Packages changed: alsa (1.2.9 -> 1.2.10) alsa-ucm-conf (1.2.9 -> 1.2.10) alsa-utils (1.2.9 -> 1.2.10) at-spi2-core (2.48.3 -> 2.48.4) bluez (5.68 -> 5.69) crypto-policies drbd (9.0.30~1+git.8e9c0812 -> 9.1.16) drbd-utils (9.19.0 -> 9.25.0) elfutils-debuginfod glib2 (2.76.4 -> 2.76.5) gnome-shell (44.3 -> 44.4) grep grub2 javapackages-tools (6.1.0 -> 6.2.0) konsole libadwaita (1.3.4 -> 1.3.5) libei (1.0.0 -> 1.1.0) libgphoto2 (2.5.30 -> 2.5.31) libstorage-ng (4.5.136 -> 4.5.139) lsb-release man mozilla-nss (3.92 -> 3.93) mozjs102 (102.14.0 -> 102.15.0) multipath-tools (0.9.5+68+suse.d1b6a1c -> 0.9.6+71+suse.f07325e) mutter (44.3 -> 44.4) nodejs20 (20.5.1 -> 20.6.0) open-isns perl-URI (5.19 -> 5.210.0) pigz (2.7 -> 2.8) python-async_timeout (4.0.2 -> 4.0.3) python-chardet (5.1.0 -> 5.2.0) python-lxml python-outcome python-psycopg2 (2.9.6 -> 2.9.7) python-setuptools (67.8.0 -> 68.1.2) qpdf (11.5.0 -> 11.6.0) rdma-core shaderc (2023.4 -> 2023.6) suse-module-tools (16.0.34 -> 16.0.35) unbound (1.17.1 -> 1.18.0) vsftpd webkit2gtk3 webkit2gtk3-soup2 wireless-regdb (20230721 -> 20230901) yast2-trans (84.87.20230818.ea489402e5 -> 84.87.20230901.be24cb382f) zvbi (0.2.41 -> 0.2.42) zypper (1.14.62 -> 1.14.64) === Details === ==== alsa ==== Version update (1.2.9 -> 1.2.10) Subpackages: libasound2 libatopology2 - Update to version 1.2.10: * MIDI 2.0 feature support * build fixes for various platforms * various documentation fixes * misc topology fixes * ucm fixes and cleanups For details, see: https://www.alsa-project.org/wiki/Changes_v1.2.9_v1.2.10#alsa-lib - Took upstream fix for possible build errors: 0001-control.h-Fix-ump-header-file-detection.patch ==== alsa-ucm-conf ==== Version update (1.2.9 -> 1.2.10) - Update to version 1.2.10: * updates / fixes for various devices: mtk-rt5650, usb-audio, tegra es8316, sof-essx8336, pinephone, Steinberg UR44C, AMD ACP RPL, ACP63, sof-hda-dsp, etc For details, see: https://www.alsa-project.org/wiki/Changes_v1.2.9_v1.2.10#alsa-ucm-conf - Upstream regression fix: 0001-SplitPCM-Device-argument-may-not-be-set.patch ==== alsa-utils ==== Version update (1.2.9 -> 1.2.10) - Update to alsa-utils 1.2.10: * MIDI 2.0 / UMP support for sequencer programs * nhlt: add nhlt-dmic-info utility * Build fixes and cleanups * speaker-test: allow large buffer and period time setup - up to 100 seconds * various topology fixes For details, see: https://www.alsa-project.org/wiki/Changes_v1.2.9_v1.2.10#alsa-utils - Fix the builds with old gcc: 0001-axfer-use-ATTRIBUTE_UNUSED-instead-remove-argument-n.patch 0002-amidi-use-ATTRIBUTE_UNUSED-instead-remove-argument-n.patch 0003-alsaloop-use-ATTRIBUTE_UNUSED-instead-remove-argumen.patch 0004-bat-use-ATTRIBUTE_UNUSED-instead-remove-argument-nam.patch 0005-seq-use-ATTRIBUTE_UNUSED-instead-remove-argument-nam.patch 0006-alsaucm-use-ATTRIBUTE_UNUSED-instead-remove-argument.patch 0007-topology-use-ATTRIBUTE_UNUSED-instead-remove-argumen.patch ==== at-spi2-core ==== Version update (2.48.3 -> 2.48.4) Subpackages: libatk-1_0-0 libatk-bridge-2_0-0 libatspi0 typelib-1_0-Atk-1_0 typelib-1_0-Atspi-2_0 - Update to version 2.48.4: + Add atspi_get_version() to return the runtime version of the AT-SPI library. + collection: - Fix match testing for attributes. - Avoid locking up if an object has a very large child count. + Fix possible NULL pointer dereference when deregistering an event listener. + Various fixes for the new key grabbing API. ==== bluez ==== Version update (5.68 -> 5.69) Subpackages: bluez-auto-enable-devices bluez-cups bluez-zsh-completion libbluetooth3 - update to 5.69 * Fix issue with BAP enabling state correctly when resuming. * Fix issue with detaching source ASEs only after Stop Ready. * Fix issue with handling VCP audio location and descriptor. * Fix issue with generating IRK for adapter with privacy enabled. * Add support for BAP broadcast sink. - Add three new man pages ==== crypto-policies ==== Subpackages: crypto-policies-scripts - Tests: Fix pylint versioning for TW and fix the parsing of the policygenerators to