Packages changed: Mesa (24.3.0 -> 24.3.1) Mesa-drivers (24.3.0 -> 24.3.1) cdparanoia gawk gegl gobject-introspection grub2 hwdata (0.389 -> 0.390) kwin6 libdrm (2.4.123 -> 2.4.124) libplist libqt5-qtwebengine (5.15.17 -> 5.15.18) libsoup libstorage-ng (4.5.219 -> 4.5.220) libtpms (0.9.6 -> 0.10.0) liburing (2.6 -> 2.8) libvirt (10.9.0 -> 10.10.0) llvm19 (19.1.4 -> 19.1.5) luajit mariadb mc meson nvidia-open-driver-G06-signed-cuda (560.35.03_k6.11.8_1 -> 565.57.01_k6.11.8_1) openSUSE-release (20241204 -> 20241208) pam pam-full-src plymouth psmisc publicsuffix (20240722 -> 20241202) python-MarkupSafe python-bcrypt (4.2.0 -> 4.2.1) python-libvirt-python (10.9.0 -> 10.10.0) python-netaddr (1.2.1 -> 1.3.0) python-pexpect python-rich python311 (3.11.10 -> 3.11.11) python311-core (3.11.10 -> 3.11.11) qt6-base (6.8.0 -> 6.8.1) qt6-declarative (6.8.0 -> 6.8.1) qt6-imageformats (6.8.0 -> 6.8.1) qt6-multimedia (6.8.0 -> 6.8.1) qt6-networkauth (6.8.0 -> 6.8.1) qt6-positioning (6.8.0 -> 6.8.1) qt6-qt5compat (6.8.0 -> 6.8.1) qt6-quick3d (6.8.0 -> 6.8.1) qt6-quicktimeline (6.8.0 -> 6.8.1) qt6-sensors (6.8.0 -> 6.8.1) qt6-shadertools (6.8.0 -> 6.8.1) qt6-speech (6.8.0 -> 6.8.1) qt6-svg (6.8.0 -> 6.8.1) qt6-tools (6.8.0 -> 6.8.1) qt6-translations (6.8.0 -> 6.8.1) qt6-virtualkeyboard (6.8.0 -> 6.8.1) qt6-wayland (6.8.0 -> 6.8.1) qt6-webchannel (6.8.0 -> 6.8.1) qt6-webengine (6.8.0 -> 6.8.1) qt6-webview (6.8.0 -> 6.8.1) re2c (3.1 -> 4.0.1) sdbootutil (1+git20241112.ecf5f97 -> 1+git20241206.dccea55) selinux-policy (20241118 -> 20241206) swtpm (0.9.0 -> 0.10.0) virt-manager wireplumber (0.5.6 -> 0.5.7) xen (4.19.0_06 -> 4.19.1_02) xorg-x11-server === Details === ==== Mesa ==== Version update (24.3.0 -> 24.3.1) Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - Update to release 24.3.1 - -> https://docs.mesa3d.org/relnotes/24.3.1 ==== Mesa-drivers ==== Version update (24.3.0 -> 24.3.1) Subpackages: Mesa-dri Mesa-gallium Mesa-libva - Update to release 24.3.1 - -> https://docs.mesa3d.org/relnotes/24.3.1 ==== cdparanoia ==== Subpackages: libcdda_interface0 libcdda_paranoia0 - fix loongarch64 build by not replacing config.guess/sub, our rpmbuid is already taking care ==== gawk ==== - Reenable pma tests ==== gegl ==== Subpackages: gegl-0_4 libgegl-0_4-0 - Disable luajit on LoongArch64 ==== gobject-introspection ==== Subpackages: girepository-1_0 libgirepository-1_0-1 - Fix dependency generation for loongarch64. - Add python3-setuptools Requires: needed for python 3.13 which dropped distutils; setuptools now provides it. ==== grub2 ==== Subpackages: grub2-arm64-efi grub2-common grub2-snapper-plugin grub2-systemd-sleep-plugin - Update the TPM2 patches to the upstream final version * Update 0001-key_protector-Add-key-protectors-framework.patch * Replace 0002-tpm2-Add-TPM-Software-Stack-TSS.patch with grub2-add-tss2-support.patch * Replace 0003-key_protector-Add-TPM2-Key-Protector.patch with 0001-key_protector-Add-TPM2-Key-Protector.patch * Replace 0005-util-grub-protect-Add-new-tool.patch with 0001-util-grub-protect-Add-new-tool.patch * Replace 0001-tpm2-Implement-NV-index.patch with 0001-tpm2_key_protector-Implement-NV-index.patch * Replace 0001-tpm2-Support-authorized-policy.patch with 0001-tpm2_key_protector-Support-authorized-policy.patch - Refresh the TPM2 related patches * grub-read-pcr.patch * 0001-tpm2-Add-extra-RSA-SRK-types.patch * grub2-bsc1220338-key_protector-implement-the-blocklist.patch * safe_tpm_pcr_snapshot.patch * tpm-record-pcrs.patch ==== hwdata ==== Version update (0.389 -> 0.390) - update to 0.390: * Update pci and vendor ids ==== kwin6 ==== Subpackages: kwin6-x11 libkwin6 - Fix the pipewire BuildRequires condition for Leap 15.6 ==== libdrm ==== Version update (2.4.123 -> 2.4.124) Subpackages: libdrm2 libdrm_amdgpu1 libdrm_nouveau2 libdrm_radeon1 - update to 2.4.124 * include/drm/README: update drm-next link to use gitlab instead of cgit * modetest: simplify planar YUV handling * modetest: add support for YUV422 and YUV444 plane format * xf86drm: print AMD modifiers properly * tests/util: Call `drmGetDevices2()` instead of `drmOpen()`ing all modules * android: add genrule for generated_static_table_fourcc.h * modetest: Make modetest availble to vendor on Android * build: simplify Linux system check ==== libplist ==== - add setuptools buildrequires (needed for python 3.13) ==== libqt5-qtwebengine ==== Version update (5.15.17 -> 5.15.18) - Update to version 5.15.18: * Bump version to 5.15.18 * Fix build errors with -no-opengl configuration * Fixup "Add option to chose python version for building 5.15 WebEngine" * [Backport] CVE-2024-9602: Type Confusion in V8 * [Backport] CVE-2024-9603: Type Confusion in V8 * FIXUP: [Backport] CVE-2024-7965: Inappropriate implementation in V8 * [Backport] CVE-2024-45492 / Security bug 364778067 * [Backport] CVE-2024-9123: Integer overflow