Packages changed: apache2-mod_php8 (8.3.8 -> 8.3.9) emacs-jinx (1.8 -> 1.9) gstreamer-plugins-good harfbuzz (8.5.0 -> 9.0.0) kernel-firmware-nvidia-gspx-G06 krb5 (1.21.2 -> 1.21.3) libgpod libksba (1.6.6 -> 1.6.7) libndp libphonenumber (8.13.30 -> 8.13.40) nvidia-open-driver-G06-signed openSUSE-release (20240705 -> 20240708) openssh php8 (8.3.8 -> 8.3.9) qt6-base snapper (0.11.0 -> 0.11.1) speech-dispatcher wol xclip (0.13 -> 0.13+git20220129) yast2-trans (84.87.20240626.116e7b94dc -> 84.87.20240707.68063c4dc4) === Details === ==== apache2-mod_php8 ==== Version update (8.3.8 -> 8.3.9) - version update to 8.3.9 Core: Fixed bug GH-14315 (Incompatible pointer type warnings). Fixed bug GH-12814 (max_execution_time reached too early on MacOS 14 when running on Apple Silicon). Fixed bug GH-14387 (Crash when stack walking in destructor of yielded from values during Generator->throw()). Fixed bug GH-14456 (Attempting to initialize class with private constructor calls destructor). Fixed bug GH-14510 (memleak due to missing pthread_attr_destroy()-call). Fixed bug GH-14549 (Incompatible function pointer type for fclose). BCMatch: Fixed bug (bcpowmod() with mod = -1 returns 1 when it must be 0). Curl: Fixed bug GH-14307 (Test curl_basic_024 fails with curl 8.8.0). DOM: Fixed bug GH-14343 (Memory leak in xml and dom). FPM: Fixed bug GH-14037 (PHP-FPM ping.path and ping.response config vars are ignored in status pool). GD: Fix parameter numbers for imagecolorset(). Intl: Fix reference handling in SpoofChecker. MySQLnd: Partially fix bug GH-10599 (Apache crash on Windows when using a self-referencing anonymous function inside a class with an active mysqli connection). Opcache: Fixed bug GH-14267 (opcache.jit=off does not allow enabling JIT at runtime). Fixed TLS access in JIT on FreeBSD/amd64. Fixed bug GH-11188 (Error when building TSRM in ARM64). PDO ODBC: Fixed bug GH-14367 (incompatible SDWORD type with iODBC). PHPDBG: Fixed bug GH-13681 (segfault on watchpoint addition failure). Soap: Fixed bug #47925 (PHPClient can't decompress response). Fix missing error restore code. Fix memory leak if calling SoapServer::setObject() twice. Fix memory leak if calling SoapServer::setClass() twice. Fix reading zlib ini settings in ext-soap. Fix memory leaks with string function name lookups. Fixed bug #69280 (SoapClient classmap doesn't support fully qualified class name). Fixed bug #76232 (SoapClient Cookie Header Semicolon). Fixed memory leaks when calling SoapFault::__construct() twice. Sodium: Fix memory leaks in ext/sodium on failure of some functions. SPL: Fixed bug GH-14290 (Member access within null pointer in extension spl). Standard: Fixed bug GH-14483 (Fixed off-by-one error in checking length of abstract namespace Unix sockets). Streams: Fixed bug GH-11078 (PHP Fatal error triggers pointer being freed was not allocated and malloc: double free for ptr errors). ==== emacs-jinx ==== Version update (1.8 -> 1.9) - Rebase p0001-Only-export-necessary-symbols.-Fixes-105.patch against version 1.9. - Update to version 1.9: * Expose (jinx-correct-all t) via C-u C-u C-u M-x jinx-correct * jinx-correct-all: Add ONLY-CHECK argument. * A better fix for #156 * Revert "Fix bug in jinx--find-visible-pending (See #156)" * Fix bug in jinx--find-visible-pending (See #156) * correct link to enchant manual (#185) ==== gstreamer-plugins-good ==== Subpackages: gstreamer-plugins-good-gtk gstreamer-plugins-good-lang - Enable qt6 support: + Add subpackage for qml6glsink + BuildRequires: add qt6-gui-private-devel (same as Qt5) + BuildRequires: add pkgconfig(Qt6Widgets) (additionally required for Qt6) + Leap: use compiler supporting c++17 by default ==== harfbuzz ==== Version update (8.5.0 -> 9.0.0) Subpackages: libharfbuzz-gobject0 libharfbuzz-icu0 