Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&version=Tumbleweed&build=20220919 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: Mesa Mesa-drivers aalib atftp (0.7.5 -> 0.8.0) autofs busybox-links cppcheck (2.8.2 -> 2.9) cryptsetup ding dracut (057+suse.309.gb71946f6 -> 057+suse.315.gd210fc38) drbd-utils e2fsprogs ffmpeg-5 (5.1 -> 5.1.1) file (5.42 -> 5.43) fuse3 (3.11.0 -> 3.12.0) gawk (5.1.1 -> 5.2.0) glibc gnutls grep (3.7 -> 3.8) hdparm (9.64 -> 9.65) hwdata (0.361 -> 0.362) icewm (2.9.8 -> 2.9.9) jasper java-11-openjdk libgcrypt libksba (1.6.0 -> 1.6.1) libvirt microos-tools (2.16 -> 2.17) mythes (1.2.4 -> 1.2.5) ncurses (6.3.20220820 -> 6.3.20220910) netpbm openssl-3 openvpn permissions (1599_20220713 -> 1599_20220912) pipewire (0.3.57 -> 0.3.58) plymouth (22.02.122+73.9826df5 -> 22.02.122+75.6f5dc63) polkit publicsuffix (20220805 -> 20220903) python python-base python-charset-normalizer (2.1.0 -> 2.1.1) python-greenlet (1.1.2 -> 1.1.3) python-idna (3.3 -> 3.4) python-importlib-resources (5.4.0 -> 5.9.0) python-ldap (3.4.2 -> 3.4.3) python-psutil (5.9.1 -> 5.9.2) python-sniffio (1.2.0 -> 1.3.0) python310 (3.10.6 -> 3.10.7) python310-core (3.10.6 -> 3.10.7) python310-pyparsing qemu rdma-core (38.1 -> 42.0) rpm (4.17.1 -> 4.17.1.1) rsync (3.2.5 -> 3.2.6) rubygem-ruby-libvirt (0.7.1 -> 0.8.0) shim sudo vym (2.8.8 -> 2.8.41) xdm xfce4-pulseaudio-plugin (0.4.4 -> 0.4.5) yast2 (4.5.13 -> 4.5.14) yast2-http-server (4.5.0 -> 4.5.1) yast2-installation (4.5.5 -> 4.5.7) yast2-network (4.5.6 -> 4.5.7) === Details === ==== Mesa ==== Subpackages: Mesa-dri-devel Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - llvm15.patch: backport of commits 2037c34f245, 301bcbac0e5, 6983c8580a2 to support LLVM 15 ==== Mesa-drivers ==== Subpackages: Mesa-dri Mesa-gallium Mesa-libva - llvm15.patch: backport of commits 2037c34f245, 301bcbac0e5, 6983c8580a2 to support LLVM 15 ==== aalib ==== - avoid ffast-math (ggo#55522) ==== atftp ==== Version update (0.7.5 -> 0.8.0) - Update to version 0.8.0 * test.sh: add MTFTP tests * Fix MTFTP support for atftp * Fix multicast download. * Fix algorithm in case of packet loss in the last window. * Improve the robustness of the atftp-client in case of package loss or duplication * Implement PCRE tests. * Improve upstream test script. Include tests for windowsize option. * Fix/update minor issues in upstream * Fix the 'windowsize' option for write requests * FAQ INSTALL README.CVS README.PCRE: cosmetic and spelling fixes * *.h: cosmetic and spelling fixes * configure.ac: more fixes, also for libpcre2 detection * Port to maintained PCRE2 API * Changelog: update the recent changes * autoconf: modify autogen.sh * atftp.1: add more examples for options * Add a simple congestion control * Do some cosmetic changes * Add windowsize option as described in RFC7440 ==== autofs ==== - Move dbus-1 system.d file to /usr (bsc#1203362) ==== busybox-links ==== Subpackages: busybox-bzip2 busybox-coreutils busybox-ed busybox-findutils busybox-gawk busybox-grep busybox-gzip busybox-psmisc busybox-sed busybox-sendmail busybox-tar busybox-util-linux busybox-which busybox-xz - Add missing new requires for busybox-sha3sum - Create sub-package "hexedit" [bsc#1203399] - Create sub-package "sha3sum" [bsc#1203397] ==== cppcheck ==== Version update (2.8.2 -> 2.9) - update to 2.9: * restored check for negative allocation (new[]) and negative VLA sizes from cppcheck 1.87 (LCppC backport) * replaced hardcoded check for pipe() buffer size by library configuration option (LCppC backport) * on Windows the callstack is now being written to the output specific via "--exception-handling" * make it possible to disable the various exception handling parts via the CMake options "NO_UNIX_SIGNAL_HANDLING", "NO_UNIX_BACKTRACE_SUPPORT" and "NO_WINDOWS_SEH" * detect more redundant calls of std::string::c_str(), std::string::substr(), and unnecessary copies of containers * Add a match function to addon similiar to Token::Match used internally by cppcheck: * | for either-or tokens(ie struct|class to match either struct or class) * !! to negate a token * It supports the %any%, %assign%, %comp%, %name%, %op%, %or%, %oror%, and %var% keywords * It supports (*), {*}, [*], and <*> to match links * @ can be added to bind the token to a name * ** can be used to match until a token * Add math functions which can be used in library function definition. This enables evaluation of more math functions in ValueFlow * Further improve lifetime analysis with this pointers * Propagate condition values from outer function calls * Add debug intrinsics debug_valueflow and debug_valuetype to show more detail including source backtraces ==== cryptsetup ==== Subpackages: cryptsetup-doc libcryptsetup12 libcryptsetup12-hmac - Add virtual provides for 'integritysetup' and 'veritysetup' to match package names provided by Fedora/RHEL, to allow the same set of dependencies to be used across all RPM distributions. ==== ding ==== Subpackages: ding-dict-de_en - Add patch: * use-grep-instead-of-egrep.patch This prevents the egrep obsolescent warning message introduced with grep 3.8: "egrep: warning: egrep is obsolescent; using grep -E" - Install man-page - Use https instead of http/ftp for Source/URL ==== dracut ==== Version update (057+suse.309.gb71946f6 -> 057+suse.315.gd210fc38) Subpackages: dracut-mkinitrd-deprecated - Update to version 057+suse.315.gd210fc38: * chore(suse): update spec Fix "directories not owned by a package" caused by bash-completion directories not owned by dracut. Do not install modules incompatible with the system architecture. * chore(suse): change default persistent policy * ci(suse.conf.example): update SUSE-specific config * chore(suse): fix 99-debug.conf ==== drbd-utils ==== - restore drbd scripts back to /usr/lib/drbd from /lib/drbd (bsc#1203220) Update drbd-utils.spec - fix drbd-bash-completion Update rpmlint-build-error.patch ==== e2fsprogs ==== Subpackages: e2fsprogs-scrub libcom_err2 libext2fs2 - Refresh e2fsprogs.keyring based on currently provided keys. - Spec file cleanup: + Drop remainders regarding -mini packages, which was not a thing since Jan 2014. + Split build of fuse2fs out into a sep build (_multibuild enabled). - enabled fuse2fs build which enable to mount ext2/3/4 via FUSE ==== ffmpeg-5 ==== Version update (5.1 -> 5.1.1) Subpackages: libavcodec59 libavdevice59 libavfilter8 libavformat59 libavutil57 libpostproc56 libswresample4 libswscale6 - Update to release 5.1.1 * avformat/asfdec_o: limit recursion depth in asf_read_unknown() * libavformat/iff: Check for overflow in body_end calculation * avformat/avidec: Prevent entity expansion attacks * avcodec/h263dec: Sanity check against minimal I/P frame size * avcodec/libvpx: fix assembling vp9 packets with alpha channel * avcodec/libspeexdec: Fix use of uninitialized value * avcodec/alac: don't fail if channels aren't set during init() when extradata is valid * avformat/mov: Check count sums in build_open_gop_key_points() [CVE-2022-2566] [boo#1203441] ==== file ==== Version update (5.42 -> 5.43) Subpackages: file-magic libmagic1 - Add patch file-zstd.patch from upstream mailing list * Add zstd decompression support - Run also upstream standard checks - update to 5.43: * Add octal indirect magic * avoid infinite loop in non-wide code * Obey MAGIC_CONTINUE with multiple magic files * Fix bug with large flist * PR/364: Detect non-nul-terminated core filenames from QEMU * PR/359: Add support for http://ndjson.org/ * PR/362: Fix wide printing * PR/358: Fix width for -f - - drop file-boo1201350.patch (upstream) ==== fuse3 ==== Version update (3.11.0 -> 3.12.0) Subpackages: libfuse3-3 - Update to release 3.12.0 * The max_idle_threads parameter has been deprecated in favor of the new max_threads* parameter * struct fuse_loop_config is now private and has to be constructed using fuse_loop_cfg_create() * fuse_session_loop_mt() now accepts struct fuse_loop_config * as NULL pointer. * fuse_parse_cmdline() now accepts a max_threads option. ==== gawk ==== Version update (5.1.1 -> 5.2.0) - upref.patch: Add missing UPREF - Update to gawk 5.2.0 * Numeric scalars now compare in the same way as C for the relational operators. Comparison order for sorting has not changed * If the AWK_HASH environment variable is set to "fnv1a" gawk will use the FNV1-A hash function for associative arrays * There is now a new function, mkbool(), that creates Boolean-typed values * As BWK awk has supported interval expressions since 2019, they are now enabled even if --traditional is supplied * The rwarray extension has two new functions, writeall() and readall() * The new `gawkbug' script should be used for reporting bugs * The manual page (doc/gawk.1) has been considerably reduced in size * Gawk now supports Terence Kelly's "persistent malloc" (pma), allowing gawk to preserve its variables, arrays and user-defined functions between runs * Some subtle issues with untyped array elements being passed to functions have been fixed * Syntax errors are now immediately fatal - gawk-5.1.1-Disable-racy-test-in-test-iolint.awk.patch: removed - pma.patch: Handle hole bigger than half the address space - nan-tests.patch: fix non-portable NaN tests ==== glibc ==== Subpackages: glibc-devel glibc-extra glibc-locale glibc-locale-base nscd - errlist-edeadlock.patch: errlist: add missing entry for EDEADLOCK (BZ [#29545]) ==== gnutls ==== Subpackages: libgnutls-dane0 libgnutls30 libgnutls30-hmac - FIPS: Run the CFB8 cipher selftest without offset [bsc#1203245] * CFB8 list of ciphers: GNUTLS_CIPHER_AES_{128,192,256}_CFB8 * Add gnutls-FIPS-Run-CFB8-without-offset.patch - provide a libgnutls30-hmac-32bit to avoid uninstallable wine when pattern-base-fips is installed [boo#1203353] - FIPS: Additional modifications to the SLI. [bsc#1190698] * Mark CMAC and GMAC and non-approved in gnutls_pbkfd2(). * Mark HMAC keylength less than 112 bits as non-approved in gnutls_pbkfd2(). * Adapt the pbkdf2 selftest and the regression tests accordingly. * Add gnutls-FIPS-SLI-pbkdf2-verify-keylengths-only-SHA.patch - FIPS: Port GnuTLS to use jitterentropy [bsc#1202146, jsc#SLE-24941] * Add new dependency on jitterentropy * Add gnutls-FIPS-jitterentropy.patch ==== grep ==== Version update (3.7 -> 3.8) - GNU grep 3.8: * The -P option is now based on PCRE2 instead of the older PCRE (boo#1201803) * egrep and fgrep commands, deprecated since release 2.5.3 (2007), now warn that they are obsolescent and should be replaced by grep -E and grep -F * The confusing GREP_COLOR environment variable is now obsolescent * Regular expressions with stray backslashes now cause warnings * Regular expressions like [:space:] are now errors even if POSIXLY_CORRECT is set, since POSIX now allows the GNU behavior * In locales using UTF-8 encoding, the regular expression '.' no longer sometimes fails to match Unicode characters * The -s option no longer suppresses "binary file matches" messages. - doc: fix man page syntax errors (bsc#1201001) ==== hdparm ==== Version update (9.64 -> 9.65) - Update to 9.65: * Fixed "hdparm --Istdin" to not attempt reading LOG data from a non-existent drive. - Refresh avoid-linux-includes.patch ==== hwdata ==== Version update (0.361 -> 0.362) - update to 0.362: + Updated pci, usb and vendor ids. ==== icewm ==== Version update (2.9.8 -> 2.9.9) Subpackages: icewm-config-upstream icewm-default icewm-lang icewm-lite - update to 2.9.9: * Permit percentages to have comma's in icesh. * Keep accurate track of window changes in workspace buttons for PagerShowPreview. Only redraw affected workspace buttons, which reduces the total number of workspace button redraws, especially for larges number of workspace buttons. * Add key bindings for single window tiling operations for issues bbidulock/icewm#335, ice-wm/icewm#74 and ice-wm/icewm#84. * Complete -e option. * WindowMaker dock apps are supported. * Support more HTML entities in icehelp. * Remove dependency on asciidoc and prefer markdown format for the manual. * Prevent warnings. * Also install markdown. * Try srcdir. * Cleanup test and prefer markdown manual. * Cleanup key grabs. * Drop obsolete wmOccupyAll(). * Accept either markdown or asciidoc to generate manual html with CMake. * Add markdown and icesh. * Automatically detect and prevent race conditions in icesh relating to moving and sizing windows for issue #335. Improve the accuracy of the "sizeto" command in icesh for issue #335. Add "extents" command to icesh. Add "workarea" command to icesh. * Get rid of the frameContext. * Prefer findClient in two cases: unmap notify and recv ping. - spec-cleaner run ==== jasper ==== - security update: * CVE-2022-2963 [bsc#1202642] + jasper-CVE-2022-2963.patch ==== java-11-openjdk ==== Subpackages: java-11-openjdk-headless - Package the JAVA_HOME/release files in *-headless package * fixes boo#1203476 ==== libgcrypt ==== Subpackages: libgcrypt20 libgcrypt20-hmac - FIPS: Get most of the entropy from rndjent_poll [bsc#1202117] * Add libgcrypt-FIPS-rndjent_poll.patch * Rebase libgcrypt-jitterentropy-3.4.0.patch - FIPS: Check keylength in gcry_fips_indicator_kdf() [bsc#1190700] * Consider approved keylength greater or equal to 112 bits. * Add libgcrypt-FIPS-kdf-leylength.patch - FIPS: Zeroize buffer and digest in check_binary_integrity() * Add libgcrypt-FIPS-Zeroize-hmac.patch [bsc#1191020] ==== libksba ==== Version update (1.6.0 -> 1.6.1) - libksba 1.6.1: * Allow an OCSP server not to return the sent nonce - fix rpmlint warnings ==== libvirt ==== Subpackages: libvirt-client libvirt-daemon libvirt-daemon-config-network libvirt-daemon-driver-interface libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-qemu libvirt-libs - Migration to /usr/etc: Saving user changed configuration files in /etc and restoring them while an RPM update. ==== microos-tools ==== Version update (2.16 -> 2.17) - Update to version 2.17: - selinux-autorelabel-generator: Don't cross partition boundaries for /.snapshots when relabeling [issue#11] ==== mythes ==== Version update (1.2.4 -> 1.2.5) - Version bump to 1.2.5 * Fix use of deprecated hunspell apis in demo * Fix some compilation warnings ==== ncurses ==== Version update (6.3.20220820 -> 6.3.20220910) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20220910 + amend verbose-option change to make this affect level 3, e.g., using "tic -cv3 terminfo". + work around musl's nonstandard use of feature test macros by adding a definition for NCURSES_WIDECHAR to the generated ".pc" and *-config files (report by Sam James). - Add ncurses patch 20220903 + modify verbose-option of infocmp, tic, toe to enable debug-tracing if that is configured. - Add ncurses patch 20220827 + modify configure scripts to use overlooked cases for LD and PKG_CONFIG variables (report by Alan Webb, Gentoo #866398). + modify nsterm to use xterm+alt1049 (report by Paul Handly) -TD + modify putty to use xterm+alt1049 -TD - Correct offsets of patches * ncurses-5.9-ibm327x.dif * ncurses-6.3.dif ==== netpbm ==== Subpackages: libnetpbm11 - ppmforge-test.patch: fix ppmforge test to avoid float overflow ==== openssl-3 ==== - Do not make libopenssl3-32bit obsolete libopenssl1_1-32bit. They are independent libraries and can be installed simultaneously. ==== openvpn ==== - build with enable-iproute2 again to have root-less mode working (bsc#1202792) ==== permissions ==== Version update (1599_20220713 -> 1599_20220912) Subpackages: chkstat permissions-config - Update to version 20220912: * chkstat: also consider group controlled paths (bsc#1203018, CVE-2022-31252) ==== pipewire ==== Version update (0.3.57 -> 0.3.58) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Update to version 0.3.58: * Highlights - Fix a regression that could cause audio crackling. - Fix a regression in RTKit because rlimit was not set correctly. - JAVA sound applications will now alsa work with the pulseaudio-alsa plugin. - pw-top will now show the negotiated formats of devices and streams. - Fix some potential crashes when starting streams. - The ALSA plugin has had improved timing reporting and poll descriptor handling that should improve compatibility. - Many more improvements and bugfixes. * PipeWire - Avoid scheduling nodes before they are added to the graph. This could avoid some crashes when scheduling nodes that were not completely started yet. (#2677) * Tools - pw-top now also shows the negotiated formats of streams and devices. (#2566) - pw-top prints microseconds as "us" now to avoid unicode problems. * Modules - Fix compilation with newer lv2. - Fix setting realtime priority with RTKit, it was not setting rlimit correctly and RTKit would refuse to change the priority. - Fix some playback problems with RAOP sink. (#2673) - Filter chain will now warn when a non-existing control property is used in the config file. (#2685) - Filter chain can now handle control port names with ":" in the name. (#2685) - The echo-cancel module and interface now has activate/deactivate functions to make it possible for plugins to