Packages changed: Mesa Mesa-drivers avahi avahi-glib2 cloud-init (23.1.2 -> 23.3) gstreamer-plugins-bad kded libadwaita libbpf (1.2.2 -> 1.3.0) libdrm libgcrypt libqt5-qtwebengine (5.15.15 -> 5.15.16) libsolv (0.7.26 -> 0.7.27) libstorage-ng (4.5.157 -> 4.5.158) multipath-tools (0.9.6+115+suse.07776fb -> 0.9.7+76+suse.5f857af) python-Twisted (22.10.0 -> 23.10.0) python-anyio (3.6.2 -> 3.7.1) python-charset-normalizer (3.2.0 -> 3.3.0) python-jsonschema (4.19.2 -> 4.20.0) python-linux-procfs (0.7.1 -> 0.7.3) python-markdown-it-py (2.2.0 -> 3.0.0) python-pexpect (4.8.0 -> 4.9.0) python311 (3.11.5 -> 3.11.6) python311-core (3.11.5 -> 3.11.6) raspberrypi-firmware (2023.04.25 -> 2023.11.21) raspberrypi-firmware-config (2023.04.25 -> 2023.11.21) raspberrypi-firmware-dt (2023.05.02 -> 2023.11.21) ruby-common selinux-policy (20231030 -> 20231124) webkit2gtk3 webkit2gtk4 === Details === ==== Mesa ==== Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - buildrequire 'pkgconfig(SPIRV-Tools)' also with disabled rusticl (new dep since some time) - re-disable rusticl on sle15-sp6 to prevent more deps (rust-bindgen) - buildrequire 'pkgconfig(LLVMSPIRVLib)' also with disabled rusticl (new dep since some time) - enable rusticl on sle15-sp6 - let sle15-sp6 require llvm17/clang17 ==== Mesa-drivers ==== Subpackages: Mesa-dri Mesa-gallium Mesa-libva - buildrequire 'pkgconfig(SPIRV-Tools)' also with disabled rusticl (new dep since some time) - re-disable rusticl on sle15-sp6 to prevent more deps (rust-bindgen) - buildrequire 'pkgconfig(LLVMSPIRVLib)' also with disabled rusticl (new dep since some time) - enable rusticl on sle15-sp6 - let sle15-sp6 require llvm17/clang17 ==== avahi ==== Subpackages: libavahi-client3 libavahi-common3 libavahi-core7 - avahi-autoipd: drop the post script part migrating the user owning files in /var/lib/avahi-autoipd: the code was aiding migrations from SLE<=11/openSUSE<=12.3, which are no longer in scope for upgrades nowadays. - avahi-autoipd: guard %post chown with -h, to not follow symlinks (boo#1217398). ==== avahi-glib2 ==== - avahi-autoipd: drop the post script part migrating the user owning files in /var/lib/avahi-autoipd: the code was aiding migrations from SLE<=11/openSUSE<=12.3, which are no longer in scope for upgrades nowadays. - avahi-autoipd: guard %post chown with -h, to not follow symlinks (boo#1217398). ==== cloud-init ==== Version update (23.1.2 -> 23.3) - Update to version 23.3 (bsc#1216011, bsc#1215794) + Remove patches included upstream: - cloud-init-fix-ca-test.patch - cloud-init-cve-2023-1786-redact-instance-data-json-main.patch - cloud-init-power-rhel-only.patch - cloud-init-flake8-fixes.patch + Add - cloud-init-keep-flake.patch - cloud-init-lint-fixes.patch + Update - cloud-init-write-routes.patch (bsc#1216007) + Bump pycloudlib to 1!5.1.0 for ec2 mantic daily image support (#4390) + Fix cc_keyboard in mantic (LP: #2030788) + ec2: initialize get_instance_userdata return value to bytes (#4387) [Noah Meyerhans] + cc_users_groups: Add doas/opendoas support (#4363) [dermotbradley] + Fix pip-managed ansible + status: treat SubState=running and MainPID=0 as service exited + azure/imds: increase read-timeout to 30s (#4372) [Chris Patterson] + collect-logs fix memory usage (SC-1590) (#4289) [Alec Warren] (LP: #1980150) + cc_mounts: Use fallocate to create swapfile on btrfs (#4369) [王煎饼] + Undocument nocloud-net (#4318) + feat(akamai): add akamai to settings.py and apport.py (#4370) + read-version: fallback to get_version when git describe fails (#4366) + apt: fix cloud-init status --wait blocking on systemd v 253 (#4364) + integration tests: Pass username to pycloudlib (#4324) + Bump pycloudlib to 1!5.1.0 (#4353) + cloud.cfg.tmpl: reorganise, minimise/reduce duplication (#4272) [dermotbradley] + analyze: fix (unexpected) timestamp parsing (#4347) [Mina Galić] + cc_growpart: fix tests to run on FreeBSD (#4351) [Mina Galić] + subp: Fix spurious test failure on FreeBSD (#4355) [Mina Galić] + cmd/clean: fix tests on non-Linux platforms (#4352) [Mina Galić] + util: Fix get_proc_ppid() on non-Linux systems (#4348) [Mina Galić] + cc_wireguard: make tests pass on FreeBSD (#4346) [Mina Galić] + unittests: fix breakage in test_read_cfg_paths_fetches_cached_datasource (#4328) [Ani Sinha] + Fix test_tools.py collection (#4315) + cc_keyboard: add Alpine support (#4278) [dermotbradley] + Flake8 fixes (#4340) [Robert Schweikert] + cc_mounts: Fix swapfile not working on btrfs (#4319) [王煎饼] (LP: #1884127) + ds-identify/CloudStack: $DS_MAYBE if vm running on vmware/xen (#4281) [Wei Zhou] + ec2: Support double encoded userdata (#4276) [Noah Meyerhans] + cc_mounts: xfs is a Linux only FS (#4334) [Mina Galić] + tests/net: fix TestGetInterfaces' mock coverage for get_master (#4336) [Chris Patterson] + change openEuler to openeuler and fix some bugs in openEuler (#4317) [sxt1001] + Replace flake8 