Packages changed: blog (2.26 -> 2.27) cpio (2.13 -> 2.14) gcc13 (13.1.1+git7364 -> 13.1.1+git7552) glib2 (2.76.3 -> 2.76.4) gnome-shell (44.2 -> 44.3) gpgme (1.20.0 -> 1.21.0) hwdata (0.371 -> 0.372) kernel-firmware (20230620 -> 20230707) kernel-source (6.3.9 -> 6.4.2) libgphoto2 libnice libqt5-qtgraphicaleffects libstorage-ng (4.5.122 -> 4.5.123) mutter (44.2 -> 44.3) ncurses (6.4.20230617 -> 6.4.20230701) perl-Cpanel-JSON-XS (4.36 -> 4.37) perl-HTTP-Date (6.05 -> 6.06) perl-Net-HTTP (6.22 -> 6.23) perl-libwww-perl (6.70 -> 6.71) publicsuffix (20230616 -> 20230709) python-M2Crypto (0.38.0 -> 0.39.0) python-cryptography (41.0.1 -> 41.0.2) python-referencing (0.29.0 -> 0.29.1) python-rich (13.4.1 -> 13.4.2) util-linux util-linux-systemd vim wtmpdb (0.7.0 -> 0.7.1) yast2-installation (4.6.4 -> 4.6.5) yast2-storage-ng (4.6.11 -> 4.6.12) yast2-trans (84.87.20230630.ccfa6add46 -> 84.87.20230708.d1de37aed1) === Details === ==== blog ==== Version update (2.26 -> 2.27) Subpackages: libblogger2 - Fix big endian cast problems to be able to read commands and ansers (blogctl) as well as passphrases (blogd) ==== cpio ==== Version update (2.13 -> 2.14) Subpackages: cpio-lang cpio-mt - Backport upstream fix for --no-absolute-filenames --make-directories * fix-operation-no-absolute-filenames.patch - Update to 2.14: * New option --ignore-dirnlink Valid in copy-out mode, it instructs cpio to ignore the actual number of links reported for each directory member and always store 2 instead. * Changes in --reproducible option The --reproducible option implies --ignore-dirlink. In other words, it is equivalent to --ignore-devno --ignore-dirnlink --renumber-inodes. * Use GNU ls algorithm for deciding timestamp format in -tv mode * Fix cpio header verification. * Fix handling of device numbers on copy out. * Fix calculation of CRC in copy-out mode. * Rewrite the fix for CVE-2015-1197. * Fix combination of --create --append --directory. * Fix appending to archives bigger than 2G. - Refresh patches: * cpio-open_nonblock.patch * cpio-dev_number.patch * cpio-default_tape_dev.patch * cpio-pattern-file-sigsegv.patch - Remove patches: * cpio-revert-CVE-2015-1197-fix.patch * fix-CVE-2021-38185.patch * fix-CVE-2021-38185_2.patch * fix-CVE-2021-38185_3.patch ==== gcc13 ==== Version update (13.1.1+git7364 -> 13.1.1+git7552) Subpackages: cpp13 libatomic1 libgcc_s1 libgfortran5 libgomp1 libobjc4 libquadmath0 libstdc++6 libstdc++6-locale libstdc++6-pp libubsan1 - Bump to f9781fcf733ca3afe5b5811afd8ecbb18d9d3a11, git7552 - Remove gcc13-pr110334.patch again as it breaks libreoffice build. - Bump to a533ded17fb13cbbb2fa5133ecd470360f66c5cf, git7489. - Add gcc13-pr110334.patch to fix missed optimization in Skia resulting in Firefox crashes when building with LTO. [boo#1212101] - Raise architecture levels for ALP. [PED-153] * Raise POWER architecture baseline to power9. [PED-2005] * Raise x86-64 architecture baseline to x86-64-v2 for ALP. [PED-252] * Delay raising s390x architecture baseline to z14. [PED-253] ==== glib2 ==== Version update (2.76.3 -> 2.76.4) Subpackages: glib2-lang glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 libgthread-2_0-0 - Update to version 2.76.4: + Fix build failure on Android with `statx()` support + Bugs fixed: - glib-compile-schemas failed on directory name with no Latin symbols - Build failure due to statx fields with NDK r25.c - glib-compile-resources: Fix non-ASCII arg parsing on Windows - glib: reset errno to 0 when futex() returns EAGAIN - Avoid stack overflow in gspawn on macOS - glocalfileinfo: Fix incorrect use of struct statx.st_mtimensec on Android + Updated translations. ==== gnome-shell ==== Version update (44.2 -> 44.3) Subpackages: gnome-extensions gnome-shell-calendar gnome-shell-lang - Update to version 44.3: + Fix cursor offset when using magnifier. + Fix missing workspace borders after wallpaper changes. + Revert screencast optimization that results in bogus windows. + Misc. bug fixes and cleanups. + Updated translations. ==== gpgme ==== Version update (1.20.0 -> 1.21.0) Subpackages: libgpgme11 libgpgmepp6 python311-gpg - Update to 1.21.0 * Extended gpgme_op_encrypt, gpgme_op_encrypt_sign, and gpgme_op_sign to allow writing the output directly to a file. [T6530] * Extended gpgme_op_decrypt and gpgme_op_verify to allow reading the input data directly from files. [T6530] * For key signing and uid revoking allow an empty user id. [rMfbc3963d62] * Pass an input-size-hint also to the gpgsm engine. [T6534] * qt: Allow writing the created archives directly to a file. [T6530] * qt: Allow reading the signed/encrypted archive to decrypt or verify directly from a file. [T6530] * qt: Qt Jobs working with QIODeviceDataProvider now properly handle input-size hints and progress for files larger. 2^32 bytes in 32 bit builds. [T6534] * cpp: Error::isCanceled now also returns true for error code GPG_ERR_FULLY_CANCELED. [T6510] * python: Fix wrong use of write. [T6501] * Interface changes relative to the 1.20.0 release: - cpp: Data::setFlag NEW. - cpp: Data::setSizeHint NEW. - qt: Job::startIt NEW. - qt: DecryptVerifyArchiveJob::setInputFile NEW. - qt: DecryptVerifyArchiveJob::inputFile NEW. - qt: EncryptArchiveJob::setRecipients NEW. - qt: EncryptArchiveJob::recipients NEW. - qt: EncryptArchiveJob::setInputPaths NEW. - qt: EncryptArchiveJob::inputPaths NEW. - qt: EncryptArchiveJob::setOutputFile NEW. - qt: EncryptArchiveJob::outputFile NEW. - qt: EncryptArchiveJob::setEncryptionFlags NEW. - qt: EncryptArchiveJob::encryptionFlags NEW. - qt: SignArchiveJob::setSigners NEW. - qt: SignArchiveJob::signers NEW. - qt: SignArchiveJob::setInputPaths NEW. - qt: SignArchiveJob::inputPaths NEW. - qt: SignArchiveJob::setOutputFile NEW. - qt: SignArchiveJob::outputFile NEW. - qt: SignEncryptArchiveJob::setSigners NEW. - qt: SignEncryptArchiveJob::signers NEW. - qt: SignEncryptArchiveJob::setRecipients NEW. - qt: SignEncryptArchiveJob::recipients NEW. - qt: SignEncryptArchiveJob::setInputPaths NEW. - qt: SignEncryptArchiveJob::inputPaths NEW. - qt: SignEncryptArchiveJob::setOutputFile NEW. - qt: SignEncryptArchiveJob::outputFile NEW. - qt: SignEncryptArchiveJob::setEncryptionFlags NEW. - qt: SignEncryptArchiveJob::encryptionFlags NEW. ==== hwdata ==== Version update (0.371 -> 0.372) - update to 0.372: * Update pci, usb and vendor ids ==== kernel-firmware ==== Version update (20230620 -> 20230707) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd - Update to version 20230707 (git commit d3f66064cf43): * Partially revert "amdgpu: DMCUB updates for DCN 3.1.4 and 3.1.5" * linux-firmware: update firmware for mediatek bluetooth chip (MT7922) * linux-firmware: update firmware for MT7922 WiFi device * linux-firmware: Update firmware file for Intel Bluetooth AX203 * linux-firmware: Update firmware file for Intel Bluetooth AX203 * linux-firmware: Update firmware file for Intel Bluetooth AX211 * linux-firmware: Update firmware file for Intel Bluetooth AX211 * linux-firmware: Update firmware file for Intel Bluetooth AX210 * linux-firmware: Update firmware file for Intel Bluetooth AX200 * linux-firmware: Update firmware file for Intel Bluetooth AX201 * Fix qcom ASoC tglp WHENCE entry * check_whence: Check link targets are valid * iwlwifi: add new FWs from core80-39 release * iwlwifi: update cc/Qu/QuZ firmwares for core80-39 release * qcom: Add Audio firmware for SC8280XP X13s * Makefile, copy-firmware: support xz/zstd compressed firmware * copy-firmware: silence the last shellcheck warnings * copy-firmware: drop obsolete backticks, quote * copy-firmware: tweak sed invocation * copy-firmware: quote deskdir and dirname * check_whence: error if symlinks are in-tree * check_whence: error if File: is actually a link * check_whence: strip quotation marks * linux-firmware: wilc1000: update WILC1000 firmware to v16.0 * ice: update ice DDP wireless_edge package to 1.3.10.0 * amdgpu: DMCUB updates for DCN 3.1.4 and 3.1.5 - Update aliases ==== kernel-source ==== Version update (6.3.9 -> 6.4.2) - Refresh patches.suse/fork-lock-VMAs-of-the-parent-process-when-forking.patch. Replace by the correct one. It was merged to upstream twice. And this is the right version. - commit b97b894 - Update vanilla config files. Just run oldconfig for vanillas too. No actual changes. - commit dcdca04 - Update patches.kernel.org/6.4.1-021-mm-always-expand-the-stack-with-the-mmap-write-.patch (bsc#1012628 bsc#1212395 CVE-2023-3269). Add references to CVE. - commit 5a45f18 - Update config files. Only run_oldconfig. - commit 37ad463 - fork: lock VMAs of the parent process when forking (bsc#1212775). - mm: lock a vma before stack expansion (bsc#1212775). - mm: lock newly mapped VMA which can be modified after it becomes visible (bsc#1212775). - mm: lock newly mapped VMA with corrected ordering (bsc#1212775). - Update config files. - Delete patches.suse/Revert-x86-mm-try-VMA-lock-based-page-fault-handling.patch. Drop the downstream revert in favor of upstream fixes above and reset the configs -- leave STATS off as per default. - commit e2dafc9 - Linux 6.4.2 (bsc#1012628). - arch/arm64/mm/fault: Fix undeclared variable error in do_page_fault() (bsc#1012628). - drm/amdgpu: Validate VM ioctl flags (bsc#1012628). - dm ioctl: Avoid double-fetch of version (bsc#1012628). - docs: Set minimal gtags / GNU GLOBAL version to 6.6.5 (bsc#1012628). - scripts/tags.sh: Resolve gtags empty index generation (bsc#1012628). - hugetlb: revert use of page_cache_next_miss() (bsc#1012628). - nubus: Partially revert proc_create_single_data() conversion (bsc#1012628). - Revert "cxl/port: Enable the HDM decoder capability for switch ports" (bsc#1012628). - nfs: don't report STATX_BTIME in ->getattr (bsc#1012628). - execve: always mark stack as growing down during early stack setup (bsc#1012628). - PCI/ACPI: Call _REG when transitioning D-states (bsc#1012628). - PCI/ACPI: Validate acpi_pci_set_power_state() parameter (bsc#1012628). - tools/nolibc: x86_64: disable stack protector for _start (bsc#1012628). - xtensa: fix lock_mm_and_find_vma in case VMA not found (bsc#1012628). - commit 648ac3b - regulator: axp20x: Add AXP15060 support. - commit db7b000 - Revert "Refresh patches.rpmify/usrmerge-Adjust-module-path-in-the-kernel-sources.patch." This reverts commit b8411965e8341c82ba2e01bb38698945be2390a0. It breaks the build: + ln -s /usr/src/linux-6.4.1-1 /home/abuild/rpmbuild/BUILDROOT/kernel-default-6.4.1-1.1.x86_64/usr/lib/modules/6.4.1-1-default/source ln: failed to create symbolic link '/home/abuild/rpmbuild/BUILDROOT/kernel-default-6.4.1-1.1.x86_64/usr/lib/modules/6.4.1-1-default/source': No such file or directory - commit 3561b10 - drm/amd: Don't try to enable secure display TA multiple times (bsc#1212848). - drm/amdgpu: fix number of fence calculations (bsc#1212848). - drm/amd/display: perform a bounds check before filling dirty rectangles (bsc#1212848). - drm/amdgpu: check RAS irq existence for VCN/JPEG (bsc#1212848). - drm/amd/pm: add abnormal fan detection for smu 13.0.0 (bsc#1212848). - drm/amd: Disable PSR-SU on Parade 0803 TCON (bsc#1212848). - drm/amd/pm: update the LC_L1_INACTIVITY setting to address possible noise issue (bsc#1212848). - drm/amd/display: Fix 128b132b link loss handling (bsc#1212848). - drm/amd/display: disable seamless boot if force_odm_combine is enabled (bsc#1212848). - drm/amd/display: add a NULL pointer check (bsc#1212848). - drm/amd/pm: revise the ASPM settings for thunderbolt attached scenario (bsc#1212848). - drm/amdgpu: fix clearing mappings for BOs that are always valid in VM (bsc#1212848). - drm/amdgpu: Skip mark offset for high priority rings (bsc#1212848). - drm/amdgpu: make sure that BOs have a backing store (bsc#1212848). - drm/amdgpu: make sure BOs are locked in amdgpu_vm_get_memory (bsc#1212848). - commit a695138 - Remove more packaging cruft for SLE < 12 SP3 - commit a16781c - Linux 6.4.1 (bsc#1012628). - x86/microcode/AMD: Load late on both threads too (bsc#1012628). - x86/smp: Make stop_other_cpus() more robust (bsc#1012628). - x86/smp: Dont access non-existing CPUID leaf (bsc#1012628). - x86/smp: Remove pointless wmb()s from native_stop_other_cpus() (bsc#1012628). - x86/smp: Use dedicated cache-line for mwait_play_dead() (bsc#1012628). - x86/smp: Cure kexec() vs. mwait_play_dead() breakage (bsc#1012628). ... changelog too long, skipping 81 lines ... - commit 4b7bbac ==== libgphoto2 ==== Subpackages: libgphoto2-6 libgphoto2-6-lang libgphoto2_port12 - drop lockdev support (boo#1212801) ==== libnice ==== Subpackages: gstreamer-libnice libnice10 - Add 4b63250c.patch: agent/meson: Replace filename with basename. This avoids emitting absolute paths into generated sourcecode, it improves reproducibility. ==== libqt5-qtgraphicaleffects ==== - Fix broken QML dependency ==== libstorage-ng ==== Version update (4.5.122 -> 4.5.123) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - Translated using Weblate (Georgian) (bsc#1149754) - 4.5.123 ==== mutter ==== Version update (44.2 -> 44.3) Subpackages: mutter-lang - Update to version 44.3: + Ensure preferred monitor mode is always included. + Avoid rapidly toggling dynamic max render time. + Fix dynamic max render time blocking with direct scanout. + Misc. bug fixes. + Updated translations. ==== ncurses ==== Version update (6.4.20230617 -> 6.4.20230701) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20230701 + fix mandoc warnings about unnecessary markup. + improve parameter check in tparm_setup() - Extend compiled in fall back terminals with xterm-256color and ms-terminal (the first is now a days more common and second one is useful for ssh connections to MS(tm)) - Add ncurses patch 20230624 + fixes for out-of-memory condition (report by "eaglegai"). - Add ncurses patch 20230625 + adjust man/make_sed.sh to work with dates as the third field of TH. + fixes for out-of-memory condition (report by "eaglegai"). ==== perl-Cpanel-JSON-XS ==== Version update (4.36 -> 4.37) - updated to 4.37 see /usr/share/doc/packages/perl-Cpanel-JSON-XS/Changes 4.37 2023-07-04 (rurban) - Fix NAN/INF for AIX (Tux: AIX-5.3, tested by XSven on AIX-7.3) GH #165 - Fix empty string result in object stringification (PR #221 jixam) - Allow \' in strings when allow_singlequote is enabled (PR #217 warpspin) ==== perl-HTTP-Date ==== Version update (6.05 -> 6.06) - updated to 6.06 see /usr/share/doc/packages/perl-HTTP-Date/Changes 6.06 2023-07-06 22:29:55Z - Use copyright year rather than range (GH#18) (Olaf Alders) - Replace "Test" with "Test::More" (GH#20) (James Raspass) - Remove the executable bit from the test (GH#21) (James Raspass) - Add support for Windows four-digit year format (GH#23) (Grant Street Group) ==== perl-Net-HTTP ==== Version update (6.22 -> 6.23) - updated to 6.23 see /usr/share/doc/packages/perl-Net-HTTP/Changes 6.23 2023-06-16 11:46:01Z - Don't treat HTTP header names as case sensitive in test (GH#81) (Olaf Alders) ==== perl-libwww-perl ==== Version update (6.70 -> 6.71) - updated to 6.71 see /usr/share/doc/packages/perl-libwww-perl/Changes 6.71 2023-06-20 19:44:19Z - Use rather than require Module::Load (GH#435) (Olaf Alders) ==== publicsuffix ==== Version update (20230616 -> 20230709) - Update to version 20230709: * util: gTLD data autopull updates for 2023-07-08T15:13:17 UTC (#1796) * util: gTLD data autopull updates for 2023-07-01T15:13:05 UTC (#1791) * AWS Submissions to the Public Suffix List - Q1 2023 (#1600) ==== python-M2Crypto ==== Version update (0.38.0 -> 0.39.0) - Update to 0.39.0: - SUPPORT FOR PYTHON 2 HAS BEEN DEPRECATED AND IT WILL BE COMPLETELY REMOVED IN THE NEXT RELEASE. - Remove dependency on parameterized and use unittest.subTest instead. - Upgrade embedded six.py module to 1.16.0 (really tiny inconsequential changes). - Make tests working on MacOS again (test_bio_membuf: Use fork) - Use OpenSSL_version_num() instead of unrealiable parsing of .h file. - Mitigate the Bleichenbacher timing attacks in the RSA decryption API (CVE-2020-25657) - Add functionality to extract EC key from public key + Update tests - Worked around compatibility issues with OpenSSL 3.