Packages changed: apache2 (2.4.58 -> 2.4.59) apache2-manual (2.4.58 -> 2.4.59) apache2-prefork (2.4.58 -> 2.4.59) apache2-utils (2.4.58 -> 2.4.59) btrfsmaintenance emacs emacs-jinx (1.4 -> 1.6) f2fs-tools (1.15.0 -> 1.16.0) freerdp2 gcr (4.2.1 -> 4.3.0) gettext-runtime gnome-control-center gnome-online-accounts (3.50.0 -> 3.50.1) gnome-text-editor (46.0 -> 46.1) gobject-introspection gom (0.5.0 -> 0.5.1) gptfdisk (1.0.9 -> 1.0.10) grep gupnp jack kernel-source (6.8.4 -> 6.8.5) lensfun liblouis libquicktime libssh miniupnpc (2.2.5 -> 2.2.6) multipath-tools (0.9.8+87+suse.f72b9f3 -> 0.9.8+88+suse.d504d83) openSUSE-build-key openSUSE-release (20240410 -> 20240414) openssh ovmf pam (1.6.0 -> 1.6.1) pam-config (2.11 -> 2.11+git.20240411) pam-full-src (1.6.0 -> 1.6.1) patterns-kde perl pipewire postfix python-Pillow schily texlive transactional-update (4.6.0 -> 4.6.5) update-alternatives (1.22.5 -> 1.22.6) vim (9.1.0151 -> 9.1.0301) xfce4-branding-openSUSE (4.18.0+git1.8b02118 -> 4.18.0+git4.79f6d44) xorg-x11-server xz zxcvbn === Details === ==== apache2 ==== Version update (2.4.58 -> 2.4.59) - Update to 2.4.59: * ) mod_deflate: Fixes and better logging for handling various error and edge cases. [Eric Covener, Yann Ylavic, Joe Orton, Eric Norris ] * ) Add CGIScriptTimeout to mod_cgi. [Eric Covener] * ) mod_xml2enc: Tolerate libxml2 2.12.0 and later. PR 68610 [ttachi ] * ) mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable. [Jean-Frederic Clere] * ) mod_ssl: Use OpenSSL-standard functions to assemble CA name lists for SSLCACertificatePath/SSLCADNRequestPath. Names will now be consistently sorted. PR 61574. [Joe Orton] * ) mod_xml2enc: Update check to accept any text/ media type or any XML media type per RFC 7303, avoiding corruption of Microsoft OOXML formats. PR 64339. [Joseph Heenan , Joe Orton] * ) mod_http2: v2.0.26 with the following fixes: - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes . - Fixed small memory leak in h2 header bucket free. Thanks to Michael Kaufmann for finding this and providing the fix. * ) htcacheclean: In -a/-A mode, list all files per subdirectory rather than only one. PR 65091. [Artem Egorenkov ] * ) mod_ssl: SSLProxyMachineCertificateFile/Path may reference files which include CA certificates; those CA certs are treated as if configured with SSLProxyMachineCertificateChainFile. [Joe Orton] * ) htpasswd, htdbm, dbmmanage: Update help&docs to refer to "hashing", rather than "encrypting" passwords. [Michele Preziuso ] * ) mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047. [Giovanni Bechis, Yann Ylavic] * ) htpasswd: Add support for passwords using SHA-2. [Joe Orton, Yann Ylavic] * ) core: Allow mod_env to override system environment vars. [Joe Orton] * ) Allow mod_dav_fs to tolerate race conditions between PROPFIND and an operation which removes a directory/file between apr_dir_read() and apr_stat(). Current behaviour is to abort the connection which seems inferior to tolerating (and logging) the error. [Joe Orton] * ) mod_ldap: HTML-escape data in the ldap-status handler. [Eric Covener, Chamal De Silva] * ) mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set. Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available, notably with OpenSSL >= 3. PR 68080. [Yann Ylavic, Joe Orton] * ) mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice). [Yann Ylavic] * ) mod_ssl: release memory to the OS when needed. [Giovanni Bechis] * ) mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when some dollar substitution (backreference) happens in the hostname or port part of the URL. [Yann Ylavic] * ) mod_proxy: Allow to set a TTL for how long DNS resolutions to backend systems are cached. [Yann Ylavic] * ) mod_proxy: Add optional third argument for ProxyRemote, which configures Basic authentication credentials to pass to the remote proxy. PR 37355. [Joe Orton] ==== apache2-manual ==== Version update (2.4.58 -> 2.4.59) - Update to 2.4.59: * ) mod_deflate: Fixes and better logging for handling various error and edge cases. [Eric Covener, Yann Ylavic, Joe Orton, Eric Norris ] * ) Add CGIScriptTimeout to mod_cgi. [Eric Covener] * ) mod_xml2enc: Tolerate libxml2 2.12.0 and later. PR 68610 [ttachi ] * ) mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable. [Jean-Frederic Clere] * ) mod_ssl: Use OpenSSL-standard functions to assemble CA name lists for SSLCACertificatePath/SSLCADNRequestPath. Names will now be consistently sorted. PR 61574. [Joe Orton] * ) mod_xml2enc: Update check to accept any text/ media type or any XML media type per RFC 7303, avoiding corruption of Microsoft OOXML formats. PR 64339. [Joseph Heenan , Joe Orton] * ) mod_http2: v2.0.26 with the following fixes: - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes . - Fixed small memory leak in h2 header bucket free. Thanks to Michael Kaufmann for finding this and providing the fix. * ) htcacheclean: In -a/-A mode, list all files per subdirectory rather than only one. PR 65091. [Artem Egorenkov ] * ) mod_ssl: SSLProxyMachineCertificateFile/Path may reference files which include CA certificates; those CA certs are treated as if configured with SSLProxyMachineCertificateChainFile. [Joe Orton] * ) htpasswd, htdbm, dbmmanage: Update help&docs to refer to "hashing", rather than "encrypting" passwords. [Michele Preziuso ] * ) mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047. [Giovanni Bechis, Yann Ylavic] * ) htpasswd: Add support for passwords using SHA-2. [Joe Orton, Yann Ylavic] * ) core: Allow mod_env to override system environment vars. [Joe Orton] * ) Allow mod_dav_fs to tolerate race conditions between PROPFIND and an operation which removes a directory/file between apr_dir_read() and apr_stat(). Current behaviour is to abort the connection which seems inferior to tolerating (and logging) the error. [Joe Orton] * ) mod_ldap: HTML-escape data in the ldap-status handler. [Eric Covener, Chamal De Silva] * ) mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set. Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available, notably with OpenSSL >= 3. PR 68080. [Yann Ylavic, Joe Orton] * ) mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice). [Yann Ylavic] * ) mod_ssl: release memory to the OS when needed. [Giovanni Bechis] * ) mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when some dollar substitution (backreference) happens in the hostname or port part of the URL. [Yann Ylavic] * ) mod_proxy: Allow to set a TTL for how long DNS resolutions to backend systems are cached. [Yann Ylavic] * ) mod_proxy: Add optional third argument for ProxyRemote, which configures Basic authentication credentials to pass to the remote proxy. PR 37355. [Joe Orton] ==== apache2-prefork ==== Version update (2.4.58 -> 2.4.59) - Update to 2.4.59: * ) mod_deflate: Fixes and better logging for handling various error and edge cases. [Eric Covener, Yann Ylavic, Joe Orton, Eric Norris ] * ) Add CGIScriptTimeout to mod_cgi. [Eric Covener] * ) mod_xml2enc: Tolerate libxml2 2.12.0 and later. PR 68610 [ttachi ] * ) mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable. [Jean-Frederic Clere] * ) mod_ssl: Use OpenSSL-standard functions to assemble CA name lists for SSLCACertificatePath/SSLCADNRequestPath. Names will now be consistently sorted. PR 61574. [Joe Orton] * ) mod_xml2enc: Update check to accept any text/ media type or any XML media type per RFC 7303, avoiding corruption of Microsoft OOXML formats. PR 64339. [Joseph Heenan , Joe Orton] * ) mod_http2: v2.0.26 with the following fixes: - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes . - Fixed small memory leak in h2 header bucket free. Thanks to Michael Kaufmann for finding this and providing the fix. * ) htcacheclean: In -a/-A mode, list all files per subdirectory rather than only one. PR 65091. [Artem Egorenkov ] * ) mod_ssl: SSLProxyMachineCertificateFile/Path may reference files which include CA certificates; those CA certs are treated as if configured with SSLProxyMachineCertificateChainFile. [Joe Orton] * ) htpasswd, htdbm, dbmmanage: Update help&docs to refer to "hashing", rather than "encrypting" passwords. [Michele Preziuso ] * ) mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047. [Giovanni Bechis, Yann Ylavic] * ) htpasswd: Add support for passwords using SHA-2. [Joe Orton, Yann Ylavic] * ) core: Allow mod_env to override system environment vars. [Joe Orton] * ) Allow mod_dav_fs to tolerate race conditions between PROPFIND and an operation which removes a directory/file between apr_dir_read() and apr_stat(). Current behaviour is to abort the connection which seems inferior to tolerating (and logging) the error. [Joe Orton] * ) mod_ldap: HTML-escape data in the ldap-status handler. [Eric Covener, Chamal De Silva] * ) mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set. Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available, notably with OpenSSL >= 3. PR 68080. [Yann Ylavic, Joe Orton] * ) mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice). [Yann Ylavic] * ) mod_ssl: release memory to the OS when needed. [Giovanni Bechis] * ) mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when some dollar substitution (backreference) happens in the hostname or port part of the URL. [Yann Ylavic] * ) mod_proxy: Allow to set a TTL for how long DNS resolutions to backend systems are cached. [Yann Ylavic] * ) mod_proxy: Add optional third argument for ProxyRemote, which configures Basic authentication credentials to pass to the remote proxy. PR 37355. [Joe Orton] ==== apache2-utils ==== Version update (2.4.58 -> 2.4.59) - Update to 2.4.59: * ) mod_deflate: Fixes and better logging for handling various error and edge cases. [Eric Covener, Yann Ylavic, Joe Orton, Eric Norris ] * ) Add CGIScriptTimeout to mod_cgi. [Eric Covener] * ) mod_xml2enc: Tolerate libxml2 2.12.0 and later. PR 68610 [ttachi ] * ) mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable. [Jean-Frederic Clere] * ) mod_ssl: Use OpenSSL-standard functions to assemble CA name lists for SSLCACertificatePath/SSLCADNRequestPath. Names will now be consistently sorted. PR 61574. [Joe Orton] * ) mod_xml2enc: Update check to accept any text/ media type or any XML media type per RFC 7303, avoiding corruption of Microsoft OOXML formats. PR 64339. [Joseph Heenan , Joe Orton] * ) mod_http2: v2.0.26 with the following fixes: - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes . - Fixed small memory leak in h2 header bucket free. Thanks to Michael Kaufmann for finding this and providing the fix. * ) htcacheclean: In -a/-A mode, list all files per subdirectory rather than only one. PR 65091. [Artem Egorenkov ] * ) mod_ssl: SSLProxyMachineCertificateFile/Path may reference files which include CA certificates; those CA certs are treated as if configured with SSLProxyMachineCertificateChainFile. [Joe Orton] * ) htpasswd, htdbm, dbmmanage: Update help&docs to refer to "hashing", rather than "encrypting" passwords. [Michele Preziuso ] * ) mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047. [Giovanni Bechis, Yann Ylavic] * ) htpasswd: Add support for passwords using SHA-2. [Joe Orton, Yann Ylavic] * ) core: Allow mod_env to override system environment vars. [Joe Orton] * ) Allow mod_dav_fs to tolerate race conditions between PROPFIND and an operation which removes a directory/file between apr_dir_read() and apr_stat(). Current behaviour is to abort the connection which seems inferior to tolerating (and logging) the error. [Joe Orton] * ) mod_ldap: HTML-escape data in the ldap-status handler. [Eric Covener, Chamal De Silva] * ) mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set. Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available, notably with OpenSSL >= 3. PR 68080. [Yann Ylavic, Joe Orton] * ) mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice). [Yann Ylavic] * ) mod_ssl: release memory to the OS when needed. [Giovanni Bechis] * ) mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when some dollar substitution (backreference) happens in the hostname or port part of the URL. [Yann Ylavic] * ) mod_proxy: Allow to set a TTL for how long DNS resolutions to backend systems are cached. [Yann Ylavic] * ) mod_proxy: Add optional third argument for ProxyRemote, which configures Basic authentication credentials to pass to the remote proxy. PR 37355. [Joe Orton] ==== btrfsmaintenance ==== - Use full URL for Source0 (.gz compressed as upstream does not ship .bz2 ones). ==== emacs ==== Subpackages: emacs-el emacs-eln emacs-info emacs-nox etags - Modify patch emacs-25.1-custom-fonts.patch * include math.h for all kinds of fonts handling (boo#1222637) - Modify patch emacs-27.1-Xauthority4server.patch * Add After=graphical-session.target in emacs.service (boo#1222172) ==== emacs-jinx ==== Version update (1.4 -> 1.6) - Rebase 0001-Only-export-necessary-symbols.