Packages changed: ImageMagick (7.0.11.11 -> 7.0.11.12) breezy (3.1.0 -> 3.2.0) busybox (1.33.0 -> 1.33.1) ethtool (5.10 -> 5.12) gstreamer-plugins-bad gstreamer-plugins-base libbytesize (2.4 -> 2.5) libdvdnav (6.1.0 -> 6.1.1) libdvdread (6.1.1 -> 6.1.2) libwpe (1.8.0 -> 1.10.0) net-snmp nfs-utils patterns-kde pipewire (0.3.26 -> 0.3.27) python-SQLAlchemy (1.3.23 -> 1.4.13) python-matplotlib python-numpy (1.20.1 -> 1.20.2) python-six (1.15.0 -> 1.16.0) python38 (3.8.9 -> 3.8.10) python38-core (3.8.9 -> 3.8.10) python38-documentation (3.8.9 -> 3.8.10) squid (4.14 -> 4.15) yast2-installation (4.4.5 -> 4.4.6) yast2-trans (84.87.20210502.7b34dbceae -> 84.87.20210509.2001bf14f7) === Details === ==== ImageMagick ==== Version update (7.0.11.11 -> 7.0.11.12) Subpackages: ImageMagick-config-7-SUSE ImageMagick-extra libMagick++-7_Q16HDRI5 libMagickCore-7_Q16HDRI9 libMagickWand-7_Q16HDRI9 - version update to 7.0.11.12 * The HEIC depth image will now only be read when the define heic:depth-image is true. * -layers optimize no longer produces broken output (reference https://github.com/ImageMagick/ImageMagick/issues/3520). ==== breezy ==== Version update (3.1.0 -> 3.2.0) - Update to 3.2.0. - Removed upstreamed patches: - 0001-Fix-tests-with-newer-dulwich.patch - 0002-Fix-more-tests.patch - 7531_7530.diff - 7551_7550.diff - Skip failing tests mentioned in lp#1927523. ==== busybox ==== Version update (1.33.0 -> 1.33.1) Subpackages: busybox-static - update to 1.33.1: * httpd: fix sendfile * ash: fix HISTFILE corruptio * ash: fix unset variable pattern expansion * traceroute: fix option parsing * gunzip: fix for archive corruption - drop update_passwd_selinux_fix.patch, included upstream - add upstream signing key and verify source signature ==== ethtool ==== Version update (5.10 -> 5.12) - update to new upstream release 5.12 * Feature: support lanes count (no option and -s) * Fix: fix help message for master-slave parameter (-s) * Fix: better error message for master-slave in ioctl code path * Fix: get rid of compiler warnings in "make check" ==== gstreamer-plugins-bad ==== Subpackages: gstreamer-plugins-bad-lang gstreamer-transcoder libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 typelib-1_0-GstTranscoder-1_0 - don't own appdata dir - is provided by filesystem ==== gstreamer-plugins-base ==== Subpackages: gstreamer-plugins-base-lang libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstAudio-1_0 typelib-1_0-GstPbutils-1_0 typelib-1_0-GstTag-1_0 typelib-1_0-GstVideo-1_0 - don't own appdata dir - comes from filesystem rpm ==== libbytesize ==== Version update (2.4 -> 2.5) Subpackages: libbytesize-lang libbytesize1 - update to 2.5: * translation updates * tools: Read input from stdin when not running in a tty * Add support to ppc64le for debian build * testsuite fixes ==== libdvdnav ==== Version update (6.1.0 -> 6.1.1) - update to 6.1.1: * fix build issues * improve CI ==== libdvdread ==== Version update (6.1.1 -> 6.1.2) - update to 6.1.2: * Fix Win32 Unicode paths opening * Fix warnings and build improvements ==== libwpe ==== Version update (1.8.0 -> 1.10.0) - update to 1.10.0: - New API to explicitly deinitialize an EGL renderer target, which allows implementors of the wpe_renderer_backend_egl_target_interface - build system improvements ==== net-snmp ==== Subpackages: libsnmp30 perl-SNMP snmp-mibs - Can't assume non-existence of python38 macros in Leap. gh#openSUSE/python-rpm-macros#107 Test for suse_version instead. Only Tumbleweed has and needs the python_subpackage_only support. ==== nfs-utils ==== Subpackages: libnfsidmap1 nfs-client nfs-kernel-server - Add 0001-Replace-all-var-run-with-run.patch Use /run instead of /var/run (bsc#1185170) ==== patterns-kde ==== Subpackages: patterns-kde-kde patterns-kde-kde_edutainment patterns-kde-kde_games patterns-kde-kde_ide patterns-kde-kde_imaging patterns-kde-kde_internet patterns-kde-kde_multimedia patterns-kde-kde_office patterns-kde-kde_pim patterns-kde-kde_plasma patterns-kde-kde_utilities patterns-kde-kde_utilities_opt patterns-kde-kde_yast - Require qqc2-desktop-style in kde_plasma ==== pipewire ==== Version update (0.3.26 -> 0.3.27) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-modules pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Add %bcond_with aac conditional to let 3rd parties to enable AAC support. - Update to 0.3.27 * Highlights - Fix bug that caused bluetooth