Packages changed: Mesa (23.0.2 -> 23.0.3) Mesa-drivers (23.0.2 -> 23.0.3) ModemManager (1.18.12 -> 1.20.6) MozillaFirefox (112.0 -> 112.0.2) NetworkManager (1.42.4 -> 1.42.6) baloo5-widgets (22.12.3 -> 23.04.0) bind (9.18.13 -> 9.18.14) breeze container-selinux (2.206.0 -> 2.211.0) containerd (1.6.19 -> 1.6.20) coreutils (9.2 -> 9.3) desktop-file-utils dmidecode dnsmasq docbook-xsl (1.79.2 -> 1.79.2.1) docker (20.10.23_ce -> 23.0.5_ce) dolphin (22.12.3 -> 23.04.0) dracut (059+suse.368.g2e7ac134 -> 059+suse.375.gafb362e4) ebook-tools evolution-data-server (3.48.0 -> 3.48.1) ffmpeg-5 (5.1.2 -> 5.1.3) ffmpegthumbs (22.12.3 -> 23.04.0) filelight (22.12.3 -> 23.04.0) firewalld (1.3.1 -> 1.3.2) freetype2 gcc13 (13.0.1+git7162 -> 13.0.1+git7231) ghostscript git (2.40.0 -> 2.40.1) glib2 (2.76.1 -> 2.76.2) gnome-branding-MicroOS (20230323 -> 20230420) gnome-control-center (44.0+20 -> 44.1) gnome-shell (44.0+42 -> 44.1) gnome-software (44.0 -> 44.1) gnome-user-docs (44.0 -> 44.1) gpgme (1.19.0 -> 1.20.0) grep (3.9 -> 3.10) grub2 gssdp gstreamer-plugins-bad gtk3 (3.24.37 -> 3.24.37+68) gtk4 (4.10.1 -> 4.10.3) gupnp gupnp-igd installation-images-MicroOS (17.81 -> 17.86) kaccounts-integration (22.12.3 -> 23.04.0) kaccounts-providers (22.12.3 -> 23.04.0) kate (22.12.3 -> 23.04.0) kde-print-manager (22.12.3 -> 23.04.0) kdegraphics-thumbnailers (22.12.3 -> 23.04.0) kdenetwork-filesharing (22.12.3 -> 23.04.0) kdialog (22.12.3 -> 23.04.0) kernel-firmware (20230406 -> 20230427) kernel-source (6.2.10 -> 6.2.12) keylime (6.7.0 -> 7.0.0) khelpcenter5 (22.12.3 -> 23.04.0) kio-extras5 (22.12.3 -> 23.04.0) konsole (22.12.3 -> 23.04.0) kwalletmanager5 (22.12.3 -> 23.04.0) libadwaita (1.3.1 -> 1.3.2) libalternatives (1.2+3.b848aad -> 1.2+30.a5431e9) libcdio libcontainers-common libedit libgphoto2 libgudev libjxl libkdcraw (22.12.3 -> 23.04.0) libkexiv2 (22.12.3 -> 23.04.0) libmbim (1.26.4 -> 1.28.4) libmtp (1.1.20 -> 1.1.21) libpaper (2.0.10 -> 2.1.0) libpng16 libqt5-qtbase (5.15.8+kde185 -> 5.15.9+kde151) libqt5-qtdeclarative (5.15.8+kde22 -> 5.15.9+kde23) libqt5-qtgraphicaleffects (5.15.8+kde0 -> 5.15.9+kde0) libqt5-qtimageformats (5.15.8+kde9 -> 5.15.9+kde9) libqt5-qtlocation (5.15.8+kde4 -> 5.15.9+kde5) libqt5-qtmultimedia (5.15.8+kde3 -> 5.15.9+kde3) libqt5-qtquickcontrols (5.15.8+kde0 -> 5.15.9+kde0) libqt5-qtquickcontrols2 (5.15.8+kde7 -> 5.15.9+kde5) libqt5-qtsensors (5.15.8+kde0 -> 5.15.9+kde0) libqt5-qtspeech (5.15.8+kde1 -> 5.15.9+kde1) libqt5-qtsvg (5.15.8+kde8 -> 5.15.9+kde7) libqt5-qttools (5.15.8+kde1 -> 5.15.9+kde1) libqt5-qttranslations (5.15.8+kde0 -> 5.15.9+kde0) libqt5-qtvirtualkeyboard (5.15.8+kde0 -> 5.15.9+kde0) libqt5-qtwayland (5.15.8+kde63 -> 5.15.9+kde55) libqt5-qtwebchannel (5.15.8+kde3 -> 5.15.9+kde3) libqt5-qtwebengine libqt5-qtwebview (5.15.8+kde0 -> 5.15.9+kde0) libqt5-qtx11extras (5.15.8+kde0 -> 5.15.9+kde0) libqt5-qtxmlpatterns (5.15.8+kde0 -> 5.15.9+kde0) librsvg libsoup (3.4.0 -> 3.4.2) libsrtp2 libstorage-ng (4.5.96 -> 4.5.100) libunistring liburing libva libva-gl libverto libxml2 (2.10.3 -> 2.10.4) libxmlb (0.3.10 -> 0.3.11) libyui (4.5.1 -> 4.5.2) libyui-ncurses (4.5.1 -> 4.5.2) libyui-ncurses-pkg (4.5.1 -> 4.5.2) libyui-qt (4.5.1 -> 4.5.2) libyui-qt-graph (4.5.1 -> 4.5.2) libyui-qt-pkg (4.5.1 -> 4.5.2) libzypp (17.31.10 -> 17.31.11) lilv (0.24.12 -> 0.24.20) llvm16 (16.0.1 -> 16.0.2) makedumpfile (1.7.2 -> 1.7.3) mdadm microos-tools (2.20+git20230413.2a43cdb -> 2.21+git0) mobipocket (22.12.3 -> 23.04.0) mozjs102 mpfr mutter (44.0+54 -> 44.1) nautilus (44.0 -> 44.1) ncurses (6.4.20230408 -> 6.4.20230418) nfs-utils numactl (2.0.15.0.g01a39cb -> 2.0.16.21.g693fee1) openvpn (2.5.9 -> 2.6.3) opus (1.3.1 -> 1.4) os-prober pam (1.5.2 -> 1.5.2.90) pam-config (2.4 -> 2.5) pam-full-src (1.5.2 -> 1.5.2.90) patterns-gnome patterns-microos perl-Bootloader (0.941 -> 1.0) plasma-branding-MicroOS (20230323 -> 20230420) plasma5-desktop plymouth postfix (3.7.4 -> 3.8.0) power-profiles-daemon (0.12 -> 0.13) protobuf protobuf-c publicsuffix (20230414 -> 20230426) python-Automat python-Babel python-Brotli python-CommonMark python-Jinja2 python-MarkupSafe python-PyJWT python-PySocks python-PyYAML python-SQLAlchemy python-Twisted python-anyio python-apipkg python-async_timeout python-attrs python-blinker python-certifi python-cffi python-click python-configobj python-constantly python-cryptography python-decorator python-dnspython python-gevent python-greenlet python-h11 python-h2 python-hpack python-httpcore python-httpx python-hyperframe python-hyperlink python-idna python-incremental python-iniconfig python-jsonpatch python-jsonpointer python-jsonschema python-lark python-netifaces python-numpy python-oauthlib python-pexpect python-pip python-psutil python-ptyprocess python-py python-pyOpenSSL python-pyasn1 python-pyasn1-modules python-pycares python-pycparser python-pycurl python-pylibmc python-pymemcache python-pyrsistent python-pyserial python-python-dateutil python-pytz python-pyudev python-requests-toolbelt python-responses python-rfc3986 python-rich python-service_identity python-simplejson python-sniffio python-tornado6 python-typing_extensions python-urllib3 python-zope.event python-zope.interface qalculate (4.5.1 -> 4.6.1) raspberrypi-firmware (2023.03.22 -> 2023.04.25) raspberrypi-firmware-config (2023.03.22 -> 2023.04.25) runc (1.1.6 -> 1.1.7) sddm selinux-policy (20230321 -> 20230425) serd (0.30.12 -> 0.30.16) setools (4.4.1 -> 4.4.2) shadow signon-kwallet-extension (22.12.3 -> 23.04.0) snapper spectacle (22.12.3 -> 23.04.0) sratom (0.6.10 -> 0.6.14) systemd texlive-specs-n tracker (3.5.0 -> 3.5.1) tracker-miners (3.5.0 -> 3.5.1) tuned (2.19.0.29+git.b894a3e -> 2.20.0.18+git.7b1a20b) u-boot-rpiarm64 (2023.01 -> 2023.04) utempter (1.2.0 -> 1.2.1) vim (9.0.1443 -> 9.0.1488) vulkan-loader (1.3.243.0 -> 1.3.247) vulkan-tools (1.3.243.0 -> 1.3.247) wayland (1.21.0 -> 1.22.0) webkit2gtk3 (2.40.0 -> 2.40.1) webkit2gtk4 (2.40.0 -> 2.40.1) xbitmaps xdg-desktop-portal-gnome (44.0 -> 44.1) xdg-desktop-portal-gtk xdpyinfo (1.3.3 -> 1.3.4) xkeyboard-config xset yast2-country (4.6.1 -> 4.6.2) yast2-samba-client (4.6.0 -> 4.6.1) zbar zstd (1.5.4 -> 1.5.5) zxing-cpp === Details === ==== Mesa ==== Version update (23.0.2 -> 23.0.3) Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - Update to version 23.0.3 * 3rd bug fix release: changes all across the tree, with no one subsystem seeing too many changes ==== Mesa-drivers ==== Version update (23.0.2 -> 23.0.3) Subpackages: Mesa-dri Mesa-gallium Mesa-libva - Update to version 23.0.3 * 3rd bug fix release: changes all across the tree, with no one subsystem seeing too many changes ==== ModemManager ==== Version update (1.18.12 -> 1.20.6) Subpackages: ModemManager-bash-completion libmm-glib0 - Update to version 1.20.6: + build: New build option to allow disabling the installation of examples. + core: - Fix crash when uninhibiting partially removed device. - Fix crash when attempting to load an invalid shared utils library. + mmcli: - Allow JSON and key/value output when creating SMS messages. - Improved JSON output in network scan results. + libmm-glib: - Avoid using g_time_zone_new_offset() unless glib >= 2.58. - Fix flags to string conversion utils to allow multiple flags. + MBIM: - Reset cached SIM info when SIM is unlocked. - Fix synchronizing the state of the SIM hot swap configured flag. - Fix bug cleaning up the LTE attach info unsolicited message handler. - Fallback from QMI UIM service only if unsupported. - Add missing support for 'emergency' APN type. + QMI: - Fix processing and exposing PCOs. - Fix power up on modems that don't support power state change indications. + plugins: - telit: . add additional support for 5G modems. . added port type hints for FN990 0x1070, 0x1071 compositions. . increase allowed initial delay in AT ports. . fallback to AT commands if loading revision via MBIM fails. - quectel: add support for EC21-EUX usb modules. - xmm: fix crash parsing XACT? response. - Changes from version 1.20.4: + build: - Don't hardcode building shared libraries, so that meson's default_library option can be used properly, - po: Added missing Georgian translation in LINGUAS. + QMI: - Fixed loading NR5G signal info. - Fixed memory leaks when processing signal info. - Correctly scaled the SNR value reported in NR5G. - Fixed invalid use-after-free actions due to improper handling of proxy removal events. + MBIM: - Fixed processing MbimSmsStatusFlag as flags, not as an enum. - Fixed invalid use-after-free actions due to improper handling of proxy removal events. - Chained up device notifications through the MMPortMbim object. + Messaging: Allowed Delete operation during enabling/disabling. + Core: Don't assume port tables always exist so that long-standing operations holding an object reference can finish cleanly even after the initial object disposal has already been run. + plugins: - quectel: added new firehose/sahara support udev tags in new models. - broadmobi: added MM_PLUGIN_REQUIRED_QCDM flag. - cinterion: . added a delay to the ^SWWAN? command. . added retry mechanism to the ^SWWAN? command. - Changes from version 1.20.2: + build: - Fixed building without MBIM support. - Fixed building without tests support. - Disabled test interface in base manager if building without tests. - Updated intel plugin dependencies to require XMM shared utils. - Fixed templates to make build reproducible. + FCC unlock: Updated shell scripts to avoid requiring bash. + MBIM: - Ignored SIM related indications during a SIM slot switch operation. - Updated capabilities loading to use Microsoft Extensions if available. - Updated supported modes loading to use the CustomDataClass field contents. + SIM: Fixed length when reading GID1/GID2 using AT commands. + Several other minor improvements and fixes. - Changes from version 1.20.0: + API: - New 'Modem.Sar' interface to allow the host to manage the SAR power level. - New 'Modem.GetCellInfo()' method, that allows querying information about the current serving and neighboring cells. Currently including 'cell-type' and 'serving' fields for all cell types, plus additional type-specific fields: . CDMA: 'nid', 'sid', 'base-station-id', 'ref-pn' and 'pilot-strength'. . GSM: 'operator-id', 'lac', 'ci', 'timing-advance', 'arfcn', 'base-station-id' and 'rx-level'. . UMTS: 'operator-id', 'lac', 'ci', 'frequency-fdd-ul', 'frequency-fdd-dl', 'frequency-tdd', 'uarfcn', 'psc', 'rscp', 'ecio' and 'path-loss'. . TDSCDMA: 'operator-id', 'lac', 'ci', 'uarfcn', 'cell-parameter-id', 'timing-advance', 'rscp' and ... changelog too long, skipping 133 lines ... dependencies. ==== MozillaFirefox ==== Version update (112.0 -> 112.0.2) - Mozilla Firefox 112.0.2 * Fix a high memory usage issue with animated images in minimized (or completely covered) windows, especially when using animated themes (bmo#1828587) * Fix an issue where Linux users with bitmap fonts installed may have had entire sections of text invisible to them on some sites (bmo#1827950) - Include Leap 15.5 in check for which python version is required. - Mozilla Firefox 112.0.1 * Fix a bug where cookie dates appear to be set in the far future after updating Firefox. This may have caused cookies to be unintentionally purged (bmo#1827669) ==== NetworkManager ==== Version update (1.42.4 -> 1.42.6) Subpackages: NetworkManager-bluetooth NetworkManager-tui NetworkManager-wwan libnm0 typelib-1_0-NM-1_0 - Update to version 1.42.6: + Emit the dhcp-change dispatcher event also after a lease renewal. + Fix assertion failure on DHCP renewal. + Add support for EC2 IMDSv2 in nm-cloud-setup. + Allow setting tunnel flags for ip6gre & ip6gretap connection profiles. + Improve the Wi-Fi hotspot functionality. + Fix setting the Wi-Fi roaming policy based on the number of seen BSSIDs. + Support the "no-aaaa" resolv.conf option. + Some oFono fixes. ==== baloo5-widgets ==== Version update (22.12.3 -> 23.04.0) - Update to 23.04.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.04.0/ - Update to 23.03.90 * New feature release - Update to 23.03.80 * New feature release ==== bind ==== Version update (9.18.13 -> 9.18.14) - Update to release 9.18.14 Removed Features: * Zone type delegation-only, and the delegation-only and root-delegation-only statements, have been deprecated. A warning is now logged when they are used. * These statements were created to address the SiteFinder controversy, in which certain top-level domains redirected misspelled queries to other sites instead of returning NXDOMAIN responses. Since top-level domains are now DNSSEC-signed, and DNSSEC validation is active by default, the statements are no longer needed. Bug Fixes: * Several bugs which could cause named to crash during catalog zone processing have been fixed. * Previously, downloading large zones over TLS (XoT) from a primary could hang the transfer on the secondary, especially when the connection was unstable. This has been fixed. * Performance of DNSSEC validation in zones with many DNSKEY records has been improved. ==== breeze ==== Subpackages: breeze5-cursors breeze5-decoration breeze5-style breeze5-style-lang breeze5-wallpapers libbreezecommon5-5 - Add patch to avoid CPU use in idle apps (boo#1210747, kde#468903): * 0001-ProgressBar-Stop-emitting-polish-requests-when-item-.patch ==== container-selinux ==== Version update (2.206.0 -> 2.211.0) - Update to version 2.211.0: * Don't transition to initrc_t domains from spc_t * Add tunable to allow sshd_t to launch container engines * Allow syslogd_t gettatr on inheritited runtime tmpfs files * Add container_file_t and container_ro_file_t as user_home_type * Set default context for local-path-provisioner * Allow daemon to send dbus messages to spc_t by ==== containerd ==== Version update (1.6.19 -> 1.6.20) - Update to containerd v1.6.20 for Docker v23.0.4-ce. Upstream release notes: ==== coreutils ==== Version update (9.2 -> 9.3) Subpackages: coreutils-doc - update to 9.3: Bug fixes: * cp --reflink=auto (the default), mv, and install will again fall back to a standard copy in more cases. Previously copies could fail with permission errors on more restricted systems like android or containers etc. [bug introduced in coreutils-9.2] * cp --recursive --backup will again operate correctly. Previousy it may have issued "File exists" errors when it failed to appropriately rename files being replaced. [bug introduced in coreutils-9.2] * date --file and dircolors will now diagnose a failure to read a file. Previously they would have silently ignored the failure. [This bug was present in "the beginning".] * md5sum --check again correctly prints the status of each file checked. Previously the status for files was printed as 'OK' once any file had passed. This also applies to cksum, sha*sum, and b2sum. [bug introduced in coreutils-9.2] * wc will now diagnose if any total counts have overflowed. [This bug was present in "the beginning".] * `wc -c` will again correctly update the read offset of inputs. Previously it deduced the size of inputs while leaving the offset unchanged. [bug introduced in coreutils-8.27] * Coreutils programs no longer fail for timestamps past the year 2038 on obsolete configurations with 32-bit signed time_t, because the build procedure now rejects these configurations. [This bug was present in "the beginning".] Changes in behavior: * 'cp -n' and 'mv -n' now issue an error diagnostic if skipping a file, to correspond with -n inducing a nonzero exit status as of coreutils 9.2. Similarly 'cp -v' and 'mv -v' will output a message for each file skipped due to -n, -i, or -u. New features: * cp and mv now support --update=none to always skip existing files in the destination, while not affecting the exit status. This is equivalent to the --no-clobber behavior from before v9.2. - drop fix-reflink-fallback.patch (upstream). ==== desktop-file-utils ==== - suse-update-mime-defaults: * add support for MATE desktop * ensure C locale is set for sorting order * fix quoting of DESTDIR ==== dmidecode ==== Fix a potential regression: - use-read_file-to-read-from-dump.patch: Fix an old harmless bug which would prevent root from using the --from-dump option since the latest security fixes. ==== dnsmasq ==== - bsc#1209358, CVE-2023-28450, dnsmasq-CVE-2023-28450.patch: default maximum EDNS.0 UDP packet size should be 1232 ==== docbook-xsl ==== Version update (1.79.2 -> 1.79.2.1) * Raise version to 1.79.2.1 * Patch assembly/assemble.xsl Copy the missing xml:lang attribute to the result file. docbook-xsl-1.79.2-assembly-assemble.xsl.patch For details, see the docbook mailinglist: https://lists.oasis-open.org/archives/docbook/202304/msg00012.html ==== docker ==== Version update (20.10.23_ce -> 23.0.5_ce) Subpackages: docker-bash-completion - Update to Docker 23.0.5-ce. See upstream changelog online at . - Rebase patches: * cli-0001-docs-include-required-tools-in-source-tree.patch - Update to Docker 23.0.4-ce. See upstream changelog online at . bsc#1208074 - Rebase patches: * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch * 0003-bsc1073877-apparmor-clobber-docker-default-profile-o.patch - Renumbered patches: - 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch - Remove upstreamed patches: - 0005-bsc1183855-btrfs-Do-not-disable-quota-on-cleanup.patch - 0006-bsc1193930-vendor-update-golang.org-x-crypto.patch - 0007-bsc1200022-fifo.Close-prevent-possible-panic-if-fifo.patch - Backport to allow man pages to be built without internet access in OBS. + cli-0001-docs-include-required-tools-in-source-tree.patch ==== dolphin ==== Version update (22.12.3 -> 23.04.0) Subpackages: dolphin-part libdolphinvcs5 - Update to 23.04.