-Fixes-105.patch against 1.6 - Update to version 1.6: * Fix jinx-mode reentrancy issue #gh/minad/jinx#158 * Ensure that directory local variables work correctly with Jinx. It is possible to turn Jinx on or off via dir-locals, and also configure the language and local words. * jinx-mod: Add global ref Qcons * jinx-next: Unfold hidden misspelling ==== f2fs-tools ==== Version update (1.15.0 -> 1.16.0) - update to 1.16.0: * Various bug fixes in fsck and mkfs for zoned device support. ==== freerdp2 ==== Subpackages: libfreerdp2-2 libwinpr2-2 - Add patch to avoid unneeded dependencies when using winpr-devel: * 0001-Don-t-add-winpr-cli-tools-to-exported-CMake-targets.patch ==== gcr ==== Version update (4.2.1 -> 4.3.0) Subpackages: gcr-ssh-agent gcr-ssh-askpass gcr-viewer libgck-2-2 libgcr-4-4 typelib-1_0-Gck-2 typelib-1_0-Gcr-4 - Update to version 4.3.0: + certificate: Add API to retrieve version. + Bump required GnuTLS version to 3.8.5. + Avoid potential integer overflow spotted by UBSan> + Support GnuTLS as an alternative crypto backend. + Updated translations. ==== gettext-runtime ==== Subpackages: libtextstyle0 - Add missing Requires: find to gettext-tools ==== gnome-control-center ==== Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-user-faces gnome-control-center-users - Add gnome-control-center-datetime-Avoid-emitting-the-time-changed-signal.patch: Avoid emitting the time-changed signal (bsc#1222149, bsc#1221799, glgo#GNOME/gnome-control-center#2943). ==== gnome-online-accounts ==== Version update (3.50.0 -> 3.50.1) Subpackages: libgoa-1_0-0 libgoa-backend-1_0-2 - Update to version 3.50.1: + Fix translation domain in account dialogs. + Fix OAuth 2.0 URI handler for some users. + Fix crash in Kerberos/Fedora provider. + Improved WebDAV support for Fastmail and mailbox.org. + Fixes for WebDAV discovery. + OAuth 2.0 PKCE support. + Fix issues caught by static analysis. + Update Microsoft Client ID. + Updated translations. ==== gnome-text-editor ==== Version update (46.0 -> 46.1) - Update to version 46.1: + Remove DBusActicatable=true from the .desktop file to fix an issue where you could spawn Text Editor via D-Bus and not have the session restored at startup. + AppData fixes. + Updated translations. - Drop data-desktop-disable-DBusActivatable.patch: fixed upstream. ==== gobject-introspection ==== Subpackages: girepository-1_0 libgirepository-1_0-1 - gi-find-deps.sh: further expand on the java script scanner. ==== gom ==== Version update (0.5.0 -> 0.5.1) - Update to version 0.5.1: + Reduce object inflation overhead in GType system usage. + Avoid some allocations in hot paths. + Avoid hashtables for resourcegroup items. + Avoid use of weak pointers when unnecessary. ==== gptfdisk ==== Version update (1.0.9 -> 1.0.10) - Update to release 1.0.10 * Fix failure & crash of sgdisk when compiled with latest popt * Fix NULL dereference when duplicating string argument * Allow partition dynamically allocated by --largest-new to be referenced by other options * Truncate decimal inputs (e.g. "9.5G" becomes "9G") * New partition type codes from the Discoverable Partitions Specification - Delete 0001-Fix-failure-crash-of-sgdisk-when-compiled-with-lates.patch gptfdisk-1.0.9-libuuid.patch, gptfdisk-fix-null-pointer-dereference.patch (merged) ==== grep ==== - restore texinfo macros for SLE15 ==== gupnp ==== - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [bsc#1212476] ==== jack ==== Subpackages: jack-dbus libjack0 - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [bsc#1212476] ==== kernel-source ==== Version update (6.8.4 -> 6.8.5) - gcc-plugins/stackleak: Avoid .head.text section (git-fixes). - commit 542f698 - Linux 6.8.5 (bsc#1012628). - x86: set SPECTRE_BHI_ON as default (bsc#1012628). - KVM: x86: Add BHI_NO (bsc#1012628). - x86/bhi: Mitigate KVM by default (bsc#1012628). - x86/bhi: Add BHI mitigation knob (bsc#1012628 bsc#1217339 CVE-2024-2201). - Update config files (set SPECTRE_BHI_ON=y which is the default later). - x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1012628). - x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1012628). - x86/bhi: Add support for clearing branch history at syscall entry (bsc#1012628). - x86/syscall: Don't force use of indirect calls for system calls (bsc#1012628). - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (bsc#1012628). - x86/efistub: Remap