reset their state. * SPA - Make sure audioconvert uses the given channelmap and channels for the volumes, even when not negotiated yet. This makes it possible to change the volume before the node has been negotiated. - Refactor the peaks resampler. Fix an error in the SSE code. - Fix DSD min/max rates, avoid exposing impossible rates. - Set monitor port buffer size correctly. This could cause some crackling and hickups. (#2677) - Make ALSA sequencer port names unique. * Pulse-server - Rework the capture buffer attributes to better match pulseaudio. This fixes a regression where opening pavucontrol could cause crackling. (#2671) - Implement TRIGGER and PREBUF methods. - Handle clients that send more than the requested amount of data. PipeWire will now also keep this as extra buffered data like PulseAudio. This fixes JAVA sound applications when they are running on top of the PulseAudio ALSA plugin. (#2626,#2674) - Update the requested amount of bytes more like PulseAudio. Fixes stuttering after resume with the GStreamer pulseaudio sink. (#2680) * ALSA Plugin - More debug info was added. The time reporting was improved. - The poll descriptor handling was improved, avoiding some spurious wakeups. (#1697) ==== plymouth ==== Version update (22.02.122+73.9826df5 -> 22.02.122+75.6f5dc63) Subpackages: libply-splash-core5 libply-splash-graphics5 libply5 plymouth-dracut plymouth-lang plymouth-plugin-label plymouth-plugin-two-step plymouth-scripts plymouth-theme-bgrt plymouth-theme-spinner - Update to version 22.02.122+75.6f5dc63: * Fix build after README changes ==== polkit ==== Subpackages: libpolkit-agent-1-0 libpolkit-gobject-1-0 pkexec typelib-1_0-Polkit-1_0 - obsolete libpolkit0 also from baselibs. ==== publicsuffix ==== Version update (20220805 -> 20220903) - Update to version 20220903: * util: gTLD data autopull updates for 2022-09-03T15:15:24 UTC (#1606) * Update public_suffix_list.dat (#1594) * Add streamlitapp.com (#1591) * Update public_suffix_list.dat (#1573) * Add Framer Sites domains to PSL (#1570) * new TLD .×שר×× and SLDs for Israel by ISOC-IL (#1595) ==== python ==== - Add bpo34990-2038-problem-compileall.patch making compileall.py compliant with year 2038 (bsc#1202666, gh#python/cpython#79171), backport of fix to Python 2.7. ==== python-base ==== Subpackages: libpython2_7-1_0 python-xml - Add bpo34990-2038-problem-compileall.patch making compileall.py compliant with year 2038 (bsc#1202666, gh#python/cpython#79171), backport of fix to Python 2.7. ==== python-charset-normalizer ==== Version update (2.1.0 -> 2.1.1) - update to 2.1.1: * Function `normalize` scheduled for removal in 3.0 * Removed useless call to decode in fn is_unprintable (#206) ==== python-greenlet ==== Version update (1.1.2 -> 1.1.3) - update to 1.1.3: * Add support for Python 3.11. ==== python-idna ==== Version update (3.3 -> 3.4) - update to 3.4: * Update to Unicode 15.0.0 * Migrate to pyproject.toml for build information (PEP 621) * Correct another instance where generic exception was raised instead of IDNAError for malformed input * Source distribution uses zeroized file ownership for improved reproducibility ==== python-importlib-resources ==== Version update (5.4.0 -> 5.9.0) - Update to 5.9.0: - #228: as_file now also supports a Traversable representing a directory and (when needed) renders the full tree to a temporary directory. - #253: In MultiplexedPath, restore expectation that a compound path with a non-existent directory does not raise an exception. - #250: Now Traversable.joinpath provides a concrete implementation, replacing the implementation in .simple and converging with the behavior in MultiplexedPath. - #249: In simple.ResourceContainer.joinpath, honor names split by posixpath.sep. - #248: abc.Traversable.joinpath now allows for multiple arguments and specifies that posixpath.sep is allowed in any argument to accept multiple arguments, matching the behavior found in zipfile.Path and pathlib.Path simple.ResourceContainer now honors this behavior - #244: Add type declarations in ABCs Require Python 3.7 or later - #243: Fix error when no __pycache__ directories exist when testing update-zips. - Remove BR on python-zipp to break a dependency cycle; it is strictly not needed for build (although it is Requires), because ZipReader is not tested. ==== python-ldap ==== Version update (3.4.2 -> 3.4.3) - up to upstream release 3.4.3 This is a minor release to bring back the removed OPT_X_TLS option. Please note, it's still a deprecated option and it will be removed in 3.5.0. The following deprecated option has been brought back: * OPT_X_TLS * Fixes: - Sphinx documentation is now successfully built _ pypy3 tests stability was improved _ setup.py deprecation warning is now resolved ==== python-psutil ==== Version update (5.9.1 -> 5.9.2) - update to version 5.9.2: * Bug fixes + 2093_, [FreeBSD], **[critical]**: `pids()`_ may fail with ENOMEM. Dynamically increase the "malloc()" buffer size until it's big enough. + 2095_, [Linux]: `net_if_stats()`_ returns incorrect interface speed for 100GbE network cards. + 2113_, [FreeBSD], **[critical]**: `virtual_memory()`_ may raise ENOMEM due to missing "#include <sys/param.h>" directive. (patch by Peter Jeremy) + 2128_, [NetBSD]: `swap_memory()`_ was miscalculated. (patch by Thomas Klausner) ==== python-sniffio ==== Version update (1.2.0 -> 1.3.0) - update to 1.3.0: * requires python 3.7 ==== python310 ==== Version update (3.10.6 -> 3.10.7) Subpackages: python310-curses python310-dbm python310-tk - Update to 3.10.7: - Fix for CVE-2020-10735 (bsc#1203125) Converting between int and str in bases other than 2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now raises a ValueError if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity. - Other bug fixes: - Fixed a bug that caused _PyCode_GetExtra to return garbage for negative indexes. - Fix format string in _PyPegen_raise_error_known_location that can lead to memory corruption on some 64bit systems. The function was building a tuple with i (int) instead of n (Py_ssize_t) for Py_ssize_t arguments. - Fix misleading contents of error message when converting an all-whitespace string to float. - coroutine.throw() now properly initializes the frame.f_back when resuming a stack of coroutines. This allows e.g. traceback.print_stack() to work correctly when an exception (such as CancelledError) is thrown into a coroutine. - ast.parse() will no longer parse function definitions with positional-only params when passed feature_version less than (3, 8). - Correct conversion of numbers.Rationalâs to float. - Fix a performance regression in logging TimedRotatingFileHandler. Only check for special files when the rollover time has passed. - Fix unused localName parameter in the Attr class in xml.dom.minidom. - Update bundled pip to 22.2.2. - Fail gracefully if EPERM or ENOSYS is raised when loading crypt methods. This may happen when trying to load MD5 on a Linux kernel with FIPS enabled. - Improve discoverability of the higher level concurrent.futures module by providing clearer links from the lower level threading and multiprocessing modules. - Update the default RFC base URL from deprecated tools.ietf.org to datatracker.ietf.org - Fix stylesheet not working in Windows CHM htmlhelp docs. - The documentation now lists which members of C structs are part of the Limited API/Stable ABI. - Mitigate the inherent race condition from using find_unused_port() in testSockName() by trying to find an unused port a few times before failing. - Build and test with OpenSSL 1.1.1q - Document handling of extensions in Save As dialogs. - Include prompts when saving Shell (interactive input and output). ==== python310-core ==== Version update (3.10.6 -> 3.10.7) Subpackages: libpython3_10-1_0 python310-base - Update to 3.10.7: - Fix for CVE-2020-10735 (bsc#1203125) Converting between int and str in bases other than 2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now raises a ValueError if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity. - Other bug fixes: - Fixed a bug that caused _PyCode_GetExtra to return garbage for negative indexes. - Fix format string in _PyPegen_raise_error_known_location that can lead to memory corruption on some 64bit systems. The function was building a tuple with i (int) instead of n (Py_ssize_t) for Py_ssize_t arguments. - Fix misleading contents of error message when converting an all-whitespace string to float. - coroutine.throw() now properly initializes the