New Arm Tumbleweed snapshot 20221219 released!
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&version=Tumbleweed&build=20221219
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
7zip
apache2
apache2-manual
apache2-prefork
apache2-utils
ark
bash (5.2.12 -> 5.2.15)
brltty
cppcheck (2.9 -> 2.9.3)
cracklib (2.9.7 -> 2.9.8)
dracut (057+suse.351.ge78c8ff6 -> 057+suse.353.g6dab83eb)
elfutils-debuginfod
exiv2
freerdp
gcc13 (12.2.1+git537 -> 13.0.0+git197351)
git
gnutls
groff
groff-full
gtkmm3
gucharmap (14.0.3 -> 15.0.2)
highway
irqbalance
krb5
libcroco
libguestfs
libjxl
libqt5-qtbase (5.15.7+kde167 -> 5.15.7+kde177)
libqt5-qtdeclarative (5.15.7+kde18 -> 5.15.7+kde25)
libqt5-qtquickcontrols2 (5.15.7+kde6 -> 5.15.7+kde7)
libreoffice
libtool
libwnck
linux-glibc-devel (6.0 -> 6.1)
mozilla-nss (3.84 -> 3.85)
mozjs102 (102.5.0 -> 102.6.0)
mpc (1.2.1 -> 1.3.0)
nano (7.0 -> 7.1)
open-vm-tools (12.1.0 -> 12.1.5)
openconnect (8.20 -> 9.01)
openssh
openssl-1_1
openssl-3
osinfo-db (20221018 -> 20221130)
ovmf
pipewire (0.3.62 -> 0.3.63)
procps
python-anyio
python-importlib-resources (5.10.0 -> 5.10.1)
python-pycares (4.2.2 -> 4.3.0)
rsyslog (8.2210.0 -> 8.2212.0)
selinux-policy
shadow
shotwell (0.31.5 -> 0.31.7)
speech-dispatcher (0.10.2 -> 0.11.4)
sqlite3
webkit2gtk3
webkit2gtk3-soup2
xfsdump (3.1.11 -> 3.1.12)
xlockmore
xorg-x11-server
xscreensaver (6.05.1 -> 6.06)
xwayland
xz
yast2-add-on (4.5.2 -> 4.5.3)
yast2-packager (4.5.8 -> 4.5.9)
yast2-trans (84.87.20221203.a7355e12ff -> 84.87.20221210.680714a939)
zlib
=== Details ===
==== 7zip ====
- build for x86_64 subarchs the same way like for baseline
==== apache2 ====
- switch to pkgconfig(zlib) so that alternative providers can be
used
==== apache2-manual ====
- switch to pkgconfig(zlib) so that alternative providers can be
used
==== apache2-prefork ====
- switch to pkgconfig(zlib) so that alternative providers can be
used
==== apache2-utils ====
- switch to pkgconfig(zlib) so that alternative providers can be
used
==== ark ====
Subpackages: libkerfuffle22
- switch to pkgconfig(zlib) so that alternative providers can be
used
==== bash ====
Version update (5.2.12 -> 5.2.15)
Subpackages: bash-doc bash-sh
- Add upstream patches
* bash52-013
Bash can leak memory when referencing a non-existent associative
array element.
* bash52-014
Bash defers processing additional terminating signals when running
the EXIT trap while exiting due to a terminating signal. This
patch allows the new terminating signal to kill the shell immediately.
* bash52-015
There are several cases where bash is too aggressive when optimizing
out forks in subshells. For example, `eval' and traps should never
be optimized.
