Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20230716 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: MozillaFirefox (115.0.1 -> 115.0.2) audit (3.0.9 -> 3.1.1) audit-secondary (3.0.9 -> 3.1.1) bind cryptsetup iproute2 (6.3 -> 6.4) kernel-source (6.4.2 -> 6.4.3) libHX (4.13 -> 4.14) libbpf (1.2.0 -> 1.2.2) libvirt (9.4.0 -> 9.5.0) python-libvirt-python (9.4.0 -> 9.5.0) qpdf (11.4.0 -> 11.5.0) rpm-config-SUSE (20220926 -> 20230712) texlive util-linux util-linux-systemd === Details === ==== MozillaFirefox ==== Version update (115.0.1 -> 115.0.2) Subpackages: MozillaFirefox-translations-common - Mozilla Firefox 115.0.2 * Fixed a bug with displaying a caret in the text editor on some websites (bmo#1840804) * Fixed a bug with broken audio rendering on some websites (bmo#1841982) * Fixed a bug with patternTransform translate using the wrong units (bmo#1840746) MFSA 2023-26 (bsc#1213230) * CVE-2023-3600 (bmo#1839703) Use-after-free in workers ==== audit ==== Version update (3.0.9 -> 3.1.1) Subpackages: libaudit1 libaudit1-32bit libauparse0 - Update to 3.1.1: * Add user friendly keywords for signals to auditctl * In ausearch, parse up URINGOP and DM_CTRL records * Harden auparse to better handle corrupt logs * Fix a CFLAGS propogation problem in the common directory * Move the audispd af_unix plugin to a standalone program - Add _multibuild to define additional spec files as additional flavors. Eliminates the need for source package links in OBS. - Enable livepatching on main library on x86_64. - Update to 3.1: * Disable ProtectControlGroups in auditd.service by default * Fix rule checking for exclude filter * Make audit_rule_syscallbyname_data work correctly outside of auditctl * Add new record types * Add io_uring support * Add support for new FANOTIFY record fields * Add keyword, this-hour, to ausearch/report start/end options * Add Requires.private to audit.pc file * Try to interpret OPENAT2 fields correctly ==== audit-secondary ==== Version update (3.0.9 -> 3.1.1) Subpackages: audit python3-audit system-group-audit - Update to 3.1.1: * Add user friendly keywords for signals to auditctl * In ausearch, parse up URINGOP and DM_CTRL records * Harden auparse to better handle corrupt logs * Fix a CFLAGS propogation problem in the common directory * Move the audispd af_unix plugin to a standalone program - Add _multibuild to define additional spec files as additional flavors. Eliminates the need for source package links in OBS. - Update to 3.1: * Disable ProtectControlGroups in auditd.service by default * Fix rule checking for exclude filter * Make audit_rule_syscallbyname_data work correctly outside of auditctl * Add new record types * Add io_uring support * Add support for new FANOTIFY record fields * Add keyword, this-hour, to ausearch/report start/end options * Add Requires.private to audit.pc file * Try to interpret OPENAT2 fields correctly ==== bind ==== Subpackages: bind-doc bind-utils - Enable dnstap support ==== cryptsetup ==== Subpackages: cryptsetup-doc cryptsetup-lang libcryptsetup12 - luksFormat: Handle system with low memory and no swap space [bsc#1211079] * Check for physical memory available also in PBKDF benchmark. * Try to avoid OOM killer on low-memory systems without swap. * Use only half of detected free memory on systems without swap. * Add patches: - cryptsetup-Check-for-physical-memory-available-also-in-PBKDF-be.patch - cryptsetup-Try-to-avoid-OOM-killer-on-low-memory-systems-withou.patch - cryptsetup-Use-only-half-of-detected-free-memory-on-systems-wit.patch ==== iproute2 ==== Version update (6.3 -> 6.4) Subpackages: iproute2-bash-completion - Update to release 6.4 * bridge: mdb: added underlay destination IP support, UDP destination port support, destination VNI support, source VNI support, outgoing interface support * macvlan: added the "bclim" parameter ==== kernel-source ==== Version update (6.4.2 -> 6.4.3) - Linux 6.4.3 (bsc#1012628). - mm: call arch_swap_restore() from do_swap_page() (bsc#1012628). - bootmem: remove the vmemmap pages from kmemleak in free_bootmem_page (bsc#1012628). - commit 5fb5b21 ==== libHX ==== Version update (4.13 -> 4.14) - Update to release 4.14 * socket: make HX_addrport_split work on portless bracketed hostspec ==== libbpf ==== Version update (1.2.0 -> 1.2.2) - update to v1.2.2: * fix a regression in perf tool caused by libbpf resetting its custom catch-all SEC() handler on explicit bpf_program__set_type() call * fix possible double-free in USDT-related libbpf code, which happens when libbpf runs out of space in __bpf_usdt_specs map due to having too many unique USDT specs ==== libvirt ==== Version update (9.4.0 -> 9.5.0) Subpackages: libvirt-client libvirt-daemon-common libvirt-daemon-config-network libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lock libvirt-daemon-log libvirt-daemon-plugin-lockd libvirt-daemon-proxy libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs - libxl: Improve handling of errors across migration phases bsc#1213186 - apparmor: Support local overrides in all profiles and abstractions spec: Don't replace /etc/apparmor.d/<profile> on package upgrade spec: No longer package empty /etc/apparmor.d/local/* files bsc#1211472 - Update to libvirt 9.5.0 - Many incremental improvements and bug fixes, see https://libvirt.org/news.html#v9-5-0-2023-07-03 - Add upstream commit 5f7f6ceb47 to fix builds on Leap 15.x - Drop downstream commit adding SUSE-specific migration parameters ==== python-libvirt-python ==== Version update (9.4.0 -> 9.5.0) - Update to 9.5.0 - Add all new APIs and constants in libvirt 9.5.0 ==== qpdf ==== Version update (11.4.0 -> 11.5.0) - Update to 11.5.0: * When copying the same page more than once, ensure that annotations are copied and not shared among multiple pages. * Add new method Buffer::copy and deprecate Buffer copy constructor and assignment operator. Buffer copies are expensive and should be done explicitly. * The source code was reformatted to 100 columns instead of 80. Numerous cosmetic changes and changes suggested by clang-tidy were made. ==== rpm-config-SUSE ==== Version update (20220926 -> 20230712) - Update to version 20230712: * Add more prjconf macros * update comment about _lto_cflags * drop %usrmerged macro (boo#1206798) * Fix SLE sbat macros used on Leap (bsc#1198458) ==== texlive ==== Subpackages: libkpathsea6 libsynctex2 - The rungs lua script belongs to texlive-scripts(-bin) only ==== util-linux ==== - Add patch to detect MD array as container of LUKS properly (boo#1213227, gh#util-linux/util-linux#2373): * 0001-Revert-libblkid-try-LUKS2-first-when-probing.patch ==== util-linux-systemd ==== - Add patch to detect MD array as container of LUKS properly (boo#1213227, gh#util-linux/util-linux#2373): * 0001-Revert-libblkid-try-LUKS2-first-when-probing.patch