Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
cockpit (296 -> 297)
glu
gmp (6.2.1 -> 6.3.0)
gpgme
gupnp (1.6.4 -> 1.6.5)
harfbuzz (8.0.1 -> 8.1.1)
kernel-source (6.4.6 -> 6.4.8)
liblc3 (1.0.3 -> 1.0.4)
libplacebo (6.292.0 -> 6.292.1)
libstorage-ng (4.5.133 -> 4.5.134)
python-blinker
python-jsonschema (4.18.4 -> 4.18.6)
wpebackend-fdo (1.14.0 -> 1.14.2)
xdg-desktop-portal-gnome (44.1 -> 44.2)
yast2-installation (4.6.5 -> 4.6.6)
=== Details ===
==== cockpit ====
Version update (296 -> 297)
Subpackages: cockpit-bridge cockpit-packagekit cockpit-system
- new version 297:
- https://cockpit-project.org/blog/cockpit-297.html
- hide-docs.patch: refreshed
==== glu ====
- devel package: added missing dep to Mesa GL devel package
(boo#1213976)
==== gmp ====
Version update (6.2.1 -> 6.3.0)
- GMP 6.3.0
* A possible overflow of type int is avoided for mpz_cmp on huge operands.
* A possible error condition when a malformed file is read with mpz_inp_raw
is now correctly handled.
* New public function mpz_prevprime, companion of the existing mpz_nextprime.
* New documented pointer types mpz_ptr, mpz_srcptr, and similar for other
GMP types. Refer to the manual for full list and suggested usage. These
types have been present in gmp.h at least since GMP-4.0, but previously
not advertised to users.
* Support for 64-bit Arm under Macos.
* Support for the loongarch64 CPU family.
* Support for building with LTO, link-time optimisations.
* New special code for base = 2 in mpz_powm reduces the average time for
the functions that test primality.
* Speedup for the function mpz_nextprime on large operands.
* Speedup for multiplications (some sizes only) thanks to new internal
functions to compute small negacyclic products.
* Special assembly code for IBM z13 and later "mainframe" CPUs, resulting
in a huge speedup.
* Improved assembly for several 64-bit x86 CPUs, Risc-V, 64-bit Arm.
- Removed gmp-6.2.1-CVE-2021-43618.patch which is included in the
new release.
==== gpgme ====
Subpackages: libgpgme11 libgpgmepp6 python311-gpg
- Run testsuite in qemu build
==== gupnp ====
Version update (1.6.4 -> 1.6.5)
- Update to version 1.6.5:
+ Fix build with meson 1.2
- Drop patches fixed upstream:
+ a10c57bd.patch
+ 884639bd.patch
==== harfbuzz ====
Version update (8.0.1 -> 8.1.1)
Subpackages: libharfbuzz-gobject0 libharfbuzz-icu0 libharfbuzz-subset0 libharfbuzz0 typelib-1_0-HarfBuzz-0_0
- Update to version 8.1.1:
+ Fix shaping of contextual rules at the end of string,
introduced in 8.1.0.
+ Fix stack-overflow in repacker with malicious fonts.
+ 30% speed up loading Noto Duployan font.
- Update to version 8.1.0:
+ Fix long-standing build issue with the AIX compiler and older
Apple clang.
+ Revert optimization that could cause timeout during subsetting
with malicious fonts.
+ More optimization work:
- 45% speed up in shaping Noto Duployan font.
- 10% speed up in subsetting Noto Duployan font.
- Another 8% speed up in shaping Gulzar.
- 5% speed up in loading Roboto.
+ New API: +hb_ot_layout_collect_features_map().
==== kernel-source ====
Version update (6.4.6 -> 6.4.8)
- Linux 6.4.8 (bsc#1012628).
- platform/x86/amd/pmf: Notify OS power slider update
(bsc#1012628).
- platform/x86/amd/pmf: reduce verbosity of apmf_get_system_params
(bsc#1012628).
- drm/amd: Move helper for dynamic speed switch check out of smu13
(bsc#1012628).
- drm/amd: Align SMU11 SMU_MSG_OverridePcieParameters
implementation with SMU13 (bsc#1012628).
- jbd2: Fix wrongly judgement for buffer head removing while
doing checkpoint (bsc#1012628).
- KVM: arm64: Handle kvm_arm_init failure correctly in
finalize_pkvm (bsc#1012628).
- blk-mq: Fix stall due to recursive flush plug (bsc#1012628).
- powerpc/pseries/vas: Hold mmap_mutex after mmap lock during
window close (bsc#1012628).
- KVM: s390: pv: simplify shutdown and fix race (bsc#1012628).
- KVM: s390: pv: fix index value of replaced ASCE (bsc#1012628).
- s390/mm: fix per vma lock fault handling (bsc#1012628).
- io_uring: don't audit the capability check in io_uring_create()
(bsc#1012628).
- gpio: tps68470: Make tps68470_gpio_output() always set the
initial value (bsc#1012628).
- gpio: mvebu: Make use of devm_pwmchip_add (bsc#1012628).
- gpio: mvebu: fix irq domain leak (bsc#1012628).
- regmap: Disable locking for RBTREE and MAPLE unit tests
(bsc#1012628).
- btrfs: factor out a btrfs_verify_page helper (bsc#1012628).
- btrfs: fix fsverify read error handling in end_page_read
(bsc#1012628).
- btrfs: fix race between quota disable and relocation
(bsc#1012628).
- i2c: Delete error messages for failed memory allocations
(bsc#1012628).
- i2c: Improve size determinations (bsc#1012628).
- i2c: nomadik: Remove unnecessary goto label (bsc#1012628).
- i2c: nomadik: Use devm_clk_get_enabled() (bsc#1012628).
- i2c: nomadik: Remove a useless call in the remove function
(bsc#1012628).
- PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link()
(bsc#1012628).
- PCI/ASPM: Factor out pcie_wait_for_retrain() (bsc#1012628).
- PCI/ASPM: Avoid link retraining race (bsc#1012628).
- PCI: rockchip: Remove writes to unused registers (bsc#1012628).
- PCI: rockchip: Fix window mapping and address translation for
endpoint (bsc#1012628).
- PCI: rockchip: Don't advertise MSI-X in PCIe capabilities
(bsc#1012628).
- drm/amd/display: Convert Delaying Aux-I Disable To Monitor Patch
(bsc#1012628).
- drm/amd/display: Keep disable aux-i delay as 0 (bsc#1012628).
- drm/amd/display: add pixel rate based CRB allocation support
(bsc#1012628).
- drm/amd/display: fix dcn315 single stream crb allocation
(bsc#1012628).
- drm/amd/display: Update correct DCN314 register header
(bsc#1012628).
- drm/amd/display: Set minimum requirement for using PSR-SU on
Rembrandt (bsc#1012628).
- drm/amd/display: Set minimum requirement for using PSR-SU on
Phoenix (bsc#1012628).
- drm/ttm: never consider pinned BOs for eviction&swap
(bsc#1012628).
- maple_tree: add __init and __exit to test module (bsc#1012628).
- maple_tree: fix 32 bit mas_next testing (bsc#1012628).
- drm/amd/display: Add FAMS validation before trying to use it
(bsc#1012628).
- drm/amd/display: update extended blank for dcn314 onwards
(bsc#1012628).
- drm/amd/display: Fix possible underflow for displays with
large vblank (bsc#1012628).
- drm/amd/display: Prevent vtotal from being set to 0
(bsc#1012628).
- ext4: add EXT4_MB_HINT_GOAL_ONLY test in
ext4_mb_use_preallocated (bsc#1012628).
- ext4: mballoc: Remove useless setting of ac_criteria
(bsc#1012628).
- ext4: fix rbtree traversal bug in ext4_mb_use_preallocated
(bsc#1012628).
- phy: phy-mtk-dp: Fix an error code in probe() (bsc#1012628).
- phy: mediatek: hdmi: mt8195: fix prediv bad upper limit test
(bsc#1012628).
- phy: qcom-snps-femto-v2: keep cfg_ahb_clk enabled during
runtime suspend (bsc#1012628).
- phy: qcom-snps-femto-v2: properly enable ref clock
(bsc#1012628).
- soundwire: qcom: update status correctly with mask
(bsc#1012628).
- soundwire: amd: Fix a check for errors in probe() (bsc#1012628).
- media: tc358746: Address compiler warnings (bsc#1012628).
- media: staging: atomisp: select V4L2_FWNODE (bsc#1012628).
- media: amphion: Fix firmware path to match linux-firmware
(bsc#1012628).
- media: mtk-jpeg: move data/code inside CONFIG_OF blocks
(bsc#1012628).
- media: mtk_jpeg_core: avoid unused-variable warning
(bsc#1012628).
- i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir()
(bsc#1012628).
... changelog too long, skipping 714 lines ...
- commit 02597d2
==== liblc3 ====
Version update (1.0.3 -> 1.0.4)
- Update to version 1.0.4:
+ Enhancement: Add fuzzing test harness.
+ Fixes: Gain adjustment during second quantization phase can
exceed minimum gain (introduce distortion at high bitrate).
==== libplacebo ====
Version update (6.292.0 -> 6.292.1)
- Update libplacebo to version 6.292.1. See details in:
https://code.videolan.org/videolan/libplacebo/-/tags/v6.292.1
==== libstorage-ng ====
Version update (4.5.133 -> 4.5.134)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- Translated using Weblate (Catalan) (bsc#1149754)
- 4.5.134
==== python-blinker ====
- Remove no-stdpy-pyc.patch
- Call directly to the sphinx module with the specific python
interpreter to avoid the usage of default python, bsc#1213698.
==== python-jsonschema ====
Version update (4.18.4 -> 4.18.6)
- update to 4.18.6:
* Set a jsonschema specific user agent when automatically
retrieving remote references (which is deprecated).
- update to 4.18.5:
* Declare support for Py3.12
==== wpebackend-fdo ====
Version update (1.14.0 -> 1.14.2)
- Update to version 1.14.2
+ Reverted a change introduced in 1.14.1 which introduced crashes
both with WebKitGTK and WPE running under Wayland in some
configurations.
+ Fix a crash caused by wrong assertion, which was typically
triggered in debug builds when using the NVidia drivers.
- Update to version 1.14.1:
+ Fix WebKit no longer repainting after provisional navigation
wit PSON enabled.
+ Fix graphics buffer leaks by always freeing them in buffer
destroy listener callbacks.
==== xdg-desktop-portal-gnome ====
Version update (44.1 -> 44.2)
Subpackages: xdg-desktop-portal-gnome-lang
- Update to version 44.2:
+ Expose settings backend when running outside of GNOME.
+ Updated translations.
==== yast2-installation ====
Version update (4.6.5 -> 4.6.6)
- bsc#1213959
- Change status label properly when toggling status in the
"Previousy used repositories" dialog.
- 4.6.6
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
Mesa (23.1.4 -> 23.1.5)
Mesa-drivers (23.1.4 -> 23.1.5)
SDL2 (2.28.1 -> 2.28.2)
cockpit (293 -> 296)
cockpit-podman (70 -> 73)
colord
dracut (059+suse.476.g5e324584 -> 059+suse.488.g81715832)
grub2
ibus-m17n (1.4.19 -> 1.4.20)
installation-images-MicroOS (17.90 -> 17.91)
libdnf (0.70.1 -> 0.70.2)
openssl-3 (3.1.1 -> 3.1.2)
openssl (3.1.1 -> 3.1.2)
podman
setools (4.4.2 -> 4.4.3)
tar
util-linux
util-linux-systemd
=== Details ===
==== Mesa ====
Version update (23.1.4 -> 23.1.5)
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- Update to bugfix release 23.1.5
- -> https://docs.mesa3d.org/relnotes/23.1.4.html
==== Mesa-drivers ====
Version update (23.1.4 -> 23.1.5)
Subpackages: Mesa-dri Mesa-gallium Mesa-libva
- Update to bugfix release 23.1.5
- -> https://docs.mesa3d.org/relnotes/23.1.4.html
==== SDL2 ====
Version update (2.28.1 -> 2.28.2)
- Update to release 2.28.2
* Fixed 8BitDo gamepad mapping when in XInput mode on Linux
* Fixed controller lockup initializing some unofficial PS4
replica controllers
* Fixed video initialization on headless Linux systems using VNC
==== cockpit ====
Version update (293 -> 296)
Subpackages: cockpit-bridge cockpit-packagekit cockpit-system
- new version 296:
- https://cockpit-project.org/blog/cockpit-296.html
- https://cockpit-project.org/blog/cockpit-295.html
- https://cockpit-project.org/blog/cockpit-294.html
- 0004-leap-gnu18-removal.patch: added support for Leap thanks to Lubos
==== cockpit-podman ====
Version update (70 -> 73)
- New version 73. Changes since 70 include,
* show time of container's latest checkpoint
* Bug fixes and translation updates
* Add manifest condition for the Python bridge
- 1299.patch: included in release and deleted here
==== colord ====
Subpackages: colord-color-profiles colord-lang libcolord2 libcolorhug2
- Reduce memory constraints for riscv64
==== dracut ====
Version update (059+suse.476.g5e324584 -> 059+suse.488.g81715832)
Subpackages: dracut-ima
- Update to version 059+suse.488.g81715832:
This is the 3rd backport of the most important fixes and features from the upstream master branch,
while the release date of version 060 is still undefined.
* fix(systemd-udevd): add missing override paths
* fix(systemd-journald): add systemd-sysusers dependency
* fix(base): correct handling of quiet in loginit
* chore(suse): require gawk instead of awk
* refactor(install): log about missing firmware only once
* fix(integrity): do not require ls
* fix(dracut-init.sh): `module_check` method ignores `forced` option
* fix(man): add missing initrd-root-device.target to flow chart
* fix(dracut-init.sh): use the local _ret variable
* fix(dracut.sh): use gawk for strtonum
* fix(man): remove duplicate entry
==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi
- Change the bash-completion directory (bsc#1213855)
* grub2-change-bash-completion-dir.patch
==== ibus-m17n ====
Version update (1.4.19 -> 1.4.20)
- Update to 1.4.20
* Reduce preedit flicker
* Remove xml:lang="en" from the screenshot in appdata.xml
* Use ibus_text_new_from_string (string) instead of ibus_text_new_from_static_string (string) in ibus_m17n_engine_commit_string()
* Add missing g_free (buf) in ibus_m17n_mtext_to_utf8()
==== installation-images-MicroOS ====
Version update (17.90 -> 17.91)
- merge gh#openSUSE/installation-images#652
- add reset-rzg2l-usbphy-ctrl module (bsc#1213805)
- 17.91
==== libdnf ====
Version update (0.70.1 -> 0.70.2)
Subpackages: libdnf-repo-config-zypp libdnf2
- Update to 0.70.2:
* Support "proxy=none" in main config (RhBug:2155713)
* Fix #1558: Don't assume inclusion of cstdint
* Disconnect monitors in dnf_repo_loader_finalize() (RhBug:2070153)
==== openssl-3 ====
Version update (3.1.1 -> 3.1.2)
Subpackages: libopenssl3
- Update to 3.1.2:
* Fix excessive time spent checking DH q parameter value
(bsc#1213853, CVE-2023-3817). The function DH_check() performs
various checks on DH parameters. After fixing CVE-2023-3446 it
was discovered that a large q parameter value can also trigger
an overly long computation during some of these checks. A
correct q value, if present, cannot be larger than the modulus
p parameter, thus it is unnecessary to perform these checks if
q is larger than p. If DH_check() is called with such q parameter
value, DH_CHECK_INVALID_Q_VALUE return flag is set and the
computationally intensive checks are skipped.
