Packages changed:
AppStream
ImageMagick (7.1.1.18 -> 7.1.1.19)
Mesa (23.2.0 -> 23.2.1)
Mesa-drivers (23.2.0 -> 23.2.1)
NetworkManager (1.44.0 -> 1.44.2)
bluez
bolt (0.9.5 -> 0.9.6)
chrony
crypto-policies
dLeyna
e2fsprogs
fde-tools
filesystem
gdm
geoclue2 (2.7.0 -> 2.7.1)
glibc
gnome-control-center (45.0 -> 45.0+34)
groff
groff-full
grub2
hplip (3.23.5 -> 3.23.8)
ibus
icewm (3.4.0 -> 3.4.3)
kernel-source (6.5.4 -> 6.5.6)
ldb (2.7.2 -> 2.8.0)
libX11 (1.8.6 -> 1.8.7)
libXpm (3.5.16 -> 3.5.17)
libXrandr (1.5.3 -> 1.5.4)
libev
libnvme
libqt5-qtbase (5.15.10+kde129 -> 5.15.11+kde134)
libqt5-qtdeclarative (5.15.10+kde26 -> 5.15.11+kde30)
libqt5-qtgraphicaleffects (5.15.10+kde0 -> 5.15.11+kde0)
libqt5-qtimageformats (5.15.10+kde9 -> 5.15.11+kde12)
libqt5-qtlocation (5.15.10+kde4 -> 5.15.11+kde4)
libqt5-qtmultimedia (5.15.10+kde3 -> 5.15.11+kde2)
libqt5-qtquickcontrols (5.15.10+kde0 -> 5.15.11+kde0)
libqt5-qtquickcontrols2 (5.15.10+kde6 -> 5.15.11+kde5)
libqt5-qtsensors (5.15.10+kde0 -> 5.15.11+kde0)
libqt5-qtspeech (5.15.10+kde1 -> 5.15.11+kde1)
libqt5-qtsvg (5.15.10+kde8 -> 5.15.11+kde6)
libqt5-qttools (5.15.10+kde3 -> 5.15.11+kde3)
libqt5-qttranslations (5.15.10+kde0 -> 5.15.11+kde0)
libqt5-qtvirtualkeyboard (5.15.10+kde0 -> 5.15.11+kde0)
libqt5-qtwayland (5.15.10+kde51 -> 5.15.11+kde59)
libqt5-qtwebchannel (5.15.10+kde3 -> 5.15.11+kde3)
libqt5-qtwebview (5.15.10+kde0 -> 5.15.11+kde0)
libqt5-qtx11extras (5.15.10+kde0 -> 5.15.11+kde0)
libqt5-qtxmlpatterns (5.15.10+kde0 -> 5.15.11+kde0)
libselinux
libsemanage
libsepol
libvpx (1.13.0 -> 1.13.1)
llvm17 (17.0.1 -> 17.0.2)
makedumpfile
mpg123 (1.32.2 -> 1.32.3)
netcfg
nvme-cli
parted
patterns-microos
perl
podman (4.7.0 -> 4.7.1)
policycoreutils
polkit-default-privs (1550+20230920.74aeded -> 1550+20231006.28f05f1)
python-SQLAlchemy (2.0.19 -> 2.0.21)
python-cryptography (41.0.3 -> 41.0.4)
python-dnspython
python-greenlet (3.0.0~rc3 -> 3.0.0)
python-psutil
python-urllib3 (2.0.4 -> 2.0.6)
rubygem-nokogiri
rubygem-ruby-dbus (0.23.0.beta2 -> 0.23.1)
samba (4.18.6+git.320.cfda27bacb -> 4.19.0+git.306.19d2e214c58)
selinux-policy
sg3_utils (1.48~20221101+1.142dace -> 1.48+1.889c3e3)
shadow (4.14.0 -> 4.14.1)
shim
slirp4netns (1.2.1 -> 1.2.2)
sof-firmware (2.2.6 -> 2023.09)
srt (1.5.2 -> 1.5.3)
systemd
talloc (2.4.0 -> 2.4.1)
tdb (1.4.8 -> 1.4.9)
tevent (0.14.1 -> 0.15.0)
u-boot-rpiarm64 (2023.07 -> 2023.10)
vte
xdg-desktop-portal
xscreensaver (6.06 -> 6.07)
xterm (384 -> 385)
zxing-cpp (2.0.0 -> 2.1.0)
=== Details ===
==== AppStream ====
Subpackages: libAppStreamQt2 libappstream4
- Enable vala support when building in SLE-15 SP6
- Fix condition in files section for the case where vala support
is disabled, where some files are being generated but were not
included
==== ImageMagick ====
Version update (7.1.1.18 -> 7.1.1.19)
Subpackages: ImageMagick-config-7-SUSE libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10
- version update to 7.1.1.19
* https://github.com/ImageMagick/Website/blob/main/ChangeLog.md
* fixes CVE-2023-5341 [bsc#1215939]
==== Mesa ====
Version update (23.2.0 -> 23.2.1)
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- Update to Mesa 23.2.1
* Mesa 23.2.1 is a new development release. People who are
concerned with stability and reliability should stick with a
previous release or wait for Mesa 23.2.2.
* Mesa 23.2.1 is an unusual first stable release due to the
accidentl tagging of 23.2.0 durring the rc cycle.
* Mesa 23.2.1 implements the OpenGL 4.6 API, but the version
reported by glGetString(GL_VERSION) or
glGetIntegerv(GL_MAJOR_VERSION) /
glGetIntegerv(GL_MINOR_VERSION) depends on the particular
driver being used. Some drivers don't support all the features
required in OpenGL 4.6. OpenGL 4.6 is **only** available if
requested at context creation. Compatibility contexts may
report a lower version depending on each driver.
* Mesa 23.2.1 implements the Vulkan 1.3 API, but the version
reported by the apiVersion property of the
VkPhysicalDeviceProperties struct depends on the particular
driver being used.
* More details in:
- -> https://gitlab.freedesktop.org/mesa/mesa/-/blob/23.2/docs/relnotes/23.2.1.rst
==== Mesa-drivers ====
Version update (23.2.0 -> 23.2.1)
Subpackages: Mesa-dri Mesa-gallium Mesa-libva
- Update to Mesa 23.2.1
* Mesa 23.2.1 is a new development release. People who are
concerned with stability and reliability should stick with a
previous release or wait for Mesa 23.2.2.
* Mesa 23.2.1 is an unusual first stable release due to the
accidentl tagging of 23.2.0 durring the rc cycle.
* Mesa 23.2.1 implements the OpenGL 4.6 API, but the version
reported by glGetString(GL_VERSION) or
glGetIntegerv(GL_MAJOR_VERSION) /
glGetIntegerv(GL_MINOR_VERSION) depends on the particular
driver being used. Some drivers don't support all the features
required in OpenGL 4.6. OpenGL 4.6 is **only** available if
requested at context creation. Compatibility contexts may
report a lower version depending on each driver.
* Mesa 23.2.1 implements the Vulkan 1.3 API, but the version
reported by the apiVersion property of the
VkPhysicalDeviceProperties struct depends on the particular
driver being used.
* More details in:
- -> https://gitlab.freedesktop.org/mesa/mesa/-/blob/23.2/docs/relnotes/23.2.1.rst
==== NetworkManager ====
Version update (1.44.0 -> 1.44.2)
Subpackages: NetworkManager-bluetooth NetworkManager-tui NetworkManager-wwan libnm0 typelib-1_0-NM-1_0
- Update to version 1.44.2:
+ Better log IPv4 Address Conflict Detection (ACD) conflicts
+ Remove the upper limit of 65535 for PIDs read from the PID file
+ Allow missing default gateway with oFono
+ Honor the CLICOLOR_FORCE environment variable
+ Fix generating connection with IPv6 method disabled vs ignored
+ Fix possible segmentation fault when doing a checkpoint
rollback
+ Documentation improvements
- Switch to source services, use explicit released tag.
