-file baloo5-file-lang baloo5-imports baloo5-kioslaves baloo5-kioslaves-lang baloo5-tools baloo5-tools-lang libKF5Baloo5 libKF5BalooEngine5 libKF5BalooEngine5-lang - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Document uses and abuses of Baloo::IndexerConfig * [BalooSearch] Add sort order option * [Codecs] Make encode/decode methods static, cleanup * [QueryTest] Add full stack test * [TermGeneratorTest] Extend phrase coverage * [AdvancedQueryParserTest] Extend phrase coverage * [SearchStore] Move private helpers to anonymous namespace * [BasicIndexingJob] Ignore filename based mimetype for empty files * Reduce filesystem dependencies in more tests * [DocumentUrlDbTest] Remove file system dependencies from test * [DocumentUrlDb] Split document addition and file tree creation * [DocumentUrlDbTest] Use explicit recursion when walking directory tree * [Transaction] Use DocumentUrlDB::contains * [DocumentUrlDB] Add `contains` method * Remove proxy for obsolete org.kde.baloo interface * [Transaction] Remove Transaction::exec convenience method * Add explicit moc includes to sources for moc-covered headers ==== bash-completion ==== - Modify patches * ls-completion-boo889319.patch * rm-completion-smart-boo958462.patch to avoid skipping spaces after last word on command line (boo#1210974) - Add patch fix_quote_readline_by_ref.patch * Do not escape leading ~ nor backslash and avoid empty quoting ==== bind ==== Version update (9.18.17 -> 9.18.18) Subpackages: bind-doc bind-utils - Update to release 9.18.18 Feature Changes: * When a primary server for a zone responds to an SOA query, but the subsequent TCP connection required to transfer the zone is refused, that server is marked as temporarily unreachable. This now also happens if the TCP connection attempt times out, preventing too many zones from queuing up on an unreachable server and allowing the refresh process to move on to the next configured primary more quickly. * The dialup and heartbeat-interval options have been deprecated and will be removed in a future BIND 9 release. Bug Fixes: * Processing already-queued queries received over TCP could cause an assertion failure, when the server was reconfigured at the same time or the cache was being flushed. This has been fixed. * Setting dnssec-policy to insecure prevented zones containing resource records with a TTL value larger than 86400 seconds (1 day) from being loaded. This has been fixed by ignoring the TTL values in the zone and using a value of 604800 seconds (1 week) as the maximum zone TTL in key rollover timing calculations. ==== bluez ==== Version update (5.66 -> 5.68) Subpackages: bluez-auto-enable-devices bluez-cups bluez-zsh-completion libbluetooth3 - Use %_firmwaredir - For pushing bluez 5.68 to 15-SP6 (bluez-5.65), sync change log: (jsc#PED-5599) - RPi-Move-the-43xx-firmware-into-lib-firmware.patch be removed by Stefan Seyfried since updating to bluez-5.66. (bsc#995059)(bsc#1094902) Because the header file has "#ifndef FIRMWARE_DIR...#define FIRMWARE_DIR /etc/firmare" instead of patching. So we just supply FIRMWARE_DIR on compiler's command line in bluez.spec: export CPPFLAGS="$CPPFLAGS -DFIRMWARE_DIR='\"/lib/firmware\"' - For pushing bluez 5.68 to 15-SP6 (bluez-5.65), sync change log: (jsc#PED-5599) - The avrcp-Fix-crash-while-handling-unsupported-events.patch be merged to bluez-5.67 since 2023. (bsc#1210398)(CVE-2023-27349) - 0001-obex-Use-GLib-helper-function-to-manipulate-paths.patch be removed by Timo Jyrinki when updating to 5.68. I saw some reasons: - Upstream didn't take this patch: https://www.spinics.net/lists/linux-bluetooth/msg40136.html - Fedora also marked this patch in bluez.spec since bluez-5.68-2.fc39 https://src.fedoraproject.org/rpms/bluez/blob/2b133d795f4f823c8b22ef5a07569… We didn't put any bug number of this patch when it be introduced to bluez.spec since Nov 23, 2021. So, let's remove this patch unless upstream or Fedora add it back. - update to 5.68 * Fix issue with A2DP and handling of Transport.Acquire. * Fix issue with BAP and initiating QoS and Enable procedures. * Fix issue with BAP and detaching streams when PAC is removed. * Fix issue with BAP and reading all instances of PAC. * Fix issue with BAP and not being able to reconfigure. * Fix issue with BAP and transport configuration changes. * Fix issue with BAP and handling unexpected disconnect. * Fix issue with GATT and not removing pending services. * Fix issue with GATT and client ready handling. * Fix issue with handling fallback to transient hostname. * Add support for SecureConnections configuration option. * Add support for Mesh Remove Provisioning. * Add support for Mesh Private Beacons. - Remove patches that are not needed with the new upstream. ==== bluez-qt ==== Version update (5.108.0 -> 5.109.0) Subpackages: bluez-qt-imports bluez-qt-udev libKF5BluezQt6 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Remove code variants for building with Qt 6 * Add explicit moc includes to sources for moc-covered headers ==== breeze5-icons ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - No code change since 5.108.0 ==== brltty ==== Version update (6.5 -> 6.6) Subpackages: brltty-driver-at-spi2 brltty-driver-brlapi brltty-driver-speech-dispatcher brltty-driver-xwindow libbrlapi0_8 python3-brlapi system-user-brltty xbrlapi - Add e6707d5e.patch: brlapi: Fix python crash on connection error. Cython 3.0 started using the new Python object finalization APIs from PEP 442. - Update to version 6.6: + Too many changes; please read ChangeLog - Update api_version. - Rebase brltty-udev-dir.patch. ==== busybox-links ==== Subpackages: busybox-bzip2 busybox-coreutils busybox-ed busybox-findutils busybox-gawk busybox-grep busybox-gzip busybox-misc busybox-psmisc busybox-sed busybox-sendmail busybox-tar busybox-which busybox-xz - Check in filelists instead of buildrequiring all non-busybox utils ==== ca-certificates-mozilla ==== Version update (2.60 -> 2.62) - readd _multibuild - Updated to 2.62 state of Mozilla SSL root CAs (bsc#1214248) Added: - Atos TrustedRoot Root CA ECC G2 2020 - Atos TrustedRoot Root CA ECC TLS 2021 - Atos TrustedRoot Root CA RSA G2 2020 - Atos TrustedRoot Root CA RSA TLS 2021 - BJCA Global Root CA1 - BJCA Global Root CA2 - LAWtrust Root CA2 (4096) - Sectigo Public Email Protection Root E46 - Sectigo Public Email Protection Root R46 - Sectigo Public Server Authentication Root E46 - Sectigo Public Server Authentication Root R46 - SSL.com Client ECC Root CA 2022 - SSL.com Client RSA Root CA 2022 - SSL.com TLS ECC Root CA 2022 - SSL.com TLS RSA Root CA 2022 Removed CAs: - Chambers of Commerce Root - E-Tugra Certification Authority - E-Tugra Global Root CA ECC v3 - E-Tugra Global Root CA RSA v3 - Hongkong Post Root CA 1 ==== catfish ==== Version update (4.16.4 -> 4.18.0) Subpackages: catfish-lang - Update to version 4.18.0 * Filters: Add Archives, Other, update Apps * Use Gio to open files, fix "no default app" issue * Add symlink emblem to thumbnails in thumbnail mode * config: Prefer plocate over mlocate if available * window: Avoid IndexError on right click when selection is empty * Create shared filetype lists for searching and filtering * Ensure site-packages directory is prepended to sys.path * Fix double border between sidebar and results area * window: Fix and refactor new_column() * window: Fix markup warnings in thumbnail view * Fix GtkBuilder warnings * Revert "Suppress the various GTK warnings GtkBuilder outputs" * Fix crash and translations when install prefix != /usr * Update `.gitignore` * Remove generated file po/catfish.pot * Performance improvements (fix #79) * Translation Updates - Refresh 0001-Force-disable-Zeitgeist-support.patch - Remove _service file ==== ceph ==== Subpackages: librados2 librbd1 - restrict to older Cython ==== chrony ==== Version update (4.3 -> 4.4) Subpackages: chrony-pool-openSUSE - Update to 4.4: * Add support for AES-GCM-SIV with Nettle >= 3.9 to shorten NTS cookies to avoid some length-specific blocking of NTP on Internet. * Add support for multiple refclocks using extpps option on one PHC. * Add maxpoll option to hwtimestamp directive to improve PHC tracking with low packet rates * Add hwtstimeout directive to configure timeout for late timestamps. * Handle late hardware transmit timestamps of NTP requests on all sockets. * Handle mismatched 32/64-bit time_t in SOCK refclock samples * Improve source replacement * Log important changes made by command requests (chronyc) * Refresh address of NTP sources periodically * Set DSCP for IPv6 packets * Shorten NTS-KE retry interval when network is down * Update seccomp filter for musl * Warn if loading keys from file with unexpected permissions * Warn if source selection fails or falseticker is detected * Add selectopts command to modify source-specific selection options. * Add timestamp sources to serverstats report and make its fields 64-bit. * Add -e option to chronyc to indicate end of response - Update clknetsim to snapshot ef2a7a9. ==== clamav ==== Version update (0.103.8 -> 0.103.9) Subpackages: libclamav9 libfreshclam2 - Renew clamav.keyring . - Update to 0.103.9 * CVE-2023-20197: Fixed a possible denial of service vulnerability in the HFS+ file parser. This issue affects versions 1.1.0, 1.0.1 through 1.0.0, 0.105.2 through 0.105.0, 0.104.4 through 0.104.0, and 0.103.8 through 0.103.0. (boo#1214342) * Fixed compiler warnings that may turn into errors in Clang 16. ==== colord ==== Subpackages: colord-color-profiles libcolord2 libcolorhug2 - Reduce memory constraints for riscv64 ==== dcraw ==== Subpackages: dcraw-lang - add dcraw-glibc-2.38.patch to fix prototype clash on memmem with glibc 2.38+ ==== dracut ==== Version update (059+suse.476.g5e324584 -> 059+suse.491.g87f19c22) - Update to version 059+suse.491.g87f19c22: * fix(dracut-install): protect against broken links pointing to themselves * fix(dracut.sh): exit if resolving executable dependencies fails (bsc#1214081) - Update to version 059+suse.488.g81715832: This is the 3rd backport of the most important fixes and features from the upstream master branch, while the release date of version 060 is still undefined. * fix(systemd-udevd): add missing override paths * fix(systemd-journald): add systemd-sysusers dependency * fix(base): correct handling of quiet in loginit * chore(suse): require gawk instead of awk * refactor(install): log about missing firmware only once * fix(integrity): do not require ls * fix(dracut-init.sh): `module_check` method ignores `forced` option * fix(man): add missing initrd-root-device.target to flow chart * fix(dracut-init.sh): use the local _ret variable * fix(dracut.sh): use gawk for strtonum * fix(man): remove duplicate entry ==== emacs ==== Version update (28.2 -> 29.1) Subpackages: emacs-el emacs-eln emacs-info emacs-nox emacs-x11 etags - Require bwrap at build time as some tools requires it if checks are enabled - Modify patch emacs-29.1.dif * Avoid in ispell.el unused lexical variable `load-dict' - Extend patch pdump.patch * Make various emacs flavours find their pdmp files even if first argument is simply named "emacs" (slack message, boo#1214008) - Update to GNU Emacs version 29.1 * Official tree-sitter support * EGlot, the Language Server Client * Use-package a declarative configuration tool finally in * Better long line support * Native SQLite Support * Changing the init directory You can now instruct Emacs to read its initialization from another directory from the command line. - Use natively compiled lisp files only for GTK variant as every binary has its own hash keys for the eln location as well as for the eln native compiled lisp files - Port rmailgen.el and .gnu-emacs to 29.1 - Remove the old patches now upstream * 01a4035c.patch * 3c1693d0.patch * CVE-2022-48338.patch * CVE-2022-48339.patch * d3209119.patch * d48bb487.patch - Port and rename patch emacs-28.1.dif which is now emacs-29.1.dif - Port the patches * emacs-24.1-ps-mule.patch * emacs-24.3-iconic.patch * emacs-24.3-x11r7.patch * emacs-24.4-glibc.patch * emacs-24.4-nonvoid.patch * emacs-24.4-ps-bdf.patch * emacs-25.1-custom-fonts.patch * emacs-25.2-ImageMagick7.patch * emacs-26.1-xft4x11.patch * emacs-27.1-Xauthority4server.patch * emacs-27.1-pdftex.patch * pdump.patch - Re-enable ImageMagick usage ==== firewalld ==== Subpackages: firewalld-bash-completion firewalld-zsh-completion python3-firewall - fix(cli): all --list-all-zones output identical (boo#1213609) [+ fix_list_all_zones_output.patch] ==== fixmath ==== - Build with g++ >= 7 in order to be able to use C++17 features - Added patch: * cmake-tests-old-cmake.patch + allow building with cmake >= 3.5 + conditionally applied on SLE12-SP5 whose cmake is old ==== frameworkintegration ==== Version update (5.108.0 -> 5.109.0) Subpackages: frameworkintegration-plugin libKF5Style5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== fuse3 ==== Version update (3.15.1 -> 3.16.1) Subpackages: libfuse3-3 - Update to release 3.16.1 * Readdir kernel cache can be enabled from high-level API. ==== gcc13 ==== Version update (13.1.1+git7597 -> 13.2.1+git7683) Subpackages: cpp13 libasan8 libatomic1 libgcc_s1 libgccjit0 libgfortran5 libgomp1 libhwasan0 libitm1 liblsan0 libobjc4 libstdc++6 libstdc++6-devel-gcc13 libstdc++6-locale libstdc++6-pp libtsan2 libubsan1 - Bump to cc279d6c64562f05019e1d12d0d825f9391b5553, git7683 * Includes GCC 13.2 release * Includes patch to fix broken testcase in libbacktrace, fixing build problems on SLES 12 - gdcflags.patch: Use substituted GDCFLAGS - Filter out -Werror=return-type from D compile flags ==== gdb ==== - Drop libdebuginfod1 BuildRequires/Recommends. The former isn't needed because there's a build requirement on libdebuginfod-devel already, which will pull the shared library. And the latter, because it's bogus since RPM auto generated dependency will take care of that requirement. ==== gdbm ==== Subpackages: libgdbm6 libgdbm_compat4 - Fix bsc#1209583, gdbm_load and gdbm_dump receive a SEGFAULT if run without arguments bsc1209583.patch ==== gdm ==== Subpackages: gdm-schema gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0 - Do not use %autopatch to build on SLE where rpm version is not ready for the macro. ==== giflib ==== - Define make_build for distributions which do not define them in system macros ==== glibc ==== Version update (2.37 -> 2.38) Subpackages: glibc-devel glibc-extra glibc-locale glibc-locale-base nscd - Update to glibc 2.38 * When C2X features are enabled and the base argument is 0 or 2, the following functions support binary integers prefixed by 0b or 0B as input * PRIb*, PRIB* and SCNb* macros from C2X have been added to <inttypes.h>. * printf-family functions now support the wN format length modifiers for arguments of type intN_t, int_leastN_t, uintN_t or uint_leastN_t and the wfN format length modifiers for arguments of type int_fastN_t or uint_fastN_t, as specified in draft ISO C2X * A new tunable, glibc.pthread.stack_hugetlb, can be used to disable Transparent Huge Pages (THP) in stack allocation at pthread_create * Vector math library libmvec support has been added to AArch64 * The strlcpy and strlcat functions have been added * CVE-2023-25139: When the printf family of functions is called with a format specifier that uses an <apostrophe> (enable grouping) and a minimum width specifier, the resulting output could be larger than reasonably expected by a caller that computed a tight bound on the buffer size - Enable build with _FORTIFY_SOURCE - glibc-2.3.90-langpackdir.diff: avoid reference to __strcpy_chk - iconv-error-verbosity.patch: iconv: restore verbosity with unrecognized encoding names (BZ #30694) - printf-grouping.patch, strftime-time64.patch, getlogin-no-loginuid.patch, fix-locking-in-_IO_cleanup.patch, gshadow-erange-rhandling.patch, system-sigchld-block.patch, gmon-buffer-alloc.patch, check-pf-cancel-handler.patch, powerpc64-fcntl-lock.patch, realloc-limit-chunk-reuse.patch, dl-find-object-return.patch; Removed ==== glu ==== - devel package: added missing dep to Mesa GL devel package (boo#1213976) ==== gmp ==== Version update (6.2.1 -> 6.3.0) - GMP 6.3.0 * A possible overflow of type int is avoided for mpz_cmp on huge operands. * A possible error condition when a malformed file is read with mpz_inp_raw is now correctly handled. * New public function mpz_prevprime, companion of the existing mpz_nextprime. * New documented pointer types mpz_ptr, mpz_srcptr, and similar for other GMP types. Refer to the manual for full list and suggested usage. These types have been present in gmp.h at least since GMP-4.0, but previously not advertised to users. * Support for 64-bit Arm under Macos. * Support for the loongarch64 CPU family. * Support for building with LTO, link-time optimisations. * New special code for base = 2 in mpz_powm reduces the average time for the functions that test primality. * Speedup for the function mpz_nextprime on large operands. * Speedup for multiplications (some sizes only) thanks to new internal functions to compute small negacyclic products. * Special assembly code for IBM z13 and later "mainframe" CPUs, resulting in a huge speedup. * Improved assembly for several 64-bit x86 CPUs, Risc-V, 64-bit Arm. - Removed gmp-6.2.1-CVE-2021-43618.patch which is included in the new release. ==== gnome-bluetooth ==== Version update (42.5 -> 42.6) Subpackages: libgnome-bluetooth-3_0-13 libgnome-bluetooth-ui-3_0-13 typelib-1_0-GnomeBluetooth-3_0 - Update to version 42.6: + Fix problems with icons for mice and tablets. + Updates status labels to be dimmed by default. + Updated translations. ==== gnome-disk-utility ==== - Support build environments like SLE 15 SP5 and Leap 15.5 which had %{_distconfdir) not defined yet. ==== gnome-settings-daemon ==== - Do not use %autopatch to build on SLE where rpm version is not ready for the macro. - Drop patch gnome-settings-daemon-bnc873545-hide-warnings.patch: the relevant color management has been moved to mutter. ==== gnome-software ==== Version update (44.3 -> 44.4) Subpackages: gnome-software-plugin-packagekit - Update to version 44.4: + Improve error notifications from failed GPG checks. + Disable animations in the UI according to the userâs accessibility settings. + Fix applying updates which require some packages to be removed to satisfy dependencies. + Updated translations. ==== gnome-terminal ==== Version update (3.48.1 -> 3.48.2) Subpackages: gnome-shell-search-provider-gnome-terminal nautilus-extension-terminal - Update to version 3.48.2: + build: Bump vte req version. + Updated translations. ==== gnutls ==== Version update (3.8.0 -> 3.8.1) Subpackages: libgnutls-dane0 libgnutls30 - Fix missing GNUTLS_NO_EXTENSIONS compatibility. * Upstream: gitlab.com/gnutls/gnutls/commit/abfa8634 * Add gnutls-GNUTLS_NO_EXTENSIONS-compatibility.patch - tests: Fix the SRP test that fails with SIGPIPE signal return due to a socket being closed before using it. * Add gnutls-srp-test-SIGPIPE.patch - Update to version 3.8.1: * libgnutls: ClientHello extensions are randomized by default To make fingerprinting harder, TLS extensions in ClientHello messages are shuffled. As this behavior may cause compatibility issue with legacy applications that do not accept the last extension without payload, the behavior can be reverted with the %NO_SHUFFLE_EXTENSIONS priority keyword. * libgnutls: Add support for RFC 9258 external PSK importer. This enables to deploy the same PSK across multiple TLS versions (TLS 1.2 and TLS 1.3) in a secure manner. To use, the application needs to set up a callback that formats the PSK identity using gnutls_psk_format_imported_identity(). * libgnutls: %GNUTLS_NO_EXTENSIONS has been renamed to %GNUTLS_NO_DEFAULT_EXTENSIONS. * libgnutls: Add additional PBKDF limit checks in FIPS mode as defined in SP 800-132. Minimum salt length is 128 bits and minimum iterations bound is 1000 for PBKDF in FIPS mode. * libgnutls: Add a mechanism to control whether to enforce extended master secret (RFC 7627). FIPS 140-3 mandates the use of TLS session hash (extended master secret, EMS) in TLS 1.2. To enforce this, a new priority keyword %FORCE_SESSION_HASH is added and if it is set and EMS is not set, the peer aborts the connection. This behavior is the default in FIPS mode, though it can be overridden through the configuration file with the "tls-session-hash" option. In either case non-EMS PRF is reported as a non-approved operation through the FIPS service indicator. * New option --attime to specify current time. To make testing with different timestamp to the system easier, the tools doing certificate verification now provide a new option - -attime, which takes an arbitrary time. * API and ABI modifications: gnutls_psk_client_credentials_function3: New typedef gnutls_psk_server_credentials_function3: New typedef gnutls_psk_set_server_credentials_function3: New function gnutls_psk_set_client_credentials_function3: New function gnutls_psk_format_imported_identity: New function GNUTLS_PSK_KEY_EXT: New enum member of gnutls_psk_key_flags * Rebase patches: - gnutls-FIPS-140-3-references.patch - gnutls-FIPS-jitterentropy.patch * Remove patches merged/fixed upstream: - gnutls-FIPS-PCT-DH.patch - gnutls-FIPS-PCT-ECDH.patch ==== gpgme ==== Version update (1.21.0 -> 1.22.0) Subpackages: libgpgme11 libgpgmepp6 - Fix builds with qt and qt6 [T6673]: * qt,tests: Fix build in source directory. Include Qt binding sources before C++ binding sources and C sources. This fixes the problem that the debug.h in the C sources was found before the one in the Qt bindings. * build: Suggest out-of-source build. Suggest to run configure from a build subdirectory. * Add patches: - gpgme-qt-tests-Fix-build-in-source-directory.patch - gpgme-build-Suggest-out-of-source-build.patch - Update to 1.22.0: * Prevent wrong plaintext when verifying clearsigned signature. * Return bad data error instead of general error on unexpected data. * Take care of offline mode for all operations of gpgsm engine. * Prepare the use of the forthcoming libassuan version 3. * New configure option --with-libtool-modification. * cpp: Expose gpgme_decrypt_result_t.is_mime. * qt: Clean up after failure or cancel of sign/encrypt archive operation. * qt: Add setInputEncoding to QGpgMe::EncryptJob. * qt: Make toLogString helper public. * Interface changes relative to the 1.21.0 release: - qt: EncryptJob::setInputEncoding NEW. - qt: DecryptionResult::isMime NEW. - qt: toLogString NEW. - Run testsuite in qemu build ==== gpgmeqt ==== Version update (1.21.0 -> 1.22.0) - Fix builds with qt and qt6 [T6673]: * qt,tests: Fix build in source directory. Include Qt binding sources before C++ binding sources and C sources. This fixes the problem that the debug.h in the C sources was found before the one in the Qt bindings. * build: Suggest out-of-source build. Suggest to run configure from a build subdirectory. * Add patches: - gpgme-qt-tests-Fix-build-in-source-directory.patch - gpgme-build-Suggest-out-of-source-build.patch - Update to 1.22.0: * Prevent wrong plaintext when verifying clearsigned signature. * Return bad data error instead of general error on unexpected data. * Take care of offline mode for all operations of gpgsm engine. * Prepare the use of the forthcoming libassuan version 3. * New configure option --with-libtool-modification. * cpp: Expose gpgme_decrypt_result_t.is_mime. * qt: Clean up after failure or cancel of sign/encrypt archive operation. * qt: Add setInputEncoding to QGpgMe::EncryptJob. * qt: Make toLogString helper public. * Interface changes relative to the 1.21.0 release: - qt: EncryptJob::setInputEncoding NEW. - qt: DecryptionResult::isMime NEW. - qt: toLogString NEW. - Run testsuite in qemu build ==== grub2 ==== Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin - Change the bash-completion directory (bsc#1213855) * grub2-change-bash-completion-dir.patch ==== gspell ==== Version update (1.12.1 -> 1.12.2) Subpackages: libgspell-1-2 typelib-1_0-Gspell-1 - Update to version 1.12.2: + Small code maintenance: don't use g_slice_*(). ==== gtk3 ==== Subpackages: gtk3-data gtk3-immodule-amharic gtk3-immodule-inuktitut gtk3-immodule-thai gtk3-immodule-tigrigna gtk3-immodule-vietnamese gtk3-schema gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0 - Do not use %autopatch to build on SLE where rpm version is not ready for the macro. ==== gtk4 ==== Version update (4.10.4 -> 4.12.0) Subpackages: gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0 - Add 6af9dc86.patch: print: Revert "Start sorting apart includes" change for gtkprinteroptionprivate.h. - Update to version 4.12.0: + List widgets: Add scroll_to APIs + GtkFileLauncher: Add an always-ask property + GtkTextView: Make backspace behavior match GtkEntry + gsk: Fix handling of luminance in mask nodes + Text rendering: Automate the setting of gtk-hint-font-metrics from the scale factor. This improves font rendering in flatpaks + Wayland: - Fix behavior of stylus buttons - Support suspended window state + Vulkan: Many improvements + Tools: Add gtk4-rendernode-tool + Debugging: Drop the GTK_DEBUG_TOUCHSCREEN flag + Build: Some build options have been renamed: - gtk_doc -> documentation - update_screenshots -> screenshots - The old names still work + Updated translations. - Update option passed to meson following upstream changes. - Update to version 4.11.4: + GtkFileChooser: - Default to sorting folders first - Fix a crash when visiting recent files + GtkTextView: Fix corner cases in word navigation + GtkMenuButton: Normalize label layout + GtkDropDown: Add support for sections + GtkVideo: Make the overlay icon clickable + GtkWindow: Clear the resize cursors to avoid artifacts + GtkFileDialog: Always set initial-folder + GtkDropDown: Update on expression changes + GtkMapListModel: Implement GtkSectionModel + Accessibility: - Improvements all over the place: GtkButton, GtkPasswordEntry, GtkFontChooserDialog, GtkColorChooserDialog, GtkShortcutsWindow, GtkMenuButton, GtkAboutDialog, GtkFileChooserDialog, GtkStackSidebar, GtkStackSwitcher, GtkMediaControls, GtkColorDialogButton, GtkDropDown, GtkInfoBar, GtkNotebook, GtkPrintUnixDialog, GtkModelButton - Make name computation follow the ARIA spec more closely - Adapt name computation for the common 'nested button' scenario - Change many containers to use `generic` instead of `group` - Use `generic` as the default role - Use `application` instead of `window` for windows - Add properties for accessible names of not directly exposed widgets in GtkListView, GtkGridView and GtkColumnView + DND: Fix criticals when drops are rejected + X11: Fix regressions in GLX setup + Windows: Center newly created transient windows + Vulkan: - Add antialising for gradients - Do less work on clipped away nodes - Redo image uploading - Support different image depths and formats - Add a pipeline cache + Demos: - gtk4-demo: Improve window sizing - gtk4-demo: Improve focus behavior - gtk4-demo: Add many missing a11y properties + Tools: gtk4-builder-tool: Make render an alias screenshot + Inspector: - Show more information in the a11y tab - Add an accessibility overlay with warnings and recommendations - Limit the width of the a11y tab + Build: - Require GLib 2.76 - Make asan builds work again - Fix the build if ld is not ld.bdf + Updated translations. - Update to version 4.10.5: + Fix ordering problems with filter model signals + Avoid lingering resize cursors + Fix alignment issues on sparc + Fix a problem with CSS corner values + Updated translations. ==== gupnp ==== Version update (1.6.4 -> 1.6.5) - Update to version 1.6.5: + Fix build with meson 1.2 - Drop patches fixed upstream: + a10c57bd.patch + 884639bd.patch ==== harfbuzz ==== Version update (8.0.1 -> 8.1.1) Subpackages: libharfbuzz-gobject0 libharfbuzz-icu0 libharfbuzz-subset0 libharfbuzz0 typelib-1_0-HarfBuzz-0_0 - Update to version 8.1.1: + Fix shaping of contextual rules at the end of string, introduced in 8.1.0. + Fix stack-overflow in repacker with malicious fonts. + 30% speed up loading Noto Duployan font. - Update to version 8.1.0: + Fix long-standing build issue with the AIX compiler and older Apple clang. + Revert optimization that could cause timeout during subsetting with malicious fonts. + More optimization work: - 45% speed up in shaping Noto Duployan font. - 10% speed up in subsetting Noto Duployan font. - Another 8% speed up in shaping Gulzar. - 5% speed up in loading Roboto. + New API: +hb_ot_layout_collect_features_map(). ==== hwdata ==== Version update (0.372 -> 0.373) - update to 0.373: * Update pci, usb and vendor ids ==== imlib2 ==== Version update (1.11.1 -> 1.12.0) Subpackages: imlib2-loaders libImlib2-1 - Update to 1.12.0: * test_load2: make error messages more descriptive * Y4M loader: fix support for 420 colorspaces * Y4M loader: add support for images with unexpected aspects * imlib2_view: Avoid potential use of uninitialized data * GIF loader: Enable showing animated images even if truncated * Introduce __imlib_perror() to produce error messages * loaders: Use common function to print error messages * imlib2_load: Move time_us() to separate file * imlib2_conv: Add option to time save operations * test: Fix pr_info() when not printing to stdout * loading: Enable calling function on loader load/unload * HEIF loader: Call heif_[de]init() on loader load/unload * autofoo: Don't check for freetype if we are building without text * QOI loader: Add progress calback, indent, cosmetics * Loaders: Static constify some data that may as well be * TGA loader: Fix TGA v2.0 signature check * test: Add basic qoi checks * test_scale: Test scaling some more * scaling: Unifdef OLD_SCALE_DOWN * scaling: Correct scaleinfo array length * scaling: Move scaling function call sequence into common __imlib_Scale() * scaling: Cosmetics (comments) * scaling: Simplify scaling points calculation (eliminate j) * scaling: Change ypoints[] from pointers to indices * scaling: Cosmetics * scaling: Minor refactoring * scaling: Correct scaling up * test_scale: Update for new scaling * image: Fix missing munmap() when using imlib_load_image_fd() * image: Fix potentially using incorrect file size * file: Remove a couple of unused functions * image: Fix potentially using incorrect file size - fixup * test: Bypass wrappers when running tests * test_load: Minor fix in debug message * Add new raw loader * TIFF loader: Slightly more strict signature check * image: Use sub-second time info when available * image: Fix preservation of alpha chanel flag in imlib_clone_image() * image cache: Avoid negative refcounts * image cache: Drop redundant cleanup * image cache: Rework cleanup * Revert "scaling: Correct scaling up" * Revert "test_scale: Update for new scaling" * scaling: Various trivial changes * scaling: Improve non-AA scale-up case * scaling: Correct scaling up - take 2 * test_scale: Update for new scaling (re-applied) * test_scale: Exercise non-AA path too * WEBP saver: allow lossless and respect compression tag * add a new QOI decoder * QOI loader: fix build on non-gnu compilers * QOI loader: use memcmp for magic and endmarker check * Y4M loader: check file size before magic check * loading: add some debug logs * loading: check for alloc failure * Y4M loader: use custom y4m parser * test_load: allow y4m memory loading * file: Remove unused functions some more * introduce imlib_image_decache_file() ==== java-11-openjdk ==== Version update (11.0.20.0 -> 11.0.20.1) Subpackages: java-11-openjdk-headless - Update to upstream tag jdk-11.0.20.1+1 (August 2023 emergency release fixing a regression in July 2023 CPU) * Changes: + JDK-8313765: Invalid CEN header (invalid zip64 extra data field size) + JDK-8314678: Bump update version for OpenJDK: jdk-11.0.20.1 - Added patch: * reproducible-javadoc-timestamp.patch + use SOURCE_DATE_EPOCH in javadoc and make the javadoc generation more reproducible ==== javapackages-tools ==== Subpackages: javapackages-filesystem - Modified patch: * javapackages-6.1.0-maven-depmap.patch + try to make the list of aliases more reproducible ==== kactivities-stats ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kactivities5 ==== Version update (5.108.0 -> 5.109.0) Subpackages: kactivities5-imports libKF5Activities5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== karchive ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Support reading file sizes from ZIP64 extended fields * Add explicit moc includes to sources for moc-covered headers ==== kauth ==== Version update (5.108.0 -> 5.109.0) Subpackages: libKF5Auth5 libKF5Auth5-lang libKF5AuthCore5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kbookmarks ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kcalendarcore ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kcmutils ==== Version update (5.108.0 -> 5.109.0) Subpackages: kcmutils-imports libKF5KCMUtils5 libKF5KCMUtilsCore5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kcodecs ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kcompletion ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kconfig ==== Version update (5.108.0 -> 5.109.0) Subpackages: kconf_update5 libKF5ConfigCore5 libKF5ConfigGui5 libKF5ConfigQml5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kconfigwidgets ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kcontacts ==== Version update (5.108.0 -> 5.109.0) Subpackages: kcontacts-lang libKF5Contacts5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kcoreaddons ==== Version update (5.108.0 -> 5.109.0) Subpackages: libKF5CoreAddons5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * kurlmimedata: limit amount of in-flight FDs for portal submission (kde#472716) * Remove code variants for building with Qt 6 * kurlmimedata: don't portal symlinks (kde#464225) * KSignalHandler: possibility to register signal handler as early as possible * Add explicit moc includes to sources for moc-covered headers ==== kcrash ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * On windows, look for drkonqi.exe ==== kdav ==== Version update (5.108.0 -> 5.109.0) Subpackages: libKF5DAV5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kdbusaddons ==== Version update (5.108.0 -> 5.109.0) Subpackages: kdbusaddons-tools libKF5DBusAddons5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kdeclarative ==== Version update (5.108.0 -> 5.109.0) Subpackages: kdeclarative-components libKF5CalendarEvents5 libKF5Declarative5 libKF5QuickAddons5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Remove code variants for building with Qt 6 * Add explicit moc includes to sources for moc-covered headers ==== kded ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kdelibs4support ==== Version update (5.108.0 -> 5.109.0) Subpackages: libKF5KDELibs4Support5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kdesu ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * SuProcess: Disable echo in the PTY before starting sudo (kde#452532) * PtyProcess: Allow calling enableLocalEcho before PTY creation ==== kdnssd-framework ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kdoctools ==== Version update (5.108.0 -> 5.109.0) Subpackages: libKF5DocTools5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - No code change since 5.108.0 ==== kernel-firmware ==== Version update (20230724 -> 20230814) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20230814 (git commit 0e048b061bde): * amdgpu: DMCUB updates for various AMDGPU asics * Revert "amdgpu: partially revert firmware for GC 11.0.0 and GC 11.0.2" * amdgpu: partially revert firmware for GC 11.0.0 and GC 11.0.2 * cirrus: Add CS35L41 firmware for HP G11 models * linux-firmware: Update AMD cpu microcode * rtl_bt: Add firmware v2 file for RTL8852C * Revert "rtl_bt: Update RTL8852C BT USB firmware to 0x040D_7225" * amdgpu: DMCUB updates for various AMDGPU asics * cxgb4: Update firmware to revision 1.27.4.0 * Mellanox: Add new mlxsw_spectrum firmware xx.2012.1012 * linux-firmware: Add URL for latest FW binaries for NXP BT chipsets * rtw89: 8851b: update firmware to v0.29.41.1 * qcom: sdm845: add RB3 sensors DSP firmware - Drop the obsoleted patch amd-ucode-CVE-2023-20569.patch - Update AMD 19h ucode for "Inception" (bsc#1213287, CVE-2023-20569) amd-ucode-CVE-2023-20569.patch - Update to version 20230731 (git commit 253cc179d849): * amdgpu: Update DMCUB for DCN314 & Yellow Carp * ice: add LAG-supporting DDP package * i915: Update MTL DMC to v2.13 * i915: Update ADLP DMC to v2.20 * cirrus: Add CS35L41 firmware for Dell Oasis Models * copy-firmware: Fix linking directories when using compression * copy-firmware: Fix test: unexpected operator * qcom: sc8280xp: LENOVO: remove directory sym link * qcom: sc8280xp: LENOVO: Remove execute bits ==== kernel-source ==== Version update (6.4.6 -> 6.4.11) Subpackages: kernel-64kb kernel-default - Linux 6.4.11 (bsc#1012628). - tpm: Disable RNG for all AMD fTPMs (bsc#1012628). - tpm: Add a helper for checking hwrng enabled (bsc#1012628). - ksmbd: validate command request size (bsc#1012628). - ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea() (bsc#1012628). - KVM: SEV: snapshot the GHCB before accessing it (bsc#1012628). - KVM: SEV: only access GHCB fields once (bsc#1012628). - wifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems() (bsc#1012628). - wifi: rtw89: fix 8852AE disconnection caused by RX full flags (bsc#1012628). - selftests: forwarding: Set default IPv6 traceroute utility (bsc#1012628). - wireguard: allowedips: expand maximum node depth (bsc#1012628). - mmc: moxart: read scr register without changing byte order (bsc#1012628). - mmc: sdhci-f-sdh30: Replace with sdhci_pltfm (bsc#1012628). - ipv6: adjust ndisc_is_useropt() to also return true for PIO (bsc#1012628). - selftests: mptcp: join: fix 'delete and re-add' test (bsc#1012628). - selftests: mptcp: join: fix 'implicit EP' test (bsc#1012628). - mptcp: avoid bogus reset on fallback close (bsc#1012628). - mptcp: fix disconnect vs accept race (bsc#1012628). - dmaengine: pl330: Return DMA_PAUSED when transaction is paused (bsc#1012628). - dmaengine: xilinx: xdma: Fix interrupt vector setting (bsc#1012628). - net: mana: Fix MANA VF unload when hardware is unresponsive (bsc#1012628). - ACPI: resource: Add IRQ override quirk for PCSpecialist Elimina Pro 16 M (bsc#1012628). - zram: take device and not only bvec offset into account (bsc#1012628). - io_uring/parisc: Adjust pgoff in io_uring mmap() for parisc (bsc#1012628). - parisc: Fix lightweight spinlock checks to not break futexes (bsc#1012628). - riscv: Start of DRAM should at least be aligned on PMD size for the direct mapping (bsc#1012628). - riscv/kexec: load initrd high in available memory (bsc#1012628). - riscv,mmio: Fix readX()-to-delay() ordering (bsc#1012628). - riscv/kexec: handle R_RISCV_CALL_PLT relocation type (bsc#1012628). - riscv: mm: fix 2 instances of -Wmissing-variable-declarations (bsc#1012628). - nvme: fix possible hang when removing a controller during error recovery (bsc#1012628). - nvme-tcp: fix potential unbalanced freeze & unfreeze (bsc#1012628). - nvme-rdma: fix potential unbalanced freeze & unfreeze (bsc#1012628). - nvme-pci: add NVME_QUIRK_BOGUS_NID for Samsung PM9B1 256G and 512G (bsc#1012628). - drm/nouveau/gr: enable memory loads on helper invocation on all channels (bsc#1012628). - drm/nouveau/nvkm/dp: Add workaround to fix DP 1.3+ DPCD issues (bsc#1012628). - drm/shmem-helper: Reset vma->vm_ops before calling dma_buf_mmap() (bsc#1012628). - drm/amdgpu: fix possible UAF in amdgpu_cs_pass1() (bsc#1012628). - drm/amd/pm: correct the pcie width for smu 13.0.0 (bsc#1012628). - drm/amd/display: check attr flag before set cursor degamma on DCN3+ (bsc#1012628). - tpm: tpm_tis: Fix UPX-i11 DMI_MATCH condition (bsc#1012628). - cpuidle: dt_idle_genpd: Add helper function to remove genpd topology (bsc#1012628). - cpuidle: psci: Move enabling OSI mode after power domains creation (bsc#1012628). - io_uring: correct check for O_TMPFILE (bsc#1012628). - zsmalloc: fix races between modifications of fullness and isolated (bsc#1012628). - hwmon: (pmbus/bel-pfe) Enable PMBUS_SKIP_STATUS_CHECK for pfe1100 (bsc#1012628). - radix tree test suite: fix incorrect allocation size for pthreads (bsc#1012628). - cpufreq: amd-pstate: fix global sysfs attribute type (bsc#1012628). - fs/proc/kcore: reinstate bounce buffer for KCORE_TEXT regions (bsc#1012628). - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput (bsc#1012628). - accel/ivpu: Add set_pages_array_wc/uc for internal buffers (bsc#1012628). - hugetlb: do not clear hugetlb dtor until allocating vmemmap (bsc#1012628). - mm/damon/core: initialize damo_filter->list from damos_new_filter() (bsc#1012628). - selftests: mm: ksm: fix incorrect evaluation of parameter (bsc#1012628). - mm: memory-failure: fix potential unexpected return value from unpoison_memory() (bsc#1012628). - mm: memory-failure: avoid false hwpoison page mapped error info (bsc#1012628). - drm/amd/pm: expose swctf threshold setting for legacy powerplay (bsc#1012628). - drm/amd/pm: avoid unintentional shutdown due to temperature momentary fluctuation (bsc#1012628). ... changelog too long, skipping 1486 lines ... - commit 02597d2 ==== kfilemetadata5 ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Remove awkward warning message also from Exiv2 autotests * Add explicit moc includes to sources for moc-covered headers ==== kglobalaccel ==== Version update (5.108.0 -> 5.109.0) Subpackages: kglobalaccel5 libKF5GlobalAccel5 libKF5GlobalAccelPrivate5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kguiaddons ==== Version update (5.108.0 -> 5.109.0) Subpackages: libKF5GuiAddons5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * fix google-maps-geo-handler * Add explicit moc includes to sources for moc-covered headers ==== kholidays ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Update Swedish holidays * Add explicit moc includes to sources for moc-covered headers ==== khtml ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== ki18n ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kiconthemes ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Do not automatically set breeze as the fallback theme on Android * Remove code variants for building with Qt 6 * Add explicit moc includes to sources for moc-covered headers ==== kidletime ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kimageformats ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * psd: Fix UB type punning (kde#471829) * Treat 3-channel MCH images as CMY images * Add explicit moc includes to sources for moc-covered headers ==== kinit ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * This framework needs a new maintainer * Add explicit moc includes to sources for moc-covered headers ==== kio ==== Version update (5.108.0 -> 5.109.0) Subpackages: kio-core - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Use switcheroo-control to find discrete GPUs (kde#449106) * file: preserve mode on put (kde#471539) * KFileWidget: Use targetUrl to extract urls, better handle absolute urls cases (kde#459485) * Add explicit moc includes to sources for moc-covered headers * KFileWidget: better exclude string that may look like Urls (kde#473228) ==== kirigami-addons ==== Version update (0.10.0 -> 0.11.0) - Update to 0.11.0 * Moved Kirigami.CategorizedSettings and Kirigami.SettingAction from Kirigami to Kirigami Addons * Two new components: FloatingButton and DoubleFloatingButton * Renamed MobileForm to FormCard * New About Pages ==== kirigami2 ==== Version update (5.108.0 -> 5.109.0) Subpackages: libKF5Kirigami2-5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Change Instantiator to Repeater in NavigationTabBar * Avatar: Always use uppercase initials * Add explicit moc includes to sources for moc-covered headers ==== kitemmodels ==== Version update (5.108.0 -> 5.109.0) Subpackages: kitemmodels-imports libKF5ItemModels5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kitemviews ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kjobwidgets ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kjs ==== Version update (5.108.0 -> 5.109.0) Subpackages: libKF5JS5 libKF5JSApi5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * setitimer(, NULL, ) is not supported. glibc will immediately coredump. * Add explicit moc includes to sources for moc-covered headers ==== kmod ==== Subpackages: kmod-bash-completion libkmod2 - Remove compatibility patches, add README.usrmerge (boo#1212835). * Delete Provide-fallback-for-successfully-running-make-modules_install.patch * Delete compat-module_directory-module_prefix.patch ==== knewstuff ==== Version update (5.108.0 -> 5.109.0) Subpackages: knewstuff-imports libKF5NewStuff5 libKF5NewStuffCore5 libKF5NewStuffWidgets5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Remove code variants for building with Qt 6 * Add explicit moc includes to sources for moc-covered headers ==== knotifications ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== knotifyconfig ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kpackage ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * KPackageTool: Show deprecation warning when metadata.desktop file is used * Add explicit moc includes to sources for moc-covered headers ==== kparts ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kpeople5 ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * QML plugin: use KPeople namespace meta object, instead of duplicating * Add explicit moc includes to sources for moc-covered headers ==== kplotting ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kpty ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Remove code variants for building with Qt 6 * Add explicit moc includes to sources for moc-covered headers ==== kquickcharts ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kross ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== krunner ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * runnerpython cgit.kde.org does not exist * Add explicit moc includes to sources for moc-covered headers ==== kservice ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== ktexteditor ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Remove code variants for building with Qt 6 * completion: Fix only start chars of items are matched * Fix chaotic up/down cursor movement in Block Selection Mode * Fix backspace behavior for empty lines with cursor beyond lineâs end (block selection mode) * Add explicit moc includes to sources for moc-covered headers ==== ktextwidgets ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kunitconversion ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kwallet ==== Version update (5.108.0 -> 5.109.0) Subpackages: kwallet-tools kwalletd5 libKF5Wallet5 libkwalletbackend5-5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kwayland ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers * Unbreak build where XLib's Bool definition harms moc generated code ==== kwidgetsaddons ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Remove code variants for building with Qt 6 * Add explicit moc includes to sources for moc-covered headers ==== kwindowsystem ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== kxmlgui ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== less ==== Version update (633 -> 643) - Update to 643: * Fix problem when a program piping into less reads from the tty, like sudo asking for password (github #368). * Fix search modifier ^E after ^W. * Fix bug using negated (^N) search (github #374). * Fix bug setting colors with -D on Windows build (github #386). * Fix reading special chars like PageDown on Windows (github #378). * Fix mouse wheel scrolling on Windows (github #379). * Fix erroneous EOF when terminal window size changes (github #372). * Fix compile error with some definitions of ECHONL (github #395). * Fix crash on Windows when writing logfile (github #405). * Fix regression in exit code when stdin is /dev/null and output is a file (github #373). * Add lesstest test suite to production release (github #344). * Change lesstest output to conform with automake Simple Test Format (github #399). ==== libKF5ModemManagerQt ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== libKF5NetworkManagerQt ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== libXaw3d ==== Version update (1.6.4 -> 1.6.5) - Update to libXaw3d 1.6.5: * Set close-on-exec when opening files * configure: pass noyywrap to AC_PROG_LEX if using autoconf 2.70 or later * Raises minimum autoconf version from 2.60 to 2.64 for m4_version_prereq * Clears autoconf warning: configure.ac:29: warning: AC_PROG_LEX without either yywrap or noyywrap is obsolete ./lib/autoconf/programs.m4:716: _AC_PROG_LEX is expanded from... ./lib/autoconf/programs.m4:709: AC_PROG_LEX is expanded from... configure.ac:29: the top level * configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL * AC_PROG_LIBTOOL was replaced by LT_INIT in libtool 2 in 2008, so it's time to rely on it. * Clears autoconf warnings: configure.ac:13: warning: The macro `AC_PROG_LIBTOOL' is obsolete. configure.ac:13: You should run autoupdate. aclocal.m4:3465: AC_PROG_LIBTOOL is expanded from... configure.ac:13: the top level * libtoolize: Consider adding 'AC_CONFIG_MACRO_DIRS([m4])' to configure.ac, libtoolize: and rerunning libtoolize and aclocal. * Issue #5: incompatible function pointer passed in _XawImRealize() * Import wrapper function with expected arguments from libXaw, where it appears to have been originally fixed in XFree86 3.9Nb by Paulo Cesar Pereira de Andrade. - Port patch xaw3d-secure.patch ==== libadwaita ==== Version update (1.3.3 -> 1.3.4) Subpackages: libadwaita-1-0 typelib-1_0-Adw-1 - Update to version 1.3.4: + AdwAboutWindow: Fix :translator-credits property + AdwComboRow: Fix accessible role on the dropdown arrow + AdwEntryRow: Fix accessibility + AdwLeaflet: Fix back/forward mouse button handling + AdwTabBar: Fix accessibility + AdwTabThumbnail: - Fix duplicate thumbnail during transitions - Fix the transition curve + AdwViewSwitcher: Set correct accessible role for icons + AdwWindowTitle: Fix initial title visibility + Stylesheet: - Fix .card buttons within .osd - Fix single-item menu height ==== libcloudproviders ==== Version update (0.3.1 -> 0.3.2) - Update to version 0.3.2: + No upstream changes provided. ==== libetonyek ==== - Build against mdds-2.1 - Added patch: * stdcxx17.patch + require C++17, since newer mdds needs it ==== libfprint ==== Version update (1.94.5+tod1 -> 1.94.6+tod1) - update to 1.94.6+tod1: * goodixmoc: New PIDs 0x60A4, 0x60BC, 0x6092, 0x633C and 0x6304. * goodixmoc: Fix missing "enroll create" state. * elanmoc: New PID 0x0C99. * upektc: Improve compatibility with sensors 147e:2016. * aes4000: Actually support 08FF:5501 devices. * virtual-device-listener: Fix failing tests with GLib 2.76 * tests: Add installed tests * Added installed TOD tests * #526 libfprint: fpcmoc: use after free if enrollment or identification is cancelled (Vasily Khoruzhick) - New installed-tests is set to disabled ==== libgit2 ==== Version update (1.7.0 -> 1.7.1) - update to 1.7.1: * proxy: Return an error for invalid proxy URLs instead of crashing * ssh: fix known_hosts leak in _git_ssh_setup_conn * repository: make cleanup safe for re-use with grafts * fix: Add missing include for oidarray * Revert "CMake: Search for ssh2 instead of libssh2." ==== libgweather4 ==== Version update (4.2.0 -> 4.3.2) Subpackages: gweather4-data libgweather-4-0 typelib-1_0-GWeather-4_0 - Update to version 4.3.2: + Fix fallback metric unit detection logic + Documentation fixes + Performance improvements for nearest location lookups + Location database changes + Updated translations. ==== libimobiledevice ==== Version update (1.3.0+179git.20230430 -> 1.3.0+190git.20230705) - Update to version 1.3.0+190git.20230705: * tools/idevicecrashreport: Silence compiler warning * Silence (v)asprintf related compiler warnings * Updated OpenSSL-specific code to use OpenSSL 3.0+ API * 3rd_party/libsrp6a-sha512: Updated to work with OpenSSL 3.0+ API * 3rd_party/libsrp6a-sha512: Update function definitions to modern style * 3rd_party/ed25519: Silence compiler warning about missing return value for fread * tools/idevicedebug: Add missing default case for switch statement * tools/idevicedevmodectl: Add missing include * idevice: Add missing include for Windows * idevice: Fix network address handling in other code paths too * idevice: Use network addresses as is from what we get from (lib)usbmuxd - restrict to Cython < 3 ==== liblangtag ==== Version update (0.6.3 -> 0.6.4) - Fix check-tag test failled [0001-ro-MD-ro-to-get-make-check-to-succeed.patch] - Version update to 0.6.4 Replace the word of 'master' to 'primary' trivial update Stop shipping ChangeLog Fix build issue for docs ==== liblc3 ==== Version update (1.0.3 -> 1.0.4) - Update to version 1.0.4: + Enhancement: Add fuzzing test harness. + Fixes: Gain adjustment during second quantization phase can exceed minimum gain (introduce distortion at high bitrate). ==== libpaper ==== Version update (2.1.0 -> 2.1.1) Subpackages: libpaper-tools libpaper2 - Update to 2.1.1: * This release fixes the -N flag of paperconf. ==== libplacebo ==== Version update (6.292.0 -> 6.292.1) - Update libplacebo to version 6.292.1. See details in: https://code.videolan.org/videolan/libplacebo/-/tags/v6.292.1 ==== libreoffice ==== Version update (7.5.4.2 -> 7.6.0.3) Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-en libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit - Update to 7.6.0.3 (official 7.6.0 release): https://wiki.documentfoundation.org/ReleaseNotes/7.6 https://wiki.documentfoundation.org/Releases/7.6.0/RC3 - Update to 7.6.0.2: https://wiki.documentfoundation.org/ReleaseNotes/7.6 https://wiki.documentfoundation.org/Releases/7.6.0/RC2 - Update bundled dependencies: * boost_1_80_0.tar.xz - > boost_1_82_0.tar.xz * curl-8.0.1.tar.xz -> curl-8.1.2.tar.xz * icu4c-72_1-data.zip -> icu4c-73_2-data.zip * icu4c-72_1-src.tgz -> icu4c-73_2-src.tgz * libassuan-2.5.5.tar.bz2 -> libassuan-2.5.6.tar.bz2 * poppler-22.12.0.tar.xz -> poppler-23.06.0.tar.xz * poppler-data-0.4.11.tar.gz -> poppler-data-0.4.12.tar.gz - New bundled dependencies: * graphite2-minimal-1.3.14.tgz * harfbuzz-8.0.0.tar.xz + needed for SLE12-SP2, where harfbuzz is really old - Removed patches: * atklistener-32bit-type-mismatch.patch + integrated upstream * fix_harfbuzz_on_sle12_sp5.patch + not needed, since SLE12-SP5 uses now the bundled harfbuzz - Added patch: * python34-no-f-strings.patch + Applied on SLE12-SP5 + Do not format using F-strings, since it is python 3.6+ feature and SLE12-SP5 has python 3.4 - Refreshed patch: * 0002-Revert-Require-HarfBuzz-5.1.0.patch - Added patch: * atklistener-32bit-type-mismatch.patch + fix type mismatch on i586 - Add missing dependencies on jre-64 for riscv64 - Update to 7.6.0.1: https://wiki.documentfoundation.org/ReleaseNotes/7.6 https://wiki.documentfoundation.org/Releases/7.6.0/RC1 - Update bundled dependencies: * pdfium-5408.tar.bz2 -> pdfium-5778.tar.bz2 * skia-m103-b301ff025004c9cd82816c86c547588e6c24b466.tar.xz -> skia-m111-a31e897fb3dcbc96b2b40999751611d029bf5404.tar.xz - Removed upstreamed patches: * bsc1198666.patch * bsc1200085.patch * bsc1204040.patch ==== libreoffice-share-linker ==== - Do not format using f-strings, since it is python 3.6+ feature and SLE12-SP5 has python 3.4 ==== libselinux ==== Subpackages: libselinux1 selinux-tools - Do not BuildRequire swig and ruby-devel in the main build phase: those are only needed for the bindings. - (bsc#1212618) Divide libselinux and libselinux-bindings again. libselinux itself is in Ring0 so it has to have absolutely minimal dependencies, so it is better to separate libselinux-bindings into a separate pacakge. - Fix python packaging by setting the name to a fixed value - Remove separate libselinux-bindings SPEC file (bsc#1212618). - Add explicit BuildRequires for python3-pip and python3-wheel on 15.5, currently the macros don't do the right thing - allow building this with different python versions, to make this usable for the new sle15 macro (using python3.11) - Add python-wheel build dependency to build correctly with latest python-pip version. ==== libsemanage ==== Subpackages: libsemanage-conf libsemanage-migrate-store libsemanage2 - Add _multibuild to define additional spec files as additional flavors. Eliminates the need for source package links in OBS. - Add -ffat-lto-objects to CFLAGS to prevent rpmlint errors because of LTO - Enable LTO now (boo#1138812). ==== libsoup2 ==== - Add upstream bug fixes: + 4d12c3e5.patch: lib: Add g_task_set_source_tag() everywhere + 48b3b611.patch: lib: Add names to various GSources - Drop no longer valid translation-update-upstream BuildRequires and macro. - Use ldconfig_scriptlets macro for post(un) handling. ==== libssh ==== Subpackages: libssh-config libssh4 - Add fix to spec file for the incorrect include path as a result of the default openSSH move to /usr/etc, (boo#1211718). ==== libstorage-ng ==== Version update (4.5.133 -> 4.5.136) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - Translated using Weblate (Indonesian) (bsc#1149754) - 4.5.136 - Translated using Weblate (Georgian) (bsc#1149754) - 4.5.135 - Translated using Weblate (Catalan) (bsc#1149754) - 4.5.134 ==== libupnp ==== Version update (1.14.17 -> 1.14.18) Subpackages: libixml11 libupnp17 - Update to release 1.14.18 * miniserver: fix busy loop on socket error ==== libvirt ==== Version update (9.5.0 -> 9.6.0) Subpackages: libvirt-client libvirt-daemon-common libvirt-daemon-config-network libvirt-daemon-driver-interface libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lock libvirt-daemon-log libvirt-daemon-plugin-lockd libvirt-daemon-proxy libvirt-daemon-qemu libvirt-libs - spec: Disable Xen driver in ALP-based products - Add upstream commit 3d2f3fb72b to fix max file limits in systemd services - Update to libvirt 9.6.0 - Many incremental improvements and bug fixes, see https://libvirt.org/news.html#v9-6-0-2023-08-01 - jsc#PED-3725 - spec: Unconditionally enable modular daemons - spec: Remove logic handling package upgrade from old libvirtd ==== libxmlb ==== Version update (0.3.11 -> 0.3.13) - Update to 0.3.13: * Use indexes when binding value * Correctly tokenize when using a bound text value * Ensure tokens are all NULL when using xb_opcode_init() * Avoid building errors and debug strings when possible to make XbQuery faster * Fix content type detection on macOS * Inline a number of machine internals to make queries faster * Make zstd support optional * Setup various release build options ==== libzypp ==== Version update (17.31.17 -> 17.31.19) - Fix zypp-tui/output/Out.h to build with clang. - Fix zypp/Arch.h for clang (fixes #478) Clang seems to have issues with picking the overload in std::men_fn if there is a static overload of a member function. We need to explicitely specify the correct type of the function pointer. To make sure this would not break compiling a application with clang that builds against libzypp this patch works around the problem. - version 17.31.19 (22) - SINGLE_RPMTRANS: Respect ZYPP_READONLY_HACK when checking the zypp-rpm lock (fixes openSUSE/openSUSE-repos#29) - version 17.31.18 (22) ==== lsb-release ==== - add util-linux dependency for getopt to avoid: /usr/bin/lsb_release: line 123: getopt: command not found ==== luajit ==== - Update luajit-s390x.patch from gh#LuaJIT/LuaJIT#631 to the current form. ==== lvm2 ==== Subpackages: liblvm2cmd2_03 - blkdeactivate calls wrong mountpoint cmd (bsc#1214071) + bug-1214071-blkdeactivate_calls_wrong_mountpoint.patch ==== lvm2-device-mapper ==== Subpackages: device-mapper libdevmapper-event1_03 libdevmapper1_03 - blkdeactivate calls wrong mountpoint cmd (bsc#1214071) + bug-1214071-blkdeactivate_calls_wrong_mountpoint.patch ==== man ==== Version update (2.10.2 -> 2.11.2) - Update to 2.11.2: * Fix compile and test failures when `troff` is not `groff`. * Fix segfault in typical uses of `man` when `nroff` is not installed. * Fix crash in `mandb` when processing stray cats. * SECURITY: Replace `$` characters in page names with `?` when constructing `less` prompts. * Silence error message when processing an empty manual page hierarchy with a nonexistent cache directory. * `man(1)` now sorts whatis references below real pages, even if the whatis references are from a section with higher priority. * `mandb` now correctly records filters in the database if it uses cached whatis information. * Upgrade Gnulib, fixing syntax error on glibc systems with GCC 11. * The `CATWIDTH` configuration file directive now overrides `MINCATWIDTH` and `MAXCATWIDTH`. * Database entries for links were often incorrectly stored as if they were entries for the ultimate source of the page. They are now stored with the correct type. * Store links in the database using the section and extension of the link rather than of the ultimate source file. * Consider pages for adding to the database even if they seem to already exist; this performance optimization is no longer needed due to caching, and it produced inconsistent results in some unusual cases. * `man` now runs any required preprocessors in the same order that `groff` does, rather than trusting the order of filters in a page's preprocessor string. * Fix building on MinGW. (I haven't been able to test this; help from MinGW experts would be welcome.) Improvements: * Check for stray cats even if no manual pages in a given manpath were changed. * Add section `3type` to the default section list just after `2`. This is used by the Linux man-pages package. * Recognize more Hungarian translations of the `NAME` section. * Add more recognized case variants for localized versions of the `NAME` section. * Maintain multi keys in sorted order, improving database reproducibility. * Pick a more consistent name for the target of a whatis entry in the database. * Extend rules for when to replace one database entry with another, producing more stable behaviour. * Fully reorganize databases after writing them, allowing the reproduction of bitwise-identical databases regardless of scan order (at least with GDBM). - Port patches * man-db-2.6.3-chinese.dif * man-db-2.6.3-listall.dif * man-db-2.7.1-zio.dif * man-db-2.9.4-alternitive.dif * man-db-2.9.4-no-chown.patch * man-db-2.9.4.patch * man-propose-online.patch ==== mc ==== Version update (4.8.29 -> 4.8.30) Subpackages: mc-lang - Update to 4.8.30 - Core * Support PCRE2 as search engine (via ----with-search-engine=pcre2) (#4450) * Implement panelization buffers for both file panels (#4370) - VFS * tar: support extended headers (including long file names and sparse files) (#1952, #2201) * extfs helpers: replace "perl -w" with "use warnings" (MidnightCommander/mc#174) * extfs/patchfs: be more specific in error message (#4485) - Editor * Add syntax highlighting: - Jenkinsfiles (#4469) - B language (#4470) * Improve syntax highlighting: - ECMAScript (MidnightCommander/mc#172) - ECMAScript in TypeScript (MidnightCommander/mc#172) - use diff syntax highlighting for git commit messages (COMMIT_EDITMSG) (MidnightCommander/mc#85) - Misc * Code cleanup (#4426, #4438) * Filehighlight: - recognize vsix files as zip files (MidnightCommander/mc#171) * Skin updates: - julia256 (#4441, #4445) - Fixes * Usage of 'sed' in build system/makefiles is not portable (#4459, #4466) * Unportable '$<' in Makefiles (#4460) * FTBFS if ncurses used without --with-ncurses-includes= configure parameter (#4462) * Ncurses library is duplicated in MCLIBS (#4463, #4465) * FTBFS without ext2fs attributes support (#4464) * Wrong sort order after swapping panels (#4432) * Incorrect time delimiter in the copy/move progress window (#4437) * Incorrect redraw of overlapped file panels (#4408) * Subshell/Command line prompt is empty/missing (#3121) * Find file: relative ignore directory is applied to the start search directory (#4235) * Diff viewer: options are not applied on second run (#4486) * mc.ext.ini: 'Edit' command from 'Default' section is ignored (#4434) * mc.ext.ini: .md files are not recognized as Markdown ones by extension (#4444) * mcedit: off-by-one error in paragraph formatting (#4446) * ftp: incomplete file listing: block and character devices, pipes, sockets are missed (#4472) * Various typos in the source code (MidnightCommander/mc#177, MidnightCommander/mc#178) ==== mokutil ==== - Remove modhash (bsc#1214358) + The modhash script is rarely used and it's impractical to block a kernel module with the hash. ==== mozjs102 ==== Version update (102.12.0 -> 102.14.0) - Update to version 102.14.0: + Various security fixes and other quality improvements. + CVE-2023-4045: Offscreen Canvas could have bypassed cross-origin restrictions. + CVE-2023-4046: Incorrect value used during WASM compilation. + CVE-2023-4047: Potential permissions request bypass via clickjacking. + CVE-2023-4048: Crash in DOMParser due to out-of-memory conditions. + CVE-2023-4049: Fix potential race conditions when releasing platform objects. + CVE-2023-4050: Stack buffer overflow in StorageManager. + CVE-2023-4054: Lack of warning when opening appref-ms files. + CVE-2023-4055: Cookie jar overflow caused unexpected cookie jar state. + CVE-2023-4056: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14. - Changes from version 102.13.0: + Various security fixes and other quality improvements. + CVE-2023-37201: Use-after-free in WebRTC certificate generation + CVE-2023-37202: Potential use-after-free from compartment mismatch in SpiderMonkey + CVE-2023-37207: Fullscreen notification obscured + CVE-2023-37208: Lack of warning when opening Diagcab files + CVE-2023-37211: Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13 ==== mutter ==== - Add mutter-revert-window_draw_issues.patch: Revert commit 43cee4b6: Do clipped redraws when drawing offscreen (boo#1210744, glgo#GNOME/mutter#2771). - Disable %autopatch on SLE which has not the macro ready. - Rebase mutter-SLE-bsc984738-grab-display.patch. - Drop mutter-Lower-HIDPI_LIMIT-to-144.patch (fate#326682, bsc#112546). The upstream has reworked the logic of scale factor selection based on actual screen size, see: https://gitlab.gnome.org/GNOME/mutter/-/commit/2f1dd049bfbbb60e0b3c2351e9ba… ==== ncurses ==== Version update (6.4.20230715 -> 6.4.20230812) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20230812 + add/use putty+cursor to reflect amending of modified cursor-keys in 2021 -TD + add ecma+strikeout to putty -TD + add functions to query tty-flags in SCREEN (request by Bill Gray). - Add ncurses patch 20230805 + fix a few manpages needing tbl marker, seen by lintian warning. + fixes for compiler-warnings. + minor grammatical fix for manpages (Branden Robinson). - Add ncurses patch 20230729 + improve manpages for wgetnstr() and wget_wnstr(). + modify MinGW configuration to provide for running in MSYS/MSYS2 shells, assuming ConPTY support (patch by Pavel Fedin). + add assignment in CF_MAN_PAGES to fill in value for TERMINFO_DIRS in ncurses, terminfo and tic manpages (patch by Sven Joachim). - Add ncurses patch 20230722 + add "auto" default for --with-xterm-kbs configure option. ==== nodejs20 ==== Version update (20.3.1 -> 20.5.1) Subpackages: npm20 - Update to version 20.5.1: * (CVE-2023-32002, bsc#1214150): Policies can be bypassed via Module._load (High) * (CVE-2023-32558, bsc#1214155): process.binding() can bypass the permission model through path traversal (High) * (CVE-2023-32004, bsc#1214152): Permission model can be bypassed by specifying a path traversal sequence in a Buffer (High) * (CVE-2023-32006, bsc#1214156): Policies can be bypassed by module.constructor.createRequire (Medium) * (CVE-2023-32559, bsc#1214154): Policies can be bypassed via process.binding (Medium) * (CVE-2023-32005, bsc#1214153): fs.statfs can bypass the permission model (Low) * (CVE-2023-32003, bsc#1214151): fs.mkdtemp() and fs.mkdtempSync() can bypass the permission model (Low) - Changes in 20.5.0: * events: allow safely adding listener to abortSignal * fs: add a fast-path for readFileSync utf-8 * test_runner: add shards support - Changes in 20.4.0: * tls: add ALPNCallback server option for dynamic ALPN negotiation * adds support for ECMAScript Explicit Resource Management * adds Mock Timer support to test module For details see, https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V20.md#20… versioned.patch: refreshed ==== okteta ==== Version update (0.26.12 -> 0.26.13) Subpackages: libKasten4 libOkteta3 libkasten-lang libokteta-lang okteta-data - Update to 0.26.13 * Improved: translations * Improved: Decoding table now displays some control chars as escaped terms * Improved: Decoding table now supports editing some chars as escaped terms * Improved: Structures tool now feeds some chars as escaped terms to editor * Improved: CMake Unity builds now possible * Fixed: Structures tool stored edited primitive array elements on bad offset * Fixed: Structures tool now displays chars only as the supported 7-bit ASCII ==== openSUSE-repos-Tumbleweed ==== Version update (20230731.a018a46 -> 20230810.a7534f6) - Update to version 20230810.a7534f6: * Disable NVIDIA pkg building on LeapMicro. Fixes #34 PM confirmed that NVIDIA related deployments are expected to have all drivers/tools inside of container. * Fix incorrect with_nvidia usage - Update to version 20230804.41e41a9: * Add NVIDIA repo. Issue #28 * Add supplements for all NVIDIA cards * Add NVIDIA obsoletes for migration from Leap 15 * Add spec comment about suggests in release package * Add download.opensuse.org-non-oss.repo in legacy backup list ==== openssl-3 ==== Version update (3.1.1 -> 3.1.2) Subpackages: libopenssl3 - Update to 3.1.2: * Fix excessive time spent checking DH q parameter value (bsc#1213853, CVE-2023-3817). The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. If DH_check() is called with such q parameter value, DH_CHECK_INVALID_Q_VALUE return flag is set and the computationally intensive checks are skipped. * Fix DH_check() excessive time with