Packages changed:
abseil-cpp
autoyast2 (4.4.33 -> 4.4.35)
baloo5
calligra
cyrus-imapd
discover
drkonqi5
fetchmail (6.4.27 -> 6.4.28)
filesystem
gcc11
gnome-tweaks (40.0 -> 40.10)
grub2
gtk3 (3.24.32 -> 3.24.33)
guile (3.0.7 -> 3.0.8)
hwdata (0.356 -> 0.357)
jack (1.9.19 -> 1.9.20)
kactivitymanagerd
kauth
kcm_sddm
kcron
kde-gtk-config5
kdeconnect-kde
kdelibs4support
kdenetwork-filesharing
khelpcenter5
kio-fuse
kscreenlocker
kwalletmanager5
kwayland
kwin5
libksysguard5
libnvme
libstorage-ng (4.4.92 -> 4.4.93)
libxklavier (5.3 -> 5.4)
mtools (4.0.37 -> 4.0.38)
ncurses (6.3.20220219 -> 6.3.20220226)
nodejs17 (17.5.0 -> 17.6.0)
openssh (8.8p1 -> 8.9p1)
paper
pcfclock
plasma5-desktop
plasma5-disks
plasma5-workspace
polkit-kde-agent-5
powerdevil5
python-colorama
raspberrypi-firmware
raspberrypi-firmware-config
rubygem-actioncable-7.0 (7.0.2.2 -> 7.0.2.3)
rubygem-actionmailbox-7.0 (7.0.2.2 -> 7.0.2.3)
rubygem-actionmailer-7.0 (7.0.2.2 -> 7.0.2.3)
rubygem-actionpack-7.0 (7.0.2.2 -> 7.0.2.3)
rubygem-actiontext-7.0 (7.0.2.2 -> 7.0.2.3)
rubygem-actionview-7.0 (7.0.2.2 -> 7.0.2.3)
rubygem-activejob-7.0 (7.0.2.2 -> 7.0.2.3)
rubygem-activemodel-7.0 (7.0.2.2 -> 7.0.2.3)
rubygem-activerecord-7.0 (7.0.2.2 -> 7.0.2.3)
rubygem-activestorage-7.0 (7.0.2.2 -> 7.0.2.3)
rubygem-activesupport-7.0 (7.0.2.2 -> 7.0.2.3)
rubygem-bootsnap (1.10.3 -> 1.11.1)
rubygem-rails-7.0 (7.0.2.2 -> 7.0.2.3)
rubygem-railties-7.0 (7.0.2.2 -> 7.0.2.3)
rubygem-rubocop (1.25.1 -> 1.26.0)
rubygem-rubocop-ast (1.15.2 -> 1.16.0)
subversion
sudo
systemd
tracker-miners (3.2.1 -> 3.2.2)
ufraw
upower (0.99.16 -> 0.99.16+4)
v4l2loopback
vlc (3.0.16 -> 3.0.17)
wireless-regdb (20220108 -> 20220218)
xdg-desktop-portal
xdg-desktop-portal-kde
yast2-trans (84.87.20220227.6bd7ce0ef2 -> 84.87.20220305.ba29422b84)
=== Details ===
==== abseil-cpp ====
- Fix build on SLE-12-SP5
==== autoyast2 ====
Version update (4.4.33 -> 4.4.35)
Subpackages: autoyast2-installation
- Properly handle the "dopackages" option in the openFile
method of the AyastSetup module (bsc#1196566).
- 4.4.35
- Avoid login while running AutoYaST init-scripts (bsc#1196594 and
related to bsc#1195059).
- 4.4.34
==== baloo5 ====
Subpackages: baloo5-file baloo5-file-lang baloo5-imports baloo5-kioslaves baloo5-kioslaves-lang baloo5-tools baloo5-tools-lang libKF5Baloo5 libKF5BalooEngine5 libKF5BalooEngine5-lang
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== calligra ====
- Add poppler-22.03.0.patch to fix build with poppler-22.03.0
==== cyrus-imapd ====
Subpackages: cyradm perl-Cyrus-IMAP perl-Cyrus-SIEVE-managesieve
- Add cyrus-imapd-2.4.22-fix-cve-2021-33582.patch: Fix CVE-2021-33582
- Add cyrus-imapd-2.4.22-recognize-new-backends.patch: Recognize
backends of Cyrus versions 3.6 and 3.7
==== discover ====
Subpackages: discover-backend-flatpak discover-backend-fwupd discover-backend-packagekit discover-lang
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== drkonqi5 ====
Subpackages: drkonqi5-lang
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== fetchmail ====
Version update (6.4.27 -> 6.4.28)
Subpackages: fetchmailconf
- update to 6.4.28:
* Updated spanish translation.
