Packages changed: Mesa (22.0.2 -> 22.0.3) Mesa-drivers (22.0.2 -> 22.0.3) MozillaFirefox (99.0.1 -> 100.0) SDL2 akonadi-calendar amavisd-new apache2-mod_php7 apparmor audacity babl binutils bluedevil5 (5.24.4 -> 5.24.5) bluez breeze (5.24.4 -> 5.24.5) breeze-gtk (5.24.4 -> 5.24.5) bzip2 clamav (0.103.5 -> 0.103.6) discover (5.24.4 -> 5.24.5) drkonqi5 (5.24.4 -> 5.24.5) elfutils-debuginfod evolution-ews fdupes fillup fmt freetype2 (2.12.0 -> 2.12.1) fuse3 (3.10.5 -> 3.11.0) gdb git (2.36.0 -> 2.36.1) gnome-shell (42.0 -> 42.1) gnome-software (42.0 -> 42.1) gpg2 (2.3.4 -> 2.3.6) gpsd (3.23.1 -> 3.24) hdf5 inotify-tools (3.21.9.6 -> 3.22.1.0) kactivitymanagerd (5.24.4 -> 5.24.5) kcm_sddm (5.24.4 -> 5.24.5) kde-cli-tools5 (5.24.4 -> 5.24.5) kde-gtk-config5 (5.24.4 -> 5.24.5) kgamma5 (5.24.4 -> 5.24.5) khotkeys5 (5.24.4 -> 5.24.5) kinfocenter5 (5.24.4 -> 5.24.5) kmenuedit5 (5.24.4 -> 5.24.5) kscreen5 (5.24.4 -> 5.24.5) kscreenlocker (5.24.4 -> 5.24.5) ksshaskpass5 (5.24.4 -> 5.24.5) ksystemstats5 (5.24.4 -> 5.24.5) kwayland-integration (5.24.4 -> 5.24.5) kwayland-server (5.24.4 -> 5.24.5) kwin5 (5.24.4 -> 5.24.5) kwrited5 (5.24.4 -> 5.24.5) layer-shell-qt (5.24.4 -> 5.24.5) libapparmor libkdecoration2 (5.24.4 -> 5.24.5) libkscreen2 (5.24.4 -> 5.24.5) libksysguard5 (5.24.4 -> 5.24.5) libnice (0.1.18 -> 0.1.19) libnotify (0.7.9 -> 0.7.11) libpipeline (1.5.5 -> 1.5.6) libqmi (1.30.4 -> 1.30.6) libqt5-qtwebengine libquicktime libreoffice (7.3.3.1 -> 7.3.3.2) libseccomp (2.5.3 -> 2.5.4) libshout (2.4.5 -> 2.4.6) libsrtp2 libstorage-ng (4.5.6 -> 4.5.9) libunwind (1.5.0 -> 1.6.2) libxcb (1.14 -> 1.15) libxml2 (2.9.13 -> 2.9.14) libxml2-python (2.9.13 -> 2.9.14) live555 (2022.02.07 -> 2022.04.26) llvm14 (14.0.1 -> 14.0.3) milou5 (5.24.4 -> 5.24.5) mozilla-nss (3.76.1 -> 3.77) mutter (42.0 -> 42.1) okteta oniguruma (6.9.7.1 -> 6.9.8) open-iscsi openconnect (8.10 -> 8.20) openexr (3.1.4 -> 3.1.5) ovmf oxygen5 (5.24.4 -> 5.24.5) pcaudiolib (1.1 -> 1.2) php7 plasma-browser-integration (5.24.4 -> 5.24.5) plasma-nm5 (5.24.4 -> 5.24.5) plasma5-addons (5.24.4 -> 5.24.5) plasma5-desktop (5.24.4 -> 5.24.5) plasma5-disks (5.24.4 -> 5.24.5) plasma5-integration (5.24.4 -> 5.24.5) plasma5-openSUSE plasma5-pa (5.24.4 -> 5.24.5) plasma5-systemmonitor (5.24.4 -> 5.24.5) plasma5-thunderbolt (5.24.4 -> 5.24.5) plasma5-workspace (5.24.4 -> 5.24.5) plymouth polkit-kde-agent-5 (5.24.4 -> 5.24.5) poppler (22.04.0 -> 22.05.0) poppler-qt5 (22.04.0 -> 22.05.0) postfix powerdevil5 (5.24.4 -> 5.24.5) pwgen python-SQLAlchemy (1.4.35 -> 1.4.36) python-bcrypt (3.2.0 -> 3.2.2) python-httpx python-scipy raspberrypi-firmware-dt (2022.02.25 -> 2022.04.24) re2 re2c (2.2 -> 3.0) rpm ruby3.1 samba (4.16.0+git.227.931848a12ab -> 4.16.1+git.235.f435da606f7) sharutils snapper (0.10.1 -> 0.10.2) sqlite3 (3.38.2 -> 3.38.3) swtpm (0.7.2 -> 0.7.3) systemd-presets-branding-openSUSE systemsettings5 (5.24.4 -> 5.24.5) unbound (1.14.0 -> 1.15.0) unixODBC (2.3.9 -> 2.3.11) vim (8.2.4745 -> 8.2.4877) webkit2gtk3 webkit2gtk3-soup2 wireless-tools xdg-desktop-portal (1.14.3 -> 1.14.4) xdg-desktop-portal-kde (5.24.4 -> 5.24.5) yast2-packager (4.5.2 -> 4.5.3) yast2-samba-client (4.5.0 -> 4.5.1) yast2-trans (84.87.20220422.7945491fb3 -> 84.87.20220429.5e9abe4e41) === Details === ==== Mesa ==== Version update (22.0.2 -> 22.0.3) Subpackages: Mesa-dri-devel Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - Update to 22.0.3 * bugfix release with fixes for most of the major drivers - _constraints: * raised requirements to 9 GB disk space and added aarch64 architecture (bsc#1199040) ==== Mesa-drivers ==== Version update (22.0.2 -> 22.0.3) Subpackages: Mesa-dri Mesa-gallium Mesa-libva libvdpau_r300 libvdpau_r600 libvdpau_radeonsi - Update to 22.0.3 * bugfix release with fixes for most of the major drivers - _constraints: * raised requirements to 9 GB disk space and added aarch64 architecture (bsc#1199040) ==== MozillaFirefox ==== Version update (99.0.1 -> 100.0) Subpackages: MozillaFirefox-translations-common - Mozilla Firefox 100.0 * subtitle support in PiP * spell checking supports multiple languages in parallel * more details here https://www.mozilla.org/en-US/firefox/100.0/releasenotes MFSA 2022-16 (boo#1198970) * CVE-2022-29914 (bmo#1746448) Fullscreen notification bypass using popups * CVE-2022-29909 (bmo#1755081) Bypassing permission prompt in nested browsing contexts * CVE-2022-29916 (bmo#1760674) Leaking browser history with CSS variables * CVE-2022-29911 (bmo#1761981) iframe Sandbox bypass * CVE-2022-29912 (bmo#1692655) Reader mode bypassed SameSite cookies * CVE-2022-29910 (bmo#1757138) Firefox for Android forgot HTTP Strict Transport Security settings * CVE-2022-29915 (bmo#1751678) Leaking cross-origin redirect through the Performance API * CVE-2022-29917 (bmo#1684739, bmo#1706441, bmo#1753298, bmo#1762614, bmo#1762620, bmo#1764778) Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9 * CVE-2022-29918 (bmo#1744043, bmo#1747178, bmo#1753535, bmo#1754017, bmo#1755847, bmo#1756172, bmo#1757477, bmo#1758223, bmo#1760160, bmo#1761481, bmo#1761771) Memory safety bugs fixed in Firefox 100 - requires NSS 3.77 ==== SDL2 ==== - Restore sdl2-symvers.patch to full symbol list to facilitate application installation with Leap 15.x's SDL2. ==== akonadi-calendar ==== Subpackages: akonadi-calendar-lang akonadi-plugin-calendar kalendarac libKF5AkonadiCalendar5 - Drop patch to fix the reminder daemon not starting on login. The autostart key is not automatically set to true here, so it was effectively disabled completely. The daemon tries to not start akonadi unless configured, so the patch can be dropped: * 0001-Make-sure-the-reminder-daemon-is-not-started-by-defa.patch ==== amavisd-new ==== Subpackages: amavisd-new-docs - Starting amavis.service gives Unit var-run.mount not found. var-run.mount is not needed (bsc#1198783) ==== apache2-mod_php7 ==== - security update [bsc#1197644] - added patches fix https://github.com/php/php-src/commit/771dbdb319fa7f90584f6b2cc2c54ccff570492d + php7-signedness-php_filter_validate_domain.patch ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-docs apparmor-parser apparmor-profiles apparmor-utils pam_apparmor python3-apparmor - add php8-fpm-mr876.patch so that php8 php-fpm can read its config (boo#1186267#c11) - parser: add conflict with apparmor-utils < 3.0 to avoid aa-status file conflict on upgrade (boo#1198958) - utils: add missing dependency on apparmor-parser (boo#1198958#c4) ==== audacity ==== Subpackages: audacity-lang - Fix build on non-x86_64 by not requiring carla-devel - Fix build with new carla by requiring carla-devel - Really solve boo#1198551 by packaging audacitie's libraries in _libdir ==== babl ==== - Add patches, backported from git, to fix build with meson 0.62: + 2dc7fc40.patch + b05b2826.patch ==== binutils ==== Subpackages: libctf-nobfd0 libctf0 - Renumber Sources. - Fix ExcludeArch for ppc. - Make multibuild utilize only the main binutils.spec file. - Remove not needed README.First-for.SUSE.packagers, pre_checkin.sh. - Start using _multibuild for cross binutils. ==== bluedevil5 ==== Version update (5.24.4 -> 5.24.5) Subpackages: bluedevil5-lang - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== bluez ==== Subpackages: bluez-auto-enable-devices libbluetooth3 - add Requires(post): systemd for bluez-auto-enable-devices * fixes boo#1198906 ==== breeze ==== Version update (5.24.4 -> 5.24.5) Subpackages: breeze5-cursors breeze5-decoration breeze5-style breeze5-style-lang libbreezecommon5-5 - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - Changes since 5.24.4: * Add Windows CI * Disable decoration on Windows and mac * Add missing kcoreaddons dep ==== breeze-gtk ==== Version update (5.24.4 -> 5.24.5) Subpackages: gtk2-metatheme-breeze gtk3-metatheme-breeze metatheme-breeze-common - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== bzip2 ==== Subpackages: libbz2-1 libbz2-devel - Port rpmlintrc format to rpmlint 2.x. ==== clamav ==== Version update (0.103.5 -> 0.103.6) Subpackages: libclamav9 libfreshclam2 - Update to 0.103.6 * CVE-2022-20770: Fixed a possible infinite loop vulnerability in the CHM file parser. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions. (boo#1199242) * CVE-2022-20796: Fixed a possible NULL-pointer dereference crash in the scan verdict cache check. Issue affects versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2. (boo#1199246) * CVE-2022-20771: Fixed a possible infinite loop vulnerability in the TIFF file parser. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions. The issue only occurs if the "--alert-broken-media" ClamScan option is enabled. For ClamD, the affected option is "AlertBrokenMedia yes", and for libclamav it is the "CL_SCAN_HEURISTIC_BROKEN_MEDIA" scan option. (boo#1199244) * CVE-2022-20785: Fixed a possible memory leak in the HTML file parser / Javascript normalizer. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions. (boo#1199245) * CVE-2022-20792: Fixed a possible multi-byte heap buffer overflow write vulnerability in the signature database load module. The fix was to update the vendored regex library to the latest version. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions. (boo#1199274) * ClamOnAcc: Fixed a number of assorted stability issues and added niceties for debugging ClamOnAcc. * Fixed an issue causing byte-compare subsignatures to cause an alert when they match even if other conditions of the given logical signatures were not met. * Fix memleak when using multiple byte-compare subsignatures. This fix was backported from 0.104.0. * Assorted bug fixes and improvements. - Remove upstreamed clamav-ck_assert_msg.patch ==== discover ==== Version update (5.24.4 -> 5.24.5) Subpackages: discover-backend-flatpak discover-backend-fwupd discover-backend-packagekit discover-lang - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - Changes since 5.24.4: * flatpak: Fix state change emits (kde#451111) * flatpak: Improve stability of different sources integration * flatpak: Centralise remote integration in FlatpakBackend (kde#443745) * pk: Consider multiple package ids for one upgradeable resource (kde#444600) * Don't use the appdata version in the installed version string if empty * libdiscover: Fix Discover doesn't show license or description of local package (kde#452150) - Refresh patch and drop part of the message which might sound a bit too harsh and is mostly redundant anyway: * 0001-Warning-for-FlatHub.patch ==== drkonqi5 ==== Version update (5.24.4 -> 5.24.5) Subpackages: drkonqi5-lang - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - Changes since 5.24.4: * fix processor invocation * fix the instance filter * instance ids have 2 hyphens not 3 ==== elfutils-debuginfod ==== - Do not set DEBUGINFOD_URLS for anything older than Tumbleweed. ==== evolution-ews ==== - Add evolution-ews-fix-gtk-linkage.patch: fix for gnome-contacts being unable to launch. ==== fdupes ==== - Fixes for the new wrapper: * Order duplicates by name, to get a reproducible file set (boo#1197484). * Remove redundant order parameter from fdupes invocation. * Modernize code, significantly reduce allocations. * Exit immediately when mandatory parameters are missing. * Remove obsolete buildroot parameter * Add some tests for the wrapper ==== fillup ==== - use https as url ==== fmt ==== - Replace obsolete macro %make_jobs by %cmake_build ==== freetype2 ==== Version update (2.12.0 -> 2.12.1) Subpackages: freetype2-devel libfreetype6 - drop revert-ft212-subpixel-hinting-change.patch: upstream - Update to 2.12.1: - Loading CFF fonts sometimes made FreeType crash (bug introduced in version 2.12.0) - Loading a fully hinted TrueType glyph a second time (without caching) sometimes yielded different rendering results if TrueType hinting was active (bug introduced in version 2.12.0). - The generation of the pkg-config file `freetype2.pc` was broken if the build was done with cmake (bug introduced in version 2.12.0). - The meson build no longer enforces both static and dynamic versions of the library by default. - The internal zlib library was updated to version 1.2.12. Note, however, that FreeType is *not* affected by CVE-2018-25032 since it only does decompression. - Drop freetype-2.12.0-cff_slot_load-segfault.patch - Drop 079a22da037835daf5be2bd9eccf7bc1eaa2e783.patch ==== fuse3 ==== Version update (3.10.5 -> 3.11.0) Subpackages: libfuse3-3 - Update to version 3.11.0: * Add support for flag FOPEN_NOFLUSH for avoiding flush on close. * Fixed returning an error condition to ioctl(2) ==== gdb ==== - Remove dependency on binutils-gold as the package will be removed in the future. Gold linker is unmaintained by the upstream project. - Fix unresolved BuildRequires fpc for Leap 15.4/i586. ==== git ==== Version update (2.36.0 -> 2.36.1) Subpackages: git-core git-cvs git-email git-gui git-svn git-web gitk perl-Git - git 2.36.1: * fix "git submodule update" noisyness without pathspec * fix "diff-tree --stdin" * fix "git name-rev" referenging strings after they are freed * fix "git show ... -- " loosing the pathspec when showing the second and subsequent commits * fix "git fast-export -- " loosing the pathspec when showing the second and subsequent commits * fix "git format-patch -- " loosing the pathspec when showing the second and subsequent commits ==== gnome-shell ==== Version update (42.0 -> 42.1) Subpackages: gnome-extensions gnome-shell-calendar - Update to version 42.1: + Limit unfullscreen gesture to not interfere with overview. + Properly hide the second (real) cursor when magnified. + Fix various style glitches. + Fix creating default application folders. + Fix switching monitor configuration. + Add Home/End keynav in app grid. + Handle monitor changes during startup animation. + Fix fractional timezone offsets in world clock. + Default to right text-align in RTL locales. + calendar: Fix alignment of world clocks header in RTL. + Rely on symbolic icons instead of 'HighContrast' icon theme. + Fix moving windows from secondary monitor to non-active workspace. + Make sure startup animation completes. + Fix Swiss on-screen keyboard layouts. + Add Austrian-German on-screen keyboard layout. + Fix on-screen keyboard in modal dialogs and lock screen. + Fix menus in pad OSD. + Sync default colors with libadwaita. + Fix grab regressions when entering overview. + Scale calendar with text size. + Allow more intermediate icon sizes in app grid. + Fixed crash. + Plugged memory leak. - Remove gnome-shell-42.0-fix-switching-configuration.patch (merged upstream). - Add gnome-shell-42.0-fix-switching-configuration.patch: Fix monitor switching configuration (glgo#GNOME/gnome-shell#5217). ==== gnome-software ==== Version update (42.0 -> 42.1) - Updated to version 42.1: + #1514 GNOME OS: Most system apps have no icons in installed list. + #1690 Button to go back is missing in "OS Updates" page opened from "Installed Updates" window. + #1693 Fix an issue where Software would sometimes display a "Software Updates Failed" error message on startup. + #1712 Clicking "Fedora Flathub Selection" does not update the filtered Flathub AppStream metadata until reboot. + #1723 Installed Updates dialog UI papercuts. + #1727 Wrong direction of arrows in updates list in RTL languages. + !794 flatpak: Prefer to install runtimes from the same remote as the application. + !1235 Find AppStream metadata in every possible location. + !1299 Avoid re-downloads of not-yet-stale data in some cases. + !1307 Change thread I/O priority depending on job priority. + !1313 Ensure labels don't overlap in app lists. + !1318 Fix an issue preventing the user from disabling some repositories on Fedora. + Translation updates. - Drop 8cbce25.patch - patched upstream, #1693. ==== gpg2 ==== Version update (2.3.4 -> 2.3.6) Subpackages: dirmngr - GnuPG 2.3.6: * Up to five times faster verification of detached signatures, doubled detached signing speed, threefold decryption speedup for large files, nearly double the AES256.OCB encryption speed * Add support for GeNUA cards * Added and improved options for crypto options, and all-around bug fixes ==== gpsd ==== Version update (3.23.1 -> 3.24) - Update to version 3.24 * NTRIP 2.0 now works. But still only plain HTML, not RTP, etc. * Remove ntrip option and NTRIP_ENABLE. Always build. * Remove passthrough option and PASSTHROUGH_ENABLE. Always build. * Remove nmea0183 option and NMEA0183_ENABLE. Always build. * Remove netfeed option and NETFEED_ENABLE. Always build. * gpsd will retry ntrip:// and tcp:// connections * cgps can expand to show more sats. Added --rtk option. * maidenhead() checks for input errors. * Better SHM logs. * PPS and TOFF JSON now include shm used, and real precision. * Add initial, untested, TSIPv1 support * split debug messages into different syslog() levels. * New ppscheck options, and can use /dev/ppsX devices. * First try at TSIPv1 protocol decodes. * Decode Quectel $PQVERNO for firmware version * Decode Skytrak PX1172RH_DS messages. - Update gpsd.keyring (0C898D47 -> DD3DD9BB) ==== hdf5 ==== Subpackages: libhdf5-103 libhdf5_cpp103 libhdf5_fortran102 libhdf5_hl100 libhdf5_hl_cpp100 libhdf5hl_fortran100 - Security Fix: Add configure option --disable-hltools to disable GIF tools as recommended in the 1.10.8 release: CVE-2018-17433 (bsc#1109565), CVE-2018-17436 (bsc#1109568), CVE-2020-10809 (bsc#1167404). ==== inotify-tools ==== Version update (3.21.9.6 -> 3.22.1.0) Subpackages: libinotifytools0 - update to 3.22.1.0: * print to stderr if you fail to fopen file * Properly terminate escaped CSV strings. (#158) * Fix printing of filename when watching a file ==== kactivitymanagerd ==== Version update (5.24.4 -> 5.24.5) Subpackages: kactivitymanagerd-lang - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== kcm_sddm ==== Version update (5.24.4 -> 5.24.5) Subpackages: kcm_sddm-lang - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== kde-cli-tools5 ==== Version update (5.24.4 -> 5.24.5) - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== kde-gtk-config5 ==== Version update (5.24.4 -> 5.24.5) Subpackages: kde-gtk-config5-gtk3 - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== kgamma5 ==== Version update (5.24.4 -> 5.24.5) Subpackages: kgamma5-lang - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== khotkeys5 ==== Version update (5.24.4 -> 5.24.5) Subpackages: khotkeys5-lang - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== kinfocenter5 ==== Version update (5.24.4 -> 5.24.5) Subpackages: kinfocenter5-lang - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== kmenuedit5 ==== Version update (5.24.4 -> 5.24.5) Subpackages: kmenuedit5-lang - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== kscreen5 ==== Version update (5.24.4 -> 5.24.5) Subpackages: kscreen5-lang kscreen5-plasmoid - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== kscreenlocker ==== Version update (5.24.4 -> 5.24.5) Subpackages: kscreenlocker-lang libKScreenLocker5 - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== ksshaskpass5 ==== Version update (5.24.4 -> 5.24.5) Subpackages: ksshaskpass5-lang - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== ksystemstats5 ==== Version update (5.24.4 -> 5.24.5) - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== kwayland-integration ==== Version update (5.24.4 -> 5.24.5) - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== kwayland-server ==== Version update (5.24.4 -> 5.24.5) - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - Changes since 5.24.4: * outputconfigurationinterface: don't crash if mode is invalid (kde#453042) * Fix race in wp_drm_lease_v1. * Simplify code that announces available modes and current mode (kde#452318) * Guard subsurface parent access. (kde#452044) * Fix layer shell reset ==== kwin5 ==== Version update (5.24.4 -> 5.24.5) Subpackages: kwin5-lang - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - Changes since 5.24.4: * backends/drm: reduce "max bpc" to what is actually used (kde#449906) * Fix unlocking wayland sessions (kde#447705) * effects/kscreen: don't use xcb on Wayland (kde#450564) * AbstractClient: Fix the current VD being always added to the plasma interface (kde#452171) * Do not send overlay geometry to text input. * backends/drm: don't permanently disable VRR when the test commit fails * backends/drm: fetch immutable blobs in DrmProperty * waylandserver: move LockScreenPresentationWatcher to the correct place * xdgactivation: Demand attention when a process fails to resolve its token * waylandserver: only signal lockScreenShown once it has actually been shown * Add a way to ignore devices for tablet mode ==== kwrited5 ==== Version update (5.24.4 -> 5.24.5) - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== layer-shell-qt ==== Version update (5.24.4 -> 5.24.5) - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== libapparmor ==== - add php8-fpm-mr876.patch so that php8 php-fpm can read its config (boo#1186267#c11) - parser: add conflict with apparmor-utils < 3.0 to avoid aa-status file conflict on upgrade (boo#1198958) - utils: add missing dependency on apparmor-parser (boo#1198958#c4) ==== libkdecoration2 ==== Version update (5.24.4 -> 5.24.5) Subpackages: libkdecorations2-5 libkdecorations2-5-lang libkdecorations2private9 - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== libkscreen2 ==== Version update (5.24.4 -> 5.24.5) Subpackages: libKF5Screen7 libkscreen2-plugin - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== libksysguard5 ==== Version update (5.24.4 -> 5.24.5) Subpackages: ksysguardsystemstats-data libKSysGuardSystemStats1 libksysguard5-imports libksysguard5-lang - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== libnice ==== Version update (0.1.18 -> 0.1.19) Subpackages: gstreamer-libnice libnice10 - Update to 0.1.19: * Allow incoming connchecks before remote candidates are set, allows for connection based on received bind requests * Implement RFC 7675 for Consent Freshness * Use a single server reflexive and local relay candidate, reduces useless duplicated local candidates * Improved ICE restart implementation * Use Windows native crypto API, removing the need for OpenSSL * Add bytestream ICE-TCP and improve ICE-TCP * Add API to know if a NiceAddress is link-local * Add API to extact the relay address from a relayed NiceAddress * Improve support for detection addresses on Android, iOS, macOS * A number of bug fixes ==== libnotify ==== Version update (0.7.9 -> 0.7.11) Subpackages: libnotify-tools libnotify4 typelib-1_0-Notify-0_7 - Update to 0.7.11 * Fix potential build errors with old glib version we require * notify-send: Add support for boolean hints * notify-send: Support passing any hint value, by parsing variant strings * notify-send: Add explicit option to create transient notifications ==== libpipeline ==== Version update (1.5.5 -> 1.5.6) - update to 1.5.6: * Fix handling of leading whitespace in `pipecmd_new_argstr` and `pipecmd_argstr`. ==== libqmi ==== Version update (1.30.4 -> 1.30.6) Subpackages: libqmi-glib5 libqmi-tools - Update to 1.30.6 * meson: fix 'export_packages' in GIR setup. * net-port-manager: use unaligned netlink attribute length. - Drop the unneeded rpmlintrc file ==== libqt5-qtwebengine ==== - Remove dependency on binutils-gold as the package will be removed in the future. Gold linker is unmaintained by the upstream project. ==== libquicktime ==== - Update BuildRequires to reflect it does not work with ffmpeg5 at this time. ==== libreoffice ==== Version update (7.3.3.1 -> 7.3.3.2) Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-en libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit - Update to version 7.3.3.2: You can find the complete release notes here: https://wiki.documentfoundation.org/Releases/7.3.3/RC2 - Add system_curl build condition - Revert: Filter out binary-or-shlib-defines-rpath with $ORIGIN argument, $ORIGIN is interpreted by rpmlint now. ==== libseccomp ==== Version update (2.5.3 -> 2.5.4) - Deactive python3 by default, it's just not a good idea for ring0. - Update to release 2.5.4 * Update the syscall table for Linux v5.17. * Fix minor issues with binary tree testing and with empty binary trees. * Minor documentation improvements including retiring the mailing list. - buildrequire python-rpm-macros - reenable python bindings at least for the distro default python3 package: - adds make-python-build.patch ==== libshout ==== Version update (2.4.5 -> 2.4.6) - Update to 2.4.6 * Fixed pkg-config file * Made vorbis an optional codec * Do not pass to small headers to libspeex (see also the same mirror-patch in Icecast) * Updated documentation, mostly in regard of making it clearer which functions are now obsoleted * General code cleanup * Added compiler warnings about obsoleted functions and ignored return values * Replaced old shout_set_metadata() with new shout_set_metadata_utf8() * Added support for plain text streaming * Fixed shout_set_metadata*() sometimes returning SHOUTERR_RETRY * Workaround old clients by emulating SHOUTERR_RETRY with SHOUTERR_BUSY * Remove our re-implementation of X509_check_host() * Allow to disable building tools - Spec cleanup ==== libsrtp2 ==== - Remove include header editing; the issue once present in libsrtp 2.0.0 seems reasonably resolved in current 2.4.2 [boo#1198887] ==== libstorage-ng ==== Version update (4.5.6 -> 4.5.9) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#873 - extended documentation - consistently save and log partition id in hex - 4.5.9 - merge gh#openSUSE/libstorage-ng#872 - moved check of image-filename from create to check function - added logging of pbkdf - added const - coding style - updated documentation - 4.5.8 - merge gh#openSUSE/libstorage-ng#870 - LUKS2: add AEAD integrity option (PM-3419) - 4.5.7 ==== libunwind ==== Version update (1.5.0 -> 1.6.2) - update to 1.6.2: * Fix off-by-one error in x86_64 stack frames * Fix error in aarch64 unw_sigcontext * resolve possible null pointer dereference * Switch to C11 atomics * RISC-V support * aarch64 getcontext functionality ==== libxcb ==== Version update (1.14 -> 1.15) Subpackages: libxcb-composite0 libxcb-damage0 libxcb-devel libxcb-dpms0 libxcb-dri2-0 libxcb-dri3-0 libxcb-glx0 libxcb-present0 libxcb-randr0 libxcb-record0 libxcb-render0 libxcb-res0 libxcb-screensaver0 libxcb-shape0 libxcb-shm0 libxcb-sync1 libxcb-xf86dri0 libxcb-xfixes0 libxcb-xinerama0 libxcb-xinput0 libxcb-xkb1 libxcb-xtest0 libxcb-xv0 libxcb-xvmc0 libxcb1 - buildrequire xcb-proto >= 1.15 - Update to version 1.15 * xcb_auth: Quiet -Wimplicit-fallthrough warning in get_authptr() * Fix integer overflows in xcb_in.c * Use the 'present' field to properly check that the XC-MISC * Fix a memory leak * Increment libtool version info for libxcb-dri3 * Add newline when printing auth/connection failure string to stderr * Fix build on Windows * Fix writev emulation on Windows * c_client.py: Extract get_expr_field_names() * c_client.py: Use get_expr_field_names directly to resolve list fields * c_client: Extract _c_get_field_mapping_for_expr() * c_client.py: Implement handling of element * tests: don't use deprecated fail_unless check API * gitignore: add files generated by make check * Avoid request counter truncation in replies map after 2**32 requests * Fix hang in xcb_request_check() * Improve/fix docs for reply fds functions ==== libxml2 ==== Version update (2.9.13 -> 2.9.14) Subpackages: libxml2-2 libxml2-tools - Update to 2.9.14: * Security: + [CVE-2022-29824] Integer overflow in xmlBuf and xmlBuffer + Fix potential double-free in xmlXPtrStringRangeFunction + Fix memory leak in xmlFindCharEncodingHandler + Normalize XPath strings in-place + Prevent integer-overflow in htmlSkipBlankChars() and xmlSkipBlankChars() + Fix leak of xmlElementContent * Bug fixes: + Fix parsing of subtracted regex character classes + Fix recursion check in xinclude.c + Reset last error in xmlCleanupGlobals + Fix certain combinations of regex range quantifiers + Fix range quantifier on subregex * Improvements: + Fix recovery from invalid HTML start tags * Build system, portability: + Define LFS macros before including system headers + Initialize XPath floating-point globals + configure: check for icu DEFS + configure.ac: produce tar.xz only (GNOME policy) + CMakeLists.txt: Fix LIBXML_VERSION_NUMBER + Fix build with older Python versions + Fix --without-valid build ==== libxml2-python ==== Version update (2.9.13 -> 2.9.14) - Update to 2.9.14: * Security: + [CVE-2022-29824] Integer overflow in xmlBuf and xmlBuffer + Fix potential double-free in xmlXPtrStringRangeFunction + Fix memory leak in xmlFindCharEncodingHandler + Normalize XPath strings in-place + Prevent integer-overflow in htmlSkipBlankChars() and xmlSkipBlankChars() + Fix leak of xmlElementContent * Bug fixes: + Fix parsing of subtracted regex character classes + Fix recursion check in xinclude.c + Reset last error in xmlCleanupGlobals + Fix certain combinations of regex range quantifiers + Fix range quantifier on subregex * Improvements: + Fix recovery from invalid HTML start tags * Build system, portability: + Define LFS macros before including system headers + Initialize XPath floating-point globals + configure: check for icu DEFS + configure.ac: produce tar.xz only (GNOME policy) + CMakeLists.txt: Fix LIBXML_VERSION_NUMBER + Fix build with older Python versions + Fix --without-valid build ==== live555 ==== Version update (2022.02.07 -> 2022.04.26) Subpackages: libBasicUsageEnvironment1 libUsageEnvironment3 libgroupsock30 libliveMedia106 - Update to 2022.04.26: * Ensure that we don't call "delete[]" on an uninitialized pointer. - Changes from version 2022.04.15: * Fixed a "fprintf()" argument-order-evaluation bug in the "mikeyParse" demo application. - Changes from version 2022.04.12: * Updated the "openRTSP" application (RTSP command-line client) to add an option '-L', meaning: receive only an "application" (e.g., 'metadata') track, if present, outputting the data to 'stdout'. ==== llvm14 ==== Version update (14.0.1 -> 14.0.3) Subpackages: clang-tools clang14 clang14-doc libLLVM14 libc++-devel libc++1 libc++abi-devel libc++abi1 libclang-cpp14 libclang13 - Update to version 14.0.3. * This release contains bug-fixes for the LLVM 14.0.0 release. This release is API and ABI compatible with 14.0.0. - Rebase llvm-do-not-install-static-libraries.patch. - Use ThinLTO with lld on i586. ==== milou5 ==== Version update (5.24.4 -> 5.24.5) Subpackages: milou5-lang - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== mozilla-nss ==== Version update (3.76.1 -> 3.77) Subpackages: libfreebl3 libfreebl3-hmac libsoftokn3 libsoftokn3-hmac mozilla-nss-certs mozilla-nss-tools - update to NSS 3.77 * Bug 1762244 - resolve mpitests build failure on Windows. * bmo#1761779 - Fix link to TLS page on wireshark wiki * bmo#1754890 - Add two D-TRUST 2020 root certificates. * bmo#1751298 - Add Telia Root CA v2 root certificate. * bmo#1751305 - Remove expired explicitly distrusted certificates from certdata.txt. * bmo#1005084 - support specific RSA-PSS parameters in mozilla::pkix * bmo#1753535 - Remove obsolete stateEnd check in SEC_ASN1DecoderUpdate. * bmo#1756271 - Remove token member from NSSSlot struct. * bmo#1602379 - Provide secure variants of mpp_pprime and mpp_make_prime. * bmo#1757279 - Support UTF-8 library path in the module spec string. * bmo#1396616 - Update nssUTF8_Length to RFC 3629 and fix buffer overrun. * bmo#1760827 - Add a CI Target for gcc-11. * bmo#1760828 - Change to makefiles for gcc-4.8. * bmo#1741688 - Update googletest to 1.11.0 * bmo#1759525 - Add SetTls13GreaseEchSize to experimental API. * bmo#1755264 - TLS 1.3 Illegal legacy_version handling/alerts. * bmo#1755904 - Fix calculation of ECH HRR Transcript. * bmo#1758741 - Allow ld path to be set as environment variable. * bmo#1760653 - Ensure we don't read uninitialized memory in ssl gtests. * bmo#1758478 - Fix DataBuffer Move Assignment. * bmo#1552254 - internal_error alert on Certificate Request with sha1+ecdsa in TLS 1.3 * bmo#1755092 - rework signature verification in mozilla::pkix ==== mutter ==== Version update (42.0 -> 42.1) - Update to version 42.1: + Send correct LEAVE events when entering windows. + Be more forgiving with wrongly sized clients. + Add ClutterInputCapabilities enum and device property. + Fall back if COPY_MODE_SECONDARY_GPU fails to init. + Fix missing root window properties after XWayland start. + wayland/shm: Add support for ABGR8888 and XBGR8888 formats. + Keep actors dirty if a redraw was queued up during paint(). + Fix overview painting of shaped texture with layer snippets. + Survive missing GAMMA_LUT KMS property. + Record current event when going through event filters. + Pass events to pointer a11y before going through filters. + Update cursor when scaled or transformed. + Fix screen cast when DMA buffer fails or can't be used. + Repick when pointer actor goes unmapped. + Improve IM support. + Allow using dumb buffers for cursor sprites. + wayland/dma-buf: Only advertise supported formats. + Fix screen cast cursor metadata with unthrottled input. + Fixed crashes. + Plugged memory leak. - Drop mutter-bail-out-on-reentry-into-map-unmap.patch and mutter-42.0-fix-top-bar-elements-hovering-effect.patch (merged upstream). ==== okteta ==== Subpackages: libKasten4 libOkteta3 libkasten-lang libokteta-lang okteta-data okteta-lang - Add okteta-rpmlintrc to silence the'shlib-policy-name-error' rpmlint error ==== oniguruma ==== Version update (6.9.7.1 -> 6.9.8) - Update to 6.9.8 - Update Unicode version 14.0.0 - Whole options - (?C) : ONIG_OPTION_DONT_CAPTURE_GROUP - (?I) : ONIG_OPTION_IGNORECASE_IS_ASCII - (?L) : ONIG_OPTION_FIND_LONGEST - Fixed some problems found by OSS-Fuzz ==== open-iscsi ==== Subpackages: iscsiuio libopeniscsiusr0_2_0 - Updated to latest upstream version, tagged 2.1.7. Changes included: * updated/fixed test script * updated build system * several bug fixes, including one for bsc#1199264 ==== openconnect ==== Version update (8.10 -> 8.20) Subpackages: libopenconnect5 openconnect-bash-completion - Update to release 8.20: * Support non-AEAD ciphersuites in DTLSv1.2 with AnyConnect. * Emulated a newer version of GlobalProtect official clients, 5.1.5-8; was 4.0.2-19 * Support Juniper login forms containing both password and 2FA token * Explicitly disable 3DES and RC4, unless enabled with - -allow-insecure-crypto * Allow protocols to delay tunnel setup and shutdown (!117) * Support for GlobalProtect IPv6 * SIGUSR1now causes OpenConnect to log detailed connection information and statistics * Allow --servercert to be specified multiple times in order to accept server certificates matching more than one possible fingerprint * Demangle default routes sent as split routes by GlobalProtect * Support more Juniper login forms, including some SSO forms * Restore compatibility with newer Cisco servers, by no longer sending them the X-AnyConnect-Platform header * Add support for PPP-based protocols, currently over TLS only. * Add support for two PPP-based protocols, F5 with - -protocol=f5 and Fortinet with --protocol=fortinet. * Add support for Array Networks SSL VPN. * Support TLSv1.3 with TPMv2 EC and RSA keys, add test cases for swtpm and hardware TPM. ==== openexr ==== Version update (3.1.4 -> 3.1.5) Subpackages: libIex-3_1-30 libIlmThread-3_1-30 libOpenEXR-3_1-30 - update to 3.1.5: * Add backwards-compatibilty flags to the core library to match original behavior of the the c++ library. Fixes reading of certain files by the new core. * Fix build failures on MSVC14 and MSVC 2022 * Fix build failure on latest 64-bit Ubuntu * Documentation refers to primary branch as "main" * Update the CI workflow matrix to VFX-CY2022 * Update auto-fetch Imath version to v3.1.5 Specific OSS-fuzz issues: * OSS-fuzz [46309](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46309) Heap-buffer-overflow in Imf_3_1::memstream_read * OSS-fuzz [46083](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46083) Out-of-memory in openexr_exrcheck_fuzzer * OSS-fuzz [45899](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45899) Integer-overflow in internal_exr_compute_chunk_offset_size * OSS-fuzz [44084](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44084) Out-of-memory in openexr_exrcheck_fuzzer ==== ovmf ==== Subpackages: qemu-uefi-aarch64 - Respin amd-sev and amd-sev-es features After more testing, we found that not all descriptors can support both amd-sev with amd-sev-es. So we removed all amd-sev and amd-sev-es feature tags but only keep them in ovmf-x86_64-2m.json and 60-ovmf-x86_64.json. (bsc#1198246#c75) ==== oxygen5 ==== Version update (5.24.4 -> 5.24.5) - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== pcaudiolib ==== Version update (1.1 -> 1.2) - Update to version 1.2 * Fix cancellation snappiness * Alsa: fixed sample_size calculation, multiply with channel count. * Fix some typos ==== php7 ==== Subpackages: php7-cli php7-ctype php7-dom php7-gd php7-gettext php7-iconv php7-json php7-mbstring php7-mysql php7-openssl php7-pdo php7-sqlite php7-tokenizer php7-xmlreader php7-xmlwriter - security update [bsc#1197644] - added patches fix https://github.com/php/php-src/commit/771dbdb319fa7f90584f6b2cc2c54ccff570492d + php7-signedness-php_filter_validate_domain.patch ==== plasma-browser-integration ==== Version update (5.24.4 -> 5.24.5) Subpackages: plasma-browser-integration-lang - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== plasma-nm5 ==== Version update (5.24.4 -> 5.24.5) Subpackages: plasma-nm5-lang plasma-nm5-openconnect plasma-nm5-openvpn plasma-nm5-pptp plasma-nm5-vpnc - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - Changes since 5.24.4: * Don't use forceActiveFocus to focus the applet toolbar ==== plasma5-addons ==== Version update (5.24.4 -> 5.24.5) Subpackages: plasma5-addons-lang - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - Changes since 5.24.4: * Remove unneeded check for comic Dataengine being valid (kde#452596) ==== plasma5-desktop ==== Version update (5.24.4 -> 5.24.5) Subpackages: plasma5-desktop-emojier - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - Changes since 5.24.4: * applets/taskmanager: Disable `reuseItems` to avoid a crash * containments/desktop/folder: remove stray qDebugs * Folder View: save desktop containment icon positions on a per-resolution basis (kde#360478,kde#354802) * applets/taskmanager: Update tooltip bindings when activating from keyboard (kde#452187) * applets/taskmanager: manually set hover: true on the tooltip highlight * Folder View: Make popup dialog wide enough for one more grid cell (kde#417539) ==== plasma5-disks ==== Version update (5.24.4 -> 5.24.5) - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== plasma5-integration ==== Version update (5.24.4 -> 5.24.5) Subpackages: plasma5-integration-plugin plasma5-integration-plugin-lang - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== plasma5-openSUSE ==== Subpackages: plasma5-defaults-openSUSE plasma5-theme-openSUSE plasma5-workspace-branding-openSUSE sddm-theme-openSUSE - Update to 5.24.5 ==== plasma5-pa ==== Version update (5.24.4 -> 5.24.5) Subpackages: plasma5-pa-lang - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - Changes since 5.24.4: * SpeakerTest: Fix subwoofer test (kde#445523) ==== plasma5-systemmonitor ==== Version update (5.24.4 -> 5.24.5) - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== plasma5-thunderbolt ==== Version update (5.24.4 -> 5.24.5) - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== plasma5-workspace ==== Version update (5.24.4 -> 5.24.5) Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-lang plasma5-workspace-libs xembedsniproxy - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - Changes since 5.24.4: * [lookandfeel] Fix collapsed width of a volume/brightness OSD on a lock screen (kde#446185) * xdgactivation: Make sure we don't call setStartupId with an x11 token * Convert old-style Favorites resources in KActivities DB (kde#385814) * runners/baloo: Add missing category "text" to file search results * applets/digital-clock: Fix date drift (kde#452554) * systemtray: Fix race in DBusServiceObserver (kde#422111) * systemdialog: also consider buttonbox for dimensions * Fix not working applet with same compact/full representation when hiding * shell/scripting: Consider current activity in `desktopForScreen` (kde#452561) * Set a sane minimum size * SystemDialog: re-add removed public properties * kcm/colors: don't dull accent colour on dark themes in colorsapplicator (kde#442820) * wallpapers/image: Use onActivated instead of onCurrentIndexChanged * appmenu: Use existing menu in compact represenation (kde#438467) * Change the text color when appmenu is selected or hovered * Don't use forceActiveFocus to set search field focus * applets/clipboard: Don't forward input to filter if it's disabled * Avoid memory leaks by misusing HistoryItem::mimeData() * A better fix for BUG 431673 * Revert "Trim very long text strings in Klipper history view" * Revert "[klipper] Use full text for DBus return values" * Revert "Fix Klipper Actions content truncation" * Revert "klipper: Add FullTextRole to get untruncated text" * Revert "klipper: Add `testTrimmedText`" * Revert "applets/clipboard: Use FullTextRole in EditPage" * Revert "applets/clipboard: Use FullTextRole in SortFilterModel" * Revert "applets/clipboard: Generate QR code from full text" ==== plymouth ==== Subpackages: libply-splash-core5 libply-splash-graphics5 libply5 plymouth-dracut plymouth-lang plymouth-plugin-label plymouth-plugin-two-step plymouth-scripts plymouth-theme-bgrt plymouth-theme-spinner - Add plymouth-log-on-default.patch: Enable plymouth log by default, help to resolve random appear problems (bsc#1193736). - Pick back patch information for label-ft. ==== polkit-kde-agent-5 ==== Version update (5.24.4 -> 5.24.5) Subpackages: polkit-kde-agent-5-lang - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== poppler ==== Version update (22.04.0 -> 22.05.0) Subpackages: libpoppler-cpp0 libpoppler-glib8 poppler-tools - update to 22.05.0: * Annotations: Make sure we embed fonts for the FreeText annots * Forms: Make sure we embedd fonts as needed * Signatures: Make sure we embed the needed fonts * CairoOutputDev: color type 3 fonts * fix two bugs in multiline find_text() * code improvements * pdftotext: added TSV mode * HtmlOutputDev: don't use png.h * Use time_t for time * Add page_transition::durationReal * Pass leftFontSize down to `FormWidgetSignature::signDocumentWithAppearence` ==== poppler-qt5 ==== Version update (22.04.0 -> 22.05.0) - update to 22.05.0: * Annotations: Make sure we embed fonts for the FreeText annots * Forms: Make sure we embedd fonts as needed * Signatures: Make sure we embed the needed fonts * CairoOutputDev: color type 3 fonts * fix two bugs in multiline find_text() * code improvements * pdftotext: added TSV mode * HtmlOutputDev: don't use png.h * Use time_t for time * Add page_transition::durationReal * Pass leftFontSize down to `FormWidgetSignature::signDocumentWithAppearence` ==== postfix ==== - Change ed requires to /usr/bin/ed: allow busybox-ed to be used inside containers. ==== powerdevil5 ==== Version update (5.24.4 -> 5.24.5) Subpackages: powerdevil5-lang - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== pwgen ==== - switch to https urls ==== python-SQLAlchemy ==== Version update (1.4.35 -> 1.4.36) - update to 1.4.36: * details on https://docs.sqlalchemy.org/en/14/changelog/changelog_14.html#change-1.4.36 * Fixed regression where the change made for #7861, released in version 1.4.33, that brought the Insert construct to be partially recognized as an ORM-enabled statement * Modified the DeclarativeMeta metaclass to pass cls.__dict__ into the declarative scanning process to look for attributes, rather than the separate dictionary passed to the type?s __init__() method * Fixed a memory leak in the C extensions which could occur when calling upon named members of Row when the member does not exist under Python 3 * Added a warning regarding a bug which exists in the Result.columns() method when passing 0 for the index in conjunction with a Result that will return a single ORM entity, which indicates that the current behavior of Result.columns() is broken in this case as the Result object will yield scalar values and not Row objects * Fixed bug where ForeignKeyConstraint naming conventions using the referred_column_0 naming convention key would not work if the foreign key constraint were set up as a ForeignKey object rather than an explicit ForeignKeyConstraint object. ==== python-bcrypt ==== Version update (3.2.0 -> 3.2.2) - update to 3.2.2: * Fixed packaging of ``py.typed`` files in wheels so that ``mypy`` works. * Added support for compilation on z/OS * The next release of ``bcrypt`` with be 4.0 and it will require Rust at compile time, for users building from source. There will be no additional requirement for users who are installing from wheels. Users on most platforms will be able to obtain a wheel by making sure they have an up to date ``pip``. The minimum supported Rust version will be 1.56.0. ==== python-httpx ==== - Add patch CVE-2021-41945-copy_with-data-leak.patch: * Do not leak data in httpx.URL.copy_with (bsc#1199002, CVE-2021-41945) ==== python-scipy ==== - With the previously added -ffloat-store, some tests that fail on i586. Disable them. - Limit double floating point precision for x87, triggered by GCC 12. Fixes test_kolmogorov.py Fatal Python error: Floating point exception which is a double floating-point test. ==== raspberrypi-firmware-dt ==== Version update (2022.02.25 -> 2022.04.24) - Use last patch commit date instead patch creation date when creating device tree archive and package version. Patch creation date could be much earlier than patch commit date, which could mislead which patches are included inside the package. For example: commit 7e72dd813a175ea7bf166655217ce60fbd7d4a21 Author: Dom Cobley AuthorDate: Tue Oct 19 14:15:45 2021 +0100 Commit: Dom Cobley CommitDate: Mon Nov 29 16:26:09 2021 +0000 dt: Move VEC clock to clk-raspberrypi Package which contain this commit was named 2021.11.19 while obviously it has changes from 2021.11.29. - Update to da91801ca1 (2022-04-24) * overlays: Fix pitft28/35-resistive rotate params * ARM: dts: Add i2c0mux node to Model B rev 1 * overlays: Add "drm" parameter to pitft28-resistive * overlays: mipi-dbi-spi: width-mm and height-mm are mandatory * Add support for the AudioInjector.net bare i2s sound card * dtoverlays: Add overlay for Sony IMX258 image sensor * ARM: dts: Enable PMU on Cortex-A72 in AArch32 state * overlays/rpi-display: Add support for DRM driver * Revert "update rpi-display-overlay.dts pins for 5.10+" * overlays: Add overlay for MIPI DBI displays * dtoverlays: Connect the backlight to the pitft35 display * overlays: iqs550: Enable interrupt pull-down * CM1&3 cam1_reg and cam1_reg_gpio fix * dtoverlay: Add VCM option to ov5647 overlay * dtoverlays: Add VCM option to imx219 * ARM: dts: bcm2711-rpi-ds: Disable the BCM2835 STC ==== re2 ==== - Use Release config so O3 is used ==== re2c ==== Version update (2.2 -> 3.0) - update to 3.0: - Added code generation backend for Rust: - Added options: + ``--loop-switch`` + ``--no-unsafe`` - Added configurations; + ``re2c:label:yyloop`` + ``re2c:unsafe`` - Renamed options to use common naming scheme. The old names are supported as aliases, so the change does not break existing code. Documentation has been updated to use new names. + ``--api`` is a new alias for ``--input`` + ``--ebcdic`` is a new alias for ``--ecb`` + ``--ucs2`` is a new alias for ``--wide-chars`` + ``--utf32`` is a new alias for ``--unicode`` + ``--utf16`` is a new alias for ``--utf-16`` + ``--utf8`` is a new alias for ``--utf-8`` + ``--header`` is a new alias for ``--type-header`` - Renamed configurations to use common naming scheme and support proper scoping under subcategories such as ``:define``, ``:label``, ``:variable``, etc. The old names are supported as aliases, so the change does not break existing code. Documentation has been updated to use new names. + ``re2c:api`` is a new alias for ``re2c:flags:input`` + ``re2c:bit-vectors`` is a new alias for ``re2c:flags:bit-vectors`` + ``re2c:case-insensitive`` is a new alias for ``re2c:flags:case-insensitive`` + ``re2c:case-inverted`` is a new alias for ``re2c:flags:case-inverted`` + ``re2c:case-ranges`` is a new alias for ``re2c:flags:case-ranges`` + ``re2c:cond:prefix`` is a new alias for ``re2c:condprefix`` + ``re2c:cond:enumprefix`` is a new alias for ``re2c:condenumprefix`` + ``re2c:computed-gotos`` is a new alias for ``re2c:flags:computed-gotos`` + ``re2c:computed-gotos:threshold`` is a new alias for ``re2c:cgoto:threshold`` + ``re2c:debug-output`` is a new alias for ``re2c:flags:debug-output`` + ``re2c:encoding:ebcdic`` is a new alias for ``re2c:flags:ecb`` + ``re2c:encoding:utf32`` is a new alias for ``re2c:flags:unicode`` + ``re2c:encoding:ucs2`` is a new alias for ``re2c:flags:wide-chars`` + ``re2c:encoding:utf16`` is a new alias for ``re2c:flags:utf-16`` + ``re2c:encoding:utf8`` is a new alias for ``re2c:flags:utf-8`` + ``re2c:encoding-policy`` is a new alias for ``re2c:flags:encoding-policy`` + ``re2c:empty-class`` is a new alias for ``re2c:flags:empty-class`` + ``re2c:header`` is a new alias for ``re2c:flags:type-header`` + ``re2c:label:prefix`` is a new alias for ``re2c:labelprefix`` + ``re2c:label:yyfill`` is a new alias for ``re2c:label:yyFillLabel`` + ``re2c:label:start`` is a new alias for ``re2c:startlabel`` + ``re2c:nested-ifs`` is a new alias for ``re2c:flags:nested-ifs`` + ``re2c:posix-captures`` is a new alias for ``re2c:flags:posix-captures`` + ``re2c:tags`` is a new alias for ``re2c:flags:tags`` + ``re2c:variable:yych:conversion`` is a new alias for ``re2c:yych:conversion`` + ``re2c:variable:yych:emit`` is a new alias for ``re2c:yych:emit`` + ``re2c:variable:yybm:hex`` is a new alias for ``re2c:yybm:hex`` + ``re2c:unsafe`` is a new alias for ``re2c:flags:unsafe`` - Added directive alias ``conditions:re2c`` for ``types:re2c``. - Multiple small changes in code generation, including some formatting changes that result in large diffs in the generated code: + Do not allocate indices for unused state labels (this results in a change in state enumeration), commits + Do not generate redundant ``YYPEEK`` statements, commit + Do not generate ``YYDEBUG`` statements for unused states labels, commit + C backend: change formatting of switch statements, commit + Go backend: render continuous character ranges in compact form, commit + Mark start and end of included .re files with line directives, commit - A fix to limit maximum allowed NFA and DFA size (to avoid out of memory crashes and stack overflows), - A fix to correctly compute fixed tags in trailing context, commit - A fix to generate non-overlapping names for s-tag and m-tag variables, commit - Infrastructural: added support for CMake presets. - Updated documentation. - Backwards-incompatible changes that are unlikely to affect any users: + Restrict lexical contexts where ``%{`` is recognized as a block start, + Emit an error when repetition lower bound exceeds upper bound, commit ==== rpm ==== Subpackages: librpmbuild9 - update rpm-shorten-changelog.diff: fix shortening of changelog, the non-primary binary packages had the full changelog - update macrosin.diff: remove binarychangelog cutoff setting, this comes from rpm-config-SUSE now ==== ruby3.1 ==== Subpackages: libruby3_1-3_1 - Do not depend on binutils-gold as it will be removed in the future as it's obsoleted. Use lld instead of it for clang build. ==== samba ==== Version update (4.16.0+git.227.931848a12ab -> 4.16.1+git.235.f435da606f7) Subpackages: libsamba-policy0-python3 samba-ad-dc-libs samba-client samba-client-libs samba-gpupdate samba-ldb-ldap samba-libs samba-libs-python3 samba-python3 samba-winbind samba-winbind-libs - Update to 4.16.1 * Share and server swapped in smbget password prompt; (bso#14831); * Durable handles won't reconnect if the leased file is written to; (bso#15022); * rmdir silently fails if directory contains unreadable files and hide unreadable is yes; (bso#15023); * SMB2_CLOSE_FLAGS_FULL_INFORMATION fails to return information on renamed file handle; (bso#15038); * Need to describe --builtin-libraries= better (compare with - -bundled-libraries); (bso#8731); * vfs_shadow_copy2 breaks "smbd async dosmode" sync fallback; (bso#14957); * shadow_copy2 fails listing snapshotted dirs with shadow:fixinodes; (bso#15035); * PAM Kerberos authentication incorrectly fails with a clock skew error; (bso#15046); * Username map - samba erroneously applies unix group memberships to user account entries; (bso#15041); * KVNO off by 100000; (bso#14951); * Uninitialized litemask in variable in vfs_gpfs module; (bso#15027); * vfs_gpfs recalls=no option prevents listing files; (bso#15055); * smbd doesn't handle UPNs for looking up names; (bso#15054); - Update update-apparmor-samba-profile script, replace non-printable delimiter with more human readable separator as sed can accept separators that can appear in the input data. ==== sharutils ==== - add sharutils-4.14.2-Pass-compilation-with-Werror-format-security.patch ==== snapper ==== Version update (0.10.1 -> 0.10.2) Subpackages: libsnapper6 snapper-zypp-plugin - fixed error handling when reading configs (gh#openSUSE/snapper#715) - version 0.10.2 ==== sqlite3 ==== Version update (3.38.2 -> 3.38.3) Subpackages: libsqlite3-0 