openSUSE Factory
Threads by month
- ----- 2024 -----
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
April 2024
- 68 participants
- 70 discussions
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
btrfsmaintenance
emacs-jinx (1.4 -> 1.6)
gcr (4.2.1 -> 4.3.0)
gettext-runtime
gnome-online-accounts (3.50.0 -> 3.50.1)
gobject-introspection
gptfdisk (1.0.9 -> 1.0.10)
libssh
multipath-tools (0.9.8+87+suse.f72b9f3 -> 0.9.8+88+suse.d504d83)
openSUSE-release (20240412 -> 20240414)
openssh
perl
pipewire
python-kiwi (9.25.22 -> 10.0.10)
schily
texlive
transactional-update (4.6.0 -> 4.6.5)
xz
zxcvbn
=== Details ===
==== btrfsmaintenance ====
- Use full URL for Source0 (.gz compressed as upstream does not
ship .bz2 ones).
==== emacs-jinx ====
Version update (1.4 -> 1.6)
- Rebase 0001-Only-export-necessary-symbols.-Fixes-105.patch against
1.6
- Update to version 1.6:
* Fix jinx-mode reentrancy issue #gh/minad/jinx#158
* Ensure that directory local variables work correctly with Jinx.
It is possible to turn Jinx on or off via dir-locals,
and also configure the language and local words.
* jinx-mod: Add global ref Qcons
* jinx-next: Unfold hidden misspelling
==== gcr ====
Version update (4.2.1 -> 4.3.0)
Subpackages: gcr-lang gcr-ssh-agent gcr-ssh-askpass gcr-viewer libgck-2-2 libgcr-4-4 typelib-1_0-Gck-2 typelib-1_0-Gcr-4
- Update to version 4.3.0:
+ certificate: Add API to retrieve version.
+ Bump required GnuTLS version to 3.8.5.
+ Avoid potential integer overflow spotted by UBSan>
+ Support GnuTLS as an alternative crypto backend.
+ Updated translations.
==== gettext-runtime ====
Subpackages: libtextstyle0
- Add missing Requires: find to gettext-tools
==== gnome-online-accounts ====
Version update (3.50.0 -> 3.50.1)
Subpackages: gnome-online-accounts-lang libgoa-1_0-0 libgoa-backend-1_0-2
- Update to version 3.50.1:
+ Fix translation domain in account dialogs.
+ Fix OAuth 2.0 URI handler for some users.
+ Fix crash in Kerberos/Fedora provider.
+ Improved WebDAV support for Fastmail and mailbox.org.
+ Fixes for WebDAV discovery.
+ OAuth 2.0 PKCE support.
+ Fix issues caught by static analysis.
+ Update Microsoft Client ID.
+ Updated translations.
==== gobject-introspection ====
Subpackages: girepository-1_0 libgirepository-1_0-1
- gi-find-deps.sh: further expand on the java script scanner.
==== gptfdisk ====
Version update (1.0.9 -> 1.0.10)
- Update to release 1.0.10
* Fix failure & crash of sgdisk when compiled with latest popt
* Fix NULL dereference when duplicating string argument
* Allow partition dynamically allocated by --largest-new to be
referenced by other options
* Truncate decimal inputs (e.g. "9.5G" becomes "9G")
* New partition type codes from the Discoverable Partitions
Specification
- Delete 0001-Fix-failure-crash-of-sgdisk-when-compiled-with-lates.patch
gptfdisk-1.0.9-libuuid.patch,
gptfdisk-fix-null-pointer-dereference.patch (merged)
==== libssh ====
Subpackages: libssh-config libssh4
- Don't change the path for crypto-policies libssh.config (bsc#1222716)
==== multipath-tools ====
Version update (0.9.8+87+suse.f72b9f3 -> 0.9.8+88+suse.d504d83)
Subpackages: kpartx libmpath0
- Update to version 0.9.8+88+suse.d504d83:
* Revert "libmultipath: fix max_sectors_kb on adding path"
(bsc#1222458)
==== openSUSE-release ====
Version update (20240412 -> 20240414)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== openssh ====
Subpackages: openssh-clients openssh-common openssh-server
- Fix duplicate loading of dropins. (boo#1222467)
==== perl ====
Subpackages: perl-base
- Revert commit 7af2d2037375d58e700f9e1b217efb2c4db66133 as suggested
by upstream perl
* fixed locale being clobbered by perl [bsc#1220195]
* new patch: perl-locale-backport.diff
==== pipewire ====
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-lang pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools
- Move the jack spa plugin from the pipewire-spa-plugins-0_2
package to a new pipewire-spa-plugins-0_2-jack package. This
allows to not Suggest the pipewire-libjack package from
pipewire-spa-plugins-0_2 since that's only used to connect
pipewire as a client to a jack server which is not common at all
(boo#1222253).
==== python-kiwi ====
Version update (9.25.22 -> 10.0.10)
- Bump version: 10.0.9 â 10.0.10
- Bump version: 10.0.8 â 10.0.9
- Fix setup of discoverable partitions
Make sure GUI is unique and typecode is set according to the
standard. This Fixes #2517
- Live ISO Wait for udev events after repart
Make sure to wait for the event queue to become empty after
the creation of the write partition. When kiwi calls the
code to create the write partition this emits new udev events.
It's important to wait for the event queue to become empty
to avoid a potential regression on the use of the device nodes.
In the processing of the events it can happen that a device
gets removed and re-added. If we don't want for udev
to process the entire queue it can happen that the
wrong block device is used. This wrong selection is only
possible because the way how hybrid ISOs are designed exposes
both, the disk and the partition for the root device with
the same label. This Fixes bsc#1213595
- Bump version: 10.0.7 â 10.0.8
- Fix zipl setup for use with custom btrfs root vol
In the setup case that btrfs is used for the system and
the root partition is on a custom named volume (not /),
this information was not passed to the zipl bootloader
instance and this caused the mounting of the overall
root system to fail. This commit fixes it
- Allow ignore stanza in bootstrap
So far the <ignore> stanza was only effective when placed
as part of the type="image" packages section. This commit
allows to place it also to the type="bootstrap" packages.
This Fixes #2499
- Bump version: 10.0.6 â 10.0.7
- Add support for %v in bundle format
Allow a placeholder for the entire version text as
provided by the <version> section
- Allow bundle format to be set on the commandline
The bundle format is usually specified as part of the image
description in the bundle_format attribute. This commit also
allows to specify/overwrite the bundle format in the kiwi
result bundle command via the new --bundle-format option.
This Fixes #2509
- Bump version: 10.0.5 â 10.0.6
- Fixup cleanup of zipl templates
Make sure temporary modifications to the zipl template
and config file are not effective in the later system.
This Fixes bsc#1221469
- Revise system_update.rst
- Revise system_prepare.rst
- Revise system_create.rst
- Bump version: 10.0.4 â 10.0.5
- Followup fix for use of /boot/zipl
The mounting of /boot/zipl is also only required if the
bootloader is set to grub2_s390x_emu
- Update schema version in spec file
- Drop rpm-dir from allowed repository type
Using an arbitrary list of rpm packages as repository is a zypper
only feature, barely tested and from our pov not really needed
as a simple createrepo call turns any custom list of packages
into a clean rpm-md repo including metadata. This commit drops
rpm-dir from the list of allowed repository types and auto
converts those image descriptions which makes use of it. Please
note this does not prevent users from using flat package
directories with zypper, because the type argument in the
repository section is an optional attribute. In case there is
no type specification zypper auto-detects and handles the data
as it handles it. This Fixes #1926
- Revise system_build.rst
- Fixup use of /boot/zipl
Only for the grub2_s390x_emu bootloader setup an optional boot
partition setup must be put to /boot/zipl rather than to /boot
- Lookup distro provided BLS entries for zipl
Check if there is already an entry file name produced by the
distribution logic/policy. If we can find an already present
entry name, prefer this name over the kiwi naming policy
- Install audit in s390 rawhide integration test
- Bump version: 10.0.3 â 10.0.4
- Delete invalid EPEL repo from rawhide tests
- Fix s390 tools and grub requirement
On Fedora/RHEL this is named s390utils and there is no grub2
- Added rawhide integration test
- Temp commit
- Bump version: 10.0.2 â 10.0.3
- Revise image_size, kiwi
- Ensure we use a compatible docopt-ng version
To ensure our trick to switch between docopt and docopt-ng works,
we need to have a higher minimum version for docopt-ng where
compatibility with the original docopt was restored.
- Fixed delta_root build
The support for delta_root allows to build a delta container
image from a given base container. Due to the refactoring of
the kiwi code base using context managers no explicit deletion
of instances happens anymore. This uncovered a weakness of
the delta root code at the level of the overlay mount. At
the time of the umount there are still active temporary
mount handlers which keeps the mountpoint busy. In order to
fix this properly also the PackageManager factory is now
a context manager and the Repository factory received a
cleanup method which is called when the PackageManager goes
out of scope. This refactoring also fixes the busy state
when building deltas
... changelog too long, skipping 43 lines ...
- Revise Build simple disk
==== schily ====
Subpackages: libcdrdeflt1_0 libdeflt1_0 libfile1_0 libfind4_0 librmt1_0 librscg1_0 libscg1_0 libscgcmd1_0 libschily2_0 mkisofs spax star
- Update to release 2024.03.21
* mkisofs: produce less scrollback when logging progress to ttys.
==== texlive ====
- Add patch source-dvipdfm-x.dif
* dvipdfmx: repeated inclusion of the same image did not share
the image data, but had separate copies for each inclusion.
==== transactional-update ====
Version update (4.6.0 -> 4.6.5)
Subpackages: dracut-transactional-update libtukit4 transactional-update-zypp-config tukit
- Version 4.6.5
- Rework soft-reboot support introduced in 4.6.0:
- On transactional systems with systemd 254 the system could
hang with with a soft-reboot, as /var and /etc have to be
mounted in /run/nextroot explicitly. As a soft-reboot can
also be triggered by an admin the mounting of the
corresponding mount points was moved to a systemd service to
be independent of t-u itself.
