July 2022 - openSUSE Kubic - openSUSE Mailing Lists

New MicroOS snapshot 20220729 released!
by Richard Brown 31 Jul '22

31 Jul '22

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: 7zip (22.00 -> 22.01) apparmor (3.0.4 -> 3.0.5) augeas createrepo_c (0.20.0 -> 0.20.1) file gcc12 (12.1.1+git215 -> 12.1.1+git287) ghostscript (9.54.0 -> 9.56.1) libapparmor (3.0.4 -> 3.0.5) openldap2 (2.6.2 -> 2.6.3) openldap2-contrib-src (2.6.2 -> 2.6.3) policycoreutils python-rpm-macros (20220618.1ed0055 -> 20220725.2ae32d5) python310 python310-core selinux-policy util-linux util-linux-systemd vim (9.0.0032 -> 9.0.0073) yast2 (4.5.6 -> 4.5.10) === Details === ==== 7zip ==== Version update (22.00 -> 22.01) - update to 22.01: * UDF support was improved to UDF version 2.60. * HFS and APFS support was improved. ==== apparmor ==== Version update (3.0.4 -> 3.0.5) Subpackages: apparmor-abstractions apparmor-parser apparmor-parser-lang apparmor-profiles apparmor-utils apparmor-utils-lang python3-apparmor - update to AppArmor 3.0.5 - several additions to profiles and abstractions - bugfixes in parser and utils - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.5 for the detailed upstream changelog - remove upstream(ed) patchs: - apparmor-setuptools61-mr897.patch - dovecot-profiles-boo1199535-mr881.diff - php8-fpm-mr876.patch - python310-help-mr848.patch - samba-new-dcerpcd.patch - samba_deny_net_admin.patch - update-samba-bgqd.diff - update-usr-sbin-smbd.diff - apparmor-samba-include-permissions-for-shares.diff: remove upstreamed part - add dirtest-sort-mr900.diff to fix random test failures - change apache-extra-profile-include-if-exists.diff to the post-mv path (new quilt executes mv) - stop disabling lto (fixed upstream) (boo#1133091) - package profile-load script in -parser ==== augeas ==== Subpackages: augeas-lenses libaugeas0 libfa1 - Unset MALLOC_PERTURB_ to speed up %check significantly (boo#1201884, gh#hercules-team#768) ==== createrepo_c ==== Version update (0.20.0 -> 0.20.1) Subpackages: libcreaterepo_c0 python3-createrepo_c - update to 0.20.1: * fix performance problems with large repositories related to tasks queue management ==== file ==== Subpackages: file-magic libmagic1 - Add upstream patch to fix boo#1201350 * file-boo1201350.patch which combines the commits c80065fe6900be5e794941e29b32440e9969b1c3 7e59d34206d7c962e093d4239e5367a2cd8b7623 f042050f59bfc037677871c4d1037c33273f5213 d471022b2772071877895759f209f2c346757a4c 441ac2b15508909e82ad467960df4ac0adf9644c ==== gcc12 ==== Version update (12.1.1+git215 -> 12.1.1+git287) Subpackages: cpp12 libgcc_s1 libgfortran5 libgomp1 libobjc4 libquadmath0 libstdc++6 libstdc++6-locale libstdc++6-pp libubsan1 - Add Provides of libstdc++6-pp-gccN to libstdc++6-pp. [bsc#1201848] - Update to gcc-12 branch head, 4f15d2234608e82159d030dadb1, git287 * includes build fixes when building against glibc 2.33. ==== ghostscript ==== Version update (9.54.0 -> 9.56.1) Subpackages: ghostscript-x11 - update to 9.56.1: * New PDF Interpreter: This is an entirely new implementation written in C (rather than PostScript, as before) * Calling Ghostscript via the GS API is now thread safe. The one limitation is that the X11 devices for Unix-like systems (x11, x11alpha, x11cmyk, x11cmyk2, x11cmyk4, x11cmyk8, x11gray2, x11gray4 and x11mono) cannot be made thread safe, due to their interaction with the X11 server, those devices have been modified to only allow one instance in an executable. * The PSD output device now writes ICC profiles to their output files, for improved color fidelity. * Our efforts in code hygiene and maintainability continue. * The usual round of bug fixes, compatibility changes, and incremental improvements. * We have added the capability to build with the Tesseract OCR engine. In such a build, new devices are available (pdfocr8/pdfocr24/ pdfocr32) which render the output file to an image, OCR that image, and output the image "wrapped" up as a PDF file, with the OCR generated text information included as "invisible" text (in PDF terms, text rendering mode 3). - drop CVE-2021-3781.patch, CVE-2021-45949.patch: upstream - use _multibuild ==== libapparmor ==== Version update (3.0.4 -> 3.0.5) - update to AppArmor 3.0.5 - several additions to profiles and abstractions - bugfixes in parser and utils - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.5 for the detailed upstream changelog - remove upstream(ed) patchs: - apparmor-setuptools61-mr897.patch - dovecot-profiles-boo1199535-mr881.diff - php8-fpm-mr876.patch - python310-help-mr848.patch - samba-new-dcerpcd.patch - samba_deny_net_admin.patch - update-samba-bgqd.diff - update-usr-sbin-smbd.diff - apparmor-samba-include-permissions-for-shares.diff: remove upstreamed part - add dirtest-sort-mr900.diff to fix random test failures - change apache-extra-profile-include-if-exists.diff to the post-mv path (new quilt executes mv) - stop disabling lto (fixed upstream) (boo#1133091) - package profile-load script in -parser ==== openldap2 ==== Version update (2.6.2 -> 2.6.3) Subpackages: libldap-data libldap2 openldap2-client - removed obsolete 0017-Resolve-error-handling-in-new-ctx-when-global.patch - update to 2.6.3 * Fixed librewrite declaration of calloc (ITS#9841) * Fixed libldap to check for NULL ld (ITS#9157) * Fixed libldap memory leaks (ITS#9876) * Fixed lloadd to correctly tag Notice of Disconnection (ITS#9856) * Fixed slapd delta-sync DN leak on ADD ops (ITS#9866) * Fixed slapd replication with back-glue (ITS#9868) * Fixed slapd lastbind replication with chaining (ITS#9863) * Fixed slapd-ldap to correctly set authzid (ITS#9863) * Fixed slapd-mdb to check for stale readers on MDB_READERS_FULL (ITS#7165) * Fixed slapd-mdb indexer task with replicated config (ITS#9858) * Fixed slapo-accesslog onetime memory leak (ITS#9864) * Fixed slapo-ppolicy interaction with slapo-rwm (ITS#9871) * Fixed slapo-rwm to handle escaping special characters (ITS#9817) * Fixed slapo-syncprov memory leaks (ITS#9867) * Fixed slapo-syncprov fallback in delta-sync mode (ITS#9823) * Fixed slapo-unique to not release NULL entry (ITS#8245) * doc: Fixed ldap_get_option(3) to clarify ldap_get/set_option restrictions (ITS#9824) ==== openldap2-contrib-src ==== Version update (2.6.2 -> 2.6.3) - removed obsolete 0017-Resolve-error-handling-in-new-ctx-when-global.patch - update to 2.6.3 * Fixed librewrite declaration of calloc (ITS#9841) * Fixed libldap to check for NULL ld (ITS#9157) * Fixed libldap memory leaks (ITS#9876) * Fixed lloadd to correctly tag Notice of Disconnection (ITS#9856) * Fixed slapd delta-sync DN leak on ADD ops (ITS#9866) * Fixed slapd replication with back-glue (ITS#9868) * Fixed slapd lastbind replication with chaining (ITS#9863) * Fixed slapd-ldap to correctly set authzid (ITS#9863) * Fixed slapd-mdb to check for stale readers on MDB_READERS_FULL (ITS#7165) * Fixed slapd-mdb indexer task with replicated config (ITS#9858) * Fixed slapo-accesslog onetime memory leak (ITS#9864) * Fixed slapo-ppolicy interaction with slapo-rwm (ITS#9871) * Fixed slapo-rwm to handle escaping special characters (ITS#9817) * Fixed slapo-syncprov memory leaks (ITS#9867) * Fixed slapo-syncprov fallback in delta-sync mode (ITS#9823) * Fixed slapo-unique to not release NULL entry (ITS#8245) * doc: Fixed ldap_get_option(3) to clarify ldap_get/set_option restrictions (ITS#9824) ==== policycoreutils ==== Subpackages: policycoreutils-lang policycoreutils-python-utils python3-policycoreutils - Add recommends for ausearch binary (bsc#1201043) ==== python-rpm-macros ==== Version update (20220618.1ed0055 -> 20220725.2ae32d5) Subpackages: python-rpm-generators - Update to version 20220725.2ae32d5: * restore end-of-line in alternative scriptlets - Update to version 20220721.0a061eb: * make python_flavored_alternatives less verbose * Move install of libalts from sciptlets to python_clone -a -- close gh#openSUSE/python-rpm-macros#133 * hard-code %py_ver -- fix gh#openSUSE/python-rpm-macros#131 * fix gh#openSUSE/python-rpm-macros#130 print proper error on missing python interpreter ==== python310 ==== Subpackages: python310-curses python310-dbm - Switch from %primary_interpreter to prjconf-defined %primary_python (gh#openSUSE/python-rpm-macros#127). ==== python310-core ==== Subpackages: libpython3_10-1_0 python310-base - Switch from %primary_interpreter to prjconf-defined %primary_python (gh#openSUSE/python-rpm-macros#127). ==== selinux-policy ==== Subpackages: selinux-policy-targeted - fix_networkmanager.patch: Allow NetworkManager_dispatcher_tlp_t and NetworkManager_dispatcher_custom_t to access nscd socket (bsc#1201741) - Add fix_cloudform.patch to fix cloud-init runcmd issue with snapper (bnc#201015) ==== util-linux ==== Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 util-linux-lang - linux-fs.patch: Fix conflict between <linux/fs.h> and <sys/mount.h> ==== util-linux-systemd ==== - linux-fs.patch: Fix conflict between <linux/fs.h> and <sys/mount.h> ==== vim ==== Version update (9.0.0032 -> 9.0.0073) Subpackages: vim-data vim-data-common vim-small - Updated to version 9.0.0073, fixes the following problems - fix CVE-2022-2522 - boo#1201863 * In the quickfix window 'cursorline' overrules QuickFixLine highlighting. * On a Belgian keyboard CTRL-[ does not work. * Spell tests do not always clear the word list. * Spell dump may go beyond end of an array. * 'fillchars' cannot have window-local values. * 'listchars' test fails. * Not all systems have GDK_KEY_dead_circumflex. (Hisashi T Fujinaka) * Use of set_chars_option() is confusing. * A couple of filetype patterns do not have "*" before "/etc". * Missing change for filetype detection. * Insufficient testing for bracket commands. * Typos in comments, wrapping lines. * Reading past end of completion with a long line and 'infercase' set. * Reading past end of completion with duplicate match. * Using freed memory with recursive substitute. * Cursor in wrong column with mouse click after concealed text. * Csv and tsv files are not recognized. * Split else-if is confusing. * Using CTRL-C wih :append may hang Vim. * "zG" may throw an error if invalid character follows. * E1281 not tested with the old regexp engine. * Compiler warning for size_t to int conversion. * Bitbake files are not detected. * Wrong line number reported when :cexpr fails in :def function. * has('patch-xxx') returns true. * Test file has wrong name. * Accessing uninitialized memory when completing long line. * ml_get error with nested autocommand. * Compiler warnings for signed/unsigned char. * Too many type casts for dict_get functions. * Confusing error when using "q:" in command line window. * Cross-compiling doesn't work because of timer_create check. * Switching window uneccarily when getting buffer options. * Cannot show virtual text. * Build fails with tiny features. * Leaking memory when using text prop with inserted text. * Using utfc_ptr2char_len() when length is negative. * Command overlaps with printed text in scrollback. * Compiler warning for uninitialized variable. * Too many files recognized as bsdl. ==== yast2 ==== Version update (4.5.6 -> 4.5.10) Subpackages: yast2-logs - Do not ask for user input while checking file conflicts if the delayed progress popup is not shown (bsc#1201924) - 4.5.10 - bsc#1200016 - added a method for finding a package according to a pattern - 4.5.9 - Fixed libzypp initialization, in the YaST container read the configured repositories from the host (related to bsc#1199840) - 4.5.8 - Text mode control center: always display the YaST modules installed in the system root (when running in a container display the modules installed in the container) (bsc#1199840) - 4.5.7

1 0

New MicroOS snapshot 20220728 released!
by Richard Brown 29 Jul '22

29 Jul '22

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: PackageKit adobe-sourcehanserif-fonts (1.001 -> 2.001) avahi avahi-glib2 bind (9.18.4 -> 9.18.5) cups firewalld google-noto-sans-cjk-fonts google-noto-serif-cjk-fonts (20170403 -> 2.001) hdparm (9.63 -> 9.64) iptables kio-extras5 libbytesize (2.6 -> 2.7) libdrm (2.4.111 -> 2.4.112) libslirp (4.6.1+7 -> 4.7.0+44) libstorage-ng (4.5.30 -> 4.5.31) liburing (2.1 -> 2.2) libvpx (1.11.0 -> 1.12.0) libwebp (1.2.2 -> 1.2.3) libxmlb (0.3.6 -> 0.3.9) libzypp (17.30.3 -> 17.31.0) protobuf-c (1.4.0 -> 1.4.1) python-charset-normalizer (2.0.12 -> 2.1.0) python-jupyter-server (1.17.1 -> 1.18.1) qemu (6.2.0 -> 7.0.0) sqlite3 (3.39.0 -> 3.39.2) texlive upower (0.99.17 -> 0.99.20) vulkan-tools xdg-desktop-portal (1.14.4 -> 1.14.5) zypper (1.14.54 -> 1.14.55) === Details === ==== PackageKit ==== Subpackages: PackageKit-backend-dnf PackageKit-backend-zypp PackageKit-gstreamer-plugin PackageKit-gtk3-module PackageKit-lang libpackagekit-glib2-18 typelib-1_0-PackageKitGlib-1_0 - Move the dbus-1 system.d file to /usr (bsc#1201347) ==== adobe-sourcehanserif-fonts ==== Version update (1.001 -> 2.001) Subpackages: adobe-sourcehanserif-cn-fonts adobe-sourcehanserif-tw-fonts - Update to 2.001R * The copyright year was changed to â2017â2022.â * Many glyphs changes (maps, fixes, additions, adjustments) - Changes from 2.000R * The copyright year was changed to â2017â2021.â * Added support for Hong Kong SCS-2016 * Updated Latin glyphs derived from Source Serif to align with version 4.0 * All fonts have been built as variable fonts * Many glyphs changes (maps, fixes, additions, adjustments) - Add Hongkong specific subset fonts - Add variable fonts for all regions ==== avahi ==== Subpackages: libavahi-client3 libavahi-common3 libavahi-core7 - Move the dbus-1 system.d file to /usr (bsc#1201345) ==== avahi-glib2 ==== - Move the dbus-1 system.d file to /usr (bsc#1201345) ==== bind ==== Version update (9.18.4 -> 9.18.5) - Update to bind release 9.18.5 Bugs fixed: * When resolving a name, don't give up immediately if an authoritative server returns FORMERR; try the other servers first. * When synth-from-dnssec generated a response using records from a higher zone, it could unexpectedly prove non-existance of records in a subordinate grafted-on namespace. * Update HTTP listener settings on reconfiguration. * Fix a crash in dig NS search mode when one of the NS server queries fail. * Changed dnssec-signzone -H default to 0 additional NSEC3 iterations. * When processing a catalog zone member zone make sure that there is no configured pre-existing forward-only forw]ard zone with that name. [bind-9.18.5.tar.xz bind-9.18.5.tar.xz.sha512.asc] ==== cups ==== Subpackages: cups-client cups-config libcups2 libcupsimage2 - Move the dbus-1 system.d file to /usr (bsc#1201346) ==== firewalld ==== Subpackages: firewalld-bash-completion firewalld-lang python3-firewall - readd iptables requires, as docker uses iptables passthrough currently, which calls into iptables (bsc#1201836) - Also remove ipset, ebtables and iptables from the BuildRequires list (compare with change from 2022-03-03 - Thorsten Kukuk <kukuk(a)suse.com>) ==== google-noto-sans-cjk-fonts ==== Subpackages: noto-sans-jp-bold-fonts noto-sans-jp-fonts noto-sans-jp-regular-fonts noto-sans-sc-bold-fonts noto-sans-sc-fonts noto-sans-sc-regular-fonts noto-sans-tc-bold-fonts noto-sans-tc-fonts noto-sans-tc-regular-fonts - Move google-noto-serif-cjk-fonts into its own repository again ==== google-noto-serif-cjk-fonts ==== Version update (20170403 -> 2.001) Subpackages: noto-serif-jp-bold-fonts noto-serif-jp-fonts noto-serif-jp-regular-fonts noto-serif-sc-bold-fonts noto-serif-sc-fonts noto-serif-sc-regular-fonts noto-serif-tc-bold-fonts noto-serif-tc-fonts noto-serif-tc-regular-fonts - Move google-noto-serif-cjk-fonts into its own repository again - Update version to 2.001 - Follow upstream versioning: use version numbers instead of dates - Fix the source URL to be properly downloadable - Update version to 2.002(20201202) * The copyright year was changed from â2014â2019â to â2014â2020.â * Addressed Issue #207 including glyph changes to U+4E08 and U+5C83. Extension G encodings were added for U+30729, U+30EDD, U+30EDE, and U+3106C and the previous GSUB rules were removed. * Updated Korean glyph for U+58C4 as reported in Source Han Serif Issue #87 * Addressed Issue #204 for U+50E7, U+89E6, U+8FD0, U+9EA4, U+25C4A * Mapped HK U+5C13 å° to JP glyph * Fixed U+21B9 as reported in Issue #260 * Changed Korean mapping for U+51A4 as reported in Issue #202 * The weights for Kanbun glyphs U+3191âU+319F have been adjusted as mentioned in the table at the beginning of Issue #205. * Fixed Korean IVS mapping for U+8ACB as reported in Issue #276 ==== hdparm ==== Version update (9.63 -> 9.64) - update to 9.64: * fix truncated output buf with --Istdin ==== iptables ==== Subpackages: libip4tc2 libip6tc2 libxtables12 xtables-plugins - add baselibs.conf for libip4tc2, will be needed by libsystemd-shared-251.so ==== kio-extras5 ==== Subpackages: kio-extras5-lang libkioarchive5 - Add preliminary patch to fix smb connections with samba >= 4.16 (boo#1201737, kde#453090): * 0001-smb-kio_smb_browse-Check-error-code-EINVAL-to-prompt.patch ==== libbytesize ==== Version update (2.6 -> 2.7) Subpackages: libbytesize-lang libbytesize1 - update to 2.7: * Fix skipping tests when required locale is missing * Remove Travis CI configuration * Fix some warnings and typos in docstrings and comments * Fix warnings dicovered by the GCC analyzer * build: avoid bashisms in configure * Update translation files * Do not use distutils to get Python library path ==== libdrm ==== Version update (2.4.111 -> 2.4.112) Subpackages: libdrm2 libdrm_amdgpu1 libdrm_intel1 libdrm_nouveau2 libdrm_radeon1 - update to 2.4.112: * xf86drmMode: introduce drmModeConnectorGetPossibleCrtcs * xf86drmMode: introduce drmModeGetConnectorTypeName * xf86drmMode: constify drmModeAtomicReq functions * gen_table_fourcc: strip _MODIFIER suffix for INVALID * testsuite fixes ==== libslirp ==== Version update (4.6.1+7 -> 4.7.0+44) - Update to version 4.7.0+44 (current git master): * Fix vmstate regression * msvc: use char* for pointer arithmetic * Align outgoing packets * Bump incoming packet alignment to 8 bytes * msvc: fix some gcc-specific pragma warnings * msvc: enable vmstate code on !gnuc * vmstate: only enable when building under GNU C * ncsitest: Fix build with msvc * Avoid running git-version-gen when building with MS VC * windows: export symbols * win32: replace strcasecmp with g_ascii_strcasecmp * Drop spurious inline * Avoid returning void * Fix arithmetic on void * * Avoid using ##__VA_ARGS__ gcc extension * Fix bitfields order for MSVC * Separate out SLIRP_PACKED to SLIRP_PACKED_BEGIN/END * Do not use ssize_t on Windows * Do not include unistd.h on windows, it does not have it * Accept build-aux/git-version-gen failing to run * container_of: avoid using __extension__ * ncsi: Add Mellanox Get Mac Address handler * slirp: Add out-of-band ethernet address * ncsi: Add OEM command handler * ncsi: Add basic test for Get Version ID response * ncsi: Use response header for payload length * ncsi: Pass command header to response handlers * src/slirp.h: Bump the minimum Windows version to Windows 7 * ncsi: Add Get Version ID command * ncsi: Pass Slirp structure to response handlers * slirp: Add manufacturer's ID * Add support for Haiku to meson.build * meson: add extra warnings * win32: declare some local functions as static * Include <sys/socket.h> and <arpa/inet.h> for AF_INET6 and inet_pton * Release v4.7.0 * bump ABI version and age * slirp: invoke client callback before creating timers * pingtest: port to timer_new_opaque * introduce timer_new_opaque callback * introduce slirp_timer_new wrapper * icmp6: make ndp_send_ra static * Add sanitizers CI runs * socket: Handle ECONNABORTED from recv * bootp: fix g_str_has_prefix warning/critical * slirp: Don't duplicate packet in tcp_reass * Rename insque/remque -> slirp_[ins|rem]que * mbuf: Use SLIRP_DEBUG to enable mbuf debugging instead of DEBUG * Replace inet_ntoa() with safer inet_ntop() * Add VMS_END marker * bootp: add support for UEFI HTTP boot * IPv6 DNS proxying support * Add missing scope_id in caching * Drop fixed TODO * socket: Move closesocket(so->s_aux) to sofree * socket: Check so_type instead of so_tcpcb for Unix-to-inet translation * socket: Add s_aux field to struct socket for storing auxilliary socket * socket: Initialize so_type in socreate * socket: Allocate Unix-to-TCP hostfwd port from OS by binding to port 0 * Allow to disable internal DHCP server * slirp_pollfds_fill: Explain why dividing so_snd.sb_datalen by two * CI: run integration tests with slirp4netns * socket: Check address family for Unix-to-inet accept translation * socket: Add debug args for tcpx_listen (inet and Unix sockets) * socket: Restore original definition of fhost * socket: Move <sys/un.h> include to socket.h * Support Unix sockets in hostfwd * resolv: fix IPv6 resolution on Darwin * Use the exact sockaddr size in getnameinfo call * Initialize sin6_scope_id to zero * slirp_socketpair_with_oob: Connect pair through 127.0.0.1 * resolv: fix memory leak when using libresolv * pingtest: Add a trivial ping test * icmp: Support falling back on trying a SOCK_RAW socket ==== libstorage-ng ==== Version update (4.5.30 -> 4.5.31) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#891 - added unit test - fixed typo - 4.5.31 ==== liburing ==== Version update (2.1 -> 2.2) - add handle-eintr.patch, enable tests everywhere - enable tests for != ppc64le - update to 2.2: * Support non-libc builds. * Optimized syscall handling for x86-64/x86/aarch64. * Enable non-lib function calls for fast path functions. * Add support for multishot accept. * io_uring_register_files() will set RLIMIT_NOFILE if necessary. * Add support for registered ring fds, io_uring_register_ring_fd(), reducingthe overhead of an io_uring_enter() system call. * Add support for the message ring opcode. * Add support for newer request cancelation features. * Add support for IORING_SETUP_COOP_TASKRUN, which can help reduce the overhead of io_uring in general. Most applications should set this flag, see the io_uring_setup.2 man page for details. * Add support for registering a sparse buffer and file set. * Add support for a new buffer provide scheme, see io_uring_register_buf_ring.3 for details. * Add io_uring_submit_and_wait_timeout() for submitting IO and waiting for completions with a timeout. * Add io_uring_prep_{read,write}v2 prep helpers. * Add io_uring_prep_close_direct() helper. * Add support for SQE128 and CQE32, which are doubly sized SQE and CQE rings. This is needed for some cases of the new IORING_OP_URING_CMD, notably for NVMe passthrough. * ~5500 lines of man page additions, including adding ~90 new man pages. * Synced with the 5.19 kernel release, supporting all the features of 5.19 and earlier. * 24 new regression test cases, and ~7000 lines of new tests in general. * General optimizations and fixes. ==== libvpx ==== Version update (1.11.0 -> 1.12.0) - update to 1.12.0: This release adds optimizations for Loongarch, adds support for vp8 in the real-time rate control library, upgrades GoogleTest to v1.11.0, updates libwebm to libwebm-1.0.0.28-20-g206d268, and includes numerous bug fixes. - Enhancement: Numerous improvements on checking memory allocations. Optimizations for Loongarch. Code clean-up. - Bug fixes: Fix to a crash related to {vp8/vp9}_set_roi_map. Fix to compiling failure with -Wformat-nonliteral. Fix to integer overflow with vp9 with high resolution content. Fix to AddNoiseTest failure with ARMv7. Fix to libvpx Null-dereference READ in vp8. ==== libwebp ==== Version update (1.2.2 -> 1.2.3) Subpackages: libwebp7 libwebpdemux2 libwebpmux3 - update to 1.2.3: * security fix for lossless encoder (#565, chromium:1313709) * improved progress granularity in WebPReportProgress() when using lossless * improved precision in Sharp YUV (-sharp_yuv) conversion * many corrections to webp-lossless-bitstream-spec.txt (#551) * crash/leak fixes on error/OOM and other bug fixes (#558, #563, #569, #573) ==== libxmlb ==== Version update (0.3.6 -> 0.3.9) - update to 0.3.9: * Fix the crash for when the root tree has no children (Richard Hughes) * Fix the crash when getting the element for the [empty] root (Richard Hughes) * Install xb-tool into bindir (Richard Hughes) * Ensure reproducible results when importing a node (Richard Hughes) * Ignore all hidden files when using _WATCH_DIRECTORY (Richard Hughes) * Show the value bindings when using XB_SILO_PROFILE_FLAG_XPATH (Richard Hughes) * Use the correct lookup method for the python3 script interpreter (Eli Schwartz) ==== libzypp ==== Version update (17.30.3 -> 17.31.0) - Add PoolItem::statusReinit to reset the status it's initial state in the ResPool (might help bsc#1199895) This may either be 'KEEP_STATE bySOLVER' or 'LOCKED byUSER' if the PoolItem matched a hard lock defined in /etc/zypp/locks. - Fix building with GCC 13 on i586 (fixes #407, fixes #396) - Be prepared to receive exceptions from curl_easy_cleanup (bsc#1201092) - Don't auto-flag kernel-firmware as 'reboot-needed' (bsc#1200993) - Remove Medianetwork and dependend code. This commit removes the MediaNetwork tech preview and all related code. First reason for this is that MediaNetwork was just meant as a way to test the new CURL based downloader and second: since the Provide API is going to completely replace the current media backend it would be extra work to ensure that changes on the Downloader do not break MediaNetwork. - version 17.31.0 (22) ==== protobuf-c ==== Version update (1.4.0 -> 1.4.1) - Update to release 1.4.1 * Fixed unsigned integer overflow (GH#499) * Avoid shifting signed values (GH#508) - Remove 508.patch (merged) ==== python-charset-normalizer ==== Version update (2.0.12 -> 2.1.0) - update to 2.1.0: * Output the Unicode table version when running the CLI with `--version` * Re-use decoded buffer for single byte character sets * Fixing some performance bottlenecks * Workaround potential bug in cpython with Zero Width No-Break Space located * in Arabic Presentation Forms-B, Unicode 1.1 not acknowledged as space * CLI default threshold aligned with the API threshold from * Support for Python 3.5 (PR #192) * Use of backport unicodedata from `unicodedata2` as Python is quickly catching up, scheduled for removal in 3.0 ==== python-jupyter-server ==== Version update (1.17.1 -> 1.18.1) - update to version 1.18.1: * Bugs fixed + Notify ChannelQueue that the response router thread is finishing [#896] (@CiprianAnton) + Make ChannelQueue.get_msg true async #892 (@CiprianAnton) - changes from version 1.18.0: * Enhancements made + Show import error when faiing to load an extension #878 (@minrk) * Bugs fixed + Fix gateway kernel shutdown #874 (@kevin-bates) * Maintenance and upkeep improvements + suppress tornado deprecation warnings #882 (@minrk) + Normalize os_path #886 (@martinRenou) + Fix lint #867 (@blink1073) + Fix sphinx 5.0 support #865 (@blink1073) ==== qemu ==== Version update (6.2.0 -> 7.0.0) - Substantial rework of the spec file: * the 'make check' testsuite now runs in the %check section of the main package, not in a subpackage * switched from %setup to %autosetup * rearranged the content in order to minimize the use of %if, %ifarch, etc - Properly fix bsc#1198038, CVE-2022-0216 * Patches added: scsi-lsi53c895a-really-fix-use-after-fre.patch tests-qtest-Move-the-fuzz-tests-to-x86-o.patch - Make temp dir (for update_git.sh) configurable - Added new subpackages (audio-dbus, ui-dbus) - bsc#1199018 was never fixed in Factory's QEMU 6.2. It is now (since the patches are already in SeaBIOS 1.16.0) - Some tests are having issues when run in OBS. They seem to be due to race conditions, triggered by resource constraints of OBS workers. Let's disable them for now, while looking for a fix - Update to v7.0.0. For full release notese, see: * https://wiki.qemu.org/ChangeLog/7.0 Be sure to also check the following pages: * https://qemu-project.gitlab.io/qemu/about/removed-features.html * https://qemu-project.gitlab.io/qemu/about/deprecated.html Some notable changes: * [ARM] The virt board has gained a new control knob to disable passing a RNG seed in the DTB (dtb-kaslr-seed) * [ARM] The AST2600 SoC now supports a dummy version of the i3c device * [ARM] The virt board can now run guests with KVM on hosts with restricted IPA ranges * [ARM] The virt board now supports virtio-mem-pci * [ARM] The virt board now supports specifying the guest CPU topology * [ARM] On the virt board, we now enable PAuth when using KVM or hvf and the host CPU supports it * [RISC-V] Add support for ratified 1.0 Vector extension * [RISC-V] Support for the Zve64f and Zve32f extensions * [RISC-V] Drop support for draft 0.7.1 Vector extension * [RISC-V] Support Zfhmin and Zfh extensions * [RISC-V] RISC-V KVM support * [RISC-V] Mark Hypervisor extension as non experimental * [RISC-V] Enable Hypervisor extension by default * [x86] Support for Intel AMX. * [PCI/PCIe] Q35: fix PCIe device becoming disabled after migration when ACPI based PCI hotplug is used (6b0969f1ec) * [PCI/PCIe] initial bits of SR/IOV support (250346169) * [PCI/PCIe] arm/virt: fixed PXB interrupt routing (e609301b45) * [PCI/PCIe] arm/virt: support for virtio-mem-pci (b1b87327a9) * [virtiofs] Fix for CVE-2022-0358 - behaviour with supplementary groups and SGID directories * [virtiofs] Improved security label support * [virtiofs] The virtiofsd in qemu is now starting to be deprecated; please start using and contributing to Rust virtiofsd * Patches dropped: acpi-validate-hotplug-selector-on-access.patch block-backend-Retain-permissions-after-m.patch block-qdict-Fix-Werror-maybe-uninitializ.patch brotli-fix-actual-variable-array-paramet.patch display-qxl-render-fix-race-condition-in.patch doc-Add-the-SGX-numa-description.patch hw-i386-amd_iommu-Fix-maybe-uninitialize.patch hw-intc-exynos4210_gic-provide-more-room.patch hw-nvme-fix-CVE-2021-3929.patch hw-nvram-at24-return-0xff-if-1-byte-addr.patch iotest-065-explicit-compression-type.patch iotest-214-explicit-compression-type.patch iotest-302-use-img_info_log-helper.patch iotest-303-explicit-compression-type.patch iotest-39-use-_qcow2_dump_header.patch iotests-60-more-accurate-set-dirty-bit-i.patch iotests-bash-tests-filter-compression-ty.patch iotests-common.rc-introduce-_qcow2_dump_.patch iotests-declare-lack-of-support-for-comp.patch iotests-drop-qemu_img_verbose-helper.patch iotests-massive-use-_qcow2_dump_header.patch iotests-MRCE-Write-data-to-source.patch iotests.py-filter-out-successful-output-.patch iotests.py-img_info_log-rename-imgopts-a.patch iotests.py-implement-unsupported_imgopts.patch iotests.py-qemu_img-create-support-IMGOP.patch iotests.py-rewrite-default-luks-support-.patch iotests-specify-some-unsupported_imgopts.patch meson-build-all-modules-by-default.patch numa-Enable-numa-for-SGX-EPC-sections.patch numa-Support-SGX-numa-in-the-monitor-and.patch python-aqmp-add-__del__-method-to-legacy.patch python-aqmp-add-_session_guard.patch python-aqmp-add-SocketAddrT-to-package-r.patch python-aqmp-add-socket-bind-step-to-lega.patch python-aqmp-add-start_server-and-accept-.patch python-aqmp-copy-type-definitions-from-q.patch python-aqmp-drop-_bind_hack.patch python-aqmp-fix-docstring-typo.patch python-aqmp-Fix-negotiation-with-pre-oob.patch python-aqmp-fix-race-condition-in-legacy.patch Python-aqmp-fix-type-definitions-for-myp.patch python-aqmp-handle-asyncio.TimeoutError-.patch python-aqmp-refactor-_do_accept-into-two.patch python-aqmp-remove-_new_session-and-_est.patch python-aqmp-rename-accept-to-start_serve.patch python-aqmp-rename-AQMPError-to-QMPError.patch python-aqmp-split-_client_connected_cb-o.patch python-aqmp-squelch-pylint-warning-for-t.patch python-aqmp-stop-the-server-during-disco.patch python-introduce-qmp-shell-wrap-convenie.patch python-machine-raise-VMLaunchFailure-exc.patch python-move-qmp-shell-under-the-AQMP-pac.patch python-move-qmp-utilities-to-python-qemu.patch ... changelog too long, skipping 51 lines ... virtio-net-fix-map-leaking-on-error-duri.patch ==== sqlite3 ==== Version update (3.39.0 -> 3.39.2) Subpackages: libsqlite3-0 sqlite3-tcl - update to 3.39.2: * Fix a performance regression in the query planner associated with rearranging the order of FROM clause terms in the presences of a LEFT JOIN. * Apply fixes for CVE-2022-35737, Chromium bugs 1343348 and 1345947, forum post 3607259d3c, and other minor problems discovered by internal testing. [boo#1201783] - update to 3.39.1: * Fix an incorrect result from a query that uses a view that contains a compound SELECT in which only one arm contains a RIGHT JOIN and where the view is not the first FROM clause term of the query that contains the view * Fix a long-standing problem with ALTER TABLE RENAME that can only arise if the sqlite3_limit(SQLITE_LIMIT_SQL_LENGTH) is set to a very small value. * Fix a long-standing problem in FTS3 that can only arise when compiled with the SQLITE_ENABLE_FTS3_PARENTHESIS compile-time option. * Fix the initial-prefix optimization for the REGEXP extension so that it works correctly even if the prefix contains characters that require a 3-byte UTF8 encoding. * Enhance the sqlite_stmt virtual table so that it buffers all of its output. ==== texlive ==== - exclude all powerpc and riscv64 from luajit usage - Correct list of archs supported by luajit - 0004-Add-ppc64-support-based-on-koriakin-GitHub-patchset.patch: Remove defective patch ==== upower ==== Version update (0.99.17 -> 0.99.20) Subpackages: libupower-glib3 typelib-1_0-UpowerGlib-1_0 upower-lang - update to 0.99.20: * Ensure polling is resumed after suspend (#198) * Bugfixes to state guessing code (#146) * Stability improvements of automated tests * Move state guessing into DisplayDevice * Always use 90% threshold to consider a battery full * Various test improvements * Fix mice showing up as keyboards (#189) * Allow unit test inspector to fail (#187) * Fix test cases when daemon shuts down too slowly (#188) - update to 0.99.18: * Remove broken wakeup DBus API * Tag UPS hid devices using hwdb and update list from upstream * Only permit Refresh method when in debug mode * Refactor device polling * Refactor udev device discovery and sibling detection * Improved testing and CI * Handle SIGTERM to trigger a clean shutdown * Improve polling of batteries after line-power "online" status change * Multiple wacom tablet detection fixes * Fix updates after a BT hid power supply moves in sysfs * Fix enumeration of "Whats Up!" devices on startup * Accept USB power supplies without warning * Allow building without gtk-doc ==== vulkan-tools ==== - Add 0001-vulkaninfo-include-wayland-client-because-its-functi.patch ==== xdg-desktop-portal ==== Version update (1.14.4 -> 1.14.5) Subpackages: xdg-desktop-portal-lang - Update to version 1.14.5: + realtime: Fix realtime: fix priority type in MakeThreadHighPriority. ==== zypper ==== Version update (1.14.54 -> 1.14.55) Subpackages: zypper-log zypper-needs-restarting - lr: Allow shortening the Name column if table is wider than the terminal (bsc#1201638) - Don't accepts install/remove modifier without argument (bsc#1201576) - zypper-download: Set correct ExitInfoCode when failing to resolve argument. - zypper-download: Handle unresolvable arguments as error. This commit changes zypper-download such that it behaves more consistent to zypper-install when an argument can't be resolved. - version 1.14.55

