Packages changed: Mesa Mesa-drivers autofs busybox-links cockpit cryptsetup dracut (057+suse.309.gb71946f6 -> 057+suse.315.gd210fc38) e2fsprogs file (5.42 -> 5.43) fuse3 (3.11.0 -> 3.12.0) gawk (5.1.1 -> 5.2.0) glibc gnutls grep (3.7 -> 3.8) hdparm (9.64 -> 9.65) hwdata (0.361 -> 0.362) icewm (2.9.8 -> 2.9.9) libgcrypt libksba (1.6.0 -> 1.6.1) microos-tools (2.16 -> 2.17) ncurses (6.3.20220820 -> 6.3.20220910) netpbm openvpn permissions (1599_20220713 -> 1599_20220912) pipewire (0.3.57 -> 0.3.58) plymouth (22.02.122+73.9826df5 -> 22.02.122+75.6f5dc63) polkit publicsuffix (20220805 -> 20220903) python-Mako (1.2.1 -> 1.2.2) python-SQLAlchemy (1.4.40 -> 1.4.41) python-blinker (1.4 -> 1.5) python-charset-normalizer (2.1.0 -> 2.1.1) python-greenlet (1.1.2 -> 1.1.3) python-idna (3.3 -> 3.4) python-oauthlib (3.2.0 -> 3.2.1) python-psutil (5.9.1 -> 5.9.2) python-regex (2022.7.9 -> 2022.9.13) python-sniffio (1.2.0 -> 1.3.0) python310 (3.10.6 -> 3.10.7) python310-core (3.10.6 -> 3.10.7) python310-pyparsing qemu rpm (4.17.1 -> 4.17.1.1) rsync (3.2.5 -> 3.2.6) shim sudo xdm yast2 (4.5.13 -> 4.5.14) yast2-installation (4.5.5 -> 4.5.7) yast2-network (4.5.6 -> 4.5.7) === Details === ==== Mesa ==== Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - llvm15.patch: backport of commits 2037c34f245, 301bcbac0e5, 6983c8580a2 to support LLVM 15 ==== Mesa-drivers ==== Subpackages: Mesa-dri Mesa-gallium Mesa-libva - llvm15.patch: backport of commits 2037c34f245, 301bcbac0e5, 6983c8580a2 to support LLVM 15 ==== autofs ==== - Move dbus-1 system.d file to /usr (bsc#1203362) ==== busybox-links ==== Subpackages: busybox-coreutils busybox-gawk busybox-grep busybox-gzip busybox-hostname busybox-sed busybox-sendmail busybox-xz - Add missing new requires for busybox-sha3sum - Create sub-package "hexedit" [bsc#1203399] - Create sub-package "sha3sum" [bsc#1203397] ==== cockpit ==== Subpackages: cockpit-bridge cockpit-packagekit cockpit-system - Fix cockpit-storage dependencies - Merge SUSE branding into cockpit package - Update kdump-suse.patch to match upstream. ==== cryptsetup ==== Subpackages: cryptsetup-doc libcryptsetup12 - Add virtual provides for 'integritysetup' and 'veritysetup' to match package names provided by Fedora/RHEL, to allow the same set of dependencies to be used across all RPM distributions. ==== dracut ==== Version update (057+suse.309.gb71946f6 -> 057+suse.315.gd210fc38) Subpackages: dracut-ima dracut-mkinitrd-deprecated - Update to version 057+suse.315.gd210fc38: * chore(suse): update spec Fix "directories not owned by a package" caused by bash-completion directories not owned by dracut. Do not install modules incompatible with the system architecture. * chore(suse): change default persistent policy * ci(suse.conf.example): update SUSE-specific config * chore(suse): fix 99-debug.conf ==== e2fsprogs ==== Subpackages: libcom_err2 libext2fs2 - Refresh e2fsprogs.keyring based on currently provided keys. - Spec file cleanup: + Drop remainders regarding -mini packages, which was not a thing since Jan 2014. + Split build of fuse2fs out into a sep build (_multibuild enabled). - enabled fuse2fs build which enable to mount ext2/3/4 via FUSE ==== file ==== Version update (5.42 -> 5.43) Subpackages: file-magic libmagic1 - Add patch file-zstd.patch from upstream mailing list * Add zstd decompression support - Run also upstream standard checks - update to 5.43: * Add octal indirect magic * avoid infinite loop in non-wide code * Obey MAGIC_CONTINUE with multiple magic files * Fix bug with large flist * PR/364: Detect non-nul-terminated core filenames from QEMU * PR/359: Add support for http://ndjson.org/ * PR/362: Fix wide printing * PR/358: Fix width for -f - - drop file-boo1201350.patch (upstream) ==== fuse3 ==== Version update (3.11.0 -> 3.12.0) Subpackages: libfuse3-3 - Update to release 3.12.0 * The