Packages changed: MicroOS-release (20241018 -> 20241023) dav1d (1.4.3 -> 1.5.0) distrobox (1.7.2.1 -> 1.8.0) dnf evolution-data-server (3.54.0 -> 3.54.1) ghostscript (10.03.1 -> 10.04.0) gjs (1.82.0 -> 1.82.1) gnome-branding-Aeon gnome-control-center (47.0.1+8 -> 47.1.1) gnome-online-accounts (3.52.0 -> 3.52.1) gnome-shell (47.0 -> 47.1) gnome-shell-extensions (47.0 -> 47.1) gnome-terminal (3.54.0 -> 3.54.1) grub2 gtk2 gtk3 gvfs (1.56.0 -> 1.56.1) hwinfo (23.2 -> 23.3) hyper-v (8 -> 9) kernel-firmware (20241001 -> 20241018) libdnf (0.73.2 -> 0.73.3) libjcat (0.2.1 -> 0.2.2) libunistring (1.2 -> 1.3) mutter (47.0+19 -> 47.1) nautilus (47.0+8 -> 47.0+14) ncurses (6.5.20240928 -> 6.5.20241019) open-vm-tools (12.4.5 -> 12.5.0) openssl-3 patterns-base pipewire podman python-blinker (1.7.0 -> 1.8.2) python-certifi (2024.7.4 -> 2024.8.30) python-charset-normalizer (3.3.2 -> 3.4.0) python-cryptography (43.0.1 -> 43.0.3) qt6-base runc (1.2.0~rc3 -> 1.2.0) samba (4.21.0+git.363.84c94ca948f -> 4.21.1+git.367.e1da597d86e) selinux-policy (20240930 -> 20241021) u-boot-rpiarm64 vte (0.78.0 -> 0.78.1) webkit2gtk3 (2.46.1 -> 2.46.2) webkit2gtk4 (2.46.1 -> 2.46.2) wireplumber xf86-input-libinput (1.4.0 -> 1.5.0) xfsprogs (6.10.1 -> 6.11.0) xz (5.6.2 -> 5.6.3) zlib-ng-compat (2.2.1 -> 2.2.2) === Details === ==== MicroOS-release ==== Version update (20241018 -> 20241023) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== dav1d ==== Version update (1.4.3 -> 1.5.0) - Update to version 1.5.0 * WARNING: we removed some of the SSE2 optimizations, so if you care about systems without SSSE3, you should be careful when updating! * Optimize index offset calculations for decode_coefs * picture: copy HDR10+ and T35 metadata only to visible frames * SSSE3 new optimizations for 6-tap (8bit and hbd) * AArch64/SVE: Add HBD subpel filters using 128-bit SVE2 * AArch64: Add USMMLA implempentation for 6-tap H/HV * AArch64: Optimize Armv8.0 NEON for HBD horizontal filters and 6-tap filters * Power9: Optimized ITX till 16x4. * Loongarch: numerous optimizations * RISC-V optimizations for pal, cdef_filter, ipred, mc_blend, mc_bdir, itx * Allow playing videos in full-screen mode in dav1dplay ==== distrobox ==== Version update (1.7.2.1 -> 1.8.0) Subpackages: distrobox-bash-completion - update to 1.8.0 * Improvements + Improvements on Nvidia integration + Improvements on XDG_* env variables management + Remote distrobox assemble files! Keep them remote with distrobox assemble create --file https://foo.com/file.ini! + A lot of new container distros, from @ublue-os and @toolbx-images, New Fedora, Ubuntu, Alpine and @wolfi-dev wolfi-toolbox! * all: ensure env variables are set and have values * all: use registry.fedoraproject.org/fedora-toolbox:latest image by default, Fix #1402 * assemble: add support for remote manifest files * assemble: ensure variables are reset correctly * assemble: fix name detection with hyphens, Fix #1507 * assemble: fix possible empty lines, Fix #1514 * assemble: improve handling of hooks, pass around b64 encoded string to avoid unwanted evaluations * compatibility: add missing url for ubuntu:23.04 by @sheevy in #1439 * create: better explain init/pre-init hooks * create: ignore trailing slashes on custom homes, Fix #1575 * docs: Add kali icon by @andyspectre in #1451 * docs: Document support for alpine 3.20 containers by @Ferenc- in #1504 * docs: Fix issue with user not having permissions to write containers.conf by @nhermosilla14 in #1456 * docs: Seperate curl and wget commands by @axtloss in #1434 * docs: Update microos -> aeon/kalpa in docs by @TheRsKing in #1427 * docs: Update openSUSE and SLES compatibility guide by @alexandrevicenzi in #1489 * docs: add BlackaArch Linux compatibility, Fix #1358 * docs: add compatibility with ghcr.io/ublue-os/bluefin-cli, Fix #1453 * docs: document an official way to detect when you're in a distrobox * docs: document pipewire/alsa packages for ubuntu initful containers. Fix #1374 * docs: fix subuids spelling mistake by @yocoldle in #1431 * docs: fix link for Crystal linux. Fix #1418 * docs: fix linting * docs: fix obsolete Chainguard Wolfi notes * docs: point to new nixos wiki by @Mic92 in #1384 * docs: remove