Packages changed: busybox (1.33.0 -> 1.33.1) gstreamer-plugins-bad gstreamer-plugins-base libbytesize (2.4 -> 2.5) libwpe (1.8.0 -> 1.10.0) microos-tools (2.9 -> 2.10) net-snmp patterns-kde pipewire (0.3.26 -> 0.3.27) python-six (1.15.0 -> 1.16.0) python38 (3.8.9 -> 3.8.10) python38-core (3.8.9 -> 3.8.10) === Details === ==== busybox ==== Version update (1.33.0 -> 1.33.1) - update to 1.33.1: * httpd: fix sendfile * ash: fix HISTFILE corruptio * ash: fix unset variable pattern expansion * traceroute: fix option parsing * gunzip: fix for archive corruption - drop update_passwd_selinux_fix.patch, included upstream - add upstream signing key and verify source signature ==== gstreamer-plugins-bad ==== Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsturidownloader-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 - don't own appdata dir - is provided by filesystem ==== gstreamer-plugins-base ==== Subpackages: libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 - don't own appdata dir - comes from filesystem rpm ==== libbytesize ==== Version update (2.4 -> 2.5) - update to 2.5: * translation updates * tools: Read input from stdin when not running in a tty * Add support to ppc64le for debian build * testsuite fixes ==== libwpe ==== Version update (1.8.0 -> 1.10.0) - update to 1.10.0: - New API to explicitly deinitialize an EGL renderer target, which allows implementors of the wpe_renderer_backend_egl_target_interface - build system improvements ==== microos-tools ==== Version update (2.9 -> 2.10) - Update to version 2.10 - Fixes and improvements for SELinux support - Add devel tools ==== net-snmp ==== Subpackages: libsnmp30 snmp-mibs - Can't assume non-existence of python38 macros in Leap. gh#openSUSE/python-rpm-macros#107 Test for suse_version instead. Only Tumbleweed has and needs the python_subpackage_only support. ==== patterns-kde ==== - Require qqc2-desktop-style in kde_plasma ==== pipewire ==== Version update (0.3.26 -> 0.3.27) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-modules pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Add %bcond_with aac conditional to let 3rd parties to enable AAC support. - Update to 0.3.27 * Highlights - Fix bug that caused bluetooth devices to stop working. - Fix session-manager crash when switching users caused by the DBus plugin cleanup errors. - Improve volume handling of monitor ports. - Fix GStreamer v4l2 support. - Implement module-remap-sink and module-remap-source in pipewire-pulse. - More fixes and improvements. * PipeWire - Move the loopback code into a module. Use this in pw-loopback and pipewire-pulse. Fix some cleanup crashes. - A dummy echo-cancel module was added. Later versions will include the webrtc echo-canceler. - State files don't have the X permission anymore. - Move i18n core into a private header file. - Stream can now advertize properties and receive property updates. - Fix an issue where the wrong index was used to address a port. It caused Bluetooth devices to stop working. * SPA plugins - Only do LFE filtering on channels we created. - Improve name and description of devices. - Improve cleanup in DBus connections and sources to avoid crash when destroying. - Improved volume handling. Hardware, Software and Monitor volumes are now properly separated and handled. - Support for S8 and S8P formats was added. * Tools - pw-cli can now also create Struct from JSON arrays. * Session-manager - The session manager can now also create passive links. This makes is possible to suspend effect chains together with the sinks when not in use. - Match rules now check the complete property value instead of only the start. - Handle multiple pending param enumerations, take only last result. This fixes some volume update issues. * GStreamer plugins - GStreamer plugins now advertize handling DMABUF explicitly. This is currently the only way to avoid a memcpy for v4l2 devices. * Device support - sync ACP with pulseaudio, merge upstream patch instead of our hack to workaround missing duplex devices. - V4l2 devices don't expose their fd anymore. Previously the fd and mmap offsets were passed to the client to access the buffer memory but that could create security issues. * Bluetooth - Don't unregister the profiles on shutdown because this can cause delay, just close the dbus connection. - Bluetooth devices now try to use the global samplerate from the graph. * PulseAudio server - Implement remap-sink and remap-source modules using the new loopback module. ==== python-six ==== Version update (1.15.0 -> 1.16.0) - update to 1.16.0: - Port _SixMetaPathImporter to Python 3.10. ==== python38 ==== Version update (3.8.9 -> 3.8.10) - Update to 3.8.10: - Security - bpo-43434: Creating a sqlite3.Connection object now also produces a sqlite3.connect auditing event. Previously this event was only produced by sqlite3.connect() calls. Patch by Erlend E. Aasland. - bpo-43472: Ensures interpreter-level audit hooks receive the cpython.PyInterpreterState_New event when called through the _xxsubinterpreters module. - bpo-43075: Fix Regular Expression Denial of Service (ReDoS) vulnerability in urllib.request.AbstractBasicAuthHandler. The ReDoS-vulnerable regex has quadratic worst-case complexity and it allows cause a denial of service when identifying crafted invalid RFCs. This ReDoS issue is on the client side and needs remote attackers to control the HTTP server. - Core and Builtins - bpo-43105: Importlib now resolves relative paths when creating module spec objects from file locations. - bpo-42924: Fix bytearray repetition incorrectly copying data from the start of the buffer, even if the data is offset within the buffer (e.g. after reassigning a slice at the start of the bytearray to a shorter byte string). - Library - bpo-43993: Update bundled pip to 21.1.1. - bpo-43937: Fixed the turtle module working with non-default root window. - bpo-43930: Update bundled pip to 21.1 and setuptools to 56.0.0 - bpo-43920: OpenSSL 3.0.0: load_verify_locations() now returns a consistent error message when cadata contains no valid certificate. - bpo-43607: urllib can now convert Windows paths with \\?\ prefixes into URL paths. - bpo-43284: platform.win32_ver derives the windows version from sys.getwindowsversion().platform_version which in turn derives the version from kernel32.dll (which can be of a different version than Windows itself). Therefore change the platform.win32_ver to determine the version using the platform module?s _syscmd_ver private function to return an accurate version. - bpo-42248: [Enum] ensure exceptions raised in _missing__ are released - bpo-43799: OpenSSL 3.0.0: define OPENSSL_API_COMPAT 1.1.1 to suppress deprecation warnings. Python requires OpenSSL 1.1.1 APIs. - bpo-43794: Add ssl.OP_IGNORE_UNEXPECTED_EOF constants (OpenSSL 3.0.0) - bpo-43789: OpenSSL 3.0.0: Don?t call the password callback function a second time when first call has signaled an error condition. - bpo-43788: The header files for ssl error codes are now OpenSSL version-specific. Exceptions will now show correct reason and library codes. The make_ssl_data.py script has been rewritten to use OpenSSL?s text file with error codes. - bpo-43655: tkinter dialog windows are now recognized as dialogs by window managers on macOS and X Window. - bpo-43534: turtle.textinput() and turtle.numinput() create now a transient window working on behalf of the canvas window. - bpo-43522: Fix problem with hostname_checks_common_name. OpenSSL does not copy hostflags from struct SSL_CTX to struct SSL. - bpo-42967: Allow bytes separator argument in urllib.parse.parse_qs and urllib.parse.parse_qsl when parsing str query strings. Previously, this raised a TypeError. - bpo-43176: Fixed processing of a dataclass that inherits from a frozen dataclass with no fields. It is now correctly detected as an error. - bpo-34463: Fixed discrepancy between traceback and the interpreter in formatting of SyntaxError with lineno not set (traceback was changed to match