New Tumbleweed snapshot 20221003 released!
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20221003
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
PackageKit
amarok
exiv2
gptfdisk
hplip
libbluray (1.3.2 -> 1.3.3)
libcap (2.65 -> 2.66)
libglvnd (1.4.0 -> 1.5.0)
libopenmpt (0.6.4 -> 0.6.6)
libpng16 (1.6.37 -> 1.6.38)
libreoffice
libva (2.15.0 -> 2.16.0)
libva-gl (2.15.0 -> 2.16.0)
libverto (0.3.1 -> 0.3.2)
libyuv
links (2.27 -> 2.28)
lttng-modules (2.13.4_k5.19.12_1 -> 2.13.7_k5.19.12_1)
osinfo-db (20220727 -> 20220830)
patterns-kde (20220215 -> 20221001)
perl-IO-Socket-SSL (2.074 -> 2.075)
permissions
popt (1.18 -> 1.19)
pragha
python-cryptography (37.0.4 -> 38.0.1)
python-pyspnego (0.4.0 -> 0.5.0)
python-pyudev (0.23.2+14 -> 0.24.0)
python-requests-toolbelt
tdb (1.4.6 -> 1.4.7)
xapian-core (1.4.20 -> 1.4.21)
yast2-network (4.5.7 -> 4.5.8)
=== Details ===
==== PackageKit ====
Subpackages: PackageKit-backend-zypp PackageKit-gstreamer-plugin PackageKit-gtk3-module PackageKit-lang libpackagekit-glib2-18 typelib-1_0-PackageKitGlib-1_0
- Add PackageKit-zypp-dont-remove-locked-packages.patch: zypp:
Check if packages are locked before removing
(gh#PackageKit/PackageKit/commit/8649a07bc, bsc#1199895).
- Add PackageKit-zypp-add-repo-in-packageid.patch: zypp: add
repository data in package id
(gh#PackageKit/PackageKit/commit/8eb2ef0ae, bsc#1202585).
- Remove PackageKit-zypp-locked-packages.patch: reverted upstream
(gh#PackageKit/PackageKit/commit/ed3e38043).
==== amarok ====
- Use FFmpeg 4 to build amarok on Tumbleweed. The FFmpeg 5 port
needs more work.
==== exiv2 ====
- add tracker for SLE (jsc#PED-1393)
==== gptfdisk ====
- Add patch to fix sgdisk with popt 1.19:
* 0001-Fix-failure-crash-of-sgdisk-when-compiled-with-lates.patch
==== hplip ====
Subpackages: hplip-hpijs hplip-sane
- Move the hplip-udev-rules requirement from hplip to hplip-hpijs.
The main package will get it via indirect dependencies then.
- Split off hplip-udev-rules hplip-udev-rules so that you can install
hplip-sane only and scan as a normal user, fixes boo#1203811
==== libbluray ====
Version update (1.3.2 -> 1.3.3)
- update to 1.3.3:
* Initial support for Java 18.
* Add support for OpenBSD operating system.
* Improve support for FreeBSD, NetBSD and DragonFlyBSD
* Improve Java 17 support.
==== libcap ====
Version update (2.65 -> 2.66)
Subpackages: libcap2 libcap2-32bit
- update to 2.66:
* Fix documentation typos in cap_from_text.3
* Some getpcaps code clean up and a fix for PID argument parsing from Jakub
Wilk.
* Slightly more robust Makefiles to address an error with make -j48 test observed
* Include a simple Go program, captrace, to trace kernel capability validation
checks
* This program can be used to figure out what capabilities a program needs to
operate.
* captrace (a wrapper for bpftrace) uses BPF kprobes to monitor the kernel for
capability checks and whether or not they succeed for the system, a specific
PID or a program's direct execution.
* Trim down the default file capabilities for contrib/sucap/su to those actually
needed and set USER and HOME environment variables so bash doesn't complain
about a sourcing error.
==== libglvnd ====
Version update (1.4.0 -> 1.5.0)
Subpackages: libglvnd-32bit
- update to 1.5.0:
* Add BTI landing pads for aarch64
* Set current thread state to NULL in teardown
* Moving setspecific to before DestroyThreadState
* Fix a memory leak in libGLdispatch
* Use assembly stubs on armv6
- drop libglvnd-add-bti.patch (upstream)
==== libopenmpt ====
Version update (0.6.4 -> 0.6.6)
- Update to 0.6.6
* [Sec] Possible crash when playing manipulated IT / MPTM files
with a T00 command.
