Packages changed: Mesa Mesa-drivers apache2-mod_php8 (8.2.12 -> 8.2.13) avahi avahi-glib2 gstreamer-plugins-bad kded kernel-firmware-nvidia-gspx-G06 (545.29.02 -> 545.29.06) libadwaita libbpf (1.2.2 -> 1.3.0) libdrm libgcrypt libqt5-qtwebengine (5.15.15 -> 5.15.16) libsolv (0.7.26 -> 0.7.27) libstorage-ng (4.5.157 -> 4.5.158) multipath-tools (0.9.6+115+suse.07776fb -> 0.9.7+76+suse.5f857af) nvidia-open-driver-G06-signed (545.29.02_k6.6.2_1 -> 545.29.06_k6.6.2_1) php8 (8.2.12 -> 8.2.13) python-Twisted (22.10.0 -> 23.10.0) python-anyio (3.6.2 -> 3.7.1) python-charset-normalizer (3.2.0 -> 3.3.0) python-linux-procfs (0.7.1 -> 0.7.3) python-markdown-it-py (2.2.0 -> 3.0.0) python-mdit-py-plugins (0.3.0 -> 0.4.0) python-pexpect (4.8.0 -> 4.9.0) python311 (3.11.5 -> 3.11.6) python311-core (3.11.5 -> 3.11.6) raspberrypi-firmware (2023.04.25 -> 2023.11.21) raspberrypi-firmware-config (2023.04.25 -> 2023.11.21) raspberrypi-firmware-dt (2023.05.02 -> 2023.11.21) ruby-common selinux-policy (20231030 -> 20231124) webkit2gtk3 webkit2gtk3-soup2 yast2-trans (84.87.20231117.f12231d4de -> 84.87.20231121.7869d671a6) === Details === ==== Mesa ==== Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libOSMesa8 libgbm1 - buildrequire 'pkgconfig(SPIRV-Tools)' also with disabled rusticl (new dep since some time) - re-disable rusticl on sle15-sp6 to prevent more deps (rust-bindgen) - buildrequire 'pkgconfig(LLVMSPIRVLib)' also with disabled rusticl (new dep since some time) - enable rusticl on sle15-sp6 - let sle15-sp6 require llvm17/clang17 ==== Mesa-drivers ==== Subpackages: Mesa-dri Mesa-gallium Mesa-libva - buildrequire 'pkgconfig(SPIRV-Tools)' also with disabled rusticl (new dep since some time) - re-disable rusticl on sle15-sp6 to prevent more deps (rust-bindgen) - buildrequire 'pkgconfig(LLVMSPIRVLib)' also with disabled rusticl (new dep since some time) - enable rusticl on sle15-sp6 - let sle15-sp6 require llvm17/clang17 ==== apache2-mod_php8 ==== Version update (8.2.12 -> 8.2.13) - version update to 8.2.13 * This is a bug fix release. https://www.php.net/ChangeLog-8.php#8.2.13 ==== avahi ==== Subpackages: libavahi-client3 libavahi-common3 libavahi-core7 - avahi-autoipd: drop the post script part migrating the user owning files in /var/lib/avahi-autoipd: the code was aiding migrations from SLE<=11/openSUSE<=12.3, which are no longer in scope for upgrades nowadays. - avahi-autoipd: guard %post chown with -h, to not follow symlinks (boo#1217398). ==== avahi-glib2 ==== Subpackages: libavahi-glib1 libavahi-gobject0 libavahi-ui-gtk3-0 - avahi-autoipd: drop the post script part migrating the user owning files in /var/lib/avahi-autoipd: the code was aiding migrations from SLE<=11/openSUSE<=12.3, which are no longer in scope for upgrades nowadays. - avahi-autoipd: guard %post chown with -h, to not follow symlinks (boo#1217398). ==== gstreamer-plugins-bad ==== Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0 - Move pkgconfig(dvdnav) and pkgconfig(dvdread) BuildRequires out of BUILD_ORIG conditional, and stop passing resindvd=disabled and siren=disabled to meson setup, build dvd and siren 7 support in main package. ==== kded ==== - Pull in kconf_update5 ==== kernel-firmware-nvidia-gspx-G06 ==== Version update (545.29.02 -> 545.29.06) - update firmware to version 545.29.06 ==== libadwaita ==== Subpackages: libadwaita-1-0 typelib-1_0-Adw-1 - Add 3e3967d5f69180644519936991cad10136e84ca9.patch: Fix building against libappstream 1.0 (boo#1217047). ==== libbpf ==== Version update (1.2.2 -> 1.3.0) - update to 1.3.0: * support for `netfilter` programs is added `SEC("netfilter")` is now available * API function `bpf_program__attach_netfilter()` is now available * support for `tcx` BPF programs is added: * the following new SEC definitions are now available: SEC("tc/egress"), SEC("tc/ingress"), SEC("tcx/egress"), SEC("tcx/ingress") * the following SEC definitions are now considered legacy: SEC("tc"), SEC("action"), SEC("classifier") * functions `bpf_prog_attach_opts()` and `bpf_prog_query_opts()` are extended to work with `tcx` programs, plus two new API functions are added: * the following new SEC definitions are now available: SEC("uprobe.multi"), SEC("uprobe.multi.s"), SEC("uretprobe.multi"), SEC("uretprobe.multi.s") * support for section `SEC("usdt.s")` is added for sleepable `usdt` programs; * support for Unix domain socket cgroup BPF programs is added the following new SEC definitions are now available: SEC("cgroup/connect_unix"),SEC("cgroup/sendmsg_unix"), SEC("cgroup/recvmsg_unix"), SEC("cgroup/getpeername_unix"), SEC("cgroup/getsockname_unix") * new `LIBBPF_OPTS_RESET()` utility macro; * new `bpf_object__unpin()` function to complement existing `bpf_object__pin()`; * new API functions for work with ring buffers * uprobe SEC matcher extended to allow golang symbols; * uprobe support for symbols versioning; * `bpf_map__set_value_size()` can now be used to resize memory mapped region for memory mapped maps; * `struct bpf_xdp_query_opts` extended with `xdp_zc_max_segs` output field; * basic BTF sanity check pass added to reject bogus BTF. * fix for btf_dump__dump_type_data() when type contains bitfields; * fix for correct work of offsetof() and container_of() macro with CO-RE; * no longer attempt to load modules BTF when resolving CO-RE relocations if CAP_SYS_ADMIN are absent; * regex based function search for "kprobe.multi/" programs no longer attempts to trace functions that cannot be traced; * bpf_program__set_type() no longer resets sec_def if it is set to a custom fallback SEC handler; * fix for memory leak possible after bpf_program__set_attach_target() call; ==== libdrm ==== Subpackages: libdrm2 libdrm_amdgpu1 libdrm_nouveau2 libdrm_radeon1 - adjusted n_libdrm-drop-valgrind-dep-generic.patch, n_libdrm-drop-valgrind-dep-intel.patch ==== libgcrypt ==== - Re-create HMAC checksum after RPM build strips the library (bsc#1217058) ==== libqt5-qtwebengine ==== Version update (5.15.15 -> 5.15.16) - Update to version 5.15.16: * Bump version to 5.15.16 * Add check for system ffmpeg compatibility * Fix handling of external URLs in PDFs * Update Chromium: * [Backport] CVE-2023-5996: Use after free in WebAudio * [Backport] CVE-2023-5482 and CVE-2023-5849 * [Backport] CVE-2023-45853: Buffer overflow in MiniZip * [Backport] Security bug 1478470 * [Backport] Security bug 1472365 and 1472366 * [Backport] CVE-2023-5218: Use after free in Site Isolation * [Backport] Security bug 1486316 * FIXUP: [Backport] [PA] Support 16kb pagesize on Linux+ARM64 * [Backport] Add Intel Meteorlake GPU series type * [Backport] Add Intel Raptorlake GPU series type * [Backport] Add a few missing IntelGpuSeriesTypes in gpu_util.cc * [Backport] Add Intel Alchemist GPU series type * [Backport] Add Alderlake to intel_gpu_series field in gpu control list. * [Backport] Add missing Intel GPU series types. * [Backport] Add Alderlake's GPU to list supporting two NV12 overlay planes. * [Backport] CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx * [Backport] Security bug 1479104 * [Backport] [PA] Support 16kb pagesize on Linux+ARM64 * [Backport] Replace uses of re2::StringPiece::set(). * Fix build with GCC 13 * Fix errors and warnings for perfetto * Remove nodiscard attribute from cpwl_combo_box.h * Bump V8_PATCH_LEVEL * [Backport] CVE-2023-4762: Type Confusion in V8 * [Backport] CVE-2023-4362: Heap buffer overflow in Mojom IDL * [Backport] CVE-2023-4354: Heap buffer overflow in Skia * [Backport] CVE-2023-4351: Use after free in Network * Disable Windows IME for GPU thread * [Backport] CVE-2023-4863: Heap buffer overflow in WebP * [Backport] Security bug 1465224 * [Backport] Dependency for security bug 1465224 * [Backport] CVE-2023-4071: Heap buffer overflow in Visuals * [Backport] CVE-2023-4076: Use after free in WebRTC * [Backport] CVE-2023-4074: Use after free in Blink Task Scheduling ==== libsolv ==== Version update (0.7.26 -> 0.7.27) Subpackages: libsolv-tools python3-solv ruby-solv - add zstd support for the installcheck tool - add putinowndirpool cache to make file list handling in repo_write much faster - bump version to 0.7.27 ==== libstorage-ng ==== Version update (4.5.157 -> 4.5.158) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#966 - fixed build with libxml 2.12.0 - 4.5.158 ==== multipath-tools ==== Version update (0.9.6+115+suse.07776fb -> 0.9.7+76+suse.5f857af) Subpackages: kpartx libmpath0 - Update to version 0.9.7+76+suse.5f857af: * Update to upstream 0.9.7 (jsc#PED-6464) * added max_retries config option to limit SCSI retries * added auto_resize config option to enable resizing multipath maps automatically * fixed memory and error handling for code using aio (marginal path code, directio path checker) * dropped modules-load.d/multipath.conf; replaced by a dependency on modprobe@dm-multipath.service (systemd >= 245: SLE15-SP3 and later only) and a softdep on sd_mod for the SCSI device handlers (bsc#1217377) * On SLE/Leap suse-module-tools doesn't ship a scsi_mod->sd_mod softdep yet. Add it here, too. It will be overridden by s-m-t when it's added there. * drop usr_prefix= setting in SLE build recipes (set to /usr by upstream automatically) ==== nvidia-open-driver-G06-signed ==== Version