* Fix DH_check() excessive time with over sized modulus
(bsc#1213487, CVE-2023-3446). The function DH_check() performs
various checks on DH parameters. One of those checks confirms
that the modulus ("p" parameter) is not too large. Trying to use
a very large modulus is slow and OpenSSL will not normally use
a modulus which is over 10,000 bits in length. However the
DH_check() function checks numerous aspects of the key or
parameters that have been supplied. Some of those checks use the
supplied modulus value even if it has already been found to be
too large. A new limit has been added to DH_check of 32,768 bits.
Supplying a key/parameters with a modulus over this size will
simply cause DH_check() to fail.
* Do not ignore empty associated data entries with AES-SIV
(bsc#1213383, CVE-2023-2975). The AES-SIV algorithm allows for
authentication of multiple associated data entries along with the
encryption. To authenticate empty data the application has to call
EVP_EncryptUpdate() (or EVP_CipherUpdate()) with NULL pointer as
the output buffer and 0 as the input buffer length. The AES-SIV
implementation in OpenSSL just returns success for such call
instead of performing the associated data authentication operation.
The empty data thus will not be authenticated. The fix changes the
authentication tag value and the ciphertext for applications that
use empty associated data entries with AES-SIV. To decrypt data
encrypted with previous versions of OpenSSL the application has to
skip calls to EVP_DecryptUpdate() for empty associated data entries.
* When building with the enable-fips option and using the resulting
FIPS provider, TLS 1.2 will, by default, mandate the use of an
extended master secret (FIPS 140-3 IG G.Q) and the Hash and HMAC
DRBGs will not operate with truncated digests (FIPS 140-3 IG G.R).
* Update openssl.keyring with the OTC members that sign releases
* Remove openssl-z16-s390x.patch fixed upstream in
https://github.com/openssl/openssl/pull/21284
* Remove security patches fixed upstream:
- openssl-CVE-2023-2975.patch
- openssl-CVE-2023-3446.patch
- openssl-CVE-2023-3446-test.patch
==== openssl ====
Version update (3.1.1 -> 3.1.2)
- Update to 3.1.2
==== podman ====
- Discard outdated README.SUSE.SLES
- Recommend gvisor-tap-vsock, required for `podmand machine`
==== setools ====
Version update (4.4.2 -> 4.4.3)
Subpackages: python311-setools setools-console
- Update to version 4.4.3:
* Fix compilation with Cython 3.0.0.
* Improve man pages.
* Remove neverallow options in sediff.
* Add -r option to seinfoflow to get flows into the source type.
* Reject a rule with no permissions as invalid policy.
==== tar ====
Subpackages: tar-lang tar-rmt
- Run testsuite also on qemu build
==== util-linux ====
Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 util-linux-lang
- Disable last and lastb for ALP, too.
==== util-linux-systemd ====
- Disable last and lastb for ALP, too.
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
bluedevil5 (5.27.6 -> 5.27.7)
breeze (5.27.6 -> 5.27.7)
breeze-gtk (5.27.6 -> 5.27.7)
discover (5.27.6 -> 5.27.7)
drkonqi5 (5.27.6 -> 5.27.7)
ffmpeg-6
file (5.44 -> 5.45)
kactivitymanagerd (5.27.6 -> 5.27.7)
kcm_flatpak (5.27.6 -> 5.27.7)
kcm_sddm (5.27.6 -> 5.27.7)
kde-cli-tools5 (5.27.6 -> 5.27.7)
kde-gtk-config5 (5.27.6 -> 5.27.7)
kgamma5 (5.27.6 -> 5.27.7)
khotkeys5 (5.27.6 -> 5.27.7)
kinfocenter5 (5.27.6 -> 5.27.7)
kmenuedit5 (5.27.6 -> 5.27.7)
kpipewire (5.27.6 -> 5.27.7)
kscreen5 (5.27.6 -> 5.27.7)
kscreenlocker (5.27.6 -> 5.27.7)
ksshaskpass5 (5.27.6 -> 5.27.7)
ksystemstats5 (5.27.6 -> 5.27.7)
kwayland-integration (5.27.6 -> 5.27.7)
kwin5 (5.27.6 -> 5.27.7)
kwrited5 (5.27.6 -> 5.27.7)
layer-shell-qt (5.27.6 -> 5.27.7)
libkdecoration2 (5.27.6 -> 5.27.7)
libkscreen2 (5.27.6 -> 5.27.7)
libksysguard5 (5.27.6 -> 5.27.7)
libstorage-ng (4.5.127 -> 4.5.133)
libuv (1.44.2 -> 1.46.0)
milou5 (5.27.6 -> 5.27.7)
mozilla-nss (3.90 -> 3.91)
oxygen5-sounds (5.27.6 -> 5.27.7)
pam_kwallet (5.27.6 -> 5.27.7)
patterns-kde (20230403 -> 20230801)
plasma-browser-integration (5.27.6 -> 5.27.7)
plasma-nm5 (5.27.6 -> 5.27.7)
plasma5-addons (5.27.6 -> 5.27.7)
plasma5-desktop (5.27.6 -> 5.27.7)
plasma5-disks (5.27.6 -> 5.27.7)
plasma5-integration (5.27.6 -> 5.27.7)
plasma5-openSUSE
plasma5-pa (5.27.6 -> 5.27.7)
plasma5-systemmonitor (5.27.6 -> 5.27.7)
plasma5-thunderbolt (5.27.6 -> 5.27.7)
plasma5-workspace (5.27.6 -> 5.27.7)
polkit-kde-agent-5 (5.27.6 -> 5.27.7)
powerdevil5 (5.27.6 -> 5.27.7)
python-pexpect
systemsettings5 (5.27.6 -> 5.27.7)
xdg-desktop-portal-kde (5.27.6 -> 5.27.7)
=== Details ===
==== bluedevil5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: bluedevil5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== breeze ====
Version update (5.27.6 -> 5.27.7)
Subpackages: breeze5-cursors breeze5-decoration breeze5-style breeze5-style-lang breeze5-wallpapers libbreezecommon5-5
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== breeze-gtk ====
Version update (5.27.6 -> 5.27.7)
Subpackages: gtk2-metatheme-breeze gtk3-metatheme-breeze gtk4-metatheme-breeze metatheme-breeze-common
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== discover ====
Version update (5.27.6 -> 5.27.7)
Subpackages: discover-backend-flatpak discover-backend-fwupd discover-backend-packagekit discover-lang discover-notifier
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* rpm-ostree: Improve search and filter logic (kde#468162)
* Fix SteamOS dbus path
==== drkonqi5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: drkonqi5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* coredump-gui: don't delete qprocess in a slot that connects to it
==== ffmpeg-6 ====
Subpackages: libavcodec60 libavfilter9 libavformat60 libavutil58 libpostproc57 libswresample4 libswscale7
- Bump required libplacebo version to v6.292.0 or newer for TW
- Temporarily demote deprecation errors to deprecation warnings
for vf_libplacebo
- Add upstream patches to fix build with libplacebo v6:
* 0001-avfilter-vf_libplacebo-remove-deprecated-field.diff
==== file ====
Version update (5.44 -> 5.45)
Subpackages: file-magic libmagic1
- Add patch file-5.45-type_t.dif
* Partly upstream check of type_t is wide on 32bit systems
* Extend (auto)configure to enable wide type_t type if possible
- On 32bit systems define _TIME_BITS=64 to make it build
- Update to 5.45:
* PR/465: psrok1: Avoid muslc asctime_r crash
* add SIMH tape format support
* bump the max size of the elf section notes to be read to 128K
and make it configurable
* PR/415: Fix decompression with program returning empty
* PR/408: fix -p with seccomp
* PR/412: fix MinGW compilation
- Remove upstream patch dc71304b.patch
- Modify patches
* file-5.17-option.dif
* file-5.19-biorad.dif
* file-5.19-zip2.0.dif
* file-5.22-elf.dif
* file-secure_getenv.patch
- Port and rename patch file-5.44.dif now file-5.45.dif
==== kactivitymanagerd ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kcm_flatpak ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kcm_sddm ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* Fix loading theme.conf.user (kde#436272)
* Fix multi-line strings in QML file
==== kde-cli-tools5 ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kde-gtk-config5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kde-gtk-config5-gtk3
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kgamma5 ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== khotkeys5 ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kinfocenter5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kinfocenter5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kmenuedit5 ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kpipewire ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kpipewire-imports libKPipeWire5 libKPipeWireDmaBuf5 libKPipeWireRecord5
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* PipeWireSourceItem: proceed itemChange in QQuickItem
==== kscreen5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kscreen5-plasmoid
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kscreenlocker ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kscreenlocker-lang libKScreenLocker5
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== ksshaskpass5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: ksshaskpass5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== ksystemstats5 ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* gpu/nvidia: Discover data fields based on headers (kde#470474)
==== kwayland-integration ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kwin5 ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* Add closed window checks in restacking requests
* Add closed window checks in some window activation code paths
* x11: Sync frame extents in X11 native pixels (kde#471132)
* backends/drm: handle mismatching stride with CPU copying (kde#471517)
* scene: Pad damage if scale factor is fractional
* locale1: fix use-after-free in xkb_keymap creation
* effects: Make OpenGL context current before deleting framebuffer (kde#444665,kde#471139)
* plugins/backgroundcontrast,blur: ensure the effect is only applied behind the window (kde#469625)
* input: don't crash if the internal handle is nullptr (kde#471285)
==== kwrited5 ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== layer-shell-qt ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== libkdecoration2 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: libkdecorations2-5 libkdecorations2-5-lang libkdecorations2private10
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== libkscreen2 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: libKF5Screen8 libKF5ScreenDpms8 libkscreen2-plugin
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* make sure kscreen-doctor exits when using --dpms
* Guard the deprecated Output::setPrimary (kde#471195)
==== libksysguard5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: ksysguardsystemstats-data libKSysGuardSystemStats1 libksysguard5-imports libksysguard5-plugins
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* Fix typo
==== libstorage-ng ====
Version update (4.5.127 -> 4.5.133)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- Translated using Weblate (Czech) (bsc#1149754)
- 4.5.133
- Translated using Weblate (Japanese) (bsc#1149754)
- 4.5.132
- Translated using Weblate (Slovak) (bsc#1149754)
- 4.5.131
- Translated using Weblate (Dutch) (bsc#1149754)
- 4.5.130
- merge gh#openSUSE/libstorage-ng#943
- updated pot and po files
- 4.5.129
- merge gh#openSUSE/libstorage-ng#942
- support no-automount partition flag
- fixed include guard
- 4.5.128
==== libuv ====
Version update (1.44.2 -> 1.46.0)
- Switched keyring from Jameson Nash (vtjnash) to Santiago Gimeno
(santigimeno)
- Update to 1.46.0:
* Add some more iouring backend fs ops
* work around io_uring IORING_OP_CLOSE bug
- Updates in version 1.45.0:
* introduce io_uring support
* give thread pool threads an 8 MB stack
* change execution order of timers
==== milou5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: milou5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== mozilla-nss ====
Version update (3.90 -> 3.91)
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs
- update to NSS 3.91
* bmo#1837431 - Implementation of the HW support check for ADX instruction
* bmo#1836925 - Removing the support of Curve25519
* bmo#1839795 - Fix comment about the addition of ticketSupportsEarlyData
* bmo#1839327 - Adding args to enable-legacy-db build
* bmo#1835357 - dbtests.sh failure in "certutil dump keys with explicit
default trust flags"
* bmo#1837617 - Initialize flags in slot structures
* bmo#1835425 - Improve the length check of RSA input to avoid heap overflow
* bmo#1829112 - Followup Fixes
* bmo#1784253 - avoid processing unexpected inputs by checking for
m_exptmod base sign
* bmo#1826652 - add a limit check on order_k to avoid infinite loop
* bmo#1834851 - Update HACL* to commit 5f6051d2
* bmo#1753026 - add SHA3 to cryptohi and softoken
* bmo#1753026 - HACL SHA3
* bmo#1836781 - Disabling ASM C25519 for A but X86_64
- removed upstreamed patch nss-fix-bmo1836925.patch
==== oxygen5-sounds ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== pam_kwallet ====
Version update (5.27.6 -> 5.27.7)
Subpackages: pam_kwallet-common
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== patterns-kde ====
Version update (20230403 -> 20230801)
Subpackages: patterns-kde-kde_plasma patterns-kde-kde_yast
- Drop the telepathy pattern.
The telepathy modules are now officially unmaintained upstream
and won't be released anymore.
==== plasma-browser-integration ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== plasma-nm5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: plasma-nm5-openconnect plasma-nm5-openvpn
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* Avoid double delete of TabWidget
==== plasma5-addons ====
Version update (5.27.6 -> 5.27.7)
Subpackages: plasma5-addons-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* wallpapers/potd: use https in apodprovider
==== plasma5-desktop ====
Version update (5.27.6 -> 5.27.7)
Subpackages: plasma5-desktop-emojier
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* applets/kickoff: add blocker to prevent focus change in search view (kde#466192)
* Kickoff: Fix grid view key nav in mirrored layout
* Update Unicode data for emojier to 15.0
* applets/taskmanager: use hardcoded value
* applets/taskmanager: make PauseAnimation wait longer (kde#470135)
* desktoppackage: activate panel on "Activate Panel Widget" shortcut pressed (kde#455398)
* kaccess: Use kcfg files of kcm
* kcms/access: Match kcfg default values to old defaults/kaccess
==== plasma5-disks ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== plasma5-integration ====
Version update (5.27.6 -> 5.27.7)
Subpackages: plasma5-integration-plugin plasma5-integration-plugin-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== plasma5-openSUSE ====
Subpackages: plasma5-defaults-openSUSE plasma5-theme-openSUSE plasma5-workspace-branding-openSUSE sddm-theme-openSUSE
- Update to 5.27.7
==== plasma5-pa ====
Version update (5.27.6 -> 5.27.7)
Subpackages: plasma5-pa-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* Put volume change logic centrally in VolumeSlider
* Make setGenericVolume keep balance between channels (kde#435840)
==== plasma5-systemmonitor ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== plasma5-thunderbolt ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== plasma5-workspace ====
Version update (5.27.6 -> 5.27.7)
Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-libs xembedsniproxy
- Add patch to fix line wrapping of "100 %" in OSDs (kde#469576):
* 0001-OSD-Fix-size-calculation-for-progress-value.patch
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* libtaskmanager: fix unable to change order of launchers (kde#472812)
* Reorder removals to ensure launcher url is deallocated after last use
* Fix crash in LauncherTasksModel::Private::requestRemoveLauncherFromActivities (kde#472378)
* libtaskmanager: skip empty appId when matching '*.appId.desktop' (kde#472576,kde#428559)
* Do not write empty path to desktop file (kde#433304)
* Fix crash in TasksModel::move (kde#472524)
* kcm/region_language: fix enum order (kde#472108)
* kcms/region_language: Read from $LANGUAGE in options model
* kcms/region_language: Improve isSupportedLanguage detection
* kcms/region_language: Chop off the UTF-8 codepoint again
* kcms/region_language: Check if the language setting is default as well
* kcms/region_language: Simplify the language settings read
* kcms/region_language: Read the LANGUAGE environment variable for the default language value
* TriangleMouseFilter: remove unnecessary return
* TriangleMouseFilter: make `resendHoverEvents` actually work
* TriangleMouseFilter: fix incorrect handling of hover events and inactive state (kde#467426)
* TriangularMouseFilter: Filter event everytime when there was no movement at all
* Improve responsiveness of triangular filter
* shell: move `forceActiveFocus` to `PanelView`
* applets/mediacontroller: use PauseAnimation to delay showing busy indicator
* applets/mediacontroller: remove duplicate opacity animation
* applets/notifications: add workaround for QTBUG-100392 (kde#468180)
* Notifications: Also try X-SnapInstanceName for desktop file resolution
* libtaskmanager: fix a potential leak
==== polkit-kde-agent-5 ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== powerdevil5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: powerdevil5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== python-pexpect ====
- Clean up the SPEC file
==== systemsettings5 ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* Properly show the custom header widget when started with non-QML KCMs
==== xdg-desktop-portal-kde ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
kernel-firmware (20230724 -> 20230731)
keylime (7.3.0 -> 7.4.0)
liblangtag (0.6.3 -> 0.6.4)
libpaper (2.1.0 -> 2.1.1)
python-click (8.1.3 -> 8.1.6)
srt (1.5.1 -> 1.5.2)
system-config-printer
=== Details ===
==== kernel-firmware ====
Version update (20230724 -> 20230731)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd
- Update to version 20230731 (git commit 253cc179d849):
* amdgpu: Update DMCUB for DCN314 & Yellow Carp
* ice: add LAG-supporting DDP package
* i915: Update MTL DMC to v2.13
* i915: Update ADLP DMC to v2.20
* cirrus: Add CS35L41 firmware for Dell Oasis Models
* copy-firmware: Fix linking directories when using compression
* copy-firmware: Fix test: unexpected operator
* qcom: sc8280xp: LENOVO: remove directory sym link
* qcom: sc8280xp: LENOVO: Remove execute bits
==== keylime ====
Version update (7.3.0 -> 7.4.0)
Subpackages: keylime-config keylime-firewalld keylime-logrotate keylime-registrar keylime-tenant keylime-tpm_cert_store keylime-verifier python311-keylime
- Add BSD-3-Clause license
- Update to version v7.4.0 (CVE-2023-38200, bsc#1213310):
* Monthly release (7.4.0)
* codestyle: Fix tsa_rfc3161.py and have it pyright checked
* installer.sh: support Anolis OS whose ID is anolis
* tpm_util: Add the BSD license to the file due to functions from TPM 2 code
* codestyle: Have pyright check keylime/da directory
* docs: add missing options for verifier, remove vactivate
* codestyle: Have pyright check mba/elchecking/ except for example.py
* registrar_common: fix style complain
* registrar_common: fix missing select and sock
* Changes to script create_runtime_policy.sh, fixes #1426
* tenant: non-zero exit code in case of error
* mba: making MBA policy parser and checker pluggable
* create_runtime_policy: fix bash typo
* Extend Registrar SSL socket to be non-blocking
* Several improvements for the "create_runtime_policy.sh" script
* tpm_util: Replace a logger.error with an Exception in case of invalid signature
* tpm_util: Remove useless comparison of always identical hashes
* tests: Disable Packit CI on Rawhide due to infra issues
* adding kubectl to tenant docker image
==== liblangtag ====
Version update (0.6.3 -> 0.6.4)
- Fix check-tag test failled
[0001-ro-MD-ro-to-get-make-check-to-succeed.patch]
- Version update to 0.6.4
Replace the word of 'master' to 'primary'
trivial update
Stop shipping ChangeLog
Fix build issue for docs
==== libpaper ====
Version update (2.1.0 -> 2.1.1)
Subpackages: libpaper-tools libpaper2
- Update to 2.1.1:
* This release fixes the -N flag of paperconf.
==== python-click ====
Version update (8.1.3 -> 8.1.6)
- Update to 8.1.6
* Replace all typing.Dict occurrences to typing.MutableMapping for parameter
hints. #2255
* Improve type hinting for decorators and give all generic types parameters.
* Fix return value and type signature of
shell_completion.add_completion_class function. #2421
* Bash version detection doesnât fail on Windows. #2461
* Completion works if there is a dot (.) in the program name. #2166
* Improve type annotations for pyright type checker. #2268
* Improve responsiveness of click.clear(). #2284
* Improve command name detection when using Shiv or PEX. #2332
* Avoid showing empty lines if command help text is empty. #2368
* ZSH completion script works when loaded from fpath. #2344.
* EOFError and KeyboardInterrupt tracebacks are not suppressed when
standalone_mode is disabled. #2380
* @group.command does not fail if the group was created with a custom
command_class. #2416
* multiple=True is allowed for flag options again and does not require
setting default=(). #2246, #2292, #2295
* Make the decorators returned by @argument() and @option() reusable when the
cls parameter is used. #2294
* Donât fail when writing filenames to streams with strict errors. Replace
invalid bytes with the replacement character (�). #2395
* Remove unnecessary attempt to detect MSYS2 environment. #2355
* Remove outdated and unnecessary detection of App Engine environment. #2554
* echo() does not fail when no streams are attached, such as with pythonw on
Windows. #2415
* Argument with expose_value=False do not cause completion to fail. #2336
* Fix an issue with type hints for @click.command(), @click.option(), and
other decorators. Introduce typing tests. #2558
* Fix an issue with type hints for @click.group(). #2558
- Drop fix-tests.patch
==== srt ====
Version update (1.5.1 -> 1.5.2)
- Update to 1.5.2:
* API
- 41c4b1f Fixed #ifdef ENABLE_AEAD_API_PREVIEW (#2603).
- b3a21e1 SRT version raised to 1.5.2.
- c0d9fcd Restored resetlogfa(..) in udt.h. Reverting #2558, although udt.h is not the official SRT API.
- 87de405 Added ENABLE_AEAD_API_PREVIEW build option to enable AEAD API.
- 60d1237 Crypto mode 'auto' implemented for listener (#2574).
- 27e7d8d Socket Options: do not allow AES GCM if TSBPD is disabled.
- 3e4561e Add GCM to the SRT API.
* Core Functionality
- 3cefede Correct remaining endianness issues
- 30e7ccd Minor fix of variable shadowing.
- 6fcff6d Fixed various compiler warnings on various platforms (#2679).
- 59cde53 Fixed FEC Emergency resize crash (#2717).
- 2fcd3d4 Fix crypto mode auto for listener sender (#2711).
- b010763 Fixed typos in MBedTLS where it referred to GnuTLS (#2699).
- a991767 Fix peer filter config being rejected because of endianness
- 1cffd2f Added rejection handshake sent to the peer in rendezvous mode (#2667).
- f57ba89 Added missing thread watchdog ticks in 3 thread loop (#2669).
- e8d0533 Fixed old ENABLE_AEAD_PREVIEW.
- 599c1fb Reworked the CRcvBuffer::dropMessage(..) function (#2661).
- 7948772 Removed duplicate lines (#2660).
- 3ffc93f Fixed CRcvBuffer::dropMessage (#2657).
- e9a3955 Fixed guard for rcv-rexmit fields (#1859).
- 22e97f8 Fixed warnings and removed redundant includes (#2658).
- c83c31b Reduce frequency of the decryption failure log (#2602).
- 21b55a2 Disabled warnings various platforms and fixed C++20 Windows build (#2411).
- 65bef37 Set CLOSING state when closing a socket (#2643).
- 02cba9e Drop undecrypted packet based on sequence number (#2654).
- 6d774dd Fixed invalid ASSERT checking outdated object in haicrypt (#2652).
- 8db35de Refaxed and fixed multiplexer reusage (#2608).
- 6c92a13 Fix crash when enable heavy log and socket id less than 10 (#2619).
- 64dedef CodeQL: operation requires 22 bytes.
- 0c583f8 CodeQL warning: checking NULL after new.
- b8962b4 Fixed PKTINFO case that was failing for IPv4+IPv6 bound sockets (#2630).
- a42a39f Fixed wrong null-safety condition check in haicrypt (#2616).
- 30f6f6b Removed extra redundant condition checks (#2615).
- 5f02310 Fix negative id when wrap around
- f533716 Fixed reject reason by a caller if connection is UNSECURE (#2622).
- 04e8dbc Fixed default reject reason for a listener callback (#2605).
- 0b9d583 AEAD: don't break a connection on decrypt failure.
- 6db28dc RCV Buffer Refax: added some utils and simplifications (#2522).
- 5889a2c AES-GCM payload length check (#2591).
- 45232ad Allow fileCC in group mode
- 98b1b00 Added extraction of IP_PKTINFO when reading (#456).
- de9fc45 Fix CRcvBuffer last position in getTimespan_ms (#2579).
- 38b4211 Remove use variable length array (#2279).
- 78dd987 Fixed missing DROPREQ for LOSSREPORT that partially predates ACK (#2498).
- 4090b25 Reject caller to caller connection (#2562).
- 0a835ea Refax: moved removal of one seq from fresh loss list to a separate function (#2521).
- 19af5d1 Obtain ConnectionLock while sending crypto keys.
- 3d517cf Fixed a warning: member referenced before initialized (#2433).
- fc82eac Refax: remove usage of LOGF/HLOGF (#2566).
- 637d439 Refax: removed m_iRcvLastSkipAck and its dependencies (#2546).
- 6c52f2d Pass std::string by const ref where possible.
- 6d62096 Applied clang-format on md5.cpp and md5.h.
- 2c48cba MD5: Removed null pointer subtraction (may have undefined behavior).
- ae39052 Fixed rendezvous connection in the Non Blocking Mode (#2548).
- 0138898 Fixed cloning the RX crypto context (AEAD)
- be1ccf5 Moved KM refresh in packUniqueData() (#2541).
- f864cec Fixed TARGET_OS_MAC not defined. Wrong include order.
- 432f2d8 fix CSndBuffer parameter incorrect in AES GCM mode
- cbfa812 Refax/postfix: further fixes after last refax changes (#2528)
- e082f30 Fixed validation of input parameters in srt_connect (#2520).
- 932e5bd Cleanup of bonding conditionals and unused code (#2525).
- f477b51 Fixed connected peer address recording (#2526)
- b76c8b2 Fixed CRcvBuffer::getAvailSize() may jump around. (#2490)
- 71c3e40 Refax: safety improvements for RCV loss list and closing state (#2517)
- 491e6e8 Extract RCV buffer insertion handling to a separate function (#2500).
- 258a858 Refax: added size cache to the group container (#2510).
- 2fd1363 Refax: improve logging and code readability around specific logging (#2511).
- f7a024a Refax: removed the synconmsg property and its handling in the group (#2509)
- 53735e1 Don't consider tool old ACK as IPE, it' may caused by network.
- d26bbf7 Fixed a false alarm: ACK ERROR...(diff -1)
- 0f6e7c7 Fixed the inconsistency between getFirstLostSeq() and ackDataUpTo() (#2488)
- ea86302 Reduced calls to steady_clock::now() from two to one.
- 8e9958a Reject if SRT_MAGIC_CODE is not set in the HS induction response.
- 8e67aa7 Tune logs of group members adding and removing.
- c01c646 Fixed AES-GCM support check.
==== system-config-printer ====
Subpackages: python3-cupshelpers system-config-printer-common system-config-printer-common-lang system-config-printer-dbus-service udev-configure-printer
- Explicitly use --with-cups-serverbin-dir to find SERVERBIN when
cups.pc is not provided by older cups (boo#1213883).
