Packages changed: SDL2 (2.30.0 -> 2.30.1) SVT-AV1 (1.7.0 -> 1.8.0) apache2-mod_php8 exiv2 flatpak fontconfig (2.14.2 -> 2.15.0) gcc13 gnome-shell gpg2 (2.4.4 -> 2.4.5) graphviz inkscape java-21-openjdk kbd kexec-tools (2.0.27 -> 2.0.28) libXaw3d (1.6.5 -> 1.6.6) libaccounts-glib libassuan (2.5.6 -> 2.5.7) libdbusmenu-gtk2 libdbusmenu-gtk3 libeconf (0.6.1 -> 0.6.2) libexttextcat libosinfo libpng16 (1.6.42 -> 1.6.43) libqt5-qtwebengine libreoffice (7.6.4.1 -> 24.2.1.2) libstorage-ng (4.5.200 -> 4.5.201) libvirt (10.0.0 -> 10.1.0) libwacom (2.8.0 -> 2.10.0) libxcb llvm17 mariadb-connector-c multipath-tools (0.9.8+83+suse.bcae610 -> 0.9.8+87+suse.f72b9f3) ovmf perl perl-Authen-SASL perl-Convert-ASN1 perl-CryptX perl-File-Listing perl-HTTP-Cookies perl-HTTP-Message perl-IO-Tty perl-IPC-Run3 perl-LWP-Protocol-https perl-Mail-DKIM (1.20230911 -> 1.20240124) perl-Mail-SPF perl-Net-Patricia perl-URI perl-X11-Protocol perl-X500-DN perl-XML-LibXML (2.0209 -> 2.0210) perl-XML-Parser perl-XML-SAX perl-XML-Twig perl-libwww-perl permissions (1699_20240206 -> 1699_20240305) php8 polkit-default-privs (1550+20240223.b0857d7 -> 1550+20240307.987ebab) poppler (24.02.0 -> 24.03.0) poppler-qt5 (24.02.0 -> 24.03.0) python-jmespath python-libvirt-python (10.0.0 -> 10.1.0) python-qt5-sip rebootmgr (2.2 -> 2.3) salt sssd tcpd tracker tracker-miners unbound (1.19.1 -> 1.19.2) vim (9.1.0111 -> 9.1.0151) virt-manager virtiofsd xdm xfce4-clipman-plugin (1.6.5 -> 1.6.6) xfce4-panel (4.18.5 -> 4.18.6) xfce4-screensaver (4.18.2 -> 4.18.3) xfce4-taskmanager (1.5.6 -> 1.5.7) xfce4-terminal (1.1.2 -> 1.1.3) xz (5.4.6 -> 5.6.0) yast2-perl-bindings (5.0.1 -> 5.0.2) yast2-storage-ng (5.0.7 -> 5.0.8) === Details === ==== SDL2 ==== Version update (2.30.0 -> 2.30.1) - Update to release 2.30.1 * Fixed a regression causing SDL_WaitEvent() to return spurious failures * Wayland windows automatically have OpenGL enabled again * Fixed memory corruption when converting signed 16-bit audio to float * Fixed audio artifacts when converting signed 8-bit audio to float * Fixed the clip rectangle not being updated when the viewport changes in the SDL renderer ==== SVT-AV1 ==== Version update (1.7.0 -> 1.8.0) - Update to release 1.8.0 * Improve the tradeoffs for the random access mode across presets: * Speedup CRF presets M6 to M0 by 17-53% while maintaining similar quality levels * Re-adjust CRF presets M7 to M13 for better quality with BD-rate gains ranging from 1-4% * Improve the quality and speed of the 1-pass VBR mode * Add API allowing to update bitrate / CRF and Key_frame placement during the encoding session for CBR lowdelay mode and CRF Random Access mode * ARM Neon SIMD optimizations for most critical kernels allowing for a 4.5-8x fps speedup vs the c implementation ==== apache2-mod_php8 ==== - Use the system default cipher list instead of hardcoded values by using crypto-policies. [bsc#1211301] * Use the --with-system-ciphers configure option. ==== exiv2 ==== - Fix build with --nochecks ==== flatpak ==== Subpackages: flatpak-remote-flathub libflatpak0 system-user-flatpak - Add a flatpak-selinux subpackage that provides a SELinux policy module (boo#1220591). ==== fontconfig ==== Version update (2.14.2 -> 2.15.0) Subpackages: libfontconfig1 - update to 2.15.0: * Do not change the order of orth files * Convert tabs to spaces * Convert more tabs to spaces in docs * Report more detailed logs instead of assertion. * Add some missing constant names for weight. * Adujst indentation between programlisting in fontconfig-user.sgml * Add another test case for flatpak * Update 65-nonlatin.conf for macOS * Change the order of the properties to the order of fontconfig cache format * Add missing property descriptions * Add namedinstance property * Remove the problematic language from code and doc * Use 'outline' instead of 'scalable' for bitmaps * Add more docs about selectfont * Rework CI implementation * Fix uninitialized memory access when failing memory allocation. * Create a symlink with relative path * Fix an error of "initializer element is not constant" * Update CaseFolding.txt to Unicode 15.1 * Update the encoding table for Simplified Chinese * Retry to decode strings in the name table as UTF-16BE in some cases. * Work around decoding strings in Macintosh encoding for the name table. * Use memmove instead of memcpy * Rename README to NEWS and add README.md * Update so version * Fix leak of `reason` in _FcConfigParse when not complaining ==== gcc13 ==== Subpackages: cpp13 libgccjit0-gcc13 libstdc++6-gcc13-locale - Fix