Packages changed: GraphicsMagick MozillaFirefox apache2 apache2-manual apache2-prefork apache2-utils apparmor cryptsetup (2.6.1 -> 2.7.0) dos2unix (7.5.1 -> 7.5.2) duktape firewalld (2.1.0 -> 2.1.1) fwupd (1.9.11 -> 1.9.12) ghostscript (9.56.1 -> 10.02.1) grub2 gstreamer-plugins-rs iso-codes (4.15.0 -> 4.16.0) kernel-firmware (20240115 -> 20240126) libapparmor libexttextcat (3.4.6 -> 3.4.7) libgcrypt libjcat (0.2.0 -> 0.2.1) mdevctl (1.2.0 -> 1.3.0) mutter nghttp2 (1.58.0 -> 1.59.0) numactl (2.0.16.21.g693fee1 -> 2.0.17.4.g63befa8) openssl-3 openssl patterns-kde python-Jinja2 python-M2Crypto python-MarkupSafe (2.1.3 -> 2.1.4) python-argcomplete (3.2.1 -> 3.2.2) python-authheaders (0.16.1 -> 0.16.2) python-pyOpenSSL (23.3.0 -> 24.0.0) python-pycryptodome (3.19.1 -> 3.20.0) rubygem-parser (3.2.2.4 -> 3.3.0.5) rubygem-rubocop (1.59.0 -> 1.60.2) salt strace (6.6 -> 6.7) xdg-utils (1.2.0~beta1+20230929 -> 1.2.0+20240130) xf86-video-qxl xorg-x11-server xterm (388 -> 389) yast2 (5.0.4 -> 5.0.5) yast2-installation (5.0.4 -> 5.0.5) yast2-trans (84.87.20240120.54f4b9f06a -> 84.87.20240126.9c7185e3f6) zenity (4.0.0 -> 4.0.1) === Details === ==== GraphicsMagick ==== Subpackages: libGraphicsMagick++-Q16-12 libGraphicsMagick-Q16-3 libGraphicsMagick3-config - ghostscript-fonts-std: relax to recommends [bsc#1216604] ==== MozillaFirefox ==== - Fix file list ==== apache2 ==== - use grep -E for egrep ==== apache2-manual ==== - use grep -E for egrep ==== apache2-prefork ==== - use grep -E for egrep ==== apache2-utils ==== - use grep -E for egrep ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-docs apparmor-parser apparmor-profiles apparmor-utils python3-apparmor - Add dovecot-unix_chkpwd.diff to allow dovecot-auth to execute unix_chkpwd, and add a profile for unix_chkpwd. This is needed for PAM 1.6 (boo#1219139) - Refresh apparmor.keyring - the key was renewed ==== cryptsetup ==== Version update (2.6.1 -> 2.7.0) Subpackages: cryptsetup-doc libcryptsetup12 - Update to 2.7.0: * Full changelog in: mirrors.edge.kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.0-ReleaseNotes * Introduce support for hardware OPAL disk encryption. * plain mode: Set default cipher to aes-xts-plain64 and password hashing to sha256. * Allow activation (open), luksResume, and luksAddKey to use the volume key stored in a keyring. * Allow to store volume key to a user-specified keyring in open and luksResume commands. * Do not flush IO operations if resize grows the device. This can help performance in specific cases where the encrypted device is extended automatically while running many IO operations. * Use only half of detected free memory for Argon2 PBKDF on systems without swap (for LUKS2 new keyslot or format operations). * Add the possibility to specify a directory for external LUKS2 token handlers (plugins). * Do not allow reencryption/decryption on LUKS2 devices with authenticated encryption or hardware (OPAL) encryption. * Do not fail LUKS format if the operation was interrupted on subsequent device wipe. * Fix the LUKS2 keyslot option to be used while activating the device by a token. * Properly report if the dm-verity device cannot be activated due to the inability to verify the signed root hash (ENOKEY). * Fix to check passphrase for selected keyslot only when adding new keyslot. * Fix to not wipe the keyslot area before in-place overwrite. * bitlk: Fix segfaults when attempting to verify the volume key. * Add --disable-blkid command line option to avoid blkid device check. * Add support for the meson build system. * Fix wipe operation that overwrites the whole device if used for LUKS2 header with no keyslot area. * Fix luksErase to work with detached LUKS header. * Disallow the use of internal kernel crypto driver names in "capi" specification. * Fix reencryption to fail early for unknown cipher. * tcrypt: Support new Blake2 hash for VeraCrypt. * tcrypt: use hash values as substring for limiting KDF check. * Add Aria cipher support and block size info. * Do not decrease PBKDF parameters if the user forces them. * Support OpenSSL 3.2 Argon2 implementation. * Add support for Argon2 from libgcrypt (requires yet unreleased gcrypt 1.11). * Used Argon2 PBKDF implementation is now reported in debug mode in the cryptographic backend version. For native support in OpenSSL 3.2 or libgcrypt 1.11, "argon2" is displayed. If libargon2 is used, "cryptsetup libargon2" (for embedded library) or "external libargon2" is displayed. * Link only libcrypto from OpenSSL. * Disable reencryption for Direct-Access (DAX) devices. * Print a warning message if the device is not aligned to sector size. * Fix sector size and integrity fields display for non-LUKS2 crypt devices for the status command. * Fix suspend for LUKS2 with authenticated encryption (also suspend dm-integrity device underneath). * Update keyring and locking documentation and LUKS2 specification for OPAL2 support. * Remove patches fixed upstream: - cryptsetup-Check-for-physical-memory-available-also-in-PBKDF-be.patch - cryptsetup-Try-to-avoid-OOM-killer-on-low-memory-systems-withou.patch - cryptsetup-Use-only-half-of-detected-free-memory-on-systems-wit.patch ==== dos2unix ==== Version update (7.5.1 -> 7.5.2) - update to 7.5.2: * Dos2unix can print info about the line break type of the last line, or indicate there is none * Updated documentation about ASCII mode conversion ==== duktape ==== - Build with distro flags ==== firewalld ==== Version update (2.1.0 -> 2.1.1) Subpackages: firewalld-bash-completion python3-firewall - update to 2.1.1: * fix(offline-cmd): use family when creating ipset (64f78a9) * fix(firewall-config): allow rich rule forwarded ports to be logged (d46ea62) * fix(ipXtables): log forwarded ports only (07dc202) * fix(nftables): log forwarded ports (5c26b73) * fix(io.ipset): raise exception if entries exceed limit (a2da5fb) * fix(policy): ipXtables: multiple policies using same zone (b6f2f09) * fix(policy): dispatch update for active policies (7f6f0e2) ==== fwupd ==== Version update (1.9.11 -> 1.9.12) Subpackages: fwupd-bash-completion libfwupd2 typelib-1_0-Fwupd-2_0 - Update to version 1.9.12: + This release adds the following features: - Add remote modification support to fwupdtool - Add support for more modify-config options - Generate HTML pages for all man pages + This release fixes the following bugs: - Assume the legacy LVFS::UpdateRequestId tag is non-generic - Avoid crashing the daemon if not using udisks - Correctly mark the CPU as supported - Correctly match invalid EFI partitions - Do not change the device status until the action has completed - Do not require systemd for fwupdtool modify-config - Enable access to the home interface for snap - Fix an assertion when enabling lvfs-testing for the first time - Fix a possible crash in fwupdtool build-cabinet - Handle systems with more than one ccp device - Only check AMD CPUs for SHSTK, not IBT - Only write the mutable fwupd.conf with the current values - Re-evaluate supported every time pci-psp attributes are refreshed - Show "CET OS support" on AMD systems too + This release adds support for the following hardware: - AVer CAM340plus - AVer VB342 Pro - More Algoltek devices ==== ghostscript ==== Version update (9.56.1 -> 10.02.1) Subpackages: ghostscript-x11 - update to 10.02.1: * Patch release to address some security bugs * This release (10.02.0) marks the final demise of the PostScript based PDF interpreter. * This 10.01.1 release removes the "-dNEWPDF=false" command line option to fall back to the deprecated, old PDF interpreter. * This 10.01.0 release removes the "-dNEWPDF=false" command line option to fall back to the deprecated, old PDF interpreter. * This release officially deprecates the old Postscript implementation of PDF, we will not be updating or maintaining that code moving forward. The option to use the old PDF implementation _**will**_ be removed in the next full release (10.01.0) * Important: This release includes the new PDF interpreter (implemented in C rather than PostScript). It is both integrated into Ghostscript (now ENABLED by default), and available as a standalone, PDF only, binary. See https://ghostscript.com/pdfi.html for more details. * This also bundles the latest zlib (1.2.12) which addresses a security issue (CVE-2018-25032) * **Important**: This release includes the new PDF interpreter (implemented in C rather than PostScript). It is both integrated into Ghostscript (now **ENABLED** by default), and available as a standalone, PDF only, binary. See https://ghostscript.com/pdfi.html for more details. - drop CVE-2023-28879.patch, CVE-2023-36664.patch, CVE-2023-38559.patch, CVE-2023-43115.patch, CVE-2023-46751.patch: upstream - drop remove-zlib-h-dependency.patch: unused ==== grub2 ==== Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin - Remove magic number header field check on arm64 (bsc#1218783) * 0001-loader-arm64-efi-linux-Remove-magic-number-header-fi.patch ==== gstreamer-plugins-rs ==== - Increase memory to 12G for s390x builds in _constraints (bsc#1218563). ==== iso-codes ==== Version update (4.15.0 -> 4.16.0) Subpackages: iso-codes-lang - update to 4.16.0: + Updated translations + ISO 4217: New translation for Khmer (Central) + ISO 639-2: New translation for Armenian + ISO 639-5: New translation for Lithuanian ==== kernel-firmware ==== Version update (20240115 -> 20240126) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20240126 (git commit 8fa621d2f9c1): * qcom: Add Audio firmware for SM8650 MTP * linux-firmware: Add firmware for Cirrus CS35L41 on HP Consumer Laptops * Intel Bluetooth: Make spacing consistent with rest of WHENCE * amdgpu: update raven2 firmware * amdgpu: update raven firmware * amdgpu: update SDMA 5.2.7 firmware * amdgpu: update PSP 13.0.8 firmware * amdgpu: update VCN 3.1.2 firmware * amdgpu: update SDMA 5.2.6 firmware * amdgpu: update PSP 13.0.5 firmware * amdgpu: update