account for the commented lines correctly. * Add crypto-policies-pylint.patch * Rebase crypto-policies-policygenerators.patch - FIPS: Adapt the fips-mode-setup script to use the pbl command from the perl-Bootloader package to replace grubby. Add a note for transactional systems [jsc#PED-4578]. * Rebase crypto-policies-FIPS.patch ==== drbd ==== Version update (9.0.30~1+git.8e9c0812 -> 9.1.16) Subpackages: drbd-kmp-64kb drbd-kmp-default - Update DRBD version from 9.0.30+ to 9.1.16 (PED-6362) * 9.1.16 (api:genl2/proto:86-121/transport:18) * shorten times DRBD keeps IRQs on one CPU disabled. Could lead to connection interruption under specific conditions * fix a corner case where resync did not start after resync-pause state flapped * fix online adding of volumes/minors to an already connected resource * fix a possible split-brain situation with quorum enabled with ping-timeout set to (unusual) high value * fix a locking problem that could lead to kernel OOPS * ensure resync can continue (bitmap-based) after interruption also when it started as a full-resync first * correctly handle meta-data when forgetting diskless peers * fix a possibility of getting a split-brain although quorum enabled * correctly propagate UUIDs after resync following a resize operation. Consequence could be a full resync instead of a bitmap-based one * fix a rare race condition that can cause a drbd device to end up with WFBitMapS/Established replication states * 9.1.15 (api:genl2/proto:86-121/transport:18) * fix how flush requests are marked when submitted to the Linux IO stack on the secondary node * when establishing a connection failed with a two-pc timeout, a receiver thread deadlocked, causing drbdsetup calls to block on that resource (difficult to trigger) * fixed a NULL-ptr deref (a OOPS) caused by a rare race condition while taking a resource down * fix a possible hard kernel-lockup, can only be triggerd when a CPU-mask is configured * updated kernel compatibility to at least Linux head and also fixed a bug in the compat checks/rules that caused OOPSes of the previous drbd releases when compiled with Linux-6.2 (or on RHEL 9.2 kernel). * fix an aspect of the data-generation (UUID) handling where DRBD failed to do a resync when a diskless node in the remaining partition promotes and demotes while a diskful node is isolated * fix an aspect of the data-generation (UUID) handling where DRBD considered a node to have unrelated data; this bug was triggered by a sequence involving removing two nodes from a cluster and readding one with the "day-0" UUIDs. * do not block specific state changes (promote, demote, attach, and detach) when only some nodes add a new minor * 9.1.14 (api:genl2/proto:86-121/transport:18) * fix a race with concurrent promotion and demotion, which can lead to an unexpected "split-brain" later on * fix a specific case where promotion was allowed where it should not * fix a race condition between auto-promote and a second two-phase commit that can lead to a DRBD thread locking up in an endless loop * fix several bugs with "resync-after": - missing resync-resume when minor numbers run in opposite direction as the resync-after dependencies - a race that might lead to an OOPS in add_timer() * fix an OOPS when reading from in_flight_summary in debugfs * fix a race that might lead to an endless loop of printing "postponing start_resync" while starting a resync * fix diskless node with a diskfull with a 4KiB backend * simplify remembering two-pc parents, maybe fixing a one-time-seen bug * derive abort_local_transaction timeout from ping-timeout * 9.1.13 (api:genl2/proto:86-121/transport:18) * when calculating if a partition has quorum, take into account if the missing nodes might have quorum * fix forget-peer for diskless peers * clear the resync_again counter upon disconnect * also call the unfence handler when no resync happens * do not set bitmap bits when attaching to an up-to-date disk (late) * work on bringing the out-of-tree DRBD9 closer to DRBD in the upstream kernel; Use lru_cahche.ko