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.04.0/ - Update to 23.03.90 * New feature release - Update to 23.03.80 * New feature release - Rebase patches: * dolphin-go_up.diff * 0001-Revert-Disallow-executing-Dolphin-as-root-on-Linux.patch ==== dracut ==== Version update (059+suse.368.g2e7ac134 -> 059+suse.375.gafb362e4) Subpackages: dracut-ima - Update to version 059+suse.375.gafb362e4: * fix(network-legacy): handle do_dhcp calls without arguments (bsc#1210640) fips=1 and separate /boot break s390x (bsc#1204478): * fix(fips): move fips-boot script to pre-pivot * fix(fips): only unmount /boot if it was mounted by the fips module * feat(fips): add progress messages * fix(fips): do not blindly remove /boot ==== ebook-tools ==== - Fix a crash when an itemref in the spine has no idref, see kde#466540. * add 0002-Avoid-crash-on-spine-itemref-without-idref.patch - Replace 0001-Avoid-crash-on-toc-navPoint-without-navLabel.patch with 0001-Avoid-crash-on-toc.ncx-navPoint-without-navLabel.patch ==== evolution-data-server ==== Version update (3.48.0 -> 3.48.1) Subpackages: libcamel-1_2-64 libebackend-1_2-11 libebook-1_2-21 libebook-contacts-1_2-4 libecal-2_0-2 libedata-book-1_2-27 libedata-cal-2_0-2 libedataserver-1_2-27 libedataserverui-1_2-4 - Update to version 3.48.1: + WebDAV Notes: Fallback to derive component summary from description. + CamelFilterDriver: Unset info's headers only when folder has summary. + Bugs fixed: - Camel: POP3's 'UTF8' command blocking login. - backends: React to destination URI changes. - Fails to refresh backend with offline changes and broken local cache state. - IMAPx: Ignore 'Permission denied' error on refresh. - libedataserver: Disable deprecation notice around e_flag_timed_wait. - Calendar: Change file backend discard_alarm() function. + Updated translations. ==== ffmpeg-5 ==== Version update (5.1.2 -> 5.1.3) Subpackages: libavcodec59 libavfilter8 libavformat59 libavutil57 libpostproc56 libswresample4_ff5 libswscale6 - Update to version 5.1.3: * avcodec/012v: Order operations for odd size handling * avcodec/alsdec: - Check bits left before block decoding in non multi channel coding loop - The minimal block is at least 7 bits * avcodec/atrac3plus: reorder channels to match the output layout * avcodec/audiotoolboxenc: return AVERROR_EXTERNAL immediately when encode error * avcodec/bink: - Avoid undefined out of array end pointers in binkb_decode_plane() - Fix off by 1 error in ref end * avcodec/eac3dec: avoid float noise in fixed mode addition to overflow * avcodec/eatgq: : Check index increments in tgq_decode_block() * avcodec/escape124: - Fix signdness of end of input check - Fix some return codes * avcodec/ffv1dec: - Check that num h/v slices is supported - Fail earlier if prior context is corrupted * avcodec/ffv1dec: restructure slice coordinate reading a bit * avcodec/h274: fix include * avcodec/libjxldec: - Fix gamma22 and gamma28 recognition - Avoid hard failure with unspecified primaries * avcodec/mjpegenc: take into account component count when writing the SOF header size * avcodec/mlpdec: Check max matrix instead of max channel in noise check * avcodec/motionpixels: Mask pixels to valid values * avcodec/mpeg12dec: - Check input size - Use init_get_bits8 and check the return value * avcodec/nvenc: fix vbv buffer size in cq mode * avcodec/pictordec: Remove mid exit branch * avcodec/pngdec: - Check deloco index more exactly - Dont skip/read chunk twice * avcodec/rpzaenc: stop accessing out of bounds frame * avcodec/scpr3: Check bx * avcodec/scpr: Test bx before use * avcodec/smcenc: stop accessing out of bounds frame * avcodec/snowenc: Fix visual weight calculation * avcodec/speedhq: Check buf_size to be big enough for DC * avcodec/speexdec: Check channels > 2 * avcodec/sunrast: Fix maplength check * avcodec/tests/snowenc: - Fix 2nd test - Return a failure if DWT/IDWT mismatches - Unbreak DWT tests * avcodec/tiff: Ignore tile_count * avcodec/utils: - Allocate a line more for VC1 and WMV3 - Ensure linesize for SVQ3 - Use 32pixel alignment for bink * avcodec/videodsp_template: Adjust pointers to avoid undefined pointer things * avcodec/wavpack: - Avoid undefined shift in get_tail() - Check for end of input in wv_unpack_dsd_high() * avcodec/xpmdec: Check size before allocation to avoid truncation * avcodec/aacdec: fix parsing streams with channel configuration 11 * avformat/id3v2: Check taglen in read_uslt() * avformat/mov: Check samplesize and offset to avoid integer overflow * avformat/mxfdec: Use 64bit in remainder * avformat/replaygain: avoid undefined / negative abs * avformat/vividas: Check packet size * avutil/tx: Use unsigned in ff_tx_fft_sr_combine() to avoid undefined behavior * hwcontext_vulkan: remove optional encode/decode extensions from the list * lavf/async: Fix ring_write return value * lavu/vulkan: fix handle type for 32-bit targets * libswscale: force a minimum size of the slide for bayer sources * swscale/input: Use more unsigned intermediates * swscale/output: - Bias 16bps output calculations to improve non overflowing range - Bias 16bps output calculations to improve non overflowing range for GBRP16/GBRPF32 * swscale: aarch64: Fix yuv2rgb with negative strides * Use https for repository links * vulkan: Fix win/i386 calling convention - Rebase patches with quilt. - Drop ffmpeg-CVE-2022-3964.patch: Fixed upstream. - Drop no-vk-video-decoding.patch: Upstream removed this optional code. - Use ldconfig_scriptlets macro. ==== ffmpegthumbs ==== Version update (22.12.3 -> 23.04.0) - Update to 23.04.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.04.0/ - Update to 23.03.90 * New feature release - Update to 23.03.80 * New feature release ==== filelight ==== Version update (22.12.3 -> 23.04.0) - Update to 23.04.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.04.0/ - Update to 23.03.90 * New feature release - Update to 23.03.80 * New feature release ==== firewalld ==== Version update (1.3.1 -> 1.3.2) Subpackages: firewalld-bash-completion python3-firewall - update to 1.3.2: * test(container): add centos9-stream (b7bb3d0) * test(functions): iptables: normalize protocols to numeric values (33a1b16) * test(functions): ip6tables: normalize opt field output (eeac39c) ==== freetype2 ==== - Fix license tag to FTL and GPL-2.0-only. ==== gcc13 ==== Version update (13.0.1+git7162 -> 13.0.1+git7231) Subpackages: cpp13 libgcc_s1 libgfortran5 libgomp1 libobjc4 libstdc++6 libstdc++6-pp libubsan1 - Bump to f980561c60b0446cc427595198d7f3f4f90e0924, git7231. * fixes compile-time issue reported in [bsc#1210557] * GCC 13.1 RC3 - Disable building the rust frontend. ==== ghostscript ==== Subpackages: ghostscript-x11 - Replace BuildRequire on xorg-x11-devel by pkgconfig(...) ==== git ==== Version update (2.40.0 -> 2.40.1) - git 2.40.1: * CVE-2023-25652: By feeding specially crafted input to git apply - -reject, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). * CVE-2023-25815: When Git is compiled with runtime prefix support and runs without translated messages, it still used the gettext machinery to display messages, which subsequently potentially looked for translated messages in unexpected places. This allowed for malicious placement of crafted messages. * CVE-2023-29007: When renaming or deleting a section from a configuration file, certain malicious configuration values may be misinterpreted as the beginning of a new configuration section, leading to arbitrary configuration injection. ==== glib2 ==== Version update (2.76.1 -> 2.76.2) Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 - Update to version 2.76.2: + Fixed various build failures in less common setups + Fix launching files in Windows via GtkFileLauncher + Bugs fixed: - GMarkupParser documentation completion - Disagreement between runtime and docs on whether interfaces are "classed" - gdbus-example-proxy-subclass.c is not complete - GAppInfoMonitor documentation deficiencies - Check for __kernel_long_t when enabling futex() - Documentation mentions non-existing function `g_value_free` - Not clear that GPollableInputStream methods are undefined if can_poll() returns FALSE - Missing docs for GOption (commandline parser) - GDebugControllerDBus wrong default in documentation - Probably wrong information regarding G_PLATFORM_WIN32 in README.win32.md - Multiple Definition Error When Generating gio/tests/test5.gresource - user docs: GLib.DateTime.format: broken highlighting - GtkFileLauncher: generated paths not recognized on Win32 - Build failed due to NULL pointer redefinition in C++ - Build randomly fails with: 'gmodule/gmodule-visibility.h' file not found - unicode: add tests for g_utf8_normalize() and empty strings - build: Drop old .gitignore files from test directories - tools: Drop check-abis.sh script - docs: Drop section about default branch renaming from README.md - tests: Update Unicode normalisation tests from Unicode 15 - Make clang++ happier when using G_STATIC_ASSERT - gwin32: Avoid use of function call with side effect in g_return_* macro - gsignal: Clarify documentation for GSignalMatchType matching + Updated translations. - Add mate-mimeapps.list for MATE-specific MIME associations generated by suse-update-mime-defaults ==== gnome-branding-MicroOS ==== Version update (20230323 -> 20230420) - Remove unneeded cleanup of desktop drop-in - 20230420 - Correct location for Desktop drop-in config - Clean up invalid desktop drop-in file - 20230419 ==== gnome-control-center ==== Version update (44.0+20 -> 44.1) Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-user-faces - Update to version 44.1: + Common: - Update hostname only after apply is clicked. - Add widget name and css class to CcIllustratedRow and CcSplitRow. + Color: Do not try to access to null pointer in destruction. + Date & Time: Fix NTP switch getting out of sync. + Display: - Allow configuring all monitors and apply settings at once. - Disconnect config manager changed handler. - Don't leak config manager proxy. + Network: Fix crash when removing a connection. + Region: Fix label of formats for the login screen. + Sharing: Fix network row visible name bug. + Shell: Add workaround to make disabled pictures are painted as such. + Sound: - Prevent duplicate sound device entries. - Revert accidental libgvc downgrade. + Updated translations. - Drop gnome-control-center-fix-6f1567f23.patch: Fixed upstream. ==== gnome-shell ==== Version update (44.0+42 -> 44.1) Subpackages: gnome-extensions gnome-shell-calendar - Update to version 44.1: + Add section title in background apps menu. + Fix visibility of xembed icons. + Fix placeholder alignment in bluetooth menu. + Fix recording screenshots in recent items. + Fix reloading extensions on version-validation changes. + Fix force-enabling animations at runtime. + Fix stuck session after logout dialog timeout. + Fix window screenshots with pointer. + Only show network subtitles if they don't match the title. + Fix constructing QuickMenuToggles with icon-name. + Fix accessible names in VPN menu. + Don't fail extracting extensions without schemas. + Fixes and improvements to the light theme variant. + Improve accessible name of wireless menu items. + Use consistent naming for "Power Mode" toggle. + Fix support for transparent colors in symbolic SVGs. + Fix notifications getting stuck indefinitely. + Fix keynav of menu-less buttons. + Fix corner cases when matching apps on StartupWmClass. + Fix occasional misalignment of search results. + Fix regression in content-type sniffing on autorun. + Fix building API documentation. + Fixed crash. + Plugged leak + Misc. bug fixes and cleanups + Updated translations. - Enable gtk_doc passed to meson again, build the docs. - Move file wrongly placed in the split out gnome-extensions sub-package. There is the gui app and there is the commandline binary. These two are destinct from one another. - Mark patch that needs rebase correctly. ==== gnome-software ==== Version update (44.0 -> 44.1) Subpackages: gnome-software-plugin-packagekit - Update to version 44.1: + Fix firmware updates state change after update. + Fix origin reference information for PackageKit apps. + Fix a crash after dismissing firmware update warning dialog. + Fix a crash on repo removal. + Updated translations. ==== gnome-user-docs ==== Version update (44.0 -> 44.1) - Update to version 44.1: + Updates to GNOME Help. + Updated translations. ==== gpgme ==== Version update (1.19.0 -> 1.20.0) Subpackages: libgpgme11 libgpgmepp6 python310-gpg - Update to 1.20.0: * On Windows, the gettext functions provided by gpgrt are switched into utf8 mode, so that all localized texts returned by GpgME or gpgrt, e.g. the texts for error codes are now UTF-8 encoded. [T5960] * Key::canSign now returns false for OpenPGP keys without signing (sub)key. [T6456] * The new macOS Homebrew location is now by default supported. [T6440] * Fix regression in 1.19.0. * Fix invocation of gpgtar on Windows. * Interface changes relative to the 1.19.0 release: - gpgme_subkey_t EXTENDED: New field 'can_renc'. - gpgme_subkey_t EXTENDED: New field 'can_timestamp'. - gpgme_subkey_t EXTENDED: New field 'is_group_owned'. - cpp: Subkey::canRenc NEW. - cpp: Subkey::canTimestamp NEW. - cpp: Subkey::isGroupOwned NEW. - cpp: Key::canReallySign DEPRECATED. * Release-info: https://dev.gnupg.org/T6463 ==== grep ==== Version update (3.9 -> 3.10) - update to 3.10: * With -P, \d now matches only ASCII digits, regardless of PCRE options/modes. The changes in grep-3.9 to make ^H and \w work properly had the undesirable side effect of making \d also match e.g., the Arabic digits: ٠١٢٣٤٥٦٧٨٩. With grep-3.9, -P '\d+' would match that ten-digit (20-byte) string. Now, to match such a digit, you would use \p{Nd}. Similarly, \D is now mapped to [^0-9]. ==== grub2 ==== Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin - Exclude the deprecated EFI location, /usr/lib64/efi/, from Tumbleweed and ALP - Update TPM 2.0 key unsealing patches * Add the new upstreaming patches 0001-protectors-Add-key-protectors-framework.patch 0002-tpm2-Add-TPM-Software-Stack-TSS.patch 0003-protectors-Add-TPM2-Key-Protector.patch 0004-cryptodisk-Support-key-protectors.patch 0005-util-grub-protect-Add-new-tool.patch * Add the authorized policy patches based on the upstreaming patches 0001-tpm2-Add-TPM2-types-structures-and-command-constants.patch 0002-tpm2-Add-more-marshal-unmarshal-functions.patch 0003-tpm2-Implement-more-TPM2-commands.patch 0004-tpm2-Support-authorized-policy.patch * Drop the old patches 0010-protectors-Add-key-protectors-framework.patch 0011-tpm2-Add-TPM-Software-Stack-TSS.patch 0012-protectors-Add-TPM2-Key-Protector.patch 0013-cryptodisk-Support-key-protectors.patch 0014-util-grub-protect-Add-new-tool.patch fix-tpm2-build.patch tpm-protector-dont-measure-sealed-key.patch tpm-protector-export-secret-key.patch grub-unseal-debug.patch 0001-tpm2-adjust-the-input-parameters-of-TPM2_EvictContro.patch 0002-tpm2-declare-the-input-arguments-of-TPM2-functions-a.patch 0003-tpm2-resend-the-command-on-TPM_RC_RETRY.patch 0004-tpm2-add-new-TPM2-types-structures-and-command-const.patch 0005-tpm2-add-more-marshal-unmarshal-functions.patch 0006-tpm2-check-the-command-parameters-of-TPM2-commands.patch 0007-tpm2-pack-the-missing-authorization-command-for-TPM2.patch 0008-tpm2-allow-some-command-parameters-to-be-NULL.patch 0009-tpm2-remove-the-unnecessary-variables.patch 0010-tpm2-add-TPM2-commands-to-support-authorized-policy.patch 0011-tpm2-make-the-file-reading-unmarshal-functions-gener.patch 0012-tpm2-initialize-the-PCR-selection-list-early.patch 0013-tpm2-support-unsealing-key-with-authorized-policy.patch * Refresh grub-read-pcr.patch * Introduce a new build requirement: libtasn1-devel - Only package grub2-protect for the architectures with EFI support - Fix PowerVS deployment fails to boot with 90 cores (bsc#1208581) * 0001-kern-ieee1275-init-Convert-plain-numbers-to-constant.patch * 0002-kern-ieee1275-init-Extended-support-in-Vec5.patch ==== gssdp ==== - Update license tag to LGPL-2.1-or-later. ==== gstreamer-plugins-bad ==== Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0 - Only build build vo-amrwbenc plugin on openSUSE, vo-amrwbenc license is problematic for commercial use. - Add missing plugin in build_orig part of spec, BuildRequires already in place, just missing the built plugin in file section. ==== gtk3 ==== Version update (3.24.37 -> 3.24.37+68) Subpackages: gtk3-data gtk3-immodule-amharic gtk3-immodule-inuktitut gtk3-immodule-thai gtk3-immodule-tigrigna gtk3-immodule-vietnamese gtk3-schema gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0 - Update to version 3.24.37+68: + application: Clean up signal handlers + OLE2 DND: Check if move is supported + Address issue 5711 by checking that the context is not NULL + wayland: - Don't crash without xdg_activation_v1 - Don't crash on cursor size 0 + gdkscreen-wayland: Notify initial setting change from org.gtk.Settings + gdk: Swap Cairo calls when reading back from a GdkWindow + Updated translations. - Deprecate %gtk_immodule_(requires|post|postun) macros defined in the macros.gtk3 file. Since we are using RPM file triggers to provide their functionality, without nullifying them the commands will run twice, once by the file triggers and another time by the macros. ==== gtk4 ==== Version update (4.10.1 -> 4.10.3) Subpackages: gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0 - Do not build media playback when bootstrapping on Workbench. - Update to version 4.10.3: + Fix a popover positioning regression in 4.10.2. + Fix issues with slow loading files in the file chooser. - Update to version 4.10.2: + Holding control to select multiple files broken in filechooser + Inspector crash + Listbase doesn't account for bottom padding in size_allocate_child + Leaking AT contexts + OpenGL / Windows: Crash when closing gtk4-widget-factory + GTK apps crash on startup when setting cursor-size to 0 on Wayland + Segmentation fault: gdk_wayland_toplevel_set_startup_id() needs to null-check display->xdg_activation before using it + Possible use-after-free under gtk_scrolled_window_update_use_indicators() + Wrong error message in `gtk_init` + Segfault when scrolling after changing ListView model + Bluetooth panel from the Settings app: clicking in the "Downloads" link no longer opens Nautilus + Broadway docs or code is broken + Disabled GtkPicture's are not properly themed + Setting CSS padding to a GtkTextView gives the context menu an offset + A11y: the Showing state is used only for windows + Gtk4 expander: CSS nodes mismatch code vs. documentation + Invoking gtk inspector on a folder results in a crash + Double tap requires very precise touch input + Name autocompletion dropdown in the GTK4 FileChooser's Save dialog gets stuck, creates artifacts, jumps around + Links are not opened when xdg-desktop-portal OpenURI is not available + GtkSnapshot generates no nodes appending whitespace-only layouts + Updated translations. ==== gupnp ==== - Update license tag to LGPL-2.1-or-later. ==== gupnp-igd ==== - Disable meson_test during build, it randomly fails for all arches https://gitlab.gnome.org/GNOME/gupnp-igd/-/issues/3 ==== installation-images-MicroOS ==== Version update (17.81 -> 17.86) - merge gh#openSUSE/installation-images#644 - fix minor usrmerge issue - 17.86 - merge gh#openSUSE/installation-images#643 - usrmerge fixes in module config creation - allow firmware file names with spaces - add qrtr* kernel modules (bsc#1209965) - 17.85 - merge gh#openSUSE/installation-images#642 - adjust module config for kernel 6.3 - 17.84 - merge gh#openSUSE/installation-images#641 - add cpio-mt to spec file - 17.83 - merge gh#openSUSE/installation-images#640 - add mt to rescue system (bsc#1188998) - 17.82 ==== kaccounts-integration ==== Version update (22.12.3 -> 23.04.0) Subpackages: libkaccounts2 - Update to 23.04.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.04.0/ - Update to 23.03.90 * New feature release - Update to 23.03.80 * New feature release ==== kaccounts-providers ==== Version update (22.12.3 -> 23.04.0) - Update to 23.04.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.04.0/ - Update to 23.03.90 * New feature release - Update to 23.03.80 * New feature release ==== kate ==== Version update (22.12.3 -> 23.04.0) Subpackages: kate-plugins - Update to 23.04.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.04.0/ - Update to 23.03.90 * New feature release - Update to 23.03.80 * New feature release - Rebase patch: * 0001-Defuse-root-block.patch ==== kde-print-manager ==== Version update (22.12.3 -> 23.04.0) - Update to 23.04.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.04.0/ - Update to 23.03.90 * New feature release - Update to 23.03.80 * New feature release ==== kdegraphics-thumbnailers ==== Version update (22.12.3 -> 23.04.0) - Update to 23.04.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.04.0/ - Update to 23.03.90 * New feature release - Update to 23.03.80 * New feature release ==== kdenetwork-filesharing ==== Version update (22.12.3 -> 23.04.0) - Update to 23.04.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.04.0/ - Update to 23.03.90 * New feature release - Update to 23.03.80 * New feature release ==== kdialog ==== Version update (22.12.3 -> 23.04.0) - Update to 23.04.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.04.0/ - Update to 23.03.90 * New feature release - Update to 23.03.80 * New feature release ==== kernel-firmware ==== Version update (20230406 -> 20230427) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20230427 (git commit fab149657d8d): * Group all Conexant V4L devices together * rtl_nic: update firmware of USB devices * linux-firmware: Update firmware file for Intel Bluetooth AX200 * linux-firmware: Update firmware file for Intel Bluetooth AX201 * linux-firmware: Update firmware file for Intel Bluetooth AX203 * linux-firmware: Update firmware file for Intel Bluetooth AX203 * linux-firmware: Update firmware file for Intel Bluetooth AX211 * linux-firmware: Update firmware file for Intel Bluetooth AX211 * linux-firmware: Update firmware file for Intel Bluetooth AX210 * linux-firmware: update firmware for MT7981 * qca: Update firmware files for BT chip WCN6750 * mt76xx: Move the old Mediatek WiFi firmware to mediatek * rtl_bt: Add firmware and config files for RTL8851B * linux-firmware: Update AMD cpu microcode * linux-firmware: add firmware for MT7981 * linux-firmware: update firmware for MT7921 WiFi device * linux-firmware: update firmware for mediatek bluetooth chip (MT7921) * linux-firmware: update qat firmware * linux-firmware: Add firmware for Cirrus CS35L41 on Lenovo Laptops ==== kernel-source ==== Version update (6.2.10 -> 6.2.12) - Linux 6.2.12 (bsc#1012628). - nvme-pci: add NVME_QUIRK_BOGUS_NID for T-FORCE Z330 SSD (bsc#1012628). - nvme-pci: mark Lexar NM760 as IGNORE_DEV_SUBNQN (bsc#1012628). - cifs: fix negotiate context parsing (bsc#1012628). - i2c: ocores: generate stop condition after timeout in polling mode (bsc#1012628). - x86/rtc: Remove __init for runtime functions (bsc#1012628). - sched/fair: Fix imbalance overflow (bsc#1012628). - powerpc/papr_scm: Update the NUMA distance table for the target node (bsc#1012628). - i2c: mchp-pci1xxxx: Update Timing registers (bsc#1012628). - ubi: Fix deadlock caused by recursively holding work_sem (bsc#1012628). - ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size (bsc#1012628). - selftests: mptcp: userspace pm: uniform verify events (bsc#1012628). - mptcp: fix NULL pointer dereference on fastopen early fallback (bsc#1012628). - mptcp: stricter state check in mptcp_worker (bsc#1012628). - mptcp: use mptcp_schedule_work instead of open-coding it (bsc#1012628). - drm/amd/pm: correct SMU13.0.7 max shader clock reporting (bsc#1012628). - drm/amd/pm: correct SMU13.0.7 pstate profiling clock settings (bsc#1012628). - cgroup/cpuset: Add cpuset_can_fork() and cpuset_cancel_fork() methods (bsc#1012628). - cgroup/cpuset: Make cpuset_fork() handle CLONE_INTO_CGROUP properly (bsc#1012628). - cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() (bsc#1012628). - cgroup/cpuset: Fix partition root's cpuset.cpus update bug (bsc#1012628). - cgroup: fix display of forceidle time at root (bsc#1012628). - x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot (bsc#1012628). - PCI/MSI: Provide missing stub for pci_msix_can_alloc_dyn() (bsc#1012628). - PCI: Fix use-after-free in pci_bus_release_domain_nr() (bsc#1012628). - drm/amd/pm: correct the pcie link state check for SMU13 (bsc#1012628). - thermal: intel: Avoid updating unsupported THERM_STATUS_CLEAR mask bits (bsc#1012628). - scsi: ses: Handle enclosure with just a primary component gracefully (bsc#1012628). - net: phy: nxp-c45-tja11xx: fix unsigned long multiplication overflow (bsc#1012628). - net: phy: nxp-c45-tja11xx: add remove callback (bsc#1012628). - net: sfp: initialize sfp->i2c_block_size at sfp allocation (bsc#1012628). - HID: intel-ish-hid: Fix kernel panic during warm reset (bsc#1012628). - riscv: add icache flush for nommu sigreturn trampoline (bsc#1012628). - ksmbd: avoid out of bounds access in decode_preauth_ctxt() (bsc#1012628). - maple_tree: fix write memory barrier of nodes once dead for RCU mode (bsc#1012628). - tracing: Have tracing_snapshot_instance_cond() write errors to the appropriate instance (bsc#1012628). - tracing: Add trace_array_puts() to write into instance (bsc#1012628). - ACPI: resource: Add Medion S17413 to IRQ override quirk (bsc#1012628). - drm/amdgpu/gfx: set cg flags to enter/exit safe mode (bsc#1012628). - drm/amdgpu: Force signal hw_fences that are embedded in non-sched jobs (bsc#1012628). - drm/amdgpu: add mes resume when do gfx post soft reset (bsc#1012628). - wifi: iwlwifi: mvm: protect TXQ list manipulation (bsc#1012628). - wifi: iwlwifi: mvm: fix mvmtxq->stopped handling (bsc#1012628). - nvme: send Identify with CNS 06h only to I/O controllers (bsc#1012628). - asymmetric_keys: log on fatal failures in PE/pkcs7 (bsc#1012628). - verify_pefile: relax wrapper length check (bsc#1012628). - hwmon: (xgene) Fix ioremap and memremap leak (bsc#1012628). - hwmon: (peci/cputemp) Fix miscalculated DTS for SKX (bsc#1012628). - drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F (bsc#1012628). - ACPI: video: Add backlight=native DMI quirk for Acer Aspire 3830TG (bsc#1012628). - block: ublk_drv: mark device as LIVE before adding disk (bsc#1012628). - efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L (bsc#1012628). - i2c: hisi: Avoid redundant interrupts (bsc#1012628). - i2c: imx-lpi2c: clean rx/tx buffers upon new message (bsc#1012628). - wifi: mwifiex: mark OF related data as maybe unused (bsc#1012628). - selftests/bpf: Fix progs/find_vma_fail1.c build error (bsc#1012628). - power: supply: axp288_fuel_gauge: Added check for negative ... changelog too long, skipping 444 lines ... - commit 4e944ba ==== keylime ==== Version update (6.7.0 -> 7.0.0) Subpackages: keylime-config keylime-firewalld keylime-logrotate keylime-registrar keylime-tenant keylime-tpm_cert_store keylime-verifier python310-keylime - Remove the agent subpackage - Remove keylime_ima_emulator binary - Add keylime_create_policy and keylime_sign_runtime_policy - Update to version v7.0.0: * bump version to 7.0.0 * bump to version 6.8.0 * build-sys: Use comma-separated list for running multiple linters * tenant: Add brackets to ipv6 addresses when used in URL * registrar: Detect IPv6 addresses to bind to and set address_family * setup.cfg: use license_files instead of license_file * Do not run Packit tests on F38 * tests: Use Rust agent from COPR for e2e tests * tenant: Raise a UserError on status_code != 200 returned from server * Add missing test from keylime testsuite to e2e plan * tests: remove tpm2-tss downgrade as Fedora bug got fixed * da: non-zero exit code for attestation replay failures. * ca:CLI utilities (keylime_ca,keylime_tenant) read password from ca.conf * log: add a barebones log config in case configuration files not present * Fix typo * Use subtest in unittest. * create_policy: Strip newline from file path read from measurement list * create_policy: Validate policies against the JSON schema * create_policy: Clarify help text for IMA measurement list * create_policy: Add list of ignored keyrings after processing base policy * create_policy: Add support for adding an IMA exclude list to the policy * create_policy: Avoid duplicate entries in lists * codestyle: Annotate with RuntimePolicyType and adapt code * codestyle: Import urllib to make pyright happy * Introduce PathLike_str for older python versions * codestyle: Annotate create_policy.py and add to mypy * docs: Update docs to reflect renaming of create_policy tool * create_policy: Fix issues related to filelists-ext * Move create_policy to keylime/cmd and install as keylime_create_policy * Implement DSSE signature verification for runtime policies * tenant: Raise UserError on (add/update)runtimepolicy status codes 401 * tests: Split unittests into two runs to avoid issue * ima: Add a JSON schema for the runtime policy and use it on given policies * Implement DSSE policy signing tool * ima: Derive RUNTIME_POLICY_GENERATOR from enum.IntEnum * packit: use rust agent for e2e tests * services: remove agent systemd services * tests: remove unused code * tests: remove agent from config test * tpm_ek_ca: remove check_tpm_cert_store(..) function * tpm, measured boot: remove refrences to virtual TPMs * tpm: remove unsed variables and some refactoring * algorithms: remove unused from_algorithm method * mpypy, pyright: remove refrences to agent in ignores * config: remove refrences to agent * crypto: remove unused functions * secure_mount: removal * tpm: remove unsed functions * registar_client: remove functions only used by the agent * user_utils: removal * revocation notifier: remove zeroMQ client code * ca_util: remove listen command and related functions * revocation actions: remove all * ima emulator: full removal * agent: remove agent code * agentstates: rename tpm_clocking to tpm_clockinfo ==== khelpcenter5 ==== Version update (22.12.3 -> 23.04.0) - Update to 23.04.