libgccjit-devel dependency, a newer shared library is OK. - Fix libgccjit dependency, the corresponding compiler isn't required. - Use %patch -P N instead of %patchN. ==== gnome-shell ==== Subpackages: gnome-extensions gnome-shell-calendar - Update gnome-shell-gdm-login-applet.patch: Clean up JS errors (bsc#1221100). ==== gpg2 ==== Version update (2.4.4 -> 2.4.5) Subpackages: dirmngr - Update to 2.4.5: * gpg,gpgv: New option --assert-pubkey-algo. [T6946] * gpg: Emit status lines for errors in the compression layer. [T6977] * gpg: Fix invocation with --trusted-keys and --no-options. [T7025] * gpgsm: Allow for a longer salt in PKCS#12 files. [T6757] * gpgtar: Make --status-fd=2 work on Windows. [T6961] * scd: Support for the ACR-122U NFC reader. [rG1682ca9f01] * scd: Suport D-TRUST ECC cards. [T7000,T7001] * scd: Allow auto detaching of kernel drivers; can be disabled with the new compatibility-flag ccid-no-auto-detach. [rGa1ea3b13e0] * scd: Allow setting a PIN length of 6 also with a reset code for openpgp cards. [T6843] * agent: Allow GET_PASSPHRASE in restricted mode. [rGadf4db6e20] * dirmngr: Trust system's root CAs for checking CRL issuers. [T6963] * dirmngr: Fix regression in 2.4.4 in fetching keys via hkps. [T6997] * gpg-wks-client: Make option --mirror work properly w/o specifying domains. [rG37cc255e49] * g13,gpg-wks-client: Allow command style options as in "g13 mount foo". [rGa09157ccb2] * Allow tilde expansion for the foo-program options. [T7017] * Make the getswdb.sh tool usable outside the GnuPG tree. * Release-info: https://dev.gnupg.org/T6960 * Update the required versions for the dependencies. ==== graphviz ==== Subpackages: libcdt5 libcgraph6 libgvc6 libpathplan4 - VUL-0: CVE-2023-46045: graphviz: out-of-bounds read via a crafted config6a file bsc#1219491 A gvc-detect-plugin-installation-failure-and-display-an-error.patch - Some alphabetical re-ordering and other spec file changes which should not have any functional change which came from some kind of auto-spec cleaner ==== inkscape ==== Subpackages: inkscape-extensions-extra inkscape-extensions-fig inkscape-extensions-gimp - Add inkscape-poppler-24.03.0.patch: Fix build with poppler >= 24.03.0. ==== java-21-openjdk ==== Subpackages: java-21-openjdk-devel java-21-openjdk-headless - Removed patch: * alternative-tzdb_dat.patch + Remove the possibility to use the system timezone-java. It creates more problems then it solves (bsc#1213470) ==== kbd ==== Subpackages: kbd-legacy - fix conversion of lowercase f in de-e1 keymap (boo#1207841) ==== kexec-tools ==== Version update (2.0.27 -> 2.0.28) - update to 2.0.28: * LoongArch: Load vmlinux.efi to the link address * LoongArch: Fix an issue with relocatable vmlinux * m68k: fix getrandom() use with uclibc * lzma: Relax memory limit for lzma decompressor * kexec: ppc64: print help to stdout instead of stderr * kexec/loongarch64: fix 'make dist' file loss issue * crashdump/x86: set the elfcorehdr segment size for hotplug * crashdump/x86: identify elfcorehdr segment for hotplug * crashdump: exclude elfcorehdr segment from digest for hotplug * crashdump: setup general hotplug support * crashdump: introduce the hotplug command line options * kexec: define KEXEC_UPDATE_ELFCOREHDR * kexec: update manpage with explicit mention of clean kexec * zboot: add loongarch kexec_load support * zboot: enable arm64 kexec_load for zboot image - drop 6419b008fde783fd0cc2cc266bd1c9cf35e99a0e.patch, upstream - add fix-building-on-x86_64-with-binutils-2.41.patch: * fix assembling on binutils >= 2.42 - refresh kexec-tools-disable-test.patch ==== libXaw3d ==== Version update (1.6.5 -> 1.6.6) - Update to libXaw3d 1.6.6: * unifdef ISC * unifdef macII * Stop working around a bug in the macII A/UX 1.0 cc * Remove unused sharedlib.c * It was only built by Imake if SUNSHLIB was defined. * SUNSHLIB was only set in the Imake configs for SunOS versions < 5 * unifdef __UNIXOS2__ * unifdef __osf__ * gitlab CI: add xz-utils to container for "make distcheck" * Also update to latest ci-templates * unifdef AIXV3 * unifdef sony * unifdef NCR * Multisink.c: Clear -Werror=incompatible-pointer-types error this fixes boo#1220977 ==== libaccounts-glib ==== - Add upstream changes: * 0001-ag-account-fix-incorrect-cleanup-in-ag_account_final.patch * 0002-Build-Don-t-install-Python-overrides-by-default.patch * 0003-Lib-do-not-attempt-to-terminate-the-GTask-twice.patch * 0004-ag-provider-fix-memory-leak-on-provider-tags.patch * 0006-ag-account-do-not-emit-misleading-enabled-signals-on.patch - Spec cleanup ==== libassuan ==== Version update (2.5.6 -> 2.5.7) - Update to 2.5.7: * New configure option --with-libtool-modification. [T6619] * Change the naming of the 64 bit Windows DLL from libassuan6-0.dll to libassuan-0.dll to sync this with what we did for libgpg-error. * Release-info: https://dev.gnupg.org/T7028 - Update upstream libassuan.keyring ==== libdbusmenu-gtk2 ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== libdbusmenu-gtk3 ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== libeconf ==== Version update (0.6.1 -> 0.6.2) - Update to version 0.6.2: * version 0.6.2 * Fix static analyzer detected issues (#196) ==== libexttextcat ==== Subpackages: libexttextcat-2_0-0 - Don't use ldconfig_scriptlets macro missing on sle12 ==== libosinfo ==== Subpackages: libosinfo-1_0-0 typelib-1_0-Libosinfo-1_0 - bsc#1220228 - virt-manager crashes when its viewer is opened on a running guest that uses spice graphics virt-manager uses both libosinfo and spice-gtk. spice-gtk is now built to use libsoup 3.0 but libosinfo was still using libsoup 2.4. Prefer libsoup 3.0 over libsoup 2.4 for Tumbleweed and newer SLE versions. ==== libpng16 ==== Version update (1.6.42 -> 1.6.43) - version update to 1.6.43 * Fixed the row width check in png_check_IHDR(). This corrected a bug that was specific to the 16-bit platforms, and removed a spurious compiler warning from the 64-bit builds. (Reported by Jacek Caban; fixed by John Bowler) * Added eXIf chunk support to the push-mode reader in pngpread.c. (Contributed by Chris Blume) * Added contrib/pngexif for the benefit of the users who would like to inspect the content of eXIf chunks. * Added contrib/conftest/basic.dfa, a basic build-time configuration. (Contributed by John Bowler) * Fixed a preprocessor condition in pngread.c that broke build-time configurations like contrib/conftest/pngcp.dfa. (Contributed by John Bowler) * Added CMake build support for LoongArch LSX. (Contributed by GuXiWei) * Fixed a CMake build error that occurred under a peculiar state of the dependency tree. This was a regression introduced in libpng-1.6.41. (Contributed by Dan Rosser) * Marked the installed libpng headers as system headers in CMake. (Contributed by Benjamin Buch) * Updated the build support for RISCOS. (Contributed by Cameron Cawley) * Updated the makefiles to allow cross-platform builds to initialize conventional make variables like AR and ARFLAGS. * Added various improvements to the CI scripts in areas like version consistency verification and text linting. * Added version consistency verification to pngtest.c also. ==== libqt5-qtwebengine ==== - Drop BuildRequire on libsrtp, qt builds a bundled copy. ==== libreoffice ==== Version update (7.6.4.1 -> 24.2.1.2) Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-en libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit - Update to 24.2.1.2 (24.2.1 final): https://wiki.documentfoundation.org/Releases/24.2.1/RC1 and https://wiki.documentfoundation.org/Releases/24.2.1/RC2 - Allow building with gcc >= 12 on system where it is the default - Fix build on SLE12 and SLE15 - Added patch: * 0001-Allow-building-with-Java-8.patch + patch submitted upstream restoring the possibility to build with JDK >= 8 - Removed patch: * 0001-Revert-java-9-changes.patch + not needed with the new patch above - Update to 24.2.0.3 (24.2.0 final): https://wiki.documentfoundation.org/ReleaseNotes/24.2 - Armenian translation added - Update patch handling to be compatible with rpm 4.20 - Removed 0002-Revert-Require-HarfBuzz-5.1.0.patch ==== libstorage-ng ==== Version update (4.5.200 -> 4.5.201) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#990 - set minimal size for XFS to 300 MiB (bsc#1220728) - 4.5.201 ==== libvirt ==== Version update (10.0.0 -> 10.1.0) Subpackages: libvirt-client libvirt-daemon-common libvirt-daemon-config-network libvirt-daemon-driver-interface libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lock libvirt-daemon-log libvirt-daemon-plugin-lockd libvirt-daemon-qemu libvirt-libs - Update to libvirt 10.1.0 - CVE-2024-1441 - Many incremental improvements and bug fixes, see https://libvirt.org/news.html#v10-1-0-2024-03-01 ==== libwacom ==== Version update (2.8.0 -> 2.10.0) Subpackages: libwacom-data libwacom9 - update to 2.10.0: * Append to DeviceMatch for X1 Yoga Gen 5 (#632) * Add .tablet file for Ingenic touch and pen display (#621) * Update the name for the Dell Active Pen (#628) * Add support for xp-pen artist 10s table (#625) * github: Minimize permissions granted to automated workflows / jobs * data: Update ModelName for DTH134 and DTC121 * data: Add Wacom HID-5362 * github: update the issue templates * github: add a label commenter bot * Add an editorconfig file * github: fix the sysinfo check workflow * tools: fix a memleak in list-local-devices * Fix an indentation issue * data: Intuos Pro 2 is compatible with Intuos 4 styli * libwacom 2.10.0 * data: add isdv4-50a0 (#630) * build(deps): bump tj-actions/changed-files in /.github/workflows * Add support for Lenovo ThinkPad X1 Yoga Gen 7 (#626) - update to 2.9.0: * data: add Wacom Cintiq Pro 22 & 17 * data: remove erroneous dash from latest Cintiq Pro model names * data: add dtc121 * data: add dth134 * meson.build: correct license to HPND * Switch strcmp to g_str_equal() * meson.build: remove duplicate pytest run * Add support for evdev code parsing * Drop the separate Button= assignment * database: move parsing the features into a helper * data: add a new Keys/KeyCodes entry to the tablet files * CI: fix the pages job for the new libevdev dependency * libwacom: only memcmp the led data if we have leds * libwacom 2.9.0 * data: Add isdv-48b7 (#604) * Add data for XP-Pen G430s (#603) * data: Add XP-Pen Artist 13.3 Pro (#601) - requires libevdev >= 1.7.0 ==== libxcb ==== Subpackages: libxcb-composite0 libxcb-damage0 libxcb-dpms0 libxcb-dri2-0 libxcb-dri3-0 libxcb-glx0 libxcb-present0 libxcb-randr0 libxcb-record0 libxcb-render0 libxcb-res0 libxcb-shape0 libxcb-shm0 libxcb-sync1 libxcb-xfixes0 libxcb-xinerama0 libxcb-xinput0 libxcb-xkb1 libxcb-xv0 libxcb1 - Fix n_If-auth-with-credentials-for-hostname-fails-retry-with-XAUTHLOCALHOSTNAME.patch, the rebase in 1.16 caused an regression: It loops indefinitely if XAUTHLOCALHOSTNAME is unset (boo#1221078) ==== llvm17 ==== - Explicitly define PYTHON3_EXECUTABLE, since python 3.11 is being pulled in by cmake in SLE-15-SP6. - Fix PowerPC triples: use powerpc[64[le]] instead of ppc[64[le]]. - Require 8 GB memory for 64-bit architectures to prevent OOM. - Use %patch -P N instead of deprecated %patchN. ==== mariadb-connector-c ==== - Fix build with gcc14, bsc#1221007 * fix-build-gcc14.patch ==== multipath-tools ==== Version update (0.9.8+83+suse.bcae610 -> 0.9.8+87+suse.f72b9f3) Subpackages: kpartx libmpath0 - Update to version 0.9.8+87+suse.f72b9f3: * fix misspelled DM_UDEV_DISABLE_OTHER_RULES_FLAG in udev rules (bsc#1220810) ==== ovmf ==== Subpackages: qemu-uefi-aarch64 - Updated descriptors.tar.xz tarball, adding secure-boot feature tag to the following firmware descriptor of qemu. For libvirt, the enrolled-keys feature relies on secure-boot (bsc#1217422): /usr/share/qemu/firmware/60-ovmf-x86_64-2m-ms.json /usr/share/qemu/firmware/60-ovmf-x86_64-2m-opensuse.json /usr/share/qemu/firmware/60-ovmf-x86_64-2m-suse.json /usr/share/qemu/firmware/60-ovmf-x86_64-ms.json /usr/share/qemu/firmware/60-ovmf-x86_64-opensuse.json /usr/share/qemu/firmware/60-ovmf-x86_64-suse.json User should awares that the secure-boot feature of ovmf is NOT real secure without SMM. Adding secure-boot is just for enabling enrolled-keys. Otherwise preloaded keys ovmf can not be auto-selected by libvirt. ==== perl ==== Subpackages: perl-base perl-doc - Use %patch -P N instead of deprecated %patchN. ==== perl-Authen-SASL ==== - Fix disabling of __perllib_provides ==== perl-Convert-ASN1 ==== - Fix disabling of __perllib_provides ==== perl-CryptX ==== - Fix disabling of __perllib_provides ==== perl-File-Listing ==== - Fix disabling of __perllib_provides ==== perl-HTTP-Cookies ==== - Fix disabling of __perllib_provides ==== perl-HTTP-Message ==== - Fix disabling of __perllib_provides ==== perl-IO-Tty ==== - Fix disabling of __perllib_provides ==== perl-IPC-Run3 ==== - Fix disabling of __perllib_provides ==== perl-LWP-Protocol-https ==== - Fix disabling of __perllib_provides ==== perl-Mail-DKIM ==== Version update (1.20230911 -> 1.20240124) - updated to 1.20240124 see /usr/share/doc/packages/perl-Mail-DKIM/Changes 1.20240124 2024-01-24 UTC * ARC: Return fail for any ARC set with an instance number greater than 50. This brings ARC verification in line with DKIM verification limits. ==== perl-Mail-SPF ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== perl-Net-Patricia ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== perl-URI ==== - Fix disabling of __perllib_provides ==== perl-X11-Protocol ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== perl-X500-DN ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN - modified patches % version-string-fix.diff (refreshed) % version-string-fix2.diff (refreshed) ==== perl-XML-LibXML ==== Version update (2.0209 -> 2.0210) - updated to 2.0210 [bsc#1221013] see /usr/share/doc/packages/perl-XML-LibXML/Changes 2.0210 2024-01-24 - Fix copying external entity from an ext_ent_handler handler - https://github.com/shlomif/perl-XML-LibXML/issues/81 - thanks to Petr - libxml-mm: Fix function prototypes in function pointers - thanks to Khem Raj ==== perl-XML-Parser ==== - Fix disabling of __perllib_provides ==== perl-XML-SAX ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== perl-XML-Twig ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN ==== perl-libwww-perl ==== - Fix disabling of __perllib_provides ==== permissions ==== Version update (1699_20240206 -> 1699_20240305) Subpackages: chkstat permissions-config - Update to version 1699_20240305: * chkstat: EntryProcessor: make error handling in safeOpen() clearer * chkstat regtests: catch bad error reporting for non-existent files * chkstat: EntryProcessor: don't report errors for non-existent files - Update to version 1699_20240223: * chkstat: replace ProcMountState enum by simple bool member * chkstat: minor style, spelling and documentation fixes * chkstat: drop types.h header * chkstat: make ProcMountState a private type of ChkStat * chkstat: EntryProcessor: rename some member variables for improved readability * chkstat: get rid of EntryContext and incorporate it into EntryProcessor * chkstat: split-off EntryProcessor from Chkstat main class * chkstat: define _GNU_SOURCE via Makefile * chkstat: processEntries(): make loop variables const * chkstat: split up checkHaveProc() * chkstat: ProfileParser: fix a bug when applying capabilities in custom root * chkstat: ProfileParser: make adding the root to paths transparent * chkstat: ProfileParser: refactor the now reduced codebase * chkstat: split off separate ProfileParser * chkstat: ProfileEntry: mark dropXID() const to support const ProfileEntry use * chkstat: parseProfile(): improve badProfileLine() calls * chkstat: drop deprecated capability check * chkstat: also move expandProfilePaths() into new VariableExpansions class * chkstat: split off variable expansion logic into separate class * chkstat: loadVariableExpansions(): a bit of refactoring * chkstat: parseSysconfig(): bit of refactoring * chkstat: remove deprecated CHECK_PERMISSIONS logic * chkstat: move assorted types into dedicated header * chkstat: replace #include guards by #pragma once * chkstat: split off command line arguments from Chkstat main class * chkstat: drop SaneValueArg wrapper * chkstat: document new packages.d directory * chkstat: drop TODO regarding ProfileEntry being changed on-the-fly * chkstat: harmonize FileCapabilities API * chkstat: support /usr/share/permissions/package.d for per-package drop-ins * chkstat: minor coding style fixes * chkstat: improve readability for rstrip() to strip trailing slashes * chkstat: remove trailing slashes from paths found on the command line * chkstat: add warning messages for rare error situations * chkstat: open profiles right away without racy `access()` check. - Remove fix_version.sh, handle version with services ==== php8 ==== Subpackages: php8-ctype php8-dom php8-iconv php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter - Use the system default cipher list instead of hardcoded values by using crypto-policies. [bsc#1211301] * Use the --with-system-ciphers configure option. ==== polkit-default-privs ==== Version update (1550+20240223.b0857d7 -> 1550+20240307.987ebab) - Update to version 1550+20240307.987ebab: * add incremental libvirt addition org.libvirt.api.node-device.save (bsc#1221094) ==== poppler ==== Version update (24.02.0 -> 24.03.0) Subpackages: libpoppler-cpp0 libpoppler-glib8 poppler-tools - version update to 24.03.0 Release 24.03.0: core: * Fix opening some malformed files. Issue #1447 * Skip drawing image when it has singular matrix. Issue #1114 * Fix crash on malformed files * Small internal code cleanup utils: * pdfdetach: Fix potential directory traversal * pdfimages: Enable to print filenames to stdout. * pdfsig: Add visible name/date when signing an existing form signature field - Bump poppler_sover to 135 following upstream changes. - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN. ==== poppler-qt5 ==== Version update (24.02.0 -> 24.03.0) - version update to 24.03.0 Release 24.03.0: core: * Fix opening some malformed files. Issue #1447 * Skip drawing image when it has singular matrix. Issue #1114 * Fix crash on malformed files * Small internal code cleanup utils: * pdfdetach: Fix potential directory traversal * pdfimages: Enable to print filenames to stdout. * pdfsig: Add visible name/date when signing an existing form signature field - Bump poppler_sover to 135 following upstream changes. - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN. ==== python-jmespath ==== - Remove the forced switch to Python 3.11 in SLE 15 SP4 and openSUSE Leap 15.4 and later. However the updated version will only be available as a Python 3.11 build. (jsc#PED-4514) ==== python-libvirt-python ==== Version update (10.0.0 -> 10.1.0) - Update to 10.1.0 - Add all new APIs and constants in libvirt 10.1.0 ==== python-qt5-sip ==== - Add fix-build-gcc14.patch to fix build with GCC14 (boo#1221016) - Switch to %autosetup ==== rebootmgr ==== Version update (2.2 -> 2.3) - Update to version 2.3 - rebootmgrd: add verbose mode - Enable verbose mode in rebootmgr.service by default ==== salt ==== Subpackages: python3-salt salt-master salt-minion salt-transactional-update - Make importing seco.range thread safe (bsc#1211649) - Added: * make-importing-seco.range-thread-safe-bsc-1211649.patch ==== sssd ==== Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-krb5-common sssd-ldap - remove dependency on /usr/bin/python3 using %python3_fix_shebang_path macro, [bsc#1212476] ==== tcpd ==== - Use %patch -P N instead of deprecated %patchN. ==== tracker ==== Subpackages: libtracker-sparql-3_0-0 tracker-data-files typelib-1_0-Tracker-3_0 - Add patches to adapt SQLite 3.44 (glgo#GNOME/tracker#418): + 0001-decouple-fts-initialization-from-ontologies.patch + 0002-early-fts-initialization.patch ==== tracker-miners ==== Subpackages: tracker-miner-files - Drop tracker-miners-drop-syscalls-in-seccomp.patch (bsc#1220608, bsc#1220519): With update of glibc in SLE-15-SP6, this patch is not needed. ==== unbound ==== Version update (1.19.1 -> 1.19.2) Subpackages: libunbound8 unbound-anchor - Update to 1.19.2: * Bug Fixes: - Fix CVE-2024-1931, Denial of service when trimming EDE text on positive replies. [bsc#1221164] ==== vim ==== Version update (9.1.0111 -> 9.1.0151) Subpackages: vim-data vim-data-common xxd - update to 9.1.0151 - refreshed vim-7.3-filetype_spec.patch * ml_get_buf_len() does not consider text properties * Several minor 'winfixbuf' issues * Update Serbian messages * Recognize "__inline" * Update base-syntax, fix escaping :syn and :hi sub-groups * Update syntax file, fix issue #962 * null pointer member access when accessing 'winfixbuf' property * update syntax script * Update base-syntax, fix issue #14135 * Highlight the error message at *E1513* * Update base-syntax, improve :augroup highlighting * Use unnamed register when clipboard not working * Vim9: can't call internal methods with objects * Cannot keep a buffer focused in a window * Updated Russian installer translation * Recognise text blocks * Update ftplugin, browsefilter labels * Improve the recognition of literals * v:echospace wrong with invalid value of 'showcmdloc' * some improvements to getregion() docs * update "Last Change header", remove trailing whitespace * handle file/dir symlinks specifically in tree mode * v:echospace not correct when 'showcmdloc' != last * getregion() needs more tests * disable multiline_scalar detection by default * [security]: autocmd causes use-after-free in set_curbuf() * getregion() can be improved * include runtime/syntax/testdir/ftplugin * Put in Visual mode wrong if it replaces fold marker * Fix typo under *kitty-terminal* in term.txt * Update Serbian translation * Recognise _when_ clauses in _switch_ blocks * simplify code and allow filetype options * Update Italian translation * cursor on wrong row after 1 char 'below' virtual text when EOL is shown * Update ftplugin, fix #14101 * Update base-syntax, improve :echo highlighting * update Debian syntax files * too many STRLEN calls when getting a memline * Update syntax file, improve :substitute matching * in cmdline mode doesn't delete composing chars * Fix typo in usr_41.txt * fix inconsistent indent * Vim9: need more test for exists() methods * clarify ':set[l] {option}<' behaviour * Insufficient testing for 'delcombine' * "C" doesn't include composing chars with 'virtualedit' * buffer-completion may not always find all matches * [security]: UAF if win_split_ins autocommands delete "wp" * Fix truncation of text_wrap 'wrap' virt text after EOL list char * runtime(doc) Update help text for matchbufline() and matchstrlist() * small fixes to the zh tutor * Recognize SourceLicense tag name in RPM spec syntax * win_gotoid() may abort even when not switching a window * Naming a non-pointer variable "oap" is strange * Internal error when using upper-case mark in getregion() * Update base-syntax, fix :unabbrev highlighting * add syntax support for Java switch expressions * unused init of text_prop_idxs in win_line() * display of below/right virtual text with non-virtual text overlap * clarify expand() for :terminal windows * Some minor issues with the getregion() function * Update tmux syntax * Infinite loop or signed overflow with 'smoothscroll' * hard to get visual region using Vim script * can move away from cmdwin using win_splitmove() * Use different restoration strategy in win_splitmove * Stop split-moving from firing WinNew and WinNewPre autocommands * win_split_ins may not check available room * Add a place holder section for version 9.2 * Modula-2 files with priority not detected * announce adoption of various runtime files * Distinguish Vim9 constructor definitions from the :new ex command * Using freed memory with full tag stack and user data * Fix typo in testing.txt * Setting some options may change curswant * update "Last Change:" header * reset readonly setting when disabling less mode * duplicate code when cleaning undo stack * Remove undo information, when cleaning quickfix buffer ==== virt-manager ==== Subpackages: virt-install virt-manager-common - Disable mdev tests with introduction of libvirt 10.1.0 virt-manager.spec ==== virtiofsd ==== - Fix libexecdir move: rpm cannot replace a directory with a single file on upgrades -- boo#1220592 * Add pre scriptlet removing the directory on Tumbleweed during upgrades * Don't own plain %_libexecdir on Tumbleweed - Spec: More tweaks to libexecdir path issues on SLE and Tumbleweed ==== xdm ==== Subpackages: xdm-xsession - u_gcc14-fix.patch * fix build against gcc14 (boo#1221028) ==== xfce4-clipman-plugin ==== Version update (1.6.5 -> 1.6.6) Subpackages: xfce4-clipman-plugin-lang - Update to version 1.6.6 * Update copyright year * Use X11 clipboard manager from libxfce4ui if available * collector: Fix sanity check * history: Make search case-sensitive * actions: Update gimp command (Fixes #96) * build: Use system wlr-protocols if avail or fall back to submodule * clipboard-manager: Add missing static qualifier * build: Lower xfce4-dev-tools requirements to stable version * Fix xfce_titled_dialog_create_action_area() deprecation * build: Simplify and clarify X11/Wayland distinction * build: Define our own windowing macro instead of extending GDK's * build: Add check for gdk-wayland * Translation Updates - Re-generate xfce4-clipman-plugin-relax-x11-version.patch ==== xfce4-panel ==== Version update (4.18.5 -> 4.18.6) Subpackages: libxfce4panel-2_0-4 xfce4-panel-lang xfce4-panel-restore-defaults - Update to version 4.18.6 * Update copyright year * Do not use g_log_set_always_fatal() * launcher: Ensure default icon in empty launchers * build: Search for bind_textdomain_codeset in libintl too * Fix memory management of GTypeModules * pager: Avoid recursion in WnckScren signal handler * pager: Do not query workspace count if screen is not initialized * libxfce4panel: Fix custom menu items management * clock: Create monitor proxy asynchronously * Add missing G_BEGIN_DECLS * Translation Updates ==== xfce4-screensaver ==== Version update (4.18.2 -> 4.18.3) - Update to version 4.18.3 * Update copyright year * build: Use XDT_VERSION_INIT for proper version scheme * Fix memory management of GSPrefs * lock-dialog: Do not use gtk_widget_grab_default() * i18n: Use xfce_textdomain() * prefs-dialog: Fix spin button signal of cycle-delay * prefs-dialog: Add missing sanity check * manager: Fix cycling jobs * manager: Fix desktop leak when reconfiguring monitors * Revert "Add overlays to initial activation" * manager: Align job table management with window table management * manager: Use a hash table instead of a list for windows * manager: Fix leak on prefs * window: Reset monitor pointer when disposed * window: Add source id management when deactivated * Add hint for users how to make Blank Screen DPMS work * Do not activate screensaver if disabled * Translation Updates ==== xfce4-taskmanager ==== Version update (1.5.6 -> 1.5.7) Subpackages: xfce4-taskmanager-lang - Update to version 1.5.7 * Update copyright year * build: Fix -Wcast-align warning from clang * Fix UBSan errors * settings-dialog: Fix XtmRefreshRate memory leak * Dark mode for process-statusbar * Dark mode for process-monitor * Allow multiple instances via command line option. * Fix blurry app icons when UI scale > 1 * Use symbolic window picker icon in toolbar * Fix broken "show-legend" setting sync * Translation Updates - Add xfce4-taskmanager-relax-x11-version.patch ==== xfce4-terminal ==== Version update (1.1.2 -> 1.1.3) Subpackages: xfce4-terminal-lang - Update to version 1.1.3 * prefs-dialog: Fix wrong assert * screen: Fix wrong assert * Translation Updates - Remove gxo-299.patch - Add xfce4-terminal-relax-x11-version.patch ==== xz ==== Version update (5.4.6 -> 5.6.0) Subpackages: liblzma5 - update to 5.6.0: * This bumps the minor version of liblzma because new features were added. The API and ABI are still backward compatible with liblzma 5.4.x and 5.2.x and 5.0.x. * liblzma: - Disabled the branchless C variant in the LZMA decoder based on the benchmark results from the community. - Disabled x86-64 inline assembly on x32 to fix the build. * Sandboxing support in xz: - Landlock is now used even when xz needs to create files. - Landlock and pledge(2) are now stricter when reading from more than one input file and only writing to standard output. - Added support for Landlock ABI version 4. - Now builds lzmainfo and lzmadec. - xzdiff, xzgrep, xzless, xzmore, and their symlinks are now installed. The scripts are also tested during "make test". - Added translation support for xz, lzmainfo, and the man pages. - Minimum required CMake version is now 3.14. * liblzma: - LZMA decoder: Speed optimizations to the C code and added GCC & Clang compatible inline assembly for x86-64. - Added lzma_mt_block_size() to recommend a Block size for multithreaded encoding. - Added CLMUL-based CRC32 on x86-64 and E2K with runtime processor detection. Similar to CRC64, on 32-bit x86 it isn't available unless --disable-assembler is used. - Optimized the CRC32 calculation on ARM64 platforms using the CRC32 instructions. Runtime detection for the instruction is used on GNU/Linux, FreeBSD, Windows, and macOS. - Added definitions of mask values like LZMA_INDEX_CHECK_MASK_CRC32 to . * Licensing change: The core components are now under the * BSD Zero Clause License (0BSD). In XZ Utils 5.4.6 and older and 5.5.1alpha these components are in the public domain and obviously remain so; the change affects the new releases only. * 0BSD is an extremely permissive license which doesn't require retaining or reproducing copyright or license notices when distributing the code, thus in practice there is extremely little difference to public domain. * liblzma - Significant speed optimizations to the LZMA decoder were made. There are now three variants that can be chosen at build time: * Basic C version: This is a few percent faster than 5.4.x due to some new optimizations. * Branchless C: This is currently the default on platforms for which there is no assembly code. This should be a few percent faster than the basic C version. * x86-64 inline assembly. This works with GCC and Clang. The default choice can currently be overridden by setting LZMA_RANGE_DECODER_CONFIG in CPPFLAGS: 0 means the basic version and 3 means that branchless C version. * Added a new filter for RISC-V binaries. The filter can be used for 32-bit and 64-bit binaries with either little or big endianness. In liblzma, the Filter ID is LZMA_FILTER_RISCV (0x0B) - Implemented GNU indirect function (IFUNC) as a runtime function dispatching method for CRC32 and CRC64 fast implementations on x86. Only GNU/Linux (glibc) and * xz: - Multithreaded mode is now the default. This improves compression speed and creates .xz files that can be decompressed multithreaded at the cost of increased memory usage and slightly worse compression ratio. - Added new command line option --filters to set the filter chain using liblzma filter string syntax. - Added new command line options --filters1 ... - -filters9 to set additional filter chains using liblzma filter string syntax. The --block-list option now allows specifying filter chains that were set using these new options. - Added support for Linux Landlock as a sandboxing method. - xzdec now supports pledge(2), Capsicum, and Linux Landlock as sandboxing methods. - enable y2038 mode - enable zstd compression, we no longer have bootstrap issues as xz is no longer used ==== yast2-perl-bindings ==== Version update (5.0.1 -> 5.0.2) - Revert the last locale fix to avoid Perl crashing (bsc#1220375) - 5.0.2 ==== yast2-storage-ng ==== Version update (5.0.7 -> 5.0.8) - Share the logic for generating the description of a device and the label of a file system. - Needed for (gh#openSUSE/agama#1079). - 5.0.8