Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
ImageMagick (7.1.1.17 -> 7.1.1.18)
conmon
libnvme (1.4 -> 1.6)
nvme-cli (2.4 -> 2.6)
pam-config (2.8 -> 2.9)
podman (4.6.2 -> 4.7.0)
poppler
poppler-qt5
suse-module-tools (16.0.35 -> 16.0.36)
xdg-desktop-portal-kde
xdg-utils (1.1.3+20230831 -> 1.2.0~beta1+20230929)
=== Details ===
==== ImageMagick ====
Version update (7.1.1.17 -> 7.1.1.18)
Subpackages: ImageMagick-config-7-SUSE libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10
- version update to 7.1.1.18
* upstream changelog:
https://github.com/ImageMagick/Website/blob/main/ChangeLog.md
==== conmon ====
- go 1.19 EOL, swith to go >= 1.20
* [bsc#1215806]
==== libnvme ====
Version update (1.4 -> 1.6)
Subpackages: libnvme-mi1 libnvme1
- Update to version 1.6:
* docs: Fix Read-the-Docs configuration (deprecated config param)
* mi-mctp: Fix free() in error path of mi_open_mctp
* types: Use NVME_SET for status type mask to get status value
* types: Define FLBAS MASK and SHIFT to use NVME_GET
* types: Support Phy Rx Eye Opening Measurement Log
* log: Add nvme root global variable to set for default output
* types: Add support for the OAQD ID controller field
* test: use non deprecated API
* test: add tests for Get/Set Features functions
* ioctl: implement nvme_set_features_lba_range()
* ioctl: pass NSID in Get/Set Features commands that use it
* ioctl: fix swapped parameters in nvme_set_features_host_id()
* ioctl: export nvme_{g,s}et_features_iocs_profile()
* ioctl: pass ENDGID in nvme_get_features_endurance_event_cfg()
* ioctl: don't set SAVE bit on unsaveable features
* ioctl: avoid sending uninitialized timestamp
* ioctl: pass data for Get/Set Features commands
* ioctl: set correct bits in Set Features commands
* ioctl: correct feature IDs in Get/Set Features commands
* tree: Add 2 new public functions to lookup existing controllers
* ioctl: Add debugging feature to show command outputs
* Fix incorrect article 'an' as 'a' to use for a description
* linux: Added functions to enable faster telemetry data retrieval. Moved telemetry data area support detection into separate function. Added possibility to modify data transfer chunk size. Enable telemetry extraction up to specified data area. Removed some printf() and perror().
* test: account for discovery log page entry stripping
* fabrics: unconditionally strip discovery entry strings
* fabrics: only look for spaces in strchomp()
* tree: Use early return instead of else statements
* test: fix lookup test case
* test: make all function static
* test: add tests for new tcp controller matching algorithm
* tree: Improve TCP controller matching algorithm
* util: Add functions to parse the system's interfaces
* types: Add support for EGFEAT, Domain Identifier, TEGCAP and UEGCAP
* mi: remove nsid from nvme_mi_admin_identify_secondary_ctrl_list()
* test: add tests for nvme_ctrl_get_src_addr()
* tree: Add nvme_ctrl_get_src_addr() to get the controller's src_addr
* util: Split _nvme_ipaddrs_eq() from nvme_ipaddrs_eq()
* test: add tests for Identify functions
* ioctl: use available Identify helper functions
* test: pass a large enough buffer to nvme_identify_ns_descs()
* ioctl: remove nsid from nvme_identify_secondary_ctrl_list()
* meson: Don't hard-code path to "internal/config.h"
* fabrics: Do not pass disable_sqflow if not supported
* fabrics: Read the supported options lazy
* test: add discovery log page tests
* test: add infra for mocking passthru ioctls
* tree: fix segfault in nvme_scan_subsystem()
* src/nvme/tree.c: make __nvme_scan_subsystem() returning bool
* doc: fix minor mistake in README.md about dependencies
* nvme-tree: avoid warning in 'list-subsys'
* tree: Add getter for subsystem iopolicy
* fabrics: Consider also all hosts settings for context match
* tree: Scan all subsystems
* doc: Fixing compile instruction in README
* mi: allow non-4-byte-aligned responses
* mi-mctp: use a linear response buffer
* mi: implement length and offset alignment checks in admin_xfer()
* tree: Don't open nvme devices until it's absolutely required
* tree: missing closedir() causes fd leak for "/sys/bus/pci/slots"
* mi: don't return from mi_mctp_submit with a tag held
* util: Provide empty nvme_ipaddrs_eq for static builds
* fabrics: Relax match on well known disc ctrl lookup
* tree: Ignore NULL address pointer for phy slot lookup
* fabrics: Filter discovery ctrls out during application context check
* util: Add ignored error code
* json: Use memory block allocated by realloc() instead printbuf
* util: Use HAVE_NETDB instead of HAVE_LIBNSS
* tree: Add PCI physical slot number for controller
* tree: Use nvme_ipaddrs_eq() to compare IP addresses
* fabrics: Add EADDRNOTAVAIL error mapping
* fabrics: filter out subsystems with non-matching application string
* libnvme: add 'application' setting to nvme_root
* libnvme: add 'application' setting to the subsystem
* test: Add more code coverage for nvme_ipaddrs_eq()
* util: rename ipaddrs_eq() to nvme_ipaddrs_eq() and make public.
* util: Add ipaddrs_eq() to check whether two IP addresses are equal
* test: Add unit test for ctrl lookups
* ioctl: fix RAE bit on last Get Log Page command
* fabrics: check genctr after getting discovery entries
* fabrics: handle /dev/nvme-fabrics read failure
* fabrics: fix potential invalid memory access in __nvmf_supported_option()
* Python: Fix crash during garbage collection
* python/swig: Check swig version to determine whether -py3 is needed
* python/swig: Wrap swig-sensitive struct inside #ifwdef SWIG
* mi: Add nvme_mi_ctrl_id to retrieve controller ID
* Python: Suppress swig warnings about unnamed struct
* examples: fix incorrect controller status in MI info output
* ioctl: Explicitly initialize all members of struct nvme_ns_mgmt_args
* Python: make NBFT data more pythonic
* ioctl: io management send, receive args fix
* python: Update test data
* NBFT: Remove documentation from nbft.c since it's also in nbft.h
* Python: Add NBFT support
* nbft: Doc typo - Use nvme_nbft_free() instead of nbft_free()
* nbft: Parse the {HOSTID,HOSTNQN}_CONFIGURED flags
* nbft: Fix nbft_ssns_flags endianness test
* nbft: Add a simple unit test
* doc: Update README
... changelog too long, skipping 12 lines ...
* tree: Fix argument check in nvme_bytes_to_lba
==== nvme-cli ====
Version update (2.4 -> 2.6)
Subpackages: nvme-cli-bash-completion
- Update to version 2.6:
* nvme: allocate payload buffer in create-ns command
* nvme-print-stdout: Add CAP.CPS and CAP.NSSS human readable outputs
* nvme: Add output-format default option instead of argconfig json option
* nvme: fw-download offset only describes FW offset, not file offset
* unit: add locale number test
* util: handle utf-8 thousend separators correctly
* nvme: Change to use NVME_ARGS verbose default option from OPT_ARGS
* fabrics: Fix NVMF_ARGS macro to use parameter n correctly
* nvme: Add verbose default option to show command debug output
* util: Fix to set argconfig output format json option correctly
* util: Split argconfig output format json function to set and get
* nvme: Spport Phy Rx Eye Opening Measurement Log
* nvme: Introduce nvme_realloc function
* nvme: Fix for fdpa reserved field printing
* completion: add 'version' and 'help' to list
* udev-rule: apply round-robin iopolicy on i/o subsystems alone
* nvme: Add support for the OAQD ID controller field
* plugins/solidigm: use static log macro to calc bitmask
* plugins/ocp: Rename FW activation history command
* nvme: auto free nvme_dev resource
* nvme: allocate aligned payloads for all nvme commands
* nvme: introduce alloc helper with alignment support
* util: add cleanup function for generic memory allocations
* nvme: append huge to nvme_{alloc|free} function
* nvme: fw_download use nvme_alloc only
* fabrics: Removing duplicate code and moving to libnvme
* nvme-print: omit size of protection information
* tree: Modify label name close_fd to close_dev
* fabrics: For TCP/RDMA, compare IP addresses with nvme_ipaddrs_eq()
* fabrics: lookup_discovery_ctrl() must look under host and not root
* nvme: Do not map status to errno codes
* completions: Add bash completion for DSSD Power state feature(FID: C7h)
* Documentation: Add document for DSSD Power state feature(FID: C7h)
* plugins/ocp: Add DSSD Power state feature(FID: C7h)
* avoid casting pointer arguments to argconfig functions
* nvme-print: Add support for EGFEAT, Domain Identifier, TEGCAP and UEGCAP
* nvme-print: Fix endurance_log whitespace changes
* nvme: Fix retrieval of telemetry log up to specified data area.
* nvme: Update list secondary command
* wdc: Add support for SN861 drive
* util: Set errno to 0 before strtol/stroul call
* nvme: Revert passthru and submit_io to print status to stderr from stdout
* plugins/zns: Fix offset in report zones
* nvme-rpmb: Fix nvme_show_id_ctrl_rpmbs() definition error
* fabrics: Use corresponding hostid when hostnqn is generated
* json: fix seg. fault converting NULL to JSON string
* nvme-cli: fix extended metadata size calculation
* nvme-print: Show subsystem iopolicy
* nvme-print-stdout: Do not show non reachable ns in namespace topology
* nvme-print: Fix show-topolocy for ctrls
* doc: Fix typo in documentation
* nvme-print-stdout: fix storage tag size label
* nvme-print-stdout: List only ctrls which are part of ns
* nvme-print-stdout: Support subsys reachable from several hosts
* ccan: Add htable, strset and dependencies
* ccan: Remove unused documentation
* nvme-print: Split max power flags
* nvme-print: fix counter while looping through uuid_list
* fabrics: only look for matching ctrl on same host
* README: Correct hugetlbfs spelling error
* util: Delete unused CFG_BOOL argconfig type as duplicated with CFG_FLAG
* util: Set LC_ALL=C as default if -H option is not used
* nvme: Add support for create-ns command endg-id option parameter
* nvme-print: fix argument order for show functions
* plugins/solidigm: Added Marketing Name Log support for Solidigm.
* nvme-print: Remove left overs from refactoring
* nvme-print: Move num argument parsing into callbacks
* nvme-print: Fix typo in callback definition
* scripts: Make release script project neutral
* scripts: Update update-docs.sh scripts
* scripts: Execute the scripts from toplevel directory
* scripts: Move helper scripts to a central place
* docs: Update file modes
* doc: Add information on --context
* nvmf-autoconnect: Annotate the context to autoconnect
* fabrics: Add support for volatile configuration
* plugins/solidigm: Formated log page directory table consistently with "nvme list" format.
* plugins/solidigm: Added Identify controller VU extensions parsing.
* nvme-print-json: Print PCI pysical slot number for controller
* nvme-print-stdout: Print PCI physical slot number for controller
* libnvme.wrap: Bump to 42ac453
* plugins/nbft: Use common code to parse print flags
* fabrics: Do not print device on connect per default
* fabrics: Revert 'fabrics: prevent 'nvme connect' to well-known discovery NQN'
* nvme-print: fix wrong list-subsys output when ns are attached to different ctrls
* plugins/micron: Correct NULL pointer checking error
* plugins/innogrit: Add vendor command get-eventlog and get-cdump
* nvme: Use correct data buffer size
* nvme: Fix quoted string split across lines to use quoted newline
* plugins/zns: Fix zns.c linux kernel check patch errors and warnings
* plugins/ymtc: Fix ymtc-nvme.c linux kernel check patch warning
* plugins/ymtc: Fix ymtc-nvme.c space indentation to tab indentation
* plugins/virtium: Fix virtium-nvme.c linux kernel check patch errors and warnings
* plugins/transcend: Fix transcend-nvme.c linux kernel check patch errors and warnings
* plugins/solidigm: Fix linux kernel check patch errors and warnings
* plugins/shannon: Fix shannon-nvme.c linux kernel check patch errors and warnings
* plugins/seagate: Fix seagate-nvme.c linux kernel check patch warnings
* plugins/scaleflux: Fix sfx-nvme.c linux kernel check patch errors and warnings
... changelog too long, skipping 111 lines ...
- Fix install path for nvme-regress script
==== pam-config ====
Version update (2.8 -> 2.9)
- Update to version 2.9
- Add support for kanidm
==== podman ====
Version update (4.6.2 -> 4.7.0)
- Build against latest stable Go version (bsc#1215807)
- Update to version 4.7.0:
* Bump to v4.7.0
* [CI:DOCS] v4.7.0 RELEASE_NOTES update
* rpm: remove gvproxy subpackage
* packit: tag @containers/packit-build team on copr build
failures
* specgen, rootless: fix mount of cgroup without a netns
* pass --syslog to the cleanup process
* fix --authfile auto-update test
* version: switch back from -rc1 to -dev
* New pre-release: v4.7.0-rc1
* [CI:DOCS] Update release notes for v4.7.0-rc1
* Cirrus: Update operating branch
* Move podman build opts to common file
* Add ability for machine rm -f for WSL
* Plumbing to run machine tests with hyperv
* CI: trace setup and runner scripts
* Bump to Buildah v1.32.0
* [CI:DOCS] bump release notes on main with the latest release
* fix(deps): update module github.com/opencontainers/image-spec
to v1.1.0-rc5
* Add --filter pod= autocompletion
* e2e: ExitCleanly(): manual test fixes
* e2e: continuing ExitCleanly(): just the replacements
* Fix some spelling and formatting
* Add support for Ulimit in quadlet
* Run codespell on code
* wire in new buildah build options
* make golangci-lint happy
* add !remote tag to pkg/specgen/generate
* pkg/specgen: do not depend on libimage for remote
* bump buildah to latest
* [CI:DOCS] restart.md: migrate to container unit
* fix(deps): update module k8s.io/kubernetes to v1.28.2
* Add support for PidsLimit in quadlet
* Add DNS fields to Container and Network unit groups
* [CI:DOCS] update API docs version list
* Try to fix broken CI (gvisor-something)
* e2e: more ExitCleanly(): manual test fixes
* e2e: more ExitCleanly(): dumb string replacements
* e2e: create_test: use ExitCleanly()
* e2e: diff_test: use ExitCleanly()
* The `podman init` command cannot modify containers.
* bump c/common to latest main
* Podmansh: use podmansh_timeout
* e2e: more ExitCleanly(): low-hanging fruit
* vendor: update checkpointctl to v1.1.0
* kube: add DaemonSet support for generate
* vendor of containers/(common, storage, image)
* libpod: move oom_score_adj clamp to init
* e2e: commit_test: use ExitCleanly()
* e2e: container_clone_test.go: use ExitCleanly()
* e2e: use ExitCleanly() in cleanup_test.go
* Ensure HC events fire after logs are written
* [CI:DOCS] podman-systemd.unit: fix equivalents
* Add support for kube TerminationGracePeriodSeconds
* Update podman-kube-play.1.md.in
* Split up alt binaries to speed up build
* Switch installer task to EC2
* pod: fix duplicate volumes from containers.conf
* tests: add test for pod cgroups
* libpod: create the cgroup pod before containers
* cmd, specgen: allow cgroup resources without --infra
* specgen: allow --share-parent with --infra=false
* libpod: allow cgroup path without infra container
* libpod: check if cgroup exists before creating it
* libpod: refactor platformMakePod signature
* libpod: destroy pod cgroup on pod stop
* utils: export MoveUnderCgroup
* libpod: refactor code to new function
* e2e: use ExitCleanly() in checkpoint tests
* [CI:DOCS]Remove use of --latest|-l from tutorial
* CI test runner: upgrade tests rely on system tests
* run --rmi: "cannot remove" is a warning, not an error
* StopContainer: display signal num when name unknown
* URGENT: fix broken CI
* Add support for kube securityContext\.procMount
* podman: don't restart after kill
* Tmpfs should not be mounted noexec
* sys tests: run_podman: check for unwanted warnings/errors
* chore(deps): update dependency setuptools to ~=68.2.0
* e2e: use ExitCleanly() in attach & build tests
* Some distros do not default to docker.io for shortname searches
* security: accept empty capabilities list
* systests: random_free_port: fix EADDRINUSE flake
* fix(deps): update module github.com/cyphar/filepath-securejoin
to v0.2.4
* Restrict fcos_test to amd64, arm64
* fix(deps): update github.com/containers/libhvee digest to
56fb235
* fix(deps): update module github.com/docker/docker to
v24.0.6+incompatible
* fix(deps): update module golang.org/x/tools to v0.13.0
* Ignore spurious container-removal errors
* fix(deps): update module golang.org/x/net to v0.15.0
* systests: manifest zstd test: lots of tiny cleanups
* vendor: update github.com/opencontainers/runc to main
* [skip-ci] Update actions/checkout action to v4
... changelog too long, skipping 474 lines ...
* play.go: remove volumes on down -f
==== poppler ====
Subpackages: libpoppler-cpp0 libpoppler-glib8 libpoppler131 poppler-tools
- build with gpgmepp for signing documents (bsc#1215632)
==== poppler-qt5 ====
- build with gpgmepp for signing documents (bsc#1215632)
==== suse-module-tools ====
Version update (16.0.35 -> 16.0.36)
Subpackages: suse-module-tools-scriptlets
- Update to version 16.0.36
* blacklist RNDIS modules (bsc#1205767, jsc#PED-5731)
* modprobe.d: Blacklist cls_tcindex module (bsc#1210335, CVE-2023-1829)
==== xdg-desktop-portal-kde ====
Subpackages: xdg-desktop-portal-kde-lang
- Add: 0001-kde_portals.patch (kde#474746)
* Add a fallback to the GTK portal for settings. This makes sure
that GTK apps always get valid fonts and related settings.
==== xdg-utils ====
Version update (1.1.3+20230831 -> 1.2.0~beta1+20230929)
- Update to version 1.2.0-beta1+20230929:
* Set Version to 1.2.0-beta1
* Update Changes and Release Notes
* fix(xdg-open): handle spaces in .desktop file path
* Quote Browser variable to avod unintentional code execution
* Add missing result gathering
* Enhance LXQt Desktop Enviromment support
* xdg-terminal: don't run 'kreadconfig' if KDE_SESSION_VERSION is >= 5
- Drop the following fix, now actually included upstream
* xdg-terminal-don-t-run-kreadconfig-if-KDE_SESSION_VE.patch
- The following entries may have been missed in previous changelog
versions
* all: shellcheck fixes; make xdg-mime DASH-compatible
* xdg-email: do not run BROWSER if xdg-open failed
* Ensure POSIX-compliant shell scripting to support DASH
* all: spelling fixes
* Fix set_url_scheme_handler_gnome3 to not associate text/html handler
* xdg-screensaver: fix the freedesktop screensaver
* xdg-screensaver: implement support for "gnome3" DE
* xdg-screensaver: better error detection for freedesktop 'status' command
* xdg-desktop-menu: Drop obsolete GNOME support
* xdg-open: support WSL (FDO#108975)
* xdg-su: support deepin
* xdg-mime: If mimeapps.list is a symlink, retain the symlink (#7)
* xdg-open: fix search_desktop_file's logic
* xdg-open: handle local hostname in `file:` URLs
* xdg-desk-menu: Check if defaults file exists during installation
* xdg-su: Remove quotes for lxqt-sudo cmd arg
* xdg-open: handle opening files when DE=flatpak
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
ImageMagick (7.1.1.15 -> 7.1.1.17)
Mesa (23.1.7 -> 23.1.8)
Mesa-drivers (23.1.7 -> 23.1.8)
MozillaFirefox (117.0.1 -> 118.0.1)
apparmor
argyllcms (2.3.1 -> 3.0.0)
autoyast2 (4.6.2 -> 5.0.1)
avahi
avahi-glib2
branding-openSUSE
cairo (1.17.8 -> 1.18.0)
cockpit
distribution-logos-openSUSE (20220322 -> 20230921)
firewalld
flashrom (1.2 -> 1.3.0)
git
glibc
gnome-control-center
gnome-tweaks (42.beta+60 -> 45.0)
gnustep-base
gpg2 (2.3.8 -> 2.4.0)
gpgme
graphite2
gstreamer (1.22.5 -> 1.22.6)
gstreamer-plugins-bad (1.22.5 -> 1.22.6)
gstreamer-plugins-base (1.22.5 -> 1.22.6)
gstreamer-plugins-good (1.22.5 -> 1.22.6)
highway (1.0.5 -> 1.0.7)
imlib2 (1.12.0 -> 1.12.1)
installation-images-MicroOS (17.95 -> 17.96)
kio
libapparmor
libblockdev (2.28 -> 3.0.2)
libbytesize
libdrm
libjxl
libnma
libqt5-qtbase
libsecret (0.21.0 -> 0.21.1)
libsolv (0.7.24 -> 0.7.25)
libssh
libstorage-ng (4.5.141 -> 4.5.143)
libvpx
mozjs115 (115.2.0 -> 115.2.1)
mpg123 (1.31.3 -> 1.32.2)
open-vm-tools
openssl-3 (3.1.2 -> 3.1.3)
openssl (3.1.2 -> 3.1.3)
p11-kit (0.24.1 -> 0.25.0)
patterns-microos
perl-HTTP-Message (6.44 -> 6.450.0)
polkit-default-privs (1550+20230912.0978001 -> 1550+20230920.74aeded)
python-alembic (1.11.2 -> 1.12.0)
python-constantly
python-greenlet (2.0.2 -> 3.0.0~rc3)
python-jsonschema (4.18.6 -> 4.19.1)
python-tornado6 (6.3.2 -> 6.3.3)
sddm
smartmontools
stoken (0.92 -> 0.93)
systemd
tracker
tuned (2.20.0.18+git.7b1a20b -> 2.21.0.0+git.670541d)
udisks2 (2.9.4 -> 2.10.0)
unar
xdg-utils (1.1.3+20230830 -> 1.1.3+20230831)
yast2-bootloader (4.6.2 -> 5.0.2)
yast2-installation (4.6.7 -> 5.0.1)
yast2-python-bindings (4.6.0 -> 5.0.1)
yast2-storage-ng (4.6.12 -> 5.0.1)
yast2-users (4.6.4 -> 5.0.1)
=== Details ===
==== ImageMagick ====
Version update (7.1.1.15 -> 7.1.1.17)
Subpackages: ImageMagick-config-7-SUSE libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10
- version update to 7.1.1.17
* upstream changelog:
https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-17---2023…
- modified patches
% ImageMagick-library-installable-in-parallel.patch (refreshed)
- follow upstream, create open, limited, secure and websafe alternative
configuration packages with different policy.xml
- removing p7zip redundant dependency
==== Mesa ====
Version update (23.1.7 -> 23.1.8)
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- Backport upstream patches for compatibility with LLVM 17:
* U_llvmpipe-only-include-old-Transform-includes-when-ne.patch
removes unneeded includes of header files that no longer exist.
* U_clover-llvm-move-to-modern-pass-manager.patch migrates Clover
to the new pass manager, since the old PM has been removed.
- disable nine on arm/aarch64 in the hope to fix build on this
platform; there is no need for Direct3D/Wine for arm/aarch64
anyway ...
- Update to bugfix release 23.1.8:
- -> https://docs.mesa3d.org/relnotes/23.1.8.html
==== Mesa-drivers ====
Version update (23.1.7 -> 23.1.8)
Subpackages: Mesa-dri Mesa-gallium Mesa-libva
- Backport upstream patches for compatibility with LLVM 17:
* U_llvmpipe-only-include-old-Transform-includes-when-ne.patch
removes unneeded includes of header files that no longer exist.
* U_clover-llvm-move-to-modern-pass-manager.patch migrates Clover
to the new pass manager, since the old PM has been removed.
- disable nine on arm/aarch64 in the hope to fix build on this
platform; there is no need for Direct3D/Wine for arm/aarch64
anyway ...
- Update to bugfix release 23.1.8:
- -> https://docs.mesa3d.org/relnotes/23.1.8.html
==== MozillaFirefox ====
Version update (117.0.1 -> 118.0.1)
- Mozilla Firefox 118.0.1
MFSA 2023-44 (bsc#1215814)
* CVE-2023-5217 (bmo#1855550),
Heap buffer overflow in libvpx
- Mozilla Firefox 118.0
MFSA 2023-41 (bsc#1215575)
* CVE-2023-5168 (bmo#1846683)
Out-of-bounds write in FilterNodeD2D1
* CVE-2023-5169 (bmo#1846685)
Out-of-bounds write in PathOps
* CVE-2023-5170 (bmo#1846686)
Memory leak from a privileged process
* CVE-2023-5171 (bmo#1851599)
Use-after-free in Ion Compiler
* CVE-2023-5172 (bmo#1852218)
Memory Corruption in Ion Hints
* CVE-2023-5173 (bmo#1823172)
Out-of-bounds write in HTTP Alternate Services
* CVE-2023-5174 (bmo#1848454)
Double-free in process spawning on Windows
* CVE-2023-5175 (bmo#1849704)
Use-after-free of ImageBitmap during process shutdown
* CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824, bmo#1843962,
bmo#1848890, bmo#1850180, bmo#1850983, bmo#1851195)
Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3,
and Thunderbird 115.3
- requires NSS 3.93
- add mozilla-bmo1822730.patch
- deactivated KDE integration temporarily
(removed mozilla-kde.patch and firefox-kde.patch for now)
==== apparmor ====
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor
- Fix pam_apparmor %post and %postun scripts to handle pam-config errors
(bsc#1215596)
==== argyllcms ====
Version update (2.3.1 -> 3.0.0)
- Update to 3.0.0:
* Updated ccast/axTLS to get ChromCast working again with latest Google CC
operating software.
* Extensive re-write/re-factor of icclib to make it more future-proof.
See https://www.argyllcms.com/doc/ChangesSummary.html for details.
* Added ref/ColorCheckerPassport.ti2 and ref/ColorCheckerHalfPassport.ti2
to allow measuring ColorCheckerPassport with instrument.
* Fixed bug in Munki spectro hi-res mode with some instruments. Luminance
matching between normal and hi-res was sometimes quite poor.
* Added ARGYLL_CREATE_DISPLAY_PROFILE_WITHOUT_CHAD environment variable.
* Changed colprof -U flag to -u. Changed dispcal -J flag to -K to accommodate
a potential new flag for colprof and dispcal.
* Added workaround for bug in madHcNet64.dll32/64.dll which sometimes causes
failure.
* Added delay after USB set_config on OS X to help Spyder 3/4 on Ventura OS.
* Added -Y parameter to dispwin to override automatic patch delay.
* Changed i1d3 driver to cope with Rev. B "0x83" error robustly. This should
fix any issues measuring low level Red only patch values on OLED displays,
but with slower measurements when this occurs.
* Added spotread -Y S option to save spectral sensitivity curves and added
corresponding support in i1d3 driver. This allows for comparison of different
instruments factory calibrations.
* Added a -h scale parameter to dispread, to allow the automatic instrument
calibration test patch values to be scaled down from their default 100%
value. This is useful with HDR displays.
* Added manifest to MSWindows executables to use UTF-8 code pages on Windows
1903 and later. This should improve non-ASCII filename and path handling.
* Added a Violet colorant to the targen colorant list.
* Fixed problem with OS X 64 bit backwards compatibility where it failed to
locate serial instruments when the binaries are run on OS X V12 or latter
machines.
* Fixed bug in i1Pro3 driver where it was not returning the correct
measurement conditions enum.
* Fixed spotread so that ambient measure for monochrome sources doesn't error
out due to bad CCT/VCT/VDT. Also change -T so that it suppresses CCT etc. if
ambient mode is used.
* Added hacky workaround to strange Mac M2/rosetta bug in del_i1proimp().
- Make the argyllcms-doc package noarch.
==== autoyast2 ====
Version update (4.6.2 -> 5.0.1)
- Added several LUKS-related elements to the partitioning schema
(jsc#PED-3878, jsc#PED-5518).
- 5.0.1
- 5.0.0 (#bsc1185510)
==== avahi ====
Subpackages: libavahi-client3 libavahi-common3 libavahi-core7
- Don't require sudo. There is no indication it's actually used for
anything.
==== avahi-glib2 ====
- Don't require sudo. There is no indication it's actually used for
anything.
==== branding-openSUSE ====
Subpackages: grub2-branding-openSUSE plymouth-branding-openSUSE wallpaper-branding-openSUSE yast2-qt-branding-openSUSE
- Enable grub2-branding on ppc64le. patterns-microos-base has
Requires (grub2-branding-openSUSE if grub2). So we need the
branding.
==== cairo ====
Version update (1.17.8 -> 1.18.0)
Subpackages: libcairo-gobject2 libcairo-script-interpreter2 libcairo2
- Update to version 1.18.0:
+ The first stable cairo release in five years should be cause
for celebration.
+ All the API added in the 1.17 development cycle is now
considered stable, and will not change.
+ Many thanks to all the contributors for this release.
+ The cairo-sphinx tool has been removed; we could not find any
instruction on how to use it, and no user answered our call for
help. If you were using cairo-sphinx, please reach out to the
cairo maintainers.
+ Cairo now implements Type 3 color fonts for PDF.
+ Multiple documentation fixes, to ensure that the cairo API
reference is up to date. Also fixed multiple compiler warnings
generated when building cairo.
+ The XML surface has been removed; it was disabled by default
when building cairo, and we could not find any downstream
distributor that would enable it.
+ The Tee surface is now automatically enabled. Downstream
distributors of cairo have been enabling for years it in order
to build Firefox.
+ Fixed multiple issues with the DWrite font backend.
+ Improved the Quartz surface; mainly, Quartz surfaces now use
the main display ColorSpace, speeding up rendering operations.
+ Cairo now hides all private symbols by default on every
platform; the old "slim" symbols hack to alias internally used
symbols has been dropped, in favor of using
`-Bsymbolic-functions` with toolchains that support it.
+ Fixed multiple memory leaks in the code base and test suite,
and general maintenance.
+ Added new API to expose the Pixman dithering filter to cairo
patterns; this is currently implemented only for image
surfaces.
- Drop patches fixed upstream:
+ cairo-1.17.8-fix-tee-compilation.patch
+ cairo-1.17.8-ft-font-missing-glyph.patch
- Rebase patches with quilt.
- Stop passing xml=disabled to meson setup, xml backend is dropped.
==== cockpit ====
Subpackages: cockpit-bridge cockpit-packagekit cockpit-system
- Port SLE selinux bug fix from SLE Micro 5.5
* Copied selinux_libdir.patch from SLEM package
==== distribution-logos-openSUSE ====
Version update (20220322 -> 20230921)
Subpackages: distribution-logos-openSUSE-MicroOS distribution-logos-openSUSE-icons
- Add Aeon branding
==== firewalld ====
Subpackages: firewalld-bash-completion python3-firewall
- python3-dbus isn't correct either, it's python3-dbus-python.
- Correct Requires, python3-slip-dbus -> python3-dbus.
==== flashrom ====
Version update (1.2 -> 1.3.0)
- Update to 1.3.0
- See changelog at https://www.flashrom.org/Flashrom/1.3
- Removed patches (merged upstream):
- flashrom-install-man-file.patch
- flashrom-j-link-spi.patch
==== git ====
- Downgrade openssh dependency to recommends (bsc#1215533)
==== glibc ====
Subpackages: glibc-extra glibc-locale glibc-locale-base nscd
- fstat-implementation.patch: io: Do not implement fstat with fstatat
- getaddrinfo-memory-leak.patch: Fix leak in getaddrinfo introduced by the
fix for CVE-2023-4806 (CVE-2023-5156, bsc#1215714, BZ #30884)
- getcanonname-use-after-free.patch: getaddrinfo: Fix use after free in
getcanonname (CVE-2023-4806, bsc#1215281, BZ #30843)
- Do not build any cross packages in SLES
- no-aaaa-read-overflow.patch: Stack read overflow with large TCP
responses in no-aaaa mode (CVE-2023-4527, bsc#1215280, BZ #30842)
- Add systemd to passwd, group and shadow lookups (jsc#PED-5188)
- ppc64-flock-fob64.patch: io: Fix record locking contants for powerpc64
with __USE_FILE_OFFSET64 (BZ #30804)
- libio-io-vtables.patch: libio: Fix oversized __io_vtables
- call-init-proxy-objects.patch: elf: Do not run constructors for proxy
objects
- dtors-reverse-ctor-order.patch: elf: Always call destructors in reverse
constructor order (BZ #30785)
- intl-c-utf-8-like-c-locale.patch: intl: Treat C.UTF-8 locale like C
locale (BZ #16621)
- glibc-disable-gettext-for-c-utf8.patch: Removed
==== gnome-control-center ====
Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-user-faces
- Add gnome-control-center-add-user-button.patch:
Show add user button when user is a normal user
(bsc#1215556 glgo#GNOME/Settings!1927).
==== gnome-tweaks ====
Version update (42.beta+60 -> 45.0)
- Update to version 45.0:
+ This release removes several features now found in GNOME
Settings. There are also some small interface refreshments in
preparation for the GTK4 upgrade. More significantly, the core
interface has been refactored to use layout files.
+ Updated translations.
- Switch compression to zst both in service and tarball produced.
==== gnustep-base ====
- use pkgconfig(icu-uc) to use the current libicu. (jsc#PED-6193)
==== gpg2 ====
Version update (2.3.8 -> 2.4.0)
Subpackages: dirmngr
- Install the systemd user units in the _userunitdir [bsc#1201564]
* Note that, there is no activation by default.
* Rework excludes in the spec's files section.
- Temporarily revert back to the pre-2.4 default for key generation.