max_idle_threads parameter has been deprecated in favor of the new max_threads* parameter * struct fuse_loop_config is now private and has to be constructed using fuse_loop_cfg_create() * fuse_session_loop_mt() now accepts struct fuse_loop_config * as NULL pointer. * fuse_parse_cmdline() now accepts a max_threads option. ==== gawk ==== Version update (5.1.1 -> 5.2.0) - upref.patch: Add missing UPREF - Update to gawk 5.2.0 * Numeric scalars now compare in the same way as C for the relational operators. Comparison order for sorting has not changed * If the AWK_HASH environment variable is set to "fnv1a" gawk will use the FNV1-A hash function for associative arrays * There is now a new function, mkbool(), that creates Boolean-typed values * As BWK awk has supported interval expressions since 2019, they are now enabled even if --traditional is supplied * The rwarray extension has two new functions, writeall() and readall() * The new `gawkbug' script should be used for reporting bugs * The manual page (doc/gawk.1) has been considerably reduced in size * Gawk now supports Terence Kelly's "persistent malloc" (pma), allowing gawk to preserve its variables, arrays and user-defined functions between runs * Some subtle issues with untyped array elements being passed to functions have been fixed * Syntax errors are now immediately fatal - gawk-5.1.1-Disable-racy-test-in-test-iolint.awk.patch: removed - pma.patch: Handle hole bigger than half the address space - nan-tests.patch: fix non-portable NaN tests ==== glibc ==== Subpackages: glibc-extra glibc-locale glibc-locale-base nscd - errlist-edeadlock.patch: errlist: add missing entry for EDEADLOCK (BZ [#29545]) ==== gnutls ==== - FIPS: Run the CFB8 cipher selftest without offset [bsc#1203245] * CFB8 list of ciphers: GNUTLS_CIPHER_AES_{128,192,256}_CFB8 * Add gnutls-FIPS-Run-CFB8-without-offset.patch - provide a libgnutls30-hmac-32bit to avoid uninstallable wine when pattern-base-fips is installed [boo#1203353] - FIPS: Additional modifications to the SLI. [bsc#1190698] * Mark CMAC and GMAC and non-approved in gnutls_pbkfd2(). * Mark HMAC keylength less than 112 bits as non-approved in gnutls_pbkfd2(). * Adapt the pbkdf2 selftest and the regression tests accordingly. * Add gnutls-FIPS-SLI-pbkdf2-verify-keylengths-only-SHA.patch - FIPS: Port GnuTLS to use jitterentropy [bsc#1202146, jsc#SLE-24941] * Add new dependency on jitterentropy * Add gnutls-FIPS-jitterentropy.patch ==== grep ==== Version update (3.7 -> 3.8) - GNU grep 3.8: * The -P option is now based on PCRE2 instead of the older PCRE (boo#1201803) * egrep and fgrep commands, deprecated since release 2.5.3 (2007), now warn that they are obsolescent and should be replaced by grep -E and grep -F * The confusing GREP_COLOR environment variable is now obsolescent * Regular expressions with stray backslashes now cause warnings * Regular expressions like [:space:] are now errors even if POSIXLY_CORRECT is set, since POSIX now allows the GNU behavior * In locales using UTF-8 encoding, the regular expression '.' no longer sometimes fails to match Unicode characters * The -s option no longer suppresses "binary file matches" messages. - doc: fix man page syntax errors (bsc#1201001) ==== hdparm ==== Version update (9.64 -> 9.65) - Update to 9.65: * Fixed "hdparm --Istdin" to not attempt reading LOG data from a non-existent drive. - Refresh avoid-linux-includes.patch ==== hwdata ==== Version update (0.361 -> 0.362) - update to 0.362: + Updated pci, usb and vendor ids. ==== icewm ==== Version update (2.9.8 -> 2.9.9) Subpackages: icewm-config-upstream icewm-default icewm-lang - update to 2.9.9: * Permit percentages to have comma's in icesh. * Keep accurate track of window changes in workspace buttons for PagerShowPreview. Only redraw affected workspace buttons, which reduces the total number of