Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
MicroOS-release (20241001 -> 20241006)
SDL2 (2.30.7 -> 2.30.8)
apparmor (4.0.2 -> 4.0.3)
audit-secondary
branding-openSUSE
ell (0.67 -> 0.69)
ffmpeg-7 (7.0.2 -> 7.1)
filesystem
flatpak
glibc
grub2
gtk4 (4.16.2 -> 4.16.2+10)
installation-images-MicroOS (17.137 -> 17.138)
kernel-firmware (20240913 -> 20241001)
kpipewire6
libapparmor (4.0.2 -> 4.0.3)
libarchive (3.7.4 -> 3.7.6)
libeconf
libgsf (1.14.52 -> 1.14.53)
libproxy-backend (0.5.7 -> 0.5.9)
libproxy-client (0.5.7 -> 0.5.9)
mozjs115
open-iscsi
patterns-microos
python-PyYAML (6.0.1 -> 6.0.2)
python-lark (1.1.9 -> 1.2.2)
python-pycurl
python-urllib3 (2.1.0 -> 2.2.3)
qcoro-qt6 (0.10.0 -> 0.11.0)
qt6-base (6.7.2 -> 6.7.3)
qt6-declarative (6.7.2 -> 6.7.3)
qt6-multimedia (6.7.2 -> 6.7.3)
qt6-positioning (6.7.2 -> 6.7.3)
qt6-qt5compat (6.7.2 -> 6.7.3)
qt6-quick3d (6.7.2 -> 6.7.3)
qt6-quicktimeline (6.7.2 -> 6.7.3)
qt6-sensors (6.7.2 -> 6.7.3)
qt6-shadertools (6.7.2 -> 6.7.3)
qt6-speech (6.7.2 -> 6.7.3)
qt6-svg (6.7.2 -> 6.7.3)
qt6-tools (6.7.2 -> 6.7.3)
qt6-virtualkeyboard (6.7.2 -> 6.7.3)
qt6-wayland (6.7.2 -> 6.7.3)
qt6-webchannel (6.7.2 -> 6.7.3)
qt6-webengine (6.7.2 -> 6.7.3)
qt6-webview (6.7.2 -> 6.7.3)
sdbootutil (1+git20240903.81f1f40 -> 1+git20241004.a1bb60f)
systemd-presets-common-SUSE
update-bootloader (1.15 -> 1.16)
xwayland (24.1.2 -> 24.1.3)
yast2 (5.0.9 -> 5.0.10)
=== Details ===
==== MicroOS-release ====
Version update (20241001 -> 20241006)
Subpackages: MicroOS-release-appliance MicroOS-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== SDL2 ====
Version update (2.30.7 -> 2.30.8)
- Update to release 2.30.8
* Fixed a crash in XInput code at startup
* Fixed flooding the OS with I/O when a PS4/PS5 controller is
disconnected
* Added SDL_VIDEO_DOUBLE_BUFFER support to the Wayland backend
* SDL_WINDOWEVENT_EXPOSED is sent appropriately when using
Wayland
* Fixed hang at startup in audio code when the application has
large stack usage on Linux
* Fixed initializing KMSDRM on older Linux systems
==== apparmor ====
Version update (4.0.2 -> 4.0.3)
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor
- add mesa-cachedir.diff: new cachedir in Mesa 24.2.2
- update to AppArmor 4.0.3
- several small bugfixes
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_4.0.3
for the full release notes
==== audit-secondary ====
Subpackages: audit audit-rules python3-audit system-group-audit
- Readd audit-allow-manual-stop.patch (removed by mistake)
- Fix plugin termination when using systemd service units (bsc#1215377)
* add auditd.service-fix-plugin-termination.patch
==== branding-openSUSE ====
Subpackages: grub2-branding-openSUSE wallpaper-branding-openSUSE
- Install the grub2 branding if grub2-common is present
==== ell ====
Version update (0.67 -> 0.69)
- Update to version 0.69
* Add support for getting remaining microseconds left on a
timer.
* Add support for setting link MTU on a network interface.
version 0.68:
* Fix issue with string allocation growth strategy.
* Add support for netlink helper functions.
==== ffmpeg-7 ====
Version update (7.0.2 -> 7.1)
Subpackages: libavcodec61 libavfilter10 libavformat61 libavutil59 libpostproc58 libswresample5 libswscale8
- Update to release 7.1
* ffmpeg CLI filtergraph chaining
* pad_vaapi, drawbox_vaapi filters
* vf_scale supports secondary ref input and framesync options
* vf_scale2ref deprecated
* removed DEC Alpha DSP and support code
* perlin video source
* Cropping metadata parsing and writing in Matroska and MP4/MOV
de/muxers
* YUV colorspace negotiation for codecs and filters, obsoleting
the YUVJ pixel format
* Vulkan H.264 and H.265 encoders
* stream specifiers in fftools can now match by stream
disposition
* LCEVC enhancement data exporting in H.26x and MP4/ISOBMFF
* LCEVC filter
- Delete patches/ffmpeg-7-fix-crashes.patch,
0001-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch (merged)
- Fix assertion due to missing priv_data cleanup on failed VAAPI
acceleration with 11013-avcodec-decode-clean-up-if-get_hw_frames_parameters-.patch
(ffmpeg#11013, vlc#28811)
- no longer build against libmfx; build also 15.5 against libvpl
(boo#1230983)
==== filesystem ====
- Move /srv/www hierachy to the packages which use them
[bsc#1231027]
==== flatpak ====
Subpackages: flatpak-selinux libflatpak0 system-user-flatpak
- Explicitly BuildRequire selinux-policy-targeted to allow
selinux_relabel_* in scriptlets to work on other codestreams
==== glibc ====
Subpackages: glibc-locale glibc-locale-base
- langpacks are no more used. Drop glibc-2.3.90-langpackdir.diff.
- gen-tempname-randomness.patch: Fix missing randomness in __gen_tempname
(bsc#1230965, BZ #32214)
- Use nss-systemd by default also in SLE (bsc#1230638)
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin
- Fix missng menu entry "Start bootloader from a read-only snapshot" by
ensuring grub2-snapper-plugin is installed when both snapper and grub2-common
are installed (bsc#1231271)
- Fix OOM error in loading loopback file (bsc#1230840)
* 0001-tpm-Skip-loopback-image-measurement.patch
- Fix UEFI PXE boot failure on tagged VLAN network (bsc#1230263)
* 0001-efinet-Skip-virtual-VLAN-devices-during-card-enumera.patch
- Fix grub screen is filled with artifects from earlier post menu (bsc#1224465)
* grub2-SUSE-Add-the-t-hotkey.patch
* 0001-fix-grub-screen-filled-with-post-screen-artifects.patch
- Introduces a new package, grub2-x86_64-efi-bls, which includes a
straightforward grubbls.efi file. This file can be copied to the EFI System
Partition (ESP) along with boot fragments in the Boot Loader Specification
(BLS) format
* 0001-Streamline-BLS-and-improve-PCR-stability.patch
- Fix crash in bli module (bsc#1226497)
* 0001-bli-Fix-crash-in-get_part_uuid.patch
- Rework package dependencies: grub2-common now includes common userland
utilities and is required by grub2 platform packages. grub2 is now a meta
package that pulls in the default platform package.
==== gtk4 ====
Version update (4.16.2 -> 4.16.2+10)
Subpackages: gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0
- Update to version 4.16.2+10:
* wayland: Look for default cursor theme in XDG directories
* wayland: Clear settings_portal when going to fallback with no
portal settings
* wayland: Use the same default cursor size as gsettings schema
* Updated translations.
==== installation-images-MicroOS ====
Version update (17.137 -> 17.138)
- merge gh#openSUSE/installation-images#736
- follow grub2 package restructuring
- 17.138
==== kernel-firmware ====
Version update (20240913 -> 20241001)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Update to version 20241001 (git commit 51e5af813eaf):
* linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920)
* linux-firmware: add firmware for MT7920
* amdgpu: update raven firmware
* amdgpu: update SMU 13.0.10 firmware
* amdgpu: update PSP 13.0.10 firmware
* amdgpu: update GC 11.0.3 firmware
* amdgpu: update VCN 3.1.2 firmware
* amdgpu: update PSP 13.0.5 firmware
* amdgpu: update PSP 13.0.8 firmware
* amdgpu: update vega12 firmware
* amdgpu: update PSP 14.0.4 firmware
* amdgpu: update GC 11.5.2 firmware
* amdgpu: update vega10 firmware
* amdgpu: update VCN 4.0.0 firmware
* amdgpu: update PSP 13.0.0 firmware
* amdgpu: update GC 11.0.0 firmware
* amdgpu: update picasso firmware
* amdgpu: update beige goby firmware
* amdgpu: update vangogh firmware
* amdgpu: update dimgrey cavefish firmware
* amdgpu: update navy flounder firmware
* amdgpu: update green sardine firmware
* amdgpu: update VCN 4.0.2 firmware
* amdgpu: update PSP 13.0.4 firmware
* amdgpu: update GC 11.0.1 firmware
* amdgpu: update sienna cichlid firmware
* amdgpu: update VCN 4.0.6 firmware
* amdgpu: update PSP 14.0.1 firmware
* amdgpu: update GC 11.5.1 firmware
* amdgpu: update VCN 4.0.5 firmware
* amdgpu: update PSP 14.0.0 firmware
* amdgpu: update GC 11.5.0 firmware
* amdgpu: update navi14 firmware
* amdgpu: update renoir firmware
* amdgpu: update navi12 firmware
* amdgpu: update SMU 13.0.6 firmware
* amdgpu: update SDMA 4.4.2 firmware
* amdgpu: update PSP 13.0.6 firmware
* amdgpu: update GC 9.4.3 firmware
* amdgpu: update yellow carp firmware
* amdgpu: update VCN 4.0.4 firmware
* amdgpu: update PSP 13.0.7 firmware
* amdgpu: update GC 11.0.2 firmware
* amdgpu: update navi10 firmware
* amdgpu: update aldebaran firmware
* qcom: update gpu firmwares for qcm6490 chipset
* mt76: mt7996: add firmware files for mt7992 chipset
* mt76: mt7996: add firmware files for mt7996 chipset variants
* qcom: add gpu firmwares for sa8775p chipset
* rtw89: 8922a: add fw format-2 v0.35.42.1
- Pick up the fixed ath12k firmware from
https://git.codelinaro.org/clo/ath-firmware/ath12k-firmware
(bsc#1230596)
- Update aliases from 6.11.x and 6.12-rc1
==== kpipewire6 ====
Subpackages: kpipewire6-imports libKPipeWire6 libKPipeWireDmaBuf6 libKPipeWireRecord6
- Add ffmpeg 7.1 compatibility patch:
* 0001-h264vaapi-Use-the-proper-getter-for-getting-the-hard.patch
==== libapparmor ====
Version update (4.0.2 -> 4.0.3)
- add mesa-cachedir.diff: new cachedir in Mesa 24.2.2
- update to AppArmor 4.0.3
- several small bugfixes
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_4.0.3
for the full release notes
==== libarchive ====
Version update (3.7.4 -> 3.7.6)
- Update to 3.7.6:
* tar: clean up linkpath between entries
* tar: fix memory leaks when processing symlinks or parsing pax headers
* iso: be more cautious about parsing ISO-9660 timestamps
- Version 3.7.5 changes:
* fix multiple vulnerabilities identified by SAST
* cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing
* lzop: prevent integer overflow
* rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696, bsc#1225971)
* rar4: fix CVE-2024-26256 (CVE-2024-26256, bsc#1225972)
* rar4: fix OOB in delta and audio filter
* rar4: fix out of boundary access with large files
* rar4: add boundary checks to rgb filter
* rar4: fix OOB access with unicode filenames
* rar5: clear 'data ready' cache on window buffer reallocs
* rpm: calculate huge header sizes correctly
* unzip: unify EOF handling
* util: fix out of boundary access in mktemp functions
* uu: stop processing if lines are too long
* 7zip: fix issue when skipping first file in 7zip archive that is a multiple
of 65536 bytes
* ar: fix archive entries having no type
* lha: do not allow negative file sizes
* lha: fix integer truncation on 32-bit systems
* shar: check strdup return value
* rar5: don't try to read rediculously long names
* xar: fix another infinite loop and expat error handling
* many Windows fixes, cleanups and improvements
- Drop fix-soversion.patch, fix-bsdunzip-test.patch
* Fixed upstream
==== libeconf ====
- Updated license in the spec file to MIT.
==== libgsf ====
Version update (1.14.52 -> 1.14.53)
Subpackages: gsf-office-thumbnailer libgsf-1-114
- Update to version 1.14.53:
+ Compilation fixes for libxml 2.13
+ Fix ABR in gsf-vba-dump.
+ Teach gsf (the tool) to handle odf properties.
+ Fix integer overflows affecting memory allocation.
+ Add missing "DocumentStatus" ole2 property.
+ Avoid some undefined C behaviour in overflow checks.
==== libproxy-backend ====
Version update (0.5.7 -> 0.5.9)
- Update to version 0.5.9:
+ Ignore invalid proxy URL.
+ Memleak fixes.
+ kde: Add ReversedException support.
+ Fix memory leak using PX_FORCE_CONFIG.
+ Update msys2 build steps.
+ Remove white space in key value.
- Changes from version 0.5.8:
+ Update repology list.
+ Properly handle empty proxy ignore entry.
+ Add support for direct keyword in PAC.
==== libproxy-client ====
Version update (0.5.7 -> 0.5.9)
- Update to version 0.5.9:
+ Ignore invalid proxy URL.
+ Memleak fixes.
+ kde: Add ReversedException support.
+ Fix memory leak using PX_FORCE_CONFIG.
+ Update msys2 build steps.
+ Remove white space in key value.
- Changes from version 0.5.8:
+ Update repology list.
+ Properly handle empty proxy ignore entry.
+ Add support for direct keyword in PAC.
==== mozjs115 ====
- Add mozjs115-CVE-2024-45492.patch:
Backporting 9bf0f2c1 from libexpat upstream, Detect integer
overflow in function nextScaffoldPart.
