Packages changed:
bind (9.20.2 -> 9.20.3)
brltty (6.6 -> 6.7)
dav1d (1.4.3 -> 1.5.0)
dtc (1.7.0 -> 1.7.1)
evolution (3.54.0 -> 3.54.1)
evolution-data-server (3.54.0 -> 3.54.1)
evolution-ews (3.54.0 -> 3.54.1)
freerdp (3.8.0 -> 3.9.0)
gcc13
ghostscript (10.03.1 -> 10.04.0)
gimp
gjs (1.82.0 -> 1.82.1)
gnome-control-center (47.0.1+8 -> 47.1.1)
gnome-online-accounts (3.52.0 -> 3.52.1)
gnome-remote-desktop (46.5 -> 47.1)
gnome-shell (47.0 -> 47.1)
gnome-shell-extensions (47.0 -> 47.1)
gnome-sudoku (47.0 -> 47.1.1)
gnome-terminal (3.54.0 -> 3.54.1)
gnome-text-editor (47.0 -> 47.1)
grub2
gtk2
gtk3
gvfs (1.56.0 -> 1.56.1)
hwinfo (23.2 -> 23.3)
kernel-firmware (20241001 -> 20241018)
libheif
libjcat (0.2.1 -> 0.2.2)
libnbd (1.20.2 -> 1.20.3)
libpipeline (1.5.7 -> 1.5.8)
libspelling (0.4.3 -> 0.4.4)
libunistring (1.2 -> 1.3)
libvirt
man (2.12.1 -> 2.13.0)
meson (1.5.2 -> 1.6.0)
mutter (47.0+19 -> 47.1)
nautilus (47.0+8 -> 47.0+14)
nbdkit (1.40.3 -> 1.40.4)
ncurses (6.5.20240928 -> 6.5.20241019)
nvidia-open-driver-G06-signed-cuda (555.42.06_k6.11.3_1 -> 555.42.06_k6.11.3_2)
open-vm-tools (12.4.5 -> 12.5.0)
openSUSE-release (20241018 -> 20241023)
openssl-3
ovmf (202405 -> 202408)
patterns-base
perl-XML-Parser
pipewire
postgresql17
python-anyio (4.6.0 -> 4.6.2.post1)
python-certifi (2024.7.4 -> 2024.8.30)
python-charset-normalizer (3.3.2 -> 3.4.0)
python-cryptography (43.0.1 -> 43.0.3)
python-numpy (2.1.1 -> 2.1.2)
qt6-base
rng-tools
samba (4.21.0+git.363.84c94ca948f -> 4.21.1+git.367.e1da597d86e)
selinux-policy (20240930 -> 20241021)
subversion (1.14.3 -> 1.14.4)
supermin
texlive
tigervnc
totem (43.0 -> 43.1)
tree-sitter (0.24.2 -> 0.24.3)
u-boot-rpiarm64
unar
unbound (1.21.1 -> 1.22.0)
virtiofsd (1.11.1 -> 1.12.0)
vte (0.78.0 -> 0.78.1)
webkit2gtk3 (2.46.1 -> 2.46.2)
wireplumber
xf86-input-evdev (2.10.6 -> 2.11.0)
xf86-input-libinput (1.4.0 -> 1.5.0)
xfsprogs (6.10.1 -> 6.11.0)
xz (5.6.2 -> 5.6.3)
yast2-auth-client (5.0.0 -> 5.0.1)
yast2-installation (5.0.14 -> 5.0.15)
zlib-ng-compat (2.2.1 -> 2.2.2)
=== Details ===
==== bind ====
Version update (9.20.2 -> 9.20.3)
Subpackages: bind-doc bind-utils
- Update to release 9.20.3
New Features:
* Log query response status to the query log.
* Log a query response summary using the new responses category.
Logging can be controlled via the responselog option and via
rndc responselog.
* Added WALLET type.
* Add the new record type WALLET (262). This provides a mapping
from a domain name to a cryptographic currency wallet. Multiple
mappings can exist if multiple records exist.
Feature Changes:
* Set logging category for notify/xfer-in-related messages.
* Some notify and xfer-in-related log messages were logged at the
“general” category level instead of their own category. This
has been fixed.
* Allow IXFR-to-AXFR fallback on DNS_R_TOOMANYRECORDS.
* This change allows fallback from an IXFR failure to AXFR when
the reason is DNS_R_TOOMANYRECORDS.
Bug Fixes:
* Fix a statistics channel counter bug when “forward only” zones
are used.
* When resolving a zone with a “forward only” policy, and finding
out that all the forwarders were marked as “bad”, the
“ServerQuota” counter of the statistics channel was incorrectly
increased. This has been fixed.
* Fix a bug in the static-stub implementation.
* Static-stub addresses and addresses from other sources were
being mixed together, resulting in static-stub queries going to
addresses not specified in the configuration, or alternatively,
static-stub addresses being used instead of the correct server
addresses.
* Don’t allow statistics-channels if libxml2 and libjson-c are
not configured.
* When BIND 9 is not configured with the libxml2 and libjson-c
libraries, the use of the statistics-channels option is a fatal
error.
* Separate DNSSEC validation from long-running tasks.
* Split CPU-intensive and long-running tasks into separate
threadpools in a way that the long-running tasks - like RPZ,
catalog zone processing, or zone file operations - don’t block
CPU-intensive operations like DNSSEC validations.
* Fix an assertion failure when processing access control lists.
* The named process could terminate unexpectedly when processing
ACLs. This has been fixed.
* Fix a bug in Offline KSK using a ZSK with an unlimited
lifetime.
* If the ZSK had an unlimited lifetime, the timing metadata
Inactive and Delete could not be found and were treated as an
error, preventing the zone from being signed. This has been
fixed.
* Limit the outgoing UDP send queue size.
* If the operating system UDP queue got full and the outgoing UDP
sending started to be delayed, BIND 9 could exhibit memory
spikes as it tried to enqueue all the outgoing UDP messages. It
now tries to deliver the outgoing UDP messages synchronously;
if that fails, it drops the outgoing DNS message that would get
queued up and then timeout on the client side.
* Do not set SO_INCOMING_CPU.
* Remove the SO_INCOMING_CPU setting as kernel scheduling
performs better without constraints.
* Fix the rndc dumpdb command’s error reporting.
* The rndc dumpdb command was not reporting errors that occurred
when named started up the database dump process. This has been
fixed.
* Fix long-running incoming transfers.
* Incoming transfers that took longer than 30 seconds would stop
reading from the TCP stream and the incoming transfer would be
indefinitely stuck, causing BIND 9 to hang during shutdown.
* This has been fixed, and the max-transfer-time-in and
max-transfer-idle-in timeouts are now honored.
* Fix an assertion failure when receiving DNS responses over TCP.
* When matching the received Query ID in the TCP connection, an
invalid Query ID could cause an assertion failure. This has
been fixed.
==== brltty ====
Version update (6.6 -> 6.7)
Subpackages: brltty-driver-at-spi2 brltty-driver-brlapi brltty-driver-speech-dispatcher brltty-driver-xwindow libbrlapi0_8 python3-brlapi system-user-brltty xbrlapi
- Update to version 6.7:
+ Too many changes; please read ChangeLog
- Drop e6707d5e.patch: fixed upstream.
- API version is now 0.8.6.
- Added patch:
* brltty-reproducible-jar-mtime.patch
+ Use SOURCE_DATE_EPOCH for reproducible jar mtime
+ Applied if building with Java >= 17
==== dav1d ====
Version update (1.4.3 -> 1.5.0)
- Update to version 1.5.0
* WARNING: we removed some of the SSE2 optimizations, so if
you care about systems without SSSE3, you should be careful
when updating!
