New Tumbleweed snapshot 20220128 released!
Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20220128 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: 7zip SVT-AV1 (0.8.7 -> 0.9.0) autoyast2 (4.4.27 -> 4.4.28) clazy (1.10 -> 1.11) ell (0.46 -> 0.48) ethtool (5.15 -> 5.16) fcitx-qt5 (1.2.6 -> 1.2.7) gstreamer-plugins-bad iputils libimobiledevice (1.3.0+git.20200910 -> 1.3.0+git.20210921) libplist libstorage-ng (4.4.76 -> 4.4.77) libvirt neon (0.32.1 -> 0.32.2) patterns-games (20170319 -> 20220126) polkit protobuf (3.17.3 -> 3.19.3) python-boto3 (1.20.35 -> 1.20.40) python-botocore (1.23.35 -> 1.23.40) python-passlib rubygem-asciidoctor (2.0.15 -> 2.0.17) rubygem-bundler (2.2.27 -> 2.3.6) rubygem-listen (3.7.0 -> 3.7.1) rubygem-mime-types (3.3.1 -> 3.4.1) rubygem-mime-types-data (3.2021.0704 -> 3.2022.0105) rubygem-mini_portile2 (2.6.1 -> 2.7.1) rubygem-msgpack (1.4.2 -> 1.4.4) rubygem-nokogiri (1.12.5 -> 1.13.1) rubygem-os (1.1.1 -> 1.1.4) rubygem-parallel_tests (3.7.0 -> 3.7.3) rubygem-pkg-config (1.4.6 -> 1.4.7) sendmail (8.17.0.3 -> 8.17.1) util-linux (2.37.2 -> 2.37.3) webkit2gtk3 webkit2gtk3-soup2 wireplumber (0.4.6 -> 0.4.7) xen yast2 (4.4.39 -> 4.4.42) yast2-bootloader (4.4.14 -> 4.4.15) yast2-firewall (4.4.2 -> 4.4.3) yast2-installation (4.4.35 -> 4.4.37) yast2-iscsi-client (4.4.2 -> 4.4.3) yast2-kdump (4.4.1 -> 4.4.2) yast2-network (4.4.33 -> 4.4.34) yast2-nfs-client (4.4.2 -> 4.4.3) yast2-nis-client (4.4.1 -> 4.4.2) yast2-ntp-client (4.4.2 -> 4.4.3) yast2-packager (4.4.20 -> 4.4.21) yast2-samba-server (4.4.0 -> 4.4.1) yast2-security (4.4.8 -> 4.4.10) yast2-storage-ng (4.4.33 -> 4.4.34) === Details === ==== 7zip ==== - Fix an incompatibility with p7zip which was breaking some downstreams (e.g., GNOME's File-Roller). See bsc#1195041 * Add fix-compatib-with-p7zip.patch ==== SVT-AV1 ==== Version update (0.8.7 -> 0.9.0) - Update to 0.9.0 * New faster presets M9-M12, M12 reaching similar complexity level to that of x264 veryfast * New multi-pass and single pass VBR implementation minimizing the quality difference vs CRF while reducing the cycle overhead * Quality vs density tradeoffs improvements across all presets in CRF mode * Added support for CRF with capped bitrate * Added support for overlay frames and super resolution * Fixed film grain synthesis bugs * Added experimental support for > 4k resolutions * Added experimental support for the low delay prediction structure * Significant memory reduction especially for faster presets in a multi-threaded environment * API configuration structure cleanup removing all invalid or out of date parameters * Speedup legacy CPUs for faster development by adding SSE code for corresponding C-kernels * Updated the code license from BSD 2-clause to BSD 3-clause clear ==== autoyast2 ==== Version update (4.4.27 -> 4.4.28) Subpackages: autoyast2-installation - Use Package module instead of PackageSystem (bsc#1194886). - 4.4.28 ==== clazy ==== Version update (1.10 -> 1.11) - Update to 1.11 * New Checks: - use-arrow-operator-instead-of-data - use-static-qregularexpression - unexpected-flag-enumerator-value - Removed inefficient-qlist check (Fixed in Qt6) ==== ell ==== Version update (0.46 -> 0.48) - update to 0.48: * Fix issue with memory leaking from ICMPv6 RA. * Fix issue with memory leaking from DHCP leases. * Fix issue with NULL terminating of Base64 encoding. ==== ethtool ==== Version update (5.15 -> 5.16) - update to upstream release 5.16 * Feature: use memory maps for module EEPROM parsing (-m) * Feature: show CMIS diagnostic information (-m) * Fix: fix dumping advertised FEC modes (--show-fec) * Fix: ignore cable test notifications from other devices (--cable-test) * Fix: do not show duplicate options in help text (--help) ==== fcitx-qt5 ==== Version update (1.2.6 -> 1.2.7) - update to version 1.2.7 * support Qt6 - drop fix-compilation-with-qt-5.11.patch, upstreamed ==== gstreamer-plugins-bad ==== Subpackages: gstreamer-plugins-bad-lang gstreamer-transcoder libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 typelib-1_0-GstTranscoder-1_0 - Add some conditionals to build as many plugins as possible in SLE-15-SP4 and move all conditional logic to the beginning of the spec file using bcond_with/without. ==== iputils ==== - temporarily reintroduce rarpd and rdisc tools to get them into 15sp4 [jsc#SLE-23521] ==== libimobiledevice ==== Version update (1.3.0+git.20200910 -> 1.3.0+git.20210921) - Add python-rpm-macros to BuildRequires (boo#1194755). - Update to version 1.3.0+git.20210921: * Remove common code in favor of new libimobiledevice-glue * tools: idevicebackup2: Exit on service startup failure and improve error messages * idevice: Reset receive length variable in internal_ssl_read retry loop and fix wrong variable in debug message * lockdown: Get DeviceClass to make sure OS version dependent code is executed correctly * Handle error cases in relevant code when retrieving pair record fails * common: Return proper error codes from userpref_read_pair_record * Add support for MbedTLS * idevice: Make sure to handle timeout condition for network connections too * installation_proxy: Ignore non-status messages instead of terminating loop * mobilesync: Set DeviceLink version to 400 to support iOS 14b4+ * tools/idevicecrashreport: Fix illegal filenames on Windows * tools: Fix entering recovery