==== brltty ====
Subpackages: brltty-driver-at-spi2 brltty-driver-brlapi brltty-driver-speech-dispatcher brltty-driver-xwindow libbrlapi0_8 python3-brlapi system-user-brltty xbrlapi
- Use tmpfiles_create_package
- Use sysuser-tools unconditionally (bsc#1205161)
==== cppcheck ====
Version update (2.9 -> 2.9.3)
- update to 2.9.3:
* various GUI and premium feature handling bugfixes
==== cracklib ====
Version update (2.9.7 -> 2.9.8)
Subpackages: libcrack2
- update to 2.9.8:
* rules: Drop using register keyword
* add exec perms
* translation updates
* Use what's in the build environment and use a current autoconf
* util/Makefile.am: fix link with lintl
* Force grep to treat the input as text when formatting word files
==== dracut ====
Version update (057+suse.351.ge78c8ff6 -> 057+suse.353.g6dab83eb)
Subpackages: dracut-mkinitrd-deprecated
- Update to version 057+suse.353.g6dab83eb:
* revert(fips): check for fipscheck in libexec (bsc#1206431)
==== elfutils-debuginfod ====
Subpackages: debuginfod-profile libdebuginfod1
- Remove dependency to not used sysconfig package
- Weaken systemd dependency, no hard requires necessary
==== exiv2 ====
- switch to pkgconfig(zlib) so that alternative providers can be
used
==== freerdp ====
Subpackages: libfreerdp2-2 libwinpr2-2
- Complement fix for -DBUILTIN_CHANNELS=OFF to fix freerdp-proxy
accessing librdpgfx-client.so: freerdp-fix-rpath-settings.diff
Fixes second part of bnc#1205595.
==== gcc13 ====
Version update (12.2.1+git537 -> 13.0.0+git197351)
Subpackages: libasan8 libatomic1 libgcc_s1 libgfortran5 libgomp1 libhwasan0 libitm1 liblsan0 libobjc4 libstdc++6 libstdc++6-locale libstdc++6-pp libtsan2 libubsan1
- check each header separately
- Redo floatn fixinclude pick-up to simply keep what is there.
- Bump to 0a43f7b1a73c8e3b9cefffe430274d0a3d6d3291, git197351.
- Bump libgo SONAME to libgo22.
- Do not package libhwasan for biarch (32-bit architecture)
as the extension depends on 64-bit pointers.
- Sync cross.spec.in changes from gcc12 package.
- Bump to 380d62c14c99d8df13b7a86660e7ee67d01ad827, git197210.
- Adjust floatn fixincludes guard to work with SLE12 and earlier
SLE15.
- Bump to de144fdab17dbbb64ccb540056ab78b4ffb3fbbc, git197173.
- Depend on at least LLVM 13 for GCN cross compiler.
- Bump to 4304e09a1617bcf1c87f5bc96017ae5017379d75, git197155.
- Rebase gcc44-rename-info-files.patch.
- Bump to d13c359a49291f0a1206adbad4065677010b7e4b, git197143.
- Sync changes from gcc12 package
- Update embedded newlib to version 4.2.0
* includes newlib-4.1.0-aligned_alloc.patch
- Allow cross-pru-gcc12-bootstrap for armv7l architecture.
PRU architecture is used for real-time MCUs embedded into TI
armv7l and aarch64 SoCs. We need to have cross-pru-gcc12 for
armv7l in order to build both host applications and PRU firmware
during the same build.
- Bump to 2b0ae7fb91f64fb005abf7d7903fd4c0764bb45c, git197102.
- Handle new libstdc++exp.a lib.
- Bump to 5c0d171f67d082c353ddc319859111d3b9126c17, git196938.
- Add 2 new headers.
- Bump to b457b779427b0f7b3fbac447811c9c52db5bc79e, git196485.
==== git ====
Subpackages: git-core git-email git-gui git-svn git-web gitk perl-Git
- switch to pkgconfig(zlib) so that alternative providers can be
used
==== gnutls ====
Subpackages: libgnutls-dane0 libgnutls30 libgnutls30-hmac
- switch to pkgconfig(zlib) so that alternative providers can be
used
==== groff ====
- set doc-default-operating-system and doc-volume-operating-system
to $PRETTY_NAME [bsc#1185613]
==== groff-full ====
Subpackages: gxditview
- set doc-default-operating-system and doc-volume-operating-system
to $PRETTY_NAME [bsc#1185613]
==== gtkmm3 ====
- Drop baselibs.conf: there is no known consumer of the -32bit
package.
