Packages changed:
7zip
MozillaFirefox (96.0.2 -> 96.0.3)
alsa-utils
apparmor
audacity
autoyast2 (4.4.27 -> 4.4.28)
bind
bolt (0.9.1 -> 0.9.2)
brasero
clazy (1.10 -> 1.11)
ell (0.46 -> 0.48)
emacs
ethtool (5.15 -> 5.16)
fontconfig
freeipmi (1.6.8 -> 1.6.9)
freerdp
git (2.34.1 -> 2.35.1)
glib2 (2.70.2 -> 2.70.3)
graphite2
gstreamer-plugins-bad
hexchat (2.14.3 -> 2.16.0)
iputils
kernel-64kb (5.16.1 -> 5.16.2)
kernel-source (5.16.1 -> 5.16.2)
libapparmor
libical (3.0.12 -> 3.0.13)
libical-glib (3.0.12 -> 3.0.13)
libimobiledevice (1.3.0+git.20200910 -> 1.3.0+git.20210921)
libodfgen
libplist
librevenge
libstaroffice
libstorage-ng (4.4.76 -> 4.4.78)
libvirt
libwpd
libwpg
libwps
llvm13
mozilla-nss (3.73.1 -> 3.74)
neon (0.32.1 -> 0.32.2)
paprefs (1.1 -> 1.2)
patterns-games (20170319 -> 20220126)
patterns-gnome
pciutils
perl-Net-HTTP (6.21 -> 6.22)
perl-libwww-perl (6.60 -> 6.61)
pipewire (0.3.43 -> 0.3.44)
plymouth
polkit
procps
protobuf (3.17.3 -> 3.19.4)
python-boto3 (1.20.35 -> 1.20.40)
python-botocore (1.23.35 -> 1.23.40)
python-fsspec (2021.11.1 -> 2022.1.0)
python-gcsfs (2021.11.1 -> 2022.1.0)
python-google-auth (2.0.1 -> 2.5.0)
python-passlib
python-py (1.10.0 -> 1.11.0)
python-s3fs (2021.11.1 -> 2022.1.0)
python-xarray
qemu
raspberrypi-firmware (2021.12.01 -> 2022.01.24)
raspberrypi-firmware-config (2021.12.01 -> 2022.01.24)
raspberrypi-firmware-dt (2021.11.19 -> 2022.01.19)
rsyslog
ruby (3.0 -> 3.1)
salt (3003.3 -> 3004)
samba (4.15.3+git.219.40cc1cd8591 -> 4.15.4+git.224.dea2f6dc836)
selinux-policy (20211111 -> 20220124)
sendmail (8.17.0.3 -> 8.17.1)
snapper (0.9.0 -> 0.9.1)
solid
suse-module-tools (16.0.18 -> 16.0.19)
tre
u-boot-rpiarm64
udisks2
userspace-rcu (0.13.0 -> 0.13.1)
util-linux (2.37.2 -> 2.37.3)
vim (8.2.4063 -> 8.2.4186)
vsftpd
webkit2gtk3
webkit2gtk3-soup2
wireplumber (0.4.6 -> 0.4.7)
wpa_supplicant (2.9 -> 2.10)
xapian-core (1.4.18 -> 1.4.19)
xen
xf86-input-libinput (1.2.0 -> 1.2.1)
xlockmore (5.67 -> 5.68)
yast2 (4.4.39 -> 4.4.43)
yast2-bootloader (4.4.14 -> 4.4.15)
yast2-firewall (4.4.2 -> 4.4.3)
yast2-installation (4.4.35 -> 4.4.37)
yast2-iscsi-client (4.4.2 -> 4.4.3)
yast2-kdump (4.4.1 -> 4.4.2)
yast2-network (4.4.33 -> 4.4.35)
yast2-nfs-client (4.4.2 -> 4.4.3)
yast2-nis-client (4.4.1 -> 4.4.2)
yast2-ntp-client (4.4.2 -> 4.4.3)
yast2-packager (4.4.20 -> 4.4.21)
yast2-samba-client (4.4.2 -> 4.4.3)
yast2-samba-server (4.4.0 -> 4.4.1)
yast2-security (4.4.8 -> 4.4.10)
yast2-storage-ng (4.4.33 -> 4.4.34)
=== Details ===
==== 7zip ====
- Fix an incompatibility with p7zip which was breaking some downstreams
(e.g., GNOME's File-Roller). See bsc#1195041
* Add fix-compatib-with-p7zip.patch
==== MozillaFirefox ====
Version update (96.0.2 -> 96.0.3)
Subpackages: MozillaFirefox-translations-common
- Mozilla Firefox 96.0.3 (bsc#1195230)
* Fixed an issue that allowed unexpected data to be submitted in
some of our search telemetry (bmo#1752317)
- Enable -fimplicit-constexpr for GCC 12+.
==== alsa-utils ====
- Fix the broken mouse support on alsamixer:
0002-alsamixer-Revert-has_mouse-check.patch
==== apparmor ====
Subpackages: apparmor-abstractions apparmor-docs apparmor-parser apparmor-profiles apparmor-utils pam_apparmor python3-apparmor
- add ruby-3.1-build-fix.diff: fix build with ruby 3.1 (boo#1194221,
MR 827)
==== audacity ====
Subpackages: audacity-lang
- Added conditional %post and %postun for Leap, to fix boo#1194977
==== autoyast2 ====
Version update (4.4.27 -> 4.4.28)
Subpackages: autoyast2-installation
- Use Package module instead of PackageSystem (bsc#1194886).
- 4.4.28
==== bind ====
Subpackages: bind-doc bind-utils python3-bind
- Add now working CONFIG parameter to sysusers generator
==== bolt ====
Version update (0.9.1 -> 0.9.2)
- Update to 0.9.2
* This release is compatible with umockdev >= 0.16.3; there was a change in
umockdev that made our test fail with it, since both our test and umockev
were trying to create the same directorires. bolt now allows for the dir
to already exist.
* The license for `90-bolt.rules` has changed from `GPL-2.1+`, which does
not exist and was probably was confused with `LGPL-2.1+`, to `GPL 2.0+`.
* Documentation has been updated and spelling mistakes fixed.
* Various improvements for continuous integration.
* The minimum required version of meson has been bumped to 0.46.0.
==== brasero ====
Subpackages: libbrasero-burn3-1 libbrasero-media3-1 libbrasero-utils3-1
- Add 9b3f451e72cfa3bac700517a036faab61f683b3f.patch:
libbrasero-media: Fix duplicated if.
- Disable nautilus integration for now, does not work with gtk4
based nautilus. Disable pkgconfig(libnautilus-extension)
BuildRequires and pass disable-nautilus to configure via bcond.
- Modernize post(un) handling and Supplements, use
ldconfig_scriptlets macro.
==== clazy ====
Version update (1.10 -> 1.11)
- Update to 1.11
* New Checks:
- use-arrow-operator-instead-of-data
- use-static-qregularexpression
- unexpected-flag-enumerator-value
- Removed inefficient-qlist check (Fixed in Qt6)
==== ell ====
Version update (0.46 -> 0.48)
- update to 0.48:
* Fix issue with memory leaking from ICMPv6 RA.
* Fix issue with memory leaking from DHCP leases.
* Fix issue with NULL terminating of Base64 encoding.
==== emacs ====
Subpackages: emacs-info emacs-nox emacs-x11 etags
- Remove unneeded pure size adjustments
==== ethtool ====
Version update (5.15 -> 5.16)
- update to upstream release 5.16
* Feature: use memory maps for module EEPROM parsing (-m)
* Feature: show CMIS diagnostic information (-m)
* Fix: fix dumping advertised FEC modes (--show-fec)
* Fix: ignore cable test notifications from other devices
(--cable-test)
* Fix: do not show duplicate options in help text (--help)
==== fontconfig ====
Subpackages: fontconfig-devel libfontconfig1
- adding bug reference to this changelog [bsc#1172301]
==== freeipmi ====
Version update (1.6.8 -> 1.6.9)
Subpackages: libfreeipmi17 libipmiconsole2 libipmidetect0
- freeipmi 1.6.9
* Support --with-systemconfigdir build option.
* Fix build issue on musl where putmsg/getmsg are not available.
* Fix build issue when inb/outb are not available on some systems.
* Fix static build issues with gcrypt.
* Add conserver documentation in faq.
* Minor documentation updates.
==== freerdp ====
Subpackages: libfreerdp2-2 libwinpr2-2
- Enable FFmpeg support for Leap-15.2+
==== git ====
Version update (2.34.1 -> 2.35.1)
Subpackages: git-core git-cvs git-daemon git-email git-gui git-svn git-web gitk perl-Git
- update to 2.35.1:
* fix "rebase" and "stash" in a secondary worktree
- update to 2.35.0:
* "_" is now treated as any other URL-valid characters in an URL when
matching the per-URL configuration variable names.
* The color palette used by "git grep" has been updated to match that
of GNU grep.
* "git status --porcelain=v2" now show the number of stash entries
with --show-stash like the normal output does.
* "git stash" learned the "--staged" option to stash away what has
been added to the index (and nothing else).
* "git var GIT_DEFAULT_BRANCH" is a way to see what name is used for
the newly created branch if "git init" is run.
* Various operating modes of "git reset" have been made to work
better with the sparse index.
* "git submodule deinit" for a submodule whose .git metadata
directory is embedded in its working tree refused to work, until
the submodule gets converted to use the "absorbed" form where the
metadata directory is stored in superproject, and a gitfile at the
top-level of the working tree of the submodule points at it. The
command is taught to convert such submodules to the absorbed form
as needed.
* The completion script (in contrib/) learns that the "--date"
option of commands from the "git log" family takes "human" and
"auto" as valid values.
* "Zealous diff3" style of merge conflict presentation has been added.
* The "git log --format=%(describe)" placeholder has been extended to
allow passing selected command-line options to the underlying "git
describe" command.
* "default" and "reset" have been added to our color palette.
* The cryptographic signing using ssh keys can specify literal keys
for keytypes whose name do not begin with the "ssh-" prefix by
using the "key::" prefix mechanism (e.g. "key::ecdsa-sha2-nistp256").
