Packages changed: Mesa (23.3.5 -> 23.3.6) Mesa-drivers (23.3.5 -> 23.3.6) MozillaFirefox (122.0 -> 122.0.1) aaa_base (84.87+git20231023.f347d36 -> 84.87+git20240202.9526d46) aalib accountsservice acl (2.3.1 -> 2.3.2) acpid alsa-utils amarok apache-commons-logging apache2-mod_dnssd apache2-mod_php8 (8.2.15 -> 8.2.16) apparmor appstream-glib argon2 argyllcms arj attr (2.5.1 -> 2.5.2) autofs (5.1.8 -> 5.1.9) autotrace autoyast2 (5.0.1 -> 5.0.2) awesfx babl (0.1.106 -> 0.1.108) bc bind (9.18.21 -> 9.18.24) binutils (2.41 -> 2.42) bolt (0.9.6 -> 0.9.7) boost-base boost-extra branding-openSUSE btrfsprogs (6.7 -> 6.7.1) busybox-links curl dav1d (1.3.0 -> 1.4.0) dcraw djvulibre dnsmasq (2.89 -> 2.90) dracut (059+suse.549.gc9f63878 -> 059+suse.554.g6144bf71) e2fsprogs ebook-tools ed (1.20 -> 1.20.1) eekboard efont-unicode-bitmap-fonts ell (0.61 -> 0.62) emacs-flim epson-inkjet-printer-escpr espeak expat (2.5.0 -> 2.6.0) fde-tools gcc gcc14 (13.2.1+git8285 -> 14.0.1+git8957) gd gdm gegl (0.4.46 -> 0.4.48) git (2.43.0 -> 2.43.2) gnome-control-center (45.2 -> 45.3) gnome-maps gnome-music (45.0 -> 45.1) gnome-shell gpgme gpgmeqt graphviz grub2 hdparm hfsutils highway (1.0.7 -> 1.1.0) hp2xx hplip hwdata (0.378 -> 0.379) ibus intlfonts iso_ent jasper (4.2.0 -> 4.2.1) jfsutils kColorPicker-Qt5 kernel-firmware (20240201 -> 20240220) kernel-source (6.7.4 -> 6.7.5) keyutils kmozillahelper kvm_stat (6.7.4 -> 6.7.5) lastlog2 (1.2.0 -> 1.3.1) libHX (4.21 -> 4.23) libadwaita (1.4.2 -> 1.4.3) libapparmor libblockdev (3.0.4 -> 3.1.0) libdbusmenu-qt5 libdecor libdeflate libei libguestfs libgusb libjpeg-turbo libjxl-gtk (0.9.2 -> 0.10.0) liblangtag (0.6.4 -> 0.6.7) libnvme (1.7.1+0.g13ba383 -> 1.8+0.gbff7dda) libpaper (2.1.2 -> 2.1.3) libphonenumber (8.13.23 -> 8.13.30) libpng16 (1.6.40 -> 1.6.42) libqt5-qtbase (5.15.12+kde147 -> 5.15.12+kde151) libqt5-qtwebengine libshumate libstorage-ng (4.5.176 -> 4.5.191) libunwind (1.7.2 -> 1.8.0) make man mariadb (11.2.2 -> 11.2.3) mdevctl mozilla-nss (3.96.1 -> 3.97) mpg123 (1.32.4 -> 1.32.5) mtools multipath-tools (0.9.7+93+suse.e2f2272 -> 0.9.8~1+82+suse.dcd98a3) musepack ncurses (6.4.20240120 -> 6.4.20240210) neon nodejs21 (21.5.0 -> 21.6.2) nvidia-open-driver-G06-signed (545.29.06_k6.7.4_1 -> 545.29.06_k6.7.5_1) nvme-cli (2.7.1 -> 2.8) obex-data-server openssl-1_1 openvpn (2.6.8 -> 2.6.9) orc (0.4.34 -> 0.4.37) osinfo-db pam-config (2.10 -> 2.11) parted patterns-server pcr-oracle pcre2 (10.42 -> 10.43) perl-Bootloader (1.11 -> 1.12) php8 (8.2.15 -> 8.2.16) pipewire pkcs11-helper (1.29.0 -> 1.30.0) pkgconf (1.8.0 -> 2.1.1) poppler (23.12.0 -> 24.02.0) poppler-qt5 (23.12.0 -> 24.02.0) potrace prctl publicsuffix (20240123 -> 20240212) pulseaudio python-cryptography (41.0.7 -> 42.0.4) python-linux-procfs python-lxml python311 python311-core qalculate (4.8.1 -> 4.9.0) qemu (8.2.0 -> 8.2.1) rdma-core rpm rpm-config-SUSE (20240118 -> 20240214) rubygem-vagrant_cloud (3.0.5 -> 3.1.1) rzip samba (4.19.4+git.339.acf1ccaa020 -> 4.19.5+git.342.57620c4f7e) sane-backends sdbootutil (1+git20240122.c0d8f76 -> 1+git20240215.cb7e392) sg3_utils (1.48+7.63e63cb -> 1.48+8.37ca384) shadow (4.14.3 -> 4.14.5) shared-mime-info shim signon-plugin-oauth2 spacenavd spice-gtk suseconnect-ng (1.3.0~git0.ae8ba1e -> 1.7.0~git2.21ba08e) systemd (254.8 -> 254.9) tecla-keyboard-layout-viewer (45.rc -> 45.0) thin-provisioning-tools (1.0.10 -> 1.0.11) tigervnc tmux (3.3a -> 3.4) transmission u-boot-rpiarm64 unison (2.53.3 -> 2.53.4) unixODBC unzip utempter util-linux util-linux-systemd vacation vde2 vid_stab vim (9.1.0000 -> 9.1.0111) virt-manager virtiofsd vmaf vorbis-tools vpnc vsftpd webkit2gtk3 webkit2gtk3-soup2 webrtc-audio-processing wget wmctrl wpa_supplicant wsdd xdg-menu xfce4-notifyd (0.9.3 -> 0.9.4) xfce4-terminal (1.1.1 -> 1.1.2) xfsprogs (6.5.0 -> 6.6.0) xml-commons-apis xorg-x11-server xtermset xwayland yast2 (5.0.5 -> 5.0.6) yast2-packager (5.0.2 -> 5.0.4) yast2-perl-bindings (5.0.0 -> 5.0.1) yast2-storage-ng (5.0.4 -> 5.0.6) yast2-trans (84.87.20240210.1383f689ba -> 84.87.20240219.f6e4117fe0) zchunk zip zlib zvbi === Details === ==== Mesa ==== Version update (23.3.5 -> 23.3.6) Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libOSMesa8 libgbm1 - Update to bugfix release 23.3.6 - -> https://docs.mesa3d.org/relnotes/23.3.6.html ==== Mesa-drivers ==== Version update (23.3.5 -> 23.3.6) Subpackages: Mesa-dri Mesa-gallium Mesa-libva - Update to bugfix release 23.3.6 - -> https://docs.mesa3d.org/relnotes/23.3.6.html ==== MozillaFirefox ==== Version update (122.0 -> 122.0.1) - Mozilla Firefox 122.0.1 https://www.mozilla.org/en-US/firefox/122.0.1/releasenotes/ * Fixed the Library and Sidebar context menus only displaying Multi-Account Containers icons in the "Open in New Container Tab" menu. (bmo#1876518) * Fixed an issue when clicking the Dismiss button in notification pop-ups on Windows causing a webpage in a new tab. (bmo#1848801) * Fixed the yaru-remix system theme not applying correctly on Linux. (bmo#1877002) * Fixed adding an extra new line to a rule in the Developer Tools' Inspector when copying it to the clipboard. (bmo#1876220) * Rolled back a keyboard behavior change made to the Developer Tools' Rules view when validating a property name or input with the Enter key. This moves the focus to the next input, as was the behavior in Firefox 121. (bmo#1877457) ==== aaa_base ==== Version update (84.87+git20231023.f347d36 -> 84.87+git20240202.9526d46) Subpackages: aaa_base-extras - Update to version 84.87+git20240202.9526d46: * properly shorten the variable when setting JAVA_HOME and JRE_HOME * silence output of alljava * Restrict ptrace with Yama LSM by default * patch alljava.sh and alljava.csh, use the links from update alternatives ==== aalib ==== - Use %patch -P N instead of deprecated %patchN. ==== accountsservice ==== Subpackages: libaccountsservice0 typelib-1_0-AccountsService-1_0 - First part to fix build with GCC 14: + Inject patched mocklibc-1.0.tar.gz: only some header modifications to address implicit declaration of print_indent. + Add accountsservice-mocklib-gcc14.patch: patch meson' subproject definition to validate the injected tarball. ==== acl ==== Version update (2.3.1 -> 2.3.2) Subpackages: libacl1 - Update to version 2.3.2: + libobj: declare s_str directly in string_obj_tag. + Use thread-safe getpwnam_r and getgrnam_r. + setfacl: preserve the failed status when processing multiple files. + man: Document pitfall with negative permissions and user namespaces. + tools: mark long_options static & const. ==== acpid ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN. ==== alsa-utils ==== - Use %patch -P N instead of deprecated %patchN. ==== amarok ==== - Remove the taglib-extras dependency, it fails to build with taglib 2 and will be dropped. - Add patch to support taglib 2: * 0001-Use-non-deprecated-TagLib-functions-fix-build-with-T.patch ==== apache-commons-logging ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN. ==== apache2-mod_dnssd ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN. ==== apache2-mod_php8 ==== Version update (8.2.15 -> 8.2.16) - version update to 8.2.16 * This is a bug fix release. - modified patches % php-build-reproducible-phar.patch (refreshed) ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-docs apparmor-parser apparmor-profiles apparmor-utils python3-apparmor - Use %patch -P N instead of deprecated %patchN. - Add apparmor-abstractions-openssl-allow-version-specific-en.patch to allow version specific engdef & engines openssl paths (boo#1219571) ==== appstream-glib ==== Subpackages: libappstream-glib8 - Add asglib(swcatalog) provides: allow other packages to declare that they need swcatalog support. - Add patch for interoperability with newer AppStream spec (boo#1218427): * 0001-Move-from-app-info-to-swcatalog-locations.patch ==== argon2 ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN. ==== argyllcms ==== - Use %patch -P N instead of deprecated %patchN. ==== arj ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN. ==== attr ==== Version update (2.5.1 -> 2.5.2) Subpackages: libattr1 - update to 2.5.2: * attr: eliminate a dead store in attr_copy_action() * libattr: Set symbol versions for legacy syscalls via attribute or asm * exports: use LGPL for library code * documentation updates * translation updates (Polish, Dutch, Gregorian, French) * build system updates ==== autofs ==== Version update (5.1.8 -> 5.1.9) - Use %patch -P N instead of deprecated %patchN. - update to 5.1.9 (bsc#1219508) * fix kernel mount status notification. * fix fedfs build flags. * fix set open file limit. * improve descriptor open error reporting. * fix root offset error handling. * fix fix root offset error handling. * fix nonstrict fail handling of last offset mount. * dont fail on duplicate offset entry tree add. * fix loop under run in cache_get_offset_parent(). * bailout on rpc systemerror. * fix nfsv4 only mounts should not use rpcbind. * simplify cache_add() a little. * fix use after free in tree_mapent_delete_offset_tree(). * fix memory leak in xdr_exports(). * avoid calling pthread_getspecific() with NULL key_thread_attempt_id. * fix sysconf(3) return handling. * remove nonstrict parameter from tree_mapent_umount_offsets(). * fix handling of incorrect return from umount_ent(). * dont use initgroups() at spawn. * fix bashism in configure. * musl: fix missing include in hash.h. * musl: define fallback dummy NSS config path * musl: avoid internal stat.h definitions. * musl: add missing include to hash.h for _WORDSIZE. * musl: add missing include to log.h for pid_t. * musl: define _SWORD_TYPE. * add autofs_strerror_r() helper for musl. * update configure. * handle innetgr() not present in musl. * fix missing unlock in sasl_do_kinit_ext_cc(). * fix a couple of null cache locking problems. * restore gcc flags after autoconf Kerberos 5 check. * prepare for OpenLDAP SASL binding. * let OpenLDAP handle SASL binding. * configure: LDAP function checks ignore implicit declarations. * improve debug logging of LDAP binds. * improve debug logging of SASL binds. * internal SASL logging only in debug log mode. * more comprehensive verbose logging for LDAP maps. * fix invalid tsv access. * support SCRAM for SASL binding. * ldap_sasl_interactive_bind() needs credentials for auto-detection. * fix autofs regression due to positive_timeout. * fix parse module instance mutex naming. * serialise lookup module open and reinit. * coverity fix for invalid access. * fix hosts map deadlock on restart. * fix deadlock with hosts map reload. * fix memory leak in update_hosts_mounts(). * fix minus only option handling in concat_options(). * fix incorrect path for is_mounted() in try_remount(). * fix additional tsv invalid access. * fix use_ignore_mount_option description. * include addtional log info for mounts. * fail on empty replicated host name. * improve handling of ENOENT in sss setautomntent(). * don't immediately call function when waiting. * define LDAP_DEPRECATED during LDAP configure check. * fix return status of mount_autofs(). * don't close lookup at umount. * fix deadlock in lookups. * dont delay expire. * make amd mapent search function name clear. * rename statemachine() to signal_handler(). * make signal handling consistent. * eliminate last remaining state_pipe usage. * add function master_find_mapent_by_devid(). * use device id to locate autofs_point when setting log priotity. * add command pipe handling functions. * switch to application wide command pipe. * get rid of unused field submnt_count. * fix mount tree startup reconnect. * fix unterminated read in handle_cmd_pipe_fifo_message(). * fix memory leak in sasl_do_kinit() * fix fix mount tree startup reconnect. * fix amd selector function matching. * get rid entry thid field. * continue expire immediately after submount check. * eliminate realpath from mount of submount. * eliminate root param from autofs mount and umount. * remove redundant fstat from do_mount_direct(). * get rid of strlen call in handle_packet_missing_direct(). * remove redundant stat call in lookup_ghost(). * set mapent dev and ino before adding to index. * change to use printf functions in amd parser. * dont call umount_subtree_mounts() on parent at umount. * dont take parent source lock at mount shutdown. * fix possible use after free in handle_mounts_exit(). * make submount cleanup the same as top level mounts. * add soucre parameter to module functions. * add ioctlfd open helper. * make open files limit configurable. * use correct reference for IN6 macro call. * dont probe interface that cant send packet. * fix some sss error return cases. * fix incorrect matching of cached wildcard key. * fix expire retry looping. ... changelog too long, skipping 18 lines ... ("autofs-5.1.8 - add soucre parameter to module functions") ==== autotrace ==== Subpackages: libautotrace3 - Use %patch -P N instead of deprecated %patchN. ==== autoyast2 ==== Version update (5.0.1 -> 5.0.2) Subpackages: autoyast2-installation - Install standard SLES when the AY XML profile selects SLE_HPC, it has been dropped in SP6 (jsc#PED-7841) - 5.0.2 - jsc#PED-6407 - enabled lvm_vg_reuse to be used in general/storage/proposal section ==== awesfx ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN. ==== babl ==== Version update (0.1.106 -> 0.1.108) - disable gi-docgen docs for now - Update to 0.1.108: - "double" and "half" support in cli-tool, build fixes. ==== bc ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== bind ==== Version update (9.18.21 -> 9.18.24) Subpackages: bind-doc bind-utils - Update to release 9.18.24 Security Fixes: * Validating DNS messages containing a lot of DNSSEC signatures could cause excessive CPU load, leading to a denial-of-service condition. This has been fixed. (CVE-2023-50387) [bsc#1219823] * Preparing an NSEC3 closest encloser proof could cause excessiv CPU load, leading to a denial-of-service condition. This has been fixed. (CVE-2023-50868) [bsc#1219826] * Parsing DNS messages with many different names could cause excessive CPU load. This has been fixed. (CVE-2023-4408) [bsc#1219851] * Specific queries could cause named to crash with an assertion failure when nxdomain-redirect was enabled. This has been fixed. (CVE-2023-5517) [bsc#1219852] * A bad interaction between DNS64 and serve-stale could cause named to crash with an assertion failure, when both of these features were enabled. This has been fixed. (CVE-2023-5679) [bsc#1219853] * Query patterns that continuously triggered cache database maintenance could cause an excessive amount of memory to be allocated, exceeding max-cache-size and potentially leading to all available memory on the host running named being exhausted This has been fixed. (CVE-2023-6516) [bsc#1219854] * Under certain circumstances, the DNS-over-TLS client code incorrectly attempted to process more than one DNS message at a time, which could cause named to crash with an assertion failure. This has been fixed. Bug Fixes: * The counters exported via the statistics channel were changed back to 64-bit signed values; they were being inadvertently truncated to unsigned 32-bit values since BIND 9.15.0. ==== binutils ==== Version update (2.41 -> 2.42) Subpackages: libctf-nobfd0 libctf0 - riscv-no-relax.patch: RISC-V: Don't generate branch/jump relocation if symbol is local when no-relax - Add binutils-disable-code-arch-error.diff to demote an error about swapped .arch/.code directives to a warning. It happens in the wild. - Update to version 2.42: * Add support for many aarch64 extensions: SVE2.1, SME2.1, B16B16, RASv2, LSE128, GCS, CHK, SPECRES2, LRCPC3, THE, ITE, D128, XS and flags to enable them: '+fcma', '+jscvt', '+frintts', '+flagm2', '+rcpc2' and '+wfxt' * Add experimantal support for GAS to synthesize call-frame-info for some hand-written asm (--scfi=experimental) on x86-64. * Add support for more x86-64 extensions: APX: 32 GPRs, NDD, PUSH2/POP2, PUSHP/POPP; USER_MSR, AVX10.1, PBNDKB, SM4, SM3, SHA512, AVX-VNNI-INT16. * Add support for more RISC-V extensions: T-Head v2.3.0, CORE-V v1.0, SiFive VCIX v1.0. * BPF assembler: ';' separates statements now, and does not introduce line comments anymore (use '#' or '//' for this). * x86-64 ld: Add '-z mark-plt/-z nomark-plt' to mark PLT entries with dynamic tags. * risc-v ld: Add '--[no-]check-uleb128'. * New linker script directive: REVERSE, to be combined with SORT_BY_NAME or SORT_BY_INIT_PRIORITY, reverses the generated order. * New linker options --warn-execstack-objects (warn only about execstack when input object files request it), and --error-execstack plus - -error-rxw-segments to convert the existing warnings into errors. * objdump: Add -Z/--decompress to be used with -s/--full-contents to decompress section contents before displaying. * readelf: Add --extra-sym-info to be used with --symbols (currently prints section name of references section index). * objcopy: Add --set-section-flags for x86_64 to include SHF_X86_64_LARGE. * s390 disassembly: add target-specific disasm option 'insndesc', as in "objdump -M insndesc" to display an instruction description as comment along with the disassembly. - Add binutils-2.42-branch.diff.gz. - Rebased s390-biarch.diff. - Adjusted binutils-revert-hlasm-insns.diff, binutils-revert-plt32-in-branches.diff and binutils-revert-rela.diff for upstream changes. - Removed binutils-2.41-branch.diff.gz, binutils-2.41.tar.bz2, binutils-2.41-branch.diff.gz. - Removed binutils-use-less-memory.diff, binutils-old-makeinfo.diff and riscv-relro.patch (all upstreamed). - Removed add-ulp-section.diff, we use a different mechanism for live patching since a long time. ==== bolt ==== Version update (0.9.6 -> 0.9.7) - update to 0.9.7: * Add a 'nopcie' security level since some devices report nopcie when Thunderbolt is disabled through BIOS setting. * Markdown lint styling is used for documents. ==== boost-base ==== Subpackages: boost-license1_84_0 libboost_filesystem1_84_0 libboost_iostreams1_84_0 libboost_locale1_84_0 libboost_thread1_84_0 - avoid obsolete rpm syntax ==== boost-extra ==== - avoid obsolete rpm syntax ==== branding-openSUSE ==== Subpackages: grub2-branding-openSUSE libreoffice-branding-openSUSE plymouth-branding-openSUSE wallpaper-branding-openSUSE yast2-qt-branding-openSUSE - Remove update-alternatives usage, we don't have dynamic wallpapers anymore which were using that (bsc#1219919). ==== btrfsprogs ==== Version update (6.7 -> 6.7.1) Subpackages: btrfsprogs-bash-completion btrfsprogs-udev-rules libbtrfs0 libbtrfsutil1 - update to 6.7.1 * convert: raid-stripe-tree can be now enabled for the target filesystem * mkfs: * handle lifetime of open file descriptors so it does not trigger udev that could miss to create the UUID symlinks in /dev * update warning when CPU page size does not match sector size * merge features in summary, no more distinction of incompat and runtime to match the semantics of option -O * fi show: fix recognizing raw device mapper paths * other: * documentation updates, fix links to labels in included directories ==== busybox-links ==== Subpackages: busybox-bzip2 busybox-coreutils busybox-diffutils busybox-ed busybox-findutils busybox-gawk busybox-grep busybox-gzip busybox-misc busybox-psmisc busybox-sed busybox-sendmail busybox-tar busybox-which busybox-xz - busybox-udhcpc conflicts with udhcp. ==== curl ==== Subpackages: libcurl4 - Add patch to fix various TLS related issues including FTP over SSL transmission timeouts: * 0001-vtls-revert-receive-max-buffer-add-test-case.patch - Switch to %autosetup ==== dav1d ==== Version update (1.3.0 -> 1.4.0) - Update to version 1.4.0 * AVX-512 optimizations for z1, z2, z3 in 8bit and high-bitdepth * New architecture supported: loongarch * Loongarch optimizations for 8bit * New architecture supported: RISC-V * RISC-V optimizations for itx * Misc improvements in threading and in reducing binary size * Fix potential integer overflow with extremely large frame sizes (bsc#1220105, CVE-2024-1580) ==== dcraw ==== Subpackages: dcraw-lang - Use %patch -P N instead of deprecated %patchN. ==== djvulibre ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN. ==== dnsmasq ==== Version update (2.89 -> 2.90) - update to 2.90: * CVE-2023-50387, CVE-2023-50868, bsc#1219823, bsc#1219826: Denial Of Service while trying to validate specially crafted DNSSEC responses * Fix reversion in --rev-server introduced in 2.88 which caused breakage if the prefix length is not exactly divisible by 8 (IPv4) or 4 (IPv6). * Fix possible SEGV when there server(s) for a particular domain are configured, but no server which is not qualified for a particular domain. * Set the default maximum DNS UDP packet sice to 1232. Obsoletes: dnsmasq-CVE-2023-28450.patch * Add --no-dhcpv4-interface and --no-dhcpv6-interface for better control over which inetrfaces are providing DHCP service. * Fix issue with stale caching * Add configurable caching for arbitrary RR-types. * Add --filter-rr option, to filter arbitrary RR-types. ==== dracut ==== Version update (059+suse.549.gc9f63878 -> 059+suse.554.g6144bf71) - Update to version 059+suse.554.g6144bf71: * fix(dracut.spec): update dracut-fips requirements (bsc#1219869) - Update to version 059+suse.552.g4610ef1b: * fix(dracut-util): do not call `strcmp` if the `value` argument is NULL (bsc#1219841) ==== e2fsprogs ==== Subpackages: e2fsprogs-scrub libcom_err2 libext2fs2 - Use %patch -P N instead of deprecated %patchN. ==== ebook-tools ==== - Use %patch -P N instead of deprecated %patchN. ==== ed ==== Version update (1.20 -> 1.20.1) - GNU ed 1.20.1: * New command-line options '+line', '+/RE', and '+?RE' have been implemented to set the current line to the line number specified or to the first or last line matching the regular expression 'RE'. * File names containing control characters 1 to 31 are now rejected unless they are allowed with the command-line option '--unsafe-names'. * File names containing control characters 1 to 31 are now printed using octal escape sequences. * Ed now rejects file names ending with a slash. * Intervening commands that don't set the modified flag no longer make a second 'e' or 'q' command fail with a 'buffer modified' warning. * Tilde expansion is now performed on file names supplied to commands; if a file name starts with '~/', the tilde (~) is expanded to the contents of the variable HOME. * Ed now warns the first time that a command modifies a buffer loaded from a read-only file. * It has been documented that 'e' creates an empty buffer if file does not exist. * It has been documented that 'f' sets the default filename, whether or not its argument names an existing file. * The description of the exit status has been improved in '--help' and in the manual. ==== eekboard ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== efont-unicode-bitmap-fonts ==== - Use %patch -P N instead of deprecated %patchN. ==== ell ==== Version update (0.61 -> 0.62) - Update to version 0.62 * Add support for cleanup functions and macros. * Add support for setting DHCP max attempts. ==== emacs-flim ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== epson-inkjet-printer-escpr ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== espeak ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== expat ==== Version update (2.5.0 -> 2.6.0) Subpackages: libexpat1 - Fix handling of xmlwf.1 to avoid workarounds in specfile: * Added libxml2-fix-xmlwf.1-handling.patch - Call buildconf.sh to avoid (future) issues with expat_config.h.in - Update keyring automatically from keyserver during OBS service run. - Explicitly use --without-docbook (before it was implicit). - Include missing files for documentation and examples. - Add manpage for xmlwf, which is now available in the released tarball. - Clean the spec file a bit. - Update to 2.6.0: * Security fixes: - CVE-2023-52425 (boo#1219559) - - Fix quadratic runtime issues with big tokens that can cause denial of service, in partial where dealing with compressed XML input. Applications that parsed a document in one go -- a single call to functions XML_Parse or XML_ParseBuffer -- were not affected. The smaller the chunks/buffers you use for parsing previously, the bigger the problem prior to the fix. Backporters should be careful to no omit parts of pull request #789 and to include earlier pull request #771, in order to not break the fix. - CVE-2023-52426 (boo#1219561) - - Fix billion laughs attacks for users compiling *without* XML_DTD defined (which is not common). Users with XML_DTD defined have been protected since Expat >=2.4.0 (and that was CVE-2013-0340 back then). * Bug fixes: - Fix parse-size-dependent "invalid token" error for external entities that start with a byte order mark - Fix NULL pointer dereference in setContext via XML_ExternalEntityParserCreate for compilation with XML_DTD undefined - Protect against closing entities out of order * Other changes: - Improve support for arc4random/arc4random_buf - Improve buffer growth in XML_GetBuffer and XML_Parse - xmlwf: Support --help and --version - xmlwf: Support custom buffer size for XML_GetBuffer and read - xmlwf: Improve language and URL clickability in help output - examples: Add new example "element_declarations.c" - Be stricter about macro XML_CONTEXT_BYTES at build time - Make inclusion to expat_config.h consistent - Autotools: configure.ac: Support --disable-maintainer-mode - Autotools: Sync CMake templates with CMake 3.26 - Autotools: Make installation of shipped man page doc/xmlwf.1 independent of docbook2man availability - Autotools|CMake: Add missing -DXML_STATIC to pkg-config file section "Cflags.private" in order to fix compilation against static libexpat using pkg-config on Windows - Autotools|CMake: Require a C99 compiler (a de-facto requirement already since Expat 2.2.2 of 2017) - Autotools|CMake: Fix PACKAGE_BUGREPORT variable - Autotools|CMake: Make test suite require a C++11 compiler - CMake: Require CMake >=3.5.0 - CMake: Lowercase off_t and size_t to help a bug in Meson - CMake: Sort xmlwf sources alphabetically - CMake|Windows: Fix generation of DLL file version info - CMake: Build tests/benchmark/benchmark.c as well for a build with -DEXPAT_BUILD_TESTS=ON - docs: Document the importance of isFinal + adjust tests accordingly - docs: Improve use of "NULL" and "null" - docs: Be specific about version of XML (XML 1.0r4) and version of C (C99); (XML 1.0r5 will need a sponsor.) - docs: reference.html: Promote function XML_ParseBuffer more - docs: reference.html: Add HTML anchors to XML_* macros - docs: reference.html: Upgrade to OK.css 1.2.0 - docs: Fix typos - docs|CI: Use HTTPS URLs instead of HTTP at various places - Address compiler warnings - Address clang-tidy warnings - Version info bumped from 9:10:8 (libexpat*.so.1.8.10) to 10:0:9 (libexpat*.so.1.9.0); see https://verbump.de/ for what these numbers do ==== fde-tools ==== Subpackages: fde-tools-bash-completion fde-tpm-helper - Add fde-tools-bsc1213945-set-rsa-key-size.patch to set the highest supported RSA key size (bsc#1213945) ==== gcc ==== - Add gcc-build flavor for building ALP packages, but disabled for openSUSE. - Support building suffixed packages, but only allow installing one variant at the same time. - Remove obsolete obsoletes. ==== gcc14 ==== Version update (13.2.1+git8285 -> 14.0.1+git8957) Subpackages: libasan8 libatomic1 libgcc_s1 libgfortran5 libgomp1 libhwasan0 libitm1 liblsan0 libobjc4 libstdc++6 libstdc++6-locale libstdc++6-pp libtsan2 libubsan1 - Update to trunk head, 4a1cd5560b9b545eb848eb1d1e06d345fb, git8957 * bumps libgphobos and libgdrundime SONAME - Use %patch -P N instead of %patchN - Refresh gcc44-rename-info-files.patch ==== gd ==== Subpackages: libgd3 - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN. ==== gdm ==== Subpackages: gdm-schema gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0 - Drop gdm-disable-wayland-on-mgag200-chipsets.patch: fixed upstream since version 43.0. ==== gegl ==== Version update (0.4.46 -> 0.4.48) Subpackages: gegl-0_4 libgegl-0_4-0 - Update to version 0.4.48: + Core: - GeglColor extended with GBytes API, and space aware accesors for RGB and CMYK. Better runtime handling of mismatched GEGL ops in graphs. + Build: - Use gi-docgen - Updated vendored libraries - ctx has been updated from upstream. + Operations: - dropshadow: Fix shrinking with negative-grow radius. - mantiuk: opt out of OpenMP when building with clang. - voroni: fix crash. - shuffle-search: in progress (in workshop, not built by default) brute-force dither optimizer. - prepare gi-docgen documentation. disabled for now. - Replace BuildRequires libSDL2-devel with pkgconfig(sdl2) which fixes building in SLE where both libSDL2-devel and a newer SDL2-devel packages are available. ==== git ==== Version update (2.43.0 -> 2.43.2) Subpackages: git-core git-email git-web perl-Git - Do not replace apparmor configuration, fixes bsc#1216545 - update to 2.43.2: * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.2.txt * Update to a new feature recently added, "git show-ref --exists". * Rename detection logic ignored the final line of a file if it is an incomplete line. * "git diff --no-rename A B" did not disable rename detection but did not trigger an error from the command line parser. * "git diff --no-index file1 file2" segfaulted while invoking the external diff driver, which has been corrected. * A failed "git tag -s" did not necessarily result in an error depending on the crypto backend, which has been corrected. * "git stash" sometimes was silent even when it failed due to unwritable index file, which has been corrected. * Recent conversion to allow more than 0/1 in GIT_FLUSH broke the mechanism by flipping what yes/no means by mistake, which has been corrected. - update to 2.43.1: * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.1.txt ==== gnome-control-center ==== Version update (45.2 -> 45.3) Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-user-faces - Update to version 45.3: + Datetime: Fix build with -Wincompatible-pointer-types. + Region: Prevent preview crash from accessing invalid pointer. + Wifi: Fix build with -Wincompatible-pointer-types. - Drop gnome-control-center-fix-region-preview-crash.patch: fixed upstream. ==== gnome-maps ==== - Update license based on legaldb review ==== gnome-music ==== Version update (45.0 -> 45.1) - Update to version 45.1: + Tracker queries improvements. ==== gnome-shell ==== Subpackages: gnome-extensions gnome-shell-calendar - Add gjs Requires, because ScreenSaver DBus daemon is a gjs script. (bsc#1219359) ==== gpgme ==== Subpackages: libgpgme11 libgpgmepp6 - Update gpgme-D545-obsolete-distutils.patch with upstream's changes (but use pip instead of python-build for wheel building) - Change from in-place build to out-of-place build in order to reflect upstream's build setup (See D545) - Don't replace distutils in 15.X ==== gpgmeqt ==== - Update gpgme-D545-obsolete-distutils.patch with upstream's changes (but use pip instead of python-build for wheel building) - Change from in-place build to out-of-place build in order to reflect upstream's build setup (See D545) - Don't replace distutils in 15.X ==== graphviz ==== Subpackages: libcdt5 libcgraph6 libgvc6 libpathplan4 - Use %patch -P N instead of deprecated %patchN. - Update graphviz-rpmlintrc ==== grub2 ==== Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin - Fix grub.xen memdisk script doesn't look for /boot/grub/grub.cfg (bsc#1219248) (bsc#1181762) * grub2-xen-pv-firmware.cfg * 0001-disk-Optimize-disk-iteration-by-moving-memdisk-to-th.patch - Fix PowerPC grub loads 5 to 10 minutes slower on SLE-15-SP5 compared to SLE-15-SP2 (bsc#1217102) * add 0001-ofdisk-enhance-boot-time-by-focusing-on-boot-disk-re.patch * add 0002-ofdisk-add-early_log-support.patch - Sort tar file order for reproducible builds ==== hdparm ==== - Use %patch -P N instead of deprecated %patchN. ==== hfsutils ==== - Use %patch -P N instead of deprecated %patchN. ==== highway ==== Version update (1.0.7 -> 1.1.0) - Update to release 1.1.0 * Add BitCastScalar, DispatchedTarget, Foreach * Add Div/Mod and MaskedDiv/ModOr, SaturatedAbs, SaturatedNeg * Add InterleaveWholeLower/Upper, Dup128VecFromValues * Add IsInteger, IsIntegerLaneType, RemoveVolatile, RemoveCvRef * Add MaskedAdd/Sub/Mul/Div/Gather/Min/Max/SatAdd/SatSubOr * Add MaskFalse, IfNegativeThenNegOrUndefIfZero, PromoteEven/OddTo * Add ReduceMin/Max, 8-bit reductions, f16 <-> f64 conversions * Add Span, AlignedArray, matrix-vector mul * Add SumsOf2/4, I8 SumsOf8, SumsOfAdjQuadAbsDiff, SumsOfShuffledQuadAbsDiff * Extend Dot to f32*bf16, FMA to integer * Fix: RVV 8-bit overflow, UB in vqsort, big-endian bugs, PPC HTM * New targets: HWY_Z14, HWY_Z15 ==== hp2xx ==== - Use %patch -P N instead of deprecated %patchN. ==== hplip ==== Subpackages: hplip-hpijs hplip-sane hplip-udev-rules - Use %patch -P N instead of deprecated %patchN. ==== hwdata ==== Version update (0.378 -> 0.379) - update to 0.379: * Update pci, usb and vendor ids ==== ibus ==== Subpackages: libibus-1_0-5 typelib-1_0-IBus-1_0 - Use %patch -P N instead of deprecated %patchN. ==== intlfonts ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== iso_ent ==== - Use %patch -P N instead of deprecated %patchN. ==== jasper ==== Version update (4.2.0 -> 4.2.1) - Update to 4.2.1: * Fix a build problem for the DJGPP/MS-DOS environment (#372). ==== jfsutils ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== kColorPicker-Qt5 ==== - Fix build on Leap. The Qt6 packaging macros set the minimum compiler version - Change %post/%postun to %ldconfig_scriptlets ==== kernel-firmware ==== Version update (20240201 -> 20240220) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20240220 (git commit 73b4429fae36): * linux-firmware: update firmware for en8811h 2.5G ethernet phy * linux-firmware: add firmware for MT7996 * xe: First GuC release for LNL and Xe * i915: Add GuC v70.20.0 for ADL-P, DG1, DG2, MTL and TGL * linux-firmware: Add CS35L41 firmware for Lenovo Legion 7i gen7 laptop (16IAX7) * brcm: Add nvram for the Asus Memo Pad 7 ME176C tablet * ice: update ice DDP package to 1.3.36.0 * Intel IPU3 ImgU: Move firmware file under intel/ipu * Intel IPU6: Move firmware binaries under ipu/ * check_whence: Add a check for duplicate link entries * WHENCE: Clean up section separators * linux-firmware: Add CS35L41 firmware for additional ASUS Zenbook 2023 models * panthor: Add initial firmware for Gen10 Arm Mali GPUs * amdgpu: DMCUB Updates for DCN321: 7.0.38.0 * amdgpu: DMCUB updates for Yellow Carp: 4.0.68.0 * qcom: update venus firmware file for v5.4 * Montage: add firmware for Mont-TSSE * amdgpu: update DMCUB to v0.0.203.0 for DCN314 and DCN32 * linux-firmware: Remove 2 HP laptops using CS35L41 Audio Firmware * linux-firmware: Fix filenames for some CS35L41 firmwares for HP - Use patch macro -P option for RPM 4.20 ==== kernel-source ==== Version update (6.7.4 -> 6.7.5) - Linux 6.7.5 (bsc#1012628). - ext4: regenerate buddy after block freeing failed if under fc replay (bsc#1012628). - dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools (bsc#1012628). - dmaengine: ti: k3-udma: Report short packet errors (bsc#1012628). - dmaengine: fsl-qdma: Fix a memory leak related to the status queue DMA (bsc#1012628). - dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA (bsc#1012628). - phy: qcom-qmp-usb: fix register offsets for ipq8074/ipq6018 (bsc#1012628). - phy: qcom-qmp-usb: fix serdes init sequence for IPQ6018 (bsc#1012628). - phy: renesas: rcar-gen3-usb2: Fix returning wrong error code (bsc#1012628). - perf tests: Add perf script test (bsc#1012628). - perf test: Fix 'perf script' tests on s390 (bsc#1012628). - perf evlist: Fix evlist__new_default() for > 1 core PMU (bsc#1012628). - dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV (bsc#1012628). - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (bsc#1012628). - cifs: avoid redundant calls to disable multichannel (bsc#1012628). - cifs: failure to add channel on iface should bump up weight (bsc#1012628). - drm/msms/dp: fixed link clock divider bits be over written in BPC unknown case (bsc#1012628). - drm/msm/dp: return correct Colorimetry for DP_TEST_DYNAMIC_RANGE_CEA case (bsc#1012628). - drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup (bsc#1012628). - wifi: iwlwifi: mvm: skip adding debugfs symlink for reconfig (bsc#1012628). - x86/efistub: Give up if memory attribute protocol returns an error (bsc#1012628). - x86/efistub: Avoid placing the kernel below LOAD_PHYSICAL_ADDR (bsc#1012628). - net: stmmac: xgmac: fix handling of DPP safety error for DMA channels (bsc#1012628). - wifi: cfg80211: consume both probe response and beacon IEs (bsc#1012628). - wifi: mac80211: fix RCU use in TDLS fast-xmit (bsc#1012628). - wifi: mac80211: fix unsolicited broadcast probe config (bsc#1012628). - wifi: mac80211: fix waiting for beacons logic (bsc#1012628). - wifi: iwlwifi: exit eSR only after the FW does (bsc#1012628). - wifi: brcmfmac: Adjust n_channels usage for __counted_by (bsc#1012628). - netdevsim: avoid potential loop in nsim_dev_trap_report_work() (bsc#1012628). - net: atlantic: Fix DMA mapping for PTP hwts ring (bsc#1012628). - selftests: net: cut more slack for gro fwd tests (bsc#1012628). - selftests/net: convert unicast_extensions.sh to run it in unique namespace (bsc#1012628). - selftests/net: convert pmtu.sh to run it in unique namespace (bsc#1012628). - selftests/net: change shebang to bash to support "source" (bsc#1012628). - selftests: net: fix tcp listener handling in pmtu.sh (bsc#1012628). - selftests: net: avoid just another constant wait (bsc#1012628). - tsnep: Fix mapping for zero copy XDP_TX action (bsc#1012628). - tunnels: fix out of bounds access when building IPv6 PMTU error (bsc#1012628). - atm: idt77252: fix a memleak in open_card_ubr0 (bsc#1012628). - octeontx2-pf: Fix a memleak otx2_sq_init (bsc#1012628). - hwmon: (aspeed-pwm-tacho) mutex for tach reading (bsc#1012628). - hwmon: (coretemp) Fix out-of-bounds memory access (bsc#1012628). - hwmon: (coretemp) Fix bogus core_id to attr name mapping (bsc#1012628). - inet: read sk->sk_family once in inet_recv_error() (bsc#1012628). - drm/i915/gvt: Fix uninitialized variable in handle_mmio() (bsc#1012628). - x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section (bsc#1012628). - rxrpc: Fix generation of serial numbers to skip zero (bsc#1012628). - rxrpc: Fix delayed ACKs to not set the reference serial number (bsc#1012628). - rxrpc: Fix response to PING RESPONSE ACKs to a dead call (bsc#1012628). - rxrpc: Fix counting of new acks and nacks (bsc#1012628). - selftests: net: let big_tcp test cope with slow env (bsc#1012628). - tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() (bsc#1012628). - af_unix: Call kfree_skb() for dead unix_(sk)->oob_skb in GC (bsc#1012628). - devlink: avoid potential loop in devlink_rel_nested_in_notify_work() (bsc#1012628). - ppp_async: limit MRU to 64K (bsc#1012628). - selftests: cmsg_ipv6: repeat the exact packet (bsc#1012628). - netfilter: nft_compat: narrow down revision to unsigned 8-bits (bsc#1012628). ... changelog too long, skipping 163 lines ... - commit 1dccf2a ==== keyutils ==== Subpackages: libkeyutils1 - Use %patch -P N instead of deprecated %patchN. ==== kmozillahelper ==== - Remove rpm_macro(cmake_kf5) BR, not supported on Leap and extra-cmke-modules already takes care of that. ==== kvm_stat ==== Version update (6.7.4 -> 6.7.5) - Use %patch -P N instead of deprecated %patchN. ==== lastlog2 ==== Version update (1.2.0 -> 1.3.1) Subpackages: liblastlog2-1 - Verson 1.3.1 - pam_lastlog2: improve ll2_read_entry error handling [bsc#1220000] - Version 1.3.0 - fix sqlite3_step error handling ==== libHX ==== Version update (4.21 -> 4.23) - Update to release 4.23 * io: use smaller chunks with sendfile(2) to work around unusual API behavior * io: make HX_copy_file() utilize copy_file_range when available ==== libadwaita ==== Version update (1.4.2 -> 1.4.3) Subpackages: libadwaita-1-0 typelib-1_0-Adw-1 - Update to version 1.4.3: + AdwAboutWindow: Don't pre-select the first section on the Legal page. + AdwHeaderBar: Fix visibility after changing :show-back-button. + AdwPreferencesWindow: Fix :visible-page and :visible-page-name docs. + AdwViewSwitcherBar: Fix a warning when empty. + Updated translations. ==== libapparmor ==== - Use %patch -P N instead of deprecated %patchN. - Add apparmor-abstractions-openssl-allow-version-specific-en.patch to allow version specific engdef & engines openssl paths (boo#1219571) ==== libblockdev ==== Version update (3.0.4 -> 3.1.0) Subpackages: libbd_btrfs3 libbd_crypto3 libbd_fs3 libbd_loop3 libbd_lvm3 libbd_mdraid3 libbd_nvme3 libbd_part3 libbd_swap3 libbd_utils3 libblockdev3 - Update to 3.1.0: * Add BDPluginSpec constructor and use it in plugin_specs_from_names * overrides: Remove unused 'sys' import * swap: Add support for checking label and UUID format * fs: Add a function to check label format for F2FS * fs: Add a generic function to check for fs info availability * fs: Fix allowed UUID for generic mkfs with VFAT * fs: Add support for getting filesystem min size for NTFS and Ext * Mark NVDIMM plugin as deprecated since 3.1 * part: Fix potential double free when getting parttype * Fix missing progress initialization in bd_crypto_luks_add_key * lvm-dbus: Fix leaking error * lvm-dbus: Avoid using already-freed memory * utils: Add expected printf string annotation * fs: Report reason for open() and ioctl() failures ==== libdbusmenu-qt5 ==== - Switch to %autosetup - Drop obsolete patch: * full_include_dir.patch ==== libdecor ==== Subpackages: libdecor-0-0 - Remove the -devel package from baselibs.conf ==== libdeflate ==== - baselibs for tools and devel reportedly not needed - modified sources % baselibs.conf - introduce baselibs.conf for openexr https://build.opensuse.org/request/show/1144873 - added sources + baselibs.conf ==== libei ==== - Add baselibs.conf: GNOME 46's at-spi2-core newly linkes libei, and the at-spi stack is made available bi-arch. ==== libguestfs ==== Subpackages: libguestfs-appliance libguestfs-xfs libguestfs0 - bsc#1206361 - SLES 15 SP5 Beta2 - virt-customize ssh-inject fails (s390x/kvm/libvirt) (-> Server-Applications module) use-rtc-driftfix-slew-for-x86-only.patch ==== libgusb ==== - Explicitly require python311-packaging if python 3.11 is being used. On SLE, python 3.6 is still the default, but 3.11 is used by meson. Drop python3-base from BuildRequires: it is not needed, since python will be pulled in by meson. ==== libjpeg-turbo ==== - Update to version 3.0.2 * Fixed a signed integer overflow in the tj3CompressFromYUV8(), tj3DecodeYUV8(), tj3DecompressToYUV8(), and tj3EncodeYUV8() functions, detected by the Clang and GCC undefined behavior sanitizers, that could be triggered by setting the align parameter to an unreasonably large value. This issue did not pose a security threat, but removing the warning made it easier to detect actual security issues, should they arise in the future. * Introduced a new parameter (TJPARAM_MAXMEMORY in the TurboJPEG C API and TJ.PARAM_MAXMEMORY in the TurboJPEG Java API) and a corresponding TJBench option (-maxmemory) for specifying the maximum amount of memory (in megabytes) that will be allocated for intermediate buffers, which are used with progressive JPEG compression and decompression, optimized baseline entropy coding, lossless JPEG compression, and lossless transformation. The new parameter and option serve the same purpose as the max_memory_to_use field in the jpeg_memory_mgr struct in the libjpeg API, the JPEGMEM environment variable, and the cjpeg/djpeg/jpegtran -maxmemory option. * Introduced a new parameter (TJPARAM_MAXPIXELS in the TurboJPEG C API and TJ.PARAM_MAXPIXELS in the TurboJPEG Java API) and a corresponding TJBench option (-maxpixels) for specifying the maximum number of pixels that the decompression, lossless transformation, and packed-pixel image loading functions/methods will process. * Fixed an error ("Unsupported color conversion request") that occurred when attempting to decompress a 3-component lossless JPEG image without an Adobe APP14 marker. The decompressor now assumes that a 3-component lossless JPEG image without an Adobe APP14 marker uses the RGB colorspace if its component IDs are 1, 2, and 3. ==== libjxl-gtk ==== Version update (0.9.2 -> 0.10.0) Subpackages: gdk-pixbuf-loader-jxl gimp-plugin-jxl - Update to release 0.10 * decoder: added ``JxlDecoderGetBoxSizeContents`` for getting the size of the content of a box without the headers. * encoder: implemented new API functions for streaming encoding. ==== liblangtag ==== Version update (0.6.4 -> 0.6.7) - version update to 0.6.7 0.6.6 -> 0.6.7 ================= Akira TAGOH (1): Add missing header 0.6.5 -> 0.6.6 ================= Akira TAGOH (2): Do not use variable array of bash-ism. Fix more compile warnings - deleted patches - 0001-ro-MD-ro-to-get-make-check-to-succeed.patch (upstreamed) ==== libnvme ==== Version update (1.7.1+0.g13ba383 -> 1.8+0.gbff7dda) Subpackages: libnvme-mi1 libnvme1 - Update to version 1.8+0.gbff7dda: * linux: Explicitly initialize auto-cleanup variables * example: fix mi identify failed with error cntid * tree: do not issue an error when subsys lookup fails during scanning * types: Add controller properties CMBEBS, CMBSWTP and NSSD * tests: Add sample NBFT table from Dell PowerEdge R660 * tests: Add sample NBFT table from Dell PowerEdge R760 * tests: Fix diffs output for duplicate HFI entries * nbft: avoid duplicate entries in ssns->hfis * nbft: Fix (struct nbft_info_subsystem_ns).num_hfis off-by-one * test: read and dump sysfs tar file * nvme: allow to overwrite hostnqn and hostid * nvme: allow to overwrite base sysfs path * json: dump the output to the user selected filedescriptor * libnvme: export nvme_dump_tree * fabrics: add 'concat' option * mi: set correct rc and errno when crc mismatch * tree: use logical block size for lba * json-schema: add keyring and tls_key details (bsc#1219086) * build: checkout full repo for checkpatch * linux: avoid segfault in check-tls-key due to null hostnqn/subsysnqn (bsc#1219086) * meson.build: fixup 'join' syntax * util: Explicitly initialize auto-cleanup variables * tree: Explicitly initialize auto-cleanup variables * linux: Explicitly initialize auto-cleanup variables * fabrics: Explicitly initialize auto-cleanup variables * util: Added function to find specific UUID in UUID list. * build: fix release python tag match - Disable new unit test which is not running stable in OSB * add 0001-build-disable-sysfs-test.patch ==== libpaper ==== Version update (2.1.2 -> 2.1.3) Subpackages: libpaper-tools libpaper2 - Update 2.1.3: * This release fixes a small problem with the paperspecs(5) man page, and ensures that the name of the ‘paper’ program is always set, even in a non-relocatable build. ==== libphonenumber ==== Version update (8.13.23 -> 8.13.30) - Update to version 8.13.30: * Update alternate formatting data, phone metadata, geocoding data, carrier data * Updated / refreshed time zone meta data. * New geocoding data - Add patch submitted to upstream at gh#google/libphonenumber#3394 to fix building with protobuf 3.25.1: * 0001-Add-support-to-protobuf-3.25.1.patch - Add patch submitted in gh#sergiomb2/libphonenumber#1 by Fabian Vogt: * 0002-Avoid-intermediate-proto-object-library.patch ==== libpng16 ==== Version update (1.6.40 -> 1.6.42) - Update to version 1.6.42: * Fixed the implementation of the macro function "png_check_sig". This was an API regression, introduced in libpng-1.6.41. (Reported by Matthieu Darbois) ==== libqt5-qtbase ==== Version update (5.15.12+kde147 -> 5.15.12+kde151) Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5OpenGL5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-mysql libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 libqt5-qtbase-platformtheme-gtk3 - Update to version 5.15.12+kde151: * Improve KTX file reading memory safety (CVE-2024-25580, boo#1219996) * Revert "xcb: only set base size when it's valid" * Fix potential leak of QPropertyAnimation in QLineEditIconButton * QBitArray: correct inline keyword ==== libqt5-qtwebengine ==== - Switch to '%patch -P' - Build with python 3.11 on Leap ==== libshumate ==== Subpackages: libshumate-1_0-1 typelib-1_0-Shumate-1_0 - Update licenses based on legaldb review ==== libstorage-ng ==== Version update (4.5.176 -> 4.5.191) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - Translated using Weblate (Finnish) (bsc#1149754) - 4.5.191 - Translated using Weblate (Indonesian) (bsc#1149754) - 4.5.190 - merge gh#openSUSE/libstorage-ng#986 - log textdomain codeset - 4.5.189 - merge gh#openSUSE/libstorage-ng#985 - log locale - 4.5.188 - merge gh#openSUSE/libstorage-ng#984 - log some languange environmant variables - log some language environment variables - 4.5.187 - Translated using Weblate (Georgian) (bsc#1149754) - 4.5.186 - Translated using Weblate (Swedish) (bsc#1149754) - 4.5.185 - Translated using Weblate (Czech) (bsc#1149754) - 4.5.184 - Translated using Weblate (Slovak) (bsc#1149754) - 4.5.183 - merge gh#openSUSE/libstorage-ng#983 - fixed typo - 4.5.182 - Translated using Weblate (Dutch) (bsc#1149754) - 4.5.181 - Translated using Weblate (Japanese) (bsc#1149754) - Translated using Weblate (Catalan) (bsc#1149754) - merge gh#openSUSE/libstorage-ng#982 - updated pot and po files - 4.5.180 - Translated using Weblate (Georgian) (bsc#1149754) - 4.5.179 - merge gh#openSUSE/libstorage-ng#981 - fix reusing volume group name (bsc#1219266) - 4.5.178 - merge gh#openSUSE/libstorage-ng#980 - added experimental support for bcachefs - 4.5.177 ==== libunwind ==== Version update (1.7.2 -> 1.8.0) - Disable LTO on aarch64 until upstream fix the issue: https://github.com/libunwind/libunwind/issues/693 - Update to 1.8.0: * Improve unwinding through a bad function pointer on x86_64 * Fix UMRs indicated by valgrind (x86_64) * fix byte_order_is_valid function logic * Use size_t to match R.H.S * Move get_proc_info_in_range under dwarf/ * Bump actions/checkout@v2 to @V3 * dwarf_find_unwind_table: Find load_base correctly when current segment does not start at segbase * Add introspection for march=armv8-a+sve * Linux: Make get_elf_image guaranteed AS-safe * Provide syscall wrappers for mmap and munmap * Allow to use a custom dl_iterate_phdr implementation * aarch64: unw_step() validates address before calling dwarf_get * Provide AS-safe allocator to LZMA * Rework register load in aarch64_local_resume() * Fix arm postdecrement * Added support for unwinding through PPC64 PLT entries * Fix array indexing bug in dwarf_search_unwind_table * Fix unaligned memory accesses in */Ginit.c * Get filename and offset from ip * Fix maps leak if caller's pathlen is too small * Adjust DYNAMIC addrs in loaded image * Fix crash in elf_w(valid_object) * Fix segfault on QNX ==== make ==== - Use %patch -P ==== man ==== - We don't need anymore systemd-tmpfiles (boo#1219370#c13) - Move creation of /var/cache/man into %pre scriplet (boo#1219370) ==== mariadb ==== Version update (11.2.2 -> 11.2.3) Subpackages: libmariadbd19 mariadb-client mariadb-errormessages - Update to 11.2.3: https://mariadb.com/kb/en/mariadb-11-2-3-release-notes/ https://mariadb.com/kb/en/mariadb-11-2-3-changelog/ - Update list of skipped tests ==== mdevctl ==== - Add /usr/lib/mdevctl/scripts.d/{callouts,notifiers} directories ==== mozilla-nss ==== Version update (3.96.1 -> 3.97) Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs mozilla-nss-tools - update to NSS 3.97 * bmo#1875506 - make Xyber768d00 opt-in by policy * bmo#1871631 - add libssl support for xyber768d00 * bmo#1871630 - add PK11_ConcatSymKeys * bmo#1775046 - add Kyber and a PKCS#11 KEM interface to softoken * bmo#1871152 - add a FreeBL API for Kyber * bmo#1826451 - part 2: vendor github.com/pq-crystals/kyber/commit/e0d1c6ff * bmo#1826451 - part 1: add a script for vendoring kyber from pq-crystals repo * bmo#1835828 - Removing the calls to RSA Blind from loader.* * bmo#1874111 - fix worker type for level3 mac tasks * bmo#1835828 - RSA Blind implementation * bmo#1869642 - Remove DSA selftests * bmo#1873296 - read KWP testvectors from JSON * bmo#1822450 - Backed out changeset dcb174139e4f * bmo#1822450 - Fix CKM_PBE_SHA1_DES2_EDE_CBC derivation * bmo#1871219 - Wrap CC shell commands in gyp expansions ==== mpg123 ==== Version update (1.32.4 -> 1.32.5) Subpackages: libmpg123-0 mpg123-openal - Update to version 1.32.5 build: * CMake port uses CFLAGS for pulse/jack/tinyalsa properly now (bug 366). * CMake port links libsyn123 with libm now (bug 370). libmpg123: * Fix --enable-portable (no usage of LFS_WRAP_NONE, bug 368). * Fix dct36 wrapper usage for x86-64 and NEON. Stupid (bug 367) and also avoid returning void. * Make ARM builds work with nagging (missing feature macros for std=c99). ==== mtools ==== - Use %autosetup macro. ==== multipath-tools ==== Version update (0.9.7+93+suse.e2f2272 -> 0.9.8~1+82+suse.dcd98a3) Subpackages: kpartx libmpath0 - Update to version 0.9.8~1+82+suse.dcd98a3: * Adapt package version such that it shows as a 0.9.8 prerelease * Add missing udev rules file - Update to version 0.9.7+148+suse.9780ae0: * 11-dm-mpath.rules: Fix quoting mistake (bsc#1219142) - Update to version 0.9.7+148+suse.7d9953e.obscpio * This is a multipath-tools 0.9.8 pre-release * fix fast_io_fail for Infinibox (bsc#1219348) * Fix activation of LVM volume groups during coldplug (bsc#1219142) - Update to version 0.9.7+140+suse.2d78457: * This is a multipath-tools 0.9.8 pre-release * Socket activation via multipathd.socket has been disabled by default because it has undesirable side effects on systems without multipath. Users with multipath hardware should enable multipathd.service * The restorequeueing CLI command now only enables queueing if disablequeueing had been sent before * Avoid multipathd hang during map flush * multipathd now tracks the queueing mode of maps in its internal features string * Improve error messages in 'multipathd -k' * Fix segfault in autoresize code (bsc#1219289) * Fix missing map reloads (bsc#1219796) * Documentation fixes, spelling fixes, minor code fixes ==== musepack ==== - Use %patch -P N instead of deprecated %patchN. ==== ncurses ==== Version update (6.4.20240120 -> 6.4.20240210) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20240210 + compiler-warning fixes, while investigating an optimizer bug in "gcc (MacPorts gcc13 13.2.0_4+stdlib_flag) 13.2.0" which results in only the first byte of a multibyte character being printed to the screen. - Change order of use=vt100+4bsd and use=rxvt+pcfkeys in rxvt-basic to get correct arrow keys back (boo#1219626) - Add ncurses patch 20240203 + minor changes to tracing and locale-checks. - Add ncurses patch 20240127 + amend change to z39-a (report by Sven Joachim). + use xterm+nopcfkeys, vt52-basic, dec+pp, dec+sl, vt52+arrows, hp+pfk+cr, klone+acs, klone+color, klone+sgr, ncr160wy50+pp to trim -TD + NetBSD-related fixes for x68k and wsvt52 (patch by Thomas Klausner) ==== neon ==== - Use %patch -P N instead of deprecated %patchN. ==== nodejs21 ==== Version update (21.5.0 -> 21.6.2) Subpackages: npm21 - Update to 21.6.2: (security updates) * (CVE-2024-21892, bsc#1219992) - Code injection and privilege escalation through Linux capabilities- (High) * (CVE-2024-22019, bsc#1219993) - http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High) * (CVE-2024-21896, bsc#1219994) - Path traversal by monkey-patching Buffer internals- (High) * (CVE-2024-22017, bsc#1219995) - setuid() does not drop all privileges due to io_uring - (High) * (CVE-2023-46809, bsc#1219997) - Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) - (Medium) * (CVE-2024-21891, bsc#1219998) - Multiple permission model bypasses due to improper path traversal sequence sanitization - (Medium) * (CVE-2024-21890, bsc#1219999) - Improper handling of wildcards in --allow-fs-read and --allow-fs-write (Medium) * (CVE-2024-22025, bsc#1220014) - Denial of Service by resource exhaustion in fetch() brotli decoding - (Medium) * undici version 5.28.3 (CVE-2024-24758, bsc#1220017) * libuv version 1.48.0 - Update to 21.6.1: * Revert "stream: fix cloned webstreams not being unref'd" - Changes in 21.6.0: * New connection attempt events * --allow-addons to enable addon usage when using the Permission Model. * Support configurable snapshot through --build-snapshot-config flag - fix_ci_tests.patch: refreshed ==== nvidia-open-driver-G06-signed ==== Version update (545.29.06_k6.7.4_1 -> 545.29.06_k6.7.5_1) - re-enable build of -azure kernel flavor; syntax check was wrong - remove conflicts to nvidia-open-driver-G06-kmp, since it's now provided instead (OMG!); add obsoletes to it as well to make sure it gets replaced (bsc#1220196) - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN - kernel-syms-azure is not available on ALP ==== nvme-cli ==== Version update (2.7.1 -> 2.8) Subpackages: nvme-cli-bash-completion - Update to version 2.8: * nvme-print-json: append array object in json_support_log * sed: Add plugin for basic SED Opal operations (jsc#PED-5061) * don't include newlines in already wrapped text * nvme: do not include meta data for PRACT=1 and MD=8 (version 2) * create-ns: align the namespaces to 1Mib boundaries when using SI suffixes * doc: Fix config-schema.json's URL * plugins/solidigm: Compressing vs-internal-log log files into zip file. * nbft: do not issue an error if ACPI tables are missing * nbft: fixup include for libnvme * doc: Fix short option name for cfg-file * completions: added Solidigm plugin to autocomplete scripts * nvme: Remove unused cfg argument from NVME_ARGS() macro * nvme: fix directive receive identify offsets * nvme-fabrics: enable option 'concat' * build: Update libnvme wrap * plugins/wdc: Add Debug Log Collection Support * nbft: fix tcp/dhcp address fallback retry (bsc#1218873) * nvme: use correct telemetry log size * nvme-print: fix typo in list verbose output (bsc#1219086) * nvme: print inserted tls key for check-tls-key (bsc#1219086) * plugins/wdc: Plugin fixes and updates * fabrics: move hostid/hostnqn warnings to verbose level (bsc#1219086) ==== obex-data-server ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN. - Clean spec file ==== openssl-1_1 ==== Subpackages: libopenssl1_1 - Enable running the regression tests in FIPS mode. ==== openvpn ==== Version update (2.6.8 -> 2.6.9) - update to 2.6.9: * Remove unused function prototype crypto_adjust_frame_parameters * Log SSL alerts more prominently * Document tls-exit option mainly as test option * Remove TEST_GET_DEFAULT_GATEWAY as it duplicates --show-gateway * Fix check_session_buf_not_used using wrong index * Add missing check for nl_socket_alloc failure * Add check for nice in cmake config * Remove compat versionhelpers.h and remove cmake/configure check for it * Extend the error message when TLS 1.0 PRF fails * Fix unaligned access in macOS, FreeBSD, Solaris hwaddr * Check PRF availability on initialisation and add --force-tls-key-material-export * Make it more explicit and visible when pkg-config is not found * Clarify that the tls-crypt-v2-verify has a very limited env set * Implement the --tls-export-cert feature * Remove conditional text for Apache2 linking exception * Remove --tls-export-cert * Remove superfluous x509_write_pem() * sample-keys: renew for the next 10 years * GHA: clean up libressl builds with newer libressl * configure.ac: Remove unused AC_TYPE_SIGNAL macro * documentation: remove reference to removed option --show-proxy-settings * unit_tests: remove includes for mock_msg.h * documentation: improve documentation of --x509-track * NTLM: add length check to add_security_buffer * NTLM: increase size of phase 2 response we can handle * proxy-options.rst: Add proper documentation for --http-proxy-user-pass * buf_string_match_head_str: Fix Coverity issue 'Unsigned compared against 0' * --http-proxy-user-pass: allow to specify in either order with --http-proxy * README.cmake.md: Document minimum required CMake version for --preset * documentation: Update and fix documentation for --push-peer-info * documentation: Fixes for previous fixes to --push-peer-info * OpenBSD: repair --show-gateway * get_default_gateway() HWADDR overhaul * fix uncrustify complaints about previous patch * preparing release 2.6.9 * dco-freebsd: dynamically re-allocate buffer if it's too small * tun.c: don't attempt to delete DNS and WINS servers if they're not set * vcpkg-ports/pkcs11-helper: bump to version 1.30 * Add support for mbedtls 3.X.Y * Update README.mbedtls * Disable TLS 1.3 support with mbed TLS * Enable key export with mbed TLS 3.x.y * protocol_dump: tls-crypt support * Fix IPv6 route add/delete message log level * fix(ssl): init peer_id when init tls_multi ==== orc ==== Version update (0.4.34 -> 0.4.37) - version update to 0.4.37 0.4.37 ====== - enable neon instructions on Apple ARM64 (Aleix Conchillo Flaqué) - orcc: Fix regression, was hard-coded to use "sse" as default target (Sebastian Dröge) - MMX backend fixes (L. E. Segovia, Jorge Zapata) - testsuite: Build fixes for Clang (L. E. Segovia) - testsuite, tools: Fix warning caused by inserting unneeded source operands (L. E. Segovia) - orccompiler: call sys_icache_invalidate() to invalidate macos inst cache (Aleix Conchillo Flaqué) - macOS/iOS version/target check build fixes (Aleix Conchillo Flaqué) 0.4.36 ====== - Only use AVX / AVX2 instructions on CPUs that support both AVX and AVX2 (fixes crash on machines that only support AVX) (L. E. Segovia) 0.4.35 ====== - Add support for AVX / AVX2 (L. E. Segovia) - SSE backend improvements (L. E. Segovia) - New `orf` and `andf` opcodes for bitwise AND and OR for single precision floats (Jorge Zapata) - Add support for `convwf`, int16 to float conversion (Jorge Zapata) - Allow backend selection through ORC_TARGET environment variable (L. E. Segovia) - Documentation improvements (Jorge Zapata, L. E. Segovia, Tim-Philipp Müller) - orconce: Use Win32 once implementation with MSVC (Seungha Yang, L. E. Segovia) - orcc: add --binary option to output raw machine code for functions (L. E. Segovia) - orcprofile: Implement Windows high-resolution timestamp for MSVC to allow benchmarking on MSVC builds (L. E. Segovia) ==== osinfo-db ==== - Add support for SLE Micro 6.0 (jsc#PED-6305) add-slem6.0-support.patch - Add support for openSUSE Leap 15.6 (jsc#PED-6305) add-opensuse-leap-15.6-support.patch ==== pam-config ==== Version update (2.10 -> 2.11) - Update to version 2.11 - pam_gnome_keyring: use options in AUTH [bsc#1219767] ==== parted ==== Subpackages: libparted-fs-resize0 libparted2 - avoid deprecated rpm syntax ==== patterns-server ==== Subpackages: patterns-server-dhcp_dns_server patterns-server-directory_server patterns-server-file_server patterns-server-kvm_server patterns-server-kvm_tools patterns-server-lamp_server patterns-server-mail_server patterns-server-printing - Do not recommend mailman: pulls a 2nd python stack. - kvm_server pattern: - stop Recommending tigervnc and virt-install as they're 100% client tools. In fact, it is the kvm_tools pattern that does Require them (leave them as Suggested, for now, just to leave a record of them... but only temporarily). Note that this will result in a different behavior, wrt to the current one. I.e., anyone installing _only_ the kvm_server pattern, will not get those two packages automatically. ==== pcr-oracle ==== - Add fix_loader_conf.patch to measure the systemd-boot loader.conf file ==== pcre2 ==== Version update (10.42 -> 10.43) Subpackages: libpcre2-16-0 libpcre2-32-0 libpcre2-8-0 - pcre2 10.43: * The JIT code no longer supports ARMv5 architecture. * A new function pcre2_get_match_data_heapframes_size() for finer heap control. * New option flags to restrict the interaction between ASCII and non-ASCII characters for caseless matching and \d and friends. There are also new pattern constructs to control these flags from within a pattern. * Upgrade to Unicode 15.0.0. * Treat a NULL pattern with zero length as an empty string. * Added support for limited-length variable-length lookbehind assertions, with a default maximum length of 255 characters (same as Perl) but with a function to adjust the limit. * Perl changed the meaning of (for example) {,3} which did not used to be recognized as a quantifier. Now it means {0,3} and PCRE2 has also changed. Note that {,} is still not a quantifier. * Following Perl, allow spaces and tabs after { and before } in all Perl- compatible items that use braces, and also around commas in quantifiers. The one exception in PCRE2 is \u{...}, which is from ECMAScript, not Perl, and PCRE2 follows ECMAScript usage. * Changed the meaning of \w and its synonyms and derivatives (\b and \B) in UCP mode to follow Perl. It now matches characters whose general categories are L or N or whose particular categories are Mn (non-spacing mark) or Pc (combining punctuation). * Changed the default meaning of [:xdigit:] in UCP mode to follow Perl. It now matches the "fullwidth" versions of hex digits. PCRE2_EXTRA_ASCII_DIGIT can be used to keep it ASCII only. * Make PCRE2_UCP the default in UTF mode in pcre2grep and add - no_ucp, --case-restrict and --posix-digit. * Add --group-separator and --no-group-separator to pcre2grep. ==== perl-Bootloader ==== Version update (1.11 -> 1.12) - merge gh#openSUSE/perl-bootloader#163 - validate test output for each shell individually - update and extend tests - reworked default-settings command - add test case for default-settings - rework get-option command - add test case for get-option - rework del-option command - add test case for del-option - rework add-option command - add test case for add-option - rework grub2-efi install - adjust some tests - systemd-boot test adjusted - rework remove-kernel option and add tests - rework add-kernel option and add tests - adjust kexec-bootloader and add tests - remove support for dash - remove ancient perl library code from master branch - updated git2log script - adjust spec file - rewrite grub2 install to be more compatible (bsc#1214361) - 1.12 ==== php8 ==== Version update (8.2.15 -> 8.2.16) Subpackages: php8-ctype php8-dom php8-iconv php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter - version update to 8.2.16 * This is a bug fix release. - modified patches % php-build-reproducible-phar.patch (refreshed) ==== pipewire ==== Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Force using doxygen-1_10 in SLE where the default doxygen is too old and generates broken docs (boo#1217886) - Add a conflict in -pulseaudio with pipewire-modules-%{apiver} < 1.0.0 since the libpipewire-module-protocol-pulse.so module was included in - modules before 1.0.0 so we should avoid a file conflict. ==== pkcs11-helper ==== Version update (1.29.0 -> 1.30.0) - update to 1.30.0: * core: add dynamic loader provider attribute * openssl: support DSA in libressl-3.5.0 * openssl: fix openssl_ex_data_dup prototype - get rid of almost empty pkcs11-helper package ==== pkgconf ==== Version update (1.8.0 -> 2.1.1) Subpackages: pkgconf-m4 pkgconf-pkg-config - update to 2.1.1: * Fix --modversion with constraints * Reintroduce an optimization to the dependency graph walker which avoids revisiting already visited nodes * Add a regression test to check that the dependency flattener is working as expected - update to 2.1.0: * new solver for higher performance with complicated graphs * Add --license selector to the pkgconf CLI * Add flag --verbose and --solution to CLI * Changes and fixes to --modversion * bug fixes and developer visible changes - drop pkgconf-CVE-2023-24056.patch, now included ==== poppler ==== Version update (23.12.0 -> 24.02.0) Subpackages: libpoppler-cpp0 libpoppler-glib8 poppler-tools - version update to 24.02.0 Release 24.02.0: core: * Fix reading some JBIG2 streams. Issue #1319 * Fix saving some annotation interior color when it's empty * Make searching for fonts when adding annotations a bit faster * Make sure images are compressed when adding them * Small internal code cleanup utils: * pdfimages: return exit code 2 when error opening output files Release 24.01.0: core: * Don't crash on certain documents on the NSS signature backend * Fix infinite loop in some annotation code if there's not space for even one character * Fix build on Android with generic font configuration * Small internal code cleanup ==== poppler-qt5 ==== Version update (23.12.0 -> 24.02.0) - version update to 24.02.0 Release 24.02.0: core: * Fix reading some JBIG2 streams. Issue #1319 * Fix saving some annotation interior color when it's empty * Make searching for fonts when adding annotations a bit faster * Make sure images are compressed when adding them * Small internal code cleanup utils: * pdfimages: return exit code 2 when error opening output files Release 24.01.0: core: * Don't crash on certain documents on the NSS signature backend * Fix infinite loop in some annotation code if there's not space for even one character * Fix build on Android with generic font configuration * Small internal code cleanup ==== potrace ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN. ==== prctl ==== - Use %patch -P N instead of deprecated %patchN. - Move license to %license section ==== publicsuffix ==== Version update (20240123 -> 20240212) - Update to version 20240212: * Add cprapid.com suffix to private section (#1892) * util: gTLD data autopull updates for 2024-02-08T15:13:14 UTC (#1932) * Added Cyclic Software (#1737) * Update public_suffix_list.dat for scw.cloud subdomains (#1740) * Update public_suffix_list.dat (#1926) * Add ZAP-Hosting cloud domain (#1907) * Add `flutterflow.app` (#1666) * Update public_suffix_list.dat (#1614) * Brave Submissions to the Public Suffix List - Q4 2023 (#1872) * Add pley.games (#1881) * Add panel.dev (#1916) * add 12CHARS to private domains (#1915) * Azure updates for Microsoft Corporate Domains (#1891) * Remove blog.kg from private section (#1840) * AWS Submissions to the Public Suffix List - Q4 2023 (#1876) * Homebase requested the addition of id.pub kin.one kin.pub (#1768) * Replace run.app and a.run.app with *.run.app (#1928) * Add pages.gay (#1920) * Update Platform.sh domains (#1792) * fix(adobe): add aem.live and aem.page domains (#1874) * Update code builder domains with the canary (#1802) * Add atmeta.com to PSL and consolidate Meta entries (#1736) * util: gTLD data autopull updates for 2024-01-24T15:14:29 UTC (#1923) ==== pulseaudio ==== Subpackages: libpulse-mainloop-glib0 libpulse0 pulseaudio-setup pulseaudio-utils system-user-pulse - Add cherry-picks to fix UCM crashes * pulseaudio-replace-port-device-UCM-context-assertion-with-an-error.patch * pulseaudio-check-UCM-verb-before-working-with-device-status.patch ==== python-cryptography ==== Version update (41.0.7 -> 42.0.4) - update to 42.0.4 (bsc#1220210, CVE-2024-26130): * Fixed a null-pointer-dereference and segfault that could occur when creating a PKCS#12 bundle. Credit to Alexander-Programming for reporting the issue. CVE-2024-26130 * Fixed ASN.1 encoding for PKCS7/SMIME signed messages. The fields SMIMECapabilities and SignatureAlgorithmIdentifier should now be correctly encoded according to the definitions in :rfc:2633 :rfc:3370. - update to 42.0.3: * Fixed an initialization issue that caused key loading failures for some users. - Drop patch skip_openssl_memleak_test.patch not needed anymore. - update to 42.0.2: * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.1. * Fixed an issue that prevented the use of Python buffer protocol objects in sign and verify methods on asymmetric keys. * Fixed an issue with incorrect keyword-argument naming with EllipticCurvePrivateKey :meth:`~cryptography.hazmat.primitive s.asymmetric.ec.EllipticCurvePrivateKey.exchange`, X25519PrivateKey :meth:`~cryptography.hazmat.primitives.asymm etric.x25519.X25519PrivateKey.exchange`, X448PrivateKey :meth :`~cryptography.hazmat.primitives.asymmetric.x448.X448Private Key.exchange`, and DHPrivateKey :meth:`~cryptography.hazmat.p rimitives.asymmetric.dh.DHPrivateKey.exchange`. - update to 42.0.1: * Fixed an issue with incorrect keyword-argument naming with EllipticCurvePrivateKey :meth:`~cryptography.hazmat.primitive s.asymmetric.ec.EllipticCurvePrivateKey.sign`. * Resolved compatibility issue with loading certain RSA public keys in :func:`~cryptography.hazmat.primitives.serialization. load_pem_public_key`. * BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.7. * BACKWARDS INCOMPATIBLE: Loading a PKCS7 with no content field using :func:`~cryptography.hazmat.primitives.serialization.pk cs7.load_pem_pkcs7_certificates` or :func:`~cryptography.hazm at.primitives.serialization.pkcs7.load_der_pkcs7_certificates ` will now raise a ValueError rather than return an empty list. * Parsing SSH certificates no longer permits malformed critical options with values, as documented in the 41.0.2 release notes. * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.0. * Updated the minimum supported Rust version (MSRV) to 1.63.0, from 1.56.0. * We now publish both py37 and py39 abi3 wheels. This should resolve some errors relating to initializing a module multiple times per process. * Support :class:`~cryptography.hazmat.primitives.asymmetric.pa dding.PSS` for X.509 certificate signing requests and certificate revocation lists with the keyword-only argument rsa_padding on the sign methods for :class:`~cryptography.x509.CertificateSigningRequestBuilder` and :class:`~cryptography.x509.CertificateRevocationListBuilder`. * Added support for obtaining X.509 certificate signing request signature algorithm parameters (including PSS) via :meth:`~cr yptography.x509.CertificateSigningRequest.signature_algorithm _parameters`. * Added support for obtaining X.509 certificate revocation list signature algorithm parameters (including PSS) via :meth:`~cr yptography.x509.CertificateRevocationList.signature_algorithm _parameters`. * Added mgf property to :class:`~cryptography.hazmat.primitives .asymmetric.padding.PSS`. * Added algorithm and mgf properties to :class:`~cryptography.h azmat.primitives.asymmetric.padding.OAEP`. * Added the following properties that return timezone-aware datetime objects: :meth:`~cryptography.x509.Certificate.not_valid_before_utc`, :meth:`~cryptography.x509.Certificate.not_valid_after_utc`, : meth:`~cryptography.x509.RevokedCertificate.revocation_date_u tc`, :meth:`~cryptography.x509.CertificateRevocationList.next _update_utc`, :meth:`~cryptography.x509.CertificateRevocation List.last_update_utc`. These are timezone-aware variants of existing properties that return naïve datetime objects. * Deprecated the following properties that return naïve datetime objects: :meth:`~cryptography.x509.Certificate.not_valid_before`, :meth:`~cryptography.x509.Certificate.not_valid_after`, :meth :`~cryptography.x509.RevokedCertificate.revocation_date`, :me th:`~cryptography.x509.CertificateRevocationList.next_update` , :meth:`~cryptography.x509.CertificateRevocationList.last_up date` in favor of the new timezone-aware variants mentioned above. * Added support for :class:`~cryptography.hazmat.primitives.cip hers.algorithms.ChaCha20` on LibreSSL. * Added support for RSA PSS signatures in PKCS7 with :meth:`~cr yptography.hazmat.primitives.serialization.pkcs7.PKCS7Signatu reBuilder.add_signer`. * In the next release (43.0.0) of cryptography, loading an X.509 certificate with a negative serial number will raise an exception. This has been deprecated since 36.0.0. * Added support for :class:`~cryptography.hazmat.primitives.cip hers.aead.AESGCMSIV` when using OpenSSL 3.2.0+. * Added the :mod:`X.509 path validation ` APIs for ... changelog too long, skipping 9 lines ... - switch to new cargo-vendor ==== python-linux-procfs ==== - align license tag with COPYING ==== python-lxml ==== - Add skip-test-under-libexpat-2.6.0.patch to skip broken test with expat 2.6.0, gh#python/cpython#115133 ==== python311 ==== Subpackages: python311-curses python311-dbm - Add upstream patch libexpat260.patch, Fix tests for XMLPullParser with Expat 2.6.0, gh#python/cpython#115289 ==== python311-core ==== Subpackages: libpython3_11-1_0 python311-base - Add upstream patch libexpat260.patch, Fix tests for XMLPullParser with Expat 2.6.0, gh#python/cpython#115289 ==== qalculate ==== Version update (4.8.1 -> 4.9.0) Subpackages: libqalculate22 qalculate-data - update to v4.9.0: * Support for specifying a fixed denominator for display of fractions (e.g. "0.3 ft ➞ 1/8 ≈ (3 + 5/8) in") * Return gcd of numerators divided by lcm of denominators in gcd() with non-integer rational numbers, and vice versa for lcm() * Add units for mean Gregorian and tropical years * Ignore underscore in number * Replace defunct exchange rates source and fix bitcoin exchange rate * Fix asin(x)=a, acos(x)=a, and atan(x)=a, when a contains an angle unit and default angle unit is set * Fix output of value converted to unit expression with numerical multiplier in denominator, e.g. "➞ L/(100 km)" * Fix segfault when trying to solve "(xsqrt(x)-ysqrt(y))/(sqrt(x)-sqrt(y))=x+sqrt(x*y)+y" * Fix parsing of case insensitive object name ending with Unicode character when followed by another Unicode character in expression, e.g. "микрометр" * Add history command, listing expression history * Display all exponents 0-9 using Unicode superscript characters if these are the only exponents in the expression ==== qemu ==== Version update (8.2.0 -> 8.2.1) Subpackages: qemu-arm qemu-audio-spice qemu-block-curl qemu-block-nfs qemu-block-rbd qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-host qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-img qemu-ipxe qemu-ksm qemu-pr-helper qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios - Just "prettify" the spec files a little: * [openSUSE][RPM] Cosmetic fixes to spec files (copyright, sorting, etc) - Patchqueue shrinking and bugfixing (actually, more of a temporary workaround, until a proper solution is found upstream): * [openSUSE] roms/seabios: revert some upstream commits that break a lot of use-cases * [openSUSE] roms/seabios: Drop an old (and no longer necessary) downstream patch (bsc#1219977) Update to latest stable version (8.2.1) - Downstream changes: * [openSUSE][RPM]: Install the VGA module "more often" (bsc#1219164) * [openSUSE][RPM] Fix handling of qemu-kvm legacy package for RISCV * [openSUSE][RPM] factor common definitions between qemu and qemu-linux-user spec files - Upstream backports: * target/arm: Fix incorrect aa64_tidcp1 feature check * target/arm: Fix A64 scalar SQSHRN and SQRSHRN * target/xtensa: fix OOB TLB entry access * qtest: bump aspeed_smc-test timeout to 6 minutes * monitor: only run coroutine commands in qemu_aio_context * iotests: port 141 to Python for reliable QMP testing * iotests: add filter_qmp_generated_node_ids() * block/blklogwrites: Fix a bug when logging "write zeroes" operations. * virtio-net: correctly copy vnet header when flushing TX (bsc#1218484, CVE-2023-6693) * tcg/arm: Fix SIGILL in tcg_out_qemu_st_direct * linux-user/riscv: Adjust vdso signal frame cfa offsets * linux-user: Fixed cpu restore with pc 0 on SIGBUS * block/io: clear BDRV_BLOCK_RECURSE flag after recursing in bdrv_co_block_status * coroutine-ucontext: Save fake stack for pooled coroutine * tcg/s390x: Fix encoding of VRIc, VRSa, VRSc insns * accel/tcg: Revert mapping of PCREL translation block to multiple virtual addresses * acpi/tests/avocado/bits: wait for 200 seconds for SHUTDOWN event from bits VM * s390x/pci: drive ISM reset from subsystem reset * s390x/pci: refresh fh before disabling aif * s390x/pci: avoid double enable/disable of aif * hw/scsi/esp-pci: set DMA_STAT_BCMBLT when BLAST command issued * hw/scsi/esp-pci: synchronise setting of DMA_STAT_DONE with ESP completion interrupt * hw/scsi/esp-pci: generate PCI interrupt from separate ESP and PCI sources * hw/scsi/esp-pci: use correct address register for PCI DMA transfers * migration/rdma: define htonll/ntohll only if not predefined * hw/pflash: implement update buffer for block writes * hw/pflash: use ldn_{be,le}_p and stn_{be,le}_p * hw/pflash: refactor pflash_data_write() * backends/cryptodev: Do not ignore throttle/backends Errors * target/i386: pcrel: store low bits of physical address in data[0] * target/i386: fix incorrect EIP in PC-relative translation blocks * target/i386: Do not re-compute new pc with CF_PCREL * load_elf: fix iterator's type for elf file processing * target/hppa: Update SeaBIOS-hppa to version 15 * target/hppa: Fix IOR and ISR on error in probe * target/hppa: Fix IOR and ISR on unaligned access trap * target/hppa: Export function hppa_set_ior_and_isr() * target/hppa: Avoid accessing %gr0 when raising exception * hw/hppa: Move software power button address back into PDC * target/hppa: Fix PDC address translation on PA2.0 with PSW.W=0 * hw/pci-host/astro: Add missing astro & elroy registers for NetBSD * hw/hppa/machine: Disable default devices with --nodefaults option * hw/hppa/machine: Allow up to 3840 MB total memory * readthodocs: fully specify a build environment * .gitlab-ci.d/buildtest.yml: Work around htags bug when environment is large * target/s390x: Fix LAE setting a wrong access register * tests/qtest/virtio-ccw: Fix device presence checking * tests/acpi: disallow tests/data/acpi/virt/SSDT.memhp changes * tests/acpi: update expected data files * edk2: update binaries to git snapshot * edk2: update build config, set PcdUninstallMemAttrProtocol = TRUE. * edk2: update to git snapshot * tests/acpi: allow tests/data/acpi/virt/SSDT.memhp changes * util: fix build with musl libc on ppc64le * tcg/ppc: Use new registers for LQ destination * hw/intc/arm_gicv3_cpuif: handle LPIs in in the list registers * hw/vfio: fix iteration over global VFIODevice list * vfio/container: Replace basename with g_path_get_basename * edu: fix DMA range upper bound check * hw/net: cadence_gem: Fix MDIO_OP_xxx values * audio/audio.c: remove trailing newline in error_setg * chardev/char.c: fix "abstract device type" error message * target/riscv: Fix mcycle/minstret increment behavior * hw/net/can/sja1000: fix bug for single acceptance filter and standard frame * target/i386: the sgx_epc_get_section stub is reachable * configure: use a native non-cross compiler for linux-user * include/ui/rect.h: fix qemu_rect_init() mis-assignment * target/riscv/kvm: do not use non-portable strerrorname_np() * iotests: Basic tests for internal snapshots * vl: Improve error message for conflicting -incoming and -loadvm * block: Fix crash when loading snapshot on inactive node - Fixes: * bsc#1218484 (CVE-2023-6693) - Try to solve the qemu-kvm dependency issues on all arches (see, e.g., bsc#1218684) * [openSUSE][RPM] Create the legacy qemu-kvm symlink for all arches - Update the service file to use OBS-scm (by fvogt) - Various fixes: * [openSUSE][RPM] Fix enabling features on non-x86_64 (bsc#1220011, bsc#1219818) * [openSUSE][RPM] Disable test-crypto-secret in linux-user build * [openSUSE] Update ipxe submodule reference (bsc#1219733, bsc#1219722) * [openSUSE][RPM] spec: allow building without spice ==== rdma-core ==== Subpackages: libefa1 libibverbs libibverbs1 libmana1 libmlx4-1 libmlx5-1 librdmacm1 rdma-ndd - Add kernel-boot-do-not-load-module-unsupported-on-s390.patch to prevent autoload of module not supported on s390. (bsc#1219805) ==== rpm ==== Subpackages: librpmbuild10 - Add patches to enable reproducible builds by default (bsc#1148824). For upstream versions see: https://github.com/rpm-software-management/rpm/pull/2880 0001-Add-option-to-set-mtime-of-files-in-rpms.patch 0002-log-build-time-if-it-is-set-from-SOURCE_DATE_EPOCH.patch 0003-Error-out-on-a-missing-changelog-date.patch ==== rpm-config-SUSE ==== Version update (20240118 -> 20240214) - Update to version 20240214: * set_permissions: handle chkstat failure more grateful (bsc#1219736) ==== rubygem-vagrant_cloud ==== Version update (3.0.5 -> 3.1.1) - update to 3.1.1: * Update path prefixing behavior on request [GH-85] - update to 3.1.0: * Add support for architecture in providers [GH-82] ==== rzip ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN. ==== samba ==== Version update (4.19.4+git.339.acf1ccaa020 -> 4.19.5+git.342.57620c4f7e) Subpackages: libsamba-policy0-python3 samba-ad-dc-libs samba-client samba-client-libs samba-gpupdate samba-ldb-ldap samba-libs samba-libs-python3 samba-python3 samba-winbind samba-winbind-libs - Update to 4.19.5 * Windows 2016 fails to restore previous version of a file from a shadow_copy2 snapshot; (bso#13688). * Symlinks on AIX are broken in 4.19 (and a few version before that); (bso#15549). * Fake directory create times has no effect; (bso#12421). * ctime mixed up with mtime by smbd; (bso#15550). * samba-gpupdate --rsop fails if machine is not in a site; (bso#15548). * gpupdate: The root cert import when NDES is not available is broken; (bso#15557). * samba-gpupdate should print a useful message if cepces-submit can't be found; (bso#15552). * samba-gpupdate logging doesn't work; (bso#15558). * smbpasswd reset permissions only if not 0600; (bso#15555). ==== sane-backends ==== Subpackages: libsane1 sane-backends-autoconfig - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN. - Add BuildArch noarch to autoconfig subpackage ==== sdbootutil ==== Version update (1+git20240122.c0d8f76 -> 1+git20240215.cb7e392) Subpackages: sdbootutil-rpm-scriptlets sdbootutil-snapper - Update to version 1+git20240215.cb7e392: * Add --no-random-seed argument - Update to version 1+git20240214.ba81e0e: * Fix pcr-oracle use * Add device when generating initrd for snapshots * Use systemd-pcrlock * Pre-built initrd support * Add subvolumes_prefix support ==== sg3_utils ==== Version update (1.48+7.63e63cb -> 1.48+8.37ca384) Subpackages: libsgutils2-1_48-2 - Fix missing SCSI_MODEL and other fields for "sg_inq --export" (bsc#1219874) ==== shadow ==== Version update (4.14.3 -> 4.14.5) Subpackages: libsubid4 login_defs - Update to 4.14.5: * Build system: + Fix regression introduced in 4.14.4, due to a typo. chgpasswd had been deleted from a Makefile variable, but it should have been chpasswd. - Remove shadow-4.14.4-chgpasswd-typo.patch - Update to 4.14.4: * Build system: + Link correctly with libdl. + Install pam configs for chpasswd(8) and newusers(8) when using ./configure --with-libpam --disable-account-tools-setuid. * libshadow: + Fix build error (parameter name omitted). + Fix off-by-one bug. + Remove warning. - Add shadow-4.14.4-chgpasswd-typo.patch: to fix build. See #926 - Update patch macro `patchN` -> `patch -P N` ==== shared-mime-info ==== - Explicitly use gcc 13 on SLE. ==== shim ==== - Modified shim.spec file to add suffix string of project to filename of included certificates. e.g. rpm -pql shim-15.8-lp155.6.1.x86_64.rpm /etc/uefi /etc/uefi/certs /etc/uefi/certs/2B697CB1-shim-devel.crt /etc/uefi/certs/4659838C-shim-opensuse.crt /etc/uefi/certs/BCA4E38E-shim-sles.crt The original name of crt files are: /etc/uefi/certs/2B697CB1-shim.crt /etc/uefi/certs/4659838C-shim.crt /etc/uefi/certs/BCA4E38E-shim.crt It can indicate the souce project of certificates. - Sometimes SLE shim signature be Microsoft updated before openSUSE shim signature. When submit request on IBS for updating SLE shim, the submitreq project be generated, but it always be blocked by checking the signature of openSUSE shim. It doesn't make sense checking openSUSE shim signature when building SLE shim on SLE platform, and vice versa. So the following change adds the logic to compare suffix (sles, opensuse) with distro_id (sle, opensuse). When and only when hash mismatch and distro_id match with suffix, stop building. [#] compare suffix (sles, opensuse) with distro_id (sle, opensuse) [#] when hash mismatch and distro_id match with suffix, stop building - Sync the changelog between openSUSE:Factory/shim with SLE-15-SP3/shim - Add CVE-2022-28737 number to "Mon Mar 27 09:26:02 UTC 2023" record - Add "Thu Apr 13 05:28:10 UTC 2023" record for updating shim-install for bsc#1210382. - Add "Thu Apr 13 09:13:22 UTC 2023" record for changing the logic of checking shim signature. - Update shim-install to set the TPM2 SRK algorithm (bsc#1213945) 92d0f4305df73 Set the SRK algorithm for the TPM2 protector ==== signon-plugin-oauth2 ==== - Switch to %autosetup ==== spacenavd ==== - Replace %patchN with %autosetup ==== spice-gtk ==== Subpackages: libspice-client-glib-2_0-8 libspice-client-glib-helper libspice-client-gtk-3_0-5 typelib-1_0-SpiceClientGlib-2_0 typelib-1_0-SpiceClientGtk-3_0 - do not require six (https://trello.com/c/MO53MocR/143-remove-python3-six) - added patches fix https://gitlab.freedesktop.org/spice/spice-common/-/commit/29dacb5f53f5183fb089a3fb02d081dd08bde8a1 + spice-gtk-no-six.patch ==== suseconnect-ng ==== Version update (1.3.0~git0.ae8ba1e -> 1.7.0~git2.21ba08e) Subpackages: libsuseconnect suseconnect-ruby-bindings - Update to version 1.7.0~git2.21ba08e * Allow SUSEConnect on read write transactional systems (bsc#1219425) - Update to version 1.6.0 * Disable EULA display for addons (bsc#1218649 and bsc#1217961) - Update to version 1.5.0 * Configure docker credentials for registry authentication * Feature: Support usage from Agama + Cockpit for ALP Micro system registration (bsc#1218364) * Add --json output option - Update to version 1.4.0 * Added EULA display for addons (bsc#1170267) * Fix zypper argument for auto-agreeing licenses (bsc#1214781) * Enable building on SLE12 SP5 (jsc#PED-3179) ==== systemd ==== Version update (254.8 -> 254.9) Subpackages: libsystemd0 libudev1 systemd-boot systemd-container systemd-coredump udev - Import commit 31f1148f75a1155d3eb37fd1a450096d669ec65b 31f1148f75 seccomp: include `fchmodat2` in `@file-system` (bsc#1219766) 001f349c57 service: Demote log level of NotifyAccess= messages to debug (bsc#1210113 jsc#PED-6214) - Add a new %upstream macro to support building from upstream sources. This will allow upstream to build systemd rpms using the opensuse systemd packaging specs. These rpms will be built and used in upstream's mkosi based hacking and testing environment to test changes and in the future to run integration tests as well. By building the rpms using the opensuse packaging specs, the idea is to catch more issues ahead of time as the mkosi environment will behave more like a regular opensuse system. - Add new %version_override and %version_release macros to allow overriding the version and release of the rpm respectively. - Import commit 53e2aaaf9d69fb1c8f6ae2c9f8a99b02d70d318f 53e2aaaf9d vconsole-setup: don't fail if the only found vc is already used by plymouth (bsc#1218618) 22c4878430 vconsole-setup: port to main-func.h boilerplate - systemd-testsuite: depend on "qemu" instead of "qemu-kvm", the latter is obsolete. (bsc#1218684) - Import commit fbf9f32eb774ba6ec54e0d5d53b36baaf3e6b146 fbf9f32eb7 test/test-shutdown.py: optionally display the test I/Os in a dedicated log file cd012774df test-69: send SIGTERM to ask systemd-nspawn to properly stop the container d883b83244 man: Document ranges for distributions config files and local config files - Import commit fa94ab006d09686cef121aaa3baa10cf5ca95e19 (merge of v254.9) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/67a5ac1043417d900bf417a884372ae14a96ef69...fa94ab006d09686cef121aaa3baa10cf5ca95e19 - Update the version of libbpf dlopened by systemd (weak dependency) (bsc#1219440) ==== tecla-keyboard-layout-viewer ==== Version update (45.rc -> 45.0) - Update to version 45.0: + Added shortcuts to exit the dialog + Fix UI in RTL environments + Fix a11y initialization + Updated translations. ==== thin-provisioning-tools ==== Version update (1.0.10 -> 1.0.11) - Update to version 1.0.11: * Bump version nr to 1.0.11 * [thin/cache_check] Print suggestive hints for improving error resolution * [tests] Fix a typo in command name * [cache_check] Fix boundary check on the bitset for cached blocks ==== tigervnc ==== Subpackages: libXvnc1 xorg-x11-Xvnc xorg-x11-Xvnc-module - Set the URL at Source0. - patches have been renamed * u_build_libXvnc_as_separate_library.patch --> u_tigervnc-Build-libXvnc-as-separate-library.patch * n_vncserver.patch --> n_tigervnc-Vncserver.patch * n_correct_path_in_desktop_file.patch --> n_tigervnc-Correct-path-in-desktop-file.patch * n_tigervnc-date-time.patch --> n_tigervnc-Date-time.patch * u_change-button-layout-in-ServerDialog.patch --> u_tigervnc-Change-button-layout-in-ServerDialog.patch * n_dont_sign_java_client.patch --> n_tigervnc-Dont-sign-java-client.patch * u_tigervnc-add-autoaccept-parameter.patch --> u_tigervnc-Add-autoaccept-parameter.patch * u_tigervnc-ignore-epipe-on-write.patch u_tigervnc-Ignore-epipe-on-write.patch - Cleanup specfile * Use the same format for all the patches. * Use autosetup to apply all the patches with -p1. * Clean number of sources. - buildrequire xorg-x11-server-source/-sdk >= 21.1.11 and trigger rebuild with newer xorg-x11-server-source package (bsc#1219311, bsc#1219205) ==== tmux ==== Version update (3.3a -> 3.4) - tmux 3.4 * Improve handling of newer Unicode combined characters * Add basic support for SIXEL images * Add support for spawning panes in separate cgroups with systemd * Add support for OSC 8 hyperlinks. * Expanded configuration options * Improved detection and support of terminal options * Tweaks to UI and behavior - drop patches: * ncurses.patch * tmux-CVE-2022-47016.patch ==== transmission ==== Subpackages: transmission-common transmission-gtk - Fix build with recent cmake macro change (DOCDIR): do not install the documentation using cmake, as we already do so using %doc. Change if(INSTALL_DOC) to if(FALSE) in CMakeLists.txt. The more obvious option of passing -DINSTALL_DOC=OFF is ot viable, as that also disables installing the man pages. - Migrate from update-alternatives to libalternatives (bsc#1219107). ==== u-boot-rpiarm64 ==== Subpackages: u-boot-rpiarm64-doc Patch queue updated from https://github.com/openSUSE/u-boot.git tumbleweed-2024.01 * Patches dropped: 0020-bcm2835-brcm-bcm2708-fb-device-is-u.patch 0023-pci-pcie-brcmstb-Add-bcm2712-PCIe-c.patch * Patches added: 0020-bcm2835-Dynamically-calculate-bytes.patch 0023-configs-rpi_arm64-build-position-in.patch ==== unison ==== Version update (2.53.3 -> 2.53.4) - Update to version 2.53.4 * Preferences "force", "prefer" and related "partial" preferences now work slightly differently with values "newer" and "older". Previously, if mtimes in both replicas were equal then always the second root propagated to the first root (possibly reverting user changes). It is now made explicit that "newer" and "older" only work when mtimes are different. * Bugfixes, minor improvements, cleanups. ==== unixODBC ==== - Use %patch -P N instead of deprecated %patchN. ==== unzip ==== Subpackages: unzip-doc - Use %patch -P N instead of deprecated %patchN. ==== utempter ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== util-linux ==== Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 - Add file conflict of util-linux-tty-tools and busybox-util-linux. ==== util-linux-systemd ==== - Add file conflict of util-linux-tty-tools and busybox-util-linux. ==== vacation ==== - Install german manual page as well - Use %patch -P N instead of deprecated %patchN. ==== vde2 ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== vid_stab ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== vim ==== Version update (9.1.0000 -> 9.1.0111) Subpackages: vim-data vim-data-common xxd - Use %patch -P N instead of deprecated %patchN. - update to 9.1.0111: * filetype: no support for bats files * filetype: add 'Config.in' filetype detection * runtime(asciidoc): include basic ftplugin * filetype: no support for its files * runtime(vim): Update base-syntax, remove unused vimString region * runtime(vim): Update base-syntax, fix :behave highlighting * runtime(vim): update Vim Syntax generator * filetype: no support for dtso files * Visual highlight hard to read with 'termguicolors' * runtime(vim): include Vim Syntax generator * Style: typos found * Linking fails with -lto because of PERL_CFLAGS * 'breakindentopt' "min" not correct with 'signcolumn' * settabvar() may change the last accessed tabpage * upper-case of German sharp s should be U+1E9E * Redrawing can be improved with undo and 'spell' * Not able to use diff() with 'diffexpr' * runtime(gpg): Mark dangerous use-embedded-filename with WarningMsg * CompletionChanged not triggered when new leader added without matches * 'breakindent' behaves inconsistently with 'list' and splits * runtime(vim): Update syntax file * diff() function uses 'diffexpr' * tests: test_restricted() fails * xxd: buffer-overflow when writing color output * Still a qsort() comparison function that returns result of subtraction * Compiler warning for missing type in scroll_event() * Syntax test fails when run with non C locale * Assigning wrong colors when parsing terminal OSC response * runtime(vim): Fix indent after line with literal dict * qsort() comparison functions should be transitive * TextChanged not triggered for :norm! commands * Restoring lastused_tabpage too early in do_arg_all() * Problem when scrolling using slow touchpads scroll event * X11 scroll size changes after accessing clipboard * Visual hl wrong when it ends before multibyte 'showbreak' * Redrawing can be improved when deleting lines with 'number' * Redrawing can be improved when deleting lines with 'cursorline' * runtime(doc): further improve docs about List/Blob += operator * X11 mouse-scrolling stutters * runtime(doc): Clarify list-concatenation a bit more * unexpected error for modifying final list using += * LineNrAbove/Below highlighting wrong on wrapped lines * runtime(dosbatch): improve '::' comment highlighting * GTK3: using wrong style for pre-edit area * Unnecessary call to redraw_for_cursorline() in nv_mousescroll() * runtime(colors): color names in the v:colornames dict should be lower cased * luau config file not detected * runtime(vim): Update syntax file * insert completion not correct when adding new leader * did_set_breakat() should be in optionstr.c * Looping over modifier_keys_table unnecessarily * Not able to build without FEAT_DIFF * translation(ca): Fixe typos in Catalan translation * Need a diff() Vim script function * translation(ru): Updated Russian translation of messages * runtime(vim): Update syntax file * runtime(fortran): update syntax * ScreenLines may not be correctly initialized, causing hang * Visual highlighting can still be improved * gcc still complains about use of uninitialized var * runtime(racket): add missing space to b:undo_indent var * runtime(Filelist): include README_vimlogo.txt * gcc complains about use of uninitialized var * runtime(vimlogo): Include and modernize vimlogo.svg * runtime(netrw): fixing remote file removal via ssh * runtime(doc): correct Vim patch for Wayland support * runtime(racket): undo some indent options only when vim9script is available * runtime(doc): Update help for Wayland support * Segfault with CompleteChanged autocommand * No Wayland support * GTK code can be improved * Internal error when :luado/perldo/pydo etc delete lines * UX of visual highlighting can be improved * runtime(netrw): Use :exec norm! before :call mapping in netrw * Recorded register cannot be translated using keytrans() * runtime(vim): Highlight string interpolation * runtime(vim): Update syntax and ftplugin files * runtime(ant): Update syntax file * runtime(hurl): add hurl filetype plugin * runtime(vim): Update syntax file * runtime(doc): style fixes in vim9.txt * No event triggered before creating a window * Cannot map Super Keys in GTK UI * wrong number of trailing spaces inserted after blockwise put * formatting long lines is slow * 'linebreak' may still apply to leading whitespace * Patch 9.1.0041 causes regressions for users * runtime(mail): fix #13913 * runtime(netrw): Don't change global options * runtime(fortran): update syntax and documentation * Win32 Keyboard handling is sub-optimal * Make "[Command Line]" a special buffer name * Abort opening cmdwin if autocmds screw things up * issues with temp curwin/buf while cmdwin is open * runtime(c): Highlight user defined functions * :drop does not re-use empty buffer * --remote-* does not ignore `wilidignore` ... changelog too long, skipping 76 lines ... * Add support for `syntax foldlevel` command ==== virt-manager ==== Subpackages: virt-install virt-manager-common - bsc#1219791 - [virt-manager][aarch64] Error launching details: name 'log' is not defined virtinst-enable-video-virtio-for-arm.patch ==== virtiofsd ==== - Spec: Adjust libvirt/virtiofsd interop config file to handle differences in the definition of libexecdir macro on SLE and Tumbleweed (bsc#1219772) ==== vmaf ==== - fix dependency on xxd ==== vorbis-tools ==== - Use %patch -P N instead of deprecated %patchN. ==== vpnc ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== vsftpd ==== - Use %patch -P N instead of deprecated %patchN. ==== webkit2gtk3 ==== Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Increase mem_per_process again to match what is in SLE. The build was sporadically failing there (bsc#1198743). - Require libwaylandclient0 >= 1.20. 15.4 originally had 1.19.0, but webkitgtk uses a function added in 1.20.0, so we need to ensure that the wayland update is pulled in (bsc#1215072). - Fix package names for v6, and obsolete old packages. - Use gcc 11 on SLE, to match what is currently used on SP4, and adjust version check to include SP6. Also, use system malloc there; the build currently fails without this (webkit#243535). - Require gcc >= 10.2 to match the current cmake test. - Disable jpegxl on SLE; it isn't currently available there. ==== webkit2gtk3-soup2 ==== Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles - Increase mem_per_process again to match what is in SLE. The build was sporadically failing there (bsc#1198743). - Require libwaylandclient0 >= 1.20. 15.4 originally had 1.19.0, but webkitgtk uses a function added in 1.20.0, so we need to ensure that the wayland update is pulled in (bsc#1215072). - Fix package names for v6, and obsolete old packages. - Use gcc 11 on SLE, to match what is currently used on SP4, and adjust version check to include SP6. Also, use system malloc there; the build currently fails without this (webkit#243535). - Require gcc >= 10.2 to match the current cmake test. - Disable jpegxl on SLE; it isn't currently available there. ==== webrtc-audio-processing ==== - Use %patch -P N instead of deprecated %patchN. ==== wget ==== - Use %patch -P N instead of deprecated %patchN. ==== wmctrl ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== wpa_supplicant ==== - Add CVE-2023-52160.patch - Bypassing WiFi Authentication (bsc#1219975) ==== wsdd ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== xdg-menu ==== - Use %patch -P N instead of deprecated %patchN. ==== xfce4-notifyd ==== Version update (0.9.3 -> 0.9.4) Subpackages: xfce4-notifyd-lang - update to 0.9.4: * Clarify why the symbolic icons don't go in symbolic/status * Fix icons directory names * Fall back to monitor 0 if no primary monitor set * Add a fallback for drawing the unread notification emblem * Remove redundant icon embleming code * Fix opacity on notification hover * Translation Updates ==== xfce4-terminal ==== Version update (1.1.1 -> 1.1.2) Subpackages: xfce4-terminal-lang - Update to version 1.1.2 * Update copyright year * Update tooltip when hovering over a hyperlink * build: Align CFLAGS with LDADD * prefs-dialog: Add missing strings to translate (#222) * dropdown: Default dropdown-toggle-focus to false * Add runtime guard for XfceSMClient * build: Restrict XfceSMClient to X11 * Determine cwd on FreeBSD in a native way instead of using linprocfs * window: Remove weak ref on prefs dialog in finalize() * build: Get rid of #ifdef G_ENABLE_DEBUG * Do not reconnect accels when closing last tab * build: Lower xfce4-dev-tools requirements to stable version * search-dialog: Use xfce_titled_dialog_set_default_response() * Translation Updates - Update gxo-282.patch - Add gxo-299.patch * backport fix for "paste unsafe text" dialog not popping up (gxo#apps/xfce4-terminal#299) ==== xfsprogs ==== Version update (6.5.0 -> 6.6.0) Subpackages: libhandle1 xfsprogs-scrub - update to 6.6.0 - xfs_scrub: add missing license and copyright information - xfs_db: report the device associated with each io cursor - libxfs: Fix UAF in a requeued EFI - xfs_io: Add new option, to exercise log2_data_unit_size in kernel fscrypt_policy_v2 - xfs_db: Add upport to read from external log device - metadump: New metadump format - xfs_quota: fix missing mount point warning ==== xml-commons-apis ==== - Clean the spec file and simplify it a bit ==== xorg-x11-server ==== Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra - fix permissions of files in xorg-x11-server-source for tigervnc build later (needed since latest autoconf) - Provide again xorg-x11-server-source * xwayland sources are not meant for a generic server. * https://github.com/TigerVNC/tigervnc/issues/1728 - Stop providing xorg-x11-server-source from xorg-x11-server * Now the sources are provided by xwayland because it is more updated. * Fixes bsc#1219892. ==== xtermset ==== - Use %patch -P N instead of deprecated %patchN. ==== xwayland ==== - Don't provide xorg-x11-server-source * xwayland sources are not meant for a generic server. * https://github.com/TigerVNC/tigervnc/issues/1728 - Provide xorg-x11-server-source from xwayland * xwayland will be more updated than xorg-x11-server, so the server sources will be more updated too if are provided by xwayland. * Fixes bsc#1219892. ==== yast2 ==== Version update (5.0.5 -> 5.0.6) Subpackages: yast2-logs - Allow host/domain names starting with an underscore (bsc#1219920) - 5.0.6 ==== yast2-packager ==== Version update (5.0.2 -> 5.0.4) - SLE HPC is not a base product anymore, it is replaced by SLES + HPC module, added migration mapping (jsc#PED-7841) - 5.0.4 - Fixed ERB template loading in self update, if the template cannot be found using a relative path then fallback to the absolute path (bsc#1219174) - 5.0.3 ==== yast2-perl-bindings ==== Version update (5.0.0 -> 5.0.1) - Fix the locale after initializing embedded Perl interpreter (bsc#1216689) - 5.0.1 ==== yast2-storage-ng ==== Version update (5.0.4 -> 5.0.6) - jsc#PED-6407 - new env variable YAST_REUSE_LVM for reusing LVM in new installation. It can be used as linuxrc boot param. - 5.0.6 - Added new libstorage enum value UF_BCACHEFS to fix build failure (bsc#1219804) - 5.0.5 ==== yast2-trans ==== Version update (84.87.20240210.1383f689ba -> 84.87.20240219.f6e4117fe0) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20240219.f6e4117fe0: * Translated using Weblate (Japanese) * Translated using Weblate (Catalan) * Translated using Weblate (Czech) * New POT for text domain 'packager'. * New POT for text domain 'installation'. * New POT for text domain 'hana-ha'. * New POT for text domain 'control'. ==== zchunk ==== - remove dependency on /usr/bin/python3 using %python3_fix_shebang_path macro, [bsc#1212476] ==== zip ==== - Use %patch -P N instead of deprecated %patchN. ==== zlib ==== Subpackages: libminizip1 libz1 - Use %patch -P N instead of deprecated %patchN. ==== zvbi ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN.