Packages changed: Mesa (25.3.1 -> 25.3.3) Mesa-drivers (25.3.1 -> 25.3.3) MicroOS-release (20260101 -> 20260108) NetworkManager SDL3 (3.2.28 -> 3.4.0) alsa (1.2.15 -> 1.2.15.1) at-spi2-core (2.58.2 -> 2.58.3) c-ares (1.34.5 -> 1.34.6) curl (8.17.0 -> 8.18.0) dav1d (1.5.2 -> 1.5.3) fwupd kernel-firmware-bluetooth (20251228 -> 20260106) kernel-firmware-network (20250912 -> 20260106) kernel-firmware-platform kernel-firmware-qcom (20251228 -> 20260106) kernel-firmware-realtek kernel-source (6.18.2 -> 6.18.3) libaom libbytesize (2.11 -> 2.12) libdecor (0.2.2 -> 0.2.5) libdrm (2.4.130 -> 2.4.131) libevdev (1.13.5 -> 1.13.6) libfido2 (1.15.0 -> 1.16.0) libgcrypt libheif (1.20.2 -> 1.21.1) libpng16 (1.6.52 -> 1.6.53) libva (2.22.0 -> 2.23.0) ncurses (6.5.20251213 -> 6.6.20260103) pcsc-lite python-maturin (1.10.2 -> 1.11.2) python313-setuptools (78.1.1 -> 80.9.0) qt6-webengine rust-keylime (0.2.8+12 -> 0.2.8+96) sdl2-compat (2.32.60 -> 2.32.62) selinux-policy (20251219 -> 20260106) shadow systemd-presets-branding-Aeon systemd-presets-branding-MicroOS systemd-presets-common-SUSE tbb (2022.2.0 -> 2022.3.0) tslib (1.22 -> 1.24) userspace-rcu (0.15.3 -> 0.15.5) vim (9.1.1966 -> 9.1.2050) xterm (402 -> 406) yast2 (5.0.17 -> 5.0.18) zchunk (1.5.2 -> 1.5.3) === Details === ==== Mesa ==== Version update (25.3.1 -> 25.3.3) Subpackages: Mesa-libEGL1 Mesa-libGL1 libgbm1 - Update to Mesa 25.3.3 - -> https://docs.mesa3d.org/relnotes/25.3.3 - Update to Mesa 25.3.2 - -> https://docs.mesa3d.org/relnotes/25.3.2 ==== Mesa-drivers ==== Version update (25.3.1 -> 25.3.3) Subpackages: Mesa-dri Mesa-vulkan-device-select libvulkan_lvp - Update to Mesa 25.3.3 - -> https://docs.mesa3d.org/relnotes/25.3.3 - Update to Mesa 25.3.2 - -> https://docs.mesa3d.org/relnotes/25.3.2 ==== MicroOS-release ==== Version update (20260101 -> 20260108) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== NetworkManager ==== Subpackages: NetworkManager-bluetooth NetworkManager-tui NetworkManager-wwan libnm0 typelib-1_0-NM-1_0 - Use tmpfiles to create /var/lib/NetworkManager/ (PED-14769). ==== SDL3 ==== Version update (3.2.28 -> 3.4.0) - Update to release 3.4.0 * Improved interoperability between the 3D GPU API and the 2D rendering API, improved Emscripten support, improved pen handling, and native support for PNG images. * Added support for YUV textures and HDR colorspaces to the GPU 2D renderer. * Added support for textures with palettes. * Added enhanced support for 8BitDo, FlyDigi & Hand Held Legend SInput controllers. * Added atomic support for KMSDRM. ==== alsa ==== Version update (1.2.15 -> 1.2.15.1) - Update to alsa-lib 1.2.15.1: * various regression fixes, config updates - Drop previous patches that have been already included: 0001-ucm-use-closefrom-instead-of-close_range.patch 0002-ucm-exec-fix-maxfd-used-warning.patch 0003-conf-merge-card-specific-contents-per-file-whole-aft.patch 0004-conf-fix-possible-memory-leak-in-config_file_open-er.patch 0005-Revert-conf-fix-load_for_all_cards-do-not-merge-the-.patch 0006-conf-USB-Audio-define-pcm-configuration-block-only-o.patch 0007-conf-HDA-Intel-define-pcm-configuration-block-only-o.patch ==== at-spi2-core ==== Version update (2.58.2 -> 2.58.3) Subpackages: libatk-1_0-0 libatk-bridge-2_0-0 libatspi0 typelib-1_0-Atk-1_0 typelib-1_0-Atspi-2_0 - Update to version 2.58.3: + Fix atk_get_major_version etc not linking on C++ + python: Speed up __eq__ and __ne__ ==== c-ares ==== Version update (1.34.5 -> 1.34.6) - c-ares 1.35.6: * CVE-2025-62408: use-after-free in read_answers() (boo#1254738) * Ignore Windows IDN Search Domains until proper IDN support is added * Various bug fixes ==== curl ==== Version update (8.17.0 -> 8.18.0) Subpackages: libcurl4 - Update to 8.18.0: * Security fixes: - [bsc#1256105, CVE-2025-14017] ldap: call ldap_init() before setting the options - [bsc#1255731, CVE-2025-14524] curl_sasl: if redirected, require permission to use bearer - [bsc#1255734, CVE-2025-15224] libssh: require private key or user-agent for public key auth - [bsc#1255732, CVE-2025-14819] openssl: toggling CURLSSLOPT_NO_PARTIALCHAIN makes a different CA cache - [bsc#1255733, CVE-2025-15079] libssh: set both knownhosts options to the same file * Changes: - openssl: bump minimum OpenSSL version to 3.0.0 * Bugfixes: - alt-svc: more flexibility on same destination - altsvc: accept ma/persist per alternative entry - altsvc: make it one malloc instead of three per entry - asyn-ares: handle Curl_dnscache_mk_entry() OOM error - asyn-ares: remove hostname free on OOM - asyn-thrdd: fix Curl_async_getaddrinfo() on systems without getaddrinfo - asyn-thrdd: release rrname if ares_init_options fails - auth: always treat Curl_auth_ntlm_get() returning NULL as OOM - autotools: add nettle library detection via pkg-config (for GnuTLS) - autotools: drop autoconf <2.59 compatibility code (zz60-xc-ovr) - autotools: fix LargeFile feature display on Windows (after prev patch) - autotools: tidy-up 'if' expressions - build: add build-level 'CURL_DISABLE_TYPECHECK' options - build: exclude clang prereleases from compiler warning options - build: replace '-pedantic' with '-Wpedantic' when supported - build: set '-Wno-format-signedness' - build: tidy-up MSVC CRT warning suppression macros - ccsidcurl: make curl_mime_data_ccsid() use the converted size - cf-h1-proxy: support folded headers in CONNECT responses - cf-https-connect: allocate ctx at first in cf_hc_create() - cf-socket: drop feature check for 'IPV6_V6ONLY' on Windows - cf-socket: enable Win10 'TCP_KEEP*' options with old SDKs - cf-socket: limit use of 'TCP_KEEP*' to Windows 10.0.16299+ at runtime - cf-socket: return OOM error if socket() fails due to OOM - cf-socket: trace ignored errors - cfilters: make conn_forget_socket a private libssh function - checksrc.pl: detect assign followed by more than one space - cmake: adjust defaults for target platforms not supporting shared libs - cmake: define dependencies as 'IMPORTED' interface targets - cmake: delete unused file 'CMake/CMakeConfigurableFile.in' - cmake: disable 'CURL_CA_PATH' auto-detection if 'USE_APPLE_SECTRUST=ON' - cmake: fix 'ws2_32' reference in 'curl-config.cmake' - cmake: honor 'CURL_DISABLE_INSTALL' and 'CURL_ENABLE_EXPORT_TARGET' - cmake: replace deprecated 'OPENSSL_FOUND' with 'OpenSSL_FOUND' - cmake: replace deprecated 'PERL_FOUND' with 'Perl_FOUND' - cmake: save and restore 'CMAKE_MODULE_PATH' in 'curl-config.cmake' - cmake: set found status to OFF when not found (for compression deps) - code: minor indent fixes before closing braces - config-win32.h: delete obsolete, non-Windows comments - config-win32.h: drop unused/obsolete 'CURL_HAS_OPENLDAP_LDAPSDK' - config2setopts: add space in cookie header with multiple -b - config2setopts: bail out if curl_url_get() returns OOM - config2setopts: exit if curl_url_set() fails on OOM - configure: delete unused variable - conncache: silence '-Wnull-dereference' on gcc 14 RISC-V 64 - conncontrol: reuse handling - connect: reshuffle Curl_timeleft_ms to avoid 'redundant condition' - connection: attached transfer count - content_encoding: avoid strcpy - cookie. return proper error on OOM - cookie: allocate the main struct once cookie is fine - cookie: flush better - cookie: only keep and use the canonical cleaned up path - cookie: propagate errors better, cleanup the internal API - cookie: return error on OOM - cookie: when parsing a cookie header, delay all allocations until okay - cshutdn: acknowledge FD_SETSIZE for shutdown descriptors - curl: fix progress meter in parallel mode - curl_fopen: do not pass invalid mode flags to 'open()' on Windows - curl_gssapi: make sure Curl_gss_log_error() has an initialized buffer - curl_ntlm_core: fix DES_* symbols for some wolfSSL builds - curl_quiche: refuse headers with CR, LF or null bytes - curl_sasl: make Curl_sasl_decode_mech compare case insensitively - curl_setup.h: document more funcs flagged by '_CRT_SECURE_NO_WARNINGS' - curl_setup.h: drop stray '#undef stat' (Windows) - curl_setup.h: drop superfluous parenthesis from 'Curl_safefree' macro - curl_threads: don't do another malloc if the first fails - curl_trc: delete unused DoH remains - CURLINFO: remove 'get' and 'get the' from each short desc - CURLINFO_SCHEME/PROTOCOL: they return the "scheme" for a "transfer" - CURLINFO_TLS_SSL_PTR.md: remove CURLINFO_TLS_SESSION text - CURLMOPT_SOCKETFUNCTION.md: fix the callback argument use - CURLOPT_ACCEPT_ENCODING.md: warn about the expansion - CURLOPT_FOLLOWLOCATION.md: s/Authentication:/Authorization:/ - CURLOPT_HAPROXY_CLIENT_IP.md: emphasize reused connection use - CURLOPT_READFUNCTION.md: clarify the size of the buffer - CURLOPT_SSH_KEYFUNCTION.md: fix minor indent mistake in example - curlx/fopen: replace open CRT functions their with '_s' counterparts (Windows) - curlx/multibyte: stop setting macros for non-Windows - curlx/strerr: use 'strerror_s()' on Windows - curlx: add 'curlx_rename()', fix to support long filenames on Windows - curlx: curlx_strcopy() instead of strcpy() - curlx: limit use of system allocators to the minimum possible - curlx: replace 'mbstowcs'/'wcstombs' with '_s' counterparts (Windows) - curlx: replace 'sprintf' with 'snprintf' - curlx: use curl alloc in 'curlx_win32_stat()' (Windows) - curlx: use curlx allocators in non-memdebug builds (Windows) - DEPRECATE: add CMake <3.18 deprecation for April 2026 - digest: fix OWS and escaped quote handling ... changelog too long, skipping 207 lines ... * Remove patch curl-vtls-fix-CURLOPT_CAPATH-use.patch ==== dav1d ==== Version update (1.5.2 -> 1.5.3) - Update to version 1.5.3 * Misc small optimizations * RISC-V assembly optimizations for ipred, emu_edge and w_mask, and VLEN 512 for blend functions * Fix issue with ivf files with 0 frames in tools ==== fwupd ==== Subpackages: libfwupd3 typelib-1_0-Fwupd-2_0 - Actually build and install manpages: * These were originally removed because including them would have required pulling a nasty set of ghc/pandocs build dependencies directly into Ring 1 * fwupd upstream quickly reverted this change in 1.8.13, but the conditional to block building/installing the manpages by default was never removed from the specfile * This restores the fwupd manpages, which have been sorely missing in openSUSE for a couple years ==== kernel-firmware-bluetooth ==== Version update (20251228 -> 20260106) - Update to version 20260106 (git commit e272e0d1edce): * qca: Update Bluetooth WCN6750 1.1.3-00100 firmware to 1.1.3-00105 ==== kernel-firmware-network ==== Version update (20250912 -> 20260106) - Update to version 20260106 (git commit e272e0d1edce): * linux-firmware: add firmware for an8811hb 2.5G ethernet phy ==== kernel-firmware-platform ==== - Update aliases ==== kernel-firmware-qcom ==== Version update (20251228 -> 20260106) - Update to version 20260106 (git commit e272e0d1edce): * qcom: Update aic100 firmware files * firmware: Revert kernel_boot.elf due to license compliance issue ==== kernel-firmware-realtek ==== - Update aliases for more Realtek WiFi devices (bsc#1255777) ==== kernel-source ==== Version update (6.18.2 -> 6.18.3) Subpackages: kernel-64kb kernel-default - Linux 6.18.3 (bsc#1012628). - btrfs: do not skip logging new dentries when logging a new name (bsc#1012628). - btrfs: fix a potential path leak in print_data_reloc_error() (bsc#1012628). - bpf, arm64: Do not audit capability check in do_jit() (bsc#1012628). - bpf: Fix truncated dmabuf iterator reads (bsc#1012628). - bpf: Fix verifier assumptions of bpf_d_path's output buffer (bsc#1012628). - btrfs: fix memory leak of fs_devices in degraded seed device path (bsc#1012628). - btrfs: fix changeset leak on mmap write after failure to reserve metadata (bsc#1012628). - shmem: fix recovery on rename failures (bsc#1012628). - iomap: adjust read range correctly for non-block-aligned positions (bsc#1012628). - iomap: account for unaligned end offsets when truncating read range (bsc#1012628). - scripts/faddr2line: Fix "Argument list too long" error (bsc#1012628). - perf/x86/amd: Check event before enable to avoid GPF (bsc#1012628). - sched/deadline: only set free_cpus for online runqueues (bsc#1012628). - sched/fair: Revert max_newidle_lb_cost bump (bsc#1012628). - x86/ptrace: Always inline trivial accessors (bsc#1012628). - ACPICA: Avoid walking the Namespace if start_node is NULL (bsc#1012628). - ACPI: property: Use ACPI functions in acpi_graph_get_next_endpoint() only (bsc#1012628). - cpufreq: dt-platdev: Add JH7110S SOC to the allowlist (bsc#1012628). - ACPI: fan: Workaround for 64-bit firmware bug (bsc#1012628). - cpufreq: s5pv210: fix refcount leak (bsc#1012628). - cpuidle: menu: Use residency threshold in polling state override decisions (bsc#1012628). - x86/microcode: Mark early_parse_cmdline() as __init (bsc#1012628). - scripts: kdoc_parser.py: warn about Python version only once (bsc#1012628). - livepatch: Match old_sympos 0 and 1 in klp_find_func() (bsc#1012628). - crypto: ccp - Add support for PCI device 0x115A (bsc#1012628). - fs/ntfs3: Support timestamps prior to epoch (bsc#1012628). - kbuild: Use objtree for module signing key path (bsc#1012628). - ntfs: set dummy blocksize to read boot_block when mounting (bsc#1012628). - hfsplus: fix volume corruption issue for generic/070 (bsc#1012628). - hfsplus: fix missing hfs_bnode_get() in __hfs_bnode_create (bsc#1012628). - hfsplus: Verify inode mode when loading from disk (bsc#1012628). - hfsplus: fix volume corruption issue for generic/073 (bsc#1012628). - fs/ntfs3: check for shutdown in fsync (bsc#1012628). - wifi: rtl8xxxu: Fix HT40 channel config for RTL8192CU, RTL8723AU (bsc#1012628). - wifi: cfg80211: stop radar detection in cfg80211_leave() (bsc#1012628). - wifi: cfg80211: use cfg80211_leave() in iftype change (bsc#1012628). - wifi: mt76: mt792x: fix wifi init fail by setting MCU_RUNNING after CLC load (bsc#1012628). - wifi: brcmfmac: Add DMI nvram filename quirk for Acer A1 840 tablet (bsc#1012628). - btrfs: scrub: always update btrfs_scrub_progress::last_physical (bsc#1012628). - hfsplus: fix volume corruption issue for generic/101 (bsc#1012628). - gfs2: fix remote evict for read-only filesystems (bsc#1012628). - gfs2: Fix "gfs2: Switch to wait_event in gfs2_quotad" (bsc#1012628). - smb/server: fix return value of smb2_ioctl() (bsc#1012628). - ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency (bsc#1012628). - ksmbd: vfs: fix race on m_flags in vfs_cache (bsc#1012628). - Bluetooth: btusb: Add new VID/PID 2b89/6275 for RTL8761BUV (bsc#1012628). - Bluetooth: btusb: MT7922: Add VID/PID 0489/e170 (bsc#1012628). - Bluetooth: btusb: MT7920: Add VID/PID 0489/e135 (bsc#1012628). - Bluetooth: btusb: add new custom firmwares (bsc#1012628). - Bluetooth: btusb: Add new VID/PID 13d3/3533 for RTL8821CE (bsc#1012628). - Bluetooth: btusb: Add new VID/PID 0x0489/0xE12F for RTL8852BE-VT (bsc#1012628). - gfs2: Fix use of bio_chain (bsc#1012628). - net: fec: ERR007885 Workaround for XDP TX path (bsc#1012628). - netrom: Fix memory leak in nr_sendmsg() (bsc#1012628). - net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1012628). - net/mlx5: make enable_mpesw idempotent (bsc#1012628). - net/mlx5e: Avoid unregistering PSP twice (bsc#1012628). - net: phy: realtek: eliminate priv->phycr2 variable (bsc#1012628). - net: phy: realtek: eliminate has_phycr2 variable (bsc#1012628). - net: phy: realtek: allow CLKOUT to be disabled on RTL8211F(D)(I)-VD-CG (bsc#1012628). - net: phy: realtek: eliminate priv->phycr1 variable ... changelog too long, skipping 656 lines ... - commit 1fe1a93 ==== libaom ==== - Require aom-tools from the libaom-devel subpackage as the binaries it supplies are in AOMTargets.cmake - Remove static library from AOMTargets.cmake [boo#1255861] + libaom-cmake.patch ==== libbytesize ==== Version update (2.11 -> 2.12) - update to 2.12: * New minor release of the libbytesize library. This release contains fixes for an issue with compilation using the C23 standard and also includes some small testing infrastructure and CI changes. ==== libdecor ==== Version update (0.2.2 -> 