workspace button redraws, especially for larges number of workspace buttons. * Add key bindings for single window tiling operations for issues bbidulock/icewm#335, ice-wm/icewm#74 and ice-wm/icewm#84. * Complete -e option. * WindowMaker dock apps are supported. * Support more HTML entities in icehelp. * Remove dependency on asciidoc and prefer markdown format for the manual. * Prevent warnings. * Also install markdown. * Try srcdir. * Cleanup test and prefer markdown manual. * Cleanup key grabs. * Drop obsolete wmOccupyAll(). * Accept either markdown or asciidoc to generate manual html with CMake. * Add markdown and icesh. * Automatically detect and prevent race conditions in icesh relating to moving and sizing windows for issue #335. Improve the accuracy of the "sizeto" command in icesh for issue #335. Add "extents" command to icesh. Add "workarea" command to icesh. * Get rid of the frameContext. * Prefer findClient in two cases: unmap notify and recv ping. - spec-cleaner run ==== libgcrypt ==== - FIPS: Get most of the entropy from rndjent_poll [bsc#1202117] * Add libgcrypt-FIPS-rndjent_poll.patch * Rebase libgcrypt-jitterentropy-3.4.0.patch - FIPS: Check keylength in gcry_fips_indicator_kdf() [bsc#1190700] * Consider approved keylength greater or equal to 112 bits. * Add libgcrypt-FIPS-kdf-leylength.patch - FIPS: Zeroize buffer and digest in check_binary_integrity() * Add libgcrypt-FIPS-Zeroize-hmac.patch [bsc#1191020] ==== libksba ==== Version update (1.6.0 -> 1.6.1) - libksba 1.6.1: * Allow an OCSP server not to return the sent nonce - fix rpmlint warnings ==== microos-tools ==== Version update (2.16 -> 2.17) - Update to version 2.17: - selinux-autorelabel-generator: Don't cross partition boundaries for /.snapshots when relabeling [issue#11] ==== ncurses ==== Version update (6.3.20220820 -> 6.3.20220910) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20220910 + amend verbose-option change to make this affect level 3, e.g., using "tic -cv3 terminfo". + work around musl's nonstandard use of feature test macros by adding a definition for NCURSES_WIDECHAR to the generated ".pc" and *-config files (report by Sam James). - Add ncurses patch 20220903 + modify verbose-option of infocmp, tic, toe to enable debug-tracing if that is configured. - Add ncurses patch 20220827 + modify configure scripts to use overlooked cases for LD and PKG_CONFIG variables (report by Alan Webb, Gentoo #866398). + modify nsterm to use xterm+alt1049 (report by Paul Handly) -TD + modify putty to use xterm+alt1049 -TD - Correct offsets of patches * ncurses-5.9-ibm327x.dif * ncurses-6.3.dif ==== netpbm ==== Subpackages: libnetpbm11 - ppmforge-test.patch: fix ppmforge test to avoid float overflow ==== openvpn ==== - build with enable-iproute2 again to have root-less mode working (bsc#1202792) ==== permissions ==== Version update (1599_20220713 -> 1599_20220912) Subpackages: chkstat permissions-config - Update to version 20220912: * chkstat: also consider group controlled paths (bsc#1203018, CVE-2022-31252) ==== pipewire ==== Version update (0.3.57 -> 0.3.58) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Update to version 0.3.58: * Highlights - Fix a regression that could cause audio crackling. - Fix a regression in RTKit because rlimit was not set correctly. - JAVA sound applications will now alsa work with the pulseaudio-alsa plugin. - pw-top will now show the negotiated formats of devices and streams. - Fix some potential crashes when starting streams. - The ALSA plugin has had improved timing reporting and poll descriptor handling that should improve compatibility. - Many more improvements and bugfixes. * PipeWire - Avoid scheduling nodes before they are added to the graph. This could avoid some crashes when scheduling nodes that were not completely started yet. (#2677) * Tools - pw-top now also shows the negotiated formats of streams and devices. (#2566) - pw-top prints microseconds as "us" now to avoid unicode problems. * Modules - Fix compilation with newer lv2. - Fix setting realtime priority with RTKit, it was not setting rlimit correctly and RTKit would refuse to change the priority. - Fix some playback problems with RAOP sink. (#2673) - Filter chain will now warn when a non-existing control property is used in the config file. (#2685) - Filter chain can now handle control port names with ":" in the name. (#2685) - The echo-cancel module and interface now has activate/deactivate functions to make it possible for plugins to reset their state. * SPA - Make sure audioconvert uses the given channelmap and channels for the volumes, even when not negotiated yet. This makes it possible to change the volume before the node has been negotiated. - Refactor the peaks resampler. Fix an error in the SSE code. - Fix DSD min/max rates, avoid exposing impossible rates. - Set monitor port buffer size correctly. This could cause some crackling and hickups. (#2677) - Make ALSA sequencer port names unique. * Pulse-server - Rework the capture buffer attributes to better match pulseaudio. This fixes a regression where opening pavucontrol could cause crackling. (#2671) - Implement TRIGGER and PREBUF methods. - Handle clients that send more than the requested amount of data. PipeWire will now also keep this as extra buffered data like PulseAudio. This fixes JAVA sound applications when they are running on top of the PulseAudio ALSA plugin. (#2626,#2674) - Update the requested amount of bytes more like PulseAudio. Fixes stuttering after resume with the GStreamer pulseaudio sink. (#2680) * ALSA Plugin - More debug info was added. The time reporting was improved. - The poll descriptor handling was improved, avoiding some spurious wakeups. (#1697) ==== plymouth ==== Version update (22.02.122+73.9826df5 -> 22.02.122+75.6f5dc63) Subpackages: libply-splash-core5 libply-splash-graphics5 libply5 plymouth-dracut plymouth-lang plymouth-plugin-label plymouth-plugin-two-step plymouth-scripts plymouth-theme-bgrt plymouth-theme-spinner - Update to version 22.02.122+75.6f5dc63: * Fix build after README changes ==== polkit ==== Subpackages: libpolkit-agent-1-0 libpolkit-gobject-1-0 pkexec typelib-1_0-Polkit-1_0 - obsolete libpolkit0 also from baselibs. ==== publicsuffix ==== Version update (20220805 -> 20220903) - Update to version 20220903: * util: gTLD data autopull updates for 2022-09-03T15:15:24 UTC (#1606) * Update public_suffix_list.dat (#1594) * Add streamlitapp.com (#1591) * Update public_suffix_list.dat (#1573) * Add Framer Sites domains to PSL (#1570) * new TLD .ישראל and SLDs for Israel by ISOC-IL (#1595) ==== python-Mako ==== Version update (1.2.1 -> 1.2.2) - update to 1.2.2: * Fixed issue in lexer where the regexp used to match tags would not correctly interpret quoted sections individually ==== python-SQLAlchemy ==== Version update (1.4.40 -> 1.4.41) - update to 1.4.41: * Fixed issue where use of the :func:`_sql.table` construct, passing a string for the :paramref:`_sql.table.schema` parameter, would fail to take the "schema" string into account when producing a cache key, thus leading to caching collisions if multiple, same-named :func:`_sql.table` constructs with different schemas were used. * Fixed event listening issue where event listeners added to a superclass would be lost if a subclass were created which then had its own listeners associated. The practical example is that of the :class:`.sessionmaker` class created after events have been associated with the :class:`_orm.Session` class. * Hardened the cache key strategy for the :func:`_orm.aliased` and :func:`_orm.with_polymorphic` constructs. While no issue involving actual statements being cached can easily be demonstrated (if at all), these two constructs were not including enough of what makes them unique in their cache keys for caching on the aliased construct alone to be accurate. * Fixed regression appearing in the 1.4 series where a joined-inheritance query placed as a subquery within an enclosing query for that same entity would fail to render the JOIN correctly for the inner query. The issue manifested in two different ways prior and subsequent to version 1.4.18 (related issue :ticket:`6595`), in one case rendering JOIN twice, in the other losing the JOIN entirely. To resolve, the conditions under which "polymorphic loading" are applied have been scaled back to not be invoked for simple joined inheritance queries. * Fixed issue in :mod:`sqlalchemy.ext.mutable` extension where collection links to the parent object would be lost if the object were merged with :meth:`.Session.merge` while also passing :paramref:`.Session.merge.load` as False. * Fixed issue involving :func:`_orm.with_loader_criteria` where a closure variable used as bound parameter value within the lambda would not carry forward correctly into additional relationship loaders such as :func:`_orm.selectinload` and :func:`_orm.lazyload` after the statement were cached, using the stale originally-cached value instead. * Fixed regression caused by the fix for :ticket:`8231` released in 1.4.40 where connection would fail if the user did not have permission to query the ``dm_exec_sessions`` or ``dm_pdw_nodes_exec_sessions`` system views when trying to determine the current transaction isolation level. * Integrated support for asyncpg's ``terminate()`` method call for cases where the connection pool is recycling a possibly timed-out connection, where a connection is being garbage collected that wasn't gracefully ==== python-blinker ==== Version update (1.4 -> 1.5) - Fix documentation generation. - specfile: * update copyright year * remove patch python-blinker-remove-nose.patch; included upstream * docs and license changed to .rst * build docs using Sphinx - update to version 1.5: * Support Python >= 3.7 and PyPy. Python 2, Python < 3.7, and Jython may continue to work, but the next release will make incompatible changes. ==== python-charset-normalizer ==== Version update (2.1.0 -> 2.1.1) - update to 2.1.1: * Function `normalize` scheduled for removal in 3.0 * Removed useless call to decode in fn is_unprintable (#206) ==== python-greenlet ==== Version update (1.1.2 -> 1.1.3) - update to 1.1.3: * Add support for Python 3.11. ==== python-idna ==== Version update (3.3 -> 3.4) - update to 3.4: * Update to Unicode 15.0.0 * Migrate to pyproject.toml for build information (PEP 621) * Correct another instance where generic exception was raised instead of IDNAError for malformed input * Source distribution uses zeroized file ownership for improved reproducibility ==== python-oauthlib ==== Version update (3.2.0 -> 3.2.1) - specfile: * update requirements - update to version 3.2.1: * OAuth2.0 Provider: * #803: Metadata endpoint support of non-HTTPS * CVE-2022-36087, bugzilla # 1203333 * OAuth1.0: * #818: Allow IPv6 being parsed by signature * General: * Improved and fixed documentation warnings. * Cosmetic changes based on isort ==== python-psutil ==== Version update (5.9.1 -> 5.9.2) - update to version 5.9.2: * Bug fixes + 2093_, [FreeBSD], **[critical]**: `pids()`_ may fail with ENOMEM. Dynamically increase the "malloc()" buffer size until it's big enough. + 2095_, [Linux]: `net_if_stats()`_ returns incorrect interface speed for 100GbE network cards. + 2113_, [FreeBSD], **[critical]**: `virtual_memory()`_ may raise ENOMEM due to missing "#include " directive. (patch by Peter Jeremy) + 2128_, [NetBSD]: `swap_memory()`_ was miscalculated. (patch by Thomas Klausner) ==== python-regex ==== Version update (2022.7.9 -> 2022.9.13) - update to 2022.9.13: * update to unicode 15.0 - update to 2022.9.11: * fix issue 474: regex has no equivalent to re.Match.groups() for captures * fix segmentation fault when using conditional pattern (issue 479) * use \v for vertical spacing ==== python-sniffio ==== Version update (1.2.0 -> 1.3.0) - update to 1.3.0: * requires python 3.7 ==== python310 ==== Version update (3.10.6 -> 3.10.7) Subpackages: python310-curses python310-dbm - Update to 3.10.7: - Fix for CVE-2020-10735 (bsc#1203125) Converting between int and str in bases other than 2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now raises a ValueError if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity. - Other bug fixes: - Fixed a bug that caused _PyCode_GetExtra to return garbage for negative indexes. - Fix format string in _PyPegen_raise_error_known_location that can lead to memory corruption on some 64bit systems. The function was building a tuple with i (int) instead of n (Py_ssize_t) for Py_ssize_t arguments. - Fix misleading contents of error message when converting an all-whitespace string to float. - coroutine.throw() now properly initializes the frame.f_back when resuming a stack of coroutines. This allows e.g. traceback.print_stack() to work correctly when an exception (such as CancelledError) is thrown into a coroutine. - ast.parse() will no longer parse function definitions with positional-only params when passed feature_version less than (3, 8). - Correct conversion of numbers.Rational’s to float. - Fix a performance regression in logging TimedRotatingFileHandler. Only check for special files when the rollover time has passed. - Fix unused localName parameter in the Attr class in xml.dom.minidom. - Update bundled pip to 22.2.2. - Fail gracefully if EPERM or ENOSYS is raised when loading crypt methods. This may happen when trying to load MD5 on a Linux kernel with FIPS enabled. - Improve discoverability of the higher level concurrent.futures module by providing clearer links from the lower level threading and multiprocessing modules. - Update the default RFC base URL from deprecated tools.ietf.org to datatracker.ietf.org - Fix stylesheet not working in Windows CHM htmlhelp docs. - The documentation now lists which members of C structs are part of the Limited API/Stable ABI. - Mitigate the inherent race condition from using find_unused_port() in testSockName() by trying to find an unused port a few times before failing. - Build and test with OpenSSL 1.1.1q - Document handling of extensions in Save As dialogs. - Include prompts when saving Shell (interactive input and output). ==== python310-core ==== Version update (3.10.6 -> 3.10.7) Subpackages: libpython3_10-1_0 python310-base - Update to 3.10.7: - Fix for CVE-2020-10735 (bsc#1203125) Converting between int and str in bases other than 2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now raises a ValueError if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity. - Other bug fixes: - Fixed a bug that caused _PyCode_GetExtra to return garbage for negative indexes. - Fix format string in _PyPegen_raise_error_known_location that can lead to memory corruption on some 64bit systems. The function was building a tuple with i (int) instead of n (Py_ssize_t) for Py_ssize_t arguments. - Fix misleading contents of error message when converting an all-whitespace string to float. - coroutine.throw() now properly initializes the frame.f_back when resuming a stack of coroutines. This allows e.g. traceback.print_stack() to work correctly when an exception (such as CancelledError) is thrown into a coroutine. - ast.parse() will no longer parse function definitions with positional-only params when passed feature_version less than (3, 8). - Correct conversion of numbers.Rational’s to float. - Fix a performance regression in logging TimedRotatingFileHandler. Only check for special