GC 10.3.6 firmware * amdgpu: add GC 11.0.1 rlc_1 firmware * amdgpu: update vega20 firmware * amdgpu: update VCN 4.0.0 firmware * amdgpu: update SMU 13.0.0 firmware * amdgpu: update PSP 13.0.0 firmware * amdgpu: update GC 11.0.0 firmware * amdgpu: update vega12 firmware * amdgpu: update vega10 firmware * amdgpu: update beige goby firmware * amdgpu: update picasso firmware * amdgpu: update dimgrey cavefish firmware * amdgpu: update vangogh firmware * amdgpu: update navy flounder firmware * amdgpu: update green sardine firmware * amdgpu: update sienna cichlid firmware * amdgpu: update PSP 13.0.11 firmware * amdgpu: update GC 11.0.4 firmware * amdgpu: update VCN 4.0.2 firmware * amdgpu: update PSP 13.0.4 firmware * amdgpu: update GC 11.0.1 firmware * amdgpu: update arcturus firmware * amdgpu: update navi14 firmware * amdgpu: add VCN 4.0.3 firmware * amdgpu: add SDMA 4.4.2 firmware * amdgpu: add SMU 13.0.6 firmware * amdgpu: add PSP 13.0.6 firmware * amdgpu: Add GC 9.4.3 firmware * amdgpu: update renoir firmware * amdgpu: update VCN 4.0.4 firmware * amdgpu: update SMU 13.0.7 firmware * amdgpu: update PSP 13.0.7 firmware * amdgpu: update GC 11.0.2 firmware * amdgpu: update navi12 firmware * amdgpu: update yellow carp firmware * amdgpu: update SMU 13.0.10 firmware * amdgpu: update SDMA 6.0.3 firmware * amdgpu: update PSP 13.0.10 firmware * amdgpu: update GC 11.0.3 firmware * amdgpu: update navi10 firmware * amdgpu: update aldebaran firmware * linux-firmware: Update AMD cpu microcode * RTL8192E: Remove old realtek WiFi firmware - Update aliases ==== libapparmor ==== - Add dovecot-unix_chkpwd.diff to allow dovecot-auth to execute unix_chkpwd, and add a profile for unix_chkpwd. This is needed for PAM 1.6 (boo#1219139) - Refresh apparmor.keyring - the key was renewed ==== libexttextcat ==== Version update (3.4.6 -> 3.4.7) Subpackages: libexttextcat-2_0-0 - Update to version 3.4.7: * Add Ilocano, Saraiki ==== libgcrypt ==== - add libgcrypt-no-deprecated-grep-alias.patch ==== libjcat ==== Version update (0.2.0 -> 0.2.1) - Update to version 0.2.1: + Do not dedupe sig and sig-of-checksum when loading. + Fix the installed tests. + Show the sig-of-checksum results clearer on the CLI. ==== mdevctl ==== Version update (1.2.0 -> 1.3.0) - Update to version 1.3.0 (jsc#PED-4981): * tests: add tests for live and defined support * doc: document live support and its options * cli: add live and defined parameters to modify command * callouts: add callout live event support * main: refactor jsonfile loading * main: refactor getting active devices * tests: add callout versioning tests * callouts: add warning for unknown supported actions and events * callouts: prevent repeating unsuccessful script searches * callouts: add versioning on callout scripts * callouts: make callout method reusable * callouts: add a check_result_fn to invoke_first_matching_script * Fix new clippy warnings * Cargo.toml: move tempfile to dev-dependencies * main: assemble active devices without overwriting * mdevctl.spec.in: Add systemd as build requirement * callout: ignore broken pipe on stdin * cli: improve lsmdev help * callouts: set script in callout on success only * main: fix file open error being suppressed * Fix clippy warning for useless vec * callouts: replace negated check and improve msgs * callouts: improve debug messages in get_attributes * callouts: match code format in Display for Event and Action * tests/callouts: make scripts cross distro compliant * actions: update release action to newer versions * Bump clap to 4.0 * Bump env_logger dependency to 0.9.0 * Fix deprecated github actions * cli: change modify parameter relationships * tests: use printf over echo * tests: add callout constructor panic tests * callouts: add MDev to callout struct * callouts: Move stdin generation from Callout::invoke_script() * callouts: Add a Callout argument to the invoke callback function * callouts: Reuse Callout::callout() for get_attributes() * callouts: Return Output from Callout::callout() * callouts: Remove Callout::callout_dir() * callouts: Move self.script invocation to callout() * callouts: make Callout::invoke() a method * mdev: provide better error message for invalid attr index * mdev: change attribute index arguments to usize * cli: adjust help text for modify option addattr * modify: ensure required parameter is given * trim trailing null from callout script get-attributes output * Add --force option for commands that have callouts * Bump 'nix' dependency * tests: test 'stop' with callouts * tests: remove stray debug prints during fork * tests: make test failure reports more obvious * Bump version to 1.3.0 * undefine: report error if device is not undefined * modify: add jsonfile optional parameter * cli: add cli tests * cli: fix clap deprecations warnings * tests: fix test_modify() when auto and manual are both set * Fix panic on modify delattr with invalid index * Active attributes (#71) * clippy: remove needless borrows * mdevctl.rst: align use of term state * Add tests for callout dir priority * Add system callout script dir outside /etc. * Add ability to set env root with env variable * Rename Environment::persist_base() to config_base() * Update github checkout action * Relax 'nix' dependency version requirement * callouts: remove return value from Callout::notify() * callouts: remove separate is_dir() check in notify() * callouts: filter and map iterator in notifier loop * Update uuid version * tests: verify that callout scripts are executed in order * callouts: make sure scripts are sorted * callouts: simplify loop through callout dir * callouts: Remove call to count() on callout dir entries * Fix new clippy warnings * Fix intermittent callout failure during test * rpm: set debug env vars when running tests in rpm build * Add python3-docutils to rpm BuildRequires ==== mutter ==== - mutter-SLE-bsc984738-grab-display.patch: * Temporary disable this SLE-only patch as it makes mutter 45 lock-up on non-CSD apps (bsc#1218935) ==== nghttp2 ==== Version update (1.58.0 -> 1.59.0) - update to 1.59.0: * Update bash_completion * h2load: Fix bug that ttfb is not recorded if h3 stream has no data * h2load: Consider all h2 HEADERS when counting bytes and recording ttfb * h2load: Ignore 1xx status code * nghttpd: Free SSL_CTX on exit * nghttpx: OpenSSL needs SSL_CTX_set_recv_max_early_data * nghttpx: OpenSSL needs SSL_CTX_set_recv_max_early_data * cmake: Require OpenSSL >= 1.1.1 * Add nghttp2_select_alpn and deprecate nghttp2_select_next_protocol * nghttpx: Add --alpn-list and deprecate --npn-list * h2load: Add --alpn-list and deprecate --npn-list * Remove NPN * src: Support building with aws-lc * Avoid detecting OpenSSL 3.2 as quictls * Use nghttp3_pri_parse_priority added since nghttp3 v1.1.0 * h2load: Fix IPv6 address in :authority * h2load: Fix IPv6 address in :authority * nghttpx: Propagate stream priority from backend to frontend * nghttpx: Propagate stream priority from backend to frontend * Merge pull request #1991 from nghttp2/get-and-parse- extpri * Add API to get and parse RFC 9218 priority * nghttpx: Prefer __FILE_NAME__ if defined ==== numactl ==== Version update (2.0.16.21.g693fee1 -> 2.0.17.4.g63befa8) Subpackages: libnuma1 - Update to version 2.0.17.4.g63befa8: * Fix CodeQl Warn: Wrong type of arguments to formatting function * libnuma: Fix incorrect print and exit of numa_preferred/_many APIs * libnuma: Fix unexpected output * Fix README.md * Increase version number * Fix build badge * Fix README.md * Update README.md * Add configure file for release * Fix unused function return warning in numastat * fix complain() fuction print newline * Document that numa_police_memory may cause data races * Add numastat_diff from jirka-h * Enable v1 compatibility for unused getnodemask test * libnuma: Handle initialization without sysfs * Support empty memory nodes * numactl: Add --version option to print version * Remove obsolete numamon file * numactl: Use standard tab indent for print_node_cpus * Avoid using /proc/cpuinfo in test suite * numact: Add --cpu-compress option * Pin release workflow script to minimize risk of supply chain attacks * move_pages: Fix warning (missing hunk from earlier revert) * numastat: Remove unused functions * distance: Remove unused variable (NFC) * numademo: Adjust memcpy test bandwidth calculation * numactl.c: Refactor print_node_cpus to display CPU ranges * numactl.c: Refactor print_node_cpus to display CPU ranges * numactl.c: Refactor print_node_cpus to display CPU ranges * Refactor print_node_cpus to display CPU ranges instead of individual CPUs * numactl: Fix manual for --preferred and --preferred-many * Revert "Fix build error on riscv64 by linking libatomic" * Include instead of * Fix the example usage in the numactl manual * Fix issue #190 about numa_exit_on_warn does not work * Create SECURITY.md * fix: fix memory leaks when run with -H * use mems allowed nodes to test prefer_many policy. * fix typo in memhog.8 * Update move_pages.c * migspeed don't have to be linked against librt * Add MPOL_F_RELATIVE/STATIC_NODES ==== openssl-3 ==== Subpackages: libopenssl3 - Encapsulate the fips provider into a new package called libopenssl-3-fips-provider. - Added openssl-3-use-include-directive.patch so that the default /etc/ssl/openssl.cnf file will include any configuration files that other packages might place into /etc/ssl/engines3.d/ and /etc/ssl/engdef3.d/. Also create symbolic links /etc/ssl/engines.d/ and /etc/ssl/engdef.d/ to above versioned directories. - Updated spec file to create the two new necessary directores for the above patch and two symbolic links to above directories. [bsc#1194187, bsc#1207472, bsc#1218933] - Security fix: [bsc#1218810, CVE-2023-6237] * Limit the execution time of RSA public key check * Add openssl-CVE-2023-6237.patch - Rename openssl-Override-default-paths-for-the-CA-directory-tree.patch to