from the installed kernel whenever possible * 9.1.12 (api:genl2/proto:86-121/transport:18) * fix a race that could result in connection attempts getting aborted with the message "sock_recvmsg returned -11" * rate limit messages in case the peer can not write the backing storage and it does not finish the necessary state transitions * reduced the receive timeout during connecting to the intended 5 seconds (ten times ping-ack timeout) * losing the connection at a specific point in time during establishing a connection could cause a transition to StandAlone; fixed that, so that it keeps trying to connect * fix a race that could lead to a fence-peer handler being called unexpectedly when the fencing policy is changed at the moment before promoting * 9.1.11 (api:genl2/proto:86-121/transport:18) * The change introduced with 9.1.10 created another problem that might lead to premature request completion (kernel crash); reverted that change and fix it in another way * 9.1.10 (api:genl2/proto:86-121/transport:18) * fix a regression introduced with 9.1.9; using protocol A on SMP with heavy IO can might cause kernel crash * 9.1.9 (api:genl2/proto:86-121/transport:18) * fix a mistake in the compat generation code; it broke DRBD on partitions on kernel older than linux 5.10 (this was introduced with drbd-9.1.8; not affected: logical volumes) * fix for a bug (introduced with drbd-9.0.0), that caused possible inconsistencies in the mirror when using the 'resync-after' option * fix a bug that could cause a request to get stuck after an unlucky timing with a loss of connection * close a very small timing window between connect and promote that could lead to the new-current-uuid not being transmitted to the concurrently connecting peer, which might lead to denied connections later on * fix a recently introduced OOPS when adding new volumes to a connected resource ... changelog too long, skipping 131 lines ... - bsc-1206791-09-pmem-use-fs_dax_get_by_bdev-instead-of-dax_get_by_ho.patch ==== drbd-utils ==== Version update (9.19.0 -> 9.25.0) - Update to 9.25.0 (PED-5842) * drbdsetup,v9,show: fix meta disk format for json * drbdmeta: {hex,}dump superblock * drbdmon: major rewrite * build: gcc v12 cleanups * misc: put locks into separate dir * selinux: add fowner fsetsid, they dropped a global noaudit rule * v9: Support user-defined block-size * doc,v9: improvements all over the place * drbdadm,v9: implement drbdadm role * drbdadm,v9: pass --verbose/--statistics to drbdsetup status * drbd{adm,meta}: add repair-md subcommand * drbdadm,v9,resync-after: fix too strict check * drbdadm,v9,floating: fixup fake uname for 9.2.x strict_names=1 * drbdadm,v9,parser: fixup globs, also rm GNU libc specific extensions * drbdadm,v9,parser: allow via outside-address for NATed peers * parser,v9: deprecate named connections * drbd-selinux: add sub package, minor packaging/spec changes * drbdadm: allow files from expanded glob to vanish * drbdadm,v9: fix potential segfault in postparse * drbdadm,v9: fix sh-ip when set on connection/path * drbdmeta: fix apply-al for bitmap sizes > 4GiB * drbd-service-shim.sh: add secondary --force * ocf: fix for dropped --peer option * drbdsetup,v9: show susupend reason in json output * drbdsetup,v9: add secondary --force * drbdsetup,v9: fix *susp_str() for events2 diff mode * drdbdadm,v9: fix sh-resource * drdbdadm,v9: rm --peer=connect_to_host * ocf: deal with situation where PM node name and actual node name do not match * notify.sh: deal with unset DRBD_PEER env variable * crm-fence-peer: fix timeout with Pacemaker 2.0.5 * drbdmeta: don't wait for confirmation if not a TTY * drbdadm,v9: Pass '--force' to certain drbdmeta commands * drbdmeta: do init in chunks; allow different methods * build: various minor fixes (udev detection, POSIX, compiler flags, allow doc building with asciidoctor,...) * drbd.ocf: fix type (relevant for certain pcs versions) * crm-fence-peer: fix timeout with Pacemaker 2.1 * v9,proxy: allow multiple sharing a proxy node * v9,drbdsetup: quote resource