Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&version=Tumbleweed&build=20240820 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: AppStream AppStream-qt6 SVT-AV1 (2.1.2 -> 2.2.0) bash (5.2.26 -> 5.2.32) emacs ffado (2.4.7 -> 2.4.9) flatpak (1.15.8 -> 1.15.10) gstreamer-plugins-bad heaptrack kernel-firmware-nvidia-gspx-G06 (550.100 -> 550.107.02) libdeflate (1.20 -> 1.21) libinput (1.26.0 -> 1.26.2) libntlm (1.7 -> 1.8) libpng16 librsvg (2.58.2 -> 2.58.3) libwacom (2.11.0 -> 2.12.2) libxmlb (0.3.18 -> 0.3.19) ncurses (6.5.20240810 -> 6.5.20240817) nvidia-open-driver-G06-signed (550.100_k6.10.5_1 -> 550.107.02_k6.10.5_1) openSUSE-release (20240818 -> 20240820) ovmf postfix python-tomli readline (8.2.10 -> 8.2.13) sane-backends selinux-policy (20240814 -> 20240816) systemd (256.4 -> 256.5) tiff xen (4.18.2_06 -> 4.19.0_02) === Details === ==== AppStream ==== - BuildRequire gettext-devel instead of gettext: allow OBS to shortcut through gettext-runtime-mini. ==== AppStream-qt6 ==== - BuildRequire gettext-devel instead of gettext: allow OBS to shortcut through gettext-runtime-mini. ==== SVT-AV1 ==== Version update (2.1.2 -> 2.2.0) - Update to release 2.2.0 * Improve the tradeoffs for the random access mode across presets: * Speedup of ~15% across presets M0 - M8 while maintaining similar quality levels * Improve the tradeoffs for the low-delay mode across presets * Increased temporal resolution setting to 6L for 4k resolutions by default * Added ARM optimizations for functions with c_only equivalent yielding an average speedup of ~13% for 4k10bit ==== bash ==== Version update (5.2.26 -> 5.2.32) Subpackages: bash-sh - Add upstream patches * bash52-027 The configure test for the presence of strtoimax(3) is inverted. * bash52-028 A DEBUG trap in an asynchronous process can steal the controlling terminal away from the calling shell, causing it to exit. * bash52-030 `wait -n' can fail to return some jobs if they exit due to signals the shell does not report to the user. * bash52-031 There is a memory leak in the code that implements the optimized $(<file) expansion for some code paths. * bash52-032 When printing functions containing coprocesses, the displayed coproc command has the word COPROC inserted unconditionally, resulting in function bodies that cannot be re-read as input. ==== emacs ==== Subpackages: emacs-el emacs-eln emacs-info emacs-nox etags - Only suggest emacs-games to avoid warning about game dir '/var/games/emacs': Permission denied (boo#1228058) ==== ffado ==== Version update (2.4.7 -> 2.4.9) - Update to version 2.4.9 * Support compilation against musl libc. * Remove build-time checks for utilities that are not used (pyuic). * Install the ffado-mixer appdata file only if ffado-mixer has been built. * Add a DATADIR option to scons and use it in line with GNU conventions. * Update the AppStream document with more complete information and in line with current best practice. * Rename XDG files to match modern standards. * Install XDG files manually to simplify the build script and avoid depending on xdg-utils. - Changes from version 2.4.8 * Make various mixer modules work under Python 3.10 and later: Presonus Firebox, Presonus FP10, Presonus Inspire1394 and Yamaha Go. * Deal with the removal of SafeConfigParser in Python 3.12. ==== flatpak ==== Version update (1.15.8 -> 1.15.10) Subpackages: flatpak-remote-flathub flatpak-selinux flatpak-zsh-completion libflatpak0 system-user-flatpak - Update to version 1.15.10: + Dependencies: In distributions that compile Flatpak to use a separate bubblewrap (bwrap) executable, version 0.10.0 is required. This version adds a new feature which is required by the security fix in this release. + Security fixes: Don't follow symbolic links when mounting persistent directories (--persist option). This prevents a sandbox escape where a malicious or compromised app could edit the symlink to point to a directory that the app should not have been allowed to read or write. (CVE-2024-42472, GHSA-7hgv-f2j8-xw87) + Documentation: Mark the 1.12.x and 1.10.x branches as end-of-life + Other bug fixes: Fix several memory leaks + Internal changes: - Record a log file when running build-time tests with AddressSanitizer - Add initial suppressions file