Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version=Tumbleweed&build=20240820 https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&component=MicroOS&query_format=advanced&resolution=--- Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: AppStream AppStream-qt6 MicroOS-release (20240818 -> 20240820) SVT-AV1 (2.1.2 -> 2.2.0) bash (5.2.26 -> 5.2.32) ffado (2.4.7 -> 2.4.9) flatpak (1.15.8 -> 1.15.10) gstreamer-plugins-bad libdeflate (1.20 -> 1.21) libinput (1.26.0 -> 1.26.2) libpng16 librsvg (2.58.2 -> 2.58.3) libwacom (2.11.0 -> 2.12.2) libxmlb (0.3.18 -> 0.3.19) ncurses (6.5.20240810 -> 6.5.20240817) python-SQLAlchemy (2.0.31 -> 2.0.32) readline (8.2.10 -> 8.2.13) selinux-policy (20240814 -> 20240816) systemd (256.4 -> 256.5) tiff === Details === ==== AppStream ==== - BuildRequire gettext-devel instead of gettext: allow OBS to shortcut through gettext-runtime-mini. ==== AppStream-qt6 ==== - BuildRequire gettext-devel instead of gettext: allow OBS to shortcut through gettext-runtime-mini. ==== MicroOS-release ==== Version update (20240818 -> 20240820) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== SVT-AV1 ==== Version update (2.1.2 -> 2.2.0) - Update to release 2.2.0 * Improve the tradeoffs for the random access mode across presets: * Speedup of ~15% across presets M0 - M8 while maintaining similar quality levels * Improve the tradeoffs for the low-delay mode across presets * Increased temporal resolution setting to 6L for 4k resolutions by default * Added ARM optimizations for functions with c_only equivalent yielding an average speedup of ~13% for 4k10bit ==== bash ==== Version update (5.2.26 -> 5.2.32) Subpackages: bash-sh - Add upstream patches * bash52-027 The configure test for the presence of strtoimax(3) is inverted. * bash52-028 A DEBUG trap in an asynchronous process can steal the controlling terminal away from the calling shell, causing it to exit. * bash52-030 `wait -n' can fail to return some jobs if they exit due to signals the shell does not report to the user. * bash52-031 There is a memory leak in the code that implements the optimized $(<file) expansion for some code paths. * bash52-032 When printing functions containing coprocesses, the displayed coproc command has the word COPROC inserted unconditionally, resulting in function bodies that cannot be re-read as input. ==== ffado ==== Version update (2.4.7 -> 2.4.9) - Update to version 2.4.9 * Support compilation against musl libc. * Remove build-time checks for utilities that are not used (pyuic). * Install the ffado-mixer appdata file only if ffado-mixer has been built. * Add a DATADIR option to scons and use it in line with GNU conventions. * Update the AppStream document with more complete information and in line with current best practice. * Rename XDG files to match modern standards. * Install XDG files manually to simplify the build script and avoid depending on xdg-utils. - Changes from version 2.4.8 * Make various mixer modules work under Python 3.10 and later: Presonus Firebox, Presonus FP10, Presonus Inspire1394 and Yamaha Go. * Deal with the removal of SafeConfigParser in Python 3.12. ==== flatpak ==== Version update (1.15.8 -> 1.15.10) Subpackages: flatpak-selinux libflatpak0 system-user-flatpak - Update to version 1.15.10: + Dependencies: In distributions that compile Flatpak to use a separate bubblewrap (bwrap) executable, version 0.10.0 is required. This version adds a new feature which is required by the security fix in this release. + Security fixes: Don't follow symbolic links when mounting persistent directories (--persist option). This prevents a sandbox escape where a malicious or compromised app could edit the symlink to point to a directory that the app should not have been allowed to read or write. (CVE-2024-42472, GHSA-7hgv-f2j8-xw87) + Documentation: Mark the 1.12.x and 1.10.x branches as end-of-life + Other bug fixes: Fix several memory leaks + Internal changes: - Record a log file when running build-time tests with AddressSanitizer - Add initial suppressions file for AddressSanitizer ==== gstreamer-plugins-bad ==== Subpackages: libgstadaptivedemux-1_0-0 libgstanalytics-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstinsertbin-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstmse-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0 - Add 85b4fbf40b1d53a4141941abf70d2d4d83eb140e.patch: msdk: replace strcmp with g_strcmp0. Because strcmp doesn't handle NULL. ==== libdeflate ==== Version update (1.20 -> 1.21) - update to 1.21: * Fixed build error on x86 with gcc 8.1 and gcc 8.2. * Fixed build error on x86 when gcc 11 is paired with a binutils version that doesn't support AVX-VNNI e.g. as it is on RHEL 9. * Fixed build error on arm64 with gcc 6. * Fixed build error on arm64 with gcc 13.1 and later with some - mcpu options. * Enabled detection of dotprod support in Windows ARM64 builds. ==== libinput ==== Version update (1.26.0 -> 1.26.2) - Update to release 1.26.2 * Added quirks for the LG Gram 14 and the Minisvorum V3 ==== libpng16 ==== - Fix missing backslash ==== librsvg ==== Version update (2.58.2 -> 2.58.3) Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0 - Update to version 2.58.3: + A couple of fixes from fuzz testing: - Fix assertion failures with large Hue value in hsl() or hwb() colors. - Limit the baseFrequency for feTurbulence to avoid integer overflow. - Remove an obsolete test. ==== libwacom ==== Version update (2.11.0 -> 2.12.2) Subpackages: libwacom-data libwacom9 - update to 2.12.2 * Device Fixes: - HUION Kamvas 16 2019 - Prefix the kamvas pro 13 with Huion like all other Huion tablets - Fix the Huion Kamvas 12 file * Device Other: - Don't create a default match for fallback devices * Other Fixes: - Fix a memory leak - Set the device name in new_from_path() to override the fallback name * Tests: test: run ruff format over test_svg.py test: add support for testing new_from_path() through uinput - update to 2.12.1 * Device Fixes: - Drop the firmware match from the Huion Inspiroy 2 S * Features: - Fix off-by-one check for stripping the quote from NAME/UNIQ - Use g_clear_pointer() during libwacom_*_unref() - update to 2.12.0 * New Devices: - Huion Kamvas Pro 24 (GT-240, QHD) - Huion WH1409 - Wacom Movink - Wacom HID 49A0 (Dell latitude 5320 2-in-1) - Wacom HID 5334 Pen - XP-PEN Deco Mini 4 * Device Fixes: - Fix tablet file for the Huion Inspiroy 2S - Improve Huion Inspiroy 2 m support - Update the Inspiroy 2L - Add a dial to the Huion Inspiroy 2 L and M - Fix the Inspiroy 2S layout - Set the right PID for the Inpspiroy 2 L and M - Rename second ButtonB id in the DTI-520 svg layout - Fix Huion RTM-500 Support - Added more device names for Kamvas 13 variants - Fix buttons for Huion and Gaomon tablets - Mark huion/gaomon tablets with Dials as such - XP pen tablets have no Rings - Drop accidental comma from the Gaomon/Huion layout files * Device Other: - Auto generated HUION tablet description files - Auto generated GAOMON tablet description files - Remove layout files without buttons/strips/dials - Remove a superfluous rect from the huion mini keydial kd100 - Use NumRings instead of separate Ring/Ring2 - Switch DeviceMatch to use a pipe as separator - Add a firmware string entry to the matches - Skip over empty Layout= assignments * Features: - Rework match_from_string - Rework the match approach to prefer uniq over name - Allow to match by uniq without name - Add Gaomon S620 firmware match - Add support for relative dials - Add libwacom_new_from_builder to construct a new device * Other Fixes: - Fetch the name and uniq from udev properties, not sysfs - Keyboard devices are not ID_INPUT_TABLET_PAD - Don't mark a Mouse device as tablet or pad - Set the bustype in libwacom_new_for_path - Document touch strips * Tests: - Remove the requirement for a Layout file - Replace the SVG validity test with a pytest-based one - Add a test for unnecessary SVGs - Add some tracing to the svg validity test - Svgs for dials need to have CW and CCW labels, not Up/Down - Set proper test names for the hwdb tests - Skip errors in SVGs for autogenerated devices - Check the svg for Dial2 if we have two dials - Skip hwdb tests if the systemd commands fail - Install our hwdb file during the test - Add ids to the parametrized tablet file tests - Add a pytest wrapper for libwacom - Skip/fail with an error if the systemd commands failed - Replace the uinput-based hwdb test with a direct query - Don't reload the udev rules - Move the asan check into meson.build * Build: - Make pytest more verbose - Bump to meson 0.56.0 - More logging of the pytests - Split the pytest invocations into separate ones ==== libxmlb ==== Version update (0.3.18 -> 0.3.19) - update to 0.3.19: * Add xb_version_string() to get the runtime ABI version * - Add the runtime version as the default XMLb invalidation GUID ==== ncurses ==== Version update (6.5.20240810 -> 6.5.20240817) Subpackages: libncurses6 ncurses-utils terminfo-base - Add ncurses patch 20240817 + review/update foot for 1.18.1 -TD + add a note about DomTerm 3.2.0 -TD + add new glob-expressions variables to list in config.status script (patch by Werner Fink). + add --enable-install-prefix to modify behavior of $DESTDIR to merge or replace the value set by --prefix (adapted from suggestion by Eli Zaretskii). - Remove patch fix-20240810.patch as now upstream - Correct offsets of patches * ncurses-5.9-ibm327x.dif * ncurses-6.4.dif ==== python-SQLAlchemy ==== Version update (2.0.31 -> 2.0.32) - update to 2.0.32: * https://docs.sqlalchemy.org/en/20/changelog/changelog_20.html#change-2.0.32 ==== readline ==== Version update (8.2.10 -> 8.2.13) - Add upstream patches * readline82-011 Some systems (e.g., macOS) send signals early on in interactive initialization, so readline should retry a failed open of the init file. * readline82-012 If a user happens to bind do-lowercase-version to something that isn't a capital letter, so _rl_to_lower doesn't change anything and the result is still bound to do-lowercase-version, readline can recurse infinitely. * readline82-013 When readline is accumulating bytes until it reads a complete multibyte character, reading a byte that makes the multibyte character invalid can result in discarding the bytes in the partial character. - Port patch readline-8.2.dif ==== selinux-policy ==== Version update (20240814 -> 20240816) Subpackages: selinux-policy-targeted - Update to version 20240816: * Initial policy for syslog-ng (bsc#1229153) ==== systemd ==== Version update (256.4 -> 256.5) Subpackages: libsystemd0 libudev1 systemd-boot systemd-experimental udev - Import commit bef0958f4db1b774c23505e93537ffe16f1b3894 (merge of v256.5) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/5bba1ebe17564b606cc5d1c07b14123c... - Make the 32bit version of libudev.so available again (bsc#1228223) The symlink for building 32bit applications was mistakenly dropped when the content of libudev-devel was merged into systemd-devel. Provide the 32bit flavor of systemd-devel again, which should restore the plug and play support in Wine for 32bit windows applications. ==== tiff ==== - security update: * CVE-2024-7006 [bsc#1228924] Fix pointer deref in tif_dirinfo.c + tiff-CVE-2024-7006.patch