Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
MozillaFirefox
apparmor
cryptsetup (2.6.1 -> 2.7.0)
dos2unix (7.5.1 -> 7.5.2)
duktape
firewalld (2.1.0 -> 2.1.1)
fwupd (1.9.11 -> 1.9.12)
ghostscript (9.56.1 -> 10.02.1)
grub2
iso-codes (4.15.0 -> 4.16.0)
kernel-firmware (20240115 -> 20240126)
libapparmor
libgcrypt
libjcat (0.2.0 -> 0.2.1)
mutter
nghttp2 (1.58.0 -> 1.59.0)
numactl (2.0.16.21.g693fee1 -> 2.0.17.4.g63befa8)
openssl-3
openssl
patterns-kde
python-Jinja2
python-MarkupSafe (2.1.3 -> 2.1.4)
python-pyOpenSSL (23.3.0 -> 24.0.0)
python-pycryptodome (3.19.1 -> 3.20.0)
strace (6.6 -> 6.7)
xdg-utils (1.2.0~beta1+20230929 -> 1.2.0+20240130)
xorg-x11-server
xterm (388 -> 389)
yast2 (5.0.4 -> 5.0.5)
yast2-installation (5.0.4 -> 5.0.5)
zenity (4.0.0 -> 4.0.1)
=== Details ===
==== MozillaFirefox ====
- Fix file list
==== apparmor ====
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor
- Add dovecot-unix_chkpwd.diff to allow dovecot-auth to execute
unix_chkpwd, and add a profile for unix_chkpwd. This is needed
for PAM 1.6 (boo#1219139)
- Refresh apparmor.keyring - the key was renewed
==== cryptsetup ====
Version update (2.6.1 -> 2.7.0)
Subpackages: cryptsetup-doc libcryptsetup12
- Update to 2.7.0:
* Full changelog in:
mirrors.edge.kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.0-ReleaseNotes
* Introduce support for hardware OPAL disk encryption.
* plain mode: Set default cipher to aes-xts-plain64 and password hashing
to sha256.
* Allow activation (open), luksResume, and luksAddKey to use the volume
key stored in a keyring.
* Allow to store volume key to a user-specified keyring in open and
luksResume commands.
* Do not flush IO operations if resize grows the device.
This can help performance in specific cases where the encrypted device
is extended automatically while running many IO operations.
* Use only half of detected free memory for Argon2 PBKDF on systems
without swap (for LUKS2 new keyslot or format operations).
* Add the possibility to specify a directory for external LUKS2 token
handlers (plugins).
* Do not allow reencryption/decryption on LUKS2 devices with
authenticated encryption or hardware (OPAL) encryption.
* Do not fail LUKS format if the operation was interrupted on subsequent
device wipe.
* Fix the LUKS2 keyslot option to be used while activating the device
by a token.
* Properly report if the dm-verity device cannot be activated due to
the inability to verify the signed root hash (ENOKEY).
* Fix to check passphrase for selected keyslot only when adding
new keyslot.
* Fix to not wipe the keyslot area before in-place overwrite.
* bitlk: Fix segfaults when attempting to verify the volume key.
* Add --disable-blkid command line option to avoid blkid device check.
* Add support for the meson build system.
* Fix wipe operation that overwrites the whole device if used for LUKS2
header with no keyslot area.
* Fix luksErase to work with detached LUKS header.
* Disallow the use of internal kernel crypto driver names in "capi"
specification.
* Fix reencryption to fail early for unknown cipher.
* tcrypt: Support new Blake2 hash for VeraCrypt.
* tcrypt: use hash values as substring for limiting KDF check.
* Add Aria cipher support and block size info.
* Do not decrease PBKDF parameters if the user forces them.
* Support OpenSSL 3.2 Argon2 implementation.
* Add support for Argon2 from libgcrypt
(requires yet unreleased gcrypt 1.11).
* Used Argon2 PBKDF implementation is now reported in debug mode
in the cryptographic backend version. For native support in
OpenSSL 3.2 or libgcrypt 1.11, "argon2" is displayed.
If libargon2 is used, "cryptsetup libargon2" (for embedded
library) or "external libargon2" is displayed.
* Link only libcrypto from OpenSSL.
* Disable reencryption for Direct-Access (DAX) devices.
* Print a warning message if the device is not aligned to sector size.
* Fix sector size and integrity fields display for non-LUKS2 crypt
devices for the status command.
* Fix suspend for LUKS2 with authenticated encryption (also suspend
dm-integrity device underneath).
* Update keyring and locking documentation and LUKS2 specification
for OPAL2 support.
* Remove patches fixed upstream:
- cryptsetup-Check-for-physical-memory-available-also-in-PBKDF-be.patch
- cryptsetup-Try-to-avoid-OOM-killer-on-low-memory-systems-withou.patch
- cryptsetup-Use-only-half-of-detected-free-memory-on-systems-wit.patch
==== dos2unix ====
Version update (7.5.1 -> 7.5.2)
- update to 7.5.2:
* Dos2unix can print info about the line break type of the last
line, or indicate there is none
* Updated documentation about ASCII mode conversion
==== duktape ====
- Build with distro flags
==== firewalld ====
Version update (2.1.0 -> 2.1.1)
Subpackages: firewalld-bash-completion python3-firewall
- update to 2.1.1:
* fix(offline-cmd): use family when creating ipset (64f78a9)
* fix(firewall-config): allow rich rule forwarded ports to be logged (d46ea62)
* fix(ipXtables): log forwarded ports only (07dc202)
* fix(nftables): log forwarded ports (5c26b73)
* fix(io.ipset): raise exception if entries exceed limit (a2da5fb)
* fix(policy): ipXtables: multiple policies using same zone (b6f2f09)
* fix(policy): dispatch update for active policies (7f6f0e2)
==== fwupd ====
Version update (1.9.11 -> 1.9.12)
Subpackages: fwupd-bash-completion libfwupd2 typelib-1_0-Fwupd-2_0
- Update to version 1.9.12:
+ This release adds the following features:
- Add remote modification support to fwupdtool
- Add support for more modify-config options
- Generate HTML pages for all man pages
+ This release fixes the following bugs:
- Assume the legacy LVFS::UpdateRequestId tag is non-generic
- Avoid crashing the daemon if not using udisks
- Correctly mark the CPU as supported
- Correctly match invalid EFI partitions
- Do not change the device status until the action has
completed
- Do not require systemd for fwupdtool modify-config
- Enable access to the home interface for snap
- Fix an assertion when enabling lvfs-testing for the first
time
- Fix a possible crash in fwupdtool build-cabinet
- Handle systems with more than one ccp device
- Only check AMD CPUs for SHSTK, not IBT
- Only write the mutable fwupd.conf with the current values
- Re-evaluate supported every time pci-psp attributes are
refreshed
- Show "CET OS support" on AMD systems too
+ This release adds support for the following hardware:
- AVer CAM340plus
- AVer VB342 Pro
- More Algoltek devices
==== ghostscript ====
Version update (9.56.1 -> 10.02.1)
Subpackages: ghostscript-x11
- update to 10.02.1:
* Patch release to address some security bugs
* This release (10.02.0) marks the final demise of the
PostScript based PDF interpreter.
* This 10.01.1 release removes the "-dNEWPDF=false" command
line option to fall back to the deprecated, old PDF
interpreter.
* This 10.01.0 release removes the "-dNEWPDF=false" command
line option to fall back to the deprecated, old PDF
interpreter.
* This release officially deprecates the old Postscript
implementation of PDF, we will not be updating or maintaining
that code moving forward. The option to use the old PDF
implementation _**will**_ be removed in the next full release
(10.01.0)
* Important: This release includes the new PDF interpreter
(implemented in C rather than PostScript). It is both
integrated into Ghostscript (now ENABLED by default), and
available as a standalone, PDF only, binary. See
https://ghostscript.com/pdfi.html for more details.
* This also bundles the latest zlib (1.2.12) which addresses a
security issue (CVE-2018-25032)
* **Important**: This release includes the new PDF interpreter
(implemented in C rather than PostScript). It is both
integrated into Ghostscript (now **ENABLED** by default), and
available as a standalone, PDF only, binary. See
https://ghostscript.com/pdfi.html for more details.
- drop CVE-2023-28879.patch, CVE-2023-36664.patch,
CVE-2023-38559.patch, CVE-2023-43115.patch,
CVE-2023-46751.patch: upstream
- drop remove-zlib-h-dependency.patch: unused
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin
- Remove magic number header field check on arm64 (bsc#1218783)
* 0001-loader-arm64-efi-linux-Remove-magic-number-header-fi.patch
==== iso-codes ====
Version update (4.15.0 -> 4.16.0)
Subpackages: iso-codes-lang
- update to 4.16.0:
+ Updated translations
+ ISO 4217: New translation for Khmer (Central)
+ ISO 639-2: New translation for Armenian
+ ISO 639-5: New translation for Lithuanian
==== kernel-firmware ====
Version update (20240115 -> 20240126)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Update to version 20240126 (git commit 8fa621d2f9c1):
* qcom: Add Audio firmware for SM8650 MTP
* linux-firmware: Add firmware for Cirrus CS35L41 on HP Consumer Laptops
* Intel Bluetooth: Make spacing consistent with rest of WHENCE
* amdgpu: update raven2 firmware
* amdgpu: update raven firmware
* amdgpu: update SDMA 5.2.7 firmware
* amdgpu: update PSP 13.0.8 firmware
* amdgpu: update VCN 3.1.2 firmware
* amdgpu: update SDMA 5.2.6 firmware
* amdgpu: update PSP 13.0.5 firmware
* amdgpu: update GC 10.3.6 firmware
* amdgpu: add GC 11.0.1 rlc_1 firmware
* amdgpu: update vega20 firmware
* amdgpu: update VCN 4.0.0 firmware
* amdgpu: update SMU 13.0.0 firmware
* amdgpu: update PSP 13.0.0 firmware
* amdgpu: update GC 11.0.0 firmware
* amdgpu: update vega12 firmware
* amdgpu: update vega10 firmware
* amdgpu: update beige goby firmware
* amdgpu: update picasso firmware
* amdgpu: update dimgrey cavefish firmware
* amdgpu: update vangogh firmware
* amdgpu: update navy flounder firmware
* amdgpu: update green sardine firmware
* amdgpu: update sienna cichlid firmware
* amdgpu: update PSP 13.0.11 firmware
* amdgpu: update GC 11.0.4 firmware
* amdgpu: update VCN 4.0.2 firmware
* amdgpu: update PSP 13.0.4 firmware
* amdgpu: update GC 11.0.1 firmware
* amdgpu: update arcturus firmware
* amdgpu: update navi14 firmware
* amdgpu: add VCN 4.0.3 firmware
* amdgpu: add SDMA 4.4.2 firmware
* amdgpu: add SMU 13.0.6 firmware
* amdgpu: add PSP 13.0.6 firmware
* amdgpu: Add GC 9.4.3 firmware
* amdgpu: update renoir firmware
* amdgpu: update VCN 4.0.4 firmware
* amdgpu: update SMU 13.0.7 firmware
* amdgpu: update PSP 13.0.7 firmware
* amdgpu: update GC 11.0.2 firmware
* amdgpu: update navi12 firmware
* amdgpu: update yellow carp firmware
* amdgpu: update SMU 13.0.10 firmware
* amdgpu: update SDMA 6.0.3 firmware
* amdgpu: update PSP 13.0.10 firmware
* amdgpu: update GC 11.0.3 firmware
* amdgpu: update navi10 firmware
* amdgpu: update aldebaran firmware
* linux-firmware: Update AMD cpu microcode
* RTL8192E: Remove old realtek WiFi firmware
- Update aliases
==== libapparmor ====
- Add dovecot-unix_chkpwd.diff to allow dovecot-auth to execute
unix_chkpwd, and add a profile for unix_chkpwd. This is needed
for PAM 1.6 (boo#1219139)
- Refresh apparmor.keyring - the key was renewed
==== libgcrypt ====
- add libgcrypt-no-deprecated-grep-alias.patch
==== libjcat ====
Version update (0.2.0 -> 0.2.1)
- Update to version 0.2.1:
+ Do not dedupe sig and sig-of-checksum when loading.
+ Fix the installed tests.
+ Show the sig-of-checksum results clearer on the CLI.
==== mutter ====
- mutter-SLE-bsc984738-grab-display.patch:
* Temporary disable this SLE-only patch as it makes mutter
45 lock-up on non-CSD apps (bsc#1218935)
==== nghttp2 ====
Version update (1.58.0 -> 1.59.0)
- update to 1.59.0:
* Update bash_completion
* h2load: Fix bug that ttfb is not recorded if h3 stream
has no data
* h2load: Consider all h2 HEADERS when counting bytes and
recording ttfb
* h2load: Ignore 1xx status code
* nghttpd: Free SSL_CTX on exit
* nghttpx: OpenSSL needs SSL_CTX_set_recv_max_early_data
* nghttpx: OpenSSL needs SSL_CTX_set_recv_max_early_data
* cmake: Require OpenSSL >= 1.1.1
* Add nghttp2_select_alpn and deprecate
nghttp2_select_next_protocol
* nghttpx: Add --alpn-list and deprecate --npn-list
* h2load: Add --alpn-list and deprecate --npn-list
* Remove NPN
* src: Support building with aws-lc
* Avoid detecting OpenSSL 3.2 as quictls
* Use nghttp3_pri_parse_priority added since nghttp3 v1.1.0
* h2load: Fix IPv6 address in :authority
* h2load: Fix IPv6 address in :authority
* nghttpx: Propagate stream priority from backend to
frontend
* nghttpx: Propagate stream priority from backend to
frontend
* Merge pull request #1991 from nghttp2/get-and-parse-
extpri
* Add API to get and parse RFC 9218 priority
* nghttpx: Prefer __FILE_NAME__ if defined
==== numactl ====
Version update (2.0.16.21.g693fee1 -> 2.0.17.4.g63befa8)
Subpackages: libnuma1
- Update to version 2.0.17.4.g63befa8:
* Fix CodeQl Warn: Wrong type of arguments to formatting function
* libnuma: Fix incorrect print and exit of numa_preferred/_many APIs
* libnuma: Fix unexpected output
* Fix README.md
* Increase version number
* Fix build badge
* Fix README.md
* Update README.md
* Add configure file for release
* Fix unused function return warning in numastat
* fix complain() fuction print newline
* Document that numa_police_memory may cause data races
* Add numastat_diff from jirka-h
* Enable v1 compatibility for unused getnodemask test
* libnuma: Handle initialization without sysfs
* Support empty memory nodes
* numactl: Add --version option to print version
* Remove obsolete numamon file
* numactl: Use standard tab indent for print_node_cpus
* Avoid using /proc/cpuinfo in test suite
* numact: Add --cpu-compress option
* Pin release workflow script to minimize risk of supply chain attacks
* move_pages: Fix warning (missing hunk from earlier revert)
* numastat: Remove unused functions
* distance: Remove unused variable (NFC)
* numademo: Adjust memcpy test bandwidth calculation
* numactl.c: Refactor print_node_cpus to display CPU ranges
* numactl.c: Refactor print_node_cpus to display CPU ranges
* numactl.c: Refactor print_node_cpus to display CPU ranges
* Refactor print_node_cpus to display CPU ranges instead of individual CPUs
* numactl: Fix manual for --preferred and --preferred-many
* Revert "Fix build error on riscv64 by linking libatomic"
* Include <fcntl.h> instead of <sys/fcntl.h>
* Fix the example usage in the numactl manual
* Fix issue #190 about numa_exit_on_warn does not work
* Create SECURITY.md
* fix: fix memory leaks when run with -H
* use mems allowed nodes to test prefer_many policy.
* fix typo in memhog.8
* Update move_pages.c
* migspeed don't have to be linked against librt
* Add MPOL_F_RELATIVE/STATIC_NODES
==== openssl-3 ====
Subpackages: libopenssl3
- Encapsulate the fips provider into a new package called
libopenssl-3-fips-provider.
- Added openssl-3-use-include-directive.patch so that the default
/etc/ssl/openssl.cnf file will include any configuration files that
other packages might place into /etc/ssl/engines3.d/ and
/etc/ssl/engdef3.d/. Also create symbolic links /etc/ssl/engines.d/
and /etc/ssl/engdef.d/ to above versioned directories.
- Updated spec file to create the two new necessary directores for
the above patch and two symbolic links to above directories.
[bsc#1194187, bsc#1207472, bsc#1218933]
- Security fix: [bsc#1218810, CVE-2023-6237]
* Limit the execution time of RSA public key check
* Add openssl-CVE-2023-6237.patch
- Rename openssl-Override-default-paths-for-the-CA-directory-tree.patch
to openssl-crypto-policies-support.patch
- Embed the FIPS hmac. Add openssl-FIPS-embed-hmac.patch
- Load the FIPS provider and set FIPS properties implicitly.
* Add openssl-Force-FIPS.patch [bsc#1217934]
- Disable the fipsinstall command-line utility.
* Add openssl-disable-fipsinstall.patch
- Add instructions to load legacy provider in openssl.cnf.
* openssl-load-legacy-provider.patch
- Disable the default provider for the test suite.
* openssl-Disable-default-provider-for-test-suite.patch
- Security fix: [bsc#1218690, CVE-2023-6129]
* POLY1305: Fix vector register clobbering on PowerPC
* Add openssl-CVE-2023-6129.patch
- Add patch to fix BTI enablement on aarch64:
* openssl-Enable-BTI-feature-for-md5-on-aarch64.patch
==== openssl ====
- New libopenssl-fips-provider package.
==== patterns-kde ====
Subpackages: patterns-kde-kde_plasma patterns-kde-kde_yast
- Make phonon4qt5-backend a hard dep of the plasma pattern
(boo#1219277)
- Avoid gstreamer if not necessary
- Change from phonon4qt5-backend-gstreamer to phonon4qt5-backend-vlc
due to deprecation of the gstreamer backend
==== python-Jinja2 ====
- Disable broken test with latest version of MarkupSafe (2.1.4)
(gh#pallets/jinja#1930, gh#pallets/markupsafe#417)
==== python-MarkupSafe ====
Version update (2.1.3 -> 2.1.4)
- update to 2.1.4:
* Don't use regular expressions for striptags, avoiding a
performance issue. :pr:`413`
==== python-pyOpenSSL ====
Version update (23.3.0 -> 24.0.0)
- update to 24.0.0:
* Added OpenSSL.SSL.Connection.get_selected_srtp_profile to
determine which SRTP profile was negotiated. #1279.
==== python-pycryptodome ====
Version update (3.19.1 -> 3.20.0)
- update to 3.20.0:
* Added support for TurboSHAKE128 and TurboSHAKE256.
* Added method Crypto.Hash.new() to generate a hash object
given a hash name.
* Added support for AES-GCM encryption of PBES2 and PKCS#8
containers.
* Added support for SHA-2 and SHA-3 algorithms in PBKDF2 when
creating PBES2 and PKCS#8 containers.
* Export of RSA keys accepts the prot_params dictionary as
parameter to control the number of iterations for PBKDF2 and
scrypt.
* C unit tests also run on non-x86 architectures.
* GH#787: Fixed autodetect logic for GCC 14 in combination with
LTO.
==== strace ====
Version update (6.6 -> 6.7)
- Update to strace 6.7
* Implemented -kk/--stack-traces=source option for libdw-based stack tracing.
* Implemented decoding of futex_wake, futex_wait, and sys_futex_requeue
syscalls.
* Updated lists of BPF_*, BTRFS_*, IORING_*, KVM_*, LANDLOCK_*, PR_*,
and TCP_* constants.
* Updated lists of ioctl commands from Linux 6.7.
* Fix strace -r during the first second after booting to show correct relative
timestamps.
* Fix strace -f entering deadlock on exit if there are tracee processes
spawned using vfork semantics.
==== xdg-utils ====
Version update (1.2.0~beta1+20230929 -> 1.2.0+20240130)
- Update to Version 1.2.0 (Lining up with the upstream release)
* all: Add xdg-realpath to better handle Canonicalizing filenames (#66)
* xdg-open: Use url.dll as url opener on wsl (#242)
* tests: Fix quoting issues in t-xdg-open.sh
* xdg-open: Added a reporting issues section to xdg-open in the hopes
that more issues will be attributed correctly
* xdg-mime: Added a secutity note on xdg-mime default to warn against confusing
openers and runners
* xdg-open: Added paragraph explaining the wiered return behaviour of xdg-open
* xdg-email: shellcheck
* xdg-mime: shellcheck
* xdg-settings: Add support for deeping-desktop browser setting in
xdg-settings.
* all: Fix config.status warning about ignored --datarootdir setting
* all: Shellchecked xdg-utils-common.in
* xdg-open: shellcheck
* xdg-mime: Create a generic implementation for KDE
* all: Move to markdown for README's
* xdg-mime: Improve Documentation around query file/default
* xdg-open: Document not handling '-' at the start of filenames
* xdg-open: Deduplicate URL recognition
* xdg-open: remove unused open_generic_xdg_file_mime
* xdg-open: use LC_ALL=C with URLs
* xdg-open: Fix URI/URL handling
* xdg-email: Remove default BROWSER logic, no longer needed
* xdg-mime: Improve synopsis
* xdg-settings: read KDE browser settings the right way around
* xdg-open: Improve WSL support
* xdg-mime: actually handle lists in mimeapps.list correctly
==== xorg-x11-server ====
Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra
- no longer (build-)require obsolete Xprint/XprintUtil
==== xterm ====
Version update (388 -> 389)
Subpackages: xterm-bin xterm-resize
- update to 389:
* interchange variables in subparameter parsing, fixing a bug
where subparameters after the first parameter could be
misidentified
* correct popping of icon/window titles in a case where only
one was pushed from patch #385 changes.
* add XTQMODKEYS response in DECRQSS, as alternative for vim.
* correct DECCIR encoded information on character set size,
handle a VT525 quirk, and add DECST8C (Windows Terminal
[#14984]).
* improve DECRQCRA (prompted by discussion with James
Holderness, Windows Terminal #14974).
* add part of VT525 color controls:
+ DECAC, to update default foreground/background, respond to
DECRQSS
+ DECATC, to respond with DECRQSS
* prevent Unicode non-characters from being printed
* modify send_SGR() to avoid modifying colors 16 to 255 in
printed output (patch by Grady Martin).
* minor cleanup of miscellaneous error-codes with ERROR_MISC.
* remove legacy CSI 53 for locator status, corrected in patch
* modify DECRQUPSS and DECAUPSS feature to support VT5xx
character sets (report by Thomas Wolff).
* improve EWMH handling (report/analysis by Edward Rosten)
+ reset _NET_WM_STATE_HIDDEN flag from _NET_WM_STATE before
mapping the window to deiconify.
+ cache X properties to reduce latency (adapted
from patch by Edward Rosten).
==== yast2 ====
Version update (5.0.4 -> 5.0.5)
Subpackages: yast2-logs
- Added s390 z/VM check to YaST::Arch (bsc#1210525).
- 5.0.5
==== yast2-installation ====
Version update (5.0.4 -> 5.0.5)
- In zVM or KVM installations the cio_ignore kernel argument will
be written only if given (bsc#1210525).
- 5.0.5
==== zenity ====
Version update (4.0.0 -> 4.0.1)
- Update to version 4.0.1
+ Changes and fixes since 4.0.0:
- Bump webkit2gtk requirement in README
- about: The licence is LGPL2.1+, not GPL
- entry: Calculate number of --entry-text's properly (#75)
- test: Add entry test in response to issue #75
- question: fix option --default-cancel
- calendar: Fix off-by-one in day
- test: Add test for --calendar
- Updated translations.
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
7zip
Mesa (23.3.3 -> 23.3.4)
Mesa-drivers (23.3.3 -> 23.3.4)
MozillaFirefox (121.0.1 -> 122.0)
aardvark-dns (1.9.0 -> 1.10.0)
btrfsprogs (6.6.2 -> 6.7)
cockpit
containerd
gcc13 (13.2.1+git8205 -> 13.2.1+git8250)
gpg2 (2.4.3 -> 2.4.4)
grub2
gstreamer-plugins-bad
inih (57 -> 58)
installation-images-MicroOS (17.111 -> 17.112)
kernel-source
lftp
libmaxminddb (1.8.0 -> 1.9.1)
libqmi
libsolv (0.7.27 -> 0.7.28)
libstorage-ng (4.5.175 -> 4.5.176)
man
mozilla-nss (3.95 -> 3.96.1)
mutter
perl-Bootloader (1.10 -> 1.11)
podman (4.8.3 -> 4.9.0)
postfix (3.8.4 -> 3.8.5)
publicsuffix (20240107 -> 20240123)
raspberrypi-firmware-dt
rootlesskit (1.1.1 -> 2.0.0)
ruby (3.2 -> 3.3)
ruby3.2
rubygem-gem2rpm
thin-provisioning-tools (1.0.9 -> 1.0.10)
tiff
transactional-update
webkit2gtk3
webkit2gtk4
yast2 (5.0.3 -> 5.0.4)
yast2-bootloader (5.0.2 -> 5.0.4)
yast2-installation (5.0.3 -> 5.0.4)
zbar
=== Details ===
==== 7zip ====
- Fix build on SLE-15-SP6
* fix-avx-sle.patch
==== Mesa ====
Version update (23.3.3 -> 23.3.4)
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- Update to bugfix release 23.3.4
- -> https://docs.mesa3d.org/relnotes/23.3.4.html
==== Mesa-drivers ====
Version update (23.3.3 -> 23.3.4)
Subpackages: Mesa-dri Mesa-gallium Mesa-libva
- Update to bugfix release 23.3.4
- -> https://docs.mesa3d.org/relnotes/23.3.4.html
==== MozillaFirefox ====
Version update (121.0.1 -> 122.0)
- Mozilla Firefox 122.0
https://www.mozilla.org/en-US/firefox/122.0/releasenotes/
MFSA 2024-01 (bsc#1218955)
* CVE-2024-0741 (bmo#1864587)
Out of bounds write in ANGLE
* CVE-2024-0742 (bmo#1867152)
Failure to update user input timestamp
* CVE-2024-0743 (bmo#1867408)
Crash in NSS TLS method
* CVE-2024-0744 (bmo#1871089)
Wild pointer dereference in JavaScript
* CVE-2024-0745 (bmo#1871838)
Stack buffer overflow in WebAudio
* CVE-2024-0746 (bmo#1660223)
Crash when listing printers on Linux
* CVE-2024-0747 (bmo#1764343)
Bypass of Content Security Policy when directive unsafe-inline was set
* CVE-2024-0748 (bmo#1783504)
Compromised content process could modify document URI
* CVE-2024-0749 (bmo#1813463)
Phishing site popup could show local origin in address bar
* CVE-2024-0750 (bmo#1863083)
Potential permissions request bypass via clickjacking
* CVE-2024-0751 (bmo#1865689)
Privilege escalation through devtools
* CVE-2024-0752 (bmo#1866840)
Use-after-free could occur when applying update on macOS
* CVE-2024-0753 (bmo#1870262)
HSTS policy on subdomain could bypass policy of upper domain
* CVE-2024-0754 (bmo#1871605)
Crash when using some WASM files in devtools
* CVE-2024-0755 (bmo#1868456, bmo#1871445, bmo#1873701)
Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7,
and Thunderbird 115.7
- requires NSS 3.96.1
- rebased patches
==== aardvark-dns ====
Version update (1.9.0 -> 1.10.0)
- Update to version 1.10.0:
* Release 1.10.0
* Release notes for 1.10.0
* chore(deps): update rust crate chrono to 0.4.32
* chore(deps): update dependency containers/automation_images to v20240102
* fix(deps): update rust crate futures-util to 0.3.30
* fix(deps): update rust crate anyhow to 1.0.79
* fix(deps): update rust crate tokio to 1.35.1
* chore(deps): update dependency containers/automation_images to v20231208
* fix(deps): update rust crate tokio to 1.35.0
* fix duplicated IP CI flake
* server: remove unused kill switch
* fix(deps): update rust crate clap to ~4.4.10
* Bump working version to v1.10.0-dev
==== btrfsprogs ====
Version update (6.6.2 -> 6.7)
Subpackages: btrfsprogs-bash-completion btrfsprogs-udev-rules libbtrfs0 libbtrfsutil1
- update to 6.7
* mkfs: make 4k sectorsize default, recommended minimum kernel for that is
6.1 and requires subpage support on architectures with page size > 4k
* subvolume create: return correct error code when a target already exists
* tree-checker: dump tree block on error (btrfs-convert, ...)
* scrub limit: fix reporting of a limit set while there's none
* fi usage: fix reporting of unallocated data or raid56 profile without root
privs due to lack of that information
* convert:
* align data block group lengths to 64K
* fix conversion of a large filesystem when there are partial inode items
present due to caching
* other:
* build fixes
* updated documentation
* new and updated tests
- update to 6.6.3
* subvol create: accept multiple arguments
* subvol delete: print the subvolume id in the output
* subvol sync: check if the filesystems is still writeable so it does not
wait indefinitely
* device delete: add a timeout and warning when deleting multiple devices
* scrub status: report limit if set in sysfs/../scrub_speed_max
* scrub limit: new command to show or set the per-device scrub limits
* scrub start: report the limit if set
* build:
* fix CPU feature detection on aarch64
* support Botan and OpenSSL (3.2+) as crypto backends
* other:
* documentation updates, RTD config update
* new and updated tests
* CI updates
==== cockpit ====
Subpackages: cockpit-bridge cockpit-packagekit cockpit-system
- suse_docs.patch: replace with suse docs and move docs with out eqiv
to docs-rh (bsc#1219088)
- hide-docs.patch: obsolete by above, removed
- Provide users/groups cockpit-wsinstance and cockpit-ws: they are
generated by cockpit-ws %pre script.
- hide-docs.patch: hide RHEL docs in shell/manifest.json
==== containerd ====
- Enable manpage generation
- Make devel package noarch
- adjust rpmlint filters
==== gcc13 ====
Version update (13.2.1+git8205 -> 13.2.1+git8250)
Subpackages: cpp13 libgcc_s1 libgfortran5 libgomp1 libobjc4 libstdc++6 libstdc++6-pp libubsan1
- Update to gcc-13 branch head, fc7d87e0ffadca49bec29b2107, git8250
* Includes fix for building TVM. [boo#1218492]
- Add cross-X-newlib-devel requires to newlib cross compilers.
[boo#1219031]
- Package m2rte.so plugin in the gcc13-m2 sub-package rather than
in gcc13-devel. [boo#1210959]
- Require libstdc++6-devel-gcc13 from gcc13-m2 as m2 programs
are linked against libstdc++6.
==== gpg2 ====
Version update (2.4.3 -> 2.4.4)
Subpackages: dirmngr
- Update to 2.4.4: [bsc#1219191]
* gpg: Do not keep an unprotected smartcard backup key on disk.
See https://gnupg.org/blog/20240125-smartcard-backup-key.html
for a security advisory. [T6944]
* gpg: Allow to specify seconds since Epoch beyond 2038 on 32-bit
platforms. [T6736]
* gpg: Fix expiration time when Creation-Date is specified. [T5252]
* gpg: Add support for Subkey-Expire-Date. [rG96b69c1866]
* gpg: Add option --with-v5-fingerprint. [T6705]
* gpg: Add sub-option ignore-attributes to --import-options.
* gpg: Add --list-filter properties sig_expires/sig_expires_d.
* gpg: Fix validity of re-imported keys. [T6399]
* gpg: Report BEGIN_ status before examining the input. [T6481]
* gpg: Don't try to compress a read-only keybox. [T6811]
* gpg: Choose key from inserted card over a non-inserted card. [T6831]
* gpg: Allow to create revocations even with non-compliant algos. [T6929]
* gpg: Fix regression in the Revoker keyword of the parameter file. [T6923]
* gpg: Improve error message for expired default keys. [T4704]
* gpgsm: Add --always-trust feature. [T6559]
* gpgsm: Support ECC certificates in de-vs mode. [T6802]
* gpgsm: Major rewrite of the PKCS#12 parser. [T6536]
* gpgsm: No not show the pkcs#12 passphrase in debug output. [T6654]
* keyboxd: Timeout on failure to get the database lock. [T6838]
* agent: Update the key stubs only if really modified. [T6829]
* scd: Add support for certain Starcos 3.2 cards. [rG5304c9b080]
* scd: Add support for CardOS 5.4 cards. [rG812f988059]
* scd: Add support for D-Trust 4.1/4.4 cards. [rG0b85a9ac09]
* scd: Add support for Smartcafe Expert 7.0 cards. [T6919]
* scd: Add a length check for a new PIN. [T6843]
* tpm: Fix keytotpm handling in the agent. [rG9909f622f6]
* tpm: Fixes for the TPM test suite. [T6052]
* dirmngr: New option --ignore-crl-extensions. [T6545]
* dirmngr: Support config value "none" to disable the default
keyserver. [T6708]
* dirmngr: Fix handling of the HTTP Content-Length. [rGa5e33618f4]
* gpgconf: Add commands --lock and --unlock. [rG93b5ba38dc]
* gpgconf: Add keyword socketdir to gpgconf.ctl. [rG239c1fdc28]
* gpgconf: Adjust the -X command for the new VERSION file format. [T6918]
* wkd: Use export-clean for gpg-wks-client's --mirror and --create
commands. [rG2c7f7a5a278c]
* wkd: Make --add-revocs the default in gpg-wks-client. New option
- -no-add-revocs. [rG10c937ee68]
* Remove duplicated backslashes when setting the homedir. [T6833]
* Ignore attempts to remove the /dev/null device. [T6556]
* Improve advisory file lock retry strategy. [T3380]
* Release-info: https://dev.gnupg.org/T6578
* Remove patch upstream:
- gnupg-Report-BEGIN_-status-before-examining-the-input.patch
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin
- Reinstate the verification for a non-zero total entry count to skip unmapped
data blocks (bsc#1218864)
* 0001-fs-xfs-always-verify-the-total-number-of-entries-is-.patch
- Removed temporary fix as reverting it will cause a different XFS parser bug
* 0001-Revert-fs-xfs-Fix-XFS-directory-extent-parsing.patch
==== gstreamer-plugins-bad ====
Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0
- Disable zxing in Leap15
* Leap 15 can not provide zxing >= 1.4.0, zxing is inherited from
SLE15 but SLE15 do provide zxing version 1.2.0 only, Factory do
have zxing-cpp 2.0.0 however it's not an API compatible version.
==== inih ====
Version update (57 -> 58)
- Update to version 58
* Add ini_ prefix even to static names so inih can be used as an
[#]include.
