Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20240805 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: emacs-compat (29.1.4.5 -> 30.0.0.0) emacs-jinx (1.9 -> 1.10) google-noto-fonts (20240601 -> 20240801) gtk4 libzypp (17.35.6 -> 17.35.9) mozilla-nss (3.101.1 -> 3.102.1) openSUSE-release (20240803 -> 20240805) python-pygit2 (1.15.0 -> 1.15.1) shim-leap (15.4 -> 15.8) sudo virt-manager webkit2gtk3 === Details === ==== emacs-compat ==== Version update (29.1.4.5 -> 30.0.0.0) - Add back the install_info macro's for Leap, info triggers are not old enough for Leap - Add patch to fix Texinfo references inside the manual: 0002-compat.texi-Fix-references-to-Emacs-30.1-in-Support-.patch - Remove use deprecated install_info macro's - Rebase 0001-Add-install-target.patch against new upstream version - Update to version 30.0.0.0: * compat-28: Mark =subr-native-elisp-p= as obsolete (renamed in Emacs 30). * compat-30: New function =char-to-name=. * compat-30: New function =obarray-clear=. * compat-30: New function =interpreted-function-p=. * compat-30: New function =primitive-function-p=. * compat-30: New function =closurep=. * compat-30: Add extended function =sort= with keyword arguments. * compat-30: New function =value<=. * compat-30: Add extended =copy-tree= with support for copying records with non-nil optional second argument. * compat-30: New macro =static-if=. * compat-30: New alias =drop=. * compat-30: New function =merge-ordered-lists=. * compat-30: New variables =completion-lazy-hilit= and =completion-lazy-hilit-fn= and new function =completion-lazy-hilit=. * compat-30: New function =require-with-check=. * compat-30: New functions =find-buffer= and =get-truename-buffer=. * compat-30: Add extended =completion-metadata-get= with support for =completion-category-overrides= and =completion-extra-properties=. ==== emacs-jinx ==== Version update (1.9 -> 1.10) - Rebase p0001-Only-export-necessary-symbols.-Fixes-105.patch against version 1.10 - Update to version 1.10: * Add jinx--syntax-overrides to override syntax table ==== google-noto-fonts ==== Version update (20240601 -> 20240801) Subpackages: google-noto-sans-fonts google-noto-sans-symbols-fonts google-noto-sans-symbols2-fonts - Update to 20240801 * Sans Mongolian has its shaping rules updated to match UTN#57 * Serif Balinese fixed some overlaps * Nastaliq Urdu has most of its issues fixed ==== gtk4 ==== Subpackages: gtk4-lang gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0 - Add 0002-Revert-no-pointer-viewport.patch -- Fixes https://gitlab.gnome.org/GNOME/gtk/-/issues/6620 ==== libzypp ==== Version update (17.35.6 -> 17.35.9) - single_rpmtrans: fix installation of .src.rpms (bsc#1228647) - version 17.35.9 (35) - Make sure not to statically linked installed tools (bsc#1228787) - version 17.35.8 (35) - MediaPluginType must be resolved to a valid MediaHandler (bsc#1228208) - version 17.35.7 (35) ==== mozilla-nss ==== Version update (3.101.1 -> 3.102.1) Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs mozilla-nss-sysinit mozilla-nss-tools - update to NSS 3.102.1 * bmo#1905691 - ChaChaXor to return after the function - update to NSS 3.102 * bmo#1880351 - Add Valgrind annotations to freebl Chacha20-Poly1305. * bmo#1901932 - missing sqlite header. * bmo#1901080 - GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME. * bmo#1615298 - improve certutil keyUsage, extKeyUsage, and nsCertType keyword handling. * bmo#1660676 - correct length of raw SPKI data before printing in pp utility. - Require `sed` for mozilla-nss-sysinit, as setup-nsssysinit.sh depends on it and will create a broken, empty config, if sed is missing (bsc#1227918) - Added nss-fips-safe-memset.patch, fixing bsc#1222811. - Removed some dead code from nss-fips-constructor-self-tests.patch. - Rebased nss-fips-approved-crypto-non-ec.patch on above changes. - Added nss-fips-aes-gcm-restrict.patch, fixing bsc#1222830. - Updated nss-fips-approved-crypto-non-ec.patch, fixing bsc#1222813, bsc#1222814, bsc#1222821, bsc#1222822, bsc#1224118. - Updated nss-fips-approved-crypto-non-ec.patch and nss-fips-constructor-self-tests.patch, fixing bsc#1222807, bsc#1222828, bsc#1222834. - Updated nss-fips-approved-crypto-non-ec.patch, fixing bsc#1222804, bsc#1222826, bsc#1222833, bsc#1224113, bsc#1224115, bsc#1224116. ==== openSUSE-release ==== Version update (20240803 -> 20240805) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== python-pygit2 ==== Version update (1.15.0 -> 1.15.1) - Update to 1.15.1 * New `Repository.revert(...)` * New optional `depth` argument in submodules `add()` and `update()` methods * Now `Submodule.url` returns `None` when the submodule does not have a url * Fix use after free bug in error reporting * Fix `Submodule.head_id` when the submodule is not in the current HEAD tree * Fix `Submodule.open()` when subclassing `Repository` * Fix error in the test suite when running with address sanitizer * Annotations and documentation fixes - Fix version number for previous changelog entry ==== shim-leap ==== Version update (15.4 -> 15.8) - Update to shim to 15.8-shim-15.8-lp155.8.2.x86_64.rpm from openSUSE secure-boot 15.5 + Version: 15.8, "Jan 23 2024" + Align the outside shim-install with the one in RPM file. This is because all important fixes in outside shim-install are also fixed in shim-install of RPM file. For consistency purposes, the outside shim-install is updated in this version. + Include the bug fixes for bsc#1215099,bsc#1215098,bsc#1215100,bsc#1215101, bsc#1215102, and bsc#1215103. ==== sudo ==== Subpackages: sudo-plugin-python - A quick note that bsc#1227574 is expected behavior in this version of sudo. It was a regression in 15.6 which doesn't have the /etc/ split for pam.d yet. ==== virt-manager ==== Subpackages: virt-install virt-manager-common - bsc#1228384 - virt-install generates unwanted libvirt storage pools when running with --dry-run --print-xml virtinst-dont-create-storage-pool-for-dryrun.patch ==== webkit2gtk3 ==== Subpackages: WebKitGTK-4.1-lang libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Add CVE fixes: + webkit2gtk3-CVE-2024-40776.patch (boo#1228613 CVE-2024-40776) + webkit2gtk3-CVE-2024-40779.patch (boo#1228693 CVE-2024-40779) + webkit2gtk3-CVE-2024-40780.patch (boo#1228694 CVE-2024-40780) + webkit2gtk3-CVE-2024-40782.patch (boo#1228695 CVE-2024-40782)