- fix typos in changelog.
==== filesystem ====
- Create tmpfiles.d which creates /usr/local on the fly
==== gcc11 ====
Subpackages: cpp11 gcc11-info gcc11-locale libasan6 libatomic1 libgcc_s1 libgfortran5 libgomp1 libhwasan0 libitm1 liblsan0 libobjc4 libstdc++6 libstdc++6-devel-gcc11 libstdc++6-locale libstdc++6-pp-gcc11 libtsan0 libubsan1
- Add a list of Obsoletes to libstdc++6-pp-gcc11 so updates from
packages provided by older GCC work. Add a requires from that
package to the corresponding libstc++6 package to keep those
at the same version. [bsc#1196107]
==== gnome-tweaks ====
Version update (40.0 -> 40.10)
- Update to version 40.10:
+ Fix for the broken GNOME Extensions link.
+ Fix build with meson 0.60 and newer.
+ Updated translations.
- Drop 86.patch: Fixed upstream.
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin
- Support saving grub environment for POWER signed grub images (jsc#SLE-23854)
* 0001-Add-grub_envblk_buf-helper-function.patch
* 0002-Add-grub_disk_write_tail-helper-function.patch
* 0003-grub-install-support-prep-environment-block.patch
* 0004-Introduce-prep_load_env-command.patch
* 0005-export-environment-at-start-up.patch
- Use enviroment variable in early boot config to looking up root device
* grub2.spec
- Remove obsolete openSUSE 12.2 conditionals in spec file
- Clean up powerpc certificate handling.
==== gtk3 ====
Version update (3.24.32 -> 3.24.33)
Subpackages: gtk3-data gtk3-immodule-amharic gtk3-immodule-inuktitut gtk3-immodule-thai gtk3-immodule-tigrigna gtk3-immodule-vietnamese gtk3-schema gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0
- Update to version 3.24.33:
+ No changes.
==== guile ====
Version update (3.0.7 -> 3.0.8)
Subpackages: guile-modules-3_0 libguile-3_0-1
- Update to version 3.0.8
* Important changes
* Avoid the need for a custom GMP allocator
This removes the need for the GUILE_INSTALL_GMP_MEMORY_FUNCTIONS
environment variable mentioned introduced with Guile 3.0.6
And deprecates the scm_install_gmp_memory_functions variable.
* New interfaces and functionality
* Typed vector copy functions in srfi srfi-4 gnu
See SRFI-4 - Guile extensions" in the manual.
* `bytevector-fill!' supports partial fill through optional arguments
* `vector-copy!' and `vector-copy' from (rnrs base) included in core
* New function bitvector-copy
* Other new optimizations
* Better optimization of "let" in right-hand-side of "letrec"
* Allow constant-folding for calls to "expt"
* Add ,optimize-cps REPL meta-command
* Improve alias analysis in common subexpression elimination
* Avoid argument-count checks for well-typed calls to known procedures
* Avoid return-value-count checks for calls to
known-return-arity procedures
* New deprecations
* Vector functions require vector arguments
* `scm_from_contiguous_typed_array' is deprecated
* Deprecate the "simple vector" concept, `scm_is_simple_vector'
* Deprecate internal contiguous array flag
* Deprecate symbol properties
Symbols used to have a "function slot" and a "property slot"
* Bug fixes
* Fix compilation of (ash x N), where N is a literal, at -O1 and below
* Texinfo and XML parsers are now thread-safe
* Fix crash when reading #nil
* Limit `ash' to left-shift by 2^32 bits
* Various other bug fixes, please refer to the NEWS file
- Drop upstream fixed
0007-Fix-non-revealed-port-is-closed-ports.test.patch
- Drop upstream fixed (commit b4a80f4239b19fea4d2cc3e9d197f24b809f0624)
gnulib-dynarray.patch
==== hwdata ====
Version update (0.356 -> 0.357)
- Update to version 0.357:
+ Updated pci, usb and vendor ids.
==== jack ====
Version update (1.9.19 -> 1.9.20)
Subpackages: libjack-devel libjack0 libjacknet0 libjackserver0
- Disable the build of example-tools which are now built in a
separate jack-example-tools package.
- update to 1.9.20:
* Add waf autooption --example-tools to allow optional build of
executables, libraries and man pages provided by
jack-example-tools (the files are built by default). Building
and installing the additional files can be disabled by using
- -example-tools=no or --no-example-tools.