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.04.0/ - Update to 23.03.90 * New feature release - Update to 23.03.80 * New feature release ==== kio-extras5 ==== Version update (22.12.3 -> 23.04.0) Subpackages: libkioarchive5 - Update to 23.04.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.04.0/ - Update to 23.03.90 * New feature release - Update to 23.03.80 * New feature release ==== konsole ==== Version update (22.12.3 -> 23.04.0) Subpackages: konsole-part konsole-part-lang - Update to 23.04.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.04.0/ - Update to 23.03.90 * New feature release - Update to 23.03.80 * New feature release ==== kwalletmanager5 ==== Version update (22.12.3 -> 23.04.0) - Update to 23.04.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.04.0/ - Update to 23.03.90 * New feature release - Update to 23.03.80 * New feature release ==== libadwaita ==== Version update (1.3.1 -> 1.3.2) Subpackages: libadwaita-1-0 typelib-1_0-Adw-1 - Update to version 1.3.2: + AdwAvatar: Fix a memory leak + AdwMessageDialog: Fix criticals when using choose() with hide-on-close=true + AdwTabBar/Overview: Correctly unparent context menu + Build: Fix build on Windows + Demo: Fix a critical when trying to set a non-image file as avatar + Docs: - Remove an erroneous mention of mnemonics in row subtitles - Clarify AdwBanner title placement - Mention the version .large-title is deprecated since - Fix successs/error color values - List thumbnail colors on the named colors page + Stylesheet: - Improve selected list/grid item contrast - Fix file chooser grid dimensions - Fix button.card checked state + Updated translations. ==== libalternatives ==== Version update (1.2+3.b848aad -> 1.2+30.a5431e9) Subpackages: alts libalternatives1 - Update to version v1.2+30.a5431e9: (bsc#1191692) * Change license to less restrictive Apache 2.0 * doc: fixing a few typos * Adds option to display target executable only * Makefiles and cmake: rework for reproducible build * Improve Makefile * libalts_exec_default: fix memory leak on error condition * libalts_write_binary_configured_priority_to_file: fix memory leak * saveConfigData(): fix file descriptor leak in while loop error case * loadConfigData(): use goto exit label to prevent file descriptor leaks * libalts_load_available_binaries: use goto err: label to fix leaks * loadAlternativeForBinary: goto-assisted error handling to avoid leaks * checkGroupConsistencies(): explicitly ignore unused `flags` * lib: refactor error handling of findAltConfig() * utils: fix possible memory leaks on error conditions * docs: fix some typos and grammar * Update README.md * lib: generally open[at] with O_CLOEXEC * Fix logic in options parser * Add basic Makefile for buidling without cmake * Added description for options=KeepArgv0 * cmake: Express the dependency on CUnit correctly for building tests * cmake: Build and install CMake and PkgConfig files * cmake: Fix setup of shared linker flags * config.h: Fix the version to match the current latest tag ==== libcdio ==== - Add _multibuild definition: define the additional spec file as a 2nd flavor to build. ==== libcontainers-common ==== - Own /etc/containers/systemd and /usr/share/containers/systemd, useful for podman quadlet. ==== libedit ==== - libedit-hidden-symbols.patch: hide strlcpy and strlcat symbols * Both now part of POSIX, will appear in libc shortly. * Function names starting with ‘str’, ‘mem’, or ‘wcs’ followed by a lowercase letter are reserved. ==== libgphoto2 ==== Subpackages: libgphoto2-6 libgphoto2_port12 - libgphoto2-enable-vusb-ptp.patch: enable virtual PTP camera in vusb - added %bcond_with vusb in case anyone needs a test drive ==== libgudev ==== - Add 2 upstream bug fix patches: * 71b2fda04dd71c637361e8ead103980ad6f27ed5.patch: gudev: Fix newline stripping by always reading using udev. * 4216ecd4513bd4c8af73543817a51d6f72f166cc.patch: build: let meson handle gir, vala, gtk-doc dependencies - Use ldconfig_scriptlets macro. ==== libjxl ==== - Refresh 0001-Remove-LCMS-mutex.patch ==== libkdcraw ==== Version update (22.12.3 -> 23.04.0) - Update to 23.04.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.04.0/ - Update to 23.03.90 * New feature release - Update to 23.03.80 * New feature release ==== libkexiv2 ==== Version update (22.12.3 -> 23.04.0) - Update to 23.04.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.04.0/ - Update to 23.03.90 * New feature release - Update to 23.03.80 * New feature release ==== libmbim ==== Version update (1.26.4 -> 1.28.4) Subpackages: libmbim-glib4 mbimcli-bash-completion - Update to version 1.28.4: + libmbim-glib: - Fixed context type conversions to consider all possible APN types. - Duplicate UTF-16 strings during processing to avoid alignment issues. - Changes from version 1.28.2: + libmbim-glib: fixed validation of complete fragments to avoid reading out of bounds. + mbim-proxy: added --verbose-full flag to allow printing logs with personal info included. - Changes from version 1.28: + This version includes support for most operations in MBIM Extensions v2 (for 5G NSA) and v3 (for 5G SA). The enabling of the updated extensions requires the user of the library to explicitly request what version wants to be used, via the new 'MBIM_DEVICE_OPEN_FLAGS_MS_MBIMEX_V2' or 'MBIM_DEVICE_OPEN_FLAGS_MS_MBIMEX_V3' flags in the device open request. Please note that if one process enables the v2 or v3 support, it will apply to operations done by other processes as well. When using the proxy, the current version support is propagated to all clients of the proxy automatically. + The verbose message logging will now by default hide all fields that are considered personal information. Extended message logging including all field contents should be explicitly requested. + Build: - The GNU autotools (autoconf/automake/libtool) support has been fully removed, this release requires the use of the meson build system. - The 'instrospection' meson option is now a boolean. - New boolean 'man' meson option to allow disabling the man page generation. + Extended the Basic Connect service, including the following operations: - MBIM_CID_BASIC_CONNECT_REGISTER_STATE (MBIMEx v2.0) - MBIM_CID_BASIC_CONNECT_PACKET_SERVICE (MBIMEx v2.0) - MBIM_CID_BASIC_CONNECT_SIGNAL_STATE (MBIMEx v2.0) - MBIM_CID_BASIC_CONNECT_SUBCRIBER_READY_STATUS (MBIMEx v3.0) - MBIM_CID_BASIC_CONNECT_PACKET_SERVICE (MBIMEx v3.0) - MBIM_CID_BASIC_CONNECT_CONNECT (MBIMEx v3.0) - MBIM_CID_BASIC_CONNECT_IP_PACKET_FILTERS (MBIMEx v3.0) + Extended the Microsoft-defined Basic Connect Extensions service, including the following operations: - MBIM_CID_MS_BASIC_CONNECT_EXTENSIONS_LOCATION_INFO_STATUS (MBIMEx v1.0) - MBIM_CID_MS_BASIC_CONNECT_EXTENSIONS_PROVISIONED_CONTEXTS (MBIMEx v1.0) - MBIM_CID_MS_BASIC_CONNECT_EXTENSIONS_BASE_STATIONS_INFO (MBIMEx v1.0) - MBIM_CID_MS_BASIC_CONNECT_EXTENSIONS_VERSION (MBIMEx v2.0) - MBIM_CID_MS_BASIC_CONNECT_EXTENSIONS_DEVICE_CAPS (MBIMEx v3.0) - MBIM_CID_MS_BASIC_CONNECT_EXTENSIONS_MODEM_CONFIGURATION (MBIMEx v3.0) - MBIM_CID_MS_BASIC_CONNECT_EXTENSIONS_REGISTRATION_PARAMETERS (MBIMEx v3.0) - MBIM_CID_MS_BASIC_CONNECT_EXTENSIONS_LTE_ATTACH_INFO (MBIMEx v3.0) - MBIM_CID_MS_BASIC_CONNECT_EXTENSIONS_BASE_STATIONS_INFO (MBIMEx v3.0) - MBIM_CID_MS_BASIC_CONNECT_EXTENSIONS_WAKE_REASON (MBIMEx v3.0) + Extended the Microsoft-defined UICC Low Level Access service, including the following operations: - MBIM_CID_MS_UICC_LOW_LEVEL_ACCESS_APPLICATION_LIST - MBIM_CID_MS_UICC_LOW_LEVEL_ACCESS_FILE_STATUS - MBIM_CID_MS_UICC_LOW_LEVEL_ACCESS_READ_BINARY - MBIM_CID_MS_UICC_LOW_LEVEL_ACCESS_READ_RECORD + New Microsoft-defined Voice Extensions service, including the following operations: MBIM_CID_MS_VOICE_EXTENSIONS_NITZ + Extended the Intel-defined Firmware Update service, including the following operations: MBIM_CID_INTEL_FIRMWARE_UPDATE_MODEM_REBOOT (MBIMEx v2.0) + New Intel-defined Thermal RF service, including the following operations: MBIM_CID_INTEL_THERMAL_RF_RFIM + Extended the QDU service, including the following operations: - MBIM_CID_QDU_QUECTEL_REBOOT - MBIM_CID_QDU_QUECTEL_READ_VERSION + libmbim-glib: - Updated the net link operations to support devices exposed by the wwan subsystem. - New mbim_message_get_printable_full() method to print the contents of a given message specifying the specific MBIMEx version in use. - New mbim_message_validate() method to validate the contents of the headers in a MBIM message, to be used before accessing its contents. - Updated all MbimMessage getters so that an implicit validation is done in the g_return_* macros. This validation will not be done if those macros are disabled during build. - New MBIM_DEVICE_CONSECUTIVE_TIMEOUTS signal in the MbimDevice to report the number of consecutive MBIM request timeouts detected. - New mbim_device_[get|set|check]_ms_mbimex_version() methods to manage the MBIMEx version support in the MbimDevice. - New MBIM_DEVICE_OPEN_FLAGS_MS_MBIMEX_[V2|V3] flags in mbim_device_open_full() to allow enabling MBIMEx v2.0 or v3.0 support. ... changelog too long, skipping 95 lines ... + 0002-intel-tools-new-service-trace-config.patch ==== libmtp ==== Version update (1.1.20 -> 1.1.21) Subpackages: libmtp-udev libmtp9 - updated to 1.1.21 release Bugs fixed: - Fix LIBMTP_STORAGE_SORTBY_MAXSPACE not working (copy-paste mistake) - fix warnings regarding mismatched parameter docs - fix comment above sort_storage_bysort_storage_by - Revert "ptp_pack_string: check string length for no iconv situation" - remove dependency on ptp.h - fixed paste error vendor/product id - libusb-glue: check return value of ptp_init_send_memory_handler - ptp_pack_string: check string length for no iconv situation - ptp-pack: fix ucs2str overflow Features: - add a LIBMTP_FreeMemory function that wraps free() - added functions to get device by serial number - added serial number of device to output of 'mtp-files' - added optional serial number parameter to 'mtp-getfile' - added optional serial number parameter to 'mtp-delfile' - feat: Add LIBMTP_Get_Children() to read the list of raw IDs of a folder. - merge a patch from google https://source.chromium.org/chromiumos/chromiumos/codesearch/+/main:src/third_party/chromiumos-overlay/media-libs/libmtp/files/libmtp-1.1.20-10_remove_nexus_s_from_device_list.patch - several new devices added, some device renaming for consistency. ==== libpaper ==== Version update (2.0.10 -> 2.1.0) Subpackages: libpaper-tools libpaper2 - Update to 2.1.0: * This release reintroduces the old ‘paperconf’ utility, for backwards compatibility only. ==== libpng16 ==== - Fix license tag to libpng-2.0. ==== libqt5-qtbase ==== Version update (5.15.8+kde185 -> 5.15.9+kde151) Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 libqt5-qtbase-platformtheme-gtk3 - Update to version 5.15.8+kde329, rebased upstream: * QCborValue: fix incorrect to{Array,Map} when the value is empty * QMargins: fix a missing "full stop" in the docs * QLibrary: restore translated string * QLibrary: fix possible arg() format clobbering * iOS: Use python3 for enumerating test target devices * Android: Treat ACTION_CANCEL as TouchCancelEvent * Doc: Fix broken formatting * QFileSystemEngine: fix potential formatting error * QString::asprintf: check that passing field widths as arguments works * Backport recent QFlags tests * network: Fix typos in documentation * Fix accuracy with screen composition * Doc: Update documentation for QElapsedTimer's in Windows * Document that QStandardPath::findExecutable works with absolute paths * macOS: Use native resize cursors for diagonal resize * Fix clipped glyphs in text rendering of QGraphicsTextItem * Change comparison data type to fix int overflow * Add missing Q_WEAK_OVERLOAD definition * Update QFileInfo docs to mention macOS aliases * Distinguish macOS aliases from normal symbolic links * Windows QPA: Fix frameless maximize on secondary screens * Rewrite tst_qdataurl as a data-driven test * Fix compilation for wasm * QIOSFileDialog/QIOSDocumentPickerController - handle dismissed view controller * Fix QDockWidget's dock area permissions after hovering * Fix C++20 ambiguous relational operators between QJsonValue{,Ref} * Android: make sure that orientationChange is reported after resize * Android: set all QScreen's geometry-related parameters together * Blacklist: test cases blacklisted in tst_QDBusConnection: * wasm: fix issue with passing username/password to network request * macOS: Pass multi arch flags when linking qmake * QCocoaFileDialogHelper: Always enable symlinks and aliases to directories * Android: terminate argv passed to main() with nullptr * Update bundled libjpeg-turbo to version 2.1.3 * ANGLE: Load the DirectX libraries from the system path directly * SQLite: Update SQLite to v3.37.2 * Fix compiler warnings about unused parameters * Fix getsockopt option_value initial initialization * Http2: Fix redirect-handling * Android A11Y: Fix value rounding * Android A11Y: Announce value together with element name when focused * Android A11Y: handle valueChanged events * tst_QSystemSemaphore: give proper path to test-helper * QNX: Silence compiler warning by initializing variable * Update LICENSE.QT-LICENSE-AGREEMENT * winrt appxmanifest: Properly replace VCLibs version for newer MSVC versions * QAbstractSocket: Don't pretend pause and resume is a stack * Gui: test also depends for clipboard feature * QDesktopServices: deprecate destroying URL handlers w/o explicit unsetUrlHandler() * macOS: Respect QMAKE_APPLE_DEVICE_ARCHS when building qmake * HTTP: Make redirect response parsing more generic * BLACKLIST: tst_QGlyphRun::mixedScripts for Ubuntu 20.04 * Android A11Y: populate child elements when constructing node info * Fix issue where readyRead() could happen after disconnected() * QStringView: add missing constexpr so we can use is_constant_evaluated * Use Android's View.generateViewId() for generating ids