openSUSE Factory
Threads by month
- ----- 2024 -----
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
November 2023
- 74 participants
- 90 discussions
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
apache2-mod_php8 (8.2.12 -> 8.2.13)
cnf
kded
libbpf (1.2.2 -> 1.3.0)
libqt5-qtwebengine (5.15.15 -> 5.15.16)
libsolv (0.7.26 -> 0.7.27)
php8 (8.2.12 -> 8.2.13)
python-pexpect (4.8.0 -> 4.9.0)
selinux-policy (20231030 -> 20231124)
=== Details ===
==== apache2-mod_php8 ====
Version update (8.2.12 -> 8.2.13)
- version update to 8.2.13
* This is a bug fix release.
https://www.php.net/ChangeLog-8.php#8.2.13
==== cnf ====
Subpackages: cnf-bash cnf-locale
- Enable build on 32-bit arm
==== kded ====
- Pull in kconf_update5
==== libbpf ====
Version update (1.2.2 -> 1.3.0)
- update to 1.3.0:
* support for `netfilter` programs is added
`SEC("netfilter")` is now available
* API function `bpf_program__attach_netfilter()` is now
available
* support for `tcx` BPF programs is added:
* the following new SEC definitions are now available:
SEC("tc/egress"), SEC("tc/ingress"), SEC("tcx/egress"),
SEC("tcx/ingress")
* the following SEC definitions are now considered legacy:
SEC("tc"), SEC("action"), SEC("classifier")
* functions `bpf_prog_attach_opts()` and
`bpf_prog_query_opts()` are extended to work with `tcx`
programs, plus two new API functions are added:
* the following new SEC definitions are now available:
SEC("uprobe.multi"), SEC("uprobe.multi.s"),
SEC("uretprobe.multi"), SEC("uretprobe.multi.s")
* support for section `SEC("usdt.s")` is added for sleepable
`usdt` programs;
* support for Unix domain socket cgroup BPF programs is added
the following new SEC definitions are now available:
SEC("cgroup/connect_unix"),SEC("cgroup/sendmsg_unix"),
SEC("cgroup/recvmsg_unix"), SEC("cgroup/getpeername_unix"),
SEC("cgroup/getsockname_unix")
* new `LIBBPF_OPTS_RESET()` utility macro;
* new `bpf_object__unpin()` function to complement existing
`bpf_object__pin()`;
* new API functions for work with ring buffers
* uprobe SEC matcher extended to allow golang symbols;
* uprobe support for symbols versioning;
* `bpf_map__set_value_size()` can now be used to resize memory
mapped region for memory mapped maps;
* `struct bpf_xdp_query_opts` extended with `xdp_zc_max_segs`
output field;
* basic BTF sanity check pass added to reject bogus BTF.
* fix for btf_dump__dump_type_data() when type contains
bitfields;
* fix for correct work of offsetof() and container_of() macro
with CO-RE;
* no longer attempt to load modules BTF when resolving CO-RE
relocations if CAP_SYS_ADMIN are absent;
* regex based function search for "kprobe.multi/" programs no
longer attempts to trace functions that cannot be traced;
* bpf_program__set_type() no longer resets sec_def if it is set
to a custom fallback SEC handler;
* fix for memory leak possible after
bpf_program__set_attach_target() call;
==== libqt5-qtwebengine ====
Version update (5.15.15 -> 5.15.16)
- Update to version 5.15.16:
* Bump version to 5.15.16
* Add check for system ffmpeg compatibility
* Fix handling of external URLs in PDFs
* Update Chromium:
* [Backport] CVE-2023-5996: Use after free in WebAudio
* [Backport] CVE-2023-5482 and CVE-2023-5849
* [Backport] CVE-2023-45853: Buffer overflow in MiniZip
* [Backport] Security bug 1478470
* [Backport] Security bug 1472365 and 1472366
* [Backport] CVE-2023-5218: Use after free in Site Isolation
* [Backport] Security bug 1486316
* FIXUP: [Backport] [PA] Support 16kb pagesize on Linux+ARM64
* [Backport] Add Intel Meteorlake GPU series type
* [Backport] Add Intel Raptorlake GPU series type
* [Backport] Add a few missing IntelGpuSeriesTypes in
gpu_util.cc
* [Backport] Add Intel Alchemist GPU series type
* [Backport] Add Alderlake to intel_gpu_series field in gpu
control list.
* [Backport] Add missing Intel GPU series types.
* [Backport] Add Alderlake's GPU to list supporting two NV12
overlay planes.
* [Backport] CVE-2023-5217: Heap buffer overflow in vp8
encoding in libvpx
* [Backport] Security bug 1479104
* [Backport] [PA] Support 16kb pagesize on Linux+ARM64
* [Backport] Replace uses of re2::StringPiece::set().
* Fix build with GCC 13
* Fix errors and warnings for perfetto
* Remove nodiscard attribute from cpwl_combo_box.h
* Bump V8_PATCH_LEVEL
* [Backport] CVE-2023-4762: Type Confusion in V8
* [Backport] CVE-2023-4362: Heap buffer overflow in Mojom IDL
* [Backport] CVE-2023-4354: Heap buffer overflow in Skia
* [Backport] CVE-2023-4351: Use after free in Network
* Disable Windows IME for GPU thread
* [Backport] CVE-2023-4863: Heap buffer overflow in WebP
* [Backport] Security bug 1465224
* [Backport] Dependency for security bug 1465224
* [Backport] CVE-2023-4071: Heap buffer overflow in Visuals
* [Backport] CVE-2023-4076: Use after free in WebRTC
* [Backport] CVE-2023-4074: Use after free in Blink Task
Scheduling
==== libsolv ====
Version update (0.7.26 -> 0.7.27)
Subpackages: libsolv-tools python3-solv ruby-solv
- add zstd support for the installcheck tool
- add putinowndirpool cache to make file list handling in
repo_write much faster
- bump version to 0.7.27
==== php8 ====
Version update (8.2.12 -> 8.2.13)
Subpackages: php8-cli php8-ctype php8-dom php8-gd php8-gettext php8-iconv php8-mbstring php8-mysql php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter
- version update to 8.2.13
* This is a bug fix release.
https://www.php.net/ChangeLog-8.php#8.2.13
==== python-pexpect ====
Version update (4.8.0 -> 4.9.0)
- update to 4.9:
* Add support for Python 3.12 #769.
* Clean up temporary files after UnicodeTests #753.
* Add Python 3.5, 3.6 and 3.12.0-rc.1 to test matrix #763.
* Set prompt correctly for zsh #712.
* Add zsh convenience function to replwrap module #751.
* Rework async unittests to rely on
unittest.IsolatedAsyncioTestCase #764.
* Make test_expect.py work on POSIX systems that are not Linux
based #698.
* Add support for ``socket``, which allows sockets to be used
crossplatform #745.
* Update async to work on newer versions of python #732.
* Remove deprecated RSAAuthentication option (SSHv1) #744.
* Multiple CI fixes #743 #737 #742 #739 #722.
* Use Github Actions for CI #734.
* Remove pytest-capturelog from testing requirements #730.
* Fix usage for Solaris #663 #604 #560.
* Fix threading for new versions of python #684.
* Fix documentation builds for use with Sphinx 3 #638.
* Use ``sys.executable`` for tests and wrapper, allowing the
calling python executable to be used instead #623.
* Update documentation about Wexpect #623.
* Added project urls to ``setup.py`` #620.
* Provide examples for how to use Pexpect and Pyte #587.
* Coerce compiled regex patterns type according to spawn
encoding #560.
* Several doc updates #626 #635 #643 #644 #728.
drop 31fab7b0edbe9b3401507b5dfa4db6aaf3fabca5.patch,
684.patch, 715.patch, 742.patch,
dae602d37493bae239e0e8db5b3dabafebfd59db.patch,
fix-fail-no-alias.patch, no-python-binary.patch: upstream
==== selinux-policy ====
Version update (20231030 -> 20231124)
Subpackages: selinux-policy-targeted
- Update to version 20231124:
* Allow virtnetworkd_t to execute bin_t (bsc#1216903)
1
0
Alright will update it during the day and send a PR :)
Den tors 23 nov. 2023 kl 08:46 skrev Ladislav Slezák <lslezak(a)suse.com>:
>
> Hello!
>
> Dne 22. 11. 23 v 11:12 Luna Jernberg napsal(a):
> > Hey!
> >
> > did hear about this today by Lubos in the Release Engineering meeting, and nice to
> > see some of my Swedish merged in, testing at the moment in Virtualbox
>
> Thanks for the translations!
>
> > the Weblate seems to be down at the moment however where do i report it to be
> > fixed?
>
> No idea.
>
> Luboš, who is responsible for that? I cannot log into https://l10n.opensuse.org/,
> I'm getting an internal server error. Maybe it is related to moving the servers...
>
> > also the translation now only seems to be partial but its a good start to at least
> > have some of it instead of none
>
> We added quite some new texts, but because Weblate does not work they cannot be
> easily translated now.
>
> If you want you can translate the texts directly in the
> https://github.com/openSUSE/agama-weblate repository. I just have updated all PO
> files with the new texts from the agama.pot file manually. Then just open a pull request.
>
> Using Weblate is more convenient and should be preferred, but this manual alternative
> should always work.
>
>
>
> Ladislav
>
>
> --
> Ladislav Slezák
> YaST Developer
>
> SUSE LINUX, s.r.o.
