Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20240912 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: curl (8.9.1 -> 8.10.0) hivex (1.3.23 -> 1.3.24) libbpf (1.4.5 -> 1.4.6) openSUSE-release (20240911 -> 20240912) prctl (1.6 -> 1.7) python-greenlet (3.0.3 -> 3.1.0) python-httpx (0.27.0 -> 0.27.2) selinux-policy (20240905 -> 20240912) suse-module-tools (16.0.50 -> 16.0.51) === Details === ==== curl ==== Version update (8.9.1 -> 8.10.0) Subpackages: curl-zsh-completion libcurl4 - Update to version 8.10.0: * Security fixes: - [bsc#1230093, CVE-2024-8096] curl: OCSP stapling bypass with GnuTLS * Changes: - curl: make --rate accept "number of units" - curl: make --show-headers the same as --include - curl: support --dump-header % to direct to stderr - curl: support embedding a CA bundle and --dump-ca-embed - curl: support repeated use of the verbose option; -vv etc - curl: use libuv for parallel transfers with --test-event - vtls: stop offering alpn http/1.1 for http2-prior-knowledge * Bugfixes: - curl: allow 500MB data URL encode strings - curl: warn on unsupported SSL options - Curl_rand_bytes to control env override - curl_sha512_256: fix symbol collisions with nettle library - dist: fix reproducible build from release tarball - http2: fix GOAWAY message sent to server - http2: improve rate limiting of downloads - INSTALL.md: MultiSSL and QUIC are mutually exclusive - lib: add eos flag to send methods - lib: make SSPI global symbols use Curl_ prefix - lib: prefer `CURL_SHA256_DIGEST_LENGTH` over the unprefixed name - lib: remove the final strncpy() calls - lib: remove use of RANDOM_FILE - Makefile.mk: fixup enabling libidn2 - max-filesize.md: mention zero disables the limit - mime: avoid inifite loop in client reader - ngtcp2: use NGHTTP3 prefix instead of NGTCP2 for errors in h3 callbacks - openssl quic: fix memory leak - openssl: certinfo errors now fail correctly - openssl: fix the data race when sharing an SSL session between threads - openssl: improve shutdown handling - POP3: fix multi-line responses - pop3: use the protocol handler ->write_resp - progress: ratelimit/progress tweaks - rand: only provide weak random when needed - sectransp: fix setting tls version - setopt: make CURLOPT_TFTP_BLKSIZE accept bad values - sha256: fix symbol collision between nettle (GnuTLS) and OpenSSL - sigpipe: init the struct so that first apply ignores - smb: convert superflous assign into assert - smtp: add tracing feature - spnego_gssapi: implement TLS channel bindings for openssl - src: delete `curlx_m*printf()` aliases - ssh: deduplicate SSH backend includes (and fix libssh cmake unity build) - tool_operhlp: fix "potentially uninitialized local variable 'pc' used" - tool_paramhlp: bump maximum post data size in memory to 16GB - transfer: skip EOS read when download done - url: fix connection reuse for HTTP/2 upgrades - urlapi: verify URL *decoded* hostname when set - urldata: introduce `data->mid`, a unique identifier inside a multi - vtls: add SSLSUPP_CIPHER_LIST - vtls: fix static function name collisions between TLS backends - vtls: init ssl peer only once - websocket: introduce blocking sends - ws: flags to opcodes should ignore CURLWS_CONT flag - x509asn1: raise size limit for x509 certification information * Remove curl-sigpipe.patch upstream * Rebase curl-secure-getenv.patch ==== hivex ==== Version update (1.3.23 -> 1.3.24) - Update hivex to version 1.3.24 * no changelog provided ==== libbpf ==== Version update (1.4.5 -> 1.4.6) - update to 1.4.6: * BPF skeleton forward compatibility fix (f6f2402); * BTF endianness inheritance bug fix (fe28fae). ==== openSUSE-release ==== Version update (20240911 -> 20240912) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== prctl ==== Version update (1.6 -> 1.7) - version update to 1.7 * Added missing defines to Makefile.in * Replace pre-generated configure with configure.ac * Added missing function types in prctl.c - deleted patches - prctl-1.5-Makefile.patch (partially, upstreamed, the rest in) - prctl-1.5-warnings.patch (upstreamed) - prctl-gcc14.patch (upstreamed) - added patches + prctl-destdir.patch ==== python-greenlet ==== Version update (3.0.3 -> 3.1.0) - Update to 3.1.0 * Adds support for Python 3.13. * Greatly reduce the chances for crashes during interpreter shutdown. * Support for the following platforms was contributed by the community. Note that they are untested by this project's continuous integration services. + Hitachi's SuperH CPU + NetBSD on PowerPC + RISC-V with -fno-omit-frame-pointer - Drop port-to-python313.patch, merged upstream ==== python-httpx ==== Version update (0.27.0 -> 0.27.2) - update to 0.27.2: * Reintroduced supposedly-private `URLTypes` shortcut. * Support for `zstd` content decoding using the python `zstandard` package is added. Installable using `httpx[zstd]`. * Improved error messaging for `InvalidURL` exceptions. * Fix `app` type signature in `ASGITransport`. ==== selinux-policy ==== Version update (20240905 -> 20240912) Subpackages: selinux-policy-targeted - Update to version 20240912: * Allow systemd_ibft_rule_generator_t to create udev_rules_t dirs (bsc#1230011) * Allow systemd_udev_trigger_generator_t list and read sysctls (bsc#1230315) * Initial policy for udev-trigger-generator (bsc#1230315) - Update to version 20240910: * Allow init_t mount syslog socket (bsc#1230134) * Allow init_t create syslog files (bsc#1230134) * Introduce initial policy for btrfs-soft-reboot-generator (bsc#1230134) ==== suse-module-tools ==== Version update (16.0.50 -> 16.0.51) Subpackages: suse-module-tools-scriptlets - Update to version 16.0.51: * Improve handling of /boot/vmlinuz and /boot/initrd symlinks (boo#1207703) * Add preliminary support for mkosi-initrd * spec file: remove redundant dependency on sdbootutil