Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version=Tumbleweed&build=20241126 https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&component=MicroOS&query_format=advanced&resolution=--- Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: gnome-control-center (47.1.1+9 -> 47.2) gnome-online-accounts (3.52.1 -> 3.52.2) gnome-terminal (3.54.1 -> 3.54.2) gnome-user-share (47.0+0 -> 47.2) gtk4 (4.16.6 -> 4.16.7) kdump (2.0.11 -> 2.0.12) libadwaita (1.6.1 -> 1.6.2) libnetfilter_conntrack libnvme libsoup (3.6.0 -> 3.6.1) passt (20241030.ee7d0b6 -> 20241121.238c69f) podman (5.3.0 -> 5.3.1) python-tornado6 (6.4.1 -> 6.4.2) vte (0.78.1 -> 0.78.2) xdm === Details === ==== gnome-control-center ==== Version update (47.1.1+9 -> 47.2) Subpackages: gnome-control-center-color gnome-control-center-goa - Update to version 47.2: + Accessibility: Remove "screen" labels that take too much space + Appearance: Fix accidental reset of accent colors config + Apps: Fix some memory leaks + Color: Ensure profiles are connected before operating on them + Mobile Networks: Fix alignment of status pages + Mouse: - Fix illustration assets requiring gstreamer-plugins-bad - Update illustration assets + Printers: Remove wrong tooltip in the "Add Printer" button + Updated translations. ==== gnome-online-accounts ==== Version update (3.52.1 -> 3.52.2) Subpackages: libgoa-1_0-0 libgoa-backend-1_0-2 - Update to version 3.52.2: + Bugs fixed: - goadavclient.c: add WebDAV default candidate to test - goafedoraprovider: fix use-after-free + Updated translations. ==== gnome-terminal ==== Version update (3.54.1 -> 3.54.2) Subpackages: nautilus-extension-terminal - Update to version 3.54.2: + Updated translations. ==== gnome-user-share ==== Version update (47.0+0 -> 47.2) - Adjust _service definition: upstream has changed their tag format to be a simple VERSION tag. - Update to version 47.2: + Fix a compiling issue for non-gnu C toolchain. ==== gtk4 ==== Version update (4.16.6 -> 4.16.7) Subpackages: gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0 - Update to version 4.16.7: + Text: Reduce the size of error underlines. + Accessibility: - Fix a wrong return value type. - Fix an invalid free call. ==== kdump ==== Version update (2.0.11 -> 2.0.12) - upgrade to version 2.0.12 * fadump: pass additional parameters for capture kernel (jsc#PED-9889) ==== libadwaita ==== Version update (1.6.1 -> 1.6.2) Subpackages: libadwaita-1-0 typelib-1_0-Adw-1 - Update to version 1.6.2: + AdwDialog: Fix accessible role critical when using window-backed dialogs. + AdwHeaderBar: Fix a typo in docs. + AdwMessageDialog: Fix a typo in adw_message_dialog_response() deprecation message. + AdwStyleManager: Fix initial color scheme value on Windows. + Updated translations. ==== libnetfilter_conntrack ==== - Specfile modernization ==== libnvme ==== Subpackages: libnvme-mi1 libnvme1 - Fix tests on s390 * add 0002-test-mock-pass-thru-unknown-ioctls.patch ==== libsoup ==== Version update (3.6.0 -> 3.6.1) Subpackages: libsoup-3_0-0 typelib-1_0-Soup-3_0 - Update to version 3.6.1: + Fix `soup_uri_copy()` reading port as a long instead of an int + Fix possible NULL deref in `soup_uri_decode_data_uri()` + Fix possible overflow in `SoupContentSniffer` + Fix assertion in `soup_uri_decode_data_uri()` on URLs with a path starting with `//` + headers: Be more robust against invalid input when parsing params + websocket: Fix possibility of being stuck in a read loop - Drop patches fixed upstream: + 6adc0e3e.patch + 29b96fab.patch + a35222dd.patch + 4c9e75c6.patch ==== passt ==== Version update (20241030.ee7d0b6 -> 20241121.238c69f) Subpackages: passt-selinux - Update to version 20241121.238c69f: * tcp: Acknowledge keep-alive segments, ignore them for the rest * tcp: Reset ACK_TO_TAP_DUE flag whenever an ACK isn't needed anymore * ndp: Don't send unsolicited RAs if NDP is disabled * ndp: Don't send unsolicited router advertisement if we can't, yet * selinux: Use auth_read_passwd() interface for all our getpwnam() needs * ndp: Send unsolicited Router Advertisements * passt: Seed libc's pseudo random number generator * util: Add general low-level random bytes helper * ndp: Make route lifetime a #define * ndp: Use struct assignment in preference to memcpy() for IPv6 addresses * ndp: Split out helpers for sending specific NDP message types * ndp: Add ndp_send() helper * ndp: Remove redundant update to addr_seen * cppcheck: Don't check the system headers * linux_dep: Fix CLOSE_RANGE_UNSHARE availability handling * linux_dep: Move close_range() conditional handling to linux_dep.h * log: Only check for FALLOC_FL_COLLAPSE_RANGE availability at runtime * tap, tcp, util: Add some missing SOCK_CLOEXEC flags * passt: Use NOLINT clang-tidy block instead of NOLINTNEXTLINE * util: Define small and big thresholds for socket buffers as unsigned long long * tap: Cast TAP_BUF_BYTES - ETH_MAX_MTU to ssize_t, not TAP_BUF_BYTES * dhcpv6: Turn some option headers pointers to const * dhcpv6: Use for loop instead of goto to avoid false positive cppcheck warning * tcp: unify payload and flags l2 frames array * test: Improve test for NDP assigned prefix * test: Don't require 64-bit prefixes in perf tests * test: Make nstool hold robust against interruptions to control clients * test: Rename propagating signal handler * util: Work around cppcheck bug 6936 * udp: Don't dereference uflow before NULL check in udp_reply_sock_handler() * ndp: Use const pointer for ndp_ns packet * linux_dep: Generalise tcp_info.h to handling Linux extension compatibility * fwd: Squash different-signedness comparison warning * util: Remove unused ffsl() function * clang: Add rudimentary clangd configuration * Makefile: Don't attempt to auto-detect stack size * Makefile: Use -DARCH for qrap only * seccomp: Simplify handling of AUDIT_ARCH * Makefile: Move NETNS_RUN_DIR definition to C code * netlink: RTA_PAYLOAD() returns int, not size_t * flow: Correct type of flowside_at_sidx() * arch: Avoid explicit access to 'environ' * clang: Move clang-tidy configuration from Makefile to .clang-tidy * Makefile: Simplify exclusion of qrap from static checks * clang: Add .clang-format file * test: Adjust misplaced sleeps in two_guests code * tap: Explicitly cast TUNSETIFF to fix build warning with musl on ppc64le * tcp: Fix build against musl, __sum16 comes from linux/types.h ==== podman ==== Version update (5.3.0 -> 5.3.1) - Update to version 5.3.1: * Bump to v5.3.1 * Update release notes for v5.3.1 * Update windows installer tests * Windows: don't install WSL/HyperV on update * Switch to non-installing WSL by default * docs: add 5.3 as Reference version * only read ssh_config for non machine connections * ssh_config: allow IdentityFile file with tilde * ssh_config: do not overwrite values from config file * connection: ignore errors when parsing ssh_config * spec: clamp rlimits in a userns * cirrus: set proper DEST_BRANCH for 5.3 * libpod: addHosts() prevent nil deref * Bump bundled krunkit to 0.1.4 * fix podman machine init --ignition-path * Bump to v5.3.1-dev ==== python-tornado6 ==== Version update (6.4.1 -> 6.4.2) - Update to 6.4.2: + Security Improvements: * Parsing of the cookie header is now much more efficient. The older algorithm sometimes had quadratic performance which allowed for a denial-of-service attack in which the server would spend excessive CPU time parsing cookies and block the event loop. (CVE-2024-52804, bsc#1233668) ==== vte ==== Version update (0.78.1 -> 0.78.2) - Update to version 0.78.2: + build: Fix typo in pread check + emulation: Use U+2426 for SUB + lib: Remove an unnecessary move + widget: - Use correct type for out param - Use correct termprop name ==== xdm ==== - tweak the login screen: * use sans serif font * use branding wallpaper and colors * do not require xli, recommend feh