Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20240502 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: MozillaFirefox (125.0.2 -> 125.0.3) SDL2 (2.30.2 -> 2.30.3) amarok (2.9.75git.20230408T114133~7098c192a6 -> 3.0.0) ca-certificates (2+git20230406.2dae8b7 -> 2+git20240415.3fe9324) cronie ed (1.20.1 -> 1.20.2) gcc14 (14.0.1+git10008 -> 14.0.1+git10154) gnome-browser-connector google-noto-fonts (20240401 -> 20240501) gpsd gstreamer kernel-firmware (20240419 -> 20240426) krb5 libbpf (1.4.0 -> 1.4.1) libreoffice (24.2.2.2 -> 24.2.3.2) nano (7.2 -> 8.0) ncurses (6.4.20240414 -> 6.5.20240427) openSUSE-release (20240430 -> 20240502) polkit-default-privs (1550+20240325.eddbe04 -> 1550+20240430.5327266) python-pygit2 python311 python311-core qemu (8.2.2 -> 8.2.3) re2 (20240401 -> 20240501) sac setools (4.5.0 -> 4.5.1) socat (1.7.4.3 -> 1.8.0.0) systemd yast2-bootloader (5.0.8 -> 5.0.9) yast2-installation (5.0.8 -> 5.0.9) === Details === ==== MozillaFirefox ==== Version update (125.0.2 -> 125.0.3) Subpackages: MozillaFirefox-translations-common - Mozilla Firefox 125.0.3 * Fixed: Fixed an extra blank tab with an address of `https://0.0.0.1` sometimes appearing when attempting to launch Firefox when it is already running (bmo#1892612). * Fixed: Fixed an issue that could cause incorrect font selection in some situations for users with the Japanese locale set (bmo#1892363). * Fixed: Fixed text corruption when dragging text containing unicode characters on Linux systems (bmo#1888202). * Fixed: Fixed a correctness error when checking `arguments.length` (and not using arguments otherwise) inside of a generator or async function (bmo#1892699). * Fixed: Fixed an issue that could lead to inconsistent focus handling of `<select>` elements when opened (bmo#1893177). - Fix build on Leap by requiring gcc13 which has been made available as an update. ==== SDL2 ==== Version update (2.30.2 -> 2.30.3) - Update to release 2.30.3 * Fixed a pointer warping issue on XWayland * Reduced startup time when scanning for game controllers on Linux ==== amarok ==== Version update (2.9.75git.20230408T114133~7098c192a6 -> 3.0.0) - Update to 3.0.0 * https://blogs.kde.org/2024/04/29/amarok-3.0-castaway-released/ - Drop patch, merged upstream: * 0001-Use-non-deprecated-TagLib-functions-fix-build-with-T.patch ==== ca-certificates ==== Version update (2+git20230406.2dae8b7 -> 2+git20240415.3fe9324) - Update to version 2+git20240415.3fe9324: * Add ca-certificates-setup.service * typo: differnt/different ==== cronie ==== Subpackages: cron - Remove safe-backup-permissions.patch -- Merged upstream - Update to 1.7.2: * crond: Revert setting the return path to <>. It is not RFC compliant. * crond: Inherit MAILFROM from the crond process environment. ==== ed ==== Version update (1.20.1 -> 1.20.2) - GNU ed 1.20.2: * Fix a bug that made global commands like 'g/x/s/x/x', with the last delimiter omitted, print every substituted line twice ==== gcc14 ==== Version update (14.0.1+git10008 -> 14.0.1+git10154) Subpackages: libasan8 libatomic1 libgcc_s1 libgcc_s1-32bit libgfortran5 libgomp1 libhwasan0 libitm1 liblsan0 libobjc4 libquadmath0 libstdc++6 libstdc++6-32bit libstdc++6-locale libstdc++6-pp libstdc++6-pp-32bit libtsan2 libubsan1 - Update to gcc-14 branch head, 7a00c459cbb913ac165a39d34, git10154 * GCC 14.1 RC1 ==== gnome-browser-connector ==== - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [bsc#1212476] ==== google-noto-fonts ==== Version update (20240401 -> 20240501) Subpackages: google-noto-sans-fonts google-noto-sans-symbols-fonts google-noto-sans-symbols2-fonts - Update to 20240501 * Noto Rashi Hebrew - Corrects the width and position of marks under double-yud and double-vov - Improves the anchoring of yod - Adds the U+053F yod triangle character - Improves the spacing of tsadi * Noto Egyptian Hieroglyphs - Add codepoints from Unicode 14 ==== gpsd ==== - usage of %python3_fix_shebang to cover /usr/bin is also needed [bsc#1212476] ==== gstreamer ==== Subpackages: gstreamer-lang gstreamer-utils libgstreamer-1_0-0 typelib-1_0-Gst-1_0 - remove dependency on /usr/bin/python3 using %python3_fix_shebang_path macro, [bsc#1212476] ==== kernel-firmware ==== Version update (20240419 -> 20240426) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20240426 (git commit 2398d264f953): * amdgpu: DMCUB updates for various AMDGPU ASICs * linux-firmware: Add firmware for Cirrus CS35L56 for various HP laptops * i915: Update Xe2LPD DMC to v2.20 * linux-firmware: Remove Calibration Firmware and Tuning for CS35L41 * linux-firmware: Add firmware for Lenovo Thinkbook 13X * ASoC: tas2781: Add dsp firmware for Thinkpad ICE-1 laptop * amdgpu: add DMCUB 3.5 firmware * amdgpu: add VPE 6.1.0 firmware * amdgpu: add VCN 4.0.5 firmware * amdgpu: add UMSCH 4.0.0 firmware * amdgpu: add SDMA 6.1.0 firmware * amdgpu: add PSP 14.0.0 firmware * amdgpu: add GC 11.5.0 firmware * amdgpu: update license date ==== krb5 ==== Subpackages: krb5-32bit krb5-client - Remove requires for not used cron - Fix memory leaks, add patch 0009-Fix-three-memory-leaks.patch * CVE-2024-26458, bsc#1220770 * CVE-2024-26461, bsc#1220771 * CVE-2024-26462, bsc#1220772 ==== libbpf ==== Version update (1.4.0 -> 1.4.1) - update to 1.4.1: * Bug fix release fixing logic around determining whether to autoload SEC("struct_ops") programs in cases when old kernel doesn't support some optional callbacks and user reset them to NULL from BPF skeleton. ==== libreoffice ==== Version update (24.2.2.2 -> 24.2.3.2) Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-en_GB libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-pt_BR libreoffice-l10n-ru libreoffice-l10n-zh_CN libreoffice-l10n-zh_TW libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit - Update to 2.4.3.2 (24.2.3 final) https://wiki.documentfoundation.org/Releases/24.2.3/RC1 and https://wiki.documentfoundation.org/Releases/24.2.3/RC2 ==== nano ==== Version update (7.2 -> 8.0) Subpackages: nano-lang - GNU nano 8.0: * By default ^F is bound to starting a forward search, and ^B to starting a backward search, while M-F and M-B repeat the search in the corresponding direction. (See the documentation if you want the old bindings back.) * Command-line option --modernbindings (-/) makes ^Q quit, ^X cut, ^C copy, ^V paste, ^Z undo, ^Y redo, ^O open a file, ^W write a file, ^R replace, ^G find again, ^D find again backwards, ^A set the mark, ^T jump to a line, ^P show the position, and ^E execute. * Above modern bindings are activated also when the name of nano's executable (or a symlink to it) starts with the letter "e". * To open a file at a certain line number, one can now use also nano filename:number, besides nano +number filename. * <Alt+Home> and <Alt+End> put the cursor on the first and last row in the viewport, while retaining the horizontal position. * When the three digits in an #RGB color code are all the same, the code is mapped to the xterm grey scale, giving access to fourteen levels of grey instead of just four. * For easier access, M-" is bound to placing/removing an anchor, and M-' to jumping to the next anchor. * Whenever an error occurs, the keystroke buffer is cleared, thus stopping the execution of a macro or a string bind. * The mousewheel scrolls the viewport instead of moving the cursor. ==== ncurses ==== Version update (6.4.20240414 -> 6.5.20240427) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Update to ncurses 6.5 (patch 20240427) + update announcement + fixes/corrections for manpages (patches by Branden Robinson). + fix redefinition of CASTxPTR, for legacy Unix. - Update to tack 1.9 (patch 20230201) * configure: regen * configure.in: initialize $ac_includes_default s/fgrep/$FGREP/ * aclocal.m4: resync with my-autoconf - Add ncurses patch 20240420 + improve formatting/style of manpages (patches by Branden Robinson). + compiler warning/portability fixes. ==== openSUSE-release ==== Version update (20240430 -> 20240502) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== polkit-default-privs ==== Version update (1550+20240325.eddbe04 -> 1550+20240430.5327266) - Update to version 1550+20240430.5327266: * profiles: whitelist dnf5daemon-server (bsc#1218327) * profiles: remove pseudo auth action kcmkwallet5 (bsc#1217190) ==== python-pygit2 ==== - Fix build with gcc 14 * Fix-CI.patch * Fix-leaks-in-fetch_refspecs-and-push_refspecs.patch ==== python311 ==== Subpackages: python311-curses python311-dbm python311-x86-64-v3 - Update CVE-2023-52425-libexpat-2.6.0-backport.patch so that it uses features sniffing, not just comparing version number. Include also support-expat-CVE-2022-25236-patched.patch. - Add CVE-2023-52425-remove-reparse_deferral-tests.patch skipping failing tests. - Refresh patches: - CVE-2023-27043-email-parsing-errors.patch - fix_configure_rst.patch - skip_if_buildbot-extend.patch - Remove included patch: - support-expat-CVE-2022-25236-patched.patch ==== python311-core ==== Subpackages: libpython3_11-1_0 libpython3_11-1_0-x86-64-v3 python311-base python311-base-x86-64-v3 - Update CVE-2023-52425-libexpat-2.6.0-backport.patch so that it uses features sniffing, not just comparing version number. Include also support-expat-CVE-2022-25236-patched.patch. - Add CVE-2023-52425-remove-reparse_deferral-tests.patch skipping failing tests. - Refresh patches: - CVE-2023-27043-email-parsing-errors.patch - fix_configure_rst.patch - skip_if_buildbot-extend.patch - Remove included patch: - support-expat-CVE-2022-25236-patched.patch ==== qemu ==== Version update (8.2.2 -> 8.2.3) Subpackages: qemu-accel-tcg-x86 qemu-audio-spice qemu-block-curl qemu-block-nfs qemu-block-rbd qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-host qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-img qemu-ipxe qemu-ksm qemu-lang qemu-microvm qemu-pr-helper qemu-seabios qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios qemu-x86 - Fix a build issue on riscv: * target/riscv/kvm: rename riscv_reg_id() to riscv_reg_id_ulong() * target/riscv/kvm: add RISCV_CONFIG_REG() * target/riscv/kvm: change timer regs size to u64 * target/riscv/kvm: change KVM_REG_RISCV_FP_D to u64 * target/riscv/kvm: change KVM_REG_RISCV_FP_F to u32 - Update to version 8.2.3. Full changelog/backports here: https://lore.kernel.org/qemu-devel/1713980341.971368.1218343.nullmailer@tls.... Some of the upstream backports are: * Update version for 8.2.3 release * ppc/spapr: Initialize max_cpus limit to SPAPR_IRQ_NR_IPIS. * ppc/spapr: Introduce SPAPR_IRQ_NR_IPIS to refer IRQ range for CPU IPIs. * hw/pci-host/ppc440_pcix: Do not expose a bridge device on PCI bus * hw/isa/vt82c686: Keep track of PIRQ/PINT pins separately * virtio-pci: fix use of a released vector * linux-user/x86_64: Handle the vsyscall page in open_self_maps_{2,4} * hw/audio/virtio-snd: Remove unused assignment * hw/net/net_tx_pkt: Fix overrun in update_sctp_checksum() * hw/sd/sdhci: Do not update TRNMOD when Command Inhibit (DAT) is set * hw/net/lan9118: Fix overflow in MIL TX FIFO * hw/net/lan9118: Replace magic '2048' value by MIL_TXFIFO_SIZE definition * backends/cryptodev: Do not abort for invalid session ID * hw/misc/applesmc: Fix memory leak in reset() handler * hw/block/nand: Fix out-of-bound access in NAND block buffer * hw/block/nand: Have blk_load() take unsigned offset and return boolean * hw/block/nand: Factor nand_load_iolen() method out * qemu-options: Fix CXL Fixed Memory Window interleave-granularity typo * hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs * hw/char/virtio-serial-bus: Protect from DMA re-entrancy bugs * hw/display/virtio-gpu: Protect from DMA re-entrancy bugs * ...and many more... ==== re2 ==== Version update (20240401 -> 20240501) - update to 2024-05-01: * Stop setting re2_INCLUDE_DIR * Fixes related to python bindings ==== sac ==== - Clean the spec file a bit ==== setools ==== Version update (4.5.0 -> 4.5.1) Subpackages: python311-setools setools-console - Update to version 4.5.1: - Correct annotations of NetworkX types to make it optional again. - Fix packaging issue for apol's style sheet (apol.css). - Drop 0001-Make-networkx-optional-again-Fixes-125.patch fixed upstream - Change networkx Requires to Suggests ==== socat ==== Version update (1.7.4.3 -> 1.8.0.0) - Update to 1.8.0.0: * Support for network namespaces (option netns) * TCP client now automatically tries all addresses (IPv4 and IPv6) provided by nameserver until success * Implementation of POSIX message queue (mq) control and access on Linux (addresses POSIXMQ-READ and following) * New wrapper script socat-chain.sh allows to stack two addresses, e.g.HTTP proxy connect over SSL * New script socat-mux.sh allows n-to-1 / 1-to-n communications * New script socat-broker.sh allows group communications * Experimental socks5 client feature * Address ACCEPT-FD for systemd "inetd" mode * UDP-Lite and DCCP address types * Addresses SOCKETPAIR and SHELL * New option bind-tmpname allows forked off children to bind UNIX domain client sockets to random unique pathes * New option retrieve-vlan (with INTERFACE addresses) now makes kernel keep VLAN tags in incoming packets * Simple statistics output with Socat option --statistics and with SIGUSR1 * A couple of new options, many fixes and corrections, see file CHANGES - Drop socat-common-fixes.patch (no longer necessary) - Refactor socat-ignore-tests-failure-boo1078346.patch (test suite no longer exits at this stage) - Add socat-test-dhparam fixture (reduce build load and time) - Add socat-test-without-tty.patch for testing without tty. - Note: This version introduces "socat1", linking to "socat" - Note: This version introduces additional shell scripts, those are shipped in a new "socat-extra" subpackage - Update to 1.7.4.4: * FIX: In error.c msg2() there was a stack overflow on long messages: The terminating \0 Byte was written behind the last position. * FIX: UDP-RECVFROM with fork sometimes terminated when multiple packets arrived. * FIX: a couple of weaknesses and errors when accessing invalid or  incompatible file system entries with UNIX domain, file, and generic addresses. * FIX: bad parser error message on "socat /tmp/x\"x/x -" - Drop socat-fix-asan-error.patch ==== systemd ==== Subpackages: libsystemd0 libsystemd0-32bit libudev1 systemd-32bit systemd-boot systemd-container systemd-coredump systemd-experimental systemd-lang udev - Update 0008-sysv-generator-translate-Required-Start-into-a-Wants.patch to adapt sysv-generator-test to the SUSE's specificity brought by this patch. - systemd-testsuite: some of the integration tests depend on the bin, daemon, games and nobody users/groups. - Drop _FORTIFY_SOURCE=2 workaround. Since commit 7929e180aa (v253) it shouldn't be needed anymore. - systemd.spec: preparation for the next version of systemd (i.e. v256), libkmod2 will be dlopened hence explicitly require it now as it doesn't hurt with the current version. However don't recommend it from systemd by assuming that when module loading from PID1 is needed, udev is installed. - Make systemd-doc subpackage noarch. ==== yast2-bootloader ==== Version update (5.0.8 -> 5.0.9) - Creating kernel options for systemd-boot. (bsc#1220892) - 5.0.9 ==== yast2-installation ==== Version update (5.0.8 -> 5.0.9) - Handle SystemdBoot mitigations. (bsc#1220892) - 5.0.9