Packages changed: crda diffutils (3.8 -> 3.9) ed (1.18 -> 1.19) gcc13 (13.0.0+git197351 -> 13.0.1+git5199) installation-images-MicroOS (17.67 -> 17.68) kernel-source (6.1.4 -> 6.1.7) libXpm libevent librsvg libstorage-ng (4.5.63 -> 4.5.64) libva (2.16.0 -> 2.17.0) libwacom (2.4.0 -> 2.5.0) ncurses (6.4.20230107 -> 6.4.20230114) patterns-microos perl pipewire podman python-configobj python-httpx (0.23.0 -> 0.23.3) python310-packaging (22.0 -> 23.0) redis (7.0.7 -> 7.0.8) rpm rust-keylime (0.1.0+git.1666019359.f5de47b -> 0.1.0+git.1672681780.762cec8) tracker-miners (3.4.2 -> 3.4.3) yast2-storage-ng (4.5.15 -> 4.5.16) === Details === ==== crda ==== - Replace transitional %usrmerged macro with regular version check (boo#1206798) ==== diffutils ==== Version update (3.8 -> 3.9) - diffutils 3.9: * fixes for other platforms ==== ed ==== Version update (1.18 -> 1.19) - update to 1.19: * Reading a non-existent file with commands 'e' or 'E' did set the 'modified' flag, which prevented a following 'e' command from succeeding * The long name of option '-s' has been changed to '--script'. Option '-s' now only suppresses byte counts and the '!' prompt as mandated by POSIX. It no longer suppresses diagnostic messages written to stderr. * The short name '-q' has been assigned to options '--quiet' and '--silent'. Option '-q' now only suppresses diagnostic messages written to stderr. * The help message showing the line where a script error happened when ed's input is from a regular file is now printed to stdout instead of stderr because it is enabled by the 'H' command. * Ed no longer processes file names for backslash escapes. * It has been documented in the manual that address 0 is valid as a starting point for searches so that '0;/RE/' can match the regular expression RE in the first line of the buffer. * It has been documented in the manual how to achieve the effect of ex style '!' filtering with a sequence of commands. ==== gcc13 ==== Version update (13.0.0+git197351 -> 13.0.1+git5199) Subpackages: libgcc_s1 libgfortran5 libgomp1 libobjc4 libstdc++6 libstdc++6-pp libubsan1 - Configure external timezone database provided by the timezone package. Make libstdc++6 recommend timezone to get a fully working std::chrono. Install timezone when running the testsuite. - Remove dependence on doxygen and graphviz when building the testsuite. Those were used to build the libstdc++ API html documentation but we stopped shipping that when Java support was removed and nobody noticed. Purge traces of the built libstdc++6-gccN-doc package. - Package libhwasan_preinit.o on x86_64. - Update to GCC trunk head (r13-5199-g2f81164255bf0d) * pulls changes up to the start of Stage 4 - Change version numbering to match the commit count from the git gcc-descr alias - Add gcc13-pr107678.patch to fix unwinding on aarch64 with pointer signing. [bsc#1206684] - Don't rely on %usrmerged, set it based on standard %suse_version - Enable PRU flavour for gcc13 ==== installation-images-MicroOS ==== Version update (17.67 -> 17.68) - merge gh#openSUSE/installation-images#618 - switch from curl to osc api to avoid authentication hassle with IBS - add 'ignore_packages' environment setting to allow more control over package config - update docs - 17.68 ==== kernel-source ==== Version update (6.1.4 -> 6.1.7) - Linux 6.1.7 (bsc#1012628). - netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits (bsc#1012628). - ALSA: control-led: use strscpy in set_led_id() (bsc#1012628). - ALSA: usb-audio: Always initialize fixed_rate in snd_usb_find_implicit_fb_sync_format() (bsc#1012628). - ALSA: hda/realtek - Turn on power early (bsc#1012628). - ALSA: hda/realtek: Enable mute/micmute LEDs on HP Spectre x360 13-aw0xxx (bsc#1012628). - KVM: x86: Do not return host topology information from KVM_GET_SUPPORTED_CPUID (bsc#1012628). - KVM: arm64: Fix S1PTW handling on RO memslots (bsc#1012628). - efi: fix userspace infinite retry read efivars after EFI runtime services page fault (bsc#1012628). - efi: tpm: Avoid READ_ONCE() for accessing the event log (bsc#1012628). - io_uring/poll: add hash if ready poll request can't complete inline (bsc#1012628). - arm64: mte: Fix double-freeing of the temporary tag storage during coredump (bsc#1012628). - arm64: mte: Avoid the racy walk of the vma list during core dump (bsc#1012628). - arm64: cmpxchg_double*: hazard against entire exchange variable (bsc#1012628). - ACPI: Fix selecting wrong ACPI fwnode for the iGPU on some Dell laptops (bsc#1012628). - net: stmmac: add aux timestamps fifo clearance wait (bsc#1012628). - perf auxtrace: Fix address filter duplicate symbol selection (bsc#1012628). - s390/kexec: fix ipl report address for kdump (bsc#1012628). - brcmfmac: Prefer DT board type over DMI board type (bsc#1012628). - ASoC: qcom: lpass-cpu: Fix fallback SD line index handling (bsc#1012628). - elfcore: Add a cprm parameter to elf_core_extra_{phdrs,data_size} (bsc#1012628). - cpufreq: amd-pstate: fix kernel hang issue while amd-pstate unregistering (bsc#1012628). - s390/cpum_sf: add READ_ONCE() semantics to compare and swap loops (bsc#1012628). - s390/percpu: add READ_ONCE() to arch_this_cpu_to_op_simple() (bsc#1012628). - drm/virtio: Fix GEM handle creation UAF (bsc#1012628). - drm/amd/pm/smu13: BACO is supported when it's in BACO state (bsc#1012628). - drm: Optimize drm buddy top-down allocation method (bsc#1012628). - drm/i915/gt: Reset twice (bsc#1012628). - drm/i915: Reserve enough fence slot for i915_vma_unbind_async (bsc#1012628). - drm/i915: Fix potential context UAFs (bsc#1012628). - drm/amd: Delay removal of the firmware framebuffer (bsc#1012628). - drm/amdgpu: Fixed bug on error when unloading amdgpu (bsc#1012628). - drm/amd/pm: correct the reference clock for fan speed(rpm) calculation (bsc#1012628). - drm/amd/pm: add the missing mapping for PPT feature on SMU13.0.0 and 13.0.7 (bsc#1012628). - drm/amd/display: move remaining FPU code to dml folder (bsc#1012628). - Revert "drm/amdgpu: Revert "drm/amdgpu: getting fan speed pwm for vega10 properly"" (bsc#1012628). - cifs: Fix uninitialized memory read for smb311 posix symlink create (bsc#1012628). - cifs: fix file info setting in cifs_query_path_info() (bsc#1012628). - cifs: fix file info setting in cifs_open_file() (bsc#1012628). - cifs: do not query ifaces on smb1 mounts (bsc#1012628). - cifs: fix double free on failed kerberos auth (bsc#1012628). - io_uring/fdinfo: include locked hash table in fdinfo output (bsc#1012628). - ASoC: rt9120: Make dev PM runtime bind AsoC component PM (bsc#1012628). - ACPI: video: Allow selecting NVidia-WMI-EC or Apple GMUX backlight from the cmdline (bsc#1012628). - platform/x86: dell-privacy: Only register SW_CAMERA_LENS_COVER if present (bsc#1012628). - platform/surface: aggregator: Ignore command messages not intended for us (bsc#1012628). - platform/x86: int3472/discrete: Ensure the clk/power enable pins are in output mode (bsc#1012628). - platform/x86: thinkpad_acpi: Fix profile mode display in AMT mode (bsc#1012628). - platform/x86: asus-wmi: Don't load fan curves without fan (bsc#1012628). - platform/x86: dell-privacy: Fix SW_CAMERA_LENS_COVER reporting (bsc#1012628). - dt-bindings: msm: dsi-controller-main: Fix operating-points-v2 constraint (bsc#1012628). - drm/msm: another fix for the headless Adreno GPU (bsc#1012628). - firmware/psci: Fix MEM_PROTECT_RANGE function numbers (bsc#1012628). - firmware/psci: Don't register with debugfs if PSCI isn't available (bsc#1012628). - drm/msm/adreno: Make adreno quirks not overwrite each other (bsc#1012628). - arm64/signal: Always allocate SVE signal frames on SME only ... changelog too long, skipping 522 lines ... - commit 0fb77d6 ==== libXpm ==== - U_0001-configure-add-disable-open-zfile-instead-of-requirin.patch * needed by U_0005-Fix-CVE-2022-4883-compression-commands-depend-on-PAT.patch - U_0002-Fix-CVE-2022-46285-Infinite-loop-on-unclosed-comment.patch * libXpm: Infinite loop on unclosed comments (CVE-2022-46285, bsc#1207029) - U_0004-Fix-CVE-2022-44617-Runaway-loop-with-width-of-0-and-.patch * libXpm: Runaway loop on width of 0 and enormous height (CVE-2022-44617, bsc#1207030) - U_0005-Fix-CVE-2022-4883-compression-commands-depend-on-PAT.patch * libXpm: compression commands depend on $PATH (CVE-2022-4883, bsc#1207031) - U_regression-bug1207029_1207030_1207031.patch * regression fix for above patches - U_regression2-bug1207029_1207030_1207031.patch * second regression fix: Use gzip -d instead of gunzip ==== libevent ==== - Disable the select backend, this can be easily done by lying to configure. This is done due to: * using fd number > 1024 on an fd_set results in a runtime fortify source assertion, preventing further doom. * select will not be changed to handle fd > 1024. * this limit is unreasonable low for this century. ==== librsvg ==== Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0 - update vendor tarball - actually run the testsuite for x86_64 (bsc#1207167) ==== libstorage-ng ==== Version update (4.5.63 -> 4.5.64) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#912 - allow both 'swap' and 'none' as path for swap in fstab - added testcase - 4.5.64 ==== libva ==== Version update (2.16.0 -> 2.17.0) Subpackages: libva-drm2 libva-x11-2 libva2 - update to 2.17.0: * win: Simplify signature for driver name loading * win: Rewrite driver registry query and fix some bugs/leaks/inefficiencies * win: Add missing null check after calloc * va: Update security disclaimer * dep:remove the file .cvsignore * pkgconfig: add 'with-legacy' for emgd, nvctrl and fglrx * meson: add 'with-legacy' for emgd, nvctrl and fglrx * x11: move all FGLRX code to va_fglrx.c * x11: move all NVCTRL code to va_nvctrl.c * meson: stop using deprecated meson.source_root() * meson: stop using configure_file copy=true * va: correctly include the win32 (local) headers * win: clean-up the coding style * va: dos2unix all the files * drm: remove unnecessary dri2 version/extension query * trace: annotate internal functions with DLL_HIDDEN * build/sysdeps: Remove HAVE_GNUC_VISIBILITY_ATTRIBUTE and use _GNUC_ support level attribute instead * meson: Check support for -Wl,-version-script and build link_args accordingly * meson: Set va_win32 soversion to '' and remove the install_data rename * fix: resouce check null * va_trace: Add Win32 memory types in va_TraceSurfaceAttributes * va_trace: va_TraceSurfaceAttributes should check the VASurfaceAttribMemoryType * va: Adds Win32 Node and Windows build support * va: Adds compat_win32 abstraction for Windows build and prepares va common code for windows build * pkgconfig: Add Win32 package for when WITH_WIN32 is enabled * meson: Add with_win32 option, makes libdrm non-mandatory on Win * x11: add basic DRI3 support * drm: remove VA_DRM_IsRenderNodeFd() helper * drm: add radeon drm + radeonsi mesa combo ==== libwacom ==== Version update (2.4.0 -> 2.5.0) Subpackages: libwacom-data libwacom9 - update to 2.5.0: - Cintiq Pro 27 - Intuos Pro Small refresh - Dell