Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&version=Tumbleweed&build=20240924

Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports

Packages changed:
  mariadb
  meson (1.5.1 -> 1.5.2)
  ncurses (6.5.20240824 -> 6.5.20240922)
  openSUSE-release (20240923 -> 20240924)
  pipewire (1.2.3 -> 1.2.4)
  python-pip
  tiff (4.6.0 -> 4.7.0)
  yast2-storage-ng (5.0.18 -> 5.0.19)

=== Details ===

==== mariadb ====
Subpackages: libmariadbd19 mariadb-client mariadb-errormessages

- Read defaults during mysql_upgrade to respect client configuration

==== meson ====
Version update (1.5.1 -> 1.5.2)
Subpackages: meson-vim

- Update to version 1.5.2:
  + compilers: do not strip '-isystem' from C build arguments.
  + Prevent raw exception during project().
  + compilers: Pass mode to determine_args, not its string value.
  + nasm: Use different test sources for x86 and x86_64.
- BuildRequire gettext-devel instead of gettext: allow OBS to
  shortcut through gettext-runtime-mini.

==== ncurses ====
Version update (6.5.20240824 -> 6.5.20240922)
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen

- Add ncurses patch 20240922
  + add a few null-pointer checks in ncurses
  + improve test-driver in ncurses/link_test.c
  + restore background character in manpages as described in X/Open
    Curses section 3.3.6, and add option "-c" to test programs to
    illustrate a non-blank character in the window background property.
  + improve formatting/style of manpages (patches by Branden Robinson).
  + modify ncurses*-config to add -I option in --cflag where needed for
  - -disable-overwrite to match ".pc" files.
  + disallow directories and block/character devices in safe-open.
  + amend scr_restore() and scr_init() to remove the target window only
    after validating the source window which will replace the target
    (report by Zixi Liu).
- Add ncurses patch 20240914
  + modify _nc_flush() to also flush stderr to help the flash capability
    to work in bash (patch by Harm te Hennepe, cf: 20201128)
  + omit -g and -fXXX flags from CFLAGS in misc/ncurses-config.in
  + improve formatting/style of manpages (patches by Branden Robinson).
  + improve examples in NCURSES-Programming-HOWTO.html
  + update comments in terminfo.src -TD
- Add ncurses patch 20240831
  + build-fix for a case in msys2 where gettimeofday() was available but
    the fallback was partly configured.
  > patch by Rafael Kitover:
  + separate the _NC_WINDOWS platform macro into _NC_WINDOWS_NATIVE,
    for MinGW and other native Win32 support, and _NC_WINDOWS, to make
    some Win32 features available under the Cygwin runtime, in this case
    the term-driver.
  + make some minor adjustments to allow
    ./configure --enable-term-driver
    to also work on Cygwin platforms such as Cygwin and MSYS2.

==== openSUSE-release ====
Version update (20240923 -> 20240924)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd

- automatically generated by openSUSE-release-tools/pkglistgen

==== pipewire ====
Version update (1.2.3 -> 1.2.4)
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools

- Update to version 1.2.4:
  + Highlights:
  - Avoid a crash in cleanup of globals.
  - Use systemd-logind to scan for new devices in v4l2.
  - Some more bugfixes and improvements.
  + PipeWire:
  - Avoid a crash in cleanup of globals.
  - Improve RequestProcess dispatch.
  + Tools:
  - Improve float parsing.
  + SPA:
  - Clear the ringbuffer when stopping in libcamera.
  - Use systemd-logind to scan for new devices in v4l2.
  - Queue dropped first buffer in v4l2.
  - Unlink pcm devices when moving drivers to avoid broken pipe.
  + JACK:
  - Emit buffer_size callback in jack_activate() to improve
    compatibility with GStreamer.