update (545.29.02_k6.6.2_1 -> 545.29.06_k6.6.2_1) - Update to 545.29.06 ==== php8 ==== Version update (8.2.12 -> 8.2.13) Subpackages: php8-cli php8-ctype php8-dom php8-gd php8-gettext php8-iconv php8-mbstring php8-mysql php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter - version update to 8.2.13 * This is a bug fix release. https://www.php.net/ChangeLog-8.php#8.2.13 ==== python-Twisted ==== Version update (22.10.0 -> 23.10.0) Subpackages: python311-Twisted python311-Twisted-tls - Update to 23.10.0 * reactor.spawnProcess() now uses posix_spawnp when possible, making it much more efficient (#5710) * Twisted now officially supports Python 3.11. (#10343) * twisted.internet.defer.race has been added as a way to get the first available result from a list of Deferreds. (#11817) * The CI suite was updated to execute the tests using a Python 3.12 pre-release (#11857) * PyAsn1 has been removed as a conch dependency. * Due to changes in the way raw private key byte serialization are handled in Cryptography, and widespread support for Ed25519 in current versions of OpenSSL, we no longer support PyNaCl as a fallback for Ed25519 keys in Conch. (#11871) * In Twisted 16.3.0, we changed twisted.web to stop dispatching HTTP/1.1 pipelined requests to application code. There was a bug in this change which still allowed clients which could send multiple full HTTP requests in a single TCP segment to trigger asynchronous processing of later requests, which could lead to out-of-order responses. This has now been corrected and twisted.web should never process a pipelined request over HTTP/1.1 until the previous request has fully completed. (CVE-2023-46137, GHSA-cq7q-gv5w-rwx2) (#11976) * Drop support for Python 3.7. Remove twisted[contextvars] extra (contextvars are always available in Python 3.7+) (#11913) * When using CPython, functions wrapped by twisted.internet.defer.inlineCallbacks can have their arguments and return values freed immediately after completion (due to there no longer being circular references). (#11885) - Delete merged patches: * regenerate-cert-to-work-with-latest-service-identity.patch * no-pygtkcompat.patch * support-new-glibc.patch * CVE-2023-46137-HTTP-pipeline-response.patch * remove-pynacl-optional-dependency.patch * py311-tests-compat.patch ==== python-anyio ==== Version update (3.6.2 -> 3.7.1) - update to 3.7.1: * Fixed sending large buffers via UNIX stream sockets on asyncio * Fixed several minor documentation issues (broken links to classes, missing classes or attributes) * Dropped support for Python 3.6 * Improved type annotations: * Several functions and methods that were previously annotated as accepting ``Coroutine[Any, Any, Any]`` as the return type of the callable have been amended to accept ``Awaitable[Any]`` instead, to allow a slightly broader set of coroutine-like inputs, like ``async_generator_asend`` objects returned from the ``asend()`` method of async generators, and to match the ``trio`` annotations: * ``anyio.run()`` * ``anyio.from_thread.run()`` * ``TaskGroup.start_soon()`` * ``TaskGroup.start()`` * ``BlockingPortal.call()`` * ``BlockingPortal.start_task_soon()`` * ``BlockingPortal.start_task()`` * Changed ``TLSAttribute.shared_ciphers`` to match the documented semantics of ``SSLSocket.shared_ciphers`` of always returning ``None`` for client-side streams * Fixed ``CapacityLimiter`` on the asyncio backend to order waiting tasks in the FIFO order (instead of LIFO) * Fixed ``CancelScope.cancel()`` not working on asyncio if called before entering the scope * Fixed ``open_signal_receiver()`` inconsistently yielding integers instead of ``signal.Signals`` instances on the ``trio`` backend * Fixed ``to_thread.run_sync()`` hanging on asyncio if the target callable raises ``StopIteration`` * Fixed ``start_blocking_portal()`` raising an unwarranted * ``RuntimeError: This portal is not running`` if a task raises an exception that causes the event loop to be closed * Fixed ``current_effective_deadline()`` not returning ``-inf`` on asyncio when the currently active cancel scope has been cancelled (PR by Ganden Schaffner) * Fixed the ``OP_IGNORE_UNEXPECTED_EOF`` flag in an SSL context created by default in ``TLSStream.wrap()`` being inadvertently set on Python 3.11.3 and 3.10.11 * Fixed ``CancelScope`` to properly handle asyncio task uncancellation on Python 3.11 * Fixed ``OSError`` when trying to use ``create_tcp_listener()`` to bind to a link-local * IPv6 address (and worked around related bugs in ``uvloop``) * Worked around a `PyPy bug `_ when using ``anyio.getaddrinfo()`` with for IPv6 link-local