1 0

New ARM MicroOS snapshot 20220725 released!
by Guillaume Gardet 29 Jul '22

29 Jul '22

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: Mesa Mesa-drivers alsa (1.2.7.1 -> 1.2.7.2) alsa-plugins alsa-ucm-conf (1.2.7.1 -> 1.2.7.2) apparmor dracut (057+suse.294.gaa9ea2d2 -> 057+suse.303.gc4ea1bea) ell (0.51 -> 0.52) inih (55 -> 56) installation-images-MicroOS (17.56 -> 17.59) isl (0.24 -> 0.25) libapparmor libglvnd libnvme (1.0 -> 1.1~rc0) libostree libqmi (1.30.6 -> 1.30.8) libstorage-ng (4.5.28 -> 4.5.30) libxcvt (0.1.1 -> 0.1.2) multipath-tools (0.8.9+90+suse.71a70fb -> 0.9.0+39+suse.51a2ab1) ncurses (6.3.20220709 -> 6.3.20220716) nvme-cli (2.0 -> 2.1~rc0) patterns-fonts pipewire (0.3.55 -> 0.3.56) plymouth (0.9.5~git20220412.e960111 -> 0.9.5~git20220719.9e72df3) prison-qt5 pulseaudio (16.0 -> 16.1) python-iniconfig python-pymongo (3.11.4 -> 4.1.1) qpdf samba (4.16.2+git.262.6acc6531bc7 -> 4.16.2+git.288.4d64e4651f0) xdg-dbus-proxy (0.1.3 -> 0.1.4) xorg-x11-server (21.1.3 -> 21.1.4) yast2-installation (4.5.3 -> 4.5.4) yast2-journal (4.5.0 -> 4.5.1) yast2-printer (4.5.0 -> 4.5.1) yast2-python-bindings (4.5.0 -> 4.5.1) yast2-x11 (4.5.0 -> 4.5.1) === Details === ==== Mesa ==== Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - let Mesa ignore Mesa-dri as dep to resolve a build cycle (related to boo#1201474 ==== Mesa-drivers ==== Subpackages: Mesa-dri Mesa-gallium Mesa-libva - let Mesa ignore Mesa-dri as dep to resolve a build cycle (related to boo#1201474 ==== alsa ==== Version update (1.2.7.1 -> 1.2.7.2) Subpackages: libasound2 libatopology2 - Update to version 1.2.7.2: minor updates, including fixes for PCM share plugin, rawmidi and UCM ==== alsa-plugins ==== Subpackages: alsa-plugins-pulse alsa-plugins-speexrate alsa-plugins-upmix - Fix dependency of pulse plugin; now pulseaudio-daemon is required (bsc#1201409) ==== alsa-ucm-conf ==== Version update (1.2.7.1 -> 1.2.7.2) - Update to version 1.2.7.2: updates of various device-specific profiles. For details, see https://www.alsa-project.org/wiki/Changes_v1.2.7.1_v1.2.7.2#alsa-ucm-conf ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor - Add apparmor-setuptools61-mr897.patch https://gitlab.com/apparmor/apparmor/-/merge_requests/897 - Add buildtime dependencies on python-rpm-macros and setuptools ==== dracut ==== Version update (057+suse.294.gaa9ea2d2 -> 057+suse.303.gc4ea1bea) Subpackages: dracut-ima dracut-mkinitrd-deprecated - Update to version 057+suse.303.gc4ea1bea: * fix(network-legacy): add auto timeout to wicked DHCP test (bsc#1198709) * fix(network-legacy): check if dhclient has --timeout option * fix(man): correct typo * fix(network-legacy): properly install dhclient * fix(fips): add missing bash dependency ==== ell ==== Version update (0.51 -> 0.52) - update to 0.52: * Fix issue with using PTRDIFF_MAX constant. * Fix issue with accepting FD 0 as epoll_fd. * Fix issue with setting bound time before emitting event. * Fix issue with starting ACD before committing static IPv4. * Fix issue with waiting for link-local address before DHCPv6. ==== inih ==== Version update (55 -> 56) - Update to version 55 * Fix redundant cast-to-int when INI_USE_STACK!=0 * Make inline comments work on subsequent lines of multiline values ==== installation-images-MicroOS ==== Version update (17.56 -> 17.59) - merge gh#openSUSE/installation-images#604 - limit LeapMicro building - 17.59 - merge gh#openSUSE/installation-images#603 - Add LeapMicro to _multibuild (jsc#SMO-126) - 17.58 - merge gh#openSUSE/installation-images#595 - rename the -release package of SLE Micro - 17.57 ==== isl ==== Version update (0.24 -> 0.25) - update to 0.25: * support (type safe) user object on id in bindings * more exports to (templated C++) bindings * add some convenience functions ==== libapparmor ==== - Add apparmor-setuptools61-mr897.patch https://gitlab.com/apparmor/apparmor/-/merge_requests/897 - Add buildtime dependencies on python-rpm-macros and setuptools ==== libglvnd ==== - let libglvnd require Mesa-dri so GL drivers are available on Wayland-only desktop installations (boo#1201474) ==== libnvme ==== Version update (1.0 -> 1.1~rc0) - Update to version v1.1-rc0: * update/cleanup of documentation * various build fixes * various fixes reported by coverity * 64-bit Reference Tags and TP-4068 changes * libnvme-mi: Introduce NVMe Managament Interface library ==== libostree ==== Subpackages: libostree-1-1 - fix packaging warnings from missing systemd service macros for pre/post/preun/postun scripts for ostree-finalize-staged ==== libqmi ==== Version update (1.30.6 -> 1.30.8) Subpackages: libqmi-glib5 libqmi-tools - update to 1.30.8: * dms: new 'Foxconn FCC authentication v2' request/response. ==== libstorage-ng ==== Version update (4.5.28 -> 4.5.30) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#890 - allow to set rootprefix via environment - 4.5.30 - merge gh#openSUSE/libstorage-ng#889 - allow to prepend path for lock file - coding style - 4.5.29 ==== libxcvt ==== Version update (0.1.1 -> 0.1.2) - Update to version 0.1.2 * make xrandr report 1366x768 instead of 1360x768 * meson: Add initial darwin_versions ==== multipath-tools ==== Version update (0.8.9+90+suse.71a70fb -> 0.9.0+39+suse.51a2ab1) Subpackages: kpartx libmpath0 - Update to version 0.9.0+39+suse.51a2ab1: Upstream bug fixes: * libmultipath: fix find_multipaths_timeout for unknown hardware (boo#1201483) * multipath-tools: fix "multipath -ll" for Native NVME Multipath devices (boo#1201483) - Update to version 0.9.0+33+suse.fdc6686 * multipath.conf: add support for "protocol" subsection in "overrides" section to set certain config options by protocol. * Removed the previously deprecated options getuid_callout, config_dir, multipath_dir, pg_timeout * hwable fixes and additions * multipath.conf(5): add disclaimer about vendor support * libmultipath, kpartx: fix callers of dm_get_next_target() * Change built-in defaults for NVMe: group by prio, and immediate failback * Allow compilation with -D_FORTIFY_SOURCE=3 ==== ncurses ==== Version update (6.3.20220709 -> 6.3.20220716) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20220716 + build-fix for test_mouse.c, for non-standard cfmakeraw. + improve shell-scripts with shellcheck + fix typo in run_tic.in (report/patch by Jan Starke). ==== nvme-cli ==== Version update (2.0 -> 2.1~rc0) Subpackages: nvme-cli-bash-completion - Update to version v2.1~rc0: * build and install fixes/improvements * documentation fixes * version reporting includes library version * various fixes reported by coverity * new solidigm plugin ==== patterns-fonts ==== Subpackages: patterns-fonts-fonts patterns-fonts-fonts_opt fix: reintroduce efont-unicode-bitmap-fonts so that there is a fallback for CJK ==== pipewire ==== Version update (0.3.55 -> 0.3.56) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Update to version 0.3.56: * Highlights - A critical bug that could crash JACK applications was fixed. - Some more regressions in audiomixer were fixed. This should fix crackling and stuttering in some cases as well as some channel mapping regressions. - A bug in the alsa plugin was fixed that could cause stuttering in VMs. - Bluetooth sources should have improved latency and rate control. - Many more bugfixes and improvements. * Modules - An experimental AVB module was added. It can expose PipeWire as an AVB entity and initiate (broken) streaming between entities. - module-loopback now handles the cases where the input and output channels are different without crashing or producing silence. - The filter-chain module now correctly calculates the output size without crashing in some cases. It also skips invalid ports instead of crashing. - Handle and report pthread errors better. * SPA - The resampler qualities were tweaked a little. - A bug that would sometimes cut off the last part of a buffer was fixed in the alsa plugin. This could cause broken audio in VMs. - Access to the alsa mixer and devices is now checked more thoroughly. - The spa-resample tool can now also handle large downsampling rates without crashing. - Audioconverter now uses rounding for float to int conversions, which reduces distortions. Compilation of the C subroutines was separated and uses its own optimisation flags now. - Noise shaping was improved in audioconvert. A new Wannamaker 3 tap shaper was added. - Audioconvert now uses a pattern for generating keep alive noise. This should have much less energy and be even more inaudible. - A channel mapping bug was fixed in audioconvert. - The dsp audio mixer would sometimes not mix enough and cause dropouts. * JACK - A critical bug in the mixer was fixed. It would cause most JACK applications to segfault at start-up. * Bluetooth - A new rate control algorithm was implemented for the sources. - The media role on HSP/HFP streams is now fixed. * Pulse Server - Add the resampler delay to delay reporting as well. - Rebase reduce-meson-dependency.patch. - Drop patches already included upstream: * 0001-jack-only-mix-when-we-have-input-to-mix.patch * 0002-spa-alsa-udev-Check-accessibility-of-pcm-devices-as-well.patch - Add patches from upstream to fix compilation on big endian: * 0001-avb-fix-compilation-on-big-endian.patch * 0002-avb-fix-compilation-on-big-endian.patch * 0003-avb-fix-compilation-on-big-endian.patch ==== plymouth ==== Version update (0.9.5~git20220412.e960111 -> 0.9.5~git20220719.9e72df3) Subpackages: libply-splash-core5 libply-splash-graphics5 libply5 plymouth-dracut plymouth-lang plymouth-plugin-label plymouth-plugin-two-step plymouth-scripts plymouth-theme-bgrt plymouth-theme-spinner - Update to version 0.9.5~git20220719.9e72df3: * Make use of standard --runstatedir flag vs custom --with-runtimedir ==== prison-qt5 ==== Subpackages: libKF5Prison5 prison-qt5-imports - Add patch to fix build with ZXing 1.4.0: * 0001-Support-ZXing-1.4.0.patch ==== pulseaudio ==== Version update (16.0 -> 16.1) Subpackages: libpulse-mainloop-glib0 libpulse0 pulseaudio-setup system-user-pulse - Update to 16.1 (bsc#1201331): * Fix parsing of percentage volumes with decimal points in pactl * Fix crash with the "pacmd play-file" command when reads from the disk aren't frame-aligned * Fix module-rtp-recv sometimes thinking it's receiving an Opus stream when it's not * Fix frequent crashing in module-combine-sink, regression in 16.0 * Fix crashing on 32-bit architectures when using the GStreamer codecs for LDAC and AptX ==== python-iniconfig ==== - BuildRequire itself when building test flavour. ==== python-pymongo ==== Version update (3.11.4 -> 4.1.1) - Conflict on python-bson * Same namespace * Different implementation (https://github.com/py-bson/bson) - Do not wildcard collect files - Update to 4.1.1 * PyMongo 4.0 drops support for Python 2.7, 3.4, and 3.5. * PyMongo 4.1 drops support for Python 3.6.0 and 3.6.1, Python 3.6.2+ is now required. * PyMongo 4.0 drops support for MongoDB 2.6, 3.0, 3.2, and 3.4. * The default uuid_representation for CodecOptions, JSONOptions, and MongoClient has been changed from bson.binary.UuidRepresentation.PYTHON_LEGACY to bson.binary.UuidRepresentation.UNSPECIFIED. Attempting to encode a uuid.UUID instance to BSON or JSON now produces an error by default. See Handling UUID Data for details. * Removed some arguments and functions mostly from: * pymongo.mongo_client.MongoClient * pymongo.database.Database * pymongo.collection.Collection * pymongo.mongo_client.MongoClient * pymongo.son_manipulator * directConnection URI option and keyword argument to MongoClient defaults to False instead of None * tz_aware, an argument for JSONOptions, now defaults to False instead of True. * items() now returns a dict_items object rather than a list. * The hint option is now required when using min or max queries with find(). * MongoClient` now raises an InvalidURI exception when it encounters unescaped percent signs in username and password when parsing MongoDB URIs. * Enhanced connection pooling to create connections more efficiently and avoid connection storms. * MongoClient now accepts a URI and keyword argument srvMaxHosts that limits the number of mongos-like hosts a client will connect to. * Support for the âkmipâ KMS provider for client side field level encryption. * Many more changes, seet the upstream changelog for details ==== qpdf ==== - add disable-newpdf-renderer.patch (bsc#1201642) ==== samba ==== Version update (4.16.2+git.262.6acc6531bc7 -> 4.16.2+git.288.4d64e4651f0) Subpackages: libsamba-policy0-python3 samba-ad-dc-libs samba-client samba-client-libs samba-libs samba-libs-python3 samba-python3 - Update spec file to fix the optional Heimdal DC build - Fix external trusts with MIT Kerberos 1.20 - Add missing samba-client requirement to samba-winbind package; (bsc#1198255); - Move pdb backends from package samba-libs to package samba-client-libs and remove samba-libs requirement from samba-winbind; (bsc#1200964); (bsc#1198255); - Add sysuser-shadow requirement for packages using systemd-sysusers - Use the canonical realm name to refresh the Kerberos tickets; (bsc#1196224); (bso#14979); - Moved logrotate files from user specific directory /etc/logrotate.d to vendor specific directory /usr/etc/logrotate.d. ==== xdg-dbus-proxy ==== Version update (0.1.3 -> 0.1.4) - Update to version 0.1.4: + Add a Meson build system, with support for being used as a subproject. The original Autotools build system remains available for now, but might be removed in future. + Fix movement through multiline auth messages. + Fix an unintended fallthrough if the message bus replies to Hello() with a non-REPLY such as an ERROR. + Fix compiler warnings. + Update AX_CODE_COVERAGE from autoconf-archive. + Bundle a copy of AX_CHECK_GNU_MAKE from autoconf-archive, required by AX_CODE_COVERAGE. - Switch to meson buildsystem, add meson BuildRequires and replace autotools macros with meson ones. - Add dbus-1-daemon BuildRequires and check section: Run meson_test macro during build. ==== xorg-x11-server ==== Version update (21.1.3 -> 21.1.4) Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra - rename u_sync-pci-ids-with-Mesa-22.0.0.patch to u_sync-pci-ids-with-Mesa.patch (currently synced with Mesa 22.1.3) - u_sync-pci-ids-with-Mesa-22.0.0.patch * synced with Mesa 22.1.3; just adding a PCI ID for vmware was needed - Update to version 21.1 * This release fixes 2 recently reported security vulnerabilities in xkb, several regressions since 1.20.x and a number of miscellaneous bugs. - supersedes the following security patches * U_boo1194181-001-xkb-swap-XkbSetDeviceInfo-and-XkbSetDeviceInfoCheck.patch * U_boo1194179-001-xkb-rename-xkb_h-to-xkb-procs_h.patch * U_boo1194179-002-xkb-add-request-length-validation-for-XkbSetGeometry.patch - supersedes U_Fix-build-with-gcc-12.patch ==== yast2-installation ==== Version update (4.5.3 -> 4.5.4) - Do not use "xrdb" for setting the "Xft.dpi" value, use a specific YaST tool from the yast2-x11 package (bsc#1201532) (xrdb depends on the C pre-processor increasing the dependencies about of 22MB) - Install yast2-x11 only when GUI (libyui-qt) is installed, avoid installing the dependent X libraries in minimal (text mode) installation - 4.5.4 ==== yast2-journal ==== Version update (4.5.0 -> 4.5.1) - Adapt to changed output of journalctl --list-boots, avoid Internal Error with systemd-251 (bsc#1201504). - Abbreviate numeric array journal entries (bsc#1200613) - 4.5.1 ==== yast2-printer ==== Version update (4.5.0 -> 4.5.1) - Removed the libX11 dependency (bsc#1201641) (the old mechanism for that did not work anymore, use %__requires_exclude_from) - 4.5.1 ==== yast2-python-bindings ==== Version update (4.5.0 -> 4.5.1) - Fix core with python3.10 when calling yast2 samba-client; (boo#1200804). - 4.5.1 ==== yast2-x11 ==== Version update (4.5.0 -> 4.5.1) - Added "xftdpi" tool to not depend on xrdb (which requires the C pre-processor), this decreases the installed size (bsc#1201532) - 4.5.1