==== bluez ====
Subpackages: bluez-auto-enable-devices bluez-cups libbluetooth3
- Moved btmgmt to main rpm of bluez. (jsc#PED-6216)
==== bolt ====
Version update (0.9.5 -> 0.9.6)
- update to 0.9.5:
* Compiler warnings and log messages for the domain not found were fixed.
==== chrony ====
Subpackages: chrony-pool-openSUSE
- Use make quickcheck instead of make check to avoid >1h build
times and failures due to timeouts. This was the default before
3.2 but it changed to make tests more reliable. Here a seed is
already set to get deterministic execution.
==== crypto-policies ====
Subpackages: crypto-policies-scripts
- Remove dependency on /usr/bin/python3, making scripts to depends on
the real python3 binary, not the link. bsc#1212476
==== dLeyna ====
- Remove executable bit from download_sync_controller.py. Fix
rpmlint warning.
==== e2fsprogs ====
Subpackages: libcom_err2 libext2fs2
- Update specfile to make sure regenerate_initrd_post macro is defined
==== fde-tools ====
- Add fde-tools-remove-redundant-2nd-pw-creation.patch to remove
the creation of the secondary password in 'add-secondary-key'
==== filesystem ====
- Add /run/lock (boo#1212926)
- Remove /var/spool/mail (boo#1179574)
- Remove obsolete home dir check. The filesystem package is not
meant to contain home directories of random system users anymore
- Create ghost symlinks also in pretrans, needed to get /var/run as
link right away
==== gdm ====
Subpackages: gdm-schema gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0
- Explicitly buildrequire /usr/bin/dbus-run-session: the
dbus package is being restructured to be usable with dbus-broker
and so far we just relied on implicit dependencies bringing this
in. Meson checks for it, so it is correct to BR it though.
==== geoclue2 ====
Version update (2.7.0 -> 2.7.1)
Subpackages: system-user-srvGeoClue typelib-1_0-Geoclue-2_0
- Update to version 2.7.1:
+ Add 'age' field to MLS locate queries
+ Location updates now always have an accuracy value
+ Improvements to NMEA parsing:
- Parse NMEA timestamps with sub-second accuracy
- Add default accuracy to NMEA RMC locations
- Ignore locations from GGA and RMC sentences if the GNSS fix
is not valid
+ Prioritize GNSS sources with a recent fix over other sources,
preventing location jumps
+ Install D-Bus policy in /usr/share, not /etc
+ Upgrade GLib / Gio dependency to version 2.68.0
+ Correct gi annotations in GClueSimple
+ Various small fixes
- Use ldconfig_scriptlets macro for post(un) handling.
==== glibc ====
Subpackages: glibc-extra glibc-locale glibc-locale-base nscd
- setxid-propagate-glibc-tunables.patch: Propagate GLIBC_TUNABLES in
setxid binaries
- tunables-string-parsing.patch: tunables: Terminate if end of input is
reached (CVE-2023-4911, bsc#1215501)
==== gnome-control-center ====
Version update (45.0 -> 45.0+34)
Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-user-faces
- Update to version 45.0+34:
+ network: fix editing connections without a device (boo#1215651)
+ mouse: Fix linked style of primary mouse button in RTL
+ privacy: Fix crash in the firmware security page
+ data:
- Fix label string
- Add missing wireguard-peer.ui to POTFILES.in
- Mark translatable strings yes
+ info-overview: Add more types of processor support
+ Updated translations.
- Switch to git checkout from stable branch, use explicit commit.
==== groff ====
- Define ext_man="%{?ext_man}%{!?ext_man:.gz}" shell variable in
the install directive, and replace "%{?ext_man}" with
"${ext_man:-}" to fix groff-gf.7.gz file ending up uncompressed
(despite the name) due to the use of %{?ext_man} in the mv/ln
TARGET parameter used for the preparation of Alternatives. Also
define a simple shell contruct which identifies whether the
manpage file is compressed. If not, it unsets the $ext_man
variable, then ajdusting the mv/ln calls. That's all necessary
because even though ext_man macro is defined, it doesn't mean the
file has the extension (which dependes whether the build script
compresses it).
==== groff-full ====
Subpackages: gxditview
- Define ext_man="%{?ext_man}%{!?ext_man:.gz}" shell variable in
the install directive, and replace "%{?ext_man}" with
"${ext_man:-}" to fix groff-gf.7.gz file ending up uncompressed
(despite the name) due to the use of %{?ext_man} in the mv/ln
TARGET parameter used for the preparation of Alternatives. Also
define a simple shell contruct which identifies whether the
manpage file is compressed. If not, it unsets the $ext_man
variable, then ajdusting the mv/ln calls. That's all necessary
because even though ext_man macro is defined, it doesn't mean the
file has the extension (which dependes whether the build script
compresses it).
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin
- Add patch to fix reading files from btrfs with "implicit" holes:
* 0001-fs-btrfs-Zero-file-data-not-backed-by-extents.patch
- Update the TPM 2.0 patches to support more RSA and ECC algorithms
* 0002-tpm2-Add-TPM-Software-Stack-TSS.patch
* 0003-protectors-Add-TPM2-Key-Protector.patch
* 0005-util-grub-protect-Add-new-tool.patch
- Remove build require for gcc-32bit, target platform didn't rely on libgcc
function shipped with compiler but rather using functions supplied in grub
directly.
- Add BuildIgnore to break cycle with the branding package
==== hplip ====
Version update (3.23.5 -> 3.23.8)
Subpackages: hplip-hpijs hplip-udev-rules
- Update to hplip 3.23.8
- Support for new printers:
* HP Color LaserJet Pro MFP 4301fdne
* HP Color LaserJet Pro MFP 4301fdwe
* HP Color LaserJet Pro MFP 4301cdwe
* HP Color LaserJet Pro MFP 4301cfdne
* HP Color LaserJet Pro MFP 4301cfdwe
* HP Color LaserJet Pro MFP 4302dwe
* HP Color LaserJet Pro MFP 4302fdne
* HP Color LaserJet Pro MFP 4302fdwe
* HP Color LaserJet Pro MFP 4302cdwe
* HP Color LaserJet Pro MFP 4302fdn
* HP Color LaserJet Pro MFP 4302fdw
* HP Color LaserJet Pro MFP 4303dw
* HP Color LaserJet Pro MFP 4303fdn
* HP Color LaserJet Pro MFP 4303fdw
* HP Color LaserJet Pro MFP 4303cdw
* HP Color LaserJet Pro MFP 4303cfdn
* HP Color LaserJet Pro MFP 4303cfdw
* HP Color LaserJet Pro 4201dne
* HP Color LaserJet Pro 4201dwe
* HP Color LaserJet Pro 4201cdne
* HP Color LaserJet Pro 4201cdwe
* HP Color LaserJet Pro 4202dne
* HP Color LaserJet Pro 4202dwe
* HP Color LaserJet Pro 4202dn
* HP Color LaserJet Pro 4202dw
* HP Color LaserJet Pro 4203dn
* HP Color LaserJet Pro 4203dw
* HP Color LaserJet Pro 4203cdn
* HP Color LaserJet Pro 4203cdw
* HP DeskJet 2800 All-in-One Printer series
* HP DeskJet 2800e All-in-One Printer series
* HP DeskJet Ink Advantage 2800 All-in-One Printer series
* HP DeskJet 4200 All-in-One Printer series
* HP DeskJet 4200e All-in-One Printer series
* HP DeskJet Ink Advantage 4200 All-in-One Printer series
* HP DeskJet Ink Advantage Ultra 4900 All-in-One Printer series
==== ibus ====
Subpackages: libibus-1_0-5 typelib-1_0-IBus-1_0
- macros.ibus:
* set %ibus_table_index_post() to %nil. it'll trigger ibus-table-createdb
to create_indexes() for the existing db. but according to upstream,
create_indexes() is now a dummy function, and it didn't bring
any performance improvements before. and on rpmlint side,
it will modify the final filelist.
