Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20231003
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
GraphicsMagick (1.3.40 -> 1.3.42)
Mesa (23.1.8 -> 23.2.0)
Mesa-drivers (23.1.8 -> 23.2.0)
SDL2 (2.28.3 -> 2.28.4)
container-selinux (2.215.0 -> 2.222.0)
crypto-policies (20230614.5f3458e -> 20230920.570ea89)
dLeyna (0.8.2 -> 0.8.3)
glib2
gnome-remote-desktop (45.rc -> 45.0)
grub2
gtk4 (4.12.2 -> 4.12.3)
kbd (2.6.2 -> 2.6.3)
kdepim-runtime
libblockdev (3.0.2 -> 3.0.3)
libdecor (0.1.1 -> 0.2.0)
libsigc++2 (2.12.0 -> 2.12.1)
libsigc++3 (3.2.0 -> 3.6.0)
libwebp
mozjs115 (115.2.1 -> 115.3.1)
python-argparse-manpage (4.3 -> 4.5)
qalculate (4.8.0 -> 4.8.1)
qpdf (11.6.0 -> 11.6.1)
qt6-base (6.5.2 -> 6.5.3)
qt6-declarative (6.5.2 -> 6.5.3)
qt6-imageformats (6.5.2 -> 6.5.3)
qt6-translations (6.5.2 -> 6.5.3)
qt6-wayland (6.5.2 -> 6.5.3)
screen (4.9.0 -> 4.9.1)
shadow
systemd (254.3 -> 254.5)
tracker-miners (3.6.0 -> 3.6.1)
webkit2gtk3 (2.42.0 -> 2.42.1)
webkit2gtk3-soup2 (2.42.0 -> 2.42.1)
xdg-dbus-proxy (0.1.4 -> 0.1.5)
yast2-trans (84.87.20230922.91d997adab -> 84.87.20230930.5f9e01162a)
=== Details ===
==== GraphicsMagick ====
Version update (1.3.40 -> 1.3.42)
Subpackages: libGraphicsMagick++-Q16-12 libGraphicsMagick-Q16-3 libGraphicsMagick3-config
- version update to 1.3.42
Bug fixes:
* TIFF: Default the alpha channel to type EXTRASAMPLE_UNASSALPHA(2).
* BMP: Many fixes for reading esoteric BMP sub-formats.
* TranslateTextEx(): Revert change so now a NULL pointer is returned
when given an empty string. Some algorithms (e.g. montage) were
depending on this!.
* PAM: Fix reading comments.
* PNG: Added Add missing module aliases "PNG00", "PNG48", "PNG64", so
it is again possible to request these subformats directly.
* TIFF: For common formats with the required number of channels, but
one is an 'unspecified' channel, promote unspecified alpha to
unassociated alpha so that the alpha channel is not ignored.
* "Magick" command line emulation: Eliminate duplicate utility name
output in error messages
New Features:
* BMP: Added the ability to read and write BMP using JPEG compression.
Use '-define bmp:allow-jpeg' to allow use of JPEG compression.
* BMP: Added support for BI_ALPHABITFIELDS compression
* BMP: Added support for reading BMP with PNG compression.
- modified patches
% GraphicsMagick-disable-insecure-coders.patch (refreshed)
- deleted patches
- strlcpy-wrong-sizing.patch (upstreamed)
==== Mesa ====
Version update (23.1.8 -> 23.2.0)
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libOSMesa8 libgbm1
- Update to Mesa 23.2.0-rc4
- -> https://lists.freedesktop.org/archives/mesa-announce/2023-September/000731.h...
- supersedes U_llvmpipe-only-include-old-Transform-includes-when-ne.patch
- disabled u_fix-build-on-ppc64le.patch (no longer needed?)
- adjusted n_drirc-disable-rgb10-for-chromium-on-amd.patch
==== Mesa-drivers ====
Version update (23.1.8 -> 23.2.0)
Subpackages: Mesa-dri Mesa-gallium Mesa-libva libxatracker2
- Update to Mesa 23.2.0-rc4
- -> https://lists.freedesktop.org/archives/mesa-announce/2023-September/000731.h...
- supersedes U_llvmpipe-only-include-old-Transform-includes-when-ne.patch
- disabled u_fix-build-on-ppc64le.patch (no longer needed?)