- Support for systemd 255
- Don't decrease reboot level on multiple commands
- Various other bugfixes
- soft-reboot support is disabled by default now to gather more feedback
- libtukit: Fix kexec reboot method to boot kernel / initrd of next snapshot
- tukit: Don't clone lock file handle on exec [boo#1222411]
- t-u: Always use zypper of installed system [bsc#1221346]
- t-u: Remove remaining telemetrics references
- Add prepare-nextroot-for-softreboot service
- Add (empty) %check section
==== xz ====
Subpackages: liblzma5 liblzma5-32bit liblzma5-x86-64-v3 xz-lang
- revert the switch to tar_scm which dropped the signature
validation
- switch back to tarballs because the upstream tarballs are not
gone
- reinstanciate keyring from Lasse
- go back to the last release signed by Lasse (5.4.2)
- revert multibuild, drop service and rpmlintrc
- use real_ver for the Source, move everything else back to
%version like before the hectic XZ downgrade
- remove payload setting, we are using zstd now
- Switch to using tar_scm for fetching the sources as the upstream
tarballs on github are gone
- introduce _multibuild to allow building the translations outside
of Ring0 and everything else in Ring0
- add rpmlintrc to silence harmless warnings
==== zxcvbn ====
- Make use of distro build flags
1
0
slowroll: as of a few days, slowroll zypper ref, fails verfication of remomd.xml - cdn opensuse org, update slowroll repo oss
by cagsm 13 Apr '24
by cagsm 13 Apr '24
13 Apr '24
factory,
posted on support the other day:
<https://lists.opensuse.org/archives/list/support@lists.opensuse.org/thread/…>
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
apache2 (2.4.58 -> 2.4.59)
apache2-manual (2.4.58 -> 2.4.59)
apache2-prefork (2.4.58 -> 2.4.59)
apache2-utils (2.4.58 -> 2.4.59)
f2fs-tools (1.15.0 -> 1.16.0)
gnome-text-editor (46.0 -> 46.1)
gom (0.5.0 -> 0.5.1)
grep
gupnp
jack
kernel-source (6.8.4 -> 6.8.5)
lensfun
liblouis
miniupnpc (2.2.5 -> 2.2.6)
openSUSE-build-key
openSUSE-release (20240411 -> 20240412)
ovmf
pam (1.6.0 -> 1.6.1)
pam-config (2.11 -> 2.11+git.20240411)
pam-full-src (1.6.0 -> 1.6.1)
postfix
python-Pillow
update-alternatives (1.22.5 -> 1.22.6)
=== Details ===
==== apache2 ====
Version update (2.4.58 -> 2.4.59)
- Update to 2.4.59:
* ) mod_deflate: Fixes and better logging for handling various
error and edge cases. [Eric Covener, Yann Ylavic, Joe Orton,
Eric Norris <enorris etsy.com>]
* ) Add CGIScriptTimeout to mod_cgi. [Eric Covener]
* ) mod_xml2enc: Tolerate libxml2 2.12.0 and later. PR 68610
[ttachi <tachihara AT hotmail.com>]
* ) mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable.
[Jean-Frederic Clere]
* ) mod_ssl: Use OpenSSL-standard functions to assemble CA
name lists for SSLCACertificatePath/SSLCADNRequestPath.
Names will now be consistently sorted. PR 61574.
[Joe Orton]
* ) mod_xml2enc: Update check to accept any text/ media type
or any XML media type per RFC 7303, avoiding
corruption of Microsoft OOXML formats. PR 64339.
[Joseph Heenan <joseph.heenan fintechlabs.io>, Joe Orton]
* ) mod_http2: v2.0.26 with the following fixes:
- Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes
<https://github.com/icing/mod_h2/issues/272>.
- Fixed small memory leak in h2 header bucket free. Thanks to
Michael Kaufmann for finding this and providing the fix.
* ) htcacheclean: In -a/-A mode, list all files per subdirectory
rather than only one. PR 65091.
[Artem Egorenkov <aegorenkov.91 gmail.com>]
* ) mod_ssl: SSLProxyMachineCertificateFile/Path may reference files
which include CA certificates; those CA certs are treated as if
configured with SSLProxyMachineCertificateChainFile. [Joe Orton]
* ) htpasswd, htdbm, dbmmanage: Update help&docs to refer to
"hashing", rather than "encrypting" passwords.
[Michele Preziuso <mpreziuso kaosdynamics.com>]
* ) mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047.
[Giovanni Bechis, Yann Ylavic]
* ) htpasswd: Add support for passwords using SHA-2. [Joe Orton,
Yann Ylavic]
* ) core: Allow mod_env to override system environment vars. [Joe Orton]
* ) Allow mod_dav_fs to tolerate race conditions between PROPFIND and an
operation which removes a directory/file between apr_dir_read() and
apr_stat(). Current behaviour is to abort the connection which seems
inferior to tolerating (and logging) the error. [Joe Orton]
* ) mod_ldap: HTML-escape data in the ldap-status handler.
[Eric Covener, Chamal De Silva]
* ) mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set.
Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available,
notably with OpenSSL >= 3. PR 68080. [Yann Ylavic, Joe Orton]
* ) mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about
deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting
to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice).
[Yann Ylavic]
* ) mod_ssl: release memory to the OS when needed. [Giovanni Bechis]
* ) mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when
some dollar substitution (backreference) happens in the hostname or port
part of the URL. [Yann Ylavic]
* ) mod_proxy: Allow to set a TTL for how long DNS resolutions to backend
systems are cached. [Yann Ylavic]
* ) mod_proxy: Add optional third argument for ProxyRemote, which
configures Basic authentication credentials to pass to the remote
proxy. PR 37355. [Joe Orton]
==== apache2-manual ====
Version update (2.4.58 -> 2.4.59)
- Update to 2.4.59:
* ) mod_deflate: Fixes and better logging for handling various
error and edge cases. [Eric Covener, Yann Ylavic, Joe Orton,
Eric Norris <enorris etsy.com>]
* ) Add CGIScriptTimeout to mod_cgi. [Eric Covener]
* ) mod_xml2enc: Tolerate libxml2 2.12.0 and later. PR 68610
[ttachi <tachihara AT hotmail.com>]
* ) mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable.
[Jean-Frederic Clere]
* ) mod_ssl: Use OpenSSL-standard functions to assemble CA
name lists for SSLCACertificatePath/SSLCADNRequestPath.
Names will now be consistently sorted. PR 61574.
[Joe Orton]
* ) mod_xml2enc: Update check to accept any text/ media type
or any XML media type per RFC 7303, avoiding
corruption of Microsoft OOXML formats. PR 64339.
[Joseph Heenan <joseph.heenan fintechlabs.io>, Joe Orton]
* ) mod_http2: v2.0.26 with the following fixes:
- Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes
<https://github.com/icing/mod_h2/issues/272>.
- Fixed small memory leak in h2 header bucket free. Thanks to
Michael Kaufmann for finding this and providing the fix.
* ) htcacheclean: In -a/-A mode, list all files per subdirectory
rather than only one. PR 65091.
[Artem Egorenkov <aegorenkov.91 gmail.com>]
* ) mod_ssl: SSLProxyMachineCertificateFile/Path may reference files
which include CA certificates; those CA certs are treated as if
configured with SSLProxyMachineCertificateChainFile. [Joe Orton]
* ) htpasswd, htdbm, dbmmanage: Update help&docs to refer to
"hashing", rather than "encrypting" passwords.
[Michele Preziuso <mpreziuso kaosdynamics.com>]
* ) mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047.
[Giovanni Bechis, Yann Ylavic]
* ) htpasswd: Add support for passwords using SHA-2. [Joe Orton,
Yann Ylavic]
* ) core: Allow mod_env to override system environment vars. [Joe Orton]
* ) Allow mod_dav_fs to tolerate race conditions between PROPFIND and an
operation which removes a directory/file between apr_dir_read() and
apr_stat(). Current behaviour is to abort the connection which seems
inferior to tolerating (and logging) the error. [Joe Orton]
* ) mod_ldap: HTML-escape data in the ldap-status handler.
[Eric Covener, Chamal De Silva]
* ) mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set.
Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available,
notably with OpenSSL >= 3. PR 68080. [Yann Ylavic, Joe Orton]
* ) mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about
deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting
to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice).
[Yann Ylavic]
* ) mod_ssl: release memory to the OS when needed. [Giovanni Bechis]
* ) mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when
some dollar substitution (backreference) happens in the hostname or port
part of the URL. [Yann Ylavic]
* ) mod_proxy: Allow to set a TTL for how long DNS resolutions to backend
systems are cached. [Yann Ylavic]
* ) mod_proxy: Add optional third argument for ProxyRemote, which
configures Basic authentication credentials to pass to the remote
proxy. PR 37355. [Joe Orton]
==== apache2-prefork ====
Version update (2.4.58 -> 2.4.59)
- Update to 2.4.59:
* ) mod_deflate: Fixes and better logging for handling various
error and edge cases. [Eric Covener, Yann Ylavic, Joe Orton,
Eric Norris <enorris etsy.com>]
* ) Add CGIScriptTimeout to mod_cgi. [Eric Covener]
* ) mod_xml2enc: Tolerate libxml2 2.12.0 and later. PR 68610
[ttachi <tachihara AT hotmail.com>]
* ) mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable.
[Jean-Frederic Clere]
* ) mod_ssl: Use OpenSSL-standard functions to assemble CA
name lists for SSLCACertificatePath/SSLCADNRequestPath.
Names will now be consistently sorted. PR 61574.
[Joe Orton]
* ) mod_xml2enc: Update check to accept any text/ media type
or any XML media type per RFC 7303, avoiding
corruption of Microsoft OOXML formats. PR 64339.
[Joseph Heenan <joseph.heenan fintechlabs.io>, Joe Orton]
* ) mod_http2: v2.0.26 with the following fixes:
- Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes
<https://github.com/icing/mod_h2/issues/272>.
- Fixed small memory leak in h2 header bucket free. Thanks to
Michael Kaufmann for finding this and providing the fix.
* ) htcacheclean: In -a/-A mode, list all files per subdirectory
rather than only one. PR 65091.
[Artem Egorenkov <aegorenkov.91 gmail.com>]
* ) mod_ssl: SSLProxyMachineCertificateFile/Path may reference files
which include CA certificates; those CA certs are treated as if
configured with SSLProxyMachineCertificateChainFile. [Joe Orton]
* ) htpasswd, htdbm, dbmmanage: Update help&docs to refer to
"hashing", rather than "encrypting" passwords.
[Michele Preziuso <mpreziuso kaosdynamics.com>]
* ) mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047.
[Giovanni Bechis, Yann Ylavic]
* ) htpasswd: Add support for passwords using SHA-2. [Joe Orton,
Yann Ylavic]
* ) core: Allow mod_env to override system environment vars. [Joe Orton]
* ) Allow mod_dav_fs to tolerate race conditions between PROPFIND and an
operation which removes a directory/file between apr_dir_read() and
apr_stat(). Current behaviour is to abort the connection which seems
inferior to tolerating (and logging) the error. [Joe Orton]
* ) mod_ldap: HTML-escape data in the ldap-status handler.