1 0

Notify desktop users about updates and needed reboots
by Luca Di Maio 27 Jul '22

27 Jul '22

Hi all, as discussed on the matrix channel, there is the need for MicroOS Desktop users to be notified about needed reboots for updates. Brainstorming about it one of the solutions could be: 1 - reintroduce transactional-update.timer 2 - set up rebootmgr to work well with desktop workloads 3 - notify the user that the system is updated and a reboot is needed 4 - nice-to-have: if I click the notification it calls the native reboot prompt of the installed DE. What I'm proposing now is just a proof of concept. As a starting idea, I've thought about patching rebootmgr to have a new strategy: notify Here is the patched rebootmgr: https://github.com/89luca89/rebootmgr/tree/feature/add_notify_strategy The patch consists in adding the strategy to rebootmgrctl and rebootmgrd. The new strategy should consist in notifying the user with a dbus notification. The problem that came up is that I couldn't find a way for a root service to de-privilege itself to use the user's dbus-session, I had various errors about DISPLAY variable, xauth and so on. To work around it, I thought of creating an user-running service (systemctl --user), that would open a file socket in /run/user/$ID/ that would receive the command to launch the notification. You can find the example daemon here (very example...): https://gist.github.com/89luca89/bd78f5e716a7bd9206f802756e6c10de So you would have: t-u -> rebootmgrctl reboot -> dbus message to -> reboomgrd -> contact file socket -> user_notification_daemon The routine I've added to the rebootmgrd should find all the active sockets for all users and contact all of them so that all users are notified about the update. I'd like to have a feedback on the implementation, I'm 100% sure there is a lot to improve and I'm surely missing something on that user's dbus-session issue I had. As it stands now this proof of concept is working right now on my installation. Thanks, 89luca89

4 11

New MicroOS snapshot 20220725 released!
by Richard Brown 26 Jul '22

26 Jul '22

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: Mesa Mesa-drivers alsa (1.2.7.1 -> 1.2.7.2) alsa-plugins alsa-ucm-conf (1.2.7.1 -> 1.2.7.2) apparmor dracut (057+suse.294.gaa9ea2d2 -> 057+suse.303.gc4ea1bea) ell (0.51 -> 0.52) glibc inih (55 -> 56) installation-images-MicroOS (17.56 -> 17.59) isl (0.24 -> 0.25) java-18-openjdk (18.0.1.0 -> 18.0.2.0) libapparmor libglvnd libnvme (1.0 -> 1.1~rc0) libostree libqmi (1.30.6 -> 1.30.8) libreoffice libstorage-ng (4.5.28 -> 4.5.30) libxcvt (0.1.1 -> 0.1.2) multipath-tools (0.8.9+90+suse.71a70fb -> 0.9.0+39+suse.51a2ab1) ncurses (6.3.20220709 -> 6.3.20220716) nvme-cli (2.0 -> 2.1~rc0) patterns-fonts pipewire (0.3.55 -> 0.3.56) plymouth (0.9.5~git20220412.e960111 -> 0.9.5~git20220719.9e72df3) prison-qt5 pulseaudio (16.0 -> 16.1) python-iniconfig python-pandocfilters (1.4.3 -> 1.5.0) python-pymongo (3.11.4 -> 4.1.1) qpdf samba (4.16.2+git.262.6acc6531bc7 -> 4.16.2+git.288.4d64e4651f0) xdg-dbus-proxy (0.1.3 -> 0.1.4) xorg-x11-server (21.1.3 -> 21.1.4) yast2-installation (4.5.3 -> 4.5.4) yast2-journal (4.5.0 -> 4.5.1) yast2-printer (4.5.0 -> 4.5.1) yast2-python-bindings (4.5.0 -> 4.5.1) yast2-x11 (4.5.0 -> 4.5.1) === Details === ==== Mesa ==== Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - let Mesa ignore Mesa-dri as dep to resolve a build cycle (related to boo#1201474 ==== Mesa-drivers ==== Subpackages: Mesa-dri Mesa-gallium Mesa-libva - let Mesa ignore Mesa-dri as dep to resolve a build cycle (related to boo#1201474 ==== alsa ==== Version update (1.2.7.1 -> 1.2.7.2) Subpackages: libasound2 libatopology2 - Update to version 1.2.7.2: minor updates, including fixes for PCM share plugin, rawmidi and UCM ==== alsa-plugins ==== Subpackages: alsa-plugins-pulse alsa-plugins-speexrate alsa-plugins-upmix - Fix dependency of pulse plugin; now pulseaudio-daemon is required (bsc#1201409) ==== alsa-ucm-conf ==== Version update (1.2.7.1 -> 1.2.7.2) - Update to version 1.2.7.2: updates of various device-specific profiles. For details, see https://www.alsa-project.org/wiki/Changes_v1.2.7.1_v1.2.7.2#alsa-ucm-conf ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-parser apparmor-parser-lang apparmor-profiles apparmor-utils apparmor-utils-lang python3-apparmor - Add apparmor-setuptools61-mr897.patch https://gitlab.com/apparmor/apparmor/-/merge_requests/897 - Add buildtime dependencies on python-rpm-macros and setuptools ==== dracut ==== Version update (057+suse.294.gaa9ea2d2 -> 057+suse.303.gc4ea1bea) Subpackages: dracut-ima dracut-mkinitrd-deprecated - Update to version 057+suse.303.gc4ea1bea: * fix(network-legacy): add auto timeout to wicked DHCP test (bsc#1198709) * fix(network-legacy): check if dhclient has --timeout option * fix(man): correct typo * fix(network-legacy): properly install dhclient * fix(fips): add missing bash dependency ==== ell ==== Version update (0.51 -> 0.52) - update to 0.52: * Fix issue with using PTRDIFF_MAX constant. * Fix issue with accepting FD 0 as epoll_fd. * Fix issue with setting bound time before emitting event. * Fix issue with starting ACD before committing static IPv4. * Fix issue with waiting for link-local address before DHCPv6. ==== glibc ==== Subpackages: glibc-extra glibc-lang glibc-locale glibc-locale-base nscd - nptl-cleanup-async-restore-2.patch: nptl: Fix ___pthread_unregister_cancel_restore asynchronous restore (bsc#1200093, BZ #29214) ==== inih ==== Version update (55 -> 56) - Update to version 55 * Fix redundant cast-to-int when INI_USE_STACK!=0 * Make inline comments work on subsequent lines of multiline values ==== installation-images-MicroOS ==== Version update (17.56 -> 17.59) - merge gh#openSUSE/installation-images#604 - limit LeapMicro building - 17.59 - merge gh#openSUSE/installation-images#603 - Add LeapMicro to _multibuild (jsc#SMO-126) - 17.58 - merge gh#openSUSE/installation-images#595 - rename the -release package of SLE Micro - 17.57 ==== isl ==== Version update (0.24 -> 0.25) - update to 0.25: * support (type safe) user object on id in bindings * more exports to (templated C++) bindings * add some convenience functions ==== java-18-openjdk ==== Version update (18.0.1.0 -> 18.0.2.0) Subpackages: java-18-openjdk-headless - Upgrade to upstream tag jdk-18.0.2+9 (July 2022 CPU) * Security fixes: + JDK-8272243: Improve DER parsing + JDK-8272249: Better properties of loaded Properties + JDK-8277608: Address IP Addressing + JDK-8281859, CVE-2022-21540, bsc#1201694: Improve class compilation + JDK-8281866, CVE-2022-21541, bsc#1201692: Enhance MethodHandle invocations + JDK-8283190: Improve MIDI processing + JDK-8284370: Improve zlib usage + JDK-8285407, CVE-2022-34169, bsc#1201684: Improve Xalan supports * Other changes: + JDK-8240903: Add test to check that jmod hashes are reproducible + JDK-8256368: Avoid repeated upcalls into Java to re-resolve MH/VH linkers/invokers + JDK-8269938: Enhance XML processing passes redux + JDK-8270480: Better path to expressing Xpaths + JDK-8270504: Better Xpath expression handling + JDK-8271008: appcds/*/MethodHandlesAsCollectorTest.java tests time out because of excessive GC (CodeCache GC Threshold) in loom + JDK-8271055: Crash during deoptimization with "assert(bb->is_reachable()) failed: getting result from unreachable basicblock" with -XX:+VerifyStack + JDK-8272255: Completely handle MIDI files + JDK-8272261: Improve JFR recording file processing + JDK-8272493: Suboptimal code generation around Preconditions.checkIndex intrinsic with AVX2 + JDK-8272588: Enhanced recording parsing + JDK-8272594: Better record of recordings + JDK-8274524: SSLSocket.close() hangs if it is called during the ssl handshake + JDK-8275337: C1: assert(false) failed: live_in set of first block must be empty + JDK-8277055: Assert "missing inlining msg" with - XX:+PrintIntrinsics + JDK-8277072: ObjectStreamClass caches keep ClassLoaders alive + JDK-8277672: Better invocation handler handling + JDK-8277893: Arraycopy stress tests + JDK-8278065: Refactor subclassAudits to use ClassValue + JDK-8278356: Improve file creation + JDK-8278381: [GCC 11] Address::make_raw() does not initialize rspec + JDK-8278549: UNIX sun/font coding misses SUSE distro detection on recent distro SUSE 15 + JDK-8278794: Infinite loop in DeflaterOutputStream.finish() + JDK-8278972: Improve URL supports + JDK-8279219: [REDO] C2 crash when allocating array of size too large + JDK-8279668: x86: AVX2 versions of vpxor should be asserted + JDK-8279822: CI: Constant pool entries in error state are not supported + JDK-8279958: Provide configure hints for Alpine/apk package managers + JDK-8280041: Retry loop issues in java.io.ClassCache + JDK-8280476: [macOS] : hotspot arm64 bug exposed by latest clang + JDK-8280600: C2: assert(!had_error) failed: bad dominance + JDK-8280674: Bump version numbers for July CPU + JDK-8280799: Ð¡2: assert(false) failed: cyclic dependency prevents range check elimination + JDK-8280867: Cpuid1Ecx feature parsing is incorrect for AMD CPUs + JDK-8280901: MethodHandle::linkToNative stub is missing w/ - Xint + JDK-8280956: Re-examine copyright headers on files in src/java.desktop/macosx/native/libawt_lwawt/awt/a11y + JDK-8281093: JDK 11.0.14 violates Attribute-Value Normalization in the XML specification 1.0 + JDK-8281168: Micro-optimize VarForm.getMemberName for interpreter + JDK-8281181: Do not use CPU Shares to compute active processor count + JDK-8281266: [JVMCI] MetaUtil.toInternalName() doesn't handle hidden classes correctly + JDK-8281274: deal with ActiveProcessorCount in os::Linux::print_container_info + JDK-8281318: Improve jfr/event/allocation tests reliability + JDK-8281388: Change wrapping of EncryptedPrivateKeyInfo + JDK-8281544: assert(VM_Version::supports_avx512bw()) failed for Tests jdk/incubator/vector/ + JDK-8281615: Deadlock caused by jdwp agent + JDK-8281638: jfr/event/allocation tests fail with release VMs after JDK-8281318 due to lack of - XX:+UnlockDiagnosticVMOptions + JDK-8281771: Crash in java_lang_invoke_MethodType::print_signature + JDK-8281811: assert(_base == Tuple) failed: Not a Tuple after JDK-8280799 + JDK-8281822: Test failures on non-DTrace builds due to incomplete DTrace* flags handling + JDK-8282042: [testbug] FileEncodingTest.java depends on default encoding + JDK-8282045: When loop strip mining fails, safepoints are removed from loop anyway + JDK-8282080: Lambda deserialization fails for Object method ... changelog too long, skipping 134 lines ... + integrated upstream as JDK-8282231 ==== libapparmor ==== - Add apparmor-setuptools61-mr897.patch https://gitlab.com/apparmor/apparmor/-/merge_requests/897 - Add buildtime dependencies on python-rpm-macros and setuptools ==== libglvnd ==== - let libglvnd require Mesa-dri so GL drivers are available on Wayland-only desktop installations (boo#1201474) ==== libnvme ==== Version update (1.0 -> 1.1~rc0) - Update to version v1.1-rc0: * update/cleanup of documentation * various build fixes * various fixes reported by coverity * 64-bit Reference Tags and TP-4068 changes * libnvme-mi: Introduce NVMe Managament Interface library ==== libostree ==== Subpackages: libostree-1-1 - fix packaging warnings from missing systemd service macros for pre/post/preun/postun scripts for ostree-finalize-staged ==== libqmi ==== Version update (1.30.6 -> 1.30.8) Subpackages: libqmi-glib5 libqmi-tools - update to 1.30.8: * dms: new 'Foxconn FCC authentication v2' request/response. ==== libreoffice ==== Subpackages: libreoffice-base libreoffice-branding-upstream libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-en_GB libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-pt_BR libreoffice-l10n-ru libreoffice-l10n-zh_CN libreoffice-l10n-zh_TW libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit - Use system jars by specifying the path for each jar. Fixes bsc#1195634 ==== libstorage-ng ==== Version update (4.5.28 -> 4.5.30) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#890 - allow to set rootprefix via environment - 4.5.30 - merge gh#openSUSE/libstorage-ng#889 - allow to prepend path for lock file - coding style - 4.5.29 ==== libxcvt ==== Version update (0.1.1 -> 0.1.2) - Update to version 0.1.2 * make xrandr report 1366x768 instead of 1360x768 * meson: Add initial darwin_versions ==== multipath-tools ==== Version update (0.8.9+90+suse.71a70fb -> 0.9.0+39+suse.51a2ab1) Subpackages: kpartx libmpath0 - Update to version 0.9.0+39+suse.51a2ab1: Upstream bug fixes: * libmultipath: fix find_multipaths_timeout for unknown hardware (boo#1201483) * multipath-tools: fix "multipath -ll" for Native NVME Multipath devices (boo#1201483) - Update to version 0.9.0+33+suse.fdc6686 * multipath.conf: add support for "protocol" subsection in "overrides" section to set certain config options by protocol. * Removed the previously deprecated options getuid_callout, config_dir, multipath_dir, pg_timeout * hwable fixes and additions * multipath.conf(5): add disclaimer about vendor support * libmultipath, kpartx: fix callers of dm_get_next_target() * Change built-in defaults for NVMe: group by prio, and immediate failback * Allow compilation with -D_FORTIFY_SOURCE=3 ==== ncurses ==== Version update (6.3.20220709 -> 6.3.20220716) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20220716 + build-fix for test_mouse.c, for non-standard cfmakeraw. + improve shell-scripts with shellcheck + fix typo in run_tic.in (report/patch by Jan Starke). ==== nvme-cli ==== Version update (2.0 -> 2.1~rc0) Subpackages: nvme-cli-bash-completion - Update to version v2.1~rc0: * build and install fixes/improvements * documentation fixes * version reporting includes library version * various fixes reported by coverity * new solidigm plugin ==== patterns-fonts ==== Subpackages: patterns-fonts-fonts patterns-fonts-fonts_opt fix: reintroduce efont-unicode-bitmap-fonts so that there is a fallback for CJK ==== pipewire ==== Version update (0.3.55 -> 0.3.56) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-lang pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Update to version 0.3.56: * Highlights - A critical bug that could crash JACK applications was fixed. - Some more regressions in audiomixer were fixed. This should fix crackling and stuttering in some cases as well as some channel mapping regressions. - A bug in the alsa plugin was fixed that could cause stuttering in VMs. - Bluetooth sources should have improved latency and rate control. - Many more bugfixes and improvements. * Modules - An experimental AVB module was added. It can expose PipeWire as an AVB entity and initiate (broken) streaming between entities. - module-loopback now handles the cases where the input and output channels are different without crashing or producing silence. - The filter-chain module now correctly calculates the output size without crashing in some cases. It also skips invalid ports instead of crashing. - Handle and report pthread errors better. * SPA - The resampler qualities were tweaked a little. - A bug that would sometimes cut off the last part of a buffer was fixed in the alsa plugin. This could cause broken audio in VMs. - Access to the alsa mixer and devices is now checked more thoroughly. - The spa-resample tool can now also handle large downsampling rates without crashing. - Audioconverter now uses rounding for float to int conversions, which reduces distortions. Compilation of the C subroutines was separated and uses its own optimisation flags now. - Noise shaping was improved in audioconvert. A new Wannamaker 3 tap shaper was added. - Audioconvert now uses a pattern for generating keep alive noise. This should have much less energy and be even more inaudible. - A channel mapping bug was fixed in audioconvert. - The dsp audio mixer would sometimes not mix enough and cause dropouts. * JACK - A critical bug in the mixer was fixed. It would cause most JACK applications to segfault at start-up. * Bluetooth - A new rate control algorithm was implemented for the sources. - The media role on HSP/HFP streams is now fixed. * Pulse Server - Add the resampler delay to delay reporting as well. - Rebase reduce-meson-dependency.patch. - Drop patches already included upstream: * 0001-jack-only-mix-when-we-have-input-to-mix.patch * 0002-spa-alsa-udev-Check-accessibility-of-pcm-devices-as-well.patch - Add patches from upstream to fix compilation on big endian: * 0001-avb-fix-compilation-on-big-endian.patch * 0002-avb-fix-compilation-on-big-endian.patch * 0003-avb-fix-compilation-on-big-endian.patch ==== plymouth ==== Version update (0.9.5~git20220412.e960111 -> 0.9.5~git20220719.9e72df3) Subpackages: libply-splash-core5 libply-splash-graphics5 libply5 plymouth-dracut plymouth-lang plymouth-plugin-label plymouth-plugin-two-step plymouth-scripts plymouth-theme-bgrt plymouth-theme-spinner - Update to version 0.9.5~git20220719.9e72df3: * Make use of standard --runstatedir flag vs custom --with-runtimedir ==== prison-qt5 ==== Subpackages: libKF5Prison5 prison-qt5-imports - Add patch to fix build with ZXing 1.4.0: * 0001-Support-ZXing-1.4.0.patch ==== pulseaudio ==== Version update (16.0 -> 16.1) Subpackages: libpulse-mainloop-glib0 libpulse0 pulseaudio-setup system-user-pulse - Update to 16.1 (bsc#1201331): * Fix parsing of percentage volumes with decimal points in pactl * Fix crash with the "pacmd play-file" command when reads from the disk aren't frame-aligned * Fix module-rtp-recv sometimes thinking it's receiving an Opus stream when it's not * Fix frequent crashing in module-combine-sink, regression in 16.0 * Fix crashing on 32-bit architectures when using the GStreamer codecs for LDAC and AptX ==== python-iniconfig ==== - BuildRequire itself when building test flavour. ==== python-pandocfilters ==== Version update (1.4.3 -> 1.5.0) - update to 1.5.0: * Added an environment variable `PANDOCFILTER_CLEANUP` that when `get_filename4code` is used, temporary directory will be cleaned up automatically. * `examples/` is no longer included in the distribution (i.e. source distribution or binary wheels found on PyPI.) This should be a backward incompatible change as `examples/` is never exposed as a Python module, nor entry points. * Added a couple of examples. ==== python-pymongo ==== Version update (3.11.4 -> 4.1.1) - Conflict on python-bson * Same namespace * Different implementation (https://github.com/py-bson/bson) - Do not wildcard collect files - Update to 4.1.1 * PyMongo 4.0 drops support for Python 2.7, 3.4, and 3.5. * PyMongo 4.1 drops support for Python 3.6.0 and 3.6.1, Python 3.6.2+ is now required. * PyMongo 4.0 drops support for MongoDB 2.6, 3.0, 3.2, and 3.4. * The default uuid_representation for CodecOptions, JSONOptions, and MongoClient has been changed from bson.binary.UuidRepresentation.PYTHON_LEGACY to bson.binary.UuidRepresentation.UNSPECIFIED. Attempting to encode a uuid.UUID instance to BSON or JSON now produces an error by default. See Handling UUID Data for details. * Removed some arguments and functions mostly from: * pymongo.mongo_client.MongoClient * pymongo.database.Database * pymongo.collection.Collection * pymongo.mongo_client.MongoClient * pymongo.son_manipulator * directConnection URI option and keyword argument to MongoClient defaults to False instead of None * tz_aware, an argument for JSONOptions, now defaults to False instead of True. * items() now returns a dict_items object rather than a list. * The hint option is now required when using min or max queries with find(). * MongoClient` now raises an InvalidURI exception when it encounters unescaped percent signs in username and password when parsing MongoDB URIs. * Enhanced connection pooling to create connections more efficiently and avoid connection storms. * MongoClient now accepts a URI and keyword argument srvMaxHosts that limits the number of mongos-like hosts a client will connect to. * Support for the âkmipâ KMS provider for client side field level encryption. * Many more changes, seet the upstream changelog for details ==== qpdf ==== - add disable-newpdf-renderer.patch (bsc#1201642) ==== samba ==== Version update (4.16.2+git.262.6acc6531bc7 -> 4.16.2+git.288.4d64e4651f0) Subpackages: libsamba-policy0-python3 samba-ad-dc-libs samba-client samba-client-libs samba-libs samba-libs-python3 samba-python3 - Update spec file to fix the optional Heimdal DC build - Fix external trusts with MIT Kerberos 1.20 - Add missing samba-client requirement to samba-winbind package; (bsc#1198255); - Move pdb backends from package samba-libs to package samba-client-libs and remove samba-libs requirement from samba-winbind; (bsc#1200964); (bsc#1198255); - Add sysuser-shadow requirement for packages using systemd-sysusers - Use the canonical realm name to refresh the Kerberos tickets; (bsc#1196224); (bso#14979); - Moved logrotate files from user specific directory /etc/logrotate.d to vendor specific directory /usr/etc/logrotate.d. ==== xdg-dbus-proxy ==== Version update (0.1.3 -> 0.1.4) - Update to version 0.1.4: + Add a Meson build system, with support for being used as a subproject. The original Autotools build system remains available for now, but might be removed in future. + Fix movement through multiline auth messages. + Fix an unintended fallthrough if the message bus replies to Hello() with a non-REPLY such as an ERROR. + Fix compiler warnings. + Update AX_CODE_COVERAGE from autoconf-archive. + Bundle a copy of AX_CHECK_GNU_MAKE from autoconf-archive, required by AX_CODE_COVERAGE. - Switch to meson buildsystem, add meson BuildRequires and replace autotools macros with meson ones. - Add dbus-1-daemon BuildRequires and check section: Run meson_test macro during build. ==== xorg-x11-server ==== Version update (21.1.3 -> 21.1.4) Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra - rename u_sync-pci-ids-with-Mesa-22.0.0.patch to u_sync-pci-ids-with-Mesa.patch (currently synced with Mesa 22.1.3) - u_sync-pci-ids-with-Mesa-22.0.0.patch * synced with Mesa 22.1.3; just adding a PCI ID for vmware was needed - Update to version 21.1 * This release fixes 2 recently reported security vulnerabilities in xkb, several regressions since 1.20.x and a number of miscellaneous bugs. - supersedes the following security patches * U_boo1194181-001-xkb-swap-XkbSetDeviceInfo-and-XkbSetDeviceInfoCheck.patch * U_boo1194179-001-xkb-rename-xkb_h-to-xkb-procs_h.patch * U_boo1194179-002-xkb-add-request-length-validation-for-XkbSetGeometry.patch - supersedes U_Fix-build-with-gcc-12.patch ==== yast2-installation ==== Version update (4.5.3 -> 4.5.4) - Do not use "xrdb" for setting the "Xft.dpi" value, use a specific YaST tool from the yast2-x11 package (bsc#1201532) (xrdb depends on the C pre-processor increasing the dependencies about of 22MB) - Install yast2-x11 only when GUI (libyui-qt) is installed, avoid installing the dependent X libraries in minimal (text mode) installation - 4.5.4 ==== yast2-journal ==== Version update (4.5.0 -> 4.5.1) - Adapt to changed output of journalctl --list-boots, avoid Internal Error with systemd-251 (bsc#1201504). - Abbreviate numeric array journal entries (bsc#1200613) - 4.5.1 ==== yast2-printer ==== Version update (4.5.0 -> 4.5.1) - Removed the libX11 dependency (bsc#1201641) (the old mechanism for that did not work anymore, use %__requires_exclude_from) - 4.5.1 ==== yast2-python-bindings ==== Version update (4.5.0 -> 4.5.1) - Fix core with python3.10 when calling yast2 samba-client; (boo#1200804). - 4.5.1 ==== yast2-x11 ==== Version update (4.5.0 -> 4.5.1) - Added "xftdpi" tool to not depend on xrdb (which requires the C pre-processor), this decreases the installed size (bsc#1201532) - 4.5.1