openssl-crypto-policies-support.patch - Embed the FIPS hmac. Add openssl-FIPS-embed-hmac.patch - Load the FIPS provider and set FIPS properties implicitly. * Add openssl-Force-FIPS.patch [bsc#1217934] - Disable the fipsinstall command-line utility. * Add openssl-disable-fipsinstall.patch - Add instructions to load legacy provider in openssl.cnf. * openssl-load-legacy-provider.patch - Disable the default provider for the test suite. * openssl-Disable-default-provider-for-test-suite.patch - Security fix: [bsc#1218690, CVE-2023-6129] * POLY1305: Fix vector register clobbering on PowerPC * Add openssl-CVE-2023-6129.patch - Add patch to fix BTI enablement on aarch64: * openssl-Enable-BTI-feature-for-md5-on-aarch64.patch ==== openssl ==== - New libopenssl-fips-provider package. ==== patterns-kde ==== Subpackages: patterns-kde-kde patterns-kde-kde_edutainment patterns-kde-kde_games patterns-kde-kde_ide patterns-kde-kde_imaging patterns-kde-kde_internet patterns-kde-kde_multimedia patterns-kde-kde_office patterns-kde-kde_pim patterns-kde-kde_plasma patterns-kde-kde_utilities patterns-kde-kde_utilities_opt patterns-kde-kde_yast - Make phonon4qt5-backend a hard dep of the plasma pattern (boo#1219277) - Avoid gstreamer if not necessary - Change from phonon4qt5-backend-gstreamer to phonon4qt5-backend-vlc due to deprecation of the gstreamer backend ==== python-Jinja2 ==== - Disable broken test with latest version of MarkupSafe (2.1.4) (gh#pallets/jinja#1930, gh#pallets/markupsafe#417) ==== python-M2Crypto ==== - Disable broken tests with openssl 3.2, bsc#1217782 ==== python-MarkupSafe ==== Version update (2.1.3 -> 2.1.4) - update to 2.1.4: * Don't use regular expressions for striptags, avoiding a performance issue. :pr:`413` ==== python-argcomplete ==== Version update (3.2.1 -> 3.2.2) - update to 3.2.2: * Expand tilde in zsh ==== python-authheaders ==== Version update (0.16.1 -> 0.16.2) - update to 0.16.2: * Add checks for None results to avoid tracebacks (#31) * Account for FWS in From (which is legal, apparently) * Delete more setup.py cruft for non-supported Pythons ==== python-pyOpenSSL ==== Version update (23.3.0 -> 24.0.0) - update to 24.0.0: * Added OpenSSL.SSL.Connection.get_selected_srtp_profile to determine which SRTP profile was negotiated. #1279. ==== python-pycryptodome ==== Version update (3.19.1 -> 3.20.0) - update to 3.20.0: * Added support for TurboSHAKE128 and TurboSHAKE256. * Added method Crypto.Hash.new() to generate a hash object given a hash name. * Added support for AES-GCM encryption of PBES2 and PKCS#8 containers. * Added support for SHA-2 and SHA-3 algorithms in PBKDF2 when creating PBES2 and PKCS#8 containers. * Export of RSA keys accepts the prot_params dictionary as parameter to control the number of iterations for PBKDF2 and scrypt. * C unit tests also run on non-x86 architectures. * GH#787: Fixed autodetect logic for GCC 14 in combination with LTO. ==== rubygem-parser ==== Version update (3.2.2.4 -> 3.3.0.5) Subpackages: ruby3.2-rubygem-parser ruby3.3-rubygem-parser - updated to version 3.3.0.5 v3.3.0.5 (2024-01-21) - -------------------- API modifications: * Bump 3.2 branch to 3.2.3 (#993) (Koichi ITO) v3.3.0.4 (2024-01-15) - -------------------- Features implemented: * Register a Ruby 3.4 parser (#991) (Jean byroot Boussier) v3.3.0.3 (2024-01-12) - -------------------- Bugs fixed: * lexer.rl: accept tabs before closing heredoc delimiter (#990) (Ilya Bylich) v3.3.0.2 (2024-01-07) - -------------------- Bugs fixed: * Fix an error when using heredoc with non-word delimiters (#987) (Koichi ITO) v3.3.0.1 (2024-01-06) - -------------------- Bugs fixed: * Supports Ruby 2.0+ runtime (#986) (Koichi ITO) v3.3.0.0 (2024-01-05) - -------------------- API modifications: * current.rb: mark 3.3 branch as stable (#984) (Ilya Bylich) * ruby33.y: extract string_dend (#969) (Ilya Bylich) * lexer.rl: treat numparams as locals (#968) (Ilya Bylich) * ruby33.y: extract words_sep (#967) (Ilya Bylich) * literal.rb: match heredoc identifier from end of line (#965) (Ilya Bylich) * ruby33.y: extract {endless_command,endless_arg} rules (#964) (Ilya Bylich) * Bump Racc to 1.7.3 (#954) (Koichi ITO) Features implemented: * ruby33.y: reject ambiguous anonymous arguments (#983) (Ilya Bylich) * ruby33.y: extract arg_splat rule. (#981) (Ilya Bylich) * builder.rb: warn `it` in a block with no ordinary params. (#980) (Ilya Bylich) * builder.rb: extract named captures only from static regexes. (#979) (Ilya Bylich) * ruby33.y: accept expr_value in sclass definition. (#978) (Ilya Bylich) * ruby33.y: extract p_in_kwarg (#977) (Ilya Bylich) * ruby33.y: extract p_assoc and p_in rules (#976) (Ilya Bylich) * ruby33.y: reject invalid gvar as symbol (#974) (Ilya Bylich) * ruby33.y: properly restore in_defined flag, extract begin_defined rule (#973) (Ilya Bylich) * builder.rb: reject multi-char gvar names starting with 0 (#972) (Ilya Bylich) * ruby33.y: allow semicolon in parenthesis at the first argument