==== icewm ====
Version update (3.4.0 -> 3.4.3)
Subpackages: icewm-config-upstream icewm-default icewm-lang
- Update to version 3.4.3:
* New preference "TaskBarShowWindowTitles" for icon-only task buttons.
* New winoption "doNotManage" to workaround bugs in picom for plank.
* When a battery has no data about full charge, use the capacity.
* When cascading windows, include the border size in the displacement.
* Let icewmbg interpret command-line file arguments relative to $PWD.
* Add a -f,--fork option to icewmbg to detach it from the terminal.
* Fix the Window List Menu for #144.
* Fix restoring from fullscreen with F11 in chromium for #141.
* Support tabs in the Window List Menu.
* Control the terminal in icewm-menu-fdo by option or environment.
* Let icewm-menu-fdo use a list of default terminals to choose from.
- Drop unknown config options:
* --enable-guievents
* --enable-antialiasing
* --enable-gradients
* --enable-shaped-decorations
==== kernel-source ====
Version update (6.5.4 -> 6.5.6)
- Linux 6.5.6 (bsc#1012628).
- NFS: Fix error handling for O_DIRECT write scheduling
(bsc#1012628).
- NFS: Fix O_DIRECT locking issues (bsc#1012628).
- NFS: More O_DIRECT accounting fixes for error paths
(bsc#1012628).
- NFS: Use the correct commit info in nfs_join_page_group()
(bsc#1012628).
- NFS: More fixes for nfs_direct_write_reschedule_io()
(bsc#1012628).
- NFS/pNFS: Report EINVAL errors from connect() to the server
(bsc#1012628).
- SUNRPC: Mark the cred for revalidation if the server rejects it
(bsc#1012628).
- NFSv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server
(bsc#1012628).
- NFSv4.1: fix pnfs MDS=DS session trunking (bsc#1012628).
- media: v4l: Use correct dependency for camera sensor drivers
(bsc#1012628).
- media: via: Use correct dependency for camera sensor drivers
(bsc#1012628).
- gfs2: Fix another freeze/thaw hang (bsc#1012628).
- netfs: Only call folio_start_fscache() one time for each folio
(bsc#1012628).
- btrfs: improve error message after failure to add delayed dir
index item (bsc#1012628).
- btrfs: remove BUG() after failure to insert delayed dir index
item (bsc#1012628).
- ext4: replace the traditional ternary conditional operator
with with max()/min() (bsc#1012628).
- ext4: move setting of trimmed bit into ext4_try_to_trim_range()
(bsc#1012628).
- ext4: do not let fstrim block system suspend (bsc#1012628).
- netfilter: nft_set_rbtree: use read spinlock to avoid datapath
contention (bsc#1012628).
- netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync()
in catchall GC (bsc#1012628).
- netfilter: nft_set_pipapo: stop GC iteration if GC transaction
allocation fails (bsc#1012628).
- netfilter: nft_set_hash: try later when GC hits EAGAIN on
iteration (bsc#1012628).
- netfilter: nf_tables: fix memleak when more than 255 elements
expired (bsc#1012628).
- netfilter: nf_tables: disallow rule removal from chain binding
(bsc#1012628).
- ASoC: meson: spdifin: start hw on dai probe (bsc#1012628).
- netfilter: nf_tables: disallow element removal on anonymous sets
(bsc#1012628).
- bpf: Avoid deadlock when using queue and stack maps from NMI
(bsc#1012628).
- bpf: Avoid dummy bpf_offload_netdev in __bpf_prog_dev_bound_init
(bsc#1012628).
- ALSA: docs: Fix a typo of midi2_ump_probe option for
snd-usb-audio (bsc#1012628).
- ALSA: seq: Avoid delivery of events for disabled UMP groups
(bsc#1012628).
- ASoC: rt5640: Revert "Fix sleep in atomic context"
(bsc#1012628).
- ASoC: rt5640: Fix sleep in atomic context (bsc#1012628).
- ASoC: rt5640: fix typos (bsc#1012628).
- ASoC: rt5640: Do not disable/enable IRQ twice on suspend/resume
(bsc#1012628).
- ASoC: rt5640: Enable the IRQ on resume after configuring
jack-detect (bsc#1012628).
- ASoC: rt5640: Fix IRQ not being free-ed for HDA jack detect mode
(bsc#1012628).
- bpf: Fix a erroneous check after snprintf() (bsc#1012628).
- selftests/bpf: fix unpriv_disabled check in test_verifier
(bsc#1012628).
- ALSA: hda/realtek: Splitting the UX3402 into two separate models
(bsc#1012628).
- netfilter: conntrack: fix extension size table (bsc#1012628).
- netfilter: nf_tables: Fix entries val in rule reset audit log
(bsc#1012628).
- Compiler Attributes: counted_by: Adjust name and identifier
expansion (bsc#1012628).
- uapi: stddef.h: Fix header guard location (bsc#1012628).
- uapi: stddef.h: Fix __DECLARE_FLEX_ARRAY for C++ (bsc#1012628).
- memblock tests: Fix compilation errors (bsc#1012628).
- ASoC: SOF: ipc4-topology: fix wrong sizeof argument
(bsc#1012628).
- net: microchip: sparx5: Fix memory leak for
vcap_api_rule_add_keyvalue_test() (bsc#1012628).
- net: microchip: sparx5: Fix memory leak for
vcap_api_rule_add_actionvalue_test() (bsc#1012628).
- net: microchip: sparx5: Fix possible memory leak in
vcap_api_encode_rule_test() (bsc#1012628).
- net: microchip: sparx5: Fix possible memory leaks in
test_vcap_xn_rule_creator() (bsc#1012628).
- net: microchip: sparx5: Fix possible memory leaks in
vcap_api_kunit (bsc#1012628).
- selftests: tls: swap the TX and RX sockets in some tests
(bsc#1012628).
- net/core: Fix ETH_P_1588 flow dissector (bsc#1012628).
- ALSA: seq: ump: Fix -Wformat-truncation warning (bsc#1012628).
- ASoC: hdaudio.c: Add missing check for devm_kstrdup
(bsc#1012628).
- ASoC: imx-audmix: Fix return error with devm_clk_get()
(bsc#1012628).
... changelog too long, skipping 859 lines ...
- commit f926df3
==== ldb ====
Version update (2.7.2 -> 2.8.0)
Subpackages: libldb2 python3-ldb
- Update to 2.8.0
* CVE-2023-0614 Not-secret but access controlled LDAP attributes can be discovered (bug 15270)
* pyldb: Raise an exception if ldb_dn_get_parent() fails
* Implement ldap_whoami in pyldb and add the RFC4532 LDB_EXTENDED_WHOAMI_OID definition
* Documentation and spelling fixes
* Add ldb_val -> bool,uint64,int64 parsing functions
* Split out ldb_val_as_dn() helper function
* add LDB_CHANGETYPE_MODRDN support to ldb_ldif_to_pyobject()
* add LDB_CHANGETYPE_DELETE support to ldb_ldif_to_pyobject()
* let ldb_ldif_parse_modrdn() handle names without 'rdn_name=' prefix
* Don't create error string if there is no error
* Avoid allocation and memcpy() for every wildcard match candidate
* Make ldb_msg_remove_attr O(n)
* pyldb: Throw error on invalid controls
* pyldb: remove py2 ifdefs
* Call tevent_set_max_debug_level(TEVENT_DEBUG_TRACE)
==== libX11 ====
Version update (1.8.6 -> 1.8.7)
Subpackages: libX11-6 libX11-data libX11-xcb1
- update to 1.8.7
This release contains fixes for the issues reported in security
advisory here:
https://lists.x.org/archives/xorg-announce/2023-October/003424.html
* fixes CVE-2023-43785 libX11: out-of-bounds memory access in
_XkbReadKeySyms() (boo#1215683)
* fixes CVE-2023-43786 libX11: stack exhaustion from infinite recursion
in PutSubImage() (boo#1215684)
* fixes CVE-2023-43787 libX11: integer overflow in XCreateImage()
leading to a heap overflow (boo#1215685)
along with:
* Fail XOpenDisplay() if server-provided default visual is invalid (!233)
* Bring XKB docs in line with actual implementation (!231, !228)
* Xutil.h: declare XEmptyRegion() and XEqualRegion() as Bool (!225)
* Assorted updates to en_US.UTF-8 compose keys (!213, !214, !215, !216,
!217, !219, !220, !222, !223, !226, !227, !229)
==== libXpm ====
Version update (3.5.16 -> 3.5.17)
- Update to 3.5.17
* This release contains fixes for the libXpm issues reported in
security advisory here:
https://lists.x.org/archives/xorg-announce/2023-October/003424.html
* fixes CVE-2023-43788 libXpm: out of bounds read in
XpmCreateXpmImageFromBuffer() (boo#1215686)
* fixes CVE-2023-43789 libXpm: out of bounds read on XPM with
corrupted colormap (boo#1215687)
==== libXrandr ====
Version update (1.5.3 -> 1.5.4)
- Update to version 1.5.4
This release fixes a bug where an invalid pointer (a pointer to the
middle of a buffer returned from malloc() instead of to the beginning
of the buffer) could be passed to free() when cleaning up after an
out-of-bounds output is found in the response from the X server to
XRRGetMonitors().
==== libev ====
- run signify only on Factory
==== libnvme ====
Subpackages: libnvme-mi1 libnvme1
- Enable tests during build
- Set git version tag
- Drop unused make dependency
- Drop unencessary minimum version depedency on meson.
- Re-enable libdbus feature. Upstream defaults changed.
==== libqt5-qtbase ====
Version update (5.15.10+kde129 -> 5.15.11+kde134)
Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 libqt5-qtbase-platformtheme-gtk3
- Enable the experimental native painting feature to improve
remote desktop performances (boo#1214915)
exporting QT_XCB_NATIVE_PAINTING is required to use the feature.
- Update to version 5.15.11+kde134, rebased upstream:
* Revert "Windows QPA: Add support to UiaRaiseNotificationEvent()"
* FileChooser portal: Make sure filter.name is not empty
* QPersistentModelIndex: fix UB (op< on unrelated pointers)
* Avoid crash when keysymToQtKey(keysym, Qt::ControlModifier) is called
* a11y atspi: translate coords for GetOffsetAtPoint the right way
* a11y atspi: Take dialog into account as top-level window
* a11y atspi: Fix incorrect use of x instead of y position
* macOS: Handle asynchronous deminiaturizing of windows
* QTranslator: generalize a UNIX-only path
* iOS, input panel: be more careful before enabling QIOSKeyboardListener
* Android: Fix flickering on window resize and show keyboard
* Android A11Y: Check for active surface before calling into native code
* xcb: Delete touch points without target windows
* Blacklist 1 tests in tst_QDBusConnection on ubuntu-20.04
* Fix CMake builds without ANDROID_SDK
* Blacklist 2 tests in tst_Http2 on ubuntu-20.04
* Blacklist 1 tests in tst_QSqlQuery on macos
* Defer creating the special shaders in the texture blitter
* tst_QSslSocket::serverCipherPreferencies - fix for OpenSSL v3
* QTemporaryFile: document rename() differences from QFile
* Doc: 3rd party: Fix reference to FreeType LICENSE.txt
* Update bundled libjpeg-turbo to version 2.1.4
* tst_QSsSocket: fix verifyClientCertificate with OpenSSL 3
* tst_QSslSocket: regenerate certificate used for setLocalCertificateChain
* tst_QSslSocket::protocolServerSide - make it work with OpenSSL v3
* tst_QSslSocket::oldErrorsOnSocketReuse - make it work with OpenSSL v3
* Update zconf.h prefixes to match zlib v1.2.12 update
* xcb: fix D&D in same xembed client
* xcb: use global coordinates for position of D&D for xembed client
* Doc: Update QMetaType::metaObject() descriptions
* BLACKLIST: tst_QGlyphRun::mixedScripts for Ubuntu 22.04
* BLACKLIST tst_qfont for Ubuntu 22.04
* BLACKLIST tst_QMenuBar::check_menuPosition for Ubuntu 22.04
* tst_QDtls::verifyClientCertficiate - update certs for OpenSSL v3
* QSslCertificate::toText(): add a file to compare against
* Fix the spelling of the word "combination"
* tst_QSslCertificate::pkcs12 - skip the test if OpenSSL version >= 3
* Android A11Y: Fix TalkBack scrolling behavior
* Android A11Y: Notify android about scroll events
* QCocoaDrag: don't add pasteboard items with non-absolute URLs
* QDirPrivate: pass input QList by cref
* tst_qbytearray: remove qCompress_data for QT_NO_COMPRESS
* QDeviceDiscoveryUDev: use NSDMI
* QAuthenticator: Fix crash when using NTLM / Negotiate
* Provide a native interface instance in minimal platform plugin
* Android: document the supported clipboard mimetypes
* Windows: Account for not finding child windows when calling ChildWindowFromPointEx
* iOS: Send touch events asynchronously to avoid deadlocking UIKit event loop
* Disable bitcode for iOS
* macOS: Ignore deprecation for ReleaseIconRef
* BLACKLIST tst_QApplication::sendEventsOnProcessEvents for Ubuntu 22.04
* Convert Latin1 to UTF-16 before passing to ICU API
* Doc: Remove repetition of word in text
* eglfs: Fix screen cloning when atomic is enabled
* Fix printing of dpr>1 images on Windows
* QHttp: Fix handling of redirect loaded from cache
* Doc: Fix return type of QLEInteger/QBEInteger post-in/decrement ops
* qmake: Fix installation of separate debug info for plugins
* iOS: ensure we close inputpanel after clearing focusobject
* Convert Latin1 to UTF-16 before passing to ICU API
* qputenv: defend against non-NUL-terminated QByteArray values
* QFontSubset: remove unused glyphName() overload
* Statically assert that the __mips_dsp code is only active on 32-bit
* QGtk3Theme: Ensure gtk uses the same windowing system as Qt
* tst_QFocusFrame: fix -Wparantheses
* Sync Vulkan device features between QVulkanWindow and QRhi
* SQLite: Update SQLite to v3.39.2
* Update freetype to 2.12.1
* corelib: Fix typos in documentation
* QAtomicInteger docs: mention bool and char8_t as 8-bit types
* qgraphicsitem_cast: replace 0 with nullptr
* Doc: Hide weak overload template magic from documentation
* Revert "QDateTime: fix adjusted datetime handling"
* Fix select handles disappears issues
* tst_QSslKey: prepare for the migration to OpenSSL v3
* tst_qnetworkreply: replace server.pem/key pair
* Disable unit testing setting up QTcpServer on special Apple interfaces
* qmake/msbuild: Turn off "use full paths in diagnostics" by default
* qmake/msbuild: Support all /DEBUG:xxx linker options
* qmake/msbuild: Support all /LTCG:xxx options
* Android A11Y: Add content change type to content change event
* Enabler for fractional scaling of text in Qt Quick
* macOS: Override logical DPI to 72
* Add QDom internalSubset implementation
* Fix tst_AndroidAssets, broken by recent changes on assets load speed
* Android: Improve loading speed of individual assets
* Darwin: Replace deprecated symbol kIOMasterPortDefault with equivalent
* macOS: Remove code for handling logical DPI changes
* Fix an incorrect invocation of llvm-readobj
* macOS: Ignore deprecation for kOnSystemDisk icon domain
* Copy only files that belongs to QML module
* Android: fix wrong position of cursor handle and editpopup menu in split screen
* Doc: Document QML_IMPORTS_PATH and QMLPATHS
* Add the missing RCC_DIR to '.qrc' paths when generating deployment settings
* Android: Fix the offset of the EditPopupMenu
... changelog too long, skipping 28 lines ...