addresses containing interface names - drop fix-failing-tls-tests.patch support-trio-0.22.patch: obsolete - update to 3.7.1: * Fixed sending large buffers via UNIX stream sockets on asyncio * Fixed several minor documentation issues (broken links to classes, missing classes or * attributes) * **3.7.0** * Dropped support for Python 3.6 * Improved type annotations: * Several functions and methods that were previously annotated as accepting * ``Coroutine[Any, Any, Any]`` as the return type of the callable have been amended to * accept ``Awaitable[Any]`` instead, to allow a slightly broader set of coroutine-like * inputs, like ``async_generator_asend`` objects returned from the ``asend()`` method * of async generators, and to match the ``trio`` annotations: * ``anyio.run()`` * ``anyio.from_thread.run()`` * ``TaskGroup.start_soon()`` * ``TaskGroup.start()`` * ``BlockingPortal.call()`` * ``BlockingPortal.start_task_soon()`` * ``BlockingPortal.start_task()`` * Note that this change involved only changing the type annotations; run-time * functionality was not altered. * The ``TaskStatus`` class is now a generic protocol, and should be parametrized to * indicate the type of the value passed to ``task_status.started()`` * The ``Listener`` class is now covariant in its stream type * ``create_memory_object_stream()`` now allows passing only ``item_type`` * Object receive streams are now covariant and object send streams are correspondingly * contravariant * Changed ``TLSAttribute.shared_ciphers`` to match the documented semantics of * ``SSLSocket.shared_ciphers`` of always returning ``None`` for client-side streams * Fixed ``CapacityLimiter`` on the asyncio backend to order waiting tasks in the FIFO * order (instead of LIFO) (PR by Conor Stevenson) * Fixed ``CancelScope.cancel()`` not working on asyncio if ... changelog too long, skipping 30 lines ... * interface names ==== python-charset-normalizer ==== Version update (3.2.0 -> 3.3.0) - update to 3.3.0: * Allow to execute the CLI (e.g. normalizer) through `python -m charset_normalizer.cli` or `python -m charset_normalizer` * Support for 9 forgotten encoding that are supported by Python but unlisted in `encoding.aliases` as they have no alias * Optional mypyc compilation upgraded to version 1.5.1 for Python >= 3.7 * Unable to properly sort CharsetMatch when both chaos/noise and coherence were close due to an unreachable condition in \_\_lt\_\_ (#350) ==== python-linux-procfs ==== Version update (0.7.1 -> 0.7.3) - update to 0.7.3: * python 3.12 support (remove distutils) * drop spec files and add SPDX licenses ==== python-markdown-it-py ==== Version update (2.2.0 -> 3.0.0) - Update to version 3.0.0: * drop python 3.7 support * Update from upstream markdown-it 12.2.0 to 13.0.0 - A key change is the addition of a new Token type, text_special, which is used to represent HTML entities and backslash escaped characters. - This ensures that (core) typographic transformation rules are not incorrectly applied to these texts. - The final core rule is now the new text_join rule, which joins adjacent text/text_special tokens, and so no text_special tokens should be present in the final token stream. - Any custom typographic rules should be inserted before text_join. - A new linkify rule has also been added to the inline chain, which will linkify full URLs (e.g. https://example.com), and fixes collision of emphasis and linkifier (so http://example.org/foo._bar_-_baz is now a single link, not emphasized). - Emails and fuzzy links are not affected by this. * REFACTOR: Replace most character code use with strings - The use of StateBase.srcCharCode is deprecated (with backward-compatibility), and all core uses are replaced by StateBase.src. - Conversion of source string characters to an integer representing the Unicode character is prevalent in the upstream JavaScript implementation, to improve performance. However, it is unnecessary in Python and leads to harder to read code and performance deprecations (during the conversion in the StateBase initialisation). * Centralise indented code block tests - For CommonMark, the presence of indented code blocks prevent any other block element from having an indent of greater than 4 spaces. - Certain Markdown flavors and derivatives, such as mdx and djot, disable these code blocks though, since it is more common to use code fences and/or arbitrary indenting is desirable. - Previously, disabling code blocks did not remove the indent limitation, since most block elements had the 3 space limitation hard-coded. - This change centralised the logic of applying this limitation (in StateBlock.is_code_block), and only applies it when indented code blocks are enabled. * Maintenance changes - Strict type annotation checking has been applied to the whole code base, ruff is now used for linting, and fuzzing tests have been added to the CI, to integrate with Google OSS-Fuzz testing, thanks to @DavidKorczynski. ==== python-mdit-py-plugins ==== Version update (0.3.0 -> 0.4.0) - Update to version 0.4.0: * UPGRADE: Drop python 3.7 and support 3.11 (#77) * UPGRADE: Allow markdown-it-py v3 (#85) - Make field_list compatible with latest upstream (#75) - Convert state.srcCharCode -> state.src (#84) - Remove unnecessary method arg by @chrisjsewell in( #76) - Centralise code block test (#83 and #87) - This means that disabling the code block rule in markdown-it-py v3+ will now allow all syntax blocks to be indented by any amount of whitespace. * Improve dollarmath plugin: Add allow_blank_lines option, thanks to @eric-wieser (#46) * Improve admon plugin: Add ??? support, thanks to @KyleKing (#58) * MAINTAIN: Make type checking strict (#86) - v0.3.5: * FIX: Regression in dollarmath by @chrisjsewell in #69 * Fix regression in amsmath by @chrisjsewell in #70 * Correct project documentation link by @andersk in #73 * RELEASE v0.3.5 by @chrisjsewell in #74 - v0.3.4: * NEW: Add attrs_block_plugin by @chrisjsewell in #66 * Improve field lists by @chrisjsewell in #65 * Update pre-commit by @chrisjsewell in #64 (moving from flake8 to ruff) - v0.3.3: * FIX: attrs: span with end of inline before attrs by @chrisjsewell in #57 - v0.3.2: * MAINTAIN: Fix pre-commit configuration by @hukkin in #54 * NEW: Add span parsing to inline attributes plugin by @chrisjsewell in #55 * FIX: Task list item marker can be followed by any GFM whitespace by @hukkin in #42 * NEW: Port admon plugin by @KyleKing in #53 * RELEASE: v0.3.2 by @chrisjsewell in #56 - v0.3.1: * MAINTAIN: Remove upper bound from Python version constraint by @cjolowicz in #40 * MAINTAIN: Update pre-commit by @chrisjsewell in #47 * FIX: Parsing when newline is between footnote ID and first paragraph by @hukkin in #49 * Anchor ids in separate renders should not affect each other. by @distractedmosfet in #43 * PEP 621 package build, drop Python 3.6 by @chrisjsewell in #51 * NEW: Add attrs_plugin by @chrisjsewell in #50 * RELEASE: v0.3.1 by @chrisjsewell in #52 ==== python-pexpect ==== Version update (4.8.0 -> 4.9.0) - update to 4.9: * Add support for Python 3.12 #769. * Clean up temporary files after UnicodeTests #753. * Add Python 3.5, 3.6 and 3.12.0-rc.1 to test matrix #763. * Set prompt correctly for zsh #712. * Add zsh convenience function to replwrap module #751. * Rework async unittests to rely on unittest.IsolatedAsyncioTestCase #764. * Make test_expect.py work on POSIX systems that are not Linux based #698. * Add support for ``socket``, which allows sockets to be used crossplatform #745. * Update async to work on newer versions of python #732. * Remove deprecated RSAAuthentication option (SSHv1) #744. * Multiple CI fixes #743 #737 #742 #739 #722. * Use Github Actions for CI #734. * Remove pytest-capturelog from testing requirements #730. * Fix usage for Solaris #663 #604 #560. * Fix threading for new versions of python #684. * Fix documentation builds for use with Sphinx 3 #638. * Use ``sys.executable`` for tests and wrapper, allowing the calling python executable to be used instead #623. * Update documentation about Wexpect #623. * Added project urls to ``setup.py`` #620. * Provide examples for how to use Pexpect and Pyte #587. * Coerce compiled regex patterns type according to spawn encoding #560. * Several doc updates #626 #635 #643 #644 #728. drop 31fab7b0edbe9b3401507b5dfa4db6aaf3fabca5.patch, 684.patch, 715.patch, 742.patch, dae602d37493bae239e0e8db5b3dabafebfd59db.patch, fix-fail-no-alias.patch, no-python-binary.patch: upstream ==== python311 ==== Version update (3.11.5 -> 3.11.6) Subpackages: python311-curses python311-dbm - Remove not needed patch 103213-fetch-CONFIG_ARGS.patch - Refresh patches: - bpo-31046_ensurepip_honours_prefix.patch - fix_configure_rst.patch - Update to 3.11.6: - Core and Builtins - gh-109351: Fix crash when compiling an invalid AST involving a named (walrus) expression. - gh-109207: Fix a SystemError in __repr__ of symtable entry object. - gh-109179: Fix bug where the C traceback display drops notes from SyntaxError. - gh-88943: Improve syntax error for non-ASCII character that follows a numerical literal. It now points on the invalid non-ASCII character, not on the valid numerical literal. - gh-108959: Fix caret placement for error locations for subscript and binary operations that involve non-semantic parentheses and spaces. Patch by Pablo Galindo - gh-108520: Fix multiprocessing.synchronize.SemLock.