Packages changed: SVT-AV1 (1.6.0 -> 1.7.0) dnf (4.14.0 -> 4.18.0) fwupd (1.8.17 -> 1.9.7) gdm git (2.42.0 -> 2.42.1) installation-images-MicroOS (17.100 -> 17.103) json-c (0.16 -> 0.17) keylime (7.6.0 -> 7.7.0) libdnf (0.70.2 -> 0.72.0) libmodulemd (2.14.0 -> 2.15.0) librepo (1.15.1 -> 1.17.0) openldap2 (2.6.4 -> 2.6.6) openldap2-contrib-src (2.6.4 -> 2.6.6) p11-kit (0.25.1 -> 0.25.2) polkit-default-privs (1550+20231006.28f05f1 -> 1550+20231103.3b4a82f) redis (7.2.2 -> 7.2.3) rust-keylime (0.2.2+git.1689256829.3d2b627 -> 0.2.2+git.1697658634.9c7c6fa) webkit2gtk3 webkit2gtk4 === Details === ==== SVT-AV1 ==== Version update (1.6.0 -> 1.7.0) - Update to release 1.7.0 * Encoder: * Improve the tradeoffs for the random access mode across presets MR-M13 * Quality improvements across all presets and metrics ranging from 0.3% to 4.5% in BD-rate * Added an experimental tune SSIM mode yielding ~3-4% additional SSIM BD-rate gains ==== dnf ==== Version update (4.14.0 -> 4.18.0) - Update to 4.18.0 + Add reboot option to DNF Automatic (rh#2124793) + Add support for rollback of group upgrade rollback (rh#2016070) + Omit src RPMs from check-update (rh#2151910) + repoquery: Properly sanitize queryformat strings (rh#2140884) + Don't double-encode RPM URLs passed on CLI (rh#2103015) + Allow passing CLI options when loading remote cfg (rh#2060127) + Ignore processing variable files with unsupported encoding (rh#2141215) + Fix AttributeError when IO busy and press ctrl+c (rh#2172433) + cli: Allow = in setopt values + Mark strftime format specifiers for translation + Unload plugins upon their deletion + Fixes in docs and help command + Fix plugins unit tests + Add unit tests for dnf mark + smtplib: catch OSError, not SMTPException + automatic: Fix online detection with proxy (rh#2022440) + automatic: Return an error when transaction fails (rh#2170093) + repoquery: Allow uppercased query tags (rh#2185239) + Update repo metadata cache pattern to include zstd + Add provide exception handling + When parsing over a KVP list, do not return till the whole list is parsed + Provide /usr/bin/dnf4 symlink to /usr/bin/dnf-3 + Document the symbols in the output of `dnf history list` (rh#2172067) + crypto: Use libdnf crypto API instead of using GnuPG/GpgME + Block signals during RPM transaction processing (rh#2133398) + Fix bash completion due to sqlite changes (rh#2232052) + automatic: allow use of STARTTLS/TLS + automatic: use email_port specified in config + base: Add obsoleters of only latest versions (rh#2183279, rh#2176263) + comps: Fix marking a group package as installed (rh#2066638) + distro-sync: Print better info message when no match (rh#2011850) + Include dist-info for python3-dnf (rh#2239323) + Revert "Block signals during RPM transaction processing" (rh#2133398) + Do not print details of verifying (rh#1908253) + conf: Split $releasever to $releasever_major and $releasever_minor (rh#1789346) + Update translations ==== fwupd ==== Version update (1.8.17 -> 1.9.7) Subpackages: fwupd-bash-completion fwupd-lang libfwupd2 typelib-1_0-Fwupd-2_0 - Disable passim support for now. For openSUSE users this is likely less intereting that it would be for enterprise customers. - Update to versrion 1.9.7: + This release adds the following features: - Add support for child device requirements in metadata. - Allow to have more than one host BKC. - Delete BootNext as a post-reboot action to work around broken firmware. - Parse cabinet archives internally without libgcab. - Use close-ended mode for eMMC FFU to speed up firmware updates. + This release adds support for the following hardware: - Logitech Rally System devices. - More PixartRF HPAC devices. - More Synaptics Prometheus fingerprint readers. - Some Western Digital eMMC devices. - VIA VL830 and VL832. - Update to version 1.9.6: + This release adds the following features: - Add a launchd agent for macOS. - Add a new security attribute for BIOS capsule updates to be enabled. - Add functionality to fix specific host security attributes. - Add global information from the context into the report data. - Add support for coSWID payload sections. - Add support for parsing the EDID. - Allow adding only-quirk instance IDs from quirk files. - Install a sysusers.d systemd file when using - Dsystemd_unit_user. + For The changes of 1.9.0…1.9.5, please consult https://github.com/fwupd/fwupd/releases - Add pkgconfig(passim) BuildRequires: new dependency. - Pass -Dplugin_amdgpu=disabled to meson: not buildable just yet. - Pass -Dlaunchd=disabled to meson: launched is MacOS only. - Drop -Dplugin_dell=enabled meson parameter: no longer supported. - Drop fwupd-bsc1130056-change-shim-path.patch: no longer applicable. ==== gdm ==== Subpackages: gdm-lang gdm-schema gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0 - Rebase patches for SLE-15-SP6 (bsc#216595): + Rebase gdm-add-runtime-option-to-disable-starting-X-server-as-u.patch + Rebase gdm-disable-gnome-initial-setup.patch + Rebase gdm-restart-session-when-X-server-restart.patch ==== git ==== Version update (2.42.0 -> 2.42.1) - git 2.24.1: * The usual number of bug fixes, including * Fix "git diff" exit code handling * Various fixes to the behavior of "rebase -i" when the command got interrupted by conflicting changes ==== installation-images-MicroOS ==== Version update (17.100 -> 17.103) - merge gh#openSUSE/installation-images#673 - fix another symlink warning - 17.103 - merge gh#openSUSE/installation-images#672 - fix dangling symlink detection - update symlink config - add missing tpm packages to spec file - fix typo in early_setup script - 17.102 ==== json-c ==== Version update (0.16 -> 0.17) - Update to 0.17: + New features: * json_patch: add first implementation only with patch application * Add --disable-static and --disable-dynamic options to the cmake-configure script. * Add -DBUILD_APPS=NO option to disable app build * Minimum cmake version is now 3.9 + Significant changes and bug fixes: * When serializing with JSON_C_TO_STRING_PRETTY set, keep the opening and closing curly or square braces on same line for empty objects or arrays. * Disable locale handling when targeting a uClibc system due to problems with its duplocale() function. * When parsing with JSON_TOKENER_STRICT set, integer overflow/underflow now result in a json_tokener_error_parse_number. Without that flag values are capped at INT64_MIN/UINT64_MAX. * Fix memory leak with emtpy strings in json_object_set_string * json_object_from_fd_ex: fail if file is too large (>=INT_MAX bytes) * Add back json_number_chars, but only because it's part of the public API. * Entirely drop mode bits from open(O_RDONLY) to avoid warnings on certain platforms. * Specify dependent libraries, including -lbsd, in a more consistent way so linking against a static json-c works better * Fix a variety of build problems and add & improve tests * Update RFC reference to https://www.rfc-editor.org/rfc/rfc8259 - Remove deprecated suse_version checks ==== keylime ==== Version update (7.6.0 -> 7.7.0) Subpackages: keylime-config keylime-firewalld keylime-logrotate keylime-registrar keylime-tenant keylime-tpm_cert_store keylime-verifier python311-keylime - Update to version v7.7.0: * Monthly release (7.7.0) * tpm_cert_store: add the Nationz TPM EK x509 cert * codestyle: Have mypy ignore import of PoolManager * codestyle: Suppress pyright errors on methods that do exist * codestyle: Annotate some string constances (pyright) * types: Fix a deprecation warning from recent cryptography * create_policy: Set the generator value to LegacyAllowList * verifier: Compare generator against enum rather than magic '1' * Fix pylint C0103 (naming) errors in some files * crypto: Fix a pyright issue * test: Fix a pyright issue ==== libdnf ==== Version update (0.70.2 -> 0.72.0) Subpackages: libdnf-repo-config-zypp libdnf2 - Update to 0.72.0 + PGP: Use new librepo PGP API, remove gpgme dependency + API: Basic support for OpenPGP public keys + Avoid using GNU extensions in the dependency splitter regex + filterAdvisory: match installed_solvables sort with lower_bound (rh#2212838) + Make code C++20 compatible + Avoid reinstalling installonly packages marked for ERASE (rh#2163474) + transaction: Save the reason for installing (rh#1733274) + hawkey.subject: get_best_selectors only obsoleters of latest (rh#2183279, rh#2176263) + conf: Add limited shell-style variable expansion (rh#1789346) + conf: Add support for $releasever_major, $releasever_minor (rh#1789346) + repo: Don't download the repository if the local cache is up to date + Allow DNF to be removed by DNF 5 (rh#2221907) + Include dist-info for python3-libdnf + bindings: Load all modules with RTLD_GLOBAL + Update translations - Fix RHBZ references - Refresh patch to link with static libsolvext + Remove patch: libdnf-0.48.0-with-static-libsolvext.patch + Add patch: libdnf-0.72.0-with-static-libsolvext.patch ==== libmodulemd ==== Version update (2.14.0 -> 2.15.0) - Update to 2.15.0 + Add support for decompressing Zstandard-compressed YAML files + Remove a dependency on "file" library (libmagic) + Add a XML specification for in-YUM-repository metadata + Deprecate intents in modulemd-defaults specification + Fix a crash when converting a modulemd-packager object with a default profile and without a module name or stream to a module index + Fix parsing empty profiles + A specification for modulemd-v2 format was corrected to require a "content" license subtree only if the module build contains artifacts. + Double-quote strings in scalar YAML values when they look like a number + Warnings from g_str_equal() macro of glib2 about passing an unsigned char * to strcmp() were fixed ==== librepo ==== Version update (1.15.1 -> 1.17.0) - Update to 1.17.0 * lr_gpg_check_signature: Forward PGP error messages from RPM * PGP: fix: Support importing binary public keys in librpm backend * PGP: Enable creating a UID directory for GnuGP agent socket in /run/gnupg/user * PGP: Set a default creation SELinux labels on GnuPG directories * Update PGP test vectors * Implement OpenPGP using librpm API * Fixes and optimizations in header files * Fix lr_gpg_list_keys function when keys are empty * Fix CMake warnings * Bump glib version ==== openldap2 ==== Version update (2.6.4 -> 2.6.6) Subpackages: libldap-data libldap2 openldap2-client - Update to release 2.6.6 * Fixed libldap handling of TCP KEEPALIVE options * Fixed slapd callback handling with overlays that do extended operations ==== openldap2-contrib-src ==== Version update (2.6.4 -> 2.6.6) - Update to release 2.6.6 * Fixed libldap handling of TCP KEEPALIVE options * Fixed slapd callback handling with overlays that do extended operations ==== p11-kit ==== Version update (0.25.1 -> 0.25.2) Subpackages: libp11-kit0 p11-kit-tools - Update to 0.25.2: * fix error code checking of readpassphrase for --login option [#595] * build fixes [#594] * test fixes [#596] ==== polkit-default-privs ==== Version update (1550+20231006.28f05f1 -> 1550+20231103.3b4a82f) - Update to version 1550+20231103.3b4a82f: * profiles: fwupd: add host-security-attr actions (bsc#1216832) * profiles: remove outdates sysprof2 actions * profiles: drop obsolete udisks2 bcache and zram actions ==== redis ==== Version update (7.2.2 -> 7.2.3) - redis 7.2.3: - Fix file descriptor leak preventing deleted files from freeing disk space on replicas (#12693) - Fix a possible crash after cluster node removal (#12702) ==== rust-keylime ==== Version update (0.2.2+git.1689256829.3d2b627 -> 0.2.2+git.1697658634.9c7c6fa) Subpackages: keylime-ima-policy - Update to version 0.2.2+git.1697658634.9c7c6fa: * build(deps): bump rustix from 0.37.11 to 0.37.25 * build(deps): bump tempfile from 3.6.0 to 3.8.0 * build(deps): bump base64 from 0.21.0 to 0.21.4 * build(deps): bump serde_json from 1.0.96 to 1.0.107 * build(deps): bump openssl from 0.10.55 to 0.10.57 * cargo: Bump serde to version 1.0.188 * tests: Fix tarpaulin issues with dropped -v option * build(deps): bump signal-hook from 0.3.15 to 0.3.17 * build(deps): bump actix-web from 4.3.1 to 4.4.0 * build(deps): bump thiserror from 1.0.40 to 1.0.48 * Remove private_in_public * Initial PR to add support for IDevID and IAK * build(deps): bump uuid from 1.3.1 to 1.4.1 * build(deps): bump log from 0.4.17 to 0.4.20 * build(deps): bump reqwest from 0.11.16 to 0.11.20 * Do not use too specific version on cargo audit workflow * Add workflow to run cargo-audit security audit * README: update dependencies for Debian and Ubuntu * Use latest versions of checkout/upload-artifacts * docker: Add 'keylime' system user * Use "currently" for swtpm emulator warning (#632) * Update container workflow actions versions * Build container image and push to quay.io * README: update requirements ==== webkit2gtk3 ==== Subpackages: WebKitGTK-4.1-lang libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Add webkit2gtk3-disable-dmabuf-nvidia.patch: disable DMABuf renderer for NVIDIA proprietary drivers (boo#1216778). ==== webkit2gtk4 ==== Subpackages: WebKitGTK-6.0-lang libjavascriptcoregtk6_0-1 libwebkitgtk6_0-4 webkitgtk-6_0-injected-bundles - Add webkit2gtk3-disable-dmabuf-nvidia.patch: disable DMABuf renderer for NVIDIA proprietary drivers (boo#1216778).