devices to stop working. - Fix session-manager crash when switching users caused by the DBus plugin cleanup errors. - Improve volume handling of monitor ports. - Fix GStreamer v4l2 support. - Implement module-remap-sink and module-remap-source in pipewire-pulse. - More fixes and improvements. * PipeWire - Move the loopback code into a module. Use this in pw-loopback and pipewire-pulse. Fix some cleanup crashes. - A dummy echo-cancel module was added. Later versions will include the webrtc echo-canceler. - State files don't have the X permission anymore. - Move i18n core into a private header file. - Stream can now advertize properties and receive property updates. - Fix an issue where the wrong index was used to address a port. It caused Bluetooth devices to stop working. * SPA plugins - Only do LFE filtering on channels we created. - Improve name and description of devices. - Improve cleanup in DBus connections and sources to avoid crash when destroying. - Improved volume handling. Hardware, Software and Monitor volumes are now properly separated and handled. - Support for S8 and S8P formats was added. * Tools - pw-cli can now also create Struct from JSON arrays. * Session-manager - The session manager can now also create passive links. This makes is possible to suspend effect chains together with the sinks when not in use. - Match rules now check the complete property value instead of only the start. - Handle multiple pending param enumerations, take only last result. This fixes some volume update issues. * GStreamer plugins - GStreamer plugins now advertize handling DMABUF explicitly. This is currently the only way to avoid a memcpy for v4l2 devices. * Device support - sync ACP with pulseaudio, merge upstream patch instead of our hack to workaround missing duplex devices. - V4l2 devices don't expose their fd anymore. Previously the fd and mmap offsets were passed to the client to access the buffer memory but that could create security issues. * Bluetooth - Don't unregister the profiles on shutdown because this can cause delay, just close the dbus connection. - Bluetooth devices now try to use the global samplerate from the graph. * PulseAudio server - Implement remap-sink and remap-source modules using the new loopback module. ==== python-SQLAlchemy ==== Version update (1.3.23 -> 1.4.13) - Remove %ifpython2 (python2 flavor is disabled). - Do not use %if %{python_version_nodots} for BuildRequires. - Remove broken %ifpython3 since the python2 flavor is disabled anyway. - update to 1.4.13: orm * Fixed regression in selectinload loader strategy that would cause it to cache its internal state incorrectly when handling relationships that join across more than one column, such as when using a composite foreign key. The invalid caching would then cause other unrelated loader operations to fail. References: #6410 * Fixed regression where Query.filter_by() would not work if the lead entity were a SQL function or other expression derived from the primary entity in question, rather than a simple entity or column of that entity. Additionally, improved the behavior of Select.filter_by() overall to work with column expressions even in a non-ORM context. References: #6414 * Fixed regression where using selectinload() and subqueryload() to load a two-level-deep path would lead to an attribute error. References: #6419 * Fixed regression where using the noload() loader strategy in conjunction with a ?dynamic? relationship would lead to an attribute error as the noload strategy would attempt to apply itself to the dynamic loader. References: #6420 engine * Restored a legacy transactional behavior that was inadvertently removed from the Connection as it was never tested as a known use case in previous versions, where calling upon the Connection.begin_nested() method, when no transaction is present, does not create a SAVEPOINT at all and instead starts an outer transaction, returning a RootTransaction object instead of a NestedTransaction object. This RootTransaction then will emit a real COMMIT on the database connection when committed. Previously, the 2.0 style behavior was present in all cases that would autobegin a transaction but not commit it, which is a behavioral change. When using a 2.0 style connection object, the behavior is unchanged from previous 1.4 versions; calling Connection.begin_nested() will ?autobegin? the outer transaction