1 0

New ARM MicroOS snapshot 20220719 released!
by Guillaume Gardet 20 Jul '22

20 Jul '22

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: busybox container-selinux (2.187.0 -> 2.188.0) glibc keylime (6.4.1 -> 6.4.2) konsole libselinux libstorage-ng (4.5.27 -> 4.5.28) perl pipewire (0.3.54 -> 0.3.55) python-SQLAlchemy (1.4.37 -> 1.4.39) python-html5lib python-pandocfilters (1.4.3 -> 1.5.0) selinux-policy (20220624 -> 20220714) suse-module-tools (16.0.21 -> 16.0.22) wireplumber === Details === ==== busybox ==== Subpackages: busybox-static - prepare spec file for rpmbuild --build-in-place --noprep - use bcond for static and ww3 subpackages - fix verbose flag ==== container-selinux ==== Version update (2.187.0 -> 2.188.0) - Update to version 2.188.0: * Allow confined containers to mount overlay filesystems Fixed bsc#1201348 ==== glibc ==== Subpackages: glibc-extra glibc-locale glibc-locale-base nscd - nptl-cleanup-async-restore-2.patch: nptl: Fix ___pthread_unregister_cancel_restore asynchronous restore (bsc#1200093, BZ #29214) ==== keylime ==== Version update (6.4.1 -> 6.4.2) Subpackages: keylime-agent keylime-config keylime-firewalld keylime-logrotate keylime-registrar keylime-tpm_cert_store keylime-verifier python310-keylime - Replace python-gpg requirement - Fix consolidation for _distconfdir and _sysconfdir macro - Update to version v6.4.2: * Bump version # to 6.4.2 * Use python3-gpg instead of python3-gnupg * Update Packit CI tests to test both agent and zeromq revocation notifiers * ima_ast: Make entry parsing stricter * ima_ast: Calculate length of "n" and "n-ng" in bytes * Fix broken URLs in README (Additional Reading) * Remove CFSSL leftovers * signing: move exception handing to verify_signature() * Set revocation_notifiers = agent as default in keylime.conf * cloud_verifier: Support /notifications/revocation REST API * keylime_agent: Support /notifications/revocation REST method * revocation_notifier: Factor out revocation message processing * keylime: initialize supplementary groups when dropping privileges * Refactor allowlist processing to enable verifier-side signature checks * Full removal of the tenant WebApp * update roadmap for 2022 and 2023 * docs: make Python requirements less strict * docs: update API documentation for 2.1, add missing fields for agent quote * Add python3-alembic to distros * Update fmf plans to run test with IMA policy * Drop SPDX-License-Identifier header * Adjust CI test name according to keylime-tests PR#125 * ci: Run lint with Python 3.6 as well * [trivial]: fix style of recently added docs files * Improve error handling when doing signature verification * Fix coverage file paths in submit-HEAD-coverage workflow * Adding files from keylime-docs into main repo - Fix keylime service home directory - Adjust the directory for the TPM certificates ==== konsole ==== Subpackages: konsole-part konsole-part-lang - Add patch to fix editing imported SSH hosts (kde#455290): * 0001-Fix-error-when-trying-to-edit-the-editable-parts-of-.patch ==== libselinux ==== Subpackages: libselinux1 selinux-tools - Fixed initrd check in selinux-ready (bnc#1186127) - Added restorecon_pin_file.patch. Fixes issus when running fixfiles/restorecon ==== libstorage-ng ==== Version update (4.5.27 -> 4.5.28) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#888 - handle rootprefix when combining information from /etc/fstab and /proc/mounts - added unit tests - avoid deprecated fuunctions - coding style - typo fix and documentation update - 4.5.28 ==== perl ==== Subpackages: perl-base - move builtin.pm to perl-base as File::Copy relies on it since last update. This fixes execution of builtime source services in OBS. ==== pipewire ==== Version update (0.3.54 -> 0.3.55) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Add patch to fix audio after tty switching (boo#1201349): * 0002-spa-alsa-udev-Check-accessibility-of-pcm-devices-as-well.patch - Update to version 0.3.55: * Highlights - Fix some more critical bugs in the new audioconvert and the queueing in pw-stream that causes stuttering and hickups. - HFP hardware volumes are now saved and restored. - Format conversions and mixing was improved. - Small bug fixes and improvements. * PipeWire - The queueing in pw-stream was improved with support for buffer prefetch in asynchronous mode. - Add a pw-filter unit test. * tools - pw-midiplay should now work again after improvements in pw-stream. * modules - The RAOP module was improved to support auth_setup. - The RAOP module should now handle timing packets better. - Add some more filter-chain examples. - The filter-chain now has a separate config file with the boilerplate settings. The examples are now just config snippets that can be dropped in .conf.d/ directories, such as the filter-chain.conf.d/ one. - Start suggesting to use target.object instead of node.target in docs and examples. * SPA - Use the cosh window again for the resampler. It should now give better resampler quality. - Rework the mixer functions. They were rewritten for higher precision and better performance. Add unit tests and benchmarks. - Improve format conversion for 32bits for avoid errors in clang because of undefined behaviour at extreme ranges. - Fix a bug in audioconvert where it would not consume the right amount of samples when the resampler was disabled. This could cause skipping and hickups. - Fix bug in audioconvert where it would try to convert the input samples multiple times, causing strange artefacts when upmixing. - Be more strict about valid JSON floats. - device.vendor.id and device.product.id should now always show up in 0xXXXX format and should not be converted to floats in pw-dump anymore. - Add triangular dither, add unit tests for noise generation, add some more optimisations. * Bluetooth - HFP and A2DP now expose different routes and thus can have different volumes. - HW Volumes for HFP are now synchronised better. Volume changes from HW buttons are now also saved. - Rebase reduce-meson-dependency.patch. - Add 0001-jack-only-mix-when-we-have-input-to-mix.patch: Fix an Ardour start-up crash. ==== python-SQLAlchemy ==== Version update (1.4.37 -> 1.4.39) - update to version 1.4.39: * orm + [orm] [bug] [regression] Fixed regression caused by #8133 where the pickle format for mutable attributes was changed, without a fallback to recognize the old format, causing in-place upgrades of SQLAlchemy to no longer be able to read pickled data from previous versions. A check plus a fallback for the old format is now in place. References: #8133 - changes from version 1.4.38: * orm + [orm] [bug] [regression] Fixed regression caused by #8064 where a particular check for column correspondence was made too liberal, resulting in incorrect rendering for some ORM subqueries such as those using PropComparator.has() or PropComparator.any() in conjunction with joined-inheritance queries that also use legacy aliasing features. References: [#8162] + [orm] [bug] [sql] Fixed an issue where GenerativeSelect.fetch() would not be applied when executing a statement using the ORM. References: #8091 + [orm] [bug] Fixed issue where a with_loader_criteria() option could not be pickled, as is necessary when it is carried along for propagation to lazy loaders in conjunction with a caching scheme. Currently, the only form that is supported as picklable is to pass the ?where criteria? as a fixed module-level callable function that produces a SQL expression. An ad-hoc ?lambda? can?t be pickled, and a SQL expression object is usually not fully picklable directly. References: #8109 * engine + [engine] [bug] Repaired a deprecation warning class decorator that was preventing key objects such as Connection from having a proper __weakref__ attribute, causing operations like Python standard library inspect.getmembers() to fail. References: [#8115] * sql + [sql] [bug] Fixed multiple observed race conditions related to lambda_stmt(), including an initial ?dogpile? issue when a new Python code object is initially analyzed among multiple simultaneous threads which created both a performance issue as well as some internal corruption of state. Additionally repaired observed race condition which could occur when ?cloning? an expression construct that is also in the process of being compiled or otherwise accessed in a different thread due to memoized attributes altering the __dict__ while iterated, for Python versions prior to 3.10; in particular the lambda SQL construct is sensitive to this as it holds onto a single statement object persistently. The iteration has been refined to use dict.copy() with or without an additional iteration instead. References: #8098 + [sql] [bug] Enhanced the mechanism of Cast and other ?wrapping? column constructs to more fully preserve a wrapped Label construct, including that the label name will be preserved in the .c collection of a Subquery. The label was already able to render in the SQL correctly on the outside of the construct which it was wrapped inside. References: #8084 + [sql] [bug] Adjusted the fix made for #8056 which adjusted the escaping of bound parameter names with special characters such that the escaped names were translated after the SQL compilation step, which broke a published recipe on the FAQ illustrating how to merge parameter names into the string output of a compiled SQL string. The change restores the escaped names that come from compiled.params and adds a conditional parameter to SQLCompiler.construct_params() named escape_names that defaults to True, restoring the old behavior by default. References: [#8113] * schema + [schema] [bug] Fixed bugs involving the Table.include_columns and the Table.resolve_fks parameters on Table; these little-used parameters were apparently not working for columns that refer to foreign key constraints. In the first case, not-included columns that refer to foreign keys would still attempt to create a ForeignKey object, producing errors when attempting to resolve the columns for the foreign key constraint within reflection; foreign key constraints that refer to skipped columns are now omitted from the table reflection process in the same way as occurs for Index and UniqueConstraint objects with the same conditions. No warning is produced however, as we likely want to remove the include_columns warnings for all constraints in 2.0. In the latter case, the production of table aliases or subqueries would fail on an FK related table not found despite the presence of resolve_fks=False; the logic has been repaired so that if a related table is not found, the ForeignKey object is still proxied to the aliased table or subquery (these ForeignKey objects are normally used in the production of join conditions), but it is sent with a flag that it?s not resolvable. The aliased table / subquery will then work normally, with the exception that it cannot be used to generate a join condition automatically, as the foreign key information is missing. This was already the behavior for such foreign key constraints produced using non-reflection methods, such as joining Table objects from different MetaData collections. References: #8100, #8101 + [schema] [bug] [mssql] Fixed issue where Table objects that made use of IDENTITY columns with a Numeric datatype would produce errors when attempting to reconcile the ?autoincrement? column, preventing construction of the Column from using the Column.autoincrement parameter as well as emitting errors when attempting to invoke an Insert construct. References: #8111 * extensions + [extensions] [bug] Fixed bug in Mutable where pickling and unpickling of an ORM mapped instance would not correctly restore state for mappings that contained multiple Mutable-enabled attributes. References: #8133 ==== python-html5lib ==== - Remove BuildRequires on mock. ==== python-pandocfilters ==== Version update (1.4.3 -> 1.5.0) - update to 1.5.0: * Added an environment variable `PANDOCFILTER_CLEANUP` that when `get_filename4code` is used, temporary directory will be cleaned up automatically. * `examples/` is no longer included in the distribution (i.e. source distribution or binary wheels found on PyPI.) This should be a backward incompatible change as `examples/` is never exposed as a Python module, nor entry points. * Added a couple of examples. ==== selinux-policy ==== Version update (20220624 -> 20220714) Subpackages: selinux-policy-targeted - Update to version 20220714. Refreshed: * fix_init.patch * fix_systemd_watch.patch ==== suse-module-tools ==== Version update (16.0.21 -> 16.0.22) - Update to version 16.0.22: * weak-modules2: only use kernel version under /run/regenerate-initrd (boo#1201387) ==== wireplumber ==== Subpackages: libwireplumber-0_4-0 wireplumber-audio - Add patch to fix crash on session end: * 0001-dbus-fix-crash-when-trying-to-reconnect.patch