0.2.5) Subpackages: libdecor-0-0 - update to 0.2.5: * libdecor: Fix set_visibility for SSD compositors * Don't commit frame when with no content set * Always apply limits no matter the window state * Only query border size when decorated ==== libdrm ==== Version update (2.4.130 -> 2.4.131) Subpackages: libdrm2 libdrm_amdgpu1 - update to 2.4.131 * support steam machine * avoid insecure getenv use ==== libevdev ==== Version update (1.13.5 -> 1.13.6) - update to 1.13.6: * include: sync event codes with kernel 6.18 ==== libfido2 ==== Version update (1.15.0 -> 1.16.0) - update to 1.16.0: * Added support for enterprise attestation. * Improved handling of invalid key handles in U2F key lookup; gh#819. * Fixed issue where storing small CTAP 2.1 largeBlobs failed; gh#826. * Fixed APDU chaining issues for certain authenticators; gh#818, gh#855. * Improved documentation and examples. * New API calls: - fido_cred_entattest; - fido_cred_set_entattest. ==== libgcrypt ==== - enable the Kyber PQ KEM (boo#1256108) ==== libheif ==== Version update (1.20.2 -> 1.21.1) - update to 1.21.1: * This patch release only fixes a build error with some GCC versions because of a missing #include. - update to 1.21.0: * This release adds full support for reading and writing HEIF image sequences. libheif will now encode HEIF image sequences with all included codecs. * Since HEIF image sequences are very similar to MP4 videos, this new version is also capable of decoding most MP4 videos (without audio, of course). * heif-enc documentation for sequence encoding * API documentation for reading and writing sequences * Support for image sequences with alpha channels. For most codecs, the alpha channel will be stored in a separate, auxiliary, monochrome track. For ISO/IEC 23001-17 (uncompressed) streams, the alpha channel is stored in the main video track. * Support for sequence track edit lists to define the number of sequence repetitions (without actually repeating the video data). * New encoder plugin using x264 to write H.264-compressed video streams and images. * The FFmpeg decoder plugin will now decode both H.265 and H.264. * Support for HEIF text items and language properties. * CVEs fixed: CVE-2025-68431 ==== libpng16 ==== Version update (1.6.52 -> 1.6.53) - update to 1.6.53: * Fixed a build failure on RISC-V RVV caused by a misspelled intrinsic. * Fixed a build failure with CMake 4.1 or newer, on Windows, when using Visual C++ without MASM installed. ==== libva ==== Version update (2.22.0 -> 2.23.0) Subpackages: libva-drm2 libva-wayland2 libva-x11-2 libva2 - update to 2.23.0: * va: add VAProfileH264High422 * va: add av1 profile2 * va: correct the description of segment id map buffer for vp9e * va: encode segmentation map refine * va: add defintions for segment id block size * trace: support more format surface dump * trace:add vpp output surface dump support * trace: add Y410 support in dump surface * trace: add trace for vaDeriveImage * trace: add missing trace fields for VAProcPipelineParameterBuffer * doc: add backward compatibility declarison declaration * android: Remove unnecessary Android code * android: Include directories and generated header files in Android.bp * android: Update Android.bp to generate va_version.h and build only for x86_64 * android: Add Android.bp to replace mk files ==== ncurses ==== Version update (6.5.20251213 -> 6.6.20260103) Subpackages: libncurses6 ncurses-utils terminfo-base - Add ncurses patch 20251231 + amend fix for Windows-style pathnames to eliminate "./" in comment generated by infocmp where not needed (report by Sven Joachim). + fix a few gcc 15.2 warnings for C23 + actually generate doc/html/announce.html (report by Branden Robinson) - Add ncurses patch 20260103 + cancel ncv in putty (patch by Jakub Horky) + add NQ to list of user-definable capabilities in user_caps(5) (patch by Jakub Horky) + update ncurses/wcwidth.c, for MinGW ports, from xterm. - Update to ncurses 6.6 (patch 20251230) + update announcement + corrected an ifdef needed for mouse support in MinGW/Windows + eliminate remaining duplicate code between MinGW/Windows drivers - Update to tack-1.11-20251210 * package/debian/changelog, package/tack.spec, tack.h: bump * edit.c: gcc warning 0 vs NULL * tackcfg.h: build-fix: term.h no longer exports termios.h definitions (Debian #1122485) * tack.h: use noreturn, if possible * tackgen.c, tack.c, pad.c, sync.c, output.c, modes.c, crum.c, edit.c, fun.c, init.c, menu.c, ansi.c, charset.c, color.c, control.c, tack.h: fixes for gcc15 -Wzero-as-null-pointer-constant - Port and rename patch ncurses-6.4.dif which is now ncurses-6.6.dif - Port patches * ncurses-5.9-ibm327x.dif * ncurses-6.5-ghostty.dif - Add ncurses patch 20251227 + make win32_curses.h obsolete in favor of nc_win32.h + modify MinGW32 configuration to account for its use of Windows-style pathnames in filesystem checks. + replace --enable-exp-win32 option with --enable-named-pipes - Add ncurses patch 20251220 > in-progress work to merge MinGW/Windows port. + eliminate EXP_WIN32_DRIVER with USE_NAMED_PIPES + change MS_TERMINAL to DEFAULT_TERM_VAR ==== pcsc-lite ==== - Add Provides for pcscd to increase Debian compatibility ==== python-maturin ==== Version update (1.10.2 -> 1.11.2) - Update to version 1.11.2 (version bump only) - Changes in 1.11.1: * Fix compiled artifacts being excluded by