Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version=Tumbleweed&build=20231203 https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&component=MicroOS&query_format=advanced&resolution=--- Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: NetworkManager-branding-openSUSE avahi avahi-glib2 blog (2.27 -> 2.28) brltty criu (3.18 -> 3.19) dialog distrobox (1.5.0.2 -> 1.6.0.1) ethtool (6.5 -> 6.6) evolution-data-server (3.50.1 -> 3.50.2) firewalld (2.0.1 -> 2.0.2) fontconfig fonts-config (20200609+git0.42e2b1b -> 20230604+git0.630c8206607c) gcc13 (13.2.1+git7813 -> 13.2.1+git8109) gnome-disk-utility (45.0 -> 45.1) gnome-software (45.1 -> 45.2) gobject-introspection gpgme (1.23.1 -> 1.23.2) gtk2 gtk4 (4.12.3 -> 4.12.4) iproute2 (6.5 -> 6.6) irqbalance (1.9.2.24.git+184c950 -> 1.9.3.8.git+c963f48) kernel-firmware (20231127 -> 20231128) kernel-source (6.6.2 -> 6.6.3) libadwaita (1.4.0+12 -> 1.4.1) libavif (1.0.0 -> 1.0.2) libnotify (0.8.2 -> 0.8.3) librsvg libselinux-bindings llvm17 (17.0.5 -> 17.0.6) ncurses (6.4.20231111 -> 6.4.20231125) netcfg openssh perl (5.38.0 -> 5.38.2) polkit-default-privs (1550+20231103.3b4a82f -> 1550+20231129.269abcd) python-jsonschema-specifications (2023.11.1 -> 2023.11.2) python-referencing (0.31.0 -> 0.31.1) qemu (8.1.2 -> 8.1.3) rust-keylime (0.2.2+git.1697658634.9c7c6fa -> 0.2.3+git.1701075380.a5dc985) snapper (0.10.6 -> 0.10.7) systemd tree unar (1.10.7 -> 1.10.8) update-alternatives (1.22.0 -> 1.22.1) usbutils vim (9.0.2103 -> 9.0.2136) xdmbgrd xxhash zxing-cpp === Details === ==== NetworkManager-branding-openSUSE ==== - Fix most rpmlint warnings: + suse-zypp-packageand: use current Supplements: (A and B) syntax over packagand(A:B) + summary-ended-with-dot: Remove dot at the end of Summary: + no-%build-section: Add empty %build section + branding-supplements-missing: Fixes as part of suse-zypp-packageand. ==== avahi ==== Subpackages: libavahi-client3 libavahi-common3 libavahi-core7 - Add avahi-CVE-2023-38472.patch: Fix reachable assertion in avahi_rdata_parse (bsc#1216853, CVE-2023-38472). ==== avahi-glib2 ==== - Add avahi-CVE-2023-38472.patch: Fix reachable assertion in avahi_rdata_parse (bsc#1216853, CVE-2023-38472). ==== blog ==== Version update (2.27 -> 2.28) Subpackages: libblogger2 - Update to version 2.28 * UTMP support is gone, remove dependency also add support for initramfs at shutdown. ==== brltty ==== Subpackages: brltty-driver-at-spi2 brltty-driver-brlapi brltty-driver-speech-dispatcher brltty-driver-xwindow libbrlapi0_8 python3-brlapi system-user-brltty xbrlapi - Disable parallel build again ==== criu ==== Version update (3.18 -> 3.19) - Update to criu 3.19: New features: * LoongArch64 support * C/R membarrier() registrations * Restore THP_DISABLE prctl * prctl: Migrate prctl(NO_NEW_PRIVS) setting Bugfixes: * Many fixes and improvements from the Google team * Fix dumping hugetlb-based memfd on kernels < 4.16 * Fixes here and there Improvements: * drop python 2 support * support XSAVE on newer Intel CPUs - Refreshed criu-py-install-fix.diff; workarounds appled to both crit and lib/pycriu - Drop obsoleted patch criu-amdgpu-plugin-fix.patch ==== dialog ==== Subpackages: libdialog15 - don't install config file, dialog has built in defaults anyway - add support for /usr/etc (dialog-1.3-usretc.diff) ==== distrobox ==== Version update (1.5.0.2 -> 1.6.0.1) Subpackages: distrobox-bash-completion - Update to version 1.6.0.1: * Export: fix exporting desktop app. * Init: fix nvidia library integration. - Update to version 1.6.0: * Lilipod support * Improved nvidia integration, particularly for cuda * General improvements in the init process * Improve user's shell handling, so that it now always respects the chsh done inside the container * Fix tzdata/zoneinfo problems * Rootful containers now will properly setup user password for sudo * General polish in initful containers * Initful containers now support also OpenRC when present * Initful containers will now have also a proper systemd user session * New --unshare-all, --unshare-netns, --unshare-process, --unshare-devsys flags in create + Now initful + unshare-all containers can be used as playgrounds for services like LXC and Libvirt more easily * New container_additional_volumes configuration * Export fixes and improvements in multi-icon and space-in-name handling * Exported binaries will be runnable between distroboxes * Exported binaries will always run in a login shell * Assemble is now more polished and supports all of create flags * Assemble can now export apps/binaries directly from the manifest ==== ethtool ==== Version update (6.5 -> 6.6) Subpackages: ethtool-bash-completion - update to upstream release 6.6 * Feature: support for more CMIS transceiver modules (-m) * Fix: fix build on systems with old kernel uapi headers ==== evolution-data-server ==== Version update (3.50.1 -> 3.50.2) Subpackages: libcamel-1_2-64 libebackend-1_2-11 libebook-1_2-21 libebook-contacts-1_2-4 libecal-2_0-2 libedata-book-1_2-27 libedata-cal-2_0-2 libedataserver-1_2-27 libedataserverui-1_2-4 - Update to version 3.50.2: + Bug Fixes: - alarm-notify: . Some reminders could be lost . Birthday floating date shifted by one day - CamelGpgContext: Don't leak istream in gpg_sign_sync(). - e-xml-utils: Fix build with libxml2 2.12. + Miscellaneous: - OAuth2: Add scheme handler for OAuth2 prompts in external browser. - EReminderWatcher: Last-notified time not always set. + Updated translations. ==== firewalld ==== Version update (2.0.1 -> 2.0.2) Subpackages: firewalld-bash-completion python3-firewall - update to 2.0.2: * fix(policy): runtime dispatch update if *-zone=ANY (e8b9637) * fix(nm): release NM client after a timeout (d534f07) ==== fontconfig ==== Subpackages: libfontconfig1 - Run autoreconf for Leap 15.x to fix build breakage ==== fonts-config ==== Version update (20200609+git0.42e2b1b -> 20230604+git0.630c8206607c) - Update to 20230604+git0.630c8206607c: * Fix uninitialised use of the HOME environment variable (bsc#1086804,bsc#1210700) * font match and pattern match can't put in one file. * source han are packaged nowadays, no need to give alias; just give CFF fontformat fonts in zh-/ja/ko hintfull * split 59-family-prefer-lang-specific to cjk/noto and raw, the former two may be generated by scripts in later version * emoji support(part1): add emoji family * delete 10-group-tt*.conf, since fontconfig 2.14 introduces 09-autohint-if-no-hinting.conf (bsc#1217542) * Fix fonts-config does not read user config with `-u` option given * widen comparison operator for emoji fonts - Fix typos in the configs: 0001-Fix-typos-in-32-emoji-reject.conf-and-59-family-pref.patch - Enable 09-autohint-if-no-hinting.conf from fontconfig ==== gcc13 ==== Version update (13.2.1+git7813 -> 13.2.1+git8109) Subpackages: cpp13 libgcc_s1 libgfortran5 libgomp1 libobjc4 libstdc++6 libstdc++6-pp libubsan1 - Update to gcc-13 branch head, 741743c028dc00f27b9c8b1d5, git8109 * Includes fix for building mariadb on i686. [bsc#1217667] * Remove pr111411.patch contained in the update. - Avoid update-alternatives dependency for accelerator crosses. - Package tool links to llvm in cross-amdgcn-gcc13 rather than in cross-amdgcn-newlib13-devel since that also has the dependence. - Depend on llvmVER instead of llvm with VER equal to %product_libs_llvm_ver where available and adjust tool discovery accordingly. This should also properly trigger re-builds when the patchlevel version of llvmVER changes, possibly changing the binary names we link to. [bsc#1217450] ==== gnome-disk-utility ==== Version update (45.0 -> 45.1) - Update to version 45.1: + creatediskimage: Fix crash if image creation has errors. + Update appdata + Updted translations. ==== gnome-software ==== Version update (45.1 -> 45.2) Subpackages: gnome-software-plugin-packagekit - Update to version 45.2: + Updated translations. ==== gobject-introspection ==== Subpackages: girepository-1_0 libgirepository-1_0-1 - Drop BuildRequires on pkgconfig(cairo)/pkgconfig(cairo-gobject), cairo is only needed for some tests. ==== gpgme ==== Version update (1.23.1 -> 1.23.2) Subpackages: libgpgme11 libgpgmepp6 python311-gpg - Update to 1.23.2: * Preserve more specific existing failure code. [T6575] * qt: Start dirmngr with gpgconf to avoid multiple instances. [T6833] * qt: On Windows, use UTF-8 when logging the error text. [T5960] * qt: Remove left-over partial files more persistently. [T6584] * qt: Use a temporary file name when creating signed or encrypted archives. [T6721] * qt: Build Qt 6 bindings with -fPIC if requested or Qt 6 was built with this flag. [T6781] * Notes: - qt: DefaultKeyGenerationJob DEPRECATED. * Release-info: https://dev.gnupg.org/T6782 ==== gtk2 ==== Subpackages: gtk2-data gtk2-immodule-amharic gtk2-immodule-inuktitut gtk2-immodule-thai gtk2-immodule-tigrigna gtk2-immodule-vietnamese gtk2-tools libgtk-2_0-0 - Add gtk2-check-attribute.patch (bsc#1217622): check for attribute availability before accessing it. Starting from GLib 2.76, the standard attribute getters in the GFileInfo object will warn if the attribute is unset, instead of silently bailing out and returning a default value. ==== gtk4 ==== Version update (4.12.3 -> 4.12.4) Subpackages: gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0 - Update to version 4.12.4: + a11y: Tweak name computation for some corner cases. + gdk: - gl: Improve our use of GLES a bit (use vertex arrays and GL_BGRA if available) - Fix some errors in our memory format tables + gsk: - gl: handle texture-scale nodes more faithfully - gl: Fix icon padding in the atlas + Tools: Add a --undecorated option to gtk4-rendernode-tool. + Updated translations. ==== iproute2 ==== Version update (6.5 -> 6.6) Subpackages: iproute2-bash-completion - Update to release 6.6 * bridge: Add backup nexthop ID support * tc: Classifier support for SPI field * tc: support the netem seed parameter for loss and corruption events * tc: remove support for CBQ * tc: remove support for RSVP classifier * tc: remove tcindex classifier * tc: remove dsmark qdisc * tc: drop support for ATM qdisc ==== irqbalance ==== Version update (1.9.2.24.git+184c950 -> 1.9.3.8.git+c963f48) Subpackages: irqbalance-ui - Update to version 1.9.3.8.git+c963f48: * Enable systemd feature support by default when building with meson * Add support for linking against libnl when building with meson * Turn NUMA support into an enabled feature, when building with meson * Set project version of meson build to 1.9.3 * Install man pages when building with meson * When building with meson, make sure to link against numa * Updating to version 1.9.3 * Automatically use systemd journal and run in foreground when under systemd - Update to version 1.9.2.34.git+5069982: * activate_mapping: avoid logging error when there is none * activate_mapping: only blacklist irq if error is considered permanent * activate_mapping: report error reason * activate_mapping: make sure to catch all errors * activate_mapping: avoid use-after-free when affinity cannot be set * Revert "activate_mapping: fflush the buffered data to smp_affinity" * activate_mapping: fflush the buffered data to smp_affinity ==== kernel-firmware ==== Version update (20231127 -> 20231128) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20231128 (git commit d9f6088f7e91): * Add a COPYOPTS variable * rtl_bt: Update RTL8852A BT USB firmware to 0xDFC8_145F ==== kernel-source ==== Version update (6.6.2 -> 6.6.3) - Linux 6.6.3 (bsc#1012628). - locking/ww_mutex/test: Fix potential workqueue corruption (bsc#1012628). - btrfs: abort transaction on generation mismatch when marking eb as dirty (bsc#1012628). - lib/generic-radix-tree.c: Don't overflow in peek() (bsc#1012628). - x86/retpoline: Make sure there are no unconverted return thunks due to KCSAN (bsc#1012628). - perf/core: Bail out early if the request AUX area is out of bound (bsc#1012628). - srcu: Fix srcu_struct node grpmask overflow on 64-bit systems (bsc#1012628). - selftests/lkdtm: Disable CONFIG_UBSAN_TRAP in test config (bsc#1012628). - clocksource/drivers/timer-imx-gpt: Fix potential memory leak (bsc#1012628). - clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware (bsc#1012628). - srcu: Only accelerate on enqueue time (bsc#1012628). - smp,csd: Throw an error if a CSD lock is stuck for too long (bsc#1012628). - cpu/hotplug: Don't offline the last non-isolated CPU (bsc#1012628). - workqueue: Provide one lock class key per work_on_cpu() callsite (bsc#1012628). - x86/mm: Drop the 4 MB restriction on minimal NUMA node memory size (bsc#1012628). - wifi: plfxlc: fix clang-specific fortify warning (bsc#1012628). - wifi: ath12k: Ignore fragments from uninitialized peer in dp (bsc#1012628). - wifi: mac80211_hwsim: fix clang-specific fortify warning (bsc#1012628). - wifi: mac80211: don't return unset power in ieee80211_get_tx_power() (bsc#1012628). - atl1c: Work around the DMA RX overflow issue (bsc#1012628). - bpf: Detect IP == ksym.end as part of BPF program (bsc#1012628). - wifi: ath9k: fix clang-specific fortify warnings (bsc#1012628). - wifi: ath12k: fix possible out-of-bound read in ath12k_htt_pull_ppdu_stats() (bsc#1012628). - wifi: ath10k: fix clang-specific fortify warning (bsc#1012628). - wifi: ath12k: fix possible out-of-bound write in ath12k_wmi_ext_hal_reg_caps() (bsc#1012628). - ACPI: APEI: Fix AER info corruption when error status data has multiple sections (bsc#1012628). - net: sfp: add quirk for Fiberstone GPON-ONU-34-20BI (bsc#1012628). - wifi: mt76: mt7921e: Support MT7992 IP in Xiaomi Redmibook 15 Pro (2023) (bsc#1012628). - wifi: mt76: fix clang-specific fortify warnings (bsc#1012628). - net: annotate data-races around sk->sk_tx_queue_mapping (bsc#1012628). - net: annotate data-races around sk->sk_dst_pending_confirm (bsc#1012628). - wifi: ath12k: mhi: fix potential memory leak in ath12k_mhi_register() (bsc#1012628). - wifi: ath10k: Don't touch the CE interrupt registers after power up (bsc#1012628). - net: sfp: add quirk for FS's 2.5G copper SFP (bsc#1012628). - vsock: read from socket's error queue (bsc#1012628). - bpf: Ensure proper register state printing for cond jumps (bsc#1012628). - wifi: iwlwifi: mvm: fix size check for fw_link_id (bsc#1012628). - Bluetooth: btusb: Add date->evt_skb is NULL check (bsc#1012628). - Bluetooth: Fix double free in hci_conn_cleanup (bsc#1012628). - ACPI: EC: Add quirk for HP 250 G7 Notebook PC (bsc#1012628). - tsnep: Fix tsnep_request_irq() format-overflow warning (bsc#1012628). - gpiolib: acpi: Add a ignore interrupt quirk for Peaq C1010 (bsc#1012628). - platform/chrome: kunit: initialize lock for fake ec_dev (bsc#1012628). - of: address: Fix address translation when address-size is greater than 2 (bsc#1012628). - platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e (bsc#1012628). - drm/gma500: Fix call trace when psb_gem_mm_init() fails (bsc#1012628). - drm/amdkfd: ratelimited SQ interrupt messages (bsc#1012628). - drm/komeda: drop all currently held locks if deadlock happens (bsc#1012628). - drm/amd/display: Blank phantom OTG before enabling (bsc#1012628). - drm/amd/display: Don't lock phantom pipe on disabling (bsc#1012628). - drm/amd/display: add seamless pipe topology transition check (bsc#1012628). - drm/edid: Fixup h/vsync_end instead of h/vtotal (bsc#1012628). - md: don't rely on 'mddev->pers' to be set in mddev_suspend() (bsc#1012628). - drm/amdgpu: not to save bo in the case of RAS err_event_athub (bsc#1012628). - drm/amdkfd: Fix a race condition of vram buffer unref in svm code (bsc#1012628). - drm/amdgpu: update retry times for psp vmbx wait (bsc#1012628). - drm/amd: Update `update_pcie_parameters` functions to use uint8_t arguments (bsc#1012628). - drm/amd/display: use full update for clip size increase of large plane source (bsc#1012628). ... changelog too long, skipping 797 lines ... - commit 1be1eb4 ==== libadwaita ==== Version update (1.4.0+12 -> 1.4.1) Subpackages: libadwaita-1-0 typelib-1_0-Adw-1 - Update to version 1.4.1: + Fix build with MSVC + Fix build with libappstream 1.0 + AdwCarousel: Fix carousel scroll behavior with page reordering + AdwComboRow: - Fix focus when opening the popover - Set the correct state on the selected checkmark + AdwNavigationView: Fix a warning message + AdwTabOverview: Allow child focus on out animations + AdwTabView: - Keep view alive during ::page-detached - Fix crashes when using :pages + Docs: Fix erroneous <child> use in breakpoints migration guide + Updated translations. - Drop 3e3967d5f69180644519936991cad10136e84ca9.patch: Fixed upstream. ==== libavif ==== Version update (1.0.0 -> 1.0.2) - update to 1.0.2: * Update avifCropRectConvertCleanApertureBox() to the revised requirements in ISO/IEC 23000-22:2019/Amd. 2:2021 Section 7.3.6.7. * CVE-2023-6350: Out of bounds memory to alphaItemIndices (boo#1217614) * CVE-2023-6351: use-after-free in colorProperties (boo#1217615) - drop fix-gdkpixbuf.patch ==== libnotify ==== Version update (0.8.2 -> 0.8.3) Subpackages: libnotify4 typelib-1_0-Notify-0_7 - Update to version 0.8.3: + This release contains a critical stability/minor security update which affects Electron applications that utilize Portal notifications (eg, through Flatpak). It is highly recommended that all users of libnotify 0.8.x update to this release. + Please note that this fix has increased the minimum required version of glib to 2.62.0. + notification: - Use g_signal_connect_object - Move disconnect to dispose ==== librsvg ==== Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0 - Run service with new obs-service-cargo, drop cargo_config as source and clean up spec and service, and switch to zst as buildtime compression. ==== libselinux-bindings ==== - Also build python3-selinux for toolchain compability on SLE ==== llvm17 ==== Version update (17.0.5 -> 17.0.6) - Update to version 17.0.6. * This release contains bug-fixes for the LLVM 17.0.0 release. This release is API and ABI compatible with 17.0.0. - Rebase patches: * llvm-do-not-install-static-libraries.patch * llvm-normally-versioned-libllvm.patch - Use major version only instead of full (patch-level) version for versioned executables: we don't support parallel installation of multiple versions of the same LLVM major version. (boo#1217450) Also drop the clang-X.Y symlink that was introduced for boo#1012260, because Y is always 0. - Manage clang-cpp with update-alternatives like other binaries. ==== ncurses ==== Version update (6.4.20231111 -> 6.4.20231125) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20231125 + add information about "ttycap", termcap's forerunner, to tset.1 (patch by Branden Robinson). + improve formatting/style of manpages, including section reordering (patches by Branden Robinson). + modify usage messages in configure script, bracketing optional values (report by Branden Robinson). - Add ncurses patch 20231121 + amend fix for Debian #1055882, correcting nul terminator check in waddnstr (Debian #1056340). - Add ncurses patch 20231118 + improve description of length-parameter and error-returns in several manpages: curs_addchstr.3x, curs_addstr.3x, curs_addwstr.3x, curs_in_wch.3x, curs_in_wchstr.3x, curs_inchstr.3x, curs_ins_wstr.3x, curs_insstr.3x, curs_instr.3x, curs_inwstr.3x + amend parameter check for entire string versus specific length in winsnstr() and wins_nwstr() to match Solaris. + make similar correction to wins_nwstr(). + correct loop termination condition in waddnstr() and waddnwstr() (Debian #1055882, cf: 20201205). ==== netcfg ==== - Fix syntax of localhost entries in hosts [bsc#1217355] - Remove empty netgroup example file from /etc [jsc#PED-240]. NIS, the main consumer, got already dropped. - Remove empty ethers example file, /usr/etc should not contain examples, for the format there is the manual page, does not support IPv6. ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - Enhanced SELinux functionality. Added * openssh-7.8p1-role-mls.patch Proper handling of MLS systems and basis for other SELinux improvements * openssh-6.6p1-privsep-selinux.patch Properly set contexts during privilege separation * openssh-6.6p1-keycat.patch Add ssh-keycat command to allow retrival of authorized_keys on MLS setups with polyinstantiation * openssh-6.6.1p1-selinux-contexts.patch Additional changes to set the proper context during privilege separation * openssh-7.6p1-cleanup-selinux.patch Various changes and putting the pieces together For now we don't ship the ssh-keycat command, but we need the patch for the other SELinux infrastructure This change fixes issues like bsc#1214788, where the ssh daemon needs to act on behalf of a user and needs a proper context for this ==== perl ==== Version update (5.38.0 -> 5.38.2) Subpackages: perl-base - Update to perl 5.38.2 * fixes [CVE-2023-47038] Write past buffer end via illegal user-defined Unicode property [bnc#1217084] * fixes [CVE-2023-47039] Perl for Windows binary hijacking vulnerability [bnc#1217085] ==== polkit-default-privs ==== Version update (1550+20231103.3b4a82f -> 1550+20231129.269abcd) - Update to version 1550+20231129.269abcd: * profiles: whitelist cinnamon-settings-daemon wacom-oled-helper (bsc#1217532) ==== python-jsonschema-specifications ==== Version update (2023.11.1 -> 2023.11.2) - update to 2023.11.2: no changelog, only diff available at https://github.com/python-jsonschema/jsonschema-specifications/compare/v2023... ==== python-referencing ==== Version update (0.31.0 -> 0.31.1) - Update to version 0.31.1: * Do more silly things to pepper over type checking nonsense. * Minor noxfile tweaking. * Add the explicit Tidelift link. * Complain about spurious type: ignores. * [pre-commit.ci] pre-commit autoupdate ==== qemu ==== Version update (8.1.2 -> 8.1.3) - Align to upstream stable release. It includes many of the patches we had backported ourself, to fix bugs and issues, plus more. See here for details: * https://lore.kernel.org/qemu-devel/1700589639.257680.3420728.nullmailer@tls.... * https://gitlab.com/qemu-project/qemu/-/commits/stable-8.1?ref_type=heads An (incomplete!) list of such backports is: * Update version for 8.1.3 release * hw/mips: LOONGSON3V depends on UNIMP device * target/arm: HVC at EL3 should go to EL3, not EL2 * s390x/pci: only limit DMA aperture if vfio DMA limit reported * target/riscv/kvm: support KVM_GET_REG_LIST * target/riscv/kvm: improve 'init_multiext_cfg' error msg * tracetool: avoid invalid escape in Python string * tests/tcg/s390x: Test LAALG with negative cc_src * target/s390x: Fix LAALG not updating cc_src * tests/tcg/s390x: Test CLC with inaccessible second operand * target/s390x: Fix CLC corrupting cc_src * tests/qtest: ahci-test: add test exposing reset issue with pending callback * hw/ide: reset: cancel async DMA operation before resetting state * target/mips: Fix TX79 LQ/SQ opcodes * target/mips: Fix MSA BZ/BNZ opcodes displacement * ui/gtk-egl: apply scale factor when calculating window's dimension * ui/gtk: force realization of drawing area * ati-vga: Implement fallback for pixman routines * ... - Backports and bugfixes: * [openSUSE] Make Sphinx build reproducible (boo#1102408) * target/s390x/arch_dump: Add arch cleanup function for PV dumps (bsc#1217227) * dump: Add arch cleanup function (bsc#1217227) * target/s390x/dump: Remove unneeded dump info function pointer init (bsc#1217227) ==== rust-keylime ==== Version update (0.2.2+git.1697658634.9c7c6fa -> 0.2.3+git.1701075380.a5dc985) Subpackages: keylime-ima-policy - Update to version 0.2.3+git.1701075380.a5dc985: * build(deps): bump actix-rt from 2.8.0 to 2.9.0 * Bump version to 0.2.3 * build(deps): bump reqwest from 0.11.20 to 0.11.22 * Bump configuration version and fix enable_iak_idevid * Enable test functional/iak-idevid-register-with-certificates * Update packit plan with new tests * Add certificates and certificate checking for IDevID and IAK keys (#669) ==== snapper ==== Version update (0.10.6 -> 0.10.7) Subpackages: libsnapper7 snapper-zypp-plugin - report plugin failures (gh#openSUSE/snapper#846) - version 0.10.7 - fix building with libxml 2.12.0 (gh#openSUSE/snapper#848) - fix diff for lvm based configs (bsc#1216191) - make SystemCmd take vector of strings ==== systemd ==== Subpackages: libsystemd0 libudev1 systemd-boot systemd-coredump systemd-doc udev - udev: Tighten permissions for DRM render nodes (bsc#1217118). Note that this implicitly enables `uaccess`, so any logged-in user still gets access regardless of group membership. Some use cases, e.g. remote access via ssh, might require you to add the desired user to the `render` group. See: https://lists.opensuse.org/archives/list/factory@lists.opensuse.org/thread/3... ==== tree ==== - Build with openSUSE flags ==== unar ==== Version update (1.10.7 -> 1.10.8) - Update to version 1.10.8 * Fix a major memory leak in CSBzip2Handle * Fix Quarantine attribute for created directories * Fix crash corrupted iso * Fix crash during unarchive sitx format with symlink on deleted file * Implement Clang modules support * [TUN-189] Add Alternarive CRC calcuation for Mac Binary format * [WARC-1] Add basic support of WARC 1.1 archives * [TUN-138] Fix case with directories in Solid RAR5 archives * [TUN-184] Fix old archives with RAR 1.5 - Update source URL - Add universal-detector as source ==== update-alternatives ==== Version update (1.22.0 -> 1.22.1) - Update to version 1.22.1. The full changelog is very large. Please check it here: https://git.dpkg.org/cgit/dpkg/dpkg.git/tree/debian/changelog?h=1.22.1 - Refresh update-alternatives-suse.patch so it applies cleanly. ==== usbutils ==== - Split out devel package, containing the .pc file: + The .pc file declares dependencies on other devel packages, which is not wanted on regular end-user systems. + Drop rpmlintrc file. ==== vim ==== Version update (9.0.2103 -> 9.0.2136) Subpackages: vim-data vim-data-common vim-small xxd - Update to version 9.0.2136 * MSVC errorformat can be improved * No test for mode() when executing Ex commands * Revise Makefile * Update syntax file * ml_get error when scrolling * Cannot detect overstrike mode in Cmdline mode * Duplicate Netbeans Error Message * not all nushell files detected * Updated German translations * add additional nginx keywords * add Make_mvc.mak file for tutor * updated Russian translations for tutorials * updated Italian translation * some errors with translation Makefiles * [security]: use-after-free in call_dfunc() * Update doc Makefiles with comments from #13567 * add indentation plugin (fixes #13574) * runtime(swig): add syntax and filetype plugins * translation Makefiles can be improved * unused assignments when checking 'listchars' * File info disappears when 'cmdheight' has decreased * INT overflow detection logic can be simplified * Problem with initializing the length of range() lists * [security]: prevent overflow in indenting * [security]: use-after-free in ex_substitute * Fix handling of very long filename on longlist style * un-used assignment in do_source_buffer_init * remove dead-condition in ex_class * [security]: avoid double-free in get_style_font_variants * [security] use-after-free in qf_free_items * expand $COMSPEC without applying 'wildignore' * Improve keymap file highlighting * include new doc-Makefiles * Fix whitespace and formatting of some help files * minor typo fixes * No test for defining sign without attribute * crash when callback function aborts because of recursiveness * overflow detection not accurate when adding digits * Coverity warns for another overflow in shift_line() * Refactor doc-Makefiles * document proper notation of gVim, document vim-security list * Update Serbian messages translation * [security]: overflow in shift_line * [security]: overflow in get_number * [security]: overflow in ex address parsing * [security]: overflow in nv_z_get_count * [security]: overflow with count for :s command * [security]: FPE in adjust_plines_for_skipcol * [security]: Use-after-free in win_close() * comment out strange error condition check * skipcol not reset when topline changed * wast filetype should be replaced by wat filetype * fix typo in pi_gzip.txt ==== xdmbgrd ==== - USe %{optflags} to build package ==== xxhash ==== - Make use of openSUSE build flags ==== zxing-cpp ==== - Add back %{optflags} in c++ flags This was unintentionally disabled when c++17 was forced