Packages changed: Mesa (24.0.3 -> 24.0.5) Mesa-drivers (24.0.3 -> 24.0.5) MicroOS-release (20240423 -> 20240425) distribution-logos-openSUSE (20240404 -> 20240424) dracut-pcr-signature (0.3+5 -> 0.3+6) ffmpeg-4 ffmpeg-6 flatpak (1.15.6 -> 1.15.8) gnome-settings-daemon grub2 gtk2 kwin6 (6.0.4 -> 6.0.4.1) libical (3.0.17 -> 3.0.18) libical-glib (3.0.17 -> 3.0.18) libva (2.20.0 -> 2.21.0) libwacom (2.10.0 -> 2.11.0) mozilla-nss (3.98 -> 3.99) passt pcre2 python-numpy sg3_utils (1.48+8.37ca384 -> 1.48+9.ecc03bb) vlc wireplumber (0.5.1 -> 0.5.2) === Details === ==== Mesa ==== Version update (24.0.3 -> 24.0.5) Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - Update to bugfix release 24.0.5 - supersedes mesa-fix-llvm18.patch - adjusted 0004-glx-pass-implicit-load-param-through-allocation.patch, 0010-glx-silence-more-implicit-load-zink-errors.patch ==== Mesa-drivers ==== Version update (24.0.3 -> 24.0.5) Subpackages: Mesa-dri Mesa-gallium - Update to bugfix release 24.0.5 - supersedes mesa-fix-llvm18.patch - adjusted 0004-glx-pass-implicit-load-param-through-allocation.patch, 0010-glx-silence-more-implicit-load-zink-errors.patch ==== MicroOS-release ==== Version update (20240423 -> 20240425) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== distribution-logos-openSUSE ==== Version update (20240404 -> 20240424) Subpackages: distribution-logos-openSUSE-MicroOS distribution-logos-openSUSE-icons - Update to version 20240424: * Aeon: Make light versions actually light ==== dracut-pcr-signature ==== Version update (0.3+5 -> 0.3+6) - Update to version 0.3+6: * Add UTF8 character set ==== ffmpeg-4 ==== Subpackages: libavcodec58_134 libavformat58_76 libavutil56_70 libpostproc55_9 libswresample3_9 libswscale5_9 - Address boo#1223070/CVE-2024-31578: add patch 0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch ==== ffmpeg-6 ==== Subpackages: libavcodec60 libavfilter9 libavformat60 libavutil58 libpostproc57 libswresample4 libswscale7 - Address boo#1223215/CVE-2023-49501: add patch 0001-avfilter-asrc_afirsrc-fix-by-one-smaller-allocation-.patch - Address boo#1223235/CVE-2023-49502: add patch 0001-avfilter-bwdif-account-for-chroma-sub-sampling-in-mi.patch - Address boo#1222730/CVE-2023-49528: add patches 0001-avfilter-af_dialoguenhance-fix-overreads.patch, 0001-avfilter-af_dialoguenhance-simplify-channels-copy.patch, 0001-avfilter-af_dialoguenhance-do-output-scaling-once.patch - Address boo#1223070/CVE-2024-31578: add patch 0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch - Address boo#1223085/CVE-2024-31582: add patch 0001-avfilter-vf_codecview-fix-heap-buffer-overflow.patch ==== flatpak ==== Version update (1.15.6 -> 1.15.8) Subpackages: flatpak-selinux libflatpak0 system-user-flatpak - disable parental controls for now by using '-Dmalcontent=disabled', to work around issues with xdg-desktop-portal - Update to version 1.15.8: + Security fixes: - Don't allow an executable name to be misinterpreted as a command-line option for bwrap(1). This prevents a sandbox escape where a malicious or compromised app could ask xdg-desktop-portal to generate a .desktop file with access to files outside the sandbox. (CVE-2024-32462, boo#1223110). + Other bug fixes: - Pass the -export-dynamic linker option as - Wl,-export-dynamic, fixing build failures with clang 18 and lld 18. - Fix a double-free when installation is cancelled. - Fix installed-tests failure with "FUSERMOUNT: unbound variable". - Changes from version 1.15.7: + New features: - Automatically remove obsolete driver versions and other autopruned refs. - --socket=inherit-wayland-socket. - Automatically reload D-Bus session bus configuration after installing or upgrading apps, to pick up any exported D-Bus services. + Bug fixes: - Don't parse as the application name. - Don't refuse to start apps when there is no D-Bus system bus available. - Don't try to repeat migration of apps whose data was migrated to a new name and then deleted. - Improve handling of mixed locales on systems with systemd-localed. - Improve display of ellipsized columns in wide terminals. - Make flatpak info -e look for extensions in all installations. - Fix warnings from newer GLib versions. - Always set the container environment variable. - Always let the app inherit redirected file descriptors. - In flatpak ps, add xdg-desktop-portal-gnome to the list of backends we'll use to learn which apps are running in the background. - Don't use WAYLAND_SOCKET unless given - -socket=inherit-wayland-socket. - Use fusermount3 if compiled with FUSE 3, overridable with - Dsystem_fusermount compile-time option. - Avoid leaking a temporary variable from /etc/profile.d/flatpak.sh into the shell environment. - Improve async-signal safety. - Fix various memory leaks. - Avoid undefined behaviour of signed left-shift when storing object IDs in a hash table. - Detect the correct gtk-doc when cross-compiling. - Detect the correct wayland-scanner when cross-compiling. - Documentation improvements. - Skip more tests when FUSE isn't available. - Updated translations. - Add libglnx.patch: fix meson function detection. - Switch build system to meson: + Add meson BuildRequires. + Switch configure/make_build/make_install macros to meson/meson_build/meson_install, preserving