in Skia * [Backport] CVE-2024-5158: Type Confusion in V8 * [Backport] CVE-2024-7971: Type confusion in V8 * [Backport] CVE-2024-4761: Out of bounds write in V8 * [Backport] CVE-2024-8636: Heap buffer overflow in Skia * [Backport] CVE-2024-8198: Heap buffer overflow in Skia * [Backport] Security bug 346799730 * [Backport] CVE-2024-7967: Heap buffer overflow in Fonts * [Backport] CVE-2024-7965: Inappropriate implementation in V8 * [Backport] CVE-2024-7532: Out of bounds memory access in ANGLE * Fix build with GCC 15 * [Backport] CVE-2024-7536: Use after free in WebAudio * [Backport] Dependency for CVE-2024-7536 * [Backport] Security bug 338574384 * [Backport] CVE-2024-6996: Race in Frames * [Backport] CVE-2024-6989: Use after free in Loader * [Backport] CVE-2024-6291: Use after free in Swiftshader * [Backport] CVE-2024-5846: Use after free in PDFium * [Backport] Security bug 340606786 * [Backport] CVE-2024-5496: Use after free in Media Session * [Backport] Dependency for CVE-2024-3914 * [Backport] Security bug 329699609 * [Backport] CVE-2024-3914: Use after free in V8 * [Backport] CVE-2024-4558: Use after free in ANGLE * [Backport] Security bug 327698060 * [Backport] CVE-2024-4058: Type Confusion in ANGLE * [Backport] Security bug 40940917 * [Backport] CVE-2024-3837: Use after free in QUIC * [Backport] CVE-2024-3839: Out of bounds read in Fonts * Fix dependecy when compiling content/browser * [Backport] CVE-2024-3516: Heap buffer overflow in ANGLE * [Backport] CVE-2024-3157: Out of bounds write in Compositing * [Backport] Security bug 329674887 * Prevent duplicate definition of blink::ResolveColor in jumbo builds ==== libsoup ==== Subpackages: libsoup-3_0-0 typelib-1_0-Soup-3_0 - Increase test timeout on s390x. The http2-body-stream test can be slow and sometimes times out in our builds. ==== libstorage-ng ==== Version update (4.5.219 -> 4.5.220) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#1002 - fixed removing descendants - 4.5.220 ==== libtpms ==== Version update (0.9.6 -> 0.10.0) - Use gcc/g++-13 on Leap to fix the following failure: "tpm2_setprofile.c:49:24: error: initializer element is not constant" - Add tpm2-Add-padding-to-OBJECT-for-32bit-targets.patch - Update to 0.10.0: * tpm2: Support for profiles: default-v1 & custom * tpm2: Add new API call TPMLIB_SetProfile to enable user to set a profile * tpm2: Extende TPMLIB_GetInfo to return profiles-related info * tpm2: Implemented crypto tests and restrictions on crypto related to FIPS-140-3; can be enabled with profiles * tpm2: Enable Camellia-192 and AES-192 * tpm2: Implement TPMLIB_WasManufactured API call * tpm2: Fixes for issues detected by static analyzers * tpm2: Use OpenSSL-based KDFe implementation if possible * tpm2: Update to TPM 2 spec rev 183 (many changes) * tpm2: Better support for OpenSSL 3.x * tpm2: Use Carmichael function for RSA priv. exponent D (>= 2048 bits) * tpm2: Fixes for CVE-2023-1017 and CVE-2023-1018 * tpm2: Fix of SignedCompareB(). - NOTE: This fix may result in backwards compatibility issues with PCR policies used by TPM2_PolicyCounterTimer and TPM2_PolicyNV when upgrading from v0.9 to v0.10. ==== liburing ==== Version update (2.6 -> 2.8) - switch URLs to the current location on github - Update to 2.8 * Add support for incrementally/partially consumed provided buffers, usable with the provided buffer ring support. * Add support for foo_and_wait_min_timeout(), where it's possible to define a minimum timeout for waiting to get batches of completions, but if that fails, extend for a longer timeout without having any extra context switches. * Add support for using different clock sources for completion waiting. * Great increase coverage of test cases, test case improvements and fixes. * Don't leak _GNU_SOURCE via pkb-config --cflags * Support for address sanitizer * Add examples/kdigest sample program * Add discard helper, test, and man page * Man page updates * Sync with kernel 6.10 * send/recv bundle support * accept nowait and CQE_F_MORE * Add and update test cases * Fix io_uring_queue_init_mem() returning a value that was too small, potentially causing memory corruption in userspace by overwriting 64 bytes beyond the returned value. Also add test case for that. * Add 64-bit length variants of io_uring_prep_{m,f}advise() * Add BIND/LISTEN support and helpers / man pages * Add io_uring_enable_rings.3 man page * Fix bug in io_uring_prep_read_multishot() * Fixup bundle test cases * Add fixed-hugepage test case * Fix io_uring_prep_fixed_fd_install.3 man page * Note 'len' == 0 requirement in io_uring_prep_send.3 man page * Fix some test cases for skipping on older kernels - drop (they are upstream) * test-buf-ring-nommap-skip-the-test-on-queue-init-ENO.patch * test-buf-ring-nommap-zero-the-ringbuf-memory.patch - add * 0001-test-init-mem-zero-the-ringbuf-memory.patch * 