New MicroOS snapshot 20221215 released!
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version=Tumbleweed&build=20221215
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&component=MicroOS&query_format=advanced&resolution=---
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
7zip
elfutils-debuginfod
gcc13 (12.2.1+git537 -> 13.0.0+git197351)
mozilla-nss (3.84 -> 3.85)
mozjs102 (102.5.0 -> 102.6.0)
python-lark (1.1.4 -> 1.1.5)
python-pycares (4.2.2 -> 4.3.0)
selinux-policy
speech-dispatcher (0.10.2 -> 0.11.4)
xorg-x11-server
xwayland
xz
yast2-packager (4.5.8 -> 4.5.9)
yast2-trans (84.87.20221203.a7355e12ff -> 84.87.20221210.680714a939)
zlib
=== Details ===
==== 7zip ====
- build for x86_64 subarchs the same way like for baseline
==== elfutils-debuginfod ====
Subpackages: debuginfod-profile libdebuginfod1
- Remove dependency to not used sysconfig package
- Weaken systemd dependency, no hard requires necessary
==== gcc13 ====
Version update (12.2.1+git537 -> 13.0.0+git197351)
Subpackages: libatomic1 libgcc_s1 libgfortran5 libgomp1 libobjc4 libquadmath0 libstdc++6 libstdc++6-locale libstdc++6-pp libubsan1
- Bump to 0a43f7b1a73c8e3b9cefffe430274d0a3d6d3291, git197351.
- Bump libgo SONAME to libgo22.
- Do not package libhwasan for biarch (32-bit architecture)
as the extension depends on 64-bit pointers.
- Sync cross.spec.in changes from gcc12 package.
- Bump to 380d62c14c99d8df13b7a86660e7ee67d01ad827, git197210.
- Adjust floatn fixincludes guard to work with SLE12 and earlier
SLE15.
- Bump to de144fdab17dbbb64ccb540056ab78b4ffb3fbbc, git197173.
- Depend on at least LLVM 13 for GCN cross compiler.
- Bump to 4304e09a1617bcf1c87f5bc96017ae5017379d75, git197155.
- Rebase gcc44-rename-info-files.patch.
- Bump to d13c359a49291f0a1206adbad4065677010b7e4b, git197143.
- Sync changes from gcc12 package
- Update embedded newlib to version 4.2.0
* includes newlib-4.1.0-aligned_alloc.patch
- Allow cross-pru-gcc12-bootstrap for armv7l architecture.
PRU architecture is used for real-time MCUs embedded into TI
armv7l and aarch64 SoCs. We need to have cross-pru-gcc12 for
armv7l in order to build both host applications and PRU firmware
during the same build.
- Bump to 2b0ae7fb91f64fb005abf7d7903fd4c0764bb45c, git197102.
- Handle new libstdc++exp.a lib.
- Bump to 5c0d171f67d082c353ddc319859111d3b9126c17, git196938.
- Add 2 new headers.
- Bump to b457b779427b0f7b3fbac447811c9c52db5bc79e, git196485.
==== mozilla-nss ====
Version update (3.84 -> 3.85)
Subpackages: libfreebl3 libfreebl3-hmac libsoftokn3 libsoftokn3-hmac mozilla-nss-certs
- update to NSS 3.85
* bmo#1792821 - Modification of the primes.c and dhe-params.c in
order to have better looking tables
* bmo#1796815 - Update zlib in NSS to 1.2.13
* bmo#1796504 - Skip building modutil and shlibsign when building
in Firefox
* bmo#1796504 - Use __STDC_VERSION__ rather than __STDC__ as a guard
* bmo#1796407 - Fix -Wunused-but-set-variable warning from clang 15
* bmo#1796308 - Fix -Wtautological-constant-out-of-range-compare
and -Wtype-limits warnings
* bmo#1796281 - Followup: add missing stdint.h include
* bmo#1796281 - Fix -Wint-to-void-pointer-cast warnings
* bmo#1796280 - Fix -Wunused-{function,variable,but-set-variable}
warnings on Windows
* bmo#1796079 - Fix -Wstring-conversion warnings
* bmo#1796075 - Fix -Wempty-body warnings
* bmo#1795242 - Fix unused-but-set-parameter warning
* bmo#1795241 - Fix unreachable-code warnings
* bmo#1795222 - Mark _nss_version_c unused on clang-cl
* bmo#1795668 - Remove redundant variable definitions in lowhashtest
* Add note about python executable to build instructions.
==== mozjs102 ====
Version update (102.5.0 -> 102.6.0)
- Update to version 102.6.0:
+ Various stability, functionality, and security fixes.
+ CVE-2022-46880: Use-after-free in WebGL.
+ CVE-2022-46872: Arbitrary file read from a compromised content
process.
+ CVE-2022-46881: Memory corruption in WebGL.
+ CVE-2022-46874: Drag and Dropped Filenames could have been
truncated to malicious extensions.
+ CVE-2022-46875: Download Protections were bypassed by .atloc
and .ftploc files on Mac OS.
+ CVE-2022-46882: Use-after-free in WebGL.
+ CVE-2022-46878: Memory safety bugs fixed in Firefox 108 and
Firefox ESR 102.6.