(CVE-2024-45492, bsc#1230038)
- Add mozjs115-CVE-2024-45491.patch:
Backporting 8e439a99 from libexpat upstream, Detect integer
overflow in dtdCopy.
(CVE-2024-45491, bsc#1230037)
- Add mozjs115-CVE-2024-45490-part01-5c1a3164.patch:
Backporting 5c1a3164 from libexpat upstream, Reject negative len
for XML_ParseBuffer.
CVE-2024-45490's fixes including 3 parts: 5c1a3164 for libexpat
sources; c12f039b for libexpat tests; 2db23301 for libexpat docs;
Because mozjs only embeds libexpat sources, so unnecessary to
port prart02 and part03.
(CVE-2024-45490, bsc#1230036)
==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0
- Update to version 2.1.10.suse+51.fea0fde82ed1:
* Incudes upstream version 2.1.10 plus some fixes
* Fix firmware targets startup to always be "onboot" (#482)
(bsc#1228084)
* Change a discovery function to void return type (#481)
* Fix gcc issues (#480)
* Bugfix read specific sysfs value "off" of session attribute (#466)
* Fix bug where abort_tmo read failures were ignored. (#467)
* grammar nitpicks (#464)
* Fix memory leak in iscsi_check_session_use_count (#465)
* improve the comments in idbm_lock() (#458)
* Make it visible when memory allocation failure (#457)
* Better handle multiple iscsiadm commands (#453)
* iscsiadm: allow hostnames in node-mode commands (#451)
* Modify how workqueue priority is set (#445)
* Fix authmethod check by printing a warning message when CHAP used and authmethod=None (#443)
* iscsid: Rescan devices on relogin (#444)
* Adds missing characters in README. (#440)
* Turn off iSCSI NOP-Outs, by default.
* fix: add usr/iscsid_req.h missinig underline (#431) (#436)
==== patterns-microos ====
Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-base-microdnf patterns-microos-base-packagekit patterns-microos-base-zypper patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-desktop-common patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-ra_agent patterns-microos-ra_verifier patterns-microos-selinux patterns-microos-sssd_ldap
- Enahnce supplements that were so far triggering on grub2 to also
trigger on grub2-common.
==== python-PyYAML ====
Version update (6.0.1 -> 6.0.2)
- Update to 6.0.2
* Support for Cython 3.x and Python 3.13
- Adjust invocation path for testsuite
- Adjust upstream source name in spec file
- Drop build-with-cython3.patch, merged upstream
==== python-lark ====
Version update (1.1.9 -> 1.2.2)
- update to 1.2.2:
* Bugfix: Earley now respects ambiguity='resolve' again.
- update to 1.2.1:
* Dropped support for Python versions lower than 3.8
* Several bugfixes in the Earley algorithm, related to
suppressed ambiguities
* Improved performance in `InteractiveParser.accepts()`
* Give "Shaping the tree" clear sub-headings
* Fix for when providing a transformer with a Token
* Pin types-regex to a working version
* Add Outlines to list of projects using Lark
* Code coverage: Update Python version
* Attempt to solve performance problems in accepts()
* Docs: Added Indenter
* Clean up test_parser.py, use xFail instead of skip where
appropriate
* Update config and drop python < 3.8
* BUGFIX Earley: Now yielding a previously repressed ambiguity
* Fix SymbolNode.end for completed tokens
* Disable ForestToParseTree cache when ambiguity='resolve'
* Bugfix for issue #1434
==== python-pycurl ====
- Switching off test_multi_ tests, they are just too
unrealiable. When running the test cycle in cycle I have never
managed to make it pass ten times without this change.
==== python-urllib3 ====
Version update (2.1.0 -> 2.2.3)
- Update to 2.2.3:
* Features
+ Added support for Python 3.13.
* Bugfixes
+ Fixed the default encoding of chunked request bodies to be UTF-8
instead of ISO-8859-1. All other methods of supplying a request body
already use UTF-8 starting in urllib3 v2.0.
+ Fixed ResourceWarning on CONNECT with Python < 3.11.4 by backporting
python/cpython#103472.
+ Fixed a crash where certain standard library hash functions were absent
in restricted environments.
+ Added the Proxy-Authorization header to the list of headers to strip
from requests when redirecting to a different host. As before,
different headers can be set via Retry.remove_headers_on_redirect.
+ Allowed passing negative integers as amt to read methods of
http.client.HTTPResponse as an alternative to None.
+ Fixed issue where InsecureRequestWarning was emitted for HTTPS
connections when using Emscripten.
+ Fixed HTTPConnectionPool.urlopen to stop automatically casting
non-proxy headers to HTTPHeaderDict. This change was premature as it
did not apply to proxy headers and HTTPHeaderDict does not handle byte
header values correctly yet.
+ Changed InvalidChunkLength to ProtocolError when response terminates
before the chunk length is sent.
+ Changed ProtocolError to be more verbose on incomplete reads with
excess content.
+ Added support for HTTPResponse.read1() method.
+ Fixed issue where requests against urls with trailing dots were
failing due to SSL errors when using proxy.
+ Fixed HTTPConnection.proxy_is_verified and
HTTPSConnection.proxy_is_verified to be always set to a boolean after
connecting to a proxy. It could be None in some cases previously.
+ Fixed an issue where headers passed in a request with json= would be
mutated
+ Fixed HTTPSConnection.is_verified to be set to False when connecting
from a HTTPS proxy to an HTTP target. It was set to True previously.
+ Fixed handling of new error message from OpenSSL 3.2.0 when configuring
an HTTP proxy as HTTPS
+ Fixed TLS 1.3 post-handshake auth when the server certificate
validation is disabled
* HTTP/2 (experimental)
+ Excluded Transfer-Encoding: chunked from HTTP/2 request body
+ Added a probing mechanism for determining whether a given target
origin supports HTTP/2 via ALPN.
+ Add support for sending a request body with HTTP/2
* Removals
+ Drop support for end-of-life PyPy3.8 and PyPy3.9.
- Drop patches, they are now included upstream:
* CVE-2024-37891.patch
* openssl-3.2.patch
- Included patched hypercorn, which is only unpacked and used for the test
suite.
==== qcoro-qt6 ====
Version update (0.10.0 -> 0.11.0)
Subpackages: libQCoro6Core0 libQCoro6DBus0
- Update to 0.11.0
* Suppress Clang error when building against Android NDK <= 25
* Add QtGui dependency if QCORO_WITH_QTQUICK=ON
* Fix wrong result of QCoroIODevice::write()
* Add override to fix build failure due to -Werror -Wsuggest-override
* Fix coroutine being resumed on a wrong thread after timeout
* Implement QCoroFuture::takeResult
* #include , needed by std::exception_ptr
* waitFor(QCoro::Task): Do not require T to be default
constructible
* Add QCORO_BUILD_TESTING to allow overriding BUILD_TESTING
* Use refcount to track when to destroy coroutine
* Drop support for older compilers
* Implement LazyTask
* Use QueuedConnection for signals in QCoroNetworkReply
* Awaiting a default-constructed or moved-from Task will hang
* Add a backround task example
==== qt6-base ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6Concurrent6 libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6OpenGLWidgets6 libQt6PrintSupport6 libQt6Sql6 libQt6Test6 libQt6Widgets6 libQt6Xml6 qt6-network-tls qt6-networkinformation-glib qt6-networkinformation-nm qt6-printsupport-cups qt6-sql-sqlite
- Add upstream fix:
* 0001-Revert-xcb-handle-XI2-input-button-and-motion-events.patch
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
- Drop patches, merged upstream:
* gcc14.patch
* 0001-HTTP2-Delay-any-communication-until-encrypted-can-be.patch
==== qt6-declarative ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6LabsAnimation6 libQt6LabsFolderListModel6 libQt6LabsQmlModels6 libQt6LabsSettings6 libQt6LabsSharedImage6 libQt6LabsWavefrontMesh6 libQt6Qml6 libQt6QmlCore6 libQt6QmlLocalStorage6 libQt6QmlModels6 libQt6QmlNetwork6 libQt6QmlWorkerScript6 libQt6QmlXmlListModel6 libQt6Quick6 libQt6QuickControls2-6 libQt6QuickControls2Impl6 libQt6QuickDialogs2-6 libQt6QuickDialogs2QuickImpl6 libQt6QuickDialogs2Utils6 libQt6QuickEffects6 libQt6QuickLayouts6 libQt6QuickParticles6 libQt6QuickShapes6 libQt6QuickTemplates2-6 libQt6QuickTest6 libQt6QuickWidgets6 qt6-declarative-imports
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-multimedia ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6Multimedia6 libQt6MultimediaQuick6 libQt6Quick3DSpatialAudio6 libQt6SpatialAudio6 qt6-multimedia-imports
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-positioning ====
Version update (6.7.2 -> 6.7.3)
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-qt5compat ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6Core5Compat6 qt6-qt5compat-imports
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-quick3d ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6Quick3D6 libQt6Quick3DAssetImport6 libQt6Quick3DAssetUtils6 libQt6Quick3DEffects6 libQt6Quick3DHelpers6 libQt6Quick3DHelpersImpl6 libQt6Quick3DParticleEffects6 libQt6Quick3DParticles6 libQt6Quick3DRuntimeRender6 libQt6Quick3DUtils6 qt6-quick3d-imports
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-quicktimeline ====
Version update (6.7.2 -> 6.7.3)
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-sensors ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6Sensors6
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-shadertools ====
Version update (6.7.2 -> 6.7.3)
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-speech ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6TextToSpeech6 qt6-texttospeech
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-svg ====
Version update (6.7.2 -> 6.7.3)
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-tools ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6UiTools6 qt6-tools-qdbus
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
- Add fix-llvm19-build.patch to fix build with LLVM 19. Upstream
report is at https://bugreports.qt.io/browse/QTBUG-129146.
==== qt6-virtualkeyboard ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6HunspellInputMethod6 libQt6VirtualKeyboard6 qt6-virtualkeyboard-imports
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-wayland ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6WaylandClient6 libQt6WaylandCompositor6 libQt6WaylandEglClientHwIntegration6 libQt6WaylandEglCompositorHwIntegration6 libQt6WlShellIntegration6
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
- Drop patches, merged upstream:
* 0001-Client-Ensure-that-guessed-popup-parent-has-a-shell-.patch
* 0001-client-Guard-against-windows-being-on-a-null-screen.patch
* 0002-Client-Improve-thread-safety-determining-window-size.patch
==== qt6-webchannel ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6WebChannel6 libQt6WebChannelQuick6 qt6-webchannel-imports
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-webengine ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6WebEngineCore6 libQt6WebEngineQuick6 libQt6WebEngineWidgets6 qt6-webengine-imports
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-webview ====
Version update (6.7.2 -> 6.7.3)
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== sdbootutil ====
Version update (1+git20240903.81f1f40 -> 1+git20241004.a1bb60f)
Subpackages: sdbootutil-snapper sdbootutil-tukit
- Update to version 1+git20241004.a1bb60f:
* Support bootloader switch
* Update order after bootloader install
* Use /etc/sysconfig/bootloader to untie detection
* Reference to grub2-bls
- Update to version 1+git20241002.7da4a47:
* Do not specify bootloader requirement
- Update to version 1+git20241002.7b8957c:
* Requires udev for bootctl
* Use chroot instead of --sysroot in dracut
* Replace cut with idiomatic code
* Show recovery PIN generated by systemd-pcrlock
- Update to version 1+git20240912.02d30ed:
* Generate predictions for update_entry
- Update to version 1+git20240905.e7ca8cf:
* Replace root=UUID= with root=device
==== systemd-presets-common-SUSE ====
- Enable audit-rules: audit-rules has been split form audit with
version 4.0 in order to be able to load rules earlier.
From audit changelog: One of the main features is the separation
of loading rules and logging events into separate services,
audit-rules.service and auditd.service.
==== update-bootloader ====
Version update (1.15 -> 1.16)
- merge gh#openSUSE/perl-bootloader#173
- grub2-bls: adjust config script test
- grub2-bls: adjust install script test
- grub2-bls: prefer sdbootutil over bootctl in install script
- adjust test environment
- grub2-bls: add default script
- grub2-bls, systemd-boot: add default script test
- grub2-bls: use bootctl to get default settings
- adjust default-settings tests
- update test result data
- add emacs config
- log efi boot manager config after install
- adjust test data
- support new grub2-bls package
- 1.16
==== xwayland ====
Version update (24.1.2 -> 24.1.3)
- Update to bugfix release 24.1.3
* dix: check for calloc() failure in Xi event conversion routines
* dix: PolyText: fully initialize local_closure
* dix: SetFontPath: don't set errorValue on Success
* dix: enterleave.c: fix implicit fallthrough warnings
* dix: CreateScratchGC: avoid dereference of pointer we just set to NULL
* dix: InitPredictableAccelerationScheme: avoid memory leak on failure
* dix: dixChangeWindowProperty: don't call memcpy if malloc failed
* dix: ProcListProperties: skip unneeded work if numProps is 0
* dix: HashResourceID: use unsigned integers for bit shifting
* dix: GetPairedDevice: check if GetMaster returned NULL
* dix: FindBestPixel: fix implicit fallthrough warning
* CI: clone libdecor from fd.o instead of gnome.org
* CI: update libdecor from 0.1.0 to 0.1.1
* Don't crash if the client argv or argv[0] is NULL.