source path matching gh#PyO3/maturin#2910 * Better error reporting for missing interpreters gh#PyO3/maturin#2918 * Ignore unreadable excluded directories gh#PyO3/maturin#2916 - Changes in 1.11.0: * Correct tagging for x86_64 iOS simulator wheels. gh#PyO3/maturin#2851 * Bump MSRV to 1.85.0 and use Rust 2024 edition gh#PyO3/maturin#2850 * Upgrade goblin to 0.10 gh#PyO3/maturin#2853 * Set entry type when adding to the tar file gh#PyO3/maturin#2859 * Split up module_writer.rs code for code organization gh#PyO3/maturin#2857 * Update environment variables for Android cross-compilation support gh#PyO3/maturin#2825 * Upgrade some Rust dependencies gh#PyO3/maturin#2860 * Swap outer and inner loops in write_python_part() gh#PyO3/maturin#2861 * Split out convenience methods from ModuleWriter trait gh#PyO3/maturin#2842 * Update cargo_metadata to 0.20.0 gh#PyO3/maturin#2864 * Calculate file options for WheelWriter once and cache the result gh#PyO3/maturin#2865 * fix link to pyo3 config file documentation gh#PyO3/maturin#2869 * Clean up internal fields of WheelWriter gh#PyO3/maturin#2870 * chore: bump action versions in the generated ci file gh#PyO3/maturin#2873 * Deprecate 'upload' and 'publish' CLI commands gh#PyO3/maturin#2875 * Create a binding generator trait gh#PyO3/maturin#2872 * Migrate cffi bindings to new BindingGenerator trait gh#PyO3/maturin#2876 * Always emit deprecation warning for 'upload' and 'publish' gh#PyO3/maturin#2879 * Migrate uniffi bindings to new BindingGenerator trait gh#PyO3/maturin#2878 * Emit a warning if a file is excluded from the archive by matching the target gh#PyO3/maturin#2874 * Migrate bin bindings to new BindingGenerator trait gh#PyO3/maturin#2880 * Clean up BindingGenerator interface gh#PyO3/maturin#2881 * Update ModuleWriter logic to use ArchiveSource enum gh#PyO3/maturin#2882 * Auto-enable required features for uniffi-bindgen gh#PyO3/maturin#2886 * Add VirtualWriter to track and order archive entries gh#PyO3/maturin#2887 * Remove maturin publish from docs gh#PyO3/maturin#2904 * Stop hardcode platform tag when using zig gh#PyO3/maturin#2905 * Make PEP 517 profile tests more resilient to cargo profiles gh#PyO3/maturin#2902 * Update pyodide version to fix emscripten CI gh#PyO3/maturin#2906 * Implement Android platform tag support gh#PyO3/maturin#2900 ==== python313-setuptools ==== Version update (78.1.1 -> 80.9.0) - Update to v80.9.0 * Set a deadline for the removal of pkg_resources later this year (December). (#3085) * Removed reliance on pkg_resources in test_wheel. (#3085) - Release v80.8.0 * Replaced more references to pkg_resources with importlib equivalents in wheel module. (#3085) * Restore explicit LICENSE file. (#5001) - Release v80.7.1 * Only attempt to fetch eggs for unsatisfied requirements. (#4998) * In installer, when discovering egg dists, let metadata discovery search each egg. (#4998) - Release v80.7.0 * Removed usage of pkg_resources from installer. Set an official deadline on the installer deprecation to 2025-10-31. (#4997) - Release v80.5.0 * Replaced more references to pkg_resources with importlib equivalents. (#3085) - Release v80.4.0 * Simplified the error reporting in editable installs. (#4984) - Release v80.3.0 * Removed easy_install and package_index modules. (#917) - Release v80.2.0 * Restored support for install_scripts --executable (and classic behavior for the executable for those invocations). Instead, build_editable provides the portable form of the executables for downstream installers to rewrite. (#4934) - Release v80.1.0 * Added a deadline of Oct 31 to the setup.py install deprecation. * With setup.py install --prefix=..., fall back to distutils install rather than failing. Note that running setup.py install is deprecated. (#3143) - Release v80.0.1 * Fixed index_url logic in develop compatibility shim. (#4966) - Release v80.0.0 [#]# Deprecations and Removals * Removed support for the easy_install command including the sandbox module. (#2908) * Develop command no longer uses easy_install, but instead defers execution to pip (which then will re-invoke Setuptools via PEP 517 to build the editable wheel). Most of the options to develop are dropped. This is the final warning before the command is dropped completely in a few months. Use-cases relying on 'setup.py develop' should pin to older Setuptools version or migrate to modern build tooling. (#4955) - Release v79.0.0 * Removed support for 'legacy-editable' installs. (#917) - Add python-setuptools.rpmlintrc for false positives on requirements ==== qt6-webengine ==== Subpackages: libQt6WebEngineCore6 libQt6WebEngineQuick6 libQt6WebEngineWidgets6 qt6-webengine-imports - boo#1251922 - Re-enable LTO and pass -mno-outline-atomics to 3rdparty/chromium for aarch64 as a workaround until fixed upstream ==== rust-keylime ==== Version update (0.2.8+12 -> 0.2.8+96) - Use tmpfiles.d for /var directories (PED-14736) - Update to version 0.2.8+96: * build(deps): bump wiremock from 0.6.4 to 0.6.5 * build(deps): bump actions/checkout from 5 to 6 * build(deps): bump chrono from 0.4.41 to 0.4.42 * packit: Get coverage from Fedora 43 runs * Fix issues pointed out by clippy * Replace mutex unwraps with proper error handling in TPM library * Remove unused session request methods from StructureFiller * Fix config panic on missing ek_handle in push model agent * build(deps): bump