MicroOS

Download

microos@lists.opensuse.org

May 2024

2 participants
3 discussions

New ARM MicroOS snapshot 20240512 released!
by Guillaume Gardet 14 May '24

14 May '24

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: MicroOS-release (20240424 -> 20240512) SDL2 (2.30.2 -> 2.30.3) aalib accountsservice acl btrfsprogs (6.8 -> 6.8.1) ca-certificates (2+git20230406.2dae8b7 -> 2+git20240415.3fe9324) cloud-init conmon (2.1.10 -> 2.1.11) containerd (1.7.10 -> 1.7.15) cyrus-sasl distribution-logos-openSUSE (20240404 -> 20240429) docker (25.0.3_ce -> 26.1.0_ce) dracut (059+suse.563.g4900899a -> 059+suse.581.g19b7c06c) evolution-data-server (3.52.0 -> 3.52.1) ffmpeg-4 ffmpeg-6 flatpak (1.15.6 -> 1.15.8) fribidi (1.0.13 -> 1.0.14) fwupd (1.9.16 -> 1.9.19) gcc13 (13.2.1+git8285 -> 13.2.1+git8761) gcc14 (14.0.1+git10008 -> 14.1.0+git10173) gdk-pixbuf (2.42.10 -> 2.42.11) glibc glslang (14.1.0 -> 14.2.0) gnome-browser-connector gnome-control-center (46.0.1 -> 46.1) gnome-initial-setup (46.0 -> 46.1) gnome-settings-daemon gnome-shell (46.0 -> 46.1) gnome-shell-extensions (46.0 -> 46.1) gnome-software (46.0 -> 46.1) gnome-terminal (3.52.0 -> 3.52.1) gnome-tweaks (46.0 -> 46.1) gnome-user-docs (46.0 -> 46.1) gobject-introspection google-noto-coloremoji-fonts (20230315 -> 20240424) google-noto-fonts (20240401 -> 20240501) gpsd grub2 gsettings-desktop-schemas gstreamer gtk2 gtk4 (4.14.3 -> 4.14.4) harfbuzz hyper-v installation-images-MicroOS (17.121 -> 17.125) iso-codes kernel-firmware (20240419 -> 20240426) kernel-source (6.8.7 -> 6.8.8) kf6-attica (6.1.0 -> 6.2.0) kf6-baloo (6.1.0 -> 6.2.0) kf6-bluez-qt (6.1.0 -> 6.2.0) kf6-breeze-icons (6.1.0 -> 6.2.0) kf6-frameworkintegration (6.1.0 -> 6.2.0) kf6-karchive (6.1.0 -> 6.2.0) kf6-kauth (6.1.0 -> 6.2.0) kf6-kbookmarks (6.1.0 -> 6.2.0) kf6-kcmutils (6.1.0 -> 6.2.0) kf6-kcodecs (6.1.0 -> 6.2.0) kf6-kcolorscheme (6.1.0 -> 6.2.0) kf6-kcompletion (6.1.0 -> 6.2.0) kf6-kconfig (6.1.0 -> 6.2.0) kf6-kconfigwidgets (6.1.0 -> 6.2.0) kf6-kcoreaddons (6.1.0 -> 6.2.0) kf6-kcrash (6.1.0 -> 6.2.0) kf6-kdbusaddons (6.1.0 -> 6.2.0) kf6-kdeclarative (6.1.0 -> 6.2.0) kf6-kded (6.1.0 -> 6.2.0) kf6-kdesu (6.1.0 -> 6.2.0) kf6-kdnssd (6.1.0 -> 6.2.0) kf6-kdoctools (6.1.0 -> 6.2.0) kf6-kfilemetadata (6.1.0 -> 6.2.0) kf6-kglobalaccel (6.1.0 -> 6.2.0) kf6-kguiaddons (6.1.0 -> 6.2.0) kf6-kholidays (6.1.0 -> 6.2.0) kf6-ki18n (6.1.0 -> 6.2.0) kf6-kiconthemes (6.1.0 -> 6.2.0) kf6-kidletime (6.1.0 -> 6.2.0) kf6-kio (6.1.0 -> 6.2.0) kf6-kirigami (6.1.0 -> 6.2.0) kf6-kitemmodels (6.1.0 -> 6.2.0) kf6-kitemviews (6.1.0 -> 6.2.0) kf6-kjobwidgets (6.1.0 -> 6.2.0) kf6-knewstuff (6.1.0 -> 6.2.0) kf6-knotifications (6.1.0 -> 6.2.0) kf6-knotifyconfig (6.1.0 -> 6.2.0) kf6-kpackage (6.1.0 -> 6.2.0) kf6-kparts (6.1.0 -> 6.2.0) kf6-kpty (6.1.0 -> 6.2.0) kf6-kquickcharts (6.1.0 -> 6.2.0) kf6-krunner (6.1.0 -> 6.2.0) kf6-kservice (6.1.0 -> 6.2.0) kf6-kstatusnotifieritem (6.1.0 -> 6.2.0) kf6-ksvg (6.1.0 -> 6.2.0) kf6-ktexteditor (6.1.0 -> 6.2.0) kf6-ktextwidgets (6.1.0 -> 6.2.0) kf6-kunitconversion (6.1.0 -> 6.2.0) kf6-kuserfeedback (6.1.0 -> 6.2.0) kf6-kwallet (6.1.0 -> 6.2.0) kf6-kwidgetsaddons (6.1.0 -> 6.2.0) kf6-kwindowsystem (6.1.0 -> 6.2.0) kf6-kxmlgui (6.1.0 -> 6.2.0) kf6-modemmanager-qt (6.1.0 -> 6.2.0) kf6-networkmanager-qt (6.1.0 -> 6.2.0) kf6-prison (6.1.0 -> 6.2.0) kf6-purpose (6.1.0 -> 6.2.0) kf6-qqc2-desktop-style (6.1.0 -> 6.2.0) kf6-solid (6.1.0 -> 6.2.0) kf6-sonnet (6.1.0 -> 6.2.0) kf6-syndication (6.1.0 -> 6.2.0) kf6-syntax-highlighting (6.1.0 -> 6.2.0) kirigami-addons6 (1.1.0 -> 1.2.0) krb5 libarchive (3.7.2 -> 3.7.4) libbpf (1.4.0 -> 1.4.1) libcontainers-common libgpg-error (1.48 -> 1.49) libnvme (1.8+0.gbff7dda -> 1.9+0.g80c5cf2) libproxy-backend (0.5.5 -> 0.5.6) libproxy-client (0.5.5 -> 0.5.6) libqaccessibilityclient-qt6 (0.5.0 -> 0.6.0) libupnp (1.14.18 -> 1.14.19) libxslt llvm18 (18.1.4 -> 18.1.5) mobile-broadband-provider-info (20230416 -> 20240407) mutter (46.0 -> 46.1) nautilus (46.0 -> 46.1) ncurses (6.4.20240414 -> 6.5.20240427) nvme-cli (2.8 -> 2.9.1) openssl-3 osinfo-db passt (20240405.954589b -> 20240426.d03c4e2) patterns-base pcre2 pcsc-lite (2.0.3 -> 2.1.0) pipewire (1.0.5 -> 1.0.5+git36.60deeb2) pixman (0.43.2 -> 0.43.4) podman polkit-default-privs (1550+20240325.eddbe04 -> 1550+20240430.5327266) python-Jinja2 (3.1.3 -> 3.1.4) python-cryptography (42.0.5 -> 42.0.6) python-jsonschema (4.21.1 -> 4.22.0) python-referencing (0.34.0 -> 0.35.1) python311 python311-core qemu (8.2.2 -> 8.2.3) qt6-base re2 (20240401 -> 20240501) rebootmgr (2.4 -> 2.4+git20240503.5b98913) rust-keylime (0.2.4~0 -> 0.2.5~0) sdbootutil (1+git20240410.3325802 -> 1+git20240506.573a6a4) sddm sddm-qt6 setools (4.5.0 -> 4.5.1) slirp4netns (1.2.3 -> 1.3.0) sof-firmware (2023.12.1 -> 2024.03) sqlite3 (3.45.2 -> 3.45.3) systemd (255.4 -> 255.5) systemd-presets-branding-Aeon taglib thin-provisioning-tools tpm2-0-tss (4.0.1 -> 4.1.0) tpm2.0-tools (5.6 -> 5.7) tracker (3.7.1 -> 3.7.3) tracker-miners (3.7.1 -> 3.7.3) transactional-update (4.6.6 -> 4.6.8) util-linux (2.39.3 -> 2.40.1) util-linux-systemd (1.3.1 -> 2.40.1) vlc vte (0.76.0 -> 0.76.1) wireplumber wtmpdb (0.11.0 -> 0.12.0+git.20240508) xconsole (1.0.8 -> 1.1.0) xdg-desktop-portal-gnome (46.0 -> 46.1) xxhash === Details === ==== MicroOS-release ==== Version update (20240424 -> 20240512) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== SDL2 ==== Version update (2.30.2 -> 2.30.3) - Update to release 2.30.3 * Fixed a pointer warping issue on XWayland * Reduced startup time when scanning for game controllers on Linux ==== aalib ==== - Remove conditionals for SUSE 11.3 - Add -fpermissive to optflags (boo#1223910). ==== accountsservice ==== Subpackages: libaccountsservice0 typelib-1_0-AccountsService-1_0 - Keep en and en_GB 'translations' in the main package: do not force -lang packages onto all users. ==== acl ==== - BuildRequire gettext-devel instead of gettext-tools-mini: let OBS sort out if the -mini package is the right one to be used or not. ==== btrfsprogs ==== Version update (6.8 -> 6.8.1) Subpackages: btrfsprogs-udev-rules libbtrfs0 libbtrfsutil1 - update to 6.8.1 * mkfs: fix writing on zoned device when block-group-tree is selected * tune: fix writing on zoned device with option --convert-to-block-group-tree * check: * more progress and error messages * unify handling of unknown command line options with other commands * subvolume delete: remove options --delete-qgroup and --no-delete-qgroup (added in 6.6.3), qgroup deletion does not always work due to delayed background processing of subvolume or set value in sysfs:ggroup/drop_subtree_threshold * other: * misc refactoring * error handling fixes reported by gcc -fanalyzer * documentation updates * new and updated tests - enable zstd support for 15.6 / SLE15-SP6 build targets (bsc#1221943) ==== ca-certificates ==== Version update (2+git20230406.2dae8b7 -> 2+git20240415.3fe9324) - Update to version 2+git20240415.3fe9324: * Add ca-certificates-setup.service * typo: differnt/different ==== cloud-init ==== - Add cloud-init-usr-sudoers.patch (bsc#1223469) + Handle the existence of /usr/etc/sudoers to search for the expected include location ==== conmon ==== Version update (2.1.10 -> 2.1.11) - New upstream release 2.1.11 * docs/Makefile: softcode GOMD2MAN by @rahilarious * chore(deps): update dependency containers/automation_images to v20231208 by @renovate * drop --tty on exec by @haircommander * update packit config, enable downstream tasks by @lsm5 * Remove checks for (long)deprecated libsystemd-journal for libsystemd by @rahilarious * Add support for s390x by @saschagrunert * Build s390x binaries using musl libc by @saschagrunert ==== containerd ==== Version update (1.7.10 -> 1.7.15) - Use obs_scm service instead of tar_scm - Removed patch 0002-shim-Create-pid-file-with-0644-permissions.patch (merged upstream at <https://github.com/containerd/containerd/pull/9571>) - Update to containerd v1.7.15. Upstream release notes: <https://github.com/containerd/containerd/releases/tag/v1.7.15> - Update to containerd v1.7.14. Upstream release notes: <https://github.com/containerd/containerd/releases/tag/v1.7.14> - Update to containerd v1.7.13. Upstream release notes: <https://github.com/containerd/containerd/releases/tag/v1.7.13> - Update to containerd v1.7.12. Upstream release notes: <https://github.com/containerd/containerd/releases/tag/v1.7.12> - Update to containerd v1.7.11. Upstream release notes: <https://github.com/containerd/containerd/releases/tag/v1.7.11> ==== cyrus-sasl ==== Subpackages: cyrus-sasl-gssapi libsasl2-3 - GCC 14: cyrus-sasl package fails (bsc#1221863) Apply upstream patch: 0001-Fix-time.h-check.patch ==== distribution-logos-openSUSE ==== Version update (20240404 -> 20240429) Subpackages: distribution-logos-openSUSE-MicroOS distribution-logos-openSUSE-icons - Update to version 20240429: * Introduce Slowroll logos * Aeon: Correct colored icons to use Aeon brand color - Update to version 20240424: * Aeon: Make light versions actually light ==== docker ==== Version update (25.0.3_ce -> 26.1.0_ce) Subpackages: docker-rootless-extras - Update to Docker 26.1.0-ce. See upstream changelog online at <https://docs.docker.com/engine/release-notes/26.1/#2610> - Rebase patches: * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch * cli-0001-docs-include-required-tools-in-source-tree.patch - Update to Docker 26.0.1-ce. See upstream changelog online at <https://docs.docker.com/engine/release-notes/26.0/#2601> - Rebase patches: * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch * cli-0001-docs-include-required-tools-in-source-tree.patch - Update --add-runtime to point to correct binary path. [NOTE: This update was only ever released in SLES and Leap.] - Update to Docker 25.0.5-ce. See upstream changelog online at <https://docs.docker.com/engine/release-notes/25.0/#2505> bsc#1223409 - Rebase patches: * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch * cli-0001-docs-include-required-tools-in-source-tree.patch - Remove upstreamed patches: - 0007-daemon-overlay2-remove-world-writable-permission-fro.patch - Update --add-runtime to point to correct binary path. [NOTE: This update was only ever released in SLES and Leap.] - Add patch to fix bsc#1220339 * 0007-daemon-overlay2-remove-world-writable-permission-fro.patch - rebase patches: * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch * 0006-Vendor-in-latest-buildkit-v0.11-branch-including-CVE.patch ==== dracut ==== Version update (059+suse.563.g4900899a -> 059+suse.581.g19b7c06c) Subpackages: dracut-ima - Update to version 059+suse.581.g19b7c06c: * fix(dracut): move hooks directory from /usr/lib to /var/lib (bsc#1218068) * feat(tpm2-tss): add tpm2.target and systemd-tpm2-generator * fix(systemd): explicitly install some libs that will not be statically included * fix(dracut-lib): only remove initqueue/finished scripts, not the hook dir * fix(dracut-util): avoid memory leak * fix(dracut-install): memory leak in two `hashmap_put` calls if key exists * fix(dracut-install): release memory allocated for regular expressions * fix(dracut-install): memory leak in `--modalias` option * refactor(dracut-install): strerror(errno) -> %m * perf(dracut-install): don't strdup() environment block * perf(dracut-install): don't reallocate {src,dst}path in hmac_install() * perf(dracut-install): don't strdup() excessively for dracut_install() * perf(dracut-install): stat() w/unused buf -> access(F_OK) in dracut-install * perf(dracut-install): multiple single-character strstr()s -> strpbrk() ==== evolution-data-server ==== Version update (3.52.0 -> 3.52.1) Subpackages: libcamel-1_2-64 libebackend-1_2-11 libebook-1_2-21 libebook-contacts-1_2-4 libecal-2_0-3 libedata-book-1_2-27 libedata-cal-2_0-2 libedataserver-1_2-27 libedataserverui-1_2-4 - Update to version 3.52.1: + Bug Fixes: - Camel: Sanitize exported OpenPGP public key before transfer. - Google Task stale item cannot be deleted. + Miscellaneous: - EOAuth2ServiceOutlook: Cannot be used with IMAP. - IMAPx: Correct return value of imapx_splice_with_progress() when cancelled. - IMAPX: Correct path returned by imapx_get_filename(). + Updated translations. ==== ffmpeg-4 ==== Subpackages: libavcodec58_134 libavformat58_76 libavutil56_70 libpostproc55_9 libswresample3_9 libswscale5_9 - Add ffmpeg-CVE-2023-50010.patch: Backporting e4d2666b from upstream, fixes the out of array access. (CVE-2023-50010 bsc#1223256) - Add 0001-avfilter-af_stereowiden-Check-length.patch [boo#1223437, CVE-2023-51794] - Add ffmpeg-CVE-2023-51793.patch: Backporting 0ecc1f0e from upstream, Fix odd height handling. (CVE-2023-51793 bsc#1223272) - Add ffmpeg-CVE-2023-49502.patch: Backporting 737ede40 from upstream, account for chroma sub-sampling in min size calculation. (CVE-2023-49502 bsc#1223235) - Address boo#1223304/CVE-2023-51798: add patch 0001-avfilter-vf_minterpolate-Check-pts-before-division.patch ==== ffmpeg-6 ==== Subpackages: libavcodec60 libavfilter9 libavformat60 libavutil58 libpostproc57 libswresample4 libswscale7 - Add ffmpeg-CVE-2023-50008.patch: Backporting 5f87a68c from upstream, Fix memory leaks. (CVE-2023-50008 bsc#1223254) - Add ffmpeg-CVE-2023-50007.patch: Backporting b1942734 from upstream, Fix crash with EOF handling. (CVE-2023-50007 bsc#1223253) ==== flatpak ==== Version update (1.15.6 -> 1.15.8) Subpackages: flatpak-selinux libflatpak0 system-user-flatpak - disable parental controls for now by using '-Dmalcontent=disabled', to work around issues with xdg-desktop-portal - Update to version 1.15.8: + Security fixes: - Don't allow an executable name to be misinterpreted as a command-line option for bwrap(1). This prevents a sandbox escape where a malicious or compromised app could ask xdg-desktop-portal to generate a .desktop file with access to files outside the sandbox. (CVE-2024-32462, boo#1223110). + Other bug fixes: - Pass the -export-dynamic linker option as - Wl,-export-dynamic, fixing build failures with clang 18 and lld 18. - Fix a double-free when installation is cancelled. - Fix installed-tests failure with "FUSERMOUNT: unbound variable". - Changes from version 1.15.7: + New features: - Automatically remove obsolete driver versions and other autopruned refs. - --socket=inherit-wayland-socket. - Automatically reload D-Bus session bus configuration after installing or upgrading apps, to pick up any exported D-Bus services. + Bug fixes: - Don't parse <developer><name/></developer> as the application name. - Don't refuse to start apps when there is no D-Bus system bus available. - Don't try to repeat migration of apps whose data was migrated to a new name and then deleted. - Improve handling of mixed locales on systems with systemd-localed. - Improve display of ellipsized columns in wide terminals. - Make flatpak info -e look for extensions in all installations. - Fix warnings from newer GLib versions. - Always set the container environment variable. - Always let the app inherit redirected file descriptors. - In flatpak ps, add xdg-desktop-portal-gnome to the list of backends we'll use to learn which apps are running in the background. - Don't use WAYLAND_SOCKET unless given - -socket=inherit-wayland-socket. - Use fusermount3 if compiled with FUSE 3, overridable with - Dsystem_fusermount compile-time option. - Avoid leaking a temporary variable from /etc/profile.d/flatpak.sh into the shell environment. - Improve async-signal safety. - Fix various memory leaks. - Avoid undefined behaviour of signed left-shift when storing object IDs in a hash table. - Detect the correct gtk-doc when cross-compiling. - Detect the correct wayland-scanner when cross-compiling. - Documentation improvements. - Skip more tests when FUSE isn't available. - Updated translations. - Add libglnx.patch: fix meson function detection. - Switch build system to meson: + Add meson BuildRequires. + Switch configure/make_build/make_install macros to meson/meson_build/meson_install, preserving the configure parameters as close as possible: - -disable-silent-rules => obsoleted - -with-system-bubblewrap => -Dsystem_bubblewrap=bwrap - -with-curl => -Dhttp_backend=curl - Add pkgconfig(malcontent-0) BuildRequires: enable malcontent support. ==== fribidi ==== Version update (1.0.13 -> 1.0.14) - update to 1.0.14: * Updated Unicode tables to version 15.1 ==== fwupd ==== Version update (1.9.16 -> 1.9.19) Subpackages: libfwupd2 typelib-1_0-Fwupd-2_0 - Update to version 1.9.19: + This release adds the following features: - Drop heap as part of a housekeeping action. - Retry downloads to workaround flaky network connections. + This release fixes the following bugs: - Assume new ME versions are called CSME. - Fix a buffer-overread when parsing invalid CoSWID entity data. - Fix a logic thinko when parsing GUID strings. - Fix downloading files on Windows with libcurl >= 7.77.0. - Revert back to a simpler syscall blocklist-based filter. + This release adds support for the following hardware:. - Acer U32 dock. - Luxshare 7-in-1 dock. - Pixart models 2404, 4206, 2440, 2418, 2752, 2840 and 2818. - Update to version 1.9.18: + Fix a small memory leak in fwupdmgr. + Use simple allow-listing for the syscall filter. - Changes from version 1.9.17: + This release fixes the following bugs: - Capture device status changes when in bootloader mode. - Change the systemd SystemCallFilter to an allowlist. - Detect when a CCGX dock forbids downgrade. - Do not add an overly-generic instance ID to CrosEC devices. - Do not read OptionROM verification data on Apple hardware. - Emit a signal when a user-request is no longer valid. - Fix a potential crash when parsing invalid CBOR data. - Properly show SPDX project licenses with AND as a delimiter. - Verify that syscalls are being filtered correctly at startup. + This release adds support for the following hardware: - Asus DC201. - Realtek Gen1 RTS541x. ==== gcc13 ==== Version update (13.2.1+git8285 -> 13.2.1+git8761) - Update to gcc-13 branch head, b7a2697733d19a093cbdd0e200, git8761 - Removed gcc13-pr111731.patch now included upstream - Add gcc13-amdgcn-remove-fiji.patch removing Fiji support from the GCN offload compiler as that is requiring Code Object version 3 which is no longer supported by llvm18. ==== gcc14 ==== Version update (14.0.1+git10008 -> 14.1.0+git10173) Subpackages: libgcc_s1 libgomp1 libstdc++6 libubsan1 - Update to GCC 14.1 release. - Update to gcc-14 branch head, 7a00c459cbb913ac165a39d34, git10154 * GCC 14.1 RC1 ==== gdk-pixbuf ==== Version update (2.42.10 -> 2.42.11) Subpackages: gdk-pixbuf-query-loaders gdk-pixbuf-thumbnailer libgdk_pixbuf-2_0-0 typelib-1_0-GdkPixbuf-2_0 - Pass -Dothers=enabled to meson: enable other image loaders (most notably beeded seems xpm,xbm). This is in line with upstreams recommendation for now, but won't be working past version 2.43.x. The loaders will likely be split out into a separate repo. (boo#1223903, glgo#GNOME/gdk-pixbuf!169). - Add 238893d8cd6f9c2616a05ab521a29651a17a38c2.patch: Fix test suite with other loaders enabled. - Update to version 2.42.11: + Disable fringe loaders by default. + Introspection fixes. + Updated translations. ==== glibc ==== Subpackages: glibc-locale glibc-locale-base - glibc-fix-cve-2024-33599.patch: nscd: Stack-based buffer overflow in netgroup cache (CVE-2024-33599, bsc#1223423) ==== glslang ==== Version update (14.1.0 -> 14.2.0) - Update to release 14.2 * Improve checking for location aliasing errors * Fix undefined behavior in parser * Add bounds check to gl_SampleMask * Fix alignment and padding of matrices consuming one vector * Remove duplicate SPIR-V decorations * Check for exponent overflow in float parser * Fix bug in relaxed verification rules * Fix bug when importing SPIR-V extended intruction set * Fix issues with the interaction of cooperative_matrix and spirv_intrinsics * Support SPV_QCOM_image_processing2 * Support files with UTF8BOM character ==== gnome-browser-connector ==== - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [bsc#1212476] ==== gnome-control-center ==== Version update (46.0.1 -> 46.1) Subpackages: gnome-control-center-color gnome-control-center-goa - Update to version 46.1: + Accessibility: Improve accessibility of "Typing" settings sliders. + Display: Fix crash when pressing Escape in the display settings. + Network: Add stable-ssid support for cloned-mac. + Privacy: - Add build option to enable Location services - Fix opening of Help pages while viewing Privacy settings + Sharing: Auto hide Sharing panel when Rygel AND gnome-user-share are not available. + System: - Don't show auto-timezone setting when Location services unavailable. - Avoid unnecessary time-change requests. - Fix issue with sensitivity of "Add" and "Enroll" Enterprise Login buttons. - Improve generated passwords capacity in Remote Desktop settings. + Wacom: Check for the right output connector name. - Drop upstream merged gnome-control-center-datetime-Avoid-emitting-the-time-changed-signal.patch. ==== gnome-initial-setup ==== Version update (46.0 -> 46.1) - Update to version 46.1: + gnome-initial-setup-copy-worker, which runs after Initial Setup has created the first user on the system, is now ordered before GNOME Keyring, assuming both Initial Setup and GNOME Keyring have been configured with systemd support. This avoids a race between gnome-initial-setup-copy-worker copying the login keyring that was created during Initial Setup, and GNOME Keyring creating a login keyring if none exists on disk. + Keyboard navigation now works better on the Wi-Fi page. + Updated translations. ==== gnome-settings-daemon ==== - Update gnome-settings-daemon-bgo793253.patch to fix the build with gcc 14. ==== gnome-shell ==== Version update (46.0 -> 46.1) Subpackages: gnome-shell-calendar - Update to version 46.1: + Improve notification of conflicting session. + Add shift level to Korean OSK layout. + Fix markup support in notifications. + extensions-app: Fix empty rows with '&' in extension name. + extensions-app: Improve HIG compliance. + Omit expand buttons in notification banners. + Misc. bug fixes and cleanups. + Updated translations. - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [bsc#1212476] ==== gnome-shell-extensions ==== Version update (46.0 -> 46.1) Subpackages: gnome-shell-classic gnome-shell-extensions-common - Update to version 46.1: + screenshot-window-sizer: Add flathub-recommended size. + Updated translations. ==== gnome-software ==== Version update (46.0 -> 46.1) - Update to version 46.1: + Fix a crash when updating apps when built with Mogwai. + Fix a crash when installing flatpak application. + Correct desktop/mobile hardware support detection. + Correct state of Fedora upgrade. + Several fixes in historical updates for rpm-ostree. + Updated translations. ==== gnome-terminal ==== Version update (3.52.0 -> 3.52.1) Subpackages: nautilus-extension-terminal - Update to version 3.52.1: + schema: Fix light green color to match the GNOME palette. + prefs: Follow the theme variant setting. ==== gnome-tweaks ==== Version update (46.0 -> 46.1) - Update to version 46.1: + Themes no longer show up despite that the user themes extension being enabled. + New font selections are not saved. + Updated translations. - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [bsc#1212476] ==== gnome-user-docs ==== Version update (46.0 -> 46.1) - Update to version 46.1: + Updated translations. ==== gobject-introspection ==== Subpackages: girepository-1_0 libgirepository-1_0-1 - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [bsc#1212476] ==== google-noto-coloremoji-fonts ==== Version update (20230315 -> 20240424) - Update to v2.042 * Unicode 15.1 update ==== google-noto-fonts ==== Version update (20240401 -> 20240501) Subpackages: google-noto-sans-fonts google-noto-sans-math-fonts - Update to 20240501 * Noto Rashi Hebrew - Corrects the width and position of marks under double-yud and double-vov - Improves the anchoring of yod - Adds the U+053F yod triangle character - Improves the spacing of tsadi * Noto Egyptian Hieroglyphs - Add codepoints from Unicode 14 ==== gpsd ==== - usage of %python3_fix_shebang to cover /usr/bin is also needed [bsc#1212476] ==== grub2 ==== Subpackages: grub2-arm64-efi grub2-snapper-plugin - Fix gcc error with CFLAGS=-Og * grub2-grubenv-in-btrfs-header.patch ==== gsettings-desktop-schemas ==== - Move en_US and en_GB 'translations' to the main package. Do not force the -lang package on all users. ==== gstreamer ==== Subpackages: libgstreamer-1_0-0 typelib-1_0-Gst-1_0 - remove dependency on /usr/bin/python3 using %python3_fix_shebang_path macro, [bsc#1212476] ==== gtk2 ==== Subpackages: gtk2-tools libgtk-2_0-0 - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [bsc#1212476] - Add gtk2-gcc14.patch: fix build with gcc 14. ==== gtk4 ==== Version update (4.14.3 -> 4.14.4) Subpackages: gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0 - Update to version 4.14.4: + GtkGraphicsOffload: Don't crash without a child. + Icontheme: - Make symbolic svg loading more efficient. - Handle color-free symbolics more efficiently. + Accessibility: - Make the gtk-demo sidebar search more accessible. - Stop emitting focus events. + GDK: - Support XDG_ACTIVATION_TOKEN. - dmabuf: Be more defensive when importing unknown formats. - dmabuf: Use narrow range for YUV. + GSK: gpu: Handle tiny offscreens correctl. + Build: Fix many ubsan warning. + Updated translations. ==== harfbuzz ==== Subpackages: libharfbuzz-gobject0 libharfbuzz-icu0 libharfbuzz-subset0 libharfbuzz0 typelib-1_0-HarfBuzz-0_0 - Force higher C++ standard version for building with ICU 75. ==== hyper-v ==== - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [bsc#1212476] ==== installation-images-MicroOS ==== Version update (17.121 -> 17.125) - merge gh#openSUSE/installation-images#707 - refresh ssh_host_rsa_key (jsc#PED-129) - 17.125 - merge gh#openSUSE/installation-images#711 - increase XZ compression level for initrd (bsc#1223982) - support ZSTD compression for initrd - 17.124 - merge gh#openSUSE/installation-images#710 - require libsolv-tools explicitly - 17.123 - merge gh#openSUSE/installation-images#709 - do not use gettext-runtime-mini (bsc#1223775) - 17.122 ==== iso-codes ==== - Merge iso codes-translations into the main package. iso-codes isn't particularly useful without its translations. Some KDE packages require and/or heavily rely on them. gnome-control-center also needs translations to display localized names in system config menu. ==== kernel-firmware ==== Version update (20240419 -> 20240426) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20240426 (git commit 2398d264f953): * amdgpu: DMCUB updates for various AMDGPU ASICs * linux-firmware: Add firmware for Cirrus CS35L56 for various HP laptops * i915: Update Xe2LPD DMC to v2.20 * linux-firmware: Remove Calibration Firmware and Tuning for CS35L41 * linux-firmware: Add firmware for Lenovo Thinkbook 13X * ASoC: tas2781: Add dsp firmware for Thinkpad ICE-1 laptop * amdgpu: add DMCUB 3.5 firmware * amdgpu: add VPE 6.1.0 firmware * amdgpu: add VCN 4.0.5 firmware * amdgpu: add UMSCH 4.0.0 firmware * amdgpu: add SDMA 6.1.0 firmware * amdgpu: add PSP 14.0.0 firmware * amdgpu: add GC 11.5.0 firmware * amdgpu: update license date ==== kernel-source ==== Version update (6.8.7 -> 6.8.8) - Linux 6.8.8 (bsc#1012628). - thunderbolt: Reset only non-USB4 host routers in resume (bsc#1012628). - ksmbd: common: use struct_group_attr instead of struct_group for network_open_info (bsc#1012628). - ksmbd: clear RENAME_NOREPLACE before calling vfs_rename (bsc#1012628). - ksmbd: validate request buffer size in smb2_allocate_rsp_buf() (bsc#1012628). - ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf (bsc#1012628). - net: dsa: mt7530: fix enabling EEE on MT7531 switch on all boards (bsc#1012628). - net: dsa: mt7530: fix improper frames on all 25MHz and 40MHz XTAL MT7530 (bsc#1012628). - fork: defer linking file vma until vma is fully initialized (bsc#1012628). - nilfs2: fix OOB in nilfs_set_de_type (bsc#1012628). - Squashfs: check the inode number is not the invalid value of zero (bsc#1012628). - bootconfig: use memblock_free_late to free xbc memory to buddy (bsc#1012628). - nouveau: fix instmem race condition around ptr stores (bsc#1012628). - drm/vmwgfx: Fix crtc's atomic check conditional (bsc#1012628). - drm/vmwgfx: Sort primary plane formats by order of preference (bsc#1012628). - drm/vmwgfx: Fix prime import/export (bsc#1012628). - drm/xe: Fix bo leak in intel_fb_bo_framebuffer_init (bsc#1012628). - drm/ttm: stop pooling cached NUMA pages v2 (bsc#1012628). - drm/amdgpu: remove invalid resource->start check v2 (bsc#1012628). - drm/amdkfd: Fix memory leak in create_process failure (bsc#1012628). - drm/amdgpu: validate the parameters of bo mapping operations more clearly (bsc#1012628). - fuse: fix leaked ENOSYS error on first statx call (bsc#1012628). - mm/shmem: inline shmem_is_huge() for disabled transparent hugepages (bsc#1012628). - mm/memory-failure: fix deadlock when hugetlb_optimize_vmemmap is enabled (bsc#1012628). - mm,swapops: update check in is_pfn_swap_entry for hwpoison entries (bsc#1012628). - mm/userfaultfd: allow hugetlb change protection upon poison entry (bsc#1012628). - mm/madvise: make MADV_POPULATE_(READ|WRITE) handle VM_FAULT_RETRY properly (bsc#1012628). - init/main.c: Fix potential static_command_line memory overflow (bsc#1012628). - arm64: hibernate: Fix level3 translation fault in swsusp_save() (bsc#1012628). - arm64/head: Disable MMU at EL2 before clearing HCR_EL2.E2H (bsc#1012628). - KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status (bsc#1012628). - KVM: x86/mmu: x86: Don't overflow lpage_info when checking attributes (bsc#1012628). - KVM: x86/pmu: Do not mask LVTPC when handling a PMI on AMD platforms (bsc#1012628). - KVM: x86/pmu: Disable support for adaptive PEBS (bsc#1012628). - KVM: x86: Snapshot if a vCPU's vendor model is AMD vs. Intel compatible (bsc#1012628). - sched: Add missing memory barrier in switch_mm_cid (bsc#1012628). - fs: sysfs: Fix reference leak in sysfs_break_active_protection() (bsc#1012628). - speakup: Avoid crash on very long word (bsc#1012628). - mei: me: disable RPL-S on SPS and IGN firmwares (bsc#1012628). - mei: vsc: Unregister interrupt handler for system suspend (bsc#1012628). - usb: typec: tcpm: Correct the PDO counting in pd_set (bsc#1012628). - usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (bsc#1012628). - usb: Disable USB3 LPM at shutdown (bsc#1012628). - usb: dwc2: host: Fix dereference issue in DDMA completion flow (bsc#1012628). - Revert "mei: vsc: Call wake_up() in the threaded IRQ handler" (bsc#1012628). - Revert "usb: cdc-wdm: close race between read and workqueue" (bsc#1012628). - USB: serial: option: add Telit FN920C04 rmnet compositions (bsc#1012628). - USB: serial: option: add Rolling RW101-GL and RW135-GL support (bsc#1012628). - USB: serial: option: support Quectel EM060K sub-models (bsc#1012628). - USB: serial: option: add Lonsung U8300/U9300 product (bsc#1012628). - USB: serial: option: add support for Fibocom FM650/FG650 (bsc#1012628). - USB: serial: option: add Fibocom FM135-GL variants (bsc#1012628). - serial: core: Fix missing shutdown and startup for serial base port (bsc#1012628). - serial: core: Clearing the circular buffer before NULLifying it (bsc#1012628). - serial: core: Fix regression when runtime PM is not enabled ... changelog too long, skipping 185 lines ... - commit 5cd3298 ==== kf6-attica ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6Attica6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * modernize: don't else after return * provider: document default ctor * providermanager: remove unused function with typo * postfiledata: simplify private * modernize: use unique_ptr for privates * basejob: don't leave dangly pointers * platformdependent: v3 ==== kf6-baloo ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-baloo-file kf6-baloo-imports kf6-baloo-kioslaves libKF6Baloo6 libKF6BalooEngine6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * Don't kill the lock file, can lead to random corruption (kde#389848) ==== kf6-bluez-qt ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-bluez-qt-imports libKF6BluezQt6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * Fixed min_bitpool and max_bitpool from capabilities where ignored * Port QML module to declarative type registration ==== kf6-breeze-icons ==== Version update (6.1.0 -> 6.2.0) - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * Add support for media-playlist-no-shuffle icon name * Add audio/ogg and audio/x-vorbis+ogg icons * Add audio/vnd.wave MIME type * Remove generic non-symbolic audio and video icons * Add 16 and 22px symbolic versions of some Places icons that were missing (kde#486316) * Add zoom-in-map and zoom-out-map icons along with -symbolic versions * Longer description for the ICONS_LIBRARY option * Add symbolic versions for more USB device style icons * Fix some scale errors (kde#485479) * Fixed input-combo-on.svg colour issue * Add -symbolic symlinks for notification-* icons * Use new `dev.suyu_emu.suyu` id, add symlink for old id * Add accessories-screenshot-tool icon/symlink * [webfont] enable ligatures * gitignore: add VS Code dir * add input-keyboard-color 22px, 32 px ==== kf6-frameworkintegration ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-frameworkintegration-plugin libKF6Style6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-karchive ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6Archive6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * gitignore: add VS Code dir ==== kf6-kauth ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6AuthCore6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-kbookmarks ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6Bookmarks6 libKF6BookmarksWidgets6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-kcmutils ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-kcmutils-imports libKF6KCMUtils6 libKF6KCMUtilsCore6 libKF6KCMUtilsQuick6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * KQuickConfigModule: Don't crash on null object * SimpleKCM: Remove remnants of footerParent * Use ellipsis character instead of three dots * GridDelegate: Port to ComponentBehavior: Bound * GridDelegate: Consolidate code paths for opening a menu * GridDelegate: Don't use qualified property access as appropriate * GridDelegate: Use concrete type for the popup menu * GridDelegate: Use somewhat more consistent ToolTip bindings, remove timeout * components: Drop QML import versions, unify import aliases * components: Guard nullable property access * components: Explicitly specify signal handler arguments * KCModuleQml: Provide a fallback in case a pushed page is not one of magical KCMUtils types * Add API to make header and footer paddings optional * Round all the things consistently * pluginselector: cache delegates ==== kf6-kcodecs ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6Codecs6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * gitignore: add VS Code dir ==== kf6-kcolorscheme ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6ColorScheme6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * gitignore: add VS Code dir ==== kf6-kcompletion ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6Completion6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-kconfig ==== Version update (6.1.0 -> 6.2.0) Subpackages: kconf_update6 kf6-kconfig-imports libKF6ConfigCore6 libKF6ConfigGui6 libKF6ConfigQml6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * avoid allocations while parsing int/float lists * Adapt kdesktopfiletest to QTemporaryFile behavior change * Guard header with an ifndef and include moc generates sources in the cpp file * autotests: Don't use a timeout in testLocalDeletion * Adjust kconfig_compiler autotests to include a version without kcfgc * Add a CMake function to add a kcfg file without kcfgc * gitignore: add VS Code dir ==== kf6-kconfigwidgets ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6ConfigWidgets6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * KConfigDialogManager: port to non-deprecated QCheckBox signal * KCommandBar: Better UI * KRecentFilesAction: Load mimeType and action lazily * Remove forward declaration of KToggleAction * Test that an invalid language gives the empty string * gitignore: add VS Code dir ==== kf6-kcoreaddons ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-kcoreaddons-imports libKF6CoreAddons6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * Replace KAboutDialog with KAboutApplicationDialog * gitignore: add VS Code dir ==== kf6-kcrash ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6Crash6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * gitignore: add VS Code dir ==== kf6-kdbusaddons ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-kdbusaddons-tools libKF6DBusAddons6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-kdeclarative ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-kdeclarative-imports libKF6CalendarEvents6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-kded ==== Version update (6.1.0 -> 6.2.0) - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-kdesu ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6Su6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-kdnssd ==== Version update (6.1.0 -> 6.2.0) - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-kdoctools ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6DocTools6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-kfilemetadata ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6FileMetaData3 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * API dox: add some minimal info to undocumented classes * UserMetadata: return errors when xattr ops fails * Value is already default timeout value in QT6 framework * [XmlExtractor] Add support for compressed SVGs * [XmlExtractorTest] Move Test class declaration to source file * [Office2007Extractor] Reuse DublinCoreExtractor, fix namespace handling * [DublinCoreExtractor] Add CreationDate (dc::created) support * [DublinCoreExtractor] Skip properties from empty elements, cleanup * Move date parser helper out of ExtractorPlugin, clean it up * [TaglibExtractor] Include vnd.audible.aaxc audio books in supported types * [Test] Include vnd.audible.aax audio books in coverage tests * [TaglibWriterTest] Move test class declaration to source file, cleanup * [TaglibExtractor|Writer] Fix mimetypes ==== kf6-kglobalaccel ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6GlobalAccel6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * Port q->connect to QObject::connect * Fix connection lifetime issue ==== kf6-kguiaddons ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6GuiAddons6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * recorder/kkeysequencerecorder: conform to KKeyServer changes * gitignore: add VS Code dir ==== kf6-kholidays ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-kholidays-imports libKF6Holidays6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * Latvia holiday grammar corrections * Update holiday_bd_en ==== kf6-ki18n ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6I18n6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * gitignore: add VS Code dir ==== kf6-kiconthemes ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-kiconthemes-imports libKF6IconThemes6 libKF6IconWidgets6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * allow to configure if we register our icon plugin for SVGs * Port QML module to declarative type registration * Fix typo in BreezeIcons::initIcons loading * gitignore: add VS Code dir * Set QML module base version to 1.0 ==== kf6-kidletime ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-kidletime-plugins libKF6IdleTime6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-kio ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6KIO6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * [kfilefilter] Consider mime globs valid * kfileitemtest: add basic tests for dir * file_unix: don't call QMimeDatabase::mimeTypeForFile for directories * widgetsaskuseractionhandler prevent crash when job had no parent widget * PreviewJob: Add file extension to thumbnail temp files (kde#463989) * KFileItem: handle the case parent url path is empty * KFileItemActions: Add logic to order actions between separators (kde#466115) * KFileItem: fix getStatusBarInfo() displaying symlink target as "http:" (kde#475422) * ScopedProcessRunner: support waitForStarted * ScopedProcessRunner: fix use of undeclared identifier 'close' * [ftp] Always use default timeout values * [http] Set error string for ERR_DOES_NOT_EXIST * Force test language to en * knewfilemenu: Add @since 6.2 to the new signals and methods * kfilefilter.h: update API docs * kencodingfiledialog dox: rewrite API dox that refer to removed functions * kfilewidget dox: replace references to setFilter() with setFilters() * Add `EnableRemoteFolderThumbnail` option checking * PreviewJob: Display preview for locally mounted remote directories * knewfilemenu: add isNewDirNameJobRunning * KFilePlacesItem: Show teardown busy indicator during optical media eject * KUrlNavigator: allow adding a badge widget after the breadcrumb * Set ideal case for TwoVectors * udsentry_api_comparison_benchmark: update * kurlnavigatorbutton: prevent * connection: don't queue tasks until OOM * http: Fix parsing DAV:getlastmodified (kde#484671) * kfileitem: Linux, use statx to refresh files (kde#446858) ==== kf6-kirigami ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-kirigami-imports libKirigamiPlatform6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Too many changes since 6.1.0, only listing bugfixes: * Fixed wrong navigation and dialog header button colors (kde#486163) * ContextualHelpButton: remove excess space from tooltip (kde#481817) ==== kf6-kitemmodels ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-kitemmodels-imports libKF6ItemModels6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * Add dependency to QML module * Port to declarative type registration ==== kf6-kitemviews ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6ItemViews6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-kjobwidgets ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6JobWidgets6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-knewstuff ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-knewstuff-imports libKF6NewStuffCore6 libKF6NewStuffWidgets6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Too many changes since 6.1.0, only listing bugfixes: * Show header warning message framelessly (kde#485464) * DownloadItemsSheet: use alternating background colors for legibility (kde#483724) ==== kf6-knotifications ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-knotifications-imports libKF6Notifications6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * Enforce passing tests on Windows ==== kf6-knotifyconfig ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6NotifyConfig6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-kpackage ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6Package6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-kparts ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6Parts6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * Use QUrl::PreferLocalFile for URL emitted with Part::setWindowCaption * Enforce passing tests on Windows ==== kf6-kpty ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6Pty6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-kquickcharts ==== Version update (6.1.0 -> 6.2.0) - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-krunner ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6Runner6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * runnercontext: Fix saving the launch counts * update version for new release * update version for new release * Action: Make bool operator explicit * Fix matchInternalFinished not being emitted in case of dbus errors ==== kf6-kservice ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6Service6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: ==== kf6-kstatusnotifieritem ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6StatusNotifierItem6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-ksvg ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-ksvg-imports libKF6Svg6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * Don't call update on missing marginObject * Make property type fully qualified ==== kf6-ktexteditor ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6TextEditor6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * Fix caret painting for inline notes at the end of line * KateCompletionWidget: Mark function static * KateCompletionModel: remove useless std::as_const * run more tests offscreen * Fix performance with many cursors in a large line * fix test expectations * fix crashs and OOM on load with encoding failures (kde#486195) * a11y: Improve tab order for "Appeareance" -> "Borders" * a11y: Set "Line Height Multiplier" buddy * Fix broken navigation in completion widget with multiple views * Fix clicking in completion * fix textInsertedRange signal for insertText behind last line (kde#483363) ==== kf6-ktextwidgets ==== Version update (6.1.0 -> 6.2.0) - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-kunitconversion ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6UnitConversion6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-kuserfeedback ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-kuserfeedback-imports libKF6UserFeedbackCore6 libKF6UserFeedbackWidgets6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * Fix logging category ==== kf6-kwallet ==== Version update (6.1.0 -> 6.2.0) Subpackages: kwalletd6 libKF6Wallet6 libKF6WalletBackend6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * Fix reply type in portal implementation * kwalletportalsecrets.h: Add missing include * Implement XDG Secrets Portal (kde#466197) ==== kf6-kwidgetsaddons ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6WidgetsAddons6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * KViewStateSerializer: fix docu: setTreeView -> setView * KBusyIndicatorWidget: fix warning when hiding on startup * Introduce KContextualHelpButton * KMessageWidget: Fix handling of palette changes * KMessageWidget: Make sure icon label is always vertically centered * gitignore: add VS Code dir ==== kf6-kwindowsystem ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-kwindowsystem-imports libKF6WindowSystem6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * Port to QNativeInterface::Private::QWaylandWindow * Introduce KXcbEvent to initialize the memory of sent XCB events ==== kf6-kxmlgui ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6XmlGui6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * improve dbus disabling ==== kf6-modemmanager-qt ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6ModemManagerQt6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-networkmanager-qt ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-networkmanager-qt-imports libKF6NetworkManagerQt6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-prison ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-prison-imports libKF6Prison6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-purpose ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-purpose-services libKF6Purpose6 libKF6PurposeWidgets6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * Add pre share hooks * Enforce passing tests on Windows ==== kf6-qqc2-desktop-style ==== Version update (6.1.0 -> 6.2.0) - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * DialogButtonBox: Use largeSpacing as padding * TreeViewDelegate: Fix non-observable modelIndex property getting stuck * [CheckIndicator] Use control as AbstractButton * Add missing dependency to private module * Add QTBUG to comment * Make SwitchIndicator more compiler-friendly * ItemBranchIndicators: Fix uninitialized member variable m_selected * StyleSingleton: Check whether object is qGuiApp * [RadioButton] Use id instead of parent lookup * [TabButton] Fix property type * Apply Kirigami.Units.cornerRadius to default list item background too * gitignore: add VS Code dir * Use consistent radius value from Kirigami.Units.radius ==== kf6-solid ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6Solid6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * remove too aggressive assert (kde#464149) * [StorageAccess] Fix storageAccessFromPath returning unmounted filesystems * [SolidHwTest] Extend FakeHW description with encrypted volume, add tests * [SolidHwTest] Test Device::storageAccessFromPath * [DeviceManager] Remove exists() check from storageAccessFromPath * udisks: Return empty string for "root" clearTextPath (kde#485507) * [SolidHwTest] Remove unnecessary slotPropertyChanged helper, fix bug * [SolidHwTest] Remove setenv wrapper, unnecessary qt_windows.h include * [SolidHwTest] Move test class declaration to source file * udisks2: Add support CanCheck/Check/CanRepair/Repair - Drop patch, merged upstream: * 0001-udisks-Return-empty-string-for-root-clearTextPath.patch ==== kf6-sonnet ==== Version update (6.1.0 -> 6.2.0) Subpackages: kf6-sonnet-imports libKF6SonnetCore6 libKF6SonnetUi6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * Add dependency to QML module * gitignore: add VS Code dir ==== kf6-syndication ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6Syndication6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - No code change since 6.1.0 ==== kf6-syntax-highlighting ==== Version update (6.1.0 -> 6.2.0) Subpackages: libKF6SyntaxHighlighting6 - Update to 6.2.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/6.2.0/ - Changes since 6.1.0: * Support single-quoted strings in MapCSS * Add Syntax Highlighting for Vue Template Files * Add syntax highlighting support for CashScript ==== kirigami-addons6 ==== Version update (1.1.0 -> 1.2.0) - Update to 1.2.0: https://carlschwan.eu/2024/05/09/kirigami-addons-1.2/ * Accessibility fixes * New component: FloatingToolBar ==== krb5 ==== - Remove requires for not used cron - Fix memory leaks, add patch 0009-Fix-three-memory-leaks.patch * CVE-2024-26458, bsc#1220770 * CVE-2024-26461, bsc#1220771 * CVE-2024-26462, bsc#1220772 ==== libarchive ==== Version update (3.7.2 -> 3.7.4) - Update to 3.7.4: * rar: Fix OOB in rar e8 filter (CVE-2024-26256, bsc#1222911) * zip: Fix out of boundary access * 7zip: Limit amount of properties * bsdtar: Fix error handling around strtol() usages * passphrase: Improve newline handling on Windows * passphrase: Never allow empty passwords * rar: Fix "File CRC Error" when extracting specific rar4 archives * xar: Avoid infinite link loop * zip: Update AppleDouble support for directories * zstd: Implement core detection - Update to 3.7.3: * PCRE2 support * add trailing letter b to bsdtar(1) substitute pattern * add support for long options "--group" and "--owner" to tar(1) * Fix possible vulnerability in tar error reporting introduced in f27c173 * ISO9660: preserve the natural order of links * rar5: fix decoding unicode filenames on Windows * rar5: fix infinite loop if during rar5 decompression the last block produced no data * xz filter: fix incorrect eof at the end of an lzip member * zip: fix end-of-data marker processing when decompressing zip archives * multiple bsdunzip(1) fixes * filetime truncation fix on Windows - Fix rpmlint warning about summary being too long ==== libbpf ==== Version update (1.4.0 -> 1.4.1) - update to 1.4.1: * Bug fix release fixing logic around determining whether to autoload SEC("struct_ops") programs in cases when old kernel doesn't support some optional callbacks and user reset them to NULL from BPF skeleton. ==== libcontainers-common ==== Subpackages: libcontainers-default-policy - Introduce new subpackage that ships registries.conf that uses registry.suse.com as the only unqualified registry while pulling images on SL Micro and SP6. (jsc#SMO-376, jsc#PED-8289) ==== libgpg-error ==== Version update (1.48 -> 1.49) - Update to 1.49: * Two new functions to improve the logging interface. The gpgrt_logv_domain is currently the same as gpgrt_logv_prefix but allows to pass a domain string so that in future we will be able to select log output by domain. It also provide a non yet functional feature to include a hex dump. * Add a "trunc" keyword to gpgrt_log_printhex. [rE0a39fbefcb] * Avoid an endless loop in the argparser due to a conf file read error. [rE2dc93cfecc] * Interface changes relative to the 1.48 release: - gpgrt_add_post_log_func NEW. - gpgrt_logv_domain NEW. * Release-info: https://dev.gnupg.org/T7012 ==== libnvme ==== Version update (1.8+0.gbff7dda -> 1.9+0.g80c5cf2) Subpackages: libnvme-mi1 libnvme1 - Update to version 1.9+0.g80c5cf2: * types: Added Command and Feature Lockdown LID * types: add ASQ, ACQ and BPMBL controller properties definitions * types: add controller properties enum documentation * types: fix CRTO.CRIMT mask value definition * tree: use strtou32 to read lba_size * types: Fix PMRWBM register name * examples: fix mi-mctp build warning errors * test: add CSTS.ST, CAP.CPS and CAP.NSSS registers * types: add CAP.CPS and CAP.NSSS definitions * types: add enum nvme_cap documentation * types: Add enum nvme_unit/cmbebs/cmbswtp/flbas/cmic documentation * util: Add string constant for ENVME_CONNECT_IGNORED * tests: Add sample NBFT table with mpath IPv4+IPv6 discovery * types: add controller status shutdown type (CSTS.ST) definition * types: Add enum nvme_csts documentation * types: Add NVME_CMIC definitions * types: Add CMBSWTP property definitions * types: Add NVME_CMBEBS property definitions * types: Fix boot partition read offset (BPROF) mask value * tree: fix mem leak in nvme_ns_init() (bsc#1223331) * fabrics: retry discovery log page when DNR is not set * ioctl: return EPROTO when an NVMe status occurred * linux: Allocate aligned payload for nvme_get_telemetry_log * test: use diff to compare sysfs output * tree: fix lba_count size calculation * tree: Add NVM subsystem controller identifier * test: Add unit test for nvme_id_ns_flbas_to_lbaf_inuse() * types: Fix NVME_CSTS_SHST_MASK definition * util: Fixed nvme_id_ns_flbas_to_lbaf_inuse() * types: Add optional data present filed mask and shift definition * types: Fix EOM header optional data present fields definition * libnvme : record the nvme pci adapter physical slot (bsc#1223208) * sysfs: minimize heap allocations of sysfs paths * json: Fix uninitialized variables * libnvme: add missing symbol nvme_scan_tls_keys * nbft: Whitespace fixes (bsc#1222026) * tests: Add complex NBFT table from Dell R660 (bsc#1222026) * tests: Adapt to added NBFT SSNS flags (bsc#1222026) * nbft: Add SSNS 'discovered' flag (bsc#1222026) * nbft: Add SSNS 'unavailable' flag (bsc#1222026) * doc: Document the NBFT API (bsc#1222026) * ioctl: Move nvme_cmd_dword_fields definitions into header file * types: Add PEL set feature event layout definitions * types: Fix enum nvme_pel_rci documentation error * types: Add boot partition information definitions * types: Add PEL header additional information definitions * fabrics: keyring is a long (bsc#1216982) * config-schema.json.in: tls keys and keyrings are strings (bsc#1216982) * linux: Add nvme_scan_tls_keys() (bsc#1216982) * json: dump TLS key data in PSK interchange format (bsc#1216982) * json: import TLS key from PSK interchange format (bsc#1216982) * json: export TLS key in PSK interchange format (bsc#1216982) * tree: read TLS key in nvme_configure_ctrl() (bsc#1216982) * linux: rework nvme_insert_tls_key_versioned() (bsc#1216982) * linux: add nvme_import_tls_key() (bsc#1216982) * linux: add nvme_export_tls_key() (bsc#1216982) * crc32: Add CRC32 algorithm (bsc#1216982) * linux: add nvme_update_key() (bsc#1216982) * linux: add nvme_read_key() (bsc#1216982) * linux: allow for NULL argument in nvme_lookup_keyring() (bsc#1216982) * log: Respect DEFAULT_LOGLEVEL on uninitialized logging * log: Introduce nvme_get_logging_level() * ioctl: remove incomplete debug logging infrastructure * ioctl: export nvme_submit_passthru{64} as weak symbol * log: move nvme_{set|get}_debug to log.c * fabrics: check the read() return value * types: Add PEL reporting context port identifier type definitions * types: Add persistent event log reporting context definitions - Upstream changed the sysfs test setup, thus sysfs test works in OSB * remove 0001-build-disable-sysfs-test.patch ==== libproxy-backend ==== Version update (0.5.5 -> 0.5.6) - Update to version 0.5.6: + Support XDP Desktop Portal proxy resolver. ==== libproxy-client ==== Version update (0.5.5 -> 0.5.6) - Update to version 0.5.6: + Support XDP Desktop Portal proxy resolver. ==== libqaccessibilityclient-qt6 ==== Version update (0.5.0 -> 0.6.0) - Update to 0.6.0. No changelog. ==== libupnp ==== Version update (1.14.18 -> 1.14.19) Subpackages: libixml11 libupnp17 - Update to release 1.14.19 * Fix some memory allocations in the "TvDevice" example ==== libxslt ==== Subpackages: libexslt0 libxslt-tools libxslt1 - Fix ftbfs with GCC14 (bsc#1220571) * correct libxslt-random-seed.patch to include time.h unconditionally * add gcc14-runtest-no-const.patch ==== llvm18 ==== Version update (18.1.4 -> 18.1.5) - Update to version 18.1.5. * This release contains bug-fixes for the LLVM 18.1.0 release. This release is API and ABI compatible with 18.1.0. - Rebase llvm-do-not-install-static-libraries.patch. ==== mobile-broadband-provider-info ==== Version update (20230416 -> 20240407) - Update to version 20240407: + Switch to meson + Support MMS attachment size + New providers: - uk: Lebara + Updated providers: - in: Multiple providers - uk: Superdrug + Voicemail fixes: - au:Vodafone - us:AT&T - fr:FreeMobile - Add meson BuildRequires: follow upstreams port to meson. - Drop libtool BuildRequires: no longer needed with meson. - Replace configure/make/make_install macros by the meson equivalents meson/meson_build/meson_install. - Enable test suite. - BuildRequire libxml2-tools, needed by the tests. - Update to version 20240407: * Release 20240407 * build: Drop autoconf * ci: Use meson instead of autoconf * build: Switch to meson * ci: Switch to recent Debian * gb: Add voicemail for Superdrug * in: cleanup dead providers and update new and existing * Add voicemail for Vodafone AU * USA: Change AT&T Visual Voicemail Protocol to ios * Providers with mccmnc 310260: add primary attributes * fr: change Free Mobile standard to iOS * dtd: add iOS standard and references to visual voicemail * Lebara UK: Add maximum MMS size * serviceproviders.2.dtd: Add support for MMS size in bytes * Add Lebara UK Provider * gb: Update Superdrug's MMS proxy ==== mutter ==== Version update (46.0 -> 46.1) - Update to version 46.1: + Implement linux-drm-syncobj-v1. + Fix input lag on X11 nvidia. + Fix scanout on secondary GPUs. + Don't apply max-render-time to secondary GPUs. + Fix reusing single-pixel buffers. + Improve scanout candidate check. + Always use logical pixels for. + Fix modifiers getting stuck during grabs. + Fix night-light on displays without EDID. + Fix secondary GPU acceleration with nvidia driver. + Fix some XWayland clients being partially click-through. + Fix initial suspended state. + Fixed crashes. + Misc. bug fixes and cleanups. + Updated translations. - Drop mutter-fix-front-buffer-lock.patch and 0001-Revert-clutter-stage-Avoid-queueing-stage-updates-wh.patch: fixed upstream. - Add 0001-Revert-clutter-stage-Avoid-queueing-stage-updates-wh.patch: Reverting commit 261f516a to fix black screen on Xorg when logging in or logging out (glgo#GNOME/mutter#3452 bsc#1222612). ==== nautilus ==== Version update (46.0 -> 46.1) Subpackages: gnome-shell-search-provider-nautilus libnautilus-extension4 - Update to version 46.1: + Bugfixes: - Create archive with Enter on Compress dialog. - Move focus correctly when item is removed. - View performance optimization. - Fix crash when compressing a file and a folder. - Don't show banners in global search. - Preserve permissions when copying from read-only file systems. - Disable non-working global search from Other Locations. + Updated translations. ==== ncurses ==== Version update (6.4.20240414 -> 6.5.20240427) Subpackages: libncurses6 ncurses-utils terminfo-base - Make verify the patches an optional task for local builds only - Add ncurses patch 20240504 + update ncurses/wcwidth.c, for MinGW ports, from xterm. + trim obsolete comment about tack from INSTALL. - Verify also every patch - Update to ncurses 6.5 (patch 20240427) + update announcement + fixes/corrections for manpages (patches by Branden Robinson). + fix redefinition of CASTxPTR, for legacy Unix. - Update to tack 1.9 (patch 20230201) * configure: regen * configure.in: initialize $ac_includes_default s/fgrep/$FGREP/ * aclocal.m4: resync with my-autoconf - Add ncurses patch 20240420 + improve formatting/style of manpages (patches by Branden Robinson). + compiler warning/portability fixes. ==== nvme-cli ==== Version update (2.8 -> 2.9.1) - Update to version 2.9.1: * plugins/spdk: drop the plugin - Update to version 2.9: * nvme-print: expand the maximum field length to prevent misalignment * plugins/spdk: plugin to list SPDK subsystems * nvme-print: check if controller belong to SPDK * plugins/spdk: plugin to list SPDK controllers * nvme-print-stdout: fix ASQB, ACQB and BMBBA prints * build: bump libnvme wrap * nvmf-autoconnect: fix string encoding * nvme: identify primary ctrl do not accept nsid * nvme-wrap: remove unused nvme_cli_get_log_ana_groups() * nvme-print-json: use admin queue attributes definitions * nvme-print-json: use CSTS definitions * nvme-print-stdout: use POWER_OF_TWO macro * nvme-print-json: use controller configuration definitions * nvme-print-json, nvme-print-stdout: add tertiary version number * nvme-print-json: use NVME_MAJOR and NVME_MINOR definitions * nvme-print-json: use NVME_BOOT_PARTITION_INFO field definitions * nvme-print-json: add support telemetry log create event in PEL * nvme-print-json: add support set feature event in PEL * nvme-print-json: add obj_d() function * nvme-print-json: add obj_add_uint_0nx() function * meson.build: Fix spelling of sed-opal.h filename * sed_opal: Only build when we really have sed_opal headers * nvme: fix error path if write() fails in get_telemetry_log() * plugins/solidigm: Additional LID for temperature statistics. * plugins/solidigm: Improved Solidigm UUID index detection. * nvme-print-stdout: Add CSTS.ST register stdout print * nvme-print-stdout: Use NVME_CMIC definitions * nvme-print: Use NVME_UNIT definitions * nvme-print-stdout: Use NVME_CMBMSC/STS/EBS/SWTP definitions * plugins/ssstc: add a new plugin for SSSTC driver * nvmf-connect: systemd hardening effort * plugins/ocp: Adjusted variable type size carrying UUID index to 8 bit. * nvme: fix security buffer allocation size * nvme: Change fw-download xfer initialization to set 0 * nvme: Add fw-download warning message for FWUG alignment error * plugins/ocp: Split ocp_get_uuid_index() into find and get functions. * nvme: fix mem leak in multiple key related functions (bsc#1223331) * fabrics: fix mem leak in nvmf_check_hostid_and_hostnqn() (bsc#1223331) * nvme-print-stdout: Use NVME_BPRSEL definitions * nvme-print-stdout: Use NVME_BPINFO definitions * nvme-print-stdout: Use NVME_CMBSZ definitions * nvme-print-stdout: Use NVME_CMBLOC definitions * Revert "logging: fix error handling for ioctl passthru wrappers" * fabrics: align identify command payload * ocp: Unify line start spacing as tabs * ocp: support OCP DSSD Async Event Config feature * nvme: Add support for get-reg and set-reg commands * nvme-print-json: Add register print functions * nvme-print-stdout: Add register print functions * nvme-print: Add register print functions * nvme: Refactor mmap_registers to add writable parameter * nvme-print: Change PMRSZU string function as unit string * nvme-print: Refactor CMBLOC and PMRSTS registers function * logging: fix error handling for ioctl passthru wrappers * nbft: Fix scandir() error check * nbft: Refactor connection attempt out * nvme-print: Use EOM optional data present macros changed * nvme-print: Print cntlid number for controller * nvme: check-tls-key fails despite having hostnqn file (bsc#1223331) * nvme: print retained key for gen-tls-key's -i option too (bsc#1223331) * fabrics : allow host to create duplicate connections to target * fabrics: Fix fast_io_fail_tmo option * nvme-print-stdout: use admin queue attributes definitions * nvme-print-stdout: use CSTS definitions * nvme-print-stdout: use controller configuration definitions * nvme-print-stdout: use NVME_MAJOR and NVME_MINOR definitions * nvme-print-stdout: use FDP configuration attributes definitions * nvme: add new function 'tls_key' * nvme: use library functions for importing and exporting TLS keys (bsc#1216982) * nvme: extend error message for ns scan failures * nvme-print-json: Bugfix status json key of sanitize-log * sed: update SED password when initalizing (bsc#1222168) * plugins/memblaze: add performance stats * plugins/memblaze: fix code mis-type error * plugins/memblaze: code refactor on applying __packed on more structs * plugins/memblaze: code refactor on using cleanup_nvme_dev * nvme: Fix to cleanup free raw_secret memory allocated * plugins/memblaze: code-format on leading indent and align * plugins/wdc: Fix narrow index variable type in for loop to __u32 * plugins/wdc: Whitespace changes * nvme: Delete unused nvme root scanned * ocp: support OCP 2.5 Set Telemetry Profile feature * nvme: Don't seg fault if given device is not char/block device * nbft: Include SSNS index in error messages (bsc#1222026) * nbft: Pause logging for expected connection failures (bsc#1222026) * nbft: Silence connection failures for unavailable SSNS (bsc#1222026) * nbft: Fix 'verbose' argument type (bsc#1222026) * plugins/nbft: Implement verbose logging * plugins/nbft: Print the new SSNS flags * nbft: Fix uninitialized variable * plugins/nbft: Fix uninitialized variables * plugins/sed: Fix uninitialized variable * nvme-print-stdout: Fix uninitialized variable * nvme-print-json: Fix uninitialized variable * build: Switch default meson buildtype to 'debugoptimized' * nvme: do not scan topology when mmaping registers ... changelog too long, skipping 53 lines ... * remove 0100-harden_nvmf-connect@.service.patch ==== openssl-3 ==== Subpackages: libopenssl3 - Enable livepatching support (bsc#1223428) - Add ktls capability [bsc#1216950] Already added in January, but not mentioned in this changelog. - Security fix: [bsc#1222548, CVE-2024-2511] * Fix unconstrained session cache growth in TLSv1.3 * Add openssl-CVE-2024-2511.patch ==== osinfo-db ==== - bsc#1222738 - virt-manager shows SLE Micro 6.0 in suggested OS version should be SL Micro 6.0 add-slm6.0-support.patch Drop add-slem6.0-support.patch ==== passt ==== Version update (20240405.954589b -> 20240426.d03c4e2) Subpackages: passt-selinux - Specify version for make_build so that passt reports its version correctly, fixes bsc#1223853 - Update to version 20240426.d03c4e2: * netlink: Use IFA_F_NODAD also while duplicating addresses from the host * netlink: For IPv4, IFA_LOCAL is the interface address, not IFA_ADDRESS * test: Make log truncation test more robust * test: Slight simplification to pasta log tests * udp: Correctly look up outbound socket with port remappings * tcp: Replace TCP buffer structure by an iovec array * conf: Don't fail if the template interface doesn't have a MAC address * conf: We're interested in the MAC address, not in the MAC itself * pasta, util: Align stack area for clones to maximum natural alignment * treewide: Compilers' name for armv6l and armv7l is "arm" ==== patterns-base ==== Subpackages: patterns-base-base patterns-base-bootloader patterns-base-minimal_base patterns-base-x11 - Update Summary for generic_desktop pattern: make clear that this is based on IceWM (boo#1221320). ==== pcre2 ==== Subpackages: libpcre2-16-0 libpcre2-8-0 ==== pcsc-lite ==== Version update (2.0.3 -> 2.1.0) - Update the spec for building with version 2.1.0 - version 2.1.0 * LIBPCSCLITE_DELEGATE is used to redirect to another libpcsclite library * setup_spy.sh displays the LIBPCSCLITE_DELEGATE value to use for spying * provides libfake.c as a sample source code * Some other minor improvements- ==== pipewire ==== Version update (1.0.5 -> 1.0.5+git36.60deeb2) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Update to version 1.0.5+git36.60deeb2 to fix several crashes, NULL checks, format strings and other issues: * spa: libcamera: fix RGB mappings * pw-dump: destroy all objects not just those matching the pattern * pw-dump: fix string memory leak on error * json: fix high surrogate escapes * core: handle import errors better * gst/src: fix crash when current_caps is NULL * gst/src: Avoid unnecessary renegotiations during streaming * gst/src: Cleanups for src_negotiate() * pw-mon: fix type confusion in core event handler * gst: fix stream params memory leak * gst: handle some more errors * treewide: fix errno assignments * alsa-pcm: don't force quantum for iec958 formats * journal: prepend code location to messages at debug log levels * module-rt: fix compiler warning * filter-chain: fix arguments of calloc * combine-stream tag forward * Add album to tag metadata * impl-node: avoid bitfield races * treewide: fix some format string issues * conf: warn when match actions are missing * module-protocol-simple: handle 'node.name' property * module-ffado: only start after ports are configured * context: fill basic properties early * combine-stream: fix latency-compensate with resample.disabled=true * profiler: remove unused data-loop * v4l2: fix printf format * spa: v4l2: encode device id into a json array * spa: libcamera: encode device ids into a json array * impl-port: avoid doing work when the port is destroyed * impl-port: use 0 size when clearing IO * stream: log a warning when media.class and direction mismatch * module-loopback: only enable delay with valid rate and channels * alsa: fix race when updating the eventfd * audioconvert: also clamp monitor volume to min/max * combine-stream: actually make use of resample.disable ==== pixman ==== Version update (0.43.2 -> 0.43.4) - Update to version 0.43.4 + Fix incorrect compositing on big-endian architectures. + Allow building on clang/arm32. ==== podman ==== - convert to using obs_scm ==== polkit-default-privs ==== Version update (1550+20240325.eddbe04 -> 1550+20240430.5327266) - Update to version 1550+20240430.5327266: * profiles: whitelist dnf5daemon-server (bsc#1218327) * profiles: remove pseudo auth action kcmkwallet5 (bsc#1217190) ==== python-Jinja2 ==== Version update (3.1.3 -> 3.1.4) - update to 3.1.4 (bsc#1223980, CVE-2024-34064): * The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. ==== python-cryptography ==== Version update (42.0.5 -> 42.0.6) - update to 42.0.6: * Fixed compilation when using LibreSSL 3.9.1. ==== python-jsonschema ==== Version update (4.21.1 -> 4.22.0) - update to 4.22.0: * Improve best_match (and thereby error messages from jsonschema.validate) in cases where there are multiple sibling errors from applying anyOf / allOf -- i.e. when multiple elements of a JSON array have errors, we now do prefer showing errors from earlier elements rather than simply showing an error for the full array (#1250). * (Micro-)optimize equality checks when comparing for JSON Schema equality by first checking for object identity, as == would. ==== python-referencing ==== Version update (0.34.0 -> 0.35.1) - Update to version 0.35.1: * Make Resource.pointer also properly handle empty pointers (which refer to the root document). This fix likely only affects you if you were using that function directly, as Resource.lookup already handles empty fragments. - Update to version 0.35.0: * Make Registry.contents raise NoSuchResource when needed. * Update pre-commit hooks. * Run coverage with 3.12 * Try convincing RTD to use uv. * uv and minor workflow tweaks * Use uv for envs, particularly the requirements env. * [pre-commit.ci] pre-commit autoupdate * Whatever pyright regression was present is still present. * [pre-commit.ci] pre-commit autoupdate * Bump suite from `71c85d0` to `87851a6` * Bump suite from `d3fdf35` to `71c85d0` * Bump suite from `e3fe0aa` to `d3fdf35` ==== python311 ==== - Update CVE-2023-52425-libexpat-2.6.0-backport.patch so that it uses features sniffing, not just comparing version number. Include also support-expat-CVE-2022-25236-patched.patch. - Add CVE-2023-52425-remove-reparse_deferral-tests.patch skipping failing tests. - Refresh patches: - CVE-2023-27043-email-parsing-errors.patch - fix_configure_rst.patch - skip_if_buildbot-extend.patch - Remove included patch: - support-expat-CVE-2022-25236-patched.patch ==== python311-core ==== Subpackages: libpython3_11-1_0 python311-base - Update CVE-2023-52425-libexpat-2.6.0-backport.patch so that it uses features sniffing, not just comparing version number. Include also support-expat-CVE-2022-25236-patched.patch. - Add CVE-2023-52425-remove-reparse_deferral-tests.patch skipping failing tests. - Refresh patches: - CVE-2023-27043-email-parsing-errors.patch - fix_configure_rst.patch - skip_if_buildbot-extend.patch - Remove included patch: - support-expat-CVE-2022-25236-patched.patch ==== qemu ==== Version update (8.2.2 -> 8.2.3) - Fix a build issue on riscv: * target/riscv/kvm: rename riscv_reg_id() to riscv_reg_id_ulong() * target/riscv/kvm: add RISCV_CONFIG_REG() * target/riscv/kvm: change timer regs size to u64 * target/riscv/kvm: change KVM_REG_RISCV_FP_D to u64 * target/riscv/kvm: change KVM_REG_RISCV_FP_F to u32 - Update to version 8.2.3. Full changelog/backports here: https://lore.kernel.org/qemu-devel/1713980341.971368.1218343.nullmailer@tls… Some of the upstream backports are: * Update version for 8.2.3 release * ppc/spapr: Initialize max_cpus limit to SPAPR_IRQ_NR_IPIS. * ppc/spapr: Introduce SPAPR_IRQ_NR_IPIS to refer IRQ range for CPU IPIs. * hw/pci-host/ppc440_pcix: Do not expose a bridge device on PCI bus * hw/isa/vt82c686: Keep track of PIRQ/PINT pins separately * virtio-pci: fix use of a released vector * linux-user/x86_64: Handle the vsyscall page in open_self_maps_{2,4} * hw/audio/virtio-snd: Remove unused assignment * hw/net/net_tx_pkt: Fix overrun in update_sctp_checksum() * hw/sd/sdhci: Do not update TRNMOD when Command Inhibit (DAT) is set * hw/net/lan9118: Fix overflow in MIL TX FIFO * hw/net/lan9118: Replace magic '2048' value by MIL_TXFIFO_SIZE definition * backends/cryptodev: Do not abort for invalid session ID * hw/misc/applesmc: Fix memory leak in reset() handler * hw/block/nand: Fix out-of-bound access in NAND block buffer * hw/block/nand: Have blk_load() take unsigned offset and return boolean * hw/block/nand: Factor nand_load_iolen() method out * qemu-options: Fix CXL Fixed Memory Window interleave-granularity typo * hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs * hw/char/virtio-serial-bus: Protect from DMA re-entrancy bugs * hw/display/virtio-gpu: Protect from DMA re-entrancy bugs * ...and many more... ==== qt6-base ==== Subpackages: libQt6Concurrent6 libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6OpenGLWidgets6 libQt6PrintSupport6 libQt6Sql6 libQt6Test6 libQt6Widgets6 libQt6Xml6 qt6-network-tls qt6-networkinformation-glib qt6-networkinformation-nm qt6-printsupport-cups qt6-sql-sqlite - Add upstream security fix (CVE-2024-33861): * 0001-QStringConverterICU-Pass-correct-pointer-to-callback.patch ==== re2 ==== Version update (20240401 -> 20240501) - update to 2024-05-01: * Stop setting re2_INCLUDE_DIR * Fixes related to python bindings ==== rebootmgr ==== Version update (2.4 -> 2.4+git20240503.5b98913) - Remove rcrebootmgr symlink - Update to version 2.4+git20240503.5b98913: * Don't generate html documentation anymore * Fix manual page dependencies for parallel build * Update configure.ac * Fix soft-reboot detection in forced mode ==== rust-keylime ==== Version update (0.2.4~0 -> 0.2.5~0) - Update to version 0.2.5~0: * Bump version to 0.2.5 * cargo: Relax required version for pest crate * build(deps): bump log from 0.4.20 to 0.4.21 * build(deps): bump thiserror from 1.0.56 to 1.0.59 - actix-web update moves rustls as feature (bsc#1223234, CVE-2024-32650) - Update to version 0.2.4~39: * build(deps): bump openssl from 0.10.63 to 0.10.64 * build(deps): bump h2 from 0.3.24 to 0.3.26 * build(deps): bump serde_json from 1.0.107 to 1.0.116 * build(deps): bump actix-web from 4.4.1 to 4.5.1 * crypto: Enable TLS 1.3 * build(deps): bump tempfile from 3.9.0 to 3.10.1 * build(deps): bump mio from 0.8.4 to 0.8.11 * enable hex values to be used for tpm_ownerpassword * config: Support IPv6 with or without brackets * keylime: Implement a simple IP parser to remove brackets * crypto: Implement CertificateBuilder to generate certificates * tests: Fix coverage download by supporting arbitrary URL * cargo: Add testing feature to keylime library * Set X509 SAN with local DNSname/IP/IPv6 * Include newest Node20 versions for Github actions * tpm: Add unit test for uncovered public functions * crypto: Implement ECC key generation support * crypto: Add test for match_cert_to_template() * Fix minor typo, format and remove end whitespaces * crypto: Make error types less specific * tests/run.sh: Run tarpaulin with a single thread * payloads: Remove explicit drop of channel transmitter * crypto: Move to keylime library * crypto: Add specific type for every possible error * tpm: Rename origin of error as source in structures * list_parser: Add source for error for backtrace * algorithms: Make errors more specific * typo fix for default path to measured boot log file * README: remove mentions of libarchive as a dependency * Dockerfile.wolfi: Update clang to version 17 * docker: Remove libarchive as a dependency * rpm: Remove libarchive from dependencies * cargo: Replace compress-tools with zip crate * cargo: Bump ahash to version 0.8.7 * build(deps): bump serde from 1.0.195 to 1.0.196 * build(deps): bump libc from 0.2.152 to 0.2.153 * build(deps): bump reqwest from 0.11.23 to 0.11.24 * docker: Install configuration file in the correct path * config: Make IAK/IDevID disabled by default ==== sdbootutil ==== Version update (1+git20240410.3325802 -> 1+git20240506.573a6a4) Subpackages: sdbootutil-rpm-scriptlets sdbootutil-snapper - Update to version 1+git20240506.573a6a4: * Don't try to mess with overlayfs inside transaction * .spec - requires: dialog ==== sddm ==== - Drop the empty branding-upstream subpackages (boo#1224063) ==== sddm-qt6 ==== Subpackages: sddm-greeter-qt6 - Drop the empty branding-upstream subpackages (boo#1224063) ==== setools ==== Version update (4.5.0 -> 4.5.1) - Update to version 4.5.1: - Correct annotations of NetworkX types to make it optional again. - Fix packaging issue for apol's style sheet (apol.css). - Drop 0001-Make-networkx-optional-again-Fixes-125.patch fixed upstream - Change networkx Requires to Suggests ==== slirp4netns ==== Version update (1.2.3 -> 1.3.0) - New upstream release 1.3.0 * Support new `--netns-type=tapfd` (#340, thanks to @helmutg) * Do not leak socket in case of success (#339, thanks to @jnovy) ==== sof-firmware ==== Version update (2023.12.1 -> 2024.03) - Add a workaround for installation error due to the change of intel/sof-ace-tplg directory to a symlink - update to 2024.03: * For v2.9 series, the following new topology files have been added since v2.8: v2.9.x/sof-ipc4-tplg-v2.9 âââ sof-hda-generic-ace1-2ch.tplg âââ sof-hda-generic-ace1-4ch.tplg âââ sof-hda-generic-cavs25-2ch.tplg âââ sof-hda-generic-cavs25-4ch.tplg âââ sof-mtl-es83x6-ssp1-hdmi-ssp02.tplg âââ sof-mtl-hdmi-ssp02.tplg * For v2.2.8 series, the following new topology files have been added since v2.2.8 âââ sof-adl-es8336-ssp1-hdmi-ssp02-4ch.tplg âââ sof-adl-sdw-cs42l42-4ch.tplg ==== sqlite3 ==== Version update (3.45.2 -> 3.45.3) - Update to release 3.45.3: * Fix a long-standing bug (going back to version 3.24.0) that might (rarely) cause the "old.*" values of an UPDATE trigger to be incorrect if that trigger fires in response to an UPSERT. * Reduce the scope of the NOT NULL strength reduction optimization that was added as item 8e in version 3.35.0. The optimization was being attempted in some contexts where it did not work, resulting in incorrect query results. - Add SQLITE_STRICT_SUBTYPE=1 as recommended by upstream. ==== systemd ==== Version update (255.4 -> 255.5) Subpackages: libsystemd0 libudev1 systemd-boot systemd-coredump systemd-experimental udev - Import commit 49fb09fa18a7b81f6b3c3c15aca47fd00940430e (merge of v255.5) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/23b15deb203780580cbfad095ae1071… - Import commit 23b15deb203780580cbfad095ae1071bd2133220 23b15deb20 gpt-auto-generator: be more defensive when checking the presence of ESP in fstab (bsc#1218671) 7ed2979654 journalctl: explicitly check < 0 for error fc5e25d0a0 journalctl: make --until work again with --after-cursor and --lines (bsc#1221906) - Update 0008-sysv-generator-translate-Required-Start-into-a-Wants.patch to adapt sysv-generator-test to the SUSE's specificity brought by this patch. - systemd-testsuite: some of the integration tests depend on the bin, daemon, games and nobody users/groups. - Drop _FORTIFY_SOURCE=2 workaround. Since commit 7929e180aa (v253) it shouldn't be needed anymore. - systemd.spec: preparation for the next version of systemd (i.e. v256), libkmod2 will be dlopened hence explicitly require it now as it doesn't hurt with the current version. However don't recommend it from systemd by assuming that when module loading from PID1 is needed, udev is installed. - Make systemd-doc subpackage noarch. ==== systemd-presets-branding-Aeon ==== - Enable x86_64_v3-transactional-update.service for automated refresh of x86_64_v3 optimised libraries. Service automatically does not run on non v3 systems. - Remove redundant services formerly from MicroOS - Remove sshd from presets (we're a desktop OS) ==== taglib ==== - USe %autosetup macro: allows us to eliminate usage of deprecated %patchN syntax. ==== thin-provisioning-tools ==== - Update vendored dependencies ==== tpm2-0-tss ==== Version update (4.0.1 -> 4.1.0) Subpackages: libtss2-esys0 libtss2-fapi-common libtss2-fapi1 libtss2-mu0 libtss2-rc0 libtss2-sys1 libtss2-tcti-device0 libtss2-tctildr0 Update to version 4.1: + Security - Fixed CVE-2024-29040 (bsc#1223690) + Fixed - fapi: Fix length check on FAPI auth callbacks - mu: Correct error message for errors - tss2-rc: fix unknown laer handler dropping bits. - fapi: Fix deviation from CEL specification (template_value was used instead of template_data). - fapi: Fix json syntax error in FAPI profiles which was ignored by json-c. - build: fix build fail after make clean. - mu: Fix unneeded size check in TPM2B unmarshaling. - fapi: Fix missing parameter encryption. - build: Fix failed build with --disable-vendor. - fapi: Fix flush of persistent handles. - fapi: Fix test provisioning with template with self generated certificate disabled. - fapi: Fix error in Fapi_GetInfo it TPM supports SHA3 hash algs. - fapi: Revert pcr extension for EV_NO_ACTION events. - fapi: Fix strange error messages if nv, ext, or policy path does not exits. - fapi: Fix segfault caused by wrong allocation of pcr policy. - esys: Fix leak in Esys_EvictControl for persistent handles. - tss2-tcti: tcti-libtpms: fix test failure on big-endian platform. - esys: Add reference counting for Esys_TR_FromTPMPublic. - esys: Fix HMAC error if session bind key has an auth value with a trailing 0. - fapi: fix usage of self signed certificates in TPM. - fapi: Usage of self signed certificates. - fapi: A segfault after the error handling of non existing keys. - fapi: Fix several leaks. - fapi: Fix error handling for policy execution. - fapi: Fix usage of persistent handles (should not be flushed) - fapi: Fix test provisioning with template (skip test without self generated certificate). - fapi: Fix pcr extension for EV_NO_ACTION - test: Fix fapi-key-create-policy-signed-keyedhash with P_ECC384 profile - tcti_spi_helper_transmit: ensure FIFO is accessed only after TPM reports commandReady bit is set - fapi: Fix read large system eventlog (> UINT16_MAX). - esys tests: Fix layer check for TPM2_RC_COMMAND_CODE (for /dev/tpmrm0) - test: unit: tcti-libtpms: fix test failed at 32-bit platforms. - fapi: Fix possible null pointer dereferencing in Fapi_List. - sys: Fix size check in Tss2_Sys_GetCapability. - esys: Fix leak in Esys_TR_FromTPMPublic. - esys: fix unchecked return value in esys crypto. - fapi: Fix wrong usage of local variable in provisioning. - fapi: Fix memset 0 in ifapi_json_TPMS_POLICYNV_deserialize. - fapi: Fix possible out of bound array access in IMA parser. - tcti device: Fix possible unmarshalling from uninitialized variable. - fapi: Fix error checking authorization of signing key. - fapi: Fix cleanup of policy sessions. - fapi: Eventlog H-CRTM events and different localities. - fapi: Fix missing synchronization of quote and eventlog. - faii: Fix invalid free in Fapi_Quote with empty eventlog. + Added - tcti: LetsTrust-TPM2Go TCTI module spi-ltt2go. - mbedtls: add sha512 hmac. - fapi: Enable usage of external keys for Fapi_Encrypt. - fapi: Support download of AMD certificates. - tcti: Add USB TPM (FTDI MPSSE USB to SPI bridge) TCTI module. - fapi: The recreation of primaries (except EK) in the owner hierarchy instead the endorsement hierarchy is fixed. - rc: New TPM return codes added. - fapi: Further Nuvoton certificates added. - tpm_types/esys: Add support for Attestable TPM changes in latest TPM spec. - tcti: Add '/dev/tcm0' to default conf - fapi: New Nuvoton certificates added. - esys: Fix leak in Esys_TR_FromTPMPublic. + Removed - Testing on Ubuntu 18.04 as it's near EOL (May 2023). - tpm2-tss.keyring: added Andreas Fuchs 0x8F4F9A45D7FFEE74 key, documented in upstream repo, which was used for signing this new release tarball. - add new sub-package libtss2-tcti-spidev0: TCTI for communicating with a TPM connected directly via SPI. - add new sub-package libtss2-tcti-i2c-helper0: TCTI for communicating with a TPM connected directly via I2C. ==== tpm2.0-tools ==== Version update (5.6 -> 5.7) Update to version 5.7: + Security - Fixed CVE-2024-29038 (bsc#1223687) - Fixed CVE-2024-29039 (bsc#1223689) + Fixed - Fix eventlog test - Fix issues with reading NV indexes - Fix context save error on tpm2_create - tpm2_sessionconfig: fix handling of --disable-continue session so that the subsequent command will not fail - when attempting to context save a flushed session. - detection of functions within libcrypto when CRYPTO_LIBS is set and system has install libcrypto. - tpm2_send: fix EOF detection on input stream. - tpm2_policy.c fix compilation error caused by format directive for size_t on 32 bit systems. - tpm2_nvread: fix input handling no nv index. - Auth file: Ensure 0-termination when reading auths from a file. - configure.ac: fix bashisms. configure scripts need to be runnable with a POSIX-compliant /bin/sh. - cirrus.yml fix tss compilation with libtpms for FreeBSD. - tpm2_tool.c Fix missing include for basename to enable compilation on netbsd. - options: fix TCTI handling to avoid failures for commands that should work with no options. - tpm2_getekcertificate.c Fix leak. ek_uri was not freed if get_ek_server_address failed. + Added - Add the possibility for autoflush (environment variable "TPM2TOOLS_AUTOFLUSH", or -R option) + Removed - Testing on Ubuntu 18.04 as it's near EOL (May 2023).m2_policy.c fix compilation error caused by format directive for size_t on 32 bit systems. - tpm2_nvread: fix input handling no nv index. - tpm2-tools.keyring: added Andreas Fuchs 0x8F4F9A45D7FFEE74 key, documented in upstream repo, which was used for signing this new release tarball. ==== tracker ==== Version update (3.7.1 -> 3.7.3) Subpackages: libtracker-sparql-3_0-0 tracker-data-files - Update to version 3.7.3: + Bump database version to fix SQLite 3.45.3 issues in existing installs. + Fixed possible infinite loop on incomplete/unterminated Turtle/Trig data. - Update to version 3.7.2: + Fix runtime issue introduced by SQLite 3.45.3. + Fix possible inconsistency in the handling of DELETE WHERE queries. + Updated translations. ==== tracker-miners ==== Version update (3.7.1 -> 3.7.3) Subpackages: tracker-miner-files - Update to version 3.7.3: + Fix possible crashes handling live changes to extractor configuration. + Make it easier to run tracker-extract-3 under Valgrind. + Plug a leak on misdetected JPEG files. + Many further metadata extraction tests. - Update to version 3.7.2: + Fixes to data deletion after removing an indexed folder from configuration. + Fixed glib/inotify based monitors to not follow symlinks in some circumstances. + Added a build-time option for fanotify. + Fix build with musl libc. + Updated translations. ==== transactional-update ==== Version update (4.6.6 -> 4.6.8) Subpackages: dracut-transactional-update libtukit4 transactional-update-zypp-config tukit - Version 4.6.8 - tukit: Properly handle overlay syncing failures: If the system would not be rebooted and several snapshots accumulated in the meantime, it was possible that the previous base snapshot - required for /etc syncing - was deleted already. In that case changes in /etc might have been reset. [gh#openSUSE/transactional-update#116] [gh#kube-hetzner/terraform-hcloud-kube-hetzner#1287] - soft-reboot: Log requested reboot type - soft-reboot: Don't force hard reboot on version change only - Version 4.6.7 - Add support for snapper 0.11.0; also significantly decreases cleanup time [boo#1223504] ==== util-linux ==== Version update (2.39.3 -> 2.40.1) Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 - Update to version 2.40.1 * agetty: don't overwrite TERM passed by the user * fsck.minix: fix possible overrun * libblkid: fix segfault when blkid.conf doesn't exist * libfdisk: add initializer to geometry * libmount: fix access check for utab in context * libmount: fix umount --read-only * lsns: fix netns use - Drop skip-lsfd-tests-PR2888.patch, was a backport - Don't delete binaries not common for all architectures. Create an util-linux-extra subpackage instead, so users of third party tools can use them. (bsc#1222285) - Added static_lib.patch to resolve build failure when using libblkid.pc in --static mode - Add new lastlog2 sub-package (to solve migration problems due to rpm %post/%postun ordering) * Add pam-config calls to enable pam_lastlog2 * Add lastlog2.conf systemd-tmpfile to create database directory - Skip tests marked as ts_skip_qemu_user when running under qemu - Mark racy lslocks test as known fail - Re-enable lsfd tests using mkfds, as it is fixed now. - liblastlog2-devel: * Obsolete/provide lastlog2-devel for migration * Add header file to filelist - Update to release 2.40 * Add lastlog2 * agetty: Load autologin user from agetty.autologin credential * agetty: use get_terminal_default_type() * agetty: use sd_get_sessions() for number of users (#2088) * blockdev: add support for BLKGETZONESZ * cfdisk: ask y/n before wipe * cfdisk: properly handle out-of-order partitions during resize * chcpu: document limitations of -g * chsh: use libeconf to read /etc/shells * column: fix -l * column: fix memory leak * dmesg: fix FD leak * dmesg: fix delta calculation * dmesg: fix wrong size calculation * dmesg: support reading kmsg format from file * enosys: a new small command to make syscalls fail with ENOSYS * exch: new command to atomically exchanges paths between two files * fdisk: add support for partition resizing * fdisk: remove usage of VLA * fincore: add --output-all * findmnt: add --list-columns * findmnt: add -I, --dfi options for imitating the output of df -i * findmnt: add inode-related columns for implementing "df -i" like output * hexdump: add '--one-byte-hex' format option * hwclock: add support for RTC_VL_READ/RTC_VL_CLR ioctls * login: initialize noauth from login.noauth credential * lsblk: add --filter * lsblk: add --highlight * lsblk: add --list-columns * lsclocks: new command to show clocks * lscpu: even more Arm part numbers * mkfs.minix: handle 64bit time on 32bit system * mkswap: implement --file * mkswap: implement --offset * mount: add --map-users and --map-groups convenience options * nsenter: add option `-c` to join the cgroup of target process * setarch: add riscv64/riscv32 support * setpgid: new command to run a program in a new process group * uuidd: add cont_clock persistence * uuidgen: add option --count * wall: query logind for list of users with tty (#2088) * write: query logind for list of users with tty (#2088) * libuuid: improved support for 64-bit time - skip-lsfd-tests-PR2888.patch: skip some lsfd tests which OBS does not support (https://github.com/util-linux/util-linux/issues/2822) - use-logind-not-utmp.patch: removed, accepted upstream - tests-increase-delay-for-waitpid-test.patch: removed, upstreamed - 0001-Revert-libblkid-try-LUKS2-first-when-probing.patch: reverted upstream - util-linux-fix-tests-with-64k-pagesize.patch: was a backport ==== util-linux-systemd ==== Version update (1.3.1 -> 2.40.1) Subpackages: lastlog2 - Update to version 2.40.1 * agetty: don't overwrite TERM passed by the user * fsck.minix: fix possible overrun * libblkid: fix segfault when blkid.conf doesn't exist * libfdisk: add initializer to geometry * libmount: fix access check for utab in context * libmount: fix umount --read-only * lsns: fix netns use - Drop skip-lsfd-tests-PR2888.patch, was a backport - Don't delete binaries not common for all architectures. Create an util-linux-extra subpackage instead, so users of third party tools can use them. (bsc#1222285) - Added static_lib.patch to resolve build failure when using libblkid.pc in --static mode - Add new lastlog2 sub-package (to solve migration problems due to rpm %post/%postun ordering) * Add pam-config calls to enable pam_lastlog2 * Add lastlog2.conf systemd-tmpfile to create database directory - Skip tests marked as ts_skip_qemu_user when running under qemu - Mark racy lslocks test as known fail - Re-enable lsfd tests using mkfds, as it is fixed now. - liblastlog2-devel: * Obsolete/provide lastlog2-devel for migration * Add header file to filelist - Update to release 2.40 * Add lastlog2 * agetty: Load autologin user from agetty.autologin credential * agetty: use get_terminal_default_type() * agetty: use sd_get_sessions() for number of users (#2088) * blockdev: add support for BLKGETZONESZ * cfdisk: ask y/n before wipe * cfdisk: properly handle out-of-order partitions during resize * chcpu: document limitations of -g * chsh: use libeconf to read /etc/shells * column: fix -l * column: fix memory leak * dmesg: fix FD leak * dmesg: fix delta calculation * dmesg: fix wrong size calculation * dmesg: support reading kmsg format from file * enosys: a new small command to make syscalls fail with ENOSYS * exch: new command to atomically exchanges paths between two files * fdisk: add support for partition resizing * fdisk: remove usage of VLA * fincore: add --output-all * findmnt: add --list-columns * findmnt: add -I, --dfi options for imitating the output of df -i * findmnt: add inode-related columns for implementing "df -i" like output * hexdump: add '--one-byte-hex' format option * hwclock: add support for RTC_VL_READ/RTC_VL_CLR ioctls * login: initialize noauth from login.noauth credential * lsblk: add --filter * lsblk: add --highlight * lsblk: add --list-columns * lsclocks: new command to show clocks * lscpu: even more Arm part numbers * mkfs.minix: handle 64bit time on 32bit system * mkswap: implement --file * mkswap: implement --offset * mount: add --map-users and --map-groups convenience options * nsenter: add option `-c` to join the cgroup of target process * setarch: add riscv64/riscv32 support * setpgid: new command to run a program in a new process group * uuidd: add cont_clock persistence * uuidgen: add option --count * wall: query logind for list of users with tty (#2088) * write: query logind for list of users with tty (#2088) * libuuid: improved support for 64-bit time - skip-lsfd-tests-PR2888.patch: skip some lsfd tests which OBS does not support (https://github.com/util-linux/util-linux/issues/2822) - use-logind-not-utmp.patch: removed, accepted upstream - tests-increase-delay-for-waitpid-test.patch: removed, upstreamed - 0001-Revert-libblkid-try-LUKS2-first-when-probing.patch: reverted upstream - util-linux-fix-tests-with-64k-pagesize.patch: was a backport ==== vlc ==== Subpackages: libvlc5 libvlccore9 vlc-noX vlc-qt - Enable FluidSynth plugin using an optional package ==== vte ==== Version update (0.76.0 -> 0.76.1) - Update to version 0.76.1: + terminal: fix UTF-8 bounds check. + app: Don't hide scrolled-window option. + app: Add built-in CSS to hide scrolled-window over-scroll indicators. + emulation: Fix the reported bold/etc. color if unset + widget: Also set tag when returning no match. - Update to version 0.76.1: * emulation: Fix the reported bold/etc. color if unset * app: Fix the build with clang++ * app: Don't use typeof * terminal: fix UTF-8 bounds check * widget: Also set tag when returning no match * app: Add built-in CSS to hide scrolled-window over-scroll indicators * app: Don't hide scrolled-window option * build: Post release version bump ==== wireplumber ==== Subpackages: libwireplumber-0_5-0 wireplumber-audio - Better fix for (bsc#1223916) that basically turns the main profile into the (to be in 0.5.3) video-only profile unless wireplumber-audio is installed which now turns the main profile into exactly upstream's main profile. - Add patch from upstream to fix a json log issue: * 0001-lua-json-fix-error-ouput.patch - Add patch from upstream to add a method to merge json containers: * 0002-lua-json-add-method-to-merge-json-containers.patch - Add patch from upstream to fix merging a particular case of configuration options: * 0003-json-utils-fix-overriding-of-non-container-values-when.patch - Fix wireplumber not starting successfully when audio support is not enabled since the main profile now requires it. The best option would be to use a video-only profile but it's too late to change the way wireplumber is started in SLE/Leap, so the solution just makes audio/bluetooth optional for now (bsc#1223916) * split-config-file.py ==== wtmpdb ==== Version update (0.11.0 -> 0.12.0+git.20240508) Subpackages: libwtmpdb0 - Update to version 0.12.0+git.20240508: - boot: Query systemd if soft-reboot was done ==== xconsole ==== Version update (1.0.8 -> 1.1.0) - Update to version 1.1.0 * This release fixes use of the scroll wheel in the text area, adds -version and -help options, and removes support for several older OS'es. ==== xdg-desktop-portal-gnome ==== Version update (46.0 -> 46.1) - Update to version 46.1: + Remove D-Bus call timeout from Access portal requests that are proxied to GNOME Shell. This prevents the Access portal from failing requests if the user doesn't click on a dialog for more than 25 seconds. + Various fixes to the ScreenCast portal dialog. + Updated translations. ==== xxhash ==== - Fix ftbfs with gcc14: * use correct optflags also in %check * add test-tools-do-not-override-cflags.patch - Execute more tests