- adjusted n_drirc-disable-rgb10-for-chromium-on-amd.patch
==== SDL2 ====
Version update (2.28.3 -> 2.28.4)
- Update to release 2.28.4
* Enable clipping for zero sized rectangles in the SDL renderer
* Notify X11 clipboard managers when the clipboard changes
* Fixed sensor timestamps for third-party PS5 controllers
* Added detection for Logitech and Simagic racing wheels
==== container-selinux ====
Version update (2.215.0 -> 2.222.0)
- Update to version 2.222:
* Allow containers to read/write inherited dri devices
- Update to version 2.221:
* Allow containers to shutdown sockets inherited from container
runtimes
* Allow spc_t to use execmod libraries on container file systems
* Add boolean to allow containers to read all cert files
* More MLS Policy allow rules
* Allow container runtimes using pasta bind icmp_socket to port_t
* Fix spc_t transitions from container_runtime_domain
==== crypto-policies ====
Version update (20230614.5f3458e -> 20230920.570ea89)
Subpackages: crypto-policies-scripts
- nss: Skip the NSS policy check if the mozilla-nss-tools package
is not installed. This avoids adding more dependencies in ring0.
* Add crypto-policies-nss.patch [bsc#1211301]
- Update to version 20230920.570ea89:
* fips-mode-setup: more thorough --disable, still unsupported
* FIPS:OSPP: tighten beyond reason for OSPP 4.3
* krb5: sort enctypes mac-first, cipher-second, prioritize SHA-2 ones
* openssl: implement relaxing EMS in FIPS (NO-ENFORCE-EMS)
* gnutls: prepare for tls-session-hash option coming
* nss: prepare for TLS-REQUIRE-EMS option coming
* NO-ENFORCE-EMS: add subpolicy
* FIPS: set __ems = ENFORCE
* cryptopolicies: add enums and __ems tri-state
* docs: replace `FIPS 140-2` with just `FIPS 140`
* .gitlab-ci: remove forcing OPENSSH_MIN_RSA_SIZE
* cryptopolicies: add comments on dunder options
* nss: retire NSS_OLD and replace with NSS_LAX 3.80 check
* BSI: start a BSI TR 02102 policy [jsc#PED-4933]
* Rebase patches:
- crypto-policies-policygenerators.patch
- crypto-policies-revert-rh-allow-sha1-signatures.patch
- crypto-policies-FIPS.patch
- Conditionally recommend the crypto-policies-scripts package
when python is not installed in the system [bsc#1215201]
==== dLeyna ====
Version update (0.8.2 -> 0.8.3)
- Update to version 0.8.3:
+ Build: Fix compatibility with Meson 1.2
+ Renderer: Fix locale initialization
+ Server:
- Fix locate initialization
- Fix uninitialized variable warning
- Properly handle optional actions
- Fix browse not working properly
- Drop 61d24fdc.patch: Fixed upstream.
- Change compression of tarball in service and spec to zst from xz.
==== glib2 ====
Subpackages: glib2-lang glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 libgthread-2_0-0
- Fix NetworkManager crashing repeatedly with glib 2.78.0;
(bsc#1215709); Add patch 0005-gthreadedresolver-Fix-race.patch
==== gnome-remote-desktop ====
Version update (45.rc -> 45.0)
Subpackages: gnome-remote-desktop-lang
- Update to version 45.0:
+ vnc: Also include DRM format modifiers when resizing PipeWire
stream.
+ rdp: Also include DRM format modifiers when resizing PipeWire
stream.
+ Updated translations.
- Change compression of tarball in service and spec to zst from xz.
- Drop dbus-1-daemon Requires, only needed for tests, and we are
not building them currently.
==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-xen
- Only build with fde-tpm-helper-rpm-macros for the architectures
supporting the newer UEFI and TPM 2.0.
* Also correct the location of %fde_tpm_update_requires
- Fix a boot delay regression in PowerPC PXE boot (bsc#1201300)
* 0001-ieee1275-ofdisk-retry-on-open-and-read-failure.patch
- Add the new BuildRequires for EFI builds for the better FDE
support: fde-tpm-helper-rpm-macros
+ Also add the the macros to %post and %posttrans
- Correct the type of allocated EFI pages for ARM64 kernel (bsc#1215151)
* arm64-Use-proper-memory-type-for-kernel-allocation.patch
==== gtk4 ====
Version update (4.12.2 -> 4.12.3)
Subpackages: gtk4-lang gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0
- Update to version 4.12.3:
+ GtkWindow: Don't assume titlebars are GtkHeaderBar
+ GtkTreeView: Fix a crash in gtk_tree_view_is_blank_at_pos
+ printing: Fix some issues with the portal implementation
+ GSK:
- Some optimizations in the GL renderer
- Fix memory leaks in the Broadway renderer
+ demos: Fix a crash in gtk4-demo
+ Updated translations.
