Packages changed: gimp (2.10.32 -> 2.10.34) gjs (1.74.1 -> 1.74.2) greybird-geeko-theme harfbuzz (7.0.0 -> 7.0.1) heaptrack libguestfs (1.50.0 -> 1.50.1) nodejs19 (19.6.0 -> 19.7.0) pango (1.50.12 -> 1.50.13) sqlite3 (3.40.1 -> 3.41.0) thunar (4.18.3 -> 4.18.4) tiff xmlsec1 === Details === ==== gimp ==== Version update (2.10.32 -> 2.10.34) Subpackages: gimp-plugin-aa gimp-plugins-python libgimp-2_0-0 libgimpui-2_0-0 - Update to 2.10.34: - Core: - Check for updates now works on macOS (backported from 2.99.14). - Update help IDs for better integration with the documentation website. - Symmetry dockable contents is now shown, yet deactivated, when no images are opened, improving discoverability (backported from 2.99.14). - DBus fully disabled on macOS (in some case, it could even freeze GIMP process when dbus is present yet not responding). Open With feature (e.g. from file browsers) still work fine as it uses a different code path on macOS. Other features using dbus (opening files or running batch commands from a separate GIMP process) won't work, but they probably never did on macOS anyway. - "Canvas Size" dialog took too much vertical space and now better uses the horizontal space by moving the preview and offset fiels to the right side, and the "Center" button just below (backported from 2.99.8). - Template selector (backported from 2.99.6) in resize dialog. - Color scale preferences (0..255/0..100 and LCh/HSV settings in Colors selection dialogs) are now remembered across sessions. - Eye icon header added to the item tree views to make it more obvious where to click for item visibility and links (backported from 2.99.10) - Revert color proofing behavior changed in 2.10.32 which resulted in inconsistent past workflows. - "Lock path strokes" tooltip for the dockable icon was renamed "Lock path". - Plug-ins: - DDS: make GUI translatable. - file-raw: added high bit depth precision export (partial backport from 2.99.12). - TIFF: * Various bug fixes; * better check for invalid resolutions on import; * do not generated warnings for incorrect RichTIFFIPTC tags produced by Adobe products (only output a message to stderr, for not completely ignoring these); * Loading "reduced" image or not is now an option. We use a heuristic for the default value of said option (trying to guess if it's a thumbnail by using common usage), but final decision is now up to one knowing the image you load (backported from 2.99.14); * Default TIFF export format is "normal" TIFF, not BigTIFF (making it default was definitely an error in 2.10.32). - PSD: * Various bug fixes; * Useless physical unit conversion removed; * Backported improvement (2.99.10) for importing layers with clipping set (leading to color bleeding); * Backported improvements (2.99.10) for importing clipping layers; * Paths are now exported (backported from 2.99.14). - WebP: more informative error messages in some cases. - Flame: various bug fixes. - JPEG-XL: * metadata import backported from 2.99.14 - (requires libjxl 0.7.0) * Partial backport (2.99.8) of JPEG-XL export; export is always in 8bit lossless. - HEIF: various bug fixes. - Dicom: various bug fixes. - help: * macOS: https support now working fine for help files (bypassing lack of support in GIO for macOS platform). - animation-play: fixed on macOS. - PDF: * Import: new option "Fill transparent areas with white" to fill the background in white (ON by default as most office PDF writers seem to rely on readers filling the background with white), allowing importing transparent PDF files. * Export: new option "Fill transparent areas with background color" allowing to decide whether to export a PDF with transparent background. - TGA: * Added a workaround to load wrongful TGA files exported by Krita (which they fixed on their side too now, see Krita bug 464484). - ICO and CUR: * Magics detection for these formats has been removed (now using only using filename extension) because it was interfering with the detection of certain types of TGA images (which are likely more common than ICO and CUR files, and extension for these should be reliable enough). - Libgimpbase: - GimpMetadata API (in particular the gimp_metadata_set_from_*() functions) are now much less memory-hungry (backported from the main dev branch) when using GExiv 0.12.2 or over. With some huge metadata, it could cause long freeze or even crashes of plug-ins. - Libgimpwidgets: - Color-picking with X11 is now the default when compiled with X11, even if a color-picking portal also exists, because it is always right, whereas portals return color in display space without the space information itself (i.e. without profiles). - New dedicated GimpPickButton implementation for Windows (backported from 2.99.14). - Libgimp: - New wrapper functions around GEGL ops, which also map to items in our Color menu: * gimp_drawable_shadows_highlights() * gimp_drawable_extract_component() ==== gjs ==== Version update (1.74.1 -> 1.74.2) Subpackages: libgjs0 typelib-1_0-GjsPrivate-1_0 - Update to version 1.74.2: + Various fixes ported from the development branch. + Closed bugs and merge requests: - Build error with clang - Can't compile current version with mozjs 102 - Enabling window-list extension causes gnome-shell to crash when running "dconf update" as root - log: Fix an off-by-one buffer overflow ==== greybird-geeko-theme ==== Subpackages: gtk2-metatheme-greybird-geeko gtk3-metatheme-greybird-geeko gtk4-metatheme-greybird-geeko metatheme-greybird-geeko-common - Make "*:link:selected" optional to work around too old gtk4 libs on Leap 15.5, too. ==== harfbuzz ==== Version update (7.0.0 -> 7.0.1) Subpackages: libharfbuzz-gobject0 libharfbuzz-icu0 libharfbuzz-subset0 libharfbuzz0 libharfbuzz0-32bit typelib-1_0-HarfBuzz-0_0 - Update to version 7.0.1: + Various build and bug fixes ==== heaptrack ==== Subpackages: heaptrack-gui heaptrack-lang - Try another way to ignore the GLIBC_PRIVATE requirement ==== libguestfs ==== Version update (1.50.0 -> 1.50.1) Subpackages: libguestfs-xfs libguestfs0 - Update to version 1.50.1 * This is a bug fix release. No upstream changelog. ==== nodejs19 ==== Version update (19.6.0 -> 19.7.0) Subpackages: npm19 - Update to version 19.7.0: * deps: + upgrade npm to 9.5.0 + update undici to v5.20.0 * stream: add abort signal for ReadableStream and WritableStream * url: replace url-parser with ada (not language) - Changes in version 19.6.1: * fixes permissions policies can be bypassed via process.mainModule (bsc#1208481, CVE-2023-23918) * fixes insecure loading of ICU data through ICU_DATA environment variable (bsc#1208487, CVE-2023-23920) * fixes OpenSSL error handling issues in nodejs crypto library (bsc#1208483, CVE-2023-23919) * updates undici to v5.19.1 + Fetch API in Node.js did not protect against CRLF injection in host headers + Regular Expression Denial of Service in Headers in Node.js fetch API (bsc#1208413, bsc#1208485, CVE-2023-24807, CVE-2023-23936) - linker_lto_jobs.patch: refreshed - node-gyp_7.1.2.tar.xz: added dependencies - node-gyp-config.patch: allows gyp 7.1.2 to run with node 19.x ==== pango ==== Version update (1.50.12 -> 1.50.13) Subpackages: libpango-1_0-0 libpango-1_0-0-32bit typelib-1_0-Pango-1_0 - Update to version 1.50.13: + win32: - Add back fallback for empty fontsets - Improve DirectWrite support + Fix word segmentation for Japanese + Don't set backspace-deletes-char for math symbols + coretext: Fix a crash + cairo: Apply metrics hinting to underlines too + Treat COLRv1 fonts as color fonts ==== sqlite3 ==== Version update (3.40.1 -> 3.41.0) Subpackages: libsqlite3-0 sqlite3-tcl - Update to 3.41.0: * https://www.sqlite.org/releaselog/3_41_0.html * Various query planner improvements. * Add the built-in unhex() SQL function. * Add the base64 and base85 application-defined functions as an extension and include that extension in the CLI. * In-memory databases created using sqlite3_deserialize() now report their filename as an empty string, not as 'x'. * The ".scanstats est" command provides query planner estimates in profiles. * Enhance the --safe command-line option to disallow dangerous SQL functions. * The double-quoted string misfeature is now disabled by default for CLI builds. * Various other improvements and performance enhancements. - The new version obsoletes sqlite-src-3390000-func7-pg-181.patch ==== thunar ==== Version update (4.18.3 -> 4.18.4) Subpackages: libthunarx-3-0 thunar-lang - Update to 4.18.4: * Dont open folder when mounting device (Issue #919) * Dont show full menu for unmounted devices (#1049) * Support handling URIs via desktop file (#1044) * Focus correct split pane on mouse click (#1039) * Prevent wrong undo/redo notify (#1036) * Support undo trash for linked pathes (#1030) * Always ask before delete files via undo (#1027) * Fix use after free fault (#1031) * Allow symlink creation on remote locations (#875) * Prevent crash when closing window (#884) * Keep directory specific sort details (#1017) * Dont add extra-dot when creating links (#1019) * Translation Updates ==== tiff ==== Subpackages: libtiff6 libtiff6-32bit - security update: * CVE-2023-0795 [bsc#1208226] * CVE-2023-0796 [bsc#1208227] * CVE-2023-0797 [bsc#1208228] * CVE-2023-0798 [bsc#1208229] * CVE-2023-0799 [bsc#1208230] + tiff-CVE-2023-0795,CVE-2023-0796,CVE-2023-0797,CVE-2023-0798,CVE-2023-0799.patch * CVE-2023-0800 [bsc#1208231] * CVE-2023-0801 [bsc#1208232] * CVE-2023-0802 [bsc#1208233] * CVE-2023-0803 [bsc#1208234] * CVE-2023-0804 [bsc#1208236] + tiff-CVE-2023-0800,CVE-2023-0801,CVE-2023-0802,CVE-2023-0803,CVE-2023-0804.patch ==== xmlsec1 ==== Subpackages: libxmlsec1-1 libxmlsec1-nss1 libxmlsec1-openssl1 - switch to pkgconfig(zlib) to allow alternative providers as well