Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&version... Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: MozillaFirefox (133.0 -> 133.0.3) libICE (1.1.1 -> 1.1.2) libSM (1.2.4 -> 1.2.5) libXau (1.0.11 -> 1.0.12) libXv (1.0.12 -> 1.0.13) libXxf86vm (1.1.5 -> 1.1.6) libxcvt (0.1.2 -> 0.1.3) libxshmfence (1.3.2 -> 1.3.3) mozjs128 mpg123 (1.32.9 -> 1.32.10) openSUSE-release (20241215 -> 20241216) === Details === ==== MozillaFirefox ==== Version update (133.0 -> 133.0.3) Subpackages: MozillaFirefox-branding-upstream - Mozilla Firefox 133.0.3 * Fixed the missing scrollbar in the Library window, such as when viewing History or Bookmarks. (bmo#1934482) * Fixed blurry line drawing on some Canvas elements when hardware acceleration is enabled. (bmo#1933668) ==== libICE ==== Version update (1.1.1 -> 1.1.2) - update to 1.1.2 * configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL * Set close-on-exec when opening files * gitlab CI: Update to latest CI templates * gitlab CI: add xz-utils to container for "make distcheck" * IceOpenConnection: stop processing messages if connection was closed * ConnectToPeer: return failure if malloc() fails * EXTRACT_STRING: Avoid writing to NULL pointer if malloc fails * _IceAddOpcodeMapping: Avoid writing to NULL pointer if malloc fails * Clear some -Wuseless-cast warnings from gcc 14.1 * IceReadCompleteMessage: callers need to check if malloc() failed * ProcessConnectionSetup: avoid writing to NULL pointer if malloc() failed * ProcessProtocolSetup: return failure if malloc() failed for ProtocolName * IceProtocolSetup: return failure if malloc() failed for authIndices * IceRegisterForProtocolSetup: return failure if malloc() failed * AuthRequired: avoid undefined behavior in memcpy() call * write_counted_string: avoid undefined behavior in fwrite() call * ICElibint.h: add do ... while (0) around macro definitions * ProcessAuthReply: Handle -Wconditional-uninitialized warning * libICE : Dereferencing a possible NULL pointer in error.c ==== libSM ==== Version update (1.2.4 -> 1.2.5) - update to 1.2.5: * Remove "All rights reserved" from Oracle copyright notices * configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL * gitlab CI: add xz-utils to container for "make distcheck" * unifdef __UNIXWARE__ * unifdef MNX_TCPCONN * SmcOpenConnection: remove cast of return value from getenv() * IceReadCompleteMessage callers need to check if malloc() failed ==== libXau ==== Version update (1.0.11 -> 1.0.12) - update to 1.0.12 * This release adds support for building with meson as well as autoconf, thanks to the work of Dylan Baker. - switched to meson build system ==== libXv ==== Version update (1.0.12 -> 1.0.13) - Update to version 1.0.13 * Remove "All rights reserved" from Oracle copyright notices * configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL * Use calloc instead of malloc and manual loops to zero array contents * XvQueryEncodings: avoid NULL deref if length is 0, but num_encodings is not * XvQueryAdaptors: avoid NULL deref if length is 0, but num_adaptors is not ==== libXxf86vm ==== Version update (1.1.5 -> 1.1.6) - Update to version 1.1.6 * Remove "All rights reserved" from Oracle copyright notices * configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL * Add X.Org's standard C warning flags to AM_CFLAGS * Add -no-undefined flag to LDFLAGS to fix Windows builds ==== libxcvt ==== Version update (0.1.2 -> 0.1.3) - Update to version 0.1.3 * cvt: fix -Wmissing-prototypes warning for cvt_is_standard * ci: Update CI and enable static analysis * README: remove double dollar sign * Fix hsync_start computation * Fix too-small back porch at very low resolutions * Rename constant to CVT_MIN_V_PORCH_RND ==== libxshmfence ==== Version update (1.3.2 -> 1.3.3) - update to 1.3.3 * configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL * configure: replace deprecated AC_HELP_STRING with AS_HELP_STRING * configure: replace deprecated AC_TRY_COMPILE with AC_COMPILE_IFELSE * alloc: Allow disabling memfd usage at runtime with XSHMFENCE_NO_MEMFD=1 * src/xshmfence_futex.h: fix build on 32-bit architectures using 64-bit time_t ==== mozjs128 ==== - Add mozjs128-CVE-2024-50602.patch: Backporting 51c70190 from upstream, * lib: Make XML_StopParser refuse to stop/suspend an unstarted parser. * lib: Be explicit about XML_PARSING in XML_StopParser. (CVE-2024-50602, bsc#1232599, bsc#1232602) ==== mpg123 ==== Version update (1.32.9 -> 1.32.10) Subpackages: libmpg123-0 mpg123-openal - Update to version 1.32.10 * scripts/tag_lyrics.py: fix for python3 * libout123: Use strtok_r() to avoid conflicts multithreaded contexts (both sides should avoid plain strtok()! * libmpg123: Un-break DLL builds that need I/O functions defined in libmpg123.c * ports/cmake: More fixup to also produce .pc files with Libs.private. ==== openSUSE-release ==== Version update (20241215 -> 20241216) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen