Packages changed: coreutils (9.1 -> 9.2) gnome-control-center (44.0+7 -> 44.0+20) gnome-shell (44.0+28 -> 44.0+42) gobject-introspection gstreamer-plugins-bad kernel-source (6.2.8 -> 6.2.9) ldb (2.7.1 -> 2.7.2) libheif (1.15.1 -> 1.15.2) libxcrypt mutter (44.0+8 -> 44.0+18) nfs-utils samba (4.18.0+git.294.508b693e5c -> 4.18.1+git.298.4ccf830b2a4) snapper timezone (2023b -> 2023c) timezone-java (2023b -> 2023c) util-linux util-linux-systemd vim (9.0.1392 -> 9.0.1430) xen (4.17.0_04 -> 4.17.0_06) === Details === ==== coreutils ==== Version update (9.1 -> 9.2) Subpackages: coreutils-doc coreutils-lang - update to 9.2: * cksum now accepts the --base64 (-b) option to print base64-encoded checksums. It also accepts/checks such checksums. * cksum now accepts the --raw option to output a raw binary checksum. No file name or other information is output in this mode. * cp, mv, and install now accept the --debug option to print details on how a file is being copied. * factor now accepts the --exponents (-h) option to print factors in the form p^e, rather than repeating the prime p, e times. * ls now supports the --time=modification option, to explicitly select the default mtime timestamp for display and sorting. * mv now supports the --no-copy option, which causes it to fail when asked to move a file to a different file system. * split now accepts options like '-n SIZE' that exceed machine integer range, when they can be implemented as if they were infinity. * split -n now accepts piped input even when not in round-robin mode, by first copying input to a temporary file to determine its size. * wc now accepts the --total={auto,never,always,only} option to give explicit control over when the total is output. * 'cp --reflink=always A B' no longer leaves behind a newly created empty file B merely because copy-on-write clones are not supported. * 'cp -n' and 'mv -n' now exit with nonzero status if they skip their action because the destination exists, and likewise for 'cp - i', 'ln -i', and 'mv -i' when the user declines. (POSIX specifies this for 'cp -i' and 'mv -i'.) * cp, mv, and install again read in multiples of the reported block size, to support unusual devices that may have this constraint. * du --apparent now counts apparent sizes only of regular files and symbolic links. POSIX does not specify the meaning of apparent sizes (i.e., st_size) for other file types, and counting those sizes could cause confusing and unwanted size mismatches. * 'ls -v' and 'sort -V' go back to sorting ".0" before ".A", reverting to the behavior in coreutils-9.0 and earlier. This behavior is now documented. * ls --color now matches a file extension case sensitively if there are different sequences defined for separate cases. * printf unicode \uNNNN, \UNNNNNNNN syntax, now supports all valid unicode code points. Previously is was restricted to the C universal character subset, which restricted most points <= 0x9F. * runcon now exits with status 125 for internal errors. Previously upon internal errors it would exit with status 1, which was less distinguishable from errors from the invoked command. * 'split -n N' now splits more evenly when the input size is not a multiple of N, by creating N output files whose sizes differ by at most 1 byte. Formerly, it did this only when the input size was less than N. * 'stat -c %s' now prints sizes as unsigned, consistent with 'ls'. * a long list of bugfixes, see included NEWS file for details - drop gnulib-simple-backup-fix.patch (upstream) - drop coreutils-tests-workaround-make-fdleak.patch (obsolete) ==== gnome-control-center ==== Version update (44.0+7 -> 44.0+20) Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-lang gnome-control-center-user-faces - Update to version 44.0+20: + datetime: Fix NTP switch getting out of sync. + shell/style: Add workaround to make disabled pictures are painted as such. + illustrated-row, split-row: Add widget name and css class. + region: Fix label of formats for the login screen. + keyboard: Fix cancel button issue. + Updated translations. ==== gnome-shell ==== Version update (44.0+28 -> 44.0+42) Subpackages: gnome-extensions gnome-shell-calendar gnome-shell-lang - Update to version 44.0+42: + appFavorite: - Add missing .desktop extension for simplescan - Rename simple-scan.desktop + style: Light variant fixes and accommodations + extensionDownloader: Check schemadir existence and type + status/network: Fix a11y names for VPN connection menu items + quickSettings: Fix icon-name construct property in menu toggles + screenshot: Fix broken GLib.Error.matches call + Updated translations. ==== gobject-introspection ==== Subpackages: girepository-1_0 libgirepository-1_0-1 - Run meson_test only on x86(_64) arches until upstream issue is fixed. https://gitlab.gnome.org/GNOME/gobject-introspection/-/issues/458 ==== gstreamer-plugins-bad ==== Subpackages: gstreamer-plugins-bad-lang libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0 - Move conditional pkgconfig(vo-amrwbenc) BuildRequires to main part of spec, now available in distro. Stop passing voamrwbenc=disabled to meson. ==== kernel-source ==== Version update (6.2.8 -> 6.2.9) - Linux 6.2.9 (bsc#1012628). - interconnect: qcom: osm-l3: fix icc_onecell_data allocation (bsc#1012628). - interconnect: qcom: sm8450: switch to qcom_icc_rpmh_* function (bsc#1012628). - interconnect: qcom: qcm2290: Fix MASTER_SNOC_BIMC_NRT (bsc#1012628). - perf/core: Fix perf_output_begin parameter is incorrectly invoked in perf_event_bpf_output (bsc#1012628). - perf: fix perf_event_context->time (bsc#1012628). - tracing/hwlat: Replace sched_setaffinity with set_cpus_allowed_ptr (bsc#1012628). - drm/amd/display: fix k1 k2 divider programming for phantom streams (bsc#1012628). - drm/amd/display: Remove OTG DIV register write for Virtual signals (bsc#1012628). - drm/amd/display: Fix DP MST sinks removal issue (bsc#1012628). - arm64: dts: freescale: imx8-ss-lsio: Fix flexspi clock order (bsc#1012628). - arm64: dts: qcom: sc8280xp: Add label property to vadc channel nodes (bsc#1012628). - arm64: dts: qcom: sm6375: Add missing power-domain-named to CDSP (bsc#1012628). - arm64: dts: qcom: sm8450: correct WSA2 assigned clocks (bsc#1012628). - arm64: dts: qcom: sm8450: Mark UFS controller as cache coherent (bsc#1012628). - power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition (bsc#1012628). - power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition (bsc#1012628). - wifi: mt76: do not run mt76_unregister_device() on unregistered hw (bsc#1012628). - wifi: mt76: connac: do not check WED status for non-mmio devices (bsc#1012628). - efi: earlycon: Reprobe after parsing config tables (bsc#1012628). - arm64: dts: imx8dxl-evk: Disable hibernation mode of AR8031 for EQOS (bsc#1012628). - arm64: dts: imx8dxl-evk: Fix eqos phy reset gpio (bsc#1012628). - ARM: dts: imx6sll: e70k02: fix usbotg1 pinctrl (bsc#1012628). - ARM: dts: imx6sll: e60k02: fix usbotg1 pinctrl (bsc#1012628). - ARM: dts: imx6sl: tolino-shine2hd: fix usbotg1 pinctrl (bsc#1012628). - arm64: dts: imx8mn: specify #sound-dai-cells for SAI nodes (bsc#1012628). - arm64: dts: imx93: add missing #address-cells and #size-cells to i2c nodes (bsc#1012628). - NFS: Fix /proc/PID/io read_bytes for buffered reads (bsc#1012628). - NFS: Correct timing for assigning access cache timestamp (bsc#1012628). - xsk: Add missing overflow check in xdp_umem_reg (bsc#1012628). - iavf: fix inverted Rx hash condition leading to disabled hash (bsc#1012628). - iavf: fix non-tunneled IPv6 UDP packet type and hashing (bsc#1012628). - iavf: do not track VLAN 0 filters (bsc#1012628). - intel/igbvf: free irq on the error path in igbvf_request_msix() (bsc#1012628). - igbvf: Regard vf reset nack as success (bsc#1012628). - igc: fix the validation logic for taprio's gate list (bsc#1012628). - i2c: imx-lpi2c: check only for enabled interrupt flags (bsc#1012628). - i2c: mxs: ensure that DMA buffers are safe for DMA (bsc#1012628). - i2c: hisi: Only use the completion interrupt to finish the transfer (bsc#1012628). - scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate() (bsc#1012628). - nfsd: don't replace page in rq_pages if it's a continuation of last page (bsc#1012628). - net: dsa: b53: mmap: fix device tree support (bsc#1012628). - net: usb: smsc95xx: Limit packet length to skb->len (bsc#1012628). - qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info (bsc#1012628). - xirc2ps_cs: Fix use after free bug in xirc2ps_detach (bsc#1012628). - net: phy: Ensure state transitions are processed from phy_stop() (bsc#1012628). - net: mdio: fix owner field for mdio buses registered using device-tree (bsc#1012628). - net: mdio: fix owner field for mdio buses registered using ACPI (bsc#1012628). - net: stmmac: Fix for mismatched host/device DMA address width (bsc#1012628). - thermal/drivers/mellanox: Use generic thermal_zone_get_trip() function (bsc#1012628). - mlxsw: core_thermal: Fix fan speed in maximum cooling state (bsc#1012628). - drm/i915/fbdev: lock the fbdev obj before vma pin (bsc#1012628). - drm/i915/mtl: Disable MC6 for MTL A step (bsc#1012628). - drm/i915/guc: Rename GuC register state capture node to be more obvious (bsc#1012628). - drm/i915/guc: Fix missing ecodes (bsc#1012628). - drm/i915/gt: perform uc late init after probe error injection (bsc#1012628). ... changelog too long, skipping 340 lines ... - commit c9a94ac ==== ldb ==== Version update (2.7.1 -> 2.7.2) Subpackages: libldb2 python3-ldb - CVE-2023-0614: Access controlled AD LDAP attributes can be discovered (bso#15270); (bsc#1209485). ==== libheif ==== Version update (1.15.1 -> 1.15.2) Subpackages: gdk-pixbuf-loader-libheif libheif1 - update to 1.15.2 * Fixes an incompatibility with AOM v3.6.0. * A couple of smaller fixes. ==== libxcrypt ==== - Enable LTO now (boo#1138833) and use FAT LTO objects for static libs. ==== mutter ==== Version update (44.0+8 -> 44.0+18) Subpackages: mutter-lang - Update to version 44.0+18: + backends: Use meta_gamma_lut_new_sized() in a few more places + compositor: - Drop anchor_window_pos field from MetaWindowDrag - Use relative anchor coordinates for window drags - Avoid use of variable during resize + onscreen/native: Avoid freezing the frame clock on failed cursor commits + window-actor-x11: Check array bounds before accessing array + build: Don't disable checks in release builds + tests: Use a more interoperable path to bash + backend/nested: Ignore setting pointer constraint + Updated translations. - Clean up spec, drop old disabled and unneeded pkgconfig(gtk+-3.0) BuildRequires and move disabled patches to SLE. ==== nfs-utils ==== Subpackages: libnfsidmap1 nfs-client - Add 0007-mount.nfs-always-include-mountpoint-or-spec-if-error.patch boo#1157881 - Add 0008-nfsd.man-fix-typo-in-section-on-scope.patch bsc#1209859 - Allow scope to be sed in sysconfig: NFSD_SCOPE - Add explicit pkgconfig(libkeyutils) BuildRequires: nfs-utils requires this for nfsv4 and we should not rely on the devel package being brought in by other deps. ==== samba ==== Version update (4.18.0+git.294.508b693e5c -> 4.18.1+git.298.4ccf830b2a4) Subpackages: libsamba-policy0-python3 samba-ad-dc-libs samba-client samba-client-libs samba-libs samba-libs-python3 samba-python3 - Update to 4.18.1 * CVE-2023-0225: AD DC "dnsHostname" attribute can be deleted by unprivileged authenticated users. (bso#15276);(bsc#1209483). * CVE-2023-0614: Access controlled AD LDAP attributes can be discovered (bso#15270); (bsc#1209485). * CVE-2023-0922: Samba AD DC admin tool samba-tool sends passwords in cleartext(bso#15315);(bsc#1209481). * ldb wildcard matching makes excessive allocations; (bso#15331). * large_ldap test is inefficient; (bso#15332). ==== snapper ==== Subpackages: libsnapper6 snapper-zypp-plugin - use xz compression instead of bzip2 for source tar (gh#openSUSE/snapper#277) ==== timezone ==== Version update (2023b -> 2023c) - timezone update 2023c: * Reverts changes for 2023 Lebanon DST change to 2023a data ==== timezone-java ==== Version update (2023b -> 2023c) - timezone update 2023c: * Reverts changes for 2023 Lebanon DST change to 2023a data ==== util-linux ==== Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 util-linux-lang - login.pamd, remote.pamd: include postlogin-* rules - runuser.pamd, su.pamd: Include common-session-nonlogin instead of common-session ==== util-linux-systemd ==== - login.pamd, remote.pamd: include postlogin-* rules - runuser.pamd, su.pamd: Include common-session-nonlogin instead of common-session ==== vim ==== Version update (9.0.1392 -> 9.0.1430) Subpackages: vim-data vim-data-common vim-small - Updated to version 9.0.1430, fixes the following problems * The included xdiff code is a bit outdated. * Lean files are not recognized. * Build failure because SIZE_MAX is not defined. * Nu files are not recognized. * Sage files are not recognized. * WebAssembly Interface Type files are not recognized. * Unused macros are defined. * "wat" and "wast" files are one filetype. * Indent wrong after "export namespace" in C++. * Warning for uninitialized variable. (Tony Mechelynck) * Cursor in wrong position when leaving insert mode. * Invalid memory access when ending insert mode. * Livebook files are not recognized. - Create a standalone package for xxd * This is used by non-vim tools too - Updated to version 9.0.1418, fixes the following problems - fixes CVE-2023-1355 * Using NULL pointer with nested :open command. * Cairo files are not recognized. * Unx Tal files are not recognized. * Odin files are not recognized. * sort(list, 'N') does not work in Vim9 script context. * Highlight for popupmenu kind and extra cannot be set. * Profile test repeats the headers many times. * Highlight test script has a few problems. * find_file_in_path() is not reentrant. * Condition is always true. * Crash when using null_class. * Unused variables and functions. * Compilation error with some compilers. * Missing check for out-of-memory. * ILE RPG files are not recognized. * TableGen files are not recognized. * QMLdir files are not recognized. * Racket files are recognized as scheme. * Accuracy of profiling is not optimal. * Pony files are not recognized. * Compiler warning for unused variable. * <M-S-x> in Kitty does not use the Shift modifier. * Crystal files are not recognized. * Crash when collection is modified when using filter(). * ESDL files are not recognized. * The included xdiff code is a bit outdated. ==== xen ==== Version update (4.17.0_04 -> 4.17.0_06) - Upstream bug fixes (bsc#1027519) 63a03b73-VMX-VMExit-based-BusLock-detection.patch 63a03ba6-VMX-INTR_SHADOW_NMI-helper.patch 63a03bce-VMX-Notify-VMExit.patch 63e53ac9-x86-CPUID-leaves-7-1-ecx-edx.patch 63e53ac9-x86-disable-CET-SS-when-fractured-updates.patch 63f4d045-x86-ucode-AMD-apply-early-on-all-threads.patch 63fe06e0-x86-ucode-AMD-apply-late-on-all-threads.patch 641041e8-VT-d-constrain-IGD-check.patch 6419697d-AMD-IOMMU-no-XT-x2APIC-phys.patch - Use "proper" upstream backports: 640f3035-x86-altp2m-help-gcc13.patch 64104238-bunzip-gcc13.patch 64199e0c-x86-shadow-account-for-log-dirty-mode.patch 64199e0d-x86-HVM-bound-number-of-pca-regions.patch 64199e0e-x86-HVM-serialize-pca-list-manipulation.patch 64199e0f-x86-spec-ctrl-defer-CR4_PV32_RESTORE-for-CSTAR.patch - ... in place of: bunzip-gcc13.patch altp2m-gcc13.patch xsa427.patch xsa428-1.patch xsa428-2.patch xsa429.patch - bsc#1209245 - fix host-assisted kexec/kdump for HVM domUs libxl.fix-guest-kexec-skip-cpuid-policy.patch - bsc#1209017 - VUL-0: CVE-2022-42332: xen: x86 shadow plus log-dirty mode use-after-free (XSA-427) xsa427.patch - bsc#1209018 - VUL-0: CVE-2022-42333,CVE-2022-42334: xen: x86/HVM pinned cache attributes mis-handling (XSA-428) xsa428-1.patch xsa428-2.patch - bsc#1209019 - VUL-0: CVE-2022-42331: xen: x86: speculative vulnerability in 32bit SYSCALL path (XSA-429) xsa429.patch