Packages changed: Imath (3.1.9 -> 3.1.11) MicroOS-release (20240702 -> 20240703) dracut (059+suse.598.gfe80dac7 -> 059+suse.628.g20b345b4) ghostscript (10.03.0 -> 10.03.1) llvm18 (18.1.6 -> 18.1.8) ncurses (6.5.20240608 -> 6.5.20240629) open-vm-tools (12.4.0 -> 12.4.5) osinfo-db (20240510 -> 20240701) pciutils (3.12.0 -> 3.13.0) pinentry (1.2.1 -> 1.3.0) pinentry-gui (1.2.1 -> 1.3.0) podman poppler (24.03.0 -> 24.07.0) poppler-qt6 (24.03.0 -> 24.07.0) qemu (9.0.0 -> 9.0.1) selinux-policy (20240617 -> 20240702) systemd (255.7 -> 255.8) xterm (389 -> 392) zypper (1.14.74 -> 1.14.76) === Details === ==== Imath ==== Version update (3.1.9 -> 3.1.11) - update to 3.1.11: * Fix a problem where downstream projects using Imath would build python bindings even if they weren't requested. * Fix for missing `std::bit_cast` * Fix missing/necessary use of IMATH_HOSTDEVICE * IMATH_INSTALL_PKG_CONFIG is now on by default, even on Windows * Fix calling default constructor by uniform init in TypeTraits * Fix redundant PYIMATH_EXPORTS causing compile issues on Windows Clang * Update to SO versioning policy: * succ()/pred() now use std::nextafter(). * Expand epsilon bounds for m44x pyImath test. * Rename "docs" to "website". * Add missing copyright/license identifiers. ==== MicroOS-release ==== Version update (20240702 -> 20240703) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== dracut ==== Version update (059+suse.598.gfe80dac7 -> 059+suse.628.g20b345b4) Subpackages: dracut-ima - Update to version 059+suse.628.g20b345b4: * feat(crypt): force the inclusion of crypttab entries with x-initrd.attach (bsc#1226529) * fix(mdraid): try to assemble the missing raid device (bsc#1226412) * feat(ifcfg): minimize s390-specific network configuration aspects * refactor(ifcfg): delete code duplication using iface_get_subchannels() * fix(znet): append to udev rules so each rd.znet_ifname is effective * feat(qeth_rules): remove qeth handling consolidated in 95znet * docs(dracut.cmdline): generalize description of rd.znet * feat(znet): use zdev for consolidated device configuration * feat(dasd): minimize dasd handling consolidated in s390-tools * feat(dasd_mod): minimize dasd handling consolidated in s390-tools * feat(dasd_rules): remove dasd handling consolidated in s390-tools * feat(zfcp): minimize zfcp handling consolidated in s390-tools * feat(zfcp_rules): remove zfcp handling consolidated in s390-tools * refactor(cms): remove now unnecessary inclusion of full s390utils-base * refactor(cms): use consolidated network config with zdev from s390-tools * refactor(cms): use consolidated dasd config with zdev from s390-tools * refactor(cms): use consolidated zfcp config with zdev from s390-tools * refactor(cms): use zdev to simplify handling CMSDASD=... boot option * fix(dracut-install): continue parsing if ldd prints "cannot be preloaded" (bsc#1208690) ==== ghostscript ==== Version update (10.03.0 -> 10.03.1) - Version upgrade to 10.03.1: Highlights in this release include: See 'Recent Changes in Ghostscript' at Ghostscript upstream https://ghostscript.readthedocs.io/en/gs10.03.1/News.html * Fixes for CVE-2024-33869, CVE-2023-52722, CVE-2024-33870, CVE-2024-33871 and CVE-2024-29510 - Regarding CVE-2024-33869 see bsc#1226946 and https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=5ae2e320d69a7d0973011796bd388cd5befa1a43 https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f5336e5b4154f515ac83bc5b9eba94302e6618d4 https://bugs.ghostscript.com/show_bug.cgi?id=707691 - Regarding CVE-2023-52722 see bsc#1223852 and https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=afd7188f74918cb51b5fb89f52b54eb16e8acfd1 - Regarding CVE-2024-33870 see bsc#1226944 and https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=79aef19c685984dc3da2dc090450407d9fbcff80 https://bugs.ghostscript.com/show_bug.cgi?id=707686 - Regarding CVE-2024-33871 see bsc#1225491 and https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=7145885041bb52cc23964f0aa2aec1b1c82b5908 - Regarding CVE-2024-29510 see bsc#1226945 and https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=3b1735085ecef20b29e8db3416ab36de93e86d1f ==== llvm18 ==== Version update (18.1.6 -> 18.1.8) - Update to version 18.1.8. * Fix a regression from the 18.1.6 release, which could result in compiler crashes in the PPCMergeStringPool pass when compiling for PowerPC targets. * Fixes clang-format regressions (since 18.1.1) on breaking before a stream insertion operator (<<) when both operands are string literals. * Fixes a clang-format regression (since 17.0.6) on formatting goto labels in macro definitions. - Rebase llvm-do-not-install-static-libraries.patch. ==== ncurses ==== Version update (6.5.20240608 -> 6.5.20240629) Subpackages: libncurses6 ncurses-utils terminfo-base - Add ncurses patch 20240629 + build-fix for ncurses-examples with newer PDCurses, which no longer has stubs for unimplemented features. + add help-popup for test_instr.c, test_inwstr.c + modify checks in delwin to avoid checking if the window is a pad until first checking if it is still on the active window-list (cf: 20211115). + improve -t option of test/gdc.c, allowing hours only, or hours and minutes only. - Update to tack 1.10 (patch 20240501) * init.c, edit.c: gcc warning (NetBSD) * edit.c: check to avoid printing a non-printable character, per Coverity * tack.c: initialize variables, per Coverity * tack.1: change limit for SGR tool to allow for aixterm's colors * ansi.c: change the SGR tool to show up to 120 (past aixterm's 108) * color.c: when reloading the colors 0-7, use the index for the named color rather than just the array-index (fixing an interchanged red/blue for instance). Also, initialize the palette using the ANSI codes if the terminal supports setaf/setab. * color.c, charset.c, ansi.c, edit.c, crum.c, pad.c, tack.c, tack.h: use "const" in a few places reported by cppcheck * tack.1: improve formatting/style - Add ncurses patch 20240622 + improve test/gdc.c (patch by Branden Robinson). + improve formatting/style of manpages (patches by Branden Robinson). + adjust naming of mingw *-config scripts to match the pkg-config names + widen pattern in pc/*-config scripts to disallow more linker options + add --cflags-only-I and --cflags-only-other options to misc/ncurses-config.in + revert change to CF_BUILD_CC macro (report by Vassili Courzakis, cf: 20240518). - Port patch ncurses-6.4.dif - Port edit.sed script to new ncurses-config - Add ncurses patch 20240615 + improve formatting/style of manpages (patches by Branden Robinson). + review/update modules files. + improve install-rules in Ada95 makefiles (report by Branden Robinson). + improve formatting/style of manpages in test-directory. ==== open-vm-tools ==== Version update (12.4.0 -> 12.4.5) Subpackages: libvmtools0 - Update to 12.4.5 (build 23787635) (boo#1227181) - There are no new features in the open-vm-tools 12.4.5 release. This is primarily a maintenance release that addresses a few critical problems, including: - A Github pull request and associated issue has been handled. Please see the Resolved Issues section of the Release Notes. - A number of issues flagged by Coverity and ShellCheck have been addressed. - A vmtoolsd process hang related to nested logging from an RPC Channel error has been fixed. For a more complete list of issues resolved in this release, see the Resolved Issues section of the Release Notes. For complete details, see: https://github.com/vmware/open-vm-tools/releases/tag/stable-12.4.5 Release Notes are available at: https://github.com/vmware/open-vm-tools/blob/stable-12.4.5/ReleaseNotes.md The granular changes that have gone into the 12.4.5 release are in the ChangeLog at: https://github.com/vmware/open-vm-tools/blob/stable-12.4.5/open-vm-tools/ChangeLog ==== osinfo-db ==== Version update (20240510 -> 20240701) - Update to database version 20240701 osinfo-db-20240701.tar.xz - Adjust some default hardware requirements (bsc#1227231) adjust-tumbleweed-hardware-requirements.patch add-opensuse-leap-15.6-support.patch add-sle15sp6-support.patch - bsc#1227116 - osinfo still uses deprecated SL-Micro name Reverse prior decision to drop the use of "Enterprise" in the name of the SUSE Linux Micro product. add-slem6.0-support.patch Drop add-slm6.0-support.patch ==== pciutils ==== Version update (3.12.0 -> 3.13.0) Subpackages: libpci3 - update to 3.13.0: * lspci decodes CXL 1.1 device link status information. * Further development of the pcilmr (the link margining utility) * Dump parsing supports 6-digit domain numbers. * Bug fixes in PCIe link state reporting. * Decode more fields in PCIe AER capability. * Fixed build on Linux systems with musl libc. * Updated pci.ids. ==== pinentry ==== Version update (1.2.1 -> 1.3.0) - update to 1.3.0: * qt: Add new Qt6 frontend. [rP1e79123c38] * qt: Set parent window on Wayland. [T6930] * qt: Fix capslock detection on Wayland. [rP7dfc60a70d] * qt: Fix window icon on Wayland. [T6887] * qt: Add support for external password manager with libsecret. * qt: Remove focus indication by text selection. [T5863] * qt: Use same focus indication for labels as Kleopatra. * qt: Improve accessibility. [T5863] * gnome3: Prefer gcr-4. [rP069c219223] * curses: Fix timeout handling. [rP08408498b3] * curses: Add SETREPEATOK and quality bar colors. * curses: Add password quality meter. [rP2923707e75] * curses,tty: Upon SIGINT, let pinentry exit gracefully. * w32: Fix non-focused window and simplify code. * Disable secret storage integration when running on KDE Plasma. * The Windows CE support has been removed. ==== pinentry-gui ==== Version update (1.2.1 -> 1.3.0) - update to 1.3.0: * qt: Add new Qt6 frontend. [rP1e79123c38] * qt: Set parent window on Wayland. [T6930] * qt: Fix capslock detection on Wayland. [rP7dfc60a70d] * qt: Fix window icon on Wayland. [T6887] * qt: Add support for external password manager with libsecret. * qt: Remove focus indication by text selection. [T5863] * qt: Use same focus indication for labels as Kleopatra. * qt: Improve accessibility. [T5863] * gnome3: Prefer gcr-4. [rP069c219223] * curses: Fix timeout handling. [rP08408498b3] * curses: Add SETREPEATOK and quality bar colors. * curses: Add password quality meter. [rP2923707e75] * curses,tty: Upon SIGINT, let pinentry exit gracefully. * w32: Fix non-focused window and simplify code. * Disable secret storage integration when running on KDE Plasma. * The Windows CE support has been removed. ==== podman ==== - Add patch to fix bsc#1227052 / CVE-2024-6104: * 0001-Backport-fix-for-CVE-2024-6104.patch - Add missing BuildRequires man ==== poppler ==== Version update (24.03.0 -> 24.07.0) - update to 24.07.0: core: * Fix crashes in broken files * Internal code improvements qt6: * Add getters for document additional actions * Implement reset forms link qt5: * Add getters for document additional actions * Implement reset forms link utils: * pdfinfo: Fix crash in broken documents when using -dests build system: * Mark glib-mkenums as required - drop poppler-CVE-2024-6239.patch (upstream) - version update to 24.06.1 Release 24.06.1: Re-release 24.06.0 with increased SOVERSION of poppler internal library Release 24.06.0: core: * Performance improvements in some files * Fix some issues with files bigger than 2^31 bytes * Remove all cairo include guards for cairo < 1.16 * Fix MSVC build * Internal code improvements qt6: * Update Qt6 doc example * Use the non deprecated version of QString::fromUcs4 glib: * properly document return value from poppler_font_info_scan Release 24.05.0: core: * Fix signing not being totally correct in some kind of PDF files * Assume "Adobe-Identity" for character collection. Issue #1465 * Small improvements in annotation font rendering * Remove some GooString methods, use std::string ones instead * Move some GooString methods to UTF.h * Fix crash in broken files cpp: * cpp: Fix crash extracting text and font in some files. Issue #1477 * Change base class of ustring to char16_t qt6: * Add async API for certificate validation * Fix text extraction for Landscape/Seascape pages qt5: * Add async API for certificate validation * Fix text extraction for Landscape/Seascape pages utils: * pdfdetach: Small code improvements * pdftops: Write compliant ps header build system: * Increase minimum supported base to that provided by Ubuntu 22.04 Release 24.04.0: core: * Optimize page text extraction speed * Fix clipping path handling in some files. Issue #739 * Fix regression in text selection * Fix text search across lines between paragraphs qt6: * Fix crash in SoundObject::data utils: * pdfsig: Add Catalan translation build system: * Build code as C++20 - modified patches % reduce-boost-required-version.patch (refreshed) % reduce-libtiff-required-version.patch (refreshed) - added patches fix CVE-2024-6239 [bsc#1226916], crash when using pdfinfo with -dests parameter on malformed input files + poppler-CVE-2024-6239.patch ==== poppler-qt6 ==== Version update (24.03.0 -> 24.07.0) - update to 24.07.0: core: * Fix crashes in broken files * Internal code improvements qt6: * Add getters for document additional actions * Implement reset forms link qt5: * Add getters for document additional actions * Implement reset forms link utils: * pdfinfo: Fix crash in broken documents when using -dests build system: * Mark glib-mkenums as required - drop poppler-CVE-2024-6239.patch (upstream) - version update to 24.06.1 Release 24.06.1: Re-release 24.06.0 with increased SOVERSION of poppler internal library Release 24.06.0: core: * Performance improvements in some files * Fix some issues with files bigger than 2^31 bytes * Remove all cairo include guards for cairo < 1.16 * Fix MSVC build * Internal code improvements qt6: * Update Qt6 doc example * Use the non deprecated version of QString::fromUcs4 glib: * properly document return value from poppler_font_info_scan Release 24.05.0: core: * Fix signing not being totally correct in some kind of PDF files * Assume "Adobe-Identity" for character collection. Issue #1465 * Small improvements in annotation font rendering * Remove some GooString methods, use std::string ones instead * Move some GooString methods to UTF.h * Fix crash in broken files cpp: * cpp: Fix crash extracting text and font in some files. Issue #1477 * Change base class of ustring to char16_t qt6: * Add async API for certificate validation * Fix text extraction for Landscape/Seascape pages qt5: * Add async API for certificate validation * Fix text extraction for Landscape/Seascape pages utils: * pdfdetach: Small code improvements * pdftops: Write compliant ps header build system: * Increase minimum supported base to that provided by Ubuntu 22.04 Release 24.04.0: core: * Optimize page text extraction speed * Fix clipping path handling in some files. Issue #739 * Fix regression in text selection * Fix text search across lines between paragraphs qt6: * Fix crash in SoundObject::data utils: * pdfsig: Add Catalan translation build system: * Build code as C++20 - modified patches % reduce-boost-required-version.patch (refreshed) % reduce-libtiff-required-version.patch (refreshed) - added patches fix CVE-2024-6239 [bsc#1226916], crash when using pdfinfo with -dests parameter on malformed input files + poppler-CVE-2024-6239.patch ==== qemu ==== Version update (9.0.0 -> 9.0.1) - Update to latest stable release (9.0.1). Full list of backports here: https://lore.kernel.org/qemu-devel/1718081053.366429.1238758.nullmailer@tls.msk.ru/ A selection of them is reported here too: Update version for 9.0.1 release target/loongarch: fix a wrong print in cpu dump ui/sdl2: Allow host to power down screen virtio-gpu: fix v2 migration target/i386: fix SSE and SSE2 feature check target/i386: fix xsave.flat from kvm-unit-tests disas/riscv: Decode all of the pmpcfg and pmpaddr CSRs riscv, gdbstub.c: fix reg_width in ricsv_gen_dynamic_vector_feature() target/riscv/kvm.c: Fix the hart bit setting of AIA target/riscv: rvzicbo: Fixup CBO extension register calculation target/riscv: do not set mtval2 for non guest-page faults target/riscv: prioritize pmp errors in raise_mmu_exception() target/riscv: rvv: Remove redudant SEW checking for vector fp narrow/widen instructions target/riscv: rvv: Check single width operator for vfncvt.rod.f.f.w target/riscv: rvv: Check single width operator for vector fp widen instructions target/riscv: rvv: Fix Zvfhmin checking for vfwcvt.f.f.v and vfncvt.f.f.w instructions target/riscv/cpu.c: fix Zvkb extension config target/riscv: Fix the element agnostic function problem target/riscv/kvm: tolerate KVM disable ext errors target/riscv/kvm: Fix exposure of Zkr