kernel text read-only before dropping NX attribute (bsc#1012628). - x86/sev: Move early startup code into .head.text section (bsc#1012628). - x86/sme: Move early SME kernel encryption handling into .head.text (bsc#1012628). - x86/boot: Move mem_encrypt= parsing to the decompressor (bsc#1012628). - efi/libstub: Add generic support for parsing mem_encrypt= (bsc#1012628). - bpf: support deferring bpf_link dealloc to after RCU grace period (bsc#1012628). - bpf: put uprobe link's path and task in release callback (bsc#1012628). - Revert "x86/mpparse: Register APIC address only once" (bsc#1012628). - drm/xe: Rework rebinding (bsc#1012628). - drm/xe: Use ring ops TLB invalidation for rebinds (bsc#1012628). - drm/i915/gt: Enable only one CCS for compute workload (bsc#1012628). - drm/i915/gt: Do not generate the command streamer for all the CCS (bsc#1012628). - drm/i915/gt: Disable HW load balancing for CCS (bsc#1012628). - drm/i915/dp: Fix the computation for compressed_bpp for DISPLAY < 13 (bsc#1012628). - drm/i915/mst: Reject FEC+MST on ICL (bsc#1012628). - drm/i915/mst: Limit MST+DSC to TGL+ (bsc#1012628). - smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1012628). - smb: client: fix potential UAF in smb2_is_network_name_deleted() (bsc#1012628). - smb: client: fix potential UAF in is_valid_oplock_break() (bsc#1012628). - smb: client: fix potential UAF in smb2_is_valid_lease_break() (bsc#1012628). - smb: client: fix potential UAF in smb2_is_valid_oplock_break() (bsc#1012628). - smb: client: fix potential UAF in cifs_dump_full_key() (bsc#1012628). - smb: client: fix potential UAF in cifs_stats_proc_show() (bsc#1012628). - smb: client: fix potential UAF in cifs_stats_proc_write() (bsc#1012628). - smb: client: fix potential UAF in cifs_debug_files_proc_show() (bsc#1012628). - smb3: retrying on failed server close (bsc#1012628). - smb: client: serialise cifs_construct_tcon() with cifs_mount_mutex (bsc#1012628). - smb: client: handle DFS tcons in cifs_construct_tcon() (bsc#1012628). - smb: client: refresh referral without acquiring refpath_lock (bsc#1012628). - smb: client: guarantee refcounted children from parent session (bsc#1012628). - smb: client: fix UAF in smb2_reconnect_server() (bsc#1012628). - riscv: process: Fix kernel gp leakage (bsc#1012628). - riscv: Fix spurious errors from __get/put_kernel_nofault (bsc#1012628). - s390/entry: align system call table on 8 bytes (bsc#1012628). - selftests/mm: include strings.h for ffsl (bsc#1012628). - mm/secretmem: fix GUP-fast succeeding on secretmem folios (bsc#1012628). - arm64/ptrace: Use saved floating point state type to determine SVE layout (bsc#1012628). - riscv: Fix vector state restore in rt_sigreturn() (bsc#1012628). - aio: Fix null ptr deref in aio_complete() wakeup (bsc#1012628). - perf/x86/intel/ds: Don't clear ->pebs_data_cfg for the last PEBS event (bsc#1012628). - x86/coco: Require seeding RNG with RDRAND on CoCo systems (bsc#1012628). - x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (bsc#1012628). - x86/mm/pat: fix VM_PAT handling in COW mappings (bsc#1012628). - of: module: prevent NULL pointer dereference in vsnprintf() (bsc#1012628). - of: dynamic: Synchronize of_changeset_destroy() with the devlink removals (bsc#1012628). - driver core: Introduce device_link_wait_removal() (bsc#1012628). - ASoC: SOF: Intel: hda: Compensate LLP in case it is not reset (bsc#1012628). - ASoC: SOF: ipc4-pcm: Correct the delay calculation (bsc#1012628). ... changelog too long, skipping 395 lines ... - commit f362b5c ==== lensfun ==== Subpackages: lensfun-data liblensfun1 - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [bsc#1212476] ==== liblouis ==== Subpackages: liblouis-data liblouis20 python3-louis - Run python tests in %check ==== libquicktime ==== - Fix build with GCC 14, bsc#1221701 * fix-gcc14-build.patch ==== libssh ==== Subpackages: libssh-config libssh4 - Don't change the path for crypto-policies libssh.config (bsc#1222716) ==== miniupnpc ==== Version update (2.2.5 -> 2.2.6) - update to 2.2.6: * includes charset="utf-8" in Content-Type * fix memory allocation error in minissdpc.c * Make User-Agent compliant. * add new binary listdevices => upnp-listdevices - added %check section to run unit tests ==== multipath-tools ==== Version update (0.9.8+87+suse.f72b9f3 -> 0.9.8+88+suse.d504d83) Subpackages: kpartx libmpath0 - Update to version 0.9.8+88+suse.d504d83: * Revert "libmultipath: fix max_sectors_kb on adding path" (bsc#1222458) ==== openSUSE-build-key ==== - SLM 6.0 key (ALP / SLF1) RSA 4096 bit key - gpg-pubkey-09d9ea69-645b99ce.asc - 2024 SUSE Linux Enterprise 15 SP6 RSA 4096 bit key - gpg-pubkey-3fa1d6ce-63c9481c.asc - SLM 6.0 key (ALP / SLF1) RSA 4096 bit reserve key - gpg-pubkey-73f03759-626bd414.asc - 2024 SUSE Linux Enterprise 15 SP6 RSA 4096 bit reserve key - gpg-pubkey-d588dc46-63c939db.asc - obsoleted a incorrectly used DSA1024 key (used in Slowroll). ==== openSUSE-release ==== Version update (20240410 -> 20240414) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - Fix duplicate loading of dropins. (boo#1222467) ==== ovmf ==== Subpackages: qemu-uefi-aarch64 - Add ovmf-EmbeddedPkg-Library-Support-SOURCE_DATE_EPOCH-in-Vir.patch Support SOURCE_DATE_EPOCH in VirtualRealTimeClockLib for reproducible. (bsc#1217704) ==== pam ==== Version update (1.6.0 -> 1.6.1) - Update to version 1.6.1 - pam_env: fixed --disable-econf --enable-vendordir support. - pam_unix: do not warn if password aging is disabled. - pam_unix: try to set uid to 0 before unix_chkpwd invocation. - pam_unix: allow empty passwords with non-empty hashes. - Multiple minor bug fixes, build fixes, portability fixes, documentation improvements, and translation updates. - Remove backports: - pam_env-fix_vendordir.patch - pam_env-fix-enable-vendordir-fallback.patch - pam_env-remove-escaped-newlines.patch - pam_unix-fix-password-aging-disabled.patch ==== pam-config ==== Version update (2.11 -> 2.11+git.20240411) - Update to version 2.11+git.20240411: * Configure Himmelblau correctly w/ other services present * Configure other services correctly w/ Himmelblau present * Himmelblau session is only optional ==== pam-full-src ==== Version update (1.6.0 -> 1.6.1) - Update to version 1.6.1 - pam_env: fixed --disable-econf --enable-vendordir support. - pam_unix: do not warn if password aging is disabled. - pam_unix: try to set uid to 0 before unix_chkpwd invocation. - pam_unix: allow empty passwords with non-empty hashes. - Multiple minor bug fixes, build fixes, portability fixes, documentation improvements, and translation updates. - Remove backports: - pam_env-fix_vendordir.patch - pam_env-fix-enable-vendordir-fallback.patch - pam_env-remove-escaped-newlines.patch - pam_unix-fix-password-aging-disabled.patch ==== patterns-kde ==== Subpackages: patterns-kde-kde patterns-kde-kde_edutainment patterns-kde-kde_games patterns-kde-kde_ide patterns-kde-kde_imaging patterns-kde-kde_internet patterns-kde-kde_multimedia patterns-kde-kde_office patterns-kde-kde_pim patterns-kde-kde_plasma patterns-kde-kde_utilities patterns-kde-kde_utilities_opt patterns-kde-kde_yast - xwaylandvideobridge has always been unversioned (boo#1222640) ==== perl ==== Subpackages: perl-base - Revert commit 7af2d2037375d58e700f9e1b217efb2c4db66133 as suggested by upstream perl * fixed locale being clobbered by perl [bsc#1220195] * new patch: perl-locale-backport.diff ==== pipewire ==== Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Move the jack spa plugin from the pipewire-spa-plugins-0_2 package to a new pipewire-spa-plugins-0_2-jack package. This allows to not Suggest the pipewire-libjack package from pipewire-spa-plugins-0_2 since that's only used to connect pipewire as a client to a jack server which is not common at all (boo#1222253). ==== postfix ==== - Move qshape(1) out of -doc, install it as a binary with the main package ==== python-Pillow ==== - Reenable tests for s390x and ppc, bsc#1222553 gh#python-pillow/Pillow#1204 ==== schily ==== Subpackages: libcdrdeflt1_0 libdeflt1_0 libfile1_0 libfind4_0 librmt1_0 librscg1_0 libscg1_0 libscgcmd1_0 libschily2_0 mkisofs spax star - Update to release 2024.03.21 * mkisofs: produce less scrollback when logging progress to ttys. ==== texlive ==== - Add patch source-dvipdfm-x.dif * dvipdfmx: repeated inclusion of the same image did not share the image data, but had separate copies for each inclusion. ==== transactional-update ==== Version update (4.6.0 -> 4.6.5) Subpackages: dracut-transactional-update libtukit4 transactional-update-zypp-config tukit - Version 4.6.5 - Rework soft-reboot support introduced in 4.6.0: - On