Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&version=Tumbleweed&build=20230907 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: alsa (1.2.9 -> 1.2.10) alsa-ucm-conf (1.2.9 -> 1.2.10) alsa-utils (1.2.9 -> 1.2.10) at-spi2-core (2.48.3 -> 2.48.4) bluez (5.68 -> 5.69) crypto-policies drbd (9.0.30~1+git.8e9c0812 -> 9.1.16) drbd-utils (9.19.0 -> 9.25.0) elfutils-debuginfod glib2 (2.76.4 -> 2.76.5) gnome-shell (44.3 -> 44.4) grep grub2 javapackages-tools (6.1.0 -> 6.2.0) konsole libadwaita (1.3.4 -> 1.3.5) libei (1.0.0 -> 1.1.0) libgphoto2 (2.5.30 -> 2.5.31) libstorage-ng (4.5.136 -> 4.5.139) lsb-release man mozilla-nss (3.92 -> 3.93) mozjs102 (102.14.0 -> 102.15.0) multipath-tools (0.9.5+68+suse.d1b6a1c -> 0.9.6+71+suse.f07325e) mutter (44.3 -> 44.4) nodejs20 (20.5.1 -> 20.6.0) open-isns perl-URI (5.19 -> 5.210.0) pigz (2.7 -> 2.8) python-async_timeout (4.0.2 -> 4.0.3) python-chardet (5.1.0 -> 5.2.0) python-lxml python-outcome python-psycopg2 (2.9.6 -> 2.9.7) python-setuptools (67.8.0 -> 68.1.2) qpdf (11.5.0 -> 11.6.0) rdma-core shaderc (2023.4 -> 2023.6) suse-module-tools (16.0.34 -> 16.0.35) unbound (1.17.1 -> 1.18.0) vsftpd webkit2gtk3 webkit2gtk3-soup2 wireless-regdb (20230721 -> 20230901) yast2-trans (84.87.20230818.ea489402e5 -> 84.87.20230901.be24cb382f) zvbi (0.2.41 -> 0.2.42) zypper (1.14.62 -> 1.14.64) === Details === ==== alsa ==== Version update (1.2.9 -> 1.2.10) Subpackages: libasound2 libatopology2 - Update to version 1.2.10: * MIDI 2.0 feature support * build fixes for various platforms * various documentation fixes * misc topology fixes * ucm fixes and cleanups For details, see: https://www.alsa-project.org/wiki/Changes_v1.2.9_v1.2.10#alsa-lib - Took upstream fix for possible build errors: 0001-control.h-Fix-ump-header-file-detection.patch ==== alsa-ucm-conf ==== Version update (1.2.9 -> 1.2.10) - Update to version 1.2.10: * updates / fixes for various devices: mtk-rt5650, usb-audio, tegra es8316, sof-essx8336, pinephone, Steinberg UR44C, AMD ACP RPL, ACP63, sof-hda-dsp, etc For details, see: https://www.alsa-project.org/wiki/Changes_v1.2.9_v1.2.10#alsa-ucm-conf - Upstream regression fix: 0001-SplitPCM-Device-argument-may-not-be-set.patch ==== alsa-utils ==== Version update (1.2.9 -> 1.2.10) - Update to alsa-utils 1.2.10: * MIDI 2.0 / UMP support for sequencer programs * nhlt: add nhlt-dmic-info utility * Build fixes and cleanups * speaker-test: allow large buffer and period time setup - up to 100 seconds * various topology fixes For details, see: https://www.alsa-project.org/wiki/Changes_v1.2.9_v1.2.10#alsa-utils - Fix the builds with old gcc: 0001-axfer-use-ATTRIBUTE_UNUSED-instead-remove-argument-n.patch 0002-amidi-use-ATTRIBUTE_UNUSED-instead-remove-argument-n.patch 0003-alsaloop-use-ATTRIBUTE_UNUSED-instead-remove-argumen.patch 0004-bat-use-ATTRIBUTE_UNUSED-instead-remove-argument-nam.patch 0005-seq-use-ATTRIBUTE_UNUSED-instead-remove-argument-nam.patch 0006-alsaucm-use-ATTRIBUTE_UNUSED-instead-remove-argument.patch 0007-topology-use-ATTRIBUTE_UNUSED-instead-remove-argumen.patch ==== at-spi2-core ==== Version update (2.48.3 -> 2.48.4) Subpackages: libatk-1_0-0 libatk-bridge-2_0-0 libatspi0 typelib-1_0-Atk-1_0 typelib-1_0-Atspi-2_0 - Update to version 2.48.4: + Add atspi_get_version() to return the runtime version of the AT-SPI library. + collection: - Fix match testing for attributes. - Avoid locking up if an object has a very large child count. + Fix possible NULL pointer dereference when deregistering an event listener. + Various fixes for the new key grabbing API. ==== bluez ==== Version update (5.68 -> 5.69) Subpackages: bluez-auto-enable-devices bluez-cups bluez-zsh-completion libbluetooth3 - update to 5.69 * Fix issue with BAP enabling state correctly when resuming. * Fix issue with detaching source ASEs only after Stop Ready. * Fix issue with handling VCP audio location and descriptor. * Fix issue with generating IRK for adapter with privacy enabled. * Add support for BAP broadcast sink. - Add three new man pages ==== crypto-policies ==== Subpackages: crypto-policies-scripts - Tests: Fix pylint versioning for TW and fix the parsing of the policygenerators to account for the commented lines correctly. * Add crypto-policies-pylint.patch * Rebase crypto-policies-policygenerators.patch - FIPS: Adapt the fips-mode-setup script to use the pbl command from the perl-Bootloader package to replace grubby. Add a note for transactional systems [jsc#PED-4578]. * Rebase crypto-policies-FIPS.patch ==== drbd ==== Version update (9.0.30~1+git.8e9c0812 -> 9.1.16) Subpackages: drbd-kmp-64kb drbd-kmp-default - Update DRBD version from 9.0.30+ to 9.1.16 (PED-6362) * 9.1.16 (api:genl2/proto:86-121/transport:18) * shorten times DRBD keeps IRQs on one CPU disabled. Could lead to connection interruption under specific conditions * fix a corner case where resync did not start after resync-pause state flapped * fix online adding of volumes/minors to an already connected resource * fix a possible split-brain situation with quorum enabled with ping-timeout set to (unusual) high value * fix a locking problem that could lead to kernel OOPS * ensure resync can continue (bitmap-based) after interruption also when it started as a full-resync first * correctly handle meta-data when forgetting diskless peers * fix a possibility of getting a split-brain although quorum enabled * correctly propagate UUIDs after resync following a resize operation. Consequence could be a full resync instead of a bitmap-based one * fix a rare race condition that can cause a drbd device to end up with WFBitMapS/Established replication states * 9.1.15 (api:genl2/proto:86-121/transport:18) * fix how flush requests are marked when submitted to the Linux IO stack on the secondary node * when establishing a connection failed with a two-pc timeout, a receiver thread deadlocked, causing drbdsetup calls to block on that resource (difficult to trigger) * fixed a NULL-ptr deref (a OOPS) caused by a rare race condition while taking a resource down * fix a possible hard kernel-lockup, can only be triggerd when a CPU-mask is configured * updated kernel compatibility to at least Linux head and also fixed a bug in the compat checks/rules that caused OOPSes of the previous drbd releases when compiled with Linux-6.2 (or on RHEL 9.2 kernel). * fix an aspect of the data-generation (UUID) handling where DRBD failed to do a resync when a diskless node in the remaining partition promotes and demotes while a diskful node is isolated * fix an aspect of the data-generation (UUID) handling where DRBD considered a node to have unrelated data; this bug was triggered by a sequence involving removing two nodes from a cluster and readding one with the "day-0" UUIDs. * do not block specific state changes (promote, demote, attach, and detach) when only some nodes add a new minor * 9.1.14 (api:genl2/proto:86-121/transport:18) * fix a race with concurrent promotion and demotion, which can lead to an unexpected "split-brain" later on * fix a specific case where promotion was allowed where it should not * fix a race condition between auto-promote and a second two-phase commit that can lead to a DRBD thread locking up in an endless loop * fix several bugs with "resync-after": - missing resync-resume when minor numbers run in opposite direction as the resync-after dependencies - a race that might lead to an OOPS in add_timer() * fix an OOPS when reading from in_flight_summary in debugfs * fix a race that might lead to an endless loop of printing "postponing start_resync" while starting a resync * fix diskless node with a diskfull with a 4KiB backend * simplify remembering two-pc parents, maybe fixing a one-time-seen bug * derive abort_local_transaction timeout from ping-timeout * 9.1.13 (api:genl2/proto:86-121/transport:18) * when calculating if a partition has quorum, take into account if the missing nodes might have quorum * fix forget-peer for diskless peers * clear the resync_again counter upon disconnect * also call the unfence handler when no resync happens * do not set bitmap bits when attaching to an up-to-date disk (late) * work