Packages changed: ceph (16.2.3.26+g422932e923 -> 16.2.4.26+g555d38aa5a5) cifs-utils (6.12 -> 6.13) drpm (0.4.1 -> 0.5.0) f2fs-tools gnutls gtk4 (4.2.0 -> 4.2.1) kimageformats libidn2 (2.3.0 -> 2.3.1) libwacom (1.6 -> 1.10) pipewire postgresql13 (13.2 -> 13.3) publicsuffix (20210419 -> 20210511) purple-mattermost (1.2 -> 2.0) python-Twisted python-alembic (1.5.8 -> 1.6.2) python-incremental (17.5.0 -> 21.3.0) python-matplotlib (3.4.1 -> 3.4.2) quadrapassel (3.38.1 -> 40.1) rubygem-bundler (2.2.6 -> 2.2.17) rubygem-mini_portile2 (2.5.0 -> 2.5.1) rubygem-rb-fsevent (0.10.4 -> 0.11.0) sendmail snapper spice (0.14.3 -> 0.15.0) tcsh vim (8.2.2800 -> 8.2.2850) yast2-trans (84.87.20210509.2001bf14f7 -> 84.87.20210516.482fe91bc6) === Details === ==== ceph ==== Version update (16.2.3.26+g422932e923 -> 16.2.4.26+g555d38aa5a5) Subpackages: librados2 librbd1 - Update to 16.2.4-26-g555d38aa5a5: + rebased on top of v16.2.4 tag https://ceph.io/releases/v16-2-4-pacific-released/ * mgr/dashboard: fix base-href: revert it to previous approach * (bsc#1186021) mgr/dashboard: fix cookie injection issue (CVE-2021-3509) * mgr/dashboard: fix set-ssl-certificate{,-key} commands * (bsc#1186020) rgw: RGWSwiftWebsiteHandler::is_web_dir checks empty subdir_name (CVE-2021-3531) * (bsc#1185619) rgw: sanitize \r in s3 CORSConfiguration?s ExposeHeader (CVE-2021-3524) * systemd: remove ProtectClock=true for ceph-osd@.service ==== cifs-utils ==== Version update (6.12 -> 6.13) - Update to cifs-utils 6.13 * Fixes CVE-2021-20208, cifs.upcall kerberos auth leak in container * remove cifs-utils-6.12.tar.bz2 * remove cifs-utils-6.12.tar.bz2.asc * add cifs-utils-6.13.tar.bz2 * add cifs-utils-6.13.tar.bz2.asc - Drop upstream fixed patches: * 0001-cifs.upcall-try-to-use-container-ipc-uts-net-pid-mnt.patch ==== drpm ==== Version update (0.4.1 -> 0.5.0) - update to 0.5.0: * fix a memory leak on invalid input * Hide the internal library symbols ==== f2fs-tools ==== Subpackages: libf2fs8 - Remove /usr/sbin/sg_write_buffer. This file is already provided by sg3_utils as /usr/bin/sg_write_buffer. ==== gnutls ==== Subpackages: libgnutls-dane0 libgnutls30 libgnutls30-32bit libgnutls30-hmac - Compute the FIPS hmac file without re-defining the __os_install_post macro, use the brp-50-generate-fips-hmac script instead. [bsc#1184555] - Require the main package in devel and lib packages as the default priorities are now set via crypto-policies. [bsc#1183082] ==== gtk4 ==== Version update (4.2.0 -> 4.2.1) Subpackages: gtk4-lang gtk4-schema libgtk-4-1 typelib-1_0-Gtk-4_0 - Update to version 4.2.1: + GtkVideo: Detect stream metadata when using gstreamer + GtkFileChooser: Fix a crash + GtkButton: Add back visual feedback for keynav activation + GtkFontChooser: Fix initial font selection + GtkScrolledWindow: Stop using scroll cursors + GtkMenuButton: Make focus-on-click work + GtkToggleButton: Make grouped buttons mutually exclusive + GtkPasswordEntry: Use MADV_DONTDUMP for secure memory + GtkListBox: Allow repeated selection extension for MULTIPLE + GdkClipboard: Ensure strings are nul-terminated + GSK: - Fix offscreen rendering with transforms - Fix downscaled textures - Avoid huge intermediate textures - Make shadow rendering match across renderers + Text widgets: Support translucent selections + Wayland: - Improve font settings fallback - Avoid unintentional rendering freezes with popovers + X11: - Don't beep on untrusted displays - Don't crash when popovers are outside the workarea + Themes: - Fix resize border sizing - Fix solid-csd window decorations + Input: - Revert some Compose sequence changes - Consume all key events during preedit, to avoid unexpected interactions - Ignore more modifiers during preedit, to allow using 3rd and 5th level choosers - Fix handling of cursor positions in non-ASCII preedit text - Fix a problem with deferred focus setting ==== kimageformats ==== Subpackages: kimageformats-eps - Enable HEIF plugin build on openSUSE Tumbleweed (requires libheif) ==== libidn2 ==== Version update (2.3.0 -> 2.3.1) Subpackages: libidn2-0 libidn2-0-32bit libidn2-lang - libidn2 2.3.1: * Implement full roundtrip for lookup functionality * Fix domain too long error * Updated gnulib files and various build fixes ==== libwacom ==== Version update (1.6 -> 1.10) Subpackages: libwacom-data libwacom2 - update to 1.10: - Duplicate matches in /etc no longer cause conflicts with the system-provided .tablet files - libwacom-list-local-devices now prints YAML by default - New tools: - libwacom-list-devices lists all supported devices - libwacom-update-db to update the db after adding tablet files - New devices: - Elan 2514 variant 25BF - Huion H640P - Lenovo X1 Yoga Gen 6 - Samsung CHromebook Pro - libwacom can now read tablet and stylus files from /etc/libwacom - New tool: libwacom-show-stylus to interactively show stylus IDs and serial numbers - New devices: - HP Envy x360, Pro Tablet 508 - Lenovo X1 Yoga Gen5, Yoga6, Ideapad Flex 5, Yoga 7, Yoga C650, L13 Yoga - Microsoft Surface Go - New devices: - Dell XPS 15 7590 - HP EliteBook x360 (830 and 1030), Spectre x360 - Lenovo Thinkpad P15 Gen1, Yoga, Yoga 3, Yoga 11e, X13 Yoga - New devices: - Dell XPS 13 2-in-1 9310 - Lenovo IdeaPad Flex 14API, Flex 5 - HP Envy x360, EliteBook x360 - Huawei MateBook HZ-W19 - XP Pen Star G640 ==== pipewire ==== Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-modules pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Add %bcond_with aptx conditional to let 3rd parties to enable aptX support. ==== postgresql13 ==== Version update (13.2 -> 13.3) Subpackages: libpq5 postgresql13-contrib postgresql13-docs postgresql13-llvmjit postgresql13-server - Upgrade to version 13.3: * https://www.postgresql.org/docs/13/release-13-3.html * CVE-2021-32027, bsc#1185924: Prevent integer overflows in array subscripting calculations. * CVE-2021-32028, bsc#1185925: Fix mishandling of ?junk? columns in INSERT ... ON CONFLICT ... UPDATE target lists. * CVE-2021-32029, bsc#1185926: Fix possibly-incorrect computation of UPDATE ... RETURNING "pg_psql_temporary_savepoint" does not exist?. - Don't use %_stop_on_removal, because it was meant to be private and got removed from openSUSE. %_restart_on_update is also private, but still supported and needed for now (bsc#1183168). ==== publicsuffix ==== Version update (20210419 -> 20210511) - Update to version 20210511: * util: gTLD data autopull updates for 2021-05-11T15:13:51 UTC (#1316) * Add authgearapps.com authgear-staging.com (#1304) * Add goupile.fr (#1307) * Add hosp.uk to our existing domains (#1308) * Update README.md * Add noop.app and *.developer.app to PSL (#1265) * Add github dev domains (#1290) * added Storebase.store (#1291) * Update to pythonanywhere entries (#1298) * Update README.md - added Apple / Facebook note * addition of ss sld's sch.ss and me.ss (#1247) * util: gTLD data autopull updates for 2021-04-22T15:17:15 UTC (#1292) ==== purple-mattermost ==== Version update (1.2 -> 2.0) Subpackages: libpurple-plugin-mattermost pidgin-plugin-mattermost - Update to release 2.0 * Mattermost API v4 Support ==== python-Twisted ==== - add incremental-21.patch: support newer incremental versions ==== python-alembic ==== Version update (1.5.8 -> 1.6.2) - update to version 1.6.2: * bug + [bug] [regression] [versioning] Fixed additional regression nearly the same as that of #838 just released in 1.6.1 but within a slightly different codepath, where ?alembic downgrade head? (or equivalent) would fail instead of iterating no revisions. - changes from version 1.6.1: * bug + [bug] [regression] [versioning] Fixed regression in new revisioning traversal where ?alembic downgrade base? would fail if the database itself were clean and unversioned; additionally repairs the case where downgrade would fail if attempting to downgrade to the current head that is already present. - changes from version 1.6.0: * feature + [feature] [autogenerate] Fix the documentation regarding the default command-line argument position of the revision script filename within the post-write hook arguments. Implement a REVISION_SCRIPT_FILENAME token, enabling the position to be changed. Switch from str.split() to shlex.split() for more robust command-line argument parsing. + [feature] Implement a .cwd (current working directory) suboption for post-write hooks (of type console_scripts). This is useful for tools like pre-commit, which rely on the working directory to locate the necessary config files. Add pre-commit as an example to the documentation. Minor change: rename some variables from ticket #819 to improve readability. * bug + [bug] [autogenerate] Refactored the implementation of MigrateOperation constructs such as CreateIndexOp, CreateTableOp, etc. so that they no longer rely upon maintaining a persistent version of each schema object internally; instead, the state variables of each operation object will be used to produce the corresponding construct when the operation is invoked. The rationale is so that environments which make use of operation-manipulation schemes such as those those discussed in Fine-Grained Autogenerate Generation with Rewriters are better supported, allowing end-user code to manipulate the public attributes of these objects which will then be expressed in the final output, an example is some_create_index_op.kw["postgresql_concurrently"] = True. Previously, these objects when generated from autogenerate would typically hold onto the original, reflected element internally without honoring the other state variables of each construct, preventing the public API from working. + [bug] [environment] Fixed regression caused by the SQLAlchemy 1.4/2.0 compatibility switch where calling .rollback() or .commit() explicitly within the context.begin_transaction() context manager would cause it to fail when the block ended, as it did not expect that the transaction was manually closed. + [bug] [autogenerate] Improved the rendering of op.add_column() operations when adding multiple columns to an existing table, so that the order of these statements matches the order in which the columns were declared in the application?s table metadata. Previously the added columns were being sorted alphabetically. + [bug] [versioning] The algorithm used for calculating downgrades/upgrades/iterating revisions has been rewritten, to resolve ongoing issues of branches not being handled consistently particularly within downgrade operations, as well as for overall clarity and maintainability. This change includes that a deprecation warning is emitted if an ambiguous command such as ?downgrade -1? when multiple heads are present is given. In particular, the change implements a long-requested use case of allowing downgrades of a single branch to a branchpoint. Huge thanks to Simon Bowly for their impressive efforts in successfully tackling this very difficult problem. + [bug] [batch] Added missing batch_op.create_table_comment(), batch_op.drop_table_comment() directives to batch ops. ==== python-incremental ==== Version update (17.5.0 -> 21.3.0) - update to 21.3.0: - The output of incremental is now compatible with Black (#56, #60) - Incremental now properly supports PEP 440-compliant dev, rc, post suffixes (#62) - Incremental now properly supports PEP 440-compliant post releases (#37) - Incremental will no longer attempt to read git or svn repositories to see if the project is running from a checkout. (#30, #31, #32) ==== python-matplotlib ==== Version update (3.4.1 -> 3.4.2) Subpackages: python38-matplotlib python38-matplotlib-cairo python38-matplotlib-gtk3 python38-matplotlib-tk - update to version 3.4.2: * Generate wheels usable on older PyPy7.3.{0,1} * Fix compatibility with Python 3.10 * Add subplot_mosaic Axes in the order the user gave them to us * Correctly handle 'none' facecolors in do_3d_projection * Ensure that Matplotlib is importable even if there's no HOME * Fix CenteredNorm with halfrange * Fix bar_label for bars with NaN values * Fix clip paths when zoomed such that they are outside the figure * Fix creation of RangeSlider with valinit * Fix handling of "d" glyph in backend_ps, fixing EPS output * Fix handling of datetime coordinates in pcolormesh with Pandas * Fix processing of some errorbar arguments * Fix removal of shared polar Axes * Fix resetting grid visibility * Fix subfigure indexing error and tight bbox * Fix textbox cursor color * Fix TkAgg event loop error on window close * Ignore errors for sip with no setapi (Qt4Agg import errors) ==== quadrapassel ==== Version update (3.38.1 -> 40.1) Subpackages: quadrapassel-lang - Update to version 40.1: + Press return to restart game. + Updated translations. ==== rubygem-bundler ==== Version update (2.2.6 -> 2.2.17) - forgot to unlist removed patch - updated to version 2.2.17 see installed CHANGELOG.md - drop gemspec_remove_pem.patch - updated to version 2.2.16 see installed CHANGELOG.md ==== rubygem-mini_portile2 ==== Version update (2.5.0 -> 2.5.1) - updated to version 2.5.1 [#]### Dependencies This release ends support for ruby < 2.3.0. If you're on 2.2.x or earlier, we strongly suggest that you find the time to upgrade, because [official support for Ruby 2.2 ended on 2018-03-31](https://www.ruby-lang.org/en/news/2018/06/20/support-of-ruby-2-2-has-ended/). [#]### Enhancements * `MiniPortile.execute` now takes an optional `:env` hash, which is merged into the environment variables for the subprocess. Likely this is only useful for specialized use cases. [#99] * Experimental support for cmake-based projects extended to Windows. (Thanks, @larskanis!) ==== rubygem-rb-fsevent ==== Version update (0.10.4 -> 0.11.0) - updated to version 0.11.0 * Add arm64 arch to support Apple M1 #88 ==== sendmail ==== Subpackages: libmilter1_0 - Remove /var/mail to /var/spool/mail patch ==== snapper ==== Subpackages: libsnapper5 snapper-zypp-plugin - fixed systemd sandboxing (bsc#1186095) ==== spice ==== Version update (0.14.3 -> 0.15.0) - Update to v0.15.0 release This is the first release in the new 0.15.x stable series. * Minor updates to CI * Some compatibility with OpenSSL * Change the behavior of handle_dev_start ignoring multiple start requests * Ignore multiple calls to handle_dev_stop * Pick up newer spice-common to fix a buffer overflow issue - Dropped patches contained in new tarball 0001-quic-Check-we-have-some-data-to-start-decoding-quic-.patch 0002-quic-Check-image-size-in-quic_decode_begin.patch 0003-quic-Check-RLE-lengths.patch 0004-quic-Avoid-possible-buffer-overflow-in-find_bucket.patch ==== tcsh ==== Subpackages: tcsh-lang - Update MAILDIR to /var/mail ==== vim ==== Version update (8.2.2800 -> 8.2.2850) Subpackages: gvim vim-data vim-data-common - Updated to version 8.2.2850, fixes the following problems * After a timer displays text a hit-enter prompt is given. * Free Pascal makefile not recognized. * Vim9: illegal memory access. * Flicker when the popup menu has an info popup. * Setting buffer local mapping with mapset() changes global mapping. * Vim9: cannot use legacy syntax in Vim9 script. * Vim9: using "++nr" as a command might not work. * Build fails with tiny features. * Vim9: increment and decrement not sufficiently tested. * Vim9: :def function compilation fails when using :legacy. * Vim9: crash when calling a function in a substitute expression. * Vim9: error for missing white space doesn't say where it is missing * Vim9: still crash when using substitute expression. * Cannot grep using fuzzy matching. * Vim9: unused variable. (John Marriott) * Status line flickers when redrawing popup menu info. * Vim9: comment below expression in lambda causes problems. * Vim9: script sourcing continues after an error. * No jump added to jumplist when opening terminal in current window. * Finishing an abbreviation with a multi-byte char may not work. * Session file may divide by zero. * Code in checkreadonly() not fully tested. * Compiler warnings for int to size_t conversion. (Randall W. Morris) * Test file was not deleted. * Coverity complains about not checking the rename() return value. * Some comments are not correct or clear. * Terminal colors are not updated when 'background' is set. * Vim9: expandcmd() not tested. * Operator cancelled by moving mouse when using popup. (Sergey Vlasov) * Two key command cancelled by moving mouse when using popup. (Sergey Vlasov) * Vim9: :cexpr does not work with local variables. * Vim9: leaking memory in :cexpr. * Build failure without the +quickfix feature. (John Marriott) * Various code lines not covered by tests. * File extension .wrap not recognized. * Default redirection missing "ash" and "dash". * Vim9: member operation not fully tested. * Vim9: skip argument to searchpair() is not compiled. * Vim9: skip argument to searchpairpos() is not compiled. * Vim9: memory leak when using searchpair(). * Vim9: "echo Func()" does not give an error for a function without a return value. * Perl not tested sufficiently. * Crash when calling partial. * Bufwrite not sufficiently tested. * Recalling commands from history is not tested. ==== yast2-trans ==== Version update (84.87.20210509.2001bf14f7 -> 84.87.20210516.482fe91bc6) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20210516.482fe91bc6: * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * New POT for text domain 'autoinst'. * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Slovak) * Translated using Weblate (Lithuanian) * Translated using Weblate (Lithuanian) * Translated using Weblate (Lithuanian) * Translated using Weblate (Lithuanian) * Translated using Weblate (Lithuanian) * Translated using Weblate (Lithuanian) * Translated using Weblate (Lithuanian) * Translated using Weblate (Lithuanian) * Translated using Weblate (Lithuanian) * Translated using Weblate (Lithuanian) * Translated using Weblate (Lithuanian) * Translated using Weblate (Lithuanian) * Translated using Weblate (Lithuanian) * Translated using Weblate (Catalan) * Translated using Weblate (Lithuanian) * Translated using Weblate (Slovak) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * New POT for text domain 'base'. * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Russian) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Dutch) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (French) * Translated using Weblate (Japanese) * New POT for text domain 'autoinst'. * New POT for text domain 'network'. * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Japanese)