* Fix 32-bit support in ALSA driver
* Fix incomplete ASIO support on Windows
* Fix metadata usage with multiple users
* Fix netsource tool missing on Windows
* Fix semaphore usage on macOS
* Official FreeBSD support
==== kactivitymanagerd ====
Subpackages: kactivitymanagerd-lang
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== kauth ====
Subpackages: libKF5Auth5 libKF5Auth5-lang libKF5AuthCore5
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== kcm_sddm ====
Subpackages: kcm_sddm-lang
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== kcron ====
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== kde-gtk-config5 ====
Subpackages: kde-gtk-config5-gtk3
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== kdeconnect-kde ====
Subpackages: kdeconnect-kde-zsh-completion
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== kdelibs4support ====
Subpackages: kdelibs4support-lang libKF5KDELibs4Support5
- Add patch to fix installation:
* 0001-Use-KDE_INSTALL_FULL_-variables-where-needed.patch
==== kdenetwork-filesharing ====
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== khelpcenter5 ====
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== kio-fuse ====
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== kscreenlocker ====
Subpackages: kscreenlocker-lang libKScreenLocker5
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== kwalletmanager5 ====
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== kwayland ====
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== kwin5 ====
Subpackages: kwin5-lang
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== libksysguard5 ====
Subpackages: ksysguardsystemstats-data libKSysGuardSystemStats1 libksysguard5-imports libksysguard5-lang
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== libnvme ====
- Update License information. The library is released under
LGPL-2.1-or-later and not LGPL-2.1-only.
==== libstorage-ng ====
Version update (4.4.92 -> 4.4.93)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- merge gh#openSUSE/libstorage-ng#862
- log some environment variables
- 4.4.93
==== libxklavier ====
Version update (5.3 -> 5.4)
- Update to version 5.4:
+ A couple of introspection fixes.
- Update URL, this version was never released on download.gnome.org
- Add explicit libxklavier16 (shared library) Requires in devel
sub-package (we already pulled it in via virtual provides).
- Use modern macros.
==== mtools ====
Version update (4.0.37 -> 4.0.38)
- update to 4.0.38:
* Make sure case byte is cleared when making the special
directory entries "." and ".."
* In mattrib man page, replace "attribute flags" with "attribute
bits"
==== ncurses ====
Version update (6.3.20220219 -> 6.3.20220226)
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen
- Add ncurses patch 20220226
+ fix issues found with coverity:
+ rewrite canonical_name() function of infocmp to ensure buffer size
+ corrected use of original tty-modes in tput init/reset subcommands
+ modify tabs program to limit tab-stop values to max-columns
+ add limit-checks for palette rgb values in test/ncurses.c
+ add a few null-pointer checks to help with static-analysis.
+ enforce limit on number of soft-keys used in c++ binding.
+ adjust a buffer-limit in write_entry.c to quiet a bogus warning from
gcc 12.0.1
==== nodejs17 ====
Version update (17.5.0 -> 17.6.0)
Subpackages: npm17
- update to 17.6.0:
* stream: revert map spec compliance
* esm: support https remotely and http locally under flag
* fs: support copy of relative links with cp and cpSync
* lib: add FormData global when fetch is enabled
* readline: bind keystroke ctrl+6 to redo
* process: deprecate multipleResolves
- Add upstream fix gcc12-fix.patch for GCC 12 compiler.
==== openssh ====
Version update (8.8p1 -> 8.9p1)
Subpackages: openssh-clients openssh-common openssh-server
- Version update to 8.9p1:
= Security
* sshd(8): fix an integer overflow in the user authentication path
that, in conjunction with other logic errors, could have yielded
unauthenticated access under difficult to exploit conditions.
This situation is not exploitable because of independent checks in
the privilege separation monitor. Privilege separation has been
enabled by default in since openssh-3.2.2 (released in 2002) and
has been mandatory since openssh-7.5 (released in 2017). Moreover,
portable OpenSSH has used toolchain features available in most
modern compilers to abort on signed integer overflow since
openssh-6.5 (released in 2014).
Thanks to Malcolm Stagg for finding and reporting this bug.
= Potentially-incompatible changes
* sshd(8), portable OpenSSH only: this release removes in-built
support for MD5-hashed passwords. If you require these on your
system then we recommend linking against libxcrypt or similar.
* This release modifies the FIDO security key middleware interface
and increments SSH_SK_VERSION_MAJOR.