* Return NULL in *cmdname if the client argv or argv[0] is NULL
* xwayland: connect to the wl display before calling into EGL
* xwayland: Report correct mode size when rootful
* build: Move epoll dependency check
* build: Add epoll to Xwayland for DragonFly and OpenBSD
* build: Fix DRI3 on DragonFly and OpenBSD
* os: Fix NULL pointer dereference
* dix: don't push the XKB state to a non-existing master keyboard
* Xi: when removing a master search for a disabled paired device
==== yast2 ====
Version update (5.0.9 -> 5.0.10)
- Removed obsolete USERADD_CMD, USERDEL_PRECMD, USERDEL_POSTCMD,
GROUPADD_CMD (bsc#1231006)
- 5.0.10
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
MicroOS-release (20241005 -> 20241006)
ell (0.67 -> 0.69)
grub2
python-pycurl
qcoro-qt6 (0.10.0 -> 0.11.0)
sdbootutil (1+git20241002.7da4a47 -> 1+git20241004.a1bb60f)
update-bootloader (1.15 -> 1.16)
xwayland (24.1.2 -> 24.1.3)
=== Details ===
==== MicroOS-release ====
Version update (20241005 -> 20241006)
Subpackages: MicroOS-release-appliance MicroOS-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== ell ====
Version update (0.67 -> 0.69)
- Update to version 0.69
* Add support for getting remaining microseconds left on a
timer.
* Add support for setting link MTU on a network interface.
version 0.68:
* Fix issue with string allocation growth strategy.
* Add support for netlink helper functions.
==== grub2 ====
Subpackages: grub2-common grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi
- Fix missng menu entry "Start bootloader from a read-only snapshot" by
ensuring grub2-snapper-plugin is installed when both snapper and grub2-common
are installed (bsc#1231271)
- Fix OOM error in loading loopback file (bsc#1230840)
* 0001-tpm-Skip-loopback-image-measurement.patch
- Fix UEFI PXE boot failure on tagged VLAN network (bsc#1230263)
* 0001-efinet-Skip-virtual-VLAN-devices-during-card-enumera.patch
- Fix grub screen is filled with artifects from earlier post menu (bsc#1224465)
* grub2-SUSE-Add-the-t-hotkey.patch
* 0001-fix-grub-screen-filled-with-post-screen-artifects.patch
==== python-pycurl ====
- Switching off test_multi_ tests, they are just too
unrealiable. When running the test cycle in cycle I have never
managed to make it pass ten times without this change.
==== qcoro-qt6 ====
Version update (0.10.0 -> 0.11.0)
Subpackages: libQCoro6Core0 libQCoro6DBus0
- Update to 0.11.0
* Suppress Clang error when building against Android NDK <= 25
* Add QtGui dependency if QCORO_WITH_QTQUICK=ON
* Fix wrong result of QCoroIODevice::write()
* Add override to fix build failure due to -Werror -Wsuggest-override
* Fix coroutine being resumed on a wrong thread after timeout
* Implement QCoroFuture::takeResult
* #include , needed by std::exception_ptr
* waitFor(QCoro::Task): Do not require T to be default
constructible
* Add QCORO_BUILD_TESTING to allow overriding BUILD_TESTING
* Use refcount to track when to destroy coroutine
* Drop support for older compilers
* Implement LazyTask
* Use QueuedConnection for signals in QCoroNetworkReply
* Awaiting a default-constructed or moved-from Task will hang
* Add a backround task example
==== sdbootutil ====
Version update (1+git20241002.7da4a47 -> 1+git20241004.a1bb60f)
Subpackages: sdbootutil-snapper sdbootutil-tukit
- Update to version 1+git20241004.a1bb60f:
* Support bootloader switch
* Update order after bootloader install
* Use /etc/sysconfig/bootloader to untie detection
* Reference to grub2-bls
==== update-bootloader ====
Version update (1.15 -> 1.16)
- merge gh#openSUSE/perl-bootloader#173
- grub2-bls: adjust config script test
- grub2-bls: adjust install script test
- grub2-bls: prefer sdbootutil over bootctl in install script
- adjust test environment
- grub2-bls: add default script
- grub2-bls, systemd-boot: add default script test
- grub2-bls: use bootctl to get default settings
- adjust default-settings tests
- update test result data
- add emacs config
- log efi boot manager config after install
- adjust test data
- support new grub2-bls package
- 1.16
==== xwayland ====
Version update (24.1.2 -> 24.1.3)
- Update to bugfix release 24.1.3
* dix: check for calloc() failure in Xi event conversion routines
* dix: PolyText: fully initialize local_closure
* dix: SetFontPath: don't set errorValue on Success
* dix: enterleave.c: fix implicit fallthrough warnings
* dix: CreateScratchGC: avoid dereference of pointer we just set to NULL
* dix: InitPredictableAccelerationScheme: avoid memory leak on failure
* dix: dixChangeWindowProperty: don't call memcpy if malloc failed
* dix: ProcListProperties: skip unneeded work if numProps is 0
* dix: HashResourceID: use unsigned integers for bit shifting
* dix: GetPairedDevice: check if GetMaster returned NULL
* dix: FindBestPixel: fix implicit fallthrough warning
* CI: clone libdecor from fd.o instead of gnome.org
* CI: update libdecor from 0.1.0 to 0.1.1
* Don't crash if the client argv or argv[0] is NULL.
* Return NULL in *cmdname if the client argv or argv[0] is NULL
* xwayland: connect to the wl display before calling into EGL
* xwayland: Report correct mode size when rootful
* build: Move epoll dependency check
* build: Add epoll to Xwayland for DragonFly and OpenBSD
* build: Fix DRI3 on DragonFly and OpenBSD
* os: Fix NULL pointer dereference
* dix: don't push the XKB state to a non-existing master keyboard
* Xi: when removing a master search for a disabled paired device
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
MicroOS-release (20241003 -> 20241005)
busybox (1.36.1 -> 1.37.0)
busybox-links (1.36.1 -> 1.37.0)
ffmpeg-7 (7.0.2 -> 7.1)
kpipewire6
libproxy-backend (0.5.7 -> 0.5.9)
libproxy-client (0.5.7 -> 0.5.9)
python-lark (1.1.9 -> 1.2.2)
=== Details ===
==== MicroOS-release ====
Version update (20241003 -> 20241005)
Subpackages: MicroOS-release-appliance MicroOS-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== busybox ====
Version update (1.36.1 -> 1.37.0)
- Fix busybox.config again (got broken with 1.37.0 update)
- Cleanup spec file
- Update to 1.37.0
- remove unnecessary patch ash-fix-segfault-d417193cf.patch
- Update default config to match 1.37.0 expectations
==== busybox-links ====
Version update (1.36.1 -> 1.37.0)
Subpackages: busybox-coreutils busybox-diffutils busybox-grep busybox-gzip busybox-hostname busybox-sed busybox-which busybox-xz
- Partly revert changes from Aug 8th 2023 to automatically detect
changes in busybox configuration
- Add getfattr applet to attr filelist
- BuildRequire busybox: as we want to track the version of busybox,
we need to ensure busybox is part of the buildroot.
==== ffmpeg-7 ====
Version update (7.0.2 -> 7.1)
Subpackages: libavcodec61 libavfilter10 libavformat61 libavutil59 libpostproc58 libswresample5 libswscale8
- Update to release 7.1
* ffmpeg CLI filtergraph chaining
* pad_vaapi, drawbox_vaapi filters
* vf_scale supports secondary ref input and framesync options
* vf_scale2ref deprecated
* removed DEC Alpha DSP and support code
* perlin video source
* Cropping metadata parsing and writing in Matroska and MP4/MOV
de/muxers
* YUV colorspace negotiation for codecs and filters, obsoleting
the YUVJ pixel format
* Vulkan H.264 and H.265 encoders
* stream specifiers in fftools can now match by stream
disposition
* LCEVC enhancement data exporting in H.26x and MP4/ISOBMFF
* LCEVC filter
- Delete patches/ffmpeg-7-fix-crashes.patch,
0001-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch (merged)
- Fix assertion due to missing priv_data cleanup on failed VAAPI
acceleration with 11013-avcodec-decode-clean-up-if-get_hw_frames_parameters-.patch
(ffmpeg#11013, vlc#28811)
- no longer build against libmfx; build also 15.5 against libvpl
(boo#1230983)
==== kpipewire6 ====
Subpackages: kpipewire6-imports libKPipeWire6 libKPipeWireDmaBuf6 libKPipeWireRecord6
- Add ffmpeg 7.1 compatibility patch:
* 0001-h264vaapi-Use-the-proper-getter-for-getting-the-hard.patch
==== libproxy-backend ====
Version update (0.5.7 -> 0.5.9)
- Update to version 0.5.9:
+ Ignore invalid proxy URL.
+ Memleak fixes.
+ kde: Add ReversedException support.
+ Fix memory leak using PX_FORCE_CONFIG.
+ Update msys2 build steps.
+ Remove white space in key value.
- Changes from version 0.5.8:
+ Update repology list.
+ Properly handle empty proxy ignore entry.
+ Add support for direct keyword in PAC.
==== libproxy-client ====
Version update (0.5.7 -> 0.5.9)
- Update to version 0.5.9:
+ Ignore invalid proxy URL.
+ Memleak fixes.
+ kde: Add ReversedException support.
+ Fix memory leak using PX_FORCE_CONFIG.
+ Update msys2 build steps.
+ Remove white space in key value.
- Changes from version 0.5.8:
+ Update repology list.
+ Properly handle empty proxy ignore entry.
+ Add support for direct keyword in PAC.
==== python-lark ====
Version update (1.1.9 -> 1.2.2)
- update to 1.2.2:
* Bugfix: Earley now respects ambiguity='resolve' again.
- update to 1.2.1:
* Dropped support for Python versions lower than 3.8
* Several bugfixes in the Earley algorithm, related to
suppressed ambiguities
* Improved performance in `InteractiveParser.accepts()`
* Give "Shaping the tree" clear sub-headings
* Fix for when providing a transformer with a Token
* Pin types-regex to a working version
* Add Outlines to list of projects using Lark
* Code coverage: Update Python version
* Attempt to solve performance problems in accepts()
* Docs: Added Indenter
* Clean up test_parser.py, use xFail instead of skip where
appropriate
* Update config and drop python < 3.8
* BUGFIX Earley: Now yielding a previously repressed ambiguity
* Fix SymbolNode.end for completed tokens
* Disable ForestToParseTree cache when ambiguity='resolve'
* Bugfix for issue #1434
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
MicroOS-release (20241002 -> 20241003)
audit-secondary
filesystem
flatpak
gtk4 (4.16.2 -> 4.16.2+10)
kernel-firmware (20240913 -> 20241001)
libeconf
libgsf (1.14.52 -> 1.14.53)
open-iscsi
python-urllib3 (2.1.0 -> 2.2.3)
qt6-base (6.7.2 -> 6.7.3)
qt6-declarative (6.7.2 -> 6.7.3)
qt6-multimedia (6.7.2 -> 6.7.3)
qt6-positioning (6.7.2 -> 6.7.3)
qt6-qt5compat (6.7.2 -> 6.7.3)
qt6-quick3d (6.7.2 -> 6.7.3)
qt6-quicktimeline (6.7.2 -> 6.7.3)
qt6-sensors (6.7.2 -> 6.7.3)
qt6-shadertools (6.7.2 -> 6.7.3)
qt6-speech (6.7.2 -> 6.7.3)
qt6-svg (6.7.2 -> 6.7.3)
qt6-tools (6.7.2 -> 6.7.3)
qt6-virtualkeyboard (6.7.2 -> 6.7.3)
qt6-wayland (6.7.2 -> 6.7.3)
qt6-webchannel (6.7.2 -> 6.7.3)
qt6-webengine (6.7.2 -> 6.7.3)
qt6-webview (6.7.2 -> 6.7.3)
=== Details ===
==== MicroOS-release ====
Version update (20241002 -> 20241003)
Subpackages: MicroOS-release-appliance MicroOS-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== audit-secondary ====
Subpackages: audit audit-rules python3-audit system-group-audit
- Readd audit-allow-manual-stop.patch (removed by mistake)
- Fix plugin termination when using systemd service units (bsc#1215377)
* add auditd.service-fix-plugin-termination.patch
==== filesystem ====
- Move /srv/www hierachy to the packages which use them
[bsc#1231027]
==== flatpak ====
Subpackages: flatpak-selinux libflatpak0 system-user-flatpak
- Explicitly BuildRequire selinux-policy-targeted to allow
selinux_relabel_* in scriptlets to work on other codestreams
==== gtk4 ====
Version update (4.16.2 -> 4.16.2+10)
Subpackages: gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0
- Update to version 4.16.2+10:
* wayland: Look for default cursor theme in XDG directories
* wayland: Clear settings_portal when going to fallback with no
portal settings
* wayland: Use the same default cursor size as gsettings schema
* Updated translations.
==== kernel-firmware ====
Version update (20240913 -> 20241001)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd
- Update to version 20241001 (git commit 51e5af813eaf):
* linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920)
* linux-firmware: add firmware for MT7920
* amdgpu: update raven firmware
* amdgpu: update SMU 13.0.10 firmware
* amdgpu: update PSP 13.0.10 firmware
* amdgpu: update GC 11.0.3 firmware
* amdgpu: update VCN 3.1.2 firmware
* amdgpu: update PSP 13.0.5 firmware
* amdgpu: update PSP 13.0.8 firmware
* amdgpu: update vega12 firmware
* amdgpu: update PSP 14.0.4 firmware
* amdgpu: update GC 11.5.2 firmware
* amdgpu: update vega10 firmware
* amdgpu: update VCN 4.0.0 firmware
* amdgpu: update PSP 13.0.0 firmware
* amdgpu: update GC 11.0.0 firmware
* amdgpu: update picasso firmware
* amdgpu: update beige goby firmware
* amdgpu: update vangogh firmware
* amdgpu: update dimgrey cavefish firmware
* amdgpu: update navy flounder firmware
* amdgpu: update green sardine firmware
* amdgpu: update VCN 4.0.2 firmware
* amdgpu: update PSP 13.0.4 firmware
* amdgpu: update GC 11.0.1 firmware
* amdgpu: update sienna cichlid firmware
* amdgpu: update VCN 4.0.6 firmware
* amdgpu: update PSP 14.0.1 firmware
* amdgpu: update GC 11.5.1 firmware
* amdgpu: update VCN 4.0.5 firmware
* amdgpu: update PSP 14.0.0 firmware
* amdgpu: update GC 11.5.0 firmware
* amdgpu: update navi14 firmware
* amdgpu: update renoir firmware
* amdgpu: update navi12 firmware
* amdgpu: update SMU 13.0.6 firmware
* amdgpu: update SDMA 4.4.2 firmware
* amdgpu: update PSP 13.0.6 firmware
* amdgpu: update GC 9.4.3 firmware
* amdgpu: update yellow carp firmware
* amdgpu: update VCN 4.0.4 firmware
* amdgpu: update PSP 13.0.7 firmware
* amdgpu: update GC 11.0.2 firmware
* amdgpu: update navi10 firmware
* amdgpu: update aldebaran firmware
* qcom: update gpu firmwares for qcm6490 chipset
* mt76: mt7996: add firmware files for mt7992 chipset
* mt76: mt7996: add firmware files for mt7996 chipset variants
* qcom: add gpu firmwares for sa8775p chipset
* rtw89: 8922a: add fw format-2 v0.35.42.1
- Pick up the fixed ath12k firmware from
https://git.codelinaro.org/clo/ath-firmware/ath12k-firmware
(bsc#1230596)
- Update aliases from 6.11.x and 6.12-rc1
==== libeconf ====
- Updated license in the spec file to MIT.