for views/surfaces * Remove documentation of non-existing QAccessible state * Doc: Fix snippet to match actual QFileInfo behavior * Android: Re-focus focused accessibility node after orientation change * Android A11Y: execute C++ code on main Qt thread * Android: extract parentId for hidden object in advance * xcb: Show valuator atom names properly in categorized logging * Android: replace stacktrace with debug message in search for setService * Better document attaching a QFutureWatcher to a started QFuture * doc: Update GenericDataLocation location on iOS * BLACKLIST test_Gestures tests for RHEL-8.4 * QPlainTestLogger: do not print "failure location" if there's no failure * QAbstractItemView: do not access invalid model indices (3/N) * Win32: always allow the event loop to be woken up by posted events * rhi: d3d11: Use __uuidof where we can * Don't QEXPECT_FAIL tst_QLineEdit::testQuickSelectionWithMouse on macOS ARM * Network: Emit authenticationRequired when using Ntlm * testlib: Disable window restoration on macOS in a non-persistent way * QAbstractItemView: do not access invalid model indices (2/N) * QAbstractItemView: do not access invalid model indices (1/N) * QAbstractItemView: code tidies * Update float16 part of TestLib selftest * QGuiApplication: constant-initialize lastCursorPosition * Blacklist tst_QFileSystemWatcher::signalsEmittedAfterFileMoved on all Windows versions * [Android]: Handle the screen name, modes and refreshRate properly * QVersionNumber: remove the "pure" attribute from commonPrefix() * QEvent: initialize the static userEventTypeRegistry constexprly * Let QXcbGlxWindow::createVisual fallback to QXcbWindow::createVisual * Android A11Y: fix content update notification when object is hidden * Android: explicitly remove accessibility focus when element is hidden * BLACKLIST tst_qfont for Red Hat 8.4 and Ubuntu 20.04 * QtCore: includemocs * Fix memory leak in QtConcurrent::run when called with a NULL QThreadPool * INTEGRITY: Prevent deletion of virtual functions * QMake: replace a Q_ASSERT() with a Q_UNREACHABLE() * QTransform benchmark: measure what was promised * QStaticByteArrayMatcher: add a useful comment * QMacStyle: use the 'momentary push in' type for push buttons * qopengl.h: Move C header #include(s) out of the QT_NAMESPACE * Enable all supported 1.0 device features in QVulkanWindow * Fix queue passed to vkQueuePresent * QFusionStyle: don't draw an invalid outline for up/down buttons * Doc: Make QListIterator snippets more robust ... changelog too long, skipping 46 lines ... * QDateTime: Don't require c++17 ==== libqt5-qtdeclarative ==== Version update (5.15.8+kde22 -> 5.15.9+kde23) - Update to version 5.15.8+kde67, rebased upstream: * QQuickItem: Fix effective visibility for items without parent * Prevent crash when destroying asynchronous Loader * Quick Animations: Fix crash * qv4function: Fix crash due to reference being invalidated * Models: Avoid crashes when deleting cache items * QQuickState::when: handle QJSValue properties correctly * QQmlImportDatabase: Make sure the newly added import path be first * Revert "Fix missing glyphs when using NativeRendering" * Fix missing glyphs when using NativeRendering * Update the window cursor on mouse release * Blacklist: test cases blacklisted in tst_QQuickListView: * Blacklist: test cases blacklisted in tst_QQuickMultiPointTouchArea: * Fix crash with NativeRendering on RHI * A11Y: make QQuickText focusable for A11Y * QQuickWindow: improve docs for activeFocusItem * Doc: add example snippets for containmentMask * Fix typo in qquickdroparea/BLACKLIST for Ubuntu-20.04 * QQmlAdaptorModel: Do not use reparenting for lifetime managemment * Correctly handle QQuickState::when * CMake: Fix handling of empty qrc files with qtquickcompiler * CMake: Skip qtquickcompiler cmake test on macOS ARM * Fix indices alignment problem * Fix indentation in positioners example * doc: Fix QQuickItem point/rect mapping methods signatures * Instantiator: Do not load items when inactive * Doc: Fix QtQuick::Loader::item type * Doc: fix incorrect type name on focus page * icutils::Node: GCC 11 -Werror=maybe-uninitialized w/-fsanitize=undefined * tst_qquickimageprovider: fix some memleaks * Fix incorrect behavior after displace transition * Fix edge cases in arcTo * Don't blacklist tst_QQuickFramebufferObject::everything on b2qt * Use tree hash rather than commit hash in .tag file * Adjust default max call depth for QNX * Blacklist containsDrag_internal on Ubuntu 20.04 * QQmlLoggingCategory: Avoid unnecessary warnings from setters * Blacklist flakey tst_QPauseAnimationJob::multipleSequentialGroups on macOS * Assert that QQmlDelegateModel's count can't be less than zero * qml{plugindump|importscanner}: Don't mix std::cerr and std::wcerr * Treat unknown tablet device as stylus and create QTabletEvent * GridView: Set content position when changing cell size * QQuickItemViewTransitionAttached: Avoid dangling pointers * Bound animatorjob value to the given range - Commits dropped by the rebase: * Document that StyledText also supports   and " ==== libqt5-qtgraphicaleffects ==== Version update (5.15.8+kde0 -> 5.15.9+kde0) - Update to version 5.15.8+kde2, rebased upstream: * No code changes ==== libqt5-qtimageformats ==== Version update (5.15.8+kde9 -> 5.15.9+kde9) - Update to version 5.15.8+kde12, rebased upstream: * Update bundled libwebp to version 1.2.2 ==== libqt5-qtlocation ==== Version update (5.15.8+kde4 -> 5.15.9+kde5) - Update to version 5.15.8+kde7, rebased upstream: * No code changes ==== libqt5-qtmultimedia ==== Version update (5.15.8+kde3 -> 5.15.9+kde3) - Update to version 5.15.8+kde7, rebased upstream: * Fix duration() with very long media with gstreamer * Blacklist tst_QAudioOutput on macOS ARM ==== libqt5-qtquickcontrols ==== Version update (5.15.8+kde0 -> 5.15.9+kde0) - Update to version 5.15.8+kde2, rebased upstream: * No code changes ==== libqt5-qtquickcontrols2 ==== Version update (5.15.8+kde7 -> 5.15.9+kde5) Subpackages: libQt5QuickControls2-5 libQt5QuickTemplates2-5 - Update to version 5.15.8+kde11, rebased upstream: * SwipeView: don't cull every child item that gets added * AbstractButton: fix fast clicks being treated as double clicks ==== libqt5-qtsensors ==== Version update (5.15.8+kde0 -> 5.15.9+kde0) Subpackages: libQt5Sensors5 libQt5Sensors5-imports - Update to version 5.15.8+kde2, rebased upstream: * No code changes ==== libqt5-qtspeech ==== Version update (5.15.8+kde1 -> 5.15.9+kde1) Subpackages: libQt5TextToSpeech5 libqt5-qtspeech-plugin-speechd - Update to version 5.15.8+kde4, rebased upstream: * Fix QtSpeech example querying locales before initialising ==== libqt5-qtsvg ==== Version update (5.15.8+kde8 -> 5.15.9+kde7) - Update to version 5.15.8+kde10, rebased upstream: * No code changes ==== libqt5-qttools ==== Version update (5.15.8+kde1 -> 5.15.9+kde1) Subpackages: libqt5-qdbus libqt5-qtpaths - Update to version 5.15.8+kde10, rebased upstream: * qdoc: Fix assert on empty link target * macdeployqt: don’t err on unexpected otool output * Don't run qdoc tests if qdoc was not enabled during configure * CMake: Fix qt_create_translation to not remove .ts files on "clean" * lupdate: Support numeric literal separators * designer: Fix MSVC warning about returning address of local variable or temporary * Bump copyright year to 2022 ==== libqt5-qttranslations ==== Version update (5.15.8+kde0 -> 5.15.9+kde0) - Update to version 5.15.8+kde2, rebased upstream: * No code changes ==== libqt5-qtvirtualkeyboard ==== Version update (5.15.8+kde0 -> 5.15.9+kde0) Subpackages: libQt5HunspellInputMethod5 libQt5VirtualKeyboard5 libqt5-qtvirtualkeyboard-hunspell - Update to version 5.15.8+kde6, rebased upstream: * Fix activation of input panel when initial active focus is set * Blacklist: test cases blacklisted in inputpanel: * Blacklist more test_fullScreenModeSelectionHandles rows * Disable Windows IME when Qt Virtual Keyboard plugin is loaded ==== libqt5-qtwayland ==== Version update (5.15.8+kde63 -> 5.15.9+kde55) Subpackages: libQt5WaylandClient5 libQt5WaylandCompositor5 - Update to version 5.15.8+kde70, rebased upstream: * Don't keep eglConfig in hardwareintegration * Update the window geometry when changing decorations * Fix build with -no-feature-tabletevent * Fix wayland touch event to use time stamp from wayland compositor * wayland touch event to add key modifier ==== libqt5-qtwebchannel ==== Version update (5.15.8+kde3 -> 5.15.9+kde3) Subpackages: libQt5WebChannel5 libQt5WebChannel5-imports - Update to version 5.15.8+kde5, rebased upstream: * No code changes ==== libqt5-qtwebengine ==== - add python311-fixes.patch: * Fix build when python3 is python 3.11+ ==== libqt5-qtwebview ==== Version update (5.15.8+kde0 -> 5.15.9+kde0) Subpackages: libQt5WebView5 libQt5WebView5-imports - Update to version 5.15.8+kde3, rebased upstream: * Android: Enable local storage by default ==== libqt5-qtx11extras ==== Version update (5.15.8+kde0 -> 5.15.9+kde0) - Update to version 5.15.8+kde2, rebased upstream: * No code changes ==== libqt5-qtxmlpatterns ==== Version update (5.15.8+kde0 -> 5.15.9+kde0) Subpackages: libQt5XmlPatterns5 libqt5-qtxmlpatterns-imports - Update to version 5.15.8+kde2, rebased upstream: * No code changes ==== librsvg ==== Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0 - Update licence tag, there is no longer any Apache licensed code. - Use __rustflags macro and drop no longer needed rustflags global. ==== libsoup ==== Version update (3.4.0 -> 3.4.2) Subpackages: libsoup-3_0-0 typelib-1_0-Soup-3_0 - Update to version 3.4.2: + Revert changes to request cancellation. - Update to version 3.4.1: + Fix HTTP/2 on platforms with unsigned char. + Change request cancellation to be handled earlier. + Add names to GSources and source tags to GTasks to aid debugging. - Run meson_test macro for all arches. ==== libsrtp2 ==== - Enable running the regression tests: * Add libsrtp2-test-verbose.patch from the debian folks: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=460534 ==== libstorage-ng ==== Version update (4.5.96 -> 4.5.100) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#927 - fixed set_lockfile_root function - 4.5.100 - Translated using Weblate (Georgian) (bsc#1149754) - 4.5.99 - Translated using Weblate (Georgian) (bsc#1149754) - 4.5.98 - merge gh#openSUSE/libstorage-ng#926 - reimplemented transport detection for NVMe (bsc#1210144) - added tests for nvme parsers - 4.5.97 ==== libunistring ==== - Fix license tag to GPL-3.0-or-later or LGPL-3.0-or-later. ==== liburing ==== - Add 0001-test-file-verify.t-Don-t-run-over-mlock-limit-when-r.patch fixes test with kernel <= 5.16 (bsc#1209723) ==== libva ==== Subpackages: libva-drm2 libva-x11-2 libva2 - reintroduce propagate-dpy.patch (regression fix), since the issue still hasn't been fixed in libva-vdpau-driver ... ==== libva-gl ==== - reintroduce propagate-dpy.patch (regression fix), since the issue still hasn't been fixed in libva-vdpau-driver ... ==== libverto ==== - Add _multibuild to define 2nd spec file as additional flavor. Eliminates the need for source package links in OBS. ==== libxml2 ==== Version update (2.10.3 -> 2.10.4) Subpackages: libxml2-2 libxml2-tools - Remove unneeded dependency (bsc#1209918). - Update to version 2.10.4: + Security: - [CVE-2023-29469, bsc#1210412] Hashing of empty dict strings isn’t deterministic - [CVE-2023-28484, bsc#1210411] Fix null deref in xmlSchemaFixupComplexType - schemas: Fix null-pointer-deref in xmlSchemaCheckCOSSTDerivedOK + Regressions: - SAX2: Ignore namespaces in HTML documents - io: Fix “buffer full” error with certain buffer sizes ==== libxmlb ==== Version update (0.3.10 -> 0.3.11) - update to 0.3.11: * Add limited support for XPath 1.0 'in' (Richard Hughes) * Add support for zstd (Richard Hughes) * Do not assert() when decompressing invalid LZMA (Richard Hughes) ==== libyui ==== Version update (4.5.1 -> 4.5.2) - Qt UI: Fixed regression for icon loading (bsc#1210712) https://github.com/libyui/libyui/pull/100 - 4.5.2 ==== libyui-ncurses ==== Version update (4.5.1 -> 4.5.2) - Qt UI: Fixed regression for icon loading (bsc#1210712) https://github.com/libyui/libyui/pull/100 - 4.5.2 ==== libyui-ncurses-pkg ==== Version update (4.5.1 -> 4.5.2) - Qt UI: Fixed regression for icon loading (bsc#1210712) https://github.com/libyui/libyui/pull/100 - 4.5.2 ==== libyui-qt ==== Version update (4.5.1 -> 4.5.2) - Qt UI: Fixed regression for icon loading (bsc#1210712) https://github.com/libyui/libyui/pull/100 - 4.5.2 ==== libyui-qt-graph ==== Version update (4.5.1 -> 4.5.2) - Qt UI: Fixed regression for icon loading (bsc#1210712) https://github.com/libyui/libyui/pull/100 - 4.5.2 ==== libyui-qt-pkg ==== Version update (4.5.1 -> 4.5.2) - Qt UI: Fixed regression for icon loading (bsc#1210712) https://github.com/libyui/libyui/pull/100 - 4.5.2 ==== libzypp ==== Version update (17.31.10 -> 17.31.11) - MediaCurl: Fix endless loop if wrong credentials are stored in credentials.cat (bsc#1210870) Since libzypp-17.31.7 wrong credentials stored in credentials.cat may lead to an endless loop. Rather than asking for the right credentials, the stored ones are used again and again. - zypp.conf: Introduce 'download.connect_timeout' [60 sec.] (bsc#1208329) Maximum time in seconds that you allow the connection phase to the server to take. This only limits the connection phase, it has no impact once it has connected. (see also CURLOPT_CONNECTTIMEOUT) - commit: Try to provide /dev fs if not present (fixes #444) - fix build with boost 1.82. - version 17.31.11 (22) - fix build with boost 1.82 ==== lilv ==== Version update (0.24.12 -> 0.24.20) - Update to 0.24.20 * Switch to meson 0.24.20 changes: * Adopt REUSE machine-readable licensing standard * Update project metadata 0.24.18 changes: * Allow programs to be used from subproject * Fix default LV2_PATH 0.24.16 changes: * Fix fallback flock() detection on MacOS * Switch to meson build system 0.24.14 changes: * Fix build issues with newer toolchains * Fix unused parameter warnings * Update zix tree ==== llvm16 ==== Version update (16.0.1 -> 16.0.2) - Update to version 16.0.2. * This release contains bug-fixes for the LLVM 16.0.0 release. This release is API and ABI compatible with 16.0.0. - Rebase check-no-llvm-exegesis.patch. - Rebase llvm-do-not-install-static-libraries.patch. - Relax requirements for clang-tools to allow installation of older versions of libclang13 with the -devel package. (boo#1210176) - Enable ThinLTO for ARM 6/7/8 again. (boo#1178070) - bsc#1210383 - Add aarch64 to lldb platforms ==== makedumpfile ==== Version update (1.7.2 -> 1.7.3) - update to 1.7.3: * Support kernels up to v6.3 (x86_64) * Support sadump with 5-level paging - temporarily disable eppic until v5.0 branch can be supported ==== mdadm ==== - Fixes for mdmon to ensure it run at the right time in the fight mount namespace. This fixes various problems with IMSM raid arrays in 15-SP4 (bsc#1205493, bsc#1205830) - mdmon: fix segfault 0052-mdmon-fix-segfault.patch - util: remove obsolete code from get_md_name 0053-util-remove-obsolete-code-from-get_md_name.patch - mdmon: don't test both 'all' and 'container_name'. 0054-mdmon-don-t-test-both-all-and-container_name.patch - mdmon: change systemd unit file to use --foreground 0055-mdmon-change-systemd-unit-file-to-use-foreground.patch - mdmon: Remove need for KillMode=none 0056-mdmon-Remove-need-for-KillMode-none.patch - mdmon: Improve switchroot interactions. 