Packages changed:
MicroOS-release (20241018 -> 20241023)
dav1d (1.4.3 -> 1.5.0)
distrobox (1.7.2.1 -> 1.8.0)
dnf
evolution-data-server (3.54.0 -> 3.54.1)
ghostscript (10.03.1 -> 10.04.0)
gjs (1.82.0 -> 1.82.1)
gnome-branding-Aeon
gnome-control-center (47.0.1+8 -> 47.1.1)
gnome-online-accounts (3.52.0 -> 3.52.1)
gnome-shell (47.0 -> 47.1)
gnome-shell-extensions (47.0 -> 47.1)
gnome-terminal (3.54.0 -> 3.54.1)
grub2
gtk2
gtk3
gvfs (1.56.0 -> 1.56.1)
hwinfo (23.2 -> 23.3)
hyper-v (8 -> 9)
kernel-firmware (20241001 -> 20241018)
libdnf (0.73.2 -> 0.73.3)
libjcat (0.2.1 -> 0.2.2)
libunistring (1.2 -> 1.3)
mutter (47.0+19 -> 47.1)
nautilus (47.0+8 -> 47.0+14)
ncurses (6.5.20240928 -> 6.5.20241019)
open-vm-tools (12.4.5 -> 12.5.0)
openssl-3
patterns-base
pipewire
podman
python-blinker (1.7.0 -> 1.8.2)
python-certifi (2024.7.4 -> 2024.8.30)
python-charset-normalizer (3.3.2 -> 3.4.0)
python-cryptography (43.0.1 -> 43.0.3)
qt6-base
runc (1.2.0~rc3 -> 1.2.0)
samba (4.21.0+git.363.84c94ca948f -> 4.21.1+git.367.e1da597d86e)
selinux-policy (20240930 -> 20241021)
u-boot-rpiarm64
vte (0.78.0 -> 0.78.1)
webkit2gtk3 (2.46.1 -> 2.46.2)
webkit2gtk4 (2.46.1 -> 2.46.2)
wireplumber
xf86-input-libinput (1.4.0 -> 1.5.0)
xfsprogs (6.10.1 -> 6.11.0)
xz (5.6.2 -> 5.6.3)
zlib-ng-compat (2.2.1 -> 2.2.2)
=== Details ===
==== MicroOS-release ====
Version update (20241018 -> 20241023)
Subpackages: MicroOS-release-appliance MicroOS-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== dav1d ====
Version update (1.4.3 -> 1.5.0)
- Update to version 1.5.0
* WARNING: we removed some of the SSE2 optimizations, so if
you care about systems without SSSE3, you should be careful
when updating!
* Optimize index offset calculations for decode_coefs
* picture: copy HDR10+ and T35 metadata only to visible frames
* SSSE3 new optimizations for 6-tap (8bit and hbd)
* AArch64/SVE: Add HBD subpel filters using 128-bit SVE2
* AArch64: Add USMMLA implempentation for 6-tap H/HV
* AArch64: Optimize Armv8.0 NEON for HBD horizontal filters
and 6-tap filters
* Power9: Optimized ITX till 16x4.
* Loongarch: numerous optimizations
* RISC-V optimizations for pal, cdef_filter, ipred, mc_blend,
mc_bdir, itx
* Allow playing videos in full-screen mode in dav1dplay
==== distrobox ====
Version update (1.7.2.1 -> 1.8.0)
Subpackages: distrobox-bash-completion
- update to 1.8.0
* Improvements
+ Improvements on Nvidia integration
+ Improvements on XDG_* env variables management
+ Remote distrobox assemble files! Keep them remote with distrobox assemble create --file https://foo.com/file.ini!
+ A lot of new container distros, from @ublue-os and @toolbx-images, New Fedora, Ubuntu, Alpine and @wolfi-dev wolfi-toolbox!