* - Support for Twisted has been deprecated (they have their own SSL support anyway). - Generate TAP while testing. - Stop using GitHub for testing. - Accept a small deviation from time in the testsuite (for systems with non-standard HZ kernel parameter). - Use the default BIO.__del__ rather tha overriding in BIO.File (avoid a memleak). - Resolve "X509_Name.as_der() method from X509.py -> class X509_Name caused segmentation fault" - Remove upstreamed patches: - CVE-2020-25657-Bleichenbacher-attack.patch - m2crypto-0.38-ossl3-tests.patch - openssl-adapt-tests-for-3.1.0.patch - openssl-stop-parsing-header.patch - timeout_300hz.patch - add timeout_300hz.patch to accept a small deviation from time in the testsuite (bsc#1212757) ==== python-cryptography ==== Version update (41.0.1 -> 41.0.2) - update to 41.0.2: * Fixed bugs in creating and parsing SSH certificates where critical options with values were handled incorrectly. Certificates are now created correctly and parsing accepts correct values as well as the previously generated invalid forms with a warning. In the next release, support for parsing these invalid forms will be removed. - remove patch remove_python_3_6_deprecation_warning.patch as the warning was already removed upstream - Add no-pytest_benchmark.patch, which remove dependency on pytest-benchmark and coveralls (We don't need no benchmarking and coverage measurement; bsc#1213005). ==== python-referencing ==== Version update (0.29.0 -> 0.29.1) - Update to version 0.29.1: * Update pre-commit hooks. * Minor rewording of the caching section and give it a subsection. * Bump suite from `cb57930` to `9335e4a` * [pre-commit.ci] pre-commit autoupdate * Bump suite from `445c8ee` to `cb57930` * Bump suite from `f6fa54d` to `445c8ee` * Don't use nox.session.create_tmp. ==== python-rich ==== Version update (13.4.1 -> 13.4.2) - specfile: * update copyright year - update to version 13.4.2: * Changed + Relaxed markdown-it-py dependency ==== util-linux ==== Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 util-linux-lang - No longer provide last and lastb on Tumbleweed. last is provided by wtmpdb and lastb is no longer supported. ==== util-linux-systemd ==== - No longer provide last and lastb on Tumbleweed. last is provided by wtmpdb and lastb is no longer supported. ==== vim ==== Subpackages: vim-data vim-data-common vim-small xxd - Use app icon generated from vimlogo.eps in source tarball; add higher res icons of sizes 128, 256, and 512px as png sources. Our current icons deviate from upstream flatpaks for example. ==== wtmpdb ==== Version update (0.7.0 -> 0.7.1) Subpackages: libwtmpdb0 - https://en.opensuse.org/SourceUrls - Use noun phrase for Summary. - Wrap descriptions at 70 (for yast2 textmode). - Update to ersion 0.7.1 - wtmpdb last: Support "YYYY-MM-DD", "today" and "yesterday" as time option - Add last compat symlink and manual page ==== yast2-installation ==== Version update (4.6.4 -> 4.6.5) - Fixed yupdate script to properly run pre/post scripts when patching from GitHub (bsc#1213197) - 4.6.5 ==== yast2-storage-ng ==== Version update (4.6.11 -> 4.6.12) - Ensure adding storage support software packages for MicroOS which uses its custom partitions_proposal client, not the standard inst_disk_proposal client (bsc#1212452) https://github.com/yast/yast-storage-ng/pull/1351 - 4.6.12 - Honor encryption settings if they are set into ProductFeatures by the Common Critera role (jsc#PED-4166, jsc#PED-4474). ==== yast2-trans ==== Version update (84.87.20230630.ccfa6add46 -> 84.87.20230708.d1de37aed1) Subpackages: yast2-trans-cs yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-fr yast2-trans-hu yast2-trans-it yast2-trans-ja yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ru yast2-trans-zh_CN yast2-trans-zh_TW - Update to version 84.87.20230708.d1de37aed1: * Translated using Weblate (Chinese (China) (zh_CN)) * Translated using Weblate (Kurdish)