files when the rollover time has passed. - Fix unused localName parameter in the Attr class in xml.dom.minidom. - Update bundled pip to 22.2.2. - Fail gracefully if EPERM or ENOSYS is raised when loading crypt methods. This may happen when trying to load MD5 on a Linux kernel with FIPS enabled. - Improve discoverability of the higher level concurrent.futures module by providing clearer links from the lower level threading and multiprocessing modules. - Update the default RFC base URL from deprecated tools.ietf.org to datatracker.ietf.org - Fix stylesheet not working in Windows CHM htmlhelp docs. - The documentation now lists which members of C structs are part of the Limited API/Stable ABI. - Mitigate the inherent race condition from using find_unused_port() in testSockName() by trying to find an unused port a few times before failing. - Build and test with OpenSSL 1.1.1q - Document handling of extensions in Save As dialogs. - Include prompts when saving Shell (interactive input and output). ==== python310-pyparsing ==== - Fix incorrect usage of non-bundled pip revealed by python-rpm-macros update. ==== qemu ==== - pcre-devel-static is only needed when building against glib2 < 2.73. After that, glib2 was migrated to pcre2. ==== rpm ==== Version update (4.17.1 -> 4.17.1.1) Subpackages: librpmbuild9 - update to rpm-4.17.1.1 * Fix upstream branch setting in "%autosetup -S git" * Revert "Strip the target triplet GNU suffix more precisely." - remove-translations.diff: convert deprecated egrep to grep -E (boo#1203092) ==== rsync ==== Version update (3.2.5 -> 3.2.6) - Use bundled SLP patch now that upstream fixed it: * Remove rsync-3.2.5-slp.patch - update to 3.2.6: * More path-cleaning improvements in the file-list validation code to avoid rejecting of valid args. * A file-list validation fix for a --files-from file that ends without a line-terminating character. * Added a safety check that prevents the sender from removing destination files when a local copy using --remove-source-files has some files that are shared between the sending & receiving hierarchies, including the case where the source dir & destination dir are identical. * Fixed a bug in the internal MD4 checksum code that could cause the digest to be sporadically incorrect (the openssl version was/is fine). * A minor tweak to rrsync added "copy-devices" to the list of known args, but left it disabled by default. - Build SLE version with g++-11 to work around nondeterministic g++-7 (boo#1193895) ==== shim ==== - Add logic to shim.spec to only set sbat policy when efivarfs is writeable. (bsc#1201066) ==== sudo ==== Subpackages: sudo-plugin-python - Modified sudo-sudoers.patch * bsc#1177578 * Removed redundant and confusing 'secure_path' settings in sudo-sudoers file. ==== xdm ==== - Add u_glibc-2.36.patch: use glibc's arc4random instead of libbsd's (bsc#1202222) ==== yast2 ==== Version update (4.5.13 -> 4.5.14) Subpackages: yast2-logs - bsc#1200016 - by_pattern moved into http_server moduleas it is the only user - 4.5.14 ==== yast2-installation ==== Version update (4.5.5 -> 4.5.7) - Don't set QT_SCALE_FACTOR unless > 1 (bsc#1199020) to avoid forcing QA to recreate all needles for all standard cases - 4.5.7 - Directly calculate the Qt scale factor, no longer rely on the Xft.dpi X resource (bsc#1199020) - Support YAST_MON_WIDTH_MM=xx at installation boot prompt - Support YaST2.call script debugging with FAKE_MON_WIDTH_MM=xx - Support up to 392 dpi (up to scale factor 4.0) More details: https://github.com/yast/yast-installation/pull/1057 - No more console warnings if no EDID (bsc#1203161) - 4.5.6 ==== yast2-network ==== Version update (4.5.6 -> 4.5.7) - Activate s390 devices before importing and reading the network configuration or otherwise the related linux devices will not be present and could be ignored (bsc#1199746) - 4.5.7