Packages changed:
MicroOS-release (20240705 -> 20240708)
gstreamer-plugins-good
harfbuzz (8.5.0 -> 9.0.0)
installation-images-MicroOS (17.130 -> 17.131)
krb5 (1.21.2 -> 1.21.3)
libksba (1.6.6 -> 1.6.7)
libndp
libphonenumber (8.13.30 -> 8.13.40)
openssh
qt6-base
snapper (0.11.0 -> 0.11.1)
speech-dispatcher
=== Details ===
==== MicroOS-release ====
Version update (20240705 -> 20240708)
Subpackages: MicroOS-release-appliance MicroOS-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== gstreamer-plugins-good ====
- Enable qt6 support:
+ Add subpackage for qml6glsink
+ BuildRequires: add qt6-gui-private-devel (same as Qt5)
+ BuildRequires: add pkgconfig(Qt6Widgets) (additionally required
for Qt6)
+ Leap: use compiler supporting c++17 by default
==== harfbuzz ====
Version update (8.5.0 -> 9.0.0)
Subpackages: libharfbuzz-gobject0 libharfbuzz-icu0 libharfbuzz-subset0 libharfbuzz0 typelib-1_0-HarfBuzz-0_0
- update to version 9.0.0:
+ Speed up “AAT” shaping for short words by up to 4%
+ Ignore unknown “CFF” operators
+ “hb_subset_input_keep_everything()” now keeps also non-unicode
“name” table records.
+ Update the IANA and OpenType language tag registries
+ Support composite glyphs with very large number of points in
hb-draw API
+ Various build fixes
==== installation-images-MicroOS ====
Version update (17.130 -> 17.131)
- merge gh#openSUSE/installation-images#723
- etc: update module.config to match 6.10
- 17.131
==== krb5 ====
Version update (1.21.2 -> 1.21.3)
- Update to 1.21.3
* Fix vulnerabilities in GSS message token handling:
* CVE-2024-37370, bsc#1227186
* CVE-2024-37371, bsc#1227187
* Fix a potential bad pointer free in krb5_cccol_have_contents()
* Fix a memory leak in the macOS ccache type
- Update patch 0009-Fix-three-memory-leaks.patch
==== libksba ====
Version update (1.6.6 -> 1.6.7)
- Update to 1.6.7:
* Allow for an empty Subject in certs. [T7171]
* Release-info: https://dev.gnupg.org/T7173
* Rebase libksba-nobetasuffix.patch
==== libndp ====
- Add libndp-CVE-2024-5564.patch: add a check on the route
information option length field (bsc#1225771 CVE-2024-5564).
==== libphonenumber ====
Version update (8.13.30 -> 8.13.40)
- Update to version 8.13.40:
* Updated metadata
- Use mode="manual" in _service
==== openssh ====
Subpackages: openssh-clients openssh-common openssh-server
- Add patch from upstream to fix proxy multiplexing mode:
* 0001-upstream-fix-proxy-multiplexing-mode_-broken-when-keystroke.patch
- Add patch from upstream to restore correctly sigprocmask
* 0001-upstream-correctly-restore-sigprocmask-around-ppoll.patch
- Add patch from upstream to fix a logic error in
ObscureKeystrokeTiming that rendered this feature ineffective,
allowing a passive observer to detect which network packets
contained real keystrokes (bsc#1227318, CVE-2024-39894):
* 0001-upstream-when-sending-ObscureKeystrokeTiming-chaff-packets_.patch
- Add obsoletes for openssh-server-config-rootlogin since that
package existed for a brief period of time during SLE 15 SP6/
Leap 15.6 development but even if it was removed from the
repositories before GM, some users might have it in their
systems from having tried a beta/RC release (boo#1227350).
==== qt6-base ====
Subpackages: libQt6Concurrent6 libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6OpenGLWidgets6 libQt6PrintSupport6 libQt6Sql6 libQt6Test6 libQt6Widgets6 libQt6Xml6 qt6-network-tls qt6-networkinformation-glib qt6-networkinformation-nm qt6-printsupport-cups qt6-sql-sqlite
- Add upstream change (boo#1227426, CVE-2024-39936)
* 0001-HTTP2-Delay-any-communication-until-encrypted-can-be.patch
==== snapper ====
Version update (0.11.0 -> 0.11.1)
Subpackages: libsnapper7
- handle content-length of stomp in zypper plugin
(gh#openSUSE/snapper#918)
- version 0.11.1
- fixed error message (gh#openSUSE/snapper#907)
==== speech-dispatcher ====
- Add speech-dispatcher-pulseaudio-samples.patch: fix for losing
samples with pulseaudio.