over sized modulus (bsc#1213487, CVE-2023-3446). The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ("p" parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. A new limit has been added to DH_check of 32,768 bits. Supplying a key/parameters with a modulus over this size will simply cause DH_check() to fail. * Do not ignore empty associated data entries with AES-SIV (bsc#1213383, CVE-2023-2975). The AES-SIV algorithm allows for authentication of multiple associated data entries along with the encryption. To authenticate empty data the application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with NULL pointer as the output buffer and 0 as the input buffer length. The AES-SIV implementation in OpenSSL just returns success for such call instead of performing the associated data authentication operation. The empty data thus will not be authenticated. The fix changes the authentication tag value and the ciphertext for applications that use empty associated data entries with AES-SIV. To decrypt data encrypted with previous versions of OpenSSL the application has to skip calls to EVP_DecryptUpdate() for empty associated data entries. * When building with the enable-fips option and using the resulting FIPS provider, TLS 1.2 will, by default, mandate the use of an extended master secret (FIPS 140-3 IG G.Q) and the Hash and HMAC DRBGs will not operate with truncated digests (FIPS 140-3 IG G.R). * Update openssl.keyring with the OTC members that sign releases * Remove openssl-z16-s390x.patch fixed upstream in https://github.com/openssl/openssl/pull/21284 * Remove security patches fixed upstream: - openssl-CVE-2023-2975.patch - openssl-CVE-2023-3446.patch - openssl-CVE-2023-3446-test.patch ==== openssl ==== Version update (3.1.1 -> 3.1.2) - Update to 3.1.2 ==== opensuse-welcome ==== Version update (0.1.9+git.0.66be0d8 -> 0.1.9+git.35.4b9444a) - Update to version 0.1.9+git.35.4b9444a: * panellayouter: use QTemporaryFile for applyLayout() (bsc#1213708, CVE-2023-32184). * Translation updates. ==== openvpn ==== Version update (2.6.5 -> 2.6.6) - update to 2.6.6: * configure.ac: fix typ0 in LIBCAPNG_CFALGS * Avoid unused function warning/error on FreeBSD (and potientially others) * fix warning with gcc 12.2.0 (compiler bug?) * Fix CR_RESPONSE mangaement message using wrong key_id * Print a more user-friendly error when tls-crypt-v2 client auth fails * Ignore Ipv6 route delete request on Android and set ipv4 verbosity to 7 * Revert commit 423ced962d * Implement using --peer-fingerprint without CA certificates * show extra info for OpenSSL errors * dist: add more missing files only used in the MSVC build * dist: Include all documentation in distribution * unit_tests: Add missing cert_data.h to source list for unit tests * test_tls_crypt: Improve mock() usage to be more portable * Remove old Travis CI related files * options: Do not hide variables from parent scope * pkcs11_openssl: Disable unused code * route: Fix overriding return value of add_route3 ==== osinfo-db ==== Version update (20230518 -> 20230719) - Update to database version 20230719 osinfo-db-20230719.tar.xz - Add support for SLE 15-SP6 add-sle15sp6-support.patch - Add support for SLE Micro 5.5 add-slem5.5-support.patch - Drop patches contained in new tarball add-opensuse-leap-15.5-support.patch add-sle15sp5-support.patch add-slem5.3-support.patch add-slem5.4-support.patch ==== pam ==== - pam_access backports from upstream: - pam_access-doc-IPv6-link-local.patch: Document only partial supported IPv6 link local addresses - pam_access-hostname-debug.patch: Don't print error if we cannot resolve a hostname, does not need to be a hostname - pam_shells-fix-econf-memory-leak.patch: Free econf keys variable - disable-examples.patch: Don't build examples ==== pam-full-src ==== - pam_access backports from upstream: - pam_access-doc-IPv6-link-local.patch: Document only partial supported IPv6 link local addresses - pam_access-hostname-debug.patch: Don't print error if we cannot resolve a hostname, does not need to be a hostname - pam_shells-fix-econf-memory-leak.patch: Free econf keys variable - disable-examples.patch: Don't build examples ==== pam_mount ==== Version update (2.19 -> 2.20) Subpackages: libcryptmount0 - Update to release 2.20 * Tokenization support for user principal names (usernames in the form of foo(a)bar.de) * Added a volume option to control empty password behavior ==== patterns-base ==== Subpackages: patterns-base-apparmor patterns-base-base patterns-base-basesystem patterns-base-basic_desktop patterns-base-console patterns-base-enhanced_base patterns-base-minimal_base patterns-base-selinux patterns-base-sw_management patterns-base-transactional_base patterns-base-x11 patterns-base-x11_enhanced - move udev-configure-printer from enhanced_base to x11_enhanced Currently it pulls in Cups and Mesa dependencies the first is probably not really needed by default on servers and the second is certainly not desired there. Originally it was included for livecd's ==== pentaho-libxml ==== Version update (1.1.3 -> 1.1.6) - Update to upstream version 1.1.6. * no structured changelog available starting from 2008 - Rebased and updated patches: * libxml-1.1.2-build.patch -> pentaho-libxml-1.1.6-build.patch * pentaho-libxml-1.1.3-sourcetarget.patch -> pentaho-libxml-1.1.6-sourcetarget.patch ==== perl ==== Version update (5.36.1 -> 5.38.0) Subpackages: perl-base perl-doc - Update to perl 5.38.0 * new "class" feature * support for unicode 15.0 * defined-or and logical-or assignment default expressions in signatures * optimistic eval in patterns * readline() no longer clears the stream error and eof flags * "INIT" blocks no longer run after an "exit()" in "BEGIN" * utf8::upgrade() keeps the undef value * deprecation of ' as package name separator * deprecation of the smart match operator * PERL_USE_SAFE_PUTENV is now the default - Rebase perl-5.36.0.diff to perl-5.38.0.diff - Refresh perl_skip_flaky_tests_powerpc.patch ==== perl-Authen-SASL ==== Version update (2.16 -> 2.170.0) - Remove perl526.path (not needed anymore) - updated to 2.1700 see /usr/share/doc/packages/perl-Authen-SASL/Changes 2.1700 2023-08-09 [Fixed] - Version numbering (released as 2.1700, because 2.17 < 2.1401) - POD errors - Typos - Minimum Perl version 5.005 -> 5.6.0 - Kwalitee errors * Accidentally packaged MYMETA.* * 'use warnings;' added in all modules * Synchronized versions in all modules - Out of bounds substr() (RT 85294) [Added] - README - More tests [Changed] - Release switched from EUMM to D::Z [Removed] - Authen::SASL::Cyrus is no longer loaded as an implementation; Authen::SASL::XS has been the successor for more than a decade ==== perl-Convert-ASN1 ==== Version update (0.33 -> 0.340.0) - updated to 0.34 see /usr/share/doc/packages/perl-Convert-ASN1/ChangeLog 0.34 -- Mon Aug 07 19:46:22 ADT 2023 Bug Fixes Thanks to chrisridd and fschlich for these bug fixes * Fixes: #47 2nd - Debug output using print instead of printf * Fixes #47 Debug output using print instead of printf * ASN1.pod: fix minor typo ==== perl-Image-ExifTool ==== Version update (12.64 -> 12.65) Subpackages: exiftool perl-File-RandomAccess - Update to 12.65: * Added a new QuickTime Keys tag * Added a new CanonModelID * Added a new Canon LensType * Added number in brackets to converted Samsung MCCData value * Decode a number of new Sony tags * Decode a few new FlashPix tags (github #217) * Improved decoding of Nikon Z9 firmware 4.0 tags * Improved parsing of PDF:Keywords to support semicolon-separated lists * Enhanced -api option to show list of available options if no argument is provided * Lowered priority of IFD1 tags in ARW images so IFD0/SubIFD take precedence * Changed QuickTime tag names for atID (AlbumTitleID to ArtistID) and plID (PlayListID to AlbumID) (github issue #216), and added cmID (ComposerID) * Changed Apple:MediaGroupUUID tag name back to ContentIdentifier * Patched the -d option to handle the %s format code internally when writing (avoids problems due to inconsistent behaviour of this format code in the strptime function on different systems) * Patched patch of version 12.32 to restore ability to read from named pipes * Fixed bug which could cause a hang when processing a corrupt BigTIFF image * Fixed document number for auxiliary image metadata in HEIC files * Fixed misspelt Apple tag name * API Changes: + Added AvailableOptions method ==== perl-LWP-Protocol-https ==== Version update (6.10 -> 6.110.0) - Remove CVE-2014-3230.patch, upstream was fixed. CVE-2014-3230, Debian #746576 - Update LWP-Protocol-https-6.09-systemca.diff - updated to 6.11 see /usr/share/doc/packages/perl-LWP-Protocol-https/Changes 6.11 2023-07-09 15:10:30Z - Remove Authority section from dist.ini (GH#64) (Olaf Alders) - Add very basic diagnostic information via test (GH#73) (Olaf Alders) - CVE-2014-3230 - don't disable verification if only hostnames should not (GH#14) (Steffen Ullrich) - Make explicit requirement of Mozilla::CA obsolete (GH#72) (Steffen Ullrich and Olaf Alders) - Remove _in_san and _cn_match. Empty out the _check_sock hook (GH#71) (Chase Whitener) - Use warnings (GH#69) (Pete Houston) ==== php8 ==== Version update (8.2.8 -> 8.2.9) Subpackages: php8-cli php8-ctype php8-dom php8-gd php8-gettext php8-iconv php8-mbstring php8-mysql php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter - version update to 8.2.9 * This is a security release. * Fixes CVE-2023-3824 [bsc#1214103] and CVE-2023-3823 [bsc#1214106] * https://www.php.net/ChangeLog-8.php#8.2.9 - deleted patches - php-unicode-allow-redistribution.patch (upstreamed) - deleted sources - repack.sh (not needed) ==== pipewire ==== Version update (0.3.76 -> 0.3.77) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Fix from upstream to ensure effect and sink nodes are set to running: * 0001-context-Dont-stop-setting-runnable-when-meeting-the-driving.patch - Fix from upstream to prevent a crash when stopping a device provider: * 0001-gst-Prevent-a-crash-when-stopping-device-provider.patch - Fix from upstream to fix a regression that makes plugins/effects disappear in Carla Patchbay when there's no playback: * 0001-jack-ports-become-visible-when-the-registration-is-queued.patch * 0002-jack-handle-node.always-process-=-false-jack-nodes.patch - Fix from upstream to fix pavucontrol and plasma-pa showing duplicated sinks after resume or switching audio device profiles (boo#1214374): * 0001-pulse-server-set-all-change_mask-flags-when-removing.patch - Update to version 0.3.77: * Highlights - Fix a bug in ALSA source where the available number of samples was miscaluclated and resulted in xruns in some cases. - A new L permission was added to make it possible to force a link between nodes even when the nodes can't see eachother. - The VBAN module now supports midi send and receive as well. - Many cleanups and small fixes. * PipeWire - Global objects now only show permissions that apply to them. The permissions required to perform various API calls are documented. - A new L permission was added to make it possible to force a link between nodes even when the nodes can't see eachother. - Config files need to end with .conf. - The client.api is added the to global properties of a node. * modules - The VBAN module now supports midi send and receive as well. - Fix module-profiler alignment and make sure we don't overrun our buffers with many nodes. - Protect libcanberra calls with a mutex because it is not thread safe. * SPA - Support older compilers for spa_clear_ptr(). - Fix a bug in ALSA source where the available number of samples was miscaluclated and resulted in xruns. - Don't set inotify on /dev but on the videoX devices directly. Setting inotify on /dev would cause a lot of spurious wakeups and lock contention in the fsnotify subsystem on some benchmarks. - Audioconvert now rate limits the warnings when it runs out of buffers. * pulse-server - Some bugs and inconsistencies were fixed in device lookup. - Improve subscribe event emission, detect changes to the sink or the monitor and send the right sink/source event. * JACK - The libjack.so now has a minor version of 3 and a micro version of the pipewire version. - JACK clients will now see portregistration from other jack clients when they activate/deactivate like real JACK. * bluetooth - Use some more autoptr cleanups, fix some leaks. ==== plasma-framework ==== Version update (5.108.0 -> 5.109.0) Subpackages: libKF5Plasma5 plasma-framework-components - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * dataengine: do not emit removal signals while iterators are open (kde#446531) * Add explicit moc includes to sources for moc-covered headers ==== plasma5-desktop ==== Version update (5.27.7 -> 5.27.7.1) Subpackages: plasma5-desktop-emojier - Update to 5.27.7.1: * Panel: fix applet not returning focus after pressing applet shortcut (kde#472909) * Migrate missing key handling/accessibility features from default CompactRepresentation ==== plasma5-workspace ==== Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-libs xembedsniproxy - Add patch to fix crash when opening windows (kde#473432) * 0001-TriangleMouseFilter-check-intercepted-item-still-exi.patch * 0002-TriangleMouseFilter-also-check-optional-position-has.patch - Add patch to fix crash when closing popup on Wayland (kde#473054) * 0001-shell-avoid-potential-crash-when-previous-window-is-.patch ==== plymouth ==== Subpackages: libply-splash-core5 libply-splash-graphics5 libply5 plymouth-dracut plymouth-lang plymouth-plugin-label plymouth-plugin-two-step plymouth-scripts plymouth-theme-bgrt plymouth-theme-spinner - Remove plymouth-runstatedir-revert.patch: Tumbleweed following upstream, which already support "--runstatedir", don't need this modification anymore(jsc#PED-5841). - Add plymouth-runstatedir-revert.patch: For plymouth update successfully build in SLE-15-SP6:GA. The current edition of autoconf on SLE-15-SP6:GA don't support "--runstatedir" yet, so reverse plymouth compile option to the old "--withruntimedir" (jsc#PED-5841). ==== postgresql15 ==== Version update (15.3 -> 15.4) Subpackages: libpq5 postgresql15-contrib postgresql15-server - Update to 15.4: * bsc#1214059, CVE-2023-39417: Disallow substituting a schema or owner name into an extension script if the name contains a quote, backslash, or dollar sign. * bsc#1214061, CVE-2023-39418: Fix MERGE to enforce row security policies properly. * https://www.postgresql.org/docs/15/release-15-4.html - Restore the independence of mini builds from the main build after the -mini name change from April 4, 2023. - Adjust icu handling to prepare for PostgreSQL 16. - Overhaul postgresql-README.SUSE and move it from the binary package to the noarch wrapper package. - Change the unix domain socket location from /var/run to /run. ==== prison-qt5 ==== Version update (5.108.0 -> 5.109.0) Subpackages: libKF5Prison5 prison-qt5-imports - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Remove code variants for building with Qt 6 * Add explicit moc includes to sources for moc-covered headers ==== procmail ==== Version update (3.22 -> 3.24) - Update to procmail 3.24 (New Upstream) - Don't coredump in comsat code if interrupted early - Correctly handle COMSAT=on - Once used, the 'H' and 'r' flags would never be cleared - Fix possible buffer overflow in variable-capture actions - Fix up the parsing of variable-capture actions - LMTP code assumed sizeof(long)==sizeof(int) - SHELL is now always preset to /bin/sh. USER_SHELL contains the shell from the user's passwd entry - When HOST is mismatched, reset it for the next rcfile - Always read in a new, global rcfile (/etc/procmail.conf) to allow runtime configuration of variables like DEFAULT. This rcfile cannot deliver or filter messages - Mismatched HOST in /etc/procmailrc didn't discard the message - backquote expansion in a condition disabled header concatenation for that condition - LMTP didn't correctly handle quoted localparts - Removed SIZE extension from LMTP (unsupportable semantics) - Don't coredump if unable to exec /bin/sh - Enable "+detail" processing in LMTP mode by passing the delimiter (e.g., "+") as an optional argument after -z - In LMTP mode, save the domain of the recipient in PROCMAIL_DOMAIN - Set PROCMAIL_MODE to one of "d", "m", "z", or "" to reflect the mode option it was invoked with, if any - Fixed all bugs collected by Debian and others during the past 21 years. See the git commit history for detailed descriptions. - Port patches * procmail-3.22-autoconf.dif * procmail-3.22-headerconcat.dif * procmail-3.22-ipv6.patch * procmail-3.22-mailstat.patch * procmail-3.22-owl-truncate.dif * procmail-3.22.dif * procmail-cflags.dif - Remove former Debian and SUSE patches from procmail-3.22-patches.tar.bz2 * 04 * 06 * 10 * 11 * 12 * 13 * 14 * 15 * 16 * 17 * 18 * 19 * 22 * 23 * 24 * 25 * 26 * 27 * 28 * 29 * 30 - Collect and port our patches from old procmail-3.22-patches.tar.bz2 into new procmail-3.24-patches.tar.bz2 * 01 * 02 * 03 * 05 * 07 * 08 * 09 * 20 * 21 ==== procps ==== Subpackages: libprocps8 - Modify patches * procps-ng-3.3.9-w-notruncate.diff * procps-ng-3.3.17-logind.patch to real to not truncate output of w with option -n - procps-ng-3.3.17-logind.patch: Backport from 4.x git, prefer logind over utmp (jsc#PED-3144) - Add patch CVE-2023-4016.patch * CVE-2023-4016: ps buffer overflow (bsc#1214290) ==== procps4 ==== Subpackages: libproc2-0 - Modify patch procps-ng-3.3.9-w-notruncate.diff to real to not truncate output of w with option -n - procps-ng-4.0.3-logind.patch: Backport from 4.x git, prefer logind over utmp (jsc#PED-3144) - procps-ng-3.3.9-w-notruncate.diff: Rebase - Add patch CVE-2023-4016.patch * CVE-2023-4016: ps buffer overflow (bsc#1214290) ==== purpose ==== Version update (5.108.0 -> 5.109.0) Subpackages: libKF5Purpose5 libKF5PurposeWidgets5 - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Remove code variants for building with Qt 6 * Add explicit moc includes to sources for moc-covered headers ==== python-M2Crypto ==== - Make tests running again. ==== python-Pillow ==== - Add Provides for python-PIL ==== python-PyYAML ==== Version update (6.0 -> 6.0.1) - update to 6.0.1: * pin Cython to < 3.0 ==== python-Pygments ==== Version update (2.15.1 -> 2.16.1) - update to version 2.16.1: * Fix native style missing from style list (#2484) - additional changes from version 2.16.0: * New lexers: + ASN.1 (#2462) + Blueprint (#2434) + BQN (#2472) + DNS zone files (#2464) + GraphQL (#2428) + Linux desktop files (following the specification of the Freedesktop group, formerly known as XDG) (#2470) + NVIDIA PTX (#2432) + OpenSCAD (#2449) + systemd (#2470) + TLS presentation language (#2455) + Verifpal (#2430) + YARA (#2453) * Updated lexers: + ASC: Add application/pem-certificate-chain mimetype (#2471) + C/C++: Refine keyword lists (#2421, #2422) + Carbon: Fix long processing times on invalid input, fix number lexing (#2454, #2456) + Elpi: Handle quotations (#2419) + Go: Support additional built-ins (#2481) + HTTP: Support empty headers (#2461), support more general methods (#2460), also recognize responses in analyse_text implementation (#2460), and highlight URL encoded data (#2465, #1620) + Igor Pro: Update to Igor Pro 9 (#2482) + lean: Recognize expressions nested within attributes (#1817) + Macaulay2: Update builtins (#2457) + Markdown: Allow extra characters after language name in code blocks (#2437) + NestedText: Update to version 3 (#2459) + scdoc: Improve language guessing implementation (#2402) + Spice: Update to latest version (#2476) + Transact SQL: Add Pre-sorted Group keyword (#2417) + Uxntal: Update for current runes (#2424) + Wikitext: Fix templates in wiki links; fix a language converter false positive; add bold italic markup (#2447) * Add Generic.EmphStrong token for bold italic markup (#2444) * Add Lightbulb style (#2474) * Improve contrast in Monokai style (#2448) * Add documentation how to create terminal code highlighting commands (#2131, #2425) * Add support for loading TrueType fonts to the ImageFormatter (#1960) ==== python-SQLAlchemy ==== - use generic Cython >= 3 buildrequires ==== python-alembic ==== Version update (1.10.4 -> 1.11.2) - update to 1.11.2: * Added typing to the default script mako templates. * Added support in autogenerate for NULLS NOT DISTINCT in * the PostgreSQL dialect. * Fixed format string logged when running a post write hook * Added parameters if_exists and if_not_exists for index operations. - update to 1.11.1: * As Alembic 1.11.0 is considered a major release (Alembic does not use semver, nor does its parent project SQLAlchemy; this has been `clarified <versioning_scheme>` in the documentation), * :ticket:`1130` modified calling signatures for most operations to consider all optional keyword parameters to be keyword-only arguments, to match what was always documented and generated by autogenerate. However, two of these changes were identified as possibly problematic without a more formal deprecation warning being emitted which were the ``table_name`` parameter to :meth:`.Operations.drop_index`, which was generated positionally by autogenerate prior to version 0.6.3 released in 2014, and ``type_`` in :meth:`.Operations.drop_constraint` and :meth:`.BatchOperations.drop_constraint`, which was documented positionally in one example in the batch documentation. * Fixed typing use of :class:`~sqlalchemy.schema.Column` and other generic SQLAlchemy classes. * Restored the output type of :meth:`.Config.get_section` to include ``Dict[str, str]`` as a potential return type, which had been changed to immutable ``Mapping[str, str]``. When a section is returned and the default is not used, a mutable dictionary is returned. * Added placeholder classes for :class:`~.sqla.Computed` and * :class:`~.sqla.Identity` when older 1.x SQLAlchemy versions are in use, namely prior to SQLAlchemy 1.3.11 when the :class:`~.sqla.Computed` construct was introduced. Previously these were set to None, however this could cause issues with certain codepaths that were using ``isinstance()`` such as one within "batch mode". * Correctly pass previously ignored arguments ``insert_before`` and ``insert_after`` in ``batch_alter_column`` * Argument signatures of Alembic operations now enforce keyword-only arguments as passed as keyword and not positionally, such as Operations.create_table.schema .Operations.add_column.type_, etc. * Fix autogenerate issue with PostgreSQL :class:`.ExcludeConstraint` that included sqlalchemy functions. The function text was previously rendered as a plain string without surrounding with ``text()``. * Fixed regression caused by :ticket:`1166` released in version 1.10.0 which caused MySQL unique constraints with multiple columns to not compare correctly within autogenerate, due to different sorting rules on unique constraints vs. indexes, which in MySQL are shared constructs. * Repaired the return signatures for :class:`.Operations` that mostly return ``None``, and were erroneously referring to ``Optional[Table]`` in many cases. * Modified the autogenerate implementation for comparing "server default" values from user-defined metadata to not apply any quoting to the value before comparing it to the server-reported default, except for within dialect-specific routines as needed. This change will affect the format of the server default as passed to the :paramref:`.EnvironmentContext.configure.compare_server_defau lt` hook, as well as for third party dialects that implement a custom ``compare_server_default`` hook in their alembic impl, to be passed "as is" and not including additional quoting. Custom implementations which rely on this quoting should adjust their approach based on observed formatting. * allow running async functions in the ``upgrade`` or ``downgrade`` migration function when running alembic using an async dialect. This function will receive as first argument an :class:`~sqlalchemy.ext.asyncio.AsyncConnection` sharing the transaction used in the migration context. ==== python-certifi ==== Version update (2023.5.7 -> 2023.7.22) - update to 2023.7.22: Added certs: [#] CN=Sectigo Public Server Authentication Root E46 O=Sectigo Limited [#] CN=Sectigo Public Server Authentication Root R46 O=Sectigo Limited [#] CN=SSL.com TLS RSA Root CA 2022 O=SSL Corporation [#] CN=SSL.com TLS ECC Root CA 2022 O=SSL Corporation [#] CN=Atos TrustedRoot Root CA ECC TLS 2021 O=Atos [#] CN=Atos TrustedRoot Root CA RSA TLS 2021 O=Atos Removed certs: [#] CN=Hongkong Post Root CA 1 O=Hongkong Post [#] CN=E-Tugra Certification Authority O=E-Tu\u011fra EBG Bili\u015fim Teknolojileri ve Hizmetleri A.\u015e. OU=E-Tugra Sertifikasyon Merkezi [#] CN=E-Tugra Global Root CA RSA v3 O=E-Tugra EBG A.S. OU=E-Tugra Trust Center [#] CN=E-Tugra Global Root CA ECC v3 O=E-Tugra EBG A.S. OU=E-Tugra Trust Center ==== python-click ==== Version update (8.1.3 -> 8.1.6) - Update to 8.1.6 * Replace all typing.Dict occurrences to typing.MutableMapping for parameter hints. #2255 * Improve type hinting for decorators and give all generic types parameters. * Fix return value and type signature of shell_completion.add_completion_class function. #2421 * Bash version detection doesnât fail on Windows. #2461 * Completion works if there is a dot (.) in the program name. #2166 * Improve type annotations for pyright type checker. #2268 * Improve responsiveness of click.clear(). #2284 * Improve command name detection when using Shiv or PEX. #2332 * Avoid showing empty lines if command help text is empty. #2368 * ZSH completion script works when loaded from fpath. #2344. * EOFError and KeyboardInterrupt tracebacks are not suppressed when standalone_mode is disabled. #2380 * @group.command does not fail if the group was created with a custom command_class. #2416 * multiple=True is allowed for flag options again and does not require setting default=(). #2246, #2292, #2295 * Make the decorators returned by @argument() and @option() reusable when the cls parameter is used. #2294 * Donât fail when writing filenames to streams with strict errors. Replace invalid bytes with the replacement character (ï¿½). #2395 * Remove unnecessary attempt to detect MSYS2 environment. #2355 * Remove outdated and unnecessary detection of App Engine environment. #2554 * echo() does not fail when no streams are attached, such as with pythonw on Windows. #2415 * Argument with expose_value=False do not cause completion to fail. #2336 * Fix an issue with type hints for @click.command(), @click.option(), and other decorators. Introduce typing tests. #2558 * Fix an issue with type hints for @click.group(). #2558 - Drop fix-tests.patch ==== python-cryptography ==== Version update (41.0.2 -> 41.0.3) - update to 41.0.3: * Fixed performance regression loading DH public keys. * Fixed a memory leak when using * :class:`~cryptography.hazmat.primitives.ciphers.aead.ChaCha20 Poly1305`. ==== python-gevent ==== Version update (22.10.2 -> 23.7.0) - update to 23.7.0: * Add preliminary support for Python 3.12, using greenlet 3.0a1. * Update the bundled c-ares version to 1.19.1. * Fix an edge case connecting a non-blocking ``SSLSocket`` that could result in an AttributeError. In a change to match the standard library, calling ``sock.connect_ex()`` on a subclass of ``socket`` no longer calls the subclass's ``connect`` method. * Make gevent's ``FileObjectThread`` (mostly used on Windows) implement ``readinto`` cooperatively. * Work around an ``AttributeError`` during cyclic garbage collection when Python finalizers (``__del__`` and the like) attempt to use gevent APIs. This is not a recommended practice, and it is unclear if catching this ``AttributeError`` will fix any problems or just shift them. * Remove support for obsolete Python versions. This is everything prior to 3.8. * Stop using ``pkg_resources`` to find entry points (plugins). Instead, use ``importlib.metadata``. * Honor ``sys.unraisablehook`` when a callback function produces an exception, and handling the exception in the hub * also* produces an exception. - drop skip-tests-in-leap.patch handle-python-ssl-changes.patch (obsolete) ==== python-gssapi ==== - add d9200d1018ac916b30433da23898c8c5fbde0f28.patch to improve cython 3.x interoperability ==== python-immutables ==== - add python312.patch to fix build with python 3.12 ==== python-importlib-resources ==== Version update (5.12.0 -> 6.0.1) - update to 6.0.1: * Bugfixes * Restored Apache license. (#285) * Deprecations and Removals * Removed legacy functions deprecated in 5.3. (#80) * Features * Require Python 3.8 or later ==== python-ldap ==== - Re-run source download due to file differences. ==== python-libvirt-python ==== Version update (9.5.0 -> 9.6.0) - Update to 9.6.0 - Add all new APIs and constants in libvirt 9.6.0 - jsc#PED-3725 ==== python-lxml ==== Version update (4.9.2 -> 4.9.3) - update to 4.9.3: * ``lxml.objectify`` accepted non-decimal numbers like ``Â²Â²Â²`` as integers. * A memory leak in ``lxml.html.clean`` was resolved by switching to Cython 0.29.34+. * GH#348: URL checking in the HTML cleaner was improved. * GH#371, GH#373: Some regex strings were changed to raw strings to fix Python warnings. * Built with Cython 0.29.36 to adapt to changes in Python 3.12. ==== python-mailman ==== - Fix issues with importlib_resources for Python 3.11 * Added mailman-fix-importlib-resources.patch - Add missing require for psycopg2 ==== python-numpy ==== Version update (1.24.2 -> 1.25.2) - Use %pyproject_wheel and %pyproject_install macros - Disable broken tests in armv7l (bsc#1212710) - limit to Cython < 3 - update to 1.25.2: * Upgrade various build dependencies. * use ``-ftrapping-math`` with Clang on macOS * properly handle negative indexes in ufunc_at fast path * PyObject_IsTrue and PyObject_Not error handling in setflags * histogram small range robust * Update meson.build files from main branch * exclude min, max and round from ``np.