1 0

New MicroOS snapshot 20240505 released!
by Richard Brown 06 May '24

06 May '24

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: MicroOS-release (20240503 -> 20240505) glslang (14.1.0 -> 14.2.0) libcontainers-common libgpg-error (1.48 -> 1.49) libnvme (1.8+0.gbff7dda -> 1.9+0.g80c5cf2) libqaccessibilityclient-qt6 (0.5.0 -> 0.6.0) nvme-cli (2.8 -> 2.9.1) qt6-base rebootmgr (2.4 -> 2.4+git20240503.5b98913) tpm2.0-tools (5.6 -> 5.7) === Details === ==== MicroOS-release ==== Version update (20240503 -> 20240505) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== glslang ==== Version update (14.1.0 -> 14.2.0) - Update to release 14.2 * Improve checking for location aliasing errors * Fix undefined behavior in parser * Add bounds check to gl_SampleMask * Fix alignment and padding of matrices consuming one vector * Remove duplicate SPIR-V decorations * Check for exponent overflow in float parser * Fix bug in relaxed verification rules * Fix bug when importing SPIR-V extended intruction set * Fix issues with the interaction of cooperative_matrix and spirv_intrinsics * Support SPV_QCOM_image_processing2 * Support files with UTF8BOM character ==== libcontainers-common ==== Subpackages: libcontainers-default-policy - Introduce new subpackage that ships registries.conf that uses registry.suse.com as the only unqualified registry while pulling images on SL Micro and SP6. (jsc#SMO-376, jsc#PED-8289) ==== libgpg-error ==== Version update (1.48 -> 1.49) - Update to 1.49: * Two new functions to improve the logging interface. The gpgrt_logv_domain is currently the same as gpgrt_logv_prefix but allows to pass a domain string so that in future we will be able to select log output by domain. It also provide a non yet functional feature to include a hex dump. * Add a "trunc" keyword to gpgrt_log_printhex. [rE0a39fbefcb] * Avoid an endless loop in the argparser due to a conf file read error. [rE2dc93cfecc] * Interface changes relative to the 1.48 release: - gpgrt_add_post_log_func NEW. - gpgrt_logv_domain NEW. * Release-info: https://dev.gnupg.org/T7012 ==== libnvme ==== Version update (1.8+0.gbff7dda -> 1.9+0.g80c5cf2) Subpackages: libnvme-mi1 libnvme1 - Update to version 1.9+0.g80c5cf2: * types: Added Command and Feature Lockdown LID * types: add ASQ, ACQ and BPMBL controller properties definitions * types: add controller properties enum documentation * types: fix CRTO.CRIMT mask value definition * tree: use strtou32 to read lba_size * types: Fix PMRWBM register name * examples: fix mi-mctp build warning errors * test: add CSTS.ST, CAP.CPS and CAP.NSSS registers * types: add CAP.CPS and CAP.NSSS definitions * types: add enum nvme_cap documentation * types: Add enum nvme_unit/cmbebs/cmbswtp/flbas/cmic documentation * util: Add string constant for ENVME_CONNECT_IGNORED * tests: Add sample NBFT table with mpath IPv4+IPv6 discovery * types: add controller status shutdown type (CSTS.ST) definition * types: Add enum nvme_csts documentation * types: Add NVME_CMIC definitions * types: Add CMBSWTP property definitions * types: Add NVME_CMBEBS property definitions * types: Fix boot partition read offset (BPROF) mask value * tree: fix mem leak in nvme_ns_init() (bsc#1223331) * fabrics: retry discovery log page when DNR is not set * ioctl: return EPROTO when an NVMe status occurred * linux: Allocate aligned payload for nvme_get_telemetry_log * test: use diff to compare sysfs output * tree: fix lba_count size calculation * tree: Add NVM subsystem controller identifier * test: Add unit test for nvme_id_ns_flbas_to_lbaf_inuse() * types: Fix NVME_CSTS_SHST_MASK definition * util: Fixed nvme_id_ns_flbas_to_lbaf_inuse() * types: Add optional data present filed mask and shift definition * types: Fix EOM header optional data present fields definition * libnvme : record the nvme pci adapter physical slot (bsc#1223208) * sysfs: minimize heap allocations of sysfs paths * json: Fix uninitialized variables * libnvme: add missing symbol nvme_scan_tls_keys * nbft: Whitespace fixes (bsc#1222026) * tests: Add complex NBFT table from Dell R660 (bsc#1222026) * tests: Adapt to added NBFT SSNS flags (bsc#1222026) * nbft: Add SSNS 'discovered' flag (bsc#1222026) * nbft: Add SSNS 'unavailable' flag (bsc#1222026) * doc: Document the NBFT API (bsc#1222026) * ioctl: Move nvme_cmd_dword_fields definitions into header file * types: Add PEL set feature event layout definitions * types: Fix enum nvme_pel_rci documentation error * types: Add boot partition information definitions * types: Add PEL header additional information definitions * fabrics: keyring is a long (bsc#1216982) * config-schema.json.in: tls keys and keyrings are strings (bsc#1216982) * linux: Add nvme_scan_tls_keys() (bsc#1216982) * json: dump TLS key data in PSK interchange format (bsc#1216982) * json: import TLS key from PSK interchange format (bsc#1216982) * json: export TLS key in PSK interchange format (bsc#1216982) * tree: read TLS key in nvme_configure_ctrl() (bsc#1216982) * linux: rework nvme_insert_tls_key_versioned() (bsc#1216982) * linux: add nvme_import_tls_key() (bsc#1216982) * linux: add nvme_export_tls_key() (bsc#1216982) * crc32: Add CRC32 algorithm (bsc#1216982) * linux: add nvme_update_key() (bsc#1216982) * linux: add nvme_read_key() (bsc#1216982) * linux: allow for NULL argument in nvme_lookup_keyring() (bsc#1216982) * log: Respect DEFAULT_LOGLEVEL on uninitialized logging * log: Introduce nvme_get_logging_level() * ioctl: remove incomplete debug logging infrastructure * ioctl: export nvme_submit_passthru{64} as weak symbol * log: move nvme_{set|get}_debug to log.c * fabrics: check the read() return value * types: Add PEL reporting context port identifier type definitions * types: Add persistent event log reporting context definitions - Upstream changed the sysfs test setup, thus sysfs test works in OSB * remove 0001-build-disable-sysfs-test.patch ==== libqaccessibilityclient-qt6 ==== Version update (0.5.0 -> 0.6.0) - Update to 0.6.0. No changelog. ==== nvme-cli ==== Version update (2.8 -> 2.9.1) - Update to version 2.9.1: * plugins/spdk: drop the plugin - Update to version 2.9: * nvme-print: expand the maximum field length to prevent misalignment * plugins/spdk: plugin to list SPDK subsystems * nvme-print: check if controller belong to SPDK * plugins/spdk: plugin to list SPDK controllers * nvme-print-stdout: fix ASQB, ACQB and BMBBA prints * build: bump libnvme wrap * nvmf-autoconnect: fix string encoding * nvme: identify primary ctrl do not accept nsid * nvme-wrap: remove unused nvme_cli_get_log_ana_groups() * nvme-print-json: use admin queue attributes definitions * nvme-print-json: use CSTS definitions * nvme-print-stdout: use POWER_OF_TWO macro * nvme-print-json: use controller configuration definitions * nvme-print-json, nvme-print-stdout: add tertiary version number * nvme-print-json: use NVME_MAJOR and NVME_MINOR definitions * nvme-print-json: use NVME_BOOT_PARTITION_INFO field definitions * nvme-print-json: add support telemetry log create event in PEL * nvme-print-json: add support set feature event in PEL * nvme-print-json: add obj_d() function * nvme-print-json: add obj_add_uint_0nx() function * meson.build: Fix spelling of sed-opal.h filename * sed_opal: Only build when we really have sed_opal headers * nvme: fix error path if write() fails in get_telemetry_log() * plugins/solidigm: Additional LID for temperature statistics. * plugins/solidigm: Improved Solidigm UUID index detection. * nvme-print-stdout: Add CSTS.ST register stdout print * nvme-print-stdout: Use NVME_CMIC definitions * nvme-print: Use NVME_UNIT definitions * nvme-print-stdout: Use NVME_CMBMSC/STS/EBS/SWTP definitions * plugins/ssstc: add a new plugin for SSSTC driver * nvmf-connect: systemd hardening effort * plugins/ocp: Adjusted variable type size carrying UUID index to 8 bit. * nvme: fix security buffer allocation size * nvme: Change fw-download xfer initialization to set 0 * nvme: Add fw-download warning message for FWUG alignment error * plugins/ocp: Split ocp_get_uuid_index() into find and get functions. * nvme: fix mem leak in multiple key related functions (bsc#1223331) * fabrics: fix mem leak in nvmf_check_hostid_and_hostnqn() (bsc#1223331) * nvme-print-stdout: Use NVME_BPRSEL definitions * nvme-print-stdout: Use NVME_BPINFO definitions * nvme-print-stdout: Use NVME_CMBSZ definitions * nvme-print-stdout: Use NVME_CMBLOC definitions * Revert "logging: fix error handling for ioctl passthru wrappers" * fabrics: align identify command payload * ocp: Unify line start spacing as tabs * ocp: support OCP DSSD Async Event Config feature * nvme: Add support for get-reg and set-reg commands * nvme-print-json: Add register print functions * nvme-print-stdout: Add register print functions * nvme-print: Add register print functions * nvme: Refactor mmap_registers to add writable parameter * nvme-print: Change PMRSZU string function as unit string * nvme-print: Refactor CMBLOC and PMRSTS registers function * logging: fix error handling for ioctl passthru wrappers * nbft: Fix scandir() error check * nbft: Refactor connection attempt out * nvme-print: Use EOM optional data present macros changed * nvme-print: Print cntlid number for controller * nvme: check-tls-key fails despite having hostnqn file (bsc#1223331) * nvme: print retained key for gen-tls-key's -i option too (bsc#1223331) * fabrics : allow host to create duplicate connections to target * fabrics: Fix fast_io_fail_tmo option * nvme-print-stdout: use admin queue attributes definitions * nvme-print-stdout: use CSTS definitions * nvme-print-stdout: use controller configuration definitions * nvme-print-stdout: use NVME_MAJOR and NVME_MINOR definitions * nvme-print-stdout: use FDP configuration attributes definitions * nvme: add new function 'tls_key' * nvme: use library functions for importing and exporting TLS keys (bsc#1216982) * nvme: extend error message for ns scan failures * nvme-print-json: Bugfix status json key of sanitize-log * sed: update SED password when initalizing (bsc#1222168) * plugins/memblaze: add performance stats * plugins/memblaze: fix code mis-type error * plugins/memblaze: code refactor on applying __packed on more structs * plugins/memblaze: code refactor on using cleanup_nvme_dev * nvme: Fix to cleanup free raw_secret memory allocated * plugins/memblaze: code-format on leading indent and align * plugins/wdc: Fix narrow index variable type in for loop to __u32 * plugins/wdc: Whitespace changes * nvme: Delete unused nvme root scanned * ocp: support OCP 2.5 Set Telemetry Profile feature * nvme: Don't seg fault if given device is not char/block device * nbft: Include SSNS index in error messages (bsc#1222026) * nbft: Pause logging for expected connection failures (bsc#1222026) * nbft: Silence connection failures for unavailable SSNS (bsc#1222026) * nbft: Fix 'verbose' argument type (bsc#1222026) * plugins/nbft: Implement verbose logging * plugins/nbft: Print the new SSNS flags * nbft: Fix uninitialized variable * plugins/nbft: Fix uninitialized variables * plugins/sed: Fix uninitialized variable * nvme-print-stdout: Fix uninitialized variable * nvme-print-json: Fix uninitialized variable * build: Switch default meson buildtype to 'debugoptimized' * nvme: do not scan topology when mmaping registers ... changelog too long, skipping 53 lines ... * remove 0100-harden_nvmf-connect@.service.patch ==== qt6-base ==== Subpackages: libQt6Concurrent6 libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6OpenGLWidgets6 libQt6PrintSupport6 libQt6Sql6 libQt6Test6 libQt6Widgets6 libQt6Xml6 qt6-network-tls qt6-networkinformation-glib qt6-networkinformation-nm qt6-printsupport-cups qt6-sql-sqlite - Add upstream security fix (CVE-2024-33861): * 0001-QStringConverterICU-Pass-correct-pointer-to-callback.patch ==== rebootmgr ==== Version update (2.4 -> 2.4+git20240503.5b98913) - Remove rcrebootmgr symlink - Update to version 2.4+git20240503.5b98913: * Don't generate html documentation anymore * Fix manual page dependencies for parallel build * Update configure.ac * Fix soft-reboot detection in forced mode ==== tpm2.0-tools ==== Version update (5.6 -> 5.7) Update to version 5.7: + Security - Fixed CVE-2024-29038 - Fixed CVE-2024-29039 + Fixed - Fix eventlog test - Fix issues with reading NV indexes - Fix context save error on tpm2_create - tpm2_sessionconfig: fix handling of --disable-continue session so that the subsequent command will not fail - when attempting to context save a flushed session. - detection of functions within libcrypto when CRYPTO_LIBS is set and system has install libcrypto. - tpm2_send: fix EOF detection on input stream. - tpm2_policy.c fix compilation error caused by format directive for size_t on 32 bit systems. - tpm2_nvread: fix input handling no nv index. - Auth file: Ensure 0-termination when reading auths from a file. - configure.ac: fix bashisms. configure scripts need to be runnable with a POSIX-compliant /bin/sh. - cirrus.yml fix tss compilation with libtpms for FreeBSD. - tpm2_tool.c Fix missing include for basename to enable compilation on netbsd. - options: fix TCTI handling to avoid failures for commands that should work with no options. - tpm2_getekcertificate.c Fix leak. ek_uri was not freed if get_ek_server_address failed. + Added - Add the possibility for autoflush (environment variable "TPM2TOOLS_AUTOFLUSH", or -R option) + Removed - Testing on Ubuntu 18.04 as it's near EOL (May 2023).m2_policy.c fix compilation error caused by format directive for size_t on 32 bit systems. - tpm2_nvread: fix input handling no nv index. - tpm2-tools.keyring: added Andreas Fuchs 0x8F4F9A45D7FFEE74 key, documented in upstream repo, which was used for signing this new release tarball.

