Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&version=Tumbleweed&build=20220223 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: MozillaFirefox (97.0 -> 97.0.1) NetworkManager adwaita-icon-theme apache2-mod_php7 (7.4.27 -> 7.4.28) apr at (3.2.2 -> 3.2.4) autoyast2 (4.4.30 -> 4.4.31) avahi distribution-logos-openSUSE expat (2.4.4 -> 2.4.6) flatpak (1.12.5 -> 1.12.6) git gnome-mines (40.0 -> 40.1) gnome-session gnome-settings-daemon gtk4 kernel-firmware (20220119 -> 20220218) libinput (1.19.3 -> 1.20.0) libnvme (1.0~3 -> 1.0~4) libsecret (0.20.4 -> 0.20.5) libstorage-ng (4.4.84 -> 4.4.88) libvirt mailutils (3.13 -> 3.14) mailx makedumpfile mariadb (10.6.5 -> 10.7.3) nano (6.1 -> 6.2) ncurses (6.3.20220129 -> 6.3.20220212) nvme-cli (2.0~3 -> 2.0~4) okteta (0.26.6 -> 0.26.7) patterns-base perl php7 (7.4.27 -> 7.4.28) polkit python python-Twisted python-base python-lxml (4.7.1 -> 4.8.0) python-pbr (5.8.0 -> 5.8.1) python-pyspnego (0.3.1 -> 0.4.0) python-reportlab (3.6.5 -> 3.6.7) python38 python38-core qemu rdma-core rubygem-excon (0.90.0 -> 0.91.0) rubygem-mini_portile2 (2.7.1 -> 2.8.0) rubygem-rb-fsevent (0.11.0 -> 0.11.1) rubygem-rb-kqueue (0.2.7 -> 0.2.8) rubygem-rdiscount (2.2.0.1 -> 2.2.0.2) sg3_utils (1.47+3.adb7276 -> 1.47+4.82fb156) spirv-tools (2022.1 -> 2022.2~sdk204) sssd systemd (249.9 -> 249.10) texinfo tigervnc update-alternatives (1.20.9 -> 1.21.1) vim vulkan-loader (1.2.198.0 -> 1.3.204.0) vulkan-tools (1.2.198.0 -> 1.3.204.0) xen (4.16.0_04 -> 4.16.0_06) xfce4-notifyd (0.6.2 -> 0.6.3) xkeyboard-config xorg-x11-server yast2-firstboot (4.4.7 -> 4.4.8) yast2-installation (4.4.40 -> 4.4.44) yast2-network (4.4.39 -> 4.4.40) yast2-schema-default (4.4.10 -> 4.4.11) yast2-security (4.4.11 -> 4.4.12) yast2-sound (4.4.0 -> 4.4.1) zip === Details === ==== MozillaFirefox ==== Version update (97.0 -> 97.0.1) Subpackages: MozillaFirefox-translations-common - Mozilla Firefox 97.0.1 * Fixed: Fixed an issue where TikTok videos would fail to load when selected from a user's profile page (bmo#1750973) * Fixed: Fixed an issue which led to Picture-in-Picture mode being unable to be toggled on Hulu (bmo#1753401) * Fixed: Works around problems with WebRoot SecureAnywhere antivirus rendering Firefox unusable in some situations (bmo#1752466) * Fixed: Fixed an issue causing users to see the Restore Session screen unexpectedly when starting Firefox (bmo#1749996) ==== NetworkManager ==== Subpackages: NetworkManager-pppoe libnm0 typelib-1_0-NM-1_0 - Add upstream bug fix patches: + 4685651e7671e064b911a3a05f096908e5ef0580.patch: glib-aux: fix nm_ref_string_equal_str() Fix comparison with a NULL string + 6329f1db5ac75ee3b7d2f7ce062e951a598625fe.patch: libnm/tests: fix maybe-uninitialized warning in "test-setting" + aadf0fb64f491f94b2771058621dc140c562b62b.patch: libnm/tests: fix maybe-uninitialized warning in "test-libnmc-setting" + 471e987add98b36520ece72ee493176fc7bc863c.patch: device: initialize nm_auto variable in _ethtool_features_reset() + 634e023e72d4729788a022ea1fae665af28d1b0f.patch: glib-aux: workaround maybe-uninitialized warning with LTO in nm_uuid_generate_from_string_str() - Use meson LTO setup as NM makes changes to CFLAGS ==== adwaita-icon-theme ==== - Replace Requires(post): gtk3-tools with the 2 following: + Requires(post): (gtk3-tools if libgtk-3-0) + Requires(post): (gtk4-tools if libgtk-4-1) Do this as we want gtk3-tools when building and installing a gtk3 based package, and gtk4-tools when building and installing a gtk4 based package. ==== apache2-mod_php7 ==== Version update (7.4.27 -> 7.4.28) - updated to 7.4.28: This is a security release (CVE-2021-21708). See https://www.php.net/ChangeLog-7.php#7.4.28 ==== apr ==== - deleted patches - apr-CVE-2021-3594.patch (renamed) - added patches + apr-CVE-2021-35940.patch (correct name) ==== at ==== Version update (3.2.2 -> 3.2.4) - Update to version 3.2.4: * Upstream SUSE patches - Update to version 3.2.3: * Fix two typos on documentation * Upstream SUSE patches * Various improvements to the code and the build system - Refresh patches: * at-3.1.16-handle_malformed_jobs.patch * at-3.2.2.patch * at-backport-old-privs.patch * harden_atd.service.patch - Drop upstreamed patches: * at-3.1.13-leak-fix.patch * at-3.1.13-massive_batch.patch * at-3.1.14-joblist.patch * at-3.1.14-usePOSIXtimers.patch * at-3.1.8-jobdir-mtime.patch * at-atq-timeformat.patch * at-secure_getenv.patch ==== autoyast2 ==== Version update (4.4.30 -> 4.4.31) Subpackages: autoyast2-installation - Modified init-scripts service dependencies fixing a root login systemd timeout when installing with ssh (bsc#1195059) - 4.4.31 ==== avahi ==== Subpackages: libavahi-client3 libavahi-common3 libavahi-core7 - remove avahi-mono* subspecfiles, they are no longer required by anything. this makes the spec file slightly more readable. ==== distribution-logos-openSUSE ==== - Fix the obsoleted and provided versions of the old systemd logo branding package ==== expat ==== Version update (2.4.4 -> 2.4.6) Subpackages: libexpat-devel libexpat1 - update to 2.4.6 (bsc#1196168, CVE-2022-25313): * Bug fixes: - Fix a regression introduced by the fix for CVE-2022-25313 in release 2.4.5 that affects applications that (1) call function XML_SetElementDeclHandler and (2) are parsing XML that contains nested element declarations (e.g. "<!ELEMENT