1 0

New MicroOS snapshot 20220718 released!
by Richard Brown 19 Jul '22

19 Jul '22

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: busybox container-selinux (2.187.0 -> 2.188.0) kernel-source (5.18.9 -> 5.18.11) keylime (6.4.1 -> 6.4.2) konsole libselinux libstorage-ng (4.5.27 -> 4.5.28) patterns-base patterns-microos perl pipewire (0.3.54 -> 0.3.55) python-html5lib selinux-policy (20220624 -> 20220714) suse-module-tools (16.0.21 -> 16.0.22) sysconfig (0.85.8 -> 0.90.0) wireplumber yast2-services-manager (4.5.0 -> 4.5.1) === Details === ==== busybox ==== Subpackages: busybox-static - prepare spec file for rpmbuild --build-in-place --noprep - use bcond for static and ww3 subpackages - fix verbose flag ==== container-selinux ==== Version update (2.187.0 -> 2.188.0) - Update to version 2.188.0: * Allow confined containers to mount overlay filesystems Fixed bsc#1201348 ==== kernel-source ==== Version update (5.18.9 -> 5.18.11) - Refresh patches.suse/0001-drm-aperture-Run-fbdev-removal-before-internal-helpe.patch. Update upstream status. - commit 4fcb983 - x86/mm: Simplify RESERVE_BRK() (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - commit da1381f - x86/entry: Remove UNTRAIN_RET from native_irq_return_ldt (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - commit ce3ce6a - Refresh patches.suse/x86-kvm-fix-FASTOP_SIZE-when-return-thunks-are-enabl.patch. Update to upstream version. - commit 3f7e318 - x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit (bsc#1199657 CVE-2022-29900 CVE-2022-29901). Update upstream status. - commit eae54b1 - tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() (bsc#1198829 CVE-2022-1462). - tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push() (bsc#1198829 CVE-2022-1462). - commit cec52d3 - x86/kvm: fix FASTOP_SIZE when return thunks are enabled (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - commit 86ef7b4 - x86/asm/32: fix ANNOTATE_UNRET_SAFE use on 32bit (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/static_call: Serialize __static_call_fixup() properly (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/speculation: Disable RRSBA behavior (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/kexec: Disable RET on kexec (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/entry: Move PUSH_AND_CLEAR_REGS() back into error_entry (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/bugs: Add Cannon lake to RETBleed affected CPU list (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - commit 834606b - x86/retbleed: Add fine grained Kconfig knobs (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - Update config files. - commit 9dbc2f6 - x86/cpu/amd: Enumerate BTC_NO (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/common: Stamp out the stepping madness (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - KVM: VMX: Prevent RSB underflow before vmenter (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/speculation: Fill RSB on vmexit for IBRS (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - KVM: VMX: Fix IBRS handling after vmexit (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - KVM: VMX: Convert launched argument to flags (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - KVM: VMX: Flatten __vmx_vcpu_run() (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - objtool: Re-add UNWIND_HINT_{SAVE_RESTORE} (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/speculation: Remove x86_spec_ctrl_mask (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/speculation: Fix SPEC_CTRL write on SMT state change (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/speculation: Fix firmware entry SPEC_CTRL handling (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/cpu/amd: Add Spectral Chicken (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - objtool: Add entry UNRET validation (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/bugs: Do IBPB fallback check only once (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/bugs: Add retbleed=ibpb (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/xen: Add UNTRAIN_RET (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/xen: Rename SYS* entry points (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - objtool: Update Retpoline validation (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - intel_idle: Disable IBRS during long idle (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/bugs: Report Intel retbleed vulnerability (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/bugs: Optimize SPEC_CTRL MSR writes (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/entry: Add kernel IBRS implementation (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/bugs: Enable STIBP for JMP2RET (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - commit 023a0b9 - x86/bugs: Add AMD retbleed= boot parameter (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - Update config files. - commit a4a04c4 - x86/bugs: Report AMD retbleed vulnerability (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86: Add magic AMD return-thunk (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - objtool: Treat .text.__x86.* as noinstr (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/entry: Avoid very early RET (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86: Use return-thunk in asm code (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/sev: Avoid using __x86_return_thunk (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/vsyscall_emu/64: Don't use RET in vsyscall emulation (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/kvm: Fix SETcc emulation for return thunks (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/bpf: Use alternative RET encoding (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/ftrace: Use alternative RET encoding (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86,static_call: Use alternative RET encoding (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - objtool: skip non-text sections when adding return-thunk sites (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86,objtool: Create .return_sites (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86: Undo return-thunk damage (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/retpoline: Use -mfunction-return (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/retpoline: Swizzle retpoline thunk (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/retpoline: Cleanup some #ifdefery (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/cpufeatures: Move RETPOLINE flags to word 11 (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/kvm/vmx: Make noinstr clean (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/entry: Remove skip_r11rcx (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/entry: Don't call error_entry() for XENPV (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry() (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/entry: Switch the stack after error_entry() returns (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/traps: Use pt_regs directly in fixup_bad_iret() (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - commit bc4fd7c - Linux 5.18.11 (bsc#1012628). - io_uring: fix provided buffer import (bsc#1012628). - ALSA: usb-audio: Workarounds for Behringer UMC 204/404 HD (bsc#1012628). - ALSA: hda/realtek: Add quirk for Clevo L140PU (bsc#1012628). - ALSA: cs46xx: Fix missing snd_card_free() call at probe error (bsc#1012628). - can: bcm: use call_rcu() instead of costly synchronize_rcu() (bsc#1012628). - can: grcan: grcan_probe(): remove extra of_node_get() (bsc#1012628). - can: gs_usb: gs_usb_open/close(): fix memory leak (bsc#1012628). - can: m_can: m_can_chip_config(): actually enable internal timestamping (bsc#1012628). - can: m_can: m_can_{read_fifo,echo_tx_event}(): shift timestamp to full 32 bits (bsc#1012628). - can: kvaser_usb: replace run-time checks with struct kvaser_usb_driver_info (bsc#1012628). - can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency regression (bsc#1012628). - can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits (bsc#1012628). - can: mcp251xfd: mcp251xfd_regmap_crc_read(): improve workaround handling for mcp2517fd (bsc#1012628). - can: mcp251xfd: mcp251xfd_regmap_crc_read(): update workaround broken CRC on TBC register (bsc#1012628). - can: mcp251xfd: mcp251xfd_stop(): add missing hrtimer_cancel() (bsc#1012628). - bpf: Fix incorrect verifier simulation around jmp32's jeq/jne (bsc#1012628). - bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals (bsc#1012628). - usbnet: fix memory leak in error case (bsc#1012628). - net: rose: fix UAF bug caused by rose_t0timer_expiry (bsc#1012628). - net: lan966x: hardcode the number of external ports (bsc#1012628). - netfilter: nft_set_pipapo: release elements in clone from abort path (bsc#1012628). - selftests/net: fix section name when using xdp_dummy.o (bsc#1012628). - can: mcp251xfd: mcp251xfd_register_get_dev_id(): use correct length to read dev_id (bsc#1012628). - can: mcp251xfd: mcp251xfd_register_get_dev_id(): fix endianness conversion (bsc#1012628). - can: rcar_canfd: Fix data transmission failed on R-Car V3U (bsc#1012628). - ASoC: qdsp6: q6apm-dai: unprepare stream if its already prepared (bsc#1012628). - MAINTAINERS: Remove iommu(a)lists.linux-foundation.org (bsc#1012628). - iommu/vt-d: Fix PCI bus rescan device hot add (bsc#1012628). - iommu/vt-d: Fix RID2PASID setup/teardown failure (bsc#1012628). - cxl/mbox: Use __le32 in get,set_lsa mailbox structures (bsc#1012628). - cxl: Fix cleanup of port devices on failure to probe driver (bsc#1012628). - fbdev: fbmem: Fix logo center image dx issue (bsc#1012628). - fbmem: Check virtual screen sizes in fb_set_var() (bsc#1012628). - fbcon: Disallow setting font bigger than screen size (bsc#1012628). - fbcon: Prevent that screen size is smaller than font size (bsc#1012628). - PM: runtime: Redefine pm_runtime_release_supplier() (bsc#1012628). - PM: runtime: Fix supplier device management during consumer probe (bsc#1012628). - memregion: Fix memregion_free() fallback definition (bsc#1012628). - video: of_display_timing.h: include errno.h (bsc#1012628). - fscache: Fix invalidation/lookup race (bsc#1012628). - fscache: Fix if condition in fscache_wait_on_volume_collision() (bsc#1012628). - powerpc/powernv: delay rng platform device creation until later in boot (bsc#1012628). - net: dsa: qca8k: reset cpu port on MTU change (bsc#1012628). - ARM: meson: Fix refcount leak in meson_smp_prepare_cpus (bsc#1012628). - pinctrl: sunxi: a83t: Fix NAND function name for some pins (bsc#1012628). - srcu: Tighten cleanup_srcu_struct() GP checks (bsc#1012628). - ASoC: rt711: Add endianness flag in snd_soc_component_driver (bsc#1012628). - ASoC: rt711-sdca: Add endianness flag in snd_soc_component_driver (bsc#1012628). - ASoC: codecs: rt700/rt711/rt711-sdca: resume bus/codec in .set_jack_detect (bsc#1012628). - ASoC: SOF: ipc3-topology: Move and correct size checks in sof_ipc3_control_load_bytes() (bsc#1012628). - ASoC: SOF: Intel: hda: Fix compressed stream position tracking (bsc#1012628). - arm64: dts: qcom: sm8450: fix interconnects property of UFS node (bsc#1012628). - arm64: dts: qcom: msm8994: Fix CPU6/7 reg values (bsc#1012628). - arm64: dts: qcom: sdm845: use dispcc AHB clock for mdss node (bsc#1012628). - ARM: mxs_defconfig: Enable the framebuffer (bsc#1012628). - arm64: dts: imx8mp-evk: correct mmc pad settings (bsc#1012628). - arm64: dts: imx8mp-evk: correct the uart2 pinctl value (bsc#1012628). - arm64: dts: imx8mp-evk: correct gpio-led pad settings (bsc#1012628). - arm64: dts: imx8mp-evk: correct vbus pad settings (bsc#1012628). - arm64: dts: imx8mp-evk: correct eqos pad settings (bsc#1012628). - arm64: dts: imx8mp-evk: correct I2C5 pad settings (bsc#1012628). - arm64: dts: imx8mp-evk: correct I2C1 pad settings (bsc#1012628). - arm64: dts: imx8mp-evk: correct I2C3 pad settings (bsc#1012628). - arm64: dts: imx8mp-phyboard-pollux-rdk: correct uart pad settings (bsc#1012628). - arm64: dts: imx8mp-phyboard-pollux-rdk: correct eqos pad settings (bsc#1012628). - arm64: dts: imx8mp-phyboard-pollux-rdk: correct i2c2 & mmc settings (bsc#1012628). - pinctrl: sunxi: sunxi_pconf_set: use correct offset (bsc#1012628). - arm64: dts: qcom: msm8992-*: Fix vdd_lvs1_2-supply typo (bsc#1012628). - ARM: at91: pm: use proper compatible for sama5d2's rtc (bsc#1012628). - ARM: at91: pm: use proper compatibles for sam9x60's rtc and rtt (bsc#1012628). - ARM: at91: pm: use proper compatibles for sama7g5's rtc and rtt (bsc#1012628). - ARM: dts: at91: sam9x60ek: fix eeprom compatible and size (bsc#1012628). - ARM: dts: at91: sama5d2_icp: fix eeprom compatibles (bsc#1012628). - ARM: at91: fix soc detection for SAM9X60 SiPs (bsc#1012628). - xsk: Clear page contiguity bit when unmapping pool (bsc#1012628). - i2c: piix4: Fix a memory leak in the EFCH MMIO support (bsc#1012628). - i40e: Fix dropped jumbo frames statistics (bsc#1012628). - i40e: Fix VF's MAC Address change on VM (bsc#1012628). - ARM: dts: stm32: add missing usbh clock and fix clk order on stm32mp15 (bsc#1012628). - ibmvnic: Properly dispose of all skbs during a failover (bsc#1012628). - selftests: forwarding: fix flood_unicast_test when h2 supports IFF_UNICAST_FLT (bsc#1012628). - selftests: forwarding: fix learning_test when h1 supports IFF_UNICAST_FLT (bsc#1012628). - selftests: forwarding: fix error message in learning_test (bsc#1012628). - ACPI: CPPC: Check _OSC for flexible address space (bsc#1012628). - ACPI: bus: Set CPPC _OSC bits for all and when CPPC_LIB is supported (bsc#1012628). - ACPI: CPPC: Only probe for _CPC if CPPC v2 is acked (bsc#1012628). - ACPI: CPPC: Don't require _OSC if X86_FEATURE_CPPC is supported (bsc#1012628). - net/mlx5e: Fix matchall police parameters validation (bsc#1012628). - mptcp: Avoid acquiring PM lock for subflow priority changes (bsc#1012628). - mptcp: Acquire the subflow socket lock before modifying MP_PRIO flags (bsc#1012628). - mptcp: fix local endpoint accounting (bsc#1012628). - r8169: fix accessing unset transport header (bsc#1012628). - i2c: cadence: Unregister the clk notifier in error path (bsc#1012628). - net/sched: act_api: Add extack to offload_act_setup() callback (bsc#1012628). - net/sched: act_police: Add extack messages for offload failure (bsc#1012628). - net/sched: act_police: allow 'continue' action offload (bsc#1012628). - dmaengine: imx-sdma: Allow imx8m for imx7 FW revs (bsc#1012628). - dmaengine: imx-sdma: only restart cyclic channel when enabled (bsc#1012628). - misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer (bsc#1012628). - misc: rtsx_usb: use separate command and response buffers (bsc#1012628). - misc: rtsx_usb: set return value in rsp_buf alloc err path (bsc#1012628). - dmaengine: dw-axi-dmac: Fix RMW on channel suspend register (bsc#1012628). - dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typo (bsc#1012628). - ida: don't use BUG_ON() for debugging (bsc#1012628). - dmaengine: pl330: Fix lockdep warning about non-static key (bsc#1012628). - dmaengine: lgm: Fix an error handling path in intel_ldma_probe() (bsc#1012628). - dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly (bsc#1012628). - dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate (bsc#1012628). - dmaengine: qcom: bam_dma: fix runtime PM underflow (bsc#1012628). - dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate (bsc#1012628). - dmaengine: idxd: force wq context cleanup on device disable path (bsc#1012628). - commit 0e7e901 - Linux 5.18.10 (bsc#1012628). - xen/arm: Fix race in RB-tree based P2M accounting (bsc#1012628). - xen-netfront: restore __skb_queue_tail() positioning in xennet_get_responses() (bsc#1012628). - xen/blkfront: force data bouncing when backend is untrusted (bsc#1012628). - xen/netfront: force data bouncing when backend is untrusted (bsc#1012628). - xen/netfront: fix leaking data in shared pages (bsc#1012628). - xen/blkfront: fix leaking data in shared pages (bsc#1012628). - hwmon: (ibmaem) don't call platform_device_del() if platform_device_add() fails (bsc#1012628). - net: sparx5: mdb add/del handle non-sparx5 devices (bsc#1012628). - net: sparx5: Add handling of host MDB entries (bsc#1012628). - drm/fourcc: fix integer type usage in uapi header (bsc#1012628). - platform/x86: panasonic-laptop: filter out duplicate volume up/down/mute keypresses (bsc#1012628). - platform/x86: panasonic-laptop: don't report duplicate brightness key-presses (bsc#1012628). - platform/x86: panasonic-laptop: revert "Resolve hotkey double trigger bug" (bsc#1012628). - platform/x86: panasonic-laptop: sort includes alphabetically (bsc#1012628). - platform/x86: panasonic-laptop: de-obfuscate button codes (bsc#1012628). - drivers: cpufreq: Add missing of_node_put() in qoriq-cpufreq.c (bsc#1012628). - drm/msm/gem: Fix error return on fence id alloc fail (bsc#1012628). - drm/i915/dgfx: Disable d3cold at gfx root port (bsc#1012628). - drm/i915/gem: add missing else (bsc#1012628). - platform/x86: ideapad-laptop: Add allow_v4_dytc module parameter (bsc#1012628). - drm/msm/dpu: Increment vsync_cnt before waking up userspace (bsc#1012628). - cifs: fix minor compile warning (bsc#1012628). - net: tun: avoid disabling NAPI twice (bsc#1012628). - mlxsw: spectrum_router: Fix rollback in tunnel next hop init (bsc#1012628). - ipv6: fix lockdep splat in in6_dump_addrs() (bsc#1012628). - ipv6/sit: fix ipip6_tunnel_get_prl return value (bsc#1012628). - nvmet: add a clear_ids attribute for passthru targets (bsc#1012628). - fanotify: refine the validation checks on non-dir inode mask (bsc#1012628). - tunnels: do not assume mac header is set in skb_tunnel_check_pmtu() (bsc#1012628). - ACPI: video: Change how we determine if brightness key-presses are handled (bsc#1012628). - nvmet-tcp: fix regression in data_digest calculation (bsc#1012628). - tcp: add a missing nf_reset_ct() in 3WHS handling (bsc#1012628). - cpufreq: qcom-hw: Don't do lmh things without a throttle interrupt (bsc#1012628). - epic100: fix use after free on rmmod (bsc#1012628). - tipc: move bc link creation back to tipc_node_create (bsc#1012628). - NFC: nxp-nci: Don't issue a zero length i2c_master_read() (bsc#1012628). - nfc: nfcmrvl: Fix irq_of_parse_and_map() return value (bsc#1012628). - platform/x86: ideapad-laptop: Add Ideapad 5 15ITL05 to ideapad_dytc_v4_allow_table[] (bsc#1012628). - platform/x86: thinkpad_acpi: Fix a memory leak of EFCH MMIO resource (bsc#1012628). - powerpc/memhotplug: Add add_pages override for PPC (bsc#1012628). - Update config files. - net: dsa: felix: fix race between reading PSFP stats and port stats (bsc#1012628). - net: bonding: fix use-after-free after 802.3ad slave unbind (bsc#1012628). - selftests net: fix kselftest net fatal error (bsc#1012628). - net: phy: ax88772a: fix lost pause advertisement configuration (bsc#1012628). - net: bonding: fix possible NULL deref in rlb code (bsc#1012628). - net: asix: fix "can't send until first packet is send" issue (bsc#1012628). - net/sched: act_api: Notify user space if any actions were flushed before error (bsc#1012628). - net/dsa/hirschmann: Add missing of_node_get() in hellcreek_led_setup() (bsc#1012628). - netfilter: nft_dynset: restore set element counter when failing to update (bsc#1012628). - s390: remove unneeded 'select BUILD_BIN2C' (bsc#1012628). - vdpa/mlx5: Update Control VQ callback information (bsc#1012628). - lib/sbitmap: Fix invalid loop in __sbitmap_queue_get_batch() (bsc#1012628). - PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events (bsc#1012628). - io_uring: ensure that send/sendmsg and recv/recvmsg check sqe->ioprio (bsc#1012628). - caif_virtio: fix race between virtio_device_ready() and ndo_open() (bsc#1012628). - vfs: fix copy_file_range() regression in cross-fs copies (bsc#1012628). - NFSv4: Add an fattr allocation to _nfs4_discover_trunking() (bsc#1012628). - NFSD: restore EINVAL error translation in nfsd_commit() (bsc#1012628). - NFS: restore module put when manager exits (bsc#1012628). - net: ipv6: unexport __init-annotated seg6_hmac_net_init() (bsc#1012628). - hwmon: (occ) Prevent power cap command overwriting poll response (bsc#1012628). - selftests: mptcp: Initialize variables to quiet gcc 12 warnings (bsc#1012628). - mptcp: fix conflict with <netinet/in.h> (bsc#1012628). - selftests: mptcp: more stable diag tests (bsc#1012628). - mptcp: fix race on unaccepted mptcp sockets (bsc#1012628). - usbnet: fix memory allocation in helpers (bsc#1012628). - net: usb: asix: do not force pause frames support (bsc#1012628). - linux/dim: Fix divide by 0 in RDMA DIM (bsc#1012628). - RDMA/cm: Fix memory leak in ib_cm_insert_listen (bsc#1012628). - RDMA/qedr: Fix reporting QP timeout attribute (bsc#1012628). - net: dp83822: disable rx error interrupt (bsc#1012628). - net: dp83822: disable false carrier interrupt (bsc#1012628). - net: fix IFF_TX_SKB_NO_LINEAR definition (bsc#1012628). - net: tun: stop NAPI when detaching queues (bsc#1012628). - net: tun: unlink NAPI from device on destruction (bsc#1012628). - net: dsa: bcm_sf2: force pause link settings (bsc#1012628). - selftests/net: pass ipv6_args to udpgso_bench's IPv6 TCP test (bsc#1012628). - virtio-net: fix race between ndo_open() and virtio_device_ready() (bsc#1012628). - net: usb: ax88179_178a: Fix packet receiving (bsc#1012628). - net: rose: fix UAF bugs caused by timer handler (bsc#1012628). - SUNRPC: Fix READ_PLUS crasher (bsc#1012628). - dm raid: fix KASAN warning in raid5_add_disks (bsc#1012628). - dm raid: fix accesses beyond end of raid member array (bsc#1012628). - cpufreq: amd-pstate: Add resume and suspend callbacks (bsc#1012628). - powerpc/bpf: Fix use of user_pt_regs in uapi (bsc#1012628). - powerpc/book3e: Fix PUD allocation size in map_kernel_page() (bsc#1012628). - powerpc/prom_init: Fix kernel config grep (bsc#1012628). - parisc/unaligned: Fix emulate_ldw() breakage (bsc#1012628). - parisc: Fix vDSO signal breakage on 32-bit kernel (bsc#1012628). - ceph: wait on async create before checking caps for syncfs (bsc#1012628). - nvdimm: Fix badblocks clear off-by-one error (bsc#1012628). - nvme-pci: add NVME_QUIRK_BOGUS_NID for ADATA IM2P33F8ABR1 (bsc#1012628). - nvme-pci: add NVME_QUIRK_BOGUS_NID for ADATA XPG SX6000LNP (AKA SPECTRIX S40G) (bsc#1012628). - s390/archrandom: simplify back to earlier design and initialize earlier (bsc#1012628). - net: phy: Don't trigger state machine while in suspend (bsc#1012628). - ipv6: take care of disable_policy when restoring routes (bsc#1012628). - ksmbd: use vfs_llseek instead of dereferencing NULL (bsc#1012628). - ksmbd: check invalid FileOffset and BeyondFinalZero in FSCTL_ZERO_DATA (bsc#1012628). - ksmbd: set the range of bytes to zero without extending file size in FSCTL_ZERO_DATA (bsc#1012628). - drm/amdgpu: To flush tlb for MMHUB of RAVEN series (bsc#1012628). - Revert "drm/amdgpu/display: set vblank_disable_immediate for DC" (bsc#1012628). - drm/amdgpu: fix adev variable used in amdgpu_device_gpu_recover() (bsc#1012628). - commit 97c4fd2 ==== keylime ==== Version update (6.4.1 -> 6.4.2) Subpackages: keylime-agent keylime-config keylime-firewalld keylime-logrotate keylime-registrar keylime-tpm_cert_store keylime-verifier python310-keylime - Replace python-gpg requirement - Fix consolidation for _distconfdir and _sysconfdir macro - Update to version v6.4.2: * Bump version # to 6.4.2 * Use python3-gpg instead of python3-gnupg * Update Packit CI tests to test both agent and zeromq revocation notifiers * ima_ast: Make entry parsing stricter * ima_ast: Calculate length of "n" and "n-ng" in bytes * Fix broken URLs in README (Additional Reading) * Remove CFSSL leftovers * signing: move exception handing to verify_signature() * Set revocation_notifiers = agent as default in keylime.conf * cloud_verifier: Support /notifications/revocation REST API * keylime_agent: Support /notifications/revocation REST method * revocation_notifier: Factor out revocation message processing * keylime: initialize supplementary groups when dropping privileges * Refactor allowlist processing to enable verifier-side signature checks * Full removal of the tenant WebApp * update roadmap for 2022 and 2023 * docs: make Python requirements less strict * docs: update API documentation for 2.1, add missing fields for agent quote * Add python3-alembic to distros * Update fmf plans to run test with IMA policy * Drop SPDX-License-Identifier header * Adjust CI test name according to keylime-tests PR#125 * ci: Run lint with Python 3.6 as well * [trivial]: fix style of recently added docs files * Improve error handling when doing signature verification * Fix coverage file paths in submit-HEAD-coverage workflow * Adding files from keylime-docs into main repo - Fix keylime service home directory - Adjust the directory for the TPM certificates ==== konsole ==== Subpackages: konsole-part konsole-part-lang - Add patch to fix editing imported SSH hosts (kde#455290): * 0001-Fix-error-when-trying-to-edit-the-editable-parts-of-.patch ==== libselinux ==== Subpackages: libselinux1 selinux-tools - Fixed initrd check in selinux-ready (bnc#1186127) - Added restorecon_pin_file.patch. Fixes issus when running fixfiles/restorecon ==== libstorage-ng ==== Version update (4.5.27 -> 4.5.28) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#888 - handle rootprefix when combining information from /etc/fstab and /proc/mounts - added unit tests - avoid deprecated fuunctions - coding style - typo fix and documentation update - 4.5.28 ==== patterns-base ==== Subpackages: patterns-base-base patterns-base-bootloader patterns-base-documentation patterns-base-enhanced_base patterns-base-minimal_base patterns-base-sw_management patterns-base-x11 patterns-base-x11_enhanced - Have the base pattern recommend service(network) ==== patterns-microos ==== Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-base-microdnf patterns-microos-base-packagekit patterns-microos-base-zypper patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-desktop-common patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-ra_agent patterns-microos-ra_verifier patterns-microos-selinux patterns-microos-sssd_ldap - Use gnome-initial-setup for configuring user on firstboot of MicroOS Desktop - Add firewalld to the DVD pattern as YaST can be used to configure it during installation (boo#1200741) ==== perl ==== Subpackages: perl-base - move builtin.pm to perl-base as File::Copy relies on it since last update. This fixes execution of builtime source services in OBS. ==== pipewire ==== Version update (0.3.54 -> 0.3.55) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-lang pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Add patch to fix audio after tty switching (boo#1201349): * 0002-spa-alsa-udev-Check-accessibility-of-pcm-devices-as-well.patch - Update to version 0.3.55: * Highlights - Fix some more critical bugs in the new audioconvert and the queueing in pw-stream that causes stuttering and hickups. - HFP hardware volumes are now saved and restored. - Format conversions and mixing was improved. - Small bug fixes and improvements. * PipeWire - The queueing in pw-stream was improved with support for buffer prefetch in asynchronous mode. - Add a pw-filter unit test. * tools - pw-midiplay should now work again after improvements in pw-stream. * modules - The RAOP module was improved to support auth_setup. - The RAOP module should now handle timing packets better. - Add some more filter-chain examples. - The filter-chain now has a separate config file with the boilerplate settings. The examples are now just config snippets that can be dropped in .conf.d/ directories, such as the filter-chain.conf.d/ one. - Start suggesting to use target.object instead of node.target in docs and examples. * SPA - Use the cosh window again for the resampler. It should now give better resampler quality. - Rework the mixer functions. They were rewritten for higher precision and better performance. Add unit tests and benchmarks. - Improve format conversion for 32bits for avoid errors in clang because of undefined behaviour at extreme ranges. - Fix a bug in audioconvert where it would not consume the right amount of samples when the resampler was disabled. This could cause skipping and hickups. - Fix bug in audioconvert where it would try to convert the input samples multiple times, causing strange artefacts when upmixing. - Be more strict about valid JSON floats. - device.vendor.id and device.product.id should now always show up in 0xXXXX format and should not be converted to floats in pw-dump anymore. - Add triangular dither, add unit tests for noise generation, add some more optimisations. * Bluetooth - HFP and A2DP now expose different routes and thus can have different volumes. - HW Volumes for HFP are now synchronised better. Volume changes from HW buttons are now also saved. - Rebase reduce-meson-dependency.patch. - Add 0001-jack-only-mix-when-we-have-input-to-mix.patch: Fix an Ardour start-up crash. ==== python-html5lib ==== - Remove BuildRequires on mock. ==== selinux-policy ==== Version update (20220624 -> 20220714) Subpackages: selinux-policy-targeted - Update to version 20220714. Refreshed: * fix_init.patch * fix_systemd_watch.patch ==== suse-module-tools ==== Version update (16.0.21 -> 16.0.22) - Update to version 16.0.22: * weak-modules2: only use kernel version under /run/regenerate-initrd (boo#1201387) ==== sysconfig ==== Version update (0.85.8 -> 0.90.0) Subpackages: sysconfig-netconfig - version 0.90.0 - sysconfig: cleanup network and wicked dependencies - ppp: move /etc/ppp/ip-up to libexec directory - spec: move further executables/scripts to /usr - spec: revert to recommend wicked-service on <= 15.4 - spec: install scripts except of ip-up bellow of /usr - spec: drop (sle11) legacy migration and rpm-utils - ifuser: drop the artefact utility on >= 15.5 - netconfig/dns-resolver: remove search limit of 6 domains (bsc#1199093) - netconfig: cleanup /var/run leftovers (bsc#1194557) - netconfig: update ntp man page documentation, fix typos - netconfig: move scripts to a FHS conform libexec ==== wireplumber ==== Subpackages: libwireplumber-0_4-0 wireplumber-audio wireplumber-lang - Add patch to fix crash on session end: * 0001-dbus-fix-crash-when-trying-to-reconnect.patch ==== yast2-services-manager ==== Version update (4.5.0 -> 4.5.1) - Explicitly pull in systemctl for buildtime tests (jsc#SMO-84) - 4.5.1

