Packages changed: AppStream Mesa Mesa-drivers PackageKit SDL2 (2.26.3 -> 2.26.4) apache2-mod_php8 branding-openSUSE (84.87.20210910 -> 84.87.20230227) ffmpeg-5 flac fmt git (2.39.2 -> 2.40.0) grub2 iso-codes (4.12.0 -> 4.13.0) kbd (2.4.0 -> 2.5.1) kernel-firmware (20230210 -> 20230313) lame libcamera libguestfs libjpeg-turbo libstorage-ng (4.5.83 -> 4.5.85) libvirt libvorbis microos-tools (2.18 -> 2.19) mozilla-nss (3.87 -> 3.88.1) mozjs102 (102.8.0 -> 102.9.0) mutter ncurses (6.4.20230225 -> 6.4.20230311) nftables (1.0.6 -> 1.0.7) nodejs19 openexr (3.1.5 -> 3.1.6) osinfo-db (20221130 -> 20230308) pam-config (1.8 -> 1.9) pam_kwallet perl-Net-DNS (1.36 -> 1.37) perl-Net-Server (2.013 -> 2.014) php8 python-cryptography (39.0.1 -> 39.0.2) python310 python310-core rubygem-excon (0.94.0 -> 0.99.0) rubygem-rack-2.2 (2.2.6.2 -> 2.2.6.4) sqlite3 totem vim whois (5.5.15 -> 5.5.16) xz yast2-add-on (4.6.0 -> 4.6.1) yast2-installation (4.6.0 -> 4.6.1) yast2-storage-ng (4.6.0 -> 4.6.1) yast2-trans (84.87.20230306.ba31ff5670 -> 84.87.20230312.2a5006f40f) zvbi (0.2.39 -> 0.2.41) === Details === ==== AppStream ==== Subpackages: libAppStreamQt2 libappstream4 - Add upstream fix for new glib-2.76: * bfa8fa6ac4ef645368a93384a6c16ac551a40922.patch ==== Mesa ==== Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - U_glx-Remove-pointless-GLX_INTEL_swap_event-paranoia.patch * reverse apply this patch to fix a regression caused by this commit, which resulted in gnome-shell constantly crashing, which is making a GNOME/X11 session impossible (boo#1209005) ==== Mesa-drivers ==== Subpackages: Mesa-dri Mesa-gallium Mesa-libva - U_glx-Remove-pointless-GLX_INTEL_swap_event-paranoia.patch * reverse apply this patch to fix a regression caused by this commit, which resulted in gnome-shell constantly crashing, which is making a GNOME/X11 session impossible (boo#1209005) ==== PackageKit ==== Subpackages: PackageKit-backend-zypp PackageKit-gstreamer-plugin PackageKit-gtk3-module libpackagekit-glib2-18 typelib-1_0-PackageKitGlib-1_0 - Add PackageKit-fix-pkcon-permission.patch: trivial: Drop unnecessary x permission (gh#PackageKit/PackageKit/commit/47b7f97bc, bsc#1209138) ==== SDL2 ==== Version update (2.26.3 -> 2.26.4) - Update to release 2.26.4 * Fixed using older game controller mappings on Linux ==== apache2-mod_php8 ==== - update to newest systzdata patch [bsc#1208199] - deleted patches - php-systzdata-v21.patch (upstreamed) - added patches fix use of the system timezone database + php-systzdata-v23.patch ==== branding-openSUSE ==== Version update (84.87.20210910 -> 84.87.20230227) Subpackages: grub2-branding-openSUSE libreoffice-branding-openSUSE plymouth-branding-openSUSE wallpaper-branding-openSUSE yast2-qt-branding-openSUSE - Make title QToolButton backgrounds transparent - Drop optipng requirement ==== ffmpeg-5 ==== Subpackages: libavcodec59 libavdevice59 libavfilter8 libavformat59 libavutil57 libpostproc56 libswscale6 - Add soname.diff to get libswresample4 nonconflicting with ffmpeg-6. - Actually enable libjxl backend ==== flac ==== Subpackages: libFLAC++10 libFLAC12 - Build AVX2 enabled hwcaps library for x86_64-v3 ==== fmt ==== - Use -ffloat-store as a fix for excessive precision provided by X87 on i686 target (https://github.com/fmtlib/fmt/issues/3337). ==== git ==== Version update (2.39.2 -> 2.40.0) Subpackages: git-core git-email git-gui git-svn git-web gitk perl-Git - git 2.40.0: * backward incompatible change: The format.attach configuration variable lacked a way to override a value defined in a lower-priority configuration file (e.g. the system one) by redefining it in a higher-priority configuration file. Now, setting format.attach to an empty string means show the patch inline in the e-mail message, without using MIME attachment. * multiple commands and workflows gained additional options, compatible functionality, or more helpful output * "grep -P" learned to use Unicode Character Property to grok character classes when processing \b and \w etc. * under-the-hood improvements and bug fixes - The scripted "git add -p/-i" implementation was removed upstream. The openSUSE package already preferred the C implementation. ==== grub2 ==== Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin - Discard cached key from grub shell and editor mode * 0001-clean-up-crypttab-and-linux-modules-dependency.patch * 0002-discard-cached-key-before-entering-grub-shell-and-ed.patch - Make grub more robust against storage race condition causing system boot failures (bsc#1189036) * 0001-ieee1275-ofdisk-retry-on-open-and-read-failure.patch ==== iso-codes ==== Version update (4.12.0 -> 4.13.0) Subpackages: iso-codes-lang - update to version 4.13.0: + ISO 3166-1: Add missing common names for Laos, Iran, and Syria. + ISO 3166-3: Fix withdrawal dates of AN, CS and YU. + Updated translations. ==== kbd ==== Version update (2.4.0 -> 2.5.1) Subpackages: kbd-legacy - Update to version 2.5.1 - Add Irish keyboard map - Add PinePhone keyboard keymap - Added braces to IT keyboard map - Add Euro at Portuguese keyboards - Fix incorrect acentuation pt-latin9 - fa.map: drop high codepoint character that chokes loadkeys - data/keymaps/i386/neo: use Delete instead of Backspace - Fix documentation for a few program options - Fix some memory leaks - Update translations - autogen.sh missing from release tarball, copy from git - Remove upstreamed patches - 0001-libkfont-Initialize-kfont_context-options.patch - kbd-1.15.2-dumpkeys-C-opt.patch - kbd-2.0.2-comment-typo-qwerty.patch ==== kernel-firmware ==== Version update (20230210 -> 20230313) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20230313 (git commit 5bc279fb161d): * iwlwifi: update core69 and core72 firmwares for So device * qat: update licence text * rtl_bt: Update RTL8822C BT USB firmware to 0x0CC6_D2E3 * rtl_bt: Update RTL8822C BT UART firmware to 0x05C6_D2E3 * WHENCE: remove duplicate File entries * WHENCE: remove trailing white space * linux-firmware: add fw for qat_4xxx (jsc#PED-3699) * Fix symlinks for Intel firmware * linux-firmware: update firmware for mediatek bluetooth chip (MT7921) * linux-firmware: update firmware for MT7921 WiFi device * iwlwifi: update core69 and core72 firmwares for Ty device * rtlwifi: Add firmware v16.0 for RTL8710BU aka RTL8188GU * brcm: Add nvram for the Lenovo Yoga Book X90F / X90L convertible * brcm: Fix Xiaomi Inc Mipad2 nvram/.txt file macaddr * brcm: Add nvram for the Advantech MICA-071 tablet * rtl_bt: Update RTL8852C BT USB firmware to 0xD7B8_FABF * rtl_bt: Add firmware and config files for RTL8821CS * rtw89: 8852b: update fw to v0.29.29.0 * rtw89: 8852b: update fw to v0.29.26.0 * liquidio: remove lio_23xx_vsw.bin * intel: avs: Add AudioDSP base firmware for CNL-based platforms * intel: avs: Add AudioDSP base firmware for APL-based platforms * intel: avs: Add AudioDSP base firmware for SKL-based platforms * ath11k: WCN6855 hw2.0: update to WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.23 * ath11k: WCN6855 hw2.0: update board-2.bin * ath11k: WCN6750 hw1.0: update board-2.bin * ath11k: IPQ5018 hw1.0: add to WLAN.HK.2.6.0.1-00861-QCAHKSWPL_SILICONZ-1 * ath11k: IPQ5018 hw1.0: add board-2.bin * ath10k: QCA6174 hw3.0: update firmware-sdio-6.bin to version WLAN.RMH.4.4.1-00174 * ath10k: WCN3990 hw1.0: update board-2.bin * cnm: update chips&media wave521c firmware. * amdgpu: Update GC 11.0.1 firmware * intel: catpt: Add AudioDSP base firmware for BDW platforms - Update topics for catpt/avs - Update aliases - Update spec template ==== lame ==== Subpackages: libmp3lame0 - Build AVX2 enabled hwcaps library for x86_64-v3 ==== libcamera ==== Subpackages: libcamera-base0_0_4 libcamera0_0_4 - Disable warning in silent-Werror_dangling-reference.patch based compiler version. - Add silent-Werror_dangling-reference.patch that addressed a false-positive warning in GCC: https://bugs.libcamera.org/show_bug.cgi?id=185. ==== libguestfs ==== Subpackages: libguestfs-xfs libguestfs0 - Configure with --enable-appliance-format-auto to allow qcow2-format fixed appliances. ==== libjpeg-turbo ==== Subpackages: libjpeg8 libturbojpeg0 - Build AVX2 enabled hwcaps library for x86_64-v3 ==== libstorage-ng ==== Version update (4.5.83 -> 4.5.85) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#918 - allow trailing space when parsing btrfs version (bsc#1209252) - 4.5.85 - merge gh#openSUSE/libstorage-ng#917 - extended error logging - 4.5.84 ==== libvirt ==== Subpackages: libvirt-client libvirt-daemon-common libvirt-daemon-config-network libvirt-daemon-driver-interface libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lock libvirt-daemon-log libvirt-daemon-plugin-lockd libvirt-daemon-proxy libvirt-daemon-qemu libvirt-libs - libxl: Support custom firmware paths bf3be5b7-libxl-Support-custom-firmware-path.patch, 705525cb-libxl-Support-custom-firmware-path-conversion.patch bsc#1209161 - spec: Move ovmf dependency to correct package ==== libvorbis ==== Subpackages: libvorbis0 libvorbisenc2 libvorbisfile3 - Build AVX2 enabled hwcaps library for x86_64-v3 - Small spec file cleanup ==== microos-tools ==== Version update (2.18 -> 2.19) - Update URL - Update to version 2.19: - configure.ac: Run autoupdate to fix some deprecation warnings - Clean up selinux-autorelabel-generator and make it compatible with systemd 253 ==== mozilla-nss ==== Version update (3.87 -> 3.88.1) Subpackages: libfreebl3 libfreebl3-hmac libsoftokn3 libsoftokn3-hmac mozilla-nss-certs mozilla-nss-tools - update to NSS 3.88.1 * bmo#1804640 - improve handling of unknown PKCS#12 safe bag types - update to NSS 3.88 * bmo#1815870 - use a different treeherder symbol for each docker image build task * bmo#1815868 - pin an older version of the ubuntu:18.04 and 20.04 docker images * bmo#1810702 - remove nested table in rst doc * bmo#1815246 - Export NSS_CMSSignerInfo_GetDigestAlgTag. * bmo#1812671 - build failure while implicitly casting SECStatus to PRUInt32 * bmo#1212915 - Add check for ClientHello SID max length * bmo#1771100 - Added EarlyData ALPN test support to BoGo shim * bmo#1790357 - ECH client - Discard resumption TLS < 1.3 Session(IDs|Tickets) if ECH configs are setup * bmo#1714245 - On HRR skip PSK incompatible with negotiated ciphersuites hash algorithm * bmo#1789410 - ECH client: Send ech_required alert on server negotiating TLS 1.2. Fixed misleading Gtest, enabled corresponding BoGo test * bmo#1771100 - Added Bogo ECH rejection test support * bmo#1771100 - Added ECH 0Rtt support to BoGo shim * bmo#1747957 - RSA OAEP Wycheproof JSON * bmo#1747957 - RSA decrypt Wycheproof JSON * bmo#1747957 - ECDSA Wycheproof JSON * bmo#1747957 - ECDH Wycheproof JSON * bmo#1747957 - PKCS#1v1.5 wycheproof json * bmo#1747957 - Use X25519 wycheproof json * bmo#1766767 - Move scripts to python3 * bmo#1809627 - Properly link FuzzingEngine for oss-fuzz. * bmo#1805907 - Extending RSA-PSS bltest test coverage (Adding SHA-256 