on bringing the out-of-tree DRBD9 closer to DRBD in the upstream kernel; Use lru_cahche.ko from the installed kernel whenever possible * 9.1.12 (api:genl2/proto:86-121/transport:18) * fix a race that could result in connection attempts getting aborted with the message "sock_recvmsg returned -11" * rate limit messages in case the peer can not write the backing storage and it does not finish the necessary state transitions * reduced the receive timeout during connecting to the intended 5 seconds (ten times ping-ack timeout) * losing the connection at a specific point in time during establishing a connection could cause a transition to StandAlone; fixed that, so that it keeps trying to connect * fix a race that could lead to a fence-peer handler being called unexpectedly when the fencing policy is changed at the moment before promoting * 9.1.11 (api:genl2/proto:86-121/transport:18) * The change introduced with 9.1.10 created another problem that might lead to premature request completion (kernel crash); reverted that change and fix it in another way * 9.1.10 (api:genl2/proto:86-121/transport:18) * fix a regression introduced with 9.1.9; using protocol A on SMP with heavy IO can might cause kernel crash * 9.1.9 (api:genl2/proto:86-121/transport:18) * fix a mistake in the compat generation code; it broke DRBD on partitions on kernel older than linux 5.10 (this was introduced with drbd-9.1.8; not affected: logical volumes) * fix for a bug (introduced with drbd-9.0.0), that caused possible inconsistencies in the mirror when using the 'resync-after' option * fix a bug that could cause a request to get stuck after an unlucky timing with a loss of connection * close a very small timing window between connect and promote that could lead to the new-current-uuid not being transmitted to the concurrently connecting peer, which might lead to denied connections later on * fix a recently introduced OOPS when adding new volumes to a connected resource ... changelog too long, skipping 131 lines ... - bsc-1206791-09-pmem-use-fs_dax_get_by_bdev-instead-of-dax_get_by_ho.patch ==== drbd-utils ==== Version update (9.19.0 -> 9.25.0) - Update to 9.25.0 (PED-5842) * drbdsetup,v9,show: fix meta disk format for json * drbdmeta: {hex,}dump superblock * drbdmon: major rewrite * build: gcc v12 cleanups * misc: put locks into separate dir * selinux: add fowner fsetsid, they dropped a global noaudit rule * v9: Support user-defined block-size * doc,v9: improvements all over the place * drbdadm,v9: implement drbdadm role <res:peer> * drbdadm,v9: pass --verbose/--statistics to drbdsetup status * drbd{adm,meta}: add repair-md subcommand * drbdadm,v9,resync-after: fix too strict check * drbdadm,v9,floating: fixup fake uname for 9.2.x strict_names=1 * drbdadm,v9,parser: fixup globs, also rm GNU libc specific extensions * drbdadm,v9,parser: allow via outside-address for NATed peers * parser,v9: deprecate named connections * drbd-selinux: add sub package, minor packaging/spec changes * drbdadm: allow files from expanded glob to vanish * drbdadm,v9: fix potential segfault in postparse * drbdadm,v9: fix sh-ip when set on connection/path * drbdmeta: fix apply-al for bitmap sizes > 4GiB * drbd-service-shim.sh: add secondary --force * ocf: fix for dropped --peer option * drbdsetup,v9: show susupend reason in json output * drbdsetup,v9: add secondary --force * drbdsetup,v9: fix *susp_str() for events2 diff mode * drdbdadm,v9: fix sh-resource * drdbdadm,v9: rm --peer=connect_to_host * ocf: deal with situation where PM node name and actual node name do not match * notify.sh: deal with unset DRBD_PEER env variable * crm-fence-peer: fix timeout with Pacemaker 2.0.5 * drbdmeta: don't wait for confirmation if not a TTY * drbdadm,v9: Pass '--force' to certain drbdmeta commands * drbdmeta: do init in chunks; allow different methods * build: various minor fixes (udev detection, POSIX, compiler flags, allow doc building with asciidoctor,...) * drbd.ocf: fix type (relevant for certain pcs versions) * crm-fence-peer: fix timeout with Pacemaker 