Packages changed: 7zip apache2 apache2-manual apache2-prefork apache2-utils ark bash (5.2.12 -> 5.2.15) brltty cppcheck (2.9 -> 2.9.3) cracklib (2.9.7 -> 2.9.8) dracut (057+suse.351.ge78c8ff6 -> 057+suse.353.g6dab83eb) elfutils-debuginfod exiv2 freerdp gcc13 (12.2.1+git537 -> 13.0.0+git197351) git gnutls groff groff-full gtkmm3 gucharmap (14.0.3 -> 15.0.2) highway irqbalance krb5 libcroco libguestfs libjxl libqt5-qtbase (5.15.7+kde167 -> 5.15.7+kde177) libqt5-qtdeclarative (5.15.7+kde18 -> 5.15.7+kde25) libqt5-qtquickcontrols2 (5.15.7+kde6 -> 5.15.7+kde7) libreoffice libtool libwnck linux-glibc-devel (6.0 -> 6.1) mozilla-nss (3.84 -> 3.85) mozjs102 (102.5.0 -> 102.6.0) mpc (1.2.1 -> 1.3.0) nano (7.0 -> 7.1) open-vm-tools (12.1.0 -> 12.1.5) openconnect (8.20 -> 9.01) openssh openssl-1_1 openssl-3 osinfo-db (20221018 -> 20221130) ovmf pipewire (0.3.62 -> 0.3.63) procps python-anyio python-importlib-resources (5.10.0 -> 5.10.1) python-pycares (4.2.2 -> 4.3.0) rsyslog (8.2210.0 -> 8.2212.0) selinux-policy shadow shotwell (0.31.5 -> 0.31.7) speech-dispatcher (0.10.2 -> 0.11.4) sqlite3 webkit2gtk3 webkit2gtk3-soup2 xfsdump (3.1.11 -> 3.1.12) xlockmore xorg-x11-server xscreensaver (6.05.1 -> 6.06) xwayland xz yast2-add-on (4.5.2 -> 4.5.3) yast2-packager (4.5.8 -> 4.5.9) yast2-trans (84.87.20221203.a7355e12ff -> 84.87.20221210.680714a939) zlib === Details === ==== 7zip ==== - build for x86_64 subarchs the same way like for baseline ==== apache2 ==== - switch to pkgconfig(zlib) so that alternative providers can be used ==== apache2-manual ==== - switch to pkgconfig(zlib) so that alternative providers can be used ==== apache2-prefork ==== - switch to pkgconfig(zlib) so that alternative providers can be used ==== apache2-utils ==== - switch to pkgconfig(zlib) so that alternative providers can be used ==== ark ==== Subpackages: libkerfuffle22 - switch to pkgconfig(zlib) so that alternative providers can be used ==== bash ==== Version update (5.2.12 -> 5.2.15) Subpackages: bash-doc bash-sh - Add upstream patches * bash52-013 Bash can leak memory when referencing a non-existent associative array element. * bash52-014 Bash defers processing additional terminating signals when running the EXIT trap while exiting due to a terminating signal. This patch allows the new terminating signal to kill the shell immediately. * bash52-015 There are several cases where bash is too aggressive when optimizing out forks in subshells. For example, `eval' and traps should never be optimized. ==== brltty ==== Subpackages: brltty-driver-at-spi2 brltty-driver-brlapi brltty-driver-speech-dispatcher brltty-driver-xwindow libbrlapi0_8 python3-brlapi system-user-brltty xbrlapi - Use tmpfiles_create_package - Use sysuser-tools unconditionally (bsc#1205161) ==== cppcheck ==== Version update (2.9 -> 2.9.3) - update to 2.9.3: * various GUI and premium feature handling bugfixes ==== cracklib ==== Version update (2.9.7 -> 2.9.8) Subpackages: libcrack2 - update to 2.9.8: * rules: Drop using register keyword * add exec perms * translation updates * Use what's in the build environment and use a current autoconf * util/Makefile.am: fix link with lintl * Force grep to treat the input as text when formatting word files ==== dracut ==== Version update (057+suse.351.ge78c8ff6 -> 057+suse.353.g6dab83eb) Subpackages: dracut-mkinitrd-deprecated - Update to version 057+suse.353.g6dab83eb: * revert(fips): check for fipscheck in libexec (bsc#1206431) ==== elfutils-debuginfod ==== Subpackages: debuginfod-profile libdebuginfod1 - Remove dependency to not used sysconfig package - Weaken systemd dependency, no hard requires necessary ==== exiv2 ==== - switch to pkgconfig(zlib) so that alternative providers can be used ==== freerdp ==== Subpackages: libfreerdp2-2 libwinpr2-2 - Complement fix for -DBUILTIN_CHANNELS=OFF to fix freerdp-proxy accessing librdpgfx-client.so: freerdp-fix-rpath-settings.diff Fixes second part of bnc#1205595. ==== gcc13 ==== Version update (12.2.1+git537 -> 13.0.0+git197351) Subpackages: libasan8 libatomic1 libgcc_s1 libgfortran5 libgomp1 libhwasan0 libitm1 liblsan0 libobjc4 libstdc++6 libstdc++6-locale libstdc++6-pp libtsan2 libubsan1 - check each header separately - Redo floatn fixinclude pick-up to simply keep what is there. - Bump to 0a43f7b1a73c8e3b9cefffe430274d0a3d6d3291, git197351. - Bump libgo SONAME to libgo22. - Do not package libhwasan for biarch (32-bit architecture) as the extension depends on 64-bit pointers. - Sync cross.spec.in changes from gcc12 package. - Bump to 380d62c14c99d8df13b7a86660e7ee67d01ad827, git197210. - Adjust floatn fixincludes guard to work with SLE12 and earlier SLE15. - Bump to de144fdab17dbbb64ccb540056ab78b4ffb3fbbc, git197173. - Depend on at least LLVM 13 for GCN cross compiler. - Bump to 4304e09a1617bcf1c87f5bc96017ae5017379d75, git197155. - Rebase gcc44-rename-info-files.patch. - Bump to d13c359a49291f0a1206adbad4065677010b7e4b, git197143. - Sync changes from gcc12 package - Update embedded newlib to version 4.2.0 * includes newlib-4.1.0-aligned_alloc.patch - Allow cross-pru-gcc12-bootstrap for armv7l architecture. PRU architecture is used for real-time MCUs embedded into TI armv7l and aarch64 SoCs. We need to have cross-pru-gcc12 for armv7l in order to build both host applications and PRU firmware during the same build. - Bump to 2b0ae7fb91f64fb005abf7d7903fd4c0764bb45c, git197102. - Handle new libstdc++exp.a lib. - Bump to 5c0d171f67d082c353ddc319859111d3b9126c17, git196938. - Add 2 new headers. - Bump to b457b779427b0f7b3fbac447811c9c52db5bc79e, git196485. ==== git ==== Subpackages: git-core git-email git-gui git-svn git-web gitk perl-Git - switch to pkgconfig(zlib) so that alternative providers can be used ==== gnutls ==== Subpackages: libgnutls-dane0 libgnutls30 libgnutls30-hmac - switch to pkgconfig(zlib) so that alternative providers can be used ==== groff ==== - set doc-default-operating-system and doc-volume-operating-system to $PRETTY_NAME [bsc#1185613] ==== groff-full ==== Subpackages: gxditview - set doc-default-operating-system and doc-volume-operating-system to $PRETTY_NAME [bsc#1185613] ==== gtkmm3 ==== - Drop baselibs.conf: there is no known consumer of the -32bit package. ==== gucharmap ==== Version update (14.0.3 -> 15.0.2) Subpackages: libgucharmap_2_90-7 - Update to version 15.0.2: + metainfo: Add screenshots and link them from metainfo. + build: Use GNOME module post_install(). + all: Update to unicode 15.0.0. + Updated translations. ==== highway ==== - Added missing baselibs.conf so that 32bit library packages become available ==== irqbalance ==== Subpackages: irqbalance-ui - build for x86_64 subarchs the same way like for baseline ==== krb5 ==== Subpackages: krb5-client - Drop 0009-Fix-KDC-null-deref-on-TGS-inner-body-null-server.patch, already fixed in release 1.20.0 ==== libcroco ==== - Drop baselibs.conf: there is no known consumer of the -32bit package. ==== libguestfs ==== Subpackages: libguestfs-xfs libguestfs0 - Fix build with RPM 4.18: rpm wants to do a proper cleanup, and fails on the design choice to have /usr/lib65 without write permission. As we already tar'ed the content up, we can simply change the permissions of winsupport's content to allow proper erasing. - Enable build on riscv64 ==== libjxl ==== - Added missing baselibs.conf so that 32bit library packages become available ==== libqt5-qtbase ==== Version update (5.15.7+kde167 -> 5.15.7+kde177) Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5OpenGL5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-mysql libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 libqt5-qtbase-platformtheme-gtk3 - Update to version 5.15.7+kde177: * Fix wrong to linear conversion * QKeySequence: Add missing modifier names * Scale BMP color samples with periodic bit expansion * Send accessible focus event after list view has focus * update function argument of SSL_CTX_set_options * Openssl backend: reinsert a missing C in qCDebug * Annotate QMutex with TSAN annotations * Handle allocation failure in QImage rotate 90/180/270 functions * xcb: Replace qCWarning by qCDebug in