Packages changed: MicroOS-release (20240409 -> 20240410) SDL2 (2.30.1 -> 2.30.2) cryptsetup (2.7.1 -> 2.7.2) dracut-pcr-signature (0.2+0 -> 0.3+0) gcc13 kbd power-profiles-daemon publicsuffix (20240326 -> 20240410) sdbootutil (1+git20240408.49e4021 -> 1+git20240410.3325802) systemd-default-settings (0.9 -> 0.10) wsdd (0.7.1 -> 0.8) xen (4.18.1_02 -> 4.18.2_02) xwayland (23.2.5 -> 23.2.6) === Details === ==== MicroOS-release ==== Version update (20240409 -> 20240410) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== SDL2 ==== Version update (2.30.1 -> 2.30.2) - Update to release 2.30.2 * Fixed performance regression initialing controllers on Linux * Added support for the 6-button SEGA Mega Drive Control Pad for Nintendo Online * Add support for MadCatz Saitek Side Panel Control Deck * Added support for the Hori Fighting Stick EX2 * Added support for the Yawman Arrow flightstick * Added a gamepad mapping for the Defender Joystick Cobra R4 * Fixed the gamepad mapping for the Sanwa Supply JY-P76USV controller * Allow using SDL_RWFromFile() with named pipes ==== cryptsetup ==== Version update (2.7.1 -> 2.7.2) Subpackages: cryptsetup-doc cryptsetup-lang libcryptsetup12 - update to 2.7.2: * Fix activation of OPAL-only encrypted LUKS device with tokens * Fix formatting of OPAL devices with 4096-byte sector size * Fix incorrect OPAL locking range alignment calculation if used over an unaligned device partition. * Do not check the passphrase quality for OPAL Admin PIN, as this passphrase already exists. * Update license for FAQ document to CC BY-SA 4.0. NOTE: Please note that with OPAL-only (--hw-opal-only) encryption, the configured OPAL administrator PIN (passphrase) allows unlocking all configured locking ranges without LUKS keyslot decryption (without knowledge of LUKS passphrase). Because of many observed problems with compatibility, cryptsetup currently DOES NOT use OPAL single-user mode, which would allow such decoupling of OPAL admin PIN access. ==== dracut-pcr-signature ==== Version update (0.2+0 -> 0.3+0) - Update to version 0.3+0: * Various small improvements ==== gcc13 ==== - Add gcc13-pr101523.patch to avoid combine spending too much compile-time and memory doing nothing on s390x. [boo#1188441] - Make requirement to lld version specific to avoid requiring the meta-package. - Add gcc13-pr111731.patch to fix unwinding for JIT code. [bsc#1221239] ==== kbd ==== - Move legacy keymaps that have no acceptable xkb counterpart and its includes back to kbd. (bsc#1194609) - Stop requiring kbd-legacy. All YaST supported languages should now have its keymaps in kbd. - Remove kbd-1.15.2-prtscr_no_sigquit.patch rejected by the upstream. The problem is fixed for a long time, this is an additional modification. (PED-7977, https://github.com/legionus/kbd/pull/111): - Drop kbd_fonts.tar.bz2 containing just several 30 years old inferior fonts with an unknown author and uncertain license. - Add structured comments to patches. ==== power-profiles-daemon ==== - Revert "Remove duplicate DBus service files net.hadess.PowerProfiles" workaround to boo#1222179 (see comment 10). ==== publicsuffix ==== Version update (20240326 -> 20240410) - Update to version 20240410: * Removing `ravendb.me` (#1841) * Updating psl: Adding myfritz.link (follow up PR#77) (#1761) * Add `framer.ai` (#1831) * chore: add `is-a.dev` (#1949) * Add StackBlitz (#1939) * Add `unison-services.cloud` (#1839) * Add `is-cool.dev`, `is-local.org`, `is-not-a.dev` and `localplayer.dev` (#1672) * Add grayjayleagues.com (#1742) * Add `runcontainers.dev` for Libre IT Ltd (#1783) * Add `heliohost.us`, `helioho.st`(#1825) * Remove `123sait.ru` (#1844) * Add MyDNS.JP Dynamic DNS Service (#1937) * add `scrypted.io` (#1826) * Add `darklang.io` (#1880) * Update `cloudns.net` dynamic dns domains listing (#1593) * Add wildcard to `snowflake.app` and `privatelink.snowflake.app` (#1743) * Add `preview.csb.app` and `csb.app` (#1648) * Add `nimsite.uk` (#1797) * add getlocalcert.net domains (#1798) * Add wadl.top (#1924) * ADD: `can.re` (#1651) * Add cdn77-storage.com and rsc.contentproxy9.cz (#1882) * add `srv.us`, `xmit.co` * Add at.emf.camp (#1955) * util: gTLD data autopull updates for 2024-03-28T15:13:37 UTC (#1952) ==== sdbootutil ==== Version update (1+git20240408.49e4021 -> 1+git20240410.3325802) Subpackages: sdbootutil-rpm-scriptlets sdbootutil-snapper - Update to version 1+git20240410.3325802: * fallback for machine-id ==== systemd-default-settings ==== Version update (0.9 -> 0.10) Subpackages: systemd-default-settings-branding-SLE systemd-default-settings-branding-openSUSE - Import 0.10 5088997 SLE: Disable pids controller limit under user instances (jsc#SLE-10123) ==== wsdd ==== Version update (0.7.1 -> 0.8) - Fix build for SLE_15 - Update to version 0.8 * Configuration files for firewalld added * Show device type and allow filtering in API's list command * Add option --metadata-timeout to set the timeout for the HTTP-based metadata exchange * The employed UUID is now read from /etc/{machine-id,hostid} before falling by back to the UUID derivation from the host name. * Handle addresses with zone id by ignoring the interface part * Do not crash with asyncio future error when non-existing interface is provided - Remove some bashism from wsdd-init.sh - Use the unmodified service files from wsdd for Leap 15.5 and below, else reuse ws-discovery-udp service from firewalld ==== xen ==== Version update (4.18.1_02 -> 4.18.2_02) - Update to Xen 4.18.2 security bug fix release (bsc#1027519) xen-4.18.2-testing-src.tar.bz2 * No upstream changelog found in sources or webpage - bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may trigger Xen bug check (XSA-454) - bsc#1222302 - VUL-0: CVE-2024-31142: xen: x86: Incorrect logic for BTC/SRSO mitigations (XSA-455) - bsc#1222453 - VUL-0: CVE-2024-2201: xen: x86: Native Branch History Injection (XSA-456) - Dropped patch contained in new tarball 65f83951-x86-mm-use-block_lock_speculation-in.patch ==== xwayland ==== Version update (23.2.5 -> 23.2.6) - Update to 23.2.6 * This is a quick bug fix release to address a regression introduced by the fix for CVE-2024-31083 in xwayland-23.2.5.