and SHA-384) * bmo#1804091 - NSS needs to move off of DSA for integrity checks * bmo#1805815 - Add initial testing with ACVP vector sets using acvp-rust * bmo#1806369 - Don't clone libFuzzer, rely on clang instead ==== mozjs102 ==== Version update (102.8.0 -> 102.9.0) - Update to version 102.9.0: + Various security fixes. + CVE-2023-25751: Incorrect code generation during JIT compilation. + CVE-2023-28164: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation. + CVE-2023-28162: Invalid downcast in Worklets. + CVE-2023-25752: Potential out-of-bounds when accessing throttled streams. + CVE-2023-28163: Windows Save As dialog resolved environment variables. + CVE-2023-28176: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9. ==== mutter ==== - Add mutter-prevent-newly-focused-windows-to-steal-focus-from-shell.patch: Revert wrong commit and try a third approach to fix focus (bsc#1208494). ==== ncurses ==== Version update (6.4.20230225 -> 6.4.20230311) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20230311 + improve manpage description for addch versus unctrl format used for non-printable characters. + modify version-check for gcc/g++, now works for msys2. + modify check in _nc_write_entry() for multiply defined aliases to report problems within the current runtime of tic rather than for conflicts with pre-existing terminal descriptions. + allow for MinGW32-/64-bit configurations to use _DEFAULT_SOURCE + clarify interaction of -R option versus -C, -I and -r in infocmp manpage. + build-fix in lib_win32con.c (cf: 20230211). ==== nftables ==== Version update (1.0.6 -> 1.0.7) Subpackages: libnftables1 python3-nftables - Update to release 1.0.7 * Support for vxlan/geneve/gre/gretap matching * auto-merge support for partial set element deletion * Allow for NAT mapping with concatenation and ranges * Support for quota in sets ==== nodejs19 ==== Subpackages: npm19 - relax Requires to Suggests for alts on TW ==== openexr ==== Version update (3.1.5 -> 3.1.6) Subpackages: libIex-3_1-30 libIlmThread-3_1-30 libOpenEXR-3_1-30 - update to 3.1.6: * NEON optimizations for ZIP reading * Enable fast Huffman & Huffman zig-zag transform for Arm Neon * Support relative and absolute libdir/includedir in pkg-config generation * Fix for reading memory mapped files with DWA compression * Enable SSE4 support on Windows * Fast huf decoder - Drop gcc13-fix.patch ==== osinfo-db ==== Version update (20221130 -> 20230308) - Update to database version 20230308 osinfo-db-20230308.tar.xz ==== pam-config ==== Version update (1.8 -> 1.9) - Update to version 1.9 - Add support for pam_lastlog2 ==== pam_kwallet ==== Subpackages: pam_kwallet-common - Add patches for handling edge cases and hardening: * 0001-Verify-that-XDG_RUNTIME_DIR-is-usable.patch * 0002-Don-t-do-anything-if-the-password-is-empty.patch * 0003-Exit-early-if-the-target-user-is-root.patch * 0004-Don-t-call-pam_sm_open_session-within-pam_sm_authent.patch ==== perl-Net-DNS ==== Version update (1.36 -> 1.37) - updated to 1.37 see /usr/share/doc/packages/perl-Net-DNS/Changes ==== perl-Net-Server ==== Version update (2.013 -> 2.014) - Remove patch fix-UDB-receiving-in-Fork-server.patch, has been fixed upstream. https://rt.cpan.org/Ticket/Display.html?id=146575 https://bugzilla.suse.com/show_bug.cgi?id=1206763 - updated to 2.014 see /usr/share/doc/packages/perl-Net-Server/Changes 2.014 Mar 14 2023 - Apply patch to Fork for UDP - Fix tests on perls without threads - Add fix-UDB-receiving-in-Fork-server.patch https://bugzilla.suse.com/show_bug.cgi?id=1206763 https://rt.cpan.org/Ticket/Display.html?id=146575 ==== php8 ==== Subpackages: php8-cli php8-ctype php8-dom php8-gd php8-gettext php8-iconv php8-mbstring php8-mysql php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter - update to newest systzdata patch [bsc#1208199] - deleted patches - php-systzdata-v21.patch (upstreamed) - added patches fix use of the system timezone database + php-systzdata-v23.patch ==== python-cryptography ==== Version update (39.0.1 -> 39.0.2) - update to 39.0.2: * Fixed a bug where the content type header was not properly encoded for PKCS7 signatures when using the ``Text`` option and ``SMIME`` encoding. ==== python310 ==== Subpackages: python310-curses python310-dbm python310-tk - Add invalid-json.patch fixing invalid JSON in Doc/howto/logging-cookbook.rst (somehow similar to gh#python/cpython#102582). ==== python310-core ==== Subpackages: libpython3_10-1_0 python310-base - Add invalid-json.patch fixing invalid JSON in Doc/howto/logging-cookbook.rst (somehow similar to gh#python/cpython#102582). ==== rubygem-excon ==== Version update (0.94.0 -> 0.99.0) - updated to version 0.99.0 among other changes, a fix for bsc#1209175, yast2-docker: - fix for URI gem changes when host empty for unix urls ==== rubygem-rack-2.2 ==== Version update (2.2.6.2 -> 2.2.6.4) - updated to version 2.2.6.4 [CVE-2023-27539] Avoid ReDoS in header parsing - updated to version 2.2.6.3 [CVE-2023-27530] Possible DoS Vulnerability in Multipart MIME parsing ==== sqlite3 ==== Subpackages: libsqlite3-0 sqlite3-tcl - Build AVX2 enabled hwcaps library for x86_64-v3 ==== totem ==== Subpackages: totem-plugins - Drop obsolete and unused intltool, vala and pkgconfig(libepc-ui-1.0) BuildRequires. ==== vim ==== Subpackages: vim-data vim-data-common - Update spec.skeleton to use autosetup in place of setup macro. ==== whois ==== Version update (5.5.15 -> 5.5.16) - update to 5.5.16: * Add bash completion support, courtesy of Ville Skyttä. * Updated the .tr TLD server. * Removed support for -metu NIC handles. ==== xz ==== Subpackages: liblzma5 - Build AVX2 enabled hwcaps library for x86_64-v3 ==== yast2-add-on ==== Version update (4.6.0 -> 4.6.1) - Removed unnecessary executable flag from file add-on-workflow.rb (bsc#1209094) - 4.6.1 ==== yast2-installation ==== Version update (4.6.0 -> 4.6.1) - Removed unnecessary executable flag from file security_proposal.rb (bsc#1209094) - 4.6.1 ==== yast2-storage-ng ==== Version update (4.6.0 -> 4.6.1) - Removed unnecessary executable flags from files (bsc#1209094) - 4.6.1 ==== yast2-trans ==== Version update (84.87.20230306.ba31ff5670 -> 84.87.20230312.2a5006f40f) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20230312.2a5006f40f: * Translated using Weblate (Polish) * Translated using Weblate (Polish) * Translated using Weblate (Polish) * Translated using Weblate (Polish) * Translated using Weblate (Polish) * Translated using Weblate (Swedish) * Translated using Weblate (Swedish) * Translated using Weblate (Swedish) * Translated using Weblate (Swedish) * Translated using Weblate (Swedish) * Translated using Weblate (Swedish) * Translated using Weblate (Polish) * Translated using Weblate (Polish) * Translated using Weblate (Polish) * New POT for text domain 'online-update'. * Translated using Weblate (Javanese) * Translated using Weblate (Polish) * Translated using Weblate (Polish) * Translated using Weblate (Dutch) * Translated using Weblate (Dutch) * Translated using Weblate (Javanese) * Translated using Weblate (Georgian) ==== zvbi ==== Version update (0.2.39 -> 0.2.41) - update to 0.2.41: * src/libzvbi.h: In libzvbi.h, remove #include version.h and replace with version number macros * po/*.po: Update Project-Id-Version.