name in "show" * build: allow building for RHEL9.0, minor cleanups * reactor/systemd: allow proper actions (e.g., reboot) if demotion fails. - introduce new systemd service: drbd-demote-or-escalate@.service - remove v83 v84 binaries (incompatible with kmp) - drop patches which are already included in latest code: - 0001-crm-fence-peer-fix-timeout-with-Pacemaker-2.1-milli-.patch - 0002-crm-fence-peer-fix-timeout-with-Pacemaker-2.0.5-mill.patch - add upstream patch: + 0001-drbdadm-v9-do-not-segfault-when-re-configuring-proxy.patch + 0002-user-drbrdmon-add-missing-stdint.h-includes.patch + 0003-Introduce-default_types.h-header.patch - change patch name: - 0001-Disable-quorum-in-default-configuration-bsc-1032142.patch + bsc-1032142_Disable-quorum-in-default-configuration.patch - rebase patch: + pie-fix.patch + rpmlint-build-error.patch ==== elfutils-debuginfod ==== Subpackages: debuginfod-client debuginfod-profile libdebuginfod1 - Conditionalize config(debuginfod-profile) Requires tag in the debuginfod-client sub-package, with the help of the %sle_version macro, so only Tumbleweed (currently the only distro supported by debuginfod.opensuse.org) sets it. ==== glib2 ==== Version update (2.76.4 -> 2.76.5) Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 libgthread-2_0-0 - Update to version 2.76.5: + Bugs fixed: - Possible SEGV (null pointer deref) in distribute_method_call(). - Possible SEGV (null pointer deref) in _g_resource_file_new(). - Backport !3529 “gmenuexporter: synchronization in org_gtk_Menus_get_interface.” to glib-2-76. - Backport !3547 “glib/gfileutils.c: use 64 bits for value in get_tmp_file()” to glib-2-76. - Backport !3554 “gresourcefile: Fix crash if called with a badly escaped URI” to glib-2-76. - Backport !3555 “gkeyfile: Fix overwriting of GError” to glib-2-76. - Backport !3539 “gdbusmessage: Validate required headers have the right type” to glib-2-76. ==== gnome-shell ==== Version update (44.3 -> 44.4) Subpackages: gnome-extensions gnome-shell-calendar - Update to version 44.4: + Fix accessibility of quick settings sliders. + Allow notification dismissal with backspace. + Misc. bug fixes and cleanups. + Updated translations. ==== grep ==== - export CONFIG_SHELL=/bin/sh before running configure: results in the shell script (egrep/fgrep) to receive a /bin/sh shebang instead of requiring bash (the local shell used to build). ==== grub2 ==== Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin - grub2-mkconfig-riscv64.patch: Handle riscv64 in mkconfig ==== javapackages-tools ==== Version update (6.1.0 -> 6.2.0) Subpackages: javapackages-filesystem - Upgrade to upstream version 6.2.0 * Întegrate our changes from javapackages-6.1.0-maven-depmap.patch - Removed patch: * javapackages-6.1.0-maven-depmap.patch + upstreamed - Added patch: * 0001-Make-the-alias-generation-reproducible.patch + separate patch for our reproducible changes that was not part of the integrated pull request ==== konsole ==== Subpackages: konsole-part konsole-part-lang konsole-zsh-completion - Add upstream crash fix (kde#473043) * 0001-Fix-crashes-in-testTerminalInterface.patch ==== libadwaita ==== Version update (1.3.4 -> 1.3.5) Subpackages: libadwaita-1-0 typelib-1_0-Adw-1 - Update to version 1.3.5: + Set the correct gettext domain on all widgets. + AdwExpanderRow: Accessibility fixes. + AdwStyleManager: Fix over-releasing a string on macOS. + Demo: Correctly dismiss the last toast in the dialogs demo. + Stylesheet: - Fix menubutton.card corners. - Fix button.card focus ring transition. - Avoid background overdraw in GtkColumnView. + Updated translations. ==== libei ==== Version update (1.0.0 -> 1.1.0) - Update to release 1.1 * Correct documentation for ei_touch_(get|set)_user_data - Update to release 1.0.901 (1.1.0~rc1) * ei_device_get_region_at() and its libeis equivalent was added as a helper to obtain a device's region at a given point. * ei_region_get_mapping_id() returns the mapping id previously set by the EIS implementation via eis_region_set_mapping_id(). This mapping id can be used to identify external resources that have a relationship with this region. This is a protocol addition and bumps the ei_device protocol to version 2. ==== libgphoto2 ==== Version update (2.5.30 -> 2.5.31) Subpackages: libgphoto2-6 libgphoto2_port12 - updated to 2.5.31 release ptp2: * do better event queueing during capture (makes capture faster, avoids losing events) * Canon EOS: OLC logic rewritten to be table driven, more debugging of the content, config "testolc" to generate debugoutput. Supports more cameras better. * Canon EOS: various bugfixes * Sony Alpha: Added config options: focusarea, liveviewsettingeffect * Olympus: Enabled OM-1 capture * Battery Level: also support ENUM style battery reporting for Canon * Nikon 1: S1 also does not support everything * Sony Alpha: small changes in config setters * merged some improvements from NorthOfYou fork for Canon EOS, Nikon and Sony * New ids: - Canon EOS 850D, R7, R10, R5 C, R6m2 - Fuji X-H2, X-T5 - GOPRO HERO 11 BLACK, 11 BLACK mini - new ids also imported from libmtp - Nikon Z30, Z8 - OMSYSTEM OM-1 - Pentax KP (PTP mode) - Ricoh GR IIIx - Sigma fp L - Sony A7S III, ILCE-1, ILME-FX3, 7RM5 aka A7-RV, digigr8: * fixed init to not switch to webcam mode pentax: * Added Pentax KP general: * disable log formatting when we are not logging (speeds up large downloads, as we are not hex dumping the whole data and immediately discard the result) * libltdl usage now thread-safe. (some other library pieces are not threadsafe yet) * some time_t 32bit vs 64bit fixes * some cleanups and warning fixes translations: * updated swedish, spanish * added georgian, friulian - libgphoto2-enable-vusb-ptp.patch: upstream ==== libstorage-ng ==== Version update (4.5.136 -> 4.5.139) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#946 - improved json parse functions to handle string and integer - 4.5.139 - merge gh#openSUSE/libstorage-ng#945 - fixed parsing of lsscsi version for older lsscsi versions (bsc#1214814) - 4.5.138 - merge gh#openSUSE/libstorage-ng#944 - add awk to GitHub action for Tumbleweed - 4.5.137 ==== lsb-release ==== - add 797e459ecaa482bf8e7bfe02cf5f1cea367ba9e9.patch to fix bashisms ==== man ==== - Fix the content in patch file man-propose-online.patch ==== mozilla-nss ==== Version update (3.92 -> 3.93) Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs mozilla-nss-tools - Update to NSS 3.93: + bmo#1849471 - Update zlib in NSS to 1.3. + bmo#1848183 - softoken: iterate hashUpdate calls for long inputs. + bmo#1813401 - regenerate NameConstraints test certificates (boo#1214980). - Rebase nss-fips-pct-pubkeys.patch. ==== mozjs102 ==== Version update (102.14.0 -> 102.15.0) - Update to version 102.15.0: + Various security fixes and other quality improvements. + CVE-2023-4573: Memory corruption in IPC CanvasTranslator + CVE-2023-4574: Memory corruption in IPC ColorPickerShownCallback + CVE-2023-4575: Memory corruption in IPC FilePickerShownCallback + CVE-2023-4576: Integer Overflow in RecordedSourceSurfaceCreation + CVE-2023-4581: XLL file extensions were downloadable without warnings + CVE-2023-4584: Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2 ==== multipath-tools ==== Version update (0.9.5+68+suse.d1b6a1c -> 0.9.6+71+suse.f07325e) Subpackages: kpartx libmpath0 - Update to version 0.9.6+71+suse.f07325e: * avoid changing SCSI timeouts in "multipath -d" (bsc#1213809) - Update to version 0.9.6+70+suse.63925e8: Upstream feature additions and bug fixes: * ignore nvme devices by default if nvme native multipath is enabled * add "group_by_tpg" path_grouping_policy * add config options "detect_pgpolicy" and "detect_pgpolicy_use_tpg" * libmultipath: add ALUA tpg path wildcard "%A" * make prioritizer timeouts consistent with checker timeouts * fix dev_loss_tmo even if not set in configuration (bsc#1212440) * libmultipath: fix max_sectors_kb on adding path * fix warnings reported by udevadm verify ==== mutter ==== Version update (44.3 -> 44.4) - Update to version 44.4: + Fix xwayland-allow-byte-swapped-clients setting. + Fix