2.1 * v9,proxy: allow multiple sharing a proxy node * v9,drbdsetup: quote resource name in "show" * build: allow building for RHEL9.0, minor cleanups * reactor/systemd: allow proper actions (e.g., reboot) if demotion fails. - introduce new systemd service: drbd-demote-or-escalate@.service - remove v83 v84 binaries (incompatible with kmp) - drop patches which are already included in latest code: - 0001-crm-fence-peer-fix-timeout-with-Pacemaker-2.1-milli-.patch - 0002-crm-fence-peer-fix-timeout-with-Pacemaker-2.0.5-mill.patch - add upstream patch: + 0001-drbdadm-v9-do-not-segfault-when-re-configuring-proxy.patch + 0002-user-drbrdmon-add-missing-stdint.h-includes.patch + 0003-Introduce-default_types.h-header.patch - change patch name: - 0001-Disable-quorum-in-default-configuration-bsc-1032142.patch + bsc-1032142_Disable-quorum-in-default-configuration.patch - rebase patch: + pie-fix.patch + rpmlint-build-error.patch ==== elfutils-debuginfod ==== Subpackages: debuginfod-client debuginfod-profile libdebuginfod1 - Conditionalize config(debuginfod-profile) Requires tag in the debuginfod-client sub-package, with the help of the %sle_version macro, so only Tumbleweed (currently the only distro supported by debuginfod.opensuse.org) sets it. ==== glib2 ==== Version update (2.76.4 -> 2.76.5) Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 libgthread-2_0-0 - Update to version 2.76.5: + Bugs fixed: - Possible SEGV (null pointer deref) in distribute_method_call(). - Possible SEGV (null pointer deref) in _g_resource_file_new(). - Backport !3529 “gmenuexporter: synchronization in org_gtk_Menus_get_interface.” to glib-2-76. - Backport !3547 “glib/gfileutils.c: use 64 bits for value in get_tmp_file()” to glib-2-76. - Backport !3554 “gresourcefile: Fix crash if called with a badly escaped URI” to glib-2-76. - Backport !3555 “gkeyfile: Fix overwriting of GError” to glib-2-76. - Backport !3539 “gdbusmessage: Validate required headers have the right type” to glib-2-76. ==== gnome-shell ==== Version update (44.3 -> 44.4) Subpackages: gnome-extensions gnome-shell-calendar - Update to version 44.4: + Fix accessibility of quick settings sliders. + Allow notification dismissal with backspace. + Misc. bug fixes and cleanups. + Updated translations. ==== grep ==== - export CONFIG_SHELL=/bin/sh before running configure: results in the shell script (egrep/fgrep) to receive a /bin/sh shebang instead of requiring bash (the local shell used to build). ==== grub2 ==== Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin - grub2-mkconfig-riscv64.patch: Handle riscv64 in mkconfig ==== javapackages-tools ==== Version update (6.1.0 -> 6.2.0) Subpackages: javapackages-filesystem - Upgrade to upstream version 6.2.0 * Întegrate our changes from javapackages-6.1.0-maven-depmap.patch - Removed patch: * javapackages-6.1.0-maven-depmap.patch + upstreamed - Added patch: * 0001-Make-the-alias-generation-reproducible.patch + separate patch for our reproducible changes that was not part of the integrated pull request ==== konsole ==== Subpackages: konsole-part konsole-part-lang konsole-zsh-completion - Add upstream crash fix (kde#473043) * 0001-Fix-crashes-in-testTerminalInterface.patch ==== libadwaita ==== Version update (1.3.4 -> 1.3.5) Subpackages: libadwaita-1-0 typelib-1_0-Adw-1 - Update to version 1.3.5: + Set the correct gettext domain on all widgets. + AdwExpanderRow: Accessibility fixes. + AdwStyleManager: Fix over-releasing a string on macOS. + Demo: Correctly dismiss the last toast in the dialogs demo. + Stylesheet: - Fix menubutton.card corners. - Fix button.card focus ring transition. - Avoid background overdraw in GtkColumnView. + Updated translations. ==== libei ==== Version update (1.0.0 -> 1.1.0) - Update to release 1.1 * Correct documentation for ei_touch_(get|set)_user_data - Update to release 1.0.901 (1.1.0~rc1) * ei_device_get_region_at() and its libeis equivalent was added as a helper to obtain a device's region at a given point. * ei_region_get_mapping_id() returns the mapping id previously set by the EIS