rhel-toolbox image from compatibility, it's now behind paywall * docs: support for 3d acceleration in: run_libvirt_in_distrobox.md by @TheRsKing in #1426 * docs: update compatibility, add ublue toolboxes, update Alpine and Fedora versions, Fix #1501 * docs: update vscode integration docs * enter: Fix distrobox-enter and distrobox-rm to handle containers that have environment variables shorter than 5 symbols by @senioroman4uk in #1545 * enter: Fix support for Active Directory usernames including backslashes pt. 2 by @phoppermann in #1458 * enter: fix additional flags evaluation, Fix #1541 * enter: fix docker timestamp incompatibility, Fix #1382, Fix #1424, Fix #1392 * enter: fix regression in login for initful container, Fix #1428 * enter: get rid of eval and pass arguments using set. This will avoid maniupulating args, and simplify our life. Fix #749, Fix #1461 * enter: improve positional args handling, treat enter command accordingly, improve comments explaining the black magic * export: Actually fix XDG_DATA_DIRS and XDG_DATA_HOME handling by @TigerGorilla2 in #1582 * export: Fix XDG_DATA_DIRS and XDG_DATA_HOME handling by @e-luks in #1496 * export: ensure destpath exists, Fix #1405 * export: fix CONTAINER_ID fallback * export: fix grep errors on list-apps * export: improve documentation of the spec. Fix #1444 * export: simplify and cleanup code * export: support exporting app launchers by full-path. * extras: vscode- improve podman wrapper, add docker wrapper, fix reconnections * fix for 1440 by @dtg01100 in #1441 * fix: init package in Gentoo Stage3 image by @xz-dev in #1455 * fix:[#1525] handle container creation failure by @jardon in #1526 * generate-entry: add 'Remove' action to entry, Fix #1433 * generate-entry: add timeout to downloads, Fix #1459 * generate-entry: fix generic icon download and setup * generate-entry: fix linting * generate-entry: use XDG_DATA_HOME by @Samueru-sama in #1468 * host-exec: fix arm naming, Fix #1442 * host-exec: fix host-spawn version * host-exec: update host-spawn version * init: fix arch locale-gen by @Boria138 in #1520 * init: Exclude repos from bind-mounting by @lunacd in #1503 * init: Fix SHELL using absolute path and disable duplicate profile inclusion by @eugenesan in #1397 * init: Generate host locales in container (fixed issue #1399) by @Boria138 in #1404 * init: add fallback values for host locale variables * init: add iputils * init: add iputils in setup_pacman by @intzaaa in #1576 * init: apt-get upgrade, force keeping old configs when non interactive * init: arrange package manager to avoid conflicts when using more than one (eg: packaging containers) * init: auto-link /usr/bin/flatpak, to better support opening links on host's browser, if those are flatpaks * init: do not fail in "Setting up read-only mounts" if findmnt does not exist by @phoppermann in #1454 * init: ensure we have DBUS variables set for host-spawn to work in login scripts, Fix #1383 * init: fallback case where mounting /etc/localtime fails, Fix #1435 * init: fix detection of 32bit nvidia libs on suse family * init: fix failing chpasswd on systemd-homed managed users, Fix #1423 * init: fix locale generation for minimal images * init: fix locale generation on musl and older systems * init: fix missing allowerasing flag for dnf * init: fix nvidia integration mounting files from boost libs, Fix #1500 * init: fix nvidia integration, improve search of nvidia files, Fix #1500 * init: fix typo in fallback locale values * init: fix udev clash on rootful initful systems * init: fix void-linux failing due to runit, Fix #1380 * init: perform upgrade before setting up archlinux packages * init: proper fix for void extraction paths. Fix #1457 * init: remove su-exec workaround for Wolfi, now that it supports proper sudo * init: rework package managment code * init: separate 'mount --rbind -o rslave ...' into 'mount --rbind ...'