==== python-pip ====

- Adapt disable-ssl-context-in-buildenv.patch to make it compatible
  with leap

==== tiff ====
Version update (4.6.0 -> 4.7.0)

- Update to 4.7.0:
  * This version restores in the default build the availability of
    the tools that had been dropped in v4.6.0
    See https://libtiff.gitlab.io/libtiff/rfcs/rfc2_restoring_needed_tools.html#rfc2-restoring-needed-tools
  * Software configuration changes:
    + autoconf build: configure.ac: avoid -Werror passed to CFLAGS to interfere with feature detection
    + autoconf build: fix error when running make clean (fixes issue #630)
    + autoconf build: back off the minimum required automake version to 1.11
    + autoconf.ac: fix detection of windows.h for mingw (fixes issue #605)
    + libtiff-4.pc: Fix Requires.private missing Lerc. It provides a .pc file
    starting from version 4 (in autoconf builds, we assume that liblerc is at least version 4)
    + CMake: Fix TIFF_INCLUDE_DIRS
    + CMake: MinGW compilers don't need a .def file for shared library
    + CMake: move libdeflate and Lerc to Requires.private
    + CMake: enable resource compilation on all Windows.
  * Library changes:
    + Add TIFFOpenOptionsSetMaxCumulatedMemAlloc(). This function complements
    TIFFOpenOptionsSetMaxSingleMemAlloc() to define the maximum cumulated memory
    allocations in byte, for a given TIFF handle, that libtiff internal memory
    allocation functions are allowed.
    + TIFFWriteDirectory(): Avoid overwriting following data if an IFD is enlarged.
    + TIFFXYZToRGB: avoid integer overflow (fixes issue #644)
    + uv_decode() and uv_encode(): avoid potential out-of-bounds array index (fixes issue #645)
    + Fix cases where tif_curdir is set incorrectly. Fix cases where the current directory number (tif_curdir)
    is set inconsistently or incorrectly, depending on the previous history.
    + TIFFRead[Scanline/EncodedStrip/EncodeTile]: 0-initialize output buffer if setupdecode fails ;
    most codecs: zero-initialize (not-yet-written parts of) output buffer if failure (fixes issue #375)
    + OJPEG: reset subsampling_convert_state=0 in OJPEGPreDecode (fixes issue #183)
    + ThunderRLE: fix failure when decoding last run. Bug seen with GhostPDL
    + LERC codec: deal with issues with multi-band PlanarConfig=Contig and NaN values
    + tif_fax3.c: error out after a number of times end-of-file has been reached (fixes issue #583)
    + LZW: avoid warning about misaligned address with UBSAN (fixes issue #616)
    + TIFFReadRGBAStrip/TIFFReadRGBATile: add more validation of col/row (fixes issue #622, CVE-2023-52356)
    + tif_dirread.c: only issue TIFFGetFileSize() for large enough RAM requests
    + Avoid FPEs (division by zero) in tif_getimage.c.
    + Avoiding FPE (division by zero) for TIFFhowmany_32() and TIFFhowmany_64() macros by checking for
    denominator not zero before macros are executed. (fixes issue #628)
    + Add non-zero check before division in TIFFComputeStrip()
    + Fix wrong return of TIFFIsBigTIFF() in case byte-swapping is active
    + Setting the TIFFFieldInfo field set_field_type should consider field_writecount not field_readcount
    + Avoid memory leaks when using TIFFCreateDirectory() by releasing the allocated memory in the tif-structure.
    + For non-terminated ASCII arrays, the buffer is first enlarged before a NULL is set at the end to
    avoid deleting the last character. (fixes issue #579)
    + Check return value of _TIFFCreateAnonField(). (fixes issue #624, CVE-2024-7006)