of command call (#971) (Ilya Bylich) * ruby33.y: parse qualified const with brace block as a method call (#970) (Ilya Bylich) ==== rubygem-rubocop ==== Version update (1.59.0 -> 1.60.2) Subpackages: ruby3.2-rubygem-rubocop ruby3.3-rubygem-rubocop - updated to version 1.60.2 [#]# 1.60.2 (2024-01-24) [#]## Bug fixes * [#12627](https://github.com/rubocop/rubocop/issues/12627): Fix a false positive for `Layout/RedundantLineBreak` when using index access call chained on multiple lines with backslash. ([@koic][]) * [#12626](https://github.com/rubocop/rubocop/pull/12626): Fix a false positive for `Style/ArgumentsForwarding` when naming a block argument `&`. ([@koic][]) * [#12635](https://github.com/rubocop/rubocop/pull/12635): Fix a false positive for `Style/HashEachMethods` when both arguments are unused. ([@earlopain][]) * [#12636](https://github.com/rubocop/rubocop/pull/12636): Fix an error for `Style/HashEachMethods` when a block with both parameters has no body. ([@earlopain][]) * [#12638](https://github.com/rubocop/rubocop/issues/12638): Fix an `Errno::ENOENT` error when using server mode. ([@koic][]) * [#12628](https://github.com/rubocop/rubocop/pull/12628): Fix a false positive for `Style/ArgumentsForwarding` when using block arg forwarding with positional arguments forwarding to within block. ([@koic][]) * [#12642](https://github.com/rubocop/rubocop/pull/12642): Fix false positives for `Style/HashEachMethods` when using array converter method. ([@koic][]) * [#12632](https://github.com/rubocop/rubocop/issues/12632): Fix an infinite loop error when `EnforcedStyle: explicit` of `Naming/BlockForwarding` with `Style/ArgumentsForwarding`. ([@koic][]) [#]# 1.60.1 (2024-01-17) [#]## Bug fixes * [#12625](https://github.com/rubocop/rubocop/pull/12625): Fix an error when server cache dir has read-only file system. ([@Strzesia][]) * [#12618](https://github.com/rubocop/rubocop/issues/12618): Fix false positives for `Style/ArgumentsForwarding` when using block argument forwarding with other arguments. ([@koic][]) * [#12614](https://github.com/rubocop/rubocop/issues/12614): Fix false positiveis for `Style/RedundantParentheses` when parentheses in control flow keyword with multiline style argument. ([@koic][]) [#]## Changes * [#12617](https://github.com/rubocop/rubocop/issues/12617): Make `Style/CollectionCompact` aware of `grep_v` with nil. ([@koic][]) [#]# 1.60.0 (2024-01-15) [#]## Bug fixes * [#12603](https://github.com/rubocop/rubocop/issues/12603): Fix an infinite loop error for `Style/MultilineTernaryOperator` when using a method call as a ternary operator condition with a line break between receiver and method. ([@koic][]) * [#12549](https://github.com/rubocop/rubocop/issues/12549): Fix a false positive for `Style/RedundantLineContinuation` when line continuations for multiline leading dot method chain with a blank line. ([@koic][]) * [#12610](https://github.com/rubocop/rubocop/pull/12610): Accept parentheses in argument calls with blocks for `Style/MethodCallWithArgsParentheses` `omit_parentheses` style. ([@gsamokovarov][]) * [#12580](https://github.com/rubocop/rubocop/pull/12580): Fix an infinite loop error for `Layout/EndAlignment` when misaligned in singleton class assignments with `EnforcedStyleAlignWith: variable`. ([@koic][]) * [#12548](https://github.com/rubocop/rubocop/issues/12548): Fix an infinite loop error for `Layout/FirstArgumentIndentation` when specifying `EnforcedStyle: with_fixed_indentation` of `Layout/ArrayAlignment`. ([@koic][]) * [#12236](https://github.com/rubocop/rubocop/issues/12236): Fix an error for `Lint/ShadowedArgument` when self assigning to a block argument in `for`. ([@koic][]) * [#12569](https://github.com/rubocop/rubocop/issues/12569): Fix an error for `Style/IdenticalConditionalBranches` when using `if`...`else` with identical leading lines that assign to `self.foo`. ([@koic][]) * [#12437](https://github.com/rubocop/rubocop/issues/12437): Fix an infinite loop error for `EnforcedStyle: omit_parentheses` of `Style/MethodCallWithArgsParentheses` with `Style/SuperWithArgsParentheses`. ([@koic][]) * [#12558](https://github.com/rubocop/rubocop/issues/12558): Fix an incorrect autocorrect for `Style/MapToHash` when using `map.to_h` without receiver. ([@koic][]) * [#12179](https://github.com/rubocop/rubocop/issues/12179): Let `--auto-gen-config` generate `Exclude` when `Max` is overridden. ([@jonas054][]) * [#12574](https://github.com/rubocop/rubocop/issues/12574): Fix bug for unrecognized style in --auto-gen-config. ([@jonas054][]) * [#12542](https://github.com/rubocop/rubocop/issues/12542): Fix false positive for `Lint/MixedRegexpCaptureTypes` when using look-ahead matcher. ([@marocchino][]) * [#12607](https://github.com/rubocop/rubocop/pull/12607): Fix a false positive for `Style/RedundantParentheses` when regexp literal attempts to match against a parenthesized condition. ([@koic][]) * [#12539](https://github.com/rubocop/rubocop/pull/12539): Fix