* Optimize index offset calculations for decode_coefs
* picture: copy HDR10+ and T35 metadata only to visible frames
* SSSE3 new optimizations for 6-tap (8bit and hbd)
* AArch64/SVE: Add HBD subpel filters using 128-bit SVE2
* AArch64: Add USMMLA implempentation for 6-tap H/HV
* AArch64: Optimize Armv8.0 NEON for HBD horizontal filters
and 6-tap filters
* Power9: Optimized ITX till 16x4.
* Loongarch: numerous optimizations
* RISC-V optimizations for pal, cdef_filter, ipred, mc_blend,
mc_bdir, itx
* Allow playing videos in full-screen mode in dav1dplay
==== dtc ====
Version update (1.7.0 -> 1.7.1)
- Update to 1.7.1:
* dtc
* Fix check for 10-bit I2C addresses
* Improve documentation of -@ option
* Update to libyaml >= 0.2.3
* Improvements & fixes for device graph checks
* Add -L / --local-fixups option
* Add check for length of interrupt-map properties
* libfdt
* Add fdt_path_getprop_namelen()
* Add fdt_get_symbol() and fdt_get_symbol_namelen()
* Correct documentation of fdt_path_offset()
* Correct documentation of fdt_appendprop_addrrange()
* Validate aliases is fdt_get_alias_namelen()
* Don't overwrite phandles when applying overlays
* Require Python 3
* pylibfdt
* Support boolean properties
* Fixes for current Python versions
* General
* Assorted bugfixes
* Assorted build improvements
* Assorted typo fixes in docs
* Some additional testcases
* Move to GitHub Actions based CI
==== evolution ====
Version update (3.54.0 -> 3.54.1)
Subpackages: evolution-plugin-spamassassin
- Update to version 3.54.1:
+ Bug Fixes: Missing sender's S/MIME certificate import button
+ Miscellaneous:
- libgnomecanvas: Add few checks for argument validity
- WebKitGTK 2.46.1: Middle mouse button inserts primary
clipboard twice
+ Updated translations.
==== evolution-data-server ====
Version update (3.54.0 -> 3.54.1)
Subpackages: libcamel-1_2-64 libebackend-1_2-11 libebook-1_2-21 libebook-contacts-1_2-4 libecal-2_0-3 libedata-book-1_2-27 libedata-cal-2_0-2 libedataserver-1_2-27 libedataserverui-1_2-4
- Update to version 3.54.1:
+ Bug Fixes:
- Pass GError instead of CamelException to
camel_movemail_solaris
- Fix argument types in ENABLE_BROKEN_SPOOL code
- Use GIConv instead of iconv_t with iconv wrappers
- ESoupSession: Sometimes accesses server without OAuth2 token
+ Updated translations.
==== evolution-ews ====
Version update (3.54.0 -> 3.54.1)
- Update to version 3.54.1:
+ Bug Fixes:
- m365: Mails do not have set size in summary
- m365: Fails to save a message in the Drafts folder
- m365: Cannot delete instance of a recurring event
+ Miscellaneous:
- m365: Camel: Correct message ID calculation for folder
summary
- m365: Read 'bodyPreview' for mail messages
- m365: Handle SyncStateNotFound error
+ Updated translations.
==== freerdp ====
Version update (3.8.0 -> 3.9.0)
Subpackages: libfreerdp3-3 librdtk0-0 libwinpr3-3
- Update to 3.9.0
So, what is new:
* Support for RDPEAR (remote credential guard) /remoteGuard option for non windows clients
* Global configuration file support, allowing to configure certificate
accept/ignore/... default settings for all users
* Simplified manpage generation, eliminates docbook and xmlto dependencies
speeding up builds
* New API for client channels to run tasks on RDP thread
* New extended transport layer API
* RDPECAM MJPEG support
* the first updates of timezone definitions from our automated ci
Noteworthy changes:
* Fix bugs in SSE4.1/AVX2 image copy (#10720)
* Add warnings for invalid monitor settings during connect (#10672)
* Fix ALSA microphone support (#10664)
* Fix modal windows in RAILS mode (#10629)
* Update experimental SDL3 client (SDL3 API should now have been stabilized,
various pull requests)
* Fix keyboard layouts, the external JSON did miss a few (#10639)
==== gcc13 ====
Subpackages: cpp13 libgccjit0-gcc13
- Remove epiphany build, newlib no longer builds for it.
- Add gcc13-pr116657.patch to fix for parsing tzdata 2024b [gcc#116657]
==== ghostscript ====
Version update (10.03.1 -> 10.04.0)
Subpackages: ghostscript-x11
- update to 10.04.0 (bsc#1232173):
* Amongst other general bugs fixes, this release addresses:
+ CVE-2024-46951
+ CVE-2024-46952
+ CVE-2024-46953
+ CVE-2024-46954
+ CVE-2024-46955
+ CVE-2024-46956
==== gimp ====
Subpackages: gimp-plugin-aa libgimp-2_0-0 libgimpui-2_0-0
- Add gtk-update-icon-cache BuildRequires: Ensure
/usr/bin/gtk-update-icon-cache is present during build, as
configure checks for it.
==== gjs ====
Version update (1.82.0 -> 1.82.1)
Subpackages: libgjs0 typelib-1_0-GjsPrivate-1_0
- Update to version 1.82.1:
+ Fixed gnome-shell crash when switching user after upgrade from
Fedora 40 to Fedora 41
==== gnome-control-center ====
Version update (47.0.1+8 -> 47.1.1)
Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-user-faces gnome-control-center-users
- Update to version 47.1.1:
+ Fix crash on display scales > 1 due to conflicting type
registration.
- Update to version 47.1:
+ About: Allow FQDN hostnames
+ Appearance: Fix thumbnailing of backgrounds causing OOM kills
+ Date and Time: Fix resize issue in the time format row when
shown in small window sizes
+ Online Accounts: Fix untranslated account provider info string
+ Region and Language: Update language row after closing language
selector
+ Remote Desktop: Hide "Remote Desktop" row when
gnome-remote-desktop is not available
+ Wacom:
- Don't crash when handling an unknown stylus ID
- Don't show Map Buttons for fallback devices
- Handle all external remotes like an external TV remote-like
device
- Make assets recolaborable, supporting dark-style,
high-contrast, and accent colors
- Support HDPI for tablet/stylus illustration images
+ Updated translations.
==== gnome-online-accounts ====
Version update (3.52.0 -> 3.52.1)
Subpackages: libgoa-1_0-0 libgoa-backend-1_0-2
- Update to version 3.52.1:
+ Bugs fixed:
- goakerberosprovider: don't assume all errors are auth errors
- goaoauthprovider: fix expected NULL GError
+ Updated translations.
==== gnome-remote-desktop ====
Version update (46.5 -> 47.1)
- Update to version 47.1:
+ General code improvements
+ Updated translations.
- Update to version 47.0:
+ Updated translations.
- Update to version 47.rc:
+ Reduce resource usage of unauthenticated sessions
+ Updated translations.
- Changes from version 47.beta:
+ Gracefully handle file descriptor limits
+ Introduce standalone configuration D-Bus service
+ Improve grdctl status reporting
+ Gracefully handle invalid x224Crq data
+ Fix file descriptor leak
+ Updated translations.
- Changes from version 47.alpha:
+ Support persistent remote login sessions
+ Support entering new credentials via standard input when using
grdctl
+ Use access portal dialogs for warning about connection
insecurity
+ Avoid crash when getting invalid PipeWire buffers
+ Updated translations.
==== gnome-shell ====
Version update (47.0 -> 47.1)
Subpackages: gnome-extensions gnome-shell-calendar
- Update to version 47.1:
+ Improve quick settings accessibility
+ Use accent color in tablet configuration UI
+ Improve accuracy of inset box shadows
+ Fix `PopupSwitchMenuItem::toggled` passing wrong state
+ Consider text direction when handling arrow keys in sliders
+ Fix layout issues with new dialog style
+ Fix uneven padding in notification headers
+ Fixed crash
+ Misc. cleanups and bug
+ Updated translations.
==== gnome-shell-extensions ====
Version update (47.0 -> 47.1)
Subpackages: gnome-shell-classic gnome-shell-extensions-common
- Update to version 47.1:
+ classic: Add missing top-bar indicators
+ window-list:
- Fix window state styling
- Fix "ignore-workspace" setting getting reset
+ Misc. bug fixes and cleanups
==== gnome-sudoku ====
Version update (47.0 -> 47.1.1)
- Update to version 47.1.1:
+ Fix metainfo screenshots
- Update to version 47.1:
+ Fix tooltip font color in light mode
+ Fix a case when the highlighter doesn't get cleared with undo
+ Fix view not grabbing the focus on start blocking keyboard
shortcuts
+ Fix reset zoom shortcut not working
+ Fix pause button having no tooltip
+ Fix meson build requirements
+ Updated translations.
==== gnome-terminal ====
Version update (3.54.0 -> 3.54.1)
Subpackages: gnome-shell-search-provider-gnome-terminal nautilus-extension-terminal
- Update to version 3.54.1:
+ prefs: Follow the theme variant setting
+ Updated translations.
==== gnome-text-editor ====
Version update (47.0 -> 47.1)
- Update to version 47.1:
+ Fix document to default to implicit trailing newlines
+ Improve text wrapping for banners on small form factors
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-common grub2-snapper-plugin grub2-systemd-sleep-plugin
- Fix error: /boot/grub2/x86_64-efi/bli.mod not found (bsc#1231591)
- Keep grub packaging and dependencies in the SLE-12 and SLE-15 builds
- Power guest secure boot with key management (jsc#PED-3520) (jsc#PED-9892)
* 0001-ieee1275-Platform-Keystore-PKS-Support.patch
* 0002-ieee1275-Read-the-DB-and-DBX-secure-boot-variables.patch
* 0003-appendedsig-The-creation-of-trusted-and-distrusted-l.patch
* 0004-appendedsig-While-verifying-the-kernel-use-trusted-a.patch
* 0005-appendedsig-The-grub-command-s-trusted-and-distruste.patch
* 0006-appendedsig-documentation.patch
* 0007-mkimage-create-new-ELF-Note-for-SBAT.patch
* 0008-mkimage-adding-sbat-data-into-sbat-ELF-Note-on-power.patch
* grub2.spec : Building signed grub.elf with SBAT metadata
- Support for NVMe multipath splitter (jsc#PED-10538)
* 0001-ieee1275-support-added-for-multiple-nvme-bootpaths.patch
- Deleted path (jsc#PED-10538)
* 0001-grub2-Can-t-setup-a-default-boot-device-correctly-on.patch
* 0001-grub2-Set-multiple-device-path-for-a-nvmf-boot-devic.patch
- Fix not a directory error from the minix filesystem, as leftover data on disk
may contain its magic header so it gets misdetected (bsc#1231604)
* grub2-install-fix-not-a-directory-error.patch
==== gtk2 ====
Subpackages: gtk2-data gtk2-tools libgtk-2_0-0
- Eliminate usage of update-alternatives:
+ Drop gtk-update-icon-cache and relevant man page. We rely
solely on GTK3 to perform this caching task.
==== gtk3 ====
Subpackages: gtk3-data gtk3-immodule-amharic gtk3-immodule-inuktitut gtk3-immodule-thai gtk3-immodule-tigrigna gtk3-immodule-vietnamese gtk3-schema gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0
- Eliminate usage of update-alternatives: GTK2 no longer provides
gtk-update-icon-cache, thus eliminating the need for this extra
complexity.
==== gvfs ====
Version update (1.56.0 -> 1.56.1)
Subpackages: gvfs-backend-afc gvfs-backend-goa gvfs-backend-samba gvfs-backends gvfs-fuse
- Update to version 1.56.1:
+ udisks2: Increasing reference count when updating volume to fix
crashes
+ onedrive:
- Use names instead of id for events to fix monitoring
- Add missing replace stream to fix crashes
- onedrive: Fix double free during cache rebuild to fix crashes
+ dav: Recognize the 409 status to fix creation of parent
directories
+ Updated translations.
==== hwinfo ====
Version update (23.2 -> 23.3)
Subpackages: libhd23
- merge gh#openSUSE/hwinfo#148
- avoid reporting of spurious usb storage devices (bsc#1223330)
- 23.3
==== kernel-firmware ====
Version update (20241001 -> 20241018)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Update to version 20241018 (git commit 2f0464118f40):
* check_whence.py: skip some validation if git ls-files fails
* qcom: Add Audio firmware for X1E80100 CRD/QCPs
* amdgpu: DMCUB updates forvarious AMDGPU ASICs
* brcm: replace NVRAM for Jetson TX1
* rtlwifi: Update firmware for RTL8192FU to v7.3
* make: separate installation and de-duplication targets
* check_whence.py: check the permissions
* Remove execute bit from firmware files
* configure: remove unused file
* rtl_nic: add firmware rtl8125d-1
- Update to version 20241014 (git commit 99f9c7ed1f4a):
* iwlwifi: add gl/Bz FW for core91-69 release
* iwlwifi: update ty/So/Ma firmwares for core91-69 release
* iwlwifi: update cc/Qu/QuZ firmwares for core91-69 release
* cirrus: cs35l56: Add firmware for Cirrus CS35L56 for a Lenovo Laptop
* cirrus: cs35l56: Add firmware for Cirrus CS35L56 for some ASUS laptops
* cirrus: cs35l56: Add firmware for Cirrus Amps for some HP laptops
* linux-firmware: update firmware for en8811h 2.5G ethernet phy
* QCA: Add Bluetooth firmwares for WCN785x with UART transport
- Update to version 20241011 (git commit 808cba847c70):
* mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher
* ath12k: WCN7850 hw2.0: update board-2.bin (bsc#1230596)
* ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1
* ath12k: QCN9274 hw2.0: add board-2.bin
* copy-firmware.sh: rename variables in symlink hanlding
* copy-firmware.sh: remove no longer reachable test -L
* copy-firmware.sh: remove no longer reachable test -f
* copy-firmware.sh: call ./check_whence.py before parsing the file
* copy-firmware.sh: warn if the destination folder is not empty
* copy-firmware.sh: add err() helper
* copy-firmware.sh: fix indentation
* copy-firmware.sh: reset and consistently handle destdir
* Revert "copy-firmware: Support additional compressor options"
* copy-firmware.sh: flesh out and fix dedup-firmware.sh
* Style update yaml files
* editorconfig: add initial config file
* check_whence.py: annotate replacement strings as raw
* check_whence.py: LC_ALL=C sort -u the filelist
* check_whence.py: ban link-to-a-link
* check_whence.py: use consistent naming
* Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin
* tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31
- Skip invocation of check_whence.py at copying:
copy-file-skip-check.patch
- Refresh copy-file-ignore-README.patch
- Drop obsoleted --ignore-duplicates option to copy-firmware.sh
- Drop the ath12k workaround again
- Update to version 20241010 (git commit d4e688aa74a0):
* rtlwifi: Add firmware v39.0 for RTL8192DU
* Revert "ath12k: WCN7850 hw2.0: update board-2.bin"
(replaced with a newer firmware in this package instead)
- update aliases
- Update to version 20241004 (git commit bbb77872a8a7):
* amdgpu: DMCUB DCN35 update
* brcm: Add BCM4354 NVRAM for Jetson TX1
* brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram
==== libheif ====
Subpackages: gdk-pixbuf-loader-libheif libheif-aom libheif-dav1d libheif-ffmpeg libheif-jpeg libheif-openjpeg libheif-rav1e libheif-svtenc libheif1
- build *-test subpackage with multibuild for running the test suite
- added sources
+ _multibuild
==== libjcat ====
Version update (0.2.1 -> 0.2.2)
- Update to version 0.2.2:
+ New Features:
- Add bt-logindex blob kind.
+ Bugfixes:
- Increase test coverage for ED25519 support.
- Save the auto-generated private key with 0600 file
permissions.
- Switch ED25519 support to not directly using Nettle.
==== libnbd ====
Version update (1.20.2 -> 1.20.3)
Subpackages: libnbd0
- Update to version 1.20.3:
* Version 1.20.3.
* interop: Skip nbd-server test on Alpine
* ci: Update CI files
* rust: Parse perlpod L<https://...> (external links) to rust markup
* podwrapper: Add some simple checks for cross-references within manual pages.
* docs/libnbd-release-notes-1.10.pod: Remove broken link to "nbd_connect(3)"
* docs/nbd_create.pod: Cross-reference nbd_shutdown(3)
* docs: Use "oldstyle servers" in preference to "older servers"
* docs: Mention newstyle and oldstyle servers in main docs
* README: Fix bold markdown
* README: Mention 'make install DESTDIR=...'
* README: Mention the ./run script
* build: Prefer "for developers" in ./configure --help output
* build: Fix ./configure --help output for --enable-python-code-style
* .gitignore: Remove unused line
* ci: Drop Alma Linux 8
* lib/crypto.c: Check <gnutls/socket.h> works before including it
* docs/libnbd-security.pod: Assign CVE-2024-7383
* jsc#PED-8910
==== libpipeline ====
Version update (1.5.7 -> 1.5.8)
- Update to 1.5.8 (27 August 2024):
* Upgrade to Gnulib `stable-202407`. Building libpipeline now requires
Automake >= 1.14.
* Use C23-style `nullptr`.
==== libspelling ====
Version update (0.4.3 -> 0.4.4)
- Update to version 0.4.4:
+ Adds a few dozen translations for menu items.
- Add lang subpackage and macros. Also provide libspelling from the
shared lib, allow install of lang subpackage.
==== libunistring ====
Version update (1.2 -> 1.3)
- update to 1.3:
* Support Unicode version 16.0.0
==== libvirt ====
Subpackages: libvirt-client libvirt-daemon-common libvirt-daemon-config-network libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lock libvirt-daemon-log libvirt-daemon-plugin-lockd libvirt-daemon-qemu libvirt-libs
- spec: Use default_firewall_backend prjconf setting
- spec: Loosen nwfilter dependency
boo#1231798
==== man ====
Version update (2.12.1 -> 2.13.0)
- Update to man-db 2.13.0 (29 August 2024)
* Drop support for versions of groff before 1.21 (released on 2010-12-31).
* Fix `man-suffixed-extension` test failure when not using the GNU
hierarchy organization.
* Fix `-Wmissing-variable-declarations` warnings with GCC 14.
* Fix `-Wflex-array-member-not-at-end` warning with GCC 14.
* Upgrade to Gnulib `stable-202407`.
* Support running the test suite against an installed package; this is
useful for systems such as Debian's autopkgtest framework.
- Remove patch man-db-2.6.3-chinese.dif as not supported anymore
due to newer groff versions
- Port patches
* man-db-2.6.3-listall.dif
* man-db-2.7.1-zio.dif
* man-db-2.9.4.patch
* man-propose-online.patch
==== meson ====
Version update (1.5.2 -> 1.6.0)
Subpackages: meson-vim
- Update ro version 1.6.0:
+ Support for OpenXL compiler in AIX.
+ Default to printing deprecations when no minimum version is
specified.
+ Cargo subprojects is experimental.
+ Dependencies from CMake subprojects now use only PUBLIC link
flags.
+ New built-in option for default both_libraries.
+ New as_static and as_shared methods on internal dependencies.
+ Support for DIA SDK.
+ Support for LLVM-based flang compiler.
+ nvc and nvc++ now support setting std.
+ Tools can be selected when calling has_tools() on the Qt
modules.
+ Simple tool to test build reproducibility.
+ Support for variable in system dependencies.
+ test() and benchmark() functions accept new types.
+ Zig 0.11 can be used as a C/C++ compiler frontend.
==== mutter ====
Version update (47.0+19 -> 47.1)
- Update to version 47.1:
+ gwakeup: Reduce wake-ups to only first item in queue
+ x11: Reduce chances XPending does recvmsg() syscall
+ Fix grabbing tablet devices
+ Fix misplaced windows and random resizes on scaled monitors
+ Fix explicit sync with virtual monitors w/o pipewire streams
+ Improve detecting preferred primary devices
+ Fixed crashes
+ Misc. bug fixes and cleanups
+ Updated translations.
- Update to version 47.0+24:
* stage-impl: Ensure that a sync object is created in headless mode
* backends/x11: Avoid potential crash in pad_switch_mode
* display: Do not crash attempting to display OSD for unknown
Wacom device
* wayland/drm-lease: Do not add connector twice on lease
disappeared
* wayland/drm-lease: Hold device fd when listing leases
==== nautilus ====
Version update (47.0+8 -> 47.0+14)
Subpackages: gnome-shell-search-provider-nautilus libnautilus-extension4
- Update to version 47.0+14:
* nautilus-tag-manager: Drop tinysparql 2to3 migration
* Updated translations.
==== nbdkit ====
Version update (1.40.3 -> 1.40.4)
Subpackages: nbdkit-basic-filters nbdkit-basic-plugins nbdkit-curl-plugin nbdkit-nbd-plugin nbdkit-python-plugin nbdkit-server nbdkit-ssh-plugin
- Exclude tests when building for ix86
- Update to version 1.40.4:
* Version 1.40.4.
* ci: Update CI files
* docs/nbdkit-service.pod: Add KeepAlive and User/Group settings
* tests/test-ondemand.sh: Refine qemu exportname skips
* tests/test-ondemand.sh: Work around bug in qemu 9.1 exportname handling
* ondemand: Serialize the .open method
* ondemand: Delete the disk if creation fails
* ondemand, tmpdisk: Don't allow parameters containing '-'
* ondemand: Be less strict about filenames
* tests: bzip2, curl, ext2, file, gzip, memory, offset, xz: Don't leak 'data' returned by guestfs_cat
* Fix documented default value for xz-max-depth
* bzip2: Fix version where this filter first appeared
* filters/qcow2dec/qcow2dec.c: Fix format specifier in error message
* tests: old-plugins: Fix srcdir != builddir
* tests: Rearrange some filter tests in alphabetical order
* server: Clear conn->magic when freeing a connection
* jsc#PED-8910
==== ncurses ====
Version update (6.5.20240928 -> 6.5.20241019)
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen
- Add ncurses patch 20241019
+ fixes for compiler warnings/cppcheck.
+ build-fixes for DJGPP configuration (patches by Stas Sergeev)
- Add ncurses patch 20241006
+ fixes for compiler warnings/cppcheck.
