Packages changed:
AppStream
MozillaFirefox
bolt (0.9.8 -> 0.9.9)
clamav
container-selinux (2.237.0 -> 2.238.0)
gnome-desktop (44.1 -> 44.3)
gnome-software (48.1 -> 48.2)
gpg2 (2.5.6 -> 2.5.7)
ibus-libpinyin (1.16.1 -> 1.16.3)
iproute2 (6.14 -> 6.15)
iputils (20240905 -> 20250602)
less
libp11 (0.4.13 -> 0.4.14)
libpinyin (2.10.1 -> 2.10.2)
libssh
libstorage-ng (4.5.257 -> 4.5.258)
libunwind
libupnp (1.14.20 -> 1.14.22)
libzmf
libzypp (17.37.2 -> 17.37.3)
ncurses (6.5.20250524 -> 6.5.20250531)
ntfs-3g_ntfsprogs
openSUSE-build-key
openSUSE-release (20250602 -> 20250604)
openblas_openmp
openblas_pthreads
perl-Crypt-OpenSSL-RSA (0.33 -> 0.350.0)
perl-IO-HTML (1.004 -> 1.4.0)
perl-IO-Socket-SSL (2.89.0 -> 2.90.0)
perl-Net-Patricia (1.22 -> 1.230.0)
polkit-default-privs (1550+20250514.1208790 -> 1550+20250603.5d84a17)
postfix
protobuf-c (1.5.1 -> 1.5.2)
salt
sdbootutil (1+git20250505.f4890e9 -> 1+git20250529.307d6ff)
systemd (257.5 -> 257.6)
wpa_supplicant
xfce4-genmon-plugin (4.2.1 -> 4.3.0)
yast2-trans (84.87.20250525.2f65251268 -> 84.87.20250601.6e39b4d951)
=== Details ===
==== AppStream ====
Subpackages: AppStream-lang libAppStreamQt3 libappstream5
- Make qt6 the default qt flavor and qt5 the flavor built
separately and disable the qt5 flavor in SLE16 where we don't
want to have Qt5 libraries.
==== MozillaFirefox ====
Subpackages: MozillaFirefox-branding-upstream MozillaFirefox-translations-common
- Fix %{progdir}/crashhelper packaging
==== bolt ====
Version update (0.9.8 -> 0.9.9)
- update to 0.9.9:
* Several CI improvements and fixes
* Fixed memory leak in boltctl
* The unused codes were removed from daemon
* Fixed a NULL syspath variable causes SIGSEGV
==== clamav ====
Subpackages: libclamav12 libclammspack0 libfreshclam3
- bsc#1243565: Add clamav-freshclam_test.patch to fix a race
condition between the mockup servers started by different test
cases in freshclam_test.py.
==== container-selinux ====
Version update (2.237.0 -> 2.238.0)
- Update to version 2.238.0:
* label /run/sysctl.d correctly on creation
==== gnome-desktop ====
Version update (44.1 -> 44.3)
Subpackages: gnome-desktop-lang libgnome-desktop-3-20 libgnome-desktop-3_0-common libgnome-desktop-4-2 typelib-1_0-GnomeBG-4_0 typelib-1_0-GnomeDesktop-4_0
- Update to version 44.3:
+ Stop using ratio character for time in the wall-clock.
+ Fix variable initialization.
+ Only parse XML files as slideshows.
+ Updated translations.
==== gnome-software ====
Version update (48.1 -> 48.2)
Subpackages: gnome-software-lang gnome-software-plugin-packagekit
- Update to version 48.2:
+ Improve memory fragmentation after checking for updates.
+ Updated translations.
==== gpg2 ====
Version update (2.5.6 -> 2.5.7)
Subpackages: dirmngr gpg2-lang
- Update to 2.5.7:
* gpg: Allow updating a SHA-1 key certification w/o using
the --force-sign-key option. [T7663]
* gpg: The group key flag has now been fully implemented.
[rG8833a34bf0]
* gpg: Make combination of show-only-fpr-mbox and show-unusable-uid
work. [rGd5a4a2dc89]
* gpg: Do not allow compressed key packets on import. [T7014]
* gpgsm: Allow an empty subject DN also during import. [T7171]
* agent: Recover the old behavior with max-cache-ttl=0. [T6681]
* agent: Fix ECC key on smartcard for composite KEM with PQC.
[T7648]
* scd: Fix a harmless read buffer over-read in a function used by
PKCS#15 cards. [T7662]
* gpg-mail-tube,wks: Support templates for mail content. [T7381]
* Use the KEM interface of Libgcrypt for encryption/decryption.
[T7649]
- Remove patches:
* gnupg-agent-Recover-the-old-behavior-with-max-cache-ttl-0.patch
* gnupg-dirmngr-Don-t-install-expired-sks-certificate.patch
- Update gpg2.keyring
==== ibus-libpinyin ====
Version update (1.16.1 -> 1.16.3)
- Update to version 1.16.3:
* fix cloud input
==== iproute2 ====
Version update (6.14 -> 6.15)
Subpackages: iproute2-bash-completion
- Update to release 6.15
* tc_util: Add support for 64-bit hardware packets counter
* iprule: Allow specifying ports in hexadecimal notation
* iprule: Add port mask support
* iprule: Add DSCP mask support
==== iputils ====
Version update (20240905 -> 20250602)
- Update to version 20250602
Security release, fixes CVE-2025-47268 and CVE-2025-48964.
https://github.com/iputils/iputils/releases/tag/20250602
- Remove html man page (required to avoid a build failure)
- Remove patches from this release (iputils-CVE-2025-47268.patch,
0001-Fix-ping-man-page-syntax-error.patch)
- Fix bsc#1243284 - ping on s390x prints invalid ttl
* Add iputils-invalid-ttl-s390x.patch
* Fix ipv4 ttl value when using SOCK_DGRAM on big endian systems
==== less ====
- Extend detection and preview for "Java archive data" (eg. .jar),
"Android package" (eg. .apk) and "ASCII cpio archive"
(eg. .obscpio) in lessopen.sh
- Fix rpm preprocessing: Remove escaped quotes from $TMPF_pre in
lessopen.sh
==== libp11 ====
Version update (0.4.13 -> 0.4.14)
- Update to 0.4.14:
* Added the "pkcs11prov" provider for OpenSSL 3.x (Małgorzata Olszówka)
* Added generic keypair generation interface and engine ctrl command (Rafael Junio da Cruz)
* Added static engine support (Lucas Mülling)
* Added PKCS11_FORCE_CLEANUP env variable to force cleanup on exit and stop memory leaks with certain PKCS#11 modules (Małgorzata Olszówka)
* Fixed a number of resource leaks (Małgorzata Olszówka, Hazem Zaghloul, Michał Trojnara)
* Fixed C_OpenSession error handling (Rafael Junio da Cruz)
* Fixed handling of uninitialized tokens (Michał Trojnara)
* Removed support for OpenSSL older than 1.0.2 (Michał Trojnara)
- Create new subpackage openssl-provider-libp11
- Removed patch fix-wrong-non-static-lib.patch
==== libpinyin ====
Version update (2.10.1 -> 2.10.2)
Subpackages: libpinyin-data libpinyin15 libzhuyin15
- Update to version 2.10.2:
* fix memory leaks
==== libssh ====
Subpackages: libssh-config libssh4
- Fix hang in torture_session test (bsc#1243799)
* Add patch libssh-tests-Fix-an-issue-where-torture_session-request-a-SIGTERM-too-early.patch
==== libstorage-ng ====
Version update (4.5.257 -> 4.5.258)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- Translated using Weblate (Kabyle) (bsc#1149754)
- 4.5.258
==== libunwind ====
- 0001-Fix-unw_is_signal_frame-for-RISC-V.patch: Fix unw_is_signal_frame
for RISC-V
==== libupnp ====
Version update (1.14.20 -> 1.14.22)
Subpackages: libixml11 libupnp17
- Update to release 1.4.22
* Resolve FTBFS on musl
- Update to release 1.4.21
* IXML fuzzer fixes
* Bind SSDP UDP response to port 1900
==== libzmf ====
- Removed patch:
* 0001-automake-Conditional-installation-of-PNG-and-JS-file.patch
+ Replaced by better solution
- Added patch:
* 0001-Install-all-files-generated-by-doxygen.patch
+ Install all doxygen-generated files regardless of their file
type. This makes the doxygen installation more robust and less
dependent on doxygen internals.
- Modified patch:
* 0001-automake-Conditional-installation-of-PNG-and-JS-file.patch
+ test -f cannot be used with wildcards, since they are expanded
- Call autoreconf because configure script uses hardcoded
automake-1.15
- for compilation with Doxygen 1.14 add patch
0001-automake-Conditional-installation-of-PNG-and-JS-file.patch
==== libzypp ====
Version update (17.37.2 -> 17.37.3)
- Do not warn about no mirrors if mirrorlist was switched on
automatically. (bsc#1243901)
- Relax permission of cached packages to 0644 & ~umask
(bsc#1243887)
- version 17.37.3 (35)
==== ncurses ====
Version update (6.5.20250524 -> 6.5.20250531)
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen
- Add ncurses patch 20250531
+ improve logic in misc/run_tic.in for constructing symbolic link
when $DESTDIR is set.
==== ntfs-3g_ntfsprogs ====
Subpackages: libntfs-3g89 ntfs-3g ntfsprogs
- Migrate away from update-alternatives (bsc#1240095).
- Upon installation of the newer packages, the old alternatives
are purged from the system.
==== openSUSE-build-key ====
- added gpg-pubkey-287a0027-682477e3.asc: New RSA 4k Backports
for SLE 16.x series.
==== openSUSE-release ====
Version update (20250602 -> 20250604)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== openblas_openmp ====
- For SLES16 target POWER9 instead of POWER8 which fixes the
issue with the reported sgemm testsuite fails. [bsc#1239545]
==== openblas_pthreads ====
- For SLES16 target POWER9 instead of POWER8 which fixes the
issue with the reported sgemm testsuite fails. [bsc#1239545]
==== perl-Crypt-OpenSSL-RSA ====
Version update (0.33 -> 0.350.0)
- updated to 0.350.0 (0.35)
see /usr/share/doc/packages/perl-Crypt-OpenSSL-RSA/Changes
0.35 May 7 2025
- Disable PKCS#1 v1.5 padding. It's not practical to mitigate marvin attacks so we will instead disable this and require alternatives to address the issue.
- Resolves #42 - CVE-2024-2467.
0.34 May 5 2025
- Production release.
0.34_03 May 4 2025
- Fix bug in rsa_crypt. Need to pass NULL
0.34_02 May 4 2025
- t/rsa.t needs to tolerate sha1 being disabled on rhel.
0.34_01 May 3 2025
- docs - plaintext = decrypt(cyphertext)
- #44 - Fix issue when libz is not linked on AIX
- #50 - Correct openssl version may not be found
- #52 - Out of memory on openssl 1.1.1w hpux
- #47 - Update FSF address and LGPL name in LICENSE
- #55 - stop using AutoLoader
- #48 - Whirlpool is missing the header
- Move github repo to cpan-authors
- Fully support openSSL 3.x API
==== perl-IO-HTML ====
Version update (1.004 -> 1.4.0)
- Normalize CPAN version
See https://github.com/openSUSE/cpanspec/issues/47 for details
==== perl-IO-Socket-SSL ====
Version update (2.89.0 -> 2.90.0)
- updated to 2.90.0 (2.090)
see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes
2.090 2025/06/03
- fix OCSP live test after Let's Encrypt has disabled OCSP support #169
- public_suffix now preserves trailing dot #167
==== perl-Net-Patricia ====
Version update (1.22 -> 1.230.0)
- Remove no-libnsl.diff, fixed upstream
https://rt.cpan.org/Ticket/Display.html?id=124088
Add cpanspec.yml used by cpanspec to autogenerate the spec
- updated to 1.230.0 (1.23)
see /usr/share/doc/packages/perl-Net-Patricia/Changes
==== polkit-default-privs ====
Version update (1550+20250514.1208790 -> 1550+20250603.5d84a17)
- Update to version 1550+20250603.5d84a17:
* profiles: add ModemManager CellBroadcast action (bsc#1243684)
==== postfix ====
- Fix place of pam file
- [Build 20250527] postfix mail delivery fails (bsc#1243886)
- move /var/spool/mail/ to separate package (bsc#1179574)
Revert last bad change
- Adapt rpmlint
==== protobuf-c ====
Version update (1.5.1 -> 1.5.2)
- Update to release 1.5.2
* Chase compatibility issues with Google protobuf 30.0-rc1
* protoc-gen-c: Explicitly construct strings where needed for
protobuf 30.x
==== salt ====
Subpackages: python311-salt salt-master salt-minion
- Fix Ubuntu 24.04 edge-case test failures
- Added:
* fix-ubuntu-24.04-specific-failures-716.patch
==== sdbootutil ====
Version update (1+git20250505.f4890e9 -> 1+git20250529.307d6ff)
Subpackages: sdbootutil-dracut-measure-pcr sdbootutil-snapper
- Update to version 1+git20250529.307d6ff:
* Remove noarch for main package
* Copy measure-pcr-prediction if missing in ESP
* Compile and install uhmac
* Use uhmac instead of openssl for HMAC
* uhmac: add Rust tool for HMAC
* Re-enable riscv64 arch
* Support non-secure boot installations
* Rework removable media detection
* jeos-firstboot-enroll: fix typo in msgbox
* Measure GPT of the disk with ESP, not the disk with root
* jeos-firstboot-enroll: show final error message
==== systemd ====
Version update (257.5 -> 257.6)
Subpackages: libsystemd0 libsystemd0-32bit libudev1 systemd-32bit systemd-boot systemd-container systemd-experimental systemd-lang udev
- Import commit c929295b4c1fb3cd6b9963bc7588fbc3e597ab86 (merge of v257.6)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/8e9840a2897e36ae3f926f8d10a2b0d7e4102c67...c929295b4c1fb3cd6b9963bc7588fbc3e597ab86
==== wpa_supplicant ====
- Update build config:
* Disable support for Wired equivalent privacy (WEP)
* Enable 802.11r-2008 (Fast BSS Transition)
* Enable 802.11ax support
- Build wpa_gui with qt6 instead of qt5
- Add patch from hostap upstream to port wpa_gui to use qt6:
* 0001-wpa_gui-Port-to-Qt6.patch
==== xfce4-genmon-plugin ====
Version update (4.2.1 -> 4.3.0)
Subpackages: xfce4-genmon-plugin-lang
==== yast2-trans ====
Version update (84.87.20250525.2f65251268 -> 84.87.20250601.6e39b4d951)
Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu
- Update to version 84.87.20250601.6e39b4d951:
* Translated using Weblate (Russian)
* Translated using Weblate (Russian)
* Translated using Weblate (Russian)
* Translated using Weblate (Russian)
* Translated using Weblate (Russian)
* Translated using Weblate (Russian)
* Translated using Weblate (Russian)
* Translated using Weblate (Russian)
* Translated using Weblate (Kabyle)
* Added translation using Weblate (Kabyle)
* Translated using Weblate (Ukrainian)
* Translated using Weblate (Russian)
* Translated using Weblate (Kabyle)
* Translated using Weblate (Kabyle)
* Added translation using Weblate (Kabyle)
* Translated using Weblate (Kabyle)
* Added translation using Weblate (Kabyle)
* Translated using Weblate (Kabyle)
* Added translation using Weblate (Kabyle)
* Translated using Weblate (Kabyle)
* Added translation using Weblate (Kabyle)
* Translated using Weblate (Ukrainian)
* Translated using Weblate (Slovak)
* Translated using Weblate (Russian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Ukrainian)
* Translated using Weblate (Ukrainian)
* Translated using Weblate (Catalan)
* Translated using Weblate (Kabyle)
* Translated using Weblate (Spanish)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Slovenian)
* Translated using Weblate (Ukrainian)
* Translated using Weblate (Ukrainian)
* Translated using Weblate (Ukrainian)