0001-test-rsrc_tags-use-correct-buffer-index-for-test.patch - cleanup spec file ==== libvirt ==== Version update (10.9.0 -> 10.10.0) Subpackages: libvirt-client libvirt-daemon-common libvirt-daemon-config-network libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lock libvirt-daemon-log libvirt-daemon-plugin-lockd libvirt-daemon-qemu libvirt-libs - Update to libvirt 10.10.0 - jsc#PED-8909, jsc#PED-9543, jsc#9854, jsc#9855 - Many incremental improvements and bug fixes, see https://libvirt.org/news.html#v10-10-0-2024-12-02 ==== llvm19 ==== Version update (19.1.4 -> 19.1.5) Subpackages: clang-tools clang19 libLLVM19 libclang-cpp19 libclang13 libclang_rt19 llvm19-gold - Update to version 19.1.5. * This release contains bug-fixes for the LLVM 19.1.0 release. This release is API and ABI compatible with 19.1.0. - Rebase llvm-do-not-install-static-libraries.patch. ==== luajit ==== - No loongarch64 support yet - turn around the logic to known supported architectures ==== mariadb ==== Subpackages: libmariadbd19 mariadb-client mariadb-errormessages - Fix test for SSL connection init with openssl 3.2.3. * Added mariadb-fix-testsuite-openssl3.2.3.patch ==== mc ==== Subpackages: mc-lang - Add mc-ext-obscpio.patch making mc handle SUSE *.obscpio archives (bsc#1233006). ==== meson ==== Subpackages: meson-vim - Add 13935.patch: Fix test suite with rust 1.83. ==== nvidia-open-driver-G06-signed-cuda ==== Version update (560.35.03_k6.11.8_1 -> 565.57.01_k6.11.8_1) - Make sure the correct FW package is installed on non-CUDA. - kmp-trigger.sh: * avoid to return with exit code != 0 if modules could not be unloaded for some reason - only obsolete 555 CUDA driver/firmware packages - preamble: no longer need to provide nvidia-open-driver-G06-kmp because since 565.57.01 to the list of requires of nvidia-compute-G06 the -signed packages has been added - For CUDA update version to 565.57.01 - Add 'dummy' firmware package on SLE to work around update issues. On SLE, the firmware is installed directly from an NVIDIA-hosted repo. - preamble * resolve self conflicts of -cuda KMP during update by adding obsoletes to older versions (boo#1233332) - fixed my wrong patch 550.135.patch I introduced right below; it fixed x86_64 build more-or-less accidently but broke aarch64 build completely ... - Improve handling of conflicts between different flavors (gfx vs. CUDA) (bsc#1233332). - Update to 550.135 (boo#1233673) - 550.135.patch: * fixes wrong logic for checking supported architectures ==== openSUSE-release ==== Version update (20241204 -> 20241208) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== pam ==== - pam_access: rework resolving of tokens as hostname - separate resolving of IP addresses from hostnames. Don't resolve TTYs or display variables as hostname. - Add "nodns" option to disallow resolving of tokens as hostname. - [pam_access-rework-resolving-of-tokens-as-hostname.patch, bsc#1233078, CVE-2024-10963] ==== pam-full-src ==== Subpackages: pam-extra pam-manpages - pam_access: rework resolving of tokens as hostname - separate resolving of IP addresses from hostnames. Don't resolve TTYs or display variables as hostname. - Add "nodns" option to disallow resolving of tokens as hostname. - [pam_access-rework-resolving-of-tokens-as-hostname.patch, bsc#1233078, CVE-2024-10963] ==== plymouth ==== Subpackages: libply-splash-core5 libply-splash-graphics5 libply5 plymouth-dracut plymouth-lang plymouth-plugin-label plymouth-plugin-two-step plymouth-scripts plymouth-theme-bgrt plymouth-theme-spinner - Remove plymouth-only_use_fb_for_cirrus_bochs.patch: Bochs and cirrus DRM drivers are fully compatible with plymouth. Remove the workaround that forces them to use fbdev. Resolves the blank screen when disabling fbdev interfaces.(bsc#1232727) ==== psmisc ==== - add loongarch64 as peekfd supported arch ==== publicsuffix ==== Version update (20240722 -> 20241202) - Update to version 20241202: * remove `upli.io` (#2302) * added o365 sub domain (#2291) * tools/internal/parser: enforce suffix ordering in the ICANN section (#2295) * chore: Fix Alphabetizing for the ICANN section (#2287) * remove `mcpe.me` (#2294) * util: gTLD data autopull updates for 2024-11-27T15:18:00 UTC (#2293) * Update `.EG` Section (#2290) * Adding RUB domain (#2292) * Update `.TW` Section (#2289) * Update `.CV` Section (#2286) * Update company name and email address (#2285) * Update `.GE` Section (#2283) * Update `.BO` (#2276) * Update `.DM` Block (#2277) * Update `.MG` Section (#2274) * chore: Update `.AF` Section link and sorting (#2279) * chore: Update `.CW` Section comments (#2281) * update `.tt` section (#2272) * remove `betainabox.com` (#2259) * Update `.AZ` comments and fix sorting (#2275) * alphabetise `.tm` section + add confirmation comment (#2268) * Update `.RE` Section (#2271) * Update `.CO` Section (#2269) * Update `.PL` comments