New ARM MicroOS snapshot 20210927 released!
Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version=Tumbleweed&build=20210927 https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&component=MicroOS&query_format=advanced&resolution=--- Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: AppStream Mesa (21.2.0 -> 21.2.2) Mesa-drivers (21.2.0 -> 21.2.2) NetworkManager apparmor argyllcms (2.1.2 -> 2.2.0) attica-qt5 (5.85.0 -> 5.86.0) baloo5 (5.85.0 -> 5.86.0) baloo5-widgets (21.08.0 -> 21.08.1) bluedevil5 (5.22.4 -> 5.22.5) bluez (5.60 -> 5.61) bluez-qt (5.85.0 -> 5.86.0) breeze (5.22.4 -> 5.22.5) breeze5-icons (5.85.0 -> 5.86.0) btrfsprogs (5.13.1 -> 5.14) bubblewrap (0.4.1 -> 0.5.0) c-ares catatonit (0.1.5 -> 0.1.6) cfssl (1.6.0 -> 1.6.1) chrony compat-usrmerge conmon (2.0.29 -> 2.0.30) cryptsetup (2.3.6 -> 2.4.1) curl (7.78.0 -> 7.79.0) dav1d (0.9.1 -> 0.9.2) discover (5.22.4 -> 5.22.5) dolphin (21.08.0 -> 21.08.1) drkonqi5 (5.22.4 -> 5.22.5) e2fsprogs (1.46.3 -> 1.46.4) elfutils ell (0.42 -> 0.44) fcoe-utils ffmpeg-4 flatpak (1.11.2 -> 1.11.3) frameworkintegration (5.85.0 -> 5.86.0) fuse3 (3.10.4 -> 3.10.5) gcc gd (2.3.2 -> 2.3.3) geoclue2 (2.5.6 -> 2.5.7) ghostscript gjs (1.68.3 -> 1.68.4) glib2 glibc (2.33 -> 2.34) gnome-control-center (40.0 -> 40.1) gnome-packagekit gnome-shell (40.4 -> 40.5) gnome-shell-extension-desktop-icons gnome-shell-extensions gnome-tweaks gnome-usage (3.37.1 -> 3.38.1) gnome-user-docs (40.4 -> 40.5) grub2 gstreamer (1.18.4 -> 1.18.5) gstreamer-plugins-bad (1.18.4 -> 1.18.5) gstreamer-plugins-base (1.18.4 -> 1.18.5) gstreamer-plugins-good (1.18.4 -> 1.18.5) gtk4 (4.2.1 -> 4.4.0) gzip (1.10 -> 1.11) harfbuzz (2.8.2 -> 2.9.1) hplip (3.21.4 -> 3.21.6) hwdata (0.350 -> 0.351) ibus (1.5.24 -> 1.5.25) installation-images-MicroOS (17.13 -> 17.15) iproute2 (5.13 -> 5.14) iputils irqbalance (1.8.0.14.ga7f8148 -> 1.8.0.18.git+2435e8d) json-glib (1.6.4 -> 1.6.6) kaccounts-integration (21.08.0 -> 21.08.1) kactivities-stats (5.85.0 -> 5.86.0) kactivities5 (5.85.0 -> 5.86.0) kactivitymanagerd (5.22.4 -> 5.22.5) karchive (5.85.0 -> 5.86.0) kate (21.08.0 -> 21.08.1) kauth (5.85.0 -> 5.86.0) kbd kbookmarks (5.85.0 -> 5.86.0) kcmutils (5.85.0 -> 5.86.0) kcodecs (5.85.0 -> 5.86.0) kcompletion (5.85.0 -> 5.86.0) kconfig (5.85.0 -> 5.86.0) kconfigwidgets (5.85.0 -> 5.86.0) kcoreaddons (5.85.0 -> 5.86.0) kcrash (5.85.0 -> 5.86.0) kdbusaddons (5.85.0 -> 5.86.0) kde-cli-tools5 (5.22.4 -> 5.22.5) kde-print-manager (21.08.0 -> 21.08.1) kdeclarative (5.85.0 -> 5.86.0) kded (5.85.0 -> 5.86.0) kdelibs4support (5.85.0 -> 5.86.0) kdesu (5.85.0 -> 5.86.0) kdialog (21.08.0 -> 21.08.1) kdnssd-framework (5.85.0 -> 5.86.0) kdoctools (5.85.0 -> 5.86.0) kernel-firmware (20210812 -> 20210901) kernel-source (5.13.13 -> 5.14.6) keylime (6.1.1 -> 6.2.0) kfilemetadata5 (5.85.0 -> 5.86.0) kgamma5 (5.22.4 -> 5.22.5) kglobalaccel (5.85.0 -> 5.86.0) kguiaddons (5.85.0 -> 5.86.0) kholidays (5.85.0 -> 5.86.0) khotkeys5 (5.22.4 -> 5.22.5) ki18n (5.85.0 -> 5.86.0) kiconthemes (5.85.0 -> 5.86.0) kidletime (5.85.0 -> 5.86.0) kinfocenter5 (5.22.4 -> 5.22.5) kinit (5.85.0 -> 5.86.0) kio (5.85.0 -> 5.86.0) kio-extras5 (21.08.0 -> 21.08.1) kirigami2 (5.85.0 -> 5.86.0) kitemmodels (5.85.0 -> 5.86.0) kitemviews (5.85.0 -> 5.86.0) kjobwidgets (5.85.0 -> 5.86.0) kmenuedit5 (5.22.4 -> 5.22.5) kmod knewstuff (5.85.0 -> 5.86.0) knotifications (5.85.0 -> 5.86.0) knotifyconfig (5.85.0 -> 5.86.0) konsole (21.08.0 -> 21.08.1) kpackage (5.85.0 -> 5.86.0) kparts (5.85.0 -> 5.86.0) kpeople5 (5.85.0 -> 5.86.0) kpty (5.85.0 -> 5.86.0) kquickcharts (5.85.0 -> 5.86.0) krb5 kross (5.85.0 -> 5.86.0) krunner (5.85.0 -> 5.86.0) kscreen5 (5.22.4 -> 5.22.5) kscreenlocker (5.22.4 -> 5.22.5) kservice (5.85.0 -> 5.86.0) ksystemstats5 (5.22.4 -> 5.22.5) ktexteditor (5.85.0 -> 5.86.0) ktextwidgets (5.85.0 -> 5.86.0) kunitconversion (5.85.0 -> 5.86.0) kwallet (5.85.0 -> 5.86.0) kwalletmanager5 (21.08.0 -> 21.08.1) kwayland (5.85.0 -> 5.86.0) kwayland-integration (5.22.4 -> 5.22.5) kwayland-server (5.22.4 -> 5.22.5) kwidgetsaddons (5.85.0 -> 5.86.0) kwin5 (5.22.4 -> 5.22.5) kwindowsystem (5.85.0 -> 5.86.0) kwrited5 (5.22.4 -> 5.22.5) kxmlgui (5.85.0 -> 5.86.0) layer-shell-qt (5.22.4 -> 5.22.5) less libKF5ModemManagerQt (5.85.0 -> 5.86.0) libKF5NetworkManagerQt (5.85.0 -> 5.86.0) libXi (1.7.10 -> 1.8) libaom (3.1.1 -> 3.1.2) libapparmor libass (0.15.1 -> 0.15.2) libcontainers-common libcryptui libdaemon libdrm libepoxy (1.5.8 -> 1.5.9) libexif (0.6.22 -> 0.6.23) libfido2 (1.7.0 -> 1.8.0) libgexiv2 (0.12.3 -> 0.14.0) libglvnd libgudev (234 -> 237) libhugetlbfs libinput (1.18.1 -> 1.19.0) libkdecoration2 (5.22.4 -> 5.22.5) libkscreen2 (5.22.4 -> 5.22.5) libksysguard5 (5.22.4 -> 5.22.5) libqt5-qtbase (5.15.2+kde200 -> 5.15.2+kde222) libqt5-qtlocation libqt5-qtwebengine (5.15.5 -> 5.15.6) libseccomp (2.5.1 -> 2.5.2) libsecret libsrtp2 (2.4.0 -> 2.4.1) libtirpc libva (2.12.0 -> 2.13.0) libxkbcommon (1.3.0 -> 1.3.1) libzypp (17.28.1 -> 17.28.4) llvm12 mdadm microos-tools (2.11 -> 2.12) milou5 (5.22.4 -> 5.22.5) mozilla-nss (3.68 -> 3.69.1) mpg123 (1.28.2 -> 1.29.0) multipath-tools (0.8.6+32+suse.f11c192 -> 0.8.7+14+suse.5a09bfa) mutter (40.4 -> 40.5) nautilus-share ncurses (6.2.20210814 -> 6.2.20210911) net-snmp numactl (2.0.14.17.g498385e -> 2.0.14.20.g4ee5e0c) open-iscsi open-lldp (1.1+36.e926f7172b96 -> 1.1+44.0f781b4162d3) openexr osinfo-db (20210621 -> 20210903) pam (1.5.1 -> 1.5.2) pam-config (1.3 -> 1.4) pango (1.48.9 -> 1.48.10) patterns-base patterns-microos perl (5.32.1 -> 5.34.0) perl-Bootloader (0.935 -> 0.936) permissions (1550_20210518 -> 1550_20210901) phonon4qt5 pinentry (1.1.1 -> 1.2.0) pipewire (0.3.34 -> 0.3.37) plasma-browser-integration (5.22.4 -> 5.22.5) plasma-framework (5.85.0 -> 5.86.0) plasma-nm5 (5.22.4 -> 5.22.5) plasma5-addons (5.22.4 -> 5.22.5) plasma5-desktop (5.22.4 -> 5.22.5) plasma5-integration (5.22.4 -> 5.22.5) plasma5-openSUSE plasma5-pa (5.22.4 -> 5.22.5) plasma5-workspace (5.22.4 -> 5.22.5) podman (3.2.3 -> 3.3.1) polkit-kde-agent-5 (5.22.4 -> 5.22.5) polkit-qt5-1 powerdevil5 (5.22.4 -> 5.22.5) prison-qt5 (5.85.0 -> 5.86.0) pulseaudio purpose (5.85.0 -> 5.86.0) python-Jinja2 python-Pillow (8.3.1 -> 8.3.2) python-greenlet python-importlib-metadata (3.7.2 -> 4.8.1) python-jsonpatch python-numpy (1.21.0 -> 1.21.2) python-ordered-set (3.1.1 -> 4.0.2) python-pandas (1.3.1 -> 1.3.3) python-simplejson (3.17.3 -> 3.17.5) python38 (3.8.11 -> 3.8.12) python38-core (3.8.11 -> 3.8.12) qca-qt5 (2.3.3 -> 2.3.4) qemu (6.0.0 -> 6.1.0) qqc2-desktop-style (5.85.0 -> 5.86.0) re2 (20210801 -> 20210901) samba (4.14.6+git.168.6a9fc8a1ddd -> 4.14.6+git.182.2205d5224e3) selinux-policy serd shadow (4.8.1 -> 4.9) solid (5.85.0 -> 5.86.0) sonnet (5.85.0 -> 5.86.0) suse-module-tools (16.0.8+1 -> 16.0.10+7) syntax-highlighting (5.85.0 -> 5.86.0) system-users systemd (248.6 -> 249.4) systemd-default-settings systemsettings5 (5.22.4 -> 5.22.5) sysuser-tools talloc (2.3.2 -> 2.3.3) threadweaver (5.85.0 -> 5.86.0) tracker-miners (3.1.2 -> 3.1.3) transactional-update (3.5.1 -> 3.5.5) unzip util-linux util-linux-systemd vim (8.2.3360 -> 8.2.3408) vulkan-loader (1.2.182.0 -> 1.2.189.0) webkit2gtk3 (2.32.3 -> 2.32.4) wpebackend-fdo (1.8.0 -> 1.10.0) xdg-desktop-portal (1.8.1 -> 1.10.0) xdg-desktop-portal-kde (5.22.4 -> 5.22.5) xdg-utils (1.1.3+20200220 -> 1.1.3+20201113) xf86-input-libinput (1.1.0 -> 1.2.0) xkeyboard-config xrdb (1.2.0 -> 1.2.1) xwayland yast2 (4.4.16 -> 4.4.20) zypper (1.14.48 -> 1.14.49) === Details === ==== AppStream ==== Subpackages: libAppStreamQt2 libappstream4 - Create and install a Vala API file ==== Mesa ==== Version update (21.2.0 -> 21.2.2) Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - covers jira#SLE/SLE-18743 - update to 21.2.2 * second bugfix release: a ton of work went into panfrost, getting it closer to being conformant (it is conformant on 21.3!); fixes for ir3, croccus, nir, utils, llvmpipe, gallivm, zink, glsl, v3d, vc4, intel, mesa, aco, iris, radv, and even osmesa. - update to 21.2.1 * first bugfix release ==== Mesa-drivers ==== Version update (21.2.0 -> 21.2.2) Subpackages: Mesa-dri Mesa-gallium - covers jira#SLE/SLE-18743 - update to 21.2.2 * second bugfix release: a ton of work went into panfrost, getting it closer to being conformant (it is conformant on 21.3!); fixes for ir3, croccus, nir, utils, llvmpipe, gallivm, zink, glsl, v3d, vc4, intel, mesa, aco, iris, radv, and even osmesa. - update to 21.2.1 * first bugfix release ==== NetworkManager ==== Subpackages: libnm0 typelib-1_0-NM-1_0 - Drop nm-add-CAP_CHOWN-capability.patch: This solution was denied by upstream maintainers. - Remove obsolete translation-update-upstream support (jsc#SLE-21105). ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor - lessopen.sh profile: allow reading files that live on NFS over UDP (added to apparmor-lessopen-nfs-workaround.diff) (boo#1190552) ==== argyllcms ==== Version update (2.1.2 -> 2.2.0) - Update to version 2.2.0: * Added native i1Pro3 and i1Pro3 Plus driver. * Fix bug in applycal.c where it gets an "Error - Write file: 1, icmTextDescription_write: ascii string is shorter" error on replacing one calibration with another. * Improved i1pro & Munki patch recognition to work much more reliably with a slow swipe speed. * Fixed oeminst to work with spyder V5.5. setup.exe * Fixed bug in oemdld that prevented HTML encoded characters in download file decoding properly, which prevented certain filenames from working. * Fixed bug in ccxxmake -S -f where save error wasn't being fully reported, and display technology presence check was faulty. * Fixed typo in display technology, VPA -> PVA. * Made Klein K10A "Lights Off" command timeout a soft error. For some reason this command doesn't seem to be implemented on some K10A's. * Added CIE dE2000 to spotread output. * Fixed accidental global "wrl" in gamut/gamut.h that cases compile warnings. * For more see http://www.argyllcms.com/doc/ChangesSummary.html - Drop argyllcms--gcc--fno-common.patch (upstreamed with exception of static declaration of struct huft, which is not required). ==== attica-qt5 ==== Version update (5.85.0 -> 5.86.0) Subpackages: libKF5Attica5 - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * Port to QStringView ==== baloo5 ==== Version update (5.85.0 -> 5.86.0) Subpackages: baloo5-imports baloo5-kioslaves libKF5Baloo5 libKF5BalooEngine5 - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * We depend against c++-17 so we can use qOverload directly * Use const'ref ==== baloo5-widgets ==== Version update (21.08.0 -> 21.08.1) - Update to 21.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/21.08.1 - No code change since 21.08.0 ==== bluedevil5 ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== bluez ==== Version update (5.60 -> 5.61) Subpackages: bluez-cups libbluetooth3 - update to version 5.61: * Fix issue with A2DP while waiting for command response. * Fix issue with A2DP when SetConfiguration fails. * Fix issue with device removal handling. * Fix issue with storing discoverable setting. * Add support for Central Address Resolution characteristic. * Add support for admin policy plugin. ==== bluez-qt ==== Version update (5.85.0 -> 5.86.0) Subpackages: bluez-qt-imports bluez-qt-udev libKF5BluezQt6 - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - No code change since 5.85.0 ==== breeze ==== Version update (5.22.4 -> 5.22.5) Subpackages: breeze5-cursors breeze5-decoration breeze5-style breeze5-wallpapers libbreezecommon5-5 - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - Changes since 5.22.4: * kstyle: consider activeSubControls when deciding arrow colour (kde#434884) ==== breeze5-icons ==== Version update (5.85.0 -> 5.86.0) - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Too many changes since 5.85.0, only listing bugfixes: * Add Xfce compatibility symlinks (kde#432333) ==== btrfsprogs ==== Version update (5.13.1 -> 5.14) Subpackages: btrfsprogs-udev-rules libbtrfs0 - Update to 5.14 * convert: * new option --uuid to copy, generate or set a given uuid * improve output * mkfs: * allow to create degenerate raid0 (on 1 device) and raid10 (on 2 devices) * image: * improved error messages * fix some alignment of restored image * subvol delete: allow to delete by id when path is not resolvable * check: * require alignment of nodesize for 64k page systems * detect and fix invalid block groups * libbtrfs (deprecated): * remove most exported symbols, leave only a few that are used by snapper * no version change (still 0.1) * remove btrfs-list.h, btrfsck.h * fixes: * reset generation of space v1 if v2 is used * fi us: don't wrongly report missing device size when partition is not readable * other: * build: experimental features * build: better detection of 64bit timestamp support for ext4 * corrupt-block: block group items * new and updated tests * refactoring * experimental features: * new image dump format, with data ==== bubblewrap ==== Version update (0.4.1 -> 0.5.0) - Update to version 0.5.0: + New features: - --chmod changes permissions - --clearenv unsets every environment variable (except PWD) - --perms sets permissions for one subsequent --bind-data, - -dir, --file, --ro-bind-data or --tmpfs + Other enhancements: - Better diagnostics when a --bind or other bind-mount fails - zsh tab-completion - Better test coverage + Bug fixes: - Use Python 3 for tests and examples - Mount points for non-directories are created with permissions - r--r--r-- instead of -rw-rw-rw- - Don't remount items in /proc read-only if already EROFS, required to run under Docker - Allow mounting an non-directory over an existing non-directory, e.g. --bind "$XDG_RUNTIME_DIR/my-log-socket" /dev/log - Silence kernel messages for our bind-mounts - Make sure pkg-config is checked for, regardless of build options - Improve ability to bind-mount directories on case-insensitive filesystems - Fix -Wshadow warnings - Fix deprecation warnings with newer SELinux - Add new subpackage bubblewrap-zsh-completion ==== c-ares ==== - new upstream website - drop multibuild - tests do not require static library anymore - spec file cleanup - drop sources that were re-added to upstream distibution (c-ares-config.cmake.in ares_dns.h libcares.pc.cmake) - 5c995d5.patch: augment input validation on hostnames to allow _ as part of DNS response (bsc#1190225) ==== catatonit ==== Version update (0.1.5 -> 0.1.6) - Update to catatonit v0.1.6, which fixes a few bugs -- mainly ones related to socket activation or features somewhat adjacent to socket activation (such as passing file descriptors). - Update catatonit-rpmlintrc in order to cover that static binaries are now an error not a warning. ==== cfssl ==== Version update (1.6.0 -> 1.6.1) - Update to version 1.6.1: * Support for DelegationUsage extension * remove -u flag from readme, link to releases * remove old go versions from travis * fix upgrading transitive coreos dependency breakage ==== chrony ==== Subpackages: chrony-pool-openSUSE - Added hardening to systemd service(s). Added patch(es): * harden_chrony-wait.service.patch * harden_chronyd.service.patch ==== compat-usrmerge ==== - statically link xmv to avoid glibc 2.34 dependency (__libc_start_main@GLIBC_2.34) - turn on filetriggers in main package. Needed for single transaction upgrades (boo#1189788) ==== conmon ==== Version update (2.0.29 -> 2.0.30) - Update to version 2.0.30: * Remove unreachable code path * exit: report if the exit command was killed * exit: fix race zombie reaper * conn_sock: allow watchdog messages through the notify socket proxy * seccomp: add support for seccomp notify ==== cryptsetup ==== Version update (2.3.6 -> 2.4.1) Subpackages: libcryptsetup12 - cryptsetup 2.4.1 * Fix compilation for libc implementations without dlvsym(). * Fix compilation and tests on systems with non-standard libraries * Try to workaround some issues on systems without udev support. * Fixes for OpenSSL3 crypto backend (including FIPS mode). * Print error message when assigning a token to an inactive keyslot. * Fix offset bug in LUKS2 encryption code if --offset option was used. * Do not allow LUKS2 decryption for devices with data offset. * Fix LUKS1 cryptsetup repair command for some specific problems. - As YaST passes necessary parameters to cryptsetup anyway, we do not necessarily need to take grub into consideration. So back to Argon2 to see how it goes. - need to use PBKDF2 by default for LUKS2 as grub can't decrypt when using Argon. - cryptsetup 2.4.0 (jsc#SLE-20275) * External LUKS token plugins * Experimental SSH token * Default LUKS2 PBKDF is now Argon2id * Increase minimal memory cost for Argon2 benchmark to 64MiB. * Autodetect optimal encryption sector size on LUKS2 format. * Use VeraCrypt option by default and add --disable-veracrypt option. * Support --hash and --cipher to limit opening time for TCRYPT type * Fixed default OpenSSL crypt backend support for OpenSSL3. * integritysetup: add integrity-recalculate-reset flag. * cryptsetup: retains keyslot number in luksChangeKey for LUKS2. * Fix cryptsetup resize using LUKS2 tokens. * Add close --deferred and --cancel-deferred options. * Rewritten command-line option parsing to avoid libpopt arguments memory leaks. * Add --test-args option. - Use LUKS2 as default format on Tumbleweed. It provides some additional features which other tools (e.g. systemd-cryptenroll) rely on. GRUB 2.06 supports unlocking LUKS2 volumes meanwhile. ==== curl ==== Version update (7.78.0 -> 7.79.0) Subpackages: libcurl4 - Temporarily disable flaky test 1184 * See https://github.com/curl/curl/issues/7725 - Update to 7.79.0: [bsc#1190213, CVE-2021-22945] [bsc#1190373, CVE-2021-22946] [bsc#1190374, CVE-2021-22947] * Changes: - bearssl: support CURLOPT_CAINFO_BLOB - http: consider cookies over localhost to be secure - secure transport: support CURLINFO_CERTINFO * Bugfixes: - CVE-2021-22945: clear the leftovers pointer when sending succeeds - CVE-2021-22946: do not ignore --ssl-reqd - CVE-2021-22947: reject STARTTLS server response pipelining - auth: do not append zero-terminator to authorisation id in kerberos - auth: properly handle byte order in kerberos security message - auth: use sasl authzid option in kerberos - auth: we do not support a security layer after kerberos authentication - c-hyper: deal with Expect: 100-continue combined with POSTFIELDS - c-hyper: handle HTTP/1.1 => HTTP/1.0 downgrade on reused connection - c-hyper: initial step for 100-continue support - c-hyper: initial support for "dumping" 1xx HTTP responses - curl-openssl.m4: show correct output for OpenSSL v3 - docs/MQTT: update state of username/password support - docs: the security list is reached at security at curl.se now - getparameter: fix the --local-port number parser - hostip: Make Curl_ipv6works function independent of getaddrinfo - http_proxy: fix the User-Agent inclusion in CONNECT - http_proxy: fix user-agent and custom headers for CONNECT with hyper - http_proxy: only wait for writable socket while sending request - mailing lists: move from cool.haxx.se to lists.haxx.se - mbedtls: avoid using a large buffer on the stack - mbedTLS: initial 3.0.0 support - ngtcp2: remove the acked_crypto_offset struct field init - ngtcp2: replace deprecated functions with nghttp3_conn_shutdown_stream_read - ngtcp2: reset the oustanding send buffer again when drained - ngtcp2: rework the return value handling of ngtcp2_conn_writev_stream - ngtcp2: stop buffering crypto data - ngtcp2: utilize crypto API functions to simplify - openssl: when creating a new context, there cannot be an old one - scripts: invoke interpreters through /usr/bin/env - tests/runtests.pl: cleanup copy&paste mistakes and unused code - tests: be explicit about using 'python3' instead of 'python' - tool/tests: fix potential year 2038 issues - tool_operate: Fix --fail-early with parallel transfers - x509asn1: fix heap over-read when parsing x509 certificates * Rebase libcurl-ocloexec.patch ==== dav1d ==== Version update (0.9.1 -> 0.9.2) - Update to version 0.9.2 * x86: SSE4 optimizations of inverse transforms for 10bit for all sizes * x86: mc.resize optimizations with AVX2/SSSE3 for 10/12b * x86: SSSE3 optimizations for cdef_filter in 10/12b and mc_w_mask_422/444 in 8b * ARM NEON optimizations for FilmGrain Gen_grain functions * Optimizations for splat_mv in SSE2/AVX2 and NEON * x86: SGR improvements for SSSE3 CPUs * x86: AVX2 optimizations for cfl_ac ==== discover ==== Version update (5.22.4 -> 5.22.5) Subpackages: discover-backend-flatpak discover-backend-packagekit discover-notifier - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - Changes since 5.22.4: * Show actual shortcut for Refresh action's tooltip (kde#438916) ==== dolphin ==== Version update (21.08.0 -> 21.08.1) Subpackages: dolphin-part libdolphinvcs5 - Add patch to fix the "Open in Terminal" functionality if kinit is not running (kde#441072): * 0001-Port-to-KTerminalLauncherJob.patch - Update to 21.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/21.08.1 - Changes since 21.08.0: * Filter the items that have changed * FoldersPanel: Fix inline renaming (kde#441124) * Fix selecting file always opening new instance (kde#440663) * Avoid crash on start when help actions are restricted through the Kiosk system ==== drkonqi5 ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== e2fsprogs ==== Version update (1.46.3 -> 1.46.4) Subpackages: libcom_err2 libext2fs2 - Update to 1.46.4: * Default to 256-byte inodes for all filesystems, not only larger ones * Bigalloc is considered supported now for small cluster sizes * E2fsck and e2image fixes for quota feature * Fix mke2fs creation of filesystem into non-existent file - libss-add-newer-libreadline.so.8-to-dlopen-path.patch: libss: add newer libreadline.so.8 to dlopen path (bsc#1189453) - Added hardening to systemd service(s) (bsc#1181400). Added patch(es): * harden_e2scrub@.service.patch * harden_e2scrub_all.service.patch * harden_e2scrub_fail@.service.patch * harden_e2scrub_reap.service.patch ==== elfutils ==== Subpackages: libasm1 libdw1 libelf1 - Add tests-Allow-an-extra-pthread_kill-frame-in-backtrace.patch in order to fix boo#1189083. ==== ell ==== Version update (0.42 -> 0.44) - update to release 0.44 * Fix issue with allowing zero byte input for AEAD cipher. * Fix issue with filling in DNS info in DHCP lease objects. * Add support neighbor discovery utility helpers. - Update to release 0.43 * Add support for DHCP Rapid Commit feature. * Add support for DHCP authorative mode feature. ==== fcoe-utils ==== - Added hardening to systemd service(s) (bsc#1181400). Added patch(es): * harden_fcoe.service.patch ==== ffmpeg-4 ==== Subpackages: libavcodec58_134 libavformat58_76 libavutil56_70 libswresample3_9 - Add ffmpeg-CVE-2021-38171.patch: Backport from upstream to fix adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value (bsc#1189724). ==== flatpak ==== Version update (1.11.2 -> 1.11.3) Subpackages: libflatpak0 system-user-flatpak - Update to version 1.11.3. * Bug fixes: * Don't inherit an unusual $XDG_RUNTIME_DIR setting into the sandbox, fixing a regression introduced when CVE-2021-21261 was fixed in 1.8.5 and 1.10.0 * Update the included copy of bubblewrap (flatpak-bwrap) to 0.5.0 * Better diagnostics when a --bind or other bind-mount fails * Create non-directories with safer permissions * Allow mounting an non-directory over an existing non-directory * Silence kernel messages for our bind-mounts * Improve ability to bind-mount directories on case-insensitive filesystems * Don't ask user which remote to download from if there is only one option * Internal changes: * Improve test coverage * Spelling fixes * Translation updates: Brazilian Portuguese, Russian, Spanish, Ukrainian ==== frameworkintegration ==== Version update (5.85.0 -> 5.86.0) Subpackages: frameworkintegration-plugin libKF5Style5 - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - No code change since 5.85.0 ==== fuse3 ==== Version update (3.10.4 -> 3.10.5) - Update to release 3.10.5 * Various improvements to make unit tests more robust. ==== gcc ==== - Add libgccjit%{libgccjit_sover}-devel package ==== gd ==== Version update (2.3.2 -> 2.3.3) - version update to 2.3.3 [bsc#1190400] * update cmake to generate config.h in the build dir * 2.3.3 release * gdPutBuf return value check * HEIF builds fail with latest distros * segfault in heif tests due to missing label.heic * Test failure avif/compare_avif_to_png with libavif-0.8.2 * imagecopyresampled() produce artifacts on transparent PNG * Fixes to build v2.3.0 on Windows with MinGW-w64 * optimize option in gif animation causes segfault * _gdContributionsCalc() always uses DEFAULT_BOX_RADIUS * gdImageRotateInterpolated() converts the source image to truecolor * CMake and Makefiles build broken on Windows * gdImageScaleTwoPass() looses top row and left column ==== geoclue2 ==== Version update (2.5.6 -> 2.5.7) Subpackages: system-user-srvGeoClue typelib-1_0-Geoclue-2_0 - Update to version 2.5.7: + A bug fix release, mainly fixing a bunch of memory leaks. - Add geoclue2-revert-2-faulty.patch: Revert two broken commits. https://gitlab.freedesktop.org/geoclue/geoclue/-/issues/142 ==== ghostscript ==== - CVE-2021-3781.patch fixes CVE-2021-3781 Trivial -dSAFER bypass cf. https://bugs.ghostscript.com/show_bug.cgi?id=704342 (bsc#1190381) ==== gjs ==== Version update (1.68.3 -> 1.68.4) Subpackages: libgjs0 typelib-1_0-GjsPrivate-1_0 - Update to version 1.68.4: + Build fix backported from the development branch. ==== glib2 ==== Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 - desktop-file-utils: add Pantheon desktop environment ==== glibc ==== Version update (2.33 -> 2.34) Subpackages: glibc-locale glibc-locale-base - Don't create separate debuginfo packages for cross packages - ldconfig-leak-empty-paths.patch: ldconfig: avoid leak on empty paths in config file - gconv-parseconfdir-memory-leak.patch: gconv_parseconfdir: Fix memory leak - gaiconf-init-double-free.patch: gaiconf_init: Avoid double-free in label and precedence lists - copy-and-spawn-sgid-double-close.patch: copy_and_spawn_sgid: Avoid double calls to close() - icon-charmap-close-output.patch: iconv_charmap: Close output file when done - fcntl-time-bits-64-redirect.patch: Linux: Fix fcntl, ioctl, prctl redirects for _TIME_BITS=64 (BZ #28182) - librt-null-pointer.patch: librt: fix NULL pointer dereference (BZ [#28213]) - Add cross development packages for aarch64 and riscv64. - Update to glibc 2.34 Major new features: * When _DYNAMIC_STACK_SIZE_SOURCE or _GNU_SOURCE are defined, PTHREAD_STACK_MIN is no longer constant and is redefined to sysconf(_SC_THREAD_STACK_MIN) * Add _SC_MINSIGSTKSZ and _SC_SIGSTKSZ * The dynamic linker implements the --list-diagnostics option, printing a dump of information related to IFUNC resolver operation and glibc-hwcaps subdirectory selection * On Linux, the function execveat has been added * The ISO C2X function timespec_getres has been added * The feature test macro __STDC_WANT_IEC_60559_EXT__, from draft ISO C2X, is supported to enable declarations of functions defined in Annex F of C2X * Add support for 64-bit time_t on configurations like x86 where time_t is traditionally 32-bit * The main gconv-modules file in glibc now contains only a small set of essential converter modules and the rest have been moved into a supplementary configuration file gconv-modules-extra.conf in the gconv-modules.d directory in the same GCONV_PATH * On Linux, a new tunable, glibc.pthread.stack_cache_size, can be used to