> Corso IIa
> Křižíkova 148/34
> 18600 Praha 8
>
3
4
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
kernel-firmware-nvidia-gspx-G06 (545.29.02 -> 545.29.06)
nvidia-open-driver-G06-signed (545.29.02_k6.6.2_1 -> 545.29.06_k6.6.2_1)
=== Details ===
==== kernel-firmware-nvidia-gspx-G06 ====
Version update (545.29.02 -> 545.29.06)
- update firmware to version 545.29.06
==== nvidia-open-driver-G06-signed ====
Version update (545.29.02_k6.6.2_1 -> 545.29.06_k6.6.2_1)
- Update to 545.29.06
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
Mesa
Mesa-drivers
avahi
avahi-glib2
gstreamer-plugins-bad
libadwaita
libdrm
libgcrypt
libstorage-ng (4.5.157 -> 4.5.158)
multipath-tools (0.9.6+115+suse.07776fb -> 0.9.7+76+suse.5f857af)
python-Twisted (22.10.0 -> 23.10.0)
python-anyio (3.6.2 -> 3.7.1)
python-charset-normalizer (3.2.0 -> 3.3.0)
python-linux-procfs (0.7.1 -> 0.7.3)
python-markdown-it-py (2.2.0 -> 3.0.0)
python-mdit-py-plugins (0.3.0 -> 0.4.0)
python311 (3.11.5 -> 3.11.6)
python311-core (3.11.5 -> 3.11.6)
ruby-common
selinux-policy
webkit2gtk3
webkit2gtk3-soup2
yast2-trans (84.87.20231117.f12231d4de -> 84.87.20231121.7869d671a6)
=== Details ===
==== Mesa ====
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libOSMesa8 libgbm1
- buildrequire 'pkgconfig(SPIRV-Tools)' also with disabled rusticl
(new dep since some time)
- re-disable rusticl on sle15-sp6 to prevent more deps (rust-bindgen)
- buildrequire 'pkgconfig(LLVMSPIRVLib)' also with disabled rusticl
(new dep since some time)
- enable rusticl on sle15-sp6
- let sle15-sp6 require llvm17/clang17
==== Mesa-drivers ====
Subpackages: Mesa-dri Mesa-gallium Mesa-libva libxatracker2
- buildrequire 'pkgconfig(SPIRV-Tools)' also with disabled rusticl
(new dep since some time)
- re-disable rusticl on sle15-sp6 to prevent more deps (rust-bindgen)
- buildrequire 'pkgconfig(LLVMSPIRVLib)' also with disabled rusticl
(new dep since some time)
- enable rusticl on sle15-sp6
- let sle15-sp6 require llvm17/clang17
==== avahi ====
Subpackages: avahi-lang libavahi-client3 libavahi-client3-32bit libavahi-common3 libavahi-common3-32bit libavahi-core7
- avahi-autoipd: drop the post script part migrating the user
owning files in /var/lib/avahi-autoipd: the code was aiding
migrations from SLE<=11/openSUSE<=12.3, which are no longer in
scope for upgrades nowadays.
- avahi-autoipd: guard %post chown with -h, to not follow symlinks
(boo#1217398).
==== avahi-glib2 ====
Subpackages: libavahi-glib1 libavahi-gobject0 libavahi-ui-gtk3-0
- avahi-autoipd: drop the post script part migrating the user
owning files in /var/lib/avahi-autoipd: the code was aiding
migrations from SLE<=11/openSUSE<=12.3, which are no longer in
scope for upgrades nowadays.
- avahi-autoipd: guard %post chown with -h, to not follow symlinks
(boo#1217398).
==== gstreamer-plugins-bad ====
Subpackages: gstreamer-plugins-bad-lang libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0
- Move pkgconfig(dvdnav) and pkgconfig(dvdread) BuildRequires out
of BUILD_ORIG conditional, and stop passing resindvd=disabled and
siren=disabled to meson setup, build dvd and siren 7 support in
main package.
==== libadwaita ====
Subpackages: libadwaita-1-0 libadwaita-lang typelib-1_0-Adw-1
- Add 3e3967d5f69180644519936991cad10136e84ca9.patch: Fix building
against libappstream 1.0 (boo#1217047).
==== libdrm ====
Subpackages: libdrm2 libdrm_amdgpu1 libdrm_intel1 libdrm_nouveau2 libdrm_radeon1
- adjusted n_libdrm-drop-valgrind-dep-generic.patch,
n_libdrm-drop-valgrind-dep-intel.patch
==== libgcrypt ====
Subpackages: libgcrypt20 libgcrypt20-32bit libgcrypt20-x86-64-v3
- Re-create HMAC checksum after RPM build strips the library
(bsc#1217058)
==== libstorage-ng ====
Version update (4.5.157 -> 4.5.158)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- merge gh#openSUSE/libstorage-ng#966
- fixed build with libxml 2.12.0
- 4.5.158
==== multipath-tools ====
Version update (0.9.6+115+suse.07776fb -> 0.9.7+76+suse.5f857af)
Subpackages: kpartx libmpath0
- Update to version 0.9.7+76+suse.5f857af:
* Update to upstream 0.9.7 (jsc#PED-6464)
* added max_retries config option to limit SCSI retries
* added auto_resize config option to enable resizing multipath maps automatically
* fixed memory and error handling for code using aio (marginal path code,
directio path checker)
* dropped modules-load.d/multipath.conf; replaced by a dependency on
modprobe(a)dm-multipath.service (systemd >= 245: SLE15-SP3 and later only)
and a softdep on sd_mod for the SCSI device handlers
(bsc#1217377)
* On SLE/Leap suse-module-tools doesn't ship a scsi_mod->sd_mod softdep yet.
Add it here, too. It will be overridden by s-m-t when it's added there.
* drop usr_prefix= setting in SLE build recipes (set to /usr by upstream
automatically)
==== python-Twisted ====
Version update (22.10.0 -> 23.10.0)
Subpackages: python311-Twisted python311-Twisted-tls
- Update to 23.10.0
* reactor.spawnProcess() now uses posix_spawnp when possible, making it much more efficient (#5710)
* Twisted now officially supports Python 3.11. (#10343)
* twisted.internet.defer.race has been added as a way to get the first available result from a list of Deferreds. (#11817)
* The CI suite was updated to execute the tests using a Python 3.12 pre-release (#11857)
* PyAsn1 has been removed as a conch dependency.
* Due to changes in the way raw private key byte serialization are handled in Cryptography, and widespread support
for Ed25519 in current versions of OpenSSL, we no longer support PyNaCl as a fallback for Ed25519 keys in Conch. (#11871)
* In Twisted 16.3.0, we changed twisted.web to stop dispatching HTTP/1.1 pipelined requests to application code.
There was a bug in this change which still allowed clients which could send multiple full HTTP requests in a single TCP segment
to trigger asynchronous processing of later requests, which could lead to out-of-order responses. This has now been corrected
and twisted.web should never process a pipelined request over HTTP/1.1 until the previous request has fully completed.
(CVE-2023-46137, GHSA-cq7q-gv5w-rwx2) (#11976)
* Drop support for Python 3.7. Remove twisted[contextvars] extra (contextvars are always available in Python 3.7+) (#11913)
* When using CPython, functions wrapped by twisted.internet.defer.inlineCallbacks can have their arguments and return values
freed immediately after completion (due to there no longer being circular references). (#11885)
- Delete merged patches:
* regenerate-cert-to-work-with-latest-service-identity.patch
* no-pygtkcompat.patch
* support-new-glibc.patch
* CVE-2023-46137-HTTP-pipeline-response.patch
* remove-pynacl-optional-dependency.patch
* py311-tests-compat.patch
==== python-anyio ====
Version update (3.6.2 -> 3.7.1)
- update to 3.7.1:
* Fixed sending large buffers via UNIX stream sockets on
asyncio
* Fixed several minor documentation issues (broken links to
classes, missing classes or attributes)
* Dropped support for Python 3.6
* Improved type annotations:
* Several functions and methods that were previously annotated
as accepting ``Coroutine[Any, Any, Any]`` as the return type
of the callable have been amended to accept ``Awaitable[Any]``
instead, to allow a slightly broader set of coroutine-like
inputs, like ``async_generator_asend`` objects returned from
the ``asend()`` method of async generators, and to match
the ``trio`` annotations:
* ``anyio.run()``
* ``anyio.from_thread.run()``
* ``TaskGroup.start_soon()``
* ``TaskGroup.start()``
* ``BlockingPortal.call()``
* ``BlockingPortal.start_task_soon()``
* ``BlockingPortal.start_task()``
* Changed ``TLSAttribute.shared_ciphers`` to match the
documented semantics of ``SSLSocket.shared_ciphers``
of always returning ``None`` for client-side streams
* Fixed ``CapacityLimiter`` on the asyncio backend to order
waiting tasks in the FIFO order (instead of LIFO)
* Fixed ``CancelScope.cancel()`` not working on asyncio if
called before entering the scope
* Fixed ``open_signal_receiver()`` inconsistently yielding
integers instead of ``signal.Signals`` instances on the
``trio`` backend
* Fixed ``to_thread.run_sync()`` hanging on asyncio if the
target callable raises ``StopIteration``
* Fixed ``start_blocking_portal()`` raising an unwarranted
* ``RuntimeError: This portal is not running`` if a task raises
an exception that causes the event loop to be closed
* Fixed ``current_effective_deadline()`` not returning ``-inf``
on asyncio when the currently active cancel scope has been
cancelled (PR by Ganden Schaffner)
* Fixed the ``OP_IGNORE_UNEXPECTED_EOF`` flag in an SSL context
created by default in ``TLSStream.wrap()`` being inadvertently
set on Python 3.11.3 and 3.10.11
* Fixed ``CancelScope`` to properly handle asyncio task
uncancellation on Python 3.11
* Fixed ``OSError`` when trying to use
``create_tcp_listener()`` to bind to a link-local
* IPv6 address (and worked around related bugs in ``uvloop``)
* Worked around a `PyPy bug
<https://foss.heptapod.net/pypy/pypy/-/issues/3938>`_
when using ``anyio.getaddrinfo()`` with for IPv6 link-local
addresses containing interface names
- drop fix-failing-tls-tests.patch
support-trio-0.22.patch: obsolete
- update to 3.7.1:
* Fixed sending large buffers via UNIX stream sockets on
asyncio
* Fixed several minor documentation issues (broken links to
classes, missing classes or
* attributes)
* **3.7.0**
* Dropped support for Python 3.6
* Improved type annotations:
* Several functions and methods that were previously annotated
as accepting
* ``Coroutine[Any, Any, Any]`` as the return type of the
callable have been amended to
* accept ``Awaitable[Any]`` instead, to allow a slightly
broader set of coroutine-like
* inputs, like ``async_generator_asend`` objects returned from
the ``asend()`` method
* of async generators, and to match the ``trio`` annotations:
* ``anyio.run()``
* ``anyio.from_thread.run()``
* ``TaskGroup.start_soon()``
* ``TaskGroup.start()``
* ``BlockingPortal.call()``
* ``BlockingPortal.start_task_soon()``
* ``BlockingPortal.start_task()``
* Note that this change involved only changing the type
annotations; run-time
* functionality was not altered.