0057-mdmon-Improve-switchroot-interactions.patch - mdopen: always try create_named_array() 0058-mdopen-always-try-create_named_array.patch - Improvements for IMSM_NO_PLATFORM testing 0059-Improvements-for-IMSM_NO_PLATFORM-testing.patch ==== microos-tools ==== Version update (2.20+git20230413.2a43cdb -> 2.21+git0) - Switch to obs_scm - Call autogen.sh so that it actually builds - Update to version 2.21+git0: * Release version 2.21 * 98selinux-microos: Work around overlayfs bug (bsc#1210690) * 98selinux-microos: Create .relabelled marker before relabelling ==== mobipocket ==== Version update (22.12.3 -> 23.04.0) - Update to 23.04.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.04.0/ - Update to 23.03.90 * New feature release - Update to 23.03.80 * New feature release ==== mozjs102 ==== - Add missing copyright in the spec to claim: + Frantisek Zatloukal's work from: https://src.fedoraproject.org/rpms/mozjs102/blob/rawhide/f/mozjs102.spec + Wolfgang Rosenauer's work from: https://build.opensuse.org/package/view_file/openSUSE:Leap:42.3/mozjs38/mozjs38.spec?expand=1 ==== mpfr ==== - Add mpfr-4.2.0-cummulative.patch, cummulative patches for mpfr 4.2.0: * A test of the thousands separator in tsprintf.c is based on the output from the GNU C Library up to 2.36, which is incorrect. * The mpfr_ui_pow_ui function has infinite loop in case of overflow. * The tfprintf and tprintf tests may fail in locales where decimal_point has several bytes, such as ps_AF. * In particular cases that are very hard to round, mpfr_rec_sqrt may yield a stack overflow due to many small allocations in the stack, based on alloca(). - Remove tests-tsprintf.patch that's included in the above set. ==== mutter ==== Version update (44.0+54 -> 44.1) - Update to version 44.1: + Fall back to the default, not the unknown color space. + Fix resizing windows via keyboard. + Fix possible screen freeze after resume with multiple monitors. + Fix anchor position when dragging window. + Fix applying XSettings to decorations on X11. + Allow clipped redraws for headless backend. + Improve screencast support. + Fix focus-on-click for server-side decorated windows. + Fix initial fullscreen state of server-side decorated windows. + Fix feedback loop triggering bursts of excessive CPU load. + Enable modifiers by default on non-native backend. + Check EDID for supported sink Colorimetry. + Fix artifacts in titlebars on some hardware. + Fix map transitions for X11 windows on wayland. + Fixed crashes. + Plugged leaks. + Misc. bug fixes and cleanups. + Updated translations. - Drop 2963.patch: Fixed upstream. ==== nautilus ==== Version update (44.0 -> 44.1) Subpackages: gnome-shell-search-provider-nautilus libnautilus-extension4 - Update to version 44.1: + Resolve some crashes. + Visual bugfixes: - Tweak style colors in view items - Show custom emblems from extensions again - Relayout SELinux property row - Flip switches correctly + Other bugfixes: - Disable some actions when not usefull - Fix dead characters handling in batch rename dialog - Fix crashes when rapidly opening and closing windows - Prevent location change when autofs timeouts - Fix issues with translations in libadwaita widgets - Drop workarounds for fixed GTK bugs - Fix other issues + Enhancements: - Dismiss toast on undo - Select right items after some operations - Paste into expanded folders - Allow extraction of .tar.zst and .zstd archives - Performance optimization + Updated translations. ==== ncurses ==== Version update (6.4.20230408 -> 6.4.20230418) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Fix get_version_number.sh to show version without suffix gz.asc - Add ncurses patch 20230418 (boo#1210485, (boo#1210434) + improve checks for limits on privileged execution: + modify _nc_syserr_abort() to use _nc_env_access(), rather than only checking root uid. + use getauxval() when available, to improve setuid/setgid checks. + modify test packages to disable root access/environ options. + modify tgoto() to accept no-parameter capabilities, for joe editor (OpenSUSE #1210485, Gentoo #904263). - Add signatures of the patches as well in patch tar ball - Add ncurses patch 20230415 (boo#1210485) + configure script fixes: + fix copy/paste error in configure option --disable-root-access (report/patch by Sven Joachim). + modify CF_XOPEN_SOURCE macro's amend default case to avoid undefining _XOPEN_SOURCE if _POSIX_C_SOURCE is defined. + modify test_tparm to account for extended capabilities. + add checks in tparm() and tiparm() for misuse of numeric parameters, overlooked in 20230408. + fix errata in clear.1 and curs_terminfo.3x ==== nfs-utils ==== Subpackages: libnfsidmap1 nfs-client - Update to version 2.6.3 - https://kernel.org/pub/linux/utils/nfs-utils/2.6.3/2.6.3-Changelog - Remove patches from this release: - 0006-nfsd-allow-server-scope-to-be-set-with-config-or-com.patch - 0007-mount.nfs-always-include-mountpoint-or-spec-if-error.patch - 0008-nfsd.man-fix-typo-in-section-on-scope.patch - Remove systemd/50-nfs.conf (was removed in upstream in d8d29f85) and the realted patch (bsc#1200710). 0005-modprobe-avoid-error-messages-if-sbin-sysctl-fail.patch. - New file /usr/lib/udev/rules.d/60-nfs.rules (which replaced in upstream systemd/50-nfs.conf in 9466df03). - Add fsidd: - /usr/lib/systemd/system/fsidd.service - /usr/lib/udev/rules.d/60-nfs.rules - /usr/sbin/fsidd ==== numactl ==== Version update (2.0.15.0.g01a39cb -> 2.0.16.21.g693fee1) Subpackages: libnuma1 - Update to version 2.0.16.21.g693fee1: * fix typo * Add fuzzer for OSS-Fuzz integration * numactl.c: Fix merging of neighboring pages' policies in dump_shm * memhog: Update memhog usage * feat: Add minimum permissions to makefile.yml * feat: Add minimum permissions to cut-release.yml * feat: Add minimum permissions to codeql.yml - jsc#PED-3367 - Remove unneeded defattr(root,root) statements from spec file from dmueller - Replace deletion of *.la files with a more general version from dmueller - Update to version 2.0.16.14.gc09fefd: * numactl.c: Remove unused variable * shm.c: Replace stat64/fstat64/ftruncate64mmap64 with normal functions * configure: Check for largefile support * numastat: Update system hugepages memory info from sysfs/node/hugepages directory * numastat: statistical errors occur when huge pages is used * fix wrong nodemask_sz when CONFIG_NODES_SHIFT is less than 5 * libnuma: clear errno at the end of numa_init * numastat: Add SwapCached to list of known fields in meminfo * numastat: Add SecPageTables to list of known fields in meminfo * numastat: Add ShadowCallStack to list of known fields in meminfo * numastat: Add FileHugePages/FilePmdMapped to list of known fields in meminfo * numactl: 'numactl --length=xxx --shm xxx -px' doesn't work * numactl: Fix shm verfiy for preferred policy * link with -latomic if needed (again ...) * Release numactl 2.0.16 * add cut-release github workflow (#142) * when preferred_many is not supported, fall back to preferred will report error. * fix the memory leak of numa_preferred api * build: Refactor autotools setup to store version in separate file * Revert "numademo: fix error on 32bit system" ==== openvpn ==== Version update (2.5.9 -> 2.6.3) Subpackages: openvpn-auth-pam-plugin - update to 2.6.3: * For full changelog please refer to: https://github.com/OpenVPN/openvpn/blob/v2.6.3/Changes.rst * implement byte counter statistics for DCO Linux (p2mp server and client) * implement byte counter statistics for DCO Windows (client only) * '--dns server address ...' now permits up to 8 v4 or v6 addresses * fix a few cases of possibly undefined behaviour detected by ASAN * add more unit tests for Windows cryptoapi interface * Dynamic TLS Crypt When both peers are OpenVPN 2.6.1+, OpenVPN will dynamically create a tls-crypt key that is used for renegotiation. This ensure that only the previously authenticated peer can do trigger renegotiation and complete renegotiations. * Keying Material Exporters (RFC 5705) based key generation * As part of the cipher negotiation OpenVPN will automatically prefer the RFC5705 based key material generation to the current custom OpenVPN PRF. This feature requires OpenSSL or mbed TLS 2.18+. * OpenVPN will now work with OpenSSL in FIPS mode. Note, no effort has been made to check or implement all the requirements/ recommendation of FIPS 140-2. This just allows OpenVPN to be run on a system that be configured OpenSSL in FIPS mode. * mlock will now check if enough memlock-able memory has been reserved, and if less than 100MB RAM are available, use setrlimit() to upgrade the limit. See Trac #1390. Not available on OpenSolaris. * The --peer-fingerprint option has been introduced to give users an easy to use alternative to the tls-verify for matching the fingerprint of the peer. The option takes use a number of allowed SHA256 certificate fingerprints. * When --peer-fingerprint is used, the --ca and --capath option become optional. This allows for small OpenVPN setups without setting up a PKI with Easy-RSA or similar software. * The --auth-user-pass-verify script supports now deferred authentication. * Both auth plugin and script can now signal pending authentication to the client when using deferred authentication. The new client-crresponse script option and OPENVPN_PLUGIN_CLIENT_CRRESPONSE plugin function can be used to parse a client response to a CR_TEXT two factor challenge. * The modernisation of defaults can impact the compatibility of OpenVPN 2.6.0 with older peers. The options --compat-mode allows UIs to provide users with an easy way to still connect to older servers. * OpenSSL 3.0 has been added. Most of OpenSSL 3.0 changes are not user visible but improve general compatibility with OpenSSL 3.0. - -tls-cert-profile insecure has been added to allow selecting the lowest OpenSSL security level (not recommended, use only if you must). OpenSSL 3.0 no longer supports the Blowfish (and other deprecated) algorithm by default and the new option --providers allows loading the legacy provider to renable these algorithms. * Ciphers in --data-ciphers can now be prefixed with a ? to mark those as optional and only use them if the SSL library supports them. * The --mssfix and --fragment options now allow an optional mtu parameter to specify that different overhead for IPv4/IPv6 should taken into account and the resulting size is specified as the total size of the VPN packets including IP and UDP headers. * Instead of allocating a connection for each client on the initial packet OpenVPN server will now use an HMAC based cookie as its session id. This way the server can verify it on completing the handshake without keeping state. This eliminates the amplification and resource exhaustion attacks. For tls-crypt-v2 clients, this requires OpenVPN 2.6 clients or later because the client needs to resend its client key on completing the hand shake. The tls-crypt-v2 option allows controlling if older clients are accepted. - Removed openvpn-fips140-2.3.2.patch ==== opus ==== Version update (1.3.1 -> 1.4) - Update to version 1.4: * Improved tuning of the Opus in-band FEC (LBRR). See the https://gitlab.xiph.org/xiph/opus/-/issues/2360 for details * Added a OPUS_SET_INBAND_FEC(2) option that turns on FEC, but does not force SILK mode (FEC will be disabled in CELT mode) * Improved tuning and various fixes to DTX * Added Meson support, improved CMake support - Change Source to new home on github. - Use autosetup, make_build and ldconfig_scriptlets macros. - Move AUTHORS and README docs to devel package. - Drop patches fixed upstream: * opus-Fix-celt-decoder-assertion-when-using-OPUS_CUSTOM.patch * opus-Silk-CNG-adapts-faster.patch * opus-Silk-fix-arm-optimization.patch ==== os-prober ==== - Properly handle /boot on btrfs without subvolumes (boo#1210467). * os-prober-fix-btrfs-boot-without-subvol.patch ==== pam ==== Version update (1.5.2 -> 1.5.2.90) - pam-extra: add split provide - pam-userdb: add split provide - Drop pam-xauth_ownership.patch, got fixed in sudo itself - Drop pam-bsc1177858-dont-free-environment-string.patch, was a fix for above patch - Use bcond selinux to disable SELinux - Remove old pam_unix_* compat symlinks - Move pam_userdb to own pam-userdb sub-package - pam-extra contains now modules having extended dependencies like libsystemd - Update to 1.5.3.90 git snapshot - Drop merged patches: - pam-git.diff - docbook5.patch - pam_pwhistory-docu.patch - pam_xauth_data.3.xml.patch - Drop Linux-PAM-1.5.2.90.tar.xz as we have to rebuild all documentation anyways and don't use the prebuild versions - Move all devel manual pages to pam-manpages, too. Fixes the problem that adjusted defaults not shown correct. ==== pam-config ==== Version update (2.4 -> 2.5) - Update to version 2.5 - Add skip_if option for pam_wtmpdb ==== pam-full-src ==== Version update (1.5.2 -> 1.5.2.90) - pam-extra: add split provide - pam-userdb: add split provide - Drop pam-xauth_ownership.patch, got fixed in sudo itself - Drop pam-bsc1177858-dont-free-environment-string.patch, was a fix for above patch - Use bcond selinux to disable SELinux - Remove old pam_unix_* compat symlinks - Move pam_userdb to own pam-userdb sub-package - pam-extra contains now modules having extended dependencies like libsystemd - Update to 1.5.3.90 git snapshot - Drop merged patches: - pam-git.diff - docbook5.patch - pam_pwhistory-docu.patch - pam_xauth_data.3.xml.patch - Drop Linux-PAM-1.5.2.90.tar.xz as we have to rebuild all documentation anyways and don't use the prebuild versions - Move all devel manual pages to pam-manpages, too. Fixes the problem that adjusted defaults not shown correct. ==== patterns-gnome ==== Subpackages: patterns-gnome-gnome_basic patterns-gnome-gnome_basis patterns-gnome-gnome_basis_opt patterns-gnome-sw_management_gnome - Delete archived applications (gnome-dictionary) - Remove gnome-screenshot recommendation (replaced by the new screenshot tool in gnome-shell >= 42) - Drop pidgin and planner Recommends from openSUSE, only install by default on SLED. Planner is no longer available on Tumbleweed. ==== patterns-microos ==== Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-base-microdnf patterns-microos-base-packagekit patterns-microos-base-zypper patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-desktop-common patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-ra_agent patterns-microos-ra_verifier patterns-microos-selinux patterns-microos-sssd_ldap - Relocate the below change to kernel-firmware-all and sof-firmware from base pattern to desktop-common - the requirement is for very broad hardware support Desktops, not ever MicroOS install - Add kernel-firmware-all and sof-firmware to the base pattern. This should ensure any MicroOS system can handle the various kinds/vendors of hardware out of the box, since those systems don't use package recommendation/supplementation (boo#1184767, boo#1210483). - Add missing gtk4-branding-openSUSE requirement (GTK2 and GTK3 are already being required). - Drop duplicated NetworkManager requirement from GNOME pattern. This is part of the base pattern which get's pulled in by any MicrOS system. - Move xdg-desktop-portal-gtk to the desktop common pattern. Both GNOME and KDE need it for proper theming of GTK-based flatpak apps. ==== perl-Bootloader ==== Version update (0.941 -> 1.0) - merge gh#openSUSE/perl-bootloader#143 - adjust Makefile for usrmerge and legacy package split - move obs spec file to git repo - split off old perl code to perl-Bootloader-legacy package - remove legacy part completely - 1.0 - merge gh#openSUSE/perl-bootloader#142 - use fw_platform_size to distinguish between 32 bit and 64 bit UEFI platforms (bsc#1208003) - 0.942 ==== plasma-branding-MicroOS ==== Version update (20230323 -> 20230420) - Remove unneeded cleanup of desktop drop-in - 20230420 - Correct location for Desktop drop-in config - Clean up invalid desktop drop-in file - 20230419 ==== plasma5-desktop ==== Subpackages: plasma5-desktop-emojier - Add patch to fix configuration of mouse acceleration with xf86-input-libinput >= 1.3.0 (kde#468217): * 0001-KCM-mouse-enable-compatibility-with-x11-libinput-1.3.patch ==== plymouth ==== Subpackages: libply-splash-core5 libply-splash-graphics5 libply5 plymouth-dracut plymouth-lang plymouth-plugin-label plymouth-plugin-two-step plymouth-scripts plymouth-theme-bgrt plymouth-theme-spinner - Update plymouth.spec: Change bootup terminal to default to satisfy Nvidia proprietary driver (bsc#1208726). ==== postfix ==== Version update (3.7.4 -> 3.8.0) - update to 3.8.0 * Support to look up DNS SRV records in the Postfix SMTP/LMTP client, Based on code by Tomas Korbar (Red Hat). For example, with "use_srv_lookup = submission" and "relayhost = example.com:submission", the Postfix SMTP client will look up DNS SRV records for _submission._tcp.example.com, and will relay email through the hosts and ports that are specified with those records. * TLS obsolescence: Postfix now treats the "export" and "low" cipher grade settings as "medium". The "export" and "low" grades are no longer supported in OpenSSL 1.1.1, the minimum version required in Postfix 3.6.0 and later. Also, Postfix default settings now exclude deprecated or unused ciphers (SEED, IDEA, 3DES, RC2, RC4, RC5), digest (MD5), key exchange algorithms (DH, ECDH), and public key algorithm (DSS). * Attack resistance: the Postfix SMTP server can now aggregate smtpd_client_*_rate and smtpd_client_*_count statistics by network block instead of by IP address, to raise the bar against a memory exhaustion attack in the anvil(8) server; Postfix TLS support unconditionally disables TLS renegotiation in the middle of an SMTP connection, to avoid a CPU exhaustion attack. * The PostgreSQL client encoding is now configurable with the "encoding" Postfix configuration file attribute. The default is "UTF8". Previously the encoding was hard-coded as "LATIN1", which is not useful in the context of SMTP. * The postconf command now warns for #comment in or after a Postfix parameter value. Postfix programs do not support #comment after other text, and treat that as input. - rebase/refresh patches * pointer_to_literals.patch * postfix-linux45.patch * postfix-master.cf.patch * postfix-ssl-release-buffers.patch * set-default-db-type.patch ==== power-profiles-daemon ==== Version update (0.12 -> 0.13) - Update to version 0.13: * Add support for the AMD P-State driver included in Linux 6.3 * Fix mismatched profiles on some HP laptops and some miscellaneous bug fixes. ==== protobuf ==== Subpackages: libprotobuf-lite3_21_12 libprotobuf3_21_12 python310-protobuf - Mention the rpmlintrc file in the spec. - Make possible to build on older systems, like SLE12 that miss some of the used macros. ==== protobuf-c ==== - Add protobuf-devel to devel package recommends as the binary there is required to actually generated protobuf headers. ==== publicsuffix ==== Version update (20230414 -> 20230426) - Update to version 20230426: * Update public_suffix_list.dat (#1747) * Update README.md - added link to sorting ==== python-Automat ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-Babel ==== - Make calling of %{sle15modernpython} optional. ==== python-Brotli ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-CommonMark ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-Jinja2 ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-MarkupSafe ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-PyJWT ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-PySocks ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-PyYAML ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-SQLAlchemy ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-Twisted ==== Subpackages: python310-Twisted python310-Twisted-tls - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-anyio ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-apipkg ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-async_timeout ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-attrs ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-blinker ==== - move documentation into the main package for SLE15 - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-certifi ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-cffi ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-click ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-configobj ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-constantly ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-cryptography ==== - add sle15_python_module_pythons (jsc#PED-68) ==== python-decorator ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-dnspython ==== - add sle15_python_module_pythons (jsc#PED-68) - add sle15_python_module_pythons (jsc#PED-68) ==== python-gevent ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-greenlet ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-h11 ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-h2 ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-hpack ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-httpcore ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-httpx ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-hyperframe ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-hyperlink ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-idna ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-incremental ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-iniconfig ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-jsonpatch ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-jsonpointer ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-jsonschema ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-lark ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-netifaces ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-numpy ==== - add sle15_python_module_pythons (jsc#PED-68) ==== python-oauthlib ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-pexpect ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-pip ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-psutil ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-ptyprocess ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-py ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-pyOpenSSL ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-pyasn1 ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-pyasn1-modules ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-pycares ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-pycparser ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-pycurl ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-pylibmc ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-pymemcache ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-pyrsistent ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-pyserial ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-python-dateutil ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-pytz ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-pyudev ==== - add sle15_python_module_pythons (jsc#PED-68) ==== python-requests-toolbelt ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-responses ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-rfc3986 ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-rich ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-service_identity ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-simplejson ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-sniffio ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-tornado6 ==== - add sle15_python_module_pythons (jsc#PED-68) ==== python-typing_extensions ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-urllib3 ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-zope.event ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== python-zope.interface ==== - add sle15_python_module_pythons (jsc#PED-68) - Make calling of %{sle15modernpython} optional. ==== qalculate ==== Version update (4.5.1 -> 4.6.1) Subpackages: libqalculate22 qalculate-data - Update to 4.6.1: * Do not automatically by default set prefix higher than kilo for meter, gram, higher than 1 (no prefix) for second and litre, or lower than 1 for byte and bit * Do not use recently introduced SI prefixes (R, Q, r, q) automatically by default * Do not set automatic prefix if resulting multiplier is less than 1 or greater than 1000, with some exceptions (e.g. km) * Default prefix unit property (use for gram, and few other units, instead of hard coded value) * Option to change symbols used for output of digits 10 and 11 in duodecimal numbers (use A and B as default digits) * Allow the same variable left and right of the equals sign (e.g. var=var+2), in variable assignment without colon, if the variable exists and the previous value is known * Use Unicode symbol for minus in scientific e notation * Do not show multiplier if exactly 1, in HTML output of scientific notation * Prefer Nm (torque) over J when the result is a vector with three components * Add "amp" abbreviation to ampere unit, and "thou" name for 1/1000 in (mil) * Fix unit order for Nm and Ws * Fix conversion from ounce (interpreted as fluid ounce) to litre with prefix * Fix automatic reactivation of global object after deletion of conflicting object * Fix parsing of scientific e notation when the number is extremely large and exponentiation fails because of floating point overflow * Fixes for output of scientific notation using number bases other than decimal * Fix prefix selection in denominator when multiplier is higher than the value of the largest prefix * Fix segfault in multisolve() * Don't show anything on empty input * Support "help [OPTION]" and "help set [OPTION]" command to display description for a single set option * Fix division and exponentiation of scalar by matrix/vector, e.g. 4./[8 4.5] * Improve parsing of element-wise operators with comma as decimal separator * Fix rref() with different units for different elements * Fix segfault with empty vector in uncertainty calculation * Fix segfault trying to solve cbrt(x)^(1/3)-x=0 * Fix segfault in handling of vector variable with uncertainty * Fix internal id does not exist error * Fix erroneous simplification of sin(x)^2*y-cos(x)sin(x)^2y * Do not try to calculate norm() and magnitude() for matrices * Fix some memory leaks * Fix order of argument titles in csum() function ==== raspberrypi-firmware ==== Version update (2023.03.22 -> 2023.04.25) - Update to 543692d23 (2023-04-25): * firmware: arm_loader: Set local-bd-address if 6 zeroes found * firmware: arm_loader: Really check for a zero local-bd-address See: raspberrypi/linux#5437 * firmware: arm_dt: Don't overwrite existing i2c aliases See: raspberrypi/linux#5428 * firmware: arm_loader: Reduce CMA warning severity See: #1807 ==== raspberrypi-firmware-config ==== Version update (2023.03.22 -> 2023.04.25) - Update to 543692d23 (2023-04-25): * firmware: arm_loader: Set local-bd-address if 6 zeroes found * firmware: arm_loader: Really check for a zero local-bd-address See: raspberrypi/linux#5437 * firmware: arm_dt: Don't overwrite existing i2c aliases See: raspberrypi/linux#5428 * firmware: arm_loader: Reduce CMA warning severity See: #1807 ==== runc ==== Version update (1.1.6 -> 1.1.7) - Update to runc v1.1.7. Upstream changelog is available from . - Update runc.keyring to upstream version. ==== sddm ==== Subpackages: sddm-branding-openSUSE - Add patch to fix delays on shutdown (boo#1210391): * 0001-Avoid-starting-a-new-session-on-exit.patch ==== selinux-policy ==== Version update (20230321 -> 20230425) Subpackages: selinux-policy-targeted - Update to version 20230425: * Remove unneeded manage_dirs_pattern for lastlog_t (bsc#1210461) * Add policy for wtmpdb (bsc#1210717) - Update to version 20230425: * Add support for lastlog2 (bsc#1210461) * allow the chrony client to use unallocated ttys (bsc#1210672) - Update to version 20230420: * libzypp creates temporary files in /var/adm/mount. Label it with rpm_var_cache_t to prevent wrong labels in /var/cache/zypp * only use rsync_exec_t for the rsync server, not for the client (bsc#1209890) * properly label sshd-gen-keys-start to ensure ssh host keys have proper labels after creation * Allow dovecot-deliver write to the main process runtime fifo files * Allow dmidecode write to cloud-init tmp files * Allow chronyd send a message to cloud-init over a datagram socket * Allow cloud-init domain transition to insights-client domain * Allow mongodb read filesystem sysctls * Allow mongodb read network sysctls * Allow accounts-daemon read generic systemd unit lnk files * Allow blueman watch generic device dirs * Allow nm-dispatcher tlp plugin create tlp dirs * Allow systemd-coredump mounton /usr * Allow rabbitmq to read network sysctls * Allow certmonger dbus chat with the cron system domain * Allow geoclue read network sysctls * Allow geoclue watch the /etc directory * Allow logwatch_mail_t read network sysctls * allow systemd_resolved_t to bind to all nodes (bsc#1200182) * Allow insights-client read all sysctls * Allow passt manage qemu pid sock files * Allow sssd read accountsd fifo files * Add support for the passt_t domain * Allow virtd_t and svirt_t work with passt * Add new interfaces in the virt module * Add passt interfaces defined conditionally * Allow tshark the setsched capability * Allow poweroff create connections to system dbus * Allow wg load kernel modules, search debugfs dir * Boolean: allow qemu-ga manage ssh home directory * Label smtpd with sendmail_exec_t * Label msmtp and msmtpd with sendmail_exec_t * Allow dovecot to map files in /var/spool/dovecot * Confine gnome-initial-setup * Allow qemu-guest-agent create and use vsock socket * Allow login_pgm setcap permission * Allow chronyc read network sysctls * Enhancement of the /usr/sbin/request-key helper policy * Fix opencryptoki file names in /dev/shm * Allow system_cronjob_t transition to rpm_script_t * Revert "Allow system_cronjob_t domtrans to rpm_script_t" * Add tunable to allow squid bind snmp port * Allow staff_t getattr init pid chr & blk files and read krb5 * Allow firewalld to rw z90crypt device * Allow httpd work with tokens in /dev/shm * Allow svirt to map svirt_image_t char files * Allow sysadm_t run initrc_t script and sysadm_r role access * Allow insights-client manage fsadm pid files * Allowing snapper to create snapshots of /home/ subvolume/partition * Add boolean qemu-ga to run unconfined script * Label systemd-journald feature LogNamespace * Add none file context for polyinstantiated tmp dirs * Allow certmonger read the contents of the sysfs filesystem * Add journalctl the sys_resource capability * Allow nm-dispatcher plugins read generic files in /proc - Add debug-build.sh script to make debugging without committing easier ==== serd ==== Version update (0.30.12 -> 0.30.16) - Update to 0.30.16 * Switch to meson * Add html documentation do devel 0.30.16 changes: * Add SERD_STATIC to pkg-config Cflags for static-only builds * Adopt REUSE machine-readable licensing standard * Allow programs to be used from subproject * Fix spelling mistake in serdi man page 0.30.14 changes: * Fix memory consumption when reading documents * Switch to Meson build system * Update README and project metadata - Installation path fix for documents: 001-serd-docdir.patch ==== setools ==== Version update (4.4.1 -> 4.4.2) - Update to version 4.4.2: * Make NetworkX optional. sedta and seinfoflow tools, along with the equivalent analyses in apol require NetworkX. * Remove neverallow options in sesearch and apol. These are not usable since they are removed in the final binary policy. - Drop make_networkx_optional.patch, now merged upstream ==== shadow ==== Subpackages: libsubid4 login_defs - bsc#1210507 (CVE-2023-29383): Check for control characters - Add shadow-CVE-2023-29383.patch ==== signon-kwallet-extension ==== Version update (22.12.3 -> 23.04.0) - Update to 23.04.