__setstate__() to properly initialize multiprocessing.synchronize.SemLock._is_fork_ctx. This fixes a regression when passing a SemLock accross nested processes. - Rename multiprocessing.synchronize.SemLock.is_fork_ctx to multiprocessing.synchronize.SemLock._is_fork_ctx to avoid exposing it as public API. - Library - gh-110036: On Windows, multiprocessing Popen.terminate() now catchs PermissionError and get the process exit code. If the process is still running, raise again the PermissionError. Otherwise, the process terminated as expected: store its exit code. Patch by Victor Stinner. - gh-110038: Fixed an issue that caused KqueueSelector.select() to not return all the ready events in some cases when a file descriptor is registered for both read and write. - gh-109631: re functions such as re.findall(), re.split(), re.search() and re.sub() which perform short repeated matches can now be interrupted by user. - gh-109593: Avoid deadlocking on a reentrant call to the multiprocessing resource tracker. Such a reentrant call, though unlikely, can happen if a GC pass invokes the finalizer for a multiprocessing object such as SemLock. - gh-109613: Fix os.stat() and os.DirEntry.stat(): check for exceptions. Previously, on Python built in debug mode, these functions could trigger a fatal Python error (and abort the process) when a function succeeded with an exception set. Patch by Victor Stinner. - gh-109375: The pdb alias command now prevents registering aliases without arguments. - gh-107219: Fix a race condition in concurrent.futures. When a process in the process pool was terminated abruptly (while the future was running or pending), close the connection write end. If the call queue is blocked on sending bytes to a worker process, closing the connection write end interrupts the send, so the queue can be closed. Patch by Victor Stinner. - gh-50644: Attempts to pickle or create a shallow or deep copy of codecs streams now raise a TypeError. Previously, copying failed with a RecursionError, while pickling produced wrong results that eventually caused unpickling to fail with a RecursionError. - gh-108987: Fix _thread.start_new_thread() race condition. If a thread is created during Python finalization, the newly spawned thread now exits immediately instead of trying to access freed memory and lead to a crash. Patch by Victor Stinner. - gh-108843: Fix an issue in ast.unparse() when unparsing f-strings containing many quote types. - gh-108682: Enum: raise TypeError if super().__new__() is called from a custom __new__. - gh-105829: Fix concurrent.futures.ProcessPoolExecutor deadlock - gh-64662: Fix support for virtual tables in sqlite3.Connection.iterdump(). Patch by Aviv Palivoda. - gh-107913: Fix possible losses of errno and winerror values in OSError exceptions if they were cleared or modified by the cleanup code before creating the exception object. - gh-104372: On Linux where subprocess can use the vfork() syscall for faster spawning, prevent the parent process from blocking other threads by dropping the GIL while it waits for the vfork’ed child process exec() outcome. This prevents spawning a binary from a slow filesystem from blocking the rest of the application. - gh-84867: unittest.TestLoader no longer loads test cases from exact unittest.TestCase and unittest.FunctionTestCase classes. - Documentation - gh-109209: The minimum Sphinx version required for the documentation is now 4.2. - gh-105052: Update timeit doc to specify that time in seconds is just the default. - gh-102823: Document the return type of x // y when x and y have type float. - Tests - gh-110031: Skip test_threading tests using thread+fork if Python is built with Address Sanitizer (ASAN). Patch by Victor Stinner. - gh-110088: Fix test_asyncio timeouts: don’t measure the maximum duration, a test should not measure a CI performance. Only measure the minimum duration when a task has a timeout or delay. Add CLOCK_RES to test_asyncio.utils. Patch by Victor Stinner. - gh-110033: Fix test_interprocess_signal() of test_signal. Make sure that the subprocess.Popen object is deleted before the test raising an exception in a signal handler. Otherwise, Popen.