configure the size of the thread stack cache * The function _Fork has been added as an async-signal-safe fork replacement since Austin Group issue 62 droped the async-signal-safe requirement for fork (and it will be included in the future POSIX standard) * On Linux, the close_range function has been added * The function closefrom has been added * The posix_spawn_file_actions_closefrom_np function has been added, enabling posix_spawn and posix_spawnp to close all file descriptors great than or equal to a giver integer Deprecated and removed features, and other changes affecting compatibility: * The function pthread_mutex_consistent_np has been deprecated * The function pthread_mutexattr_getrobust_np has been deprecated * The function pthread_mutexattr_setrobust_np has been deprecated * The function pthread_yield has been deprecated * The function inet_neta declared in <arpa/inet.h> has been deprecated * Various rarely-used functions declared in <resolv.h> and <arpa/nameser.h> have been deprecated * The pthread cancellation handler is now installed with SA_RESTART and pthread_cancel will always send the internal SIGCANCEL on a cancellation request * The symbols mallwatch and tr_break are now deprecated and no longer used in mtrace * The __morecore and __after_morecore_hook malloc hooks and the default implementation __default_morecore have been removed from the API * Debugging features in malloc such as the MALLOC_CHECK_ environment variable (or the glibc.malloc.check tunable), mtrace() and mcheck() have now been disabled by default in the main C library * The deprecated functions malloc_get_state and malloc_set_state have been moved from the core C library into libc_malloc_debug.so * The deprecated memory allocation hooks __malloc_hook, __realloc_hook, __memalign_hook and __free_hook are now removed from the API Changes to build and runtime requirements: * On Linux, the shm_open, sem_open, and related functions now expect the file shared memory file system to be mounted at /dev/shm Security related changes: CVE-2021-27645: The nameserver caching daemon (nscd), when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system CVE-2021-33574: The mq_notify function has a potential use-after-free issue when using a notification type of SIGEV_THREAD and a thread attribute with a non-default affinity mask - nss-database-check-reload.patch, nss-load-chroot.patch, x86-isa-level.patch, nscd-netgroupcache.patch, nss-database-lookup.patch, select-modify-timeout.patch, nptl-db-libpthread-load-order.patch, rawmemchr-warning.patch, tst-cpu-features-amx.patch, mq-notify-use-after-free.patch: Removed ==== gnome-control-center ==== Version update (40.0 -> 40.1) Subpackages: gnome-control-center-goa - Update to version 40.1: + About: Don't show GNOME micro version. + Location: Fix permission store table and id. + Network: - Show all IPv6 addresses for an interface. - Display IPv6 gateway. + Power: Fix D-Bus proxy leak. + Updated translations. - Remove obsolete translation-update-upstream support (jsc#SLE-21105). ==== gnome-packagekit ==== - Add gnome-packagekit-drop-NEWEST-on-get-updates.patch: Don't use PK_FILTER_ENUM_NEWEST filter when getting updates (glgo#GNOME/gnome-packagekit!3, bsc#1190330). ==== gnome-shell ==== Version update (40.4 -> 40.5) Subpackages: gnome-shell-calendar - Update to version 40.5: + Optimize rendering of fullscreen zoom. + Fix glitchy launch animations when leaving overview. + Fix wrong separator position in dash. + Fix OSK not registering button presses on X11. + Fix work area getting messed up by hidden panels. + Fix IM candidate popover position. + Misc. bug fixes and cleanups. + Updated translations. - Remove obsolete translation-update-upstream support (jsc#SLE-21105). ==== gnome-shell-extension-desktop-icons ==== - Remove obsolete translation-update-upstream and gnome-patch-translation support (jsc#SLE-21105). ==== gnome-shell-extensions ==== - Remove obsolete translation-update-upstream and gnome-patch-translation support (jsc#SLE-21105). - Add dependency on gnome-shell-extensions-common for gnome-shell-classic to fix the translations in SLE Classic and GNOME Classic(bsc#1190016 jsc#SLE-20311). ==== gnome-tweaks ==== - Remove obsolete translation-update-upstream support (jsc#SLE-21105). ==== gnome-usage ==== Version update (3.37.1 -> 3.38.1) - Update to version 3.38.1: + Flag GtkBuilder children as unowned. + Prevent reading beyond GTop's args. + Prevent navigation to the storage separator. + Prevent a double border in the performance sidebar. + List compatible form-factors. - Changes from version 3.38.0: + Port to Tracker 3. + Updated translations. - Replace pkgconfig(tracker-sparql-2.0) BuildRequires with pkgconfig(tracker-sparql-3.0): follow upstreams port to Tracker 3. ==== gnome-user-docs ==== Version update (40.4 -> 40.5) - Update to version 40.5: + Updates to Files documentation. + Updated terminology. + Updated translations. ==== grub2 ==== Subpackages: grub2-arm64-efi grub2-snapper-plugin - Improve support for SLE Micro 5.1 on s390x. (bsc#1190395) * amend grub2-s390x-04-grub2-install.patch * refresh grub2-s390x-11-secureboot.patch - Follow usr merge for looking up kernel config (bsc#1189782) (bsc#1190061) * 0001-templates-Follow-the-path-of-usr-merged-kernel-confi.patch - Add btrfs zstd compression on i386-pc and also make sure it won't break existing grub installations (bsc#1161823) * deleted 0001-btrfs-disable-zstd-support-for-i386-pc.patch * added 0001-i386-pc-build-btrfs-zstd-support-into-separate-modul.patch - Delete the author list from %description (the %description section is literally for package descriptions (only) these days, encoding was also problematic). - Add %doc AUTHORS to get packaged that info ==== gstreamer ==== Version update (1.18.4 -> 1.18.5) Subpackages: libgstreamer-1_0-0 typelib-1_0-Gst-1_0 - Stop building doc sub-package, we will in the future use upstreams own standalone doc package. Following this: Drop fdupes, gtk-doc and hotdoc BuildRequires, and fdupes call, no longer needed nor usefull. - Refresh patches with quilt. - Remove obsolete translation-update-upstream and gnome-patch-translation support (jsc#SLE-21105). - Update to version 1.18.5: + aggregator: - Release the SRC lock while querying latency - Release pads' peeked buffer when removing the pad or finalizing it + basesink: Don't swap rstart/rstop when stepping + basesrc: Print segments with GST_SEGMENT_FORMAT and not GST_PTR_FORMAT + childproxy: init value in gst_child_proxy_get_property() if needed + clocksync: Fix providing system clock by default + concat: - Properly propagate seqnum of segment events - adjust running time offsets on downstream events - fix locking in SEGMENT event handler + downloadbuffer/sparsefile: several fixes for win32 + element: NULL the lists of contexts in dispose() + multiqueue: - Use running time of gap events for wakeups. - Ensure peer pad exists when iterating internal links + pad: - Keep IDLE probe hook alive during immediate callback - Ensure last flow return is set on sink pads in push mode - Don't spam the debug log at INFO level when default-chaining a buffer list - clear probes holding mutex + parse-launch: - Fix a critical when using the : operator. + Don't do delayed property setting for top-level properties. + plugin: load plugins with unknown license strings + ptpclock: Don't leak the GList + queue2: Refuse all serialized queries when posting buffering messages + systemclock: Update monotonic reference time when re-scheduling + High CPU usage in 1.18 (but not master) when pausing playback in gnome-music + Don't use volatile to mean atomic (fixes compiler warnings with gcc 11) ==== gstreamer-plugins-bad ==== Version update (1.18.4 -> 1.18.5) Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsturidownloader-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 - Stop building doc sub-package, we will in the future use upstreams own standalone doc package. Following this: Drop fdupes, gtk-doc and hotdoc BuildRequires, and fdupes call, no longer needed nor usefull, further pass doc=disabled to meson. - Update to version 1.18.5: + audiolatency: - Use live mode audiotestsrc - Handle audio buffers with invalid duration + ccconverter: fix framerate caps negotiation from non-cdp to cdp + dashdemux: - Properly initalize GError, remove duplicate logging call - Log protection events on corresponding pad - Fix dash_mpdparser_check_mpd_client_set_methods unit test + h264parse,h265parse: Push parameter set NAL units again per segment-done + h265parse: - Fix a typo in get_compatible_profile_caps() - Don't invalidate the last PPS when parsing a new SPS + h264parse: improve PPS handling + h2645parser: Catch overflows in AVC/HEVC NAL unit length calculations + interlace: - Don't set field-order field for progressive caps, fixes negotiation issues - Fix too small buffer size error + jpegparse: Don't generate timestamp for 0/1 framerates + opencv: fix build error on macOS + openexr: Fix build with OpenEXR 3 + openh264enc: fix broken sps/pps header generation and some minor leaks + mpeg2enc: - Fix interlace-mode detection on input video - Only allow 1 pending frame for encoding (fixes unbound memory usage in case encoder can't keep up with input) + mfvideoenc: Don't pass 0/1 framerate to MFT + mfvideosrc: - Fix for negative MF stride - Fix negotiation when interlace-mode is specified + mxfvanc: Handle empty ANC essence + rtmp2src: workaround a GLib race when destroying a GMainContext/GSource + rtpsrc: Plug leak of rtcp_send_addr and fix setting URI back to NULL + rtpsink: Return proper pad from _request_new_pad() + rist: Plug leak of rtcp_send_addr + rtmp2: Use correct size of write macro for param2 + rtmp2/connection: Separate inner from outer cancelling + tsmux: - When selecting random PIDs, name the pads according to those PIDs - Recheck existing pad PIDs when requesting a new pad with a random pid + tsdemux: - Fix seek with stop regression - Clear all streams when rewinding, fixes the case where the demuxer sends out partial invalid data downstream after a seek which causes some decoders (such as dvdlpmdec) to error out + v4l2slh264dec: Fix slice header bit size calculation + videoparseutils: Fix for wrong CEA708 minimum size check + waylandsink: Fix for missing initial configure + wpe: Make threaded view singleton creation thread safe + x265: Fix a deadlock when failing to create the x265enc + Don't use volatile to mean atomic (fixes compiler warnings with gcc 11) - Drop gstreamer-plugins-bad-openexr3.patch: Fixed upstream. - No longer pass nvdec=disabled, nvenc=disabled and vdpau=disabled to meson, no longer needed, nor recognized. ==== gstreamer-plugins-base ==== Version update (1.18.4 -> 1.18.5) Subpackages: libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 - Stop building doc sub-package, we will in the future use upstreams own standalone doc package. Following this: Drop fdupes, gtk-doc and hotdoc BuildRequires, and fdupes call, no longer needed nor usefull. - Remove obsolete translation-update-upstream support (jsc#SLE-21105). - Update to version 1.18.5: + appsrc: Don't leak buffer list while wrongly unreffing buffer on EOS/flushing + audioaggregator: - Don't overwrite already written samples - Resync on the next buffer when dropping a buffer on discont resyncing + audiobasesink: Fix of double lock release + audiobasesrc: Fix divide by zero assertion + clockoverlay: Fix broken string formatting by strftime() on Windows + compositor: Fix NV12 blend operation + giosrc: Don't leak scheme string in gst_gio_src_query() + giobasesink: Handle incomplete writes in gst_gio_base_sink_render() + gl/wayland: - Use consistent wl_display when creating work queue for proxy wrapper - Provide a dummy global_remove function + gl: Fix build when Meson >= 0.58.0rc1 + playbin2: fix base_time selection when flush seeking live (such as with RTSP) + rtspconnection: - Add IPv6 support for tunneled mode - Consistently translate GIOError to GstRTSPResult (for rtspsrc) + rawbaseparse: check destination format correctly + uridecodebin: Don't force floating reference for future reusable decodebin + parsebin: Put stream flags in GstStream + splitmuxsink: always use factory property when set + video-converter: Set up matrix tables only once. + videoscale: Performance degradation from 1.16.2 -> 1.18.4 + videotestsrc: Fix a leak when computing alpha caps + audio/video-converter: Plug some minor leaks + audio,video-format: Make generate_raw_formats idempotent for assertions + Don't use volatile to mean atomic (fixes compiler warnings with gcc 11) + Fix build issue on MinGW64 - Drop 90903917.patch: Fixed upstream. ==== gstreamer-plugins-good ==== Version update (1.18.4 -> 1.18.5) - Drop doc sub-package, following this drop gtk-doc BuildRequires. - Remove obsolete translation-update-upstream support (jsc#SLE-21105). - Update to version 1.18.5: + avidemux: Also detect 0x000001 as H264 byte-stream start code in codec_data + deinterlace: - Plug a method subobject leak - Drop field-order field if outputting progressive + jpegdec: Fix crash when interlaced field height is not DCT block size aligned + qmlglsink: Keep old buffers around a bit longer if they were bound by QML + qml: qtitem: don't potentially leak a large number of buffers + qtdemux: Force stream-start push when re-using EOS'd streams + qtmux: - For Apple ProRes, allow overriding pixel bit depth, e.g. when exporting an opaque image, yet with alpha. - Make sure to write 64-bit STCO table when needed. + rtpjpegpay: fix image corruption when compiled with MSVC on Windows + rtpptdemux: Remove pads also in PAUSED->READY + rtph265depay: update codec_data in caps regardless of format + rtspsrc: - Do not overwrite the known duration after a seek - De-dup seek event seqnums to avoid multiple seeks - Fix race saving seek event seqnum - Using multicast UDP has no relation to seekability, also add some logging - Fix more signals - Fix accumulation of before-send signal return values + rtpjitterbuffer: - Fix parsing of the mediaclk:direct= field - Avoid generation of invalid timestamps - Check srcresult before waiting on the condition variable too - More logging when calculating rfc7273 timestamps + souphttpsrc: Always use the content decoder but set `Accept-Encoding:... + udpsrc: Plug leaks of saddr in error cases + multiudpsink: Fix broken SO_SNDBUF get/set on Windows + v4l2object: - Add interlace-mode back to caps for camera - Use default colorimetry if that in caps is unknown - Avoid colorimetry mismatch for streams with invalid colorimetry - Add support for hdr10 stream playback + wavparse: adtl/note/labl chunk parsing fixes + Don't use volatile to mean atomic (fixes compiler warnings with gcc 11) + 1.18.4: build fails with glib 2.67.6 and gcc-11: argument 2 of ?_atomicload? must not be a pointer to a ?volatile? type - Drop 612102fdbc3f813bf9d3406165692b5f742e51a6.patch: Fixed upstream. ==== gtk4 ==== Version update (4.2.1 -> 4.4.0) Subpackages: gtk4-schema libgtk-4-1 typelib-1_0-Gtk-4_0 - Remove obsolete translation-update-upstream support (jsc#SLE-21105). - Update to version 4.4.0: + Input: - Match IBus for display of Compose sequences - Match IBus for handling of mismatches - Handle Escape in Compose sequences - Allow multiple dead keys - Support 32bit keysyms + GtkCheckButton: Activate when moving focus + GtkLabel: Propertly ignore double underscores for mnemonics + GtkPopoverMenu: Fix focus cycling + GtkTextView: - Improve word selection - Fix block cursors on empty lines + GdkToplevel: Support the gnome-shell titlebar gesture protocol + GdkDropTarget: Allow creating drop targets in ui files + gsk: - Handle partial color fonts correctly - Use harfbuzz for color font information - Avoid pango for glyph cache rendering - Shrink shadow extents + Settings: Change the default for gtk-split-cursor to FALSE + Demos: - Small improvements to widget-factory - gtk-demo: Improve the hypertext demo - gtk-dem: Improve the clipboard demo + X11: Set WM_CLASS on toplevels + Wayland: Support wl_seat v7 + Updated translations. ==== gzip ==== Version update (1.10 -> 1.11) - Update to 1.11: * Performance improvements * Added hardware acceleration for IBM Z - Refresh patches: * manpage-no-date.patch * xz_lzma.patch - Remove upstreamed patches: * gzip-1.10-fix-DFLTCC-segfault.patch * gzip-1.10-fix_count_of_lines_to_skip.patch * gzip-1.10-ibm_dfltcc_support.patch ==== harfbuzz ==== Version update (2.8.2 -> 2.9.1) Subpackages: libharfbuzz-gobject0 libharfbuzz-icu0 libharfbuzz-subset0 libharfbuzz0 typelib-1_0-HarfBuzz-0_0 - harfbuzz 2.9.1: + Subsetter API close to stable + Various fuzzer-found bug fixes + hb_buffer_append() now handles the pre- and post-context which previously were left unchanged in the destination buffer + hb-view / hb-shape now accept following new arguments: - -unicodes: takes a list of hex numbers that represent Unicode codepoints. + Undeprecated API: hb_set_invert() - includes changes from 2.9.0: + Support multiple variation axes with same tag, aka HOI + The coretext testing shaper now passes font variations to CoreText + hb-shape/hb-view does not break line at new lines unless text is read from file + hb-view and hb-subset has a --batch now, similar to hb-shape + The --batch mode now uses ; as argument separator instead of : used previously + The --batch in hb-shape does not expect 0th argument anymore. That is, the lines read are interpreted as argv[1:], instead of argv[0:]. + The --batch option has been undocumented. We are ready to document it; send feedback if you find it useful + hb-subset got arguments revamps. Added much-requested - -gids-file, --glyphs, --glyphs-file, --unicodes-file, supporting ranges in --unicodes. + Various bug fixes ==== hplip ==== Version update (3.21.4 -> 3.21.6) - Update to 3.21.6 New upstream release, added support for new distributions ==== hwdata ==== Version update (0.350 -> 0.351) - Update to version 0.351 (bsc#1190091): + Updated pci, usb and vendor ids. ==== ibus ==== Version update (1.5.24 -> 1.5.25) Subpackages: libibus-1_0-5 typelib-1_0-IBus-1_0 - Refresh ibus-socket-name-compatibility.patch - Add ibus-missing-include.patch to fix build on Leap - Add ibus-fix-wrong-cursor-location.patch (based on https://github.com/ibus/ibus/commit/936a0e76df79d92a8bdc03e9205330fb84a2083e...) (gh#ibus/ibus#2337) - Drop ibus-python-install-dir.patch Two reasons: it's for, disabled in .spec, python2, and patch forces the re-generation of configure, which requires aclocal-1.16, unavailable on Leap-15.3, and that breaks the build. - Update version to 1.5.25 * src/tests: Run gnome-session with no-overview mode * client/gtk2: Implement ibus_im_context_set_surrounding_with_selection * src/ibuscomposetable: Do not include the same compose file * src/ibusenginesimple: Multi_key to 0xB7 * src/ibusenginesimple: Make Compose preedit less intrusive * Change default Emoji shortcut key * setup: Enhance engine search function * client/gtk2/ibusimcontext: Enable sync process in GTK4 * engine: Update simple.xml with xkeyboard-config 2.33 * src/ibuscomposetable: Add support for the include directive (lf-) * src/ibuscomposetable: Fix a buffer overflow in compose handling (lf-) * client/x11: Add support for XFixes ClientDisconnectMode (Olivier Fourdan) * setup: Start ibus-daemon with the --daemonize option (Gunnar Hjalmarsson) * src: Fix a typo in ibusenginesimple.h (user202729) * Update translations ==== installation-images-MicroOS ==== Version update (17.13 -> 17.15) - merge gh#openSUSE/installation-images#523 - increase minimal ext2 fs size to 128 kiB - 17.15 - merge gh#openSUSE/installation-images#521 - Fix conditions for removing zram devices - Improvements from code review - Fix conditions for turning on/off zram (bcs#1187434) - 17.14 ==== iproute2 ==== Version update (5.13 -> 5.14) - Update to release 5.14 * ip: Add nodst option to macvlan type source * iplink: add support for parent device * iplink: support for WWAN devices * bridge: reorder cmd line arg parsing to let "-c" be detected as "color" option ==== iputils ==== - Added hardening to systemd service(s) (bsc#1181400). Added patch(es): * harden_rdisc.service.patch ==== irqbalance ==== Version update (1.8.0.14.ga7f8148 -> 1.8.0.18.git+2435e8d) - Update to version 1.8.0.18.git+2435e8d: * fix unsigned integer subtraction sign overflow * fix opendir fails in check_platform_device * irqbalance: Check validity of numa_node * configure.ac: use pkg-config to find numa * Disable the communication socket when UI is disabled * Fix comma typo in ui.c * drop NoNewPrivs from irqbalance service * remove no existing irq in banned_irqs * Fix compile issue with none AARCH64 builds - Fixes integrated mainline: * bsc#1119461 * bsc#1138190 * bsc#1154905 * bsc#1178477 bsc#1183405 (removed patches due to mainline integration): procinterrupts-check-xen-dyn-event-more-flexible.patch * bsc#1182254 bsc#1156315 (removed patches due to mainline integration): fix-ambiguous-parsing-of-node-entries-in-sys.patch * bsc#1183157 also-fetch-node-info-for-non-PCI-devices.patch - Update to version 1.8.0.18.git+2435e8d.obscpio: * fix unsigned integer subtraction sign overflow - Make git hash in version better visable .git+<githash> ==== json-glib ==== Version update (1.6.4 -> 1.6.6) Subpackages: libjson-glib-1_0-0 typelib-1_0-Json-1_0 - Update to version 1.6.6: + New release with the documentation and gi-docgen included in the archive. - Drop gtk-doc BuildRequires, no longer needed, nor used. - Add docbook-xsl-stylesheets and libxslt-tools BuildRequires, needed for building of manpages. ==== kaccounts-integration ==== Version update (21.08.0 -> 21.08.1) - Drop the unneeded baselibs.conf. - Update to 21.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/21.08.1 - No code change since 21.08.0 ==== kactivities-stats ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - No code change since 5.85.0 ==== kactivities5 ==== Version update (5.85.0 -> 5.86.0) Subpackages: kactivities5-imports libKF5Activities5 - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - No code change since 5.85.0 ==== kactivitymanagerd ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== karchive ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - No code change since 5.85.0 ==== kate ==== Version update (21.08.0 -> 21.08.1) Subpackages: kate-plugins - Update to 21.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/21.08.1 - Changes since 21.08.0: * semantic highlighter: Use a timer to reduce amount of requests being sent ==== kauth ==== Version update (5.85.0 -> 5.86.0) Subpackages: libKF5Auth5 libKF5AuthCore5 - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - No code change since 5.85.0 ==== kbd ==== Subpackages: kbd-legacy - Only run kbdsettings.service if /etc/sysconfig/keyboard exists. Necessary for image based installations without admin made changes. ==== kbookmarks ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * Add support for static builds * replace "MacOSX" with "macOS" ==== kcmutils ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * We depend against c++-17 so we can use qOverload directly * Port away from deprecated KPluginLoader * Minor typo and wording fixes for KCModuleInfo API doc ==== kcodecs ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * KCharsets: add custom US-ASCII QTextCodec as workaround for QTBUG-83081 ==== kcompletion ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * We depend against c++-17 so we can use qOverload directly ==== kconfig ==== Version update (5.85.0 -> 5.86.0) Subpackages: kconf_update5 libKF5ConfigCore5 libKF5ConfigGui5 - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * Add Ctrl+Alt+Comma shortcut for "Configure Keyboard Shortcuts" (kde#441537) * Make enum value visible to QML when using GlobalEnum mode * KDesktopFile::isAuthorizedDesktopFile: reduce warning to info a log ==== kconfigwidgets ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * Add support for static builds * We depend against c++-17 so we can use qOverload directly * Hide KHamburgerMenu in QMenus when a native menu bar is used (kde#439997) * clarify quickhelp apidocs ==== kcoreaddons ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Too many changes since 5.85.0, only listing bugfixes: * Fix issue when building KCrash static (kde#440416) ==== kcrash ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - No code change since 5.85.0 ==== kdbusaddons ==== Version update (5.85.0 -> 5.86.0) Subpackages: kdbusaddons-tools libKF5DBusAddons5 - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * replace "MacOSX" with "macOS" ==== kde-cli-tools5 ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== kde-print-manager ==== Version update (21.08.0 -> 21.08.1) - Update to 21.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/21.08.1 - Changes since 21.08.0: * Fix plugin name in .desktop file (kde#426834) ==== kdeclarative ==== Version update (5.85.0 -> 5.86.0) Subpackages: kdeclarative-components libKF5CalendarEvents5 libKF5Declarative5 libKF5QuickAddons5 - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * document clipboard more extensively * Add missing PRIVATE part for linking in cmake * Try to fix Android build via linking GLESv3 * qtquicksettings: Add workaround for Nvidia Wayland * GridDelegate: Fix non-existant context property * AbstractKCM: Fix padding when header/footer is not visible * Don't use the KIO AccessManager on Android ==== kded ==== Version update (5.85.0 -> 5.86.0) - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - No code change since 5.85.0 ==== kdelibs4support ==== Version update (5.85.0 -> 5.86.0) Subpackages: libKF5KDELibs4Support5 - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * replace "MacOSX" with "macOS" ==== kdesu ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - No code change since 5.85.0 ==== kdialog ==== Version update (21.08.0 -> 21.08.1) - Update to 21.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/21.08.1 - No code change since 21.08.0 ==== kdnssd-framework ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * replace "MacOSX" with "macOS" ==== kdoctools ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * Move ksnake to deprecated and add ksnakeduel entity * Add an entity for Kigo ==== kernel-firmware ==== Version update (20210812 -> 20210901) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20210901 (git commit 6f5aada830d6): * linux-firmware: update frimware for mediatek bluetooth chip (MT7921) * rtl_bt: Update RTL8852A BT USB firmware to 0xD9A9_1D69 * rtl_bt: Update RTL8822C BT UART firmware to 0x05A9_1A4A * rtl_bt: Update RTL8822C BT USB firmware to 0x09A9_1A4A * Mellanox: Add new mlxsw_spectrum firmware xx.2008.3326 * iwlwifi: add FW for new So/Gf device type * rtl_bt: Update RTL8852A BT USB firmware to 0xD9A9_127B * rtl_nic: update firmware of RTL8153C * ice: update package file to 1.3.26.0 - Update aliases ==== kernel-source ==== Version update (5.13.13 -> 5.14.6) - Revert "usb: xhci-mtk: Do not use xhci's virt_dev in drop_endpoint" (git-fixes). - tipc: fix an use-after-free issue in tipc_recvmsg (git-fixes). - ethtool: Fix rxnfc copy to user buffer overflow (git-fixes). - commit 6131a3c - Linux 5.14.6 (bsc#1012628). - Makefile: use -Wno-main in the full kernel tree (bsc#1012628). - rtc: tps65910: Correct driver module alias (bsc#1012628). - io_uring: place fixed tables under memcg limits (bsc#1012628). - io_uring: add ->splice_fd_in checks (bsc#1012628). - io_uring: fix io_try_cancel_userdata race for iowq (bsc#1012628). - io-wq: fix wakeup race when adding new work (bsc#1012628). - io-wq: fix race between adding work and activating a free worker (bsc#1012628). - btrfs: use delalloc_bytes to determine flush amount for shrink_delalloc (bsc#1012628). - btrfs: wake up async_delalloc_pages waiters after submit (bsc#1012628). - btrfs: wait on async extents when flushing delalloc (bsc#1012628). - btrfs: reduce the preemptive flushing threshold to 90% (bsc#1012628). - btrfs: do not do preemptive flushing if the majority is global rsv (bsc#1012628). - btrfs: zoned: fix block group alloc_offset calculation (bsc#1012628). - btrfs: zoned: suppress reclaim error message on EAGAIN (bsc#1012628). - btrfs: fix upper limit for max_inline for page size 64K (bsc#1012628). - btrfs: reset replace target device to allocation state on close (bsc#1012628). - btrfs: zoned: fix double counting of split ordered extent (bsc#1012628). - blk-zoned: allow zone management send operations without CAP_SYS_ADMIN (bsc#1012628). - blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN (bsc#1012628). - powerpc/perf/hv-gpci: Fix counter value parsing (bsc#1012628). - xen: fix setting of max_pfn in shared_info (bsc#1012628). - 9p/xen: Fix end of loop tests for list_for_each_entry (bsc#1012628). - ceph: fix dereference of null pointer cf (bsc#1012628). - Input: elan_i2c - reduce the resume time for controller in Whitebox (bsc#1012628). - selftests/ftrace: Fix requirement check of README file (bsc#1012628). - tools/thermal/tmon: Add cross compiling support (bsc#1012628). - clk: socfpga: agilex: fix the parents of the psi_ref_clk (bsc#1012628). - clk: socfpga: agilex: fix up s2f_user0_clk representation (bsc#1012628). - clk: socfpga: agilex: add the bypass register for s2f_usr0 clock (bsc#1012628). - pinctrl: stmfx: Fix hazardous u8[] to unsigned long cast (bsc#1012628). - pinctrl: ingenic: Fix incorrect pull up/down info (bsc#1012628). - pinctrl: ingenic: Fix bias config for X2000(E) (bsc#1012628). - soc: mediatek: mmsys: Fix missing UFOE component in mt8173 table routing (bsc#1012628). - soc: qcom: aoss: Fix the out of bound usage of cooling_devs (bsc#1012628). - soc: aspeed: lpc-ctrl: Fix boundary check for mmap (bsc#1012628). - soc: aspeed: p2a-ctrl: Fix boundary check for mmap (bsc#1012628). - arm64: Move .hyp.rodata outside of the _sdata.._edata range (bsc#1012628). - arm64: mm: Fix TLBI vs ASID rollover (bsc#1012628). - arm64: head: avoid over-mapping in map_memory (bsc#1012628). - arm64: Do not trap PMSNEVFR_EL1 (bsc#1012628). - iio: ltc2983: fix device probe (bsc#1012628). - wcn36xx: Ensure finish scan is not requested before start scan (bsc#1012628). - crypto: public_key: fix overflow during implicit conversion (bsc#1012628). - block: bfq: fix bfq_set_next_ioprio_data() (bsc#1012628). - power: supply: max17042: handle fails of reading status register (bsc#1012628). - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc() (bsc#1012628). - crypto: ccp - shutdown SEV firmware on kexec (bsc#1012628). - spi: fsi: Reduce max transfer size to 8 bytes (bsc#1012628). - VMCI: fix NULL pointer dereference when unmapping queue pair (bsc#1012628). - media: uvc: don't do DMA on stack (bsc#1012628). - media: rc-loopback: return number of emitters rather than error (bsc#1012628). - nvmem: core: fix error handling while validating keepout regions (bsc#1012628). - s390/qdio: fix roll-back after timeout on ESTABLISH ccw (bsc#1012628). - s390/qdio: cancel the ESTABLISH ccw after timeout (bsc#1012628). - Revert "dmaengine: imx-sdma: refine to load context only once" (bsc#1012628). - dmaengine: imx-sdma: remove duplicated sdma_load_context (bsc#1012628). - watchdog: iTCO_wdt: Fix detection of SMI-off case (bsc#1012628). - libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs (bsc#1012628). - ARM: 9105/1: atags_to_fdt: don't warn about stack size (bsc#1012628). - sched: Prevent balance_push() on remote runqueues (bsc#1012628). - f2fs: let's keep writing IOs on SBI_NEED_FSCK (bsc#1012628). - f2fs: fix to do sanity check for sb/cp fields correctly (bsc#1012628). - PCI/portdrv: Enable Bandwidth Notification only if port supports it (bsc#1012628). - PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported (bsc#1012628). - PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure (bsc#1012628). - PCI: xilinx-nwl: Enable the clock through CCF (bsc#1012628). - PCI: aardvark: Configure PCIe resources from 'ranges' DT property (bsc#1012628). - PCI: aardvark: Fix checking for PIO status (bsc#1012628). - PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response (bsc#1012628). - PCI: aardvark: Fix masking and unmasking legacy INTx interrupts (bsc#1012628). - f2fs: compress: fix to set zstd compress level correctly (bsc#1012628). - RDMA/rtrs: move wr_cnt from rtrs_srv_con to rtrs_con (bsc#1012628). - RDMA/rtrs: Enable the same selective signal for heartbeat and IO (bsc#1012628). - RDMA/rtrs: Move sq_wr_avail to rtrs_con (bsc#1012628). - HID: input: do not report stylus battery state as "full" (bsc#1012628). - clk: renesas: rzg2l: Fix off-by-one check in rzg2l_cpg_clk_src_twocell_get() (bsc#1012628). - f2fs: quota: fix potential deadlock (bsc#1012628). - pinctrl: armada-37xx: Correct PWM pins definitions (bsc#1012628). - scsi: bsg: Remove support for SCSI_IOCTL_SEND_COMMAND (bsc#1012628). - clk: rockchip: drop GRF dependency for rk3328/rk3036 pll types (bsc#1012628). - IB/hfi1: Adjust pkey entry in index 0 (bsc#1012628). - RDMA/iwcm: Release resources if iw_cm module initialization fails (bsc#1012628). - docs: Fix infiniband uverbs minor number (bsc#1012628). - scsi: BusLogic: Use %X for u32 sized integer rather than %lX (bsc#1012628). - pinctrl: samsung: Fix pinctrl bank pin count (bsc#1012628). - f2fs: do not submit NEW_ADDR to read node block (bsc#1012628). - f2fs: turn back remapped address in compressed page endio (bsc#1012628). - f2fs: fix wrong checkpoint_changed value in f2fs_remount() (bsc#1012628). - vfio: Use config not menuconfig for VFIO_NOIOMMU (bsc#1012628). - scsi: ufs: Fix memory corruption by ufshcd_read_desc_param() (bsc#1012628). - scsi: ufs: Use DECLARE_COMPLETION_ONSTACK() where appropriate (bsc#1012628). - scsi: ufs: Fix the SCSI abort handler (bsc#1012628). - cpuidle: pseries: Fixup CEDE0 latency only for POWER10 onwards (bsc#1012628). - powerpc/stacktrace: Include linux/delay.h (bsc#1012628). - RDMA/hns: Don't overwrite supplied QP attributes (bsc#1012628). - RDMA/efa: Remove double QP type assignment (bsc#1012628). - RDMA/mlx5: Delete not-available udata check (bsc#1012628). - cpuidle: pseries: Mark pseries_idle_proble() as __init (bsc#1012628). - f2fs: reduce the scope of setting fsck tag when de->name_len is zero (bsc#1012628). - openrisc: don't printk() unconditionally (bsc#1012628). - dma-debug: fix debugfs initialization order (bsc#1012628). - xprtrdma: Put rpcrdma_reps before waking the tear-down completion (bsc#1012628). - NFSv4/pNFS: Fix a layoutget livelock loop (bsc#1012628). - NFSv4/pNFS: Always allow update of a zero valued layout barrier (bsc#1012628). - NFSv4/pnfs: The layout barrier indicate a minimal value for the seqid (bsc#1012628). - SUNRPC: Fix potential memory corruption (bsc#1012628). - SUNRPC/xprtrdma: Fix reconnection locking (bsc#1012628). - sunrpc: Fix return value of get_srcport() (bsc#1012628). - scsi: ufs: Fix unsigned int compared with less than zero (bsc#1012628). - scsi: ufshcd: Fix device links when BOOT WLUN fails to probe (bsc#1012628). - scsi: fdomain: Fix error return code in fdomain_probe() (bsc#1012628). - pinctrl: single: Fix error return code in pcs_parse_bits_in_pinctrl_entry() (bsc#1012628). - powerpc/numa: Consider the max NUMA node for migratable LPAR (bsc#1012628). - vfio/mbochs: Fix missing error unwind of mbochs_used_mbytes (bsc#1012628). - platform/x86: ISST: Fix optimization with use of numa (bsc#1012628). - scsi: smartpqi: Fix an error code in pqi_get_raid_map() (bsc#1012628). - scsi: qedi: Fix error codes in qedi_alloc_global_queues() (bsc#1012628). - scsi: qedf: Fix error codes in qedf_alloc_global_queues() (bsc#1012628). - powerpc/config: Fix IPV6 warning in mpc855_ads (bsc#1012628). - powerpc/config: Renable MTD_PHYSMAP_OF (bsc#1012628). - f2fs: fix to keep compatibility of fault injection interface (bsc#1012628). - iommu/vt-d: Update the virtual command related registers (bsc#1012628). - RDMA/hns: Fix return in hns_roce_rereg_user_mr() (bsc#1012628). - HID: amd_sfh: Fix period data field to enable sensor (bsc#1012628). - HID: i2c-hid: Fix Elan touchpad regression (bsc#1012628). - HID: thrustmaster: clean up Makefile and adapt quirks (bsc#1012628). - RDMA/hns: Ownerbit mode add control field (bsc#1012628). - clk: imx8mm: use correct mux type for clkout path (bsc#1012628). - clk: imx8m: fix clock tree update of TF-A managed clocks (bsc#1012628). - KVM: PPC: Book3S HV: Fix copy_tofrom_guest routines (bsc#1012628). - scsi: ufs: ufs-exynos: Fix static checker warning (bsc#1012628). - KVM: PPC: Book3S HV Nested: Reflect guest PMU in-use to L0 when guest SPRs are live (bsc#1012628). - powerpc/perf: Fix the check for SIAR value (bsc#1012628). - RDMA/hns: Fix incorrect lsn field (bsc#1012628). - RDMA/hns: Bugfix for data type of dip_idx (bsc#1012628). - RDMA/hns: Bugfix for the missing assignment for dip_idx (bsc#1012628). - RDMA/hns: Bugfix for incorrect association between dip_idx and dgid (bsc#1012628). - platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call (bsc#1012628). - powerpc/smp: Fix a crash while booting kvm guest with nr_cpus=2 (bsc#1012628). - powerpc/smp: Update cpu_core_map on all PowerPc systems (bsc#1012628). - RDMA/hns: Fix query destination qpn (bsc#1012628). - RDMA/hns: Fix QP's resp incomplete assignment (bsc#1012628). - fscache: Fix cookie key hashing (bsc#1012628). - clk: ralink: avoid to set 'CLK_IS_CRITICAL' flag for gates (bsc#1012628). - clk: at91: clk-generated: Limit the requested rate to our range (bsc#1012628). - KVM: PPC: Fix clearing never mapped TCEs in realmode (bsc#1012628). - soc: mediatek: cmdq: add address shift in jump (bsc#1012628). - f2fs: fix to account missing .skipped_gc_rwsem (bsc#1012628). - f2fs: fix unexpected ENOENT comes from f2fs_map_blocks() (bsc#1012628). - f2fs: fix to unmap pages from userspace process in punch_hole() (bsc#1012628). - f2fs: deallocate compressed pages when error happens (bsc#1012628). - f2fs: should put a page beyond EOF when preparing a write (bsc#1012628). - MIPS: Malta: fix alignment of the devicetree buffer (bsc#1012628). - kbuild: Fix 'no symbols' warning when CONFIG_TRIM_UNUSD_KSYMS=y (bsc#1012628). - userfaultfd: prevent concurrent API initialization (bsc#1012628). - drm/vmwgfx: Fix subresource updates with new contexts (bsc#1012628). - drm/vmwgfx: Fix some static checker warnings (bsc#1012628). - drm/vc4: hdmi: Set HD_CTL_WHOLSMP and HD_CTL_CHALIGN_SET (bsc#1012628). - drm/ttm: Fix multihop assert on eviction (bsc#1012628). - drm/omap: Follow implicit fencing in prepare_fb (bsc#1012628). - drm/amdgpu: Fix amdgpu_ras_eeprom_init() (bsc#1012628). - drm/amdgpu: Fix koops when accessing RAS EEPROM (bsc#1012628). - drm: vc4: Fix pixel-wrap issue with DVP teardown (bsc#1012628). - dma-buf: fix dma_resv_test_signaled test_all handling v2 (bsc#1012628). - drm/panel: Fix up DT bindings for Samsung lms397kf04 (bsc#1012628). - ASoC: ti: davinci-mcasp: Fix DIT mode support (bsc#1012628). - ASoC: atmel: ATMEL drivers don't need HAS_DMA (bsc#1012628). - media: dib8000: rewrite the init prbs logic (bsc#1012628). - media: ti-vpe: cal: fix error handling in cal_camerarx_create (bsc#1012628). - media: ti-vpe: cal: fix queuing of the initial buffer (bsc#1012628). - libbpf: Fix reuse of pinned map on older kernel (bsc#1012628). - drm/vkms: Let shadow-plane helpers prepare the plane's FB (bsc#1012628). - x86/hyperv: fix for unwanted manipulation of sched_clock when TSC marked unstable (bsc#1012628). - crypto: mxs-dcp - Use sg_mapping_iter to copy data (bsc#1012628). - PCI: Use pci_update_current_state() in pci_enable_device_flags() (bsc#1012628). - tipc: keep the skb in rcv queue until the whole data is read (bsc#1012628). - net: phy: Fix data type in DP83822 dp8382x_disable_wol() (bsc#1012628). - iio: dac: ad5624r: Fix incorrect handling of an optional regulator (bsc#1012628). - iavf: do not override the adapter state in the watchdog task (bsc#1012628). - iavf: fix locking of critical sections (bsc#1012628). - ARM: dts: qcom: apq8064: correct clock names (bsc#1012628). - video: fbdev: kyro: fix a DoS bug by restricting user input (bsc#1012628). - drm/ast: Disable fast reset after DRAM initial (bsc#1012628). - netlink: Deal with ESRCH error in nlmsg_notify() (bsc#1012628). - arm64: dts: qcom: Fix usb entries for SA8155p adp board (bsc#1012628). - net: ipa: fix IPA v4.11 interconnect data (bsc#1012628). - Smack: Fix wrong semantics in smk_access_entry() (bsc#1012628). - drm: avoid blocking in drm_clients_info's rcu section (bsc#1012628). - drm: serialize drm_file.master with a new spinlock (bsc#1012628). - drm: protect drm_master pointers in drm_lease.c (bsc#1012628). - rcu: Fix macro name CONFIG_TASKS_RCU_TRACE (bsc#1012628). - igc: Check if num of q_vectors is smaller than max before array access (bsc#1012628). - usb: host: fotg210: fix the endpoint's transactional opportunities calculation (bsc#1012628). - usb: host: fotg210: fix the actual_length of an iso packet (bsc#1012628). - usb: gadget: u_ether: fix a potential null pointer dereference (bsc#1012628). - USB: EHCI: ehci-mv: improve error handling in mv_ehci_enable() (bsc#1012628). - usb: gadget: composite: Allow bMaxPower=0 if self-powered (bsc#1012628). - staging: board: Fix uninitialized spinlock when attaching genpd (bsc#1012628). - staging: hisilicon,hi6421-spmi-pmic.yaml: fix patternProperties (bsc#1012628). - tty: serial: jsm: hold port lock when reporting modem line changes (bsc#1012628). - bus: fsl-mc: fix arg in call to dprc_scan_objects() (bsc#1012628). - bus: fsl-mc: fix mmio base address for child DPRCs (bsc#1012628). - misc/pvpanic-pci: Allow automatic loading (bsc#1012628). - selftests: firmware: Fix ignored return val of asprintf() warn (bsc#1012628). - drm/amd/display: Fix timer_per_pixel unit error (bsc#1012628). - media: hantro: vp8: Move noisy WARN_ON to vpu_debug (bsc#1012628). - media: platform: stm32: unprepare clocks at handling errors in probe (bsc#1012628). - media: atomisp: Fix runtime PM imbalance in atomisp_pci_probe (bsc#1012628). - media: atomisp: pci: fix error return code in atomisp_pci_probe() (bsc#1012628). - nfp: fix return statement in nfp_net_parse_meta() (bsc#1012628). - ethtool: improve compat ioctl handling (bsc#1012628). - drm/amd/display: Fixed hardware power down bypass during headless boot (bsc#1012628). - drm/amdgpu: Fix a printing message (bsc#1012628). - drm/amd/amdgpu: Update debugfs link_settings output link_rate field in hex (bsc#1012628). - bpf/tests: Fix copy-and-paste error in double word test (bsc#1012628). - bpf/tests: Do not PASS tests without actually testing the result (bsc#1012628). - drm/bridge: nwl-dsi: Avoid potential multiplication overflow on 32-bit (bsc#1012628). - arm64: dts: allwinner: h6: tanix-tx6: Fix regulator node names (bsc#1012628). - video: fbdev: asiliantfb: Error out if 'pixclock' equals zero (bsc#1012628). - video: fbdev: kyro: Error out if 'pixclock' equals zero (bsc#1012628). - video: fbdev: riva: Error out if 'pixclock' equals zero (bsc#1012628). - net: ipa: fix ipa_cmd_table_valid() (bsc#1012628). - net: ipa: always validate filter and route tables (bsc#1012628). - ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs() (bsc#1012628). - flow_dissector: Fix out-of-bounds warnings (bsc#1012628). - s390/jump_label: print real address in a case of a jump label bug (bsc#1012628). - s390: make PCI mio support a machine flag (bsc#1012628). - serial: 8250: Define RX trigger levels for OxSemi 950 devices (bsc#1012628). - serial: max310x: Use clock-names property matching to recognize EXTCLK (bsc#1012628). - xtensa: ISS: don't panic in rs_init (bsc#1012628). - hvsi: don't panic on tty_register_driver failure (bsc#1012628). - serial: 8250_pci: make setup_port() parameters explicitly unsigned (bsc#1012628). - vt: keyboard.c: make console an unsigned int (bsc#1012628). - staging: ks7010: Fix the initialization of the 'sleep_status' structure (bsc#1012628). - drm/amd/display: Fix PSR command version (bsc#1012628). - samples: bpf: Fix tracex7 error raised on the missing argument (bsc#1012628). - libbpf: Fix race when pinning maps in parallel (bsc#1012628). - ata: sata_dwc_460ex: No need to call phy_exit() befre phy_init() (bsc#1012628). - drm: rcar-du: Shutdown the display on system shutdown (bsc#1012628). - Bluetooth: skip invalid hci_sync_conn_complete_evt (bsc#1012628). - workqueue: Fix possible memory leaks in wq_numa_init() (bsc#1012628). - ARM: dts: stm32: Set {bitclock,frame}-master phandles on DHCOM SoM (bsc#1012628). - ARM: dts: stm32: Set {bitclock,frame}-master phandles on ST DKx (bsc#1012628). - ARM: dts: stm32: Update AV96 adv7513 node per dtbs_check (bsc#1012628). - drm/msm/a6xx: Fix llcc configuration for a660 gpu (bsc#1012628). - netfilter: nft_compat: use nfnetlink_unicast() (bsc#1012628). - bonding: 3ad: fix the concurrency between __bond_release_one() and bond_3ad_state_machine_handler() (bsc#1012628). - ARM: dts: at91: use the right property for shutdown controller (bsc#1012628). - arm64: tegra: Fix Tegra194 PCIe EP compatible string (bsc#1012628). - ASoC: Intel: bytcr_rt5640: Move "Platform Clock" routes to the maps for the matching in-/output (bsc#1012628). - ASoC: Intel: update sof_pcm512x quirks (bsc#1012628). - Bluetooth: Fix not generating RPA when required (bsc#1012628). - dpaa2-switch: do not enable the DPSW at probe time (bsc#1012628). - media: imx258: Rectify mismatch of VTS value (bsc#1012628). - media: imx258: Limit the max analogue gain to 480 (bsc#1012628). - media: imx: imx7-media-csi: Fix buffer return upon stream start failure (bsc#1012628). - media: v4l2-dv-timings.c: fix wrong condition in two for-loops (bsc#1012628). - media: TDA1997x: fix tda1997x_query_dv_timings() return value (bsc#1012628). - media: tegra-cec: Handle errors of clk_prepare_enable() (bsc#1012628). - gfs2: Fix glock recursion in freeze_go_xmote_bh (bsc#1012628). - arm64: dts: qcom: sdm630: Rewrite memory map (bsc#1012628). - arm64: dts: qcom: sdm630: Fix TLMM node and pinctrl configuration (bsc#1012628). - net: ipa: fix IPA v4.9 interconnects (bsc#1012628). - serial: 8250_omap: Handle optional overrun-throttle-ms property (bsc#1012628). - misc: sram: Only map reserved areas in Tegra SYSRAM (bsc#1012628). - ARM: dts: imx53-ppd: Fix ACHC entry (bsc#1012628). - arm64: dts: qcom: ipq8074: fix pci node reg property (bsc#1012628). - arm64: dts: qcom: sdm660: use reg value for memory node (bsc#1012628). - arm64: dts: qcom: ipq6018: drop '0x' from unit address (bsc#1012628). - arm64: dts: qcom: sdm630: don't use underscore in node name (bsc#1012628). - arm64: dts: qcom: msm8994: don't use underscore in node name (bsc#1012628). - arm64: dts: qcom: msm8996: don't use underscore in node name (bsc#1012628). - arm64: dts: qcom: sm8250: Fix epss_l3 unit address (bsc#1012628). - nvmem: qfprom: Fix up qfprom_disable_fuse_blowing() ordering (bsc#1012628). - net: ethernet: stmmac: Do not use unreachable() in ipq806x_gmac_probe() (bsc#1012628). - drm/msm: mdp4: drop vblank get/put from prepare/complete_commit (bsc#1012628). - drm/msm/dsi: Fix DSI and DSI PHY regulator config from SDM660 (bsc#1012628). - drm: xlnx: zynqmp_dpsub: Call pm_runtime_get_sync before setting pixel clock (bsc#1012628). - drm: xlnx: zynqmp: release reset to DP controller before accessing DP registers (bsc#1012628). - ARM: dts: ixp4xx: Fix up bad interrupt flags (bsc#1012628). - thunderbolt: Fix port linking by checking all adapters (bsc#1012628). - drm/amd/display: fix missing writeback disablement if plane is removed (bsc#1012628). - drm/amd/display: fix incorrect CM/TF programming sequence in dwb (bsc#1012628). - selftests/bpf: Fix xdp_tx.c prog section name (bsc#1012628). - drm/vmwgfx: fix potential UAF in vmwgfx_surface.c (bsc#1012628). - staging: rtl8723bs: fix right side of condition (bsc#1012628). - drm/msm/dp: reduce link rate if failed at link training 1 (bsc#1012628). - drm/msm/dp: reset aux controller after dp_aux_cmd_fifo_tx() failed (bsc#1012628). - drm/msm/dp: return correct edid checksum after corrupted edid checksum read (bsc#1012628). - drm/msm/dp: do not end dp link training until video is ready (bsc#1012628). - net/mlx5: Fix variable type to match 64bit (bsc#1012628). - gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable access in amdgpu_i2c_router_select_ddc_port() (bsc#1012628). - drm/display: fix possible null-pointer dereference in dcn10_set_clock() (bsc#1012628). - mac80211: Fix monitor MTU limit so that A-MSDUs get through (bsc#1012628). - ARM: tegra: acer-a500: Remove bogus USB VBUS regulators (bsc#1012628). - ARM: tegra: tamonten: Fix UART pad setting (bsc#1012628). - arm64: tegra: Fix compatible string for Tegra132 CPUs (bsc#1012628). - arm64: dts: imx8mm-venice-gw700x: fix mp5416 pmic config (bsc#1012628). - arm64: dts: imx8mm-venice-gw700x: fix invalid pmic pin config (bsc#1012628). - arm64: dts: imx8mm-venice-gw71xx: fix USB OTG VBUS (bsc#1012628). - arm64: dts: ls1046a: fix eeprom entries (bsc#1012628). - nvme-tcp: don't check blk_mq_tag_to_rq when receiving pdu data (bsc#1012628). - nvme: code command_id with a genctr for use-after-free validation (bsc#1012628). - Bluetooth: Fix handling of LE Enhanced Connection Complete (bsc#1012628). - Bluetooth: Fix race condition in handling NOP command (bsc#1012628). - opp: Don't print an error if required-opps is missing (bsc#1012628). - serial: sh-sci: fix break handling for sysrq (bsc#1012628). - iomap: pass writeback errors to the mapping (bsc#1012628). - tcp: enable data-less, empty-cookie SYN with TFO_SERVER_COOKIE_NOT_REQD (bsc#1012628). - locking/rtmutex: Set proper wait context for lockdep (bsc#1012628). - rpc: fix gss_svc_init cleanup on failure (bsc#1012628). - iavf: use mutexes for locking of critical sections (bsc#1012628). - selftests/bpf: Correctly display subtest skip status (bsc#1012628). - selftests/bpf: Fix flaky send_signal test (bsc#1012628). - hwmon: (pmbus/ibm-cffps) Fix write bits for LED control (bsc#1012628). - staging: rts5208: Fix get_ms_information() heap buffer size (bsc#1012628). - selftests: nci: Fix the code for next nlattr offset (bsc#1012628). - selftests: nci: Fix the wrong condition (bsc#1012628). - net: Fix offloading indirect devices dependency on qdisc order creation (bsc#1012628). - kselftest/arm64: mte: Fix misleading output when skipping tests (bsc#1012628). - kselftest/arm64: pac: Fix skipping of tests on systems without PAC (bsc#1012628). - ASoC: rsnd: adg: clearly handle clock error / NULL case (bsc#1012628). - gfs2: Don't call dlm after protocol is unmounted (bsc#1012628). - usb: chipidea: host: fix port index underflow and UBSAN complains (bsc#1012628). - lockd: lockd server-side shouldn't set fl_ops (bsc#1012628). - drm/exynos: Always initialize mapping in exynos_drm_register_dma() (bsc#1012628). - rtl8xxxu: Fix the handling of TX A-MPDU aggregation (bsc#1012628). - rtw88: use read_poll_timeout instead of fixed sleep (bsc#1012628). - rtw88: wow: build wow function only if CONFIG_PM is on (bsc#1012628). - rtw88: wow: fix size access error of probe request (bsc#1012628). - octeontx2-pf: Fix NIX1_RX interface backpressure (bsc#1012628). - m68knommu: only set CONFIG_ISA_DMA_API for ColdFire sub-arch (bsc#1012628). - btrfs: remove racy and unnecessary inode transaction update when using no-holes (bsc#1012628). - btrfs: tree-log: check btrfs_lookup_data_extent return value (bsc#1012628). - soundwire: intel: fix potential race condition during power down (bsc#1012628). - ASoC: Intel: Skylake: Fix module configuration for KPB and MIXER (bsc#1012628). - ASoC: Intel: Skylake: Fix passing loadable flag for module (bsc#1012628). - of: Don't allow __of_attached_node_sysfs() without CONFIG_SYSFS (bsc#1012628). - mmc: sdhci-of-arasan: Modified SD default speed to 19MHz for ZynqMP (bsc#1012628). - mmc: sdhci-of-arasan: Check return value of non-void funtions (bsc#1012628). - mmc: core: Avoid hogging the CPU while polling for busy in the I/O err path (bsc#1012628). - mmc: core: Avoid hogging the CPU while polling for busy for mmc ioctls (bsc#1012628). - mmc: core: Avoid hogging the CPU while polling for busy after I/O writes (bsc#1012628). - mmc: rtsx_pci: Fix long reads when clock is prescaled (bsc#1012628). - selftests/bpf: Enlarge select() timeout for test_maps (bsc#1012628). - mmc: core: Return correct emmc response in case of ioctl error (bsc#1012628). - octeontx2-pf: cleanup transmit link deriving logic (bsc#1012628). - samples: pktgen: fix to print when terminated normally (bsc#1012628). - cifs: fix wrong release in sess_alloc_buffer() failed path (bsc#1012628). - Revert "USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set" (bsc#1012628). - usb: dwc3: imx8mp: request irq after initializing dwc3 (bsc#1012628). - usb: musb: musb_dsps: request_irq() after initializing musb (bsc#1012628). - usbip: give back URBs for unsent unlink requests during cleanup (bsc#1012628). - usbip:vhci_hcd USB port can get stuck in the disabled state (bsc#1012628). - usb: xhci-mtk: fix use-after-free of mtk->hcd (bsc#1012628). - usb: xhci-mtk: Do not use xhci's virt_dev in drop_endpoint (bsc#1012628). - ASoC: rockchip: i2s: Fix regmap_ops hang (bsc#1012628). - ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B (bsc#1012628). - ASoC: soc-pcm: protect BE dailink state changes in trigger (bsc#1012628). - drm/amdkfd: Account for SH/SE count when setting up cu masks (bsc#1012628). - nfs: don't atempt blocking locks on nfs reexports (bsc#1012628). - nfsd: fix crash on LOCKT on reexported NFSv3 (bsc#1012628). - iwlwifi: pcie: free RBs during configure (bsc#1012628). - iwlwifi: mvm: Do not use full SSIDs in 6GHz scan (bsc#1012628). - iwlwifi: mvm: fix a memory leak in iwl_mvm_mac_ctxt_beacon_changed (bsc#1012628). - iwlwifi: mvm: avoid static queue number aliasing (bsc#1012628). - iwlwifi: mvm: Fix umac scan request probe parameters (bsc#1012628). - iwlwifi: mvm: fix access to BSS elements (bsc#1012628). - iwlwifi: fw: correctly limit to monitor dump (bsc#1012628). - iwlwifi: mvm: don't schedule the roc_done_wk if it is already running (bsc#1012628). - iwlwifi: mvm: Fix scan channel flags settings (bsc#1012628). - net/mlx5: DR, fix a potential use-after-free bug (bsc#1012628). - net/mlx5: DR, Enable QP retransmission (bsc#1012628). - usb: isp1760: fix memory pool initialization (bsc#1012628). - usb: isp1760: fix qtd fill length (bsc#1012628). - usb: isp1760: write to status and address register (bsc#1012628). - usb: isp1760: use the right irq status bit (bsc#1012628). - usb: isp1760: otg control register access (bsc#1012628). - parport: remove non-zero check on count (bsc#1012628). - selftests/bpf: Fix potential unreleased lock (bsc#1012628). - wcn36xx: Fix missing frame timestamp for beacon/probe-resp (bsc#1012628). - ath9k: fix OOB read ar9300_eeprom_restore_internal (bsc#1012628). - ath9k: fix sleeping in atomic context (bsc#1012628). - net: fix NULL pointer reference in cipso_v4_doi_free (bsc#1012628). - fix array-index-out-of-bounds in taprio_change (bsc#1012628). - net: w5100: check return value after calling platform_get_resource() (bsc#1012628). - net: hns3: clean up a type mismatch warning (bsc#1012628). - parisc: fix crash with signals and alloca (bsc#1012628). - parisc: Fix compile failure when building 64-bit kernel natively (bsc#1012628). - printk/console: Check consistent sequence number when handling race in console_unlock() (bsc#1012628). - ovl: fix BUG_ON() in may_delete() when called from ovl_cleanup() (bsc#1012628). - scsi: BusLogic: Fix missing pr_cont() use (bsc#1012628). - scsi: qla2xxx: Changes to support kdump kernel (bsc#1012628). - scsi: qla2xxx: Sync queue idx with queue_pair_map idx (bsc#1012628). - mtd: rawnand: intel: Fix error handling in probe (bsc#1012628). - cpufreq: powernv: Fix init_chip_info initialization in numa=off (bsc#1012628). - s390/pv: fix the forcing of the swiotlb (bsc#1012628). - s390/topology: fix topology information when calling cpu hotplug notifiers (bsc#1012628). - mm: fix panic caused by __page_handle_poison() (bsc#1012628). - hugetlb: fix hugetlb cgroup refcounting during vma split (bsc#1012628). - mm/memory_hotplug: use "unsigned long" for PFN in zone_for_pfn_range() (bsc#1012628). - mm/hmm: bypass devmap pte when all pfn requested flags are fulfilled (bsc#1012628). - mm/hugetlb: initialize hugetlb_usage in mm_init (bsc#1012628). - mm,vmscan: fix divide by zero in get_scan_count (bsc#1012628). - mm/page_alloc.c: avoid accessing uninitialized pcp page migratetype (bsc#1012628). - mm/mempolicy: fix a race between offset_il_node and mpol_rebind_task (bsc#1012628). - memcg: enable accounting for pids in nested pid namespaces (bsc#1012628). - libnvdimm/pmem: Fix crash triggered when I/O in-flight during unbind (bsc#1012628). - platform/chrome: cros_ec_proto: Send command again when timeout occurs (bsc#1012628). - lib/test_stackinit: Fix static initializer test (bsc#1012628). - net: dsa: lantiq_gswip: fix maximum frame length (bsc#1012628). - net: stmmac: Fix overall budget calculation for rxtx_napi (bsc#1012628). - drm/mgag200: Select clock in PLL update functions (bsc#1012628). - drm/msi/mdp4: populate priv->kms in mdp4_kms_init (bsc#1012628). - drm/dp_mst: Fix return code on sideband message failure (bsc#1012628). - drm/panfrost: Make sure MMU context lifetime is not bound to panfrost_priv (bsc#1012628). - drm/amdgpu: Fix BUG_ON assert (bsc#1012628). - drm/amdgpu: Enable S/G for Yellow Carp (bsc#1012628). - drm/amdgpu: Fix a deadlock if previous GEM object allocation fails (bsc#1012628). - drm/amd/display: Update number of DCN3 clock states (bsc#1012628). - drm/amd/display: Update bounding box states (v2) (bsc#1012628). - drm/amdkfd: drop process ref count when xnack disable (bsc#1012628). - drm/amd/display: setup system context for APUs (bsc#1012628). - drm/msm/disp/dpu1: add safe lut config in dpu driver (bsc#1012628). - drm/ttm: Fix ttm_bo_move_memcpy() for subclassed struct ttm_resource (bsc#1012628). - drm/panfrost: Simplify lock_region calculation (bsc#1012628). - drm/panfrost: Use u64 for size in lock_region (bsc#1012628). - drm/panfrost: Clamp lock region to Bifrost minimum (bsc#1012628). - tracing/osnoise: Fix missed cpus_read_unlock() in start_per_cpu_kthreads() (bsc#1012628). - commit 73a28f9 - drm/vc4: hdmi: Fix HPD GPIO detection (bsc#1190469) - commit 4a524d3 - Linux 5.14.5 (bsc#1012628). - Revert "posix-cpu-timers: Force next expiration recalc after itimer reset" (bsc#1012628). - Revert "time: Handle negative seconds correctly in timespec64_to_ns()" (bsc#1012628). - Delete patches.suse/posix-cpu-timers-Fix-spuriously-armed-0-value-itimer.patch. - commit 048e6c0 - crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() (bsc#1189884 CVE-2021-3744 bsc#1190534 CVE-2021-3764). - commit e7a1776 - posix-cpu-timers: Fix spuriously armed 0-value itimer (timer breakage). - commit c8203f6 - Revert "rpm: Abolish scritplet templating (bsc#1189841)." This reverts commit e98096d5cf85dbe90f74a930eb1f0e3fe4a70c7f. "nothing provides suse-kernel-rpm-scriptlets". This is provided by suse-module-tools which are not in TW quite yet. See: https://build.opensuse.org/request/show/919012 So revert this temporarily. - commit f924054 - Linux 5.14.4 (bsc#1012628). - locking/mutex: Fix HANDOFF condition (bsc#1012628). - regmap: fix the offset of register error log (bsc#1012628). - regulator: tps65910: Silence deferred probe error (bsc#1012628). - crypto: mxs-dcp - Check for DMA mapping errors (bsc#1012628). - sched/deadline: Fix reset_on_fork reporting of DL tasks (bsc#1012628). - power: supply: axp288_fuel_gauge: Report register-address on readb / writeb errors (bsc#1012628). - crypto: omap-sham - clear dma flags only after omap_sham_update_dma_stop() (bsc#1012628). - sched/deadline: Fix missing clock update in migrate_task_rq_dl() (bsc#1012628). - rcu/tree: Handle VM stoppage in stall detection (bsc#1012628). - EDAC/mce_amd: Do not load edac_mce_amd module on guests (bsc#1012628). - posix-cpu-timers: Force next expiration recalc after itimer reset (bsc#1012628). - hrtimer: Avoid double reprogramming in __hrtimer_start_range_ns() (bsc#1012628). - hrtimer: Ensure timerfd notification for HIGHRES=n (bsc#1012628). - udf: Check LVID earlier (bsc#1012628). - udf: Fix iocharset=utf8 mount option (bsc#1012628). - isofs: joliet: Fix iocharset=utf8 mount option (bsc#1012628). - bcache: add proper error unwinding in bcache_device_init (bsc#1012628). - nbd: add the check to prevent overflow in __nbd_ioctl() (bsc#1012628). - blk-throtl: optimize IOPS throttle for large IO scenarios (bsc#1012628). - nvme-tcp: don't update queue count when failing to set io queues (bsc#1012628). - nvme-rdma: don't update queue count when failing to set io queues (bsc#1012628). - nvmet: pass back cntlid on successful completion (bsc#1012628). - power: supply: smb347-charger: Add missing pin control activation (bsc#1012628). - power: supply: max17042_battery: fix typo in MAx17042_TOFF (bsc#1012628). - s390/cio: add dev_busid sysfs entry for each subchannel (bsc#1012628). - s390/zcrypt: fix wrong offset index for APKA master key valid state (bsc#1012628). - libata: fix ata_host_start() (bsc#1012628). - sched/topology: Skip updating masks for non-online nodes (bsc#1012628). - crypto: omap - Fix inconsistent locking of device lists (bsc#1012628). - crypto: qat - do not ignore errors from enable_vf2pf_comms() (bsc#1012628). - crypto: qat - handle both source of interrupt in VF ISR (bsc#1012628). - crypto: qat - fix reuse of completion variable (bsc#1012628). - crypto: qat - fix naming for init/shutdown VF to PF notifications (bsc#1012628). - crypto: qat - do not export adf_iov_putmsg() (bsc#1012628). - crypto: hisilicon/sec - fix the abnormal exiting process (bsc#1012628). - crypto: hisilicon/sec - modify the hardware endian configuration (bsc#1012628). - crypto: tcrypt - Fix missing return value check (bsc#1012628). - fcntl: fix potential deadlocks for &fown_struct.lock (bsc#1012628). - fcntl: fix potential deadlock for &fasync_struct.fa_lock (bsc#1012628). - udf_get_extendedattr() had no boundary checks (bsc#1012628). - io-wq: remove GFP_ATOMIC allocation off schedule out path (bsc#1012628). - s390/kasan: fix large PMD pages address alignment check (bsc#1012628). - s390/pci: fix misleading rc in clp_set_pci_fn() (bsc#1012628). - s390/debug: keep debug data on resize (bsc#1012628). - s390/debug: fix debug area life cycle (bsc#1012628). - s390/ap: fix state machine hang after failure to enable irq (bsc#1012628). - s390/smp: enable DAT before CPU restart callback is called (bsc#1012628). - sched/debug: Don't update sched_domain debug directories before sched_debug_init() (bsc#1012628). - power: supply: cw2015: use dev_err_probe to allow deferred probe (bsc#1012628). - m68k: emu: Fix invalid free in nfeth_cleanup() (bsc#1012628). - crypto: x86/aes-ni - add missing error checks in XTS code (bsc#1012628). - sched/numa: Fix is_core_idle() (bsc#1012628). - sched: Fix UCLAMP_FLAG_IDLE setting (bsc#1012628). - rcu: Fix to include first blocked task in stall warning (bsc#1012628). - rcu: Fix stall-warning deadlock due to non-release of rcu_node - >lock (bsc#1012628). - m68k: Fix invalid RMW_INSNS on CPUs that lack CAS (bsc#1012628). - block: return ELEVATOR_DISCARD_MERGE if possible (bsc#1012628). - spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config (bsc#1012628). - spi: spi-pic32: Fix issue with uninitialized dma_slave_config (bsc#1012628). - genirq/timings: Fix error return code in irq_timings_test_irqs() (bsc#1012628). - irqchip/loongson-pch-pic: Improve edge triggered interrupt support (bsc#1012628). - lib/mpi: use kcalloc in mpi_resize (bsc#1012628). - clocksource/drivers/sh_cmt: Fix wrong setting if don't request IRQ for clock source channel (bsc#1012628). - nbd: do del_gendisk() asynchronously for NBD_DESTROY_ON_DISCONNECT (bsc#1012628). - block: nbd: add sanity check for first_minor (bsc#1012628). - spi: coldfire-qspi: Use clk_disable_unprepare in the remove function (bsc#1012628). - irqchip/apple-aic: Fix irq_disable from within irq handlers (bsc#1012628). - irqchip/gic-v3: Fix priority comparison when non-secure priorities are used (bsc#1012628). - crypto: qat - use proper type for vf_mask (bsc#1012628). - m68k: Fix asm register constraints for atomic ops (bsc#1012628). - certs: Trigger creation of RSA module signing key if it's not an RSA key (bsc#1012628). - tpm: ibmvtpm: Avoid error message when process gets signal while waiting (bsc#1012628). - EDAC/i10nm: Fix NVDIMM detection (bsc#1012628). - x86/mce: Defer processing of early errors (bsc#1012628). - spi: davinci: invoke chipselect callback (bsc#1012628). - blk-crypto: fix check for too-large dun_bytes (bsc#1012628). - regulator: vctrl: Use locked regulator_get_voltage in probe path (bsc#1012628). - regulator: vctrl: Avoid lockdep warning in enable/disable ops (bsc#1012628). - spi: sprd: Fix the wrong WDG_LOAD_VAL (bsc#1012628). - spi: spi-zynq-qspi: use wait_for_completion_timeout to make zynq_qspi_exec_mem_op not interruptible (bsc#1012628). - drm/panfrost: Fix missing clk_disable_unprepare() on error in panfrost_clk_init() (bsc#1012628). - drm/gma500: Fix end of loop tests for list_for_each_entry (bsc#1012628). - ASoC: mediatek: mt8192:Fix Unbalanced pm_runtime_enable in mt8192_afe_pcm_dev_probe (bsc#1012628). - ASoC: mediatek: mt8183: Fix Unbalanced pm_runtime_enable in mt8183_afe_pcm_dev_probe (bsc#1012628). - ASoC: tlv320aic32x4: Fix TAS2505/TAS2521 channel count (bsc#1012628). - media: atmel: atmel-sama5d2-isc: fix YUYV format (bsc#1012628). - media: TDA1997x: enable EDID support (bsc#1012628). - leds: is31fl32xx: Fix missing error code in is31fl32xx_parse_dt() (bsc#1012628). - soc: rockchip: ROCKCHIP_GRF should not default to y, unconditionally (bsc#1012628). - media: cxd2880-spi: Fix an error handling path (bsc#1012628). - drm/of: free the right object (bsc#1012628). - bpf: Fix a typo of reuseport map in bpf.h (bsc#1012628). - bpf: Fix potential memleak and UAF in the verifier (bsc#1012628). - drm/of: free the iterator object on failure (bsc#1012628). - gve: fix the wrong AdminQ buffer overflow check (bsc#1012628). - libbpf: Fix the possible memory leak on error (bsc#1012628). - ARM: dts: aspeed-g6: Fix HVI3C function-group in pinctrl dtsi (bsc#1012628). - ARM: dts: everest: Add phase corrections for eMMC (bsc#1012628). - arm64: dts: renesas: r8a77995: draak: Remove bogus adv7511w properties (bsc#1012628). - i40e: improve locking of mac_filter_hash (bsc#1012628). - arm64: dts: qcom: sc7180: Set adau wakeup delay to 80 ms (bsc#1012628). - soc: qcom: rpmhpd: Use corner in power_off (bsc#1012628). - libbpf: Fix removal of inner map in bpf_object__create_map (bsc#1012628). - gfs2: Fix memory leak of object lsi on error return path (bsc#1012628). - arm64: dts: qcom: sm8250: fix usb2 qmp phy node (bsc#1012628). - bpf, selftests: Fix test_maps now that sockmap supports UDP (bsc#1012628). - firmware: fix theoretical UAF race with firmware cache and resume (bsc#1012628). - driver core: Fix error return code in really_probe() (bsc#1012628). - ionic: cleanly release devlink instance (bsc#1012628). - media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init (bsc#1012628). - media: dvb-usb: fix uninit-value in vp702x_read_mac_addr (bsc#1012628). - media: dvb-usb: Fix error handling in dvb_usb_i2c_init (bsc#1012628). - net: usb: asix: ax88772: add missing stop (bsc#1012628). - media: go7007: fix memory leak in go7007_usb_probe (bsc#1012628). - media: go7007: remove redundant initialization (bsc#1012628). - media: v4l2-subdev: fix some NULL vs IS_ERR() checks (bsc#1012628). - media: rockchip/rga: fix error handling in probe (bsc#1012628). - media: coda: fix frame_mem_ctrl for YUV420 and YVU420 formats (bsc#1012628). - media: atomisp: fix the uninitialized use and rename "retvalue" (bsc#1012628). - Bluetooth: sco: prevent information leak in sco_conn_defer_accept() (bsc#1012628). - Bluetooth: btusb: Fix a unspported condition to set available debug features (bsc#1012628). - 6lowpan: iphc: Fix an off-by-one check of array index (bsc#1012628). - drm/amdgpu/acp: Make PM domain really work (bsc#1012628). - drm/amd/pm: Fix a bug communicating with the SMU (v5) (bsc#1012628). - tcp: seq_file: Avoid skipping sk during tcp_seek_last_pos (bsc#1012628). - ARM: dts: meson8: Use a higher default GPU clock frequency (bsc#1012628). - ARM: dts: meson8b: odroidc1: Fix the pwm regulator supply properties (bsc#1012628). - ARM: dts: meson8b: mxq: Fix the pwm regulator supply properties (bsc#1012628). - ARM: dts: meson8b: ec100: Fix the pwm regulator supply properties (bsc#1012628). - net/mlx5e: Prohibit inner indir TIRs in IPoIB (bsc#1012628). - net/mlx5e: Block LRO if firmware asks for tunneled LRO (bsc#1012628). - cgroup/cpuset: Fix a partition bug with hotplug (bsc#1012628). - drm: mxsfb: Enable recovery on underflow (bsc#1012628). - drm: mxsfb: Increase number of outstanding requests on V4 and newer HW (bsc#1012628). - drm: mxsfb: Clear FIFO_CLEAR bit (bsc#1012628). - net: cipso: fix warnings in netlbl_cipsov4_add_std (bsc#1012628). - net: ti: am65-cpsw-nuss: fix wrong devlink release order (bsc#1012628). - drm: rcar-du: Don't put reference to drm_device in rcar_du_remove() (bsc#1012628). - Bluetooth: mgmt: Fix wrong opcode in the response for add_adv cmd (bsc#1012628). - drm/amd/pm: Fix a bug in semaphore double-lock (bsc#1012628). - lib/test_scanf: Handle n_bits == 0 in random tests (bsc#1012628). - libbpf: Return non-null error on failures in libbpf_find_prog_btf_id() (bsc#1012628). - tools: Free BTF objects at various locations (bsc#1012628). - arm64: dts: renesas: hihope-rzg2-ex: Add EtherAVB internal rx delay (bsc#1012628). - net/mlx5: Fix missing return value in mlx5_devlink_eswitch_inline_mode_set() (bsc#1012628). - i2c: highlander: add IRQ check (bsc#1012628). - leds: lgm-sso: Put fwnode in any case during ->probe() (bsc#1012628). - leds: lgm-sso: Don't spam logs when probe is deferred (bsc#1012628). - leds: lt3593: Put fwnode in any case during ->probe() (bsc#1012628). - leds: rt8515: Put fwnode in any case during ->probe() (bsc#1012628). - leds: trigger: audio: Add an activate callback to ensure the initial brightness is set (bsc#1012628). - media: em28xx-input: fix refcount bug in em28xx_usb_disconnect (bsc#1012628). - media: omap3isp: Fix missing unlock in isp_subdev_notifier_complete() (bsc#1012628). - media: venus: hfi: fix return value check in sys_get_prop_image_version() (bsc#1012628). - media: venus: venc: Fix potential null pointer dereference on pointer fmt (bsc#1012628). - media: venus: helper: do not set constrained parameters for UBWC (bsc#1012628). - soc: mmsys: mediatek: add mask to mmsys routes (bsc#1012628). - PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently (bsc#1012628). - PCI: PM: Enable PME if it can be signaled from D3cold (bsc#1012628). - bpf, samples: Add missing mprog-disable to xdp_redirect_cpu's optstring (bsc#1012628). - soc: qcom: smsm: Fix missed interrupts if state changes while masked (bsc#1012628). - net: dsa: build tag_8021q.c as part of DSA core (bsc#1012628). - net: dsa: tag_sja1105: optionally build as module when switch driver is module if PTP is enabled (bsc#1012628). - debugfs: Return error during {full/open}_proxy_open() on rmmod (bsc#1012628). - Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow (bsc#1012628). - arm64: dts: qcom: sc7280: Fixup the cpufreq node (bsc#1012628). - arm64: dts: qcom: sm8350: fix IPA interconnects (bsc#1012628). - drm: bridge: it66121: Check drm_bridge_attach retval (bsc#1012628). - net: ti: am65-cpsw-nuss: fix RX IRQ state after .ndo_stop() (bsc#1012628). - net: dsa: stop syncing the bridge mcast_router attribute at join time (bsc#1012628). - net: dsa: mt7530: remove the .port_set_mrouter implementation (bsc#1012628). - net: dsa: don't disable multicast flooding to the CPU even without an IGMP querier (bsc#1012628). - PM: EM: Increase energy calculation precision (bsc#1012628). - selftests/bpf: Fix bpf-iter-tcp4 test to print correctly the dest IP (bsc#1012628). - leds: lgm-sso: Propagate error codes from callee to caller (bsc#1012628). - drm/msm: Fix error return code in msm_drm_init() (bsc#1012628). - drm/msm/mdp4: refactor HW revision detection into read_mdp_hw_revision (bsc#1012628). - drm/msm/mdp4: move HW revision detection to earlier phase (bsc#1012628). - drm/msm/dp: update is_connected status base on sink count at dp_pm_resume() (bsc#1012628). - drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear necessary LMs (bsc#1012628). - arm64: dts: exynos: correct GIC CPU interfaces address range on Exynos7 (bsc#1012628). - counter: 104-quad-8: Return error when invalid mode during ceiling_write (bsc#1012628). - cgroup/cpuset: Miscellaneous code cleanup (bsc#1012628). - cgroup/cpuset: Fix violation of cpuset locking rule (bsc#1012628). - ASoC: Intel: Fix platform ID matching (bsc#1012628). - Bluetooth: fix repeated calls to sco_sock_kill (bsc#1012628). - drm/msm/dsi: Fix some reference counted resource leaks (bsc#1012628). - drm/msm/dp: replug event is converted into an unplug followed by an plug events (bsc#1012628). - net/mlx5: Fix unpublish devlink parameters (bsc#1012628). - ASoC: rt5682: Properly turn off regulators if wrong device ID (bsc#1012628). - usb: dwc3: meson-g12a: add IRQ check (bsc#1012628). - usb: dwc3: qcom: add IRQ check (bsc#1012628). - usb: gadget: udc: at91: add IRQ check (bsc#1012628). - usb: gadget: udc: s3c2410: add IRQ check (bsc#1012628). - mac80211: remove unnecessary NULL check in ieee80211_register_hw() (bsc#1012628). - usb: misc: brcmstb-usb-pinmap: add IRQ check (bsc#1012628). - usb: phy: fsl-usb: add IRQ check (bsc#1012628). - usb: phy: twl6030: add IRQ checks (bsc#1012628). - usb: gadget: udc: renesas_usb3: Fix soc_device_match() abuse (bsc#1012628). - selftests/bpf: Fix test_core_autosize on big-endian machines (bsc#1012628). - devlink: Clear whole devlink_flash_notify struct (bsc#1012628). - samples: pktgen: add missing IPv6 option to pktgen scripts (bsc#1012628). - net: stmmac: fix INTR TBU status affecting irq count statistic (bsc#1012628). - PM: cpu: Make notifier chain use a raw_spinlock_t (bsc#1012628). - usb: host: ohci-tmio: add IRQ check (bsc#1012628). - usb: phy: tahvo: add IRQ check (bsc#1012628). - libbpf: Re-build libbpf.so when libbpf.map changes (bsc#1012628). - mac80211: Fix insufficient headroom issue for AMSDU (bsc#1012628). - locking/local_lock: Add missing owner initialization (bsc#1012628). - lockd: Fix invalid lockowner cast after vfs_test_lock (bsc#1012628). - SUNRPC: Fix a NULL pointer deref in trace_svc_stats_latency() (bsc#1012628). - nfsd4: Fix forced-expiry locking (bsc#1012628). - arm64: dts: marvell: armada-37xx: Extend PCIe MEM space (bsc#1012628). - clk: staging: correct reference to config IOMEM to config HAS_IOMEM (bsc#1012628). - i2c: synquacer: fix deferred probing (bsc#1012628). - hwmon: (pmbus/bpa-rs600) Don't use rated limits as warn limits (bsc#1012628). - hwmon: remove amd_energy driver in Makefile (bsc#1012628). - ASoC: fsl_rpmsg: Check -EPROBE_DEFER for getting clocks (bsc#1012628). - firmware: raspberrypi: Fix a leak in 'rpi_firmware_get()' (bsc#1012628). - usb: gadget: mv_u3d: request_irq() after initializing UDC (bsc#1012628). - mm/swap: consider max pages in iomap_swapfile_add_extent (bsc#1012628). - lkdtm: replace SCSI_DISPATCH_CMD with SCSI_QUEUE_RQ (bsc#1012628). - Bluetooth: add timeout sanity check to hci_inquiry (bsc#1012628). - i2c: iop3xx: fix deferred probing (bsc#1012628). - i2c: s3c2410: fix IRQ check (bsc#1012628). - i2c: hix5hd2: fix IRQ check (bsc#1012628). - gfs2: init system threads before freeze lock (bsc#1012628). - drm/exynos: g2d: fix missing unlock on error in g2d_runqueue_worker() (bsc#1012628). - rsi: fix error code in rsi_load_9116_firmware() (bsc#1012628). - rsi: fix an error code in rsi_probe() (bsc#1012628). - octeontx2-af: cn10k: Fix SDP base channel number (bsc#1012628). - octeontx2-pf: send correct vlan priority mask to npc_install_flow_req (bsc#1012628). - octeontx2-af: Check capability flag while freeing ipolicer memory (bsc#1012628). - octeontx2-pf: Don't install VLAN offload rule if netdev is down (bsc#1012628). - octeontx2-pf: Fix algorithm index in MCAM rules with RSS action (bsc#1012628). - octeontx2-af: cn10k: Use FLIT0 register instead of FLIT1 (bsc#1012628). - m68k: coldfire: return success for clk_enable(NULL) (bsc#1012628). - ASoC: Intel: kbl_da7219_max98927: Fix format selection for max98373 (bsc#1012628). - ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs (bsc#1012628). - ASoC: Intel: Skylake: Fix module resource and format selection (bsc#1012628). - mmc: sdhci: Fix issue with uninitialized dma_slave_config (bsc#1012628). - mmc: dw_mmc: Fix issue with uninitialized dma_slave_config (bsc#1012628). - mmc: moxart: Fix issue with uninitialized dma_slave_config (bsc#1012628). - ASoC: wm_adsp: Put debugfs_remove_recursive back in (bsc#1012628). - bpf: Fix possible out of bound write in narrow load handling (bsc#1012628). - hv_utils: Set the maximum packet size for VSS driver to the length of the receive buffer (bsc#1012628). - CIFS: Fix a potencially linear read overflow (bsc#1012628). - i2c: mt65xx: fix IRQ check (bsc#1012628). - i2c: xlp9xx: fix main IRQ check (bsc#1012628). - octeontx2-pf: cn10k: Fix error return code in otx2_set_flowkey_cfg() (bsc#1012628). - usb: ehci-orion: Handle errors of clk_prepare_enable() in probe (bsc#1012628). - usb: bdc: Fix an error handling path in 'bdc_probe()' when no suitable DMA config is available (bsc#1012628). - usb: bdc: Fix a resource leak in the error handling path of 'bdc_probe()' (bsc#1012628). - tty: serial: fsl_lpuart: fix the wrong mapbase value (bsc#1012628). - ASoC: wcd9335: Fix a double irq free in the remove function (bsc#1012628). - ASoC: wcd9335: Fix a memory leak in the error handling path of the probe function (bsc#1012628). - ASoC: wcd9335: Disable irq on slave ports in the remove function (bsc#1012628). - iwlwifi: skip first element in the WTAS ACPI table (bsc#1012628). - net/mlx5: Lag, fix multipath lag activation (bsc#1012628). - net/mlx5: Remove all auxiliary devices at the unregister event (bsc#1012628). - net/mlx5e: Fix possible use-after-free deleting fdb rule (bsc#1012628). - net/mlx5: E-Switch, Set vhca id valid flag when creating indir fwd group (bsc#1012628). - net/mlx5e: Use correct eswitch for stack devices with lag (bsc#1012628). - misc/pvpanic: fix set driver data (bsc#1012628). - ice: fix Tx queue iteration for Tx timestamp enablement (bsc#1012628). - ice: add lock around Tx timestamp tracker flush (bsc#1012628). - ice: restart periodic outputs around time changes (bsc#1012628). - ice: Only lock to update netdev dev_addr (bsc#1012628). - net: phy: marvell10g: fix broken PHY interrupts for anyone after us in the driver probe list (bsc#1012628). - ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() (bsc#1012628). - ALSA: usb-audio: Add lowlatency module option (bsc#1012628). - atlantic: Fix driver resume flow (bsc#1012628). - bcma: Fix memory leak for internally-handled cores (bsc#1012628). - brcmfmac: pcie: fix oops on failure to resume and reprobe (bsc#1012628). - ipv6: make exception cache less predictible (bsc#1012628). - ipv4: make exception cache less predictible (bsc#1012628). - net: qrtr: make checks in qrtr_endpoint_post() stricter (bsc#1012628). - sch_htb: Fix inconsistency when leaf qdisc creation fails (bsc#1012628). - net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed (bsc#1012628). - net: qualcomm: fix QCA7000 checksum handling (bsc#1012628). - octeontx2-af: Fix loop in free and unmap counter (bsc#1012628). - octeontx2-af: Fix mailbox errors in nix_rss_flowkey_cfg (bsc#1012628). - octeontx2-af: Fix static code analyzer reported issues (bsc#1012628). - octeontx2-af: Set proper errorcode for IPv4 checksum errors (bsc#1012628). - ipv4: fix endianness issue in inet_rtm_getroute_build_skb() (bsc#1012628). - ASoC: rt5682: Remove unused variable in rt5682_i2c_remove() (bsc#1012628). - iwlwifi Add support for ax201 in Samsung Galaxy Book Flex2 Alpha (bsc#1012628). - f2fs: guarantee to write dirty data when enabling checkpoint back (bsc#1012628). - time: Handle negative seconds correctly in timespec64_to_ns() (bsc#1012628). - auxdisplay: hd44780: Fix oops on module unloading (bsc#1012628). - io_uring: limit fixed table size by RLIMIT_NOFILE (bsc#1012628). - io_uring: IORING_OP_WRITE needs hash_reg_file set (bsc#1012628). - io_uring: io_uring_complete() trace should take an integer (bsc#1012628). - io_uring: fail links of cancelled timeouts (bsc#1012628). - bio: fix page leak bio_add_hw_page failure (bsc#1012628). - raid1: ensure write behind bio has less than BIO_MAX_VECS sectors (bsc#1012628). - cifs: Do not leak EDEADLK to dgetents64 for STATUS_USER_SESSION_DELETED (bsc#1012628). - smb3: fix posix extensions mount option (bsc#1012628). - tty: Fix data race between tiocsti() and flush_to_ldisc() (bsc#1012628). - perf/x86/intel/uncore: Fix IIO cleanup mapping procedure for SNR/ICX (bsc#1012628). - Revert "KVM: x86: mmu: Add guest physical address check in translate_gpa()" (bsc#1012628). - KVM: s390: index kvm->arch.idle_mask by vcpu_idx (bsc#1012628). - KVM: x86: Update vCPU's hv_clock before back to guest when tsc_offset is adjusted (bsc#1012628). - KVM: x86: clamp host mapping level to max_level in kvm_mmu_max_mapping_level (bsc#1012628). - KVM: x86/mmu: Avoid collision with !PRESENT SPTEs in TDP MMU lpage stats (bsc#1012628). - KVM: VMX: avoid running vmx_handle_exit_irqoff in case of emulation (bsc#1012628). - KVM: nVMX: Unconditionally clear nested.pi_pending on nested VM-Enter (bsc#1012628). - KVM: arm64: Unregister HYP sections from kmemleak in protected mode (bsc#1012628). - KVM: arm64: vgic: Resample HW pending state on deactivation (bsc#1012628). - ARM: dts: at91: add pinctrl-{names, 0} for all gpios (bsc#1012628). - io-wq: check max_worker limits if a worker transitions bound state (bsc#1012628). - md/raid10: Remove unnecessary rcu_dereference in raid10_handle_discard (bsc#1012628). - char: tpm: Kconfig: remove bad i2c cr50 select (bsc#1012628). - fuse: truncate pagecache on atomic_o_trunc (bsc#1012628). - fuse: flush extending writes (bsc#1012628). - fuse: wait for writepages in syncfs (bsc#1012628). - IMA: remove -Wmissing-prototypes warning (bsc#1012628). - IMA: remove the dependency on CRYPTO_MD5 (bsc#1012628). - fbmem: don't allow too huge resolutions (bsc#1012628). - ACPI: PRM: Find PRMT table before parsing it (bsc#1012628). - RDMA/mlx5: Fix number of allocated XLT entries (bsc#1012628). - bootconfig: Fix missing return check of xbc_node_compose_key function (bsc#1012628). - backlight: pwm_bl: Improve bootloader/kernel device handover (bsc#1012628). - parisc: Fix unaligned-access crash in bootloader (bsc#1012628). - clk: kirkwood: Fix a clocking boot regression (bsc#1012628). - devlink: Break parameter notification sequence to be before/after unload/load driver (bsc#1012628). - Refresh patches.suse/Bluetooth-schedule-SCO-timeouts-with-delayed_work.patch. - Refresh patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch. - Update config files. - commit 8706151 - Bluetooth: Move shutdown callback before flushing tx and rx queue (bsc#1190424). - commit 40ccc64 - fixup "rpm: support gz and zst compression methods" once more (bsc#1190428, bsc#1190358) Fixes: 3b8c4d9bcc24 ("rpm: support gz and zst compression methods") Fixes: 23510fce36ec ("fixup "rpm: support gz and zst compression methods"") - commit 165378a - Linux 5.14.3 (bsc#1012628). - cxl/acpi: Do not add DSDT disabled ACPI0016 host bridge ports (bsc#1012628). - cxl/pci: Fix lockdown level (bsc#1012628). - cxl/pci: Fix debug message in cxl_probe_regs() (bsc#1012628). - PCI: Call Max Payload Size-related fixup quirks early (bsc#1012628). - x86/reboot: Limit Dell Optiplex 990 quirk to early BIOS versions (bsc#1012628). - staging: mt7621-pci: fix hang when nothing is connected to pcie ports (bsc#1012628). - xhci: Fix failure to give back some cached cancelled URBs (bsc#1012628). - xhci: fix unsafe memory usage in xhci tracing (bsc#1012628). - xhci: fix even more unsafe memory usage in xhci tracing (bsc#1012628). - usb: mtu3: fix the wrong HS mult value (bsc#1012628). - usb: mtu3: use @mult for HS isoc or intr (bsc#1012628). - usb: mtu3: restore HS function when set SS/SSP (bsc#1012628). - usb: gadget: tegra-xudc: fix the wrong mult value for HS isoc or intr (bsc#1012628). - usb: cdnsp: fix the wrong mult value for HS isoc or intr (bsc#1012628). - usb: xhci-mtk: fix issue of out-of-bounds array access (bsc#1012628). - usb: host: xhci-rcar: Don't reload firmware after the completion (bsc#1012628). - Bluetooth: btusb: Make the CSR clone chip force-suspend workaround more generic (bsc#1012628). - Bluetooth: Add additional Bluetooth part for Realtek 8852AE (bsc#1012628). - ALSA: usb-audio: Add registration quirk for JBL Quantum 800 (bsc#1012628). - Revert "r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM" (bsc#1012628). - igmp: Add ip_mc_list lock in ip_check_mc_rcu (bsc#1012628). - can: c_can: fix null-ptr-deref on ioctl() (bsc#1012628). - firmware: dmi: Move product_sku info to the end of the modalias (bsc#1012628). - commit 87c3051 - fixup "rpm: support gz and zst compression methods" once more Fixes: 3b8c4d9bcc24 ("rpm: support gz and zst compression methods") Fixes: 23510fce36ec ("fixup "rpm: support gz and zst compression methods"") - commit 34e68f4 - Avoid double printing SUSE specific flags in mod->taint (bsc#1190413). - commit 3b944fc - fixup "rpm: support gz and zst compression methods" Fixes: 3b8c4d9bcc24 ("rpm: support gz and zst compression methods") - commit 23510fc - kernel-cert-subpackage: Fix certificate location in scriptlets (bsc#1189841). Fixes: d9a1357edd73 ("rpm: Define $certs as rpm macro (bsc#1189841).") - commit 8684de8 - kernel-binary.spec.in Stop templating the scriptlets for subpackages (bsc#1190358). The script part for base package case is completely separate from the part for subpackages. Remove the part for subpackages from the base package script and use the KMP scripts for subpackages instead. - commit 5d1f677 - kernel-binary.spec: Do not fail silently when KMP is empty (bsc#1190358). Copy the code from kernel-module-subpackage that deals with empty KMPs. - commit d7d2e6e - Document suse-hv-guest-os-id.patch (bsc#814005, bsc#1189965). - commit 6205661 - Delete 0001-apparmor-fix-unnecessary-creation-of-net-compat.patch (bsc#1189978) Compat patch no longer required since userspace is upgraded to v3.x - commit c28bbe5 - supported-flag: consolidate separate patches into one The history of the five supported flag patches can be found in the commit log. This commit unifies them and reverts the removal of get_next_line from mainline to allow supported() to repeatedly scan the file in memory without modifying it. I looked into using tsearch() to handle the lookups and it turns out that it's no faster than just scanning the file repeatedly in memory. - commit d3dcd16 - Delete patches.suse/setuid-dumpable-wrongdir (bsc#1189957). - commit 762368d - Bluetooth: schedule SCO timeouts with delayed_work (CVE-2021-3640 bsc#1188172). - Refresh patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch. - commit 2605fb9 - rpm/kernel-source.spec.in: do some more for vanilla_only Make sure: * sources are NOT executable * env is not used as interpreter * timestamps are correct We do all this for normal kernel builds, but not for vanilla_only kernels (linux-next and vanilla). - commit b41e4fd - Linux 5.14.2 (bsc#1012628). - ext4: fix race writing to an inline_data file while its xattrs are changing (bsc#1012628). - ext4: fix e2fsprogs checksum failure for mounted filesystem (bsc#1012628). - xtensa: fix kconfig unmet dependency warning for HAVE_FUTEX_CMPXCHG (bsc#1012628). - USB: serial: pl2303: fix GL type detection (bsc#1012628). - USB: serial: cp210x: fix control-characters error handling (bsc#1012628). - USB: serial: cp210x: fix flow-control error handling (bsc#1012628). - ALSA: hda/realtek: Quirk for HP Spectre x360 14 amp setup (bsc#1012628). - ALSA: usb-audio: Fix regression on Sony WALKMAN NW-A45 DAC (bsc#1012628). - ALSA: hda/realtek: Workaround for conflicting SSID on ASUS ROG Strix G17 (bsc#1012628). - ALSA: pcm: fix divide error in snd_pcm_lib_ioctl (bsc#1012628). - ALSA: usb-audio: Work around for XRUN with low latency playback (bsc#1012628). - media: stkwebcam: fix memory leak in stk_camera_probe (bsc#1012628). - commit b155faa - series.conf: cleanup - update upstream reference and move to appropriate section: - patches.suse/crypto-ecc-handle-unaligned-input-buffer-in-ecc_swap.patch - commit 1eedbb8 - crypto: ecc - handle unaligned input buffer in ecc_swap_digits (bsc#1188327). - commit f7925a4 - Refresh patches.suse/scsi-retry-alua-transition-in-progress. - Delete patches.suse/megaraid-mbox-fix-SG_IO. - commit d1e442c - memcg: enable accounting of ipc resources (bsc#1190115 CVE-2021-3759). - commit 9193235 - rpm: Fold kernel-devel and kernel-source scriptlets into spec files (bsc#1189841). These are unchanged since 2011 when they were introduced. No need to track them separately. - commit 692d38b - rpm: Abolish image suffix (bsc#1189841). This is used only with vanilla kernel which is not supported in any way. The only effect is has is that the image and initrd symlinks are created with this suffix. These symlinks are not used except on s390 where the unsuffixed symlinks are used by zipl. There is no reason why a vanilla kernel could not be used with zipl as well as it's quite unexpected to not be able to boot when only a vanilla kernel is installed. Finally we now have a backup zipl kernel so if the vanilla kernel is indeed unsuitable the backup kernel can be used. - commit e2f37db - kernel-binary.spec: Define $image as rpm macro (bsc#1189841). - commit e602b0f - rpm: Define $certs as rpm macro (bsc#1189841). Also pass around only the shortened hash rather than full filename. As has been discussed in bsc#1124431 comment 51 https://bugzilla.suse.com/show_bug.cgi?id=1124431#c51 the placement of the certificates is an API which cannot be changed unless we can ensure that no two kernels that use different certificate location can be built with the same certificate. - commit d9a1357 - watchdog: Fix NULL pointer dereference when releasing cdev (bsc#1190093). - Update config files. We can enable the option after this fix again. - commit 65109d0 - Linux 5.14.1 (bsc#1012628). - Bluetooth: btusb: check conditions before enabling USB ALT 3 for WBS (bsc#1012628). - net: dsa: mt7530: fix VLAN traffic leaks again (bsc#1012628). - btrfs: fix NULL pointer dereference when deleting device by invalid id (bsc#1012628). - Revert "floppy: reintroduce O_NDELAY fix" (bsc#1012628). - fscrypt: add fscrypt_symlink_getattr() for computing st_size (bsc#1012628). - ext4: report correct st_size for encrypted symlinks (bsc#1012628). - f2fs: report correct st_size for encrypted symlinks (bsc#1012628). - ubifs: report correct st_size for encrypted symlinks (bsc#1012628). - net: don't unconditionally copy_from_user a struct ifreq for socket ioctls (bsc#1012628). - audit: move put_tree() to avoid trim_trees refcount underflow and UAF (bsc#1012628). - commit 1059c60 - update patches metadata - update upstream references: - patches.suse/Bluetooth-avoid-circular-locks-in-sco_sock_connect.patch - patches.suse/Bluetooth-btusb-Add-support-for-Foxconn-Mediatek-Chi.patch - patches.suse/Bluetooth-btusb-Add-support-for-IMC-Networks-Mediate.patch - patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch - commit c2e3f15 - HID: usbhid: Simplify code in hid_submit_ctrl() (<cover.1630658591.git.mkubecek@suse.cz>). - HID: usbhid: Fix warning caused by 0-length input reports (<cover.1630658591.git.mkubecek@suse.cz>). - HID: usbhid: Fix flood of "control queue full" messages (<cover.1630658591.git.mkubecek@suse.cz>). - commit 4552165 - Delete patches.suse/hid-fix-length-inconsistency.patch. To be replaced by a cherry pick of corresponding upstream commits. - commit ba7e2a2 - Delete patches.suse/Revert-netfilter-conntrack-remove-helper-hook-again.patch (bsc#1189964) The regression addressed by this revert was fixed properly by mainline commit ee04805ff54a ("netfilter: conntrack: make conntrack userspace helpers work again") in 5.7. - commit 775ed38 - series.conf: cleanup Move queued patches to "almost mainline" section. No effect on expanded tree. - commit e91bb9d - vt_kdsetmode: extend console locking (bsc#1190025 CVE-2021-3753). - commit 18d6ea3 - Update config files. Disable CONFIG_WATCHDOG_HRTIMER_PRETIMEOUT (bsc#1190093) - commit 55bd270 - Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() (CVE-2021-3640 bsc#1188172). - commit b9d15a3 - Delete patches.suse/uapi-add-a-compatibility-layer-between-linux-uio-h-and-glibc (bsc#1189959). No longer needed, since it's upstream now. - commit b1aeba4 - rpm: Abolish scritplet templating (bsc#1189841). Outsource kernel-binary and KMP scriptlets to suse-module-tools. This allows fixing bugs in the scriptlets as well as defining initrd regeneration policy independent of the kernel packages. - commit e98096d - arm64: Update config files. (bsc#1189922) Enable ISP1760_DUAL_ROLE - commit c265161 - rpm/kernel-binary.spec.in: Use kmod-zstd provide. This makes it possible to use kmod with ZSTD support on non-Tumbleweed. - commit 357f09a - rpm/kernel-binary.spec.in: avoid conflicting suse-release suse-release has arbitrary values in staging, we can't use it for dependencies. The filesystem one has to be enough (boo#1184804). - commit 56f2cba - Update to 5.14 final - refresh configs - commit d419f63 - config: update and enable armv6hl New config option values copied from arvm7hl. - commit 7224850 - config: update and enable armv7hl New config option values copied from arm64 except: - PCI_IXP4XX=n (does not allow module build) - MTD_NAND_PL35X=m - IPMI_KCS_BMC_CDEV_IPMI=m - IPMI_KCS_BMC_SERIO=m - MSC313E_WATCHDOG=m - REGULATOR_MT6359=m - REGULATOR_RT5033=m - ARM_GT_INITIAL_PRESCALER_VAL=2 (default) - INTEL_QEP=m - commit 2df785b ==== keylime ==== Version update (6.1.1 -> 6.2.0) Subpackages: keylime-agent keylime-config keylime-firewalld keylime-registrar keylime-tpm_cert_store keylime-verifier python38-keylime - Update to version 6.2.0: * Fix bug #757 where revoc cert was treated as text * Code improvement: removal of extra dependencies in measured boot attestation (#755) * Sanitize the exclude list while it is ingested at `tenant` by removing comments (^#) and empty lines. * tenant: show severity level and last event id in status * verifier: move to new failure architecture * pcr validation: move to new failure architecture * measured boot: move to new failure architecture * ima: move to new failure architecture * failure: add infrastructure to tag and collect revocation events in Keylime * Simulating use of SSLContext.minimum_version on ssl v3.6 * verifier: fix minor typos * Add tests for ca_impl_cfssl and ca_util * Replace M2Crypto with python-cryptography * tenant: status now shows if a agent was added to the registrar * tenant: open file to send utf-8 encoded * Correct some comments about and remove vestige in MB policy * fixing a small bug that resulted in malformed refstates not failing MBA * agent: ensure that EK is in PEM format when used as uuid * Solves #703 by adding a "non-trivial" example of a "measured boot policy" (#734) * ci: build and publish container images * codestyle: fix W0612 and R1735 pylint errors * codestyle: fix W1514 pylint error * systemd: Add KillSignal=SIGINT to keylime_agent.service * One-liner to set the minimum version of TLS to v1.2 * pylint fix * Typo fix: return list order confusion between measured_boot.py and tpm_abstract.py * Refactor keylime_logging module * ima: Implement ima-buf validator and validate keys on keyrings (#725) * Remove Python 2 leftovers * Additional fix for the processing of "tpm_policy" * ima: Return an empty allowlist rather than a plain empty list * verifier: convert (v)tpm_policy in DB from string to JSONPickleType * verifier: Create AgentAttestState objects from entries in the db * verifier: Persist the IMA attestation state after running the log verification * db: Add DB migration file for boottime, ima_pcrs, pcr10, and next_ima_ml_entries * verifier: Skip attestation one time if agent's boottime changed * test: Add test case simulating iterative attestation * verifier: Delete an AgentAttestState when deleting an agent * ima: Remember the number of lines successfully processed and last IMA PCR value(s) * ima: Reset the attestation if processing the measurement list fails * debug: Show line number when PCR match occurs * verifier: Extend AgentAttestState with state of the IMA PCR * Consult the AgentAttestState for the next measurement list entry * Introduce an AgentAttestState class for passing state through the APIs * verifier: Request IMA log at entry 0 for now * agent: Get boottime and transfer to verifier * agent: Add support for optional IMA log offset parameter * tests: Add a unit test for the IMA function and run it * agent: Move IMA measurement list reading function to ima.py * Add default verifier-check value * Use tox for pylint * Use Fedora 34 as base image for CI container * Run ci jobs only when needed * config: merge convert and list_convert into the same function * Versioned APIs * Refacator of check_pcrs to parse then validate (#716) * Automatically calculates the boot_aggregate from the measured boot log. (#713) * Set default UUID as lowercase (#699) * tenant: do_cvdelete wait until 404 * Ensures the output of `bulkinfo` command in `keylime_tenant` is JSON * ima: Convert pcrval to bytes to increase efficiency * tests: extend ima tests for signature validation and exclude lists * Allow agents to specify a contact ip address and port for the tenant and CV (#690) * verifer: Fix signature and allowlist evaluation bahavior change * ima: Fix runtime error due to wrong datatype * tenant: add the option to specify the registrar ip and port * measured_boot: drop process_refstate * check_pcrs: match PCR if no mb_refstate is provided * ci: make run_local.sh work with newer docker versions * Fixing pylint errors (#698) * tests: add IMA test where validation should be ignored * ima: Use ima_ast for parsing and validation * tests: Add test for ima AST parser * ima: Introducing a AST for parsing and validation * Make stalebot a bit nicer * enable tenant to fetch all (or verifier specific) agents info in a single call from the verifier * Flush all sessions from TPM device (#682) * multiple named verifiers sharing a single database * webapp: fix tls certs paths (#659) * Corrects markdown to have proper rendering (#673) * ima_file_signatures: Extract keyidv2 from x509 certs * installer: Add '-r' option to cp to copy directory (issue #671) * config: Add optional fallback parameter to get() * agent: Fix the usage of dmidecode during the agent startup (issue #664) * agent: Rename allowlist to ima_allowlist in keylime.conf * Fix decoding error in user_data_encrypt * agent: Fix issue #667 by testing for an empty ima_sign_verification_keys list * Addresses issue #660 (database path while running local tests) (#665) * ima: Return 'None' when ImaKeyring.from_string() called with emtpy string * tests: Move unittests into files with suffix _test.py * Fixes and improvements for database configuration (#654) * Add signature verification support for local and remote IMA signature verification keys (#597) * install: Remove TPM 1.2 support from installer and bundeling scripts * CI/CD: Remove tpm1.2 testing support * Remove duplicated calls to verifier * Remove adding entropy to system rng * Cleanup and fix error case in encryptAIK (#648) * Move measured boot related code into functions to make check_pcrs readable (#642) * Move code related to tpm2_checkquote into its own function (#639) * scripts: Cleanup shell script formatting * installer.sh: Do not delete the local copy of the certificates. * Fix user_data_encrypt to UTF8 decode before print * tpm_abstract: Fix adding of entropy * codestyle: Ignore R1732 implemented by pylint >=2.8.0 * a fix for letting JSON encoding bytes correctly * Adding back reglist to the list of commands that don't need a -t argument * Invoke tpm2_evictcontrol for 4.0 and 4.2 tools if aik_handle exists (#624) * Addresses #436 (#611) * Fixes #620 * Include PCR16 in the quote only when needed * Close leaking file descriptors (#622) * installer.sh: Add missing spaces when efivar is added * More ima_emulator_adapter cleanups (#616) * installer: Add json-c-devel/json-c-dev to BUILD_TOOLS for tpm2-tss build * Remove more commented code in ca_util.py * installer: Only install efi library on x86_64 systems * Create allowlist table and basic API support * installer: Add libuuid-devel/uuid-dev to BUILD_TOOLS for tpm2_tools build * WIP: Some cleanups (#612) * Remove _cLime.c * config: Document the measured boot PCRs and what is using them * Very simple fix for the agent (re: measured boot) The agent code does not need to import "measured boot policies" * ima_emulator_adapater: Remove unnecessary global statement * webapp: Fix private key and certificate path (issue #604) * Add support for keylime_webapp service to read intervals from keylime.conf ==== kfilemetadata5 ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * replace "MacOSX" with "macOS" ==== kgamma5 ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== kglobalaccel ==== Version update (5.85.0 -> 5.86.0) Subpackages: kglobalaccel5 libKF5GlobalAccel5 libKF5GlobalAccelPrivate5 - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * Fix launching commands with args using kstart5 (kde#433362) ==== kguiaddons ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * replace "MacOSX" with "macOS" ==== kholidays ==== Version update (5.85.0 -> 5.86.0) - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - No code change since 5.85.0 ==== khotkeys5 ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 - Disable lto for ppc64 builds. ==== ki18n ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * Port QStrinRef (deprected) to QStringView ==== kiconthemes ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * We depend against c++-17 so we can use qOverload directly * Add support for static builds * replace "MacOSX" with "macOS" ==== kidletime ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * We depend against c++-17 so we can use qOverload directly ==== kinfocenter5 ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== kinit ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - No code change since 5.85.0 ==== kio ==== Version update (5.85.0 -> 5.86.0) Subpackages: kio-core - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Too many changes since 5.85.0, only listing bugfixes: * Inline kssld operators to avoid duplicate symbol errors (kde#428807) * KFilePlaceEditDialog: Always preserve previous icon (kde#439622) * kio_http: wrap a long error message (kde#160399) * kio_file: detect failure to create symlinks due to filesystem support (kde#253678) * CopyJob: ask users about replacing invalid characters in file/folder names (kde#136746) * KDirOperator: expand to url only in detail tree view (kde#440475) - Disable lto for ppc64 builds. ==== kio-extras5 ==== Version update (21.08.0 -> 21.08.1) Subpackages: libkioarchive5 - Update to 21.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/21.08.1 - No code change since 21.08.0 ==== kirigami2 ==== Version update (5.85.0 -> 5.86.0) Subpackages: libKF5Kirigami2-5 - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Too many changes since 5.85.0, only listing bugfixes: * Use text as tooltip only for icon-only buttons (kde#441810) * controls/AbstractApplicationHeader: disable hiding on touch scrolling behaviour by default (kde#439923) ==== kitemmodels ==== Version update (5.85.0 -> 5.86.0) Subpackages: kitemmodels-imports libKF5ItemModels5 - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * Enable static build of QML plugin * Don't force QML plugin to be shared library ==== kitemviews ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - No code change since 5.85.0 ==== kjobwidgets ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * We depend against c++-17 so we can use qOverload directly * Build without D-Bus on Android ==== kmenuedit5 ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== kmod ==== Subpackages: libkmod2 - Use docbook 4 rather than docbook 5 for building man pages (bsc#1190190). * Refres no-stylesheet-download.patch ==== knewstuff ==== Version update (5.85.0 -> 5.86.0) Subpackages: knewstuff-imports libKF5NewStuff5 libKF5NewStuffCore5 - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * replace "MacOSX" with "macOS" * Port from KMountPoint to QStorageInfo * Set KLocalizedContext for QtQuickDialogWrapper * Use QToolButton for reset button as we have the same style ==== knotifications ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * We depend against c++-17 so we can use qOverload directly * replace "MacOSX" with "macOS" ==== knotifyconfig ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - No code change since 5.85.0 ==== konsole ==== Version update (21.08.0 -> 21.08.1) Subpackages: konsole-part - Add patches to fix some more window size related issues: * 0001-Don-t-resize-window-when-switching-virtual-desktops-.patch (kde#441610) * 0002-Always-save-the-window-state-and-geometry.patch (kde#442252, boo#1189927) - Update to 21.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/21.08.1 - Changes since 21.08.0: * Only emit empty() in SessionFinished() when in TabbedNavigation mode (kde#441206) * When closing a session, don't close the whole window if there are splits * Fix MainWindow size when there is no saved size * Fix KXmlGUI toolbars; and Konsole MainWindow size (kde#430036) * Fix crash when setting blur effect (kde#439871) * Prevent window "flashing" when closing the last session (kde#432077) - Drop upstream patches: * 0001-Fix-KXmlGUI-toolbars-and-konsole-MainWindow-size.patch * 0001-Fix-MainWindow-size-when-there-is-no-saved-size.patch ==== kpackage ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * Port away from deprecated KPluginLoader * Deprecate unused virtual functions in PackageLoader * Try loading package structures by name * kpackagetool: Fix small typo in its output ==== kparts ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * We depend against c++-17 so we can use qOverload directly * replace "MacOSX" with "macOS" * Don't use D-Bus on Android ==== kpeople5 ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * replace "MacOSX" with "macOS" ==== kpty ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * Fix disconnect() call, sender can never be nullptr in that call * Use pointer-to-member-function connect signal/slot syntax ==== kquickcharts ==== Version update (5.85.0 -> 5.86.0) - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * Refactor LineChartNode to reuse LineSegmentNode * Increase minimum size for line chart interpolation * Implement batching for Line chart material * Add a property to BarChart that renders it as horizontal bars * Support specifying a corner radius for bar chart bars * Support setting a background color for bar charts * Refactor BarChart to use individual nodes per bar and an sdf shader * Remove stray GL include ==== krb5 ==== - Fix KDC null pointer dereference via a FAST inner body that lacks a server field; (CVE-2021-37750); (bsc#1189929); - Added patches: * 0009-Fix-KDC-null-deref-on-TGS-inner-body-null-server.patch ==== kross ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - No code change since 5.85.0 ==== krunner ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * replace "MacOSX" with "macOS" * Port away from KPluginLoader * Output warning if unknown X-Plasma-API is requested * Deprecate constructor overload which can not be used with KPluginFactory * cmake: Remove intermediate copy target * Use the pointer-to-member-function QObject::connect() signal/slot syntax * Add snippet on how to port deprecated AbstractRunner action methods * abstractrunner: Deprecate utility methods for actions * dbusrunner: Add Teardown and Config methods to D-Bus interface ==== kscreen5 ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== kscreenlocker ==== Version update (5.22.4 -> 5.22.5) Subpackages: libKScreenLocker5 - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== kservice ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * We depend against c++-17 so we can use qOverload directly * Add support for PrefersNonDefaultGPU desktop key * replace "MacOSX" with "macOS" * Deprecate plugin instanciation methods in KService/KServiceTypeTrader * Port QStringRef (deprecated) to QStringView * Point docs to KPluginMetaData/KPluginFactory instead of KPluginLoader * kbuildsycoca: port away from KCrash, using our own signal handler ==== ksystemstats5 ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - Changes since 5.22.4: * Fix handling of IPV6 addresses (kde#436296) ==== ktexteditor ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Too many changes since 5.85.0, only listing bugfixes: * Python indentation: decrease indent when appropriate keyword is typed (kde#392732) * Do not show encoding error when file only contains BOM (kde#440359) ==== ktextwidgets ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * We depend against c++-17 so we can use qOverload directly * Port QStrinRef (deprecated) to QStringView ==== kunitconversion ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * Fix initialization of currency values (kde#441337) * Fix automatic currency file sync after 24h (kde#441337) ==== kwallet ==== Version update (5.85.0 -> 5.86.0) Subpackages: kwalletd5 libKF5Wallet5 libkwalletbackend5-5 - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * replace "MacOSX" with "macOS" ==== kwalletmanager5 ==== Version update (21.08.0 -> 21.08.1) - Update to 21.