Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
ImageMagick (7.1.1.18 -> 7.1.1.19)
bluez
filesystem
grub2
libXrandr (1.5.3 -> 1.5.4)
parted
python-cryptography (41.0.3 -> 41.0.4)
python-dnspython
python-urllib3 (2.0.4 -> 2.0.6)
sg3_utils (1.48~20221101+1.142dace -> 1.48+1.889c3e3)
shadow (4.14.0 -> 4.14.1)
systemd
=== Details ===
==== ImageMagick ====
Version update (7.1.1.18 -> 7.1.1.19)
Subpackages: ImageMagick-config-7-SUSE libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10
- version update to 7.1.1.19
* https://github.com/ImageMagick/Website/blob/main/ChangeLog.md
* fixes CVE-2023-5341 [bsc#1215939]
==== bluez ====
Subpackages: bluez-auto-enable-devices bluez-cups libbluetooth3
- Moved btmgmt to main rpm of bluez. (jsc#PED-6216)
==== filesystem ====
- Add /run/lock (boo#1212926)
- Remove /var/spool/mail (boo#1179574)
- Remove obsolete home dir check. The filesystem package is not
meant to contain home directories of random system users anymore
- Create ghost symlinks also in pretrans, needed to get /var/run as
link right away
==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi
- Add patch to fix reading files from btrfs with "implicit" holes:
* 0001-fs-btrfs-Zero-file-data-not-backed-by-extents.patch
- Update the TPM 2.0 patches to support more RSA and ECC algorithms
* 0002-tpm2-Add-TPM-Software-Stack-TSS.patch
* 0003-protectors-Add-TPM2-Key-Protector.patch
* 0005-util-grub-protect-Add-new-tool.patch
- Remove build require for gcc-32bit, target platform didn't rely on libgcc
function shipped with compiler but rather using functions supplied in grub
directly.
- Add BuildIgnore to break cycle with the branding package
==== libXrandr ====
Version update (1.5.3 -> 1.5.4)
- Update to version 1.5.4
This release fixes a bug where an invalid pointer (a pointer to the
middle of a buffer returned from malloc() instead of to the beginning
of the buffer) could be passed to free() when cleaning up after an
out-of-bounds output is found in the response from the X server to
XRRGetMonitors().
==== parted ====
Subpackages: libparted-fs-resize0 libparted2 parted-lang
- updated fatresize to version 0.2 which includes a man-page
removed patches:
- fatresize-fix-getting-dev-name.patch
==== python-cryptography ====
Version update (41.0.3 -> 41.0.4)
- update to 41.0.4:
* ~~~~~~~~~~~~~~~~~~~
* Updated Windows, macOS, and Linux wheels to be compiled with
OpenSSL 3.1.3.
* .. _v41-0-3:
==== python-dnspython ====
- Don't use curio.
==== python-urllib3 ====
Version update (2.0.4 -> 2.0.6)
- update to 2.0.6 (bsc#1215968, CVE-2023-43804):
* Added the Cookie header to the list of headers to strip from
requests when redirecting to a different host. As before, different
headers can be set via Retry.remove_headers_on_redirect
- 2.0.5:
* Allowed pyOpenSSL third-party module without any deprecation
warning. #3126
* Fixed default blocksize of HTTPConnection classes to match
high-level classes. Previously was 8KiB, now 16KiB. #3066
==== sg3_utils ====
Version update (1.48~20221101+1.142dace -> 1.48+1.889c3e3)
Subpackages: libsgutils2-1_48-2
- udev rules: allow kernel command line overrides with
"udev.scsi_id_serial_src=LTVS" and "udev.scsi_symlink_src=LTVS"
Try these boot parameters if your system fails to detect SCSI
devices after update to sg3_utils 1.48.
- dracut.conf: add 00-scsi-sg3_config.rules (jsc#PED-6226)
- spec file:
* fix build dependencies for regenerate_initrd_posttrans
(bsc#1215772)
* add missing rules file
- Update to version 1.48
* udev rules: new, configurable scheme for creating symlinks for SCSI devices
(jsc#PED-6226)
See description of ".SCSI_ID_SERIAL_SRC" /usr/lib/udev/55-scsi-sg3_id.rules
and .SCSI_SYMLINK_SRC in /usr/lib/udev/58-scsi_symlink.rules
* decoding utilities: add -j/--json[=JO] and --js-file=JFN options
* sg_sat_datetime: new tool to access date/time on ATA devices using a SAT layer
* sg_z_act_query: new tool for sending zone activate/query commands
* sg_rem_rest_elem: new tool for removing or restoring elements
* sg_write_attr: support for SPC "Write Attirbute" command (for tapes)
* sg_ses: swap meaning of -H and -HH, add json support, use e.g.
"0:2" for range indicator
* sg_rtpg: fix response truncation
* sg_decode_sense: add --nodecode option
* sg_logs: fix --list and -lll options
* sg_modes: improve handling of ZBC disks
* sg_inq: add version descriptors from SPC6r08, add --quiet option
* sg_vpd: add --sinq_inraw=RFN option
* sg_turs: add --timeout= and --ascq= options
* sg_requests: add --timeout= option
* sg_sat_read_gplog: add --smart and --ppt options
* sgp_dd and sgm_dd: add --progress option
* sg_dd: add support for accessing NVMe devices via passthrough
* Bug fixes and minor fixes
- _service: simplify version processing, as we have a clean upstream version again
==== shadow ====
Version update (4.14.0 -> 4.14.1)
Subpackages: libsubid4 login_defs
- Update to 4.14.1:
Build system: Merge libshadow and libmisc into a single libshadow.
This fixes problems in the linker, which were reported at least
in Gentoo. #791
- Add Alejandro Colomar (new stable branch maintainer) to shadow.keyring
==== systemd ====
Subpackages: libsystemd0 libudev1 systemd-coredump systemd-doc systemd-lang udev
- rpmlintrc: allow systemd-network and systemd-container sub-packages to ship
shared libs. These are actually NSS plugins and are not really subject to
shlib policy.
- Drop 5000-core-manager-run-generators-directly-when-we-are-in-.patch
Since dracut-059+suse.447.g9d1fc722, this workaround is not needed anymore.
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
AppStream
Mesa (23.2.0 -> 23.2.1)
Mesa-drivers (23.2.0 -> 23.2.1)
chrony
e2fsprogs
fde-tools
gdm
geoclue2 (2.7.0 -> 2.7.1)
glibc
icewm (3.4.0 -> 3.4.3)
javapackages-tools
ldb (2.7.2 -> 2.8.0)
libX11 (1.8.6 -> 1.8.7)
libXpm (3.5.16 -> 3.5.17)
libev
libnvme
libselinux
libsemanage
mpg123 (1.32.2 -> 1.32.3)
netcfg
nvme-cli
python-SQLAlchemy (2.0.19 -> 2.0.21)
python-greenlet (3.0.0~rc3 -> 3.0.0)
python-psutil
rubygem-nokogiri
rubygem-ruby-dbus (0.23.0.beta2 -> 0.23.1)
samba (4.18.6+git.320.cfda27bacb -> 4.19.0+git.306.19d2e214c58)
selinux-policy
srt (1.5.2 -> 1.5.3)
talloc (2.4.0 -> 2.4.1)
tdb (1.4.8 -> 1.4.9)
tevent (0.14.1 -> 0.15.0)
xdg-desktop-portal
xscreensaver (6.06 -> 6.07)
xterm (384 -> 385)
=== Details ===
==== AppStream ====
Subpackages: AppStream-lang libAppStreamQt2 libappstream4
- Enable vala support when building in SLE-15 SP6
- Fix condition in files section for the case where vala support
is disabled, where some files are being generated but were not
included
==== Mesa ====
Version update (23.2.0 -> 23.2.1)
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- Update to Mesa 23.2.1
* Mesa 23.2.1 is a new development release. People who are
concerned with stability and reliability should stick with a
previous release or wait for Mesa 23.2.2.
* Mesa 23.2.1 is an unusual first stable release due to the
accidentl tagging of 23.2.0 durring the rc cycle.
* Mesa 23.2.1 implements the OpenGL 4.6 API, but the version
reported by glGetString(GL_VERSION) or
glGetIntegerv(GL_MAJOR_VERSION) /
glGetIntegerv(GL_MINOR_VERSION) depends on the particular
driver being used. Some drivers don't support all the features
required in OpenGL 4.6. OpenGL 4.6 is **only** available if
requested at context creation. Compatibility contexts may
report a lower version depending on each driver.
* Mesa 23.2.1 implements the Vulkan 1.3 API, but the version
reported by the apiVersion property of the
VkPhysicalDeviceProperties struct depends on the particular
driver being used.
* More details in:
- -> https://gitlab.freedesktop.org/mesa/mesa/-/blob/23.2/docs/relnotes/23.2.1.r…
==== Mesa-drivers ====
Version update (23.2.0 -> 23.2.1)
Subpackages: Mesa-dri Mesa-gallium Mesa-libva
- Update to Mesa 23.2.1
* Mesa 23.2.1 is a new development release. People who are
concerned with stability and reliability should stick with a
previous release or wait for Mesa 23.2.2.
* Mesa 23.2.1 is an unusual first stable release due to the
accidentl tagging of 23.2.0 durring the rc cycle.
* Mesa 23.2.1 implements the OpenGL 4.6 API, but the version
reported by glGetString(GL_VERSION) or
glGetIntegerv(GL_MAJOR_VERSION) /
glGetIntegerv(GL_MINOR_VERSION) depends on the particular
driver being used. Some drivers don't support all the features
required in OpenGL 4.6. OpenGL 4.6 is **only** available if
requested at context creation. Compatibility contexts may
report a lower version depending on each driver.
* Mesa 23.2.1 implements the Vulkan 1.3 API, but the version
reported by the apiVersion property of the
VkPhysicalDeviceProperties struct depends on the particular
driver being used.
* More details in:
- -> https://gitlab.freedesktop.org/mesa/mesa/-/blob/23.2/docs/relnotes/23.2.1.r…
==== chrony ====
Subpackages: chrony-pool-openSUSE
- Use make quickcheck instead of make check to avoid >1h build
times and failures due to timeouts. This was the default before
3.2 but it changed to make tests more reliable. Here a seed is
already set to get deterministic execution.
==== e2fsprogs ====
Subpackages: libcom_err2 libext2fs2
- Update specfile to make sure regenerate_initrd_post macro is defined
==== fde-tools ====
- Add fde-tools-remove-redundant-2nd-pw-creation.patch to remove
the creation of the secondary password in 'add-secondary-key'
==== gdm ====
Subpackages: gdm-lang gdm-schema gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0
- Explicitly buildrequire /usr/bin/dbus-run-session: the
dbus package is being restructured to be usable with dbus-broker
and so far we just relied on implicit dependencies bringing this
in. Meson checks for it, so it is correct to BR it though.
==== geoclue2 ====
Version update (2.7.0 -> 2.7.1)
Subpackages: system-user-srvGeoClue typelib-1_0-Geoclue-2_0
- Update to version 2.7.1:
+ Add 'age' field to MLS locate queries
+ Location updates now always have an accuracy value
+ Improvements to NMEA parsing:
- Parse NMEA timestamps with sub-second accuracy
- Add default accuracy to NMEA RMC locations
- Ignore locations from GGA and RMC sentences if the GNSS fix
is not valid
+ Prioritize GNSS sources with a recent fix over other sources,
preventing location jumps
+ Install D-Bus policy in /usr/share, not /etc
+ Upgrade GLib / Gio dependency to version 2.68.0
+ Correct gi annotations in GClueSimple
+ Various small fixes
- Use ldconfig_scriptlets macro for post(un) handling.
==== glibc ====
Subpackages: glibc-extra glibc-lang glibc-locale glibc-locale-base nscd
- setxid-propagate-glibc-tunables.patch: Propagate GLIBC_TUNABLES in
setxid binaries
- tunables-string-parsing.patch: tunables: Terminate if end of input is
reached (CVE-2023-4911, bsc#1215501)
==== icewm ====
Version update (3.4.0 -> 3.4.3)
Subpackages: icewm-config-upstream icewm-default icewm-lang
- Update to version 3.4.3:
* New preference "TaskBarShowWindowTitles" for icon-only task buttons.
* New winoption "doNotManage" to workaround bugs in picom for plank.
* When a battery has no data about full charge, use the capacity.
* When cascading windows, include the border size in the displacement.
* Let icewmbg interpret command-line file arguments relative to $PWD.
* Add a -f,--fork option to icewmbg to detach it from the terminal.
* Fix the Window List Menu for #144.
* Fix restoring from fullscreen with F11 in chromium for #141.
* Support tabs in the Window List Menu.
* Control the terminal in icewm-menu-fdo by option or environment.
* Let icewm-menu-fdo use a list of default terminals to choose from.
- Drop unknown config options:
* --enable-guievents
* --enable-antialiasing
* --enable-gradients
* --enable-shaped-decorations
==== javapackages-tools ====
Subpackages: javapackages-filesystem
- Added patches:
* 0005-Interpolate-properties-also-in-the-current-artifact.patch
+ interpolate variables also in current artifactId, groupId and
version
* 0006-Test-variable-expansion-in-artifactId.patch
+ test previous changes
* 0007-Test-that-we-don-t-bomb-on-relativePath.patch
+ test gracious handling of empty <relativePath/> in parent
reference of a pom file
==== ldb ====
Version update (2.7.2 -> 2.8.0)
Subpackages: libldb2 python3-ldb
- Update to 2.8.0
* CVE-2023-0614 Not-secret but access controlled LDAP attributes can be discovered (bug 15270)
* pyldb: Raise an exception if ldb_dn_get_parent() fails
* Implement ldap_whoami in pyldb and add the RFC4532 LDB_EXTENDED_WHOAMI_OID definition
* Documentation and spelling fixes
* Add ldb_val -> bool,uint64,int64 parsing functions
* Split out ldb_val_as_dn() helper function
* add LDB_CHANGETYPE_MODRDN support to ldb_ldif_to_pyobject()
* add LDB_CHANGETYPE_DELETE support to ldb_ldif_to_pyobject()
* let ldb_ldif_parse_modrdn() handle names without 'rdn_name=' prefix
* Don't create error string if there is no error
* Avoid allocation and memcpy() for every wildcard match candidate
* Make ldb_msg_remove_attr O(n)
* pyldb: Throw error on invalid controls
* pyldb: remove py2 ifdefs
* Call tevent_set_max_debug_level(TEVENT_DEBUG_TRACE)
==== libX11 ====
Version update (1.8.6 -> 1.8.7)
Subpackages: libX11-6 libX11-data libX11-xcb1
- update to 1.8.7
This release contains fixes for the issues reported in security
advisory here:
https://lists.x.org/archives/xorg-announce/2023-October/003424.html
* fixes CVE-2023-43785 libX11: out-of-bounds memory access in
_XkbReadKeySyms() (boo#1215683)
* fixes CVE-2023-43786 libX11: stack exhaustion from infinite recursion
in PutSubImage() (boo#1215684)
* fixes CVE-2023-43787 libX11: integer overflow in XCreateImage()
leading to a heap overflow (boo#1215685)
along with:
* Fail XOpenDisplay() if server-provided default visual is invalid (!233)
* Bring XKB docs in line with actual implementation (!231, !228)
* Xutil.h: declare XEmptyRegion() and XEqualRegion() as Bool (!225)
* Assorted updates to en_US.UTF-8 compose keys (!213, !214, !215, !216,
!217, !219, !220, !222, !223, !226, !227, !229)
==== libXpm ====
Version update (3.5.16 -> 3.5.17)
- Update to 3.5.17
* This release contains fixes for the libXpm issues reported in
security advisory here:
https://lists.x.org/archives/xorg-announce/2023-October/003424.html
* fixes CVE-2023-43788 libXpm: out of bounds read in
XpmCreateXpmImageFromBuffer() (boo#1215686)
* fixes CVE-2023-43789 libXpm: out of bounds read on XPM with
corrupted colormap (boo#1215687)
==== libev ====
- run signify only on Factory
==== libnvme ====
Subpackages: libnvme-mi1 libnvme1
- Enable tests during build
- Set git version tag
- Drop unused make dependency
- Drop unencessary minimum version depedency on meson.
- Re-enable libdbus feature. Upstream defaults changed.
==== libselinux ====
Subpackages: libselinux1 selinux-tools
- Repair initrd libselinux check in selinux-ready
==== libsemanage ====
Subpackages: libsemanage-conf libsemanage2
- Remove build counter syncing for real
==== mpg123 ====
Version update (1.32.2 -> 1.32.3)
Subpackages: libmpg123-0 mpg123-openal
- Update to version 1.32.3
* libmpg123, libsyn123: always ifdef LFS_LARGEFILE_64 (not
just if)
* libsyn123: re-introduce _32 wrappers in addition to
suffix-less ones (regression from 1.31, bug 363)
==== netcfg ====
- Remove ftpusers, none of our ftp servers uses that anymore
- Remove defaultdomain, NIS got dropped
- Remove hosts.equiv and hosts.lpd, the tools using them got
dropped long ago.
==== nvme-cli ====
Subpackages: nvme-cli-bash-completion
- Enable test during build
- Drop minimum version meson dependency
- Add asciidoc dependency
- Build documentation when requested
==== python-SQLAlchemy ====
Version update (2.0.19 -> 2.0.21)
- Update to 2.0.21:
* Changes from 2.0.21:
https://docs.sqlalchemy.org/en/20/changelog/changelog_20.html#change-2.0.21
* Changes from 2.0.20:
https://docs.sqlalchemy.org/en/20/changelog/changelog_20.html#change-2.0.20
- Remove .gitignore files from source tree, removes all rpmlint
warnings.
==== python-greenlet ====
Version update (3.0.0~rc3 -> 3.0.0)
- Update to 3.0.0:
* No changes from 3.0rc3 aside from the version number.
- Ignore some slow and flaky tests
==== python-psutil ====
- Require /usr/bin/who only for suse_version > 1500: 15.X does not
provide it, but has it in coreutils.
- PEP517
- Clean up specfile from obsolete python2 stuff
==== rubygem-nokogiri ====
- Buildrequire openssl gem to fix building with Ruby 3.0
==== rubygem-ruby-dbus ====
Version update (0.23.0.beta2 -> 0.23.1)
- 0.23.1
API:
* Add DBus::Object.dbus_reader_attr_accessor to declare a common use case
with a single call (gh#mvidner/ruby-dbus#140).
* BusConnection#request_name defaults to the simple use case: single owner
without queuing, failing fast; documented the complex use cases.
==== samba ====
Version update (4.18.6+git.320.cfda27bacb -> 4.19.0+git.306.19d2e214c58)
Subpackages: libsamba-policy0-python3 samba-ad-dc-libs samba-client samba-client-libs samba-libs samba-libs-python3 samba-python3
- Update to 4.19.0
* File doesn't show when user doesn't have permission if
aio_pthread is loaded; (bso#15453).
* ctdb_killtcp fails to work with --enable-pcap and libpcap â¥
1.9.1; (bso#15451).
* Logging to stdout/stderr with DEBUG_SYSLOG_FORMAT_ALWAYS can
log to syslog; (bso#15460).
* âsamba-tool domain level raiseâ fails unless given a URL;
(bso#15458).
* reply_sesssetup_and_X() can dereference uninitialized tmp
pointer; (bso#15420).
* missing return in reply_exit_done(); (bso#15430).
* TREE_CONNECT without SETUP causes smbd to use uninitialized
pointer; (bso#15432).
* Avoid infinite loop in initial user sync with Azure AD
Connect when synchronising a large Samba AD domain;
(bso#15401).
* Samba replication logs show (null) DN; (bso#15407).
* 2-3min delays at reconnect with
smb2_validate_sequence_number: bad message_id 2; (bso#15346).
* DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED can't be parsed;
(bso#15446).
* CID 1539212 causes real issue when output contains only
newlines; (bso#15438).
* KDC encodes INT64 claims incorrectly; (bso#15452).
* mdssvc: Do an early talloc_free() in _mdssvc_open();
(bso#15449).
* Windows client join fails if a second container CN=System
exists somewhere; (bso#9959).
* regression DFS not working with widelinks = true;
(bso#15435).
* Heimdal fails to build on 32-bit FreeBSD; (bso#15443).
* samba-tool ntacl get segfault if aio_pthread appended;
(bso#15441).
==== selinux-policy ====
Subpackages: selinux-policy-targeted
- Use /var/adm/update-scripts in macros.selinux-policy. The rpm state
directory doesn't exist on SUSE systems (bsc#1213593)
- Modified update.sh to require first parameter "full" to also
update container-selinux. For maintenance updates you usually
don't want it to be updated
==== srt ====
Version update (1.5.2 -> 1.5.3)
- version update to 1.5.3
* New Features
- PR #2714: Added maximum BW limit for retransmissions. See SRTO_MAXREXMITBW.
* Important Bug Fixes
- PR #2632: Use overlapped WSASendTo to avoid UDP sending losses.
- PR #2766: Fixed spurious group read-ready epoll events.
- PR #2772: Fixed RCV buffer initialization in Rendezvous. â ï¸
- PR #2757: Fix memory leak on queuing connection initialization packets.
- PR #2745: Fix hang up on not enough space in the RCV buffer.
- PR #2740: Fix possible tsbpd() deadlock with processCtrlShutdown().
- PR #2692: Rejection not undertaken in rendezvous after KMX failure.
- PR #2774: Fix rendezvous connection mode when processing resulted in ACCEPT it was still sending rejection.
- PR #2778: Drop unencrypted packets in AES-GCM mode.
* Build
- PR #2779, #2780: Fix the build for targets without IP_ADD_SOURCE_MEMBERSHIP.
- PR #2784: Added missing public header files in Windows binary installer.
* Unit Tests
- PR #2681: Added custom main with transparent parameters.
* Documentation
- PR #2765: Updated the explicit information for binding to IPv6 wildcard.
- PR #2785: Fixed API doc: SRT_INVALID_SOCK
* https://github.com/Haivision/srt/releases/tag/v1.5.3
==== talloc ====
Version update (2.4.0 -> 2.4.1)
Subpackages: libtalloc2 python3-talloc
- Update to 2.4.1
* Remove remaining, but broken python2 support
* Spelling fixes
* Remove unneeded va_copy()
==== tdb ====
Version update (1.4.8 -> 1.4.9)
Subpackages: libtdb1 python3-tdb
- Update to 1.4.9
* Remove remaining, but broken python2 support
* Spelling fixes
* python: Safely clear structure members
==== tevent ====
Version update (0.14.1 -> 0.15.0)
Subpackages: libtevent0 python3-tevent
- Update to version 0.15.0
* remove py2 ifdefs
* python: Safely clear structure members
* the tevent_thread_call_depth API is updated
in order to allow better tracing.
* add tevent_set_max_debug_level() only and don't
pass TEVENT_DEBUG_TRACE to tevent_debug() callbacks by default.
* Spelling fixes
* Make use of epoll_create1() for epoll backend
* Optimize overhead in the epoll backend
==== xdg-desktop-portal ====
Subpackages: xdg-desktop-portal-lang
- Support building with meson 0.61.x used by SLE, where .pc files
in dataonly packages are installed to %_libdir unlike in
meson >= 0.62.0 where the default was changed to %_datadir.
==== xscreensaver ====
Version update (6.06 -> 6.07)
Subpackages: xscreensaver-data xscreensaver-lang
- update to 6.07:
* New hacks, droste, skulloop, papercube and cubocteversion
* xscreensaver-settings was sometimes turning off the DPMS
checkbox
* Log pid of caller of deactivate command, to give a hint about
who is preventing the screen from blanking
* Updates to sphereeversion.
* Added some new map sources to mapscroller.
* Various other minor bug fixes.
- leave a nice notice for a very angry upstream developer in
xscreensaver-disable-upgrade-nagging-message.patch
- drop xscreensaver-bsc1204744.patch, included upstream
==== xterm ====
Version update (384 -> 385)
Subpackages: xterm-bin xterm-resize
- update to 385:
* fixes for ReGIS (report by Ben Wong).
+ correct conversion from HLS to RGB
+ improve font-caching performance.
* update tables in wcwidth.c based on Unicode 15.1.0
* improve fastScroll resource:
+ suppress screen-refreshes for carriage-returns
+ add -jf option to simplify use of this resource.
+ add a control sequence for enabling/disabling the resource.
+ enable this feature by default
* extend title-stack feature to allow an additional parameter to
directly access the stack, like the XTPUSHCOLORS and XTPOPCOLORS
feature.
* correct size and position of box shown for double-cell character
which happens to be missing from the bitmap font (report by Peter
Fabinski).
* improved configure script:
+ add pattern for uClibc-ng to CF_XOPEN_SOURCE (report/patch by
Waldemar Brodkorb).
+ add configure options --with-utmp-path and --with-wtmp-path to
override configure script's check for utmp/wtmp pathnames
which are shown in the manual (Debian #1042767).
+ CF_XOPEN_SOURCE provides for defining _DEFAULT_SOURCE for
MinGW32 and MinGW64.
+ sed expression used to report gcc version now works with MinGW
* ensure that line-attributes are reset after drawing missing
character (report by Christian Weisgerber).
* update config.guess, config.sub
- rebased all patches
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
Mesa (23.1.8 -> 23.2.0)
Mesa-drivers (23.1.8 -> 23.2.0)
SDL2 (2.28.3 -> 2.28.4)
catatonit (0.1.7 -> 0.2.0)
container-selinux (2.215.0 -> 2.222.0)
crypto-policies (20230614.5f3458e -> 20230920.570ea89)
dLeyna (0.8.2 -> 0.8.3)
glib2
grub2
gtk4 (4.12.2 -> 4.12.3)
kbd (2.6.2 -> 2.6.3)
keylime (7.5.0 -> 7.6.0)
libblockdev (3.0.2 -> 3.0.3)
libdecor (0.1.1 -> 0.2.0)
libsigc++2 (2.12.0 -> 2.12.1)
libwebp
mozjs115 (115.2.1 -> 115.3.1)
qalculate (4.8.0 -> 4.8.1)
qpdf (11.6.0 -> 11.6.1)
qt6-base (6.5.2 -> 6.5.3)
qt6-declarative (6.5.2 -> 6.5.3)
qt6-imageformats (6.5.2 -> 6.5.3)
qt6-translations (6.5.2 -> 6.5.3)
qt6-wayland (6.5.2 -> 6.5.3)
screen (4.9.0 -> 4.9.1)
shadow
systemd (254.3 -> 254.5)
tracker-miners (3.6.0 -> 3.6.1)
webkit2gtk3 (2.42.0 -> 2.42.1)
webkit2gtk4 (2.42.0 -> 2.42.1)
xdg-dbus-proxy (0.1.4 -> 0.1.5)
yast2-trans (84.87.20230922.91d997adab -> 84.87.20230930.5f9e01162a)
=== Details ===
==== Mesa ====
Version update (23.1.8 -> 23.2.0)
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- Update to Mesa 23.2.0-rc4
- -> https://lists.freedesktop.org/archives/mesa-announce/2023-September/000731.…
- supersedes U_llvmpipe-only-include-old-Transform-includes-when-ne.patch
- disabled u_fix-build-on-ppc64le.patch (no longer needed?)
- adjusted n_drirc-disable-rgb10-for-chromium-on-amd.patch
==== Mesa-drivers ====
Version update (23.1.8 -> 23.2.0)
Subpackages: Mesa-dri Mesa-gallium Mesa-libva
- Update to Mesa 23.2.0-rc4
- -> https://lists.freedesktop.org/archives/mesa-announce/2023-September/000731.…
- supersedes U_llvmpipe-only-include-old-Transform-includes-when-ne.patch
- disabled u_fix-build-on-ppc64le.patch (no longer needed?)
- adjusted n_drirc-disable-rgb10-for-chromium-on-amd.patch
==== SDL2 ====
Version update (2.28.3 -> 2.28.4)
- Update to release 2.28.4
* Enable clipping for zero sized rectangles in the SDL renderer
* Notify X11 clipboard managers when the clipboard changes
* Fixed sensor timestamps for third-party PS5 controllers
* Added detection for Logitech and Simagic racing wheels
==== catatonit ====
Version update (0.1.7 -> 0.2.0)
- Update to catatonit v0.2.0.
* Change license to GPL-2.0-or-later.
- Remove upstreamed patches:
- 99bb9048f.patch
==== container-selinux ====
Version update (2.215.0 -> 2.222.0)
- Update to version 2.222:
* Allow containers to read/write inherited dri devices
- Update to version 2.221:
* Allow containers to shutdown sockets inherited from container
runtimes
* Allow spc_t to use execmod libraries on container file systems
* Add boolean to allow containers to read all cert files
* More MLS Policy allow rules
* Allow container runtimes using pasta bind icmp_socket to port_t
* Fix spc_t transitions from container_runtime_domain
==== crypto-policies ====
Version update (20230614.5f3458e -> 20230920.570ea89)
Subpackages: crypto-policies-scripts
- nss: Skip the NSS policy check if the mozilla-nss-tools package
is not installed. This avoids adding more dependencies in ring0.
* Add crypto-policies-nss.patch [bsc#1211301]
- Update to version 20230920.570ea89:
* fips-mode-setup: more thorough --disable, still unsupported
* FIPS:OSPP: tighten beyond reason for OSPP 4.3
* krb5: sort enctypes mac-first, cipher-second, prioritize SHA-2 ones
* openssl: implement relaxing EMS in FIPS (NO-ENFORCE-EMS)
* gnutls: prepare for tls-session-hash option coming
* nss: prepare for TLS-REQUIRE-EMS option coming
* NO-ENFORCE-EMS: add subpolicy
* FIPS: set __ems = ENFORCE
* cryptopolicies: add enums and __ems tri-state
* docs: replace `FIPS 140-2` with just `FIPS 140`
* .gitlab-ci: remove forcing OPENSSH_MIN_RSA_SIZE
* cryptopolicies: add comments on dunder options
* nss: retire NSS_OLD and replace with NSS_LAX 3.80 check
* BSI: start a BSI TR 02102 policy [jsc#PED-4933]
* Rebase patches:
- crypto-policies-policygenerators.patch
- crypto-policies-revert-rh-allow-sha1-signatures.patch
- crypto-policies-FIPS.patch
- Conditionally recommend the crypto-policies-scripts package
when python is not installed in the system [bsc#1215201]
==== dLeyna ====
Version update (0.8.2 -> 0.8.3)
- Update to version 0.8.3:
+ Build: Fix compatibility with Meson 1.2
+ Renderer: Fix locale initialization
+ Server:
- Fix locate initialization
- Fix uninitialized variable warning
- Properly handle optional actions
- Fix browse not working properly
- Drop 61d24fdc.patch: Fixed upstream.
- Change compression of tarball in service and spec to zst from xz.
==== glib2 ====
Subpackages: glib2-lang glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 libgthread-2_0-0
- Fix NetworkManager crashing repeatedly with glib 2.78.0;
(bsc#1215709); Add patch 0005-gthreadedresolver-Fix-race.patch
==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi
- Only build with fde-tpm-helper-rpm-macros for the architectures
supporting the newer UEFI and TPM 2.0.
* Also correct the location of %fde_tpm_update_requires
- Fix a boot delay regression in PowerPC PXE boot (bsc#1201300)
* 0001-ieee1275-ofdisk-retry-on-open-and-read-failure.patch
- Add the new BuildRequires for EFI builds for the better FDE
support: fde-tpm-helper-rpm-macros
+ Also add the the macros to %post and %posttrans
- Correct the type of allocated EFI pages for ARM64 kernel (bsc#1215151)
* arm64-Use-proper-memory-type-for-kernel-allocation.patch
==== gtk4 ====
Version update (4.12.2 -> 4.12.3)
Subpackages: gtk4-lang gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0
- Update to version 4.12.3:
+ GtkWindow: Don't assume titlebars are GtkHeaderBar
+ GtkTreeView: Fix a crash in gtk_tree_view_is_blank_at_pos
+ printing: Fix some issues with the portal implementation
+ GSK:
- Some optimizations in the GL renderer
- Fix memory leaks in the Broadway renderer
+ demos: Fix a crash in gtk4-demo
+ Updated translations.
==== kbd ====
Version update (2.6.2 -> 2.6.3)
Subpackages: kbd-legacy
- Update to version 2.6.3:
- libkfont:
* Don't look for fonts in the current directory.
- showkey:
* Add parameter to allow to change timeout.
- po:
* Update po files.
==== keylime ====
Version update (7.5.0 -> 7.6.0)
Subpackages: keylime-config keylime-firewalld keylime-logrotate keylime-registrar keylime-tenant keylime-tpm_cert_store keylime-verifier python311-keylime
- Update to version v7.6.0:
* Monthly release (7.6.0)
* test-requirements: remove types-atomicwrites
* Fixed an inappropriate test expression to remove a logical short circuit
* remove prov_db_filename from config
* Fix for key parse error in tpm2_objects
* Fix mapping.json path in the comments
* ima: Emit a warning when a file signature could not be parsed
* Initial PR to add support for IDevID and IAK
* Implement automatic agent API version bump
* tests: avoid fail when epel-release is installed
- M2Crypto is not used anymore.
- Clean up SPEC file.
==== libblockdev ====
Version update (3.0.2 -> 3.0.3)
Subpackages: libbd_btrfs3 libbd_crypto3 libbd_fs3 libbd_loop3 libbd_lvm3 libbd_mdraid3 libbd_nvme3 libbd_part3 libbd_swap3 libbd_utils3 libblockdev3
- Update to version 3.0.3:
* Always use "--fs ignore" with lvresize
* nvme:
- Use interim buffer for nvme_get_log_sanitize()
- Generate HostID when missing
* tests:
- Specificy required versions when importing GLib and BlockDev
introspection
- Minor NVMe HostNQN fixes
- Replace deprecated unittest assert calls
* fs:
- Fix leaking directories with temporary mounts
- Fix memory leak
* crypto: Correctly convert passphrases from Python to C
==== libdecor ====
Version update (0.1.1 -> 0.2.0)
Subpackages: libdecor-0-0
- Update to version 0.2.0:
* Various bug and leak fixes.
* New gtk plugin.
- Update URL and source to new home.
- Add pkgconfig(gtk-3.0) BuildRequires, new dependency.
- Use ldconfig_scriptlets macro for post(un) handling.
==== libsigc++2 ====
Version update (2.12.0 -> 2.12.1)
- Update to version 2.12.1:
+ Documentation:
- slot, signal: Describe the slot<void(int)> syntax more
- connection: Improve the class documentation
- Improve Visual Studio build documentation
- Remove AUTHORS and add general information to README.md
+ Build:
- Meson:
. Don't copy files with configure_file()
. Fix the evaluation of is_git_build on Windows
- Visual Studio: Support static builds
- Use ldconfig_scriptlets macro for post(un) handling.
- Update URL to new home.
==== libwebp ====
Subpackages: libsharpyuv0 libwebp7 libwebpdemux2 libwebpmux3
- Add 0001-Fix-invalid-incremental-decoding-check.patch
A fuzzing finding fixed in the SLE/Leap updates
==== mozjs115 ====
Version update (115.2.1 -> 115.3.1)
- Update to version 115.3.1:
+ Security fix: CVE-2023-5217: Heap buffer overflow in libvpx.
- Changes from version 115.3.0:
+ Various security fixes and other quality improvements.
+ CVE-2023-5168: Out-of-bounds write in FilterNodeD2D1
+ CVE-2023-5169: Out-of-bounds write in PathOps
+ CVE-2023-5171: Use-after-free in Ion Compiler
+ CVE-2023-5174: Double-free in process spawning on Windows
+ CVE-2023-5176: Memory safety bugs fixed in Firefox 118, Firefox
ESR 115.3, and Thunderbird 115.3
==== qalculate ====
Version update (4.8.0 -> 4.8.1)
Subpackages: libqalculate22 qalculate-data
- version update to 4.8.1
* Fix besselj() and bessely()
* Fix display of matrices and vectors with complex number form other than
rectangular (default)
* Fix conflict between decibel units (e.g. "0dB") and duodecimal 0d⦠syntax
(now requires at least two digits)
* Fixes for title options in plot() function
* Add additional buttons and button menus to general keypad (Qt)
* Add option to show all functions, units, and variables in tool button
menus (Qt)
* Add recently used objects to functions, units, and variables menus (Qt)
* Add option to bypass dialog for functions in menu (Qt)
* Add option, in context menu, to display text for tool buttons (Qt)
* Open functions, units, and variables tool button menus using long-press
or right-click (in addition to arrow button), and add keyboard shortcuts (Qt)
* Use keypad tool button menu as context menu and show keypad type in
title bar of keypad (Qt)
* Auto-update number bases above programming keypad when entering simple
integers, even if calculate-as-you-type is deactivated (GTK)
==== qpdf ====
Version update (11.6.0 -> 11.6.1)
- version update to 11.6.1
* Bug fixes:
- Fix a logic error introduced in 11.6.0 in the fix to copyForeignObject.
The bug could result in some pages not being copied.
==== qt6-base ====
Version update (6.5.2 -> 6.5.3)
Subpackages: libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6Sql6 libQt6Test6 libQt6Widgets6 qt6-network-tls qt6-platformtheme-gtk3
- Update to 6.5.3
* https://www.qt.io/blog/qt-6.5.3-released
- Drop patch, merged upstream:
* CVE-2023-38197-qtbase-6.5.diff
- Enable the experimental native painting feature to improve
remote desktop performances (boo#1214915)
exporting QT_XCB_NATIVE_PAINTING is required to use the feature.
==== qt6-declarative ====
Version update (6.5.2 -> 6.5.3)
Subpackages: libQt6LabsAnimation6 libQt6LabsFolderListModel6 libQt6LabsQmlModels6 libQt6LabsSettings6 libQt6LabsSharedImage6 libQt6LabsWavefrontMesh6 libQt6Qml6 libQt6QmlCore6 libQt6QmlLocalStorage6 libQt6QmlModels6 libQt6QmlWorkerScript6 libQt6QmlXmlListModel6 libQt6Quick6 libQt6QuickControls2-6 libQt6QuickControls2Impl6 libQt6QuickDialogs2-6 libQt6QuickDialogs2QuickImpl6 libQt6QuickDialogs2Utils6 libQt6QuickEffects6 libQt6QuickLayouts6 libQt6QuickParticles6 libQt6QuickShapes6 libQt6QuickTemplates2-6 libQt6QuickTest6 qt6-declarative-imports
- Update to 6.5.3
* https://www.qt.io/blog/qt-6.5.3-released
==== qt6-imageformats ====
Version update (6.5.2 -> 6.5.3)
- Update to 6.5.3
* https://www.qt.io/blog/qt-6.5.3-released
==== qt6-translations ====
Version update (6.5.2 -> 6.5.3)
- Update to 6.5.3
* https://www.qt.io/blog/qt-6.5.3-released
==== qt6-wayland ====
Version update (6.5.2 -> 6.5.3)
Subpackages: libQt6WaylandClient6 libQt6WaylandCompositor6 libQt6WaylandEglClientHwIntegration6 libQt6WaylandEglCompositorHwIntegration6 libQt6WlShellIntegration6
- Update to 6.5.3
* https://www.qt.io/blog/qt-6.5.3-released
==== screen ====
Version update (4.9.0 -> 4.9.1)
- update to 4.9.1 (bsc#1210272, CVE-2023-24626):
* Support stop/parity bits on serial port
* Add needed system headers in checks and return values
for implicit function declarations
* Avoid zombies after shell exit
* Missed signal sending permission check on failed
query messages (CVE-2023-24626)
* manpage fixes
* source code fixes during cleanup
* UTF-8 encoding can emit invalid UTF-8 sequences
* for out of range unicode values
==== shadow ====
Subpackages: libsubid4 login_defs
- Add shadow-4.14.0-selinux-labels.patch:
Set proper SELinux labels for new homedirs.
See gh/shadow-maint/shadow#812.
==== systemd ====
Version update (254.3 -> 254.5)
Subpackages: libsystemd0 libudev1 systemd-coredump systemd-doc systemd-lang udev
- Import commit 9674bb256205e6c643feadbcccfd1ee8feeee684 (merge of v254.5)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/6ed5b11298005e07509832881a0c5ff…
- Make sure to call %sysusers_create only when transfiletrigger is disabled.
- systemd.spec: switch to %ldconfig_scriptlets
- systemd.spec: add `%tmpfiles_create systemd-resolve`
It's only needed by SLE distros since systemd packages rely on
transtriggerfiles in Factory.
- Import commit 6ed5b11298005e07509832881a0c5ff1a80bf225 (merge of v254.4)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/b6b4e5a8a82d1f13f265a4ef170f2d1…
==== tracker-miners ====
Version update (3.6.0 -> 3.6.1)
Subpackages: tracker-miner-files tracker-miners-lang
- Update to version 3.6.1:
+ Avoid the special thread in tracker-extract-3, and extend the
seccomp jail to the full process.
+ Updated translations.
- Add a tracker_basever define, and set it to 3.6. We have a hard
Requires on what tracker version is needed and it is currently
set at the same or newer version, change this to tracker_basever
(tracker-miners have never been at a higher patch version
before).
==== webkit2gtk3 ====
Version update (2.42.0 -> 2.42.1)
Subpackages: WebKitGTK-4.1-lang libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles
- Update to version 2.42.1:
+ Fix enable-html5-database setting to properly enable/disable
IndexedDB API.
+ Fix the build with GBM disabled.
+ Fix several crashes and rendering issues.
- switch to pkgconfig(icu-i18n) instead of libicu-devel, to allow
switching to a different libicu*-devel (jsc#PED-6193)
==== webkit2gtk4 ====
Version update (2.42.0 -> 2.42.1)
Subpackages: WebKitGTK-6.0-lang libjavascriptcoregtk6_0-1 libwebkitgtk6_0-4 webkitgtk-6_0-injected-bundles
- Update to version 2.42.1:
+ Fix enable-html5-database setting to properly enable/disable
IndexedDB API.
+ Fix the build with GBM disabled.
+ Fix several crashes and rendering issues.
- switch to pkgconfig(icu-i18n) instead of libicu-devel, to allow
switching to a different libicu*-devel (jsc#PED-6193)
==== xdg-dbus-proxy ====
Version update (0.1.4 -> 0.1.5)
- Update to version 0.1.5:
+ Fix handling of object paths > 255 bytes
+ Print better errors when message parsing fails
+ Optionally install tests for "as-installed" testing
==== yast2-trans ====
Version update (84.87.20230922.91d997adab -> 84.87.20230930.5f9e01162a)
Subpackages: yast2-trans-cs yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-fr yast2-trans-hu yast2-trans-it yast2-trans-ja yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ru yast2-trans-zh_CN yast2-trans-zh_TW
- Update to version 84.87.20230930.5f9e01162a:
* Translated using Weblate (Italian)
* Translated using Weblate (Italian)
* Translated using Weblate (Italian)
* Translated using Weblate (Italian)
* Translated using Weblate (Italian)
* Translated using Weblate (Italian)
* Translated using Weblate (Spanish)
* Translated using Weblate (Spanish)
* Translated using Weblate (Spanish)
* Translated using Weblate (Spanish)
* New POT for text domain 'storage'.
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
Mesa (23.1.8 -> 23.2.0)
Mesa-drivers (23.1.8 -> 23.2.0)
catatonit (0.1.7 -> 0.2.0)
dLeyna (0.8.2 -> 0.8.3)
gtk4 (4.12.2 -> 4.12.3)
keylime (7.5.0 -> 7.6.0)
libsigc++2 (2.12.0 -> 2.12.1)
mozjs115 (115.2.1 -> 115.3.1)
qalculate (4.8.0 -> 4.8.1)
qpdf (11.6.0 -> 11.6.1)
tracker-miners (3.6.0 -> 3.6.1)
webkit2gtk3 (2.42.0 -> 2.42.1)
webkit2gtk4 (2.42.0 -> 2.42.1)
xdg-dbus-proxy (0.1.4 -> 0.1.5)
=== Details ===
==== Mesa ====
Version update (23.1.8 -> 23.2.0)
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- Update to Mesa 23.2.0-rc4
- -> https://lists.freedesktop.org/archives/mesa-announce/2023-September/000731.…
- supersedes U_llvmpipe-only-include-old-Transform-includes-when-ne.patch
- disabled u_fix-build-on-ppc64le.patch (no longer needed?)
- adjusted n_drirc-disable-rgb10-for-chromium-on-amd.patch
==== Mesa-drivers ====
Version update (23.1.8 -> 23.2.0)
Subpackages: Mesa-dri Mesa-gallium Mesa-libva
- Update to Mesa 23.2.0-rc4
- -> https://lists.freedesktop.org/archives/mesa-announce/2023-September/000731.…
- supersedes U_llvmpipe-only-include-old-Transform-includes-when-ne.patch
- disabled u_fix-build-on-ppc64le.patch (no longer needed?)
- adjusted n_drirc-disable-rgb10-for-chromium-on-amd.patch
==== catatonit ====
Version update (0.1.7 -> 0.2.0)
- Update to catatonit v0.2.0.
* Change license to GPL-2.0-or-later.
- Remove upstreamed patches:
- 99bb9048f.patch
==== dLeyna ====
Version update (0.8.2 -> 0.8.3)
- Update to version 0.8.3:
+ Build: Fix compatibility with Meson 1.2
+ Renderer: Fix locale initialization
+ Server:
- Fix locate initialization
- Fix uninitialized variable warning
- Properly handle optional actions
- Fix browse not working properly
- Drop 61d24fdc.patch: Fixed upstream.
- Change compression of tarball in service and spec to zst from xz.
==== gtk4 ====
Version update (4.12.2 -> 4.12.3)
Subpackages: gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0
- Update to version 4.12.3:
+ GtkWindow: Don't assume titlebars are GtkHeaderBar
+ GtkTreeView: Fix a crash in gtk_tree_view_is_blank_at_pos
+ printing: Fix some issues with the portal implementation
+ GSK:
- Some optimizations in the GL renderer
- Fix memory leaks in the Broadway renderer
+ demos: Fix a crash in gtk4-demo
+ Updated translations.
==== keylime ====
Version update (7.5.0 -> 7.6.0)
Subpackages: keylime-config keylime-firewalld keylime-logrotate keylime-registrar keylime-tenant keylime-tpm_cert_store keylime-verifier python311-keylime
- Update to version v7.6.0:
* Monthly release (7.6.0)
* test-requirements: remove types-atomicwrites
* Fixed an inappropriate test expression to remove a logical short circuit
* remove prov_db_filename from config
* Fix for key parse error in tpm2_objects
* Fix mapping.json path in the comments
* ima: Emit a warning when a file signature could not be parsed
* Initial PR to add support for IDevID and IAK
* Implement automatic agent API version bump
* tests: avoid fail when epel-release is installed
- M2Crypto is not used anymore.
- Clean up SPEC file.
==== libsigc++2 ====
Version update (2.12.0 -> 2.12.1)
- Update to version 2.12.1:
+ Documentation:
- slot, signal: Describe the slot<void(int)> syntax more
- connection: Improve the class documentation
- Improve Visual Studio build documentation
- Remove AUTHORS and add general information to README.md
+ Build:
- Meson:
. Don't copy files with configure_file()
. Fix the evaluation of is_git_build on Windows
- Visual Studio: Support static builds
- Use ldconfig_scriptlets macro for post(un) handling.
- Update URL to new home.
==== mozjs115 ====
Version update (115.2.1 -> 115.3.1)
- Update to version 115.3.1:
+ Security fix: CVE-2023-5217: Heap buffer overflow in libvpx.
- Changes from version 115.3.0:
+ Various security fixes and other quality improvements.
+ CVE-2023-5168: Out-of-bounds write in FilterNodeD2D1
+ CVE-2023-5169: Out-of-bounds write in PathOps
+ CVE-2023-5171: Use-after-free in Ion Compiler
+ CVE-2023-5174: Double-free in process spawning on Windows
+ CVE-2023-5176: Memory safety bugs fixed in Firefox 118, Firefox
ESR 115.3, and Thunderbird 115.3
==== qalculate ====
Version update (4.8.0 -> 4.8.1)
Subpackages: libqalculate22 qalculate-data
- version update to 4.8.1
* Fix besselj() and bessely()
* Fix display of matrices and vectors with complex number form other than
rectangular (default)
* Fix conflict between decibel units (e.g. "0dB") and duodecimal 0d⦠syntax
(now requires at least two digits)
* Fixes for title options in plot() function
* Add additional buttons and button menus to general keypad (Qt)
* Add option to show all functions, units, and variables in tool button
menus (Qt)
* Add recently used objects to functions, units, and variables menus (Qt)
* Add option to bypass dialog for functions in menu (Qt)
* Add option, in context menu, to display text for tool buttons (Qt)
* Open functions, units, and variables tool button menus using long-press
or right-click (in addition to arrow button), and add keyboard shortcuts (Qt)
* Use keypad tool button menu as context menu and show keypad type in
title bar of keypad (Qt)
* Auto-update number bases above programming keypad when entering simple
integers, even if calculate-as-you-type is deactivated (GTK)
==== qpdf ====
Version update (11.6.0 -> 11.6.1)
- version update to 11.6.1
* Bug fixes:
- Fix a logic error introduced in 11.6.0 in the fix to copyForeignObject.
The bug could result in some pages not being copied.
==== tracker-miners ====
Version update (3.6.0 -> 3.6.1)
Subpackages: tracker-miner-files
- Update to version 3.6.1:
+ Avoid the special thread in tracker-extract-3, and extend the
seccomp jail to the full process.
+ Updated translations.
- Add a tracker_basever define, and set it to 3.6. We have a hard
Requires on what tracker version is needed and it is currently
set at the same or newer version, change this to tracker_basever
(tracker-miners have never been at a higher patch version
before).
==== webkit2gtk3 ====
Version update (2.42.0 -> 2.42.1)
Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles
- Update to version 2.42.1:
+ Fix enable-html5-database setting to properly enable/disable
IndexedDB API.
+ Fix the build with GBM disabled.
+ Fix several crashes and rendering issues.
- switch to pkgconfig(icu-i18n) instead of libicu-devel, to allow
switching to a different libicu*-devel (jsc#PED-6193)
==== webkit2gtk4 ====
Version update (2.42.0 -> 2.42.1)
Subpackages: libjavascriptcoregtk6_0-1 libwebkitgtk6_0-4 webkitgtk-6_0-injected-bundles
- Update to version 2.42.1:
+ Fix enable-html5-database setting to properly enable/disable
IndexedDB API.
+ Fix the build with GBM disabled.
+ Fix several crashes and rendering issues.
- switch to pkgconfig(icu-i18n) instead of libicu-devel, to allow
switching to a different libicu*-devel (jsc#PED-6193)
==== xdg-dbus-proxy ====
Version update (0.1.4 -> 0.1.5)
- Update to version 0.1.5:
+ Fix handling of object paths > 255 bytes
+ Print better errors when message parsing fails
+ Optionally install tests for "as-installed" testing
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
ImageMagick (7.1.1.17 -> 7.1.1.18)
conmon
container-selinux (2.215.0 -> 2.222.0)
crypto-policies (20230614.5f3458e -> 20230920.570ea89)
glib2
grub2
kbd (2.6.2 -> 2.6.3)
libblockdev (3.0.2 -> 3.0.3)
libdecor (0.1.1 -> 0.2.0)
libnvme (1.4 -> 1.6)
libwebp
nvme-cli (2.4 -> 2.6)
pam-config (2.8 -> 2.9)
podman (4.6.2 -> 4.7.0)
poppler
poppler-qt5
screen (4.9.0 -> 4.9.1)
shadow
suse-module-tools (16.0.35 -> 16.0.36)
systemd (254.3 -> 254.5)
xdg-desktop-portal-kde
xdg-utils (1.1.3+20230831 -> 1.2.0~beta1+20230929)
=== Details ===
==== ImageMagick ====
Version update (7.1.1.17 -> 7.1.1.18)
Subpackages: ImageMagick-config-7-SUSE libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10
- version update to 7.1.1.18
* upstream changelog:
https://github.com/ImageMagick/Website/blob/main/ChangeLog.md
==== conmon ====
- go 1.19 EOL, swith to go >= 1.20
* [bsc#1215806]
==== container-selinux ====
Version update (2.215.0 -> 2.222.0)
- Update to version 2.222:
* Allow containers to read/write inherited dri devices
- Update to version 2.221:
* Allow containers to shutdown sockets inherited from container
runtimes
* Allow spc_t to use execmod libraries on container file systems
* Add boolean to allow containers to read all cert files
* More MLS Policy allow rules
* Allow container runtimes using pasta bind icmp_socket to port_t
* Fix spc_t transitions from container_runtime_domain
==== crypto-policies ====
Version update (20230614.5f3458e -> 20230920.570ea89)
Subpackages: crypto-policies-scripts
- nss: Skip the NSS policy check if the mozilla-nss-tools package
is not installed. This avoids adding more dependencies in ring0.
* Add crypto-policies-nss.patch [bsc#1211301]
- Update to version 20230920.570ea89:
* fips-mode-setup: more thorough --disable, still unsupported
* FIPS:OSPP: tighten beyond reason for OSPP 4.3
* krb5: sort enctypes mac-first, cipher-second, prioritize SHA-2 ones
* openssl: implement relaxing EMS in FIPS (NO-ENFORCE-EMS)
* gnutls: prepare for tls-session-hash option coming
* nss: prepare for TLS-REQUIRE-EMS option coming
* NO-ENFORCE-EMS: add subpolicy
* FIPS: set __ems = ENFORCE
* cryptopolicies: add enums and __ems tri-state
* docs: replace `FIPS 140-2` with just `FIPS 140`
* .gitlab-ci: remove forcing OPENSSH_MIN_RSA_SIZE
* cryptopolicies: add comments on dunder options
* nss: retire NSS_OLD and replace with NSS_LAX 3.80 check
* BSI: start a BSI TR 02102 policy [jsc#PED-4933]
* Rebase patches:
- crypto-policies-policygenerators.patch
- crypto-policies-revert-rh-allow-sha1-signatures.patch
- crypto-policies-FIPS.patch
- Conditionally recommend the crypto-policies-scripts package
when python is not installed in the system [bsc#1215201]
==== glib2 ====
Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0
- Fix NetworkManager crashing repeatedly with glib 2.78.0;
(bsc#1215709); Add patch 0005-gthreadedresolver-Fix-race.patch
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin
- Only build with fde-tpm-helper-rpm-macros for the architectures
supporting the newer UEFI and TPM 2.0.
* Also correct the location of %fde_tpm_update_requires
- Fix a boot delay regression in PowerPC PXE boot (bsc#1201300)
* 0001-ieee1275-ofdisk-retry-on-open-and-read-failure.patch
- Add the new BuildRequires for EFI builds for the better FDE
support: fde-tpm-helper-rpm-macros
+ Also add the the macros to %post and %posttrans
- Correct the type of allocated EFI pages for ARM64 kernel (bsc#1215151)
* arm64-Use-proper-memory-type-for-kernel-allocation.patch
==== kbd ====
Version update (2.6.2 -> 2.6.3)
Subpackages: kbd-legacy
- Update to version 2.6.3:
- libkfont:
* Don't look for fonts in the current directory.
- showkey:
* Add parameter to allow to change timeout.
- po:
* Update po files.
==== libblockdev ====
Version update (3.0.2 -> 3.0.3)
Subpackages: libbd_btrfs3 libbd_crypto3 libbd_fs3 libbd_loop3 libbd_lvm3 libbd_mdraid3 libbd_nvme3 libbd_part3 libbd_swap3 libbd_utils3 libblockdev3
- Update to version 3.0.3:
* Always use "--fs ignore" with lvresize
* nvme:
- Use interim buffer for nvme_get_log_sanitize()
- Generate HostID when missing
* tests:
- Specificy required versions when importing GLib and BlockDev
introspection
- Minor NVMe HostNQN fixes
- Replace deprecated unittest assert calls
* fs:
- Fix leaking directories with temporary mounts
- Fix memory leak
* crypto: Correctly convert passphrases from Python to C
==== libdecor ====
Version update (0.1.1 -> 0.2.0)
Subpackages: libdecor-0-0
- Update to version 0.2.0:
* Various bug and leak fixes.
* New gtk plugin.
- Update URL and source to new home.
- Add pkgconfig(gtk-3.0) BuildRequires, new dependency.
- Use ldconfig_scriptlets macro for post(un) handling.
==== libnvme ====
Version update (1.4 -> 1.6)
Subpackages: libnvme-mi1 libnvme1
- Update to version 1.6:
* docs: Fix Read-the-Docs configuration (deprecated config param)
* mi-mctp: Fix free() in error path of mi_open_mctp
* types: Use NVME_SET for status type mask to get status value
* types: Define FLBAS MASK and SHIFT to use NVME_GET
* types: Support Phy Rx Eye Opening Measurement Log
* log: Add nvme root global variable to set for default output
* types: Add support for the OAQD ID controller field
* test: use non deprecated API
* test: add tests for Get/Set Features functions
* ioctl: implement nvme_set_features_lba_range()
* ioctl: pass NSID in Get/Set Features commands that use it
* ioctl: fix swapped parameters in nvme_set_features_host_id()
* ioctl: export nvme_{g,s}et_features_iocs_profile()
* ioctl: pass ENDGID in nvme_get_features_endurance_event_cfg()
* ioctl: don't set SAVE bit on unsaveable features
* ioctl: avoid sending uninitialized timestamp
* ioctl: pass data for Get/Set Features commands
* ioctl: set correct bits in Set Features commands
* ioctl: correct feature IDs in Get/Set Features commands
* tree: Add 2 new public functions to lookup existing controllers
* ioctl: Add debugging feature to show command outputs
* Fix incorrect article 'an' as 'a' to use for a description
* linux: Added functions to enable faster telemetry data retrieval. Moved telemetry data area support detection into separate function. Added possibility to modify data transfer chunk size. Enable telemetry extraction up to specified data area. Removed some printf() and perror().
* test: account for discovery log page entry stripping
* fabrics: unconditionally strip discovery entry strings
* fabrics: only look for spaces in strchomp()
* tree: Use early return instead of else statements
* test: fix lookup test case
* test: make all function static
* test: add tests for new tcp controller matching algorithm
* tree: Improve TCP controller matching algorithm
* util: Add functions to parse the system's interfaces
* types: Add support for EGFEAT, Domain Identifier, TEGCAP and UEGCAP
* mi: remove nsid from nvme_mi_admin_identify_secondary_ctrl_list()
* test: add tests for nvme_ctrl_get_src_addr()
* tree: Add nvme_ctrl_get_src_addr() to get the controller's src_addr
* util: Split _nvme_ipaddrs_eq() from nvme_ipaddrs_eq()
* test: add tests for Identify functions
* ioctl: use available Identify helper functions
* test: pass a large enough buffer to nvme_identify_ns_descs()
* ioctl: remove nsid from nvme_identify_secondary_ctrl_list()
* meson: Don't hard-code path to "internal/config.h"
* fabrics: Do not pass disable_sqflow if not supported
* fabrics: Read the supported options lazy
* test: add discovery log page tests
* test: add infra for mocking passthru ioctls
* tree: fix segfault in nvme_scan_subsystem()
* src/nvme/tree.c: make __nvme_scan_subsystem() returning bool
* doc: fix minor mistake in README.md about dependencies
* nvme-tree: avoid warning in 'list-subsys'
* tree: Add getter for subsystem iopolicy
* fabrics: Consider also all hosts settings for context match
* tree: Scan all subsystems
* doc: Fixing compile instruction in README
* mi: allow non-4-byte-aligned responses
* mi-mctp: use a linear response buffer
* mi: implement length and offset alignment checks in admin_xfer()
* tree: Don't open nvme devices until it's absolutely required
* tree: missing closedir() causes fd leak for "/sys/bus/pci/slots"
* mi: don't return from mi_mctp_submit with a tag held
* util: Provide empty nvme_ipaddrs_eq for static builds
* fabrics: Relax match on well known disc ctrl lookup
* tree: Ignore NULL address pointer for phy slot lookup
* fabrics: Filter discovery ctrls out during application context check
* util: Add ignored error code
* json: Use memory block allocated by realloc() instead printbuf
* util: Use HAVE_NETDB instead of HAVE_LIBNSS
* tree: Add PCI physical slot number for controller
* tree: Use nvme_ipaddrs_eq() to compare IP addresses
* fabrics: Add EADDRNOTAVAIL error mapping
* fabrics: filter out subsystems with non-matching application string
* libnvme: add 'application' setting to nvme_root
* libnvme: add 'application' setting to the subsystem
* test: Add more code coverage for nvme_ipaddrs_eq()
* util: rename ipaddrs_eq() to nvme_ipaddrs_eq() and make public.
* util: Add ipaddrs_eq() to check whether two IP addresses are equal
* test: Add unit test for ctrl lookups
* ioctl: fix RAE bit on last Get Log Page command
* fabrics: check genctr after getting discovery entries
* fabrics: handle /dev/nvme-fabrics read failure
* fabrics: fix potential invalid memory access in __nvmf_supported_option()
* Python: Fix crash during garbage collection
* python/swig: Check swig version to determine whether -py3 is needed
* python/swig: Wrap swig-sensitive struct inside #ifwdef SWIG
* mi: Add nvme_mi_ctrl_id to retrieve controller ID
* Python: Suppress swig warnings about unnamed struct
* examples: fix incorrect controller status in MI info output
* ioctl: Explicitly initialize all members of struct nvme_ns_mgmt_args
* Python: make NBFT data more pythonic
* ioctl: io management send, receive args fix
* python: Update test data
* NBFT: Remove documentation from nbft.c since it's also in nbft.h
* Python: Add NBFT support
* nbft: Doc typo - Use nvme_nbft_free() instead of nbft_free()
* nbft: Parse the {HOSTID,HOSTNQN}_CONFIGURED flags
* nbft: Fix nbft_ssns_flags endianness test
* nbft: Add a simple unit test
* doc: Update README
... changelog too long, skipping 12 lines ...
* tree: Fix argument check in nvme_bytes_to_lba
==== libwebp ====
Subpackages: libsharpyuv0 libwebp7 libwebpdemux2 libwebpmux3
- Add 0001-Fix-invalid-incremental-decoding-check.patch
A fuzzing finding fixed in the SLE/Leap updates
==== nvme-cli ====
Version update (2.4 -> 2.6)
Subpackages: nvme-cli-bash-completion
- Update to version 2.6:
* nvme: allocate payload buffer in create-ns command
* nvme-print-stdout: Add CAP.CPS and CAP.NSSS human readable outputs
* nvme: Add output-format default option instead of argconfig json option
* nvme: fw-download offset only describes FW offset, not file offset
* unit: add locale number test
* util: handle utf-8 thousend separators correctly
* nvme: Change to use NVME_ARGS verbose default option from OPT_ARGS
* fabrics: Fix NVMF_ARGS macro to use parameter n correctly
* nvme: Add verbose default option to show command debug output
* util: Fix to set argconfig output format json option correctly
* util: Split argconfig output format json function to set and get
* nvme: Spport Phy Rx Eye Opening Measurement Log
* nvme: Introduce nvme_realloc function
* nvme: Fix for fdpa reserved field printing
* completion: add 'version' and 'help' to list
* udev-rule: apply round-robin iopolicy on i/o subsystems alone
* nvme: Add support for the OAQD ID controller field
* plugins/solidigm: use static log macro to calc bitmask
* plugins/ocp: Rename FW activation history command
* nvme: auto free nvme_dev resource
* nvme: allocate aligned payloads for all nvme commands
* nvme: introduce alloc helper with alignment support
* util: add cleanup function for generic memory allocations
* nvme: append huge to nvme_{alloc|free} function
* nvme: fw_download use nvme_alloc only
* fabrics: Removing duplicate code and moving to libnvme
* nvme-print: omit size of protection information
* tree: Modify label name close_fd to close_dev
* fabrics: For TCP/RDMA, compare IP addresses with nvme_ipaddrs_eq()
* fabrics: lookup_discovery_ctrl() must look under host and not root
* nvme: Do not map status to errno codes
* completions: Add bash completion for DSSD Power state feature(FID: C7h)
* Documentation: Add document for DSSD Power state feature(FID: C7h)
* plugins/ocp: Add DSSD Power state feature(FID: C7h)
* avoid casting pointer arguments to argconfig functions
* nvme-print: Add support for EGFEAT, Domain Identifier, TEGCAP and UEGCAP
* nvme-print: Fix endurance_log whitespace changes
* nvme: Fix retrieval of telemetry log up to specified data area.
* nvme: Update list secondary command
* wdc: Add support for SN861 drive
* util: Set errno to 0 before strtol/stroul call
* nvme: Revert passthru and submit_io to print status to stderr from stdout
* plugins/zns: Fix offset in report zones
* nvme-rpmb: Fix nvme_show_id_ctrl_rpmbs() definition error
* fabrics: Use corresponding hostid when hostnqn is generated
* json: fix seg. fault converting NULL to JSON string
* nvme-cli: fix extended metadata size calculation
* nvme-print: Show subsystem iopolicy
* nvme-print-stdout: Do not show non reachable ns in namespace topology
* nvme-print: Fix show-topolocy for ctrls
* doc: Fix typo in documentation
* nvme-print-stdout: fix storage tag size label
* nvme-print-stdout: List only ctrls which are part of ns
* nvme-print-stdout: Support subsys reachable from several hosts
* ccan: Add htable, strset and dependencies
* ccan: Remove unused documentation
* nvme-print: Split max power flags
* nvme-print: fix counter while looping through uuid_list
* fabrics: only look for matching ctrl on same host
* README: Correct hugetlbfs spelling error
* util: Delete unused CFG_BOOL argconfig type as duplicated with CFG_FLAG
* util: Set LC_ALL=C as default if -H option is not used
* nvme: Add support for create-ns command endg-id option parameter
* nvme-print: fix argument order for show functions
* plugins/solidigm: Added Marketing Name Log support for Solidigm.
* nvme-print: Remove left overs from refactoring
* nvme-print: Move num argument parsing into callbacks
* nvme-print: Fix typo in callback definition
* scripts: Make release script project neutral
* scripts: Update update-docs.sh scripts
* scripts: Execute the scripts from toplevel directory
* scripts: Move helper scripts to a central place
* docs: Update file modes
* doc: Add information on --context
* nvmf-autoconnect: Annotate the context to autoconnect
* fabrics: Add support for volatile configuration
* plugins/solidigm: Formated log page directory table consistently with "nvme list" format.
* plugins/solidigm: Added Identify controller VU extensions parsing.
* nvme-print-json: Print PCI pysical slot number for controller
* nvme-print-stdout: Print PCI physical slot number for controller
* libnvme.wrap: Bump to 42ac453
* plugins/nbft: Use common code to parse print flags
* fabrics: Do not print device on connect per default
* fabrics: Revert 'fabrics: prevent 'nvme connect' to well-known discovery NQN'
* nvme-print: fix wrong list-subsys output when ns are attached to different ctrls
* plugins/micron: Correct NULL pointer checking error
* plugins/innogrit: Add vendor command get-eventlog and get-cdump
* nvme: Use correct data buffer size
* nvme: Fix quoted string split across lines to use quoted newline
* plugins/zns: Fix zns.c linux kernel check patch errors and warnings
* plugins/ymtc: Fix ymtc-nvme.c linux kernel check patch warning
* plugins/ymtc: Fix ymtc-nvme.c space indentation to tab indentation
* plugins/virtium: Fix virtium-nvme.c linux kernel check patch errors and warnings
* plugins/transcend: Fix transcend-nvme.c linux kernel check patch errors and warnings
* plugins/solidigm: Fix linux kernel check patch errors and warnings
* plugins/shannon: Fix shannon-nvme.c linux kernel check patch errors and warnings
* plugins/seagate: Fix seagate-nvme.c linux kernel check patch warnings
* plugins/scaleflux: Fix sfx-nvme.c linux kernel check patch errors and warnings
... changelog too long, skipping 111 lines ...
- Fix install path for nvme-regress script
==== pam-config ====
Version update (2.8 -> 2.9)
- Update to version 2.9
- Add support for kanidm
==== podman ====
Version update (4.6.2 -> 4.7.0)
- Build against latest stable Go version (bsc#1215807)
- Update to version 4.7.0:
* Bump to v4.7.0
* [CI:DOCS] v4.7.0 RELEASE_NOTES update
* rpm: remove gvproxy subpackage
* packit: tag @containers/packit-build team on copr build
failures
* specgen, rootless: fix mount of cgroup without a netns
* pass --syslog to the cleanup process
* fix --authfile auto-update test
* version: switch back from -rc1 to -dev
* New pre-release: v4.7.0-rc1
* [CI:DOCS] Update release notes for v4.7.0-rc1
* Cirrus: Update operating branch
* Move podman build opts to common file
* Add ability for machine rm -f for WSL
* Plumbing to run machine tests with hyperv
* CI: trace setup and runner scripts
* Bump to Buildah v1.32.0
* [CI:DOCS] bump release notes on main with the latest release
* fix(deps): update module github.com/opencontainers/image-spec
to v1.1.0-rc5
* Add --filter pod= autocompletion
* e2e: ExitCleanly(): manual test fixes
* e2e: continuing ExitCleanly(): just the replacements
* Fix some spelling and formatting
* Add support for Ulimit in quadlet
* Run codespell on code
* wire in new buildah build options
* make golangci-lint happy
* add !remote tag to pkg/specgen/generate
* pkg/specgen: do not depend on libimage for remote
* bump buildah to latest
* [CI:DOCS] restart.md: migrate to container unit
* fix(deps): update module k8s.io/kubernetes to v1.28.2
* Add support for PidsLimit in quadlet
* Add DNS fields to Container and Network unit groups
* [CI:DOCS] update API docs version list
* Try to fix broken CI (gvisor-something)
* e2e: more ExitCleanly(): manual test fixes
* e2e: more ExitCleanly(): dumb string replacements
* e2e: create_test: use ExitCleanly()
* e2e: diff_test: use ExitCleanly()
* The `podman init` command cannot modify containers.
* bump c/common to latest main
* Podmansh: use podmansh_timeout
* e2e: more ExitCleanly(): low-hanging fruit
* vendor: update checkpointctl to v1.1.0
* kube: add DaemonSet support for generate
* vendor of containers/(common, storage, image)
* libpod: move oom_score_adj clamp to init
* e2e: commit_test: use ExitCleanly()
* e2e: container_clone_test.go: use ExitCleanly()
* e2e: use ExitCleanly() in cleanup_test.go
* Ensure HC events fire after logs are written
* [CI:DOCS] podman-systemd.unit: fix equivalents
* Add support for kube TerminationGracePeriodSeconds
* Update podman-kube-play.1.md.in
* Split up alt binaries to speed up build
* Switch installer task to EC2
* pod: fix duplicate volumes from containers.conf
* tests: add test for pod cgroups
* libpod: create the cgroup pod before containers
* cmd, specgen: allow cgroup resources without --infra
* specgen: allow --share-parent with --infra=false
* libpod: allow cgroup path without infra container
* libpod: check if cgroup exists before creating it
* libpod: refactor platformMakePod signature
* libpod: destroy pod cgroup on pod stop
* utils: export MoveUnderCgroup
* libpod: refactor code to new function
* e2e: use ExitCleanly() in checkpoint tests
* [CI:DOCS]Remove use of --latest|-l from tutorial
* CI test runner: upgrade tests rely on system tests
* run --rmi: "cannot remove" is a warning, not an error
* StopContainer: display signal num when name unknown
* URGENT: fix broken CI
* Add support for kube securityContext\.procMount
* podman: don't restart after kill
* Tmpfs should not be mounted noexec
* sys tests: run_podman: check for unwanted warnings/errors
* chore(deps): update dependency setuptools to ~=68.2.0
* e2e: use ExitCleanly() in attach & build tests
* Some distros do not default to docker.io for shortname searches
* security: accept empty capabilities list
* systests: random_free_port: fix EADDRINUSE flake
* fix(deps): update module github.com/cyphar/filepath-securejoin
to v0.2.4
* Restrict fcos_test to amd64, arm64
* fix(deps): update github.com/containers/libhvee digest to
56fb235
* fix(deps): update module github.com/docker/docker to
v24.0.6+incompatible
* fix(deps): update module golang.org/x/tools to v0.13.0
* Ignore spurious container-removal errors
* fix(deps): update module golang.org/x/net to v0.15.0
* systests: manifest zstd test: lots of tiny cleanups
* vendor: update github.com/opencontainers/runc to main
* [skip-ci] Update actions/checkout action to v4
... changelog too long, skipping 474 lines ...
* play.go: remove volumes on down -f
==== poppler ====
Subpackages: libpoppler-cpp0 libpoppler-glib8 libpoppler131 poppler-tools
- build with gpgmepp for signing documents (bsc#1215632)
==== poppler-qt5 ====
- build with gpgmepp for signing documents (bsc#1215632)
==== screen ====
Version update (4.9.0 -> 4.9.1)
- update to 4.9.1 (bsc#1210272, CVE-2023-24626):
* Support stop/parity bits on serial port
* Add needed system headers in checks and return values
for implicit function declarations
* Avoid zombies after shell exit
* Missed signal sending permission check on failed
query messages (CVE-2023-24626)
* manpage fixes
* source code fixes during cleanup
* UTF-8 encoding can emit invalid UTF-8 sequences
* for out of range unicode values
==== shadow ====
Subpackages: libsubid4 login_defs
- Add shadow-4.14.0-selinux-labels.patch:
Set proper SELinux labels for new homedirs.
See gh/shadow-maint/shadow#812.
==== suse-module-tools ====
Version update (16.0.35 -> 16.0.36)
Subpackages: suse-module-tools-scriptlets
- Update to version 16.0.36
* blacklist RNDIS modules (bsc#1205767, jsc#PED-5731)
* modprobe.d: Blacklist cls_tcindex module (bsc#1210335, CVE-2023-1829)
==== systemd ====
Version update (254.3 -> 254.5)
Subpackages: libsystemd0 libudev1 systemd-coredump systemd-doc udev
- Import commit 9674bb256205e6c643feadbcccfd1ee8feeee684 (merge of v254.5)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/6ed5b11298005e07509832881a0c5ff…
- Make sure to call %sysusers_create only when transfiletrigger is disabled.
- systemd.spec: switch to %ldconfig_scriptlets
- systemd.spec: add `%tmpfiles_create systemd-resolve`
It's only needed by SLE distros since systemd packages rely on
transtriggerfiles in Factory.
- Import commit 6ed5b11298005e07509832881a0c5ff1a80bf225 (merge of v254.4)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/b6b4e5a8a82d1f13f265a4ef170f2d1…
==== xdg-desktop-portal-kde ====
- Add: 0001-kde_portals.patch (kde#474746)
* Add a fallback to the GTK portal for settings. This makes sure
that GTK apps always get valid fonts and related settings.
==== xdg-utils ====
Version update (1.1.3+20230831 -> 1.2.0~beta1+20230929)
- Update to version 1.2.0-beta1+20230929:
* Set Version to 1.2.0-beta1
* Update Changes and Release Notes
* fix(xdg-open): handle spaces in .desktop file path
* Quote Browser variable to avod unintentional code execution
* Add missing result gathering
* Enhance LXQt Desktop Enviromment support
* xdg-terminal: don't run 'kreadconfig' if KDE_SESSION_VERSION is >= 5
- Drop the following fix, now actually included upstream
* xdg-terminal-don-t-run-kreadconfig-if-KDE_SESSION_VE.patch
- The following entries may have been missed in previous changelog
versions
* all: shellcheck fixes; make xdg-mime DASH-compatible
* xdg-email: do not run BROWSER if xdg-open failed
* Ensure POSIX-compliant shell scripting to support DASH
* all: spelling fixes
* Fix set_url_scheme_handler_gnome3 to not associate text/html handler
* xdg-screensaver: fix the freedesktop screensaver
* xdg-screensaver: implement support for "gnome3" DE
* xdg-screensaver: better error detection for freedesktop 'status' command
* xdg-desktop-menu: Drop obsolete GNOME support
* xdg-open: support WSL (FDO#108975)
* xdg-su: support deepin
* xdg-mime: If mimeapps.list is a symlink, retain the symlink (#7)
* xdg-open: fix search_desktop_file's logic
* xdg-open: handle local hostname in `file:` URLs
* xdg-desk-menu: Check if defaults file exists during installation
* xdg-su: Remove quotes for lxqt-sudo cmd arg
* xdg-open: handle opening files when DE=flatpak
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
ImageMagick (7.1.1.17 -> 7.1.1.18)
conmon
libnvme (1.4 -> 1.6)
nvme-cli (2.4 -> 2.6)
pam-config (2.8 -> 2.9)
podman (4.6.2 -> 4.7.0)
poppler
poppler-qt5
suse-module-tools (16.0.35 -> 16.0.36)
xdg-desktop-portal-kde
xdg-utils (1.1.3+20230831 -> 1.2.0~beta1+20230929)
=== Details ===
==== ImageMagick ====
Version update (7.1.1.17 -> 7.1.1.18)
Subpackages: ImageMagick-config-7-SUSE libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10
- version update to 7.1.1.18
* upstream changelog:
https://github.com/ImageMagick/Website/blob/main/ChangeLog.md
==== conmon ====
- go 1.19 EOL, swith to go >= 1.20
* [bsc#1215806]
==== libnvme ====
Version update (1.4 -> 1.6)
Subpackages: libnvme-mi1 libnvme1
- Update to version 1.6:
* docs: Fix Read-the-Docs configuration (deprecated config param)
* mi-mctp: Fix free() in error path of mi_open_mctp
* types: Use NVME_SET for status type mask to get status value
* types: Define FLBAS MASK and SHIFT to use NVME_GET
* types: Support Phy Rx Eye Opening Measurement Log
* log: Add nvme root global variable to set for default output
* types: Add support for the OAQD ID controller field
* test: use non deprecated API
* test: add tests for Get/Set Features functions
* ioctl: implement nvme_set_features_lba_range()
* ioctl: pass NSID in Get/Set Features commands that use it
* ioctl: fix swapped parameters in nvme_set_features_host_id()
* ioctl: export nvme_{g,s}et_features_iocs_profile()
* ioctl: pass ENDGID in nvme_get_features_endurance_event_cfg()
* ioctl: don't set SAVE bit on unsaveable features
* ioctl: avoid sending uninitialized timestamp
* ioctl: pass data for Get/Set Features commands
* ioctl: set correct bits in Set Features commands
* ioctl: correct feature IDs in Get/Set Features commands
* tree: Add 2 new public functions to lookup existing controllers
* ioctl: Add debugging feature to show command outputs
* Fix incorrect article 'an' as 'a' to use for a description
* linux: Added functions to enable faster telemetry data retrieval. Moved telemetry data area support detection into separate function. Added possibility to modify data transfer chunk size. Enable telemetry extraction up to specified data area. Removed some printf() and perror().
* test: account for discovery log page entry stripping
* fabrics: unconditionally strip discovery entry strings
* fabrics: only look for spaces in strchomp()
* tree: Use early return instead of else statements
* test: fix lookup test case
* test: make all function static
* test: add tests for new tcp controller matching algorithm
* tree: Improve TCP controller matching algorithm
* util: Add functions to parse the system's interfaces
* types: Add support for EGFEAT, Domain Identifier, TEGCAP and UEGCAP
* mi: remove nsid from nvme_mi_admin_identify_secondary_ctrl_list()
* test: add tests for nvme_ctrl_get_src_addr()
* tree: Add nvme_ctrl_get_src_addr() to get the controller's src_addr
* util: Split _nvme_ipaddrs_eq() from nvme_ipaddrs_eq()
* test: add tests for Identify functions
* ioctl: use available Identify helper functions
* test: pass a large enough buffer to nvme_identify_ns_descs()
* ioctl: remove nsid from nvme_identify_secondary_ctrl_list()
* meson: Don't hard-code path to "internal/config.h"
* fabrics: Do not pass disable_sqflow if not supported
* fabrics: Read the supported options lazy
* test: add discovery log page tests
* test: add infra for mocking passthru ioctls
* tree: fix segfault in nvme_scan_subsystem()
* src/nvme/tree.c: make __nvme_scan_subsystem() returning bool
* doc: fix minor mistake in README.md about dependencies
* nvme-tree: avoid warning in 'list-subsys'
* tree: Add getter for subsystem iopolicy
* fabrics: Consider also all hosts settings for context match
* tree: Scan all subsystems
* doc: Fixing compile instruction in README
* mi: allow non-4-byte-aligned responses
* mi-mctp: use a linear response buffer
* mi: implement length and offset alignment checks in admin_xfer()
* tree: Don't open nvme devices until it's absolutely required
* tree: missing closedir() causes fd leak for "/sys/bus/pci/slots"
* mi: don't return from mi_mctp_submit with a tag held
* util: Provide empty nvme_ipaddrs_eq for static builds
* fabrics: Relax match on well known disc ctrl lookup
* tree: Ignore NULL address pointer for phy slot lookup
* fabrics: Filter discovery ctrls out during application context check
* util: Add ignored error code
* json: Use memory block allocated by realloc() instead printbuf
* util: Use HAVE_NETDB instead of HAVE_LIBNSS
* tree: Add PCI physical slot number for controller
* tree: Use nvme_ipaddrs_eq() to compare IP addresses
* fabrics: Add EADDRNOTAVAIL error mapping
* fabrics: filter out subsystems with non-matching application string
* libnvme: add 'application' setting to nvme_root
* libnvme: add 'application' setting to the subsystem
* test: Add more code coverage for nvme_ipaddrs_eq()
* util: rename ipaddrs_eq() to nvme_ipaddrs_eq() and make public.
* util: Add ipaddrs_eq() to check whether two IP addresses are equal
* test: Add unit test for ctrl lookups
* ioctl: fix RAE bit on last Get Log Page command
* fabrics: check genctr after getting discovery entries
* fabrics: handle /dev/nvme-fabrics read failure
* fabrics: fix potential invalid memory access in __nvmf_supported_option()
* Python: Fix crash during garbage collection
* python/swig: Check swig version to determine whether -py3 is needed
* python/swig: Wrap swig-sensitive struct inside #ifwdef SWIG
* mi: Add nvme_mi_ctrl_id to retrieve controller ID
* Python: Suppress swig warnings about unnamed struct
* examples: fix incorrect controller status in MI info output
* ioctl: Explicitly initialize all members of struct nvme_ns_mgmt_args
* Python: make NBFT data more pythonic
* ioctl: io management send, receive args fix
* python: Update test data
* NBFT: Remove documentation from nbft.c since it's also in nbft.h
* Python: Add NBFT support
* nbft: Doc typo - Use nvme_nbft_free() instead of nbft_free()
* nbft: Parse the {HOSTID,HOSTNQN}_CONFIGURED flags
* nbft: Fix nbft_ssns_flags endianness test
* nbft: Add a simple unit test
* doc: Update README
... changelog too long, skipping 12 lines ...
* tree: Fix argument check in nvme_bytes_to_lba
==== nvme-cli ====
Version update (2.4 -> 2.6)
Subpackages: nvme-cli-bash-completion
- Update to version 2.6:
* nvme: allocate payload buffer in create-ns command
* nvme-print-stdout: Add CAP.CPS and CAP.NSSS human readable outputs
* nvme: Add output-format default option instead of argconfig json option
* nvme: fw-download offset only describes FW offset, not file offset
* unit: add locale number test
* util: handle utf-8 thousend separators correctly
* nvme: Change to use NVME_ARGS verbose default option from OPT_ARGS
* fabrics: Fix NVMF_ARGS macro to use parameter n correctly
* nvme: Add verbose default option to show command debug output
* util: Fix to set argconfig output format json option correctly
* util: Split argconfig output format json function to set and get
* nvme: Spport Phy Rx Eye Opening Measurement Log
* nvme: Introduce nvme_realloc function
* nvme: Fix for fdpa reserved field printing
* completion: add 'version' and 'help' to list
* udev-rule: apply round-robin iopolicy on i/o subsystems alone
* nvme: Add support for the OAQD ID controller field
* plugins/solidigm: use static log macro to calc bitmask
* plugins/ocp: Rename FW activation history command
* nvme: auto free nvme_dev resource
* nvme: allocate aligned payloads for all nvme commands
* nvme: introduce alloc helper with alignment support
* util: add cleanup function for generic memory allocations
* nvme: append huge to nvme_{alloc|free} function
* nvme: fw_download use nvme_alloc only
* fabrics: Removing duplicate code and moving to libnvme
* nvme-print: omit size of protection information
* tree: Modify label name close_fd to close_dev
* fabrics: For TCP/RDMA, compare IP addresses with nvme_ipaddrs_eq()
* fabrics: lookup_discovery_ctrl() must look under host and not root
* nvme: Do not map status to errno codes
* completions: Add bash completion for DSSD Power state feature(FID: C7h)
* Documentation: Add document for DSSD Power state feature(FID: C7h)
* plugins/ocp: Add DSSD Power state feature(FID: C7h)
* avoid casting pointer arguments to argconfig functions
* nvme-print: Add support for EGFEAT, Domain Identifier, TEGCAP and UEGCAP
* nvme-print: Fix endurance_log whitespace changes
* nvme: Fix retrieval of telemetry log up to specified data area.
* nvme: Update list secondary command
* wdc: Add support for SN861 drive
* util: Set errno to 0 before strtol/stroul call
* nvme: Revert passthru and submit_io to print status to stderr from stdout
* plugins/zns: Fix offset in report zones
* nvme-rpmb: Fix nvme_show_id_ctrl_rpmbs() definition error
* fabrics: Use corresponding hostid when hostnqn is generated
* json: fix seg. fault converting NULL to JSON string
* nvme-cli: fix extended metadata size calculation
* nvme-print: Show subsystem iopolicy
* nvme-print-stdout: Do not show non reachable ns in namespace topology
* nvme-print: Fix show-topolocy for ctrls
* doc: Fix typo in documentation
* nvme-print-stdout: fix storage tag size label
* nvme-print-stdout: List only ctrls which are part of ns
* nvme-print-stdout: Support subsys reachable from several hosts
* ccan: Add htable, strset and dependencies
* ccan: Remove unused documentation
* nvme-print: Split max power flags
* nvme-print: fix counter while looping through uuid_list
* fabrics: only look for matching ctrl on same host
* README: Correct hugetlbfs spelling error
* util: Delete unused CFG_BOOL argconfig type as duplicated with CFG_FLAG
* util: Set LC_ALL=C as default if -H option is not used
* nvme: Add support for create-ns command endg-id option parameter
* nvme-print: fix argument order for show functions
* plugins/solidigm: Added Marketing Name Log support for Solidigm.
* nvme-print: Remove left overs from refactoring
* nvme-print: Move num argument parsing into callbacks
* nvme-print: Fix typo in callback definition
* scripts: Make release script project neutral
* scripts: Update update-docs.sh scripts
* scripts: Execute the scripts from toplevel directory
* scripts: Move helper scripts to a central place
* docs: Update file modes
* doc: Add information on --context
* nvmf-autoconnect: Annotate the context to autoconnect
* fabrics: Add support for volatile configuration
* plugins/solidigm: Formated log page directory table consistently with "nvme list" format.
* plugins/solidigm: Added Identify controller VU extensions parsing.
* nvme-print-json: Print PCI pysical slot number for controller
* nvme-print-stdout: Print PCI physical slot number for controller
* libnvme.wrap: Bump to 42ac453
* plugins/nbft: Use common code to parse print flags
* fabrics: Do not print device on connect per default
* fabrics: Revert 'fabrics: prevent 'nvme connect' to well-known discovery NQN'
* nvme-print: fix wrong list-subsys output when ns are attached to different ctrls
* plugins/micron: Correct NULL pointer checking error
* plugins/innogrit: Add vendor command get-eventlog and get-cdump
* nvme: Use correct data buffer size
* nvme: Fix quoted string split across lines to use quoted newline
* plugins/zns: Fix zns.c linux kernel check patch errors and warnings
* plugins/ymtc: Fix ymtc-nvme.c linux kernel check patch warning
* plugins/ymtc: Fix ymtc-nvme.c space indentation to tab indentation
* plugins/virtium: Fix virtium-nvme.c linux kernel check patch errors and warnings
* plugins/transcend: Fix transcend-nvme.c linux kernel check patch errors and warnings
* plugins/solidigm: Fix linux kernel check patch errors and warnings
* plugins/shannon: Fix shannon-nvme.c linux kernel check patch errors and warnings
* plugins/seagate: Fix seagate-nvme.c linux kernel check patch warnings
* plugins/scaleflux: Fix sfx-nvme.c linux kernel check patch errors and warnings
... changelog too long, skipping 111 lines ...
- Fix install path for nvme-regress script
==== pam-config ====
Version update (2.8 -> 2.9)
- Update to version 2.9
- Add support for kanidm
==== podman ====
Version update (4.6.2 -> 4.7.0)
- Build against latest stable Go version (bsc#1215807)
- Update to version 4.7.0:
* Bump to v4.7.0
* [CI:DOCS] v4.7.0 RELEASE_NOTES update
* rpm: remove gvproxy subpackage
* packit: tag @containers/packit-build team on copr build
failures
* specgen, rootless: fix mount of cgroup without a netns
* pass --syslog to the cleanup process
* fix --authfile auto-update test
* version: switch back from -rc1 to -dev
* New pre-release: v4.7.0-rc1
* [CI:DOCS] Update release notes for v4.7.0-rc1
* Cirrus: Update operating branch
* Move podman build opts to common file
* Add ability for machine rm -f for WSL
* Plumbing to run machine tests with hyperv
* CI: trace setup and runner scripts
* Bump to Buildah v1.32.0
* [CI:DOCS] bump release notes on main with the latest release
* fix(deps): update module github.com/opencontainers/image-spec
to v1.1.0-rc5
* Add --filter pod= autocompletion
* e2e: ExitCleanly(): manual test fixes
* e2e: continuing ExitCleanly(): just the replacements
* Fix some spelling and formatting
* Add support for Ulimit in quadlet
* Run codespell on code
* wire in new buildah build options
* make golangci-lint happy
* add !remote tag to pkg/specgen/generate
* pkg/specgen: do not depend on libimage for remote
* bump buildah to latest
* [CI:DOCS] restart.md: migrate to container unit
* fix(deps): update module k8s.io/kubernetes to v1.28.2
* Add support for PidsLimit in quadlet
* Add DNS fields to Container and Network unit groups
* [CI:DOCS] update API docs version list
* Try to fix broken CI (gvisor-something)
* e2e: more ExitCleanly(): manual test fixes
* e2e: more ExitCleanly(): dumb string replacements
* e2e: create_test: use ExitCleanly()
* e2e: diff_test: use ExitCleanly()
* The `podman init` command cannot modify containers.
* bump c/common to latest main
* Podmansh: use podmansh_timeout
* e2e: more ExitCleanly(): low-hanging fruit
* vendor: update checkpointctl to v1.1.0
* kube: add DaemonSet support for generate
* vendor of containers/(common, storage, image)
* libpod: move oom_score_adj clamp to init
* e2e: commit_test: use ExitCleanly()
* e2e: container_clone_test.go: use ExitCleanly()
* e2e: use ExitCleanly() in cleanup_test.go
* Ensure HC events fire after logs are written
* [CI:DOCS] podman-systemd.unit: fix equivalents
* Add support for kube TerminationGracePeriodSeconds
* Update podman-kube-play.1.md.in
* Split up alt binaries to speed up build
* Switch installer task to EC2
* pod: fix duplicate volumes from containers.conf
* tests: add test for pod cgroups
* libpod: create the cgroup pod before containers
* cmd, specgen: allow cgroup resources without --infra
* specgen: allow --share-parent with --infra=false
* libpod: allow cgroup path without infra container
* libpod: check if cgroup exists before creating it
* libpod: refactor platformMakePod signature
* libpod: destroy pod cgroup on pod stop
* utils: export MoveUnderCgroup
* libpod: refactor code to new function
* e2e: use ExitCleanly() in checkpoint tests
* [CI:DOCS]Remove use of --latest|-l from tutorial
* CI test runner: upgrade tests rely on system tests
* run --rmi: "cannot remove" is a warning, not an error
* StopContainer: display signal num when name unknown
* URGENT: fix broken CI
* Add support for kube securityContext\.procMount
* podman: don't restart after kill
* Tmpfs should not be mounted noexec
* sys tests: run_podman: check for unwanted warnings/errors
* chore(deps): update dependency setuptools to ~=68.2.0
* e2e: use ExitCleanly() in attach & build tests
* Some distros do not default to docker.io for shortname searches
* security: accept empty capabilities list
* systests: random_free_port: fix EADDRINUSE flake
* fix(deps): update module github.com/cyphar/filepath-securejoin
to v0.2.4
* Restrict fcos_test to amd64, arm64
* fix(deps): update github.com/containers/libhvee digest to
56fb235
* fix(deps): update module github.com/docker/docker to
v24.0.6+incompatible
* fix(deps): update module golang.org/x/tools to v0.13.0
* Ignore spurious container-removal errors
* fix(deps): update module golang.org/x/net to v0.15.0
* systests: manifest zstd test: lots of tiny cleanups
* vendor: update github.com/opencontainers/runc to main
* [skip-ci] Update actions/checkout action to v4
... changelog too long, skipping 474 lines ...
* play.go: remove volumes on down -f
==== poppler ====
Subpackages: libpoppler-cpp0 libpoppler-glib8 libpoppler131 poppler-tools
- build with gpgmepp for signing documents (bsc#1215632)
==== poppler-qt5 ====
- build with gpgmepp for signing documents (bsc#1215632)
==== suse-module-tools ====
Version update (16.0.35 -> 16.0.36)
Subpackages: suse-module-tools-scriptlets
- Update to version 16.0.36
* blacklist RNDIS modules (bsc#1205767, jsc#PED-5731)
* modprobe.d: Blacklist cls_tcindex module (bsc#1210335, CVE-2023-1829)
==== xdg-desktop-portal-kde ====
Subpackages: xdg-desktop-portal-kde-lang
- Add: 0001-kde_portals.patch (kde#474746)
* Add a fallback to the GTK portal for settings. This makes sure
that GTK apps always get valid fonts and related settings.
==== xdg-utils ====
Version update (1.1.3+20230831 -> 1.2.0~beta1+20230929)
- Update to version 1.2.0-beta1+20230929:
* Set Version to 1.2.0-beta1
* Update Changes and Release Notes
* fix(xdg-open): handle spaces in .desktop file path
* Quote Browser variable to avod unintentional code execution
* Add missing result gathering
* Enhance LXQt Desktop Enviromment support
* xdg-terminal: don't run 'kreadconfig' if KDE_SESSION_VERSION is >= 5
- Drop the following fix, now actually included upstream
* xdg-terminal-don-t-run-kreadconfig-if-KDE_SESSION_VE.patch
- The following entries may have been missed in previous changelog
versions
* all: shellcheck fixes; make xdg-mime DASH-compatible
* xdg-email: do not run BROWSER if xdg-open failed
* Ensure POSIX-compliant shell scripting to support DASH
* all: spelling fixes
* Fix set_url_scheme_handler_gnome3 to not associate text/html handler
* xdg-screensaver: fix the freedesktop screensaver
* xdg-screensaver: implement support for "gnome3" DE
* xdg-screensaver: better error detection for freedesktop 'status' command
* xdg-desktop-menu: Drop obsolete GNOME support
* xdg-open: support WSL (FDO#108975)
* xdg-su: support deepin
* xdg-mime: If mimeapps.list is a symlink, retain the symlink (#7)
* xdg-open: fix search_desktop_file's logic
* xdg-open: handle local hostname in `file:` URLs
* xdg-desk-menu: Check if defaults file exists during installation
* xdg-su: Remove quotes for lxqt-sudo cmd arg
* xdg-open: handle opening files when DE=flatpak
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
ImageMagick (7.1.1.15 -> 7.1.1.17)
Mesa (23.1.7 -> 23.1.8)
Mesa-drivers (23.1.7 -> 23.1.8)
MozillaFirefox (117.0.1 -> 118.0.1)
apparmor
argyllcms (2.3.1 -> 3.0.0)
autoyast2 (4.6.2 -> 5.0.1)
avahi
avahi-glib2
branding-openSUSE
cairo (1.17.8 -> 1.18.0)
cockpit
distribution-logos-openSUSE (20220322 -> 20230921)
firewalld
flashrom (1.2 -> 1.3.0)
git
glibc
gnome-control-center
gnome-tweaks (42.beta+60 -> 45.0)
gnustep-base
gpg2 (2.3.8 -> 2.4.0)
gpgme
graphite2
gstreamer (1.22.5 -> 1.22.6)
gstreamer-plugins-bad (1.22.5 -> 1.22.6)
gstreamer-plugins-base (1.22.5 -> 1.22.6)
gstreamer-plugins-good (1.22.5 -> 1.22.6)
highway (1.0.5 -> 1.0.7)
imlib2 (1.12.0 -> 1.12.1)
installation-images-MicroOS (17.95 -> 17.96)
kio
libapparmor
libblockdev (2.28 -> 3.0.2)
libbytesize
libdrm
libjxl
libnma
libqt5-qtbase
libsecret (0.21.0 -> 0.21.1)
libsolv (0.7.24 -> 0.7.25)
libssh
libstorage-ng (4.5.141 -> 4.5.143)
libvpx
mozjs115 (115.2.0 -> 115.2.1)
mpg123 (1.31.3 -> 1.32.2)
open-vm-tools
openssl-3 (3.1.2 -> 3.1.3)
openssl (3.1.2 -> 3.1.3)
p11-kit (0.24.1 -> 0.25.0)
patterns-microos
perl-HTTP-Message (6.44 -> 6.450.0)
polkit-default-privs (1550+20230912.0978001 -> 1550+20230920.74aeded)
python-alembic (1.11.2 -> 1.12.0)
python-constantly
python-greenlet (2.0.2 -> 3.0.0~rc3)
python-jsonschema (4.18.6 -> 4.19.1)
python-tornado6 (6.3.2 -> 6.3.3)
sddm
smartmontools
stoken (0.92 -> 0.93)
systemd
tracker
tuned (2.20.0.18+git.7b1a20b -> 2.21.0.0+git.670541d)
udisks2 (2.9.4 -> 2.10.0)
unar
xdg-utils (1.1.3+20230830 -> 1.1.3+20230831)
yast2-bootloader (4.6.2 -> 5.0.2)
yast2-installation (4.6.7 -> 5.0.1)
yast2-python-bindings (4.6.0 -> 5.0.1)
yast2-storage-ng (4.6.12 -> 5.0.1)
yast2-users (4.6.4 -> 5.0.1)
=== Details ===
==== ImageMagick ====
Version update (7.1.1.15 -> 7.1.1.17)
Subpackages: ImageMagick-config-7-SUSE libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10
- version update to 7.1.1.17
* upstream changelog:
https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-17---2023…
- modified patches
% ImageMagick-library-installable-in-parallel.patch (refreshed)
- follow upstream, create open, limited, secure and websafe alternative
configuration packages with different policy.xml
- removing p7zip redundant dependency
==== Mesa ====
Version update (23.1.7 -> 23.1.8)
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- Backport upstream patches for compatibility with LLVM 17:
* U_llvmpipe-only-include-old-Transform-includes-when-ne.patch
removes unneeded includes of header files that no longer exist.
* U_clover-llvm-move-to-modern-pass-manager.patch migrates Clover
to the new pass manager, since the old PM has been removed.
- disable nine on arm/aarch64 in the hope to fix build on this
platform; there is no need for Direct3D/Wine for arm/aarch64
anyway ...
- Update to bugfix release 23.1.8:
- -> https://docs.mesa3d.org/relnotes/23.1.8.html
==== Mesa-drivers ====
Version update (23.1.7 -> 23.1.8)
Subpackages: Mesa-dri Mesa-gallium Mesa-libva
- Backport upstream patches for compatibility with LLVM 17:
* U_llvmpipe-only-include-old-Transform-includes-when-ne.patch
removes unneeded includes of header files that no longer exist.
* U_clover-llvm-move-to-modern-pass-manager.patch migrates Clover
to the new pass manager, since the old PM has been removed.
- disable nine on arm/aarch64 in the hope to fix build on this
platform; there is no need for Direct3D/Wine for arm/aarch64
anyway ...
- Update to bugfix release 23.1.8:
- -> https://docs.mesa3d.org/relnotes/23.1.8.html
==== MozillaFirefox ====
Version update (117.0.1 -> 118.0.1)
- Mozilla Firefox 118.0.1
MFSA 2023-44 (bsc#1215814)
* CVE-2023-5217 (bmo#1855550),
Heap buffer overflow in libvpx
- Mozilla Firefox 118.0
MFSA 2023-41 (bsc#1215575)
* CVE-2023-5168 (bmo#1846683)
Out-of-bounds write in FilterNodeD2D1
* CVE-2023-5169 (bmo#1846685)
Out-of-bounds write in PathOps
* CVE-2023-5170 (bmo#1846686)
Memory leak from a privileged process
* CVE-2023-5171 (bmo#1851599)
Use-after-free in Ion Compiler
* CVE-2023-5172 (bmo#1852218)
Memory Corruption in Ion Hints
* CVE-2023-5173 (bmo#1823172)
Out-of-bounds write in HTTP Alternate Services
* CVE-2023-5174 (bmo#1848454)
Double-free in process spawning on Windows
* CVE-2023-5175 (bmo#1849704)
Use-after-free of ImageBitmap during process shutdown
* CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824, bmo#1843962,
bmo#1848890, bmo#1850180, bmo#1850983, bmo#1851195)
Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3,
and Thunderbird 115.3
- requires NSS 3.93
- add mozilla-bmo1822730.patch
- deactivated KDE integration temporarily
(removed mozilla-kde.patch and firefox-kde.patch for now)
==== apparmor ====
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor
- Fix pam_apparmor %post and %postun scripts to handle pam-config errors
(bsc#1215596)
==== argyllcms ====
Version update (2.3.1 -> 3.0.0)
- Update to 3.0.0:
* Updated ccast/axTLS to get ChromCast working again with latest Google CC
operating software.
* Extensive re-write/re-factor of icclib to make it more future-proof.
See https://www.argyllcms.com/doc/ChangesSummary.html for details.
* Added ref/ColorCheckerPassport.ti2 and ref/ColorCheckerHalfPassport.ti2
to allow measuring ColorCheckerPassport with instrument.
* Fixed bug in Munki spectro hi-res mode with some instruments. Luminance
matching between normal and hi-res was sometimes quite poor.
* Added ARGYLL_CREATE_DISPLAY_PROFILE_WITHOUT_CHAD environment variable.
* Changed colprof -U flag to -u. Changed dispcal -J flag to -K to accommodate
a potential new flag for colprof and dispcal.
* Added workaround for bug in madHcNet64.dll32/64.dll which sometimes causes
failure.
* Added delay after USB set_config on OS X to help Spyder 3/4 on Ventura OS.
* Added -Y parameter to dispwin to override automatic patch delay.
* Changed i1d3 driver to cope with Rev. B "0x83" error robustly. This should
fix any issues measuring low level Red only patch values on OLED displays,
but with slower measurements when this occurs.
* Added spotread -Y S option to save spectral sensitivity curves and added
corresponding support in i1d3 driver. This allows for comparison of different
instruments factory calibrations.
* Added a -h scale parameter to dispread, to allow the automatic instrument
calibration test patch values to be scaled down from their default 100%
value. This is useful with HDR displays.
* Added manifest to MSWindows executables to use UTF-8 code pages on Windows
1903 and later. This should improve non-ASCII filename and path handling.
* Added a Violet colorant to the targen colorant list.
* Fixed problem with OS X 64 bit backwards compatibility where it failed to
locate serial instruments when the binaries are run on OS X V12 or latter
machines.
* Fixed bug in i1Pro3 driver where it was not returning the correct
measurement conditions enum.
* Fixed spotread so that ambient measure for monochrome sources doesn't error
out due to bad CCT/VCT/VDT. Also change -T so that it suppresses CCT etc. if
ambient mode is used.
* Added hacky workaround to strange Mac M2/rosetta bug in del_i1proimp().
- Make the argyllcms-doc package noarch.
==== autoyast2 ====
Version update (4.6.2 -> 5.0.1)
- Added several LUKS-related elements to the partitioning schema
(jsc#PED-3878, jsc#PED-5518).
- 5.0.1
- 5.0.0 (#bsc1185510)
==== avahi ====
Subpackages: libavahi-client3 libavahi-common3 libavahi-core7
- Don't require sudo. There is no indication it's actually used for
anything.
==== avahi-glib2 ====
- Don't require sudo. There is no indication it's actually used for
anything.
==== branding-openSUSE ====
Subpackages: grub2-branding-openSUSE plymouth-branding-openSUSE wallpaper-branding-openSUSE yast2-qt-branding-openSUSE
- Enable grub2-branding on ppc64le. patterns-microos-base has
Requires (grub2-branding-openSUSE if grub2). So we need the
branding.
==== cairo ====
Version update (1.17.8 -> 1.18.0)
Subpackages: libcairo-gobject2 libcairo-script-interpreter2 libcairo2
- Update to version 1.18.0:
+ The first stable cairo release in five years should be cause
for celebration.
+ All the API added in the 1.17 development cycle is now
considered stable, and will not change.
+ Many thanks to all the contributors for this release.
+ The cairo-sphinx tool has been removed; we could not find any
instruction on how to use it, and no user answered our call for
help. If you were using cairo-sphinx, please reach out to the
cairo maintainers.
+ Cairo now implements Type 3 color fonts for PDF.
+ Multiple documentation fixes, to ensure that the cairo API
reference is up to date. Also fixed multiple compiler warnings
generated when building cairo.
+ The XML surface has been removed; it was disabled by default
when building cairo, and we could not find any downstream
distributor that would enable it.
+ The Tee surface is now automatically enabled. Downstream
distributors of cairo have been enabling for years it in order
to build Firefox.
+ Fixed multiple issues with the DWrite font backend.
+ Improved the Quartz surface; mainly, Quartz surfaces now use
the main display ColorSpace, speeding up rendering operations.
+ Cairo now hides all private symbols by default on every
platform; the old "slim" symbols hack to alias internally used
symbols has been dropped, in favor of using
`-Bsymbolic-functions` with toolchains that support it.
+ Fixed multiple memory leaks in the code base and test suite,
and general maintenance.
+ Added new API to expose the Pixman dithering filter to cairo
patterns; this is currently implemented only for image
surfaces.
- Drop patches fixed upstream:
+ cairo-1.17.8-fix-tee-compilation.patch
+ cairo-1.17.8-ft-font-missing-glyph.patch
- Rebase patches with quilt.
- Stop passing xml=disabled to meson setup, xml backend is dropped.
==== cockpit ====
Subpackages: cockpit-bridge cockpit-packagekit cockpit-system
- Port SLE selinux bug fix from SLE Micro 5.5
* Copied selinux_libdir.patch from SLEM package
==== distribution-logos-openSUSE ====
Version update (20220322 -> 20230921)
Subpackages: distribution-logos-openSUSE-MicroOS distribution-logos-openSUSE-icons
- Add Aeon branding
==== firewalld ====
Subpackages: firewalld-bash-completion python3-firewall
- python3-dbus isn't correct either, it's python3-dbus-python.
- Correct Requires, python3-slip-dbus -> python3-dbus.
==== flashrom ====
Version update (1.2 -> 1.3.0)
- Update to 1.3.0
- See changelog at https://www.flashrom.org/Flashrom/1.3
- Removed patches (merged upstream):
- flashrom-install-man-file.patch
- flashrom-j-link-spi.patch
==== git ====
- Downgrade openssh dependency to recommends (bsc#1215533)
==== glibc ====
Subpackages: glibc-extra glibc-locale glibc-locale-base nscd
- fstat-implementation.patch: io: Do not implement fstat with fstatat
- getaddrinfo-memory-leak.patch: Fix leak in getaddrinfo introduced by the
fix for CVE-2023-4806 (CVE-2023-5156, bsc#1215714, BZ #30884)
- getcanonname-use-after-free.patch: getaddrinfo: Fix use after free in
getcanonname (CVE-2023-4806, bsc#1215281, BZ #30843)
- Do not build any cross packages in SLES
- no-aaaa-read-overflow.patch: Stack read overflow with large TCP
responses in no-aaaa mode (CVE-2023-4527, bsc#1215280, BZ #30842)
- Add systemd to passwd, group and shadow lookups (jsc#PED-5188)
- ppc64-flock-fob64.patch: io: Fix record locking contants for powerpc64
with __USE_FILE_OFFSET64 (BZ #30804)
- libio-io-vtables.patch: libio: Fix oversized __io_vtables
- call-init-proxy-objects.patch: elf: Do not run constructors for proxy
objects
- dtors-reverse-ctor-order.patch: elf: Always call destructors in reverse
constructor order (BZ #30785)
- intl-c-utf-8-like-c-locale.patch: intl: Treat C.UTF-8 locale like C
locale (BZ #16621)
- glibc-disable-gettext-for-c-utf8.patch: Removed
==== gnome-control-center ====
Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-user-faces
- Add gnome-control-center-add-user-button.patch:
Show add user button when user is a normal user
(bsc#1215556 glgo#GNOME/Settings!1927).
==== gnome-tweaks ====
Version update (42.beta+60 -> 45.0)
- Update to version 45.0:
+ This release removes several features now found in GNOME
Settings. There are also some small interface refreshments in
preparation for the GTK4 upgrade. More significantly, the core
interface has been refactored to use layout files.
+ Updated translations.
- Switch compression to zst both in service and tarball produced.
==== gnustep-base ====
- use pkgconfig(icu-uc) to use the current libicu. (jsc#PED-6193)
==== gpg2 ====
Version update (2.3.8 -> 2.4.0)
Subpackages: dirmngr
- Install the systemd user units in the _userunitdir [bsc#1201564]
* Note that, there is no activation by default.
* Rework excludes in the spec's files section.
- Temporarily revert back to the pre-2.4 default for key generation.
The new rfc4880bis has been set as the default in 2.4 version and
might create incompatible keys. Note that, rfc4880bis can still
be used with the option flag --rfc4880bis as in previous versions.
* More info in the gnupg-devel ML:
https://lists.gnupg.org/pipermail/gnupg-devel/2022-December/035183.html
* Reverted commit https://dev.gnupg.org/rGcaf4b3fc16e9
* Add gnupg-revert-rfc4880bis.patch
- Allow 8192 bit RSA keys in keygen UI when large_rsa is set
* Add gnupg-allow-large-rsa.patch
- Fix broken GPGME QT tests: Upstram dev task dev.gnupg.org/T6313
* The original patch has been modified to expand the changes
also to the tests/gpgme/Makefile.in file.
* Add gnupg-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch
- Updated to require libgpg-error-devel >= 1.46
- Rebased patches:
* gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch
* gnupg-add_legacy_FIPS_mode_option.patch
- GnuPG 2.4.0:
* common: Fix translations in --help for gpgrt < 1.47.
* gpg: Do not continue the export after a cancel for the primary key.
* gpg: Replace use of PRIu64 in log_debug.
* Update NEWS for 2.4.0.
* tests: Fix make check with GPGME.
* agent: Allow arguments to "scd serialno" in restricted mode.
* scd:p15: Skip deleted records.
* build: Remove Windows CE support.
* wkd: Do not send/install/mirror expired user ids.
* gpgsm: Print the revocation time also with --verify.
* gpgsm: Fix "problem re-searching certificate" case.
* gpgsm: Print revocation date and reason in cert listings.
* gpgsm: Silence the "non-critical certificate policy not allowed".
* gpgsm: Always use the chain model if the root-CA requests this.
* gpg: New export option "mode1003".
* gpg: Remove a mostly duplicated function.
* tests: Simplify fake-pinentry to use the option only.
* tests: Fix fake-pinentry for Windows.
* tests: Fix make check-all.
* agent: Fix import of protected v5 keys.
* gpgsm: Change default algo to AES-256.
* tests: Put a workaround for semihosted environment.
* tests: More fix for semihosted environment.
* tests: Support semihosted environment.
* tests: Fix tests under cms.
* tests,w32: Fix for semihosted environment.
* w32: Fix for tests on semihosted environment.
* w32: Fix gnupg_unsetenv.
* wkd: New option --add-revocs and some fixes.
* wkd: Make use of --debug extprog.
* gpg: New export-filter export-revocs.
* gpg: Fix double-free in gpg --card-edit.
* gpg: Make --require-compliance work with out --status-fd.
* gpg: New option --list-filter.
* dirmngr: Silence ocsp debug output.
* tests: Fix to support --enable-all-tests and variants.
* tests:w32: Fix for non-dot file name for Windows.
* tests:gpgscm:w32: Fix for GetTempPath.
* tests: Keep .log files in objdir.
* tests: Use 233 for invalid value of FD.
* w32: Fix gnupg_tmpfile for possible failure.
* scd: Redact --debug cardio output of a VERIFY APDU.
* common: Remove Windows CE support in common.
* gpgsm: Fix colon outout of ECC encryption certificates.
* scd:nks: Fix ECC signing if key not given by keygrip.
* dirmngr: Fix verification of ECDSA signed CRLs.
* agent: Allow trustlist on Windows in Unicode homedirs.
* gpg: Fix verification of cleartext signatures with overlong lines.
* gpg: Move w32_system function.
* gpg: New option --quick-update-pref.
* gpg: New list-options show-pref and show-pref-verbose.
* tests: Add tests to check that OCB is only used for capable keys.
* gpg: Make --list-packets work w/o --no-armor for plain OCB packets.
* tests: Add symmetric decryption tests.
* tests: Add tr:assert-same function.
* agent: Avoid blanks in the ssh key's comment.
* build: Update m4 files.
* gpg: Merge --rfc4880bis features into --gnupg.
* gpg: Allow only OCB for AEAD encryption.
* gpg: New option --compatibility-flags.
* gpgsm: Also announce AES256-CBC in signatures.
* gpg: Fix trusted introducer for user-ids with only the mbox.
* gpg: Import stray revocation certificates.
* agent: Automatically convert to extended key format by KEYATTR.
* card: New commands "gpg" and "gpgsm".
* card: Also show fingerprints of known X.509 certificates.
* scd:nks: Support non-ESIGN signing with the Signature Card v2.
* gpgsm: Allow ECC encryption keys with just keyAgreement specified.
* gpgsm: Use macro constants for cert_usage_p.
* build: Update gpg-error.m4.
* agent,common,dirmngr,tests,tools: Remove spawn PREEXEC argument.
* gpg: Move NETLIBS after GPG_ERROR_LIBS.
* gpg: Use GCRY_KDF_ONESTEP_KDF with newer libgcrypt in future.
* common,w32: Fix struct stat on Windows.
* agent,w32: Support Win32-OpenSSH emulation by gpg-agent.
* common: Don't use FD2INT for POSIX-only code.
* dirmngr: Fix build with no LDAP support.
==== gpgme ====
Subpackages: libgpgme11 libgpgmepp6 python311-gpg
- Use GCC 12 for building the Qt6 library on Leap 15. The
default compiler is too old.
- Use '%{without xxx}' rather than '!%{with xxx}' in spec file
- Use GCC 12 for building the Qt6 library. The default compiler
is too old.
- Use '%{without xxx}' rather than '!%{with xxx}' in spec file
==== graphite2 ====
- fixed license string [bsc#1207676]:
LGPL-2.1-or-later OR MPL-2.0 OR GPL-2.0-or-later
==== gstreamer ====
Version update (1.22.5 -> 1.22.6)
Subpackages: libgstreamer-1_0-0 typelib-1_0-Gst-1_0
- Update to version 1.22.6:
+ Highlighted bugfixes:
- Security fixes for the MXF demuxer and H.265 video parser
- Fix latency regression in H.264 hardware decoder base class
- androidmedia: fix HEVC codec profile registration and fix
coded_data handling
- decodebin3: fix switching from a raw stream to an encoded
stream
- gst-inspect: prettier and more correct signal and action
signals printing
- rtmp2: Allow NULL flash version, omitting the field, for
better RTMP server compatibility
- rtspsrc: better compatibility with buggy RTSP servers that
don't set a clock-rate
- rtpjitterbuffer: fix integer overflow that led to more
packets being declared lost than have been lost
- v4l2: fix video encoding regression on RPi and fix support
for left and top padding
- waylandsink: Crop surfaces to their display width height
- cerbero: Recognise Manjaro; add Rust support for MSVC ARM64;
cmake detection fixes
- Various bug fixes, memory leak fixes, and other stability and
reliability improvements
+ gstreamer:
- gst-inspect: prettier and more correct signal printing, and
print action signals in g_signal_emit_by_name() format
- gst-launch: Disable fault signal handlers on macOS
- Rebase reduce-required-meson.patch
==== gstreamer-plugins-bad ====
Version update (1.22.5 -> 1.22.6)
Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0
- Update to version 1.22.6:
+ audiolatency: Forward latency query and event upstream
+ av1parser: Fix segmentation params update
+ codecparsers: Fix MPEG-1 aspect ratio table
+ d3d11convert: Passthrough allocation query on same caps
+ h264decoder: Update latency dynamically
+ h265parser:
- Allow partially broken hvcC data
- Fix possible overflow using max_sub_layers_minus1
+ hlssink2: Always use forward slash separator
+ mdns: Fix a crash on context error
+ mxfdemux: Fix integer overflow causing out of bounds writes
when handling invalid uncompressed video and check channels for
AES3
+ nvencoder: Fix negotiation error when interlace-mode is
unspecified
+ rtmp2: Allow NULL flash version, omitting the field
+ rtmp2sink: fix crash if message conversion failed
+ transcodebin: Fixes for upstream selectable support
+ va: Fix in error logs functions mismatches
+ waylandsink:
- Crop surfaces to their display width height
- Fix cropping for video with non-square aspect ratio
+ webrtc: Fix docs for create-data-channel action signal
- Rebase reduce-required-meson.patch
==== gstreamer-plugins-base ====
Version update (1.22.5 -> 1.22.6)
Subpackages: libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstTag-1_0
- Update to version 1.22.6:
+ audio: Make sure to stop ringbuffer on error
+ decodebin3:
- Avoid identity, sinkpad, parsebin leakage when reset input
- Ensure the slot is unlinked before linking to decoder
+ sdp:
- Fix wrong debug log error message for missing clock-rate in
caps
- Parse zero clock-rate as default
- Rebase reduce-required-meson.patch
==== gstreamer-plugins-good ====
Version update (1.22.5 -> 1.22.6)
Subpackages: gstreamer-plugins-good-gtk
- Update to version 1.22.6:
+ adaptivedemux2: fix memory leak
+ pulsedeviceprovider: fix incorrect usage of GST_ELEMENT_ERROR
+ qt:
- Unbreak build with qt-egl enabled but viv_fb missing
- Fix searching of qt5/qt6 tools with qmake in Meson
+ qtdemux:
- Fix premature EOS when some files are played in push mode
- Attach cbcs crypt info at the right moment
+ rtpjitterbuffer: Avoid integer overflow in max saveable packets
calculation with negative offset
+ videoflip: fix concurrent access when modifying the tag list
+ v4l2:
- allocator: Don't close foreign dmabuf
- bufferpool:
. Fix large encoded stream regression
. Problems when checking for truncated buffer
- Fix support for left and top padding
+ v4l2object: clear format lists if source change event is
received
- Rebase reduce-required-meson.patch
- Add libqt5-linguist BuildRequires: New dependency.
==== highway ====
Version update (1.0.5 -> 1.0.7)
- Update to release 1.0.7
* Add LoadNOr, GatherIndexN, ScatterIndexN
* Add additional float<->int conversions
* Codegen improvements for 8-bit shift, PPC Compress/Expand
- Update to release 1.0.6
* Add MaskedGatherIndex, MaskedScatterIndex, LoadN, StoreN,
SatWidenMulPairwiseAdd, SumOfMulQuadAccumulate,
PromoteUpperLowerTo.
* Add F64 for Wasm, F64 AbsDiff
* Validate all D args in x86 function signatures
==== imlib2 ====
Version update (1.12.0 -> 1.12.1)
Subpackages: imlib2-loaders libImlib2-1
- update to 1.12.1:
* Fix some clang complaints
* scaling: MMX asm scaling causes segv, disable for now
* loading: Call module exit function also when not
dlclosing module on unload
* loaders: Fix build with -m32 --enable-debug
* test_load_2: Add forgotten xeyes.png
* test_save: Fix for jxl loader on ix86
* test_scale: MMX scaling is disabled
* RAW loader: Don't unload loader
* loaders: Fix CPPFLAGS order
* imlib2_grab, imlib2_view: Unset context colormap
* x11_grab: Use correct depth when grabbing
==== installation-images-MicroOS ====
Version update (17.95 -> 17.96)
- merge gh#openSUSE/installation-images#663
- Add Qualcomm's GPU clk, LCD backlight, and power-related [spmi &
pmic] modules required for booting installer on Lenovo X13s.
(bsc#1215326)
- Add more boot-required modules for Lenovo X13s
- 17.96
==== kio ====
Subpackages: kio-core
- Add upstream crash fix (kde#474451)
* 0001-Don-t-crash-if-KMountPoint-gives-nothing-back-while-.patch
==== libapparmor ====
- Fix pam_apparmor %post and %postun scripts to handle pam-config errors
(bsc#1215596)
==== libblockdev ====
Version update (2.28 -> 3.0.2)
- Update to version 3.0.2:
* Use ntfsinfo instead of ntfscluster for faster
bd_fs_ntfs_get_info.
* Restrict list of exported symbols via -export-symbols-regex.
* lib: Silence the missing DEFAULT_CONF_DIR_PATH.
* loop: Report BD_LOOP_ERROR_DEVICE on empty loop devices.
* fs: Fix unused error in extract_e2fsck_progress.
* fs: Use read-only mount where possible for generic FS
functions.
* fs: Document that generic functions can mount filesystems.
* fs: Avoid excess logging in extract_e2fsck_progress.
- Restructure all sub-packages in the spec file to enhance
maintainability.
- Update to 3.0.1:
* New bugfix release of the libblockdev library with multiple
fixes.
* loop: Define LOOP_SET_BLOCK_SIZE is not defined. And remove
bd_loop_get_autoclear definition.
* crypto: Remove stray struct redefinition.
* fs: Simplify struct BDFSInfo. And add missing copy and free
functions to the header file.
* vdo_stats: Remove unused libparted include.
* lvm: Make _vglock_start_stop static. Fix declaration for
bd_lvm_vdolvpoolname. And add bd_lvm_segdata_copy/free to the
header file.
* Make the conf.d directory versioned.
- Changes from version 3.0.0:
* New major release of the libblockdev library. This release
contains a large API overhaul.
* VDO a KBD plugins were removed.
* New NVMe plugin was added.
* Runtime dependencies are no longer checked during plugin
initialization.
* Part plugin was rewritten to use libfdisk instead of libparted
* Crypto plugin API went through an extensive rewrite.
* Support for new technologies was added to the crypto plugin:
FileVault2 encryption, DM Integrity, LUKS2 tokens.
* Filesystem plugin adds support for btrfs, F2FS, NILFS2, exFAT
and UDF.
* Support for new filesystem operations was added to the plugin:
setting label and UUID, generic mkfs function and API for
getting feature support for filesystems.
* dmraid support was removed from the DM plugin.
* Python 2 support was dropped.
- Drop no longer needed libblockdev-fix-libkmod-include.patch
- Drop no longer supported sub-packages with their dependencies,
and their configure options, following upstream changes: python2
(python-devel), bcache, dmraid (dmraid-devel BuildRequires) and
kbd.
- Add (gcc >= 11 or gcc11) boolean BuildRequires to ensure the
package is buildable on Leap 15.5, where the gcc meta-package is
of version 7.
- Bump the SO version to 3 for the shared library and GI bindings
sub-packages.
- Add ext2fs, fdisk, and libkeyutils pkgconfig() BuildRequires.
The first is a new dependency for the FS plugin. The second, for
the PART plugin. And the latter, for the CRYPTO plugin (before,
the explicit_bzero() function would be searched for).
- Add libnvme-devel >= 1.3 BuildRequires, and pass --with-nvme to
configure, needed for the NVMe plugin (new upstream addition).
- Pass --with-tools to configure, ensuring we keep building the
libblockdev tools.
==== libbytesize ====
- Rename python3-libbytesize sub-package to python3-bytesize. This
is the expected name by its consumers.
==== libdrm ====
Subpackages: libdrm2 libdrm_amdgpu1 libdrm_nouveau2 libdrm_radeon1
- provide/obsolete dropped packages libkms1/libkms-devel (bsc#1215526)
- adjusted n_libdrm-drop-valgrind-dep-generic.patch,
n_libdrm-drop-valgrind-dep-intel.patch to generated 2.4.116
pkgconfig files in order to fix build against sle15/Leap 15.x
==== libjxl ====
- Switch from LCMS to SKCMS: libjxl core can use either, but
plugins can only use SKCMS. Exercising two CMS simultaneously
also is silly. Delete 0001-Remove-LCMS-mutex.patch .
- Build plugins:
* Add _service file to generate skcms tarball (needed to build
plugins).
* Add skcms tarball as source and copy extracted dir to
./third_party/ so cmake can find it.
* Split out new packages:
* gdk-pixbuf-loader-jxl: Pixbuf loader for supported apps.
* gimp-plugin-jxl: Plugin to allow gimp to work with JPEG XL
files.
* jxl-thumbnailer: Thumbnailer and mime files to allow
generating thumbnails for JPEG XL files.
==== libnma ====
Subpackages: libnma-glib-schema libnma-gtk4-0 libnma0 typelib-1_0-NMA4-1_0
- Add libnma-glib-schema Requires to libnma-gtk4-0 sub-package,
ensure libnma-glib-schema gets installed by default now that
gnome-control-center have ported to gtk4.
==== libqt5-qtbase ====
Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 libqt5-qtbase-platformtheme-gtk3
- switch icu-devel requires to pkgconfig to allow switching libicu
versions
==== libsecret ====
Version update (0.21.0 -> 0.21.1)
Subpackages: libsecret-1-0 typelib-1_0-Secret-1
- Update to version 0.21.1:
+ Fix updating credentials by another process in the same Flatpak
sandbox.
+ Migrate to g_memdup2.
+ Updated translations.
==== libsolv ====
Version update (0.7.24 -> 0.7.25)
Subpackages: libsolv-tools python3-solv ruby-solv
- support complex deps in SOLVABLE_PREREQ_IGNOREINST
- fix minimization not prefering installed packages in some cases
- reduce memory usage in repo_updateinfoxml
- fix lock-step interfering with architecture selection
- fix choice rule handing for package downgrades
- fix complex dependencies with an "else" part sometimes leading
to unsolved dependencies
- bump version to 0.7.25
==== libssh ====
Subpackages: libssh-config libssh4
- Enable crypto-policies support: [bsc#1211301]
* Rebase libssh_client.config libssh_server.config
==== libstorage-ng ====
Version update (4.5.141 -> 4.5.143)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- merge gh#openSUSE/libstorage-ng#949
- reduce manual memory handing
- 4.5.143
- merge gh#openSUSE/libstorage-ng#948
- fixed memory leak
- more consistent function naming
- 4.5.142
==== libvpx ====
- Fixing CVE-2023-5217 heap buffer overflow (boo#1215778)
added CVE-2023-5217.patch
==== mozjs115 ====
Version update (115.2.0 -> 115.2.1)
- Update to version 115.2.1:
+ Security fix: CVE-2023-4863: Heap buffer overflow in libwebp.
==== mpg123 ====
Version update (1.31.3 -> 1.32.2)
Subpackages: libmpg123-0 mpg123-openal
- Update to version 1.32.2
* libmpg123: Re-introduce _64 symbols on native 64 bit offset
platforms. This was a regression since 1.31 series. Sorry,
too much cleanup, not enough testing.
* build:
+ Better O_LARGEFILE logic, avoiding redefintion.
* ports/cmake:
+ Require C99 (bug 360, among other points, thanks to Ozkan
Sezer).
+ Fix broken O_LARGEFILE logic (bug 360).
+ Typo fix and cleanup, also manual SSE switch for Android
on old x86 (bug 359).
- Update to version 1.32.1
* Include man pages again in tarball and install. We cannot
avoid the empty man directory when disabling programs with
autoconf.
* Fix signal handler prototype, avoiding some justified warnings.
* ports/cmake:
+ Include CheckTypeSize, which seems to be needed sometimes
+ Avoid O_LARGEFILE redefinition, logic closer to autoconf.
- Update to version 1.32.0
* build
+ Move version handling out of configure.ac to ease other
build systems.
+ Include "fmt123.h" instead of <fmt123.h> in main API
headers to make it more likely the correct one is
included (at least gcc picks the one in the same directory
as the including header first).
+ All headers are build-independent now.
+ Fix build for picky linkers by avoiding definition of
wrap_getcpuflags() where it is not used (spurious linker
error to non-exitent getcpuflags(), bug 353).
+ Handle deprecation of C99 detection macro in autoconf 2.70.
+ No use of AC_SYS_LARGEFILE anymore for explicit handling
and differing choice for the libraries and frontend programs.
+ Added --enable-portable and --disable-largefile to
configure, removing the other largefile-related options.
+ Added --disable-components --enable-libmpg123 to only
build libmpg123 (and likewise --enable-libout123,
- -enable-libout123-modules, --enable-libsyn123) to autoconf
build. CMake build has something similar with BUILD_PROGRAMS
and BUILD_LIBOUT123, which leave only libmpg123 and libsyn123
if disabled).
+ Consistent formatting of ./configure --help with
AS_HELP_STRING().
* mpg123
+ Added --libversion.
+ Added proper A-B looping with terminal control key 'o',
renamed --pauseloop to --presetloop.
+ Really get rid of mpg123_position() usage. (It was all
lies before!)
+ Fix terminal progress info when seeking in stopped mode
(1.31 regression).
+ Patch up interaction of output buffer with generic remote
control, adding non-interruptible drain after P 3, and
dropping buffer on QUIT.
+ Uppercase some generic control replies for consinstency:
SILENCE, PROGRESS, MUTE, UNMUTE
* libmpg123, libout123, libsyn123
+ Bumped API version for version query functions.
+ Replaced nearly all symbol renames with explicit INT123_
prefix declarations (intsym.h close to empty now).
* libout123
+ Add sleep builtin output module (silent, but proper
timing).
* libsyn123
+ Introduced SYN123_PORTABLE_API for an API without off_t
and ssize_t (see NEWS.libsyn123).
* libmpg123
+ Internal I/O using explicit largefile support via off64_t,
lseek64, fallback to plain 32 bit off_t.
+ Added explicit 64 bit API with 64 suffix (mpg123_tell64(),
not mpg123_tell_64()).
This allows full avoidance of ambiguus off_t. The API is
always using 64 bit integers, regardless of internal
implementation.
+ Introduced MPG123_PORTABLE_API for an API subset without
off_t and ssize_t.
+ Made mpg123_seek() and friends ignore offset sign for
SEEK_END (always seeking towards beginning, assuming
negative offset) to make lseek()-conforming usage
possible. Seeking beyond the end never made sense, so no
loss of valid functionality.
* Overall use of INT123_strerror(), trying to use thread-safe
strerror_l() if possible.
==== open-vm-tools ====
Subpackages: libvmtools0 open-vm-tools-desktop
- 15 sp4 currently uses open-vm-tools rpms from 15 sp3. As such, enable
the spec file fix for bug (bsc#1205927) for 15 sp3 onwards.
- open-vm-tools is built with containerinfo plugin from 15 sp3 onwards
==== openssl-3 ====
Version update (3.1.2 -> 3.1.3)
Subpackages: libopenssl3
- Update to 3.1.3:
* Fix POLY1305 MAC implementation corrupting XMM registers on
Windows (CVE-2023-4807)
==== openssl ====
Version update (3.1.2 -> 3.1.3)
- Update to 3.1.3
==== p11-kit ====
Version update (0.24.1 -> 0.25.0)
Subpackages: libp11-kit0 p11-kit-tools
- Add d1d4b0ac316a27c739ff91e6c4153f1154e96e5a.patch: Fix probing
of C_GetInterface.
- Update to 0.25.0:
* add PKCS#11 3.0 support
* add support for profile objects
* add ability to adjust module and config paths at run-time via
system environmental exports
* make terminal output nicer
* p11-kit: add command to print merged configuration
* p11-kit: add commands to list, add and delete profiles of a token
* trust: add command to check format of .p11-kit files
* virtual: fix libffi type signatures for PKCS#11 3.0 functions
* server: fix umask setting when --group is specified
* server: check SHELL only when neither --sh nor --csh is specified
* rpc: use space string in C_InitToken
* rpc: fix two off-by-one errors identified by asan
* modules: make logging message more translatable
* pkcs11.h: support CRYPTOKI_GNU for IBM vendor mechanisms
* pkcs11.h: add IBM specific mechanism and attributes
* pkcs11.h: add ChaCha20/Salsa20 and Poly1305 mechanisms
* pkcs11.h: add AES-GCM mechanism parameters for message-based encryption
* po: update translations from Transifex
- Update upstream p11-kit.keyring file
- Add missing lang files
- Switch to using Meson as the build system
==== patterns-microos ====
Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-base-microdnf patterns-microos-base-packagekit patterns-microos-base-zypper patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-desktop-common patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-ra_agent patterns-microos-ra_verifier patterns-microos-selinux patterns-microos-sssd_ldap
- Add ksshaskpass5 (boo#1215407)
==== perl-HTTP-Message ====
Version update (6.44 -> 6.450.0)
- updated to 6.45
see /usr/share/doc/packages/perl-HTTP-Message/Changes
6.45 2023-09-27 14:27:31Z
- Allow for file ownership conflicts with Docker and GitHub Actions
(GH#193) (Olaf Alders)
- Add the 'status_code' function for getting all status codes as hash
(GH#194) (Dai Okabayashi)
==== polkit-default-privs ====
Version update (1550+20230912.0978001 -> 1550+20230920.74aeded)
- Update to version 1550+20230920.74aeded:
* udisks2: add additional NVME action (bsc#1214897)
==== python-alembic ====
Version update (1.11.2 -> 1.12.0)
- Clean up the SPEC file
- update to 1.12.0
* Added new feature to the "code formatter" function which allows standalone
executable tools to be run against code, without going through the Python
interpreter. Known as the `exec` runner, it complements the existing
`console_scripts` runner by allowing non-Python tools such as `ruff` to
be used.
* Change the default value of `.EnvironmentContext.configure.compare_type` to `True`.
As Alembic's autogenerate for types was dramatically improved in
version 1.4 released in 2020, the type comparison feature is now much
more reliable so is now enabled by default.
* Fixed issue where the `ForeignKeyConstraint.match` parameter would not be
rendered in autogenerated migrations.
* Fixed issue where the `revision_environment` directive in `alembic.ini`
was ignored by the `alembic merge` command, leading to issues when other
configurational elements depend upon `env.py` being invoked within the
command.
* Added support for `op.drop_constraint()` to support PostgreSQL
`ExcludeConstraint` objects, as well as other constraint-like objects
that may be present in third party dialects, by resolving the `type_`
parameter to be `None` for this case. Autogenerate has also been
enhanced to exclude the `type_` parameter from rendering within this
command when `type_` is `None`.
==== python-constantly ====
- Clean up the SPEC file
- use unbundled versioneer to build package
==== python-greenlet ====
Version update (2.0.2 -> 3.0.0~rc3)
- update to 3.0.0~rc3:
* Fix an intermittent error during process termination on some
platforms (GCC/Linux/libstdc++).
* Fix some potential bugs (assertion failures and memory leaks) in
previously-untested error handling code. In some cases, this means
that the process will execute a controlled ``abort()`` after severe
trouble when previously the process might have continued for some
time with a corrupt state. It is unlikely those errors occurred in
practice.
* Fix some assertion errors and potential bugs with re-entrant
switches.
* Fix a potential crash when certain compilers compile greenlet with
high levels of optimization. The symptom would be that switching to
a greenlet for the first time immediately crashes.
* Fix a potential crash when the callable object passed to the
greenlet constructor (or set as the ``greenlet.run`` attribute) has
a destructor attached to it that switches. Typically, triggering
this issue would require an unlikely subclass of
``greenlet.greenlet``.
* Python 3.11+: Fix rare switching errors that could occur when a
garbage collection was triggered during the middle of a switch, and
Python-level code in ``__del__`` or weakref callbacks switched to a
different greenlet and ultimately switched back to the original
greenlet. This often manifested as a ``SystemError``: "switch
returned NULL without an exception set."
* Python 3.12: Fix walking the frame stack of suspended greenlets.
Previously accessing ``glet.gr_frame.f_back`` would crash due to
`changes in CPython's undocumented internal frame handling
* Make the platform-specific low-level C/assembly snippets stop using
the ``register`` storage class. Newer versions of standards remove
this storage class, and it has been generally ignored by many
compilers for some time. See `PR 347
<https://github.com/python-greenlet/greenlet/pull/347>`_ from Khem
Raj.
* Add initial support for Python 3.12. See `issue
<https://github.com/python-greenlet/greenlet/issues/323>`_ and `PR
<https://github.com/python-greenlet/greenlet/pull/327>`_; thanks go
to (at least) Michael Droettboom, Andreas Motl, Thomas A Caswell,
raphaelauv, Hugo van Kemenade, Mark Shannon, and Petr Viktorin.
* Remove support for end-of-life Python versions, including Python
2.7, Python 3.5 and Python 3.6.
* Require a compiler that supports ``noinline`` directives. See
`issue 271
<https://github.com/python-greenlet/greenlet/issues/266>`_.
* Require a compiler that supports C++11.
==== python-jsonschema ====
Version update (4.18.6 -> 4.19.1)
- update to 4.19.1:
* Allow single label hostname in format string by @swaeberle in
[#1164]
- update to 4.19.0:
* Importing the |Validator| protocol directly from the package
root is deprecated. Import it from
|jsonschema.protocols.Validator| instead.
* Automatic retrieval of remote references (which is still
deprecated) now properly succeeds even if the retrieved
resource does not declare which version of JSON Schema it uses.
Such resources are assumed to be 2020-12 schemas. This more
closely matches the pre-|referencing| library behavior.
==== python-tornado6 ====
Version update (6.3.2 -> 6.3.3)
- Update to 6.3.3
* The Content-Length header and chunked Transfer-Encoding sizes
are now parsed more strictly (according to the relevant RFCs)
to avoid potential request-smuggling vulnerabilities when
deployed behind certain proxies.
- Add py312-datetime.patch to fix build with Python 3.12
==== sddm ====
Subpackages: sddm-branding-openSUSE
- Remove unnecessary Requires(post*)
- Config file changes:
* No longer own sddm.conf. The migration for this conflicts with
the other migration code, so:
* Drop code for migrating from Current=maui (Leap <= 42.2)
and the monolithic /etc/sddm.conf (Leap <= 42.3)
- Add patch and drop unnecessary BuildRequirements of
extra-cmake-modules and kf5-filesystem:
* 0001-Drop-unnecessary-ECM-dependency-and-dead-uninstall-t.patch
- Split the greeter into a subpackage and use _multibuild to build
both daemon and greeter for Qt 5 and Qt 6. Add patches to allow
for greeter coinstallation:
* 0002-Make-sddm-greeter-for-Qt-5-and-Qt-6-coinstallable.patch
* 0003-Let-themes-specify-the-used-version-of-Qt.patch
- Refresh 0001-Read-the-DISPLAYMANAGER_AUTOLOGIN-value-from-sysconf.patch
- Don't set CMAKE_BUILD_TYPE=Release
- Make branding packages noarch
- Add %check
==== smartmontools ====
- Do not quit with an error when no drives to monitor are available (bsc#990406 bsc#1167051).
- Add smartd_service_dont_quit.patch
- Refresh harden_smartd.service.patch
- Run through spec-cleaner, use autosetup
==== stoken ====
Version update (0.92 -> 0.93)
- Version update to 0.93:
* upstream moved to github
* Drop support for versions of nettle older than 2014
* Further v4 token work
* fixes in README
* Add --both option to print current and next token
* Support for v4 token decode
* Remove bashisms (Alon Bar-Lev)
==== systemd ====
Subpackages: libsystemd0 libudev1 systemd-coredump systemd-doc udev
- systemd.spec: during package updates, restart localed, timedated and hostnamed
if they're running.
- systemd.spec: when enabling units prefer enabling service units over socket
ones for socket activable services. The services shipped by systemd
automatically redirect the enablement request to the socket unit.
==== tracker ====
Subpackages: libtracker-sparql-3_0-0 tracker-data-files
- use pkgconfig(icu-i18n) to use the current libicu. (jsc#PED-6193)
==== tuned ====
Version update (2.20.0.18+git.7b1a20b -> 2.21.0.0+git.670541d)
- Update to version 2.21.0.0+git.670541d:
* new release (2.21.0)
* api: fixed stop method not to require any parameter
* new release (2.21.0-rc.1)
* gui: multiple fixes and warnings removal
* gui: fixed inconsistent tabs and spaces, introduced by #516
* Serialize SIGHUP processing
* No errors when physical_package_id file does not exist
* Update tests: disable systemd rate limiting.
* network-latency: enable rcu_normal_after_boot=1 kernel parameter
* remove ktimer_lockless_check sysfs setting from realtime-virtual profiles
* move rtentsk to network-latency profile
* move "tsc=reliable" setting from realtime to network-latency tuned configuration
* unify common sysctl settings between realtime and cpu-partitioning profiles
* Rename rollback-related constants and variables
* Add rollback option to tuned-main.conf
* Recast README into MarkDown with various minor corrections and improvements
* Remove setting ip forwarding via openshift profile
* Fix logging in [scheduler] plug-in
* fixed sap-hana docu regarding processor power settings
* Added sap-hana-kvm-guest profile
* tests/beakerlib: Add new test which covers socket API.
* plugin_net: expand variables properly
* fix typo
* add error dialog when no active profile set
==== udisks2 ====
Version update (2.9.4 -> 2.10.0)
Subpackages: libudisks2-0 libudisks2-0_btrfs
- Add Obsoletes tags for libudisks2-0_bcache and libudisks2-0_zram
modules, dropped on latest version bump, so they get removed from
end users' systems upon system upgrade.
- Drop unnecessary/discouraged %{?systemd_requires} from spec file.
- Update to version 2.10.0:
+ This release brings large number of internal changes, while
keeping the promise of API stability. This development cycle
was mostly driven by libblockdev 3.0 API overhaul.
+ Partitioning was ported to libfdisk.
+ The kbd and vdo libblockdev plugins were removed and so were
zram, bcache and vdo udisks modules.
+ Definition of supported filesystems was moved to libblockdev
and filesystem operations were unified.
+ Native NVMe support has been added through libnvme.
+ Syntax of configurable mount options was extended to separate
filesystem signature and filesystem driver used for mounting.
+ A number of workarounds was placed around the
org.freedesktop.UDisks2.Filesystem.Size property value
retrieval to avoid excessive I/O traffic whenever possible.
+ Bash and Zsh completion enhancements.
+ lvm2 module uevent handling improvements.
+ ATA Secure Erase is now allowed only on top-level block
objects.
+ Extra iSCSI node parameters are now honoured properly.
+ FIPS mode fixes.
+ Added support for resolving devices by PARTLABEL and PARTUUID.
+ Full support for setting filesystem and partition UUIDs.
+ Dynamic mountpoint name sanitization and ACL fixes.
+ Added support for LVM2 RAID.
+ UUID of Bitlocker volumes is now properly exposed.
+ Added an option to force/avoid creation of mdraid write-intent
bitmap.
+ Updated translations.
- Drop default_luks_encryption macro definition. It's no longer
needed as upstream defaults to LUKS2 now.
- Drop bcache, vdo and zram sub-packages, following upstream
changes, and libblockdev-kbd(-devel) BuildRequires/Requires.
- Drop bogus build requirement on libblockdev-lvm-dbus-devel, and
move libblockdev-lvm-devel BuildRequires to the lvm2 module
sub-package.
- Move libconfig and libstoragemgmt pkgconfig() BuildRequires to
the lsm module sub-package, and libblockdev-btrfs-devel
BuildRequires to the btrfs modules sub-package, which is where
they belong.
- Add libblockdev-nvme-devel BuildRequires and libblockdev-nvme
Requires as new required dependencies.
- Drop harden_udisks2-zram-setup@.service.patch: It's unneeded now
that the zram module has been deprecated.
- Drop merged upstream patches:
0001-udisksata-Move-the-low-level-PM-state-call.patch,
0001-udiskslinuxfilesystem-Make-the-size-property-retriev.patch,
0001-udiskslinuxmountoptions-Do-not-free-static-daemon-re.patch,
0001-udiskslinuxprovider-Only-update-related-objects-on-u.patch.
- Split Bash and Zsh (new to this release) completion scripts to
sub-packages of their own.
- Amend GPL-2.0-or-later License tags to LGPL-2.0-or-later for the
btrfs, lvm2 and lsm UDisks modules sub-packages. This correction
is based on what's explicitly stated on the source code from
UDisks modules' folders under the modules/ top-level directory.
==== unar ====
- use pkgconfig(icu-uc) to use the current libicu. (jsc#PED-6193)
==== xdg-utils ====
Version update (1.1.3+20230830 -> 1.1.3+20230831)
- Update to version 1.1.3+20230831:
* Revert putting process in background from !55
- revert _service to the original state
- revert drop of xdg-terminal-don-t-run-kreadconfig-if-KDE_SESSION_VE.patch
(bsc#1215384)
==== yast2-bootloader ====
Version update (4.6.2 -> 5.0.2)
- Fixed testsuite for architectures other than x86_64.
- 5.0.2
- Supporting systemd-boot for architecture x86_64.
This feature can be enabled/disabled by the "enable_systemd_boot"
flag in the product description file for each product
(default is disabled).
- 5.0.1
- 5.0.0 (#bsc1185510)
- support 32 bit UEFI firmware on x86_64/i386 architecture (bsc#1208003,
jsc#PED-2569)
- 4.6.3
==== yast2-installation ====
Version update (4.6.7 -> 5.0.1)
- Adapt code for changes in yast2-bootloader done for systemd-boot
experimental support (jsc#PED-1906)
- 5.0.1
- 5.0.0 (#bsc1185510)
==== yast2-python-bindings ====
Version update (4.6.0 -> 5.0.1)
- Fix inspect.getargspec() removed in python3.11; (bsc#1215226);
- 5.0.1
- 5.0.0 (#bsc1185510)
==== yast2-storage-ng ====
Version update (4.6.12 -> 5.0.1)
- AutoYaST: official support for LUKS2 (jsc#PED-3878, jsc#PED-5518)
- 5.0.1
- 5.0.0 (#bsc1185510)
==== yast2-users ====
Version update (4.6.4 -> 5.0.1)
- Don't use obsolete method Dir.exists? (bsc#1215637)
- 5.0.1
- 5.0.0 (#bsc1185510)
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
MozillaFirefox (117.0.1 -> 118.0.1)
argyllcms (2.3.1 -> 3.0.0)
glibc
gstreamer (1.22.5 -> 1.22.6)
gstreamer-plugins-bad (1.22.5 -> 1.22.6)
gstreamer-plugins-base (1.22.5 -> 1.22.6)
gstreamer-plugins-good (1.22.5 -> 1.22.6)
libqt5-qtbase
libssh
libvpx
mpg123 (1.31.3 -> 1.32.2)
open-vm-tools
openssl-3 (3.1.2 -> 3.1.3)
openssl (3.1.2 -> 3.1.3)
perl-HTTP-Message (6.44 -> 6.450.0)
python-greenlet (2.0.2 -> 3.0.0~rc3)
sddm
smartmontools
yast2-python-bindings (4.6.0 -> 5.0.1)
=== Details ===
==== MozillaFirefox ====
Version update (117.0.1 -> 118.0.1)
Subpackages: MozillaFirefox-translations-common
- Mozilla Firefox 118.0.1
MFSA 2023-44 (bsc#1215814)
* CVE-2023-5217 (bmo#1855550),
Heap buffer overflow in libvpx
- Mozilla Firefox 118.0
MFSA 2023-41 (bsc#1215575)
* CVE-2023-5168 (bmo#1846683)
Out-of-bounds write in FilterNodeD2D1
* CVE-2023-5169 (bmo#1846685)
Out-of-bounds write in PathOps
* CVE-2023-5170 (bmo#1846686)
Memory leak from a privileged process
* CVE-2023-5171 (bmo#1851599)
Use-after-free in Ion Compiler
* CVE-2023-5172 (bmo#1852218)
Memory Corruption in Ion Hints
* CVE-2023-5173 (bmo#1823172)
Out-of-bounds write in HTTP Alternate Services
* CVE-2023-5174 (bmo#1848454)
Double-free in process spawning on Windows
* CVE-2023-5175 (bmo#1849704)
Use-after-free of ImageBitmap during process shutdown
* CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824, bmo#1843962,
bmo#1848890, bmo#1850180, bmo#1850983, bmo#1851195)
Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3,
and Thunderbird 115.3
- requires NSS 3.93
- add mozilla-bmo1822730.patch
- deactivated KDE integration temporarily
(removed mozilla-kde.patch and firefox-kde.patch for now)
==== argyllcms ====
Version update (2.3.1 -> 3.0.0)
- Update to 3.0.0:
* Updated ccast/axTLS to get ChromCast working again with latest Google CC
operating software.
* Extensive re-write/re-factor of icclib to make it more future-proof.
See https://www.argyllcms.com/doc/ChangesSummary.html for details.
* Added ref/ColorCheckerPassport.ti2 and ref/ColorCheckerHalfPassport.ti2
to allow measuring ColorCheckerPassport with instrument.
* Fixed bug in Munki spectro hi-res mode with some instruments. Luminance
matching between normal and hi-res was sometimes quite poor.
* Added ARGYLL_CREATE_DISPLAY_PROFILE_WITHOUT_CHAD environment variable.
* Changed colprof -U flag to -u. Changed dispcal -J flag to -K to accommodate
a potential new flag for colprof and dispcal.
* Added workaround for bug in madHcNet64.dll32/64.dll which sometimes causes
failure.
* Added delay after USB set_config on OS X to help Spyder 3/4 on Ventura OS.
* Added -Y parameter to dispwin to override automatic patch delay.
* Changed i1d3 driver to cope with Rev. B "0x83" error robustly. This should
fix any issues measuring low level Red only patch values on OLED displays,
but with slower measurements when this occurs.
* Added spotread -Y S option to save spectral sensitivity curves and added
corresponding support in i1d3 driver. This allows for comparison of different
instruments factory calibrations.
* Added a -h scale parameter to dispread, to allow the automatic instrument
calibration test patch values to be scaled down from their default 100%
value. This is useful with HDR displays.
* Added manifest to MSWindows executables to use UTF-8 code pages on Windows
1903 and later. This should improve non-ASCII filename and path handling.
* Added a Violet colorant to the targen colorant list.
* Fixed problem with OS X 64 bit backwards compatibility where it failed to
locate serial instruments when the binaries are run on OS X V12 or latter
machines.
* Fixed bug in i1Pro3 driver where it was not returning the correct
measurement conditions enum.
* Fixed spotread so that ambient measure for monochrome sources doesn't error
out due to bad CCT/VCT/VDT. Also change -T so that it suppresses CCT etc. if
ambient mode is used.
* Added hacky workaround to strange Mac M2/rosetta bug in del_i1proimp().
- Make the argyllcms-doc package noarch.
==== glibc ====
Subpackages: glibc-extra glibc-lang glibc-locale glibc-locale-base nscd
- fstat-implementation.patch: io: Do not implement fstat with fstatat
- getaddrinfo-memory-leak.patch: Fix leak in getaddrinfo introduced by the
fix for CVE-2023-4806 (CVE-2023-5156, bsc#1215714, BZ #30884)
- getcanonname-use-after-free.patch: getaddrinfo: Fix use after free in
getcanonname (CVE-2023-4806, bsc#1215281, BZ #30843)
- Do not build any cross packages in SLES
- no-aaaa-read-overflow.patch: Stack read overflow with large TCP
responses in no-aaaa mode (CVE-2023-4527, bsc#1215280, BZ #30842)
- Add systemd to passwd, group and shadow lookups (jsc#PED-5188)
- ppc64-flock-fob64.patch: io: Fix record locking contants for powerpc64
with __USE_FILE_OFFSET64 (BZ #30804)
- libio-io-vtables.patch: libio: Fix oversized __io_vtables
- call-init-proxy-objects.patch: elf: Do not run constructors for proxy
objects
- dtors-reverse-ctor-order.patch: elf: Always call destructors in reverse
constructor order (BZ #30785)
- intl-c-utf-8-like-c-locale.patch: intl: Treat C.UTF-8 locale like C
locale (BZ #16621)
- glibc-disable-gettext-for-c-utf8.patch: Removed
==== gstreamer ====
Version update (1.22.5 -> 1.22.6)
Subpackages: gstreamer-lang libgstreamer-1_0-0 typelib-1_0-Gst-1_0
- Update to version 1.22.6:
+ Highlighted bugfixes:
- Security fixes for the MXF demuxer and H.265 video parser
- Fix latency regression in H.264 hardware decoder base class
- androidmedia: fix HEVC codec profile registration and fix
coded_data handling
- decodebin3: fix switching from a raw stream to an encoded
stream
- gst-inspect: prettier and more correct signal and action
signals printing
- rtmp2: Allow NULL flash version, omitting the field, for
better RTMP server compatibility
- rtspsrc: better compatibility with buggy RTSP servers that
don't set a clock-rate
- rtpjitterbuffer: fix integer overflow that led to more
packets being declared lost than have been lost
- v4l2: fix video encoding regression on RPi and fix support
for left and top padding
- waylandsink: Crop surfaces to their display width height
- cerbero: Recognise Manjaro; add Rust support for MSVC ARM64;
cmake detection fixes
- Various bug fixes, memory leak fixes, and other stability and
reliability improvements
+ gstreamer:
- gst-inspect: prettier and more correct signal printing, and
print action signals in g_signal_emit_by_name() format
- gst-launch: Disable fault signal handlers on macOS
- Rebase reduce-required-meson.patch
==== gstreamer-plugins-bad ====
Version update (1.22.5 -> 1.22.6)
Subpackages: gstreamer-plugins-bad-lang libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0
- Update to version 1.22.6:
+ audiolatency: Forward latency query and event upstream
+ av1parser: Fix segmentation params update
+ codecparsers: Fix MPEG-1 aspect ratio table
+ d3d11convert: Passthrough allocation query on same caps
+ h264decoder: Update latency dynamically
+ h265parser:
- Allow partially broken hvcC data
- Fix possible overflow using max_sub_layers_minus1
+ hlssink2: Always use forward slash separator
+ mdns: Fix a crash on context error
+ mxfdemux: Fix integer overflow causing out of bounds writes
when handling invalid uncompressed video and check channels for
AES3
+ nvencoder: Fix negotiation error when interlace-mode is
unspecified
+ rtmp2: Allow NULL flash version, omitting the field
+ rtmp2sink: fix crash if message conversion failed
+ transcodebin: Fixes for upstream selectable support
+ va: Fix in error logs functions mismatches
+ waylandsink:
- Crop surfaces to their display width height
- Fix cropping for video with non-square aspect ratio
+ webrtc: Fix docs for create-data-channel action signal
- Rebase reduce-required-meson.patch
==== gstreamer-plugins-base ====
Version update (1.22.5 -> 1.22.6)
Subpackages: gstreamer-plugins-base-lang libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstTag-1_0
- Update to version 1.22.6:
+ audio: Make sure to stop ringbuffer on error
+ decodebin3:
- Avoid identity, sinkpad, parsebin leakage when reset input
- Ensure the slot is unlinked before linking to decoder
+ sdp:
- Fix wrong debug log error message for missing clock-rate in
caps
- Parse zero clock-rate as default
- Rebase reduce-required-meson.patch
==== gstreamer-plugins-good ====
Version update (1.22.5 -> 1.22.6)
Subpackages: gstreamer-plugins-good-gtk gstreamer-plugins-good-lang
- Update to version 1.22.6:
+ adaptivedemux2: fix memory leak
+ pulsedeviceprovider: fix incorrect usage of GST_ELEMENT_ERROR
+ qt:
- Unbreak build with qt-egl enabled but viv_fb missing
- Fix searching of qt5/qt6 tools with qmake in Meson
+ qtdemux:
- Fix premature EOS when some files are played in push mode
- Attach cbcs crypt info at the right moment
+ rtpjitterbuffer: Avoid integer overflow in max saveable packets
calculation with negative offset
+ videoflip: fix concurrent access when modifying the tag list
+ v4l2:
- allocator: Don't close foreign dmabuf
- bufferpool:
. Fix large encoded stream regression
. Problems when checking for truncated buffer
- Fix support for left and top padding
+ v4l2object: clear format lists if source change event is
received
- Rebase reduce-required-meson.patch
- Add libqt5-linguist BuildRequires: New dependency.
==== libqt5-qtbase ====
Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5OpenGL5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 libqt5-qtbase-platformtheme-gtk3
- switch icu-devel requires to pkgconfig to allow switching libicu
versions
==== libssh ====
Subpackages: libssh-config libssh4
- Enable crypto-policies support: [bsc#1211301]
* Rebase libssh_client.config libssh_server.config
==== libvpx ====
- Fixing CVE-2023-5217 heap buffer overflow (boo#1215778)
added CVE-2023-5217.patch
==== mpg123 ====
Version update (1.31.3 -> 1.32.2)
Subpackages: libmpg123-0 mpg123-openal
- Update to version 1.32.2
* libmpg123: Re-introduce _64 symbols on native 64 bit offset
platforms. This was a regression since 1.31 series. Sorry,
too much cleanup, not enough testing.
* build:
+ Better O_LARGEFILE logic, avoiding redefintion.
* ports/cmake:
+ Require C99 (bug 360, among other points, thanks to Ozkan
Sezer).
+ Fix broken O_LARGEFILE logic (bug 360).
+ Typo fix and cleanup, also manual SSE switch for Android
on old x86 (bug 359).
- Update to version 1.32.1
* Include man pages again in tarball and install. We cannot
avoid the empty man directory when disabling programs with
autoconf.
* Fix signal handler prototype, avoiding some justified warnings.
* ports/cmake:
+ Include CheckTypeSize, which seems to be needed sometimes
+ Avoid O_LARGEFILE redefinition, logic closer to autoconf.
- Update to version 1.32.0
* build
+ Move version handling out of configure.ac to ease other
build systems.
+ Include "fmt123.h" instead of <fmt123.h> in main API
headers to make it more likely the correct one is
included (at least gcc picks the one in the same directory
as the including header first).
+ All headers are build-independent now.
+ Fix build for picky linkers by avoiding definition of
wrap_getcpuflags() where it is not used (spurious linker
error to non-exitent getcpuflags(), bug 353).
+ Handle deprecation of C99 detection macro in autoconf 2.70.
+ No use of AC_SYS_LARGEFILE anymore for explicit handling
and differing choice for the libraries and frontend programs.
+ Added --enable-portable and --disable-largefile to
configure, removing the other largefile-related options.
+ Added --disable-components --enable-libmpg123 to only
build libmpg123 (and likewise --enable-libout123,
- -enable-libout123-modules, --enable-libsyn123) to autoconf
build. CMake build has something similar with BUILD_PROGRAMS
and BUILD_LIBOUT123, which leave only libmpg123 and libsyn123
if disabled).
+ Consistent formatting of ./configure --help with
AS_HELP_STRING().
* mpg123
+ Added --libversion.
+ Added proper A-B looping with terminal control key 'o',
renamed --pauseloop to --presetloop.
+ Really get rid of mpg123_position() usage. (It was all
lies before!)
+ Fix terminal progress info when seeking in stopped mode
(1.31 regression).
+ Patch up interaction of output buffer with generic remote
control, adding non-interruptible drain after P 3, and
dropping buffer on QUIT.
+ Uppercase some generic control replies for consinstency:
SILENCE, PROGRESS, MUTE, UNMUTE
* libmpg123, libout123, libsyn123
+ Bumped API version for version query functions.
+ Replaced nearly all symbol renames with explicit INT123_
prefix declarations (intsym.h close to empty now).
* libout123
+ Add sleep builtin output module (silent, but proper
timing).
* libsyn123
+ Introduced SYN123_PORTABLE_API for an API without off_t
and ssize_t (see NEWS.libsyn123).
* libmpg123
+ Internal I/O using explicit largefile support via off64_t,
lseek64, fallback to plain 32 bit off_t.
+ Added explicit 64 bit API with 64 suffix (mpg123_tell64(),
not mpg123_tell_64()).
This allows full avoidance of ambiguus off_t. The API is
always using 64 bit integers, regardless of internal
implementation.
+ Introduced MPG123_PORTABLE_API for an API subset without
off_t and ssize_t.
+ Made mpg123_seek() and friends ignore offset sign for
SEEK_END (always seeking towards beginning, assuming
negative offset) to make lseek()-conforming usage
possible. Seeking beyond the end never made sense, so no
loss of valid functionality.
* Overall use of INT123_strerror(), trying to use thread-safe
strerror_l() if possible.
==== open-vm-tools ====
Subpackages: libvmtools0 open-vm-tools-desktop
- 15 sp4 currently uses open-vm-tools rpms from 15 sp3. As such, enable
the spec file fix for bug (bsc#1205927) for 15 sp3 onwards.
==== openssl-3 ====
Version update (3.1.2 -> 3.1.3)
Subpackages: libopenssl3
- Update to 3.1.3:
* Fix POLY1305 MAC implementation corrupting XMM registers on
Windows (CVE-2023-4807)
==== openssl ====
Version update (3.1.2 -> 3.1.3)
- Update to 3.1.3
==== perl-HTTP-Message ====
Version update (6.44 -> 6.450.0)
- updated to 6.45
see /usr/share/doc/packages/perl-HTTP-Message/Changes
6.45 2023-09-27 14:27:31Z
- Allow for file ownership conflicts with Docker and GitHub Actions
(GH#193) (Olaf Alders)
- Add the 'status_code' function for getting all status codes as hash
(GH#194) (Dai Okabayashi)
==== python-greenlet ====
Version update (2.0.2 -> 3.0.0~rc3)
- update to 3.0.0~rc3:
* Fix an intermittent error during process termination on some
platforms (GCC/Linux/libstdc++).
* Fix some potential bugs (assertion failures and memory leaks) in
previously-untested error handling code. In some cases, this means
that the process will execute a controlled ``abort()`` after severe
trouble when previously the process might have continued for some
time with a corrupt state. It is unlikely those errors occurred in
practice.
* Fix some assertion errors and potential bugs with re-entrant
switches.
* Fix a potential crash when certain compilers compile greenlet with
high levels of optimization. The symptom would be that switching to
a greenlet for the first time immediately crashes.
* Fix a potential crash when the callable object passed to the
greenlet constructor (or set as the ``greenlet.run`` attribute) has
a destructor attached to it that switches. Typically, triggering
this issue would require an unlikely subclass of
``greenlet.greenlet``.
* Python 3.11+: Fix rare switching errors that could occur when a
garbage collection was triggered during the middle of a switch, and
Python-level code in ``__del__`` or weakref callbacks switched to a
different greenlet and ultimately switched back to the original
greenlet. This often manifested as a ``SystemError``: "switch
returned NULL without an exception set."
* Python 3.12: Fix walking the frame stack of suspended greenlets.
Previously accessing ``glet.gr_frame.f_back`` would crash due to
`changes in CPython's undocumented internal frame handling
* Make the platform-specific low-level C/assembly snippets stop using
the ``register`` storage class. Newer versions of standards remove
this storage class, and it has been generally ignored by many
compilers for some time. See `PR 347
<https://github.com/python-greenlet/greenlet/pull/347>`_ from Khem
Raj.
* Add initial support for Python 3.12. See `issue
<https://github.com/python-greenlet/greenlet/issues/323>`_ and `PR
<https://github.com/python-greenlet/greenlet/pull/327>`_; thanks go
to (at least) Michael Droettboom, Andreas Motl, Thomas A Caswell,
raphaelauv, Hugo van Kemenade, Mark Shannon, and Petr Viktorin.
* Remove support for end-of-life Python versions, including Python
2.7, Python 3.5 and Python 3.6.
* Require a compiler that supports ``noinline`` directives. See
`issue 271
<https://github.com/python-greenlet/greenlet/issues/266>`_.
* Require a compiler that supports C++11.
==== sddm ====
Subpackages: sddm-branding-openSUSE
- Remove unnecessary Requires(post*)
- Config file changes:
* No longer own sddm.conf. The migration for this conflicts with
the other migration code, so:
* Drop code for migrating from Current=maui (Leap <= 42.2)
and the monolithic /etc/sddm.conf (Leap <= 42.3)
- Add patch and drop unnecessary BuildRequirements of
extra-cmake-modules and kf5-filesystem:
* 0001-Drop-unnecessary-ECM-dependency-and-dead-uninstall-t.patch
- Split the greeter into a subpackage and use _multibuild to build
both daemon and greeter for Qt 5 and Qt 6. Add patches to allow
for greeter coinstallation:
* 0002-Make-sddm-greeter-for-Qt-5-and-Qt-6-coinstallable.patch
* 0003-Let-themes-specify-the-used-version-of-Qt.patch
- Refresh 0001-Read-the-DISPLAYMANAGER_AUTOLOGIN-value-from-sysconf.patch
- Don't set CMAKE_BUILD_TYPE=Release
- Make branding packages noarch
- Add %check
==== smartmontools ====
- Do not quit with an error when no drives to monitor are available (bsc#990406 bsc#1167051).
- Add smartd_service_dont_quit.patch
- Refresh harden_smartd.service.patch
- Run through spec-cleaner, use autosetup
==== yast2-python-bindings ====
Version update (4.6.0 -> 5.0.1)
- Fix inspect.getargspec() removed in python3.11; (bsc#1215226);
- 5.0.1
- 5.0.0 (#bsc1185510)
1
0