* Don't use a deprecated function if built/linked with OpenSSL v3
==== libqt5-qtdeclarative ====
Version update (5.15.10+kde26 -> 5.15.11+kde30)
- Update to version 5.15.11+kde30, rebased upstream:
* Flickable: prevent fixup() from being called while dragging
* Adjust baselineOffset correctly when fontSizeMode == HorizontalFit
* QQmlVMEMetaObjectEndpoint: ensure property cache before accessing it
* Text: Re-layout the text when a alignment is set and the height grows
* Blacklist 1 tests in tst_qquickflickable on macos
* Fix fractional scaling of text in Qt Quick
* qqmlprivate.h: make static constexpr members c++11 compliant
* V4: Account for the guard pages when allocating stack space
* Blacklist 1 tests in tst_QQuickLoader on ubuntu-20.04
* Flickable: let changing contentItem pos also affect the drag starting pos
* Blacklist 1 tests in tst_QParallelAnimationGroupJob on macos
* StackLayout: Do not set size of children to (-1, -1)
* V4: Mark InternalClass parents when running GC
* A11Y: Send Scrolling Events when Flickable moves
* doc: Add missing PointerHandler.CanTakeOverFromItems enum value
* Qml: Don't crash on nested group properties with aliases
* QV4::CompiledData: fix GCC 12 -Werror=uninitialized errors
* QQuickText/Edit: fix C++20 -Wdeprecated-enum-enum-conversion warnings
* Android: Fix crash on tap handler with a S-Pen
* masm: fix -Wdeprecated-enum-enum-conversion
* Add listing of the components and scripts that belongs to the qml module
* QML: Port QV4::CompiledData::RegExp to new special integer bitfield
* QML: Port QV4::CompiledData::JSClassMember to new special integer bitfield
* QML: Port QV4::CompiledData::Object to new special integer bitfield
* QML: Port icutils::Node to new special integer bitfield
* QML: Port QV4::CompiledData::Lookup to new special integer bitfield
* QML: Port QV4::CompiledData::Binding to new special integer bitfield
* QML: Port QV4::CompiledData::Property to new special integer bitfield
* QML: Port QV4::CompiledData::Alias to new special integer bitfield
* QML: Port QV4::CompiledData::ParameterType to new special integer bitfield
* QML: Port QV4::CompiledData::Location to new special integer bitfield
* Fix Qt build with Python being in path with spaces
* Quick test lib: Account for DPR when grabbing sub-image
* qqw: Invalidate and reinitialize the scenegraph correctly
* Fix rendernode example wrt stacking
* Stop using the same buffer for vertex and index data
* Fix race condition on QQmlEnginePrivate::qml_debugging_enabled
* qqmlimport.cpp: remove unused qreadwritelock.h
* QQmlDebug: reliably print the debugger warning
* QQmlListCompositor: suppress GCC 12 -Warray-bounds warnings
* Doc: QQuickTextInput: Mark all readonly properties as such
* MouseArea: don't override preventStealing on mouse release
* MultiPointTouchArea: remap touchpoint positions when filtering
- Commits dropped by the rebase:
* Revert "Fix missing glyphs when using NativeRendering"
* Fix missing glyphs when using NativeRendering
- Update to version 5.15.10+kde31:
* QML: Make notify list thread safe
* QtQml: Clean up QQmlData ctor
* QRecyclePool: fix potential UB
* QQmlJs::MemoryPool: fix potential UB (pointer overflow)
* JIT: Add missing {STORE|LOAD}_ACC() to CreateCallContext
- Drop patches, now upstream:
* 0001-JIT-Add-missing-STORE-LOAD-_ACC-to-CreateCallContext.patch
==== libqt5-qtgraphicaleffects ====
Version update (5.15.10+kde0 -> 5.15.11+kde0)
- Update to version 5.15.11+kde0, rebased upstream:
* No code changes
==== libqt5-qtimageformats ====
Version update (5.15.10+kde9 -> 5.15.11+kde12)
- Update to version 5.15.11+kde12, rebased upstream:
* Add finding from oss-fuzz to tst_qicns
- Update to version 5.15.10+kde18:
* Update bundled libtiff to version 4.6.0
* Update bundled libtiff to version 4.5.1
* Update bundled libtiff to version 4.5.0
* Fix bundled libtiff compilation lzw warning and reading failure
* Update bundled libtiff to version 4.4.0
* Update bundled libwebp to version 1.3.2
* Update bundled libwebp to version 1.3.1
* Update bundled libwebp to version 1.3.0
* Update bundled libwebp to version 1.2.4
==== libqt5-qtlocation ====
Version update (5.15.10+kde4 -> 5.15.11+kde4)
- Update to version 5.15.11+kde4, rebased upstream:
* Revert "Make location-labs-plugin depend on features.opengl"
* Add check to getSatInfoFromNmea to avoid undefined behavior
* Fix undefined behavior in qlocationutils_readGsa()
* Use std::remove_if + QVector::erase to remove child pipes
* PositionSource: do not query lastKnownPosition if the source is inactive
* Android: fix crash on exit when QGeoAreaMonitorPolling is used
- Add patch to fix build of the Qt.labs.location QML plugin:
* 0001-Fix-build-of-Qt.labs.location-QML-plugin.patch
- Update to version 5.15.10+kde5:
* Update mapbox-gl-native
==== libqt5-qtmultimedia ====
Version update (5.15.10+kde3 -> 5.15.11+kde2)
- Update to version 5.15.11+kde2, rebased upstream:
* QAudioHelpers: fix C++20 -Werror,-Wdeprecated-enum-float-conversion
* Android: Align emit sequence
* QNX: fix KHR image handling
* Fix compile error on videonode plugin
==== libqt5-qtquickcontrols ====
Version update (5.15.10+kde0 -> 5.15.11+kde0)
- Update to version 5.15.11+kde0, rebased upstream:
* Blacklist Tests_StackLayout::test_addAndRemoveItems
* Blacklist Windows on Tests_StackLayout::test_addAndRemoveItems
* Blacklist 1 tests in qtquickcontrols on macos
* Blacklist 1 tests in qtquickcontrols on ubuntu-20.04
==== libqt5-qtquickcontrols2 ====
Version update (5.15.10+kde6 -> 5.15.11+kde5)
Subpackages: libQt5QuickControls2-5 libQt5QuickTemplates2-5
- Update to version 5.15.11+kde5, rebased upstream:
* Take over touch grab after initial delayed mouse press from Flickable