junk ((bar|foo|xyz+), zebra*)>"). - Version info bumped from 9:5:8 to 9:6:8; see https://verbump.de/ for what these numbers do. - update to 2.4.5 (bsc#1196171, bsc#1196169, bsc#1196168, bsc#1196026, bsc#1196025): * Security fixes: - CVE-2022-25235 -- Passing malformed 2- and 3-byte UTF-8 sequences (e.g. from start tag names) to the XML processing application on top of Expat can cause arbitrary damage (e.g. code execution) depending on how invalid UTF-8 is handled inside the XML processor; validation was not their job but Expat's. Exploits with code execution are known to exist. - CVE-2022-25236 -- Passing (one or more) namespace separator characters in "xmlns[:prefix]" attribute values made Expat send malformed tag names to the XML processor on top of Expat which can cause arbitrary damage (e.g. code execution) depending on such unexpectable cases are handled inside the XML processor; validation was not their job but Expat's. Exploits with code execution are known to exist. - CVE-2022-25313 -- Fix stack exhaustion in doctype parsing that could be triggered by e.g. a 2 megabytes file with a large number of opening braces. Expected impact is denial of service or potentially arbitrary code execution. - CVE-2022-25314 -- Fix integer overflow in function copyString; only affects the encoding name parameter at parser creation time which is often hardcoded (rather than user input), takes a value in the gigabytes to trigger, and a 64-bit machine. Expected impact is denial of service. - CVE-2022-25315 -- Fix integer overflow in function storeRawNames; needs input in the gigabytes and a 64-bit machine. Expected impact is denial of service or potentially arbitrary code execution. * Other changes: - Version info bumped from 9:4:8 to 9:5:8; see https://verbump.de/ for what these numbers do ==== flatpak ==== Version update (1.12.5 -> 1.12.6) Subpackages: libflatpak0 system-user-flatpak - Update to version 1.12.6: + Fix a bug that sometimes caused repo corruption in case downloads are interrupted or canceled, necessitating a "flatpak repair" to recover + More reliably detect the GTK theme + Fix history command unit test in some edge cases + Updated translations. ==== git ==== Subpackages: git-core git-cvs git-email git-gui git-svn git-web gitk perl-Git - "Downgrade" git-gui and gitk Recommends to Suggests. ==== gnome-mines ==== Version update (40.0 -> 40.1) - Update to version 40.1: + Updated icon. + Added missing type parameter. + Fixed proprietary license in appdata. + Fixed build failure with latest meson. + Updated translations. - Drop 0a10c3a8ae4395c8059875bcea74be5c17ef9a21.patch: Fixed upstream. ==== gnome-session ==== Subpackages: gnome-session-core gnome-session-default-session gnome-session-wayland - Add back gnome-session-exit-when-lost-name-on-bus.patch: gnome-session exit immediately when lost name on bus (bsc#1175622 glgo!GNOME/gnome-session!60, bsc#1188882). ==== gnome-settings-daemon ==== - Rename 283.patch to the name of final commit id afa7e4bb9c519e2daf500a6079088669500768c0.patch. ==== gtk4 ==== Subpackages: gtk4-schema libgtk-4-1 typelib-1_0-Gtk-4_0 - Add gtk4-tools = %%{version} to devel sub-package. ==== kernel-firmware ==== Version update (20220119 -> 20220218) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20220218 (git commit c53073d4e148): * rtl_bt: Update RTL8852A BT USB firmware to 0xDFB7_6D7A * rtl_bt: Update RTL8822C BT USB firmware to 0x19B7_6D7D * rtl_bt: Update RTL8822C BT UART firmware to 0x15B7_6D7D * amdgpu: Update yellow carp firmware from 21.50 * amdgpu: Update vega20 firmware from 21.50 * amdgpu: Update vega12 firmware from 21.50 * amdgpu: Update vega10 firmware from 21.50 * amdgpu: Update vangogh firmware from 21.50 * amdgpu: Update renoir firmware from 21.50 * amdgpu: Update raven2 firmware from 21.50 * amdgpu: Update raven firmware from 21.50 * amdgpu: Update picasso firmware from 21.50 * amdgpu: Update beige goby firmware from 21.50 * amdgpu: Update dimgrey cavefish firmware from 21.50 * amdgpu: Update navy flounder firmware from 21.50 * amdgpu: Update sienna cichlid firmware from 21.50 * amdgpu: Update navi14 firmware from 21.50 * amdgpu: Update navi12 firmware from 21.50 * amdgpu: Update navi10 firmware from 21.50 * amdgpu: Update cyan skillfish2 firmware from 21.50 * amdgpu: Update green sardine firmware from 21.50 * amdgpu: Update arcturus firmware from 21.50 * amdgpu: Add aldebaran firmware from 21.50 * LICENSE.amdgpu: update copyright date * linux-firmware: Update AMD cpu microcode * linux-firmware: update firmware for MT7921 WiFi device * linux-firmware: Amphion: Add VPU firmwares for NXP i.MX8Q SoCs * i915: Add DMC firmware v2.16 for ADL-P * linux-firmware: mediatek: Update MT8173 VPU firmware to v1.1.7 - Add entry for amphion - Update spec template - Update aliases ==== libinput ==== Version update (1.19.3 -> 1.20.0) Subpackages: libinput-udev libinput10 - Update to release 1.20.0 * High-resolution scroll is more reliable thanks to the inclusion of new heuristics. * Better handling of BTN_TOOL_PEN on top of BTN_TOOL_RUBBER on graphics tablets that trigger a kernel bug. * libinput does not handle joysticks and gamepads. The detection algorithm has been improved to avoid tagging some of those devices as keyboards. * Improved clickpad detection * New quirks and bug fixing ==== libnvme ==== Version