New MicroOS snapshot 20221003 released!
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version=Tumbleweed&build=20221003
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&component=MicroOS&query_format=advanced&resolution=---
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
PackageKit
exiv2
gptfdisk
hplip
libbluray (1.3.2 -> 1.3.3)
libcap (2.65 -> 2.66)
libglvnd (1.4.0 -> 1.5.0)
libopenmpt (0.6.4 -> 0.6.6)
libpng16 (1.6.37 -> 1.6.38)
libreoffice
libva (2.15.0 -> 2.16.0)
libva-gl (2.15.0 -> 2.16.0)
libverto (0.3.1 -> 0.3.2)
libyuv
osinfo-db (20220727 -> 20220830)
patterns-kde (20220215 -> 20221001)
perl-IO-Socket-SSL (2.074 -> 2.075)
permissions
popt (1.18 -> 1.19)
python-Mako (1.2.2 -> 1.2.3)
python-cryptography (37.0.4 -> 38.0.1)
python-pymongo (4.1.1 -> 4.2.0)
python-pyudev (0.23.2+14 -> 0.24.0)
python-requests-toolbelt
python-wrapt (1.13.3 -> 1.14.1)
tdb (1.4.6 -> 1.4.7)
xapian-core (1.4.20 -> 1.4.21)
yast2-network (4.5.7 -> 4.5.8)
=== Details ===
==== PackageKit ====
Subpackages: PackageKit-backend-dnf PackageKit-backend-zypp PackageKit-gstreamer-plugin PackageKit-gtk3-module PackageKit-lang libpackagekit-glib2-18 typelib-1_0-PackageKitGlib-1_0
- Add PackageKit-zypp-dont-remove-locked-packages.patch: zypp:
Check if packages are locked before removing
(gh#PackageKit/PackageKit/commit/8649a07bc, bsc#1199895).
- Add PackageKit-zypp-add-repo-in-packageid.patch: zypp: add
repository data in package id
(gh#PackageKit/PackageKit/commit/8eb2ef0ae, bsc#1202585).
- Remove PackageKit-zypp-locked-packages.patch: reverted upstream
(gh#PackageKit/PackageKit/commit/ed3e38043).
==== exiv2 ====
- add tracker for SLE (jsc#PED-1393)
==== gptfdisk ====
- Add patch to fix sgdisk with popt 1.19:
* 0001-Fix-failure-crash-of-sgdisk-when-compiled-with-lates.patch
==== hplip ====
- Move the hplip-udev-rules requirement from hplip to hplip-hpijs.
The main package will get it via indirect dependencies then.
- Split off hplip-udev-rules hplip-udev-rules so that you can install
hplip-sane only and scan as a normal user, fixes boo#1203811
==== libbluray ====
Version update (1.3.2 -> 1.3.3)
- update to 1.3.3:
* Initial support for Java 18.
* Add support for OpenBSD operating system.
* Improve support for FreeBSD, NetBSD and DragonFlyBSD
* Improve Java 17 support.
==== libcap ====
Version update (2.65 -> 2.66)
- update to 2.66:
* Fix documentation typos in cap_from_text.3
* Some getpcaps code clean up and a fix for PID argument parsing from Jakub
Wilk.
* Slightly more robust Makefiles to address an error with make -j48 test observed
* Include a simple Go program, captrace, to trace kernel capability validation
checks
* This program can be used to figure out what capabilities a program needs to
operate.
* captrace (a wrapper for bpftrace) uses BPF kprobes to monitor the kernel for
capability checks and whether or not they succeed for the system, a specific
PID or a program's direct execution.
* Trim down the default file capabilities for contrib/sucap/su to those actually
needed and set USER and HOME environment variables so bash doesn't complain
about a sourcing error.
==== libglvnd ====
Version update (1.4.0 -> 1.5.0)
- update to 1.5.0:
* Add BTI landing pads for aarch64
* Set current thread state to NULL in teardown
* Moving setspecific to before DestroyThreadState
* Fix a memory leak in libGLdispatch
* Use assembly stubs on armv6
- drop libglvnd-add-bti.patch (upstream)
==== libopenmpt ====
Version update (0.6.4 -> 0.6.6)
- Update to 0.6.6
* [Sec] Possible crash when playing manipulated IT / MPTM files
with a T00 command.
* MTM: In MultiTracker, setting speed and tempo are mutually
exclusive commands. Still, some MultiTracker modules were made
to be played with external players such as DMP, so they
actually rely on âstandardâ speed / tempo behaviour. Decide
which behaviour to use by checking of speed and tempo commands
are found on the same row.
* MTM: Ignore sample loops if the loop end is <= 2.
* Echo DMO: Migrate left and right delay values in modules made
with OpenMPT versions between 1.27.01.00 and 1.30.05.00 to the
correct interpretation.
- Changes in 0.6.5:
* [Bug] Makefile now also uses CC, CXX, LD, and AR when set as
environment variables.
* [New] Makefile now uses PKG_CONFIG as path to pkg-config.
* DBM: Sample middle-C frequencies were slightly off.
laffik_-_marynarze.dbm sounds much more bearable now.
* DBM: Fixed pattern break parameter interpretation.
* Echo DMO: Setting the delay parameter to 0 yielded a 2-second
echo delay instead of 1ms.
* Digi Booster Echo: Setting the delay parameter to 0 yielded a
510ms echo delay instead of approximately 334ms.
==== libpng16 ====
Version update (1.6.37 -> 1.6.38)
- update to 1.6.38:
* Added configurations and scripts for continuous integration.
* Fixed various errors in the handling of tRNS, hIST and eXIf.
* Implemented many stability improvements across all platforms.
* Updated the internal documentation.
==== libreoffice ====
Subpackages: libreoffice-base libreoffice-branding-upstream libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-en_GB libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-pt_BR libreoffice-l10n-ru libreoffice-l10n-zh_CN libreoffice-l10n-zh_TW libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit
- Change egrep/fgrep calls to grep -E/-F, respectively boo#1203092
add libreoffice-7.4.1.2-grep.patch
==== libva ====
Version update (2.15.0 -> 2.16.0)
Subpackages: libva-drm2 libva-x11-2 libva2
- update to 2.16.0:
* add: Add HierarchicalFlag & hierarchical_level_plus1 for AV1e.
* dep: Update README.md to remove badge links
* dep: Removed waffle-io badge from README to fix broken link
* dep: Drop mailing list, IRC and Slack
* autotools: use wayland-scanner private-code
* autotools: use the wayland-scanner.pc to locate the prog
* meson: use wayland-scanner private-code
* meson: request native wayland-scanner
* meson: use the wayland-scanner.pc to locate the prog
* meson: set HAVE_VA_X11 when applicable
* style:Correct slight coding style in several new commits
* trace: add Linux ftrace mode for va trace
* trace: Add missing pthread_mutex_destroy
* drm: remove no-longer needed X == X mappings
* drm: fallback to drm driver name == va driver name
* drm: simplify the mapping table
* x11: simplify the mapping table
- No code changes
- Update to version 2.15.0 was part of Intel oneVPL GPU Runtime
2022Q2 Release 22.4.4
==== libva-gl ====
Version update (2.15.0 -> 2.16.0)
- update to 2.16.0:
* add: Add HierarchicalFlag & hierarchical_level_plus1 for AV1e.
* dep: Update README.md to remove badge links
* dep: Removed waffle-io badge from README to fix broken link
* dep: Drop mailing list, IRC and Slack
* autotools: use wayland-scanner private-code
* autotools: use the wayland-scanner.pc to locate the prog
* meson: use wayland-scanner private-code
* meson: request native wayland-scanner
* meson: use the wayland-scanner.pc to locate the prog
* meson: set HAVE_VA_X11 when applicable
* style:Correct slight coding style in several new commits
* trace: add Linux ftrace mode for va trace
* trace: Add missing pthread_mutex_destroy
* drm: remove no-longer needed X == X mappings
* drm: fallback to drm driver name == va driver name
* drm: simplify the mapping table
* x11: simplify the mapping table
- No code changes
- Update to version 2.15.0 was part of Intel oneVPL GPU Runtime
2022Q2 Release 22.4.4
==== libverto ====
Version update (0.3.1 -> 0.3.2)
- update to 0.3.2:
* Fix use-after-free in verto_reinitialize
* Fix use-after-free in verto_free()
* Remove broken tevent support
==== libyuv ====
- Use YUV_VERSION for library VERSION and YUV_VER_MAJOR for
SOVERSION
==== osinfo-db ====
Version update (20220727 -> 20220830)
- Update to database version 20220830
osinfo-db-20220830.tar.xz
==== patterns-kde ====
Version update (20220215 -> 20221001)
Subpackages: patterns-kde-kde_plasma patterns-kde-kde_yast
- Update the Qt6 pattern for the 6.4.0 release
- Remove obsolete or missing packages from KDE patterns
==== perl-IO-Socket-SSL ====
Version update (2.074 -> 2.075)
- updated to 2.075
see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes
2.075
- treat SSL_write returning 0 same as previously -1, as suggested by both
OpenSSL and LibreSSL documentation
- propagate error from SSL_shutdown, but if the shutdown is caused by an outer
SSL error keep the original error
- small tests fixes
==== permissions ====
Subpackages: chkstat permissions-config
- skip tests on qemu user builds
==== popt ====
Version update (1.18 -> 1.19)
Subpackages: libpopt0 popt-lang
- popt 1.19:
* various build system fixes
* various developer visible fixes
* Fix the handling of superfluous args passed with =
* Fix multiple resource and memory leaks
* Fix '=' getting shown for short options
* Improve random number handling
* translation updates and documentation improvements
- refresh spec file, run tests, package license in every package,
and treat all compiler warnings and errors
==== python-Mako ====
Version update (1.2.2 -> 1.2.3)
- update to 1.2.3:
* Fixed issue in lexer in the same category as that of :ticket:`366` where
the regexp used to match an end tag didn't correctly organize for matching
characters surrounded by whitespace, leading to high memory / interpreter
hang if a closing tag incorrectly had a large amount of unterminated space
in it. Credit to Sebastian Chnelik for locating the issue.
* As Mako templates inherently render and directly invoke arbitrary Python
code from the template source, it is **never** appropriate to create
templates that contain untrusted input.
==== python-cryptography ====
Version update (37.0.4 -> 38.0.1)
- update to 38.0.1:
* Fixed parsing TLVs in ASN.1 with length greater than 65535 bytes (typically
seen in large CRLs).
* Final deprecation of OpenSSL 1.1.0. The next release of ``cryptography``
will drop support.
* We no longer ship ``manylinux2010`` wheels. Users should upgrade to the
latest ``pip`` to ensure this doesn't cause issues downloading wheels on
their platform. We now ship ``manylinux_2_28`` wheels for users on new
enough platforms.
* Updated the minimum supported Rust version (MSRV) to 1.48.0, from 1.41.0.
Users with the latest ``pip`` will typically get a wheel and not need Rust
installed, but check :doc:`/installation` for documentation on installing a
newer ``rustc`` if required.
* :meth:`~cryptography.fernet.Fernet.decrypt` and related methods now accept
both ``str`` and ``bytes`` tokens.
* Parsing ``CertificateSigningRequest`` restores the behavior of enforcing
that the ``Extension`` ``critical`` field must be correctly encoded DER. See
`the issue https://github.com/pyca/cryptography/issues/6368`_ for complete
details.
* Added two new OpenSSL functions to the bindings to support an upcoming
``pyOpenSSL`` release.
* When parsing :class:`~cryptography.x509.CertificateRevocationList` and
:class:`~cryptography.x509.CertificateSigningRequest` values, it is now
enforced that the ``version`` value in the input must be valid according to
the rules of :rfc:`2986` and :rfc:`5280`.
* Using MD5 or SHA1 in :class:`~cryptography.x509.CertificateBuilder` and
other X.509 builders is deprecated and support will be removed in the next
version.
* Added additional APIs to
:class:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp`, including
:attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature_hash_algorithm`,
:attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature_algorithm`,
:attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature`, and
:attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.extension_bytes`.
* Added :attr:`~cryptography.x509.Certificate.tbs_precertificate_bytes`, allowing
users to access the to-be-signed pre-certificate data needed for signed
certificate timestamp verification.
* :class:`~cryptography.hazmat.primitives.kdf.kbkdf.KBKDFHMAC` and
:class:`~cryptography.hazmat.primitives.kdf.kbkdf.KBKDFCMAC` now support
:attr:`~cryptography.hazmat.primitives.kdf.kbkdf.CounterLocation.MiddleFixed`
counter location.
* Fixed :rfc:`4514` name parsing to reverse the order of the RDNs according
to the section 2.1 of the RFC, affecting method
:meth:`~cryptography.x509.Name.from_rfc4514_string`.
* It is now possible to customize some aspects of encryption when serializing
private keys, using
:meth:`~cryptography.hazmat.primitives.serialization.PrivateFormat.encryption_builder`.
* Removed several legacy symbols from our OpenSSL bindings. Users of pyOpenSSL
versions older than 22.0 will need to upgrade.
* Added
:class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES128` and
:class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES256` classes.
These classes do not replace
:class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES` (which
allows all AES key lengths), but are intended for applications where
developers want to be explicit about key length.
==== python-pymongo ====
Version update (4.1.1 -> 4.2.0)
- update to 4.2.0:
- Support for MongoDB 6.0.
- Support for the Queryable Encryption beta with MongoDB 6.0. Note that backwards-breaking
changes may be made before the final release. See :ref:`automatic-queryable-client-side-encryption` for example usage.
- Provisional (beta) support for :func:`pymongo.timeout` to apply a single timeout
to an entire block of pymongo operations.
- Added the ``timeoutMS`` URI and keyword argument to :class:`~pymongo.mongo_client.MongoClient`.
- Added the :attr:`pymongo.errors.PyMongoError.timeout` property which is ``True`` when
the error was caused by a timeout.
- Added the ``check_exists`` argument to :meth:`~pymongo.database.Database.create_collection`
that when True (the default) runs an additional ``listCollections`` command to verify that the
collection does not exist already.
- Added key management APIs to :class:`~pymongo.encryption.ClientEncryption`:
- Support for the ``crypt_shared`` library to replace ``mongocryptd`` using the new
``crypt_shared_lib_path`` and ``crypt_shared_lib_required`` arguments to
:class:`~pymongo.encryption_options.AutoEncryptionOpts`.
- Fixed a bug where :meth:`~pymongo.collection.Collection.estimated_document_count`
would fail with a "CommandNotSupportedOnView" error on views (`PYTHON-2885`_).
- Fixed a bug where invalid UTF-8 strings could be passed as patterns for :class:`~bson.regex.Regex`
objects. :func:`bson.encode` now correctly raises :class:`bson.errors.InvalidStringData` (`PYTHON-3048`_).
- Fixed a bug that caused ``AutoReconnect("connection pool paused")`` errors in the child
process after fork (`PYTHON-3257`_).
- Fixed a bug where :meth:`~pymongo.collection.Collection.count_documents` and
:meth:`~pymongo.collection.Collection.distinct` would fail in a transaction with
``directConnection=True`` (`PYTHON-3333`_).
- GridFS no longer uploads an incomplete files collection document after encountering an
error in the middle of an upload fork. This results in fewer
:class:`~gridfs.errors.CorruptGridFile` errors (`PYTHON-1552`_).
- Renamed PyMongo's internal C extension methods to avoid crashing due to name conflicts
with mpi4py and other shared libraries (`PYTHON-2110`_).
- Fixed tight CPU loop for network I/O when using PyOpenSSL (`PYTHON-3187`_).
==== python-pyudev ====
Version update (0.23.2+14 -> 0.24.0)
- update to 0.24.0:
* Remove six dependency
* Drop pylint tasks
* Support python 3.9 and 3.10
==== python-requests-toolbelt ====
- Add patch stop-using-pyopenssl-compat.patch:
* Stop importing (and using!) a pyopenssl compatibility module
to avoid a DeprecationWarning.
==== python-wrapt ====
Version update (1.13.3 -> 1.14.1)
- update to 1.14.1:
* When the post import hooks mechanism was being used, and a Python package with
its own custom module importer was used, importing modules could fail if the
custom module importer didn't use the latest Python import hook finder/loader
APIs and instead used the deprecated API. This was actually occurring with the
`zipimporter` in Python itself, which was not updated to use the newer Python
APIs until Python 3.10.
* *Bugs Fixed**
* Python 3.11 dropped ``inspect.formatargspec()`` which was used in creating
signature changing decorators. Now bundling a version of this function
which uses ``Parameter`` and ``Signature`` from ``inspect`` module when
available. The replacement function is exposed as ``wrapt.formatargspec()``
if need it for your own code.
* When using a decorator on a class, ``isinstance()`` checks wouldn't previously
work as expected and you had to manually use ``Type.__wrapped__`` to access
the real type when doing instance checks. The ``__instancecheck__`` hook is
now implemented such that you don't have to use ``Type.__wrapped__`` instead
of ``Type`` as last argument to ``isinstance()``.
* Eliminated deprecation warnings related to Python module import system, which
would have turned into broken code in Python 3.12. This was used by the post
import hook mechanism.
==== tdb ====
Version update (1.4.6 -> 1.4.7)
Subpackages: libtdb1 python3-tdb
- update to 1.4.7:
* configure/Makefile: export PYTHONHASHSEED=1 in all 'configure/Makefile' scripts
* lib:tdb: Reformat shell scripts
- spec file cleanups
==== xapian-core ====
Version update (1.4.20 -> 1.4.21)
- update to 1.4.21:
* Stop trying to check for incompatible C++ ABI between the compiler used to
build xapian-core and the compiler used to build code using xapian-core.
* Fix new warnings from GCC 12.
* Avoid undefined value use when unpacking a key in a corrupted glass docdata
table. We now skip further checks on the entry in this case.
* Merge allocations in MSVC directory reading compatibility code so we can
allocate in a single malloc() call.
* Add accept() wrapper which checks an assumption that Microsoft's SOCKET type
only actually holds 32 bit values even in 64 bit platforms and throws an
exception if violated.
* Eliminate a use of sprintf.
* Squash some unhelpful MSVC deprecation warnings.
* Declare dummy invalid parameter handler noexcept to fix a warning from MSVC.
* Include
participants (1)
-
Richard Brown