mode on iOS 14.5+ which now requires a pairing * tools: Fix delays in idevicedebugserverproxy when using SSL * debugserver: Return success when a receive timed out but actualy bytes have been read * idevice: Allow partial reads in idevice_connection_receive_timeout() and handle timeouts more adequate * Fixed bytes/strings checks in lockdown.pxi for compatibility with Python2/3 * Fixed bytes/strings check in imobiledevice.pyx for compatibility with Python2/3 * Fixed debugserver.pxi PyString_AsString compatibility with Python3 * Fixed AFC afc.pxi definitions for Python2/3 compatibility. Added missing public method 'remove_path_and_contents' * ideviceprovision: Fix date output by adding MAC_EPOCH * docs: Improve --quiet command line switch description in idevicesyslog man page * idevicescreenshot: Choose a better filename, prevent overwriting existing files * idevicedebug: Add --detach option to start an app and exit idevicedebug without killing the app * idevicebackup2: Handle DLMessagePurgeDiskSpace by sending back error code * idevicebackup2: Update errno to device error mapping * idevice: Handle -EAGAIN in case usbmuxd_send() returns it * idevicebackup2: Don't fail on restore when source backup doesn't have any application info ==== libplist ==== - Add python-rpm-macros to BuildRequires (boo#1194756). ==== libstorage-ng ==== Version update (4.4.76 -> 4.4.77) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - Translated using Weblate (Portuguese (Brazil)) (bsc#1149754) - 4.4.77 ==== libvirt ==== Subpackages: libvirt-client libvirt-daemon libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lxc libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs - Revert commit 938382b60a since it changes semantics on some public APIs 105dace2-revert-virProcessGetStatInfo.patch - libxl: Add lock process indicator to saved VM state 31e937fb-libxl-save-lock-indicator.patch bsc#1191668 ==== neon ==== Version update (0.32.1 -> 0.32.2) - update to 0.32.2: * Fix auth handling for request-target of "*" ==== patterns-games ==== Version update (20170319 -> 20220126) - No longer suggest solarwolf: this package does not exist since Mid 2020 anymore. - 20220126 ==== polkit ==== Subpackages: libpolkit-agent-1-0 libpolkit-gobject-1-0 typelib-1_0-Polkit-1_0 - Switch from mozjs to duktape: * Add duktape-support.patch - Fixed pkexec Local Privilege Escalation aka pwnkit (CVE-2021-4034 bsc#1194568) CVE-2021-4034-pkexec-fix.patch ==== protobuf ==== Version update (3.17.3 -> 3.19.3) - Update to 3.19.3: C++: * Make proto2::Message::DiscardUnknownFields() non-virtual * Separate RepeatedPtrField into its own header file * For default floating point values of 0, consider all bits significant * Fix shadowing warnings * Fix for issue #8484, constant initialization doesn't compile in msvc clang-cl environment Java: * Improve performance characteristics of UnknownFieldSet parsing * For default floating point values of 0, consider all bits significant * Annotate //java/com/google/protobuf/util/... with nullness annotations * Use ArrayList copy constructor Bazel: * Ensure that release archives contain everything needed for Bazel * Align dependency handling with Bazel best practices Javascript: * Fix ReferenceError: window is not defined when getting the global object Ruby: * Fix memory leak in MessageClass.encode * Override Map.clone to use Map's dup method * Ruby: build extensions for arm64-darwin * Add class method Timestamp.from_time to ruby well known types * Adopt pure ruby DSL implementation for JRuby * Add size to Map class * Fix for descriptor_pb.rb: google/protobuf should be required first Python: * Proto2 DecodeError now includes message name in error message * Make MessageToDict convert map keys to strings * Add python-requires in setup.py * Add python 3.10 ==== python-boto3 ==== Version update (1.20.35 -> 1.20.40) - Update to version 1.23.40 * api-change:``guardduty``: [``botocore``] Amazon GuardDuty findings now include remoteAccountDetails under AwsApiCallAction section if instance credential is exfiltrated. * api-change:``connect``: [``botocore``] This release adds tagging support for UserHierarchyGroups resource. * api-change:``mediatailor``: [``botocore``] This release adds support for multiple Segment Delivery Configurations. Users can provide a list of names and URLs when creating or editing a source location. When retrieving content, users can send a header to choose which URL should be used to serve content. * api-change:``fis``: [``botocore``] Added action startTime and action endTime timestamp fields to the ExperimentAction object * api-change:``ec2``: [``botocore``] C6i, M6i and R6i instances are powered by a third-generation Intel Xeon Scalable processor (Ice Lake) delivering all-core turbo frequency of 3.5 GHz - from version 1.20.39 * api-change:``macie2``: [``botocore``] This release of the Amazon Macie API introduces stricter validation of requests to create custom data identifiers. * api-change:``ec2-instance-connect``: [``botocore``] Adds support for ED25519 keys. PushSSHPublicKey Availability Zone parameter is now optional. Adds EC2InstanceStateInvalidException for instances that are not running. This was previously a service exception, so this may require updating your code to handle this new exception. - from version 1.20.38 * api-change:``ivs``: [``botocore``] This release adds support for the new Thumbnail Configuration property for Recording Configurations. For more information see https://docs.aws.amazon.com/ivs/latest/userguide/record-to-s3.html * api-change:``storagegateway``: [``botocore``] Documentation update for adding bandwidth throttling support for S3 File Gateways. * api-change:``location``: [``botocore``] This release adds the CalculateRouteMatrix API which calculates routes for the provided departure and destination positions. The release also deprecates the use of pricing plan across all verticals. * api-change:``cloudtrail``: [``botocore``] This release fixes a documentation bug in the description for the readOnly field selector in advanced event selectors. The description now clarifies that users omit the readOnly field selector to select both Read and Write management events. * api-change:``ec2``: [``botocore``] Add support for AWS Client VPN client login banner and session timeout. - from version 1.20.37 * enhancement:Configuration: [``botocore``] Adding support for `defaults_mode` configuration. The `defaults_mode` will be used to determine how certain default configuration options are resolved in the SDK. - from version 1.20.36 * api-change:``config``: [``botocore``] Update ResourceType enum with values for CodeDeploy, EC2 and Kinesis resources * api-change:``application-insights``: [``botocore``] Application Insights support for Active Directory and SharePoint * api-change:``honeycode``: [``botocore``] Added read and write api support for multi-select picklist. And added errorcode field to DescribeTableDataImportJob API output, when import job fails. * api-change:``ram``: [``botocore``] This release adds the ListPermissionVersions API which lists the versions for a given permission. * api-change:``lookoutmetrics``: [``botocore``] This release adds a new DeactivateAnomalyDetector API operation. - Update BuildRequires and Requires from setup.py ==== python-botocore ==== Version update (1.23.35 -> 1.23.40) - Version update to 1.23.40 * api-change:``guardduty``: Amazon GuardDuty findings now include remoteAccountDetails under AwsApiCallAction section if instance credential is exfiltrated. * api-change:``connect``: This release adds tagging support for UserHierarchyGroups resource. * api-change:``mediatailor``: This release adds support for multiple Segment Delivery Configurations. Users can provide a list of names and URLs when creating or editing a source location. When retrieving content, users can send a header to choose which URL should be used to serve content. * api-change:``fis``: Added action startTime and action endTime timestamp fields to the ExperimentAction object * api-change:``ec2``: C6i, M6i and R6i instances are powered by a third-generation Intel Xeon Scalable processor (Ice Lake) delivering all-core turbo frequency of 3.5 GHz - from version 1.23.39 * api-change:``macie2``: This release of the Amazon Macie API introduces stricter validation of requests to create custom data identifiers. * api-change:``ec2-instance-connect``: Adds support for ED25519 keys. PushSSHPublicKey Availability Zone parameter is now optional. Adds EC2InstanceStateInvalidException for instances that are not running. This was previously a service exception, so this may require updating your code to handle this new exception. - from version 1.23.38 * api-change:``ivs``: This release adds support for the new Thumbnail Configuration property for Recording Configurations. For more information see https://docs.aws.amazon.com/ivs/latest/userguide/record-to-s3.html * api-change:``storagegateway``: Documentation update for adding bandwidth throttling support for S3 File Gateways. * api-change:``location``: This release adds the CalculateRouteMatrix API which calculates routes for the provided departure and destination positions. The release also deprecates the use of pricing plan across all verticals. * api-change:``cloudtrail``: This release fixes a documentation bug in the description for the readOnly field selector in advanced event selectors. The description now clarifies that users omit the readOnly field selector to select both Read and Write management events. * api-change:``ec2``: Add support for AWS Client VPN client login banner and session timeout. - from version 1.23.37 * enhancement:Configuration: Adding support for `defaults_mode` configuration. The `defaults_mode` will be used to determine how certain default configuration options are resolved in the SDK. - from version 1.23.36 * api-change:``config``: Update ResourceType enum with values for CodeDeploy, EC2 and Kinesis resources * api-change:``application-insights``: Application Insights support for Active Directory and SharePoint * api-change:``honeycode``: Added read and write api support for multi-select picklist. And added errorcode field to DescribeTableDataImportJob API output, when import job fails. * api-change:``ram``: This release adds the ListPermissionVersions API which lists the versions for a given permission. * api-change:``lookoutmetrics``: This release adds a new DeactivateAnomalyDetector API operation. ==== python-passlib ==== - The disaster of falling tests (see previous record in this changelog for URL) just continues with test_02_handler_wrapper. ==== rubygem-asciidoctor ==== Version