for AddressSanitizer ==== gstreamer-plugins-bad ==== Subpackages: libgstadaptivedemux-1_0-0 libgstanalytics-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstinsertbin-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstmse-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0 - Add 85b4fbf40b1d53a4141941abf70d2d4d83eb140e.patch: msdk: replace strcmp with g_strcmp0. Because strcmp doesn't handle NULL. ==== heaptrack ==== Subpackages: heaptrack-gui - Add upstream change: * 0001-cmake-Fix-C-compatibility-of-libunwind-probes.patch ==== kernel-firmware-nvidia-gspx-G06 ==== Version update (550.100 -> 550.107.02) - Update to 550.107.02 - For CUDA update version to 560.28.03 ==== libdeflate ==== Version update (1.20 -> 1.21) - update to 1.21: * Fixed build error on x86 with gcc 8.1 and gcc 8.2. * Fixed build error on x86 when gcc 11 is paired with a binutils version that doesn't support AVX-VNNI e.g. as it is on RHEL 9. * Fixed build error on arm64 with gcc 6. * Fixed build error on arm64 with gcc 13.1 and later with some - mcpu options. * Enabled detection of dotprod support in Windows ARM64 builds. ==== libinput ==== Version update (1.26.0 -> 1.26.2) Subpackages: libinput-udev libinput10 - Update to release 1.26.2 * Added quirks for the LG Gram 14 and the Minisvorum V3 ==== libntlm ==== Version update (1.7 -> 1.8) - update to 1.8: * The release tarball is now reproducible. * We publish a minimal source-only tarball. * This tarball does not contain any generated files, and is sufficient to reproduce the full tarball (assuming build dependencies are available). * No changes since last version. ==== libpng16 ==== - Fix missing backslash ==== librsvg ==== Version update (2.58.2 -> 2.58.3) Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0 - Update to version 2.58.3: + A couple of fixes from fuzz testing: - Fix assertion failures with large Hue value in hsl() or hwb() colors. - Limit the baseFrequency for feTurbulence to avoid integer overflow. - Remove an obsolete test. ==== libwacom ==== Version update (2.11.0 -> 2.12.2) Subpackages: libwacom-data libwacom9 - update to 2.12.2 * Device Fixes: - HUION Kamvas 16 2019 - Prefix the kamvas pro 13 with Huion like all other Huion tablets - Fix the Huion Kamvas 12 file * Device Other: - Don't create a default match for fallback devices * Other Fixes: - Fix a memory leak - Set the device name in new_from_path() to override the fallback name * Tests: test: run ruff format over test_svg.py test: add support for testing new_from_path() through uinput - update to 2.12.1 * Device Fixes: - Drop the firmware match from the Huion Inspiroy 2 S * Features: - Fix off-by-one check for stripping the quote from NAME/UNIQ - Use g_clear_pointer() during libwacom_*_unref() - update to 2.12.0 * New Devices: - Huion Kamvas Pro 24 (GT-240, QHD) - Huion WH1409 - Wacom Movink - Wacom HID 49A0 (Dell latitude 5320 2-in-1) - Wacom HID 5334 Pen - XP-PEN Deco Mini 4 * Device Fixes: - Fix tablet file for the Huion Inspiroy 2S - Improve Huion Inspiroy 2 m support - Update the Inspiroy 2L - Add a dial to the Huion Inspiroy 2 L and M - Fix the Inspiroy 2S layout - Set the right PID for the Inpspiroy 2 L and M - Rename second ButtonB id in the DTI-520 svg layout - Fix Huion RTM-500 Support - Added more device names for Kamvas 13 variants - Fix buttons for Huion and Gaomon tablets - Mark huion/gaomon tablets with Dials as such - XP pen tablets have no Rings - Drop accidental comma from the Gaomon/Huion layout files * Device Other: - Auto generated HUION tablet description files - Auto generated GAOMON tablet description files - Remove layout files without buttons/strips/dials - Remove a superfluous rect from the huion mini keydial kd100 - Use NumRings instead of separate Ring/Ring2 - Switch DeviceMatch to use a pipe as separator - Add a firmware string entry to the matches - Skip over empty Layout= assignments * Features: - Rework match_from_string - Rework the match approach to prefer uniq over name - Allow to match by uniq without name - Add Gaomon S620 firmware match - Add support for relative dials - Add libwacom_new_from_builder to construct a new device * Other Fixes: - Fetch the name and uniq from udev properties, not sysfs - Keyboard devices are not ID_INPUT_TABLET_PAD - Don't mark a Mouse device as tablet or pad - Set the bustype in libwacom_new_for_path - Document touch strips * Tests: - Remove the requirement for a Layout file - Replace the SVG validity test with a pytest-based one - Add a test for unnecessary SVGs - Add some tracing to the svg validity test - Svgs for dials need to have CW and CCW labels, not Up/Down - Set proper test names for the hwdb tests - Skip errors in SVGs for autogenerated devices - Check the svg for Dial2 if we have two dials - Skip hwdb tests if the systemd commands fail - Install our hwdb file during the test - Add ids to the parametrized tablet file tests - Add a pytest wrapper for libwacom - Skip/fail with an error if the systemd commands failed - Replace the uinput-based hwdb test with a direct query - Don't reload the udev rules - Move the asan check into meson.build * Build: - Make pytest more verbose - Bump to meson 0.56.0 - More logging of the pytests - Split the pytest invocations into separate ones ==== libxmlb ==== Version update (0.3.18 -> 0.3.19) - update to 0.3.19: * Add xb_version_string() to get the runtime ABI version * - Add the runtime version as the default XMLb invalidation GUID ==== ncurses ==== Version update (6.5.20240810 -> 6.5.20240817) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20240817 + review/update foot for 1.18.1 -TD + add a note about DomTerm 3.2.0 -TD + add new glob-expressions variables to list in config.status script (patch by Werner Fink). + add --enable-install-prefix to modify behavior of $DESTDIR to merge or replace the value set by --prefix (adapted from suggestion by Eli Zaretskii). - Remove patch fix-20240810.patch as now upstream - Correct offsets of patches * ncurses-5.9-ibm327x.dif * ncurses-6.4.dif ==== nvidia-open-driver-G06-signed ==== Version update (550.100_k6.10.5_1 -> 550.107.02_k6.10.5_1) - Update to 550.107.02 - For CUDA update version to 560.28.03 - better summary and description for KMP ==== openSUSE-release ==== Version update (20240818 -> 20240820) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== ovmf ==== Subpackages: qemu-uefi-aarch64 - Removed -code/-vars files of AMD SEV flavor because SEV ovmf only supports unified image. - Updated 50-ovmf-x86_64-sev.json descriptor - Use ovmf-x86_64-sev.bin unified image instead of separate images ovmf-x86_64-sev-code/vars.bin. - add "mode": "stateless", currently SEV ovmf only supports stateless mode. - Removed "amd-sev" and "amd-sev-es" feature tags from the following descriptors because we separate SEV as a flavor: 60-ovmf-x86_64-2m.json 60-ovmf-x86_64.json - Add descriptors.tar.xz.README as the readme of descriptors.tar.xz ==== postfix ==== - Remove rcpostfix symlink [jsc#PED-266] - postfix-script requires cmp ==== python-tomli ==== - Make testing more verbose ==== readline ==== Version update (8.2.10 -> 8.2.13) - Add upstream patches * readline82-011 Some systems (e.g., macOS) send signals early on in interactive initialization, so readline should retry a failed open of the init file. * readline82-012 If a user happens to bind do-lowercase-version to something that isn't a capital letter, so _rl_to_lower doesn't change anything and the result is still bound to do-lowercase-version, readline can recurse infinitely. * readline82-013 When readline is accumulating bytes until it reads a complete multibyte character, reading a byte that makes the multibyte character invalid can result in discarding the bytes in the partial character. - Port patch readline-8.2.dif ==== sane-backends ==== Subpackages: libsane1 sane-backends-autoconfig - Cherry-pick upstream patch to remove unnecessary Unicode character * remove_unnecessary_unicode_character.patch - Use individual %patch statements over %autosetup to allow for different levels of path stripping for both patches ==== selinux-policy ==== Version update (20240814 -> 20240816) Subpackages: selinux-policy-targeted - Update to version 20240816: * Initial policy for syslog-ng (bsc#1229153) ==== systemd ==== Version update (256.4 -> 256.5) Subpackages: libsystemd0 libudev1 systemd-container udev - Import commit bef0958f4db1b774c23505e93537ffe16f1b3894 (merge of v256.5) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/5bba1ebe17564b606cc5d1c07b14123c... - Make