__all__`` * Dependabot updates * Fix the signature for np.array_api.take * update OpenBLAS to an intermeidate commit * Fix reference count leak in str(scalar). * fix invalid function pointer conversion error * Factor out slow ``getenv`` call used for memory policy warning * correct URL in cirrus.star [skip cirrus] * Fix C types in scalartypes * do not modify the input to ufunc_at * Further fixes to indexing loop and added tests - Update to 1.25.1: * NumPy 1.25.1 is a maintenance release that fixes bugs and regressions discovered after the 1.25.0 release. The Python versions supported by this release are 3.9-3.11. * #23968: MAINT: prepare 1.25.x for further development * #24036: BLD: Port long double identification to C for meson * #24037: BUG: Fix reduction return NULL to be goto fail * #24038: BUG: Avoid undefined behavior in array.astype() * #24039: BUG: Ensure __array_ufunc__ works without any kwargs passed * #24117: MAINT: Pin urllib3 to avoid anaconda-client bug. * #24118: TST: Pin pydantic<2 in Pyodide workflow * #24119: MAINT: Bump pypa/cibuildwheel from 2.13.0 to 2.13.1 * #24120: MAINT: Bump actions/checkout from 3.5.2 to 3.5.3 * #24122: BUG: Multiply or Divides using SIMD without a full vector can... * #24127: MAINT: testing for IS_MUSL closes #24074 * #24128: BUG: Only replace dtype temporarily if dimensions changed * #24129: MAINT: Bump actions/setup-node from 3.6.0 to 3.7.0 * #24134: BUG: Fix private procedures in f2py modules - Skipped 1.25.0: * The NumPy 1.25.0 release continues the ongoing work to improve the handling and promotion of dtypes, increase the execution speed, and clarify the documentation. There has also been work to prepare for the future NumPy 2.0.0 release, resulting in a large number of new and expired deprecation. Highlights are: - Support for MUSL, there are now MUSL wheels. - Support the Fujitsu C/C++ compiler. - Object arrays are now supported in einsum - Support for inplace matrix multiplication (@=). * Full changelog: https://github.com/numpy/numpy/releases/tag/v1.25.0 The Python versions supported in this release are 3.9-3.11. - Remove upstream patch: * remove-deprecated-hypothesis-funcs.patch ==== python-passlib ==== - Add patch no-pkg_resources.patch: * Stop using pkg_resources. - Switch to pyproject macros. ==== python-pexpect ==== - add 31fab7b0edbe9b3401507b5dfa4db6aaf3fabca5.patch dae602d37493bae239e0e8db5b3dabafebfd59db.patch: python 3.12 compat - Fix failing test when no alias in bash is defined * add fix-fail-no-alias.patch ==== python-psutil ==== - Add logind_y2038.patch to use logind if systemd >= 254 is used, to fix the issue of ut_tv.tv_sec and the Y2038 problem. ==== python-pycups ==== - build as wheel ==== python-pyzmq ==== Version update (25.0.2 -> 25.1.1) - update to version 25.1.1: * Changes: + Allow Cython 0.29.35 to build Python 3.12 wheels (no longer require Cython 3) * Bugs fixed: + Fix builds on Solaris by including generated platform.hpp + Cleanup futures in Socket.poll() that are cancelled and never return + Fix builds with -j when numpy is present in the build env - update to version 25.1.0: * Enhancements: + Include address in error message when bind/connect fail. * Packaging changes: + Fix inclusion of some test files in source distributions. + Add Cython as a build-time dependency in build-system.requires metadata, following current recommendations of the Cython maintainers. We still ship generated Cython sources in source distributions, so it is not a strict dependency for packagers using --no-build-isolation, but pip will install Cython as part of building pyzmq from source. This makes it more likely that past pyzmq releases will install on future Python releases, which often require an update to Cython but not pyzmq itself. For Python 3.12, Cython >=3.0.0b3 is required. ==== python-semanage ==== - Add _multibuild to define additional spec files as additional flavors. Eliminates the need for source package links in OBS. - Add -ffat-lto-objects to CFLAGS to prevent rpmlint errors because of LTO - Enable LTO now (boo#1138812). ==== python-typing_extensions ==== Version update (4.5.0 -> 4.7.1) - update to version 4.7.1: - Fix support for `TypedDict`, `NamedTuple` and `is_protocol` on PyPy-3.7 and PyPy-3.8. Patch by Alex Waygood. Note that PyPy-3.7 and PyPy-3.8 are unsupported by the PyPy project. The next feature release of typing-extensions will drop support for PyPy-3.7 and may also drop support for PyPy-3.8. - update to version 4.7.0: - This is expected to be the last feature release supporting Python 3.7, which reaches its end of life on June 27, 2023. Version 4.8.0 will support only Python 3.8.0 and up. - Fix bug where a `typing_extensions.Protocol` class that had one or more non-callable members would raise `TypeError` when `issubclass()` was called against it, even if it defined a custom `__subclasshook__` method. The correct behaviour -- which has now been restored -- is not to raise `TypeError` in these situations if a custom `__subclasshook__` method is defined. Patch by Alex Waygood (backporting https://github.com/python/cpython/pull/105976) - update to version 4.7.0rc1: - Add `typing_extensions.get_protocol_members` and `typing_extensions.is_protocol` (backport of CPython PR #104878). Patch by Jelle Zijlstra. - `typing_extensions` now re-exports all names in the standard library's `typing` module, except the deprecated `ByteString`. Patch by Jelle Zijlstra. - Due to changes in the implementation of `typing_extensions.Protocol`, `typing.runtime_checkable` can now be used on `typing_extensions.Protocol` (previously, users had to use `typing_extensions.runtime_checkable` if they were using `typing_extensions.Protocol`). - Align the implementation of `TypedDict` with the implementation in the standard library on Python 3.9 and higher. `typing_extensions.TypedDict` is now a function instead of a class. The private functions `_check_fails`, `_dict_new`, and `_typeddict_new` have been removed. `is_typeddict` now returns `False` when called with `TypedDict` itself as the argument. Patch by Jelle Zijlstra. - Declare support for Python 3.12. Patch by Jelle Zijlstra. - Fix tests on Python 3.13, which removes support for creating `TypedDict` classes through the keyword-argument syntax. Patch by Jelle Zijlstra. - Fix a regression introduced in v4.6.3 that meant that ``issubclass(object, typing_extensions.Protocol)`` would erroneously raise ``TypeError``. Patch by Alex Waygood (backporting the CPython PR https://github.com/python/cpython/pull/105239) - Allow `Protocol` classes to inherit from `typing_extensions.Buffer` or `collections.abc.Buffer`. Patch by Alex Waygood (backporting https://github.com/python/cpython/pull/104827, by Jelle Zijlstra). - Allow classes to inherit from both `typing.Protocol` and `typing_extensions.Protocol` simultaneously. Since v4.6.0, this caused `TypeError` to be raised due to a metaclass conflict. Patch by Alex Waygood. - Backport several deprecations from CPython relating to unusual ways to create `TypedDict`s and `NamedTuple`s. CPython PRs #105609 and #105780 by Alex Waygood; `typing_extensions` backport by Jelle Zijlstra. - Creating a `NamedTuple` using the functional syntax with keyword arguments (`NT = NamedTuple("NT", a=int)`) is now deprecated. - Creating a `NamedTuple` with zero fields using the syntax `NT = NamedTuple("NT")` or `NT = NamedTuple("NT", None)` is now deprecated. - Creating a `TypedDict` with zero fields using the syntax `TD = TypedDict("TD")` or `TD = TypedDict("TD", None)` is now deprecated. - Fix bug on Python 3.7 where a protocol `X` that had a member `a` would not be considered an implicit subclass of an unrelated protocol `Y` that only has a member `a`. Where the members of `X` are a superset of the members of `Y`, `X` should always be considered a subclass of `Y` iff `Y` is a runtime-checkable protocol that only has callable members. Patch by Alex Waygood (backporting CPython PR https://github.com/python/cpython/pull/105835) - update to version 4.6.3 (June 1, 2023) - Fix a regression introduced in v4.6.0 in the implementation of runtime-checkable protocols. The regression meant that doing `class Foo(X, typing_extensions.Protocol)`, where `X` was a class that had `abc.ABCMeta` as its metaclass, would then cause subsequent `isinstance(1, X)` calls to erroneously raise `TypeError`. Patch by Alex Waygood (backporting the CPython PR https://github.com/python/cpython/pull/105152) - Sync the repository's LICENSE file with that of CPython. `typing_extensions` is distributed under the same license as CPython itself. - Skip a problematic test on Python 3.12.0b1. The test fails on 3.12.0b1 due to a bug in CPython, which will be fixed in 3.12.0b2. The `typing_extensions` test suite now passes on 3.12.0b1. - update to version 4.6.2: - Fix use of `@deprecated` on classes with `__new__` but no `__init__`. Patch by Jelle Zijlstra. - Fix regression in version 4.6.1 where comparing a generic class against a runtime-checkable protocol using `isinstance()` would cause `AttributeError` to be raised if using Python 3.7. - update to version 4.6.1: - Change deprecated `@runtime` to formal API `@runtime_checkable` in the error message. Patch by Xuehai Pan. - Fix regression in 4.6.0 where attempting to define a `Protocol` that was generic over a `ParamSpec` or a `TypeVarTuple` would cause `TypeError` to be raised. Patch by Alex Waygood. - update to version 4.6.0: - `typing_extensions` is now documented at https://typing-extensions.readthedocs.io/en/latest/. Patch by Jelle Zijlstra. - Add `typing_extensions.Buffer`, a marker class for buffer types, as proposed by PEP 688. Equivalent to `collections.abc.Buffer` in Python 3.12. Patch by Jelle Zijlstra. - Backport two CPython PRs fixing various issues with `typing.Literal`: https://github.com/python/cpython/pull/23294 and https://github.com/python/cpython/pull/23383. Both CPython PRs were originally by Yurii Karabas, and both were backported to Python >=3.9.1, but ... changelog too long, skipping 69 lines ... https://github.com/python/cpython/pull/104048) Patch by Alex Waygood. ==== python311 ==== Subpackages: python311-curses python311-dbm - restrict PEP668 to ALP/Tumbleweed - add externally_managed.in to label this build as PEP-668 managed - IT MEANS THAT bsc#1210638 STILL HAS NOT BEEN FIXED! - Add Revert-gh105127-left-tests.patch (gh#python/cpython!106941) partially reverting CVE-2023-27043-email-parsing-errors.patch, because of the regression in gh#python/cpython#106669. - (bsc#1210638, CVE-2023-27043) Add CVE-2023-27043-email-parsing-errors.patch, which detects email address parsing errors and returns empty tuple to indicate the parsing error (old API). (The patch is faulty, gh#python/cpython#106669, but upstream decided not to just revert it). ==== python311-core ==== Subpackages: libpython3_11-1_0 python311-base - restrict PEP668 to ALP/Tumbleweed - add externally_managed.in to label this build as PEP-668 managed - IT MEANS THAT bsc#1210638 STILL HAS NOT BEEN FIXED! - Add Revert-gh105127-left-tests.patch (gh#python/cpython!106941) partially reverting CVE-2023-27043-email-parsing-errors.patch, because of the regression in gh#python/cpython#106669. - (bsc#1210638, CVE-2023-27043) Add CVE-2023-27043-email-parsing-errors.patch, which detects email address parsing errors and returns empty tuple to indicate the parsing error (old API). (The patch is faulty, gh#python/cpython#106669, but upstream decided not to just revert it). ==== qemu ==== Version update (8.0.3 -> 8.0.4) Subpackages: qemu-arm qemu-audio-spice qemu-block-curl qemu-block-nfs qemu-block-rbd qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-host qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-img qemu-ipxe qemu-ksm qemu-pr-helper qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios - perl-Text-Markdown is not available in all distros and for all arch-es. Use discount instead - Patches added: * [openSUSE][spec] Use discount instead of perl-Text-Markdown - Update to version 8.0.4: * Official changelog not released on the mailing list yet * Security issues fixed: - bsc#1212850 (CVE-2023-3354) - bsc#1213001 (CVE-2023-3255) - bsc#1213925 (CVE-2023-3180) - bsc#1207205 (CVE-2023-0330) ==== qqc2-desktop-style ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Don't create Sonnet.Settings if not needed * Add explicit moc includes to sources for moc-covered headers ==== qt6-declarative ==== Subpackages: libQt6LabsAnimation6 libQt6LabsFolderListModel6 libQt6LabsQmlModels6 libQt6LabsSettings6 libQt6LabsSharedImage6 libQt6LabsWavefrontMesh6 libQt6Qml6 libQt6QmlCore6 libQt6QmlLocalStorage6 libQt6QmlModels6 libQt6QmlWorkerScript6 libQt6QmlXmlListModel6 libQt6Quick6 libQt6QuickControls2-6 libQt6QuickControls2Impl6 libQt6QuickDialogs2-6 libQt6QuickDialogs2QuickImpl6 libQt6QuickDialogs2Utils6 libQt6QuickEffects6 libQt6QuickLayouts6 libQt6QuickParticles6 libQt6QuickShapes6 libQt6QuickTemplates2-6 libQt6QuickTest6 qt6-declarative-imports - Reduce memory constraints for riscv64 - Sort license tags ==== qtkeychain-qt5 ==== Version update (0.13.2 -> 0.14.1) Subpackages: libqt5keychain1 libqt5keychain1-lang - Update to 0.14.1: * Many build system fixes and build fixes for recent Qt 6 releases * Add QtQuick client example * Added Dutch translation * Add API to check whether a secure backend is available at all * Export QKeychain::isAvailable() to make it usable in a shared build * Protect against creating the QtKeychain::QtKeychain alias target twice - Drop patch, merged upstream: * 0001-Define-a-poper-exported-CMake-target-instead-of-intr.patch - Add missing dependency to the -devel packages ==== rdma-core ==== Subpackages: libefa1 libibverbs libibverbs1 libmana1 libmlx4-1 libmlx5-1 librdmacm1 rdma-ndd - Drop patches adding support for cxgb3 (EOL, removed from kernel 5.5) - cxgb3-fix-declaration-of-free_context.patch - cxgb3-fix-support-for-new-uquery-API.patch - Revert-libcxgb3-Remove-libcxgb3-from-rdma-core.patch - Revert-Update-kernel-headers.patch - Update baselibs=.conf accordingly ==== re2c ==== Version update (3.0 -> 3.1) - Update to 3.1: * new options --leftmost-captures option and re2c:leftmost-captures on capturing groups * new syntax (! ...) for non-capturing groups * It is also possible to flip defaults with --invert-captures option or re2c:invert_captures configuration, so that (...) is a capturing group and (! ...) is a non-capturing one * TDFA paper and removal of experimental algorithms * internal codebase , build system and CI improvements see details at https://re2c.org/releases/release_notes.html#release-3-1 ==== rebootmgr ==== Version update (2.0 -> 2.1) - Update to version 2.1 - Support systemctl soft-reboot (systemd >= v254) - Typo fix in spec description ==== rpm ==== Subpackages: librpmbuild9 - add remove-awk-dependency.patch to be able to drop awk dependency from containers ==== rubygem-moneta ==== Version update (1.5.2 -> 1.6.0) - updated to version 1.6.0 see installed CHANGES 1.6.0 * Adapters - Support for Rails 6.1 and above (Adapters::ActiveRecord, Adapters::ActiveSupportCache, ActiveSupportCache::MonetaStore) * Adapters::YAML - add `theadsafe` option * Adapters::Sequel - fix deadlock issue with #increment on MySQL in newer Sequel versions (#244) * Adapters::Sequel - fix issue with Postgres HStore on newer Postgres (#243) * Adapters - fixed an issue many adapters had where #merge! errored if passed an empty hash (#246) * Support changes - Drop support for 2.3 and 2.4, add support for 3.x ==== sac ==== - Clean the spec file a bit to make it more readable ==== salt ==== Subpackages: python3-salt salt-master salt-minion salt-transactional-update - Create minion_id with reproducible mtime - Fix detection of Salt codename by "salt_version" execution module - Fix regression: multiple values for keyword argument 'saltenv' (bsc#1212844) - Fix the regression of user.present state when group is unset (bsc#1212855) - Fix zypper repositories always being reconfigured - Fix utf8 handling in 'pass' renderer and make it more robust - Prevent _pygit2.GitError: error loading known_hosts when $HOME is not set (bsc#1210994) - Fix ModuleNotFoundError and other issues raised by salt-support module (bsc#1211591) - tornado: Fix an open redirect in StaticFileHandler (CVE-2023-28370, bsc#1211741) - Make master_tops compatible with Salt 3000 and older minions (bsc#1212516) (bsc#1212517) - Avoid failures due transactional_update module not available in Salt 3006.0 (bsc#1211754) - Avoid conflicts with Salt dependencies versions (bsc#1211612) - Added: * fix-utf8-handling-in-pass-renderer-and-make-it-more-.patch * fix-the-regression-of-user.present-state-when-group-.patch * make-master_tops-compatible-with-salt-3000-and-older.patch * avoid-conflicts-with-dependencies-versions-bsc-12116.patch * tornado-fix-an-open-redirect-in-staticfilehandler-cv.patch * fix-regression-multiple-values-for-keyword-argument-.patch * zypper-pkgrepo-alreadyconfigured-585.patch * mark-salt-3006-as-released-586.patch * fix-some-issues-detected-in-salt-support-cli-module-.patch * define-__virtualname__-for-transactional_update-modu.patch * 3006.0-prevent-_pygit2.giterror-error-loading-known_.patch ==== setools ==== Version update (4.4.2 -> 4.4.3) Subpackages: python311-setools setools-console - Update to version 4.4.3: * Fix compilation with Cython 3.0.0. * Improve man pages. * Remove neverallow options in sediff. * Add -r option to seinfoflow to get flows into the source type. * Reject a rule with no permissions as invalid policy. ==== shadow ==== Version update (4.13 -> 4.14.0) Subpackages: libsubid4 login_defs - Remove dependency on libbsd: On Tumbleweed we have glibc 2.38 already thus string functions like strlcpy will be present and won't be needed from libbsd. `readpassphrase()` is then the only function from libbsd not present. Upstream shadow has an in tree copy of it, that is used when the `--without-libbsd` flag is passed along. By relying on glibc 2.38 we don't need to add libbsd and libmd to our ring0 but can't easily upgrade on SLE. - Update to 4.14.0: * configure: add with-libbsd option * Code cleanup * Replace utmp interface #757 * new option enable-logind #674 * shadow userdel: add the adaptation to the busybox ps in 01-kill_user_procs.sh * chsh: warn if root sets a shell not listed in /etc/shells #535 * newgrp: fix potential string injection * lastlog: fix alignment of Latest header * Fix yescrypt support #748 * chgpasswd: Fix segfault in command-line options * gpasswd: Fix password leak * Add --prefix to passwd, chpasswd and chage #714 (bsc#1206627) * usermod: fix off-by-one issues #701 * ch(g)passwd: Check selinux permissions upon startup #675 * sub_[ug]id_{add,remove}: fix return values * chsh: Verify that login shell path is absolute #730 * process_prefix_flag: Drop privileges * run_parts for groupadd and groupdel #706 * newgrp/useradd: always set SIGCHLD to default * useradd/usermod: add --selinux-range argument #698 * sssd: skip flushing if executable does not exist #699 * semanage: Do not set default SELinux range #676 * Add control character check #687 * usermod: respect --prefix for --gid option * Fix null dereference in basename * newuidmap and newgidmap: support passing pid as fd * Prevent out of boundary access #633 * Explicitly override only newlines #633 * Correctly handle illegal system file in tz #633 * Supporting vendor given -shells- configuration file #599 * Warn if failed to read existing /etc/nsswitch.conf * chfn: new_fields: fix wrong fields printed * Allow supplementary groups to be added via config file #586 * useradd: check if subid range exists for user #592 (rh#2012929) - Refresh useradd-default.patch - Remove upstreamed patches: * useradd-userkeleton.patch * shadow-audit-no-id.patch * shadow-fix-print-login-timeout.patch * shadow-CVE-2023-29383.patch - Dont build lastlog (lastlog.legacy) anymore since we use lastlog2 by default now. - This release depends either on libbsd or on glibc >= 2.38 which only recently got released. libbsd (and libmd) would be new packages in our ring0 ==== signon ==== Version update (8.60 -> 8.61) Subpackages: libsignon-qt5-1 signon-plugins signond signond-libs - Update to 8.61 * Port away from QHash::unite * Don't emit QObject::destroyed() within Identity::destroy() * Build: remove unnecessary qmake options * Don't use -fno-rtti * Run test script with Busybox compatible mktemp * Fix typos in logs * Tests: add missing parameter to mkdir command * Fix deprecation warning * signond: register the adaptors in SignonDaemonAdaptor * signond: get appId of peer in SignonIdentityAdapter * signond: add Error class * signond: add ErrorAdaptor class * signond: use ErrorAdaptor in SignonSessionCore * signond: reduce usage of D-Bus in SignonIdentity class * signond: introduce PeerContext class * signond: reduce D-Bus usage in SignonAuthSession * signond: register the adaptors, not the object itself * signond: destroy adapter when Identity gets unregistered * Fix Unicode $HOME dir - Drop patch, merged upstream: * 0001-Don-t-use-fno-rtti.patch - Drop the unneeded baselibs.conf ==== smartmontools ==== Version update (7.3 -> 7.4) - Update to version 7.4: * See NEWS and ChangeLog files for full details - Drop smartmontools-smartctl-NVMe-big-endian.patch (upstreamed) - Refresh smartmontools-suse-default.patch ==== solid ==== Version update (5.108.0 -> 5.109.0) Subpackages: libKF5Solid5 solid-imports solid-tools - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== sonnet ==== Version update (5.108.0 -> 5.109.0) Subpackages: libKF5SonnetCore5 libKF5SonnetUi5 sonnet-imports - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== speech-dispatcher ==== Version update (0.11.4 -> 0.11.5) Subpackages: libspeechd2 python3-speechd - Update to version 0.11.5: * Update CLDR to version 43 and symbols from NVDA. * Fix parsing and emitting space character. * Reduce espeak buffer size to avoid ssml issues. * Add --disable-doc. * Fix spd-conf not being able to set the default module. * Fix pausing without index. ==== srt ==== Version update (1.5.1 -> 1.5.2) - Update to 1.5.2: * API - 41c4b1f Fixed #ifdef ENABLE_AEAD_API_PREVIEW (#2603). - b3a21e1 SRT version raised to 1.5.2. - c0d9fcd Restored resetlogfa(..) in udt.h. Reverting #2558, although udt.h is not the official SRT API. - 87de405 Added ENABLE_AEAD_API_PREVIEW build option to enable AEAD API. - 60d1237 Crypto mode 'auto' implemented for listener (#2574). - 27e7d8d Socket Options: do not allow AES GCM if TSBPD is disabled. - 3e4561e Add GCM to the SRT API. * Core Functionality - 3cefede Correct remaining endianness issues - 30e7ccd Minor fix of variable shadowing. - 6fcff6d Fixed various compiler warnings on various platforms (#2679). - 59cde53 Fixed FEC Emergency resize crash (#2717). - 2fcd3d4 Fix crypto mode auto for listener sender (#2711). - b010763 Fixed typos in MBedTLS where it referred to GnuTLS (#2699). - a991767 Fix peer filter config being rejected because of endianness - 1cffd2f Added rejection handshake sent to the peer in rendezvous mode (#2667). - f57ba89 Added missing thread watchdog ticks in 3 thread loop (#2669). - e8d0533 Fixed old ENABLE_AEAD_PREVIEW. - 599c1fb Reworked the CRcvBuffer::dropMessage(..) function (#2661). - 7948772 Removed duplicate lines (#2660). - 3ffc93f Fixed CRcvBuffer::dropMessage (#2657). - e9a3955 Fixed guard for rcv-rexmit fields (#1859). - 22e97f8 Fixed warnings and removed redundant includes (#2658). - c83c31b Reduce frequency of the decryption failure log (#2602). - 21b55a2 Disabled warnings various platforms and fixed C++20 Windows build (#2411). - 65bef37 Set CLOSING state when closing a socket (#2643). - 02cba9e Drop undecrypted packet based on sequence number (#2654). - 6d774dd Fixed invalid ASSERT checking outdated object in haicrypt (#2652). - 8db35de Refaxed and fixed multiplexer reusage (#2608). - 6c92a13 Fix crash when enable heavy log and socket id less than 10 (#2619). - 64dedef CodeQL: operation requires 22 bytes. - 0c583f8 CodeQL warning: checking NULL after new. - b8962b4 Fixed PKTINFO case that was failing for IPv4+IPv6 bound sockets (#2630). - a42a39f Fixed wrong null-safety condition check in haicrypt (#2616). - 30f6f6b Removed extra redundant condition checks (#2615). - 5f02310 Fix negative id when wrap around - f533716 Fixed reject reason by a caller if connection is UNSECURE (#2622). - 04e8dbc Fixed default reject reason for a listener callback (#2605). - 0b9d583 AEAD: don't break a connection on decrypt failure. - 6db28dc RCV Buffer Refax: added some utils and simplifications (#2522). - 5889a2c AES-GCM payload length check (#2591). - 45232ad Allow fileCC in group mode - 98b1b00 Added extraction of IP_PKTINFO when reading (#456). - de9fc45 Fix CRcvBuffer last position in getTimespan_ms (#2579). - 38b4211 Remove use variable length array (#2279). - 78dd987 Fixed missing DROPREQ for LOSSREPORT that partially predates ACK (#2498). - 4090b25 Reject caller to caller connection (#2562). - 0a835ea Refax: moved removal of one seq from fresh loss list to a separate function (#2521). - 19af5d1 Obtain ConnectionLock while sending crypto keys. - 3d517cf Fixed a warning: member referenced before initialized (#2433). - fc82eac Refax: remove usage of LOGF/HLOGF (#2566). - 637d439 Refax: removed m_iRcvLastSkipAck and its dependencies (#2546). - 6c52f2d Pass std::string by const ref where possible. - 6d62096 Applied clang-format on md5.cpp and md5.h. - 2c48cba MD5: Removed null pointer subtraction (may have undefined behavior). - ae39052 Fixed rendezvous connection in the Non Blocking Mode (#2548). - 0138898 Fixed cloning the RX crypto context (AEAD) - be1ccf5 Moved KM refresh in packUniqueData() (#2541). - f864cec Fixed TARGET_OS_MAC not defined. Wrong include order. - 432f2d8 fix CSndBuffer parameter incorrect in AES GCM mode - cbfa812 Refax/postfix: further fixes after last refax changes (#2528) - e082f30 Fixed validation of input parameters in srt_connect (#2520). - 932e5bd Cleanup of bonding conditionals and unused code (#2525). - f477b51 Fixed connected peer address recording (#2526) - b76c8b2 Fixed CRcvBuffer::getAvailSize() may jump around. (#2490) - 71c3e40 Refax: safety improvements for RCV loss list and closing state (#2517) - 491e6e8 Extract RCV buffer insertion handling to a separate function (#2500). - 258a858 Refax: added size cache to the group container (#2510). - 2fd1363 Refax: improve logging and code readability around specific logging (#2511). - f7a024a Refax: removed the synconmsg property and its handling in the group (#2509) - 53735e1 Don't consider tool old ACK as IPE, it' may caused by network. - d26bbf7 Fixed a false alarm: ACK ERROR...(diff -1) - 0f6e7c7 Fixed the inconsistency between getFirstLostSeq() and ackDataUpTo() (#2488) - ea86302 Reduced calls to steady_clock::now() from two to one. - 8e9958a Reject if SRT_MAGIC_CODE is not set in the HS induction response. - 8e67aa7 Tune logs of group members adding and removing. - c01c646 Fixed AES-GCM support check. ==== suse-module-tools ==== Version update (16.0.32 -> 16.0.33) Subpackages: suse-module-tools-scriptlets - Update to version 16.0.33: * change wording in filesystem blacklist files (gh#openSUSE/suse-module-tools#71) * rpm-script: update bootloader after creating initramfs (boo#1213822) * usrmerge: Drop support for non-usrmerged (boo#1206798) ==== syndication ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== syntax-highlighting ==== Version update (5.108.0 -> 5.109.0) Subpackages: libKF5SyntaxHighlighting5 syntax-highlighting-imports - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Hare language syntax highlighting * Add explicit moc includes to sources for moc-covered headers ==== system-config-printer ==== Subpackages: python3-cupshelpers system-config-printer-applet system-config-printer-common system-config-printer-dbus-service udev-configure-printer - Explicitly use --with-cups-serverbin-dir to find SERVERBIN when cups.pc is not provided by older cups (boo#1213883). ==== systemd ==== Version update (253.7 -> 253.8) Subpackages: libsystemd0 libudev1 systemd-container systemd-coredump udev - Import commit fcdb2dd2c921db3c6b7c28465dbda314f4469d17 (merge of v253.8) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/2dac0aff9ced1eca0cd11c24e264b33… ==== sysvinit ==== Version update (3.07 -> 3.08) Subpackages: sysvinit-tools sysvinit-tools-doc - Update to sysvinit 3.08 * For OpenSUSE only cosmetic change which is support of kexec for SysVinit reboot (not installed at all) ==== tango-icon-theme ==== - BuildRequire bitstream-vera-fonts for SVG text rendering ==== tar ==== Subpackages: tar-rmt - Run testsuite also on qemu build ==== telepathy-logger ==== Subpackages: libtelepathy-logger3 typelib-1_0-TelepathyLogger-0_2 - Split the gsettings schema to a separate package + The telepathy-logger library has an hard dependency on the schema, and if it's missing (before this change it has been part of the telepathy-logger daemon) it will cause the loading application to crash. + The library does now require the schema package - Drop dangling %glib2_gsettings_schema_requires macro. ==== threadweaver ==== Version update (5.108.0 -> 5.109.0) - Update to 5.109.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.109.0 - Changes since 5.108.0: * Add explicit moc includes to sources for moc-covered headers ==== tracker-miners ==== Subpackages: tracker-miner-files - Update + Fix the tracker miner spec file to build for SLE_15 + Rebase patch: tracker-miners-drop-syscalls-in-seccomp.patch ==== unixODBC ==== Version update (2.3.11 -> 2.3.12) - Update to 2.3.12: * Makefile.am: Do not install config.h #108 * DriverManager/drivermanager.h: fix build without threads #112 * DriverManager/_info.c: Get locale encoding on Windows. #115 * Fixed Connection String #127 * Allow diagnostics to be retrieved on SQL_NO_DATA #137 * Avoid implicit function declarations, for C99 compatibility #138 * Remove self-reference #140 * isql.1: Add information about handling passwords containing semicolons #126 - Remove unixODBC-gccwarnings.patch, unixODBC-2.3.6-declarations.patch: Changes have been done in https://github.com/lurcher/unixODBC/pull/138 - Update unixODC-etc-location.patch ==== upower ==== Version update (1.90.1 -> 1.90.2) Subpackages: libupower-glib3 typelib-1_0-UpowerGlib-1_0 - update to 1.90.2: * Note that this is the last release of UPower with lid handling. OS components that rely on the lid status should get it from logind instead. * Fix wireless devices not disappearing from Settings when disconnected * Require a newer libgudev to avoid bugs related to newline stripping when reading sysfs attributes * Add installed-tests files for use with gnome-desktop-testing * Fix integration test to work with system installed upower binary and under jhbuild - add skip-tests-install.patch to skip installation of test-only assets ==== util-linux ==== Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 - Re-add util-linux-fix-tests-with-64k-pagesize.patch because it is not in 2.39.1 - Disable last and lastb for ALP, too. ==== util-linux-systemd ==== - Re-add util-linux-fix-tests-with-64k-pagesize.patch because it is not in 2.39.1 - Disable last and lastb for ALP, too. ==== w3m ==== - CVE-2023-38253: out-of-bounds read in growbuf_to_Str() at w3m/indep.c (bsc#1213323) - CVE-2023-38252 out-of-bounds read in Strnew_size() at w3m/Str.c (bsc#1213324) - add 0001-Fix-OOB-access-due-to-multiple-backspaces.patch ==== webkit2gtk3 ==== Version update (2.40.4 -> 2.40.5) Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Update to version 2.40.5 (boo#1213905): + Fix several crashes and rendering issues. + Security fixes: CVE-2023-38133, CVE-2023-38572, CVE-2023-38592, CVE-2023-38594, CVE-2023-38595, CVE-2023-38597,, CVE-2023-38599,, CVE-2023-38600, CVE-2023-38611. ==== webkit2gtk3-soup2 ==== Version update (2.40.4 -> 2.40.5) Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles - Update to version 2.40.5 (boo#1213905): + Fix several crashes and rendering issues. + Security fixes: CVE-2023-38133, CVE-2023-38572, CVE-2023-38592, CVE-2023-38594, CVE-2023-38595, CVE-2023-38597,, CVE-2023-38599,, CVE-2023-38600, CVE-2023-38611. ==== wpebackend-fdo ==== Version update (1.14.0 -> 1.14.2) - Update to version 1.14.2 + Reverted a change introduced in 1.14.1 which introduced crashes both with WebKitGTK and WPE running under Wayland in some configurations. + Fix a crash caused by wrong assertion, which was typically triggered in debug builds when using the NVidia drivers. - Update to version 1.14.1: + Fix WebKit no longer repainting after provisional navigation wit PSON enabled. + Fix graphics buffer leaks by always freeing them in buffer destroy listener callbacks. ==== wtmpdb ==== Version update (0.7.1 -> 0.9.1) Subpackages: libwtmpdb0 - Fix last.1 manual page reference - Update to version 0.9.1 - Fix printf format specifier on 32bit - Update to version 0.9.0 - Try to detect systemctl soft-reboot - Many conversation warning/error fixes - Update to version 0.8.0 - wtmpdb boottime: print boot time ==== xdg-desktop-portal-gnome ==== Version update (44.1 -> 44.2) - Update to version 44.2: + Expose settings backend when running outside of GNOME. + Updated translations. ==== xen ==== Version update (4.17.1_06 -> 4.17.2_02) Subpackages: xen-libs xen-tools-domU - bsc#1212684 - xentop fails with long interface name 64d33a57-libxenstat-Linux-nul-terminate-string.patch - Update to Xen 4.17.2 bug fix release (bsc#1027519) xen-4.17.2-testing-src.tar.bz2 * No upstream changelog found in sources or webpage - bsc#1214082 - VUL-0: CVE-2023-20569: xen: x86/AMD: Speculative Return Stack Overflow (XSA-434) - bsc#1214083 - VUL-0: CVE-2022-40982: xen: x86/Intel: Gather Data Sampling (XSA-435) - Dropped patches contained in new tarball 64525c61-tools-libs-guest-assist-gcc13s-realloc-analyzer.patch 645dec48-AMD-IOMMU-assert-boolean-enum.patch 64639e84-amd-fix-legacy-setting-of-SSBD-on-AMD-Family-17h.patch 646b782b-PCI-pci_get_pdev-respect-segment.patch 647dfb0e-x86-missing-unlock-in-microcode_update_helper.patch 648863fc-AMD-IOMMU-Invalidate-All-check.patch 64bea1b2-x86-AMD-Zenbleed.patch - Handle potential off-by-one errors in libxc-sr-xg_sr_bitmap.patch A bit is an index in bitmap, while bits is the allocated size of the bitmap. - Add more debug to libxc-sr-track-migration-time.patch This is supposed to help with doing the math in case xl restore fails with ERANGE as reported in bug#1209311 - bsc#1213616 - VUL-0: CVE-2023-20593: xen: x86/AMD: Zenbleed (XSA-433) 64bea1b2-x86-AMD-Zenbleed.patch ==== xfce4-terminal ==== Version update (1.0.4 -> 1.1.0) Subpackages: xfce4-terminal-lang - Update to version 1.1.0 * Update copyright year * Allow passing arguments to custom commands * Fully translate strings in unsafe paste dialog * window: Properly sync always-show-tabs * cleanup: Include gdkx.h in one place * preferences: Remove unused class member * preferences: Check if channel itself exists instead of check property * screen: Review image loader memory management * image-loader: Review cache management * Add keywords to .desktop files (Fixes #50) * screen: Take window scaling into account when drawing (Fixes #71) * Remove obsolete GNOME default-app file (Fixes #109) * Add "Open File Manager Here" action (Fixes #133) * Properly manage default encoding (Fixes #128) * Move general include in private.h * dropdown: Disable systray icon on Wayland * Fix startup with GDK_BACKEND=x11 (Fixes #177) * shortcuts: Restore broken action toggle-menubar * shortcuts: Fix non-consumed key event for show-menubar * main: Allow GTK to parse its options first (Fixes #216) * search: Add missing sanity check * Use GLib logging functions and do not translate warnings * Remove obsolete CHECK_VERSION() * Use g_new() instead of malloc() * Fix Xfconf memory management * search-dialog: Fix memory leak * Remove extra separator at the end of context menu * Missing shortcut keys in the standalone preferences dialog (Issue #198) * Apply 1 suggestion(s) to 1 file(s) * Enable kinetic scrolling in VteTerminal * Extend --disable-server description wrt. process model * Drop obsolete --disable-server translations * prefs-dialog: Fix untranslated strings * Add sixel support * Add icons at missing sizes, clean up SVG metadata * build: Fix autoconf warnings * build: Add GLib requirement * Add accel entries for scrolling pages (Issue #221) * Remove documentation for dead anti-aliasing option * Make strings translatable (Issue #222) * Fix shortcuts-editor include * Support hyperlinks (Issue #21) * Fix argument type for xfce_shortcuts_editor_new * fix background_notify * Remove disable-help preference. * MR: !51 transitioned to Xfconf (#134) * typos in MR !48 fixed * Remove all references to terminal-preferences.glade * Remove one more mention of terminal-preferences.glade * Remove trailing slash * Remove terminal-preferences-ui.h from makefile * Remove terminal-preferences.glade * MR: !48 shortcuts editor embedded into preferences-dialog (#195) * MR: !48 preferences-dialog rewritten in C (#195) * MR: !46 Change in implementation for TAB accels (#150) * Implementation of MiscShiftArrowsToScroll as accelerators. * Add PCRE2 build dependency * Remove libxfce4ui 4.17 version guards * Replace with xfce_gtk_menu_append_separator * Tweak toolbar * Translation Updates - "gnome-control-center" support is no longer available; remove the corresponding entries from the %files list ==== xmlsec1 ==== Subpackages: libxmlsec1-1 libxmlsec1-nss1 libxmlsec1-openssl1 - Added patch: * xmlsec1-ui_null.patch + fix build with older versions of openssl that don't have UI_null() method ==== xz ==== Version update (5.4.3 -> 5.4.4) Subpackages: liblzma5 - xznew: Remove bashsism. - build: pass CONFIG_SHELL=/bin/sh to configure: the posix tools are setting the current SHELL as the shebang, which is overkill: any posix compliant shell, aka /bin/sh, is sufficient. - Update to version 5.4.4: * liblzma and xzdec can now build against WASI SDK when threading support is disabled. xz and tests don't build yet. * documentation update * translations update ==== yast2-apparmor ==== Version update (4.6.1 -> 4.6.2) - bsc#1214418 - Fixed crash on internal error when scanning audit.log - 4.6.2 ==== yast2-country ==== Version update (4.6.2 -> 4.6.3) Subpackages: yast2-country-data - Allow changing date to a later year than 2032 (bsc#1214144) - 4.6.3 ==== yast2-installation ==== Version update (4.6.5 -> 4.6.7) - Require awk for use in startup scripts (bsc#1214277) - 4.6.7 - bsc#1213959 - Change status label properly when toggling status in the "Previousy used repositories" dialog. - 4.6.6 ==== yast2-packager ==== Version update (4.6.1 -> 4.6.2) - Move loading the Pkg module to fix a failing unit test (bsc#1214069) - 4.6.2 ==== yast2-trans ==== Version update (84.87.20230729.64eca7e0a1 -> 84.87.20230818.ea489402e5) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sr yast2-trans-sv yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20230818.ea489402e5: * Translated using Weblate (Latvian) * Translated using Weblate (Catalan) * Translated using Weblate (Catalan) * Translated using Weblate (Catalan) - Update to version 84.87.20230811.13616e3be9: * Translated using Weblate (Georgian) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Czech) * Translated using Weblate (Dutch) * Translated using Weblate (Czech) * Translated using Weblate (Dutch) * Translated using Weblate (Czech) * New POT for text domain 'users'. * New POT for text domain 'storage'. * New POT for text domain 'sap-installation-wizard'. * New POT for text domain 'qt-pkg'. * New POT for text domain 'qt'. * New POT for text domain 'pam'. * New POT for text domain 'ncurses'. * New POT for text domain 'migration_sle'. * New POT for text domain 'kdump'. * New POT for text domain 'installation'. * New POT for text domain 'control'. ==== zsh ==== - Enable testsuite in qemu build ==== zxing-cpp ==== - Restore support for building on SLE12 - Build with gcc7-c++ or gcc-c++ >= 7 because of C++17 requirements - Added patch: * cmake.patch + allow building with cmake 3.5 on SLE12SP5