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/21.08.1 - No code change since 21.08.0 ==== kwayland ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * Implement set_frost in contrast protocol * Implement org_kde_plasma_window_management::send_to_output * Decouple activation feedback from plasma window management global * Port QStringRef (deprected) to QStringView * plasma-window-management: Support new activation concepts ==== kwayland-integration ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== kwayland-server ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== kwidgetsaddons ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * KTitleWidget: Set frame backgroundRole to Window * We depend against c++-17 so we can use qOverload directly * KFontChooser: add a default constructor that takes a QWidget* first arg * KFontChooser: add a new shorter constructor, and setter methods * KFontChooser: deprecate "relative font size" methods * KMessageDialog: add buttons by default * fix signal slot connection ==== kwin5 ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - Changes since 5.22.4: * fix drag and drop raise with Xwayland windows (kde#440534) * platforms/drm: check wl_eglstream buffers before attaching (kde#440852) * platforms/drm: fix gpu removal * kcm/kwindecoration: Fix window thumbnail sizes * platforms/drm: consider KWIN_DRM_DEVICES for hotplugged gpus * platforms/drm: fix crashing debug operator * Copy shape region to Deleted (kde#440001,kde#438458,kde#435378) * Avoid discarding previous pixmap (kde#439689) - Drop patches, now upstream: * 0001-platforms-drm-check-wl_eglstream-buffers-before-atta.patch ==== kwindowsystem ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Too many changes since 5.85.0, only listing bugfixes: * Read uncomplete WM_CLASS string (kde#441005) * Don't link publicly against XCB (kde#441266) ==== kwrited5 ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== kxmlgui ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * Qt5CorePrivate is not a thing * Add support for static builds * We depend against c++-17 so we can use qOverload directly * replace "MacOSX" with "macOS" * In qt6 signature was changed (ported by script) ==== layer-shell-qt ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== less ==== - Add missing runtime dependency on which, which it is used by lessopen.sh. Fix bsc#1190552. ==== libKF5ModemManagerQt ==== Version update (5.85.0 -> 5.86.0) - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - No code change since 5.85.0 ==== libKF5NetworkManagerQt ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - No code change since 5.85.0 ==== libXi ==== Version update (1.7.10 -> 1.8) - Update to version 1.8 * This release of libXi marks the support of XI 2.4 touchpad gesture events official. This feature is the only difference between libXi 1.8 and the latest release in the 1.7.x series (1.7.10). ==== libaom ==== Version update (3.1.1 -> 3.1.2) - security update - added patches fix CVE-2021-30475 [bsc#1189497], Buffer overflow in aom_dsp/noise_model.c + libaom-CVE-2021-30475.patch - Update to version 3.1.2: * Update AUTHORS,CHANGELOG,CMakeLists.txt for v3.1.2 * Avoid chroma resampling for 420mpeg2 input * Check array has two elements before using index 1 * Fix DecodeScalabilityTest failure in realtime only * Store temporal_id and spatial_id of decoded frame * exports.cmake: use APPLE and WIN32 and use def for mingw-w64 ==== libapparmor ==== - lessopen.sh profile: allow reading files that live on NFS over UDP (added to apparmor-lessopen-nfs-workaround.diff) (boo#1190552) ==== libass ==== Version update (0.15.1 -> 0.15.2) - Update to version 0.15.2 * Fix some format string bugs, which could lead to garbled log messages or on some platforms crashes * Fix ass_set_fonts_dir failing to load long paths * Better handling of control characters that have no associated font glyphs - Update Requires and BuildRequires to actual pkgconfig versions ==== libcontainers-common ==== - Comment out ostree_repo if it's blank [boo#1189893] - Comment out ostree_repo [boo#1189893] ==== libcryptui ==== Subpackages: libcryptui-data libcryptui0 seahorse-daemon - Remove obsolete translation-update-upstream support (jsc#SLE-21105). - Add GnuPG 2.3.x to the list of supported GnuPG versions. ==== libdaemon ==== - Drop --with-pic (no effect with --disable-static). - Modernize rpm macro constructs. ==== libdrm ==== Subpackages: libdrm2 libdrm_amdgpu1 libdrm_nouveau2 libdrm_radeon1 - covers jira#SLE/SLE-18743 ==== libepoxy ==== Version update (1.5.8 -> 1.5.9) - needed for jira#SLE/SLE-19965, jira#SLE/SLE-19964, jira#SLE/SLE-18653 - Update to version 1.5.9: + Allow libopengl.so to be used when GLX_LIB is missing. ==== libexif ==== Version update (0.6.22 -> 0.6.23) - libexif-0.6.23 (2021-09-12): - Translation updates: es, pl, uk, fr - EXIF_TAG_SENSITIVITY_TYPE decoder added, added some more Exif 2.3 tags: EXIF_TAG_STANDARD_OUTPUT_SENSITIVITY EXIF_TAG_RECOMMENDED_EXPOSURE_INDEX EXIF_TAG_ISO_SPEED EXIF_TAG_ISO_SPEEDLatitudeYYY EXIF_TAG_ISO_SPEEDLatitudeZZZ EXIF_TAG_OFFSET_TIME EXIF_TAG_OFFSET_TIME_ORIGINAL EXIF_TAG_OFFSET_TIME_DIGITIZED EXIF_TAG_IMAGE_DEPTH - be more relaxed to out of order JPG / EXIF dataheaders in files generated by some tools - default GPS IFD table added - Decode more Nikon Makernote tag names - Added Apple iOS Makernote - Security fixes: - CVE-2020-0198: unsigned integer overflow in exif_data_load_data_content - CVE-2020-0452: compiler optimization could remove an a bufferoverflow check, making a buffer overflow possible with some EXIF tags - some more denial of service (compute time or stack exhaustion) counter-measures added that avoid minutes of decoding time with malformed files found by OSS-Fuzz ==== libfido2 ==== Version update (1.7.0 -> 1.8.0) - Removed fix-cmake-linking.patch because no longer needed - Update to version 1.8.0: * Dropped 'Requires.private' entry from pkg-config file. * Better support for FIDO 2.1 authenticators. * Support for Windows's native webauthn API. * Support for attestation format 'none'. * New API calls: - fido_assert_set_clientdata; - fido_cbor_info_algorithm_cose; - fido_cbor_info_algorithm_count; - fido_cbor_info_algorithm_type; - fido_cbor_info_transports_len; - fido_cbor_info_transports_ptr; - fido_cred_set_clientdata; - fido_cred_set_id; - fido_credman_set_dev_rk; - fido_dev_is_winhello. * fido2-token: new -Sc option to update a resident credential. * Documentation and reliability fixes. * HID access serialisation on Linux. - disable fix-cmake-linking.patch, not needed currently ==== libgexiv2 ==== Version update (0.12.3 -> 0.14.0) - Update to version 0.14.0: + Fix BMFF compile test. - Changes from version 0.13.0: + Update gexiv2-dump tool + More additions to API and _try versions that support GErorr if exiv2 might throw + Some additions to gexiv2-tool + Changes in build configuration ==== libglvnd ==== - covers jira#SLE/SLE-18743 ==== libgudev ==== Version update (234 -> 237) - Update to version 237: + Fix reading double precision floats from sysfs attributes in locales that use comma as a separator + Fix compilation warning + Fix headers to help with build reproducibility + Clarify licensing information - Changes from version 236: + Fix meson project name to match autotools. - Changes from version 235: + Port build system to meson and remove autotools + Fix conversion of sysfs attributes to boolean. - Add meson BuildRequires and macros following upstreams port. - Enable pkgconfig(umockdev-1.0) BuildRequires and test macro. - Update Licence tag to LGPL-2.1-or-later. ==== libhugetlbfs ==== - Add glibc-2.34-fix.patch as a fix for upstream issue gh#52: https://github.com/libhugetlbfs/libhugetlbfs/pull/63/commits (boo#1189094). - Update to version 2.23.0.g6b126a4: * Update NEWS for 2.23 release * Wait child with os.wait() * Makefile: add MANDIR variable * Makefile: skip LIB resolve check if NATIVEONLY * Introduce basic riscv64 support * ld.hugetlbfs: fix -Ttext-segment argument on AArch64 * tests: add explicit permissions to open() call * Update NEWS for 2.22 release * Convert setup script to python3 * Clean up error checking in dump_proc_pid_maps() ==== libinput ==== Version update (1.18.1 -> 1.19.0) - Update to release 1.19 * Hold gestures are a new type of gestures that are triggered by holding one or more fingers on a touchpad without significant movement. They add to the existing pinch and swipe gestures and allow for the implementation of hold-to-click. * High-resolution wheel scrolling has been long in the making and the solution ends up replacing the existing pointer axis API. Three new events are available: LIBINPUT_EVENT_POINTER_SCROLL_WHEEL, LIBINPUT_EVENT_POINTER_SCROLL_FINGER, and LIBINPUT_EVENT_POINTER_SCROLL_CONTINUOUS. These events replace the existing LIBINPUT_EVENT_POINTER_AXIS events, i.e. if you are processing the new events simply discard the old events. ==== libkdecoration2 ==== Version update (5.22.4 -> 5.22.5) Subpackages: libkdecorations2-5 libkdecorations2private8 - Drop the unneeded baselibs.conf. - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== libkscreen2 ==== Version update (5.22.4 -> 5.22.5) Subpackages: libKF5Screen7 libkscreen2-plugin - Drop the unneeded baselibs.conf. - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== libksysguard5 ==== Version update (5.22.4 -> 5.22.5) Subpackages: ksysguardsystemstats-data libKSysGuardSystemStats1 libksysguard5-imports - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== libqt5-qtbase ==== Version update (5.15.2+kde200 -> 5.15.2+kde222) Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 - Update to version 5.15.2+kde222: * Revert "QString::lastIndexOf: fix off-by-one for zero length matches" * MySQL: treat the MYSQL_FIELD as read-only * Remove checks for glibc < 2 from qplatformdefs.h files * linux-clang/qplatformdefs: fix building with musl libc * Refix for avoiding huge number of tiny dashes * Improve fix for avoiding huge number of tiny dashes * Avoid processing-intensive painting of high number of tiny dashes * xcb: add a timeout control when reading INCR property * Remove another usage of mysql_get_client_version() * MySQL: remove the version number checks in favor of actual functionality * QLibraryInfo: Add MSVC 2022 * doCrypt() - check the error codes * Restore C++11 compatibility of QSharedPointer code * opengl: fix a typo in QOpenGLPaintDevice::dotsPerMeterY() * Fix rvalue overload of qobject_pointer_cast for GCC 9.3 * QVarLengthArray: fix aliasing error in insert(it, n, v) * Fix memory leak of QOffscreenScreen in QOffscreenIntegration * Fix tst_moc for C++17 * Add missing limits include * xcb: Avoid use-after-free in QXcbConnection::initializeScreens() * xcb: Remove need for QXCBScreen to resolve QXcbGlIntegration * Update shared-mime-info to the 2.1 release, adjust implementation ==== libqt5-qtlocation ==== - Recommend installation of geoclue2. The plugin needs the GeoClue2 DBus service file. ==== libqt5-qtwebengine ==== Version update (5.15.5 -> 5.15.6) - Add patches from Arch to fix build with HarfBuzz 3.0.0: * chromium-harfbuzz-3.0.0.patch * skia-harfbuzz-3.0.0.patch - ... but don't break with < 2.9.0: * chromium-older-harfbuzz.patch - Update to version 5.15.6: * Update Chromium: + [Backport] CVE-2021-30560: Use after free in Blink XSLT + [Backport] CVE-2021-30566: Stack buffer overflow in Printing + [Backport] CVE-2021-30585: Use after free in sensor handling + Bump V8_PATCH_LEVEL + [Backport] Security bug 1228036 + [Backport] CVE-2021-30604: Use after free in ANGLE + [Backport] CVE-2021-30603: Race in WebAudio + [Backport] CVE-2021-30602: Use after free in WebRTC + [Backport] CVE-2021-30599: Type Confusion in V8 + [Backport] CVE-2021-30598: Type Confusion in V8 + [Backport] Security bug 1227933 + [Backport] Security bug 1205059 + [Backport] Security bug 1184294 + [Backport] Security bug 1198385 + [Backport] CVE-2021-30588: Type Confusion in V8 + [Backport] CVE-2021-30587: Inappropriate implementation in Compositing on Windows + [Backport] CVE-2021-30573: Use after free in GPU + [Backport] CVE-2021-30569, security bugs 1198216 and 1204814 + [Backport] CVE-2021-30568: Heap buffer overflow in WebGL + [Backport] CVE-2021-30541: Use after free in V8 + [Backport] Security bugs 1197786 and 1194330 + [Backport] Security bug 1194689 + [Backport] CVE-2021-30563: Type Confusion in V8 + [Backport] Security bug 1211215 + [Backport] Security bug 1209558 + [Backport] CVE-2021-30553: Use after free in Network service + [Backport] CVE-2021-30548: Use after free in Loader + [Backport] CVE-2021-30547: Out of bounds write in ANGLE + [Backport] CVE-2021-30556: Use after free in WebAudio + [Backport] CVE-2021-30559: Out of bounds write in ANGLE + [Backport] CVE-2021-30533: Insufficient policy enforcement in PopupBlocker + [Backport] Security bug 1202534 + [Backport] CVE-2021-30536: Out of bounds read in V8 + [Backport] CVE-2021-30522: Use after free in WebAudio + [Backport] CVE-2021-30554 Use after free in WebGL + [Backport] CVE-2021-30551: Type Confusion in V8 + [Backport] CVE-2021-30544: Use after free in BFCache + [Backport] CVE-2021-30535: Double free in ICU + [Backport] CVE-2021-30534: Insufficient policy enforcement in iFrameSandbox + [Backport] CVE-2021-30530: Out of bounds memory access in WebAudio + [Backport] CVE-2021-30523: Use after free in WebRTC + Generate mojo bindings before compiling extension API registration * Bump version from 5.15.5 to 5.15.6 * Always send phased wheel events beginning with Began - Import patch from the chromium package: * 0001-return-ENOSYS-for-clone3.patch - Add changes from the chromium package to 0001-Fix-build-with-glibc-2.34.patch ==== libseccomp ==== Version update (2.5.1 -> 2.5.2) - Skip 11-basic-basic_errors test on qemu linux-user emulation - Update to release 2.5.2 * Update the syscall table for Linux v5.14-rc7 * Add a function, get_notify_fd(), to the Python bindings to get the nofication file descriptor. * Consolidate multiplexed syscall handling for all architectures into one location. * Add multiplexed syscall support to PPC and MIPS * The meaning of SECCOMP_IOCTL_NOTIF_ID_VALID changed within the kernel. libseccomp's fd notification logic was modified to support the kernel's previous and new usage of SECCOMP_IOCTL_NOTIF_ID_VALID. ==== libsecret ==== Subpackages: libsecret-1-0 typelib-1_0-Secret-1 - Add libsecret-handle-UnknownObject.patch: some Secret Service API backend implementations (like keepassxc) throws UnknownObject instead of UnknownMethod, this patch handles it. (bsc#1190499, glgo#GNOME/libsecret!94) - Remove obsolete translation-update-upstream support (jsc#SLE-21105). ==== libsrtp2 ==== Version update (2.4.0 -> 2.4.1) - Update to release 2.4.1 * Use a full-length key even with null ciphers ==== libtirpc ==== Subpackages: libtirpc-netconfig libtirpc3 - Backport DoS vulnerability fix 0001-Fix-DoS-vulnerability-in-libtirpc.patch - Replace %setup with %autosetup ==== libva ==== Version update (2.12.0 -> 2.13.0) Subpackages: libva-drm2 libva2 - covers jira#SLE/SLE-19446 - Update to 2.13.0 * add new surface format fourcc XYUV * Fix av1 dec doc page link issue * unify the code styles using the style_unify script * Check the function pointer before using (fixes github issue#536) * update NEWS for 2.13.0 ==== libxkbcommon ==== Version update (1.3.0 -> 1.3.1) Subpackages: libxkbcommon-x11-0 libxkbcommon0 libxkbregistry0 - Update to release 1.3.1 * In `xkbcli interactive-x11`, use the Esc keysym instead of the Esc keycode for quitting. * In `xkbcli how-to-type`, add `--keysym` argugment for how to type a keysym instead of a Unicode codepoint. * Fix a crash in `xkb_x11_keymap_new_from_device` error handling given some invalid keymaps. Had regressed in 1.2.0. ==== libzypp ==== Version update (17.28.1 -> 17.28.4) - Make sure to keep states alives while transitioning (bsc#1190199) - May set techpreview variables for testing in /etc/zypp/zypp.conf. If environment variables are unhandy one may enable the desired techpreview in zypp.conf as well: [main] techpreview.ZYPP_SINGLE_RPMTRANS=1 techpreview.ZYPP_MEDIANETWORK=1 - version 17.28.4 (22) - CMake/spec: Add option to force SINGLE_RPMTRANS as default for zypper (fixes #340) - Make sure singleTrans is zypper-only for now. - Do not double check signatures and keys (bsc#1190059) - version 17.28.3 (22) - Workaround Bug 1189788: Don't allow ZYPP_SINGLE_RPMTRANS=1 on a not UsrMerged Tumbleweed system. - version 17.28.2 (22) ==== llvm12 ==== - Set CMAKE_LINKER to workaround CMake wanting to use lld just because we're using clang as compiler. Fixes build on aarch64. (https://bugs.llvm.org/show_bug.cgi?id=51115) ==== mdadm ==== - Remove Spare drives line from details for external metadata (bsc#1180661, bsc#1182642) 0118-Remove-Spare-drives-line-from-details-for-external-m.patch - Don't associate spares with other arrays during RAID Examine (bsc#1180661, bsc#1182642) 0119-Don-t-associate-spares-with-other-arrays-during-RAID.patch ==== microos-tools ==== Version update (2.11 -> 2.12) - Update to version 2.12 - Remove special MicroOS firstboot script - Remove locale-check, replaced by another aaa_base implementation ==== milou5 ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== mozilla-nss ==== Version update (3.68 -> 3.69.1) Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs - Update to NSS 3.69.1 * bmo#1722613 (Backout) - Disable DTLS 1.0 and 1.1 by default * bmo#1720226 (Backout) - integrity checks in key4.db not happening on private components with AES_CBC NSS 3.69 * bmo#1722613 - Disable DTLS 1.0 and 1.1 by default (backed out again) * bmo#1720226 - integrity checks in key4.db not happening on private components with AES_CBC (backed out again) * bmo#1720235 - SSL handling of signature algorithms ignores environmental invalid algorithms. * bmo#1721476 - sqlite 3.34 changed it's open semantics, causing nss failures. (removed obsolete nss-btrfs-sqlite.patch) * bmo#1720230 - Gtest update changed the gtest reports, losing gtest details in all.sh reports. * bmo#1720228 - NSS incorrectly accepting 1536 bit DH primes in FIPS mode * bmo#1720232 - SQLite calls could timeout in starvation situations. * bmo#1720225 - Coverity/cpp scanner errors found in nss 3.67 * bmo#1709817 - Import the NSS documentation from MDN in nss/doc. * bmo#1720227 - NSS using a tempdir to measure sql performance not active - add nss-fips-stricter-dh.patch - updated existing patches with latest SLE ==== mpg123 ==== Version update (1.28.2 -> 1.29.0) - Update to version 1.29.0 build: * added --enable-runtime-tables libmpg123: * Float deocder runtime table computation is back as option, based on suggestion and initial patch by Ethan Halsall for a smaller download size of the wasm decoder built from libmpg23. This only trims the size of the binary on disk (network), for runtime overhead and a bit of uneasyness about concurrency during table computation, which happens implicitly on handle initialization, only guarded by an integer flag. This does _not_ revive mpg123_init(). * The ID3v2 UTF-16 BOM check is now a straight-on loop and not a recursive function. ==== multipath-tools ==== Version update (0.8.6+32+suse.f11c192 -> 0.8.7+14+suse.5a09bfa) Subpackages: kpartx libmpath0 - Add a versioned dependency of multipath-tools on libmpath0 (bsc#1190622) - Update to version 0.8.7+14+suse.5a09bfa1: * Fix possible string overflows (bsc#1188148) - Upstream fixes / changes * better string handling * multipath: print warning if multipathd isn't running * mpathpersist: better error msg when no usable paths exist * fixes from 0.8.6+32+suse.f11c192 merged upstream ==== mutter ==== Version update (40.4 -> 40.5) - Update to version 40.5: + Fix monitor screencast scanouts. + Fix middle-click emulation support on X11. + Fixed crashes. + Updated translations. - Remove obsolete translation-update-upstream support (jsc#SLE-21105). ==== nautilus-share ==== - Remove obsolete translation-update-upstream support (jsc#SLE-21105). ==== ncurses ==== Version update (6.2.20210814 -> 6.2.20210911) Subpackages: libncurses6 ncurses-utils terminfo-base - Add ncurses patch 20210911 + adjust ifdef in test_opaque.c to fix build with ncurses 5.7 + add testing note for xterm-{hp|sco|sun} -TD + corrected description for ansi.sys-old -TD + add xterm+nopcfkeys, to fill in keys for xterm-hp, xterm-sun -TD + use hp+arrows in a few places -TD + use hp+pfk-cr in a few places -TD - Correct offsets of patch ncurses-6.2.dif - Add ncurses patch 20210905 + correct logic in filtering of redefinitions (report by Sven Joachim, cf: 20210828). - Add ncurses patch 20210904 + modify linux3.0 entry to reflect default mapping of shift-tab by kbd 1.14 (report by Jan Engelhardt) -TD + add historical note to tput, curses-terminfo and curses-color manpages based on source-code for SVr2, SVr3 and SVr4. + minor grammatical fixes for "it's" vs "its" (report by Nick Black). + amend fix for --disable-root-environ (report by Arnav Singh). + build-fix for compiling link_test + drop symbols GCC_PRINTF and GCC_SCANF from curses.h.in, to simplify use (Debian #993179). - Add ncurses patch 20210828 + correct reversed check for --disable-root-environ (report/analysis by Arnav Singh, cf: 20210626). + apply gcc format attribute to prototypes which use a va_list parameter rather than a "..." variable-length parameter list (prompted by discussion in a tmux pull-request). + modify configure scripts to filter out redefinitions of _XOPEN_SOURCE, e.g., for NetBSD which generally supports 500, but 600 is needed for ncursesw. + improve documentation for tparm and static/dynamic variables. + improve typography in terminfo.5 (patch by Branden Robinson). - Add ncurses patch 20210821 + improve tparm implementation of %P and %g, more closely matching SVr4 terminfo. + move internals of TERMINAL structure to new header term.priv.h + add "check" rule for ncurses/Makefile + corrected tsl capability for terminator -TD + add check in tic to report instances where tparm would detect an error in an expression (cf: 20201010). + correct a few places where SP->_pair_limit was used rather than SP->_pair_alloc (cf: 20170812). + fix missing "%d" for setaf/setab code 8-15 in xterm+direct16 (report by Florian Weimer) -TD + fix some documentation errata from OpenBSD changes. + update config.sub - Correct offsets and dates of patch ncurses-6.2.dif ==== net-snmp ==== Subpackages: libsnmp30 snmp-mibs - add upstream signing keyring and validate source signature ==== numactl ==== Version update (2.0.14.17.g498385e -> 2.0.14.20.g4ee5e0c) - Update to version 2.0.14.20.g4ee5e0c: * Fix system call numbers on s390x * numactl.c: fixed debug verify for --preferred option * numactl.c: Fixed description for the usage of numactl ==== open-iscsi ==== Subpackages: iscsiuio libopeniscsiusr0_2_0 - Updated to latest upstream 2.1.5 as 2.1.5-suse, which contains these changes not already present: * Handle IPv6 interfaces correctly. (bsc#1187958) * Handle qedi correctly in NPAR mode (bsc#1187958) * Update iscsiadm man page (bsc#1187958) * Update iface.example for ipv6 * Change iscsi IP type from defines to enum. * Handle recv() returning 0 in iscsid_response() ==== open-lldp ==== Version update (1.1+36.e926f7172b96 -> 1.1+44.0f781b4162d3) Subpackages: liblldp_clif1 - Update to version v1.1+44.0f781b4162d3: * agent: reset frame status on message delete * Avoiding null pointer dereference ==== openexr ==== Subpackages: libIex-3_1-30 libIlmThread-3_1-30 libOpenEXR-3_1-30 - Add patch to fix OpenEXRCore.testHUF on armv7: * openexr-fix-armv7.patch * openexr-fix-armv7-2.patch ==== osinfo-db ==== Version update (20210621 -> 20210903) - Update to database version 20210903 osinfo-db-20210903.tar.xz - Update to database version 20210809 osinfo-db-20210809.tar.xz ==== pam ==== Version update (1.5.1 -> 1.5.2) Subpackages: pam_unix - Rename motd.tmpfiles to pam.tmpfiles - Add /run/faillock directory - pam-login_defs-check.sh: adjust for new login.defs variable usages - Update to 1.5.2 Noteworthy changes in Linux-PAM 1.5.2: * pam_exec: implemented quiet_log option. * pam_mkhomedir: added support of HOME_MODE and UMASK from /etc/login.defs. * pam_timestamp: changed hmac algorithm to call openssl instead of the bundled sha1 implementation if selected, added option to select the hash algorithm to use with HMAC. * Added pkgconfig files for provided libraries. * Added --with-systemdunitdir configure option to specify systemd unit directory. * Added --with-misc-conv-bufsize configure option to specify the buffer size in libpam_misc's misc_conv() function, raised the default value for this parameter from 512 to 4096. * Multiple minor bug fixes, portability fixes, documentation improvements, and translation updates. pam_tally2 has been removed upstream, remove pam_tally2-removal.patch pam_cracklib has been removed from the upstream sources. This obsoletes pam-pam_cracklib-add-usersubstr.patch and pam_cracklib-removal.patch. The following patches have been accepted upstream and, so, are obsolete: - pam-bsc1181443-make-nofile-unlimited-mean-nr_open.patch - pam_securetty-don-t-complain-about-missing-config.patch - bsc1184358-prevent-LOCAL-from-being-resolved.patch - revert-check_shadow_expiry.diff [Linux-PAM-1.5.2-docs.tar.xz, Linux-PAM-1.5.2-docs.tar.xz.asc, Linux-PAM-1.5.2.tar.xz, Linux-PAM-1.5.2.tar.xz.asc, pam-pam_cracklib-add-usersubstr.patch, pam_cracklib-removal.patch, pam-bsc1181443-make-nofile-unlimited-mean-nr_open.patch, pam_securetty-don-t-complain-about-missing-config.patch, bsc1184358-prevent-LOCAL-from-being-resolved.patch, revert-check_shadow_expiry.diff] ==== pam-config ==== Version update (1.3 -> 1.4) - Update to version 1.4 - Fix support for mulitple locations for configuration files - Drop pam-config-fix-pam_keyinit-options.patch - Drop pam-config-remove-bad-access-call.patch ==== pango ==== Version update (1.48.9 -> 1.48.10) Subpackages: libpango-1_0-0 typelib-1_0-Pango-1_0 - Update to version 1.48.10: + Fix a crash in strikethrough drawing. + pango-view: - Support antialiasing freetype. - Use GraphicsMagick. ==== patterns-base ==== Subpackages: patterns-base-base patterns-base-bootloader patterns-base-minimal_base patterns-base-x11 - Fix typo in the icon name for the fips pattern (bsc#1189550) ==== patterns-microos ==== Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-base-microdnf patterns-microos-base-packagekit patterns-microos-base-zypper patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-desktop-common patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-ra_agent patterns-microos-ra_verifier patterns-microos-selinux patterns-microos-sssd_ldap - Add ethtool to hardware pattern [jsc#PM-2983] - Remove haveged (obsolete with recent kernels) [bsc#1190024] ==== perl ==== Version update (5.32.1 -> 5.34.0) Subpackages: perl-base - update to 5.34.0 * Experimental Try/Catch Syntax * Blanks freely allowed within but adjacent to curly braces * New octal syntax 0oddddd * Fix a memory leak in RegEx [GH #18604] * ExtUtils::PL2Bat 0.004 has been added to the Perl core. * Updated Modules and Pragmata - Rebase perl-5.28.0.dif to perl-5.34.0.dif - Rebase perl-incfix.diff - Rebase perl_skip_flaky_tests_powerpc.patch - Drop perl-gdbm-test-no-mmap.diff (no longer needed with gdbm 1.20) - Add c029d660f2fe60699cf64bbb3fa9f671a1a370d5.patch to fix build with gdbm 1.20 - Drop perl-fix2020.patch (included upstream) ==== perl-Bootloader ==== Version update (0.935 -> 0.936) - merge gh#openSUSE/perl-bootloader#136 - report error if config file could not be updated (bsc#1188768) - 0.936 ==== permissions ==== Version update (1550_20210518 -> 1550_20210901) Subpackages: chkstat permissions-config - Update to version 20210901: * libksysguard5: Updated path for ksgrd_network_helper * kdesu: Updated path for kdesud * sbin_dirs cleanup: these binaries have already been moved to /usr/sbin * mariadb: revert auth_pam_tool to /usr/lib{,64} again * cleanup: revert virtualbox back to plain /usr/lib * cleanup: remove deprecated /etc/ssh/sshd_config * hawk_invoke is not part of newer hawk2 packages anymore * cleanup: texlive-filesystem: public now resides in libexec * cleanup: authbind: helper now resides in libexec * cleanup: polkit: the agent now also resides in libexec * libexec cleanup: 'inn' news binaries now reside in libexec ==== phonon4qt5 ==== - Drop the unneeded baselibs.conf. ==== pinentry ==== Version update (1.1.1 -> 1.2.0) Subpackages: pinentry-qt5 - pinentry 1.2.0: * qt: Show a warning if Caps Lock is on * qt: Support password formatting. This makes generated passwords easier to transcribe * qt: Fix showing of pinentry window on Wayland * qt: Check passphrase constraints before accepting passphrase if passphrase constraints are requested to be enforced * qt: Improve detection of running in a GUI session * qt: Improve accessibility when entering new password ==== pipewire ==== Version update (0.3.34 -> 0.3.37) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-media-session pipewire-modules pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Update to version 0.3.37: * Highlights - Capture and playback is now avoided even more on unavailable devices. This should fix some issues where an unusable microphone was selected by default. It should now also again be possible to select an unavailable device as the default. - Native DSD audio playback is now supported. pw-cat can now also play DSF files with the -d option. - JACK stability improvements with buffer-size and samplerate changes in some apps. - Many cleanups and bugfixes all over the place. * PipeWire - pw-metadata -d does not cause an infinite loop anymore. (#1622) - Increase some plugin buffer sizes to fix some issues with many channels. (#1620) - Protect the global plugin list with a lock. Make sure pw_init() is locked. Fixes some issues with concurrent ALSA plugin usage. * media-session - Unavailable devices can be set as the default again. (#1624) - Do a better check if a device has available routes and avoid selecting devices with unavailable routes as default. - Media-session was moved to its own directory. It used to live in examples but it is past the example stage and it interferes with the build options for the real examples. * Bluetooth - The hardware quirk database is now loaded by the plugin instead of the session manager. This makes it also work with wireplumber. * ALSA - The ALSA mixer now handles device removal much better. (#1627) * libcamera - Many fixes and improvement to the libcamera plugin. (#1513) * pulse-server - Improve compatibility with pulseaudio module arguments. - Parse channel_map arguments in module-loopback. (#1486) * JACK - Delay emiting the samplerate and buffersize callbacks until the client is active. This fixes some crashes with Carla and other JACK apps. - Drop patches already included upstream: * 0001-media-session-dont-use-after-free-if-linking-node-removed.patch * 0002-update-version-number-as-well.patch - Add patches from upstream to fix an "use-after-free" error and to set the version number correctly: * 0001-media-session-dont-use-after-free-if-linking-node-removed.patch * 0002-update-version-number-as-well.patch - Update to version 0.3.36: * Highlights - A quick update with mostly only bugfixes and small improvements. - Capture and playback is now avoided on unavailable devices. This should fix some issues where an unusable microphone was selected by default. - MIDI output should not stop randomly now. - The GStreamer elements are much improved, cheese should work a lot better now. - Virtual sinks and sources should now always show up immediately. - JACK processing is now delayed until buffersize and samplerate are emited. This should improve stability of many JACK apps. - JACK transport sync is now implemented correctly so that preroll in bitwig works. * PipeWire - The module dir environment variable can now contain multiple paths. - Documentation now contains dot graphs of dependencies. (#1585) - config min/max/default quantum values are now scaled with the samplerate. - A potential crash was fixed where destroyed memory was still used by a node. This could cause crashes in cheese. * pipewire-media-session - Only allow passthrough for passthrough formats (S/PDIF) for now. (#1587) - Improve bluetooth profile autoswitch. - Don't try to route audio to nodes with unavailable routes. * ALSA - Pass the right AES bits to the alsa device when opening an S/PDIF stream. - Fix a bug in the MIDI bridge port management logic. When a port was added and immediately removed, output would stop. * GStreamer - The GStreamer source now handles the flushing state correctly. - All blocking operations now have a 30 seconds timeout, to avoid infinite locks. * Plugins - V4l2 Device formats and controls are now passed on the node, just like with audio devices. - audioconvert now also exposes the softMute property. * JACK - Improve stability when changing buffer size and sample rate dynamically by pausing the processing until the application has handled the callback. - Improve handling of timebase master. When the master was moved to another driver, it did not attempt to become a new timebase master on the new driver. (#1589) - Implement transport sync to make preroll in bitwig work. (#1589) * pulse-server - Fix an issue where virtual sinks/sources would not show up immediately. (#1588) - Update to version 0.3.35: * Highlights: - S/PDIF passthrough over optical or HDMI is now implemented. - Some critical fixes to MIDI, draining of streams and various modules. - skypeforlinux should work better now after adding it to the quirks database. - Bluetooth codecs are now in separate plugins to make it easier to ship them. * PipeWire: - Drain was fixed in pw-stream. In some cases it would not clear the drain state correctly. Fixes the issue where speaker-test would only play one channel. - Loopback connections to a driver will now activate the driver. This fixes an issue where MIDI connections between devices or some applications (puredata) would not get any MIDI messages. (#1559)x. - The audiomixer can now mix more formats. Together with the passthrough improvements this can be used to avoid conversions to/from the DSP format in some cases. - Make sure we idle drivers when removing a node from it in all cases. JACK clients could keep a driver node busy. - Add new methods to accumulate object info. The old one was difficult to use when applications need to accumulate multiple changes. - A new interface to load modules has been added. Plugins can use this to ask the host (PipeWire) to load spa plugins. - Increase param buffer size to handle larger params. Nodes with a large number of channels would sometimes not have properties. (#1574) - Concurrent link negotiation that caused some links to not work, is now avoided. This fixes monitor ports in Ardour6. - Small tweaks to how the quantum and rate are handled when nodes move between drivers. Make node.lock-quantum work with node.latency * PipeWire modules: - The convolver plugin in filter-chain has been optimized some more. - The echo-cancel stream properties were improved so that it actually can remember the streams it links to. (#1557) - module-pulse-tunnel had the buffer attributes wrong and would cause high latency with older pulseaudio servers. (#1434) - module-roc had the properties configured wrongly, which would cause it to not work at all in most cases. (#1538) - There is now an example of a 7.1 virtual surround sink using the hesuvi impulse responses. - The convolver now supports dirac pulses as the IR. * ALSA: - UCM config is now cached per device, using up less memory. It also temporarily works around a problem in alsa-lib that is now being patched and rolled out. Should stop devices from disappearing when logging out and back in. (#1553) - Fix the MIDI clock rate matching. It was too sensitive to small changes and would spiral out of control and break MIDI rather quickly. * pipewire-media-session: - The media session can now save and restore IEC958 (S/PDIF) codecs for the sinks. - Passthrough of IEC958 (S/PDIF) content is now possible. If the client and the sink contain a compatible set of codecs, an exclusive connection can be made between client and sink to pass the encoded S/PDIF content directly to the device. - Use new introspection info update methods to suspend nodes in all cases. Sometimes, nodes would fail to suspend because the state info was not evaluated. - The media session can now work in non-DSP mode, which will try to avoid any audio conversions between client and device when possible. But, this will also disable compatibility with JACK applications. * Bluetooth - Bluetooth codecs are now compiled into separate plugins which are dynamically loaded. This makes it possible to change the plugin implementation or ship plugins separately without having to recompile the bluetooth module. * PulseAudio server - Delay stream create reply until the stream is linked to a sink/source. - The device-restore extension is now implemented. This makes it possible to configure the IEC958 (S/PDIF) codecs supported by the sink with pavucontrol. - skypeforlinux now uses the same quirks as teams to make the sinks show up in all cases. This fixes the issue of not being able to hear the remote end in skypeforlinux. * JACK - Improve catia and carla compatibility by caching objects a little longer after being removed. (#1531) - JACK ports now notify the negotiated format correctly. - A potential deadlock was fixed when multiple threads would perform a call that would require a roundtrip. - Improve bufsize callback, it should not be called right after doing activate() but only when the buffersize changes later. - Add tweak to disable the process lock. Some older apps might not expect it. (#1576) * Docs - man pages are now generated with rst2man. - DMA-BUF docs were updated. - Documentation updates. - Replace BuildRequires xmltoman with docutils (rst2man) - Update libcamera Buildrequires. ==== plasma-browser-integration ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== plasma-framework ==== Version update (5.85.0 -> 5.86.0) Subpackages: libKF5Plasma5 plasma-framework-components - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Too many changes since 5.85.0, only listing bugfixes: * ExpandableListItem: Fix overlapping entries with many expanded items (kde#428102) * ExpandableListitem: Fix stylus input for buttons (kde#426079) * [Calendar] Fix pinned calendar displaying the wrong number of dots (kde#440627) * [PC3/TextField] Fix text color with certain themes (kde#438854) - Drop upstream patch: * 0001-Fix-Plasma-non-Qt-icon-scaling-with-integer-scale-factors.patch ==== plasma-nm5 ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== plasma5-addons ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== plasma5-desktop ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - Changes since 5.22.4: * [emojier] Set KLocalizedContext * [emojier] Register QAbstractItemModel to QML * [containments/desktop] Stop hardcoding applet handle tooltip position (kde#425636) * [containments/panel] Fix panel applet configuration with touch (kde#439918) * [desktoppackage/alternatives] Don't overflow with long text (kde#439098) * [applets/taskmanager] Don't make pinned app tooltips interactive (kde#439094) * [containments/desktop] Fix applet overlay icon size with touch interaction * Use the correct panel prefixes from the theme ==== plasma5-integration ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== plasma5-openSUSE ==== Subpackages: plasma5-defaults-openSUSE plasma5-theme-openSUSE sddm-theme-openSUSE - Update to 5.22.5 ==== plasma5-pa ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== plasma5-workspace ==== Version update (5.22.4 -> 5.22.5) Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-libs xembedsniproxy - Add upstream patch to fix a bug that would result in power management remaining inhibited even after un-inhibiting it in the UI: * Call-UnInhibit-with-correct-signature-in-powermanagement-dataengine.patch - Drop the unneeded baselibs.conf. - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - Changes since 5.22.4: * [kcms/icons] Fix i18n usage * [kcms/icons] Clip ListView in popup * [applets/digitalclock] Let long timezones list scroll (kde#439147) * [applets/digital-clock] Fix header in RTL mode (kde#438083) ==== podman ==== Version update (3.2.3 -> 3.3.1) Subpackages: podman-cni-config - require runc >= 1.0.1 - Update to version 3.3.1: * Bugfixes - Fixed a bug where unit files created by podman generate systemd could not cleanup shut down containers when stopped by systemctl stop (#11304). - Fixed a bug where podman machine commands would not properly locate the gvproxy binary in some circumstances. - Fixed a bug where containers created as part of a pod using the - -pod-id-file option would not join the pod's network namespace (#11303). - Fixed a bug where Podman, when using the systemd cgroups driver, could sometimes leak dbus sessions. - Fixed a bug where the until filter to podman logs and podman events was improperly handled, requiring input to be negated (#11158). - Fixed a bug where rootless containers using CNI networking run on systems using systemd-resolved for DNS would fail to start if resolved symlinked /etc/resolv.conf to an absolute path (#11358). * API - A large number of potential file descriptor leaks from improperly closing client connections have been fixed. - Revert crun change due to crun having exclusive arch targets that would drop podman support in PPC and IBM Z - Update to version 3.3.0: * Fix network aliases with network id * machine: compute sha256 as we read the image file * machine: check for file exists instead of listing directory * pkg/bindings/images.nTar(): slashify hdr.Name values * Volumes: Only remove from DB if plugin removal succeeds * For compatibility, ignore Content-Type * [v3.3] Bump c/image 5.15.2, buildah v1.22.3 * Implement SD-NOTIFY proxy in conmon * Fix rootless cni dns without systemd stub resolver * fix rootlessport flake * Skip stats test in CGv1 container environments * Fix AVC denials in tests of volume mounts * Restore buildah-bud test requiring new images * Revert ".cirrus.yml: use fresh images for all VMs" * Fix device tests using ls test files * Enhance priv. dev. check * Workaround host availability of /dev/kvm * Skip cgroup-parent test due to frequent flakes * Cirrus: Fix not uploading logformatter html - Switch to crun (bsc#1188914) ==== polkit-kde-agent-5 ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== polkit-qt5-1 ==== - Drop the unneeded baselibs.conf. ==== powerdevil5 ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== prison-qt5 ==== Version update (5.85.0 -> 5.86.0) Subpackages: libKF5Prison5 prison-qt5-imports - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - No code change since 5.85.0 ==== pulseaudio ==== Subpackages: libpulse-mainloop-glib0 libpulse0 - Remove obsolete translation-update-upstream support (jsc#SLE-21105). - Require perl-XML-Parser explicitly, it's needed by build. ==== purpose ==== Version update (5.85.0 -> 5.86.0) Subpackages: libKF5Purpose5 libKF5PurposeWidgets5 - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * We depend against c++-17 so we can use qOverload directly * [imgur plugin] Add Delete Url support * replace "MacOSX" with "macOS" * Port Telegram plugin to KIO::ApplicationLauncherJob ==== python-Jinja2 ==== - Add no-warnings-as-errors.patch: * Do not treat warnings as errors until upstream fix using async loops. - Babel is not required ==== python-Pillow ==== Version update (8.3.1 -> 8.3.2) - update to version 8.3.2: * CVE-2021-23437 Raise ValueError if color specifier is too long [hugovk, radarhere] * Fix 6-byte OOB read in FliDecode [wiredfool] * Add support for Python 3.10 #5569, #5570 [hugovk, radarhere] * Ensure TIFF RowsPerStrip is multiple of 8 for JPEG compression [#5588] [kmilos, radarhere] * Updates for ImagePalette channel order #5599 [radarhere] * Hide FriBiDi shim symbols to avoid conflict with real FriBiDi library #5651 [nulano] ==== python-greenlet ==== - %check: use %pyunittest rpm macro ==== python-importlib-metadata ==== Version update (3.7.2 -> 4.8.1) - Update to v4.8.1 * #348: Restored support for EntryPoint access by item, deprecating support in the process. Users are advised to use direct member access instead of item-based access: - ep[0] -> ep.name - ep[1] -> ep.value - ep[2] -> ep.group - ep[:] -> ep.name, ep.value, ep.group - Release v4.8.0 * #337: Rewrote EntryPoint as a simple class, still immutable and still with the attributes, but without any expectation for namedtuple functionality such as _asdict. - Release v4.7.1 * #344: Fixed regression in packages_distributions when neither top-level.txt nor a files manifest is present. - Release v4.7.0 * #330: In packages_distributions, now infer top-level names from .files() when a top-level.txt (Setuptools-specific metadata) is not present. - Release v4.6.4 * #334: Correct SimplePath protocol to match pathlib protocol for __truediv__. - Release v4.6.3 * Moved workaround for #327 to _compat module. - Release v4.6.2 * bpo-44784: Avoid errors in test suite when DeprecationWarnings are treated as errors. - Release v4.6.1 * #327: Deprecation warnings now honor call stack variance on PyPy. - Release v4.6.0 * #326: Performance tests now rely on pytest-perf. To disable these tests, which require network access and a git checkout, pass -p no:perf to pytest. - Release v4.5.0 * #319: Remove SelectableGroups deprecation exception for flake8. - Release v4.4.0 * #300: Restore compatibility in the result from Distribution. entry_points (EntryPoints) to honor expectations in older implementations and issuing deprecation warnings for these cases: * EntryPoints objects are once again mutable, allowing for sort () and other list-based mutation operations. Avoid deprecation warnings by casting to a mutable sequence (e.g. list(dist. entry_points).sort()). * EntryPoints results once again allow for access by index. To avoid deprecation warnings, cast the result to a Sequence first (e.g. tuple(dist.entry_points)[0]). - Release v4.3.1 * #320: Fix issue where normalized name for eggs was incorrectly solicited, leading to metadata being unavailable for eggs. - Release v4.3.0 * #317: De-duplication of distributions no longer requires loading the full metadata for PathDistribution objects, entry point loading performance by ~10x. - Release v4.2.0 * Prefer f-strings to .format calls. - Release v4.1.0 * #312: Add support for metadata 2.2 (Dynamic field). * #315: Add SimplePath protocol for interface clarity in PathDistribution. - Release v4.0.1 * #306: Clearer guidance about compatibility in readme. - Release v4.0.0 * #304: PackageMetadata as returned by metadata() and Distribution.metadata() now provides normalized metadata honoring PEP 566: * If a long description is provided in the payload of the RFC 822 value, it can be retrieved as the Description field. * Any multi-line values in the metadata will be returned as such. * For any multi-line values, line continuation characters are removed. This backward-incompatible change means that any projects relying on the RFC 822 line continuation characters being present must be tolerant to them having been removed. * Add a json property that provides the metadata converted to a JSON-compatible form per PEP 566. - Release v3.10.1 * Minor tweaks from CPython. - Release v3.10.0 * #295: Internal refactoring to unify section parsing logic. - Release v3.9.1 * #296: Exclude 'prepare' package. * #297: Fix ValueError when entry points contains comments. - Release v3.9.0 * Use of Mapping (dict) interfaces on SelectableGroups is now flagged as deprecated. Instead, users are advised to use the select interface for future compatibility. * Suppress the warning with this filter: ignore:SelectableGroups dict interface. * Or with this invocation in the Python environment: warnings. filterwarnings('ignore', 'SelectableGroups dict interface'). * Preferably, switch to the select interface introduced in 3.7.0. See the entry points documentation and changelog for the 3.6 release below for more detail. * For some use-cases, especially those that rely on importlib. metadata in Python 3.8 and 3.9 or those relying on older importlib_metadata (especially on Python 3.5 and earlier), backports.entry_points_selectable was created to ease the transition. Please have a look at that project if simply relying on importlib_metadata 3.6+ is not straightforward. Background in #298. * #283: Entry point parsing no longer relies on ConfigParser and instead uses a custom, one-pass parser to load the config, resulting in a ~20% performance improvement when loading entry points. - Release v3.8.2 * #293: Re-enabled lazy evaluation of path lookup through a FreezableDefaultDict. - Release v3.8.1 * #293: Workaround for error in distribution search. - Release v3.8.0 * #290: Add mtime-based caching for FastPath and its lookups, dramatically increasing performance for repeated distribution lookups. - Release v3.7.3 * Docs enhancements and cleanup following review in GH-24782. ==== python-jsonpatch ==== - Don't use python setup.py test expression. ==== python-numpy ==== Version update (1.21.0 -> 1.21.2) - Update to 1.21.2 * #19497: MAINT: set Python version for 1.21.x to <3.11 * #19533: BUG: Fix an issue wherein importing numpy.typing could raise * #19646: MAINT: Update Cython version for Python 3.10. * #19648: TST: Bump the python 3.10 test version from beta4 to rc1 * #19651: TST: avoid distutils.sysconfig in runtests.py * #19652: MAINT: add missing dunder method to nditer type hints * #19656: BLD, SIMD: Fix testing extra checks when -Werror isn't applicable... * #19657: BUG: Remove logical object ufuncs with bool output * #19658: MAINT: Include .coveragerc in source distributions to support... * #19659: BUG: Fix bad write in masked iterator output copy paths * #19660: ENH: Add support for windows on arm targets * #19661: BUG: add base to templated arguments for platlib * #19662: BUG,DEP: Non-default UFunc signature/dtype usage should be deprecated * #19666: MAINT: Add Python 3.10 to supported versions. * #19668: TST,BUG: Sanitize path-separators when running runtest.py * #19671: BLD: load extra flags when checking for libflame * #19676: BLD: update circleCI docker image * #19677: REL: Prepare for 1.21.2 release. - Release 1.21.1 * #19311: REV,BUG: Replace NotImplemented with typing.Any * #19324: MAINT: Fixed the return-dtype of ndarray.real and imag * #19330: MAINT: Replace "dtype[Any]" with dtype in the definiton of... * #19342: DOC: Fix some docstrings that crash pdf generation. * #19343: MAINT: bump scipy-mathjax * #19347: BUG: Fix arr.flat.index for large arrays and big-endian machines * #19348: ENH: add numpy.f2py.get_include function * #19349: BUG: Fix reference count leak in ufunc dtype handling * #19350: MAINT: Annotate missing attributes of np.number subclasses * #19351: BUG: Fix cast safety and comparisons for zero sized voids * #19352: BUG: Correct Cython declaration in random * #19353: BUG: protect against accessing base attribute of a NULL subarray * #19365: BUG, SIMD: Fix detecting AVX512 features on Darwin * #19366: MAINT: remove print()'s in distutils template handling * #19390: ENH: SIMD architectures to show_config * #19391: BUG: Do not raise deprecation warning for all nans in unique... * #19392: BUG: Fix NULL special case in object-to-any cast code * #19430: MAINT: Use arm64-graviton2 for testing on travis * #19495: BUILD: update OpenBLAS to v0.3.17 * #19496: MAINT: Avoid unicode characters in division SIMD code comments * #19499: BUG, SIMD: Fix infinite loop during count non-zero on GCC-11 * #19500: BUG: fix a numpy.npiter leak in npyiter_multi_index_set * #19501: TST: Fix a GenericAlias test failure for python 3.9.0 * #19502: MAINT: Start testing with Python 3.10.0b3. * #19503: MAINT: Add missing dtype overloads for object- and ctypes-based... * #19510: REL: Prepare for NumPy 1.21.1 release. - Drop 0001-BUG-Fix-infinite-loop-on-gcc11.patch fixed upstream (by gcc 11.2) - Drop numpy-pr19326-fix-subarray-segfault.patch merged upstream (backported) ==== python-ordered-set ==== Version update (3.1.1 -> 4.0.2) - Update to version 4.0.2 * Restore compatibility with Python 3.5 * fix packaging, remove vestiges of type stubs * Remove unused type * Add a mailmap * remove old .pyi type stub * Implement code review suggestions for types * Code formatting (isort and black) * Move type annotations inline * Directly distribute type stub file via PEP 561 * Handle another indexing case from NumPy ==== python-pandas ==== Version update (1.3.1 -> 1.3.3) - Update to version 1.3.3 * Fixed regression in DataFrame constructor failing to broadcast for defined Index and len one list of Timestamp (GH42810) * Fixed regression in GroupBy.agg() incorrectly raising in some cases (GH42390) * Fixed regression in GroupBy.apply() where nan values were dropped even with dropna=False (GH43205) * Fixed regression in GroupBy.quantile() which was failing with pandas.NA (GH42849) * Fixed regression in merge() where on columns with ExtensionDtype or bool data types were cast to object in right and outer merge (GH40073) * Fixed regression in RangeIndex.where() and RangeIndex.putmask() raising AssertionError when result did not represent a RangeIndex (GH43240) * Fixed regression in read_parquet() where the fastparquet engine would not work properly with fastparquet 0.7.0 (GH43075) * Fixed regression in DataFrame.loc.__setitem__() raising ValueError when setting array as cell value (GH43422) * Fixed regression in is_list_like() where objects with __iter__ set to None would be identified as iterable (GH43373) * Fixed regression in DataFrame.__getitem__() raising error for slice of DatetimeIndex when index is non monotonic (GH43223) * Fixed regression in Resampler.aggregate() when used after column selection would raise if func is a list of aggregation functions (GH42905) * Fixed regression in DataFrame.corr() where Kendall correlation would produce incorrect results for columns with repeated values (GH43401) * Fixed regression in DataFrame.groupby() where aggregation on columns with object types dropped results on those columns (GH42395, GH43108) * Fixed regression in Series.fillna() raising TypeError when filling float Series with list-like fill value having a dtype which couldn?t cast lostlessly (like float32 filled with float64) (GH43424) * Fixed regression in read_csv() raising AttributeError when the file handle is an tempfile.SpooledTemporaryFile object (GH43439) * Fixed performance regression in core.window.ewm. ExponentialMovingWindow.mean() (GH42333) * Performance improvement for DataFrame.