* MTM: In MultiTracker, setting speed and tempo are mutually
exclusive commands. Still, some MultiTracker modules were made
to be played with external players such as DMP, so they
actually rely on âstandardâ speed / tempo behaviour. Decide
which behaviour to use by checking of speed and tempo commands
are found on the same row.
* MTM: Ignore sample loops if the loop end is <= 2.
* Echo DMO: Migrate left and right delay values in modules made
with OpenMPT versions between 1.27.01.00 and 1.30.05.00 to the
correct interpretation.
- Changes in 0.6.5:
* [Bug] Makefile now also uses CC, CXX, LD, and AR when set as
environment variables.
* [New] Makefile now uses PKG_CONFIG as path to pkg-config.
* DBM: Sample middle-C frequencies were slightly off.
laffik_-_marynarze.dbm sounds much more bearable now.
* DBM: Fixed pattern break parameter interpretation.
* Echo DMO: Setting the delay parameter to 0 yielded a 2-second
echo delay instead of 1ms.
* Digi Booster Echo: Setting the delay parameter to 0 yielded a
510ms echo delay instead of approximately 334ms.
==== libpng16 ====
Version update (1.6.37 -> 1.6.38)
Subpackages: libpng16-16 libpng16-16-32bit
- update to 1.6.38:
* Added configurations and scripts for continuous integration.
* Fixed various errors in the handling of tRNS, hIST and eXIf.
* Implemented many stability improvements across all platforms.
* Updated the internal documentation.
==== libreoffice ====
Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-en_GB libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-pt_BR libreoffice-l10n-ru libreoffice-l10n-zh_CN libreoffice-l10n-zh_TW libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit
- Change egrep/fgrep calls to grep -E/-F, respectively boo#1203092
add libreoffice-7.4.1.2-grep.patch
==== libva ====
Version update (2.15.0 -> 2.16.0)
Subpackages: libva-drm2 libva-x11-2 libva2
- update to 2.16.0:
* add: Add HierarchicalFlag & hierarchical_level_plus1 for AV1e.
* dep: Update README.md to remove badge links
* dep: Removed waffle-io badge from README to fix broken link
* dep: Drop mailing list, IRC and Slack
* autotools: use wayland-scanner private-code
* autotools: use the wayland-scanner.pc to locate the prog
* meson: use wayland-scanner private-code
* meson: request native wayland-scanner
* meson: use the wayland-scanner.pc to locate the prog
* meson: set HAVE_VA_X11 when applicable
* style:Correct slight coding style in several new commits
* trace: add Linux ftrace mode for va trace
* trace: Add missing pthread_mutex_destroy
* drm: remove no-longer needed X == X mappings
* drm: fallback to drm driver name == va driver name
* drm: simplify the mapping table
* x11: simplify the mapping table
- No code changes
- Update to version 2.15.0 was part of Intel oneVPL GPU Runtime
2022Q2 Release 22.4.4
==== libva-gl ====
Version update (2.15.0 -> 2.16.0)
Subpackages: libva-glx2 libva-wayland2
- update to 2.16.0:
* add: Add HierarchicalFlag & hierarchical_level_plus1 for AV1e.
* dep: Update README.md to remove badge links
* dep: Removed waffle-io badge from README to fix broken link
* dep: Drop mailing list, IRC and Slack
* autotools: use wayland-scanner private-code
* autotools: use the wayland-scanner.pc to locate the prog
* meson: use wayland-scanner private-code
* meson: request native wayland-scanner
* meson: use the wayland-scanner.pc to locate the prog
* meson: set HAVE_VA_X11 when applicable
* style:Correct slight coding style in several new commits
* trace: add Linux ftrace mode for va trace
* trace: Add missing pthread_mutex_destroy
* drm: remove no-longer needed X == X mappings
* drm: fallback to drm driver name == va driver name
* drm: simplify the mapping table
* x11: simplify the mapping table
- No code changes
- Update to version 2.15.0 was part of Intel oneVPL GPU Runtime
2022Q2 Release 22.4.4
==== libverto ====
Version update (0.3.1 -> 0.3.2)
Subpackages: libverto1 libverto1-32bit
- update to 0.3.2:
* Fix use-after-free in verto_reinitialize
* Fix use-after-free in verto_free()
* Remove broken tevent support
==== libyuv ====
- Use YUV_VERSION for library VERSION and YUV_VER_MAJOR for
SOVERSION
==== links ====
Version update (2.27 -> 2.28)
- update to 2.28:
* Disable cache when following redirects from consent.google.com
* Fix a display glitch on framebuffer, if the user doesn't have mouse and
if he presses F5, F6, F7 or F8
==== lttng-modules ====
Version update (2.13.4_k5.19.12_1 -> 2.13.7_k5.19.12_1)
- Update to version 2.13.7 (changes since 2.13.4):
* Fix: incorrect stub prototypes when
CONFIG_HAVE_SYSCALL_TRACEPOINTS=n.