[Eric Covener, Chamal De Silva]
* ) mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set.
Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available,
notably with OpenSSL >= 3. PR 68080. [Yann Ylavic, Joe Orton]
* ) mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about
deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting
to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice).
[Yann Ylavic]
* ) mod_ssl: release memory to the OS when needed. [Giovanni Bechis]
* ) mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when
some dollar substitution (backreference) happens in the hostname or port
part of the URL. [Yann Ylavic]
* ) mod_proxy: Allow to set a TTL for how long DNS resolutions to backend
systems are cached. [Yann Ylavic]
* ) mod_proxy: Add optional third argument for ProxyRemote, which
configures Basic authentication credentials to pass to the remote
proxy. PR 37355. [Joe Orton]
==== apache2-utils ====
Version update (2.4.58 -> 2.4.59)
- Update to 2.4.59:
* ) mod_deflate: Fixes and better logging for handling various
error and edge cases. [Eric Covener, Yann Ylavic, Joe Orton,
Eric Norris <enorris etsy.com>]
* ) Add CGIScriptTimeout to mod_cgi. [Eric Covener]
* ) mod_xml2enc: Tolerate libxml2 2.12.0 and later. PR 68610
[ttachi <tachihara AT hotmail.com>]
* ) mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable.
[Jean-Frederic Clere]
* ) mod_ssl: Use OpenSSL-standard functions to assemble CA
name lists for SSLCACertificatePath/SSLCADNRequestPath.
Names will now be consistently sorted. PR 61574.
[Joe Orton]
* ) mod_xml2enc: Update check to accept any text/ media type
or any XML media type per RFC 7303, avoiding
corruption of Microsoft OOXML formats. PR 64339.
[Joseph Heenan <joseph.heenan fintechlabs.io>, Joe Orton]
* ) mod_http2: v2.0.26 with the following fixes:
- Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes
<https://github.com/icing/mod_h2/issues/272>.
- Fixed small memory leak in h2 header bucket free. Thanks to
Michael Kaufmann for finding this and providing the fix.
* ) htcacheclean: In -a/-A mode, list all files per subdirectory
rather than only one. PR 65091.
[Artem Egorenkov <aegorenkov.91 gmail.com>]
* ) mod_ssl: SSLProxyMachineCertificateFile/Path may reference files
which include CA certificates; those CA certs are treated as if
configured with SSLProxyMachineCertificateChainFile. [Joe Orton]
* ) htpasswd, htdbm, dbmmanage: Update help&docs to refer to
"hashing", rather than "encrypting" passwords.
[Michele Preziuso <mpreziuso kaosdynamics.com>]
* ) mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047.
[Giovanni Bechis, Yann Ylavic]
* ) htpasswd: Add support for passwords using SHA-2. [Joe Orton,
Yann Ylavic]
* ) core: Allow mod_env to override system environment vars. [Joe Orton]
* ) Allow mod_dav_fs to tolerate race conditions between PROPFIND and an
operation which removes a directory/file between apr_dir_read() and
apr_stat(). Current behaviour is to abort the connection which seems
inferior to tolerating (and logging) the error. [Joe Orton]
* ) mod_ldap: HTML-escape data in the ldap-status handler.
[Eric Covener, Chamal De Silva]
* ) mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set.
Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available,
notably with OpenSSL >= 3. PR 68080. [Yann Ylavic, Joe Orton]
* ) mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about
deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting
to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice).
[Yann Ylavic]
* ) mod_ssl: release memory to the OS when needed. [Giovanni Bechis]
* ) mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when
some dollar substitution (backreference) happens in the hostname or port
part of the URL. [Yann Ylavic]
* ) mod_proxy: Allow to set a TTL for how long DNS resolutions to backend
systems are cached. [Yann Ylavic]
* ) mod_proxy: Add optional third argument for ProxyRemote, which
configures Basic authentication credentials to pass to the remote
proxy. PR 37355. [Joe Orton]
==== f2fs-tools ====
Version update (1.15.0 -> 1.16.0)
- update to 1.16.0:
* Various bug fixes in fsck and mkfs for zoned device support.
==== gnome-text-editor ====
Version update (46.0 -> 46.1)
Subpackages: gnome-text-editor-lang
- Update to version 46.1:
+ Remove DBusActicatable=true from the .desktop file to fix an
issue where you could spawn Text Editor via D-Bus and not have
the session restored at startup.
+ AppData fixes.
+ Updated translations.
- Drop data-desktop-disable-DBusActivatable.patch: fixed upstream.
==== gom ====
Version update (0.5.0 -> 0.5.1)
- Update to version 0.5.1:
+ Reduce object inflation overhead in GType system usage.
+ Avoid some allocations in hot paths.
+ Avoid hashtables for resourcegroup items.
+ Avoid use of weak pointers when unnecessary.
==== grep ====
Subpackages: grep-lang
- restore texinfo macros for SLE15
==== gupnp ====
- remove dependency on /usr/bin/python3 using
%python3_fix_shebang macro, [bsc#1212476]
==== jack ====
Subpackages: jack-dbus libjack0
- remove dependency on /usr/bin/python3 using
%python3_fix_shebang macro, [bsc#1212476]
==== kernel-source ====
Version update (6.8.4 -> 6.8.5)
- gcc-plugins/stackleak: Avoid .head.text section (git-fixes).
- commit 542f698
- Linux 6.8.5 (bsc#1012628).
- x86: set SPECTRE_BHI_ON as default (bsc#1012628).
- KVM: x86: Add BHI_NO (bsc#1012628).
- x86/bhi: Mitigate KVM by default (bsc#1012628).
- x86/bhi: Add BHI mitigation knob (bsc#1012628 bsc#1217339 CVE-2024-2201).
- Update config files (set SPECTRE_BHI_ON=y which is the default later).
- x86/bhi: Enumerate Branch History Injection (BHI) bug
(bsc#1012628).
- x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1012628).
- x86/bhi: Add support for clearing branch history at syscall
entry (bsc#1012628).
- x86/syscall: Don't force use of indirect calls for system calls
(bsc#1012628).
- x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file
(bsc#1012628).
- x86/efistub: Remap kernel text read-only before dropping NX
attribute (bsc#1012628).
- x86/sev: Move early startup code into .head.text section
(bsc#1012628).
- x86/sme: Move early SME kernel encryption handling into
.head.text (bsc#1012628).
- x86/boot: Move mem_encrypt= parsing to the decompressor
(bsc#1012628).
- efi/libstub: Add generic support for parsing mem_encrypt=
(bsc#1012628).
- bpf: support deferring bpf_link dealloc to after RCU grace
period (bsc#1012628).
- bpf: put uprobe link's path and task in release callback
(bsc#1012628).
- Revert "x86/mpparse: Register APIC address only once"
(bsc#1012628).
- drm/xe: Rework rebinding (bsc#1012628).
- drm/xe: Use ring ops TLB invalidation for rebinds (bsc#1012628).
- drm/i915/gt: Enable only one CCS for compute workload
(bsc#1012628).
- drm/i915/gt: Do not generate the command streamer for all the
CCS (bsc#1012628).
- drm/i915/gt: Disable HW load balancing for CCS (bsc#1012628).
- drm/i915/dp: Fix the computation for compressed_bpp for DISPLAY
< 13 (bsc#1012628).
- drm/i915/mst: Reject FEC+MST on ICL (bsc#1012628).
- drm/i915/mst: Limit MST+DSC to TGL+ (bsc#1012628).
- smb: client: fix potential UAF in
cifs_signal_cifsd_for_reconnect() (bsc#1012628).
- smb: client: fix potential UAF in smb2_is_network_name_deleted()
(bsc#1012628).
- smb: client: fix potential UAF in is_valid_oplock_break()
(bsc#1012628).
- smb: client: fix potential UAF in smb2_is_valid_lease_break()
(bsc#1012628).
- smb: client: fix potential UAF in smb2_is_valid_oplock_break()
(bsc#1012628).
- smb: client: fix potential UAF in cifs_dump_full_key()
(bsc#1012628).
- smb: client: fix potential UAF in cifs_stats_proc_show()
(bsc#1012628).
- smb: client: fix potential UAF in cifs_stats_proc_write()
(bsc#1012628).
- smb: client: fix potential UAF in cifs_debug_files_proc_show()
(bsc#1012628).
- smb3: retrying on failed server close (bsc#1012628).
- smb: client: serialise cifs_construct_tcon() with
cifs_mount_mutex (bsc#1012628).
- smb: client: handle DFS tcons in cifs_construct_tcon()
(bsc#1012628).
- smb: client: refresh referral without acquiring refpath_lock
(bsc#1012628).
- smb: client: guarantee refcounted children from parent session
(bsc#1012628).
- smb: client: fix UAF in smb2_reconnect_server() (bsc#1012628).
- riscv: process: Fix kernel gp leakage (bsc#1012628).
- riscv: Fix spurious errors from __get/put_kernel_nofault
(bsc#1012628).
- s390/entry: align system call table on 8 bytes (bsc#1012628).
- selftests/mm: include strings.h for ffsl (bsc#1012628).
- mm/secretmem: fix GUP-fast succeeding on secretmem folios
(bsc#1012628).
- arm64/ptrace: Use saved floating point state type to determine
SVE layout (bsc#1012628).
- riscv: Fix vector state restore in rt_sigreturn() (bsc#1012628).
- aio: Fix null ptr deref in aio_complete() wakeup (bsc#1012628).
- perf/x86/intel/ds: Don't clear ->pebs_data_cfg for the last
PEBS event (bsc#1012628).
- x86/coco: Require seeding RNG with RDRAND on CoCo systems
(bsc#1012628).
- x86/mce: Make sure to grab mce_sysfs_mutex in set_bank()
(bsc#1012628).
- x86/mm/pat: fix VM_PAT handling in COW mappings (bsc#1012628).
- of: module: prevent NULL pointer dereference in vsnprintf()
(bsc#1012628).
- of: dynamic: Synchronize of_changeset_destroy() with the
devlink removals (bsc#1012628).
- driver core: Introduce device_link_wait_removal() (bsc#1012628).
- ASoC: SOF: Intel: hda: Compensate LLP in case it is not reset
(bsc#1012628).
- ASoC: SOF: ipc4-pcm: Correct the delay calculation
(bsc#1012628).
... changelog too long, skipping 395 lines ...
- commit f362b5c
==== lensfun ====
Subpackages: lensfun-data liblensfun1
- remove dependency on /usr/bin/python3 using
%python3_fix_shebang macro, [bsc#1212476]
==== liblouis ====
Subpackages: liblouis-data liblouis20 python3-louis
- Run python tests in %check
==== miniupnpc ====
Version update (2.2.5 -> 2.2.6)
- update to 2.2.6:
* includes charset="utf-8" in Content-Type
* fix memory allocation error in minissdpc.c
* Make User-Agent compliant.
* add new binary listdevices => upnp-listdevices
- added %check section to run unit tests
==== openSUSE-build-key ====
- SLM 6.0 key (ALP / SLF1) RSA 4096 bit key
- gpg-pubkey-09d9ea69-645b99ce.asc
- 2024 SUSE Linux Enterprise 15 SP6 RSA 4096 bit key
- gpg-pubkey-3fa1d6ce-63c9481c.asc
- SLM 6.0 key (ALP / SLF1) RSA 4096 bit reserve key
- gpg-pubkey-73f03759-626bd414.asc
- 2024 SUSE Linux Enterprise 15 SP6 RSA 4096 bit reserve key
- gpg-pubkey-d588dc46-63c939db.asc
- obsoleted a incorrectly used DSA1024 key (used in Slowroll).
==== openSUSE-release ====
Version update (20240411 -> 20240412)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== ovmf ====
Subpackages: qemu-ovmf-x86_64
- Add ovmf-EmbeddedPkg-Library-Support-SOURCE_DATE_EPOCH-in-Vir.patch
Support SOURCE_DATE_EPOCH in VirtualRealTimeClockLib for reproducible.
(bsc#1217704)
==== pam ====
Version update (1.6.0 -> 1.6.1)
Subpackages: pam-32bit
- Update to version 1.6.1
- pam_env: fixed --disable-econf --enable-vendordir support.
- pam_unix: do not warn if password aging is disabled.
- pam_unix: try to set uid to 0 before unix_chkpwd invocation.
- pam_unix: allow empty passwords with non-empty hashes.
- Multiple minor bug fixes, build fixes, portability fixes,
documentation improvements, and translation updates.
- Remove backports:
- pam_env-fix_vendordir.patch
- pam_env-fix-enable-vendordir-fallback.patch
- pam_env-remove-escaped-newlines.patch
- pam_unix-fix-password-aging-disabled.patch
==== pam-config ====
Version update (2.11 -> 2.11+git.20240411)
- Update to version 2.11+git.20240411:
* Configure Himmelblau correctly w/ other services present
* Configure other services correctly w/ Himmelblau present
* Himmelblau session is only optional
==== pam-full-src ====
Version update (1.6.0 -> 1.6.1)
- Update to version 1.6.1
- pam_env: fixed --disable-econf --enable-vendordir support.
- pam_unix: do not warn if password aging is disabled.
- pam_unix: try to set uid to 0 before unix_chkpwd invocation.
- pam_unix: allow empty passwords with non-empty hashes.
- Multiple minor bug fixes, build fixes, portability fixes,
documentation improvements, and translation updates.
- Remove backports:
- pam_env-fix_vendordir.patch
- pam_env-fix-enable-vendordir-fallback.patch
- pam_env-remove-escaped-newlines.patch
- pam_unix-fix-password-aging-disabled.patch
==== postfix ====
- Move qshape(1) out of -doc, install it as a binary with the main package
==== python-Pillow ====
- Reenable tests for s390x and ppc, bsc#1222553
gh#python-pillow/Pillow#1204
==== update-alternatives ====
Version update (1.22.5 -> 1.22.6)
- Update to version 1.22.6.
The changelog for this version isn't very large, so it's provided in full:
* dpkg-deb: Fix up compressor parameters for default legacy format.
* Perl modules:
- Dpkg::Vendor::Debian: Make it possible to disable qa=-bug-implicit-func.
- Dpkg::Vendor::Debian: Unconditionally set qa bug-implicit-func.
* Documentation:
- man: Document dpkg versions supporting SOURCE_DATE_EPOCH for various
tools.
* Code internals:
- libdpkg: Use array access instead of pointer arithmetic for meminfo
parser.
- libdpkg: Use a macro to define the zstd default compression level.
* Build system:
- Test with minimal library dependencies in CI.
- Add gen-release script.
* Packaging:
- Fix typo in man page reference in changelog.
* Test suite:
- Refactor OpenPGP backend and commands list.
- Refactor certfile and keyfile filenames for OpenPGP test.
- Skip OpenPGP tests if the backend does not have a verify command.
* Localization:
- Fix typos in Swedish man pages translations.
- Fix typos in Swedish man pages translations.
- Update Dutch man pages translations.
- Update Portuguese man pages translations.
- Update German man pages translation.
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
emacs
freerdp2
gnome-control-center
ibus-m17n (1.4.28 -> 1.4.29)
libquicktime
openSUSE-release (20240410 -> 20240411)
patterns-kde
vim (9.1.0151 -> 9.1.0301)
xfce4-branding-openSUSE (4.18.0+git1.8b02118 -> 4.18.0+git4.79f6d44)
xorg-x11-server
=== Details ===
==== emacs ====
Subpackages: emacs-el emacs-eln emacs-info emacs-nox etags
- Modify patch emacs-25.1-custom-fonts.patch
* include math.h for all kinds of fonts handling (boo#1222637)
- Modify patch emacs-27.1-Xauthority4server.patch
* Add After=graphical-session.target in emacs.service (boo#1222172)
==== freerdp2 ====
Subpackages: libfreerdp2-2 libwinpr2-2
- Add patch to avoid unneeded dependencies when using winpr-devel:
* 0001-Don-t-add-winpr-cli-tools-to-exported-CMake-targets.patch
==== gnome-control-center ====
Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-lang gnome-control-center-user-faces gnome-control-center-users
- Add gnome-control-center-datetime-Avoid-emitting-the-time-changed-signal.patch:
Avoid emitting the time-changed signal
(bsc#1222149, bsc#1221799, glgo#GNOME/gnome-control-center#2943).
==== ibus-m17n ====
Version update (1.4.28 -> 1.4.29)
- Update to 1.4.29
* Add Malayalam and Swedish translations
==== libquicktime ====
- Fix build with GCC 14, bsc#1221701
* fix-gcc14-build.patch
==== openSUSE-release ====
Version update (20240410 -> 20240411)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== patterns-kde ====
Subpackages: patterns-kde-kde patterns-kde-kde_edutainment patterns-kde-kde_games patterns-kde-kde_ide patterns-kde-kde_imaging patterns-kde-kde_internet patterns-kde-kde_multimedia patterns-kde-kde_office patterns-kde-kde_pim patterns-kde-kde_plasma patterns-kde-kde_utilities patterns-kde-kde_utilities_opt patterns-kde-kde_yast
- xwaylandvideobridge has always been unversioned (boo#1222640)
==== vim ====
Version update (9.1.0151 -> 9.1.0301)
Subpackages: vim-data vim-data-common xxd
- update to 9.1.0301
* Vim9: heredoc start may be recognized in string
* Missing test for what patch v9.1.0285 fixes
* Vim9: return type not set for a lambda assigned to script var
* add runtime/doc/tags-* to ignore files
* Updated translation
* Update documentation
* Patch 9.1.0296 causes too many issues
* Fix a few issues with gvim.nsi
* regexp: engines do not handle case-folding well
* filetype: pip config files are not recognized
* Text height function does not respect it's argument
* filetype: lxqt config files are not recognized
* filetype: XDG mimeapps.list file is not recognized
* filetype: libreoffice config files are not recognized
* filetype: xilinx files are not recognized
* filetype: some TeX files are not recognized
* Vim9: comment may be treated as heredoc start
* Vim9: E1027 with defcompile for abstract methods
* Still problems with cursor position for CTRL-D/U
* fix inaccuracies in pandoc compiler
* make testclean is not able to delete failed screendumps
* Update base-syntax, no curly-brace names in Vim9 script
* Several small issues in doc and tests
* Finding highlighting attributes is inefficient
* Update cuda keywords, remove uncommonly used enumeration constants
* several issues with 'smoothscroll' support
* filetype: roc files are not recognized
* filetype: zathurarc files not recognized
* Cannot highlight the Command-line
* No pandoc syntax support
* filetype: R history files are not recognized
* filetype: keymap files are not recognized
* autocmd may change cwd after :tcd and :lcd
* Update syntax generator, autocmd event list parsing
* Normalise builtin-function optional parameter formatting
* Correctly distribute libsodium with the installer
* a few minor issues to fix
* Test for TextChanged is still flaky with ASAN
* Two tests in test_filechanged.vim are slow
* File name entered in GUI dialog is ignored
* fix :compiler leaving behind a g:makeprg variable
* Remove more fallback :CompilerSet definitions from compiler plugins
* filetype: earthfile files are not recognized
* console dialog cannot save unnamed buffers
* Fill in a few details regarding :enums
* Remove fallback :CompilerSet definition from compiler plugins
* libgpm may delete some signal handlers
* Improve the matching of contextual keywords
* Vim9: Problem with lambda blocks in enums and classes
* Test for TextChanged is flaky with ASAN
* Vim9: protected class and funcrefs accessible outside the class
* Problems with "zb" and scrolling to new topline with 'smoothscroll'
* filetype not detected when editing remote files
* sort filetype.txt in the alphabetical order
* Normal mode TextChanged isn't tested properly
* half-page scrolling broke backward compatibility
* Vim9: :call may not find imported class members
* Finding autocmd events is inefficient
* Vim9: no indication of script nr in stack trace of classes
* [security]: Heap buffer overflow when calling complete_add() in 'cfu'
* filetype: typespec files are not recognized
* improve syntax highlighting for YAML
* Vim9: segfault with static in super class
* Filetype test fails
* update syntax
* filetype: ldscripts cannot be recognized
* filetype: rock_manifest and config.ld files are not recognized
* filetype: yarn lock files are not recognized
* filetype: bundle config files are not recognized
* filetype: fontconfig files are not recognized
* filetype: zsh theme, history and zunit files are not recognized
* filetype: bash history files are not recognized
* filetype: netrw history file is not recognized
* filetype: octave history files are not recognized
* filetype: mysql history files are not recognized
* filetype: some python tools config files are not recognized
* filetype: gnuplot history files are not recognised
* filetype: jupyterlab and sublime config are not recognized
* filetype: mplstyle files are not recognized
* filetype: texlua files are not recognized
* filetype: supertux files are not recognized
* filetype: support for Intel HEX files is lacking
* Vim9: string() output of enum is problematic
* Conceal test fails when rightleft feature is disabled
* Filetype may be undetected when SwapExists sets ft in other buf
* TextChanged autocommand not triggered under some circumstances
* ensure compiler! sets global options
* Distinguish Vim9 builtin object methods from namesake builtin functions
* add support for Debian specific @includes
* Error E877 is not translated
* fix path of uganda.nsis.txt in german.nsi file
* Two unrelated things are tested by a single test
* Improve docs for empty(), len(), and string() on objects
* Recording may still be wrong in Select mode
* Not able to assign enum values to an enum static variable
* test_matchparen not run in CI
* cursor may move too many lines over "right" & "below" virt text
* code duplication in loop to add active text properties
... changelog too long, skipping 119 lines ...
* Coverity complains about ignoring return value
==== xfce4-branding-openSUSE ====
Version update (4.18.0+git1.8b02118 -> 4.18.0+git4.79f6d44)
Subpackages: libgarcon-branding-openSUSE libxfce4ui-branding-openSUSE thunar-volman-branding-openSUSE xfce4-notifyd-branding-openSUSE xfce4-panel-branding-openSUSE xfce4-power-manager-branding-openSUSE xfce4-session-branding-openSUSE xfce4-settings-branding-openSUSE xfdesktop-branding-openSUSE xfwm4-branding-openSUSE
- Update to version 4.18.0+git4.79f6d44:
* Fix wallpaper folder structure
* Better split tumbleweed and leap wallpapers
* Added old wallpaper symlinks still needed by leap
==== xorg-x11-server ====
Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra
- U_render-Avoid-possible-double-free-in-ProcRenderAddGl.patch
* fixes regression for security fix for CVE-2024-31083 (bsc#1222312,
boo#1222442, gitlab xserver issue #1659)
1
0
How to join the meeting?
https://calendar.opensuse.org/teams/release/events/opensuse_release_enginee…
All meeting minutes can be found here:
https://etherpad.opensuse.org/p/ReleaseEngineering-meeting
## Attendees
bittin, lkocman, Dimstar, ddemaio, maxlin, bmwiedemann, guillaumeg,
ana, adrian, wengel
## Leap
Leap 15.6 - pending transition of default background to png
https://news.opensuse.org/2024/04/09/common-wallpaper-path/
The reason is to have parity with icon set and background path with
SLES, so we can run apps that utilize
background.
^ This will unblock addition of cockpit to both Leap && Package HUB
(currently blocked on libssh regression from SP4)
https://code.opensuse.org/leap/features/issue/14
Test build in https://build.opensuse.org/project/show/home:lkocman:branches:openSUSE:Leap…
Leap Micro 6.0 - Alpha availabiltiy on get-o-o today/tomorrow
https://download.opensuse.org/distribution/leap-micro/6.0/
Leap Micro 6.X will not have the Elemental image since SLE Micro's
elemental image (bare-metal-container) has a license exception for a
free use.
Agreement with Daniel Rahn, that we could get Leap Micro 6.X to public
cloud. Lubos will sync up with Alex Osthof whether it would be
possible.
SUSE Open Source policy review - (Date bump)
https://opensource.suse.com/legal/policy
Bigger review revisiting AI section will be later this year.
## openSUSE Tumbleweed (ana)
openSUSE:Factory build fail stats: 76 failed 30 unresolvable (last
week 111 failed, 9 unresolvable)
https://tinyurl.com/ysy4nnnz
Many unresolvable due to boo#1222514, python-PyQt6 FTBFS with Qt6 6.7.0
Around 870 SR accepted since last week, round 340 SR related to Azure
stack (APIs, SDKs and projects from Microsoft Azure)
Most relevant updates:
* Linux Kernel Longterm 6.6.25
* Linux Kernel 6.8.4
* coreutils 9.5
* libvirt 10.2.0, fixes CVE-2024-2494
* Mate 1.28.0
* Mercurial 6.7.2
* meson 1.4.0
* Qt6 6.7.0
* wine 9.6
* zstd 1.5.6
* several branding updates for the new wallpaper using png
Updates waiting, likely being accepted soon :
* util-linux 2.40 merging lastlog2
* python-kiwi 10.0.2 (two packages needs an update in their
schemas (fixes submitted already)
kiwi-images-vagrant : https://bugzilla.opensuse.org/show_bug.cgi?id=1222242
kiwi-templates-Minimal: https://bugzilla.opensuse.org/show_bug.cgi?id=1222243
~80 other Tumbleweed packages need updated XML schema with xsltproc
/path/to/kiwi/helper/xsl_to_v74/update.xsl *.kiwi > output ; it will
drop comments so needs some manual merging ; see also SRs 1166476
1166479 1166485
### longer-lasting topics
* GCC 14: second phase ongoing, use gcc14 as the default compiler
(Staging:Gcc7) Advancing slowly
* RPM 4.19.1.1 + 4.20
* RPM 4.19.1.1 (user/group dependencies), Packages not included in
rings getting updates, still some more to go. Few remaining packages:
(6) https://bugzilla.opensuse.org/showdependencytree.cgi?id=1221415
* Preparations for RPM 4.20, %patchN won't be supported anymore, see
https://lists.opensuse.org/archives/list/factory@lists.opensuse.org/thread/…
(as last week there were 188 spec files left with this issue in
Factory)
* go1.22 as default go version, blocked on i586 with packages which
export CGO_ENABLED=0 and go build -buildmode pie
https://github.com/golang/go/issues/64875 (needs to update ~70
packages) traking at
https://bugzilla.opensuse.org/show_bug.cgi?id=1221095
* libxml 2.12.1, on hold, no progress
* dbus-broker as default dbus session manager, now everything builds,
two openQA checks failing.
* memtest86+ (waiting for update of installation-images,
https://bugzilla.opensuse.org/show_bug.cgi?id=1221221 )
* grub2 with support for BLS - Boot Loader Specification, blocked by
a kiwi update, open issue
https://build.opensuse.org/request/show/1161323
https://github.com/OSInside/kiwi/issues/2497
## Richard (Aeon+botmaster)
Not available
## Max
Leap 15.6 - build stats in Backports: 46 failed(was 50), 5 unresolvable(was 5)
* Struggling with the product publishing, Build656.1 has been set
published on Monday but still does not appear on d.o.o (reported
already) - Adrian is looking into it. Seems like we're having both new
and old files in parallel for Leap 15.6 (no other project is
experiencing similar issue).
* Many build fails are caused by abseil-cpp update, bsc#1222261
* Check on repo's solv data, uninstallable packages fix up
## Guillaume - Arm
* Tumbleweed:
- Rolling
- Heads-up: RPi firmware and u-boot updated in upcoming snapshot
20240409 (openQA is green)
- WIP: Continue to fix packages built without PAC/BTI
- rpmlint: https://rpmlint.opensuse.org/
* we noticed that rpmlint does not check anymore for packages
built without distro %{optflags}. We should add it back.
https://bugzilla.opensuse.org/show_bug.cgi?id=1217840
Doug: rpmlint GSOC topic. Neal will be helping to mentor that.
https://github.com/openSUSE/mentoring/issues/204
* Leap 15.6/Backports SP6:
- No update/no arm-specific issues
## Sarah - s390x
Not available
## Doug
* Community meetings
* Board meeting for April 22 adjusted due to travel of board members
* Contribution Workshops
* Episode 6 - Host your own openSUSE mirror delayed. Waiting for upload
* Episode 7 Custom openSUSE (Leap / Leap Micro) image spin in a few
minutes. Need timeline
* Went to embedded world
* GSoC
* Gaining evaluations on proposals submitted
* Rankings due on April 24
* Community Summit
* 16 Registrations, 12 Submissions, 5 Hours
* openSUSE Conference
* 83 Registrations, 51 Submissions, 29 Hours (5 Open 4 Business Submissions)
* CfP closes on April 15
* Making draft schedule
Static
* oSC24 dates June 27 to 29 reserved (Thursday - Saturday)
* Open 4 Business June 26 between 2 - 6 p.m. at Franken Campus
* AI topics (static)
## Dirk
Not available
## Wolfgang (Package Hub), Scott Bahling
no news
## Maintenance team (Marcus or Maurizio (m4u))
Not available
## Adrian - OBS
No update
## Bernhard - Slowroll
version bump is done (20240213 -> 20240405)
need to replace signing key with a stronger one soon
## Bernhard - reproducible builds
at 12k verified Tumbleweed binaries now - still growing
## Open Floor
2
1
Dear Tumbleweed users and hackers,
My slacking off last week and daring to take a longer weekend is being
punished by my having to review two weeks’ worth of updates again. But
it should be fine, as at least from the feel, the two weeks were quiet
regarding snapshots and updates. This also shows in the number of
snapshots: an average count of 8 snapshots in two weeks. The 8
snapshots were numbered 0329, 0402, 0403, 0404, 0405, 0407, 0409, and
0410.
The most relevant changes included:
* libressl 3.9.1
* Tracker 3.7.1
* Linux kernel 6.8.2 & 6.8.4
* libproxy 0.5.4 & 0.5.5
* freerdp 3.4.0 & 2.11.5, parallel installable
* Mozilla Firefox 124.0.2
* coreutils 9.5
* zstd 1.5.6
* Qt 6.7.0
* fwupd 1.9.16
* Python39 modules removed from the tree (few remaining packages,
that currently fail to build)
The upcoming changes being worked on include:
* Linux kernel 6.8.5
* Apache 2.4.59
* SDL 3
* Pam 1.6.1
* Python 3.11.9 & 3.12.3
* grub2 with BootLoaderSpecification (BLS) support
* dbus-broker: no progress this week
* GCC 14: phase 2: use gcc14 as the default compiler – lots of help
needed:
https://build.opensuse.org/project/show/openSUSE:Factory:Staging:Gcc7
Cheers,
Dominique
1
0
On 4/12/24 00:07, Florian "sp1rit" wrote:
> Am Mittwoch, dem 10.04.2024 um 16:55 +0200 schrieb Michael Pujos:
>> Any request to https://debuginfod.opensuse.org results in a 503 with
>> a
>> deprecation message.
>> This makes gdb unable to retrieve debuginfo data automatically.
>>
>
> Based on openSUSE/heroes-salt:bae4d577[0], the debuginfod service seems
> entirely deprecated, as
>> nobody stepped up to maintain it, and it being broken repeatedly
>> causes confusion with users
>
> This is quite sad, as I've personally found the debuginfod service
> (when it was working) to be very useful compared to having to manually
> download dozens of debug packages using zypper each time I want to
> debug something using gdb.
Hi,
in the meanwhile a team at SUSE stepped up to build and maintain a new
openSUSE debuginfod service.
I'm not sure when it will be ready, we still need to coordinate it - but
I think this is already good news.