if not already present, and then as instructed emit a SAVEPOINT, returning the NestedTransaction object. The outer transaction is committed by calling upon Connection.commit(), as is ?commit-as-you-go? style usage. In non-?future? mode, while the old behavior is restored, it also emits a 2.0 deprecation warning as this is a legacy behavior. References: #6408 asyncio * Fixed a regression introduced by #6337 that would create an asyncio.Lock which could be attached to the wrong loop when instantiating the async engine before any asyncio loop was started, leading to an asyncio error message when attempting to use the engine under certain circumstances. References: #6409 postgresql * Add support for server side cursors in the pg8000 dialect for PostgreSQL. This allows use of the Connection.execution_options.stream_results option. References: #6198 - Removed use of pytest-xdist which is giving intermitent failed builds with internal errors like: INTERNALERROR> E RuntimeError: There is no current event loop in thread 'Dummy-1'. [...] INTERNALERROR> /usr/lib/python3.9/site-packages/xdist/ dsession.py:190: AssertionError [gw6] node down: Not properly terminated - Update to 1.4.12: * There are many changes between the 1.4 and 1.3 branch so please check the full list at: https://docs.sqlalchemy.org/en/14/changelog/changelog_14.html - Update to the 1.4 branch: Version 1.4 is taking on a different focus than other SQLAlchemy releases in that it is in many ways attempting to serve as a potential migration point for a more dramatic series of API changes currently planned for release 2.0 of SQLAlchemy. * Python 3.6 is the minimum Python 3 version; Python 2.7 still supported * ORM Query is internally unified with select, update, delete; 2.0 style execution available. * Transparent SQL Compilation Caching added to All DQL, DML Statements in Core, ORM. * Declarative is now integrated into the ORM with new features * Python Dataclasses, attrs Supported w/ Declarative, Imperative Mappings. * Asynchronous IO Support for Core and ORM * Many Core and ORM statement objects now perform much of their construction and validation in the compile phase * Repaired internal importing conventions such that code linters may work correctly * Support for SQL Regular Expression operators * SQLAlchemy 2.0 Deprecations Mode * API and Behavioral Changes - Core - A SELECT statement is no longer implicitly considered to be a FROM clause - select().join() and outerjoin() add JOIN criteria to the current query, rather than creating a subquery - The URL object is now immutable - Changes to CreateEnginePlugin - select(), case() now accept positional expressions - All IN expressions render parameters for each value in the list on the fly (e.g. expanding parameters) - Built-in FROM linting will warn for any potential cartesian products in a SELECT statement - New Result object - RowProxy is no longer a ?proxy?; is now called Row and behaves like an enhanced named tuple - Rationale: To behave more like a named tuple rather than a mapping - Proxying behavior goes away, was also unnecessary in modern usage - SELECT objects and derived FROM clauses allow for duplicate columns and column labels - Improved column labeling for simple column expressions using CAST or similar - New "post compile" bound parameters used for LIMIT/OFFSET in Oracle, SQL Server - Connection-level transactions can now be inactive based on subtransaction - Enum and Boolean datatypes no longer default to "create constraint" * New Features - ORM - Raiseload for Columns - ORM Batch inserts with psycopg2 now batch statements with RETURNING in most cases - ORM Bulk Update and Delete use RETURNING for "fetch" strategy when available * Behavioral Changes - ORM - The "KeyedTuple" object returned by Query is replaced by Row - Session features new ?autobegin? behavior - Viewonly relationships don?t synchronize backrefs - cascade_backrefs behavior deprecated for removal in 2.0 - Eager loaders emit during unexpire operations - Accessing an uninitialized collection attribute on a transient object no longer mutates __dict__ - The "New instance conflicts with existing identity" error is now a warning - Persistence-related cascade operations disallowed with viewonly=True - Stricter behavior when querying inheritance mappings using custom queries * Dialect Changes - psycopg2 version 2.7 or higher is required for the PostgreSQL psycopg2 dialect - psycopg2 dialect no longer has limitations regarding bound parameter names - psycopg2 dialect features "execute_values" with RETURNING for INSERT statements by default - Removed ?join rewriting? logic from SQLite dialect; updated imports - Added Sequence support for MariaDB 10.3 - Added Sequence support distinct from IDENTITY to SQL Server * For an explanation of each of those changes, check - https://docs.sqlalchemy.org/en/14/changelog/migration_14.html - For the full list of changes in each revision in the 1.4 branch please read: * https://docs.sqlalchemy.org/en/14/changelog/changelog_14.html - Do not build the python2 flavor. Python 2.7 is supposed to be supported but currently fails to build. - Rebase patch: * tests_overcome_bpo42967.patch ==== python-matplotlib ==== Subpackages: python38-matplotlib python38-matplotlib-cairo python38-matplotlib-gtk3 python38-matplotlib-tk - Update build and runtime TeX requirements for -latex subpackage. ==== python-numpy ==== Version update (1.20.1 -> 1.20.2) - update to 1.20.2: * MAINT: Update f2py from master. * BUG: diagflat could overflow on windows or 32-bit platforms * BUG: Fix refcount leak in f2py complex_double_from_pyobj. * BUG: Fix tiny memory leaks when like= overrides are used * BUG: Remove temporary change of descr/flags in VOID functions * BUG: Segfault in nditer buffer dealloc for Object arrays * BUG: Remove suspicious type casting * BUG: remove nonsensical comparison of pointer < 0 * BUG: verify pointer against NULL before using it * BUG: check if PyArray_malloc succeeded * BUG: incorrect error fallthrough in nditer * MAINT: Add annotations for dtype.__getitem__, __mul__ and? * BUG: NameError in numpy.distutils.fcompiler.compaq * BUG: Fixed where keyword for np.mean & np.var methods * MAINT: Ensure that re-exported sub-modules are properly annotated * BUG: Fix ma coercion list-of-ma-arrays if they do not cast to? * BUG: Fix small valgrind-found issues * BUG: Fix small issues found with pytest-leaks ==== python-six ==== Version update (1.15.0 -> 1.16.0) - update to 1.16.0: - Port _SixMetaPathImporter to Python 3.10. ==== python38 ==== Version update (3.8.9 -> 3.8.10) Subpackages: python38-curses python38-dbm python38-tk - Update to 3.8.10: - Security - bpo-43434: Creating a sqlite3.Connection object now also produces a sqlite3.connect auditing event. Previously this event was only produced by sqlite3.connect() calls. Patch by Erlend E. Aasland. - bpo-43472: Ensures interpreter-level audit hooks receive the cpython.PyInterpreterState_New event when called through the _xxsubinterpreters module. - bpo-43075: Fix Regular Expression Denial of Service (ReDoS) vulnerability in urllib.request.AbstractBasicAuthHandler. The ReDoS-vulnerable regex has quadratic worst-case complexity and it allows cause a denial of service when identifying crafted invalid RFCs. This ReDoS issue is on the client side and needs remote attackers to control the HTTP server. - Core and Builtins - bpo-43105: Importlib now resolves relative paths when creating module spec objects from file locations. - bpo-42924: Fix bytearray repetition incorrectly copying data from the start of the buffer, even if the data is offset within the buffer (e.g. after reassigning a slice at the start of the bytearray to a shorter byte string). - Library - bpo-43993: Update bundled pip to 21.1.1. - bpo-43937: Fixed the turtle module working with non-default root window. - bpo-43930: Update bundled pip to 21.1 and setuptools to 56.0.0 - bpo-43920: OpenSSL 3.0.0: load_verify_locations() now returns a consistent error message when cadata contains no valid certificate. - bpo-43607: urllib can now convert Windows paths with \\?\ prefixes into URL paths. - bpo-43284: platform.win32_ver derives the windows version from sys.getwindowsversion().platform_version which in turn derives the version from kernel32.dll (which can be of a different version than Windows itself). Therefore change the platform.win32_ver to determine the version using the platform module?s _syscmd_ver private function to return an accurate version. - bpo-42248: [Enum] ensure exceptions raised in _missing__ are released - bpo-43799: OpenSSL 3.0.0: define OPENSSL_API_COMPAT 1.1.1 to suppress deprecation warnings. Python requires OpenSSL 1.1.1 APIs. - bpo-43794: Add ssl.OP_IGNORE_UNEXPECTED_EOF constants (OpenSSL 3.0.0) - bpo-43789: OpenSSL 3.0.0: Don?t call the password callback function a second time when first call has signaled an error condition. - bpo-43788: The header files for ssl error codes are now OpenSSL version-specific. Exceptions will now show correct reason and library codes. The make_ssl_data.py script has been rewritten to use OpenSSL?s text file with error codes. - bpo-43655: tkinter dialog windows are now recognized as dialogs by window managers on macOS and X Window. - bpo-43534: turtle.textinput() and turtle.numinput() create now a transient window working on behalf of the canvas window. - bpo-43522: Fix problem with hostname_checks_common_name. OpenSSL does not copy hostflags from struct SSL_CTX to struct SSL. - bpo-42967: Allow bytes separator argument in urllib.parse.parse_qs and urllib.parse.parse_qsl when parsing str query strings. Previously, this raised a TypeError. - bpo-43176: Fixed processing of a dataclass that inherits from a frozen dataclass with no fields. It is now correctly detected as an error. - bpo-34463: Fixed discrepancy between traceback and the interpreter in formatting of SyntaxError with lineno not set (traceback was changed to match interpreter). - bpo-41735: Fix thread locks in zlib module may go wrong in rare case. Patch by Ma Lin. - bpo-26053: Fixed bug where the pdb interactive run command echoed the args from the shell command line, even if those have been overridden at the pdb prompt. - bpo-36470: Fix dataclasses with InitVars and replace(). Patch by Claudiu Popa. - bpo-28577: The hosts method on 32-bit prefix length IPv4Networks and 128-bit prefix IPv6Networks now returns a list containing the single Address instead of an empty list. - bpo-32745: Fix a regression in the handling of ctypes? ctypes.c_wchar_p type: embedded null characters would cause a ValueError to be raised. Patch by Zackery Spytz. - Documentation - bpo-43959: The documentation on the PyContextVar C-API was clarified. - bpo-43938: Update dataclasses documentation to express that FrozenInstanceError is derived from AttributeError. - bpo-43739: Fixing the example code in Doc/extending/extending.rst to declare and initialize the pmodule variable to be of the right type. - Tests - bpo-43842: Fix a race condition in the SMTP test of test_logging. Don?t close a file descriptor (socket) from a different thread while asyncore.loop() is polling the file descriptor. Patch by Victor Stinner. - bpo-43811: Tests multiple OpenSSL versions on GitHub Actions. Use ccache to speed up testing. - bpo-43791: OpenSSL 3.0.0: Disable testing of legacy protocols TLS 1.0 and 1.1. Tests are failing with TLSV1_ALERT_INTERNAL_ERROR. - IDLE - bpo-43655: IDLE dialog windows are now recognized as dialogs by window managers on macOS and X Window. - C API - bpo-43962: _PyInterpreterState_IDIncref() now calls _PyInterpreterState_IDInitref() and always increments id_refcount. Previously, calling _xxsubinterpreters.get_current() could create an id_refcount inconsistency when a _xxsubinterpreters.InterpreterID object was deallocated. Patch by Victor Stinner. - Reapplied patches: - CVE-2019-5010-null-defer-x509-cert-DOS.patch - F00102-lib64.patch - SUSE-FEDORA-multilib.patch - bpo-31046_ensurepip_honours_prefix.patch - python-3.3.0b1-fix_date_time_compiler.patch - Make sure to close the import_failed.map file after the exception has been raised in order to avoid ResourceWarnings when the failing import is part of a try...except block. ==== python38-core ==== Version update (3.8.9 -> 3.8.10) Subpackages: libpython3_8-1_0 python38-base - Update to 3.8.10: - Security - bpo-43434: Creating a sqlite3.Connection object now also produces a sqlite3.connect auditing event. Previously this event was only produced by sqlite3.connect() calls. Patch by Erlend E. Aasland. - bpo-43472: Ensures interpreter-level audit hooks receive the cpython.PyInterpreterState_New event when called through the _xxsubinterpreters module. - bpo-43075: Fix Regular Expression Denial of Service (ReDoS) vulnerability in urllib.request.AbstractBasicAuthHandler. The ReDoS-vulnerable regex has quadratic worst-case complexity and it allows cause a denial of service when identifying crafted invalid RFCs. This ReDoS issue is on the client side and needs remote attackers to control the HTTP server. - Core and Builtins - bpo-43105: Importlib now resolves relative paths when creating module spec objects from file locations. - bpo-42924: Fix bytearray repetition incorrectly copying data from the start of the buffer, even if the data is offset within the buffer (e.g. after reassigning a slice at the start of the bytearray to a shorter byte string). - Library - bpo-43993: Update bundled pip to 21.1.1. - bpo-43937: Fixed the turtle module working with non-default root window. - bpo-43930: Update bundled pip to 21.1 and setuptools to 56.0.0 - bpo-43920: OpenSSL 3.0.0: load_verify_locations() now returns a consistent error message when cadata contains no valid certificate. - bpo-43607: urllib can now convert Windows paths with \\?