Packages changed: Mesa Mesa-drivers PackageKit exiv2 gptfdisk hplip iputils kernel-firmware (20220902 -> 20220930) kernel-source (5.19.12 -> 6.0.0) libbluray (1.3.2 -> 1.3.3) libcap (2.65 -> 2.66) libglvnd (1.4.0 -> 1.5.0) libopenmpt (0.6.4 -> 0.6.6) libpng16 (1.6.37 -> 1.6.38) libva (2.15.0 -> 2.16.0) libva-gl (2.15.0 -> 2.16.0) libverto (0.3.1 -> 0.3.2) libyuv osinfo-db (20220727 -> 20220830) patterns-kde (20220215 -> 20221001) patterns-microos perl-IO-Socket-SSL (2.074 -> 2.075) permissions popt (1.18 -> 1.19) python-Mako (1.2.2 -> 1.2.3) python-cryptography (37.0.4 -> 38.0.1) python-pymongo (4.1.1 -> 4.2.0) python-pyudev (0.23.2+14 -> 0.24.0) python-requests-toolbelt python-wrapt (1.13.3 -> 1.14.1) shim tdb (1.4.6 -> 1.4.7) xapian-core (1.4.20 -> 1.4.21) yast2-network (4.5.7 -> 4.5.8) === Details === ==== Mesa ==== Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - Add build_orig conditional switch for video codecs define. ==== Mesa-drivers ==== Subpackages: Mesa-dri Mesa-gallium Mesa-libva - Add build_orig conditional switch for video codecs define. ==== PackageKit ==== Subpackages: PackageKit-backend-dnf PackageKit-backend-zypp PackageKit-gstreamer-plugin PackageKit-gtk3-module libpackagekit-glib2-18 typelib-1_0-PackageKitGlib-1_0 - Add PackageKit-zypp-dont-remove-locked-packages.patch: zypp: Check if packages are locked before removing (gh#PackageKit/PackageKit/commit/8649a07bc, bsc#1199895). - Add PackageKit-zypp-add-repo-in-packageid.patch: zypp: add repository data in package id (gh#PackageKit/PackageKit/commit/8eb2ef0ae, bsc#1202585). - Remove PackageKit-zypp-locked-packages.patch: reverted upstream (gh#PackageKit/PackageKit/commit/ed3e38043). ==== exiv2 ==== - add tracker for SLE (jsc#PED-1393) ==== gptfdisk ==== - Add patch to fix sgdisk with popt 1.19: * 0001-Fix-failure-crash-of-sgdisk-when-compiled-with-lates.patch ==== hplip ==== - Move the hplip-udev-rules requirement from hplip to hplip-hpijs. The main package will get it via indirect dependencies then. - Split off hplip-udev-rules hplip-udev-rules so that you can install hplip-sane only and scan as a normal user, fixes boo#1203811 ==== iputils ==== - Backport 2 fixes for bsc#1203957: 0001-ping-Add-SA_RESTART-to-sa_flags.patch 0002-ping-Make-ping_rts-struct-static.patch ==== kernel-firmware ==== Version update (20220902 -> 20220930) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20220930 (git commit fdf1a6525852): * linux-firmware: Update AMD cpu microcode * mediatek: mt8195: Update scp.img to v2.0.11956 * mediatek: Add new mt8195 SOF firmware * mediatek: Update mt8186 SOF firmware to v0.2.1 * linux-firmware: update firmware for mediatek bluetooth chip (MT7922) * rtl_bt: Update RTL8852A BT USB firmware to 0xD9B8_8207 * linux-firmware: update firmware for mediatek bluetooth chip (MT7921) * linux-firmware: update firmware for MT7922 WiFi device * linux-firmware: update firmware for MT7921 WiFi device * cxgb4: Update firmware to revision 1.27.0.0 * i915: Add versionless HuC files for current platforms * i915: Add GuC v70.5.1 for DG1, DG2, TGL and ADL-P * qca: Update firmware files for BT chip WCN3991. * Removing crnv32 * amdgpu: update yellow carp DMCUB firmware * amdgpu: add firmware for VCN 3.1.2 IP block * amdgpu: add firmware for SDMA 5.2.6 IP block * amdgpu: add firmware for PSP 13.0.5 IP block * amdgpu: add firmware for GC 10.3.6 IP block * amdgpu: add firmware for DCN 3.1.5 IP block * qcom: rename Lenovo ThinkPad X13s firmware paths * rtw89: 8852c: update fw to v0.27.42.0 * rtw89: 8852c: update fw to v0.27.36.0 - Fix install-split.sh for dealing with a symlink of directory ==== kernel-source ==== Version update (5.19.12 -> 6.0.0) - Refresh patches.suse/vduse-prevent-uninitialized-memory-accesses.patch. Update upstream status. - commit 39efccd - Update to 6.0 final - eliminate 1 patch - patches.suse/vduse-prevent-uninitialized-memory-accesses.patch - refresh configs (headers only) - commit a7dafe3 ==== libbluray ==== Version update (1.3.2 -> 1.3.3) - update to 1.3.3: * Initial support for Java 18. * Add support for OpenBSD operating system. * Improve support for FreeBSD, NetBSD and DragonFlyBSD * Improve Java 17 support. ==== libcap ==== Version update (2.65 -> 2.66) - update to 2.66: * Fix documentation typos in cap_from_text.3 * Some getpcaps code clean up and a fix for PID argument parsing from Jakub Wilk. * Slightly more robust Makefiles to address an error with make -j48 test observed * Include a simple Go program, captrace, to trace kernel capability validation checks * This program can be used to figure out what capabilities a program needs to operate. * captrace (a wrapper for bpftrace) uses BPF kprobes to monitor the kernel for capability checks and whether or not they succeed for the system, a specific PID or a program's direct execution. * Trim down the default file capabilities for contrib/sucap/su to those actually needed and set USER and HOME environment variables so bash doesn't complain about a sourcing error. ==== libglvnd ==== Version update (1.4.0 -> 1.5.0) - update to 1.5.0: * Add BTI landing pads for aarch64 * Set current thread state to NULL in teardown * Moving setspecific to before DestroyThreadState * Fix a memory leak in libGLdispatch * Use assembly stubs on armv6 - drop libglvnd-add-bti.patch (upstream) ==== libopenmpt ==== Version update (0.6.4 -> 0.6.6) - Update to 0.6.6 * [Sec] Possible crash when playing manipulated IT / MPTM files with a T00 command. * MTM: In MultiTracker, setting speed and tempo are mutually exclusive commands. Still, some MultiTracker modules were made to be played with external players such as DMP, so they actually rely on “standard” speed / tempo behaviour. Decide which behaviour to use by checking of speed and tempo commands are found on the same row. * MTM: Ignore sample loops if the loop end is <= 2. * Echo DMO: Migrate left and right delay values in modules made with OpenMPT versions between 1.27.01.00 and 1.30.05.00 to the correct interpretation. - Changes in 0.6.5: * [Bug] Makefile now also uses CC, CXX, LD, and AR when set as environment variables. * [New] Makefile now uses PKG_CONFIG as path to pkg-config. * DBM: Sample middle-C frequencies were slightly off. laffik_-_marynarze.dbm sounds much more bearable now. * DBM: Fixed pattern break parameter interpretation. * Echo DMO: Setting the delay parameter to 0 yielded a 2-second echo delay instead of 1ms. * Digi Booster Echo: Setting the delay parameter to 0 yielded a 510ms echo delay instead of approximately 334ms. ==== libpng16 ==== Version update (1.6.37 -> 1.6.38) - update to 1.6.38: * Added configurations and scripts for continuous integration. * Fixed various errors in the handling of tRNS, hIST and eXIf. * Implemented many stability improvements across all platforms. * Updated the internal documentation. ==== libva ==== Version update (2.15.0 -> 2.16.0) Subpackages: libva-drm2 libva-x11-2 libva2 - update to 2.16.0: * add: Add HierarchicalFlag & hierarchical_level_plus1 for AV1e. * dep: Update README.md to remove badge links * dep: Removed waffle-io badge from README to fix broken link * dep: Drop mailing list, IRC and Slack * autotools: use wayland-scanner private-code * autotools: use the wayland-scanner.pc to locate the prog * meson: use wayland-scanner private-code * meson: request native wayland-scanner * meson: use the wayland-scanner.pc to locate the prog * meson: set HAVE_VA_X11 when applicable * style:Correct slight coding style in several new commits * trace: add Linux ftrace mode for va trace * trace: Add missing pthread_mutex_destroy * drm: remove no-longer needed X == X mappings * drm: fallback to drm driver name == va driver name * drm: simplify the mapping table * x11: simplify the mapping table - No code changes - Update to version 2.15.0 was part of Intel oneVPL GPU Runtime 2022Q2 Release 22.4.4 ==== libva-gl ==== Version update (2.15.0 -> 2.16.0) - update to 2.16.0: * add: Add HierarchicalFlag & hierarchical_level_plus1 for AV1e. * dep: Update README.md to remove badge links * dep: Removed waffle-io badge from README to fix broken link * dep: Drop mailing list, IRC and Slack * autotools: use wayland-scanner private-code * autotools: use the wayland-scanner.pc to locate the prog * meson: use wayland-scanner private-code * meson: request native wayland-scanner * meson: use the wayland-scanner.pc to locate the prog * meson: set HAVE_VA_X11 when applicable * style:Correct slight coding style in several new commits * trace: add Linux ftrace mode for va trace * trace: Add missing pthread_mutex_destroy * drm: remove no-longer needed X == X mappings * drm: fallback to drm driver name == va driver name * drm: simplify the mapping table * x11: simplify the mapping table - No code changes - Update to version 2.15.0 was part of Intel oneVPL GPU Runtime 2022Q2 Release 22.4.4 ==== libverto ==== Version update (0.3.1 -> 0.3.2) - update to 0.3.2: * Fix use-after-free in verto_reinitialize * Fix use-after-free in verto_free() * Remove broken tevent support ==== libyuv ==== - Use YUV_VERSION for library VERSION and YUV_VER_MAJOR for SOVERSION ==== osinfo-db ==== Version update (20220727 -> 20220830) - Update to database version 20220830 osinfo-db-20220830.tar.xz ==== patterns-kde ==== Version update (20220215 -> 20221001) Subpackages: patterns-kde-kde_plasma patterns-kde-kde_yast - Update the Qt6 pattern for the 6.4.0 release - Remove obsolete or missing packages from KDE patterns ==== patterns-microos ==== Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-base-microdnf patterns-microos-base-packagekit patterns-microos-base-zypper patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-desktop-common patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-ra_agent patterns-microos-ra_verifier patterns-microos-selinux patterns-microos-sssd_ldap - Remove steam-devices again, it's only in the Non-OSS repo - Pull in power-profiles-daemon in the Plasma pattern as well - Allow tlp as alternative to power-profiles-daemon (boo#1198549) - Add keylime-tenant requirement for the ra_verifier role (new subpackage) - Add general desktop Requires: steam-devices. This package is highly unlikely to ever be provided through flatpak, and causes close to zero impact on the base system, as it quite literally contains 1 file with six udev rules. Provides for a seamless out- of-box experience for anybody using the steam flatpak, without it, any users running steam will need to install manually via t-u. ==== perl-IO-Socket-SSL ==== Version update (2.074 -> 2.075) - updated to 2.075 see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes 2.075 - treat SSL_write returning 0 same as previously -1, as suggested by both OpenSSL and LibreSSL documentation - propagate error from SSL_shutdown, but if the shutdown is caused by an outer SSL error keep the original error - small tests fixes ==== permissions ==== Subpackages: chkstat permissions-config - skip tests on qemu user builds ==== popt ==== Version update (1.18 -> 1.19) - popt 1.19: * various build system fixes * various developer visible fixes * Fix the handling of superfluous args passed with = * Fix multiple resource and memory leaks * Fix '=' getting shown for short options * Improve random number handling * translation updates and documentation improvements - refresh spec file, run tests, package license in every package, and treat all compiler warnings and errors ==== python-Mako ==== Version update (1.2.2 -> 1.2.3) - update to 1.2.3: * Fixed issue in lexer in the same category as that of :ticket:`366` where the regexp used to match an end tag didn't correctly organize for matching characters surrounded by whitespace, leading to high memory / interpreter hang if a closing tag incorrectly had a large amount of unterminated space in it. Credit to Sebastian Chnelik for locating the issue. * As Mako templates inherently render and directly invoke arbitrary Python code from the template source, it is **never** appropriate to create templates that contain untrusted input. ==== python-cryptography ==== Version update (37.0.4 -> 38.0.1) - update to 38.0.1: * Fixed parsing TLVs in ASN.1 with length greater than 65535 bytes (typically seen in large CRLs). * Final deprecation of OpenSSL 1.1.0. The next release of ``cryptography`` will drop support. * We no longer ship ``manylinux2010`` wheels. Users should upgrade to the latest ``pip`` to ensure this doesn't cause issues downloading