Packages changed: MozillaFirefox (122.0 -> 122.0.1) aaa_base (84.87+git20231023.f347d36 -> 84.87+git20240202.9526d46) accountsservice acpica (20230331 -> 20230628) bind (9.18.21 -> 9.18.24) btrfsprogs (6.7 -> 6.7.1) cockpit curl dav1d (1.3.0 -> 1.4.0) docker dracut (059+suse.549.gc9f63878 -> 059+suse.554.g6144bf71) git (2.43.0 -> 2.43.1) gnome-control-center (45.2 -> 45.3) grub2 hwdata (0.378 -> 0.379) installation-images-MicroOS (17.114 -> 17.115) lastlog2 (1.2.0 -> 1.3.1) libadwaita (1.4.2 -> 1.4.3) libblockdev (3.0.4 -> 3.1.0) libei libgusb libjpeg-turbo liblangtag (0.6.4 -> 0.6.7) libnvme (1.7.1+0.g13ba383 -> 1.8+0.gbff7dda) libpaper (2.1.2 -> 2.1.3) libqt5-qtbase (5.15.12+kde147 -> 5.15.12+kde151) libstorage-ng (4.5.176 -> 4.5.188) libunwind man multipath-tools (0.9.7+93+suse.e2f2272 -> 0.9.8~1+82+suse.dcd98a3) ncurses (6.4.20240120 -> 6.4.20240210) netavark (1.10.2 -> 1.10.3) nvme-cli (2.7.1 -> 2.8) openvpn (2.6.8 -> 2.6.9) orc (0.4.34 -> 0.4.37) osinfo-db pam-config (2.10 -> 2.11) patterns-microos pkcs11-helper (1.29.0 -> 1.30.0) pkgconf (1.8.0 -> 2.1.1) podman (4.9.2 -> 4.9.3) poppler (23.12.0 -> 24.02.0) poppler-qt5 (23.12.0 -> 24.02.0) pulseaudio python-linux-procfs sdbootutil (1+git20240122.c0d8f76 -> 1+git20240214.ba81e0e) sg3_utils (1.48+7.63e63cb -> 1.48+8.37ca384) shadow (4.14.3 -> 4.14.5) shared-mime-info slirp4netns (1.2.2 -> 1.2.3) tecla-keyboard-layout-viewer (45.rc -> 45.0) util-linux util-linux-systemd vim (9.1.0000 -> 9.1.0111) vmaf webkit2gtk3 webkit2gtk4 wpa_supplicant xfsprogs (6.5.0 -> 6.6.0) yast2-packager (5.0.2 -> 5.0.4) yast2-storage-ng (5.0.4 -> 5.0.5) === Details === ==== MozillaFirefox ==== Version update (122.0 -> 122.0.1) Subpackages: MozillaFirefox-translations-common - Mozilla Firefox 122.0.1 https://www.mozilla.org/en-US/firefox/122.0.1/releasenotes/ * Fixed the Library and Sidebar context menus only displaying Multi-Account Containers icons in the "Open in New Container Tab" menu. (bmo#1876518) * Fixed an issue when clicking the Dismiss button in notification pop-ups on Windows causing a webpage in a new tab. (bmo#1848801) * Fixed the yaru-remix system theme not applying correctly on Linux. (bmo#1877002) * Fixed adding an extra new line to a rule in the Developer Tools' Inspector when copying it to the clipboard. (bmo#1876220) * Rolled back a keyboard behavior change made to the Developer Tools' Rules view when validating a property name or input with the Enter key. This moves the focus to the next input, as was the behavior in Firefox 121. (bmo#1877457) ==== aaa_base ==== Version update (84.87+git20231023.f347d36 -> 84.87+git20240202.9526d46) Subpackages: aaa_base-extras - Update to version 84.87+git20240202.9526d46: * properly shorten the variable when setting JAVA_HOME and JRE_HOME * silence output of alljava * Restrict ptrace with Yama LSM by default * patch alljava.sh and alljava.csh, use the links from update alternatives ==== accountsservice ==== Subpackages: accountsservice-lang libaccountsservice0 typelib-1_0-AccountsService-1_0 - First part to fix build with GCC 14: + Inject patched mocklibc-1.0.tar.gz: only some header modifications to address implicit declaration of print_indent. + Add accountsservice-mocklib-gcc14.patch: patch meson' subproject definition to validate the injected tarball. ==== acpica ==== Version update (20230331 -> 20230628) - Update to version 20230628 * IASL/RHCT: Enable dumping and compiling newly added nodes * RHCT: Add flags, CMO and MMU nodes * MADT: Add dump and compile support for RISC-V APICs * MADT: Add RISC-V external interrupt controllers * Add AML_NO_OPERAND_RESOLVE flag to Timer * Add a define for size of acpi_srat_generic_affinity DeviceHandle * Slightly simplify an error message in acpi_ds_result_push() * Add port definitions for CDAT SSLBIS * Fix misspelled CDAT DSMAS define * Add interrupt command to acpiexec * Detect GED device and keep track of _EVT * ACPICA: Modify ACPI_STATE_COMMON * Manually revert after resolving conflicts PR #757 commit 32d875705c8ee8f99fd8b78dbed48633486a7640 * fix for conflict macro definition on zephyr interface * Fix ACPI_FUNCTION_ENTRY() * Revert "Fixes for ACPI_FLEX_ARRAY, to eliminate warnings on MSVC" * Revert "Events: Use spaces instead of tabs to fix indentation" * Add support for _DSC as per ACPI 6.5 * exserial.c: replace ternary operator with ACPI_MIN() * ACPICA: Modify ACPI_STATE_COMMON * Fix GCC 12 dangling-pointer warning * build: added module name for zephyr build system * Revert "Move ACPI_FUNCTION_ENTRY to function entry" * Move ACPI_FUNCTION_ENTRY to function entry * iASL/MADT: Add dump and compile support for LoongArch APICs * iasl: check Offset before Subtable dereference ==== bind ==== Version update (9.18.21 -> 9.18.24) - Update to release 9.18.24 Security Fixes: * Validating DNS messages containing a lot of DNSSEC signatures could cause excessive CPU load, leading to a denial-of-service condition. This has been fixed. (CVE-2023-50387) [bsc#1219823] * Preparing an NSEC3 closest encloser proof could cause excessiv CPU load, leading to a denial-of-service condition. This has been fixed. (CVE-2023-50868) [bsc#1219826] * Parsing DNS messages with many different names could cause excessive CPU load. This has been fixed. (CVE-2023-4408) [bsc#1219851] * Specific queries could cause named to crash with an assertion failure when nxdomain-redirect was enabled. This has been fixed. (CVE-2023-5517) [bsc#1219852] * A bad interaction between DNS64 and serve-stale could cause named to crash with an assertion failure, when both of these features were enabled. This has been fixed. (CVE-2023-5679) [bsc#1219853] * Query patterns that continuously triggered cache database maintenance could cause an excessive amount of memory to be allocated, exceeding max-cache-size and potentially leading to all available memory on the host running named being exhausted This has been fixed. (CVE-2023-6516) [bsc#1219854] * Under certain circumstances, the DNS-over-TLS client code incorrectly attempted to process more than one DNS message at a time, which could cause named to crash with an assertion failure. This has been fixed. Bug Fixes: * The counters exported via the statistics channel were changed back to 64-bit signed values; they were being inadvertently truncated to unsigned 32-bit values since BIND 9.15.0. ==== btrfsprogs ==== Version update (6.7 -> 6.7.1) Subpackages: btrfsprogs-bash-completion btrfsprogs-udev-rules libbtrfs0 libbtrfsutil1 - update to 6.7.1 * convert: raid-stripe-tree can be now enabled for the target filesystem * mkfs: * handle lifetime of open file descriptors so it does not trigger udev that could miss to create the UUID symlinks in /dev * update warning when CPU page size does not match sector size * merge features in summary, no more distinction of incompat and runtime to match the semantics of option -O * fi show: fix recognizing raw device mapper paths * other: * documentation updates, fix links to labels in included directories ==== cockpit ==== Subpackages: cockpit-bridge cockpit-packagekit cockpit-system - suse-microos-branding.patch: fix branding for SLE Micro (bsc#1219929) - don't clobber existing links with empty files ==== curl ==== Subpackages: libcurl4 - Add patch to fix various TLS related issues including FTP over SSL transmission timeouts: * 0001-vtls-revert-receive-max-buffer-add-test-case.patch - Switch to %autosetup ==== dav1d ==== Version update (1.3.0 -> 1.4.0) - Update to version 1.4.0 * AVX-512 optimizations for z1, z2, z3 in 8bit and high-bitdepth * New architecture supported: loongarch * Loongarch optimizations for 8bit * New architecture supported: RISC-V * RISC-V optimizations for itx * Misc improvements in threading and in reducing binary size * Fix potential integer overflow with extremely large frame sizes ==== docker ==== Subpackages: docker-bash-completion docker-rootless-extras - Vendor latest buildkit v0.11: Add patch 0006-Vendor-in-latest-buildkit-v0.11-branch-including-CVE.patch that vendors in the latest v0.11 buildkit branch including bugfixes for the following: * bsc#1219438: CVE-2024-23653 * bsc#1219268: CVE-2024-23652 * bsc#1219267: CVE-2024-23651 - rebase patches: * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch - switch from %patchN to %patch -PN syntax - remove unused rpmlint filters and add filters to silence pointless bash & zsh completion warnings ==== dracut ==== Version update (059+suse.549.gc9f63878 -> 059+suse.554.g6144bf71) Subpackages: dracut-ima - Update to version 059+suse.554.g6144bf71: * fix(dracut.spec): update dracut-fips requirements (bsc#1219869) - Update to version 059+suse.552.g4610ef1b: * fix(dracut-util): do not call `strcmp` if the `value` argument is NULL (bsc#1219841) ==== git ==== Version update (2.43.0 -> 2.43.1) - update to 2.43.1: * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.1.txt ==== gnome-control-center ==== Version update (45.2 -> 45.3) Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-lang gnome-control-center-user-faces - Update to version 45.3: + Datetime: Fix build with -Wincompatible-pointer-types. + Region: Prevent preview crash from accessing invalid pointer. + Wifi: Fix build with -Wincompatible-pointer-types. - Drop gnome-control-center-fix-region-preview-crash.patch: fixed upstream. ==== grub2 ==== Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi - Sort tar file order for reproducible builds ==== hwdata ==== Version update (0.378 -> 0.379) - update to 0.379: * Update pci, usb and vendor ids ==== installation-images-MicroOS ==== Version update (17.114 -> 17.115) - merge gh#openSUSE/installation-images#696 - no libcryptsetup12-hmac, libgcrypt20-hmac anymore (bsc#1219762) - 17.115 ==== lastlog2 ==== Version update (1.2.0 -> 1.3.1) Subpackages: liblastlog2-1 - Verson 1.3.1 - pam_lastlog2: improve ll2_read_entry error handling [bsc#1220000] - Version 1.3.0 - fix sqlite3_step error handling ==== libadwaita ==== Version update (1.4.2 -> 1.4.3) Subpackages: libadwaita-1-0 libadwaita-lang typelib-1_0-Adw-1 - Update to version 1.4.3: + AdwAboutWindow: Don't pre-select the first section on the Legal page. + AdwHeaderBar: Fix visibility after changing :show-back-button. + AdwPreferencesWindow: Fix :visible-page and :visible-page-name docs. + AdwViewSwitcherBar: Fix a warning when empty. + Updated translations. ==== libblockdev ==== Version update (3.0.4 -> 3.1.0) Subpackages: libbd_btrfs3 libbd_crypto3 libbd_fs3 libbd_loop3 libbd_lvm3 libbd_mdraid3 libbd_nvme3 libbd_part3 libbd_swap3 libbd_utils3 libblockdev3 - Update to 3.1.0: * Add BDPluginSpec constructor and use it in plugin_specs_from_names * overrides: Remove unused 'sys' import * swap: Add support for checking label and UUID format * fs: Add a function to check label format for F2FS * fs: Add a generic function to check for fs info availability * fs: Fix allowed UUID for generic mkfs with VFAT * fs: Add support for getting filesystem min size for NTFS and Ext * Mark NVDIMM plugin as deprecated since 3.1 * part: Fix potential double free when getting parttype * Fix missing progress initialization in bd_crypto_luks_add_key * lvm-dbus: Fix leaking error * lvm-dbus: Avoid using already-freed memory * utils: Add expected printf string annotation * fs: Report reason for open() and ioctl() failures ==== libei ==== - Add baselibs.conf: GNOME 46's at-spi2-core newly linkes libei, and the at-spi stack is made available bi-arch. ==== libgusb ==== - Explicitly require python311-packaging if python 3.11 is being used. On SLE, python 3.6 is still the default, but 3.11 is used by meson. Drop python3-base from BuildRequires: it is not needed, since python will be pulled in by meson. ==== libjpeg-turbo ==== - Update to version 3.0.2 * Fixed a signed integer overflow in the tj3CompressFromYUV8(), tj3DecodeYUV8(), tj3DecompressToYUV8(), and tj3EncodeYUV8() functions, detected by the Clang and GCC undefined behavior sanitizers, that could be triggered by setting the align parameter to an unreasonably large value. This issue did not pose a security threat, but removing the warning made it easier to detect actual security issues, should they arise in the future. * Introduced a new parameter (TJPARAM_MAXMEMORY in the TurboJPEG C API and TJ.PARAM_MAXMEMORY in the TurboJPEG Java API) and a corresponding TJBench option (-maxmemory) for specifying the maximum amount of memory (in megabytes) that will be allocated for intermediate buffers, which are used with progressive JPEG compression and decompression, optimized baseline entropy coding, lossless JPEG compression, and lossless transformation. The new parameter and option serve the same purpose as the max_memory_to_use field in the jpeg_memory_mgr struct in the libjpeg API, the JPEGMEM environment variable, and the cjpeg/djpeg/jpegtran -maxmemory option. * Introduced a new parameter (TJPARAM_MAXPIXELS in the TurboJPEG C API and TJ.PARAM_MAXPIXELS in the TurboJPEG Java API) and a corresponding TJBench option (-maxpixels) for specifying the maximum number of pixels that the decompression, lossless transformation, and packed-pixel image loading functions/methods will process. * Fixed an error ("Unsupported color conversion request") that occurred when attempting to decompress a 3-component lossless JPEG image without an Adobe APP14 marker. The decompressor now assumes that a 3-component lossless JPEG image without an Adobe APP14 marker uses the RGB colorspace if its component IDs are 1, 2, and 3. ==== liblangtag ==== Version update (0.6.4 -> 0.6.7) - version update to 0.6.7 0.6.6 -> 0.6.7 ================= Akira TAGOH (1): Add missing header 0.6.5 -> 0.6.6 ================= Akira TAGOH (2): Do not use variable array of bash-ism. Fix more compile warnings - deleted patches - 0001-ro-MD-ro-to-get-make-check-to-succeed.patch (upstreamed) ==== libnvme ==== Version update (1.7.1+0.g13ba383 -> 1.8+0.gbff7dda) Subpackages: libnvme-mi1 libnvme1 - Update to version 1.8+0.gbff7dda: * linux: Explicitly initialize auto-cleanup variables * example: fix mi identify failed with error cntid * tree: do not issue an error when subsys lookup fails during scanning * types: Add controller properties CMBEBS, CMBSWTP and NSSD * tests: Add sample NBFT table from Dell PowerEdge R660 * tests: Add sample NBFT table from Dell PowerEdge R760 * tests: Fix diffs output for duplicate HFI entries * nbft: avoid duplicate entries in ssns->hfis * nbft: Fix (struct nbft_info_subsystem_ns).num_hfis off-by-one * test: read and dump sysfs tar file * nvme: allow to overwrite hostnqn and hostid * nvme: allow to overwrite base sysfs path * json: dump the output to the user selected filedescriptor * libnvme: export nvme_dump_tree * fabrics: add 'concat' option * mi: set correct rc and errno when crc mismatch * tree: use logical block size for lba * json-schema: add keyring and tls_key details (bsc#1219086) * build: checkout full repo for checkpatch * linux: avoid segfault in check-tls-key due to null hostnqn/subsysnqn (bsc#1219086) * meson.build: fixup 'join' syntax * util: Explicitly initialize auto-cleanup variables * tree: Explicitly initialize auto-cleanup variables * linux: Explicitly initialize auto-cleanup variables * fabrics: Explicitly initialize auto-cleanup variables * util: Added function to find specific UUID in UUID list. * build: fix release python tag match - Disable new unit test which is not running stable in OSB * add 0001-build-disable-sysfs-test.patch ==== libpaper ==== Version update (2.1.2 -> 2.1.3) Subpackages: libpaper-tools libpaper2 - Update 2.1.3: * This release fixes a small problem with the paperspecs(5) man page, and ensures that the name of the ‘paper’ program is always set, even in a non-relocatable build. ==== libqt5-qtbase ==== Version update (5.15.12+kde147 -> 5.15.12+kde151) Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 libqt5-qtbase-platformtheme-gtk3 - Update to version 5.15.12+kde151: * Improve KTX file reading memory safety (CVE-2024-25580, boo#1219996) * Revert "xcb: only set base size when it's valid" * Fix potential leak of QPropertyAnimation in QLineEditIconButton * QBitArray: correct inline keyword ==== libstorage-ng ==== Version update (4.5.176 -> 4.5.188) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#985 - log locale - 4.5.188 - merge gh#openSUSE/libstorage-ng#984 - log some languange environmant variables - log some language environment variables - 4.5.187 - Translated using Weblate (Georgian) (bsc#1149754) - 4.5.186 - Translated using Weblate (Swedish) (bsc#1149754) - 4.5.185 - Translated using Weblate (Czech) (bsc#1149754) - 4.5.184 - Translated using Weblate (Slovak) (bsc#1149754) - 4.5.183 - merge gh#openSUSE/libstorage-ng#983 - fixed typo - 4.5.182 - Translated using Weblate (Dutch) (bsc#1149754) - 4.5.181 - Translated using Weblate (Japanese) (bsc#1149754) - Translated using Weblate (Catalan) (bsc#1149754) - merge gh#openSUSE/libstorage-ng#982 - updated pot and po files - 4.5.180 - Translated using Weblate (Georgian) (bsc#1149754) - 4.5.179 - merge gh#openSUSE/libstorage-ng#981 - fix reusing volume group name (bsc#1219266) - 4.5.178 - merge gh#openSUSE/libstorage-ng#980 - added experimental support for bcachefs - 4.5.177 ==== libunwind ==== - Disable LTO on aarch64 until upstream fix the issue: https://github.com/libunwind/libunwind/issues/693 ==== man ==== - Move creation of /var/cache/man into %pre scriplet (boo#1219370) ==== multipath-tools ==== Version update (0.9.7+93+suse.e2f2272 -> 0.9.8~1+82+suse.dcd98a3) Subpackages: kpartx libmpath0 - Update to version 0.9.8~1+82+suse.dcd98a3: * Adapt package version such that it shows as a 0.9.8 prerelease * Add missing udev rules file - Update to version 0.9.7+148+suse.9780ae0: * 11-dm-mpath.rules: Fix quoting mistake (bsc#1219142) - Update to version 0.9.7+148+suse.7d9953e.obscpio * This is a multipath-tools 0.9.8 pre-release * fix fast_io_fail for Infinibox (bsc#1219348) * Fix activation of LVM volume groups during coldplug (bsc#1219142) - Update to version 0.9.7+140+suse.2d78457: * This is a multipath-tools 0.9.8 pre-release * Socket activation via multipathd.socket has been disabled by default because it has undesirable side effects on systems without multipath. Users with multipath hardware should enable multipathd.service * The restorequeueing CLI command now only enables queueing if disablequeueing had been sent before * Avoid multipathd hang during map flush * multipathd now tracks the queueing mode of maps in its internal features string * Improve error messages in 'multipathd -k' * Fix segfault in autoresize code (bsc#1219289) * Fix missing map reloads (bsc#1219796) * Documentation fixes, spelling fixes, minor code fixes ==== ncurses ==== Version update (6.4.20240120 -> 6.4.20240210) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20240210 + compiler-warning fixes, while