false positives for `Lint/LiteralAssignmentInCondition` when a collection literal contains non-literal elements. ([@koic][]) * [#12571](https://github.com/rubocop/rubocop/issues/12571): Fix false positives for `Naming/BlockForwarding` when using explicit block forwarding in block method. ([@koic][]) * [#12537](https://github.com/rubocop/rubocop/issues/12537): Fix false positives for `Style/RedundantParentheses` when `AllowInMultilineConditions: true` of `Style/ParenthesesAroundCondition`. ([@koic][]) * [#12578](https://github.com/rubocop/rubocop/pull/12578): Fix false positives for `Style/ArgumentsForwarding` when rest arguments forwarding to a method in block. ([@koic][]) * [#12540](https://github.com/rubocop/rubocop/issues/12540): Fix false positives for `Style/HashEachMethods` when rest block argument of `Enumerable#each` method is used. ([@koic][]) * [#12529](https://github.com/rubocop/rubocop/issues/12529): Fix false positives for `Style/ParenthesesAroundCondition`. ([@koic][]) * [#12556](https://github.com/rubocop/rubocop/issues/12556): Fix false positives for `Style/RedundantParentheses` when parentheses are used around a semantic operator in expressions within assignments. ([@koic][]) * [#12541](https://github.com/rubocop/rubocop/pull/12541): Fix false negative in `Style/ArgumentsForwarding` when a block is forwarded but other args aren't. ([@dvandersluis][]) * [#12581](https://github.com/rubocop/rubocop/pull/12581): Handle trailing line continuation in `Layout/LineContinuationLeadingSpace`. ([@eugeneius][]) * [#12601](https://github.com/rubocop/rubocop/issues/12601): Make `Style/EachForSimpleLoop` accept block with no parameters. ([@koic][]) [#]## Changes * [#12535](https://github.com/rubocop/rubocop/pull/12535): Allow --autocorrect with --display-only-fail-level-offenses. ([@naveg][]) * [#12572](https://github.com/rubocop/rubocop/pull/12572): Follow a Ruby 3.3 warning for `Security/Open` when `open` with a literal string starting with a pipe. ([@koic][]) * [#12453](https://github.com/rubocop/rubocop/issues/12453): Make `Style/RedundantEach` aware of safe navigation operator. ([@koic][]) * [#12233](https://github.com/rubocop/rubocop/issues/12233): Make `Style/SlicingWithRange` aware of redundant and beginless range. ([@koic][]) * [#12388](https://github.com/rubocop/rubocop/pull/12388): Reject additional 'expanded' `EnforcedStyle` options when `--no-auto-gen-enforced-style` is given. ([@kpost][]) * [#12593](https://github.com/rubocop/rubocop/pull/12593): Require Parser 3.3.0.2 or higher. ([@koic][]) ==== salt ==== Subpackages: python3-salt salt-master salt-minion salt-transactional-update - Provide user(salt)/group(salt) capabilities for RPM 4.19 - Prevent exceptions with fileserver.update when called via state (bsc#1218482) - Added: * allow-kwargs-for-fileserver-roots-update-bsc-1218482.patch - Improve pip target override condition with VENV_PIP_TARGET environment variable (bsc#1216850) - Fixed KeyError in logs when running a state that fails - Added: * improve-pip-target-override-condition-with-venv_pip_.patch * fixed-keyerror-in-logs-when-running-a-state-that-fai.patch - Ensure that pillar refresh loads beacons from pillar without restart - Fix the aptpkg.py unit test failure - Prefer unittest.mock to python-mock in test suite - Added: * update-__pillar__-during-pillar_refresh.patch * fix-the-aptpkg.py-unit-test-failure.patch * prefer-unittest.mock-for-python-versions-that-are-su.patch - Enable "KeepAlive" probes for Salt SSH executions (bsc#1211649) - Added: * enable-keepalive-probes-for-salt-ssh-executions-bsc-.patch - Revert changes to set Salt configured user early in the stack (bsc#1216284) - Added: * revert-make-sure-configured-user-is-properly-set-by-.patch - Align behavior of some modules when using salt-call via symlink (bsc#1215963) - Fix gitfs "__env__" and improve cache cleaning (bsc#1193948) - Added: * fix-gitfs-__env__-and-improve-cache-cleaning-bsc-119.patch * dereference-symlinks-to-set-proper-__cli-opt-bsc-121.patch - Randomize pre_flight_script path (CVE-2023-34049 bsc#1215157) - Added: * fix-cve-2023-34049-bsc-1215157.patch - Allow all primitive grain types for autosign_grains (bsc#1214477) - Added: * allow-all-primitive-grain-types-for-autosign_grains-.patch - Fix optimization_order opt to prevent testsuite fails - Improve salt.utils.json.find_json to avoid fails with transactional salt salt-ssh managed clients (bsc#1213293) - Use salt-call from salt bundle with transactional_update - Only call native_str on curl_debug message in tornado when needed - Implement the calling for batch async from the salt CLI - Added: * implement-the-calling-for-batch-async-from-the-salt-.patch * improve-salt.utils.json.find_json-bsc-1213293.patch * only-call-native_str-on-curl_debug-message-in-tornad.patch * use-salt-call-from-salt-bundle-with-transactional_up.patch * fix-optimization_order-opt-to-prevent-test-fails.patch - Fix calculation of SLS context vars when trailing dots on targetted sls/state (bsc#1213518) - Added: * fix-calculation-of-sls-context-vars-when-trailing-do.patch ==== strace ==== Version update (6.6 -> 6.7) - Update to strace 6.7 * Implemented -kk/--stack-traces=source option for libdw-based stack tracing. * Implemented decoding of futex_wake, futex_wait, and sys_futex_requeue syscalls. * Updated lists of BPF_*, BTRFS_*, IORING_*, KVM_*, LANDLOCK_*, PR_*, and TCP_* constants. * Updated lists of ioctl commands from Linux 6.7. * Fix strace -r during the first second after booting to show correct relative timestamps. * Fix strace -f entering deadlock on exit if there are tracee processes spawned using vfork semantics. ==== xdg-utils ==== Version update (1.2.0~beta1+20230929 -> 1.2.0+20240130) - Update to Version 1.2.0 (Lining up with the upstream release) * all: Add xdg-realpath to better handle Canonicalizing filenames (#66) * xdg-open: Use url.dll as url opener on wsl (#242) * tests: Fix quoting issues in t-xdg-open.sh * xdg-open: Added a reporting issues section to xdg-open in the hopes that more issues will be attributed correctly * xdg-mime: Added a secutity note on xdg-mime default to warn against confusing openers and runners * xdg-open: Added paragraph explaining the wiered return behaviour of xdg-open * xdg-email: shellcheck * xdg-mime: shellcheck * xdg-settings: Add support for deeping-desktop browser setting in xdg-settings. * all: Fix config.status warning about ignored --datarootdir setting * all: Shellchecked xdg-utils-common.in * xdg-open: shellcheck * xdg-mime: Create a generic implementation for KDE * all: Move to markdown for README's * xdg-mime: Improve Documentation around query file/default * xdg-open: Document not handling '-' at the start of filenames * xdg-open: Deduplicate URL recognition * xdg-open: remove unused open_generic_xdg_file_mime * xdg-open: use LC_ALL=C with URLs * xdg-open: Fix URI/URL handling * xdg-email: Remove default BROWSER logic, no longer needed * xdg-mime: Improve synopsis * xdg-settings: read KDE browser settings the right way around * xdg-open: Improve WSL support * xdg-mime: actually handle lists in mimeapps.list correctly ==== xf86-video-qxl ==== - Xspice-python3.patch * for python3 interpreter needs to be /usr/bin/python3 ==== xorg-x11-server ==== Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra - no longer (build-)require obsolete Xprint/XprintUtil ==== xterm ==== Version update (388 -> 389) Subpackages: xterm-bin xterm-resize - update to 389: * interchange variables in subparameter parsing, fixing a bug where subparameters after the first parameter could be misidentified * correct popping of icon/window titles in a case where only one was pushed from patch #385 changes. * add XTQMODKEYS response in DECRQSS, as alternative for vim. * correct DECCIR encoded information on character set size, handle a VT525 quirk, and add DECST8C (Windows Terminal [#14984]). * improve DECRQCRA (prompted by discussion with James Holderness, Windows Terminal #14974). * add part of VT525 color controls: + DECAC, to update default foreground/background, respond to DECRQSS + DECATC, to respond with DECRQSS * prevent Unicode non-characters from being printed * modify send_SGR() to avoid modifying colors 16 to 255 in printed output (patch by Grady Martin). * minor cleanup of miscellaneous error-codes with ERROR_MISC. * remove legacy CSI 53 for locator status, corrected in patch * modify DECRQUPSS and DECAUPSS feature to support VT5xx character sets (report by Thomas Wolff). * improve EWMH handling (report/analysis by Edward Rosten) + reset _NET_WM_STATE_HIDDEN flag from _NET_WM_STATE before mapping the window to deiconify. + cache X properties to reduce latency (adapted from patch by Edward Rosten). ==== yast2 ==== Version update (5.0.4 -> 5.0.5) Subpackages: yast2-logs - Added s390 z/VM check to YaST::Arch (bsc#1210525). - 5.0.5 ==== yast2-installation ==== Version update (5.0.4 -> 5.0.5) - In zVM or KVM installations the cio_ignore kernel argument will be written only if given (bsc#1210525). - 5.0.5 ==== yast2-trans ==== Version update (84.87.20240120.54f4b9f06a -> 84.87.20240126.9c7185e3f6) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20240126.9c7185e3f6: * New POT for text domain 'installation'. * New POT for text domain 'base'. * Translated using Weblate (Swedish) * Translated using Weblate (Swedish) * Translated using Weblate (Swedish) * Translated using Weblate (Swedish) * New POT for text domain 'sap-installation-wizard'. ==== zenity ==== Version update (4.0.0 -> 4.0.1) - Update to version 4.0.1 + Changes and fixes since 4.0.0: - Bump webkit2gtk requirement in README - about: The licence is LGPL2.1+, not GPL - entry: Calculate number of --entry-text's properly (#75) - test: Add entry test in response to issue #75 - question: fix option --default-cancel - calendar: Fix off-by-one in day - test: Add test for --calendar - Updated translations.