= New features
* ssh(1), sshd(8), ssh-add(1), ssh-agent(1): add a system for
restricting forwarding and use of keys added to ssh-agent(1)
A detailed description of the feature is available at
https://www.openssh.com/agent-restrict.html and the protocol
extensions are documented in the PROTOCOL and PROTOCOL.agent
files in the source release.
* ssh(1), sshd(8): add the sntrup761x25519-sha512@openssh.com hybrid
ECDH/x25519 + Streamlined NTRU Prime post-quantum KEX to the
default KEXAlgorithms list (after the ECDH methods but before the
prime-group DH ones). The next release of OpenSSH is likely to
make this key exchange the default method.
* ssh-keygen(1): when downloading resident keys from a FIDO token,
pass back the user ID that was used when the key was created and
append it to the filename the key is written to (if it is not the
default). Avoids keys being clobbered if the user created multiple
resident keys with the same application string but different user
IDs.
* ssh-keygen(1), ssh(1), ssh-agent(1): better handling for FIDO keys
on tokens that provide user verification (UV) on the device itself,
including biometric keys, avoiding unnecessary PIN prompts.
* ssh-keygen(1): add "ssh-keygen -Y match-principals" operation to
perform matching of principals names against an allowed signers
file. To be used towards a TOFU model for SSH signatures in git.
* ssh-add(1), ssh-agent(1): allow pin-required FIDO keys to be added
to ssh-agent(1). $SSH_ASKPASS will be used to request the PIN at
authentication time.
* ssh-keygen(1): allow selection of hash at sshsig signing time
(either sha512 (default) or sha256).
* ssh(1), sshd(8): read network data directly to the packet input
buffer instead of indirectly via a small stack buffer. Provides a
modest performance improvement.
* ssh(1), sshd(8): read data directly to the channel input buffer,
providing a similar modest performance improvement.
* ssh(1): extend the PubkeyAuthentication configuration directive to
accept yes|no|unbound|host-bound to allow control over one of the
protocol extensions used to implement agent-restricted keys.
= Bugfixes
* sshd(8): document that CASignatureAlgorithms, ExposeAuthInfo and
PubkeyAuthOptions can be used in a Match block. PR277.
* sshd(8): fix possible string truncation when constructing paths to
.rhosts/.shosts files with very long user home directory names.
* ssh-keysign(1): unbreak for KEX algorithms that use SHA384/512
exchange hashes
* ssh(1): don't put the TTY into raw mode when SessionType=none,
avoids ^C being unable to kill such a session. bz3360
* scp(1): fix some corner-case bugs in SFTP-mode handling of
~-prefixed paths.
* ssh(1): unbreak hostbased auth using RSA keys. Allow ssh(1) to
select RSA keys when only RSA/SHA2 signature algorithms are
configured (this is the default case). Previously RSA keys were
not being considered in the default case.
* ssh-keysign(1): make ssh-keysign use the requested signature
algorithm and not the default for the key type. Part of unbreaking
hostbased auth for RSA/SHA2 keys.
* ssh(1): stricter UpdateHostkey signature verification logic on
the client- side. Require RSA/SHA2 signatures for RSA hostkeys
except when RSA/SHA1 was explicitly negotiated during initial
KEX; bz3375
* ssh(1), sshd(8): fix signature algorithm selection logic for
UpdateHostkeys on the server side. The previous code tried to
prefer RSA/SHA2 for hostkey proofs of RSA keys, but missed some
cases. This will use RSA/SHA2 signatures for RSA keys if the
client proposed these algorithms in initial KEX. bz3375
* All: convert all uses of select(2)/pselect(2) to poll(2)/ppoll(2).
This includes the mainloops in ssh(1), ssh-agent(1), ssh-agent(1)
and sftp-server(8), as well as the sshd(8) listen loop and all
other FD read/writability checks. On platforms with missing or
broken poll(2)/ppoll(2) syscalls a select(2)-based compat shim is
available.
* ssh-keygen(1): the "-Y find-principals" command was verifying key
validity when using ca certs but not with simple key lifetimes
within the allowed signers file.
* ssh-keygen(1): make sshsig verify-time argument parsing optional
* sshd(8): fix truncation in rhosts/shosts path construction.
* ssh(1), ssh-agent(1): avoid xmalloc(0) for PKCS#11 keyid for ECDSA
keys (we already did this for RSA keys). Avoids fatal errors for
PKCS#11 libraries that return empty keyid, e.g. Microchip ATECC608B
"cryptoauthlib"; bz#3364
* ssh(1), ssh-agent(1): improve the testing of credentials against
inserted FIDO: ask the token whether a particular key belongs to
it in cases where the token supports on-token user-verification
(e.g. biometrics) rather than just assuming that it will accept it.