with ruff (#4314) + NM renderer: set default IPv6 addr-gen-mode for all interfaces to eui64 (#4291) [Ani Sinha] + cc_ssh_import_id: add Alpine support and add doas support (#4277) [dermotbradley] + sudoers not idempotent (SC-1589) (#4296) [Alec Warren] (LP: #1998539) + Added support for Akamai Connected Cloud (formerly Linode) (#4167) [Will Smith] + Fix reference before assignment (#4292) + Overhaul module reference page (#4237) [Sally] + replaced spaces with commas for setting passenv (#4269) [Alec Warren] + DS VMware: modify a few log level (#4284) [PengpengSun] + tools/read-version refactors and unit tests (#4268) + Ensure get_features() grabs all features (#4285) + Don't always require passlib dependency (#4274) + tests: avoid leaks into host system checking of ovs-vsctl cmd (#4275) + Fix NoCloud kernel commandline key parsing (#4273) + testing: Clear all LRU caches after each test (#4249) + Remove the crypt dependency (#2139) [Gonéri Le Bouder] + logging: keep current file mode of log file if its stricter than the new mode (#4250) [Ani Sinha] + Remove default membership in redundant groups (#4258) [Dave Jones] (LP: #1923363) + doc: improve datasource_creation.rst (#4262) + Remove duplicate Integration testing button (#4261) [Rishita Shaw] + tools/read-version: fix the tool so that it can handle version parsing errors (#4234) [Ani Sinha] + net/dhcp: add udhcpc support (#4190) [Jean-François Roche] + DS VMware: add i386 arch dir to deployPkg plugin search path [PengpengSun] + LXD moved from linuxcontainers.org to Canonical [Simon Deziel] + cc_mounts.py: Add note about issue with creating mounts inside mounts (#4232) [dermotbradley] + lxd: install lxd from snap, not deb if absent in image + landscape: use landscape-config to write configuration + Add deprecation log during init of DataSourceDigitalOcean (#4194) [tyb-truth] + doc: fix typo on apt.primary.arches (#4238) [Dan Bungert] + Inspect systemd state for cloud-init status (#4230) + instance-data: add system-info and features to combined-cloud-config (#4224) + systemd: Block login until config stage completes (#2111) (LP: #2013403) + tests: proposed should invoke apt-get install -t=-proposed (#4235) + cloud.cfg.tmpl: reinstate ca_certs entry (#4236) [dermotbradley] + Remove feature flag override ability (#4228) + tests: drop stray unrelated file presence test (#4227) + Update LXD URL (#4223) [Sally] + schema: add network v1 schema definition and validation functions ... changelog too long, skipping 218 lines ... is not a fix. ==== gstreamer-plugins-bad ==== Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0 - Move pkgconfig(dvdnav) and pkgconfig(dvdread) BuildRequires out of BUILD_ORIG conditional, and stop passing resindvd=disabled and siren=disabled to meson setup, build dvd and siren 7 support in main package. ==== kded ==== - Pull in kconf_update5 ==== libadwaita ==== Subpackages: libadwaita-1-0 typelib-1_0-Adw-1 - Add 3e3967d5f69180644519936991cad10136e84ca9.patch: Fix building against libappstream 1.0 (boo#1217047). ==== libbpf ==== Version update (1.2.2 -> 1.3.0) - update to 1.3.0: * support for `netfilter` programs is added `SEC("netfilter")` is now available * API function `bpf_program__attach_netfilter()` is now available * support for `tcx` BPF programs is added: * the following new SEC definitions are now available: SEC("tc/egress"), SEC("tc/ingress"), SEC("tcx/egress"), SEC("tcx/ingress") * the following SEC definitions are now considered legacy: SEC("tc"), SEC("action"), SEC("classifier") * functions `bpf_prog_attach_opts()` and `bpf_prog_query_opts()` are extended to work with `tcx` programs, plus two new API functions are added: * the following new SEC definitions are now available: SEC("uprobe.multi"), SEC("uprobe.multi.s"), SEC("uretprobe.multi"), SEC("uretprobe.multi.s") * support for section `SEC("usdt.s")` is added for sleepable `usdt` programs; * support for Unix domain socket cgroup BPF programs is added the following new SEC definitions are now available: SEC("cgroup/connect_unix"),SEC("cgroup/sendmsg_unix"), SEC("cgroup/recvmsg_unix"), SEC("cgroup/getpeername_unix"), SEC("cgroup/getsockname_unix") * new `LIBBPF_OPTS_RESET()` utility macro; * new `bpf_object__unpin()` function to complement existing `bpf_object__pin()`; * new API functions for work with ring buffers * uprobe SEC matcher extended to allow golang symbols; * uprobe support for symbols versioning; * `bpf_map__set_value_size()` can now be used to resize memory mapped region for memory mapped maps; * `struct bpf_xdp_query_opts` extended with `xdp_zc_max_segs` output field; * basic BTF sanity check pass added to reject bogus BTF. * fix for btf_dump__dump_type_data() when type contains bitfields; * fix for correct work of offsetof() and container_of() macro with CO-RE; * no longer attempt to load modules BTF when resolving CO-RE relocations if CAP_SYS_ADMIN are absent; * regex based function search for "kprobe.multi/" programs no longer attempts to trace functions that cannot be traced; * bpf_program__set_type() no longer resets sec_def if it is set to a custom fallback SEC handler; * fix for memory leak possible after bpf_program__set_attach_target() call; ==== libdrm ==== Subpackages: libdrm2 libdrm_amdgpu1 libdrm_nouveau2 libdrm_radeon1 - adjusted n_libdrm-drop-valgrind-dep-generic.patch, n_libdrm-drop-valgrind-dep-intel.patch ==== libgcrypt ==== - Re-create HMAC checksum after RPM build strips the library (bsc#1217058) ==== libqt5-qtwebengine ==== Version update (5.15.15 -> 5.15.16) - Update to version 5.15.16: * Bump version to 5.15.16 * Add check for system ffmpeg compatibility * Fix handling of external URLs in PDFs * Update Chromium: * [Backport] CVE-2023-5996: Use after free in WebAudio * [Backport] CVE-2023-5482 and CVE-2023-5849 * [Backport] CVE-2023-45853: Buffer overflow in MiniZip * [Backport] Security bug 1478470 * [Backport] Security bug 1472365 and 1472366 * [Backport] CVE-2023-5218: Use after free in Site Isolation * [Backport] Security bug 1486316 * FIXUP: [Backport] [PA] Support 16kb pagesize on Linux+ARM64 * [Backport] Add Intel Meteorlake GPU series type * [Backport] Add Intel Raptorlake GPU series type * [Backport] Add a few missing IntelGpuSeriesTypes in gpu_util.cc * [Backport] Add Intel Alchemist GPU series type * [Backport] Add Alderlake to intel_gpu_series field in gpu control list. * [Backport] Add missing Intel GPU series types. * [Backport] Add Alderlake's GPU to list supporting two NV12 overlay planes. * [Backport] CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx * [Backport] Security bug 1479104 * [Backport] [PA] Support 16kb pagesize on Linux+ARM64 * [Backport] Replace uses of re2::StringPiece::set(). * Fix build with GCC 13 * Fix errors and warnings for perfetto * Remove nodiscard attribute from cpwl_combo_box.h * Bump V8_PATCH_LEVEL * [Backport] CVE-2023-4762: Type Confusion in V8 * [Backport] CVE-2023-4362: Heap buffer overflow in Mojom IDL * [Backport] CVE-2023-4354: Heap buffer overflow in Skia * [Backport] CVE-2023-4351: Use after free in Network * Disable Windows IME for GPU thread * [Backport] CVE-2023-4863: Heap buffer overflow in WebP * [Backport] Security bug 1465224 * [Backport] Dependency for security bug 1465224 * [Backport] CVE-2023-4071: Heap buffer overflow in Visuals * [Backport] CVE-2023-4076: Use after free in WebRTC * [Backport] CVE-2023-4074: Use after free in Blink Task Scheduling ==== libsolv ==== Version update (0.7.26 -> 0.7.27) Subpackages: libsolv-tools python3-solv ruby-solv - add zstd support for the installcheck tool - add putinowndirpool cache to make file list handling in repo_write much faster - bump version to 0.7.27 ==== libstorage-ng ==== Version update (4.5.157 -> 4.5.158) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#966 - fixed build with libxml 2.12.0 - 4.5.158 ==== multipath-tools ==== Version update (0.9.6+115+suse.07776fb -> 0.9.7+76+suse.5f857af) Subpackages: kpartx libmpath0 - Update to version 0.9.7+76+suse.5f857af: * Update to upstream 0.9.7 (jsc#PED-6464) * added max_retries config option to limit SCSI retries * added auto_resize config option to enable resizing multipath maps automatically * fixed memory and error handling for code using aio (marginal path code, directio path checker) * dropped modules-load.d/multipath.conf; replaced by a dependency on modprobe@dm-multipath.service (systemd >= 245: SLE15-SP3 and later only) and a softdep on sd_mod for the SCSI device handlers (bsc#1217377) * On SLE/Leap suse-module-tools doesn't ship a scsi_mod->sd_mod softdep yet. Add it here, too. It will be overridden by s-m-t when it's added there. * drop usr_prefix= setting in SLE build recipes (set to /usr by upstream automatically) ==== python-Twisted ==== Version update (22.10.0 -> 23.10.0) Subpackages: python311-Twisted python311-Twisted-tls - Update to 23.10.0 * reactor.spawnProcess() now uses posix_spawnp when possible, making it much more efficient (#5710) * Twisted now officially supports Python 3.11. (#10343) * twisted.internet.defer.race has been added as a way to get the first available result from a list of Deferreds. (#11817) * The CI suite was updated to execute the tests using a Python 3.12 pre-release (#11857) * PyAsn1 has been removed as a conch dependency. * Due to changes in the way raw private key byte serialization are handled in Cryptography, and widespread support for Ed25519 in current versions of OpenSSL, we no longer support PyNaCl as a fallback for Ed25519 keys in Conch. (#11871) * In Twisted 16.3.0, we changed twisted.web to stop dispatching HTTP/1.1 pipelined requests to application code. There was a bug in this change which still allowed clients which could send multiple full HTTP requests in a single TCP segment to trigger asynchronous processing of later requests, which could lead to out-of-order responses. This has now been corrected and twisted.web should never process a pipelined request over HTTP/1.1 until the previous request has fully completed. (CVE-2023-46137, GHSA-cq7q-gv5w-rwx2) (#11976) * Drop support for Python 3.7. Remove twisted[contextvars] extra (contextvars are always available in Python 3.7+) (#11913) * When using CPython, functions wrapped by twisted.internet.defer.inlineCallbacks can have their arguments and return values freed immediately after completion (due to there no longer being circular references). (#11885) - Delete merged patches: * regenerate-cert-to-work-with-latest-service-identity.patch * no-pygtkcompat.patch * support-new-glibc.patch * CVE-2023-46137-HTTP-pipeline-response.patch * remove-pynacl-optional-dependency.patch * py311-tests-compat.patch ==== python-anyio ==== Version update (3.6.2 -> 3.7.1) - update to 3.7.1: * Fixed sending large buffers via UNIX stream sockets on asyncio * Fixed several minor documentation issues (broken links to classes, missing classes or attributes) * Dropped support for Python 3.6 * Improved type annotations: * Several functions and methods that were previously annotated as accepting ``Coroutine[Any, Any, Any]`` as the return type of the callable have been amended to accept ``Awaitable[Any]`` instead, to allow a slightly broader set of coroutine-like inputs, like ``async_generator_asend`` objects returned from the ``asend()`` method of async generators, and to match the ``trio`` annotations: * ``anyio.run()`` * ``anyio.from_thread.run()`` * ``TaskGroup.start_soon()`` * ``TaskGroup.start()`` * ``BlockingPortal.call()`` * ``BlockingPortal.start_task_soon()`` * ``BlockingPortal.start_task()`` * Changed ``TLSAttribute.shared_ciphers`` to match the documented semantics of ``SSLSocket.shared_ciphers`` of always returning ``None`` for client-side streams * Fixed ``CapacityLimiter`` on the asyncio backend to order waiting tasks in the FIFO order (instead of LIFO) * Fixed ``CancelScope.cancel()`` not working on asyncio if called before entering the scope * Fixed ``open_signal_receiver()`` inconsistently yielding integers instead of ``signal.Signals`` instances on the ``trio`` backend * Fixed ``to_thread.run_sync()`` hanging on asyncio if the target callable raises ``StopIteration`` * Fixed ``start_blocking_portal()`` raising an unwarranted * ``RuntimeError: This portal is not running`` if a task raises an exception that causes the event loop to be closed * Fixed ``current_effective_deadline()`` not returning ``-inf`` on asyncio when the currently active cancel scope has been cancelled (PR by Ganden Schaffner) * Fixed the ``OP_IGNORE_UNEXPECTED_EOF`` flag in an SSL context created by default in ``TLSStream.wrap()`` being inadvertently set on Python 3.11.3 and 3.10.11 * Fixed ``CancelScope`` to properly handle asyncio task uncancellation on Python 3.11 * Fixed ``OSError`` when trying to use ``create_tcp_listener()`` to bind to a link-local * IPv6 address (and worked around related bugs in ``uvloop``) * Worked around a `PyPy bug `_ when using ``anyio.getaddrinfo()`` with for IPv6 link-local addresses containing interface names - drop fix-failing-tls-tests.patch support-trio-0.22.patch: obsolete - update to 3.7.1: * Fixed sending large buffers via UNIX stream sockets on asyncio * Fixed several minor documentation issues (broken links to classes, missing classes or * attributes) * **3.7.0** * Dropped support for Python 3.6 * Improved type annotations: * Several functions and methods that were previously annotated as accepting * ``Coroutine[Any, Any, Any]`` as the return type of the callable have been amended to * accept ``Awaitable[Any]`` instead, to allow a slightly broader set of coroutine-like * inputs, like ``async_generator_asend`` objects returned from the ``asend()`` method * of async generators, and to match the ``trio`` annotations: * ``anyio.run()`` * ``anyio.from_thread.run()`` * ``TaskGroup.start_soon()`` * ``TaskGroup.start()`` * ``BlockingPortal.call()`` * ``BlockingPortal.start_task_soon()`` * ``BlockingPortal.start_task()`` * Note that this change involved only changing the type annotations; run-time * functionality was not altered. * The ``TaskStatus`` class is now a generic protocol, and should be parametrized to * indicate the type of the value passed to ``task_status.started()`` * The ``Listener`` class is now covariant in its stream type * ``create_memory_object_stream()`` now allows passing only ``item_type`` * Object receive streams are now covariant and object send streams are correspondingly * contravariant * Changed ``TLSAttribute.shared_ciphers`` to match the documented semantics of * ``SSLSocket.shared_ciphers`` of always returning ``None`` for client-side streams * Fixed ``CapacityLimiter`` on the asyncio backend to order waiting tasks in the FIFO * order (instead of LIFO) (PR by Conor Stevenson) * Fixed ``CancelScope.cancel()`` not working on asyncio if ... changelog too long, skipping 30 lines ... * interface names ==== python-charset-normalizer ==== Version update (3.2.0 -> 3.3.0) - update to 3.3.0: * Allow to execute the CLI (e.g. normalizer) through `python -m charset_normalizer.cli` or `python -m charset_normalizer` * Support for 9 forgotten encoding that are supported by Python but unlisted in `encoding.aliases` as they have no alias * Optional mypyc compilation upgraded to version 1.5.1 for Python >= 3.7 * Unable to properly sort CharsetMatch when both chaos/noise and coherence were close due to an unreachable condition in \_\_lt\_\_ (#350) ==== python-jsonschema ==== Version update (4.19.2 -> 4.20.0) - update to 4.20.0: * Properly consider items (and properties) to be evaluated by unevaluatedItems (resp. unevaluatedProperties) when behind a $dynamicRef as specified by the 2020 and 2019 specifications. * jsonschema.exceptions.ErrorTree.__setitem__ is now deprecated. More broadly, in general users of jsonschema should never be mutating objects owned by the library. ==== python-linux-procfs ==== Version update (0.7.1 -> 0.7.3) - update to 0.7.3: * python 3.12 support (remove distutils) * drop spec files and add SPDX licenses ==== python-markdown-it-py ==== Version update (2.2.0 -> 3.0.0) - Update to version 3.0.0: * drop python 3.7 support * Update from upstream markdown-it 12.2.0 to 13.0.0 - A key change is the addition of a new Token type, text_special, which is used to represent HTML entities and backslash escaped characters. - This ensures that (core) typographic transformation rules are not incorrectly applied to these texts. - The final core rule is now the new text_join rule, which joins adjacent text/text_special tokens, and so no text_special tokens should be present in the final token stream. - Any custom typographic rules should be inserted before text_join. - A new linkify rule has also been added to the inline chain, which will linkify full URLs (e.g. https://example.com), and fixes collision of emphasis and linkifier (so http://example.org/foo._bar_-_baz is now a single link, not emphasized). - Emails and fuzzy links are not affected by this. * REFACTOR: Replace most character code use with strings - The use of StateBase.srcCharCode is deprecated (with backward-compatibility), and all core uses are replaced by StateBase.src. - Conversion of source string characters to an integer representing the Unicode character is prevalent in the upstream JavaScript implementation, to improve performance. However, it is unnecessary in Python and leads to harder to read code and performance deprecations (during the conversion in the StateBase initialisation). * Centralise indented code block tests - For CommonMark, the presence of indented code blocks prevent any other block element from having an indent of greater than 4 spaces. - Certain Markdown flavors and derivatives, such as mdx and djot, disable these code blocks though, since it is more common to use code fences and/or arbitrary indenting is desirable. - Previously, disabling code blocks did not remove the indent limitation, since most block elements had the 3 space limitation hard-coded. - This change centralised the logic of applying this limitation (in StateBlock.is_code_block), and only applies it when indented code blocks are enabled. * Maintenance changes - Strict type annotation checking has been applied to the whole code base, ruff is now used for linting, and fuzzing tests have been added to the CI, to integrate with Google OSS-Fuzz testing, thanks to @DavidKorczynski. ==== python-pexpect ==== Version update (4.8.0 -> 4.9.0) - update to 4.9: * Add support for Python 3.12 #769. * Clean up temporary files after UnicodeTests #753. * Add Python 3.5, 3.6 and 3.12.0-rc.1 to test matrix #763. * Set prompt correctly for zsh #712. * Add zsh convenience function to replwrap module #751. * Rework async unittests to rely on unittest.IsolatedAsyncioTestCase #764. * Make test_expect.py work on POSIX systems that are not Linux based #698. * Add support for ``socket``, which allows sockets to be used crossplatform #745. * Update async to work on newer versions of python #732. * Remove deprecated RSAAuthentication option (SSHv1) #744. * Multiple CI fixes #743 #737 #742 #739 #722. * Use Github Actions for CI #734. * Remove pytest-capturelog from testing requirements #730. * Fix usage for Solaris #663 #604 #560. * Fix threading for new versions of python #684. * Fix documentation builds for use with Sphinx 3 #638. * Use ``sys.executable`` for tests and wrapper, allowing the calling python executable to be used instead #623. * Update documentation about Wexpect #623. * Added project urls to ``setup.py`` #620. * Provide examples for how to use Pexpect and Pyte #587. * Coerce compiled regex patterns type according to spawn encoding #560. * Several doc updates #626 #635 #643 #644 #728. drop 31fab7b0edbe9b3401507b5dfa4db6aaf3fabca5.patch, 684.patch, 715.patch, 742.patch, dae602d37493bae239e0e8db5b3dabafebfd59db.patch, fix-fail-no-alias.patch, no-python-binary.patch: upstream ==== python311 ==== Version update (3.11.5 -> 3.11.6) Subpackages: python311-curses python311-dbm - Remove not needed patch 103213-fetch-CONFIG_ARGS.patch - Refresh patches: - bpo-31046_ensurepip_honours_prefix.patch - fix_configure_rst.patch - Update to 3.11.6: - Core and Builtins - gh-109351: Fix crash when compiling an invalid AST involving a named (walrus) expression. - gh-109207: Fix a SystemError in __repr__ of symtable entry object. - gh-109179: Fix bug where the C traceback display drops notes from SyntaxError. - gh-88943: Improve syntax error for non-ASCII character that follows a numerical literal. It now points on the invalid non-ASCII character, not on the valid numerical literal. - gh-108959: Fix caret placement for error locations for subscript and binary operations that involve non-semantic parentheses and spaces. Patch by Pablo Galindo - gh-108520: Fix multiprocessing.synchronize.SemLock.__setstate__() to properly initialize multiprocessing.synchronize.SemLock._is_fork_ctx. This fixes a regression when passing a SemLock accross nested processes. - Rename multiprocessing.synchronize.SemLock.is_fork_ctx to multiprocessing.synchronize.SemLock._is_fork_ctx to avoid exposing it as public API. - Library - gh-110036: On Windows, multiprocessing Popen.terminate() now catchs PermissionError and get the process exit code. If the process is still running, raise again the PermissionError. Otherwise, the process terminated as expected: store its exit code. Patch by Victor Stinner. - gh-110038: Fixed an issue that caused KqueueSelector.select() to not return all the ready events in some cases when a file descriptor is registered for both read and write. - gh-109631: re functions such as re.findall(), re.split(), re.search() and re.sub() which perform short repeated matches can now be interrupted by user. - gh-109593: Avoid deadlocking on a reentrant call to the multiprocessing resource tracker. Such a reentrant call, though unlikely, can happen if a GC pass invokes the finalizer for a multiprocessing object such as SemLock. - gh-109613: Fix os.stat() and os.DirEntry.stat(): check for exceptions. Previously, on Python built in debug mode, these functions could trigger a fatal Python error (and abort the process) when a function succeeded with an exception set. Patch by Victor Stinner. - gh-109375: The pdb alias command now prevents registering aliases without arguments. - gh-107219: Fix a race condition in concurrent.futures. When a process in the process pool was terminated abruptly (while the future was running or pending), close the connection write end. If the call queue is blocked on sending bytes to a worker process, closing the connection write end interrupts the send, so the queue can be closed. Patch by Victor Stinner. - gh-50644: Attempts to pickle or create a shallow or deep copy of codecs streams now raise a TypeError. Previously, copying failed with a RecursionError, while pickling produced wrong results that eventually caused unpickling to fail with a RecursionError. - gh-108987: Fix _thread.start_new_thread() race condition. If a thread is created during Python finalization, the newly spawned thread now exits immediately instead of trying to access freed memory and lead to a crash. Patch by Victor Stinner. - gh-108843: Fix an issue in ast.unparse() when unparsing f-strings containing many quote types. - gh-108682: Enum: raise TypeError if super().__new__() is called from a custom __new__. - gh-105829: Fix concurrent.futures.ProcessPoolExecutor deadlock - gh-64662: Fix support for virtual tables in sqlite3.Connection.iterdump(). Patch by Aviv Palivoda. - gh-107913: Fix possible losses of errno and winerror values in OSError exceptions if they were cleared or modified by the cleanup code before creating the exception object. - gh-104372: On Linux where subprocess can use the vfork() syscall for faster spawning, prevent the parent process from blocking other threads by dropping the GIL while it waits for the vfork’ed child process exec() outcome. This prevents spawning a binary from a slow filesystem from blocking the rest of the application. - gh-84867: unittest.TestLoader no longer loads test cases from exact unittest.TestCase and unittest.FunctionTestCase classes. - Documentation - gh-109209: The minimum Sphinx version required for the documentation is now 4.2. - gh-105052: Update timeit doc to specify that time in seconds is just the default. - gh-102823: Document the return type of x // y when x and y have type float. - Tests - gh-110031: Skip test_threading tests using thread+fork if Python is built with Address Sanitizer (ASAN). Patch by Victor Stinner. - gh-110088: Fix test_asyncio timeouts: don’t measure the maximum duration, a test should not measure a CI performance. Only measure the minimum duration when a task has a timeout or delay. Add CLOCK_RES to test_asyncio.utils. Patch by Victor Stinner. - gh-110033: Fix test_interprocess_signal() of test_signal. Make sure that the subprocess.Popen object is deleted before the test raising an exception in a signal handler. Otherwise, Popen.__del__() can get the exception which is logged as ... changelog too long, skipping 106 lines ... multissltests to use 1.1.1w, 3.0.11, and 3.1.3. ==== python311-core ==== Version update (3.11.5 -> 3.11.6) Subpackages: libpython3_11-1_0 python311-base - Remove not needed patch 103213-fetch-CONFIG_ARGS.patch - Refresh patches: - bpo-31046_ensurepip_honours_prefix.patch - fix_configure_rst.patch - Update to 3.11.6: - Core and Builtins - gh-109351: Fix crash when compiling an invalid AST involving a named (walrus) expression. - gh-109207: Fix a SystemError in __repr__ of symtable entry object. - gh-109179: Fix bug where the C traceback display drops notes from SyntaxError. - gh-88943: Improve syntax error for non-ASCII character that follows a numerical literal. It now points on the invalid non-ASCII character, not on the valid numerical literal. - gh-108959: Fix caret placement for error locations for subscript and binary operations that involve non-semantic parentheses and spaces. Patch by Pablo Galindo - gh-108520: Fix multiprocessing.synchronize.SemLock.__setstate__() to properly initialize multiprocessing.synchronize.SemLock._is_fork_ctx. This fixes a regression when passing a SemLock accross nested processes. - Rename multiprocessing.synchronize.SemLock.is_fork_ctx to multiprocessing.synchronize.SemLock._is_fork_ctx to avoid exposing it as public API. - Library - gh-110036: On Windows, multiprocessing Popen.terminate() now catchs PermissionError and get the process exit code. If the process is still running, raise again the PermissionError. Otherwise, the process terminated as expected: store its exit code. Patch by Victor Stinner. - gh-110038: Fixed an issue that caused KqueueSelector.select() to not return all the ready events in some cases when a file descriptor is registered for both read and write. - gh-109631: re functions such as re.findall(), re.split(), re.search() and re.sub() which perform short repeated matches can now be interrupted by user. - gh-109593: Avoid deadlocking on a reentrant call to the multiprocessing resource tracker. Such a reentrant call, though unlikely, can happen if a GC pass invokes the finalizer for a multiprocessing object such as SemLock. - gh-109613: Fix os.stat() and os.DirEntry.stat(): check for exceptions. Previously, on Python built in debug mode, these functions could trigger a fatal Python error (and abort the process) when a function succeeded with an exception set. Patch by Victor Stinner. - gh-109375: The pdb alias command now prevents registering aliases without arguments. - gh-107219: Fix a race condition in concurrent.futures. When a process in the process pool was terminated abruptly (while the future was running or pending), close the connection write end. If the call queue is blocked on sending bytes to a worker process, closing the connection write end interrupts the send, so the queue can be closed. Patch by Victor Stinner. - gh-50644: Attempts to pickle or create a shallow or deep copy of codecs streams now raise a TypeError. Previously, copying failed with a RecursionError, while pickling produced wrong results that eventually caused unpickling to fail with a RecursionError. - gh-108987: Fix _thread.start_new_thread() race condition. If a thread is created during Python finalization, the newly spawned thread now exits immediately instead of trying to access freed memory and lead to a crash. Patch by Victor Stinner. - gh-108843: Fix an issue in ast.unparse() when unparsing f-strings containing many quote types. - gh-108682: Enum: raise TypeError if super().__new__() is called from a custom __new__. - gh-105829: Fix concurrent.futures.ProcessPoolExecutor deadlock - gh-64662: Fix support for virtual tables in sqlite3.Connection.iterdump(). Patch by Aviv Palivoda. - gh-107913: Fix possible losses of errno and winerror values in OSError exceptions if they were cleared or modified by the cleanup code before creating the exception object. - gh-104372: On Linux where subprocess can use the vfork() syscall for faster spawning, prevent the parent process from blocking other threads by dropping the GIL while it waits for the vfork’ed child process exec() outcome. This prevents spawning a binary from a slow filesystem from blocking the rest of the application. - gh-84867: unittest.TestLoader no longer loads test cases from exact unittest.TestCase and unittest.FunctionTestCase classes. - Documentation - gh-109209: The minimum Sphinx version required for the documentation is now 4.2. - gh-105052: Update timeit doc to specify that time in seconds is just the default. - gh-102823: Document the return type of x // y when x and y have type float. - Tests - gh-110031: Skip test_threading tests using thread+fork if Python is built with Address Sanitizer (ASAN). Patch by Victor Stinner. - gh-110088: Fix test_asyncio timeouts: don’t measure the maximum duration, a test should not measure a CI performance. Only measure the minimum duration when a task has a timeout or delay. Add CLOCK_RES to test_asyncio.utils. Patch by Victor Stinner. - gh-110033: Fix test_interprocess_signal() of test_signal. Make sure that the subprocess.Popen object is deleted before the test raising an exception in a signal handler. Otherwise, Popen.__del__() can get the exception which is logged as ... changelog too long, skipping 106 lines ... multissltests to use 1.1.1w, 3.0.11, and 3.1.3. ==== raspberrypi-firmware ==== Version update (2023.04.25 -> 2023.11.21) - Update to 8972935 (2023-11-21) * firmware: config: Add [pi5] to config.txt on 2711 and earlier platforms * firmware: arm_dt: Add support for the HAT map See: raspberrypi/linux#5610 * firmware: arm_dt: Ensure strings are NUL-terminated * firmware: video_decode: Add support for 32bpp RGB conversion * firmware: Image format patches * firmware: platform: Fixes for arm side display when throttling * firmware: dtoverlay: Support literal assignments of path strings * firmware: arm_loader: Fix non-standard console UARTs * firmware: arm_loader: Improve UART console selection * firmware: arm_loader: Remove unwanted assert * firmware: arm_loader: initramfs must match the kernel * firmware: arm_loader: Don't overwrite kernel path, check before loading stub * firmware: arm_loader: Use os_prefix when looking for stubs * firmware: arm_loader: Add auto_initramfs support * firmware: arm_loader: Set WiFi MAC address if all zeroes * firmware: platform: Don't set GPIOs 28&29 to RGMII if NO_RGMII trait is set ==== raspberrypi-firmware-config ==== Version update (2023.04.25 -> 2023.11.21) - Update to 8972935 (2023-11-21) * firmware: config: Add [pi5] to config.txt on 2711 and earlier platforms * firmware: arm_dt: Add support for the HAT map See: raspberrypi/linux#5610 * firmware: arm_dt: Ensure strings are NUL-terminated * firmware: video_decode: Add support for 32bpp RGB conversion * firmware: Image format patches * firmware: platform: Fixes for arm side display when throttling * firmware: dtoverlay: Support literal assignments of path strings * firmware: arm_loader: Fix non-standard console UARTs * firmware: arm_loader: Improve UART console selection * firmware: arm_loader: Remove unwanted assert * firmware: arm_loader: initramfs must match the kernel * firmware: arm_loader: Don't overwrite kernel path, check before loading stub * firmware: arm_loader: Use os_prefix when looking for stubs * firmware: arm_loader: Add auto_initramfs support * firmware: arm_loader: Set WiFi MAC address if all zeroes * firmware: platform: Don't set GPIOs 28&29 to RGMII if NO_RGMII trait is set - Add _multibuild to define 2nd spec file as additional flavor. Eliminates the need for source package links in OBS. ==== raspberrypi-firmware-dt ==== Version update (2023.05.02 -> 2023.11.21) - Update to 77f41f30fe (2023-11-21): * switch to 6.6 branch - Rebase patches: * 0001-ARM-dts-bcm2711-rpi-Reuse-bcm2836-vchiq-driver.patch * 0001-ARM-dts-bcm27xx-Use-better-name-for-spidev.patch ==== ruby-common ==== - gem_cleanup macro: yet another place which got hit by ruby 3.3 replace `gem env gemdir` with `ruby -r rubygems -e 'puts Gem.default_dir'` - Fix for the previous change. we need to set the GEM_HOME before even wrapping into the re-exec with ruby. - add workaround for https://github.com/rubygems/rubygems/commit/64273fd7e3 for now we will always set GEM_HOME to ensure that this new logic does not break our paths - ensure that gems built against an jemalloc enabled ruby also pulls a ruby version that is built with jemalloc ==== selinux-policy ==== Version update (20231030 -> 20231124) Subpackages: selinux-policy-targeted - Update to version 20231124: * Allow virtnetworkd_t to execute bin_t (bsc#1216903) - Add new modules that were missed in the last update to modules-mls-contrib.conf - Add new modules that were missed in the last update to modules-targeted-contrib.conf ==== webkit2gtk3 ==== Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Ensure max_link_jobs and max_compile_jobs have valid values even when %{jobs} is not defined (like when building outside of OBS). ==== webkit2gtk4 ==== Subpackages: libjavascriptcoregtk6_0-1 libwebkitgtk6_0-4 webkitgtk-6_0-injected-bundles - Ensure max_link_jobs and max_compile_jobs have valid values even when %{jobs} is not defined (like when building outside of OBS).