* Doc: Fix link to Scrollbar size property
==== libqt5-qtsensors ====
Version update (5.15.10+kde0 -> 5.15.11+kde0)
Subpackages: libQt5Sensors5 libQt5Sensors5-imports
- Update to version 5.15.11+kde0, rebased upstream:
* No code changes
==== libqt5-qtspeech ====
Version update (5.15.10+kde1 -> 5.15.11+kde1)
Subpackages: libQt5TextToSpeech5 libqt5-qtspeech-plugin-speechd
- Update to version 5.15.11+kde1, rebased upstream:
* No code changes
==== libqt5-qtsvg ====
Version update (5.15.10+kde8 -> 5.15.11+kde6)
- Update to version 5.15.11+kde6, rebased upstream:
* No code changes
==== libqt5-qttools ====
Version update (5.15.10+kde3 -> 5.15.11+kde3)
Subpackages: libqt5-qdbus libqt5-qtpaths
- Update to version 5.15.11+kde3, rebased upstream:
* qtattributionsscanner: Support multiple license files
* macdeployqt: Ignore repeated references to binary when parsing otool -L
* Build QtDesigner plugins in all configurations
* lupdate: Allow multiple specifiers after method signature
==== libqt5-qttranslations ====
Version update (5.15.10+kde0 -> 5.15.11+kde0)
- Update to version 5.15.11+kde0, rebased upstream:
* No code changes
==== libqt5-qtvirtualkeyboard ====
Version update (5.15.10+kde0 -> 5.15.11+kde0)
Subpackages: libQt5HunspellInputMethod5 libQt5VirtualKeyboard5 libqt5-qtvirtualkeyboard-hunspell
- Update to version 5.15.11+kde0, rebased upstream:
* Remove platform-dependent codes for XCB
==== libqt5-qtwayland ====
Version update (5.15.10+kde51 -> 5.15.11+kde59)
Subpackages: libQt5WaylandClient5 libQt5WaylandCompositor5
- Update to version 5.15.11+kde59, rebased upstream:
* Client: Avoid locking resizing in QWaylandShmBackingStore
* Client: Remove some surface commits
* tests: Fix tst_xdgshell::minMaxSize()
* Client: Commit the initial surface state explicitly
* Remove unused variables
* QtWaylandCompositor: includemocs
* QtWaylandClient: includemocs
* QtWaylandEglClientHwIntegrationPrivate: includemocs
* QtWaylandTextureSharing: includemocs
* QWaylandXdgShellIntegrationPlugin: includemocs
* QtWlShellIntegrationPrivate: includemocs
* Add missing QT_{BEGIN,END}_NAMESPACE
- Update to version 5.15.10+kde58:
* Client: Fix the mouse being stuck in pressed state after DnD
* client: Fix infinite recursion with text-input-v2
* Client: Fix buffer damage
* Replace scale with devicePixelRatio for non-integer scaling
* Convert cursor bitmap to supported format
* client: Fix crash on dnd updates after client facing drag ends
* Destroy frame queue before display
==== libqt5-qtwebchannel ====
Version update (5.15.10+kde3 -> 5.15.11+kde3)
Subpackages: libQt5WebChannel5 libQt5WebChannel5-imports
- Update to version 5.15.11+kde3, rebased upstream:
* No code changes
==== libqt5-qtwebview ====
Version update (5.15.10+kde0 -> 5.15.11+kde0)
Subpackages: libQt5WebView5 libQt5WebView5-imports
- Update to version 5.15.11+kde0, rebased upstream:
* Android: Make is possible to change setAllowFileAccess()
==== libqt5-qtx11extras ====
Version update (5.15.10+kde0 -> 5.15.11+kde0)
- Update to version 5.15.11+kde0, rebased upstream:
* No code changes
==== libqt5-qtxmlpatterns ====
Version update (5.15.10+kde0 -> 5.15.11+kde0)
Subpackages: libQt5XmlPatterns5 libqt5-qtxmlpatterns-imports
- Update to version 5.15.11+kde0, rebased upstream:
* Fix compilation with the recent qtbase
==== libselinux ====
Subpackages: libselinux1 selinux-tools
- Repair initrd libselinux check in selinux-ready
==== libsemanage ====
Subpackages: libsemanage-conf libsemanage2
- Remove build counter syncing for real
==== libsepol ====
- Enable LTO now (boo#1138813).
==== libvpx ====
Version update (1.13.0 -> 1.13.1)
- Update to version 1.13.1:
+ Bug fixes: Fix to a crash related to VP9 encoding.
https://crbug.com/1486441 (CVE-2023-5217)
- Drop CVE-2023-5217.patch: Fixed upstream.
==== llvm17 ====
Version update (17.0.1 -> 17.0.2)
- Update to version 17.0.2.
* This release contains bug-fixes for the LLVM 17.0.0 release.
This release is API and ABI compatible with 17.0.0.
- Rebase llvm-do-not-install-static-libraries.patch.
==== makedumpfile ====
- Add Support-struct-module_memory-on-Linux-6.4-and-.patch (jsc#PED-4593)
- Add ppc64-do-page-traversal-if-vmemmap_list-not-po.patch (bsc#1215364)
- Re-enable eppic on systems with old enough libeppic
==== mpg123 ====
Version update (1.32.2 -> 1.32.3)
Subpackages: libmpg123-0 mpg123-openal
- Update to version 1.32.3
* libmpg123, libsyn123: always ifdef LFS_LARGEFILE_64 (not
just if)
* libsyn123: re-introduce _32 wrappers in addition to
suffix-less ones (regression from 1.31, bug 363)
==== netcfg ====
- Remove ftpusers, none of our ftp servers uses that anymore
- Remove defaultdomain, NIS got dropped
- Remove hosts.equiv and hosts.lpd, the tools using them got
dropped long ago.
==== nvme-cli ====
Subpackages: nvme-cli-bash-completion
- Enable test during build
- Drop minimum version meson dependency
- Add asciidoc dependency
- Build documentation when requested
==== parted ====
Subpackages: libparted-fs-resize0 libparted2
- updated fatresize to version 0.2 which includes a man-page
removed patches:
- fatresize-fix-getting-dev-name.patch
==== patterns-microos ====
Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-base-microdnf patterns-microos-base-packagekit patterns-microos-base-zypper patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-desktop-common patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-ra_agent patterns-microos-ra_verifier patterns-microos-selinux patterns-microos-sssd_ldap
- Add RPMs for systemd-boot to DVD
- Only pull in health-checker if grub2 is installed, in other cases
it won't really work: With sd-boot, the default btrfs subvol is not
used, so rollbacks have no effect.
==== perl ====
Subpackages: perl-base
- Use 64-bit integers on all platforms
==== podman ====
Version update (4.7.0 -> 4.7.1)
- podman-docker: Provides docker to avoid conflicts
when using podman with docker-compose (bsc#1215926)
- Update to version 4.7.1:
* New version: v4.7.1
* Update RELEASE_NOTES.md for v4.7.1
* compat API: speed up network list
* inspect: ignore ENOENT during device lookup
* test/system: --env-file test fixes
* Revert "feat(env): support multiline in env-file"
* Revert "docs(env-file): improve document description"
* Revert "fix(env): parsing --env incorrect in cli"
* [CI:DOCS] update swagger version on docs.podman.io
* Fix locale issues with WSL version detection
* switch version to 4.7.1-dev
==== policycoreutils ====
Subpackages: policycoreutils-python-utils python3-policycoreutils
- Move dbus configuration file to /usr/share instead of /etc
- Add policycoreutils-rpmlintrc to suppress spurious rpmlint warnings
- Fix newrole debuginfo broken by mistaken 'noarch'
- Add GUI and DBUS subpackages
* Remove files now provided in upstream tarballs:
- Drop system-config-selinux.png
- Drop system-config-selinux.desktop
- Drop system-config-selinux.pam
- Drop system-config-selinux.console
- Drop selinux-polgengui.desktop
- Drop selinux-polgengui.console
- Refactor spec file
* Remove empty sandbox package definition
==== polkit-default-privs ====
Version update (1550+20230920.74aeded -> 1550+20231006.28f05f1)
- Update to version 1550+20231006.28f05f1:
* Whitelist policycoreutils-dbus actions (bsc#1213435)
==== python-SQLAlchemy ====
Version update (2.0.19 -> 2.0.21)
- Update to 2.0.21:
* Changes from 2.0.21:
https://docs.sqlalchemy.org/en/20/changelog/changelog_20.html#change-2.0.21
* Changes from 2.0.20:
https://docs.sqlalchemy.org/en/20/changelog/changelog_20.html#change-2.0.20
- Remove .gitignore files from source tree, removes all rpmlint
warnings.
==== python-cryptography ====
Version update (41.0.3 -> 41.0.4)
- update to 41.0.4:
* ~~~~~~~~~~~~~~~~~~~
* Updated Windows, macOS, and Linux wheels to be compiled with
OpenSSL 3.1.3.
* .. _v41-0-3:
==== python-dnspython ====
- Don't use curio.
==== python-greenlet ====
Version update (3.0.0~rc3 -> 3.0.0)
- Update to 3.0.0:
* No changes from 3.0rc3 aside from the version number.
- Ignore some slow and flaky tests
==== python-psutil ====
- Require /usr/bin/who only for suse_version > 1500: 15.X does not
provide it, but has it in coreutils.
- PEP517
- Clean up specfile from obsolete python2 stuff
==== python-urllib3 ====
Version update (2.0.4 -> 2.0.6)
- update to 2.0.6 (bsc#1215968, CVE-2023-43804):
* Added the Cookie header to the list of headers to strip from
requests when redirecting to a different host. As before, different
headers can be set via Retry.remove_headers_on_redirect
- 2.0.5:
* Allowed pyOpenSSL third-party module without any deprecation
warning. #3126
* Fixed default blocksize of HTTPConnection classes to match
high-level classes. Previously was 8KiB, now 16KiB. #3066
==== rubygem-nokogiri ====
- Buildrequire openssl gem to fix building with Ruby 3.0
==== rubygem-ruby-dbus ====
Version update (0.23.0.beta2 -> 0.23.1)
- 0.23.1
API:
* Add DBus::Object.dbus_reader_attr_accessor to declare a common use case
with a single call (gh#mvidner/ruby-dbus#140).
* BusConnection#request_name defaults to the simple use case: single owner
without queuing, failing fast; documented the complex use cases.
==== samba ====
Version update (4.18.6+git.320.cfda27bacb -> 4.19.0+git.306.19d2e214c58)
Subpackages: libsamba-policy0-python3 samba-ad-dc-libs samba-client samba-client-libs samba-libs samba-libs-python3 samba-python3
- Update to 4.19.0
* File doesn't show when user doesn't have permission if
aio_pthread is loaded; (bso#15453).
* ctdb_killtcp fails to work with --enable-pcap and libpcap ≥
1.9.1; (bso#15451).
* Logging to stdout/stderr with DEBUG_SYSLOG_FORMAT_ALWAYS can
log to syslog; (bso#15460).
* ‘samba-tool domain level raise’ fails unless given a URL;
(bso#15458).
* reply_sesssetup_and_X() can dereference uninitialized tmp
pointer; (bso#15420).
* missing return in reply_exit_done(); (bso#15430).
* TREE_CONNECT without SETUP causes smbd to use uninitialized
pointer; (bso#15432).
* Avoid infinite loop in initial user sync with Azure AD
Connect when synchronising a large Samba AD domain;
(bso#15401).
* Samba replication logs show (null) DN; (bso#15407).
* 2-3min delays at reconnect with
smb2_validate_sequence_number: bad message_id 2; (bso#15346).
* DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED can't be parsed;
(bso#15446).
* CID 1539212 causes real issue when output contains only
newlines; (bso#15438).
* KDC encodes INT64 claims incorrectly; (bso#15452).
* mdssvc: Do an early talloc_free() in _mdssvc_open();
(bso#15449).
* Windows client join fails if a second container CN=System
exists somewhere; (bso#9959).
* regression DFS not working with widelinks = true;
(bso#15435).
* Heimdal fails to build on 32-bit FreeBSD; (bso#15443).
* samba-tool ntacl get segfault if aio_pthread appended;
(bso#15441).
==== selinux-policy ====
Subpackages: selinux-policy-targeted
- Use /var/adm/update-scripts in macros.selinux-policy. The rpm state
directory doesn't exist on SUSE systems (bsc#1213593)
- Modified update.sh to require first parameter "full" to also
update container-selinux. For maintenance updates you usually
don't want it to be updated
==== sg3_utils ====
Version update (1.48~20221101+1.142dace -> 1.48+1.889c3e3)
Subpackages: libsgutils2-1_48-2
- udev rules: allow kernel command line overrides with
"udev.scsi_id_serial_src=LTVS" and "udev.scsi_symlink_src=LTVS"
Try these boot parameters if your system fails to detect SCSI
devices after update to sg3_utils 1.48.
- dracut.conf: add 00-scsi-sg3_config.rules (jsc#PED-6226)
- spec file:
* fix build dependencies for regenerate_initrd_posttrans
(bsc#1215772)
* add missing rules file
- Update to version 1.48
* udev rules: new, configurable scheme for creating symlinks for SCSI devices
(jsc#PED-6226)
See description of ".SCSI_ID_SERIAL_SRC" /usr/lib/udev/55-scsi-sg3_id.rules
and .SCSI_SYMLINK_SRC in /usr/lib/udev/58-scsi_symlink.rules
* decoding utilities: add -j/--json[=JO] and --js-file=JFN options
* sg_sat_datetime: new tool to access date/time on ATA devices using a SAT layer
* sg_z_act_query: new tool for sending zone activate/query commands
* sg_rem_rest_elem: new tool for removing or restoring elements
* sg_write_attr: support for SPC "Write Attirbute" command (for tapes)
* sg_ses: swap meaning of -H and -HH, add json support, use e.g.
"0:2" for range indicator
* sg_rtpg: fix response truncation
* sg_decode_sense: add --nodecode option
* sg_logs: fix --list and -lll options
* sg_modes: improve handling of ZBC disks
* sg_inq: add version descriptors from SPC6r08, add --quiet option
* sg_vpd: add --sinq_inraw=RFN option
* sg_turs: add --timeout= and --ascq= options
* sg_requests: add --timeout= option
* sg_sat_read_gplog: add --smart and --ppt options
* sgp_dd and sgm_dd: add --progress option
* sg_dd: add support for accessing NVMe devices via passthrough
* Bug fixes and minor fixes
- _service: simplify version processing, as we have a clean upstream version again
==== shadow ====
Version update (4.14.0 -> 4.14.1)
Subpackages: libsubid4 login_defs
- Update to 4.14.1:
Build system: Merge libshadow and libmisc into a single libshadow.
