Packages changed: Mesa (22.2.3 -> 22.2.4) Mesa-drivers (22.2.3 -> 22.2.4) bind (9.18.8 -> 9.18.9) flatpak (1.14.0 -> 1.14.1) gssdp (1.6.1 -> 1.6.2) gstreamer-plugins-rs (0.9.alpha.1+git20221020.5c89c3d -> 0.9+git20221113.274e57a) gupnp (1.6.1 -> 1.6.2) hplip hxtools (20211204 -> 20221119) ibus libXdmcp (1.1.3 -> 1.1.4) libXpm (3.5.13 -> 3.5.14) libXrandr (1.5.2 -> 1.5.3) make mozjs102 (102.4.0 -> 102.5.0) mpfr python-Twisted python-rich (12.5.1 -> 12.6.0) python-testtools python-typing_extensions raspberrypi-firmware (2022.10.26 -> 2022.11.18) raspberrypi-firmware-config (2022.10.26 -> 2022.11.18) suse-module-tools (16.0.26 -> 16.0.27) xfce4-settings (4.16.4 -> 4.16.5) yast2-ntp-client (4.5.1 -> 4.5.2) yast2-online-update (4.5.1 -> 4.5.2) yast2-storage-ng (4.5.13 -> 4.5.14) === Details === ==== Mesa ==== Version update (22.2.3 -> 22.2.4) Subpackages: Mesa-dri-devel Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - update to 22.2.4: * clover: windows: library filename has \`-1` suffix and a \`lib` prefix when built with mingw * radv, dxvk: Rendering errors in World of Tanks after "Switch to dynamic rendering only" * gen9 gt3e/gt4e skus fail dEQP-VK.pipeline.multisample.sample_locations_ext.* * v3d: Wrong colors (pink) in videos in Firefox (likely YUV->RGB shader issue) * panfrost t860 glmark-es2 regression * radv: Flickering in Spider-Man Remastered (Regression) (Bisected) * radv: Hitman 2 using Direct3D 12 has discolored squares on RDNA2 with DCC enabled * panfrost/midgard - on Duckstation PSX emulator: segfault on GLES 3.0 and bad shader compilations on 3.3 ==== Mesa-drivers ==== Version update (22.2.3 -> 22.2.4) Subpackages: Mesa-dri Mesa-gallium Mesa-libva - update to 22.2.4: * clover: windows: library filename has \`-1` suffix and a \`lib` prefix when built with mingw * radv, dxvk: Rendering errors in World of Tanks after "Switch to dynamic rendering only" * gen9 gt3e/gt4e skus fail dEQP-VK.pipeline.multisample.sample_locations_ext.* * v3d: Wrong colors (pink) in videos in Firefox (likely YUV->RGB shader issue) * panfrost t860 glmark-es2 regression * radv: Flickering in Spider-Man Remastered (Regression) (Bisected) * radv: Hitman 2 using Direct3D 12 has discolored squares on RDNA2 with DCC enabled * panfrost/midgard - on Duckstation PSX emulator: segfault on GLES 3.0 and bad shader compilations on 3.3 ==== bind ==== Version update (9.18.8 -> 9.18.9) Subpackages: bind-doc bind-utils - Update to bind release 9.18.9 Bug Fixes: * A crash was fixed that happened when a dnssec-policy zone that used NSEC3 was reconfigured to enable inline-signing. * In certain resolution scenarios, quotas could be erroneously reached for servers, including any configured forwarders, resulting in SERVFAIL answers being sent to clients. * rpz-ip rules in response-policy zones could be ineffective in some cases if a query had the CD (Checking Disabled) bit set to 1. * Previously, if Internet connectivity issues were experienced during the initial startup of named, a BIND resolver with dnssec-validation set to auto could enter into a state where it would not recover without stopping named, manually deleting the managed-keys.bind and managed-keys.bind.jnl files, and starting named again. * The statistics counter representing the current number of clients awaiting recursive resolution results (RecursClients) could overflow in certain resolution scenarios. * Previously, the port in remote servers such as in primaries and parental-agents could be wrongly configured because of an inheritance bug. * Previously, BIND failed to start on Solaris-based systems with hundreds of CPUs. * When a DNS resource record’s TTL value was equal to the resolver’s configured prefetch “eligibility” value, the record was erroneously not treated as eligible for prefetching. ==== flatpak ==== Version update (1.14.0 -> 1.14.1) Subpackages: flatpak-zsh-completion libflatpak0 system-user-flatpak - Update to version 1.14.1: + New features: Add a httpbackend variable to flatpak.pc, allowing dependent projects like GNOME Software to detect whether they are compatible with libflatpak. + Bugs fixed: - Terminate the flatpak-session-helper and flatpak-portal services when the session ends, so that applications will not inherit outdated Wayland and X11 socket addresses. - When using fish shell, don't overwrite a previously-set XDG_DATA_DIRS. - Don't try to enable HTTP 2 if linked to a libcurl version that doesn't support it. - Stop systemd reporting the session-helper as failed when terminated by a signal. - Fix a warning when listing a document with no permissions. - Fix compilation with GLib 2.66.x (as used in Debian 11). - Fix compilation with GLib 2.58.x (as used in Debian 10). - Fix a compiler warning on 32-bit architectures. - If an app update is blocked by parental controls policies, clean up the temporary deploy directory. - Fix Autotools build with versions of gpgme that no longer provide gpgme-config(1). - When building with Autotools, be more consistent about applying compiler warning flags. - Unset $TEMP, $TEMPDIR and $TMP for apps, the same as $TMPDIR. - Treat /efi the same as /boot/efi. - Make generated files more reproducible. + Updated translations. - Add and recommend a package flatpak-remote-flathub which adds the Flathub repository (boo#1186315) ==== gssdp ==== Version update (1.6.1 -> 1.6.2) - Update to version 1.6.2: + Propagate random port up to client, partial fix for GUPnP/81 + Add manpage for sniffer. - Pass manpages=false to meson, we do not have the needed pandoc BuildRequires available for all arches/buildtargets. ==== gstreamer-plugins-rs ==== Version update (0.9.alpha.1+git20221020.5c89c3d -> 0.9+git20221113.274e57a) - Update to version 0.9+git20221113.274e57a: * Update Cargo.lock * Update versions to 0.9.1 * closedcaption: Update for deprecated chrono functions * version-helper: Update for deprecated chrono functions * Update Cargo.lock * webrtc: README: fix couple of links * webrtcsink: improve debug * ci: add trigger job and only run documentation job post-merge * ci: add integration stage and move documentation job to that * ts/udpsink: handle items in the PadSinkHandler * ts: introduce ts-audiotestsrc * ts/standalone: add new Sinks * ts/standalone: move current sink under task_sink * deny: Update * Add missing `doc` features to WebRTC plugins * fmp4mux: Make media/trak timescales configurable * ci: Update to cargo-c 0.9.14 * meson: optionalize pango dependency used by net/onvif * ndi: provide Unix fallback after 3fe9e4a207f8 * fmp4mux: Don't allow VP9 for CMAF * fmp4mux: Add initial Opus support * docs: Remove some stale entries of renamed elements * aws: Skip s3 test on Windows until we figure out why it times out * Fix various new clippy warnings * fmp4mux: For VP9, write resolution into the tkhd and include a stss box to signal that not all frames are sync samples * webrtc: Update to human_bytes 0.4 * aws: Update to aws 0.21/0.51 * fmp4mux: Remove unused uuid dependency * Update Cargo.lock * fmp4mux: Clip negative PTS to zero/last PTS instead of erroring out * fmp4mux: Send force-keyunit events for now if the ideal position has already passed * fmp4mux: Add debug log when writing the mfra box * fmp4mux: Reset timing infos to None if a stream only contained gap events for a whole fragment * fmp4mux: If a stream is longer than the main stream at EOS, simply include all of its buffers in the last fragment nonetheless * whipsink: Add object to debug logs * fmp4mux: don't require dts for predictive-only formats like vp9 * aws: fix title in README * deny: Update * fmp4: add support for muxing VP9 streams in cmaf, dash and iso fmp4 * Add Cargo.lock * Update to release versions of gtk-rs and gstreamer-rs * Update versions to 0.9.0 * Update to async-tungstenite 0.18 * pngenc: Encode every frame individually * ts/pad: use `gst::Pad` in handlers trait functions... * ts/pad: don't pass self as ref in remaining handler traits functions * textwrap: Update to textwrap 0.16 * Move from `imp.instance()` to `imp.obj()` * Remove `&` for `obj` in log macros * Update docs * Add all missing plugins/elements to the README.md * Fix GObject type names, GStreamer debug category names and element factory names * Add new mux subdirectory for container formats * rtp: Move GCC bandwidth estimation element from webrtc to rtp plugin * Make GStreamer plugin/crate/library/directory names and descriptions consistent * Rename rtpav1 plugin to just rtp * videocompare: Update README with reference * Sort members in Cargo.toml and meson.build alphabetically and the same in both files * Various minor cleanups * meson: Fix warning * videocompare: Fix warning * Take advantage of `Into>` args * onvifmetadatacombiner: On timeout don't wait for metadata to arrive anymore but output the current video frame * onvifmetadatacombiner: Add a lot of trace debug output * spotifyaudiosrc: convert to PushSrc ==== gupnp ==== Version update (1.6.1 -> 1.6.2) - Update to version 1.6.2: + Add test for issue 81. + Bugs fixed in this release: - https://gitlab.gnome.org/GNOME/gupnp/issues/81 ==== hplip ==== Subpackages: hplip-hpijs hplip-sane hplip-udev-rules - Update disable_hp-upgrade.patch: Log the 'openSUSE disabled this for security message' is 'info', not 'error'. ==== hxtools ==== Version update (20211204 -> 20221119) Subpackages: fd0ssh ofl - Update to release 20221119 * vfontas: add "copy" operation * smm: new utility "palcomp" * vfontas: implement aspect ratio correction for SFD output ==== ibus ==== Subpackages: ibus-dict-emoji libibus-1_0-5 typelib-1_0-IBus-1_0 - Switch to use systemd service file to start ibus daemon * Fix boo#1201421 * Add ibus-ui-gtk3-restart-via-systemd.patch * Enable ibus-autostart for xdg-autostart-generator ==== libXdmcp ==== Version update (1.1.3 -> 1.1.4) Subpackages: libXdmcp-devel libXdmcp6 - Update to version 1.1.4 * Update configure.ac bug URL for gitlab migration * gitlab CI: add a basic build test * Fix build on Solaris 11.3.0 - 11.3.8 * Fix spelling/wording issues * gitlab CI: enable doc builds in basic build test * Use memcpy() instead of memmove() when buffers are known not to overlap * arc4random_buf: Only declare ret if HAVE_GETENTROPY is defined * XdmcpDisposeARRAYofARRAY8: Reduce scope of i * Only link with libbsd if needed for arc4random_buf() * Switch from libbsd to libbsd-overlay ==== libXpm ==== Version update (3.5.13 -> 3.5.14) Subpackages: libXpm-devel libXpm4 - Update to version 3.5.14 * Fix spelling/wording issues * man: strip trailing whitespace * gitlab CI: add a basic build test * man pages: Make file names consistent with their displayed names * man pages: Fix shadow man pages * man pages: Make function synopses more consistent with other pages * man pages: Add missing word 'function' where needed * man pages: Fix typos * man pages: Correct Copyright/License notices * add man pages based on doc/xpm.PS * update man pages ==== libXrandr ==== Version update (1.5.2 -> 1.5.3) - Update to version 1.5.3 * Fix spelling/wording issues * gitlab CI: add a basic build test * Xrandr.h: remove misleading comment for XRRGetScreenSizeRange() * XRRGetProviderInfo: Remove unneeded ProviderInfoExtra * Variable scope reductions as recommended by cppcheck * Remove unnecessary casts of return values from malloc() ==== make ==== - reset-sigpipe.patch: Removed - sigpipe-fatal.patch: Handle SIGPIPE as a fatal signal ==== mozjs102 ==== Version update (102.4.0 -> 102.5.0) - Update to version 102.5.0: + Various stability, functionality, and security fixes. + CVE-2022-45403: Service Workers might have learned size of cross-origin media files. + CVE-2022-45404: Fullscreen notification bypass. + CVE-2022-45405: Use-after-free in InputStream implementation. + CVE-2022-45406: Use-after-free of a JavaScript Realm. + CVE-2022-45408: Fullscreen notification bypass via windowName. + CVE-2022-45409: Use-after-free in Garbage Collection. + CVE-2022-45410: ServiceWorker-intercepted requests bypassed SameSite cookie policy. + CVE-2022-45411: Cross-Site Tracing was possible via non-standard override headers. + CVE-2022-45412: Symlinks may resolve to partially uninitialized buffers. + CVE-2022-45416: Keystroke Side-Channel Leakage. + CVE-2022-45418: Custom mouse cursor could have been drawn over browser UI. + CVE-2022-45420: Iframe contents could be rendered outside the iframe. + CVE-2022-45421: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5. ==== mpfr ==== - package license files correctly ==== python-Twisted ==== Subpackages: python310-Twisted python310-Twisted-tls - Skip rpmlint error python-tests-in-package. ==== python-rich ==== Version update (12.5.1 -> 12.6.0) - change Source URL to https://files.pythonhosted.org - change Upstream URL to https://github.com/Textualize/rich - add _service file to easily download this - remove CHANGELOG.md, as this is not present in the PyPI tarball - Update to 12.6.0: * Added - Parse ANSI escape sequences in pretty repr #2470 - Add support for FORCE_COLOR env var #2449 - Allow a max_depth argument to be passed to the install() hook #2486 - Document using None as name in __rich_repr__ for tuple positional args #2379 - Add font_aspect_ratio parameter in SVG export https://github.com/Textualize/rich/pull/2539/files - Added Table.add_section method. #2544 * Fixed - Handle stdout/stderr being null #2513 - Fix NO_COLOR support on legacy Windows #2458 - Fix pretty printer handling of cyclic references #2524 - Fix missing mode property on file wrapper breaking uploads via requests #2495 - Fix mismatching default value of parameter ensure_ascii #2538 - Remove unused height parameter in Layout class #2540 - Fixed exception in Syntax.rich_measure for empty files * Changed - Removed border from code blocks in Markdown ==== python-testtools ==== - Skip rpmlint error python-tests-in-package. ==== python-typing_extensions ==== - Back to multibuild: remove python-testsuite from buildcycle, because of setuptools_scm closing it at the other end. ==== raspberrypi-firmware ==== Version update (2022.10.26 -> 2022.11.18) - Update to b8a7365 (2022-11-18): * firmware: arm_loader: Improvements to Compute Module audio See: https://forums.raspberrypi.com/viewtopic.php?p=2052680 * firmware: arm_loader: Fix GPIO bank 1 support See: #1756 ==== raspberrypi-firmware-config ==== Version update (2022.10.26 -> 2022.11.18) - Update to b8a7365 (2022-11-18): * firmware: arm_loader: Improvements to Compute Module audio See: https://forums.raspberrypi.com/viewtopic.php?p=2052680 * firmware: arm_loader: Fix GPIO bank 1 support See: #1756 ==== suse-module-tools ==== Version update (16.0.26 -> 16.0.27) - Update to version 16.0.27: * 80-hotplug-cpu-mem.rules: use CONST{arch} (bsc#1204423) ==== xfce4-settings ==== Version update (4.16.4 -> 4.16.5) Subpackages: xfce4-settings-color xfce4-settings-lang - Update to version 4.16.5 * Fix regression introduced in 4.16.4: "exo-open" not working for paths with spaces inside (gxo#xfce/xfce4-settings#403) ==== yast2-ntp-client ==== Version update (4.5.1 -> 4.5.2) - Fix the netconfig executable path using /sbin/netconfig instead of /usr/sbin/netconfig which is not available in SLE-15-SP5 (bsc#1205401) - 4.5.2 ==== yast2-online-update ==== Version update (4.5.1 -> 4.5.2) Subpackages: yast2-online-update-frontend - bsc#1204907 - Dropped old workaround from 2.13.15 with unconditional refresh of all repositories. - 4.5.2 ==== yast2-storage-ng ==== Version update (4.5.13 -> 4.5.14) - GuidedProposal: support for LUKS2 encryption with a configurable PBKDF to be used by D-Installer (related to jsc#PED-2182). - 4.5.14