implementation via eis_region_set_mapping_id(). This mapping id can be used to identify external resources that have a relationship with this region. This is a protocol addition and bumps the ei_device protocol to version 2. ==== libgphoto2 ==== Version update (2.5.30 -> 2.5.31) Subpackages: libgphoto2-6 libgphoto2_port12 - updated to 2.5.31 release ptp2: * do better event queueing during capture (makes capture faster, avoids losing events) * Canon EOS: OLC logic rewritten to be table driven, more debugging of the content, config "testolc" to generate debugoutput. Supports more cameras better. * Canon EOS: various bugfixes * Sony Alpha: Added config options: focusarea, liveviewsettingeffect * Olympus: Enabled OM-1 capture * Battery Level: also support ENUM style battery reporting for Canon * Nikon 1: S1 also does not support everything * Sony Alpha: small changes in config setters * merged some improvements from NorthOfYou fork for Canon EOS, Nikon and Sony * New ids: - Canon EOS 850D, R7, R10, R5 C, R6m2 - Fuji X-H2, X-T5 - GOPRO HERO 11 BLACK, 11 BLACK mini - new ids also imported from libmtp - Nikon Z30, Z8 - OMSYSTEM OM-1 - Pentax KP (PTP mode) - Ricoh GR IIIx - Sigma fp L - Sony A7S III, ILCE-1, ILME-FX3, 7RM5 aka A7-RV, digigr8: * fixed init to not switch to webcam mode pentax: * Added Pentax KP general: * disable log formatting when we are not logging (speeds up large downloads, as we are not hex dumping the whole data and immediately discard the result) * libltdl usage now thread-safe. (some other library pieces are not threadsafe yet) * some time_t 32bit vs 64bit fixes * some cleanups and warning fixes translations: * updated swedish, spanish * added georgian, friulian - libgphoto2-enable-vusb-ptp.patch: upstream ==== libstorage-ng ==== Version update (4.5.136 -> 4.5.139) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#946 - improved json parse functions to handle string and integer - 4.5.139 - merge gh#openSUSE/libstorage-ng#945 - fixed parsing of lsscsi version for older lsscsi versions (bsc#1214814) - 4.5.138 - merge gh#openSUSE/libstorage-ng#944 - add awk to GitHub action for Tumbleweed - 4.5.137 ==== lsb-release ==== - add 797e459ecaa482bf8e7bfe02cf5f1cea367ba9e9.patch to fix bashisms ==== man ==== - Fix the content in patch file man-propose-online.patch ==== mozilla-nss ==== Version update (3.92 -> 3.93) Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs mozilla-nss-tools - Update to NSS 3.93: + bmo#1849471 - Update zlib in NSS to 1.3. + bmo#1848183 - softoken: iterate hashUpdate calls for long inputs. + bmo#1813401 - regenerate NameConstraints test certificates (boo#1214980). - Rebase nss-fips-pct-pubkeys.patch. ==== mozjs102 ==== Version update (102.14.0 -> 102.15.0) - Update to version 102.15.0: + Various security fixes and other quality improvements. + CVE-2023-4573: Memory corruption in IPC CanvasTranslator + CVE-2023-4574: Memory corruption in IPC ColorPickerShownCallback + CVE-2023-4575: Memory corruption in IPC FilePickerShownCallback + CVE-2023-4576: Integer Overflow in RecordedSourceSurfaceCreation + CVE-2023-4581: XLL file extensions were downloadable without warnings + CVE-2023-4584: Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2 ==== multipath-tools ==== Version update (0.9.5+68+suse.d1b6a1c -> 0.9.6+71+suse.f07325e) Subpackages: kpartx libmpath0 - Update to version 0.9.6+71+suse.f07325e: * avoid changing SCSI timeouts in "multipath -d" (bsc#1213809) - Update to version 0.9.6+70+suse.63925e8: Upstream feature additions and bug fixes: * ignore nvme devices by default if nvme native multipath is enabled * add "group_by_tpg" path_grouping_policy * add config options "detect_pgpolicy" and "detect_pgpolicy_use_tpg" * libmultipath: add ALUA tpg path wildcard "%A" * make prioritizer timeouts consistent with checker timeouts * fix dev_loss_tmo even if not set in configuration (bsc#1212440) * libmultipath: fix max_sectors_kb on adding path * fix warnings reported by udevadm verify ==== mutter ==== Version update (44.3 -> 44.4) - Update to version 44.4: + Fix