1 0

New ARM MicroOS snapshot 20220715 released!
by Guillaume Gardet 19 Jul '22

19 Jul '22

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: autoyast2 (4.5.1 -> 4.5.2) bluedevil5 (5.25.2 -> 5.25.3) breeze (5.25.2 -> 5.25.3) breeze-gtk (5.25.2 -> 5.25.3) containers-systemd (0.0+git20220710.f290756 -> 0.0+git20220713.967c6f4) discover (5.25.2 -> 5.25.3) drkonqi5 (5.25.2 -> 5.25.3) gnome-desktop (42.2 -> 42.3) hwdata (0.360 -> 0.361) kactivitymanagerd (5.25.2 -> 5.25.3) kcm_sddm (5.25.2 -> 5.25.3) kde-cli-tools5 (5.25.2 -> 5.25.3) kde-gtk-config5 (5.25.2 -> 5.25.3) kernel-source (5.18.9 -> 5.18.11) kgamma5 (5.25.2 -> 5.25.3) khotkeys5 (5.25.2 -> 5.25.3) kinfocenter5 (5.25.2 -> 5.25.3) kmenuedit5 (5.25.2 -> 5.25.3) kscreen5 (5.25.2 -> 5.25.3) kscreenlocker (5.25.2 -> 5.25.3) ksshaskpass5 (5.25.2 -> 5.25.3) ksystemstats5 (5.25.2 -> 5.25.3) kwayland-integration (5.25.2 -> 5.25.3) kwin5 (5.25.2 -> 5.25.3) kwrited5 (5.25.2 -> 5.25.3) layer-shell-qt (5.25.2 -> 5.25.3) libadwaita (1.1.2 -> 1.1.3) libaio (0.3.112+29.696a5e6483ba -> 0.3.113) libhandy (1.6.2 -> 1.6.3) libidn2 (2.3.2 -> 2.3.3) libkdecoration2 (5.25.2 -> 5.25.3) libkscreen2 (5.25.2 -> 5.25.3) libksysguard5 (5.25.2 -> 5.25.3) libnettle (3.7.3 -> 3.8) milou5 (5.25.2 -> 5.25.3) mpg123 (1.30.0 -> 1.30.1) ncurses (6.3.20220618 -> 6.3.20220709) net-snmp nghttp2 (1.47.0 -> 1.48.0) oxygen5-sounds (5.25.2 -> 5.25.3) patterns-base patterns-fonts patterns-microos perl (5.34.1 -> 5.36.0) perl-URI (5.10 -> 5.12) plasma-browser-integration (5.25.2 -> 5.25.3) plasma-nm5 (5.25.2 -> 5.25.3) plasma5-addons (5.25.2 -> 5.25.3) plasma5-desktop (5.25.2 -> 5.25.3) plasma5-disks (5.25.2 -> 5.25.3) plasma5-integration (5.25.2 -> 5.25.3) plasma5-openSUSE plasma5-pa (5.25.2 -> 5.25.3) plasma5-systemmonitor (5.25.2 -> 5.25.3) plasma5-thunderbolt (5.25.2 -> 5.25.3) plasma5-workspace (5.25.2 -> 5.25.3) plymouth polkit-kde-agent-5 (5.25.2 -> 5.25.3) powerdevil5 (5.25.2 -> 5.25.3) python-M2Crypto python-ipykernel (6.15.0 -> 6.15.1) python-pycares (4.0.0 -> 4.2.1) python-terminado (0.13.3 -> 0.15.0) redis (7.0.2 -> 7.0.3) rubygem-ruby-dbus (0.18.0.beta8 -> 0.18.1) selinux-policy speex (1.2 -> 1.2.1) sqlite3 (3.38.5 -> 3.39.0) suse-module-tools (16.0.20 -> 16.0.21) sysconfig (0.85.8 -> 0.90.0) systemd (250.6 -> 251.2) systemsettings5 (5.25.2 -> 5.25.3) texlive tpm2-0-tss (3.1.0 -> 3.2.0) tpm2.0-tools u-boot-rpiarm64 (2022.04 -> 2022.07) wavpack (5.4.0 -> 5.5.0) xdg-desktop-portal-kde (5.25.2 -> 5.25.3) xmessage (1.0.5 -> 1.0.6) xorg-x11-fonts xorg-x11-fonts-converted xorg-x11-server xwayland (22.1.2 -> 22.1.3) yast2-perl-bindings (4.5.0 -> 4.5.1) yast2-services-manager (4.5.0 -> 4.5.1) === Details === ==== autoyast2 ==== Version update (4.5.1 -> 4.5.2) - Run the registration step early only on the Online installation medium which does not provide any packages. On the other media run the registration step later. Fixes crash in the SLE Micro when the AutoYaST profile enables the registration step. (bsc#1200803) - 4.5.2 ==== bluedevil5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: bluedevil5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== breeze ==== Version update (5.25.2 -> 5.25.3) Subpackages: breeze5-cursors breeze5-decoration breeze5-style breeze5-style-lang breeze5-wallpapers libbreezecommon5-5 - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== breeze-gtk ==== Version update (5.25.2 -> 5.25.3) Subpackages: gtk2-metatheme-breeze gtk3-metatheme-breeze metatheme-breeze-common - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== containers-systemd ==== Version update (0.0+git20220710.f290756 -> 0.0+git20220713.967c6f4) - Update to version 0.0+git20220713.967c6f4: * Add submission/smtps support for postfix ==== discover ==== Version update (5.25.2 -> 5.25.3) Subpackages: discover-backend-flatpak discover-backend-fwupd discover-backend-packagekit discover-lang discover-notifier - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - Changes since 5.25.2: * ApplicationResourceButton: switch to individual ToolTip instances (kde#456129) ==== drkonqi5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: drkonqi5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== gnome-desktop ==== Version update (42.2 -> 42.3) Subpackages: gnome-version libgnome-desktop-3-19 libgnome-desktop-3_0-common libgnome-desktop-4-1 typelib-1_0-GnomeDesktop-3_0 - Update to version 42.3: + No changes, version bump only. ==== hwdata ==== Version update (0.360 -> 0.361) - update to 0.361: + Updated pci, usb and vendor ids. ==== kactivitymanagerd ==== Version update (5.25.2 -> 5.25.3) Subpackages: kactivitymanagerd-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== kcm_sddm ==== Version update (5.25.2 -> 5.25.3) Subpackages: kcm_sddm-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== kde-cli-tools5 ==== Version update (5.25.2 -> 5.25.3) - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - Changes since 5.25.2: * Fix DBus name for KPluginMetaData based KCMs (kde#455943) ==== kde-gtk-config5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: kde-gtk-config5-gtk3 - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== kernel-source ==== Version update (5.18.9 -> 5.18.11) - Refresh patches.suse/0001-drm-aperture-Run-fbdev-removal-before-internal-helpe.patch. Update upstream status. - commit 4fcb983 - x86/mm: Simplify RESERVE_BRK() (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - commit da1381f - x86/entry: Remove UNTRAIN_RET from native_irq_return_ldt (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - commit ce3ce6a - Refresh patches.suse/x86-kvm-fix-FASTOP_SIZE-when-return-thunks-are-enabl.patch. Update to upstream version. - commit 3f7e318 - x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit (bsc#1199657 CVE-2022-29900 CVE-2022-29901). Update upstream status. - commit eae54b1 - tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() (bsc#1198829 CVE-2022-1462). - tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push() (bsc#1198829 CVE-2022-1462). - commit cec52d3 - x86/kvm: fix FASTOP_SIZE when return thunks are enabled (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - commit 86ef7b4 - x86/asm/32: fix ANNOTATE_UNRET_SAFE use on 32bit (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/static_call: Serialize __static_call_fixup() properly (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/speculation: Disable RRSBA behavior (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/kexec: Disable RET on kexec (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/entry: Move PUSH_AND_CLEAR_REGS() back into error_entry (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/bugs: Add Cannon lake to RETBleed affected CPU list (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - commit 834606b - x86/retbleed: Add fine grained Kconfig knobs (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - Update config files. - commit 9dbc2f6 - x86/cpu/amd: Enumerate BTC_NO (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/common: Stamp out the stepping madness (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - KVM: VMX: Prevent RSB underflow before vmenter (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/speculation: Fill RSB on vmexit for IBRS (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - KVM: VMX: Fix IBRS handling after vmexit (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - KVM: VMX: Convert launched argument to flags (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - KVM: VMX: Flatten __vmx_vcpu_run() (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - objtool: Re-add UNWIND_HINT_{SAVE_RESTORE} (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/speculation: Remove x86_spec_ctrl_mask (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/speculation: Fix SPEC_CTRL write on SMT state change (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/speculation: Fix firmware entry SPEC_CTRL handling (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/cpu/amd: Add Spectral Chicken (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - objtool: Add entry UNRET validation (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/bugs: Do IBPB fallback check only once (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/bugs: Add retbleed=ibpb (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/xen: Add UNTRAIN_RET (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/xen: Rename SYS* entry points (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - objtool: Update Retpoline validation (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - intel_idle: Disable IBRS during long idle (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/bugs: Report Intel retbleed vulnerability (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/bugs: Optimize SPEC_CTRL MSR writes (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/entry: Add kernel IBRS implementation (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/bugs: Enable STIBP for JMP2RET (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - commit 023a0b9 - x86/bugs: Add AMD retbleed= boot parameter (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - Update config files. - commit a4a04c4 - x86/bugs: Report AMD retbleed vulnerability (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86: Add magic AMD return-thunk (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - objtool: Treat .text.__x86.* as noinstr (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/entry: Avoid very early RET (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86: Use return-thunk in asm code (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/sev: Avoid using __x86_return_thunk (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/vsyscall_emu/64: Don't use RET in vsyscall emulation (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/kvm: Fix SETcc emulation for return thunks (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/bpf: Use alternative RET encoding (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/ftrace: Use alternative RET encoding (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86,static_call: Use alternative RET encoding (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - objtool: skip non-text sections when adding return-thunk sites (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86,objtool: Create .return_sites (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86: Undo return-thunk damage (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/retpoline: Use -mfunction-return (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/retpoline: Swizzle retpoline thunk (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/retpoline: Cleanup some #ifdefery (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/cpufeatures: Move RETPOLINE flags to word 11 (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/kvm/vmx: Make noinstr clean (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/entry: Remove skip_r11rcx (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/entry: Don't call error_entry() for XENPV (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry() (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/entry: Switch the stack after error_entry() returns (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - x86/traps: Use pt_regs directly in fixup_bad_iret() (bsc#1199657 CVE-2022-29900 CVE-2022-29901). - commit bc4fd7c - Linux 5.18.11 (bsc#1012628). - io_uring: fix provided buffer import (bsc#1012628). - ALSA: usb-audio: Workarounds for Behringer UMC 204/404 HD (bsc#1012628). - ALSA: hda/realtek: Add quirk for Clevo L140PU (bsc#1012628). - ALSA: cs46xx: Fix missing snd_card_free() call at probe error (bsc#1012628). - can: bcm: use call_rcu() instead of costly synchronize_rcu() (bsc#1012628). - can: grcan: grcan_probe(): remove extra of_node_get() (bsc#1012628). - can: gs_usb: gs_usb_open/close(): fix memory leak (bsc#1012628). - can: m_can: m_can_chip_config(): actually enable internal timestamping (bsc#1012628). - can: m_can: m_can_{read_fifo,echo_tx_event}(): shift timestamp to full 32 bits (bsc#1012628). - can: kvaser_usb: replace run-time checks with struct kvaser_usb_driver_info (bsc#1012628). - can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency regression (bsc#1012628). - can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits (bsc#1012628). - can: mcp251xfd: mcp251xfd_regmap_crc_read(): improve workaround handling for mcp2517fd (bsc#1012628). - can: mcp251xfd: mcp251xfd_regmap_crc_read(): update workaround broken CRC on TBC register (bsc#1012628). - can: mcp251xfd: mcp251xfd_stop(): add missing hrtimer_cancel() (bsc#1012628). - bpf: Fix incorrect verifier simulation around jmp32's jeq/jne (bsc#1012628). - bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals (bsc#1012628). - usbnet: fix memory leak in error case (bsc#1012628). - net: rose: fix UAF bug caused by rose_t0timer_expiry (bsc#1012628). - net: lan966x: hardcode the number of external ports (bsc#1012628). - netfilter: nft_set_pipapo: release elements in clone from abort path (bsc#1012628). - selftests/net: fix section name when using xdp_dummy.o (bsc#1012628). - can: mcp251xfd: mcp251xfd_register_get_dev_id(): use correct length to read dev_id (bsc#1012628). - can: mcp251xfd: mcp251xfd_register_get_dev_id(): fix endianness conversion (bsc#1012628). - can: rcar_canfd: Fix data transmission failed on R-Car V3U (bsc#1012628). - ASoC: qdsp6: q6apm-dai: unprepare stream if its already prepared (bsc#1012628). - MAINTAINERS: Remove iommu(a)lists.linux-foundation.org (bsc#1012628). - iommu/vt-d: Fix PCI bus rescan device hot add (bsc#1012628). - iommu/vt-d: Fix RID2PASID setup/teardown failure (bsc#1012628). - cxl/mbox: Use __le32 in get,set_lsa mailbox structures (bsc#1012628). - cxl: Fix cleanup of port devices on failure to probe driver (bsc#1012628). - fbdev: fbmem: Fix logo center image dx issue (bsc#1012628). - fbmem: Check virtual screen sizes in fb_set_var() (bsc#1012628). - fbcon: Disallow setting font bigger than screen size (bsc#1012628). - fbcon: Prevent that screen size is smaller than font size (bsc#1012628). - PM: runtime: Redefine pm_runtime_release_supplier() (bsc#1012628). - PM: runtime: Fix supplier device management during consumer probe (bsc#1012628). - memregion: Fix memregion_free() fallback definition (bsc#1012628). - video: of_display_timing.h: include errno.h (bsc#1012628). - fscache: Fix invalidation/lookup race (bsc#1012628). - fscache: Fix if condition in fscache_wait_on_volume_collision() (bsc#1012628). - powerpc/powernv: delay rng platform device creation until later in boot (bsc#1012628). - net: dsa: qca8k: reset cpu port on MTU change (bsc#1012628). - ARM: meson: Fix refcount leak in meson_smp_prepare_cpus (bsc#1012628). - pinctrl: sunxi: a83t: Fix NAND function name for some pins (bsc#1012628). - srcu: Tighten cleanup_srcu_struct() GP checks (bsc#1012628). - ASoC: rt711: Add endianness flag in snd_soc_component_driver (bsc#1012628). - ASoC: rt711-sdca: Add endianness flag in snd_soc_component_driver (bsc#1012628). - ASoC: codecs: rt700/rt711/rt711-sdca: resume bus/codec in .set_jack_detect (bsc#1012628). - ASoC: SOF: ipc3-topology: Move and correct size checks in sof_ipc3_control_load_bytes() (bsc#1012628). - ASoC: SOF: Intel: hda: Fix compressed stream position tracking (bsc#1012628). - arm64: dts: qcom: sm8450: fix interconnects property of UFS node (bsc#1012628). - arm64: dts: qcom: msm8994: Fix CPU6/7 reg values (bsc#1012628). - arm64: dts: qcom: sdm845: use dispcc AHB clock for mdss node (bsc#1012628). - ARM: mxs_defconfig: Enable the framebuffer (bsc#1012628). - arm64: dts: imx8mp-evk: correct mmc pad settings (bsc#1012628). - arm64: dts: imx8mp-evk: correct the uart2 pinctl value (bsc#1012628). - arm64: dts: imx8mp-evk: correct gpio-led pad settings (bsc#1012628). - arm64: dts: imx8mp-evk: correct vbus pad settings (bsc#1012628). - arm64: dts: imx8mp-evk: correct eqos pad settings (bsc#1012628). - arm64: dts: imx8mp-evk: correct I2C5 pad settings (bsc#1012628). - arm64: dts: imx8mp-evk: correct I2C1 pad settings (bsc#1012628). - arm64: dts: imx8mp-evk: correct I2C3 pad settings (bsc#1012628). - arm64: dts: imx8mp-phyboard-pollux-rdk: correct uart pad settings (bsc#1012628). - arm64: dts: imx8mp-phyboard-pollux-rdk: correct eqos pad settings (bsc#1012628). - arm64: dts: imx8mp-phyboard-pollux-rdk: correct i2c2 & mmc settings (bsc#1012628). - pinctrl: sunxi: sunxi_pconf_set: use correct offset (bsc#1012628). - arm64: dts: qcom: msm8992-*: Fix vdd_lvs1_2-supply typo (bsc#1012628). - ARM: at91: pm: use proper compatible for sama5d2's rtc (bsc#1012628). - ARM: at91: pm: use proper compatibles for sam9x60's rtc and rtt (bsc#1012628). - ARM: at91: pm: use proper compatibles for sama7g5's rtc and rtt (bsc#1012628). - ARM: dts: at91: sam9x60ek: fix eeprom compatible and size (bsc#1012628). - ARM: dts: at91: sama5d2_icp: fix eeprom compatibles (bsc#1012628). - ARM: at91: fix soc detection for SAM9X60 SiPs (bsc#1012628). - xsk: Clear page contiguity bit when unmapping pool (bsc#1012628). - i2c: piix4: Fix a memory leak in the EFCH MMIO support (bsc#1012628). - i40e: Fix dropped jumbo frames statistics (bsc#1012628). - i40e: Fix VF's MAC Address change on VM (bsc#1012628). - ARM: dts: stm32: add missing usbh clock and fix clk order on stm32mp15 (bsc#1012628). - ibmvnic: Properly dispose of all skbs during a failover (bsc#1012628). - selftests: forwarding: fix flood_unicast_test when h2 supports IFF_UNICAST_FLT (bsc#1012628). - selftests: forwarding: fix learning_test when h1 supports IFF_UNICAST_FLT (bsc#1012628). - selftests: forwarding: fix error message in learning_test (bsc#1012628). - ACPI: CPPC: Check _OSC for flexible address space (bsc#1012628). - ACPI: bus: Set CPPC _OSC bits for all and when CPPC_LIB is supported (bsc#1012628). - ACPI: CPPC: Only probe for _CPC if CPPC v2 is acked (bsc#1012628). - ACPI: CPPC: Don't require _OSC if X86_FEATURE_CPPC is supported (bsc#1012628). - net/mlx5e: Fix matchall police parameters validation (bsc#1012628). - mptcp: Avoid acquiring PM lock for subflow priority changes (bsc#1012628). - mptcp: Acquire the subflow socket lock before modifying MP_PRIO flags (bsc#1012628). - mptcp: fix local endpoint accounting (bsc#1012628). - r8169: fix accessing unset transport header (bsc#1012628). - i2c: cadence: Unregister the clk notifier in error path (bsc#1012628). - net/sched: act_api: Add extack to offload_act_setup() callback (bsc#1012628). - net/sched: act_police: Add extack messages for offload failure (bsc#1012628). - net/sched: act_police: allow 'continue' action offload (bsc#1012628). - dmaengine: imx-sdma: Allow imx8m for imx7 FW revs (bsc#1012628). - dmaengine: imx-sdma: only restart cyclic channel when enabled (bsc#1012628). - misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer (bsc#1012628). - misc: rtsx_usb: use separate command and response buffers (bsc#1012628). - misc: rtsx_usb: set return value in rsp_buf alloc err path (bsc#1012628). - dmaengine: dw-axi-dmac: Fix RMW on channel suspend register (bsc#1012628). - dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typo (bsc#1012628). - ida: don't use BUG_ON() for debugging (bsc#1012628). - dmaengine: pl330: Fix lockdep warning about non-static key (bsc#1012628). - dmaengine: lgm: Fix an error handling path in intel_ldma_probe() (bsc#1012628). - dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly (bsc#1012628). - dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate (bsc#1012628). - dmaengine: qcom: bam_dma: fix runtime PM underflow (bsc#1012628). - dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate (bsc#1012628). - dmaengine: idxd: force wq context cleanup on device disable path (bsc#1012628). - commit 0e7e901 - Linux 5.18.10 (bsc#1012628). - xen/arm: Fix race in RB-tree based P2M accounting (bsc#1012628). - xen-netfront: restore __skb_queue_tail() positioning in xennet_get_responses() (bsc#1012628). - xen/blkfront: force data bouncing when backend is untrusted (bsc#1012628). - xen/netfront: force data bouncing when backend is untrusted (bsc#1012628). - xen/netfront: fix leaking data in shared pages (bsc#1012628). - xen/blkfront: fix leaking data in shared pages (bsc#1012628). - hwmon: (ibmaem) don't call platform_device_del() if platform_device_add() fails (bsc#1012628). - net: sparx5: mdb add/del handle non-sparx5 devices (bsc#1012628). - net: sparx5: Add handling of host MDB entries (bsc#1012628). - drm/fourcc: fix integer type usage in uapi header (bsc#1012628). - platform/x86: panasonic-laptop: filter out duplicate volume up/down/mute keypresses (bsc#1012628). - platform/x86: panasonic-laptop: don't report duplicate brightness key-presses (bsc#1012628). - platform/x86: panasonic-laptop: revert "Resolve hotkey double trigger bug" (bsc#1012628). - platform/x86: panasonic-laptop: sort includes alphabetically (bsc#1012628). - platform/x86: panasonic-laptop: de-obfuscate button codes (bsc#1012628). - drivers: cpufreq: Add missing of_node_put() in qoriq-cpufreq.c (bsc#1012628). - drm/msm/gem: Fix error return on fence id alloc fail (bsc#1012628). - drm/i915/dgfx: Disable d3cold at gfx root port (bsc#1012628). - drm/i915/gem: add missing else (bsc#1012628). - platform/x86: ideapad-laptop: Add allow_v4_dytc module parameter (bsc#1012628). - drm/msm/dpu: Increment vsync_cnt before waking up userspace (bsc#1012628). - cifs: fix minor compile warning (bsc#1012628). - net: tun: avoid disabling NAPI twice (bsc#1012628). - mlxsw: spectrum_router: Fix rollback in tunnel next hop init (bsc#1012628). - ipv6: fix lockdep splat in in6_dump_addrs() (bsc#1012628). - ipv6/sit: fix ipip6_tunnel_get_prl return value (bsc#1012628). - nvmet: add a clear_ids attribute for passthru targets (bsc#1012628). - fanotify: refine the validation checks on non-dir inode mask (bsc#1012628). - tunnels: do not assume mac header is set in skb_tunnel_check_pmtu() (bsc#1012628). - ACPI: video: Change how we determine if brightness key-presses are handled (bsc#1012628). - nvmet-tcp: fix regression in data_digest calculation (bsc#1012628). - tcp: add a missing nf_reset_ct() in 3WHS handling (bsc#1012628). - cpufreq: qcom-hw: Don't do lmh things without a throttle interrupt (bsc#1012628). - epic100: fix use after free on rmmod (bsc#1012628). - tipc: move bc link creation back to tipc_node_create (bsc#1012628). - NFC: nxp-nci: Don't issue a zero length i2c_master_read() (bsc#1012628). - nfc: nfcmrvl: Fix irq_of_parse_and_map() return value (bsc#1012628). - platform/x86: ideapad-laptop: Add Ideapad 5 15ITL05 to ideapad_dytc_v4_allow_table[] (bsc#1012628). - platform/x86: thinkpad_acpi: Fix a memory leak of EFCH MMIO resource (bsc#1012628). - powerpc/memhotplug: Add add_pages override for PPC (bsc#1012628). - Update config files. - net: dsa: felix: fix race between reading PSFP stats and port stats (bsc#1012628). - net: bonding: fix use-after-free after 802.3ad slave unbind (bsc#1012628). - selftests net: fix kselftest net fatal error (bsc#1012628). - net: phy: ax88772a: fix lost pause advertisement configuration (bsc#1012628). - net: bonding: fix possible NULL deref in rlb code (bsc#1012628). - net: asix: fix "can't send until first packet is send" issue (bsc#1012628). - net/sched: act_api: Notify user space if any actions were flushed before error (bsc#1012628). - net/dsa/hirschmann: Add missing of_node_get() in hellcreek_led_setup() (bsc#1012628). - netfilter: nft_dynset: restore set element counter when failing to update (bsc#1012628). - s390: remove unneeded 'select BUILD_BIN2C' (bsc#1012628). - vdpa/mlx5: Update Control VQ callback information (bsc#1012628). - lib/sbitmap: Fix invalid loop in __sbitmap_queue_get_batch() (bsc#1012628). - PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events (bsc#1012628). - io_uring: ensure that send/sendmsg and recv/recvmsg check sqe->ioprio (bsc#1012628). - caif_virtio: fix race between virtio_device_ready() and ndo_open() (bsc#1012628). - vfs: fix copy_file_range() regression in cross-fs copies (bsc#1012628). - NFSv4: Add an fattr allocation to _nfs4_discover_trunking() (bsc#1012628). - NFSD: restore EINVAL error translation in nfsd_commit() (bsc#1012628). - NFS: restore module put when manager exits (bsc#1012628). - net: ipv6: unexport __init-annotated seg6_hmac_net_init() (bsc#1012628). - hwmon: (occ) Prevent power cap command overwriting poll response (bsc#1012628). - selftests: mptcp: Initialize variables to quiet gcc 12 warnings (bsc#1012628). - mptcp: fix conflict with <netinet/in.h> (bsc#1012628). - selftests: mptcp: more stable diag tests (bsc#1012628). - mptcp: fix race on unaccepted mptcp sockets (bsc#1012628). - usbnet: fix memory allocation in helpers (bsc#1012628). - net: usb: asix: do not force pause frames support (bsc#1012628). - linux/dim: Fix divide by 0 in RDMA DIM (bsc#1012628). - RDMA/cm: Fix memory leak in ib_cm_insert_listen (bsc#1012628). - RDMA/qedr: Fix reporting QP timeout attribute (bsc#1012628). - net: dp83822: disable rx error interrupt (bsc#1012628). - net: dp83822: disable false carrier interrupt (bsc#1012628). - net: fix IFF_TX_SKB_NO_LINEAR definition (bsc#1012628). - net: tun: stop NAPI when detaching queues (bsc#1012628). - net: tun: unlink NAPI from device on destruction (bsc#1012628). - net: dsa: bcm_sf2: force pause link settings (bsc#1012628). - selftests/net: pass ipv6_args to udpgso_bench's IPv6 TCP test (bsc#1012628). - virtio-net: fix race between ndo_open() and virtio_device_ready() (bsc#1012628). - net: usb: ax88179_178a: Fix packet receiving (bsc#1012628). - net: rose: fix UAF bugs caused by timer handler (bsc#1012628). - SUNRPC: Fix READ_PLUS crasher (bsc#1012628). - dm raid: fix KASAN warning in raid5_add_disks (bsc#1012628). - dm raid: fix accesses beyond end of raid member array (bsc#1012628). - cpufreq: amd-pstate: Add resume and suspend callbacks (bsc#1012628). - powerpc/bpf: Fix use of user_pt_regs in uapi (bsc#1012628). - powerpc/book3e: Fix PUD allocation size in map_kernel_page() (bsc#1012628). - powerpc/prom_init: Fix kernel config grep (bsc#1012628). - parisc/unaligned: Fix emulate_ldw() breakage (bsc#1012628). - parisc: Fix vDSO signal breakage on 32-bit kernel (bsc#1012628). - ceph: wait on async create before checking caps for syncfs (bsc#1012628). - nvdimm: Fix badblocks clear off-by-one error (bsc#1012628). - nvme-pci: add NVME_QUIRK_BOGUS_NID for ADATA IM2P33F8ABR1 (bsc#1012628). - nvme-pci: add NVME_QUIRK_BOGUS_NID for ADATA XPG SX6000LNP (AKA SPECTRIX S40G) (bsc#1012628). - s390/archrandom: simplify back to earlier design and initialize earlier (bsc#1012628). - net: phy: Don't trigger state machine while in suspend (bsc#1012628). - ipv6: take care of disable_policy when restoring routes (bsc#1012628). - ksmbd: use vfs_llseek instead of dereferencing NULL (bsc#1012628). - ksmbd: check invalid FileOffset and BeyondFinalZero in FSCTL_ZERO_DATA (bsc#1012628). - ksmbd: set the range of bytes to zero without extending file size in FSCTL_ZERO_DATA (bsc#1012628). - drm/amdgpu: To flush tlb for MMHUB of RAVEN series (bsc#1012628). - Revert "drm/amdgpu/display: set vblank_disable_immediate for DC" (bsc#1012628). - drm/amdgpu: fix adev variable used in amdgpu_device_gpu_recover() (bsc#1012628). - commit 97c4fd2 ==== kgamma5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: kgamma5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== khotkeys5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: khotkeys5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== kinfocenter5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: kinfocenter5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - Changes since 5.25.2: * Remove root Messages.sh there's no "kinfocenter" app anymore ==== kmenuedit5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: kmenuedit5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== kscreen5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: kscreen5-lang kscreen5-plasmoid - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== kscreenlocker ==== Version update (5.25.2 -> 5.25.3) Subpackages: kscreenlocker-lang libKScreenLocker5 - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== ksshaskpass5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: ksshaskpass5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== ksystemstats5 ==== Version update (5.25.2 -> 5.25.3) - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== kwayland-integration ==== Version update (5.25.2 -> 5.25.3) - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== kwin5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: kwin5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - Changes since 5.25.2: * [kcm/kwindesktop] Emit rowsChanged signal to fix default state highlighting * backends/drm: also check for properties in DrmPipeline::needsModeset (kde#455814) * backends/drm: handle disconnected but not removed connector objects properly * windowview: handle windows from other virtual desktops better * Map XdgSurface to XdgWMBase instances properly (kde#456349) * Fix flickering in slide effect with multi screen * backends/drm: don't create a new output every time * wayland: Send drm-lease-device::done event to the correct resource * backends/drm: don't remove connectors the kernel doesn't consider removed (kde#456298) * xdgactivation: Properly prevent disabled activation notifications (kde#454937) * TabBox: Do not highlight selected window for fullscreen switchers (kde#449180) * Ship kconf update script to clean animation factor from kwinrc * Fix apply button with animation slider speed * Write animation speed to kdeglobals (kde#431259) * xdgactivation: Do not notify when applications try to activate themselves * Set all timestamps for all touch events (kde#456133) * backends/drm: fix common mode generation (kde#455477) * screencast: Do not send events when moving the cursor outside the viewport * screencasting: Have cursor move frames also send damage information * screencast: Also send the header when we just send the cursor update * backends/drm: suppress logging for direct scanout (kde#456089) ==== kwrited5 ==== Version update (5.25.2 -> 5.25.3) - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== layer-shell-qt ==== Version update (5.25.2 -> 5.25.3) - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== libadwaita ==== Version update (1.1.2 -> 1.1.3) Subpackages: libadwaita-1-0 typelib-1_0-Adw-1 - Update to version 1.1.3: + AdwLeaflet: Fix a broken link in docs. + AdwPreferencesGroup: Fix accessibility labels. + AdwToast: Fix the example in docs. + Stylesheet: Add missing borders in high contrast version. ==== libaio ==== Version update (0.3.112+29.696a5e6483ba -> 0.3.113) - add fix-splice-signature.patch to fix build on 32bit - update to 0.3.113: * cases/16.t: loongarch only supports eventfd2 * Add loongarch to supported architectures in libaio.spec * Add endian detection and bit width detection for loongarch * Use generic syscall number schema for loongarch * Fix struct io_iocb_vector padding for 32bit architectures * struct io_iocb_sockaddr padding for 32bit architectures * Verify structure padding is correct at build time * harness: add test for aio poll missed events ==== libhandy ==== Version update (1.6.2 -> 1.6.3) Subpackages: libhandy-1-0 typelib-1_0-Handy-1_0 - Update to version 1.6.3: + Remove a non-existent property mention from HdyDeck docs. + Remove a leftover debug message from HdySettings. + Updated translations. ==== libidn2 ==== Version update (2.3.2 -> 2.3.3) - update to 2.3.3: * Upgrade IDNA Tables from Unicode 11 to 12 * Upgrade TR46 Tables from Unicode 13 to 14 * Updated gnulib files and various