* all: ensure env variables are set and have values
* all: use registry.fedoraproject.org/fedora-toolbox:latest image by default, Fix #1402
* assemble: add support for remote manifest files
* assemble: ensure variables are reset correctly
* assemble: fix name detection with hyphens, Fix #1507
* assemble: fix possible empty lines, Fix #1514
* assemble: improve handling of hooks, pass around b64 encoded string to avoid unwanted evaluations
* compatibility: add missing url for ubuntu:23.04 by @sheevy in #1439
* create: better explain init/pre-init hooks
* create: ignore trailing slashes on custom homes, Fix #1575
* docs: Add kali icon by @andyspectre in #1451
* docs: Document support for alpine 3.20 containers by @Ferenc- in #1504
* docs: Fix issue with user not having permissions to write containers.conf by @nhermosilla14 in #1456
* docs: Seperate curl and wget commands by @axtloss in #1434
* docs: Update microos -> aeon/kalpa in docs by @TheRsKing in #1427
* docs: Update openSUSE and SLES compatibility guide by @alexandrevicenzi in #1489
* docs: add BlackaArch Linux compatibility, Fix #1358
* docs: add compatibility with ghcr.io/ublue-os/bluefin-cli, Fix #1453
* docs: document an official way to detect when you're in a distrobox
* docs: document pipewire/alsa packages for ubuntu initful containers. Fix #1374
* docs: fix subuids spelling mistake by @yocoldle in #1431
* docs: fix link for Crystal linux. Fix #1418
* docs: fix linting
* docs: fix obsolete Chainguard Wolfi notes
* docs: point to new nixos wiki by @Mic92 in #1384
* docs: remove rhel-toolbox image from compatibility, it's now behind paywall
* docs: support for 3d acceleration in: run_libvirt_in_distrobox.md by @TheRsKing in #1426
* docs: update compatibility, add ublue toolboxes, update Alpine and Fedora versions, Fix #1501
* docs: update vscode integration docs
* enter: Fix distrobox-enter and distrobox-rm to handle containers that have environment variables shorter than 5 symbols by @senioroman4uk in #1545
* enter: Fix support for Active Directory usernames including backslashes pt. 2 by @phoppermann in #1458
* enter: fix additional flags evaluation, Fix #1541
* enter: fix docker timestamp incompatibility, Fix #1382, Fix #1424, Fix #1392
* enter: fix regression in login for initful container, Fix #1428
* enter: get rid of eval and pass arguments using set. This will avoid maniupulating args, and simplify our life. Fix #749, Fix #1461
* enter: improve positional args handling, treat enter command accordingly, improve comments explaining the black magic
* export: Actually fix XDG_DATA_DIRS and XDG_DATA_HOME handling by @TigerGorilla2 in #1582
* export: Fix XDG_DATA_DIRS and XDG_DATA_HOME handling by @e-luks in #1496
* export: ensure destpath exists, Fix #1405
* export: fix CONTAINER_ID fallback
* export: fix grep errors on list-apps
* export: improve documentation of the spec. Fix #1444
* export: simplify and cleanup code
* export: support exporting app launchers by full-path.
* extras: vscode- improve podman wrapper, add docker wrapper, fix reconnections
* fix for 1440 by @dtg01100 in #1441
* fix: init package in Gentoo Stage3 image by @xz-dev in #1455
* fix:[#1525] handle container creation failure by @jardon in #1526
* generate-entry: add 'Remove' action to entry, Fix #1433
* generate-entry: add timeout to downloads, Fix #1459
* generate-entry: fix generic icon download and setup
* generate-entry: fix linting
* generate-entry: use XDG_DATA_HOME by @Samueru-sama in #1468
* host-exec: fix arm naming, Fix #1442
* host-exec: fix host-spawn version
* host-exec: update host-spawn version
* init: fix arch locale-gen by @Boria138 in #1520
* init: Exclude repos from bind-mounting by @lunacd in #1503
* init: Fix SHELL using absolute path and disable duplicate profile inclusion by @eugenesan in #1397
* init: Generate host locales in container (fixed issue #1399) by @Boria138 in #1404
* init: add fallback values for host locale variables
* init: add iputils
* init: add iputils in setup_pacman by @intzaaa in #1576
* init: apt-get upgrade, force keeping old configs when non interactive
* init: arrange package manager to avoid conflicts when using more than one (eg: packaging containers)
* init: auto-link /usr/bin/flatpak, to better support opening links on host's browser, if those are flatpaks
* init: do not fail in "Setting up read-only mounts" if findmnt does not exist by @phoppermann in #1454
* init: ensure we have DBUS variables set for host-spawn to work in login scripts, Fix #1383
* init: fallback case where mounting /etc/localtime fails, Fix #1435
* init: fix detection of 32bit nvidia libs on suse family
* init: fix failing chpasswd on systemd-homed managed users, Fix #1423
* init: fix locale generation for minimal images
* init: fix locale generation on musl and older systems
* init: fix missing allowerasing flag for dnf
* init: fix nvidia integration mounting files from boost libs, Fix #1500
* init: fix nvidia integration, improve search of nvidia files, Fix #1500
* init: fix typo in fallback locale values
* init: fix udev clash on rootful initful systems
* init: fix void-linux failing due to runit, Fix #1380
* init: perform upgrade before setting up archlinux packages
* init: proper fix for void extraction paths. Fix #1457
* init: remove su-exec workaround for Wolfi, now that it supports proper sudo
* init: rework package managment code
* init: separate 'mount --rbind -o rslave ...' into 'mount --rbind ...'… by @timwa0669 in #1583
* rm: Fix distrobox-enter and distrobox-rm to handle containers that have environment variables shoter than 5 symbols by @senioroman4uk in #1545
* rm: add fallback value to response_force
* rm: ask to force-delete if running and in interactive mode
* rm: fix IFS overwriting, Fix #1400
* rm: remove dead code, remove container volumes.
==== dnf ====
- Do not recommend -lang package: the lang package has already the
relevant supplements in place.
==== evolution-data-server ====
Version update (3.54.0 -> 3.54.1)
Subpackages: libcamel-1_2-64 libebackend-1_2-11 libebook-1_2-21 libebook-contacts-1_2-4 libecal-2_0-3 libedata-book-1_2-27 libedata-cal-2_0-2 libedataserver-1_2-27 libedataserverui-1_2-4
- Update to version 3.54.1:
+ Bug Fixes:
- Pass GError instead of CamelException to
camel_movemail_solaris
- Fix argument types in ENABLE_BROKEN_SPOOL code
- Use GIConv instead of iconv_t with iconv wrappers
- ESoupSession: Sometimes accesses server without OAuth2 token
+ Updated translations.
==== ghostscript ====
Version update (10.03.1 -> 10.04.0)
- update to 10.04.0 (bsc#1232173):
* Amongst other general bugs fixes, this release addresses:
+ CVE-2024-46951
+ CVE-2024-46952
+ CVE-2024-46953
+ CVE-2024-46954
+ CVE-2024-46955
+ CVE-2024-46956
==== gjs ====
Version update (1.82.0 -> 1.82.1)
Subpackages: libgjs0 typelib-1_0-GjsPrivate-1_0
- Update to version 1.82.1:
+ Fixed gnome-shell crash when switching user after upgrade from
Fedora 40 to Fedora 41
==== gnome-branding-Aeon ====
- Change default recommended flatpaks, install Ptyxis, offer a PDF
viewer
==== gnome-control-center ====
Version update (47.0.1+8 -> 47.1.1)
Subpackages: gnome-control-center-color gnome-control-center-goa
- Update to version 47.1.1:
+ Fix crash on display scales > 1 due to conflicting type
registration.
- Update to version 47.1:
+ About: Allow FQDN hostnames
+ Appearance: Fix thumbnailing of backgrounds causing OOM kills
+ Date and Time: Fix resize issue in the time format row when
shown in small window sizes
+ Online Accounts: Fix untranslated account provider info string
+ Region and Language: Update language row after closing language
selector
+ Remote Desktop: Hide "Remote Desktop" row when
gnome-remote-desktop is not available
+ Wacom:
- Don't crash when handling an unknown stylus ID
- Don't show Map Buttons for fallback devices
- Handle all external remotes like an external TV remote-like
device
- Make assets recolaborable, supporting dark-style,
high-contrast, and accent colors
- Support HDPI for tablet/stylus illustration images
+ Updated translations.
==== gnome-online-accounts ====
Version update (3.52.0 -> 3.52.1)
Subpackages: libgoa-1_0-0 libgoa-backend-1_0-2
- Update to version 3.52.1:
+ Bugs fixed:
- goakerberosprovider: don't assume all errors are auth errors
- goaoauthprovider: fix expected NULL GError
+ Updated translations.
==== gnome-shell ====
Version update (47.0 -> 47.1)
Subpackages: gnome-shell-calendar
- Update to version 47.1:
+ Improve quick settings accessibility
+ Use accent color in tablet configuration UI
+ Improve accuracy of inset box shadows
+ Fix `PopupSwitchMenuItem::toggled` passing wrong state
+ Consider text direction when handling arrow keys in sliders
+ Fix layout issues with new dialog style
+ Fix uneven padding in notification headers
+ Fixed crash
+ Misc. cleanups and bug
+ Updated translations.
==== gnome-shell-extensions ====
Version update (47.0 -> 47.1)
Subpackages: gnome-shell-classic gnome-shell-extensions-common
- Update to version 47.1:
+ classic: Add missing top-bar indicators
+ window-list:
- Fix window state styling
- Fix "ignore-workspace" setting getting reset
+ Misc. bug fixes and cleanups
==== gnome-terminal ====
Version update (3.54.0 -> 3.54.1)
Subpackages: nautilus-extension-terminal
- Update to version 3.54.1:
+ prefs: Follow the theme variant setting
+ Updated translations.
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-common grub2-snapper-plugin
- Fix error: /boot/grub2/x86_64-efi/bli.mod not found (bsc#1231591)
- Keep grub packaging and dependencies in the SLE-12 and SLE-15 builds
- Power guest secure boot with key management (jsc#PED-3520) (jsc#PED-9892)
* 0001-ieee1275-Platform-Keystore-PKS-Support.patch
* 0002-ieee1275-Read-the-DB-and-DBX-secure-boot-variables.patch
* 0003-appendedsig-The-creation-of-trusted-and-distrusted-l.patch
* 0004-appendedsig-While-verifying-the-kernel-use-trusted-a.patch
* 0005-appendedsig-The-grub-command-s-trusted-and-distruste.patch
* 0006-appendedsig-documentation.patch
* 0007-mkimage-create-new-ELF-Note-for-SBAT.patch
* 0008-mkimage-adding-sbat-data-into-sbat-ELF-Note-on-power.patch
* grub2.spec : Building signed grub.elf with SBAT metadata
- Support for NVMe multipath splitter (jsc#PED-10538)
* 0001-ieee1275-support-added-for-multiple-nvme-bootpaths.patch
- Deleted path (jsc#PED-10538)
* 0001-grub2-Can-t-setup-a-default-boot-device-correctly-on.patch
* 0001-grub2-Set-multiple-device-path-for-a-nvmf-boot-devic.patch
- Fix not a directory error from the minix filesystem, as leftover data on disk
may contain its magic header so it gets misdetected (bsc#1231604)
* grub2-install-fix-not-a-directory-error.patch
==== gtk2 ====
Subpackages: gtk2-tools libgtk-2_0-0
- Eliminate usage of update-alternatives:
+ Drop gtk-update-icon-cache and relevant man page. We rely
solely on GTK3 to perform this caching task.
==== gtk3 ====
Subpackages: gtk3-data gtk3-schema gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0
- Eliminate usage of update-alternatives: GTK2 no longer provides
gtk-update-icon-cache, thus eliminating the need for this extra
complexity.
==== gvfs ====
Version update (1.56.0 -> 1.56.1)
Subpackages: gvfs-backend-afc gvfs-backend-goa gvfs-backend-samba gvfs-backends gvfs-fuse
- Update to version 1.56.1:
+ udisks2: Increasing reference count when updating volume to fix
crashes
+ onedrive:
- Use names instead of id for events to fix monitoring
- Add missing replace stream to fix crashes
- onedrive: Fix double free during cache rebuild to fix crashes
+ dav: Recognize the 409 status to fix creation of parent
directories
+ Updated translations.
==== hwinfo ====
Version update (23.2 -> 23.3)
Subpackages: libhd23
- merge gh#openSUSE/hwinfo#148
- avoid reporting of spurious usb storage devices (bsc#1223330)
- 23.3
==== hyper-v ====
Version update (8 -> 9)
- Add memory allocation check in hv_fcopy_start (94e86b17)
- suppress the invalid warning for packed member alignment (207e03b0)
- Add new fcopy application based on uio driver (82b0945c)
- Add vmbus_bufring (45bab4d7)
- kvp: Handle IPv4 and Ipv6 combination for keyfile format (f971f6dd)
- kvp: Some small fixes for handling NM keyfiles (c3803203)
- kvp: Support for keyfile based connection profile (42999c90)
- kvp: remove unnecessary (void*) conversions (22589542)
- Remove an extraneous "the" (f15f39fa)
- change http to https in hv_kvp_daemon.c (fa52a4b2)
- replace the copy of include/linux/hyperv.h with include/uapi/linux/hyperv.h (6de74d10)
- merge individual udev rules files into a single rules file
- package only files, not directories already owned by filesystem.rpm
- remove braces from rpm spec macros
- remove obsolete Group tag
- replace RPM_BUILD_ROOT with buildroot
- use a meaningful name for the UAPI include file
- use a meaningful variable name for ifcfg in hv_set_ifconfig.sh
==== kernel-firmware ====
Version update (20241001 -> 20241018)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Update to version 20241018 (git commit 2f0464118f40):
* check_whence.py: skip some validation if git ls-files fails
* qcom: Add Audio firmware for X1E80100 CRD/QCPs
* amdgpu: DMCUB updates forvarious AMDGPU ASICs
* brcm: replace NVRAM for Jetson TX1
* rtlwifi: Update firmware for RTL8192FU to v7.3
* make: separate installation and de-duplication targets
* check_whence.py: check the permissions
* Remove execute bit from firmware files
* configure: remove unused file
* rtl_nic: add firmware rtl8125d-1
- Update to version 20241014 (git commit 99f9c7ed1f4a):
* iwlwifi: add gl/Bz FW for core91-69 release
* iwlwifi: update ty/So/Ma firmwares for core91-69 release
* iwlwifi: update cc/Qu/QuZ firmwares for core91-69 release
* cirrus: cs35l56: Add firmware for Cirrus CS35L56 for a Lenovo Laptop
* cirrus: cs35l56: Add firmware for Cirrus CS35L56 for some ASUS laptops
* cirrus: cs35l56: Add firmware for Cirrus Amps for some HP laptops
* linux-firmware: update firmware for en8811h 2.5G ethernet phy
* QCA: Add Bluetooth firmwares for WCN785x with UART transport
- Update to version 20241011 (git commit 808cba847c70):
* mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher
* ath12k: WCN7850 hw2.0: update board-2.bin (bsc#1230596)
* ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1
* ath12k: QCN9274 hw2.0: add board-2.bin
* copy-firmware.sh: rename variables in symlink hanlding
* copy-firmware.sh: remove no longer reachable test -L
* copy-firmware.sh: remove no longer reachable test -f
* copy-firmware.sh: call ./check_whence.py before parsing the file
* copy-firmware.sh: warn if the destination folder is not empty
* copy-firmware.sh: add err() helper
* copy-firmware.sh: fix indentation
* copy-firmware.sh: reset and consistently handle destdir
* Revert "copy-firmware: Support additional compressor options"
* copy-firmware.sh: flesh out and fix dedup-firmware.sh
* Style update yaml files
* editorconfig: add initial config file
* check_whence.py: annotate replacement strings as raw
* check_whence.py: LC_ALL=C sort -u the filelist
* check_whence.py: ban link-to-a-link
* check_whence.py: use consistent naming
* Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin
* tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31
- Skip invocation of check_whence.py at copying:
copy-file-skip-check.patch
- Refresh copy-file-ignore-README.patch
- Drop obsoleted --ignore-duplicates option to copy-firmware.sh
- Drop the ath12k workaround again
- Update to version 20241010 (git commit d4e688aa74a0):
* rtlwifi: Add firmware v39.0 for RTL8192DU
* Revert "ath12k: WCN7850 hw2.0: update board-2.bin"
(replaced with a newer firmware in this package instead)
- update aliases
- Update to version 20241004 (git commit bbb77872a8a7):
* amdgpu: DMCUB DCN35 update
* brcm: Add BCM4354 NVRAM for Jetson TX1
* brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram
==== libdnf ====
Version update (0.73.2 -> 0.73.3)
Subpackages: libdnf-repo-config-zypp libdnf2
- version update to 0.73.3
* Support colon in username, use LRO_USERNAME and LRO_PASSWORD
* Set pool flag to fix pool_addfileprovides_queue() without filelists.xml
* Fix a memory leak in glob_for_cachedir()
==== libjcat ====
Version update (0.2.1 -> 0.2.2)
- Update to version 0.2.2:
+ New Features:
- Add bt-logindex blob kind.
+ Bugfixes:
- Increase test coverage for ED25519 support.
- Save the auto-generated private key with 0600 file
permissions.
- Switch ED25519 support to not directly using Nettle.
==== libunistring ====
Version update (1.2 -> 1.3)
- update to 1.3:
* Support Unicode version 16.0.0
==== mutter ====
Version update (47.0+19 -> 47.1)
- Update to version 47.1:
+ gwakeup: Reduce wake-ups to only first item in queue
+ x11: Reduce chances XPending does recvmsg() syscall
+ Fix grabbing tablet devices
+ Fix misplaced windows and random resizes on scaled monitors
+ Fix explicit sync with virtual monitors w/o pipewire streams
+ Improve detecting preferred primary devices
+ Fixed crashes
+ Misc. bug fixes and cleanups
+ Updated translations.
- Update to version 47.0+24:
* stage-impl: Ensure that a sync object is created in headless mode
* backends/x11: Avoid potential crash in pad_switch_mode
* display: Do not crash attempting to display OSD for unknown
Wacom device
* wayland/drm-lease: Do not add connector twice on lease
disappeared
* wayland/drm-lease: Hold device fd when listing leases
==== nautilus ====
Version update (47.0+8 -> 47.0+14)
Subpackages: gnome-shell-search-provider-nautilus libnautilus-extension4
- Update to version 47.0+14:
* nautilus-tag-manager: Drop tinysparql 2to3 migration
* Updated translations.
==== ncurses ====
Version update (6.5.20240928 -> 6.5.20241019)
Subpackages: libncurses6 ncurses-utils terminfo-base
- Add ncurses patch 20241019
+ fixes for compiler warnings/cppcheck.
+ build-fixes for DJGPP configuration (patches by Stas Sergeev)
- Add ncurses patch 20241006
+ fixes for compiler warnings/cppcheck.
+ use xterm+alt+title in wezterm -TD
==== open-vm-tools ====
Version update (12.4.5 -> 12.5.0)
Subpackages: libvmtools0
- convert to obs_scm
- update to 12.5.0 (boo#1231826):
There are no new features in the open-vm-tools 12.5.0 release.
This is primarily a maintenance release that addresses a few
critical problems, including:
* A Github pull request has been integrated. Please see the
Resolved Issues section of the Release Notes.
