Packages changed: busybox container-selinux (2.187.0 -> 2.188.0) glibc keylime (6.4.1 -> 6.4.2) konsole libselinux libstorage-ng (4.5.27 -> 4.5.28) perl pipewire (0.3.54 -> 0.3.55) python-SQLAlchemy (1.4.37 -> 1.4.39) python-html5lib python-pandocfilters (1.4.3 -> 1.5.0) selinux-policy (20220624 -> 20220714) suse-module-tools (16.0.21 -> 16.0.22) wireplumber === Details === ==== busybox ==== Subpackages: busybox-static - prepare spec file for rpmbuild --build-in-place --noprep - use bcond for static and ww3 subpackages - fix verbose flag ==== container-selinux ==== Version update (2.187.0 -> 2.188.0) - Update to version 2.188.0: * Allow confined containers to mount overlay filesystems Fixed bsc#1201348 ==== glibc ==== Subpackages: glibc-extra glibc-locale glibc-locale-base nscd - nptl-cleanup-async-restore-2.patch: nptl: Fix ___pthread_unregister_cancel_restore asynchronous restore (bsc#1200093, BZ #29214) ==== keylime ==== Version update (6.4.1 -> 6.4.2) Subpackages: keylime-agent keylime-config keylime-firewalld keylime-logrotate keylime-registrar keylime-tpm_cert_store keylime-verifier python310-keylime - Replace python-gpg requirement - Fix consolidation for _distconfdir and _sysconfdir macro - Update to version v6.4.2: * Bump version # to 6.4.2 * Use python3-gpg instead of python3-gnupg * Update Packit CI tests to test both agent and zeromq revocation notifiers * ima_ast: Make entry parsing stricter * ima_ast: Calculate length of "n" and "n-ng" in bytes * Fix broken URLs in README (Additional Reading) * Remove CFSSL leftovers * signing: move exception handing to verify_signature() * Set revocation_notifiers = agent as default in keylime.conf * cloud_verifier: Support /notifications/revocation REST API * keylime_agent: Support /notifications/revocation REST method * revocation_notifier: Factor out revocation message processing * keylime: initialize supplementary groups when dropping privileges * Refactor allowlist processing to enable verifier-side signature checks * Full removal of the tenant WebApp * update roadmap for 2022 and 2023 * docs: make Python requirements less strict * docs: update API documentation for 2.1, add missing fields for agent quote * Add python3-alembic to distros * Update fmf plans to run test with IMA policy * Drop SPDX-License-Identifier header * Adjust CI test name according to keylime-tests PR#125 * ci: Run lint with Python 3.6 as well * [trivial]: fix style of recently added docs files * Improve error handling when doing signature verification * Fix coverage file paths in submit-HEAD-coverage workflow * Adding files from keylime-docs into main repo - Fix keylime service home directory - Adjust the directory for the TPM certificates ==== konsole ==== Subpackages: konsole-part konsole-part-lang - Add patch to fix editing imported SSH hosts (kde#455290): * 0001-Fix-error-when-trying-to-edit-the-editable-parts-of-.patch ==== libselinux ==== Subpackages: libselinux1 selinux-tools - Fixed initrd check in selinux-ready (bnc#1186127) - Added restorecon_pin_file.patch. Fixes issus when running fixfiles/restorecon ==== libstorage-ng ==== Version update (4.5.27 -> 4.5.28) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#888 - handle rootprefix when combining information from /etc/fstab and /proc/mounts - added unit tests - avoid deprecated fuunctions - coding style - typo fix and documentation update - 4.5.28 ==== perl ==== Subpackages: perl-base - move builtin.pm to perl-base as File::Copy relies on it since last update. This fixes execution of builtime source services in OBS. ==== pipewire ==== Version update (0.3.54 -> 0.3.55) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Add patch to fix audio after tty switching (boo#1201349): * 0002-spa-alsa-udev-Check-accessibility-of-pcm-devices-as-well.patch - Update to version 0.3.55: * Highlights - Fix some more critical bugs in the new audioconvert and the queueing in pw-stream that causes stuttering and hickups. - HFP hardware volumes are now saved and restored. - Format conversions and mixing was improved. - Small bug fixes and improvements. * PipeWire - The queueing in pw-stream was improved with support for buffer prefetch in asynchronous mode. - Add a pw-filter unit test. * tools - pw-midiplay should now work again after improvements in pw-stream. * modules - The RAOP module was improved to support auth_setup. - The RAOP module should now handle timing packets better. - Add some more filter-chain examples. - The filter-chain now has a separate config file with the boilerplate settings. The examples are now just config snippets that can be dropped in .conf.d/ directories, such as the filter-chain.conf.d/ one. - Start suggesting to use target.object instead of node.target in docs and examples. * SPA - Use the cosh window again for the resampler. It should now give better resampler quality. - Rework the mixer functions. They were rewritten for higher precision and better performance. Add unit tests and benchmarks. - Improve format conversion for 32bits for avoid errors in clang because of undefined behaviour at extreme ranges. - Fix a bug in audioconvert where it would not consume the right amount of samples when the resampler was disabled. This could cause skipping and hickups. - Fix bug in audioconvert where it would try to convert the input samples multiple times, causing strange artefacts when upmixing. - Be more strict about valid JSON floats. - device.vendor.id and device.product.id should now always show up in 0xXXXX format and should not be converted to floats in pw-dump anymore. - Add triangular dither, add unit tests for noise generation, add some more optimisations. * Bluetooth - HFP and A2DP now expose different routes and thus can have different volumes. - HW Volumes for HFP are now synchronised better. Volume changes from HW buttons are now also saved. - Rebase reduce-meson-dependency.patch. - Add 0001-jack-only-mix-when-we-have-input-to-mix.patch: Fix an Ardour start-up crash. ==== python-SQLAlchemy ==== Version update (1.4.37 -> 1.4.39) - update to version 1.4.39: * orm + [orm] [bug] [regression] Fixed regression caused by #8133 where the pickle format for mutable attributes was changed, without a fallback to recognize the old format, causing in-place upgrades of SQLAlchemy to no longer be able to read pickled data from previous versions. A check