__del__() can get the exception which is logged as ... changelog too long, skipping 106 lines ... multissltests to use 1.1.1w, 3.0.11, and 3.1.3. ==== python311-core ==== Version update (3.11.5 -> 3.11.6) Subpackages: libpython3_11-1_0 python311-base - Remove not needed patch 103213-fetch-CONFIG_ARGS.patch - Refresh patches: - bpo-31046_ensurepip_honours_prefix.patch - fix_configure_rst.patch - Update to 3.11.6: - Core and Builtins - gh-109351: Fix crash when compiling an invalid AST involving a named (walrus) expression. - gh-109207: Fix a SystemError in __repr__ of symtable entry object. - gh-109179: Fix bug where the C traceback display drops notes from SyntaxError. - gh-88943: Improve syntax error for non-ASCII character that follows a numerical literal. It now points on the invalid non-ASCII character, not on the valid numerical literal. - gh-108959: Fix caret placement for error locations for subscript and binary operations that involve non-semantic parentheses and spaces. Patch by Pablo Galindo - gh-108520: Fix multiprocessing.synchronize.SemLock.__setstate__() to properly initialize multiprocessing.synchronize.SemLock._is_fork_ctx. This fixes a regression when passing a SemLock accross nested processes. - Rename multiprocessing.synchronize.SemLock.is_fork_ctx to multiprocessing.synchronize.SemLock._is_fork_ctx to avoid exposing it as public API. - Library - gh-110036: On Windows, multiprocessing Popen.terminate() now catchs PermissionError and get the process exit code. If the process is still running, raise again the PermissionError. Otherwise, the process terminated as expected: store its exit code. Patch by Victor Stinner. - gh-110038: Fixed an issue that caused KqueueSelector.select() to not return all the ready events in some cases when a file descriptor is registered for both read and write. - gh-109631: re functions such as re.findall(), re.split(), re.search() and re.sub() which perform short repeated matches can now be interrupted by user. - gh-109593: Avoid deadlocking on a reentrant call to the multiprocessing resource tracker. Such a reentrant call, though unlikely, can happen if a GC pass invokes the finalizer for a multiprocessing object such as SemLock. - gh-109613: Fix os.stat() and os.DirEntry.stat(): check for exceptions. Previously, on Python built in debug mode, these functions could trigger a fatal Python error (and abort the process) when a function succeeded with an exception set. Patch by Victor Stinner. - gh-109375: The pdb alias command now prevents registering aliases without arguments. - gh-107219: Fix a race condition in concurrent.futures. When a process in the process pool was terminated abruptly (while the future was running or pending), close the connection write end. If the call queue is blocked on sending bytes to a worker process, closing the connection write end interrupts the send, so the queue can be closed. Patch by Victor Stinner. - gh-50644: Attempts to pickle or create a shallow or deep copy of codecs streams now raise a TypeError. Previously, copying failed with a RecursionError, while pickling produced wrong results that eventually caused unpickling to fail with a RecursionError. - gh-108987: Fix _thread.start_new_thread() race condition. If a thread is created during Python finalization, the newly spawned thread now exits immediately instead of trying to access freed memory and lead to a crash. Patch by Victor Stinner. - gh-108843: Fix an issue in ast.unparse() when unparsing f-strings containing many quote types. - gh-108682: Enum: raise TypeError if super().__new__() is called from a custom __new__. - gh-105829: Fix concurrent.futures.ProcessPoolExecutor deadlock - gh-64662: Fix support for virtual tables in sqlite3.Connection.iterdump(). Patch by Aviv Palivoda. - gh-107913: Fix possible losses of errno and winerror values in OSError exceptions if they were cleared or modified by the cleanup code before creating the exception object. - gh-104372: On Linux where subprocess can use the vfork() syscall for faster spawning, prevent the parent process from blocking other threads by dropping the GIL while it waits for the vfork’ed child process exec() outcome. This prevents spawning a binary from a slow filesystem from blocking the rest of the application. - gh-84867: unittest.TestLoader no longer loads test cases from exact unittest.TestCase and unittest.FunctionTestCase classes. - Documentation - gh-109209: The minimum Sphinx version required for the documentation is now 4.2. - gh-105052: Update timeit doc to specify that time in seconds is just the default. - gh-102823: Document the return type of x // y when x and y have type float. - Tests - gh-110031: Skip test_threading tests using thread+fork if Python is built with Address Sanitizer (ASAN). Patch by Victor Stinner. - gh-110088: Fix test_asyncio timeouts: don’t measure the maximum duration, a test should not measure a CI performance. Only measure the minimum duration when a task has a timeout or delay. Add CLOCK_RES to test_asyncio.utils. Patch by Victor Stinner. - gh-110033: Fix test_interprocess_signal() of test_signal. Make sure that the subprocess.Popen object is deleted before the test raising an exception in a signal handler. Otherwise, Popen.