==== gucharmap ====
Version update (14.0.3 -> 15.0.2)
Subpackages: libgucharmap_2_90-7
- Update to version 15.0.2:
+ metainfo: Add screenshots and link them from metainfo.
+ build: Use GNOME module post_install().
+ all: Update to unicode 15.0.0.
+ Updated translations.
==== highway ====
- Added missing baselibs.conf so that 32bit library packages
become available
==== irqbalance ====
Subpackages: irqbalance-ui
- build for x86_64 subarchs the same way like for baseline
==== krb5 ====
Subpackages: krb5-client
- Drop 0009-Fix-KDC-null-deref-on-TGS-inner-body-null-server.patch,
already fixed in release 1.20.0
==== libcroco ====
- Drop baselibs.conf: there is no known consumer of the -32bit
package.
==== libguestfs ====
Subpackages: libguestfs-xfs libguestfs0
- Fix build with RPM 4.18: rpm wants to do a proper cleanup, and
fails on the design choice to have /usr/lib65 without write
permission. As we already tar'ed the content up, we can simply
change the permissions of winsupport's content to allow proper
erasing.
- Enable build on riscv64
==== libjxl ====
- Added missing baselibs.conf so that 32bit library packages
become available
==== libqt5-qtbase ====
Version update (5.15.7+kde167 -> 5.15.7+kde177)
Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5OpenGL5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-mysql libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 libqt5-qtbase-platformtheme-gtk3
- Update to version 5.15.7+kde177:
* Fix wrong to linear conversion
* QKeySequence: Add missing modifier names
* Scale BMP color samples with periodic bit expansion
* Send accessible focus event after list view has focus
* update function argument of SSL_CTX_set_options
* Openssl backend: reinsert a missing C in qCDebug
* Annotate QMutex with TSAN annotations
* Handle allocation failure in QImage rotate 90/180/270 functions
* xcb: Replace qCWarning by qCDebug in QXcbConnection::printXcbError()
* a11y: support GetAccessibleId for at-spi
- Drop patches, now upstream:
* 0001-Fix-wrong-to-linear-conversion.patch
==== libqt5-qtdeclarative ====
Version update (5.15.7+kde18 -> 5.15.7+kde25)
- Update to version 5.15.7+kde25:
* Make QaccessibleQuickWidget private API
* a11y: track item enabled state
* QQuickItem: avoid emitting signals during destruction
* Send ObjectShow event for visible components after initialized
* Implement accessibility for QQuickWidget
* Fix build after 95290f66b806a307b8da1f72f8fc2c69801933d0
* Don't convert QByteArray in `startDrag`
==== libqt5-qtquickcontrols2 ====
Version update (5.15.7+kde6 -> 5.15.7+kde7)
Subpackages: libQt5QuickControls2-5 libQt5QuickTemplates2-5
- Update to version 5.15.7+kde7:
* Fix the popup position of a Menu
==== libreoffice ====
Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-en libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit
- Use fixmath shared library
* use-fixmath-shared-library.patch
==== libtool ====
Subpackages: libltdl7
- switch to pkgconfig(zlib) so that alternative providers can be
used
==== libwnck ====
Subpackages: libwnck-3-0 typelib-1_0-Wnck-3_0
- Drop baselibs.conf: there is no known consumer of the -32bit
package.