tempfile from 3.21.0 to 3.23.0 * build(deps): bump actions/upload-artifact from 4 to 6 (#1163) * Fix clippy warnings project-wide * Add KEYLIME_DIR support for verifier TLS certificates in push model agent * Thread privileged resources and use MeasurementList for IMA reading * Add privileged resource initialization and privilege dropping to push model agent * Fix privilege dropping order in run_as() * add documentation on FQDN hostnames * Remove confusing logs for push mode agent * Set correct default Verifier port (8891->8881) (#1159) * Add verifier_url to reference configuration file (#1158) * Add TLS support for Registrar communication (#1139) * Fix agent handling of 403 registration responses (#1154) * Add minor README.md rephrasing (#1151) * build(deps): bump actions/checkout from 5 to 6 (#1153) * ci: update spec files for packit COPR build * docs: improve challenge encoding and async TPM documentation * refactor: improve middleware and error handling * feat: add authentication client with middleware integration * docker: Include keylime_push_model_agent binary * Include attestation_interval configuration (#1146) * Persist payload keys to avoid attestation failure on restart * crypto: Implement the load or generate pattern for keys * Use simple algorithm specifiers in certification_keys object (#1140) * tests: Enable more tests in CI * Fix RSA2048 algorithm reporting in keylime agent * Remove disabled_signing_algorithms configuration * rpm: Fix metadata patches to apply to current code * workflows/rpm.yml: Use more strict patching * build(deps): bump uuid from 1.17.0 to 1.18.1 * Fix ECC algorithm selection and reporting for keylime agent * Improve logging consistency and coherency * Implement minimal RFC compliance for Location header and URI parsing (#1125) * Use separate keys for payload mechanism and mTLS * docker: update rust to 1.81 for distroless Dockerfile * Ensure UEFI log capabilities are set to false * build(deps): bump http from 1.1.0 to 1.3.1 * build(deps): bump log from 0.4.27 to 0.4.28 * build(deps): bump cfg-if from 1.0.1 to 1.0.3 * build(deps): bump actix-rt from 2.10.0 to 2.11.0 * build(deps): bump async-trait from 0.1.88 to 0.1.89 * build(deps): bump trybuild from 1.0.105 to 1.0.110 * Accept evidence handling structures null entries * workflows: Add test to check if RPM patches still apply * CI: Enable test add-agent-with-malformed-ek-cert * config: Fix singleton tests * FSM: Remove needless lifetime annotations (#1105) * rpm: Do not remove wiremock which is now available in Fedora * Use latest Fedora httpdate version (1.0.3) * Enhance coverage with parse_retry_after test * Fix issues reported by CI regarding unwrap() calls * Reuse max retries indicated to the ResilientClient * Include limit of retries to 5 for Retry-After * Add policy to handle Retry-After response headers * build(deps): bump wiremock from 0.6.3 to 0.6.4 * build(deps): bump serde_json from 1.0.140 to 1.0.143 * build(deps): bump pest_derive from 2.8.0 to 2.8.1 * build(deps): bump syn from 2.0.90 to 2.0.106 * build(deps): bump tempfile from 3.20.0 to 3.21.0 * build(deps): bump thiserror from 2.0.12 to 2.0.16 * rpm: Fix patches to apply to current master code * build(deps): bump anyhow from 1.0.98 to 1.0.99 * state_machine: Automatically clean config override during tests * config: Implement singleton and factory pattern * testing: Support overriding configuration during tests * feat: implement standalone challenge-response authentication module * structures: rename session structs for clarity and fix typos * tpm: refactor certify_credential_with_iak() into a more generic function * Add Push Model Agent Mermaid FSM chart (#1095) * Add state to avoid exiting on wrong attestation (#1093) * Add 6 alphanumeric lowercase X-Request-ID header * Enhance Evidence Handling response parsing * build(deps): bump quote from 1.0.35 to 1.0.40 * build(deps): bump libc from 0.2.172 to 0.2.175 * build(deps): bump glob from 0.3.2 to 0.3.3 * build(deps): bump actix-web from 4.10.2 to 4.11.0 ==== sdl2-compat ==== Version update (2.32.60 -> 2.32.62) - Update to release 2.32.62 * Fixed crash if HIDAPI strings are not available ==== selinux-policy ==== Version update (20251219 -> 20260106) Subpackages: selinux-policy-targeted - Update to version 20260106: * linuxptp: add support for dropping root privileges * fail2ban: Tweak selinux regex for /run/fail2ban. * Allow virtqemud setattr dri devices * Allow irqbalance create and use netlink generic socket * Allow thumb_t connect to XDM over a unix domain stream socket * Allow systemd-homework to remove ~/.identity-blob * Revert "Allow kl2tpd create and use netlink_generic_socket" * Support cockpit privileged access for the staff user * Update su_domain_type policy for kerberized su * Allow sshd-session inherit limits from its parent process * Allow systemd-machined read virtd process state * Allow kl2tpd create and use netlink_generic_socket * Update policy for redfish-finder * Label the greetd login manager framework as a display manager * Allow sshd-auth get attributes of sshd vsock socket * Confine redfish_finder - host api discovery service * Allow iptables read firewalld process state * Allow tuned_t use its private tmpfs files * The commit addresses the following AVC denials: * Allow passwd read and write a sshd-session unnamed pipes * Allow sshd-auth capabilities * Allow sshd-auth read network sysctls * Label /run/insights-client.ppid with insights_client_run_t * fix: unbreak thumbnailing for Thunar/tumblerd * Add files_mounton_generic_tmp_dirs() interface * Add the rpm_signal() interface * Allow session_bus_type get the attributes of the pidfs filesystem * Allow pcscd get the attributes of the pidfs filesystem * Allow sssd get the attributes of the pidfs filesystem * Allow KDE Plasma Login Manager to function as a display manager * Allow mdadm search filesystem_type directories * Update policy for dhcpc_hook_t * Label /usr/libexec/dhcpcd-run-hooks with dhcpc_hook_exec_t * Allow staff role read/write cockpit-session unix stream sockets * Allow stap server read virtual memory sysctls - Syncing with upstream rawhide selinux-policy up to: * 415e98f61041ebd8158063d62e750cd391841e00 - Update embedded container-selinux version to commit: * 3f7c37e93e172f531de233f40a58a1b8ec6ff17d (v2.245.0) ==== shadow ==== Subpackages: libsubid5 login_defs shadow-pw-mgmt - Add permissions file for shadow-pw-mgmt [bsc#1253052#c12], [bsc#1254844] ==== systemd-presets-branding-Aeon ==== - Modernize specfile - Update Supplements to new RPM format - Use RPM macros provided by systemd-presets-common-SUSE-devel ==== systemd-presets-branding-MicroOS ==== - Modernize specfile - Update Supplements to new RPM format - Use RPM macros provided by systemd-presets-common-SUSE-devel ==== systemd-presets-common-SUSE ==== - Add Provides: %{name}-selinux-storeroot-etc-service so that selinux-policy can "Conflicts:" on versions without the cleanoldesepoldir.service. Otherwise store-root migration might break (PED-12492, bsc#1221342) ==== tbb ==== Version update (2022.2.0 -> 2022.3.0) - Make build recipe POSIX sh compatible - Update to 2022.3.0 * [Preview] Introduced API for setting dynamic task dependencies in task_group. This allows successor tasks to execute only after all their predecessors have completed. * Extended task_arena with API support for enqueuing functions into a task_group and waiting for the task_group to complete. * Introduced API for setting and getting the assertion handler. This allows applications to set their own assertion handling functions. - Update cf-prot.patch, partially fixed upstream - Add tbb-python-setuptools.patch * gh#uxlfoundation/oneTBB#1941 * replace setup.py direct call ==== tslib ==== Version update (1.22 -> 1.24) - update to 1.24: * improved release procedure * debug fixes for 32bit systems * CMake and autoconf updates for newer versions * fixes for minor cppcheck errors * ts_conf test program fixes * new filter module: `module crop` * some build and security fixes * improved release procedure - updated keyring ==== userspace-rcu ==== Version update (0.15.3 -> 0.15.5) - update to 0.15.5: * x86: Define cmm_smp_mb() as lock; addl rather than mfence * Introduce barrier test * Add test_uatomic to gitignore * Cleanup: Remove stray space * benchmark: Add uatomic benchmark * uatomic: Fix redundant memory barriers for atomic builtin operations * Cleanup: Remove useless declarations from urcu-qsbr * src/urcu-bp.c: assert => urcu_posix_assert * ppc.h: improve ppc64 caa_get_cycles on Darwin ==== vim ==== Version update (9.1.1966 -> 9.1.2050) Subpackages: vim-data-common vim-small - update to 9.1.2050: * patch 9.1.2050: tests: Test_cd_completion may fail * patch 9.1.2049: Vim9: unexpected E1209 error * patch 9.1.2048: MS-Windows: backspace behavior wrong with ConPTY * patch 9.1.2047: MS-Windows: style issue in gui_w32.c * patch 9.1.2046: MS-Windows: compile warnings * runtime(doc): Clarify visual mark behavior in getpos(), setpos() * runtime: mention subscription only ml, fix typo in maintainer email * translation(it): Update Italian translation * patch 9.1.2045: Mac: Build failure with Mac OS X 10.6 * patch 9.1.2044: Inefficient use of ga_concat() * patch 9.1.2043: filetype: kos files are not reconized * patch 9.1.2042: filetype: systemd quadlet files are not recognized * patch 9.1.2041: tests: test_menu.vim leaves swapfiles behind * patch 9.1.2040: :tlunmenu incorrectly accepts a range * runtime(logtalk): Update Logtalk runtime files for the latest language spec * patch 9.1.2039: if_ruby: crash when using Ruby/dyn 4.0 * patch 9.1.2038: tests: test_marks.vim leaves swapfiles behind * runtime: Revert several "mark invalid contact addresses" commits * patch 9.1.2037: undo: cursor position not correctly restored * patch 9.1.2036: if_ruby: build error with ruby 4.0 * runtime: mark more invalid email addresses * runtime: mark more invalid email addresses * runtime: mark invalid contact addresses * patch 9.1.2035: filetype: filetype: Fennel fnlm files are not recognized * patch 9.1.2034: filetype: Fennel fnml files are not recognized * patch 9.1.2033: tests: Test_terminal_cwd flaky when using ConPTY * patch 9.1.2032: Vim9: error when using class member in Lambda * translation(zh_CN): Update the Simplify Chinese translation * runtime(rust): Update indentation after nested array literal * runtime(doc): Update Contributing.md on the use of AI * runtime(doc): Emphasize adding tests when contributing * runtime(rust): partly revert e426245b, it causes more issues than it solves * patch 9.1.2031: Makefile: cannot run make installinks twice * patch 9.1.2030: inefficient use of ga_concat() * patch 9.1.2029: tests: the test_vim9_class.vim testfile is too long * runtime(tutor): Improve Spanish translation for chapter 2 after 757b42a * runtime(indent-tests): Include a simple Rust indent test * runtime(rust): clean-up indent script, handle opening empty line correctly * patch 9.1.2028: [security]: Buffer-overflow with incomplete multi-byte chars * runtime(bpftrace): add indention plugin * translation(zh_CN): Update the Simplify Chinese translation * runtime(doc): improve :catch documentation * patch 9.1.2027: filetype: bicep filetype used for 2 bicep file types * patch 9.1.2026: tests: patch 9.1.2019 not tested properly * patch 9.1.2025: conpty terminal process may not start * patch 9.1.2024: 'fsync' option cannot be set per buffer * patch 9.1.2023: [security]: Use-after-free in alist_add() with nasty autocmd * runtime(compiler): add pyright Python type checker * runtime(doc): remove some fixed items from todo.txt * patch 9.1.2022: using C++ keyword class as member variable name * runtime(netrw): Fix reading UNC paths on windows * runtime(compiler): ignore 'Found' messages in ruff and ty compiler * patch 9.1.2021: filetype: fluent files are not recognized * runtime(termdebug): update v:shell_error condition test. * patch 9.1.2020: tests: test_virtualedit.vim leaves swapfiles behind * patch 9.1.2019: inconsistent cursor encoding past EOL with ve=all * patch 9.1.2018: proto: ops.pro outdated * runtime(osc52): A few minor fixes * runtime(doc): add reference to searchcount() function * runtime(doc): Improve :catch documentation * runtime(make): Makefile highlighting breaks with ')' in string * runtime(make): Move target greedy match after $() to avoid region matching overflow * patch 9.1.2017: getregionpos() depends on 'linebreak' setting * patch 9.1.2016: cindent wrong indentation after do-while loop * patch 9.1.2015: blob2string() stopped after an empty line * patch 9.1.2014: clipboard: clipboard register corrupted with clipboard provider * patch 9.1.2013: tests: Test_terminal_shell_option fails with conpty * patch 9.1.2012: Vim9: cannot initialize class member with protected var * runtime(ftplugin): set different formatoptions for bpftrace * patch 9.1.2011: crash when unreferencing gtk icon theme * patch 9.1.2010: Missing out-of-memory checks in vim9class.c * runtime(bpftrace): add base syntax plugin * patch 9.1.2009: tests: "Xm4" test directory may not be deleted * patch 9.1.2008: filetype: hylo files are not recognized * translation(sr): Update Serbian message translation * patch 9.1.2007: filetype: bpftrace hashbang lines are not recognized * patch 9.1.2006: MS-Windows: ANSI colors not correct in terminal * runtime(doc): Improve :help builtin-function-list table formatting * patch 9.1.2005: MS-Windows: Missing fullscreen support for GUI version * patch 9.1.2004: MS-Windows: executable() cannot find file in directory with single char * runtime(ty): include ty compiler plugin * patch 9.1.2003: tests: Test_glob_symlinks may fail on Window * patch 9.1.2002: Vim9: heap-use-after-free when when accessing protect class member * refactor(vim9): use 'start' open urls on win32 * runtime(vim9): Reset pwsh and powershell in Open() * translation(hy): Update Armenian language translation * runtime(openPlugin): start :Launch process in the background in GUI mode * translation(zh_CN): Add license disclaimer * runtime(getscript): GLVS plugin fails with wget.exe with PowerShell * runtime(doc): Fix "Vim script" formatting at :help clipboard-providers * patch 9.1.2001: cursor may end up in wrong window after :botright copen * runtime(doc): clarify the behavior of CTRL-Z * runtime(zip): Use :lcd instead of :cd in zip.vim * patch 9.1.2000: Vim9: object member used char_u pointers * translation(hy): Update Armenian language translation * translation(zh_CN): Update the Simplify Chinese translation * runtime(doc): fix outdated :function help * runtime(osc52): Update documentation, send DA1 query when loading package ... changelog too long, skipping 47 lines ... * patch 9.1.1967: if_python: 64bit numbers truncated ==== xterm ==== Version update (402 -> 406) Subpackages: xterm-bin xterm-resize - update to 406: * add option -emoji_width and resource emojiWidth - update to 404: * add numeric keypad codes to XTGETTCAP. * implement parsing and cursor positioning for Unicode variation selectors 15 and 16. * improve limit-checking for mouse button and motion events * fix a bug in printer code in xterm #403 * change wcwidth for private-use codes, to make them consistently neutral width, i.e., single/double width according to whether they are used for CJK. * improve test-driver for wcwidth, adding options to test the predefined ranges listed in UnicodeData, as well as suppressing output where it only shows that the system's wcwidth lacks a definition for codes. * add some of the OpenBSD local-patches, including an ifdef-improvement for DEF_DISALLOWED_WINDOW * modify configure script macros to widen pattern for $host_os from “linux*gnu” to “linux*gnu*” to cover targets such as i686-pc-linux-gnut64 (GenToo #963725). ==== yast2 ==== Version update (5.0.17 -> 5.0.18) - save_y2logs: Do not use the legacy /var/lib/rpm database path (bsc#1254914) - 5.0.18 ==== zchunk ==== Version update (1.5.2 -> 1.5.3) - update to 1.5.3: * Rename internal close() functions to close_zck_component to avoid POSIX conflict on AIX