Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20221215 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: 7zip elfutils-debuginfod gcc13 (12.2.1+git537 -> 13.0.0+git197351) gucharmap (14.0.3 -> 15.0.2) linux-glibc-devel (6.0 -> 6.1) mozilla-nss (3.84 -> 3.85) mozjs102 (102.5.0 -> 102.6.0) ovmf python-importlib-resources (5.10.0 -> 5.10.1) python-pycares (4.2.2 -> 4.3.0) rsyslog (8.2210.0 -> 8.2212.0) selinux-policy shotwell (0.31.5 -> 0.31.7) speech-dispatcher (0.10.2 -> 0.11.4) xorg-x11-server xwayland xz yast2-packager (4.5.8 -> 4.5.9) yast2-trans (84.87.20221203.a7355e12ff -> 84.87.20221210.680714a939) zlib === Details === ==== 7zip ==== - build for x86_64 subarchs the same way like for baseline ==== elfutils-debuginfod ==== Subpackages: debuginfod-profile libdebuginfod1 - Remove dependency to not used sysconfig package - Weaken systemd dependency, no hard requires necessary ==== gcc13 ==== Version update (12.2.1+git537 -> 13.0.0+git197351) Subpackages: libasan8 libatomic1 libgcc_s1 libgcc_s1-32bit libgfortran5 libgomp1 libitm1 liblsan0 libobjc4 libquadmath0 libstdc++6 libstdc++6-32bit libstdc++6-locale libstdc++6-pp libstdc++6-pp-32bit libtsan2 libubsan1 - Bump to 0a43f7b1a73c8e3b9cefffe430274d0a3d6d3291, git197351. - Bump libgo SONAME to libgo22. - Do not package libhwasan for biarch (32-bit architecture) as the extension depends on 64-bit pointers. - Sync cross.spec.in changes from gcc12 package. - Bump to 380d62c14c99d8df13b7a86660e7ee67d01ad827, git197210. - Adjust floatn fixincludes guard to work with SLE12 and earlier SLE15. - Bump to de144fdab17dbbb64ccb540056ab78b4ffb3fbbc, git197173. - Depend on at least LLVM 13 for GCN cross compiler. - Bump to 4304e09a1617bcf1c87f5bc96017ae5017379d75, git197155. - Rebase gcc44-rename-info-files.patch. - Bump to d13c359a49291f0a1206adbad4065677010b7e4b, git197143. - Sync changes from gcc12 package - Update embedded newlib to version 4.2.0 * includes newlib-4.1.0-aligned_alloc.patch - Allow cross-pru-gcc12-bootstrap for armv7l architecture. PRU architecture is used for real-time MCUs embedded into TI armv7l and aarch64 SoCs. We need to have cross-pru-gcc12 for armv7l in order to build both host applications and PRU firmware during the same build. - Bump to 2b0ae7fb91f64fb005abf7d7903fd4c0764bb45c, git197102. - Handle new libstdc++exp.a lib. - Bump to 5c0d171f67d082c353ddc319859111d3b9126c17, git196938. - Add 2 new headers. - Bump to b457b779427b0f7b3fbac447811c9c52db5bc79e, git196485. ==== gucharmap ==== Version update (14.0.3 -> 15.0.2) Subpackages: gucharmap-lang libgucharmap_2_90-7 - Update to version 15.0.2: + metainfo: Add screenshots and link them from metainfo. + build: Use GNOME module post_install(). + all: Update to unicode 15.0.0. + Updated translations. ==== linux-glibc-devel ==== Version update (6.0 -> 6.1) - Update to kernel headers 6.1 ==== mozilla-nss ==== Version update (3.84 -> 3.85) Subpackages: libfreebl3 libfreebl3-hmac libsoftokn3 libsoftokn3-hmac mozilla-nss-certs mozilla-nss-tools - update to NSS 3.85 * bmo#1792821 - Modification of the primes.c and dhe-params.c in order to have better looking tables * bmo#1796815 - Update zlib in NSS to 1.2.13 * bmo#1796504 - Skip building modutil and shlibsign when building in Firefox * bmo#1796504 - Use __STDC_VERSION__ rather than __STDC__ as a guard * bmo#1796407 - Fix -Wunused-but-set-variable warning from clang 15 * bmo#1796308 - Fix -Wtautological-constant-out-of-range-compare and -Wtype-limits warnings * bmo#1796281 - Followup: add missing stdint.h include * bmo#1796281 - Fix -Wint-to-void-pointer-cast warnings * bmo#1796280 - Fix -Wunused-{function,variable,but-set-variable} warnings on Windows * bmo#1796079 - Fix -Wstring-conversion warnings * bmo#1796075 - Fix -Wempty-body warnings * bmo#1795242 - Fix unused-but-set-parameter warning * bmo#1795241 - Fix unreachable-code warnings * bmo#1795222 - Mark _nss_version_c unused on clang-cl * bmo#1795668 - Remove redundant variable definitions in lowhashtest * Add note about python executable to build instructions. ==== mozjs102 ==== Version update (102.5.0 -> 102.6.0) - Update to version 102.6.0: + Various stability, functionality, and security fixes. + CVE-2022-46880: Use-after-free in WebGL. + CVE-2022-46872: Arbitrary file read from a compromised content process. + CVE-2022-46881: Memory corruption in WebGL. + CVE-2022-46874: Drag and Dropped Filenames could have been truncated to malicious extensions. + CVE-2022-46875: Download Protections were bypassed by .atloc and .ftploc files on Mac OS. + CVE-2022-46882: Use-after-free in WebGL. + CVE-2022-46878: Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6. ==== ovmf ==== Subpackages: qemu-ovmf-x86_64 - Add ovmf-OvmfPkg-PlatformInitLib-Fix-integrity-checking-faile.patch to avoid "NvVarStore Variable header State was invalid" issue when rebooting or booting second time. System hangs when booting. (bsc#1206078) The error message in ovmf log: Select Item: 0x19 Select Item: 0x25 Reserved variable store memory: 0x7FF7C000; size: 528kb NvVarStore Variable header State was invalid. ASSERT /home/abuild/rpmbuild/BUILD/edk2-edk2-stable202211/OvmfPkg/Library/PlatformInitLib/Platform.c(807): ((BOOLEAN)(0==1)) ==== python-importlib-resources ==== Version update (5.10.0 -> 5.10.1) - Update to v5.10.1 * v5.10.1 [#274]: Fixed ResourceWarning in _common. ==== python-pycares ==== Version update (4.2.2 -> 4.3.0) - Update to version 4.3.0 * Bump cibuildwheel to build for Python 3.11 + CI total time speedups by @Jackenmen in #174 Fix tests that depended on external sites by @Jackenmen in #180 Complete the Python 3.11 support by @Jackenmen in #179 Drop CPython 3.6 by @saghul in #181 Improve test compatibility with pytest by @saghul in #182 Update c-ares submodule to 1.18.1 by @saghul in #183 ==== rsyslog ==== Version update (8.2210.0 -> 8.2212.0) - Upgrade to rsyslog 8.2212.0 * 2022-12-05: testbench: make python http server based tests more reliable * 2022-12-05: omprog bugfix: invalid status handling at called program startup * 2022-11-29: testbench bugfix: wrong message injection object of instance 1 * 2022-11-21: rsyslog.conf man page bugfix: description of selectors * 2022-11-18: imtcp bugfix: legacy config directives did no longer work * 2022-11-16: ksi bugfix: sending of too many signing requests fixed. * 2022-11-14: bugfix: prevent potential segfault when switchung to queue emergency mode * 2022-11-02: imjournal: add second fallback to _COMM * 2022-10-25: core bugfix: local hostname invalid if no global() config object given * 2022-10-25: testbench bugfix: fixed timing issue that sometimes lead to test failure ==== selinux-policy ==== Subpackages: selinux-policy-targeted - Added policy for wicked scripts under /etc/sysconfig/network/scripts (bnc#1205770) - Add fix_sendmail.patch * fix context of custom sendmail startup helper * fix context of /var/run/sendmail and add necessary rules to manage content in there ==== shotwell ==== Version update (0.31.5 -> 0.31.7) Subpackages: shotwell-lang - Update to version 0.31.7: + Actually run database upgrade necessary for date/time changes. + Fix comparing unset date/time values. - Changes from version 0.31.6: + Improved interaction when exporting files that end up with a similar name. + Google Photos: Fix batch uploading. + Tumblr: Fix not remembering login credentials. + Improve handling of images that do not have a GPS altitude. + Have import from folder follow symlinks. + Add an user interface to interact with the new profile feature. + Make a couple of UI strings clearer. + Remove video interpreter state handling - completely broken and potentially responsible for causing indefinite re-checking of video files. + Improve touchpad scaling vs scrolling. + Always enable face tagging. Face detection and recognition is still opt-in on compile time due to the rather large OpenCV dependency. + Support creating hierarchical tags by using /a/sytax/with/slashes. + Use libportal to implement SendTo and Wallpaper settings. + Initial support for having multiple accounts per publishing service. So far only works for Piwigo instances. + Create a new plugin preferences panel (prepare for account management). + Convert all publishing processes to async libsoup3. With HTTPS/2 becoming more prominent, the old method broke really hard and was a bad habit anyway. + Fix an issue with the Saturation slider. + Remove a bunch of deprecated calls. + Remove deprecated date/time handling. Use DateTime more or less everywhere. + Allow media to have exposure dates before 1.1.1970 00:00. + Updated translations. - Drop -Dextra_plugins=true meson parameter: no longer supported. - Drop pkgconfig(gdk-3.0) BuildRequires: no longer needed. - Add pkgconfig(libportal-gtk3) BuildRequires: new dependency. ==== speech-dispatcher ==== Version update (0.10.2 -> 0.11.4) Subpackages: libspeechd2 python3-speechd - Update to version 0.11.4: - Update CLDR to version 42 and symbols from NVDA. - Fix audio plugin loading with dlopen. - Fix atomicity of getting reply in threaded mode. - Changes from 0.11.3: - Fix back DefaultModule configuration. - pico: Avoid falling to english when passed a bogus voice name. - espeak: Fix setting voice type. - Changes from 0.11.2: - Fix loading xx-yy locales. - Various memory leaks fixes. - Add mimic3 configuration file. - pico: Fix setting language vs voice. - Make sure that modules report a list of voices. - Update CLDR to version 41, symbols from NVDA and orca. - Allow building without ltdl. - Re-enable SSML in espeak-ng-mbrola module. - Changes from 0.11.1: - Add SPEECHD_PLUGIN_DIR environment variable. - Fix listing voices of the default module. - Changes from 0.11 - Support playing audio through the server. - modules: Add support for loading from user's .local/libexec/speech-dispatcher. - symbols: Process symbols.dic before emojis.dic. - symbols: Enable speechd symbols processing by default. - modules: Moved speech dispatcher modules to /usr/libexec/speech-dispatcher-modules - espeak-ng: Add support for mbrola voices. - mary: Add auto-detection. - mary: Add newer voices. - mary: Add volume, pitch, and rate support. - ivona: Add auto-detection. - festival: Strip head silence. - generic: Add DefaultVoice option. - es_ES: Add some gender neutral rules. - Add SPEECHD_CMD environment variable. - modules: Rewrite main functions with BSD licence, to let proprietary modules easily reuse this as a basis. - modules: Add skeletons ready for use as a basis for new modules. - Add script to run speechd from the build tree. - Update CLDR to version 39, symbols from NVDA and orca. - Add Esperanto translation. - Sort modules by quality, let the best quality module be the default. - Rebase harden_speech-dispatcherd.service.patch. - Migration to /usr/etc: Saving user changed configuration files in /etc and restoring them while an RPM update. - Added hardening to systemd service(s) (bsc#1181400). Added patch(es): * harden_speech-dispatcherd.service.patch ==== xorg-x11-server ==== Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra xorg-x11-server-sdk - U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch * XkbGetKbdByName use-after-free (ZDI-CAN-19530, CVE-2022-4283, bsc#1206017) - U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch * Server XTestSwapFakeInput stack overflow (ZDI-CAN 19265, CVE-2022-46340, bsc#1205874) - U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch * Xi: return an error from XI property changes if verification failed (no ZDI-CAN id, no CVE id, bsc#1205875) - U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch * Server XIChangeProperty out-of-bounds access (ZDI-CAN 19405, CVE-2022-46344, bsc#1205876) - U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch * Server XIPassiveUngrabDevice out-of-bounds access (ZDI-CAN 19381, CVE-2022-46341, bsc#1205877) - U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch * Server ScreenSaverSetAttributes use-after-free (ZDI-CAN 19404, CVE-2022-46343, bsc#1205878) - U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch * Server XvdiSelectVideoNotify use-after-free (ZDI-CAN 19400, CVE-2022-46342, bsc#1205879) ==== xwayland ==== - U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch * XkbGetKbdByName use-after-free (ZDI-CAN-19530, CVE-2022-4283, bsc#1206017) - U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch * Server XTestSwapFakeInput stack overflow (ZDI-CAN 19265, CVE-2022-46340, bsc#1205874) - U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch * Xi: return an error from XI property changes if verification failed (no ZDI-CAN id, no CVE id, bsc#1205875) - U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch * Server XIChangeProperty out-of-bounds access (ZDI-CAN 19405, CVE-2022-46344, bsc#1205876) - U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch * Server XIPassiveUngrabDevice out-of-bounds access (ZDI-CAN 19381, CVE-2022-46341, bsc#1205877) - U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch * Server ScreenSaverSetAttributes use-after-free (ZDI-CAN 19404, CVE-2022-46343, bsc#1205878) - U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch * Server XvdiSelectVideoNotify use-after-free (ZDI-CAN 19400, CVE-2022-46342, bsc#1205879) ==== xz ==== Subpackages: liblzma5 liblzma5-32bit xz-lang - Rename xz-static-devel -> xz-devel-static to follow the general naming used in openSUSE. ==== yast2-packager ==== Version update (4.5.8 -> 4.5.9) - Merged PR https://github.com/yast/yast-packager/pull/623 by Christopher Yeleighton <giecrilj@stegny.2a.pl>: Do not call [Install done] on aborted packages (boo#1203302) - 4.5.9 ==== yast2-trans ==== Version update (84.87.20221203.a7355e12ff -> 84.87.20221210.680714a939) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20221210.680714a939: * New POT for text domain 'kdump'. * New POT for text domain 'users'. * Translated using Weblate (Romanian) * Translated using Weblate (Macedonian) ==== zlib ==== Subpackages: libminizip1 libz1 zlib-devel - build zlib with optflags again