* Fix: mm/tracing: add 'accounted' entry into output of
allocation tracepoints (v6.0).
* Fix: block: remove bdevname (v6.0).
* Fix: fs/jbd2: Fix the documentation of the
jbd2_write_superblock() callers (v6.0).
* Fix: tie compaction probe build to CONFIG_COMPACTION.
* Fix: net: skb: introduce kfree_skb_reason() (v5.15.58..v5.16).
* Fix: workqueue: Fix type of cpu in trace event (v5.19).
* Fix: fs: Remove flags parameter from aops->write_begin (v5.19).
* Fix: mm/page_alloc: fix tracepoint mm_page_alloc_zone_locked()
(v5.19).
* Fix: bytecode validator: reject specialised load field/context
ref instructions.
* Fix: bytecode validator: reject specialised load instructions.
* Fix: honour "user" attribute for array/sequence of user integers.
* wrapper: powerpc64: fix kernel crash caused by do_get_kallsyms.
* Fix: event notification: Remove duplicate event enabled check.
* Fix: event notification capture: validate buffer length.
* Fix: handle capture page faults as skip field.
* Fix: event notification capture error handling.
* Fix: capture_sequence_element_{un,}signed: handle user-space
input.
* Fix: notification capture: handle userspace strings.
* Implement lttng_msgpack_write_user_str.
* Fix: bytecode interpreter: LOAD_FIELD: handle user fields.
* Fix: move "user" attribute from field to type.
* Introduce lttng_copy_from_user_check_nofault.
* Fix: adjust range v5.10.137 in block probe.
* Fix: handle integer capture page faults as skip field.
- Drop lttng-modules-2.13.4-linux-5.19.patch: merged upstream.
==== osinfo-db ====
Version update (20220727 -> 20220830)
- Update to database version 20220830
osinfo-db-20220830.tar.xz
==== patterns-kde ====
Version update (20220215 -> 20221001)
Subpackages: patterns-kde-kde patterns-kde-kde_edutainment patterns-kde-kde_games patterns-kde-kde_ide patterns-kde-kde_imaging patterns-kde-kde_internet patterns-kde-kde_multimedia patterns-kde-kde_office patterns-kde-kde_pim patterns-kde-kde_plasma patterns-kde-kde_utilities patterns-kde-kde_utilities_opt patterns-kde-kde_yast
- Update the Qt6 pattern for the 6.4.0 release
- Remove obsolete or missing packages from KDE patterns
==== perl-IO-Socket-SSL ====
Version update (2.074 -> 2.075)
- updated to 2.075
see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes
2.075
- treat SSL_write returning 0 same as previously -1, as suggested by both
OpenSSL and LibreSSL documentation
- propagate error from SSL_shutdown, but if the shutdown is caused by an outer
SSL error keep the original error
- small tests fixes
==== permissions ====
Subpackages: chkstat permissions-config
- skip tests on qemu user builds
==== popt ====
Version update (1.18 -> 1.19)
Subpackages: libpopt0 libpopt0-32bit popt-lang
- popt 1.19:
* various build system fixes
* various developer visible fixes
* Fix the handling of superfluous args passed with =
* Fix multiple resource and memory leaks
* Fix '=' getting shown for short options
* Improve random number handling
* translation updates and documentation improvements
- refresh spec file, run tests, package license in every package,
and treat all compiler warnings and errors
==== pragha ====
Subpackages: pragha-lang
- Bump gupnp version requirement to fix Tumbleweed build
==== python-cryptography ====
Version update (37.0.4 -> 38.0.1)
- update to 38.0.1:
* Fixed parsing TLVs in ASN.1 with length greater than 65535 bytes (typically
seen in large CRLs).
* Final deprecation of OpenSSL 1.1.0. The next release of ``cryptography``
will drop support.
* We no longer ship ``manylinux2010`` wheels. Users should upgrade to the
latest ``pip`` to ensure this doesn't cause issues downloading wheels on
their platform. We now ship ``manylinux_2_28`` wheels for users on new
enough platforms.
* Updated the minimum supported Rust version (MSRV) to 1.48.0, from 1.41.0.
Users with the latest ``pip`` will typically get a wheel and not need Rust
installed, but check :doc:`/installation` for documentation on installing a
newer ``rustc`` if required.