… by @timwa0669 in #1583 * rm: Fix distrobox-enter and distrobox-rm to handle containers that have environment variables shoter than 5 symbols by @senioroman4uk in #1545 * rm: add fallback value to response_force * rm: ask to force-delete if running and in interactive mode * rm: fix IFS overwriting, Fix #1400 * rm: remove dead code, remove container volumes. ==== dnf ==== - Do not recommend -lang package: the lang package has already the relevant supplements in place. ==== evolution-data-server ==== Version update (3.54.0 -> 3.54.1) Subpackages: libcamel-1_2-64 libebackend-1_2-11 libebook-1_2-21 libebook-contacts-1_2-4 libecal-2_0-3 libedata-book-1_2-27 libedata-cal-2_0-2 libedataserver-1_2-27 libedataserverui-1_2-4 - Update to version 3.54.1: + Bug Fixes: - Pass GError instead of CamelException to camel_movemail_solaris - Fix argument types in ENABLE_BROKEN_SPOOL code - Use GIConv instead of iconv_t with iconv wrappers - ESoupSession: Sometimes accesses server without OAuth2 token + Updated translations. ==== ghostscript ==== Version update (10.03.1 -> 10.04.0) - update to 10.04.0 (bsc#1232173): * Amongst other general bugs fixes, this release addresses: + CVE-2024-46951 + CVE-2024-46952 + CVE-2024-46953 + CVE-2024-46954 + CVE-2024-46955 + CVE-2024-46956 ==== gjs ==== Version update (1.82.0 -> 1.82.1) Subpackages: libgjs0 typelib-1_0-GjsPrivate-1_0 - Update to version 1.82.1: + Fixed gnome-shell crash when switching user after upgrade from Fedora 40 to Fedora 41 ==== gnome-branding-Aeon ==== - Change default recommended flatpaks, install Ptyxis, offer a PDF viewer ==== gnome-control-center ==== Version update (47.0.1+8 -> 47.1.1) Subpackages: gnome-control-center-color gnome-control-center-goa - Update to version 47.1.1: + Fix crash on display scales > 1 due to conflicting type registration. - Update to version 47.1: + About: Allow FQDN hostnames + Appearance: Fix thumbnailing of backgrounds causing OOM kills + Date and Time: Fix resize issue in the time format row when shown in small window sizes + Online Accounts: Fix untranslated account provider info string + Region and Language: Update language row after closing language selector + Remote Desktop: Hide "Remote Desktop" row when gnome-remote-desktop is not available + Wacom: - Don't crash when handling an unknown stylus ID - Don't show Map Buttons for fallback devices - Handle all external remotes like an external TV remote-like device - Make assets recolaborable, supporting dark-style, high-contrast, and accent colors - Support HDPI for tablet/stylus illustration images + Updated translations. ==== gnome-online-accounts ==== Version update (3.52.0 -> 3.52.1) Subpackages: libgoa-1_0-0 libgoa-backend-1_0-2 - Update to version 3.52.1: + Bugs fixed: - goakerberosprovider: don't assume all errors are auth errors - goaoauthprovider: fix expected NULL GError + Updated translations. ==== gnome-shell ==== Version update (47.0 -> 47.1) Subpackages: gnome-shell-calendar - Update to version 47.1: + Improve quick settings accessibility + Use accent color in tablet configuration UI + Improve accuracy of inset box shadows + Fix `PopupSwitchMenuItem::toggled` passing wrong state + Consider text direction when handling arrow keys in sliders + Fix layout issues with new dialog style + Fix uneven padding in notification headers + Fixed crash + Misc. cleanups and bug + Updated translations. ==== gnome-shell-extensions ==== Version update (47.0 -> 47.1) Subpackages: gnome-shell-classic gnome-shell-extensions-common - Update to version 47.1: + classic: Add missing top-bar indicators + window-list: - Fix window state styling - Fix "ignore-workspace" setting getting reset + Misc. bug fixes and cleanups ==== gnome-terminal ==== Version update (3.54.0 -> 3.54.1) Subpackages: nautilus-extension-terminal - Update to version 3.54.1: + prefs: Follow the theme variant setting + Updated translations. ==== grub2 ==== Subpackages: grub2-arm64-efi grub2-common grub2-snapper-plugin - Fix error: /boot/grub2/x86_64-efi/bli.mod not found (bsc#1231591) - Keep grub packaging and dependencies in the SLE-12 and SLE-15 builds - Power guest secure boot with key management (jsc#PED-3520) (jsc#PED-9892) * 0001-ieee1275-Platform-Keystore-PKS-Support.patch * 0002-ieee1275-Read-the-DB-and-DBX-secure-boot-variables.patch * 0003-appendedsig-The-creation-of-trusted-and-distrusted-l.patch * 0004-appendedsig-While-verifying-the-kernel-use-trusted-a.patch * 0005-appendedsig-The-grub-command-s-trusted-and-distruste.patch * 