update (2.0.15 -> 2.0.17) updated to version 2.0.17 see installed CHANGELOG.adoc ==== rubygem-bundler ==== Version update (2.2.27 -> 2.3.6) - Update to 2.3.6 [#]# Enhancements: - Use `Gem::Platform.local` instead of `RUBY_PLATFORM` when displaying local platform [#5306](https://github.com/rubygems/rubygems/pull/5306) - Lock standard.yml to the required ruby version [#5284](https://github.com/rubygems/rubygems/pull/5284) - Use `Fiddle` in `bundle doctor` to check for dynamic library presence [#5173](https://github.com/rubygems/rubygems/pull/5173) [#]# Bug fixes: - Fix edge case where gems were incorrectly removed from the lockfile [#5302](https://github.com/rubygems/rubygems/pull/5302) - Fix `force_ruby_platform` ignored when lockfile includes current specific platform [#5304](https://github.com/rubygems/rubygems/pull/5304) - Create minitest file to underscored path in "bundle gem" command with dashed gem name [#5273](https://github.com/rubygems/rubygems/pull/5273) - Fix regression with old marshaled specs having null `required_rubygems_version` [#5291](https://github.com/rubygems/rubygems/pull/5291) [#] 2.3.5 (January 12, 2022) [#]# Enhancements: - Make `bundle update --bundler` actually lock to the latest bundler version (even if not yet installed) [#5182](https://github.com/rubygems/rubygems/pull/5182) - Use thor-1.2.1 [#5260](https://github.com/rubygems/rubygems/pull/5260) - Exclude bin directory for newgem template [#5259](https://github.com/rubygems/rubygems/pull/5259) [#]# Bug fixes: - Fix metadata requirements being bypassed when custom gem servers are used [#5256](https://github.com/rubygems/rubygems/pull/5256) - Fix `rake build:checksum` writing checksum of package path, not package contents [#5250](https://github.com/rubygems/rubygems/pull/5250) [#] 2.3.4 (December 29, 2021) [#]# Enhancements: - Improve error message when `BUNDLED WITH` version does not exist [#5205](https://github.com/rubygems/rubygems/pull/5205) [#]# Bug fixes: - Fix `bundle update --bundler` no longer updating lockfile [#5224](https://github.com/rubygems/rubygems/pull/5224) [#] 2.3.3 (December 24, 2021) [#]# Bug fixes: - Fix locked bundler not installed to the right path when `deployment` is set [#5217](https://github.com/rubygems/rubygems/pull/5217) [#] 2.3.2 (December 23, 2021) [#]# Enhancements: - Remove unnecessary lockfile upgrade warning [#5209](https://github.com/rubygems/rubygems/pull/5209) [#] 2.3.1 (December 22, 2021) [#]# Enhancements: - Vendor latest `thor` with fixes for latest `did_you_mean` deprecations [#5202](https://github.com/rubygems/rubygems/pull/5202) - Avoid unnecessary `shellwords` require on newer rubygems [#5195](https://github.com/rubygems/rubygems/pull/5195) - Re-exec prepending command with `Gem.ruby` if `$PROGRAM_NAME` is not executable [#5193](https://github.com/rubygems/rubygems/pull/5193) [#] 2.3.0 (December 21, 2021) [#]# Features: - Change `bundle install` with a lockfile to respect the `BUNDLED WITH` bundler version [#4076](https://github.com/rubygems/rubygems/pull/4076) [#]# Enhancements: - Print warning when running Bundler on potentially problematic RubyGems & Ruby combinations [#5177](https://github.com/rubygems/rubygems/pull/5177) - Error tracing should be printed to stderr [#5179](https://github.com/rubygems/rubygems/pull/5179) - Add `github` and `ref` options to `bundle add` [#5159](https://github.com/rubygems/rubygems/pull/5159) - Add require parameter to `bundle add` [#5021](https://github.com/rubygems/rubygems/pull/5021) - Enable parallel installation on Windows by default [#4822](https://github.com/rubygems/rubygems/pull/4822) - More logging when compact index is not used and we fallback to other APIs [#4546](https://github.com/rubygems/rubygems/pull/4546) - `bundle gem` generated MiniTest file and class now start with 'test' [#3893](https://github.com/rubygems/rubygems/pull/3893) - Add `Bundler::Definition.no_lock` accessor for skipping lock file creation/update [#3401](https://github.com/rubygems/rubygems/pull/3401) [#]# Bug fixes: - Fix crash when when no platform specific matches exist and show a proper error [#5168](https://github.com/rubygems/rubygems/pull/5168) - Ignore dependencies not actually locked from frozen check [#5152](https://github.com/rubygems/rubygems/pull/5152) - Fix `bundle cache --all-platforms` on Windows [#4552](https://github.com/rubygems/rubygems/pull/4552) [#]# Documentation: - Fix gemspec template typo [#4545](https://github.com/rubygems/rubygems/pull/4545) [#] 2.2.33 (December 7, 2021) [#]# Security fixes: - Pass "--" to git commands to separate positional and optional args [#5142](https://github.com/rubygems/rubygems/pull/5142) [#]# Enhancements: - Accept pull request URLs as github source [#5126](https://github.com/rubygems/rubygems/pull/5126) - Add `--version` parameter to `bundle info` command [#5137](https://github.com/rubygems/rubygems/pull/5137) - Let original `Errno::EACCES` error be raised in compact index updater [#5110](https://github.com/rubygems/rubygems/pull/5110) - Improve gemfile-lockfile source equivalence errors [#5120](https://github.com/rubygems/rubygems/pull/5120) - Avoid float-to-string loss of characters in GitHub Actions configuration labels in new gem template [#5089](https://github.com/rubygems/rubygems/pull/5089) - Add an initial rbs template to `bundle