==== libgsf ====
Version update (1.14.52 -> 1.14.53)
Subpackages: gsf-office-thumbnailer libgsf-1-114
- Update to version 1.14.53:
+ Compilation fixes for libxml 2.13
+ Fix ABR in gsf-vba-dump.
+ Teach gsf (the tool) to handle odf properties.
+ Fix integer overflows affecting memory allocation.
+ Add missing "DocumentStatus" ole2 property.
+ Avoid some undefined C behaviour in overflow checks.
==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0
- Update to version 2.1.10.suse+51.fea0fde82ed1:
* Incudes upstream version 2.1.10 plus some fixes
* Fix firmware targets startup to always be "onboot" (#482)
(bsc#1228084)
* Change a discovery function to void return type (#481)
* Fix gcc issues (#480)
* Bugfix read specific sysfs value "off" of session attribute (#466)
* Fix bug where abort_tmo read failures were ignored. (#467)
* grammar nitpicks (#464)
* Fix memory leak in iscsi_check_session_use_count (#465)
* improve the comments in idbm_lock() (#458)
* Make it visible when memory allocation failure (#457)
* Better handle multiple iscsiadm commands (#453)
* iscsiadm: allow hostnames in node-mode commands (#451)
* Modify how workqueue priority is set (#445)
* Fix authmethod check by printing a warning message when CHAP used and authmethod=None (#443)
* iscsid: Rescan devices on relogin (#444)
* Adds missing characters in README. (#440)
* Turn off iSCSI NOP-Outs, by default.
* fix: add usr/iscsid_req.h missinig underline (#431) (#436)
==== python-urllib3 ====
Version update (2.1.0 -> 2.2.3)
- Update to 2.2.3:
* Features
+ Added support for Python 3.13.
* Bugfixes
+ Fixed the default encoding of chunked request bodies to be UTF-8
instead of ISO-8859-1. All other methods of supplying a request body
already use UTF-8 starting in urllib3 v2.0.
+ Fixed ResourceWarning on CONNECT with Python < 3.11.4 by backporting
python/cpython#103472.
+ Fixed a crash where certain standard library hash functions were absent
in restricted environments.
+ Added the Proxy-Authorization header to the list of headers to strip
from requests when redirecting to a different host. As before,
different headers can be set via Retry.remove_headers_on_redirect.
+ Allowed passing negative integers as amt to read methods of
http.client.HTTPResponse as an alternative to None.
+ Fixed issue where InsecureRequestWarning was emitted for HTTPS
connections when using Emscripten.
+ Fixed HTTPConnectionPool.urlopen to stop automatically casting
non-proxy headers to HTTPHeaderDict. This change was premature as it
did not apply to proxy headers and HTTPHeaderDict does not handle byte
header values correctly yet.
+ Changed InvalidChunkLength to ProtocolError when response terminates
before the chunk length is sent.
+ Changed ProtocolError to be more verbose on incomplete reads with
excess content.
+ Added support for HTTPResponse.read1() method.
+ Fixed issue where requests against urls with trailing dots were
failing due to SSL errors when using proxy.
+ Fixed HTTPConnection.proxy_is_verified and
HTTPSConnection.proxy_is_verified to be always set to a boolean after
connecting to a proxy. It could be None in some cases previously.
+ Fixed an issue where headers passed in a request with json= would be
mutated
+ Fixed HTTPSConnection.is_verified to be set to False when connecting
from a HTTPS proxy to an HTTP target. It was set to True previously.
+ Fixed handling of new error message from OpenSSL 3.2.0 when configuring
an HTTP proxy as HTTPS
+ Fixed TLS 1.3 post-handshake auth when the server certificate
validation is disabled
* HTTP/2 (experimental)
+ Excluded Transfer-Encoding: chunked from HTTP/2 request body
+ Added a probing mechanism for determining whether a given target
origin supports HTTP/2 via ALPN.
+ Add support for sending a request body with HTTP/2
* Removals
+ Drop support for end-of-life PyPy3.8 and PyPy3.9.
- Drop patches, they are now included upstream:
* CVE-2024-37891.patch
* openssl-3.2.patch
- Included patched hypercorn, which is only unpacked and used for the test
suite.
==== qt6-base ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6Concurrent6 libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6OpenGLWidgets6 libQt6PrintSupport6 libQt6Sql6 libQt6Test6 libQt6Widgets6 libQt6Xml6 qt6-network-tls qt6-networkinformation-glib qt6-networkinformation-nm qt6-printsupport-cups qt6-sql-sqlite
- Add upstream fix:
* 0001-Revert-xcb-handle-XI2-input-button-and-motion-events.patch
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
- Drop patches, merged upstream:
* gcc14.patch
* 0001-HTTP2-Delay-any-communication-until-encrypted-can-be.patch
==== qt6-declarative ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6LabsAnimation6 libQt6LabsFolderListModel6 libQt6LabsQmlModels6 libQt6LabsSettings6 libQt6LabsSharedImage6 libQt6LabsWavefrontMesh6 libQt6Qml6 libQt6QmlCore6 libQt6QmlLocalStorage6 libQt6QmlModels6 libQt6QmlNetwork6 libQt6QmlWorkerScript6 libQt6QmlXmlListModel6 libQt6Quick6 libQt6QuickControls2-6 libQt6QuickControls2Impl6 libQt6QuickDialogs2-6 libQt6QuickDialogs2QuickImpl6 libQt6QuickDialogs2Utils6 libQt6QuickEffects6 libQt6QuickLayouts6 libQt6QuickParticles6 libQt6QuickShapes6 libQt6QuickTemplates2-6 libQt6QuickTest6 libQt6QuickWidgets6 qt6-declarative-imports
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-multimedia ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6Multimedia6 libQt6MultimediaQuick6 libQt6Quick3DSpatialAudio6 libQt6SpatialAudio6 qt6-multimedia-imports
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-positioning ====
Version update (6.7.2 -> 6.7.3)
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-qt5compat ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6Core5Compat6 qt6-qt5compat-imports
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-quick3d ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6Quick3D6 libQt6Quick3DAssetImport6 libQt6Quick3DAssetUtils6 libQt6Quick3DEffects6 libQt6Quick3DHelpers6 libQt6Quick3DHelpersImpl6 libQt6Quick3DParticleEffects6 libQt6Quick3DParticles6 libQt6Quick3DRuntimeRender6 libQt6Quick3DUtils6 qt6-quick3d-imports
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-quicktimeline ====
Version update (6.7.2 -> 6.7.3)
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-sensors ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6Sensors6
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-shadertools ====
Version update (6.7.2 -> 6.7.3)
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-speech ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6TextToSpeech6 qt6-texttospeech
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-svg ====
Version update (6.7.2 -> 6.7.3)
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-tools ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6UiTools6 qt6-tools-qdbus
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
- Add fix-llvm19-build.patch to fix build with LLVM 19. Upstream
report is at https://bugreports.qt.io/browse/QTBUG-129146.
==== qt6-virtualkeyboard ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6HunspellInputMethod6 libQt6VirtualKeyboard6 qt6-virtualkeyboard-imports
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-wayland ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6WaylandClient6 libQt6WaylandCompositor6 libQt6WaylandEglClientHwIntegration6 libQt6WaylandEglCompositorHwIntegration6 libQt6WlShellIntegration6
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
- Drop patches, merged upstream:
* 0001-Client-Ensure-that-guessed-popup-parent-has-a-shell-.patch
* 0001-client-Guard-against-windows-being-on-a-null-screen.patch
* 0002-Client-Improve-thread-safety-determining-window-size.patch
==== qt6-webchannel ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6WebChannel6 libQt6WebChannelQuick6 qt6-webchannel-imports
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-webengine ====
Version update (6.7.2 -> 6.7.3)
Subpackages: libQt6WebEngineCore6 libQt6WebEngineQuick6 libQt6WebEngineWidgets6 qt6-webengine-imports
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
==== qt6-webview ====
Version update (6.7.2 -> 6.7.3)
- Update to 6.7.3
* https://www.qt.io/blog/qt-6.7.3-released
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
MicroOS-release (20241001 -> 20241002)
SDL2 (2.30.7 -> 2.30.8)
apparmor (4.0.2 -> 4.0.3)
branding-openSUSE
glibc
grub2
installation-images-MicroOS (17.137 -> 17.138)
libapparmor (4.0.2 -> 4.0.3)
libarchive (3.7.4 -> 3.7.6)
mozjs115
patterns-microos
python-PyYAML (6.0.1 -> 6.0.2)
sdbootutil (1+git20240903.81f1f40 -> 1+git20241002.7da4a47)
systemd-presets-common-SUSE
yast2 (5.0.9 -> 5.0.10)
=== Details ===
==== MicroOS-release ====
Version update (20241001 -> 20241002)
Subpackages: MicroOS-release-appliance MicroOS-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== SDL2 ====
Version update (2.30.7 -> 2.30.8)
- Update to release 2.30.8
* Fixed a crash in XInput code at startup
* Fixed flooding the OS with I/O when a PS4/PS5 controller is
disconnected
* Added SDL_VIDEO_DOUBLE_BUFFER support to the Wayland backend
* SDL_WINDOWEVENT_EXPOSED is sent appropriately when using
Wayland
* Fixed hang at startup in audio code when the application has
large stack usage on Linux
* Fixed initializing KMSDRM on older Linux systems
==== apparmor ====
Version update (4.0.2 -> 4.0.3)
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor
- add mesa-cachedir.diff: new cachedir in Mesa 24.2.2
- update to AppArmor 4.0.3
- several small bugfixes
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_4.0.3
for the full release notes
==== branding-openSUSE ====
Subpackages: grub2-branding-openSUSE wallpaper-branding-openSUSE
- Install the grub2 branding if grub2-common is present
==== glibc ====
Subpackages: glibc-locale glibc-locale-base
- langpacks are no more used. Drop glibc-2.3.90-langpackdir.diff.
- gen-tempname-randomness.patch: Fix missing randomness in __gen_tempname
(bsc#1230965, BZ #32214)
- Use nss-systemd by default also in SLE (bsc#1230638)
==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi
- Introduces a new package, grub2-x86_64-efi-bls, which includes a
straightforward grubbls.efi file. This file can be copied to the EFI System
Partition (ESP) along with boot fragments in the Boot Loader Specification
(BLS) format
* 0001-Streamline-BLS-and-improve-PCR-stability.patch
- Fix crash in bli module (bsc#1226497)
* 0001-bli-Fix-crash-in-get_part_uuid.patch
- Rework package dependencies: grub2-common now includes common userland
utilities and is required by grub2 platform packages. grub2 is now a meta
package that pulls in the default platform package.
==== installation-images-MicroOS ====
Version update (17.137 -> 17.138)
- merge gh#openSUSE/installation-images#736
- follow grub2 package restructuring
- 17.138
==== libapparmor ====
Version update (4.0.2 -> 4.0.3)
- add mesa-cachedir.diff: new cachedir in Mesa 24.2.2
- update to AppArmor 4.0.3
- several small bugfixes
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_4.0.3
for the full release notes
==== libarchive ====
Version update (3.7.4 -> 3.7.6)
- Update to 3.7.6:
* tar: clean up linkpath between entries
* tar: fix memory leaks when processing symlinks or parsing pax headers
* iso: be more cautious about parsing ISO-9660 timestamps
- Version 3.7.5 changes:
* fix multiple vulnerabilities identified by SAST
* cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing
* lzop: prevent integer overflow
* rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696, bsc#1225971)
* rar4: fix CVE-2024-26256 (CVE-2024-26256, bsc#1225972)
* rar4: fix OOB in delta and audio filter
* rar4: fix out of boundary access with large files
* rar4: add boundary checks to rgb filter
* rar4: fix OOB access with unicode filenames
* rar5: clear 'data ready' cache on window buffer reallocs
* rpm: calculate huge header sizes correctly
* unzip: unify EOF handling
* util: fix out of boundary access in mktemp functions
* uu: stop processing if lines are too long
* 7zip: fix issue when skipping first file in 7zip archive that is a multiple
of 65536 bytes
* ar: fix archive entries having no type
* lha: do not allow negative file sizes
* lha: fix integer truncation on 32-bit systems
* shar: check strdup return value
* rar5: don't try to read rediculously long names
* xar: fix another infinite loop and expat error handling
* many Windows fixes, cleanups and improvements
- Drop fix-soversion.patch, fix-bsdunzip-test.patch
* Fixed upstream
==== mozjs115 ====
- Add mozjs115-CVE-2024-45492.patch:
Backporting 9bf0f2c1 from libexpat upstream, Detect integer
overflow in function nextScaffoldPart.
(CVE-2024-45492, bsc#1230038)
- Add mozjs115-CVE-2024-45491.patch:
Backporting 8e439a99 from libexpat upstream, Detect integer
overflow in dtdCopy.
