Packages changed: PackageKit (1.2.2 -> 1.2.4) aaa_base (84.87+git20210823.4c98889 -> 84.87+git20211102.80d7177) dnf (4.8.0 -> 4.10.0) gawk (5.1.0 -> 5.1.1) gdk-pixbuf glib2 (2.70.0 -> 2.70.1) haproxy (2.4.7+git0.b5e51a5e2 -> 2.4.8+git0.d1f8d41e0) ima-evm-utils (1.3.2 -> 1.4) libdnf (0.63.1 -> 0.65.0) librsvg (2.52.2 -> 2.52.3) libx86emu (3.3 -> 3.4) libzypp (17.28.6 -> 17.28.7) pam python-PyJWT (2.1.0 -> 2.3.0) python-SQLAlchemy (1.4.25 -> 1.4.26) python-chardet snappy === Details === ==== PackageKit ==== Version update (1.2.2 -> 1.2.4) Subpackages: PackageKit-backend-dnf libpackagekit-glib2-18 - Update to version 1.2.4: + Libraries: - Add specific error code when user declined interaction - Avoid spurious GObject::notify signal emissions - Correct 'cancellable' use in pk_client_repair_system_async() - Fix a leak on calling set_locale() a second time - Fix a possible use-after-free under pk_client_cancel_cb() - Improve thread safety on an operation cancellation + Backends: - dnf: . Read update information also when getting list of updates . Honor install_weak_deps=False if it is there . Use 'hy_query_get_advisory_pkgs', if available + New Features: - PkDetails: Add 'download-size' property - PkPackage: Add update severity property + Bugfixes: - Let the finish understand the 'cancelled' exit code - Make backends that use pk-backend-spawn work (#477) - Only set polkit interactive flag if method call has too - Changes from version 1.2.3: + Backends: - alpm: . Add post transaction hook . Rename errno to alpm_err to avoid name clashes - aptcc: Auto-remove old kernels, unless configured otherwise - dnf: Add support for coercing upgrade to distupgrade - zypp: . Make sure pool is initialized at the beginning of some methods . Reset update mode after getting updates + Bugfixes: - Append to cron log instead of overwriting it - Cancel a transaction if calling Cancel fails or the daemon disappears - Do not crash when calling pk_dbus_get_uid() before D-Bus is setup - Fix all compiler warnings - Fix multilib conflicts in generated pk-enum-types.h - Free scheduler array correctly again - Remove large transaction size sanity check - Drop patches fixed upstream: + PackageKit-zypp-cleanup-tmp-files.patch + PackageKit-zypp-reset-update-mode-after-get-updates.patch + PackageKit-dnf-Add-support-for-coercing-upgrade-to-distupgrade.patch + PackageKit-zypp-initialize-pool.patch + PackageKit-remove-transaction-size-limit.patch + PackageKit-cancel-transaction-if-daemon-disappears.patch + PackageKit-dnf-ignore-weak-deps.patch - Add 505.patch: pk-offline: Add flags to D-Bus invoking methods. That's currently to be able to set whether the method should be interactive or not. The old functions call the methods as non-interactive. - Remove obsolete translation-update-upstream support (jsc#SLE-21105). ==== aaa_base ==== Version update (84.87+git20210823.4c98889 -> 84.87+git20211102.80d7177) - Update to version 84.87+git20211102.80d7177: * Add $HOME/.local/bin to PATH, if it exists (bsc#1192248) * Avoid tcsh undefined LANG variable (boo#1190142) ==== dnf ==== Version update (4.8.0 -> 4.10.0) - Update 4.10.0 + Add support for autodetecting packages to be excluded from being installed as weak dependencies (rh#1699672) + Add support for excluding packages to be installed as weak dependencies (rh#1699672) + Add fail_fast parameter to download_payloads methods for use in reposync + Acquire all relevant locks during "dnf clean" + API: Raise CompsError when group/env not found in install_group and install_environment (rh#1947958) + [API] Add method "set_or_append_opt_value" to BaseConfig (rh#1967925) + Add aliases for commands: info, updateinfo, provides (rh#1938333) + Add report about demodularized rpms into module info (rh#1805260) + Remove DNSSEC errors on COPR group email keys + Documentation inprovements - rh#1938352, rh#1993899, rh#1963704 ==== gawk ==== Version update (5.1.0 -> 5.1.1) - GNU awk 5.1.1 * asort and asorti now allow FUNCTAB and SYMTAB as the first argument if a second destination array is supplied. Similarly, using either array as the second argument is now a fatal error. Additionally, using either array as the destination for split(), match(), etc. also causes a fatal error. * The new -I/--trace option prints a trace of the byte codes as they are executed. * A number of subtle bugs relating to MPFR mode that caused differences between regular operation and MPFR mode have been fixed. * The API now handles MPFR/GMP values slightly differently, requiring different memory management for those values. * $0 and the fields are now cleared before starting a BEGINFILE rule. * Handling of Infinity and NaN values has been improved * The "no effect" lint warnings have been fixed up and now behave more sanely. * The behavior of strongly-typed regexp constants when passed as the third argument to sub() or gsub() has been clarified in the code and in the manual. * Similar to item #4 above, division by zero is now fatal in MPFR mode, as it is in regular mode. ==== gdk-pixbuf ==== Subpackages: gdk-pixbuf-query-loaders libgdk_pixbuf-2_0-0 - Stop passing no longer used nor recognized options jasper=false and x11=false to meson, fails the build when using meson 0.60.x. - Remove obsolete translation-update-upstream support (jsc#SLE-21105). ==== glib2 ==== Version update (2.70.0 -> 2.70.1) Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 - Update to version 2.70.1: + Fix network changes not being signalled from NetworkManager. + Fix build when building with --fatal-meson-warnings. + Bugs fixed: glgo#GNOME/GLib#2505, glgo#GNOME/GLib!2245, glgo#GNOME/GLib!2253, glgo#GNOME/GLib!2256, glgo#GNOME/GLib!2259, glgo#GNOME/GLib!2262, glgo#GNOME/GLib!2271, glgo#GNOME/GLib!2276, glgo#GNOME/GLib!2300, glgo#GNOME/GLib!2301, glgo#GNOME/GLib!2302, glgo#GNOME/GLib!2304. - Refresh patches with quilt. ==== haproxy ==== Version update (2.4.7+git0.b5e51a5e2 -> 2.4.8+git0.d1f8d41e0) - Update to version 2.4.8+git0.d1f8d41e0: * [RELEASE] Released version 2.4.8 * SCRIPTS: git-show-backports: re-enable file-based filtering * DOC/peers: some grammar fixes for peers 2.1 spec * MINOR: stream: Improve dump of bogus streams * BUILD/MINOR: cpuset freebsd build fix * DOC: config: Fix alphabetical order of fc_* samples * BUG/MINOR: sample: fix backend direction flags consecutive to last fix * BUG/MEDIUM: sample: Cumulate frontend and backend sample validity flags * BUG/MEDIUM: stream-int: Block reads if channel cannot receive more data * BUG/MINOR: http: Authorization value can have multiple spaces after the scheme * BUG/MEDIUM: http-ana: Drain request data waiting the tarpit timeout expiration * MINOR: halog: Add support for extracting captures using -hdr * BUG/MINOR: halog: Add missing newlines in die() messages * CLEANUP: halog: Use consistent indentation in help() * MINOR: halog: Rename -qry to -query * DOC: halog: Move the `-qry` parameter into the correct section in help text * MINOR: halog: Add -qry parameter allowing to preserve the query string in -uX * BUG/MEDIUM: resolvers: Track api calls with a counter to free resolutions * BUG/MEDIUM: resolvers: Don't recursively perform requester unlink * MEDIUM: resolvers: remove the last occurrences of the "safe" argument * MEDIUM: resolvers: use a kill list to preserve the list consistency * CLEANUP: resolvers: replace all LIST_DELETE with LIST_DEL_INIT * CLEANUP: resolvers: simplify resolv_link_resolution() regarding requesters * CLEANUP: always initialize the answer_list * CLEANUP: resolvers: do not export resolv_purge_resolution_answer_records() * BUG/MEDIUM: mux-h1: Perform a connection shutdown when the h1c is released * BUG/MINOR: mux-h1: Save shutdown mode if the shutdown is delayed * BUILD: atomic: fix build on mac/arm64 * BUG/MINOR: backend: fix improper insert in avail tree for always reuse * BUILD: fix compilation on NetBSD * MINOR: memprof: add one pointer size to the size of allocations * MINOR: memprof: report the delta between alloc and free on realloc() * BUG/MEDIUM: lua: fix memory leaks with realloc() on non-glibc systems * BUG/MINOR: mux-h2: do not prevent from sending a final GOAWAY frame * BUG/MINOR: task: do not set TASK_F_USR1 for no reason * BUG/MAJOR: buf: fix varint API post- vs pre- increment * BUG/MEDIUM: resolvers: always check a valid item in query_list * BUILD: resolvers: avoid a possible warning on null-deref * BUG/MAJOR: resolvers: add other missing references during resolution removal * MINOR: resolvers: merge address and target into a union "data" * BUG/MEDIUM: resolvers: use correct storage for the target address * BUG/MEDIUM: resolvers: fix truncated TLD consecutive to the API fix * MINOR: resolvers: fix the resolv_dn_label_to_str() API about trailing zero * BUG/MINOR: resolvers: do not reject host names of length 255 in SRV records * BUG/MEDIUM: resolver: make sure to always use the correct hostname length * MINOR: resolvers: fix the resolv_str_to_dn_label() API about trailing zero * BUG/MAJOR: dns: attempt to lock globaly for msg waiter list instead of use barrier * BUG/MAJOR: dns: tcp session can remain attached to a list after a free * BUG/MEDIUM: tcpcheck: Properly catch early HTTP parsing errors * Revert "CLEANUP: server: always include the storage for SSL settings" * BUG/MEDIUM: stream: Keep FLT_END analyzers if a stream detects a channel error * BUG/MEDIUM: cpuset: fix cpuset size for FreeBSD * BUG/MINOR: sample: Fix 'fix_tag_value' sample when waiting for more data * BUG/MINOR: http-ana: Don't eval front after-response rules if stopped on back * MINOR: initcall: Rename __GLOBL and __GLOBL1. * DOC: configuration: add clarification on escaping in keyword arguments * BUG/MEDIUM: mux_h2: Handle others remaining read0 cases on partial frames * BUG/MEDIUM: sample: properly verify that variables cast to sample * MINOR: sample: provide a generic var-to-sample conversion function * CLEANUP: sample: uninline sample_conv_var2smp_str() * CLEANUP: sample: rename sample_conv_var2smp() to *_sint * CLEANUP: server: always include the storage for SSL settings ==== ima-evm-utils ==== Version update (1.3.2 -> 1.4) - Update to version 1.4 * Elliptic curve support and tests * PKCS11 support and tests * Ability to manually specify the keyid included in the IMA xattr * Improve IMA measurement list per TPM bank verification * Linking with IBM TSS * Set default hash algorithm in package configuration * (Minimal) support and test EVM portable signatures * CI testing: * Refresh and include new distros * Podman support * GitHub Actions * Limit "sudo" usage * Misc bug fixes and code cleanup * Fix static analysis bug reports, memory leaks * Remove experimental code that was never upstreamed in the kernel * Use unsigned variable, remove unused variables, etc - Upstream bumped soname to 3.0.0 ==== libdnf ==== Version update (0.63.1 -> 0.65.0) Subpackages: libdnf-repo-config-zypp libdnf2 - Update to 0.65.0 + Add support for excluding packages to be installed as weak dependencies + Add support for autodetecting packages to be excluded from being installed as weak dependencies + Turn off strict validation of modulemd documents (rh#2004853, rh#2007166, rh#2007167) + Implement logic for demodularization of modular rpms (rh#1805260) + DnfContext: fix handling of default module profiles + ModuleMetadata: gracefully handle modules with no defaults + Remove failovermethod config option (rh#1961083) ==== librsvg ==== Version update (2.52.2 -> 2.52.3) Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 - Add cargo audit obs service - Update to version 2.52.3: + Bugfixes, mostly for text layout. Also, text links in PDF! - Support text-decoration=overline. - Basic support for the unicode-bidi property. Librsvg still considers each tspan independently of others, which is incorrect, but at least bidi-override works now for a single embedding level. - Fix placement of tspan that changes the text direction. - :lang() selector should now match lang attribute from an element's parent. - Fix the text-anchor property for right-to-left text. - PDF now includes links inside text elements. ==== libx86emu ==== Version update (3.3 -> 3.4) - merge gh#wfeldt/libx86emu#39 - fix test suite for 32-bit architectures - 3.4 ==== libzypp ==== Version update (17.28.6 -> 17.28.7) - Check log writer before accessing it (fixes #355, bsc#1192337) - Save locks: Update an existing locks changed comment string. - Allow uname-r format in purge kernels keepspec (fixes openSUSE/zypper#418) - version 17.28.7 (22) ==== pam ==== Subpackages: pam_unix - Add /run/pam_timestamp to pam.tmpfiles - Corrected macro definition of %_pam_moduledir: %_pam_moduledir %{_libdir}/security [macros.pam] - Prepend a slash to the expansion of %{_lib} in macros.pam as this are defined without a leading slash! ==== python-PyJWT ==== Version update (2.1.0 -> 2.3.0) - Update to 2.3.0 * Revert "Remove arbitrary kwargs." (#701) * Add exception chaining (#702) - from version 2.2.0 * Remove arbitrary kwargs. (#657) * Use timezone package as Python 3.5+ is required. (#694) * Assume JWK without the "use" claim is valid for signing as per RFC7517 (#668) * Prefer `headers["alg"]` to `algorithm` in `jwt.encode()`. (#673) * Fix aud validation to support {'aud': null} case. (#670) * Make `typ` optional in JWT to be compliant with RFC7519. (#644) * Remove upper bound on cryptography version. (#693) * Add support for Ed448/EdDSA. (#675) ==== python-SQLAlchemy ==== Version update (1.4.25 -> 1.4.26) - update to version 1.4.26: * a repair to the workings of the update() statement in an ORM context when used with hybrid and composite attributes. * Fixes for the with_loader_criteria() ORM option * adjustments to the ORM Session interface to accommodate for new API features * some new legacy warnings for lesser used patterns with Query.join() * SQL / ORM fixes for the use case of selecting from repeated, non-labeled column expressions, typically the null() construct when used as a placeholder in a UNION statement. * For PostgreSQL, refinements to the "expanding IN" SQL feature when used with PostgreSQL ARRAY datatypes as well as fixes for the mostly PostgreSQL-specific any_() and all_() column methods. * For MySQL, repaired support for new behaviors in MariaDB 10.6 * For SQL Server, reflection fixes and improvements for foreign key constraints as well table /view detection. ==== python-chardet ==== - Use libalternatives instead of update-alternatives. ==== snappy ==== - Re-enable RTTI, without which other applications can't subclass snappy::Source (this breaks Ceph, as one example) - Add reenable-rtti.patch