wheels on their platform. We now ship ``manylinux_2_28`` wheels for users on new enough platforms. * Updated the minimum supported Rust version (MSRV) to 1.48.0, from 1.41.0. Users with the latest ``pip`` will typically get a wheel and not need Rust installed, but check :doc:`/installation` for documentation on installing a newer ``rustc`` if required. * :meth:`~cryptography.fernet.Fernet.decrypt` and related methods now accept both ``str`` and ``bytes`` tokens. * Parsing ``CertificateSigningRequest`` restores the behavior of enforcing that the ``Extension`` ``critical`` field must be correctly encoded DER. See `the issue `_ for complete details. * Added two new OpenSSL functions to the bindings to support an upcoming ``pyOpenSSL`` release. * When parsing :class:`~cryptography.x509.CertificateRevocationList` and :class:`~cryptography.x509.CertificateSigningRequest` values, it is now enforced that the ``version`` value in the input must be valid according to the rules of :rfc:`2986` and :rfc:`5280`. * Using MD5 or SHA1 in :class:`~cryptography.x509.CertificateBuilder` and other X.509 builders is deprecated and support will be removed in the next version. * Added additional APIs to :class:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp`, including :attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature_hash_algorithm`, :attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature_algorithm`, :attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature`, and :attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.extension_bytes`. * Added :attr:`~cryptography.x509.Certificate.tbs_precertificate_bytes`, allowing users to access the to-be-signed pre-certificate data needed for signed certificate timestamp verification. * :class:`~cryptography.hazmat.primitives.kdf.kbkdf.KBKDFHMAC` and :class:`~cryptography.hazmat.primitives.kdf.kbkdf.KBKDFCMAC` now support :attr:`~cryptography.hazmat.primitives.kdf.kbkdf.CounterLocation.MiddleFixed` counter location. * Fixed :rfc:`4514` name parsing to reverse the order of the RDNs according to the section 2.1 of the RFC, affecting method :meth:`~cryptography.x509.Name.from_rfc4514_string`. * It is now possible to customize some aspects of encryption when serializing private keys, using :meth:`~cryptography.hazmat.primitives.serialization.PrivateFormat.encryption_builder`. * Removed several legacy symbols from our OpenSSL bindings. Users of pyOpenSSL versions older than 22.0 will need to upgrade. * Added :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES128` and :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES256` classes. These classes do not replace :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES` (which allows all AES key lengths), but are intended for applications where developers want to be explicit about key length. ==== python-pymongo ==== Version update (4.1.1 -> 4.2.0) - update to 4.2.0: - Support for MongoDB 6.0. - Support for the Queryable Encryption beta with MongoDB 6.0. Note that backwards-breaking changes may be made before the final release. See :ref:`automatic-queryable-client-side-encryption` for example usage. - Provisional (beta) support for :func:`pymongo.timeout` to apply a single timeout to an entire block of pymongo operations. - Added the ``timeoutMS`` URI and keyword argument to :class:`~pymongo.mongo_client.MongoClient`. - Added the :attr:`pymongo.errors.PyMongoError.timeout` property which is ``True`` when the error was caused by a timeout. - Added the ``check_exists`` argument to :meth:`~pymongo.database.Database.create_collection` that when True (the default) runs an additional ``listCollections`` command to verify that the collection does not exist already. - Added key management APIs to :class:`~pymongo.encryption.ClientEncryption`: - Support for the ``crypt_shared`` library to replace ``mongocryptd`` using the new ``crypt_shared_lib_path`` and ``crypt_shared_lib_required`` arguments to :class:`~pymongo.encryption_options.AutoEncryptionOpts`. - Fixed a bug where :meth:`~pymongo.collection.Collection.estimated_document_count` would fail with a "CommandNotSupportedOnView" error