* :meth:`~cryptography.fernet.Fernet.decrypt` and related methods now accept
both ``str`` and ``bytes`` tokens.
* Parsing ``CertificateSigningRequest`` restores the behavior of enforcing
that the ``Extension`` ``critical`` field must be correctly encoded DER. See
`the issue https://github.com/pyca/cryptography/issues/6368`_ for complete
details.
* Added two new OpenSSL functions to the bindings to support an upcoming
``pyOpenSSL`` release.
* When parsing :class:`~cryptography.x509.CertificateRevocationList` and
:class:`~cryptography.x509.CertificateSigningRequest` values, it is now
enforced that the ``version`` value in the input must be valid according to
the rules of :rfc:`2986` and :rfc:`5280`.
* Using MD5 or SHA1 in :class:`~cryptography.x509.CertificateBuilder` and
other X.509 builders is deprecated and support will be removed in the next
version.
* Added additional APIs to
:class:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp`, including
:attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature_hash_algorithm`,
:attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature_algorithm`,
:attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature`, and
:attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.extension_bytes`.
* Added :attr:`~cryptography.x509.Certificate.tbs_precertificate_bytes`, allowing
users to access the to-be-signed pre-certificate data needed for signed
certificate timestamp verification.
* :class:`~cryptography.hazmat.primitives.kdf.kbkdf.KBKDFHMAC` and
:class:`~cryptography.hazmat.primitives.kdf.kbkdf.KBKDFCMAC` now support
:attr:`~cryptography.hazmat.primitives.kdf.kbkdf.CounterLocation.MiddleFixed`
counter location.
* Fixed :rfc:`4514` name parsing to reverse the order of the RDNs according
to the section 2.1 of the RFC, affecting method
:meth:`~cryptography.x509.Name.from_rfc4514_string`.
* It is now possible to customize some aspects of encryption when serializing
private keys, using
:meth:`~cryptography.hazmat.primitives.serialization.PrivateFormat.encryption_builder`.
* Removed several legacy symbols from our OpenSSL bindings. Users of pyOpenSSL
versions older than 22.0 will need to upgrade.
* Added
:class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES128` and
:class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES256` classes.
These classes do not replace
:class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES` (which
allows all AES key lengths), but are intended for applications where
developers want to be explicit about key length.
==== python-pyspnego ====
Version update (0.4.0 -> 0.5.0)
- update to 0.5.0:
* Added the `auth_stage` extra_info for a CredSSP context to give a human
friendly indication of what sub auth stage it is up to.
* Added the `protocol_version` extra_info for a CredSSP context to return the
negotiated CredSSP protocol version.
* Added the `credssp_min_protocol` keyword argument for a CredSSP context to
set a minimum version the caller will accept of the peer.
* This can be set to `5+` to ensure the peer supports and applies the mitigations for CVE-2018-0886.
* Added safeguards when trying to retrieve the completed context attributes
of `NegotiateProxy` before any contexts have been set up
==== python-pyudev ====
Version update (0.23.2+14 -> 0.24.0)
- update to 0.24.0:
* Remove six dependency
* Drop pylint tasks
* Support python 3.9 and 3.10
==== python-requests-toolbelt ====
- Add patch stop-using-pyopenssl-compat.patch:
* Stop importing (and using!) a pyopenssl compatibility module
to avoid a DeprecationWarning.
==== tdb ====
Version update (1.4.6 -> 1.4.7)
Subpackages: libtdb1 libtdb1-32bit python3-tdb
- update to 1.4.7:
* configure/Makefile: export PYTHONHASHSEED=1 in all 'configure/Makefile' scripts
* lib:tdb: Reformat shell scripts
- spec file cleanups
==== xapian-core ====
Version update (1.4.20 -> 1.4.21)
- update to 1.4.21:
* Stop trying to check for incompatible C++ ABI between the compiler used to
build xapian-core and the compiler used to build code using xapian-core.
* Fix new warnings from GCC 12.
* Avoid undefined value use when unpacking a key in a corrupted glass docdata
table. We now skip further checks on the entry in this case.
* Merge allocations in MSVC directory reading compatibility code so we can
allocate in a single malloc() call.
* Add accept() wrapper which checks an assumption that Microsoft's SOCKET type
only actually holds 32 bit values even in 64 bit platforms and throws an
exception if violated.
* Eliminate a use of sprintf.
* Squash some unhelpful MSVC deprecation warnings.
* Declare dummy invalid parameter handler noexcept to fix a warning from MSVC.
* Include
participants (1)
-
Dominique Leuenberger