xwayland-allow-byte-swapped-clients setting. + Fix restoring focus when leaving the overview. + Fix touch move operations on subsurfaces. + Fix flickering when DRI driver isn't available. + Fix unexpected cursor changes over non-resizable windows. + Fix restoring maximized state of SSD windows. + Fix window focus unexpectedly moving to secondary monitor when changing workspaces. + Fixed crash. + Misc. bug fixes and cleanups. + Updated translations. ==== nodejs20 ==== Version update (20.5.1 -> 20.6.0) Subpackages: npm20 - Update to 20.6.0: * add support for .env files to configure envrionment variables * import.meta.resolve unflagged * deps: npm updated to 9.8.1 - nodejs.keyring: updated to include current upstream releasers ==== open-isns ==== - Disable SLP by default for Factory and ALP (bsc#1214884) ==== perl-URI ==== Version update (5.19 -> 5.210.0) - updated to 5.21 see /usr/share/doc/packages/perl-URI/Changes 5.21 2023-08-23 16:02:14Z - Fix version declarations in icap.pm and icaps.pm (GH#131) (Olaf Alders) 5.20 2023-08-23 14:13:23Z - Remove Shebang and Taint from all tests. - Fix t/query.t to get rid of a warning about join() on array with undef - Add icap and icaps URIs (GH#130) (david-dick) ==== pigz ==== Version update (2.7 -> 2.8) - version update to 2.8 - Fixed a version bug when compiling with the just-released zlib 1.3 - Will save a modification time only for regular files (just like gzip since 1.10) - Will write all available uncompressed data on an error, for partial data recovery - deleted patches - pigz-2.7-NOTHREAD-tests.patch (upstreamed) ==== python-async_timeout ==== Version update (4.0.2 -> 4.0.3) - update to 4.0.3: * Fixed compatibility with asyncio.timeout() on Python 3.11+. * Added support for Python 3.11. * Dropped support for Python 3.6. ==== python-chardet ==== Version update (5.1.0 -> 5.2.0) - update to 5.2.0: * Adds support for running chardet CLI via `python -m chardet` ==== python-lxml ==== - skip html5lib tests - cyclic dependency with html5lib tests - remove python 2.x from testing ==== python-outcome ==== - drop outdated depndendy on async_generator (see https://github.com/python-trio/outcome/issues/12) ==== python-psycopg2 ==== Version update (2.9.6 -> 2.9.7) - update to 2.9.7: * Fix propagation of exceptions raised during module initialization * Fix building when pg_config returns an empty string ==== python-setuptools ==== Version update (67.8.0 -> 68.1.2) - update to 68.1.2 * Fix editable install finder handling of nested packages, by only handling 1 level of nesting and relying on importlib.machinery to find the remaining modules based on the parent package path. - add sphinx72.patch: address circular imports in sphinx 7.2+ - update to 68.1.0 * Removed code referencing bdist_wininst in install_scripts. * Promote pyproject.toml’s [tool.setuptools] out of beta. * Automatically add files listed in Extension.depends to sdists, as long as they are contained in the project directory * Require Python 3.8 or later. * Use default encoding to create .pth files with editable_wheel. * Detects (and complain about) scripts and gui-scripts set via setup.py when pyproject.toml does not include them in dynamic. - update to 68.0.0: * Removed verification for existing ``depends.txt`` file * Remove autofixing of broken ``.egg-info`` directories containing the ``-`` character in their base name (without suffix). * Remove deprecated APIs in ``easy_install``: ``get_script_args``, ``get_script_header`` and ``get_writer``. * Removed ``egg_info.get_pkg_info_revision`` (deprecated * Removed ``setuptools.dist._get_unpatched`` (deprecated * Removed support for SVN in ``setuptools.package_index`` (deprecated since 2018). * Removed support for invalid ``pyproject.toml`` files. * Added symlink support to launcher for installed executables -- by :user:`eugene-sevostianov-sc` * Updated vendored ``packaging`` version from 23.0 to 23.1 -- by :user:`MetRonnie` * Implemented workaround for old versions of ``vswhere``, which miss the * ``-requiresAny`` parameter, such as the ones distributed