and fix alphabetical sorting (#2270) * Update `.SG` Section (#2273) * Update 2nd levels for .JO (Jordan) section (#2264) * remove `nom.ad` (#2263) * Update .IS (#2266) * Update .AU Section (#2267) * Heyflow GmbHs domains heyflow.page and heyflow.site * Adding LODMAN regional domains * Master to main for the remote action in the website remote * chore(pr_template): remove syntax check (#2252) * Add pages-research.it.hs-heilbronn.de (#2253) * Update deploy-site.yml * remove `corpnet.work`, update contact info (#2247) * add `co.bz` (#2249) * move `wdh.app` to new section (#2246) * remove `bci.dnstrace.pro` (#2245) * remove `onred.one` (#2244) * util: gTLD data autopull updates for 2024-10-31T15:17:41 UTC (#2242) * Add home.arpa (#2220) * Add `taveusercontent.com` (#2239) * Add ip-ddns.com and ddns-ip.net (#2234) * Add grafana-dev.net to public suffix list (#2188) * chore: remove 2nd level comment for `.sk` (#2238) * Remove `presse.ci` and `md.ci`, other ccTLD stubs not associated w respective registry (#2198) * update `.io` section (#2236) * Remove `gov.cu` (#2233) * Remove Handshake suffixes (#2222) * internal/parser: add PublicSuffix and RegisteredDomain methods to List (#2228) * Add cloud-ip.biz and ip-dynamic.org for ClouDNS (#2202) * Add co.ss (#2144) * Add `org.ao`, `edu.ao`, `gov.ao` ccTLD (ICANN section) (#2145) * util: gTLD data autopull updates for 2024-10-17T15:16:22 UTC (#2226) * chore: update is-a.dev contact info (#2225) * Remove bloxcms.com in public suffix list - no longer needed (#2224) * Remove ddns5.com (#2221) * Make TXT validation use local git history (#2217) * Improve psltool PR check (#2218) * Remove beta.tailscale.net (#2216) * util: gTLD data autopull updates for 2024-10-15T15:17:29 UTC (#2219) * Remove `museum.mw` (#2203) * Update `.NA` entries (#2204) * Remove `ne.pw` (#2200) * Remove inactive or expired yombo domains (#2173) * Remove old Python PR checker * Add medusajs.app domain to public list (#2211) * Remove Banzai Cloud (#2215) * tools/internal/github: correctly handle github's mergeability updates (#2214) * tools/internal/parser: check TXT records (#2213) * remove `preview.wdh.app`, `t.hrsn.dev`, `t.hrsn.net` (#2208) * Update PR Template Requiring Abuse Contact for Subdomain Registry Requestors (#2201) * remove `paris.eu.org` (#2147) * remove `blogspot.mr` (#2100) * Adding ArvanCloud arvanedge.ir Compute Domain to public suffix list (#2205) * remove `q-a.eu.org` (#2146) * AWS Submissions to the Public Suffix List - Q3 2024 (#2032) * Remove `bounty-full.com` to rollback #104 (#2163) * Add back `cnpy.gdn` to restore #633 (#2194) * Remove `cnpy.gdn` to rollback #633 (#2174) * Br 20240930 update (#2192) * add mittwald product domains (#2171) * util: gTLD data autopull updates for 2024-09-26T15:17:07 UTC (#2191) * Remove `certmgr.org` to roll back #225 (#2164) * Remove dyn53.io to rollback #820 (#2161) * Remove `forte.id` to rollback #1081 (#2166) * Remove `daplie.me` to rollback commit a4d8335 (#2162) * remove exception in CI for duplicate sections (#2180) * combine duplicate sections (#2168) * tools/internal/domain: add functions to render a domain as punycode (#2179) * tools/psltool: allow checking the PSL for an arbitrary commit on github (#2177) * tools/internal/github: support loading PR diffs for merged PRs (#2176) * tools/internal: wrap use of collators in mutexes (#2175) * Add `hf.space` and `static.hf.space` to `public_suffix_list.dat` (#2157) * Update `prvcy.page` contact email (#2182) * Add shopware.shop to public suffix list (#2187) * Remove domain:ktistory.com from PSL (#2181) ... changelog too long, skipping 90 lines ... * remove `c.la` (#2044) ==== python-MarkupSafe ==== - The test suite survives without ca-certificates-mozilla-prebuilt now, so we can remove BR (and avoid deadly cycles). - add buildignores to break buildcycle over p11-kit/dbus-1/systemd:mini/python-MarkupSafe ==== python-bcrypt ==== Version update (4.2.0 -> 4.2.1) - Update to 4.2.1 * Bump version for 4.2.1 (#914) * Bump bcrypt from 0.15.1 to 0.16.0 in /src/_bcrypt (#912) * Fix warnings from pyo3 0.23 (#911) * Bump pyo3 from 0.22.6 to 0.23.1 in /src/_bcrypt (#909) * Bump libc from 0.2.162 to 0.2.164 in /src/_bcrypt (#910) * Bump cpufeatures from 0.2.14 to 0.2.15 in /src/_bcrypt (#908) * Bump libc from 0.2.161 to 0.2.162 in /src/_bcrypt (#907) * Bump pypa/gh-action-pypi-publish from 1.12.0 to 1.12.2 (#906) * Bump pyo3 from 0.22.5 to 0.22.6 in /src/_bcrypt (#905) * Bump pypa/gh-action-pypi-publish from 1.11.0 to 1.12.0 (#904) * Bump syn from 2.0.86 to 2.0.87 in /src/_bcrypt (#903) * Bump syn from 2.0.85 to 2.0.86 in /src/_bcrypt (#902) * Bump pypa/gh-action-pypi-publish from 1.10.3 to 1.11.0 (#901) * Bump actions/setup-python from 5.2.0 to 5.3.0 (#899) * Bump syn from 2.0.82 to 2.0.85 in /src/_bcrypt (#898) * Bump actions/checkout from 4.2.1 to 4.2.2 (#897) * Bump actions/cache from 4.1.1 to 4.1.2 (#896) * Bump proc-macro2 from 1.0.88 to 1.0.89 in /src/_bcrypt (#895) * Bump syn from 2.0.79 to 2.0.82 in /src/_bcrypt (#894) * Bump libc from 0.2.159 to 0.2.161 in /src/_bcrypt (#893) * Bump proc-macro2 from 1.0.87 to 1.0.88 in /src/_bcrypt (#892) * Bump pyo3 from 0.22.4 to 0.22.5 in /src/_bcrypt (#891) * Bump pyo3 from 0.22.3 to 0.22.4 in /src/_bcrypt (#890) * Update CI for 3.13 (#888) * Bump actions/upload-artifact from 4.4.2 to 4.4.3 (#889) * Bump actions/upload-artifact from 4.4.1 to 4.4.2 (#886) * Bump actions/cache from 4.1.0 to 4.1.1 (#887) * Bump proc-macro2 from 1.0.86 to 1.0.87 in /src/_bcrypt (#884) * Bump actions/upload-artifact from 4.4.0 to 4.4.1 (#883) * Bump actions/checkout from 4.2.0 to 4.2.1 (#882) * Bump actions/cache from 4.0.2 to 4.1.0 (#881) * Bump once_cell from 1.20.1 to 1.20.2 in /src/_bcrypt (#880) * Bump once_cell from 1.20.0 to 1.20.1 in /src/_bcrypt (#878) * Bump portable-atomic from 1.8.0 to 1.9.0 in /src/_bcrypt (#877) * Bump syn from 2.0.77 to 2.0.79 in /src/_bcrypt (#879) * Bump autocfg from 1.3.0 to 1.4.0 in /src/_bcrypt (#876) * Bump actions/checkout from 4.1.7 to 4.2.0 (#875) * Bump libc from 0.2.158 to 0.2.159 in /src/_bcrypt (#874) * Bump portable-atomic from 1.7.0 to 1.8.0 in /src/_bcrypt (#873) * Bump once_cell from 1.19.0 to 1.20.0 in /src/_bcrypt (#871) * Bump pyo3 from 0.22.2 to 0.22.3 in /src/_bcrypt (#872) * Bump unicode-ident from 1.0.12 to 1.0.13 in /src/_bcrypt (#870) * Bump cpufeatures from 0.2.13 to 0.2.14 in /src/_bcrypt (#869) * Bump actions/attest-build-provenance from 1.4.2 to 1.4.3 (#868) * Correctly use `console` language fence (#867) * Bump actions/upload-artifact from 4.3.6 to 4.4.0 (#866) * Bump syn from 2.0.76 to 2.0.77 in /src/_bcrypt (#865) * Bump actions/setup-python from 5.1.1 to 5.2.0 (#862) * Bump syn from 2.0.75 to 2.0.76 in /src/_bcrypt (#861) * Bump actions/attest-build-provenance from 1.4.1 to 1.4.2 (#859) * Bump quote from 1.0.36 to 1.0.37 in /src/_bcrypt (#858) * Bump libc from 0.2.157 to 0.2.158 in /src/_bcrypt (#857) * Bump syn from 2.0.74 to 2.0.75 in /src/_bcrypt (#855) * Bump libc from 0.2.156 to 0.2.157 in /src/_bcrypt (#856) * Bump libc from 0.2.155 to 0.2.156 in /src/_bcrypt (#854) * Bump cpufeatures from 0.2.12 to 0.2.13 in /src/_bcrypt (#853) * Bump syn from 2.0.72 to 2.0.74 in /src/_bcrypt (#851) * Bump actions/attest-build-provenance from 1.4.0 to 1.4.1 (#852) * Bump actions/upload-artifact from 4.3.5 to 4.3.6 (#850) * Bump actions/upload-artifact from 4.3.4 to 4.3.5 (#849) * Bump target-lexicon from 0.12.15 to 0.12.16 in /src/_bcrypt (#848) * Bump actions/attest-build-provenance from 1.3.3 to 1.4.0 (#847) * Bump version_check from 0.9.4 to 0.9.5 in /src/_bcrypt (#846) * Fix pypi-publish.yml for paths with spaces (#844) ==== python-libvirt-python ==== Version update (10.9.0 -> 10.10.0) - Update to 10.10.0 - Add all new APIs and constants in libvirt 10.10.0 - jsc#PED-8909, jsc#PED-9543, jsc#9854, jsc#9855 ==== python-netaddr ==== Version update (1.2.1 -> 1.3.0) - Fix incorrect removal of shebangs - update to 1.3.0: * Added: - Add partial address expansion in IPNetwork via the expand_partial switch, this enables opting into pre-1.1.0 behavior * Fixed: - Fix running the test suite on musl systems - Fix IPAddress IPv6 parsing with ZEROFILL enabled - Fix handling of the NOHOST flag in the IPNetwork copy constructor ==== python-pexpect ==== - Disable test_performance as it randomly fails ==== python-rich ==== - Switch to GitHub tarball so we can run the testsuite. - Correct version guard for typing_extensions Requires. - Drop Python 3.7 sections. ==== python311 ==== Version update (3.11.10 -> 3.11.11) Subpackages: python311-curses python311-dbm - Update to 3.11.11: - Tools/Demos - gh-123418: Update GitHub CI workflows to use OpenSSL 3.0.15 and multissltests to use 3.0.15, 3.1.7, and 3.2.3. - Tests - gh-125041: Re-enable skipped tests for zlib on the s390x architecture: only skip checks of the compressed bytes, which can be different between zlib’s software implementation and the hardware-accelerated implementation. - Security - gh-126623: Upgrade libexpat to 2.6.4 - gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to consistently use the mapped IPv4 address value for deciding properties. Properties which have their behavior fixed are is_multicast, is_reserved, is_link_local, is_global, and is_unspecified. - Library - gh-124651: Properly quote template strings in venv activation scripts (bsc#1232241, CVE-2024-9287). - Removed upstreamed patches: - CVE-2024-9287-venv_path_unquoted.patch ==== python311-core ==== Version update (3.11.10 -> 3.11.11) Subpackages: libpython3_11-1_0 python311-base - Update to 3.11.11: - Tools/Demos - gh-123418: Update GitHub CI workflows to use OpenSSL 3.0.15 and multissltests to use 3.0.15, 3.1.7, and 3.2.3. - Tests - gh-125041: Re-enable skipped tests for zlib on the s390x architecture: only skip checks of the compressed bytes, which can be different between zlib’s software implementation and the hardware-accelerated implementation. - Security - gh-126623: Upgrade libexpat to 2.6.4 - gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to consistently use the mapped IPv4 address value for deciding properties. Properties which have their behavior fixed are is_multicast, is_reserved, is_link_local, is_global, and is_unspecified. - Library - gh-124651: Properly quote template strings in venv activation scripts (bsc#1232241, CVE-2024-9287). - Removed upstreamed patches: - CVE-2024-9287-venv_path_unquoted.patch ==== qt6-base ==== Version update (6.8.0 -> 6.8.1) Subpackages: libQt6Concurrent6 libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6OpenGLWidgets6 libQt6PrintSupport6 libQt6Sql6 libQt6Test6 libQt6Widgets6 libQt6Xml6 qt6-network-tls qt6-networkinformation-glib qt6-networkinformation-nm qt6-platformtheme-gtk3 qt6-printsupport-cups qt6-sql-mysql qt6-sql-sqlite - Update to 6.8.1: * https://www.qt.io/blog/qt-6.8.1-released - Drop patches, merged upstream: * 0001-QAbstractItemModelPrivate-add-resetting-member.patch * 0001-QUuid-restore-sorting-order-of-Qt-6.8.patch * 0001-QDirIterator-don-t-crash-with-next-after-hasNext-ret.patch ==== qt6-declarative ==== Version update (6.8.0 -> 6.8.1) Subpackages: libQt6LabsAnimation6 libQt6LabsFolderListModel6 libQt6LabsPlatform6 libQt6LabsQmlModels6 libQt6LabsSettings6 libQt6LabsSharedImage6 libQt6LabsWavefrontMesh6 libQt6Qml6 libQt6QmlCore6 libQt6QmlLocalStorage6 libQt6QmlMeta6 libQt6QmlModels6 libQt6QmlNetwork6 libQt6QmlWorkerScript6 libQt6QmlXmlListModel6 libQt6Quick6 libQt6QuickControls2-6 libQt6QuickControls2Impl6 libQt6QuickDialogs2-6 libQt6QuickDialogs2QuickImpl6 libQt6QuickDialogs2Utils6 libQt6QuickEffects6 libQt6QuickLayouts6 libQt6QuickParticles6 libQt6QuickShapes6 libQt6QuickTemplates2-6 libQt6QuickTest6 libQt6QuickVectorImage6 libQt6QuickWidgets6 qt6-declarative-imports - Update to 6.8.1: * https://www.qt.io/blog/qt-6.8.1-released - Drop patches, merged upstream: * 0001-Revert-QQmlDelegateModel-fix-delegates-not-being-cre.patch * 0002-QQmlDelegateModel-fix-delegates-not-being-created-in.patch * 0001-Compiler-Wrap-raw-string-literals-in-QStringLiteral-.patch * 0001-QQuickItemView-fix-crash-with-zero-size-SwipeView-th.patch * 0001-QQuickAccessibleAttached-Let-implicit-names-work-whe.patch * 0001-QQuickItem-map-To-From-Item-Account-for-not-having-a.patch * 0001-Log-state-transitions-for-the-GC.patch * 0001-Engine-Mark-created-wrapped-objects-after-GCState-Ma.patch ==== qt6-imageformats ==== Version update (6.8.0 -> 6.8.1) - Update to 6.8.1: * https://www.qt.io/blog/qt-6.8.1-released ==== qt6-multimedia ==== Version update (6.8.0 -> 6.8.1) Subpackages: libQt6Multimedia6 libQt6MultimediaQuick6 libQt6MultimediaWidgets6 libQt6Quick3DSpatialAudio6 libQt6SpatialAudio6 qt6-multimedia-imports - Update to 6.8.1: * https://www.qt.io/blog/qt-6.8.1-released ==== qt6-networkauth ==== Version update (6.8.0 -> 6.8.1) - Update to 6.8.1: * https://www.qt.io/blog/qt-6.8.1-released ==== qt6-positioning ==== Version update (6.8.0 -> 6.8.1) Subpackages: libQt6Positioning6 libQt6PositioningQuick6 qt6-positioning-imports - Update to 6.8.1: * https://www.qt.io/blog/qt-6.8.1-released ==== qt6-qt5compat ==== Version update (6.8.0 -> 6.8.1) Subpackages: libQt6Core5Compat6 qt6-qt5compat-imports - Update to 6.8.1: * https://www.qt.io/blog/qt-6.8.1-released ==== qt6-quick3d ==== Version update (6.8.0 -> 6.8.1) Subpackages: libQt6Quick3D6 libQt6Quick3DAssetImport6 libQt6Quick3DAssetUtils6 libQt6Quick3DEffects6 libQt6Quick3DHelpers6 libQt6Quick3DHelpersImpl6 libQt6Quick3DParticleEffects6 libQt6Quick3DParticles6 libQt6Quick3DRuntimeRender6 libQt6Quick3DUtils6 libQt6Quick3DXr6 qt6-quick3d-imports - Update to 6.8.1: * https://www.qt.io/blog/qt-6.8.1-released ==== qt6-quicktimeline ==== Version update (6.8.0 -> 6.8.1) - Update to 6.8.1: * https://www.qt.io/blog/qt-6.8.1-released ==== qt6-sensors ==== Version update (6.8.0 -> 6.8.1) Subpackages: libQt6Sensors6 - Update to 6.8.1: * https://www.qt.io/blog/qt-6.8.1-released ==== qt6-shadertools ==== Version update (6.8.0 -> 6.8.1) - Update to 6.8.1: * https://www.qt.io/blog/qt-6.8.1-released ==== qt6-speech ==== Version update (6.8.0 -> 6.8.1) Subpackages: libQt6TextToSpeech6 qt6-texttospeech - Update to 6.8.1: * https://www.qt.io/blog/qt-6.8.1-released ==== qt6-svg ==== Version update (6.8.0 -> 6.8.1) Subpackages: libQt6Svg6 libQt6SvgWidgets6 - Update to 6.8.1: * https://www.qt.io/blog/qt-6.8.1-released ==== qt6-tools ==== Version update (6.8.0 -> 6.8.1) Subpackages: libQt6Designer6 libQt6Help6 libQt6UiTools6 qt6-tools-qdbus - Update to 6.8.1: * https://www.qt.io/blog/qt-6.8.1-released ==== qt6-translations ==== Version update (6.8.0 -> 6.8.1) - Update to 6.8.1: * https://www.qt.io/blog/qt-6.8.1-released ==== qt6-virtualkeyboard ==== Version update (6.8.0 -> 6.8.1) Subpackages: libQt6HunspellInputMethod6 libQt6VirtualKeyboard6 qt6-virtualkeyboard-imports - Update to 6.8.1: * https://www.qt.io/blog/qt-6.8.1-released ==== qt6-wayland ==== Version update (6.8.0 -> 6.8.1) Subpackages: libQt6WaylandClient6 libQt6WaylandCompositor6 libQt6WaylandEglClientHwIntegration6 libQt6WaylandEglCompositorHwIntegration6 libQt6WlShellIntegration6 - Update to 6.8.1: * https://www.qt.io/blog/qt-6.8.1-released ==== qt6-webchannel ==== Version update (6.8.0 -> 6.8.1) Subpackages: libQt6WebChannel6 libQt6WebChannelQuick6 qt6-webchannel-imports - Update to 6.8.1: * https://www.qt.io/blog/qt-6.8.1-released ==== qt6-webengine ==== Version update (6.8.0 -> 6.8.1) Subpackages: libQt6WebEngineCore6 libQt6WebEngineQuick6 libQt6WebEngineWidgets6 qt6-webengine-imports - Update to 6.8.1: * https://www.qt.io/blog/qt-6.8.1-released ==== qt6-webview ==== Version update (6.8.0 -> 6.8.1) - Update to 6.8.1: * https://www.qt.io/blog/qt-6.8.1-released ==== re2c ==== Version update (3.1 -> 4.0.1) - Update to version 4.0.1: * Added missing doc sources to the distribution tarball (#503) * Reworked C/C++ examples to avoid using new configuration aliases until the world has updated to re2c 4.0, made them compatible with C. * A few build system changes: increased CMake minimum required version to 3.15, added missing dependencies on doc sources in Makefile.am. * Fixed typos in docs. * Added a generic technique for describing language backends based on the idea of syntax files (#450). * Added support for new languages: D, Haskell, Java, JavaScript, OCaml, Python, V, Zig. * Added new record API for all languages (enabled with --api record, re2c:api = record) and made it the default API for Haskell and OCaml. * Renamed former “default API” to “simple API”, implemented it for all backends except Haskell and OCaml, and enabled by default API for C, D, Java, JavaScript, Python, V and Zig. * Added new code generation model - recursive functions (enabled with --recursive-functions), primarily to be used for functional languages. ==== sdbootutil ==== Version update (1+git20241112.ecf5f97 -> 1+git20241206.dccea55) Subpackages: sdbootutil-snapper sdbootutil-tukit - Update to version 1+git20241206.dccea55: * Fix quotes in bind mount command (bsc#1233378) * Allow multiple entries for initial measurements - Update to version 1+git20241126.83ebe2c: * Fix help for get-timeout * Add get default and timeout * Replace -a with && * Drop PATH field * sdbootutil-enroll: harden script against unexpected conditions - Update to version 1+git20241118.23c1900: * Fix missing grep file * Detect new bootctl error message * If BLI is not active use the loader.conf ==== selinux-policy ==== Version update (20241118 -> 20241206) Subpackages: selinux-policy-targeted - Update to version 20241206: * Move systemd-homed interfaces to seperate optional_policy block (bsc#1234228) * adjust kandim binary paths (bsc#1232328) ==== swtpm ==== Version update (0.9.0 -> 0.10.0) Subpackages: swtpm-selinux - Update to 0.10.0: + swtpm: * Requires libtpms v0.10.0 * Display tpmstate-opt-lock as a new capability * Add support for lock option parameter to tpmstate option * nvstore_linear: Add support for file-backend locking * Remove broken logic to check for neither dir nor file backend * Use ptm_cap_n to build PTM_GET_CAPABILITY response * Define a structure to return PTM_GET_CAPABILITY result * Implement --print-info to run TPMLIB_GetInfo with flags * Support --profile fd= to read profile from file descriptor * Support --profile file= to read profile from file * Ignore remove-disabled parameter on non-'custom' profile * Check for good entropy source in chroot environment * Implement a check for HMAC+sha1 for testing future restriction * Implement function to check whether a crypto algorithm is disabled * Print cmdarg-print-profiles as part of capabilities * Check whether SHA1 signature support is disabled in profile * Use TPMLIB_WasManufactured to check whether profile was applied * Determine whether OpenSSL needs to be configured (FIPs, SHA1 signature) * Add support for --print-profiles option * Print profile names as part of capabilities JSON * Display new capability to allow setting a profile * Add support for --profile option to set a profile on TPM 2 + swtpm_setup: * Comment flags for storage primary key and deprecate --create-spk * Implement --print-profiles to display all profile * Add profile entries to swtpm_setup.conf written by swtpm_setup * Add support for --profile-name option * Accept profiles with name starting with 'custom:' * Support default profile from file in swtpm_setup.conf * Support --profile-file-fd to read profile from file descriptor * Support --profile-file to read profile from file * Always log the active profile * Implement --profile-remove-fips-disabled option * Read default profile from swtpm_setup.conf * Print profile names as part of capabilities JSON * Add support for --profile parameter * Get default rsa keysize from setup_setup.conf if not given + swtpm_ioctl: * Use ptm_cap_n for non-CUSE PTM_GET_CAPABILITY response + selinux: * Change write to append for appending to log * Add rule for logging to svirt_image_t labeled files from swtpm_t + tests: * Update IBMTSS2 test suite to v2.4.0 * Test activation of PCR banks when not all are available * Enable SWTPM_TEST_PROFILE for running test_tpm2_ibmtss2 with profile * Add a check for OPENSSL_ENABLE_SHA1_SIGNATURES in log file * Consolidate custom profile test cases and check for StateFormatLevel * Convert test_samples_create_tpmca to run installed * Mention test_tpm2_libtpms_versions_profiles requiring env. variables * allow running ibmtss2 tests against installed version * Derive support for CUSE from SWTPM_EXE help screen * Set OPENSSL_ENABLE_SHA1_SIGNATURES=1 for IBMTSS2 test * Extend test case testing across libtpms versions * Add test case for testing profiles across libtpms versions * Test the --profile option of swtpm_setup and swtpm * teach them to run installed * add installed-runner.sh * install tests on the system * lookup system binaries if INSTALLED is set + build-sys: * enable 64-bit file API on 32-bit systems * Add -Wshadow to the CFLAGS * Require that libtpms v0.10 is available for TPMLIB_SetProfile ==== virt-manager ==== Subpackages: virt-install virt-manager-common - bsc#1234215 - fail to install a guest with virt-install and report "AttributeError: 'str' object has no attribute 'removeprefix'" virtinst-drop-removeprefix-usage.patch ==== wireplumber ==== Version update (0.5.6 -> 0.5.7) Subpackages: libwireplumber-0_5-0 wireplumber-audio wireplumber-zsh-completion - Update to version 0.5.7: * Highlights: - Fixed an issue that would cause random profile switching when an application was trying to capture from non-Bluetooth devices (#715, #634, !669) - Fixed an issue that would cause strange profile selection issues [choices not being remembered or unavailable routes being selected] (#734) - Added a timer that delays switching Bluetooth headsets to the HSP/HFP profile, avoiding needless rapid switching when an application is trying to probe device capabilities instead of actually capturing audio (!664) - Improved libcamera/v4l2 device deduplication logic to work with more complex devices (!674, !675, #689, #708) * Fixes: - Fixed two memory leaks in module-mixer-api and module-dbus-connection (!672, !673) - Fixed a crash that could occur in module-reserve-device (!680, #742) - Fixed an issue that would cause the warning "[string "alsa.lua"]:182: attempt to concatenate a nil value (local 'node_name')" to appear in the logs when an ALSA device was busy, breaking node name deduplication (!681) - Fixed an issue that could make find-preferred-profile.lua crash instead of properly applying profile priority rules (#751) - Remove patches that are already included in 0.5.7: * 0001-autoswitch-bluetooth-profile-switch-only-Bluetooth-devices.patch * 0002-autoswitch-bluetooth-profile-Switch-to-HSP_HFP-on-timeout.patch * 0003-m-mixer-api-Fix-memory-in-leak-wp_mixer_api_set_volume.patch * 0004-module-dbus-connection-fix-GCancellable-leak.patch ==== xen ==== Version update (4.19.0_06 -> 4.19.1_02) Subpackages: xen-libs xen-tools-domU - Update to Xen 4.19.1 bug fix release (jsc#PED-8907) xen-4.19.1-testing-src.tar.bz2 * No upstream changelog found in sources or webpage - Dropped patches 66a8b8ac-bunzip2-rare-failure.patch 66bb6f78-x86-IOMMU-move-tracking-in-iommu_identity_mapping.patch 66bb6fa5-x86-pass-through-document-as-security-unsupported.patch 66cf737b-x86-Dom0-disable-SMAP-for-PV-only.patch 66d02b69-Arm64-adjust-irq_to_desc-to-fix-build-with-gcc14.patch 66d6dca8-libxl-nul-termination-in-xen_console_read_line.patch 66d8690f-SUPPORT-split-XSM-from-Flask.patch 66e29480-x86-HVM-properly-reject-indirect-VRAM-writes.patch 66e44ae2-x86-ucode-AMD-buffer-underrun.patch 66f2af41-x86-vLAPIC-undue-recursion-of-vlapic_error.patch 66f2fd92-x86-ucode-Intel-stricter-sanity-check.patch xsa463-01.patch xsa463-02.patch xsa463-03.patch xsa463-04.patch xsa463-05.patch xsa463-06.patch xsa463-07.patch xsa463-08.patch xsa463-09.patch xsa464.patch gcc14-fixes.patch ==== xorg-x11-server ==== Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra - no longer apply and remove u_xfree86-activate-GPU-screens-on-autobind.patch since it's no longer needed and might be harmful even ... (tested successfully on Thinkpad P16 with Intel/NVIDIA hybrid graphics) - remove no longer applied and no longer needed patch n_xserver-optimus-autoconfig-hack.patch (feature implemented upstream)