==== linux-glibc-devel ====
Version update (6.0 -> 6.1)
- Update to kernel headers 6.1
==== mozilla-nss ====
Version update (3.84 -> 3.85)
Subpackages: libfreebl3 libfreebl3-hmac libsoftokn3 libsoftokn3-hmac mozilla-nss-certs mozilla-nss-tools
- update to NSS 3.85
* bmo#1792821 - Modification of the primes.c and dhe-params.c in
order to have better looking tables
* bmo#1796815 - Update zlib in NSS to 1.2.13
* bmo#1796504 - Skip building modutil and shlibsign when building
in Firefox
* bmo#1796504 - Use __STDC_VERSION__ rather than __STDC__ as a guard
* bmo#1796407 - Fix -Wunused-but-set-variable warning from clang 15
* bmo#1796308 - Fix -Wtautological-constant-out-of-range-compare
and -Wtype-limits warnings
* bmo#1796281 - Followup: add missing stdint.h include
* bmo#1796281 - Fix -Wint-to-void-pointer-cast warnings
* bmo#1796280 - Fix -Wunused-{function,variable,but-set-variable}
warnings on Windows
* bmo#1796079 - Fix -Wstring-conversion warnings
* bmo#1796075 - Fix -Wempty-body warnings
* bmo#1795242 - Fix unused-but-set-parameter warning
* bmo#1795241 - Fix unreachable-code warnings
* bmo#1795222 - Mark _nss_version_c unused on clang-cl
* bmo#1795668 - Remove redundant variable definitions in lowhashtest
* Add note about python executable to build instructions.
==== mozjs102 ====
Version update (102.5.0 -> 102.6.0)
- Update to version 102.6.0:
+ Various stability, functionality, and security fixes.
+ CVE-2022-46880: Use-after-free in WebGL.
+ CVE-2022-46872: Arbitrary file read from a compromised content
process.
+ CVE-2022-46881: Memory corruption in WebGL.
+ CVE-2022-46874: Drag and Dropped Filenames could have been
truncated to malicious extensions.
+ CVE-2022-46875: Download Protections were bypassed by .atloc
and .ftploc files on Mac OS.
+ CVE-2022-46882: Use-after-free in WebGL.
+ CVE-2022-46878: Memory safety bugs fixed in Firefox 108 and
Firefox ESR 102.6.
==== mpc ====
Version update (1.2.1 -> 1.3.0)
- Add mpc-1.3.0-gmpdep.patch to avoid dependence on stdio.h when
including mpc.h
- Update to version 1.3.0.
* New function: mpc_agm
* New rounding modes "away from zero", indicated by the letter "A"
and corresponding to MPFR_RNDA on the designated real or imaginary part.
* New experimental ball arithmetic.
* New experimental function: mpc_eta_fund
* Bug fixes:
- mpc_asin for asin(z) with small |Re(z)| and tiny |Im(z)|
- mpc_pow_fr: sign of zero part of result when the base has up to sign
the same real and imaginary part, and the exponent is an even
positive integer
- mpc_fma: the returned int value was incorrect in some cases
(indicating whether the rounded real/imaginary parts were
smaller/equal/greater than the exact values), but the computed
complex value was correct.
==== nano ====
Version update (7.0 -> 7.1)
- update to 7.1:
* When --autoindent and --breaklonglines are combined, pressing
<Enter> at a specific position no longer eats characters.
==== open-vm-tools ====
Version update (12.1.0 -> 12.1.5)
Subpackages: libvmtools0 open-vm-tools-desktop
- Don't list libgrpc++, libgrpc, and libprotobuf in the containerinfo Requires
section. The dependencies will be added automatically.
- Don't use new LDFLAGS, -labsl_synchronization -lgpr, when building for SLE.
- Add containerInfo plugin (jsc-PED-1344)
- Add dependencies on grpc, protobuf, and containerd for container
introspection
- Added patches (jsc-PED-1344)
+ detect-suse-location.patch
- Add _service to handle open-vm-tools sources
- Update to 12.1.5 (build 20735119) (boo#1205962)
- A number of Coverity reported issues have been addressed.
- The deployPkg plugin may prematurely reboot the guest VM before cloud-init
has completed user data setup. If both the Perl based Linux customization
script and cloud-init run when the guest VM boots, the deployPkg plugin
may reboot the guest before cloud-init has finished. The deployPkg
plugin has been updated to wait for a running cloud-init process to
finish before the guest VM reboot is initiated. This issue is fixed in
this release.
