Packages changed: Mesa (23.2.1 -> 23.3.3) Mesa-drivers (23.2.1 -> 23.3.3) abseil-cpp coreutils coreutils-systemd cronie dracut (059+suse.533.g5a7cf9fa -> 059+suse.538.ge7a5cff9) ed (1.19 -> 1.20) gdm gnome-shell grub2 gvisor-tap-vsock (0.7.0 -> 0.7.2) ibus installation-images-MicroOS (17.110 -> 17.111) kdump (2.0.0 -> 2.0.1) kernel-firmware (20240102 -> 20240115) kernel-source (6.6.11 -> 6.7.1) libeconf (0.6.0 -> 0.6.1) libidn (1.41 -> 1.42) libmspack libnvme (1.6+5.g68c6ffb -> 1.7.1+0.g13ba383) libplacebo (6.338.1 -> 6.338.2) libstorage-ng (4.5.174 -> 4.5.175) ncurses (6.4.20240113 -> 6.4.20240120) nvme-cli (2.6 -> 2.7.1) pam (1.5.3 -> 1.6.0) pam-full-src (1.5.3 -> 1.6.0) pipewire python-SQLAlchemy (2.0.24 -> 2.0.25) python-Twisted python-anyio (3.7.1 -> 4.2.0) python-gevent python-service_identity (23.1.0 -> 24.1.0) qca-qt5 (2.3.7+git12 -> 2.3.8+git1) qpdf (11.7.0 -> 11.8.0) rpm-config-SUSE (20230712 -> 20240118) sdbootutil (1+git20231221.42797ab -> 1+git20240122.c0d8f76) shaderc (2023.7 -> 2023.8) sssd (2.9.3 -> 2.9.4) systemd tevent (0.15.0 -> 0.16.0) tpm2-0-tss util-linux util-linux-systemd vulkan-loader (1.3.268.0 -> 1.3.275.0) vulkan-tools (1.3.268.0 -> 1.3.275.0) yast2-pkg-bindings (5.0.2 -> 5.0.4) zbar (0.23.90 -> 0.23.93) zchunk (1.3.2 -> 1.4.0) === Details === ==== Mesa ==== Version update (23.2.1 -> 23.3.3) Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - split python36-buildfix.patch into two patches python36-buildfix1.patch and python36-buildfix2.patch; apply the latter only on sle15-sp6/Leap 15.6 since on newer python releases than 3.6 it changes behaviour to remove required=True option - python36-buildfix.patch * src/freedreno/registers/gen_header.py: hopefully fixes aarch64 build - u_0001-intel-genxml-Drop-from-__future__-import-annotations.patch u_0002-intel-genxml-Add-a-untyped-OrderedDict-fallback-for-.patch python36-buildfix.patch * fixes build against python 3.6 - let Mesa-dri require libvulkan1 to get zink/swrast driver fallbacks working (hopefully); probably related: https://gitlab.freedesktop.org/mesa/mesa/-/commit/2a71f06f2938678d89d5ed1372cda6a7b55d964d - Update to bugfix release 23.3.3 - -> https://docs.mesa3d.org/relnotes/23.3.3.html - Update to bugfix release 23.3.2 - -> https://docs.mesa3d.org/relnotes/23.3.2.html - Update to version 23.3.0: * It includes NVK, a new reverse-engineered Vulkan driver for Nvidia hardware. This driver is still in experimental phase, not quite ready for prime time yet, but adventurous users can give it a go! * New extensions & features (in no particular order): - VK_EXT_pipeline_robustness on ANV - VK_KHR_maintenance5 on RADV - OpenGL ES 3.1 on Asahi - GL_ARB_compute_shader on Asahi - GL_ARB_shader_atomic_counters on Asahi - GL_ARB_shader_image_load_store on Asahi - GL_ARB_shader_image_size on Asahi - GL_ARB_shader_storage_buffer_object on Asahi - GL_ARB_sample_shading on Asahi - GL_OES_sample_variables on Asahi - GL_OES_shader_multisample_interpolation on Asahi - GL_OES_gpu_shader5 on Asahi - EGL_ANDROID_blob_cache works when disk caching is disabled - VK_KHR_cooperative_matrix on RADV/GFX11+ - Drop patches fixed upstream: * U_clover-llvm-move-to-modern-pass-manager.patch * U_radeonsi-prefix-function-with-si_-to-prevent-name-co.patch - Refresh patches with quilt. - Use %patch -p N instead of deprecated %patchN. ==== Mesa-drivers ==== Version update (23.2.1 -> 23.3.3) Subpackages: Mesa-dri Mesa-gallium Mesa-libva - split python36-buildfix.patch into two patches python36-buildfix1.patch and python36-buildfix2.patch; apply the latter only on sle15-sp6/Leap 15.6 since on newer python releases than 3.6 it changes behaviour to remove required=True option - python36-buildfix.patch * src/freedreno/registers/gen_header.py: hopefully fixes aarch64 build - u_0001-intel-genxml-Drop-from-__future__-import-annotations.patch u_0002-intel-genxml-Add-a-untyped-OrderedDict-fallback-for-.patch python36-buildfix.patch * fixes build against python 3.6 - let Mesa-dri require libvulkan1 to get zink/swrast driver fallbacks working (hopefully); probably related: https://gitlab.freedesktop.org/mesa/mesa/-/commit/2a71f06f2938678d89d5ed1372cda6a7b55d964d - Update to bugfix release 23.3.3 - -> https://docs.mesa3d.org/relnotes/23.3.3.html - Update to bugfix release 23.3.2 - -> https://docs.mesa3d.org/relnotes/23.3.2.html - Update to version 23.3.0: * It includes NVK, a new reverse-engineered Vulkan driver for Nvidia hardware. This driver is still in experimental phase, not quite ready for prime time yet, but adventurous users can give it a go! * New extensions & features (in no particular order): - VK_EXT_pipeline_robustness on ANV - VK_KHR_maintenance5 on RADV - OpenGL ES 3.1 on Asahi - GL_ARB_compute_shader on Asahi - GL_ARB_shader_atomic_counters on Asahi - GL_ARB_shader_image_load_store on Asahi - GL_ARB_shader_image_size on Asahi - GL_ARB_shader_storage_buffer_object on Asahi - GL_ARB_sample_shading on Asahi - GL_OES_sample_variables on Asahi - GL_OES_shader_multisample_interpolation on Asahi - GL_OES_gpu_shader5 on Asahi - EGL_ANDROID_blob_cache works when disk caching is disabled - VK_KHR_cooperative_matrix on RADV/GFX11+ - Drop patches fixed upstream: * U_clover-llvm-move-to-modern-pass-manager.patch * U_radeonsi-prefix-function-with-si_-to-prevent-name-co.patch - Refresh patches with quilt. - Use %patch -p N instead of deprecated %patchN. ==== abseil-cpp ==== - fix build for non-SUSE distributions ==== coreutils ==== Subpackages: coreutils-doc - coreutils-9.4.split-CVE-2024-0684.patch: Add upstream patch: split: do not shrink hold buffer. (CVE-2024-0684) - coreutils-i18n.patch: Update from Fedora to fix build on i686 on GCC14. ==== coreutils-systemd ==== - coreutils-9.4.split-CVE-2024-0684.patch: Add upstream patch: split: do not shrink hold buffer. (CVE-2024-0684) - coreutils-i18n.patch: Update from Fedora to fix build on i686 on GCC14. ==== cronie ==== Subpackages: cron - Update to 1.7.1: * crond: Wait on finishing the job with -n option to check the exit status * crond: Do not set the return path to <> if non-default MAILFROM is set * /etc/sysconfig/crond and /etc/default/anacron files are optional - Remove test-for-etc-default-anacron.patch - Set safe permissions for crontab backups. Add * safe-backup-permissions.patch - Fix anacron not working when /etc/default/anacron does not exist, fixes bsc#1218377 * test-for-etc-default-anacron.patch ==== dracut ==== Version update (059+suse.533.g5a7cf9fa -> 059+suse.538.ge7a5cff9) Subpackages: dracut-ima - Update to version 059+suse.538.ge7a5cff9: * fix(livenet): split `imgsize` calculation to avoid misleading error message * fix(livenet): check also `content-length` from live image header * fix(livenet): propagate error code * fix(dracut): correct regression with multiple `rd.break=` options ==== ed ==== Version update (1.19 -> 1.20) - update to 1.20: * New command-line options for jumping to a line number or match * Improved handling of file names containing control characters * Tweak workflow for fewer 'buffer modified' warnings * Tilde expansion is now performed on file names * Warn on modifying a buffer from a read-only file * Create missing intermediate directories when writing to a file * Documentation updates - drop obsolete makeinfo marcos ==== gdm ==== Subpackages: gdm-schema gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0 - Make Patch0 only applies on s390 and s390x. ==== gnome-shell ==== Subpackages: gnome-extensions gnome-shell-calendar - Adapt to version 45.3(bsc#1216072): + Rebase gnome-shell-domain.patch + Rebase gnome-shell-fate324570-Make-GDM-background-image-configurable.patch ==== grub2 ==== Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin - allow to boot memtest86 if stored in /usr/lib/memtest86+ * SR#1071109 can then work ==== gvisor-tap-vsock ==== Version update (0.7.0 -> 0.7.2) - Update to version 0.7.2: * Add --log-file to gvproxy * ssh: Recreate connection on retries in setupProxy * build(deps): bump golang.org/x/sync from 0.5.0 to 0.6.0 * build(deps): bump golang.org/x/crypto from 0.17.0 to 0.18.0 * ghactions: add Go 1.22rc1 * go.mod: gvisor.dev/gvisor v0.0.0-20231023213702-2691a8f9b1cf * ssh: Add when to setupProxy * ssh: Introduce 'retry' helper * [CI:BUILD] packit: simplify config after F37 EOL * version: Add versioning for github tarballs * version: Add moduleVersionFromBuildInfo * cmd/*: Add -version flag to executables * build(deps): bump golang.org/x/crypto from 0.15.0 to 0.17.0 * build: Use ldflags in win-{gvproxy,sshproxy} targets * build(deps): bump github.com/coreos/stream-metadata-go * build(deps): bump github.com/miekg/dns from 1.1.56 to 1.1.57 * build(deps): bump github.com/onsi/gomega from 1.28.0 to 1.30.0 * build(deps): bump golang.org/x/sync from 0.4.0 to 0.5.0 * build(deps): bump golang.org/x/crypto from 0.14.0 to 0.15.0 * lint: Stop using dot imports * tools: Update golangci-lint to latest version * transport: Support passing CID for linux vsock * Packit: enable f39 downstream tasks * build(deps): bump golang.org/x/net from 0.15.0 to 0.17.0 * build(deps): bump golang.org/x/sync from 0.3.0 to 0.4.0 * build(deps): bump golang.org/x/crypto from 0.13.0 to 0.14.0 * build(deps): bump github.com/onsi/gomega from 1.27.10 to 1.28.0 * Packit: add ppc64le and s390x targets for podman-next copr * build(deps): bump github.com/miekg/dns from 1.1.55 to 1.1.56 * Add graceful shutdown support for gvproxy on Win * ghactions: Add comment explaining why we stay on ubuntu-20.04 * ghactions: Use macos-latest instead of macos-11 * ghactions: Use `make win-sshproxy` * ghactions: build: Add win-gvproxy and win-sshproxy * Packit: enable f39 targets * rpm: correctly obsolete older rpm builds * rpm: gvforwarder subpackage * Packit: reuse copr targets for podman-next * Rename Command type to GvproxyCommand * Fixes the generated commandline for the Command type * README: More vfkit updates * build(deps): bump golang.org/x/crypto from 0.12.0 to 0.13.0 * build: Add freebsd build to make cross * transport: Refactor 'Listen' code * transport: Only build unixgram on darwin * build: Use golangci-lint from tools/ * tools: go.mod: Switch to golang 1.20 * tools: Rename go module * build: Remove -arm64/-amd64 darwin binaries after makefat * build: Build arm64 linux binary * ghactions: Build on ubuntu 20.04 * Fix golangci-lint errors * build(deps): bump golang.org/x/crypto from 0.11.0 to 0.12.0 * Add `Command` type * packit: Build PRs into default packit COPRs * build(deps): bump golang.org/x/sys from 0.10.0 to 0.11.0 * gvproxy: add docker.internal dns entries * Packit: switch to rpm/gvisor-tap-vsock.spec * README.md: Replace hyperkit with vfkit * README.md: Fix QEMU spelling ==== ibus ==== Subpackages: libibus-1_0-5 typelib-1_0-IBus-1_0 - Use %_libexecdir as the basis of %_ibus_libexecdir (bsc#1174075) ==== installation-images-MicroOS ==== Version update (17.110 -> 17.111) - merge gh#openSUSE/installation-images#687 - use kernel-firmware-all instead of kernel-firmware (bsc#1214789) - 17.111 ==== kdump ==== Version update (2.0.0 -> 2.0.1) - upgrade to version 2.0.1 * load.sh: fix fadump (bsc#1218589) ==== kernel-firmware ==== Version update (20240102 -> 20240115) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20240115 (git commit efeb548d2a2b): * Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX101 * Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX203 * Intel Bluetooth: Update firmware file for SolarF Intel Bluetooth AX203 * Intel Bluetooth: Update firmware file for SolarF Intel Bluetooth AX211 * Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX211 * amdgpu: DMCUB updates for DCN314 * cirrus: Add firmware file for cs42l43 * amdgpu: DMCUB updates for DCN312 - Update to version 20240111 (git commit b3132c18d0be): * qcom: Update the firmware for Adreno a630 family of GPUs * cirrus: Add CS35L41 firmware for Legion Slim 7 Gen 8 laptops * linux-firmware: Add firmware for Cirrus CS35L41 for various Dell laptops - Update to version 20240110 (git commit 31db82d69905): * linux-firmware: update firmware for qat_4xxx devices * linux-firmware: update firmware for w1u_uart * amdgpu: DMCUB updates for DCN314 * Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX211 * Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX101 * Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX203 * Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX210 - Update to version 20240105 (git commit 5a6ae745d8a4): * amlogic/bluetooth: add firmware bin of W1 serial soc(w1u_uart) - Drop superfluous Provides from uncompressed kernel-firmware package that may confuse dependencies (bsc#1218307) - Minor adjustment and updates of scripts / templates ==== kernel-source ==== Version update (6.6.11 -> 6.7.1) - Linux 6.7.1 (bsc#1012628). - mm/memory_hotplug: fix memmap_on_memory sysfs value retrieval (bsc#1012628). - docs: kernel_feat.py: fix potential command injection (bsc#1012628). - scripts/decode_stacktrace.sh: optionally use LLVM utilities (bsc#1012628). - coresight: etm4x: Fix width of CCITMIN field (bsc#1012628). - PCI: Add ACS quirk for more Zhaoxin Root Ports (bsc#1012628). - leds: ledtrig-tty: Free allocated ttyname buffer on deactivate (bsc#1012628). - parport: parport_serial: Add Brainboxes device IDs and geometry (bsc#1012628). - parport: parport_serial: Add Brainboxes BAR details (bsc#1012628). - uio: Fix use-after-free in uio_open (bsc#1012628). - binder: fix comment on binder_alloc_new_buf() return value (bsc#1012628). - binder: fix trivial typo of binder_free_buf_locked() (bsc#1012628). - binder: fix use-after-free in shinker's callback (bsc#1012628). - binder: use EPOLLERR from eventpoll.h (bsc#1012628). - Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d" (bsc#1012628). - ksmbd: free ppace array on error in parse_dacl (bsc#1012628). - ksmbd: don't allow O_TRUNC open on read-only share (bsc#1012628). - drm/amd/display: Pass pwrseq inst for backlight and ABM (bsc#1012628). - bus: moxtet: Add spi device table (bsc#1012628). - bus: moxtet: Mark the irq as shared (bsc#1012628). - ACPI: resource: Add another DMI match for the TongFang GMxXGxx (bsc#1012628). - ALSA: hda: cs35l41: Support more HP models without _DSD (bsc#1012628). - ALSA: hda/realtek: Fix mute and mic-mute LEDs for HP Envy X360 13-ay0xxx (bsc#1012628). - ALSA: hda/realtek: enable SND_PCI_QUIRK for Lenovo Legion Slim 7 Gen 8 (2023) serie (bsc#1012628). - ALSA: hda: Add driver properties for cs35l41 for Lenovo Legion Slim 7 Gen 8 serie (bsc#1012628). - ALSA: hda: cs35l41: Prevent firmware load if SPI speed too low (bsc#1012628). - ALSA: hda: cs35l41: Support additional Dell models without _DSD (bsc#1012628). - ALSA: hda/realtek: Add quirks for Dell models (bsc#1012628). - f2fs: explicitly null-terminate the xattr list (bsc#1012628). - commit b2e8ed6 - media: solo6x10: replace max(a, min(b, c)) by clamp(b, a, c) (fix build and make it faster). - Delete patches.rpmify/Revert-minmax-allow-comparisons-of-int-against-unsig.patch. - Delete patches.rpmify/Revert-minmax-allow-min-max-clamp-if-the-arguments-h.patch. - Delete patches.rpmify/Revert-minmax-fix-indentation-of-__cmp_once-and-__cl.patch. - Delete patches.rpmify/Revert-minmax-relax-check-to-allow-comparison-betwee.patch. Replace the reverts by an upstream workaround. - commit 9bff21f - mm: huge_memory: don't force huge page alignment on 32 bit (bsc#1218841). - Delete patches.suse/Revert-mm-align-larger-anonymous-mappings-on-THP-bou.patch. Replace the revert by an upstream fix. - commit d54abef - Update patches.suse/futex-Avoid-reusing-outdated-pi_state.patch (bsc#1218801). Update to v2. - commit eeba83a - Revert "mm: align larger anonymous mappings on THP boundaries" (bsc#1218841). - commit 69537e9 - futex: Avoid reusing outdated pi_state (bsc#1218841). - commit 9859079 ==== libeconf ==== Version update (0.6.0 -> 0.6.1) - Update to version 0.6.1: * reading lines which have a length greater than BUFSIZE (#195) * Improved data quote check in read_file (#193) ==== libidn ==== Version update (1.41 -> 1.42) - update to 1.42: * build system tweaks * Updated translations and gnulib * fixes for other platforms ==== libmspack ==== - The following bugs and CVEs are not affecting TW: * CVE-2018-18584 * CVE-2018-18585 * CVE-2018-18586 * CVE-2019-1010305 * bsc#1113038 * bsc#1113039 * bsc#1113040 * bsc#1130489 * bsc#1141680 ==== libnvme ==== Version update (1.6+5.g68c6ffb -> 1.7.1+0.g13ba383) Subpackages: libnvme-mi1 libnvme1 - Update to version 1.7.1+0.g13ba383: * tree: do no free ns on error in nvme_ns_init - Update to version 1.7+0.gf38b1d7: * tree: do not open blk device on default * tree: read all attributes from sysfs when available * ioctl: set data length when retrieving LBA status * types: fix regression for vendor-specific field in nvme_id_ns * util: use cleanup functions * linux: use cleanup functions * json: use cleanup functions * fabrics: use cleanup functions * tree: use cleanup functions * cleanup: add cleanup functions * tree: fix incorrect return value * tree: Fix clearing application strings * libnvme: reshuffle nvme_generate_tls_key_identity() * libnvme: fixup error codes * libnvme: Implement 'nvme_generate_tls_key_identity()' * libnvme: support NVMe TLS identities version 1 * libnvme: Add base64 functions * libnvme: separate out 'gen_tls_identity' and reshuffle 'derive_nvme_keys' * libnvme: separate out a function 'select_hmac' * libnvme: fix a memory leak when calling read_ssns() * libnvme: fix a memory leak in read_discovery() * fabrics: avoid redundant args in nvme_discovery_log() * fabrics: have nvmf_get_discovery_log() call nvmf_get_discovery_wargs() * fabrics: fetch smaller Discovery Log Page header * fabrics: avoid redundant Get Log Page on retry * fabrics: clear RAE for discovery log page commands * json-schema: add keyring and tls_key details * types: add Host Behavior Support field definitions * mi: Cast values to u32 if shift overflows int * types: Cast values to u32 if shift overflows int * test: Avoid unaligned pointer dereferences * nbft: Avoid unaligned pointer dereferences * types: add cross-namespace copy formats, status codes, ONCS bits * nvme: Add length field to Hkdf-Expand-Label computation * ioctl: use lsp arg in nvme_get_log_boot_partition * fabrics: use SECTYPE to determine whether to use TLS * fabrics: Allocate aligned payloads for id_ctrl and discovery log calls * linux: Allocate aligned payloads for id_ctrl and id_ns calls * ioctl: MSB variable-size storage/reference tags ==== libplacebo ==== Version update (6.338.1 -> 6.338.2) - Update libplacebo to version 6.338.2. See details in: https://code.videolan.org/videolan/libplacebo/-/tags/v6.338.2 ==== libstorage-ng ==== Version update (4.5.174 -> 4.5.175) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - Translated using Weblate (Indonesian) (bsc#1149754) - 4.5.175 ==== ncurses ==== Version update (6.4.20240113 -> 6.4.20240120) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20240120 + improve formatting/style of manpages (patches by Branden Robinson). + amend discussion of aliases in tput.1 + use ansi+sgrbold, ansi+sgrdim, ansi+sgrso, ansi+sgrul, ansi+tabs ecma+color, ecma+sgr, vt100+4bsd, vt100+pfkeys, vt220+pcedit xterm+256color, xterm+acs, xterm+nopcfkeys, xterm+pcf2 to trim -TD + modify configure scripts/makefiles to omit KEY_RESIZE if the corresponding SIGWINCH feature is disabled. ==== nvme-cli ==== Version update (2.6 -> 2.7.1) Subpackages: nvme-cli-bash-completion - Update to version 2.7.1: * nvme-print-json: Revert field name changes (bsc#1218306) - Update to version 2.7: * nvme-print-json: include vs for identify namespace * nvme-print-stdout: enhance connect message * fabrics: fix connect error if hostid file does not exist * fabrics: fix invalid output format error during nvme connect * wdc: Fix vs-smart-add-log Command for SN650 and SN655 * nvme: restric hmac options for gen-tls-key * wdc: Fix UUID index fallback mechanism * plugins/ocp: Add OCP Telemetry String log page, Telemetry log page * completions: Add bash completions for telemetry string log page * plugins/solidigm: Added OCP 2.0 compatibility version command * plugins/solidigm: Added OCP 2.0 vs-drive-info command. * plugins/ocp: Fix printing order of various Latency Monitor Log buckets * nvme: validate output format split status from flag return value * nvme: simplify cleanup_nvme_dev() * cleanup: remove unused cleanup_charp() * wdc: Add support for SN861 2nd pci device id * nvme: replace libhugetlbfs with mmap and madvise * util/mem: move alloc helper to util section * nvme: auto cleanup filedescriptors * nvme: auto cleanup buffers * nvme: return error code in get_persistent_event_log * nvme: sanitize nvme-gen-tls-key * nvme: print out the resulting TLS identity for 'nvme check-tls-key' * nvme: Add version '1' identifier for nvme-gen-tls-key * subprojects/libnvme: update wrapper for TP8018 * plugins/solidigm: Added re_sku_count smart atrribute * doc: Fix nvme-connect manpage --application option string * plugins/ocp: changed command clear-pcie-correctable-error-counters to match OCP 2.0 spec. * plugins/solidigm: Added command to clear PCIe Correctable Error Counters according to OCP 2.0 * plugins/ocp: Reorganized clear feature code for better reuse * nvme: fixup length calculation for 'nvme gen-tls-key --secret' * doc: remove invalid hostkey info for --dhchap-secret * nvme-print-json: use human helper everywhere * nvme-print-json: remove obj_print helper * plugins/ocp: update nvme_show_select_result call * mailmap: only show contributer's name * nvme-print-json: Change to report status and message in array * nvme-print-json: Change to report feature select in array * nvme-print-json: Change to report error and data in array * nvme-print-json: Add show_init/finish calls to report features in array * nvme-print: Add nvme_show_error_status() to merge error message and status * nvme-print-json: Use r instead of root and use obj_add_***(r, ..., ...) * nvme-print-json: Delete static const char string global variables * nvme-print-json: Add remaining controller registers readable format * nvme-print-json: Add readable format cap, vs, cc, csts, nssr and crto registers * nvme-print-json: Combine duplicated json key and val string variables * nvme-print-json: Replase json_array_add_value_string() to array_add_str() * nvme-print-json: Replase json_object_add_value_uint128() to obj/root_add_uint128() * nvme-print-json: Replase json_object_add_value_object() to obj/root_add_obj() * nvme-print-json: Replase json_array_add_value_object() to array_add_obj() * nvme-print-json: Replase json_object_add_value_array() to obj/root_add_array() * nvme-print-json: Replase json_object_add_value_uint() to obj/root_add_uint() * nvme-print-json: Replase json_object_add_value_int() to obj/root_add_int() * nvme-print-json: Replase json_object_add_value_uint64() to obj/root_add_uint64() * nvme-print-json: Replase json_object_add_value_string() to obj/root_add_str() * nvme-print-json: Update feature_show_fields_*** to use root/obj_add_***() * nvme-print-json: Update lba_status_log to use root_add_***() and obj_add_***() * nvme-print-json: Replace lba_status_log printf() to root_add_result() * nvme-print-json: Add list_item print function * nvme-print-json: Add lba_status_info print function * nvme-print-json: Add lba_range print function * nvme-print-json: Add id_ctrl_rpmbs print function * nvme-print-json: Unify json_list and jroot object names to root * nvme-print-json: Add json_zns_changed print function * nvme-print-json: Add root_add_result() to output result message * nvme-print-json: Split persistent_event_log print function * nvme-print-json: Remove unnecessary string newline code * nvme-print-json: Replace effects_log_list print to use json_print() * nvme-print-json: Print persistent_event_log no log data result correctly * nvme-print-json: Add static "result" and "erorr" strings variables * nvme-print-json: Add single_property printf function * nvme: Replace get feature command stderr output to nvme_show_error() * nvme-print-json: Change d() output to use d_json() * nvme: Fix get-feature command mixed stdout and json outputs * nvme-print-json: Add remaining feature fields print functions * nvme-print-json: Update formatting and codying style * build: Add -std=c99 to CFLAGS for muon on CentOS 7 * fabrics: add udev rule to avoid renaming nbft interfaces * fabrics: autoconnect: add service unit for connecting NBFT subsystems * fabrics: autoconnect: explicitly express module dependency * Updates to codeql config * libnvme-wrap: exit on VOID_FN lookup failure * plugins/ocp:Added the ocp C6h feature api * plugin/ocp_fid_c6h:Added the ocp C6h feature api * nvme-copy: support cross-namespace copy * nvme/plugins: fix mismatch operator * nvme: fix overflow possiblity * nvme: reduce identify cmd issue * nvme: allow set-features to take input from stdin * Fix common misspellings from codespell project * nvme-print: Correct to print correct ascii character string length * print-stdout: print Host Behavior Support correctly * build: Bump libnvme wrap * plugins/solidigm: Added support for temperature statistics log page * Add support for codeql sweeps * doc: Add virt-mgmt command ... changelog too long, skipping 44 lines ... * update NetApp udev rule file name ==== pam ==== Version update (1.5.3 -> 1.6.0) - Add post 1.6.0 release fixes for pam_env and pam_unix: - pam_env-fix-enable-vendordir-fallback.patch - pam_env-fix_vendordir.patch - pam_env-remove-escaped-newlines.patch - pam_unix-fix-password-aging-disabled.patch - Update to version 1.6.0 - Added support of configuration files with arbitrarily long lines. - build: fixed build outside of the source tree. - libpam: added use of getrandom(2) as a source of randomness if available. - libpam: fixed calculation of fail delay with very long delays. - libpam: fixed potential infinite recursion with includes. - libpam: implemented string to number conversions validation when parsing controls in configuration. - pam_access: added quiet_log option. - pam_access: fixed truncation of very long group names. - pam_canonicalize_user: new module to canonicalize user name. - pam_echo: fixed file handling to prevent overflows and short reads. - pam_env: added support of '\' character in environment variable values. - pam_exec: allowed expose_authtok for password PAM_TYPE. - pam_exec: fixed stack overflow with binary output of programs. - pam_faildelay: implemented parameter ranges validation. - pam_listfile: changed to treat \r and \n exactly the same in configuration. - pam_mkhomedir: hardened directory creation against timing attacks. - Please note that using *at functions leads to more open file handles during creation. - pam_namespace: fixed potential local DoS (CVE-2024-22365). - pam_nologin: fixed file handling to prevent short reads. - pam_pwhistory: helper binary is now built only if SELinux support is enabled. - pam_pwhistory: implemented reliable usernames handling when remembering passwords. - pam_shells: changed to allow shell entries with absolute paths only. - pam_succeed_if: fixed treating empty strings as numerical value 0. - pam_unix: added support of disabled password aging. - pam_unix: synchronized password aging with shadow. - pam_unix: implemented string to number conversions validation. - pam_unix: fixed truncation of very long user names. - pam_unix: corrected rounds retrieval for configured encryption method. - pam_unix: implemented reliable usernames handling when remembering passwords. - pam_unix: changed to always run the helper to obtain shadow password entries. - pam_unix: unix_update helper binary is now built only if SELinux support is enabled. - pam_unix: added audit support to unix_update helper. - pam_userdb: added gdbm support. - Multiple minor bug fixes, portability fixes, documentation improvements, and translation updates. - The following patches are obsolete with the update: - pam_access-doc-IPv6-link-local.patch - pam_access-hostname-debug.patch - pam_shells-fix-econf-memory-leak.patch - pam_shells-fix-econf-memory-leak.patch - disable-examples.patch - pam-login_defs-check.sh: adjust checksum, SHA_CRYPT_MAX_ROUNDS is no longer used. ==== pam-full-src ==== Version update (1.5.3 -> 1.6.0) - Add post 1.6.0 release fixes for pam_env and pam_unix: - pam_env-fix-enable-vendordir-fallback.patch - pam_env-fix_vendordir.patch - pam_env-remove-escaped-newlines.patch - pam_unix-fix-password-aging-disabled.patch - Update to version 1.6.0 - Added support of configuration files with arbitrarily long lines. - build: fixed build outside of the source tree. - libpam: added use of getrandom(2) as a source of randomness if available. - libpam: fixed calculation of fail delay with very long delays. - libpam: fixed potential infinite recursion with includes. - libpam: implemented string to number conversions validation when parsing controls in configuration. - pam_access: added quiet_log option. - pam_access: fixed truncation of very long group names. - pam_canonicalize_user: new module to canonicalize user name. - pam_echo: fixed file handling to prevent overflows and short reads. - pam_env: added support of '\' character in environment variable values. - pam_exec: allowed expose_authtok for password PAM_TYPE. - pam_exec: fixed stack overflow with binary output of programs. - pam_faildelay: implemented parameter ranges validation. - pam_listfile: changed to treat \r and \n exactly the same in configuration. - pam_mkhomedir: hardened directory creation against timing attacks. - Please note that using *at functions leads to more open file handles during creation. - pam_namespace: fixed potential local DoS (CVE-2024-22365). - pam_nologin: fixed file handling to prevent short reads. - pam_pwhistory: helper binary is now built only if SELinux support is enabled. - pam_pwhistory: implemented reliable usernames handling when remembering passwords. - pam_shells: changed to allow shell entries with absolute paths only. - pam_succeed_if: fixed treating empty strings as numerical value 0. - pam_unix: added support of disabled password aging. - pam_unix: synchronized password aging with shadow. - pam_unix: implemented string to number conversions validation. - pam_unix: fixed truncation of very long user names. - pam_unix: corrected rounds retrieval for configured encryption method. - pam_unix: implemented reliable usernames handling when remembering passwords. - pam_unix: changed to always run the helper to obtain shadow password entries. - pam_unix: unix_update helper binary is now built only if SELinux support is enabled. - pam_unix: added audit support to unix_update helper. - pam_userdb: added gdbm support. - Multiple minor bug fixes, portability fixes, documentation improvements, and translation updates. - The following patches are obsolete with the update: - pam_access-doc-IPv6-link-local.patch - pam_access-hostname-debug.patch - pam_shells-fix-econf-memory-leak.patch - pam_shells-fix-econf-memory-leak.patch - disable-examples.patch - pam-login_defs-check.sh: adjust checksum, SHA_CRYPT_MAX_ROUNDS is no longer used. ==== pipewire ==== Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Add patches from upstream to fix building the package in Factory with libcamera 0.2.0: * 0001-spa-libcamera-use-CameraConfigurationorientation.patch * 0002-spa-libcamera-bump-minimum-supported-version-to-0.2.0.patch ==== python-SQLAlchemy ==== Version update (2.0.24 -> 2.0.25) - update to 2.0.25: * preliminary support for Python 3.12 pep-695 type alias structures * see https://docs.sqlalchemy.org/en/20/changelog/changelog_20.html#change-2.0.25 ==== python-Twisted ==== Subpackages: python311-Twisted python311-Twisted-tls - Add twisted-pr12054-testinvokationpy3.12.1.patch * Pull request gh#twisted/twisted#12054 fixes failing tests on python312 gh#twisted/twisted#12052 - Fix rpmlint errors ==== python-anyio ==== Version update (3.7.1 -> 4.2.0) - update to 4.2.0: * Add support for byte-based paths in connect_unix, create_unix_listeners, create_unix_datagram_socket, and create_connected_unix_datagram_socket. (PR by Lura Skye) * Enabled the Event and CapacityLimiter classes to be instantiated outside an event loop thread * Broadly improved/fixed the type annotations. Among other things, many functions and methods that take variadic positional arguments now make use of PEP 646 TypeVarTuple to allow the positional arguments to be validated by static type checkers. These changes affected numerous methods and functions, including: * anyio.run() * TaskGroup.start_soon() * anyio.from_thread.run() * anyio.from_thread.run_sync() * anyio.to_thread.run_sync() * anyio.to_process.run_sync() * BlockingPortal.call() * BlockingPortal.start_task_soon() * BlockingPortal.start_task() (also resolves #560) * Fixed various type annotations of anyio.Path to match Typeshed: * anyio.Path.__lt__() * anyio.Path.__le__() * anyio.Path.__gt__() * anyio.Path.__ge__() * anyio.Path.__truediv__() * anyio.Path.__rtruediv__() * anyio.Path.hardlink_to() * anyio.Path.samefile() * anyio.Path.symlink_to() * anyio.Path.with_segments() (PR by Ganden Schaffner) * Fixed adjusting the total number of tokens in a CapacityLimiter on asyncio failing to wake up tasks waiting to acquire the limiter in certain edge cases (fixed with help from Egor Blagov) * Fixed loop_factory and use_uvloop options not being used on the asyncio backend * Fixed cancellation propagating on asyncio from a task group to child tasks if the task hosting the task group is in a shielded cancel scope - update to 4.1.0: * Adapted to API changes made in Trio v0.23 * Removed a checkpoint when exiting a task group * Renamed the ``cancellable`` argument in ``anyio.to_thread.run_sync()`` to * ``abandon_on_cancel`` (and deprecated the old parameter name) * Added support for voluntary thread cancellation via * ``anyio.from_thread.check_cancelled()`` * Bumped minimum version of trio to v0.23 * Exposed the ``ResourceGuard`` class in the public API * Fixed ``RuntimeError: Runner is closed`` when running higher- scoped async generator fixtures in some cases * Fixed discrepancy between ``asyncio`` and ``trio`` where reraising a cancellation exception in an ``except*`` block would incorrectly bubble out of its cancel scope * Any exceptions raising out of a task groups are now nested inside an ``ExceptionGroup`` (or ``BaseExceptionGroup`` if one or more ``BaseException`` were included) * Fixed task group not raising a cancellation exception on asyncio at exit if no child tasks were spawned and an outer cancellation scope had been cancelled before * Ensured that exiting a ``TaskGroup`` always hits a yield point, regardless of whether there are running child tasks to be waited on * On asyncio, cancel scopes will defer cancelling tasks that are scheduled to resume with a finished future * On asyncio and Python 3.9/3.10, cancel scopes now only suppress cancellation exceptions if the cancel message matches the scope * Task groups on all backends now raise a single cancellation exception when an outer cancel scope is cancelled, and no exceptions other than cancellation exceptions are raised in the group * **BACKWARDS INCOMPATIBLE** Changes the pytest plugin to run all tests and fixtures in the same task, allowing fixtures to set context variables for tests and other fixtures ``anyio.Path.relative_to()`` and * ``anyio.Path.is_relative_to()`` to only accept one argument, as passing multiple arguments is deprecated as of Python 3.12 * **BACKWARDS INCOMPATIBLE** Dropped support for spawning tasks from old-style coroutine functions (``@asyncio.coroutine``) * **BACKWARDS INCOMPATIBLE** The ``policy`` option on the ``asyncio`` backend was changed to ``loop_factory`` to accommodate ``asyncio.Runner`` * Dropped support for Python 3.7 * Added support for Python 3.12 * Fixed ``from_thread.run`` failing when used to call sniffio- dependent functions on asyncio from a thread running trio or curio * Fixed deadlock when using ``from_thread.start_blocking_portal(backend="asyncio")`` * in a thread running trio or curio (PR by Ganden Schaffner) * Improved type annotations: * The ``item_type`` argument of ``create_memory_object_stream`` was deprecated. * To indicate the item type handled by the stream, use * ``create_memory_object_stream[T_Item]()`` instead. Type checking should no longer fail when annotating memory object - drop tests-test_fileio.py-don-t-follow-symlinks-in-dev.patch (upstream) ==== python-gevent ==== - Clean obsolete old python and old distribution directives * Only 15.5+ with the sle15 python module and Tumbleweed have the required Python 3.8+ * Drop fix-no-return-in-nonvoid-function.patch - Update test suite execution * Use -u-network flag to disable network tests * Add gevent-opensuse-nocolor-tests.patch -- Avoid colorization of test output in obs runners * Add gevent-fix-unittest-returncode-py312-c1.patch and gevent-fix-unittest-returncode-py312-c2.patch gh#gevent/gevent#2012 ==== python-service_identity ==== Version update (23.1.0 -> 24.1.0) - update to 24.1.0: * If a certificate doesn't contain any `subjectAltName`s, we now raise `service_identity.CertificateError` instead of `service_identity.VerificationError` to make the problem easier to debug. ==== qca-qt5 ==== Version update (2.3.7+git12 -> 2.3.8+git1) Subpackages: libqca-qt5-2 qca-qt5-plugins - Update to version 2.3.8+git1: * CI: Enable Android builds - There's a v2.3.8 tag now so the version matches properly again ==== qpdf ==== Version update (11.7.0 -> 11.8.0) - Temporary workaround for test fuzz-16214 (bsc#1218902) * Add openssl3_2-fuzz-16214.patch - Update to 11.8.0: * Bug fixes: - When flattening annotations, preserve hyperlinks and other annotations that inherently have no appearance information. * CLI Enhancements - Introduce x in the numeric range syntax to allow exclusion of pages within a page range. See Page Ranges for details. - Support comma-separated numeric values with --collate to select different numbers of pages from different groups. - Add --set-page-labels option to completely override page labels in the output. * Library Enhancements - Add API to support --set-page-labels: - QPDFJob::Config::setPageLabels - pdf_page_label_e enumerated type - QPDFPageLabelDocumentHelper::pageLabelDict - Improve file recovery logic to better handle files with cross-reference streams. This should enable qpdf to recover some files that it would previously have reported “unable to find trailer dictionary.” ==== rpm-config-SUSE ==== Version update (20230712 -> 20240118) - Update to version 20240118: * find-provides.ksyms: Fix ksym provides on Tumbleweed/ALP - Update to version 20240115: * macros.initrd: %regenerate_initrd_post: don't fail if mkdir is unavailable * scripts: Do full ksyms dependencies on Tumbleweed (bsc#1215015) ==== sdbootutil ==== Version update (1+git20231221.42797ab -> 1+git20240122.c0d8f76) Subpackages: sdbootutil-rpm-scriptlets sdbootutil-snapper - Update to version 1+git20240122.c0d8f76: * Integrate with kernel-install * Rework kernel listing a bit * Add checks to list-entries * List entries for current system only by default * Fall back to loader.conf if setting efivar failed * Runtime determine kernel image name * Add list-snapshots * Add list-entries command - Update to version 1+git20240118.7e744b4: * Bind mount /etc inside the snapshot ==== shaderc ==== Version update (2023.7 -> 2023.8) - Update to release 2023.8 * API: Expose rlaxed Vulkan rules from glslang ==== sssd ==== Version update (2.9.3 -> 2.9.4) Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-krb5-common sssd-ldap - Update to release 2.9.4 * Fixes a crash when PAM passkey processing incorrectly handles non-passkey data. * Fixed group membership handling when members are coming from different forest domains and using ldap token groups is prohibited. * Files provider was erroneously taking into consideration ``local_auth_policy`` config option, thus breaking smartcard authentication of local user in setups that did not explicitly specify this option. This is now fixed. ==== systemd ==== Subpackages: libsystemd0 libudev1 systemd-boot systemd-coredump systemd-doc udev - Add patches that implement [jsc#PED-5659] 5003-cgroup-rename-TasksMax-structure-to-CGroupTasksMax.patch 5004-bus-print-properties-ignore-CGROUP_LIMIT_MAX-for-Mem.patch 5005-bus-print-properties-prettify-more-unset-properties.patch 5006-cgroup-Add-EffectiveMemoryMax-EffectiveMemoryHigh-an.patch 5007-test-Convert-rlimit-test-to-subtest-of-generic-limit.patch 5008-test-Add-effective-cgroup-limits-testing.patch 5009-cgroup-Restrict-effective-limits-with-global-resourc.patch 5010-cgroup-Rename-effective-limits-internal-table.patch They are temporarily put in quarantine to get broader testing but should be eventually moved to the git repo. - remove pam-config call from post scriptlet of systemd-32bit * the full package already does that ==== tevent ==== Version update (0.15.0 -> 0.16.0) Subpackages: libtevent0 python3-tevent - Update to version 0.16.0 * the epoll backend is no longer limited to 2 event handlers per low level fd. * finally add support for TEVENT_FD_ERROR ==== tpm2-0-tss ==== Subpackages: libtss2-esys0 libtss2-fapi1 libtss2-mu0 libtss2-rc0 libtss2-sys1 libtss2-tcti-device0 libtss2-tctildr0 - Fix tmpfiles %ghost file names - Move tmpfiles config to different package: * tmpfiles_create was being called with bad input (version ?) * it avoids breaking SLPP for libtss2-fapi1 (hence the prior warning in spec) - tss sysusers requires should be pre not post ==== util-linux ==== Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 - Minor multibuild fixes (PED-307): * Restore /bin symlinks in util-linux-systemd if building with ul_extra_bin_sbin. * Restore compatibility supplements and split-provides. * Update safety check instructions. ==== util-linux-systemd ==== - Minor multibuild fixes (PED-307): * Restore /bin symlinks in util-linux-systemd if building with ul_extra_bin_sbin. * Restore compatibility supplements and split-provides. * Update safety check instructions. ==== vulkan-loader ==== Version update (1.3.268.0 -> 1.3.275.0) - Update to release SDK-1.3.275.0 * Instance extensions unsupported by physical devices now return ERROR_EXTENSION_NOT_PRESENT * Unload drivers which report 0 physical devices ==== vulkan-tools ==== Version update (1.3.268.0 -> 1.3.275.0) - Update to release SDK-1.3.275.0 * icd: Add vkGetMemoryFdKHR support * icd: Add vkGetMemoryHostPointerPropertiesEXT support * vulkaninfo: Autogenerate Format list * icd: Add basic VkDisplayKHR support * icd: Add vkRegisterDisplayEventEXT * icd: Add video support ==== yast2-pkg-bindings ==== Version update (5.0.2 -> 5.0.4) - Fixed repository and service probing with libzypp 7.31.26 and newer, convert the type to string by pkg-bindings, not by libzypp which might change it (bsc#1218399) - 5.0.4 - Added new pkg calls for managing and resolving the solver conflicts. Added PkgSolveProblems(), PkgSetSolveSolutions() and PkgResetSolveSolutions() calls. (gh#openSUSE/agama#944) - Libzypp 17.31.26+ uses "N/A" for unknown repository types instead of "NONE", support both cases (bsc#1218859) - 5.0.3 ==== zbar ==== Version update (0.23.90 -> 0.23.93) - Update to 0.23.93: * Set a better dpi resolution when parsing PDF files * Fix memory recycle bug of empty symbols * Fix compilation with python 3.11 and 3.12 * CVE-2023-40889: Fix array out-of-bounds access * Stop ignoring non-binary entries that follow binary ones * Increase allocated buffer memory for symbols * barcodetest.py: fix error code print logic * convert: Crash fixing while using camera * Add some pod information for additional functions * perl skip more tests if DISPLAY not set and set prereqs in Makefile.PL * Fixes rt.cpan.org 122061 - test fails when DISPLAY not set * Update Barcode::ZBar * isaac: ensure proper order of parsing expression * Enforce x11 backend even on wayland * zbarimg: add the --polygon option * xml output: Add polygon containing code bar. * configure.ac: drop support for Qt4 and prepare for Qt6 support * win: fix compiling error in Visual studio * Enforce a coding style * configure.ac: fix some issues with gtk parameter * zbargtk: fix version check macros * zbar: Address some header issues * zbar, test: fix compilation issues with FreeBSD * zbar: Function stdcall declaration issue. * symbol: make it compatible with MSC * zbar: change the code to make it c90 standard compatible * test: fix decode test - Drop upstreamed patches: * zbar-CVE-2023-40889.patch * zbar-CVE-2023-40890.patch * py311.patch - Add patch to fix build see gh#mchehab/zbar#277: * zbar-configure.patch * zbar-pkgconfig.patch ==== zchunk ==== Version update (1.3.2 -> 1.4.0) - update to 1.4.0: * Rework hash code to support openSSL 3.x EVP API * memory leak fix * tests for invalid zchunk files * More statistics in zchunk_delta_info * avoid infinite loop under certain conditions * Add zck_get_chunk_ctx function to get context from chunk