Packages changed:
MicroOS-release (20240410 -> 20240414)
btrfsmaintenance
gcr (4.2.1 -> 4.3.0)
gettext-runtime
gnome-control-center
gnome-online-accounts (3.50.0 -> 3.50.1)
gnome-text-editor (46.0 -> 46.1)
gobject-introspection
gptfdisk (1.0.9 -> 1.0.10)
grep
gupnp
jack
kernel-source (6.8.4 -> 6.8.5)
libcontainers-common (20240206 -> 20240408)
liblouis
libssh
multipath-tools (0.9.8+87+suse.f72b9f3 -> 0.9.8+88+suse.d504d83)
openSUSE-build-key
openssh
pam (1.6.0 -> 1.6.1)
pam-config (2.11 -> 2.11+git.20240411)
pam-full-src (1.6.0 -> 1.6.1)
patterns-kde
perl
pipewire
postfix
schily
texlive
transactional-update (4.6.0 -> 4.6.5)
update-alternatives (1.22.5 -> 1.22.6)
vim (9.1.0151 -> 9.1.0301)
xorg-x11-server
xz
=== Details ===
==== MicroOS-release ====
Version update (20240410 -> 20240414)
Subpackages: MicroOS-release-appliance MicroOS-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== btrfsmaintenance ====
- Use full URL for Source0 (.gz compressed as upstream does not
ship .bz2 ones).
==== gcr ====
Version update (4.2.1 -> 4.3.0)
Subpackages: gcr-ssh-agent gcr-ssh-askpass gcr-viewer libgck-2-2 libgcr-4-4 typelib-1_0-Gck-2 typelib-1_0-Gcr-4
- Update to version 4.3.0:
+ certificate: Add API to retrieve version.
+ Bump required GnuTLS version to 3.8.5.
+ Avoid potential integer overflow spotted by UBSan>
+ Support GnuTLS as an alternative crypto backend.
+ Updated translations.
==== gettext-runtime ====
Subpackages: libtextstyle0
- Add missing Requires: find to gettext-tools
==== gnome-control-center ====
Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-user-faces gnome-control-center-users
- Add gnome-control-center-datetime-Avoid-emitting-the-time-changed-signal.patch:
Avoid emitting the time-changed signal
(bsc#1222149, bsc#1221799, glgo#GNOME/gnome-control-center#2943).
==== gnome-online-accounts ====
Version update (3.50.0 -> 3.50.1)
Subpackages: libgoa-1_0-0 libgoa-backend-1_0-2
- Update to version 3.50.1:
+ Fix translation domain in account dialogs.
+ Fix OAuth 2.0 URI handler for some users.
+ Fix crash in Kerberos/Fedora provider.
+ Improved WebDAV support for Fastmail and mailbox.org.
+ Fixes for WebDAV discovery.
+ OAuth 2.0 PKCE support.
+ Fix issues caught by static analysis.
+ Update Microsoft Client ID.
+ Updated translations.
==== gnome-text-editor ====
Version update (46.0 -> 46.1)
- Update to version 46.1:
+ Remove DBusActicatable=true from the .desktop file to fix an
issue where you could spawn Text Editor via D-Bus and not have
the session restored at startup.
+ AppData fixes.
+ Updated translations.
- Drop data-desktop-disable-DBusActivatable.patch: fixed upstream.
==== gobject-introspection ====
Subpackages: girepository-1_0 libgirepository-1_0-1
- gi-find-deps.sh: further expand on the java script scanner.
==== gptfdisk ====
Version update (1.0.9 -> 1.0.10)
- Update to release 1.0.10
* Fix failure & crash of sgdisk when compiled with latest popt
* Fix NULL dereference when duplicating string argument
* Allow partition dynamically allocated by --largest-new to be
referenced by other options
* Truncate decimal inputs (e.g. "9.5G" becomes "9G")
* New partition type codes from the Discoverable Partitions
Specification
- Delete 0001-Fix-failure-crash-of-sgdisk-when-compiled-with-lates.patch
gptfdisk-1.0.9-libuuid.patch,
gptfdisk-fix-null-pointer-dereference.patch (merged)
==== grep ====
- restore texinfo macros for SLE15
==== gupnp ====
- remove dependency on /usr/bin/python3 using
%python3_fix_shebang macro, [bsc#1212476]
==== jack ====
- remove dependency on /usr/bin/python3 using
%python3_fix_shebang macro, [bsc#1212476]
==== kernel-source ====
Version update (6.8.4 -> 6.8.5)
- gcc-plugins/stackleak: Avoid .head.text section (git-fixes).
- commit 542f698
- Linux 6.8.5 (bsc#1012628).
- x86: set SPECTRE_BHI_ON as default (bsc#1012628).
- KVM: x86: Add BHI_NO (bsc#1012628).
- x86/bhi: Mitigate KVM by default (bsc#1012628).
- x86/bhi: Add BHI mitigation knob (bsc#1012628 bsc#1217339 CVE-2024-2201).
- Update config files (set SPECTRE_BHI_ON=y which is the default later).
- x86/bhi: Enumerate Branch History Injection (BHI) bug
(bsc#1012628).
- x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1012628).
- x86/bhi: Add support for clearing branch history at syscall
entry (bsc#1012628).
- x86/syscall: Don't force use of indirect calls for system calls
(bsc#1012628).
- x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file
(bsc#1012628).
- x86/efistub: Remap kernel text read-only before dropping NX
attribute (bsc#1012628).
- x86/sev: Move early startup code into .head.text section
(bsc#1012628).
- x86/sme: Move early SME kernel encryption handling into
.head.text (bsc#1012628).
- x86/boot: Move mem_encrypt= parsing to the decompressor
(bsc#1012628).
- efi/libstub: Add generic support for parsing mem_encrypt=
(bsc#1012628).
- bpf: support deferring bpf_link dealloc to after RCU grace
period (bsc#1012628).
- bpf: put uprobe link's path and task in release callback
(bsc#1012628).
- Revert "x86/mpparse: Register APIC address only once"
(bsc#1012628).
- drm/xe: Rework rebinding (bsc#1012628).
- drm/xe: Use ring ops TLB invalidation for rebinds (bsc#1012628).
- drm/i915/gt: Enable only one CCS for compute workload
(bsc#1012628).
- drm/i915/gt: Do not generate the command streamer for all the
CCS (bsc#1012628).
- drm/i915/gt: Disable HW load balancing for CCS (bsc#1012628).
- drm/i915/dp: Fix the computation for compressed_bpp for DISPLAY
< 13 (bsc#1012628).
- drm/i915/mst: Reject FEC+MST on ICL (bsc#1012628).
- drm/i915/mst: Limit MST+DSC to TGL+ (bsc#1012628).
- smb: client: fix potential UAF in
cifs_signal_cifsd_for_reconnect() (bsc#1012628).
- smb: client: fix potential UAF in smb2_is_network_name_deleted()
(bsc#1012628).
- smb: client: fix potential UAF in is_valid_oplock_break()
(bsc#1012628).
- smb: client: fix potential UAF in smb2_is_valid_lease_break()
(bsc#1012628).
- smb: client: fix potential UAF in smb2_is_valid_oplock_break()
(bsc#1012628).
- smb: client: fix potential UAF in cifs_dump_full_key()
(bsc#1012628).
- smb: client: fix potential UAF in cifs_stats_proc_show()
(bsc#1012628).
- smb: client: fix potential UAF in cifs_stats_proc_write()
(bsc#1012628).
- smb: client: fix potential UAF in cifs_debug_files_proc_show()
(bsc#1012628).
- smb3: retrying on failed server close (bsc#1012628).
- smb: client: serialise cifs_construct_tcon() with
cifs_mount_mutex (bsc#1012628).
- smb: client: handle DFS tcons in cifs_construct_tcon()
(bsc#1012628).
- smb: client: refresh referral without acquiring refpath_lock
(bsc#1012628).
- smb: client: guarantee refcounted children from parent session
(bsc#1012628).
- smb: client: fix UAF in smb2_reconnect_server() (bsc#1012628).
- riscv: process: Fix kernel gp leakage (bsc#1012628).
- riscv: Fix spurious errors from __get/put_kernel_nofault
(bsc#1012628).
- s390/entry: align system call table on 8 bytes (bsc#1012628).
- selftests/mm: include strings.h for ffsl (bsc#1012628).
- mm/secretmem: fix GUP-fast succeeding on secretmem folios
(bsc#1012628).
- arm64/ptrace: Use saved floating point state type to determine
SVE layout (bsc#1012628).
- riscv: Fix vector state restore in rt_sigreturn() (bsc#1012628).
- aio: Fix null ptr deref in aio_complete() wakeup (bsc#1012628).
- perf/x86/intel/ds: Don't clear ->pebs_data_cfg for the last
PEBS event (bsc#1012628).
- x86/coco: Require seeding RNG with RDRAND on CoCo systems
(bsc#1012628).
- x86/mce: Make sure to grab mce_sysfs_mutex in set_bank()
(bsc#1012628).
- x86/mm/pat: fix VM_PAT handling in COW mappings (bsc#1012628).
- of: module: prevent NULL pointer dereference in vsnprintf()
(bsc#1012628).
- of: dynamic: Synchronize of_changeset_destroy() with the
devlink removals (bsc#1012628).
- driver core: Introduce device_link_wait_removal() (bsc#1012628).
- ASoC: SOF: Intel: hda: Compensate LLP in case it is not reset
(bsc#1012628).
- ASoC: SOF: ipc4-pcm: Correct the delay calculation
(bsc#1012628).
... changelog too long, skipping 395 lines ...
- commit f362b5c
==== libcontainers-common ====
Version update (20240206 -> 20240408)
Subpackages: libcontainers-default-policy
- Add patch to keep containers.conf modifications in sync with upstream (bsc#1213556)
+ 0001-containers.conf-SUSE-clear-cni-config-dir-for-ALP.patch
- Fallback to podman's default capabilities and journal driver via containers.conf
- New release 20240408
- bump bundled c/common to 0.58.0
- bump bundled c/image to 5.30.0
- bump bundled c/storage to 1.53.0
==== liblouis ====
Subpackages: liblouis-data liblouis20 python3-louis
- Run python tests in %check
==== libssh ====
Subpackages: libssh-config libssh4
- Don't change the path for crypto-policies libssh.config (bsc#1222716)
==== multipath-tools ====
Version update (0.9.8+87+suse.f72b9f3 -> 0.9.8+88+suse.d504d83)
Subpackages: kpartx libmpath0
- Update to version 0.9.8+88+suse.d504d83:
* Revert "libmultipath: fix max_sectors_kb on adding path"
(bsc#1222458)
==== openSUSE-build-key ====
- SLM 6.0 key (ALP / SLF1) RSA 4096 bit key
- gpg-pubkey-09d9ea69-645b99ce.asc
- 2024 SUSE Linux Enterprise 15 SP6 RSA 4096 bit key
- gpg-pubkey-3fa1d6ce-63c9481c.asc
- SLM 6.0 key (ALP / SLF1) RSA 4096 bit reserve key
- gpg-pubkey-73f03759-626bd414.asc
- 2024 SUSE Linux Enterprise 15 SP6 RSA 4096 bit reserve key
- gpg-pubkey-d588dc46-63c939db.asc
- obsoleted a incorrectly used DSA1024 key (used in Slowroll).
==== openssh ====
Subpackages: openssh-clients openssh-common openssh-server
- Fix duplicate loading of dropins. (boo#1222467)
==== pam ====
Version update (1.6.0 -> 1.6.1)
- Update to version 1.6.1
- pam_env: fixed --disable-econf --enable-vendordir support.
- pam_unix: do not warn if password aging is disabled.
- pam_unix: try to set uid to 0 before unix_chkpwd invocation.
- pam_unix: allow empty passwords with non-empty hashes.
- Multiple minor bug fixes, build fixes, portability fixes,
documentation improvements, and translation updates.
- Remove backports:
- pam_env-fix_vendordir.patch
- pam_env-fix-enable-vendordir-fallback.patch
- pam_env-remove-escaped-newlines.patch
- pam_unix-fix-password-aging-disabled.patch
==== pam-config ====
Version update (2.11 -> 2.11+git.20240411)
- Update to version 2.11+git.20240411:
* Configure Himmelblau correctly w/ other services present
* Configure other services correctly w/ Himmelblau present
* Himmelblau session is only optional
==== pam-full-src ====
Version update (1.6.0 -> 1.6.1)
- Update to version 1.6.1
- pam_env: fixed --disable-econf --enable-vendordir support.
- pam_unix: do not warn if password aging is disabled.
- pam_unix: try to set uid to 0 before unix_chkpwd invocation.
- pam_unix: allow empty passwords with non-empty hashes.
- Multiple minor bug fixes, build fixes, portability fixes,
documentation improvements, and translation updates.
- Remove backports:
- pam_env-fix_vendordir.patch
- pam_env-fix-enable-vendordir-fallback.patch
- pam_env-remove-escaped-newlines.patch
- pam_unix-fix-password-aging-disabled.patch
==== patterns-kde ====
Subpackages: patterns-kde-kde_plasma patterns-kde-kde_yast
- xwaylandvideobridge has always been unversioned (boo#1222640)
==== perl ====
Subpackages: perl-base
- Revert commit 7af2d2037375d58e700f9e1b217efb2c4db66133 as suggested
by upstream perl
* fixed locale being clobbered by perl [bsc#1220195]
* new patch: perl-locale-backport.diff
==== pipewire ====
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools
- Move the jack spa plugin from the pipewire-spa-plugins-0_2
package to a new pipewire-spa-plugins-0_2-jack package. This
allows to not Suggest the pipewire-libjack package from
pipewire-spa-plugins-0_2 since that's only used to connect
pipewire as a client to a jack server which is not common at all
(boo#1222253).
==== postfix ====
- Move qshape(1) out of -doc, install it as a binary with the main package
==== schily ====
Subpackages: libcdrdeflt1_0 libdeflt1_0 libfile1_0 libfind4_0 librmt1_0 librscg1_0 libscg1_0 libscgcmd1_0 libschily2_0 mkisofs spax star
- Update to release 2024.03.21
* mkisofs: produce less scrollback when logging progress to ttys.
==== texlive ====
- Add patch source-dvipdfm-x.dif
* dvipdfmx: repeated inclusion of the same image did not share
the image data, but had separate copies for each inclusion.
==== transactional-update ====
Version update (4.6.0 -> 4.6.5)
Subpackages: dracut-transactional-update libtukit4 transactional-update-zypp-config tukit
- Version 4.6.5
- Rework soft-reboot support introduced in 4.6.0:
- On transactional systems with systemd 254 the system could
hang with with a soft-reboot, as /var and /etc have to be
mounted in /run/nextroot explicitly. As a soft-reboot can
also be triggered by an admin the mounting of the
corresponding mount points was moved to a systemd service to
be independent of t-u itself.
- Support for systemd 255
- Don't decrease reboot level on multiple commands
- Various other bugfixes
- soft-reboot support is disabled by default now to gather more feedback
- libtukit: Fix kexec reboot method to boot kernel / initrd of next snapshot
- tukit: Don't clone lock file handle on exec [boo#1222411]
- t-u: Always use zypper of installed system [bsc#1221346]
- t-u: Remove remaining telemetrics references
- Add prepare-nextroot-for-softreboot service
- Add (empty) %check section
==== update-alternatives ====
Version update (1.22.5 -> 1.22.6)
- Update to version 1.22.6.
The changelog for this version isn't very large, so it's provided in full:
* dpkg-deb: Fix up compressor parameters for default legacy format.
* Perl modules:
- Dpkg::Vendor::Debian: Make it possible to disable qa=-bug-implicit-func.
- Dpkg::Vendor::Debian: Unconditionally set qa bug-implicit-func.
* Documentation:
- man: Document dpkg versions supporting SOURCE_DATE_EPOCH for various
tools.
* Code internals:
- libdpkg: Use array access instead of pointer arithmetic for meminfo
parser.
- libdpkg: Use a macro to define the zstd default compression level.
* Build system:
- Test with minimal library dependencies in CI.
- Add gen-release script.
* Packaging:
- Fix typo in man page reference in changelog.
* Test suite:
- Refactor OpenPGP backend and commands list.
- Refactor certfile and keyfile filenames for OpenPGP test.
- Skip OpenPGP tests if the backend does not have a verify command.
* Localization:
- Fix typos in Swedish man pages translations.
- Fix typos in Swedish man pages translations.
- Update Dutch man pages translations.
- Update Portuguese man pages translations.
- Update German man pages translation.
==== vim ====
Version update (9.1.0151 -> 9.1.0301)
Subpackages: vim-data vim-data-common vim-small xxd
- update to 9.1.0301
* Vim9: heredoc start may be recognized in string
* Missing test for what patch v9.1.0285 fixes
* Vim9: return type not set for a lambda assigned to script var
* add runtime/doc/tags-* to ignore files
* Updated translation
* Update documentation
* Patch 9.1.0296 causes too many issues
* Fix a few issues with gvim.nsi
* regexp: engines do not handle case-folding well
* filetype: pip config files are not recognized
* Text height function does not respect it's argument
* filetype: lxqt config files are not recognized
* filetype: XDG mimeapps.list file is not recognized
* filetype: libreoffice config files are not recognized
* filetype: xilinx files are not recognized
* filetype: some TeX files are not recognized
* Vim9: comment may be treated as heredoc start
* Vim9: E1027 with defcompile for abstract methods
* Still problems with cursor position for CTRL-D/U
* fix inaccuracies in pandoc compiler
* make testclean is not able to delete failed screendumps
* Update base-syntax, no curly-brace names in Vim9 script
* Several small issues in doc and tests
* Finding highlighting attributes is inefficient
* Update cuda keywords, remove uncommonly used enumeration constants
* several issues with 'smoothscroll' support
* filetype: roc files are not recognized
* filetype: zathurarc files not recognized
* Cannot highlight the Command-line
* No pandoc syntax support
* filetype: R history files are not recognized
* filetype: keymap files are not recognized
* autocmd may change cwd after :tcd and :lcd
* Update syntax generator, autocmd event list parsing
* Normalise builtin-function optional parameter formatting
* Correctly distribute libsodium with the installer
* a few minor issues to fix
* Test for TextChanged is still flaky with ASAN
* Two tests in test_filechanged.vim are slow
* File name entered in GUI dialog is ignored
* fix :compiler leaving behind a g:makeprg variable
* Remove more fallback :CompilerSet definitions from compiler plugins
* filetype: earthfile files are not recognized
* console dialog cannot save unnamed buffers
* Fill in a few details regarding :enums
* Remove fallback :CompilerSet definition from compiler plugins
* libgpm may delete some signal handlers
* Improve the matching of contextual keywords
* Vim9: Problem with lambda blocks in enums and classes
* Test for TextChanged is flaky with ASAN
* Vim9: protected class and funcrefs accessible outside the class
* Problems with "zb" and scrolling to new topline with 'smoothscroll'
* filetype not detected when editing remote files
* sort filetype.txt in the alphabetical order
* Normal mode TextChanged isn't tested properly
* half-page scrolling broke backward compatibility
* Vim9: :call may not find imported class members
* Finding autocmd events is inefficient
* Vim9: no indication of script nr in stack trace of classes
* [security]: Heap buffer overflow when calling complete_add() in 'cfu'
* filetype: typespec files are not recognized
* improve syntax highlighting for YAML
* Vim9: segfault with static in super class
* Filetype test fails
* update syntax
* filetype: ldscripts cannot be recognized
* filetype: rock_manifest and config.ld files are not recognized
* filetype: yarn lock files are not recognized
* filetype: bundle config files are not recognized
* filetype: fontconfig files are not recognized
* filetype: zsh theme, history and zunit files are not recognized
* filetype: bash history files are not recognized
* filetype: netrw history file is not recognized
* filetype: octave history files are not recognized
* filetype: mysql history files are not recognized
* filetype: some python tools config files are not recognized
* filetype: gnuplot history files are not recognised
* filetype: jupyterlab and sublime config are not recognized
* filetype: mplstyle files are not recognized
* filetype: texlua files are not recognized
* filetype: supertux files are not recognized
* filetype: support for Intel HEX files is lacking
* Vim9: string() output of enum is problematic
* Conceal test fails when rightleft feature is disabled
* Filetype may be undetected when SwapExists sets ft in other buf
* TextChanged autocommand not triggered under some circumstances
* ensure compiler! sets global options
* Distinguish Vim9 builtin object methods from namesake builtin functions
* add support for Debian specific @includes
* Error E877 is not translated
* fix path of uganda.nsis.txt in german.nsi file
* Two unrelated things are tested by a single test
* Improve docs for empty(), len(), and string() on objects
* Recording may still be wrong in Select mode
* Not able to assign enum values to an enum static variable
* test_matchparen not run in CI
* cursor may move too many lines over "right" & "below" virt text
* code duplication in loop to add active text properties
... changelog too long, skipping 119 lines ...
* Coverity complains about ignoring return value
==== xorg-x11-server ====
Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra
- U_render-Avoid-possible-double-free-in-ProcRenderAddGl.patch
* fixes regression for security fix for CVE-2024-31083 (bsc#1222312,
boo#1222442, gitlab xserver issue #1659)
==== xz ====
Subpackages: liblzma5
- revert the switch to tar_scm which dropped the signature
validation
- switch back to tarballs because the upstream tarballs are not
gone
- reinstanciate keyring from Lasse
- go back to the last release signed by Lasse (5.4.2)
- revert multibuild, drop service and rpmlintrc
- use real_ver for the Source, move everything else back to
%version like before the hectic XZ downgrade
- remove payload setting, we are using zstd now
- Switch to using tar_scm for fetching the sources as the upstream
tarballs on github are gone
- introduce _multibuild to allow building the translations outside
of Ring0 and everything else in Ring0
- add rpmlintrc to silence harmless warnings