Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&version=Tumbleweed&build=20210801 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: NetworkManager PackageKit amavisd-milter amavisd-new ark autoyast2 (4.4.14 -> 4.4.15) bluedevil5 (5.22.3 -> 5.22.4) bluez breeze (5.22.3 -> 5.22.4) breeze-gtk (5.22.3 -> 5.22.4) ca-certificates (2+git20210309.8214505 -> 2+git20210723.27a0476) ceph (16.2.5.29+g97c2c82c2f5 -> 16.2.5.111+ga5b472dfcf8) discover (5.22.3 -> 5.22.4) drkonqi5 (5.22.3 -> 5.22.4) epson-inkjet-printer-escpr (1.7.8 -> 1.7.15) evolution-data-server fetchmail file-roller gdk-pixbuf hwinfo (21.75 -> 21.76) kactivitymanagerd (5.22.3 -> 5.22.4) kcm_sddm (5.22.3 -> 5.22.4) kde-cli-tools5 (5.22.3 -> 5.22.4) kde-gtk-config5 (5.22.3 -> 5.22.4) kgamma5 (5.22.3 -> 5.22.4) khotkeys5 (5.22.3 -> 5.22.4) kinfocenter5 (5.22.3 -> 5.22.4) kmenuedit5 (5.22.3 -> 5.22.4) kscreen5 (5.22.3 -> 5.22.4) kscreenlocker (5.22.3 -> 5.22.4) ksshaskpass5 (5.22.3 -> 5.22.4) ksystemstats5 (5.22.3 -> 5.22.4) kwayland-integration (5.22.3 -> 5.22.4) kwayland-server (5.22.3 -> 5.22.4) kwin5 (5.22.3 -> 5.22.4) kwrited5 (5.22.3 -> 5.22.4) layer-shell-qt (5.22.3 -> 5.22.4) libglvnd (1.3.2 -> 1.3.3) libkdecoration2 (5.22.3 -> 5.22.4) libkscreen2 (5.22.3 -> 5.22.4) libksysguard5 (5.22.3 -> 5.22.4) libstorage-ng (4.4.28 -> 4.4.30) libvirt man-pages-ja milou5 (5.22.3 -> 5.22.4) openblas_openmp openblas_pthreads os-prober (1.78 -> 1.79) osinfo-db oxygen5 (5.22.3 -> 5.22.4) parted (3.3 -> 3.4) perl-DBD-SQLite (1.66 -> 1.68) pipewire (0.3.31 -> 0.3.32) plasma-browser-integration (5.22.3 -> 5.22.4) plasma-nm5 (5.22.3 -> 5.22.4) plasma5-addons (5.22.3 -> 5.22.4) plasma5-desktop (5.22.3 -> 5.22.4) plasma5-disks (5.22.3 -> 5.22.4) plasma5-integration (5.22.3 -> 5.22.4) plasma5-openSUSE plasma5-pa (5.22.3 -> 5.22.4) plasma5-systemmonitor (5.22.3 -> 5.22.4) plasma5-thunderbolt (5.22.3 -> 5.22.4) plasma5-workspace (5.22.3 -> 5.22.4) polkit-kde-agent-5 (5.22.3 -> 5.22.4) postfix (3.6.1 -> 3.6.2) powerdevil5 (5.22.3 -> 5.22.4) python-SQLAlchemy (1.4.20 -> 1.4.22) python-mailman qemu rtl-sdr rubygem-bootsnap (1.7.5 -> 1.7.6) rubygem-rubocop (1.18.3 -> 1.18.4) rubygem-rubocop-ast (1.7.0 -> 1.8.0) systemsettings5 (5.22.3 -> 5.22.4) vim (8.2.3075 -> 8.2.3204) xapps (2.2.0 -> 2.2.3) xdg-desktop-portal-kde (5.22.3 -> 5.22.4) yast2-control-center (4.4.1 -> 4.4.2) yast2-nis-server (4.4.0 -> 4.4.1) yast2-trans (84.87.20210718.64398090f3 -> 84.87.20210723.6ea31dfcf1) yast2-update (4.4.1 -> 4.4.2) === Details === ==== NetworkManager ==== Subpackages: libnm0 typelib-1_0-NM-1_0 - Add libnm0 to baselibs.conf to be used by 64bit Steam ==== PackageKit ==== Subpackages: PackageKit-backend-zypp PackageKit-gstreamer-plugin PackageKit-gtk3-module libpackagekit-glib2-18 typelib-1_0-PackageKitGlib-1_0 - Drop upstream merged patches on SLE and Leap 15.4: + PackageKit-CVE-2020-16121.patch - Add PackageKit-dnf-ignore-weak-deps.patch Backport upstream patch (gh#Conan-Kudo/PackageKit/commit#ecd4a96, gh#Conan-Kudo/PackageKit#488) for fixing: dnf backend not honoring "install_weak_deps=False" (gh#dfaggioli/Packagekit#486). See also https://bugzilla.redhat.com/show_bug.cgi?id=1955484 ==== amavisd-milter ==== - Added hardening to systemd service(s). Modified: * amavisd-milter.service ==== amavisd-new ==== Subpackages: amavisd-new-docs - Added hardening to systemd service(s). Modified: * amavis.service ==== ark ==== Subpackages: ark-lang libkerfuffle21 - Recommend unar * it can handle RAR archives without non-free code * as well as LHA archives ==== autoyast2 ==== Version update (4.4.14 -> 4.4.15) Subpackages: autoyast2-installation - Fixed handling of the "final_reboot" and "final_halt" options, add the custom scripts only once and avoid displaying a warning popup during installation (bsc#1188356) - 4.4.15 ==== bluedevil5 ==== Version update (5.22.3 -> 5.22.4) Subpackages: bluedevil5-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - Changes since 5.22.3: * [applet] Give FullRepresentation an implicit size (kde#439981) ==== bluez ==== Subpackages: libbluetooth3 - remove notification message from bluez-deprecated package. I'm not going to remove it, and another maintainer can still restart the removal process :-) also boo#1188660 ==== breeze ==== Version update (5.22.3 -> 5.22.4) Subpackages: breeze5-cursors breeze5-decoration breeze5-style breeze5-style-lang breeze5-wallpapers libbreezecommon5-5 - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== breeze-gtk ==== Version update (5.22.3 -> 5.22.4) Subpackages: gtk2-metatheme-breeze gtk3-metatheme-breeze metatheme-breeze-common - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== ca-certificates ==== Version update (2+git20210309.8214505 -> 2+git20210723.27a0476) - Update to version 2+git20210723.27a0476: * Don't trigger path unit on /usr/share * Use flock to serialize calls (boo#1188500) * Add --root <directory> option - Update to version 2+git20210609.a4969d7: * Restore /etc/ssl/ca-bundle.pem if it doesn't exist * Get rid of ls * Fix indent inconsistencies * Create /var/lib/ca-certificates if needed * Install hooks with correct number * Remove legacy files * Remove find from update-ca-certificates ==== ceph ==== Version update (16.2.5.29+g97c2c82c2f5 -> 16.2.5.111+ga5b472dfcf8) Subpackages: librados2 librbd1 - Update to 16.2.5-111-ga5b472dfcf8: + (bsc#1188741) compression/snappy: use uint32_t to be compatible with 1.1.9 - Update to 16.2.5-110-gc5d9c915c46: + rebased on top of upstream commit SHA1 7feddc9819ca05586f230accd67b4e26a328e618 + (bsc#1186348) mgr/zabbix: adapt zabbix_sender default path ==== discover ==== Version update (5.22.3 -> 5.22.4) Subpackages: discover-backend-flatpak discover-backend-fwupd discover-backend-packagekit discover-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - Changes since 5.22.3: * kns: Use ksplash.knsrc for the test * Address the keyboard shortcut tooltip (kde#438916) ==== drkonqi5 ==== Version update (5.22.3 -> 5.22.4) Subpackages: drkonqi5-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== epson-inkjet-printer-escpr ==== Version update (1.7.8 -> 1.7.15) - Update to 1.7.15: * Supported new models. ==== evolution-data-server ==== Subpackages: libcamel-1_2-62 libebackend-1_2-10 libebook-1_2-20 libebook-contacts-1_2-3 libecal-2_0-1 libedata-book-1_2-26 libedata-cal-2_0-1 libedataserver-1_2-26 libedataserverui-1_2-3 - Drop CVE-2020-16117.patch on SLE and Leap 15.4: fixed upstream (glgo#GNOME/evolution-data-server#189) ==== fetchmail ==== Subpackages: fetchmailconf - Backported support for OAUTH2 authentication from Fetchmail 7.0. - add imap oauthbearer support - support oauthbearer/xoauth2 with pop3 - add passwordfile and passwordfd options - add contrib/fetchnmail-oauth2.py token acquisition utility - FAQ: list gmail options including oauthbearer and app password - give each ctl it's own copy of password - re-read passwordfile on every poll - add query_to64_outsize() utility function - Chase and integrate interface change. - oauth2.c: calculate and pass in correct buffer size to to64frombits() - Increase max password length to handle oauth tokens - Bump max. passwordlen to 10000 bytes. - Add README.OAUTH2 - Added patches: * fetchmail-add-imap-oauthbearer-support.patch * fetchmail-support-oauthbearer-xoauth2-with-pop3.patch * fetchmail-add-passwordfile-and-passwordfd-options.patch * fetchmail-add-contrib-fetchnmail-oauth2.py-token-acquisition-u.patch * fetchmail-FAQ-list-gmail-options-including-oauthbearer-and-app.patch * fetchmail-give-each-ctl-it-s-own-copy-of-password.patch * fetchmail-re-read-passwordfile-on-every-poll.patch * fetchmail-add-query_to64_outsize-utility-function.patch * fetchmail-chase-and-integrate-interface-change.patch * fetchmail-oauth2-c-calculate-and-pass-in-correct-buffer-size-to-to64frombits.patch * fetchmail-increase-max-password-length-to-handle-oauth-tokens.patch * fetchmail-bump-max-passwordlen-to-1bytes.patch * fetchmail-add-readme-oauth2-issue-27.patch - update to 6.4.19: * fetchmailconf: properly catch and report option parsing errors * LMTP: do not try to validate the last component of a UNIX-domain LMTP socket as though it were a TCP port. - update to 6.4.18: * fetchmailconf: fetchmail 6.4.16 added --sslcertfile to the configuration dump, but fetchmailconf support was incomplete in Git 7349f124 and it could not parse sslcertfile, thus the user settings editor came up empty with console errors printed. Fix configuration parser in fetchmailconf. * fetchmailconf: do not require fetchmail for -V. do not require Tk (Tkinter) for -d option. This is to fail more gracefully on incomplete installs. * TLS code: remove OPENSSL_NO_DEPRECATED macros to avoid portability issues with OpenSSL v3 - these are for development purposes, not production. * TLS futureproofing: use SSL_use_PrivateKey_file instead of SSL_use_RSAPrivateKey_file, the latter will be deprecated with OpenSSL v3, and the user's key file might be something else than RSA. * IMAP client: it used to leak memory for username and password when trying the LOGIN (password-based) authentication and encountered a timeout situation. * dist-tools/getstats.py: also counts lines in *.py files, shown above. * fetchmail.man: now mentions that you may need to add --ssl when specifying a TLS-wrapped port. * fetchmailconf: --version (-V) now prints the Python version in use. - update to 6.4.16: * fetchmail's --configdump, and fetchmailconf, lacked support for the sslcertfile option. * fetchmail --version [fetchmail -V] now queries and prints the SSL/TLS library's "SSL default trusted certificate" file or directory (mind the word "default"), where the OpenSSL-compatible TLS implementation will look for trusted root, meaning certification authority (CA), certificates. * fetchmail --version now prints version of the OpenSSL library that it was compiled against, and that it is using at runtime, and also the OPENSSL_DIR and OPENSSL_ENGINES_DIR (if available). - update to 6.4.15: * Fix a typo in the manual page reported by David McKelvie. * Fix cross-compilation with openssl, by Fabrice Fontaine. Merge request !23. * Fix truncation of SMTP PLAIN AUTH with ^ in credentials, by Earl Chew. - update to 6.4.14: * sr: ???????? ??????? (Miroslav Nikoli?) [Serbian] * Errors about lock file (= pidfile) creation could be lost in daemon configurations (-d option, or set daemon) when using syslog. Now they are also logged to syslog. Found verifying a pidfile creation issue on 6.4.12 that was previously reported by Alex Hall of Automatic Distributors. * If the lock file cannot be removed (no write permission on directory), try to truncate it, and if that fails, report error. * If the pidfile was non-default, fetchmail -q or --quit would malfunction and claim no other fetchmail were running, because it did not read the configuration files or merge the command line options, thus it would look for the PID in the wrong file. - Don't require systemd - Use tmpfiles for all files - Use systemd macro for tmpfiles - Don't delete home directory if the user stays - Use sysusers config to create system user - update to 6.4.12: [#] REGRESSION FIX: * configure: fetchmail 6.4.9 and 6.4.10 would miss checking for TLS v1.2 and TLS v1.3 support if AC_LIB_LINKFLAGS came up with something such as /path/to/libssl.so, rather than -lssl. (For instance on FreeBSD) * configure: fetchmail 6.4.9's configure was unable to pick up OpenSSL if it wasn't announced by pkg-config, for instance, on FreeBSD - De-hardcode /usr/lib path for launch executable (bsc#1174075) - Spec file cleanups - Update fetchmail.keyring file - Use %{_prefix}/lib instead of %{_libexecdir} - update to 6.4.8: * Add a test program fm_realpath, and a t.realpath script, neither to be installed. These will test resolution of the current working directory. * TRANSLATION UPDATES * Plug memory leaks when parts of the configuration (defaults, rcfile, command line) override one another. * fetchmail terminated the placeholder command string too late and included garbage from the heap at the end of the string. Workaround: don't use place- holders %h or %p in the --plugin string. Bug added in 6.4.0 when merging Gitlab merge request !5 in order to fix an input buffer overrun. Faulty commit 418cda65f752e367fa663fd13884a45fcbc39ddd. * Fetchmail now checks for errors when trying to read the .idfile * Fetchmail's error messages that reports that the defaults entry isn't the first was made more precise. It could be misleading if there was a poll or skip statement before the defaults. * Fetchmail documentation was updated to require OpenSSL 1.1.1. OpenSSL 1.0.2 reached End Of Life status at the end of the year 2019. Fetchmail will tolerate, but warn about, 1.0.2 for now on the assumption that distributors backport security fixes as the need arises. Fetchmail will also warn if another SSL library that is API-compatible with OpenSSL lacks TLS v1.3 support. * If the trust anchor is missing, fetchmail refers the user to README.SSL. * The AC_DECLS(getenv) check was removed, its only user was broken and not accounting for that AC_DECLS always defines HAVE_DECL_... to 0 or 1, so fetchmail never declared a missing getenv() symbol (it was testing with [#]ifdef). Remove the backup declaration. getenv is mandated by SUSv2 anyways. * fetchmailconf now supports Python 3 and currently requires the "future" package, see https://pypi.org/project/future/. * fetchmailconf: The minimum supported version is now Python 2.7.13, but it is recommended to use at least 2.7.16 (due to its massive SSL updates). Older Python versions may check SSL certificates not strictly enough, which may cause fetchmail to complain later, if the certificate verify fails. * fetchmailconf now autoprobes SSL-wrapped connections (ports 993 and 995 for IMAP and POP3) as well and by preference. * fetchmailconf now defaults newly created users to "ssl" if either of the existing users sets ssl, or if the server has freshly been probed and found supporting ssl. There is a caveat: adding a user to an existing server without probing it again may skip adding ssl. (This does not prevent STARTTLS.) * Fix three bugs in fetchmail.man (one unterminated string to .IP macro, one line that ran into a .PP macro, .TH date format), and remove one .br request from inside the table, which is unsupported by FreeBSD 12's mandoc(1) formatter. * Further man page fixes and additions by Chris Mayo and Gregor Zattler. * When evaluating the need for STARTTLS in non-default configurations (SSL certificate validation turned off), fetchmail would only consider --sslproto tls1 as requiring STARTTLS, now all non-empty protocol versions do. * fetchmailconf now properly writes "no sslcertck" if sslcertck is disabled. * fetchmailconf now catches and reports OS errors (including DNS errors) when autoprobing. * fetchmailconf received a host of other bugfixes, see the Git commit log. - Fix invalid usage of libexecdir where %_tmpfilesdir was meant to be used. - pwdutils is gone long time ago - switch to python3 - don't require python*-devel - Update to 6.4.1 [bsc#1152964] [#]# REGRESSION FIXES: * The bug fix Debian Bug#941129 was incomplete and caused - a regression in the default file locations, so that fetchmail was no longer able to find its configuration files in some situations. - a regression under _FORTIFY_SOURCE where PATH_MAX > minimal _POSIX_PATH_MAX. - Update to 6.4.0 [#]# SECURITY FIXES THAT AFFECT BEHAVIOUR AND MAY REQUIRE RECONFIGURATION * Fetchmail no longer supports SSLv2. * Fetchmail no longer attempts to negotiate SSLv3 by default, even with --sslproto ssl23. Fetchmail can now use SSLv3, or TLSv1.1 or a newer TLS version, with STLS/STARTTLS (it would previously force TLSv1.0 with STARTTLS). If the OpenSSL version used at build and run-time supports these versions, --sslproto ssl3 and --sslproto ssl3+ can be used to re-enable SSLv3. Doing so is discouraged because the SSLv3 protocol is broken. While this change is supposed to be compatible with common configurations, users may have to and are advised to change all explicit --sslproto ssl2 (change to newer protocols required), --sslproto ssl3, --sslproto tls1 to - -sslproto auto, so that they can benefit from TLSv1.1 and TLSv1.2 where supported by the server. The --sslproto option now understands the values auto, ssl3+, tls1+, tls1.1, tls1.1+, tls1.2, tls1.2+, tls1.3, tls1.3+ (case insensitively), see CHANGES below for details. * Fetchmail defaults to --sslcertck behaviour. A new option --nosslcertck to override this has been added, but may be removed in future fetchmail versions in favour of another configuration option that makes the insecurity in using this option clearer. [#]# SECURITY FIXES * Fetchmail prevents buffer overruns in GSSAPI authentication with user names beyond c. 6000 characters in length. Reported by Greg Hudson. [#]# CHANGED REQUIREMENTS * fetchmail 6.4.0 is written in C99 and requires a SUSv3 (Single Unix Specification v3, a superset of POSIX.1-2001 aka. IEEE Std 1003.1-2001 with XSI extension) compliant system. For now, a C89 compiler should also work if the system is SUSv3 compliant. In particular, older fetchmail versions had workaround for several functions standardized in the Single Unix Specification v3, these have been removed. The trio/ library has been removed from the distribution. [#]# CHANGES * fetchmail 6.3.X is unsupported. * fetchmail now configures OpenSSL support by default. * fetchmail now requires OpenSSL v1.0.2 or newer. * Fetchmail now supports --sslproto auto and --sslproto tls1+ (same as ssl23). * --sslproto tls1.1+, tls1.2+, and tls1.3+ are now supported for auto-negotiation with a minimum specified TLS protocol version, and --sslproto tls1.1, --sslproto tls1.2 and --sslproto tls1.3 to force the specified TLS protocol version. Note that tls1.3 requires OpenSSL v1.1.1 or newer. * Fetchmail now detects if the server hangs up prematurely during SSL_connect() and reports this condition as such, and not just as SSL connection failure. (OpenSSL 1.0.2 reported incompatible with pop3.live.com by Jerry Seibert). * A foreground fetchmail can now accept a few more options while another copy is running in the background. * fetchmail now handles POP3 --keep UID lists more efficiently, by using Rainer Weikusat's P-Tree implementation. This reduces the complexity for handling a large UIDL from O(n^2) to O(n log n) and becomes noticably faster with thousands of kept messages. (IMAP does not currently track UIDs and is unaffected.) At the same time, the UIDL emulation code for deficient servers has been removed. It never worked really well. Servers that do not implement the optional UIDL command only work with --fetchall option set, which in itself is incompatible with the --keep option (it would cause message duplication). * fetchmail, when setting up TLS connections, now uses SSL_set_tlsext_host_name() to set up the SNI (Server Name Indication). Some servers (for instance googlemail) require SNI when using newer SSL protocols. * Fetchmail now sets the expected hostname through OpenSSL 1.0.2's new X509_VERIFY_PARAM_set1_host() function to enable OpenSSL's native certificate verification features. * fetchmail will drop the connection when fetching with IMAP and receiving an unexpected untagged "* BYE" response, to work around certain faulty servers. * The FETCHMAIL_POP3_FORCE_RETR environment variable is now documented, it forces fetchmail, when talking POP3, to always use the RETR command, even if it would otherwise use the TOP command. * Fetchmail's configure stage will try to query pkg-config or pkgconf for libssl and libcrypto, in case other system use .pc files to document specific library dependencies. * The gethostbyname() API calls and compatibility functions have been removed. * These translations are shipped but not installed by default because they have less than 500 translated messages out of 714: el fi gl pt_BR sk tr - > Greek, Finnish, Galician, Brazilian Portuguese, Slovak, Turkish. * Fetchmail now refuses delivery if the MDA option contains single-quoted expansions. [#]# FIXES * Do not translate header tags such as "Subject:". * Convert most links from berlios.de to sourceforge.net. * Report error to stderr, and exit, if --idle is combined with multiple accounts. * Point to --idle from GENERAL OPERATION to clarify --idle and multiple mailboxes do not mix. * Fix SSL-enabled build on systems that do not declare SSLv3_client_method(), or that #define OPENSSL_NO_SSL3 inside #include <openssl/ssl.h> * Version report lists -SSLv3 on SSL-enabled no-ssl3 builds. * Fetchmail no longer adds a NUL byte to the username in GSSAPI authentication. This was reported to break Kerberos-based authentication with Microsoft Exchange 2013 * Set umask properly before writing the .fetchids file, to avoid failing the security check on the next run. * When forwarding by LMTP, also check antispam response code when collecting the responses after the CR LF . CR LF sequence at the end of the DATA phase. * fetchmail will not try other protocols after a socket error. This avoids mismatches of how different prococols see messages as "seen" and re-fetches of known mail. * fetchmail no longer reports "System error during SSL_connect(): Success." * fetchmailconf would ignore Edit or Delete actions on the first (topmost) item in a list (no matter if server list, user list, ...). * The mimedecode feature now properly detects multipart/mixed-type matches, so that quoted-printable-encoded multipart messages can get decoded. (Regression in 5.0.0 on 1999-03-27, as a side effect of a PGP-mimedecode fix attributed to Henrik Storner.) * FETCHMAILHOME can now safely be a relative path, which will be qualified through realpath(). Previously, it had to be absolute in daemon mode. [#]# KNOWN BUGS AND WORKAROUNDS (This section floats upwards through the NEWS file so it stays with the current release information) * Fetchmail does not handle messages without Message-ID header well (See sourceforge.net bug #780933) * Fetchmail currently uses 31-bit signed integers in several places where unsigned and/or wider types should have been used, for instance, for mailbox sizes, and misreports sizes of 2 GibiB and beyond. Fixing this requires C89 compatibility to be relinquished. * BSMTP is mostly untested and errors can cause corrupt output. * Sun Workshop 6 (SPARC) is known to miscompile the configuration file lexer in 64-bit mode. Either compile 32-bit code or use GCC to compile 64-bit fetchmail. * Fetchmail does not track pending deletes across crashes. * The command line interface is sometimes a bit stubborn, for instance, fetchmail -s doesn't work with a daemon running. * Linux systems may return duplicates of an IP address in some circumstances if no or no global IPv6 addresses are configured. (No workaround. Ubuntu Bug#582585, Novell Bug#606980.) * Kerberos 5 may be broken, particularly on Heimdal, and provide bogus error messages. This will not be fixed, because the maintainer has no Kerberos 5 server to test against. Use GSSAPI. - Remove patches merged upstream: * fetchmail-openssl11.patch * fetchmail-fetchmailconf-python3-1of3.patch * fetchmail-fetchmailconf-python3-2of3.patch * fetchmail-fetchmailconf-python3-3of3.patch - Rebase fetchmail-6.3.8-smtp_errors.patch - Remove comment about not available FETCHMAIL_USER configuration variable in sysconfig.fetchmail (bsc#1136538) - Use Debian 02_remove_SSLv3 change set based on beta 6.4.0 to modernize the patch fetchmail-openssl11.patch for modern TLS (auto) support - Fix fetchmailconf to compile with