together with Visual Studio 2017 < 15.6. * Changed ``DistutilsMetaFinder`` to skip ``spec_for_pip`` on Python >= 3.12. * Removed ``_distutils_hack.remove_shim`` on Python >= 3.12 (since ``distutils`` was removed from the standard library, ``DistutilsMetaFinder`` cannot be disabled on Python >= 3.12). * #3920: Add a link to deprecation warning in ``pkg_resources`` and improve ``stacklevel`` for better visibility. - drop use-tarfile-extraction_filter.patch (upstream) ==== qpdf ==== Version update (11.5.0 -> 11.6.0) - version update to 11.6.0 - Bug fixes: - Fix corner case in the ASCII85 decoder. - Properly report warnings when ``--pages`` is used and the warnings appear in other than the primary file. - Improve ``--bash-completion`` and ``--zsh-completion`` to better support paths with spaces in them. - Move detection of random number device from compile-time to runtime to improve cross compilation. - Fix bugs around attempting to copy ``/Pages`` objects with ``copyForeignObject`` (which explicitly doesn't allow this). ==== rdma-core ==== Subpackages: libefa1 libibverbs libibverbs1 libmana1 libmlx4-1 libmlx5-1 librdmacm1 rdma-ndd - Add missing-quoting.patch - Use normal GNU tar option syntax - Remove old RPM spec logic (%defattr) ==== shaderc ==== Version update (2023.4 -> 2023.6) - Update to release 2023.6 * Build system updates only ==== suse-module-tools ==== Version update (16.0.34 -> 16.0.35) Subpackages: suse-module-tools-scriptlets - Update to version 16.0.35: * split off regenerate-initrd-posttrans in the kernel-scriptlets package (boo#1213459) * wm2: Update for usrmerge (boo#1214428) ==== unbound ==== Version update (1.17.1 -> 1.18.0) Subpackages: libunbound8 unbound-anchor - Update to 1.18.0: * Features: - Аdd a metric about the maximum number of collisions in lrushah. - Set max-udp-size default to 1232. This is the same default value as the default value for edns-buffer-size. It restricts client edns buffer size choices, and makes unbound behave similar to other DNS resolvers. - Add harden-unknown-additional option. It removes unknown records from the authority section and additional section. - Added new static zone type block_a to suppress all A queries for specific zones. - [FR] Ability to use Redis unix sockets. - [FR] Ability to set the Redis password. - Features/dropqueuedpackets, with sock-queue-timeout option that drops packets that have been in the socket queue for too long. Added statistics num.queries_timed_out and query.queue_time_us.max that track the socket queue timeouts. - 'eqvinox' Lamparter: NAT64 support. - [FR] Use kernel timestamps for dnstap. - Add cachedb hit stat. Introduces 'num.query.cachedb' as a new statistical counter. - Add SVCB dohpath support. - Add validation EDEs to queries where the CD bit is set. - Add prefetch support for subnet cache entries. - Add EDE (RFC8914) caching. - Add support for EDE caching in cachedb and subnetcache. - Downstream DNS Server Cookies a la RFC7873 and RFC9018. Create server cookies for clients that send client cookies. This needs to be explicitly turned on in the config file with: `answer-cookie: yes`. * Bug Fixes - Response change to NODATA for some ANY queries since 1.12. - Fix not following cleared RD flags potentially enables amplification DDoS attacks. - Set default for harden-unknown-additional to no. So that it does not hamper future protocol developments. - Fix to ignore entirely empty responses, and try at another authority. This turns completely empty responses, a type of noerror/nodata into a servfail, but they do not conform to RFC2308, and the retry can fetch improved content. - Allow TTL refresh of expired error responses. - Fix: Unexpected behavior with client-subnet-always-forward and serve-expired - Fix unbound-dnstap-socket test program to reply the finish frame over a TLS connection correctly. - Fix: reserved identifier violation - Fix: Unencrypted query is sent when forward-tls-upstream: yes is used without tls-cert-bundle - Extra consistency check to make sure that when TLS is requested, either we