interpreter). - bpo-41735: Fix thread locks in zlib module may go wrong in rare case. Patch by Ma Lin. - bpo-26053: Fixed bug where the pdb interactive run command echoed the args from the shell command line, even if those have been overridden at the pdb prompt. - bpo-36470: Fix dataclasses with InitVars and replace(). Patch by Claudiu Popa. - bpo-28577: The hosts method on 32-bit prefix length IPv4Networks and 128-bit prefix IPv6Networks now returns a list containing the single Address instead of an empty list. - bpo-32745: Fix a regression in the handling of ctypes? ctypes.c_wchar_p type: embedded null characters would cause a ValueError to be raised. Patch by Zackery Spytz. - Documentation - bpo-43959: The documentation on the PyContextVar C-API was clarified. - bpo-43938: Update dataclasses documentation to express that FrozenInstanceError is derived from AttributeError. - bpo-43739: Fixing the example code in Doc/extending/extending.rst to declare and initialize the pmodule variable to be of the right type. - Tests - bpo-43842: Fix a race condition in the SMTP test of test_logging. Don?t close a file descriptor (socket) from a different thread while asyncore.loop() is polling the file descriptor. Patch by Victor Stinner. - bpo-43811: Tests multiple OpenSSL versions on GitHub Actions. Use ccache to speed up testing. - bpo-43791: OpenSSL 3.0.0: Disable testing of legacy protocols TLS 1.0 and 1.1. Tests are failing with TLSV1_ALERT_INTERNAL_ERROR. - IDLE - bpo-43655: IDLE dialog windows are now recognized as dialogs by window managers on macOS and X Window. - C API - bpo-43962: _PyInterpreterState_IDIncref() now calls _PyInterpreterState_IDInitref() and always increments id_refcount. Previously, calling _xxsubinterpreters.get_current() could create an id_refcount inconsistency when a _xxsubinterpreters.InterpreterID object was deallocated. Patch by Victor Stinner. - Reapplied patches: - CVE-2019-5010-null-defer-x509-cert-DOS.patch - F00102-lib64.patch - SUSE-FEDORA-multilib.patch - bpo-31046_ensurepip_honours_prefix.patch - python-3.3.0b1-fix_date_time_compiler.patch - Make sure to close the import_failed.map file after the exception has been raised in order to avoid ResourceWarnings when the failing import is part of a try...except block. ==== python38-core ==== Version update (3.8.9 -> 3.8.10) Subpackages: libpython3_8-1_0 python38-base - Update to 3.8.10: - Security - bpo-43434: Creating a sqlite3.Connection object now also produces a sqlite3.connect auditing event. Previously this event was only produced by sqlite3.connect() calls. Patch by Erlend E. Aasland. - bpo-43472: Ensures interpreter-level audit hooks receive the cpython.PyInterpreterState_New event when called through the _xxsubinterpreters module. - bpo-43075: Fix Regular Expression Denial of Service (ReDoS) vulnerability in urllib.request.AbstractBasicAuthHandler. The ReDoS-vulnerable regex has quadratic worst-case complexity and it allows cause a denial of service when identifying crafted invalid RFCs. This ReDoS issue is on the client side and needs remote attackers to control the HTTP server. - Core and Builtins - bpo-43105: Importlib now resolves relative paths when creating module spec objects from file locations. - bpo-42924: Fix bytearray repetition incorrectly copying data from the start of the buffer, even if the data is offset within the buffer (e.g. after reassigning a slice at the start of the bytearray to a shorter byte string). - Library - bpo-43993: Update bundled pip to 21.1.1. - bpo-43937: Fixed the turtle module working with non-default root window. - bpo-43930: Update bundled pip to 21.1 and setuptools to 56.0.0 - bpo-43920: OpenSSL 3.0.0: load_verify_locations() now returns a consistent error message when cadata contains no valid certificate. - bpo-43607: urllib can now convert Windows paths with \\?\ prefixes into URL paths. - bpo-43284: platform.win32_ver derives the windows version from sys.getwindowsversion().platform_version which in turn derives the version from kernel32.dll (which can be of a different version than Windows itself). Therefore change the platform.win32_ver to determine the version using the platform module?s _syscmd_ver private function to return an accurate version. - bpo-42248: [Enum] ensure exceptions raised in _missing__ are released - bpo-43799: OpenSSL 3.0.0: define OPENSSL_API_COMPAT 1.1.1 to suppress deprecation warnings. Python requires OpenSSL 1.1.1 APIs. - bpo-43794: Add ssl.OP_IGNORE_UNEXPECTED_EOF constants (OpenSSL 3.0.0) - bpo-43789: OpenSSL 3.0.0: Don?t call the password callback function a second time when first call has signaled an error condition. - bpo-43788: The header files for ssl error codes are now OpenSSL version-specific. Exceptions will now show correct reason and library codes. The make_ssl_data.py script has been rewritten to use OpenSSL?s text file with error codes. - bpo-43655: tkinter dialog windows are now recognized as dialogs by window managers on macOS and X Window. - bpo-43534: turtle.textinput() and turtle.numinput() create now a transient window working on behalf of the canvas window. - bpo-43522: Fix problem with hostname_checks_common_name. OpenSSL does not copy hostflags from struct SSL_CTX to struct SSL. - bpo-42967: Allow bytes separator argument in urllib.parse.parse_qs and urllib.parse.parse_qsl when parsing str query strings. Previously, this raised a TypeError. - bpo-43176: Fixed processing of a dataclass that inherits from a frozen dataclass with no fields. It is now correctly detected as an error. - bpo-34463: Fixed discrepancy between traceback and the interpreter in formatting of SyntaxError with lineno not set (traceback was changed to match interpreter). - bpo-41735: Fix thread locks in zlib module may go wrong in rare case. Patch by Ma Lin. - bpo-26053: Fixed bug where the pdb interactive run command echoed the args from the shell command line, even if those have been overridden at the pdb prompt. - bpo-36470: Fix dataclasses with InitVars and replace(). Patch by Claudiu Popa. - bpo-28577: The hosts method on 32-bit prefix length IPv4Networks and 128-bit prefix IPv6Networks now returns a list containing the single Address instead of an empty list. - bpo-32745: Fix a regression in the handling of ctypes? ctypes.c_wchar_p type: embedded null characters would cause a ValueError to be raised. Patch by Zackery Spytz. - Documentation - bpo-43959: The documentation on the PyContextVar C-API was clarified. - bpo-43938: Update dataclasses documentation to express that FrozenInstanceError is derived from AttributeError. - bpo-43739: Fixing the example code in Doc/extending/extending.rst to declare and initialize the pmodule variable to be of the right type. - Tests - bpo-43842: Fix a race condition in the SMTP test of test_logging. Don?t close a file descriptor (socket) from a different thread while asyncore.loop() is polling the file descriptor. Patch by Victor Stinner. - bpo-43811: Tests multiple OpenSSL versions on GitHub Actions. Use ccache to speed up testing. - bpo-43791: OpenSSL 3.0.0: Disable testing of legacy protocols TLS 1.0 and 1.1. Tests are failing with TLSV1_ALERT_INTERNAL_ERROR. - IDLE - bpo-43655: IDLE dialog windows are now recognized as dialogs by window managers on macOS and X Window. - C API - bpo-43962: _PyInterpreterState_IDIncref() now calls _PyInterpreterState_IDInitref() and always increments id_refcount. Previously, calling _xxsubinterpreters.get_current() could create an id_refcount inconsistency when a _xxsubinterpreters.InterpreterID object was deallocated. Patch by Victor Stinner. - Reapplied patches: - CVE-2019-5010-null-defer-x509-cert-DOS.patch - F00102-lib64.patch - SUSE-FEDORA-multilib.patch - bpo-31046_ensurepip_honours_prefix.patch - python-3.3.0b1-fix_date_time_compiler.patch - Make sure to close the import_failed.map file after the exception has been raised in order to avoid ResourceWarnings when the failing import is part of a try...except block.