python{2,3} [bsc#1082694] * fetchmail-fetchmailconf-python3-1of3.patch * fetchmail-fetchmailconf-python3-2of3.patch * fetchmail-fetchmailconf-python3-3of3.patch - By default, the status messages are redirected to /var/log/fetchmail. The syslog option or no-logging are also available. (bsc#1033081) ==== file-roller ==== - Drop 0001-Fix-use-after-free-in-error-message-reporting.patch on SLE and Leap 15.4: fixed upstream. - Add 0001-Fix-use-after-free-in-error-message-reporting.patch: Prevent segmentation fault while displaying error message from libarchive. (glgo#GNOME/file-roller!48, bsc#1186435) ==== gdk-pixbuf ==== Subpackages: gdk-pixbuf-query-loaders gdk-pixbuf-thumbnailer libgdk_pixbuf-2_0-0 typelib-1_0-GdkPixbuf-2_0 - Drop gdk-pixbuf-bsc1180393-CVE-2020-29385.patch on SLE and Leap 15.4: fixed upstream. ==== hwinfo ==== Version update (21.75 -> 21.76) - merge gh#openSUSE/hwinfo#104 - Fix timezone issue in SOURCE_DATE_EPOCH code - 21.76 ==== kactivitymanagerd ==== Version update (5.22.3 -> 5.22.4) Subpackages: kactivitymanagerd-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== kcm_sddm ==== Version update (5.22.3 -> 5.22.4) Subpackages: kcm_sddm-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== kde-cli-tools5 ==== Version update (5.22.3 -> 5.22.4) Subpackages: kde-cli-tools5-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== kde-gtk-config5 ==== Version update (5.22.3 -> 5.22.4) Subpackages: kde-gtk-config5-gtk3 - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== kgamma5 ==== Version update (5.22.3 -> 5.22.4) Subpackages: kgamma5-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== khotkeys5 ==== Version update (5.22.3 -> 5.22.4) Subpackages: khotkeys5-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== kinfocenter5 ==== Version update (5.22.3 -> 5.22.4) Subpackages: kinfocenter5-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - Changes since 5.22.3: * unbreak about CPU value when solid is missing a product string (kde#439464) ==== kmenuedit5 ==== Version update (5.22.3 -> 5.22.4) Subpackages: kmenuedit5-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== kscreen5 ==== Version update (5.22.3 -> 5.22.4) Subpackages: kscreen5-lang kscreen5-plasmoid - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== kscreenlocker ==== Version update (5.22.3 -> 5.22.4) Subpackages: kscreenlocker-lang libKScreenLocker5 - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - Changes since 5.22.3: * Handle ConvPutAuthAbort as an authentication failure (kde#438099) ==== ksshaskpass5 ==== Version update (5.22.3 -> 5.22.4) Subpackages: ksshaskpass5-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== ksystemstats5 ==== Version update (5.22.3 -> 5.22.4) - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - Changes since 5.22.3: * gpu: Only scan pci devices * Don't crash if there's no input subfeature (kde#439615) ==== kwayland-integration ==== Version update (5.22.3 -> 5.22.4) - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== kwayland-server ==== Version update (5.22.3 -> 5.22.4) - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - Changes since 5.22.3: * Emit the committed() signal after the state is applied ==== kwin5 ==== Version update (5.22.3 -> 5.22.4) Subpackages: kwin5-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - Changes since 5.22.3: * wayland: Force decoration update * scripting: Make QTimer constructible (kde#439630) * platforms/drm: don't delete connectors in DrmGpu::removeOutput (kde#438789) * platforms/drm: always populate atomic req with connector props * platforms/drm: only show cursor on dpms on if not hidden ==== kwrited5 ==== Version update (5.22.3 -> 5.22.4) - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== layer-shell-qt ==== Version update (5.22.3 -> 5.22.4) - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== libglvnd ==== Version update (1.3.2 -> 1.3.3) - update to 1.3.3, fixes boo#1188640 ==== libkdecoration2 ==== Version update (5.22.3 -> 5.22.4) Subpackages: libkdecorations2-5 libkdecorations2-5-lang libkdecorations2private8 - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== libkscreen2 ==== Version update (5.22.3 -> 5.22.4) Subpackages: libKF5Screen7 libkscreen2-plugin - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== libksysguard5 ==== Version update (5.22.3 -> 5.22.4) Subpackages: ksysguardsystemstats-data libKSysGuardSystemStats1 libksysguard5-imports libksysguard5-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== libstorage-ng ==== Version update (4.4.28 -> 4.4.30) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#824 - added notes - 4.4.30 - merge gh#openSUSE/libstorage-ng#823 - extended spec file for Fedora - added documentation - avoid non standard parted commands where possible - coding style - 4.4.29 ==== libvirt ==== Subpackages: libvirt-client libvirt-daemon libvirt-daemon-driver-interface libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lxc libvirt-daemon-qemu libvirt-libs - spec: Re-exec'ing virt{lock,log}d in posttrans was mistakenly dropped in a previous change. Add it back. - libxl: ovmf now provides only one firmware for Xen. The firmware is named ovmf-x86_64-xen-4m.bin in the SUSE ovmf package. Adjust the upstream default firmware path to match the SUSE name. - packaging: To improve maintainability, rename suse-ovmf-paths.patch to suse-qemu-ovmf-paths.patch and suse-xen-ovmf-loaders.patch to suse-xen-ovmf-paths.patch ==== man-pages-ja ==== - Remove conflicting cdparanoia manpage - update SPEC file ==== milou5 ==== Version update (5.22.3 -> 5.22.4) Subpackages: milou5-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== openblas_openmp ==== - Use RISCV64_GENERIC for riscv64 - Add -ffat-lto-objects to get proper static archives ==== openblas_pthreads ==== - Use RISCV64_GENERIC for riscv64 - Add -ffat-lto-objects to get proper static archives ==== os-prober ==== Version update (1.78 -> 1.79) - Update to 1.79: * Add mount dependency (Closes: #934713) - Use download_files source service to download source files which is specified in the spec file * _service - Disable debug messages by default (bsc#1101735) * os-prober-disable-debug.patch ==== osinfo-db ==== - bsc#1182144 - osinfo-db: autoinst.xml does not work with Tumbleweed. Fixes nested language problem. opensuse-autoyast-desktop.patch - Add support for openSUSE Leap 15.4, SLE15-SP4, and SLEM 5.1 (bsc#1188692) add-opensuse-leap-15.4-support.patch add-sle15sp4-support.patch add-slem5.1-support.patch ==== oxygen5 ==== Version update (5.22.3 -> 5.22.4) - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== parted ==== Version update (3.3 -> 3.4) Subpackages: libparted0 - update to version 3.4: * Add new partition type flags chromeos_kernel and bls_boot. * Add support for the F2FS filesystem. refreshed patches: - dummy-bootcode-only-for-x86.patch - parted-fix-resizepart-and-rm-command.patch - parted-type.patch - parted-wipeaix.patch - tests-adapt-to-SUSE.patch removed patches: - parted-fix-end_input-usage.patch - parted-resize-alias-to-resizepart.patch ==== perl-DBD-SQLite ==== Version update (1.66 -> 1.68) - updated to 1.68 see /usr/share/doc/packages/perl-DBD-SQLite/Changes 1.68 2021-07-22 - Switched to a production version 1.67_07 2021-06-19 - Upgraded SQLite to 3.36.0 1.67_06 2021-06-14 - Experiment with another quadmath patch to see if it works with an older version of FreeBSD 1.67_05 2021-06-13 - Made DBD_SQLITE_STRING_MODE constants exportable 1.67_04 2021-05-31 - Upgraded SQLite to 3.35.5 - Stop setting THREADSAFE=0 if perl has pthread (ie. 5.20+) (Bjoern Hoehrmann++, GH#69, #72) - Fixed a memory leak in ::VirtualTable - Introduced "string_mode" handle attribute (Felipe Gasper++) to fix long-standing issues of sqlite_unicode (GH#78, #68) - Added a dependency from dbdimp.o to the *.inc files included into dbdimp.c (Laurent Dami++, GH#74) - Fixed an offset issue of VirtualTable (Laurent Dami++, GH#75) 1.67_03 2021-03-31 - Upgraded SQLite to 3.35.3 - Enabled math functions introduced in SQLite 3.35 - Fix quadmath issues (Tux++, leont++) 1.67_02 2020-12-06 - Upgraded SQLite to 3.34.0 - Added a few new constants - Added sqlite_txn_state method to see internal state of the backend 1.67_01 2020-11-24 - Switched to XSLoader (GH#63; toddr++) - Use quadmath_snprintf if USE_QUADMATH is defined - Use av_fetch instead of av_shift (norimy++) ==== pipewire ==== Version update (0.3.31 -> 0.3.32) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-media-session pipewire-modules pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Move with-{alsa,jack,pulseaudio} from the media-session package to the packages that implement each support. - Add patch pipewire-fix-libcamera-build.patch: fix build with latest libcamera. - Do no build libcamera support on Leap 15.3 or lower (too old libcamera) and change name of BuildRequires from camera to libcamera. - Update minimal version for alsa buildrequires. - Update to 0.3.32: * Highlights - Real-time priority handling for threads was reworked. Freewheeling will now drop RT priorities to avoid being killed. - Problems with filter chains and echo-cancel being linked in a loop was fixed. - alsamixer should now be able to see the mixer controls again. - JACK has seen some latency reporting improvements that make Ardour report latencies correctly. - Many bugfixes and improvements. * PipeWire - Fix a bug in the neon audio resampler code. - There is now a node.link-group property to relate linked streams. this can be used to track the dataflow with coupled streams. - Fix a crash when recalculating latency on a destroyed port. (#1371) - Filter chains and other modules that create streams can now also be added to the daemon config itself. (#1309) - Fix some potential deadlocks in timerfd. (#1377) - Feedback links are skipped when recalculating latency to avoid loops. - The dummy driver and null-sink now stop the timerfd when following another driver instead of generating useless graph wakeups. - rt.limit was increased to 2 seconds. Some applications got killed because they run lengthy code in the Real-Time thread. (#1344) - Fix s24_32 to float, it was not sign extending properly. (#1393) - The performance of the feedback loop check algorithm was improved a lot, making complex graphs start much much faster. - The zeroconf publish module now doesn't republish nodes every time the volume changes. (#1406) - A potential memory corruption error has been fixed in the loop that could cause random crashes. - Mempools can now be created from multiple threads at the same time. * media-session - Loops in coupled streams are now avoided. (#1394) - Port changes for inactive profiles are ignored now by the default-route module. (#1403) * ALSA - Make sure tha alibpref is not part of the device node name because it is random. (#1362) - Fixed an off-by-one that could cause midi events to end up with a wrong timestamp and thus being discarded by some apps. (#1395) - Fix some memory leaks when destroying a card object. * JACK - Fix some invalid cycle wakeups that could cause JACK application to run with a 0 buffer size. (#1386) - JACK can now use rtkit to manage realtime priorities on threads. - The Real-time priority is dropped when entering freewheel mode to make sure we don't get killed when using too much CPU. - jack_recompute_total_latencies() is now implemented, fixing the latency reporting in Ardour. (#1388) - Fix some overflows in time calculations. - Ensure frame_rate in position is never 0. - Graph callbacks are now emitted as well. * Bluetooth - RTP payload type is now set correctly for aptX, LDAC and SBC, which should improve compatibility with devices that care about this. * PulseAudio server - There is now a quirks database to deal with bad clients. The database is builtin but can be made external later. Teams is now lied to and told all sink/sources use s16 samples to make it show all sinks/sources. Firefox is forced to remove the DONT_MOVE flag on capture streams so that you can move firefox streams with other tools. - The UNDERFLOW warnings are now made into info log messages to not spam the log too much. Many application just let things underrun and PulseAudio did not warn about this either. (#910) * ALSA plugin - The alsa plugin now uses the right metadata for finding the default source and sink, which makes the volume controls reappear. (#1384) * Other - Cleanups in pulse-server and pipewire. - Documentation additions. - Make the jack replacement libraries really replace jack libraries just like Fedora does (adding the path to the pipewire replacement libraries to ld.so.conf.d and conflicting with jack). - Remove the spec code that forced the packages not to provide the jack libraries. They seem to be ready to replace jack libraries now. - Add a pipewire-libjack-0_3-devel package with development files for pipewire's jack replacement. - Enable the libcamera module ==== plasma-browser-integration ==== Version update (5.22.3 -> 5.22.4) Subpackages: plasma-browser-integration-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - Changes since 5.22.3: * [History Runner] Request favicon with device pixel ratio ==== plasma-nm5 ==== Version update (5.22.3 -> 5.22.4) Subpackages: plasma-nm5-lang plasma-nm5-openconnect plasma-nm5-openvpn plasma-nm5-pptp plasma-nm5-vpnc - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== plasma5-addons ==== Version update (5.22.3 -> 5.22.4) Subpackages: plasma5-addons-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - Changes since 5.22.3: * Use dynamic sorting to support different locales * Sort Unsplash POTD image categories alphabetically (kde#422971) ==== plasma5-desktop ==== Version update (5.22.3 -> 5.22.4) Subpackages: plasma5-desktop-emojier - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - Changes since 5.22.3: * [panel] When in adaptive transparency go transparent when in show desktop mode (kde#439209) * kcms/keys: Use storageId instead of desktopEntryName (kde#438204) * kcm/keys: Always try looking up services by storageId * Fix shift-action modifier in context menu (kde#425997) * [kcms/keyboard] Fix translations of OSD config (kde#439394) ==== plasma5-disks ==== Version update (5.22.3 -> 5.22.4) - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== plasma5-integration ==== Version update (5.22.3 -> 5.22.4) Subpackages: plasma5-integration-plugin plasma5-integration-plugin-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== plasma5-openSUSE ==== Subpackages: plasma5-defaults-openSUSE plasma5-theme-openSUSE plasma5-workspace-branding-openSUSE sddm-theme-openSUSE - Update to 5.22.4 ==== plasma5-pa ==== Version update (5.22.3 -> 5.22.4) Subpackages: plasma5-pa-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - Changes since 5.22.3: * [ListItemBase] Open menu on press ==== plasma5-systemmonitor ==== Version update (5.22.3 -> 5.22.4) - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== plasma5-thunderbolt ==== Version update (5.22.3 -> 5.22.4) - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== plasma5-workspace ==== Version update (5.22.3 -> 5.22.4) Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-lang plasma5-workspace-libs xembedsniproxy - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - Changes since 5.22.3: * systemtray: Let plasmashell handle visibility when configuring (kde#440263) * [applets/clipboard] Fix the alignment of delegate buttons (kde#437044) * Allow plasmashell to use both screenshot and screenshot2 * [Notifications] Set Plasma linkColor on notification label (kde#438366) * Add kde-baloo.service to Wants= * Prevent fractional positioning in systray HiddenItemsView * Set GDK scale explictily on wayland (kde#438971) ==== polkit-kde-agent-5 ==== Version update (5.22.3 -> 5.22.4) Subpackages: polkit-kde-agent-5-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== postfix ==== Version update (3.6.1 -> 3.6.2) Subpackages: postfix-doc - Syntax error in config.postfix (bsc#1188477) - Update to 3.6.2 * In Postfix 3.6, fixed a false "Result too large" (ERANGE) fatal error in the compatibility_level parser, because there was no 'errno = 0' statement before an strtol() call. * (problem introduced in Postfix 3.3) "Null pointer read" error in the cleanup daemon when "header_from_format = standard" (the default as of Postfix 3.3), and email was submitted with /usr/sbin/sendmail without From: header, and an all-space full name was specified in 1) the password file, 2) with "sendmail - F", or 3) with the NAME environment variable. Found by Renaud Metrich. * (problem introduced in Postfix 2.4) False "too many reverse jump" warnings in the showq daemon, because loop detection code was comparing memory addresses instead of queue file names. Reported by Mehmet Avcioglu. * (problem introduced in 1999) The Postfix SMTP server was sending all session transcripts to the error_notice_recipient (default: postmaster), instead of sending transcripts of bounced mail to the bounce_notice_recipient (default: postmaster). Reported by Hans van Zijst. * The texthash: map implementation broke tls_server_sni_maps, because it did not support multi-file inputs. Reported by Christopher Gurnee, who also found an instance of the missing code in the "postmap -F" source code. File: util/dict_thash.c. ==== powerdevil5 ==== Version update (5.22.3 -> 5.22.4) Subpackages: powerdevil5-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== python-SQLAlchemy ==== Version update (1.4.20 -> 1.4.22) - update to version 1.4.22: * orm + Fixed issue in new Table.table_valued() method where the resulting TableValuedColumn construct would not respond correctly to alias adaptation as is used throughout the ORM, such as for eager loading, polymorphic loading, etc. + Fixed issue where usage of the Result.unique() method with an ORM result that included column expressions with unhashable types, such as JSON or ARRAY using non-tuples would silently fall back to using the id() function, rather than raising an error. This now raises an error when the Result.unique() method is used in a 2.0 style ORM query. Additionally, hashability is assumed to be True for result values of unknown type, such as often happens when using SQL functions of unknown return type; if values are truly not hashable then the hash() itself will raise. + For legacy ORM queries, since the legacy Query object uniquifies in all cases, the old rules remain in place, which is to use id() for result values of unknown type as this legacy uniquing is mostly for the purpose of uniquing ORM entities and not column values. + Fixed an issue where clearing of mappers during things like test suite teardowns could cause a ?dictionary changed size? warning during garbage collection, due to iteration of a weak-referencing dictionary. A list() has been applied to prevent concurrent GC from affecting this operation. + Fixed critical caching issue where the ORM?s persistence feature using INSERT..RETURNING would cache an incorrect query when mixing the ?bulk save? and standard ?flush? forms of INSERT. * engine + Added some guards against KeyError in the event system to accommodate the case that the interpreter is shutting down at the same time Engine.dispose() is being called, which would cause stack trace warnings. * sql + Fixed issue where use of the case.whens parameter passing a dictionary positionally and not as a keyword argument would emit a 2.0 deprecation warning, referring to the deprecation of passing a list positionally. The dictionary format of ?whens?, passed positionally, is still supported and was accidentally marked as deprecated. + Fixed issue where type-specific bound parameter handlers would not be called upon in the case of using the Insert.values() method with the Python None value; in particular, this would be noticed when using the JSON datatype as well as related PostgreSQL specific types such as JSONB which would fail to encode the Python None value into JSON null, however the issue was generalized to any bound parameter handler in conjunction with this specific method of Insert. - changes from version 1.4.21: * orm + Modified the approach used for history tracking of scalar object relationships that are not many-to-one, i.e. one-to-one relationships that would otherwise be one-to-many. When replacing a one-to-one value, the ?old? value that would be replaced is no longer loaded immediately, and is instead handled during the flush process. This eliminates an historically troublesome lazy load that otherwise often occurs when assigning to a one-to-one attribute, and is particularly troublesome when using ?lazy=?raise?? as well as asyncio use cases. + This change does cause a behavioral change within the AttributeEvents.set() event, which is nonetheless currently documented, which is that the event applied to such a one-to-one attribute will no longer receive the ?old? parameter if it is unloaded and the relationship.active_history flag is not set. As is documented in AttributeEvents.set(), if the event handler needs to receive the ?old? value when the event fires off, the active_history flag must be established either with the event listener or with the relationship. This is already the behavior with other kinds of attributes such as many-to-one and column value references. + The change additionally will defer updating a backref on the ?old? value in the less common case that the ?old? value is locally present in the session, but isn?t loaded on the relationship in question, until the next flush occurs. If this causes an issue, again the normal relationship.active_history flag can be set to True on the relationship. + Fixed regression caused in 1.4.19 due to #6503 and related involving Query.with_entities() where the new structure used would be inappropriately transferred to an enclosing Query when making use of set operations such as Query.union(), causing the JOIN instructions within to be applied to the outside query as well. + Fixed regression which appeared in version 1.4.3 due to #6060 where rules that limit ORM adaptation of derived selectables interfered with other ORM-adaptation based cases, in this case when applying adaptations for a with_polymorphic() against a mapping which uses a column_property() which in turn makes use of a scalar select that includes a aliased() object of the mapped table. + Fixed ORM regression where ad-hoc label names generated for hybrid properties and potentially other similar types of ORM-enabled expressions would usually be propagated outwards through subqueries, allowing the name to be retained in the final keys of the result set even when selecting from subqueries. Additional state is now tracked in this case that isn?t lost when a hybrid is selected out of a Core select / subquery. * sql + Added new method HasCTE.add_cte() to each of the select(), insert(), update() and delete() constructs. This method will add the given CTE as an ?independent? CTE of the statement, meaning it renders in the WITH clause above the statement unconditionally even if it is not otherwise referenced in the primary statement. This is a popular use case on the PostgreSQL database where a CTE is used for a DML statement that runs against database rows independently of the primary statement. + Fixed issue in CTE constructs where a recursive CTE that referred to a SELECT that has duplicate column names, which are typically deduplicated using labeling logic in 1.4, would fail to refer to the deduplicated label name correctly within the WITH clause. + Fixed regression where the tablesample() construct would fail to be executable when constructed given a floating-point sampling value not embedded within a SQL function. * postgresql + Fixed issue in Insert.on_conflict_do_nothing() and Insert.on_conflict_do_update() where the name of a unique constraint passed as the constraint parameter would not be properly truncated for length if it were based on a naming convention that generated a too-long name for the PostgreSQL max identifier length of 63 characters, in the same way which occurs within a CREATE TABLE statement. + Fixed issue where the PostgreSQL ENUM datatype as embedded in the ARRAY datatype would fail to emit correctly in create/drop when the schema_translate_map feature were also in use. Additionally repairs a related issue where the same schema_translate_map feature would not work for the ENUM datatype in combination with a CAST, that?s also intrinsic to how the ARRAY(ENUM) combination works on the PostgreSQL dialect. + Fixed issue in Insert.on_conflict_do_nothing() and Insert.on_conflict_do_update() where the name of a unique constraint passed as the constraint parameter would not be properly quoted if it contained characters which required quoting. * mssql + Fixed regression where the special dotted-schema name handling for the SQL Server dialect would not function correctly if the dotted schema name were used within the schema_translate_map feature. ==== python-mailman ==== - Add support-click-8-0.patch: * Lightly rebased from upstream to support click 8.0 - Add support-sqlalchemy-1-4.patch: * Support running with SQLAlchemy 1.4 ==== qemu ==== Subpackages: qemu-arm qemu-audio-spice qemu-block-curl qemu-block-dmg qemu-block-gluster qemu-block-iscsi qemu-block-nfs qemu-block-rbd qemu-block-ssh qemu-chardev-baum qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-ipxe qemu-ksm qemu-lang qemu-microvm qemu-ppc qemu-s390x qemu-seabios qemu-sgabios qemu-skiboot qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios qemu-vhost-user-gpu qemu-x86 - Disabled skiboot building for PowerPC due to the following issue: https://github.com/open-power/skiboot/issues/265 - Fix possible mremap overflow in the pvrdma (CVE-2021-3582, bsc#1187499) hw-rdma-Fix-possible-mremap-overflow-in-.patch - Ensure correct input on ring init (CVE-2021-3607, bsc#1187539) pvrdma-Ensure-correct-input-on-ring-init.patch - Fix the ring init error flow (CVE-2021-3608, bsc#1187538) pvrdma-Fix-the-ring-init-error-flow-CVE-.patch ==== rtl-sdr ==== Subpackages: librtlsdr0 rtl-sdr-udev - patches: rtl-sdr-0003-disable-zerocopy-by-default.patch rtl-sdr-0007-allow-build-rtlsdr-as-subroject.patch rtl-sdr-0008-add-CMP0075-policy.patch rtl-sdr-0016-add-missing-rtlsdrConfig.patch rtl-sdr-0017-add-rtl_biast-as-install-target.patch rtl-sdr-0018-fix-for-older-cmake.patch merged into rtl-sdr-0015-modernize-cmake-usage.patch - patch rtl-sdr-0005-add-rtlsdr_set_bias_tee_gpio.patch merged into rtl-sdr-0006-add-rtl_biast.patch - Added patches to upgrade to latest git head (only significant changes), including: + rtl-sdr-0001-mmap-bug-arm.patch + rtl-sdr-0002-fix-rtlsdr_open-memory-leak.patch + rtl-sdr-0003-disable-zerocopy-by-default.patch + rtl-sdr-0004-fix-rtl_eeprom-warnings.patch + rtl-sdr-0005-add-rtlsdr_set_bias_tee_gpio.patch + rtl-sdr-0006-add-rtl_biast.patch + rtl-sdr-0007-allow-build-rtlsdr-as-subroject.patch + rtl-sdr-0008-add-CMP0075-policy.patch + rtl-sdr-0009-fix-FC0013-UHF-reception.patch + rtl-sdr-0010-improve-librtlsdr_pc.patch + rtl-sdr-0011-improve-rtl_power--scanning-range-parsing.patch + rtl-sdr-0012-use-udev-uaccess_rules.patch (not used) + rtl-sdr-0013-add-IPV6-for-rtl_tcp.patch + rtl-sdr-0014-initialize-listensocket_in-rtl_tcp.patch + rtl-sdr-0015-modernize-cmake-usage.patch + rtl-sdr-0016-add-missing-rtlsdrConfig.patch + rtl-sdr-0017-add-rtl_biast-as-install-target.patch + rtl-sdr-0018-fix-for-older-cmake.patch + rtl-sdr-0019-fix-short-write-in-r82xx_read.patch + rtl-sdr-0020-populate-pkgconfig-with-prefix.patch * Full bias tee support for RTL-SDR v3 dongle * Command line utility rtl_biast for controlling bias tee * IPV-6 support for rtl_tcp * Fixed some bugs and compile time issues ==== rubygem-bootsnap ==== Version update (1.7.5 -> 1.7.6) Subpackages: ruby2.7-rubygem-bootsnap ruby3.0-rubygem-bootsnap - updated to version 1.7.6 * Fix reliance on `set` to be required. * Fix `Encoding::UndefinedConversionError` error for Rails applications when precompiling cache. (#364) ==== rubygem-rubocop ==== Version update (1.18.3 -> 1.18.4) - updated to version 1.18.4 [#]## New features * [#9930](https://github.com/rubocop/rubocop/pull/9930): Support Ruby 2.7's pattern matching for `Lint/DuplicateBranch` cop. ([@koic][]) [#]## Bug fixes * [#9938](https://github.com/rubocop/rubocop/pull/9938): Fix an incorrect auto-correct for `Layout/LineLength` when a heredoc is used as the first element of an array. ([@koic][]) * [#9940](https://github.com/rubocop/rubocop/issues/9940): Fix an incorrect auto-correct for `Style/HashTransformValues` when value is a hash literal for `_.to_h{...}`. ([@koic][]) * [#9752](https://github.com/rubocop/rubocop/issues/9752): Improve error message for top level department used in configuration. ([@jonas054][]) * [#9933](https://github.com/rubocop/rubocop/pull/9933): Fix GitHub Actions formatter when running in non-default directory. ([@ojab][]) * [#9922](https://github.com/rubocop/rubocop/issues/9922): Make better auto-corrections in `Style/DoubleCopDisableDirective`. ([@jonas054][]) * [#9848](https://github.com/rubocop/rubocop/issues/9848): Fix handling of comments in `Layout/ClassStructure` auto-correct. ([@jonas054][]) * [#9926](https://github.com/rubocop/rubocop/pull/9926): Fix an incorrect auto-correct for `Style/SingleLineMethods` when method body is enclosed in parentheses. ([@koic][]) * [#9928](https://github.com/rubocop/rubocop/issues/9928): Fix an infinite loop error and a false auto-correction behavior for `Layout/EndAlignment` when using operator methods and `EnforcedStyleAlignWith: variable`. ([@koic][]) * [#9434](https://github.com/rubocop/rubocop/issues/9434): Fix false positive for setter calls in `Layout/FirstArgumentIndentation`. ([@jonas054][]) ==== rubygem-rubocop-ast ==== Version update (1.7.0 -> 1.8.0) - updated to version 1.8.0 [#]## New features * [#192](https://github.com/rubocop/rubocop-ast/pull/192): Add `branches` method for `AST::CaseMatchNode`. ([@koic][]) [#]## Changes * Escape References in Documentation, partially addressing https://github.com/rubocop/rubocop/issues/9150. ([@wcmonty][]) ==== systemsettings5 ==== Version update (5.22.3 -> 5.22.4) Subpackages: systemsettings5-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== vim ==== Version update (8.2.3075 -> 8.2.3204) Subpackages: gvim vim-data vim-data-common - Updated to version 8.2.3204, fixes the following problems - enable test_recover on x86_64/i586/ppc64* - disable-unreliable-tests.patch - disable faulty tests on arm and s390x arch - disable-unreliable-tests-arch.patch * Xxd always reports an old version string. (Åsmund Ervik) * Vim9: using try in catch block causes a hang. * Vim9: an error in a catch block is not reported. * Vim9: profile test fails. * Powershell core not supported by default. * Recover test fails on 32bit systems. (Ond?ej Súkup) * Cannot catch errors in a channel command. * A channel command "echoerr" does not show anything. * Crash when passing null string to charclass(). * Vim9: builtin function argument types are not checked at compile time. * JSONC files are not recognized. * Vim9: breakpoint on "for" does not work. * Gemtext files are not recognized. * With 'virtualedit' set to "block" Visual highlight is wrong after using "$". (Marco Trosi) * Garbage collection has useless code. * With concealing enabled and indirectly closing a fold the cursor may be somewhere in a folded line. * Vim9: default argument expression cannot use previous argument * Vim9: builtin function test fails without the +channel feature. * tablabel_tooltip test fails with Athena. (Dominique Pellé) * Test_popup_atcursor_pos() fails without the conceal feature. * With 'virtualedit' set to "block" block selection is wrong after using "$". (Marco Trosi) * Temp files remain after running tests. * Crash when using "quit" at recovery prompt and autocommands are triggered. * Popup window test is flaky on MS-Windows with GUI. * Vim9: missing catch/finally not reported at script level. * Vim9: no error when using type with unknown number of arguments. * Missing function prototype for vim_round(). * Test for crash fix does not fail without the fix. * Swap test may fail on some systems when jobs take longer to exit. * Vim9: unspecified function type causes type error. * Vim9: type of partial is wrong when it has arguments. * Vim9: confusing line number reported for error. * Vim9: error for arguments while type didn't specify arguments. * Test for remote_foreground() fails. (Elimar Riesebieter) * Check for $DISPLAY never fails. * A pattern that matches the cursor position is bit complicated. * Vim9: confusing error with extra whitespace before colon. * With concealing enabled and indirectly closing a fold the cursor may be somewhere in a folded line when it is not on the first line of the fold. * No error when for loop variable shadows script variable. * Amiga-like systems: build error using stat(). * Coverity complains about free_wininfo() use. * Vim9: crash when debugging a function with line continuation. * Vim9: type not properly checked in for loop. * Vim9: "any" type not handled correctly in for loop. * Compiler warning for unused argument. * Crypt with sodium test fails on MS-Windows. * 'listchars' "exceeds" character appears in foldcolumn. Window separator is missing. (Leonid V. Fedorenchik) * With 'nowrap' cursor position is unexected in narrow window. (Leonid V. Fedorenchik) * Vim9: confusing error when using white space after option, before one of "!&<". * Vim9: no error for white space between option and "=9". * Variables are set but not used. * Vim9: for loop error reports wrong line number. * Vim9: no error when adding number to list of string. * Vim9: uninitialzed list does not get type checked. * Vim9: imported uninitialized list does not get type checked. * Vim9: import test fails. * Compiler warns for size_t to colnr_T conversion. (Randall W. Morris) * Vim9: memory leak when add() fails. * Crash when using typename() on a function reference. (Naohiro Ono) * Vim9: builtin function arguments not checked at compile time. * No test for E187 and "No swap file". * Vim9: no error when a line only has a variable name. * Debugger test fails. * Functions for string manipulation are spread out. * No error when using :complete for :command without -nargs. * Vim9: type check for has_key() argument is too strict. * Vim9: A lambda may be compiled with the wrong context if it is called from a profiled function. * Vim9: no error when using an invalid value for a line number. * Vim9: profile test fails without profile feature. * Vim9: line number wrong for :execute argument. * Vim9: profiling does not work with a nested function. * Vim9: function arg type check does not handle base offset. * Some plugins have a problem with the error check for using :command with - complete but without -nargs. * Vim9: argument types are not checked at compile time. * Vim9: profiling fails if nested function is also profiled. * Vim9: accessing "s:" results in an error. * URLs with a dash in the scheme are not recognized. * Vim9: some type checks for builtin functions fail. * Some option related code not covered by tests. * Vim9: term_getansicolors() test fails without +termguicolors. * Crypt test may fail on MS-Windows. * Strange error message when using islocked() with a number. (Yegappan Lakshmanan) * Cursor displayed in wrong position after deleting line. * 'breakindent' does not work well for bulleted and numbered lists. * Vim9: no error when reltime() has invalid arguments. * Vim9: argument types are not checked at compile time. * Location list window may open a wrong file. * Vim9: in a || expression the error line number may be wrong. * Vim9: nested autoload call error overruled by "Unknown error". * Get E12 in a job callback when searching for tags. (Andy Stewart) * Vim9: type error for constant of type any. * Vim9: cannot handle nested inline function. * Illegal memory access in test. * Another illegal memory access in test. * MzScheme test fails. (Christian Brabandt) * Vim9: argument types are not checked at compile time. * Vim9: "legacy undo" finds "undo" variable. * Vim9: using illegal pointer with inline function inside a lambda. * Vim9: no type error for comparing number with string. * Vim9: can not use "for _ in expr" at script level. * Vim9: the file name of an :import cannot be an expression. * Vim9: cannot assign to an imported variable at script level. * Vim9: memory leak when concatenating to an imported string. * Vim9: builtin function test fails without channel feature. * Vim9: crash when using removing items from a constant list. (Yegappan Lakshmanan) * Duplicate error numbers. * Cannot add a digraph with a leading space. It is not easy to list existing digraphs. * Vim9: start of inline function found in comment line. * Vim9: not all failures for import tested * Vim9: popup timer callback is not compiled. * Vim9: argument types are not checked at compile time. * Vim9: error when using "try|". * Error messages are spread out. * Vim9: not enough code is tested. * Build failure with small version (Tony Mechelynck). * screenpos() is wrong when the last line is partially visible and 'display' is "lastline". * Vim9: argument types are not checked at compile time. * Vim9: unclear error when passing too many arguments to lambda. * Vim9: bool expression with numbers only fails at runtime. * Error messages are spread out. * Cannot use 'formatlistpat' for breakindent. * Vim9: execution speed can be improved. * Vim9: hard to guess where a type error is given. * Crash in test. * Vim9: tests are only executed for legacy script. * Vim9: compiled string expression causes type error. (Yegappan Lakshmanan) * Display garbled when 'cursorline' is set and lines wrap. (Gabriel Dupras) ==== xapps ==== Version update (2.2.0 -> 2.2.3) Subpackages: libxapp1 typelib-1_0-XApp-1_0 xapps-common xapps-common-lang - Update to version 2.2.3. * mate status applet: Change icon name in applet definition file, and add a new icon to the xapp hicolor set. * Fix mate status icon. - Updates for version 2.2.2. * l10n: Update translations - Update to version 2.2.1. * Update docs * test-scripts: Add a QSystemTrayIcon script. * qt-system-tray.py: use a class. * l10n: Update translations ==== xdg-desktop-portal-kde ==== Version update (5.22.3 -> 5.22.4) Subpackages: xdg-desktop-portal-kde-lang - Update to 5.22.4 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.4 - No code changes since 5.22.3 ==== yast2-control-center ==== Version update (4.4.1 -> 4.4.2) Subpackages: yast2-control-center-qt - Use correct path for yast2 binary (related to bsc#1154854). - 4.4.2 ==== yast2-nis-server ==== Version update (4.4.0 -> 4.4.1) - Set X-SuSE-YaST-AutoInstClient in the desktop file to properly determine the client name (bsc#1188644). - 4.4.1 ==== yast2-trans ==== Version update (84.87.20210718.64398090f3 -> 84.87.20210723.6ea31dfcf1) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20210723.6ea31dfcf1: * New POT for text domain 'users'. * New POT for text domain 'iscsi-client'. * New POT for text domain 'country'. * New POT for text domain 'control-center'. * Translated using Weblate (Portuguese (Brazil)) * New POT for text domain 'users'. * New POT for text domain 'autoinst'. ==== yast2-update ==== Version update (4.4.1 -> 4.4.2) - Avoid to bind-mount /run twice (bsc#1181066). - 4.4.2