==== kbd ====
Version update (2.6.2 -> 2.6.3)
Subpackages: kbd-legacy
- Update to version 2.6.3:
- libkfont:
* Don't look for fonts in the current directory.
- showkey:
* Add parameter to allow to change timeout.
- po:
* Update po files.
==== kdepim-runtime ====
Subpackages: kdepim-runtime-lang
- Add libetebase-devel to BuildRequires to enable the etesync resource for
factory builds
==== libblockdev ====
Version update (3.0.2 -> 3.0.3)
Subpackages: libbd_btrfs3 libbd_crypto3 libbd_fs3 libbd_loop3 libbd_lvm3 libbd_mdraid3 libbd_nvme3 libbd_part3 libbd_swap3 libbd_utils3 libblockdev3
- Update to version 3.0.3:
* Always use "--fs ignore" with lvresize
* nvme:
- Use interim buffer for nvme_get_log_sanitize()
- Generate HostID when missing
* tests:
- Specificy required versions when importing GLib and BlockDev
introspection
- Minor NVMe HostNQN fixes
- Replace deprecated unittest assert calls
* fs:
- Fix leaking directories with temporary mounts
- Fix memory leak
* crypto: Correctly convert passphrases from Python to C
==== libdecor ====
Version update (0.1.1 -> 0.2.0)
Subpackages: libdecor-0-0
- Update to version 0.2.0:
* Various bug and leak fixes.
* New gtk plugin.
- Update URL and source to new home.
- Add pkgconfig(gtk-3.0) BuildRequires, new dependency.
- Use ldconfig_scriptlets macro for post(un) handling.
==== libsigc++2 ====
Version update (2.12.0 -> 2.12.1)
- Update to version 2.12.1:
+ Documentation:
- slot, signal: Describe the slot syntax more
- connection: Improve the class documentation
- Improve Visual Studio build documentation
- Remove AUTHORS and add general information to README.md
+ Build:
- Meson:
. Don't copy files with configure_file()
. Fix the evaluation of is_git_build on Windows
- Visual Studio: Support static builds
- Use ldconfig_scriptlets macro for post(un) handling.
- Update URL to new home.
==== libsigc++3 ====
Version update (3.2.0 -> 3.6.0)
- Update to version 3.6.0:
+ sigc++config.h.*: Update and clean up a bit for Visual Studio
+ scoped_connection: New wrapper to auto-disconnect a slot
+ signal: Add connect_first()
+ Documentation:
- connection: Improve the class documentation
- Improve Visual Studio build documentation
- Remove AUTHORS and add general information to README.md
- manual: Add paragraph about new scoped_connection
+ Tests: Add test_scoped_connection
+ Build:
- Meson:
. Don't copy files with configure_file()
. Fix the evaluation of is_git_build on Windows
. Don't require the 'dot' command to build the documentation
- CMake: Prevent multiple target declaration for uninstall
- Visual Studio: Support static builds
- Use autosetup macro.
- Update to version 3.4.0:
+ Add track_object(), deprecate track_obj()
+ Add trackable_signal_with_accumulator and trackable_signal
+ Examples, tests:
- examples/member_method: Make on_print() non-virtual
- test_accumulated.cc: clang++ requires another 'template'
- test_limit_reference.cc: Don't use auto where a slot is
required
+ Documentation: signal::make_slot(): Note that signal does not
derive from trackable
+ Build:
- Meson, MSVC: Compensate for the lack of
msvc_recommended_pragmas.h
- Fix build with -Dbuild-deprecated-api=false
- Meson:
. Avoid configuration warnings
. Detect if we build from a git subtree
. Simplify lookup of python command
. Add build_tests option
- Use ldconfig_scriptlets macro for post(un) handling.
- Update URL to new home.