libharfbuzz-subset0 libharfbuzz0 typelib-1_0-HarfBuzz-0_0 - update to version 9.0.0: + Speed up “AAT” shaping for short words by up to 4% + Ignore unknown “CFF” operators + “hb_subset_input_keep_everything()” now keeps also non-unicode “name” table records. + Update the IANA and OpenType language tag registries + Support composite glyphs with very large number of points in hb-draw API + Various build fixes ==== kernel-firmware-nvidia-gspx-G06 ==== - Use macro which is set during build but not when running `osc service run download_files` to make sure both source versions are visible for download. This way, only the correct source tarball will be included in the source package of its respective flavor but both can be downloaded (updated) simultaniously. ==== krb5 ==== Version update (1.21.2 -> 1.21.3) Subpackages: krb5-32bit krb5-client - Update to 1.21.3 * Fix vulnerabilities in GSS message token handling: * CVE-2024-37370, bsc#1227186 * CVE-2024-37371, bsc#1227187 * Fix a potential bad pointer free in krb5_cccol_have_contents() * Fix a memory leak in the macOS ccache type - Update patch 0009-Fix-three-memory-leaks.patch ==== libgpod ==== Subpackages: libgpod-lang libgpod-tools libgpod4 - fix build with gcc14 - added patches + 0004-gcc14.patch ==== libksba ==== Version update (1.6.6 -> 1.6.7) - Update to 1.6.7: * Allow for an empty Subject in certs. [T7171] * Release-info: https://dev.gnupg.org/T7173 * Rebase libksba-nobetasuffix.patch ==== libndp ==== - Add libndp-CVE-2024-5564.patch: add a check on the route information option length field (bsc#1225771 CVE-2024-5564). ==== libphonenumber ==== Version update (8.13.30 -> 8.13.40) - Update to version 8.13.40: * Updated metadata - Use mode="manual" in _service ==== nvidia-open-driver-G06-signed ==== - Use macro which is set during build but not when running `osc service run download_files` to make sure both source versions are visible for download. This way, only the correct source tarball will be included in the source package of its respective flavor but both can be downloaded (updated) simultaniously. ==== openSUSE-release ==== Version update (20240705 -> 20240708) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - Add patch from upstream to fix proxy multiplexing mode: * 0001-upstream-fix-proxy-multiplexing-mode_-broken-when-keystroke.patch - Add patch from upstream to restore correctly sigprocmask * 0001-upstream-correctly-restore-sigprocmask-around-ppoll.patch - Add patch from upstream to fix a logic error in ObscureKeystrokeTiming that rendered this feature ineffective, allowing a passive observer to detect which network packets contained real keystrokes (bsc#1227318, CVE-2024-39894): * 0001-upstream-when-sending-ObscureKeystrokeTiming-chaff-packets_.patch - Add obsoletes for openssh-server-config-rootlogin since that package existed for a brief period of time during SLE 15 SP6/ Leap 15.6 development but even if it was removed from the repositories before GM, some users might have it in their systems from having tried a beta/RC release (boo#1227350). ==== php8 ==== Version update (8.3.8 -> 8.3.9) Subpackages: php8-ctype php8-dom php8-iconv php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter - version update to 8.3.9 Core: Fixed bug GH-14315 (Incompatible pointer type warnings). Fixed bug GH-12814 (max_execution_time reached too early on MacOS 14 when running on Apple Silicon). Fixed bug GH-14387 (Crash when stack walking in destructor of yielded from values during Generator->throw()). Fixed bug GH-14456 (Attempting to initialize class with private constructor calls destructor). Fixed bug GH-14510 (memleak due to missing pthread_attr_destroy()-call). Fixed bug GH-14549 (Incompatible function pointer type for fclose). BCMatch: Fixed bug (bcpowmod() with mod = -1 returns 1 when it must be 0). Curl: Fixed bug GH-14307 (Test curl_basic_024 fails with curl 8.8.0). DOM: Fixed bug GH-14343 (Memory leak in xml and dom). FPM: Fixed bug GH-14037 (PHP-FPM ping.path and ping.response config vars are ignored in status pool). GD: Fix parameter numbers for imagecolorset(). Intl: Fix reference handling in SpoofChecker. MySQLnd: Partially fix bug GH-10599 (Apache crash on Windows when using a self-referencing anonymous function inside a class with an active mysqli connection). Opcache: Fixed bug GH-14267 (opcache.jit=off does not allow enabling JIT at runtime). Fixed TLS access in JIT on FreeBSD/amd64. Fixed bug GH-11188 (Error when building TSRM in ARM64). PDO ODBC: Fixed bug GH-14367 (incompatible SDWORD type with iODBC). PHPDBG: Fixed bug GH-13681 (segfault on watchpoint addition failure). Soap: Fixed bug #47925 (PHPClient can't decompress response). Fix missing error restore code. Fix memory leak if calling SoapServer::setObject() twice. Fix memory leak if calling SoapServer::setClass() twice. Fix reading zlib ini settings in ext-soap. Fix memory leaks with string function name lookups. Fixed bug #69280 (SoapClient classmap doesn't support fully qualified class name). Fixed bug #76232 (SoapClient Cookie Header Semicolon). Fixed memory leaks when calling SoapFault::__construct() twice. Sodium: Fix memory leaks in ext/sodium on failure of some functions. SPL: Fixed bug GH-14290 (Member access within null pointer in extension spl). Standard: Fixed bug GH-14483 (Fixed off-by-one error in checking length of abstract namespace Unix sockets). Streams: Fixed bug GH-11078 (PHP Fatal error triggers pointer being freed was not allocated and malloc: double free for ptr errors). ==== qt6-base ==== Subpackages: libQt6Concurrent6 libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6OpenGLWidgets6 libQt6PrintSupport6 libQt6Sql6 libQt6Test6 libQt6Widgets6 libQt6Xml6 qt6-network-tls qt6-networkinformation-glib qt6-networkinformation-nm qt6-platformtheme-gtk3 qt6-printsupport-cups qt6-sql-mysql qt6-sql-sqlite - Add upstream change (boo#1227426, CVE-2024-39936) * 0001-HTTP2-Delay-any-communication-until-encrypted-can-be.patch ==== snapper ==== Version update (0.11.0 -> 0.11.1) Subpackages: libsnapper7 snapper-zypp-plugin - handle content-length of stomp in zypper plugin (gh#openSUSE/snapper#918) - version 0.11.1 - fixed error message (gh#openSUSE/snapper#907) ==== speech-dispatcher ==== Subpackages: libspeechd2 python311-speechd speech-dispatcher-module-espeak - Add speech-dispatcher-pulseaudio-samples.patch: fix for losing samples with pulseaudio. ==== wol ==== Subpackages: wol-lang - Added patches for support gcc14: * wol-0.7.1-Fix-config.h-test-consumption.patch * wol-0.7.1-Fix-malloc-detection.patch * wol-0.7.1-linux-headers.patch ==== xclip ==== Version update (0.13 -> 0.13+git20220129) - use git hash in download URL, not branch name. - Update to master checkout b372f73: * add -sensitive option * works reliably for large data streams * improved debug and checking facilities * when pasting, don't clear selection unless -sensitive is given * if stdin is a tty, choose appropriate -i or -o option as default mode * numerous bug fixes (segfaults, resource leaks, null pointer dereference) ==== yast2-trans ==== Version update (84.87.20240626.116e7b94dc -> 84.87.20240707.68063c4dc4) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20240707.68063c4dc4: * Translated using Weblate (Georgian) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Vietnamese) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Portuguese (Brazil)) * Translated using Weblate (Vietnamese) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Slovenian) * Translated using Weblate (Slovenian) * Translated using Weblate (Slovenian)