==== installation-images-MicroOS ====
Version update (17.111 -> 17.112)
- merge gh#openSUSE/installation-images#686
- Remove more binaries appearing with Ruby 3.3
- 17.112
==== kernel-source ====
- rpm/constraints.in: add static multibuild packages
Commit 841012b049a5 (rpm/mkspec: use kernel-source: prefix for
constraints on multibuild) added "kernel-source:" prefix to the
dynamically generated kernels. But there are also static ones like
kernel-docs. Those fail to build as the constraints are still not
applied.
So add the prefix also to the static ones.
Note kernel-docs-rt is given kernel-source-rt prefix. I am not sure it
will ever be multibuilt...
- commit c2e0681
- Revert "Limit kernel-source build to architectures for which the kernel binary"
This reverts commit 08a9e44c00758b5f3f3b641830ab6affff041132.
The fix for bsc#1108281 directly causes bsc#1218768, revert.
- commit 2943b8a
- mkspec: Include constraints for both multibuild and plain package always
There is no need to check for multibuild flag, the constraints can be
always generated for both cases.
- commit 308ea09
- rpm/mkspec: use kernel-source: prefix for constraints on multibuild
Otherwise the constraints are not applied with multibuild enabled.
- commit 841012b
- rpm/kernel-source.rpmlintrc: add action-ebpf
Upstream commit a79d8ba734bd (selftests: tc-testing: remove buildebpf
plugin) added this precompiled binary blob. Adapt rpmlintrc for
kernel-source.
- commit b5ccb33
- scripts/tar-up.sh: don't add spurious entry from kernel-sources.changes.old
The previous change added the manual entry from kernel-sources.change.old
to old_changelog.txt unnecessarily. Let's fix it.
- commit fb033e8
- rpm/kernel-docs.spec.in: fix build with 6.8
Since upstream commit f061c9f7d058 (Documentation: Document each netlink
family), the build needs python yaml.
- commit 6a7ece3
- futex: Prevent the reuse of stale pi_state (bsc#1218841).
Update upstream status (Queued in subsystem maintainer repository).
- commit a3ee207
- Refresh
patches.rpmify/media-solo6x10-replace-max-a-min-b-c-by-clamp-b-a-c.patch.
Update usptream status.
- commit 589bdfa
- Update config files, enable CONFIG_IMA_DISABLE_HTABLE in all archs for
Tumbleweed as SLE15-SP6 kernel does (bsc#1218400).
- commit 020caa6
==== lftp ====
- Apply "0001-lftp_ssl-deinitialize-the-lftp_ssl_openssl_instance.patch"
to fix a crash that ocurred when lftp is run on s390x with an IBM
crypto card installed. The issue has been reported to upstream at
https://github.com/lavv17/lftp/issues/716. [bsc#1213984]
==== libmaxminddb ====
Version update (1.8.0 -> 1.9.1)
- libmaxminddb 1.9.1:
* On very large databases, the calculation to determine the search
tree size could overflow. This was fixed and several additional
guards against overflows were added
* build system tweaks
==== libqmi ====
Subpackages: libqmi-glib5 libqmi-tools
- Add patch:
* 0001-message-fix-16bit-service-on-big-endian.patch
- Fixes 16-bit service indications on big endian architectures.
Cherry-picked from upstream qmi-1-34 branch
==== libsolv ====
Version update (0.7.27 -> 0.7.28)
Subpackages: libsolv-tools ruby-solv
- build for multiple python versions [jsc#PED-6218]
- bump version to 0.7.28
==== libstorage-ng ====
Version update (4.5.175 -> 4.5.176)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- Translated using Weblate (Swedish) (bsc#1149754)
- 4.5.176
==== man ====
- Skip posttrans dependency on systemd to support container without
systemd (boo#1215538)
- Use %(trans)filetriggerin and %(trans)filetriggerpostun to get
an uptodate man database for installed manual pages
==== mozilla-nss ====
Version update (3.95 -> 3.96.1)
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs
- update to NSS 3.96.1
* bmo#1869408 - Use pypi dependencies for MacOS worker in ./build_gyp.sh
* bmo#1830978 - p7sign: add -a hash and -u certusage (also p7verify cleanups)
* bmo#1867408 - add a defensive check for large ssl_DefSend return values
* bmo#1869378 - Add dependency to the taskcluster script for Darwin
* bmo#1869378 - Upgrade version of the MacOS worker for the CI
==== mutter ====
- Rebase mutter-disable-cvt-s390x.patch for mutter 45.x.
==== perl-Bootloader ====
Version update (1.10 -> 1.11)
- merge gh#openSUSE/perl-bootloader#162
- handle script exit codes properly (bsc#1218847)
- 1.11
==== podman ====
Version update (4.8.3 -> 4.9.0)
- Update to version 4.9.0:
* Bump to v4.9.0
* Fix a small grammar error in RELEASE_NOTES.md
* Fix push endpoint stream
* Finalized release notes for v4.9.0
* farm build: push built images to registry
* Move the --farm flag to farm build command
* Clean up farm-build miscommit
* [CI:DOCS] Add podman farm build doc
* Add release notes for v4.9.0
* gvproxy: Update to 0.7.2 release
* [v4.9] Bump Buildah to v1.33.3, c/common to v0.57.2, c/image to v5.29.1
* Add a net health recovery service to Qemu machines
* Set up podman machine remote user correctly
* Remove Libpod special-init conditions
* Fix `podman system reset` with external containers
* [v4.8] podman kube play: fix broken annotation parsing
* feat: disable pid max in the podman machine
* systests: cp: add wait_for_ready
* System tests: fixes for RHEL8 gating failures
* Add API forwarding support for HyperV
* bump to v4.8.4-dev
==== postfix ====
Version update (3.8.4 -> 3.8.5)
- update to 3.8.5
* Security: this release improves support to defend against an email
spoofing attack (SMTP smuggling) on recipients at a Postfix server.
For background, see https://www.postfix.org/smtp-smuggling.html.
==== publicsuffix ====
Version update (20240107 -> 20240123)
- Update to version 20240123:
* util: gTLD data autopull updates for 2024-01-23T15:14:10 UTC (#1921)
==== raspberrypi-firmware-dt ====
- Extend "ARM: dts: bcm27xx: Use better name for spidev" patch coverage.
Change compatible "spidev" to "rohm,dh2228fv" in overlay files too.
Fixes bsc#1219094.
==== rootlesskit ====
Version update (1.1.1 -> 2.0.0)
- Update to version 2.0.0:
* v2.0.0
* v2.0.0-beta.0+dev
* v2.0.0-beta.0
* CI: update Docker to v24.0.7
* CI: update pasta (2023_12_30.f091893)
* Write `$ROOTLESSKIT_STATE_DIR/resolv.conf`
* Build(deps): Bump golang.org/x/sys from 0.15.0 to 0.16.0
* fix typo
* Build(deps): Bump github.com/urfave/cli/v2 from 2.26.0 to 2.27.1
* Build(deps): Bump github.com/google/uuid from 1.4.0 to 1.5.0
* Build(deps): Bump github.com/containernetworking/plugins
* Build(deps): Bump github.com/urfave/cli/v2 from 2.25.7 to 2.26.0
* v2.0.0-alpha.2+dev
* v2.0.0-alpha.2
* CI: update pasta (2023_12_04.b86afe3)
* pasta: add debug logs
* Build(deps): Bump golang.org/x/sys from 0.14.0 to 0.15.0
* Build(deps): Bump github.com/moby/sys/mountinfo from 0.6.2 to 0.7.1
* Build(deps): Bump github.com/gorilla/mux from 1.8.0 to 1.8.1
* Build(deps): Bump golang.org/x/sys from 0.13.0 to 0.14.0
* Build(deps): Bump github.com/google/uuid from 1.3.1 to 1.4.0
* Build(deps): Bump golang.org/x/net from 0.10.0 to 0.17.0
* v2.0.0-alpha.1+dev
* v2.0.0-alpha.1
* release.yaml: migrate from `hub` to `gh`
* Build(deps): Bump golang.org/x/sys from 0.12.0 to 0.13.0
* Build(deps): Bump gotest.tools/v3 from 3.5.0 to 3.5.1
* Build(deps): Bump golang.org/x/sys from 0.11.0 to 0.12.0
* Build(deps): Bump github.com/google/uuid from 1.3.0 to 1.3.1
* lxc-user-nic: support detach-netns
* Build(deps): Bump golang.org/x/sys from 0.10.0 to 0.11.0
* Build(deps): Bump golang.org/x/sys from 0.9.0 to 0.10.0
* Build(deps): Bump gotest.tools/v3 from 3.4.0 to 3.5.0
* v2.0.0-alpha.0+dev
* v2.0.0-alpha.0; add --print-semver=(major|minor|patch)
* new network driver: `pasta` (with port driver `implicit`)
* [Carry 362] support detach-netns
* pkg/port: ChildContext: remove unused PID field
* cmd/rootlesskit: format logs
* Refactor parent-child communication (Add message union)
* Refactor parent-child communication (Remove "stages")
* pkg/api: split pkg/httputil
* Build(deps): Bump github.com/urfave/cli/v2 from 2.25.6 to 2.25.7
* Build(deps): Bump golang.org/x/sys from 0.8.0 to 0.9.0
* Build(deps): Bump github.com/urfave/cli/v2 from 2.25.5 to 2.25.6
* Build(deps): Bump github.com/sirupsen/logrus from 1.9.2 to 1.9.3
* v1.1.1+dev
==== ruby ====
Version update (3.2 -> 3.3)
- switch the default ruby to 3.3
==== ruby3.2 ====
Subpackages: libruby3_2-3_2
- Omit test_session_reuse_but_expire if OpenSSL 3.2.0
Add Omit-test_session_reuse_but_expire-if-OpenSSL-3.2.0.patch
==== rubygem-gem2rpm ====
- Update the ruby ABI version in the 3.3.0 paths to the final
string.
- enable building for ruby 3.3
==== thin-provisioning-tools ====
Version update (1.0.9 -> 1.0.10)
- Update to version 1.0.10:
* Bump version to 1.0.10
* [build] Update dependencies
* [all] Fix clippy lints and typos
* [space_map] Allow non-zero values in unused index block entries
* [thin_repair] Fix child keys checking on the node with a zero key
* [thin_check] Tweak the logs to avoid confusion with node errors
* [thin_check] Support overriding the details tree root
* [tests] Update expected help text for _pack and _unpack
* [all] Fix clippy lints on optional targets
* [build] Simplify the pre-commit hooks by checking all the targets at once
* [thin_metadata_unpack] Allow long format for input and output
* [space map] Fix incorrect index_entry.nr_free while expansion
* thin_metadata_pack: Allow long format for input and output
==== tiff ====
- security update:
* CVE-2023-52356 [bsc#1219213]
Fix segfault in TIFFReadRGBATileExt()
+ tiff-CVE-2023-52356.patch
==== transactional-update ====
Subpackages: dracut-transactional-update libtukit4 transactional-update-zypp-config tukit
- Use "up" instead of "dup" by default on ALP [bsc#1218861]
==== webkit2gtk3 ====
Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles
- Add webkit2gtk3-CVE-2024-23222.patch: fix a type confusion issue
(bsc#1219113 CVE-2024-23222).
==== webkit2gtk4 ====
Subpackages: libjavascriptcoregtk6_0-1 libwebkitgtk6_0-4 webkitgtk-6_0-injected-bundles
- Add webkit2gtk3-CVE-2024-23222.patch: fix a type confusion issue
(bsc#1219113 CVE-2024-23222).
==== yast2 ====
Version update (5.0.3 -> 5.0.4)
Subpackages: yast2-logs
- Reading Kernel Params: Use kernel cmdline when install.inf is not
available (bsc#1216408)
- 5.0.4
==== yast2-bootloader ====
Version update (5.0.2 -> 5.0.4)
- Persist s390 cio_ignore kernel argument always when given
(bsc#1210525).
- 5.0.4
- Do not try finding undefined bootloader name to avoid error
in logs (bsc#1218700)
- 5.0.3
==== yast2-installation ====
Version update (5.0.3 -> 5.0.4)
- Keep cio_ignore kernel argument when present in the parmfile or
use the cio_ignore -k output if not and write it always even
in zVM and KVM (bsc#1210525).
- 5.0.4
==== zbar ====
- Fix building for Leap
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
Mesa (23.2.1 -> 23.3.3)
Mesa-drivers (23.2.1 -> 23.3.3)
abseil-cpp
coreutils
coreutils-systemd
cronie
dracut (059+suse.533.g5a7cf9fa -> 059+suse.538.ge7a5cff9)
ed (1.19 -> 1.20)
gdm
gnome-shell
grub2
gvisor-tap-vsock (0.7.0 -> 0.7.2)
ibus
installation-images-MicroOS (17.110 -> 17.111)
kdump (2.0.0 -> 2.0.1)
kernel-firmware (20240102 -> 20240115)
kernel-source (6.6.11 -> 6.7.1)
libeconf (0.6.0 -> 0.6.1)
libidn (1.41 -> 1.42)
libmspack
libnvme (1.6+5.g68c6ffb -> 1.7.1+0.g13ba383)
libplacebo (6.338.1 -> 6.338.2)
libstorage-ng (4.5.174 -> 4.5.175)
ncurses (6.4.20240113 -> 6.4.20240120)
nvme-cli (2.6 -> 2.7.1)
pam (1.5.3 -> 1.6.0)
pam-full-src (1.5.3 -> 1.6.0)
pipewire
python-SQLAlchemy (2.0.24 -> 2.0.25)
python-Twisted
python-anyio (3.7.1 -> 4.2.0)
python-gevent
python-service_identity (23.1.0 -> 24.1.0)
qca-qt5 (2.3.7+git12 -> 2.3.8+git1)
qpdf (11.7.0 -> 11.8.0)
rpm-config-SUSE (20230712 -> 20240118)
sdbootutil (1+git20231221.42797ab -> 1+git20240122.c0d8f76)
shaderc (2023.7 -> 2023.8)
sssd (2.9.3 -> 2.9.4)
systemd
tevent (0.15.0 -> 0.16.0)
tpm2-0-tss
util-linux
util-linux-systemd
vulkan-loader (1.3.268.0 -> 1.3.275.0)
vulkan-tools (1.3.268.0 -> 1.3.275.0)
yast2-pkg-bindings (5.0.2 -> 5.0.4)
zbar (0.23.90 -> 0.23.93)
zchunk (1.3.2 -> 1.4.0)
=== Details ===
==== Mesa ====
Version update (23.2.1 -> 23.3.3)
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- split python36-buildfix.patch into two patches python36-buildfix1.patch
and python36-buildfix2.patch; apply the latter only on sle15-sp6/Leap 15.6
since on newer python releases than 3.6 it changes behaviour to
remove required=True option
- python36-buildfix.patch
* src/freedreno/registers/gen_header.py: hopefully fixes aarch64
build
- u_0001-intel-genxml-Drop-from-__future__-import-annotations.patch
u_0002-intel-genxml-Add-a-untyped-OrderedDict-fallback-for-.patch
python36-buildfix.patch
* fixes build against python 3.6
- let Mesa-dri require libvulkan1 to get zink/swrast driver
fallbacks working (hopefully); probably related:
https://gitlab.freedesktop.org/mesa/mesa/-/commit/2a71f06f2938678d89d5ed137…
- Update to bugfix release 23.3.3
- -> https://docs.mesa3d.org/relnotes/23.3.3.html
- Update to bugfix release 23.3.2
- -> https://docs.mesa3d.org/relnotes/23.3.2.html
- Update to version 23.3.0:
* It includes NVK, a new reverse-engineered Vulkan driver for
Nvidia hardware. This driver is still in experimental phase,
not quite ready for prime time yet, but adventurous users can
give it a go!
* New extensions & features (in no particular order):
- VK_EXT_pipeline_robustness on ANV
- VK_KHR_maintenance5 on RADV
- OpenGL ES 3.1 on Asahi
- GL_ARB_compute_shader on Asahi
- GL_ARB_shader_atomic_counters on Asahi
- GL_ARB_shader_image_load_store on Asahi
- GL_ARB_shader_image_size on Asahi
- GL_ARB_shader_storage_buffer_object on Asahi
- GL_ARB_sample_shading on Asahi
- GL_OES_sample_variables on Asahi
- GL_OES_shader_multisample_interpolation on Asahi
- GL_OES_gpu_shader5 on Asahi
- EGL_ANDROID_blob_cache works when disk caching is disabled
- VK_KHR_cooperative_matrix on RADV/GFX11+
- Drop patches fixed upstream:
* U_clover-llvm-move-to-modern-pass-manager.patch
* U_radeonsi-prefix-function-with-si_-to-prevent-name-co.patch
- Refresh patches with quilt.
- Use %patch -p N instead of deprecated %patchN.
==== Mesa-drivers ====
Version update (23.2.1 -> 23.3.3)
Subpackages: Mesa-dri Mesa-gallium Mesa-libva
- split python36-buildfix.patch into two patches python36-buildfix1.patch
and python36-buildfix2.patch; apply the latter only on sle15-sp6/Leap 15.6
since on newer python releases than 3.6 it changes behaviour to
remove required=True option
- python36-buildfix.patch
* src/freedreno/registers/gen_header.py: hopefully fixes aarch64
build
- u_0001-intel-genxml-Drop-from-__future__-import-annotations.patch
u_0002-intel-genxml-Add-a-untyped-OrderedDict-fallback-for-.patch
python36-buildfix.patch
* fixes build against python 3.6
- let Mesa-dri require libvulkan1 to get zink/swrast driver
fallbacks working (hopefully); probably related:
https://gitlab.freedesktop.org/mesa/mesa/-/commit/2a71f06f2938678d89d5ed137…
- Update to bugfix release 23.3.3
- -> https://docs.mesa3d.org/relnotes/23.3.3.html
- Update to bugfix release 23.3.2
- -> https://docs.mesa3d.org/relnotes/23.3.2.html
- Update to version 23.3.0:
* It includes NVK, a new reverse-engineered Vulkan driver for
Nvidia hardware. This driver is still in experimental phase,
not quite ready for prime time yet, but adventurous users can
give it a go!
* New extensions & features (in no particular order):
- VK_EXT_pipeline_robustness on ANV
- VK_KHR_maintenance5 on RADV
- OpenGL ES 3.1 on Asahi
- GL_ARB_compute_shader on Asahi
- GL_ARB_shader_atomic_counters on Asahi
- GL_ARB_shader_image_load_store on Asahi
- GL_ARB_shader_image_size on Asahi
- GL_ARB_shader_storage_buffer_object on Asahi
- GL_ARB_sample_shading on Asahi
- GL_OES_sample_variables on Asahi
- GL_OES_shader_multisample_interpolation on Asahi
- GL_OES_gpu_shader5 on Asahi
- EGL_ANDROID_blob_cache works when disk caching is disabled
- VK_KHR_cooperative_matrix on RADV/GFX11+
- Drop patches fixed upstream:
* U_clover-llvm-move-to-modern-pass-manager.patch
* U_radeonsi-prefix-function-with-si_-to-prevent-name-co.patch
- Refresh patches with quilt.
- Use %patch -p N instead of deprecated %patchN.
==== abseil-cpp ====
- fix build for non-SUSE distributions
==== coreutils ====
Subpackages: coreutils-doc
- coreutils-9.4.split-CVE-2024-0684.patch: Add upstream patch:
split: do not shrink hold buffer. (CVE-2024-0684)
- coreutils-i18n.patch: Update from Fedora to fix build on i686 on GCC14.
==== coreutils-systemd ====
- coreutils-9.4.split-CVE-2024-0684.patch: Add upstream patch:
split: do not shrink hold buffer. (CVE-2024-0684)
- coreutils-i18n.patch: Update from Fedora to fix build on i686 on GCC14.
==== cronie ====
Subpackages: cron
- Update to 1.7.1:
* crond: Wait on finishing the job with -n option to check
the exit status
* crond: Do not set the return path to <> if non-default MAILFROM is set
* /etc/sysconfig/crond and /etc/default/anacron files are optional
- Remove test-for-etc-default-anacron.patch
- Set safe permissions for crontab backups. Add
* safe-backup-permissions.patch
- Fix anacron not working when /etc/default/anacron does not exist,
fixes bsc#1218377
* test-for-etc-default-anacron.patch
==== dracut ====
Version update (059+suse.533.g5a7cf9fa -> 059+suse.538.ge7a5cff9)
Subpackages: dracut-ima
- Update to version 059+suse.538.ge7a5cff9:
* fix(livenet): split `imgsize` calculation to avoid misleading error message
* fix(livenet): check also `content-length` from live image header
* fix(livenet): propagate error code
* fix(dracut): correct regression with multiple `rd.break=` options
==== ed ====
Version update (1.19 -> 1.20)
- update to 1.20:
* New command-line options for jumping to a line number or match
* Improved handling of file names containing control characters
* Tweak workflow for fewer 'buffer modified' warnings
* Tilde expansion is now performed on file names
* Warn on modifying a buffer from a read-only file
* Create missing intermediate directories when writing to a file
* Documentation updates
- drop obsolete makeinfo marcos
==== gdm ====
Subpackages: gdm-schema gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0
- Make Patch0 only applies on s390 and s390x.
==== gnome-shell ====
Subpackages: gnome-extensions gnome-shell-calendar
- Adapt to version 45.3(bsc#1216072):
+ Rebase gnome-shell-domain.patch
+ Rebase gnome-shell-fate324570-Make-GDM-background-image-configurable.patch
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin
- allow to boot memtest86 if stored in /usr/lib/memtest86+
* SR#1071109 can then work
==== gvisor-tap-vsock ====
Version update (0.7.0 -> 0.7.2)
- Update to version 0.7.2:
* Add --log-file to gvproxy
* ssh: Recreate connection on retries in setupProxy
* build(deps): bump golang.org/x/sync from 0.5.0 to 0.6.0
* build(deps): bump golang.org/x/crypto from 0.17.0 to 0.18.0
* ghactions: add Go 1.22rc1
* go.mod: gvisor.dev/gvisor v0.0.0-20231023213702-2691a8f9b1cf
* ssh: Add when to setupProxy
* ssh: Introduce 'retry' helper
* [CI:BUILD] packit: simplify config after F37 EOL
* version: Add versioning for github tarballs
* version: Add moduleVersionFromBuildInfo
* cmd/*: Add -version flag to executables
* build(deps): bump golang.org/x/crypto from 0.15.0 to 0.17.0
* build: Use ldflags in win-{gvproxy,sshproxy} targets
* build(deps): bump github.com/coreos/stream-metadata-go
* build(deps): bump github.com/miekg/dns from 1.1.56 to 1.1.57
* build(deps): bump github.com/onsi/gomega from 1.28.0 to 1.30.0
* build(deps): bump golang.org/x/sync from 0.4.0 to 0.5.0
* build(deps): bump golang.org/x/crypto from 0.14.0 to 0.15.0
* lint: Stop using dot imports
* tools: Update golangci-lint to latest version
* transport: Support passing CID for linux vsock
* Packit: enable f39 downstream tasks
* build(deps): bump golang.org/x/net from 0.15.0 to 0.17.0
* build(deps): bump golang.org/x/sync from 0.3.0 to 0.4.0
* build(deps): bump golang.org/x/crypto from 0.13.0 to 0.14.0
* build(deps): bump github.com/onsi/gomega from 1.27.10 to 1.28.0
* Packit: add ppc64le and s390x targets for podman-next copr
* build(deps): bump github.com/miekg/dns from 1.1.55 to 1.1.56
* Add graceful shutdown support for gvproxy on Win
* ghactions: Add comment explaining why we stay on ubuntu-20.04
* ghactions: Use macos-latest instead of macos-11
* ghactions: Use `make win-sshproxy`
* ghactions: build: Add win-gvproxy and win-sshproxy
* Packit: enable f39 targets
* rpm: correctly obsolete older rpm builds
* rpm: gvforwarder subpackage
* Packit: reuse copr targets for podman-next
* Rename Command type to GvproxyCommand
* Fixes the generated commandline for the Command type
* README: More vfkit updates
* build(deps): bump golang.org/x/crypto from 0.12.0 to 0.13.0
* build: Add freebsd build to make cross
* transport: Refactor 'Listen' code
* transport: Only build unixgram on darwin
* build: Use golangci-lint from tools/
* tools: go.mod: Switch to golang 1.20
* tools: Rename go module
* build: Remove -arm64/-amd64 darwin binaries after makefat
* build: Build arm64 linux binary
* ghactions: Build on ubuntu 20.04
* Fix golangci-lint errors
* build(deps): bump golang.org/x/crypto from 0.11.0 to 0.12.0
* Add `Command` type
* packit: Build PRs into default packit COPRs
* build(deps): bump golang.org/x/sys from 0.10.0 to 0.11.0
* gvproxy: add docker.internal dns entries
* Packit: switch to rpm/gvisor-tap-vsock.spec
* README.md: Replace hyperkit with vfkit
* README.md: Fix QEMU spelling
==== ibus ====
Subpackages: libibus-1_0-5 typelib-1_0-IBus-1_0
- Use %_libexecdir as the basis of %_ibus_libexecdir (bsc#1174075)
==== installation-images-MicroOS ====
Version update (17.110 -> 17.111)
- merge gh#openSUSE/installation-images#687
- use kernel-firmware-all instead of kernel-firmware (bsc#1214789)
- 17.111
==== kdump ====
Version update (2.0.0 -> 2.0.1)
- upgrade to version 2.0.1
* load.sh: fix fadump (bsc#1218589)
==== kernel-firmware ====
Version update (20240102 -> 20240115)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Update to version 20240115 (git commit efeb548d2a2b):
* Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX101
* Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX203
* Intel Bluetooth: Update firmware file for SolarF Intel Bluetooth AX203
* Intel Bluetooth: Update firmware file for SolarF Intel Bluetooth AX211
* Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX211
* amdgpu: DMCUB updates for DCN314
* cirrus: Add firmware file for cs42l43
* amdgpu: DMCUB updates for DCN312
- Update to version 20240111 (git commit b3132c18d0be):
* qcom: Update the firmware for Adreno a630 family of GPUs
* cirrus: Add CS35L41 firmware for Legion Slim 7 Gen 8 laptops
* linux-firmware: Add firmware for Cirrus CS35L41 for various Dell laptops
- Update to version 20240110 (git commit 31db82d69905):
* linux-firmware: update firmware for qat_4xxx devices
* linux-firmware: update firmware for w1u_uart
* amdgpu: DMCUB updates for DCN314
* Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX211
* Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX101
* Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX203
* Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX210
- Update to version 20240105 (git commit 5a6ae745d8a4):
* amlogic/bluetooth: add firmware bin of W1 serial soc(w1u_uart)
- Drop superfluous Provides from uncompressed kernel-firmware package
that may confuse dependencies (bsc#1218307)
- Minor adjustment and updates of scripts / templates
==== kernel-source ====
Version update (6.6.11 -> 6.7.1)
- Linux 6.7.1 (bsc#1012628).
- mm/memory_hotplug: fix memmap_on_memory sysfs value retrieval
(bsc#1012628).
- docs: kernel_feat.py: fix potential command injection
(bsc#1012628).
- scripts/decode_stacktrace.sh: optionally use LLVM utilities
(bsc#1012628).
- coresight: etm4x: Fix width of CCITMIN field (bsc#1012628).
- PCI: Add ACS quirk for more Zhaoxin Root Ports (bsc#1012628).
- leds: ledtrig-tty: Free allocated ttyname buffer on deactivate
(bsc#1012628).
- parport: parport_serial: Add Brainboxes device IDs and geometry
(bsc#1012628).
- parport: parport_serial: Add Brainboxes BAR details
(bsc#1012628).
- uio: Fix use-after-free in uio_open (bsc#1012628).
- binder: fix comment on binder_alloc_new_buf() return value
(bsc#1012628).
- binder: fix trivial typo of binder_free_buf_locked()
(bsc#1012628).
- binder: fix use-after-free in shinker's callback (bsc#1012628).
- binder: use EPOLLERR from eventpoll.h (bsc#1012628).
- Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"
(bsc#1012628).
- ksmbd: free ppace array on error in parse_dacl (bsc#1012628).
- ksmbd: don't allow O_TRUNC open on read-only share
(bsc#1012628).
- drm/amd/display: Pass pwrseq inst for backlight and ABM
(bsc#1012628).
- bus: moxtet: Add spi device table (bsc#1012628).
- bus: moxtet: Mark the irq as shared (bsc#1012628).
- ACPI: resource: Add another DMI match for the TongFang GMxXGxx
(bsc#1012628).
- ALSA: hda: cs35l41: Support more HP models without _DSD
(bsc#1012628).
- ALSA: hda/realtek: Fix mute and mic-mute LEDs for HP Envy X360
13-ay0xxx (bsc#1012628).
- ALSA: hda/realtek: enable SND_PCI_QUIRK for Lenovo Legion Slim
7 Gen 8 (2023) serie (bsc#1012628).
- ALSA: hda: Add driver properties for cs35l41 for Lenovo Legion
Slim 7 Gen 8 serie (bsc#1012628).
- ALSA: hda: cs35l41: Prevent firmware load if SPI speed too low
(bsc#1012628).
- ALSA: hda: cs35l41: Support additional Dell models without _DSD
(bsc#1012628).
- ALSA: hda/realtek: Add quirks for Dell models (bsc#1012628).
- f2fs: explicitly null-terminate the xattr list (bsc#1012628).
- commit b2e8ed6
- media: solo6x10: replace max(a, min(b, c)) by clamp(b, a, c)
(fix build and make it faster).
- Delete
patches.rpmify/Revert-minmax-allow-comparisons-of-int-against-unsig.patch.
- Delete
patches.rpmify/Revert-minmax-allow-min-max-clamp-if-the-arguments-h.patch.
- Delete
patches.rpmify/Revert-minmax-fix-indentation-of-__cmp_once-and-__cl.patch.
- Delete
patches.rpmify/Revert-minmax-relax-check-to-allow-comparison-betwee.patch.
Replace the reverts by an upstream workaround.
- commit 9bff21f
- mm: huge_memory: don't force huge page alignment on 32 bit
(bsc#1218841).
- Delete
patches.suse/Revert-mm-align-larger-anonymous-mappings-on-THP-bou.patch.
Replace the revert by an upstream fix.
- commit d54abef
- Update patches.suse/futex-Avoid-reusing-outdated-pi_state.patch
(bsc#1218801).
Update to v2.
- commit eeba83a
- Revert "mm: align larger anonymous mappings on THP boundaries"
(bsc#1218841).
- commit 69537e9
- futex: Avoid reusing outdated pi_state (bsc#1218841).
- commit 9859079
==== libeconf ====
Version update (0.6.0 -> 0.6.1)
- Update to version 0.6.1:
* reading lines which have a length greater than BUFSIZE (#195)
* Improved data quote check in read_file (#193)
==== libidn ====
Version update (1.41 -> 1.42)
- update to 1.42:
* build system tweaks
* Updated translations and gnulib
* fixes for other platforms
==== libmspack ====
- The following bugs and CVEs are not affecting TW:
* CVE-2018-18584
* CVE-2018-18585
* CVE-2018-18586
* CVE-2019-1010305
* bsc#1113038
* bsc#1113039
* bsc#1113040
* bsc#1130489
* bsc#1141680
==== libnvme ====
Version update (1.6+5.g68c6ffb -> 1.7.1+0.g13ba383)
Subpackages: libnvme-mi1 libnvme1
- Update to version 1.7.1+0.g13ba383:
* tree: do no free ns on error in nvme_ns_init
- Update to version 1.7+0.gf38b1d7:
* tree: do not open blk device on default
* tree: read all attributes from sysfs when available
* ioctl: set data length when retrieving LBA status
* types: fix regression for vendor-specific field in nvme_id_ns
* util: use cleanup functions
* linux: use cleanup functions
* json: use cleanup functions
* fabrics: use cleanup functions
* tree: use cleanup functions
* cleanup: add cleanup functions
* tree: fix incorrect return value
* tree: Fix clearing application strings
* libnvme: reshuffle nvme_generate_tls_key_identity()
* libnvme: fixup error codes
* libnvme: Implement 'nvme_generate_tls_key_identity()'
* libnvme: support NVMe TLS identities version 1
* libnvme: Add base64 functions
* libnvme: separate out 'gen_tls_identity' and reshuffle 'derive_nvme_keys'
* libnvme: separate out a function 'select_hmac'
* libnvme: fix a memory leak when calling read_ssns()
* libnvme: fix a memory leak in read_discovery()
* fabrics: avoid redundant args in nvme_discovery_log()
* fabrics: have nvmf_get_discovery_log() call nvmf_get_discovery_wargs()
* fabrics: fetch smaller Discovery Log Page header
* fabrics: avoid redundant Get Log Page on retry
* fabrics: clear RAE for discovery log page commands
* json-schema: add keyring and tls_key details
* types: add Host Behavior Support field definitions
* mi: Cast values to u32 if shift overflows int
* types: Cast values to u32 if shift overflows int
* test: Avoid unaligned pointer dereferences
* nbft: Avoid unaligned pointer dereferences
* types: add cross-namespace copy formats, status codes, ONCS bits
* nvme: Add length field to Hkdf-Expand-Label computation
* ioctl: use lsp arg in nvme_get_log_boot_partition
* fabrics: use SECTYPE to determine whether to use TLS
* fabrics: Allocate aligned payloads for id_ctrl and discovery log calls
* linux: Allocate aligned payloads for id_ctrl and id_ns calls
* ioctl: MSB variable-size storage/reference tags
==== libplacebo ====
Version update (6.338.1 -> 6.338.2)
- Update libplacebo to version 6.338.2. See details in:
https://code.videolan.org/videolan/libplacebo/-/tags/v6.338.2
==== libstorage-ng ====
Version update (4.5.174 -> 4.5.175)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- Translated using Weblate (Indonesian) (bsc#1149754)
- 4.5.175
==== ncurses ====
Version update (6.4.20240113 -> 6.4.20240120)
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen
- Add ncurses patch 20240120
+ improve formatting/style of manpages (patches by Branden Robinson).
+ amend discussion of aliases in tput.1
+ use ansi+sgrbold, ansi+sgrdim, ansi+sgrso, ansi+sgrul, ansi+tabs
ecma+color, ecma+sgr, vt100+4bsd, vt100+pfkeys, vt220+pcedit
xterm+256color, xterm+acs, xterm+nopcfkeys, xterm+pcf2 to trim -TD
+ modify configure scripts/makefiles to omit KEY_RESIZE if the
corresponding SIGWINCH feature is disabled.
==== nvme-cli ====
Version update (2.6 -> 2.7.1)
Subpackages: nvme-cli-bash-completion
- Update to version 2.7.1:
* nvme-print-json: Revert field name changes (bsc#1218306)
- Update to version 2.7:
* nvme-print-json: include vs for identify namespace
* nvme-print-stdout: enhance connect message
* fabrics: fix connect error if hostid file does not exist
* fabrics: fix invalid output format error during nvme connect
* wdc: Fix vs-smart-add-log Command for SN650 and SN655
* nvme: restric hmac options for gen-tls-key
* wdc: Fix UUID index fallback mechanism
* plugins/ocp: Add OCP Telemetry String log page, Telemetry log page
* completions: Add bash completions for telemetry string log page
* plugins/solidigm: Added OCP 2.0 compatibility version command
* plugins/solidigm: Added OCP 2.0 vs-drive-info command.
* plugins/ocp: Fix printing order of various Latency Monitor Log buckets
* nvme: validate output format split status from flag return value
* nvme: simplify cleanup_nvme_dev()
* cleanup: remove unused cleanup_charp()
* wdc: Add support for SN861 2nd pci device id
* nvme: replace libhugetlbfs with mmap and madvise
* util/mem: move alloc helper to util section
* nvme: auto cleanup filedescriptors
* nvme: auto cleanup buffers
* nvme: return error code in get_persistent_event_log
* nvme: sanitize nvme-gen-tls-key
* nvme: print out the resulting TLS identity for 'nvme check-tls-key'
* nvme: Add version '1' identifier for nvme-gen-tls-key
* subprojects/libnvme: update wrapper for TP8018
* plugins/solidigm: Added re_sku_count smart atrribute
* doc: Fix nvme-connect manpage --application option string
* plugins/ocp: changed command clear-pcie-correctable-error-counters to match OCP 2.0 spec.
* plugins/solidigm: Added command to clear PCIe Correctable Error Counters according to OCP 2.0
* plugins/ocp: Reorganized clear feature code for better reuse
* nvme: fixup length calculation for 'nvme gen-tls-key --secret'
* doc: remove invalid hostkey info for --dhchap-secret
* nvme-print-json: use human helper everywhere
* nvme-print-json: remove obj_print helper
* plugins/ocp: update nvme_show_select_result call
* mailmap: only show contributer's name
* nvme-print-json: Change to report status and message in array
* nvme-print-json: Change to report feature select in array
* nvme-print-json: Change to report error and data in array
* nvme-print-json: Add show_init/finish calls to report features in array
* nvme-print: Add nvme_show_error_status() to merge error message and status
* nvme-print-json: Use r instead of root and use obj_add_***(r, ..., ...)
* nvme-print-json: Delete static const char string global variables
* nvme-print-json: Add remaining controller registers readable format
* nvme-print-json: Add readable format cap, vs, cc, csts, nssr and crto registers
* nvme-print-json: Combine duplicated json key and val string variables
* nvme-print-json: Replase json_array_add_value_string() to array_add_str()
* nvme-print-json: Replase json_object_add_value_uint128() to obj/root_add_uint128()
* nvme-print-json: Replase json_object_add_value_object() to obj/root_add_obj()
* nvme-print-json: Replase json_array_add_value_object() to array_add_obj()
* nvme-print-json: Replase json_object_add_value_array() to obj/root_add_array()
* nvme-print-json: Replase json_object_add_value_uint() to obj/root_add_uint()
* nvme-print-json: Replase json_object_add_value_int() to obj/root_add_int()
* nvme-print-json: Replase json_object_add_value_uint64() to obj/root_add_uint64()
* nvme-print-json: Replase json_object_add_value_string() to obj/root_add_str()
* nvme-print-json: Update feature_show_fields_*** to use root/obj_add_***()
* nvme-print-json: Update lba_status_log to use root_add_***() and obj_add_***()
* nvme-print-json: Replace lba_status_log printf() to root_add_result()
* nvme-print-json: Add list_item print function
* nvme-print-json: Add lba_status_info print function
* nvme-print-json: Add lba_range print function
* nvme-print-json: Add id_ctrl_rpmbs print function
* nvme-print-json: Unify json_list and jroot object names to root
* nvme-print-json: Add json_zns_changed print function
* nvme-print-json: Add root_add_result() to output result message
* nvme-print-json: Split persistent_event_log print function
* nvme-print-json: Remove unnecessary string newline code
* nvme-print-json: Replace effects_log_list print to use json_print()
* nvme-print-json: Print persistent_event_log no log data result correctly
* nvme-print-json: Add static "result" and "erorr" strings variables
* nvme-print-json: Add single_property printf function
* nvme: Replace get feature command stderr output to nvme_show_error()
* nvme-print-json: Change d() output to use d_json()
* nvme: Fix get-feature command mixed stdout and json outputs
* nvme-print-json: Add remaining feature fields print functions
* nvme-print-json: Update formatting and codying style
* build: Add -std=c99 to CFLAGS for muon on CentOS 7
* fabrics: add udev rule to avoid renaming nbft interfaces
* fabrics: autoconnect: add service unit for connecting NBFT subsystems
* fabrics: autoconnect: explicitly express module dependency
* Updates to codeql config
* libnvme-wrap: exit on VOID_FN lookup failure
* plugins/ocp:Added the ocp C6h feature api
* plugin/ocp_fid_c6h:Added the ocp C6h feature api
* nvme-copy: support cross-namespace copy
* nvme/plugins: fix mismatch operator
* nvme: fix overflow possiblity
* nvme: reduce identify cmd issue
* nvme: allow set-features to take input from stdin
* Fix common misspellings from codespell project
* nvme-print: Correct to print correct ascii character string length
* print-stdout: print Host Behavior Support correctly
* build: Bump libnvme wrap
* plugins/solidigm: Added support for temperature statistics log page
* Add support for codeql sweeps
* doc: Add virt-mgmt command
... changelog too long, skipping 44 lines ...
* update NetApp udev rule file name
==== pam ====
Version update (1.5.3 -> 1.6.0)
- Add post 1.6.0 release fixes for pam_env and pam_unix:
- pam_env-fix-enable-vendordir-fallback.patch
- pam_env-fix_vendordir.patch
- pam_env-remove-escaped-newlines.patch
- pam_unix-fix-password-aging-disabled.patch
- Update to version 1.6.0
- Added support of configuration files with arbitrarily long lines.
- build: fixed build outside of the source tree.
- libpam: added use of getrandom(2) as a source of randomness if available.
- libpam: fixed calculation of fail delay with very long delays.
- libpam: fixed potential infinite recursion with includes.
- libpam: implemented string to number conversions validation when parsing
controls in configuration.
- pam_access: added quiet_log option.
- pam_access: fixed truncation of very long group names.
- pam_canonicalize_user: new module to canonicalize user name.
- pam_echo: fixed file handling to prevent overflows and short reads.
- pam_env: added support of '\' character in environment variable values.
- pam_exec: allowed expose_authtok for password PAM_TYPE.
- pam_exec: fixed stack overflow with binary output of programs.
- pam_faildelay: implemented parameter ranges validation.
- pam_listfile: changed to treat \r and \n exactly the same in configuration.
- pam_mkhomedir: hardened directory creation against timing attacks.
- Please note that using *at functions leads to more open file handles
during creation.
- pam_namespace: fixed potential local DoS (CVE-2024-22365).
- pam_nologin: fixed file handling to prevent short reads.
- pam_pwhistory: helper binary is now built only if SELinux support is
enabled.
- pam_pwhistory: implemented reliable usernames handling when remembering
passwords.
- pam_shells: changed to allow shell entries with absolute paths only.
- pam_succeed_if: fixed treating empty strings as numerical value 0.
- pam_unix: added support of disabled password aging.
- pam_unix: synchronized password aging with shadow.
- pam_unix: implemented string to number conversions validation.
- pam_unix: fixed truncation of very long user names.
- pam_unix: corrected rounds retrieval for configured encryption method.
- pam_unix: implemented reliable usernames handling when remembering
passwords.
- pam_unix: changed to always run the helper to obtain shadow password
entries.
- pam_unix: unix_update helper binary is now built only if SELinux support
is enabled.
- pam_unix: added audit support to unix_update helper.
- pam_userdb: added gdbm support.
- Multiple minor bug fixes, portability fixes, documentation improvements,
and translation updates.
- The following patches are obsolete with the update:
- pam_access-doc-IPv6-link-local.patch
- pam_access-hostname-debug.patch
- pam_shells-fix-econf-memory-leak.patch
- pam_shells-fix-econf-memory-leak.patch
- disable-examples.patch
- pam-login_defs-check.sh: adjust checksum, SHA_CRYPT_MAX_ROUNDS
is no longer used.
==== pam-full-src ====
Version update (1.5.3 -> 1.6.0)
- Add post 1.6.0 release fixes for pam_env and pam_unix:
- pam_env-fix-enable-vendordir-fallback.patch
- pam_env-fix_vendordir.patch
- pam_env-remove-escaped-newlines.patch
- pam_unix-fix-password-aging-disabled.patch
- Update to version 1.6.0
- Added support of configuration files with arbitrarily long lines.
- build: fixed build outside of the source tree.
- libpam: added use of getrandom(2) as a source of randomness if available.
- libpam: fixed calculation of fail delay with very long delays.
- libpam: fixed potential infinite recursion with includes.
- libpam: implemented string to number conversions validation when parsing
controls in configuration.
- pam_access: added quiet_log option.
- pam_access: fixed truncation of very long group names.
- pam_canonicalize_user: new module to canonicalize user name.
- pam_echo: fixed file handling to prevent overflows and short reads.
- pam_env: added support of '\' character in environment variable values.
- pam_exec: allowed expose_authtok for password PAM_TYPE.
- pam_exec: fixed stack overflow with binary output of programs.
- pam_faildelay: implemented parameter ranges validation.
- pam_listfile: changed to treat \r and \n exactly the same in configuration.
- pam_mkhomedir: hardened directory creation against timing attacks.
- Please note that using *at functions leads to more open file handles
during creation.
- pam_namespace: fixed potential local DoS (CVE-2024-22365).
- pam_nologin: fixed file handling to prevent short reads.
- pam_pwhistory: helper binary is now built only if SELinux support is
enabled.
- pam_pwhistory: implemented reliable usernames handling when remembering
passwords.
- pam_shells: changed to allow shell entries with absolute paths only.
- pam_succeed_if: fixed treating empty strings as numerical value 0.
- pam_unix: added support of disabled password aging.
- pam_unix: synchronized password aging with shadow.
- pam_unix: implemented string to number conversions validation.
- pam_unix: fixed truncation of very long user names.
- pam_unix: corrected rounds retrieval for configured encryption method.
- pam_unix: implemented reliable usernames handling when remembering
passwords.
- pam_unix: changed to always run the helper to obtain shadow password
entries.
- pam_unix: unix_update helper binary is now built only if SELinux support
is enabled.
- pam_unix: added audit support to unix_update helper.
- pam_userdb: added gdbm support.
- Multiple minor bug fixes, portability fixes, documentation improvements,
and translation updates.
- The following patches are obsolete with the update:
- pam_access-doc-IPv6-link-local.patch
- pam_access-hostname-debug.patch
- pam_shells-fix-econf-memory-leak.patch
- pam_shells-fix-econf-memory-leak.patch
- disable-examples.patch
- pam-login_defs-check.sh: adjust checksum, SHA_CRYPT_MAX_ROUNDS
is no longer used.
==== pipewire ====
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools
- Add patches from upstream to fix building the package in Factory
with libcamera 0.2.0:
* 0001-spa-libcamera-use-CameraConfigurationorientation.patch
* 0002-spa-libcamera-bump-minimum-supported-version-to-0.2.0.patch
==== python-SQLAlchemy ====
Version update (2.0.24 -> 2.0.25)
- update to 2.0.25:
* preliminary support for Python 3.12 pep-695 type alias
structures
* see https://docs.sqlalchemy.org/en/20/changelog/changelog_20.html#change-2.0.25
==== python-Twisted ====
Subpackages: python311-Twisted python311-Twisted-tls
- Add twisted-pr12054-testinvokationpy3.12.1.patch
* Pull request gh#twisted/twisted#12054 fixes failing tests on
python312 gh#twisted/twisted#12052
- Fix rpmlint errors
==== python-anyio ====
Version update (3.7.1 -> 4.2.0)
- update to 4.2.0:
* Add support for byte-based paths in connect_unix,
create_unix_listeners, create_unix_datagram_socket, and
create_connected_unix_datagram_socket. (PR by Lura Skye)
* Enabled the Event and CapacityLimiter classes to be
instantiated outside an event loop thread
* Broadly improved/fixed the type annotations. Among other
things, many functions and methods that take variadic
positional arguments now make use of PEP 646 TypeVarTuple to
allow the positional arguments to be validated by static type
checkers. These changes affected numerous methods and
functions, including: * anyio.run() * TaskGroup.start_soon()
* anyio.from_thread.run() * anyio.from_thread.run_sync() *
anyio.to_thread.run_sync() * anyio.to_process.run_sync() *
BlockingPortal.call() * BlockingPortal.start_task_soon() *
BlockingPortal.start_task() (also resolves #560)
* Fixed various type annotations of anyio.Path to match
Typeshed: * anyio.Path.__lt__() * anyio.Path.__le__() *
anyio.Path.__gt__() * anyio.Path.__ge__() *
anyio.Path.__truediv__() * anyio.Path.__rtruediv__() *
anyio.Path.hardlink_to() * anyio.Path.samefile() *
anyio.Path.symlink_to() * anyio.Path.with_segments() (PR by
Ganden Schaffner)
* Fixed adjusting the total number of tokens in a
CapacityLimiter on asyncio failing to wake up tasks waiting
to acquire the limiter in certain edge cases (fixed with help
from Egor Blagov)
* Fixed loop_factory and use_uvloop options not being used on
the asyncio backend
* Fixed cancellation propagating on asyncio from a task group
to child tasks if the task hosting the task group is in a
shielded cancel scope
- update to 4.1.0:
* Adapted to API changes made in Trio v0.23
* Removed a checkpoint when exiting a task group
* Renamed the ``cancellable`` argument in
``anyio.to_thread.run_sync()`` to
* ``abandon_on_cancel`` (and deprecated the old parameter name)
* Added support for voluntary thread cancellation via
* ``anyio.from_thread.check_cancelled()``
* Bumped minimum version of trio to v0.23
* Exposed the ``ResourceGuard`` class in the public API
* Fixed ``RuntimeError: Runner is closed`` when running higher-
scoped async generator fixtures in some cases
* Fixed discrepancy between ``asyncio`` and ``trio`` where
reraising a cancellation exception in an ``except*`` block
would incorrectly bubble out of its cancel scope
* Any exceptions raising out of a task groups are now nested
inside an ``ExceptionGroup`` (or ``BaseExceptionGroup`` if one
or more ``BaseException`` were included)
* Fixed task group not raising a cancellation exception on
asyncio at exit if no child tasks were spawned and an outer
cancellation scope had been cancelled before
* Ensured that exiting a ``TaskGroup`` always hits a yield
point, regardless of whether there are running child tasks to
be waited on
* On asyncio, cancel scopes will defer cancelling tasks that
are scheduled to resume with a finished future
* On asyncio and Python 3.9/3.10, cancel scopes now only
suppress cancellation exceptions if the cancel message matches
the scope
* Task groups on all backends now raise a single cancellation
exception when an outer cancel scope is cancelled, and no
exceptions other than cancellation exceptions are raised in
the group
* **BACKWARDS INCOMPATIBLE** Changes the pytest plugin to run
all tests and fixtures in the same task, allowing fixtures to
set context variables for tests and other fixtures
``anyio.Path.relative_to()`` and
* ``anyio.Path.is_relative_to()`` to only accept one argument,
as passing multiple arguments is deprecated as of Python 3.12
* **BACKWARDS INCOMPATIBLE** Dropped support for spawning tasks
from old-style coroutine functions (``(a)asyncio.coroutine``)
* **BACKWARDS INCOMPATIBLE** The ``policy`` option on the
``asyncio`` backend was changed to ``loop_factory`` to
accommodate ``asyncio.Runner``
* Dropped support for Python 3.7
* Added support for Python 3.12
* Fixed ``from_thread.run`` failing when used to call sniffio-
dependent functions on asyncio from a thread running trio or curio
* Fixed deadlock when using
``from_thread.start_blocking_portal(backend="asyncio")``
* in a thread running trio or curio (PR by Ganden Schaffner)
* Improved type annotations:
* The ``item_type`` argument of ``create_memory_object_stream``
was deprecated.
* To indicate the item type handled by the stream, use
* ``create_memory_object_stream[T_Item]()`` instead. Type
checking should no longer fail when annotating memory object
- drop tests-test_fileio.py-don-t-follow-symlinks-in-dev.patch
(upstream)
==== python-gevent ====
- Clean obsolete old python and old distribution directives
* Only 15.5+ with the sle15 python module and Tumbleweed have the
required Python 3.8+
* Drop fix-no-return-in-nonvoid-function.patch
- Update test suite execution
* Use -u-network flag to disable network tests
* Add gevent-opensuse-nocolor-tests.patch -- Avoid colorization
of test output in obs runners
* Add gevent-fix-unittest-returncode-py312-c1.patch and
gevent-fix-unittest-returncode-py312-c2.patch
gh#gevent/gevent#2012
==== python-service_identity ====
Version update (23.1.0 -> 24.1.0)
- update to 24.1.0:
* If a certificate doesn't contain any `subjectAltName`s, we
now raise `service_identity.CertificateError` instead of
`service_identity.VerificationError` to make the problem
easier to debug.
==== qca-qt5 ====
Version update (2.3.7+git12 -> 2.3.8+git1)
Subpackages: libqca-qt5-2 qca-qt5-plugins
- Update to version 2.3.8+git1:
* CI: Enable Android builds
- There's a v2.3.8 tag now so the version matches properly again
==== qpdf ====
Version update (11.7.0 -> 11.8.0)
- Temporary workaround for test fuzz-16214 (bsc#1218902)
* Add openssl3_2-fuzz-16214.patch
- Update to 11.8.0:
* Bug fixes:
- When flattening annotations, preserve hyperlinks and other annotations
that inherently have no appearance information.
* CLI Enhancements
- Introduce x in the numeric range syntax to allow exclusion of pages
within a page range. See Page Ranges for details.
- Support comma-separated numeric values with --collate to select
different numbers of pages from different groups.
- Add --set-page-labels option to completely override page labels in the
output.
* Library Enhancements
- Add API to support --set-page-labels:
- QPDFJob::Config::setPageLabels
- pdf_page_label_e enumerated type
- QPDFPageLabelDocumentHelper::pageLabelDict
- Improve file recovery logic to better handle files with cross-reference
streams. This should enable qpdf to recover some files that it would
previously have reported âunable to find trailer dictionary.â
==== rpm-config-SUSE ====
Version update (20230712 -> 20240118)
- Update to version 20240118:
* find-provides.ksyms: Fix ksym provides on Tumbleweed/ALP
- Update to version 20240115:
* macros.initrd: %regenerate_initrd_post: don't fail if mkdir is unavailable
* scripts: Do full ksyms dependencies on Tumbleweed (bsc#1215015)
==== sdbootutil ====
Version update (1+git20231221.42797ab -> 1+git20240122.c0d8f76)
Subpackages: sdbootutil-rpm-scriptlets sdbootutil-snapper
- Update to version 1+git20240122.c0d8f76:
* Integrate with kernel-install
* Rework kernel listing a bit
* Add checks to list-entries
* List entries for current system only by default
* Fall back to loader.conf if setting efivar failed
* Runtime determine kernel image name
* Add list-snapshots
* Add list-entries command
- Update to version 1+git20240118.7e744b4:
* Bind mount /etc inside the snapshot
==== shaderc ====
Version update (2023.7 -> 2023.8)
- Update to release 2023.8
* API: Expose rlaxed Vulkan rules from glslang
==== sssd ====
Version update (2.9.3 -> 2.9.4)
Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-krb5-common sssd-ldap
- Update to release 2.9.4
* Fixes a crash when PAM passkey processing incorrectly handles
non-passkey data.
* Fixed group membership handling when members are coming from
different forest domains and using ldap token groups is
prohibited.
* Files provider was erroneously taking into consideration
``local_auth_policy`` config option, thus breaking smartcard
authentication of local user in setups that did not explicitly
specify this option. This is now fixed.
==== systemd ====
Subpackages: libsystemd0 libudev1 systemd-boot systemd-coredump systemd-doc udev
- Add patches that implement [jsc#PED-5659]
5003-cgroup-rename-TasksMax-structure-to-CGroupTasksMax.patch
5004-bus-print-properties-ignore-CGROUP_LIMIT_MAX-for-Mem.patch
5005-bus-print-properties-prettify-more-unset-properties.patch
5006-cgroup-Add-EffectiveMemoryMax-EffectiveMemoryHigh-an.patch
5007-test-Convert-rlimit-test-to-subtest-of-generic-limit.patch
5008-test-Add-effective-cgroup-limits-testing.patch
5009-cgroup-Restrict-effective-limits-with-global-resourc.patch
5010-cgroup-Rename-effective-limits-internal-table.patch
They are temporarily put in quarantine to get broader testing but should be
eventually moved to the git repo.
- remove pam-config call from post scriptlet of systemd-32bit
* the full package already does that
==== tevent ====
Version update (0.15.0 -> 0.16.0)
Subpackages: libtevent0 python3-tevent
- Update to version 0.16.0
* the epoll backend is no longer limited to 2 event handlers
per low level fd.
* finally add support for TEVENT_FD_ERROR
==== tpm2-0-tss ====
Subpackages: libtss2-esys0 libtss2-fapi1 libtss2-mu0 libtss2-rc0 libtss2-sys1 libtss2-tcti-device0 libtss2-tctildr0
- Fix tmpfiles %ghost file names
- Move tmpfiles config to different package:
* tmpfiles_create was being called with bad input (version ?)
* it avoids breaking SLPP for libtss2-fapi1 (hence the prior
warning in spec)
- tss sysusers requires should be pre not post
==== util-linux ====
Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1
- Minor multibuild fixes (PED-307):
* Restore /bin symlinks in util-linux-systemd if building with
ul_extra_bin_sbin.
* Restore compatibility supplements and split-provides.
* Update safety check instructions.
==== util-linux-systemd ====
- Minor multibuild fixes (PED-307):
* Restore /bin symlinks in util-linux-systemd if building with
ul_extra_bin_sbin.
* Restore compatibility supplements and split-provides.
* Update safety check instructions.
==== vulkan-loader ====
Version update (1.3.268.0 -> 1.3.275.0)
- Update to release SDK-1.3.275.0
* Instance extensions unsupported by physical devices now return
ERROR_EXTENSION_NOT_PRESENT
* Unload drivers which report 0 physical devices
==== vulkan-tools ====
Version update (1.3.268.0 -> 1.3.275.0)
- Update to release SDK-1.3.275.0
* icd: Add vkGetMemoryFdKHR support
* icd: Add vkGetMemoryHostPointerPropertiesEXT support
* vulkaninfo: Autogenerate Format list
* icd: Add basic VkDisplayKHR support
* icd: Add vkRegisterDisplayEventEXT
* icd: Add video support
==== yast2-pkg-bindings ====
Version update (5.0.2 -> 5.0.4)
- Fixed repository and service probing with libzypp 7.31.26
and newer, convert the type to string by pkg-bindings,
not by libzypp which might change it (bsc#1218399)
- 5.0.4
- Added new pkg calls for managing and resolving the solver
conflicts. Added PkgSolveProblems(), PkgSetSolveSolutions()
and PkgResetSolveSolutions() calls. (gh#openSUSE/agama#944)
- Libzypp 17.31.26+ uses "N/A" for unknown repository types
instead of "NONE", support both cases (bsc#1218859)
- 5.0.3
==== zbar ====
Version update (0.23.90 -> 0.23.93)
- Update to 0.23.93:
* Set a better dpi resolution when parsing PDF files
* Fix memory recycle bug of empty symbols
* Fix compilation with python 3.11 and 3.12
* CVE-2023-40889: Fix array out-of-bounds access
* Stop ignoring non-binary entries that follow binary ones
* Increase allocated buffer memory for symbols
* barcodetest.py: fix error code print logic
* convert: Crash fixing while using camera
* Add some pod information for additional functions
* perl skip more tests if DISPLAY not set and set prereqs in Makefile.PL
* Fixes rt.cpan.org 122061 - test fails when DISPLAY not set
* Update Barcode::ZBar
* isaac: ensure proper order of parsing expression
* Enforce x11 backend even on wayland
* zbarimg: add the --polygon option
* xml output: Add polygon containing code bar.
* configure.ac: drop support for Qt4 and prepare for Qt6 support
* win: fix compiling error in Visual studio
* Enforce a coding style
* configure.ac: fix some issues with gtk parameter
* zbargtk: fix version check macros
* zbar: Address some header issues
* zbar, test: fix compilation issues with FreeBSD
* zbar: Function stdcall declaration issue.
* symbol: make it compatible with MSC
* zbar: change the code to make it c90 standard compatible
* test: fix decode test
- Drop upstreamed patches:
* zbar-CVE-2023-40889.patch
* zbar-CVE-2023-40890.patch
* py311.patch
- Add patch to fix build see gh#mchehab/zbar#277:
* zbar-configure.patch
* zbar-pkgconfig.patch
==== zchunk ====
Version update (1.3.2 -> 1.4.0)
- update to 1.4.0:
* Rework hash code to support openSSL 3.x EVP API
* memory leak fix
* tests for invalid zchunk files
* More statistics in zchunk_delta_info
* avoid infinite loop under certain conditions
* Add zck_get_chunk_ctx function to get context from chunk
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
MozillaFirefox (121.0 -> 121.0.1)
PackageKit
bash (5.2.21 -> 5.2.26)
desktop-file-utils
docker-buildx (0.12.0 -> 0.12.1)
elfutils (0.189 -> 0.190)
elfutils-debuginfod (0.189 -> 0.190)
evince
ffmpeg-6 (6.0.1 -> 6.1.1)
fwupd
gnutls (3.8.2 -> 3.8.3)
grub2
iputils (20231222 -> 20240117)
libgsf
libjpeg-turbo
libjxl-gtk (0.8.2 -> 0.9.0)
libosinfo
libstorage-ng (4.5.173 -> 4.5.174)
libxkbcommon
llvm17
ncurses (6.4.20240106 -> 6.4.20240113)
orca (45.1 -> 45.2)
patterns-microos
python-numpy
python-redis
readline (8.2 -> 8.2.10)
selinux-policy (20240104 -> 20240116)
shadow (4.14.2 -> 4.14.3)
sushi
telepathy-logger
upower
xorg-x11-server (21.1.9 -> 21.1.11)
xwayland (23.2.2 -> 23.2.4)
=== Details ===
==== MozillaFirefox ====
Version update (121.0 -> 121.0.1)
- Mozilla Firefox 121.0.1
* Fixed unexpected line wrapping in some CJK contexts caused by
changes in ideographic space handling. bmo#1870973)
* Fixed a hang when loading sites containing column-based
layouts under some circumstances. bmo#1867784)
* Fixed missing rounded corners for videos playing over another
video. bmo#1869994)
* Fixed Firefox not closing properly and other applications being
unable to use a USB security key after being previously used
during a Firefox session. bmo#1863135)
==== PackageKit ====
Subpackages: PackageKit-backend-dnf PackageKit-backend-zypp PackageKit-gstreamer-plugin PackageKit-gtk3-module libpackagekit-glib2-18 typelib-1_0-PackageKitGlib-1_0
- Add PackageKit-find-python-3-6.patch: Specify the Python version
we need to build this package.
==== bash ====
Version update (5.2.21 -> 5.2.26)
Subpackages: bash-doc bash-sh
- Add upstream patches
* bash52-022
It's possible for readline to try to zero out a line that's not
null-terminated, leading to a memory fault.
* bash52-023
Running `local -' multiple times in a shell function would
overwrite the original saved set of options.
* bash52-024
Fix bug where associative array compound assignment would not
expand tildes in values.
* bash52-025
Make sure a subshell checks for and handles any terminating
signals before exiting (which might have arrived after the
command completed) so the parent and any EXIT trap will see
the correct value for $?.
==== desktop-file-utils ====
- support non-SUSE distributions
==== docker-buildx ====
Version update (0.12.0 -> 0.12.1)
- Update to version 0.12.1:
* driver(container): fix conditional statement for error handling
* docs: add levels to bake file target.annotations
* docs: build --annotation
* docs: add lang tag for plaintext code blocks
* docs: imagetools create --annotation
==== elfutils ====
Version update (0.189 -> 0.190)
Subpackages: libasm1 libdw1 libelf1
- Update to version 0.190:
* libelf: Add RELR support.
* libdw: Recognize .debug_[ct]u_index sections
* readelf:
- Support readelf -Ds, --use-dynamic --symbol.
- Support .gdb_index version 9
* scrlines: New tool that compiles a list of source files associated
with a specified dwarf/elf file.
* backends: Various LoongArch updates.
==== elfutils-debuginfod ====
Version update (0.189 -> 0.190)
Subpackages: debuginfod-client debuginfod-profile libdebuginfod1
- Update to version 0.190
* Schema change (reindexing required, sorry!) for a 60%
compression in filename representation, which was a large
part of the sqlite index; also, more deliberate sqlite
- wal management during scanning using the
- -scan-checkpoint option.
==== evince ====
Subpackages: evince-plugin-pdfdocument libevdocument3-4 libevview3-3 typelib-1_0-EvinceDocument-3_0 typelib-1_0-EvinceView-3_0
- Convert to source service for easier updating.
==== ffmpeg-6 ====
Version update (6.0.1 -> 6.1.1)
Subpackages: libavcodec60 libavfilter9 libavformat60 libavutil58 libpostproc57 libswresample4 libswscale7
- Update to version 6.1.1:
* libaribcaption decoder
* Playdate video decoder and demuxer
* Extend VAAPI support for libva-win32 on Windows
* afireqsrc audio source filter
* arls filter
* ffmpeg CLI new option: -readrate_initial_burst
* zoneplate video source filter
* command support in the setpts and asetpts filters
* Vulkan decode hwaccel, supporting H264, HEVC and AV1
* color_vulkan filter
* bwdif_vulkan filter
* nlmeans_vulkan filter
* RivaTuner video decoder
* xfade_vulkan filter
* vMix video decoder
* Essential Video Coding parser, muxer and demuxer
* Essential Video Coding frame merge bsf
* bwdif_cuda filter
* Microsoft RLE video encoder
* Raw AC-4 muxer and demuxer
* Raw VVC bitstream parser, muxer and demuxer
* Bitstream filter for editing metadata in VVC streams
* Bitstream filter for converting VVC from MP4 to Annex B
* scale_vt filter for videotoolbox
* transpose_vt filter for videotoolbox
* support for the P_SKIP hinting to speed up libx264 encoding
* Support HEVC,VP9,AV1 codec in enhanced flv format
* apsnr and asisdr audio filters
* OSQ demuxer and decoder
* Support HEVC,VP9,AV1 codec fourcclist in enhanced rtmp protocol
* CRI USM demuxer
* ffmpeg CLI '-top' option deprecated in favor of the setfield filter
* VAAPI AV1 encoder
* ffprobe XML output schema changed to account for multiple variable-fields elements within the same parent element
* ffprobe -output_format option added as an alias of -of
- Remove patch6 0001-avfilter-vf_libplacebo-remove-deprecated-field.diff
- Prefer libvpl to libmfx: the latter is deprecated
- Delete ffmpeg-6-private-devel package as it is only needed to build libav-tools
==== fwupd ====
Subpackages: fwupd-bash-completion libfwupd2 typelib-1_0-Fwupd-2_0
- Fix build failure on s390x and ppc64le
+ This release modifies spec file
- add s390x and ppc64le into default 'with efi_fw_update'
so that old dbxtool version can be obsoleted.
==== gnutls ====
Version update (3.8.2 -> 3.8.3)
- Update to 3.8.3:
* libgnutls: Fix more timing side-channel inside RSA-PSK key
exchange. [GNUTLS-SA-2024-01-14, CVSS: medium]
[bsc#1218865, CVE-2024-0553]
* libgnutls: Fix assertion failure when verifying a certificate
chain with a cycle of cross signatures.
[GNUTLS-SA-2024-01-09, CVSS: medium] [bsc#1218862, CVE-2024-0567]
* libgnutls: Fix regression in handling Ed25519 keys stored in
PKCS#11 token certtool was unable to handle Ed25519 keys
generated on PKCS#11 with pkcs11-tool (OpenSC).
This is a regression introduced in 3.8.2.
* Rebase gnutls-FIPS-140-3-references.patch
* Updated upstream gnutls.keyring
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin
- Resolved XFS regression leading to the "not a correct XFS inode" error by
temporarily reverting the problematic commit (bsc#1218864)
* 0001-Revert-fs-xfs-Fix-XFS-directory-extent-parsing.patch
==== iputils ====
Version update (20231222 -> 20240117)
- Update to version 20240117 (ping bugfix release)
https://github.com/iputils/iputils/releases/tag/20240117
==== libgsf ====
Subpackages: gsf-office-thumbnailer libgsf-1-114
- Own /usr/share/gtk-doc: glib no longer uses gtk-doc and as a
consequence cannot be held responsible to deliver that basic
directory structure.
==== libjpeg-turbo ====
- Do not require SIMD support when it does not exist
==== libjxl-gtk ====
Version update (0.8.2 -> 0.9.0)
- Remove cjxl/djxl manpages from gtk flavor installation, these
are part of the tools subpackage from the main flavor.
- Update to release 0.9
* Encoder API:
* Add JxlEncoderSetExtraChannelDistance to adjust the quality
of extra channels (like alpha) separately.
* New API functions for streaming encoding.
* New options for more fine-grained control over metadata
preservation when using JxlEncoderAddJPEGFrame.
* New function JxlEncoderSetUpsamplingMode to change the
upsampling method, e.g. to use nearest-neighbor upsampling
for pixel art.
* New function JxlEncoderDistanceFromQuality for convenience to
calculate a distance given a quality.
* Decoder API: Implemented JxlDecoderSetOutputColorProfile and
JxlDecoderSetCms to enable decoding to desired colorspace.
* Deprecated functions removed from encoder and decoder APIs.
* Command-line tools:
* cjxl can now be used to explicitly add/update/strip
Exif/XMP/JUMBF metadata using the decoder-hints syntax, e.g.
cjxl input.ppm -x exif=input.exif output.jxl
* djxl can now be used to extract Exif/XMP/JUMBF metadata.
==== libosinfo ====
Subpackages: libosinfo-1_0-0
- Own /usr/share/gtk-doc: glib no longer uses gtk-doc and as a
consequence cannot be held responsible to deliver that basic
directory structure.
==== libstorage-ng ====
Version update (4.5.173 -> 4.5.174)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- merge gh#openSUSE/libstorage-ng#979
- allow to get Arch object from SystemInfo
- make testcase more robust
- coding style
- 4.5.174
==== libxkbcommon ====
Subpackages: libxkbcommon-x11-0 libxkbcommon0 libxkbregistry0
- Add libxkbcommon-tools-bash-completions.
==== llvm17 ====
- Use %_target_* for determining the compiler host triple (boo#1218701)
==== ncurses ====
Version update (6.4.20240106 -> 6.4.20240113)
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen
- Add ncurses patch 20240113
+ improve formatting/style of manpages (patches by Branden Robinson).
+ modify dist.mk to avoid passing developer's comments in manpages into
the generated html documentation.
+ use ansi+local, ansi+local1, ansi+pp, ansi+rca, ansi+rca2, ansi+sgr
to trim -TD
+ restore padding for wy520* and vt320-k311 (report by Sven Joachim).
==== orca ====
Version update (45.1 -> 45.2)
- Update to version 45.2:
+ Web: Fix bug causing us to get stuck in menu bar during caret
navigation.
+ General: Dump our cached information in response to
children-changed events so that we do not present stale
information.
+ Updated translations.
==== patterns-microos ====
Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-base-microdnf patterns-microos-base-packagekit patterns-microos-base-zypper patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-desktop-common patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-ra_agent patterns-microos-ra_verifier patterns-microos-selinux patterns-microos-sssd_ldap
- Switch from phonon4qt5-backend-gstreamer to phonon4qt5-backend-vlc
as recommended by upstream
==== python-numpy ====
- Update list of expected test failures on riscv64
- Fix gnu-hpc build error for Leap
==== python-redis ====
- add https://github.com/redis/redis-py/pull/3005 as
Close-various-objects-created-during-asyncio-tests.patch
to fix tests for python 3.12
==== readline ====
Version update (8.2 -> 8.2.10)
Subpackages: libreadline8 readline-doc
- Add upstream patch readline82-008
* Add missing prototypes for several function declarations
- Add upstream patch readline82-009
* Fix issue where the directory name portion of the word to be
completed (the part that is passed to opendir()) requires both
tilde expansion and dequoting. Readline only performed tilde
expansion in this case, so filename completion would fail.
- Add upstream patch readline82-010
* Fix the case where text to be completed from the line buffer
(quoted) is compared to the common prefix of the possible
matches (unquoted) and the quoting makes the former appear to
be longer than the latter. Readline assumes the match doesn't
add any characters to the word and doesn't display multiple matches.
- Port patches
* readline-5.2-conf.patch
* readline-6.2-metamode.patch
* readline-7.0-screen.patch
* readline-8.2.dif
==== selinux-policy ====
Version update (20240104 -> 20240116)
Subpackages: selinux-policy-targeted
- Update to version 20240116:
* Fix gitolite homedir paths (bsc#1218826)
==== shadow ====
Version update (4.14.2 -> 4.14.3)
Subpackages: libsubid4 login_defs
- Update to 4.14.3:
* libshadow:
+ Avoid null pointer dereference (#904)
==== sushi ====
- Convert to source service for easier updating.
==== telepathy-logger ====
Subpackages: libtelepathy-logger3 telepathy-logger-schema typelib-1_0-TelepathyLogger-0_2
- Own /usr/share/gtk-doc: glib no longer uses gtk-doc and as a
consequence cannot be held responsible to deliver that basic
directory structure.
==== upower ====
Subpackages: libupower-glib3 typelib-1_0-UpowerGlib-1_0
- Own /usr/share/gtk-doc: glib no longer uses gtk-doc and as a
consequence cannot be held responsible to deliver that basic
directory structure.
==== xorg-x11-server ====
Version update (21.1.9 -> 21.1.11)
Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra
- Update to version 21.1.11
* This release contains fixes for the issues reported in today's security
advisory: https://lists.x.org/archives/xorg/2024-January/061525.html
* CVE-2023-6816 (bsc#1218582)
* CVE-2024-0229 (bsc#1218583)
* CVE-2024-21885 (bsc#1218584)
* CVE-2024-21886 (bsc#1218585)
* CVE-2024-0408
* CVE-2024-0409
- supersedes the following patches
* U_xephyr-Don-t-check-for-SeatId-anymore.patch
* U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
* U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch
==== xwayland ====
Version update (23.2.2 -> 23.2.4)
- This release contains also the following patches mentioned in
previous sle15 releases
* bsc1218582-0001-dix-allocate-enough-space-for-logical-button-maps.patch
* bsc1218583-0001-dix-Allocate-sufficient-xEvents-for-our-DeviceStateN.patch
* bsc1218583-0002-dix-fix-DeviceStateNotify-event-calculation.patch
* bsc1218583-0003-Xi-when-creating-a-new-ButtonClass-set-the-number-of.patch
* bsc1218584-0001-Xi-flush-hierarchy-events-after-adding-removing-mast.patch
* bsc1218585-0001-Xi-do-not-keep-linked-list-pointer-during-recursion.patch
* bsc1218585-0002-dix-when-disabling-a-master-float-disabled-slaved-de.patch
- This release contains also the missing fixes of initial
U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
(bsc#1217765)
- Update to version 23.2.4
* This release contains fixes for the issues reported in today's
security advisory:
https://lists.x.org/archives/xorg/2024-January/061525.html
* CVE-2023-6816 (bsc#1218582)
* CVE-2024-0229 (bsc#1218583)
* CVE-2024-21885 (bsc#1218584)
* CVE-2024-21886 (bsc#1218585)
* CVE-2024-0408
* CVE-2024-0409
- supersedes the patches mentioned below:
* U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
* U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
ImageMagick (7.1.1.25 -> 7.1.1.26)
at-spi2-core
attica-qt5 (5.113.0 -> 5.114.0)
baloo5 (5.113.0 -> 5.114.0)
bluez-qt (5.113.0 -> 5.114.0)
breeze5-icons (5.113.0 -> 5.114.0)
cockpit
container-selinux (2.222.0 -> 2.228.0)
e2fsprogs
frameworkintegration (5.113.0 -> 5.114.0)
gcc13 (13.2.1+git8109 -> 13.2.1+git8205)
health-checker (1.10 -> 1.10+git20240111.cb84209)
installation-images-MicroOS (17.105 -> 17.110)
kactivities-stats (5.113.0 -> 5.114.0)
kactivities5 (5.113.0 -> 5.114.0)
karchive (5.113.0 -> 5.114.0)
kauth (5.113.0 -> 5.114.0)
kbd (2.6.3 -> 2.6.4)
kbookmarks (5.113.0 -> 5.114.0)
kcmutils (5.113.0 -> 5.114.0)
kcodecs (5.113.0 -> 5.114.0)
kcompletion (5.113.0 -> 5.114.0)
kconfig (5.113.0 -> 5.114.0)
kconfigwidgets (5.113.0 -> 5.114.0)
kcoreaddons (5.113.0 -> 5.114.0)
kcrash (5.113.0 -> 5.114.0)
kdbusaddons (5.113.0 -> 5.114.0)
kdeclarative (5.113.0 -> 5.114.0)
kded (5.113.0 -> 5.114.0)
kdelibs4support (5.113.0 -> 5.114.0)
kdesu (5.113.0 -> 5.114.0)
kdnssd-framework (5.113.0 -> 5.114.0)
kdoctools (5.113.0 -> 5.114.0)
kernel-source (6.6.10 -> 6.6.11)
kfilemetadata5 (5.113.0 -> 5.114.0)
kglobalaccel (5.113.0 -> 5.114.0)
kguiaddons (5.113.0 -> 5.114.0)
kholidays (5.113.0 -> 5.114.0)
khtml (5.113.0 -> 5.114.0)
ki18n (5.113.0 -> 5.114.0)
kiconthemes (5.113.0 -> 5.114.0)
kidletime (5.113.0 -> 5.114.0)
kimageformats (5.113.0 -> 5.114.0)
kinit (5.113.0 -> 5.114.0)
kio (5.113.0 -> 5.114.0)
kirigami2 (5.113.0 -> 5.114.0)
kitemmodels (5.113.0 -> 5.114.0)
kitemviews (5.113.0 -> 5.114.0)
kjobwidgets (5.113.0 -> 5.114.0)
kjs (5.113.0 -> 5.114.0)
knewstuff (5.113.0 -> 5.114.0)
knotifications (5.113.0 -> 5.114.0)
knotifyconfig (5.113.0 -> 5.114.0)
kpackage (5.113.0 -> 5.114.0)
kparts (5.113.0 -> 5.114.0)
kpeople5 (5.113.0 -> 5.114.0)
kpty (5.113.0 -> 5.114.0)
kquickcharts (5.113.0 -> 5.114.0)
krunner (5.113.0 -> 5.114.0)
kservice (5.113.0 -> 5.114.0)
ktexteditor (5.113.0 -> 5.114.0)
ktextwidgets (5.113.0 -> 5.114.0)
kunitconversion (5.113.0 -> 5.114.0)
kwallet (5.113.0 -> 5.114.0)
kwayland (5.113.0 -> 5.114.0)
kwidgetsaddons (5.113.0 -> 5.114.0)
kwindowsystem (5.113.0 -> 5.114.0)
kxmlgui (5.113.0 -> 5.114.0)
libKF5ModemManagerQt (5.113.0 -> 5.114.0)
libKF5NetworkManagerQt (5.113.0 -> 5.114.0)
libdrm (2.4.119 -> 2.4.120)
libinput (1.24.0 -> 1.25.0)
libjcat
libstorage-ng (4.5.171 -> 4.5.173)
libuv
man-pages
microos-tools (2.21+git5 -> 2.21+git9)
open-lldp (1.1+77.75e83b6fb98e -> 1.1+106.74c0600a8692)
pcr-oracle
pipewire (1.0.0 -> 1.0.1)
plasma-framework (5.113.0 -> 5.114.0)
prison-qt5 (5.113.0 -> 5.114.0)
purpose (5.113.0 -> 5.114.0)
python-Jinja2 (3.1.2 -> 3.1.3)
python-greenlet (3.0.2 -> 3.0.3)
python-lark (1.1.8 -> 1.1.9)
python-tornado6
python-urllib3
qqc2-desktop-style (5.113.0 -> 5.114.0)
samba (4.19.2+git.324.fa0b54b91b -> 4.19.4+git.339.acf1ccaa020)
selinux-policy (20231124 -> 20240104)
solid (5.113.0 -> 5.114.0)
sonnet (5.113.0 -> 5.114.0)
speech-dispatcher
syndication (5.113.0 -> 5.114.0)
syntax-highlighting (5.113.0 -> 5.114.0)
systemd (254.5 -> 254.8)
texlive
threadweaver (5.113.0 -> 5.114.0)
u-boot-rpiarm64 (2023.10 -> 2024.01)
vte
xdg-desktop-portal
zlib-ng-compat (2.1.5 -> 2.1.6)
zstd
=== Details ===
==== ImageMagick ====
Version update (7.1.1.25 -> 7.1.1.26)
Subpackages: ImageMagick-config-7-SUSE libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10
- version update to 7.1.1.26
https://github.com/ImageMagick/Website/blob/main/ChangeLog.md
==== at-spi2-core ====
Subpackages: libatk-1_0-0 libatk-bridge-2_0-0 libatspi0 typelib-1_0-Atk-1_0 typelib-1_0-Atspi-2_0
- Provide and obsolete more packages from old atk and at-spi2-atk:
atk-devel, at-spi2-atk-devel and at-spi2-atk-common.
==== attica-qt5 ====
Version update (5.113.0 -> 5.114.0)
Subpackages: libKF5Attica5
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== baloo5 ====
Version update (5.113.0 -> 5.114.0)
Subpackages: baloo5-file baloo5-file-lang baloo5-imports baloo5-kioslaves baloo5-kioslaves-lang baloo5-tools baloo5-tools-lang libKF5Baloo5 libKF5BalooEngine5 libKF5BalooEngine5-lang
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- Changes since 5.113.0:
* [IndexCleaner] Remove no-op recursion over includedFolders
* [ExtractorProcess] Remove unused members
* [TimeEstimator] Cleanup, remove QObject depency
* Use forward declaration for Baloo::Database
* Remove inacurate mimetype check in xattrindexer and indexcleaner
==== bluez-qt ====
Version update (5.113.0 -> 5.114.0)
Subpackages: bluez-qt-imports bluez-qt-udev libKF5BluezQt6
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== breeze5-icons ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== cockpit ====
Subpackages: cockpit-bridge cockpit-packagekit cockpit-system
- enable python-bridge for suse distros
==== container-selinux ====
Version update (2.222.0 -> 2.228.0)
- Update to version 2.228:
* Allow container domains to watch fifo_files
* container_engine_t: improve for podman in kubernetes case
* Allow spc_t to transition to install_t domain
* Default to allowing containers to use dri devices
* Allow access to BPF Filesystems
* Fix kubernetes transition rule
* Label kubensenter as well as kubenswrapper
* Allow container domains to execute container_runtime_tmpfs_t files
* Allow container domains to ptrace themselves
* Allow container domains to use container_runtime_tmpfs_t as an entrypoint
* Add boolean to allow containers to use dri devices
* Give containers access to pod resources endpoint
* Label kubenswrapper kubelet_exec_t
==== e2fsprogs ====
Subpackages: libcom_err2 libext2fs2
- e2fsck-Suppress-orphan-file-is-clean-message-in-preen.patch: e2fsck:
Suppress "orphan file is clean" message in preen mode (bsc#1218747)
==== frameworkintegration ====
Version update (5.113.0 -> 5.114.0)
Subpackages: frameworkintegration-plugin libKF5Style5
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- Changes since 5.113.0:
==== gcc13 ====
Version update (13.2.1+git8109 -> 13.2.1+git8205)
Subpackages: cpp13 libgcc_s1 libgfortran5 libgomp1 libobjc4 libstdc++6 libstdc++6-pp libubsan1
- Update to gcc-13 branch head, 36ddb5230f56a30317630a928, git8205
==== health-checker ====
Version update (1.10 -> 1.10+git20240111.cb84209)
Subpackages: health-checker-plugins-MicroOS
- Update to version 1.10+git20240111.cb84209:
* Add missing rule for health-checker.service.8
* Don't generate html documentation
* Fixing some typo's and improving the UX of the health-checker output
* Fix a typo in README.md
==== installation-images-MicroOS ====
Version update (17.105 -> 17.110)
- merge gh#openSUSE/installation-images#685
- drop finger (bsc#1218794)
- 17.110
- merge gh#openSUSE/installation-images#684
- noto-naskharabic-fonts is now google-noto-naskharabic-fonts
- 17.109
- merge gh#openSUSE/installation-images#678
- Add dbus-1-daemon
- 17.108
- merge gh#openSUSE/installation-images#683
- s390-tools now available for non-s390x archs (jsc#PED-7136,
jsc#PED-7138)
- 17.107
- merge gh#openSUSE/installation-images#679
- etc: update module.config to match 6.7
- 17.106
==== kactivities-stats ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kactivities5 ====
Version update (5.113.0 -> 5.114.0)
Subpackages: kactivities5-imports libKF5Activities5
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- Changes since 5.113.0:
* Drop unused KF5WindowSystem from cli
==== karchive ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kauth ====
Version update (5.113.0 -> 5.114.0)
Subpackages: libKF5Auth5 libKF5Auth5-lang libKF5AuthCore5
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kbd ====
Version update (2.6.3 -> 2.6.4)
Subpackages: kbd-legacy
- Update to version 2.6.4:
- Use AX_ADD_FORTIFY_SOURCE to avoid redefining _FORTIFY_SOURCE
- Do not look up include files in the current working directory
==== kbookmarks ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kcmutils ====
Version update (5.113.0 -> 5.114.0)
Subpackages: kcmutils-imports libKF5KCMUtils5 libKF5KCMUtilsCore5
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kcodecs ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- Changes since 5.113.0:
* KEmailAddress: Add autotests for improved whitespace trimming
* KEmailAddress: Only trim surrounding whitespace between E-Mail addresses instead of also replacing all whitespace within E-Mail address names with a single ASCII space
==== kcompletion ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kconfig ====
Version update (5.113.0 -> 5.114.0)
Subpackages: kconf_update5 libKF5ConfigCore5 libKF5ConfigGui5 libKF5ConfigQml5
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kconfigwidgets ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kcoreaddons ====
Version update (5.113.0 -> 5.114.0)
Subpackages: libKF5CoreAddons5
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- Changes since 5.113.0:
* Fix license text loading on Android
==== kcrash ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kdbusaddons ====
Version update (5.113.0 -> 5.114.0)
Subpackages: kdbusaddons-tools libKF5DBusAddons5
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kdeclarative ====
Version update (5.113.0 -> 5.114.0)
Subpackages: kdeclarative-components libKF5CalendarEvents5 libKF5Declarative5 libKF5QuickAddons5
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kded ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kdelibs4support ====
Version update (5.113.0 -> 5.114.0)
Subpackages: libKF5KDELibs4Support5
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kdesu ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kdnssd-framework ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kdoctools ====
Version update (5.113.0 -> 5.114.0)
Subpackages: libKF5DocTools5
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kernel-source ====
Version update (6.6.10 -> 6.6.11)
- keys, dns: Fix size check of V1 server-list header (git-fixes).
- commit 05ae4ad
- Linux 6.6.11 (bsc#1012628).
- keys, dns: Fix missing size check of V1 server-list header
(bsc#1012628).
- ALSA: hda/tas2781: do not use regcache (bsc#1012628).
- ALSA: hda/tas2781: move set_drv_data outside tasdevice_init
(bsc#1012628).
- ALSA: hda/tas2781: remove sound controls in unbind
(bsc#1012628).
- ALSA: hda/realtek: enable SND_PCI_QUIRK for hp pavilion
14-ec1xxx series (bsc#1012628).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ZBook
(bsc#1012628).
- ALSA: hda/realtek: Fix mute and mic-mute LEDs for HP ProBook
440 G6 (bsc#1012628).
- drm/amd/display: pbn_div need be updated for hotplug event
(bsc#1012628).
- mptcp: prevent tcp diag from closing listener subflows
(bsc#1012628).
- Revert "PCI/ASPM: Remove pcie_aspm_pm_state_change()"
(bsc#1012628).
- drm/mgag200: Fix gamma lut not initialized for G200ER, G200EV,
G200SE (bsc#1012628).
- cifs: cifs_chan_is_iface_active should be called with chan_lock
held (bsc#1012628).
- cifs: do not depend on release_iface for maintaining iface_list
(bsc#1012628).
- KVM: x86/pmu: fix masking logic for MSR_CORE_PERF_GLOBAL_CTRL
(bsc#1012628).
- accel/qaic: Fix GEM import path code (bsc#1012628).
- accel/qaic: Implement quirk for SOC_HW_VERSION (bsc#1012628).
- wifi: iwlwifi: pcie: don't synchronize IRQs from IRQ
(bsc#1012628).
- drm/bridge: parade-ps8640: Never store more than msg->size
bytes in AUX xfer (bsc#1012628).
- drm/bridge: ti-sn65dsi86: Never store more than msg->size
bytes in AUX xfer (bsc#1012628).
- drm/bridge: ps8640: Fix size mismatch warning w/ len
(bsc#1012628).
- netfilter: nf_tables: set transport offset from mac header
for netdev/egress (bsc#1012628).
- nfc: llcp_core: Hold a ref to llcp_local->dev when holding a
ref to llcp_local (bsc#1012628).
- octeontx2-af: Fix marking couple of structure as __packed
(bsc#1012628).
- drm/i915/dp: Fix passing the correct DPCD_REV for
drm_dp_set_phy_test_pattern (bsc#1012628).
- drm/i915/perf: Update handling of MMIO triggered reports
(bsc#1012628).
- ice: Fix link_down_on_close message (bsc#1012628).
- ice: Shut down VSI with "link-down-on-close" enabled
(bsc#1012628).
- i40e: Fix filter input checks to prevent config with invalid
values (bsc#1012628).
- igc: Report VLAN EtherType matching back to user (bsc#1012628).
- igc: Check VLAN TCI mask (bsc#1012628).
- igc: Check VLAN EtherType mask (bsc#1012628).
- ASoC: fsl_rpmsg: Fix error handler with pm_runtime_enable
(bsc#1012628).
- ASoC: mediatek: mt8186: fix AUD_PAD_TOP register and offset
(bsc#1012628).
- mlxbf_gige: fix receive packet race condition (bsc#1012628).
- net: sched: em_text: fix possible memory leak in
em_text_destroy() (bsc#1012628).
- r8169: Fix PCI error on system resume (bsc#1012628).
- net: Implement missing getsockopt(SO_TIMESTAMPING_NEW)
(bsc#1012628).
- selftests: bonding: do not set port down when adding to bond
(bsc#1012628).
- ARM: sun9i: smp: Fix array-index-out-of-bounds read in
sunxi_mc_smp_init (bsc#1012628).
- sfc: fix a double-free bug in efx_probe_filters (bsc#1012628).
- net: bcmgenet: Fix FCS generation for fragmented skbuffs
(bsc#1012628).
- netfilter: nf_nat: fix action not being set for all ct states
(bsc#1012628).
- netfilter: nft_immediate: drop chain reference counter on error
(bsc#1012628).
- net: Save and restore msg_namelen in sock_sendmsg (bsc#1012628).
- i40e: fix use-after-free in i40e_aqc_add_filters()
(bsc#1012628).
- ASoC: meson: g12a-toacodec: Validate written enum values
(bsc#1012628).
- ASoC: meson: g12a-tohdmitx: Validate written enum values
(bsc#1012628).
- ASoC: meson: g12a-toacodec: Fix event generation (bsc#1012628).
- ASoC: meson: g12a-tohdmitx: Fix event generation for S/PDIF mux
(bsc#1012628).
- i40e: Restore VF MSI-X state during PCI reset (bsc#1012628).
- igc: Fix hicredit calculation (bsc#1012628).
- apparmor: Fix move_mount mediation by detecting if source is
detached (bsc#1012628).
- virtio_net: avoid data-races on dev->stats fields (bsc#1012628).
- virtio_net: fix missing dma unmap for resize (bsc#1012628).
- net/qla3xxx: fix potential memleak in ql_alloc_buffer_queues
(bsc#1012628).
- net/smc: fix invalid link access in dumping SMC-R connections
(bsc#1012628).
... changelog too long, skipping 110 lines ...
- commit f421cf4
==== kfilemetadata5 ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kglobalaccel ====
Version update (5.113.0 -> 5.114.0)
Subpackages: kglobalaccel5 libKF5GlobalAccel5 libKF5GlobalAccelPrivate5
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kguiaddons ====
Version update (5.113.0 -> 5.114.0)
Subpackages: libKF5GuiAddons5
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kholidays ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- Changes since 5.113.0:
* Introduce holidays observed in Kenya.
==== khtml ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== ki18n ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kiconthemes ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kidletime ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kimageformats ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- Changes since 5.113.0:
* avif: new quality settings
* Update CI template
* HEIF plug-in extended to support HEJ2 format
==== kinit ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kio ====
Version update (5.113.0 -> 5.114.0)
Subpackages: kio-core
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- Changes since 5.113.0:
* kpropertiesdialog: don't trip over malformed Exec (kde#465290)
* WidgetsAskUserActionHandler: fix backport (kde#448532)
* WidgetsAskUserActionHandler: Use QPointer to check the validity of parent widgets (kde#448532)
==== kirigami2 ====
Version update (5.113.0 -> 5.114.0)
Subpackages: libKF5Kirigami2-5
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- Changes since 5.113.0:
* Make drawer actions accessible
==== kitemmodels ====
Version update (5.113.0 -> 5.114.0)
Subpackages: kitemmodels-imports libKF5ItemModels5
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kitemviews ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kjobwidgets ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- Changes since 5.113.0:
* KUiServerV2JobTracker: prevent potenial use-after-free
==== kjs ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== knewstuff ====
Version update (5.113.0 -> 5.114.0)
Subpackages: knewstuff-imports libKF5NewStuff5 libKF5NewStuffCore5 libKF5NewStuffWidgets5
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== knotifications ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== knotifyconfig ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kpackage ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kparts ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kpeople5 ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kpty ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kquickcharts ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== krunner ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- Changes since 5.113.0:
* DBusRunner: Use /runner as default for X-Plasma-DBusRunner-Path property
==== kservice ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== ktexteditor ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== ktextwidgets ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kunitconversion ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kwallet ====
Version update (5.113.0 -> 5.114.0)
Subpackages: kwallet-tools kwalletd5 libKF5Wallet5 libkwalletbackend5-5
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kwayland ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kwidgetsaddons ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kwindowsystem ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== kxmlgui ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== libKF5ModemManagerQt ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== libKF5NetworkManagerQt ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== libdrm ====
Version update (2.4.119 -> 2.4.120)
Subpackages: libdrm2 libdrm_amdgpu1 libdrm_nouveau2 libdrm_radeon1
- update to 2.4.120
* radeon: fix missing stencil_tile_mode initialisation in the
linear/fallback case
* amdgpu: fix use-after-free
* Sync headers with drm-next
- adjusted
* n_libdrm-drop-valgrind-dep-generic.patch
* n_libdrm-drop-valgrind-dep-intel.patch
- adjusted n_libdrm-drop-valgrind-dep-generic.patch,
n_libdrm-drop-valgrind-dep-intel.patch to fix build
==== libinput ====
Version update (1.24.0 -> 1.25.0)
Subpackages: libinput-udev libinput10
- Update to release 1.25
* Change how left-handed settings are handled for tablets: If
libwacom does not contain a definition for a tablet yet,
libinput defaults to enabling a left-handed setting.
* Quirks for laptops from Dell, Google, Graviton, HP, HUAWEI,
Lenovo and Razer, gadgets like the RollerMouse Pro3 and virtual
machines like GNOME Boxes, VirtualBox or Virtual Machine
Manager are included.
==== libjcat ====
- Do not install test files: pass -Dtest=false to meson instead of
Dtest=true (aids with reproducible build, boo#1218715).
- Add check section and run meson test.
==== libstorage-ng ====
Version update (4.5.171 -> 4.5.173)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- Translated using Weblate (Russian) (bsc#1149754)
- 4.5.173
- merge gh#openSUSE/libstorage-ng#978
- added get_linux_partition_id() taking Arch parameter
- make git ignore javascript in generated documentation
- coding style
- cleanup
- 4.5.172
==== libuv ====
- add ppc64-disable-liburing.patch (bsc#1218365)
==== man-pages ====
- Do not remove bpf-helpers.7, as this is not provided by the bpftool
package any more.
==== microos-tools ====
Version update (2.21+git5 -> 2.21+git9)
- Update to version 2.21+git9:
* Add man-online command
* Drop support for sle15 builds
* Add OBS CI workflow
==== open-lldp ====
Version update (1.1+77.75e83b6fb98e -> 1.1+106.74c0600a8692)
Subpackages: liblldp_clif1
- Update to version v1.1+106.74c0600a8692 (from upstream/branch-1.1):
* lldpad: dcbx: prevent null dereference in dcbx_free_data
* lldpad: ieee8023: reorder disabling pMAC and disabling MM TX
* uapi: Provide a copy of const.h
* dcbx: Fix use-after-free
* dcbx: Fix NULL pointer dereference
* ChangeLog: mention Additional Ethernet Capabilities TLV
* lldptool: add man page for Additional Ethernet Capabilities TLV
* lldptool: add CLI interface for Additional Ethernet Capabilities TLV
* lldpad: ieee8023: allow changing the addFragSize advertisement
* lldpad: ieee8023: add Additional Ethernet Capabilities TLV logic
* lldpad: ieee8023: make ieee8023_data() return a pointer to ieee8023_user_data
* lldpad: ethtool netlink accessors for MAC merge layer
* lldpad: ieee8023: add basic rchange procedure
* uapi: copy ethtool definitions for MAC Merge layer from Linux
* uapi: update linux/netlink.h copy
* uapi: import ethtool kernel headers from net-next
* dcbx: Fix leak when receiving legacy TLVs with mismatched mode
* lldp: Reject frames with duplicate TLVs
* dcbx: Free manifest in rchange callback
* dcbx: Avoid memory leak if ifup is called twice
* ctrl_iface: Fix a memory leak in ctrl_iface_deinit
* lldp: Avoid sending uninitialized data
* lldptool: fix null pointer deference
==== pcr-oracle ====
- Add fix_efi_measure.patch to fix the measurement of EFI binaries
==== pipewire ====
Version update (1.0.0 -> 1.0.1)
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools
- Update to version 1.0.1:
* Highlights
- Work around the buggy ALSA backend in libcanberra by forcing
the pulse backend in module-x11-bell.
- Fix a race in the device info updates in pulse-server.
- Fix timing and rate matching in ALSA sequencer.
- Improve timing information in JACK and from the ALSA driver.
- More small fixes and improvements.
* PipeWire
- Fix a build issue when examples where disabled.
- Avoid some compiler warnings.
- Avoid some bitfield data races. (#3706)
* Modules
- Bump the PTP driver priority. (#3217)
- Support the previous "allowed" permission in the access
module.
- Fix filename leak in module-filter-chain.
- Work around the buggy ALSA backend in libcanberra by forcing
the pulse backend in module-x11-bell. (#3688)
- Fix a race in the device info updates in pulse-server.
- Fix compatibility in RAOP. (#3698)
* SPA
- Handle ALSA picth control errors correctly
- Clamp buffer-frames correctly. (#3000)
- Fix timing and rate matching in ALSA sequencer. (#3657)
- Revert a commit that could result in current time in the
future in the timing updates.
- Improve adapter state checks.
- Remove the timer from the ALSA pcm.
- Fix timeout in freewheel driver.
* Pulse-server
- Also handle active ports for monitor sources.
- Fix zeroconf-publish format properties.
* JACK
- Improve timing and transport calculations.
- Handle -ENOENT from the core and don't error out.
* GStreamer
- Handle node port removal in the device provider. (#3708)
- Improve error handling while connecting.
- Fix dts_offset.
==== plasma-framework ====
Version update (5.113.0 -> 5.114.0)
Subpackages: libKF5Plasma5 plasma-framework-components plasma-framework-desktoptheme
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- Changes since 5.113.0:
* [CI] Fix pipeline include
==== prison-qt5 ====
Version update (5.113.0 -> 5.114.0)
Subpackages: libKF5Prison5 prison-qt5-imports
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== purpose ====
Version update (5.113.0 -> 5.114.0)
Subpackages: libKF5Purpose5 libKF5PurposeWidgets5
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- Changes since 5.113.0:
* Adapt to KAccounts API change
==== python-Jinja2 ====
Version update (3.1.2 -> 3.1.3)
- update to 3.1.3 (bsc#1218722, CVE-2024-22195):
* Fix compiler error when checking if required blocks in parent
templates are xmlattr filter does not allow keys with spaces.
* Make error messages stemming from invalid nesting of {% trans
%} blocks more helpful. :pr:`1916`
==== python-greenlet ====
Version update (3.0.2 -> 3.0.3)
- Update to 3.0.3
* Python 3.12: Restore the full ability to walk the stack of a
suspended greenlet; previously only the innermost frame was
exposed. See issue 388. Fix by Joshua Oreman in PR 393.
- Disable building the docs: Now requires the furo theme, which is
not available.
==== python-lark ====
Version update (1.1.8 -> 1.1.9)
- update to 1.1.9:
* Use MAXWIDTH instead of MAXREPEAT when available
* Fix nested list markdown syntax in how_to_use.md
* Run tests against Python 3.12
==== python-tornado6 ====
- Add patch openssl-3.2.patch gh#tornadoweb/tornado#3355
==== python-urllib3 ====
- Add upstream patch openssl-3.2.patch, to fix tests with opennssl
3.2.0, gh#urllib3/urllib3#3271
==== qqc2-desktop-style ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== samba ====
Version update (4.19.2+git.324.fa0b54b91b -> 4.19.4+git.339.acf1ccaa020)
Subpackages: libsamba-policy0-python3 samba-ad-dc-libs samba-client samba-client-libs samba-libs samba-libs-python3 samba-python3
- Remove -x from bash shebang update-apparmor-samba-profile;
(bsc#1218431).
- Update to 4.19.4
* net changesecretpw cannot set the machine account password if
secrets.tdb is empty; (bso#13577).
* For generating doc, take, if defined, env XML_CATALOG_FILES;
(bso#15540).
* Trivial C typo in nsswitch/winbind_nss_netbsd.c; (bso#15541).
* vfs_linux_xfs is incorrectly named; (bso#15542).
* systemd stumbled over copyright-message at smbd startup;
(bso#15377).
* Following intermediate abolute share-local symlinks is
broken; (bso#15505).
* ctdb RELEASE_IP causes a crash in release_ip if a connection
to a non-public address disconnects first; (bso#15523).
* shadow_copy2 broken when current fileset's directories are
removed; (bso#15544).
* smbd does not detect ctdb public ipv6 addresses for
multichannel exclusion; (bso#15534).
* 'force user = localunixuser' doesn't work if 'allow trusted
domains = no' is set; (bso#15469).
* smbget debug logging doesn't work; (bso#15525).
* smget: username in the smburl and interactive password entry
doesn't work; (bso#15532).
* smbget auth function doesn't set values for password prompt
correctly; (bso#15538).
* Unable to copy and write files from clients to Ceph cluster
via SMB Linux gateway with Ceph VFS module; (bso#15440).
* Multichannel refresh network information; (bso#15547).
- Update to 4.19.3
* sid_strings test broken by unix epoch > 1700000000;
(bso#15520).
* smbd crashes if asked to return full information on close of
a stream handle with delete on close disposition set;
(bso#15487).
* smbd: fix close order of base_fsp and stream_fsp in
smb_fname_fsp_destructor(); (bso#15521).
* Improve logging for failover scenarios; (bso#15499).
* Files without "read attributes" NFS4 ACL permission are not
listed in directories; (bso#15093).
* CVE-2018-14628 [SECURITY] Deleted Object tombstones visible
in AD LDAP to normal users; (bso#13595).
* Kerberos TGS-REQ with User2User does not work for normal
accounts; (bso#15492).
* vfs_gpfs stat calls fail due to file system permissions;
(bso#15507).
* Samba doesn't build with Python 3.12; (bso#15513).
==== selinux-policy ====
Version update (20231124 -> 20240104)
Subpackages: selinux-policy-targeted
- Update to version 20240104:
* Allow keepalived_t read+write kernel_t pipes (bsc#1216060)
* allow rebootmgr to read the system state (bsc#1205931)
==== solid ====
Version update (5.113.0 -> 5.114.0)
Subpackages: libKF5Solid5 solid-imports solid-tools
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== sonnet ====
Version update (5.113.0 -> 5.114.0)
Subpackages: libKF5SonnetCore5 libKF5SonnetUi5 sonnet-imports
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== speech-dispatcher ====
Subpackages: libspeechd2 python3-speechd
- Have speech-dispatcher-module espeak supplement libespeak-ng1,
rather than espeak-ng. The latter provides a binary which is not
used or needed and that might not be installed.
==== syndication ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== syntax-highlighting ====
Version update (5.113.0 -> 5.114.0)
Subpackages: libKF5SyntaxHighlighting5 syntax-highlighting-imports
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== systemd ====
Version update (254.5 -> 254.8)
Subpackages: libsystemd0 libudev1 systemd-boot systemd-coredump systemd-doc udev
- Add 5001-Revert-udev-update-devlink-with-the-newer-device-nod.patch
5002-Revert-udev-revert-workarounds-for-issues-caused-by-.patch
It seems that systemd upstream has a dubious way to fix broken code these
days... let's revert these hacks until a final decision is taken to solve
https://github.com/systemd/systemd/issues/28141. See also
https://github.com/systemd/systemd/pull/30075.
- Import commit 67a5ac1043417d900bf417a884372ae14a96ef69 (merge of v254.8)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/071ac409a0564863657d8f8a5a35e6a…
- udev(-mini)?: ensure %_modulesloaddir exists and is owned
properly. Allows other packages to install modules without worry
of the parent directory. We do not ensure /etc/modules-load.d
exists in the -mini flavor, as that directory is not meant to be
used by packages.
==== texlive ====
- Fix wrong sys link target name for context.lua (Jianhua Lu)
- Use gzip -n9 for bit-reproducible man-pages (Bernhard Wiedemann)
- Re-run spec file generator to include the changes above
==== threadweaver ====
Version update (5.113.0 -> 5.114.0)
- Update to 5.114.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.114.0
- No code change since 5.113.0
==== u-boot-rpiarm64 ====
Version update (2023.10 -> 2024.01)
Subpackages: u-boot-rpiarm64-doc
- Install u-boot-spl.bin.normal.out for StarFive Visionfive2
- Remove ls1012afrdmqspi flavor since it has been removed upstream
with commit b60274e6900ed1b08ad41f6d7fdebb2726ded108
- Update to 2024.01:
* Full changelog available at:
https://source.denx.de/u-boot/u-boot/-/compare/v2023.10...v2024.01
- Add new platforms:
* quartz64-a-rk3566
* quartz64-b-rk3566
* soquartz-blade-rk3566
* soquartz-cm4-rk3566
- Patch queue updated from https://github.com/openSUSE/u-boot.git tumbleweed-2024.01
* Patches dropped:
0017-bootstd-Scan-all-bootdevs-in-a-boot.patch
0018-Revert-bootstd-Scan-all-bootdevs-in.patch
0019-bootstd-Expand-boot-ordering-test-t.patch
0020-bootstd-Correct-logic-for-single-uc.patch
0021-bootstd-Scan-all-bootdevs-in-a-boot.patch
* Patches added:
0017-rpi5-add-initial-memory-map-for-bcm.patch
0018-rpi5-Use-devicetree-as-alternative-.patch
0019-rpi5-Use-devicetree-to-retrieve-boa.patch
0020-bcm2835-brcm-bcm2708-fb-device-is-u.patch
0021-mmc-bcmstb-Add-support-for-bcm2712-.patch
0022-configs-rpi_arm64-enable-SDHCI-BCMS.patch
0023-pci-pcie-brcmstb-Add-bcm2712-PCIe-c.patch
==== vte ====
- Provide and Obsolete old typelib-1_0-Vte-2.91 package whose
%{_binver} used the same exact value as %{_apiver}.
==== xdg-desktop-portal ====
- Also own the packaging directory used by portals themselves
==== zlib-ng-compat ====
Version update (2.1.5 -> 2.1.6)
- update to 2.1.6:
* This release also improves on the functable implementation,
and also moves its initialization to happen in deflateInit()
and inflateInit(). We also have some optimizations for RVV
and ARM.
* Fix inflateCopy corruption caused by change in 2.1.4 #1628
* This is a regression caused by a change introduced in 2.1.4
* Initialize functable without TLS, using atomics #1609
* Initialize functable early, during DeflateInit and
InflateInit #1613
* Add FAR macro to zlib-compat headers to improve compatibility
* Improve performance of crc32_acle on 32-bit ARM #1397
* Add support for __attribute__((__target__(...))) to overcome
limitations of -march=native #1620
* Remove tab character in ACLE uqsub16 assembly #1627
* Optimize adler32_fold_copy using RVV #1597
* Simplify AVX2 and AVX512 adler32_fold_copy by removing
templates #1599
* Don't attempt ARMv6 detection on AARCH64 #1617
* Prevent tests writing into source directory #1604
* CMake: Fix clang-cl warnings #1591
* CMake: Export cmake target #1601 #1611
* CMake: Remove duplicate enable tests option #1610
* CMake: Fix reading version information from zlib.h.in #1614
* CMake: Check whether compiler supports -march=native or
- mcpu=native #1618
* CMake: Always run compiler feature tests without LTO #1622
* CMake: Make sure uqsub16 check doesn't get optimized away
with LTO #1619
* CMake: Update to GoogleTest 1.12.1 #1623
* Don't disable GoogleTest because of old CMake version #1623
[#1638]
- update filelists
==== zstd ====
Subpackages: libzstd1
- Disable build of gzip for Leap 15.x to fix build error.
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
git
gnome-shell (45.2 -> 45.3)
grub2 (2.12~rc1 -> 2.12)
gvfs (1.52.1 -> 1.52.2)
hwdata (0.377 -> 0.378)
kernel-default-base
libcap-ng (0.8.3 -> 0.8.4)
libgxps (0.3.2 -> 0.3.2+5)
libstorage-ng (4.5.170 -> 4.5.171)
libxkbcommon
libzypp (17.31.27 -> 17.31.28)
mdadm
mpg123 (1.32.3 -> 1.32.4)
mutter (45.2 -> 45.3)
ncurses (6.4.20231202 -> 6.4.20240106)
protobuf (4.23.4 -> 4.25.1)
publicsuffix (20231213 -> 20240107)
redis (7.2.3 -> 7.2.4)
sg3_utils (1.48+6.7f43e14 -> 1.48+7.63e63cb)
shadow
yast2-core (5.0.1 -> 5.0.2)
yast2-packager (5.0.1 -> 5.0.2)
=== Details ===
==== git ====
- gitweb AppArmor profile: allow reading etc/gitweb-common.conf
(boo#1218664)
==== gnome-shell ====
Version update (45.2 -> 45.3)
Subpackages: gnome-extensions gnome-shell-calendar
- Update to version 45.3:
+ Allow any enter key to be used to screenshot.
+ Fix spinner in light style variant.
+ Improve formatting of extension errors.
+ Fixed crash.
+ Misc. bug fixes and cleanups.
+ Updated translations.
- Drop gnome-shell_nb_fix_trans.patch: fixed upstream.
==== grub2 ====
Version update (2.12~rc1 -> 2.12)
Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin
- Version bump to 2.12 (PED-5589)
* Added:
- grub-2.12.tar.xz
- fix_no_extra_deps_in_release_tarball.patch
* Removed:
- grub-2.12~rc1.tar.xz
* Patch dropped as it merged into new version:
- 0001-disk-cryptodisk-Fix-missing-change-when-updating-to-.patch
- 0001-fs-btrfs-Zero-file-data-not-backed-by-extents.patch
- 0001-fs-ntfs-Fix-an-OOB-write-when-parsing-the-ATTRIBUTE_.patch
- 0002-fs-ntfs-Fix-an-OOB-read-when-reading-data-from-the-r.patch
- 0003-fs-ntfs-Fix-an-OOB-read-when-parsing-directory-entri.patch
- 0004-fs-ntfs-Fix-an-OOB-read-when-parsing-bitmaps-for-ind.patch
- 0005-fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-label.patch
- 0006-fs-ntfs-Make-code-more-readable.patch
- 0001-kern-ieee1275-init-Restrict-high-memory-in-presence-.patch
- 0001-fs-xfs-Incorrect-short-form-directory-data-boundary-.patch
- 0002-fs-xfs-Fix-XFS-directory-extent-parsing.patch
- 0003-fs-xfs-add-large-extent-counters-incompat-feature-su.patch
- 0001-mkstandalone-ensure-stable-timestamps-for-generated-.patch
- 0002-mkstandalone-ensure-deterministic-tar-file-creation-.patch
* Patch adjusted for the updated base version:
- use-grub2-as-a-package-name.patch
- grub2-s390x-04-grub2-install.patch
- grub2-btrfs-04-grub2-install.patch
- grub2-ppc64le-disable-video.patch
- 0002-AUDIT-0-http-boot-tracker-bug.patch
- 0001-Unify-the-check-to-enable-btrfs-relative-path.patch
- 0003-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch
- 0004-Add-suport-for-signing-grub-with-an-appended-signatu.patch
- 0016-grub-install-support-embedding-x509-certificates.patch
- 0021-appended-signatures-documentation.patch
- 0022-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch
- safe_tpm_pcr_snapshot.patch
==== gvfs ====
Version update (1.52.1 -> 1.52.2)
Subpackages: gvfs-backend-afc gvfs-backend-goa gvfs-backend-samba gvfs-backends gvfs-fuse
- Update to version 1.52.2:
+ smb: Fix livelock when mounting share without enough
permissions.
+ smb: Fi moving files across filesystem boundaries.
+ Updated transltions.
==== hwdata ====
Version update (0.377 -> 0.378)
- update to 0.378:
* Update pci, usb and vendor ids
==== kernel-default-base ====
- Add dm-crypt for encrypted hard disk support
- Add dmi-sysfs for systemd to receive credentials via smbios
==== libcap-ng ====
Version update (0.8.3 -> 0.8.4)
- Update to version 0.8.4
* In capng_change_id, clear PR_SET_KEEPCAPS if returning an error
* pscap: add -p option for reporting a specified process
* Annotate function prototypes to warn if results are unused
* Drop python2 support
==== libgxps ====
Version update (0.3.2 -> 0.3.2+5)
- Update to version 0.3.2+5:
+ DOAP: Fix 'bug-database' value to point to GNOME GitLab Issues
+ images:
- For jpeg images try to get the image resolution from exif
first
- Add support for jpeg images with CMYK color space
+ Fix compiler warnings
+ Fix meson warnings
- Switch to git checkout via source service, use explicit commit.
- Use ldconfig_scriptlets macro for post(un) handling.
- Update URL to new home.
- Drop no longer needed libgxps-rpmlintrc.
==== libstorage-ng ====
Version update (4.5.170 -> 4.5.171)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- merge gh#openSUSE/libstorage-ng#977
- provide light_probe function with SystemInfo parameter
- 4.5.171
==== libxkbcommon ====
Subpackages: libxkbcommon-x11-0 libxkbcommon0 libxkbregistry0
- add libxkbregistry-devel to baselibs for use by wine-32bit. (bsc#1218640)
==== libzypp ====
Version update (17.31.27 -> 17.31.28)
- Fix to build with libxml 2.12.x (fixes #505)
- version 17.31.28 (22)
==== mdadm ====
- Update mdadm to latest upstream state upto commit
582945c2d3bb. (jsc#PED-7542)
1) The testing changes are not included here.
2) Code clean up, and more helper routines added for Manage.c,
Monitor.c, mdadm.c, ReadMe.c, super-intel.c, super0.c, super1.c,
Create.c, Incremental.c and so on.
3) Man page update for mdadm.8.in.
4) Several memory leak and double free fixes.
5) Check /etc/initrd-release for whether systemd running on an initrd.
- Manage: Block unsafe member failing
0062-Manage-Block-unsafe-member-failing.patch
- Mdmonitor: Split alert() into separate functions
0063-Mdmonitor-Split-alert-into-separate-functions.patch
- Monitor: block if monitor modes are combined.
0064-Monitor-block-if-monitor-modes-are-combined.patch
- Update mdadm Monitor manual.
0065-Update-mdadm-Monitor-manual.patch
- mdadm: create ident_init()
0066-mdadm-create-ident_init.patch
- mdadm: Add option validation for --update-subarray
0067-mdadm-Add-option-validation-for-update-subarray.patch
- Fix --update-subarray on active volume
0068-Fix-update-subarray-on-active-volume.patch
- Add code specific update options to enum.
0069-Add-code-specific-update-options-to-enum.patch
- super-ddf: Remove update_super_ddf.
0070-super-ddf-Remove-update_super_ddf.patch
- super0: refactor the code for enum
0071-super0-refactor-the-code-for-enum.patch
- super1: refactor the code for enum
0072-super1-refactor-the-code-for-enum.patch
- super-intel: refactor the code for enum
0073-super-intel-refactor-the-code-for-enum.patch
- Change update to enum in update_super and update_subarray
0074-Change-update-to-enum-in-update_super-and-update_sub.patch
- Manage&Incremental: code refactor, string to enum
0075-Manage-Incremental-code-refactor-string-to-enum.patch
- Change char* to enum in context->update & refactor code
0076-Change-char-to-enum-in-context-update-refactor-code.patch
- mdadm/udev: Don't handle change event on raw devices
0077-mdadm-udev-Don-t-handle-change-event-on-raw-devices.patch
- Manage: do not check array state when drive is removed
0078-Manage-do-not-check-array-state-when-drive-is-remove.patch
- incremental, manage: do not verify if remove is safe
0079-incremental-manage-do-not-verify-if-remove-is-safe.patch
- super-intel: make freesize not required for chunk size
0080-super-intel-make-freesize-not-required-for-chunk-siz.patch
- manage: move comment with function description
0081-manage-move-comment-with-function-description.patch
- Fix NULL dereference in super_by_fd
0082-Fix-NULL-dereference-in-super_by_fd.patch
- Mdmonitor: Make alert_info global
0083-Mdmonitor-Make-alert_info-global.patch
- Mdmonitor: Pass events to alert() using enums instead of
0084-Mdmonitor-Pass-events-to-alert-using-enums-instead-o.patch
- Mdmonitor: Add helper functions
0085-Mdmonitor-Add-helper-functions.patch
- Add helpers to determine whether directories or files are
0086-Add-helpers-to-determine-whether-directories-or-file.patch
- Mdmonitor: Refactor write_autorebuild_pid()
0087-Mdmonitor-Refactor-write_autorebuild_pid.patch
- Mdmonitor: Refactor check_one_sharer() for better error
0088-Mdmonitor-Refactor-check_one_sharer-for-better-error.patch
- util.c: reorder code lines in parse_layout_faulty()
0089-util.c-reorder-code-lines-in-parse_layout_faulty.patch
- util.c: fix memleak in parse_layout_faulty()
0090-util.c-fix-memleak-in-parse_layout_faulty.patch
- Detail.c: fix memleak in Detail()
0091-Detail.c-fix-memleak-in-Detail.patch
- isuper-intel.c: fix double free in load_imsm_mpb()
0092-isuper-intel.c-fix-double-free-in-load_imsm_mpb.patch
- super-intel.c: fix memleak in find_disk_attached_hba()
0093-super-intel.c-fix-memleak-in-find_disk_attached_hba.patch
- super-ddf.c: fix memleak in get_vd_num_of_subarray()
0094-super-ddf.c-fix-memleak-in-get_vd_num_of_subarray.patch
- Create: goto abort_locked instead of return 1 in error path
0095-Create-goto-abort_locked-instead-of-return-1-in-erro.patch
- Create: remove safe_mode_delay local variable
0096-Create-remove-safe_mode_delay-local-variable.patch
- Create: Factor out add_disks() helpers
0097-Create-Factor-out-add_disks-helpers.patch
- mdadm: Introduce pr_info()
0098-mdadm-Introduce-pr_info.patch
- mdadm: Add --write-zeros option for Create
0099-mdadm-Add-write-zeros-option-for-Create.patch
- manpage: Add --write-zeroes option to manpage
0100-manpage-Add-write-zeroes-option-to-manpage.patch
- Define alignof using _Alignof when using C11 or newer
0101-Define-alignof-using-_Alignof-when-using-C11-or-newe.patch
- Use existence of /etc/initrd-release to detect initrd.
0102-Use-existence-of-etc-initrd-release-to-detect-initrd.patch
- Create: Fix checking for container in update_metadata
0103-Create-Fix-checking-for-container-in-update_metadata.patch
==== mpg123 ====
Version update (1.32.3 -> 1.32.4)
Subpackages: libmpg123-0 mpg123-openal
- Update to version 1.32.4
build:
* Reorganize shared headers, API headers into src/include.
* Use relative include paths, avoiding internal directories in
CPPFLAGS except for config.h.
* Group C99 feature checks and make several standard headers
mandatory.
* Get rid of SIZE_P, OFF_P and friends.
* Only enforce dummy module together with libout123, to be able
to build individual modules using --disable-components logic.
out123:
* added --libversion
libmpg123:
* Avoid indirect branches into the assembly routines by using C
wrappers also for dct36, relieving us of the need to care for
bti / endbr i nstructions for control flow integrity.
==== mutter ====
Version update (45.2 -> 45.3)
- Update to version 45.3:
+ Fix handling of relative mode for tablets.
+ Fix forcing EGLStream with NVIDIA proprietary driver.
+ Sync geometry only when window is mapped.
+ Improve repick due to transform changes.
+ wayland/client: Add make_desktop() method.
+ Fix occasional artifacts at top of X11 fullscreen windows.
+ background: Fix background color around image.
+ Fixed crashes.
+ Plugged leaks.
+ Misc. bug fixes and cleanups.
+ Updated translations.
==== ncurses ====
Version update (6.4.20231202 -> 6.4.20240106)
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen
- Add foot to terminfo-base. It's the most compliant wayland
terminal emulator according to
https://github.com/dankamongmen/notcurses/blob/master/TERMINALS.md
- Add ncurses patch 20240106
+ use ansi+arrows, ansi+apparrows, ansi+csr, ansi+erase, ansi+idc,
ansi+idc1, ansi+idl, ansi+idl1, ansi+inittabs to trim -TD
+ minor manpage formatting changes for consistency.
+ modify doc-html test package's install-directory, per lintian.
+ add attr_get.3x to man_db.renames.in (patch by Sven Joachim).
- Add ncurses patch 20231230
+ improve formatting/style of manpages (patches by Branden Robinson).
+ add ms-vt100-16color, winconsole -TD
+ add rio, rio-direct -TD
+ add mostlike -TD
+ add wezterm, contour -TD
- Add ncurses patch 20231223
+ improve formatting/style of manpages (patches by Branden Robinson).
- Add ncurses patch 20231217
+ improve formatting/style of manpages (patches by Branden Robinson).
+ correct an assignment in infocmp "-u" for detecting if a boolean
is unset in a base entry and set in a use'd chunk, i.e., if it was
cancelled.
+ modify infocmp "-u" option to not report cancels for strings which
were already cancelled in a use'd chunk.
+ join two lines in infotocap.3x to eliminate a spurious "description"
link in installed manpages (report by Sven Joachim).
+ fix typo in NEWS (report by Sven Joachim).
- Port patches
* ncurses-5.9-ibm327x.dif
* ncurses-6.4.dif
==== protobuf ====
Version update (4.23.4 -> 4.25.1)
- update to 25.1:
* Raise warnings for deprecated python syntax usages
* Add support for extensions in CRuby, JRuby, and FFI Ruby
* Add support for options in CRuby, JRuby and FFI (#14594)
- update to 25.0:
* Implement proto2/proto3 with editions
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add utf8_validation feature back to the global feature set.
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Merge the protobuf and upb Bazel repos
* Editions: Introduce functionality to protoc for generating
edition feature set defaults.
* Editions: Migrate edition strings to enum in C++ code.
* Create a reflection helper for ExtensionIdentifier.
* Editions: Provide an API for C++ generators to specify their
features.
* Editions: Refactor feature resolution to use an intermediate
message.
* Publish extension declarations with declaration
verifications.
* Editions: Stop propagating partially resolved feature sets to
plugins.
* Editions: Migrate string_field_validation to a C++ feature
* Editions: Include defaults for any features in the generated
pool.
* Protoc: parser rejects explicit use of map_entry option
* Protoc: validate that reserved range start is before end
* Protoc: support identifiers as reserved names in addition to
string literals (only in editions)
* Drop support for Bazel 5.
* Allow code generators to specify whether or not they support
editions.
[#] C++
* Set `PROTOBUF_EXPORT` on
`InternalOutOfLineDeleteMessageLite()`
* Update stale checked-in files
* Apply PROTOBUF_NOINLINE to declarations of some functions
that want it.
* Implement proto2/proto3 with editions
* Make JSON UTF-8 boundary check inclusive of the largest
possible UTF-8 character.
* Reduce `Map::size_type` to 32-bits. Protobuf containers can't
have more than that
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
oneof accessors.
* Fix bug in reflection based Swap of map fields.
* Add utf8_validation feature back to the global feature set.
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Add prefetching to arena allocations.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
repeated and map field accessors.
* Editions: Migrate edition strings to enum in C++ code.
* Create a reflection helper for ExtensionIdentifier.
* Editions: Provide an API for C++ generators to specify their
features.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
string field accessors.
* Editions: Refactor feature resolution to use an intermediate
message.
* Fixes for 32-bit MSVC.
* Publish extension declarations with declaration
verifications.
* Export the constants in protobuf's any.h to support DLL
builds.
* Implement AbslStringify for the Descriptor family of types.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
message field accessors.
* Editions: Stop propagating partially resolved feature sets to
plugins.
* Editions: Migrate string_field_validation to a C++ feature
* Editions: Include defaults for any features in the generated
pool.
* Introduce C++ feature for UTF8 validation.
* Protoc: validate that reserved range start is before end
* Remove option to disable the table-driven parser in protoc.
* Lock down ctype=CORD in proto file.
* Support split repeated fields.
* In OSS mode omit some extern template specializations.
* Allow code generators to specify whether or not they support
editions.
[#] Java
* Implement proto2/proto3 with editions
* Remove synthetic oneofs from Java gencode field accessor
tables.
* Timestamps.parse: Add error handling for invalid
hours/minutes in the timezone offset.
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
oneof accessors.
* Add missing debugging version info to Protobuf Java gencode
when multiple files are generated.
* Fix a bad cast in putBuilderIfAbsent when already present due
to using the result of put() directly (which is null if it
... changelog too long, skipping 54 lines ...
* Fix `PyUpb_Message_MergeInternal` segfault
==== publicsuffix ====
Version update (20231213 -> 20240107)
- Update to version 20240107:
* Remove homeoffice.gov.uk (#1909)
* util: gTLD data autopull updates for 2024-01-06T15:12:04 UTC (#1918)
==== redis ====
Version update (7.2.3 -> 7.2.4)
- redis 7.2.4: (boo#1218646)
- Security fixes
- (CVE-2023-41056) In some cases, Redis may incorrectly handle
resizing of memory buffers which can result in incorrect
accounting of buffer sizes and lead to heap overflow and
potential remote code execution.
- Bug fixes
- Fix crashes of cluster commands clusters with mixed versions
of 7.0 and 7.2 (#12805, #12832)
- Fix slot ownership not being properly handled when deleting a
slot from a node (#12564)
- Fix atomicity issues with the RedisModuleEvent_Key module API
event (#12733)
==== sg3_utils ====
Version update (1.48+6.7f43e14 -> 1.48+7.63e63cb)
Subpackages: libsgutils2-1_48-2
- Fix spurious warning for non-SCSI devices (boo#1218666)
==== shadow ====
Subpackages: libsubid4 login_defs
- bsc#1199026 bsc#1203823:
Remove pam_keyinit from PAM configuration.
This was introduced for bsc#1144060.
==== yast2-core ====
Version update (5.0.1 -> 5.0.2)
- Don't close file descriptors in .target.bash calls (bsc#1218064)
avoiding "[ASYNC BUG] rb_thread_wakeup_timer_thread: write(3) EBADF"
with Ruby 3.3
- 5.0.2
==== yast2-packager ====
Version update (5.0.1 -> 5.0.2)
- After installation disable the empty installation repository
from the SLE15 Online medium (bsc#1182303)
- 5.0.2
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
alsa-utils
argyllcms (3.0.2 -> 3.1.0)
containerd
curl
firewalld (2.0.2 -> 2.1.0)
git
gnome-software
google-noto-sans-cjk-fonts
kernel-source (6.6.9 -> 6.6.10)
python-attrs (23.1.0 -> 23.2.0)
python-greenlet
python-typing_extensions (4.8.0 -> 4.9.0)
sg3_utils (1.48+3.b642f6a -> 1.48+6.7f43e14)
vulkan-loader
wtmpdb (0.10.0 -> 0.11.0)
=== Details ===
==== alsa-utils ====
- Backport upstream fixes:
buffer overflow fixes in aplay, segfault in aplaymidi, etc:
0008-topology-include-locale.h.patch
0009-nhlt-dmic-info.c-include-sys-types.h.patch
0010-topology-pre-processor-Add-support-for-enum-controls.patch
0011-configure.ac-fix-UMP-support-detection.patch
0012-bat-really-skip-analysis-of-the-first-period-and-upd.patch
0013-topology-add-include-for-ENABLE_NLS-on-musl.patch
0014-nhlt-use-stdint.h-types.patch
0015-Revert-nhlt-dmic-info.c-include-sys-types.h.patch
0016-aplay-use-stdint.h-types-instead-u_int-u_short-u_cha.patch
0017-alsa-restore.rules-use-devnode-instead-number-atribu.patch
0018-nhlt-Revert-SSP_ANALOG-device_type-field.patch
0019-alsactl-fix-potential-buffer-overwrite.patch
0020-aplay-fix-buffer-overflow-and-tainted-format-string.patch
0021-misc-fix-incorrect-usages-of-strerror.patch
0022-aplay-Add-option-for-specifying-subformat.patch
0023-aplay-allow-to-compile-with-older-alsa-lib-subformat.patch
0024-aplay-log-pcm-status-before-reporting-a-fatal-error.patch
0025-aplay-enable-timestamps-by-default.patch
0026-aplay-status-dumps-are-called-only-in-verbose-mode.patch
0027-aplaymidi-Set-event-completely-for-tempo-event.patch
==== argyllcms ====
Version update (3.0.2 -> 3.1.0)
- update to 3.1.0:
* Fixed bug in CMYK profile B2A table creation that sometimes resulted in
bumpy black generation. (Only occurred when compiled using recent gcc with
code optimization.)
* Changed ICC profile serialization of pure ASCII text tags emit a warning
rather than error if they are fed non-ASCII utf8 input.
* Made ICC code a little more robust against bad profiles. (Thanks to David Hoyt).
* Fixed latent bug in X11 plot code that caused window not to be created or
updated when dowait == 0. This shows up on Linux as failure of spotread -S
to show spectral plot.
* Fixed problem with colorhug not noticing errors from the instrument.
* Updated scanin/it8Wolf.cht to improve accuracy of grey wedge patch recognition.
* Merged some Debian patches, including spelling fixes.
==== containerd ====
- Add patch for bsc#1217952:
+ 0002-shim-Create-pid-file-with-0644-permissions.patch
==== curl ====
Subpackages: libcurl4
- Added curl-adjust-pollset-fix.patch to fix broken MPD http streaming:
https://github.com/curl/curl/issues/12632
==== firewalld ====
Version update (2.0.2 -> 2.1.0)
Subpackages: firewalld-bash-completion python3-firewall
- update to 2.1.0:
* eat(service): add DNS over QUIC (DoQ) Service (5130430)
* feat(icmp): add ICMPv6 Multicast Listener Discovery (MLD) types (dd88bbf)
* feat(fw): add ReloadPolicy option in firewalld.conf (0019371)
* feat(service): add submission service (tcp 587) (d6a9561)
* feat(service): Add alvr (3a92358)
* feat(service): add vrrp (d62fc8d)
[* Renamed patch 0002-Disable-FlushAllOnReload-option.patch to
0001-Disable-FlushAllOnReload-option.patch
[* Renamed patch firewalld-runstatedir.patch to 0002-firewalld-runstatedir.patch]
==== git ====
- git moved to /usr/libexec/git/git, update AppArmor profile
accordingly (boo#1218588)
==== gnome-software ====
Subpackages: gnome-software-plugin-packagekit
- Do not use _distconfdir on SLE/Leap less than version 16.
==== google-noto-sans-cjk-fonts ====
Subpackages: google-noto-sans-jp-bold-fonts google-noto-sans-jp-fonts google-noto-sans-jp-regular-fonts google-noto-sans-kr-bold-fonts google-noto-sans-kr-fonts google-noto-sans-kr-regular-fonts google-noto-sans-sc-bold-fonts google-noto-sans-sc-fonts google-noto-sans-sc-regular-fonts google-noto-sans-tc-bold-fonts google-noto-sans-tc-fonts google-noto-sans-tc-regular-fonts
- Redownload zip fonts file from upstream, they were changed
during github migration somehow.
==== kernel-source ====
Version update (6.6.9 -> 6.6.10)
- Refresh
patches.suse/firewire-ohci-suppress-unexpected-system-reboot-in-A.patch.
Update upstream status and move to sorted section.
- commit 7d3b8d0
- Linux 6.6.10 (bsc#1012628).
- Revert "platform/x86: p2sb: Allow p2sb_bar() calls during PCI
device probe" (bsc#1012628).
- netfilter: nf_tables: skip set commit for deleted/destroyed sets
(bsc#1012628).
- wifi: nl80211: fix deadlock in nl80211_set_cqm_rssi (6.6.x)
(bsc#1012628).
- wifi: cfg80211: fix CQM for non-range use (bsc#1012628).
- tracing: Fix blocked reader of snapshot buffer (bsc#1012628).
- ftrace: Fix modification of direct_function hash while in use
(bsc#1012628).
- ring-buffer: Fix wake ups when buffer_percent is set to 100
(bsc#1012628).
- Revert "nvme-fc: fix race between error recovery and creating
association" (bsc#1012628).
- mm/memory-failure: check the mapcount of the precise page
(bsc#1012628).
- mm/memory-failure: cast index to loff_t before shifting it
(bsc#1012628).
- mm: migrate high-order folios in swap cache correctly
(bsc#1012628).
- mm/filemap: avoid buffered read/write race to read inconsistent
data (bsc#1012628).
- selftests: secretmem: floor the memory size to the multiple
of page_size (bsc#1012628).
- maple_tree: do not preallocate nodes for slot stores
(bsc#1012628).
- platform/x86: p2sb: Allow p2sb_bar() calls during PCI device
probe (bsc#1012628).
- ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()
(bsc#1012628).
- platform/x86/intel/pmc: Move GBE LTR ignore to suspend callback
(bsc#1012628).
- platform/x86/intel/pmc: Allow reenabling LTRs (bsc#1012628).
- platform/x86/intel/pmc: Add suspend callback (bsc#1012628).
- block: renumber QUEUE_FLAG_HW_WC (bsc#1012628).
- mptcp: fix inconsistent state on fastopen race (bsc#1012628).
- mptcp: fix possible NULL pointer dereference on close
(bsc#1012628).
- mptcp: refactor sndbuf auto-tuning (bsc#1012628).
- linux/export: Ensure natural alignment of kcrctab array
(bsc#1012628).
- linux/export: Fix alignment for 64-bit ksymtab entries
(bsc#1012628).
- kexec: select CRYPTO from KEXEC_FILE instead of depending on it
(bsc#1012628).
- kexec: fix KEXEC_FILE dependencies (bsc#1012628).
- Update config files.
The defaults for s390 taken from the master branch.
- virtio_ring: fix syncs DMA memory with different direction
(bsc#1012628).
- fs: cifs: Fix atime update check (bsc#1012628).
- client: convert to new timestamp accessors (bsc#1012628).
- fs: new accessor methods for atime and mtime (bsc#1012628).
- ksmbd: avoid duplicate opinfo_put() call on error of
smb21_lease_break_ack() (bsc#1012628).
- ksmbd: lazy v2 lease break on smb2_write() (bsc#1012628).
- ksmbd: send v2 lease break notification for directory
(bsc#1012628).
- ksmbd: downgrade RWH lease caching state to RH for directory
(bsc#1012628).
- ksmbd: set v2 lease capability (bsc#1012628).
- ksmbd: set epoch in create context v2 lease (bsc#1012628).
- ksmbd: don't update ->op_state as OPLOCK_STATE_NONE on error
(bsc#1012628).
- ksmbd: move setting SMB2_FLAGS_ASYNC_COMMAND and AsyncId
(bsc#1012628).
- ksmbd: release interim response after sending status pending
response (bsc#1012628).
- ksmbd: move oplock handling after unlock parent dir
(bsc#1012628).
- ksmbd: separately allocate ci per dentry (bsc#1012628).
- ksmbd: prevent memory leak on error return (bsc#1012628).
- ksmbd: fix kernel-doc comment of ksmbd_vfs_kern_path_locked()
(bsc#1012628).
- ksmbd: no need to wait for binded connection termination at
logoff (bsc#1012628).
- ksmbd: add support for surrogate pair conversion (bsc#1012628).
- ksmbd: fix missing RDMA-capable flag for IPoIB device in
ksmbd_rdma_capable_netdev() (bsc#1012628).
- ksmbd: fix kernel-doc comment of ksmbd_vfs_setxattr()
(bsc#1012628).
- ksmbd: reorganize ksmbd_iov_pin_rsp() (bsc#1012628).
- ksmbd: Remove unused field in ksmbd_user struct (bsc#1012628).
- commit b5b393f
- Delete doc/config-options.changes (jsc#PED-5021)
Following on adedbd2a5c6 ("kernel-source: Remove config-options.changes
(jsc#PED-5021)"), remove the now unused file from the tree.
- commit e04388e
- Refresh
patches.suse/firewire-ohci-suppress-unexpected-system-reboot-in-A.patch.
Update upstream status.
- commit 6da42fc
- Update config files.
Only run oldconfig to keep up with the lost configs.
... changelog too long, skipping 19 lines ...
- commit aa5424d
==== python-attrs ====
Version update (23.1.0 -> 23.2.0)
- update to 23.2.0:
* The type annotation for `attrs.resolve_types()` is now
correct.
* Type stubs now use `typing.dataclass_transform` to decorate
dataclass-like decorators, instead of the non-standard
`__dataclass_transform__` special form, which is only
supported by Pyright.
* Fixed serialization of namedtuple fields using
`attrs.asdict/astuple()` with `retain_collection_types=True`.
* `attrs.AttrsInstance` is now a `typing.Protocol` in both type
hints and code.
* This allows you to subclass it along with another `Protocol`.
* If *attrs* detects that `__attrs_pre_init__` accepts more
than just `self`, it will call it with the same arguments as
`__init__` was called.
* This allows you to, for example, pass arguments to
`super().__init__()`.
* Slotted classes now transform `functools.cached_property`
decorated methods to support equivalent semantics.
* Added *class_body* argument to `attrs.make_class()` to
provide additional attributes for newly created classes.
* It is, for example, now possible to attach methods.
==== python-greenlet ====
- require setuptools
==== python-typing_extensions ====
Version update (4.8.0 -> 4.9.0)
- update to 4.9.0:
* This feature release adds `typing_extensions.ReadOnly`, as
specified by PEP 705, and makes various other improvements,
especially to `(a)typing_extensions.deprecated()`.
* Add support for PEP 705, adding `typing_extensions.ReadOnly`.
* All parameters on `NewType.__call__` are now positional-only.
This means that the signature of
`typing_extensions.NewType.__call__` now exactly matches the
* signature of `typing.NewType.__call__`.
* Fix bug with using `@deprecated` on a mixin class.
* Exclude `__match_args__` from `Protocol` members.
* When creating a `typing_extensions.NamedTuple` class, ensure
`__set_name__` is called on all objects that define
`__set_name__` and exist in the values of the `NamedTuple`
class's class dictionary.
==== sg3_utils ====
Version update (1.48+3.b642f6a -> 1.48+6.7f43e14)
Subpackages: libsgutils2-1_48-2
- Upstream bug fixes for sg3_utils 1.48 (bsc#1218591)
* sg_turs: fix missing CDB on several codepaths
* sg_dd: fix bug that identified all block devices as NVME
* rescan-scsi-bus.sh: avoid root FS going read-only with
"rescan-scsi-bus.sh -r" (gh#doug-gilbert/sg3_utils#46)
==== vulkan-loader ====
- Align the fallback XDG config dirs with SUSE spec in-case it
can't read it from the environment
==== wtmpdb ====
Version update (0.10.0 -> 0.11.0)
Subpackages: libwtmpdb0
- Update to version 0.11.0
- last: add support for time-format option
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
checkpolicy (3.5 -> 3.6)
cronie
glibc
libselinux (3.5 -> 3.6)
libselinux-bindings (3.5 -> 3.6)
libsemanage (3.5 -> 3.6)
libsepol (3.5 -> 3.6)
netcfg
policycoreutils (3.5 -> 3.6)
python-referencing (0.32.0 -> 0.32.1)
python-semanage (3.5 -> 3.6)
python311 (3.11.6 -> 3.11.7)
python311-core (3.11.6 -> 3.11.7)
update-alternatives (1.22.1 -> 1.22.2)
=== Details ===
==== checkpolicy ====
Version update (3.5 -> 3.6)
- Update to version 3.6
https://github.com/SELinuxProject/selinux/releases/tag/3.6
* checkpolicy: Add the command line argument -N, --disable-neverallow
* dispol: add option to display users, drop duplicate option to display booleans,
show number of entries before listing them
* dispol: Add the ability to show booleans, classes, roles, types and type attributes of policies
* dispol: add options: --actions ACTIONS, --help
* dismod: add options: --actions ACTIONS, --help
* Add notself support for neverallow rules
* Improve man pages
* man pages: Remove the Russian translations
* Add notself and other support to CIL
* Add support for deny rules
* Translations updated from
https://translate.fedoraproject.org/projects/selinux/
* Bug fixes
- Remove keys from keyring since they expired:
- E853C1848B0185CF42864DF363A8AD4B982C4373
Petr Lautrbach <plautrba(a)redhat.com>
- 63191CE94183098689CAB8DB7EF137EC935B0EAF
Jason Zaman <jasonzaman(a)gmail.com>
- Add key to keyring:
- B8682847764DF60DF52D992CBC3905F235179CF1
Petr Lautrbach <lautrbach(a)redhat.com>
==== cronie ====
Subpackages: cron
- Update to 1.7.0:
* anacron: Add support for NO_MAIL_OUTPUT environment variable
* anacron: Support enabling anacron jobs on battery power
* crond: Support -n crontab entry option to disable mailing the output
* crontab: Make a backup of the crontab file on edition and deletion
- Add patch cronie-pam_config-nonlogin.diff
- Refreshed patches:
* cronie-crond_pid.diff
* cronie-pam_config.diff
* cronie-nheader_lines.diff
* fix-manpage-replace-anacrontab-with-crontab.patch
- PAM: Use common-session-nonlogin for >15 codestreams
More info in https://github.com/SUSE/pam-config/pull/16
==== glibc ====
Subpackages: glibc-extra glibc-locale glibc-locale-base
- sem-open-o-creat.patch: sem_open: Clear O_CREAT when semaphore file is
expected to exist (BZ #30789)
- ldconfig-process-elf-file.patch: elf: Fix wrong break removal from
8ee878592c
- tls-modid-reuse.patch: elf: Fix TLS modid reuse generation assignment
(BZ #29039)
- getaddrinfo-eai-memory.patch: getaddrinfo: translate ENOMEM to
EAI_MEMORY (bsc#1217589, BZ #31163)
- libio-wdo-write.patch: libio: Check remaining buffer size in
_IO_wdo_write (BZ #31183)
==== libselinux ====
Version update (3.5 -> 3.6)
Subpackages: libselinux1 selinux-tools
- Update to version 3.6
https://github.com/SELinuxProject/selinux/releases/tag/3.6
* libselinux: performance optimization for duplicate detection
* Introduce getpolicyload - a helper binary to print the number of policy reloads on the running system
* Add notself support for neverallow rules
* Improve man pages
* man pages: Remove the Russian translations
* Add notself and other support to CIL
* Add support for deny rules
* Translations updated from
https://translate.fedoraproject.org/projects/selinux/
* Bug fixes
- Remove keys from keyring since they expired:
- E853C1848B0185CF42864DF363A8AD4B982C4373
Petr Lautrbach <plautrba(a)redhat.com>
- 63191CE94183098689CAB8DB7EF137EC935B0EAF
Jason Zaman <jasonzaman(a)gmail.com>
- Add key to keyring:
- B8682847764DF60DF52D992CBC3905F235179CF1
Petr Lautrbach <lautrbach(a)redhat.com>
==== libselinux-bindings ====
Version update (3.5 -> 3.6)
- The PEP517 python build requires setuptools
- Update to version 3.6
https://github.com/SELinuxProject/selinux/releases/tag/3.6
* libselinux: performance optimization for duplicate detection
* Introduce getpolicyload - a helper binary to print the number of policy reloads on the running system
* Add notself support for neverallow rules
* Improve man pages
* man pages: Remove the Russian translations
* Add notself and other support to CIL
* Add support for deny rules
* Translations updated from
https://translate.fedoraproject.org/projects/selinux/
* Bug fixes
- Remove keys from keyring since they expired:
- E853C1848B0185CF42864DF363A8AD4B982C4373
Petr Lautrbach <plautrba(a)redhat.com>
- 63191CE94183098689CAB8DB7EF137EC935B0EAF
Jason Zaman <jasonzaman(a)gmail.com>
- Add key to keyring:
- B8682847764DF60DF52D992CBC3905F235179CF1
Petr Lautrbach <lautrbach(a)redhat.com>
==== libsemanage ====
Version update (3.5 -> 3.6)
Subpackages: libsemanage-conf libsemanage2
- Update to version 3.6
https://github.com/SELinuxProject/selinux/releases/tag/3.6
* Add notself support for neverallow rules
* Improve man pages
* man pages: Remove the Russian translations
* Add notself and other support to CIL
* Add support for deny rules
* Translations updated from
https://translate.fedoraproject.org/projects/selinux/
* Bug fixes
- Remove keys from keyring since they expired:
- E853C1848B0185CF42864DF363A8AD4B982C4373
Petr Lautrbach <plautrba(a)redhat.com>
- 63191CE94183098689CAB8DB7EF137EC935B0EAF
Jason Zaman <jasonzaman(a)gmail.com>
- Add key to keyring:
- B8682847764DF60DF52D992CBC3905F235179CF1
Petr Lautrbach <lautrbach(a)redhat.com>
==== libsepol ====
Version update (3.5 -> 3.6)
- Update to version 3.6
https://github.com/SELinuxProject/selinux/releases/tag/3.6
* struct cond_expr_t bool renamed to boolean
The change is indicated by COND_EXPR_T_RENAME_BOOL_BOOLEAN macro
* Add notself support for neverallow rules
* Improve man pages
* man pages: Remove the Russian translations
* Add notself and other support to CIL
* Add support for deny rules
* Translations updated from
https://translate.fedoraproject.org/projects/selinux/
* Bug fixes
- Remove keys from keyring since they expired:
- E853C1848B0185CF42864DF363A8AD4B982C4373
Petr Lautrbach <plautrba(a)redhat.com>
- 63191CE94183098689CAB8DB7EF137EC935B0EAF
Jason Zaman <jasonzaman(a)gmail.com>
- Add key to keyring:
- B8682847764DF60DF52D992CBC3905F235179CF1
Petr Lautrbach <lautrbach(a)redhat.com>
==== netcfg ====
- Add krb-prop entry, fix for bsc#1211886.
==== policycoreutils ====
Version update (3.5 -> 3.6)
Subpackages: policycoreutils-python-utils python3-policycoreutils
- Update to version 3.6
https://github.com/SELinuxProject/selinux/releases/tag/3.6
* Add notself support for neverallow rules
* Improve man pages
* man pages: Remove the Russian translations
* Add notself and other support to CIL
* Add support for deny rules
* Translations updated from
https://translate.fedoraproject.org/projects/selinux/
* Bug fixes
- Remove keys from keyring since they expired:
- E853C1848B0185CF42864DF363A8AD4B982C4373
Petr Lautrbach <plautrba(a)redhat.com>
- 63191CE94183098689CAB8DB7EF137EC935B0EAF
Jason Zaman <jasonzaman(a)gmail.com>
- Add key to keyring:
- B8682847764DF60DF52D992CBC3905F235179CF1
Petr Lautrbach <lautrbach(a)redhat.com>
- Remove reproducible-build.patch since it is upstream now
- Fix issues in get_os_version.patch
==== python-referencing ====
Version update (0.32.0 -> 0.32.1)
- Update to version 0.32.1:
* We CannotDetermineSpecification for $schema kyes that aren't
strs
* [pre-commit.ci] pre-commit autoupdate
* Update requirements.
* Enable more ruff rulesets.
* Remove an unneeded doc ext, we have no CLI.
* [pre-commit.ci] pre-commit autoupdate
* Bump actions/setup-python from 4 to 5
* Update pre-commit hooks.
==== python-semanage ====
Version update (3.5 -> 3.6)
- Update to version 3.6
https://github.com/SELinuxProject/selinux/releases/tag/3.6
* Add notself support for neverallow rules
* Improve man pages
* man pages: Remove the Russian translations
* Add notself and other support to CIL
* Add support for deny rules
* Translations updated from
https://translate.fedoraproject.org/projects/selinux/
* Bug fixes
- Remove keys from keyring since they expired:
- E853C1848B0185CF42864DF363A8AD4B982C4373
Petr Lautrbach <plautrba(a)redhat.com>
- 63191CE94183098689CAB8DB7EF137EC935B0EAF
Jason Zaman <jasonzaman(a)gmail.com>
- Add key to keyring:
- B8682847764DF60DF52D992CBC3905F235179CF1
Petr Lautrbach <lautrbach(a)redhat.com>
==== python311 ====
Version update (3.11.6 -> 3.11.7)
Subpackages: python311-curses python311-dbm
- Update patch fix_configure_rst.patch
- Update to 3.11.7:
- Core and Builtins
- gh-112625: Fixes a bug where a bytearray object could be cleared
while iterating over an argument in the bytearray.join() method
that could result in reading memory after it was freed.
- gh-112388: Fix an error that was causing the parser to try to
overwrite tokenizer errors. Patch by pablo Galindo
- gh-112387: Fix error positions for decoded strings with
backwards tokenize errors. Patch by Pablo Galindo
- gh-112266: Change docstrings of __dict__ and __weakref__.
- gh-109181: Speed up Traceback object creation by lazily compute
the line number. Patch by Pablo Galindo
- gh-102388: Fix a bug where iso2022_jp_3 and iso2022_jp_2004
codecs read out of bounds
- gh-111366: Fix an issue in the codeop that was causing
SyntaxError exceptions raised in the presence of invalid syntax
to not contain precise error messages. Patch by Pablo Galindo
- gh-111380: Fix a bug that was causing SyntaxWarning to appear
twice when parsing if invalid syntax is encountered later. Patch
by Pablo galindo
- gh-88116: Traceback location ranges involving wide unicode
characters (like emoji and asian characters) now are properly
highlighted. Patch by Batuhan Taskaya and Pablo Galindo.
- gh-94438: Fix a regression that prevented jumping across is None
and is not None when debugging. Patch by Savannah Ostrowski.
- gh-110696: Fix incorrect error message for invalid argument
unpacking. Patch by Pablo Galindo
- gh-110237: Fix missing error checks for calls to PyList_Append
in _PyEval_MatchClass.
- gh-109216: Fix possible memory leak in BUILD_MAP.
- Library
- gh-112618: Fix a caching bug relating to typing.Annotated.
Annotated[str, True] is no longer identical to Annotated[str,
1].
- gh-112509: Fix edge cases that could cause a key to be present
in both the __required_keys__ and __optional_keys__ attributes
of a typing.TypedDict. Patch by Jelle Zijlstra.
- gh-94722: Fix bug where comparison between instances of DocTest
fails if one of them has None as its lineno.
- gh-112105: Make readline.set_completer_delims() work with
libedit
- gh-111942: Fix SystemError in the TextIOWrapper constructor with
non-encodable âerrorsâ argument in non-debug mode.
- gh-109538: Issue warning message instead of having RuntimeError
be displayed when event loop has already been closed at
StreamWriter.__del__().
- gh-111942: Fix crashes in io.TextIOWrapper.reconfigure() when
pass invalid arguments, e.g. non-string encoding.
- gh-111804: Remove posix.fallocate() under WASI as the underlying
posix_fallocate() is not available in WASI preview2.
- gh-111841: Fix truncating arguments on an embedded null
character in os.putenv() and os.unsetenv() on Windows.
- gh-111541: Fix doctest for SyntaxError not-builtin subclasses.
- gh-110894: Call loop exception handler for exceptions in
client_connected_cb of asyncio.start_server() so that
applications can handle it. Patch by Kumar Aditya.
- gh-111531: Fix reference leaks in bind_class() and bind_all()
methods of tkinter widgets.
- gh-111356: Added io.text_encoding(), io.DEFAULT_BUFFER_SIZE, and
io.IncrementalNewlineDecoder to io.__all__.
- gh-68166: Remove mention of not supported âvsapiâ element type
in tkinter.ttk.Style.element_create(). Add tests for
element_create() and other ttk.Style methods. Add examples for
element_create() in the documentation.
- gh-111251: Fix _blake2 not checking for errors when
initializing.
- gh-111174: Fix crash in io.BytesIO.getbuffer() called repeatedly
for empty BytesIO.
- gh-111187: Postpone removal version for
locale.getdefaultlocale() to Python 3.15.
- gh-111159: Fix doctest output comparison for exceptions with
notes.
- gh-110910: Fix invalid state handling in asyncio.TaskGroup and
asyncio.Timeout. They now raise proper RuntimeError if they are
improperly used and are left in consistent state after this.
- gh-111092: Make turtledemo run without default root enabled.
- gh-110590: Fix a bug in _sre.compile() where TypeError would be
overwritten by OverflowError when the code argument was a list
of non-ints.
- gh-65052: Prevent pdb from crashing when trying to display
undisplayable objects
- gh-110519: Deprecation warning about non-integer number in
gettext now alwais refers to the line in the user code where
gettext function or method is used. Previously it could refer to
a line in gettext code.
- gh-110378: contextmanager() and asynccontextmanager() context
managers now close an invalid underlying generator object that
yields more then one value.
- gh-110365: Fix termios.tcsetattr() bug that was overwritting
existing errors during parsing integers from term list.
- gh-110196: Add __reduce__ method to IPv6Address in order to keep
scope_id
- gh-109747: Improve errors for unsupported look-behind patterns.
Now re.error is raised instead of OverflowError or RuntimeError
for too large width of look-behind pattern.
- gh-109786: Fix possible reference leaks and crash when re-enter
the __next__() method of itertools.pairwise.
- gh-108791: Improved error handling in pdb command line
... changelog too long, skipping 87 lines ...
raise SystemError if these attributes have wrong type.
==== python311-core ====
Version update (3.11.6 -> 3.11.7)
Subpackages: libpython3_11-1_0 python311-base
- Update patch fix_configure_rst.patch
- Update to 3.11.7:
- Core and Builtins
- gh-112625: Fixes a bug where a bytearray object could be cleared
while iterating over an argument in the bytearray.join() method
that could result in reading memory after it was freed.
- gh-112388: Fix an error that was causing the parser to try to
overwrite tokenizer errors. Patch by pablo Galindo
- gh-112387: Fix error positions for decoded strings with
backwards tokenize errors. Patch by Pablo Galindo
- gh-112266: Change docstrings of __dict__ and __weakref__.
- gh-109181: Speed up Traceback object creation by lazily compute
the line number. Patch by Pablo Galindo
- gh-102388: Fix a bug where iso2022_jp_3 and iso2022_jp_2004
codecs read out of bounds
- gh-111366: Fix an issue in the codeop that was causing
SyntaxError exceptions raised in the presence of invalid syntax
to not contain precise error messages. Patch by Pablo Galindo
- gh-111380: Fix a bug that was causing SyntaxWarning to appear
twice when parsing if invalid syntax is encountered later. Patch
by Pablo galindo
- gh-88116: Traceback location ranges involving wide unicode
characters (like emoji and asian characters) now are properly
highlighted. Patch by Batuhan Taskaya and Pablo Galindo.
- gh-94438: Fix a regression that prevented jumping across is None
and is not None when debugging. Patch by Savannah Ostrowski.
- gh-110696: Fix incorrect error message for invalid argument
unpacking. Patch by Pablo Galindo
- gh-110237: Fix missing error checks for calls to PyList_Append
in _PyEval_MatchClass.
- gh-109216: Fix possible memory leak in BUILD_MAP.
- Library
- gh-112618: Fix a caching bug relating to typing.Annotated.
Annotated[str, True] is no longer identical to Annotated[str,
1].
- gh-112509: Fix edge cases that could cause a key to be present
in both the __required_keys__ and __optional_keys__ attributes
of a typing.TypedDict. Patch by Jelle Zijlstra.
- gh-94722: Fix bug where comparison between instances of DocTest
fails if one of them has None as its lineno.
- gh-112105: Make readline.set_completer_delims() work with
libedit
- gh-111942: Fix SystemError in the TextIOWrapper constructor with
non-encodable âerrorsâ argument in non-debug mode.
- gh-109538: Issue warning message instead of having RuntimeError
be displayed when event loop has already been closed at
StreamWriter.__del__().
- gh-111942: Fix crashes in io.TextIOWrapper.reconfigure() when
pass invalid arguments, e.g. non-string encoding.
- gh-111804: Remove posix.fallocate() under WASI as the underlying
posix_fallocate() is not available in WASI preview2.
- gh-111841: Fix truncating arguments on an embedded null
character in os.putenv() and os.unsetenv() on Windows.
- gh-111541: Fix doctest for SyntaxError not-builtin subclasses.
- gh-110894: Call loop exception handler for exceptions in
client_connected_cb of asyncio.start_server() so that
applications can handle it. Patch by Kumar Aditya.
- gh-111531: Fix reference leaks in bind_class() and bind_all()
methods of tkinter widgets.
- gh-111356: Added io.text_encoding(), io.DEFAULT_BUFFER_SIZE, and
io.IncrementalNewlineDecoder to io.__all__.
- gh-68166: Remove mention of not supported âvsapiâ element type
in tkinter.ttk.Style.element_create(). Add tests for
element_create() and other ttk.Style methods. Add examples for
element_create() in the documentation.
- gh-111251: Fix _blake2 not checking for errors when
initializing.
- gh-111174: Fix crash in io.BytesIO.getbuffer() called repeatedly
for empty BytesIO.
- gh-111187: Postpone removal version for
locale.getdefaultlocale() to Python 3.15.
- gh-111159: Fix doctest output comparison for exceptions with
notes.
- gh-110910: Fix invalid state handling in asyncio.TaskGroup and
asyncio.Timeout. They now raise proper RuntimeError if they are
improperly used and are left in consistent state after this.
- gh-111092: Make turtledemo run without default root enabled.
- gh-110590: Fix a bug in _sre.compile() where TypeError would be
overwritten by OverflowError when the code argument was a list
of non-ints.
- gh-65052: Prevent pdb from crashing when trying to display
undisplayable objects
- gh-110519: Deprecation warning about non-integer number in
gettext now alwais refers to the line in the user code where
gettext function or method is used. Previously it could refer to
a line in gettext code.
- gh-110378: contextmanager() and asynccontextmanager() context
managers now close an invalid underlying generator object that
yields more then one value.
- gh-110365: Fix termios.tcsetattr() bug that was overwritting
existing errors during parsing integers from term list.
- gh-110196: Add __reduce__ method to IPv6Address in order to keep
scope_id
- gh-109747: Improve errors for unsupported look-behind patterns.
Now re.error is raised instead of OverflowError or RuntimeError
for too large width of look-behind pattern.
- gh-109786: Fix possible reference leaks and crash when re-enter
the __next__() method of itertools.pairwise.
- gh-108791: Improved error handling in pdb command line
... changelog too long, skipping 87 lines ...
raise SystemError if these attributes have wrong type.
==== update-alternatives ====
Version update (1.22.1 -> 1.22.2)
- Update to version 1.22.2.
The full changelog is very large. Please check it here:
https://git.dpkg.org/cgit/dpkg/dpkg.git/tree/debian/changelog?h=1.22.2
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
7zip
ImageMagick (7.1.1.21 -> 7.1.1.25)
Mesa-demo
MozillaFirefox (120.0.1 -> 121.0)
bind (9.18.20 -> 9.18.21)
bluez (5.70 -> 5.71)
cockpit (300.1 -> 307)
cockpit-podman (76 -> 82)
ell (0.60 -> 0.61)
evolution-data-server (3.50.2 -> 3.50.3)
fltk (1.3.8 -> 1.3.9)
frameworkintegration
fwupd (1.9.10 -> 1.9.11)
ghostscript
gnome-branding-Aeon
gnome-control-center
gnome-settings-daemon (45.0 -> 45.1)
gnustep-base
gpgme
grub2
gstreamer (1.22.7 -> 1.22.8)
gstreamer-plugins-bad (1.22.7 -> 1.22.8)
gstreamer-plugins-base (1.22.7 -> 1.22.8)
gstreamer-plugins-good (1.22.7 -> 1.22.8)
hplip (3.23.8 -> 3.23.12)
icewm (3.4.4 -> 3.4.5)
ima-evm-utils
inotify-tools (3.22.6.0 -> 4.23.9.0)
iputils (20221126 -> 20231222)
kernel-firmware (20231214 -> 20240102)
kernel-source (6.6.6 -> 6.6.9)
kmozillahelper
libarchive (3.7.0 -> 3.7.2)
libavif (1.0.2 -> 1.0.3)
libdrm (2.4.118 -> 2.4.119)
libheif (1.17.5 -> 1.17.6)
libical (3.0.16 -> 3.0.17)
libical-glib (3.0.16 -> 3.0.17)
libjcat (0.1.14 -> 0.2.0)
libjpeg-turbo (8.2.2 -> 8.3.2)
libportal
libqt5-qtbase (5.15.11+kde138 -> 5.15.12+kde147)
libqt5-qtdeclarative (5.15.11+kde30 -> 5.15.12+kde31)
libqt5-qtgraphicaleffects (5.15.11+kde0 -> 5.15.12+kde0)
libqt5-qtimageformats (5.15.11+kde12 -> 5.15.12+kde10)
libqt5-qtlocation (5.15.11+kde4 -> 5.15.12+kde6)
libqt5-qtmultimedia (5.15.11+kde2 -> 5.15.12+kde2)
libqt5-qtquickcontrols (5.15.11+kde0 -> 5.15.12+kde0)
libqt5-qtquickcontrols2 (5.15.11+kde5 -> 5.15.12+kde5)
libqt5-qtsensors (5.15.11+kde0 -> 5.15.12+kde0)
libqt5-qtspeech (5.15.11+kde1 -> 5.15.12+kde1)
libqt5-qtsvg (5.15.11+kde6 -> 5.15.12+kde6)
libqt5-qttools (5.15.11+kde3 -> 5.15.12+kde4)
libqt5-qttranslations (5.15.11+kde0 -> 5.15.12+kde0)
libqt5-qtvirtualkeyboard (5.15.11+kde0 -> 5.15.12+kde0)
libqt5-qtwayland (5.15.11+kde59 -> 5.15.12+kde60)
libqt5-qtwebchannel (5.15.11+kde3 -> 5.15.12+kde3)
libqt5-qtwebview (5.15.11+kde0 -> 5.15.12+kde0)
libqt5-qtx11extras (5.15.11+kde0 -> 5.15.12+kde0)
libqt5-qtxmlpatterns (5.15.11+kde0 -> 5.15.12+kde0)
libraw (0.21.1 -> 0.21.2)
librsvg (2.57.0 -> 2.57.1)
libstorage-ng (4.5.163 -> 4.5.170)
libxmlb (0.3.14 -> 0.3.15)
libzypp (17.31.25 -> 17.31.27)
lsof (4.99.0 -> 4.99.3)
mozilla-nss
multipath-tools (0.9.7+76+suse.5f857af -> 0.9.7+93+suse.e2f2272)
newt (0.52.23 -> 0.52.24)
nftables
open-iscsi
openblas_pthreads
osinfo-db (20231027 -> 20231215)
perl-HTTP-Cookies (6.10 -> 6.110.0)
perl-IO-Socket-SSL
perl-XML-Parser (2.46 -> 2.470.0)
plasma-branding-Kalpa (20231218 -> 20231227)
plasma5-workspace
podman (4.8.2 -> 4.8.3)
poppler (23.11.0 -> 23.12.0)
poppler-qt5 (23.11.0 -> 23.12.0)
postfix (3.8.3 -> 3.8.4)
protobuf
protobuf-c (1.4.1 -> 1.5.0)
pulseaudio
python-Babel (2.13.1 -> 2.14.0)
python-SQLAlchemy (2.0.23 -> 2.0.24)
python-alembic (1.13.0 -> 1.13.1)
python-configobj
python-hiredis
python-httpx (0.25.2 -> 0.26.0)
python-importlib-metadata (7.0.0 -> 7.0.1)
python-jsonschema-specifications (2023.11.2 -> 2023.12.1)
python-numpy
python-psutil (5.9.6 -> 5.9.7)
python-pycryptodome (3.19.0 -> 3.19.1)
python-pycups
python-pyrsistent (0.19.3 -> 0.20.0)
python-pyzmq (25.1.1 -> 25.1.2)
python-redis
python-setuptools (68.1.2 -> 69.0.2)
python-six
python-tornado6 (6.3.3 -> 6.4)
python-zope.interface (6.0 -> 6.1)
qca-qt5 (2.3.7 -> 2.3.7+git12)
qpdf (11.6.4 -> 11.7.0)
runc (1.1.10 -> 1.1.11)
sdbootutil (1+git20231214.b186b2d -> 1+git20231221.42797ab)
sof-firmware (2023.09.2 -> 2023.12)
sudo (1.9.15p4 -> 1.9.15p5)
suse-module-tools (16.0.39 -> 16.0.42)
timezone (2023c -> 2023d)
tpm2.0-tools (5.5 -> 5.6)
traceroute (2.1.3 -> 2.1.5)
tracker-miners
vim (9.0.2181 -> 9.1.0000)
wireless-regdb (20230901 -> 20231201)
wireplumber (0.4.16 -> 0.4.17)
xmlsec1 (1.2.37 -> 1.2.38)
xorg-x11-server
yast2-installation (5.0.2 -> 5.0.3)
yast2-journal (5.0.0 -> 5.0.1)
=== Details ===
==== 7zip ====
- Add missing man pages for 7z / 7za / 7zr / 7zz.
This solves bsc#1204856.
==== ImageMagick ====
Version update (7.1.1.21 -> 7.1.1.25)
Subpackages: ImageMagick-config-7-SUSE libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10
- drop update-alternatives for config; use exactly one of configuration
package provided
- version update to 7.1.1.25
https://github.com/ImageMagick/Website/blob/main/ChangeLog.md
- update to 7.1.1.24:
* Added extra check for rare case when ImageMagick is build without
any delegates.
* Corrected order to fix invalid matches.
* only fill the alpha channel for alpha floodfill
* Make sure we use the lt_ methods like we do elsewhere.
* support dng:max-raw-memory define (ImageMagick/ImageMagick#6922)
* properly export YUV JP2 images (ImageMagick/ImageMagick#6943)
* use : specifier
* correct display program name
* check for corrupt DJVU images
* support UTF-8 comments (ImageMagick/ImageMagick#6949)
* do not prefix iTxt key with 'png:'
* enhance sampling factor parser (ImageMagick/ImageMagick#6943)
* Switch to ubuntu 20.04 in the app-image build.
* Corrected packages that need to be install due to ubuntu upgrade.
* improve accuracy of image statistics
* fx calculations of skewness and kurtosis
* Only write comments as itxt when the string contains non ansi
chars.
* check if the string contains non-Latin1 characters
* Corrected patch to check for non-Latin1 characters.
* invalid JSON with -ping (ImageMagick/ImageMagick#6966)
* throw exception if # of meta channels exceed max
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hx5j-px…
* multiplication result converted to larger type
* invalid HTTPS certificates are no longer ignored
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3r24-6m…
* multiplication result converted to larger type
* eliminate compiler warning
* don't include the index channel in the overall image statistics
* multiplication result converted to larger type
- version update to 7.1.1.23
https://github.com/ImageMagick/Website/blob/main/ChangeLog.md
- modified patches
% ImageMagick-library-installable-in-parallel.patch (refreshed)
- deleted patches
- ImageMagick-infinite-resource-time-limit.patch (upstreamed)
==== Mesa-demo ====
Subpackages: Mesa-demo-egl Mesa-demo-x
- Remove old rpm constructs that are long defaulted.
- Remove legalese from descriptions as per our wiki guidelines.
==== MozillaFirefox ====
Version update (120.0.1 -> 121.0)
- Mozilla Firefox 121.0
https://www.mozilla.org/en-US/firefox/121.0/releasenotes
MFSA 2023-56 (bsc#1217974)
* CVE-2023-6856 (bmo#1843782)
Heap-buffer-overflow affecting WebGL DrawElementsInstanced
method with Mesa VM driver
* CVE-2023-6135 (bmo#1853908)
NSS susceptible to "Minerva" attack
* CVE-2023-6865 (bmo#1864123)
Potential exposure of uninitialized data in EncryptingOutputStream
* CVE-2023-6857 (bmo#1796023)
Symlinks may resolve to smaller than expected buffers
* CVE-2023-6858 (bmo#1826791)
Heap buffer overflow in nsTextFragment
* CVE-2023-6859 (bmo#1840144)
Use-after-free in PR_GetIdentitiesLayer
* CVE-2023-6866 (bmo#1849037)
TypedArrays lack sufficient exception handling
* CVE-2023-6860 (bmo#1854669)
Potential sandbox escape due to VideoBridge lack of texture
validation
* CVE-2023-6867 (bmo#1863863)
Clickjacking permission prompts using the popup transition
* CVE-2023-6861 (bmo#1864118)
Heap buffer overflow affected nsWindow::PickerOpen(void) in
headless mode
* CVE-2023-6868 (bmo#1865488)
WebPush requests on Firefox for Android did not require VAPID key
* CVE-2023-6869 (bmo#1799036)
Content can paint outside of sandboxed iframe
* CVE-2023-6870 (bmo#1823316)
Android Toast notifications may obscure fullscreen event
notifications
* CVE-2023-6871 (bmo#1828334)
Lack of protocol handler warning in some instances
* CVE-2023-6872 (bmo#1849186)
Browsing history leaked to syslogs via GNOME
* CVE-2023-6863 (bmo#1868901)
Undefined behavior in ShutdownObserver()
* CVE-2023-6864 (bmo#1736385, bmo#1810805, bmo#1846328, bmo#1856090,
bmo#1858033, bmo#1858509, bmo#1862777, bmo#1864015)
Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6,
and Thunderbird 115.6
* CVE-2023-6873 (bmo#1855327, bmo#1862089, bmo#1862723)
Memory safety bugs fixed in Firefox 121
- requires NSS 3.95
==== bind ====
Version update (9.18.20 -> 9.18.21)
- Update to release 9.18.21
Removed Features:
* Support for using AES as the DNS COOKIE algorithm
(cookie-algorithm aes;) has been deprecated and will be removed
in a future release. Please use the current default,
SipHash-2-4, instead.
* The resolver-nonbackoff-tries and resolver-retry-interval
statements have been deprecated. Using them now causes a
warning to be logged.
==== bluez ====
Version update (5.70 -> 5.71)
Subpackages: bluez-auto-enable-devices bluez-cups libbluetooth3
- add fix-link-key-address-type.patch - thanks to
pallaswept for identifying the right patch for the pairing
regression
- update to 5.71:
* Fix issue with not registering CSIS service.
* Fix issue with registering pairing callbacks.
* Fix issue with corruption during discovery filter parsing.
- drop CVE-2023-45866.patch,
Fix-.device_probe-failing-if-SDP-record-is-not.patch: upstream
- update bluez-disable-broken-tests.diff: disable failing vcp test
==== cockpit ====
Version update (300.1 -> 307)
Subpackages: cockpit-bridge cockpit-packagekit cockpit-system
- new version 307:
https://cockpit-project.org/blog/cockpit-307.html
https://cockpit-project.org/blog/cockpit-306.html
https://cockpit-project.org/blog/cockpit-305.html
https://cockpit-project.org/blog/cockpit-304.html
https://cockpit-project.org/blog/cockpit-303.html
https://cockpit-project.org/blog/cockpit-302.html
https://cockpit-project.org/blog/cockpit-301.html
- css-overrides.patch, storage-btrfs.patch: refreshed
==== cockpit-podman ====
Version update (76 -> 82)
- New version 82:
* Validate fields in "Create container" dialog
* Label Toolbox and Distrobox containers
* Performance and stability improvements
==== ell ====
Version update (0.60 -> 0.61)
- Update to release 0.61
* netconfig: Always set DHCP MAC address on start
* netlink: Add workaround for missing NLM_F_ACK_TLVS
and NLM_F_CAPPED
==== evolution-data-server ====
Version update (3.50.2 -> 3.50.3)
Subpackages: libcamel-1_2-64 libebackend-1_2-11 libebook-1_2-21 libebook-contacts-1_2-4 libecal-2_0-2 libedata-book-1_2-27 libedata-cal-2_0-2 libedataserver-1_2-27 libedataserverui-1_2-4
- Update to version 3.50.3:
+ Camel: Ignore errors about missing messages during filtering.
+ Bug Fixes:
- sqlite3_enable_shared_cache is deprecated
- Camel: Hide errors from for-offline download
- IMAP: Copy/move messages in smaller batches
+ Updated translations.
==== fltk ====
Version update (1.3.8 -> 1.3.9)
- update to 1.3.9:
* Support macOS up to macOS 14 "Sonoma".
* Update bundled libraries to current versions (see below).
* Introduce bundled image library "prefixing" to avoid
conflicts with system libraries.
* Bundled library versions (see also README.bundled-libs.txt):
* Library Version Release date
* jpeg jpeg-9e 2022-01-16
* png libpng-1.6.40 2023-06-21
* zlib zlib-1.3 2023-08-18
* Backport X11 INCR protocol fixes from 1.4.0 (issue #451)
* X11: Suppress compiler warnings when using gcc or clang
* Fix crash if a program exits before it opens a window
* Fix compilation error with current Visual Studio 2022
* Backport warning fixes from 1.4.0 in src/fl_draw.cxx
* Fix compiler warning as pointed out in PR #693
* Fix another compiler warning (#693)
* Remove unused variable, fix "type issue" (#445, part 2)
* Fix stack buffer overflow found by address sanitizer
* Fix "gtk+ rendering" (GitHub Issue #443)
* Fix doxygen warnings
* Bump version numbers, prepare release 1.3.9
* Fix several compiler warnings
* Update bundled image libraries and zlib to current
versions
* Update README, README.CMake.txt, and some support files
* Fix compiler warnings: backported from 1.4 (git 'master')
* CMake/MSVC: remove confusing recommendation to rerun
* Documentation: remove dark color on title page
* Raise CMake minimum required version to 3.15 and more
* macOS platform: Issue #325 "Disabling IM disables Greek
and Cyrillic layouts"
* Fix fullscreen window level corner cases on macOS
* Fix issue #373 apparent with macOS platform and SDK â¤
* Issue #452: Fl::get_font_name failure on OS-X.
* Issue #454: crash in Fl::get_font_name().
* Issue #469: Fl_Sys_Menu_Bar menu item shortcuts using Esc
Tab don't work on Mac
* Fix "Focus is lost leaving full screen on macOS 13"
* Add support of macOS Ventura 13.0 and macOS Sonoma 14.0
* macOS: remove configure option --enable-x11 and CMake
OPTION_APPLE_X11; this functionality remains in FLTK 1.4.
* configure.ac: make sure local-png and local-zlib always
run together
* Remove the -mwindows argument from CFLAGS and CXXFLAGS
==== frameworkintegration ====
Subpackages: frameworkintegration-plugin libKF5Style5
- Update appstream build requirement for compatibility with 1.0.0
==== fwupd ====
Version update (1.9.10 -> 1.9.11)
Subpackages: fwupd-bash-completion libfwupd2 typelib-1_0-Fwupd-2_0
- Update to version 1.9.11:
+ This release adds the following features:
- Allow exporting 'offline' reports for manual upload
+ This release fixes the following bugs:
- Add some recovery partition names to ignore for ESP selection
- Check for CET and SMAP on non-Intel x86 processors too
- Correctly mark the CPU as supported in the HSI tests
- Do not fail on probing downstream Synaptics MST ports
- Do not offer to change BIOS settings that are already set
- Do not prefer msftdata when choosing the default ESP
- Do not show spurious device request flags
- Fix a missing build dependency to fwupdplugin-self-test
- Fix a segfault when using zlib-ng instead of zlib
- Fix updating Jabra 410, 510, 710 and 810 devices
- Match more community-supported branches
- Remove the Intel SPIBAR proxy support as the mtd module works
- Show a better error when the ESP is missing
- Show an error if the post-update version does not match exactly
- Speed up Synaptics MST device enumeration
+ This release adds support for the following hardware:
- Algoltek USB devices
- Luxshare Quad USB4 Dock
==== ghostscript ====
Subpackages: ghostscript-x11
- CVE-2023-46751.patch is
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=dcdbc595c13
adapted for Ghostscript-9.56.1 that fixes
https://bugs.ghostscript.com/show_bug.cgi?id=707264
which includes a fix for CVE-2023-46751
"dangling pointer in gdev_prn_open_printer_seekable()"
(bsc#1217871)
==== gnome-branding-Aeon ====
- Use cURL instead of ping for online check
==== gnome-control-center ====
Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-user-faces
- Add gnome-control-center-fix-region-preview-crash.patch:
nl_langinfo's returned pointer could be invalid after switching
locale, so we have to save the result before switch locale to
prevent the crash (bsc#1218528,
glgo#GNOME/gnome-control-center!2122).
==== gnome-settings-daemon ====
Version update (45.0 -> 45.1)
- Update to version 45.1:
+ Power: Compiler warning fixes.
+ Smartcard: Error handling fix.
+ USB Protection: Comment clean up.
+ Updated translations.
- Drop upstream fixed patches:
+ 41d0dc1db4d75c37ba67fe903105b4e162d42f1a.patch
+ 538816ff42f682fc4b541810ca107486abab9976.patch
+ a059909d62da0c11774f1089d02937699fabf150.patch
==== gnustep-base ====
- Add 295.patch: Fix build with libxml2 2.11.0+.
==== gpgme ====
Subpackages: libgpgme11 libgpgmepp6 python311-gpg
- Python 3.12 has dropped distutils
* Build require python-setuptools instead
* Drop old gpgme-D545-python310.patch
* Replace with gpgme-D545-obsolete-distutils.patch
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin
- grub2.spec: Add ofnet to signed grub.elf to support powerpc net boot
installation when secure boot is enabled (bsc#1217761)
- Improved check for disk device when looking for PReP partition
* 0004-Introduce-prep_load_env-command.patch
==== gstreamer ====
Version update (1.22.7 -> 1.22.8)
Subpackages: libgstreamer-1_0-0 typelib-1_0-Gst-1_0
- Update to version 1.22.8:
+ Highlighted bugfixes in 1.22.8
- Security fixes for the AV1 video codec parser
- avdec video decoder: fix another possible deadlock with
FFmpeg 6.1
- qtdemux: reverse playback and seeking fixes for files with
raw audio streams
- v4l2: fix "newly allocated buffer ... is not free" warning
log flood
- GstPlay + GstPlayer library fixes
- dtls: Fix build failure on Windows when compiling against
OpenSSL 3.2.0
- d3d11screencapturesrc: Fix wrong color with HDR enabled
- Cerbero build tool: More python 3.12 string escape warning
fixes; make sure to bundle build tools as well
- various bug fixes, build fixes, memory leak fixes, and other
stability and reliability improvements
+ gstreamer
- buffer: Unref memories before metas
- pad: Recheck pads when linking after temporary unlock
- baseparse: Fixes to buffers extracted from adapter
- Rebase reduce-required-meson.patch
==== gstreamer-plugins-bad ====
Version update (1.22.7 -> 1.22.8)
Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0
- Update to version 1.22.8:
+ aesenc: Fix IV length addition to output buffer length
+ av1parser: Fix array sizes in scalability structure
(ZDI-CAN-22300 bsc#1218534)
+ camerabin: Fix source updates with user filters
+ codecparsers: av1: Clip max tile rows and cols values
+ dtlscertificate: Define WINSOCKAPI before including windows.h
+ d3d11: fix building with address sanitizer
+ d3d11screencapturesrc: Fix wrong color with HDR enabled
+ h264decoder: Fix GstVideoCodecFrame leak
+ ladspa: Make RDF parsing truly optional
+ rtponviftimestamp: Fix drop-out-of-segment=false mode
+ qsvdecoder: Fix stream format detection
+ webrtcsdp: Remove fingerprint validation that doesn't make
sense
+ GstPlay: Automatically flush the bus when disposing the
signal adapter
+ GstPlayer: Without dispatcher emit signals directly instead
of via the default main context
- Rebase reduce-required-meson.patch
==== gstreamer-plugins-base ====
Version update (1.22.7 -> 1.22.8)
Subpackages: libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstTag-1_0
- Update to version 1.22.8:
+ appsrc: Fix flow return when buffer is dropped
+ audioringbuffer: Don't try to map MONO channel
+ encoding-target: Properly free when missing type field in
parse_encoding_profile
+ pbutils: Don't include default vp9 parameters in resulting
codec mime string
+ videorate: Don't forget last_ts on caps changes
- Rebase reduce-required-meson.patch
==== gstreamer-plugins-good ====
Version update (1.22.7 -> 1.22.8)
Subpackages: gstreamer-plugins-good-gtk
- Update to version 1.22.8:
+ dcaparse: keep upstream buffer meta
+ rtpklvdepay: Recover after invalid fragmented KLV unit
+ matroska-demux: fix accumulated base offset in segment seeks
+ qtdemux: fix bug report URL
+ qtdemux: Don't overflow sample index
+ qtdemux: Fix reverse playback for pcm audio stream
+ qtdemux: Ignore raw audio streams when adjusting seek
+ qtdemux: Under-seeking to a key unit in certain (encoded by
Adobe products) ProRes movies (macOS x86_64 & arm64,
Windows x86_64, ...)
+ rtpac3depay: should output audio/x-ac3 not audio/ac3
+ rtp: Fix incorrect RTP channel order lookup by name
+ v4l2bufferpool: add lock as atomic operation for seek
- Rebase reduce-required-meson.patch
==== hplip ====
Version update (3.23.8 -> 3.23.12)
Subpackages: hplip-hpijs hplip-udev-rules
- Update to hplip 3.23.12
* del fix-printer-attributes-parsing.patch (merged upstream)
* del hppsfilter-booklet-printing-change-insecure-fixed-tm.patch
(merged upstream)
- Added support for new printers:
* HP OfficeJet Pro 9130b series
* HP OfficeJet Pro 9120b series
* HP OfficeJet Pro 9110b series
* HP Color LaserJet Enterprise Flow MFP X58045z
* HP Color LaserJet Enterprise Flow MFP X58045zs
* HP Color LaserJet Enterprise MFP X58045dnâ
* HP Color LaserJet Enterprise MFP X58045
* HP LaserJet Pro P1106 plus
* HP LaserJet Pro P1108 plus
==== icewm ====
Version update (3.4.4 -> 3.4.5)
Subpackages: icewm-config-upstream icewm-default icewm-lang
- Update to 3.4.5:
* Fix for centering the clock LED digits vertically
* Fix the KeyWinTile commands for multi-mon setups
* Fix the workspace buttons for right-to-left languages
==== ima-evm-utils ====
Subpackages: evmctl libimaevm4
- Update download url.
==== inotify-tools ====
Version update (3.22.6.0 -> 4.23.9.0)
Subpackages: libinotifytools0
- update to 4.23.9.0:
* support cross compile for Android
* libinotifytools: Rename init variable to fix conflict with
entry point
* Add CodeQL workflow for GitHub code scanning
* Fix build with musl and add Alpine buildnode to CI
* Update Cirrus CI FreeBSD images
* Fix enabling of fanotify/fsnotify.
* Fix fanotify_supported()
* Combine to one build machine, reduce test iteration to 64
* Add -fanalyzer to build
* Enable CentOS Stream 9 build
* Add debian 12
* Ensure C++ libraries are not linked in
==== iputils ====
Version update (20221126 -> 20231222)
- Update to version 20231222
https://github.com/iputils/iputils/releases/tag/20231222
- Use tar.xz instead of tar.gz
- Update source URL
==== kernel-firmware ====
Version update (20231214 -> 20240102)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Update to version 20240102 (git commit b83108216200):
* linux-firmware: add firmware for mediatek bluetooth chip (MT7925)
* linux-firmware: add firmware for MT7925
* ASoC: tas2563: Add dsp firmware for laptops or other mobile devices
* QCA: Add bluetooth firmware nvm files for QCA2066
* QCA: Update Bluetooth QCA2066 firmware to 2.1.0-00629
- Update aliases
- Update to version 20231226 (git commit abfcad8b1405):
* rtl_bt: Add firmware and config files for RTL8852BT/RTL8852BE-VT
* ASoC: tas2781: Add dsp firmware for different laptops
* ath11k: WCN6855 hw2.0: update to WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.36
* ath11k: WCN6855 hw2.0: update board-2.bin
* ath11k: WCN6750 hw1.0: update board-2.bin
* ath11k: IPQ8074 hw2.0: update board-2.bin
* ath10k: WCN3990 hw1.0: update board-2.bin
* ath10k: QCA9888 hw2.0: update board-2.bin
* ath10k: QCA4019 hw1.0: update board-2.bin
* ath10k: QCA6174 hw3.0: update firmware-6.bin to WLAN.RM.4.4.1-00309-
* ath12k: add new driver and firmware for WCN7850
* iwlwifi: update gl FW for core80-165 release
* intel: vsc: Add firmware for Visual Sensing Controller
* cirrus: Add CS35L41 firmware and tunings for ASUS Zenbook 2023 Models
* cirrus: Add CS35L41 firmware and tunings for ASUS Zenbook 2022 Models
* amdgpu: DMCUB updates for various AMDGPU ASICs
- New subpackag kernel-firmware-ath12k
- Update aliases
==== kernel-source ====
Version update (6.6.6 -> 6.6.9)
- Linux 6.6.9 (bsc#1012628).
- bpf: Fix prog_array_map_poke_run map poke update (bsc#1012628).
- mm/damon/core: use number of passed access sampling as a timer
(bsc#1012628).
- mm/damon/core: make damon_start() waits until kdamond_fn()
starts (bsc#1012628).
- btrfs: qgroup: iterate qgroups without memory allocation for
qgroup_reserve() (bsc#1012628).
- btrfs: qgroup: use qgroup_iterator in qgroup_convert_meta()
(bsc#1012628).
- btrfs: free qgroup pertrans reserve on transaction abort
(bsc#1012628).
- drm/amd/display: fix hw rotated modes when PSR-SU is enabled
(bsc#1012628).
- drm/i915: Fix FEC state dump (bsc#1012628).
- drm/i915: Introduce crtc_state->enhanced_framing (bsc#1012628).
- drm/i915/edp: don't write to DP_LINK_BW_SET when using rate
select (bsc#1012628).
- drm: Update file owner during use (bsc#1012628).
- drm: Fix FD ownership check in drm_master_check_perm()
(bsc#1012628).
- spi: spi-imx: correctly configure burst length when using dma
(bsc#1012628).
- arm64: dts: allwinner: h616: update emac for Orange Pi Zero 3
(bsc#1012628).
- ARM: dts: dra7: Fix DRA7 L3 NoC node register size
(bsc#1012628).
- ARM: OMAP2+: Fix null pointer dereference and memory leak in
omap_soc_device_init (bsc#1012628).
- reset: Fix crash when freeing non-existent optional resets
(bsc#1012628).
- s390/vx: fix save/restore of fpu kernel context (bsc#1012628).
- platform/x86/intel/pmc: Fix hang in pmc_core_send_ltr_ignore()
(bsc#1012628).
- SUNRPC: Revert 5f7fc5d69f6e92ec0b38774c387f5cf7812c5806
(bsc#1012628).
- wifi: ieee80211: don't require protected vendor action frames
(bsc#1012628).
- wifi: iwlwifi: pcie: add another missing bh-disable for
rxq->lock (bsc#1012628).
- wifi: mac80211: check if the existing link config remains
unchanged (bsc#1012628).
- wifi: mac80211: don't re-add debugfs during reconfig
(bsc#1012628).
- wifi: mac80211: check defragmentation succeeded (bsc#1012628).
- wifi: mac80211: mesh: check element parsing succeeded
(bsc#1012628).
- wifi: mac80211: mesh_plink: fix matches_local logic
(bsc#1012628).
- ice: fix theoretical out-of-bounds access in ethtool link modes
(bsc#1012628).
- bpf: syzkaller found null ptr deref in unix_bpf proto add
(bsc#1012628).
- Revert "net/mlx5e: fix double free of encap_header in update
funcs" (bsc#1012628).
- Revert "net/mlx5e: fix double free of encap_header"
(bsc#1012628).
- net/mlx5e: Fix slab-out-of-bounds in
mlx5_query_nic_vport_mac_list() (bsc#1012628).
- net/mlx5e: Fix a race in command alloc flow (bsc#1012628).
- net/mlx5e: fix a potential double-free in fs_udp_create_groups
(bsc#1012628).
- net/mlx5e: Fix overrun reported by coverity (bsc#1012628).
- net/mlx5e: Decrease num_block_tc when unblock tc offload
(bsc#1012628).
- net/mlx5e: XDP, Drop fragmented packets larger than MTU size
(bsc#1012628).
- net/mlx5: Fix fw tracer first block check (bsc#1012628).
- net/mlx5: Refactor mlx5_flow_destination->rep pointer to vport
num (bsc#1012628).
- net/mlx5e: Fix error code in mlx5e_tc_action_miss_mapping_get()
(bsc#1012628).
- net/mlx5e: Fix error codes in alloc_branch_attr() (bsc#1012628).
- net/mlx5e: Correct snprintf truncation handling for fw_version
buffer (bsc#1012628).
- net/mlx5e: Correct snprintf truncation handling for fw_version
buffer used by representors (bsc#1012628).
- net: mscc: ocelot: fix eMAC TX RMON stats for bucket 256-511
and above (bsc#1012628).
- net: mscc: ocelot: fix pMAC TX RMON stats for bucket 256-511
and above (bsc#1012628).
- octeontx2-pf: Fix graceful exit during PFC configuration failure
(bsc#1012628).
- net: Return error from sk_stream_wait_connect() if
sk_wait_event() fails (bsc#1012628).
- net: sched: ife: fix potential use-after-free (bsc#1012628).
- ethernet: atheros: fix a memleak in atl1e_setup_ring_resources
(bsc#1012628).
- net/rose: fix races in rose_kill_by_device() (bsc#1012628).
- Bluetooth: Fix not notifying when connection encryption changes
(bsc#1012628).
- Bluetooth: Fix deadlock in vhci_send_frame (bsc#1012628).
- Bluetooth: hci_event: shut up a false-positive warning
(bsc#1012628).
- Bluetooth: hci_core: Fix hci_conn_hash_lookup_cis (bsc#1012628).
- bnxt_en: do not map packet buffers twice (bsc#1012628).
- net: phy: skip LED triggers on PHYs on SFP modules
(bsc#1012628).
- ice: stop trashing VF VSI aggregator node ID information
... changelog too long, skipping 898 lines ...
- commit 59f1683
==== kmozillahelper ====
- BuildRequire rpm_macro(cmake_kf5): we call cmake_kf5 to build and
thus need to ensure the macro to be known.
- Add extra-cmake-modules BuildRequires: fix build after recent KDE
Frameworks update.
==== libarchive ====
Version update (3.7.0 -> 3.7.2)
- skip write tests on 32bit, they OOM
- update to 3.7.2:
* Multiple vulnerabilities have been fixed in the PAX writer
* bsdunzip(1) now correctly handles arguments following an
- x after the zipfile
* zstd filter now supports the "long" write option
* SEGV and stack buffer overflow in verbose mode of cpio
* bsdunzip updated to match latest upstream code
* miscellaneous functional bugfixes
==== libavif ====
Version update (1.0.2 -> 1.0.3)
- update to 1.0.3:
* Rewrite the fix for memory errors fixed in 1.0.2
* CVE-2023-6704: Fix use-after-free errors (boo#1218303)
* src/reformat.c: Allocate the threadData array directly
==== libdrm ====
Version update (2.4.118 -> 2.4.119)
Subpackages: libdrm2 libdrm_amdgpu1 libdrm_nouveau2 libdrm_radeon1
- update to 2.4.119:
* add amdgpu_va_get_start_addr
==== libheif ====
Version update (1.17.5 -> 1.17.6)
Subpackages: gdk-pixbuf-loader-libheif libheif-aom libheif-dav1d libheif-ffmpeg libheif-jpeg libheif-openjpeg libheif-rav1e libheif1
- update to 1.17.6:
* A couple of build fixes and bug fixes detected by fuzzing.
* Corrects these issues:
* CVE-2023-49462 - #1043
* CVE-2023-49463 - #1042
- drop libheif-CVE-2023-49462.patch,
libheif-CVE-2023-49464.patch,
libheif-CVE-2023-49460.patch: upstream
- security update
- added patches
fix CVE-2023-49460 [bsc#1217902], segmentation violation in decode_uncompressed_image()
+ libheif-CVE-2023-49460.patch
- sync ExclusiveArch with SVT-AV1
- move HEIF plugins from examples to separate package
- make sure all subpackages use the same libheif1 ABI
==== libical ====
Version update (3.0.16 -> 3.0.17)
- update to 3.0.17:
* Escape commas in x-property TEXT values
* Built-in timezones updated to tzdata2023c
* icalparser_ctrl setting defines how to handle invalid CONTROL
characters during parsing
* New publicly available functions:
+ get_zone_directory()
+ icalparser_get_ctrl
+ icalparser_set_ctrl
==== libical-glib ====
Version update (3.0.16 -> 3.0.17)
- update to 3.0.17:
* Escape commas in x-property TEXT values
* Built-in timezones updated to tzdata2023c
* icalparser_ctrl setting defines how to handle invalid CONTROL
characters during parsing
* New publicly available functions:
+ get_zone_directory()
+ icalparser_get_ctrl
+ icalparser_set_ctrl
==== libjcat ====
Version update (0.1.14 -> 0.2.0)
- Update to version 0.2.0:
+ New Features:
- Add support for verifying firmware transparency checkpoints
- Add various bitcounting functions for future use
- Allow creating and validating SHA512 checksums
- Allow verifying the checksum of a payload
+ Bugfixes:
- Sprinkle attribute((nonnull)) to give a little more
compile-time safety
==== libjpeg-turbo ====
Version update (8.2.2 -> 8.3.2)
- update to 3.0.1 (bsc#1211542, CVE-2023-2804):
* The x86-64 SIMD functions now use a standard stack frame,
prologue, and epilogue so that debuggers and profilers can
reliably capture backtraces from within the functions.
* Fixed two minor issues in the interblock smoothing algorithm
that caused mathematical (but not necessarily perceptible)
edge block errors when decompressing progressive JPEG images
exactly two MCU blocks in width or that use vertical
chrominance subsampling.
* The TurboJPEG API now supports 4:4:1 (transposed 4:1:1)
chrominance subsampling, which allows losslessly transposed or
rotated 4:1:1 JPEG images to be losslessly cropped, partially
decompressed, or decompressed to planar YUV images.
* Fixed various segfaults and buffer overruns (CVE-2023-2804)
* that occurred when attempting to decompress various
specially-crafted malformed 12-bit-per-component and
16-bit-per-component lossless JPEG images using color
quantization or merged chroma upsampling/color conversion. The
underlying cause of these issues was that the color
quantization and merged chroma upsampling/color conversion
algorithms were not designed with lossless decompression
in mind. Since libjpeg-turbo explicitly does not support color
conversion when compressing or decompressing lossless JPEG
images, merged chroma upsampling/color conversion never should
have been enabled for such images. Color quantization is a
legacy feature that serves little or no purpose with lossless
JPEG images, so it is also now disabled when decompressing such
images. (As a result, djpeg can no longer decompress a
lossless JPEG image into a GIF image.)
* Fixed an oversight in 1.4 beta1[8] that caused various
segfaults and buffer overruns when attempting to decompress
various specially-crafted malformed 12-bit-per-component JPEG
images using djpeg with both color quantization and RGB565
color conversion enabled.
* Fixed an issue whereby `jpeg_crop_scanline()` sometimes
miscalculated the downsampled width for components with 4x2 or
2x4 subsampling factors if decompression scaling was enabled.
This caused the components to be upsampled incompletely, which
caused the color converter to read from uninitialized memory.
With 12-bit data precision, this caused a buffer overrun or
underrun and subsequent segfault if the sample value read from
uninitialized memory was outside of the valid sample range.
* Fixed a long-standing issue whereby the `tj3Transform()`
function, when used with the `TJXOP_TRANSPOSE`,
`TJXOP_TRANSVERSE`, `TJXOP_ROT90`, or `TJXOP_ROT270` transform
operation and without automatic JPEG destination buffer
(re)allocation or lossless cropping, computed the worst-case
transformed JPEG image size based on the source image
dimensions rather than the transformed image dimensions. If a
calling program allocated the JPEG destination buffer based on
the transformed image dimensions, as the API documentation
instructs, and attempted to transform a specially-crafted
4:2:2, 4:4:0, 4:1:1, or 4:4:1 JPEG source image containing a
large amount of metadata, the issue caused `tj3Transform()` to
overflow the JPEG destination buffer rather than fail
gracefully. The issue could be worked around by setting
`TJXOPT_COPYNONE`. Note that, irrespective of this issue,
`tj3Transform()` cannot reliably transform JPEG source images
that contain a large amount of metadata unless automatic JPEG
destination buffer (re)allocation is used or `TJXOPT_COPYNONE`
is set.
* Significantly sped up the computation of optimal Huffman
tables. This speeds up the compression of tiny images by as
much as 2x and provides a noticeable speedup for images as
large as 256x256 when using optimal Huffman tables.
* All deprecated fields, constructors, and methods in the
TurboJPEG Java API have been removed.
* Arithmetic entropy coding is now supported with
12-bit-per-component JPEG images.
* Overhauled the TurboJPEG API to address long-standing
limitations and to make the API more extensible and intuitive.
==== libportal ====
Subpackages: libportal-gtk3-1 libportal-gtk4-1 libportal1
- Replace copypasted summaries by something more concrete
==== libqt5-qtbase ====
Version update (5.15.11+kde138 -> 5.15.12+kde147)
Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 libqt5-qtbase-platformtheme-gtk3
- Update to version 5.15.12+kde147:
* Http2: fix potential overflow in assemble_hpack_block()
(bsc#1218413, CVE-2023-51714)
* HPack: fix incorrect integer overflow check
* HPack: fix a Yoda Condition
- Update to version 5.15.12+kde144, rebased upstream:
* QMimeDatabase: handle buggy type definitions with circular inheritance
* xcb: only set base size when it's valid
* QPixmapCache: fix leaking of QStrings and Keys on clear()
* OpenFile portal: do not use O_PATH fds
* QSystemTrayIcon: properly disconnect old menu in setContextMenu()
* Guard QTabBar against nested event processing during moving tabs
* QDial: don't crash when min==max and setting a value != min & max
* QStandardItemModel: don't leak in mimeData()
* SQL/MySQL: properly initialize variable
* QWidgetTextControl: ignore invalid input method event
* Update the LGPL license header
* SQL/MySQL: fix handling of json column
* Remove QMAKE_RANLIB and QMAKE_LINK_SHLIB from android/default_pre.prf
* macOS: Fix less common writing systems on Catalina and later
* Blacklist 1 tests in tst_QFtp on ubuntu-20.04
* Update bundled libpng to version 1.6.39
* Android: Fix signing of APKs that are generated when an AAB is also built
* Update bundled zlib to version 1.2.13
* doc: update the limitation of QSystemTrayIcon on X11
* Blacklist 1 tests in tst_QTimer on ubuntu-20.04
* Add benchmarks for QLocale number parsing
* Add benchmarks for QString number parsing
* Android: Fix incorrect fullscreen dimensions
* Gtk3Theme: set XCURSOR_SIZE and XCURSOR_THEME for wayland sessions
* xcb: Flush Display when processing xcb events
* xcb: Add xlib wrapper for XFlush()
* QHostAddress: Fix incorrect comparison against 'Any'
* QSsl[OpenSSL/Android]: Fix hardcoded 1_1 suffix
* BLACKLIST: tst_QApplication::sendEventsOnProcessEvents for RHEL 9.0
* QMacStyle: do not set white color for grayed out button
* Work round macOS's omission of en_DE from its own uiLanguages()
* Suppress a deprecation warning in tst_QDateTime::toString_enumformat()
* QJsonValue: fix incorrect to{Array,Object} when the value is empty
* QGtk3Dialog: remove the #include for empty moc
* Remove unneeded QWindow from QGtk3Dialog
* tst_QSslSocket: Delete sslOptions
* tst_QSslServer: Make the in-process server use TLS1.2
* Android: fix Gradle warning about using enableUncompressedNativeLibs
* Mention limitation of QDir::drives() on Windows
* QFileSystemEngine/Win: fix incorrect buffer size in currentPath()
* Android: properly retrieve mime type of uri to for openUrl()
* Android: Fix clipboard issue with urls
* Android: Add a way to disable accessibility via an environment var
* Update bundled libpng to version 1.6.38
* QIOSMessageDialog::exec - work around 'windowsless' exec
* QIosScreen: retain the right window
* tst_Q{BitArray,ContiguousCache}: check not only count(), but size(), too
* QIosTextResponder: stop using deprecated constants and type
* qcompilerdetection.h: detect Coverity
* Android: Fix Display.getRealMetrics deprecation
* Fix broken Text rendering when noantialiased NativeRendering is used
* forkfd: fix Clang 15 ATOMIC_VAR_INIT deprecation warning
* eglfs: Add env.var. to disable the dedicated drmHandleEvent thread
* doc: Don't put strings into QVector<double>
* Remove focusProxyAndInputMethods from tst_QWidget
* Bump version to 5.15.12
* Update documentation of qWaitForWindowActive / qWaitForWindowExposed
* QtHttp: Lower the severity of some log output
* StyleSheetStyle: Fix color of placeholder texts in text edits
* Android: Fix flickering on split screen mode
* Update url to IAccessible2 Specification
==== libqt5-qtdeclarative ====
Version update (5.15.11+kde30 -> 5.15.12+kde31)
- Update to version 5.15.12+kde31, rebased upstream:
* QML: Fortify qmlExecuteDeferred some more
* QV4: Avoid memory corruption in Reflect.apply
* Blacklist 1 tests in tst_qquickanimations on macos
* doc: Add note to PinchHandler.translation property about macOS trackpad
* Revert "masm: Treat Android as generic Posix regarding mmap and friends"
* QML: Check for stack overflows when creating objects
* Fix wrong item-sizeHint-cache when StackLayout children were reordered
* Doc: Add missing QQuickWindow constructor
* Handle missing stops gracefully in Shape gradients
* Do not crash if madvise() fails on MADV_WILLNEED
* Blacklist 1 tests in tst_qquickbehaviors on macos
* Avoid double applyDelegateChange in QQIV::setDelegate
* QSGGeometry: add Q_DISABLE_COPY_MOVE
* Qml: Don't crash on bad grouped properties
* Fix TypeError in dynamicview1 example
* Fix broken Text rendering when noantialiased NativeRendering is used
* Trim file names before adding them to qml components and scripts
* masm: Treat Android as generic Posix regarding mmap and friends
* Bump version to 5.15.12
* Move StackLayout tests from qtquickcontrols.git (5.15)
==== libqt5-qtgraphicaleffects ====
Version update (5.15.11+kde0 -> 5.15.12+kde0)
- Update to version 5.15.12+kde0, rebased upstream:
* Bump version to 5.15.12
==== libqt5-qtimageformats ====
Version update (5.15.11+kde12 -> 5.15.12+kde10)
- Update to version 5.15.12+kde10, rebased upstream:
* Bump version to 5.15.12
==== libqt5-qtlocation ====
Version update (5.15.11+kde4 -> 5.15.12+kde6)
- Update to version 5.15.12+kde6, rebased upstream:
* Fix HereMap plugin not supporting authentication via apiKey
* Fix build of Qt.labs.location QML plugin
* PositionSource: fix lastKnownPosition request at startup
* Bump version to 5.15.12
- Drop patches, now upstream:
* 0001-Fix-build-of-Qt.labs.location-QML-plugin.patch
==== libqt5-qtmultimedia ====
Version update (5.15.11+kde2 -> 5.15.12+kde2)
- Update to version 5.15.12+kde2, rebased upstream:
* Fix crash on macos13 with iphone camera
* VideoOutput: Always update geometry when video surface format changes
* VideoOutput: fix resize of a finished video
* Bump version to 5.15.12
* Windows: Fix cropping for HEVC-encoded videos
==== libqt5-qtquickcontrols ====
Version update (5.15.11+kde0 -> 5.15.12+kde0)
- Update to version 5.15.12+kde0, rebased upstream:
* Bump version to 5.15.12
* Remove tests for StackLayout
==== libqt5-qtquickcontrols2 ====
Version update (5.15.11+kde5 -> 5.15.12+kde5)
Subpackages: libQt5QuickControls2-5 libQt5QuickTemplates2-5
- Update to version 5.15.12+kde5, rebased upstream:
* Bump version to 5.15.12
==== libqt5-qtsensors ====
Version update (5.15.11+kde0 -> 5.15.12+kde0)
Subpackages: libQt5Sensors5 libQt5Sensors5-imports
- Update to version 5.15.12+kde0, rebased upstream:
* Bump version to 5.15.12
==== libqt5-qtspeech ====
Version update (5.15.11+kde1 -> 5.15.12+kde1)
Subpackages: libQt5TextToSpeech5 libqt5-qtspeech-plugin-speechd
- Update to version 5.15.12+kde1, rebased upstream:
* Bump version to 5.15.12
==== libqt5-qtsvg ====
Version update (5.15.11+kde6 -> 5.15.12+kde6)
- Update to version 5.15.12+kde6, rebased upstream:
* Bump version to 5.15.12
==== libqt5-qttools ====
Version update (5.15.11+kde3 -> 5.15.12+kde4)
Subpackages: libqt5-qdbus libqt5-qtpaths
- Update to version 5.15.12+kde4, rebased upstream:
* qdoc: Ensure the generated temporary header file is closed properly
* Bump version to 5.15.12
==== libqt5-qttranslations ====
Version update (5.15.11+kde0 -> 5.15.12+kde0)
- Update to version 5.15.12+kde0, rebased upstream:
* Bump version to 5.15.12
==== libqt5-qtvirtualkeyboard ====
Version update (5.15.11+kde0 -> 5.15.12+kde0)
Subpackages: libQt5HunspellInputMethod5 libQt5VirtualKeyboard5 libqt5-qtvirtualkeyboard-hunspell
- Update to version 5.15.12+kde0, rebased upstream:
* Doc: Improve locale section of technical guide
* Fix visible area in the basic example
* Bump version to 5.15.12
==== libqt5-qtwayland ====
Version update (5.15.11+kde59 -> 5.15.12+kde60)
Subpackages: libQt5WaylandClient5 libQt5WaylandCompositor5
- Update to version 5.15.12+kde60, rebased upstream:
* Client: Always populate mimedata in drags
* Client: Honor QGuiApplication::overrideCursor()
* Always use blocking write for data_source.send
* client: Mark return values as unused to suppress compiler warnings
* tests: fix tst_seatv4 to use 24 as default cursor size
* Bump version to 5.15.12
==== libqt5-qtwebchannel ====
Version update (5.15.11+kde3 -> 5.15.12+kde3)
Subpackages: libQt5WebChannel5 libQt5WebChannel5-imports
- Update to version 5.15.12+kde3, rebased upstream:
* Bump version to 5.15.12
==== libqt5-qtwebview ====
Version update (5.15.11+kde0 -> 5.15.12+kde0)
Subpackages: libQt5WebView5 libQt5WebView5-imports
- Update to version 5.15.12+kde0, rebased upstream:
* Bump version to 5.15.12
==== libqt5-qtx11extras ====
Version update (5.15.11+kde0 -> 5.15.12+kde0)
- Update to version 5.15.12+kde0, rebased upstream:
* Bump version to 5.15.12
==== libqt5-qtxmlpatterns ====
Version update (5.15.11+kde0 -> 5.15.12+kde0)
Subpackages: libQt5XmlPatterns5 libqt5-qtxmlpatterns-imports
- Update to version 5.15.12+kde0, rebased upstream:
* Bump version to 5.15.12
==== libraw ====
Version update (0.21.1 -> 0.21.2)
- update to 0.21.2:
* New compile-defined limit LIBRAW_MAX_PROFILE_SIZE_MB:
limits allocation/read size for embedded color profile
Embedded color profile allocation/read size: limited by input
file size.
* Multiple fixes (mostly inspired by oss-fuzz) to improve
library stability and/or input checks.
* raw-identify: use fallback if PATH_MAX not available
* Disabled color conversion for Canon 16-bit thumbnails
* docs/changelog: explained the case when no thumbnail is found
in specific file
* swapXX renamed to libraw_swapXX to avoid name conflict
* better striped thumbnails handling
- drop libraw-CVE-2023-1729.patch (upstream)
==== librsvg ====
Version update (2.57.0 -> 2.57.1)
Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0
- Update to version 2.57.1:
+ Fix small-caps and bump the version of Pango required to 1.50.0.
+ Fix panic when using negative scaling transforms on the
toplevel.
+ Support "var(--foo, #aabbcc)" just for colors. This is the
minimum required to render color SVG emoji fonts that provide
color fallbacks, but it is not yet full support for CSS var().
+ Fix the VS2017 build.
+ Update cairo-rs.
+ Update the project metadata files.
==== libstorage-ng ====
Version update (4.5.163 -> 4.5.170)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- merge gh#openSUSE/libstorage-ng#976
- make more use of new SystemCmd interface
- use in-class member initialization
- inhibit colored output from udevadm
- fixed typos
- 4.5.170
- merge gh#openSUSE/libstorage-ng#975
- reduce number of udevadm settle calls during probing
- use in-class member initialization
- proved probe function taking SystemInfo as an additional argument
- fixed typos
- moved code
- 4.5.169
- Translated using Weblate (Slovak) (bsc#1149754)
- 4.5.168
- Translated using Weblate (Dutch) (bsc#1149754)
- Translated using Weblate (Japanese) (bsc#1149754)
- Translated using Weblate (Czech) (bsc#1149754)
- Translated using Weblate (Catalan) (bsc#1149754)
- merge gh#openSUSE/libstorage-ng#974
- updated pot and po files
- 4.5.167
- merge gh#openSUSE/libstorage-ng#973
- fixed typos
- 4.5.166
- merge gh#openSUSE/libstorage-ng#972
- added note about nvme json output
- 4.5.165
- merge gh#openSUSE/libstorage-ng#971
- adapted to changed nvme json output (bsc#1218306)
- 4.5.164
==== libxmlb ====
Version update (0.3.14 -> 0.3.15)
- update to 0.3.15:
* Sprinkle __attribute__((nonnull)) to give a little more
compile-time safety
* Accept text/xml as an alternative to application/xml
* Do not inline shared code
* Fix compiling with Visual Studio
* Fix the exported api test on Windows
* Generate and use .def file for clang-cl builds
Fan)
* Release source file handles early
==== libzypp ====
Version update (17.31.25 -> 17.31.27)
- CheckAccessDeleted: fix 'running in container' filter
(bsc#1218291)
- version 17.31.27 (22)
- Call zypp commit plugins during transactional update (fixes #506)
- Add support for loongarch64 (fixes #504)
- Teach MediaMultiCurl to download HTTP Multibyte ranges.
- Teach zsync downloads to MultiCurl.
- Expand RepoVars in URLs downloading a .repo file (bsc#1212160)
Convenient and helps documentation as it may refer to a single
command for a bunch of distributions. Like e.g. "zypper ar
'https://server.my/$releasever/my.repo'".
- version 17.31.26 (22)
==== lsof ====
Version update (4.99.0 -> 4.99.3)
- lsof 4.99.3:
* Fix compilation error when HASIPv6 is not defined
* Add configure option --disable-liblsof to disable installation
of liblsof
- add lsof-4.99.3-fix-version-in-configure-ac.patch
==== mozilla-nss ====
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs
- add nss-allow-slow-tests-s390x.patch: "certutil dump keys with
explicit default trust flags" test needs longer than the allowed
6 seconds on s390x
==== multipath-tools ====
Version update (0.9.7+76+suse.5f857af -> 0.9.7+93+suse.e2f2272)
Subpackages: kpartx libmpath0
- Update to version 0.9.7+93+suse.e2f2272:
* fix ANA prioritizer enablement logic (bsc#1218326)
* avoid setting queue_if_no_path on multipath maps for which the
no_path_retry timeout has expired
* the interactive commands "restorequeueing map X" and
"restorequeing maps" now only affect maps that had queueing
manually disabled using "disablequeuing maps" or
"disablequeuing map X" beforehand
* Spelling fixes
==== newt ====
Version update (0.52.23 -> 0.52.24)
- update to 0.52.24:
* add support for python3.13
* fix compiler warnings
==== nftables ====
Subpackages: libnftables1 python311-nftables
- buildrequire setuptools explicitly as pip drops the dependency
- Fix the python bindings subpackages
* The PEP517 python build requires setuptools
* Actually use the rpm subpackage definition
* The version is actually python3dist(nftables) = 0.1
* is noarch and requires libnftables1 through dlopen, tell
rpmlint
* remove unused shebang
==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0
- Updated to latest upstream: two small changes, with no known
functional changes:
* Incorrect documentation for `iscsiadm -m session` print level
(upstream issue #432)
* Stop using deprecated inet_aton and inet_ntoa (upstream issue
[#435])
- Also, stopped using pre-prepared tarballs for the build, instead
now using a service file to get latest SUSE srouces directly.
This removed these two files:
* open-iscsi-2.1.9-suse.tar.bz2, and
* open-iscsi-SUSE-latest.diff.bz2
whcih were both created by a shell script, and added a service-
file-generated file of the form:
* open-iscsi-2.1.9.suse+TAG_OFFSET.tar.xz
where TAG_OFFSET is of the form "COMMIT_COUNT.HASH", where
COMMIT_COUNT is the count of commits since 2.1.9-suse (in this
case), and HASH is the git commit hash being used.
==== openblas_pthreads ====
- add Requires(pre/post): coreutils to the sub-packages that use
commands like: ln, dirname, mktemp, etc in the pre/post scriptlets
==== osinfo-db ====
Version update (20231027 -> 20231215)
- Update to database version 20231215 (jsc#PED-6305)
osinfo-db-20231215.tar.xz
==== perl-HTTP-Cookies ====
Version update (6.10 -> 6.110.0)
- updated to 6.11
see /usr/share/doc/packages/perl-HTTP-Cookies/Changes
6.11 2023-12-07 16:36:52Z
- Replace "Test" with "Test::More" (GH#70) (James Raspass)
==== perl-IO-Socket-SSL ====
- Fix the test t/core.t to build with OpenSSL 3.2.0. [bsc#1218342]
* https://github.com/noxxi/p5-io-socket-ssl/issues/147
* Add perl-IO-Socket-SSL-Openssl32.patch
==== perl-XML-Parser ====
Version update (2.46 -> 2.470.0)
- updated to 2.47
see /usr/share/doc/packages/perl-XML-Parser/Changes
2.47 2023-12-28 (by Todd Rinaldo)
- #84 use $fh instead of $foo
- #85 Fix typo in documentation
- #89 Devel::CheckLib to from 0.99 -> 1.14
- Devel::CheckLibn 1.16
- #91 POD fix for verbatim text
- #97 Add a LICENSE file
- #94 Don't ship Expat/Makefile
- Various github workflow improvements. Windows is still not working.
==== plasma-branding-Kalpa ====
Version update (20231218 -> 20231227)
- Use cURL instead of ping for online check
- Added eval to kalpa-firstboot and kalpa-firstboot-aarch64
(boo#1218367)
- Updated to 20231227
- Fixed typos in kalpa-firstboot and kalpa-firstboot-aarch64
(boo#1218367)
* Removed improper "" around $dbusRef
* Corrected PATH for flathub remote
* Removed installation of kwrite flatpak, GUI text editor is
being provided via RPM in the pattern
==== plasma5-workspace ====
Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-libs xembedsniproxy
- Update appstream build requirement for compatibility with 1.0.0
==== podman ====
Version update (4.8.2 -> 4.8.3)
- Update to version 4.8.3:
* Release v4.8.3
* Update RELEASE_NOTES.md for v4.8.3
* update module golang.org/x/crypto to v0.17.0 [security]
* Error on HyperV VM start when gvproxy has failed to start
* bump release to v4.8.3-dev
==== poppler ====
Version update (23.11.0 -> 23.12.0)
Subpackages: libpoppler-cpp0 libpoppler-glib8 libpoppler133 poppler-tools
- version update to 23.12.0
core:
* Rewrite FoFiType1::parse to be more flexible
* Small internal code refactoring
==== poppler-qt5 ====
Version update (23.11.0 -> 23.12.0)
- version update to 23.12.0
core:
* Rewrite FoFiType1::parse to be more flexible
* Small internal code refactoring
==== postfix ====
Version update (3.8.3 -> 3.8.4)
- update default configuration to enable the long-term fix for
bsc#1218304, CVE-2023-51764, SMTP smuggling attack:
* smtpd_forbid_bare_newline = yes
* smtpd_forbid_bare_newline_exclusions = $mynetworks
- update to 3.8.4 (bsc#1218304, CVE-2023-51764):
* Security: this release adds support to defend
against an email spoofing attack (SMTP smuggling) on
recipients at a Postfix server. For background, see
https://www.postfix.org/smtp-smuggling.html
==== protobuf ====
Subpackages: libprotobuf-lite23_4_0 libprotobuf23_4_0 python311-protobuf
- build against modern python on sle15
==== protobuf-c ====
Version update (1.4.1 -> 1.5.0)
- update to 1.5.0:
* Use CMAKE_CURRENT_BINARY_DIR instead of CMAKE_BINARY_DIR
* remove deprecated functionality
* Avoid "unused variable" compiler warning
* Update autotools
* Support for new Google protobuf 22.x, 23.x releases
* Remove protobuf 2.x support
==== pulseaudio ====
Subpackages: libpulse-mainloop-glib0 libpulse0 pulseaudio-setup pulseaudio-utils system-user-pulse
- minor fixes for setup-pulseaudio
* be sure /etc/profile.d/pulseaudio.sh exists before using grep
==== python-Babel ====
Version update (2.13.1 -> 2.14.0)
- update to 2.14.0:
* ``Locale.number_symbols`` will now have first-level keys for
each numbering system.
* Babel no longer directly depends on either ``distutils`` or
``setuptools``; if you had been using the Babel setuptools
command extensions, you would need explicitly depend on
``setuptools``
* CLDR/Numbers: Add support of local numbering systems for
number symbols
* CLDR: Upgrade to CLDR 43
* Frontend: Allow last_translator to be passed as an option to
extract_message
* Frontend: Decouple `pybabel` CLI frontend from
distutils/setuptools
* Numbers: Improve parsing of malformed decimals
==== python-SQLAlchemy ====
Version update (2.0.23 -> 2.0.24)
- update to 2.0.24:
* https://docs.sqlalchemy.org/en/20/changelog/changelog_20.html#change-2.0.24
==== python-alembic ====
Version update (1.13.0 -> 1.13.1)
- update to 1.13.1:
* Fixed :class:`.Rewriter` so that more than two instances
could be chained together correctly, also allowing multiple
``process_revision_directives`` callables to be chained.
* Fixed issue where the method
:meth:`.EnvironmentContext.get_x_argument` using the
:paramref:`.EnvironmentContext.get_x_argument.as_dictionary`
parameter would fail if an argument key were passed on the
command line as a name alone, that is, without an equal sign
``=`` or a value. Behavior is repaired where this condition is
detected and will return a blank string for the given key,
consistent with the behavior where the ``=`` sign is
present and no value.
* Fixed issue where the "unique" flag of an ``Index`` would not
be maintained when generating downgrade migrations.
* Fixed bug in versioning model where a downgrade across a
revision with two down revisions with one down revision
depending on the other, would produce an erroneous state in
the alembic_version table, making upgrades impossible
without manually repairing the table.
* Updated pep-484 typing to pass mypy "strict" mode, however
including per-module qualifications for specific typing
elements not yet complete.
* This allows us to catch specific typing issues that have been
ongoing such as import symbols not properly exported.
==== python-configobj ====
- Remove six from the rpm requirements. Why would we have
remove_six.patch in the first place if we still require it?
- Enable unit tests
- require setuptools
- remove python2 logic, this makes no sense after
"remove_six.patch"
==== python-hiredis ====
- require setuptools
==== python-httpx ====
Version update (0.25.2 -> 0.26.0)
- update to 0.26.0:
* The `proxy` argument was added. You should use the `proxy`
argument instead of the deprecated `proxies`, or use
`mounts=` for more complex configurations.
* The `proxies` argument is now deprecated. It will still
continue to work, but it will be removed in the future.
* Fix cases of double escaping of URL path components. Allow /
as a safe character in the query portion.
* Handle `NO_PROXY` envvar cases when a fully qualified URL is
supplied as the value.
* Allow URLs where username or password contains unescaped '@'.
* Ensure ASGI `raw_path` does not include URL query component.
* Ensure `Response.iter_text()` cannot yield empty strings.
==== python-importlib-metadata ====
Version update (7.0.0 -> 7.0.1)
- update to 7.0.1:
* Corrected the interface for SimplePath to encompass the
expectations of locate_file and PackagePath.
* Fixed type annotations to allow strings.
==== python-jsonschema-specifications ====
Version update (2023.11.2 -> 2023.12.1)
- update to 2023.12.1:
* Ignore dotfiles when collectimg schemas
==== python-numpy ====
- Fix build error for Leap. Need gcc >= 8.5
==== python-psutil ====
Version update (5.9.6 -> 5.9.7)
- update to 5.9.7:
* 2324_: enforce Ruff rule `raw-string-in-exception`, which
helps providing clearer tracebacks when exceptions are
raised by psutil.
* 2325_, [PyPy]: psutil did not compile on PyPy due to missing
`PyErr_SetExcFromWindowsErrWithFilenameObject` cPython API.
- drop logind_y2038.patch (upstream)
==== python-pycryptodome ====
Version update (3.19.0 -> 3.19.1)
- update to 3.19.1:
* Fixed a side-channel leakage with OAEP decryption that could be
exploited to carry out a Manger attack
==== python-pycups ====
- require setuptools
==== python-pyrsistent ====
Version update (0.19.3 -> 0.20.0)
- update to 0.20.0:
* Fix #245, never introduce new nodes during discard.
* Fix #268, do not rely on well implemented __ne__ for keys in
pmaps, instead do explicit inversion of equality
comparison when checking for inequality.
* Officially support Python 3.12.
* Officially drop support for Python 3.7.
* Fix #273, build more types of wheels.
* Fix #282, add generic types to types
* Fix #281, defaultdict can now be frozen. NB! This is a
backwards incompatible fix since defaultdict was not
previously frozen.
==== python-pyzmq ====
Version update (25.1.1 -> 25.1.2)
- update to 25.1.2:
* Fix builds with some recent compilers and bundled libzmq
* Fix builds with upcoming Cython 3.1
==== python-redis ====
- Add patch to increase timeouts in s390x where tests take longer
to run:
* increase-test-timeout.patch
==== python-setuptools ====
Version update (68.1.2 -> 69.0.2)
- Add patch allow-only-direct-compilation.patch:
* Allow forcing direct compilation.
- update to 69.0.2:
* Added missing estimated date for removing
``setuptools.dep_util`` (deprecated in v69.0.0).
* Fixed imports of ``setuptools.dep_util.newer_group``.
* A deprecation warning is issued instead of a hard failure.
* Include type information (``py.typed``, ``*.pyi``) by default
(#3136) -- by :user:`Danie-1`,
* Exported ``distutils.dep_util`` and ``setuptools.dep_util``
through ``setuptools.modified``
* Merged with pypa/distutils@7a04cbda0fc714.
* Replaced hardcoded numeric values with :obj:`dis.opmap`,
fixing problem with 3.13.0a1. (#4094)
* Configuring project ``version`` and ``egg_info.tag_*`` in
such a way that results in invalid version strings
(according to :pep:`440`) is no longer permitted. (#4066)
* Removed deprecated ``egg_base`` option from ``dist_info``.
* The parsing of the deprecated ``metadata.license_file`` and
``metadata.requires`` fields in ``setup.cfg`` is no longer
supported.
* Users are expected to move to ``metadata.license_files`` and
``options.install_requires`` (respectively). (#4066)
* Passing ``config_settings`` to ``setuptools.build_meta`` with
deprecated values for ``--global-option`` is no longer
allowed. (#4066)
* Removed deprecated ``namespace-packages`` from
``pyproject.toml``.
* Added strict enforcement for ``project.dynamic`` in
``pyproject.toml``.
This removes the transitional ability of users configuring
certain parameters via ``setup.py`` without making the
necessary changes to ``pyproject.toml``
* Removed handling of ``--config-settings["--build-option"]``
in ``setuptools.build_meta`` from build-backend API hooks
* other than* ``build_wheel``.
* Improve backwards compatibility with deprecated CLI
practices. (#4048)
* Avoid using caching attributes in ``Distribution.metadata``
for requirements. This is done for backwards compatibility
with customizations that attempt to modify ``install_requires``
or ``extras_require`` at a late point (still not recommended).
* Rework how ``setuptools`` internally handles
``dependencies/install_requires`` and
``optional-dependencies/extras_require``. (#3903)
* Improve the generated ``PKG-INFO`` files, by adding
``Requires-Dist`` fields.
* Previously, these fields would be omitted in favour of a non-
standard ``*.egg-info/requires.txt`` file (which is still
generated for the time being). (#3904)
* Improve atomicity when writing ``PKG-INFO`` files to avoid
race conditions with ``importlib.metadata``. (#3904)
* Fix the name given to the ``*-nspkg.pth`` files in editable
installs, ensuring they are unique per distribution. (#4041)
* Workaround some limitations on ``pkg_resources``-style legacy
namespaces in the meta path finder for editable installations.
- drop sphinx72.patch (upstream)
==== python-six ====
- require setuptools
==== python-tornado6 ====
Version update (6.3.3 -> 6.4)
- update to 6.4:
* https://www.tornadoweb.org/en/stable/releases/v6.4.0.html
* Python 3.12 is now supported.
- drop py312-datetime.patch (upstream)
==== python-zope.interface ====
Version update (6.0 -> 6.1)
- remove python2 specific codepaths
- update to 6.1:
* Add support for Python 3.12.
* Fix building of the docs for non-final versions.
==== qca-qt5 ====
Version update (2.3.7 -> 2.3.7+git12)
Subpackages: libqca-qt5-2 qca-qt5-plugins
- Update to version 2.3.7+git12:
* Increase version number
* Update rootcerts.pem
* test: add test for EME_PKCS1_OAEP and fix openssl >= 3.2 does not failing anymore when decrypting with the wrong key
* plugins/qca-ossl: Announce tripledes unconditionally again
- Add a _service to pick up fixes from git
- Update to version 2.3.7+git8:
* CI: Also verify that presence of the ossl legacy provider impacts qca
* plugins/qca-ossl: Actually try loading the legacy provider
* plugins/qca-ossl: Neither PKCS12 nor 3DES are legacy
(boo#1218254)
* unittest/keybundle: Regenerate keys and certificates
* CI: Use clang-format-16
* GIT_SILENT: Port to new gitlab ci template
* Replace sys/termios.h include for just termios.h
* Sign self-signed certs with SHA256
==== qpdf ====
Version update (11.6.4 -> 11.7.0)
- update to 11.7.0:
* Add QPDFAcroFormDocumentHelper::disableDigitalSignatures,
which disables any digital signature fields, leaving their
visual representations intact.
The --remove-restrictions command-line argument now calls this.
* Generate a more complete qpdf "man page" from the same source
as qpdf --help. Fixes #1064.
* Allow the syntax "--encrypt --user-password=user-password
- -owner-password=owner-password --bits={40,128,256}" when
encrypting PDF files. This is an alternative to the syntax
"--encrypt user-password owner-password {40,128,256}", which
will continue to be supported. The new syntax works better with
shell completion and allows creation of passwords that start
with "-".
* When setting a check box value, allow any value other than
/Off to mean checked. This is permitted by the spec.
* Fix to QPDF JSON: a floating point number that appears in
scientific notation will be converted to fixed-point notation,
rounded to six digits after the decimal point.
* Fix to QPDF JSON: the syntax "n:/pdf-syntax" is now accepted
as an alternative way to represent names. This can be used for
any name (e.g. "n:/text#2fplain"), but it is necessary when the
name contains binary characters.
* Update code and tests so that qpdf's test suite no longer
depends on the output of any specific zlib implementation.
This makes it possible to get a fully passing test suite with any
API-compatible zlib library. CI tests with the default zlib
as well as zlib-ng (including verifying that zlib-ng is not the
default), but any zlib implementation should work. Fixes
[#774].
* Bug fix: with --compress-streams=n, don't compress object,
XRef, or linearization hint streams.
* Add new C++ functions "qpdf_c_get_qpdf" and "qpdf_c_wrap" to
qpdf-c.h that make it possible to write your own extern "C"
functions in C++ that interoperate with the C API. See
examples/extend-c-api for more information.
==== runc ====
Version update (1.1.10 -> 1.1.11)
- Update to runc v1.1.11. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.1.11>.
==== sdbootutil ====
Version update (1+git20231214.b186b2d -> 1+git20231221.42797ab)
Subpackages: sdbootutil-rpm-scriptlets sdbootutil-snapper
- Update to version 1+git20231221.42797ab:
* Do not fail if LUKS2 section is empty
==== sof-firmware ====
Version update (2023.09.2 -> 2023.12)
- Update to version 2023.12:
* SOF v2.8 FW binaries: For older Intel platforms, FW from v2.2 stable
* SOF v2.8 tools: For older Intel platforms, tools from v2.2 stable
* SOF v2.8 DSP topologies: For older Intel platforms, topologies matching v2.2.8
- add Requires(post): coreutils
* the macro regenerate_initrd_post creates a post scriptlet that
uses mkdir and touch
==== sudo ====
Version update (1.9.15p4 -> 1.9.15p5)
Subpackages: sudo-plugin-python
- Update to 1.9.15p5:
* Fixed evaluation of the lecture, listpw, verifypw, and fdexec sudoers
Defaults settings when used without an explicit value. Previously, if
specified without a value they were evaluated as boolean false, even when
the negation operator ('!') was not present.
* Fixed a bug introduced in sudo 1.9.14 that prevented LDAP netgroup queries
using the NETGROUP_BASE setting from being performed.
* Sudo will now transparently rename a user's lecture file from the older
name-based path to the newer user-ID-based path. GitHub issue #342.
* Fixed a bug introduced in sudo 1.9.15 that could cause a memory allocation
failure if sysconf(_SC_LOGIN_NAME_MAX) fails. Bug #1066.
==== suse-module-tools ====
Version update (16.0.39 -> 16.0.42)
Subpackages: suse-module-tools-scriptlets
- Update to version 16.0.42:
* 60-io-scheduler.rules: test for "scheduler" sysfs attribute (boo#1216717)
- Update to version 16.0.41:
* rpm-script: fix issue during installation (bsc#1217775)
* rpm-script: preun: remove stale .vmlinuz.hmac file
* add blacklist entry for reiserfs (jsc#PED-6167)
* rpm-script: add symlink /boot/.vmlinuz.hmac (bsc#1217775)
* Remove kmp-install (boo#1214360)
==== timezone ====
Version update (2023c -> 2023d)
- update to 2023d:
* Ittoqqortoormiit, Greenland changes time zones on
2024-03-31.
* Vostok, Antarctica changed time zones on 2023-12-18.
* Casey, Antarctica changed time zones five times since
2020.
* Code and data fixes for Palestine timestamps starting in
2072.
* A new data file zonenow.tab for timestamps starting now.
* Fix predictions for DST transitions in Palestine in
2072-2075, correcting a typo introduced in 2023a.
* Vostok, Antarctica changed to +05 on 2023-12-18. It had
been at +07 (not +06) for years.
* Change data for Casey, Antarctica to agree with
timeanddate.com, by adding five time zone changes since 2020.
Casey is now at +08 instead of +11.
* Much of Greenland, represented by America/Nuuk, changed
its standard time from -03 to -02 on 2023-03-25, not on
2023-10-28.
* localtime.c no longer mishandles TZif files that contain
a single transition into a DST regime. Previously,
it incorrectly assumed DST was in effect before the transition
too.
* tzselect no longer creates temporary files.
* tzselect no longer mishandles the following:
* Spaces and most other special characters in BUGEMAIL,
PACKAGE, TZDIR, and VERSION.
* TZ strings when using mawk 1.4.3, which mishandles
regular expressions of the form /X{2,}/.
* ISO 6709 coordinates when using an awk that lacks the
GNU extension of newlines in -v option-arguments.
* Non UTF-8 locales when using an iconv command that
lacks the GNU //TRANSLIT extension.
* zic no longer mishandles data for Palestine after the
year 2075.
==== tpm2.0-tools ====
Version update (5.5 -> 5.6)
- Update to version 5.6
+ tpm2_eventlog:
* add H-CRTM event support
* add support of efivar versions less than 38
* Add support to check for efivar/efivar.h manually
* Minor formatting fixes
* tpm2_eventlog: add support for replay with different
StartupLocality
* Fix pcr extension for EV_NO_ACTION
* Extend test of yaml string representation
* Use helper for printing a string dump
* Fix upper bound on unique data size
* Fix YAML string formatting
+ tpm2_policy:
* Add support for parsing forward seal TPM values
* Use forward seal values in creating policies
* Move dgst_size in evaluate_populate_pcr_digests()
* Allow more than 8 PCRs for sealing
* Move dgst_size in evaluate_populate_pcr_digests
* Allow more than 8 PCRs for sealing
* Make __wrap_Esys_PCR_Read() more dynamic to enable testing more
PCRs
+ tpm2_encryptdecrypt: Fix pkcs7 padding stripping
+ tpm2_duplicate:
* Support -a option for attributes
* Add --key-algorithm option
+ tpm2_encodeobject: Use the correct -O option instead of -C
+ tpm2_unseal: Add qualifier static to enhance the privacy of unseal
function
+ tpm2_sign:
* Remove -m option which was added mistakenly
* Revert sm2 sign and verifysignature
+ tpm2_createek:
* Correct man page example
* Fix usage of nonce
* Fix integrating nonce
+ tpm2_clear: add more details about the action
+ tpm2_startauthsession: allow the file attribute for policy
authorization.
+ tpm2_getekcertificate: Add AMD EK support
+ tpm2_ecdhzgen: Add public-key parameter
+ tpm2_nvreadpublic: Prevent free of unallocated pointers on failure
+ Bug-fixes:
* The readthedocs build failed with module 'jinja2' has no
attribute 'contextfilter' a requirement file was added to fix
this problem
* An error caused by the flags -flto -_FORTIFY_SOURCE=3 in kdfa
implementation. This error can be avoided by switching off the
optimization with pragma
* Changed wrong function name of "Esys_Load" to "Esys_Load"
* Function names beginning with Esys_ are wrongly written as Eys_
* Reading and writing a serialized persistent ESYS_TR handles
* cirrus-ci update image-family to freebsd-13-2 from 13-1
+ misc:
* Change the default Python version to Python3 in the helper's
code
* Skip test which uses the sign operator for comparison in
abrmd_policynv.sh
* tools/tr_encode: Add a tool that can encode serialized ESYS_TR
for persistent handles from the TPM2B_PUBLIC and the raw
persistent TPM2_HANDLE
* Add safe directory in config
==== traceroute ====
Version update (2.1.3 -> 2.1.5)
- update to 2.1.5:
* Parse interface information (rfc5837) for ICMP extensions
* Add `fastopen' tcp module option (cookie negotiation only)
* Complete tcp module option `mss' to discover possible mss
clamping along the path being traced.
* Complete tcp module option `info' to print returned tcp header
options too (all those that can be set or altered by `-O' for
tcp module).
==== tracker-miners ====
Subpackages: tracker-miner-files
- Rebase tracker-miners-drop-syscalls-in-seccomp.patch
==== vim ====
Version update (9.0.2181 -> 9.1.0000)
Subpackages: vim-data vim-data-common vim-small xxd
- update to 9.1.0000
add missing help tags
regenerate synmenu
proto files need update
improve filetype detection for *.v (V/Verilog/Coq)
Update sh syntax and add local keyword for bash
Update ftplugin and omni-complete
Update Version9.txt for release 9.1
Add help tags to items in version9.txt
Updated German translation
Improve Turkish documentation
update syntax and documentation
Wrong display with 'briopt=sbr' and 'nobreakindent'
Updates to indent and syntax
Fix folding of code blocks
Provide sass_recommended_style option
Updates to ftplugin and syntax
Make diffs foldable
Add small ftplugin
add Hungarian translation
Updated Russian translation
remove coveralls, move runtime/lang/Make_mvc.mak
correct the :public example
adjust tutor/README.ru.utf-8.txt
Update Italian translations
missing undo_ftplugin for indentkeys
cursor wrong after { in single line buffer
Visual not drawn with 'breakindent' when line doesn't fit
add help tag multiple-constructors.
fix indentation
Syntax fix
LTCG compile error ARM64 for write_chars
clarify behaviour of ]m and ]M motions
Update default links
update ConTeXt keywords and other minor fixes
Add variable categories and null related documentation
Update R runtime files and docs
Update Ukrainian translation
Coverity complains about not checking return value
Clarify that new() is not static
list of new/changed features in version9.txt
updates to indent, syntax and ftplugin
Add loong64 arch
add some error codes to `:help vim9class`
Vim9: inconsistent :type/:class messages
add support for matchit plugin
add variants of opcodes
Include Vim9 class features in version9.txt
Maximum callback depth is not configurable
Update Serbian messages translation
reformat and align :h ft-c-syntax
Update syntax file
Vim9: need a way to reserve future extension
Add TODO support to syntax script
Vim9: missing error messages
update helptags
POSIX function name in exarg causes issues
no filetype detection for execline scripts
reg_executing() wrong for :normal with range
Wrong cursor position when dragging out of window
Update Serbian messages translation
prevent E11 on FocusGained autocommand
Update Japanese translation
updated 8th syntax
change dependabot prefix to "CI"
Update change.txt
Compile error with Motif UI + mouse support
Create Changelog until v9.0.2175
Update Italian translations
Update tmux syntax rules
Update Turkish translations
Compiler warning for uninitialized var
update fortran syntax rules and doc notes
Vim9: segfault when assigning to type
remove deprecation warning for gdefault
Vim9: crash when compiling for statement and non-existing type
Vim9: compiling :defer may fail
Updated Irish translation
Update Logtalk runtime files for the latest language spec
update Racket runtime files
Update colorschemes
The options[] array is still not sorted alphabetically
Vim9: no support for const/final class/objects vars
Vim9: builtin funcs may accept a non-value
Moving tabpages on :drop may cause an endless loop
sync runtime files with upstream
grammar & typo fixes
add Tbreak command
Vim9: not consistently using :var for declarations
Memory leak in Configure Script when checking GTK
Vim9: can simplify arg type checking code
Vim9: can use type a func arg/return value
escape curdir in BrowseUpDir
Vim9: type can be assigned to list/dict
Vim9: type documentation out-dated
Vim9: not able to use imported interfaces and classes
Fix i386 build
instanceof() should use varargs as second arg
Update syntax file, fix missing for highlight
... changelog too long, skipping 30 lines ...
Type check tests fail without the channel feature
==== wireless-regdb ====
Version update (20230901 -> 20231201)
- Update to version 20231201:
* wireless-regdb: Update keys and maintainer information
==== wireplumber ====
Version update (0.4.16 -> 0.4.17)
Subpackages: libwireplumber-0_4-0 wireplumber-audio
- Update to version 0.4.17:
* Fixes:
- Fix a reference counting issue in the object managers that
could cause crashes due to memory corruption.
- Fix an issue with filters linking to wrong targets, often
with two sets of links.
- Fix a crash in the endpoints policy that would show up when
log messages were enabled at level 3 or higher.
==== xmlsec1 ====
Version update (1.2.37 -> 1.2.38)
Subpackages: libxmlsec1-1 libxmlsec1-openssl1
- Update to 1.2.38
* Have a look at the changelog for the list of changes
==== xorg-x11-server ====
Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra
- n_xserver-optimus-autoconfig-hack.patch
u_randr-Do-not-crash-if-slave-screen-does-not-have-pro.patch
u_xfree86-activate-GPU-screens-on-autobind.patch
* check dixPrivateKeyRegistered(rrPrivKey) before calling
rrGetScrPriv() to avoid xserver crash when Xinerama is enabled
(boo#1218240)
- ------------------------------------------------------------------
==== yast2-installation ====
Version update (5.0.2 -> 5.0.3)
- Enclose IPv6 addresses within square brackets when calling
the mount command (bsc#1217637).
- 5.0.3
==== yast2-journal ====
Version update (5.0.0 -> 5.0.1)
- Make sure not to get escape sequences (for colors) into the
output of the 'journalctl --output json' command, even if
$SYSTEMD_COLORS is set in the environment (bsc#1218106)
- 5.0.1
1
0