0006-appendedsig-documentation.patch * 0007-mkimage-create-new-ELF-Note-for-SBAT.patch * 0008-mkimage-adding-sbat-data-into-sbat-ELF-Note-on-power.patch * grub2.spec : Building signed grub.elf with SBAT metadata - Support for NVMe multipath splitter (jsc#PED-10538) * 0001-ieee1275-support-added-for-multiple-nvme-bootpaths.patch - Deleted path (jsc#PED-10538) * 0001-grub2-Can-t-setup-a-default-boot-device-correctly-on.patch * 0001-grub2-Set-multiple-device-path-for-a-nvmf-boot-devic.patch - Fix not a directory error from the minix filesystem, as leftover data on disk may contain its magic header so it gets misdetected (bsc#1231604) * grub2-install-fix-not-a-directory-error.patch ==== gtk2 ==== Subpackages: gtk2-tools libgtk-2_0-0 - Eliminate usage of update-alternatives: + Drop gtk-update-icon-cache and relevant man page. We rely solely on GTK3 to perform this caching task. ==== gtk3 ==== Subpackages: gtk3-data gtk3-schema gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0 - Eliminate usage of update-alternatives: GTK2 no longer provides gtk-update-icon-cache, thus eliminating the need for this extra complexity. ==== gvfs ==== Version update (1.56.0 -> 1.56.1) Subpackages: gvfs-backend-afc gvfs-backend-goa gvfs-backend-samba gvfs-backends gvfs-fuse - Update to version 1.56.1: + udisks2: Increasing reference count when updating volume to fix crashes + onedrive: - Use names instead of id for events to fix monitoring - Add missing replace stream to fix crashes - onedrive: Fix double free during cache rebuild to fix crashes + dav: Recognize the 409 status to fix creation of parent directories + Updated translations. ==== hwinfo ==== Version update (23.2 -> 23.3) Subpackages: libhd23 - merge gh#openSUSE/hwinfo#148 - avoid reporting of spurious usb storage devices (bsc#1223330) - 23.3 ==== hyper-v ==== Version update (8 -> 9) - Add memory allocation check in hv_fcopy_start (94e86b17) - suppress the invalid warning for packed member alignment (207e03b0) - Add new fcopy application based on uio driver (82b0945c) - Add vmbus_bufring (45bab4d7) - kvp: Handle IPv4 and Ipv6 combination for keyfile format (f971f6dd) - kvp: Some small fixes for handling NM keyfiles (c3803203) - kvp: Support for keyfile based connection profile (42999c90) - kvp: remove unnecessary (void*) conversions (22589542) - Remove an extraneous "the" (f15f39fa) - change http to https in hv_kvp_daemon.c (fa52a4b2) - replace the copy of include/linux/hyperv.h with include/uapi/linux/hyperv.h (6de74d10) - merge individual udev rules files into a single rules file - package only files, not directories already owned by filesystem.rpm - remove braces from rpm spec macros - remove obsolete Group tag - replace RPM_BUILD_ROOT with buildroot - use a meaningful name for the UAPI include file - use a meaningful variable name for ifcfg in hv_set_ifconfig.sh ==== kernel-firmware ==== Version update (20241001 -> 20241018) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20241018 (git commit 2f0464118f40): * check_whence.py: skip some validation if git ls-files fails * qcom: Add Audio firmware for X1E80100 CRD/QCPs * amdgpu: DMCUB updates forvarious AMDGPU ASICs * brcm: replace NVRAM for Jetson TX1 * rtlwifi: Update firmware for RTL8192FU to v7.3 * make: separate installation and de-duplication targets * check_whence.py: check the permissions * Remove execute bit from firmware files * configure: remove unused file * rtl_nic: add firmware rtl8125d-1 - Update to version 20241014 (git commit 99f9c7ed1f4a): * iwlwifi: add gl/Bz FW for core91-69 release * iwlwifi: update ty/So/Ma firmwares for core91-69 release * iwlwifi: update cc/Qu/QuZ firmwares for core91-69 release * cirrus: cs35l56: Add firmware for Cirrus CS35L56 for a Lenovo Laptop * cirrus: cs35l56: Add firmware for Cirrus CS35L56 for some ASUS laptops * cirrus: cs35l56: Add firmware for Cirrus Amps for some HP laptops * linux-firmware: update firmware for en8811h 2.5G ethernet phy * QCA: Add Bluetooth firmwares for WCN785x with UART transport - Update to version 20241011 (git commit 808cba847c70): * mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher * ath12k: WCN7850 hw2.0: update board-2.bin (bsc#1230596) * ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1 * ath12k: QCN9274 hw2.0: add board-2.bin * copy-firmware.sh: rename variables in symlink hanlding * copy-firmware.sh: remove no longer reachable test -L * copy-firmware.sh: remove no longer reachable test -f * copy-firmware.sh: call ./check_whence.py before parsing the file * copy-firmware.sh: warn if the destination folder is not empty * copy-firmware.sh: add err() helper * copy-firmware.sh: fix indentation * copy-firmware.sh: reset and consistently handle destdir * Revert "copy-firmware: Support additional compressor options" * copy-firmware.sh: flesh out and fix dedup-firmware.sh * Style update yaml files * editorconfig: add initial config file * check_whence.py: annotate replacement strings as raw * check_whence.py: LC_ALL=C sort -u the filelist * check_whence.py: ban link-to-a-link * check_whence.py: use consistent naming * Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin * tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31 - Skip invocation of check_whence.py at copying: copy-file-skip-check.patch - Refresh copy-file-ignore-README.patch - Drop obsoleted --ignore-duplicates option to copy-firmware.sh - Drop the ath12k workaround again - Update to version 20241010 (git commit d4e688aa74a0): * rtlwifi: Add firmware v39.0 for RTL8192DU * Revert "ath12k: WCN7850 hw2.0: update board-2.bin" (replaced with a newer firmware in this package instead) - update aliases - Update to version 20241004 (git commit bbb77872a8a7): * amdgpu: DMCUB DCN35 update * brcm: Add BCM4354 NVRAM for Jetson TX1 * brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram ==== libdnf ==== Version update (0.73.2 -> 0.73.3) Subpackages: libdnf-repo-config-zypp libdnf2 - version update to 0.73.3 * Support colon in username, use LRO_USERNAME and LRO_PASSWORD * Set pool flag to fix pool_addfileprovides_queue() without filelists.xml * Fix a memory leak in glob_for_cachedir() ==== libjcat ==== Version update (0.2.1 -> 0.2.2) - Update to version 0.2.2: + New Features: - Add bt-logindex blob kind. + Bugfixes: - Increase test coverage for ED25519 support. - Save the auto-generated private key with 0600 file permissions. - Switch ED25519 support to not directly using Nettle. ==== libunistring ==== Version update (1.2 -> 1.3) - update to 1.3: * Support Unicode version 16.0.0 ==== mutter ==== Version update (47.0+19 -> 47.1) - Update to version 47.1: + gwakeup: Reduce wake-ups to only first item in queue + x11: Reduce chances XPending does recvmsg() syscall + Fix grabbing tablet devices + Fix misplaced windows and random resizes on scaled monitors + Fix explicit sync with virtual monitors w/o pipewire streams + Improve detecting preferred primary devices + Fixed crashes + Misc. bug fixes and cleanups + Updated translations. - Update to version 47.0+24: * stage-impl: Ensure that a sync object is created in headless mode * backends/x11: Avoid potential crash in pad_switch_mode * display: Do not crash attempting to display OSD for unknown Wacom device * wayland/drm-lease: Do not add connector twice on lease disappeared * wayland/drm-lease: Hold device fd when listing leases ==== nautilus ==== Version update (47.0+8 -> 47.0+14) Subpackages: gnome-shell-search-provider-nautilus libnautilus-extension4 - Update to version 47.0+14: * nautilus-tag-manager: Drop tinysparql 2to3 migration * Updated translations. ==== ncurses ==== Version update (6.5.20240928 -> 6.5.20241019) Subpackages: libncurses6 ncurses-utils terminfo-base - Add ncurses patch 20241019 + fixes for compiler warnings/cppcheck. + build-fixes for DJGPP configuration (patches by Stas Sergeev) - Add ncurses patch 20241006 + fixes for compiler warnings/cppcheck. + use xterm+alt+title in wezterm -TD ==== open-vm-tools ==== Version update (12.4.5 -> 12.5.0) Subpackages: libvmtools0 - convert to obs_scm - update to 12.5.0 (boo#1231826): There are no new features in the open-vm-tools 12.5.0 release. This is primarily a maintenance release that addresses a few critical problems, including: * A Github pull request has been integrated. Please see the Resolved Issues section of the Release Notes. * For a more complete list of issues resolved in this release, see the Resolved Issues section