+ use xterm+alt+title in wezterm -TD
==== nvidia-open-driver-G06-signed-cuda ====
Version update (555.42.06_k6.11.3_1 -> 555.42.06_k6.11.3_2)
- cuda-flavor
* provide nvidia-open-driver-G06-kmp = %version to workaround
broken cuda-drivers
- nv-prefer-signed-open-driver
* added comments for requirements
- latest change hardcoded to 555.42.06; we no longer need this
for 560
- nv-prefer-signed-open-driver:
* added specicic versions of cuda-drivers/cuda-drivers-xxx as
preconditions for requiring specific version of
nvidia-compute-G06
- nv-prefer-signed-open-driver:
* no longer require a specific version of
nvidia-open-driver-G06-signed-cuda-kmp, so it can select the
correct open driver KMP matching the cuda-runtime version
- cuda-flavor:
* added nvidia-compute-G06 = %version to preconditions for
requiring kernel-firmware-nvidia-gspx-G06, since
nvidia-compute-utils-G06 does not have a version-specific
requires on nvidia-compute-G06
- cuda-flavor:
* require kernel-firmware-nvidia-gspx-G06 instead of
kernel-firmware-nvidia-gspx-G06-cuda (which provides also
kernel-firmware-nvidia-gspx-G06)
* trigger removal of driver modules also on
kernel-firmware-nvidia-gspx-G06
- no longer hard-require kernel firmware package, but install it
automatically once nvidia-compute-utils-G06 gets installed
- trigger removal of driver modules with non-existing or wrong
firmware when (new) firmware gets installed
==== open-vm-tools ====
Version update (12.4.5 -> 12.5.0)
Subpackages: libvmtools0 open-vm-tools-desktop
- convert to obs_scm
- update to 12.5.0 (boo#1231826):
There are no new features in the open-vm-tools 12.5.0 release.
This is primarily a maintenance release that addresses a few
critical problems, including:
* A Github pull request has been integrated. Please see the
Resolved Issues section of the Release Notes.
* For a more complete list of issues resolved in this release,
see the Resolved Issues section of the Release Notes.
For complete details, see:
https://github.com/vmware/open-vm-tools/releases/tag/stable-12.5.0
Release Notes are available at:
https://github.com/vmware/open-vm-tools/blob/stable-12.5.0/ReleaseNotes.md
The granular changes that have gone into the 12.5.0 release are
in the ChangeLog at:
https://github.com/vmware/open-vm-tools/blob/stable-12.5.0/open-vm-tools/ChangeLog
==== openSUSE-release ====
Version update (20241018 -> 20241023)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== openssl-3 ====
Subpackages: libopenssl3
- Security fix: [bsc#1231741, CVE-2024-9143]
* Low-level invalid GF(2^m) parameters lead to OOB memory access
* Add openssl-CVE-2024-9143.patch
- Security fix: [bsc#1220262, CVE-2023-50782]
* Implicit rejection in PKCS#1 v1.5
* Add openssl-CVE-2023-50782.patch
==== ovmf ====
Version update (202405 -> 202408)
Subpackages: qemu-uefi-aarch64
- Removed the following patch files because they are merged to
edk2-stable202408:
- ovmf-EmbeddedPkg-Library-Support-SOURCE_DATE_EPOCH-in-Vir.patch
- ovmf-NetworkPkg-TcpDxe-Fixed-system-stuck-on-PXE-boot-flo.patch
- Update to edk2-stable202408
- Features (https://github.com/tianocore/edk2/releases):
CryptoPkg:Add more crypto APIs (AESGCM/PEM/X509/RSA/PKCS5/PKCS7/Authenticode) based on Mbedtls
CryptoPkg: Enable Openssl native instruction support for AARCH64
CryptoPkg: Add support for aes128-sha256 and aes256-sha256 cipher
UefiCpuPkg: S3 cleanup
MdePkg/BaseLib: Add CRC16 CCITT False Implementation
DynamicTablesPkg: ACPI TPM2 generator
DynamicTablesPkg: Prepare for supporting other archs
BaseTools: Add VS2022 support
OvmfPkg: Add LoongArchVirt instance to OvmfPkg and enable it
- Patches (git log --oneline --date-order edk2-stable202405..edk2-stable202408):
b158dad150 EmulatorPkg: VS2022 Support on WinHost.
b0f43dd3fd DynamicTablesPkg: Add parser for Tpm2 CM object
d24df10cee DynamicTablesPkg: Add HexDump for CM Object parser
75a9afa540 DynamicTablesPkg: ACPI TPM2 generator
2bff58935f MdePkg: Tpm2Acpi.h: Max size for Parameters field
ab6ad2fbdb NetworkPkg/DxeHttpLib: Support HTTP CONNECT message in Tx path.
9761137743 RedfishPkg: Allow deletion of the bootstrap account
a29a9cce5f MdePkg/BaseLib: Add CRC16 CCITT False Implementation.
472be4d139 MdeModulePkg ConPlatform: Support IAD-style USB input devices.
1b37b3659b .github/request-reviews.yml: Use GitHub App authentication
51ada84cd5 .github/request-reviews.yml: Move workflow Py code to file
59ad8aeda6 .github/request-reviews.yml: Formatting (non-functional)
32a099c358 .github/request-reviews.yml: Improve doc and dbg messages
f617b6ee0e .github/request-reviews.yml: Only post non-collab message once
09ad1a0072 .github/request-reviews.yml: Add non-collab admin notification
e86647decd .github/request-reviews.yml: Update PR reviewer exclusion
eaf2b82eda .github/request-reviews.yml: Removed unused functionality
d3e9e10770 .github/request-reviews.yml: Switch to PyGithub
98f17cdcf4 .github/request-reviews.yml: Switch to GitPython
057c26710a .github/request-reviews.yml: Cache PIP modules
38c4cd4e88 .github/request-reviews.yml: Use sparse checkout
5d43165ff8 UefiCpuPkg: rename and simplify IsAddressValid function
cff0641360 UefiCpuPkg: remove unneeded code in SmmProfilePFHandler
8b8ac5d986 UefiCpuPkg: rename the SmiDefaultPFHandler function
cae90a8390 UefiCpuPkg: Remove duplicate code in SmiPfHandler
b5c9bbff8e UefiCpuPkg:CpuDeadLoop in SmiPFHandler if SMM profile is disabled
b3631ca944 UefiCpuPkg: remove unnecessary manipulation for smm page table
9f29fbd33b UefiCpuPkg: always create full mapping SMM page table
47bb9f9a97 UefiCpuPkg: Revert "UefiCpuPkg/PiSmmCpuDxeSmm: Fix system..."
68b4c4b481 BaseTools/Capsule: Support Different Hash Algorithm for Payload Digest
5ff99e0dab MdePkg /IoRemappingTable: Define additional IORT SMMUv3 node flags.
159f1aee56 BaseTools/WinRcPath: Improve Performance.