* "git fetch" without the "--update-head-ok" option ought to protect
a checked out branch from getting updated, to prevent the working
tree that checks it out to go out of sync. The code was written
before the use of "git worktree" got widespread, and only checked
the branch that was checked out in the current worktree, which has
been updated.
* "git name-rev" has been tweaked to give output that is shorter and
easier to understand.
* "git apply" has been taught to ignore a message without a patch
with the "--allow-empty" option. It also learned to honor the
"--quiet" option given from the command line.
* The "init" and "set" subcommands in "git sparse-checkout" have been
unified for a better user experience and performance.
* Many git commands that deal with working tree files try to remove a
directory that becomes empty (i.e. "git switch" from a branch that
has the directory to another branch that does not would attempt
remove all files in the directory and the directory itself). This
drops users into an unfamiliar situation if the command was run in
a subdirectory that becomes subject to removal due to the command.
The commands have been taught to keep an empty directory if it is
the directory they were started in to avoid surprising users.
* "git am" learns "--empty=(stop|drop|keep)" option to tweak what is
done to a piece of e-mail without a patch in it.
* The default merge message prepared by "git merge" records the name
of the current branch; the name can be overridden with a new option
to allow users to pretend a merge is made on a different branch.
* The way "git p4" shows file sizes in its output has been updated to
use human-readable units.
* "git -c branch.autosetupmerge=inherit branch new old" makes "new"
to have the same upstream as the "old" branch, instead of marking
"old" itself as its upstream.
==== glib2 ====
Version update (2.70.2 -> 2.70.3)
Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 libgthread-2_0-0
- Update to version 2.70.3:
+ Several important fixes to FD handling in gspawn.
+ Several important fixes to GDBus message and GVariant parsing
of invalid data.
+ Fix potential data loss due to missing fsync when saving files
on btrfs.
+ Bugs fixed: glgo#GNOME/GLib#2503, glgo#GNOME/GLib#2506,
glgo#GNOME/GLib#2557, glgo#GNOME/GLib#2572,
glgo#GNOME/GLib#2580, glgo#GNOME/GLib!2394,
glgo#GNOME/GLib!2415, glgo#GNOME/GLib!2437,
glgo#GNOME/GLib!2444, glgo#GNOME/GLib!2455.
+ Updated translations.
==== graphite2 ====
- Fix license header so that it corresponds to SPDX abbreviation
==== gstreamer-plugins-bad ====
Subpackages: gstreamer-transcoder libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 typelib-1_0-GstTranscoder-1_0
- Add some conditionals to build as many plugins as possible
in SLE-15-SP4 and move all conditional logic to the beginning
of the spec file using bcond_with/without.
==== hexchat ====
Version update (2.14.3 -> 2.16.0)
Subpackages: hexchat-lang
- Update to 2.16.0
* add support for IRCv3 SETNAME, invite-notify, account-tag, standard replies, and UTF8ONLY
* add support for strikethrough formatting
* update network list (including Libera.Chat as the default)
* fix text clipping issues by respecting font line height
* fix URLs not being escaped when opened
* fix misc IRC message parsing issues
* remove libnotify dependency on Linux, fixing hangs when notifications are shown
* remove libproxy dependency on Linux
* print ChanServ notices in the front tab by default
* fishlim: add support for CBC mode
* python: rewrite plugin in python with CFFI
This lowers memory usage and fixed conflicts with many C Python modules including pygobject
- Package changes:
- Update meson configuraion options
- Add python3-cffi as BuildRequires and Requires for python3 plugin package
- Drop 2559.patch and feature-add-libera-chat.patch (merged upstream)
- Drop libnotify and libproxy BuildRequires, as per upstream changes
- Drop hexchat.keyring, upstream no longer provides detached tarball signatures
(gh#hexchat/hexchat#2635)
==== iputils ====
- temporarily reintroduce rarpd and rdisc tools to get them into
15sp4 [jsc#SLE-23521]
==== kernel-64kb ====
Version update (5.16.1 -> 5.16.2)
- Update
patches.kernel.org/5.16.2-005-vfs-fs_context-fix-up-param-length-parsing-in-.patch
(bsc#1012628 CVE-2022-0185 bsc#1194517).
Add CVE reference.
- commit 0d710a8
- s390/mm: fix 2KB pgtable release race (bsc#1188896).
- commit 6f62d73
- HID: wacom: Avoid using stale array indicies to read contact
count (bsc#1194667).
- HID: wacom: Ignore the confidence flag when a touch is removed
(bsc#1194667).
- HID: wacom: Reset expected and received contact counts at the
same time (bsc#1194667).
- commit 07a970c
- Linux 5.16.2 (bsc#1012628).
- ALSA: hda/realtek: Re-order quirk entries for Lenovo
(bsc#1012628).
- ALSA: hda/realtek: Add quirk for Legion Y9000X 2020
(bsc#1012628).
- ALSA: hda/tegra: Fix Tegra194 HDA reset failure (bsc#1012628).
- ALSA: hda: ALC287: Add Lenovo IdeaPad Slim 9i 14ITL5 speaker
quirk (bsc#1012628).
- ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus
Master after reboot from Windows (bsc#1012628).
- ALSA: hda/realtek: Use ALC285_FIXUP_HP_GPIO_LED on another HP
laptop (bsc#1012628).
- ALSA: hda/realtek: Add speaker fixup for some Yoga 15ITL5
devices (bsc#1012628).
- perf annotate: Avoid TUI crash when navigating in the annotation
of recursive functions (bsc#1012628).
- firmware: qemu_fw_cfg: fix kobject leak in probe error path
(bsc#1012628).
- firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate
entries (bsc#1012628).
- firmware: qemu_fw_cfg: fix sysfs information leak (bsc#1012628).
- rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore()
with interrupts enabled (bsc#1012628).
- media: uvcvideo: fix division by zero at stream start
(bsc#1012628).
- video: vga16fb: Only probe for EGA and VGA 16 color graphic
cards (bsc#1012628).
- 9p: fix enodata when reading growing file (bsc#1012628).
- 9p: only copy valid iattrs in 9P2000.L setattr implementation
(bsc#1012628).
- NFSD: Fix zero-length NFSv3 WRITEs (bsc#1012628).
- remoteproc: qcom: pas: Add missing power-domain "mxc" for CDSP
(bsc#1012628).
- KVM: s390: Clarify SIGP orders versus STOP/RESTART
(bsc#1012628).
- KVM: x86: don't print when fail to read/write pv eoi memory
(bsc#1012628).
- KVM: x86: Register Processor Trace interrupt hook iff PT
enabled in guest (bsc#1012628).
- KVM: x86: Register perf callbacks after calling vendor's
hardware_setup() (bsc#1012628).
- perf: Protect perf_guest_cbs with RCU (bsc#1012628).
- vfs: fs_context: fix up param length parsing in
legacy_parse_param (bsc#1012628).
- remoteproc: qcom: pil_info: Don't memcpy_toio more than is
provided (bsc#1012628).
- orangefs: Fix the size of a memory allocation in
orangefs_bufmap_alloc() (bsc#1012628).
- drm/amd/display: explicitly set is_dsc_supported to false
before use (bsc#1012628).
- devtmpfs regression fix: reconfigure on each mount
(bsc#1012628).
- commit 6fa29ec
- kernel-binary.spec: Do not use the default certificate path (bsc#1194943).
Using the the default path is broken since Linux 5.17
- commit 68b36f0
- disable the Bluetooth patch again
The kernel is currently tested whether the patch is needed at all. As
95655456e7ce in upstream might fix the issue too (but differently).
- commit c3bbaae
- series.conf: cleanup
- move mainline patches into sorted section:
- patches.suse/mwifiex-Fix-skb_over_panic-in-mwifiex_usb_recv.patch
- patches.suse/0001-usb-Add-Xen-pvUSB-protocol-description.patch
- patches.suse/0002-usb-Introduce-Xen-pvUSB-frontend-xen-hcd.patch
- update upstream references and move into sorted section:
- patches.suse/ALSA-usb-audio-Add-minimal-mute-notion-in-dB-mapping.patch
- patches.suse/ALSA-usb-audio-Fix-dB-level-of-Bose-Revolve-SoundLin.patch
- patches.suse/ALSA-usb-audio-Use-int-for-dB-map-values.patch
No effect on expanded tree.
- commit 607f978
- Refresh and reenable
patches.suse/Bluetooth-Apply-initial-command-workaround-for-more-.patch.
- commit a7b7c0d
- series.conf: Add sorted section header/footer
Even though we don't carry many patches in the stable or master
branches, having the sorted section header/footer allows the automated
tools to work.
- commit 05f8150
==== kernel-source ====
Version update (5.16.1 -> 5.16.2)
Subpackages: kernel-default kernel-docs
- Update
patches.kernel.org/5.16.2-005-vfs-fs_context-fix-up-param-length-parsing-in-.patch
(bsc#1012628 CVE-2022-0185 bsc#1194517).
Add CVE reference.
- commit 0d710a8
- s390/mm: fix 2KB pgtable release race (bsc#1188896).
- commit 6f62d73
- HID: wacom: Avoid using stale array indicies to read contact
count (bsc#1194667).
- HID: wacom: Ignore the confidence flag when a touch is removed
(bsc#1194667).
- HID: wacom: Reset expected and received contact counts at the
same time (bsc#1194667).
- commit 07a970c
- Linux 5.16.2 (bsc#1012628).
- ALSA: hda/realtek: Re-order quirk entries for Lenovo
(bsc#1012628).
- ALSA: hda/realtek: Add quirk for Legion Y9000X 2020
(bsc#1012628).
- ALSA: hda/tegra: Fix Tegra194 HDA reset failure (bsc#1012628).
- ALSA: hda: ALC287: Add Lenovo IdeaPad Slim 9i 14ITL5 speaker
quirk (bsc#1012628).
- ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus
Master after reboot from Windows (bsc#1012628).
- ALSA: hda/realtek: Use ALC285_FIXUP_HP_GPIO_LED on another HP
laptop (bsc#1012628).
- ALSA: hda/realtek: Add speaker fixup for some Yoga 15ITL5
devices (bsc#1012628).
- perf annotate: Avoid TUI crash when navigating in the annotation
of recursive functions (bsc#1012628).
- firmware: qemu_fw_cfg: fix kobject leak in probe error path
(bsc#1012628).
- firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate
entries (bsc#1012628).
- firmware: qemu_fw_cfg: fix sysfs information leak (bsc#1012628).
- rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore()
with interrupts enabled (bsc#1012628).
- media: uvcvideo: fix division by zero at stream start
(bsc#1012628).
- video: vga16fb: Only probe for EGA and VGA 16 color graphic
cards (bsc#1012628).
- 9p: fix enodata when reading growing file (bsc#1012628).
- 9p: only copy valid iattrs in 9P2000.L setattr implementation
(bsc#1012628).
- NFSD: Fix zero-length NFSv3 WRITEs (bsc#1012628).
- remoteproc: qcom: pas: Add missing power-domain "mxc" for CDSP
(bsc#1012628).
- KVM: s390: Clarify SIGP orders versus STOP/RESTART
(bsc#1012628).
- KVM: x86: don't print when fail to read/write pv eoi memory
(bsc#1012628).
- KVM: x86: Register Processor Trace interrupt hook iff PT
enabled in guest (bsc#1012628).
- KVM: x86: Register perf callbacks after calling vendor's
hardware_setup() (bsc#1012628).
- perf: Protect perf_guest_cbs with RCU (bsc#1012628).
- vfs: fs_context: fix up param length parsing in
legacy_parse_param (bsc#1012628).
- remoteproc: qcom: pil_info: Don't memcpy_toio more than is
provided (bsc#1012628).
- orangefs: Fix the size of a memory allocation in
orangefs_bufmap_alloc() (bsc#1012628).
- drm/amd/display: explicitly set is_dsc_supported to false
before use (bsc#1012628).
- devtmpfs regression fix: reconfigure on each mount
(bsc#1012628).
- commit 6fa29ec
- kernel-binary.spec: Do not use the default certificate path (bsc#1194943).
Using the the default path is broken since Linux 5.17
- commit 68b36f0
- disable the Bluetooth patch again
The kernel is currently tested whether the patch is needed at all. As
95655456e7ce in upstream might fix the issue too (but differently).
- commit c3bbaae
- series.conf: cleanup
- move mainline patches into sorted section:
- patches.suse/mwifiex-Fix-skb_over_panic-in-mwifiex_usb_recv.patch
- patches.suse/0001-usb-Add-Xen-pvUSB-protocol-description.patch
- patches.suse/0002-usb-Introduce-Xen-pvUSB-frontend-xen-hcd.patch
- update upstream references and move into sorted section:
- patches.suse/ALSA-usb-audio-Add-minimal-mute-notion-in-dB-mapping.patch
- patches.suse/ALSA-usb-audio-Fix-dB-level-of-Bose-Revolve-SoundLin.patch
- patches.suse/ALSA-usb-audio-Use-int-for-dB-map-values.patch
No effect on expanded tree.
- commit 607f978
- Refresh and reenable
patches.suse/Bluetooth-Apply-initial-command-workaround-for-more-.patch.
- commit a7b7c0d
- series.conf: Add sorted section header/footer
Even though we don't carry many patches in the stable or master
branches, having the sorted section header/footer allows the automated
tools to work.
- commit 05f8150
==== libapparmor ====
- add ruby-3.1-build-fix.diff: fix build with ruby 3.1 (boo#1194221,
MR 827)
==== libical ====
Version update (3.0.12 -> 3.0.13)
- update to 3.0.13:
* icalcomponent_get_dtend() return icaltime_null_time(), unless called on
VEVENT, VAVAILABILITY or VFREEBUSY
* icalcomponent_get_duration() for VTODO calculate with DUE instead of DTEND
* Replace CMake FindBDB with FindBerleyDB
* Fix finding ICU and BerkeleyDB on Mac
==== libical-glib ====
Version update (3.0.12 -> 3.0.13)
- update to 3.0.13:
* icalcomponent_get_dtend() return icaltime_null_time(), unless called on
VEVENT, VAVAILABILITY or VFREEBUSY
* icalcomponent_get_duration() for VTODO calculate with DUE instead of DTEND
* Replace CMake FindBDB with FindBerleyDB
* Fix finding ICU and BerkeleyDB on Mac
==== libimobiledevice ====
Version update (1.3.0+git.20200910 -> 1.3.0+git.20210921)
- Add python-rpm-macros to BuildRequires (boo#1194755).
- Update to version 1.3.0+git.20210921:
* Remove common code in favor of new libimobiledevice-glue
* tools: idevicebackup2: Exit on service startup failure and improve error messages
* idevice: Reset receive length variable in internal_ssl_read retry loop and fix wrong variable in debug message
* lockdown: Get DeviceClass to make sure OS version dependent code is executed correctly
* Handle error cases in relevant code when retrieving pair record fails
* common: Return proper error codes from userpref_read_pair_record
* Add support for MbedTLS
* idevice: Make sure to handle timeout condition for network connections too
* installation_proxy: Ignore non-status messages instead of terminating loop
* mobilesync: Set DeviceLink version to 400 to support iOS 14b4+
* tools/idevicecrashreport: Fix illegal filenames on Windows
* tools: Fix entering recovery mode on iOS 14.5+ which now requires a pairing
* tools: Fix delays in idevicedebugserverproxy when using SSL
* debugserver: Return success when a receive timed out but actualy bytes have been read
* idevice: Allow partial reads in idevice_connection_receive_timeout() and handle timeouts more adequate
* Fixed bytes/strings checks in lockdown.pxi for compatibility with Python2/3
* Fixed bytes/strings check in imobiledevice.pyx for compatibility with Python2/3
* Fixed debugserver.pxi PyString_AsString compatibility with Python3
* Fixed AFC afc.pxi definitions for Python2/3 compatibility. Added missing public method 'remove_path_and_contents'
* ideviceprovision: Fix date output by adding MAC_EPOCH
* docs: Improve --quiet command line switch description in idevicesyslog man page
* idevicescreenshot: Choose a better filename, prevent overwriting existing files
* idevicedebug: Add --detach option to start an app and exit idevicedebug without killing the app
* idevicebackup2: Handle DLMessagePurgeDiskSpace by sending back error code
* idevicebackup2: Update errno to device error mapping
* idevice: Handle -EAGAIN in case usbmuxd_send() returns it
* idevicebackup2: Don't fail on restore when source backup doesn't have any application info
==== libodfgen ====
- Fix license header to correspond to SPDX abbreviation
==== libplist ====
- Add python-rpm-macros to BuildRequires (boo#1194756).
==== librevenge ====
Subpackages: librevenge-0_0-0 librevenge-stream-0_0-0
- Fix license header to correspond to SPDX abbreviation
==== libstaroffice ====
- Fix license header to correspond to SPDX abbreviation
==== libstorage-ng ====
Version update (4.4.76 -> 4.4.78)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- merge gh#openSUSE/libstorage-ng#858
- Add glibc-locale buildrequires for testsuite on SUSE distros
- 4.4.78
- Translated using Weblate (Portuguese (Brazil)) (bsc#1149754)
- 4.4.77
==== libvirt ====
Subpackages: libvirt-client libvirt-daemon libvirt-daemon-driver-interface libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lxc libvirt-daemon-qemu libvirt-libs
- Revert commit 938382b60a since it changes semantics on some
public APIs
105dace2-revert-virProcessGetStatInfo.patch
- libxl: Add lock process indicator to saved VM state
31e937fb-libxl-save-lock-indicator.patch
bsc#1191668
==== libwpd ====
- Fix license header to correspond to SPDX abbreviation
==== libwpg ====
- Fix license header to correspond SPDX abbreviation
==== libwps ====
- Fix license header to correspond to SPDX abbreviation
==== llvm13 ====
Subpackages: clang-tools clang13 clang13-doc libLLVM13 libLTO13 libc++-devel libc++1 libc++abi-devel libc++abi1 libclang13
- Add support for experimental targets and enable the M68k backend
- Add patch to fix testsuite after enabling the M68k backend
+ llvm-update-extract-section-script.patch
==== mozilla-nss ====
Version update (3.73.1 -> 3.74)
Subpackages: libfreebl3 libfreebl3-hmac libsoftokn3 libsoftokn3-hmac mozilla-nss-certs mozilla-nss-tools
- update to NSS 3.74
* bmo#966856 - mozilla::pkix: support SHA-2 hashes in CertIDs in
OCSP responses
* bmo#1553612 - Ensure clients offer consistent ciphersuites after HRR
* bmo#1721426 - NSS does not properly restrict server keys based on policy
* bmo#1733003 - Set nssckbi version number to 2.54
* bmo#1735407 - Replace Google Trust Services LLC (GTS) R4 root certificate
* bmo#1735407 - Replace Google Trust Services LLC (GTS) R3 root certificate
* bmo#1735407 - Replace Google Trust Services LLC (GTS) R2 root certificate
* bmo#1735407 - Replace Google Trust Services LLC (GTS) R1 root certificate
* bmo#1735407 - Replace GlobalSign ECC Root CA R4
* bmo#1733560 - Remove Expired Root Certificates - DST Root CA X3
* bmo#1740807 - Remove Expiring Cybertrust Global Root and GlobalSign root
certificates
* bmo#1741930 - Add renewed Autoridad de Certificacion Firmaprofesional
CIF A62634068 root certificate
* bmo#1740095 - Add iTrusChina ECC root certificate
* bmo#1740095 - Add iTrusChina RSA root certificate
* bmo#1738805 - Add ISRG Root X2 root certificate
* bmo#1733012 - Add Chunghwa Telecom's HiPKI Root CA - G1 root certificate
* bmo#1738028 - Avoid a clang 13 unused variable warning in opt build
* bmo#1735028 - Check for missing signedData field
* bmo#1737470 - Ensure DER encoded signatures are within size limits
- enable key logging option (boo#1195040)
==== neon ====
Version update (0.32.1 -> 0.32.2)
- update to 0.32.2:
* Fix auth handling for request-target of "*"
==== paprefs ====
Version update (1.1 -> 1.2)
- Update to version 1.2:
+ Compatibility with PulseAudio 16.0 module paths
+ Crash bug fix
+ Updated translations.
==== patterns-games ====
Version update (20170319 -> 20220126)
- No longer suggest solarwolf: this package does not exist since
Mid 2020 anymore.
- 20220126
==== patterns-gnome ====
Subpackages: patterns-gnome-gnome patterns-gnome-gnome_basic patterns-gnome-gnome_basis patterns-gnome-gnome_basis_opt patterns-gnome-gnome_games patterns-gnome-gnome_imaging patterns-gnome-gnome_internet patterns-gnome-gnome_multimedia patterns-gnome-gnome_office patterns-gnome-gnome_utilities patterns-gnome-gnome_x11 patterns-gnome-gnome_yast patterns-gnome-sw_management_gnome
- Do not require gnome-packagekit by gnome_x11: we have a specific
sw_management_gnome pattern, which supplements the generic
sw_management plus the basic gnome pattern, and that's where we
also should (and do) recommend gnome-packagekit.
- Do not recommend speech-dispatcher-module-espeak: we recommend
speech-dispatcher, the rest is handled by dependencies from the
packages (recommends and supplements).
- No longer recommend gnome-menus: GNOME 3 is not using menu
structures. This package is used by extension-classic, and if
that extension is installed, gnome-menus comes in as a dep.
- Stop recommending samba: samba is the server, which makes no
sense to be recommended by the desktop pattern.
==== pciutils ====
Subpackages: libpci3
- Set sbindir to /usr/bin to fix Steam issues
(rh#1858437, gh#ValveSoftware/steam-for-linux#3306)
- Add symlinks from /usr/sbin to /usr/bin
==== perl-Net-HTTP ====
Version update (6.21 -> 6.22)
- updated to 6.22
see /usr/share/doc/packages/perl-Net-HTTP/Changes
6.22 2022-01-21 20:41:21Z
- Format method bullet points as code in docs (GH#77) (Paul Cochrane)
- Ignore automatically generated directories (GH#76) (Paul Cochrane)
- Use copyright start year rather than range (issue raised by Paul
Cochrane)
==== perl-libwww-perl ====
Version update (6.60 -> 6.61)
- updated to 6.61
see /usr/share/doc/packages/perl-libwww-perl/Changes
6.61 2022-01-21 21:41:18Z
- Use File::Copy::move to attempt an atomic mirror (GH#401) (Andrew Fresh)
- Require Getopt::Long at runtime, too (GH#402) (Ville Skytt�)
==== pipewire ====
Version update (0.3.43 -> 0.3.44)
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools
- Update to version 0.3.44:
* Highlights:
- It is now possible to run a minimal PipeWire server without a
session manager, enough to run JACK clients.
- The maximum buffer size is now configurable and can be larger
than the previously hardcoded limit of 8192 samples.
When using high sample rates, the larger buffer size can
avoid xruns.
- The default maximum latency was reduced from 170ms to 42ms.
This should improve overall latency for application that ask
for a large latency, such as notifications.
- Better JACK compatibility. Patchbays should now get less
confused about ports appearing and disappearing.
- Fix some bluetooth crashes.
- Fix some races in ALSA device detection.
- Many bug fixes and improvements all over the place.
* PipeWire:
- Bump the meson requirement to 0.59.0.
- pw-top now reports correct times for filter-chain and
loopback.
- max-quantum is now also scaled with the rate. A new
quantum-limit property was added as a hard limit for the
quantum. This makes it possible to configure for larger than
8192 buffer sizes. Note than many JACK applications have a
hardcoded 8192 limit.
- The max-quantum was reduced to 2048, This gives a 42ms
default latency.
- pw-filter can now return a NULL buffer from _get_dsp_buffer()
- Add a PIPEWIRE_RATE and PIPEWIRE_QUANTUM env variable to set
the graph rate and the graph quantum and rate respectively.
- Fix a potential file descriptor leak in the connection.
- A new minimal.conf file was added to demonstrate a static
setup of a daemon that doesn't require a session manager and
is able to run JACK applicaions.
- Nice levels are now only changed on the servers, not the
clients.
- Add an option to suspend nodes when idle.
- Make it possible to avoid quantum and rate changes with
pw-metadata. This is essential in a locked down system.
- Handle mixer port errors better and fail to create the link
instead of silently not working.
- Nodes that are moved to a driver now have all the linked
nodes moved as well. This makes it possible to run some
graphs without a driver, such as paplay -> zita-j2n.
- pw-cli and pw-dump can now also list objects by name, serial
and object.path using glob style pattern matching.
* modules:
- filter-chain can now also configure parameters by index.
- Fix the client name of module-protocol-simple.
- module-rtkit was merged into module-rt. This makes it easier
to ship a default config that works on more systems by
default.
- module-adapter can now configure the adapter node from the
config. Previously, this was a task only performed by the
session manager.
- module-metadata can now also create metadata object from the
config file.
- The ROC module should now work again.
- An X11-bell module was added to handle X11 bell events.
- filter-chain and loopback modules now have better unique
default names for the streams, which makes it possible to
save and restore their volumes independently.
- module-echo-cancel now has properties to control the delay
and buffer size.
* ALSA:
- The monitor names are now correctly parsed.
- The default period size for batch devices is limited now to
avoid large latency.
- The unused min/max-latency properties were removed.
- Internal latency is now also configurable with params at
runtime.
- The udev rule for TI2902 was removed because it causes
problems.
- Fix a race where some devices would sometimes be missing.
- Add some more timeouts to work around a race in udev device
permission changes when switching VTs.
* SPA:
- Fix potential infinite loop in audioconvert.
- The spa-resample tools can now also use optimised
implementations.
- Fix a potential crash in resampler.
- audioconvert can now also handle F64 formats.
- The channelmixer now does normalization by default to avoid
clipping when downmixing is active.
- The channelmixer will now generate LFE channels when the
lfe_cutoff frequency is set, even when upmix is disabled.
- The channelmixer will now always generate FC when the target
has it.
- Adapter now reports latency correctly, even after linking the
monitor ports.
- Reduce memory usage and preallocated memory in some of the
audioconvert nodes.
- Many properties are now exposed in adapter, such as the
resample quality.
- The resampler and channelmixer can now be disabled.
* V4L2:
- pw-v4l2 now also works for ffplay.
- Take product names from udev now that the kernel returns
generic name.
* JACK:
- The jack pkgconfig file now has the
jack_implementation=pipewire variable to be able to
distinguish jack implementations.
- jconvolver now starts correctly again.
- The object.serial is now used for the port_id. This makes it
easier to track old objects in the cache.
- Add a dummy jacknet implementation.
- A bug in the port allocation was fixed that would make it
impossible to allocate ports at some point.
* Bluetooth:
- Bluetooth profiles are now saved properly by the
session manager.
- Improved profile detections, increased timeouts for slow
devices.
- Implement HFP call indicator for improved compatibility.
- Handle the case where bluez does not set the adapter or
address properties on the device instead of crashing.
- Improved support for setting the profile from the
session manager.
* pulse-server:
- Monitor sources now have the device.class=monitor for better
compatibility.
- Behaviour after seeking is improved. The algorithm for
requesting bytes from the client was simplified and improved.
- module-ladspa-sink implements the control argument now.
- A potential memory leak in the message queue was fixed.
- Use the object.serial for the pulseaudio object index. The
index is not supposed to be reused and this would cause
problems with some clients.
- Servers should now again be able to listen in IPv4.
- module-x11-bell was added.
- There is now support for per-application quirks and
properties in the pipewire-pulse.conf file. Per-application
latency and buffering properties can also be configured.
- Fix a regression in telegram sounds not playing.
- Drop patches already included upstream:
* 0001-alsa-improve-rate-selection.patch
* 0001-audioconvert-avoid-infinite-loop.patch
* 0001-bluez5-dont-create-device-if-adapter-is-missing.patch
* 0001-bluez5-handle-missing-device-and-adapter-in-quirks.patch
* 0001-jack-remember-last-return-from-jack_get_buffer_size.patch
* 0001-loop-invoke-immediately-when-loop-is-not-running.patch
* 0001-merger-also-reconfigure-when-monitor-changes.patch
* 0001-pulse-server-show-monitor-sources-with-device_class_monitor.patch
* 0001-pw-metadata-handle-NULL-props-from-metadata-object.patch
* 0001-raop-fix-errno-check.patch
==== plymouth ====
Subpackages: libply-boot-client5 libply-splash-core5 libply-splash-graphics5 libply5 plymouth-dracut plymouth-lang plymouth-plugin-label plymouth-plugin-two-step plymouth-scripts plymouth-theme-bgrt plymouth-theme-spinner
- Update SPEC file:
Remove usermerged macro and script:
1, currently, it blocks the building in SLE-15-SP4;
2, plymouth already build with "without-system-root-install",
make all binary install to /usr/bin and /usr/sbin; which
fit for /user merge target.
3, plymouth is not launched by user. and all system intergration
point are called from /usr.
4, So no change need to do, everything already works.
Remove rm rhgb-client:
plymouth already build with "without-rhgb-compat-link",
rhgb doesn't generated from beginning.
Remove "disable-libkms":
SUSE support kms and drm very well now, plymouth works
fine with them.
- Remove plymouth-correct-runtime-dir.patch:
Use upstream build param "with-runtimedir=/run" to instead.
- Change plymouth-dracut build arch to noarch:
It only contain a script.
Change libply, libply-boot-client, libply-splash-core,
libply-splash-graphics group from Development/Libraries/C and
C++ to System/Libraries:
They are plymouth and plymouthd runtime library, which install
together with plymouth.
- Resort rpm file list.
==== polkit ====
Subpackages: libpolkit-agent-1-0 libpolkit-gobject-1-0 typelib-1_0-Polkit-1_0
- Switch from mozjs to duktape:
* Add duktape-support.patch
- Fixed pkexec Local Privilege Escalation aka pwnkit (CVE-2021-4034 bsc#1194568)
CVE-2021-4034-pkexec-fix.patch
==== procps ====
Subpackages: libprocps8
- Correct used URLs
==== protobuf ====
Version update (3.17.3 -> 3.19.4)
- update to 3.19.4:
Python:
* Make libprotobuf symbols local on OSX to fix issue #9395 (#9435)
Ruby:
* Fixed a data loss bug that could occur when the number of optional fields
in a message is an exact multiple of 32
PHP:
* Fixed a data loss bug that could occur when the number of optional fields
in a message is an exact multiple of 32.
- Update to 3.19.3:
C++:
* Make proto2::Message::DiscardUnknownFields() non-virtual
* Separate RepeatedPtrField into its own header file
* For default floating point values of 0, consider all bits significant
* Fix shadowing warnings
* Fix for issue #8484, constant initialization doesn't compile in msvc clang-cl environment
Java:
* Improve performance characteristics of UnknownFieldSet parsing
* For default floating point values of 0, consider all bits significant
* Annotate //java/com/google/protobuf/util/... with nullness annotations
* Use ArrayList copy constructor
Bazel:
* Ensure that release archives contain everything needed for Bazel
* Align dependency handling with Bazel best practices
Javascript:
* Fix ReferenceError: window is not defined when getting the global object
Ruby:
* Fix memory leak in MessageClass.encode
* Override Map.clone to use Map's dup method
* Ruby: build extensions for arm64-darwin
* Add class method Timestamp.from_time to ruby well known types
* Adopt pure ruby DSL implementation for JRuby
* Add size to Map class
* Fix for descriptor_pb.rb: google/protobuf should be required first
Python:
* Proto2 DecodeError now includes message name in error message
* Make MessageToDict convert map keys to strings
* Add python-requires in setup.py
* Add python 3.10
==== python-boto3 ====
Version update (1.20.35 -> 1.20.40)
- Update to version 1.23.40
* api-change:``guardduty``: [``botocore``] Amazon GuardDuty findings now include
remoteAccountDetails under AwsApiCallAction section if instance credential is exfiltrated.
* api-change:``connect``: [``botocore``] This release adds tagging support for UserHierarchyGroups
resource.
* api-change:``mediatailor``: [``botocore``] This release adds support for multiple Segment
Delivery Configurations. Users can provide a list of names and URLs when creating or editing a
source location. When retrieving content, users can send a header to choose which URL should be
used to serve content.
* api-change:``fis``: [``botocore``] Added action startTime and action endTime timestamp fields to
the ExperimentAction object
* api-change:``ec2``: [``botocore``] C6i, M6i and R6i instances are powered by a third-generation
Intel Xeon Scalable processor (Ice Lake) delivering all-core turbo frequency of 3.5 GHz
- from version 1.20.39
* api-change:``macie2``: [``botocore``] This release of the Amazon Macie API introduces stricter
validation of requests to create custom data identifiers.
* api-change:``ec2-instance-connect``: [``botocore``] Adds support for ED25519 keys.
PushSSHPublicKey Availability Zone parameter is now optional. Adds EC2InstanceStateInvalidException
for instances that are not running. This was previously a service exception, so this may require
updating your code to handle this new exception.
- from version 1.20.38
* api-change:``ivs``: [``botocore``] This release adds support for the new Thumbnail Configuration
property for Recording Configurations. For more information see
https://docs.aws.amazon.com/ivs/latest/userguide/record-to-s3.html
* api-change:``storagegateway``: [``botocore``] Documentation update for adding bandwidth
throttling support for S3 File Gateways.
* api-change:``location``: [``botocore``] This release adds the CalculateRouteMatrix API which
calculates routes for the provided departure and destination positions. The release also deprecates
the use of pricing plan across all verticals.
* api-change:``cloudtrail``: [``botocore``] This release fixes a documentation bug in the
description for the readOnly field selector in advanced event selectors. The description now
clarifies that users omit the readOnly field selector to select both Read and Write management
events.
* api-change:``ec2``: [``botocore``] Add support for AWS Client VPN client login banner and session
timeout.
- from version 1.20.37
* enhancement:Configuration: [``botocore``] Adding support for `defaults_mode` configuration. The
`defaults_mode` will be used to determine how certain default configuration options are resolved in
the SDK.
- from version 1.20.36
* api-change:``config``: [``botocore``] Update ResourceType enum with values for CodeDeploy, EC2
and Kinesis resources
* api-change:``application-insights``: [``botocore``] Application Insights support for Active
Directory and SharePoint
* api-change:``honeycode``: [``botocore``] Added read and write api support for multi-select
picklist. And added errorcode field to DescribeTableDataImportJob API output, when import job fails.
* api-change:``ram``: [``botocore``] This release adds the ListPermissionVersions API which lists
the versions for a given permission.
* api-change:``lookoutmetrics``: [``botocore``] This release adds a new DeactivateAnomalyDetector
API operation.
- Update BuildRequires and Requires from setup.py
==== python-botocore ====
Version update (1.23.35 -> 1.23.40)
- Version update to 1.23.40
* api-change:``guardduty``: Amazon GuardDuty findings now include remoteAccountDetails under
AwsApiCallAction section if instance credential is exfiltrated.
* api-change:``connect``: This release adds tagging support for UserHierarchyGroups resource.
* api-change:``mediatailor``: This release adds support for multiple Segment Delivery
Configurations. Users can provide a list of names and URLs when creating or editing a source
location. When retrieving content, users can send a header to choose which URL should be used to
serve content.
* api-change:``fis``: Added action startTime and action endTime timestamp fields to the
ExperimentAction object
* api-change:``ec2``: C6i, M6i and R6i instances are powered by a third-generation Intel Xeon
Scalable processor (Ice Lake) delivering all-core turbo frequency of 3.5 GHz
- from version 1.23.39
* api-change:``macie2``: This release of the Amazon Macie API introduces stricter validation of
requests to create custom data identifiers.
* api-change:``ec2-instance-connect``: Adds support for ED25519 keys. PushSSHPublicKey Availability
Zone parameter is now optional. Adds EC2InstanceStateInvalidException for instances that are not
running. This was previously a service exception, so this may require updating your code to handle
this new exception.
- from version 1.23.38
* api-change:``ivs``: This release adds support for the new Thumbnail Configuration property for
Recording Configurations. For more information see
https://docs.aws.amazon.com/ivs/latest/userguide/record-to-s3.html
* api-change:``storagegateway``: Documentation update for adding bandwidth throttling support for
S3 File Gateways.
* api-change:``location``: This release adds the CalculateRouteMatrix API which calculates routes
for the provided departure and destination positions. The release also deprecates the use of
pricing plan across all verticals.
* api-change:``cloudtrail``: This release fixes a documentation bug in the description for the
readOnly field selector in advanced event selectors. The description now clarifies that users omit
the readOnly field selector to select both Read and Write management events.
* api-change:``ec2``: Add support for AWS Client VPN client login banner and session timeout.
- from version 1.23.37
* enhancement:Configuration: Adding support for `defaults_mode` configuration. The `defaults_mode`
will be used to determine how certain default configuration options are resolved in the SDK.
- from version 1.23.36
* api-change:``config``: Update ResourceType enum with values for CodeDeploy, EC2 and Kinesis
resources
* api-change:``application-insights``: Application Insights support for Active Directory and
SharePoint
* api-change:``honeycode``: Added read and write api support for multi-select picklist. And added
errorcode field to DescribeTableDataImportJob API output, when import job fails.
* api-change:``ram``: This release adds the ListPermissionVersions API which lists the versions for
a given permission.
* api-change:``lookoutmetrics``: This release adds a new DeactivateAnomalyDetector API operation.
==== python-fsspec ====
Version update (2021.11.1 -> 2022.1.0)
- Update to 2022.1.0
* Fix blocks cache metadata (#746)
* Fix default SMB port (#853)
* Fix caching fixes (#856, 855)
* Fix explicit close for http files (#866)
* Fix put_file to continue when no bytes (#869, 870)
* temporary files location (#851, 871)
* async abstract methods (#858, 859, 860)
* md5 for FIPS (#872)
* remove deprecated pyarrow/distutils (#880, 881)
- Update flavored requirements: python36 no longer exists,
python-distributed does not support python310 yet.
==== python-gcsfs ====
Version update (2021.11.1 -> 2022.1.0)
Subpackages: python38-gcsfs python38-gcsfs-fuse
- Update to 2022.01.0
* update refname for versions (#442)
==== python-google-auth ====
Version update (2.0.1 -> 2.5.0)
- Update to 2.5.0
* ADC can load an impersonated service account credentials. (#965)
- from version 2.4.1
* fix urrlib3 import (gh#googleapis/google-auth-library-python#953)
- from version 2.4.0
* add 'py.typed' declaration (#919)
* add api key support (#826)
* deps: allow cachetools 5.0 for python 3.7+
(gh#googleapis/google-auth-library-python#937)
* fix the message format for metadata server exception
(gh#googleapis/google-auth-library-python#916)
- from version 2.3.3
* add fetch_id_token_credentials (gh#googleapis/google-auth-library-python#866)
* fix error in sign_bytes (gh#googleapis/google-auth-library-python#905)
* use 'int.to_bytes' and 'int.from_bytes' for py3
(gh#googleapis/google-auth-library-python#904)
- from version 2.3.2
* add clock_skew_in_seconds to verify_token functions
(gh#googleapis/google-auth-library-python#894)
- from version 2.3.1
* add back python 2.7 for gcloud usage only
(gh#googleapis/google-auth-library-python#892)
- from version 2.3.0
* add support for Python 3.10 (#882)
* ADC with impersonated workforce pools
(gh#googleapis/google-auth-library-python#877)
- from version 2.2.1
* disable self signed jwt for domain wide delegation
(gh#googleapis/google-auth-library-python#873)
- from version 2.2.0
* add support for workforce pool credentials (#868)
- from version 2.1.0
* Improve handling of clock skew (#858)
* add SAML challenge to reauth
(gh#googleapis/google-auth-library-python#819)
* disable warning if quota project id provided to auth.default()
(gh#googleapis/google-auth-library-python#856)
* rename CLOCK_SKEW and separate client/server user case
(gh#googleapis/google-auth-library-python#863)
- from version 2.0.2
* use 'int.to_bytes' rather than deprecated crypto wrapper
(gh#googleapis/google-auth-library-python#848)
* use int.from_bytes (gh#googleapis/google-auth-library-python#846)
==== python-passlib ====
- The disaster of falling tests (see previous record in this
changelog for URL) just continues with test_02_handler_wrapper.