* For a more complete list of issues resolved in this release,
see the Resolved Issues section of the Release Notes.
For complete details, see:
https://github.com/vmware/open-vm-tools/releases/tag/stable-12.5.0
Release Notes are available at:
https://github.com/vmware/open-vm-tools/blob/stable-12.5.0/ReleaseNotes.md
The granular changes that have gone into the 12.5.0 release are
in the ChangeLog at:
https://github.com/vmware/open-vm-tools/blob/stable-12.5.0/open-vm-tools/ChangeLog
==== openssl-3 ====
Subpackages: libopenssl3
- Security fix: [bsc#1231741, CVE-2024-9143]
* Low-level invalid GF(2^m) parameters lead to OOB memory access
* Add openssl-CVE-2024-9143.patch
- Security fix: [bsc#1220262, CVE-2023-50782]
* Implicit rejection in PKCS#1 v1.5
* Add openssl-CVE-2023-50782.patch
==== patterns-base ====
Subpackages: patterns-base-base patterns-base-bootloader patterns-base-minimal_base patterns-base-x11
- In case of doubt, also favor libz1-32bit over libz-ng1-compat for
the time being.
==== pipewire ====
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools
- Add patch from upstream to fix a crash with broadcasting sinks:
* 0001-bluez5-fix-crash-with-broadcast-sinks.patch
- Add patch from upstream to actually clear the mix io areas when
being asked to clear it. Otherwise crashes might happen:
* 0002-jack-actually-clear-the-mix-io.patch
==== podman ====
- Add patch for CVE-2024-9676 (bsc#1231698):
* 0002-Use-securejoin.SecureJoin-when-forming-userns-paths.patch
- Rebase patch:
* 0001-Properly-validate-cache-IDs-and-sources.patch
==== python-blinker ====
Version update (1.7.0 -> 1.8.2)
- update to 1.8.2:
* Simplify type for _async_wrapper and _sync_wrapper arguments.
:pr:`156`
* Restore identity handling for str and int senders. :pr:`148`
* Fix deprecated blinker.base.WeakNamespace import. :pr:`149`
* Fix deprecated blinker.base.receiver_connected import.
:pr:`153`
* Use types from collections.abc instead of typing. :pr:`150`
* Fully specify exported types as reported by pyright.
:pr:`152`
* Deprecate the __version__ attribute. Use feature detection,
or importlib.metadata.version("blinker"), instead.
:issue:`128`
* Specify that the deprecated temporarily_connected_to will be
removed in the next version.
* Show a deprecation warning for the deprecated global
receiver_connected signal and specify that it will be removed
in the next version.
* Show a deprecation warning for the deprecated WeakNamespace
and specify that it will be removed in the next version.
* Greatly simplify how the library uses weakrefs. This is a
significant change internally but should not affect any
public API. :pr:`144`
* Expose the namespace used by signal() as default_namespace.
:pr:`145`
- add remove-sphinxextensions.patch to remove an optional
sphinxextension
==== python-certifi ====
Version update (2024.7.4 -> 2024.8.30)
- update to 2024.8.30:
added certs:
* TWCA CYBER Root CA O=TAIWAN-CA OU=Root CA
* SecureSign Root CA12 O=Cybertrust Japan Co., Ltd.
* SecureSign Root CA14 O=Cybertrust Japan Co., Ltd.
* SecureSign Root CA15 O=Cybertrust Japan Co., Ltd.
==== python-charset-normalizer ====
Version update (3.3.2 -> 3.4.0)
- update to 3.4.0:
* Argument `--no-preemptive` in the CLI to prevent the detector
to search for hints.
* Support for Python 3.13
* Relax the TypeError exception thrown when trying to compare a
CharsetMatch with anything else than a CharsetMatch.
* Improved the general reliability of the detector based on
user feedbacks. (#520) (#509) (#498) (#407)
* Declared charset in content (preemptive detection) not
changed when converting to utf-8 bytes.
==== python-cryptography ====
Version update (43.0.1 -> 43.0.3)
- update to 43.0.3:
* Fixed release metadata for cryptography-vectors
* Fixed compilation when using LibreSSL 4.0.0.
==== qt6-base ====
Subpackages: libQt6Concurrent6 libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6OpenGLWidgets6 libQt6PrintSupport6 libQt6Sql6 libQt6Test6 libQt6Widgets6 libQt6Xml6 qt6-network-tls qt6-networkinformation-glib qt6-networkinformation-nm qt6-printsupport-cups qt6-sql-sqlite
- Add patch to fix qxmpp test failures (gh#qxmpp-project/qxmpp#659):
* 0001-QUuid-restore-sorting-order-of-Qt-6.8.patch
- Add patch to fix potential crash with QDirIterator (QTBUG-130142):
* 0001-QDirIterator-don-t-crash-with-next-after-hasNext-ret.patch
==== runc ====
Version update (1.2.0~rc3 -> 1.2.0)
- Update to runc v1.2.0. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.2.0>.
==== samba ====
Version update (4.21.0+git.363.84c94ca948f -> 4.21.1+git.367.e1da597d86e)
Subpackages: libldb2 samba-ad-dc-libs samba-client samba-client-libs samba-libs
- Adjust spec to split out rpcd_* binaries into a separate
sub package; (bsc#1231414).
- Update to 4.21.1
* DH reconnect error handling can lead to stale sharemode
entries; (bso#15624).
* "inherit permissions = yes" triggers assert() in vfs_default
when creating a stream; (bso#15695).
* Samba 4.21.0 broke FreeIPA domain member integration;
(bso#15715).
* Missing conversion for msDS-UserTGTLifetime, msDS-
ComputerTGTLifetime and msDS-ServiceTGTLifetime on "samba-
tool domain auth policy modify"; (bso#15692).
* irpc_destructor may crash during shutdown; (bso#15280).
* Durable handle is not granted when a previous OPEN exists
with NoOplock; (bso#15649).
* Durable handle is granted but reconnect fails; (bso#15651).
* Disconnected durable handles with RH lease should not be
purged by a new non conflicting open; (bso#15708).
* net ads testjoin and other commands use the wrong secrets.tdb
in a cluster; (bso#15714).
* 4.21 using --with-system-mitkrb5 requires MIT krb5 1.16 as
rfc 8009 etypes are used; (bso#15726).
* VFS_OPEN_HOW_WITH_BACKUP_INTENT breaks shadow_copy2;
(bso#15730).
* Samba 4.20.0 DLZ module crashes BIND on startup; (bso#15643).
* Cannot build libldb lmdb backend on a build without AD DC;
(bso#15721).
* Consistent log level for sighup handler; (bso#15706).
==== selinux-policy ====
Version update (20240930 -> 20241021)
Subpackages: selinux-policy-targeted
- Update to version 20241021:
* rsync: add rsync_exec_commands boolean and enable it by default (bsc#1231494)
* Allow snapperd to execute systemctl (bsc#1231489)
- Update to version 20241018:
* Allow slpd to create TCPDIAG netlink socket (bsc#1231491)
* Allow slpd to use sys_chroot (bsc#1231491)
* Allow openvswitch-ipsec use strongswan (bsc#1231493)
==== u-boot-rpiarm64 ====
Subpackages: u-boot-rpiarm64-doc
Patch queue updated from https://github.com/openSUSE/u-boot.git tumbleweed-2024.10
* Patches added:
0018-Revert-riscv-dts-jh7110-Update-qspi.patch
boo#1231674
==== vte ====
Version update (0.78.0 -> 0.78.1)
- Update to version 0.78.1:
+ build:
- Prepend python to minifont coverage cmd
- Add missing includes
+ widget:
- Improve the robustness of ringview updating
- Make sure to update the ringview after a widget resize
- termprops: Fix for double termprops
+ draw:
- gsk:
. Use fill_n to fill background
. Draw cell background using scaled texture
- Fix background drawing offset
+ tests: Remove excessive constrexpr
==== webkit2gtk3 ====
Version update (2.46.1 -> 2.46.2)
Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 webkit2gtk-4_1-injected-bundles
- Update to version 2.46.2:
+ Own well-known bus name on a11y bus.
+ Improve memory consumption when putImageData is used repeatedly
on accelerated canvas.
+ Disable cached web process suspension for now to prevent leaks.
+ Improve text kerning with different combinations of antialias
and hinting settings.
+ Destroy all network sessions on process exit.
+ Fix visible rectangle calculation when there are animations.
+ Fix the build with ENABLE_NOTIFICATIONS=OFF.
+ Fix the build with ENABLE_FULLSCREEN_API=OFF.
+ Fix the build with ENABLE_WEB_AUDIO=OFF.
+ Fix the build on ppc64le.
+ Fix several crashes and rendering issues.
- Drop bug281495.patch: fixed upstream.
==== webkit2gtk4 ====
Version update (2.46.1 -> 2.46.2)
Subpackages: libjavascriptcoregtk-6_0-1 libwebkitgtk-6_0-4 webkitgtk-6_0-injected-bundles
- Update to version 2.46.2:
+ Own well-known bus name on a11y bus.
+ Improve memory consumption when putImageData is used repeatedly
on accelerated canvas.
+ Disable cached web process suspension for now to prevent leaks.
+ Improve text kerning with different combinations of antialias
and hinting settings.
+ Destroy all network sessions on process exit.
+ Fix visible rectangle calculation when there are animations.
+ Fix the build with ENABLE_NOTIFICATIONS=OFF.
+ Fix the build with ENABLE_FULLSCREEN_API=OFF.
+ Fix the build with ENABLE_WEB_AUDIO=OFF.
+ Fix the build on ppc64le.
+ Fix several crashes and rendering issues.
- Drop bug281495.patch: fixed upstream.
==== wireplumber ====
Subpackages: libwireplumber-0_5-0 wireplumber-audio
- Add patch from upstream to fix switching automatically the
profile of non-bluetooth devices (boo#1231815):
* 0001-autoswitch-bluetooth-profile-switch-only-Bluetooth-devices.patch
- Add patch from upstream to fix switching automatically the
profile when starting some apps and then switching to the
previous profile:
* 0002-autoswitch-bluetooth-profile-Switch-to-HSP_HFP-on-timeout.patch
- Add patches from upstream to fix a couple of memory leaks:
* 0003-m-mixer-api-Fix-memory-in-leak-wp_mixer_api_set_volume.patch
* 0004-module-dbus-connection-fix-GCancellable-leak.patch
==== xf86-input-libinput ====
Version update (1.4.0 -> 1.5.0)
- Update to version 1.5.0:
* the compose and kana LEDs are now supported
* tablet tools now have a property to indicate the tool serial and hw id
(if any)
* libinput's tablet tool pressure range config is now supported
* libinput's clickfinger button map config is now supported
* we remap some higher keycodes to FK20 and friends, paving the
way for systemd/udev to map those properly in their hwdb files
==== xfsprogs ====
Version update (6.10.1 -> 6.11.0)
- update to 6.11.0
- mkfs: break up the rest of the rtinit() function
- mkfs: clean up the rtinit() function
- xfs_repair: use library functions for orphanage creation
- xfs_repair: use library functions to reset root/rbm/rsum inodes
- xfs_repair: don't crash in get_inode_parent
- xfs_repair: fix exchrange upgrade
- xfs_db: port the iunlink command to use the libxfs iunlink function
- xfs_db/mdrestore/repair: don't use the incore struct xfs_sb for offsets into struct xfs_dsb
- xfs_db/mkfs/xfs_repair: port to use XFS_ICREATE_UNLINKABLE
- xfs_db: port the unlink command to use libxfs_droplink
- libxfs: implement get_random_u32
- libxfs: remove libxfs_dir_ialloc
- libxfs: backport inode init code from the kernel
- libxfs: pack icreate initialization parameters into a separate structure
- xfs_io: add RWF_ATOMIC support to pwrite
- libfrog: emulate deprecated attrlist functionality in libattr
- misc: clean up code around attr_list_by_handle calls
- fsck.xfs: fix fsck.xfs run by different shells when fsck.mode=force is set
- libxfs: provide a memfd_create() wrapper if not present in libc
- xfs_io: Fix fscrypt macros ordering
- man: Update unit for fsx_extsize and fsx_cowextsize
- xfs_db: release ip resource before returning from get_next_unlinked()
- libxfs: kernel sync
- ------------------------------------------------------------------
==== xz ====
Version update (5.6.2 -> 5.6.3)
Subpackages: liblzma5
- Update to 5.6.3:
* liblzma:
- Fix x86-64 inline assembly compatibility with GNU Binutils
older than 2.27.
- Fix the build with GCC 4.2 on OpenBSD/sparc64.
* xzdec: Display an error instead of failing silently if the
unsupported option -M is specified.
* lzmainfo: Fix integer overflows when rounding the dictionary and
uncompressed sizes to the nearest mebibyte.
* Autotools-based build:
- Fix feature checks with link-time optimization (-flto).
- Solaris: Fix a compatibility issue in version.sh. It matters
if one wants to regenerate configure by running autoconf.
* CMake:
- Use paths relative to ${prefix} in liblzma.pc when possible.
This is done only with CMake >= 3.20.
- Prefer a C11 compiler over a C99 compiler but accept both.
- Link Threads::Threads against liblzma using PRIVATE so that
- pthread and such flags won't unnecessarily get included in
the usage requirements of shared liblzma. That is,
target_link_libraries(foo PRIVATE liblzma::liblzma) no
longer adds -pthread if using POSIX threads and linking
against shared liblzma. The threading flags are still added
if linking against static liblzma.
* Updated translations: Catalan, Chinese (simplified), and
Brazilian Portuguese.
==== zlib-ng-compat ====
Version update (2.2.1 -> 2.2.2)
- Update to 2.2.2:
* Changelog at https://github.com/zlib-ng/zlib-ng/releases/tag/2.2.2
- Install the ld.so configuration file also with the -32bit
package, as otherwise biarch installs won't find that library
(boo#1232065).