f203a6db92 OvmfPkg: Pass correct virtio-scsi request size
24a375fcdd UefiCpuPkg/PiSmmCpuDxeSmm: Avoid use global variable in InitSmmS3Cr3
8f3e132512 UefiCpuPkg/PiSmmCpuDxeSmm: Clean redundant SmmS3Cr3 Init
66b4a2f91d UefiCpuPkg/PiSmmCpuDxeSmm: clean unused PCD for S3
4f5de749cb DynamicTablesPkg/DynamicTableManagerDxe: Adds X64 GetAcpiTablePresenceInfo
bc0fc75637 DynamicTablesPkg/AcpiFadtLib: Adds FADT X64 generator
967cbd87b7 DynamicTablesPkg: Adds X64 namespace object
87d3a6272c UefiCpuPkg/PiSmmCpuDxeSmm: Iterate page table to find proper entry
24f8b97a9d UefiCpuPkg/PiSmmCpuDxeSmm: Remove assert check for PDE entry not exist
f73b97fe7f UefiCpuPkg/PiSmmCpuDxeSmm: Check PDE entry exist or not before use
9d8a5fbd0c UefiCpuPkg/PiSmmCpuDxeSmm: Enable single step after SmmProfile start
bbee1cc852 DynamicTablesPkg: Fix some spelling mistakes found by cspell
c26490ea29 EmbeddedPkg: Fix some spelling mistakes found by cspell
669c5aa240 UefiPayloadPkg: Fix some spelling mistakes found by cspell
1f6dbab8d9 RedfishPkg: Fix some spelling mistakes found by cspell
ecb0d1e2cb MdePkg: Fix some spelling mistakes found by cspell
394cbc4ab2 ArmVirtPkg: Fix some spelling mistakes found by cspell
7b1646d454 ArmPlatformPkg: Fix some spelling mistakes found by cspell
cf60ca4366 .pytool: Sort the list of words in cspell.base.yaml
bd23183ac9 .pytool: Add "MPIDR" to the list of known words in cspell.base.yaml
b0e7a75a49 ShellPkg/AcpiView: Add MPAM Parser
3c8133ba87 ShellPkg: acpiview: Add routines to print reserved fields
8a036c8913 ShellPkg: acpiview: Add routine to print 16 chars
9e865f9579 ShellPkg/AcpiView: Update print-formatter prototype
107d0c3800 ShellPkg/AcpiView: Update field-validator prototype
29619603d2 MdePkg/IndustryStandard: Add definitions for MPAM ACPI specification
5c9b889b81 IntelFsp2WrapperPkg/FspmWrapperPeim: Fix FspT/M address for measurement
2d5390053f ArmVirtPkg: Switch all PrePeiCore users to new Sec.inf
e85e29309e ArmPlatformPkg: Clone PrePeiUniCore into Sec
91117d70d8 ArmPlatformPkg: Clone PrePiUniCore into PeilessSec
bbe26ca2cc ArmPlatformPkg/PrePi: Make some functions STATIC
12dc8d420b ArmPkg/ArmArchTimerLib: Drop pointless constructor
e76b248d8f ArmPlatformPkg/PrePi: Drop call to TimerConstructor()
8c10017aa7 ArmVirtPkg/PrePi: Drop call to TimerConstructor()
1941a901f0 ArmPlatformPkg/PrePi: Drop secondary stack handling
9c1bc36ad1 ArmPlatformPkg/PrePeiCore: Drop secondary stack handling
96c8e75681 ArmPlatformPkg/PrePeiCore: Drop MPCore variant
cee49c82d5 ArmPlatformPkg/PrePi: Drop MPCore variant
4fc1c513f8 ArmPlatformPkg: Drop bogus reference to MPCore related PCD
caac25e22e ArmVirtPkg: Drop bogus reference to MPCore related PCD
a679ceca97 CryptoPkg: Enable Openssl Accel builds for AARCH64
368f9b62a2 CryptoPkg/OpensslLib: Add AArch64Cap for arch specific hooks
9403422f21 CryptoPkg/OpensslLib: Generate files for AARCH64 native support
952ecf53f9 CryptoPkg/OpensslLib: Add native instruction support for AARCH64
1715d67231 MdePkg/BaseRngLib: Prefer ArmReadIdAA64Isar0Reg() over ArmReadIdIsar0()
30e53f8b5e MdePkg/BaseLib: AARCH64: Add ArmReadIdAA64Isar0Reg()
a72d93e163 MdePkg/BaseLib: AARCH64: Add ArmReadCntPctReg()
71b9bda1ac BaseTools/Scripts/BinToPcd.py: Update regex strings to use raw strings.
85fad9912c MdePkg: Add PCI Express 6.0 Header Support
7e5a5ae154 MdePkg/Acpi65.h: Fix GUID value
eed43245df CodeQlQueries.qls: Pin to the 1.1.0 codeq/cpp-queries pack
... changelog too long, skipping 406 lines ...
downstream patch for corss compiling x86_64 2MB image on aarch64.
==== patterns-base ====
Subpackages: patterns-base-apparmor patterns-base-base patterns-base-basesystem patterns-base-basic_desktop patterns-base-console patterns-base-enhanced_base patterns-base-minimal_base patterns-base-selinux patterns-base-sw_management patterns-base-transactional_base patterns-base-x11 patterns-base-x11_enhanced
- In case of doubt, also favor libz1-32bit over libz-ng1-compat for
the time being.
==== perl-XML-Parser ====
- Get package to show provides perl(XML::Parser::Expat) and other submodules
==== pipewire ====
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools
- Add patch from upstream to fix a crash with broadcasting sinks:
* 0001-bluez5-fix-crash-with-broadcast-sinks.patch
- Add patch from upstream to actually clear the mix io areas when
being asked to clear it. Otherwise crashes might happen:
* 0002-jack-actually-clear-the-mix-io.patch
==== postgresql17 ====
Subpackages: libpq5 postgresql17-contrib postgresql17-llvmjit postgresql17-server
- Use cmake(LLVM) < instead of <= to also allow building against
LLVM 18.1 and newer 18.x versions
==== python-anyio ====
Version update (4.6.0 -> 4.6.2.post1)
- update to 4.6.2:
* Fixed regression caused by (\#807) that prevented the use
of parametrized async fixtures
- update to 4.6.1:
* Fixed TaskGroup and CancelScope producing cyclic references
in tracebacks when raising exceptions (\#806) (PR by
@graingert)
==== python-certifi ====
Version update (2024.7.4 -> 2024.8.30)
- update to 2024.8.30:
added certs:
* TWCA CYBER Root CA O=TAIWAN-CA OU=Root CA
* SecureSign Root CA12 O=Cybertrust Japan Co., Ltd.
* SecureSign Root CA14 O=Cybertrust Japan Co., Ltd.
* SecureSign Root CA15 O=Cybertrust Japan Co., Ltd.
==== python-charset-normalizer ====
Version update (3.3.2 -> 3.4.0)
- update to 3.4.0:
* Argument `--no-preemptive` in the CLI to prevent the detector
to search for hints.
* Support for Python 3.13
* Relax the TypeError exception thrown when trying to compare a
CharsetMatch with anything else than a CharsetMatch.
* Improved the general reliability of the detector based on
user feedbacks. (#520) (#509) (#498) (#407)
* Declared charset in content (preemptive detection) not
changed when converting to utf-8 bytes.
==== python-cryptography ====
Version update (43.0.1 -> 43.0.3)
- update to 43.0.3:
* Fixed release metadata for cryptography-vectors
* Fixed compilation when using LibreSSL 4.0.0.
==== python-numpy ====
Version update (2.1.1 -> 2.1.2)
- update to 2.1.2
* #27333: MAINT: prepare 2.1.x for further development
* #27400: BUG: apply critical sections around populating the dispatch cache
* #27406: BUG: Stub out get_build_msvc_version if distutils.msvccompiler...
* #27416: BUILD: fix missing include for std::ptrdiff_t for C++23 language...
* #27433: BLD: pin setuptools to avoid breaking numpy.distutils
* #27437: BUG: Allow unsigned shift argument for np.roll
* #27439: BUG: Disable SVE VQSort
* #27471: BUG: rfftn axis bug
* #27479: BUG: Fix extra decref of PyArray_UInt8DType.
* #27480: CI: use PyPI not scientific-python-nightly-wheels for CI doc...
* #27481: MAINT: Check for SVE support on demand
* #27484: BUG: initialize the promotion state to be weak
* #27501: MAINT: Bump pypa/cibuildwheel from 2.20.0 to 2.21.2
* #27506: BUG: avoid segfault on bad arguments in ndarray.__array_function__
==== qt6-base ====
Subpackages: libQt6Concurrent6 libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6OpenGLWidgets6 libQt6PrintSupport6 libQt6Sql6 libQt6Test6 libQt6Widgets6 libQt6Xml6 qt6-network-tls qt6-networkinformation-glib qt6-networkinformation-nm qt6-platformtheme-gtk3 qt6-printsupport-cups qt6-sql-mysql qt6-sql-sqlite
- Add patch to fix qxmpp test failures (gh#qxmpp-project/qxmpp#659):
* 0001-QUuid-restore-sorting-order-of-Qt-6.8.patch
- Add patch to fix potential crash with QDirIterator (QTBUG-130142):
* 0001-QDirIterator-don-t-crash-with-next-after-hasNext-ret.patch
==== rng-tools ====
- add patch rng-tools-missing-includes.patch
add missing include statements to fix compilation with recent gcc
==== samba ====
Version update (4.21.0+git.363.84c94ca948f -> 4.21.1+git.367.e1da597d86e)
Subpackages: libldb2 python3-ldb samba-ad-dc-libs samba-client samba-client-libs samba-gpupdate samba-ldb-ldap samba-libs samba-libs-python3 samba-python3 samba-winbind samba-winbind-libs
- Adjust spec to split out rpcd_* binaries into a separate
sub package; (bsc#1231414).
- Update to 4.21.1
* DH reconnect error handling can lead to stale sharemode
entries; (bso#15624).
* "inherit permissions = yes" triggers assert() in vfs_default
when creating a stream; (bso#15695).
* Samba 4.21.0 broke FreeIPA domain member integration;
(bso#15715).
* Missing conversion for msDS-UserTGTLifetime, msDS-
ComputerTGTLifetime and msDS-ServiceTGTLifetime on "samba-
tool domain auth policy modify"; (bso#15692).
* irpc_destructor may crash during shutdown; (bso#15280).
* Durable handle is not granted when a previous OPEN exists
with NoOplock; (bso#15649).
* Durable handle is granted but reconnect fails; (bso#15651).
* Disconnected durable handles with RH lease should not be
purged by a new non conflicting open; (bso#15708).
* net ads testjoin and other commands use the wrong secrets.tdb
in a cluster; (bso#15714).
* 4.21 using --with-system-mitkrb5 requires MIT krb5 1.16 as
rfc 8009 etypes are used; (bso#15726).
* VFS_OPEN_HOW_WITH_BACKUP_INTENT breaks shadow_copy2;
(bso#15730).
* Samba 4.20.0 DLZ module crashes BIND on startup; (bso#15643).
* Cannot build libldb lmdb backend on a build without AD DC;
(bso#15721).
* Consistent log level for sighup handler; (bso#15706).
==== selinux-policy ====
Version update (20240930 -> 20241021)
Subpackages: selinux-policy-targeted
- Update to version 20241021:
* rsync: add rsync_exec_commands boolean and enable it by default (bsc#1231494)
* Allow snapperd to execute systemctl (bsc#1231489)
- Update to version 20241018:
* Allow slpd to create TCPDIAG netlink socket (bsc#1231491)
* Allow slpd to use sys_chroot (bsc#1231491)
* Allow openvswitch-ipsec use strongswan (bsc#1231493)
==== subversion ====
Version update (1.14.3 -> 1.14.4)
Subpackages: libsvn_auth_gnome_keyring-1-0 libsvn_auth_kwallet-1-0 subversion-bash-completion subversion-perl
- Update to 1.14.4:
* Fix unbounded memory usage in propget and proplist --xml
* Fix cmdline parsing bugs in --change (-c) argument
* Improve help message for svnmucc PUT
* mailer.py: Fix inconsistency in Config.which_group() arguments
* Convert path to local style in error message from diff API
* Fix `invalid escape sequence` in .py scripts for Python 3.12
* swig-py: Fix `none_dealloc` error caused by refcount issue
* Fix a msgid in svnadmin.c which was not a valid C string
- drop patches included upstream:
* subversion-1.14.3-gcc14-2.patch
* subversion-1.14.3-gcc14.patch
==== supermin ====
- Detect the correct kernel on aarch64 (jsc#PED-10545)
detect-aarch64-kernel.patch
==== texlive ====
- Use zlib-ng-compat-devel
- Let texlive-pdfjam-bin depend on /usr/bin/pdflatex (boo#1231783)
==== tigervnc ====
Subpackages: libXvnc1 xorg-x11-Xvnc xorg-x11-Xvnc-module
- Do not ship rcFOO symlinks for CODE 16 (PED-266).
- No longer use update alternatives on CODE 16: there are no
alternatives for vncviewer present.
==== totem ====
Version update (43.0 -> 43.1)
Subpackages: totem-plugins totem-video-thumbnailer
- Update to version 43.1:
+ Fix scroll-by-page GTK setting breaking slider
+ Fix a number of MPRIS playback controls not working correctly
+ Fix a number of opensubtitles dialogue problems
+ Fix hyphens appearing in filenames
+ Force using newer GStreamer va-api plugins, fixing scrambled
videos in some cases
+ Fix error showing the keyboard shortcuts
+ Fix assertion when backends send out audio or image files even
though we asked them to be filtered out
+ Updated translations.
- Drop patch fixed upstream:
+ ac2d02530d3b555e44907162be05536a5927b2a0.patch
==== tree-sitter ====
Version update (0.24.2 -> 0.24.3)
- update to 0.24.3:
* build: fix incorrect variable checks
* fix(lib): correct unexpected side effect in get_column when the
lexer is at EOF
* build(deps): bump wasmtime to v25.0.2
==== u-boot-rpiarm64 ====
Subpackages: u-boot-rpiarm64-doc
Patch queue updated from https://github.com/openSUSE/u-boot.git tumbleweed-2024.10
* Patches added:
0018-Revert-riscv-dts-jh7110-Update-qspi.patch
boo#1231674
==== unar ====
- Fix build against GCC14
==== unbound ====
Version update (1.21.1 -> 1.22.0)
Subpackages: libunbound8 unbound-anchor
- Update to 1.22.0:
Features:
* Add iter-scrub-ns, iter-scrub-cname and max-global-quota
configuration options.
* Merge patch to fix for glue that is outside of zone, with
`harden-unverified-glue`, from Karthik Umashankar (Microsoft).
Enabling this option protects the Unbound resolver against bad
glue, that is unverified out of zone glue, by resolving them.
It uses the records as last resort if there is no other working
glue.
* Add redis-command-timeout: 20 and redis-connect-timeout: 200,
that can set the timeout separately for commands and the
connection set up to the redis server. If they are not
specified, the redis-timeout value is used.
* Log timestamps in ISO8601 format with timezone. This adds the
option `log-time-iso: yes` that logs in ISO8601 format.
* DNS over QUIC. This adds `quic-port: 853` and `quic-size: 8m`
that enable dnsoverquic, and the counters `num.query.quic` and
`mem.quic` in the statistics output. The feature needs to be
enabled by compiling with libngtcp2, with
`--with-libngtcp2=path` and libngtcp2 needs openssl+quic, pass
that with `--with-ssl=path` to compile unbound as well.
Bug Fixes:
* unbound-control-setup hangs while testing for openssl presence
starting from version 1.21.0.
* Fix error: "memory exhausted" when defining more than 9994
local-zones.
* Fix documentation for cache_fill_missing function.
* Fix Loads of logs: "validation failure: key for validation
<domain>. is marked as invalid because of a previous" for
non-DNSSEC signed zone.
* Fix that when rpz is applied the message does not get picked up
by the validator. That stops validation failures for the
message.
* Fix that stub-zone and forward-zone clauses do not exhaust
memory for long content.
* Fix to print port number in logs for auth zone transfer
activities.
* b.root renumbering.
* Add new IANA trust anchor.
* Fix config file read for dnstap-sample-rate.
* Fix alloc-size and calloc-transposed-args compiler warnings.
* Fix to limit NSEC and NSEC3 TTL when aggressive nsec is enabled
(RFC9077).
* Fix dns64 with prefetch that the prefetch is stored in cache.
* Attempt to further fix doh_downstream_buffer_size.tdir
flakiness.
* More clear text for prefetch and minimal-responses in the
unbound.conf man page.
* Fix cache update when serve expired is used. Expired records
are favored over resolution and validation failures when
serve-expired is used.
* Fix negative cache NSEC3 parameter compares for zero length
NSEC3 salt.
* Fix unbound-control-setup hangs sometimes depending on the
openssl version.
* Fix Cannot override tcp-upstream and tls-upstream with
forward-tcp-upstream and forward-tls-upstream.
* Fix to limit NSEC TTL for messages from cachedb. Fix to limit
the prefetch ttl for messages after a CNAME with short TTL.
* Fix to disable detection of quic configured ports when quic is
not compiled in.
* Fix harden-unverified-glue for AAAA cache_fill_missing lookups.
* Fix contrib/aaaa-filter-iterator.patch for change in call
signature for cache_fill_missing.
* Fix to display warning if quic-port is set but dnsoverquic is
not enabled when compiled.
* Fix dnsoverquic to extend the number of streams when one is
closed.
* Fix for dnstap with dnscrypt and dnstap without dnsoverquic.
* Fix for dnsoverquic and dnstap to use the correct dnstap
environment.
- Update keyring
==== virtiofsd ====
Version update (1.11.1 -> 1.12.0)
- Update to version 1.12.0:
* Bump version to v1.12.0
* Add file-handles migration mode
* Serialize mount FD map
* Deserialize file handles
* Build mount FD map on deserialization
* Add MigrationMode::FileHandles
* PassthroughFsV2
* Allow deserializing serializable file handles
* Extract serialized::Inode.deserialize_root_node()
==== vte ====
Version update (0.78.0 -> 0.78.1)
Subpackages: libvte-2_91-0 typelib-1_0-Vte-2_91
- Update to version 0.78.1:
+ build:
- Prepend python to minifont coverage cmd
- Add missing includes
+ widget:
- Improve the robustness of ringview updating
- Make sure to update the ringview after a widget resize
- termprops: Fix for double termprops
+ draw:
- gsk:
. Use fill_n to fill background
. Draw cell background using scaled texture
- Fix background drawing offset
+ tests: Remove excessive constrexpr
==== webkit2gtk3 ====
Version update (2.46.1 -> 2.46.2)
Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles
- Update to version 2.46.2:
+ Own well-known bus name on a11y bus.
+ Improve memory consumption when putImageData is used repeatedly
on accelerated canvas.
+ Disable cached web process suspension for now to prevent leaks.
+ Improve text kerning with different combinations of antialias
and hinting settings.
+ Destroy all network sessions on process exit.
+ Fix visible rectangle calculation when there are animations.
+ Fix the build with ENABLE_NOTIFICATIONS=OFF.
+ Fix the build with ENABLE_FULLSCREEN_API=OFF.
+ Fix the build with ENABLE_WEB_AUDIO=OFF.
+ Fix the build on ppc64le.
+ Fix several crashes and rendering issues.
- Drop bug281495.patch: fixed upstream.
==== wireplumber ====
Subpackages: libwireplumber-0_5-0 wireplumber-audio wireplumber-zsh-completion
- Add patch from upstream to fix switching automatically the
profile of non-bluetooth devices (boo#1231815):
* 0001-autoswitch-bluetooth-profile-switch-only-Bluetooth-devices.patch
- Add patch from upstream to fix switching automatically the
profile when starting some apps and then switching to the
previous profile:
* 0002-autoswitch-bluetooth-profile-Switch-to-HSP_HFP-on-timeout.patch
- Add patches from upstream to fix a couple of memory leaks:
* 0003-m-mixer-api-Fix-memory-in-leak-wp_mixer_api_set_volume.patch
* 0004-module-dbus-connection-fix-GCancellable-leak.patch
==== xf86-input-evdev ====
Version update (2.10.6 -> 2.11.0)
- update to version 2.11.0
* FTBFS fixes on non-linux platforms and dropping some ancient quirks
* Fixes for the Compose and Kana LEDs
* we remap some higher keycodes to FK20 and friends, paving the
way for systemd/udev to map those properly in their hwdb files
==== xf86-input-libinput ====
Version update (1.4.0 -> 1.5.0)
- Update to version 1.5.0:
* the compose and kana LEDs are now supported
* tablet tools now have a property to indicate the tool serial and hw id
(if any)
* libinput's tablet tool pressure range config is now supported
* libinput's clickfinger button map config is now supported
* we remap some higher keycodes to FK20 and friends, paving the
way for systemd/udev to map those properly in their hwdb files
==== xfsprogs ====
Version update (6.10.1 -> 6.11.0)
Subpackages: libhandle1
- update to 6.11.0
- mkfs: break up the rest of the rtinit() function
- mkfs: clean up the rtinit() function
- xfs_repair: use library functions for orphanage creation
- xfs_repair: use library functions to reset root/rbm/rsum inodes
- xfs_repair: don't crash in get_inode_parent
- xfs_repair: fix exchrange upgrade
- xfs_db: port the iunlink command to use the libxfs iunlink function
- xfs_db/mdrestore/repair: don't use the incore struct xfs_sb for offsets into struct xfs_dsb
- xfs_db/mkfs/xfs_repair: port to use XFS_ICREATE_UNLINKABLE
- xfs_db: port the unlink command to use libxfs_droplink
- libxfs: implement get_random_u32
- libxfs: remove libxfs_dir_ialloc
- libxfs: backport inode init code from the kernel
- libxfs: pack icreate initialization parameters into a separate structure
- xfs_io: add RWF_ATOMIC support to pwrite
- libfrog: emulate deprecated attrlist functionality in libattr
- misc: clean up code around attr_list_by_handle calls
- fsck.xfs: fix fsck.xfs run by different shells when fsck.mode=force is set
- libxfs: provide a memfd_create() wrapper if not present in libc
- xfs_io: Fix fscrypt macros ordering
- man: Update unit for fsx_extsize and fsx_cowextsize
- xfs_db: release ip resource before returning from get_next_unlinked()
- libxfs: kernel sync
- ------------------------------------------------------------------
==== xz ====
Version update (5.6.2 -> 5.6.3)
Subpackages: liblzma5
- Update to 5.6.3:
* liblzma:
- Fix x86-64 inline assembly compatibility with GNU Binutils
older than 2.27.
- Fix the build with GCC 4.2 on OpenBSD/sparc64.
* xzdec: Display an error instead of failing silently if the
unsupported option -M is specified.
* lzmainfo: Fix integer overflows when rounding the dictionary and
uncompressed sizes to the nearest mebibyte.
* Autotools-based build:
- Fix feature checks with link-time optimization (-flto).
- Solaris: Fix a compatibility issue in version.sh. It matters
if one wants to regenerate configure by running autoconf.
* CMake:
- Use paths relative to ${prefix} in liblzma.pc when possible.
This is done only with CMake >= 3.20.
- Prefer a C11 compiler over a C99 compiler but accept both.
- Link Threads::Threads against liblzma using PRIVATE so that
- pthread and such flags won't unnecessarily get included in
the usage requirements of shared liblzma. That is,
target_link_libraries(foo PRIVATE liblzma::liblzma) no
longer adds -pthread if using POSIX threads and linking
against shared liblzma. The threading flags are still added
if linking against static liblzma.
* Updated translations: Catalan, Chinese (simplified), and
Brazilian Portuguese.
==== yast2-auth-client ====
Version update (5.0.0 -> 5.0.1)
- Use new smb.conf parameter "sync machine password to keytab"
(gh#yast/yast-auth-client#122).
- Skip whitespace-only lines when parsing krb5.conf
- 5.0.1
==== yast2-installation ====
Version update (5.0.14 -> 5.0.15)
- Improve handling spaces when list of blacklisted modules are
specified (bsc#1231313)
- 5.0.15
==== zlib-ng-compat ====
Version update (2.2.1 -> 2.2.2)
- Update to 2.2.2:
* Changelog at https://github.com/zlib-ng/zlib-ng/releases/tag/2.2.2
- Install the ld.so configuration file also with the -32bit
package, as otherwise biarch installs won't find that library
(boo#1232065).