__setitem__() when the key or value is not a DataFrame, or key is not list-like (GH43274) * Fixed bug in DataFrameGroupBy.agg() and DataFrameGroupBy. transform() with engine="numba" where index data was not being correctly passed into func (GH43133) - Release 1.3.2 * Performance regression in DataFrame.isin() and Series.isin() for nullable data types (GH42714) * Regression in updating values of Series using boolean index, created by using DataFrame.pop() (GH42530) * Regression in DataFrame.from_records() with empty records (GH42456) * Fixed regression in DataFrame.shift() where TypeError occurred when shifting DataFrame created by concatenation of slices and fills with values (GH42719) * Regression in DataFrame.agg() when the func argument returned lists and axis=1 (GH42727) * Regression in DataFrame.drop() does nothing if MultiIndex has duplicates and indexer is a tuple or list of tuples (GH42771) * Fixed regression where read_csv() raised a ValueError when parameters names and prefix were both set to None (GH42387) * Fixed regression in comparisons between Timestamp object and datetime64 objects outside the implementation bounds for nanosecond datetime64 (GH42794) * Fixed regression in Styler.highlight_min() and Styler. highlight_max() where pandas.NA was not successfully ignored (GH42650) * Fixed regression in concat() where copy=False was not honored in axis=1 Series concatenation (GH42501) * Regression in Series.nlargest() and Series.nsmallest() with nullable integer or float dtype (GH42816) * Fixed regression in Series.quantile() with Int64Dtype (GH42626) * Fixed regression in Series.groupby() and DataFrame.groupby() where supplying the by argument with a Series named with a tuple would incorrectly raise (GH42731) * Bug in read_excel() modifies the dtypes dictionary when reading a file with duplicate columns (GH42462) * 1D slices over extension types turn into N-dimensional slices over ExtensionArrays (GH42430) * Fixed bug in Series.rolling() and DataFrame.rolling() not calculating window bounds correctly for the first row when center=True and window is an offset that covers all the rows (GH42753) * Styler.hide_columns() now hides the index name header row as well as column headers (GH42101) * Styler.set_sticky() has amended CSS to control the column/index names and ensure the correct sticky positions (GH42537) * Bug in de-serializing datetime indexes in PYTHONOPTIMIZED mode (GH42866) ==== python-simplejson ==== Version update (3.17.3 -> 3.17.5) - update to 3.17.5: * Fix the C extension module to harden is_namedtuple against looks-a-likes such as Mocks. Also prevent dict encoding from causing an unraised SystemError when encountering a non-Dict. Noticed by running user tests against a CPython interpreter with C asserts enabled (COPTS += -UNDEBUG). ==== python38 ==== Version update (3.8.11 -> 3.8.12) - Update to 3.8.12 * Complete list of changes is available at https://docs.python.org/release/3.8.12/whatsnew/changelog.html * Security - bpo-42278: Replaced usage of tempfile.mktemp() with TemporaryDirectory to avoid a potential race condition. - bpo-44394: Update the vendored copy of libexpat to 2.4.1 (from 2.2.8) to get the fix for the CVE-2013-0340 ?Billion Laughs? vulnerability. This copy is most used on Windows and macOS. - bpo-43124: Made the internal putcmd function in smtplib sanitize input for presence of \r and \n characters to avoid (unlikely) command injection. - bpo-36384: ipaddress module no longer accepts any leading zeros in IPv4 address strings. Leading zeros are ambiguous and interpreted as octal notation by some libraries. For example the legacy function socket.inet_aton() treats leading zeros as octal notation. glibc implementation of modern inet_pton() does not accept any leading zeros. For a while the ipaddress module used to accept ambiguous leading zeros. - Refreshed patch: * decimal-3.8.patch - Add decimal-3.8.patch to add building with --with-system-libmpdec option (bsc#1189356). - test_faulthandler is still problematic under qemu linux-user emulation, disable it there - Reenable profileopt with qemu emulation, test_faulthandler is no longer run during profiling ==== python38-core ==== Version update (3.8.11 -> 3.8.12) Subpackages: libpython3_8-1_0 python38-base - Update to 3.8.12 * Complete list of changes is available at https://docs.python.org/release/3.8.12/whatsnew/changelog.html * Security - bpo-42278: Replaced usage of tempfile.mktemp() with TemporaryDirectory to avoid a potential race condition. - bpo-44394: Update the vendored copy of libexpat to 2.4.1 (from 2.2.8) to get the fix for the CVE-2013-0340 ?Billion Laughs? vulnerability. This copy is most used on Windows and macOS. - bpo-43124: Made the internal putcmd function in smtplib sanitize input for presence of \r and \n characters to avoid (unlikely) command injection. - bpo-36384: ipaddress module no longer accepts any leading zeros in IPv4 address strings. Leading zeros are ambiguous and interpreted as octal notation by some libraries. For example the legacy function socket.inet_aton() treats leading zeros as octal notation. glibc implementation of modern inet_pton() does not accept any leading zeros. For a while the ipaddress module used to accept ambiguous leading zeros. - Refreshed patch: * decimal-3.8.patch - Add decimal-3.8.patch to add building with --with-system-libmpdec option (bsc#1189356). - test_faulthandler is still problematic under qemu linux-user emulation, disable it there - Reenable profileopt with qemu emulation, test_faulthandler is no longer run during profiling ==== qca-qt5 ==== Version update (2.3.3 -> 2.3.4) Subpackages: libqca-qt5-2 - Run ctest in %check - Add patch to make %check much quicker: * 0001-Make-filewatchunittest-much-quicker.patch - Update to 2.3.4: * OpenSSL 3 support * Don't create pkgconfig files for Qt 6 builds * Minor test fix ==== qemu ==== Version update (6.0.0 -> 6.1.0) - Fix testsuite dependencies (bsc#1190573) * Patches added: modules-quick-fix-a-fundamental-error-in.patch - Replace patch to fix hardcoded binfmt handler (bsc#1186256) * Patches dropped: qemu-binfmt-conf.sh-allow-overriding-SUS.patch * Patches added: qemu-binfmt-conf.sh-should-use-F-as-shor.patch - Stable fixes from upstream * Patches added: 9pfs-fix-crash-in-v9fs_walk.patch i386-cpu-Remove-AVX_VNNI-feature-from-Co.patch plugins-do-not-limit-exported-symbols-if.patch plugins-execlog-removed-unintended-s-at-.patch qemu-sockets-fix-unix-socket-path-copy-a.patch target-i386-add-missing-bits-to-CR4_RESE.patch virtio-balloon-don-t-start-free-page-hin.patch - Fix qemu build on ARMv7 (bsc#1190211) * Patches added: tcg-arm-Fix-tcg_out_vec_op-function-sign.patch - Update supported file for ARM machines. - Keep qemu-img without backing format still deprecated (bsc#1190135) * Patches added: Revert-qemu-img-Improve-error-for-rebase.patch Revert-qemu-img-Require-F-with-b-backing.patch - Update the support files to reflect the deprecation. - Update build dependencies versions: libgcrypt >= 1.8.0, gnutls >= 3.5.18, glib >= 2.56, libssh >= 0.8.7 - Fix hardcoded binfmt handler doesn't play well with containers (bsc#1186256) * Patches added: qemu-binfmt-conf.sh-allow-overriding-SUS.patch - Update to v6.1: see https://wiki.qemu.org/ChangeLog/6.1 For a full list of formely deprecated features that are removed, consult: https://qemu-project.gitlab.io/qemu/about/removed-features.html For a list of new deprecated features, consult: https://qemu-project.gitlab.io/qemu/about/deprecated.html Some noteworthy changes: * Removed moxie CPU. * Removed lm32 CPU. * Removed unicore32 CPU. * Removed 'info cpustats'. * Added Aspeed machines: rainier-bmc, quanta-q7l1-bmc. * Added npcm7xx machine: quanta-gbs-bmc. * Model for Aspeed's Hash and Crypto Engine. * SVE2 is now emulated, including bfloat16 support * FEAT_I8MM, FEAT_TLBIOS, FEAT_TLBRANGE, FEAT_BF16, FEAT_AA32BF16, and FEAT_MTE3 are now emulated. * Improved hot-unplug failures on PowerPC pseries machine. * Implemented some POWER10 instructions in TCG. * Added shakti_c RISC-V machine. * Improved documentation for RISC-V machines. * CPU models for gen16 have been added for s390x. * New CPU model versions added with XSAVES enabled: Skylake-Client-v4, Skylake-Server-v5, Cascadelake-Server-v5, Cooperlake-v2, Icelake-Client-v3, Icelake-Server-v5, Denverton-v3, Snowridge-v3, Dhyana-v2 * Added ACPI based PCI hotplug support to Q35 machine. Enabled and used by default since pc-q35-6.1 machine type. * Added support for the pca9546 and pca9548 I2C muxes. * Added support for PMBus and several PMBus devices. * Crypto subsystem: The preferred crypto backend driver now gnutls, with libgcrypt as the second choice, and nettle as third choice, with ordering driven mostly by performance of the ciphers. * Misc doc improvements. * Patches removed: block-nvme-Fix-VFIO_MAP_DMA-failed-No-sp.patch hmp-Fix-loadvm-to-resume-the-VM-on-succe.patch hw-block-nvme-align-with-existing-style.patch hw-block-nvme-consider-metadata-read-aio.patch hw-net-can-sja1000-fix-buff2frame_bas-an.patch hw-nvme-fix-missing-check-for-PMR-capabi.patch hw-nvme-fix-pin-based-interrupt-behavior.patch hw-pci-host-q35-Ignore-write-of-reserved.patch hw-rdma-Fix-possible-mremap-overflow-in-.patch hw-rx-rx-gdbsim-Do-not-accept-invalid-me.patch hw-usb-Do-not-build-USB-subsystem-if-not.patch hw-usb-host-stub-Remove-unused-header.patch linux-user-aarch64-Enable-hwcap-for-RND-.patch module-for-virtio-gpu-pre-load-module-to.patch monitor-qmp-fix-race-on-CHR_EVENT_CLOSED.patch pvrdma-Ensure-correct-input-on-ring-init.patch pvrdma-Fix-the-ring-init-error-flow-CVE-.patch qemu-config-load-modules-when-instantiat.patch qemu-config-parse-configuration-files-to.patch qemu-config-use-qemu_opts_from_qdict.patch runstate-Initialize-Error-to-NULL.patch sockets-update-SOCKET_ADDRESS_TYPE_FD-li.patch target-i386-Exit-tb-after-wrmsr.patch target-sh4-Return-error-if-CPUClass-get_.patch tcg-Allocate-sufficient-storage-in-temp_.patch tcg-arm-Fix-tcg_out_op-function-signatur.patch tcg-sparc-Fix-temp_allocate_frame-vs-spa.patch ui-Fix-memory-leak-in-qemu_xkeymap_mappi.patch usb-hid-avoid-dynamic-stack-allocation.patch usb-limit-combined-packets-to-1-MiB-CVE-.patch usb-mtp-avoid-dynamic-stack-allocation.patch usb-redir-avoid-dynamic-stack-allocation.patch usbredir-fix-free-call.patch vfio-ccw-Permit-missing-IRQs.patch vhost-user-blk-Check-that-num-queues-is-.patch vhost-user-blk-Don-t-reconnect-during-in.patch vhost-user-blk-Fail-gracefully-on-too-la.patch vhost-user-blk-Get-more-feature-flags-fr.patch vhost-user-blk-Make-sure-to-set-Error-on.patch vhost-user-gpu-abstract-vg_cleanup_mappi.patch vhost-user-gpu-fix-leak-in-virgl_cmd_res.patch vhost-user-gpu-fix-leak-in-virgl_resourc.patch vhost-user-gpu-fix-memory-disclosure-in-.patch vhost-user-gpu-fix-memory-leak-in-vg_res.patch vhost-user-gpu-fix-memory-leak-while-cal.patch vhost-user-gpu-fix-OOB-write-in-virgl_cm.patch vhost-user-gpu-fix-resource-leak-in-vg_r.patch vhost-vdpa-don-t-initialize-backend_feat.patch virtio-blk-Fix-rollback-path-in-virtio_b.patch virtio-Fail-if-iommu_platform-is-request.patch virtiofsd-Fix-side-effect-in-assert.patch vl-allow-not-specifying-size-in-m-when-u.patch vl-Fix-an-assert-failure-in-error-path.patch vl-plug-object-back-into-readconfig.patch vl-plumb-keyval-based-options-into-readc.patch x86-acpi-use-offset-instead-of-pointer-w.patch ==== qqc2-desktop-style ==== Version update (5.85.0 -> 5.86.0) - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Too many changes since 5.85.0, only listing bugfixes: * Fix combobox popup in RTL mode (kde#441178) * Vertically center slider (kde#410672) * ScrollBar: less scuffed implementation of reading from QStyle (kde#418327) ==== re2 ==== Version update (20210801 -> 20210901) - Update to 2021-09-01: * Permit Unicode characters beyond ASCII in capture names ==== samba ==== Version update (4.14.6+git.168.6a9fc8a1ddd -> 4.14.6+git.182.2205d5224e3) Subpackages: libdcerpc-binding0 libdcerpc0 libndr-krb5pac0 libndr-nbt0 libndr-standard0 libndr1 libnetapi0 libsamba-credentials1 libsamba-errors0 libsamba-hostconfig0 libsamba-passdb0 libsamba-util0 libsamdb0 libsmbclient0 libsmbconf0 libsmbldap2 libtevent-util0 libwbclient0 samba-client samba-libs samba-libs-python3 - Add Certificate Auto Enrollment Policy; (jsc#SLE-18457). ==== selinux-policy ==== Subpackages: selinux-policy-targeted - Modified fix_systemd.patch to allow systemd gpt generator access to udev files (bsc#1189280) - fix rebootmgr does not trigger the reboot properly (boo#1189878) * fix managing /etc/rebootmgr.conf * allow rebootmgr_t to cope with systemd and dbus messaging - Properly label cockpit files - Allow wicked to communicate with network manager on DBUS (bsc#1188331) - Added policy module for rebootmgr (jsc#SMO-28) ==== serd ==== - Disabled doc build and test for Leap build ==== shadow ==== Version update (4.8.1 -> 4.9) Subpackages: login_defs - bsc#1190146: Fix empty subid range Add shadow-4.9-useradd-subuid.patch https://github.com/shadow-maint/shadow/pull/399 - bsc#1190145: Fix double free in gpasswd: Add shadow-4.9-sgent-free.patch upstreamed as https://github.com/shadow-maint/shadow/pull/417 - Fix shadow-login_defs-check.sh: In the last update we switched from calling make to %make_build macro. Using sed to adapt the spec file now. - libsubid-devel: add missing requires for libsubid3 - Remove README.changes-pwdutils, all distros you can upgrade from use already shadow - login.defs: Enable USERGROUPS_ENAB and CREATE_HOME to be compatible with other Linux distros and the other tools creating user accounts in use on openSUSE. Set HOME_MODE to 700 for security reasons and compatibility. [bsc#1189139] [bsc#1182850] - Update to 4.9: * Updated translations * Major salt updates * Various coverity and cleanup fixes * Consistently use 0 to disable PASS_MIN_DAYS in man * Implement NSS support for subids and a libsubid * setfcap: retain setfcap when mapping uid 0 * login.defs: include HMAC_CRYPTO_ALGO key * selinux fixes * Fix path prefix path handling * Manpage updates * Treat an empty passwd field as invalid(Haelwenn Monnier) * newxidmap: allow running under alternative gid * usermod: check that shell is executable * Add yescript support * useradd memleak fixes * useradd: use built-in settings by default * getdefs: add foreign * buffer overflow fixes * Adding run-parts style for pre and post useradd/del - Refresh: * shadow-login_defs-unused-by-pam.patch * userdel-script.patch * useradd-script.patch * chkname-regex.patch * useradd-default.patch: bbf4b79 stopped shipping default file. change group in code now. * shadow-login_defs-suse.patch * useradd-userkeleton.patch - Remove because upstreamed: * shadow-4.1.5.1-userdel-helpfix.patch * shadow-4.1.5.1-logmsg.patch - Add libsubid-build-fix.patch: See https://github.com/shadow-maint/shadow/issues/387 - Add shadow-libeconf-include.patch: See c6847011e8b656adacd9a0d2a78418cad0de34cb - Add shadow-fix-sigabrt.patch: See https://github.com/shadow-maint/shadow/issues/394 - Add shadow-passwd-handle-null.patch [bsc#1188307]: See https://github.com/shadow-maint/shadow/pull/398 - Remove %{_sysconfdir}/default/useradd: file not shipped anymore - Remove --disable-shared: Dont need it anymore See https://github.com/shadow-maint/shadow/issues/336 ==== solid ==== Version update (5.85.0 -> 5.86.0) Subpackages: libKF5Solid5 solid-imports - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * We can use directly std::as_const * Port QStringRef (deprected) to QStringView * autotests: avoid failure on Linux CI ==== sonnet ==== Version update (5.85.0 -> 5.86.0) Subpackages: libKF5SonnetCore5 libKF5SonnetUi5 - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Changes since 5.85.0: * replace "MacOSX" with "macOS" ==== suse-module-tools ==== Version update (16.0.8+1 -> 16.0.10+7) - Update to version 16.0.10+7: * rpm-script: link config also into /boot (boo#1189879) * weak-modules2: accept modules under /usr/lib/modules on stdin (for support of usr-merged KMPs) * fix scriptlet path (bsc#1189441) - Update to version 16.0.10: * Import kernel scriptlets from kernel-source (bsc#1189441) * README.md: document environment variables for weak-modules2 - Update to version 16.0.9: * weak_modules2: fix "warning: %post(kernel-...) scriptlet failed, exit status 1" message from rpm (boo#1189881) * weak-modules2: add logging at verbose level 2 * weak-modules2: control logging with environment variables WM2_VERBOSE, WM2_DEBUG, WM2_LOGFILE * regenerate-initrd-posttrans: friendly notice if dracut not found (boo#1123721) ==== syntax-highlighting ==== Version update (5.85.0 -> 5.86.0) Subpackages: libKF5SyntaxHighlighting5 - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - Too many changes since 5.85.0, only listing bugfixes: * markdown.xml: End nested sub-headers fold regions when parent header is closed (kde#441278) * Python: Add "yield from" keyword (kde#441540) * isocpp.xml: Highlight raw string delimeters (kde#440038) ==== system-users ==== Subpackages: system-group-hardware system-group-kvm system-user-lp system-user-nobody system-user-tss - Set shell for nobody in sysusers.d config ==== systemd ==== Version update (248.6 -> 249.4) Subpackages: libsystemd0 libudev1 systemd-logger systemd-sysvinit udev - Don't reexecute user manager instances on package update yet This can't be done until users have their user instance updated to the new version that supports reexecuting with SIGRTMIN+25 because this signal terminates the user managers for the previous versions. - Import commit ec72db9ee0f8ce061f83624d7148ff38a5993b11 3b1aa2f79f manager: reexecute on SIGRTMIN+25, user instances only fd46c81922 test: make sure to include all haveged unit files - systemd.spec: reexec user manager instances on package updates - Make sure the versions of both udev and systemd packages are always the same (bsc#1189480) - Drop dependency on m4 (replaced by Jinja2) - Configure split-usr=true only when %usrmerged is not defined - Import commit 40bda18e346ff45132ccd6f8f8e96de78dcf3470 (merge of v249.4) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/7f23815a706cf2b2df3eac2eb2f82207... - Rework the test (sub)package: - it's been renamed into 'systemd-testsuite' - it includes the extended tests too - the relevant commits have been backported to SUSE/v249 so no SUSE specific patch is needed to run the extended tests (see below) - the deps needed by the extended tests have been added - Import commit 7f23815a706cf2b2df3eac2eb2f8220736b8f427 ad216581b6 test: if haveged is part of initrd it needs to be installed in the image too 088fbb71d0 test: adapt install_pam() for openSUSE 4d631c1f0c Revert "test: adapt TEST-13-NSPAWN-SMOKE for SUSE" ef956eb8a2 test: on openSUSE the static linked version of busybox is named "busybox-static" 6f7ce633b0 TEST-13-*: in busybox container sleep(1) takes a delay in seconds only 278baaa3ec test: don't try to find BUILD_DIR when NO_BUILD is set 3bba2f876a test: add support for NO_BUILD=1 on openSUSE d77cbc1b64 test: make busybox TEST-13-only dependency - Upgrade to v249.2 (commit c0bb2fcbc26f6aacde574656159504f263916719) See https://github.com/openSUSE/systemd/blob/SUSE/v249/NEWS for details. - Rebased 0002-rc-local-fix-ordering-startup-for-etc-init.d-boot.lo.patch 0012-resolved-create-etc-resolv.conf-symlink-at-runtime.patch ==== systemd-default-settings ==== Subpackages: systemd-default-settings-branding-SLE systemd-default-settings-branding-openSUSE - Import commit 6b8dde1d4f867aff713af6d6830510a84fad58d2 6b8dde1 Convert more drop-ins into early ones ==== systemsettings5 ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== sysuser-tools ==== - Add support for new shell field [bsc#1189518] ==== talloc ==== Version update (2.3.2 -> 2.3.3) Subpackages: libtalloc2 python3-talloc - Update to 2.3.3 + python: Ensure reference counts are properly incremented + Change pytalloc source to LGPL;(bso#9931); ==== threadweaver ==== Version update (5.85.0 -> 5.86.0) - Drop the unneeded baselibs.conf. - Update to 5.86.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.86.0 - No code change since 5.85.0 ==== tracker-miners ==== Version update (3.1.2 -> 3.1.3) Subpackages: tracker-miner-files - Update to version 3.1.3: + Fix issue with missing rpath in control daemon. + Add further newly used syscalls to seccomp + Updated translations. - Drop tracker-miner-control-rpath,patch: Fixed upstream. ==== transactional-update ==== Version update (3.5.1 -> 3.5.5) Subpackages: dracut-transactional-update libtukit0 transactional-update-zypp-config tukit - Version 3.5.5 - t-u: Use tukit for SUSEConnect call [bsc#1190574] Correctly registers repositories - Version 3.5.4 - tukit: Fix resolved support [boo#1190383] - Version 3.5.3 - t-u: Purge kernels as part of package operations Required for live patching support [bsc#1189728] - Version 3.5.2 - tukit: Fix overlay syncing errors with SELinux [bsc#1188648] - Don't print message for `shell` with --quiet [gh#openSUSE/transactional-update#69] ==== unzip ==== - Add patch to fix issue with some files being incorrectly detected as symlinks (boo#1190273) + unzip-initialize-the-symlink-flag.patch ==== util-linux ==== Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 - Remove the raw utility altogether, as it is not even built any more with glibc >=2.34. ==== util-linux-systemd ==== - Remove the raw utility altogether, as it is not even built any more with glibc >=2.34. - login.pamd: use pam_motd to unify motd handling [bsc#1185897]. Else motd snippets of e.g. cockpit will not be shown. ==== vim ==== Version update (8.2.3360 -> 8.2.3408) Subpackages: vim-data-common vim-small - Changed used terminal description in %check scriptlet from "linux" to "xterm" as the former does not map <S-Tab> to <ESC>[Z found by a fix in terminfo database of ncurses 6.2 patch 20210904 - Updated to version 8.2.3408, fixes the following problems * User function completion fails with dict function. * Vim9: crash with nested :while. * Buffer overflow when completing long tag name. * When :edit reuses the current buffer the alternate file is set to the same buffer. * Vim9: crash when :for is skipped. * Vim9: cannot use option for all operations. * Vim9: debugging elseif does not stop before condition. * Vim9: :@r executing a register is inconsistent. * Not all Racket files are recognized. * Auto formatting after "cw" leaves cursor in wrong spot. * Vim9: no check for white space before type in declaration. (Naohiro Ono) * Vim9: :$ENV cannot be followed by ->func() in next line. * line2byte() value wrong when adding a text property. (Yuto Kimura) * text property test fails on MS-Windows. * Pyret files are not recognized. * Using uninitialized memory. * Vim9: no warning that "@r" does not do anything. * Vim9: :disass completion does not understand "s:". * Crash when using NULL job. * Crash when using NULL string for funcref(). * Crash when using NULL list with sign functions. * Crash when getting the type of a NULL partial. * Vim9: completion for :disassemble adds parenthesis. * Cannot disable modeline for an individual file. * Escaping for fish shell does not work properly. * Using uninitialized memory. * Compiler warning for non-static function. * fnamemodify('path/..', ':p') differs from using 'path/../'. * Cannot stop insert mode completion without side effects. * Included xdiff code is outdated. * Crash with combination of 'linebreak' and other options. * augroup completion escapes regexp pattern characters. * Escaping for fish shell is skipping some characters. * Filler lines are wrong when changing text in diff mode. * Vim9: expression breakpoint not checked in :def function. * When libcall() fails invalid pointer may be used. * No test for what 8.2.3391 fixes. * Html text objects are not fully tested. * Octave files are not recognized. * ":z!" is not supported. * Vim9: cannot use a negative count with finddir() and findfile(). * Invalid memory access when using :retab with large value. * Memory leak for :retab with invalid argument. * Vim9: no error for white space before "(". * Cannot have a comment line in a {} block of a user command. * On some systems tests fail without _REENTRANT. (Elimar Riesebieter) * Using uninitialized memory with "let g:['bar'] = 2". * Can delete a numbered function. (Naohiro Ono) ==== vulkan-loader ==== Version update (1.2.182.0 -> 1.2.189.0) - Update to release SDK-1.2.189.0 * loader: Dont return OOM on function load failure * Deallocate the extension lists when deleting an item from layer list * Add layer and implementation-specific logging * Allow "icd" as well as "implem" for VK_LOADER_DEBUG * Fix Vulkan CTS testcase bug: "create_instance_device_intentional_alloc_fail" * loader: Fix accidental error propagation ==== webkit2gtk3 ==== Version update (2.32.3 -> 2.32.4) Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles - Update to version 2.32.4 (boo#1190701): + Do not append .asc extension to downloaded text/plain files. + Fix several crashes and rendering issues. + Security fixes: CVE-2021-30858. - Drop fix-lto.patch: fixed upstream. ==== wpebackend-fdo ==== Version update (1.8.0 -> 1.10.0) - Update to version 1.10.0: + Added API to query whether receiving rendered audio has been configured. + Added API to obtain the wl_resource for SHM exported buffers. + The CMake build system has been removed in favor of Meson. + Made it easier to override where Meson looks for wayland-scanner during cross-compilation, using a native machine file. + Fixed invalid usage of Wayland client connections in the nested compositor which caused sporadic crashes in certain conditions. + Fixed file descriptor and memory leaks. ==== xdg-desktop-portal ==== Version update (1.8.1 -> 1.10.0) - Update to version 1.10.0: + Remap /run/flatpak/app, for Flatpak 1.11.x + Remap /var/config and /var/data + permission-store: Avoid a crash + permissions-store: Add GetPermission + screencast: Add 'virtual' source type + openuri: Use real path for OpenDirectory + location: Fix accuracy levels + Add power profile monitor implementation + Updated translations. ==== xdg-desktop-portal-kde ==== Version update (5.22.4 -> 5.22.5) - Update to 5.22.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.22.5 - No code changes since 5.22.4 ==== xdg-utils ==== Version update (1.1.3+20200220 -> 1.1.3+20201113) - Update to version 1.1.3+20201113: * Fix xdg-settings support for default-web-browser for Plasma 5.19+ ==== xf86-input-libinput ==== Version update (1.1.0 -> 1.2.0) - Update to version 1.2.0 * This release introduces support for touchpad gestures that will be available as part of X server 21.1. Additionally high-resolution scrolling data is now acquired from libinput if available and sent downstream to X server. The default scroll distance has been bumped to 120 in the process, but this should not affect correctly written clients. ==== xkeyboard-config ==== - Remove obsolete translation-update-upstream support (jsc#SLE-21105). ==== xrdb ==== Version update (1.2.0 -> 1.2.1) - Update to version 1.2.1 * bugfix release ==== xwayland ==== - covers jira#SLE/SLE-18653 ==== yast2 ==== Version update (4.4.16 -> 4.4.20) - Fixed losing the current product and package selection during installation, caused by unnecessary reloading of repositories (bsc#1190228) - 4.4.20 - Added infrastructure for installing missing UI extension plug-ins (jsc#SLE-20346, jsc#SLE-20462) - 4.4.19 - Add Y2Issues::WithIssues mixin to make easier to work with a list of issues (needed for jsc#SLE-20563). - 4.4.18 - Mark systemd unit/service state "maintenance" as active (bsc#1190163) - 4.4.17 ==== zypper ==== Version update (1.14.48 -> 1.14.49) Subpackages: zypper-needs-restarting - Avoid calling 'su' to detect a too restrictive sudo user umask (bsc#1186602) - Fix typo in German translation (fixes #395) - BuildRequires: libzypp-devel >= 17.28.3. - version 1.14.49
participants (1)
-
Guillaume Gardet