investigating an optimizer bug in "gcc (MacPorts gcc13 13.2.0_4+stdlib_flag) 13.2.0" which results in only the first byte of a multibyte character being printed to the screen. - Change order of use=vt100+4bsd and use=rxvt+pcfkeys in rxvt-basic to get correct arrow keys back (boo#1219626) - Add ncurses patch 20240203 + minor changes to tracing and locale-checks. - Add ncurses patch 20240127 + amend change to z39-a (report by Sven Joachim). + use xterm+nopcfkeys, vt52-basic, dec+pp, dec+sl, vt52+arrows, hp+pfk+cr, klone+acs, klone+color, klone+sgr, ncr160wy50+pp to trim -TD + NetBSD-related fixes for x68k and wsvt52 (patch by Thomas Klausner) ==== netavark ==== Version update (1.10.2 -> 1.10.3) - Update to version 1.10.3: * v1.10.3 * fix netavark update to not start a new aardvark-dns ==== nvme-cli ==== Version update (2.7.1 -> 2.8) Subpackages: nvme-cli-bash-completion - Update to version 2.8: * nvme-print-json: append array object in json_support_log * sed: Add plugin for basic SED Opal operations (jsc#PED-5061) * don't include newlines in already wrapped text * nvme: do not include meta data for PRACT=1 and MD=8 (version 2) * create-ns: align the namespaces to 1Mib boundaries when using SI suffixes * doc: Fix config-schema.json's URL * plugins/solidigm: Compressing vs-internal-log log files into zip file. * nbft: do not issue an error if ACPI tables are missing * nbft: fixup include for libnvme * doc: Fix short option name for cfg-file * completions: added Solidigm plugin to autocomplete scripts * nvme: Remove unused cfg argument from NVME_ARGS() macro * nvme: fix directive receive identify offsets * nvme-fabrics: enable option 'concat' * build: Update libnvme wrap * plugins/wdc: Add Debug Log Collection Support * nbft: fix tcp/dhcp address fallback retry (bsc#1218873) * nvme: use correct telemetry log size * nvme-print: fix typo in list verbose output (bsc#1219086) * nvme: print inserted tls key for check-tls-key (bsc#1219086) * plugins/wdc: Plugin fixes and updates * fabrics: move hostid/hostnqn warnings to verbose level (bsc#1219086) ==== openvpn ==== Version update (2.6.8 -> 2.6.9) Subpackages: openvpn-auth-pam-plugin - update to 2.6.9: * Remove unused function prototype crypto_adjust_frame_parameters * Log SSL alerts more prominently * Document tls-exit option mainly as test option * Remove TEST_GET_DEFAULT_GATEWAY as it duplicates --show-gateway * Fix check_session_buf_not_used using wrong index * Add missing check for nl_socket_alloc failure * Add check for nice in cmake config * Remove compat versionhelpers.h and remove cmake/configure check for it * Extend the error message when TLS 1.0 PRF fails * Fix unaligned access in macOS, FreeBSD, Solaris hwaddr * Check PRF availability on initialisation and add --force-tls-key-material-export * Make it more explicit and visible when pkg-config is not found * Clarify that the tls-crypt-v2-verify has a very limited env set * Implement the --tls-export-cert feature * Remove conditional text for Apache2 linking exception * Remove --tls-export-cert * Remove superfluous x509_write_pem() * sample-keys: renew for the next 10 years * GHA: clean up libressl builds with newer libressl * configure.ac: Remove unused AC_TYPE_SIGNAL macro * documentation: remove reference to removed option --show-proxy-settings * unit_tests: remove includes for mock_msg.h * documentation: improve documentation of --x509-track * NTLM: add length check to add_security_buffer * NTLM: increase size of phase 2 response we can handle * proxy-options.rst: Add proper documentation for --http-proxy-user-pass * buf_string_match_head_str: Fix Coverity issue 'Unsigned compared against 0' * --http-proxy-user-pass: allow to specify in either order with --http-proxy * README.cmake.md: Document minimum required CMake version for --preset * documentation: Update and fix documentation for --push-peer-info * documentation: Fixes for previous fixes to --push-peer-info * OpenBSD: repair --show-gateway * get_default_gateway() HWADDR overhaul * fix uncrustify complaints about previous patch * preparing release 2.6.9 * dco-freebsd: dynamically re-allocate buffer if it's too small * tun.c: don't attempt to delete DNS and WINS servers if they're not set * vcpkg-ports/pkcs11-helper: bump to version 1.30 * Add support for mbedtls 3.X.Y * Update README.mbedtls * Disable TLS 1.3 support with mbed TLS * Enable key export with mbed TLS 3.x.y * protocol_dump: tls-crypt support * Fix IPv6 route add/delete message log level * fix(ssl): init peer_id when init tls_multi ==== orc ==== Version update (0.4.34 -> 0.4.37) - version update to 0.4.37 0.4.37 ====== - enable neon instructions on Apple ARM64 (Aleix Conchillo Flaqué) - orcc: Fix regression, was hard-coded to use "sse" as default target (Sebastian Dröge) - MMX backend fixes (L. E. Segovia, Jorge Zapata) - testsuite: Build fixes for Clang (L. E. Segovia) - testsuite, tools: Fix warning caused by inserting unneeded source operands (L. E. Segovia) - orccompiler: call sys_icache_invalidate() to invalidate macos inst cache (Aleix Conchillo Flaqué) - macOS/iOS version/target check build fixes (Aleix Conchillo Flaqué) 0.4.36 ====== - Only use AVX / AVX2 instructions on CPUs that support both AVX and AVX2 (fixes crash on machines that only support AVX) (L. E. Segovia) 0.4.35 ====== - Add support for AVX / AVX2 (L. E. Segovia) - SSE backend improvements (L. E. Segovia) - New `orf` and `andf` opcodes for bitwise AND and OR for single precision floats (Jorge Zapata) - Add support for `convwf`, int16 to float conversion (Jorge Zapata) - Allow backend selection through ORC_TARGET environment variable (L. E. Segovia) - Documentation improvements (Jorge Zapata, L. E. Segovia, Tim-Philipp Müller) - orconce: Use Win32 once implementation with MSVC (Seungha Yang, L. E. Segovia) - orcc: add --binary option to output raw machine code for functions (L. E. Segovia) - orcprofile: Implement Windows high-resolution timestamp for MSVC to allow benchmarking on MSVC builds (L. E. Segovia) ==== osinfo-db ==== - Add support for SLE Micro 6.0 (jsc#PED-6305) add-slem6.0-support.patch - Add support for openSUSE Leap 15.6 (jsc#PED-6305) add-opensuse-leap-15.6-support.patch ==== pam-config ==== Version update (2.10 -> 2.11) - Update to version 2.11 - pam_gnome_keyring: use options in AUTH [bsc#1219767] ==== patterns-microos ==== Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-base-microdnf patterns-microos-base-packagekit patterns-microos-base-zypper patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-desktop-common patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-ra_agent patterns-microos-ra_verifier patterns-microos-selinux patterns-microos-sssd_ldap - Add "Requires: gvfs and gvfs-backends" for KDE (boo#1216667) ==== pkcs11-helper ==== Version update (1.29.0 -> 1.30.0) - update to 1.30.0: * core: add dynamic loader provider attribute * openssl: support DSA in libressl-3.5.0 * openssl: fix openssl_ex_data_dup prototype - get rid of almost empty pkcs11-helper package ==== pkgconf ==== Version update (1.8.0 -> 2.1.1) Subpackages: pkgconf-m4 pkgconf-pkg-config - update to 2.1.1: * Fix --modversion with constraints * Reintroduce an optimization to the dependency graph walker which avoids revisiting already visited nodes * Add a regression test to check that the dependency flattener is working as expected - update to 2.1.0: * new solver for higher performance with complicated graphs * Add --license selector to the pkgconf CLI * Add flag --verbose and --solution to CLI * Changes and fixes to --modversion * bug fixes and developer visible changes - drop pkgconf-CVE-2023-24056.patch, now included ==== podman ==== Version update (4.9.2 -> 4.9.3) - Update to version 4.9.3: * Bump to v4.9.3 * Release notes for v4.9.3 * [v4.9] [skip-ci] packit: update fedora downstream branches * @@option volume.image: be specific that -v only affects RUN * Accept a config blob alongside the "changes" slice when committing * container create: use ParseUserNamespace to parse a user namespace setting * Bump to v4.9.3-dev ==== poppler ==== Version update (23.12.0 -> 24.02.0) Subpackages: libpoppler-cpp0 libpoppler-glib8 poppler-tools - version update to 24.02.0 Release 24.02.0: core: * Fix reading some JBIG2 streams. Issue #1319 * Fix saving some annotation interior color when it's empty * Make searching for fonts when adding annotations a bit faster * Make sure images are compressed when adding them * Small internal code cleanup utils: * pdfimages: return exit code 2 when error opening output files Release 24.01.0: core: * Don't crash on certain documents on the NSS signature backend * Fix infinite loop in some annotation code if there's not space for even one character * Fix build on Android with generic font configuration * Small internal code cleanup ==== poppler-qt5 ==== Version update (23.12.0 -> 24.02.0) - version update to 24.02.0 Release 24.02.0: core: * Fix reading some JBIG2 streams. Issue #1319 * Fix saving some annotation interior color when it's empty * Make searching for fonts when adding annotations a bit faster * Make sure images are compressed when adding them * Small internal code cleanup utils: * pdfimages: return exit code 2 when error opening output files Release 24.01.0: core: * Don't crash on certain documents on the NSS signature backend * Fix infinite loop in some annotation code if there's not space for even one character * Fix build on Android with generic font configuration * Small internal code cleanup ==== pulseaudio ==== Subpackages: libpulse-mainloop-glib0 libpulse0 pulseaudio-setup pulseaudio-utils system-user-pulse - Add cherry-picks to fix UCM crashes * pulseaudio-replace-port-device-UCM-context-assertion-with-an-error.patch * pulseaudio-check-UCM-verb-before-working-with-device-status.patch ==== python-linux-procfs ==== - align license tag with COPYING ==== sdbootutil ==== Version update (1+git20240122.c0d8f76 -> 1+git20240214.ba81e0e) Subpackages: sdbootutil-rpm-scriptlets sdbootutil-snapper - Update to version 1+git20240214.ba81e0e: * Fix pcr-oracle use * Add device when generating initrd for snapshots * Use systemd-pcrlock * Pre-built initrd support * Add subvolumes_prefix support ==== sg3_utils ==== Version update (1.48+7.63e63cb -> 1.48+8.37ca384) Subpackages: libsgutils2-1_48-2 - Fix missing SCSI_MODEL and other fields for "sg_inq --export" (bsc#1219874) ==== shadow ==== Version update (4.14.3 -> 4.14.5) Subpackages: libsubid4 login_defs - Update to 4.14.5: * Build system: + Fix regression introduced in 4.14.4, due to a typo. chgpasswd had been deleted from a Makefile variable, but it should have been chpasswd. - Remove shadow-4.14.4-chgpasswd-typo.patch - Update to 4.14.4: * Build system: + Link correctly with libdl. + Install pam configs for chpasswd(8) and newusers(8) when using ./configure --with-libpam --disable-account-tools-setuid. * libshadow: + Fix build error (parameter name omitted). + Fix off-by-one bug. + Remove warning. - Add shadow-4.14.4-chgpasswd-typo.patch: to fix build. See #926 - Update patch macro `patchN` -> `patch -P N` ==== shared-mime-info ==== Subpackages: shared-mime-info-lang - Explicitly use gcc 13 on SLE. ==== slirp4netns ==== Version update (1.2.2 -> 1.2.3) - New upstream release 1.2.3: * Fix some FD leaks (#334, thanks to @giuseppe) ==== tecla-keyboard-layout-viewer ==== Version update (45.rc -> 45.0) Subpackages: tecla-keyboard-layout-viewer-lang - Update to version 45.0: + Added shortcuts to exit the dialog + Fix UI in RTL environments + Fix a11y initialization + Updated translations. ==== util-linux ==== Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 util-linux-lang - Add file conflict of util-linux-tty-tools and busybox-util-linux. ==== util-linux-systemd ==== - Add file conflict of util-linux-tty-tools and busybox-util-linux. ==== vim ==== Version update (9.1.0000 -> 9.1.0111) Subpackages: vim-data vim-data-common vim-small xxd - update to 9.1.0111: * filetype: no support for bats files * filetype: add 'Config.in' filetype detection * runtime(asciidoc): include basic ftplugin * filetype: no support for its files * runtime(vim): Update base-syntax, remove unused vimString region * runtime(vim): Update base-syntax, fix :behave highlighting * runtime(vim): update Vim Syntax generator * filetype: no support for dtso files * Visual highlight hard to read with 'termguicolors' * runtime(vim): include Vim Syntax generator * Style: typos found * Linking fails with -lto because of PERL_CFLAGS * 'breakindentopt' "min" not correct with 'signcolumn' * settabvar() may change the last accessed tabpage * upper-case of German sharp s should be U+1E9E * Redrawing can be improved with undo and 'spell' * Not able to use diff() with 'diffexpr' * runtime(gpg): Mark dangerous use-embedded-filename with WarningMsg * CompletionChanged not triggered when new leader added without matches * 'breakindent' behaves inconsistently with 'list' and splits * runtime(vim): Update syntax file * diff() function uses 'diffexpr' * tests: test_restricted() fails * xxd: buffer-overflow when writing color output * Still a qsort() comparison function that returns result of subtraction * Compiler warning for missing type in scroll_event() * Syntax test fails when run with non C locale * Assigning wrong colors when parsing terminal OSC response * runtime(vim): Fix indent after line with literal dict * qsort() comparison functions should be transitive * TextChanged not triggered for :norm! commands * Restoring lastused_tabpage too early in do_arg_all() * Problem when scrolling using slow touchpads scroll event * X11 scroll size changes after accessing clipboard * Visual hl wrong when it ends before multibyte 'showbreak' * Redrawing can be improved when deleting lines with 'number' * Redrawing can be improved when deleting lines with 'cursorline' * runtime(doc): further improve docs about List/Blob += operator * X11 mouse-scrolling stutters * runtime(doc): Clarify list-concatenation a bit more * unexpected error for modifying final list using += * LineNrAbove/Below highlighting wrong on wrapped lines * runtime(dosbatch): improve '::' comment highlighting * GTK3: using wrong style for pre-edit area * Unnecessary call to redraw_for_cursorline() in nv_mousescroll() * runtime(colors): color names in the v:colornames dict should be lower cased * luau config file not detected * runtime(vim): Update syntax file * insert completion not correct when adding new leader * did_set_breakat() should be in optionstr.c * Looping over modifier_keys_table unnecessarily * Not able to build without FEAT_DIFF * translation(ca): Fixe typos in Catalan translation * Need a diff() Vim script function * translation(ru): Updated Russian translation of messages * runtime(vim): Update syntax file * runtime(fortran): update syntax * ScreenLines may not be correctly initialized, causing hang * Visual highlighting can still be improved * gcc still complains about use of uninitialized var * runtime(racket): add missing space to b:undo_indent var * runtime(Filelist): include README_vimlogo.txt * gcc complains about use of uninitialized var * runtime(vimlogo): Include and modernize vimlogo.svg * runtime(netrw): fixing remote file removal via ssh * runtime(doc): correct Vim patch for Wayland support * runtime(racket): undo some indent options only when vim9script is available * runtime(doc): Update help for Wayland support * Segfault with CompleteChanged autocommand * No Wayland support * GTK code can be improved * Internal error when :luado/perldo/pydo etc delete lines * UX of visual highlighting can be improved * runtime(netrw): Use :exec norm! before :call mapping in netrw * Recorded register cannot be translated using keytrans() * runtime(vim): Highlight string interpolation * runtime(vim): Update syntax and ftplugin files * runtime(ant): Update syntax file * runtime(hurl): add hurl filetype plugin * runtime(vim): Update syntax file * runtime(doc): style fixes in vim9.txt * No event triggered before creating a window * Cannot map Super Keys in GTK UI * wrong number of trailing spaces inserted after blockwise put * formatting long lines is slow * 'linebreak' may still apply to leading whitespace * Patch 9.1.0041 causes regressions for users * runtime(mail): fix #13913 * runtime(netrw): Don't change global options * runtime(fortran): update syntax and documentation * Win32 Keyboard handling is sub-optimal * Make "[Command Line]" a special buffer name * Abort opening cmdwin if autocmds screw things up * issues with temp curwin/buf while cmdwin is open * runtime(c): Highlight user defined functions * :drop does not re-use empty buffer * --remote-* does not ignore `wilidignore` * runtime(doc): change "VIsual mode" to "Visual mode" in :h SafeState ... changelog too long, skipping 75 lines ... * Add support for `syntax foldlevel` command ==== vmaf ==== - fix dependency on xxd ==== webkit2gtk3 ==== Subpackages: WebKitGTK-4.1-lang libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Fix package names for v6, and obsolete old packages. - Use gcc 11 on SLE, to match what is currently used on SP4, and adjust version check to include SP6. Also, use system malloc there; the build currently fails without this (webkit#243535). - Require gcc >= 10.2 to match the current cmake test. - Disable jpegxl on SLE; it isn't currently available there. ==== webkit2gtk4 ==== Subpackages: WebKitGTK-6.0-lang webkitgtk-6_0-injected-bundles - Fix package names for v6, and obsolete old packages. - Use gcc 11 on SLE, to match what is currently used on SP4, and adjust version check to include SP6. Also, use system malloc there; the build currently fails without this (webkit#243535). - Require gcc >= 10.2 to match the current cmake test. - Disable jpegxl on SLE; it isn't currently available there. ==== wpa_supplicant ==== - Add CVE-2023-52160.patch - Bypassing WiFi Authentication (bsc#1219975) ==== xfsprogs ==== Version update (6.5.0 -> 6.6.0) - update to 6.6.0 - xfs_scrub: add missing license and copyright information - xfs_db: report the device associated with each io cursor - libxfs: Fix UAF in a requeued EFI - xfs_io: Add new option, to exercise log2_data_unit_size in kernel fscrypt_policy_v2 - xfs_db: Add upport to read from external log device - metadump: New metadump format - xfs_quota: fix missing mount point warning ==== yast2-packager ==== Version update (5.0.2 -> 5.0.4) - SLE HPC is not a base product anymore, it is replaced by SLES + HPC module, added migration mapping (jsc#PED-7841) - 5.0.4 - Fixed ERB template loading in self update, if the template cannot be found using a relative path then fallback to the absolute path (bsc#1219174) - 5.0.3 ==== yast2-storage-ng ==== Version update (5.0.4 -> 5.0.5) - Added new libstorage enum value UF_BCACHEFS to fix build failure (bsc#1219804) - 5.0.5