update (1.0~3 -> 1.0~4) - Update to version 1.0-rc4: * fabrics: add default port number for NVMe/TCP I/O controllers * linux: Update size when telemetry controller initiated data is unavailable * add cdw13 for set_feature_args structure * Add support for TP8010 * Documentation cleanups ==== libsecret ==== Version update (0.20.4 -> 0.20.5) Subpackages: libsecret-1-0 typelib-1_0-Secret-1 - Update to version 0.20.5: + Drop autotools-based build + Use G_GNUC_NULL_TERMINATED where appropriate + collection, methods, prompt: Port to GTask + Detect local storage in snaps in the same way as flatpaks + Add bash-completion for secret-tool + secret-tool: Add locking capabilities to secret tool + secret-file-backend: Avoid closing the same file descriptor twice + Add support for TPM2 based secret storage + Create default collection after DBus.Error.UnknownObject + Port documentation to gi-docgen + GI annotation and documentation fixes + Build fixes + Updated translations. - Replace gtk-doc with pkgconfig(gi-docgen) BuildRequires following upstreams port. - Drop patch fixed upstream: libsecret-handle-UnknownObject.patch ==== libstorage-ng ==== Version update (4.4.84 -> 4.4.88) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - Translated using Weblate (Italian) (bsc#1149754) - 4.4.88 - Translated using Weblate (German) (bsc#1149754) - merge gh#openSUSE/libstorage-ng#861 - allow by-id/mmc-* and by-path/platform-* links for disks (bsc#1195692) - 4.4.87 - Translated using Weblate (Chinese (Taiwan) (zh_TW)) (bsc#1149754) - 4.4.86 - Translated using Weblate (Chinese (China) (zh_CN)) (bsc#1149754) - 4.4.85 ==== libvirt ==== Subpackages: libvirt-client libvirt-daemon libvirt-daemon-config-network libvirt-daemon-driver-interface libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-qemu libvirt-libs - libxl: Fix libvirtd crash on domain restore 454b927d-libxl-fix-dom-restore.patch bsc#1196115 ==== mailutils ==== Version update (3.13 -> 3.14) Subpackages: libmailutils8 - udpate to 3.14: * TLS support rewritten from scratch * * New configuration statement: tls.handshake-timeout * Fix idle timeout handling (imap4d and pop3d daemons) * New function mu_mailbox_append_message_ext * mail utility * * new command: unread (U) * * message state is preserved when copying to another mailbox * Build requires GNU bison and flex * All parsers and scanners are rewritten in reentrant form * Support for mimetypes incorporated to the libmailutils library * Maildir and MH mailboxes * * Change the way of storing the envelope information * * Message scanner completely rewritten * Bugfixes * * Fix timezone calculation (see https://savannah.gnu.org/bugs/?61239) * * Fixed some memory and fd leaks * * Fixed corner case in mu_make_file_name_suf function - Use libalternatives instead of update-alternatives. ==== mailx ==== - Use libalternatives instead of update-alternatives. ==== makedumpfile ==== - Turn on zstd in Tumbleweed. ==== mariadb ==== Version update (10.6.5 -> 10.7.3) Subpackages: libmariadbd19 mariadb-client mariadb-errormessages - Update to 10.7.3 (bsc#1196016): * release notes and changelog: https://mariadb.com/kb/en/library/mariadb-1073-release-notes https://mariadb.com/kb/en/library/mariadb-1073-changelog https://mariadb.com/kb/en/library/mariadb-1072-release-notes https://mariadb.com/kb/en/library/mariadb-1072-changelog https://mariadb.com/kb/en/library/mariadb-1071-release-notes https://mariadb.com/kb/en/library/mariadb-1071-changelog https://mariadb.com/kb/en/library/mariadb-1070-release-notes https://mariadb.com/kb/en/library/mariadb-1070-changelog * fixes for the following security vulnerabilities: 10.7.3: CVE-2021-46665 CVE-2021-46664 CVE-2021-46661 CVE-2021-46668 CVE-2021-46663 10.7.2: CVE-2022-24052 CVE-2022-24051 CVE-2022-24050 CVE-2022-24048 CVE-2021-46659, bsc#1195339 10.7.1: none 10.7.0: none - Remove upstreamed patches: * mariadb-10.0.15-logrotate-su.patch * mariadb-10.1.1-mysqld_multi-features.patch - Refresh mariadb-10.2.4-logrotate.patch - Update list of skipped tests - Add bsc1194828.patch to fix build with GCC12, fixes bsc#1194828 - The following issues have already been fixed in this package but weren't previously mentioned in the changes file: CVE-2021-46658, bsc#1195334 CVE-2021-46657, bsc#1195325 ==== nano ==== Version update (6.1 -> 6.2) - GNU nano 6.2 * The file browser clears the prompt bar also when using - -minibar * Linting now works also with a newer 'pyflakes' ==== ncurses ==== Version update (6.3.20220129 -> 6.3.20220212) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20220212 + improve font-formatting in other manpages, for consistency. + correct/improve font-formatting in curs_wgetch.3x (patch by Benno Schulenberg). - Add ncurses patch 20220205 + workaround in test/picsmap.c for use of floating point for rgb values by ImageMagick 6.9.11, which appears to use the wrong upper limit. + improve use of "trap" in shell scripts, using "fixup-trap". ==== nvme-cli ==== Version update (2.0~3 -> 2.0~4) Subpackages: nvme-cli-bash-completion nvme-cli-zsh-completion - Update to version 2.0-rc4: * netapp-nvme: free the nsdescs pointer after use * netapp-nvme: fix ontapdevices segfault in json output * nvme-print: fix 'nvme list -o json' segfault * nvme: get_ns_id command fails on nvme device * wdc: updated products list for telemetry (--type) argument * docs: fix typo in Data Set Management section * Fix ctrlist for attach-ns and detach-ns * netapp-nvme: fix nvme ns desc uuid handling for ontapdevices * wdc: Fix use-after-free access of cbs_data * Fixed regression with 'open namespace exclusive' (bsc#1195945) ==== okteta ==== Version update (0.26.6 -> 0.26.7) Subpackages: libKasten4 libOkteta3 libkasten-lang libokteta-lang okteta-data okteta-lang - Update to 0.26.7 * Improved: translations * Fixed: crash in string extraction tool with marked strings from closed view (kde#444405) * Fixed: in JIS X 0201 codec properly map ASCII control char subset * Fixed: use own IBM874 codec, given Qt with ICU maps it to TIS-620 * Changed: a context menu now available with the view area (incl. tabs) * Changed: tabs of views can now be reordered (inside a single tab area) * Changed: empty documents can be created by LMB double-clicks in empty areas * Changed: remember used settings of tools across app restarts * Changed: remember used settings of data generators across app restarts * Changed: remember used settings of data encoders across app restarts - Add signature file and keyring - Update URL. ==== patterns-base ==== Subpackages: patterns-base-apparmor patterns-base-base patterns-base-basesystem patterns-base-basic_desktop patterns-base-console patterns-base-enhanced_base patterns-base-minimal_base patterns-base-selinux patterns-base-sw_management patterns-base-transactional_base patterns-base-x11 patterns-base-x11_enhanced - Use ntfs-3g again, udisks no longer works with the new ntfs3 module (gh#storaged-project/udisks#932) ==== perl ==== Subpackages: perl-base perl-doc - Add multibuild flavor to split the testsuite out of the main package build time. The testsuite dominates the build time and having perl in the bootstrap cycle, we better seperate it. The testsuite flavor rebuilds the same package the same way, but runs the check section ==== php7 ==== Version update (7.4.27 -> 7.4.28) Subpackages: php7-ctype php7-dom php7-iconv php7-json php7-openssl php7-pdo php7-sqlite php7-tokenizer php7-xmlreader php7-xmlwriter - updated to 7.4.28: This is a security release (CVE-2021-21708). See https://www.php.net/ChangeLog-7.php#7.4.28 ==== polkit ==== Subpackages: libpolkit-agent-1-0 libpolkit-gobject-1-0 typelib-1_0-Polkit-1_0 - Fixed denial of service via file descriptor leak (bsc#1195542 CVE-2021-4115) 0001-CVE-2021-4115-GHSL-2021-077-fix.patch ==== python ==== - BuildRequire rpm-build-python: The provider to inject python(abi) has been moved there. rpm-build pulls rpm-build-python automatically in when building anything against python3-base, but this implies that the initial build of python3-base does not trigger the automatic installation. - Older SLE versions should use old OpenSSL. ==== python-Twisted ==== - Add patch skip-namespacewithwhitespace.patch: * Skip a failing test with Expat 2.4.5. ==== python-base ==== Subpackages: libpython2_7-1_0 python-xml - BuildRequire rpm-build-python: The provider to inject python(abi) has been moved there. rpm-build pulls rpm-build-python automatically in when building anything against python3-base, but this implies that the initial build of python3-base does not trigger the automatic installation. - Older SLE versions should use old OpenSSL. ==== python-lxml ==== Version update (4.7.1 -> 4.8.0) - update to 4.8.0: * GH#337: Path-like objects are now supported throughout the API instead of just strings. * The ``ElementMaker`` now supports ``QName`` values as tags, which always override the default namespace of the factory. * GH#338: In lxml.objectify, the XSI float annotation "nan" and "inf" were spelled in lower case, whereas XML Schema datatypes define them as "NaN" and "INF" respectively. * Built with Cython 0.29.28. ==== python-pbr ==== Version update (5.8.0 -> 5.8.1) - update to 5.8.1: * Add release note about missing pbr.json fix * Avoid recursive calls into SetupTools entrypoint * remove explicit mock * Don't test with setuptools local distutils * Use context blocks for open() calls in packaging - remove remove_mock.patch (upstream) ==== python-pyspnego ==== Version update (0.3.1 -> 0.4.0) - update to 0.4.0: * Add `usage` argument for `tls.default_tls_context` to control whether the context is for a initiator or acceptor * Add type annotations and include `py.typed` in the package for downstream library use * Expose the `ContextProxy` class for type annotation use * Added `get_extra_info` to `ContextProxy` to expose a common way to retrieve context specific information, this is currently used by CredSSP to retrieve * `client_credential`: The delegated client credential for acceptors once the context is complete * `sslcontext`: The SSL context used to create the TLS object * `ssl_object`: The TLS object used during the CredSSP exchange * The `client_credential` property on `CredSSP` has been removed in favour of `context.get_extra_info('client_credential') * Added support for custom credential types * Can be used to for things like NTLM authentication with NT/LM hashes, Kerberos with a keytab or from an explicit CCache, etc * Support calling SSPI through `pyspnego`'s Negotiate proxy context * This allows users on Windows to still use Negotiate auth but with a complex set of credentials * Also opens up the ability to use Negotiate but only with Kerberos auth * The `username` and `password` property on the auth context object are deprecated and will return `None` until it is removed in a future release ==== python-reportlab ==== Version update (3.6.5 -> 3.6.7) - update to 3.6.7: * Remove use of cPickle * Remove unneccessary object inheritance * minor changes to python rendering in shapes.Drawing * remove jython (dead project no python3) * remove unicodeT/bytesT * import directly from string module * eliminate getBytesIO and getStringIO * remove unused and indirect imports * remove uniChr alias of chr * modify pdfdoc template to be eventually compatible with pikepdf * fix bug in table gradient bg * fix bug in validateSetattr (__dict__) * fix handling of ddfStyle in XLabel class ==== python38 ==== Subpackages: python38-curses python38-dbm python38-tk - Add patch support-expat-245.patch: * Support Expat >= 2.4.5 ==== python38-core ==== Subpackages: libpython3_8-1_0 python38-base - Add patch support-expat-245.patch: * Support Expat >= 2.4.5 ==== qemu ==== Subpackages: qemu-arm qemu-audio-spice qemu-block-curl qemu-block-rbd qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-host qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-ipxe qemu-ksm qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios * Patches added: block-backend-Retain-permissions-after-m.patch iotest-065-explicit-compression-type.patch iotest-214-explicit-compression-type.patch iotest-302-use-img_info_log-helper.patch iotest-303-explicit-compression-type.patch iotest-39-use-_qcow2_dump_header.patch iotests-60-more-accurate-set-dirty-bit-i.patch iotests-bash-tests-filter-compression-ty.patch iotests-common.rc-introduce-_qcow2_dump_.patch iotests-declare-lack-of-support-for-comp.patch iotests-drop-qemu_img_verbose-helper.patch iotests-massive-use-_qcow2_dump_header.patch iotests-MRCE-Write-data-to-source.patch iotests.py-filter-out-successful-output-.patch iotests.py-img_info_log-rename-imgopts-a.patch iotests.py-implement-unsupported_imgopts.patch iotests.py-qemu_img-create-support-IMGOP.patch iotests.py-rewrite-default-luks-support-.patch iotests-specify-some-unsupported_imgopts.patch qcow2-simple-case-support-for-downgradin.patch tests-qemu-iotests-Fix-051-for-binaries-.patch -Backport patch from upstream, bsc#1194063 CVE-2021-4158 * Patches added: acpi-validate-hotplug-selector-on-access.patch ==== rdma-core ==== Subpackages: libefa1 libibverbs libibverbs1 libmlx4-1 libmlx5-1 librdmacm1 rdma-ndd - Add srp_daemon-Detect-proper-path-to-systemctl.patch to fix path to systemctl (bsc#1195874) ==== rubygem-excon ==== Version update (0.90.0 -> 0.91.0) updated to version 0.91.0 no changelog found ==== rubygem-mini_portile2 ==== Version update (2.7.1 -> 2.8.0) updated to version 2.8.0 see installed CHANGELOG.md [#]## 2.8.0 / 2022-02-20 [#]### Added - Support xz-compressed archives (recognized by an `.xz` file extension). - When downloading a source archive, default open_timeout and read_timeout to 10 seconds, but allow configuration via open_timeout and read_timeout config parameters. ==== rubygem-rb-fsevent ==== Version update (0.11.0 -> 0.11.1) updated to version 0.11.1 no changelog found ==== rubygem-rb-kqueue ==== Version update (0.2.7 -> 0.2.8) updated to version 0.2.8 no changelog found ==== rubygem-rdiscount ==== Version update (2.2.0.1 -> 2.2.0.2) updated to version 2.2.0.2 no changelog found ==== sg3_utils ==== Version update (1.47+3.adb7276 -> 1.47+4.82fb156) Subpackages: libsgutils2-1_47-2 - Update to version 1.47+4.82fb156: * rescan_scsi_bus.sh: restore numeric ordering of hosts (bsc#1196244) ==== spirv-tools ==== Version update (2022.1 -> 2022.2~sdk204) - Update to 2022.2~sdk204 (SDK-1.3.204.0) * Complete handling of RayQueryKHR type ==== sssd ==== Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-krb5-common sssd-ldap - Enable selinux support - Update Supplements to new format ==== systemd ==== Version update (249.9 -> 249.10) Subpackages: libsystemd0 libudev1 systemd-container systemd-devel udev - Import commit 0bb1977021be2fc9ebfae10d766dff0b1a457f88 (merge of v249.10) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/b9b83c5d11e686178ddd545862a00b33... - Import commit b9b83c5d11e686178ddd545862a00b33c6fdfabb 8973cb2462 systemd-coredump: allow setting external core size to infinity (bsc#1195899 jsc#SLE-23866) - Fix build if %_distconfdir is not defined (see bsc#1195679) ==== texinfo ==== - Split locale text-domain to take care of package info - The package makeinfo needs both the locale text-domain of info and makeinfo - Do not recommend texinfo-lang in package info anymore (boo#1196156) - Rename texinfo-lang to makeinfo-lang as package makeinfo uses those locale files - The new package texinfo-lang should not include the binaries with its helper files, therefore recreate texinfo package - Require glibc-locale at build time as otherwise perl falls always back to C locale - Split out texinfo-lang package, so info does not refer to traslations from texinfo package. ==== tigervnc ==== Subpackages: libXvnc1 xorg-x11-Xvnc xorg-x11-Xvnc-module - Remove patch: tigervnc-clean-pressed-key-on-exit.patch * fixed bsc#670448 wich can no longer be reproduced * removing the patch fixes bsc#1196214 * related: https://github.com/TigerVNC/tigervnc/pull/14 ==== update-alternatives ==== Version update (1.20.9 -> 1.21.1) - rebase patches: * update-alternatives.changes * update-alternatives.spec * update-alternatives-suse.patch - New upstream release 1.21.1 dpkg (1.21.1) unstable; urgency=medium [ Guillem Jover ] * dpkg-buildpackage: Remove duplicate command print for dpkg-genchanges. * dpkg-buildpackage: Fix build description due to improper multiline match. * dpkg-realpath: Remove spurious heading space from --help output. * update-alternatives: When initializing admindir from DPKG_ADMINDIR append "/alternatives". Closes: #1001198 * Code internals: - Remove <ar.h> inclusions. * Packaging: - Install deb-md5sums(5) into dpkg-dev package. dpkg (1.21.0) unstable; urgency=medium [ Guillem Jover ] * dpkg-genchanges: Include orig tarball on source package renames. Closes: #980066 * scripts: Consider SHA-1 and RIPEMD-160 weak algorithms in OpenPGP signatures. * dpkg: During unpack print a removal message due to Conflicts. Closes: #985401 * scripts: Add zsh completions for dpkg-parsechangelog. Thanks to Daniel Shahaf <danielsh@apache.org>. Closes: #986103 * dpkg-buildpackage: When printing build type match the extension exactly. Closes: #989824 * dpkg-maintscript-helper: Use xargs -I argument instead of deprecated -i. * dpkg-maintscript-helper: Quote variable inside ${} to avoid pattern match. * libdpkg: Fix dpkg_fsys_get_path() to always strip leading / and ./. * libdpkg: Set the default database directory relative to the system root. * dpkg-divert, dpkg-statoverride: Set admindir after instdir. * update-alternatives: Fix admindir setting. Prompted by Johannes Schauer Marin Rodrigues <josch@debian.org>. * dselect: Honor DPKG_ADMINDIR environment variable. * dpkg-query, dpkg-trigger, dselect: Add support for setting the root directory. * dpkg-fsys-usrunmess: Move forced reconfiguration to the last step. See #991190. * dpkg-fsys-usrunmess: Install a local policy-rc.d to ignore service restarts. Closes: #991190 * dpkg-fsys-usrunmess: Do not fail when removing lingering directories. * dpkg-fsys-usrunmess: Generate a regression prevention package. * dpkg-fsys-usrunmess: Fix typo in debug message. * dpkg: Distinguish deconfiguration message for installation and multi-arch syncs. * dpkg-buildpackage: Add new --changes-file option. Prompted by Niels Thykier <niels@thykier.net>. * dpkg-buildpackage: Add new --buildinfo-file option. * dpkg: Rework --assert-<feature> logic to be more robust. Prompted by Helmut Grohne <helmut@subdivi.de>. Prompted by David Kalnischkies <donkult@debian.org>. * dpkg: Improve --assert-<feature> descriptions. * dpkg: Add a new --assert-help option. * scripts/mk: Pass DEB_BUILD_PATH to dpkg-buildflags. See #985553. * dpkg-db-backup: New program factored out from Debian-specific daily cron. * dpkg-db-backup: Accept an option to override the number of rotation cycles. * dpkg-db-backup: Honor the admindir set at configure time. * update-alternatives: Fix --auto and --set-selections output progress. * update-alternatives: Print defaults for configuration and database pathnames. * scripts: Replace shebang in dpkg-error shell library with shellcheck directive. * dpkg-buildpackage: Add support for terse DEB_BUILD_OPTIONS. * dpkg-mergechangelogs: Add new --merge-unreleased option. Closes: #582921 * dpkg: Restore fallback to "new-prerm failed-upgrade" for downgrades. Analysis by Ian Jackson <ijackson@chiark.greenend.org.uk>. Closes: #996959 * dselect: Use safe temporary file creation in methods setup. * dselect: Remove bashism from update script in multicd method. * dpkg: Fix --verify to handle missing or inaccessible pathnames. Closes: #963087 * dpkg: Add partial --verify support for mode checks. * Use «digest» instead of «hash» in output messages. Reported by Sven Joachim <svenjoac@gmx.de>. * dselect: use `grep -E` instead of `egrep`. Thanks to Ville Skyttä <ville.skytta@iki.fi>. Closes: #999600 * libdpkg: Fix memory leak on End Of Tape condition in tar parser. * dpkg: Fix short lived memory leak with --recursive. * dpkg: Fix conffile removal-on-upgrade handling. Closes: #995387 * dpkg-deb: Fix conffile name length tracking on remove-on-upgrade parsing. Reported by uau on IRC. * Architecture support: - Clarify that the regex columns need to be ordered to match first. - Add support for ARCv2 CPU. Closes: #980963 Based on a patch by Alexey Brodkin <Alexey.Brodkin@synopsys.com>. * Portability: - start-stop-daemon: Define SOCK_NONBLOCK to 0 if not defined. - libdpkg: Add support for AIX to dpkg_get_progname(). * Perl modules: - Dpkg::Source::Quilt: Add hint to check missing files on patch apply failures. Reported by Joseph Nahmias <jello@debian.org>. - Dpkg::Changelog::Parse: Require format plugins to inherit from Dpkg::Changelog. - Dpkg::OpenPGP: Refactor openpgp implementation execution into a new function. - Dpkg::Vendor::Debian: Refactor compiler flag names into an array. - Dpkg::Vendor::Debian: Add new lto feature in new optimize area. Closes: #940571 - Test::Dpkg: Print actual error messages in test_neutralize_checksums(). - Dpkg::Deps: Use current_sub feature for __SUB__. - Dpkg::BuildFlags: Add support for ASFLAGS. See https://salsa.debian.org/debian/debhelper/-/merge_requests/50. - Dpkg::Compression: Use gzip --rsyncable unconditionally. - Dpkg::Changelog::Entry::Debian: Fix full month misuse warning. - Dpkg::Shlibs::Symbol: Emit a warning on fully qualified symver patterns. Closes: #993991 - Dpkg::Control::HashCore: Add new keep_duplicate option. - Dpkg::Control::FieldsCore: Add new field_parse_binary_source(). Closes: #980527 - Dpkg::Control::FieldsCore: Fix types allowed for field_parse_binary_source(). Reported by Johannes Schauer Marin Rodrigues <josch@debian.org>. - Dpkg::Shlibs::Objdump: Fix apply_relocations to work with versioned symbols. Closes: #1000421 - Dpkg::Vendor::Ubuntu: Update Maintainer field logic to include ?canonical?. Based on a patch by William 'jawn-smith' Wilson <william.wilson@canonical.com>. Closes: #1000557 - Dpkg::Source::Package::V2: Add hint about version matching source tree. Based on a patch by Samuel Henrique <samueloph@debian.org>. Closes: #996044 * Documentation: - man: Itemize dpkg-gensymbols -c levels. - man: Add man page for deb-md5sums(5). Reported by Maxim Cournoyer (on IRC). - man: Switch the Architecture field in deb-control(5) to required. Reported by Maxim Cournoyer (on IRC). - man: Make clear that dpkg-query arguments accept multiple values. Prompted by Rémi Rampin <remirampin@gmail.com>. See #913781. - man: Document dpkg-query --search and --listfiles output formats. - doc: Fix incorrect use of ?an? article. - doc: Update coding style to document POD instead of troff. - doc: Update THANKS file. - doc: Annotate current maintainer start year. - doc: Sort maintenance information chronologically. - man: Add versions since features where introduced. - man: Further clarify when re-inclusions of excluded pathnames happen. Closes: #871420 - doc: Update Doxygen configuration from version 1.9.1. - doc: Improve description of dpkg suite. Prompted by Fabrice Bauzac-Stehly <noon@mykolab.com>. - man: Add a reference to where the Installed-Size algorithm is described. - man: Improve dpkg --verify-format rpm format documentation. - man: Document in deb-substvars(5) what ${} is good for. Prompted by Paul Wise <pabs@debian.org>. - man: Document in dpkg-architecture(1) target being useful for emulators too. Prompted by Helmut Grohne <helmut@subdivi.de>. - man: Document in dpkg-query(1) full --search and --listfiles output format. Prompted by Johannes Schauer Marin Rodrigues <josch@debian.org>. * Code internals: - Remove irrelevant or obsolete FIXME markers. - Turn FIXME markers denoting pending actions into TODO markers. - Turn FIXME markers giving historic information into simple Notes. - update-alternatives: Turn FIXME for explicit behavior choice into an XXX. - Use localtime_r() instead of localtime(). - libdpkg: Remove MDEBUG support from m_malloc() implementation. - libdpkg: Mark dpkg_arch_unmark() arch_remove argument as const. - libdpkg: Mark treewalk_open() func argument as const. - dpkg: Mark ignore_depends() pkg argument as const. - dpkg: Mark deb_parse_conffiles() pkg argument as const. - libcompat: Remove local setexecfilecon() and require libselinux 2.3. - libdpkg: Add missing DPKG_{BEGIN,END}_DECLS in header files. - dpkg: Move SE Linux function declarations into its own header file. - dpkg: Move the command action enum to its own header file. - dpkg: Switch from including "main.h" to "force.h". - dselect: Rename dme() to display_menu_entry(). - dpkg: Split function handling deconfiguration due to install and removal. - libdpkg: Add new ACTION_MUX macro for continued options. - dpkg: Refactor --assert-<feature> handling to be data driven. - dpkg-fsys-usrunmess: Do not use interpolated strings for literals. - dpkg-db-backup: Add a license header comment. * Build system: - Fallback to $^X and 'perl' if $Config{perlpath} is unset or empty. - Bump minimal Perl version to 5.28.1. - Remove redundant localedir and pkgconfdir initializations. - Check for libsocket. - Do not set have_libmd on the found branch in AC_SEARCH_LIBS. - Switch DPKG_FUNC_C99_SNPRINTF from AC_LANG_SOURCE to AC_LANG_PROGRAM. - Check whether fsync(3) works on directories. - Remove obsolete AC_HEADER_STDC. - Detect appropriate sed program at configure time. - Rename DPKG_DEB_PROG_TAR to DPKG_PROG_TAR. - Parametrize the backups directory with a configure option. - Add a check for symlinks in the git repository. - Rename shell scripts to .sh. - Switch from hardcoded /run to parametrized runstatedir. - Use new Dpkg::Control keep_duplicate option in gen-changelog. - Use title-case for field in gen-changelog. - Execute run-script via CONFIG_SHELL. Reported by Larkin Nickle <me@larbob.org>. - Quote variables containing pathnames in m4 macros. - Add support for commit message fix up machinery in gen-changelog. * Packaging: - Use absolute pathnames in .install debhelper fragments. - Remove unused dh_installcron call for arch-indep targets. - Add support for a native systemd timer. Closes: #985444 - Create auotpkgtest installation directory. - Bump Standards-Version to 4.6.0 (no changes needed). * Test suite: - Pass --ignore-builtin-builddeps to dpkg-buildpackage. - Use can_run() instead of find_command(). - Add descriptions to makefile test runners. - Add unit tests for architecture bijective mapping property. - Suppress cppcheck constParameter check. - Suppress bogus cppcheck for nullPointerRedundantCheck. - Mark external sourced shell files for checking. - Ignore new shellcheck checks. - Remove shipped dpkg database. - Add re-inclusion of symlink case to