\ prefixes into URL paths. - bpo-43284: platform.win32_ver derives the windows version from sys.getwindowsversion().platform_version which in turn derives the version from kernel32.dll (which can be of a different version than Windows itself). Therefore change the platform.win32_ver to determine the version using the platform module?s _syscmd_ver private function to return an accurate version. - bpo-42248: [Enum] ensure exceptions raised in _missing__ are released - bpo-43799: OpenSSL 3.0.0: define OPENSSL_API_COMPAT 1.1.1 to suppress deprecation warnings. Python requires OpenSSL 1.1.1 APIs. - bpo-43794: Add ssl.OP_IGNORE_UNEXPECTED_EOF constants (OpenSSL 3.0.0) - bpo-43789: OpenSSL 3.0.0: Don?t call the password callback function a second time when first call has signaled an error condition. - bpo-43788: The header files for ssl error codes are now OpenSSL version-specific. Exceptions will now show correct reason and library codes. The make_ssl_data.py script has been rewritten to use OpenSSL?s text file with error codes. - bpo-43655: tkinter dialog windows are now recognized as dialogs by window managers on macOS and X Window. - bpo-43534: turtle.textinput() and turtle.numinput() create now a transient window working on behalf of the canvas window. - bpo-43522: Fix problem with hostname_checks_common_name. OpenSSL does not copy hostflags from struct SSL_CTX to struct SSL. - bpo-42967: Allow bytes separator argument in urllib.parse.parse_qs and urllib.parse.parse_qsl when parsing str query strings. Previously, this raised a TypeError. - bpo-43176: Fixed processing of a dataclass that inherits from a frozen dataclass with no fields. It is now correctly detected as an error. - bpo-34463: Fixed discrepancy between traceback and the interpreter in formatting of SyntaxError with lineno not set (traceback was changed to match interpreter). - bpo-41735: Fix thread locks in zlib module may go wrong in rare case. Patch by Ma Lin. - bpo-26053: Fixed bug where the pdb interactive run command echoed the args from the shell command line, even if those have been overridden at the pdb prompt. - bpo-36470: Fix dataclasses with InitVars and replace(). Patch by Claudiu Popa. - bpo-28577: The hosts method on 32-bit prefix length IPv4Networks and 128-bit prefix IPv6Networks now returns a list containing the single Address instead of an empty list. - bpo-32745: Fix a regression in the handling of ctypes? ctypes.c_wchar_p type: embedded null characters would cause a ValueError to be raised. Patch by Zackery Spytz. - Documentation - bpo-43959: The documentation on the PyContextVar C-API was clarified. - bpo-43938: Update dataclasses documentation to express that FrozenInstanceError is derived from AttributeError. - bpo-43739: Fixing the example code in Doc/extending/extending.rst to declare and initialize the pmodule variable to be of the right type. - Tests - bpo-43842: Fix a race condition in the SMTP test of test_logging. Don?t close a file descriptor (socket) from a different thread while asyncore.loop() is polling the file descriptor. Patch by Victor Stinner. - bpo-43811: Tests multiple OpenSSL versions on GitHub Actions. Use ccache to speed up testing. - bpo-43791: OpenSSL 3.0.0: Disable testing of legacy protocols TLS 1.0 and 1.1. Tests are failing with TLSV1_ALERT_INTERNAL_ERROR. - IDLE - bpo-43655: IDLE dialog windows are now recognized as dialogs by window managers on macOS and X Window. - C API - bpo-43962: _PyInterpreterState_IDIncref() now calls _PyInterpreterState_IDInitref() and always increments id_refcount. Previously, calling _xxsubinterpreters.get_current() could create an id_refcount inconsistency when a _xxsubinterpreters.InterpreterID object was deallocated. Patch by Victor Stinner. - Reapplied patches: - CVE-2019-5010-null-defer-x509-cert-DOS.patch - F00102-lib64.patch - SUSE-FEDORA-multilib.patch - bpo-31046_ensurepip_honours_prefix.patch - python-3.3.0b1-fix_date_time_compiler.patch - Make sure to close the import_failed.map file after the exception has been raised in order to avoid ResourceWarnings when the failing import is part of a try...except block. ==== python38-documentation ==== Version update (3.8.9 -> 3.8.10) - Update to 3.8.10: - Security - bpo-43434: Creating a sqlite3.Connection object now also produces a sqlite3.connect auditing event. Previously this event was only produced by sqlite3.connect() calls. Patch by Erlend E. Aasland. - bpo-43472: Ensures interpreter-level audit hooks receive the cpython.PyInterpreterState_New event when called through the _xxsubinterpreters module. - bpo-43075: Fix Regular Expression Denial of Service (ReDoS) vulnerability in urllib.request.AbstractBasicAuthHandler. The ReDoS-vulnerable regex has quadratic worst-case complexity and it allows cause a denial of service when identifying crafted invalid RFCs. This ReDoS issue is on the client side and needs remote attackers to control the HTTP server. - Core and Builtins - bpo-43105: Importlib now resolves relative paths when creating module spec objects from file locations. - bpo-42924: Fix bytearray repetition incorrectly copying data from the start of the buffer, even if the data is offset within the buffer (e.g. after reassigning a slice at the start of the bytearray to a shorter byte string). - Library - bpo-43993: Update bundled pip to 21.1.1. - bpo-43937: Fixed the turtle module working with non-default root window. - bpo-43930: Update bundled pip to 21.1 and setuptools to 56.0.0 - bpo-43920: OpenSSL 3.0.0: load_verify_locations() now returns a consistent error message when cadata contains no valid certificate. - bpo-43607: urllib can now convert Windows paths with \\?\ prefixes into URL paths. - bpo-43284: platform.win32_ver derives the windows version from sys.getwindowsversion().platform_version which in turn derives the version from kernel32.dll (which can be of a different version than Windows itself). Therefore change the platform.win32_ver to determine the version using the platform module?s _syscmd_ver private function to return an accurate version. - bpo-42248: [Enum] ensure exceptions raised in _missing__ are released - bpo-43799: OpenSSL 3.0.0: define OPENSSL_API_COMPAT 1.1.1 to suppress deprecation warnings. Python requires OpenSSL 1.1.1 APIs. - bpo-43794: Add ssl.OP_IGNORE_UNEXPECTED_EOF constants (OpenSSL 3.0.0) - bpo-43789: OpenSSL 3.0.0: Don?t call the password callback function a second time when first call has signaled an error condition. - bpo-43788: The header files for ssl error codes are now OpenSSL version-specific. Exceptions will now show correct reason and library codes. The make_ssl_data.py script has been rewritten to use OpenSSL?s text file with error codes. - bpo-43655: tkinter dialog windows are now recognized as dialogs by window managers on macOS and X Window. - bpo-43534: turtle.textinput() and turtle.numinput() create now a transient window working on behalf of the canvas window. - bpo-43522: Fix problem with hostname_checks_common_name. OpenSSL does not copy hostflags from struct SSL_CTX to struct SSL. - bpo-42967: Allow bytes separator argument in urllib.parse.parse_qs and urllib.parse.parse_qsl when parsing str query strings. Previously, this raised a TypeError. - bpo-43176: Fixed processing of a dataclass that inherits from a frozen dataclass with no fields. It is now correctly detected as an error. - bpo-34463: Fixed discrepancy between traceback and the interpreter in formatting of SyntaxError with lineno not set (traceback was changed to match interpreter). - bpo-41735: Fix thread locks in zlib module may go wrong in rare case. Patch by Ma Lin. - bpo-26053: Fixed bug where the pdb interactive run command echoed the args from the shell command line, even if those have been overridden at the pdb prompt. - bpo-36470: Fix dataclasses with InitVars and replace(). Patch by Claudiu Popa. - bpo-28577: The hosts method on 32-bit prefix length IPv4Networks and 128-bit prefix IPv6Networks now returns a list containing the single Address instead of an empty list. - bpo-32745: Fix a regression in the handling of ctypes? ctypes.c_wchar_p type: embedded null characters would cause a ValueError to be raised. Patch by