(CVE-2024-45491, bsc#1230037)
- Add mozjs115-CVE-2024-45490-part01-5c1a3164.patch:
Backporting 5c1a3164 from libexpat upstream, Reject negative len
for XML_ParseBuffer.
CVE-2024-45490's fixes including 3 parts: 5c1a3164 for libexpat
sources; c12f039b for libexpat tests; 2db23301 for libexpat docs;
Because mozjs only embeds libexpat sources, so unnecessary to
port prart02 and part03.
(CVE-2024-45490, bsc#1230036)
==== patterns-microos ====
Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-base-microdnf patterns-microos-base-packagekit patterns-microos-base-zypper patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-desktop-common patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-ra_agent patterns-microos-ra_verifier patterns-microos-selinux patterns-microos-sssd_ldap
- Enahnce supplements that were so far triggering on grub2 to also
trigger on grub2-common.
==== python-PyYAML ====
Version update (6.0.1 -> 6.0.2)
- Update to 6.0.2
* Support for Cython 3.x and Python 3.13
- Adjust invocation path for testsuite
- Adjust upstream source name in spec file
- Drop build-with-cython3.patch, merged upstream
==== sdbootutil ====
Version update (1+git20240903.81f1f40 -> 1+git20241002.7da4a47)
Subpackages: sdbootutil-snapper sdbootutil-tukit
- Update to version 1+git20241002.7da4a47:
* Do not specify bootloader requirement
- Update to version 1+git20241002.7b8957c:
* Requires udev for bootctl
* Use chroot instead of --sysroot in dracut
* Replace cut with idiomatic code
* Show recovery PIN generated by systemd-pcrlock
- Update to version 1+git20240912.02d30ed:
* Generate predictions for update_entry
- Update to version 1+git20240905.e7ca8cf:
* Replace root=UUID= with root=device
==== systemd-presets-common-SUSE ====
- Enable audit-rules: audit-rules has been split form audit with
version 4.0 in order to be able to load rules earlier.
From audit changelog: One of the main features is the separation
of loading rules and logging events into separate services,
audit-rules.service and auditd.service.
==== yast2 ====
Version update (5.0.9 -> 5.0.10)
- Removed obsolete USERADD_CMD, USERDEL_PRECMD, USERDEL_POSTCMD,
GROUPADD_CMD (bsc#1231006)
- 5.0.10
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
MicroOS-release (20240930 -> 20241001)
coreutils
coreutils-systemd
cups (2.4.10 -> 2.4.11)
gnutls
libgtop (2.41.3 -> 2.41.3+4)
libjpeg-turbo
librsvg (2.58.4 -> 2.59.1)
ncurses (6.5.20240922 -> 6.5.20240928)
selinux-policy (20240925 -> 20240930)
sof-firmware (2024.06 -> 2024.09)
suse-module-tools (16.0.51 -> 16.0.52)
=== Details ===
==== MicroOS-release ====
Version update (20240930 -> 20241001)
Subpackages: MicroOS-release-appliance MicroOS-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== coreutils ====
- coreutils-i18n.patch: fold(1): fix fold -b with UTF8 locale.
Sync fix in I18N patch from Fedora/Redhat and add a test. (RHEL-60295)
Original report: https://access.redhat.com/solutions/3459791
==== coreutils-systemd ====
- coreutils-i18n.patch: fold(1): fix fold -b with UTF8 locale.
Sync fix in I18N patch from Fedora/Redhat and add a test. (RHEL-60295)
Original report: https://access.redhat.com/solutions/3459791
==== cups ====
Version update (2.4.10 -> 2.4.11)
Subpackages: cups-client cups-config libcups2 libcupsimage2
- Version upgrade to 2.4.11:
See https://github.com/openprinting/cups/releases
CUPS 2.4.11 brings several bug fixes regarding IPP response
validation, processing PPD values, Web UI support
(checkbox support, modifying printers) and others fixes.
Detailed list (from CHANGES.md):
* Updated the maximum file descriptor limit
for `cupsd` to 64k-1 (Issue #989)
* Fixed `lpoptions -d` with a discovered
but not added printer (Issue #833)
* Fixed incorrect error message for HTTP/IPP errors (Issue #893)
* Fixed JobPrivateAccess and SubscriptionPrivateAccess support
for "all" (Issue #990)
* Fixed issues with cupsGetDestMediaByXxx (Issue #993)
* Fixed adding and modifying of printers
via the web interface (Issue #998)
* Fixed HTTP PeerCred authentication
for domain users (Issue #1001)
* Fixed checkbox support (Issue #1008)
* Fixed printer state notifications (Issue #1013)
* Fixed IPP Everywhere printer setup (Issue #1033)
Issues are those at https://github.com/OpenPrinting/cups/issues
In particular CUPS 2.4.11 contains those commit regarding
IPP response validation and processing PPD values:
* "Quote PPD localized strings"
https://github.com/OpenPrinting/cups/commit/1e6ca5913eceee906038bc04cc7ccfb…
plus a cleanup to "Fix warnings for unused vars"
https://github.com/OpenPrinting/cups/commit/2abe1ba8a66864aa82cd9836b37e571…
- Adapted downgrade-autoconf-requirement.patch for CUPS 2.4.11
- avoid_C99_mode_for_loop_initial_declarations.patch
is no longer needed because the issue is fixed upstream.
==== gnutls ====
- Build with liboqs to support the X25519Kyber768 post-quantum key
exchange algorithm.
==== libgtop ====
Version update (2.41.3 -> 2.41.3+4)
- Update to version 2.41.3+4:
+ Reproducible Builds: Do not embed build-server kernel version
on Linux (boo#1230850).
+ Updated translations.
==== libjpeg-turbo ====
- update to 3.0.4:
* Fixed an issue whereby the CPU usage of the default marker
processor in the decompressor grew exponentially with the
number of markers. This caused an unreasonable slow-down in
`jpeg_read_header()` if an application called `jpeg_save_markers()`
to save markers of a particular type and then attempted to
decompress a JPEG image containing an excessive number of markers
of that type.
* Hardened the default marker processor in the decompressor to guard
against an issue (exposed by 3.0 beta2[6]) whereby attempting to
decompress a specially-crafted malformed JPEG image (specifically
an image with a complete 12-bit-per-sample Start Of Frame segment
followed by an incomplete 8-bit-per-sample Start Of Frame segment)
using buffered-image mode and input prefetching caused a segfault
if the `fill_input_buffer()` method in the calling application's
custom source manager incorrectly returned `FALSE` in response to a
prematurely-terminated JPEG data stream.
* Fixed an issue in cjpeg whereby, when generating a
12-bit-per-sample or 16-bit-per-sample lossless JPEG image,
specifying a point transform value greater than 7 resulted in an
error ("Invalid progressive/lossless parameters") unless the
`-precision` option was specified before the `-lossless` option.
* Fixed a regression introduced by 3.0.3[3] that made it impossible
for calling applications to generate 12-bit-per-sample
arithmetic-coded lossy JPEG images using the TurboJPEG API.
* Fixed an error ("Destination buffer is not large enough") that
occurred when attempting to generate a full-color lossless JPEG
image using the TurboJPEG Java API's `byte[]
TJCompressor.compress()` method if the value of `TJ.PARAM_SUBSAMP`
was not `TJ.SAMP_444`.
* Fixed a segfault in djpeg that occurred if a negative width was
specified with the `-crop` option. Since the cropping region width
was read into an unsigned 32-bit integer, a negative width was
interpreted as a very large value. With certain negative width and
positive left boundary values, the bounds checks in djpeg and
`jpeg_crop_scanline()` overflowed and did not detect the
out-of-bounds width, which caused a buffer overrun in the
upsampling or color conversion routine. Both bounds checks now use
64-bit integers to guard against overflow, and djpeg now checks for
negative numbers when it parses the crop specification from the
command line.
* Fixed an issue whereby the TurboJPEG lossless transformation
function and methods checked the specified cropping region against
the source image dimensions and level of chrominance subsampling
rather than the destination image dimensions and level of
chrominance subsampling, which caused some cropping regions to be
unduly rejected when performing 90-degree rotation, 270-degree
rotation, transposition, transverse transposition, or grayscale
conversion.
* Fixed an issue whereby the TurboJPEG lossless transformation
function and methods did not honor
`TJXOPT_COPYNONE`/`TJTransform.OPT_COPYNONE` unless it was
specified for all lossless transforms.
==== librsvg ====
Version update (2.58.4 -> 2.59.1)
Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0
- Update to version 2.59.1:
+ Two mitigations for crashes found throuh fuzz testing:
- Cairo is easy to crash by giving it path coordinates that are
outside of the range that it can represent internally with
its fixed-point arithmetic. Fuzzers usually produce SVGs with
very large numbers for coordinates, which overflow Cairo's
arithmetic.
This is just a *mitigation*, not a complete fix: librsvg will
now check if path coordinates are outside of Cairo's
supported range, and it will not render shapes with
problematic coordinates. However, fuzzers may still produce
coordinates that are in range but that still make Cairo
crash. I am starting to learn Cairo's code to see if this can
be fixed gradually.
- Update to version 2.59.0:
+ The biggest change in this release is that librsvg now uses the
Meson build system instead of autotools.
+ With Meson, librsvg now builds a lot more reliably on Windows
and MacOS.
+ Librsvg now uses Meson instead of Autotools
+ There is a -Davif meson option to include support for AVIF in
the image-rs crate, which librsvg uses to load raster images.
+ Librsvg now explicitly builds only its supported raster formats
for image-rs: JPEG, PNG, GIF, WEBP, and optional compile-time
support for AVIF). Other raster image formats are not
supported, to minimize the attack surface.
+ Librsvg now supports cancellable rendering; you can start
rendering an RsvgHandle in one thread, and stop it from another
thread with a GCancellable. In the C API, you can use the
rsvg_handle_set_cancellable_for_rendering() function; in the
Rust API, CairoRenderer now has a with_cancellable() method.
+ For Rust users, there is now a 'librsvg-rebind' crate that
binds the C API for use from Rust. Internally this links to the
system's librsvg shared library, in contrast with the 'librsvg'
crate, which is statically linked and which has a native Rust
API. The 'librsvg-rebind' crate is for cases where the
additional code size from static linking is not desired. This
librsvg-rebind crate is available from crates.io.
+ A bunch of fixes to bugs found through fuzz testing.
- Use ldconfig_scriptlets macro for some of the post(un) handling.
- Update to version 2.58.94:
+ The minimum supported Rust version (MSRV) is 1.77.2.
+ Fix assertion failures with large Hue value in hsl() or hwb()
colors.
+ Limit the baseFrequency for feTurbulence to avoid integer
overflow.
+ Only make exported symbols visible in the library's binary.
+ Fix the -Davif=enabled feature; it was not being handled
correctly at compilation time.
+ Ensure compatibility with Binutils < 2.39.
+ Build fixes for Windows.
- Update to version 2.58.92:
+ Librsvg is now part of Google's oss-fuzz and is fuzz-tested
automatically - see
https://gnome.pages.gitlab.gnome.org/librsvg/devel-docs/oss_fuzz.html
for details.
+ This release has two bug fixes from fuzz testing, and a new API
call:
- Don't leak XML entities when the XML document fails to parse.
- Fix stack overflow in <use> reference cycle.
- Librsvg now supports cancellable rendering; you can start
rendering an RsvgHandle in one thread, and stop it from
another thread with a GCancellable. In the C API, you can use
the rsvg_handle_set_cancellable_for_rendering() function; in
the Rust API, CairoRenderer now has a with_cancellable()
method.
+ Many build fixes for Windows, MacOS, iOS, and cross-compilation
+ Continued refactoring for a render tree.
+ Many fixes to the documentation.
- Update to version 2.58.91:
+ Librsvg now requires cairo version 1.18.0 or later.
+ Librsvg now explicitly builds only its supported raster
formats for image-rs: JPEG, PNG, GIF, WEBP, and optional
compile-time support for AVIF. Other raster image formats are
not supported, to minimize the attack surface.
+ Don't generate gdk-pixbuf loaders cache if DESTDIR is set.
+ Documentation updates for meson.
+ Document the fact that the default DPI in the C API for
RsvgHandle is 90 DPI, unlike rsvg-convert and the Rust API,
which use 96 DPI.
+ Document the security considerations for the image-rs crate
and the raster image formats that librsvg supports.
+ Fix and fine-tune compilation on Windows (MSVC and msys2),
MacOS, and Android.
+ Fix installation when only compiling the static library.
+ Update Pango for CI and fix a test file. The test suite now
includes the DejaVu Sans font, which supports extra
glyphs/languages for the test suite.
- Changesfrom version 2.58.90:
+ librsvg has been ported to the Meson build system. Librsvg no
longer uses autotools!
+ Changes in this release:
- Librsvg now uses Meson instead of Autotools.
- There is a -Davif meson option to include support for AVIF in
the image-rs crate, which librsvg uses to load raster images.
- Start revamping the fuzzing infrastructure.
- Add cargo-c and pkgconfig(dav1d) BuildRequires: new dependencies.
==== ncurses ====
Version update (6.5.20240922 -> 6.5.20240928)
Subpackages: libncurses6 ncurses-utils terminfo-base
- Add ncurses patch 20240928
+ improve error-message from infocmp when a terminal entry cannot be
opened (patch by Branden Robinson).
+ improve filtering of -L options in misc/gen-pkgconfig.in and in
misc/ncurses-config.in
+ add check in wresize() for out-of-range dimensions (report by Peter
Bierma).