transactional systems with systemd 254 the system could hang with with a soft-reboot, as /var and /etc have to be mounted in /run/nextroot explicitly. As a soft-reboot can also be triggered by an admin the mounting of the corresponding mount points was moved to a systemd service to be independent of t-u itself. - Support for systemd 255 - Don't decrease reboot level on multiple commands - Various other bugfixes - soft-reboot support is disabled by default now to gather more feedback - libtukit: Fix kexec reboot method to boot kernel / initrd of next snapshot - tukit: Don't clone lock file handle on exec [boo#1222411] - t-u: Always use zypper of installed system [bsc#1221346] - t-u: Remove remaining telemetrics references - Add prepare-nextroot-for-softreboot service - Add (empty) %check section ==== update-alternatives ==== Version update (1.22.5 -> 1.22.6) - Update to version 1.22.6. The changelog for this version isn't very large, so it's provided in full: * dpkg-deb: Fix up compressor parameters for default legacy format. * Perl modules: - Dpkg::Vendor::Debian: Make it possible to disable qa=-bug-implicit-func. - Dpkg::Vendor::Debian: Unconditionally set qa bug-implicit-func. * Documentation: - man: Document dpkg versions supporting SOURCE_DATE_EPOCH for various tools. * Code internals: - libdpkg: Use array access instead of pointer arithmetic for meminfo parser. - libdpkg: Use a macro to define the zstd default compression level. * Build system: - Test with minimal library dependencies in CI. - Add gen-release script. * Packaging: - Fix typo in man page reference in changelog. * Test suite: - Refactor OpenPGP backend and commands list. - Refactor certfile and keyfile filenames for OpenPGP test. - Skip OpenPGP tests if the backend does not have a verify command. * Localization: - Fix typos in Swedish man pages translations. - Fix typos in Swedish man pages translations. - Update Dutch man pages translations. - Update Portuguese man pages translations. - Update German man pages translation. ==== vim ==== Version update (9.1.0151 -> 9.1.0301) Subpackages: vim-data vim-data-common xxd - update to 9.1.0301 * Vim9: heredoc start may be recognized in string * Missing test for what patch v9.1.0285 fixes * Vim9: return type not set for a lambda assigned to script var * add runtime/doc/tags-* to ignore files * Updated translation * Update documentation * Patch 9.1.0296 causes too many issues * Fix a few issues with gvim.nsi * regexp: engines do not handle case-folding well * filetype: pip config files are not recognized * Text height function does not respect it's argument * filetype: lxqt config files are not recognized * filetype: XDG mimeapps.list file is not recognized * filetype: libreoffice config files are not recognized * filetype: xilinx files are not recognized * filetype: some TeX files are not recognized * Vim9: comment may be treated as heredoc start * Vim9: E1027 with defcompile for abstract methods * Still problems with cursor position for CTRL-D/U * fix inaccuracies in pandoc compiler * make testclean is not able to delete failed screendumps * Update base-syntax, no curly-brace names in Vim9 script * Several small issues in doc and tests * Finding highlighting attributes is inefficient * Update cuda keywords, remove uncommonly used enumeration constants * several issues with 'smoothscroll' support * filetype: roc files are not recognized * filetype: zathurarc files not recognized * Cannot highlight the Command-line * No pandoc syntax support * filetype: R history files are not recognized * filetype: keymap files are not recognized * autocmd may change cwd after :tcd and :lcd * Update syntax generator, autocmd event list parsing * Normalise builtin-function optional parameter formatting * Correctly distribute libsodium with the installer * a few minor issues to fix * Test for TextChanged is still flaky with ASAN * Two tests in test_filechanged.vim are slow * File name entered in GUI dialog is ignored * fix :compiler leaving behind a g:makeprg variable * Remove more fallback :CompilerSet definitions from compiler plugins * filetype: earthfile files are not recognized * console dialog cannot save unnamed buffers * Fill in a few details regarding :enums * Remove fallback :CompilerSet definition from compiler plugins * libgpm may