- A SIGSEGV may be encountered when a non-quiesing snapshot times out.
This issue is fixed in this release.
- Unwanted vmtoolsd service error message if not on a VMware hypervisor.
When open-vm-tools comes preinstalled in a base Linux release, the vmtoolsd
services are started automatically at system start and desktop login.
If running on physical hardware or in a non-VMware hypervisor, the services
will emit an error message to the Systemd's logging service before stopping.
This issue is fixed in this release.
==== openconnect ====
Version update (8.20 -> 9.01)
Subpackages: libopenconnect5 openconnect-bash-completion
- Update to release 9.01:
* Add support for AnyConnect "Session Token Re-use Anchor Protocol" (STRAP)
* Add support for AnyConnect "external browser" SSO mode
* Bugfix RSA SecurID token decryption and PIN entry forms, broken in v8.20
* Support Cisco's multiple-certificate authentication
* Revert GlobalProtect default route handling change from v8.20
* Support split-exclude routes for Fortinet
* Add webview callback and SAML/SSO support for AnyConnect, GlobalProtect
==== openssh ====
Subpackages: openssh-clients openssh-common openssh-server
- limit to openssl < 3.0 as this version is not compatible (bsc#1205042)
next version update will fix it
==== openssl-1_1 ====
Subpackages: libopenssl1_1 libopenssl1_1-hmac
- POWER10 performance enhancements for cryptography [jsc#PED-512]
* openssl-1_1-AES-GCM-performance-optimzation-with-stitched-method.patch
* openssl-1_1-Fixed-counter-overflow.patch
* openssl-1_1-chacha20-performance-optimizations-for-ppc64le-with-.patch
* openssl-1_1-Fixed-conditional-statement-testing-64-and-256-bytes.patch
* openssl-1_1-Fix-AES-GCM-on-Power-8-CPUs.patch
==== openssl-3 ====
- Fix X.509 Policy Constraints Double Locking [bsc#1206374, CVE-2022-3996]
* Add patch: openssl-3-Fix-double-locking-problem.patch
==== osinfo-db ====
Version update (20221018 -> 20221130)
- Update to database version 20221130
osinfo-db-20221130.tar.xz
- Add support for SLE Micro 5.4
add-slem5.4-support.patch
- Fix <derives-from id> value
add-slem5.3-support.patch
==== ovmf ====
Subpackages: qemu-uefi-aarch64
- Add ovmf-OvmfPkg-PlatformInitLib-Fix-integrity-checking-faile.patch
to avoid "NvVarStore Variable header State was invalid" issue when
rebooting or booting second time. System hangs when booting. (bsc#1206078)
The error message in ovmf log:
Select Item: 0x19
Select Item: 0x25
Reserved variable store memory: 0x7FF7C000; size: 528kb
NvVarStore Variable header State was invalid.
ASSERT /home/abuild/rpmbuild/BUILD/edk2-edk2-stable202211/OvmfPkg/Library/PlatformInitLib/Platform.c(807): ((BOOLEAN)(0==1))
==== pipewire ====
Version update (0.3.62 -> 0.3.63)
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools
- Update to version 0.3.63:
* Highlights
- Fix a critical bug that causes audio distortion in some cases
when using AVX2.
- Fix a crash in mpv caused by deinit of PipeWire.
- Resample the convolver IR to match the graph samplerate for
better results.
- Many more small bugfixes and improvements.
* PipeWire
- Fix a segfault in the PipeWire deinit code triggered by mpv
in some cases.
- Fix docs about SPA_PLUGIN_DIR.
- Always dlclose by default (even under valgrind). Add an
option with PIPEWIRE_DLCLOSE to select alternative behaviour.
- Improve PIPEWIRE_DEBUG category handling.
* modules
- Resample the IR for the convolver when the IR samplerate and
graph rate don't match.
* SPA
- Handle spurious reads from timerfd gracefully.
- Fix potential stack-use-after-scope when starting Audacity.
- Fix distorted audio when using AVX2.
- Remove fallback to default channel map in channelmix.
- Improve sorting of MIDI events, use the same order as Ardour.
- Enable LFE downmixing by default.
- Make IEC958/AC3 and IEC958/DTS work better by enforcing a
fixed minimal buffering for the encoder to avoid stuttering.
* Pulse-Server
- Add a new pulse.cmd config section to execute pulse commands,
currently only for loading modules. This removes the
dependency on pactl.
- Improve debug of messages.
- Rebase reduce-meson-dependency.patch.
- Add patch to add channel-map in the echo-cancel module:
* 0001-pulse-server-add-channel-map-in-echo-cancel-module.patch
==== procps ====
Subpackages: libprocps8
- Extend patch procps-3.3.17-library-bsc1181475.patch (bsc#1206412)
- Make sure that correct library version is installed (bsc#1206412)
==== python-anyio ====
- Skip trio exception tests for now
* https://github.com/agronholm/anyio/issues/508
* https://github.com/agronholm/anyio/commit/787cb0c2e53c2a3307873d202fbd49dc5e...
==== python-importlib-resources ====
Version update (5.10.0 -> 5.10.1)
- Update to v5.10.1
* v5.10.1
[#274]: Fixed ResourceWarning in _common.
==== python-pycares ====
Version update (4.2.2 -> 4.3.0)
- Update to version 4.3.0
* Bump cibuildwheel to build for Python 3.11 + CI total time speedups by @Jackenmen in #174
Fix tests that depended on external sites by @Jackenmen in #180
Complete the Python 3.11 support by @Jackenmen in #179
Drop CPython 3.6 by @saghul in #181
Improve test compatibility with pytest by @saghul in #182
Update c-ares submodule to 1.18.1 by @saghul in #183
==== rsyslog ====
Version update (8.2210.0 -> 8.2212.0)
- Upgrade to rsyslog 8.2212.0
* 2022-12-05: testbench: make python http server based tests more reliable
* 2022-12-05: omprog bugfix: invalid status handling at called program startup
* 2022-11-29: testbench bugfix: wrong message injection object of instance 1
* 2022-11-21: rsyslog.conf man page bugfix: description of selectors
* 2022-11-18: imtcp bugfix: legacy config directives did no longer work
* 2022-11-16: ksi bugfix: sending of too many signing requests fixed.
* 2022-11-14: bugfix: prevent potential segfault when switchung to queue emergency mode
* 2022-11-02: imjournal: add second fallback to _COMM
* 2022-10-25: core bugfix: local hostname invalid if no global() config object given
* 2022-10-25: testbench bugfix: fixed timing issue that sometimes lead to test failure
==== selinux-policy ====
Subpackages: selinux-policy-targeted
- Added fix_ipsec.patch: Allow AF_ALG socket creation for strongswan
(bnc#1206445)
- Added policy for wicked scripts under /etc/sysconfig/network/scripts
(bnc#1205770)
- Add fix_sendmail.patch
* fix context of custom sendmail startup helper
* fix context of /var/run/sendmail and add necessary rules to manage
content in there
==== shadow ====
Subpackages: libsubid4 login_defs
- bsc#1205502: Fix useradd audit event logging of ID field
* Add shadow-audit-no-id.patch
==== shotwell ====
Version update (0.31.5 -> 0.31.7)
- Update to version 0.31.7:
+ Actually run database upgrade necessary for date/time changes.
+ Fix comparing unset date/time values.
- Changes from version 0.31.6:
+ Improved interaction when exporting files that end up with a
similar name.
+ Google Photos: Fix batch uploading.
+ Tumblr: Fix not remembering login credentials.
+ Improve handling of images that do not have a GPS altitude.
+ Have import from folder follow symlinks.