sqlite3-devel sqlite3-tcl - update to 3.38.3: * Fix a case of the query planner be overly aggressive with optimizing automatic-index and Bloom-filter construction, using inappropriate ON clause terms to restrict the size of the automatic-index or Bloom filter, and resulting in missing rows in the output. * Other minor patches. See the timeline for details. ==== swtpm ==== Version update (0.7.2 -> 0.7.3) Subpackages: swtpm-selinux - Updated to version 0.7.3: - swtpm: - Use uint64_t in tlv_data_append() to avoid integer overflows - Use uint64_t to avoid integer wrap-around when adding a uint32_t - removed allow-FORTIFY_SOURCE=3.patch (upstreamed) ==== systemd-presets-branding-openSUSE ==== - Enable acpid (boo#1196609), its not installed by default on most systems anymore but the enlightenment desktop still uses its events to trigger various bindings and shows an error dialog when acpid is not running. ==== systemsettings5 ==== Version update (5.24.4 -> 5.24.5) Subpackages: systemsettings5-lang - Update to 5.24.5 * New bugfix release * For more details please see: * https://kde.org/announcements/plasma/5/5.24.5 - No code changes since 5.24.4 ==== unbound ==== Version update (1.14.0 -> 1.15.0) Subpackages: libunbound8 unbound-anchor - drop python2 packages - update to 1.15.0: This release has bug fixes for crashes that happened on heavy network usage. The default for the aggressive-nsec option has changed, it is now enabled. The ratelimit logic had to be reworked for the crash fixes. As a result, there are new options to control the behaviour of ratelimiting. The ratelimit-backoff and ip-ratelimit-backoff options can be used to control how severe the backoff is when the ratelimit is exceeded. The rpz-signal-nxdomain-ra option can be used to unset the RA flag, for NXDOMAIN answers from RPZ. That is used by some clients to detect that the domain is externally blocked. The RPZ option for-downstream can be used like for auth zones, this allows the RPZ zone information to be queried. That can be useful for monitoring scripts. Features - Fix #596: unset the RA bit when a query is blocked by an unbound RPZ nxdomain reply. The option rpz-signal-nxdomain-ra allows to signal that a domain is externally blocked to clients when it is blocked with NXDOMAIN by unsetting RA. - Add rpz: for-downstream: yesno option, where the RPZ zone is authoritatively answered for, so the RPZ zone contents can be checked with DNS queries directed at the RPZ zone. - Merge PR #616: Update ratelimit logic. It also introduces ratelimit-backoff and ip-ratelimit-backoff configuration options. - Change aggressive-nsec default to yes. Bug Fixes - Fix compile warning for if_nametoindex on windows 64bit. - Merge PR #581 from fobser: Fix -Wmissing-prototypes and -Wshadow warnings in rpz. - Fix validator debug output about DS support, print correct algorithm. - Add code similar to fix for ldns for tab between strings, for consistency, the test case was not broken. - Allow local-data for classes other than IN to inherit a configured local-zone's type if possible, instead of defaulting to type transparent as per the implicit rule. - Fix to pick up other class local zone information before unlock. - Add missing configure flags for optional features in the documentation. - Fix Unbound capitalization in the documentation. - Fix #591: Unbound-anchor manpage links to non-existent license file. - contrib/aaaa-filter-iterator.patch file renewed diff content to apply cleanly to the current coderepo for the current code version. - Fix to add test for rpz-signal-nxdomain-ra. - Fix #596: only unset RA when NXDOMAIN is signalled. - Fix that RPZ does not set RD flag on replies, it should be copied from the query. - Fix for #596: fix that rpz return message is returned and not just the rcode from the iterator return path. This fixes signal unset RA after a CNAME. - Fix unit tests for rpz now that the AA flag returns successfully from the iterator loop. - Fix for #596: add unit test for nsdname trigger and signal unset RA. - Fix for #596: add unit test for nsip trigger and signal unset RA. - Fix #598: Fix unbound-checkconf fatal error: module conf 'respip dns64 validator iterator' is not known to work. - Fix for #596: Fix rpz-signal-nxdomain-ra to work for clientip triggered operation. - Merge #600 from pemensik: Change file mode before changing file owner. - Fix prematurely terminated TCP queries when a reply has the same ID. - For #602: Allow the module-config "subnetcache validator cachedb iterator". - Fix EDNS to upstream where the same option could be attached more than once. - Add a region to serviced_query for allocations. - For dnstap, do not wakeupnow right there. Instead zero the timer to force the wakeup callback asap. - Fix #610: Undefine-shift in sldns_str2wire_hip_buf. - Fix #588: Unbound 1.13.2 crashes due to p->pc is NULL in serviced_udp_callback. - Merge PR #612: TCP race condition. - Test for NSID in SERVFAIL response due to DNSSEC bogus. - Fix #599: [FR] RFC 9156 (obsoletes RFC 7816), by noting the new RFC document. - Fix tls-* and ssl-* documented alternate syntax to also be available through remote-control and unbound-checkconf. - Better cleanup on failed DoT/DoH listening socket creation. - iana portlist update. - Fix review comment for use-after-free when failing to send UDP out. - Merge PR #603 from fobser: Use OpenSSL 1.1 API to access DSA and RSA internals. - Merge PR #532 from Shchelk: Fix: buffer overflow bug. - Merge PR #617: Update stub/forward-host notation to accept port and tls-auth-name. - Update stream_ssl.tdir test to also use the new forward-host notation. - Fix header comment for doxygen for authextstrtoaddr. - please clang analyzer for loop in test code. - Fix docker splint test to use more portable uname. - Update contrib/aaaa-filter-iterator.patch with diff for current software version. - Fix for #611: Integer overflow in sldns_wire2str_pkt_scan. - Change to systemd-sysusers ==== unixODBC ==== Version update (2.3.9 -> 2.3.11) - Update to 2.3.11: * Add missing files to 2.3.10 - See https://github.com/lurcher/unixODBC/issues/107 - Update to 2.3.10: * Add connection pooling via wide connection functions * Remove "#define VERSION" from unixodbc_conf.h * Call driver functions through prototypes * Add connection pool limit option * Add fseeko support in cursor lib * Try and prevent logging buffer overflow * Add 'echo' option to isql/iusql * Alter isql/iusql buffering * Alter unicode to ascii conversion in SQLGetDiagField * Fix pooling problem when user name and or password is not provided * Fix a couple of reported buffer overflow conditions * Fix iconv leak with timeout in pooled connection - Remove upstreamed patches: * unixODBC-doc-drivers.patch * unixODBC-doc-website.patch - Remove unixODBC-2.3.1-libodbcinst-exports.patch: Upstream exports more symbols now. In our patch there were still a couple more of them but we decided to drop them. See https://github.com/lurcher/unixODBC/issues/50 and https://github.com/lurcher/unixODBC/issues/8 for the discussion. - For the future be aware of different tarball content/confusing git tag for this release. Resulting in different content from tarball from website vs GitHub. See https://github.com/lurcher/unixODBC/issues/107 ==== vim ==== Version update (8.2.4745 -> 8.2.4877) Subpackages: gvim vim-data vim-data-common - Updated to version 8.2.4877, fixes the following problems - fixes CVE-2022-1381 ( boo#1198596 ) * Using wrong flag for using bell in the terminal. * Supercollider filetype not recognized. * No filetype override for .sys files. * Cannot use an imported function in a mapping. *