the configure parameters as close as possible: - -disable-silent-rules => obsoleted - -with-system-bubblewrap => -Dsystem_bubblewrap=bwrap - -with-curl => -Dhttp_backend=curl - Add pkgconfig(malcontent-0) BuildRequires: enable malcontent support. ==== gnome-settings-daemon ==== - Update gnome-settings-daemon-bgo793253.patch to fix the build with gcc 14. ==== grub2 ==== Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi - remove deprecated file 20_memtest86+ * a similar file is provided by the package memtest86+ ==== gtk2 ==== Subpackages: gtk2-tools libgtk-2_0-0 - Add gtk2-gcc14.patch: fix build with gcc 14. ==== kwin6 ==== Version update (6.0.4 -> 6.0.4.1) Subpackages: libkwin6 - Update to 6.0.4.1: * New bugfix release - Changes since 6.0.4: * Fall back to breeze_cursors if neither configured nor default can be loaded * scene/workspacescene: don't check direct scanout candidates for a pixmap (kde#485639, kde#485730, kde#485712) ==== libical ==== Version update (3.0.17 -> 3.0.18) - update to 3.0.18: * Requires CMake v3.5.0 or higher * Escape ^ (U+005E) character in parameter values according to RFC 6868 * New CMake option LIBICAL_BUILD_EXAMPLES to disable building the examples * Should be able to use the project as a submodule * Built-in timezones updated to tzdata2024a ==== libical-glib ==== Version update (3.0.17 -> 3.0.18) - update to 3.0.18: * Requires CMake v3.5.0 or higher * Escape ^ (U+005E) character in parameter values according to RFC 6868 * New CMake option LIBICAL_BUILD_EXAMPLES to disable building the examples * Should be able to use the project as a submodule * Built-in timezones updated to tzdata2024a ==== libva ==== Version update (2.20.0 -> 2.21.0) Subpackages: libva-drm2 libva-wayland2 libva-x11-2 libva2 - update to 2.21.0: * va: Add allow_content_tools and force_intger_mv to AV1 enc * va: add VASurfaceAttribAlignmentSize * va: Re-add drm_state and fd checks to VA_DRM_GetDriverNames * va: export symbol vaGetLibFunc for Windows * va: Add PRIME3 defination and correct the value * va: add driver name map for new intel KMD xe * va: export symbol vaMapBuffer2 for Windows * va: add new interface vaMapBuffer2 for map operation optimization * va: Add VAConfigAttribEncMaxTileRows and VAConfigAttribEncMaxTileCols * va: fix handling when all wayland backends fail * va_trace:add return value trace for vaPutSurfaces ==== libwacom ==== Version update (2.10.0 -> 2.11.0) Subpackages: libwacom-data libwacom9 - update to 2.11.0: * New Devices: - Asus Zenbook Duo - Lenovo Ideapad Duet, Ideapad Duet 3, Thinkpad L13 Yoga Gen 3 - HP Envy x360 * The default fallback device is now an integrated tablet ==== mozilla-nss ==== Version update (3.98 -> 3.99) Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs - update to NSS 3.99 * Removing check for message len in ed25519 (bmo#1325335) * add ed25519 to SECU_ecName2params. (bmo#1884276) * add EdDSA wycheproof tests. (bmo#1325335) * nss/lib layer code for EDDSA. (bmo#1325335) * Adding EdDSA implementation. (bmo#1325335) * Exporting Certificate Compression types (bmo#1881027) * Updating ACVP docker to rust 1.74 (bmo#1880857) * Updating HACL* to 0f136f28935822579c244f287e1d2a1908a7e552 (bmo#1325335) * Add NSS_CMSRecipient_IsSupported. (bmo#1877730) ==== passt ==== Subpackages: passt-selinux - Remove pointless %%check section ==== pcre2 ==== Subpackages: libpcre2-16-0 libpcre2-8-0 - build x86_64-v3 optimized libs ==== python-numpy ==== - Add patch fix-meson-multiple-python-versions.patch: * Ensure meson executes sys.executable when testing Cython. ==== sg3_utils ==== Version update (1.48+8.37ca384 -> 1.48+9.ecc03bb) Subpackages: libsgutils2-1_48-2 - sg_inq: re-add Unit serial number field (bsc#1219547) ==== vlc ==== Subpackages: libvlc5 libvlccore9 vlc-noX vlc-qt - Enable FluidSynth plugin using an optional package ==== wireplumber ==== Version update (0.5.1 -> 0.5.2) Subpackages: libwireplumber-0_5-0 wireplumber-audio - Update to version 0.5.2: * Highlights: - Added support for loading configuration files other than the default wireplumber.conf within Lua scripts (!629) - Added support for loading single-section configuration files, without fragments (!629) - Updated the node.software-dsp script to be able to load filter-chain graphs from external configuration files, which is needed for Asahi Linux audio DSP configuration (!629) * Fixes: - Fixed destroying camera nodes when the camera device is removed (#627, !631) - Fixed an issue with Bluetooth BAP device set naming (!632) - Fixed an issue caused by the pipewire event loop not being "entered" as expected (!634, #638) - A false positive warning about no modules being loaded is now suppressed when using libpipewire >= 1.0.5 (#620) - Default nodes can now be selected using priority.driver when priority.session is not set (#642) * Changes: - The library version is now generated following pipewire's versioning scheme: libwireplumber-0.5.so.0.5.2 becomes libwireplumber-0.5.so.0.0502.0 (!633) - Remove patches from upstream that are already in 0.5.2: * 0001-core-set-context.modules.allow-empty-to-silence-warning-in.patch * 0002-monitor-utils-clear-cam-data-after-creating-nodes.patch * 0003-monitors_bluez-fix-BAP-device-set-node-naming.patch