delete some signal handlers * Improve the matching of contextual keywords * Vim9: Problem with lambda blocks in enums and classes * Test for TextChanged is flaky with ASAN * Vim9: protected class and funcrefs accessible outside the class * Problems with "zb" and scrolling to new topline with 'smoothscroll' * filetype not detected when editing remote files * sort filetype.txt in the alphabetical order * Normal mode TextChanged isn't tested properly * half-page scrolling broke backward compatibility * Vim9: :call may not find imported class members * Finding autocmd events is inefficient * Vim9: no indication of script nr in stack trace of classes * [security]: Heap buffer overflow when calling complete_add() in 'cfu' * filetype: typespec files are not recognized * improve syntax highlighting for YAML * Vim9: segfault with static in super class * Filetype test fails * update syntax * filetype: ldscripts cannot be recognized * filetype: rock_manifest and config.ld files are not recognized * filetype: yarn lock files are not recognized * filetype: bundle config files are not recognized * filetype: fontconfig files are not recognized * filetype: zsh theme, history and zunit files are not recognized * filetype: bash history files are not recognized * filetype: netrw history file is not recognized * filetype: octave history files are not recognized * filetype: mysql history files are not recognized * filetype: some python tools config files are not recognized * filetype: gnuplot history files are not recognised * filetype: jupyterlab and sublime config are not recognized * filetype: mplstyle files are not recognized * filetype: texlua files are not recognized * filetype: supertux files are not recognized * filetype: support for Intel HEX files is lacking * Vim9: string() output of enum is problematic * Conceal test fails when rightleft feature is disabled * Filetype may be undetected when SwapExists sets ft in other buf * TextChanged autocommand not triggered under some circumstances * ensure compiler! sets global options * Distinguish Vim9 builtin object methods from namesake builtin functions * add support for Debian specific @includes * Error E877 is not translated * fix path of uganda.nsis.txt in german.nsi file * Two unrelated things are tested by a single test * Improve docs for empty(), len(), and string() on objects * Recording may still be wrong in Select mode * Not able to assign enum values to an enum static variable * test_matchparen not run in CI * cursor may move too many lines over "right" & "below" virt text * code duplication in loop to add active text properties ... changelog too long, skipping 119 lines ... * Coverity complains about ignoring return value ==== xfce4-branding-openSUSE ==== Version update (4.18.0+git1.8b02118 -> 4.18.0+git4.79f6d44) Subpackages: libgarcon-branding-openSUSE libxfce4ui-branding-openSUSE thunar-volman-branding-openSUSE xfce4-notifyd-branding-openSUSE xfce4-panel-branding-openSUSE xfce4-power-manager-branding-openSUSE xfce4-session-branding-openSUSE xfce4-settings-branding-openSUSE xfdesktop-branding-openSUSE xfwm4-branding-openSUSE - Update to version 4.18.0+git4.79f6d44: * Fix wallpaper folder structure * Better split tumbleweed and leap wallpapers * Added old wallpaper symlinks still needed by leap ==== xorg-x11-server ==== Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra - U_render-Avoid-possible-double-free-in-ProcRenderAddGl.patch * fixes regression for security fix for CVE-2024-31083 (bsc#1222312, boo#1222442, gitlab xserver issue #1659) ==== xz ==== Subpackages: liblzma5 - revert the switch to tar_scm which dropped the signature validation - switch back to tarballs because the upstream tarballs are not gone - reinstanciate keyring from Lasse - go back to the last release signed by Lasse (5.4.2) - revert multibuild, drop service and rpmlintrc - use real_ver for the Source, move everything else back to %version like before the hectic XZ downgrade - remove payload setting, we are using zstd now - Switch to using tar_scm for fetching the sources as the upstream tarballs on github are gone - introduce _multibuild to allow building the translations outside of Ring0 and everything else in Ring0 - add rpmlintrc to silence harmless warnings ==== zxcvbn ==== - Make use of distro build flags