New Tumbleweed snapshot 20230406 released!
Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20230406 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: adobe-sourcesans3-fonts (3.046 -> 3.052) gdb glibc grilo-plugins (0.3.15 -> 0.3.16) ibus ibus_gtk4 libXpm (3.5.14 -> 3.5.15) libvirt (9.1.0 -> 9.2.0) lua54 open-vm-tools openssl-1_1 poppler (23.03.0 -> 23.04.0) poppler-qt5 (23.03.0 -> 23.04.0) python-Pillow (9.4.0 -> 9.5.0) python-libvirt-python (9.1.0 -> 9.2.0) python-pbr python-pytz (2023.2 -> 2023.3) wireplumber (0.4.13 -> 0.4.14) wsdd xf86-input-libinput (1.2.1 -> 1.3.0) yast2-snapper (4.6.0 -> 4.6.1) zlib-ng-compat (2.0.6 -> 2.0.7) === Details === ==== adobe-sourcesans3-fonts ==== Version update (3.046 -> 3.052) - Update to 3.052: * Adds Medium weight requested by user. (GitHub issue #253) * Updates the design of several glyphs to arrive at more compact vertical metrics ==== gdb ==== - Fix license, again (bsc#1210081). ==== glibc ==== Subpackages: glibc-32bit glibc-devel glibc-extra glibc-lang glibc-locale glibc-locale-base nscd - getlogin-no-loginuid.patch: getlogin_r: fix missing fallback if loginuid is unset (bsc#1209229, BZ #30235) ==== grilo-plugins ==== Version update (0.3.15 -> 0.3.16) Subpackages: grilo-plugin-tracker grilo-plugins-lang - Update to version 0.3.16: + tracker3: update fts query + dmap: enable with libsoup3 supported libdmapsharing-4.0 + lua-factory: add support to 5.4 + build: libsoup3 related fixes + flickr: remove GOA support + tmdb: without config, fix single request + Updated translations. - Drop d1c0835d.patch: Fixed upstream. ==== ibus ==== Subpackages: ibus-dict-emoji ibus-gtk ibus-gtk3 ibus-lang libibus-1_0-5 typelib-1_0-IBus-1_0 - Fix key typing order * This prevents that keys get stuck in games with wine/proton (steam) * Added ibus-fix-key-release.patch ==== ibus_gtk4 ==== - Fix key typing order * This prevents that keys get stuck in games with wine/proton (steam) * Added ibus-fix-key-release.patch ==== libXpm ==== Version update (3.5.14 -> 3.5.15) - n_no-compress-on-sle.patch * we can't handle .Z files, since we don't have ncompress package on SLE; so disable this feature as before (bsc#1207031) - BuildRequires * removed again ncompress * added again autoconf, automake, libtool - run again autoreconf due to patch above - update to 3.5.15: * Use gzip -d instead of gunzip * Prevent a double free in the error code path * Fix CVE-2022-4883: compression commands depend on $PATH * Fix CVE-2022-44617: Runaway loop with width of 0 and enormous height * test: add test cases for CVE-2022-44617 (zero-width w/enormous height) * Fix CVE-2022-46285: Infinite loop on unclosed comments * test: add test case for CVE-2022-46285 (unclosed comments) * cxpm: getc/ungetc wrappers should not adjust position when c == EOF * test: Add unit tests using glib framework * configure: add --disable-open-zfile instead of requiring -DNO_ZPIPE * man pages: Apply standard man page style/formatting * man pages: Replace "See Also" entries with more useful ones * man pages: Fix typos and other minor editing - drop U_0001-configure-add-disable-open-zfile-instead-of-requirin.patch, U_0002-Fix-CVE-2022-46285-Infinite-loop-on-unclosed-comment.patch, U_0004-Fix-CVE-2022-44617-Runaway-loop-with-width-of-0-and-.patch, U_0005-Fix-CVE-2022-4883-compression-commands-depend-on-PAT.patch, U_regression-bug1207029_1207030_1207031.patch U_regression2-bug1207029_1207030_1207031.patch: upstream - switch urls to https - spec file cleanups - add gpg keyring validation ==== libvirt ==== Version update (9.1.0 -> 9.2.0) Subpackages: libvirt-client libvirt-daemon-common libvirt-daemon-config-network libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lock libvirt-daemon-log libvirt-daemon-plugin-lockd libvirt-daemon-proxy libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs - Update to libvirt 9.2.0 - Many incremental improvements and bug fixes, see https://libvirt.org/news.html#v9-2-0-2023-04-01 - Move to a more git-centric packaging workflow using tar_scm instead of download_files - New source README.packaging.txt - Remove now unused signature file and libvirt.keyring - Patches