1 0

All-H3-CC-H5 Wiki Page
by Chuck Payne 15 Aug '23

15 Aug '23

Guys, I wanted to get openSUSE on a few of the LibreComputer boards, well the first I tired All-H3-CC-H5, the tumble weed iso link is broken. What ISO can I use? I want to use with the Renegade and La Potatoe. Thanks Guys, -- Terror PUP a.k.a Chuck "PUP" Payne ----------------------------------------- Discover it! Enjoy it! Share it! openSUSE Linux. ----------------------------------------- openSUSE -- Terrorpup openSUSE Ambassador/openSUSE Member skype,twiiter,identica,friendfeed -- terrorpup freenode(irc) --terrorpup/lupinstein Register Linux Userid: 155363 openSUSE Community Member since 2008.

1 0

New Arm Tumbleweed snapshot 20230802 released!
by Guillaume Gardet 04 Aug '23

04 Aug '23

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: bluedevil5 (5.27.6 -> 5.27.7) breeze (5.27.6 -> 5.27.7) breeze-gtk (5.27.6 -> 5.27.7) discover (5.27.6 -> 5.27.7) drkonqi5 (5.27.6 -> 5.27.7) ffmpeg-6 file (5.44 -> 5.45) inkscape (1.2.2 -> 1.3) kactivitymanagerd (5.27.6 -> 5.27.7) kcm_flatpak (5.27.6 -> 5.27.7) kcm_sddm (5.27.6 -> 5.27.7) kde-cli-tools5 (5.27.6 -> 5.27.7) kde-gtk-config5 (5.27.6 -> 5.27.7) kgamma5 (5.27.6 -> 5.27.7) khotkeys5 (5.27.6 -> 5.27.7) kinfocenter5 (5.27.6 -> 5.27.7) kirigami-addons (0.9.0 -> 0.10.0) kmenuedit5 (5.27.6 -> 5.27.7) kpipewire (5.27.6 -> 5.27.7) kscreen5 (5.27.6 -> 5.27.7) kscreenlocker (5.27.6 -> 5.27.7) ksshaskpass5 (5.27.6 -> 5.27.7) ksystemstats5 (5.27.6 -> 5.27.7) kwayland-integration (5.27.6 -> 5.27.7) kwin5 (5.27.6 -> 5.27.7) kwrited5 (5.27.6 -> 5.27.7) layer-shell-qt (5.27.6 -> 5.27.7) libkdecoration2 (5.27.6 -> 5.27.7) libkscreen2 (5.27.6 -> 5.27.7) libksysguard5 (5.27.6 -> 5.27.7) libopenraw (0.3.4 -> 0.3.7) libplacebo5 libstorage-ng (4.5.127 -> 4.5.133) libuv (1.44.2 -> 1.46.0) milou5 (5.27.6 -> 5.27.7) mozilla-nss (3.90 -> 3.91) openssl-1_1 (1.1.1u -> 1.1.1v) oxygen5-sounds (5.27.6 -> 5.27.7) pam_kwallet (5.27.6 -> 5.27.7) patterns-kde (20230403 -> 20230801) plasma-browser-integration (5.27.6 -> 5.27.7) plasma-nm5 (5.27.6 -> 5.27.7) plasma5-addons (5.27.6 -> 5.27.7) plasma5-desktop (5.27.6 -> 5.27.7) plasma5-disks (5.27.6 -> 5.27.7) plasma5-integration (5.27.6 -> 5.27.7) plasma5-openSUSE plasma5-pa (5.27.6 -> 5.27.7) plasma5-systemmonitor (5.27.6 -> 5.27.7) plasma5-thunderbolt (5.27.6 -> 5.27.7) plasma5-workspace (5.27.6 -> 5.27.7) polkit-kde-agent-5 (5.27.6 -> 5.27.7) powerdevil5 (5.27.6 -> 5.27.7) python-pexpect systemsettings5 (5.27.6 -> 5.27.7) virt-manager xdg-desktop-portal-kde (5.27.6 -> 5.27.7) === Details === ==== bluedevil5 ==== Version update (5.27.6 -> 5.27.7) Subpackages: bluedevil5-lang - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== breeze ==== Version update (5.27.6 -> 5.27.7) Subpackages: breeze5-cursors breeze5-decoration breeze5-style breeze5-style-lang libbreezecommon5-5 - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== breeze-gtk ==== Version update (5.27.6 -> 5.27.7) Subpackages: gtk2-metatheme-breeze gtk3-metatheme-breeze gtk4-metatheme-breeze metatheme-breeze-common - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== discover ==== Version update (5.27.6 -> 5.27.7) Subpackages: discover-backend-flatpak discover-backend-fwupd discover-backend-packagekit discover-lang - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - Changes since 5.27.6: * rpm-ostree: Improve search and filter logic (kde#468162) * Fix SteamOS dbus path ==== drkonqi5 ==== Version update (5.27.6 -> 5.27.7) Subpackages: drkonqi5-lang - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - Changes since 5.27.6: * coredump-gui: don't delete qprocess in a slot that connects to it ==== ffmpeg-6 ==== Subpackages: libavcodec60 libavdevice60 libavfilter9 libavformat60 libavutil58 libpostproc57 libswresample4 libswscale7 - Bump required libplacebo version to v6.292.0 or newer for TW - Temporarily demote deprecation errors to deprecation warnings for vf_libplacebo - Add upstream patches to fix build with libplacebo v6: * 0001-avfilter-vf_libplacebo-remove-deprecated-field.diff ==== file ==== Version update (5.44 -> 5.45) Subpackages: file-magic libmagic1 - Add patch file-5.45-type_t.dif * Partly upstream check of type_t is wide on 32bit systems * Extend (auto)configure to enable wide type_t type if possible - On 32bit systems define _TIME_BITS=64 to make it build - Update to 5.45: * PR/465: psrok1: Avoid muslc asctime_r crash * add SIMH tape format support * bump the max size of the elf section notes to be read to 128K and make it configurable * PR/415: Fix decompression with program returning empty * PR/408: fix -p with seccomp * PR/412: fix MinGW compilation - Remove upstream patch dc71304b.patch - Modify patches * file-5.17-option.dif * file-5.19-biorad.dif * file-5.19-zip2.0.dif * file-5.22-elf.dif * file-secure_getenv.patch - Port and rename patch file-5.44.dif now file-5.45.dif ==== inkscape ==== Version update (1.2.2 -> 1.3) Subpackages: inkscape-extensions-extra inkscape-extensions-fig inkscape-extensions-gimp - Update to version 1.3: + Shape Builder Tool for building up shapes on canvas + Font Collections + Pattern Editor + Document Resources Dialog + Improved performance thanks to fully asynchronous, multithreaded rendering + LPE dialog redesigned + Improved On-Canvas Pattern Editing + Better PDF import + Page margins & bleed + Return of Search, opacity & blend modes in Layers & Objects dialog and of an optional persistent snap bar + Syntax highlighting in XML Editor + See the full release notes https://inkscape.org/doc/release_notes/1.3/Inkscape_1.3.html - Drop patch 0001-Fix-build-with-GCC13.patch, fixed upstream ==== kactivitymanagerd ==== Version update (5.27.6 -> 5.27.7) - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== kcm_flatpak ==== Version update (5.27.6 -> 5.27.7) - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== kcm_sddm ==== Version update (5.27.6 -> 5.27.7) - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - Changes since 5.27.6: * Fix loading theme.conf.user (kde#436272) * Fix multi-line strings in QML file ==== kde-cli-tools5 ==== Version update (5.27.6 -> 5.27.7) - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== kde-gtk-config5 ==== Version update (5.27.6 -> 5.27.7) Subpackages: kde-gtk-config5-gtk3 - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== kgamma5 ==== Version update (5.27.6 -> 5.27.7) - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== khotkeys5 ==== Version update (5.27.6 -> 5.27.7) - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== kinfocenter5 ==== Version update (5.27.6 -> 5.27.7) Subpackages: kinfocenter5-lang - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== kirigami-addons ==== Version update (0.9.0 -> 0.10.0) - Update to 0.10.0. No changelog. ==== kmenuedit5 ==== Version update (5.27.6 -> 5.27.7) - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== kpipewire ==== Version update (5.27.6 -> 5.27.7) Subpackages: kpipewire-imports libKPipeWire5 libKPipeWireDmaBuf5 libKPipeWireRecord5 - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - Changes since 5.27.6: * PipeWireSourceItem: proceed itemChange in QQuickItem ==== kscreen5 ==== Version update (5.27.6 -> 5.27.7) Subpackages: kscreen5-plasmoid - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== kscreenlocker ==== Version update (5.27.6 -> 5.27.7) Subpackages: kscreenlocker-lang libKScreenLocker5 - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== ksshaskpass5 ==== Version update (5.27.6 -> 5.27.7) Subpackages: ksshaskpass5-lang - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== ksystemstats5 ==== Version update (5.27.6 -> 5.27.7) - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - Changes since 5.27.6: * gpu/nvidia: Discover data fields based on headers (kde#470474) ==== kwayland-integration ==== Version update (5.27.6 -> 5.27.7) - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== kwin5 ==== Version update (5.27.6 -> 5.27.7) - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - Changes since 5.27.6: * Add closed window checks in restacking requests * Add closed window checks in some window activation code paths * x11: Sync frame extents in X11 native pixels (kde#471132) * backends/drm: handle mismatching stride with CPU copying (kde#471517) * scene: Pad damage if scale factor is fractional * locale1: fix use-after-free in xkb_keymap creation * effects: Make OpenGL context current before deleting framebuffer (kde#444665,kde#471139) * plugins/backgroundcontrast,blur: ensure the effect is only applied behind the window (kde#469625) * input: don't crash if the internal handle is nullptr (kde#471285) ==== kwrited5 ==== Version update (5.27.6 -> 5.27.7) - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== layer-shell-qt ==== Version update (5.27.6 -> 5.27.7) - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== libkdecoration2 ==== Version update (5.27.6 -> 5.27.7) Subpackages: libkdecorations2-5 libkdecorations2-5-lang libkdecorations2private10 - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== libkscreen2 ==== Version update (5.27.6 -> 5.27.7) Subpackages: libKF5Screen8 libKF5ScreenDpms8 libkscreen2-plugin - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - Changes since 5.27.6: * make sure kscreen-doctor exits when using --dpms * Guard the deprecated Output::setPrimary (kde#471195) ==== libksysguard5 ==== Version update (5.27.6 -> 5.27.7) Subpackages: ksysguardsystemstats-data libKSysGuardSystemStats1 libksysguard5-imports libksysguard5-plugins - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - Changes since 5.27.6: * Fix typo ==== libopenraw ==== Version update (0.3.4 -> 0.3.7) Subpackages: gdk-pixbuf-loader-libopenraw libopenraw9 - Update to version 0.3.7 and remove incorporated patch: 03f8270d6bb255ca6618505e83169ab9d95ccef1.patch - Fix build using %prep from Gentoo and autoconf - Upstream changes: * Bug fixes: Fix a crash when rendering Leica M Monochron DNG files. Preserve the raw data photometric interpretation when decompressing raw data. Properly decode uncompressed big endian 16 bit raw data from Pentax PEF. Issue #2. Including PENTAX *ist DS. #2 Added missing MPL-2.0 license to tarball. #15 Fix build issue with Rust 1.70. Fix offline Rust build from tarball. Fix a missing include with gcc 13. Issue #12. * New features: The Rust crates are vendored for the tarball. Note: resulting tarball is bigger. * Camera support: [ a * denote that static WB coefficients have been included, unless DNG ] Added Leica M11 Monochrom, Q3. [ a * denote that static WB coefficients have been included, unless DNG ] Added coefficients for Canon R8* and R50*. Added coefficients for Panasonic S5M2*. Added Panasonic GF8*. Added Sony ZV-E1*, ILME-FX30*. * Other: Updated Exif tags. ==== libplacebo5 ==== - Fix libplacebo5-devel and plplay5 conflict with libplacebo-devel and plplay, respectively ==== libstorage-ng ==== Version update (4.5.127 -> 4.5.133) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - Translated using Weblate (Czech) (bsc#1149754) - 4.5.133 - Translated using Weblate (Japanese) (bsc#1149754) - 4.5.132 - Translated using Weblate (Slovak) (bsc#1149754) - 4.5.131 - Translated using Weblate (Dutch) (bsc#1149754) - 4.5.130 - merge gh#openSUSE/libstorage-ng#943 - updated pot and po files - 4.5.129 - merge gh#openSUSE/libstorage-ng#942 - support no-automount partition flag - fixed include guard - 4.5.128 ==== libuv ==== Version update (1.44.2 -> 1.46.0) - Switched keyring from Jameson Nash (vtjnash) to Santiago Gimeno (santigimeno) - Update to 1.46.0: * Add some more iouring backend fs ops * work around io_uring IORING_OP_CLOSE bug - Updates in version 1.45.0: * introduce io_uring support * give thread pool threads an 8 MB stack * change execution order of timers ==== milou5 ==== Version update (5.27.6 -> 5.27.7) Subpackages: milou5-lang - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== mozilla-nss ==== Version update (3.90 -> 3.91) Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs mozilla-nss-tools - update to NSS 3.91 * bmo#1837431 - Implementation of the HW support check for ADX instruction * bmo#1836925 - Removing the support of Curve25519 * bmo#1839795 - Fix comment about the addition of ticketSupportsEarlyData * bmo#1839327 - Adding args to enable-legacy-db build * bmo#1835357 - dbtests.sh failure in "certutil dump keys with explicit default trust flags" * bmo#1837617 - Initialize flags in slot structures * bmo#1835425 - Improve the length check of RSA input to avoid heap overflow * bmo#1829112 - Followup Fixes * bmo#1784253 - avoid processing unexpected inputs by checking for m_exptmod base sign * bmo#1826652 - add a limit check on order_k to avoid infinite loop * bmo#1834851 - Update HACL* to commit 5f6051d2 * bmo#1753026 - add SHA3 to cryptohi and softoken * bmo#1753026 - HACL SHA3 * bmo#1836781 - Disabling ASM C25519 for A but X86_64 - removed upstreamed patch nss-fix-bmo1836925.patch ==== openssl-1_1 ==== Version update (1.1.1u -> 1.1.1v) Subpackages: libopenssl1_1 - Update to 1.1.1v: * Fix excessive time spent checking DH q parameter value (bsc#1213853, CVE-2023-3817). The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. If DH_check() is called with such q parameter value, DH_CHECK_INVALID_Q_VALUE return flag is set and the computationally intensive checks are skipped. * Fix DH_check() excessive time with over sized modulus (bsc#1213487, CVE-2023-3446). The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ("p" parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. A new limit has been added to DH_check of 32,768 bits. Supplying a key/parameters with a modulus over this size will simply cause DH_check() to fail. * Update openssl.keyring with the OTC members that sign releases * Rebase openssl-1_1-openssl-config.patch * Remove security patches fixed upstream: - openssl-CVE-2023-3446.patch - openssl-CVE-2023-3446-test.patch - Dont pass zero length input to EVP_Cipher because assembler optimized AES cannot handle zero size. [bsc#1213517] * Add openssl-dont-pass-zero-length-input-to-EVP_Cipher.patch ==== oxygen5-sounds ==== Version update (5.27.6 -> 5.27.7) - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== pam_kwallet ==== Version update (5.27.6 -> 5.27.7) Subpackages: pam_kwallet-common - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== patterns-kde ==== Version update (20230403 -> 20230801) Subpackages: patterns-kde-kde patterns-kde-kde_edutainment patterns-kde-kde_games patterns-kde-kde_ide patterns-kde-kde_imaging patterns-kde-kde_internet patterns-kde-kde_multimedia patterns-kde-kde_office patterns-kde-kde_pim patterns-kde-kde_plasma patterns-kde-kde_utilities patterns-kde-kde_utilities_opt patterns-kde-kde_yast - Drop the telepathy pattern. The telepathy modules are now officially unmaintained upstream and won't be released anymore. ==== plasma-browser-integration ==== Version update (5.27.6 -> 5.27.7) - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== plasma-nm5 ==== Version update (5.27.6 -> 5.27.7) Subpackages: plasma-nm5-openconnect plasma-nm5-openvpn plasma-nm5-pptp plasma-nm5-vpnc - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - Changes since 5.27.6: * Avoid double delete of TabWidget ==== plasma5-addons ==== Version update (5.27.6 -> 5.27.7) Subpackages: plasma5-addons-lang - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - Changes since 5.27.6: * wallpapers/potd: use https in apodprovider ==== plasma5-desktop ==== Version update (5.27.6 -> 5.27.7) Subpackages: plasma5-desktop-emojier - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - Changes since 5.27.6: * applets/kickoff: add blocker to prevent focus change in search view (kde#466192) * Kickoff: Fix grid view key nav in mirrored layout * Update Unicode data for emojier to 15.0 * applets/taskmanager: use hardcoded value * applets/taskmanager: make PauseAnimation wait longer (kde#470135) * desktoppackage: activate panel on "Activate Panel Widget" shortcut pressed (kde#455398) * kaccess: Use kcfg files of kcm * kcms/access: Match kcfg default values to old defaults/kaccess ==== plasma5-disks ==== Version update (5.27.6 -> 5.27.7) - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== plasma5-integration ==== Version update (5.27.6 -> 5.27.7) Subpackages: plasma5-integration-plugin plasma5-integration-plugin-lang - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== plasma5-openSUSE ==== Subpackages: plasma5-defaults-openSUSE plasma5-theme-openSUSE plasma5-workspace-branding-openSUSE sddm-theme-openSUSE - Update to 5.27.7 ==== plasma5-pa ==== Version update (5.27.6 -> 5.27.7) Subpackages: plasma5-pa-lang - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - Changes since 5.27.6: * Put volume change logic centrally in VolumeSlider * Make setGenericVolume keep balance between channels (kde#435840) ==== plasma5-systemmonitor ==== Version update (5.27.6 -> 5.27.7) - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== plasma5-thunderbolt ==== Version update (5.27.6 -> 5.27.7) - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== plasma5-workspace ==== Version update (5.27.6 -> 5.27.7) Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-libs xembedsniproxy - Add patch to fix line wrapping of "100 %" in OSDs (kde#469576): * 0001-OSD-Fix-size-calculation-for-progress-value.patch - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - Changes since 5.27.6: * libtaskmanager: fix unable to change order of launchers (kde#472812) * Reorder removals to ensure launcher url is deallocated after last use * Fix crash in LauncherTasksModel::Private::requestRemoveLauncherFromActivities (kde#472378) * libtaskmanager: skip empty appId when matching '*.appId.desktop' (kde#472576,kde#428559) * Do not write empty path to desktop file (kde#433304) * Fix crash in TasksModel::move (kde#472524) * kcm/region_language: fix enum order (kde#472108) * kcms/region_language: Read from $LANGUAGE in options model * kcms/region_language: Improve isSupportedLanguage detection * kcms/region_language: Chop off the UTF-8 codepoint again * kcms/region_language: Check if the language setting is default as well * kcms/region_language: Simplify the language settings read * kcms/region_language: Read the LANGUAGE environment variable for the default language value * TriangleMouseFilter: remove unnecessary return * TriangleMouseFilter: make `resendHoverEvents` actually work * TriangleMouseFilter: fix incorrect handling of hover events and inactive state (kde#467426) * TriangularMouseFilter: Filter event everytime when there was no movement at all * Improve responsiveness of triangular filter * shell: move `forceActiveFocus` to `PanelView` * applets/mediacontroller: use PauseAnimation to delay showing busy indicator * applets/mediacontroller: remove duplicate opacity animation * applets/notifications: add workaround for QTBUG-100392 (kde#468180) * Notifications: Also try X-SnapInstanceName for desktop file resolution * libtaskmanager: fix a potential leak ==== polkit-kde-agent-5 ==== Version update (5.27.6 -> 5.27.7) - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== powerdevil5 ==== Version update (5.27.6 -> 5.27.7) Subpackages: powerdevil5-lang - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6 ==== python-pexpect ==== - Clean up the SPEC file ==== systemsettings5 ==== Version update (5.27.6 -> 5.27.7) - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - Changes since 5.27.6: * Properly show the custom header widget when started with non-QML KCMs ==== virt-manager ==== Subpackages: virt-install virt-manager-common - bsc#1213790 - Application tab in virt-manager is collapsed, therefore I can't read anything virtman-fix-inspection-apps-window.patch ==== xdg-desktop-portal-kde ==== Version update (5.27.6 -> 5.27.7) - Update to 5.27.7 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.27.7 - No code changes since 5.27.6