The new rfc4880bis has been set as the default in 2.4 version and
might create incompatible keys. Note that, rfc4880bis can still
be used with the option flag --rfc4880bis as in previous versions.
* More info in the gnupg-devel ML:
https://lists.gnupg.org/pipermail/gnupg-devel/2022-December/035183.html
* Reverted commit https://dev.gnupg.org/rGcaf4b3fc16e9
* Add gnupg-revert-rfc4880bis.patch
- Allow 8192 bit RSA keys in keygen UI when large_rsa is set
* Add gnupg-allow-large-rsa.patch
- Fix broken GPGME QT tests: Upstram dev task dev.gnupg.org/T6313
* The original patch has been modified to expand the changes
also to the tests/gpgme/Makefile.in file.
* Add gnupg-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch
- Updated to require libgpg-error-devel >= 1.46
- Rebased patches:
* gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch
* gnupg-add_legacy_FIPS_mode_option.patch
- GnuPG 2.4.0:
* common: Fix translations in --help for gpgrt < 1.47.
* gpg: Do not continue the export after a cancel for the primary key.
* gpg: Replace use of PRIu64 in log_debug.
* Update NEWS for 2.4.0.
* tests: Fix make check with GPGME.
* agent: Allow arguments to "scd serialno" in restricted mode.
* scd:p15: Skip deleted records.
* build: Remove Windows CE support.
* wkd: Do not send/install/mirror expired user ids.
* gpgsm: Print the revocation time also with --verify.
* gpgsm: Fix "problem re-searching certificate" case.
* gpgsm: Print revocation date and reason in cert listings.
* gpgsm: Silence the "non-critical certificate policy not allowed".
* gpgsm: Always use the chain model if the root-CA requests this.
* gpg: New export option "mode1003".
* gpg: Remove a mostly duplicated function.
* tests: Simplify fake-pinentry to use the option only.
* tests: Fix fake-pinentry for Windows.
* tests: Fix make check-all.
* agent: Fix import of protected v5 keys.
* gpgsm: Change default algo to AES-256.
* tests: Put a workaround for semihosted environment.
* tests: More fix for semihosted environment.
* tests: Support semihosted environment.
* tests: Fix tests under cms.
* tests,w32: Fix for semihosted environment.
* w32: Fix for tests on semihosted environment.
* w32: Fix gnupg_unsetenv.
* wkd: New option --add-revocs and some fixes.
* wkd: Make use of --debug extprog.
* gpg: New export-filter export-revocs.
* gpg: Fix double-free in gpg --card-edit.
* gpg: Make --require-compliance work with out --status-fd.
* gpg: New option --list-filter.
* dirmngr: Silence ocsp debug output.
* tests: Fix to support --enable-all-tests and variants.
* tests:w32: Fix for non-dot file name for Windows.
* tests:gpgscm:w32: Fix for GetTempPath.
* tests: Keep .log files in objdir.
* tests: Use 233 for invalid value of FD.
* w32: Fix gnupg_tmpfile for possible failure.
* scd: Redact --debug cardio output of a VERIFY APDU.
* common: Remove Windows CE support in common.
* gpgsm: Fix colon outout of ECC encryption certificates.
* scd:nks: Fix ECC signing if key not given by keygrip.
* dirmngr: Fix verification of ECDSA signed CRLs.
* agent: Allow trustlist on Windows in Unicode homedirs.
* gpg: Fix verification of cleartext signatures with overlong lines.
* gpg: Move w32_system function.
* gpg: New option --quick-update-pref.
* gpg: New list-options show-pref and show-pref-verbose.
* tests: Add tests to check that OCB is only used for capable keys.
* gpg: Make --list-packets work w/o --no-armor for plain OCB packets.
* tests: Add symmetric decryption tests.
* tests: Add tr:assert-same function.
* agent: Avoid blanks in the ssh key's comment.
* build: Update m4 files.
* gpg: Merge --rfc4880bis features into --gnupg.
* gpg: Allow only OCB for AEAD encryption.
* gpg: New option --compatibility-flags.
* gpgsm: Also announce AES256-CBC in signatures.
* gpg: Fix trusted introducer for user-ids with only the mbox.
* gpg: Import stray revocation certificates.
* agent: Automatically convert to extended key format by KEYATTR.
* card: New commands "gpg" and "gpgsm".
* card: Also show fingerprints of known X.509 certificates.
* scd:nks: Support non-ESIGN signing with the Signature Card v2.
* gpgsm: Allow ECC encryption keys with just keyAgreement specified.
* gpgsm: Use macro constants for cert_usage_p.
* build: Update gpg-error.m4.
* agent,common,dirmngr,tests,tools: Remove spawn PREEXEC argument.
* gpg: Move NETLIBS after GPG_ERROR_LIBS.
* gpg: Use GCRY_KDF_ONESTEP_KDF with newer libgcrypt in future.
* common,w32: Fix struct stat on Windows.
* agent,w32: Support Win32-OpenSSH emulation by gpg-agent.
* common: Don't use FD2INT for POSIX-only code.
* dirmngr: Fix build with no LDAP support.
==== gpgme ====
Subpackages: libgpgme11 libgpgmepp6 python311-gpg
- Use GCC 12 for building the Qt6 library on Leap 15. The
default compiler is too old.
- Use '%{without xxx}' rather than '!%{with xxx}' in spec file
- Use GCC 12 for building the Qt6 library. The default compiler
is too old.
- Use '%{without xxx}' rather than '!%{with xxx}' in spec file
==== graphite2 ====
- fixed license string [bsc#1207676]:
LGPL-2.1-or-later OR MPL-2.0 OR GPL-2.0-or-later
==== gstreamer ====
Version update (1.22.5 -> 1.22.6)
Subpackages: libgstreamer-1_0-0 typelib-1_0-Gst-1_0
- Update to version 1.22.6:
+ Highlighted bugfixes:
- Security fixes for the MXF demuxer and H.265 video parser
- Fix latency regression in H.264 hardware decoder base class
- androidmedia: fix HEVC codec profile registration and fix
coded_data handling
- decodebin3: fix switching from a raw stream to an encoded
stream
- gst-inspect: prettier and more correct signal and action
signals printing
- rtmp2: Allow NULL flash version, omitting the field, for
better RTMP server compatibility
- rtspsrc: better compatibility with buggy RTSP servers that
don't set a clock-rate
- rtpjitterbuffer: fix integer overflow that led to more
packets being declared lost than have been lost
- v4l2: fix video encoding regression on RPi and fix support
for left and top padding
- waylandsink: Crop surfaces to their display width height
- cerbero: Recognise Manjaro; add Rust support for MSVC ARM64;
cmake detection fixes
- Various bug fixes, memory leak fixes, and other stability and
reliability improvements
+ gstreamer:
- gst-inspect: prettier and more correct signal printing, and
print action signals in g_signal_emit_by_name() format
- gst-launch: Disable fault signal handlers on macOS
- Rebase reduce-required-meson.patch
==== gstreamer-plugins-bad ====
Version update (1.22.5 -> 1.22.6)
Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0
- Update to version 1.22.6:
+ audiolatency: Forward latency query and event upstream
+ av1parser: Fix segmentation params update
+ codecparsers: Fix MPEG-1 aspect ratio table
+ d3d11convert: Passthrough allocation query on same caps
+ h264decoder: Update latency dynamically
+ h265parser:
- Allow partially broken hvcC data
- Fix possible overflow using max_sub_layers_minus1
+ hlssink2: Always use forward slash separator
+ mdns: Fix a crash on context error
+ mxfdemux: Fix integer overflow causing out of bounds writes
when handling invalid uncompressed video and check channels for
AES3
+ nvencoder: Fix negotiation error when interlace-mode is
unspecified
+ rtmp2: Allow NULL flash version, omitting the field
+ rtmp2sink: fix crash if message conversion failed
+ transcodebin: Fixes for upstream selectable support
+ va: Fix in error logs functions mismatches
+ waylandsink:
- Crop surfaces to their display width height
- Fix cropping for video with non-square aspect ratio
+ webrtc: Fix docs for create-data-channel action signal
- Rebase reduce-required-meson.patch
==== gstreamer-plugins-base ====
Version update (1.22.5 -> 1.22.6)
Subpackages: libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstTag-1_0
- Update to version 1.22.6:
+ audio: Make sure to stop ringbuffer on error
+ decodebin3:
- Avoid identity, sinkpad, parsebin leakage when reset input
- Ensure the slot is unlinked before linking to decoder
+ sdp:
- Fix wrong debug log error message for missing clock-rate in
caps
- Parse zero clock-rate as default
- Rebase reduce-required-meson.patch
==== gstreamer-plugins-good ====
Version update (1.22.5 -> 1.22.6)
Subpackages: gstreamer-plugins-good-gtk
- Update to version 1.22.6:
+ adaptivedemux2: fix memory leak
+ pulsedeviceprovider: fix incorrect usage of GST_ELEMENT_ERROR
+ qt:
- Unbreak build with qt-egl enabled but viv_fb missing
- Fix searching of qt5/qt6 tools with qmake in Meson
+ qtdemux:
- Fix premature EOS when some files are played in push mode
- Attach cbcs crypt info at the right moment
+ rtpjitterbuffer: Avoid integer overflow in max saveable packets
calculation with negative offset
+ videoflip: fix concurrent access when modifying the tag list
+ v4l2:
- allocator: Don't close foreign dmabuf
- bufferpool:
. Fix large encoded stream regression
. Problems when checking for truncated buffer
- Fix support for left and top padding
+ v4l2object: clear format lists if source change event is
received
- Rebase reduce-required-meson.patch
- Add libqt5-linguist BuildRequires: New dependency.
==== highway ====
Version update (1.0.5 -> 1.0.7)
- Update to release 1.0.7
* Add LoadNOr, GatherIndexN, ScatterIndexN
* Add additional float<->int conversions
* Codegen improvements for 8-bit shift, PPC Compress/Expand
- Update to release 1.0.6
* Add MaskedGatherIndex, MaskedScatterIndex, LoadN, StoreN,
SatWidenMulPairwiseAdd, SumOfMulQuadAccumulate,
PromoteUpperLowerTo.
* Add F64 for Wasm, F64 AbsDiff
* Validate all D args in x86 function signatures
==== imlib2 ====
Version update (1.12.0 -> 1.12.1)
Subpackages: imlib2-loaders libImlib2-1
- update to 1.12.1:
* Fix some clang complaints
* scaling: MMX asm scaling causes segv, disable for now
* loading: Call module exit function also when not
dlclosing module on unload
* loaders: Fix build with -m32 --enable-debug
* test_load_2: Add forgotten xeyes.png
* test_save: Fix for jxl loader on ix86
* test_scale: MMX scaling is disabled
* RAW loader: Don't unload loader
* loaders: Fix CPPFLAGS order
* imlib2_grab, imlib2_view: Unset context colormap
* x11_grab: Use correct depth when grabbing
==== installation-images-MicroOS ====
Version update (17.95 -> 17.96)
- merge gh#openSUSE/installation-images#663
- Add Qualcomm's GPU clk, LCD backlight, and power-related [spmi &
pmic] modules required for booting installer on Lenovo X13s.
(bsc#1215326)
- Add more boot-required modules for Lenovo X13s
- 17.96
==== kio ====
Subpackages: kio-core
- Add upstream crash fix (kde#474451)
* 0001-Don-t-crash-if-KMountPoint-gives-nothing-back-while-.patch
==== libapparmor ====
- Fix pam_apparmor %post and %postun scripts to handle pam-config errors
(bsc#1215596)
==== libblockdev ====
Version update (2.28 -> 3.0.2)
- Update to version 3.0.2:
* Use ntfsinfo instead of ntfscluster for faster
bd_fs_ntfs_get_info.
* Restrict list of exported symbols via -export-symbols-regex.
* lib: Silence the missing DEFAULT_CONF_DIR_PATH.
* loop: Report BD_LOOP_ERROR_DEVICE on empty loop devices.
* fs: Fix unused error in extract_e2fsck_progress.
* fs: Use read-only mount where possible for generic FS
functions.
* fs: Document that generic functions can mount filesystems.
* fs: Avoid excess logging in extract_e2fsck_progress.
- Restructure all sub-packages in the spec file to enhance
maintainability.
- Update to 3.0.1:
* New bugfix release of the libblockdev library with multiple
fixes.
* loop: Define LOOP_SET_BLOCK_SIZE is not defined. And remove
bd_loop_get_autoclear definition.
* crypto: Remove stray struct redefinition.
* fs: Simplify struct BDFSInfo. And add missing copy and free
functions to the header file.
* vdo_stats: Remove unused libparted include.
* lvm: Make _vglock_start_stop static. Fix declaration for
bd_lvm_vdolvpoolname. And add bd_lvm_segdata_copy/free to the
header file.
* Make the conf.d directory versioned.
- Changes from version 3.0.0:
* New major release of the libblockdev library. This release
contains a large API overhaul.
* VDO a KBD plugins were removed.
* New NVMe plugin was added.
* Runtime dependencies are no longer checked during plugin
initialization.
* Part plugin was rewritten to use libfdisk instead of libparted
* Crypto plugin API went through an extensive rewrite.
* Support for new technologies was added to the crypto plugin:
FileVault2 encryption, DM Integrity, LUKS2 tokens.
* Filesystem plugin adds support for btrfs, F2FS, NILFS2, exFAT
and UDF.
* Support for new filesystem operations was added to the plugin:
setting label and UUID, generic mkfs function and API for
getting feature support for filesystems.
* dmraid support was removed from the DM plugin.
* Python 2 support was dropped.
- Drop no longer needed libblockdev-fix-libkmod-include.patch
- Drop no longer supported sub-packages with their dependencies,
and their configure options, following upstream changes: python2
(python-devel), bcache, dmraid (dmraid-devel BuildRequires) and
kbd.
- Add (gcc >= 11 or gcc11) boolean BuildRequires to ensure the
package is buildable on Leap 15.5, where the gcc meta-package is
of version 7.
- Bump the SO version to 3 for the shared library and GI bindings
sub-packages.
- Add ext2fs, fdisk, and libkeyutils pkgconfig() BuildRequires.
The first is a new dependency for the FS plugin. The second, for
the PART plugin. And the latter, for the CRYPTO plugin (before,
the explicit_bzero() function would be searched for).
- Add libnvme-devel >= 1.3 BuildRequires, and pass --with-nvme to
configure, needed for the NVMe plugin (new upstream addition).
- Pass --with-tools to configure, ensuring we keep building the
libblockdev tools.
==== libbytesize ====
- Rename python3-libbytesize sub-package to python3-bytesize. This
is the expected name by its consumers.
==== libdrm ====
Subpackages: libdrm2 libdrm_amdgpu1 libdrm_nouveau2 libdrm_radeon1
- provide/obsolete dropped packages libkms1/libkms-devel (bsc#1215526)
- adjusted n_libdrm-drop-valgrind-dep-generic.patch,
n_libdrm-drop-valgrind-dep-intel.patch to generated 2.4.116
pkgconfig files in order to fix build against sle15/Leap 15.x
==== libjxl ====
- Switch from LCMS to SKCMS: libjxl core can use either, but
plugins can only use SKCMS. Exercising two CMS simultaneously
also is silly. Delete 0001-Remove-LCMS-mutex.patch .
- Build plugins:
* Add _service file to generate skcms tarball (needed to build
plugins).
* Add skcms tarball as source and copy extracted dir to
./third_party/ so cmake can find it.
* Split out new packages:
* gdk-pixbuf-loader-jxl: Pixbuf loader for supported apps.
* gimp-plugin-jxl: Plugin to allow gimp to work with JPEG XL
files.
* jxl-thumbnailer: Thumbnailer and mime files to allow
generating thumbnails for JPEG XL files.
==== libnma ====
Subpackages: libnma-glib-schema libnma-gtk4-0 libnma0 typelib-1_0-NMA4-1_0
- Add libnma-glib-schema Requires to libnma-gtk4-0 sub-package,
ensure libnma-glib-schema gets installed by default now that
gnome-control-center have ported to gtk4.
==== libqt5-qtbase ====
Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 libqt5-qtbase-platformtheme-gtk3
- switch icu-devel requires to pkgconfig to allow switching libicu
versions
==== libsecret ====
Version update (0.21.0 -> 0.21.1)
Subpackages: libsecret-1-0 typelib-1_0-Secret-1
- Update to version 0.21.1:
+ Fix updating credentials by another process in the same Flatpak
sandbox.
+ Migrate to g_memdup2.
+ Updated translations.
==== libsolv ====
Version update (0.7.24 -> 0.7.25)
Subpackages: libsolv-tools python3-solv ruby-solv
- support complex deps in SOLVABLE_PREREQ_IGNOREINST
- fix minimization not prefering installed packages in some cases
- reduce memory usage in repo_updateinfoxml
- fix lock-step interfering with architecture selection
- fix choice rule handing for package downgrades
- fix complex dependencies with an "else" part sometimes leading
to unsolved dependencies
- bump version to 0.7.25
==== libssh ====
Subpackages: libssh-config libssh4
- Enable crypto-policies support: [bsc#1211301]
* Rebase libssh_client.config libssh_server.config
==== libstorage-ng ====
Version update (4.5.141 -> 4.5.143)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- merge gh#openSUSE/libstorage-ng#949
- reduce manual memory handing
- 4.5.143
- merge gh#openSUSE/libstorage-ng#948
- fixed memory leak
- more consistent function naming
- 4.5.142
==== libvpx ====
- Fixing CVE-2023-5217 heap buffer overflow (boo#1215778)
added CVE-2023-5217.patch
==== mozjs115 ====
Version update (115.2.0 -> 115.2.1)
- Update to version 115.2.1:
+ Security fix: CVE-2023-4863: Heap buffer overflow in libwebp.
==== mpg123 ====
Version update (1.31.3 -> 1.32.2)
Subpackages: libmpg123-0 mpg123-openal
- Update to version 1.32.2
* libmpg123: Re-introduce _64 symbols on native 64 bit offset
platforms. This was a regression since 1.31 series. Sorry,
too much cleanup, not enough testing.
* build:
+ Better O_LARGEFILE logic, avoiding redefintion.
* ports/cmake:
+ Require C99 (bug 360, among other points, thanks to Ozkan
Sezer).
+ Fix broken O_LARGEFILE logic (bug 360).
+ Typo fix and cleanup, also manual SSE switch for Android
on old x86 (bug 359).
- Update to version 1.32.1
* Include man pages again in tarball and install. We cannot
avoid the empty man directory when disabling programs with
autoconf.
* Fix signal handler prototype, avoiding some justified warnings.
* ports/cmake:
+ Include CheckTypeSize, which seems to be needed sometimes
+ Avoid O_LARGEFILE redefinition, logic closer to autoconf.
- Update to version 1.32.0
* build
+ Move version handling out of configure.ac to ease other
build systems.
+ Include "fmt123.h" instead of <fmt123.h> in main API
headers to make it more likely the correct one is
included (at least gcc picks the one in the same directory
as the including header first).
+ All headers are build-independent now.
+ Fix build for picky linkers by avoiding definition of
wrap_getcpuflags() where it is not used (spurious linker
error to non-exitent getcpuflags(), bug 353).
+ Handle deprecation of C99 detection macro in autoconf 2.70.
+ No use of AC_SYS_LARGEFILE anymore for explicit handling
and differing choice for the libraries and frontend programs.
+ Added --enable-portable and --disable-largefile to
configure, removing the other largefile-related options.
+ Added --disable-components --enable-libmpg123 to only
build libmpg123 (and likewise --enable-libout123,
- -enable-libout123-modules, --enable-libsyn123) to autoconf
build. CMake build has something similar with BUILD_PROGRAMS
and BUILD_LIBOUT123, which leave only libmpg123 and libsyn123
if disabled).
+ Consistent formatting of ./configure --help with
AS_HELP_STRING().
* mpg123
+ Added --libversion.
+ Added proper A-B looping with terminal control key 'o',
renamed --pauseloop to --presetloop.
+ Really get rid of mpg123_position() usage. (It was all
lies before!)
+ Fix terminal progress info when seeking in stopped mode
(1.31 regression).
+ Patch up interaction of output buffer with generic remote
control, adding non-interruptible drain after P 3, and
dropping buffer on QUIT.
+ Uppercase some generic control replies for consinstency:
SILENCE, PROGRESS, MUTE, UNMUTE
* libmpg123, libout123, libsyn123
+ Bumped API version for version query functions.
+ Replaced nearly all symbol renames with explicit INT123_
prefix declarations (intsym.h close to empty now).
* libout123
+ Add sleep builtin output module (silent, but proper
timing).
* libsyn123
+ Introduced SYN123_PORTABLE_API for an API without off_t
and ssize_t (see NEWS.libsyn123).
* libmpg123
+ Internal I/O using explicit largefile support via off64_t,
lseek64, fallback to plain 32 bit off_t.
+ Added explicit 64 bit API with 64 suffix (mpg123_tell64(),
not mpg123_tell_64()).
This allows full avoidance of ambiguus off_t. The API is
always using 64 bit integers, regardless of internal
implementation.
+ Introduced MPG123_PORTABLE_API for an API subset without
off_t and ssize_t.
+ Made mpg123_seek() and friends ignore offset sign for
SEEK_END (always seeking towards beginning, assuming
negative offset) to make lseek()-conforming usage
possible. Seeking beyond the end never made sense, so no
loss of valid functionality.
* Overall use of INT123_strerror(), trying to use thread-safe
strerror_l() if possible.
==== open-vm-tools ====
Subpackages: libvmtools0 open-vm-tools-desktop
- 15 sp4 currently uses open-vm-tools rpms from 15 sp3. As such, enable
the spec file fix for bug (bsc#1205927) for 15 sp3 onwards.
- open-vm-tools is built with containerinfo plugin from 15 sp3 onwards
==== openssl-3 ====
Version update (3.1.2 -> 3.1.3)
Subpackages: libopenssl3
- Update to 3.1.3:
* Fix POLY1305 MAC implementation corrupting XMM registers on
Windows (CVE-2023-4807)
==== openssl ====
Version update (3.1.2 -> 3.1.3)
- Update to 3.1.3
==== p11-kit ====
Version update (0.24.1 -> 0.25.0)
Subpackages: libp11-kit0 p11-kit-tools
- Add d1d4b0ac316a27c739ff91e6c4153f1154e96e5a.patch: Fix probing
of C_GetInterface.
- Update to 0.25.0:
* add PKCS#11 3.0 support
* add support for profile objects
* add ability to adjust module and config paths at run-time via
system environmental exports
* make terminal output nicer
* p11-kit: add command to print merged configuration
* p11-kit: add commands to list, add and delete profiles of a token
* trust: add command to check format of .p11-kit files
* virtual: fix libffi type signatures for PKCS#11 3.0 functions
* server: fix umask setting when --group is specified
* server: check SHELL only when neither --sh nor --csh is specified
* rpc: use space string in C_InitToken
* rpc: fix two off-by-one errors identified by asan
* modules: make logging message more translatable
* pkcs11.h: support CRYPTOKI_GNU for IBM vendor mechanisms
* pkcs11.h: add IBM specific mechanism and attributes
* pkcs11.h: add ChaCha20/Salsa20 and Poly1305 mechanisms
* pkcs11.h: add AES-GCM mechanism parameters for message-based encryption
* po: update translations from Transifex
- Update upstream p11-kit.keyring file
- Add missing lang files
- Switch to using Meson as the build system
==== patterns-microos ====
Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-base-microdnf patterns-microos-base-packagekit patterns-microos-base-zypper patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-desktop-common patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-ra_agent patterns-microos-ra_verifier patterns-microos-selinux patterns-microos-sssd_ldap
- Add ksshaskpass5 (boo#1215407)
==== perl-HTTP-Message ====
Version update (6.44 -> 6.450.0)
- updated to 6.45
see /usr/share/doc/packages/perl-HTTP-Message/Changes
6.45 2023-09-27 14:27:31Z
- Allow for file ownership conflicts with Docker and GitHub Actions
(GH#193) (Olaf Alders)
- Add the 'status_code' function for getting all status codes as hash
(GH#194) (Dai Okabayashi)
==== polkit-default-privs ====
Version update (1550+20230912.0978001 -> 1550+20230920.74aeded)
- Update to version 1550+20230920.74aeded:
* udisks2: add additional NVME action (bsc#1214897)
==== python-alembic ====
Version update (1.11.2 -> 1.12.0)
- Clean up the SPEC file
- update to 1.12.0
* Added new feature to the "code formatter" function which allows standalone
executable tools to be run against code, without going through the Python
interpreter. Known as the `exec` runner, it complements the existing
`console_scripts` runner by allowing non-Python tools such as `ruff` to
be used.
* Change the default value of `.EnvironmentContext.configure.compare_type` to `True`.
As Alembic's autogenerate for types was dramatically improved in
version 1.4 released in 2020, the type comparison feature is now much
more reliable so is now enabled by default.
* Fixed issue where the `ForeignKeyConstraint.match` parameter would not be
rendered in autogenerated migrations.
* Fixed issue where the `revision_environment` directive in `alembic.ini`
was ignored by the `alembic merge` command, leading to issues when other
configurational elements depend upon `env.py` being invoked within the
command.
* Added support for `op.drop_constraint()` to support PostgreSQL
`ExcludeConstraint` objects, as well as other constraint-like objects
that may be present in third party dialects, by resolving the `type_`
parameter to be `None` for this case. Autogenerate has also been
enhanced to exclude the `type_` parameter from rendering within this
command when `type_` is `None`.
==== python-constantly ====
- Clean up the SPEC file
- use unbundled versioneer to build package
==== python-greenlet ====
Version update (2.0.2 -> 3.0.0~rc3)
- update to 3.0.0~rc3:
* Fix an intermittent error during process termination on some
platforms (GCC/Linux/libstdc++).
* Fix some potential bugs (assertion failures and memory leaks) in
previously-untested error handling code. In some cases, this means
that the process will execute a controlled ``abort()`` after severe
trouble when previously the process might have continued for some
time with a corrupt state. It is unlikely those errors occurred in
practice.
* Fix some assertion errors and potential bugs with re-entrant
switches.
* Fix a potential crash when certain compilers compile greenlet with
high levels of optimization. The symptom would be that switching to
a greenlet for the first time immediately crashes.
* Fix a potential crash when the callable object passed to the
greenlet constructor (or set as the ``greenlet.run`` attribute) has
a destructor attached to it that switches. Typically, triggering
this issue would require an unlikely subclass of
``greenlet.greenlet``.
* Python 3.11+: Fix rare switching errors that could occur when a
garbage collection was triggered during the middle of a switch, and
Python-level code in ``__del__`` or weakref callbacks switched to a
different greenlet and ultimately switched back to the original
greenlet. This often manifested as a ``SystemError``: "switch
returned NULL without an exception set."
* Python 3.12: Fix walking the frame stack of suspended greenlets.
Previously accessing ``glet.gr_frame.f_back`` would crash due to
`changes in CPython's undocumented internal frame handling
* Make the platform-specific low-level C/assembly snippets stop using
the ``register`` storage class. Newer versions of standards remove
this storage class, and it has been generally ignored by many
compilers for some time. See `PR 347
<https://github.com/python-greenlet/greenlet/pull/347>`_ from Khem
Raj.
* Add initial support for Python 3.12. See `issue
<https://github.com/python-greenlet/greenlet/issues/323>`_ and `PR
<https://github.com/python-greenlet/greenlet/pull/327>`_; thanks go
to (at least) Michael Droettboom, Andreas Motl, Thomas A Caswell,
raphaelauv, Hugo van Kemenade, Mark Shannon, and Petr Viktorin.
* Remove support for end-of-life Python versions, including Python
2.7, Python 3.5 and Python 3.6.
* Require a compiler that supports ``noinline`` directives. See
`issue 271
<https://github.com/python-greenlet/greenlet/issues/266>`_.
* Require a compiler that supports C++11.
==== python-jsonschema ====
Version update (4.18.6 -> 4.19.1)
- update to 4.19.1:
* Allow single label hostname in format string by @swaeberle in
[#1164]
- update to 4.19.0:
* Importing the |Validator| protocol directly from the package
root is deprecated. Import it from
|jsonschema.protocols.Validator| instead.
* Automatic retrieval of remote references (which is still
deprecated) now properly succeeds even if the retrieved
resource does not declare which version of JSON Schema it uses.
Such resources are assumed to be 2020-12 schemas. This more
closely matches the pre-|referencing| library behavior.
==== python-tornado6 ====
Version update (6.3.2 -> 6.3.3)
- Update to 6.3.3
* The Content-Length header and chunked Transfer-Encoding sizes
are now parsed more strictly (according to the relevant RFCs)
to avoid potential request-smuggling vulnerabilities when
deployed behind certain proxies.
- Add py312-datetime.patch to fix build with Python 3.12
==== sddm ====
Subpackages: sddm-branding-openSUSE
- Remove unnecessary Requires(post*)
- Config file changes:
* No longer own sddm.conf. The migration for this conflicts with
the other migration code, so:
* Drop code for migrating from Current=maui (Leap <= 42.2)
and the monolithic /etc/sddm.conf (Leap <= 42.3)
- Add patch and drop unnecessary BuildRequirements of
extra-cmake-modules and kf5-filesystem:
* 0001-Drop-unnecessary-ECM-dependency-and-dead-uninstall-t.patch
- Split the greeter into a subpackage and use _multibuild to build
both daemon and greeter for Qt 5 and Qt 6. Add patches to allow
for greeter coinstallation:
* 0002-Make-sddm-greeter-for-Qt-5-and-Qt-6-coinstallable.patch
* 0003-Let-themes-specify-the-used-version-of-Qt.patch
- Refresh 0001-Read-the-DISPLAYMANAGER_AUTOLOGIN-value-from-sysconf.patch
- Don't set CMAKE_BUILD_TYPE=Release
- Make branding packages noarch
- Add %check
==== smartmontools ====
- Do not quit with an error when no drives to monitor are available (bsc#990406 bsc#1167051).
- Add smartd_service_dont_quit.patch
- Refresh harden_smartd.service.patch
- Run through spec-cleaner, use autosetup
==== stoken ====
Version update (0.92 -> 0.93)
- Version update to 0.93:
* upstream moved to github
* Drop support for versions of nettle older than 2014
* Further v4 token work
* fixes in README
* Add --both option to print current and next token
* Support for v4 token decode
* Remove bashisms (Alon Bar-Lev)
==== systemd ====
Subpackages: libsystemd0 libudev1 systemd-coredump systemd-doc udev
- systemd.spec: during package updates, restart localed, timedated and hostnamed
if they're running.
- systemd.spec: when enabling units prefer enabling service units over socket
ones for socket activable services. The services shipped by systemd
automatically redirect the enablement request to the socket unit.
==== tracker ====
Subpackages: libtracker-sparql-3_0-0 tracker-data-files
- use pkgconfig(icu-i18n) to use the current libicu. (jsc#PED-6193)
==== tuned ====
Version update (2.20.0.18+git.7b1a20b -> 2.21.0.0+git.670541d)
- Update to version 2.21.0.0+git.670541d:
* new release (2.21.0)
* api: fixed stop method not to require any parameter
* new release (2.21.0-rc.1)
* gui: multiple fixes and warnings removal
* gui: fixed inconsistent tabs and spaces, introduced by #516
* Serialize SIGHUP processing
* No errors when physical_package_id file does not exist
* Update tests: disable systemd rate limiting.
* network-latency: enable rcu_normal_after_boot=1 kernel parameter
* remove ktimer_lockless_check sysfs setting from realtime-virtual profiles
* move rtentsk to network-latency profile
* move "tsc=reliable" setting from realtime to network-latency tuned configuration
* unify common sysctl settings between realtime and cpu-partitioning profiles
* Rename rollback-related constants and variables
* Add rollback option to tuned-main.conf
* Recast README into MarkDown with various minor corrections and improvements
* Remove setting ip forwarding via openshift profile
* Fix logging in [scheduler] plug-in
* fixed sap-hana docu regarding processor power settings
* Added sap-hana-kvm-guest profile
* tests/beakerlib: Add new test which covers socket API.
* plugin_net: expand variables properly
* fix typo
* add error dialog when no active profile set
==== udisks2 ====
Version update (2.9.4 -> 2.10.0)
Subpackages: libudisks2-0 libudisks2-0_btrfs
- Add Obsoletes tags for libudisks2-0_bcache and libudisks2-0_zram
modules, dropped on latest version bump, so they get removed from
end users' systems upon system upgrade.
- Drop unnecessary/discouraged %{?systemd_requires} from spec file.
- Update to version 2.10.0:
+ This release brings large number of internal changes, while
keeping the promise of API stability. This development cycle
was mostly driven by libblockdev 3.0 API overhaul.
+ Partitioning was ported to libfdisk.
+ The kbd and vdo libblockdev plugins were removed and so were
zram, bcache and vdo udisks modules.
+ Definition of supported filesystems was moved to libblockdev
and filesystem operations were unified.
+ Native NVMe support has been added through libnvme.
+ Syntax of configurable mount options was extended to separate
filesystem signature and filesystem driver used for mounting.
+ A number of workarounds was placed around the
org.freedesktop.UDisks2.Filesystem.Size property value
retrieval to avoid excessive I/O traffic whenever possible.
+ Bash and Zsh completion enhancements.
+ lvm2 module uevent handling improvements.
+ ATA Secure Erase is now allowed only on top-level block
objects.
+ Extra iSCSI node parameters are now honoured properly.
+ FIPS mode fixes.
+ Added support for resolving devices by PARTLABEL and PARTUUID.
+ Full support for setting filesystem and partition UUIDs.
+ Dynamic mountpoint name sanitization and ACL fixes.
+ Added support for LVM2 RAID.
+ UUID of Bitlocker volumes is now properly exposed.
+ Added an option to force/avoid creation of mdraid write-intent
bitmap.
+ Updated translations.
- Drop default_luks_encryption macro definition. It's no longer
needed as upstream defaults to LUKS2 now.
- Drop bcache, vdo and zram sub-packages, following upstream
changes, and libblockdev-kbd(-devel) BuildRequires/Requires.
- Drop bogus build requirement on libblockdev-lvm-dbus-devel, and
move libblockdev-lvm-devel BuildRequires to the lvm2 module
sub-package.
- Move libconfig and libstoragemgmt pkgconfig() BuildRequires to
the lsm module sub-package, and libblockdev-btrfs-devel
BuildRequires to the btrfs modules sub-package, which is where
they belong.
- Add libblockdev-nvme-devel BuildRequires and libblockdev-nvme
Requires as new required dependencies.
- Drop harden_udisks2-zram-setup@.service.patch: It's unneeded now
that the zram module has been deprecated.
- Drop merged upstream patches:
0001-udisksata-Move-the-low-level-PM-state-call.patch,
0001-udiskslinuxfilesystem-Make-the-size-property-retriev.patch,
0001-udiskslinuxmountoptions-Do-not-free-static-daemon-re.patch,
0001-udiskslinuxprovider-Only-update-related-objects-on-u.patch.
- Split Bash and Zsh (new to this release) completion scripts to
sub-packages of their own.
- Amend GPL-2.0-or-later License tags to LGPL-2.0-or-later for the
btrfs, lvm2 and lsm UDisks modules sub-packages. This correction
is based on what's explicitly stated on the source code from
UDisks modules' folders under the modules/ top-level directory.
==== unar ====
- use pkgconfig(icu-uc) to use the current libicu. (jsc#PED-6193)
==== xdg-utils ====
Version update (1.1.3+20230830 -> 1.1.3+20230831)
- Update to version 1.1.3+20230831:
* Revert putting process in background from !55
- revert _service to the original state
- revert drop of xdg-terminal-don-t-run-kreadconfig-if-KDE_SESSION_VE.patch
(bsc#1215384)
==== yast2-bootloader ====
Version update (4.6.2 -> 5.0.2)
- Fixed testsuite for architectures other than x86_64.
- 5.0.2
- Supporting systemd-boot for architecture x86_64.
This feature can be enabled/disabled by the "enable_systemd_boot"
flag in the product description file for each product
(default is disabled).
- 5.0.1
- 5.0.0 (#bsc1185510)
- support 32 bit UEFI firmware on x86_64/i386 architecture (bsc#1208003,
jsc#PED-2569)
- 4.6.3
==== yast2-installation ====
Version update (4.6.7 -> 5.0.1)
- Adapt code for changes in yast2-bootloader done for systemd-boot
experimental support (jsc#PED-1906)
- 5.0.1
- 5.0.0 (#bsc1185510)
==== yast2-python-bindings ====
Version update (4.6.0 -> 5.0.1)
- Fix inspect.getargspec() removed in python3.11; (bsc#1215226);
- 5.0.1
- 5.0.0 (#bsc1185510)
==== yast2-storage-ng ====
Version update (4.6.12 -> 5.0.1)
- AutoYaST: official support for LUKS2 (jsc#PED-3878, jsc#PED-5518)
- 5.0.1
- 5.0.0 (#bsc1185510)
==== yast2-users ====
Version update (4.6.4 -> 5.0.1)
- Don't use obsolete method Dir.exists? (bsc#1215637)
- 5.0.1
- 5.0.0 (#bsc1185510)
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
MozillaFirefox (117.0.1 -> 118.0.1)
argyllcms (2.3.1 -> 3.0.0)
glibc
gstreamer (1.22.5 -> 1.22.6)
gstreamer-plugins-bad (1.22.5 -> 1.22.6)
gstreamer-plugins-base (1.22.5 -> 1.22.6)
gstreamer-plugins-good (1.22.5 -> 1.22.6)
libqt5-qtbase
libssh
libvpx
mpg123 (1.31.3 -> 1.32.2)
open-vm-tools
openssl-3 (3.1.2 -> 3.1.3)
openssl (3.1.2 -> 3.1.3)
perl-HTTP-Message (6.44 -> 6.450.0)
python-greenlet (2.0.2 -> 3.0.0~rc3)
sddm
smartmontools
yast2-python-bindings (4.6.0 -> 5.0.1)
=== Details ===
==== MozillaFirefox ====
Version update (117.0.1 -> 118.0.1)
Subpackages: MozillaFirefox-translations-common
- Mozilla Firefox 118.0.1
MFSA 2023-44 (bsc#1215814)
* CVE-2023-5217 (bmo#1855550),
Heap buffer overflow in libvpx
- Mozilla Firefox 118.0
MFSA 2023-41 (bsc#1215575)
* CVE-2023-5168 (bmo#1846683)
Out-of-bounds write in FilterNodeD2D1
* CVE-2023-5169 (bmo#1846685)
Out-of-bounds write in PathOps
* CVE-2023-5170 (bmo#1846686)
Memory leak from a privileged process
* CVE-2023-5171 (bmo#1851599)
Use-after-free in Ion Compiler
* CVE-2023-5172 (bmo#1852218)
Memory Corruption in Ion Hints
* CVE-2023-5173 (bmo#1823172)
Out-of-bounds write in HTTP Alternate Services
* CVE-2023-5174 (bmo#1848454)
Double-free in process spawning on Windows
* CVE-2023-5175 (bmo#1849704)
Use-after-free of ImageBitmap during process shutdown
* CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824, bmo#1843962,
bmo#1848890, bmo#1850180, bmo#1850983, bmo#1851195)
Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3,
and Thunderbird 115.3
- requires NSS 3.93
- add mozilla-bmo1822730.patch
- deactivated KDE integration temporarily
(removed mozilla-kde.patch and firefox-kde.patch for now)
==== argyllcms ====
Version update (2.3.1 -> 3.0.0)
- Update to 3.0.0:
* Updated ccast/axTLS to get ChromCast working again with latest Google CC
operating software.
* Extensive re-write/re-factor of icclib to make it more future-proof.
See https://www.argyllcms.com/doc/ChangesSummary.html for details.
* Added ref/ColorCheckerPassport.ti2 and ref/ColorCheckerHalfPassport.ti2
to allow measuring ColorCheckerPassport with instrument.
* Fixed bug in Munki spectro hi-res mode with some instruments. Luminance
matching between normal and hi-res was sometimes quite poor.
* Added ARGYLL_CREATE_DISPLAY_PROFILE_WITHOUT_CHAD environment variable.
* Changed colprof -U flag to -u. Changed dispcal -J flag to -K to accommodate
a potential new flag for colprof and dispcal.
* Added workaround for bug in madHcNet64.dll32/64.dll which sometimes causes
failure.
* Added delay after USB set_config on OS X to help Spyder 3/4 on Ventura OS.
* Added -Y parameter to dispwin to override automatic patch delay.
* Changed i1d3 driver to cope with Rev. B "0x83" error robustly. This should
fix any issues measuring low level Red only patch values on OLED displays,
but with slower measurements when this occurs.
* Added spotread -Y S option to save spectral sensitivity curves and added
corresponding support in i1d3 driver. This allows for comparison of different
instruments factory calibrations.
* Added a -h scale parameter to dispread, to allow the automatic instrument
calibration test patch values to be scaled down from their default 100%
value. This is useful with HDR displays.
* Added manifest to MSWindows executables to use UTF-8 code pages on Windows
1903 and later. This should improve non-ASCII filename and path handling.
* Added a Violet colorant to the targen colorant list.
* Fixed problem with OS X 64 bit backwards compatibility where it failed to
locate serial instruments when the binaries are run on OS X V12 or latter
machines.
* Fixed bug in i1Pro3 driver where it was not returning the correct
measurement conditions enum.
* Fixed spotread so that ambient measure for monochrome sources doesn't error
out due to bad CCT/VCT/VDT. Also change -T so that it suppresses CCT etc. if
ambient mode is used.
* Added hacky workaround to strange Mac M2/rosetta bug in del_i1proimp().
- Make the argyllcms-doc package noarch.
==== glibc ====
Subpackages: glibc-extra glibc-lang glibc-locale glibc-locale-base nscd
- fstat-implementation.patch: io: Do not implement fstat with fstatat
- getaddrinfo-memory-leak.patch: Fix leak in getaddrinfo introduced by the
fix for CVE-2023-4806 (CVE-2023-5156, bsc#1215714, BZ #30884)
- getcanonname-use-after-free.patch: getaddrinfo: Fix use after free in
getcanonname (CVE-2023-4806, bsc#1215281, BZ #30843)
- Do not build any cross packages in SLES
- no-aaaa-read-overflow.patch: Stack read overflow with large TCP
responses in no-aaaa mode (CVE-2023-4527, bsc#1215280, BZ #30842)
- Add systemd to passwd, group and shadow lookups (jsc#PED-5188)
- ppc64-flock-fob64.patch: io: Fix record locking contants for powerpc64
with __USE_FILE_OFFSET64 (BZ #30804)
- libio-io-vtables.patch: libio: Fix oversized __io_vtables
- call-init-proxy-objects.patch: elf: Do not run constructors for proxy
objects
- dtors-reverse-ctor-order.patch: elf: Always call destructors in reverse
constructor order (BZ #30785)
- intl-c-utf-8-like-c-locale.patch: intl: Treat C.UTF-8 locale like C
locale (BZ #16621)
- glibc-disable-gettext-for-c-utf8.patch: Removed
==== gstreamer ====
Version update (1.22.5 -> 1.22.6)
Subpackages: gstreamer-lang libgstreamer-1_0-0 typelib-1_0-Gst-1_0
- Update to version 1.22.6:
+ Highlighted bugfixes:
- Security fixes for the MXF demuxer and H.265 video parser
- Fix latency regression in H.264 hardware decoder base class
- androidmedia: fix HEVC codec profile registration and fix
coded_data handling
- decodebin3: fix switching from a raw stream to an encoded
stream
- gst-inspect: prettier and more correct signal and action
signals printing
- rtmp2: Allow NULL flash version, omitting the field, for
better RTMP server compatibility
- rtspsrc: better compatibility with buggy RTSP servers that
don't set a clock-rate
- rtpjitterbuffer: fix integer overflow that led to more
packets being declared lost than have been lost
- v4l2: fix video encoding regression on RPi and fix support
for left and top padding
- waylandsink: Crop surfaces to their display width height
- cerbero: Recognise Manjaro; add Rust support for MSVC ARM64;
cmake detection fixes
- Various bug fixes, memory leak fixes, and other stability and
reliability improvements
+ gstreamer:
- gst-inspect: prettier and more correct signal printing, and
print action signals in g_signal_emit_by_name() format
- gst-launch: Disable fault signal handlers on macOS
- Rebase reduce-required-meson.patch
==== gstreamer-plugins-bad ====
Version update (1.22.5 -> 1.22.6)
Subpackages: gstreamer-plugins-bad-lang libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0
- Update to version 1.22.6:
+ audiolatency: Forward latency query and event upstream
+ av1parser: Fix segmentation params update
+ codecparsers: Fix MPEG-1 aspect ratio table
+ d3d11convert: Passthrough allocation query on same caps
+ h264decoder: Update latency dynamically
+ h265parser:
- Allow partially broken hvcC data
- Fix possible overflow using max_sub_layers_minus1
+ hlssink2: Always use forward slash separator
+ mdns: Fix a crash on context error
+ mxfdemux: Fix integer overflow causing out of bounds writes
when handling invalid uncompressed video and check channels for
AES3
+ nvencoder: Fix negotiation error when interlace-mode is
unspecified
+ rtmp2: Allow NULL flash version, omitting the field
+ rtmp2sink: fix crash if message conversion failed
+ transcodebin: Fixes for upstream selectable support
+ va: Fix in error logs functions mismatches
+ waylandsink:
- Crop surfaces to their display width height
- Fix cropping for video with non-square aspect ratio
+ webrtc: Fix docs for create-data-channel action signal
- Rebase reduce-required-meson.patch
==== gstreamer-plugins-base ====
Version update (1.22.5 -> 1.22.6)
Subpackages: gstreamer-plugins-base-lang libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstTag-1_0
- Update to version 1.22.6:
+ audio: Make sure to stop ringbuffer on error
+ decodebin3:
- Avoid identity, sinkpad, parsebin leakage when reset input
- Ensure the slot is unlinked before linking to decoder
+ sdp:
- Fix wrong debug log error message for missing clock-rate in
caps
- Parse zero clock-rate as default
- Rebase reduce-required-meson.patch
==== gstreamer-plugins-good ====
Version update (1.22.5 -> 1.22.6)
Subpackages: gstreamer-plugins-good-gtk gstreamer-plugins-good-lang
- Update to version 1.22.6:
+ adaptivedemux2: fix memory leak
+ pulsedeviceprovider: fix incorrect usage of GST_ELEMENT_ERROR
+ qt:
- Unbreak build with qt-egl enabled but viv_fb missing
- Fix searching of qt5/qt6 tools with qmake in Meson
+ qtdemux:
- Fix premature EOS when some files are played in push mode
- Attach cbcs crypt info at the right moment
+ rtpjitterbuffer: Avoid integer overflow in max saveable packets
calculation with negative offset
+ videoflip: fix concurrent access when modifying the tag list
+ v4l2:
- allocator: Don't close foreign dmabuf
- bufferpool:
. Fix large encoded stream regression
. Problems when checking for truncated buffer
- Fix support for left and top padding
+ v4l2object: clear format lists if source change event is
received
- Rebase reduce-required-meson.patch
- Add libqt5-linguist BuildRequires: New dependency.