now maintained in git libxl-dom-reset.patch, network-don-t-use-dhcp-authoritative-on-static-netwo.patch, 0001-util-Don-t-spawn-pkttyagent-when-stdin-is-not-a-tty.patch, libvirt-power8-models.patch, ppc64le-canonical-name.patch, libxl-set-migration-constraints.patch, libxl-set-cach-mode.patch, 0001-libxl-add-support-for-BlockResize-API.patch, suse-libvirtd-disable-tls.patch, suse-libvirt-guests-service.patch, suse-qemu-conf.patch, suse-qemu-ovmf-paths.patch, libxl-support-block-script.patch, qemu-apparmor-screenshot.patch, libvirt-suse-netcontrol.patch, lxc-wait-after-eth-del.patch, suse-libxl-disable-autoballoon.patch, suse-xen-ovmf-paths.patch, virt-create-rootfs.patch, suse-fix-lxc-container-init.patch - Remove old, unused SUSEfirewall2 config file libvirtd-relocation-server.fw - Dropped patches: 4959490e-support-SUSE-edk2-firmware-paths.patch, bf3be5b7-libxl-Support-custom-firmware-path.patch, 705525cb-libxl-Support-custom-firmware-path-conversion.patch, ==== lua54 ==== - Added more numbered patches from upstream: * luabugs11.patch ==== open-vm-tools ==== Subpackages: libvmtools0 open-vm-tools-desktop - As per jsc-PED-1344, update spec file to only build the containerinfo plugin for TW/SLES 15 SP5 and newer. ==== openssl-1_1 ==== Subpackages: libopenssl1_1 libopenssl1_1-hmac - Security Fix: [CVE-2023-0465, bsc#1209878] * Invalid certificate policies in leaf certificates are silently ignored * Add openssl-CVE-2023-0465.patch - Security Fix: [CVE-2023-0466, bsc#1209873] * Certificate policy check not enabled * Add openssl-CVE-2023-0466.patch ==== poppler ==== Version update (23.03.0 -> 23.04.0) Subpackages: libpoppler-cpp0 libpoppler-glib8 poppler-tools - update to 23.04.0: * Fix memory issue when signing fails. Issue #1372 * Internal improvements of signature related code * CairoOutputDev: improve type3 font rendering * Fix memory leak in GlobalParams::findSystemFontFileForFamilyAndStyle * pdftocairo: Fix crash in some special situations * pdfsig: allow holes in -dump signature list * pdfsig: Support --help ==== poppler-qt5 ==== Version update (23.03.0 -> 23.04.0) - update to 23.04.0: * Fix memory issue when signing fails. Issue #1372 * Internal improvements of signature related code * CairoOutputDev: improve type3 font rendering * Fix memory leak in GlobalParams::findSystemFontFileForFamilyAndStyle * pdftocairo: Fix crash in some special situations * pdfsig: allow holes in -dump signature list * pdfsig: Support --help ==== python-Pillow ==== Version update (9.4.0 -> 9.5.0) - update to 9.5.0: * Added ImageSourceData to TAGS_V2 #7053 * Clear PPM half token after use #7052 * Removed absolute path to ldconfig #7044 * Support custom comments and PLT markers when saving JPEG2000 images #6903 * Load before getting size in __array_interface__ #7034 * Support creating BGR;15, BGR;16 and BGR;24 images, but drop support for BGR;32 #7010 * Consider transparency when applying APNG blend mask #7018 * Round duration when saving animated WebP images #6996 * Added reading of JPEG2000 comments #6909 * Decrement reference count #7003 * Allow libtiff_support_custom_tags to be missing #7020 * Improved I;16N support #6834 * Added QOI reading #6852 * Added saving RGBA images as PDFs #6925 * Do not raise an error if os.environ does not contain PATH * Close OleFileIO instance when closing or exiting FPX or MIC * Added __int__ to IFDRational for Python >= 3.11 #6998 * Added memoryview support to Dib.frombytes() #6988 * Close file pointer copy in the libtiff encoder if still open * Raise an error if ImageDraw co-ordinates are incorrectly ordered #6978 * Added "corners" argument to ImageDraw rounded_rectangle() * Added memoryview support to frombytes() #6974 * Allow comments in FITS images #6973 * Support saving PDF with different X and Y resolutions #6961 * [jvanderneutstulen, radarhere, hugovk] * Fixed writing int as UNDEFINED tag #6950 * Raise an error if EXIF data is too long when saving JPEG * Handle more than one directory returned by pkg-config #6896 * [sebastic, radarhere] * Do not retry past formats when loading all formats for the first time #6902 * Do not retry specified formats if they failed when opening * Do not unintentionally load TIFF format at first #6892 * Stop reading when EPS line becomes too long #6897 * Allow writing IFDRational to BYTE tag #6890 * Raise ValueError for BoxBlur filter with negative radius ==== python-libvirt-python ==== Version update (9.1.0 -> 9.2.0) - Update to 9.2.0 - Add all new APIs and constants in libvirt 9.2.0 ==== python-pbr ==== - Remove unneeded BuildRequires on pep517. ==== python-pytz ==== Version update (2023.2 -> 2023.3) - update to 2023.3: * Update to IANA 2023c ==== wireplumber ==== Version update (0.4.13 -> 0.4.14) Subpackages: libwireplumber-0_4-0 wireplumber-audio wireplumber-lang - Update to version 0.4.14: * Additions - Add support for managing Bluetooth-MIDI, complementing the parts that were merged in PipeWire recently. - Add a default volume configuration option for streams whose volume has never been saved before; that allows starting new streams at a lower volume than 100% by default, if desired. - Add support for managing link errors and propagating them to the client(s) involved. This allows better error handling on the application side in case a format cannot be negotiated - useful in video streams. - snd_aloop devices are now described as being "Loopback" devices. - ALSA nodes in the pro audio profile now get increased graph priority, so that they are more likely to become the driver in the graph. - Add support for disabling libcamera nodes & devices with node.disabled and device.disabled, like it works for ALSA and V4L2. - Drop reduce-meson-required-version.patch: openSUSE Leap 15.3 is no longer supported. - Drop patches already included upstream: * 0001-alsa-monitor-handle-snd_aloop-devices-better.patch * 0001-spa-json-make-sure-we-only-add-encoded-string-data.patch * 0001-m-lua-scripting-ignore-string-integer-table-keys-when-constructing-a-JSON-Array-Object.patch ==== wsdd ==== - Fix previous change: really limit the forced change to python 3.10 on suse_version <= 1500 (up to SLE/Leap 15); newer products already use python 3.10 (or newer) as default. ==== xf86-input-libinput ==== Version update (1.2.1 -> 1.3.0) - Update to version 1.3.0 The main feature in this version is support for the new 'custom' pointer acceleration profile in libinput 1.23.0. This acceleration profile is quite flexible, so it is exposed via several properties: - "libinput Accel Custom Fallback Points" and "libinput Accel Custom Fallback Step" - "libinput Accel Custom Motion Points" and "libinput Accel Custom Motion Step" - "libinput Accel Custom Scroll Points" and "libinput Accel Custom Scroll Points" For details on what these mean, please see the man page and the libinput documentation: https://wayland.freedesktop.org/libinput/doc/latest/pointer-acceleration.htm... In addition, the "libinput Accel Profiles Available" and "libinput Accel Profile Enabled" properties have been expanded to 3 values. For backwards compatibility, the "libinput Accel Profile Enabled" continues to support setting 2 values only. ==== yast2-snapper ==== Version update (4.6.0 -> 4.6.1) - Fixed translations: Moved variable message part out of _(...) (bsc#1209956) - 4.6.1 ==== zlib-ng-compat ==== Version update (2.0.6 -> 2.0.7) - Update to 2.0.7: * Fix CVE-2022-37434 #1328 * Fix chunkmemset #1196 * Fix deflateBound too small #1236 * Fix Z_SOLO #1263 * Fix ACLE variant of crc32 #1274 * Fix inflateBack #1311 * Fix deflate_quick windowsize #1431 * Fix DFLTCC bugs related to adler32 #1349 and #1390 * Fix warnings #1194 #1312 #1362 * MacOS build fix #1198 * Add invalid windowBits handling #1293 * Support for Force TZCNT #1186 * Support for aligned_alloc() #1360 * Minideflate improvements #1175 #1238 * Dont use unaligned access for memcpy #1309 * Build system #1209 #1233 #1267 #1273 #1278 #1292 #1316 #1318 #1365 * Test improvements #1208 #1227 #1241 #1353 * Cleanup #1266 * Documentation #1205 #1359 * Misc improvements #1294 #1297 #1306 #1344 #1348 * Backported zlib fixes * Backported CI workflows from Develop branch - Drop upstream patches: * 1297.patch * 0001-Add-one-extra-byte-to-return-value-of-compressBound-.patch
participants (1)
-
Dominique Leuenberger