Best,
Georg
>
>
> [0]:https://github.com/openSUSE/heroes-salt/commit/bae4d5773420d23fb882d4a68…
>
> --
> $\int_\text{now}^{+\infty}\text{Keep trying}$
>
> Matrix: @sp1rit:tchncs.de
>
> <sp1rit(a)disroot.org>
> D248BF2F4C6A82A1E0569D897D8C1CD573166D09
> <sp1rit(a)national.shitposting.agency>
> BBDE032EAAFBFC627FB7E635B1F4055D8460CE34
>
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
SDL2 (2.30.1 -> 2.30.2)
cryptsetup (2.7.1 -> 2.7.2)
dracut-pcr-signature (0.2+0 -> 0.3+0)
gcc13
kbd
openSUSE-release (20240409 -> 20240410)
power-profiles-daemon
publicsuffix (20240326 -> 20240410)
sdbootutil (1+git20240408.49e4021 -> 1+git20240410.3325802)
spamassassin (4.0.0 -> 4.0.1)
systemd-default-settings (0.9 -> 0.10)
wicked
wsdd (0.7.1 -> 0.8)
xen (4.18.1_02 -> 4.18.2_02)
xwayland (23.2.5 -> 23.2.6)
=== Details ===
==== SDL2 ====
Version update (2.30.1 -> 2.30.2)
- Update to release 2.30.2
* Fixed performance regression initialing controllers on Linux
* Added support for the 6-button SEGA Mega Drive Control Pad
for Nintendo Online
* Add support for MadCatz Saitek Side Panel Control Deck
* Added support for the Hori Fighting Stick EX2
* Added support for the Yawman Arrow flightstick
* Added a gamepad mapping for the Defender Joystick Cobra R4
* Fixed the gamepad mapping for the Sanwa Supply JY-P76USV
controller
* Allow using SDL_RWFromFile() with named pipes
==== cryptsetup ====
Version update (2.7.1 -> 2.7.2)
Subpackages: cryptsetup-doc cryptsetup-lang libcryptsetup12
- update to 2.7.2:
* Fix activation of OPAL-only encrypted LUKS device with tokens
* Fix formatting of OPAL devices with 4096-byte sector size
* Fix incorrect OPAL locking range alignment calculation if
used over an unaligned device partition.
* Do not check the passphrase quality for OPAL Admin PIN,
as this passphrase already exists.
* Update license for FAQ document to CC BY-SA 4.0.
NOTE: Please note that with OPAL-only (--hw-opal-only)
encryption, the configured OPAL administrator PIN (passphrase)
allows unlocking all configured locking ranges without LUKS
keyslot decryption (without knowledge of LUKS passphrase).
Because of many observed problems with compatibility, cryptsetup
currently DOES NOT use OPAL single-user mode, which would allow
such decoupling of OPAL admin PIN access.
==== dracut-pcr-signature ====
Version update (0.2+0 -> 0.3+0)
- Update to version 0.3+0:
* Various small improvements
==== gcc13 ====
Subpackages: cpp13 gcc13-locale libgccjit0-gcc13 libstdc++6-devel-gcc13
- Add gcc13-pr101523.patch to avoid combine spending too much
compile-time and memory doing nothing on s390x. [boo#1188441]
- Make requirement to lld version specific to avoid requiring the
meta-package.
- Add gcc13-pr111731.patch to fix unwinding for JIT code.
[bsc#1221239]
==== kbd ====
- Move legacy keymaps that have no acceptable xkb counterpart and
its includes back to kbd. (bsc#1194609)
- Stop requiring kbd-legacy. All YaST supported languages should
now have its keymaps in kbd.
- Remove kbd-1.15.2-prtscr_no_sigquit.patch rejected by the
upstream. The problem is fixed for a long time, this is an
additional modification. (PED-7977,
https://github.com/legionus/kbd/pull/111):
- Drop kbd_fonts.tar.bz2 containing just several 30 years old
inferior fonts with an unknown author and uncertain license.
- Add structured comments to patches.
==== openSUSE-release ====
Version update (20240409 -> 20240410)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== power-profiles-daemon ====
- Revert "Remove duplicate DBus service files
net.hadess.PowerProfiles" workaround to boo#1222179 (see comment
10).
==== publicsuffix ====
Version update (20240326 -> 20240410)
- Update to version 20240410:
* Removing `ravendb.me` (#1841)
* Updating psl: Adding myfritz.link (follow up PR#77) (#1761)
* Add `framer.ai` (#1831)
* chore: add `is-a.dev` (#1949)
* Add StackBlitz (#1939)
* Add `unison-services.cloud` (#1839)
* Add `is-cool.dev`, `is-local.org`, `is-not-a.dev` and `localplayer.dev` (#1672)
* Add grayjayleagues.com (#1742)
* Add `runcontainers.dev` for Libre IT Ltd (#1783)
* Add `heliohost.us`, `helioho.st`(#1825)
* Remove `123sait.ru` (#1844)
* Add MyDNS.JP Dynamic DNS Service (#1937)
* add `scrypted.io` (#1826)
* Add `darklang.io` (#1880)
* Update `cloudns.net` dynamic dns domains listing (#1593)
* Add wildcard to `snowflake.app` and `privatelink.snowflake.app` (#1743)
* Add `preview.csb.app` and `csb.app` (#1648)
* Add `nimsite.uk` (#1797)
* add getlocalcert.net domains (#1798)
* Add wadl.top (#1924)
* ADD: `can.re` (#1651)
* Add cdn77-storage.com and rsc.contentproxy9.cz (#1882)
* add `srv.us`, `xmit.co`
* Add at.emf.camp (#1955)
* util: gTLD data autopull updates for 2024-03-28T15:13:37 UTC (#1952)
==== sdbootutil ====
Version update (1+git20240408.49e4021 -> 1+git20240410.3325802)
Subpackages: sdbootutil-rpm-scriptlets sdbootutil-snapper
- Update to version 1+git20240410.3325802:
* fallback for machine-id
==== spamassassin ====
Version update (4.0.0 -> 4.0.1)
Subpackages: perl-Mail-SpamAssassin spamassassin-spamc
- fix iXhash2-meta-rules.patch
- update to patch release version 4.0.1
- Incompatibilities with some versions of perl and some perl modules
that have been released since the release of SpamAssassin 4.0.0
- Problems using cpan to install SpamAssassin when certain required
or optional modules are not already installed
- Support for space characters in the path name of some executables
used by certain plugins
- Improved handling of URL shortener link redirects
- Improved TxRep locking management
- Added Mail::SpamAssassin::Plugin::AuthRes plugin to use
Authentication-Results header fields in other plugins
- Added a Pyzor Perl implementation
- Perl crash when certain uri_detail rules processed some messages
with UTF-8 characters
- Inconsistent handling of newlines in header rules
- Text or HTML content placed in octet-stream attachments by
spammers to bypass SpamAssassin scanning
- Implemented TCP fallback for truncated DNS UDP replies
- Refresh patch-URIDNSBL
- Drop undocumented patch-SQL_ASCII_SORT breaking sqlite
- Drop most of iXhash2-meta-rules.patch (additional services no longer exist)
==== systemd-default-settings ====
Version update (0.9 -> 0.10)
Subpackages: systemd-default-settings-branding-SLE systemd-default-settings-branding-openSUSE
- Import 0.10
5088997 SLE: Disable pids controller limit under user instances (jsc#SLE-10123)
==== wicked ====
Subpackages: wicked-service
- client: do not convert sec to msec twice (bsc#1222105)
[+ 0005-client-do-to-not-convert-sec-to-msec-twice-bsc-1222105.patch]
==== wsdd ====
Version update (0.7.1 -> 0.8)
- Fix build for SLE_15
- Update to version 0.8
* Configuration files for firewalld added
* Show device type and allow filtering in API's list command
* Add option --metadata-timeout to set the timeout for the HTTP-based
metadata exchange
* The employed UUID is now read from /etc/{machine-id,hostid} before
falling by back to the UUID derivation from the host name.
* Handle addresses with zone id by ignoring the interface part
* Do not crash with asyncio future error when non-existing interface is
provided
- Remove some bashism from wsdd-init.sh
- Use the unmodified service files from wsdd for Leap 15.5 and below, else
reuse ws-discovery-udp service from firewalld
==== xen ====
Version update (4.18.1_02 -> 4.18.2_02)
Subpackages: xen-libs xen-tools xen-tools-domU
- Update to Xen 4.18.2 security bug fix release (bsc#1027519)
xen-4.18.2-testing-src.tar.bz2
* No upstream changelog found in sources or webpage
- bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may
trigger Xen bug check (XSA-454)
- bsc#1222302 - VUL-0: CVE-2024-31142: xen: x86: Incorrect logic
for BTC/SRSO mitigations (XSA-455)
- bsc#1222453 - VUL-0: CVE-2024-2201: xen: x86: Native Branch
History Injection (XSA-456)
- Dropped patch contained in new tarball
65f83951-x86-mm-use-block_lock_speculation-in.patch
==== xwayland ====
Version update (23.2.5 -> 23.2.6)
- Update to 23.2.6
* This is a quick bug fix release to address a regression
introduced by the fix for CVE-2024-31083 in xwayland-23.2.5.
1
0
There is an important fix for VirtualBox on Leap 15.6 waiting at OBS. It is
blocked by kbuild, gsoap-devel, and libgsoap.
Package kbuild is blocked by package byacc.
Package byacc has been successfully built for x86_64 and ppc64le, but is in the
"scheduled" state for aarch64 and s390x. I have seen it in this state for over
24 hours. Is there an explanation for these architectures to be scheduled, but
not run?
Thanks,
Larry
2
1
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
adwaita-xfce-icon-theme (0.0.3+git0.e0f73b9 -> 0.0.4+git0.b33d65a)
awesfx
branding-openSUSE (84.87.20230227 -> 84.87.20240405)
capstone
distribution-logos-openSUSE (20240207 -> 20240404)
evolution
fwupd (1.9.15 -> 1.9.16)
gnutls (3.8.4 -> 3.8.5)
gvfs
icewm-theme-branding
java-21-openjdk
libX11 (1.8.8 -> 1.8.9)
libproxy-backend (0.5.4 -> 0.5.5)
libproxy-client (0.5.4 -> 0.5.5)
lightdm-gtk-greeter-branding-openSUSE
lttng-ust
mutter
oath-toolkit (2.6.8 -> 2.6.11)
openSUSE-release (20240407 -> 20240409)
opensc (0.25.0 -> 0.25.1)
openssh
pixman
plasma6-openSUSE
python-gobject (3.48.1 -> 3.48.2)
qt6-base (6.6.3 -> 6.7.0)
qt6-declarative (6.6.3 -> 6.7.0)
qt6-imageformats (6.6.3 -> 6.7.0)
qt6-multimedia (6.6.3 -> 6.7.0)
qt6-networkauth (6.6.3 -> 6.7.0)
qt6-positioning (6.6.3 -> 6.7.0)
qt6-qt5compat (6.6.3 -> 6.7.0)
qt6-quick3d (6.6.3 -> 6.7.0)
qt6-quicktimeline (6.6.3 -> 6.7.0)
qt6-sensors (6.6.3 -> 6.7.0)
qt6-shadertools (6.6.3 -> 6.7.0)
qt6-speech (6.6.3 -> 6.7.0)
qt6-svg (6.6.3 -> 6.7.0)
qt6-tools (6.6.3 -> 6.7.0)
qt6-translations (6.6.3 -> 6.7.0)
qt6-virtualkeyboard (6.6.3 -> 6.7.0)
qt6-wayland (6.6.3 -> 6.7.0)
qt6-webchannel (6.6.3 -> 6.7.0)
qt6-webengine (6.6.3 -> 6.7.0)
qt6-webview (6.6.3 -> 6.7.0)
sdbootutil (1+git20240321.04bfbac -> 1+git20240408.49e4021)
xfce4-branding-openSUSE (4.18.0+git0.9a2f754 -> 4.18.0+git1.8b02118)
xfsprogs
yast2-bootloader (5.0.7 -> 5.0.8)
yast2-installation (5.0.7 -> 5.0.8)
yast2-perl-bindings (5.0.2 -> 5.0.4)
yast2-trans (84.87.20240331.90b1d91d29 -> 84.87.20240407.b46e9ca4fd)
=== Details ===
==== adwaita-xfce-icon-theme ====
Version update (0.0.3+git0.e0f73b9 -> 0.0.4+git0.b33d65a)
- Update to version 0.0.4+git0.b33d65a
* Remove superfluous /apps directory from index.theme
==== awesfx ====
- Use full URL for source tarball.
==== branding-openSUSE ====
Version update (84.87.20230227 -> 84.87.20240405)
Subpackages: grub2-branding-openSUSE libreoffice-branding-openSUSE plymouth-branding-openSUSE wallpaper-branding-openSUSE yast2-qt-branding-openSUSE
- Use png for wallpapers for Tumbleweed
- SLES seems to be using png
- Using a compat symlink wallpapers/openSUSEdefault-> wallpapers/SLEdefault
allows running certain apps without rebuild. Such as cockpit.
- Use optipng -o5 to compress files (has to be reflected in spec)
- Bump date
==== capstone ====
- Build with distro %{optflags}
==== distribution-logos-openSUSE ====
Version update (20240207 -> 20240404)
Subpackages: distribution-logos-openSUSE-Tumbleweed distribution-logos-openSUSE-icons
- Update to version 20240404:
* Turn apple-touch-icon into round square ones
* SLES Compatability supply apple-touch-icon for Leap, LeapMicro, TW
* Delete dist/package directory
* fix source mismatch with package name
==== evolution ====
Subpackages: evolution-lang evolution-plugin-spamassassin
- Add boo1221868.patch, fixing a crash when hiding competed tasks
(boo#1221868, glgo#GNOME/evolution#2712)
==== fwupd ====
Version update (1.9.15 -> 1.9.16)
Subpackages: fwupd-bash-completion fwupd-lang libfwupd2 typelib-1_0-Fwupd-2_0
- Update to version 1.9.16:
+ This release adds the following features:
- Prefer zstd over xz for metadata.
- Relicense a few remaining plugin files to LGPL-2.1+.
+ This release fixes the following bugs:
- Correctly record UEFI success if adding ESRT nodes.
- Defer the DP Aux MST scanning on hotplug to workaround a
kernel bug.
- Do not do the post-update version check if the device
needs-reboot.
- Fix a fastboot warning when loading device.
- Fix a possible warning in fwupdmgr when excluding releases.
- Fix a qsi-dock warning when writing chunks.
- Ignore attribute-changed to work around a regression in
macOS.
- Ignore ZFS zvols when finding the default ESP.
- Mark Pluton TPMs as part of the main CPU.
- Put the fwupd-efi verbose debugging in the journal.
- Recognize zfsbootmenu in ESP detection heuristic.
+ This release adds support for the following hardware:
- Acer T34 and U33 docks.
- Qualcomm Series 5 Gen 1 and Gen 2 and Series 3 Gen 1 and
Gen 2 devices.
- Several Puya SPI chips.
- VIA VL822 C0.
==== gnutls ====
Version update (3.8.4 -> 3.8.5)
Subpackages: libgnutls-dane0 libgnutls30 libgnutls30-32bit
- Update to 3.8.5:
* libgnutls: Due to majority of usages and implementations of
RSA decryption with PKCS#1 v1.5 padding being incorrect,
leaving them vulnerable to Marvin attack, the RSAES-PKCS1-v1_5
is being deprecated (encryption and decryption) and will be
disabled in the future. A new option 'allow-rsa-pkcs1-encrypt'
has been added into the system-wide library configuration which
allows to enable/disable the RSAES-PKCS1-v1_5. Currently, the
RSAES-PKCS1-v1_5 is enabled by default.
* libgnutls: Added support for RIPEMD160 and PBES1-DES-SHA1 for
backward compatibility with GCR.
* libgnutls: A couple of memory related issues have been fixed in
RSA PKCS#1 v1.5 decryption error handling and deterministic ECDSA
with earlier versions of GMP. These were a regression introduced
in the 3.8.4 release. See #1535 and !1827.
* build: Fixed a bug where building gnutls statically failed due
to a duplicate definition of nettle_rsa_compute_root_tr().
* API and ABI modifications:
- GNUTLS_PKCS_PBES1_DES_SHA1: New enum member of
gnutls_pkcs_encrypt_flags_t
* Rebase patches:
- gnutls-FIPS-TLS_KDF_selftest.patch
- gnutls-FIPS-140-3-references.patch
==== gvfs ====
Subpackages: gvfs-backend-afc gvfs-backend-goa gvfs-backend-samba gvfs-backends gvfs-fuse gvfs-lang
- Move the recently added onedrive provider to the backend-goa
subpackage: onedrive support is integrated into the g-o-a
provider.
==== icewm-theme-branding ====
- Do not substitute png to jpg for default wallpaper
Details at https://github.com/openSUSE/branding/pull/149
- Keep openSUSEDefault although SLEDefault compat symlink exist
==== java-21-openjdk ====
Subpackages: java-21-openjdk-headless
- Added patch:
* reproducible-jlink.patch
+ make the timestamp in jmods reproducible
==== libX11 ====
Version update (1.8.8 -> 1.8.9)
Subpackages: libX11-6 libX11-data libX11-xcb1
- Update to 1.8.9
* Fix regressions introduced in 1.8.8 (!245, !248) - this includes
reverting for now the previous "Fix XIM input sometimes jumbled
(#198, !236)"
- supersedes
* U_0001-xlibi18n-restore-parse_line1-for-WIN32-builds.patch
* U_0002-Revert-imDefLkup-Commit-first-info-in-XimCommitInfo.patch
* U_0003-Revert-ximcp-Unmark-to-fabricate-key-events-with-XKe.patch
- U_0001-xlibi18n-restore-parse_line1-for-WIN32-builds.patch
U_0002-Revert-imDefLkup-Commit-first-info-in-XimCommitInfo.patch
U_0003-Revert-ximcp-Unmark-to-fabricate-key-events-with-XKe.patch
* fix regressions in 1.8.8 (issues #204, #205, #206, #207, #208)
==== libproxy-backend ====
Version update (0.5.4 -> 0.5.5)
- Update to version 0.5.5:
+ Windows: Try all configured proxy resolution types.
+ Cleanup curl.
+ Add release option.
+ Expose missing functions in symbol map.
+ Fix crash during unload by.
+ Log debug instead of warning on wpad pac failure.
+ Fix refcounting in px_proxy_factory_copy.
+ symver: Fix symbol map to be a valid tree.
+ Fix free function for pxProxyFactory type.
+ CodeQL badge and updated repology.
+ meson: Don't build OSX plugin on iOS.
==== libproxy-client ====
Version update (0.5.4 -> 0.5.5)
- Update to version 0.5.5:
+ Windows: Try all configured proxy resolution types.
+ Cleanup curl.
+ Add release option.
+ Expose missing functions in symbol map.
+ Fix crash during unload by.
+ Log debug instead of warning on wpad pac failure.
+ Fix refcounting in px_proxy_factory_copy.
+ symver: Fix symbol map to be a valid tree.
+ Fix free function for pxProxyFactory type.
+ CodeQL badge and updated repology.
+ meson: Don't build OSX plugin on iOS.
==== lightdm-gtk-greeter-branding-openSUSE ====
- Use 1600x1200.png now when we've changed backgrounds to png
Details in https://github.com/openSUSE/branding/pull/149
==== lttng-ust ====
- remove dependency on /usr/bin/python3 using
%python3_fix_shebang macro, [bsc#1212476]
==== mutter ====
Subpackages: mutter-lang
- Add mutter-fix-front-buffer-lock.patch: Fix front buffer lock
error by an unnecessary ensure_fb_id call
(glgo#gnome/mutter!3674, bsc#1222409).
==== oath-toolkit ====
Version update (2.6.8 -> 2.6.11)
- version update to 2.6.11
* liboath: Handle invalid base32 encoded secrets. Fixes: #41.
* Various build fixes including updated gnulib files.
* Improve compatibility with recent libxmlsec.
==== openSUSE-release ====
Version update (20240407 -> 20240409)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== opensc ====
Version update (0.25.0 -> 0.25.1)
Subpackages: opensc-bash-completion
- Update to verion 0.25.1
General improvements
* Add missing file to dist tarball to build documentation.
minidriver
* Fix RSA decryption with PKCS#1 v1.5 padding.
* Fix crash when app is not set.
==== openssh ====
Subpackages: openssh-clients openssh-common openssh-server
- Add missing bugzilla/CVE references to the changelog
- Add patch from SLE which was missing in Factory:
* Mon Jun 7 20:54:09 UTC 2021 - Hans Petter Jansson <hpj(a)suse.com>
- Add openssh-mitigate-lingering-secrets.patch (bsc#1186673), which
attempts to mitigate instances of secrets lingering in memory
after a session exits. (bsc#1213004 bsc#1213008)
- Rebase patch:
* openssh-6.6p1-privsep-selinux.patch
==== pixman ====
- a64-neon is an aarch64 feature, not armv6/7
==== plasma6-openSUSE ====
Subpackages: plasma6-branding-openSUSE plasma6-sddm-theme-openSUSE plasma6-theme-openSUSE
- Modify sddmtheme.diff to change the extension of the openSUSE
branding wallpaper from jpg to png since the extension was
changed in TW (boo#1222546)
- Require the same wallpaper-branding version as used when building
to make sure the png file exists
==== python-gobject ====
Version update (3.48.1 -> 3.48.2)
Subpackages: python311-gobject python311-gobject-Gdk python311-gobject-cairo
- Update to version 3.48.2:
+ Fix support for fundamental (primitive) types, such as
Gst.Bitmask.
==== qt6-base ====
Version update (6.6.3 -> 6.7.0)
Subpackages: libQt6Concurrent6 libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6OpenGLWidgets6 libQt6PrintSupport6 libQt6Sql6 libQt6Test6 libQt6Widgets6 libQt6Xml6 qt6-network-tls qt6-networkinformation-glib qt6-networkinformation-nm qt6-platformtheme-gtk3 qt6-printsupport-cups qt6-sql-mysql qt6-sql-sqlite
- Update to 6.7.0:
* https://www.qt.io/blog/qt-6.7-released
- Replace 0001-Tell-the-truth-about-private-API.patch with
upstream change:
* 0001-CMake-ELF-allow-using-Qt-s-full-version-number-in-th.patch
- Add upstream fix (QTBUG-123937):
* fix_builds_with_Werror.patch
==== qt6-declarative ====
Version update (6.6.3 -> 6.7.0)
Subpackages: libQt6LabsAnimation6 libQt6LabsFolderListModel6 libQt6LabsQmlModels6 libQt6LabsSettings6 libQt6LabsSharedImage6 libQt6LabsWavefrontMesh6 libQt6Qml6 libQt6QmlCore6 libQt6QmlLocalStorage6 libQt6QmlModels6 libQt6QmlWorkerScript6 libQt6QmlXmlListModel6 libQt6Quick6 libQt6QuickControls2-6 libQt6QuickControls2Impl6 libQt6QuickDialogs2-6 libQt6QuickDialogs2QuickImpl6 libQt6QuickDialogs2Utils6 libQt6QuickEffects6 libQt6QuickLayouts6 libQt6QuickParticles6 libQt6QuickShapes6 libQt6QuickTemplates2-6 libQt6QuickTest6 libQt6QuickWidgets6 qt6-declarative-imports
- Update to 6.7.0:
* https://www.qt.io/blog/qt-6.7-released
- Update build constraints
==== qt6-imageformats ====
Version update (6.6.3 -> 6.7.0)
- Update to 6.7.0:
* https://www.qt.io/blog/qt-6.7-released
==== qt6-multimedia ====
Version update (6.6.3 -> 6.7.0)
Subpackages: libQt6Multimedia6 libQt6MultimediaQuick6 libQt6Quick3DSpatialAudio6 libQt6SpatialAudio6 qt6-multimedia-imports
- Add upstream change to restore binary compatibility (QTBUG-123997):
* 0001-Fix-ABI-breakage-wrt-QAudioSink-Source-stateChanged-.patch
- Update to 6.7.0:
* https://www.qt.io/blog/qt-6.7-released
==== qt6-networkauth ====
Version update (6.6.3 -> 6.7.0)
- Update to 6.7.0:
* https://www.qt.io/blog/qt-6.7-released
==== qt6-positioning ====
Version update (6.6.3 -> 6.7.0)
- Update to 6.7.0:
* https://www.qt.io/blog/qt-6.7-released
==== qt6-qt5compat ====
Version update (6.6.3 -> 6.7.0)
Subpackages: libQt6Core5Compat6 qt6-qt5compat-imports
- Update to 6.7.0:
* https://www.qt.io/blog/qt-6.7-released
==== qt6-quick3d ====
Version update (6.6.3 -> 6.7.0)
Subpackages: libQt6Quick3D6 libQt6Quick3DAssetImport6 libQt6Quick3DAssetUtils6 libQt6Quick3DEffects6 libQt6Quick3DHelpers6 libQt6Quick3DHelpersImpl6 libQt6Quick3DParticleEffects6 libQt6Quick3DParticles6 libQt6Quick3DRuntimeRender6 libQt6Quick3DUtils6 qt6-quick3d-imports
- Update to 6.7.0:
* https://www.qt.io/blog/qt-6.7-released
==== qt6-quicktimeline ====
Version update (6.6.3 -> 6.7.0)
- Update to 6.7.0:
* https://www.qt.io/blog/qt-6.7-released
==== qt6-sensors ====
Version update (6.6.3 -> 6.7.0)
- Update to 6.7.0:
* https://www.qt.io/blog/qt-6.7-released
==== qt6-shadertools ====
Version update (6.6.3 -> 6.7.0)
- Update to 6.7.0:
* https://www.qt.io/blog/qt-6.7-released
==== qt6-speech ====
Version update (6.6.3 -> 6.7.0)
Subpackages: libQt6TextToSpeech6 qt6-texttospeech
- Update to 6.7.0:
* https://www.qt.io/blog/qt-6.7-released
==== qt6-svg ====
Version update (6.6.3 -> 6.7.0)
Subpackages: libQt6Svg6 libQt6SvgWidgets6
- Update to 6.7.0:
* https://www.qt.io/blog/qt-6.7-released
==== qt6-tools ====
Version update (6.6.3 -> 6.7.0)
Subpackages: libQt6Designer6 libQt6UiTools6 qt6-tools-qdbus
- Update to 6.7.0:
* https://www.qt.io/blog/qt-6.7-released
==== qt6-translations ====
Version update (6.6.3 -> 6.7.0)
- Update to 6.7.0:
* https://www.qt.io/blog/qt-6.7-released
==== qt6-virtualkeyboard ====
Version update (6.6.3 -> 6.7.0)
Subpackages: libQt6HunspellInputMethod6 libQt6VirtualKeyboard6 qt6-virtualkeyboard-imports
- Update to 6.7.0:
* https://www.qt.io/blog/qt-6.7-released
==== qt6-wayland ====
Version update (6.6.3 -> 6.7.0)
Subpackages: libQt6WaylandClient6 libQt6WaylandCompositor6 libQt6WaylandEglClientHwIntegration6 libQt6WaylandEglCompositorHwIntegration6 libQt6WlShellIntegration6
- Update to 6.7.0:
* https://www.qt.io/blog/qt-6.7-released
==== qt6-webchannel ====
Version update (6.6.3 -> 6.7.0)
Subpackages: libQt6WebChannel6 libQt6WebChannelQuick6 qt6-webchannel-imports
- Update to 6.7.0:
* https://www.qt.io/blog/qt-6.7-released
==== qt6-webengine ====
Version update (6.6.3 -> 6.7.0)
Subpackages: libQt6WebEngineCore6 libQt6WebEngineQuick6 libQt6WebEngineWidgets6 qt6-webengine-imports
- Update to 6.7.0:
* https://www.qt.io/blog/qt-6.7-released
- Update rtc-dont-use-h264.patch
==== qt6-webview ====
Version update (6.6.3 -> 6.7.0)
- Update to 6.7.0:
* https://www.qt.io/blog/qt-6.7-released
==== sdbootutil ====
Version update (1+git20240321.04bfbac -> 1+git20240408.49e4021)
Subpackages: sdbootutil-rpm-scriptlets sdbootutil-snapper
- Update to version 1+git20240408.49e4021:
* Update requirements
* Measure manually initrd if pcrlock fails
* Set SYSTEMD_LOG_LEVEL if verbose
* Only error out on empty machine-id when actually used
* feat: add basic boot assessment
* fix: use new os-release and machine-id files
* dracut call: --add-device belongs to --sysroot
* Make sdbootutil usable with no snapshot Systems
==== xfce4-branding-openSUSE ====
Version update (4.18.0+git0.9a2f754 -> 4.18.0+git1.8b02118)
Subpackages: libgarcon-branding-openSUSE libxfce4ui-branding-openSUSE thunar-volman-branding-openSUSE xfce4-notifyd-branding-openSUSE xfce4-panel-branding-openSUSE xfce4-power-manager-branding-openSUSE xfce4-session-branding-openSUSE xfce4-settings-branding-openSUSE xfdesktop-branding-openSUSE xfwm4-branding-openSUSE
- Update to version 4.18.0+git1.8b02118:
* Tumbleweed now uses png for default.wallpaper
==== xfsprogs ====
Subpackages: libhandle1
- Switch to %autosetup in order to build with older rpm build
==== yast2-bootloader ====
Version update (5.0.7 -> 5.0.8)
- Follow up of previous change to use even more precise wording
(bsc#1219989,bsc#1222353)
- 5.0.8
==== yast2-installation ====
Version update (5.0.7 -> 5.0.8)
- Adapted call for connecting all discovered NVMe-over-Fabrics
subsystems (bsc#1222246).
- 5.0.8
==== yast2-perl-bindings ====
Version update (5.0.2 -> 5.0.4)
- Fix downstream build failures caused by the previous change (bsc#1222375)
- 5.0.4
- Use UTF-8 for translated texts coming from our Perl code (bsc#1216689),
fixing most '?' occurrences in yast2-users.
- 5.0.3
==== yast2-trans ====
Version update (84.87.20240331.90b1d91d29 -> 84.87.20240407.b46e9ca4fd)
Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu
- Update to version 84.87.20240407.b46e9ca4fd:
* Translated using Weblate (Romanian)
* Translated using Weblate (Romanian)
* Translated using Weblate (Czech)
* Translated using Weblate (Slovak)
* Translated using Weblate (Dutch)
* Translated using Weblate (Japanese)
* Translated using Weblate (Catalan)
* New POT for text domain 'bootloader'.
* Translated using Weblate (Romanian)
* Translated using Weblate (Romanian)
* Translated using Weblate (Romanian)
* Translated using Weblate (Macedonian)
* Translated using Weblate (Macedonian)
* Translated using Weblate (Macedonian)
* Translated using Weblate (Macedonian)
* Translated using Weblate (Macedonian)
* Translated using Weblate (Macedonian)
* Translated using Weblate (Macedonian)
* Translated using Weblate (Macedonian)
* Translated using Weblate (Macedonian)
* Translated using Weblate (Macedonian)
* Translated using Weblate (Macedonian)
* Translated using Weblate (Romanian)
* Translated using Weblate (Macedonian)
* Translated using Weblate (Romanian)
* Translated using Weblate (Romanian)
* Translated using Weblate (Macedonian)
* Translated using Weblate (Romanian)
* Translated using Weblate (Romanian)
1
0