QXcbConnection::printXcbError() * a11y: support GetAccessibleId for at-spi - Drop patches, now upstream: * 0001-Fix-wrong-to-linear-conversion.patch ==== libqt5-qtdeclarative ==== Version update (5.15.7+kde18 -> 5.15.7+kde25) - Update to version 5.15.7+kde25: * Make QaccessibleQuickWidget private API * a11y: track item enabled state * QQuickItem: avoid emitting signals during destruction * Send ObjectShow event for visible components after initialized * Implement accessibility for QQuickWidget * Fix build after 95290f66b806a307b8da1f72f8fc2c69801933d0 * Don't convert QByteArray in `startDrag` ==== libqt5-qtquickcontrols2 ==== Version update (5.15.7+kde6 -> 5.15.7+kde7) Subpackages: libQt5QuickControls2-5 libQt5QuickTemplates2-5 - Update to version 5.15.7+kde7: * Fix the popup position of a Menu ==== libreoffice ==== Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-en libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit - Use fixmath shared library * use-fixmath-shared-library.patch ==== libtool ==== Subpackages: libltdl7 - switch to pkgconfig(zlib) so that alternative providers can be used ==== libwnck ==== Subpackages: libwnck-3-0 typelib-1_0-Wnck-3_0 - Drop baselibs.conf: there is no known consumer of the -32bit package. ==== linux-glibc-devel ==== Version update (6.0 -> 6.1) - Update to kernel headers 6.1 ==== mozilla-nss ==== Version update (3.84 -> 3.85) Subpackages: libfreebl3 libfreebl3-hmac libsoftokn3 libsoftokn3-hmac mozilla-nss-certs mozilla-nss-tools - update to NSS 3.85 * bmo#1792821 - Modification of the primes.c and dhe-params.c in order to have better looking tables * bmo#1796815 - Update zlib in NSS to 1.2.13 * bmo#1796504 - Skip building modutil and shlibsign when building in Firefox * bmo#1796504 - Use __STDC_VERSION__ rather than __STDC__ as a guard * bmo#1796407 - Fix -Wunused-but-set-variable warning from clang 15 * bmo#1796308 - Fix -Wtautological-constant-out-of-range-compare and -Wtype-limits warnings * bmo#1796281 - Followup: add missing stdint.h include * bmo#1796281 - Fix -Wint-to-void-pointer-cast warnings * bmo#1796280 - Fix -Wunused-{function,variable,but-set-variable} warnings on Windows * bmo#1796079 - Fix -Wstring-conversion warnings * bmo#1796075 - Fix -Wempty-body warnings * bmo#1795242 - Fix unused-but-set-parameter warning * bmo#1795241 - Fix unreachable-code warnings * bmo#1795222 - Mark _nss_version_c unused on clang-cl * bmo#1795668 - Remove redundant variable definitions in lowhashtest * Add note about python executable to build instructions. ==== mozjs102 ==== Version update (102.5.0 -> 102.6.0) - Update to version 102.6.0: + Various stability, functionality, and security fixes. + CVE-2022-46880: Use-after-free in WebGL. + CVE-2022-46872: Arbitrary file read from a compromised content process. + CVE-2022-46881: Memory corruption in WebGL. + CVE-2022-46874: Drag and Dropped Filenames could have been truncated to malicious extensions. + CVE-2022-46875: Download Protections were bypassed by .atloc and .ftploc files on Mac OS. + CVE-2022-46882: Use-after-free in WebGL. + CVE-2022-46878: Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6. ==== mpc ==== Version update (1.2.1 -> 1.3.0) - Add mpc-1.3.0-gmpdep.patch to avoid dependence on stdio.h when including mpc.h - Update to version 1.3.0. * New function: mpc_agm * New rounding modes "away from zero", indicated by the letter "A" and corresponding to MPFR_RNDA on the designated real or imaginary part. * New experimental ball arithmetic. * New experimental function: mpc_eta_fund * Bug fixes: - mpc_asin for asin(z) with small |Re(z)| and tiny |Im(z)| - mpc_pow_fr: sign of zero part of result when the base has up to sign the same real and imaginary part, and the exponent is an even positive integer - mpc_fma: the returned int value was incorrect in some cases (indicating whether the rounded real/imaginary parts were smaller/equal/greater than the exact values), but the computed complex value was correct. ==== nano ==== Version update (7.0 -> 7.1) - update to 7.1: * When --autoindent and --breaklonglines are combined, pressing at a specific position no longer eats characters. ==== open-vm-tools ==== Version update (12.1.0 -> 12.1.5) Subpackages: libvmtools0 open-vm-tools-desktop - Don't list libgrpc++, libgrpc, and libprotobuf in the containerinfo Requires section. The dependencies will be added automatically. - Don't use new LDFLAGS, -labsl_synchronization -lgpr, when building for SLE. - Add containerInfo plugin (jsc-PED-1344) - Add dependencies on grpc, protobuf, and containerd for container introspection - Added patches (jsc-PED-1344) + detect-suse-location.patch - Add _service to handle open-vm-tools sources - Update to 12.1.5 (build 20735119) (boo#1205962) - A number of Coverity reported issues have been addressed. - The deployPkg plugin may prematurely reboot the guest VM before cloud-init has completed user data setup. If both the Perl based Linux customization script and cloud-init run when the guest VM boots, the deployPkg plugin may reboot the guest before cloud-init has finished. The deployPkg plugin has been updated to wait for a running cloud-init process to finish before the guest VM reboot is initiated. This issue is fixed in this release. - A SIGSEGV may be encountered when a non-quiesing snapshot times out. This issue is fixed in this release. - Unwanted vmtoolsd service error message if not on a VMware hypervisor. When open-vm-tools comes preinstalled in a base Linux release, the vmtoolsd services are started automatically at system start and desktop login. If running on physical hardware or in a non-VMware hypervisor, the services will emit an error message to the Systemd's logging service before stopping. This issue is fixed in this release. ==== openconnect ==== Version update (8.20 -> 9.01) Subpackages: libopenconnect5 openconnect-bash-completion - Update to release 9.01: * Add support for AnyConnect "Session Token Re-use Anchor Protocol" (STRAP) * Add support for AnyConnect "external browser" SSO mode * Bugfix RSA SecurID token decryption and PIN entry forms, broken in v8.20 * Support Cisco's multiple-certificate authentication * Revert GlobalProtect default route handling change from v8.20 * Support split-exclude routes for Fortinet * Add webview callback and SAML/SSO support for AnyConnect, GlobalProtect ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - limit to openssl < 3.0 as this version is not compatible (bsc#1205042) next version update will fix it ==== openssl-1_1 ==== Subpackages: libopenssl1_1 libopenssl1_1-hmac - POWER10 performance enhancements for cryptography [jsc#PED-512] * openssl-1_1-AES-GCM-performance-optimzation-with-stitched-method.patch * openssl-1_1-Fixed-counter-overflow.patch * openssl-1_1-chacha20-performance-optimizations-for-ppc64le-with-.patch * openssl-1_1-Fixed-conditional-statement-testing-64-and-256-bytes.patch * openssl-1_1-Fix-AES-GCM-on-Power-8-CPUs.patch ==== openssl-3 ==== - Fix X.509 Policy Constraints Double Locking [bsc#1206374, CVE-2022-3996] * Add patch: openssl-3-Fix-double-locking-problem.patch ==== osinfo-db ==== Version update (20221018 -> 20221130) - Update to database version 20221130 osinfo-db-20221130.tar.xz - Add support for SLE Micro 5.4 add-slem5.4-support.patch - Fix value add-slem5.3-support.patch ==== ovmf ==== Subpackages: qemu-uefi-aarch64 - Add ovmf-OvmfPkg-PlatformInitLib-Fix-integrity-checking-faile.patch to avoid "NvVarStore Variable header State was invalid" issue when rebooting or booting second time. System hangs when booting. (bsc#1206078) The error message in ovmf log: Select Item: 0x19 Select Item: 0x25 Reserved variable store memory: 0x7FF7C000; size: 528kb NvVarStore Variable header State was invalid. ASSERT /home/abuild/rpmbuild/BUILD/edk2-edk2-stable202211/OvmfPkg/Library/PlatformInitLib/Platform.c(807): ((BOOLEAN)(0==1)) ==== pipewire ==== Version update (0.3.62 -> 0.3.63) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Update to version 0.3.63: * Highlights - Fix a critical bug that causes audio distortion in some cases when using AVX2. - Fix a crash in mpv caused by deinit of PipeWire. - Resample the convolver IR to match the graph samplerate for better results. - Many more small bugfixes and improvements. * PipeWire - Fix a segfault in the PipeWire deinit code triggered by mpv in some cases. - Fix docs about SPA_PLUGIN_DIR. - Always dlclose by default (even under valgrind). Add an option with PIPEWIRE_DLCLOSE to select alternative behaviour. - Improve PIPEWIRE_DEBUG category handling. * modules - Resample the IR for the convolver when the IR samplerate and graph rate don't match. * SPA - Handle spurious reads from timerfd gracefully. - Fix potential stack-use-after-scope when starting Audacity. - Fix distorted audio when using AVX2. - Remove fallback to default channel map in channelmix. - Improve sorting of MIDI events, use the same order as Ardour. - Enable LFE downmixing by default. - Make IEC958/AC3 and IEC958/DTS work better by enforcing a fixed minimal buffering for the encoder to avoid stuttering. * Pulse-Server - Add a new pulse.cmd config section to execute pulse commands, currently only for loading modules. This removes the dependency on pactl. - Improve debug of messages. - Rebase reduce-meson-dependency.patch. - Add patch to add channel-map in the echo-cancel module: * 0001-pulse-server-add-channel-map-in-echo-cancel-module.patch ==== procps ==== Subpackages: libprocps8 - Extend patch procps-3.3.17-library-bsc1181475.patch (bsc#1206412) - Make sure that correct library version is installed (bsc#1206412) ==== python-anyio ==== - Skip trio exception tests for now * https://github.com/agronholm/anyio/issues/508 * https://github.com/agronholm/anyio/commit/787cb0c2e53c2a3307873d202fbd49dc5eac4e96 ==== python-importlib-resources ==== Version update (5.10.0 -> 5.10.1) - Update to v5.10.1 * v5.10.1 [#274]: Fixed ResourceWarning in _common. ==== python-pycares ==== Version update (4.2.2 -> 4.3.0) - Update to version 4.3.0 * Bump cibuildwheel to build for Python 3.11 + CI total time speedups by @Jackenmen in #174 Fix tests that depended on external sites by @Jackenmen in #180 Complete the Python 3.11 support by @Jackenmen in #179 Drop CPython 3.6 by @saghul in #181 Improve test compatibility with pytest by @saghul in #182 Update c-ares submodule to 1.18.1 by @saghul in #183 ==== rsyslog ==== Version update (8.2210.0 -> 8.2212.0) - Upgrade to rsyslog 8.2212.0 * 2022-12-05: testbench: make python http server based tests more reliable * 2022-12-05: omprog bugfix: invalid status handling at called program startup * 2022-11-29: testbench bugfix: wrong message injection object of instance 1 * 2022-11-21: rsyslog.conf man page bugfix: description of selectors * 2022-11-18: imtcp bugfix: legacy config directives did no longer work * 2022-11-16: ksi bugfix: sending of too many signing requests fixed. * 2022-11-14: bugfix: prevent potential segfault when switchung to queue emergency mode * 2022-11-02: imjournal: add second fallback to _COMM * 2022-10-25: core bugfix: local hostname invalid if no global() config object given * 2022-10-25: testbench bugfix: fixed timing issue that sometimes lead to test failure ==== selinux-policy ==== Subpackages: selinux-policy-targeted - Added fix_ipsec.patch: Allow AF_ALG socket creation for strongswan (bnc#1206445) - Added policy for wicked scripts under /etc/sysconfig/network/scripts (bnc#1205770) - Add fix_sendmail.patch * fix context of custom sendmail startup helper * fix context of /var/run/sendmail and add necessary rules to manage content in there ==== shadow ==== Subpackages: libsubid4 login_defs - bsc#1205502: Fix useradd audit event logging of ID field * Add shadow-audit-no-id.patch ==== shotwell ==== Version update (0.31.5 -> 0.31.7) - Update to version 0.31.7: + Actually run database upgrade necessary for date/time changes. + Fix comparing unset date/time values. - Changes from version 0.31.6: + Improved interaction when exporting files that end up with a similar name. + Google Photos: Fix batch uploading. + Tumblr: Fix not remembering login credentials. + Improve handling of images that do not have a GPS altitude. + Have import from folder follow symlinks. + Add an user interface to interact with the new profile feature. + Make a couple of UI strings clearer. + Remove video interpreter state handling - completely broken and potentially responsible for causing indefinite re-checking of video files. + Improve touchpad scaling vs scrolling. + Always enable face tagging. Face detection and recognition is still opt-in on compile time due to the rather large OpenCV dependency. + Support creating hierarchical tags by using /a/sytax/with/slashes. + Use libportal to implement SendTo and Wallpaper settings. + Initial support for having multiple accounts per publishing service. So far only works for Piwigo instances. + Create a new plugin preferences panel (prepare for account management). + Convert all publishing processes to async libsoup3. With HTTPS/2 becoming more prominent, the old method broke really hard and was a bad habit anyway. + Fix an issue with the Saturation slider. + Remove a bunch of deprecated calls. + Remove deprecated date/time handling. Use DateTime more or less everywhere. + Allow media to have exposure dates before 1.1.1970 00:00. + Updated translations. - Drop -Dextra_plugins=true meson parameter: no longer supported. - Drop pkgconfig(gdk-3.0) BuildRequires: no longer needed. - Add pkgconfig(libportal-gtk3) BuildRequires: new dependency. ==== speech-dispatcher ==== Version update (0.10.2 -> 0.11.4) Subpackages: libspeechd2 python3-speechd - Update to version 0.11.4: - Update CLDR to version 42 and symbols from NVDA. - Fix audio plugin loading with dlopen. - Fix atomicity of getting reply in threaded mode. - Changes from 0.11.3: - Fix back DefaultModule configuration. - pico: Avoid falling to english when passed a bogus voice name. - espeak: Fix setting voice type. - Changes from 0.11.2: - Fix loading xx-yy locales. - Various memory leaks fixes. - Add mimic3 configuration file. - pico: Fix setting language vs voice. - Make sure that modules report a list of voices. - Update CLDR to version 41, symbols from NVDA and orca. - Allow building without ltdl. - Re-enable SSML in espeak-ng-mbrola module. - Changes from 0.11.1: - Add SPEECHD_PLUGIN_DIR environment variable. - Fix listing voices of the default module. - Changes from 0.11 - Support playing audio through the server. - modules: Add support for loading from user's .local/libexec/speech-dispatcher. - symbols: Process symbols.dic before emojis.dic. - symbols: Enable speechd symbols processing by default. - modules: Moved speech dispatcher modules to /usr/libexec/speech-dispatcher-modules - espeak-ng: Add support for mbrola voices. - mary: Add auto-detection. - mary: Add newer voices. - mary: Add volume, pitch, and rate support. - ivona: Add auto-detection. - festival: Strip head silence. - generic: Add DefaultVoice option. - es_ES: Add some gender neutral rules. - Add SPEECHD_CMD environment variable. - modules: Rewrite main functions with BSD licence, to let proprietary modules easily reuse this as a basis. - modules: Add skeletons ready for use as a basis for new modules. - Add script to run speechd from the build tree. - Update CLDR to version 39, symbols from NVDA and orca. - Add Esperanto translation. - Sort modules by quality, let the best quality module be the default. - Rebase harden_speech-dispatcherd.service.patch. - Migration to /usr/etc: Saving user changed configuration files in /etc and restoring them while an RPM update. - Added hardening to systemd service(s) (bsc#1181400). Added patch(es): * harden_speech-dispatcherd.service.patch ==== sqlite3 ==== Subpackages: libsqlite3-0 sqlite3-tcl - bsc#1206337, CVE-2022-46908, sqlite-CVE-2022-46908.patch: relying on --safe for execution of an untrusted CLI script ==== webkit2gtk3 ==== Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Add upstream patch b7ac5d0c.patch: Fix build with Ruby 3.2. ==== webkit2gtk3-soup2 ==== Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles - Add upstream patch b7ac5d0c.patch: Fix build with Ruby 3.2. ==== xfsdump ==== Version update (3.1.11 -> 3.1.12) - update to 3.1.12: * xfsrestore: fix on-media inventory media unpacking * xfsrestore: fix on-media inventory stream unpacking * xfsdump: fix on-media inventory stream packing * xfsrestore: untangle inventory unpacking logic ==== xlockmore ==== - Install resource files in /usr/lib/X11/app-defeaults/XLock instead of /usr/share. Fixes bsc#1204597 ==== xorg-x11-server ==== Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra xorg-x11-server-sdk - U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch * XkbGetKbdByName use-after-free (ZDI-CAN-19530, CVE-2022-4283, bsc#1206017) - U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch * Server XTestSwapFakeInput stack overflow (ZDI-CAN 19265, CVE-2022-46340, bsc#1205874) - U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch * Xi: return an error from XI property changes if verification failed (no ZDI-CAN id, no CVE id, bsc#1205875) - U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch * Server XIChangeProperty out-of-bounds access (ZDI-CAN 19405, CVE-2022-46344, bsc#1205876) - U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch * Server XIPassiveUngrabDevice out-of-bounds access (ZDI-CAN 19381, CVE-2022-46341, bsc#1205877) - U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch * Server ScreenSaverSetAttributes use-after-free (ZDI-CAN 19404, CVE-2022-46343, bsc#1205878) - U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch * Server XvdiSelectVideoNotify use-after-free (ZDI-CAN 19400, CVE-2022-46342, bsc#1205879) ==== xscreensaver ==== Version update (6.05.1 -> 6.06) Subpackages: xscreensaver-data xscreensaver-data-extra xscreensaver-lang - update to 6.06: * New hack hextrail * marbling works again * Adjust old hacks for higher resolution displays * X11: More robust desktop image grabbing. * X11: Various improvements to xscreensaver-settings * X11: Supports "Lock" messages from systemd, e.g. when logind.conf has "HandleLidSwitch=lock" instead of "suspend". * Retired thornbird, which is redundant with discrete. - drop xscreensaver-gtk3.patch, upstream ==== xwayland ==== - U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch * XkbGetKbdByName use-after-free (ZDI-CAN-19530, CVE-2022-4283, bsc#1206017) - U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch * Server XTestSwapFakeInput stack overflow (ZDI-CAN 19265, CVE-2022-46340, bsc#1205874) - U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch * Xi: return an error from XI property changes if verification failed (no ZDI-CAN id, no CVE id, bsc#1205875) - U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch * Server XIChangeProperty out-of-bounds access (ZDI-CAN 19405, CVE-2022-46344, bsc#1205876) - U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch * Server XIPassiveUngrabDevice out-of-bounds access (ZDI-CAN 19381, CVE-2022-46341, bsc#1205877) - U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch * Server ScreenSaverSetAttributes use-after-free (ZDI-CAN 19404, CVE-2022-46343, bsc#1205878) - U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch * Server XvdiSelectVideoNotify use-after-free (ZDI-CAN 19400, CVE-2022-46342, bsc#1205879) ==== xz ==== Subpackages: liblzma5 - Rename xz-static-devel -> xz-devel-static to follow the general naming used in openSUSE. ==== yast2-add-on ==== Version update (4.5.2 -> 4.5.3) - Fixed failure with the "media_url" element in AutoYaST profile containing CDATA block with spaces (bsc#1205928) - 4.5.3 ==== yast2-packager ==== Version update (4.5.8 -> 4.5.9) - Merged PR https://github.com/yast/yast-packager/pull/623 by Christopher Yeleighton : Do not call [Install done] on aborted packages (boo#1203302) - 4.5.9 ==== yast2-trans ==== Version update (84.87.20221203.a7355e12ff -> 84.87.20221210.680714a939) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20221210.680714a939: * New POT for text domain 'kdump'. * New POT for text domain 'users'. * Translated using Weblate (Romanian) * Translated using Weblate (Macedonian) ==== zlib ==== Subpackages: libminizip1 libz1 zlib-devel - build zlib with optflags again