on views (`PYTHON-2885`_). - Fixed a bug where invalid UTF-8 strings could be passed as patterns for :class:`~bson.regex.Regex` objects. :func:`bson.encode` now correctly raises :class:`bson.errors.InvalidStringData` (`PYTHON-3048`_). - Fixed a bug that caused ``AutoReconnect("connection pool paused")`` errors in the child process after fork (`PYTHON-3257`_). - Fixed a bug where :meth:`~pymongo.collection.Collection.count_documents` and :meth:`~pymongo.collection.Collection.distinct` would fail in a transaction with ``directConnection=True`` (`PYTHON-3333`_). - GridFS no longer uploads an incomplete files collection document after encountering an error in the middle of an upload fork. This results in fewer :class:`~gridfs.errors.CorruptGridFile` errors (`PYTHON-1552`_). - Renamed PyMongo's internal C extension methods to avoid crashing due to name conflicts with mpi4py and other shared libraries (`PYTHON-2110`_). - Fixed tight CPU loop for network I/O when using PyOpenSSL (`PYTHON-3187`_). ==== python-pyudev ==== Version update (0.23.2+14 -> 0.24.0) - update to 0.24.0: * Remove six dependency * Drop pylint tasks * Support python 3.9 and 3.10 ==== python-requests-toolbelt ==== - Add patch stop-using-pyopenssl-compat.patch: * Stop importing (and using!) a pyopenssl compatibility module to avoid a DeprecationWarning. ==== python-wrapt ==== Version update (1.13.3 -> 1.14.1) - update to 1.14.1: * When the post import hooks mechanism was being used, and a Python package with its own custom module importer was used, importing modules could fail if the custom module importer didn't use the latest Python import hook finder/loader APIs and instead used the deprecated API. This was actually occurring with the `zipimporter` in Python itself, which was not updated to use the newer Python APIs until Python 3.10. * *Bugs Fixed** * Python 3.11 dropped ``inspect.formatargspec()`` which was used in creating signature changing decorators. Now bundling a version of this function which uses ``Parameter`` and ``Signature`` from ``inspect`` module when available. The replacement function is exposed as ``wrapt.formatargspec()`` if need it for your own code. * When using a decorator on a class, ``isinstance()`` checks wouldn't previously work as expected and you had to manually use ``Type.__wrapped__`` to access the real type when doing instance checks. The ``__instancecheck__`` hook is now implemented such that you don't have to use ``Type.__wrapped__`` instead of ``Type`` as last argument to ``isinstance()``. * Eliminated deprecation warnings related to Python module import system, which would have turned into broken code in Python 3.12. This was used by the post import hook mechanism. ==== shim ==== - shim-install: ensure grub.cfg created is not overwritten after installing grub related files ==== tdb ==== Version update (1.4.6 -> 1.4.7) Subpackages: libtdb1 python3-tdb - update to 1.4.7: * configure/Makefile: export PYTHONHASHSEED=1 in all 'configure/Makefile' scripts * lib:tdb: Reformat shell scripts - spec file cleanups ==== xapian-core ==== Version update (1.4.20 -> 1.4.21) - update to 1.4.21: * Stop trying to check for incompatible C++ ABI between the compiler used to build xapian-core and the compiler used to build code using xapian-core. * Fix new warnings from GCC 12. * Avoid undefined value use when unpacking a key in a corrupted glass docdata table. We now skip further checks on the entry in this case. * Merge allocations in MSVC directory reading compatibility code so we can allocate in a single malloc() call. * Add accept() wrapper which checks an assumption that Microsoft's SOCKET type only actually holds 32 bit values even in 64 bit platforms and throws an exception if violated. * Eliminate a use of sprintf. * Squash some unhelpful MSVC deprecation warnings. * Declare dummy invalid parameter handler noexcept to fix a warning from MSVC. * Include in configure check for sys_errlist as that's where it is with mingw and MSVC. ==== yast2-network ==== Version update (4.5.7 -> 4.5.8) - Fixed issue when writing the NetworkManager config without a gateway (bsc#1203866) - 4.5.8