+ Add an user interface to interact with the new profile feature.
+ Make a couple of UI strings clearer.
+ Remove video interpreter state handling - completely broken
and potentially responsible for causing indefinite re-checking
of video files.
+ Improve touchpad scaling vs scrolling.
+ Always enable face tagging. Face detection and recognition is
still opt-in on compile time due to the rather large OpenCV
dependency.
+ Support creating hierarchical tags by using
/a/sytax/with/slashes.
+ Use libportal to implement SendTo and Wallpaper settings.
+ Initial support for having multiple accounts per publishing
service. So far only works for Piwigo instances.
+ Create a new plugin preferences panel (prepare for account
management).
+ Convert all publishing processes to async libsoup3. With
HTTPS/2 becoming more prominent, the old method broke really
hard and was a bad habit anyway.
+ Fix an issue with the Saturation slider.
+ Remove a bunch of deprecated calls.
+ Remove deprecated date/time handling. Use DateTime more or less
everywhere.
+ Allow media to have exposure dates before 1.1.1970 00:00.
+ Updated translations.
- Drop -Dextra_plugins=true meson parameter: no longer supported.
- Drop pkgconfig(gdk-3.0) BuildRequires: no longer needed.
- Add pkgconfig(libportal-gtk3) BuildRequires: new dependency.
==== speech-dispatcher ====
Version update (0.10.2 -> 0.11.4)
Subpackages: libspeechd2 python3-speechd
- Update to version 0.11.4:
- Update CLDR to version 42 and symbols from NVDA.
- Fix audio plugin loading with dlopen.
- Fix atomicity of getting reply in threaded mode.
- Changes from 0.11.3:
- Fix back DefaultModule configuration.
- pico: Avoid falling to english when passed a bogus voice name.
- espeak: Fix setting voice type.
- Changes from 0.11.2:
- Fix loading xx-yy locales.
- Various memory leaks fixes.
- Add mimic3 configuration file.
- pico: Fix setting language vs voice.
- Make sure that modules report a list of voices.
- Update CLDR to version 41, symbols from NVDA and orca.
- Allow building without ltdl.
- Re-enable SSML in espeak-ng-mbrola module.
- Changes from 0.11.1:
- Add SPEECHD_PLUGIN_DIR environment variable.
- Fix listing voices of the default module.
- Changes from 0.11
- Support playing audio through the server.
- modules: Add support for loading from user's
.local/libexec/speech-dispatcher.
- symbols: Process symbols.dic before emojis.dic.
- symbols: Enable speechd symbols processing by default.
- modules: Moved speech dispatcher modules to
/usr/libexec/speech-dispatcher-modules
- espeak-ng: Add support for mbrola voices.
- mary: Add auto-detection.
- mary: Add newer voices.
- mary: Add volume, pitch, and rate support.
- ivona: Add auto-detection.
- festival: Strip head silence.
- generic: Add DefaultVoice option.
- es_ES: Add some gender neutral rules.
- Add SPEECHD_CMD environment variable.
- modules: Rewrite main functions with BSD licence, to let
proprietary modules easily reuse this as a basis.
- modules: Add skeletons ready for use as a basis for new
modules.
- Add script to run speechd from the build tree.
- Update CLDR to version 39, symbols from NVDA and orca.
- Add Esperanto translation.
- Sort modules by quality, let the best quality module be the
default.
- Rebase harden_speech-dispatcherd.service.patch.
- Migration to /usr/etc: Saving user changed configuration files
in /etc and restoring them while an RPM update.
- Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
* harden_speech-dispatcherd.service.patch
==== sqlite3 ====
Subpackages: libsqlite3-0 sqlite3-tcl
- bsc#1206337, CVE-2022-46908, sqlite-CVE-2022-46908.patch:
relying on --safe for execution of an untrusted CLI script
==== webkit2gtk3 ====
Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles
- Add upstream patch b7ac5d0c.patch: Fix build with Ruby 3.2.