==== selinux-policy ====
Version update (20240925 -> 20240930)
Subpackages: selinux-policy-targeted
- Update to version 20240930:
* Label yast binaries correctly
==== sof-firmware ====
Version update (2024.06 -> 2024.09)
- update to v2024.09:
* Add sof-v2.11 binaries
* v2.2.x: Update v2.2.11 topology files for Intel platforms
* Add sof-v2.11.1 binaries for Intel TGL/ADL/RPL hardware
==== suse-module-tools ====
Version update (16.0.51 -> 16.0.52)
Subpackages: suse-module-tools-scriptlets
- Update to version 16.0.52:
* rpm-script: create vmlinuz and initrd also in image build environments
(bsc#1231040, bsc#1230858)
* regenerate-initrd-posttrans: Fix SKIP_REGENERATE_INITRD_ALL
(bsc#1228929)
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
MicroOS-release (20240930 -> 20241001)
coreutils
coreutils-systemd
cups (2.4.10 -> 2.4.11)
gnutls
libgtop (2.41.3 -> 2.41.3+4)
libjpeg-turbo
librsvg (2.58.4 -> 2.59.1)
ncurses (6.5.20240922 -> 6.5.20240928)
selinux-policy (20240925 -> 20240930)
sof-firmware (2024.06 -> 2024.09)
suse-module-tools (16.0.51 -> 16.0.52)
xen (4.19.0_02 -> 4.19.0_04)
=== Details ===
==== MicroOS-release ====
Version update (20240930 -> 20241001)
Subpackages: MicroOS-release-appliance MicroOS-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== coreutils ====
- coreutils-i18n.patch: fold(1): fix fold -b with UTF8 locale.
Sync fix in I18N patch from Fedora/Redhat and add a test. (RHEL-60295)
Original report: https://access.redhat.com/solutions/3459791
==== coreutils-systemd ====
- coreutils-i18n.patch: fold(1): fix fold -b with UTF8 locale.
Sync fix in I18N patch from Fedora/Redhat and add a test. (RHEL-60295)
Original report: https://access.redhat.com/solutions/3459791
==== cups ====
Version update (2.4.10 -> 2.4.11)
Subpackages: cups-client cups-config libcups2 libcupsimage2
- Version upgrade to 2.4.11:
See https://github.com/openprinting/cups/releases
CUPS 2.4.11 brings several bug fixes regarding IPP response
validation, processing PPD values, Web UI support
(checkbox support, modifying printers) and others fixes.
Detailed list (from CHANGES.md):
* Updated the maximum file descriptor limit
for `cupsd` to 64k-1 (Issue #989)
* Fixed `lpoptions -d` with a discovered
but not added printer (Issue #833)
* Fixed incorrect error message for HTTP/IPP errors (Issue #893)
* Fixed JobPrivateAccess and SubscriptionPrivateAccess support
for "all" (Issue #990)
* Fixed issues with cupsGetDestMediaByXxx (Issue #993)
* Fixed adding and modifying of printers
via the web interface (Issue #998)
* Fixed HTTP PeerCred authentication
for domain users (Issue #1001)
* Fixed checkbox support (Issue #1008)
* Fixed printer state notifications (Issue #1013)
* Fixed IPP Everywhere printer setup (Issue #1033)
Issues are those at https://github.com/OpenPrinting/cups/issues
In particular CUPS 2.4.11 contains those commit regarding
IPP response validation and processing PPD values:
* "Quote PPD localized strings"
https://github.com/OpenPrinting/cups/commit/1e6ca5913eceee906038bc04cc7ccfb…
plus a cleanup to "Fix warnings for unused vars"
https://github.com/OpenPrinting/cups/commit/2abe1ba8a66864aa82cd9836b37e571…
- Adapted downgrade-autoconf-requirement.patch for CUPS 2.4.11
- avoid_C99_mode_for_loop_initial_declarations.patch
is no longer needed because the issue is fixed upstream.
==== gnutls ====
- Build with liboqs to support the X25519Kyber768 post-quantum key
exchange algorithm.
==== libgtop ====
Version update (2.41.3 -> 2.41.3+4)
- Update to version 2.41.3+4:
+ Reproducible Builds: Do not embed build-server kernel version
on Linux (boo#1230850).
+ Updated translations.
==== libjpeg-turbo ====
- update to 3.0.4:
* Fixed an issue whereby the CPU usage of the default marker
processor in the decompressor grew exponentially with the
number of markers. This caused an unreasonable slow-down in
`jpeg_read_header()` if an application called `jpeg_save_markers()`
to save markers of a particular type and then attempted to
decompress a JPEG image containing an excessive number of markers
of that type.
* Hardened the default marker processor in the decompressor to guard
against an issue (exposed by 3.0 beta2[6]) whereby attempting to
decompress a specially-crafted malformed JPEG image (specifically
an image with a complete 12-bit-per-sample Start Of Frame segment
followed by an incomplete 8-bit-per-sample Start Of Frame segment)
using buffered-image mode and input prefetching caused a segfault
if the `fill_input_buffer()` method in the calling application's
custom source manager incorrectly returned `FALSE` in response to a
prematurely-terminated JPEG data stream.
* Fixed an issue in cjpeg whereby, when generating a
12-bit-per-sample or 16-bit-per-sample lossless JPEG image,
specifying a point transform value greater than 7 resulted in an
error ("Invalid progressive/lossless parameters") unless the
`-precision` option was specified before the `-lossless` option.
* Fixed a regression introduced by 3.0.3[3] that made it impossible
for calling applications to generate 12-bit-per-sample
arithmetic-coded lossy JPEG images using the TurboJPEG API.
* Fixed an error ("Destination buffer is not large enough") that
occurred when attempting to generate a full-color lossless JPEG
image using the TurboJPEG Java API's `byte[]
TJCompressor.compress()` method if the value of `TJ.PARAM_SUBSAMP`
was not `TJ.SAMP_444`.
* Fixed a segfault in djpeg that occurred if a negative width was
specified with the `-crop` option. Since the cropping region width
was read into an unsigned 32-bit integer, a negative width was
interpreted as a very large value. With certain negative width and
positive left boundary values, the bounds checks in djpeg and
`jpeg_crop_scanline()` overflowed and did not detect the
out-of-bounds width, which caused a buffer overrun in the
upsampling or color conversion routine. Both bounds checks now use
64-bit integers to guard against overflow, and djpeg now checks for
negative numbers when it parses the crop specification from the
command line.
* Fixed an issue whereby the TurboJPEG lossless transformation
function and methods checked the specified cropping region against
the source image dimensions and level of chrominance subsampling
rather than the destination image dimensions and level of
chrominance subsampling, which caused some cropping regions to be
unduly rejected when performing 90-degree rotation, 270-degree
rotation, transposition, transverse transposition, or grayscale
conversion.
* Fixed an issue whereby the TurboJPEG lossless transformation
function and methods did not honor
`TJXOPT_COPYNONE`/`TJTransform.OPT_COPYNONE` unless it was
specified for all lossless transforms.
==== librsvg ====
Version update (2.58.4 -> 2.59.1)
Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0
- Update to version 2.59.1:
+ Two mitigations for crashes found throuh fuzz testing:
- Cairo is easy to crash by giving it path coordinates that are
outside of the range that it can represent internally with
its fixed-point arithmetic. Fuzzers usually produce SVGs with
very large numbers for coordinates, which overflow Cairo's
arithmetic.
This is just a *mitigation*, not a complete fix: librsvg will
now check if path coordinates are outside of Cairo's
supported range, and it will not render shapes with
problematic coordinates. However, fuzzers may still produce
coordinates that are in range but that still make Cairo
crash. I am starting to learn Cairo's code to see if this can
be fixed gradually.
- Update to version 2.59.0:
+ The biggest change in this release is that librsvg now uses the
Meson build system instead of autotools.
+ With Meson, librsvg now builds a lot more reliably on Windows
and MacOS.
+ Librsvg now uses Meson instead of Autotools
+ There is a -Davif meson option to include support for AVIF in
the image-rs crate, which librsvg uses to load raster images.
+ Librsvg now explicitly builds only its supported raster formats
for image-rs: JPEG, PNG, GIF, WEBP, and optional compile-time
support for AVIF). Other raster image formats are not
supported, to minimize the attack surface.
+ Librsvg now supports cancellable rendering; you can start
rendering an RsvgHandle in one thread, and stop it from another
thread with a GCancellable. In the C API, you can use the
rsvg_handle_set_cancellable_for_rendering() function; in the
Rust API, CairoRenderer now has a with_cancellable() method.
+ For Rust users, there is now a 'librsvg-rebind' crate that
binds the C API for use from Rust. Internally this links to the
system's librsvg shared library, in contrast with the 'librsvg'
crate, which is statically linked and which has a native Rust
API. The 'librsvg-rebind' crate is for cases where the
additional code size from static linking is not desired. This
librsvg-rebind crate is available from crates.io.
+ A bunch of fixes to bugs found through fuzz testing.
- Use ldconfig_scriptlets macro for some of the post(un) handling.
- Update to version 2.58.94:
+ The minimum supported Rust version (MSRV) is 1.77.2.
+ Fix assertion failures with large Hue value in hsl() or hwb()
colors.
+ Limit the baseFrequency for feTurbulence to avoid integer
overflow.
+ Only make exported symbols visible in the library's binary.
+ Fix the -Davif=enabled feature; it was not being handled
correctly at compilation time.
+ Ensure compatibility with Binutils < 2.39.
+ Build fixes for Windows.
- Update to version 2.58.92:
+ Librsvg is now part of Google's oss-fuzz and is fuzz-tested
automatically - see
https://gnome.pages.gitlab.gnome.org/librsvg/devel-docs/oss_fuzz.html
for details.
+ This release has two bug fixes from fuzz testing, and a new API
call:
- Don't leak XML entities when the XML document fails to parse.
- Fix stack overflow in <use> reference cycle.
- Librsvg now supports cancellable rendering; you can start
rendering an RsvgHandle in one thread, and stop it from
another thread with a GCancellable. In the C API, you can use
the rsvg_handle_set_cancellable_for_rendering() function; in
the Rust API, CairoRenderer now has a with_cancellable()
method.
+ Many build fixes for Windows, MacOS, iOS, and cross-compilation
+ Continued refactoring for a render tree.
+ Many fixes to the documentation.
- Update to version 2.58.91:
+ Librsvg now requires cairo version 1.18.0 or later.
+ Librsvg now explicitly builds only its supported raster
formats for image-rs: JPEG, PNG, GIF, WEBP, and optional
compile-time support for AVIF. Other raster image formats are
not supported, to minimize the attack surface.
+ Don't generate gdk-pixbuf loaders cache if DESTDIR is set.
+ Documentation updates for meson.
+ Document the fact that the default DPI in the C API for
RsvgHandle is 90 DPI, unlike rsvg-convert and the Rust API,
which use 96 DPI.
+ Document the security considerations for the image-rs crate
and the raster image formats that librsvg supports.
+ Fix and fine-tune compilation on Windows (MSVC and msys2),
MacOS, and Android.
+ Fix installation when only compiling the static library.
+ Update Pango for CI and fix a test file. The test suite now
includes the DejaVu Sans font, which supports extra
glyphs/languages for the test suite.
- Changesfrom version 2.58.90:
+ librsvg has been ported to the Meson build system. Librsvg no
longer uses autotools!
+ Changes in this release:
- Librsvg now uses Meson instead of Autotools.
- There is a -Davif meson option to include support for AVIF in
the image-rs crate, which librsvg uses to load raster images.
- Start revamping the fuzzing infrastructure.
- Add cargo-c and pkgconfig(dav1d) BuildRequires: new dependencies.
==== ncurses ====
Version update (6.5.20240922 -> 6.5.20240928)
Subpackages: libncurses6 ncurses-utils terminfo-base
- Add ncurses patch 20240928
+ improve error-message from infocmp when a terminal entry cannot be
opened (patch by Branden Robinson).
+ improve filtering of -L options in misc/gen-pkgconfig.in and in
misc/ncurses-config.in
+ add check in wresize() for out-of-range dimensions (report by Peter
Bierma).
==== selinux-policy ====
Version update (20240925 -> 20240930)
Subpackages: selinux-policy-targeted
- Update to version 20240930:
* Label yast binaries correctly
==== sof-firmware ====
Version update (2024.06 -> 2024.09)
- update to v2024.09:
* Add sof-v2.11 binaries
* v2.2.x: Update v2.2.11 topology files for Intel platforms
* Add sof-v2.11.1 binaries for Intel TGL/ADL/RPL hardware
==== suse-module-tools ====
Version update (16.0.51 -> 16.0.52)
Subpackages: suse-module-tools-scriptlets
- Update to version 16.0.52:
* rpm-script: create vmlinuz and initrd also in image build environments
(bsc#1231040, bsc#1230858)
* regenerate-initrd-posttrans: Fix SKIP_REGENERATE_INITRD_ALL
(bsc#1228929)
==== xen ====
Version update (4.19.0_02 -> 4.19.0_04)
- bsc#1230366 - VUL-0: CVE-2024-45817: xen: x86: Deadlock in
vlapic_error() (XSA-462)
66f2af41-x86-vLAPIC-undue-recursion-of-vlapic_error.patch
Drop xsa462.patch
- Upstream bug fixes (bsc#1027519)
66cf737b-x86-Dom0-disable-SMAP-for-PV-only.patch
66d6dca8-libxl-nul-termination-in-xen_console_read_line.patch
66d8690f-SUPPORT-split-XSM-from-Flask.patch
66e29480-x86-HVM-properly-reject-indirect-VRAM-writes.patch
66e44ae2-x86-ucode-AMD-buffer-underrun.patch
66f2fd92-x86-ucode-Intel-stricter-sanity-check.patch
- bsc#1230366 - VUL-0: CVE-2024-45817: xen: x86: Deadlock in
vlapic_error() (XSA-462)
xsa462.patch
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
ModemManager (1.20.6 -> 1.22.0)
audit (3.1.1 -> 4.0)
audit-secondary (3.1.1 -> 4.0)
docker
gtkmm4 (4.14.0 -> 4.16.0)
mozilla-nss (3.103 -> 3.104)
pangomm (2.52.0 -> 2.54.0)
pipewire (1.2.4 -> 1.2.5)
python-alembic (1.13.2 -> 1.13.3)
python-cryptography (43.0.0 -> 43.0.1)
=== Details ===
==== ModemManager ====
Version update (1.20.6 -> 1.22.0)
Subpackages: libmm-glib0
- Update to version 1.22.0:
+ A new "MSG" (message) log verbosity level is introduced, which
is also the new default one if none explicitly defined. This
level takes the place of the old "INFO" level, as a level
including the most important messages that should be logged
without needing to be warnings or errors. The new "INFO" level
is more verbose than "MSG" but less verbose than "DBG", and may
be useful as default in systems where active debugging of WWAN
related issues is required. E.g. all user operations triggered
via DBus method calls are logged in "INFO" level.
+ Introduced the concept of "personal information" which should
by default not be included in log messages. Enabling personal
information in logs requires to run the daemon with the
'--log-personal-info' option. This feature is mostly
implemented for QMI and MBIM specific logs, but hasn't yet been
included in generic daemon logs or when using the AT protocol.
Changes and fixes related to this feature will be cherry-picked
and included in the future stable branch updates.
- Update URL and Source adresses.
==== audit ====
Version update (3.1.1 -> 4.0)
Subpackages: libaudit1 libauparse0
- Update to 4.0
- Drop python2 support
- Drop auvirt and autrace programs
- Drop SysVinit support
- Require the use of the 5.0 or later kernel headers
- New README.md file
- Rewrite legacy service functions in terms of systemctl
- Consolidate and update end of event detection to a common function
- Split off rule loading from auditd.service into audit-rules.service
- Refactor libaudit.h to split out logging functions and record numbers
- Speed up aureport --summary reports
- Limit libaudit python bindings to logging functions
- Add a metrics function for auparse
- Change auditctl to use pidfd_send_signal for signaling auditd
- Adjust watches to optimize syscalls hooked when watch file access
- Drop nispom rules
- Add intepretations for fsconfig, fsopen, fsmount, & move_mount
- Many code fixups (cgzones)
- Update syscall and interpretation tables to the 6.8 kernel
(from v3.1.2)
- When processing a run level change, make auditd exit
- In auditd, fix return code when rules added in immutable mode
- In auparse, when files are given, also consider EUID for access
- Auparse now interprets unnamed/anonymous sockets (Enzo Matsumiya)
- Disable Python bindings from setting rules due to swig bug (S. Trofimovich)
- Update all lookup tables for the 6.5 kernel
- Don't be as paranoid about auditctl -R file permissions
- In ausearch, correct subject/object search to be an and if both are given
- Adjust formats for 64 bit time_t
- Fix segfault in python bindings around the feed API
- Add feed_has_data, get_record_num, and get/goto_field_num to python bindings
- Update spec:
* Add fix-auparse-test.patch (downstream):
Upstream tests uses a static value (42) for 'gdm' uid/gid (based
on Fedora values, apparently). Replace these occurrences with
'unknown(123456)'
* Replace '--with-python' with '--with-python3' on %configure
* Add new headers 'audit_logging.h' and 'audit-records.h' for
audit-devel
==== audit-secondary ====
Version update (3.1.1 -> 4.0)
Subpackages: audit python3-audit system-group-audit
- Update audit-secondary.spec:
* Add "Requires: audit-rules" for audit package
* Remove preun/postun handling of audit-rules.service
- Update to 4.0
- Drop python2 support
- Drop auvirt and autrace programs
- Drop SysVinit support
- Require the use of the 5.0 or later kernel headers
- New README.md file
- Rewrite legacy service functions in terms of systemctl
- Consolidate and update end of event detection to a common function
- Split off rule loading from auditd.service into audit-rules.service
- Refactor libaudit.h to split out logging functions and record numbers
- Speed up aureport --summary reports
- Limit libaudit python bindings to logging functions
- Add a metrics function for auparse
- Change auditctl to use pidfd_send_signal for signaling auditd
- Adjust watches to optimize syscalls hooked when watch file access
- Drop nispom rules
- Add intepretations for fsconfig, fsopen, fsmount, & move_mount
- Many code fixups (cgzones)
- Update syscall and interpretation tables to the 6.8 kernel
(from v3.1.2)
- When processing a run level change, make auditd exit
- In auditd, fix return code when rules added in immutable mode
- In auparse, when files are given, also consider EUID for access
- Auparse now interprets unnamed/anonymous sockets (Enzo Matsumiya)
- Disable Python bindings from setting rules due to swig bug (S. Trofimovich)
- Update all lookup tables for the 6.5 kernel
- Don't be as paranoid about auditctl -R file permissions
- In ausearch, correct subject/object search to be an and if both are given
- Adjust formats for 64 bit time_t
- Fix segfault in python bindings around the feed API
- Add feed_has_data, get_record_num, and get/goto_field_num to python bindings
- Update spec:
* Move rules-related files into new subpackage `audit-rules':
* Files moved:
- /sbin/auditctl, /sbin/augenrules,
/etc/audit/{audit.rules,rules.d/audit.rules,audit-stop.rules}
- manpages for auditctl, augenrules, and audit.rules
- /etc/audit is now owned by `audit-rules' as well
* Add new file /usr/lib/systemd/system/audit-rules.service
* Remove in-house create-augenrules-service.patch that generated
augenrules.service systemd unit service
* Remove ownership of /usr/share/audit
* Create /usr/share/audit-rules directory on %install
* Remove audit-userspace-517-compat.patch (fixed upstream)
* Remove libev-werror.patch (fixed upstream)
* Remove audit-allow-manual-stop.patch (fixed upstream)
* Add fix-auparse-test.patch (downstream):
Upstream tests uses a static value (42) for 'gdm' uid/gid (based
on Fedora values, apparently). Replace these occurrences with
'unknown(123456)'
* Replace '--with-python' with '--with-python3' on %configure
* Remove autrace and auvirt references (upstream)
* Replace README with README.md
- Drop `--enable-systemd' from %configure as SysV-style scripts
aren't supported in upstream since
113ae191758c ("Drop support for SysVinit")
==== docker ====
Subpackages: docker-rootless-extras
- Add %{_sysconfdir}/audit/rules.d to filelist
==== gtkmm4 ====
Version update (4.14.0 -> 4.16.0)
- Update to version 4.16.0:
+ Almost identical to 4.15.1.
- Update to version 4.15.1:
+ Gdk:
- DrawContext: Deprecate begin_frame(), end_frame(),
is_in_frame(), get_frame_region().
- Surface: Deprecate set_opaque_region().
- Cursor: Rename create(const SlotGetTexture& slot, .....).
Call it create_from_slot(). It was added in 4.15.0, but some
create() calls in old code became ambiguous.
+ Gtk:
- Window: Add set_interactive_debugging().
- TextBuffer: Add enum TextBuffer::NotifyFlags,
add_commit_notify(), remove_commit_notify().
+ Build: Require gtk4 >= 4.15.5.
- Drop gtkmm4-docs-without-timestamp.patch: Fixed upstream.
==== mozilla-nss ====
Version update (3.103 -> 3.104)
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs
- Fix build error under Leap by rebasing nss-fips-safe-memset.patch.
- update to NSS 3.104
* bmo#1910071 - Copy original corpus to heap-allocated buffer
* bmo#1910079 - Fix min ssl version for DTLS client fuzzer
* bmo#1908990 - Remove OS2 support just like we did on NSPR
* bmo#1910605 - clang-format NSS improvements
* bmo#1902078 - Adding basicutil.h to use HexString2SECItem function
* bmo#1908990 - removing dirent.c from build
* bmo#1902078 - Allow handing in keymaterial to shlibsign to make
the output reproducible
* bmo#1908990 - remove nec4.3, sunos4, riscos and SNI references
* bmo#1908990 - remove other old OS (BSDI, old HP UX, NCR,
openunix, sco, unixware or reliantUnix
* bmo#1908990 - remove mentions of WIN95
* bmo#1908990 - remove mentions of WIN16
* bmo#1913750 - More explicit directory naming
* bmo#1913755 - Add more options to TLS server fuzz target
* bmo#1913675 - Add more options to TLS client fuzz target
* bmo#1835240 - Use OSS-Fuzz corpus in NSS CI
* bmo#1908012 - set nssckbi version number to 2.70.
* bmo#1914499 - Remove Email Trust bit from ACCVRAIZ1 root cert.
* bmo#1908009 - Remove Email Trust bit from certSIGN ROOT CA.
* bmo#1908006 - Add Cybertrust Japan Roots to NSS.
* bmo#1908004 - Add Taiwan CA Roots to NSS.
* bmo#1911354 - remove search by decoded serial in
nssToken_FindCertificateByIssuerAndSerialNumber
* bmo#1913132 - Fix tstclnt CI build failure
* bmo#1913047 - vfyserv: ensure peer cert chain is in db for
CERT_VerifyCertificateNow
* bmo#1912427 - Enable all supported protocol versions for UDP
* bmo#1910361 - Actually use random PSK hash type
* bmo#1911576 - Initialize NSS DB once
* bmo#1910361 - Additional ECH cipher suites and PSK hash types
* bmo#1903604 - Automate corpus file generation for TLS client Fuzzer
* bmo#1910364 - Fix crash with UNSAFE_FUZZER_MODE
* bmo#1910605 - clang-format shlibsign.c
- remove obsolete nss-reproducible-builds.patch
==== pangomm ====
Version update (2.52.0 -> 2.54.0)
- Update to version 2.54.0:
+ Color: Add parse_with_alpha().
+ Context: Add set/get_round_glyph_positions().
+ Item: Add default constructor, get_char_offset().
+ Layout: Add set/get_justify_last_line(), get_direction(),
get_caret_pos().
+ LayoutIter: Add operator bool(), get_run_baseline().
+ LayoutLine: Add is_paragraph_start(), get_resolved_direction(),
get_height().
+ TabArray: Add TabArray(const Glib::ustring& text) constructor,
operator bool(), set_positions_in_pixels(), to_string(),
set/get_decimal_point(), sort().
+ Documentation:
- Language::get_scripts(): Improve documentation.
- Don't link to removed parts of library.gnome.org.
+ Build:
- Require pango >= 1.54.0.
- Meson build: Require meson >= 0.62.0.
- Use Meson's pkgconfig module instead of using the *.pc.in
templates.
- Drop pangomm-docs-without-timestamp.patch, fixed upstream.
==== pipewire ====
Version update (1.2.4 -> 1.2.5)
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools
- Update to version 1.2.5:
+ Highlights
- Fix an fd mismatch in the protocol in some cases that could
lead to fd leaks and crashes.
- Fix a bug where the mixer was not updated after setting the
port, which would cause muted audio at boot or resume from
suspend.
- Fix a potential use-after-free in module-rt when stopping a
thread.
- Cached objects are now freed in the JACK API to avoid memory
leaks.
- Some more fixes and improvements.
+ PipeWire
- RequestProcess commands are now only sent after the node
completes the state change to RUNNING.
- More FreeBSD fixes.
- Handle ACTIVE links going to < PAUSED as well. This improves
renegotiation in some cases.
- Fix an fd mismatch in the protocol in some cases that could
lead to fd leaks and crashes.
+ Modules
- Many of the network modules can now also accept hostnames
instead of IP addresses.
- Fix a potential use-after-free in module-rt when stopping
the thread.
+ SPA
- Support for elogind was added.
- Some more errors are checked when converting JSON to POD.
- Fix a bug where the mixer was not updated after setting the
port, which would cause muted audio at boot or resume from
suspend.
+ JACK
- The BBT transport handling was improved. Some fields were
added to be able to handle the JACK semantics correctly.
- Buffers are now aligned according to the maximum CPU
alignment instead of the hardcoded 16 bytes alignment.
- Cached objects are now freed correctly.
+ Doc
- Some small doc updates.
- Don't try to enable apparmor support if without_apparmor is
defined (as in SLFO).
==== python-alembic ====
Version update (1.13.2 -> 1.13.3)
- update to 1.13.3:
* Render `if_exists` and `if_not_exists` parameters in
`CreateTableOp`, `CreateIndexOp`, `DropTableOp` and
`DropIndexOp` in an autogenerate context.
* Enhance `version_locations` parsing to handle paths containing
newlines.
* Added support for `Operations.create_table.if_not_exists` and
`Operations.drop_table.if_exists`, adding similar
functionality to render IF [NOT] EXISTS for table operations
in a similar way as with indexes.
==== python-cryptography ====
Version update (43.0.0 -> 43.0.1)
- update to 43.0.1:
* Updated Windows, macOS, and Linux wheels to be compiled with
OpenSSL 3.3.2.
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
MicroOS-release (20240927 -> 20240930)
ModemManager (1.20.6 -> 1.22.0)
audit (3.1.1 -> 4.0)
audit-secondary (3.1.1 -> 4.0)
docker
flashrom (1.3.0 -> 1.4.0)
gtkmm4 (4.14.0 -> 4.16.0)
libnetfilter_conntrack (1.0.9 -> 1.1.0)
libopenmpt (0.7.9 -> 0.7.10)
mozilla-nss (3.103 -> 3.104)
pangomm (2.52.0 -> 2.54.0)
pipewire (1.2.4 -> 1.2.5)
python-alembic (1.13.2 -> 1.13.3)
python-cryptography (43.0.0 -> 43.0.1)
python-greenlet (3.1.0 -> 3.1.1)
python-passlib
toolbox
=== Details ===
==== MicroOS-release ====
Version update (20240927 -> 20240930)
Subpackages: MicroOS-release-appliance MicroOS-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== ModemManager ====
Version update (1.20.6 -> 1.22.0)
Subpackages: libmm-glib0
- Update to version 1.22.0:
+ A new "MSG" (message) log verbosity level is introduced, which
is also the new default one if none explicitly defined. This
level takes the place of the old "INFO" level, as a level
including the most important messages that should be logged
without needing to be warnings or errors. The new "INFO" level
is more verbose than "MSG" but less verbose than "DBG", and may
be useful as default in systems where active debugging of WWAN
related issues is required. E.g. all user operations triggered
via DBus method calls are logged in "INFO" level.
+ Introduced the concept of "personal information" which should
by default not be included in log messages. Enabling personal
information in logs requires to run the daemon with the
'--log-personal-info' option. This feature is mostly
implemented for QMI and MBIM specific logs, but hasn't yet been
included in generic daemon logs or when using the AT protocol.
Changes and fixes related to this feature will be cherry-picked
and included in the future stable branch updates.