__del__() can get the exception which is logged as ... changelog too long, skipping 106 lines ... multissltests to use 1.1.1w, 3.0.11, and 3.1.3. ==== raspberrypi-firmware ==== Version update (2023.04.25 -> 2023.11.21) - Update to 8972935 (2023-11-21) * firmware: config: Add [pi5] to config.txt on 2711 and earlier platforms * firmware: arm_dt: Add support for the HAT map See: raspberrypi/linux#5610 * firmware: arm_dt: Ensure strings are NUL-terminated * firmware: video_decode: Add support for 32bpp RGB conversion * firmware: Image format patches * firmware: platform: Fixes for arm side display when throttling * firmware: dtoverlay: Support literal assignments of path strings * firmware: arm_loader: Fix non-standard console UARTs * firmware: arm_loader: Improve UART console selection * firmware: arm_loader: Remove unwanted assert * firmware: arm_loader: initramfs must match the kernel * firmware: arm_loader: Don't overwrite kernel path, check before loading stub * firmware: arm_loader: Use os_prefix when looking for stubs * firmware: arm_loader: Add auto_initramfs support * firmware: arm_loader: Set WiFi MAC address if all zeroes * firmware: platform: Don't set GPIOs 28&29 to RGMII if NO_RGMII trait is set ==== raspberrypi-firmware-config ==== Version update (2023.04.25 -> 2023.11.21) - Update to 8972935 (2023-11-21) * firmware: config: Add [pi5] to config.txt on 2711 and earlier platforms * firmware: arm_dt: Add support for the HAT map See: raspberrypi/linux#5610 * firmware: arm_dt: Ensure strings are NUL-terminated * firmware: video_decode: Add support for 32bpp RGB conversion * firmware: Image format patches * firmware: platform: Fixes for arm side display when throttling * firmware: dtoverlay: Support literal assignments of path strings * firmware: arm_loader: Fix non-standard console UARTs * firmware: arm_loader: Improve UART console selection * firmware: arm_loader: Remove unwanted assert * firmware: arm_loader: initramfs must match the kernel * firmware: arm_loader: Don't overwrite kernel path, check before loading stub * firmware: arm_loader: Use os_prefix when looking for stubs * firmware: arm_loader: Add auto_initramfs support * firmware: arm_loader: Set WiFi MAC address if all zeroes * firmware: platform: Don't set GPIOs 28&29 to RGMII if NO_RGMII trait is set - Add _multibuild to define 2nd spec file as additional flavor. Eliminates the need for source package links in OBS. ==== raspberrypi-firmware-dt ==== Version update (2023.05.02 -> 2023.11.21) - Update to 77f41f30fe (2023-11-21): * switch to 6.6 branch - Rebase patches: * 0001-ARM-dts-bcm2711-rpi-Reuse-bcm2836-vchiq-driver.patch * 0001-ARM-dts-bcm27xx-Use-better-name-for-spidev.patch ==== ruby-common ==== - gem_cleanup macro: yet another place which got hit by ruby 3.3 replace `gem env gemdir` with `ruby -r rubygems -e 'puts Gem.default_dir'` - Fix for the previous change. we need to set the GEM_HOME before even wrapping into the re-exec with ruby. - add workaround for https://github.com/rubygems/rubygems/commit/64273fd7e3 for now we will always set GEM_HOME to ensure that this new logic does not break our paths - ensure that gems built against an jemalloc enabled ruby also pulls a ruby version that is built with jemalloc ==== selinux-policy ==== Version update (20231030 -> 20231124) Subpackages: selinux-policy-targeted - Update to version 20231124: * Allow virtnetworkd_t to execute bin_t (bsc#1216903) - Add new modules that were missed in the last update to modules-mls-contrib.conf - Add new modules that were missed in the last update to modules-targeted-contrib.conf ==== webkit2gtk3 ==== Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Ensure max_link_jobs and max_compile_jobs have valid values even when %{jobs} is not defined (like when building outside of OBS). ==== webkit2gtk3-soup2 ==== Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles - Ensure max_link_jobs and max_compile_jobs have valid values even when %{jobs} is not defined (like when building outside of OBS). ==== yast2-trans ==== Version update (84.87.20231117.f12231d4de -> 84.87.20231121.7869d671a6) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20231121.7869d671a6: * New POT for text domain 'hana-ha'.