of the Release Notes. For complete details, see: https://github.com/vmware/open-vm-tools/releases/tag/stable-12.5.0 Release Notes are available at: https://github.com/vmware/open-vm-tools/blob/stable-12.5.0/ReleaseNotes.md The granular changes that have gone into the 12.5.0 release are in the ChangeLog at: https://github.com/vmware/open-vm-tools/blob/stable-12.5.0/open-vm-tools/ChangeLog ==== openssl-3 ==== Subpackages: libopenssl3 - Security fix: [bsc#1231741, CVE-2024-9143] * Low-level invalid GF(2^m) parameters lead to OOB memory access * Add openssl-CVE-2024-9143.patch - Security fix: [bsc#1220262, CVE-2023-50782] * Implicit rejection in PKCS#1 v1.5 * Add openssl-CVE-2023-50782.patch ==== patterns-base ==== Subpackages: patterns-base-base patterns-base-bootloader patterns-base-minimal_base patterns-base-x11 - In case of doubt, also favor libz1-32bit over libz-ng1-compat for the time being. ==== pipewire ==== Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Add patch from upstream to fix a crash with broadcasting sinks: * 0001-bluez5-fix-crash-with-broadcast-sinks.patch - Add patch from upstream to actually clear the mix io areas when being asked to clear it. Otherwise crashes might happen: * 0002-jack-actually-clear-the-mix-io.patch ==== podman ==== - Add patch for CVE-2024-9676 (bsc#1231698): * 0002-Use-securejoin.SecureJoin-when-forming-userns-paths.patch - Rebase patch: * 0001-Properly-validate-cache-IDs-and-sources.patch ==== python-blinker ==== Version update (1.7.0 -> 1.8.2) - update to 1.8.2: * Simplify type for _async_wrapper and _sync_wrapper arguments. :pr:`156` * Restore identity handling for str and int senders. :pr:`148` * Fix deprecated blinker.base.WeakNamespace import. :pr:`149` * Fix deprecated blinker.base.receiver_connected import. :pr:`153` * Use types from collections.abc instead of typing. :pr:`150` * Fully specify exported types as reported by pyright. :pr:`152` * Deprecate the __version__ attribute. Use feature detection, or importlib.metadata.version("blinker"), instead. :issue:`128` * Specify that the deprecated temporarily_connected_to will be removed in the next version. * Show a deprecation warning for the deprecated global receiver_connected signal and specify that it will be removed in the next version. * Show a deprecation warning for the deprecated WeakNamespace and specify that it will be removed in the next version. * Greatly simplify how the library uses weakrefs. This is a significant change internally but should not affect any public API. :pr:`144` * Expose the namespace used by signal() as default_namespace. :pr:`145` - add remove-sphinxextensions.patch to remove an optional sphinxextension ==== python-certifi ==== Version update (2024.7.4 -> 2024.8.30) - update to 2024.8.30: added certs: * TWCA CYBER Root CA O=TAIWAN-CA OU=Root CA * SecureSign Root CA12 O=Cybertrust Japan Co., Ltd. * SecureSign Root CA14 O=Cybertrust Japan Co., Ltd. * SecureSign Root CA15 O=Cybertrust Japan Co., Ltd. ==== python-charset-normalizer ==== Version update (3.3.2 -> 3.4.0) - update to 3.4.0: * Argument `--no-preemptive` in the CLI to prevent the detector to search for hints. * Support for Python 3.13 * Relax the TypeError exception thrown when trying to compare a CharsetMatch with anything else than a CharsetMatch. * Improved the general reliability of the detector based on user feedbacks. (#520) (#509) (#498) (#407) * Declared charset in content (preemptive detection) not changed when converting to utf-8 bytes. ==== python-cryptography ==== Version update (43.0.1 -> 43.0.3) - update to 43.0.3: * Fixed release metadata for cryptography-vectors * Fixed compilation when using LibreSSL 4.0.0. ==== qt6-base ==== Subpackages: libQt6Concurrent6 libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6OpenGLWidgets6 libQt6PrintSupport6 libQt6Sql6 libQt6Test6 libQt6Widgets6 libQt6Xml6 qt6-network-tls qt6-networkinformation-glib qt6-networkinformation-nm qt6-printsupport-cups qt6-sql-sqlite - Add patch to fix qxmpp test failures (gh#qxmpp-project/qxmpp#659): * 0001-QUuid-restore-sorting-order-of-Qt-6.8.patch - Add patch to fix potential crash with QDirIterator (QTBUG-130142): * 0001-QDirIterator-don-t-crash-with-next-after-hasNext-ret.patch ==== runc ==== Version update (1.2.0~rc3 -> 1.2.0) - Update to runc v1.2.0. Upstream changelog is available from . ==== samba ==== Version update (4.21.0+git.363.84c94ca948f -> 4.21.1+git.367.e1da597d86e) Subpackages: libldb2 samba-ad-dc-libs samba-client samba-client-libs samba-libs - Adjust spec to split out rpcd_* binaries into a separate sub package; (bsc#1231414). - Update to 4.21.1 * DH reconnect error handling can lead to stale sharemode entries; (bso#15624). * "inherit permissions = yes" triggers assert() in vfs_default when creating a stream; (bso#15695). * Samba 4.21.0 broke FreeIPA domain member integration; (bso#15715). * Missing conversion for msDS-UserTGTLifetime, msDS- ComputerTGTLifetime and msDS-ServiceTGTLifetime on "samba- tool domain auth policy modify"; (bso#15692). * irpc_destructor may crash during shutdown; (bso#15280). * Durable handle is not granted when a previous OPEN exists with NoOplock; (bso#15649). * Durable handle is granted but reconnect fails; (bso#15651). * Disconnected durable handles with RH lease should not be purged by a new non conflicting open; (bso#15708). * net ads testjoin and other commands use the wrong secrets.tdb in a cluster; (bso#15714). * 4.21 using --with-system-mitkrb5 requires MIT krb5 1.16 as rfc 8009 etypes are used; (bso#15726). * VFS_OPEN_HOW_WITH_BACKUP_INTENT breaks shadow_copy2; (bso#15730). * Samba 4.20.0 DLZ module crashes BIND on startup; (bso#15643). * Cannot build libldb lmdb backend on a build without AD DC; (bso#15721). * Consistent log level for sighup handler; (bso#15706). ==== selinux-policy ==== Version update (20240930 -> 20241021) Subpackages: selinux-policy-targeted - Update to version 20241021: * rsync: add rsync_exec_commands boolean and enable it by default (bsc#1231494) * Allow snapperd to execute systemctl (bsc#1231489) - Update to version 20241018: * Allow slpd to create TCPDIAG netlink socket (bsc#1231491) * Allow slpd to use sys_chroot (bsc#1231491) * Allow openvswitch-ipsec use strongswan (bsc#1231493) ==== u-boot-rpiarm64 ==== Subpackages: u-boot-rpiarm64-doc Patch queue updated from https://github.com/openSUSE/u-boot.git tumbleweed-2024.10 * Patches added: 0018-Revert-riscv-dts-jh7110-Update-qspi.patch boo#1231674 ==== vte ==== Version update (0.78.0 -> 0.78.1) - Update to version 0.78.1: + build: - Prepend python to minifont coverage cmd - Add missing includes + widget: - Improve the robustness of ringview updating - Make sure to update the ringview after a widget resize - termprops: Fix for double termprops + draw: - gsk: . Use fill_n to fill background . Draw cell background using scaled texture - Fix background drawing offset + tests: Remove excessive constrexpr ==== webkit2gtk3 ==== Version update (2.46.1 -> 2.46.2) Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 webkit2gtk-4_1-injected-bundles - Update to version 2.46.2: + Own well-known bus name on a11y bus. + Improve memory consumption when putImageData is used repeatedly on accelerated canvas. + Disable cached web process suspension for now to prevent leaks. + Improve text kerning with different combinations of antialias and hinting settings. + Destroy all network sessions on process exit. + Fix visible rectangle calculation when there are animations. + Fix the build with ENABLE_NOTIFICATIONS=OFF. + Fix the build with ENABLE_FULLSCREEN_API=OFF. + Fix the build with ENABLE_WEB_AUDIO=OFF. + Fix the build on ppc64le. + Fix several crashes and rendering issues. - Drop bug281495.patch: fixed upstream. ==== webkit2gtk4 ==== Version update (2.46.1 -> 2.46.2) Subpackages: libjavascriptcoregtk-6_0-1 libwebkitgtk-6_0-4 webkitgtk-6_0-injected-bundles - Update to version 2.46.2: + Own well-known bus name on a11y bus. + Improve memory consumption when putImageData is used repeatedly on accelerated canvas. + Disable cached web process suspension for now to prevent leaks. + Improve text kerning with different combinations of antialias and hinting settings. + Destroy all network sessions on process exit. + Fix visible rectangle calculation when there are animations. + Fix the build with ENABLE_NOTIFICATIONS=OFF. + Fix the build with ENABLE_FULLSCREEN_API=OFF. + Fix the build with ENABLE_WEB_AUDIO=OFF. + Fix the build on ppc64le. + Fix several crashes and rendering issues. - Drop bug281495.patch: fixed upstream. ==== wireplumber ==== Subpackages: libwireplumber-0_5-0 wireplumber-audio - Add patch from upstream to fix switching automatically the profile of non-bluetooth devices (boo#1231815): * 0001-autoswitch-bluetooth-profile-switch-only-Bluetooth-devices.patch - Add patch from upstream to fix switching automatically the profile when starting some apps and then switching to the previous profile: * 0002-autoswitch-bluetooth-profile-Switch-to-HSP_HFP-on-timeout.patch - Add patches from upstream to fix a couple of memory leaks: * 0003-m-mixer-api-Fix-memory-in-leak-wp_mixer_api_set_volume.patch * 0004-module-dbus-connection-fix-GCancellable-leak.patch ==== xf86-input-libinput ==== Version update (1.4.0 -> 1.5.0) - Update to version 1.5.0: * the compose and kana LEDs are now supported * tablet tools now have a property to indicate the tool serial and hw id (if any) * libinput's tablet tool pressure range config is now supported * libinput's clickfinger button map config is now supported * we remap some higher keycodes to FK20 and friends, paving the way for systemd/udev to map those properly in their hwdb files ==== xfsprogs ==== Version update (6.10.1 -> 6.11.0) - update to 6.11.0 - mkfs: break up the rest of the rtinit() function - mkfs: clean up the rtinit() function - xfs_repair: use library functions for orphanage creation - xfs_repair: use library functions to reset root/rbm/rsum inodes - xfs_repair: don't crash in get_inode_parent - xfs_repair: fix exchrange upgrade - xfs_db: port the iunlink command to use the libxfs iunlink function - xfs_db/mdrestore/repair: don't use the incore struct xfs_sb for offsets into struct xfs_dsb - xfs_db/mkfs/xfs_repair: port to use XFS_ICREATE_UNLINKABLE - xfs_db: port the unlink command to use libxfs_droplink - libxfs: implement get_random_u32 - libxfs: remove libxfs_dir_ialloc - libxfs: backport inode init code from the kernel - libxfs: pack icreate initialization parameters into a separate structure - xfs_io: add RWF_ATOMIC support to pwrite - libfrog: emulate deprecated attrlist functionality in libattr - misc: clean up code around attr_list_by_handle calls - fsck.xfs: fix fsck.xfs run by different shells when fsck.mode=force is set - libxfs: provide a memfd_create() wrapper if not present in libc - xfs_io: Fix fscrypt macros ordering - man: Update unit for fsx_extsize and fsx_cowextsize - xfs_db: release ip resource before returning from get_next_unlinked() - libxfs: kernel sync - ------------------------------------------------------------------ ==== xz ==== Version update (5.6.2 -> 5.6.3) Subpackages: liblzma5 - Update to 5.6.3: * liblzma: - Fix x86-64 inline assembly compatibility with GNU Binutils older than 2.27. - Fix the build with GCC 4.2 on OpenBSD/sparc64. * xzdec: Display an error instead of failing silently if the unsupported option -M is specified. * lzmainfo: Fix integer overflows when rounding the dictionary and uncompressed sizes to the nearest mebibyte. * Autotools-based build: - Fix feature checks with link-time optimization (-flto). - Solaris: Fix a compatibility issue in version.sh. It matters if one wants to regenerate configure by running autoconf. * CMake: - Use paths relative to ${prefix} in liblzma.pc when possible. This is done only with CMake >= 3.20. - Prefer a C11 compiler over a C99 compiler but accept both. - Link Threads::Threads against liblzma using PRIVATE so that - pthread and such flags won't unnecessarily get included in the usage requirements of shared liblzma. That is, target_link_libraries(foo PRIVATE liblzma::liblzma) no longer adds -pthread if using POSIX threads and linking against shared liblzma. The threading flags are still added if linking against static liblzma. * Updated translations: Catalan, Chinese (simplified), and Brazilian Portuguese. ==== zlib-ng-compat ==== Version update (2.2.1 -> 2.2.2) - Update to 2.2.2: * Changelog at https://github.com/zlib-ng/zlib-ng/releases/tag/2.2.2 - Install the ld.so configuration file also with the -32bit package, as otherwise biarch installs won't find that library (boo#1232065).