==== webkit2gtk3-soup2 ====
Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles
- Add upstream patch b7ac5d0c.patch: Fix build with Ruby 3.2.
==== xfsdump ====
Version update (3.1.11 -> 3.1.12)
- update to 3.1.12:
* xfsrestore: fix on-media inventory media unpacking
* xfsrestore: fix on-media inventory stream unpacking
* xfsdump: fix on-media inventory stream packing
* xfsrestore: untangle inventory unpacking logic
==== xlockmore ====
- Install resource files in /usr/lib/X11/app-defeaults/XLock instead of
/usr/share.
Fixes bsc#1204597
==== xorg-x11-server ====
Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra xorg-x11-server-sdk
- U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch
* XkbGetKbdByName use-after-free (ZDI-CAN-19530, CVE-2022-4283,
bsc#1206017)
- U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch
* Server XTestSwapFakeInput stack overflow (ZDI-CAN 19265,
CVE-2022-46340, bsc#1205874)
- U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch
* Xi: return an error from XI property changes if verification
failed (no ZDI-CAN id, no CVE id, bsc#1205875)
- U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch
* Server XIChangeProperty out-of-bounds access (ZDI-CAN 19405,
CVE-2022-46344, bsc#1205876)
- U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch
* Server XIPassiveUngrabDevice out-of-bounds access (ZDI-CAN 19381,
CVE-2022-46341, bsc#1205877)
- U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch
* Server ScreenSaverSetAttributes use-after-free (ZDI-CAN 19404,
CVE-2022-46343, bsc#1205878)
- U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch
* Server XvdiSelectVideoNotify use-after-free (ZDI-CAN 19400,
CVE-2022-46342, bsc#1205879)
==== xscreensaver ====
Version update (6.05.1 -> 6.06)
Subpackages: xscreensaver-data xscreensaver-data-extra xscreensaver-lang
- update to 6.06:
* New hack hextrail
* marbling works again
* Adjust old hacks for higher resolution displays
* X11: More robust desktop image grabbing.
* X11: Various improvements to xscreensaver-settings
* X11: Supports "Lock" messages from systemd, e.g. when
logind.conf has "HandleLidSwitch=lock" instead of "suspend".
* Retired thornbird, which is redundant with discrete.
- drop xscreensaver-gtk3.patch, upstream
==== xwayland ====
- U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch
* XkbGetKbdByName use-after-free (ZDI-CAN-19530, CVE-2022-4283,
bsc#1206017)
- U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch
* Server XTestSwapFakeInput stack overflow (ZDI-CAN 19265,
CVE-2022-46340, bsc#1205874)
- U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch
* Xi: return an error from XI property changes if verification
failed (no ZDI-CAN id, no CVE id, bsc#1205875)
- U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch
* Server XIChangeProperty out-of-bounds access (ZDI-CAN 19405,
CVE-2022-46344, bsc#1205876)
- U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch
* Server XIPassiveUngrabDevice out-of-bounds access (ZDI-CAN 19381,
CVE-2022-46341, bsc#1205877)
- U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch
* Server ScreenSaverSetAttributes use-after-free (ZDI-CAN 19404,
CVE-2022-46343, bsc#1205878)
- U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch
* Server XvdiSelectVideoNotify use-after-free (ZDI-CAN 19400,
CVE-2022-46342, bsc#1205879)
==== xz ====
Subpackages: liblzma5
- Rename xz-static-devel -> xz-devel-static to follow the general
naming used in openSUSE.
==== yast2-add-on ====
Version update (4.5.2 -> 4.5.3)
- Fixed failure with the "media_url" element in AutoYaST profile
containing CDATA block with spaces (bsc#1205928)
- 4.5.3
==== yast2-packager ====
Version update (4.5.8 -> 4.5.9)
- Merged PR https://github.com/yast/yast-packager/pull/623
by Christopher Yeleighton
participants (1)
-
Guillaume Gardet