hw/intc/riscv_aplic: APLICs should add child earlier than realize iotests: test NBD+TLS+iothread qio: Inherit follow_coroutine_ctx across TLS ... ==== selinux-policy ==== Version update (20240617 -> 20240702) Subpackages: selinux-policy-targeted - Update to version 20240702: * Allow manage dosfs_t files to snapperd (bsc#1224120) * Add auth_rw_wtmpdb_login_records to domains using auth_manage_login_records * Add auth_rw_wtmpdb_login_records to modules * Allow xdm_t to read-write to wtmpdb (bsc#1225984) * Introduce types for wtmpdb and rw interface * Introduce wtmp_file_type attribute * Revert "Add policy for wtmpdb (bsc#1210717)" ==== systemd ==== Version update (255.7 -> 255.8) Subpackages: libsystemd0 libudev1 systemd-boot systemd-experimental udev - Import commit 5a8eadd0c021758337a020c423f25a353bdb9b3c (merge of v255.8) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/603cd1d4d81147d4f2eccd5e352064a4215119b4...5a8eadd0c021758337a020c423f25a353bdb9b3c - Drop 5003-Revert-run-pass-the-pty-slave-fd-to-transient-servic.patch as v255.8 contains the workaround (commit 639c922ede9485) for the broken commit 28459ba1f4df. ==== xterm ==== Version update (389 -> 392) Subpackages: xterm-bin xterm-resize - update to 392: * improve input decoding for non-Latin1 character sets by preserving the sense of GL/GR. * add resource preferLatin1 to simplify UPSS configuration (Gentoo #932154). * build-fix for --disable-boxchars; patch #390 reuses that feature's code to draw the part of the DEC Technical character set which has no Unicode equivalent. * improve definitions used in clock_gettime logic in graphics_sixel.c, as well as updating comments (patch by Ben Wong). * amend allowC1Printable changes from patch #391, restoring a special case which caused C1 characters to be ignored (report/testcase by Dmytro Bagrii). - update to 391: * improve integration between UTF-8 and allowC1Printable. * alter SIXEL HLS computation to make blue 0 degrees (patch by Ben Wong). * disable SIXEL aspect-ratio, pending a rewrite (patch by Ben Wong). * add resource incrementalGraphics (prompted by patch by Ben Wong). * reorganize graphics_sixel.c as a step toward eliminating graphics buffer-size (integrated patch by Ben Wong). * fix regression in patch #390: non-UTF8 text pasted as a XA_UTF8_STRING was not decoded (report by Petri Kaukasoina). - update to 390: * improve typography of control-sequences page (patches by Branden Robinson). * amend UPSS change from patch #389, fixing a regression in VT100/VT220 character sets. * modify ANSI conformance per ECMA-43 and DEC 070: * set ANSI conformance level to 3 for DEC levels 2 and up. * disable locking shifts in level 1, e.g., VT100. * disable single-shifts from G2/G3 in level 1. * use UPSS for G2/G3 in levels 2 and up. * modify invisible-character attribute to permit DECRQCRA to report a consistent checksum (report/testcase by Thomas Wolff). * align terminfo building blocks in terminfo to correspond to recent refactoring/trimming in ncurses. * set flag in regexec call for onNClicks to handle “^” anchor (patch by Matthew Martin). * add line-drawing data for the characters in DEC Technical which have no Unicode equivalents. * remove a special case in encode_scs which made xterm report Latin-1 when encoding is set to UTF-8, where ASCII is the selected character set. This fixes a regression in vttest for the DECRSPS cursor test. * correct values for Ps of DECAUPSS in ctlseqs.ms (report by James Holderness). * simplify/correct expression for checking Unicode non-characters (report by Thomas Wolff). * correct loop for trimming environment variables (report/patch by Casper Dik). ==== zypper ==== Version update (1.14.74 -> 1.14.76) Subpackages: zypper-needs-restarting - Show rpm install size before installing (bsc#1224771) If filesystem snapshots are taken before the installation (e.g. by snapper) no disk space is freed by removing old packages. In this case the install size of all packages is a hint how much additional disk space is needed by the new packages static content. - version 1.14.76 - Fix readline setup to handle Ctrl-C and Ctrl-D corrrectly (bsc#1227205) - version 1.14.75