Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version=Tumbleweed&build=20240229 https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&component=MicroOS&query_format=advanced&resolution=--- Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: accountsservice ca-certificates-mozilla (2.62 -> 2.66) cpupower distrobox (1.6.0.1 -> 1.7.0) exiv2 (0.28.1 -> 0.28.2) libjxl (0.10.0 -> 0.10.1) libjxl-gtk (0.10.0 -> 0.10.1) libproxy-backend libproxy-client numactl pulseaudio python-atspi (2.46.0 -> 2.46.1) python-typing_extensions (4.9.0 -> 4.10.0) read-only-root-fs (1.0+git20220808.cd59f4f -> 1.0+git20240228.d85232a) tuned (2.21.0.0+git.670541d -> 2.22.1.2+git.86ac977) === Details === ==== accountsservice ==== Subpackages: libaccountsservice0 typelib-1_0-AccountsService-1_0 - Rebase accountsservice-sysconfig.patch: to fix build with GCC 14 (bsc#1219909). ==== ca-certificates-mozilla ==== Version update (2.62 -> 2.66) - Updated to 2.66 state of Mozilla SSL root CAs (bsc#1220356) Added: - CommScope Public Trust ECC Root-01 - CommScope Public Trust ECC Root-02 - CommScope Public Trust RSA Root-01 - CommScope Public Trust RSA Root-02 - D-Trust SBR Root CA 1 2022 - D-Trust SBR Root CA 2 2022 - Telekom Security SMIME ECC Root 2021 - Telekom Security SMIME RSA Root 2023 - Telekom Security TLS ECC Root 2020 - Telekom Security TLS RSA Root 2023 - TrustAsia Global Root CA G3 - TrustAsia Global Root CA G4 Removed: - Autoridad de Certificacion Firmaprofesional CIF A62634068 - Chambers of Commerce Root - 2008 - Global Chambersign Root - 2008 - Security Communication Root CA - Symantec Class 1 Public Primary Certification Authority - G6 - Symantec Class 2 Public Primary Certification Authority - G6 - TrustCor ECA-1 - TrustCor RootCert CA-1 - TrustCor RootCert CA-2 - VeriSign Class 1 Public Primary Certification Authority - G3 - VeriSign Class 2 Public Primary Certification Authority - G3 - remove-trustcor.patch: removed, now upstream - do a versioned obsoletes of "openssl-certs". - use rpm 4.20 compatible patch syntax - Use %patch -P N instead of deprecated %patchN. ==== cpupower ==== Subpackages: cpupower-bash-completion libcpupower1 - Use %patch -P N instead of deprecated %patchN. ==== distrobox ==== Version update (1.6.0.1 -> 1.7.0) Subpackages: distrobox-bash-completion - Removed: * 0001-Fix-systemd-init-container-startup-1069.patch - Update to 1.7.0 * added --enter-flags to distrobox-export to specify additional distrobox flags to use when entering * added --hostname flag to distrobox-create so you can choose a different hostname than the box name * added --unshare-groups to distrobox-create to allow unsharing user's additional groups inside the container * better login shell management * better systemd support for initful containers * fixed multiple bins and apps exports declaration in assemble * improved NVidia support * improved Wolfi container support * improved rootful containers support for exported graphical apps * improved terminfo support * new distrobox-export --list-apps and --list-binaries to show exported apps and binaries ==== exiv2 ==== Version update (0.28.1 -> 0.28.2) - update to 0.28.2 (bsc#1219870, CVE-2024-24826, bsc#1219871, CVE-2024-25112): * CVE-2024-24826: out-of-bounds read in QuickTimeVideo::NikonTagsDecoder. * CVE-2024-25112: denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder. ==== libjxl ==== Version update (0.10.0 -> 0.10.1) - Update to release 0.10.1 * reduce allocations and fixing speed regressions since 0.9.0 * resolve some bug in streaming encoding ==== libjxl-gtk ==== Version update (0.10.0 -> 0.10.1) - Update to release 0.10.1 * reduce allocations and fixing speed regressions since 0.9.0 * resolve some bug in streaming encoding ==== libproxy-backend ==== - Drop pkgconfig(libsoup-3.0) BuildRequires: no longer needed. ==== libproxy-client ==== - Drop pkgconfig(libsoup-3.0) BuildRequires: no longer needed. ==== numactl ==== Subpackages: libnuma1 - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== pulseaudio ==== Subpackages: libpulse-mainloop-glib0 libpulse0 pulseaudio-setup pulseaudio-utils system-user-pulse - Do not BuildRequire pkgconfig(webrtc-audio-processing-1) on big endian architectures (s390, s390x, ppc64) as the dependency is not available: * WebRTC echo canceller will be disabled there ==== python-atspi ==== Version update (2.46.0 -> 2.46.1) - Update to version 2.46.1: + Fix some implicit function declarations and other compiler warnings in the tests. + Remove some unused code. + Update the README to describe the module's current status. ==== python-typing_extensions ==== Version update (4.9.0 -> 4.10.0) - update to 4.10.0: This feature release adds support for PEP 728 (TypedDict with extra items) and PEP 742 (``TypeIs``). - Add support for PEP 728, supporting the `closed` keyword argument and the special `__extra_items__` key for TypedDict. Patch by Zixuan James Li. - Add support for PEP 742, adding `typing_extensions.TypeIs`. Patch by Jelle Zijlstra. - Drop runtime error when a read-only `TypedDict` item overrides a mutable one. Type checkers should still flag this as an error. Patch by Jelle Zijlstra. - Speedup `issubclass()` checks against simple runtime-checkable protocols by around 6% (backporting https://github.com/python/cpython/pull/112717, by Alex Waygood). - Fix a regression in the implementation of protocols where `typing.Protocol` classes that were not marked as `@runtime_checkable` would be unnecessarily introspected, potentially causing exceptions to be raised if the protocol had problematic members. Patch by Alex Waygood, backporting https://github.com/python/cpython/pull/113401. - obsoletes backport-recent-implementation-of-protocol.patch ==== read-only-root-fs ==== Version update (1.0+git20220808.cd59f4f -> 1.0+git20240228.d85232a) - Update to version 1.0+git20240228.d85232a: * etc/grub.d/01_suse_ro_root: Don't btrfs-mount-subvol inside grub-emu ==== tuned ==== Version update (2.21.0.0+git.670541d -> 2.22.1.2+git.86ac977) - Update to version 2.22.1.2+git.86ac977: * fix-error * new release (2.22.1) * Rename plugin_intel_uncore.py to plugin_uncore.py * Rename IntelUncorePlugin to UncorePlugin * network-throughput: increased net.ipv4.tcp_rmem default value * spec: cleanup, drop RHEL dynamic_tuning customization * new release (2.22.0) - Polkit changes got accepted by security review (bsc#1220081) - Update to version 2.22.0.rc.1.0+git.ad314ee: * Disable dynamic tuning by default * plugin_cpu: improved backward compat. of the pm_qos parser warnings - Update to version 2.22.0-rc.1.0+git.ad314ee: * new release (2.22.0-rc.1) * Add missing install command for tuned-ppd.py * Fixes for intel uncore plugin * Add intel uncore plugin * scheduler: add option for ignoring IRQs affinity * Configure the PPD-to-TuneD daemon to work as a replacement of PPD * Implement the PPD-to-TuneD daemon * Make DBusExporter reusable for other services * Do not report errors on systems with no wifi * Add an ACPI plugin * plugin_cpu: Support cstate settings of `pm_qos_resume_latency_us` * Skip calling rpm-ostree kargs in no-op case * Expand sysctl plugin options when reporting overrides * profiles: add energy_performance_preference hints to profiles * hotplug: do not report ENOENT errors on device remove * profiles: Improve 'isolated_cores=' help text * Be explicit about amd-pstate support * Fixed REs escape sequences not to trigger SyntaxWarning * sap-hana-kvm-guest: fix whitespaces * Fix TextView to expand with window