Will reduce spurious "Confirm user presence" notifications for key
handles that relate to FIDO keys that are not currently inserted in at
least some cases. bz3366
* ssh(1), sshd(8): correct value for IPTOS_DSCP_LE. It needs to
allow for the preceding two ECN bits. bz#3373
* ssh-keygen(1): add missing -O option to usage() for the "-Y sign"
option.
* ssh-keygen(1): fix a NULL deref when using the find-principals
function, when matching an allowed_signers line that contains a
namespace restriction, but no restriction specified on the
command-line
* ssh-agent(1): fix memleak in process_extension(); oss-fuzz
issue #42719
* ssh(1): suppress "Connection to xxx closed" messages when LogLevel
is set to "error" or above. bz3378
* ssh(1), sshd(8): use correct zlib flags when inflate(3)-ing
compressed packet data. bz3372
* scp(1): when recursively transferring files in SFTP mode, create the
destination directory if it doesn't already exist to match scp(1) in
legacy RCP mode behaviour.
* scp(1): many improvements in error message consistency between scp(1)
in SFTP mode vs legacy RCP mode.
* sshd(8): fix potential race in SIGTERM handling PR289
* ssh(1), ssh(8): since DSA keys are deprecated, move them to the
end of the default list of public keys so that they will be tried
last. PR295
* ssh-keygen(1): allow 'ssh-keygen -Y find-principals' to match
wildcard principals in allowed_signers files
= Portability
* ssh(1), sshd(8): don't trust closefrom(2) on Linux. glibc's
implementation does not work in a chroot when the kernel does not
have close_range(2). It tries to read from /proc/self/fd and when
that fails dies with an assertion of sorts. Instead, call
close_range(2) directly from our compat code and fall back if
that fails. bz#3349,
* OS X poll(2) is broken; use compat replacement. For character-
special devices like /dev/null, Darwin's poll(2) returns POLLNVAL
when polled with POLLIN. Apparently this is Apple bug 3710161 -
not public but a websearch will find other OSS projects
rediscovering it periodically since it was first identified in
2005.
* Correct handling of exceptfds/POLLPRI in our select(2)-based
poll(2)/ppoll(2) compat implementation.
* Cygwin: correct checking of mbstowcs() return value.
* Add a basic SECURITY.md that refers people to the openssh.com
website.
* Enable additional compiler warnings and toolchain hardening flags,
including -Wbitwise-instead-of-logical, -Wmisleading-indentation,
- fzero-call-used-regs and -ftrivial-auto-var-init.
* HP/UX. Use compat getline(3) on HP-UX 10.x, where the libc version
is not reliable.
- Rebased patches:
* openssh-7.7p1-ldap.patch
* openssh-8.0p1-gssapi-keyex.patch
* openssh-8.1p1-audit.patch
* openssh-8.4p1-vendordir.patch
* openssh-reenable-dh-group14-sha1-default.patch
==== paper ====
- Package README with doc macro, the rest of docs are in standard
location.
- Add paper-rpmlintrc, filter out erroneous rpmlint warnings.
==== pcfclock ====
- use /lib/modprobe.d in 15.3, too
- Add code for safe modprobe.d migration
(https://en.opensuse.org/openSUSE:Packaging_UsrEtc)
==== plasma5-desktop ====
Subpackages: plasma5-desktop-emojier
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== plasma5-disks ====
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== plasma5-workspace ====
Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-lang plasma5-workspace-libs xembedsniproxy
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== polkit-kde-agent-5 ====
Subpackages: polkit-kde-agent-5-lang
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== powerdevil5 ====
Subpackages: powerdevil5-lang
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== python-colorama ====
- python-mock is actually not required for build
==== raspberrypi-firmware ====
- Install modprobe.conf files to %_modprobedir (bsc#1196275, jsc#SLE-20639)
==== raspberrypi-firmware-config ====
- Install modprobe.conf files to %_modprobedir (bsc#1196275, jsc#SLE-20639)
==== rubygem-actioncable-7.0 ====
Version update (7.0.2.2 -> 7.0.2.3)
- updated to version 7.0.2.3
* no changes
==== rubygem-actionmailbox-7.0 ====
Version update (7.0.2.2 -> 7.0.2.3)
- updated to version 7.0.2.3
* no changes
==== rubygem-actionmailer-7.0 ====
Version update (7.0.2.2 -> 7.0.2.3)
- updated to version 7.0.2.3
* no changes
==== rubygem-actionpack-7.0 ====
Version update (7.0.2.2 -> 7.0.2.3)
- updated to version 7.0.2.3
* no changes
==== rubygem-actiontext-7.0 ====
Version update (7.0.2.2 -> 7.0.2.3)
- updated to version 7.0.2.3
* no changes
==== rubygem-actionview-7.0 ====
Version update (7.0.2.2 -> 7.0.2.3)
- updated to version 7.0.2.3
* no changes
==== rubygem-activejob-7.0 ====
Version update (7.0.2.2 -> 7.0.2.3)
- updated to version 7.0.2.3
* no changes
==== rubygem-activemodel-7.0 ====
Version update (7.0.2.2 -> 7.0.2.3)
- updated to version 7.0.2.3
* no changes
==== rubygem-activerecord-7.0 ====
Version update (7.0.2.2 -> 7.0.2.3)
- updated to version 7.0.2.3
* no changes
==== rubygem-activestorage-7.0 ====
Version update (7.0.2.2 -> 7.0.2.3)
- updated to version 7.0.2.3
* Added image transformation validation via configurable allow-list.
Variant now offers a configurable allow-list for
transformation methods in addition to a configurable deny-list for arguments.
[CVE-2022-21831]
==== rubygem-activesupport-7.0 ====
Version update (7.0.2.2 -> 7.0.2.3)
- updated to version 7.0.2.3
* no changes
==== rubygem-bootsnap ====
Version update (1.10.3 -> 1.11.1)
- updated to version 1.11.1
* Fix the `can't modify frozen Hash` error on load path cache mutation. See #411.
[#] 1.11.0
* Drop dependency on `fileutils`.
* Better respect `Kernel#require` duck typing. While it almost never comes up in practice, `Kernel#require`
follow a fairly intricate duck-typing protocol on its argument implemented as `rb_get_path(VALUE)` in MRI.
So when applicable we bind `rb_get_path` and use it for improved compatibility. See #396 and #406.
* Get rid of the `Kernel.require_relative` decorator by resolving `$LOAD_PATH` members to their real path.
This way we handle symlinks in `$LOAD_PATH` much more efficiently. See #402 for the detailed explanation.
* Drop support for Ruby 2.3 (to allow getting rid of the `Kernel.require_relative` decorator).
==== rubygem-rails-7.0 ====
Version update (7.0.2.2 -> 7.0.2.3)
- updated to version 7.0.2.3
https://rubyonrails.org/2022/3/8/Rails-7-0-2-3-6-1-4-7-6-0-4-7-and-5-2-6-3-have-been-released
==== rubygem-railties-7.0 ====
Version update (7.0.2.2 -> 7.0.2.3)
- updated to version 7.0.2.3
* no changes
==== rubygem-rubocop ====
Version update (1.25.1 -> 1.26.0)
- updated to version 1.26.0
[#]## New features
* [#10419](https://github.com/rubocop/rubocop/pull/10419): Add new `Style/NestedFileDirname` cop. ([@koic][])
* [#10433](https://github.com/rubocop/rubocop/pull/10433): Support `TargetRubyVersion 3.2` (experimental). ([@koic][])
[#]## Bug fixes
* [#10406](https://github.com/rubocop/rubocop/pull/10406): Fix a false positive for `Lint/InheritException` when inheriting a standard lib exception class that is not a subclass of `StandardError`. ([@koic][])
* [#10421](https://github.com/rubocop/rubocop/issues/10421): Make `Style/DefWithParentheses` aware of endless method definition. ([@koic][])
* [#10401](https://github.com/rubocop/rubocop/issues/10401): Fix a false positive for `Style/HashSyntax` when local variable hash key and hash value are the same. ([@koic][])
* [#10424](https://github.com/rubocop/rubocop/pull/10424): Fix a false positive for `Security/YamlLoad` when using Ruby 3.1+ (Psych 4). ([@koic][])
* [#10446](https://github.com/rubocop/rubocop/pull/10446): Lint/RedundantDirGlobSort unset SafeAutoCorrect. ([@friendlyantz][])
* [#10403](https://github.com/rubocop/rubocop/issues/10403): Fix an error for `Style/StringConcatenation` when string concatenation with multiline heredoc text. ([@koic][])
* [#10432](https://github.com/rubocop/rubocop/pull/10432): Fix an error when using regexp with non-encoding option. ([@koic][])
* [#10415](https://github.com/rubocop/rubocop/issues/10415): Fix an error for `Lint/UselessTimes` when using `1.times` with method chain. ([@koic][])
[#]## Changes
* [#10408](https://github.com/rubocop/rubocop/pull/10408): Mark `Lint/InheritException` as unsafe auto-correction. ([@koic][])
* [#10407](https://github.com/rubocop/rubocop/pull/10407): Change `EnforcedStyle` from `runtime_error` to `standard_error` for `Lint/InheritException`. ([@koic][])
* [#10414](https://github.com/rubocop/rubocop/pull/10414): Update auto-gen-config's auto-correction comments to be more clear. ([@maxjacobson][])
* [#10427](https://github.com/rubocop/rubocop/issues/10427): Mark `Style/For` as unsafe auto-correction. ([@issyl0][])
* [#10410](https://github.com/rubocop/rubocop/issues/10410): Improve help string for `--fail-level` CLI option. ([@tejasbubane][])
==== rubygem-rubocop-ast ====
Version update (1.15.2 -> 1.16.0)
- updated to version 1.16.0
[#]## New features
* [#223](https://github.com/rubocop-hq/rubocop-ast/pull/223): Support `Parser::Ruby32` for Ruby 3.2 parser (experimental). ([@koic][])
==== subversion ====
Subpackages: libsvn_auth_gnome_keyring-1-0 libsvn_auth_kwallet-1-0 subversion-bash-completion subversion-perl subversion-server subversion-tools
- Fix testCrash_RequestChannel_nativeRead_AfterException test on
aarch64 and ppc64le, bsc#1195486 bsc#1193778
* fix-javahl-test.patch-
==== sudo ====
Subpackages: sudo-plugin-python
- Add sudo-1.9.9-honor-T_opt.patch
* the -T option of sudo does nothing even when
'Defaults user_command_timeouts' is present in the configuration.
* [bsc#1193446]
* Credit to Jaroslav Jindrak <dzejrou@gmail.com>
==== systemd ====
Subpackages: libsystemd0 libudev1 systemd-container systemd-devel udev
- Fix the default target when it's been incorrectly set to one of the runlevel
targets (bsc#1196567)
The script 'upgrade-from-pre-210.sh' used to initialize the default target
during migration from sysvinit to systemd. However it created symlinks to
runlevel targets, which are deprecated and might be missing when
systemd-sysvcompat package is not installed. If such symlinks are found the
script now renames them to point to 'true' systemd target units.
- When migrating from sysvinit to systemd (it probably won't happen anymore),
let's use the default systemd target, which is the graphical.target one. In
most cases it will do the right thing anyway.
==== tracker-miners ====
Version update (3.2.1 -> 3.2.2)
Subpackages: tracker-miner-files
- Update to version 3.2.2:
+ Backport seccomp rules for rseq and mbind syscalls.
+ Updated translations.
- Drop patches fixed upstream:
+ tracker-miners-allow-mbind.patch
+ tracker-miners-allow-rseq.patch
==== ufraw ====
Subpackages: gimp-ufraw
- Pkgconfig'fy spec: Align with what configure actually checks for:
+ Drop the following BuildRequires: gimp-devel, lensfun-devel,
libexiv2-devel, liblcms2-devel, libpng-devel, libtiff-devel and
cfitsio-devel.
+ Add the following BuildRequires: pkgconfig, pkgconfig(cfitsio),
pkgconfig(exiv2), pkgconfig(gimpui-2.0), pkgconfig(glib-2.0),
pkgconfig(gthread-2.0), pkgconfig(gtk+-2.0),
pkgconfig(gtkimageview), pkgconfig(lcms2), pkgconfig(lensfun),
pkgconfig(libpng) and pkgconfig(libtiff-4).
- Drop ufraw-lang Recommends: No longer needed.
- Tweak spec, use make_build macro.
==== upower ====
Version update (0.99.16 -> 0.99.16+4)
Subpackages: libupower-glib3 typelib-1_0-UpowerGlib-1_0
- Update to version 0.99.16+4:
+ meson.build: Output correct paths for sbindir and datadir.
+ daemon: Initialize FD to -1 to avoid incorrect close.
+ input: Fix FD handling and let input stream close it.
+ linux: Set FD to -1 rather than 0 when closing delay inhibitor.
==== v4l2loopback ====
Subpackages: v4l2loopback-autoload v4l2loopback-kmp-default v4l2loopback-utils
- Fix modprobe.d location for 15.3 and earlier (bsc#1196275, jsc#SLE-20639)
==== vlc ====
Version update (3.0.16 -> 3.0.17)
Subpackages: libvlc5 libvlccore9 vlc-codec-gstreamer vlc-lang vlc-noX vlc-qt vlc-vdpau
- Update to version 3.0.17:
+ Core:
* Fix a regression in parsing secondary source MRLs
* Allow brackets in path part of URLs
+ Access:
* Fix support for screen capture on macOS with avcapture
* Fix closing of HTTP 1.x connections
* Improve HTTP2 memory usage
* Improve AVCapture module
* Improve AudioCD support (audio/data mixed mode, musicbrainz)
* Improve SMB compatibility by changing the read size
* Several improvements on the SRT modules (including streamID)
+ Decoders/Packetizers:
* Add support for DTS LBR
* Fix some HEVC hardware decoding on Windows and crashes when aspect ratio changes
* Fix hardware decoding for some AMD GPU drivers
* Add support for new Fourcc for E-AC3, AV1, GeoVision
* Fix crashes with VP9 streams
* Fix styling issues with subs tx3g (mp4) tracks
* Fix playback of live AV1 streams
+ Audio Output:
* iOS/tvOS: add support for spatial audio
* macOS: fix some channels ordering for > 5.1 channels
* Android: rework audio volume management
+ Video Output:
* Fix a D3D11 crash when the stream changes aspect ratio
+ Demux:
* Major overhaul of the adaptive streaming stack
* Support for DAV video files
* Add WebP image mapping
* Fix missing audio start of Opus audio in MKV/WebM
* Fix an infinite loop in MP4
* Fix attachments extractions in ogg files
* Support Uncompressed audio in mp4 (ISO/IEC 23003-5)
* Fix some lip sync issue in rare MPEG-TS streams
+ Interface:
* Qt/macOS: Fixup user provided URLs
* Add safe area handling on macOS
* Qt: improve preferences search
* Qt: fix --no-mouse-events option
+ Misc:
* Update YouTube script
* Fix Icecast directory parsing which could lead to missing entries
* Improve UPnP compatibility with some servers
- Drop vlc-srto_tsbpddelay.patch: fixed upstream.
==== wireless-regdb ====
Version update (20220108 -> 20220218)
- Update to version 20220218:
* wireless-regdb: update regulatory database based on preceding changes
* wireless-regdb: Update regulatory rules for the Netherlands (NL) on 6GHz
* wireless-regdb: Update regulatory rules for China (CN)
* wireless-regdb: Update regulatory rules for South Korea (KR)
* Revert "wireless-regdb: Update regulatory rules for South Korea (KR)"
* wireless-regdb: Update regulatory rules for Spain (ES) on 6GHz
* wireless-regdb: add 802.11ah bands to world regulatory domain
* wireless-regdb: add support for US S1G channels
* wireless-regdb: Update regulatory rules for France (FR) on 6 and 60 GHz
* wireless-regdb: Update regulatory rules for South Korea (KR)
==== xdg-desktop-portal ====
- Pass --docdir=%%{_defaultdocdir}/%%{name}/ to configure, install
docs in standard distro docs dir, and move to devel sub-package,
as it is developer documentation.
==== xdg-desktop-portal-kde ====
Subpackages: xdg-desktop-portal-kde-lang
- Replace %_libdir/libexec with %_libexecdir (boo#1174075)
==== yast2-trans ====
Version update (84.87.20220227.6bd7ce0ef2 -> 84.87.20220305.ba29422b84)
Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu
- Update to version 84.87.20220305.ba29422b84:
* Translated using Weblate (Chinese (China) (zh_CN))
* Translated using Weblate (Chinese (China) (zh_CN))
* Translated using Weblate (Chinese (China) (zh_CN))
* Translated using Weblate (Swedish)
* Translated using Weblate (Swedish)
* Translated using Weblate (Portuguese (Brazil))
* Translated using Weblate (Swedish)
* Translated using Weblate (Finnish)
* Translated using Weblate (Italian)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (Finnish)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (Finnish)
* Translated using Weblate (German)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (German)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (German)
* Translated using Weblate (French)
* Translated using Weblate (German)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* New POT for text domain 'autoinst'.
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (French)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (Spanish)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (French)
* Translated using Weblate (German)
* Translated using Weblate (French)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (German)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (French)
* Translated using Weblate (German)
* Translated using Weblate (Chinese (China) (zh_CN))
* Translated using Weblate (Slovak)
* Translated using Weblate (Chinese (China) (zh_CN))
* Translated using Weblate (German)