1 0

New MicroOS snapshot 20240502 released!
by Richard Brown 03 May '24

03 May '24

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: MicroOS-release (20240430 -> 20240502) SDL2 (2.30.2 -> 2.30.3) ca-certificates (2+git20230406.2dae8b7 -> 2+git20240415.3fe9324) conmon (2.1.10 -> 2.1.11) containerd (1.7.10 -> 1.7.15) gcc14 (14.0.1+git10008 -> 14.0.1+git10154) gnome-browser-connector google-noto-fonts (20240401 -> 20240501) gpsd gstreamer hyper-v kernel-firmware (20240419 -> 20240426) krb5 libbpf (1.4.0 -> 1.4.1) ncurses (6.4.20240414 -> 6.5.20240427) polkit-default-privs (1550+20240325.eddbe04 -> 1550+20240430.5327266) python-jsonschema (4.21.1 -> 4.22.0) python-referencing (0.34.0 -> 0.35.1) python311 python311-core qemu (8.2.2 -> 8.2.3) re2 (20240401 -> 20240501) rust-keylime (0.2.4~0 -> 0.2.5~0) setools (4.5.0 -> 4.5.1) slirp4netns (1.2.3 -> 1.3.0) systemd === Details === ==== MicroOS-release ==== Version update (20240430 -> 20240502) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== SDL2 ==== Version update (2.30.2 -> 2.30.3) - Update to release 2.30.3 * Fixed a pointer warping issue on XWayland * Reduced startup time when scanning for game controllers on Linux ==== ca-certificates ==== Version update (2+git20230406.2dae8b7 -> 2+git20240415.3fe9324) - Update to version 2+git20240415.3fe9324: * Add ca-certificates-setup.service * typo: differnt/different ==== conmon ==== Version update (2.1.10 -> 2.1.11) - New upstream release 2.1.11 * docs/Makefile: softcode GOMD2MAN by @rahilarious * chore(deps): update dependency containers/automation_images to v20231208 by @renovate * drop --tty on exec by @haircommander * update packit config, enable downstream tasks by @lsm5 * Remove checks for (long)deprecated libsystemd-journal for libsystemd by @rahilarious * Add support for s390x by @saschagrunert * Build s390x binaries using musl libc by @saschagrunert ==== containerd ==== Version update (1.7.10 -> 1.7.15) - Use obs_scm service instead of tar_scm - Removed patch 0002-shim-Create-pid-file-with-0644-permissions.patch (merged upstream at <https://github.com/containerd/containerd/pull/9571>) - Update to containerd v1.7.15. Upstream release notes: <https://github.com/containerd/containerd/releases/tag/v1.7.15> - Update to containerd v1.7.14. Upstream release notes: <https://github.com/containerd/containerd/releases/tag/v1.7.14> - Update to containerd v1.7.13. Upstream release notes: <https://github.com/containerd/containerd/releases/tag/v1.7.13> - Update to containerd v1.7.12. Upstream release notes: <https://github.com/containerd/containerd/releases/tag/v1.7.12> - Update to containerd v1.7.11. Upstream release notes: <https://github.com/containerd/containerd/releases/tag/v1.7.11> ==== gcc14 ==== Version update (14.0.1+git10008 -> 14.0.1+git10154) Subpackages: libatomic1 libgcc_s1 libgomp1 libstdc++6 libubsan1 - Update to gcc-14 branch head, 7a00c459cbb913ac165a39d34, git10154 * GCC 14.1 RC1 ==== gnome-browser-connector ==== - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [bsc#1212476] ==== google-noto-fonts ==== Version update (20240401 -> 20240501) Subpackages: google-noto-sans-fonts google-noto-sans-math-fonts - Update to 20240501 * Noto Rashi Hebrew - Corrects the width and position of marks under double-yud and double-vov - Improves the anchoring of yod - Adds the U+053F yod triangle character - Improves the spacing of tsadi * Noto Egyptian Hieroglyphs - Add codepoints from Unicode 14 ==== gpsd ==== - usage of %python3_fix_shebang to cover /usr/bin is also needed [bsc#1212476] ==== gstreamer ==== Subpackages: libgstreamer-1_0-0 typelib-1_0-Gst-1_0 - remove dependency on /usr/bin/python3 using %python3_fix_shebang_path macro, [bsc#1212476] ==== hyper-v ==== - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [bsc#1212476] ==== kernel-firmware ==== Version update (20240419 -> 20240426) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd - Update to version 20240426 (git commit 2398d264f953): * amdgpu: DMCUB updates for various AMDGPU ASICs * linux-firmware: Add firmware for Cirrus CS35L56 for various HP laptops * i915: Update Xe2LPD DMC to v2.20 * linux-firmware: Remove Calibration Firmware and Tuning for CS35L41 * linux-firmware: Add firmware for Lenovo Thinkbook 13X * ASoC: tas2781: Add dsp firmware for Thinkpad ICE-1 laptop * amdgpu: add DMCUB 3.5 firmware * amdgpu: add VPE 6.1.0 firmware * amdgpu: add VCN 4.0.5 firmware * amdgpu: add UMSCH 4.0.0 firmware * amdgpu: add SDMA 6.1.0 firmware * amdgpu: add PSP 14.0.0 firmware * amdgpu: add GC 11.5.0 firmware * amdgpu: update license date ==== krb5 ==== - Remove requires for not used cron - Fix memory leaks, add patch 0009-Fix-three-memory-leaks.patch * CVE-2024-26458, bsc#1220770 * CVE-2024-26461, bsc#1220771 * CVE-2024-26462, bsc#1220772 ==== libbpf ==== Version update (1.4.0 -> 1.4.1) - update to 1.4.1: * Bug fix release fixing logic around determining whether to autoload SEC("struct_ops") programs in cases when old kernel doesn't support some optional callbacks and user reset them to NULL from BPF skeleton. ==== ncurses ==== Version update (6.4.20240414 -> 6.5.20240427) Subpackages: libncurses6 ncurses-utils terminfo-base - Update to ncurses 6.5 (patch 20240427) + update announcement + fixes/corrections for manpages (patches by Branden Robinson). + fix redefinition of CASTxPTR, for legacy Unix. - Update to tack 1.9 (patch 20230201) * configure: regen * configure.in: initialize $ac_includes_default s/fgrep/$FGREP/ * aclocal.m4: resync with my-autoconf - Add ncurses patch 20240420 + improve formatting/style of manpages (patches by Branden Robinson). + compiler warning/portability fixes. ==== polkit-default-privs ==== Version update (1550+20240325.eddbe04 -> 1550+20240430.5327266) - Update to version 1550+20240430.5327266: * profiles: whitelist dnf5daemon-server (bsc#1218327) * profiles: remove pseudo auth action kcmkwallet5 (bsc#1217190) ==== python-jsonschema ==== Version update (4.21.1 -> 4.22.0) - update to 4.22.0: * Improve best_match (and thereby error messages from jsonschema.validate) in cases where there are multiple sibling errors from applying anyOf / allOf -- i.e. when multiple elements of a JSON array have errors, we now do prefer showing errors from earlier elements rather than simply showing an error for the full array (#1250). * (Micro-)optimize equality checks when comparing for JSON Schema equality by first checking for object identity, as == would. ==== python-referencing ==== Version update (0.34.0 -> 0.35.1) - Update to version 0.35.1: * Make Resource.pointer also properly handle empty pointers (which refer to the root document). This fix likely only affects you if you were using that function directly, as Resource.lookup already handles empty fragments. - Update to version 0.35.0: * Make Registry.contents raise NoSuchResource when needed. * Update pre-commit hooks. * Run coverage with 3.12 * Try convincing RTD to use uv. * uv and minor workflow tweaks * Use uv for envs, particularly the requirements env. * [pre-commit.ci] pre-commit autoupdate * Whatever pyright regression was present is still present. * [pre-commit.ci] pre-commit autoupdate * Bump suite from `71c85d0` to `87851a6` * Bump suite from `d3fdf35` to `71c85d0` * Bump suite from `e3fe0aa` to `d3fdf35` ==== python311 ==== - Update CVE-2023-52425-libexpat-2.6.0-backport.patch so that it uses features sniffing, not just comparing version number. Include also support-expat-CVE-2022-25236-patched.patch. - Add CVE-2023-52425-remove-reparse_deferral-tests.patch skipping failing tests. - Refresh patches: - CVE-2023-27043-email-parsing-errors.patch - fix_configure_rst.patch - skip_if_buildbot-extend.patch - Remove included patch: - support-expat-CVE-2022-25236-patched.patch ==== python311-core ==== Subpackages: libpython3_11-1_0 python311-base - Update CVE-2023-52425-libexpat-2.6.0-backport.patch so that it uses features sniffing, not just comparing version number. Include also support-expat-CVE-2022-25236-patched.patch. - Add CVE-2023-52425-remove-reparse_deferral-tests.patch skipping failing tests. - Refresh patches: - CVE-2023-27043-email-parsing-errors.patch - fix_configure_rst.patch - skip_if_buildbot-extend.patch - Remove included patch: - support-expat-CVE-2022-25236-patched.patch ==== qemu ==== Version update (8.2.2 -> 8.2.3) - Fix a build issue on riscv: * target/riscv/kvm: rename riscv_reg_id() to riscv_reg_id_ulong() * target/riscv/kvm: add RISCV_CONFIG_REG() * target/riscv/kvm: change timer regs size to u64 * target/riscv/kvm: change KVM_REG_RISCV_FP_D to u64 * target/riscv/kvm: change KVM_REG_RISCV_FP_F to u32 - Update to version 8.2.3. Full changelog/backports here: https://lore.kernel.org/qemu-devel/1713980341.971368.1218343.nullmailer@tls… Some of the upstream backports are: * Update version for 8.2.3 release * ppc/spapr: Initialize max_cpus limit to SPAPR_IRQ_NR_IPIS. * ppc/spapr: Introduce SPAPR_IRQ_NR_IPIS to refer IRQ range for CPU IPIs. * hw/pci-host/ppc440_pcix: Do not expose a bridge device on PCI bus * hw/isa/vt82c686: Keep track of PIRQ/PINT pins separately * virtio-pci: fix use of a released vector * linux-user/x86_64: Handle the vsyscall page in open_self_maps_{2,4} * hw/audio/virtio-snd: Remove unused assignment * hw/net/net_tx_pkt: Fix overrun in update_sctp_checksum() * hw/sd/sdhci: Do not update TRNMOD when Command Inhibit (DAT) is set * hw/net/lan9118: Fix overflow in MIL TX FIFO * hw/net/lan9118: Replace magic '2048' value by MIL_TXFIFO_SIZE definition * backends/cryptodev: Do not abort for invalid session ID * hw/misc/applesmc: Fix memory leak in reset() handler * hw/block/nand: Fix out-of-bound access in NAND block buffer * hw/block/nand: Have blk_load() take unsigned offset and return boolean * hw/block/nand: Factor nand_load_iolen() method out * qemu-options: Fix CXL Fixed Memory Window interleave-granularity typo * hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs * hw/char/virtio-serial-bus: Protect from DMA re-entrancy bugs * hw/display/virtio-gpu: Protect from DMA re-entrancy bugs * ...and many more... ==== re2 ==== Version update (20240401 -> 20240501) - update to 2024-05-01: * Stop setting re2_INCLUDE_DIR * Fixes related to python bindings ==== rust-keylime ==== Version update (0.2.4~0 -> 0.2.5~0) - Update to version 0.2.5~0: * Bump version to 0.2.5 * cargo: Relax required version for pest crate * build(deps): bump log from 0.4.20 to 0.4.21 * build(deps): bump thiserror from 1.0.56 to 1.0.59 - actix-web update moves rustls as feature (bsc#1223234, CVE-2024-32650) - Update to version 0.2.4~39: * build(deps): bump openssl from 0.10.63 to 0.10.64 * build(deps): bump h2 from 0.3.24 to 0.3.26 * build(deps): bump serde_json from 1.0.107 to 1.0.116 * build(deps): bump actix-web from 4.4.1 to 4.5.1 * crypto: Enable TLS 1.3 * build(deps): bump tempfile from 3.9.0 to 3.10.1 * build(deps): bump mio from 0.8.4 to 0.8.11 * enable hex values to be used for tpm_ownerpassword * config: Support IPv6 with or without brackets * keylime: Implement a simple IP parser to remove brackets * crypto: Implement CertificateBuilder to generate certificates * tests: Fix coverage download by supporting arbitrary URL * cargo: Add testing feature to keylime library * Set X509 SAN with local DNSname/IP/IPv6 * Include newest Node20 versions for Github actions * tpm: Add unit test for uncovered public functions * crypto: Implement ECC key generation support * crypto: Add test for match_cert_to_template() * Fix minor typo, format and remove end whitespaces * crypto: Make error types less specific * tests/run.sh: Run tarpaulin with a single thread * payloads: Remove explicit drop of channel transmitter * crypto: Move to keylime library * crypto: Add specific type for every possible error * tpm: Rename origin of error as source in structures * list_parser: Add source for error for backtrace * algorithms: Make errors more specific * typo fix for default path to measured boot log file * README: remove mentions of libarchive as a dependency * Dockerfile.wolfi: Update clang to version 17 * docker: Remove libarchive as a dependency * rpm: Remove libarchive from dependencies * cargo: Replace compress-tools with zip crate * cargo: Bump ahash to version 0.8.7 * build(deps): bump serde from 1.0.195 to 1.0.196 * build(deps): bump libc from 0.2.152 to 0.2.153 * build(deps): bump reqwest from 0.11.23 to 0.11.24 * docker: Install configuration file in the correct path * config: Make IAK/IDevID disabled by default ==== setools ==== Version update (4.5.0 -> 4.5.1) - Update to version 4.5.1: - Correct annotations of NetworkX types to make it optional again. - Fix packaging issue for apol's style sheet (apol.css). - Drop 0001-Make-networkx-optional-again-Fixes-125.patch fixed upstream - Change networkx Requires to Suggests ==== slirp4netns ==== Version update (1.2.3 -> 1.3.0) - New upstream release 1.3.0 * Support new `--netns-type=tapfd` (#340, thanks to @helmutg) * Do not leak socket in case of success (#339, thanks to @jnovy) ==== systemd ==== Subpackages: libsystemd0 libudev1 systemd-boot systemd-coredump systemd-experimental udev - Update 0008-sysv-generator-translate-Required-Start-into-a-Wants.patch to adapt sysv-generator-test to the SUSE's specificity brought by this patch. - systemd-testsuite: some of the integration tests depend on the bin, daemon, games and nobody users/groups. - Drop _FORTIFY_SOURCE=2 workaround. Since commit 7929e180aa (v253) it shouldn't be needed anymore. - systemd.spec: preparation for the next version of systemd (i.e. v256), libkmod2 will be dlopened hence explicitly require it now as it doesn't hurt with the current version. However don't recommend it from systemd by assuming that when module loading from PID1 is needed, udev is installed. - Make systemd-doc subpackage noarch.

1 0