gem` skeleton [#5041](https://github.com/rubygems/rubygems/pull/5041) - Avoid shared libraries not getting environment passed right after argv in memory when `bundle exec` is used [#4815](https://github.com/rubygems/rubygems/pull/4815) [#]# Bug fixes: - Don't cleanup paths from gems already activated from `$LOAD_PATH` [#5111](https://github.com/rubygems/rubygems/pull/5111) - Fix handling prereleases of 0 versions, like 0.0.0.dev or 0.0.0.SNAPSHOT [#5116](https://github.com/rubygems/rubygems/pull/5116) - Fix escape of filenames in `bundle doctor` [#5102](https://github.com/rubygems/rubygems/pull/5102) - Don't unlock dependencies when running `bundle install` after changing global source [#5090](https://github.com/rubygems/rubygems/pull/5090) - Fix missing locked specs when depended on another platform [#5092](https://github.com/rubygems/rubygems/pull/5092) - Fix `bundle info` sometimes claiming that bundler has been deleted [#5097](https://github.com/rubygems/rubygems/pull/5097) [#]# Documentation: - Ignore to generate the documentation from vendored libraries [#5118](https://github.com/rubygems/rubygems/pull/5118) [#] 2.2.32 (November 23, 2021) [#]# Enhancements: - Clarify `bundle viz` deprecation [#5083](https://github.com/rubygems/rubygems/pull/5083) - Unlock dependencies that no longer match lockfile [#5068](https://github.com/rubygems/rubygems/pull/5068) - Use `shellsplit` instead of array of strings for git push [#5062](https://github.com/rubygems/rubygems/pull/5062) - Re-enable `default_ignores` option for standard [#5003](https://github.com/rubygems/rubygems/pull/5003) [#]# Bug fixes: - Fix downgrading dependencies by changing the `Gemfile` and running `bundle update` [#5078](https://github.com/rubygems/rubygems/pull/5078) [#] 2.2.31 (November 8, 2021) [#]# Enhancements: - Link to working `bundler-graph` plugin in `bundle viz` deprecation message [#5061](https://github.com/rubygems/rubygems/pull/5061) - Memoize materialized specs when requiring `bundler/setup` [#5033](https://github.com/rubygems/rubygems/pull/5033) - Allow custom LicenseRef [#5013](https://github.com/rubygems/rubygems/pull/5013) - Better error when installing a lockfile with git sources and git is not installed [#5036](https://github.com/rubygems/rubygems/pull/5036) - Only delete cached gem when it's corrupted [#5031](https://github.com/rubygems/rubygems/pull/5031) - Support gemified `tsort` [#5032](https://github.com/rubygems/rubygems/pull/5032) - Add standard option alongside rubocop to `bundle gem` [#4411](https://github.com/rubygems/rubygems/pull/4411) [#]# Bug fixes: - Fix system man pages no longer working after bundler overrides `MANPATH` [#5039](https://github.com/rubygems/rubygems/pull/5039) - Don't warn when a lockfile is locked to a dev version [#5018](https://github.com/rubygems/rubygems/pull/5018) [#] 2.2.30 (October 26, 2021) [#]# Enhancements: - Add a custom SHA1 digest implementation to no longer depend on the digest gem before we know which version to activate [#4989](https://github.com/rubygems/rubygems/pull/4989) - Ensure vendored gems have licenses [#4998](https://github.com/rubygems/rubygems/pull/4998) - Update broken link in Bundler::Fetcher::CertificateFailureError [#4987](https://github.com/rubygems/rubygems/pull/4987) - Give better errors for some permission issues [#4965](https://github.com/rubygems/rubygems/pull/4965) - Print better errors when `bundler/gem_tasks` fail [#4872](https://github.com/rubygems/rubygems/pull/4872) - Fix `bundle install` to reinstall deleted gems [#4974](https://github.com/rubygems/rubygems/pull/4974) - Unify issue template and ISSUES.md document [#4980](https://github.com/rubygems/rubygems/pull/4980) - Bump vendored connection_pool to 2.2.5 [#4738](https://github.com/rubygems/rubygems/pull/4738) [#]# Bug fixes: - Fix error message pointing to non existing file when using a global gem cache [#4999](https://github.com/rubygems/rubygems/pull/4999) - Fix install crash when lockfile has missing dependencies for the current platform [#4941](https://github.com/rubygems/rubygems/pull/4941) - Make `bundle info` show a proper warning every time it finds a deleted gem [#4971](https://github.com/rubygems/rubygems/pull/4971) [#] 2.2.29 (October 8, 2021) [#]# Enhancements: - Require at least Ruby 2.6.0 for gems created with recent rubies [#4920](https://github.com/rubygems/rubygems/pull/4920) - Include glob information in string representation of git sources to make generated lockfiles deterministic [#4947](https://github.com/rubygems/rubygems/pull/4947) - Add missing `rubygem_push` prerequisite [#4930](https://github.com/rubygems/rubygems/pull/4930) [#] 2.2.28 (September 23, 2021) [#]# Enhancements: - Use example.com in new gem template, since it will never have a potentially dangerous backing website [#4918](https://github.com/rubygems/rubygems/pull/4918) - Deprecate `--install` flag to `bundle remove` and trigger install by default [#4891](https://github.com/rubygems/rubygems/pull/4891) ==== rubygem-listen ==== Version update (3.7.0 -> 3.7.1) updated to version 3.7.1 see installed CHANGELOG.md ==== rubygem-mime-types ==== Version update (3.3.1 -> 3.4.1) updated to version 3.4.1 see installed History.md [#] Changelog [#]# 3.4.1 / 2021-11-16 - 1 bugfix: - Fixed a Ruby < 2.3 incompatibility introduced by the use of standardrb, where `<<-` heredocs were converted to `<<~` heredocs. These have been reverted back to `<<-` with the indentation kept and a `.strip` call to prevent excess whitespace. [#]# 3.4.0 / 2021-11-15 - 1 minor enhancement: - Added a new field to `MIME::Type` for checking provisional registrations from IANA. [#157] - Documentation: - Kevin Menard synced the documentation so that all examples are correct. [#153] - Administrivia: - Added Ruby 3.0 to the CI test matrix. Added `windows/jruby` to the CI exclusion list; it refuses to run successfully. - Removed the Travis CI configuration and changed it to Github Workflows [#150]. Removed Coveralls configuration. - Igor Victor added TruffleRuby to the Travis CI configuration. [#149] - Koichi ITO loosened an excessively tight dependency. [#147] - Started using `standardrb` for Ruby formatting and validation. - Moved `deps:top` functionality to a support file. ==== rubygem-mime-types-data ==== Version update (3.2021.0704 -> 3.2022.0105) updated to version 3.2022.0105 see installed History.md [#]# 3.2022.0105 / 2022-01-05 - Updated the Apache and IANA media registry entries as of release date. - Fixed an incorrect definition of `image/bmp`, which had been marked obsolete and later registered. Fixed [#48], found by William T. Nelson. [#]# 3.2021.1115 / 2021-11-15 - Updated the Apache and IANA media registry entries as of release date. - Added conversion utilities that support the `mini_mime` data format. These have been ported from the [mini_mime] repository. [#47] - Added IANA provisional media registries. Added some notes to Contributing.md about the transient nature of the provisional registration data. This was triggered in part by a pull request by Jon Sneyers. Thanks! [#45], [#43] [#]# 3.2021.0901 / 2021-09-01 - Updated the Apache and IANA media registry entries as of release date. - Added file extension for WebVTT text format. [#46] ==== rubygem-mini_portile2 ==== Version update (2.6.1 -> 2.7.1) updated to version 2.7.1 see installed CHANGELOG.md [#]## 2.7.1 / 2021-10-20 [#]### Packaging A test artifact that has been included in the gem was being flagged by some users' security scanners because it wasn't a real tarball. That artifact has been updated to be a real tarball. [#108] [#]## 2.7.0 / 2021-08-31 [#]## Added The commands used for "make", "compile", and "cmake" are configurable via keyword arguments. [#107] (Thanks, @cosmo0920!) ==== rubygem-msgpack ==== Version update (1.4.2 -> 1.4.4) updated to version 1.4.4 see installed ChangeLog 2022-01-22 version 1.4.4: * Specify the build option --platform=8 for older Java platforms 2022-01-20 version 1.4.3: * Optimize serialization/deserialization of Symbols * Support registering ext types for objects of subclasses of primitive types (like Hash) * Add optimized_symbols_parsing option to Factory#register_type on MRI implementation * Optimize to deduplicate Hash keys on JRuby * Support JRuby 9.3 (and drop 9.1) ==== rubygem-nokogiri ==== Version update (1.12.5 -> 1.13.1) - Update to 1.13.1 - Fixed - Fix Nokogiri::XSLT.quote_params regression in v1.13.0 that raised an exception when non-string stylesheet parameters were passed. Non-string parameters (e.g., integers and symbols) are now explicitly supported and both keys and values will be stringified with #to_s. [#2418] - Fix CSS selector query regression in v1.13.0 that raised an Nokogiri::XML::XPath::SyntaxError when parsing XPath attributes mixed into the CSS query. Although this mash-up of XPath and CSS syntax previously worked unintentionally, it is now an officially supported feature and is documented as such. [#2419] - Changes from 1.13.0 - This release ends support for: - Ruby 2.5, for which official support ended 2021-03-31. - JRuby 9.2, which is a Ruby 2.5-compatible release. - Faster, more reliable installation: Native Gem for ARM64 Linux - This version of Nokogiri ships experimental native gem support for the aarch64-linux platform, which should support AWS Graviton and other ARM Linux platforms. We don't yet have CI running for this platform, and so we're interested in hearing back from y'all whether this is working, and what problems you're seeing. Please send us feedback here: Feedback: Have you used the aarch64-linux native gem? - Publishing - This version of Nokogiri opts-in to the "MFA required to publish" setting on Rubygems.org. This and all future Nokogiri gem files must be published to Rubygems by an account with multi-factor authentication enabled. This should provide some additional protection against supply-chain attacks. A related discussion about Trust exists at #2357 in which I invite you to participate if you have feelings or opinions on this topic. - Dependencies - [CRuby] Vendored libiconv is updated from 1.15 to 1.16. (Note that libiconv is only redistributed in the native windows and native darwin gems, see LICENSE-DEPENDENCIES.md for more information.) [#2206] - [CRuby] Upgrade mini_portile2 dependency from ~> 2.6.1 to ~> 2.7.0. ("ruby" platform gem only.) - Improved - {XML,HTML4}::DocumentFragment constructors all now take an optional parse options parameter or block (similar to Document constructors). [#1692] (Thanks, @JackMc!) - Nokogiri::CSS.xpath_for allows an XPathVisitor to be injected, for finer-grained control over how CSS queries are translated into