build fixes * Add self-check for the idn2 command line tool ==== libkdecoration2 ==== Version update (5.25.2 -> 5.25.3) Subpackages: libkdecorations2-5 libkdecorations2-5-lang libkdecorations2private9 - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== libkscreen2 ==== Version update (5.25.2 -> 5.25.3) Subpackages: libKF5Screen7 libkscreen2-plugin - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== libksysguard5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: ksysguardsystemstats-data libKSysGuardSystemStats1 libksysguard5-imports libksysguard5-lang libksysguard5-plugins - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== libnettle ==== Version update (3.7.3 -> 3.8) Subpackages: libhogweed6 libnettle8 - update to 3.8: This release includes a couple of new features, and many performance improvements. It adds assembly code for two more architectures: ARM64 and S390x. The new version is intended to be fully source and binary compatible with Nettle-3.6. The shared library names are libnettle.so.8.5 and libhogweed.so.6.5, with sonames libnettle.so.8 and libhogweed.so.6. New features: * AES keywrap (RFC 3394), contributed by Nicolas Mora. * SM3 hash function, contributed by Tianjia Zhang. * New functions cbc_aes128_encrypt, cbc_aes192_encrypt, cbc_aes256_encrypt. On processors where AES is fast enough, e.g., x86_64 with aesni instructions, the overhead of using Nettle's general cbc_encrypt can be significant. The new functions can be implemented in assembly, to do multiple blocks with reduced per-block overhead. Note that there's no corresponding new decrypt functions, since the general cbc_decrypt doesn't suffer from the same performance problem. Bug fixes: * Fix fat builds for x86_64 windows, these appear to never have worked. Optimizations: * New ARM64 implementation of AES, GCM, Chacha, SHA1 and SHA256, for processors supporting crypto extensions. Great speedups, and fat builds are supported. Contributed by Mamone Tarsha. * New s390x implementation of AES, GCM, Chacha, memxor, SHA1, SHA256, SHA512 and SHA3. Great speedups, and fat builds are supported. Contributed by Mamone Tarsha. * New PPC64 assembly for ecc modulo/redc operations, contributed by Amitay Isaacs, Martin Schwenke and Alastair D´Silva. * The x86_64 AES implementation using aesni instructions has been reorganized with one separate function per key size, each interleaving the processing of two blocks at a time (when the caller processes multiple blocks with each call). This gives a modest performance improvement on some processors. * Rewritten and faster x86_64 poly1305 assembly. - drop libnettle-s390x-CPACF-SHA-AES-support.patch (included in 3.8) ==== milou5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: milou5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== mpg123 ==== Version update (1.30.0 -> 1.30.1) Subpackages: libmpg123-0 mpg123-openal - Update to version 1.30.1 mpg123: * Show stderr of network helpers in -vvv mode. * Use curl --http0.9, if available, to support shoutcast v1 streams without wget (wget not needing such switch, yet). * Support file:// URLs for local access as was intended with the last release. * Give more helpful error message if neither wget nor curl are usable, also allow error messages from curl to appear when not --quiet. * Update the man page. ==== ncurses ==== Version update (6.3.20220618 -> 6.3.20220709) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20220709 + lock the prescreen data consistently in newterm, etc., for the pthreads configuration (report by Tom de Vries). - Add ncurses patch 20220703 + add consistency check in tic for u6/u7/u8/u9 and NQ capabilities. + use NQ to flag entries where the terminal does not support query and response -TD + use ansi+enq and decid+cpr in cases where the terminal probably supported the u6-u9 extension -TD + add/use apollo+vt132, xterm+alt47 -TD - Correct offsets of patches * ncurses-5.9-ibm327x.dif * ncurses-6.3.dif - Add ncurses patch 20220625 + improve man/curs_bkgd.3x, explaining that bkgdset can affect results for bkgd (report by Anton Vidovic). + correct dsl in dec+sl (report by Rajeev Pillai) -TD + add/use ansi+cpr, decid+cpr -TD - Correct offsets of patches * ncurses-5.9-ibm327x.dif * ncurses-6.3.dif ==== net-snmp ==== Subpackages: perl-SNMP snmp-mibs - Rename libsnmp40 subpackage to libsnmp39: the libraries are all having soversion 39. ==== nghttp2 ==== Version update (1.47.0 -> 1.48.0) - update to 1.48.0: * lib: Allow server to override RFC 9218 stream priority * lib: Add a server option to fallback to RFC 7540 priorities * lib: Add PRIORITY_UPDATE frame support * lib: Implement RFC 9218 extensible prioritization scheme * lib: Do not verify host field specific characters for response field * lib: No rfc7540 priorities * lib: Fix stream stall when initial window size is decreased * doc: Document how to change stream prioritization scheme * build: Compile with libressl 3.5 * build: EXTRA_DIST: List mruby files explicitly * build: Bump ngtcp2 and nghttp3 * build: Do not check application libraries if --enable-lib-only is given * src: Update default TLS cipher suites * nghttpx, h2load: Better pack UDP packets in one GSO write * nghttpx, h2load: Quic error handling * nghttpx, h2load: Fix QUIC performance regression * nghttp, nghttpd, nghttpx: Add ktls support * h2load: Send more packets without GSO per event loop * h2load: Add ktls support * nghttpd: Fix TLS read stall * nghttpx: Disable RFC 7540 priorities * nghttpx: Client always uses simpler TLS handshake * nghttpx: Add affinity-cookie-stickiness backend parameter * nghttpx: Fix broken session affinity * nghttpx: Limit CONNECTION_CLOSE and Retry under server amplification limit * integration: Go update * integration: Add go.mod * third-party: Bump llhttp to 75b45129db961e1fb3c56044e1b8f7721bfaee5d * third-party: Bump libbpf to v0.8.0 * third-party: Bump mruby to 3.1.0 * third-party: Bump neverbleed based on the latest head (GH-1708) ==== oxygen5-sounds ==== Version update (5.25.2 -> 5.25.3) - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== patterns-base ==== Subpackages: patterns-base-base patterns-base-bootloader patterns-base-documentation patterns-base-enhanced_base patterns-base-minimal_base patterns-base-sw_management patterns-base-x11 patterns-base-x11_enhanced - Have the base pattern recommend service(network) ==== patterns-fonts ==== Subpackages: patterns-fonts-fonts patterns-fonts-fonts_opt - Revert to recommend noto-sans-fonts only, noto-fonts and noto-sans-cjk-fonts are too much. ==== patterns-microos ==== Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-base-microdnf patterns-microos-base-packagekit patterns-microos-base-zypper patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-desktop-common patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-ra_agent patterns-microos-ra_verifier patterns-microos-selinux patterns-microos-sssd_ldap - Use gnome-initial-setup for configuring user on firstboot of MicroOS Desktop - Add firewalld to the DVD pattern as YaST can be used to configure it during installation (boo#1200741) ==== perl ==== Version update (5.34.1 -> 5.36.0) Subpackages: perl-base - Update to 5.36.0 * the signatures and isa features are no longer experimental and part of the v5.36 feature bundle * the v5.36 bundle also enables warnings * new '-g' command line flag (alias for -0777) * support for unicode 14.0 * regex sets are no longer considered experimental * experimental iterating over multiple values at a time * experimental new builtin module * experimental defer blocks * try/catch can now have a finally block * experimental non-ASCII delimiters for quote-like operators * a physically empty sort is now a compile-time error - Rebase perl-5.34.0.dif to perl-5.36.0.diff - Refresh perl-5.18.2-overflow.diff ==== perl-URI ==== Version update (5.10 -> 5.12) - updated to 5.12 see /usr/share/doc/packages/perl-URI/Changes 5.12 2022-07-10 23:48:50Z - Fix an issue where i.e. 'file:///tmp/###' was not properly escaped. A non-existing authority part was accidentally processed. Details: https://github.com/libwww-perl/URI/issues/102 (GH#102) (Perlbotics) - Reverts to previous behavior (5.10) for 'mailto:' scheme for escaping square brackets. 5.11 2022-07-04 20:53:38Z - Fix some typos in URI::file (GH#94) (Olaf Alders) - Escape square brackets in path (GH#100) (Perlbotics) - Fix storable.t (GH#97) (Shoichi Kaji) ==== plasma-browser-integration ==== Version update (5.25.2 -> 5.25.3) Subpackages: plasma-browser-integration-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== plasma-nm5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: plasma-nm5-lang plasma-nm5-openvpn - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== plasma5-addons ==== Version update (5.25.2 -> 5.25.3) Subpackages: plasma5-addons-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - Changes since 5.25.2: * wallpapers/potd: only pass 1920x1080 or 3840x2160 to bing provider * switchers/thumbnails: Fix icon cropped when text is large enough (kde#451997) * switchers/compact: Fix dialog sizes not getting updated (kde#422447) * switchers/thumbnailgrid: Fix layout when window count changes (kde#441241) ==== plasma5-desktop ==== Version update (5.25.2 -> 5.25.3) Subpackages: plasma5-desktop-emojier - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - Changes since 5.25.2: * [applets/pager] Round displayed window geometry to avoid size "jumps" (kde#456488) * [applets/pager] Fix switching desktops on drag & hover (kde#416878) * applets/kicker: check model count before porting old favorite items (kde#456411) * applets/kickoff: remove highlight visibility conditions (kde#448526) * Fix translation domain for KRunner KCM (kde#455624) * desktoppackage: add `Accessible.name` to email button * [kcms/componentchooser] Pass parent window to ksycoca progress dialog * applets/kickoff: fix grid delegate tooltips not appearing on hover * [kcms/tablet] Fix crash when opening KCM for the second time (kde#451233) * applets/kickoff: Prevent empty menu from opening (kde#455927) * applets/taskmanager: press space to activate task * Fixup bf55b39: change Kirigami import version to 2.19 * panel: import version of Kirigami that supports InputMethod.willShowOnActive * Make the Keyboard KCM config spare layout spinbox enable the Save button (Fixes #36) ==== plasma5-disks ==== Version update (5.25.2 -> 5.25.3) - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== plasma5-integration ==== Version update (5.25.2 -> 5.25.3) Subpackages: plasma5-integration-plugin plasma5-integration-plugin-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== plasma5-openSUSE ==== Subpackages: plasma5-defaults-openSUSE plasma5-theme-openSUSE plasma5-workspace-branding-openSUSE sddm-theme-openSUSE - Update to 5.25.3 ==== plasma5-pa ==== Version update (5.25.2 -> 5.25.3) Subpackages: plasma5-pa-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== plasma5-systemmonitor ==== Version update (5.25.2 -> 5.25.3) - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== plasma5-thunderbolt ==== Version update (5.25.2 -> 5.25.3) - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== plasma5-workspace ==== Version update (5.25.2 -> 5.25.3) Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-lang plasma5-workspace-libs xembedsniproxy - Add patch to fix the lock screen (kde#456639): * 0001-Fix-non-functional-lockscreen-due-to-bad-cherry-pick.patch - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - Changes since 5.25.2: * Guard against cursor theme changing in animation timer (kde#456526) * Fix "PanelSpacer::containmentGraphicObject()" plasmashell segfault (kde#450663) * Fix StatusNotifierItem MidClick (kde#456466) * kcms/lookandfeel: Set all defaults when saving the default package (kde#456275) * kcms/colors: Properly apply tinting to the window titlebar (kde#455395,kde#454047) * [kcms/icons] Pass parent window to ksycoca progress dialog * applets/kicker: Get rid of a separator just above title menu item (kde#449132) * Fix password field in lock screen not clearing after failed login attempt (kde#455227) ==== plymouth ==== Subpackages: libply-splash-core5 libply-splash-graphics5 libply5 plymouth-dracut plymouth-lang plymouth-plugin-label plymouth-plugin-two-step plymouth-scripts plymouth-theme-bgrt plymouth-theme-spinner - Add 0004-label-ft-fix-alignment.patch: to fix alignment with label-ft in some cases (boo#959986). ==== polkit-kde-agent-5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: polkit-kde-agent-5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== powerdevil5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: powerdevil5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== python-M2Crypto ==== - Add CVE-2020-25657-Bleichenbacher-attack.patch (CVE-2020-25657, bsc#1178829), which mitigates the Bleichenbacher timing attacks in the RSA decryption API. - Add python-M2Crypto.keyring to verify GPG signature of tarball. ==== python-ipykernel ==== Version update (6.15.0 -> 6.15.1) - specfile: * remove patch support-hatchling-14.patch (included upstream) - update to version 6.15.1: * Bugs fixed + Fix inclusion of launcher file and check in CI #964 (@blink1073) * Maintenance and upkeep improvements + [pre-commit.ci] pre-commit autoupdate #962 (@pre-commit-ci) + [pre-commit.ci] pre-commit autoupdate #961 (@pre-commit-ci) + [pre-commit.ci] pre-commit autoupdate #960 (@pre-commit-ci) ==== python-pycares ==== Version update (4.0.0 -> 4.2.1) - specfile: * update copyright year - update to version 4.2.1: * core: add flexible member to ares_addrinfo to fix c-ares 1.18 - changes from version 4.2.0: * tests: ignoring 2 tests due to dead servers * tests: updated google TXT records for an outdated test * deps: update bundled c-ares - changes from version 4.1.2: * build: add PYPIREADME.rst to manifest - changes from version 4.1.1: * misc: add PyPI README without images * misc: update c-ares URL - changes from version 4.1.0: * ci: use stable 3.10, rather than dev * core: add support for Python 3.10 * doc: fix typo in README * doc: updatee changelog * doc: uppdate README * core: add support for CAA queries * core: add support for getaddrinfo() * doc: update README * core: add ability to use the system installed c-ares ==== python-terminado ==== Version update (0.13.3 -> 0.15.0) - Update build and test requirements - specfile: * require pip, hatchling, swtich to pyproject build - update to version 0.15.0: * no changelog available - changes from version 0.14.0: * Add pre-commit * add mypy support * Switch to flit build backend * Switch to hatch backend ==== redis ==== Version update (7.0.2 -> 7.0.3) - Update to version 7.0.3 * Performance and resource utilization improvements - Optimize zset conversion on large ZRANGESTORE (#10789) - Optimize the performance of sending PING on large clusters (#10624) - Allow for faster restart of Redis in cluster mode (#10912) * INFO fields and introspection changes - Add missing sharded pubsub keychannel count to CLIENT LIST (#10895) - Add missing pubsubshard_channels field in INFO STATS (#10929) * Module API changes - Add RM_StringToULongLong and RM_CreateStringFromULongLong (#10889) - Add RM_SetClientNameById and RM_GetClientNameById (#10839) * Changes in CLI tools - Add missing cluster-port support to redis-cli --cluster (#10344) * Other General Improvements - Account sharded pubsub channels memory consumption (#10925) - Allow ECHO in loading and stale modes (#10853) - Cluster: Throw -TRYAGAIN instead of -ASK on migrating nodes for multi-key - commands when the node only has some of the keys (#9526) * Bug Fixes - TLS: Notify clients on connection shutdown (#10931) - Fsync directory while persisting AOF manifest, RDB file, and config file (#10737) - Script that made modification will not break with unexpected NOREPLICAS error (#10855) - Cluster: Fix a bug where nodes may not acknowledge a CLUSTER FAILOVER TAKEOVER - after a replica reboots (#10798) - Cluster: Fix crash during handshake and cluster shards call (#10942) * Fixes for issues in previous releases of Redis 7.0 - TLS: Fix issues with large replies (#10909) - Correctly report the startup warning for vm.overcommit_memory (#10841) - redis-server command line allow passing config name and value in the same argument (#10866) - Support --save command line argument with no value for backwards compatibility (#10866) - Fix CLUSTER RESET command regression requiring an argument (#10898) ==== rubygem-ruby-dbus ==== Version update (0.18.0.beta8 -> 0.18.1) - 0.18.1 Most important change since 0.17.0: * Introduced DBus::Data classes, use them in Properties.Get, Properties.GetAll to return correct types as declared (gh#mvidner/ruby-dbus#97). ==== selinux-policy ==== Subpackages: selinux-policy-targeted - Update fix_systemd.patch to add cap sys_admin and kernel_dgram_send for systemd_gpt_generator_t (bsc#1200911) - postfix: Label PID files and some helpers correctly (bsc#1197242) ==== speex ==== Version update (1.2 -> 1.2.1) - update to 1.2.1: * Check for _WIN32 instead of WIN32 in preprocessor checks * wav_io: check for EOF when seeking in wav (fixes hang discovered by fuzzing) * CI: add gitlab CI integration * fixed-point: make left shift macros use unsigned to avoid undefined behaviour * math_approx: use unsigned int for LCG pseudorandom generator (avoids integer overflow) * oss-fuzz: add integration and fuzzing target * speexenc: guard against invalid channel numbers) * speexdec: make left shift macros use unsigned to avoid undefined behaviour * autotools: do not use deprecated macros - drop speex-CVE-2020-23903.patch (upstream) ==== sqlite3 ==== Version update (3.38.5 -> 3.39.0) Subpackages: libsqlite3-0 sqlite3-tcl - update to 3.39.0: * Add (long overdue) support for RIGHT and FULL OUTER JOIN * Add new binary comparison operators IS NOT DISTINCT FROM and IS DISTINCT FROM that are equivalent to IS and IS NOT, respective, for compatibility with PostgreSQL and SQL standards * Add a new return code (value "3") from the sqlite3_vtab_distinct() interface that indicates a query that has both DISTINCT and ORDER BY clauses * Added the sqlite3_db_name() interface * The unix os interface resolves all symbolic links in database filenames to create a canonical name for the database before the file is opened * Defer materializing views until the materialization is actually needed, thus avoiding unnecessary work if the materialization turns out to never be used * The HAVING clause of a SELECT statement is now allowed on any aggregate query, even queries that do not have a GROUP BY clause * Many microoptimizations collectively reduce CPU cycles by about 2.3%. - drop sqlite-src-3380100-atof1.patch, included upstream - add sqlite-src-3390000-func7-pg-181.patch to skip float precision related test failures on 32 bit ==== suse-module-tools ==== Version update (16.0.20 -> 16.0.21) - Update to version 16.0.21: * kernel-scriptlets: don't pass flags to weak-modules2 (bsc#1195391) ==== sysconfig ==== Version update (0.85.8 -> 0.90.0) Subpackages: sysconfig-netconfig - version 0.90.0 - sysconfig: cleanup network and wicked dependencies - ppp: move /etc/ppp/ip-up to libexec directory - spec: move further executables/scripts to /usr - spec: revert to recommend wicked-service on <= 15.4 - spec: install scripts except of ip-up bellow of /usr - spec: drop (sle11) legacy migration and rpm-utils - ifuser: drop the artefact utility on >= 15.5 - netconfig/dns-resolver: remove search limit of 6 domains (bsc#1199093) - netconfig: cleanup /var/run leftovers (bsc#1194557) - netconfig: update ntp man page documentation, fix typos - netconfig: move scripts to a FHS conform libexec ==== systemd ==== Version update (250.6 -> 251.2) Subpackages: libsystemd0 libudev1 systemd-doc udev - pstore is no more considered as an experimental feature: move it to udev package (bsc#1197802) - Adjust rpmlintrc for shlib-policy-name-error/multibuild case so that it's not only for x86_64. - spec: %suse_version rpm macro is already reserved and has a special meaning in openSUSE distros so rename it to %archive_version instead. - Import commit e9fc337d97539fcab23078ab3e06f6b2ce3a3c8d ca0b29521f sha256: fix compilation on efi-ia32 1bbbac6a7e test: enable virtio-rng device for QEMU guests - Upgrade to v251.2 (commit 949d6bb7201dd48167ee9716ed6278764d1f4c0f) See https://github.com/openSUSE/systemd/blob/SUSE/v251/NEWS for details. This includes the following bug fixes: - upstream commit e6b169418369abbc88c8f622e02e1d704a23d4ef (bsc#1137373 bsc#1181658 bsc#1194708 bsc#1195157 bsc#1197570) * Rebased 0001-conf-parser-introduce-early-drop-ins.patch * systemd-testsuite now requires python3-pexpect due to TEST-69-SHUTDOWN relying on this module. * sysusers.d/systemd-network.conf has been moved to systemd-network sub-package since the tmpfiles configuration snippets for networkd has also been moved to this sub-package. ==== systemsettings5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: systemsettings5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== texlive ==== - Require correct perl(Biber) version - add biber-missing-semicolon.patch * supports perl 5.36 - use biber version number - use https for urls - reference full download url for biber for source verification - use negative listing approach for luajit determination ==== tpm2-0-tss ==== Version update (3.1.0 -> 3.2.0) Subpackages: libtss2-esys0 libtss2-fapi1 libtss2-mu0 libtss2-rc0 libtss2-sys1 libtss2-tcti-device0 libtss2-tctildr0 - Revert "Add version the configuration file tpm2-tss-fapi.conf" This generate whitelist problems in rpmlint. - Update to 3.2.0 + Fixed * FAPI: fix curl_url_set call * FAPI: Fix usage of curl url (Should fix Ubuntu 22.04) * Fix buffer upcast leading to misalignment * Fix check whether SM3 is available * Update git.mk to support R/O src-dir * Fixed file descriptor leak when tcti initialization failed. * 32 Bit builds of the integration tests. * Primary key creation, in some cases the unique field was not cleared before calling create primary. * Primary keys was used for signing the object were cleared after loading. So access e.g. to the certificate did not work. * Primary keys created with Fapi_Create with an auth value, the auth_value was not used in inSensitive to recreate the primary key. Now the auth value callback is used to initialize inSensitive. * The not possible usage of policies for primary keys generated with Fapi_CreatePrimary has been fixed. * An infinite loop when parsing erroneous JSON was fixed in FAPI. * A buffer overflow in ESAPI xor parameter obfuscation was fixed. * Certificates could be read only once in one application The setting the init state of the state automaton for getting certificates was fixed. * A double free when executing policy action was fixed. * A leak in Fapi_Quote was fixed. * The wrong file locking in FAPI IO was fixed. * Enable creation of tss group and user on systems with busybox for fapi. * One fapi integration test did change the auth value of the storage hierarchy. * A leak in fapi crypto with ossl3 was fixed. * Add initial camelia support to FAPI * Fix tests of fapi PCR * Fix tests of ACT functionality if not supported by pTPM * Fix compiler (unused) warning when building without debug logging * Fix leaks in error cases of integration tests * Fix memory leak after ifapi_init_primary_finish failed * Fix double-close of stream in FAPI * Fix segfault when ESYS_TR_NONE is passed to Esys_TR_GetName * Fix the authorization of hierarchy objects used in policy secret. * Fix check of qualifying data in Fapi_VerifyQuote. * Fix some leaks in FAPI error cases. * Make scripts compatible with non-posix shells where test does not know -a and -o. * Fix usage of variable not initialized when fapi keystore is empty. + Added * Add additional IFX root CAs * Added support for SM2, SM3 and SM4. * Added support for OpenSSL 3.0.0. * Added authPolicy field to the TPMU_CAPABILITIES union. * Added actData field to the TPMU_CAPABILITIES union. * Added TPM2_CAP_AUTH_POLICIES * Added TPM2_CAP_ACT constants. * Added updates to the marshalling and unmarshalling of the TPMU_CAPABILITIES union. * Added updated to the FAPI serializations and deserializations of the TPMU_CAPABILITIES union and associated types. * Add CODE_OF_CONDUCT * tcti-mssim and tcti-swtpm gained support for UDX communication * Missing constant for TPM2_RH_PW + Removed * Removed support for OpenSSL < 1.1.0. * Marked TPMS_ALGORITHM_DESCRIPTION and corresponding MU routines as deprecated. * Those were errorous typedefs that are not use and not useful. So we will remove this with 3.3 * Marked TPM2_RS_PW as deprecated. Use TPM2_RH_PW instead. - Update to 3.1.1 + Fixed * Fixed file descriptor leak when tcti initialization failed. * Primary key creation, in some cases the unique field was not cleared before calling create primary. * Primary keys was used for signing the object were cleared after loading. So access e.g. to the certificate did not work. * Primary keys created with Fapi_Create with an auth value, the auth_value was not used in inSensitive to recreate the primary key. Now the auth value callback is used to initialize inSensitive. * The not possible usage of policies for primary keys generated with Fapi_CreatePrimary has been fixed. * An infinite loop when parsing erroneous JSON was fixed in FAPI. * A buffer overflow in ESAPI xor parameter obfuscation was fixed. * Certificates could be read only once in one application The setting the init state of the state automaton for getting certificates was fixed. * A double free when executing policy action was fixed. * A leak in Fapi_Quote was fixed. * The wrong file locking in FAPI IO was fixed. * One fapi integration test did change the auth value of the storage hierarchy. * Fix test of FAPI PCR * Fix leaks in error cases of integration tests * Fix segfault when ESYS_TR_NONE is passed to Esys_TR_GetName * Fix the authorization of hierarchy objects used in policy secret. * Fix check of qualifying data in Fapi_VerifyQuote. * Fix some leaks in FAPI error cases. * Fix usage of variable not initialized when fapi keystore is empty. + Added * Add additional IFX root CAs ==== tpm2.0-tools ==== - Disable tests in some architectures (ppc, ppc64, s390x) - Add patch to fix leakage of TPM simulator process add_missing_shut_down_call_on_cleanup.patch - Add patch to fix fapi-quote-verify[_ecc].sh test fix_check_of_qualifying_data.patch - Enable test execution by default ==== u-boot-rpiarm64 ==== Version update (2022.04 -> 2022.07) Subpackages: u-boot-rpiarm64-doc - Update to 2022.07 - Update to 2022.07-rc6 - Drop obsolete 0015-mx6qsabrelite-Enable-DM_ETH-to-re-e.patch - Add rbrom command to enter mask rom on Rockchip devices + 0015-cmd-boot-add-brom-cmd-to-reboot-to-.patch - Add rbrom command to enter mask rom on Allwinner devices + 0016-cmd-boot-add-brom-cmd-to-reboot-to-.patch - ATF is required to boot rk3399. Do not build without it (boo#1201120). ==== wavpack ==== Version update (5.4.0 -> 5.5.0) - update to 5.5.0: * fixed: CVE-2021-44269 (encoding crafted DSD file triggers OOB read crash) * fixed: very long filenames cause stack-overflow crash in all CLI programs * fixed: the length stored in WAV headers not always corrected when using -i * fixed: attempting to encode raw DSD audio from stdin sometimes causes crash * fixed: DSD to PCM decimation: small clicks between tracks and tiny DC offset * fixed: length update in library-generated WAV headers on big-endian machines * fixed: sanitize custom extensions read from WavPack files to be alphanumeric * added: accepting brace-delimited options in the wavpack executable filename * added: "--drop" option to Windows executables for multi-file "drag-and-drop" * added" "--raw-pcm" option to wvunpack executable (does DSD --> 24-bit PCM) * added: "--no-overwrite" option to wavpack executable (to resume sessions) * improved: build system clean-up including switch to non-recursive "make" - drop wavpack-CVE-2021-44269.patch (upstream) - add doc subpackage ==== xdg-desktop-portal-kde ==== Version update (5.25.2 -> 5.25.3) Subpackages: xdg-desktop-portal-kde-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - Changes since 5.25.2: * AppChooser: Address error message * Screencast: fix window stream restoration ==== xmessage ==== Version update (1.0.5 -> 1.0.6) - Update to version 1.0.6 * Update configure.ac bug URL for gitlab migration * gitlab CI: add a basic build test * Build xz tarballs instead of bzip2 * Stop casting arguments to free() * Stop casting function return values to void * gitlab CI: stop requiring Signed-off-by in commits ==== xorg-x11-fonts ==== Subpackages: xorg-x11-fonts-core xorg-x11-fonts-legacy - encodings 1.0.6 gitlab CI: add a basic build test Build xz tarballs instead of bzip2 adjust descriptions for the Unicode mapping to match the Unicode.org data file. add mapping for 0x80-0x9f, as per Unicode.org data files. use descriptions from UnicodeData.txt except for two obsolete or incorrect maps correct a typo (in original), and use appropriate description use Armenian eternity symbol from Unicode 6. whitespace-only changes for consistency, using luit's annotate-enc script add descriptions from UnicodeData.txt, using annotate-enc add descriptions from UnicodeData.txt, using annotate-enc add descriptions from UnicodeData.txt, using annotate-enc add descriptions from UnicodeData.txt, with annotate-enc add descriptions from UnicodeData.txt, with annotate-enc whitespace-only, reformat with annotate-enc ==== xorg-x11-fonts-converted ==== - encodings 1.0.6 gitlab CI: add a basic build test Build xz tarballs instead of bzip2 adjust descriptions for the Unicode mapping to match the Unicode.org data file. add mapping for 0x80-0x9f, as per Unicode.org data files. use descriptions from UnicodeData.txt except for two obsolete or incorrect maps correct a typo (in original), and use appropriate description use Armenian eternity symbol from Unicode 6. whitespace-only changes for consistency, using luit's annotate-enc script add descriptions from UnicodeData.txt, using annotate-enc add descriptions from UnicodeData.txt, using annotate-enc add descriptions from UnicodeData.txt, using annotate-enc add descriptions from UnicodeData.txt, with annotate-enc add descriptions from UnicodeData.txt, with annotate-enc whitespace-only, reformat with annotate-enc ==== xorg-x11-server ==== Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra - U_boo1194181-001-xkb-swap-XkbSetDeviceInfo-and-XkbSetDeviceInfoCheck.patch * Out-Of-Bounds Access in CheckSetDeviceIndicators() (CVE-2022-2320, ZDI-CAN-16070, bsc#1194181) - U_boo1194179-001-xkb-rename-xkb_h-to-xkb-procs_h.patch, U_boo1194179-002-xkb-add-request-length-validation-for-XkbSetGeometry.patch * Out-Of-Bounds Access in _CheckSetSections() (CVE-2022-2319, ZDI-CAN-16062, bsc#1194179) ==== xwayland ==== Version update (22.1.2 -> 22.1.3) - Update to version 22.1.3 * os: print <signal handler called> if unw_is_signal_frame() * os: print registers in the libunwind version of xorg_backtrace() * xwayland/present: Do not send two idle notify events for flip pixmaps * xwayland: Fix check logic in sprite_check_lost_focus() * xwayland: Change randr_output status when call xwl_output_remove() * xkb: switch to array index loops to moving pointers * xkb: swap XkbSetDeviceInfo and XkbSetDeviceInfoCheck * xkb: add request length validation for XkbSetGeometry ==== yast2-perl-bindings ==== Version update (4.5.0 -> 4.5.1) - Adapted to new Perl-5.36.0 API (bsc#1200990) Details: https://github.com/yast/yast-perl-bindings/pull/30 - 4.5.1 ==== yast2-services-manager ==== Version update (4.5.0 -> 4.5.1) - Explicitly pull in systemctl for buildtime tests (jsc#SMO-84) - 4.5.1

1 0

New MicroOS snapshot 20220714 released!
by Richard Brown 15 Jul '22

15 Jul '22

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: bluedevil5 (5.25.2 -> 5.25.3) breeze (5.25.2 -> 5.25.3) breeze-gtk (5.25.2 -> 5.25.3) containers-systemd (0.0+git20220710.f290756 -> 0.0+git20220713.967c6f4) discover (5.25.2 -> 5.25.3) drkonqi5 (5.25.2 -> 5.25.3) ibus-table-chinese (1.8.8 -> 1.8.9) kactivitymanagerd (5.25.2 -> 5.25.3) kcm_sddm (5.25.2 -> 5.25.3) kde-cli-tools5 (5.25.2 -> 5.25.3) kde-gtk-config5 (5.25.2 -> 5.25.3) kgamma5 (5.25.2 -> 5.25.3) khotkeys5 (5.25.2 -> 5.25.3) kinfocenter5 (5.25.2 -> 5.25.3) kmenuedit5 (5.25.2 -> 5.25.3) kscreen5 (5.25.2 -> 5.25.3) kscreenlocker (5.25.2 -> 5.25.3) ksshaskpass5 (5.25.2 -> 5.25.3) ksystemstats5 (5.25.2 -> 5.25.3) kwayland-integration (5.25.2 -> 5.25.3) kwin5 (5.25.2 -> 5.25.3) kwrited5 (5.25.2 -> 5.25.3) layer-shell-qt (5.25.2 -> 5.25.3) libidn2 (2.3.2 -> 2.3.3) libkdecoration2 (5.25.2 -> 5.25.3) libkscreen2 (5.25.2 -> 5.25.3) libksysguard5 (5.25.2 -> 5.25.3) milou5 (5.25.2 -> 5.25.3) mpg123 (1.30.0 -> 1.30.1) oxygen5-sounds (5.25.2 -> 5.25.3) perl-URI (5.10 -> 5.12) plasma-browser-integration (5.25.2 -> 5.25.3) plasma-nm5 (5.25.2 -> 5.25.3) plasma5-addons (5.25.2 -> 5.25.3) plasma5-desktop (5.25.2 -> 5.25.3) plasma5-disks (5.25.2 -> 5.25.3) plasma5-integration (5.25.2 -> 5.25.3) plasma5-openSUSE plasma5-pa (5.25.2 -> 5.25.3) plasma5-systemmonitor (5.25.2 -> 5.25.3) plasma5-thunderbolt (5.25.2 -> 5.25.3) plasma5-workspace (5.25.2 -> 5.25.3) polkit-kde-agent-5 (5.25.2 -> 5.25.3) powerdevil5 (5.25.2 -> 5.25.3) python-M2Crypto python-ipykernel (6.15.0 -> 6.15.1) rubygem-ruby-dbus (0.18.0.beta8 -> 0.18.1) sqlite3 (3.38.5 -> 3.39.0) systemsettings5 (5.25.2 -> 5.25.3) tpm2-0-tss (3.1.0 -> 3.2.0) tpm2.0-tools xdg-desktop-portal-kde (5.25.2 -> 5.25.3) xmessage (1.0.5 -> 1.0.6) xorg-x11-fonts xorg-x11-fonts-converted === Details === ==== bluedevil5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: bluedevil5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== breeze ==== Version update (5.25.2 -> 5.25.3) Subpackages: breeze5-cursors breeze5-decoration breeze5-style breeze5-style-lang breeze5-wallpapers libbreezecommon5-5 - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== breeze-gtk ==== Version update (5.25.2 -> 5.25.3) Subpackages: gtk2-metatheme-breeze gtk3-metatheme-breeze metatheme-breeze-common - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== containers-systemd ==== Version update (0.0+git20220710.f290756 -> 0.0+git20220713.967c6f4) - Update to version 0.0+git20220713.967c6f4: * Add submission/smtps support for postfix ==== discover ==== Version update (5.25.2 -> 5.25.3) Subpackages: discover-backend-flatpak discover-backend-fwupd discover-backend-packagekit discover-lang discover-notifier - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - Changes since 5.25.2: * ApplicationResourceButton: switch to individual ToolTip instances (kde#456129) ==== drkonqi5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: drkonqi5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== ibus-table-chinese ==== Version update (1.8.8 -> 1.8.9) Subpackages: ibus-table-chinese-array ibus-table-chinese-cangjie ibus-table-chinese-cantonese ibus-table-chinese-easy ibus-table-chinese-erbi ibus-table-chinese-jyutping ibus-table-chinese-quick ibus-table-chinese-scj ibus-table-chinese-stroke5 ibus-table-chinese-wu ibus-table-chinese-wubi-haifeng ibus-table-chinese-wubi-jidian ibus-table-chinese-yong update: 1.8.8 -> 1.8.9 - Add tones to Jyutping.txt table (gh#mike-fabian/ibus-table-chinese#6) * Tonal markers according to https://github.com/rime/rime-cantonese/blob/main/README-en.md#tonal-markers were added: 1 v: High level, e.g. siv ? ?; High level checked, e.g. sikv ? ? 2 x: Medium rising, e.g. six ? ? 3 q: Medium level, e.g. siq? ?; Medium level checked, e.g. sekq ? ? 4 vv: Low falling, e.g. sivv ? ? 5 xx: Low rising, e.g. sixx ? ? 6 qq: Low level, e.g. siqq? ?; Low level checked, e.g. sikqq ? ? fix: CMake warning about no source or binary directory provided ==== kactivitymanagerd ==== Version update (5.25.2 -> 5.25.3) Subpackages: kactivitymanagerd-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== kcm_sddm ==== Version update (5.25.2 -> 5.25.3) Subpackages: kcm_sddm-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== kde-cli-tools5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: kde-cli-tools5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - Changes since 5.25.2: * Fix DBus name for KPluginMetaData based KCMs (kde#455943) ==== kde-gtk-config5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: kde-gtk-config5-gtk3 - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== kgamma5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: kgamma5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== khotkeys5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: khotkeys5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== kinfocenter5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: kinfocenter5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - Changes since 5.25.2: * Remove root Messages.sh there's no "kinfocenter" app anymore ==== kmenuedit5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: kmenuedit5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== kscreen5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: kscreen5-lang kscreen5-plasmoid - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== kscreenlocker ==== Version update (5.25.2 -> 5.25.3) Subpackages: kscreenlocker-lang libKScreenLocker5 - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== ksshaskpass5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: ksshaskpass5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== ksystemstats5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: ksystemstats5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== kwayland-integration ==== Version update (5.25.2 -> 5.25.3) - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== kwin5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: kwin5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - Changes since 5.25.2: * [kcm/kwindesktop] Emit rowsChanged signal to fix default state highlighting * backends/drm: also check for properties in DrmPipeline::needsModeset (kde#455814) * backends/drm: handle disconnected but not removed connector objects properly * windowview: handle windows from other virtual desktops better * Map XdgSurface to XdgWMBase instances properly (kde#456349) * Fix flickering in slide effect with multi screen * backends/drm: don't create a new output every time * wayland: Send drm-lease-device::done event to the correct resource * backends/drm: don't remove connectors the kernel doesn't consider removed (kde#456298) * xdgactivation: Properly prevent disabled activation notifications (kde#454937) * TabBox: Do not highlight selected window for fullscreen switchers (kde#449180) * Ship kconf update script to clean animation factor from kwinrc * Fix apply button with animation slider speed * Write animation speed to kdeglobals (kde#431259) * xdgactivation: Do not notify when applications try to activate themselves * Set all timestamps for all touch events (kde#456133) * backends/drm: fix common mode generation (kde#455477) * screencast: Do not send events when moving the cursor outside the viewport * screencasting: Have cursor move frames also send damage information * screencast: Also send the header when we just send the cursor update * backends/drm: suppress logging for direct scanout (kde#456089) ==== kwrited5 ==== Version update (5.25.2 -> 5.25.3) - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== layer-shell-qt ==== Version update (5.25.2 -> 5.25.3) - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== libidn2 ==== Version update (2.3.2 -> 2.3.3) Subpackages: libidn2-0 libidn2-lang - update to 2.3.3: * Upgrade IDNA Tables from Unicode 11 to 12 * Upgrade TR46 Tables from Unicode 13 to 14 * Updated gnulib files and various build fixes * Add self-check for the idn2 command line tool ==== libkdecoration2 ==== Version update (5.25.2 -> 5.25.3) Subpackages: libkdecorations2-5 libkdecorations2-5-lang libkdecorations2private9 - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== libkscreen2 ==== Version update (5.25.2 -> 5.25.3) Subpackages: libKF5Screen7 libkscreen2-plugin - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== libksysguard5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: ksysguardsystemstats-data libKSysGuardSystemStats1 libksysguard5-imports libksysguard5-lang libksysguard5-plugins - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== milou5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: milou5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== mpg123 ==== Version update (1.30.0 -> 1.30.1) Subpackages: libmpg123-0 mpg123-openal - Update to version 1.30.1 mpg123: * Show stderr of network helpers in -vvv mode. * Use curl --http0.9, if available, to support shoutcast v1 streams without wget (wget not needing such switch, yet). * Support file:// URLs for local access as was intended with the last release. * Give more helpful error message if neither wget nor curl are usable, also allow error messages from curl to appear when not --quiet. * Update the man page. ==== oxygen5-sounds ==== Version update (5.25.2 -> 5.25.3) - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== perl-URI ==== Version update (5.10 -> 5.12) - updated to 5.12 see /usr/share/doc/packages/perl-URI/Changes 5.12 2022-07-10 23:48:50Z - Fix an issue where i.e. 'file:///tmp/###' was not properly escaped. A non-existing authority part was accidentally processed. Details: https://github.com/libwww-perl/URI/issues/102 (GH#102) (Perlbotics) - Reverts to previous behavior (5.10) for 'mailto:' scheme for escaping square brackets. 5.11 2022-07-04 20:53:38Z - Fix some typos in URI::file (GH#94) (Olaf Alders) - Escape square brackets in path (GH#100) (Perlbotics) - Fix storable.t (GH#97) (Shoichi Kaji) ==== plasma-browser-integration ==== Version update (5.25.2 -> 5.25.3) Subpackages: plasma-browser-integration-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== plasma-nm5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: plasma-nm5-lang plasma-nm5-openvpn - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== plasma5-addons ==== Version update (5.25.2 -> 5.25.3) Subpackages: plasma5-addons-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - Changes since 5.25.2: * wallpapers/potd: only pass 1920x1080 or 3840x2160 to bing provider * switchers/thumbnails: Fix icon cropped when text is large enough (kde#451997) * switchers/compact: Fix dialog sizes not getting updated (kde#422447) * switchers/thumbnailgrid: Fix layout when window count changes (kde#441241) ==== plasma5-desktop ==== Version update (5.25.2 -> 5.25.3) Subpackages: plasma5-desktop-emojier plasma5-desktop-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - Changes since 5.25.2: * [applets/pager] Round displayed window geometry to avoid size "jumps" (kde#456488) * [applets/pager] Fix switching desktops on drag & hover (kde#416878) * applets/kicker: check model count before porting old favorite items (kde#456411) * applets/kickoff: remove highlight visibility conditions (kde#448526) * Fix translation domain for KRunner KCM (kde#455624) * desktoppackage: add `Accessible.name` to email button * [kcms/componentchooser] Pass parent window to ksycoca progress dialog * applets/kickoff: fix grid delegate tooltips not appearing on hover * [kcms/tablet] Fix crash when opening KCM for the second time (kde#451233) * applets/kickoff: Prevent empty menu from opening (kde#455927) * applets/taskmanager: press space to activate task * Fixup bf55b39: change Kirigami import version to 2.19 * panel: import version of Kirigami that supports InputMethod.willShowOnActive * Make the Keyboard KCM config spare layout spinbox enable the Save button (Fixes #36) ==== plasma5-disks ==== Version update (5.25.2 -> 5.25.3) Subpackages: plasma5-disks-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== plasma5-integration ==== Version update (5.25.2 -> 5.25.3) Subpackages: plasma5-integration-plugin plasma5-integration-plugin-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== plasma5-openSUSE ==== Subpackages: plasma5-defaults-openSUSE plasma5-theme-openSUSE plasma5-workspace-branding-openSUSE sddm-theme-openSUSE - Update to 5.25.3 ==== plasma5-pa ==== Version update (5.25.2 -> 5.25.3) Subpackages: plasma5-pa-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== plasma5-systemmonitor ==== Version update (5.25.2 -> 5.25.3) Subpackages: plasma5-systemmonitor-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== plasma5-thunderbolt ==== Version update (5.25.2 -> 5.25.3) Subpackages: plasma5-thunderbolt-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== plasma5-workspace ==== Version update (5.25.2 -> 5.25.3) Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-lang plasma5-workspace-libs xembedsniproxy - Add patch to fix the lock screen (kde#456639): * 0001-Fix-non-functional-lockscreen-due-to-bad-cherry-pick.patch - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - Changes since 5.25.2: * Guard against cursor theme changing in animation timer (kde#456526) * Fix "PanelSpacer::containmentGraphicObject()" plasmashell segfault (kde#450663) * Fix StatusNotifierItem MidClick (kde#456466) * kcms/lookandfeel: Set all defaults when saving the default package (kde#456275) * kcms/colors: Properly apply tinting to the window titlebar (kde#455395,kde#454047) * [kcms/icons] Pass parent window to ksycoca progress dialog * applets/kicker: Get rid of a separator just above title menu item (kde#449132) * Fix password field in lock screen not clearing after failed login attempt (kde#455227) ==== polkit-kde-agent-5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: polkit-kde-agent-5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== powerdevil5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: powerdevil5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== python-M2Crypto ==== - Add CVE-2020-25657-Bleichenbacher-attack.patch (CVE-2020-25657, bsc#1178829), which mitigates the Bleichenbacher timing attacks in the RSA decryption API. - Add python-M2Crypto.keyring to verify GPG signature of tarball. ==== python-ipykernel ==== Version update (6.15.0 -> 6.15.1) - specfile: * remove patch support-hatchling-14.patch (included upstream) - update to version 6.15.1: * Bugs fixed + Fix inclusion of launcher file and check in CI #964 (@blink1073) * Maintenance and upkeep improvements + [pre-commit.ci] pre-commit autoupdate #962 (@pre-commit-ci) + [pre-commit.ci] pre-commit autoupdate #961 (@pre-commit-ci) + [pre-commit.ci] pre-commit autoupdate #960 (@pre-commit-ci) ==== rubygem-ruby-dbus ==== Version update (0.18.0.beta8 -> 0.18.1) - 0.18.1 Most important change since 0.17.0: * Introduced DBus::Data classes, use them in Properties.Get, Properties.GetAll to return correct types as declared (gh#mvidner/ruby-dbus#97). ==== sqlite3 ==== Version update (3.38.5 -> 3.39.0) Subpackages: libsqlite3-0 sqlite3-tcl - update to 3.39.0: * Add (long overdue) support for RIGHT and FULL OUTER JOIN * Add new binary comparison operators IS NOT DISTINCT FROM and IS DISTINCT FROM that are equivalent to IS and IS NOT, respective, for compatibility with PostgreSQL and SQL standards * Add a new return code (value "3") from the sqlite3_vtab_distinct() interface that indicates a query that has both DISTINCT and ORDER BY clauses * Added the sqlite3_db_name() interface * The unix os interface resolves all symbolic links in database filenames to create a canonical name for the database before the file is opened * Defer materializing views until the materialization is actually needed, thus avoiding unnecessary work if the materialization turns out to never be used * The HAVING clause of a SELECT statement is now allowed on any aggregate query, even queries that do not have a GROUP BY clause * Many microoptimizations collectively reduce CPU cycles by about 2.3%. - drop sqlite-src-3380100-atof1.patch, included upstream - add sqlite-src-3390000-func7-pg-181.patch to skip float precision related test failures on 32 bit ==== systemsettings5 ==== Version update (5.25.2 -> 5.25.3) Subpackages: systemsettings5-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - No code changes since 5.25.2 ==== tpm2-0-tss ==== Version update (3.1.0 -> 3.2.0) Subpackages: libtss2-esys0 libtss2-fapi1 libtss2-mu0 libtss2-rc0 libtss2-sys1 libtss2-tcti-device0 libtss2-tctildr0 - Revert "Add version the configuration file tpm2-tss-fapi.conf" This generate whitelist problems in rpmlint. - Update to 3.2.0 + Fixed * FAPI: fix curl_url_set call * FAPI: Fix usage of curl url (Should fix Ubuntu 22.04) * Fix buffer upcast leading to misalignment * Fix check whether SM3 is available * Update git.mk to support R/O src-dir * Fixed file descriptor leak when tcti initialization failed. * 32 Bit builds of the integration tests. * Primary key creation, in some cases the unique field was not cleared before calling create primary. * Primary keys was used for signing the object were cleared after loading. So access e.g. to the certificate did not work. * Primary keys created with Fapi_Create with an auth value, the auth_value was not used in inSensitive to recreate the primary key. Now the auth value callback is used to initialize inSensitive. * The not possible usage of policies for primary keys generated with Fapi_CreatePrimary has been fixed. * An infinite loop when parsing erroneous JSON was fixed in FAPI. * A buffer overflow in ESAPI xor parameter obfuscation was fixed. * Certificates could be read only once in one application The setting the init state of the state automaton for getting certificates was fixed. * A double free when executing policy action was fixed. * A leak in Fapi_Quote was fixed. * The wrong file locking in FAPI IO was fixed. * Enable creation of tss group and user on systems with busybox for fapi. * One fapi integration test did change the auth value of the storage hierarchy. * A leak in fapi crypto with ossl3 was fixed. * Add initial camelia support to FAPI * Fix tests of fapi PCR * Fix tests of ACT functionality if not supported by pTPM * Fix compiler (unused) warning when building without debug logging * Fix leaks in error cases of integration tests * Fix memory leak after ifapi_init_primary_finish failed * Fix double-close of stream in FAPI * Fix segfault when ESYS_TR_NONE is passed to Esys_TR_GetName * Fix the authorization of hierarchy objects used in policy secret. * Fix check of qualifying data in Fapi_VerifyQuote. * Fix some leaks in FAPI error cases. * Make scripts compatible with non-posix shells where test does not know -a and -o. * Fix usage of variable not initialized when fapi keystore is empty. + Added * Add additional IFX root CAs * Added support for SM2, SM3 and SM4. * Added support for OpenSSL 3.0.0. * Added authPolicy field to the TPMU_CAPABILITIES union. * Added actData field to the TPMU_CAPABILITIES union. * Added TPM2_CAP_AUTH_POLICIES * Added TPM2_CAP_ACT constants. * Added updates to the marshalling and unmarshalling of the TPMU_CAPABILITIES union. * Added updated to the FAPI serializations and deserializations of the TPMU_CAPABILITIES union and associated types. * Add CODE_OF_CONDUCT * tcti-mssim and tcti-swtpm gained support for UDX communication * Missing constant for TPM2_RH_PW + Removed * Removed support for OpenSSL < 1.1.0. * Marked TPMS_ALGORITHM_DESCRIPTION and corresponding MU routines as deprecated. * Those were errorous typedefs that are not use and not useful. So we will remove this with 3.3 * Marked TPM2_RS_PW as deprecated. Use TPM2_RH_PW instead. - Update to 3.1.1 + Fixed * Fixed file descriptor leak when tcti initialization failed. * Primary key creation, in some cases the unique field was not cleared before calling create primary. * Primary keys was used for signing the object were cleared after loading. So access e.g. to the certificate did not work. * Primary keys created with Fapi_Create with an auth value, the auth_value was not used in inSensitive to recreate the primary key. Now the auth value callback is used to initialize inSensitive. * The not possible usage of policies for primary keys generated with Fapi_CreatePrimary has been fixed. * An infinite loop when parsing erroneous JSON was fixed in FAPI. * A buffer overflow in ESAPI xor parameter obfuscation was fixed. * Certificates could be read only once in one application The setting the init state of the state automaton for getting certificates was fixed. * A double free when executing policy action was fixed. * A leak in Fapi_Quote was fixed. * The wrong file locking in FAPI IO was fixed. * One fapi integration test did change the auth value of the storage hierarchy. * Fix test of FAPI PCR * Fix leaks in error cases of integration tests * Fix segfault when ESYS_TR_NONE is passed to Esys_TR_GetName * Fix the authorization of hierarchy objects used in policy secret. * Fix check of qualifying data in Fapi_VerifyQuote. * Fix some leaks in FAPI error cases. * Fix usage of variable not initialized when fapi keystore is empty. + Added * Add additional IFX root CAs ==== tpm2.0-tools ==== - Disable tests in some architectures (ppc, ppc64, s390x) - Add patch to fix leakage of TPM simulator process add_missing_shut_down_call_on_cleanup.patch - Add patch to fix fapi-quote-verify[_ecc].sh test fix_check_of_qualifying_data.patch - Enable test execution by default ==== xdg-desktop-portal-kde ==== Version update (5.25.2 -> 5.25.3) Subpackages: xdg-desktop-portal-kde-lang - Update to 5.25.3 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.25.3 - Changes since 5.25.2: * AppChooser: Address error message * Screencast: fix window stream restoration ==== xmessage ==== Version update (1.0.5 -> 1.0.6) - Update to version 1.0.6 * Update configure.ac bug URL for gitlab migration * gitlab CI: add a basic build test * Build xz tarballs instead of bzip2 * Stop casting arguments to free() * Stop casting function return values to void * gitlab CI: stop requiring Signed-off-by in commits ==== xorg-x11-fonts ==== Subpackages: xorg-x11-fonts-core xorg-x11-fonts-legacy - encodings 1.0.6 gitlab CI: add a basic build test Build xz tarballs instead of bzip2 adjust descriptions for the Unicode mapping to match the Unicode.org data file. add mapping for 0x80-0x9f, as per Unicode.org data files. use descriptions from UnicodeData.txt except for two obsolete or incorrect maps correct a typo (in original), and use appropriate description use Armenian eternity symbol from Unicode 6. whitespace-only changes for consistency, using luit's annotate-enc script add descriptions from UnicodeData.txt, using annotate-enc add descriptions from UnicodeData.txt, using annotate-enc add descriptions from UnicodeData.txt, using annotate-enc add descriptions from UnicodeData.txt, with annotate-enc add descriptions from UnicodeData.txt, with annotate-enc whitespace-only, reformat with annotate-enc ==== xorg-x11-fonts-converted ==== - encodings 1.0.6 gitlab CI: add a basic build test Build xz tarballs instead of bzip2 adjust descriptions for the Unicode mapping to match the Unicode.org data file. add mapping for 0x80-0x9f, as per Unicode.org data files. use descriptions from UnicodeData.txt except for two obsolete or incorrect maps correct a typo (in original), and use appropriate description use Armenian eternity symbol from Unicode 6. whitespace-only changes for consistency, using luit's annotate-enc script add descriptions from UnicodeData.txt, using annotate-enc add descriptions from UnicodeData.txt, using annotate-enc add descriptions from UnicodeData.txt, using annotate-enc add descriptions from UnicodeData.txt, with annotate-enc add descriptions from UnicodeData.txt, with annotate-enc whitespace-only, reformat with annotate-enc

1 0

Please start using the microos@lists.opensuse.org list for MicroOS Discussions
by Richard Brown 15 Jul '22

15 Jul '22

Hi Everyone, After a bit of a delay, we finally got the microos(a)lists.opensuse.org mailinglist up and running For MicroOS please subscribe to this list - microos-subscribe(a)lists.opensuse.org This list will stay around for any discussions regarding the remaining Kubernetes packages in Factory See you on the new list Regards, -- Richard Brown Linux Distribution Engineer - Future Technology Team SUSE Software Solutions Germany GmbH, Frankenstraße 146, D-90461 Nuremberg, Germany (HRB 36809, AG Nürnberg) Managing Directors/Geschäftsführer: Ivo Totev, Andrew Myers, Andrew McDonald, Martje Boudien Moerman

1 0