This fixes problems in the linker, which were reported at least
in Gentoo. #791
- Add Alejandro Colomar (new stable branch maintainer) to shadow.keyring
==== shim ====
- Don't require grub so shim can still be used with systemd-boot
- Update shim-install to fix boot failure of ext4 root file system
on RAID10 (bsc#1205855)
226c94ca5cfca Use hint in looking for root if possible
- Adopt the macros from fde-tpm-helper-macros to update the
signature in the sealed key after a bootloader upgrade
==== slirp4netns ====
Version update (1.2.1 -> 1.2.2)
- version update to 1.2.2
* Enabled reproducible builds (#324, #325, #326)
==== sof-firmware ====
Version update (2.2.6 -> 2023.09)
- Update to version 2023.09 (jsc#PED-6123,jsc#PED-6114,jsc#PED-6104,
jsc#PED-6067,jsc#PED-6045,jsc#PED-6036):
it's a combined tarball with different version to support multiple
platforms including Metor Lake
- Use cp instead of rsync for installation:
install-use-cp.patch
==== srt ====
Version update (1.5.2 -> 1.5.3)
- version update to 1.5.3
* New Features
- PR #2714: Added maximum BW limit for retransmissions. See SRTO_MAXREXMITBW.
* Important Bug Fixes
- PR #2632: Use overlapped WSASendTo to avoid UDP sending losses.
- PR #2766: Fixed spurious group read-ready epoll events.
- PR #2772: Fixed RCV buffer initialization in Rendezvous. ⚠️
- PR #2757: Fix memory leak on queuing connection initialization packets.
- PR #2745: Fix hang up on not enough space in the RCV buffer.
- PR #2740: Fix possible tsbpd() deadlock with processCtrlShutdown().
- PR #2692: Rejection not undertaken in rendezvous after KMX failure.
- PR #2774: Fix rendezvous connection mode when processing resulted in ACCEPT it was still sending rejection.
- PR #2778: Drop unencrypted packets in AES-GCM mode.
* Build
- PR #2779, #2780: Fix the build for targets without IP_ADD_SOURCE_MEMBERSHIP.
- PR #2784: Added missing public header files in Windows binary installer.
* Unit Tests
- PR #2681: Added custom main with transparent parameters.
* Documentation
- PR #2765: Updated the explicit information for binding to IPv6 wildcard.
- PR #2785: Fixed API doc: SRT_INVALID_SOCK
* https://github.com/Haivision/srt/releases/tag/v1.5.3
==== systemd ====
Subpackages: libsystemd0 libudev1 systemd-coredump systemd-doc udev
- rpmlintrc: allow systemd-network and systemd-container sub-packages to ship
shared libs. These are actually NSS plugins and are not really subject to
shlib policy.
- Drop 5000-core-manager-run-generators-directly-when-we-are-in-.patch
Since dracut-059+suse.447.g9d1fc722, this workaround is not needed anymore.
==== talloc ====
Version update (2.4.0 -> 2.4.1)
Subpackages: libtalloc2 python3-talloc
- Update to 2.4.1
* Remove remaining, but broken python2 support
* Spelling fixes
* Remove unneeded va_copy()
==== tdb ====
Version update (1.4.8 -> 1.4.9)
Subpackages: libtdb1 python3-tdb
- Update to 1.4.9
* Remove remaining, but broken python2 support
* Spelling fixes
* python: Safely clear structure members
==== tevent ====
Version update (0.14.1 -> 0.15.0)
Subpackages: libtevent0 python3-tevent
- Update to version 0.15.0
* remove py2 ifdefs
* python: Safely clear structure members
* the tevent_thread_call_depth API is updated
in order to allow better tracing.
* add tevent_set_max_debug_level() only and don't
pass TEVENT_DEBUG_TRACE to tevent_debug() callbacks by default.
* Spelling fixes
* Make use of epoll_create1() for epoll backend
* Optimize overhead in the epoll backend
==== u-boot-rpiarm64 ====
Version update (2023.07 -> 2023.10)
Subpackages: u-boot-rpiarm64-doc
- Fix update_git.sh
- Patch queue updated from https://github.com/openSUSE/u-boot.git tumbleweed-2023.10
* Patches added:
0017-rpi-fix-boot-on-RPi4-after-commit-c.patch - boo#1216036
- Add microchipmpfsicicle flavor
- Update to 2023.10:
* Full changelog available at:
https://source.denx.de/u-boot/u-boot/-/compare/v2023.07...v2023.10
==== vte ====
- Add f1a547f1dfebd8860021b6b727fa5d5717e9f143.patch: widget:
VteTerminalSpawnAsyncCallback's error is nullable. Fixes:
https://gitlab.gnome.org/GNOME/vte/-/issues/2647
==== xdg-desktop-portal ====
- Support building with meson 0.61.x used by SLE, where .pc files
in dataonly packages are installed to %_libdir unlike in
meson >= 0.62.0 where the default was changed to %_datadir.
==== xscreensaver ====
Version update (6.06 -> 6.07)
Subpackages: xscreensaver-data xscreensaver-lang
- update to 6.07:
* New hacks, droste, skulloop, papercube and cubocteversion
* xscreensaver-settings was sometimes turning off the DPMS
checkbox
* Log pid of caller of deactivate command, to give a hint about
who is preventing the screen from blanking
* Updates to sphereeversion.
* Added some new map sources to mapscroller.
* Various other minor bug fixes.
- leave a nice notice for a very angry upstream developer in
xscreensaver-disable-upgrade-nagging-message.patch
- drop xscreensaver-bsc1204744.patch, included upstream
==== xterm ====
Version update (384 -> 385)
Subpackages: xterm-bin xterm-resize
- update to 385:
* fixes for ReGIS (report by Ben Wong).
+ correct conversion from HLS to RGB
+ improve font-caching performance.
* update tables in wcwidth.c based on Unicode 15.1.0
* improve fastScroll resource:
+ suppress screen-refreshes for carriage-returns
+ add -jf option to simplify use of this resource.
+ add a control sequence for enabling/disabling the resource.
+ enable this feature by default
* extend title-stack feature to allow an additional parameter to
directly access the stack, like the XTPUSHCOLORS and XTPOPCOLORS
feature.
* correct size and position of box shown for double-cell character
which happens to be missing from the bitmap font (report by Peter
Fabinski).
* improved configure script:
+ add pattern for uClibc-ng to CF_XOPEN_SOURCE (report/patch by
Waldemar Brodkorb).
+ add configure options --with-utmp-path and --with-wtmp-path to
override configure script's check for utmp/wtmp pathnames
which are shown in the manual (Debian #1042767).
+ CF_XOPEN_SOURCE provides for defining _DEFAULT_SOURCE for
MinGW32 and MinGW64.
+ sed expression used to report gcc version now works with MinGW
* ensure that line-attributes are reset after drawing missing
character (report by Christian Weisgerber).
* update config.guess, config.sub
- rebased all patches
==== zxing-cpp ====
Version update (2.0.0 -> 2.1.0)
- Update to 2.1.0:
* Considerable performance improvements in linear symbol detection (up to 2x speedup in select use cases of ReadBarcodes)
* QRCode: major improvement in detection of high version symbols (see e.g. here)
* DMDetector: reduce runtime overhead of c++-20 builds
* Refactor Python wrapper so the sdist includes the core library code
* wasm wrapper: add function to reader to scan multiple barcode
* Added a C wrapper
* Python: improve error reporting
* DMDetector: fix potential dead-lock
* DMDecoder: support 144x144 symbols in legacy and compliant variants
- Remove the %check section since we are not building the tests.