Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20220810 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: ModemManager (1.18.6 -> 1.18.10) PackageKit bash-completion eog (42.2 -> 42.3) evolution (3.44.3 -> 3.44.4) evolution-data-server (3.44.3 -> 3.44.4) evolution-ews (3.44.3 -> 3.44.4) geocode-glib (3.26.3 -> 3.26.4) geocode-glib-soup2 (3.26.3 -> 3.26.4) gjs (1.72.1 -> 1.72.2) glib-networking (2.72.1 -> 2.72.2) gnome-software (42.3 -> 42.4) gpg2 gtk-vnc (1.3.0 -> 1.3.1) harfbuzz (4.4.1 -> 5.1.0) hdparm hplip (3.22.4 -> 3.22.6) hwinfo (22.0 -> 22.1) kernel-source (5.18.15 -> 5.19.0) kscreenlocker libadwaita (1.1.3 -> 1.1.4) libbluray (1.3.1 -> 1.3.2) manpages-l10n (4.14.0 -> 4.15.0) mobile-broadband-provider-info (20220511 -> 20220725) mutt (2.2.6 -> 2.2.7) permissions (1599_20220309 -> 1599_20220713) postfix (3.6.6 -> 3.7.2) python-loguru (0.5.3 -> 0.6.0) python-pip python-pytest (7.1.1 -> 7.1.2) python310 (3.10.5 -> 3.10.6) python310-core (3.10.5 -> 3.10.6) tracker-miners usbredir (0.12.0 -> 0.13.0) webkit2gtk3 (2.36.5 -> 2.36.6) webkit2gtk3-soup2 (2.36.5 -> 2.36.6) wireplumber xdg-desktop-portal (1.14.5 -> 1.14.6) === Details === ==== ModemManager ==== Version update (1.18.6 -> 1.18.10) Subpackages: ModemManager-bash-completion ModemManager-lang libmm-glib0 - Update to version 1.18.10: + Build: Require libqmi 1.30.8. + FCC unlock: Updated SDX55 unlock script to handle the new method introduced in the latest firmware releases. + Modem interface: - Set signal quality to 0% on shutdown. - Set signal quality as recent on init. + MBIM: - Fix task completion when peeking device fails. - Fix several GError double-frees. + mmcli: Don't print signal quality until modem is enabled. + Plugins: foxconn: remove carrier mapping table for T99W175. + Several other minor improvements and fixes. - Changes from version 1.18.8: + A new connection status dispatcher setup is provided, where users can provide custom scripts that will be called on bearer connect/disconnect events. This dispatcher will make the netifd integration in openwrt work much better, as we'll be able to report network-initiated disconnections cleanly to netifd. There are no default connection status dispatcher scripts installed, but it's suggested distributions make sure the following directories exist: - ${sysconfdir}/ModemManager/connection.d/ - ${libdir}/ModemManager/connection.d/ + API: Add missing Simple interface definitions in ModemManager-names.h. + Build: - meson: . fix daemon enums dependencies. . fix port enums includes. . fix 'export_packages' in GIR setup. . fix simtech plugin module name. - systemd: don't run ModemManager in containers. + Core: - serial: ensure the port object is valid after BUFFER_FULL handling. - netlink: . use unaligned netlink attribute length. . only change IFF_UP flag. - bearer: match unknown auth to chap in loose comparisons. - charsets: return error if UTF-8 validation fails. - fcc-unlock: make scripts POSIX shell compatible. - modem-helpers: . consider minimum ID when choosing best profile. . fix reading <Act> given in COPS=? responses. - sms: prevent crash if date is out of range. - profile-manager: fix copy-paste error on tags for quarks. + QMI: - Ignore slot status indications until initial status is known. - Return error when loading capabilities if none is found. + MBIM: - Default initial EPS bearer's auth to chap when unknown. - Update default error when network error is out of range. + mmcli: Fix key length when printing list of items. + Plugins: - linktop: new port type hints. - cinterion: add support for PLSx3w modems. - huawei: disable +CPOL based features in Huawei E226. + Several other minor improvements and fixes. ==== PackageKit ==== Subpackages: PackageKit-backend-zypp PackageKit-gstreamer-plugin PackageKit-gtk3-module