the 32bit version of libudev.so available again (bsc#1228223) The symlink for building 32bit applications was mistakenly dropped when the content of libudev-devel was merged into systemd-devel. Provide the 32bit flavor of systemd-devel again, which should restore the plug and play support in Wine for 32bit windows applications. ==== tiff ==== - security update: * CVE-2024-7006 [bsc#1228924] Fix pointer deref in tif_dirinfo.c + tiff-CVE-2024-7006.patch ==== xen ==== Version update (4.18.2_06 -> 4.19.0_02) Subpackages: xen-libs xen-tools-domU - bsc#1228574 - VUL-0: CVE-2024-31145: xen: error handling in x86 IOMMU identity mapping (XSA-460) 66bb6f78-x86-IOMMU-move-tracking-in-iommu_identity_mapping.patch - bsc#1228575 - VUL-0: CVE-2024-31146: xen: PCI device pass-through with shared resources (XSA-461) 66bb6fa5-x86-pass-through-document-as-security-unsupported.patch - Upstream bug fixes (bsc#1027519) 66a8b8ac-bunzip2-rare-failure.patch - Update to Xen 4.19.0 FCS release (jsc#PED-8907) xen-4.19.0-testing-src.tar.bz2 - New Features * On x86: - Introduce a new x2APIC driver that uses Cluster Logical addressing mode for IPIs and Physical addressing mode for external interrupts. * On Arm: - FF-A notification support. - Introduction of dynamic node programming using overlay dtbo. * Add a new 9pfs backend running as a daemon in dom0. First user is Xenstore-stubdom now being able to support full Xenstore trace capability. * libxl support for backendtype=tap with tapback. - Changed Features * Changed flexible array definitions in public I/O interface headers to not use "1" as the number of array elements. * The minimum supported OCaml toolchain version is now 4.05 * On x86: - HVM PIRQs are disabled by default. - Reduce IOMMU setup time for hardware domain. - Allow HVM/PVH domains to map foreign pages. - Declare PVH dom0 supported with caveats. * xl/libxl configures vkb=[] for HVM domains with priority over vkb_device. * Increase the maximum number of CPUs Xen can be built for from 4095 to 16383. * When building with Systemd support (./configure --enable-systemd), remove libsystemd as a build dependency. Systemd Notify support is retained, now using a standalone library implementation. * xenalyze no longer requires `--svm-mode` when analyzing traces generated on AMD CPUs * Code symbol annotations and MISRA compliance improvements. - Removed Features * caml-stubdom. It hasn't built since 2014, was pinned to Ocaml 4.02, and has been superseded by the MirageOS/SOLO5 projects. * /usr/bin/pygrub symlink. This was deprecated in Xen 4.2 (2012) but left for compatibility reasons. VMs configured with bootloader="/usr/bin/pygrub" should be updated to just bootloader="pygrub". * The Xen gdbstub on x86. * xentrace_format has been removed; use xenalyze instead. - Dropped patches contained in new tarball 6617d62c-x86-hvm-Misra-Rule-19-1-regression.patch 6627a4ee-vRTC-UIP-set-for-longer-than-expected.patch 6627a5fc-x86-MTRR-inverted-WC-check.patch 662a6a4c-x86-spec-reporting-of-BHB-clearing.patch 662a6a8d-x86-spec-adjust-logic-to-elide-LFENCE.patch 663090fd-x86-gen-cpuid-syntax.patch 663a383c-libxs-open-xenbus-fds-as-O_CLOEXEC.patch 663a4f3e-x86-cpu-policy-migration-IceLake-to-CascadeLake.patch 663d05b5-x86-ucode-distinguish-up-to-date.patch 663eaa27-libxl-XenStore-error-handling-in-device-creation.patch 66450626-sched-set-all-sched_resource-data-inside-locked.patch 66450627-x86-respect-mapcache_domain_init-failing.patch 6646031f-x86-ucode-further-identify-already-up-to-date.patch 6666ba52-x86-irq-remove-offline-CPUs-from-old-CPU-mask-when.patch 666994ab-x86-SMP-no-shorthand-IPI-in-hotplug.patch 666994f0-x86-IRQ-limit-interrupt-movement-in-fixup_irqs.patch 666b07ee-x86-EPT-special-page-in-epte_get_entry_emt.patch 666b0819-x86-EPT-avoid-marking-np-ents-for-reconfig.patch 666b085a-x86-EPT-drop-questionable-mfn_valid-from-.patch 667187cc-x86-Intel-unlock-CPUID-earlier.patch 66718849-x86-IRQ-old_cpu_mask-in-fixup_irqs.patch 6671885e-x86-IRQ-handle-moving-in-_assign_irq_vector.patch 6672c846-x86-xstate-initialisation-of-XSS-cache.patch 6672c847-x86-CPUID-XSAVE-dynamic-leaves.patch 6673ffdc-x86-IRQ-forward-pending-to-new-dest-in-fixup_irqs.patch xsa458.patch - Enable support for ZSTD and LZO compression formats