    + Prevent some out-of-memory attacks (https://gitlab.com/libtiff/libtiff/-/issues/614#note_1602683857)
    + Ensure absolute seeking is forced independent of TIFFReadDirectory success. (fixes issue #618)
    + tif_dirinfo.c: re-enable TIFFTAG_EP_CFAREPEATPATTERNDIM and TIFFTAG_EP_CFAPATTERN tags (fixes issue #608)
    + Fix warnings with GCC 14
    + tif_dir.c: Log source file, line number, and input tif for directory count error (fixes issue #627)
    + Last usage of get_field_type of TIFFField structure at TIFFWriteDirectorySec() changed to using set_field_type.
    + tif_jpeg.c/tif_ojpeg.c: remove likely ifdef tricks related to old compilers or unusual setups
    + Remove _TIFFUInt64ToFloat() and _TIFFUInt64ToDouble()
    + Remove support for _MSC_VER < 1500.
    + Use #ifdef _WIN32 to test for Windows, and tiffio.h: remove definition of __WIN32__
  * Documentation:
    + Amend manpages for changes in current directory index behaviour
    + Note on using TIFFFlush() before TIFFClose() to check that the data has been successfully written to the file. (fixes issue #506)
    + Update TIFF documentation about TIFFOpenOptions.rst and TIFFOpenOptionsSetMaxSingleMemAlloc() usage and some other small fixes (relates to CVE-2024-7006)
  * Re-added tools:
    + fax2ps
    + fax2tiff
    + pal2rgb
    + ppm2tiff
    + raw2tiff
    + rgb2ycbcr (not installed)
    + thumbnail (not installed)
    + tiff2bw
    + tiff2rgba
    + tiffcmp
    + tiffcrop
    + tiffdither
    + tiffgt
    + tiffmedian
    + tiff2ps
    + tiff2pdf
  * New/improved functionality:
    + tiff2rgba: Add background gradient option for alpha compositing
    + tiffcp: -i flag restored
  * Bug fixes for tools:
    + tiffcrop: address Coverity scan issues 1605444, 1605445, and 16054
    + tiffcrop: Apply "Fix heap-buffer-overflow in function extractImageSection"
    + tiffcrop: fix buffer overflows, use after free (fixes issue #542, issue #550, issue #552)
    + tiff2pdf: address Coverity scan issues
    + tiff2pdf: fix inconsistent PLANARCONFIG value for the input and output TIFF
    + tiff2pdf: fix issue with JPEG restart-interval marker when converting from JPEG-compressed files (fixes issue #539)
    + tiff2pdf: red and blue were being swapped for RGBA decoding (fixes issue #253)
    + tiff2pdf: fixes issue #596
    + thumbnail: address Coverity scan issues
    + tiffcp: Add check for limitMalloc return to fix Coverity 1603334
    + tiffcp: preserve TIFFTAG_REFERENCEBLACKWHITE when doing YCbCr JPEG -> YCbCr JPEG
    + tiffcp: replace PHOTOMETRIC_YCBCR with PHOTOMETRIC_RGB when outputing to compression != JPEG (refs issue #571)
    + tiffcp: do not copy tags YCBCRCOEFFICIENTS, YCBCRSUBSAMPLING, YCBCRPOSITIONING, REFERENCEBLACKWHITE. Only set YCBCRSUBSAMPLING when generating YCbCr JPEG
    + tiffcp: Check also codec of input image, not only from output image (fixes issue #606)
    + Add some basic sanity checks for tiffcp and tiffcrop RGB->YCbCr JPEG conversions.
    + fax2ps and fax2tiff: memory leak fixes (fixes issue #476)
    + tiffmedian: memory leak fixes (fixes issue #599)
    + fax2tiff: fix EOFB interpretation (fixes issue #191)
    + fax2tiff: fix issue with unreasonable width input (fixes issue #249)
    + tiffcp and tiffcrop: fixes issue #228
    ... changelog too long, skipping 10 lines ...
- Tools are not built for now due to test failure: `FAIL: tiffcp-32bpp-None-jpeg.sh`

==== yast2-storage-ng ====
Version update (5.0.18 -> 5.0.19)

- Use the newer exfatprogs instead of exfat-utils (bsc#1187854)
- 5.0.19