PackageKit-lang libpackagekit-glib2-18 typelib-1_0-PackageKitGlib-1_0 - Modified PackageKit.spec: bump libzypp dependency version to 17.31.0. - Add PackageKit-zypp-avoid-statuReset.patch: zypp: Avoid statuReset() on locked packages (gh#PackageKit/PackageKit/commit/dd1964255, bsc#1199895). - Add PackageKit-zypp-disable-upgrade-system-in-sle.patch: zypp: Disable upgrade-system support in SLE (gh#PackageKit/PackageKit/commit/0fcd820c2). - Add PackageKit-zypp-restore-pool-status-after-simulating-update.patch: zypp: restore pool status after simulating an update (gh#PackageKit/PackageKit/commit/2b61a6649, bsc#1199895). - Add PackageKit-zypp-fix-is-tumbleweed-check.patch: zypp: build the pool before calling is_tumbleweed() (gh#PackageKit/PackageKit/commit/146890153). - Add PackageKit-zypp-update-libzypp-dependency-version.patch: zypp: update libzypp dependency version (gh#PackageKit/PackageKit/commit/58c7c0285, bsc#1199895). ==== bash-completion ==== - Add patch fix-curl-help-completion-bsc1200791.patch (bsc#1200791) * List all options for `curl --<TAB>` ==== eog ==== Version update (42.2 -> 42.3) Subpackages: eog-lang - Update to version 42.3: + Window previews in shell overview are missing the title. + Updated translations. ==== evolution ==== Version update (3.44.3 -> 3.44.4) Subpackages: evolution-lang evolution-plugin-spamassassin - Update to version 3.44.4: + Change when symbolic icons are forced in the application. + Bugs fixed: - Missing divider lines and paddings under GNOME. - EColorSchemeWatcher: Verify chosen dark variant theme name exists. - ECompEditor: Reminders list is too small. - Calendar: The default reminder not always added. ==== evolution-data-server ==== Version update (3.44.3 -> 3.44.4) Subpackages: evolution-data-server-lang libcamel-1_2-63 libebackend-1_2-10 libebook-1_2-20 libebook-contacts-1_2-3 libecal-2_0-1 libedata-book-1_2-26 libedata-cal-2_0-1 libedataserver-1_2-26 libedataserverui-1_2-3 - Update to version 3.44.4: + ESoupAuthBearer: Check for token expiration in e_soup_auth_bearer_is_authenticated(). + ESoupSession: Avoid downgrade of Bearer (OAuth2) auth for authentication. + Check for non-zero value passed to g_flags_get_first_value(). + alarm-notify: Use themed icon instead of file icon for notifications. + Bugs fixed: IMAPx: Unsubscribed folder always removed from the UI. ==== evolution-ews ==== Version update (3.44.3 -> 3.44.4) Subpackages: evolution-ews-lang - Update to version 3.44.4: + Bugs fixed: Calendar: Fix occurrence index counter. ==== geocode-glib ==== Version update (3.26.3 -> 3.26.4) - Update to version 3.26.4: + This release includes a fix to a test data file not being installed, and a bug fix for a bug in the libsoup3 port. ==== geocode-glib-soup2 ==== Version update (3.26.3 -> 3.26.4) Subpackages: libgeocode-glib0 typelib-1_0-GeocodeGlib-1_0 - Update to version 3.26.4: + This release includes a fix to a test data file not being installed, and a bug fix for a bug in the libsoup3 port. ==== gjs ==== Version update (1.72.1 -> 1.72.2) Subpackages: libgjs0 typelib-1_0-GjsPrivate-1_0 - Update to version 1.72.2: + Various fixes ported from the development branch. + Closed bugs and merge requests: - gi/arg-cache.cpp: Fix building on Visual Studio. - doc: Reflect support for constructor with GObject. ==== glib-networking ==== Version update (2.72.1 -> 2.72.2) Subpackages: glib-networking-lang - Update to version 2.72.2: + Drop environment proxy resolver to lowest priority. ==== gnome-software ==== Version update (42.3 -> 42.4) Subpackages: gnome-software-lang - Update to version 42.4: + Fix update detail text, when it contains markup. + Updated translations. ==== gpg2 ==== Subpackages: dirmngr gpg2-lang - Fix YubiKey 5 Nano support (boo#1202201), add gnupg-2.3.7-scd-openpgp-Fix-workaround-for-Yubikey-heuristics.patch ==== gtk-vnc ==== Version update (1.3.0 -> 1.3.1) Subpackages: gtk-vnc-lang libgtk-vnc-2_0-0 libgvnc-1_0-0 typelib-1_0-GVnc-1_0 typelib-1_0-GtkVnc-2_0 - Update to version 1.3.1: + Fix invalid use of subprojects with meson. + Support ZRLE encoding for zero size alpha cursors. + Add 'check' arg to meson run_command(). ==== harfbuzz ==== Version update (4.4.1 -> 5.1.0) Subpackages: libharfbuzz-gobject0 libharfbuzz-icu0 libharfbuzz-subset0 libharfbuzz0 libharfbuzz0-32bit typelib-1_0-HarfBuzz-0_0 - harfbuzz 5.1.0: + More extensive buffer tracing messages + Fix hb-ft regression in bitmap fonts rendering + Support extension promotion of lookups in hb-subset-repacker + A new HB_GLYPH_FLAG_SAFE_TO_INSERT_TATWEEL for scripts that use elongation (e.g. Arabic) to signify where it is safe to insert tatweel glyph without interrupting shaping + Add --safe-to-insert-tatweel to hb-shape tool - add harfbuzz-5.1.0-repacker-fix-signedness-of-char-in-tests.patch from upstream to fix ARM and PPC builds - harfbuzz 5.0.1, including changes from 5.0.0: + Improve for fonts with more than 65535 glyphs + Support version 2 of âavarâ table + Improve support for some Arabic, Hebrew fonts + Support for specific script tags to be retained in the subsetter, and add â--layout-scriptsâ option to âhb-subsetâ tool + Improved handling of command line options + Improve support for multiple tables and font features, and font feature specific bug fixes ==== hdparm ==== - add avoid-linux-includes.patch (bsc#1202212) ==== hplip ==== Version update (3.22.4 -> 3.22.6) Subpackages: hplip-hpijs hplip-sane - Update to 3.22.6 Added support for following new Distro's: * Mx Linux 21.1 * Ubuntu 22.04 * Fedora 36 Added support for the following new Printers: * HP Color LaserJet Managed MFP E785dn * HP Color LaserJet Managed MFP E78523dn * HP Color LaserJet Managed MFP E78528dn * HP Color LaserJet Managed MFP E786dn * HP Color LaserJet Managed MFP E786 Core Printer * HP Color LaserJet Managed MFP E78625dn * HP Color LaserJet Managed FlowMFP E786z * HP Color LaserJet Managed Flow MFP E78625z * HP Color LaserJet Managed MFP E78630dn * HP Color LaserJet Managed Flow MFP E78630z * HP Color LaserJet Managed MFP E78635dn * HP Color LaserJet Managed Flow MFP E78635z * HP LaserJet Managed MFP E731dn * HP LaserJet Managed MFP E731 Core Printer * HP LaserJet Managed MFP E73130dn * HP LaserJet Managed Flow MFP E731z * HP LaserJet Managed Flow MFP E73130z * HP LaserJet Managed MFP E73135dn * HP LaserJet Managed Flow MFP E73135z * HP LaserJet Managed MFP E73140dn * HP LaserJet Managed Flow MFP E73140z * HP Color LaserJet Managed MFP E877dn * HP Color LaserJet Managed MFP E877 Core Printer * HP Color LaserJet Managed MFP E87740dn * HP Color LaserJet Managed Flow MFP E877z * HP Color LaserJet Managed Flow MFP E87740z * HP Color LaserJet Managed MFP E87750dn * HP Color LaserJet Managed Flow MFP E87750z * HP Color LaserJet Managed MFP E87760dn * HP Color LaserJet Managed Flow MFP E87760z * HP Color LaserJet Managed MFP E87770dn * HP Color LaserJet Managed Flow MFP E87770z * HP LaserJet Managed MFP E826dn * HP LaserJet Managed MFP E826 Core Printer * HP LaserJet Managed MFP E82650dn * HP LaserJet Managed Flow MFP E826z * HP LaserJet Managed Flow MFP E82650z * HP LaserJet Managed MFP E82660dn * HP LaserJet Managed Flow MFP E82660z * HP LaserJet Managed MFP E82670dn * HP LaserJet Managed Flow MFP E82670z * HP LaserJet Managed MFP E730dn * HP LaserJet Managed MFP E73025dn * HP LaserJet Managed MFP E73030dn * HP LaserJet Pro MFP 3101fdwe * HP LaserJet Pro MFP 3101fdw * HP LaserJet Pro MFP 3102fdwe * HP LaserJet Pro MFP 3102fdw * HP LaserJet Pro MFP 3103fdw * HP LaserJet Pro MFP 3104fdw * HP LaserJet Pro MFP 3101fdne * HP LaserJet Pro MFP 3101fdn * HP LaserJet Pro MFP 3102fdne * HP LaserJet Pro MFP 3102fdn * HP