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
bluedevil5 (5.27.6 -> 5.27.7)
breeze (5.27.6 -> 5.27.7)
breeze-gtk (5.27.6 -> 5.27.7)
discover (5.27.6 -> 5.27.7)
drkonqi5 (5.27.6 -> 5.27.7)
ffmpeg-6
file (5.44 -> 5.45)
kactivitymanagerd (5.27.6 -> 5.27.7)
kcm_flatpak (5.27.6 -> 5.27.7)
kcm_sddm (5.27.6 -> 5.27.7)
kde-cli-tools5 (5.27.6 -> 5.27.7)
kde-gtk-config5 (5.27.6 -> 5.27.7)
kgamma5 (5.27.6 -> 5.27.7)
khotkeys5 (5.27.6 -> 5.27.7)
kinfocenter5 (5.27.6 -> 5.27.7)
kmenuedit5 (5.27.6 -> 5.27.7)
kpipewire (5.27.6 -> 5.27.7)
kscreen5 (5.27.6 -> 5.27.7)
kscreenlocker (5.27.6 -> 5.27.7)
ksshaskpass5 (5.27.6 -> 5.27.7)
ksystemstats5 (5.27.6 -> 5.27.7)
kwayland-integration (5.27.6 -> 5.27.7)
kwin5 (5.27.6 -> 5.27.7)
kwrited5 (5.27.6 -> 5.27.7)
layer-shell-qt (5.27.6 -> 5.27.7)
libkdecoration2 (5.27.6 -> 5.27.7)
libkscreen2 (5.27.6 -> 5.27.7)
libksysguard5 (5.27.6 -> 5.27.7)
libstorage-ng (4.5.127 -> 4.5.133)
libuv (1.44.2 -> 1.46.0)
milou5 (5.27.6 -> 5.27.7)
mozilla-nss (3.90 -> 3.91)
oxygen5-sounds (5.27.6 -> 5.27.7)
pam_kwallet (5.27.6 -> 5.27.7)
patterns-kde (20230403 -> 20230801)
plasma-browser-integration (5.27.6 -> 5.27.7)
plasma-nm5 (5.27.6 -> 5.27.7)
plasma5-addons (5.27.6 -> 5.27.7)
plasma5-desktop (5.27.6 -> 5.27.7)
plasma5-disks (5.27.6 -> 5.27.7)
plasma5-integration (5.27.6 -> 5.27.7)
plasma5-openSUSE
plasma5-pa (5.27.6 -> 5.27.7)
plasma5-systemmonitor (5.27.6 -> 5.27.7)
plasma5-thunderbolt (5.27.6 -> 5.27.7)
plasma5-workspace (5.27.6 -> 5.27.7)
polkit-kde-agent-5 (5.27.6 -> 5.27.7)
powerdevil5 (5.27.6 -> 5.27.7)
python-pexpect
systemsettings5 (5.27.6 -> 5.27.7)
xdg-desktop-portal-kde (5.27.6 -> 5.27.7)
=== Details ===
==== bluedevil5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: bluedevil5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== breeze ====
Version update (5.27.6 -> 5.27.7)
Subpackages: breeze5-cursors breeze5-decoration breeze5-style breeze5-style-lang breeze5-wallpapers libbreezecommon5-5
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== breeze-gtk ====
Version update (5.27.6 -> 5.27.7)
Subpackages: gtk2-metatheme-breeze gtk3-metatheme-breeze gtk4-metatheme-breeze metatheme-breeze-common
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== discover ====
Version update (5.27.6 -> 5.27.7)
Subpackages: discover-backend-flatpak discover-backend-fwupd discover-backend-packagekit discover-lang discover-notifier
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* rpm-ostree: Improve search and filter logic (kde#468162)
* Fix SteamOS dbus path
==== drkonqi5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: drkonqi5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* coredump-gui: don't delete qprocess in a slot that connects to it
==== ffmpeg-6 ====
Subpackages: libavcodec60 libavfilter9 libavformat60 libavutil58 libpostproc57 libswresample4 libswscale7
- Bump required libplacebo version to v6.292.0 or newer for TW
- Temporarily demote deprecation errors to deprecation warnings
for vf_libplacebo
- Add upstream patches to fix build with libplacebo v6:
* 0001-avfilter-vf_libplacebo-remove-deprecated-field.diff
==== file ====
Version update (5.44 -> 5.45)
Subpackages: file-magic libmagic1
- Add patch file-5.45-type_t.dif
* Partly upstream check of type_t is wide on 32bit systems
* Extend (auto)configure to enable wide type_t type if possible
- On 32bit systems define _TIME_BITS=64 to make it build
- Update to 5.45:
* PR/465: psrok1: Avoid muslc asctime_r crash
* add SIMH tape format support
* bump the max size of the elf section notes to be read to 128K
and make it configurable
* PR/415: Fix decompression with program returning empty
* PR/408: fix -p with seccomp
* PR/412: fix MinGW compilation
- Remove upstream patch dc71304b.patch
- Modify patches
* file-5.17-option.dif
* file-5.19-biorad.dif
* file-5.19-zip2.0.dif
* file-5.22-elf.dif
* file-secure_getenv.patch
- Port and rename patch file-5.44.dif now file-5.45.dif
==== kactivitymanagerd ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kactivitymanagerd-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kcm_flatpak ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kcm_flatpak-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kcm_sddm ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kcm_sddm-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* Fix loading theme.conf.user (kde#436272)
* Fix multi-line strings in QML file
==== kde-cli-tools5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kde-cli-tools5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kde-gtk-config5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kde-gtk-config5-gtk3
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kgamma5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kgamma5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== khotkeys5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: khotkeys5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kinfocenter5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kinfocenter5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kmenuedit5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kmenuedit5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kpipewire ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kpipewire-imports libKPipeWire5 libKPipeWire5-lang libKPipeWireDmaBuf5 libKPipeWireRecord5
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* PipeWireSourceItem: proceed itemChange in QQuickItem
==== kscreen5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kscreen5-lang kscreen5-plasmoid
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kscreenlocker ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kscreenlocker-lang libKScreenLocker5
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== ksshaskpass5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: ksshaskpass5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== ksystemstats5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: ksystemstats5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* gpu/nvidia: Discover data fields based on headers (kde#470474)
==== kwayland-integration ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== kwin5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: kwin5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* Add closed window checks in restacking requests
* Add closed window checks in some window activation code paths
* x11: Sync frame extents in X11 native pixels (kde#471132)
* backends/drm: handle mismatching stride with CPU copying (kde#471517)
* scene: Pad damage if scale factor is fractional
* locale1: fix use-after-free in xkb_keymap creation
* effects: Make OpenGL context current before deleting framebuffer (kde#444665,kde#471139)
* plugins/backgroundcontrast,blur: ensure the effect is only applied behind the window (kde#469625)
* input: don't crash if the internal handle is nullptr (kde#471285)
==== kwrited5 ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== layer-shell-qt ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== libkdecoration2 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: libkdecorations2-5 libkdecorations2-5-lang libkdecorations2private10
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== libkscreen2 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: libKF5Screen8 libKF5Screen8-lang libKF5ScreenDpms8 libkscreen2-plugin
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* make sure kscreen-doctor exits when using --dpms
* Guard the deprecated Output::setPrimary (kde#471195)
==== libksysguard5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: ksysguardsystemstats-data libKSysGuardSystemStats1 libksysguard5-imports libksysguard5-lang libksysguard5-plugins
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* Fix typo
==== libstorage-ng ====
Version update (4.5.127 -> 4.5.133)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- Translated using Weblate (Czech) (bsc#1149754)
- 4.5.133
- Translated using Weblate (Japanese) (bsc#1149754)
- 4.5.132
- Translated using Weblate (Slovak) (bsc#1149754)
- 4.5.131
- Translated using Weblate (Dutch) (bsc#1149754)
- 4.5.130
- merge gh#openSUSE/libstorage-ng#943
- updated pot and po files
- 4.5.129
- merge gh#openSUSE/libstorage-ng#942
- support no-automount partition flag
- fixed include guard
- 4.5.128
==== libuv ====
Version update (1.44.2 -> 1.46.0)
- Switched keyring from Jameson Nash (vtjnash) to Santiago Gimeno
(santigimeno)
- Update to 1.46.0:
* Add some more iouring backend fs ops
* work around io_uring IORING_OP_CLOSE bug
- Updates in version 1.45.0:
* introduce io_uring support
* give thread pool threads an 8 MB stack
* change execution order of timers
==== milou5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: milou5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== mozilla-nss ====
Version update (3.90 -> 3.91)
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs
- update to NSS 3.91
* bmo#1837431 - Implementation of the HW support check for ADX instruction
* bmo#1836925 - Removing the support of Curve25519
* bmo#1839795 - Fix comment about the addition of ticketSupportsEarlyData
* bmo#1839327 - Adding args to enable-legacy-db build
* bmo#1835357 - dbtests.sh failure in "certutil dump keys with explicit
default trust flags"
* bmo#1837617 - Initialize flags in slot structures
* bmo#1835425 - Improve the length check of RSA input to avoid heap overflow
* bmo#1829112 - Followup Fixes
* bmo#1784253 - avoid processing unexpected inputs by checking for
m_exptmod base sign
* bmo#1826652 - add a limit check on order_k to avoid infinite loop
* bmo#1834851 - Update HACL* to commit 5f6051d2
* bmo#1753026 - add SHA3 to cryptohi and softoken
* bmo#1753026 - HACL SHA3
* bmo#1836781 - Disabling ASM C25519 for A but X86_64
- removed upstreamed patch nss-fix-bmo1836925.patch
==== oxygen5-sounds ====
Version update (5.27.6 -> 5.27.7)
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== pam_kwallet ====
Version update (5.27.6 -> 5.27.7)
Subpackages: pam_kwallet-common
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== patterns-kde ====
Version update (20230403 -> 20230801)
Subpackages: patterns-kde-kde_plasma patterns-kde-kde_yast
- Drop the telepathy pattern.
The telepathy modules are now officially unmaintained upstream
and won't be released anymore.
==== plasma-browser-integration ====
Version update (5.27.6 -> 5.27.7)
Subpackages: plasma-browser-integration-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== plasma-nm5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: plasma-nm5-lang plasma-nm5-openconnect plasma-nm5-openvpn
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* Avoid double delete of TabWidget
==== plasma5-addons ====
Version update (5.27.6 -> 5.27.7)
Subpackages: plasma5-addons-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* wallpapers/potd: use https in apodprovider
==== plasma5-desktop ====
Version update (5.27.6 -> 5.27.7)
Subpackages: plasma5-desktop-emojier plasma5-desktop-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* applets/kickoff: add blocker to prevent focus change in search view (kde#466192)
* Kickoff: Fix grid view key nav in mirrored layout
* Update Unicode data for emojier to 15.0
* applets/taskmanager: use hardcoded value
* applets/taskmanager: make PauseAnimation wait longer (kde#470135)
* desktoppackage: activate panel on "Activate Panel Widget" shortcut pressed (kde#455398)
* kaccess: Use kcfg files of kcm
* kcms/access: Match kcfg default values to old defaults/kaccess
==== plasma5-disks ====
Version update (5.27.6 -> 5.27.7)
Subpackages: plasma5-disks-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== plasma5-integration ====
Version update (5.27.6 -> 5.27.7)
Subpackages: plasma5-integration-plugin plasma5-integration-plugin-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== plasma5-openSUSE ====
Subpackages: plasma5-defaults-openSUSE plasma5-theme-openSUSE plasma5-workspace-branding-openSUSE sddm-theme-openSUSE
- Update to 5.27.7
==== plasma5-pa ====
Version update (5.27.6 -> 5.27.7)
Subpackages: plasma5-pa-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* Put volume change logic centrally in VolumeSlider
* Make setGenericVolume keep balance between channels (kde#435840)
==== plasma5-systemmonitor ====
Version update (5.27.6 -> 5.27.7)
Subpackages: plasma5-systemmonitor-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== plasma5-thunderbolt ====
Version update (5.27.6 -> 5.27.7)
Subpackages: plasma5-thunderbolt-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== plasma5-workspace ====
Version update (5.27.6 -> 5.27.7)
Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-lang plasma5-workspace-libs xembedsniproxy
- Add patch to fix line wrapping of "100 %" in OSDs (kde#469576):
* 0001-OSD-Fix-size-calculation-for-progress-value.patch
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* libtaskmanager: fix unable to change order of launchers (kde#472812)
* Reorder removals to ensure launcher url is deallocated after last use
* Fix crash in LauncherTasksModel::Private::requestRemoveLauncherFromActivities (kde#472378)
* libtaskmanager: skip empty appId when matching '*.appId.desktop' (kde#472576,kde#428559)
* Do not write empty path to desktop file (kde#433304)
* Fix crash in TasksModel::move (kde#472524)
* kcm/region_language: fix enum order (kde#472108)
* kcms/region_language: Read from $LANGUAGE in options model
* kcms/region_language: Improve isSupportedLanguage detection
* kcms/region_language: Chop off the UTF-8 codepoint again
* kcms/region_language: Check if the language setting is default as well
* kcms/region_language: Simplify the language settings read
* kcms/region_language: Read the LANGUAGE environment variable for the default language value
* TriangleMouseFilter: remove unnecessary return
* TriangleMouseFilter: make `resendHoverEvents` actually work
* TriangleMouseFilter: fix incorrect handling of hover events and inactive state (kde#467426)
* TriangularMouseFilter: Filter event everytime when there was no movement at all
* Improve responsiveness of triangular filter
* shell: move `forceActiveFocus` to `PanelView`
* applets/mediacontroller: use PauseAnimation to delay showing busy indicator
* applets/mediacontroller: remove duplicate opacity animation
* applets/notifications: add workaround for QTBUG-100392 (kde#468180)
* Notifications: Also try X-SnapInstanceName for desktop file resolution
* libtaskmanager: fix a potential leak
==== polkit-kde-agent-5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: polkit-kde-agent-5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== powerdevil5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: powerdevil5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
==== python-pexpect ====
- Clean up the SPEC file
==== systemsettings5 ====
Version update (5.27.6 -> 5.27.7)
Subpackages: systemsettings5-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- Changes since 5.27.6:
* Properly show the custom header widget when started with non-QML KCMs
==== xdg-desktop-portal-kde ====
Version update (5.27.6 -> 5.27.7)
Subpackages: xdg-desktop-portal-kde-lang
- Update to 5.27.7
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.27.7
- No code changes since 5.27.6
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
Mesa (23.1.3 -> 23.1.4)
Mesa-drivers (23.1.3 -> 23.1.4)
MozillaFirefox (115.0.2 -> 115.0.3)
apparmor
bind (9.18.16 -> 9.18.17)
crypto-policies (20230420.3d08ae7 -> 20230614.5f3458e)
curl (8.1.2 -> 8.2.1)
dLeyna
docker (24.0.4_ce -> 24.0.5_ce)
elfutils-debuginfod
fwupd (1.8.16 -> 1.8.17)
gcc13 (13.1.1+git7552 -> 13.1.1+git7597)
ghostscript
glu (9.0.2 -> 9.0.3)
grub2
gstreamer (1.22.4 -> 1.22.5)
gstreamer-plugins-bad (1.22.4 -> 1.22.5)
gstreamer-plugins-base (1.22.4 -> 1.22.5)
gstreamer-plugins-good (1.22.4 -> 1.22.5)
gupnp
hidapi (0.13.1 -> 0.14.0)
hwinfo (23.1 -> 23.2)
iio-sensor-proxy (3.4 -> 3.5)
installation-images-MicroOS (17.89 -> 17.90)
kdump (1.9.3 -> 1.9.5)
kernel-firmware (20230707 -> 20230724)
kernel-source (6.4.3 -> 6.4.6)
kmod
lftp
libapparmor
libarchive (3.6.2 -> 3.7.0)
libcontainers-common
libgexiv2 (0.14.1 -> 0.14.2)
libnvme
libqt5-qtwebengine
librsvg (2.56.1 -> 2.56.3)
libva (2.18.0 -> 2.19.0)
libva-gl (2.18.0 -> 2.19.0)
libxcrypt (4.4.35 -> 4.4.36)
libzypp (17.31.15 -> 17.31.17)
lilv
man
mdadm
mozilla-nss
ncurses (6.4.20230701 -> 6.4.20230715)
nftables (1.0.7 -> 1.0.8)
nghttp2 (1.54.0 -> 1.55.1)
openssh (9.3p1 -> 9.3p2)
openssh-askpass-gnome (9.3p1 -> 9.3p2)
openssl-3
perl-File-Listing (6.15 -> 6.160.0)
perl-XML-LibXML (2.0208 -> 2.0209)
perl-libwww-perl (6.71 -> 6.720.0)
pipewire (0.3.74 -> 0.3.76)
podman (4.5.1 -> 4.6.0)
publicsuffix (20230709 -> 20230717)
python-SQLAlchemy (2.0.16 -> 2.0.19)
python-blinker
python-jsonschema-specifications (2023.6.1 -> 2023.7.1)
python-py
python-pycairo (1.23.0 -> 1.24.0)
python-rich
python-urllib3 (2.0.3 -> 2.0.4)
python-zope.event
qalculate (4.6.1 -> 4.7.0)
qca-qt5 (2.3.6 -> 2.3.7)
qemu
raspberrypi-firmware-dt
re2-10
rsync
runc (1.1.7 -> 1.1.8)
samba (4.18.3+git.303.c08b73d523c -> 4.18.5+git.313.c8e274c7852)
sdbootutil (1+git20230717.dac075e -> 1+git20230727.a0e666f)
selinux-policy (20230622 -> 20230728)
sof-firmware (2.2.5 -> 2.2.6)
sudo (1.9.13p3 -> 1.9.14p1)
systemd
sysuser-tools (3.1 -> 3.2)
tar
texlive-specs-n (2023.201.2.005svn65956 -> 2023.209.2.005svn65956)
tpm2-0-tss
update-alternatives (1.21.8 -> 1.21.22)
util-linux (2.39 -> 2.39.1)
util-linux-systemd (2.39 -> 2.39.1)
vala-panel-appmenu
webkit2gtk3 (2.40.3 -> 2.40.4)
webkit2gtk4 (2.40.3 -> 2.40.4)
wireless-regdb (20230601 -> 20230721)
xfsprogs (6.3.0 -> 6.4.0)
yast2-users (4.6.2 -> 4.6.4)
zlib-ng-compat
zypper (1.14.61 -> 1.14.62)
=== Details ===
==== Mesa ====
Version update (23.1.3 -> 23.1.4)
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- Update to bugfix release 23.1.4
- -> https://docs.mesa3d.org/relnotes/23.1.4.html
- supersedes u_fix-glx-context-opengl-4.5.patch
==== Mesa-drivers ====
Version update (23.1.3 -> 23.1.4)
Subpackages: Mesa-dri Mesa-gallium Mesa-libva
- Update to bugfix release 23.1.4
- -> https://docs.mesa3d.org/relnotes/23.1.4.html
- supersedes u_fix-glx-context-opengl-4.5.patch
==== MozillaFirefox ====
Version update (115.0.2 -> 115.0.3)
- Mozilla Firefox 115.0.3
* fixes for other platforms
- remove bashisms from firefox startup script (boo#1213657)
==== apparmor ====
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor
- Add pam_apparmor README, referenced from online cha-apparmor-pam.html
documentation (bsc#1213472)
==== bind ====
Version update (9.18.16 -> 9.18.17)
- Update to release 9.18.17
Feature Changes:
* If a response from an authoritative server has its RCODE set to
FORMERR and contains an echoed EDNS COOKIE option that was
present in the query, named now retries sending the query to
the same server without an EDNS COOKIE option.
* The relaxed QNAME minimization mode now uses NS records. This
reduces the number of queries named makes when resolving, as it
allows the non-existence of NS RRsets at non-referral nodes to
be cached in addition to the normally cached referrals.
Bug Fixes:
* The ability to read HMAC-MD5 key files, which was accidentally
lost in BIND 9.18.8, has been restored.
* Several minor stability issues with the catalog zone
implementation have been fixed.
==== crypto-policies ====
Version update (20230420.3d08ae7 -> 20230614.5f3458e)
Subpackages: crypto-policies-scripts
- BSI.pol: Added a new BSI policy for BSI TR 02102* (jsc#PED-4933)
derived from NEXT.pol
- Update to version 20230614.5f3458e:
* policies: impose old OpenSSL groups order for all back-ends
* Rebase patches:
- crypto-policies-revert-rh-allow-sha1-signatures.patch
- crypto-policies-supported.patch
==== curl ====
Version update (8.1.2 -> 8.2.1)
Subpackages: libcurl4
- Update to 8.2.1:
* Bugfixes:
- cfilters: rename close/connect functions to avoid clashes
- ciphers.d: put URL in first column
- cmake: add 'libcurlu'/'libcurltool' for unit tests
- cmake: update ngtcp2 detection
- configure: check for nghttp2_session_get_stream_local_window_size
- docs: mark two TLS options for TLS, not SSL
- docs: provide more see also for cipher options
- hostip: return IPv6 first for localhost resolves
- http2: fix regression on upload EOF handling
- http: VLH, very large header test and fixes
- libcurl-errors.3: add CURLUE_OK
- os400: correct EXPECTED_STRING_LASTZEROTERMINATED
- quiche: fix lookup of transfer at multi
- quiche: fix segfault and other things
- rustls: update rustls-ffi 0.10.0
- socks: print ipv6 address within brackets
- src/mkhelp: strip off escape sequences
- tool: fix tool_seek_cb build when SIZEOF_CURL_OFF_T > SIZEOF_OFF_T
- transfer: do not clear the credentials on redirect to absolute URL
- unittest: remove unneeded *_LDADD
- websocket: rename arguments/variables to match docs
- Update to 8.2.0 [bsc#1213237, CVE-2023-32001]
* Security fix:
- CVE-2023-32001: fopen race condition
* Changes:
- curl: add --ca-native and --proxy-ca-native
- curl: add --trace-ids
- CURLOPT_MAIL_RCPT_ALLOWFAILS: replace CURLOPT_MAIL_RCPT_ALLLOWFAILS
- haproxy: add --haproxy-clientip flag to set client IPs
- lib: add CURLINFO_CONN_ID and CURLINFO_XFER_ID
* Bugfixes:
- cf-socket: don't bypass fclosesocket callback if cancelled before connect
- cf-socket: skip getpeername()/getsockname for TFTP
- curl: count uploaded data to stop at the originally given size
- curl: return error when asked to use an unsupported HTTP version
- http2: fix crash in handling stream weights
- http2: send HEADER & DATA together if possible
- http3/ngtcp2: upload EAGAIN handling
- http: rectify the outgoing Cookie: header field size check
- hyper: fix EOF handling on input
- imap: Provide method to disable SASL if it is advertised
- libssh2: provide error message when setting host key type fails
- libssh2: use custom memory functions
- ngtcp2: assigning timeout, but value is overwritten before used
- quiche: avoid NULL deref in debug logging
- sectransp: fix EOF handling
- system.h: remove __IBMC__/__IBMCPP__ guards and apply to all z/OS compiles
- timeval: use CLOCK_MONOTONIC_RAW if available
- tls13-ciphers.d: include Schannel
- tool_easysrc.h: correct `easysrc_perform` for `CURL_DISABLE_LIBCURL_OPTION`
- tool_operate: allow cookie lines up to 8200 bytes
- tool_parsecfg: accept line lengths up to 10M
- tool_writeout_json: fix encoding of control characters
- transfer: clear credentials when redirecting to absolute URL
- urlapi: have *set(PATH) prepend a slash if one is missing
- urlapi: scheme must start with alpha
- vtls: avoid memory leak if sha256 call fails
- websocket-cb: example doing WebSocket download using callback
- ws: make the curl_ws_meta() return pointer a const
==== dLeyna ====
- Add 61d24fdc.patch: Fix typos for meson 1.2 compatibility.
==== docker ====
Version update (24.0.4_ce -> 24.0.5_ce)
Subpackages: docker-bash-completion docker-rootless-extras
- update to Docker 24.0.5-ce. See upstream changelong online at
<https://docs.docker.com/engine/release-notes/24.0/#2405>. bsc#1213229
==== elfutils-debuginfod ====
Subpackages: debuginfod-profile libdebuginfod1
- Replace libdebuginfo1 sub-package's debuginfod-profile Recommends
with config(debuginfod-profile) Requires, but on the debuginfod-\
client sub-package, instead. And add binutils, bpftrace-tools,
elfutils, gdb, perf, systemd-coredump, and valgrind Supplements
to debuginfod-client sub-package. This should make installation
of debuginfod-client more consistent, along with debuginfod-\
profile, with software/packages that have debuginfod support.
==== fwupd ====
Version update (1.8.16 -> 1.8.17)
Subpackages: fwupd-bash-completion libfwupd2 typelib-1_0-Fwupd-2_0
- Update to version 1.8.17:
+ Correctly obtain the Thunderbolt is_native controller
attribute.
+ Fix a Wacom emulation failure on s390x.
+ Only allow --force on security attributes for unsupported
builds.
+ Reduce the amount of RSS by ~12% at startup.
==== gcc13 ====
Version update (13.1.1+git7552 -> 13.1.1+git7597)
Subpackages: cpp13 libgcc_s1 libgfortran5 libgomp1 libobjc4 libstdc++6 libstdc++6-pp libubsan1
- Bump to 9aac37ab8a7b919a89c6d64bc7107a8436996e93, git7597
* GCC 13.2 RC1
- Add rpmlint filter for SLE12 complaining about invalid licenses.
- Also handle -static-pie in the default-PIE specs
==== ghostscript ====
Subpackages: ghostscript-x11
- CVE-2023-38559.patch fixes CVE-2023-38559
"out of bounds read devn_pcx_write_rle() could result in DoS"
see bsc#1213637
and https://bugs.ghostscript.com/show_bug.cgi?id=706897
which is in base/gdevdevn.c the same issue
"ordering in if expression to avoid out-of-bounds access"
as the already fixed CVE-2020-16305 in devices/gdevpcx.c
see https://bugs.ghostscript.com/show_bug.cgi?id=701819
==== glu ====
Version update (9.0.2 -> 9.0.3)
- Update to version 9.0.3
* drop autotools
* apple: Fix compatibility version and current version of meson
build to be compatible with autotools build
* pkgconfig: Depend on opengl when built with libglvnd
* pkgconfig: Drop unneeded lines from autotools build
* pkgconfig: meson build should match autotools requires
* Remove deprecated register in C++17
- switch to meson build
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin
- Fix error message "unknown command tpm_record_pcrs" with encrypted boot and
no tpm device present (bsc#1213547)
* 0002-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch
==== gstreamer ====
Version update (1.22.4 -> 1.22.5)
Subpackages: libgstreamer-1_0-0 typelib-1_0-Gst-1_0
- Update to version 1.22.5:
+ Highlighted bugfixes:
- Security fixes for the RealMedia demuxer
- vaapi decoders, postproc: Disable DMAbuf from caps
negotiation to fix garbled video in some cases
- decodebin3, playbin3, parsebin fixes, especially for stream
reconfiguration
- hlsdemux2: fix early seeking; don't pass referer when
updating playlists; webvtt fixes
- gtk: Fix critical caused by pointer movement when stream is
getting ready
- qt6: Set sampler filtering method, fixes bad quality with
qml6glsink and gstqt6d3d11
- v4l2src: handle resolution change when buffers are copied
- videoflip: update orientation tag in auto mode
- video timecode: Add support for framerates lower than 1fps
and accept 119.88 (120/1.001) fps
- webrtcsink: fixes for x264enc and NVIDIA encoders
- cerbero: Pull ninja from system if possible, avoid spurious
bootstrap of cmake
- packages: Recipe updates for ffmpeg, libsoup, orc
- various bug fixes, memory leak fixes, and other stability and
reliability improvements
+ gstreamer:
- taglist, plugins: fix compiler warnings with GLib >= 2.76
- tracerutils: allow casting parameter types
- inputselector: fix playing variable is never set
- Rebase patch.
==== gstreamer-plugins-bad ====
Version update (1.22.4 -> 1.22.5)
Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0
- Update to version 1.22.5:
+ d3d11bufferpool: Fix heavy CPU usage in case of fixed-size pool
+ jpegparser: jpegdecoder: Don't pollute bus and comply with spec
+ plugins: fix compiler warnings with GLib >= 2.76
+ webrtcbin: Prevent critical warning when creating an additional
data channel
+ webrtcstats: Properly report IceCandidate type
- Rebase reduce-required-meson.patch.
==== gstreamer-plugins-base ====
Version update (1.22.4 -> 1.22.5)
Subpackages: libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstTag-1_0
- Update to version 1.22.5:
+ appsink: add missing make_writable call
+ audioaggregator: Do not post message before being constructed
+ decodebin3:
- Prevent a critical warning when reassigning output slots
- Fix slot input linking when the associated stream has changed
- Remove spurious input locking during parsebin reconfiguration
+ urisourcebin: Set source element to READY before querying it
+ gl/viv-fb: meson build updates
+ plugins: fix compiler warnings with GLib >= 2.76
+ subtitleoverlay: fix mutex error if sink caps is not video
+ video:
- timecode: Add support for framerates lower than 1fps
- accept timecode of 119.88 (120/1.001) FPS
- cannot attach time code meta when frame rate is 119.88
(120000/1001)
+ videodecoder: fix copying buffer metas
- Rebase reduce-required-meson.patch.
==== gstreamer-plugins-good ====
Version update (1.22.4 -> 1.22.5)
Subpackages: gstreamer-plugins-good-gtk
- Update to version 1.22.5:
+ adaptivedemux2: Fix early seeking
+ hlsdemux2:
- Ensure processed webvtt ends with empty new line
- Don't set a referer when updating playlists
+ matroska: demux: Strip signal byte when encrypted
+ rtspsrc: Fix crash when is-live=false
+ gtk: Fix critical caused by pointer movement when stream is
getting ready
+ qt6: Set sampler filtering method, fixes bad quality with
qml6glsink and gstqt6d3d11
+ qtdemux: opus: set entry as sampled
+ v4l2src: handle resolution change when buffers are copied
+ v4l2videodec:
- Fix handling of initial gaps
- correctly register v4l2mpeg2dec
- replace custom QUERY_CAPS handling with getcaps callback
+ videoflip:
- update orientation tag in auto mode
- fix critical when tag list is not writable
- Rebase reduce-required-meson.patch.
- Pass qt-egl=disabled to meson, we are not ready for this feature
yet.
==== gupnp ====
- Add upstream patches to fix build with meson 1.2.0:
+ a10c57bd.patch: Add missing "s" to wrap file syntax.
+ 884639bd.patch: properly spell [provide] in *.wrap files.
==== hidapi ====
Version update (0.13.1 -> 0.14.0)
- update to 0.14.0:
* general: add `hid_get_report_descriptor` API function (#451)
* libusb: fix crash in hid_enumerate() caused by a stale device
handle (#526)
* fixes (mostly error handling) of issues found by
Coverity Scan (#552/#554/#555/#559/#560/#561)
* various fixes and improvements
==== hwinfo ====
Version update (23.1 -> 23.2)
Subpackages: libhd23
- merge gh#openSUSE/hwinfo#128
- Add support for loongarch cpu
- 23.2
==== iio-sensor-proxy ====
Version update (3.4 -> 3.5)
- Update to version 3.5:
* Fix sensor hotplugging
* Fix some sensors not working when they were assigned a
sampling frequency they did not support.
* Add more tests.
* Correct the location of the D-Bus policy file.
==== installation-images-MicroOS ====
Version update (17.89 -> 17.90)
- merge gh#openSUSE/installation-images#650
- add ca-certificates-mozilla to rescue system (bsc#1213480)
- 17.90
==== kdump ====
Version update (1.9.3 -> 1.9.5)
upgrade to version 1.9.5
* SELinux: temporary hack for bsc#1213721
- upgrade to version 1.9.4
* fix FADUMP initramfs when not created by mkdumprd
* FADUMP: let dracut de-duplicate initrd by preserving modification times
* mkdumprd: only regenerate FADUMP initrds when needed
* mkdumprd: exit when destination not writable (transactional updates)
* mkdumprd: don't call update-bootloader
==== kernel-firmware ====
Version update (20230707 -> 20230724)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Update to version 20230724 (git commit 59fbffa9ec8e):
* amdgpu: update VCN 4.0.0 firmware
* amdgpu: add initial SMU 13.0.10 firmware
* amdgpu: add initial SDMA 6.0.3 firmware
* amdgpu: add initial PSP 13.0.10 firmware
* amdgpu: add initial GC 11.0.3 firmware
* linux-firmware: Update AMD fam17h cpu microcode
* linux-firmware: Update AMD cpu microcode
* amdgpu: update green sardine VCN firmware
* amdgpu: update renoir VCN firmware
* amdgpu: update raven VCN firmware
* amdgpu: update raven2 VCN firmware
* amdgpu: update Picasso VCN firmware
* amdgpu: update DMCUB to v0.0.175.0 for various AMDGPU ASICs
* Updated NXP SR150 UWB firmware
* wfx: update to firmware 3.16.1
* mediatek: Update mt8195 SCP firmware to support 10bit mode
* i915: update DG2 GuC to v70.8.0
* i915: update to GuC 70.8.0 and HuC 8.5.1 for MTL
* cirrus: Add CS35L41 firmware for ASUS ROG 2023 Models
==== kernel-source ====
Version update (6.4.3 -> 6.4.6)
- Update
patches.kernel.org/6.4.6-002-x86-cpu-amd-Add-a-Zenbleed-fix.patch
(bsc#1012628 bsc#1213286 CVE-2023-20593).
Add references.
- commit 55520bc
- Linux 6.4.6 (bsc#1012628).
- x86/cpu/amd: Add a Zenbleed fix (bsc#1012628).
- x86/cpu/amd: Move the errata checking functionality up
(bsc#1012628).
- commit cd14b53
- Update config files. (bsc#1213592)
Disable old unmaintained serial drivers
- commit ac1bf5a
- io_uring: Fix io_uring mmap() by using architecture-provided
get_unmapped_area() (bsc#1212773).
- Delete
patches.suse/Revert-io_uring-Adjust-mapping-wrt-architecture-alia.patch.
Replace the temporary fix by an upstream fix.
- commit 2f220f8
- Refresh
patches.suse/of-Preserve-of-display-device-name-for-compatibility.patch.
Update upstream status.
- commit 8817ac3
- Linux 6.4.5 (bsc#1012628).
- security/integrity: fix pointer to ESL data and its size on
pseries (bsc#1012628).
- HID: input: fix mapping for camera access keys (bsc#1012628).
- HID: amd_sfh: Rename the float32 variable (bsc#1012628).
- HID: amd_sfh: Fix for shift-out-of-bounds (bsc#1012628).
- net: lan743x: Don't sleep in atomic context (bsc#1012628).
- net: lan743x: select FIXED_PHY (bsc#1012628).
- ksmbd: add missing compound request handing in some commands
(bsc#1012628).
- ksmbd: fix out of bounds read in smb2_sess_setup (bsc#1012628).
- drm/panel: simple: Add connector_type for innolux_at043tn24
(bsc#1012628).
- drm: bridge: dw_hdmi: fix connector access for scdc
(bsc#1012628).
- drm/bridge: ti-sn65dsi86: Fix auxiliary bus lifetime
(bsc#1012628).
- swiotlb: always set the number of areas before allocating the
pool (bsc#1012628).
- swiotlb: reduce the number of areas to match actual memory
pool size (bsc#1012628).
- drm/panel: simple: Add Powertip PH800480T013 drm_display_mode
flags (bsc#1012628).
- xen/virtio: Fix NULL deref when a bridge of PCI root bus has
no parent (bsc#1012628).
- netfilter: nf_tables: report use refcount overflow
(bsc#1012628).
- netfilter: conntrack: don't fold port numbers into addresses
before hashing (bsc#1012628).
- ice: Fix max_rate check while configuring TX rate limits
(bsc#1012628).
- ice: Fix tx queue rate limit when TCs are configured
(bsc#1012628).
- igc: Add condition for qbv_config_change_errors counter
(bsc#1012628).
- igc: Remove delay during TX ring configuration (bsc#1012628).
- igc: Add igc_xdp_buff wrapper for xdp_buff in driver
(bsc#1012628).
- igc: Add XDP hints kfuncs for RX hash (bsc#1012628).
- igc: Fix TX Hang issue when QBV Gate is closed (bsc#1012628).
- net/mlx5e: fix double free in mlx5e_destroy_flow_table
(bsc#1012628).
- net/mlx5e: fix memory leak in mlx5e_fs_tt_redirect_any_create
(bsc#1012628).
- net/mlx5e: fix memory leak in mlx5e_ptp_open (bsc#1012628).
- net/mlx5e: RX, Fix flush and close release flow of regular rq
for legacy rq (bsc#1012628).
- net/mlx5: Register a unique thermal zone per device
(bsc#1012628).
- net/mlx5e: Check for NOT_READY flag state after locking
(bsc#1012628).
- net/mlx5e: TC, CT: Offload ct clear only once (bsc#1012628).
- net/mlx5: Query hca_cap_2 only when supported (bsc#1012628).
- net/mlx5e: RX, Fix page_pool page fragment tracking for XDP
(bsc#1012628).
- igc: set TP bit in 'supported' and 'advertising' fields of
ethtool_link_ksettings (bsc#1012628).
- igc: Include the length/type field and VLAN tag in queueMaxSDU
(bsc#1012628).
- igc: Handle PPS start time programming for past time values
(bsc#1012628).
- blk-crypto: use dynamic lock class for blk_crypto_profile::lock
(bsc#1012628).
- scsi: qla2xxx: Fix error code in qla2x00_start_sp()
(bsc#1012628).
- scsi: ufs: ufs-mediatek: Add dependency for RESET_CONTROLLER
(bsc#1012628).
- bpf: Fix max stack depth check for async callbacks
(bsc#1012628).
- net: mvneta: fix txq_map in case of txq_number==1 (bsc#1012628).
- net: dsa: felix: make vsc9959_tas_guard_bands_update() visible
to ocelot->ops (bsc#1012628).
- net: mscc: ocelot: fix oversize frame dropping for preemptible
TCs (bsc#1012628).
- net/sched: cls_fw: Fix improper refcount update leads to
use-after-free (bsc#1012628).
... changelog too long, skipping 1825 lines ...
- commit f6ca0bc
==== kmod ====
Subpackages: kmod-bash-completion libkmod2
- Use pkgconfig for kmod configuration.
* Delete kmod-Add-config-command-to-show-compile-time-configu.patch
* Add kmod-Add-pkgconfig-file-with-kmod-compile-time-confi.patch,
Provide-fallback-for-successfully-running-make-modules_install.patch
compat-module_directory-module_prefix.patch.
- Refresh usr-lib-modprobe.patch, usr-lib-modules.patch.
- Add configure-Detect-openssl-sm3-support.patch to
fix build with older openssl without SM3 support.
==== lftp ====
- The lftp_wrapper script has been deprecated over 1.5 years ago.
It's time to remove it from the package. [jsc#SLE-17861]
- Dropped patches:
* 0004-Include-config.h-to-detect-gnulib-macros.patch
* add-deprecation-warning-to-lftp-wrapper.patch
- Refreshed patches:
* 0002-Add-content-of-lftp-compat-addfiles.patch.patch
* 0005-Add-the-wrapper-code-to-the-Makefile-in-order-to-bui.patch
* lftp-default-ssl-cipher.patch
==== libapparmor ====
- Add pam_apparmor README, referenced from online cha-apparmor-pam.html
documentation (bsc#1213472)
==== libarchive ====
Version update (3.6.2 -> 3.7.0)
- update to 3.7.0
* bsdunzip port from FreeBSD
* fix 2 year 2038 issues
==== libcontainers-common ====
Subpackages: libcontainers-default-policy
- Disable CNI related configs on ALP (bsc#1213556)
(https://github.com/containers/podman/issues/19327)
==== libgexiv2 ====
Version update (0.14.1 -> 0.14.2)
- Update to version 0.14.2:
+ Make compatible with exiv2 0.28 or later.
+ Fix double free if creation of meta-data fails.
+ Fix floating point compare in tests.
- Drop patches fixed upstream:
+ 06adc8fb70cb8c77c0cd364195d8251811106ef8.patch
+ fix-32bit-compat.patch
==== libnvme ====
Subpackages: libnvme-mi1 libnvme1
- Fix build with meson 1.2.0
==== libqt5-qtwebengine ====
- build with older re2 on Tumbleweed, the upcoming re2 2023-07-01
breaks qtwebengine
==== librsvg ====
Version update (2.56.1 -> 2.56.3)
Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0
- Update to version 2.56.3:
+ This is a security release for bug glgo#GNOME/librsvg#996.
- glgo#GNOME/librsvg#996: Fix arbitrary file read when href has
special characters.
- glgo#GNOME/librsvg#998: Fix cascade for symbol elements being
referenced from use elements.
==== libva ====
Version update (2.18.0 -> 2.19.0)
Subpackages: libva-drm2 libva-x11-2 libva2
- Update to 2.19.0:
* add: Add mono_chrome to VAEncSequenceParameterBufferAV1
* add: Enable support for license acquisition of multiple protected
playbacks
* fix: use secure_getenv instead of getenv
* trace: Improve and add VA trace log for AV1 encode
* trace: Unify va log message, replace va_TracePrint with va_TraceMsg.
==== libva-gl ====
Version update (2.18.0 -> 2.19.0)
- Update to 2.19.0:
* add: Add mono_chrome to VAEncSequenceParameterBufferAV1
* add: Enable support for license acquisition of multiple protected
playbacks
* fix: use secure_getenv instead of getenv
* trace: Improve and add VA trace log for AV1 encode
* trace: Unify va log message, replace va_TracePrint with va_TraceMsg.
==== libxcrypt ====
Version update (4.4.35 -> 4.4.36)
- Update to 4.4.36
* Fix left over bits failing with Perl v5.38.0
==== libzypp ====
Version update (17.31.15 -> 17.31.17)
- Fix wrong filesize exceeded dl abort in zyppng::Downloader
(bsc#1213673)
In some cases when downloading very small files we can run into
issues when the URL is protected by credentials.
- version 17.31.17 (22)
- Fix negative ZYPP_LOCK_TIMEOUT not waiting forever (bsc#1213231)
- NetworkRequestManager: assert cookie file has mode 0600
(bsc#1158763)
- Don't cleanup orphaned dirs if read-only mode was promised
(bsc#1210740)
- version 17.31.16 (22)
==== lilv ====
- Actually package the __pycache__ that appears when building using
meson 1.2.0.
- Avoid __pycache__ directory with meson 1.2.0
==== man ====
- Remove harden_man-db.service.patch as already done upstream
at the end of the service file man-db.service
- Add man-propose-online.patch: if patch was not found locally,
propose to read it online, offering a URL where it could possibly
be found.
==== mdadm ====
- mdadm.spec: replace transitional %usrmerged macro with regular
version check (boo#1206798)
==== mozilla-nss ====
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs
- Fix file conflict for pp manual page [bsc#1213281]
==== ncurses ====
Version update (6.4.20230701 -> 6.4.20230715)
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen
- Add ncurses patch 20230715
+ correct wadd_wch_literal() when adding a non-spacing character to a
double-width character.
+ improve manual page for curs_util.
+ improve manual page for wadd_wch().
- Add ncurses patch 20230708
+ add linux+kbs for terminals which imitate xterm's behavior with
Linux -TD
+ modify MinGW driver to return KEY_BACKSPACE when an unmodified
VK_BACK virtual key is entered (prompted by patch by Pavel Fedin,
Savannah #64292).
+ disallow using $TERMINFO or $HOME/.terminfo when tic "-o" option is
used (report by Sven Joachim, Debian #1040048).
- Port the patch ncurses-6.4.dif
==== nftables ====
Version update (1.0.7 -> 1.0.8)
Subpackages: libnftables1 python3-nftables
- Update to release 1.0.8
* Support for setting meta and ct mark from other fields in
rules, e.g. set meta mark to ip dscp header field.
* Enhacements for -o/--optimize to deal with NAT statements, to
compact masquerade statements.
* Support for stateful statements in anonymous maps, such as
counters.
* Support for resetting stateful expressions in sets, maps and
elements, e.g. counters.
* broute support to short-circuit bridge logic from the bridge
prerouting hook and pass up packets to the local IP stack.
* JSON support for table and chain comments.
- Added 0001-Revert-py-replace-distutils-with-setuptools.patch
==== nghttp2 ====
Version update (1.54.0 -> 1.55.1)
- update to 1.55.1:
* Fix memory leak
This commit fixes memory leak that happens when
PUSH_PROMISE or HEADERS frame cannot be sent, and
nghttp2_on_stream_close_callback fails with a fatal error.
For example, if GOAWAY frame has been received, a
HEADERS frame that opens new stream cannot be sent.
This issue has already been made public via CVE-2023-35945
by envoyproxy/envoy project. During embargo period, the
patch to fix this bug was accidentally submitted to
nghttp2/nghttp2 repository [2]. And they decided to
disclose CVE early. I was notified just 1.5 hours
before disclosure. I had no time to respond.
PoC described in [1] is quite simple, but I think it is
not enough to trigger this bug. While it is true that
receiving GOAWAY prevents a client from opening new stream,
and nghttp2 enters error handling branch, in order to cause
the memory leak, nghttp2_session_close_stream function
must return a fatal error.
NGHTTP2_ERR_NOMEM, as its name suggests, indicates out of
memory. It is unlikely that a process gets short of
memory with this simple PoC scenario unless application
does something memory heavy processing.
* NGHTTP2_ERR_CALLBACK_FAILURE is returned from application
defined callback function (nghttp2_on_stream_close_callback, in
this case), which indicates something fatal happened inside a
callback, and a connection must be closed immediately without
any further action. As nghttp2_on_stream_close_error_callback
documentation says, any error code other than 0 or
NGHTTP2_ERR_CALLBACK_FAILURE is treated as fatal
error code. More specifically, it is treated as if
NGHTTP2_ERR_CALLBACK_FAILURE is returned. I guess that
envoy returns
NGHTTP2_ERR_CALLBACK_FAILURE or other error code which is
translated into NGHTTP2_ERR_CALLBACK_FAILURE.
https://github.com/envoyproxy/envoy/security/advisories/GHSA-
jfxv-29pc-x22r
==== openssh ====
Version update (9.3p1 -> 9.3p2)
Subpackages: openssh-clients openssh-common openssh-server
- Update to openssh 9.3p2 (bsc#1213504, CVE-2023-38408):
Security
========
Fix CVE-2023-38408 - a condition where specific libaries loaded via
ssh-agent(1)'s PKCS#11 support could be abused to achieve remote
code execution via a forwarded agent socket if the following
conditions are met:
* Exploitation requires the presence of specific libraries on
the victim system.
* Remote exploitation requires that the agent was forwarded
to an attacker-controlled system.
Exploitation can also be prevented by starting ssh-agent(1) with an
empty PKCS#11/FIDO allowlist (ssh-agent -P '') or by configuring
an allowlist that contains only specific provider libraries.
This vulnerability was discovered and demonstrated to be exploitable
by the Qualys Security Advisory team.
In addition to removing the main precondition for exploitation,
this release removes the ability for remote ssh-agent(1) clients
to load PKCS#11 modules by default (see below).
Potentially-incompatible changes
- -------------------------------
* ssh-agent(8): the agent will now refuse requests to load PKCS#11
modules issued by remote clients by default. A flag has been added
to restore the previous behaviour "-Oallow-remote-pkcs11".
Note that ssh-agent(8) depends on the SSH client to identify
requests that are remote. The OpenSSH >=8.9 ssh(1) client does
this, but forwarding access to an agent socket using other tools
may circumvent this restriction.
==== openssh-askpass-gnome ====
Version update (9.3p1 -> 9.3p2)
- Update to openssh 9.3p2
* No changes for askpass, see main package changelog for
details
==== openssl-3 ====
Subpackages: libopenssl3
- Security fix: [bsc#1213487, CVE-2023-3446]
* Fix DH_check() excessive time with over sized modulus.
* The function DH_check() performs various checks on DH parameters.
One of those checks confirms that the modulus ("p" parameter) is
not too large. Trying to use a very large modulus is slow and
OpenSSL will not normally use a modulus which is over 10,000 bits
in length.
However the DH_check() function checks numerous aspects of the
key or parameters that have been supplied. Some of those checks
use the supplied modulus value even if it has already been found
to be too large.
A new limit has been added to DH_check of 32,768 bits. Supplying
a key/parameters with a modulus over this size will simply cause
DH_check() to fail.
* Add openssl-CVE-2023-3446.patch openssl-CVE-2023-3446-test.patch
- Security fix: [bsc#1213383, CVE-2023-2975]
* AES-SIV implementation ignores empty associated data entries
* Add openssl-CVE-2023-2975.patch
==== perl-File-Listing ====
Version update (6.15 -> 6.160.0)
- updated to 6.16
see /usr/share/doc/packages/perl-File-Listing/Changes
6.16 2023-07-12 15:22:25 -0600
- Support dosftp listings with four-digit years (gh#3, gh#26)
==== perl-XML-LibXML ====
Version update (2.0208 -> 2.0209)
- Added versions to 'Provides' lines after fixing a bug in cpanspec
- updated to 2.0209
see /usr/share/doc/packages/perl-XML-LibXML/Changes
2.0209 2023-07-15
- t/35huge_mode.t: fix test with libxml2 2.11
- thanks to Dominique Martinet
- Add clearer reference to using cloneNode to extract node with namespaces
- thanks to Timothy Legge
- initialize xmlValidCtxt
- thanks to Alexander Bluhm
==== perl-libwww-perl ====
Version update (6.71 -> 6.720.0)
- updated to 6.72
see /usr/share/doc/packages/perl-libwww-perl/Changes
6.72 2023-07-17 22:01:19Z
- Don't mangle protocol scheme and don't require it to be valid if
implementor is already known (GH#436) (mwgamera)
==== pipewire ====
Version update (0.3.74 -> 0.3.76)
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools
- Update to version 0.3.76:
* Highlights
- Fix a regression that would cause the MPV pipewire backend
to fail because of a spurious thread-loop signal.
- Fix a crash when DBus is not found.
- ALSA hires timestamps are now disabled by default.
- Some more fixes and improvements.
* PipeWire
- A new option was added to pw-thread-loop to signal when the
thread starts.
- This is only used in module-rt to avoid regressions in mpv.
(#3374)
- Fix a compilation problem.
- Stream flags now only set the properties when not already
set. This fixes a regression with node autoconnect. (#3382)
* Tools
- pw-cat will now stop when the stream is disconnected. (#2731)
- Improve the pw-cat man page, mention that stdin/stdout
handling is only on raw data.
* modules
- module-rt will now not crash when dbus is not available but
error out as before.
- A new VBAN (vb-audio.com) sender and receiver was added.
(#3380)
* SPA
- Add an option in audioconvert to disable volume updates.
(#3361)
- ALSA hires timestamps are disabled by default because many
drivers seem to give wrong timestamps and cause extra delay.
* bluetooth
- LE Audio support is now enabled by default when liblc3 is
available now that bluez has support for detecting the
hardware features.
- Add code in the spec file to modify the patch file
reduce-meson-dependency.patch (used to build in SLE/Leap) so that
we don't need to rebase it manually for every version update.
- Use gcc 11 in SLE/Leap since gcc 9 fails to build 0.3.75 with
../spa/include/spa/utils/cleanup.h:52:13: error: dereferencing pointer to incomplete type âDIRâ {aka âstruct __dirstreamâ}
52 | __typeof__(*(ptr)) *_old_value = spa_steal_ptr(ptr); \
- Update to version 0.3.75:
* Highlights
- Link permissions between nodes are now enforced. This avoids
potential portal managed screencast nodes to link to the
camera even though it was not assigned permissions to do so
by the session manager (boo#1213682).
- Libcamera and v4l2 devices now have properties so that
duplicates can be filtered out by the session manager.
- A bug with draining was fixed where a buffer would be marked
EMPTY and would not play when it contained drained samples.
- Many fixes and improvements.
* PipeWire
- Permissions for links between nodes are now enforced. The
link will now check that the owner clients of the nodes can
see each other before allowing the link. This avoids
screensharing clients to accidentally being linked to the
camera nodes by the session manager. A side effect is that
patchbay tools will no longer be able to link portal managed
screencast nodes to the camera, for this we need a new
permission for those patchbay clients.
- The stream.rules/filter.rules are now evaluated when
connecting the stream/filter so that more properties can be
matched.
- Move some internal events from the context to the nodes to
better handle per-node threads in the future.
- The thread-loop will now signal when the thread is started.
* modules
- A timestamp workaround in module-raop was reverted because it
does not work in all cases. Instead latency was increased to
1.5 seconds, which also makes the problematic device in
question work.
- The profiler module was reworked a bit to use the new node
realtime events. It should now also handle dynamically added
and removed drivers.
- The module-rt now does the rtkit calls from a separate thread
so that it does not block the main thread. This could cause
deadlocks during startup in some cases.
* SPA
- Atomic operation macros were move from internal pipewire API
to public API.
- The video-info structure now has a new
SPA_VIDEO_FLAG_MODIFIER_FIXATION_REQUIRED flag to instruct
the application to fixate the modifiers. This simplifies some
logic in applications a lot.
- The libcamera and v4l2 nodes now have properties to enumerate
the device id they are using. This can be used to match v4l2
devices and libcamera devices and filter out duplicates.
- A bug with draining was fixed where a buffer would be marked
EMPTY and would not
==== podman ====
Version update (4.5.1 -> 4.6.0)
- Update to version 4.6.0:
* Bump to v4.6.0
* Update release notes for v4.6.0
* Ensure that we appropriately warn that TCP is insecure
* CI: remove build without cgo task
* libpod: use io.Writer vs io.WriteCloser for attach streams
* top: do not depend on ps(1) in container
* api: fix doc for default ps_args
* Add more tests for liveness probes with default hostname & named ports
* Fix TCP probes when the optional host field is not given
* Add support for using port names in Kubernetes health probes
* [CI:DOCS] fix command incorrect in windows
* [CI:DOCS] Reformat and reorder table with --userns options
* [CI:DOCS] Better document the default value of --userns
* Add missing return after utils.InternalServerError()
* Fix markdown in docs for podman-network-create
* Fix multiple filter options logic for `podman volume ls `
* Should be checking tmpfs versus type not source
* Use constants for mount types
* Fix `podman container prune` docs for `--filter`
* docs: podman-build --network add slirp and pasta
* docs: podman run --network mention comma separted names
* network create: document --internal better
* pkg/specgen: fix support for --rootfs on FreeBSD
* systests: quadlet: fixes for RHEL8
* Fix windows installer
* Podmansh: Better error, increase timeout to 30s
* Emergency gating-test fixes for RHEL8
* Packit: remove pre-sync action
* [CI:DOCS] Update RELEASE_NOTES.md with Makefile change
* Bump to v4.6.0-dev
* Bump to v4.6.0-rc2
* Makefile: `package` -> `rpm`
* Update release notes
* system tests: refactor registry code
* machine start: qemu: wait for SSH readiness
* machine start: qemu: adjust backoffs
* auto update: fix usage of --authfile
* [CI:BUILD] Packit: downstream task action fix
* Fix container errors not being sent via pod removal API
* netavark: macvlan networks keep custom nameservers
* add hostname to network alias
* libpod: set cid network alias in setupContainer()
* Fix: cgroup is not set: internal libpod error after os reboot
* test/e2e: wait for socket
* api: fix slow version endpoint
* manifest inspect: support authentication
* libpod: don't make a broken symlink for /etc/mtab on FreeBSD
* make --syslog errors non fatal
* Fixes typo in the path where quadlet looks for files
* [CI:DOCS] uidmap man pages: fix corrupt italics
* [CI:DOCS] podman-system-service.1.md: document systemd usage
* Use bytes size consistently instead of human size
* bugfix: do not try to parse empty ranges
* pkg/specgen: properly identify image OS on FreeBSD
* [CI:DOCS] Document support of pod security context IDs
* pkg/specgen: add support for 'podman run --init' on FreeBSD
* Remove 'inspecting object' from inspect errors
* Fix readonly=false failure
* pkg/specgen: Add support for Linux emulation on FreeBSD
* Fix up podmansh man page
* Pass in correct cwd value for hooks exe
* specgen: honor --device-cgroup-rule with a new user namespace
* specgen, rootless: raise error with --device-cgroup-rule
* make image listing more resilient
* Trim whitespace from unit files while parsing
* play.go: remove volumes on down -f
* Vendor c/common v0.55.2
* system service: unset listen fds on tcp
* [CI:DOCS] [Release Notes]: add static routes
* [CI:DOCS] tag podmansh as tech preview in RELEASE_NOTES.md
* [CI:DOCS] uidmap man pages: fix corrupt tables
* libpod: use new libcontainer BlockIO constructors
* Bump to v4.6.0-dev
* Bump to v4.6.0-rc1
* Bump to v4.6.1-dev
* Bump to v4.6.0
* Release notes for v4.6.0
* Update Release Notes for v4.5.1
* rootless: use default_rootless_network_cmd config
* tests: fix "Storing signatures" check
* Fixes for vendoring Buildah
* Make Podman/Buildah use same DecryptConfig/EncryptConfig funcs
* Do not use deprecated hook functions from c/common
* Bump c/storage to v1.48.0, c/image to v5.26.1, c/common to v0.55.1, buildah to v1.31.0
* pasta: Remove some leftover code from pasta bats tests
* pasta: Fix pasta tests to work on hosts with multiple interfaces
* fix(command): ignore `--format` in `podman search --list-tags`
* Use /proc/self/gid_map as intended, not uid_map
* podman machine start: fix ready service
* Makefile: don't rely on the non-standard -r flag for ln
* cmd/podman, pkg/domain/infra: sockets should live in /var/run on FreeBSD
* cmd/podman/system: add API server support on FreeBSD
* pasta: Create /etc/hosts entries for pods using pasta networking
* RPM: Fix koji and ELN issues
* Cirrus: Update operating branch
* system tests: add and use _prefetch
* pkg/api: BufferedResponseWriter flush correctly
* pkg/api: top return error to client
... changelog too long, skipping 429 lines ...
* Do not display the resource limits warning message
==== publicsuffix ====
Version update (20230709 -> 20230717)
- Update to version 20230717:
* Domains are removed `hidora.com`, `users.scale.virtualcloud.com.br`, `clicketcloud.com` (#1598)
* Add storipress.app (#1583)
==== python-SQLAlchemy ====
Version update (2.0.16 -> 2.0.19)
- update to 2.0.19:
* Various bugfixes, see
https://docs.sqlalchemy.org/en/20/changelog/changelog_20.html#change-2.0.19
==== python-blinker ====
- Add no-stdpy-pyc.patch which makes Sphinx not to generate
* .pyc files for the Python interpreter it uses for generating
documentation.
==== python-jsonschema-specifications ====
Version update (2023.6.1 -> 2023.7.1)
- update to 2023.7.1:
no changelog, only diff available at
https://github.com/python-jsonschema/jsonschema-specifications/compare/v202…
==== python-py ====
- Skip tests failing with pytest 7.4, they don't matter
* failure comes from py.core, which has low usage
* https://github.com/pytest-dev/py/issues/288
* according to that this code is not used in Tumbleweed anyway
==== python-pycairo ====
Version update (1.23.0 -> 1.24.0)
- update to 1.24.0:
* Dropped Python 3.7 support
* Bumped meson version requirement from 0.53.0 to 0.56.0
* Various cairo dependency updates for the Windows wheel build
* Various code cleanups :pr:`306`
* Added Python 3.12 Windows wheels
==== python-rich ====
- %{?sle15_python_module_pythons} mut be at beginning to work.
==== python-urllib3 ====
Version update (2.0.3 -> 2.0.4)
- update to 2.0.4:
* Added support for union operators to ``HTTPHeaderDict``
* Added ``BaseHTTPResponse`` to ``urllib3.__all__`` (`#3078
* Fixed ``urllib3.connection.HTTPConnection`` to raise the
``http.client.connect`` audit event to have the same behavior
as the standard library HTTP client
* Relied on the standard library for checking hostnames in
supported PyPy releases
==== python-zope.event ====
- Drop sphinx doctrees for reproducible builds
==== qalculate ====
Version update (4.6.1 -> 4.7.0)
Subpackages: libqalculate22 qalculate-data
- version update to 4.7.0
* Support for custom default angle unit, e.g. turn, arcsec, arcmin
* Append default angle unit (instead of always radians) when converting
value without unit to angle unit
* More consistent addition and removal of angle unit from function arguments
* Always interpret ./, .*, and .^ as entrywise operators if user intention is unclear
* Change order of operations to place entrywise and ordinary operators on
the same precedence level
* Add function, kron(), for Kronecker product, and constants for Pauli matrices
* Add radius to planets dataset and update other properties
* Support replacement of unknown variables within variable values
* Fix besselj(0, 0)
* Fix incomplete calculation in tan() with try exact approximation
* Fix 0/0=0 equality (do not return true) and output of 2/0 (and similar)
* Fixes and improvements for newtonsolve() and secantsolve()
* Fix segfault when MathStructure is deleted after Calculator, and in destructor
of calculated DynamicVariable (called from Calculator destructor)
* Do not save mode on exit if "-defaults" command line switch where used (CLI)
* Allow multiple actions for keyboard shortcuts (GTK, Qt)
* Add toggle precision, and min, max, or min and max decimals to available
shortcut and button actions (GTK, Qt)
* Add option to exclude units for unformatted ASCII copy (GTK, Qt)
* Add optional value to copy result action, allowing expression copy and
formatting selection (GTK, Qt)
* Fix copy unformatted ASCII when local digit group separator is same as selected
decimal separator (GTK, Qt)
* Add option to automatically copy result (Qt)
* Always set (primary) selection clipboard contents when whole expression is
selected or selection is cleared, e.g. after calculation (Qt)
* Improve support dark mode and high contrast modes, and change default style
to Fusion, on Windows (Qt)
* Minor bug fixes and feature enhancements
==== qca-qt5 ====
Version update (2.3.6 -> 2.3.7)
Subpackages: libqca-qt5-2 qca-qt5-plugins
- Update to 2.3.7
* OpenSSL3: don't quit if legacy provider is unavailable
==== qemu ====
- Fix bsc#1179993, bsc#1181740, bsc#1213001
- Patches added:
* hw/ide/piix: properly initialize the BMIBA register
* ui/vnc-clipboard: fix infinite loop in inflate_buffer (CVE-2023-3255)
==== raspberrypi-firmware-dt ====
- Update 0001-ARM-dts-bcm27xx-Use-better-name-for-spidev.patch description
- Use compatible string which is supported by spidev module (bsc#1212791):
* 0001-ARM-dts-bcm27xx-Use-better-name-for-spidev.patch
==== re2-10 ====
- legacy lib package forked from re2, for libqt5-qtwebengine
==== rsync ====
- Add support directory to %docdir.
Includes some upstream provided scripts such as rrsync. (bsc#1212198)
==== runc ====
Version update (1.1.7 -> 1.1.8)
- Update to runc v1.1.8. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.1.8>.
==== samba ====
Version update (4.18.3+git.303.c08b73d523c -> 4.18.5+git.313.c8e274c7852)
Subpackages: libsamba-policy0-python3 samba-ad-dc-libs samba-client samba-client-libs samba-libs samba-libs-python3 samba-python3
- Update to 4.18.5
* CVE-2022-2127: lm_resp_len not checked properly in
winbindd_pam_auth_crap_send; (bso#15072); (bsc#1213174).
* CVE-2023-34966: Samba Spotlight mdssvc RPC Request Infinite
Loop Denial-of-Service Vulnerability; (bso#15340); (bsc#1213173).
* CVE-2023-34967: Samba Spotlight mdssvc RPC Request Type
Confusion Denial-of-Service Vulnerability; (bso#15341); (bsc#1213172).
* CVE-2023-34968: Spotlight server-side Share Path Disclosure;
(bso#15388); (bsc#1213171).
* CVE-2023-3347: Samba doesn't require SMB2+ signing if
`server signing = mandatory` is set; (bso#15397); (bsc#1213170).
* secure channel faulty since Windows 10/11 update 07/2023;
(bso#15418); (bsc#1213384).
- Update to 4.18.4
* Backport --pidl-developer fixes; (bso#15404).
* Named crashes on DLZ zone update; (bso#14030).