1 0

New Arm Tumbleweed snapshot 20230801 released!
by Guillaume Gardet 02 Aug '23

02 Aug '23

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: Mesa (23.1.3 -> 23.1.4) Mesa-drivers (23.1.3 -> 23.1.4) MozillaFirefox (115.0.2 -> 115.0.3) apache2-mod_php8 (8.2.7 -> 8.2.8) apparmor bind (9.18.16 -> 9.18.17) cfitsio (4.2.0 -> 4.3.0) crypto-policies (20230420.3d08ae7 -> 20230614.5f3458e) curl (8.1.2 -> 8.2.1) dLeyna elfutils-debuginfod fwupd (1.8.16 -> 1.8.17) gcc13 (13.1.1+git7552 -> 13.1.1+git7597) ghostscript glu (9.0.2 -> 9.0.3) grub2 gstreamer (1.22.4 -> 1.22.5) gstreamer-plugins-bad (1.22.4 -> 1.22.5) gstreamer-plugins-base (1.22.4 -> 1.22.5) gstreamer-plugins-good (1.22.4 -> 1.22.5) gstreamer-plugins-libav (1.22.4 -> 1.22.5) gstreamer-plugins-rs (0.10.9 -> 0.10.11) gstreamer-plugins-ugly (1.22.4 -> 1.22.5) gupnp hidapi (0.13.1 -> 0.14.0) hwinfo (23.1 -> 23.2) iio-sensor-proxy (3.4 -> 3.5) ipmitool (1.8.19.0.g19d7878 -> 1.8.19.13.gbe11d94) java-11-openjdk (11.0.19.0 -> 11.0.20.0) kdeconnect-kde kdump (1.9.3 -> 1.9.5) kernel-firmware (20230707 -> 20230724) kernel-source (6.4.3 -> 6.4.6) kmod lensfun (0.3.3 -> 0.3.4) lftp libapparmor libarchive (3.6.2 -> 3.7.0) libgexiv2 (0.14.1 -> 0.14.2) libnvme libqb (2.0.7+20230607.06c8641 -> 2.0.8+20230721.002171b) libqt5-qtwebengine librsvg (2.56.1 -> 2.56.3) libshumate (1.0.4 -> 1.0.5) libva (2.18.0 -> 2.19.0) libva-gl (2.18.0 -> 2.19.0) libvirt libxcrypt (4.4.35 -> 4.4.36) libzypp (17.31.15 -> 17.31.17) lilv man mdadm miniupnpc (2.2.4 -> 2.2.5) mozilla-nss ncurses (6.4.20230701 -> 6.4.20230715) netcontrol nftables (1.0.7 -> 1.0.8) nghttp2 (1.54.0 -> 1.55.1) openssh (9.3p1 -> 9.3p2) openssh-askpass-gnome (9.3p1 -> 9.3p2) openssl-1_1 openssl-3 ovmf (202302 -> 202305) perl-File-Listing (6.15 -> 6.160.0) perl-XML-LibXML (2.0208 -> 2.0209) perl-libwww-perl (6.71 -> 6.720.0) php8 (8.2.7 -> 8.2.8) pipewire (0.3.74 -> 0.3.76) publicsuffix (20230709 -> 20230717) python-SQLAlchemy (2.0.16 -> 2.0.19) python-mysqlclient python-py python-pycairo (1.23.0 -> 1.24.0) python-pygit2 (1.11.1 -> 1.12.2) python-reportlab python-rich python-urllib3 (2.0.3 -> 2.0.4) python-zope.event python-zope.hookable python-zope.i18nmessageid qalculate (4.6.1 -> 4.7.0) qca-qt5 (2.3.6 -> 2.3.7) qemu qt6-base (6.5.1 -> 6.5.2) qt6-declarative (6.5.1 -> 6.5.2) qt6-imageformats (6.5.1 -> 6.5.2) qt6-translations (6.5.1 -> 6.5.2) qt6-wayland (6.5.1 -> 6.5.2) raspberrypi-firmware-dt rdma-core (45.0 -> 47.0) re2-10 rsync rubygem-rack-2.2 (2.2.7 -> 2.2.8) samba (4.18.3+git.303.c08b73d523c -> 4.18.5+git.313.c8e274c7852) sdbootutil (1+git20230717.dac075e -> 1+git20230727.a0e666f) selinux-policy (20230622 -> 20230728) shotwell (0.32.1 -> 0.32.2) sudo (1.9.13p3 -> 1.9.14p1) systemd sysuser-tools (3.1 -> 3.2) tar texlive-specs-n (2023.201.2.005svn65956 -> 2023.209.2.005svn65956) tpm2-0-tss update-alternatives (1.21.8 -> 1.21.22) util-linux (2.39 -> 2.39.1) util-linux-systemd (2.39 -> 2.39.1) vala-panel-appmenu vlc webkit2gtk3 (2.40.3 -> 2.40.4) webkit2gtk3-soup2 (2.40.3 -> 2.40.4) wireless-regdb (20230601 -> 20230721) xfsprogs (6.3.0 -> 6.4.0) yast2-firstboot (4.6.0 -> 4.6.1) yast2-trans (84.87.20230714.966688ddd0 -> 84.87.20230729.64eca7e0a1) yast2-users (4.6.2 -> 4.6.4) zlib-ng-compat zypper (1.14.61 -> 1.14.62) === Details === ==== Mesa ==== Version update (23.1.3 -> 23.1.4) Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libOSMesa8 libgbm1 - Update to bugfix release 23.1.4 - -> https://docs.mesa3d.org/relnotes/23.1.4.html - supersedes u_fix-glx-context-opengl-4.5.patch ==== Mesa-drivers ==== Version update (23.1.3 -> 23.1.4) Subpackages: Mesa-dri Mesa-gallium Mesa-libva - Update to bugfix release 23.1.4 - -> https://docs.mesa3d.org/relnotes/23.1.4.html - supersedes u_fix-glx-context-opengl-4.5.patch ==== MozillaFirefox ==== Version update (115.0.2 -> 115.0.3) - Mozilla Firefox 115.0.3 * fixes for other platforms - remove bashisms from firefox startup script (boo#1213657) ==== apache2-mod_php8 ==== Version update (8.2.7 -> 8.2.8) - version update to 8.2.8 * This is a bug fix release. * https://www.php.net/ChangeLog-8.php#8.2.8 - modified patches % php-sort-filelist-phar.patch (refreshed) ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-docs apparmor-parser apparmor-profiles apparmor-utils python3-apparmor - Add pam_apparmor README, referenced from online cha-apparmor-pam.html documentation (bsc#1213472) ==== bind ==== Version update (9.18.16 -> 9.18.17) Subpackages: bind-doc bind-utils - Update to release 9.18.17 Feature Changes: * If a response from an authoritative server has its RCODE set to FORMERR and contains an echoed EDNS COOKIE option that was present in the query, named now retries sending the query to the same server without an EDNS COOKIE option. * The relaxed QNAME minimization mode now uses NS records. This reduces the number of queries named makes when resolving, as it allows the non-existence of NS RRsets at non-referral nodes to be cached in addition to the normally cached referrals. Bug Fixes: * The ability to read HMAC-MD5 key files, which was accidentally lost in BIND 9.18.8, has been restored. * Several minor stability issues with the catalog zone implementation have been fixed. ==== cfitsio ==== Version update (4.2.0 -> 4.3.0) - Update to version 4.3.0: * Bug fix to fits_make_hist[d] that was introduced in 4.2.0. * Added overflow checking for case of reading images with 8-byte float values into 4-byte float arrays. * fits_write_key_longstr now handles case of writing a long keyword in combination with a long keyword value string. * Add conversion of French locale comma-to-period in corner cases appearing in ffr2e and ffd2e functions. * Increased the precision when writing version number to User-Agent strings for http connections. This is needed to fully conform to 3-field version string format. * Bug fix to GTIOVERLAP() calculator function, which was being treated as a boolean value in expressions, and is now correctly treated as a floating point result. * Bug fix to ARRAY() calculator function, which caused a memory overflow error * Enhancement to the ARRAY function, such that ARRAY(V,d) can apply new dimensions to V, as long as the total number of array/vector elements does not change. * Enhancement of long string keyword read/write functions to fully conform with FITS standard specifications for multi-line value and comment strings. Two new functions have been added to implement this: fits_get_key_com_strlen and fits_read_string_key_com. - Make doc package noarch. ==== crypto-policies ==== Version update (20230420.3d08ae7 -> 20230614.5f3458e) Subpackages: crypto-policies-scripts - BSI.pol: Added a new BSI policy for BSI TR 02102* (jsc#PED-4933) derived from NEXT.pol - Update to version 20230614.5f3458e: * policies: impose old OpenSSL groups order for all back-ends * Rebase patches: - crypto-policies-revert-rh-allow-sha1-signatures.patch - crypto-policies-supported.patch ==== curl ==== Version update (8.1.2 -> 8.2.1) Subpackages: libcurl4 - Update to 8.2.1: * Bugfixes: - cfilters: rename close/connect functions to avoid clashes - ciphers.d: put URL in first column - cmake: add 'libcurlu'/'libcurltool' for unit tests - cmake: update ngtcp2 detection - configure: check for nghttp2_session_get_stream_local_window_size - docs: mark two TLS options for TLS, not SSL - docs: provide more see also for cipher options - hostip: return IPv6 first for localhost resolves - http2: fix regression on upload EOF handling - http: VLH, very large header test and fixes - libcurl-errors.3: add CURLUE_OK - os400: correct EXPECTED_STRING_LASTZEROTERMINATED - quiche: fix lookup of transfer at multi - quiche: fix segfault and other things - rustls: update rustls-ffi 0.10.0 - socks: print ipv6 address within brackets - src/mkhelp: strip off escape sequences - tool: fix tool_seek_cb build when SIZEOF_CURL_OFF_T > SIZEOF_OFF_T - transfer: do not clear the credentials on redirect to absolute URL - unittest: remove unneeded *_LDADD - websocket: rename arguments/variables to match docs - Update to 8.2.0 [bsc#1213237, CVE-2023-32001] * Security fix: - CVE-2023-32001: fopen race condition * Changes: - curl: add --ca-native and --proxy-ca-native - curl: add --trace-ids - CURLOPT_MAIL_RCPT_ALLOWFAILS: replace CURLOPT_MAIL_RCPT_ALLLOWFAILS - haproxy: add --haproxy-clientip flag to set client IPs - lib: add CURLINFO_CONN_ID and CURLINFO_XFER_ID * Bugfixes: - cf-socket: don't bypass fclosesocket callback if cancelled before connect - cf-socket: skip getpeername()/getsockname for TFTP - curl: count uploaded data to stop at the originally given size - curl: return error when asked to use an unsupported HTTP version - http2: fix crash in handling stream weights - http2: send HEADER & DATA together if possible - http3/ngtcp2: upload EAGAIN handling - http: rectify the outgoing Cookie: header field size check - hyper: fix EOF handling on input - imap: Provide method to disable SASL if it is advertised - libssh2: provide error message when setting host key type fails - libssh2: use custom memory functions - ngtcp2: assigning timeout, but value is overwritten before used - quiche: avoid NULL deref in debug logging - sectransp: fix EOF handling - system.h: remove __IBMC__/__IBMCPP__ guards and apply to all z/OS compiles - timeval: use CLOCK_MONOTONIC_RAW if available - tls13-ciphers.d: include Schannel - tool_easysrc.h: correct `easysrc_perform` for `CURL_DISABLE_LIBCURL_OPTION` - tool_operate: allow cookie lines up to 8200 bytes - tool_parsecfg: accept line lengths up to 10M - tool_writeout_json: fix encoding of control characters - transfer: clear credentials when redirecting to absolute URL - urlapi: have *set(PATH) prepend a slash if one is missing - urlapi: scheme must start with alpha - vtls: avoid memory leak if sha256 call fails - websocket-cb: example doing WebSocket download using callback - ws: make the curl_ws_meta() return pointer a const ==== dLeyna ==== - Add 61d24fdc.patch: Fix typos for meson 1.2 compatibility. ==== elfutils-debuginfod ==== Subpackages: debuginfod-profile libdebuginfod1 - Replace libdebuginfo1 sub-package's debuginfod-profile Recommends with config(debuginfod-profile) Requires, but on the debuginfod-\ client sub-package, instead. And add binutils, bpftrace-tools, elfutils, gdb, perf, systemd-coredump, and valgrind Supplements to debuginfod-client sub-package. This should make installation of debuginfod-client more consistent, along with debuginfod-\ profile, with software/packages that have debuginfod support. ==== fwupd ==== Version update (1.8.16 -> 1.8.17) Subpackages: fwupd-bash-completion libfwupd2 typelib-1_0-Fwupd-2_0 - Update to version 1.8.17: + Correctly obtain the Thunderbolt is_native controller attribute. + Fix a Wacom emulation failure on s390x. + Only allow --force on security attributes for unsupported builds. + Reduce the amount of RSS by ~12% at startup. ==== gcc13 ==== Version update (13.1.1+git7552 -> 13.1.1+git7597) Subpackages: cpp13 libasan8 libatomic1 libgcc_s1 libgccjit0 libgfortran5 libgomp1 libhwasan0 libitm1 liblsan0 libobjc4 libstdc++6 libstdc++6-devel-gcc13 libstdc++6-locale libstdc++6-pp libtsan2 libubsan1 - Bump to 9aac37ab8a7b919a89c6d64bc7107a8436996e93, git7597 * GCC 13.2 RC1 - Add rpmlint filter for SLE12 complaining about invalid licenses. - Also handle -static-pie in the default-PIE specs ==== ghostscript ==== Subpackages: ghostscript-x11 - CVE-2023-38559.patch fixes CVE-2023-38559 "out of bounds read devn_pcx_write_rle() could result in DoS" see bsc#1213637 and https://bugs.ghostscript.com/show_bug.cgi?id=706897 which is in base/gdevdevn.c the same issue "ordering in if expression to avoid out-of-bounds access" as the already fixed CVE-2020-16305 in devices/gdevpcx.c see https://bugs.ghostscript.com/show_bug.cgi?id=701819 ==== glu ==== Version update (9.0.2 -> 9.0.3) - Update to version 9.0.3 * drop autotools * apple: Fix compatibility version and current version of meson build to be compatible with autotools build * pkgconfig: Depend on opengl when built with libglvnd * pkgconfig: Drop unneeded lines from autotools build * pkgconfig: meson build should match autotools requires * Remove deprecated register in C++17 - switch to meson build ==== grub2 ==== Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin - Fix error message "unknown command tpm_record_pcrs" with encrypted boot and no tpm device present (bsc#1213547) * 0002-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch ==== gstreamer ==== Version update (1.22.4 -> 1.22.5) Subpackages: gstreamer-utils libgstreamer-1_0-0 typelib-1_0-Gst-1_0 - Update to version 1.22.5: + Highlighted bugfixes: - Security fixes for the RealMedia demuxer - vaapi decoders, postproc: Disable DMAbuf from caps negotiation to fix garbled video in some cases - decodebin3, playbin3, parsebin fixes, especially for stream reconfiguration - hlsdemux2: fix early seeking; don't pass referer when updating playlists; webvtt fixes - gtk: Fix critical caused by pointer movement when stream is getting ready - qt6: Set sampler filtering method, fixes bad quality with qml6glsink and gstqt6d3d11 - v4l2src: handle resolution change when buffers are copied - videoflip: update orientation tag in auto mode - video timecode: Add support for framerates lower than 1fps and accept 119.88 (120/1.001) fps - webrtcsink: fixes for x264enc and NVIDIA encoders - cerbero: Pull ninja from system if possible, avoid spurious bootstrap of cmake - packages: Recipe updates for ffmpeg, libsoup, orc - various bug fixes, memory leak fixes, and other stability and reliability improvements + gstreamer: - taglist, plugins: fix compiler warnings with GLib >= 2.76 - tracerutils: allow casting parameter types - inputselector: fix playing variable is never set - Rebase patch. ==== gstreamer-plugins-bad ==== Version update (1.22.4 -> 1.22.5) Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0 - Update to version 1.22.5: + d3d11bufferpool: Fix heavy CPU usage in case of fixed-size pool + jpegparser: jpegdecoder: Don't pollute bus and comply with spec + plugins: fix compiler warnings with GLib >= 2.76 + webrtcbin: Prevent critical warning when creating an additional data channel + webrtcstats: Properly report IceCandidate type - Rebase reduce-required-meson.patch. ==== gstreamer-plugins-base ==== Version update (1.22.4 -> 1.22.5) Subpackages: libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstAudio-1_0 typelib-1_0-GstPbutils-1_0 typelib-1_0-GstTag-1_0 typelib-1_0-GstVideo-1_0 - Update to version 1.22.5: + appsink: add missing make_writable call + audioaggregator: Do not post message before being constructed + decodebin3: - Prevent a critical warning when reassigning output slots - Fix slot input linking when the associated stream has changed - Remove spurious input locking during parsebin reconfiguration + urisourcebin: Set source element to READY before querying it + gl/viv-fb: meson build updates + plugins: fix compiler warnings with GLib >= 2.76 + subtitleoverlay: fix mutex error if sink caps is not video + video: - timecode: Add support for framerates lower than 1fps - accept timecode of 119.88 (120/1.001) FPS - cannot attach time code meta when frame rate is 119.88 (120000/1001) + videodecoder: fix copying buffer metas - Rebase reduce-required-meson.patch. ==== gstreamer-plugins-good ==== Version update (1.22.4 -> 1.22.5) Subpackages: gstreamer-plugins-good-extra gstreamer-plugins-good-gtk gstreamer-plugins-good-jack gstreamer-plugins-good-qtqml - Update to version 1.22.5: + adaptivedemux2: Fix early seeking + hlsdemux2: - Ensure processed webvtt ends with empty new line - Don't set a referer when updating playlists + matroska: demux: Strip signal byte when encrypted + rtspsrc: Fix crash when is-live=false + gtk: Fix critical caused by pointer movement when stream is getting ready + qt6: Set sampler filtering method, fixes bad quality with qml6glsink and gstqt6d3d11 + qtdemux: opus: set entry as sampled + v4l2src: handle resolution change when buffers are copied + v4l2videodec: - Fix handling of initial gaps - correctly register v4l2mpeg2dec - replace custom QUERY_CAPS handling with getcaps callback + videoflip: - update orientation tag in auto mode - fix critical when tag list is not writable - Rebase reduce-required-meson.patch. - Pass qt-egl=disabled to meson, we are not ready for this feature yet. ==== gstreamer-plugins-libav ==== Version update (1.22.4 -> 1.22.5) - Update to version 1.22.5: + No changes - Rebase reduce-required-meson.patch. ==== gstreamer-plugins-rs ==== Version update (0.10.9 -> 0.10.11) - Update to version 0.10.11: + fallbackswitch: - Change the threshold for trailing buffers - Fix pad health calculation and notifies + fmp4mux: Fix draining in chunk mode if keyframes are too late + webrtcsink: - fix pipeline when input caps contain max-framerate - Configure only 4 threads for x264enc - Translate force-keyunit events to force-IDR action signal for NVIDIA encoders - Set config-interval=-1 and aggregate-mode=zero-latency on rtph264pay and rtph265pay - Set VP8/VP9 payloader based on payloader element factory name - Update to version 0.10.10: + webrtcsink: - Avoid panic on unprepare from an async tokio context - Use correct property types for nvvideoconvert + webrtc/signalling: fix race condition in message ordering + livesync: - Wait for the end timestamp of the previous buffer before looking at queue - Improve EOS handling + videofx: Minimize dependencies of the image crate + togglerecord: - Clip segment before calculating timestamp/duration - Error out if main stream buffer has no valid running time ==== gstreamer-plugins-ugly ==== Version update (1.22.4 -> 1.22.5) - Update to version 1.22.5: + rmdemux: add some integer overflow checks - Rebase reduce-required-meson.patch. ==== gupnp ==== - Add upstream patches to fix build with meson 1.2.0: + a10c57bd.patch: Add missing "s" to wrap file syntax. + 884639bd.patch: properly spell [provide] in *.wrap files. ==== hidapi ==== Version update (0.13.1 -> 0.14.0) - update to 0.14.0: * general: add `hid_get_report_descriptor` API function (#451) * libusb: fix crash in hid_enumerate() caused by a stale device handle (#526) * fixes (mostly error handling) of issues found by Coverity Scan (#552/#554/#555/#559/#560/#561) * various fixes and improvements ==== hwinfo ==== Version update (23.1 -> 23.2) Subpackages: libhd23 - merge gh#openSUSE/hwinfo#128 - Add support for loongarch cpu - 23.2 ==== iio-sensor-proxy ==== Version update (3.4 -> 3.5) - Update to version 3.5: * Fix sensor hotplugging * Fix some sensors not working when they were assigned a sampling frequency they did not support. * Add more tests. * Correct the location of the D-Bus policy file. ==== ipmitool ==== Version update (1.8.19.0.g19d7878 -> 1.8.19.13.gbe11d94) - Fix: ipmitool duplicates the timestamp (bsc#1213390) A Fix-time-format-for-sel-list-v.patch - Remove: Make-IANA-PEN-download-configurable (is mainline) D 0006-Make-IANA-PEN-download-configurable-fix-uninitalized.patch - Update to version 1.8.19.13.gbe11d94: * configure.ac: allow disabling registry downloads * lan: channel: Fix set alert on/off * make: use correct docdir variable provided by autotools * Do not require the IANA PEN registry file * configure.ac: fix readline static build * Update github actions for modern OSes * Update macos target name in github actions * delloem: Fix the unalign bug in arm64 * lanplus: Realloc the msg if the payload_length gets updated * fru print: Add area checksum verification * fru: Add decoder for multirec system mgmt records * Fix enterprise-numbers URL * Update issue templates ==== java-11-openjdk ==== Version update (11.0.19.0 -> 11.0.20.0) Subpackages: java-11-openjdk-headless - Upgrade to upstream tag jdk-11.0.20+8 (July 2023 CPU) * CVEs + CVE-2023-22006, bsc#1213473 + CVE-2023-22036, bsc#1213474 + CVE-2023-22041, bsc#1213475 + CVE-2023-22044, bsc#1213479 + CVE-2023-22045, bsc#1213481 + CVE-2023-22049, bsc#1213482 + CVE-2023-25193, bsc#1207922 * Security fixes + JDK-8298676: Enhanced Look and Feel + JDK-8300285: Enhance TLS data handling + JDK-8300596: Enhance Jar Signature validation + JDK-8301998, JDK-8302084: Update HarfBuzz to 7.0.1 + JDK-8302475: Enhance HTTP client file downloading + JDK-8302483: Enhance ZIP performance + JDK-8303376: Better launching of JDI + JDK-8304468: Better array usages + JDK-8305312: Enhanced path handling + JDK-8308682: Enhance AES performance * Other changes + JDK-8171426: java/lang/ProcessBuilder/Basic.java failed with Stream closed + JDK-8178806: Better exception logging in crypto code + JDK-8187522: test/sun/net/ftp/FtpURLConnectionLeak.java timed out + JDK-8209167: Use CLDR's time zone mappings for Windows + JDK-8209546: Make sun/security/tools/keytool/autotest.sh to support macosx + JDK-8209880: tzdb.dat is not reproducibly built + JDK-8213531: Test javax/swing/border/TestTitledBorderLeak.java fails + JDK-8214459: NSS source should be removed + JDK-8214807: Improve handling of very old class files + JDK-8215015: [TESTBUG] remove unneeded -Xfuture option from tests + JDK-8215575: C2 crash: assert(get_instanceKlass()->is_loaded()) failed: must be at least loaded + JDK-8220093: Change to GCC 8.2 for building on Linux at Oracle + JDK-8227257: javax/swing/JFileChooser/4847375/bug4847375.java fails with AssertionError + JDK-8232853: AuthenticationFilter.Cache::remove may throw ConcurrentModificationException + JDK-8243936: NonWriteable system properties are actually writeable + JDK-8246383: NullPointerException in JceSecurity.getVerificationResult when using Entrust provider + JDK-8248701: On Windows generated modules-deps.gmk can contain backslash-r (CR) characters + JDK-8257856: Make ClassFileVersionsTest.java robust to JDK version updates + JDK-8259530: Generated docs contain MIT/GPL-licenced works without reproducing the licence + JDK-8263420: Incorrect function name in NSAccessibilityStaticText native peer implementation + JDK-8264290: Create implementation for NSAccessibilityComponentGroup protocol peer + JDK-8264304: Create implementation for NSAccessibilityToolbar protocol peer + JDK-8265486: ProblemList javax/sound/midi/Sequencer/ /Recording.java on macosx-aarch64 + JDK-8268558: [TESTBUG] Case 2 in TestP11KeyFactoryGetRSAKeySpec is skipped + JDK-8269746: C2: assert(!in->is_CFG()) failed: CFG Node with no controlling input? + JDK-8274864: Remove Amman/Cairo hacks in ZoneInfoFile + JDK-8275233: Incorrect line number reported in exception stack trace thrown from a lambda expression + JDK-8275721: Name of UTC timezone in a locale changes depending on previous code + JDK-8275735: [linux] Remove deprecated Metrics api (kernel memory limit) + JDK-8276880: Remove java/lang/RuntimeTests/exec/ExecWithDir as unnecessary + JDK-8277775: Fixup bugids in RemoveDropTargetCrashTest.java - add 4357905 + JDK-8278434: timeouts in test java/time/test/java/time/format/ /TestZoneTextPrinterParser.java + JDK-8280703: CipherCore.doFinal(...) causes potentially massive byte[] allocations during decryption + JDK-8282077: PKCS11 provider C_sign() impl should handle CKR_BUFFER_TOO_SMALL error + JDK-8282201: Consider removal of expiry check in VerifyCACerts.java test + JDK-8282467: add extra diagnostics for JDK-8268184 + JDK-8282600: SSLSocketImpl should not use user_canceled workaround when not necessary + JDK-8283059: Uninitialized warning in check_code.c with GCC 11.2 + JDK-8285497: Add system property for Java SE specification maintenance version + JDK-8286398: Address possibly lossy conversions in jdk.internal.le + JDK-8287007: [cgroups] Consistently use stringStream throughout parsing code + JDK-8287246: DSAKeyValue should check for missing params instead of relying on KeyFactory provider + JDK-8287876: The recently de-problemlisted TestTitledBorderLeak test is unstable ... changelog too long, skipping 104 lines ... + regenerate to changed context ==== kdeconnect-kde ==== Subpackages: kdeconnect-kde-zsh-completion - Require kirigami-addons: used in app/qml/Settings.qml ==== kdump ==== Version update (1.9.3 -> 1.9.5) upgrade to version 1.9.5 * SELinux: temporary hack for bsc#1213721 - upgrade to version 1.9.4 * fix FADUMP initramfs when not created by mkdumprd * FADUMP: let dracut de-duplicate initrd by preserving modification times * mkdumprd: only regenerate FADUMP initrds when needed * mkdumprd: exit when destination not writable (transactional updates) * mkdumprd: don't call update-bootloader ==== kernel-firmware ==== Version update (20230707 -> 20230724) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20230724 (git commit 59fbffa9ec8e): * amdgpu: update VCN 4.0.0 firmware * amdgpu: add initial SMU 13.0.10 firmware * amdgpu: add initial SDMA 6.0.3 firmware * amdgpu: add initial PSP 13.0.10 firmware * amdgpu: add initial GC 11.0.3 firmware * linux-firmware: Update AMD fam17h cpu microcode * linux-firmware: Update AMD cpu microcode * amdgpu: update green sardine VCN firmware * amdgpu: update renoir VCN firmware * amdgpu: update raven VCN firmware * amdgpu: update raven2 VCN firmware * amdgpu: update Picasso VCN firmware * amdgpu: update DMCUB to v0.0.175.0 for various AMDGPU ASICs * Updated NXP SR150 UWB firmware * wfx: update to firmware 3.16.1 * mediatek: Update mt8195 SCP firmware to support 10bit mode * i915: update DG2 GuC to v70.8.0 * i915: update to GuC 70.8.0 and HuC 8.5.1 for MTL * cirrus: Add CS35L41 firmware for ASUS ROG 2023 Models ==== kernel-source ==== Version update (6.4.3 -> 6.4.6) Subpackages: kernel-64kb kernel-default - Update patches.kernel.org/6.4.6-002-x86-cpu-amd-Add-a-Zenbleed-fix.patch (bsc#1012628 bsc#1213286 CVE-2023-20593). Add references. - commit 55520bc - Linux 6.4.6 (bsc#1012628). - x86/cpu/amd: Add a Zenbleed fix (bsc#1012628). - x86/cpu/amd: Move the errata checking functionality up (bsc#1012628). - commit cd14b53 - Update config files. (bsc#1213592) Disable old unmaintained serial drivers - commit ac1bf5a - io_uring: Fix io_uring mmap() by using architecture-provided get_unmapped_area() (bsc#1212773). - Delete patches.suse/Revert-io_uring-Adjust-mapping-wrt-architecture-alia.patch. Replace the temporary fix by an upstream fix. - commit 2f220f8 - Refresh patches.suse/of-Preserve-of-display-device-name-for-compatibility.patch. Update upstream status. - commit 8817ac3 - Linux 6.4.5 (bsc#1012628). - security/integrity: fix pointer to ESL data and its size on pseries (bsc#1012628). - HID: input: fix mapping for camera access keys (bsc#1012628). - HID: amd_sfh: Rename the float32 variable (bsc#1012628). - HID: amd_sfh: Fix for shift-out-of-bounds (bsc#1012628). - net: lan743x: Don't sleep in atomic context (bsc#1012628). - net: lan743x: select FIXED_PHY (bsc#1012628). - ksmbd: add missing compound request handing in some commands (bsc#1012628). - ksmbd: fix out of bounds read in smb2_sess_setup (bsc#1012628). - drm/panel: simple: Add connector_type for innolux_at043tn24 (bsc#1012628). - drm: bridge: dw_hdmi: fix connector access for scdc (bsc#1012628). - drm/bridge: ti-sn65dsi86: Fix auxiliary bus lifetime (bsc#1012628). - swiotlb: always set the number of areas before allocating the pool (bsc#1012628). - swiotlb: reduce the number of areas to match actual memory pool size (bsc#1012628). - drm/panel: simple: Add Powertip PH800480T013 drm_display_mode flags (bsc#1012628). - xen/virtio: Fix NULL deref when a bridge of PCI root bus has no parent (bsc#1012628). - netfilter: nf_tables: report use refcount overflow (bsc#1012628). - netfilter: conntrack: don't fold port numbers into addresses before hashing (bsc#1012628). - ice: Fix max_rate check while configuring TX rate limits (bsc#1012628). - ice: Fix tx queue rate limit when TCs are configured (bsc#1012628). - igc: Add condition for qbv_config_change_errors counter (bsc#1012628). - igc: Remove delay during TX ring configuration (bsc#1012628). - igc: Add igc_xdp_buff wrapper for xdp_buff in driver (bsc#1012628). - igc: Add XDP hints kfuncs for RX hash (bsc#1012628). - igc: Fix TX Hang issue when QBV Gate is closed (bsc#1012628). - net/mlx5e: fix double free in mlx5e_destroy_flow_table (bsc#1012628). - net/mlx5e: fix memory leak in mlx5e_fs_tt_redirect_any_create (bsc#1012628). - net/mlx5e: fix memory leak in mlx5e_ptp_open (bsc#1012628). - net/mlx5e: RX, Fix flush and close release flow of regular rq for legacy rq (bsc#1012628). - net/mlx5: Register a unique thermal zone per device (bsc#1012628). - net/mlx5e: Check for NOT_READY flag state after locking (bsc#1012628). - net/mlx5e: TC, CT: Offload ct clear only once (bsc#1012628). - net/mlx5: Query hca_cap_2 only when supported (bsc#1012628). - net/mlx5e: RX, Fix page_pool page fragment tracking for XDP (bsc#1012628). - igc: set TP bit in 'supported' and 'advertising' fields of ethtool_link_ksettings (bsc#1012628). - igc: Include the length/type field and VLAN tag in queueMaxSDU (bsc#1012628). - igc: Handle PPS start time programming for past time values (bsc#1012628). - blk-crypto: use dynamic lock class for blk_crypto_profile::lock (bsc#1012628). - scsi: qla2xxx: Fix error code in qla2x00_start_sp() (bsc#1012628). - scsi: ufs: ufs-mediatek: Add dependency for RESET_CONTROLLER (bsc#1012628). - bpf: Fix max stack depth check for async callbacks (bsc#1012628). - net: mvneta: fix txq_map in case of txq_number==1 (bsc#1012628). - net: dsa: felix: make vsc9959_tas_guard_bands_update() visible to ocelot->ops (bsc#1012628). - net: mscc: ocelot: fix oversize frame dropping for preemptible TCs (bsc#1012628). - net/sched: cls_fw: Fix improper refcount update leads to use-after-free (bsc#1012628). ... changelog too long, skipping 1825 lines ... - commit f6ca0bc ==== kmod ==== Subpackages: kmod-bash-completion libkmod2 - Use pkgconfig for kmod configuration. * Delete kmod-Add-config-command-to-show-compile-time-configu.patch * Add kmod-Add-pkgconfig-file-with-kmod-compile-time-confi.patch, Provide-fallback-for-successfully-running-make-modules_install.patch compat-module_directory-module_prefix.patch. - Refresh usr-lib-modprobe.patch, usr-lib-modules.patch. - Add configure-Detect-openssl-sm3-support.patch to fix build with older openssl without SM3 support. ==== lensfun ==== Version update (0.3.3 -> 0.3.4) Subpackages: lensfun-data liblensfun1 - Update to 0.3.4 Check https://github.com/lensfun/lensfun/releases/tag/v0.3.4 for the list of new cameras and lenses supported. * Port apps/setup.py from Python distutils * CMake: Numerous backports from master ==== lftp ==== - The lftp_wrapper script has been deprecated over 1.5 years ago. It's time to remove it from the package. [jsc#SLE-17861] - Dropped patches: * 0004-Include-config.h-to-detect-gnulib-macros.patch * add-deprecation-warning-to-lftp-wrapper.patch - Refreshed patches: * 0002-Add-content-of-lftp-compat-addfiles.patch.patch * 0005-Add-the-wrapper-code-to-the-Makefile-in-order-to-bui.patch * lftp-default-ssl-cipher.patch ==== libapparmor ==== - Add pam_apparmor README, referenced from online cha-apparmor-pam.html documentation (bsc#1213472) ==== libarchive ==== Version update (3.6.2 -> 3.7.0) - update to 3.7.0 * bsdunzip port from FreeBSD * fix 2 year 2038 issues ==== libgexiv2 ==== Version update (0.14.1 -> 0.14.2) - Update to version 0.14.2: + Make compatible with exiv2 0.28 or later. + Fix double free if creation of meta-data fails. + Fix floating point compare in tests. - Drop patches fixed upstream: + 06adc8fb70cb8c77c0cd364195d8251811106ef8.patch + fix-32bit-compat.patch ==== libnvme ==== Subpackages: libnvme-mi1 libnvme1 - Fix build with meson 1.2.0 ==== libqb ==== Version update (2.0.7+20230607.06c8641 -> 2.0.8+20230721.002171b) - Update to version 2.0.8+20230721.002171b (v2.0.8): - log: fix potential overflow with long log messages (gh#ClusterLabs/libqb#490) ==== libqt5-qtwebengine ==== - build with older re2 on Tumbleweed, the upcoming re2 2023-07-01 breaks qtwebengine ==== librsvg ==== Version update (2.56.1 -> 2.56.3) Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0 - Update to version 2.56.3: + This is a security release for bug glgo#GNOME/librsvg#996. - glgo#GNOME/librsvg#996: Fix arbitrary file read when href has special characters. - glgo#GNOME/librsvg#998: Fix cascade for symbol elements being referenced from use elements. ==== libshumate ==== Version update (1.0.4 -> 1.0.5) Subpackages: libshumate-1_0-1 typelib-1_0-Shumate-1_0 - Update to version 1.0.5: + Don't defer frame clock when widget is unrealized. ==== libva ==== Version update (2.18.0 -> 2.19.0) Subpackages: libva-drm2 libva-wayland2 libva-x11-2 libva2 - Update to 2.19.0: * add: Add mono_chrome to VAEncSequenceParameterBufferAV1 * add: Enable support for license acquisition of multiple protected playbacks * fix: use secure_getenv instead of getenv * trace: Improve and add VA trace log for AV1 encode * trace: Unify va log message, replace va_TracePrint with va_TraceMsg. ==== libva-gl ==== Version update (2.18.0 -> 2.19.0) - Update to 2.19.0: * add: Add mono_chrome to VAEncSequenceParameterBufferAV1 * add: Enable support for license acquisition of multiple protected playbacks * fix: use secure_getenv instead of getenv * trace: Improve and add VA trace log for AV1 encode * trace: Unify va log message, replace va_TracePrint with va_TraceMsg. ==== libvirt ==== Subpackages: libvirt-client libvirt-daemon-common libvirt-daemon-config-network libvirt-daemon-driver-interface libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lock libvirt-daemon-log libvirt-daemon-plugin-lockd libvirt-daemon-proxy libvirt-daemon-qemu libvirt-libs - CVE-2023-3750: storage: Fix returning of locked objects from 'virStoragePoolObjListSearch' bsc#1213447 ==== libxcrypt ==== Version update (4.4.35 -> 4.4.36) Subpackages: libcrypt1 libxcrypt-devel - Update to 4.4.36 * Fix left over bits failing with Perl v5.38.0 ==== libzypp ==== Version update (17.31.15 -> 17.31.17) - Fix wrong filesize exceeded dl abort in zyppng::Downloader (bsc#1213673) In some cases when downloading very small files we can run into issues when the URL is protected by credentials. - version 17.31.17 (22) - Fix negative ZYPP_LOCK_TIMEOUT not waiting forever (bsc#1213231) - NetworkRequestManager: assert cookie file has mode 0600 (bsc#1158763) - Don't cleanup orphaned dirs if read-only mode was promised (bsc#1210740) - version 17.31.16 (22) ==== lilv ==== - Actually package the __pycache__ that appears when building using meson 1.2.0. - Avoid __pycache__ directory with meson 1.2.0 ==== man ==== - Remove harden_man-db.service.patch as already done upstream at the end of the service file man-db.service - Add man-propose-online.patch: if patch was not found locally, propose to read it online, offering a URL where it could possibly be found. ==== mdadm ==== - mdadm.spec: replace transitional %usrmerged macro with regular version check (boo#1206798) ==== miniupnpc ==== Version update (2.2.4 -> 2.2.5) - update to 2.2.5: * GetListOfPortMappings NewStartPort 0 => 1 * CheckPinholeWorking is optional * add 60x errors from UPnP Device Architecture * cmake: install binaries, man pages and external-ip.sh - drop python2 support ==== mozilla-nss ==== Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs mozilla-nss-tools - Fix file conflict for pp manual page [bsc#1213281] ==== ncurses ==== Version update (6.4.20230701 -> 6.4.20230715) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20230715 + correct wadd_wch_literal() when adding a non-spacing character to a double-width character. + improve manual page for curs_util. + improve manual page for wadd_wch(). - Add ncurses patch 20230708 + add linux+kbs for terminals which imitate xterm's behavior with Linux -TD + modify MinGW driver to return KEY_BACKSPACE when an unmodified VK_BACK virtual key is entered (prompted by patch by Pavel Fedin, Savannah #64292). + disallow using $TERMINFO or $HOME/.terminfo when tic "-o" option is used (report by Sven Joachim, Debian #1040048). - Port the patch ncurses-6.4.dif ==== netcontrol ==== - Fix EOF handling in xml-reader to avoid `virsh iface-*` commands hang on aarch64 (bsc#1213349) [+ 0001-xml-reader-fix-xml_getc-and-xml_ungetc.patch, + 0002-xml-reader-allow-uppercase-for-lt-gt-and-amp-expansi.patch] ==== nftables ==== Version update (1.0.7 -> 1.0.8) Subpackages: libnftables1 python3-nftables - Update to release 1.0.8 * Support for setting meta and ct mark from other fields in rules, e.g. set meta mark to ip dscp header field. * Enhacements for -o/--optimize to deal with NAT statements, to compact masquerade statements. * Support for stateful statements in anonymous maps, such as counters. * Support for resetting stateful expressions in sets, maps and elements, e.g. counters. * broute support to short-circuit bridge logic from the bridge prerouting hook and pass up packets to the local IP stack. * JSON support for table and chain comments. - Added 0001-Revert-py-replace-distutils-with-setuptools.patch ==== nghttp2 ==== Version update (1.54.0 -> 1.55.1) - update to 1.55.1: * Fix memory leak This commit fixes memory leak that happens when PUSH_PROMISE or HEADERS frame cannot be sent, and nghttp2_on_stream_close_callback fails with a fatal error. For example, if GOAWAY frame has been received, a HEADERS frame that opens new stream cannot be sent. This issue has already been made public via CVE-2023-35945 by envoyproxy/envoy project. During embargo period, the patch to fix this bug was accidentally submitted to nghttp2/nghttp2 repository [2]. And they decided to disclose CVE early. I was notified just 1.5 hours before disclosure. I had no time to respond. PoC described in [1] is quite simple, but I think it is not enough to trigger this bug. While it is true that receiving GOAWAY prevents a client from opening new stream, and nghttp2 enters error handling branch, in order to cause the memory leak, nghttp2_session_close_stream function must return a fatal error. NGHTTP2_ERR_NOMEM, as its name suggests, indicates out of memory. It is unlikely that a process gets short of memory with this simple PoC scenario unless application does something memory heavy processing. * NGHTTP2_ERR_CALLBACK_FAILURE is returned from application defined callback function (nghttp2_on_stream_close_callback, in this case), which indicates something fatal happened inside a callback, and a connection must be closed immediately without any further action. As nghttp2_on_stream_close_error_callback documentation says, any error code other than 0 or NGHTTP2_ERR_CALLBACK_FAILURE is treated as fatal error code. More specifically, it is treated as if NGHTTP2_ERR_CALLBACK_FAILURE is returned. I guess that envoy returns NGHTTP2_ERR_CALLBACK_FAILURE or other error code which is translated into NGHTTP2_ERR_CALLBACK_FAILURE. https://github.com/envoyproxy/envoy/security/advisories/GHSA- jfxv-29pc-x22r ==== openssh ==== Version update (9.3p1 -> 9.3p2) Subpackages: openssh-clients openssh-common openssh-server - Update to openssh 9.3p2 (bsc#1213504, CVE-2023-38408): Security ======== Fix CVE-2023-38408 - a condition where specific libaries loaded via ssh-agent(1)'s PKCS#11 support could be abused to achieve remote code execution via a forwarded agent socket if the following conditions are met: * Exploitation requires the presence of specific libraries on the victim system. * Remote exploitation requires that the agent was forwarded to an attacker-controlled system. Exploitation can also be prevented by starting ssh-agent(1) with an empty PKCS#11/FIDO allowlist (ssh-agent -P '') or by configuring an allowlist that contains only specific provider libraries. This vulnerability was discovered and demonstrated to be exploitable by the Qualys Security Advisory team. In addition to removing the main precondition for exploitation, this release removes the ability for remote ssh-agent(1) clients to load PKCS#11 modules by default (see below). Potentially-incompatible changes - ------------------------------- * ssh-agent(8): the agent will now refuse requests to load PKCS#11 modules issued by remote clients by default. A flag has been added to restore the previous behaviour "-Oallow-remote-pkcs11". Note that ssh-agent(8) depends on the SSH client to identify requests that are remote. The OpenSSH >=8.9 ssh(1) client does this, but forwarding access to an agent socket using other tools may circumvent this restriction. ==== openssh-askpass-gnome ==== Version update (9.3p1 -> 9.3p2) - Update to openssh 9.3p2 * No changes for askpass, see main package changelog for details ==== openssl-1_1 ==== Subpackages: libopenssl1_1 - Security fix: [bsc#1213487, CVE-2023-3446] * Fix DH_check() excessive time with over sized modulus. * The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ("p" parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. A new limit has been added to DH_check of 32,768 bits. Supplying a key/parameters with a modulus over this size will simply cause DH_check() to fail. * Add openssl-CVE-2023-3446.patch openssl-CVE-2023-3446-test.patch ==== openssl-3 ==== Subpackages: libopenssl3 - Security fix: [bsc#1213487, CVE-2023-3446] * Fix DH_check() excessive time with over sized modulus. * The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ("p" parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. A new limit has been added to DH_check of 32,768 bits. Supplying a key/parameters with a modulus over this size will simply cause DH_check() to fail. * Add openssl-CVE-2023-3446.patch openssl-CVE-2023-3446-test.patch - Security fix: [bsc#1213383, CVE-2023-2975] * AES-SIV implementation ignores empty associated data entries * Add openssl-CVE-2023-2975.patch ==== ovmf ==== Version update (202302 -> 202305) Subpackages: qemu-uefi-aarch64 - Removed the following patches because they are not necessary and they blocked for submit to openSUSE:Factory. (bsc#1205978) ovmf-Revert-OvmfPkg-PlatformInitLib-Add-PlatformAddHobCB.patch ovmf-Revert-OvmfPkg-PlatformInitLib-Add-PlatformGetLowMem.patch ovmf-Revert-OvmfPkg-PlatformInitLib-Add-PlatformReservati.patch ovmf-Revert-OvmfPkg-PlatformInitLib-Add-PlatformScanE820-.patch ovmf-Revert-OvmfPkg-PlatformInitLib-reorder-PlatformQemuU.patch - Add openssl.keyring.README to shim.spec as Source113 to avoid erroe when submit to openSUSE:Factory - Enable support for riscv64 - Update to edk2-stable202305 (bsc#1205588) - Features (https://github.com/tianocore/edk2/releases) Expose IBT/BTI compatible runtime DXE drivers via memory attributes table Update toolchain support MdePkg: Support FDT library Add google mocks support to UnitTestFrameworkPkg GoogleTestLib Platform Redfish Host Interface library for USBNIC [OpenSSL] Update OpenSSL version to version 1.1.1t to include CVE fix Replace pre-standard FUNCTION with C99 func throughout edk2 Implement EFI memory attributes protocol for ARM platforms Add TraceHubLib Support - Patches (git log --oneline --date-order edk2-stable202302..edk2-stable202305): ba91d0292e MdeModulePkg/Core/Pei: set AprioriCount=0 before walking through next FV 5ce29ae84d ArmPkg/ArmMmuLib AARCH64: Add missing ISB after page table update c5cf7f69c9 pip-requirements.txt: Update edk2 pip modules 0abfb0be6c OvmfPkg: RiscVVirt: Add missing SerialPortInitialize to Sec 45da4e3135 MdePkg: add SBI-based SerialPortLib for RISC-V 2900e75511 MdePkg: BaseRiscVSbiLib: make more useful to consumers cafb4f3f36 UefiPayloadPkg: Fix boot shell issue for universal UEFI payload 80bc13db83 Maintainers.txt: Update reviewers and maintainers for FdtLib. d322557712 BaseTools/tools_def: Disable overzealous unused variable warning on Clang e2607d3a78 BaseTools/tools_def: Drop ref to undefined CLANGDWARF_ARM_PREFIX 0b37723186 ShellPkg/UefiShellDebug1CommandsLib: Replace hardcoded SMBIOS strings. 2d4c76f783 MdePkg/IndustryStandard: Add SMBIOS anchor string & length defines. c08a3a96fd MdePkg/IndustryStandard: Add IPMI Interface Capabilities definitions 083b029538 MdePkg: Add new PCDs for IPMI SSIF dea6c7dc2a MdePkg/IndustryStandard: Add definitions for IPMI SSIF 0a0e60caf2 Maintainers.txt: Update reviewers and maintainers for TraceHubDebugLib. 0f0422cedc MdeModulePkg: Add TraceHubDebugSysTLib library 3d50fdc5c6 MdePkg: Add NULL library of TraceHubDebugSysTLib c6bb7d54be MdePkg: Add MipiSysTLib library 782948c1a7 MdePkg: Add mipisyst submodule 6dd64168ed BaseTools/Plugin: Too many execute files cause "cmd too long" failure c6382ba0f2 SecurityPkg: Add missing break in Tpm2TestParms 77f75c7fb8 BaseTools: Update Tests/TestTools.py to allow it to work on Windows b9bbb4ae93 BaseTools: only print the environment once in toolsetup.bat dd246227d6 BaseTools: Update toolsetup.bat to not use BASETOOLS_PYTHON_SOURCE f47415e031 BaseTools: Revert Set the CLANGDWARF OBJCOPY path in tools_def.template 6fb2760dc8 OvmfPkg: drop PlatformBootManagerLibGrub 81dc0d8b4c OvmfPkg/AmdSev: stop using PlatformBootManagerLibGrub 63887e272d OvmfPkg/NvVarsFileLib: disable in case PcdBootRestrictToFirmware is set 41d7832db0 OvmfPkg/PlatformBootManagerLib: add PcdBootRestrictToFirmware e6447d2a08 Remove bashisms from edksetup.sh and BaseTools/BuildEnv 373a95532a BaseTools: Remove the CLANGCC build rule for Hii-Binary-Package.UEFI_HII ecbc394365 BaseTools: Set CLANGDWARF RC path to llvm-objcopy in tools_def.template 11f62f4cc0 BaseTools: Set the CLANGDWARF OBJCOPY path in tools_def.template c6f47e678f BaseTools: Remove BUILDRULEFAMILY from CLANGDWARF in tools_def.template 9165a7e95e CryptoPkg: Delete CLANG35 and CLANG38 build flags; add CLANGDWARF flags e97b9b4e5a MdePkg: Add more HobLib/PeiServicesLib gmock support 25c9d44315 MdeModulePkg: Add more PciHostBridgeLib gmock support bee67e0c14 OvmfPkg: Relax assertion that interrupts do not occur at TPL_HIGH_LEVEL ae0be176a8 OvmfPkg: Clarify invariants for NestedInterruptTplLib 5215cd5baf BaseTools: Update toolsetup.bat and Tests/PythonTest.py to check ver e6de6052a0 edksetup.bat: if toolsetup.bat fails, just exit 11ec5161fa BaseTools: use threading.current_thread in NmakeSubdirs.py db7e6291c0 BaseTools: Remove Python2/Python3 detection from toolset.bat 6eeb58ece3 RedfishPkg: Fix compile issue on Linux 665fca9ee7 RedfishPkg: Add missing newline character a1f6485a9b RedfishPkg: Create RestEx child on selected interface 05762bd2e0 RedfishPkg: Fix condition checking of error status c580e27efc RedfishPkg: Correct variable type to prevent memory corruption d89492456f Securitypkg/hddpassword: Update HddPasswordDxeInit to use Variable Policy 8dbf868e02 Add volatile keyword to NvmExpressPei's Passthru CQ 293b97d0c4 Add the volatile keyword to NvmExpressDxe's Passthru CQ 4dea9e4a0e BaseTools/Conf: Add quotes to ADDDEBUGFLAG in tools_def.txt 8e985ac3fd BaseTools/Conf: Align CLANGDWARF and CLANGPDB warning overrides 66494e5324 MdeModulePkg/CapsuleApp: Add EFIAPI to CompareFileNameInAlphabet() eabaeb0613 OvmfPkg: move OvmfTpmDxe.fdf.inc to Include/Fdf 8bca1bb977 OvmfPkg: move OvmfTpmPei.fdf.inc to Include/Fdf b65c0eed6b BaseSynchronizationLib: Fix LoongArch64 synchronization functions 757f502a3b BaseTools/Conf/tools_def.template: Bump VERSION to 3.00 050d6e9434 BaseTools: Delete CLANG38 from tools_def.template 128547b081 BaseTools: Remove CLANG35 toolchain from tools_def.template 4ef4b81c9b BaseTools: As with CLANGDWARF IA32 and X64, use lld for ARM and AARCH64 98edce75fa BaseTools: Add ARM and AARCH64 CLANGDWARF support in tools_def.template 0fc07b1c6a BaseTools/Conf/tools_def.template: Add section for deprecated toolchains 01225075db Add GCC and GCCNOLTO toolchains to tools_def.txt and update packages 66803cafcf BaseTools: Update VS toolchain descriptions in tools_def.txt.template d7c6030a47 BaseTools: Remove EBC (EFI Byte Code) compiler definitions 8b441847e3 BaseTools: Remove unused IPHONE_TOOLS and SOURCERY_CYGWIN_TOOLS defs ba634ce82b edksetup.bat: Remove VS2008-VS2013 remnants c844d86bee MdePkg: Remove VS2008-VS2013 remnants c3ac3301e9 BaseTools: Remove VS2008-VS2013 remnants 0363584ac9 BaseTools: Remove VS2008, 2010, 2012 and 2013 toolchain definitions 94c802e108 MdePkg/BasePeCoffLib: Deal with broken debug directories ff7cb2d7c9 .pytool: Support FDT library. 5d586606c7 MdePkg: Support FDT library. 10416bf46e Tianocore: Support FDT library. d992a05ade Maintainers.txt: Update for IntelFsp2Pkg and IntelFsp2WrapperPkg. ... changelog too long, skipping 312 lines ... issue be fixed. ==== perl-File-Listing ==== Version update (6.15 -> 6.160.0) - updated to 6.16 see /usr/share/doc/packages/perl-File-Listing/Changes 6.16 2023-07-12 15:22:25 -0600 - Support dosftp listings with four-digit years (gh#3, gh#26) ==== perl-XML-LibXML ==== Version update (2.0208 -> 2.0209) - Added versions to 'Provides' lines after fixing a bug in cpanspec - updated to 2.0209 see /usr/share/doc/packages/perl-XML-LibXML/Changes 2.0209 2023-07-15 - t/35huge_mode.t: fix test with libxml2 2.11 - thanks to Dominique Martinet - Add clearer reference to using cloneNode to extract node with namespaces - thanks to Timothy Legge - initialize xmlValidCtxt - thanks to Alexander Bluhm ==== perl-libwww-perl ==== Version update (6.71 -> 6.720.0) - updated to 6.72 see /usr/share/doc/packages/perl-libwww-perl/Changes 6.72 2023-07-17 22:01:19Z - Don't mangle protocol scheme and don't require it to be valid if implementor is already known (GH#436) (mwgamera) ==== php8 ==== Version update (8.2.7 -> 8.2.8) Subpackages: php8-cli php8-ctype php8-dom php8-gd php8-gettext php8-iconv php8-mbstring php8-mysql php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter - version update to 8.2.8 * This is a bug fix release. * https://www.php.net/ChangeLog-8.php#8.2.8 - modified patches % php-sort-filelist-phar.patch (refreshed) ==== pipewire ==== Version update (0.3.74 -> 0.3.76) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Update to version 0.3.76: * Highlights - Fix a regression that would cause the MPV pipewire backend to fail because of a spurious thread-loop signal. - Fix a crash when DBus is not found. - ALSA hires timestamps are now disabled by default. - Some more fixes and improvements. * PipeWire - A new option was added to pw-thread-loop to signal when the thread starts. - This is only used in module-rt to avoid regressions in mpv. (#3374) - Fix a compilation problem. - Stream flags now only set the properties when not already set. This fixes a regression with node autoconnect. (#3382) * Tools - pw-cat will now stop when the stream is disconnected. (#2731) - Improve the pw-cat man page, mention that stdin/stdout handling is only on raw data. * modules - module-rt will now not crash when dbus is not available but error out as before. - A new VBAN (vb-audio.com) sender and receiver was added. (#3380) * SPA - Add an option in audioconvert to disable volume updates. (#3361) - ALSA hires timestamps are disabled by default because many drivers seem to give wrong timestamps and cause extra delay. * bluetooth - LE Audio support is now enabled by default when liblc3 is available now that bluez has support for detecting the hardware features. - Add code in the spec file to modify the patch file reduce-meson-dependency.patch (used to build in SLE/Leap) so that we don't need to rebase it manually for every version update. - Use gcc 11 in SLE/Leap since gcc 9 fails to build 0.3.75 with ../spa/include/spa/utils/cleanup.h:52:13: error: dereferencing pointer to incomplete type âDIRâ {aka âstruct __dirstreamâ} 52 | __typeof__(*(ptr)) *_old_value = spa_steal_ptr(ptr); \ - Update to version 0.3.75: * Highlights - Link permissions between nodes are now enforced. This avoids potential portal managed screencast nodes to link to the camera even though it was not assigned permissions to do so by the session manager (boo#1213682). - Libcamera and v4l2 devices now have properties so that duplicates can be filtered out by the session manager. - A bug with draining was fixed where a buffer would be marked EMPTY and would not play when it contained drained samples. - Many fixes and improvements. * PipeWire - Permissions for links between nodes are now enforced. The link will now check that the owner clients of the nodes can see each other before allowing the link. This avoids screensharing clients to accidentally being linked to the camera nodes by the session manager. A side effect is that patchbay tools will no longer be able to link portal managed screencast nodes to the camera, for this we need a new permission for those patchbay clients. - The stream.rules/filter.rules are now evaluated when connecting the stream/filter so that more properties can be matched. - Move some internal events from the context to the nodes to better handle per-node threads in the future. - The thread-loop will now signal when the thread is started. * modules - A timestamp workaround in module-raop was reverted because it does not work in all cases. Instead latency was increased to 1.5 seconds, which also makes the problematic device in question work. - The profiler module was reworked a bit to use the new node realtime events. It should now also handle dynamically added and removed drivers. - The module-rt now does the rtkit calls from a separate thread so that it does not block the main thread. This could cause deadlocks during startup in some cases. * SPA - Atomic operation macros were move from internal pipewire API to public API. - The video-info structure now has a new SPA_VIDEO_FLAG_MODIFIER_FIXATION_REQUIRED flag to instruct the application to fixate the modifiers. This simplifies some logic in applications a lot. - The libcamera and v4l2 nodes now have properties to enumerate the device id they are using. This can be used to match v4l2 devices and libcamera devices and filter out duplicates. - A bug with draining was fixed where a buffer would be marked EMPTY and would not ==== publicsuffix ==== Version update (20230709 -> 20230717) - Update to version 20230717: * Domains are removed `hidora.com`, `users.scale.virtualcloud.com.br`, `clicketcloud.com` (#1598) * Add storipress.app (#1583) ==== python-SQLAlchemy ==== Version update (2.0.16 -> 2.0.19) - update to 2.0.19: * Various bugfixes, see https://docs.sqlalchemy.org/en/20/changelog/changelog_20.html#change-2.0.19 ==== python-mysqlclient ==== - Drop sphinx doctrees for reproducible builds ==== python-py ==== - Skip tests failing with pytest 7.4, they don't matter * failure comes from py.core, which has low usage * https://github.com/pytest-dev/py/issues/288 * according to that this code is not used in Tumbleweed anyway ==== python-pycairo ==== Version update (1.23.0 -> 1.24.0) - update to 1.24.0: * Dropped Python 3.7 support * Bumped meson version requirement from 0.53.0 to 0.56.0 * Various cairo dependency updates for the Windows wheel build * Various code cleanups :pr:`306` * Added Python 3.12 Windows wheels ==== python-pygit2 ==== Version update (1.11.1 -> 1.12.2) - Update to version 1.12.2: + Update wheels to bundle libssh2 1.11.0 and OpenSSL 3.0.9. Remove obsolete Remote.save(). - Changes from version 1.12.1: + Fix segfault in signature when encoding is incorrect. + Typing improvements. + Update wheels to libgit2 v1.6.4. - Changes from version 1.12.0: + Upgrade to libgit2 v1.6.3. + Update Linux wheels to bundle OpenSSL 3.0.8. + Downgrade Linux wheels to manylinux2014. + New ConflictCollection.__contains__.1 + New Repository.references.iterator(...). + New favor, flags and file_flags optional arguments for Repository.merge(...). + New keep_all and paths optional arguments for Repository.stash(...). + New Respository.state(). + Improve Repository.write_archive(...) performance. + Sync type annotations. - Drop support-libgit2-1.6.patch: fixed upstream. - Add support-libgit2-1.7.patch: support libgit2 1.7.0. ==== python-reportlab ==== - Add %{?sle15_python_module_pythons} ==== python-rich ==== - %{?sle15_python_module_pythons} mut be at beginning to work. ==== python-urllib3 ==== Version update (2.0.3 -> 2.0.4) - update to 2.0.4: * Added support for union operators to ``HTTPHeaderDict`` * Added ``BaseHTTPResponse`` to ``urllib3.__all__`` (`#3078 * Fixed ``urllib3.connection.HTTPConnection`` to raise the ``http.client.connect`` audit event to have the same behavior as the standard library HTTP client * Relied on the standard library for checking hostnames in supported PyPy releases ==== python-zope.event ==== - Drop sphinx doctrees for reproducible builds ==== python-zope.hookable ==== - Drop sphinx doctrees for reproducible builds ==== python-zope.i18nmessageid ==== - Drop sphinx doctrees for reproducible builds ==== qalculate ==== Version update (4.6.1 -> 4.7.0) Subpackages: libqalculate22 qalculate-data - version update to 4.7.0 * Support for custom default angle unit, e.g. turn, arcsec, arcmin * Append default angle unit (instead of always radians) when converting value without unit to angle unit * More consistent addition and removal of angle unit from function arguments * Always interpret ./, .*, and .^ as entrywise operators if user intention is unclear * Change order of operations to place entrywise and ordinary operators on the same precedence level * Add function, kron(), for Kronecker product, and constants for Pauli matrices * Add radius to planets dataset and update other properties * Support replacement of unknown variables within variable values * Fix besselj(0, 0) * Fix incomplete calculation in tan() with try exact approximation * Fix 0/0=0 equality (do not return true) and output of 2/0 (and similar) * Fixes and improvements for newtonsolve() and secantsolve() * Fix segfault when MathStructure is deleted after Calculator, and in destructor of calculated DynamicVariable (called from Calculator destructor) * Do not save mode on exit if "-defaults" command line switch where used (CLI) * Allow multiple actions for keyboard shortcuts (GTK, Qt) * Add toggle precision, and min, max, or min and max decimals to available shortcut and button actions (GTK, Qt) * Add option to exclude units for unformatted ASCII copy (GTK, Qt) * Add optional value to copy result action, allowing expression copy and formatting selection (GTK, Qt) * Fix copy unformatted ASCII when local digit group separator is same as selected decimal separator (GTK, Qt) * Add option to automatically copy result (Qt) * Always set (primary) selection clipboard contents when whole expression is selected or selection is cleared, e.g. after calculation (Qt) * Improve support dark mode and high contrast modes, and change default style to Fusion, on Windows (Qt) * Minor bug fixes and feature enhancements ==== qca-qt5 ==== Version update (2.3.6 -> 2.3.7) Subpackages: libqca-qt5-2 qca-qt5-plugins - Update to 2.3.7 * OpenSSL3: don't quit if legacy provider is unavailable ==== qemu ==== Subpackages: qemu-arm qemu-audio-spice qemu-block-curl qemu-block-nfs qemu-block-rbd qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-host qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-img qemu-ipxe qemu-ksm qemu-pr-helper qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios - Fix bsc#1179993, bsc#1181740, bsc#1213001 - Patches added: * hw/ide/piix: properly initialize the BMIBA register * ui/vnc-clipboard: fix infinite loop in inflate_buffer (CVE-2023-3255) ==== qt6-base ==== Version update (6.5.1 -> 6.5.2) Subpackages: libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6Sql6 libQt6Test6 libQt6Widgets6 qt6-network-tls qt6-platformtheme-gtk3 - Use a mirror to download sources for all Qt packages. Upstream servers are very slow since a couple weeks. - Update to 6.5.2 * https://www.qt.io/blog/qt-6.5.2-released-1 - Drop patches, merged upstream: * 0001-Schannel-Reject-certificate-not-signed-by-a-configur.patch * 0001-Ssl-Copy-the-on-demand-cert-loading-bool-from-defaul.patch * 0001-tabbar-fix.patch - Add patch: * CVE-2023-38197-qtbase-6.5.diff (boo#1213326, CVE-2023-38197) ==== qt6-declarative ==== Version update (6.5.1 -> 6.5.2) Subpackages: libQt6LabsAnimation6 libQt6LabsFolderListModel6 libQt6LabsQmlModels6 libQt6LabsSettings6 libQt6LabsSharedImage6 libQt6LabsWavefrontMesh6 libQt6Qml6 libQt6QmlCore6 libQt6QmlLocalStorage6 libQt6QmlModels6 libQt6QmlWorkerScript6 libQt6QmlXmlListModel6 libQt6Quick6 libQt6QuickControls2-6 libQt6QuickControls2Impl6 libQt6QuickDialogs2-6 libQt6QuickDialogs2QuickImpl6 libQt6QuickDialogs2Utils6 libQt6QuickEffects6 libQt6QuickLayouts6 libQt6QuickParticles6 libQt6QuickShapes6 libQt6QuickTemplates2-6 libQt6QuickTest6 qt6-declarative-imports - Update to 6.5.2 * https://www.qt.io/blog/qt-6.5.2-released-1 ==== qt6-imageformats ==== Version update (6.5.1 -> 6.5.2) - Update to 6.5.2 * https://www.qt.io/blog/qt-6.5.2-released-1 ==== qt6-translations ==== Version update (6.5.1 -> 6.5.2) - Update to 6.5.2 * https://www.qt.io/blog/qt-6.5.2-released-1 ==== qt6-wayland ==== Version update (6.5.1 -> 6.5.2) Subpackages: libQt6WaylandClient6 libQt6WaylandCompositor6 libQt6WaylandEglClientHwIntegration6 libQt6WaylandEglCompositorHwIntegration6 libQt6WlShellIntegration6 - Update to 6.5.2 * https://www.qt.io/blog/qt-6.5.2-released-1 ==== raspberrypi-firmware-dt ==== - Update 0001-ARM-dts-bcm27xx-Use-better-name-for-spidev.patch description - Use compatible string which is supported by spidev module (bsc#1212791): * 0001-ARM-dts-bcm27xx-Use-better-name-for-spidev.patch ==== rdma-core ==== Version update (45.0 -> 47.0) Subpackages: libefa1 libibverbs libibverbs1 libmana1 libmlx4-1 libmlx5-1 librdmacm1 rdma-ndd - Update to v47.0 - Fixes for all providers ==== re2-10 ==== - legacy lib package forked from re2, for libqt5-qtwebengine ==== rsync ==== - Add support directory to %docdir. Includes some upstream provided scripts such as rrsync. (bsc#1212198) ==== rubygem-rack-2.2 ==== Version update (2.2.7 -> 2.2.8) - update to version 2.2.8 * Limit file extension length of multipart tempfiles (https://github.com/rack/rack/pull/2069) * Fix inefficient assert pattern in Rack::Lint (https://github.com/rack/rack/pull/2101) ==== samba ==== Version update (4.18.3+git.303.c08b73d523c -> 4.18.5+git.313.c8e274c7852) Subpackages: libsamba-policy0-python3 samba-ad-dc-libs samba-client samba-client-libs samba-gpupdate samba-ldb-ldap samba-libs samba-libs-python3 samba-python3 samba-winbind samba-winbind-libs - Update to 4.18.5 * CVE-2022-2127: lm_resp_len not checked properly in winbindd_pam_auth_crap_send; (bso#15072); (bsc#1213174). * CVE-2023-34966: Samba Spotlight mdssvc RPC Request Infinite Loop Denial-of-Service Vulnerability; (bso#15340); (bsc#1213173). * CVE-2023-34967: Samba Spotlight mdssvc RPC Request Type Confusion Denial-of-Service Vulnerability; (bso#15341); (bsc#1213172). * CVE-2023-34968: Spotlight server-side Share Path Disclosure; (bso#15388); (bsc#1213171). * CVE-2023-3347: Samba doesn't require SMB2+ signing if `server signing = mandatory` is set; (bso#15397); (bsc#1213170). * secure channel faulty since Windows 10/11 update 07/2023; (bso#15418); (bsc#1213384). - Update to 4.18.4 * Backport --pidl-developer fixes; (bso#15404). * Named crashes on DLZ zone update; (bso#14030). * smbcacls and smbcquotas do not check // before the server; (bso#2312). * cli_list loops 100% CPU against pre-lanman2 servers; (bso#15382). * smbclient leaks fds with showacls; (bso#15391). * smbd returns NOT_FOUND when creating files on a r/o filesystem; (bso#15402). * NSS_WRAPPER_HOSTNAME doesn't match NSS_WRAPPER_HOSTS entry and causes test timeouts; (bso#15355). * net ads lookup (with unspecified realm) fails; (bso#15384). * Register Samba processes with GPFS; (bso#15381). * Python tarfile extraction needs change to avoid a warning (CVE-2007-4559 mitigation); (bso#15390). * The winbind child segfaults when listing users with `winbind scan trusted domains = yes`; (bso#15398). * Remove comments about deprecated 'write cache size'; (bso#15383). * smbget memory leak if failed to download files recursively; (bso#15403). ==== sdbootutil ==== Version update (1+git20230717.dac075e -> 1+git20230727.a0e666f) Subpackages: sdbootutil-snapper - Update to version 1+git20230727.a0e666f: * Set and honor $SYSTEMD_ESP_PATH * rpm-script: don't remove kernel on reinstalls - Update to version 1+git20230726.a994d2e: * Fix installing extra kernels in MicroOS * Replace file triggers with scriptlet * Fix cleanup of rollback files * Don't install unchanged files * Add is-bootable and list-kernels commands * Add ARCHITECTURE.md which explains how the setup works * Add default loader config when installed ==== selinux-policy ==== Version update (20230622 -> 20230728) Subpackages: selinux-policy-targeted - Update to version 20230728: * Allow kdump_t to manage symlinks under kdump_var_lib_t (bsc#1213721) * allow haveged to manage tmpfs directories (bsc#1213594) ==== shotwell ==== Version update (0.32.1 -> 0.32.2) - Update to version 0.32.2: + Fix using wrong data folder when starting profile through browser + Fix sendto in flatpak environment + Support HEIF files with HIF extension + Fix meta-data being written in a loop + Fix detecting false mtime changes + Fix broken aspect ratio of thumbnail when using external editors + Fix critical when exporting file with no exposure date + Fix minor leak in Flickr and Google authenticators + Enable C&P of paths in profile editor + Updated translations. ==== sudo ==== Version update (1.9.13p3 -> 1.9.14p1) Subpackages: sudo-plugin-python - Update to 1.9.14p1: * Fixed an invalid free bug in sudo_logsrvd that was introduced in version 1.9.14 which could cause sudo_logsrvd to crash. * The sudoers plugin no longer tries to send the terminal name to the log server when no terminal is present. This bug was introduced in version 1.9.14. * Fixed a bug where if the "intercept" or "log_subcmds" sudoers option was enabled and a sub-command was run where the first entry of the argument vector didn't match the command being run. This resulted in commands like "sudo su -" being killed due to the mismatch. Bug #1050. * The sudoers plugin now canonicalizes command path names before matching (where possible). This fixes a bug where sudo could execute the wrong path if there are multiple symbolic links with the same target and the same base name in sudoers that a user is allowed to run. GitHub issue #228. * Improved command matching when a chroot is specified in sudoers. The sudoers plugin will now change the root directory id needed before performing command matching. Previously, the root directory was simply prepended to the path that was being processed. * When NETGROUP_BASE is set in the ldap.conf file, sudo will now perform its own netgroup lookups of the host name instead of using the system innetgr(3) function. This guarantees that user and host netgroup lookups are performed using the same LDAP server (or servers). * Fixed a bug introduced in sudo 1.9.13 that resulted in a missing " ; " separator between environment variables and the command in log entries. * The visudo utility now displays a warning when it ignores a file in an include dir such as /etc/sudoers.d. * When running a command in a pseudo-terminal, sudo will initialize the terminal settings even if it is the background process. Previously, sudo only initialized the pseudo-terminal when running in the foreground. This fixes an issue where a program that checks the window size would read the wrong value when sudo was running in the background. * Fixed a bug where only the first two digits of the TSID field being was logged. Bug #1046. * The "log_pty" sudoers option is now enabled by default. To restore the historic behavior where a command is run in the user's terminal, add "Defaults !use_pty" to the sudoers file. GitHub issue #258. * Sudo's "-b" option now works when the command is run in a pseudo-terminal. * When disabling core dumps, sudo now only modifies the soft limit and leaves the hard limit as-is. This avoids problems on Linux when sudo does not have CAP_SYS_RESOURCE, which may be the case when run inside a container. GitHub issue #42. * Sudo configuration file paths have been converted to colon-separated lists of paths. This makes it possible to have configuration files on a read-only file system while still allowing for local modifications in a different (writable) directory. The new - -enable-adminconf configure option can be used to specify a directory that is searched for configuration files in preference to the sysconfdir (which is usually /etc). * The "intercept_verify" sudoers option is now only applied when the "intercept" option is set in sudoers. Previously, it was also applied when "log_subcmds" was enabled. * The NETGROUP_QUERY ldap.conf parameter can now be disabled for LDAP servers that do not support querying the nisNetgroup object by its nisNetgroupTriple attribute, while still allowing sudo to query the LDAP server directly to determine netgroup membership. * Fixed a long-standing bug where a sudoers rule without an explicit runas list allowed the user to run a command as root and any group instead of just one of the groups that root is a member of. For example, a rule such as "myuser ALL = ALL" would permit "sudo -u root -g othergroup" even if root did not belong to "othergroup". * Fixed a bug where a sudoers rule with an explicit runas list allowed a user to run sudo commands as themselves. For example, a rule such as "myuser ALL = (root) ALL", "myuser" should only allow commands to be run as root (optionally using one of root's groups). However, the rule also allowed the user to run "sudo -u myuser -g myuser command". * Fixed a bug that prevented the user from specifying a group on the command line via "sudo -g" if the rule's Runas_Spec contained a Runas_Alias. * Sudo now requires a C compiler that conforms to ISO C99 or higher to build. ==== systemd ==== Subpackages: libsystemd0 libudev1 systemd-boot systemd-container systemd-coredump udev - Drop 0003-strip-the-domain-part-from-etc-hostname-when-setting.patch /etc/hostname is supposed to contain the static host name of the system. This patch was used to work around cases where users incorrectly save the FQDN instead. However this is incorrect and not consistent with what systemd-hostnamed does and what other distributions do. Also assuming that /etc/hostname will contain the system host name only removes any ambiguities since the host name can contain a period. /etc/hosts is usually where one sets the domain name by aliasing the host name to the FQDN. Note that the installer used to save the FQDN in /etc/hostname but this has been fixed since several years now (bsc#972463). - systemd-homed is no more considered as experimental It's been moved to its own dedicated sub-package "systemd-homed". - systemd-userdb is no more considered as experimental (jsc#PED-2668) As such it's been moved to the main package. ==== sysuser-tools ==== Version update (3.1 -> 3.2) - Version 3.2 - update sysusers_requires to request sysuser-shadow 3.2 - Use TAB consistently for indention in sysusers2shadow.sh - This pkg needs to follow behavior which is described in sysusers.d(5). Always create a system group of the same name as the system user, even if the user already exists. (bsc#1205161, bsc#1207778, bsc#1213240) - Add "quilt setup" friendly hint to %sysusers_requires usage It is not required to have sysuser-tools installed when working with a pkg source which uses sysuser-tools at build time. ==== tar ==== Subpackages: tar-rmt - Update tests-skip-time01-on-32bit-time_t.patch to not run test on armv6 either ==== texlive-specs-n ==== Version update (2023.201.2.005svn65956 -> 2023.209.2.005svn65956) - Rework lua(meta)tex/context resource findings - Add requirement in invoice2 for siunitx as shown upstream - Add patch context_shell-escape.dif * Add upstream fix for enabling --socket and --shell-escape - Drop gracht.mp, detcow.mp, and mycow.mp from context.doc as only given with CC-BY-NC-SA-3.0, a non-commercial license ==== tpm2-0-tss ==== Subpackages: libtss2-esys0 libtss2-mu0 libtss2-rc0 libtss2-sys1 libtss2-tctildr0 - Require openssl-3 over openssl-1 to assist migration of applications to newer openssl-3. ==== update-alternatives ==== Version update (1.21.8 -> 1.21.22) - openssl.patch: use openssl library for MD5 calculation instead of relying on libmd. libmd is not in Ring0 - require Perl 5.28.1 or later ==== util-linux ==== Version update (2.39 -> 2.39.1) Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 - Re-add 0001-Revert-libblkid-try-LUKS2-first-when-probing.patch because the patch is not in 2.39.1 - Upgrade to version 2.39.1 (bsc#1213328) Various bug fixes including problem with parsing mount options. - Dropped upstreamed patches: 0001-Revert-libblkid-try-LUKS2-first-when-probing.patch 0001-libmount-fix-sync-options-between-context-and-fs-str.patch util-linux-fix-tests-with-64k-pagesize.patch ==== util-linux-systemd ==== Version update (2.39 -> 2.39.1) - Re-add 0001-Revert-libblkid-try-LUKS2-first-when-probing.patch because the patch is not in 2.39.1 - Upgrade to version 2.39.1 (bsc#1213328) Various bug fixes including problem with parsing mount options. - Dropped upstreamed patches: 0001-Revert-libblkid-try-LUKS2-first-when-probing.patch 0001-libmount-fix-sync-options-between-context-and-fs-str.patch util-linux-fix-tests-with-64k-pagesize.patch ==== vala-panel-appmenu ==== Subpackages: appmenu-gtk-module-common appmenu-gtk2-module appmenu-gtk3-module libappmenu-gtk2-parser0 libappmenu-gtk3-parser0 - Fix systemd_user_post macro use. - Spec clean-up. ==== vlc ==== Subpackages: libvlc5 libvlccore9 vlc-codec-gstreamer vlc-lang vlc-noX vlc-qt vlc-vdpau - Update specfile to prevent building with libplacebo v6.292.0 or newer ==== webkit2gtk3 ==== Version update (2.40.3 -> 2.40.4) Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Update to version 2.40.4: + Fix a bug in JavaScript reading variable arguments in a call. ==== webkit2gtk3-soup2 ==== Version update (2.40.3 -> 2.40.4) Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles - Update to version 2.40.4: + Fix a bug in JavaScript reading variable arguments in a call. ==== wireless-regdb ==== Version update (20230601 -> 20230721) - Update to version 20230721: * wireless-regdb: Update regulatory info for TÃ¼rkiye (TR) * wireless-regdb: Update regulatory rules for Egypt (EG) from March 2022 guidelines ==== xfsprogs ==== Version update (6.3.0 -> 6.4.0) Subpackages: libhandle1 - update to 6.4.0: - xfs_db: expose the flag in rmapbt keys - xfs_repair: warn about unwritten bits set in rmap btree keys - xfs_repair: check low keys of rmap btrees - xfs_repair: always perform extended xattr checks on uncertain inodes - xfs_repair: fix messaging when fixing imap due to sparse cluster - xfs_repair: fix messaging in longform_dir2_entry_check_data - xfs_repair: fix messaging when shortform_dir2_junk is called - xfs_repair: don't log inode problems without printing resolution - xfs_repair: don't spray correcting imap all by itself - libxcmd: Fix crash due to missing return value check on add_command() - xfs_db: make the hash command print the dirent hash - xfs_db: Add new cmd to create dirents and xattrs that induce dahash collisions - mkfs: deprecate the ascii-ci feature - xfs_db: fix metadump name obfuscation for ascii-ci filesystems - libxfs: kernel sync ==== yast2-firstboot ==== Version update (4.6.0 -> 4.6.1) - Adapt users client to the changes in yast2-users (related to bsc#1206627). - 4.6.1 - Removed unnecessary executable flag from several files (bsc#1209094) ==== yast2-trans ==== Version update (84.87.20230714.966688ddd0 -> 84.87.20230729.64eca7e0a1) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sr yast2-trans-sv yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20230729.64eca7e0a1: * Translated using Weblate (Kurdish) * Translated using Weblate (Czech) - Update to version 84.87.20230720.09601d9b28: * Translated using Weblate (English (United Kingdom)) * Translated using Weblate (English (United Kingdom)) * Translated using Weblate (Russian) ==== yast2-users ==== Version update (4.6.2 -> 4.6.4) - bsc#1211583 - do not pre-fill non-sense user password when going back after importing user - 4.6.4 - Allow to edit the NIS master server databases instead of the local ones, relying on the --prefix argument added to several commands in the "shadow" package (bsc#1206627). - 4.6.3 ==== zlib-ng-compat ==== - Fix build on riscv64 - Build with %{optflags} ==== zypper ==== Version update (1.14.61 -> 1.14.62) Subpackages: zypper-log zypper-needs-restarting - man: revised explanation of --force-resolution (bsc#1213557) Point out that the option not only allows to remove packages but may also violate any other active policy if there is no other way to resolve the job. - Print summary hint if policies were violated due to - -force-resolution (bsc#1213557) - BuildRequires: libzypp-devel >= 17.31.16 (for zypp-tui) - version 1.14.62

1 0

New Arm Tumbleweed snapshot 20230719 released!
by Guillaume Gardet 25 Jul '23

25 Jul '23

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: 7zip autofs cheese (44.0.1 -> 44.1) colord dracut (059+suse.447.g9d1fc722 -> 059+suse.476.g5e324584) exiv2 freetype2 (2.13.0 -> 2.13.1) fuse3 (3.15.0 -> 3.15.1) harfbuzz (7.3.0 -> 8.0.1) kmod krb5 (1.20.1 -> 1.21.1) libX11 (1.8.5 -> 1.8.6) libgudev (237 -> 238) libstorage-ng (4.5.123 -> 4.5.127) libwebp (1.3.0 -> 1.3.1) libyajl mosh openexr (3.1.7 -> 3.1.9) pentobi (23.0 -> 23.1) pipewire (0.3.72 -> 0.3.74) poppler (23.06.0 -> 23.07.0) poppler-qt5 (23.06.0 -> 23.07.0) python-charset-normalizer (3.1.0 -> 3.2.0) python-importlib-metadata (6.6.0 -> 6.8.0) python-lxml qemu (8.0.2 -> 8.0.3) rsyslog (8.2212.0 -> 8.2306.0) setools smartmontools systemd (253.5 -> 253.7) systemd-presets-branding-openSUSE taglib (1.13 -> 1.13.1) xkeyboard-config (2.38 -> 2.39) xterm (382 -> 384) yast2-trans (84.87.20230708.d1de37aed1 -> 84.87.20230714.966688ddd0) zimg (3.0.4 -> 3.0.5) zlib-ng-compat (2.1.2 -> 2.1.3) === Details === ==== 7zip ==== - Enable ARM64 ASM introduced in 23.01 ==== autofs ==== - Add autofs-suse-manpage-remove-initdir.patch Removes references of initdir from man pages (bsc#1207881) ==== cheese ==== Version update (44.0.1 -> 44.1) Subpackages: libcheese-common libcheese-gtk25 libcheese8 typelib-1_0-Cheese-3_0 - Update to version 44.1: + Update AppStream metadata. + Updated translations. ==== colord ==== Subpackages: colord-color-profiles libcolord2 libcolorhug2 - Tune _constraints for various architectures. ==== dracut ==== Version update (059+suse.447.g9d1fc722 -> 059+suse.476.g5e324584) - Update to version 059+suse.476.g5e324584: This is the 2nd backport of the most important fixes and features from the upstream master branch, while the release date of version 060 is still undefined. Features: * feat(network-wicked): remove module * feat(systemd-rfkill): remove module * feat(livenet): add memory size check depending on live image size * feat(nvmf): add code for parsing the NBFT Fixes: * fix(systemd-sysext): handle confexts and correct extensions search path * fix(modsign): load keys to correct keyring * fix(dmsquash-live-autooverlay): specify filesystemtype when it is already known * fix(fs-lib): remove quoting form the first argument of the e2fsck call * fix(Makefile): remove leftover rpm build rules * fix(Makefile): no longer upload to kernel.org * fix(nvmf): support /etc/nvme/config.json * fix(nvmf): install 8021q module unconditionally * fix(install.d): respect even more kernel-install vars, plus style fixes * fix(install.d): respect more kernel-install env variables * fix(dracut.sh): also prevent fsfreeze for tmpfs * fix(dmsquash-live): allow other fstypes * fix(bluetooth): make bluetooth rules more strict * fix(bluetooth): add missing files * fix(bluetooth): include it if Appearance matches the value assigned for keyboard * fix(btrfs): do not require module via cmdline when --no-kernel * fix(btrfs): add missing cmdline function Other: * refactor(dracut-init.sh): remove redundant "dracut" from "dracut module" prints * refactor(virtiofs): remove exit after die * build: remove rpm spec file and build rules * docs: remove rd.lvm.snapsize and rd.lvm.snapshot * chore(gentoo.conf): remove examples to avoid confusion * chore: remove git2spec.pl, it is no longer used ==== exiv2 ==== - add exiv2-metadata-null-checks.patch fixes gwenview crashes and other apps https://github.com/Exiv2/exiv2/issues/2638 ==== freetype2 ==== Version update (2.13.0 -> 2.13.1) - update to 2.13.1: * New function `FT_Get_Default_Named_Instance` to get the index of the default named instance of an OpenType Variation Font. A new load flag `FT_LOAD_NO_SVG` to make FreeType ignore glyphs in an 'SVG ' table. * New function `FT_GlyphSlot_AdjustWeight` to adjust the glyph weight either horizontally or vertically. This is part of the `ftsynth.h` header file * TrueType interpreter version 38 (also known as 'Infinality') has been deactivated; the value of `TT_INTERPRETER_VERSION_38` is now the same as `TT_INTERPRETER_VERSION_40`. * Switching named instances on and off in Variation Fonts was buggy if the design coordinates didn't change. - drop enable-infinality-subpixel-hinting.patch (obsolete, infinality is deactivated) ==== fuse3 ==== Version update (3.15.0 -> 3.15.1) Subpackages: libfuse3-3 - Update to release 3.15.1 * Reduce default write size by half ==== harfbuzz ==== Version update (7.3.0 -> 8.0.1) Subpackages: libharfbuzz-gobject0 libharfbuzz-icu0 libharfbuzz-subset0 libharfbuzz0 typelib-1_0-HarfBuzz-0_0 - Update to version 8.0.1: + Build fix on 32-bit arm. + More speed optimizations: - 60% speedup in retaingids subsetting SourceHanSans-VF. - 38% speed up in subsetting (beyond-64k) mega-merged Noto. - 16% speed up in retain-gid (used for IFT) subsetting of NotoSansCJKkr. - Changes from version 8.0.0: + New, experimental, WebAssembly (WASM) shaper, that provides greater flexibility over OpenType/AAT/Graphite shaping, using WebAssembly embedded inside the font file. Currently WASM shaper is disabled by default and needs to be enabled at build time. + Improvements to Experimental features introduced in earlier releases: - Support for subsetting beyond-64k and VarComposites fonts. - Support for instancing variable fonts with cubic âglyfâ table. - Many big speed optimizations. ==== kmod ==== Subpackages: kmod-bash-completion libkmod2 - Edit usr-lib-modules.patch to /lib/modules provide fallback behavior for successfully running `make modules_install` in pristine tarballs. ==== krb5 ==== Version update (1.20.1 -> 1.21.1) Subpackages: krb5-client - update to 1.121.1 (CVE-2023-36054): * Fix potential uninitialized pointer free in kadm5 XDR parsing [CVE-2023-36054]. * Added a credential cache type providing compatibility with the macOS 11 native credential cache. * libkadm5 will use the provided krb5_context object to read configuration values, instead of creating its own. * Added an interface to retrieve the ticket session key from a GSS context. * The KDC will no longer issue tickets with RC4 or triple-DES session keys unless explicitly configured with the new allow_rc4 or allow_des3 variables respectively. * The KDC will assume that all services can handle aes256-sha1 session keys unless the service principal has a session_enctypes string attribute. * Support for PAC full KDC checksums has been added to mitigate an S4U2Proxy privilege escalation attack. * The PKINIT client will advertise a more modern set of supported CMS algorithms. * Removed unused code in libkrb5, libkrb5support, and the PKINIT module. * Modernized the KDC code for processing TGS requests, the code for encrypting and decrypting key data, the PAC handling code, and the GSS library packet parsing and composition code. * Improved the test framework's detection of memory errors in daemon processes when used with asan. ==== libX11 ==== Version update (1.8.5 -> 1.8.6) Subpackages: libX11-6 libX11-data libX11-xcb1 - update to 1.8.6: * InitExt.c: Add bounds checks for extension request, event, & error codes * Fixes CVE-2023-3138: X servers could return values from XQueryExtension that would cause Xlib to write entries out-of-bounds of the arrays to store them, though this would only overwrite other parts of the Display struct, not outside the bounds allocated for that structure. - drop U_InitExt.c-Add-bounds-checks-for-extension-request-ev.patch (upstream) ==== libgudev ==== Version update (237 -> 238) - Update to version 238: * Fix newline stripping * Add g_udev_device_get_current_tags() * Add a number of tests, and devel docs * Fix devhelp not being able to find the docs * Skip locale test with locale isn't available - Drop patches fixed upstream: * 71b2fda04dd71c637361e8ead103980ad6f27ed5.patch * 4216ecd4513bd4c8af73543817a51d6f72f166cc.patch ==== libstorage-ng ==== Version update (4.5.123 -> 4.5.127) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#941 - added get_version_string function - 4.5.127 - merge gh#openSUSE/libstorage-ng#940 - wait for block device before using blkdiscard - 4.5.126 - merge gh#openSUSE/libstorage-ng#939 - wait for block device before using wipefs (bsc#1213420) - coding style - 4.5.125 - Translated using Weblate (Georgian) (bsc#1149754) - 4.5.124 ==== libwebp ==== Version update (1.3.0 -> 1.3.1) Subpackages: libsharpyuv0 libwebp7 libwebpdemux2 libwebpmux3 - Update to version 1.3.1: * security fixes for lossless encoder (CVE-2023-1999) * improve error reporting through WebPPicture error codes * fix upsampling for RGB565 and RGBA4444 in NEON builds * img2webp: add -sharp_yuv & -near_lossless * fix webp_js with emcc >= 3.1.27 (stack size change) * CMake fixes * further updates to the container and lossless bitstream docs - Drop libwebp-double-free.patch: fixed upstream. ==== libyajl ==== - add libyajl-CVE-2023-33460.patch (CVE-2023-33460, bsc#1212928) ==== mosh ==== - Fix building with protobuf 23.3: this version of protobuf doesn't support C++11 anymore. A workaround has to be used at build time, see GitHub https://github.com/mobile-shell/mosh/issues/1278 ==== openexr ==== Version update (3.1.7 -> 3.1.9) Subpackages: libIex-3_1-30 libIlmThread-3_1-30 libOpenEXR-3_1-30 - Add patch to fix regression on non-SSE architectures https://github.com/AcademySoftwareFoundation/openexr/issues/1460: * 1488.patch - Also disable 'DWA[AB]Compression' test on aarch64 as the patch above fixes the issue for all targets, except aarch64 - version update to 3.1.9 * Patch release that addresses miscelleneous build and doc issues, as well as: . OSS-fuzz 59382 Heap-buffer-overflow in internal_huf_decompress - update to 3.1.8: * Support for DWA compression in OpenEXRCore * Fix OSS-fuzz 59070 Stack-buffer-overflow in DwaCompressor_readChannelRules ==== pentobi ==== Version update (23.0 -> 23.1) - update to 23.1: * Overwriting game file on Android with shorter file created corrupted file. ==== pipewire ==== Version update (0.3.72 -> 0.3.74) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Update to version 0.3.74: * Highlights - Fix a critical bug where audio to bluetooth devices would cut out randomly. - Improve RAOP compatibility. - Avoid crashes after an update. - Small fixes and improvements. * PipeWire - Mix info on port is now created explicitly. - Remove the node as a driver peer when stopping. This caused some problem with playback on and other remote bluetooth devices. - Work on avoiding crashes when loading new modules that use internal API with old libpipewire. This is typical after an update where the old library is still loaded by an application but when a new stream is created, updated modules are loaded. * Modules - The RTP source module now has an option to ignore the SSRC, which is useful to continue to receive the stream when the sender is restarted. - The native protocol will refuse to load twice now instead of silently ignoring the error. - module-raop is compatible with more devices. * SPA - plugins will now warn when running out of buffers. This is always a bad thing. - Merge scope based cleanup macros. - Add ratelimit function. - Update to version 0.3.73: * Highlights - Fixes an ALSA resume after suspend error. - Handle and disable seemingly wrong hires timestamps from ALSA. - Filter-chain now has loadable plugin modules. The LV2 and sofa plugins are moved to a separate .so file to make things more modular. - Rate changes in the graph should now be handled more gracefully by loopback and filter-chain. - A regression in the rtp-sap module was fixed where it would in some cases fail to start. - A potential crash in the peaks resampler was fixed. - Many cleanups and other small bug fixes. * PipeWire - Fix a potential segfault when no fallback driver was set in the config. - Improve OPUS detection. - Add ASYNC flag to pw-filter and pw-stream when queue/dequeue is not called from the process function. This ensure we allocate an extra buffer. - Discard pending process callbacks when disconnecting. - Cleanups and improvements to the debug environment variable parsing. - The graph rate was tweaked to better handle very low rates Â such as those requested by pavucontrol when it does the signal monitoring. * Modules - An example filter module was added. - Filter-chain and loopback now disable the resamplers if no rate is specified and will always follow the graph rate. - Improve setup of filter-chain. The graph is now created when starting because this ensure the target graph rate is known. - Filter-chain can now link notify ports to control ports in the graph. - Filter-chain now has loadable plugin modules. The LV2 and sofa plugins are moved to a separate .so file. - A regression in the rtp-sap module was fixed where it would in some cases fail to start. - Module-rt now has options to disable rlimits, portal and rtkit. - module-raop-discover now has an options to set the latency. * Tools - pw-cat now supports overriding all stream properties. * SPA - Disable rate negotiation when the resampler is disabled. We will always follow the graph rate. - Set device.icon property for UCM ports as well. - Improve ALSA recover when using hires timestamps. This fixes some problems after resume from suspend. - ALSA will now warn and disable hires timestamp when they seem wrong. They can also be disabled manually with a property. - V4l2 will now gracefully handle ENOTTY when enumerating frame sizes and frame rates. - A potential crash in the peaks resampler was fixed. * pulse-server - A client crash in pavucontrol is avoided by always setting a card name. - The graph rate is now taken correctly when using the FIX flags. - An option was added to ignore the FIX flags of a stream. Also the documentation for those options was updated. - module-raop-discover now support latency_msec. * Bluetooth - Remove an assert and issue a warning/recover instead when a buffer is too small. * GStreamer - The device provider does locking when destroying the registry. ==== poppler ==== Version update (23.06.0 -> 23.07.0) Subpackages: libpoppler-cpp0 libpoppler-glib8 poppler-tools - update to 23.07.0: core: * Fix reading of utf8-with-bom files * Fix crash if CERT_ExtractPublicKey doesn't return a public key * Fix rendering of some malformed documents. Issue #1395 * Allow for stream compression and compress font streams in forms Remove method Hints::getPageRanges qt5: * Fix crash when overprint preview is enabled * Don't fail signature basics tests if backend is not configured qt6: * Fix crash when overprint preview is enabled * Don't fail signature basics tests if backend is not configured utils: * pdfsig: Allow showung and selecting signature backend * pdfsig: Describe signature dump format in manual page ==== poppler-qt5 ==== Version update (23.06.0 -> 23.07.0) - update to 23.07.0: core: * Fix reading of utf8-with-bom files * Fix crash if CERT_ExtractPublicKey doesn't return a public key * Fix rendering of some malformed documents. Issue #1395 * Allow for stream compression and compress font streams in forms Remove method Hints::getPageRanges qt5: * Fix crash when overprint preview is enabled * Don't fail signature basics tests if backend is not configured qt6: * Fix crash when overprint preview is enabled * Don't fail signature basics tests if backend is not configured utils: * pdfsig: Allow showung and selecting signature backend * pdfsig: Describe signature dump format in manual page ==== python-charset-normalizer ==== Version update (3.1.0 -> 3.2.0) - update to 3.2.0: * Typehint for function `from_path` no longer enforce `PathLike` as its first argument * Minor improvement over the global detection reliability * Introduce function `is_binary` that relies on main capabilities, and optimized to detect binaries * Propagate `enable_fallback` argument throughout `from_bytes`, `from_path`, and `from_fp` that allow a deeper control over the detection (default True) * Edge case detection failure where a file would contain 'very- long' camel cased word (Issue #289) ==== python-importlib-metadata ==== Version update (6.6.0 -> 6.8.0) - update to 6.8.0: * Require Python 3.8 or later. * #453: When inferring top-level names that are importable for distributions in ``package_distributions``, now symlinks to other directories are honored. ==== python-lxml ==== - Add ISO-Schematron-schema-optional.patch and remove-ISO-Schematron-schema.patch to remove non-free RNG schema file (bsc#1213351). ==== qemu ==== Version update (8.0.2 -> 8.0.3) Subpackages: qemu-arm qemu-audio-spice qemu-block-curl qemu-block-nfs qemu-block-rbd qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-host qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-img qemu-ipxe qemu-ksm qemu-pr-helper qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios - Update to version 8.0.3: * See full log: https://lists.nongnu.org/archive/html/qemu-stable/2023-07/msg00086.html * Security issues fixed: - 9pfs: prevent opening special files (CVE-2023-2861) - vhost-vdpa (CVE-2023-3301) * Use the official xkb name for Arabic layout, not the legacy synonym (bsc#1212966) * [openSUSE][RPM] Update to version 8.0.3 ==== rsyslog ==== Version update (8.2212.0 -> 8.2306.0) - Upgrade to rsyslog 8.2306.0 * 2023-06-09: mmnormalize bugfix: if msg cannot be parsed, parser chain is stopped * 2023-06-08: Add new global config option "libcapng.default" * 2023-06-08: imjournal: Add FileCreateMode module parameter * 2023-04-17: core bugfix: potential segfault on busy systems * 2023-05-11: GNUTls Driver: Fix memory leaks in gtlsInitCred * 2023-05-24: CI: update base ubuntu image for github actions * 2023-05-16: OMHIREDIS::ADDED:: New support for 'stream' mode * 2023-05-17: OMHIREDIS::ADDED:: new tests for existing functionalities * 2023-04-25: OMHIREDIS::FIXED:: Correctly suspend module in case of failure * 2023-05-17: OMHIREDIS::FIXED:: Synchronously try to authenticate * 2023-04-25: IMHIREDIS::ADDED:: New support for 'stream' mode * 2023-04-25: REDIS::ADDED:: Implement tests for imhiredis module * 2023-04-12: IMHIREDIS::CLEAN:: various improvements and fixes [#]## CHANGED - [IMHIREDIS] factorize code for different modes - [IMHIREDIS] Clean and improve logging lines - [IMHIREDIS] Poll extinction state less frequently for main thread (less aggresive) - [IMHIREDIS] Set 'key' action parameter to REQUIRED - [IMHIREDIS] Use known message length instead of calculating it when enqueuing message [#]## ADDED - [IMHIREDIS] Missing redis replies' types in enumeration [#]## FIXED - [IMHIREDIS] Correctly initialize instance object, especially for redisNodesList - [IMHIREDIS] Correctly print input mode's value in logs when set incorrectly * 2023-05-17: tests: mmexternal-SegFault-empty-jroot-vg.sh: fix typo * 2023-03-21: modify testbench test to detect wrong imptcp truncation * 2023-03-21: imptcp bugfix: spam log on oversize message * 2023-03-23: core/bugfix: using $uuid msg prop can deadlock rsyslog on shutdown * 2023-03-13: Remove halted LGTM badges on README * 2023-02-16: Do not preserve capabilities when changing credentials * 2023-01-23: CI/QA: do compile test both with NDEBUG set/unset * 2023-01-23: Fixed wrong type conversion in cstrLen() for debug mode as well * 2023-01-18: core/template: implement negative position.to * 2023-01-18: CI: fix github CodeQL settings * 2023-01-17: Remove CAP_DAC_OVERRIDE if privileges dropped * 2023-01-17: Adjust the capability set * 2023-01-13: substring function: enhancement and hardening * 2023-01-11: omfile: add action parameters "rotation.*" * 2023-01-11: CI: use newer version of zookeeper * 2023-01-09: ffaup fix : memory corruption with concurrent workers * 2023-01-02: openssl: fix undefined reference to CRYPTO_set_id_callback * 2022-12-30: testbench: add test for invalid json template generation * 2022-12-30: core bugfix: template system may generate invalid json * 2022-12-28: Fixed wrong type conversion in cstrLen() * 2022-12-08: Add CodeQL workflow for GitHub code scanning ==== setools ==== Subpackages: python311-setools setools-console - Add python3-setuptools as a runtime requirement of python3-setools (boo#1213305) ==== smartmontools ==== - smartmontools.generate_smartd_opts.in: Fix generated options when SMARTD_SAVESTATES or SMARTD_ATTRLOG are set to "no" (bsc#1207461). ==== systemd ==== Version update (253.5 -> 253.7) Subpackages: libsystemd0 libudev1 systemd-container systemd-coredump udev - Import commit 2dac0aff9ced1eca0cd11c24e264b33095ee5a5e (merge of v253.7) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/6458c066547eaadf0e9709e441ea36a… - Import commit 6458c066547eaadf0e9709e441ea36ad03faa860 (merge of v253.6) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/07bb12a282b0ea378850934c4a76008… - Drop 5002-Revert-core-service-when-resetting-PID-also-reset-kn.patch, it's been backported to v253.6. - Move a bunch of files from systemd to udev. These are pretty useless without block devices. ==== systemd-presets-branding-openSUSE ==== - enable the various libvirt modular daemons (boo#1212195) ==== taglib ==== Version update (1.13 -> 1.13.1) Subpackages: libtag1 libtag_c0 - Update to version 1.13.1: * Fixed parsing of TXXX frames without description. * Detect MP4 atoms with invalid length or type. * Do not miss ID3v2 frames when an extended header is present. * Use property "DISCSUBTITLE" for ID3v2 "TSST" frame. * Build system improvements: Use absolute path for macOS dylib install name, support --define-prefix when using pkg-config, fixed minimum required CppUnit version. * Code clean up using clang-tidy. ==== xkeyboard-config ==== Version update (2.38 -> 2.39) - Update to version 2.39 * another bugfix release; also needed for changes for the Amharic (am_ET.UTF-8) compose key sequences in libX11 1.8.5 (see corresponding changelog entry in libX11 package); removes old remappings like ar --> ara (git db45bd75, 470ad2cd) [breaks current qemu build] ==== xterm ==== Version update (382 -> 384) Subpackages: xterm-bin xterm-resize - update to 384: * exclude ASCII space from showMissingGlyphs, since a few bitmap fonts lack this * correct a step in rendering double-width characters with bitmap-fonts * fixes for ReGIS-related problems: * mimic an undocumented hardware VT340 feature which handles color initialization with incomplete parameters. * handle whitespace between operator/operands for color values. * reset ReGIS-context when resetting graphics in RIS. ==== yast2-trans ==== Version update (84.87.20230708.d1de37aed1 -> 84.87.20230714.966688ddd0) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sr yast2-trans-sv yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20230714.966688ddd0: * Translated using Weblate (Indonesian) * Translated using Weblate (Indonesian) * Translated using Weblate (Indonesian) ==== zimg ==== Version update (3.0.4 -> 3.0.5) - Update to 3.0.5 * colorspace: add ST.428-1 (gamma 2.6) transfer function * depth: fix AVX-512 integer to float border handling (introduced in 2.6) * depth: fix NEON dither border handling (introduced in 3.0) * graph: fix clipping in alpha premultiplication (introduced in 3.0) * x86: optimizations for AMD Zen4 processors - Drop e29571.patch ==== zlib-ng-compat ==== Version update (2.1.2 -> 2.1.3) - update to 2.1.3: * Fix endless loop bug in chunkcopy_safe. #1526 * Support using distro-supplied Gtest #1519 * Minor code cleanup of deflate.c #1500 * Improve buildsystem detection of ARM Cortex #1521 * Cross-compiling and little-endian fixes #1518 #1520 * Optimize compare256 using RVV #1498 * Optimize slide_hash using RVV #1522 - drop 1526.patch (upstream)

1 0

New Arm Tumbleweed snapshot 20230716 released!
by Guillaume Gardet 18 Jul '23

18 Jul '23

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: MozillaFirefox (115.0.1 -> 115.0.2) audacity audit (3.0.9 -> 3.1.1) audit-secondary (3.0.9 -> 3.1.1) bind cryptsetup glibc iproute2 (6.3 -> 6.4) kernel-source (6.4.2 -> 6.4.3) libHX (4.13 -> 4.14) libbpf (1.2.0 -> 1.2.2) libguestfs libnftnl (1.2.5 -> 1.2.6) libshumate (1.0.3 -> 1.0.4) libvirt (9.4.0 -> 9.5.0) python-libvirt-python (9.4.0 -> 9.5.0) python311-pyparsing (3.0.9 -> 3.1.0) qpdf (11.4.0 -> 11.5.0) redis (7.0.11 -> 7.0.12) rpm-config-SUSE (20220926 -> 20230712) snapper texlive unixODBC util-linux util-linux-systemd === Details === ==== MozillaFirefox ==== Version update (115.0.1 -> 115.0.2) - Mozilla Firefox 115.0.2 * Fixed a bug with displaying a caret in the text editor on some websites (bmo#1840804) * Fixed a bug with broken audio rendering on some websites (bmo#1841982) * Fixed a bug with patternTransform translate using the wrong units (bmo#1840746) MFSA 2023-26 (bsc#1213230) * CVE-2023-3600 (bmo#1839703) Use-after-free in workers ==== audacity ==== Subpackages: audacity-lang - Update constraints for riscv64 ==== audit ==== Version update (3.0.9 -> 3.1.1) Subpackages: libaudit1 libauparse0 - Update to 3.1.1: * Add user friendly keywords for signals to auditctl * In ausearch, parse up URINGOP and DM_CTRL records * Harden auparse to better handle corrupt logs * Fix a CFLAGS propogation problem in the common directory * Move the audispd af_unix plugin to a standalone program - Add _multibuild to define additional spec files as additional flavors. Eliminates the need for source package links in OBS. - Enable livepatching on main library on x86_64. - Update to 3.1: * Disable ProtectControlGroups in auditd.service by default * Fix rule checking for exclude filter * Make audit_rule_syscallbyname_data work correctly outside of auditctl * Add new record types * Add io_uring support * Add support for new FANOTIFY record fields * Add keyword, this-hour, to ausearch/report start/end options * Add Requires.private to audit.pc file * Try to interpret OPENAT2 fields correctly ==== audit-secondary ==== Version update (3.0.9 -> 3.1.1) Subpackages: audit python3-audit system-group-audit - Update to 3.1.1: * Add user friendly keywords for signals to auditctl * In ausearch, parse up URINGOP and DM_CTRL records * Harden auparse to better handle corrupt logs * Fix a CFLAGS propogation problem in the common directory * Move the audispd af_unix plugin to a standalone program - Add _multibuild to define additional spec files as additional flavors. Eliminates the need for source package links in OBS. - Update to 3.1: * Disable ProtectControlGroups in auditd.service by default * Fix rule checking for exclude filter * Make audit_rule_syscallbyname_data work correctly outside of auditctl * Add new record types * Add io_uring support * Add support for new FANOTIFY record fields * Add keyword, this-hour, to ausearch/report start/end options * Add Requires.private to audit.pc file * Try to interpret OPENAT2 fields correctly ==== bind ==== Subpackages: bind-doc bind-utils - Enable dnstap support ==== cryptsetup ==== Subpackages: cryptsetup-doc libcryptsetup12 - luksFormat: Handle system with low memory and no swap space [bsc#1211079] * Check for physical memory available also in PBKDF benchmark. * Try to avoid OOM killer on low-memory systems without swap. * Use only half of detected free memory on systems without swap. * Add patches: - cryptsetup-Check-for-physical-memory-available-also-in-PBKDF-be.patch - cryptsetup-Try-to-avoid-OOM-killer-on-low-memory-systems-withou.patch - cryptsetup-Use-only-half-of-detected-free-memory-on-systems-wit.patch ==== glibc ==== Subpackages: glibc-devel glibc-extra glibc-locale glibc-locale-base nscd - gshadow-erange-rhandling.patch: gshadow: Matching sgetsgent, sgetsgent_r ERANGE handling (BZ #30151) - system-sigchld-block.patch: posix: Fix system blocks SIGCHLD erroneously (BZ #30163) - gmon-buffer-alloc.patch: gmon: Fix allocated buffer overflow (BZ #29444) - check-pf-cancel-handler.patch: __check_pf: Add a cancellation cleanup handler (BZ #20975) - powerpc64-fcntl-lock.patch: io: Fix F_GETLK, F_SETLK, and F_SETLKW for powerpc64 - realloc-limit-chunk-reuse.patch: realloc: Limit chunk reuse to only growing requests (BZ #30579) - dl-find-object-return.patch: elf: _dl_find_object may return 1 during early startup (BZ #30515) - Need to build with GCC 12 as minimum - fix-locking-in-_IO_cleanup.patch: Update to final version ==== iproute2 ==== Version update (6.3 -> 6.4) Subpackages: iproute2-bash-completion - Update to release 6.4 * bridge: mdb: added underlay destination IP support, UDP destination port support, destination VNI support, source VNI support, outgoing interface support * macvlan: added the "bclim" parameter ==== kernel-source ==== Version update (6.4.2 -> 6.4.3) Subpackages: kernel-64kb kernel-default - Linux 6.4.3 (bsc#1012628). - mm: call arch_swap_restore() from do_swap_page() (bsc#1012628). - bootmem: remove the vmemmap pages from kmemleak in free_bootmem_page (bsc#1012628). - commit 5fb5b21 ==== libHX ==== Version update (4.13 -> 4.14) - Update to release 4.14 * socket: make HX_addrport_split work on portless bracketed hostspec ==== libbpf ==== Version update (1.2.0 -> 1.2.2) - update to v1.2.2: * fix a regression in perf tool caused by libbpf resetting its custom catch-all SEC() handler on explicit bpf_program__set_type() call * fix possible double-free in USDT-related libbpf code, which happens when libbpf runs out of space in __bpf_usdt_specs map due to having too many unique USDT specs ==== libguestfs ==== Subpackages: libguestfs-xfs libguestfs0 - bsc#1212972 - cannot find any suitable libguestfs supermin libguestfs.spec ==== libnftnl ==== Version update (1.2.5 -> 1.2.6) - Update to release 1.2.6 * expr: meta: introduce broute meta expression ==== libshumate ==== Version update (1.0.3 -> 1.0.4) Subpackages: libshumate-1_0-1 typelib-1_0-Shumate-1_0 - Update to version 1.0.4: + Throttle tile download during animations. ==== libvirt ==== Version update (9.4.0 -> 9.5.0) Subpackages: libvirt-client libvirt-daemon-common libvirt-daemon-config-network libvirt-daemon-driver-interface libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lock libvirt-daemon-log libvirt-daemon-plugin-lockd libvirt-daemon-proxy libvirt-daemon-qemu libvirt-libs - libxl: Improve handling of errors across migration phases bsc#1213186 - apparmor: Support local overrides in all profiles and abstractions spec: Don't replace /etc/apparmor.d/<profile> on package upgrade spec: No longer package empty /etc/apparmor.d/local/* files bsc#1211472 - Update to libvirt 9.5.0 - Many incremental improvements and bug fixes, see https://libvirt.org/news.html#v9-5-0-2023-07-03 - Add upstream commit 5f7f6ceb47 to fix builds on Leap 15.x - Drop downstream commit adding SUSE-specific migration parameters ==== python-libvirt-python ==== Version update (9.4.0 -> 9.5.0) - Update to 9.5.0 - Add all new APIs and constants in libvirt 9.5.0 ==== python311-pyparsing ==== Version update (3.0.9 -> 3.1.0) - Add upstream patch limit-error-messages.patch as a part of a workaround for boo#1213007 - update to 3.1.0 * API ENHANCEMENT: `Optional(expr)` may now be written as `expr | ""` * Added new class property `identifier` to all Unicode set classes in `pyparsing.unicode`, using the class's values for `cls.identchars` and `cls.identbodychars`. * ParseResults` now has a new method `deepcopy()`, in addition to the current `copy()` method. * Reworked `delimited_list` function into the new `DelimitedList` class. * Added new class method `ParserElement.using_each` * Added new builtin `python_quoted_string`, which will match any form of single-line or multiline quoted strings defined in Python. * `ParserElement.validate()` is deprecated. * Added bool `embed` argument to `ParserElement.create_diagram()`. * Added support for Python 3.12. * Updated `create_diagram()` code to be compatible with railroad-diagrams package version 3.0. * Many other changes, see upstream CHANGES ==== qpdf ==== Version update (11.4.0 -> 11.5.0) - Update to 11.5.0: * When copying the same page more than once, ensure that annotations are copied and not shared among multiple pages. * Add new method Buffer::copy and deprecate Buffer copy constructor and assignment operator. Buffer copies are expensive and should be done explicitly. * The source code was reformatted to 100 columns instead of 80. Numerous cosmetic changes and changes suggested by clang-tidy were made. ==== redis ==== Version update (7.0.11 -> 7.0.12) - redis 7.0.12: * (CVE-2022-24834) A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson and cmsgpack libraries, and result in heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support, starting from 2.6, and affects only authenticated and authorized users. (bsc#1213193) * (CVE-2023-36824) Extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code execution. Specifically: using COMMAND GETKEYS* and validation of key names in ACL rules. (bsc#1213249) * Re-enable downscale rehashing while there is a fork child * Fix possible hang in HRANDFIELD, SRANDMEMBER, ZRANDMEMBER when used with <count> * Improve fairness issue in RANDOMKEY, HRANDFIELD, SRANDMEMBER, ZRANDMEMBER, SPOP, and eviction * Fix WAIT to be effective after a blocked module command being unblocked * Avoid unnecessary full sync after master restart in a rare case ==== rpm-config-SUSE ==== Version update (20220926 -> 20230712) - Update to version 20230712: * Add more prjconf macros * update comment about _lto_cflags * drop %usrmerged macro (boo#1206798) * Fix SLE sbat macros used on Leap (bsc#1198458) ==== snapper ==== Subpackages: libsnapper7 snapper-zypp-plugin - document disadvantage of using network users and order services after nss-user-lookup (gh#openSUSE/snapper#823) ==== texlive ==== Subpackages: libkpathsea6 libsynctex2 - The rungs lua script belongs to texlive-scripts(-bin) only ==== unixODBC ==== - Add missing requires for glibc-locale-base, required for utf16 codec (bsc#1213242) ==== util-linux ==== Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 - Add patch to detect MD array as container of LUKS properly (boo#1213227, gh#util-linux/util-linux#2373): * 0001-Revert-libblkid-try-LUKS2-first-when-probing.patch ==== util-linux-systemd ==== - Add patch to detect MD array as container of LUKS properly (boo#1213227, gh#util-linux/util-linux#2373): * 0001-Revert-libblkid-try-LUKS2-first-when-probing.patch

1 0