Zackery Spytz. - Documentation - bpo-43959: The documentation on the PyContextVar C-API was clarified. - bpo-43938: Update dataclasses documentation to express that FrozenInstanceError is derived from AttributeError. - bpo-43739: Fixing the example code in Doc/extending/extending.rst to declare and initialize the pmodule variable to be of the right type. - Tests - bpo-43842: Fix a race condition in the SMTP test of test_logging. Don?t close a file descriptor (socket) from a different thread while asyncore.loop() is polling the file descriptor. Patch by Victor Stinner. - bpo-43811: Tests multiple OpenSSL versions on GitHub Actions. Use ccache to speed up testing. - bpo-43791: OpenSSL 3.0.0: Disable testing of legacy protocols TLS 1.0 and 1.1. Tests are failing with TLSV1_ALERT_INTERNAL_ERROR. - IDLE - bpo-43655: IDLE dialog windows are now recognized as dialogs by window managers on macOS and X Window. - C API - bpo-43962: _PyInterpreterState_IDIncref() now calls _PyInterpreterState_IDInitref() and always increments id_refcount. Previously, calling _xxsubinterpreters.get_current() could create an id_refcount inconsistency when a _xxsubinterpreters.InterpreterID object was deallocated. Patch by Victor Stinner. - Reapplied patches: - CVE-2019-5010-null-defer-x509-cert-DOS.patch - F00102-lib64.patch - SUSE-FEDORA-multilib.patch - bpo-31046_ensurepip_honours_prefix.patch - python-3.3.0b1-fix_date_time_compiler.patch - Make sure to close the import_failed.map file after the exception has been raised in order to avoid ResourceWarnings when the failing import is part of a try...except block. ==== squid ==== Version update (4.14 -> 4.15) - update to 4.15: - Bug 5112: Excessively loud chunked reply parsing error reporting - Bug 5106: Broken cache manager URL parsing - Bug 5104: Memory leak in RFC 2169 response parsing - Bug 3556: "FD ... is not an open socket" for accept() problems - Profiling: CPU timing implemented for MAC non-x86 - Fix HttpHeaderStats definition to include hoErrorDetail - Fix Squid-to-client write_timeout triggers client_lifetime timeout - Limit HeaderLookupTable_t::lookup() to BadHdr and specific IDs - Handle more Range requests - Handle more partial responses - Stop processing a response if the Store entry is gone - ... and some portability fixes - ... and some documentation updates ==== yast2-installation ==== Version update (4.4.5 -> 4.4.6) - Allow memory profiling of the main installer process, via boot parameters: (bsc#1182649) - MASSIF=1 enables Valgrind/Massif (C/C++ level) - MEMORY_PROFILER=1 enables Ruby level - 4.4.6 ==== yast2-trans ==== Version update (84.87.20210502.7b34dbceae -> 84.87.20210509.2001bf14f7) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20210509.2001bf14f7: * Translated using Weblate (Slovak) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Hindi) * Translated using Weblate (Hindi) * Translated using Weblate (Hindi) * Added translation using Weblate (Hindi) * Added translation using Weblate (Hindi) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Hindi) * Translated using Weblate (Slovak) * Translated using Weblate (Hindi) * Translated using Weblate (Slovak) * Translated using Weblate (Hindi) * Translated using Weblate (Hindi) * Translated using Weblate (Hindi) * Translated using Weblate (Hindi) * Translated using Weblate (Hindi) * Translated using Weblate (Hindi) * Translated using Weblate (Hindi) * Translated using Weblate (Hindi) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Hindi) * Added translation using Weblate (Hindi) * Added translation using Weblate (Hindi) * Added translation using Weblate (Hindi) * Added translation using Weblate (Hindi) * New POT for text domain 'auth-client'. * Translated using Weblate (Hindi) * Translated using Weblate (Slovak) * Translated using Weblate (Hindi) * Translated using Weblate (Slovak) * Translated using Weblate (Catalan) * Translated using Weblate (Dutch) * Translated using Weblate (French) * Translated using Weblate (Catalan) * Translated using Weblate (Japanese) * New POT for text domain 'network'. * New POT for text domain 'installation'. * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Chinese (China) (zh_CN)) * Translated using Weblate (Chinese (China) (zh_CN)) * Translated using Weblate (Chinese (China) (zh_CN)) * New POT for text domain 'iscsi-lio-server'. * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese)