Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version=... https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&comp... Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: MozillaFirefox (120.0 -> 120.0.1) bluez brltty kdump (1.9.8 -> 2.0.0) kernel-default-base kio-fuse (5.0.1 -> 5.1.0) libslirp (4.7.0+44 -> 4.7.0+60) polkit-default-privs (1550+20231129.269abcd -> 1550+20231213.09963a4) python-numpy python-pexpect susepaste xorg-x11-server xwayland yast2-python-bindings (5.0.1 -> 5.0.2) === Details === ==== MozillaFirefox ==== Version update (120.0 -> 120.0.1) - Mozilla Firefox 120.0.1 (boo#1217910) * Fixed a bug that was causing persistent startup slowdowns (bmo#1867095) * Fixed an issue that was causing 100% CPU usage on sites such as Google Maps. (bmo#1866409) * Fixed an issue that was causing YouTube videos to show a green screen when hardware acceleration was enabled. (bmo#1865928) * Fixed an issue where the status bar was still visible when viewing fullscreen video. (bmo#1853896) * Fixed a startup crash affecting Linux users on some aarch64 systems with page sizes other than 4KB. (bmo#1866025) ==== bluez ==== Subpackages: bluez-auto-enable-devices bluez-cups libbluetooth3 - add CVE-2023-45866.patch (CVE-2023-45866, bsc#1217877) ==== brltty ==== Subpackages: brltty-driver-at-spi2 brltty-driver-brlapi brltty-driver-speech-dispatcher brltty-driver-xwindow libbrlapi0_8 python3-brlapi system-user-brltty xbrlapi - README.SUSE: add documentation about the state of security of the brltty daemon (bsc#1214158). - Use ocaml-rpm-macros to track OCaml ABI - Reduce amount of rpmlint warnings with brltty.rpmlintrc ==== kdump ==== Version update (1.9.8 -> 2.0.0) - upgrade to version 2.0.0 * add support for riscv64 (bsc#1204214) * mkdumprd: fix the check for updated SSH keys * prefer by-path and device-mapper aliases (bsc#1217617) * udev: don't reload kdump if kernel handles hotplug (jsc#PED-5077) ==== kernel-default-base ==== - Add macvlan ==== kio-fuse ==== Version update (5.0.1 -> 5.1.0) - Update to version 5.1.0: * Support for building against Qt 6 and KF6 * Minimum versions of dependencies got raised: CMake 3.16, Qt 5.15, KIO 5.96.0 * Minor bug fixes and optimizations * Don't include the password in the generated VFS path * Mounting admin: is blocked now - Drop patch, now upstream: * 0001-Initialize-m_lastChildrenRefresh-to-be-really-in-the.patch ==== libslirp ==== Version update (4.7.0+44 -> 4.7.0+60) - Update to version 4.7.0+60: * Avoid including <sys/param.h> on windows * Document functions * icmp: Handle ICMP packets as IPPROTO_IP on BSD * ip: Enforce strict aliasing * Fix including BaseTsd.h on mingw * Use SSIZE_T from BaseTsd.h on windows * Detach UDP socket if errno is ENOTCONN (Socket is not connected) * slirp: use localhost as dns when /etc/resolv.conf empty * missing semicolon * Drop unused UDP_UDPDATALEN macro * Reject domain-search when any entry ends with ".." * Use target address from Neighbor Advertisement - removed libslirp-semicolon.patch, now included ==== polkit-default-privs ==== Version update (1550+20231129.269abcd -> 1550+20231213.09963a4) - Update to version 1550+20231213.09963a4: * profiles: add and adjust polkit actions for gamemode (bsc#1217915) ==== python-numpy ==== - Do not attempt to ship numpy.distutils C code in the Python 3.12 -devel package, it is not installed. ==== python-pexpect ==== - disable randomly failing tests [bsc#1209560] ==== susepaste ==== Subpackages: susepaste-screenshot - Fix homepage URL - Add _service file (use on next release) ==== xorg-x11-server ==== Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra - U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch * Out-of-bounds memory write in XKB button actions (CVE-2023-6377, ZDI-CAN-22412, ZDI-CAN-22413, bsc#1217765) - U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch * Out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478, ZDI-CAN-22561, bsc#1217766) ==== xwayland ==== - U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch * Out-of-bounds memory write in XKB button actions (CVE-2023-6377, ZDI-CAN-22412, ZDI-CAN-22413, bsc#1217765) - U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch * Out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478, ZDI-CAN-22561, bsc#1217766) ==== yast2-python-bindings ==== Version update (5.0.1 -> 5.0.2) - Fix leak when passing Term objects; (bsc#1217075) - 5.0.2