* The ``TaskStatus`` class is now a generic protocol, and
should be parametrized to
* indicate the type of the value passed to
``task_status.started()``
* The ``Listener`` class is now covariant in its stream type
* ``create_memory_object_stream()`` now allows passing only
``item_type``
* Object receive streams are now covariant and object send
streams are correspondingly
* contravariant
* Changed ``TLSAttribute.shared_ciphers`` to match the
documented semantics of
* ``SSLSocket.shared_ciphers`` of always returning ``None`` for
client-side streams
* Fixed ``CapacityLimiter`` on the asyncio backend to order
waiting tasks in the FIFO
* order (instead of LIFO) (PR by Conor Stevenson)
* Fixed ``CancelScope.cancel()`` not working on asyncio if
... changelog too long, skipping 30 lines ...
* interface names
==== python-charset-normalizer ====
Version update (3.2.0 -> 3.3.0)
- update to 3.3.0:
* Allow to execute the CLI (e.g. normalizer) through `python -m
charset_normalizer.cli` or `python -m charset_normalizer`
* Support for 9 forgotten encoding that are supported by Python
but unlisted in `encoding.aliases` as they have no alias
* Optional mypyc compilation upgraded to version 1.5.1 for
Python >= 3.7
* Unable to properly sort CharsetMatch when both chaos/noise
and coherence were close due to an unreachable condition in
\_\_lt\_\_ (#350)
==== python-linux-procfs ====
Version update (0.7.1 -> 0.7.3)
- update to 0.7.3:
* python 3.12 support (remove distutils)
* drop spec files and add SPDX licenses
==== python-markdown-it-py ====
Version update (2.2.0 -> 3.0.0)
- Update to version 3.0.0:
* drop python 3.7 support
* Update from upstream markdown-it 12.2.0 to 13.0.0
- A key change is the addition of a new Token type, text_special,
which is used to represent HTML entities and backslash escaped
characters.
- This ensures that (core) typographic transformation rules are not
incorrectly applied to these texts.
- The final core rule is now the new text_join rule, which joins
adjacent text/text_special tokens, and so no text_special tokens
should be present in the final token stream.
- Any custom typographic rules should be inserted before text_join.
- A new linkify rule has also been added to the inline chain, which
will linkify full URLs (e.g. https://example.com), and fixes
collision of emphasis and linkifier (so
http://example.org/foo._bar_-_baz is now a single link, not
emphasized).
- Emails and fuzzy links are not affected by this.
* REFACTOR: Replace most character code use with strings
- The use of StateBase.srcCharCode is deprecated (with
backward-compatibility), and all core uses are replaced by
StateBase.src.
- Conversion of source string characters to an integer
representing the Unicode character is prevalent in the upstream
JavaScript implementation, to improve performance. However, it
is unnecessary in Python and leads to harder to read code and
performance deprecations (during the conversion in the StateBase
initialisation).
* Centralise indented code block tests
- For CommonMark, the presence of indented code blocks prevent any
other block element from having an indent of greater than 4
spaces.
- Certain Markdown flavors and derivatives, such as mdx and djot,
disable these code blocks though, since it is more common to use
code fences and/or arbitrary indenting is desirable.
- Previously, disabling code blocks did not remove the indent
limitation, since most block elements had the 3 space limitation
hard-coded.
- This change centralised the logic of applying this limitation
(in StateBlock.is_code_block), and only applies it when indented
code blocks are enabled.
* Maintenance changes
- Strict type annotation checking has been applied to the whole
code base, ruff is now used for linting, and fuzzing tests have
been added to the CI, to integrate with Google OSS-Fuzz testing,
thanks to @DavidKorczynski.
==== python-mdit-py-plugins ====
Version update (0.3.0 -> 0.4.0)
- Update to version 0.4.0:
* UPGRADE: Drop python 3.7 and support 3.11 (#77)
* UPGRADE: Allow markdown-it-py v3 (#85)
- Make field_list compatible with latest upstream (#75)
- Convert state.srcCharCode -> state.src (#84)
- Remove unnecessary method arg by @chrisjsewell in( #76)
- Centralise code block test (#83 and #87)
- This means that disabling the code block rule in
markdown-it-py v3+ will now allow all syntax blocks to be
indented by any amount of whitespace.
* Improve dollarmath plugin: Add allow_blank_lines option, thanks
to @eric-wieser (#46)
* Improve admon plugin: Add ??? support, thanks to @KyleKing (#58)
* MAINTAIN: Make type checking strict (#86)
- v0.3.5:
* FIX: Regression in dollarmath by @chrisjsewell in #69
* Fix regression in amsmath by @chrisjsewell in #70
* Correct project documentation link by @andersk in #73
* RELEASE v0.3.5 by @chrisjsewell in #74
- v0.3.4:
* NEW: Add attrs_block_plugin by @chrisjsewell in #66
* Improve field lists by @chrisjsewell in #65
* Update pre-commit by @chrisjsewell in #64 (moving from flake8 to ruff)
- v0.3.3:
* FIX: attrs: span with end of inline before attrs by @chrisjsewell in #57
- v0.3.2:
* MAINTAIN: Fix pre-commit configuration by @hukkin in #54
* NEW: Add span parsing to inline attributes plugin by @chrisjsewell in #55
* FIX: Task list item marker can be followed by any GFM whitespace by @hukkin in #42
* NEW: Port admon plugin by @KyleKing in #53
* RELEASE: v0.3.2 by @chrisjsewell in #56
- v0.3.1:
* MAINTAIN: Remove upper bound from Python version constraint by @cjolowicz in #40
* MAINTAIN: Update pre-commit by @chrisjsewell in #47
* FIX: Parsing when newline is between footnote ID and first paragraph by @hukkin in #49
* Anchor ids in separate renders should not affect each other. by @distractedmosfet in #43
* PEP 621 package build, drop Python 3.6 by @chrisjsewell in #51
* NEW: Add attrs_plugin by @chrisjsewell in #50
* RELEASE: v0.3.1 by @chrisjsewell in #52
==== python311 ====
Version update (3.11.5 -> 3.11.6)
Subpackages: python311-curses python311-dbm python311-x86-64-v3
- Remove not needed patch 103213-fetch-CONFIG_ARGS.patch
- Refresh patches:
- bpo-31046_ensurepip_honours_prefix.patch
- fix_configure_rst.patch
- Update to 3.11.6:
- Core and Builtins
- gh-109351: Fix crash when compiling an invalid AST involving a
named (walrus) expression.
- gh-109207: Fix a SystemError in __repr__ of symtable entry
object.
- gh-109179: Fix bug where the C traceback display drops notes
from SyntaxError.
- gh-88943: Improve syntax error for non-ASCII character that
follows a numerical literal. It now points on the invalid
non-ASCII character, not on the valid numerical literal.
- gh-108959: Fix caret placement for error locations for subscript
and binary operations that involve non-semantic parentheses and
spaces. Patch by Pablo Galindo
- gh-108520: Fix
multiprocessing.synchronize.SemLock.__setstate__() to properly
initialize multiprocessing.synchronize.SemLock._is_fork_ctx.
This fixes a regression when passing a SemLock accross nested
processes.
- Rename multiprocessing.synchronize.SemLock.is_fork_ctx to
multiprocessing.synchronize.SemLock._is_fork_ctx to avoid
exposing it as public API.
- Library
- gh-110036: On Windows, multiprocessing Popen.terminate() now
catchs PermissionError and get the process exit code. If the
process is still running, raise again the PermissionError.
Otherwise, the process terminated as expected: store its exit
code. Patch by Victor Stinner.
- gh-110038: Fixed an issue that caused KqueueSelector.select() to
not return all the ready events in some cases when a file
descriptor is registered for both read and write.
- gh-109631: re functions such as re.findall(), re.split(),
re.search() and re.sub() which perform short repeated matches
can now be interrupted by user.
- gh-109593: Avoid deadlocking on a reentrant call to the
multiprocessing resource tracker. Such a reentrant call, though
unlikely, can happen if a GC pass invokes the finalizer for a
multiprocessing object such as SemLock.
- gh-109613: Fix os.stat() and os.DirEntry.stat(): check for
exceptions. Previously, on Python built in debug mode, these
functions could trigger a fatal Python error (and abort the
process) when a function succeeded with an exception set. Patch
by Victor Stinner.
- gh-109375: The pdb alias command now prevents registering
aliases without arguments.
- gh-107219: Fix a race condition in concurrent.futures. When a
process in the process pool was terminated abruptly (while the
future was running or pending), close the connection write end.
If the call queue is blocked on sending bytes to a worker
process, closing the connection write end interrupts the send,
so the queue can be closed. Patch by Victor Stinner.
- gh-50644: Attempts to pickle or create a shallow or deep copy of
codecs streams now raise a TypeError. Previously, copying failed
with a RecursionError, while pickling produced wrong results
that eventually caused unpickling to fail with a RecursionError.
- gh-108987: Fix _thread.start_new_thread() race condition. If a
thread is created during Python finalization, the newly spawned
thread now exits immediately instead of trying to access freed
memory and lead to a crash. Patch by Victor Stinner.
- gh-108843: Fix an issue in ast.unparse() when unparsing
f-strings containing many quote types.
- gh-108682: Enum: raise TypeError if super().__new__() is called
from a custom __new__.
- gh-105829: Fix concurrent.futures.ProcessPoolExecutor deadlock
- gh-64662: Fix support for virtual tables in
sqlite3.Connection.iterdump(). Patch by Aviv Palivoda.
- gh-107913: Fix possible losses of errno and winerror values in
OSError exceptions if they were cleared or modified by the
cleanup code before creating the exception object.
- gh-104372: On Linux where subprocess can use the vfork() syscall
for faster spawning, prevent the parent process from blocking
other threads by dropping the GIL while it waits for the
vforkâed child process exec() outcome. This prevents spawning a
binary from a slow filesystem from blocking the rest of the
application.
- gh-84867: unittest.TestLoader no longer loads test cases from
exact unittest.TestCase and unittest.FunctionTestCase classes.
- Documentation
- gh-109209: The minimum Sphinx version required for the
documentation is now 4.2.
- gh-105052: Update timeit doc to specify that time in seconds is
just the default.
- gh-102823: Document the return type of x // y when x and y have
type float.
- Tests
- gh-110031: Skip test_threading tests using thread+fork if Python
is built with Address Sanitizer (ASAN). Patch by Victor Stinner.
- gh-110088: Fix test_asyncio timeouts: donât measure the maximum
duration, a test should not measure a CI performance. Only
measure the minimum duration when a task has a timeout or delay.
Add CLOCK_RES to test_asyncio.utils. Patch by Victor Stinner.
- gh-110033: Fix test_interprocess_signal() of test_signal. Make
sure that the subprocess.Popen object is deleted before the test
raising an exception in a signal handler. Otherwise,
Popen.__del__() can get the exception which is logged as
... changelog too long, skipping 106 lines ...
multissltests to use 1.1.1w, 3.0.11, and 3.1.3.
==== python311-core ====
Version update (3.11.5 -> 3.11.6)
Subpackages: libpython3_11-1_0 libpython3_11-1_0-x86-64-v3 python311-base python311-base-x86-64-v3
- Remove not needed patch 103213-fetch-CONFIG_ARGS.patch
- Refresh patches:
- bpo-31046_ensurepip_honours_prefix.patch
- fix_configure_rst.patch
- Update to 3.11.6:
- Core and Builtins
- gh-109351: Fix crash when compiling an invalid AST involving a
named (walrus) expression.
- gh-109207: Fix a SystemError in __repr__ of symtable entry
object.
- gh-109179: Fix bug where the C traceback display drops notes
from SyntaxError.
- gh-88943: Improve syntax error for non-ASCII character that
follows a numerical literal. It now points on the invalid
non-ASCII character, not on the valid numerical literal.
- gh-108959: Fix caret placement for error locations for subscript
and binary operations that involve non-semantic parentheses and
spaces. Patch by Pablo Galindo
- gh-108520: Fix
multiprocessing.synchronize.SemLock.__setstate__() to properly
initialize multiprocessing.synchronize.SemLock._is_fork_ctx.
This fixes a regression when passing a SemLock accross nested
processes.
- Rename multiprocessing.synchronize.SemLock.is_fork_ctx to
multiprocessing.synchronize.SemLock._is_fork_ctx to avoid
exposing it as public API.
- Library
- gh-110036: On Windows, multiprocessing Popen.terminate() now
catchs PermissionError and get the process exit code. If the
process is still running, raise again the PermissionError.
Otherwise, the process terminated as expected: store its exit
code. Patch by Victor Stinner.
- gh-110038: Fixed an issue that caused KqueueSelector.select() to
not return all the ready events in some cases when a file
descriptor is registered for both read and write.
- gh-109631: re functions such as re.findall(), re.split(),
re.search() and re.sub() which perform short repeated matches
can now be interrupted by user.
- gh-109593: Avoid deadlocking on a reentrant call to the
multiprocessing resource tracker. Such a reentrant call, though
unlikely, can happen if a GC pass invokes the finalizer for a
multiprocessing object such as SemLock.
- gh-109613: Fix os.stat() and os.DirEntry.stat(): check for
exceptions. Previously, on Python built in debug mode, these
functions could trigger a fatal Python error (and abort the
process) when a function succeeded with an exception set. Patch
by Victor Stinner.
- gh-109375: The pdb alias command now prevents registering
aliases without arguments.
- gh-107219: Fix a race condition in concurrent.futures. When a
process in the process pool was terminated abruptly (while the
future was running or pending), close the connection write end.
If the call queue is blocked on sending bytes to a worker
process, closing the connection write end interrupts the send,
so the queue can be closed. Patch by Victor Stinner.
- gh-50644: Attempts to pickle or create a shallow or deep copy of
codecs streams now raise a TypeError. Previously, copying failed
with a RecursionError, while pickling produced wrong results
that eventually caused unpickling to fail with a RecursionError.
- gh-108987: Fix _thread.start_new_thread() race condition. If a
thread is created during Python finalization, the newly spawned
thread now exits immediately instead of trying to access freed
memory and lead to a crash. Patch by Victor Stinner.
- gh-108843: Fix an issue in ast.unparse() when unparsing
f-strings containing many quote types.
- gh-108682: Enum: raise TypeError if super().__new__() is called
from a custom __new__.
- gh-105829: Fix concurrent.futures.ProcessPoolExecutor deadlock
- gh-64662: Fix support for virtual tables in
sqlite3.Connection.iterdump(). Patch by Aviv Palivoda.
- gh-107913: Fix possible losses of errno and winerror values in
OSError exceptions if they were cleared or modified by the
cleanup code before creating the exception object.
- gh-104372: On Linux where subprocess can use the vfork() syscall
for faster spawning, prevent the parent process from blocking
other threads by dropping the GIL while it waits for the
vforkâed child process exec() outcome. This prevents spawning a
binary from a slow filesystem from blocking the rest of the
application.
- gh-84867: unittest.TestLoader no longer loads test cases from
exact unittest.TestCase and unittest.FunctionTestCase classes.
- Documentation
- gh-109209: The minimum Sphinx version required for the
documentation is now 4.2.
- gh-105052: Update timeit doc to specify that time in seconds is
just the default.
- gh-102823: Document the return type of x // y when x and y have
type float.
- Tests
- gh-110031: Skip test_threading tests using thread+fork if Python
is built with Address Sanitizer (ASAN). Patch by Victor Stinner.
- gh-110088: Fix test_asyncio timeouts: donât measure the maximum
duration, a test should not measure a CI performance. Only
measure the minimum duration when a task has a timeout or delay.
Add CLOCK_RES to test_asyncio.utils. Patch by Victor Stinner.
- gh-110033: Fix test_interprocess_signal() of test_signal. Make
sure that the subprocess.Popen object is deleted before the test
raising an exception in a signal handler. Otherwise,
Popen.__del__() can get the exception which is logged as
... changelog too long, skipping 106 lines ...
multissltests to use 1.1.1w, 3.0.11, and 3.1.3.
==== ruby-common ====
- gem_cleanup macro: yet another place which got hit by ruby 3.3
replace `gem env gemdir` with
`ruby -r rubygems -e 'puts Gem.default_dir'`
- Fix for the previous change. we need to set the GEM_HOME before
even wrapping into the re-exec with ruby.
- add workaround for https://github.com/rubygems/rubygems/commit/64273fd7e3
for now we will always set GEM_HOME to ensure that this new logic
does not break our paths
- ensure that gems built against an jemalloc enabled ruby
also pulls a ruby version that is built with jemalloc
==== selinux-policy ====
Subpackages: selinux-policy-targeted
- Add new modules that were missed in the last update to
modules-targeted-contrib.conf
==== webkit2gtk3 ====
Subpackages: WebKitGTK-4.1-lang libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles
- Ensure max_link_jobs and max_compile_jobs have valid values even
when %{jobs} is not defined (like when building outside of OBS).
==== webkit2gtk3-soup2 ====
Subpackages: WebKitGTK-4.0-lang libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles
- Ensure max_link_jobs and max_compile_jobs have valid values even
when %{jobs} is not defined (like when building outside of OBS).
==== yast2-trans ====
Version update (84.87.20231117.f12231d4de -> 84.87.20231121.7869d671a6)
Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu
- Update to version 84.87.20231121.7869d671a6:
* New POT for text domain 'hana-ha'.
1
0
Dear Tumbleweed users and hackers,
This has been a week filled with Tumbleweed snapshots. Six of them, to
be precise (1116, 1117, 1119, 1120, 1121, and 1122). The most relevant
changes that could be delivered this week include:
* Linux kernel 6.6.2
* btrfsprogs 6.6.2
* fwupd 1.9.8 & 1.9.9
* GStreamer 1.22.7
* Node.JS 21.2.0
* Pipewire 0.3.85
* Poppler 23.11.0
* LibreOffice 7.6.3.1
* libxml 2.11.6
* LLVM 17.0.5
Staging projects are far from full: only five out of 15 have anything
in them, and 4 of them are not even expected to move at the moment. So
keep those things coming! The relevant changes (including the non-
moving stagings) are:
* the package cnf-rs will be renamed to cnf (matching the command
name)
* PHP 8.2.13
* libxml 2.12.0 in Staging:L – I can’t even start to list what is not
building
* Sudo/polkit changes with the introduction of a sudo/wheel group to
allow the user to choose if they want to use this over the way we
configured sudo so far (targetpw). The sudo submission is interfering
on some level with toolbox (toolbox -r id fails to return the expected
info so far)
* c-ares 1.21.0: breaks nodejs
* wxWidgets 3.2.3: breaks wxPython bindings
* Testing of the two compiler flags -fcf-protection=full and -
ftrivial-auto-var-init=pattern
* RPM 4.19: no further progress made (user handling conflict between
sysuser-tools and RPMs new implementation)
* dbus-broker: no progress: openQA fails to even launch the network
stack in the installer
Cheers,
Dominique
1
0
I am trying to enable a PIN to unlock the screen after a successful login using the regular password, following this guide: https://blog.fancypi.cn/blog/pin_login_in_kde.html
But I could not find a package named libpam_pwdfile , even by using variations or partial search.
Someone can help by providing the opensuse equivalente package name or any other alternative, please ?
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
ell (0.59 -> 0.60)
fwupd (1.9.8 -> 1.9.9)
git (2.42.1 -> 2.43.0)
grub2
libblockdev
libheif (1.17.3 -> 1.17.5)
mariadb-connector-c (3.3.5 -> 3.3.7)
nghttp2
nvidia-open-driver-G06-signed
p11-kit (0.25.2 -> 0.25.3)
python-numpy (1.25.2 -> 1.26.2)
python-pip (23.2.1 -> 23.3.1)
readline
sssd
transactional-update (4.4.0 -> 4.5.0)
xen (4.18.0_02 -> 4.18.0_04)
xkeyboard-config
=== Details ===
==== ell ====
Version update (0.59 -> 0.60)
- update to 0.60:
* Fix issue with missing NETLINK_EXT_ACK definition.
* Fix issue with incorrect derivation of ECC compressed points.
* Add support for ECC usage from SPAKE2+ key exchange protocol.
==== fwupd ====
Version update (1.9.8 -> 1.9.9)
Subpackages: fwupd-bash-completion fwupd-lang libfwupd2 typelib-1_0-Fwupd-2_0
- Update to version 1.9.9 (boo#1217295):
+ This release adds the following features:
- Add a new generic request for the device power cable.
+ This release adds support for the following hardware:
- Lenovo X1 Yoga Gen7 530E.
- Advantech BMC devices.
==== git ====
Version update (2.42.1 -> 2.43.0)
Subpackages: git-core git-email git-web perl-Git
- update to 2.43.0:
* The "--rfc" option of "git format-patch" used to be a valid way to
override an earlier "--subject-prefix=<something>" on the command
line and replace it with "[RFC PATCH]", but from this release, it
merely prefixes the string "RFC " in front of the given subject
prefix. If you are negatively affected by this change, please use
"--subject-prefix=PATCH --rfc" as a replacement.
* In Git 2.42, "git rev-list --stdin" learned to take non-revisions
(like "--not") from the standard input, but the way such a "--not" was
handled was quite confusing, which has been rethought. The updated
rule is that "--not" given from the command line only affects revs
given from the command line that comes but not revs read from the
standard input, and "--not" read from the standard input affects
revs given from the standard input and not revs given from the
command line.
* A message written in olden time prevented a branch from getting
checked out, saying it is already checked out elsewhere. But these
days, we treat a branch that is being bisected or rebased just like
a branch that is checked out and protect it from getting modified
with the same codepath. The message has been rephrased to say that
the branch is "in use" to avoid confusion.
* Hourly and other schedules of "git maintenance" jobs are randomly
distributed now.
* "git cmd -h" learned to signal which options can be negated by
listing such options like "--[no-]opt".
* The way authentication related data other than passwords (e.g.,
oauth token and password expiration data) are stored in libsecret
keyrings has been rethought.
* Update the libsecret and wincred credential helpers to correctly
match which credential to erase; they erased the wrong entry in
some cases.
* Git GUI updates.
* "git format-patch" learned a new "--description-file" option that
lets cover letter description to be fed; this can be used on
detached HEAD where there is no branch description available, and
also can override the branch description if there is one.
* Use of the "--max-pack-size" option to allow multiple packfiles to
be created is now supported even when we are sending unreachable
objects to cruft packs.
* "git format-patch --rfc --subject-prefix=<foo>" used to ignore the
"--subject-prefix" option and used "[RFC PATCH]"; now we will add
"RFC" prefix to whatever subject prefix is specified.
* "git log --format" has been taught the %(decorate) placeholder for
further customization over what the "--decorate" option offers.
* The default log message created by "git revert", when reverting a
commit that records a revert, has been tweaked, to encourage people
to describe complex "revert of revert of revert" situations better in
their own words.
* The command-line completion support (in contrib/) learned to
complete "git commit --trailer=" for possible trailer keys.
* "git update-index" learned the "--show-index-version" option to
inspect the index format version used by the on-disk index file.
* "git diff" learned the "diff.statNameWidth" configuration variable,
to give the default width for the name part in the "--stat" output.
* "git range-diff --notes=foo" compared "log --notes=foo --notes" of
the two ranges, instead of using just the specified notes tree,
which has been corrected to use only the specified notes tree.
* The command line completion script (in contrib/) can be told to
complete aliases by including ": git <cmd> ;" in the alias to tell
it that the alias should be completed in a similar way to how "git
<cmd>" is completed. The parsing code for the alias has been
loosened to allow ';' without an extra space before it.
* "git for-each-ref" and friends learned to apply mailmap to
authorname and other fields in a more flexible way than using
separate placeholder letters like %a[eElL] every time we want to
come up with small variants.
* "git repack" machinery learned to pay attention to the "--filter="
option.
* "git repack" learned the "--max-cruft-size" option to prevent cruft
packs from growing without bounds.
* "git merge-tree" learned to take strategy backend specific options
via the "-X" option, like "git merge" does.
* "git log" and friends learned the "--dd" option that is a
short-hand for "--diff-merges=first-parent -p".
* The attribute subsystem learned to honor the "attr.tree"
configuration variable that specifies which tree to read the
.gitattributes files from.
* "git merge-file" learns a mode to read three variants of the
contents to be merged from blob objects.
* see https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.4…
==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-xen
- Update the TPM2 patches to skip the persistent SRK handle if not
specified and improve the error messages
+ 0003-protectors-Add-TPM2-Key-Protector.patch
+ 0005-util-grub-protect-Add-new-tool.patch
+ 0004-tpm2-Support-authorized-policy.patch
==== libblockdev ====
Subpackages: libbd_btrfs3 libbd_crypto3 libbd_fs3 libbd_loop3 libbd_lvm3 libbd_mdraid3 libbd_nvme3 libbd_part3 libbd_swap3 libbd_utils3 libblockdev3
- Add %{_libdir}/libbd_s390.so for s390x because missing file identitied
==== libheif ====
Version update (1.17.3 -> 1.17.5)
Subpackages: gdk-pixbuf-loader-libheif libheif-aom libheif-dav1d libheif-ffmpeg libheif-jpeg libheif-openjpeg libheif-rav1e libheif-svtenc libheif1
- update to 1.17.5:
* Fixes installation of the Gnome "heif.thumbnailer" config
file.
- update to 1.17.4:
* ispe boxes in AVIF images with clap boxes were written with
the wrong size (would only happen with svt-av1 encoder),
always output MIAF brand for AVIF images
* fix kvazaar encoding with odd image sizes and encodings with
non-4:2:0 chroma
==== mariadb-connector-c ====
Version update (3.3.5 -> 3.3.7)
- update to 3.3.7:
* https://mariadb.com/kb/en/mariadb-connector-c-3-3-7-release-notes/
* https://mariadb.com/kb/en/mariadb-connector-c-3-3-6-release-notes/
==== nghttp2 ====
- fix unversioned provides to be in sync with nghttp3
==== nvidia-open-driver-G06-signed ====
- no longer try to overwrite NVreg_OpenRMEnableSupporteGpus driver
option setting; apparently it's ignored by the driver (boo#1215981,
comment#26)
- use different modprobe.d config file to resolve conflict with
older driver package (boo#1217370); overwrite
NVreg_OpenRMEnableSupporteGpus driver option setting (disable it),
since letting it enabled is supposed to break booting (boo#1215981,
comment#23)
==== p11-kit ====
Version update (0.25.2 -> 0.25.3)
Subpackages: libp11-kit0 libp11-kit0-32bit p11-kit-tools
- Update to 0.25.3:
* rpc: fix serialization of NULL mechanism pointer [#601]
* fix meson build failure in macOS (appleframeworks not found) [#603]
==== python-numpy ====
Version update (1.25.2 -> 1.26.2)
- Update to 1.26.2:
* TYP: Trim down the ``_NestedSequence.__getitem__`` signature
* BUG: fix choose refcount leak
* TST: fix running the test suite in builds without BLAS/LAPACK
* BUG: random: Fix generation of nan by dirichlet.
* TST: fix distutils tests for deprecations in recent setuptools...
* MAINT: Remove versioneer
* MAINT: Pin upper version of sphinx.
* ENH: Add prefix to _ALIGN Macro
* BUG: cleanup warnings [skip azp][skip circle][skip travis][skip...
* BUG: ``asv dev`` has been removed, use ``asv run``.
* BUG: Fix meson build failure due to unchanged inplace auto-generated...
* BUG: fix issue with git-version script, needs a shebang to run
* BUG: Use a default assignment for git_hash [skip ci]
* BUG: fix NPY_cast_info error handling in choose
* BUG: Fix common block handling in f2py
* BUG: Fix assumed length f2py regression
* MAINT: Harmonize fortranobject
* TYP: add kind argument to numpy.isin type specification
* BUG: fix comparisons between masked and unmasked structured arrays
* ENH: Adopt new macOS Accelerate BLAS/LAPACK Interfaces, including...
* TYP: Add the missing ``casting`` keyword to ``np.clip``
* TST: convert cython test from setup.py to meson
* MAINT: Fixup ``fromnumeric.pyi``
* BUG, ENH: Fix ``iso_c_binding`` type maps
* TYP: Allow ``binary_repr`` to accept any object
* TYP: Explicitly declare ``dtype`` and ``generic`` hashable
* ENH: Refactor the typing "reveal" tests using `typing.assert_type`
* ENH: ``meson`` backend for ``f2py``
* MAINT: Refactor partial load Workaround for Clang
* BUG: Fix data stmt handling for complex values in f2py
* TYP: Add annotations for the py3.12 buffer protocol
* DOC: Updated the f2py docs to remove a note on -fimplicit-none
* BUG: Fix SIMD f32 trunc test on s390x when baseline is none
* BUG: Fix DATA statements for f2py
* API: Add ``NumpyUnpickler`` for backporting
* MAINT: Xfail test failing on PyPy.
* ENH: meson: implement BLAS/LAPACK auto-detection
* DOC: add a 1.26.1 release notes section for BLAS/LAPACK build
* MAINT: Backport ``numpy._core`` stubs. Remove ``NumpyUnpickler``
* BUG: loongarch doesn't use REAL(10)
* MAINT: align test_dispatcher s390x targets with _umath_tests_mtargets
* ENH: Add Cython enumeration for NPY_FR_GENERIC
* MAINT: Remove unhelpful error replacements from ``import_array()``
* BUG: Avoid intp conversion regression in Cython 3
* MAINT: Add missing ``noexcept`` to shuffle helpers
* DOC: Fix license identifier for OpenBLAS
* BLD: improve detection of Netlib libblas/libcblas/liblapack
* MAINT: Make bitfield integers unsigned
* BUG: Make n a long int for np.random.multinomial
* BUG: ensure passing ``np.dtype`` to itself doesn't crash
- Update BuildRequires as appropiate, build system changed from setuptools
to meson.
