Packages changed:
apparmor
bluez
bzip2
fillup
fmt
freetype2 (2.12.0 -> 2.12.1)
fuse3 (3.10.5 -> 3.11.0)
gpg2 (2.3.4 -> 2.3.6)
kustomize
libapparmor
libdnf (0.66.0 -> 0.67.0)
libnetfilter_cthelper (1.0.0 -> 1.0.1)
libnetfilter_cttimeout (1.0.0 -> 1.0.1)
libqmi (1.30.4 -> 1.30.6)
libseccomp (2.5.3 -> 2.5.4)
libunwind (1.5.0 -> 1.6.2)
libxcb (1.14 -> 1.15)
libxml2 (2.9.13 -> 2.9.14)
mozilla-nss (3.76.1 -> 3.77)
open-iscsi
python-SQLAlchemy (1.4.35 -> 1.4.36)
raspberrypi-firmware-dt (2022.02.25 -> 2022.04.24)
rpm
snapper (0.10.1 -> 0.10.2)
sqlite3 (3.38.2 -> 3.38.3)
vim (8.2.4745 -> 8.2.4877)
weave
=== Details ===
==== apparmor ====
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor
- add php8-fpm-mr876.patch so that php8 php-fpm can read its config
(boo#1186267#c11)
- parser: add conflict with apparmor-utils < 3.0 to avoid aa-status
file conflict on upgrade (boo#1198958)
- utils: add missing dependency on apparmor-parser (boo#1198958#c4)
==== bluez ====
- add Requires(post): systemd for bluez-auto-enable-devices
* fixes boo#1198906
==== bzip2 ====
- Port rpmlintrc format to rpmlint 2.x.
==== fillup ====
- use https as url
==== fmt ====
- Replace obsolete macro %make_jobs by %cmake_build
==== freetype2 ====
Version update (2.12.0 -> 2.12.1)
- drop revert-ft212-subpixel-hinting-change.patch: upstream
- Update to 2.12.1:
- Loading CFF fonts sometimes made FreeType crash (bug introduced in
version 2.12.0)
- Loading a fully hinted TrueType glyph a second time (without
caching) sometimes yielded different rendering results if TrueType
hinting was active (bug introduced in version 2.12.0).
- The generation of the pkg-config file `freetype2.pc` was broken if
the build was done with cmake (bug introduced in version 2.12.0).
- The meson build no longer enforces both static and dynamic
versions of the library by default.
- The internal zlib library was updated to version 1.2.12. Note,
however, that FreeType is *not* affected by CVE-2018-25032 since
it only does decompression.
- Drop freetype-2.12.0-cff_slot_load-segfault.patch
- Drop 079a22da037835daf5be2bd9eccf7bc1eaa2e783.patch
==== fuse3 ====
Version update (3.10.5 -> 3.11.0)
- Update to version 3.11.0:
* Add support for flag FOPEN_NOFLUSH for avoiding flush on close.
* Fixed returning an error condition to ioctl(2)
==== gpg2 ====
Version update (2.3.4 -> 2.3.6)
- GnuPG 2.3.6:
* Up to five times faster verification of detached signatures,
doubled detached signing speed, threefold decryption speedup
for large files, nearly double the AES256.OCB encryption speed
* Add support for GeNUA cards
* Added and improved options for crypto options, and all-around
bug fixes
==== kustomize ====
- Remove dependency on binutils-gold as the package will be removed
in the future. Gold linker is unmaintained by the upstream project.