t-filtering. See #871420. - Generate symlink during test build time. - Remove superfluous long filename. - Refactor parse_ctrl() from parse_dsc(). - Update codespell stopwords. [ Helge Kreutzmann ] * deb-md5sums.pod: Fix typo. [ Add programs translations ] * Occitan (Quentin PAGÈS). [ Update dselect translations ] * German (Sven Joachim). [ Update man pages translations ] * German (Helge Kreutzmann). [ Update programs translations ] * German (Sven Joachim). * Polish (Marcin Owsiany, ?ukasz Dulny). [ Update scripts translations ] * German (Helge Kreutzmann). ==== vim ==== Subpackages: gvim vim-data vim-data-common - Update apparmor.vim to latest version (from AppArmor 3.0.4) * add network mctp keyword ==== vulkan-loader ==== Version update (1.2.198.0 -> 1.3.204.0) - Update to release SDK-1.3.204.0 * loader: Add Vulkan 1.3 symbols defs to appropriate files * loader: Add core 1.3 function to gpa_helper * loader: Add manual trampolines for 1.3 ==== vulkan-tools ==== Version update (1.2.198.0 -> 1.3.204.0) - Update to release SDK-1.3.204.0 * vulkaninfo: Add Device & driver UUID to summary ==== xen ==== Version update (4.16.0_04 -> 4.16.0_06) Subpackages: xen-libs xen-tools-domU - Upstream bug fixes (bsc#1027519) 61e0296a-x86-time-calibration-relative-counts.patch 61e029c8-x86-time-TSC-freq-calibration-accuracy.patch 61e02a1c-libxl-PCI-PV-hotplug-stubdom-coldplug.patch 61e98e88-x86-introduce-get-set-reg-infra.patch 61e98e89-x86-MSR-split-SPEC_CTRL-handling.patch 61e98e8a-x86-spec-ctrl-drop-ENTRY-EXIT-HVM.patch 61e98e8b-VT-x-SPEC_CTRL-NMI-race-condition.patch 61eaaa23-x86-get-set-reg-infra-build.patch 61efec1d-Arm-P2M-always-clear-entry-on-mapping-removal.patch 61efec4d-gnttab-only-decrement-refcounter-on-final-unmap.patch 61efec96-IOMMU-x86-stop-pirq-iteration-immediately-on-error.patch 61f2d886-x86-CPUID-disentangle-new-leaves-logic.patch 61f2d887-x86-CPUID-leaf-7-1-EBX-infra.patch 61f2dd76-x86-SPEC_CTRL-migration-compatibility.patch 61f7b2af-libxl-dont-touch-nr_vcpus_out-if-listing.patch 61f933a4-x86-cpuid-advertise-SSB_NO.patch 61f933a5-x86-drop-use_spec_ctrl-boolean.patch 61f933a6-x86-new-has_spec_ctrl-boolean.patch 61f933a7-x86-dont-use-spec_ctrl-enter-exit-for-S3.patch 61f933a8-x86-SPEC_CTRL-record-last-write.patch 61f933a9-x86-SPEC_CTRL-use-common-logic-for-AMD.patch 61f933aa-SVM-SPEC_CTRL-entry-exit-logic.patch 61f933ab-x86-AMD-SPEC_CTRL-infra.patch 61f933ac-SVM-enable-MSR_SPEC_CTRL-for-guests.patch 61f946a2-VMX-drop-SPEC_CTRL-load-on-VMEntry.patch 6202afa3-x86-clean-up-MSR_MCU_OPT_CTRL-handling.patch 6202afa4-x86-TSX-move-has_rtm_always_abort.patch 6202afa5-x86-TSX-cope-with-deprecation-on-WHL-R-CFL-R.patch 6202afa7-x86-CPUID-leaf-7-2-EDX-infra.patch 6202afa8-x86-Intel-PSFD-for-guests.patch - Drop patches replaced by the above: xsa393.patch xsa394.patch xsa395.patch libxl-Fix-PV-hotplug-and-stubdom-coldplug.patch libxl-dont-try-to-free-a-NULL-list-of-vcpus.patch libxl-dont-touch-nr_vcpus_out-if-listing-vcpus-and-returning-NULL.patch ==== xfce4-notifyd ==== Version update (0.6.2 -> 0.6.3) Subpackages: xfce4-notifyd-lang - Update to version 0.6.3 * Fix compilation warnings * autoconf: Some updates * Update `.gitignore` * Remove GSourceFunc casts * Fix missing-prototypes * Bump required GLib version to 2.56 * Implement ISO 8601 time format to avoid post-2.56 GLib functions * settings: Drop subtitle * Fix multiple memory issues (gxo#apps/xfce4-notifyd!11) * Translation Updates ==== xkeyboard-config ==== - removed n_suse-ctrl-alt-bksp-terminate.patch * no longer needed; made it impossible to disable Ctrl-Alt-BS on Wayland (boo#1195871) ==== xorg-x11-server ==== Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra xorg-x11-server-sdk - U_Fix-build-with-gcc-12.patch * render: Fix build with gcc 12 (glfdo#xorg/xserver!853). ==== yast2-firstboot ==== Version update (4.4.7 -> 4.4.8) - Registration step is always enabled for SLE, even when running in WSL (bsc#1195776). - 4.4.8 ==== yast2-installation ==== Version update (4.4.40 -> 4.4.44) - Use the default UI theme in SSH installation, the "installation_slim" theme does not exist anymore (bsc#1196287) - memsample-archive-to-csv - handle "ps" errors in the data file - 4.4.44 - Modified Second Stage service dependencies fixing a root login systemd timeout when installing with ssh (bsc#1195059) - 4.4.43 - Do not create a Btrfs snapshot at the end of the installation or upgrade when the root filesystem is mounted as read-only (jsc#SLE-22560). - 4.4.42 - LSM: Adjusted installation summary labels (bsc#1196013). - 4.4.41 ==== yast2-network ==== Version update (4.4.39 -> 4.4.40) - Fixed active configuration detection (bsc#1196276, bsc#1194911) - 4.4.40 ==== yast2-schema-default ==== Version update (4.4.10 -> 4.4.11) - Added fcoe-client schema (bsc#1194895) - 4.4.11 ==== yast2-security ==== Version update (4.4.11 -> 4.4.12) - Stop using 'lsm' kernel boot parameter even for the "None" Major Linux Security Module (bsc#1194332, bsc#1196274). - 4.4.12 ==== yast2-sound ==== Version update (4.4.0 -> 4.4.1) - Support uncompressed as well as xz, zstd, and gzip compressed modules. Related to jsc#SLE-21256 - jsc#SLE-18768 entries and sent by Michal Suchanek <msuchanek@suse.de>. - 4.4.1 ==== zip ==== - Add 0002-unix-reproducible-directory-order-scandir.patch to make zip file creation reproducible - Add build time %check