XPath. - [CRuby] XML::Reader#encoding will return the encoding detected by the parser when it's not passed to the constructor. [#980] - [CRuby] Handle abruptly-closed HTML comments as recommended by WHATWG. (Thanks to tehryanx for reporting!) - [CRuby] Node#line is no longer capped at 65535. libxml v2.9.0 and later support a new parse option, exposed as Nokogiri::XML::ParseOptions::PARSE_BIG_LINES, which is turned on by default in ParseOptions::DEFAULT_{XML,XSLT,HTML,SCHEMA} (Note that JRuby already supported large line numbers.) [#1764, #1493, #1617, #1505, #1003, #533] - [CRuby] If a cycle is introduced when reparenting a node (i.e., the node becomes its own ancestor), a RuntimeError is raised. libxml2 does no checking for this, which means cycles would otherwise result in infinite loops on subsequent operations. (Note that JRuby already did this.) [#1912] - [CRuby] Source builds will download zlib and libiconv via HTTPS. ("ruby" platform gem only.) [#2391] (Thanks, @jmartin-r7!) - [JRuby] Node#line behavior has been modified to return the line number of the node in the final DOM structure. This behavior is different from CRuby, which returns the node's position in the input string. Ideally the two implementations would be the same, but at least is now officially documented and tested. The real-world impact of this change is that the value returned in JRuby is greater by 1 to account for the XML prolog in the output. [#2380] (Thanks, @dabdine!) - Fixed - CSS queries on HTML5 documents now correctly match foreign elements (SVG, MathML) when namespaces are not specified in the query. [#2376] - XML::Builder blocks restore context properly when exceptions are raised. [#2372] (Thanks, @ric2b and @rinthedev!) - The Nokogiri::CSS::Parser cache now uses the XPathVisitor configuration as part of the cache key, preventing incorrect cache results from being returned when multiple XPathVisitor options are being used. - Error recovery from in-context parsing (e.g., Node#parse) now always uses the correct DocumentFragment class. Previously Nokogiri::HTML4::DocumentFragment was always used, even for XML documents. [#1158] - DocumentFragment#> now works properly, matching a CSS selector against only the fragment roots. [#1857] - XML::DocumentFragment#errors now correctly contains any parsing errors encountered. Previously this was always empty. (Note that HTML::DocumentFragment#errors already did this.) - [CRuby] Fix memory leak in Document#canonicalize when inclusive namespaces are passed in. [#2345] - [CRuby] Fix memory leak in Document#canonicalize when an argument type error is raised. [#2345] - [CRuby] Fix memory leak in EncodingHandler where iconv handlers were not being cleaned up. [#2345] - [CRuby] Fix memory leak in XPath custom handlers where string arguments were not being cleaned up. [#2345] - [CRuby] Fix memory leak in Reader#base_uri where the string returned by libxml2 was not freed. [#2347] - [JRuby] Deleting a Namespace from a NodeSet no longer modifies the href to be the default namespace URL. - [JRuby] Fix XHTML formatting of closing tags for non-container elements. [#2355] - Deprecated - Passing a Nokogiri::XML::Node as the second parameter to Node.new is deprecated and will generate a warning. This parameter should be a kind of Nokogiri::XML::Document. This will become an error in a future version of Nokogiri. [#975] - Nokogiri::CSS::Parser, Nokogiri::CSS::Tokenizer, and Nokogiri::CSS::Node are now internal-only APIs that are no longer documented, and should not be considered stable. With the introduction of XPathVisitor injection into Nokogiri::CSS.xpath_for there should be no reason to rely on these internal APIs. - CSS-to-XPath utility classes Nokogiri::CSS::XPathVisitorAlwaysUseBuiltins and XPathVisitorOptimallyUseBuiltins are deprecated. Prefer Nokogiri::CSS::XPathVisitor with appropriate constructor arguments. These classes will be removed in a future version of Nokogiri. - make it build with newer mini_portile2 versions - make sure we also patch the required mini_portile2 version in the build tool ==== rubygem-os ==== Version update (1.1.1 -> 1.1.4) updated to version 1.1.4 see installed ChangeLog 1.1.4 Fix circular dependency 1.1.2 Make rss_bytes return bytes in linux/OS X, like it always should have 1.1.1 fix skip blank lines in OS#parse_os_release 1.1.0 Add app_config_path method Cleans up dev dependency specs Detect underlying Docker containers method Add Linux-specific OS#parse_os_release method ==== rubygem-parallel_tests ==== Version update (3.7.0 -> 3.7.3) updated to version 3.7.3 no changelog found ==== rubygem-pkg-config ==== Version update (1.4.6 -> 1.4.7) updated to version 1.4.7 see installed NEWS == 1.4.7 - 2022-01-16 === Improvements * Added support for RubyInstaller2 3.1 or later. [Reported by golirev][GitHub:ruby-gnome/ruby-gnome#1457] === Thanks * golirev ==== sendmail ==== Version update (8.17.0.3 -> 8.17.1) Subpackages: libmilter1_0 - No snapshots - Update to final version sendmail 8.17.1 * Several potential memory leaks and other similar problems (mostly in error handling code) have been fixed. Problems reported by Tomas Korbar of RedHat. - Port patches to new version * sendmail-8.14.7-select.dif * sendmail-8.17.1.dif ==== util-linux ==== Version update (2.37.2 -> 2.37.3) Subpackages: libblkid1 libblkid1-32bit libfdisk1 libmount1 libmount1-32bit libsmartcols1 libuuid-devel libuuid1 libuuid1-32bit util-linux-lang - update to 2.37.3 (bsc#1194976): This release fixes two security mount(8) and umount(8) issues: * CVE-2021-3996 Improper UID check in libmount allows an unprivileged user to unmount FUSE filesystems of users with similar UID. * CVE-2021-3995 This issue is related to parsing the /proc/self/mountinfo file allows an unprivileged user to unmount other user's filesystems that are either world-writable themselves or mounted in a world-writable directory. ==== webkit2gtk3 ==== Subpackages: WebKit2GTK-4.1-lang libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Add webkit2gtk3-gcc12.patch: fix the build with gcc 12. - Require glib2 2.44 to match source. ==== webkit2gtk3-soup2 ==== Subpackages: WebKit2GTK-4.0-lang libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 typelib-1_0-JavaScriptCore-4_0 typelib-1_0-WebKit2-4_0 webkit2gtk-4_0-injected-bundles - Add webkit2gtk3-gcc12.patch: fix the build with gcc 12. - Require glib2 2.44 to match source. ==== wireplumber ==== Version update (0.4.6 -> 0.4.7) Subpackages: libwireplumber-0_4-0 wireplumber-audio - Update to version 0.4.7: * Fixed a regression in 0.4.6 that caused the selection of the default audio sources and sinks to be delayed until some event, which effectively caused losing audio output in many circumstances (glfo#pipewire/wireplumber#148, glfo#pipewire/wireplumber#150, glfo#pipewire/wireplumber#151, glfo#pipewire/wireplumber#153) * Fixed a regression in 0.4.6 that caused the echo-cancellation pipewire module (and possibly others) to not work * A default sink or source is now not selected if there is no available route for it (glfo#pipewire/wireplumber#145) * Fixed an issue where some clients would wait for a bit while seeking (glfo#pipewire/wireplumber#146) * Fixed audio capture in the endpoints-based policy * Fixed an issue that would cause certain lua scripts to error out with older configuration files (glfo#pipewire/wireplumber#158) - Drop patches already included upstream: * 0001-policy-node-schedule-rescan-without-timeout-if-defined-target-is-not-found.patch * 0002-policy-node-find-best-linkable-if-default-one-cannot-be-linked.patch - Add patch from upstream to fix selection of Pro Audio nodes as default nodes: * 0001-default-nodes-handle-nodes-without-Routes.patch ==== xen ==== Subpackages: xen-libs xen-tools xen-tools-domU - bsc#1194576 - VUL-0: CVE-2022-23033: xen: arm: guest_physmap_remove_page not removing the p2m mappings (XSA-393) xsa393.patch - bsc#1194581 - VUL-0: CVE-2022-23034: xen: a PV guest could DoS Xen while unmapping a grant (XSA-394) xsa394.patch - bsc#1194588 - VUL-0: CVE-2022-23035: xen: insufficient cleanup of passed-through device IRQs (XSA-395) xsa395.patch - bsc#1191668 - L3: issue around xl and virsh operation - virsh list not giving any output libxl-dont-try-to-free-a-NULL-list-of-vcpus.patch libxl-dont-touch-nr_vcpus_out-if-listing-vcpus-and-returning-NULL.patch ==== yast2 ==== Version update (4.4.39 -> 4.4.42) Subpackages: yast2-logs - Added Y2Packager::NewRepositorySetup to track new repositories (related to bsc#1194453) - 4.4.42 - Fix PackageAI call to PackagesProposal.GetResolvable. It prevents a crash when cloning a system (bsc#1195137). - 4.4.41 - Use Package module instead of PackageSystem (bsc#1194886). - 4.4.40 ==== yast2-bootloader ==== Version update (4.4.14 -> 4.4.15) - Use Package module instead of PackageSystem (bsc#1194886). - 4.4.15 ==== yast2-firewall ==== Version update (4.4.2 -> 4.4.3) - Use Package module instead of PackageSystem (bsc#1194886). - 4.4.3 ==== yast2-installation ==== Version update (4.4.35 -> 4.4.37) - Handle service name collision during upgrade (bsc#1194453), do not delete the new services which have the same name as an old service - 4.4.37 - Adjusted Linux Security Module configuration wording (related to jsc#SLE-22069). - 4.4.36 ==== yast2-iscsi-client ==== Version update (4.4.2 -> 4.4.3) - adjust to ruby 3.0 (bsc#1195226) - 4.4.3 ==== yast2-kdump ==== Version update (4.4.1 -> 4.4.2) - Use Package module instead of PackageSystem (bsc#1194886). - 4.4.2 ==== yast2-network ==== Version update (4.4.33 -> 4.4.34) - Use Package module instead of PackageSystem (bsc#1194886). - 4.4.34 ==== yast2-nfs-client ==== Version update (4.4.2 -> 4.4.3) - Use Package module instead of PackageSystem (bsc#1194886). - 4.4.3 ==== yast2-nis-client ==== Version update (4.4.1 -> 4.4.2) - Fixed testsuite failure during RPM build (bsc#1195194) - 4.4.2 ==== yast2-ntp-client ==== Version update (4.4.2 -> 4.4.3) - Use Package module instead of PackageSystem (bsc#1194886). - 4.4.3 ==== yast2-packager ==== Version update (4.4.20 -> 4.4.21) - Use Package module instead of PackageSystem (bsc#1194886). - 4.4.21 ==== yast2-samba-server ==== Version update (4.4.0 -> 4.4.1) - Replace use of PackageSystem with Package to avoid core dumps; (bsc#1195182). - 4.4.1 ==== yast2-security ==== Version update (4.4.8 -> 4.4.10) Related to jsc#SLE-22069: - AutoYaST LSM: only allow to select the desired LSM and the SELinux mode. - 4.4.10 - Use Package module instead of PackageSystem (bsc#1194886). - 4.4.9 ==== yast2-storage-ng ==== Version update (4.4.33 -> 4.4.34) - Use Package module instead of PackageSystem (bsc#1194886). - 4.4.34
participants (1)
-
Dominique Leuenberger