plus a fallback for the old format is now in place. References: #8133 - changes from version 1.4.38: * orm + [orm] [bug] [regression] Fixed regression caused by #8064 where a particular check for column correspondence was made too liberal, resulting in incorrect rendering for some ORM subqueries such as those using PropComparator.has() or PropComparator.any() in conjunction with joined-inheritance queries that also use legacy aliasing features. References: [#8162] + [orm] [bug] [sql] Fixed an issue where GenerativeSelect.fetch() would not be applied when executing a statement using the ORM. References: #8091 + [orm] [bug] Fixed issue where a with_loader_criteria() option could not be pickled, as is necessary when it is carried along for propagation to lazy loaders in conjunction with a caching scheme. Currently, the only form that is supported as picklable is to pass the ?where criteria? as a fixed module-level callable function that produces a SQL expression. An ad-hoc ?lambda? can?t be pickled, and a SQL expression object is usually not fully picklable directly. References: #8109 * engine + [engine] [bug] Repaired a deprecation warning class decorator that was preventing key objects such as Connection from having a proper __weakref__ attribute, causing operations like Python standard library inspect.getmembers() to fail. References: [#8115] * sql + [sql] [bug] Fixed multiple observed race conditions related to lambda_stmt(), including an initial ?dogpile? issue when a new Python code object is initially analyzed among multiple simultaneous threads which created both a performance issue as well as some internal corruption of state. Additionally repaired observed race condition which could occur when ?cloning? an expression construct that is also in the process of being compiled or otherwise accessed in a different thread due to memoized attributes altering the __dict__ while iterated, for Python versions prior to 3.10; in particular the lambda SQL construct is sensitive to this as it holds onto a single statement object persistently. The iteration has been refined to use dict.copy() with or without an additional iteration instead. References: #8098 + [sql] [bug] Enhanced the mechanism of Cast and other ?wrapping? column constructs to more fully preserve a wrapped Label construct, including that the label name will be preserved in the .c collection of a Subquery. The label was already able to render in the SQL correctly on the outside of the construct which it was wrapped inside. References: #8084 + [sql] [bug] Adjusted the fix made for #8056 which adjusted the escaping of bound parameter names with special characters such that the escaped names were translated after the SQL compilation step, which broke a published recipe on the FAQ illustrating how to merge parameter names into the string output of a compiled SQL string. The change restores the escaped names that come from compiled.params and adds a conditional parameter to SQLCompiler.construct_params() named escape_names that defaults to True, restoring the old behavior by default. References: [#8113] * schema + [schema] [bug] Fixed bugs involving the Table.include_columns and the Table.resolve_fks parameters on Table; these little-used parameters were apparently not working for columns that refer to foreign key constraints. In the first case, not-included columns that refer to foreign keys would still attempt to create a ForeignKey object, producing errors when attempting to resolve the columns for the foreign key constraint within reflection; foreign key constraints that refer to skipped columns are now omitted from the table reflection process in the same way as occurs for Index and UniqueConstraint objects with the same conditions. No warning is produced however, as we likely want to remove the include_columns warnings for all constraints in 2.0. In the latter case, the production of table aliases or subqueries would fail on an FK related table not found despite the presence of resolve_fks=False; the logic has been repaired so that if a related table is not found, the ForeignKey object is still proxied to the aliased table or subquery (these ForeignKey objects are normally used in the production of join conditions), but it is sent with a flag that it?s not resolvable. The aliased table / subquery will then work normally, with the exception that it cannot be used to generate a join condition automatically, as the foreign key information is missing. This was already the behavior for such foreign key constraints produced using non-reflection methods, such as joining Table objects from different MetaData collections. References: #8100, #8101 + [schema] [bug] [mssql] Fixed issue where Table objects that made use of IDENTITY columns with a Numeric datatype would produce errors when attempting to reconcile the ?autoincrement? column, preventing construction of the Column from using the Column.autoincrement parameter as well as emitting errors when attempting to invoke an Insert construct. References: #8111 * extensions + [extensions] [bug] Fixed bug in Mutable where pickling and unpickling of an ORM mapped instance would not correctly restore state for mappings that contained multiple Mutable-enabled attributes. References: #8133 ==== python-html5lib ==== - Remove BuildRequires on mock. ==== python-pandocfilters ==== Version update (1.4.3 -> 1.5.0) - update to 1.5.0: * Added an environment variable `PANDOCFILTER_CLEANUP` that when `get_filename4code` is used, temporary directory will be cleaned up automatically. * `examples/` is no longer included in the distribution (i.e. source distribution or binary wheels found on PyPI.) This should be a backward incompatible change as `examples/` is never exposed as a Python module, nor entry points. * Added a couple of examples. ==== selinux-policy ==== Version update (20220624 -> 20220714) Subpackages: selinux-policy-targeted - Update to version 20220714. Refreshed: * fix_init.patch * fix_systemd_watch.patch ==== suse-module-tools ==== Version update (16.0.21 -> 16.0.22) - Update to version 16.0.22: * weak-modules2: only use kernel version under /run/regenerate-initrd (boo#1201387) ==== wireplumber ==== Subpackages: libwireplumber-0_4-0 wireplumber-audio - Add patch to fix crash on session end: * 0001-dbus-fix-crash-when-trying-to-reconnect.patch