==== libqt5-qtbase ====
Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5OpenGL5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 libqt5-qtbase-platformtheme-gtk3
- switch icu-devel requires to pkgconfig to allow switching libicu
versions
==== libssh ====
Subpackages: libssh-config libssh4
- Enable crypto-policies support: [bsc#1211301]
* Rebase libssh_client.config libssh_server.config
==== libvpx ====
- Fixing CVE-2023-5217 heap buffer overflow (boo#1215778)
added CVE-2023-5217.patch
==== mpg123 ====
Version update (1.31.3 -> 1.32.2)
Subpackages: libmpg123-0 mpg123-openal
- Update to version 1.32.2
* libmpg123: Re-introduce _64 symbols on native 64 bit offset
platforms. This was a regression since 1.31 series. Sorry,
too much cleanup, not enough testing.
* build:
+ Better O_LARGEFILE logic, avoiding redefintion.
* ports/cmake:
+ Require C99 (bug 360, among other points, thanks to Ozkan
Sezer).
+ Fix broken O_LARGEFILE logic (bug 360).
+ Typo fix and cleanup, also manual SSE switch for Android
on old x86 (bug 359).
- Update to version 1.32.1
* Include man pages again in tarball and install. We cannot
avoid the empty man directory when disabling programs with
autoconf.
* Fix signal handler prototype, avoiding some justified warnings.
* ports/cmake:
+ Include CheckTypeSize, which seems to be needed sometimes
+ Avoid O_LARGEFILE redefinition, logic closer to autoconf.
- Update to version 1.32.0
* build
+ Move version handling out of configure.ac to ease other
build systems.
+ Include "fmt123.h" instead of <fmt123.h> in main API
headers to make it more likely the correct one is
included (at least gcc picks the one in the same directory
as the including header first).
+ All headers are build-independent now.
+ Fix build for picky linkers by avoiding definition of
wrap_getcpuflags() where it is not used (spurious linker
error to non-exitent getcpuflags(), bug 353).
+ Handle deprecation of C99 detection macro in autoconf 2.70.
+ No use of AC_SYS_LARGEFILE anymore for explicit handling
and differing choice for the libraries and frontend programs.
+ Added --enable-portable and --disable-largefile to
configure, removing the other largefile-related options.
+ Added --disable-components --enable-libmpg123 to only
build libmpg123 (and likewise --enable-libout123,
- -enable-libout123-modules, --enable-libsyn123) to autoconf
build. CMake build has something similar with BUILD_PROGRAMS
and BUILD_LIBOUT123, which leave only libmpg123 and libsyn123
if disabled).
+ Consistent formatting of ./configure --help with
AS_HELP_STRING().
* mpg123
+ Added --libversion.
+ Added proper A-B looping with terminal control key 'o',
renamed --pauseloop to --presetloop.
+ Really get rid of mpg123_position() usage. (It was all
lies before!)
+ Fix terminal progress info when seeking in stopped mode
(1.31 regression).
+ Patch up interaction of output buffer with generic remote
control, adding non-interruptible drain after P 3, and
dropping buffer on QUIT.
+ Uppercase some generic control replies for consinstency:
SILENCE, PROGRESS, MUTE, UNMUTE
* libmpg123, libout123, libsyn123
+ Bumped API version for version query functions.
+ Replaced nearly all symbol renames with explicit INT123_
prefix declarations (intsym.h close to empty now).
* libout123
+ Add sleep builtin output module (silent, but proper
timing).
* libsyn123
+ Introduced SYN123_PORTABLE_API for an API without off_t
and ssize_t (see NEWS.libsyn123).
* libmpg123
+ Internal I/O using explicit largefile support via off64_t,
lseek64, fallback to plain 32 bit off_t.
+ Added explicit 64 bit API with 64 suffix (mpg123_tell64(),
not mpg123_tell_64()).
This allows full avoidance of ambiguus off_t. The API is
always using 64 bit integers, regardless of internal
implementation.
+ Introduced MPG123_PORTABLE_API for an API subset without
off_t and ssize_t.
+ Made mpg123_seek() and friends ignore offset sign for
SEEK_END (always seeking towards beginning, assuming
negative offset) to make lseek()-conforming usage
possible. Seeking beyond the end never made sense, so no
loss of valid functionality.
* Overall use of INT123_strerror(), trying to use thread-safe
strerror_l() if possible.
==== open-vm-tools ====
Subpackages: libvmtools0 open-vm-tools-desktop
- 15 sp4 currently uses open-vm-tools rpms from 15 sp3. As such, enable
the spec file fix for bug (bsc#1205927) for 15 sp3 onwards.
==== openssl-3 ====
Version update (3.1.2 -> 3.1.3)
Subpackages: libopenssl3
- Update to 3.1.3:
* Fix POLY1305 MAC implementation corrupting XMM registers on
Windows (CVE-2023-4807)
==== openssl ====
Version update (3.1.2 -> 3.1.3)
- Update to 3.1.3
==== perl-HTTP-Message ====
Version update (6.44 -> 6.450.0)
- updated to 6.45
see /usr/share/doc/packages/perl-HTTP-Message/Changes
6.45 2023-09-27 14:27:31Z
- Allow for file ownership conflicts with Docker and GitHub Actions
(GH#193) (Olaf Alders)
- Add the 'status_code' function for getting all status codes as hash
(GH#194) (Dai Okabayashi)
==== python-greenlet ====
Version update (2.0.2 -> 3.0.0~rc3)
- update to 3.0.0~rc3:
* Fix an intermittent error during process termination on some
platforms (GCC/Linux/libstdc++).
* Fix some potential bugs (assertion failures and memory leaks) in
previously-untested error handling code. In some cases, this means
that the process will execute a controlled ``abort()`` after severe
trouble when previously the process might have continued for some
time with a corrupt state. It is unlikely those errors occurred in
practice.
* Fix some assertion errors and potential bugs with re-entrant
switches.
* Fix a potential crash when certain compilers compile greenlet with
high levels of optimization. The symptom would be that switching to
a greenlet for the first time immediately crashes.
* Fix a potential crash when the callable object passed to the
greenlet constructor (or set as the ``greenlet.run`` attribute) has
a destructor attached to it that switches. Typically, triggering
this issue would require an unlikely subclass of
``greenlet.greenlet``.
* Python 3.11+: Fix rare switching errors that could occur when a
garbage collection was triggered during the middle of a switch, and
Python-level code in ``__del__`` or weakref callbacks switched to a
different greenlet and ultimately switched back to the original
greenlet. This often manifested as a ``SystemError``: "switch
returned NULL without an exception set."
* Python 3.12: Fix walking the frame stack of suspended greenlets.
Previously accessing ``glet.gr_frame.f_back`` would crash due to
`changes in CPython's undocumented internal frame handling
* Make the platform-specific low-level C/assembly snippets stop using
the ``register`` storage class. Newer versions of standards remove
this storage class, and it has been generally ignored by many
compilers for some time. See `PR 347
<https://github.com/python-greenlet/greenlet/pull/347>`_ from Khem
Raj.
* Add initial support for Python 3.12. See `issue
<https://github.com/python-greenlet/greenlet/issues/323>`_ and `PR
<https://github.com/python-greenlet/greenlet/pull/327>`_; thanks go
to (at least) Michael Droettboom, Andreas Motl, Thomas A Caswell,
raphaelauv, Hugo van Kemenade, Mark Shannon, and Petr Viktorin.
* Remove support for end-of-life Python versions, including Python
2.7, Python 3.5 and Python 3.6.
* Require a compiler that supports ``noinline`` directives. See
`issue 271
<https://github.com/python-greenlet/greenlet/issues/266>`_.
* Require a compiler that supports C++11.
==== sddm ====
Subpackages: sddm-branding-openSUSE
- Remove unnecessary Requires(post*)
- Config file changes:
* No longer own sddm.conf. The migration for this conflicts with
the other migration code, so:
* Drop code for migrating from Current=maui (Leap <= 42.2)
and the monolithic /etc/sddm.conf (Leap <= 42.3)
- Add patch and drop unnecessary BuildRequirements of
extra-cmake-modules and kf5-filesystem:
* 0001-Drop-unnecessary-ECM-dependency-and-dead-uninstall-t.patch
- Split the greeter into a subpackage and use _multibuild to build
both daemon and greeter for Qt 5 and Qt 6. Add patches to allow
for greeter coinstallation:
* 0002-Make-sddm-greeter-for-Qt-5-and-Qt-6-coinstallable.patch
* 0003-Let-themes-specify-the-used-version-of-Qt.patch
- Refresh 0001-Read-the-DISPLAYMANAGER_AUTOLOGIN-value-from-sysconf.patch
- Don't set CMAKE_BUILD_TYPE=Release
- Make branding packages noarch
- Add %check
==== smartmontools ====
- Do not quit with an error when no drives to monitor are available (bsc#990406 bsc#1167051).
- Add smartd_service_dont_quit.patch
- Refresh harden_smartd.service.patch
- Run through spec-cleaner, use autosetup
==== yast2-python-bindings ====
Version update (4.6.0 -> 5.0.1)
- Fix inspect.getargspec() removed in python3.11; (bsc#1215226);
- 5.0.1
- 5.0.0 (#bsc1185510)
1
0