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.04.0/ - Update to 23.03.90 * New feature release - Update to 23.03.80 * New feature release ==== snapper ==== Subpackages: libsnapper7 snapper-zypp-plugin - fixed deleting configs (bsc#1210716) ==== spectacle ==== Version update (22.12.3 -> 23.04.0) - Update to 23.04.0 * New feature release * For more details please see: * https://kde.org/announcements/gear/23.04.0/ - Update to 23.03.90 * New feature release - Update to 23.03.80 * New feature release ==== sratom ==== Version update (0.6.10 -> 0.6.14) - Switch to meson - Update to 0.6.14 * Add project metadata * Adopt REUSE machine-readable licensing standard 0.6.12 changes: * Switch to meson build system ==== systemd ==== Subpackages: libsystemd0 libudev1 systemd-coredump systemd-doc udev - Re-add back 'arabic' keymap mapping as YaST needs more time than expected to cope with this change. - systemd.spec: don't call %systemd_{pre,post} on units shipped by the main package since they don't have any effect during installation (systemctl is not yet installed when %pre script is executed). This is actually the reason why it's handled by the %%posttrans scripts of systemd-presets-common-SUSE. - kbd-model-map.legacy: 'arabic' vc keymap has been renamed 'ara' (bsc#1210702) - add some green to systemd-boot menu - kbd-model-map.legacy: drop some entries no longer needed by YaST (related to bsc#1194609) - tmpfiles-suse.conf (jsc#PED-3144): - Remove lastlog entry, replaced by lastlog2 - Remove btmp entry, not Y2038 safe ==== texlive-specs-n ==== - Map the upstream license fdl tag to newer GFDL-1.3.or-later (bsc#1210680) ==== tracker ==== Version update (3.5.0 -> 3.5.1) Subpackages: libtracker-sparql-3_0-0 tracker-data-files - Update to version 3.5.1: + Reintroduce order/distance independent handling of FTS terms. + Documentation improvements. + Do not prune too early content of failed batches for error processing purposes. ==== tracker-miners ==== Version update (3.5.0 -> 3.5.1) Subpackages: tracker-miner-files - Update to version 3.5.1: + The tracker-extract-3 service moved all SPARQL queries and updates to a GResource. Consistently uses TrackerSparqlStatement/TrackerResource for updates. + Fixes in uniquely identifying files in BTRFS subvolumes. + Ensure deletion of files lingering in content graphs. + Ensure correct nie:dataSource after moving files between indexed folders. + Optimize mass removal of deleted files found during initialization. + Documentation improvements for the miner services. + Do not let systemd spuriously start the tracker-extract-3 service. + Test suite fixes. ==== tuned ==== Version update (2.19.0.29+git.b894a3e -> 2.20.0.18+git.7b1a20b) - New polkit interface has been reviewed by security bsc#1185418 - Remove old outdated spec scripts before suse_version 1500 - Separate SAP and related profiles to not be installed in SLE 15 SPx and older, but add them with openSUSE (as before), ALP and upcoming SLE distros - Update to version tuned-2.20.0.18+git.7b1a20b * scheduler: fix traceback if running with runtime=0 * plugin_scheduler: fix perf fd leaks * Better log on unsupported hw for pm_qos_resume_latency_us option * fix-tuned-profiles-adoc-error * explicitly use /bin/bash for tuned scripts * set the icon in the about dialog * install dbus policy in /usr/share/dbus-1 * tuned-adm: better error message for unauthorized switch_profile * man: updated manual pages to be more consistent * spec: dropped unneeded ncat dependency * fix log error * Report reapplied sysctls only on different values * Fixing no _evlist attribute when run without daemon * fix 'is_active' does not work * new release (2.20.0-rc.1) * build: fixed FTBFS with python2 * Expose TuneD API to the Unix Domain Socket. * Inform users about reapplied sysctls * API: add support for moving devices between instances * throughput-performance: set net.core.somaxconn to at least 2048 * Adding support for cpu intel_pstate scaling driver * configparser: use no strict parser to mimic old behavior * Adding pm_qos_resume_latency_us option for cpu plugin.i * Makefile: added fix for python-3.12 * D-Bus: only send tracebacks through the D-Bus if in the debug mode * update vendor_url in policy file * correct section of the tuned-profiles-openshift manpage * Allow selecting a different pkg-config executable * fix tuned/gtk/gui_profile_loader.py spell error * bootloader: create bootcmdline even when skip_grub_config=true * profiles: added aws profile for aws ec2 instances * Closing fd from perf module in scheduler plugin ==== u-boot-rpiarm64 ==== Version update (2023.01 -> 2023.04) Subpackages: u-boot-rpiarm64-doc - Update ATF BL31 name for rk3288 as well - Update to 2023.04: * Full changelog available at: https://source.denx.de/u-boot/u-boot/-/compare/v2023.01...v2023.04 - Update to 2023.04-rc5: * Full changelog available at: https://source.denx.de/u-boot/u-boot/-/compare/v2023.01...v2023.04-rc5 * Patch queue updated from https://github.com/openSUSE/u-boot.git tumbleweed-2023.04 * Patches dropped: 0017-Bump-LMB_MAX_REGIONS-default-to-16.patch 0018-lmb-Treat-a-region-which-is-a-subse.patch ==== utempter ==== Version update (1.2.0 -> 1.2.1) - version update to 1.2.1 * utempter: relaxed host argument validation: it is now allowed to contain spaces except in the first character. - switch source from ftp to http ==== vim ==== Version update (9.0.1443 -> 9.0.1488) Subpackages: vim-data vim-data-common vim-small xxd - Updated to version 9.0.1488, fixes the following problems * Ending Insert mode when accessing a hidden prompt buffer. * Crash when passing NULL to setcmdline(). (Andreas Louv) * openSUSE: configure doesn't find the Motif library. (Tony Mechelynck) * Unnecessary checks for the "skip" flag when skipping. * Condition is always true. * Diff test fails on MacOS 13. * Test for prompt buffer is flaky. * Unnecessary redrawing when 'showcmdloc' is not "last". * Code using EVAL_CONSTANT is dead, it is never set. * Typos in source code and tests. * Code indenting is confused by macros. * C++ 20 modules are not recognized. * Shortmess test depends on order of test execution. * No regression test for what patch 9.0.1333 fixes. * Buffer overflow when expanding long file name. * Typo in name of type. * Insufficient testing for getcmdcompltype(). * Ruler not drawn correctly when using 'rulerformat'. * Recursively calling :defer function if it does :qa. * Virtual text truncation only works with Unicode 'encoding'. * Strace filetype detection is expensive. * Haiku build fails. * Cannot use an object member name as a method argument. * Jenkinsfiles are not recognized as groovy. * Recursively calling :defer function if it does :qa in a compiled function. * Deferred functions not called from autocommands. * Deferred functions invoked in unexpected order when using :qa and autocommands. * Warnings for function declarations. * ":drop fname" may change the last used tab page. * Busted configuration files are not recognized. * Lines put in non-current window are not displayed. (Marius Gedminas) * Crash when recovering from corrupted swap file. * Filetypes for *.v files not detected properly. * Small source file problems; outdated list of distributed files. * Using popup menu may leave text in the command line. * Decrypting with libsodium may fail if the library changes. * Crash when textprop has a very large "padding" value. (Yegappan Lakshmanan) * += operator does not work on class member. * Coverity warns for using invalid array index. * no functions for converting from/to UTF-16 index. * Parallel make might not work. * Content-type header for LSP channel not according to spec. * xchacha20v2 crypt header is platform dependent. ==== vulkan-loader ==== Version update (1.3.243.0 -> 1.3.247) - Update to 1.3.247 * Make correct layer be used when duplicates are present * Fix ordering regression for VK_INSTANCE_LAYERS ==== vulkan-tools ==== Version update (1.3.243.0 -> 1.3.247) - Update to release 1.3.247 * vulkaninfo: Dont enable Direct Driver Loading Ext * vkcubepp: Fix custom height not working ==== wayland ==== Version update (1.21.0 -> 1.22.0) Subpackages: libwayland-client0 libwayland-cursor0 libwayland-egl1 libwayland-server0 - Update to release 1.22.0 * This new release adds explicit events for the preferred buffer scale and transform, adds an event to indicate the pointer's physical scroll direction, adds a few new convenience functions, and includes various spec clarifications and bug fixes. ==== webkit2gtk3 ==== Version update (2.40.0 -> 2.40.1) Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Update to version 2.40.1 (boo#1210295 boo#1210731): + The Bubblewrap sandbox no longer requires setting an application identifier via GApplication to operate correctly. Using GApplication is still recommended, but optional. + Adjust the scrolling speed for mouse wheels to make it feel more natural. + Allow pasting content using the Asynchronous Clipboard API when the origin is the same as the clipboard contents. + Improvements to the GStreamer multimedia playback, in particular around MSE, WebRTC, and seeking. + Make all supported image types appear in the Accept HTTP header. + Fix text caret blinking when blinking is disabled in the GTK settings. + Fix default database quota size definition. + Fix application of all caps tags listed in the font-feature-settings CSS property. + Fix the build with journald support enabled when using elogind instead of the systemd libraries. + Fix the build when libgcrypt provides a libgcrypt-config script instead of a pkg-config module file. + Fix font height calculations for the font-size-adjust CSS property. + Fix the build when ccache is used in certain setups. + Fix the build for RISC-V 64-bit targets. + Fix the build with GCC 13. + Fix several crashes and rendering issues. + Security fixes: CVE-2022-0108, CVE-2023-28205, CVE-2022-32885, CVE-2023-27932, CVE-2023-27954. - Drop regression-fix.patch and fix-gst-crash.patch: fixed upstream. - Rebase gcc13-fix.patch. ==== webkit2gtk4 ==== Version update (2.40.0 -> 2.40.1) Subpackages: libjavascriptcoregtk6_0-1 libwebkitgtk6_0-4 webkitgtk-6_0-injected-bundles - Update to version 2.40.1 (boo#1210295 boo#1210731): + The Bubblewrap sandbox no longer requires setting an application identifier via GApplication to operate correctly. Using GApplication is still recommended, but optional. + Adjust the scrolling speed for mouse wheels to make it feel more natural. + Allow pasting content using the Asynchronous Clipboard API when the origin is the same as the clipboard contents. + Improvements to the GStreamer multimedia playback, in particular around MSE, WebRTC, and seeking. + Make all supported image types appear in the Accept HTTP header. + Fix text caret blinking when blinking is disabled in the GTK settings. + Fix default database quota size definition. + Fix application of all caps tags listed in the font-feature-settings CSS property. + Fix the build with journald support enabled when using elogind instead of the systemd libraries. + Fix the build when libgcrypt provides a libgcrypt-config script instead of a pkg-config module file. + Fix font height calculations for the font-size-adjust CSS property. + Fix the build when ccache is used in certain setups. + Fix the build for RISC-V 64-bit targets. + Fix the build with GCC 13. + Fix several crashes and rendering issues. + Security fixes: CVE-2022-0108, CVE-2023-28205, CVE-2022-32885, CVE-2023-27932, CVE-2023-27954. - Drop regression-fix.patch and fix-gst-crash.patch: fixed upstream. - Rebase gcc13-fix.patch. ==== xbitmaps ==== - Fix license tag to X11. ==== xdg-desktop-portal-gnome ==== Version update (44.0 -> 44.1) - Update to version 44.1: + Improve handling of non-existing files on the filechooser portal + Minor debugging improvements to the backgrounds portal + More precise initialization timing + Fix duplicate monitor and window streams + Updated translations. ==== xdg-desktop-portal-gtk ==== - Pass missing --disable-lockdown to configure, xdg-desktop-portal-gnome handles that one too. ==== xdpyinfo ==== Version update (1.3.3 -> 1.3.4) - Update to version 1.3.4 * This release stops compiling support for the XF86-Misc extension by default, and thus stops linking with the deprecated libXxf86misc library by default. This support can still be enabled for now by passing --with-xf86misc to the configure script, but as the server side of this extension was removed in the xserver-1.6.0 release in 2008 there is little reason to do so, and the support may be removed entirely in a future release of xdpyinfo. - we have xorg-server >= 1.6 since sle11-sp1, so we are on the safe side with our customers ==== xkeyboard-config ==== - remove CCDL from license strings (boo#1210681) ==== xset ==== - Disable building with libXfontcache. xorg-server 1.6 removed the corresponding feature, and it seems unlikely and unusual for anyone to e.g. ssh from an old Xorg system to a contemporary SUSE to attempt to run the (undocumented) `xset fc` command. ==== yast2-country ==== Version update (4.6.1 -> 4.6.2) Subpackages: yast2-country-data - Cleanup: use "ru" keymap for Russian, not "ruwin_alt-UTF-8" (bsc#1194609) - 4.6.2 ==== yast2-samba-client ==== Version update (4.6.0 -> 4.6.1) - Install samba-gpupdate when enabling Group Policy; (bsc#1207604). - 4.6.1 ==== zbar ==== - add py311.patch to fix build against python 3.11 ==== zstd ==== Version update (1.5.4 -> 1.5.5) Subpackages: libzstd1 - update to 1.5.5: * fix: fix rare corruption bug affecting the high compression mode, reported by @danlark1 * perf: improve mid-level compression speed * lib: deprecated bufferless block-level API (#3534) by @terrelln * cli: mmap large dictionaries to save memory, by @daniellerozenblit * cli: improve speed of --patch-from mode (~+50%) (#3545) by @daniellerozenblit * cli: improve i/o speed (~+10%) when processing lots of small files (#3479) by @felixhandte * cli: zstd no longer crashes when requested to write into write-protected directory (#3541) by @felixhandte * cli: fix decompression into block device using -o, reported by @georgmu * misc: improve seekable format ingestion speed (~+100%) for very small chunk sizes (#3544) by @Cyan4973 * misc: tests/fullbench can benchmark multiple files (#3516) by @dloidolt ==== zxing-cpp ==== - Drop support for building on SLE12.