Chromebook 11 5190 2-in-1 - Dell Inspiron 14 7425 2-in-1 - Fujitsu U729X - update keyring ==== ncurses ==== Version update (6.4.20230107 -> 6.4.20230114) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20230114 + change RV to XR/xr, to avoid conflict with pre-existing usage in vim, to use RV/rv to denote DA2 and its response (discussion with Bram Moolenaar) -TD + add XF flag to xterm+focus so that termcap applications can be aware of terminals which may support focus in/out -TD + use xterm+focus in xterm-p370 and tmux -TD + improve configure-script macros vs compiler warnings. - Correct offsets of patches * ncurses-5.9-ibm327x.dif * ncurses-6.4.dif ==== patterns-microos ==== Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-base-microdnf patterns-microos-base-packagekit patterns-microos-base-zypper patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-desktop-common patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-ra_agent patterns-microos-ra_verifier patterns-microos-selinux patterns-microos-sssd_ldap - Add transactional-update-notifier to the microos_desktop_common Pattern. This is a long waited change that will provide Desktop notifications about transactional updates succeeding/failing for MicroOS Desktop users. - Improve readability of FOR loop shell construct, in the install directive, by assigning all the Patterns iterated by FOR to the PATTERNS variable (for i in $PATTERNS) instead of passing them directly (for i in pattern1 pattern2 pattern3 ...). - Rename patterns-microos-rpmlintrc to patterns-microos.rpmlintrc. While the former is obviously supported, the latter is both preferred and recommended by upstream. ==== perl ==== Subpackages: perl-base - Replace usage of deprecated fgrep with grep -F. ==== pipewire ==== Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Add patch from upstream to avoid division by 0 and other issues with invalid values (glfo#pipewire/pipewire#2953): * 0001-alsa-guard-against-some-invalid-values.patch - Add patch from upstream to fix causing an overflow resulting in choppy sound in some cases (glfo#pipewire/pipewire#2680): * 0001-spa-Fix-audioconvert-overflow-when-scaling.patch - Add patch from upstream to fix a crash on arm: * 0001-cpu-arm-Fix-incorrect-free.patch ==== podman ==== Subpackages: podman-cni-config - add patch: 0003-Only-override-the-graphdriver-to-vfs-if-the-priority.patch (backport of https://github.com/containers/storage/pull/1468) - Make the priority for picking the storage driver configurable (bsc#1197093) (backport of https://github.com/containers/storage/pull/1460) - add patch: 0002-Make-the-priority-for-picking-the-storage-driver-con.patch ==== python-configobj ==== - require setuptools ==== python-httpx ==== Version update (0.23.0 -> 0.23.3) - Update to 0.23.3 * Version 0.23.2 accidentally included stricter type checking on query parameters. This shouldn've have been included in a minor version bump, and is now reverted. (#2523, #2539) - 0.23.2 (2nd Jan, 2023) * Support digest auth nonce counting to avoid multiple auth requests. (#2463) * Multipart file uploads where the file length cannot be determine now use chunked transfer encoding, rather than loading the entire file into memory in order to determine the `Content-Length`. (#2382) * Raise `TypeError` if content is passed a dict-instance. (#2495) * Partially revert the API breaking change in 0.23.1, which removed `RawURL`. We continue to expose a `url.raw` property which is now a plain named-tuple. This API is still expected to be deprecated, but we will do so with a major version bump. (#2481) - 0.23.1 (18th Nov, 2022) * *Note**: The 0.23.1 release should have used a proper version bump, rather than a minor point release. There are API surface area changes that may affect some users. See the "Removed" section of these release notes for details. [#]## Added * Support for Python 3.11. (#2420) * Allow setting an explicit multipart boundary in `Content-Type` header. (#2278) * Allow `tuple` or `list` for multipart values, not just `list`. (#2355) * Allow `str` content for multipart upload files. (#2400) * Support connection upgrades. See https://www.encode.io/httpcore/extensions/#upgrade-requests [#]## Fixed * Don't drop empty query parameters. (#2354) [#]## Removed * Upload files *must* always be opened in binary mode. (#2400) * Drop `.read`/`.aread` from `SyncByteStream`/`AsyncByteStream`. (#2407) * Drop `RawURL`. (#2241) ==== python310-packaging ==== Version update (22.0 -> 23.0) - Update to v23.0 * Remove unused LPAREN token from tokenizer by @hrnciar in #630 * Reorganise the project layout and version management by @pradyunsg in #626 * Correctly handle non-normalised specifiers in requirements by @pradyunsg in #634 * Use stable Python 3.11 in tests by @153957 in #641 * Fix typing for specifiers.BaseSpecifier.filter() by @henryiii in #643 * Correctly handle trailing whitespace on URL requirements by @pradyunsg in #642 * refactor _generic_api to use EXT_SUFFIX by @mattip in #607 * Allow "extra" to be None in the marker environment by @pradyunsg in #650 * Fix typos by @kianmeng in #648 * Update changelog for release by @pradyunsg in #656 ==== redis ==== Version update (7.0.7 -> 7.0.8) - redis 7.0.8 * CVE-2022-35977: Integer overflow in the Redis SETRANGE and SORT/SORT_RO commands can drive Redis to OOM panic boo#1207202 * CVE-2023-22458: Integer overflow in the Redis HRANDFIELD and ZRANDMEMBER commands can lead to denial-of-service boo#1207203 * Avoid possible hang when client issues long KEYS, SRANDMEMBER, HRANDFIELD, and ZRANDMEMBER commands and gets disconnected by client output buffer limit * Make sure that fork child doesn't do incremental rehashing * Fix a bug where blocking commands with a sub-second timeout would block forever * Fix sentinel issue if replica changes IP ==== rpm ==== Subpackages: librpmbuild9 - Replace transitional %usrmerged macro with regular version check (boo#1206798) ==== rust-keylime ==== Version update (0.1.0+git.1666019359.f5de47b -> 0.1.0+git.1672681780.762cec8) - Update to version 0.1.0+git.1672681780.762cec8: * build(deps): bump openssl from 0.10.41 to 0.10.45 * build(deps): bump tokio from 1.21.1 to 1.23.0 * Disable dnf-makecache.service to save RAM * CI tests: Do not remove Fedora tag repository * add support for cargo deb * Pacify clippy::needless-borrow * Move tpm.rs from keylime-agent to the library * Split crates into library and applications - Add 0001-keylime-agent-remove-const_err-deny.patch - Fix "cargo install" with workspaces https://github.com/rust-lang/cargo/issues/7599 - Add 0001-Cargo.toml-tss-esapi-bindings.patch - Update to version 0.1.0+git.1670590616.e80c67a: * main: only read uuid from KeylimeConfig * Enabling more e2e tests in Packit CI * systemd: start agent after network is online * Cargo: Drop unused dependencies rust-ini and toml ==== tracker-miners ==== Version update (3.4.2 -> 3.4.3) Subpackages: tracker-miner-files - Update to version 3.4.3: + Fix possible warnings in tracker-miner-fs-3 + Fixes to handle BTRFS subvolumes + Reset nie:isStoredAs/nie:interpretedAs on updated folders + Drop 'fluidsynthmidi' GStreamer module + Fix GSource leak + Updated translations. ==== yast2-storage-ng ==== Version update (4.5.15 -> 4.5.16) - Extended regexp to identify Dell BOSS storage devices (bsc#1200975) - 4.5.16