* smbcacls and smbcquotas do not check // before the server;
(bso#2312).
* cli_list loops 100% CPU against pre-lanman2 servers;
(bso#15382).
* smbclient leaks fds with showacls; (bso#15391).
* smbd returns NOT_FOUND when creating files on a r/o
filesystem; (bso#15402).
* NSS_WRAPPER_HOSTNAME doesn't match NSS_WRAPPER_HOSTS entry
and causes test timeouts; (bso#15355).
* net ads lookup (with unspecified realm) fails; (bso#15384).
* Register Samba processes with GPFS; (bso#15381).
* Python tarfile extraction needs change to avoid a warning
(CVE-2007-4559 mitigation); (bso#15390).
* The winbind child segfaults when listing users with `winbind
scan trusted domains = yes`; (bso#15398).
* Remove comments about deprecated 'write cache size';
(bso#15383).
* smbget memory leak if failed to download files recursively;
(bso#15403).
==== sdbootutil ====
Version update (1+git20230717.dac075e -> 1+git20230727.a0e666f)
Subpackages: sdbootutil-snapper
- Update to version 1+git20230727.a0e666f:
* Set and honor $SYSTEMD_ESP_PATH
* rpm-script: don't remove kernel on reinstalls
- Update to version 1+git20230726.a994d2e:
* Fix installing extra kernels in MicroOS
* Replace file triggers with scriptlet
* Fix cleanup of rollback files
* Don't install unchanged files
* Add is-bootable and list-kernels commands
* Add ARCHITECTURE.md which explains how the setup works
* Add default loader config when installed
==== selinux-policy ====
Version update (20230622 -> 20230728)
Subpackages: selinux-policy-targeted
- Update to version 20230728:
* Allow kdump_t to manage symlinks under kdump_var_lib_t (bsc#1213721)
* allow haveged to manage tmpfs directories (bsc#1213594)
==== sof-firmware ====
Version update (2.2.5 -> 2.2.6)
- Update to version 2.2.6:
There's no FW binary change. This release adds a few new topology binaries
for Intel Tiger Lake (TGL), Alder Lake (ADL) and Raptor Lake (RPL) platforms
- Add Notice.NXP
==== sudo ====
Version update (1.9.13p3 -> 1.9.14p1)
Subpackages: sudo-plugin-python
- Update to 1.9.14p1:
* Fixed an invalid free bug in sudo_logsrvd that was introduced
in version 1.9.14 which could cause sudo_logsrvd to crash.
* The sudoers plugin no longer tries to send the terminal name
to the log server when no terminal is present. This bug was
introduced in version 1.9.14.
* Fixed a bug where if the "intercept" or "log_subcmds" sudoers
option was enabled and a sub-command was run where the first
entry of the argument vector didn't match the command being run.
This resulted in commands like "sudo su -" being killed due to
the mismatch. Bug #1050.
* The sudoers plugin now canonicalizes command path names before
matching (where possible). This fixes a bug where sudo could
execute the wrong path if there are multiple symbolic links with
the same target and the same base name in sudoers that a user is
allowed to run. GitHub issue #228.
* Improved command matching when a chroot is specified in sudoers.
The sudoers plugin will now change the root directory id needed
before performing command matching. Previously, the root directory
was simply prepended to the path that was being processed.
* When NETGROUP_BASE is set in the ldap.conf file, sudo will now
perform its own netgroup lookups of the host name instead of
using the system innetgr(3) function. This guarantees that user
and host netgroup lookups are performed using the same LDAP
server (or servers).
* Fixed a bug introduced in sudo 1.9.13 that resulted in a missing
" ; " separator between environment variables and the command
in log entries.
* The visudo utility now displays a warning when it ignores a file
in an include dir such as /etc/sudoers.d.
* When running a command in a pseudo-terminal, sudo will initialize
the terminal settings even if it is the background process.
Previously, sudo only initialized the pseudo-terminal when running
in the foreground. This fixes an issue where a program that
checks the window size would read the wrong value when sudo was
running in the background.
* Fixed a bug where only the first two digits of the TSID field
being was logged. Bug #1046.
* The "log_pty" sudoers option is now enabled by default. To
restore the historic behavior where a command is run in the
user's terminal, add "Defaults !use_pty" to the sudoers file.
GitHub issue #258.
* Sudo's "-b" option now works when the command is run in a
pseudo-terminal.
* When disabling core dumps, sudo now only modifies the soft limit
and leaves the hard limit as-is. This avoids problems on Linux
when sudo does not have CAP_SYS_RESOURCE, which may be the case
when run inside a container. GitHub issue #42.
* Sudo configuration file paths have been converted to colon-separated
lists of paths. This makes it possible to have configuration
files on a read-only file system while still allowing for local
modifications in a different (writable) directory. The new
- -enable-adminconf configure option can be used to specify a
directory that is searched for configuration files in preference
to the sysconfdir (which is usually /etc).
* The "intercept_verify" sudoers option is now only applied when
the "intercept" option is set in sudoers. Previously, it was
also applied when "log_subcmds" was enabled.
* The NETGROUP_QUERY ldap.conf parameter can now be disabled for
LDAP servers that do not support querying the nisNetgroup object
by its nisNetgroupTriple attribute, while still allowing sudo to
query the LDAP server directly to determine netgroup membership.
* Fixed a long-standing bug where a sudoers rule without an explicit
runas list allowed the user to run a command as root and any
group instead of just one of the groups that root is a member
of. For example, a rule such as "myuser ALL = ALL" would permit
"sudo -u root -g othergroup" even if root did not belong to
"othergroup".
* Fixed a bug where a sudoers rule with an explicit runas list
allowed a user to run sudo commands as themselves. For example,
a rule such as "myuser ALL = (root) ALL", "myuser" should only
allow commands to be run as root (optionally using one of root's
groups). However, the rule also allowed the user to run
"sudo -u myuser -g myuser command".
* Fixed a bug that prevented the user from specifying a group on
the command line via "sudo -g" if the rule's Runas_Spec contained
a Runas_Alias.
* Sudo now requires a C compiler that conforms to ISO C99 or higher
to build.
==== systemd ====
Subpackages: libsystemd0 libudev1 systemd-boot systemd-coredump systemd-doc udev
- Drop 0003-strip-the-domain-part-from-etc-hostname-when-setting.patch
/etc/hostname is supposed to contain the static host name of the system. This
patch was used to work around cases where users incorrectly save the FQDN
instead. However this is incorrect and not consistent with what
systemd-hostnamed does and what other distributions do. Also assuming that
/etc/hostname will contain the system host name only removes any ambiguities
since the host name can contain a period.
/etc/hosts is usually where one sets the domain name by aliasing the host name
to the FQDN.
Note that the installer used to save the FQDN in /etc/hostname but this has
been fixed since several years now (bsc#972463).
- systemd-homed is no more considered as experimental
It's been moved to its own dedicated sub-package "systemd-homed".
- systemd-userdb is no more considered as experimental (jsc#PED-2668)
As such it's been moved to the main package.
==== sysuser-tools ====
Version update (3.1 -> 3.2)
- Version 3.2
- update sysusers_requires to request sysuser-shadow 3.2
- Use TAB consistently for indention in sysusers2shadow.sh
- This pkg needs to follow behavior which is described in sysusers.d(5).
Always create a system group of the same name as the system user,
even if the user already exists. (bsc#1205161, bsc#1207778, bsc#1213240)
- Add "quilt setup" friendly hint to %sysusers_requires usage
It is not required to have sysuser-tools installed when working
with a pkg source which uses sysuser-tools at build time.
==== tar ====
Subpackages: tar-rmt
- Update tests-skip-time01-on-32bit-time_t.patch to not run test
on armv6 either
==== texlive-specs-n ====
Version update (2023.201.2.005svn65956 -> 2023.209.2.005svn65956)
- Rework lua(meta)tex/context resource findings
- Add requirement in invoice2 for siunitx as shown upstream
- Add patch context_shell-escape.dif
* Add upstream fix for enabling --socket and --shell-escape
- Drop gracht.mp, detcow.mp, and mycow.mp from context.doc as
only given with CC-BY-NC-SA-3.0, a non-commercial license
==== tpm2-0-tss ====
Subpackages: libtss2-esys0 libtss2-fapi1 libtss2-mu0 libtss2-rc0 libtss2-sys1 libtss2-tcti-device0 libtss2-tctildr0
- Require openssl-3 over openssl-1 to assist migration of applications
to newer openssl-3.
==== update-alternatives ====
Version update (1.21.8 -> 1.21.22)
- openssl.patch: use openssl library for MD5 calculation instead
of relying on libmd. libmd is not in Ring0
- require Perl 5.28.1 or later
==== util-linux ====
Version update (2.39 -> 2.39.1)
Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1
- Re-add 0001-Revert-libblkid-try-LUKS2-first-when-probing.patch
because the patch is not in 2.39.1
- Upgrade to version 2.39.1
(bsc#1213328)
Various bug fixes including problem with parsing mount options.
- Dropped upstreamed patches:
0001-Revert-libblkid-try-LUKS2-first-when-probing.patch
0001-libmount-fix-sync-options-between-context-and-fs-str.patch
util-linux-fix-tests-with-64k-pagesize.patch
==== util-linux-systemd ====
Version update (2.39 -> 2.39.1)
- Re-add 0001-Revert-libblkid-try-LUKS2-first-when-probing.patch
because the patch is not in 2.39.1
- Upgrade to version 2.39.1
(bsc#1213328)
Various bug fixes including problem with parsing mount options.
- Dropped upstreamed patches:
0001-Revert-libblkid-try-LUKS2-first-when-probing.patch
0001-libmount-fix-sync-options-between-context-and-fs-str.patch
util-linux-fix-tests-with-64k-pagesize.patch
==== vala-panel-appmenu ====
Subpackages: appmenu-gtk-module-common appmenu-gtk2-module appmenu-gtk3-module libappmenu-gtk2-parser0 libappmenu-gtk3-parser0
- Fix systemd_user_post macro use.
- Spec clean-up.
==== webkit2gtk3 ====
Version update (2.40.3 -> 2.40.4)
Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles
- Update to version 2.40.4:
+ Fix a bug in JavaScript reading variable arguments in a call.
==== webkit2gtk4 ====
Version update (2.40.3 -> 2.40.4)
Subpackages: libjavascriptcoregtk6_0-1 libwebkitgtk6_0-4 webkitgtk-6_0-injected-bundles
- Update to version 2.40.4:
+ Fix a bug in JavaScript reading variable arguments in a call.
==== wireless-regdb ====
Version update (20230601 -> 20230721)
- Update to version 20230721:
* wireless-regdb: Update regulatory info for Türkiye (TR)
* wireless-regdb: Update regulatory rules for Egypt (EG) from March 2022 guidelines
==== xfsprogs ====
Version update (6.3.0 -> 6.4.0)
- update to 6.4.0:
- xfs_db: expose the flag in rmapbt keys
- xfs_repair: warn about unwritten bits set in rmap btree keys
- xfs_repair: check low keys of rmap btrees
- xfs_repair: always perform extended xattr checks on uncertain inodes
- xfs_repair: fix messaging when fixing imap due to sparse cluster
- xfs_repair: fix messaging in longform_dir2_entry_check_data
- xfs_repair: fix messaging when shortform_dir2_junk is called
- xfs_repair: don't log inode problems without printing resolution
- xfs_repair: don't spray correcting imap all by itself
- libxcmd: Fix crash due to missing return value check on add_command()
- xfs_db: make the hash command print the dirent hash
- xfs_db: Add new cmd to create dirents and xattrs that induce dahash collisions
- mkfs: deprecate the ascii-ci feature
- xfs_db: fix metadump name obfuscation for ascii-ci filesystems
- libxfs: kernel sync
==== yast2-users ====
Version update (4.6.2 -> 4.6.4)
- bsc#1211583
- do not pre-fill non-sense user password when going back after
importing user
- 4.6.4
- Allow to edit the NIS master server databases instead of the
local ones, relying on the --prefix argument added to several
commands in the "shadow" package (bsc#1206627).
- 4.6.3
==== zlib-ng-compat ====
- Fix build on riscv64
- Build with %{optflags}
==== zypper ====
Version update (1.14.61 -> 1.14.62)
Subpackages: zypper-log zypper-needs-restarting
- man: revised explanation of --force-resolution (bsc#1213557)
Point out that the option not only allows to remove packages but
may also violate any other active policy if there is no other way
to resolve the job.
- Print summary hint if policies were violated due to
- -force-resolution (bsc#1213557)
- BuildRequires: libzypp-devel >= 17.31.16 (for zypp-tui)
- version 1.14.62
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
iio-sensor-proxy (3.4 -> 3.5)
libcontainers-common
rsync
yast2-trans (84.87.20230720.09601d9b28 -> 84.87.20230729.64eca7e0a1)
=== Details ===
==== iio-sensor-proxy ====
Version update (3.4 -> 3.5)
- Update to version 3.5:
* Fix sensor hotplugging
* Fix some sensors not working when they were assigned a
sampling frequency they did not support.
* Add more tests.
* Correct the location of the D-Bus policy file.
==== libcontainers-common ====
Subpackages: libcontainers-default-policy
- Disable CNI related configs on ALP (bsc#1213556)
(https://github.com/containers/podman/issues/19327)
==== rsync ====
- Add support directory to %docdir.
Includes some upstream provided scripts such as rrsync. (bsc#1212198)
==== yast2-trans ====
Version update (84.87.20230720.09601d9b28 -> 84.87.20230729.64eca7e0a1)
Subpackages: yast2-trans-cs yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-fr yast2-trans-hu yast2-trans-it yast2-trans-ja yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ru yast2-trans-zh_CN yast2-trans-zh_TW
- Update to version 84.87.20230729.64eca7e0a1:
* Translated using Weblate (Kurdish)
* Translated using Weblate (Czech)
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
util-linux (2.39 -> 2.39.1)
util-linux-systemd (2.39 -> 2.39.1)
vala-panel-appmenu
=== Details ===
==== util-linux ====
Version update (2.39 -> 2.39.1)
Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 util-linux-lang
- Re-add 0001-Revert-libblkid-try-LUKS2-first-when-probing.patch
because the patch is not in 2.39.1
- Upgrade to version 2.39.1
(bsc#1213328)
Various bug fixes including problem with parsing mount options.
- Dropped upstreamed patches:
0001-Revert-libblkid-try-LUKS2-first-when-probing.patch
0001-libmount-fix-sync-options-between-context-and-fs-str.patch
util-linux-fix-tests-with-64k-pagesize.patch
==== util-linux-systemd ====
Version update (2.39 -> 2.39.1)
- Re-add 0001-Revert-libblkid-try-LUKS2-first-when-probing.patch
because the patch is not in 2.39.1
- Upgrade to version 2.39.1
(bsc#1213328)
Various bug fixes including problem with parsing mount options.
- Dropped upstreamed patches:
0001-Revert-libblkid-try-LUKS2-first-when-probing.patch
0001-libmount-fix-sync-options-between-context-and-fs-str.patch
util-linux-fix-tests-with-64k-pagesize.patch
==== vala-panel-appmenu ====
Subpackages: appmenu-gtk-module-common appmenu-gtk2-module appmenu-gtk3-module libappmenu-gtk2-parser0 libappmenu-gtk3-parser0
- Fix systemd_user_post macro use.
- Spec clean-up.
1
0