==== libwebp ====
Subpackages: libsharpyuv0 libwebp7 libwebpdecoder3 libwebpdemux2 libwebpmux3
- Add 0001-Fix-invalid-incremental-decoding-check.patch
A fuzzing finding fixed in the SLE/Leap updates
==== mozjs115 ====
Version update (115.2.1 -> 115.3.1)
- Update to version 115.3.1:
+ Security fix: CVE-2023-5217: Heap buffer overflow in libvpx.
- Changes from version 115.3.0:
+ Various security fixes and other quality improvements.
+ CVE-2023-5168: Out-of-bounds write in FilterNodeD2D1
+ CVE-2023-5169: Out-of-bounds write in PathOps
+ CVE-2023-5171: Use-after-free in Ion Compiler
+ CVE-2023-5174: Double-free in process spawning on Windows
+ CVE-2023-5176: Memory safety bugs fixed in Firefox 118, Firefox
ESR 115.3, and Thunderbird 115.3
==== python-argparse-manpage ====
Version update (4.3 -> 4.5)
- update to 4.5:
* We newly provide build_manpages.build_py and build_manpages.install
command classes that are re-usable from pyproject.toml.
No need to provide setup.py because of argparse-manpage.
* The prog= specifier (in setup.py/setup.cfg/pyproject.toml) is
now better handled so it doesn't conflict with
ArgumentParser(prog=..).
==== qalculate ====
Version update (4.8.0 -> 4.8.1)
Subpackages: libqalculate22 qalculate-data
- version update to 4.8.1
* Fix besselj() and bessely()
* Fix display of matrices and vectors with complex number form other than
rectangular (default)
* Fix conflict between decibel units (e.g. "0dB") and duodecimal 0d⦠syntax
(now requires at least two digits)
* Fixes for title options in plot() function
* Add additional buttons and button menus to general keypad (Qt)
* Add option to show all functions, units, and variables in tool button
menus (Qt)
* Add recently used objects to functions, units, and variables menus (Qt)
* Add option to bypass dialog for functions in menu (Qt)
* Add option, in context menu, to display text for tool buttons (Qt)
* Open functions, units, and variables tool button menus using long-press
or right-click (in addition to arrow button), and add keyboard shortcuts (Qt)
* Use keypad tool button menu as context menu and show keypad type in
title bar of keypad (Qt)
* Auto-update number bases above programming keypad when entering simple
integers, even if calculate-as-you-type is deactivated (GTK)
==== qpdf ====
Version update (11.6.0 -> 11.6.1)
- version update to 11.6.1
* Bug fixes:
- Fix a logic error introduced in 11.6.0 in the fix to copyForeignObject.
The bug could result in some pages not being copied.
==== qt6-base ====
Version update (6.5.2 -> 6.5.3)
Subpackages: libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6Sql6 libQt6Test6 libQt6Widgets6 qt6-network-tls qt6-platformtheme-gtk3
- Update to 6.5.3
* https://www.qt.io/blog/qt-6.5.3-released
- Drop patch, merged upstream:
* CVE-2023-38197-qtbase-6.5.diff
- Enable the experimental native painting feature to improve
remote desktop performances (boo#1214915)
exporting QT_XCB_NATIVE_PAINTING is required to use the feature.
==== qt6-declarative ====
Version update (6.5.2 -> 6.5.3)
Subpackages: libQt6LabsAnimation6 libQt6LabsFolderListModel6 libQt6LabsQmlModels6 libQt6LabsSettings6 libQt6LabsSharedImage6 libQt6LabsWavefrontMesh6 libQt6Qml6 libQt6QmlCore6 libQt6QmlLocalStorage6 libQt6QmlModels6 libQt6QmlWorkerScript6 libQt6QmlXmlListModel6 libQt6Quick6 libQt6QuickControls2-6 libQt6QuickControls2Impl6 libQt6QuickDialogs2-6 libQt6QuickDialogs2QuickImpl6 libQt6QuickDialogs2Utils6 libQt6QuickEffects6 libQt6QuickLayouts6 libQt6QuickParticles6 libQt6QuickShapes6 libQt6QuickTemplates2-6 libQt6QuickTest6 qt6-declarative-imports
- Update to 6.5.3
* https://www.qt.io/blog/qt-6.5.3-released
==== qt6-imageformats ====
Version update (6.5.2 -> 6.5.3)
- Update to 6.5.3
* https://www.qt.io/blog/qt-6.5.3-released
==== qt6-translations ====
Version update (6.5.2 -> 6.5.3)
- Update to 6.5.3
* https://www.qt.io/blog/qt-6.5.3-released
==== qt6-wayland ====
Version update (6.5.2 -> 6.5.3)
Subpackages: libQt6WaylandClient6 libQt6WaylandCompositor6 libQt6WaylandEglClientHwIntegration6 libQt6WaylandEglCompositorHwIntegration6 libQt6WlShellIntegration6
- Update to 6.5.3
* https://www.qt.io/blog/qt-6.5.3-released
==== screen ====
Version update (4.9.0 -> 4.9.1)
- update to 4.9.1 (bsc#1210272, CVE-2023-24626):
* Support stop/parity bits on serial port
* Add needed system headers in checks and return values
for implicit function declarations
* Avoid zombies after shell exit
* Missed signal sending permission check on failed
query messages (CVE-2023-24626)
* manpage fixes
* source code fixes during cleanup
* UTF-8 encoding can emit invalid UTF-8 sequences
* for out of range unicode values
==== shadow ====
Subpackages: libsubid4 login_defs
- Add shadow-4.14.0-selinux-labels.patch:
Set proper SELinux labels for new homedirs.