- Update URL and Source adresses.
==== audit ====
Version update (3.1.1 -> 4.0)
Subpackages: libaudit1 libauparse0
- Update to 4.0
- Drop python2 support
- Drop auvirt and autrace programs
- Drop SysVinit support
- Require the use of the 5.0 or later kernel headers
- New README.md file
- Rewrite legacy service functions in terms of systemctl
- Consolidate and update end of event detection to a common function
- Split off rule loading from auditd.service into audit-rules.service
- Refactor libaudit.h to split out logging functions and record numbers
- Speed up aureport --summary reports
- Limit libaudit python bindings to logging functions
- Add a metrics function for auparse
- Change auditctl to use pidfd_send_signal for signaling auditd
- Adjust watches to optimize syscalls hooked when watch file access
- Drop nispom rules
- Add intepretations for fsconfig, fsopen, fsmount, & move_mount
- Many code fixups (cgzones)
- Update syscall and interpretation tables to the 6.8 kernel
(from v3.1.2)
- When processing a run level change, make auditd exit
- In auditd, fix return code when rules added in immutable mode
- In auparse, when files are given, also consider EUID for access
- Auparse now interprets unnamed/anonymous sockets (Enzo Matsumiya)
- Disable Python bindings from setting rules due to swig bug (S. Trofimovich)
- Update all lookup tables for the 6.5 kernel
- Don't be as paranoid about auditctl -R file permissions
- In ausearch, correct subject/object search to be an and if both are given
- Adjust formats for 64 bit time_t
- Fix segfault in python bindings around the feed API
- Add feed_has_data, get_record_num, and get/goto_field_num to python bindings
- Update spec:
* Add fix-auparse-test.patch (downstream):
Upstream tests uses a static value (42) for 'gdm' uid/gid (based
on Fedora values, apparently). Replace these occurrences with
'unknown(123456)'
* Replace '--with-python' with '--with-python3' on %configure
* Add new headers 'audit_logging.h' and 'audit-records.h' for
audit-devel
==== audit-secondary ====
Version update (3.1.1 -> 4.0)
Subpackages: audit python3-audit system-group-audit
- Update audit-secondary.spec:
* Add "Requires: audit-rules" for audit package
* Remove preun/postun handling of audit-rules.service
- Update to 4.0
- Drop python2 support
- Drop auvirt and autrace programs
- Drop SysVinit support
- Require the use of the 5.0 or later kernel headers
- New README.md file
- Rewrite legacy service functions in terms of systemctl
- Consolidate and update end of event detection to a common function
- Split off rule loading from auditd.service into audit-rules.service
- Refactor libaudit.h to split out logging functions and record numbers
- Speed up aureport --summary reports
- Limit libaudit python bindings to logging functions
- Add a metrics function for auparse
- Change auditctl to use pidfd_send_signal for signaling auditd
- Adjust watches to optimize syscalls hooked when watch file access
- Drop nispom rules
- Add intepretations for fsconfig, fsopen, fsmount, & move_mount
- Many code fixups (cgzones)
- Update syscall and interpretation tables to the 6.8 kernel
(from v3.1.2)
- When processing a run level change, make auditd exit
- In auditd, fix return code when rules added in immutable mode
- In auparse, when files are given, also consider EUID for access
- Auparse now interprets unnamed/anonymous sockets (Enzo Matsumiya)
- Disable Python bindings from setting rules due to swig bug (S. Trofimovich)
- Update all lookup tables for the 6.5 kernel
- Don't be as paranoid about auditctl -R file permissions
- In ausearch, correct subject/object search to be an and if both are given
- Adjust formats for 64 bit time_t
- Fix segfault in python bindings around the feed API
- Add feed_has_data, get_record_num, and get/goto_field_num to python bindings
- Update spec:
* Move rules-related files into new subpackage `audit-rules':
* Files moved:
- /sbin/auditctl, /sbin/augenrules,
/etc/audit/{audit.rules,rules.d/audit.rules,audit-stop.rules}
- manpages for auditctl, augenrules, and audit.rules
- /etc/audit is now owned by `audit-rules' as well
* Add new file /usr/lib/systemd/system/audit-rules.service
* Remove in-house create-augenrules-service.patch that generated
augenrules.service systemd unit service
* Remove ownership of /usr/share/audit
* Create /usr/share/audit-rules directory on %install
* Remove audit-userspace-517-compat.patch (fixed upstream)
* Remove libev-werror.patch (fixed upstream)
* Remove audit-allow-manual-stop.patch (fixed upstream)
* Add fix-auparse-test.patch (downstream):
Upstream tests uses a static value (42) for 'gdm' uid/gid (based
on Fedora values, apparently). Replace these occurrences with
'unknown(123456)'
* Replace '--with-python' with '--with-python3' on %configure
* Remove autrace and auvirt references (upstream)
* Replace README with README.md
- Drop `--enable-systemd' from %configure as SysV-style scripts
aren't supported in upstream since
113ae191758c ("Drop support for SysVinit")
==== docker ====
Subpackages: docker-rootless-extras
- Add %{_sysconfdir}/audit/rules.d to filelist
==== flashrom ====
Version update (1.3.0 -> 1.4.0)
- Add doc and bash-completion subpackages
- Update to 1.4.0:
- Full changelog: https://www.flashrom.org/release_notes/v_1_4.html
==== gtkmm4 ====
Version update (4.14.0 -> 4.16.0)
- Update to version 4.16.0:
+ Almost identical to 4.15.1.
- Update to version 4.15.1:
+ Gdk:
- DrawContext: Deprecate begin_frame(), end_frame(),
is_in_frame(), get_frame_region().
- Surface: Deprecate set_opaque_region().
- Cursor: Rename create(const SlotGetTexture& slot, .....).
Call it create_from_slot(). It was added in 4.15.0, but some
create() calls in old code became ambiguous.
+ Gtk:
- Window: Add set_interactive_debugging().
- TextBuffer: Add enum TextBuffer::NotifyFlags,
add_commit_notify(), remove_commit_notify().
+ Build: Require gtk4 >= 4.15.5.
- Drop gtkmm4-docs-without-timestamp.patch: Fixed upstream.
==== libnetfilter_conntrack ====
Version update (1.0.9 -> 1.1.0)
- Update to release 1.1.0
* Enhancements for filtering dump and flush commands, see
struct nfct_filter_dump and nfct_nlmsg_build_filter().
* ctnetlink event BPF fixes (endianness issue, IPv6 matching)
and enhancements (zone matching).
==== libopenmpt ====
Version update (0.7.9 -> 0.7.10)
- Update to 0.7.10:
* [Change] FST was added to the list of supported file extension.
AMP uses this extension for multichannel MODs.
* [Bug] The Android NDK build system did not enable C++20 when
available.
* Fixed inconsistency in length calculation and actual playback
length with tempo commands below 32 BPM in various formats
(MDL, MED among others).
* MED: Command 09 (set speed) was limited to 20 ticks per row
instead of 32 ticks per row.
* MED: Allow tempo parameters < 32 BPM.
* MED: Disallow free panning if hardware mixing is enabled.
* For MOD-style vibrato, a speed parameter of 0 was not treated
as effect memory. Vibrato speed is now correct for both vibrato
commands.
* MED: Fix pattern index exhaustion in modules with multiple
subsongs.
* OKT: Don't drop global commands when setting paired channel
volume, and try to write channel volume on the next row in this
situation.
* PTM: Use square root pan law, like in XM files.
* SFX: Ignore unused data at end of oneshot samples which
sometimes caused clicky noises.
* SFX: More accurate implementation of arpeggio effect.
==== mozilla-nss ====
Version update (3.103 -> 3.104)
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs
- Fix build error under Leap by rebasing nss-fips-safe-memset.patch.
- update to NSS 3.104
* bmo#1910071 - Copy original corpus to heap-allocated buffer
* bmo#1910079 - Fix min ssl version for DTLS client fuzzer
* bmo#1908990 - Remove OS2 support just like we did on NSPR
* bmo#1910605 - clang-format NSS improvements
* bmo#1902078 - Adding basicutil.h to use HexString2SECItem function
* bmo#1908990 - removing dirent.c from build
* bmo#1902078 - Allow handing in keymaterial to shlibsign to make
the output reproducible
* bmo#1908990 - remove nec4.3, sunos4, riscos and SNI references
* bmo#1908990 - remove other old OS (BSDI, old HP UX, NCR,
openunix, sco, unixware or reliantUnix
* bmo#1908990 - remove mentions of WIN95
* bmo#1908990 - remove mentions of WIN16
* bmo#1913750 - More explicit directory naming
* bmo#1913755 - Add more options to TLS server fuzz target
* bmo#1913675 - Add more options to TLS client fuzz target
* bmo#1835240 - Use OSS-Fuzz corpus in NSS CI
* bmo#1908012 - set nssckbi version number to 2.70.
* bmo#1914499 - Remove Email Trust bit from ACCVRAIZ1 root cert.
* bmo#1908009 - Remove Email Trust bit from certSIGN ROOT CA.
* bmo#1908006 - Add Cybertrust Japan Roots to NSS.
* bmo#1908004 - Add Taiwan CA Roots to NSS.
* bmo#1911354 - remove search by decoded serial in
nssToken_FindCertificateByIssuerAndSerialNumber
* bmo#1913132 - Fix tstclnt CI build failure
* bmo#1913047 - vfyserv: ensure peer cert chain is in db for
CERT_VerifyCertificateNow
* bmo#1912427 - Enable all supported protocol versions for UDP
* bmo#1910361 - Actually use random PSK hash type
* bmo#1911576 - Initialize NSS DB once
* bmo#1910361 - Additional ECH cipher suites and PSK hash types
* bmo#1903604 - Automate corpus file generation for TLS client Fuzzer
* bmo#1910364 - Fix crash with UNSAFE_FUZZER_MODE
* bmo#1910605 - clang-format shlibsign.c
- remove obsolete nss-reproducible-builds.patch
==== pangomm ====
Version update (2.52.0 -> 2.54.0)
- Update to version 2.54.0:
+ Color: Add parse_with_alpha().
+ Context: Add set/get_round_glyph_positions().
+ Item: Add default constructor, get_char_offset().
+ Layout: Add set/get_justify_last_line(), get_direction(),
get_caret_pos().
+ LayoutIter: Add operator bool(), get_run_baseline().
+ LayoutLine: Add is_paragraph_start(), get_resolved_direction(),
get_height().
+ TabArray: Add TabArray(const Glib::ustring& text) constructor,
operator bool(), set_positions_in_pixels(), to_string(),
set/get_decimal_point(), sort().
+ Documentation:
- Language::get_scripts(): Improve documentation.
- Don't link to removed parts of library.gnome.org.
+ Build:
- Require pango >= 1.54.0.
- Meson build: Require meson >= 0.62.0.
- Use Meson's pkgconfig module instead of using the *.pc.in
templates.
- Drop pangomm-docs-without-timestamp.patch, fixed upstream.
==== pipewire ====
Version update (1.2.4 -> 1.2.5)
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools
- Update to version 1.2.5:
+ Highlights
- Fix an fd mismatch in the protocol in some cases that could
lead to fd leaks and crashes.
- Fix a bug where the mixer was not updated after setting the
port, which would cause muted audio at boot or resume from
suspend.
- Fix a potential use-after-free in module-rt when stopping a
thread.
- Cached objects are now freed in the JACK API to avoid memory
leaks.
- Some more fixes and improvements.
+ PipeWire
- RequestProcess commands are now only sent after the node
completes the state change to RUNNING.
- More FreeBSD fixes.
- Handle ACTIVE links going to < PAUSED as well. This improves
renegotiation in some cases.
- Fix an fd mismatch in the protocol in some cases that could
lead to fd leaks and crashes.
+ Modules
- Many of the network modules can now also accept hostnames
instead of IP addresses.
- Fix a potential use-after-free in module-rt when stopping
the thread.
+ SPA
- Support for elogind was added.
- Some more errors are checked when converting JSON to POD.
- Fix a bug where the mixer was not updated after setting the
port, which would cause muted audio at boot or resume from
suspend.
+ JACK
- The BBT transport handling was improved. Some fields were
added to be able to handle the JACK semantics correctly.
- Buffers are now aligned according to the maximum CPU
alignment instead of the hardcoded 16 bytes alignment.
- Cached objects are now freed correctly.
+ Doc
- Some small doc updates.
- Don't try to enable apparmor support if without_apparmor is
defined (as in SLFO).
==== python-alembic ====
Version update (1.13.2 -> 1.13.3)
- update to 1.13.3:
* Render `if_exists` and `if_not_exists` parameters in
`CreateTableOp`, `CreateIndexOp`, `DropTableOp` and
`DropIndexOp` in an autogenerate context.
* Enhance `version_locations` parsing to handle paths containing
newlines.
* Added support for `Operations.create_table.if_not_exists` and
`Operations.drop_table.if_exists`, adding similar
functionality to render IF [NOT] EXISTS for table operations
in a similar way as with indexes.
==== python-cryptography ====
Version update (43.0.0 -> 43.0.1)
- update to 43.0.1:
* Updated Windows, macOS, and Linux wheels to be compiled with
OpenSSL 3.3.2.
==== python-greenlet ====
Version update (3.1.0 -> 3.1.1)
- Fix build error under Leap.
- Update to 3.1.1
* Fix crashes on 32-bit PPC Linux. Note that there is no CI for this,
and support is best effort; there may be other issues lurking.
* Remove unnecessary logging sometimes during interpreter shutdown.
* Fix some crashes on 32-bit PPC MacOS. This is a very old platform,
and is only known to be tested on beta versions of an operating
system that was never released, using the GCC 14 only provided by
MacPorts; it may or may not work on the final MacOS X release that
supported 32-bit PowerPC. It has the known issue of leaking memory
when greenlets are used in multiple threads. Help debugging this
would be appreciated.
==== python-passlib ====
- Only run the full testsuite in openSUSE
==== toolbox ====
- Revert last change and update SLE/Leap Micro images to 5.5 (bsc#1227328)
1
0