Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20230319 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: ctags debianutils emacs flatpak (1.14.3 -> 1.14.4) gcc (12 -> 13) gcc13 (13.0.1+git5428 -> 13.0.1+git6669) gobject-introspection gpgme gpgmeqt highway (1.0.3 -> 1.0.4) kdeconnect-kde kdepim-runtime libqt5-qtbase (5.15.8+kde160 -> 5.15.8+kde183) libqt5-qtconnectivity (5.15.8+kde5 -> 5.15.8+kde8) libqt5-qtimageformats (5.15.8+kde6 -> 5.15.8+kde9) libqt5-qtlocation (5.15.8+kde3 -> 5.15.8+kde4) libqt5-qtmultimedia (5.15.8+kde1 -> 5.15.8+kde3) libqt5-qtwayland (5.15.8+kde57 -> 5.15.8+kde63) libstorage-ng (4.5.85 -> 4.5.86) lightdm lzo python-M2Crypto qemu salt vmaf xscreensaver === Details === ==== ctags ==== - mark u-a generics as non-%ghost ==== debianutils ==== - Move run-parts to /usr/bin, Run-parts runs just fast as regular user. ==== emacs ==== Subpackages: emacs-el emacs-eln emacs-info emacs-nox emacs-x11 etags - don't create ghosted files - mark ctags update-alternatives as non-%ghost ==== flatpak ==== Version update (1.14.3 -> 1.14.4) Subpackages: flatpak-remote-flathub flatpak-zsh-completion libflatpak0 system-user-flatpak - Update to version 1.14.4 (CVE-2023-28101, CVE-2023-28100): + Escape special characters when displaying permissions and metadata, preventing malicious apps from manipulating the appearance of the permissions list using crafted metadata (CVE-2023-28101, boo#1209410). + If a Flatpak app is run on a Linux virtual console (tty1, tty2, etc.), don't allow copy/paste via the TIOCLINUX ioctl (CVE-2023-28100). Note that this is specific to virtual consoles: Flatpak is not vulnerable to this if run from a graphical terminal emulator such as xterm, gnome-terminal or Konsole. (boo#1209411) + Updated translations. ==== gcc ==== Version update (12 -> 13) Subpackages: cpp libstdc++-devel - Switch gcc to default 13. ==== gcc13 ==== Version update (13.0.1+git5428 -> 13.0.1+git6669) Subpackages: libasan8 libatomic1 libgcc_s1 libgcc_s1-32bit libgfortran5 libgomp1 libitm1 liblsan0 libobjc4 libquadmath0 libstdc++6 libstdc++6-32bit libstdc++6-locale libstdc++6-pp libstdc++6-pp-32bit libtsan2 libubsan1 - Bump to 42630fadbe248717859d61c0244c821c32b4e52c, git6669. - Always enable the link mutex. - Bump to 529e03b9882fe48cfa3c182abb12a5858a5762a2, git6353. - Rebase gcc44-rename-info-files.patch patch. ==== gobject-introspection ==== Subpackages: girepository-1_0 libgirepository-1_0-1 - Update path regex used in gobjectintrospection.attr: the old one was not sufficiently escaped, which resulted in many more files being scanned than needed. ==== gpgme ==== Subpackages: libgpgme11 libgpgmepp6 - drop python2 subpackage handling. we do not support python 2.x anymore, and if we would it would happen via singlespec ==== gpgmeqt ==== - drop python2 subpackage handling. we do not support python 2.x anymore, and if we would it would happen via singlespec ==== highway ==== Version update (1.0.3 -> 1.0.4) - Update to release 1.0.4 * Add PPC8..10, SSE2, AVX3_ZEN4, NEON_WITHOUT_AES targets * Add Expand, LoadExpand, integer AbsDiff, SumsOf8AbsDiff * Improved Half/Twice support, codegen for Shift*Same * Faster KV128 sorting * Update RISC-V V intrinsics for 1.0-draft - Remove arm-disable-runtime-dispatch.patch (appears merged) ==== kdeconnect-kde ==== Subpackages: kdeconnect-kde-lang kdeconnect-kde-zsh-completion - Fix some potential scriptlet bugs and style issues - Automatically handle firewalld setup during initial install or final removal of kdeconnect-kde for openSUSE distros. (boo#1175627) - Drop kdeconnect-kde-firewalld.xml, service definition now shipped with firewalld package. * the 'kdeconnect-kde' firewalld service is migrated over to 'kdeconnect' ==== kdepim-runtime ==== Subpackages: kdepim-runtime-lang - Requires akonadi-server ==== libqt5-qtbase ==== Version update (5.15.8+kde160 -> 5.15.8+kde183) Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5OpenGL5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-mysql libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 libqt5-qtbase-platformtheme-gtk3 - Update to version 5.15.8+kde183: * Add nullptr guard in QStyleSheetStyle::drawPrimitive(PE_PanelLineEdit) * QAbstractItemView: don't access invalid indexes on copy-key * Apply CVE-2023-24607-qtbase-5.15.diff * QXcbConnection::getTimestamp: do not return stale timestamp * QToolButton: Elide text when constraints prevent from showing whole text * correctly set up ref counting in QThreadPool::tryStart(std::function) * Do not set Qt::ToolTip flag for QShapedPixmapWindow * Fix deletion order also for QImageReader/Writer::setDevice() * Fix deletion order in QImageReader/Writer destructors * QNetworkReply: Fix typos in the documentation * Doc: Fix typo in the online documentation template * Doc: Link to page documenting Qt trademarks in the copyright footer * [doc] Fix typo in QBuffer::setBuffer() description * qwindowsdrag: Fix typo in documentation * openglblacklists: Fix typo in description * qxcbscreen: Fix typo in documentation * Fix typos in SQL driver documentation * qxcbwindow.cpp: Fix sign-compare and another warnings * QToolButton: reimplement the fix for QTBUG-95255 * QSysInfo::prettyProductName(): Add macOS Ventura product name * QSysInfo::prettyProductName(): add missing macOS product names * xcb: correctly disconnect xsettings callbacks * ibus: add SetCursorLocationRelative in InputContext.xml ==== libqt5-qtconnectivity ==== Version update (5.15.8+kde5 -> 5.15.8+kde8) Subpackages: libQt5Bluetooth5 libQt5Bluetooth5-imports libQt5Nfc5 libQt5Nfc5-imports libqt5-qtconnectivity-tools - Update to version 5.15.8+kde8: * SDP scanner: encode input URLs and escape XML-specific characters * sdpscanner: fix URL processing * sdpscanner: fix potential unwanted truncation for SDP_TEXT_STR{8,16,32} ==== libqt5-qtimageformats ==== Version update (5.15.8+kde6 -> 5.15.8+kde9) - Update to version 5.15.8+kde9: * TGA Plugin: Fix reading of CMapDepth * Implement support for file memory mapping for tiff reading * Explicitly include QVarLengthArray header ==== libqt5-qtlocation ==== Version update (5.15.8+kde3 -> 5.15.8+kde4) Subpackages: libQt5Location5 libQt5Positioning5 libQt5PositioningQuick5 - Update to version 5.15.8+kde4: * Update mapbox-gl-native - Drop patches, now upstream: * 0001-Add-some-missing-cstdint-inclusions-872.patch ==== libqt5-qtmultimedia ==== Version update (5.15.8+kde1 -> 5.15.8+kde3) - Update to version 5.15.8+kde3: * Drop obsolete QtOpengl dependency * Pass explicit GL api when initializing GStreamer backend ==== libqt5-qtwayland ==== Version update (5.15.8+kde57 -> 5.15.8+kde63) Subpackages: libQt5WaylandClient5 libQt5WaylandCompositor5 - Update to version 5.15.8+kde63: * Client: Remove flip popup constraints * client: set_constraint_adjustment() for popups in xdg * client: Do not cast placeholder screens to QWaylandScreen * Client: Manage QMimeData lifecycle * client: Force a roundtrip when an XdgOutput is not ready yet * Client: Fix handling of Qt::BlankCursor ==== libstorage-ng ==== Version update (4.5.85 -> 4.5.86) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#919 - always delegate used_features from Action to Device - 4.5.86 ==== lightdm ==== Subpackages: liblightdm-gobject-1-0 lightdm-lang - Split bash-completion to separate sub-package ==== lzo ==== - adjust lzo-2.08-rhbz1309225.patch download reference - Build AVX2 enabled hwcaps library for x86_64-v3 ==== python-M2Crypto ==== - Adapt tests for OpenSSL v3.1.0 * Add openssl-adapt-tests-for-3.1.0.patch ==== qemu ==== Subpackages: qemu-accel-tcg-x86 qemu-audio-spice qemu-block-curl qemu-block-nfs qemu-block-rbd qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-host qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-ipxe qemu-ksm qemu-kvm qemu-lang qemu-microvm qemu-seabios qemu-sgabios qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios qemu-x86 - Fix bsc#1209064 - Backport the "acpi: cpuhp: fix guest-visible maximum access size to the legacy reg block" patch, as it makes developing and testing OVMF/EDK2 easier * Patches added: acpi-cpuhp-fix-guest-visible-maximum-acc.patch s390x-pci-reset-ISM-passthrough-devices-.patch s390x-pci-shrink-DMA-aperture-to-be-boun.patch ==== salt ==== Subpackages: python3-salt salt-master salt-minion salt-transactional-update - Require python3-jmespath runtime dependency (bsc#1209233) - Fix problem with detecting PTF packages (bsc#1208691) - Added: * skip-package-names-without-colon-bsc-1208691-578.patch - Fixes pkg.version_cmp on openEuler systems and a few other OS flavors - Added: * fixes-pkg.version_cmp-on-openeuler-systems-and-a-few.patch - Make pkg.remove function from zypperpkg module to handle also PTF packages - Added: * 3005.1-implement-zypper-removeptf-573.patch ==== vmaf ==== - Fix "no such built-in model" due to missing build dependency ==== xscreensaver ==== Subpackages: xscreensaver-data xscreensaver-data-extra xscreensaver-lang - Drop obsolete patch (bsc#1203594). - xscreensaver-slideshow-dri-detect.patch - Use autosetup