See gh/shadow-maint/shadow#812.
==== systemd ====
Version update (254.3 -> 254.5)
Subpackages: libsystemd0 libsystemd0-32bit libudev1 systemd-32bit systemd-container systemd-coredump systemd-lang udev
- Import commit 9674bb256205e6c643feadbcccfd1ee8feeee684 (merge of v254.5)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/6ed5b11298005e07509832881a0c5ff1...
- Make sure to call %sysusers_create only when transfiletrigger is disabled.
- systemd.spec: switch to %ldconfig_scriptlets
- systemd.spec: add `%tmpfiles_create systemd-resolve`
It's only needed by SLE distros since systemd packages rely on
transtriggerfiles in Factory.
- Import commit 6ed5b11298005e07509832881a0c5ff1a80bf225 (merge of v254.4)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/b6b4e5a8a82d1f13f265a4ef170f2d13...
==== tracker-miners ====
Version update (3.6.0 -> 3.6.1)
Subpackages: tracker-miner-files tracker-miners-lang
- Update to version 3.6.1:
+ Avoid the special thread in tracker-extract-3, and extend the
seccomp jail to the full process.
+ Updated translations.
- Add a tracker_basever define, and set it to 3.6. We have a hard
Requires on what tracker version is needed and it is currently
set at the same or newer version, change this to tracker_basever
(tracker-miners have never been at a higher patch version
before).
==== webkit2gtk3 ====
Version update (2.42.0 -> 2.42.1)
Subpackages: WebKitGTK-4.1-lang libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles
- Update to version 2.42.1:
+ Fix enable-html5-database setting to properly enable/disable
IndexedDB API.
+ Fix the build with GBM disabled.
+ Fix several crashes and rendering issues.
- switch to pkgconfig(icu-i18n) instead of libicu-devel, to allow
switching to a different libicu*-devel (jsc#PED-6193)
==== webkit2gtk3-soup2 ====
Version update (2.42.0 -> 2.42.1)
Subpackages: WebKitGTK-4.0-lang libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles
- Update to version 2.42.1:
+ Fix enable-html5-database setting to properly enable/disable
IndexedDB API.
+ Fix the build with GBM disabled.
+ Fix several crashes and rendering issues.
- switch to pkgconfig(icu-i18n) instead of libicu-devel, to allow
switching to a different libicu*-devel (jsc#PED-6193)
==== xdg-dbus-proxy ====
Version update (0.1.4 -> 0.1.5)
- Update to version 0.1.5:
+ Fix handling of object paths > 255 bytes
+ Print better errors when message parsing fails
+ Optionally install tests for "as-installed" testing
==== yast2-trans ====
Version update (84.87.20230922.91d997adab -> 84.87.20230930.5f9e01162a)
Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sr yast2-trans-sv yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu
- Update to version 84.87.20230930.5f9e01162a:
* Translated using Weblate (Italian)
* Translated using Weblate (Italian)
* Translated using Weblate (Italian)
* Translated using Weblate (Italian)
* Translated using Weblate (Italian)
* Translated using Weblate (Italian)
* Translated using Weblate (Spanish)
* Translated using Weblate (Spanish)
* Translated using Weblate (Spanish)
* Translated using Weblate (Spanish)
* New POT for text domain 'storage'.