Packages changed: MozillaFirefox (110.0.1 -> 111.0.1) dmidecode hwdata (0.368 -> 0.369) libqt5-qtbase (5.15.8+kde183 -> 5.15.8+kde185) mdadm pam-config (2.2 -> 2.4) python-cryptography systemd (253.1 -> 253.2) tigervnc webkit2gtk3 webkit2gtk4 wsdd (0.7.0 -> 0.7.1) xdm yast2-installation (4.6.1 -> 4.6.2) yast2-storage-ng (4.6.3 -> 4.6.4) yast2-trans (84.87.20230324.a3dfeee0c1 -> 84.87.20230401.d443fd75ae) yast2-users (4.6.0 -> 4.6.1) === Details === ==== MozillaFirefox ==== Version update (110.0.1 -> 111.0.1) Subpackages: MozillaFirefox-translations-common - Mozilla Firefox 111.0.1 (boo#1209688) * Fixed a crash on macOS while pinch-zooming under some circumstances (bmo#1658986) * Fixed a bug causing Firefox to freeze on startup for some Windows users (bmo#1823159) - fix build on Tumbleweed (mozilla-bmo1807652.patch) - exclude i586/i686 once again because it fails to link libxul due to its size - Mozilla Firefox 111.0 * https://www.mozilla.org/en-US/firefox/111.0/releasenotes MFSA 2023-09 (bsc#1209173) * CVE-2023-28159 (bmo#1783561) Fullscreen Notification could have been hidden by download popups on Android * CVE-2023-25748 (bmo#1798798) Fullscreen Notification could have been hidden by window prompts on Android * CVE-2023-25749 (bmo#1810705) Firefox for Android may have opened third-party apps without a prompt * CVE-2023-25750 (bmo#1814733) Potential ServiceWorker cache leak during private browsing mode * CVE-2023-25751 (bmo#1814899) Incorrect code generation during JIT compilation * CVE-2023-28160 (bmo#1802385) Redirect to Web Extension files may have leaked local path * CVE-2023-28164 (bmo#1809122) URL being dragged from a removed cross-origin iframe into the same tab triggered navigation * CVE-2023-28161 (bmo#1811181) One-time permissions granted to a local file were extended to other local files loaded in the same tab * CVE-2023-28162 (bmo#1811327) Invalid downcast in Worklets * CVE-2023-25752 (bmo#1811627) Potential out-of-bounds when accessing throttled streams * CVE-2023-28163 (bmo#1817768) Windows Save As dialog resolved environment variables * CVE-2023-28176 (bmo#1808352, bmo#1811637, bmo#1815904, bmo#1817442, bmo#1818674) Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 * CVE-2023-28177 (bmo#1803109, bmo#1808832, bmo#1809542, bmo#1817336) Memory safety bugs fixed in Firefox 111 - ensure gcc11-c++ gets used on Leap 15.5 - requires NSS >= 3.88.1 - removed obsolete patches gcc13-fix.patch mozilla-bmo1810584.patch - rebased patches - update create-tar.sh ==== dmidecode ==== - dmioem-hpe-oem-record-237-firmware-change.patch: Fix the decoding of the last field of HPE OEM record type 237 (DIMM Vendor Information). ==== hwdata ==== Version update (0.368 -> 0.369) - update to 0.369: * Update pci, usb and vendor ids ==== libqt5-qtbase ==== Version update (5.15.8+kde183 -> 5.15.8+kde185) Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5OpenGL5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 libqt5-qtbase-platformtheme-gtk3 - Update to version 5.15.8+kde185: * QFSFileEngine: fix overflow bug when using lseek64 * Add QImage null check when QOpenGLTexture converts - Add patch to fix return key handling in QGroupBox on GNOME (bsc#1209364): * 0001-Revert-QGnomeTheme-Allow-Space-Return-Enter-and-Sele.patch - Add patch to fix XInput2 events in big-endian X11 clients (bsc#1204883, QTBUG-105157): * big-endian-scroll.patch ==== mdadm ==== - sysconfig.mdadm: Remove ServiceRestart line to mdadm since there is not such systemd service. (bsc#1203491) ==== pam-config ==== Version update (2.2 -> 2.4) - Update to version 2.4 - Read postlogin files, too - Update to version 2.3 - Add silent_if option for pam_lastlog2 ==== python-cryptography ==== - rebase patch remove_python_3_6_deprecation_warning.patch ==== systemd ==== Version update (253.1 -> 253.2) Subpackages: libsystemd0 libudev1 systemd-coredump systemd-doc systemd-lang udev - Import commit 03cfbe767327d01d5a71131d91bf06fdc0047ca1 03cfbe7673 test: use setpriv instead of su for user switch from root 857843834c test: wrap mkfs.