==== python-lark ====
Version update (1.1.4 -> 1.1.5)
- Update to v1.1.5
* What's Changed
setup.cfg: Replace deprecated license_file with license_files by @mgorny in #1209
Fix Github shenanigans by @erezsh in #1220
Fix AmbiguousExpander (Issue #1214) by @chanicpanic in #1216
Fix EOF line information in InteractiveParser.resume_parse() by @erezsh in #1224
Use generator instead of list expand or add method by @jmishra01 in #1225
==== python-pycares ====
Version update (4.2.2 -> 4.3.0)
- Update to version 4.3.0
* Bump cibuildwheel to build for Python 3.11 + CI total time speedups by @Jackenmen in #174
Fix tests that depended on external sites by @Jackenmen in #180
Complete the Python 3.11 support by @Jackenmen in #179
Drop CPython 3.6 by @saghul in #181
Improve test compatibility with pytest by @saghul in #182
Update c-ares submodule to 1.18.1 by @saghul in #183
==== selinux-policy ====
Subpackages: selinux-policy-targeted
- Added policy for wicked scripts under /etc/sysconfig/network/scripts
(bnc#1205770)
- Add fix_sendmail.patch
* fix context of custom sendmail startup helper
* fix context of /var/run/sendmail and add necessary rules to manage
content in there
==== speech-dispatcher ====
Version update (0.10.2 -> 0.11.4)
Subpackages: libspeechd2 python3-speechd
- Update to version 0.11.4:
- Update CLDR to version 42 and symbols from NVDA.
- Fix audio plugin loading with dlopen.
- Fix atomicity of getting reply in threaded mode.
- Changes from 0.11.3:
- Fix back DefaultModule configuration.
- pico: Avoid falling to english when passed a bogus voice name.
- espeak: Fix setting voice type.
- Changes from 0.11.2:
- Fix loading xx-yy locales.
- Various memory leaks fixes.
- Add mimic3 configuration file.
- pico: Fix setting language vs voice.
- Make sure that modules report a list of voices.
- Update CLDR to version 41, symbols from NVDA and orca.
- Allow building without ltdl.
- Re-enable SSML in espeak-ng-mbrola module.
- Changes from 0.11.1:
- Add SPEECHD_PLUGIN_DIR environment variable.
- Fix listing voices of the default module.
- Changes from 0.11
- Support playing audio through the server.
- modules: Add support for loading from user's
.local/libexec/speech-dispatcher.
- symbols: Process symbols.dic before emojis.dic.
- symbols: Enable speechd symbols processing by default.
- modules: Moved speech dispatcher modules to
/usr/libexec/speech-dispatcher-modules
- espeak-ng: Add support for mbrola voices.
- mary: Add auto-detection.
- mary: Add newer voices.
- mary: Add volume, pitch, and rate support.
- ivona: Add auto-detection.
- festival: Strip head silence.
- generic: Add DefaultVoice option.
- es_ES: Add some gender neutral rules.
- Add SPEECHD_CMD environment variable.
- modules: Rewrite main functions with BSD licence, to let
proprietary modules easily reuse this as a basis.
- modules: Add skeletons ready for use as a basis for new
modules.
- Add script to run speechd from the build tree.
- Update CLDR to version 39, symbols from NVDA and orca.
- Add Esperanto translation.
- Sort modules by quality, let the best quality module be the
default.
- Rebase harden_speech-dispatcherd.service.patch.
- Migration to /usr/etc: Saving user changed configuration files
in /etc and restoring them while an RPM update.
- Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
* harden_speech-dispatcherd.service.patch
==== xorg-x11-server ====
Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra
- U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch
* XkbGetKbdByName use-after-free (ZDI-CAN-19530, CVE-2022-4283,
bsc#1206017)
- U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch
* Server XTestSwapFakeInput stack overflow (ZDI-CAN 19265,
CVE-2022-46340, bsc#1205874)
- U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch
* Xi: return an error from XI property changes if verification
failed (no ZDI-CAN id, no CVE id, bsc#1205875)
- U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch
* Server XIChangeProperty out-of-bounds access (ZDI-CAN 19405,
CVE-2022-46344, bsc#1205876)
- U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch
* Server XIPassiveUngrabDevice out-of-bounds access (ZDI-CAN 19381,
CVE-2022-46341, bsc#1205877)
- U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch
* Server ScreenSaverSetAttributes use-after-free (ZDI-CAN 19404,
CVE-2022-46343, bsc#1205878)
- U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch
* Server XvdiSelectVideoNotify use-after-free (ZDI-CAN 19400,
CVE-2022-46342, bsc#1205879)
==== xwayland ====
- U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch
* XkbGetKbdByName use-after-free (ZDI-CAN-19530, CVE-2022-4283,
bsc#1206017)
- U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch
* Server XTestSwapFakeInput stack overflow (ZDI-CAN 19265,
CVE-2022-46340, bsc#1205874)
- U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch
* Xi: return an error from XI property changes if verification
failed (no ZDI-CAN id, no CVE id, bsc#1205875)
- U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch
* Server XIChangeProperty out-of-bounds access (ZDI-CAN 19405,
CVE-2022-46344, bsc#1205876)
- U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch
* Server XIPassiveUngrabDevice out-of-bounds access (ZDI-CAN 19381,
CVE-2022-46341, bsc#1205877)
- U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch
* Server ScreenSaverSetAttributes use-after-free (ZDI-CAN 19404,
CVE-2022-46343, bsc#1205878)
- U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch
* Server XvdiSelectVideoNotify use-after-free (ZDI-CAN 19400,
CVE-2022-46342, bsc#1205879)
==== xz ====
Subpackages: liblzma5 xz-lang
- Rename xz-static-devel -> xz-devel-static to follow the general
naming used in openSUSE.
==== yast2-packager ====
Version update (4.5.8 -> 4.5.9)
- Merged PR https://github.com/yast/yast-packager/pull/623
by Christopher Yeleighton
participants (1)
-
Richard Brown