set up a TLS connection or we return an error. - Fix: NXDOMAIN instead of NOERROR rcode when asked for existing CNAME record. - Fix: Bad interaction with 0 TTL records and serve-expired - Fix RPZ IP responses with trigger rpz-drop on cache entries. - Fix RPZ removal of client-ip, nsip, nsdname triggers from IXFR. - Fix dereference of NULL variable warning in mesh_do_callback. - Fix ip_ratelimit test to work with dig that enables DNS cookies. - Fix for iter_dec_attempts that could cause a hang, part of capsforid and qname minimisation, depending on the settings. - Fix uninitialized memory passed in padding bytes of cmsg to sendmsg. - Fix stat_values test to work with dig that enables DNS cookies. - unbound.service: Main process exited, code=killed, status=11/SEGV. Fixes cachedb configuration handling. - Fix: processQueryResponse() THROWAWAY should be mindful of fail_reply. ==== vsftpd ==== - Use pam macros to install pam config in /usr/lib/pam.d - Adjust vsftpd.pam to include postlogin config (replace wtmp with wtmpdb for Y2038 [jsc#3144]) ==== webkit2gtk3 ==== Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Expand lang sub-package in spec file unconditionally to handle previous name change from WebKit2GTK-lang to WebKitGTK-lang. This change affected the automatic generated Requires tag on WebKit2GTK-%{_apiver}, then getting out of sync of what's being required and what's being provided. Now, any sub-package that was providing WebKit2GTK-%{_apiver} will provide WebKitGTK-%{_apiver} instead (boo#1214835, boo#1214640). ==== webkit2gtk3-soup2 ==== Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles - Expand lang sub-package in spec file unconditionally to handle previous name change from WebKit2GTK-lang to WebKitGTK-lang. This change affected the automatic generated Requires tag on WebKit2GTK-%{_apiver}, then getting out of sync of what's being required and what's being provided. Now, any sub-package that was providing WebKit2GTK-%{_apiver} will provide WebKitGTK-%{_apiver} instead (boo#1214835, boo#1214640). ==== wireless-regdb ==== Version update (20230721 -> 20230901) - Update to version 20230901: * wireless-regdb: update regulatory database based on preceding changes * wireless-regdb: Update regulatory rules for Australia (AU) for June 2023 ==== yast2-trans ==== Version update (84.87.20230818.ea489402e5 -> 84.87.20230901.be24cb382f) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sr yast2-trans-sv yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20230901.be24cb382f: * Translated using Weblate (Slovak) * Translated using Weblate (Dutch) * Translated using Weblate (Japanese) * Translated using Weblate (Czech) * Translated using Weblate (Catalan) * New POT for text domain 'bootloader'. * Translated using Weblate (Kurdish) * Translated using Weblate (Kurdish) ==== zvbi ==== Version update (0.2.41 -> 0.2.42) - version update to 0.2.42 * Fix several compiler warnings. * Apply patch to consider ERASE_PAGE flag with single page transmissions. ==== zypper ==== Version update (1.14.62 -> 1.14.64) Subpackages: zypper-log zypper-needs-restarting - Fix name of the bash completion script (bsc#1215007) In 1.14.63 the location of the bash completion script was changed to /usr/share/bash-completion/completions/. But the patch failed to also rename the completion script. The original script name zypper.sh is not recognized at the new location. - Update notes about failing signature checks (bsc#1214395) It might be a transient issue if the server is in the midst of receiving new data. Retry after a few minutes might work. - Improve the SIGINT handler to be signal safe (bsc#1214292) This patch updates the SIGINT handling strategy to be signal safe. Meaning the signal handler will do not much more than setting a flag, which we are going to check in the normal program flow as much as possible. - version 1.14.64 - Changed location of bash completion script (bsc#1213854). This changes the location of zypper.sh bash completion script from /usr/share/bash-completion/completions/. - version 1.14.63