restoring focus when leaving the overview. + Fix touch move operations on subsurfaces. + Fix flickering when DRI driver isn't available. + Fix unexpected cursor changes over non-resizable windows. + Fix restoring maximized state of SSD windows. + Fix window focus unexpectedly moving to secondary monitor when changing workspaces. + Fixed crash. + Misc. bug fixes and cleanups. + Updated translations. ==== nodejs20 ==== Version update (20.5.1 -> 20.6.0) Subpackages: npm20 - Update to 20.6.0: * add support for .env files to configure envrionment variables * import.meta.resolve unflagged * deps: npm updated to 9.8.1 - nodejs.keyring: updated to include current upstream releasers ==== open-isns ==== - Disable SLP by default for Factory and ALP (bsc#1214884) ==== perl-URI ==== Version update (5.19 -> 5.210.0) - updated to 5.21 see /usr/share/doc/packages/perl-URI/Changes 5.21 2023-08-23 16:02:14Z - Fix version declarations in icap.pm and icaps.pm (GH#131) (Olaf Alders) 5.20 2023-08-23 14:13:23Z - Remove Shebang and Taint from all tests. - Fix t/query.t to get rid of a warning about join() on array with undef - Add icap and icaps URIs (GH#130) (david-dick) ==== pigz ==== Version update (2.7 -> 2.8) - version update to 2.8 - Fixed a version bug when compiling with the just-released zlib 1.3 - Will save a modification time only for regular files (just like gzip since 1.10) - Will write all available uncompressed data on an error, for partial data recovery - deleted patches - pigz-2.7-NOTHREAD-tests.patch (upstreamed) ==== python-async_timeout ==== Version update (4.0.2 -> 4.0.3) - update to 4.0.3: * Fixed compatibility with asyncio.timeout() on Python 3.11+. * Added support for Python 3.11. * Dropped support for Python 3.6. ==== python-chardet ==== Version update (5.1.0 -> 5.2.0) - update to 5.2.0: * Adds support for running chardet CLI via `python -m chardet` ==== python-lxml ==== - skip html5lib tests - cyclic dependency with html5lib tests - remove python 2.x from testing ==== python-outcome ==== - drop outdated depndendy on async_generator (see https://github.com/python-trio/outcome/issues/12) ==== python-psycopg2 ==== Version update (2.9.6 -> 2.9.7) - update to 2.9.7: * Fix propagation of exceptions raised during module initialization * Fix building when pg_config returns an empty string ==== python-setuptools ==== Version update (67.8.0 -> 68.1.2) - update to 68.1.2 * Fix editable install finder handling of nested packages, by only handling 1 level of nesting and relying on importlib.machinery to find the remaining modules based on the parent package path. - add sphinx72.patch: address circular imports in sphinx 7.2+ - update to 68.1.0 * Removed code referencing bdist_wininst in install_scripts. * Promote pyproject.toml’s [tool.setuptools] out of beta. * Automatically add files listed in Extension.depends to sdists, as long as they are contained in the project directory * Require Python 3.8 or later. * Use default encoding to create .pth files with editable_wheel. * Detects (and complain about) scripts and gui-scripts set via setup.py when pyproject.toml does not include them in dynamic. - update to 68.0.0: * Removed verification for existing ``depends.txt`` file * Remove autofixing of broken ``.egg-info`` directories containing the ``-`` character in their base name (without suffix). * Remove deprecated APIs in ``easy_install``: ``get_script_args``, ``get_script_header`` and ``get_writer``. * Removed ``egg_info.get_pkg_info_revision`` (deprecated * Removed ``setuptools.dist._get_unpatched`` (deprecated * Removed support for SVN in ``setuptools.package_index`` (deprecated since 2018). * Removed support for invalid ``pyproject.toml`` files. * Added symlink support to launcher for installed executables -- by :user:`eugene-sevostianov-sc` * Updated vendored ``packaging`` version from 23.0 to 23.1 -- by :user:`MetRonnie` * Implemented workaround for old versions of ``vswhere``, which miss the * ``-requiresAny`` parameter, such as the ones distributed together with Visual Studio 2017 < 15.6. * Changed ``DistutilsMetaFinder`` to skip ``spec_for_pip`` on Python >= 3.12. * Removed ``_distutils_hack.remove_shim`` on Python >= 3.12 (since ``distutils`` was removed from the standard library, ``DistutilsMetaFinder`` cannot be disabled on Python >= 3.12). * #3920: Add a link to deprecation warning in ``pkg_resources`` and improve ``stacklevel`` for better visibility. - drop use-tarfile-extraction_filter.patch (upstream) ==== qpdf ==== Version update (11.5.0 -> 11.6.0) - version update to 11.6.0 - Bug fixes: - Fix corner case in the ASCII85 decoder. - Properly report warnings when ``--pages`` is used and the warnings appear in other than the primary file. - Improve ``--bash-completion`` and ``--zsh-completion`` to better support paths with spaces in them. - Move detection of random number device from compile-time to runtime to improve cross compilation. - Fix bugs around attempting to copy ``/Pages`` objects with ``copyForeignObject`` (which explicitly doesn't allow this). ==== rdma-core ==== Subpackages: libefa1 libibverbs libibverbs1 libmana1 libmlx4-1 libmlx5-1 librdmacm1 rdma-ndd - Add missing-quoting.patch - Use normal GNU tar option syntax - Remove old RPM spec logic (%defattr) ==== shaderc ==== Version update (2023.4 -> 2023.6) - Update to release 2023.6 * Build system updates only ==== suse-module-tools ==== Version update (16.0.34 -> 16.0.35) Subpackages: suse-module-tools-scriptlets - Update to version 16.0.35: * split off regenerate-initrd-posttrans in the kernel-scriptlets package (boo#1213459) * wm2: Update for usrmerge (boo#1214428) ==== unbound ==== Version update (1.17.1 -> 1.18.0) Subpackages: libunbound8 unbound-anchor - Update to 1.18.0: * Features: - Аdd a metric about the maximum number of collisions in lrushah. - Set max-udp-size default to 1232. This is the same default value as the default value for edns-buffer-size. It restricts client edns buffer size choices, and makes unbound behave similar to other DNS resolvers. - Add harden-unknown-additional option. It removes unknown records from the authority section and additional section. - Added new static zone type block_a to suppress all A queries for specific zones. - [FR] Ability to use Redis unix sockets. - [FR] Ability to set the Redis password. - Features/dropqueuedpackets, with sock-queue-timeout option that drops packets that have been in the socket queue for too long. Added statistics num.queries_timed_out and query.queue_time_us.max that track the socket queue timeouts. - 'eqvinox' Lamparter: NAT64 support. - [FR] Use kernel timestamps for dnstap. - Add cachedb hit stat. Introduces 'num.query.cachedb' as a new statistical counter. - Add SVCB dohpath support. - Add validation EDEs to queries where the CD bit is set. - Add prefetch support for subnet cache entries. - Add EDE (RFC8914) caching. - Add support for EDE caching in cachedb and subnetcache. - Downstream DNS Server Cookies a la RFC7873 and RFC9018. Create server cookies for clients that send client cookies. This needs to be explicitly turned on in the config file with: `answer-cookie: yes`. * Bug Fixes - Response change to NODATA for some ANY queries since 1.12. - Fix not following cleared RD flags potentially enables amplification DDoS attacks. - Set default for harden-unknown-additional to no. So that it does not hamper future protocol developments. - Fix to ignore entirely empty responses, and try at another authority. This turns completely empty responses, a type of noerror/nodata into a servfail, but they do not conform to RFC2308, and the retry can fetch improved content. - Allow TTL refresh of expired error responses. - Fix: Unexpected behavior with client-subnet-always-forward and serve-expired - Fix unbound-dnstap-socket test program to reply the finish frame over a TLS connection correctly. - Fix: reserved identifier violation - Fix: Unencrypted query is sent when forward-tls-upstream: yes is used without tls-cert-bundle - Extra consistency check to make sure that when TLS is requested, either we set up a TLS