- Drop patch ignore-pkg_resources-deprecation.patch, no longer required
- f2py3 no longer shipped
==== python-pip ====
Version update (23.2.1 -> 23.3.1)
- Update to 23.3.1:
- Bug Fixes
- Handle a timezone indicator of Z when parsing dates in the
self check. (#12338)
- Fix bug where installing the same package at the same time
with multiple pip processes could fail. (#12361)
- Update to 23.3:
- Process
- Added reference to vulnerability reporting guidelines to
pip's security policy.
- Features
- Improve extras resolution for multiple constraints on same
base package. (#11924)
- Improve use of datastructures to make candidate selection
1.6x faster. (#12204)
- Allow pip install --dry-run to use platform and ABI
overriding options. (#12215)
- Add is_yanked boolean entry to the installation report
(--report) to indicate whether the requirement was yanked
from the index, but was still selected by pip conform to
PEP 592. (#12224)
- Bug Fixes
- Ignore errors in temporary directory cleanup (show a
warning instead). (#11394)
- Normalize extras according to PEP 685 from package metadata
in the resolver for comparison. This ensures extras are
correctly compared and merged as long as the package
providing the extra(s) is built with values normalized
according to the standard. Note, however, that this
does not solve cases where the package itself contains
unnormalized extra values in the metadata. (#11649)
- Prevent downloading sdists twice when PEP 658 metadata is
present. (#11847)
- Include all requested extras in the install report
(--report). (#11924)
- Removed uses of datetime.datetime.utcnow from non-vendored
code. (#12005)
- Consistently report whether a dependency comes from an
extra. (#12095)
- Fix completion script for zsh (#12166)
- Fix improper handling of the new onexc argument of
shutil.rmtree() in Python 3.12. (#12187)
- Filter out yanked links from the available versions
error message: "(from versions: 1.0, 2.0, 3.0)" will
not contain yanked versions conform PEP 592. The yanked
versions (if any) will be mentioned in a separate error
message. (#12225)
- Fix crash when the git version number contains something
else than digits and dots. (#12280)
- Use -r=... instead of -r ... to specify references with
Mercurial. (#12306, CVE-2023-5752, bsc#1217353)
- Redact password from URLs in some additional
places. (#12350)
- pip uses less memory when caching large packages. As a
result, there is a new on-disk cache format stored in a new
directory ($PIP_CACHE_DIR/http-v2). (#2984)
- Vendored Libraries
- Upgrade certifi to 2023.7.22
- Add truststore 0.8.0
- Upgrade urllib3 to 1.26.17
- Improved Documentation
- Document that pip search support has been removed from PyPI
(#12059)
- Clarify --prefer-binary in CLI and docs (#12122)
- Document that using OS-provided Python can cause pip's test
suite to report false failures. (#12334)
- Adjust pip-shipped-requests-cabundle.patch.
==== readline ====
Subpackages: libreadline8 readline-doc
- Add upstream patch readline82-002
* It's possible for readline to try to zero out a line that's not null-
terminated, leading to a memory fault.
- Add upstream patch readline82-003
- Add upstream patch readline82-004
- Add upstream patch readline82-005
* If an application is using readline in callback mode, and a signal arrives
after readline checks for it in rl_callback_read_char() but before it
restores the application's signal handlers, it won't get processed until the
next time the application calls rl_callback_read_char(). Readline needs to
check for and resend any pending signals after restoring the application's
signal handlers.
- Add upstream patch readline82-006
* This is a variant of the same issue as the one fixed by patch 5. In this
case, the signal arrives and is pending before readline calls rl_getc().
When this happens, the pending signal will be handled by the loop, but may
alter or destroy some state that the callback uses. Readline needs to treat
this case the same way it would if a signal interrupts pselect/select, so
compound operations like searches and reading numeric arguments get cleaned
up properly.
- Add upstream patch readline82-007
* If readline is called with no prompt, it should display a newline if return
is typed on an empty line. It should still suppress the final newline if
return is typed on the last (empty) line of a multi-line command.
==== sssd ====
Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-krb5-common sssd-ldap
- Adapt spec file for SLE 15 SP6/Leap 15.6; (jsc#PED-6714);
* Remove package sssd-common, merged into sssd
* Continue building deprecated files provider and infopipe
responder
* Disable selinux and semanage
* Provide rcsssd shortcut
==== transactional-update ====
Version update (4.4.0 -> 4.5.0)
Subpackages: dracut-transactional-update libtukit4 transactional-update-zypp-config tukit tukitd
- Version 4.5.0
- libtukit: Use permissions of real /etc when creating overlay
[bsc#1215878]
- libtukit, tukit: Support "rollback" via library now
- tukitd: Implement Snapshot delete and rollback methods
- tukit: Check for missing arguments with "close" and "abort"
commands
- t-u: Warn user when using "kdump" if it isn't configured to
avoid confusion with "setup-kdump" [boo#1215725]
- t-u: Abort if mkdumprd run is not successful
- t-u: Use defaut from config file if t-u is called without
arguments [gh#openSUSE/transactional-update#101]
- Improved README.md [gh#openSUSE/transactional-update#59] and
API docs
- Code cleanup
==== xen ====
Version update (4.18.0_02 -> 4.18.0_04)
Subpackages: xen-libs xen-tools xen-tools-domU
- Enable the Kconfig options REQUIRE_NX and DIT_DEFAULT to
provide better hypervisor security
xen.spec
- Upstream bug fixes (bsc#1027519)
654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch
65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch
655b2ba9-fix-sched_move_domain.patch
==== xkeyboard-config ====
Subpackages: xkeyboard-config-lang
- the current source supersedes old sle15-sp5 patches (see
changelog below)
* U_Map-evdev-keycodes-KEY_RFKILL-and-KEY_WWAN-to-XF86RF.patch
* U_Updating-Old-Hungarian.patch
* U_Fix-media-keys-lag-on-ABNT2-keyboard.patch
* U_Add-the-new-AZERTY-layout-norm-NF-Z71-300.patch
- includes fixes for
* missing mappings for evdev keys KEY_RFKILL and KEY_WWAN
(boo#1123784)
* capslock in Old Hungarian layout (boo#1153774)
* wrong keyboard mapping causing input delays with ABNT2 keyboards
(bsc#1191242)
- includes backport of French standardized AZERTY layout (AFNOR:
NF Z71-300) (bsc#1188867)
- supersedes a patch called 'U_fixed-keycode-comment.patch' from
sle15-sp5, which wasn't applied there any longer either.
<I247> = 247; // #define KEY_UWB 239
is defined in keycodes/evdev since a long time ...
1
0
Hi,
In OBS RPATH is not removed, which gives an rpmlint error. Now I use
chrpath to solve this, but there should be a better way. RPATH is set
nowhere and I understand that the default of cmake is to remove it at
install. I have reported this upstream, but the developer does not know
what is causing this. So I ask here. Can someone help?
Much appreciated.
See https://build.opensuse.org/package/show/KDE:Extra/kbibtex
Cor
2
2
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
ImageMagick (7.1.1.20 -> 7.1.1.21)
adobe-sourcehanserif-fonts (2.001 -> 2.002)
aria2 (1.36.0 -> 1.37.0)
dhcp
kernel-source (6.6.1 -> 6.6.2)
libX11
libfido2 (1.13.0 -> 1.14.0)
librdkafka (2.1.1 -> 2.3.0)
llvm17 (17.0.4 -> 17.0.5)
mcelog (195 -> 196)
mdadm
openvpn (2.6.7 -> 2.6.8)
ovmf
xen
yast2-trans (84.87.20231104.b73ad6fbc9 -> 84.87.20231117.f12231d4de)
=== Details ===
==== ImageMagick ====
Version update (7.1.1.20 -> 7.1.1.21)
Subpackages: ImageMagick-config-7-SUSE ImageMagick-extra libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10
- version update to 7.1.1.21
https://github.com/ImageMagick/Website/blob/main/ChangeLog.md
- modified patches
[bsc#1217014][bsc#1216811]
% ImageMagick-s390x-disable-tests.patch (refreshed)
- deleted patches
- ImageMagick-correct-time-to-live.patch (upstreamed)
- added patches
https://github.com/ImageMagick/ImageMagick/commit/8f3c56fabc619c1672865257e…
https://github.com/ImageMagick/ImageMagick/commit/3a7b915d9a810ce742987b37c…
+ ImageMagick-infinite-resource-time-limit.patch
==== adobe-sourcehanserif-fonts ====
Version update (2.001 -> 2.002)
Subpackages: adobe-sourcehanserif-cn-fonts adobe-sourcehanserif-tw-fonts
- Remove old specfile constructs, update descriptions
- Update to 2.002R
* The copyright year was changed to â2017â2023.â
* Addition of ã¿ Square Era Name Reiwa uni32FF-JP was omitted in
previous release notes Issue #163.
* The following glyphs were added to support GB 18030 2022
Implementation Level 2: uni4DB6-CN, uni4DB7-CN, uni4DB8-CN,
uni4DBA-CN, uni4DBB-CN, uni4DBC-CN, uni4DBD-CN, uni4DBE-CN,
uni4DBF-CN, uni5CB8-JP, uni9FEB-CN, uni9FEB-TW, uni9FEC-CN,
uni9FED-CN, uni9FEE-JP, uni9FEF-JP, uni9FF0-CN, uni9FF1-CN,
uni9FF2-CN, uni9FF3-CN, uni9FF4-CN, uni9FF5-CN, uni9FF6-CN,
uni9FF7-CN, uni9FF8-CN, uni9FF9-CN, uni9FFA-CN, uni9FFB-CN,
uni9FFC-CN, uni9FFD-CN, uni9FFE-CN, and uni9FFF-CN.
* Fixed aj16-kanji.txt per Issue #125.
* Fixed position of uni309B-V and uni309C-V per Issue #157.
* Fixed HK mapping for U+752D ç per Issue #159.
* Fixed CN mapping for U+5141 å
and U+535A å per Issue #162.
* Remapped TW glyph for U+7239 ç¹ per Issue #167.
* Restored JP glyph for U+5CB8 岸 per Issue #169.
* Fixed mapping for U+F9DC é per Issue #165.
* Fixed interpolation bug in uni2299 â per Issue #181.
* Fixed interpolation bugs in uni4B4C-CN ä and uni4B55-CN ä per
Issue #193.
==== aria2 ====
Version update (1.36.0 -> 1.37.0)
Subpackages: aria2-lang libaria2-0
- Update to version 1.37.0
* Fix header in --http-accept-gzip documentation
* Allow empty dist name in bencode which is needed for hybrid torrent
* Fix undefined behavior/crash in GZipEncoder
* Fix Metalink4 parsing with foreign namespaces
* fix wrong dht.dat binary file structure in docs
* Increase ByteArrayDiskWriter maximum size
* Logger: Fix format string overflow in writeHeader()
* Cap infoHashLength in .aria2 file
* Various documentation fixes and rewords
==== dhcp ====
Subpackages: dhcp-relay dhcp-server
- Remove dhclient-script (boo#1216822).
==== kernel-source ====
Version update (6.6.1 -> 6.6.2)
- Linux 6.6.2 (bsc#1012628).
- hwmon: (nct6775) Fix incorrect variable reuse in fan_div
calculation (bsc#1012628).
- numa: Generalize numa_map_to_online_node() (bsc#1012628).
- sched/topology: Fix sched_numa_find_nth_cpu() in CPU-less case
(bsc#1012628).
- sched/topology: Fix sched_numa_find_nth_cpu() in non-NUMA case
(bsc#1012628).
- sched/fair: Fix cfs_rq_is_decayed() on !SMP (bsc#1012628).
- iov_iter, x86: Be consistent about the __user tag on
copy_mc_to_user() (bsc#1012628).
- sched/uclamp: Set max_spare_cap_cpu even if max_spare_cap is 0
(bsc#1012628).
- sched/uclamp: Ignore (util == 0) optimization in feec() when
p_util_max = 0 (bsc#1012628).
- objtool: Propagate early errors (bsc#1012628).
- sched: Fix stop_one_cpu_nowait() vs hotplug (bsc#1012628).
- nfsd: Handle EOPENSTALE correctly in the filecache
(bsc#1012628).
- vfs: fix readahead(2) on block devices (bsc#1012628).
- writeback, cgroup: switch inodes with dirty timestamps to
release dying cgwbs (bsc#1012628).
- x86/srso: Fix SBPB enablement for (possible) future fixed HW
(bsc#1012628).
- x86/srso: Print mitigation for retbleed IBPB case (bsc#1012628).
- x86/srso: Fix vulnerability reporting for missing microcode
(bsc#1012628).
- x86/srso: Fix unret validation dependencies (bsc#1012628).
- futex: Don't include process MM in futex key on no-MMU
(bsc#1012628).
- x86/numa: Introduce numa_fill_memblks() (bsc#1012628).
- ACPI/NUMA: Apply SRAT proximity domain to entire CFMWS window
(bsc#1012628).
- cgroup/cpuset: Fix load balance state in
update_partition_sd_lb() (bsc#1012628).
- x86/sev-es: Allow copy_from_kernel_nofault() in earlier boot
(bsc#1012628).
- x86/boot: Fix incorrect startup_gdt_descr.size (bsc#1012628).
- cpu/SMT: Make SMT control more robust against enumeration
failures (bsc#1012628).
- x86/apic: Fake primary thread mask for XEN/PV (bsc#1012628).
- srcu: Fix callbacks acceleration mishandling (bsc#1012628).
- drivers/clocksource/timer-ti-dm: Don't call clk_get_rate()
in stop function (bsc#1012628).
- x86/nmi: Fix out-of-order NMI nesting checks & false positive
warning (bsc#1012628).
- pstore/platform: Add check for kstrdup (bsc#1012628).
- perf: Optimize perf_cgroup_switch() (bsc#1012628).
- selftests/x86/lam: Zero out buffer for readlink() (bsc#1012628).
- PCI/MSI: Provide stubs for IMS functions (bsc#1012628).
- string: Adjust strtomem() logic to allow for smaller sources
(bsc#1012628).
- genirq/matrix: Exclude managed interrupts in
irq_matrix_allocated() (bsc#1012628).
- irqchip/sifive-plic: Fix syscore registration for multi-socket
systems (bsc#1012628).
- wifi: ath12k: fix undefined behavior with __fls in dp
(bsc#1012628).
- wifi: cfg80211: add flush functions for wiphy work
(bsc#1012628).
- wifi: mac80211: move radar detect work to wiphy work
(bsc#1012628).
- wifi: mac80211: move scan work to wiphy work (bsc#1012628).
- wifi: mac80211: move offchannel works to wiphy work
(bsc#1012628).
- wifi: mac80211: move sched-scan stop work to wiphy work
(bsc#1012628).
- wifi: mac80211: fix RCU usage warning in mesh fast-xmit
(bsc#1012628).
- wifi: cfg80211: fix off-by-one in element defrag (bsc#1012628).
- wifi: mac80211: fix # of MSDU in A-MSDU calculation
(bsc#1012628).
- wifi: iwlwifi: honor the enable_ini value (bsc#1012628).
- wifi: iwlwifi: don't use an uninitialized variable
(bsc#1012628).
- i40e: fix potential memory leaks in i40e_remove() (bsc#1012628).
- iavf: Fix promiscuous mode configuration flow messages
(bsc#1012628).
- selftests/bpf: Correct map_fd to data_fd in tailcalls
(bsc#1012628).
- bpf, x64: Fix tailcall infinite loop (bsc#1012628).
- wifi: cfg80211: fix kernel-doc for wiphy_delayed_work_flush()
(bsc#1012628).
- udp: introduce udp->udp_flags (bsc#1012628).
- udp: move udp->no_check6_tx to udp->udp_flags (bsc#1012628).
- udp: move udp->no_check6_rx to udp->udp_flags (bsc#1012628).
- udp: move udp->gro_enabled to udp->udp_flags (bsc#1012628).
- udp: add missing WRITE_ONCE() around up->encap_rcv
(bsc#1012628).
- udp: move udp->accept_udp_{l4|fraglist} to udp->udp_flags
(bsc#1012628).
- udp: lockless UDP_ENCAP_L2TPINUDP / UDP_GRO (bsc#1012628).
- udp: annotate data-races around udp->encap_type (bsc#1012628).
- udplite: remove UDPLITE_BIT (bsc#1012628).
- udplite: fix various data-races (bsc#1012628).
- selftests/bpf: Skip module_fentry_shadow test when bpf_testmod
is not available (bsc#1012628).
- tcp: call tcp_try_undo_recovery when an RTOd TFO SYNACK is ACKed
(bsc#1012628).
... changelog too long, skipping 987 lines ...
- commit 9ecdaa5
==== libX11 ====
Subpackages: libX11-6 libX11-data libX11-xcb1
- this update is needed due to jsc#PED-7282; it includes the
security fix for CVE-2022-3555 (bsc#1204425, bsc#1208881) and
a fix for a race condition in libX11 that causes various
applications to crash randomly (boo#1181963)
==== libfido2 ====
Version update (1.13.0 -> 1.14.0)
- update to 1.14.0:
* fido2-cred -M, fido2-token -G: support raw client data
via -w flag.
* New API calls:
* * fido_assert_authdata_raw_len;
* * fido_assert_authdata_raw_ptr;
* * fido_assert_set_winhello_appid.
- add keyring for gpg validation
==== librdkafka ====
Version update (2.1.1 -> 2.3.0)
- update to 2.3.0:
* Partial support of topic identifiers. Topic identifiers in
metadata response available through the new
`rd_kafka_DescribeTopics` function
* KIP-117 Add support for AdminAPI `DescribeCluster()` and
`DescribeTopics()`
* Return authorized operations in Describe Responses.
* KIP-580: Added Exponential Backoff mechanism for
retriable requests with `retry.backoff.ms` as minimum backoff
and `retry.backoff.max.ms` as the
maximum backoff, with 20% jitter (#4422).
* Fixed ListConsumerGroupOffsets not fetching offsets for all
the topics in a group with Apache Kafka version below 2.4.0.
* Add missing destroy that leads to leaking partition structure
memory when there are partition leader changes and a stale
leader epoch is received (#4429).
* Fix a segmentation fault when closing a consumer using the
cooperative-sticky assignor before the first assignment
* Fix for insufficient buffer allocation when allocating rack
information (@wolfchimneyrock, #4449).
* Fix for infinite loop of OffsetForLeaderEpoch requests on
quick leader changes. (#4433).
* Fix for stored offsets not being committed if they lacked the
leader epoch (#4442).
* Upgrade OpenSSL to v3.0.11 (while building from source) with
various security fixes, check the release notes
* Fix to ensure permanent errors during offset validation
continue being retried and don't cause an offset reset (#4447).
* Fix to ensure max.poll.interval.ms is reset when
rd_kafka_poll is called with consume_cb (#4431).
* Fix for idempotent producer fatal errors, triggered after a
possibly persisted message state (#4438).
* Fix `rd_kafka_query_watermark_offsets` continuing beyond
timeout expiry (#4460).
* Fix `rd_kafka_query_watermark_offsets` not refreshing the
partition leader after a leader change and subsequent
`NOT_LEADER_OR_FOLLOWER` error (#4225).
==== llvm17 ====
Version update (17.0.4 -> 17.0.5)
- Update to version 17.0.5.
* This release contains bug-fixes for the LLVM 17.0.0 release.
This release is API and ABI compatible with 17.0.0.
- Rebase llvm-do-not-install-static-libraries.patch.
- Also test clang-tools-extra (at least most parts) and lld.
- Adapt test in lld-default-sha1.patch.
- Don't disable testing if qemu_user_space_build has been set to 0.
==== mcelog ====
Version update (195 -> 196)
- Update to version 196:
* mcelog: Add second model number for Arrowlake
==== mdadm ====
- No longer recommend smtp-daemon: this was a remainder from the
cron configuration, which was removed back in 2018.
==== openvpn ====
Version update (2.6.7 -> 2.6.8)
- update to 2.6.8:
* SIGSEGV crash: Do not check key_state buffers that are in S_UNDEF
state - the new sanity check function introduced in 2.6.7 sometimes
tried to use a NULL pointer after an unsuccessful TLS handshake
* CVE-2023-46850 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly
use a send buffer after it has been free()d in some circumstances,
causing some free()d memory to be sent to the peer. All configurations
using TLS (e.g. not using --secret) are affected by this issue.
* CVE-2023-46849 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly
restore --fragment configuration in some circumstances, leading to a
division by zero when --fragment is used. On platforms where division
by zero is fatal, this will cause an OpenVPN crash.
* DCO: warn if DATA_V1 packets are sent by the other side - this a hard
incompatibility between a 2.6.x client connecting to a 2.4.0-2.4.4
server, and the only fix is to use --disable-dco.
* Remove OpenSSL Engine method for loading a key. This had to be removed
because the original author did not agree to relicensing the code with
the new linking exception added. This was a somewhat obsolete feature
anyway as it only worked with OpenSSL 1.x, which is end-of-support.
* add warning if p2p NCP client connects to a p2mp server - this is a
combination that used to work without cipher negotiation (pre 2.6 on
both ends), but would fail in non-obvious ways with 2.6 to 2.6.
* add warning to --show-groups that not all supported groups are listed
(this is due the internal enumeration in OpenSSL being a bit weird,
omitting X448 and X25519 curves).
* --dns: remove support for exclude-domains argument (this was a new 2.6
option, with no backend support implemented yet on any platform, and it
turns out that no platform supported it at all - so remove option again)
* warn user if INFO control message too long, do not forward to management
client (safeguard against protocol-violating server implementations)
* DCO-WIN: get and log driver version (for easier debugging).
* print "peer temporary key details" in TLS handshake
* log OpenSSL errors on failure to set certificate, for example if the
algorithms used are in acceptable to OpenSSL (misleading message would be
printed in cryptoapi / pkcs11 scenarios)
* add CMake build system for MinGW and MSVC builds
* remove old MSVC build system
* improve cmocka unit test building for Windows
==== ovmf ====
Subpackages: qemu-ovmf-x86_64
- Sync change log to prepare for sending edk2-stable202308 ovmf to SLE15-SP6
(jsc#PED-6233, jsc#PED-5523)
- Removed the following backported patches because they are merged
to edk2 mainline:
- ovmf-SecurityPkg-DxeImageVerificationLib-Check-result-of-.patch
494127613b SecurityPkg/DxeImageVerificationLib: Check result of GetEfiGlobalVariable2
(CVE-2019-14560, bsc#1174246)
==== xen ====
Subpackages: xen-libs xen-tools xen-tools-domU
- Pass XEN_BUILD_DATE + _TIME to override build date (boo#1047218)
==== yast2-trans ====
Version update (84.87.20231104.b73ad6fbc9 -> 84.87.20231117.f12231d4de)
Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu
- Update to version 84.87.20231117.f12231d4de:
* New POT for text domain 'cc'.
1
0
All meeting minutes can be found here:
https://etherpad.opensuse.org/p/ReleaseEngineering-meeting
The meeting is hosted here
https://meet.opensuse.org/ReleaseEngineeringMeeting
## Attendees
bittin, lkocman, rbrown, anag, Dimstar, adrians, Doug, maxlin,
guillaumeg
## Leap
15.6 build failures
https://etherpad.opensuse.org/p/leap156-build-fails
there is a few more exclusively on Arm that I need to yet report.
Discussion with PM (Sergio) whether we want to do community spins of
both Dolomite and Marble.
https://etherpad.opensuse.org/p/ReleaseEngineering-20231122-pm-discussion
(etherpad is down now)
context: There was a lot of concern on OSC (and pretty much every other
conference when I was discussing future options) that we have too many
distributions to choose from.
Moving intel-gpu-tools from SLES to Leap/PH
https://code.opensuse.org/leap/features/issue/137
Calendaring solution for openSUSE is coming!
https://hackweek.opensuse.org/23/projects/basic-calendar-interface-for-upco…
Just a heads up that 2023-12-06 is code-drop deadline for SUSE Linux
Enterprise 15 SP6 Beta 2, SLES RM finds desirable to have all larger
SLES/Leap features in by that time (Qt5/6 updates specifically).
Agama5 is out! https://yast.opensuse.org/blog/2023-10-25/agama5
Supports package selections (we should try to rebuild install media for
it in the Leap:16 proj).
## openSUSE Tumbleweed (ana)
openSUSE:Factory build fail stats: 50 failed 4 unresolvable (last week
49 failed, 4 unresolvable)
https://tinyurl.com/ysy4nnnz
Most relevant updates from this last week:
* Linux 6.6.2
* meson 1.3.0
* xen 4.18.0
* gstreamer 1.22.7
* tomcat 10 (10.1.14)
Updates waiting / work in progress in staging:
* rust 1.74
* dbus-broker as default dbus session manager
* RPM 4.19 (work on going, %patch with unnumbered patches is not
supported from this version on)
* rubygems ecosystem updates
* fmt 10 (stuck since months ago because mariadb problems to build on
i586)
## Richard (Aeon)
Still working on "aeon-installer" which is basically a fork of GNOME OS
Install/EndlessOS Installer
Basic premise is to be a graphical equivalent of the "SelfInstaller",
with support for our systemd-boot style images which struggle in the
kiwi SelfInstaller
Will run from a custom 'installer ISO' that has no direct relation to
Aeon. That installer ISO will need to have the actual Aeon image
embedded inside it for use by "aeon-installer"
Very limited/no customisation - Just finds a disk, installs to that
disk, no partitioning, no mess, no fuss
Got my forked codebase building, and partially loading an image -
tweaks to the image are needed and WIP
Once it works on my machine I will need to go through the codebase and
remove/replace all user-visible references to GNOME OS/EndlessOS and
then submit to Factory
## Bernhard (Slowroll)
Not available
Continues to roll Slowly, sometimes has dependency problems -> need
install-check
*soon version bump but OBS issues
Adrian: (Could you please add your concern here Adrian?)
source-based Slowroll needs extra build power
causes extra downloads for users switching between Tumbleweed <=>
Slowroll
Bernhard: three open issues in OBS bugtracker
osc rdiff + osc getbinaries + building DVD with product-builder does
not work with TWsnapshot+dod approach =
https://github.com/openSUSE/slowroll/issues/1
https://github.com/openSUSE/open-build-service/issues/14994
osc branch -r release counter reset
https://github.com/openSUSE/open-build-service/issues/15079 causes
spurious "downgrades"
missing build-compare causes extra publishes
https://github.com/openSUSE/open-build-service/issues/15108
## Max
Leap 15.6(build stats in Backports: 22 faild, 3 unresolvable)
* Accepted NonFree update, they're part of the last published snapshot
already
* skippkg-finder has a misbehavior to handle PSP stack update, I'm
working on a solution
## Guillaume - Arm
* Tumbleweed:
- Rolling again
- WIP to get Tumbleweed to run on Lenovo X13s. DVD image boots ok
from USB, but still few bugs preventing to boot installed system on USB
(ok on NVMe). Also JeOS and live images do not boot from USB and show a
black screen which do not ease debugging.
* Leap 15.6/Backports SP6:
- gnome-apps failing to build causes issue on most architectures:
https://bugzilla.opensuse.org/show_bug.cgi?id=1216184#add_comment
## Sarah - s390x
Not available
* Tumbleweed
* builds are successfully, but the mainframe is missing behind openQA
:(
https://progress.opensuse.org/issues/137408
News related to s390x:
LLVM has been updated related to OpenMP for s390x
lkocman: A new s390x contact on SUSE Side (Marcela Maslanova).
lkocman to drop an introduction email to Sarah
## Doug
* Logo contest progressing well https://en.opensuse.org/Logocontest
* Maybe extended until wiki is back up Nov. 23 and run for 2 weeks
* FOSDEM -
https://fosdem.org/2024/news/2023-11-20-accepted-stands-fosdem-2024/
* openSUSE will not have a stand this year due to not be elected
* 3-1 applications to space
* Richard: Distro devroom is willing to give a space to openSUSE and
Ubuntu
* There is a bus that will be going from NUE
* TSP
* Slowly resolving payment issues due to international payments &
banking
* Additional meeting to have Geeko Foundation take over the TSP
* AMA session
* Interest in having an AMA for your project, email ddemaio
* Phase 0 of Board elections
* openSUSE.Asia Summit 2024 Call for hosts
https://news.opensuse.org/2023/11/20/opensuse-asia-summit-2024-call-for-hos…
* Finishing ESG report
* Open CFPs
* oSC24 open but down due to infra outage -
https://events.opensuse.org/
* CTL - https://chemnitzer.linux-tage.de/2024/de/
* Creative Freedom Summit (Deadline Nov. 24)
https://creativefreedomsummit.com/call-for-papers-2024-creative-freedom-sum…
Static
* oSC24 dates June 27 to 29 reserved (Thursday - Saturday)
* FOSDEM Bus Connect ddemaio(a)opensuse.org if you're in the Nuremberg
area
* AI topics (static)
## Dirk
No update - conflicting meeting
* usual bunch of factory package updates, supporting python 3.12
enablement
## Wolfgang (Package Hub), Scott Bahling
Not available
Package Hub for SLE-15-SP6 ready for testing (available thru SCC)
task for lkocman: The problem statement (SLES/SLED expectations)
Draft to be composed here:
https://etherpad.opensuse.org/p/packagehub-problem-statement
## Maintenance team (Marcus or Maurizio (m4u))
Not available
No issues. Internal request to add php8.1 to Package HUB.
Regarding AMD issue, kernel update is scheduled for a second Tuesday of
the month.
https://bugzilla.suse.com/show_bug.cgi?id=1215802
## Adrian - OBS
Looking into the publishing issue for 15.6
lkocman: issue with syncing states of mirrored issues (no permission on
SUSE:SLE* mirrored projects).
Marco will raise/raised that on the OBS call.
## Simon (Leap Replacement/Linarite)
Not available
## Open Floor
2
1