Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20241103 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: SDL2 (2.30.8 -> 2.30.9) glib2-branding-openSUSE gtk4 (4.16.3 -> 4.16.5) libnl3 (3.10.0 -> 3.11.0) libvirt (10.8.0 -> 10.9.0) mpg123 (1.32.8 -> 1.32.9) nftables (1.0.9 -> 1.1.1) openSUSE-release (20241102 -> 20241103) python-libvirt-python (10.8.0 -> 10.9.0) python311 python311-core seahorse (47.0.1 -> 47.0.1+6) vlc === Details === ==== SDL2 ==== Version update (2.30.8 -> 2.30.9) - Update to release 2.30.9 * Fixed flicker when entering/exiting fullscreen or moving the window between scaled and non-scaled displays under Wayland. ==== glib2-branding-openSUSE ==== - Remove "picture-uri-dark" in schema "org.gnome.desktop.screensaver", there is no this key in schema currently. ==== gtk4 ==== Version update (4.16.3 -> 4.16.5) Subpackages: gtk4-lang gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0 - Update to version 4.16.5: + Clean up debug spew. - Update to version 4.16.4: + GtkTextView: - Fix some missing CSS invalidation - Handle charsets in clipboard datatypes + GtkApplication: Respect GDK_DEBUG=no-portals + Printing: - Avoid warnings for avahi errors - Fix a segfault in the print dialog setup code + Accessibility: Handle NULL values in more places + Gdk: - vulkan: Fix validation errors - Fix 32bit build for the jpeg loader + Wayland: Fix a possible deadlock with high-priority sources triggering Wayland roundtrips + Updated translations. ==== libnl3 ==== Version update (3.10.0 -> 3.11.0) Subpackages: libnl-config libnl3-200 - Update to release 3.11 * Add NLA_{SINT|UINT} attribute types * Add NLA functions for variable-length integers * link/bonding: add getters for attributes * lib/route: add support for bridge msti ==== libvirt ==== Version update (10.8.0 -> 10.9.0) Subpackages: libvirt-client libvirt-daemon-common libvirt-daemon-config-network libvirt-daemon-driver-libxl libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lock libvirt-daemon-log libvirt-daemon-plugin-lockd libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs - Update to libvirt 10.9.0 - jsc#PED-8909, jsc#9854, jsc#9855 - Many incremental improvements and bug fixes, see https://libvirt.org/news.html#v10-9-0-2024-11-01 ==== mpg123 ==== Version update (1.32.8 -> 1.32.9) Subpackages: libmpg123-0 mpg123-openal - Update to version 1.32.9 libmpg123: * Increase the library patchlevel, as was forgotten on previous release. Now you can check for distversion >= 1.32.8 or mpg123 libversion >= 48 patchlevel 3 to see if you're vulnerable to CVE-2024-10573. ==== nftables ==== Version update (1.0.9 -> 1.1.1) Subpackages: libnftables1 python311-nftables - Update to release 1.1.1 * Reduce netlink cache dependencies to speed up incremental updates. * Allow zero burst in byte ratelimiter expression. * Fix double-free when users call nft_ctx_clear_vars() followed by nft_ctx_free(). * Document that the tproxy statement is non-terminal (unlike in iptables). This allows for tproxy+log and tproxy+mark combos, see man nft(8) for details. * Add egress support for the `list hooks` subcommand. - Update to release 1.1.0 * Restore compatibility set element dump with <= 0.9.8 * Disallow empty interface names * Restore rule replace command * Search for group, rt_mark, rt_realms at /etc/iproute2, /usr/share/iproute2 * Resolve some timezone issues * Support for variables in map expressions * VLAN support ==== openSUSE-release ==== Version update (20241102 -> 20241103) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== python-libvirt-python ==== Version update (10.8.0 -> 10.9.0) - Update to 10.9.0 - Add all new APIs and constants in libvirt 10.9.0 - jsc#PED-8909, jsc#9854, jsc#9855 ==== python311 ==== Subpackages: python311-curses python311-dbm python311-x86-64-v3 - Add CVE-2024-9287-venv_path_unquoted.patch to properly quote path names provided when creating a virtual environment (bsc#1232241, CVE-2024-9287) ==== python311-core ==== Subpackages: libpython3_11-1_0 libpython3_11-1_0-x86-64-v3 python311-base python311-base-x86-64-v3 - Add CVE-2024-9287-venv_path_unquoted.patch to properly quote path names provided when creating a virtual environment (bsc#1232241, CVE-2024-9287) ==== seahorse ==== Version update (47.0.1 -> 47.0.1+6) Subpackages: gnome-shell-search-provider-seahorse seahorse-lang - Update to version 47.0.1+6: * build: - Fix config.h target - Fix symbolic icon name * Updated translations. ==== vlc ==== Subpackages: libvlc5 libvlccore9 vlc-codec-gstreamer vlc-lang vlc-noX vlc-qt vlc-vdpau - Drop the requres_ge libbluray1 statement, which was added as a hack due to a libbluray ABI brak at version 0.5. By now libbluray is at .so.2, so that statement was actually a NOP. as RPM simply ignored in-existing package dependencies.