*/mksquashfs/mkswap binaries when running w/ ASan be7388f8c5 test: do not remove state directory on failure 1b2885bd16 test: fix regexp in testsuite-74.mount.sh 41142f8013 test: drop extraneous bracket in testsuite-74.mount.sh - systemd.spec: add files.coredump - Import commit b63f58661b08037d8cb04ed97b5e39d9bf415fdc (merge of v253.2) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/8b01686dd20124efc300d21ef38d85c1f75c372f...b63f58661b08037d8cb04ed97b5e39d9bf415fdc - Move systemd-fsck stuff to udev sub-package. - Include pam_keyinit.so in our systemd-user PAM service (bsc#1209741) That way "systemd --user" instances get their own session keyring instead of the user default session keyring. For some reasons cifscreds refuses to work with the latter. That's what is expected for every PAM session anyway. - Import commit 8b01686dd20124efc300d21ef38d85c1f75c372f 8b01686dd2 test: don't export $TOOLS_DIR 7a56b1b2f0 test: clean up $STATEDIR too 324bb19eb8 test: $STATEDIR should not point to /usr/lib/systemd/tests when NO_BUILD=1 2251735482 test: install symlinks with valid targets on SUSE and Debian c30905a269 test: on openSUSE install the collection of unit test binaries in the target only for TEST-02-UNITTESTS 797ced15d8 meson: make sure the unit test scripts find testdata/ even if they are not installed in the same directory 04dc5b44b7 meson: define testdata_dir globally 69643c6c96 test: install unit tests in a dedicated subdirectory below '$testsdir' ==== tigervnc ==== Subpackages: libXvnc1 xorg-x11-Xvnc xorg-x11-Xvnc-module - Fixes for bsc#1209283 * Drop chown vnc:vnc calls in with-vnc-key.sh * Add TLSNone to -securitytypes to increase security in xvnc@.service ==== webkit2gtk3 ==== Subpackages: WebKitGTK-4.1-lang libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Add fix-gst-crash.patch: Fix crash in webkit_media_stream_src_class_init(). https://bugs.webkit.org/show_bug.cgi?id=254025 - Add reproducibility.patch: Make build more reproducible. Still not there yet though. Inject fixed year in file. ==== webkit2gtk4 ==== Subpackages: WebKitGTK-6.0-lang libjavascriptcoregtk6_0-1 libwebkitgtk6_0-4 webkitgtk-6_0-injected-bundles - Add fix-gst-crash.patch: Fix crash in webkit_media_stream_src_class_init(). https://bugs.webkit.org/show_bug.cgi?id=254025 - Add reproducibility.patch: Make build more reproducible. Still not there yet though. Inject fixed year in file. ==== wsdd ==== Version update (0.7.0 -> 0.7.1) - Force the use of python 3.10 for openSUSE Leap - Update to version 0.7.1 * GitHub workflow for static analyses added (syntax, format, and type checks are performed). * Added EnvironmentFile and according example for systemd-based distros. * Make wsdd work (again) on MacOS (#139). Thanks to Eugene Gershnik. * Application profile for UFW has been added (#169) * Use of implicitly present async I/O loop instead created one for API servers. Fixes regression due to changed API in Python 3.10 (see #162) * Source code is spiced with type hints now. * man page moved to section 8. ==== xdm ==== - Create two set of pam configuration files: + *.sle15 are for SLES15 and older + add postlogin-* includes to the others as required by new openSUSE's PAM config policy ==== yast2-installation ==== Version update (4.6.1 -> 4.6.2) - yupdate - improved Live ISO detection, added "--force" option (related to bsc#1206927) - 4.6.2 ==== yast2-storage-ng ==== Version update (4.6.3 -> 4.6.4) - AutoYaST: export thin LVM volumes when cloning (bsc#1209725) - 4.6.4 ==== yast2-trans ==== Version update (84.87.20230324.a3dfeee0c1 -> 84.87.20230401.d443fd75ae) Subpackages: yast2-trans-cs yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-fr yast2-trans-hu yast2-trans-it yast2-trans-ja yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ru yast2-trans-zh_CN yast2-trans-zh_TW - Update to version 84.87.20230401.d443fd75ae: * Translated using Weblate (Macedonian) * Translated using Weblate (Macedonian) * Translated using Weblate (Macedonian) * Translated using Weblate (Macedonian) * Translated using Weblate (Macedonian) * Translated using Weblate (Macedonian) * Translated using Weblate (Macedonian) * Translated using Weblate (Macedonian) * Translated using Weblate (Macedonian) ==== yast2-users ==== Version update (4.6.0 -> 4.6.1) - Stop mangling the value of "Create as Btrfs Subvolume" for new users when clicking on "Edit -> Details" (bsc#1209377). - 4.6.1 - AutoYaST: Fix creation of home for system users (bsc#1202974).