connection or we return an error. - Fix: NXDOMAIN instead of NOERROR rcode when asked for existing CNAME record. - Fix: Bad interaction with 0 TTL records and serve-expired - Fix RPZ IP responses with trigger rpz-drop on cache entries. - Fix RPZ removal of client-ip, nsip, nsdname triggers from IXFR. - Fix dereference of NULL variable warning in mesh_do_callback. - Fix ip_ratelimit test to work with dig that enables DNS cookies. - Fix for iter_dec_attempts that could cause a hang, part of capsforid and qname minimisation, depending on the settings. - Fix uninitialized memory passed in padding bytes of cmsg to sendmsg. - Fix stat_values test to work with dig that enables DNS cookies. - unbound.service: Main process exited, code=killed, status=11/SEGV. Fixes cachedb configuration handling. - Fix: processQueryResponse() THROWAWAY should be mindful of fail_reply. ==== vsftpd ==== - Use pam macros to install pam config in /usr/lib/pam.d - Adjust vsftpd.pam to include postlogin config (replace wtmp with wtmpdb for Y2038 [jsc#3144]) ==== webkit2gtk3 ==== Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Expand lang sub-package in spec file unconditionally to handle previous name change from WebKit2GTK-lang to WebKitGTK-lang. This change affected the automatic generated Requires tag on WebKit2GTK-%{_apiver}, then getting out of sync of what's being required and what's being provided. Now, any sub-package that was providing WebKit2GTK-%{_apiver} will provide WebKitGTK-%{_apiver} instead (boo#1214835, boo#1214640). ==== webkit2gtk3-soup2 ==== Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles - Expand lang sub-package in spec file unconditionally to handle previous name change from WebKit2GTK-lang to WebKitGTK-lang. This change affected the automatic generated Requires tag on WebKit2GTK-%{_apiver}, then getting out of sync of what's being required and what's being provided. Now, any sub-package that was providing WebKit2GTK-%{_apiver} will provide WebKitGTK-%{_apiver} instead (boo#1214835, boo#1214640). ==== wireless-regdb ==== Version update (20230721 -> 20230901) - Update to version 20230901: * wireless-regdb: update regulatory database based on preceding changes * wireless-regdb: Update regulatory rules for Australia (AU) for June 2023 ==== yast2-trans ==== Version update (84.87.20230818.ea489402e5 -> 84.87.20230901.be24cb382f) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sr yast2-trans-sv yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20230901.be24cb382f: * Translated using Weblate (Slovak) * Translated using Weblate (Dutch) * Translated using Weblate (Japanese) * Translated using Weblate (Czech) * Translated using Weblate (Catalan) * New POT for text domain 'bootloader'. * Translated using Weblate (Kurdish) * Translated using Weblate (Kurdish) ==== zvbi ==== Version update (0.2.41 -> 0.2.42) - version update to 0.2.42 * Fix several compiler warnings. * Apply patch to consider ERASE_PAGE flag with single page transmissions. ==== zypper ==== Version update (1.14.62 -> 1.14.64) Subpackages: zypper-log zypper-needs-restarting - Fix name of the bash completion script (bsc#1215007) In 1.14.63 the location of the bash completion script was changed to /usr/share/bash-completion/completions/. But the patch failed to also rename the completion script. The original script name zypper.sh is not recognized at the new location. - Update notes about failing signature checks (bsc#1214395) It might be a transient issue if the server is in the midst of receiving new data. Retry after a few minutes might work. - Improve the SIGINT handler to be signal safe (bsc#1214292) This patch updates the SIGINT handling strategy to be signal safe. Meaning the signal handler will do not much more than setting a flag, which we are going to check in the normal program flow as much as possible. - version 1.14.64 - Changed location of bash completion script (bsc#1213854). This changes the location of zypper.sh bash completion script from /usr/share/bash-completion/completions/. - version 1.14.63