LaserJet Pro MFP 3103fdn * HP LaserJet Pro MFP 3104fdn * HP LaserJet Pro 3001dwe * HP LaserJet Pro 3001dw * HP LaserJet Pro 3002dwe * HP LaserJet Pro 3002dw * HP LaserJet Pro 3003dw * HP LaserJet Pro 3004dw * HP LaserJet Pro 3001dne * HP LaserJet Pro 3001dn * HP LaserJet Pro 3002dne * HP LaserJet Pro 3002dn * HP LaserJet Pro 3003dn * HP LaserJet Pro 3004dn ==== hwinfo ==== Version update (22.0 -> 22.1) - merge gh#openSUSE/hwinfo#117 - glibc 2.36+ includes fsconfig itself, make linux/fs.h inclusion conditional (bsc#1202213) - 22.1 ==== kernel-source ==== Version update (5.18.15 -> 5.19.0) - Update config files -- set SECURITY_SELINUX_CHECKREQPROT_VALUE=0 (bsc#1202280) - commit 6a791bc - Revert "zram: remove double compression logic" (bsc#1202203). - commit 9739fe2 - tools bpftool: Don't display disassembler-four-args feature test (bsc#1202195). - tools bpftool: Fix compilation error with new binutils (bsc#1202195). - tools bpf_jit_disasm: Don't display disassembler-four-args feature test (bsc#1202195). - tools bpf_jit_disasm: Fix compilation error with new binutils (bsc#1202195). - tools perf: Fix compilation error with new binutils (bsc#1202195). - tools include: add dis-asm-compat.h to handle version differences (bsc#1202195). - tools build: Don't display disassembler-four-args feature test (bsc#1202195). - tools build: Add feature test for init_disassemble_info API changes (bsc#1202195). - commit fa8853d - series.conf: remove blank line from sorted section It causes troubles when adding multiple patches -- the current ones are duplicated then. - commit 309e362 - Update patches.suse/Revert-Revert-tcp-change-pingpong-threshold-to-3.patch (bsc#1202188). Add a reference and refresh. - commit 5ea3c65 - Revert "Revert "tcp: change pingpong threshold to 3"" (eventlet tests fix). - commit 8268096 - series.conf: cleanup - update upstream references and resort: - patches.suse/0001-drm-Always-warn-if-user-defined-modes-are-not-suppor.patch - patches.suse/0001-drm-client-Don-t-add-new-command-line-mode.patch - patches.suse/0001-drm-client-Look-for-command-line-modes-first.patch - update upstream references and move into sorted section: - patches.suse/ath9k-fix-use-after-free-in-ath9k_hif_usb_rx_cb.patch - commit 35466a9 - Update config files (bsc#1184924). +RANDOM_TRUST_BOOTLOADER on arm This is set on all other platforms in Tumbleweed, and only on ARM in Leap. The ARM platform is unique in that it can have random source defined in EFI firmware as well as device tree, and we don't test this configuration in Factory because of the inverted config situation betwween Tumbleweed and Leap. - commit 1275841 - Fix parsing of rpm/macros.kernel-source on SLE12 (bsc#1201019). - commit 9816878 - Update to 5.19 final - refresh configs - commit e9f89c9 ==== kscreenlocker ==== Subpackages: kscreenlocker-lang libKScreenLocker5 - Use %_pam_vendordir ==== libadwaita ==== Version update (1.1.3 -> 1.1.4) Subpackages: libadwaita-1-0 libadwaita-lang typelib-1_0-Adw-1 - Update to version 1.1.4: + AdwAvatar: Fix draw_to_texture() with rectangular avatars. + AdwTabBar: Fix squished or clipped text with gtk-hint-font-metrics=0. + AdwShadowHelper: Fix warnings when drawing vertical shadow. + AdwSwipeTracker: - Fix swipe speed on GTK 4.7.x. - Fix criticals with GTK 4.7.x. ==== libbluray ==== Version update (1.3.1 -> 1.3.2) - update to 1.3.2: - Fix build/run failure after Oracle Java CPU for April 2022 - drop patch libbluray-April2022CPU.patch (upstream) ==== manpages-l10n ==== Version update (4.14.0 -> 4.15.0) Subpackages: man-pages-cs man-pages-da man-pages-de man-pages-el man-pages-es man-pages-fr man-pages-hu man-pages-it man-pages-pl man-pages-pt_BR - Remove ethers.5 German translation already provided by net-tools (https://salsa.debian.org/manpages-l10n-team/manpages-l10n/-/issues/8). - Update to version 4.15.0: Updated many translations. ==== mobile-broadband-provider-info ==== Version update (20220511 -> 20220725) - Update to version 20220725: * release: bump version to 20220725 * bsnlnet: Add username and password * xk: add Ipko service provider * nl: correct Simple internet provider * fr: add Simplus data/mms settings ==== mutt ==== Version update (2.2.6 -> 2.2.7) Subpackages: mutt-doc mutt-lang - update to 2.2.7: * This is a bug-fix release, fixing a $edit_headers bug on MacOS, along with a few other small bugs. It also tightens the $query_command parser to accept a single tab between fields, and changes $pager to accept a %s expando. ==== permissions ==== Version update (1599_20220309 -> 1599_20220713) Subpackages: chkstat permissions-config - Fix dependency from permissions-zypp-plugin to permissions. - Avoid different Versions for subpackages to fix build-compare seeing the src rpm as equal. It replaces VERSION-RELEASE but that will fail if subpackages use a different Version - Update to version 20220713: * postfix: add postlog setgid for maildrop binary (bsc#1201385) * libexec migration: KDE utilities now properly place their helpers * pccardctl: installation path has finally changed to /usr/sbin ==== postfix ==== Version update (3.6.6 -> 3.7.2) - use correct source signature file (gpg2) - update to 3.7.2 https://de.postfix.org/ftpmirror/official/postfix-3.7.2.RELEASE_NOTES - rebase patches * pointer_to_literals.patch * postfix-linux45.patch * postfix-main.cf.patch * postfix-master.cf.patch * postfix-no-md5.patch * postfix-ssl-release-buffers.patch * postfix-vda-v14-3.0.3.patch * set-default-db-type.patch - build against libpcre2 ==== python-loguru ==== Version update (0.5.3 -> 0.6.0) - Update to 0.6.0 * Remove internal use of pickle.loads() considered as a security vulnerability referenced as CVE-2022-0329 (#563). * Modify coroutine sink to make it discard log messages when loop=None and no event loop is running (due to internally using asyncio.get_running_loop() in place of asyncio.get_event_loop()). * Remove the possibility to add a coroutine sink with enqueue=True if loop=None and no event loop is running. * Change default encoding of file sink to be utf8 instead of locale.getpreferredencoding() (#339). * Prevent non-ascii characters to be escaped while logging JSON message with serialize=True (#575, thanks @ponponon). * Fix flake8 errors and improve code readability (#353, thanks @AndrewYakimets). - Drop merged patches: * loguru-exception-formatting-py39.patch * pytest-6.2-excepthooks.patch - Add loguru-fix-repr-tests.patch * Fix "repr()" tests failing on Python 3.11 and Python 3.10.6 * https://github.com/Delgan/loguru/commit/4fe21f66 ==== python-pip ==== - skip subversion tests, not that relevant to pull in dozens of dependencies into small bootstrap - Add distutils-reproducible-compile.patch to make installed files ordered correctly and thus builds reproducible again (port of the fix for bpo#29708 and gh#python/cpython#8057). ==== python-pytest ==== Version update (7.1.1 -> 7.1.2) - Update to 7.1.2 * #9726: An unnecessary numpy import inside pytest.approx{.interpreted-text role="func"} was removed. * #9820: Fix comparison of dataclasses with InitVar. * #9869: Increase stacklevel for the NODE_CTOR_FSPATH_ARG deprecation to point to the user's code, not pytest. * #9871: Fix a bizarre (and fortunately rare) bug where the [temp_path]{.title-ref} fixture could raise an internal error while attempting to get the current user's username. ==== python310 ==== Version update (3.10.5 -> 3.10.6) Subpackages: python310-curses python310-dbm python310-tk - Update to 3.10.6: - gh-87389: http.server: Fix an open redirection vulnerability in the HTTP server when an URI path starts with //. Vulnerability discovered, and initial fix proposed, by Hamza Avvan. - gh-92888: Fix memoryview use after free when accessing the backing buffer in certain cases. - gh-95355: _PyPegen_Parser_New now properly detects token memory allocation errors. Patch by Honglin Zhu. - gh-94938: Fix error detection in some builtin functions when keyword argument name is an instance of a str subclass with overloaded __eq__ and __hash__. Previously it could cause SystemError or other undesired behavior. - gh-94949: ast.parse() will no longer parse parenthesized context managers when passed feature_version less than (3, 9). Patch by Shantanu Jain. - gh-94947: ast.parse() will no longer parse assignment expressions when passed feature_version less than (3, 8). Patch by Shantanu Jain. - gh-94869: Fix the column offsets for some expressions in multi-line f-strings ast nodes. Patch by Pablo Galindo. - gh-91153: Fix an issue where a bytearray item assignment could crash if itâs resized by the new valueâs __index__() method. - gh-94329: Compile and run code with unpacking of extremely large sequences (1000s of elements). Such code failed to compile. It now compiles and runs correctly. - gh-94360: Fixed a tokenizer crash when reading encoded files with syntax errors from stdin with non utf-8 encoded text. Patch by Pablo Galindo - gh-94192: Fix error for dictionary literals with invalid expression as value. - gh-93964: Strengthened compiler overflow checks to prevent crashes when compiling very large source files. - gh-93671: Fix some exponential backtrace case happening with deeply nested sequence patterns in match statements. Patch by Pablo Galindo - gh-93021: Fix the __text_signature__ for __get__() methods implemented in C. Patch by Jelle Zijlstra. - gh-92930: Fixed a crash in _pickle.c from mutating collections during __reduce__ or persistent_id. - gh-92914: Always round the allocated size for lists up to the nearest even number. - gh-92858: Improve error message for some suites with syntax error before â:â - gh-95339: Update bundled pip to 22.2.1. - gh-95045: Fix GC crash when deallocating _lsprof.Profiler by untracking it before calling any callbacks. Patch by Kumar Aditya. - gh-95087: Fix IndexError in parsing invalid date in the email module. - gh-95199: Upgrade bundled setuptools to 63.2.0. - gh-95194: Upgrade bundled pip to 22.2. - gh-93899: Fix check for existence of os.EFD_CLOEXEC, os.EFD_NONBLOCK and os.EFD_SEMAPHORE flags on older kernel versions where these flags are not present. Patch by Kumar Aditya. - gh-95166: Fix concurrent.futures.Executor.map() to cancel the currently waiting on future on an error - e.g. TimeoutError or KeyboardInterrupt. - gh-93157: Fix fileinput module didnât support errors option when inplace is true. - gh-94821: Fix binding of unix socket to empty address on Linux to use an available address from the abstract namespace, instead of â0â. - gh-94736: Fix crash when deallocating an instance of a subclass of _multiprocessing.SemLock. Patch by Kumar Aditya. - gh-94637: SSLContext.set_default_verify_paths() now releases the GIL around SSL_CTX_set_default_verify_paths call. The function call performs I/O and CPU intensive work. - gh-94510: Re-entrant calls to sys.setprofile() and sys.settrace() now raise RuntimeError. Patch by Pablo Galindo. - gh-92336: Fix bug where linecache.getline() fails on bad files with UnicodeDecodeError or SyntaxError. It now returns an empty string as per the documentation. - gh-89988: Fix memory leak in pickle.Pickler when looking up dispatch_table. Patch by Kumar Aditya. - gh-94254: Fixed types of struct module to be immutable. Patch by Kumar Aditya. - gh-94245: Fix pickling and copying of typing.Tuple[()]. - gh-94207: Made _struct.Struct GC-tracked in order to fix a reference leak in the _struct module. - gh-94101: Manual instantiation of ssl.SSLSession objects is no longer allowed as it lead to misconfigured instances that crashed the interpreter when attributes where accessed on them. - gh-84753: inspect.iscoroutinefunction(), inspect.isgeneratorfunction(), and inspect.isasyncgenfunction() now properly return True for duck-typed function-like objects like instances of unittest.mock.AsyncMock. - This makes inspect.iscoroutinefunction() consistent with the behavior of asyncio.iscoroutinefunction(). Patch by Mehdi ABAAKOUK. - gh-83499: Fix double closing of file description in tempfile. - gh-79512: Fixed names and __module__ value of weakref classes ReferenceType, ProxyType, CallableProxyType. It makes them pickleable. ... changelog too long, skipping 98 lines ... - skip-test_pyobject_freed_is_freed.patch ==== python310-core ==== Version update (3.10.5 -> 3.10.6) Subpackages: libpython3_10-1_0 python310-base - Update to 3.10.6: - gh-87389: http.server: Fix an open redirection vulnerability in the HTTP server when an URI path starts with //. Vulnerability discovered, and initial fix proposed, by Hamza Avvan. - gh-92888: Fix memoryview use after free when accessing the backing buffer in certain cases. - gh-95355: _PyPegen_Parser_New now properly detects token memory allocation errors. Patch by Honglin Zhu. - gh-94938: Fix error detection in some builtin functions when keyword argument name is an instance of a str subclass with overloaded __eq__ and __hash__. Previously it could cause SystemError or other undesired behavior. - gh-94949: ast.parse() will no longer parse parenthesized context managers when passed feature_version less than (3, 9). Patch by Shantanu Jain. - gh-94947: ast.parse() will no longer parse assignment expressions when passed feature_version less than (3, 8). Patch by Shantanu Jain. - gh-94869: Fix the column offsets for some expressions in multi-line f-strings ast nodes. Patch by Pablo Galindo. - gh-91153: Fix an issue where a bytearray item assignment could crash if itâs resized by the new valueâs __index__() method. - gh-94329: Compile and run code with unpacking of extremely large sequences (1000s of elements). Such code failed to compile. It now compiles and runs correctly. - gh-94360: Fixed a tokenizer crash when reading encoded files with syntax errors from stdin with non utf-8 encoded text. Patch by Pablo Galindo - gh-94192: Fix error for dictionary literals with invalid expression as value. - gh-93964: Strengthened compiler overflow checks to prevent crashes when compiling very large source files. - gh-93671: Fix some exponential backtrace case happening with deeply nested sequence patterns in match statements. Patch by Pablo Galindo - gh-93021: Fix the __text_signature__ for __get__() methods implemented in C. Patch by Jelle Zijlstra. - gh-92930: Fixed a crash in _pickle.c from mutating collections during __reduce__ or persistent_id. - gh-92914: Always round the allocated size for lists up to the nearest even number. - gh-92858: Improve error message for some suites with syntax error before â:â - gh-95339: Update bundled pip to 22.2.1. - gh-95045: Fix GC crash when deallocating _lsprof.Profiler by untracking it before calling any callbacks. Patch by Kumar Aditya. - gh-95087: Fix IndexError in parsing invalid date in the email module. - gh-95199: Upgrade bundled setuptools to 63.2.0. - gh-95194: Upgrade bundled pip to 22.2. - gh-93899: Fix check for existence of os.EFD_CLOEXEC, os.EFD_NONBLOCK and os.EFD_SEMAPHORE flags on older kernel versions where these flags are not present. Patch by Kumar Aditya. - gh-95166: Fix concurrent.futures.Executor.map() to cancel the currently waiting on future on an error - e.g. TimeoutError or KeyboardInterrupt. - gh-93157: Fix fileinput module didnât support errors option when inplace is true. - gh-94821: Fix binding of unix socket to empty address on Linux to use an available address from the abstract namespace, instead of â0â. - gh-94736: Fix crash when deallocating an instance of a subclass of _multiprocessing.SemLock. Patch by Kumar Aditya. - gh-94637: SSLContext.set_default_verify_paths() now releases the GIL around SSL_CTX_set_default_verify_paths call. The function call performs I/O and CPU intensive work. - gh-94510: Re-entrant calls to sys.setprofile() and sys.settrace() now raise RuntimeError. Patch by Pablo Galindo. - gh-92336: Fix bug where linecache.getline() fails on bad files with UnicodeDecodeError or SyntaxError. It now returns an empty string as per the documentation. - gh-89988: Fix memory leak in pickle.Pickler when looking up dispatch_table. Patch by Kumar Aditya. - gh-94254: Fixed types of struct module to be immutable. Patch by Kumar Aditya. - gh-94245: Fix pickling and copying of typing.Tuple[()]. - gh-94207: Made _struct.Struct GC-tracked in order to fix a reference leak in the _struct module. - gh-94101: Manual instantiation of ssl.SSLSession objects is no longer allowed as it lead to misconfigured instances that crashed the interpreter when attributes where accessed on them. - gh-84753: inspect.iscoroutinefunction(), inspect.isgeneratorfunction(), and inspect.isasyncgenfunction() now properly return True for duck-typed function-like objects like instances of unittest.mock.AsyncMock. - This makes inspect.iscoroutinefunction() consistent with the behavior of asyncio.iscoroutinefunction(). Patch by Mehdi ABAAKOUK. - gh-83499: Fix double closing of file description in tempfile. - gh-79512: Fixed names and __module__ value of weakref classes ReferenceType, ProxyType, CallableProxyType. It makes them pickleable. ... changelog too long, skipping 98 lines ... - skip-test_pyobject_freed_is_freed.patch ==== tracker-miners ==== Subpackages: tracker-miner-files tracker-miners-lang - Add 401.patch: Specify graphs in "tracker3 search" queries; resolves tracker search listing files multiple times (boo#1200403 glgo#GNOME/tracker-miners#229). ==== usbredir ==== Version update (0.12.0 -> 0.13.0) Subpackages: libusbredirhost1 libusbredirparser1 - Update to version 0.13.0: + Fix regression on unserialize data + Removes usbredirserver + Improved header length checks when unserialising data + Fix usage of command line argument in usbredirect + Fix small memory leak on usbredirect - Drop 9426fdb1.patch and dffc41c3.patch: fixed upstream. - Drop 0001-Use-D_FORTIFY_SOURCE-instead-of-Wp-D_FORTIFY_SOURCE.patch: fixed upstream. - Add keyring to validate source signature. ==== webkit2gtk3 ==== Version update (2.36.5 -> 2.36.6) Subpackages: WebKit2GTK-4.1-lang libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Update to version 2.36.6 + Fix handling of touchpad scrolling on GTK4 builds + Fix WebKitGTK not allowing to be used from non-main threads (boo#1202169) + Fix several crashes and rendering issues ==== webkit2gtk3-soup2 ==== Version update (2.36.5 -> 2.36.6) Subpackages: WebKit2GTK-4.0-lang libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 typelib-1_0-JavaScriptCore-4_0 typelib-1_0-WebKit2-4_0 webkit2gtk-4_0-injected-bundles - Update to version 2.36.6 + Fix handling of touchpad scrolling on GTK4 builds + Fix WebKitGTK not allowing to be used from non-main threads (boo#1202169) + Fix several crashes and rendering issues ==== wireplumber ==== Subpackages: libwireplumber-0_4-0 wireplumber-audio wireplumber-lang - Add 398.patch -- policy-node: fix potential rescan loop to prevent high cpu usage (glfo#pipewire/wireplumber#152); patch taken from upstream merge request. ==== xdg-desktop-portal ==== Version update (1.14.5 -> 1.14.6) Subpackages: xdg-desktop-portal-lang - Update to version 1.14.6: + realtime: - Remap thread ids. - Use correct types.