==== python-py ====
Version update (1.10.0 -> 1.11.0)
- update to 1.11.0:
* Support Python 3.11
* Support ``NO_COLOR`` environment variable
* Update vendored apipkg: 1.5 => 2.0
==== python-s3fs ====
Version update (2021.11.1 -> 2022.1.0)
- Update to 2022.01.1
* aiobotocore dep to 2.1.0 (#564)
* docs for non-aws (#567)
* ContentType in info (#570)
* small-file ACL (#574)
==== python-xarray ====
- Don't test with dask and distributed in python310: not supported
yet
==== qemu ====
Subpackages: qemu-accel-qtest qemu-accel-tcg-x86 qemu-arm qemu-audio-spice qemu-block-curl qemu-block-dmg qemu-block-gluster qemu-block-iscsi qemu-block-nfs qemu-block-rbd qemu-block-ssh qemu-chardev-baum qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-host qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-ipxe qemu-ksm qemu-lang qemu-microvm qemu-ppc qemu-s390x qemu-seabios qemu-sgabios qemu-skiboot qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios qemu-vhost-user-gpu qemu-x86
- Enable modules for testsuite
* Patches added:
meson-build-all-modules-by-default.patch
==== raspberrypi-firmware ====
Version update (2021.12.01 -> 2022.01.24)
- Update to 9c04ed2c1a (2022-01-24):
* firmware: platform: Limit max clock-id to CLOCK_VEC for now
See: #1688
- Update to 827fdd0736 (2022-01-20):
* firmware: dtoverlay: Don't mix non-fatal errors and offsets
See: #1686
* firmware: arm_loader: Load vl805 overlay on CM4
See: https://forums.raspberrypi.com/viewtopic.php?t=326088
* firmware: gencmdserv: Add mailbox interface to gencmd
* firmware: improve firmware camera detection
* firmware: arm-loader: Fix kernel8.img selection on 2837 with arm_64bit=1
See: #1671
* firmware: ldconfig: Discard subsequent chunks from a truncated line
See: #1669
* firmware: cec: Fail set_passive_mode when running with kms
* firmware: Firmware: Remove PWM/audio traits for CM4
* firmware: usb: Fix non-BCM2711 MSD support
See: raspberrypi/usbboot#102
==== raspberrypi-firmware-config ====
Version update (2021.12.01 -> 2022.01.24)
- Update to 9c04ed2c1a (2022-01-24):
* firmware: platform: Limit max clock-id to CLOCK_VEC for now
See: #1688
- Update to 827fdd0736 (2022-01-20):
* firmware: dtoverlay: Don't mix non-fatal errors and offsets
See: #1686
* firmware: arm_loader: Load vl805 overlay on CM4
See: https://forums.raspberrypi.com/viewtopic.php?t=326088
* firmware: gencmdserv: Add mailbox interface to gencmd
* firmware: improve firmware camera detection
* firmware: arm-loader: Fix kernel8.img selection on 2837 with arm_64bit=1
See: #1671
* firmware: ldconfig: Discard subsequent chunks from a truncated line
See: #1669
* firmware: cec: Fail set_passive_mode when running with kms
* firmware: Firmware: Remove PWM/audio traits for CM4
* firmware: usb: Fix non-BCM2711 MSD support
See: raspberrypi/usbboot#102
==== raspberrypi-firmware-dt ====
Version update (2021.11.19 -> 2022.01.19)
- Switch to 5.16 branch - boo#1194423
- Update to ffd6c6dc4dbf (2022-01-19)
==== rsyslog ====
- add service dependencies for remote logging (bsc#1194669)
- update config example in remote.conf to match upstream documentation
==== ruby ====
Version update (3.0 -> 3.1)
- switch the default ruby to 3.1
==== salt ====
Version update (3003.3 -> 3004)
Subpackages: python3-salt salt-master salt-minion salt-transactional-update
- Update to version 3004, see release notes: https://docs.saltproject.io/en/master/topics/releases/3004.html
- Don't check for cached pillar errors on state.apply (bsc#1190781)
- Added:
* state.apply-don-t-check-for-cached-pillar-errors.patch
- Modified:
* add-migrated-state-and-gpg-key-management-functions-.patch
* switch-firewalld-state-to-use-change_interface.patch
* include-aliases-in-the-fqdns-grains.patch
* debian-info_installed-compatibility-50453.patch
* info_installed-works-without-status-attr-now.patch
* fix-traceback.print_exc-calls-for-test_pip_state-432.patch
* add-custom-suse-capabilities-as-grains.patch
* add-rpm_vercmp-python-library-for-version-comparison.patch
* 3003.3-do-not-consider-skipped-targets-as-failed-for.patch
* support-transactional-systems-microos.patch
* do-not-crash-when-unexpected-cmd-output-at-listing-p.patch
* enable-passing-a-unix_socket-for-mysql-returners-bsc.patch
* update-target-fix-for-salt-ssh-to-process-targets-li.patch
* fix-exception-in-yumpkg.remove-for-not-installed-pac.patch
* enhance-openscap-module-add-xccdf_eval-call-386.patch
* add-environment-variable-to-know-if-yum-is-invoked-f.patch
* zypperpkg-ignore-retcode-104-for-search-bsc-1176697-.patch
* run-salt-master-as-dedicated-salt-user.patch
* 3003.3-postgresql-json-support-in-pillar-423.patch
* prevent-pkg-plugins-errors-on-missing-cookie-path-bs.patch
* early-feature-support-config.patch
* implementation-of-held-unheld-functions-for-state-pk.patch
* x509-fixes-111.patch
* fix-issues-with-salt-ssh-s-extra-filerefs.patch
* mock-ip_addrs-in-utils-minions.py-unit-test-443.patch
* use-adler32-algorithm-to-compute-string-checksums.patch
* refactor-and-improvements-for-transactional-updates-.patch
* improvements-on-ansiblegate-module-354.patch
* revert-fixing-a-use-case-when-multiple-inotify-beaco.patch
- Removed:
* add-alibaba-cloud-linux-2-by-backporting-upstream-s-.patch
* prevent-logging-deadlock-on-salt-api-subprocesses-bs.patch
* do-not-break-master_tops-for-minion-with-version-low.patch
* don-t-call-zypper-with-more-than-one-no-refresh.patch
* do-not-monkey-patch-yaml-bsc-1177474.patch
* add-missing-aarch64-to-rpm-package-architectures-405.patch
* figure-out-python-interpreter-to-use-inside-containe.patch
* parsing-epoch-out-of-version-provided-during-pkg-rem.patch
* fix-a-test-and-some-variable-names-229.patch
* add-astra-linux-common-edition-to-the-os-family-list.patch
* better-handling-of-bad-public-keys-from-minions-bsc-.patch
* templates-move-the-globals-up-to-the-environment-jin.patch
* virt-enhancements.patch
* fix-aptpkg.normalize_name-when-package-arch-is-all.patch
* adding-preliminary-support-for-rocky.-59682-391.patch
* fix-save-for-iptables-state-module-bsc-1185131-372.patch
==== samba ====
Version update (4.15.3+git.219.40cc1cd8591 -> 4.15.4+git.224.dea2f6dc836)
Subpackages: libsamba-policy0-python3 samba-ad-dc-libs samba-client samba-client-libs samba-doc samba-gpupdate samba-ldb-ldap samba-libs samba-libs-python3 samba-python3 samba-winbind samba-winbind-libs
- Update to 4.15.4
* Duplicate SMB file_ids leading to Windows client cache
poisoning; (bso#14928);
* Failed to parse NTLMv2_RESPONSE length 95 - Buffer Size Error -
NT_STATUS_BUFFER_TOO_SMALL; (bso#14932);
* kill_tcp_connections does not work; (bso#14934);
* Can't connect to Windows shares not requiring authentication
using KDE/Gnome; (bso#14935);
* smbclient -L doesn't set "client max protocol" to NT1 before
calling the "Reconnecting with SMB1 for workgroup listing"
path; (bso#14939);
* Cross device copy of the crossrename module always fails;
(bso#14940);
* symlinkat function from VFS cap module always fails with an
error; (bso#14941);
* Fix possible fsp pointer deference; (bso#14942);
* Missing pop_sec_ctx() in error path inside close_directory();
(bso#14944);
* "smbd --build-options" no longer works without an smb.conf file;
(bso#14945);
==== selinux-policy ====
Version update (20211111 -> 20220124)
Subpackages: selinux-policy-targeted
- Update to version 20220124. Refreshed:
* fix_hadoop.patch
* fix_init.patch
* fix_kernel_sysctl.patch
* fix_systemd.patch
* fix_systemd_watch.patch
- Added fix_hypervkvp.patch to fix issues with hyperv labeling
(bsc#1193987)
==== sendmail ====
Version update (8.17.0.3 -> 8.17.1)
Subpackages: libmilter1_0
- No snapshots
- Update to final version sendmail 8.17.1
* Several potential memory leaks and other similar problems
(mostly in error handling code) have been fixed.
Problems reported by Tomas Korbar of RedHat.
- Port patches to new version
* sendmail-8.14.7-select.dif
* sendmail-8.17.1.dif
==== snapper ====
Version update (0.9.0 -> 0.9.1)
Subpackages: libsnapper5 snapper-zypp-plugin
- added bash completion provided by community
- look for most configuration files in /etc/snapper and
/usr/share/snapper (bsc#1189601)
- version 0.9.1
==== solid ====
Subpackages: libKF5Solid5 solid-imports solid-tools
- Also use libplist-2.0 in SLE15-SP4/Leap 15.4
==== suse-module-tools ====
Version update (16.0.18 -> 16.0.19)
- Update to version 16.0.19:
* Add /etc/modprobe.d/README on SLE/Leap (bsc#1195051)
* rpm-script: force-copy kernel to /boot (boo#1194501)
==== tre ====
Subpackages: agrep libtre5 tre-lang
- require glibc-locale
==== u-boot-rpiarm64 ====
Subpackages: u-boot-rpiarm64-doc
Patch queue updated from https://github.com/openSUSE/u-boot.git tumbleweed-2022.01
* Patches added:
0016-mx6qsabrelite-Enable-DM_ETH-to-re-e.patch
0017-rockchip-sdhci-Fix-RK3399-eMMC-PHY-.patch
==== udisks2 ====
Subpackages: libudisks2-0 libudisks2-0_btrfs
- Stop packaging libudisks_vdo standalone module, it is deprecated.
Do this via passing explicit disable-vdo to configure and
dropping libblockdev-vdo-devel BuildRequires. Add a
libudisks2_0_vdo Obsoletes to ease updates.
- No longer remove upstream config files, we want to be able to
load modules on demand. Note that we move an example file to docs
to keep sysconfdir clean of non-conf files.
- Add a default_luks_encryption define, and set it to luks2, sed
this macro into source, future versions of udisks will not need
this, as upstream moves to luks2 by default.
- Ghost a dir/file created by us.
- Split out API docs into separate docs sub-package.
==== userspace-rcu ====
Version update (0.13.0 -> 0.13.1)
- update to 0.13.1:
* fix: properly detect 'cmpxchg' on x86-32
* fix: use urcu-tls compat with c++ compiler
* fix: remove autoconf features default value in help message
* fix: add missing pkgconfig file for memb flavour lib
* Make temporary variable in _rcu_dereference non-const
* Fix: x86 and s390: uatomic __hp() macro C++ support
* Fix: x86 and s390: uatomic __hp() macro clang support
* Fix: x86 and s390 uatomic: __hp() macro warning with gcc 11
==== util-linux ====
Version update (2.37.2 -> 2.37.3)
Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid-devel libuuid1
- update to 2.37.3 (bsc#1194976):
This release fixes two security mount(8) and umount(8) issues:
* CVE-2021-3996
Improper UID check in libmount allows an unprivileged user to unmount FUSE
filesystems of users with similar UID.
* CVE-2021-3995
This issue is related to parsing the /proc/self/mountinfo file allows an
unprivileged user to unmount other user's filesystems that are either
world-writable themselves or mounted in a world-writable directory.
==== vim ====
Version update (8.2.4063 -> 8.2.4186)
Subpackages: gvim vim-data vim-data-common
- Updated to version 8.2.4186, fixes the following problems
* Vim9: exported function in autoload script not found. (Yegappan Lakshmanan)
* Foam files are not detected.
* Computation overflow with large count for :yank.
* Vim9: imported autoload script loaded again.
* Vim9: cannot call imported function with :call. (Drew Vogel)
* Vim9: import test fails.
* Vim9: import test fails on MS-Windows.
* Using uninitialized memory when reading empty file.
* Vim9: no detection of return in try/endtry. (Dominique Pell�)
* Vim9: compiling function fails when autoload script is not loaded yet.
* Coverity warns for using NULL pointer.
* Going over the end of NameBuff.
* Test failures.
* Memory leak in autoload import.
* Not all Libsensors files are recognized.
* Terminal test for current directory not used on FreeBSD.
* MS-Windows: "gvim --version" didn't work when build with VIMDLL.
* Not sufficient test coverage for xxd.
* CodeQL reports problem in if_cscope causing it to fail.
* Check for autoload file name and prefix fails. (Christian J. Robinson)
* Vim9: no test for "vim9script autoload' and using script variable in
the same script.
* Memory leak when looking for autoload prefixed variable.
* Vim9: no test for using import in legacy script.
* "cctx" argument of find_func_even_dead() is unused.
* Cannot test items from an autoload script easily.
* Xxd cannot output everything in one line.
* Terminal test for current directory fails on FreeBSD.
* After restoring a session buffer order can be quite different.
* Virtcol is recomputed for statusline unnecessarily.
* MacOS CI: unnecessarily doing "Install packages".
* Cached breakindent values not initialized properly.
* 'virtualedit' is window-local but using buffer-local enum.
* Sed script not recognized by the first line.
* Linux CI: unnecessarily installing packages
* Wrong number in error message on 32 bit system. (John Paul Adrian Glaubitz)
* Typing "interrupt" at debug prompt may keep exception around, causing
function calls to fail.
* Vim9: cannot use Vim9 syntax in mapping.
* Early return when getting the 'formatlistpat' value.
* Warning for unused argument in tiny version.
* Vim9: import cannot be used after method.
* Vim9: variable declared in for loop not initialzed.
* Vim9: lower casing the autoload prefix causes problems.
* Translation related comment in the wrong place.
* Going over the end of the w_lines array.
* Script context not restored after using <ScriptCmd>.
* Going over the end of the w_lines array.
* MS-Windows: high dpi support is outdated.
* Coverity warns for using NULL pointer.
* Potential proglem when map is deleted while executing.
* Function not deleted at end of test.
* Typo on DOCMD_RANGEOK results in not recognizing command.
* Vim9: type checking for a funcref does not work for when it is used in
a method.
* Cannot use a method with a complex expression.
* Vim9: cannot use a method with a complex expression in a :def function.
* Vim9: wrong white space error after using imported item.
* Using UNUSED for argument that is used.
* Build failure when disabling the channel feature.
* Block insert goes over the end of the line.
* Visual test fails on MS-Windows.
* ":command Cmd" does not show custom completion argument.
* Complete function cannot be import.Name.
* Vim9: method in compiled function may not see script item.
* Completion tests fail.
* Crash on exit when built with dynamic Tcl and EXITFREE is
defined. (Dominique Pell�)
* Build failure without the +eval feature.
* Crash when method cannot be found. (Christian J. Robinson)
* Building with +sound but without +eval fails. (Dominique Pell�)
* MS-Windows: MSVC build may have libraries duplicated.
* Vim9: calling function in autoload import does not work in a :def function.
* Vim9: wrong error message when autoload script can't be found.
* output of ":scriptnames" goes into the message history, while this des
not happen for other commands, such as ":ls".
* MS-Windows: test for import with absolute path fails.
* Vim9: ":scriptnames" shows unloaded imported autoload script.
* Vim9: the "autoload" argument of ":vim9script" is not useful.
* Vim9: calling import with and without method is inconsistent.
* Vim9: no error for return with argument when the function does not
return anything.
* Using freed memory if an expression abbreviation deletes the abbreviation.
* maparg() does not indicate the type of script where it was defined.
* Vim9 builtin functions test fails.
* Build failure with normal features without persistent undo.
* MS-Windows: IME support for Win9x is obsolete.
* Cannot load libsodium dynamically.
* Confusing error when using name of import for a function.
* Vim9: shadowed function can be used in compiled function but not at
script level.
* E464 does not always include the offending command.
* Deleting any mapping may cause <ScriptCmd> to not set the script context.
* Test override not restored, autocommand left behind.
* Coverity warns for using pointer after free.
* Reading beyond the end of a line.
* Block insert with double wide character fails.
* MS-Windows: Global IME is no longer supported.
* ml_get error when exchanging windows in Visual mode.
* Translating strftime() argument results in check error.
* Fileinfo message overwrites echo'ed message.
* Terminal test fails because Windows sets the title.
* MS-Windows: memory leak in :browse.
* MS-Windows: _WndProc() is very long.
* Cannot change the register used for Select mode delete.
* Vim9: warning for missing white space after imported variable.
* Vim9: no error for redefining function with export.
* No error for omitting function name after autoload prefix.
* Error in legacy code for function shadowing variable.
* The nv_g_cmd() function is too long.
* Undo synced when switching buffer in another window.
* Vim9: error message for old style import.
* Disallowing empty function name breaks existing plugins.
* MS-Windows: unnessary casts and other minor things.
* MS-Windows: still using old message API calls.
* Cannot invoke option function using autoload import.
* Filetype detection for BASIC is not optimal.
* Cannot use an import in 'foldexpr'.
* Vim9: can use an autoload name in normal script.
* MS-Windows: runtime check for multi-line balloon is obsolete.
* Vim9: cannot use imported function with call().
* Vim9: autoload script not loaded after "vim9script noclear".
* Vim9: invalid error for return type of lambda when debugging.
* 'foldtext' is evaluated in the current script context.
* 'balloonexpr' is evaluated in the current script context.
* Vim9: cannot use an import in 'diffexpr'.
* Memory leak when evaluating 'diffexpr'.
* Cannot use an import in 'formatexpr'.
* Cannot use an import in 'includeexpr'.
* Cannot use an import in 'indentexpr'.
* Cannot use an import in 'patchexpr'.
==== vsftpd ====
- Added hardening to systemd service(s) (bsc#1181400). Modified:
* vsftpd.service
==== webkit2gtk3 ====
Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles
- Add webkit2gtk3-gcc12.patch: fix the build with gcc 12.
- Require glib2 2.44 to match source.
==== webkit2gtk3-soup2 ====
Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 typelib-1_0-JavaScriptCore-4_0 typelib-1_0-WebKit2-4_0 webkit2gtk-4_0-injected-bundles
- Add webkit2gtk3-gcc12.patch: fix the build with gcc 12.
- Require glib2 2.44 to match source.
==== wireplumber ====
Version update (0.4.6 -> 0.4.7)
Subpackages: libwireplumber-0_4-0 wireplumber-audio
- Update to version 0.4.7:
* Fixed a regression in 0.4.6 that caused the selection of the
default audio sources and sinks to be delayed until some event,
which effectively caused losing audio output in many
circumstances (glfo#pipewire/wireplumber#148,
glfo#pipewire/wireplumber#150, glfo#pipewire/wireplumber#151,
glfo#pipewire/wireplumber#153)
* Fixed a regression in 0.4.6 that caused the echo-cancellation
pipewire module (and possibly others) to not work
* A default sink or source is now not selected if there is no
available route for it (glfo#pipewire/wireplumber#145)
* Fixed an issue where some clients would wait for a bit while
seeking (glfo#pipewire/wireplumber#146)
* Fixed audio capture in the endpoints-based policy
* Fixed an issue that would cause certain lua scripts to error
out with older configuration files
(glfo#pipewire/wireplumber#158)
- Drop patches already included upstream:
* 0001-policy-node-schedule-rescan-without-timeout-if-defined-target-is-not-found.patch
* 0002-policy-node-find-best-linkable-if-default-one-cannot-be-linked.patch
- Add patch from upstream to fix selection of Pro Audio nodes
as default nodes:
* 0001-default-nodes-handle-nodes-without-Routes.patch
==== wpa_supplicant ====
Version update (2.9 -> 2.10)
Subpackages: wpa_supplicant-gui
- update to 2.10.0:
* SAE changes
- improved protection against side channel attacks
[https://w1.fi/security/2022-1/]
- added support for the hash-to-element mechanism (sae_pwe=1 or
sae_pwe=2); this is currently disabled by default, but will likely
get enabled by default in the future
- fixed PMKSA caching with OKC
- added support for SAE-PK
* EAP-pwd changes
- improved protection against side channel attacks
[https://w1.fi/security/2022-1/]
* fixed P2P provision discovery processing of a specially constructed
invalid frame
[https://w1.fi/security/2021-1/]
* fixed P2P group information processing of a specially constructed
invalid frame
[https://w1.fi/security/2020-2/]
* fixed PMF disconnection protection bypass in AP mode
[https://w1.fi/security/2019-7/]
* added support for using OpenSSL 3.0
* increased the maximum number of EAP message exchanges (mainly to
support cases with very large certificates)
* fixed various issues in experimental support for EAP-TEAP peer
* added support for DPP release 2 (Wi-Fi Device Provisioning Protocol)
* a number of MKA/MACsec fixes and extensions
* added support for SAE (WPA3-Personal) AP mode configuration
* added P2P support for EDMG (IEEE 802.11ay) channels
* fixed EAP-FAST peer with TLS GCM/CCM ciphers
* improved throughput estimation and BSS selection
* dropped support for libnl 1.1
* added support for nl80211 control port for EAPOL frame TX/RX
* fixed OWE key derivation with groups 20 and 21; this breaks backwards
compatibility for these groups while the default group 19 remains
backwards compatible
* added support for Beacon protection
* added support for Extended Key ID for pairwise keys
* removed WEP support from the default build (CONFIG_WEP=y can be used
to enable it, if really needed)
* added a build option to remove TKIP support (CONFIG_NO_TKIP=y)
* added support for Transition Disable mechanism to allow the AP to
automatically disable transition mode to improve security
* extended D-Bus interface
* added support for PASN
* added a file-based backend for external password storage to allow
secret information to be moved away from the main configuration file
without requiring external tools
* added EAP-TLS peer support for TLS 1.3 (disabled by default for now)
* added support for SCS, MSCS, DSCP policy
* changed driver interface selection to default to automatic fallback
to other compiled in options
* a large number of other fixes, cleanup, and extensions
- drop wpa_supplicant-p2p_iname_size.diff, CVE-2021-30004.patch,
CVE-2021-27803.patch, CVE-2021-0326.patch, CVE-2019-16275.patch:
upstream
- refresh config from 2.10 defconfig, re-enable CONFIG_WEP
==== xapian-core ====
Version update (1.4.18 -> 1.4.19)
- update to 1.4.19:
* New QueryParser::FLAG_NO_POSITIONS flag. With this flag enabled, any query
operations which would use positional information are replaced by the nearest
equivalent which doesn't (so phrase searches, NEAR and ADJ will result in
OP_AND). This is intended to replace the automatic conversion of OP_PHRASE,
etc to OP_AND when a database has no positional information, which will no
longer happen in the release series after 1.4.
* Give a compile error for code which adds a Database to WritableDatabase.
Prior to 1.4.19, this compiled and effectively created a "black-hole" shard
which quietly discarded any changes made to it.
In 1.4.19 it's still possible to perform this operation by assigning the
WritableDatabase to a Database first, which is harder to fix. This case
throws an exception on git master where it's easier to address.
* Fix TermIterator::skip_to() with sharded databases which sometimes was
failing to advance all the way to the requested term. Uncovered while
addressing warning from GCC's -Wduplicated-cond, reported by dcb in #816.
* Clamp edit distance to one less than the length of the word we've been asked
to correct, which makes the algorithm we use more efficient. We already
require suggestion to have at least one character in common, so the only
change to suggestions is we'll no longer suggest corrections which are
twice as long or longer even if the edit distance would allow it, which
seems like an improvement in itself.
* Minor optimisation expanding wildcards.
* PostingIterator::get_description(): For an all-docs iterator on a glass
database, get_description() would call get_docid() which isn't valid to
do once the iterator has reached the end.
* Expand allterms test coverage.
* Fetch wdf upper bound from postlist which avoids an extra postlist table
cursor seek per weighted query term, and also means we now use a per-shard
wdf upper bound for local shards which will in typically give a tighter
weight upper bound which will tend to make various other matcher
optimisations more effective. Eric Wong reported this speeds up a
particularly slow case from ~2 minutes to ~3 seconds.
* Avoid triggering a pointless maximum weight recalculation if an unweighted
child of a MultiAndPostList prunes.
* Only check if the database has positional information when the query
uses positional information. This should help improve notmuch delete
performance. Thanks to andreas on #notmuch for analysis of the problem.
* Optimise Glass::Inverter::has_positions(). Use const auto& instead of just
auto for the loop variables. Reported to be faster by andreas on #notmuch.
* Cache result of Glass::Inverter::has_positions() since calculating it is
potentially very expensive, while maintaining a cached answer is very cheap.
* Add missing closing parenthesis to reported remote prog context, which has
been missing since this code was first added over 20 years ago!
==== xen ====
Subpackages: xen-libs xen-tools-domU
- bsc#1194576 - VUL-0: CVE-2022-23033: xen: arm:
guest_physmap_remove_page not removing the p2m mappings (XSA-393)
xsa393.patch
- bsc#1194581 - VUL-0: CVE-2022-23034: xen: a PV guest could DoS
Xen while unmapping a grant (XSA-394)
xsa394.patch
- bsc#1194588 - VUL-0: CVE-2022-23035: xen: insufficient cleanup of
passed-through device IRQs (XSA-395)
xsa395.patch
- bsc#1191668 - L3: issue around xl and virsh operation - virsh
list not giving any output
libxl-dont-try-to-free-a-NULL-list-of-vcpus.patch
libxl-dont-touch-nr_vcpus_out-if-listing-vcpus-and-returning-NULL.patch
==== xf86-input-libinput ====
Version update (1.2.0 -> 1.2.1)
- Enable tarball sig url too, verify tarball via keyring.
- Update to version 1.2.1
* few typos and misc minor fixes
* property added to turn off new high-resolution wheel scrolling
API
==== xlockmore ====
Version update (5.67 -> 5.68)
- update to 5.68:
* Updated xscreensaver port for xscreensaver-6.02.
* Various NetBsd install issues fixed including config.cygport.
* pam vulnerabiliy patch added thanks to Elmar Hoffmann, elho AT elho.net.
Card vulnerability may remain, see README.
* module fixes for deluxe, eyes, starfish, swirl, text3d2, module use is
still experimental.
* biof mode removed again (though was not building by default).
==== yast2 ====
Version update (4.4.39 -> 4.4.43)
Subpackages: yast2-logs
- ProductFeatures: add boot timeout option (jsc#SLE-22667)
- 4.4.43
- Added Y2Packager::NewRepositorySetup to track new repositories
(related to bsc#1194453)
- 4.4.42
- Fix PackageAI call to PackagesProposal.GetResolvable. It prevents
a crash when cloning a system (bsc#1195137).
- 4.4.41
- Use Package module instead of PackageSystem (bsc#1194886).
- 4.4.40
==== yast2-bootloader ====
Version update (4.4.14 -> 4.4.15)
- Use Package module instead of PackageSystem (bsc#1194886).
- 4.4.15
==== yast2-firewall ====
Version update (4.4.2 -> 4.4.3)
- Use Package module instead of PackageSystem (bsc#1194886).
- 4.4.3
==== yast2-installation ====
Version update (4.4.35 -> 4.4.37)
- Handle service name collision during upgrade (bsc#1194453),
do not delete the new services which have the same name
as an old service
- 4.4.37
- Adjusted Linux Security Module configuration wording
(related to jsc#SLE-22069).
- 4.4.36
==== yast2-iscsi-client ====
Version update (4.4.2 -> 4.4.3)
- adjust to ruby 3.0 (bsc#1195226)
- 4.4.3
==== yast2-kdump ====
Version update (4.4.1 -> 4.4.2)
- Use Package module instead of PackageSystem (bsc#1194886).
- 4.4.2
==== yast2-network ====
Version update (4.4.33 -> 4.4.35)
- jsc#SLE-22015
- make the code conform to inclusive naming, most masters and
slaves are gone. Kept only where makes sense - interface to
sysconfig
- "slave" was replaced by "port" as this naming is already used
by kernel code. "Master" was replaced by directly mentioning
"bond" (device) or "parent" in areas where the code is somehow
shared with e.g., bridge. Devices are not "enslaved" anymore,
but mostly "included".
- 4.4.35
- Use Package module instead of PackageSystem (bsc#1194886).
- 4.4.34
==== yast2-nfs-client ====
Version update (4.4.2 -> 4.4.3)
- Use Package module instead of PackageSystem (bsc#1194886).
- 4.4.3
==== yast2-nis-client ====
Version update (4.4.1 -> 4.4.2)
- Fixed testsuite failure during RPM build (bsc#1195194)
- 4.4.2
==== yast2-ntp-client ====
Version update (4.4.2 -> 4.4.3)
- Use Package module instead of PackageSystem (bsc#1194886).
- 4.4.3
==== yast2-packager ====
Version update (4.4.20 -> 4.4.21)
- Use Package module instead of PackageSystem (bsc#1194886).
- 4.4.21
==== yast2-samba-client ====
Version update (4.4.2 -> 4.4.3)
- Switch from file based krb5 ccache to kernel keyring;
(bsc#1109830);
- 4.4.3
==== yast2-samba-server ====
Version update (4.4.0 -> 4.4.1)
- Replace use of PackageSystem with Package to avoid core dumps;
(bsc#1195182).
- 4.4.1
==== yast2-security ====
Version update (4.4.8 -> 4.4.10)
Related to jsc#SLE-22069:
- AutoYaST LSM: only allow to select the desired LSM and the
SELinux mode.
- 4.4.10
- Use Package module instead of PackageSystem (bsc#1194886).
- 4.4.9
==== yast2-storage-ng ====
Version update (4.4.33 -> 4.4.34)
- Use Package module instead of PackageSystem (bsc#1194886).
- 4.4.34