==== libapparmor ====
- add php8-fpm-mr876.patch so that php8 php-fpm can read its config
(boo#1186267#c11)
- parser: add conflict with apparmor-utils < 3.0 to avoid aa-status
file conflict on upgrade (boo#1198958)
- utils: add missing dependency on apparmor-parser (boo#1198958#c4)
==== libdnf ====
Version update (0.66.0 -> 0.67.0)
Subpackages: libdnf-repo-config-zypp libdnf2
- Update to 0.67.0:
* Add 'loongarch' support
* Use dnf solv userdata to check versions and checksum (rh#2027445)
* context: Substitute all repository config options (rh#2076853)
==== libnetfilter_cthelper ====
Version update (1.0.0 -> 1.0.1)
- Update to release 1.0.1
* Allow build on uclinux
* Resolve use-after-free in nfct_helper_free()
* Resolve double free in nfct-helper-add example
* Fixed incorrect netlink message building with multiple nfct
helper policies
- Drop fix_h_expect_policy_free.patch (merged)
==== libnetfilter_cttimeout ====
Version update (1.0.0 -> 1.0.1)
- Update to release 1.0.1
* Allow building on uclinux
==== libqmi ====
Version update (1.30.4 -> 1.30.6)
- Update to 1.30.6
* meson: fix 'export_packages' in GIR setup.
* net-port-manager: use unaligned netlink attribute length.
- Drop the unneeded rpmlintrc file
==== libseccomp ====
Version update (2.5.3 -> 2.5.4)
- Deactive python3 by default, it's just not a good idea for ring0.
- Update to release 2.5.4
* Update the syscall table for Linux v5.17.
* Fix minor issues with binary tree testing and with empty
binary trees.
* Minor documentation improvements including retiring the
mailing list.
- buildrequire python-rpm-macros
- reenable python bindings at least for the distro default python3
package:
- adds make-python-build.patch
==== libunwind ====
Version update (1.5.0 -> 1.6.2)
- update to 1.6.2:
* Fix off-by-one error in x86_64 stack frames
* Fix error in aarch64 unw_sigcontext
* resolve possible null pointer dereference
* Switch to C11 atomics
* RISC-V support
* aarch64 getcontext functionality
==== libxcb ====
Version update (1.14 -> 1.15)
Subpackages: libxcb-render0 libxcb-shm0 libxcb1
- buildrequire xcb-proto >= 1.15
- Update to version 1.15
* xcb_auth: Quiet -Wimplicit-fallthrough warning in get_authptr()
* Fix integer overflows in xcb_in.c
* Use the 'present' field to properly check that the XC-MISC
* Fix a memory leak
* Increment libtool version info for libxcb-dri3
* Add newline when printing auth/connection failure string to stderr
* Fix build on Windows
* Fix writev emulation on Windows
* c_client.py: Extract get_expr_field_names()
* c_client.py: Use get_expr_field_names directly to resolve list fields
* c_client: Extract _c_get_field_mapping_for_expr()
* c_client.py: Implement handling of <length> element
* tests: don't use deprecated fail_unless check API
* gitignore: add files generated by make check
* Avoid request counter truncation in replies map after 2**32 requests
* Fix hang in xcb_request_check()
* Improve/fix docs for reply fds functions
==== libxml2 ====
Version update (2.9.13 -> 2.9.14)
Subpackages: libxml2-2 libxml2-tools
- Update to 2.9.14:
* Security:
+ [CVE-2022-29824] Integer overflow in xmlBuf and xmlBuffer
+ Fix potential double-free in xmlXPtrStringRangeFunction
+ Fix memory leak in xmlFindCharEncodingHandler
+ Normalize XPath strings in-place
+ Prevent integer-overflow in htmlSkipBlankChars() and
xmlSkipBlankChars()
+ Fix leak of xmlElementContent
* Bug fixes:
+ Fix parsing of subtracted regex character classes
+ Fix recursion check in xinclude.c
+ Reset last error in xmlCleanupGlobals
+ Fix certain combinations of regex range quantifiers
+ Fix range quantifier on subregex
* Improvements:
+ Fix recovery from invalid HTML start tags
* Build system, portability:
+ Define LFS macros before including system headers
+ Initialize XPath floating-point globals
+ configure: check for icu DEFS
+ configure.ac: produce tar.xz only (GNOME policy)
+ CMakeLists.txt: Fix LIBXML_VERSION_NUMBER
+ Fix build with older Python versions
+ Fix --without-valid build
==== mozilla-nss ====
Version update (3.76.1 -> 3.77)
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs
- update to NSS 3.77
* Bug 1762244 - resolve mpitests build failure on Windows.
* bmo#1761779 - Fix link to TLS page on wireshark wiki
* bmo#1754890 - Add two D-TRUST 2020 root certificates.
* bmo#1751298 - Add Telia Root CA v2 root certificate.
* bmo#1751305 - Remove expired explicitly distrusted certificates
from certdata.txt.
* bmo#1005084 - support specific RSA-PSS parameters in mozilla::pkix
* bmo#1753535 - Remove obsolete stateEnd check in SEC_ASN1DecoderUpdate.
* bmo#1756271 - Remove token member from NSSSlot struct.
* bmo#1602379 - Provide secure variants of mpp_pprime and mpp_make_prime.
* bmo#1757279 - Support UTF-8 library path in the module spec string.
* bmo#1396616 - Update nssUTF8_Length to RFC 3629 and fix buffer overrun.
* bmo#1760827 - Add a CI Target for gcc-11.
* bmo#1760828 - Change to makefiles for gcc-4.8.
* bmo#1741688 - Update googletest to 1.11.0
* bmo#1759525 - Add SetTls13GreaseEchSize to experimental API.
* bmo#1755264 - TLS 1.3 Illegal legacy_version handling/alerts.
* bmo#1755904 - Fix calculation of ECH HRR Transcript.
* bmo#1758741 - Allow ld path to be set as environment variable.
* bmo#1760653 - Ensure we don't read uninitialized memory in ssl gtests.
* bmo#1758478 - Fix DataBuffer Move Assignment.
* bmo#1552254 - internal_error alert on Certificate Request with
sha1+ecdsa in TLS 1.3
* bmo#1755092 - rework signature verification in mozilla::pkix
==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0_2_0
- Updated to latest upstream version, tagged 2.1.7. Changes
included:
* updated/fixed test script
* updated build system
* several bug fixes, including one for bsc#1199264
==== python-SQLAlchemy ====
Version update (1.4.35 -> 1.4.36)
- update to 1.4.36:
* details on https://docs.sqlalchemy.org/en/14/changelog/changelog_14.html#change-1.4.36
* Fixed regression where the change made for #7861, released in version
1.4.33, that brought the Insert construct to be partially recognized as an
ORM-enabled statement
* Modified the DeclarativeMeta metaclass to pass cls.__dict__ into the
declarative scanning process to look for attributes, rather than the
separate dictionary passed to the type?s __init__() method
* Fixed a memory leak in the C extensions which could occur when calling upon
named members of Row when the member does not exist under Python 3
* Added a warning regarding a bug which exists in the Result.columns() method
when passing 0 for the index in conjunction with a Result that will return
a single ORM entity, which indicates that the current behavior of
Result.columns() is broken in this case as the Result object will yield scalar
values and not Row objects
* Fixed bug where ForeignKeyConstraint naming conventions using the
referred_column_0 naming convention key would not work if the foreign key
constraint were set up as a ForeignKey object rather than an explicit
ForeignKeyConstraint object.
==== raspberrypi-firmware-dt ====
Version update (2022.02.25 -> 2022.04.24)
- Use last patch commit date instead patch creation date when creating
device tree archive and package version. Patch creation date could be
much earlier than patch commit date, which could mislead which patches
are included inside the package.
For example:
commit 7e72dd813a175ea7bf166655217ce60fbd7d4a21
Author: Dom Cobley <popcornmix@gmail.com>
AuthorDate: Tue Oct 19 14:15:45 2021 +0100
Commit: Dom Cobley <popcornmix@gmail.com>
CommitDate: Mon Nov 29 16:26:09 2021 +0000
dt: Move VEC clock to clk-raspberrypi
Package which contain this commit was named 2021.11.19 while obviously it
has changes from 2021.11.29.
- Update to da91801ca1 (2022-04-24)
* overlays: Fix pitft28/35-resistive rotate params
* ARM: dts: Add i2c0mux node to Model B rev 1
* overlays: Add "drm" parameter to pitft28-resistive
* overlays: mipi-dbi-spi: width-mm and height-mm are mandatory
* Add support for the AudioInjector.net bare i2s sound card
* dtoverlays: Add overlay for Sony IMX258 image sensor
* ARM: dts: Enable PMU on Cortex-A72 in AArch32 state
* overlays/rpi-display: Add support for DRM driver
* Revert "update rpi-display-overlay.dts pins for 5.10+"
* overlays: Add overlay for MIPI DBI displays
* dtoverlays: Connect the backlight to the pitft35 display
* overlays: iqs550: Enable interrupt pull-down
* CM1&3 cam1_reg and cam1_reg_gpio fix
* dtoverlay: Add VCM option to ov5647 overlay
* dtoverlays: Add VCM option to imx219
* ARM: dts: bcm2711-rpi-ds: Disable the BCM2835 STC
==== rpm ====
Subpackages: librpmbuild9
- update rpm-shorten-changelog.diff: fix shortening of changelog,
the non-primary binary packages had the full changelog
- update macrosin.diff: remove binarychangelog cutoff setting,
this comes from rpm-config-SUSE now
==== snapper ====
Version update (0.10.1 -> 0.10.2)
Subpackages: libsnapper6
- fixed error handling when reading configs
(gh#openSUSE/snapper#715)
- version 0.10.2
==== sqlite3 ====
Version update (3.38.2 -> 3.38.3)
- update to 3.38.3:
* Fix a case of the query planner be overly aggressive with
optimizing automatic-index and Bloom-filter construction,
using inappropriate ON clause terms to restrict the size of the
automatic-index or Bloom filter, and resulting in missing rows
in the output.
* Other minor patches. See the timeline for details.
==== vim ====
Version update (8.2.4745 -> 8.2.4877)
Subpackages: vim-data-common vim-small
- Updated to version 8.2.4877, fixes the following problems
- fixes CVE-2022-1381 ( boo#1198596 )
* Using wrong flag for using bell in the terminal.
* Supercollider filetype not recognized.
* No filetype override for .sys files.
* Cannot use an imported function in a mapping.
* <script> is not expanded in autocmd context.
* Small pieces of dead code.
* Mapping <SID>name.Func does not work for script in autoload directory.
* Wrong 'statusline' value can cause illegal memory access.
* Error from setting an option is silently ignored.
* Still using cached values after unsetting some known environment variables.
* Cannot use <SID>FuncRef in completion spec.
* Build error without the +eval feature.
* List of libraries to suppress lsan errors is outdated.
* When using an LSP channel want to get the message ID.
* CurSearch highlight does not work for multi-line match.
* Using matchfuzzy() on a long list can take a while.
* Documentation for using LSP messages is incomplete.
* Using freed memory when using synstack() and synID() in WinEnter.
* Using invalid pointer with "V:" in Ex mode.
* CI uses an older gcc version.
* Function matchfuzzy() sorts too many items.
* KRL files using "deffct" not recognized.
* Openscad files are not recognized.
* CI: codecov upload sometimes does not work.
* Build warning with UCRT.
* Cannot easily mix expression and heredoc.
* Coverity warns for not checking return value.
* Old Coverity warning for not checking ftell() return value.
* Build failure without the +eval feature.
* Crash when using a number for lambda name.
* SpellBad highlighting does not work in Konsole.
* GTK: 'lines' and 'columns' may change during startup.
* Screendump tests fail because of a redraw.
* Pacman files use dosini filetype.
* lsan suppression is too version specific.
* Parsing an LSP message fails when it is split.
* Maxima files are not recognized.
* Accessing freed memory.
* Coverity warns for leaking memory.
* Lamba test with timer is flaky.
* Visual mode not stopped early enough if win_gotoid() goes to another
buffer. (Sergey Vlasov)
* Test for win_gotoid() in Visual mode fails on Mac.
* prop_find() does not find the right property.
* Large payload for LSP message not tested.
* The cursor may be in the in wrong place when using :redraw while editing
the cmdline.
* Lilypond filetype not recognized.
* Indent operator creates an undo entry for every line.
* Recognizing Maxima filetype even though it might be another.
* Compiler warning for not initialized variable.
* 'cursorbind' scrolling depends on whether 'cursorline' is set.
* File left behind after running cursorline tests.
* getwininfo() may get oudated values.
* t_8u option was reset even when set by the user.
* Popup does not use correct topline.
* Missing test update for adjusted t_8u behavior.
* Fix for cursorbind fix not fully tested.
* WinScrolled not always triggered when scrolling with the mouse.
* Expression in heredoc doesn't work for compiled function.
* CurSearch used for all matches in current line.
* A mapping using <LeftDrag> does not start Select mode.
* Processing key eveints in Win32 GUI is not ideal.
* Unused item in engine struct.
* Various things not properly tested.
* Missing changes in one file.
* Unused struct item.
* Pasting text while indent folding may mess up folds.
* Possible to leave a popup window with win_gotoid().
* Cannot build with older GTK version.
* Still using older codecov app in some places of CI.
* No test for what 8.2.4806 fixes.
* Unmapping simplified keys also deletes other mapping.
* Not simple programmatic way to find a specific mapping.
* Crash when imported autoload script was deleted.
* Setting ufunc to NULL twice.
* Concatenating more than 2 strings in a :def function is inefficient.
* Expression is evaluated multiple times.
* Can only get a list of mappings.
* .cshtml files are not recognized.
* Typo in variable name. (Gabriel Dupras)
* Fix for unmapping simplified key not fully tested.
* A key may be simplified to NUL.
* Possible endless loop if there is unused typahead.
* Crash when using maparg() and unmapping simplified keys.
* Passing zero instead of NULL to a pointer argument.
* Failure of mapping not checked for.
* Vim9: some lines not covered by tests.
* Modifiers not simplified when timed out or using feedkeys() with 'n" flag.
* Checking for absolute path is not trivial.
* Compiler warning for unused argument.
* Heredoc expression evaluated even when skipping.
* Empty string considered an error for expand() when 'verbose' is
set. (Christian Brabandt)
* expand("%:p") is not empty when there is no buffer name.
Bender)
* <C-S-I> is simplified to <S-Tab>.
* Duplicate code.
* Termcodes test fails.
* Crash when using uninitialized function pointer.
* Local completion with mappings and simplification not working.
* Gleam filetype not detected.
* Mksession mixes up "tabpages" and "curdir" arguments.
* Compiler warning for uninitialized variable.
* ANSI color index to RGB value not correct.
* CI with FreeBSD is a bit outdated.
* Array size does not match usage.
* Robot files are not recognized.
* MinGW compiler complains about unknown escape sequence.
* Yaml indent for multiline is wrong.
* K_SPECIAL may be escaped twice.
* wget2 files are not recognized.
* It is not easy to restore saved mappings.
* Vim9: test may fail when run with valgrind.
* Accessing freed memory in test without the +channel feature. (Dominique
Pell�)
* Vim9: script test fails.
* :startinsert right after :stopinsert does not work when popup menu is
still visible.
* Duplicate code in "get" functions.
* Listing of mapping with K_SPECIAL is wrong.
* When closing help window autocmds triggered for the wrong window.
* Expression in command block does not look after NL.
* Vim9: expression in :substitute is not compiled.
* Vim9: in :def function no error for using a range with a command that
does not accept one.
* Vim9: no error for using an expression only at the script level when
followed by an empty line.
* Vim9: using "else" differs from using "endif/if !cond".
* Win32 GUI: horizontal scroll wheel not handled properly.
==== weave ====
- Remove dependency on binutils-gold as the package will be removed
in the future. Gold linker is unmaintained by the upstream project.