frame.f_back when resuming a stack of coroutines. This allows e.g. traceback.print_stack() to work correctly when an exception (such as CancelledError) is thrown into a coroutine. - ast.parse() will no longer parse function definitions with positional-only params when passed feature_version less than (3, 8). - Correct conversion of numbers.Rationalâs to float. - Fix a performance regression in logging TimedRotatingFileHandler. Only check for special files when the rollover time has passed. - Fix unused localName parameter in the Attr class in xml.dom.minidom. - Update bundled pip to 22.2.2. - Fail gracefully if EPERM or ENOSYS is raised when loading crypt methods. This may happen when trying to load MD5 on a Linux kernel with FIPS enabled. - Improve discoverability of the higher level concurrent.futures module by providing clearer links from the lower level threading and multiprocessing modules. - Update the default RFC base URL from deprecated tools.ietf.org to datatracker.ietf.org - Fix stylesheet not working in Windows CHM htmlhelp docs. - The documentation now lists which members of C structs are part of the Limited API/Stable ABI. - Mitigate the inherent race condition from using find_unused_port() in testSockName() by trying to find an unused port a few times before failing. - Build and test with OpenSSL 1.1.1q - Document handling of extensions in Save As dialogs. - Include prompts when saving Shell (interactive input and output). ==== python310-pyparsing ==== - Fix incorrect usage of non-bundled pip revealed by python-rpm-macros update. ==== qemu ==== Subpackages: qemu-arm qemu-audio-spice qemu-block-curl qemu-block-rbd qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-host qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-ipxe qemu-ksm qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios - pcre-devel-static is only needed when building against glib2 < 2.73. After that, glib2 was migrated to pcre2. ==== rdma-core ==== Version update (38.1 -> 42.0) Subpackages: libefa1 libibverbs libibverbs1 libmlx4-1 libmlx5-1 librdmacm1 rdma-ndd - Update to v42.0 - Fixes for all providers - Dropped patches merged upstream: - util-Add-barriers-support-for-RISC-V.patch - cmake-Make-modprobe.d-path-configurable.patch - Update gen-pandoc.sh to support python3 ==== rpm ==== Version update (4.17.1 -> 4.17.1.1) Subpackages: librpmbuild9 - update to rpm-4.17.1.1 * Fix upstream branch setting in "%autosetup -S git" * Revert "Strip the target triplet GNU suffix more precisely." - remove-translations.diff: convert deprecated egrep to grep -E (boo#1203092) ==== rsync ==== Version update (3.2.5 -> 3.2.6) - Use bundled SLP patch now that upstream fixed it: * Remove rsync-3.2.5-slp.patch - update to 3.2.6: * More path-cleaning improvements in the file-list validation code to avoid rejecting of valid args. * A file-list validation fix for a --files-from file that ends without a line-terminating character. * Added a safety check that prevents the sender from removing destination files when a local copy using --remove-source-files has some files that are shared between the sending & receiving hierarchies, including the case where the source dir & destination dir are identical. * Fixed a bug in the internal MD4 checksum code that could cause the digest to be sporadically incorrect (the openssl version was/is fine). * A minor tweak to rrsync added "copy-devices" to the list of known args, but left it disabled by default. - Build SLE version with g++-11 to work around nondeterministic g++-7 (boo#1193895) ==== rubygem-ruby-libvirt ==== Version update (0.7.1 -> 0.8.0) - New upstream release 0.8.0 * Fix default values for node_cpu_stats and node_memory_stats * Fix cpumap allocation for virDomainGetVcpus * Enforce UTF8 for strings and exceptions * Drop local have_const * Use sensible default for libvirt_domain_qemu_agent_command - Drop 0001-Fix-include-of-st.h-to-ruby-st.h.patch, https://gitlab.com/libvirt/libvirt-ruby/-/merge_requests/7 was merged upstream ==== shim ==== - Add logic to shim.spec to only set sbat policy when efivarfs is writeable. (bsc#1201066) ==== sudo ==== Subpackages: sudo-plugin-python - Modified sudo-sudoers.patch * bsc#1177578 * Removed redundant and confusing 'secure_path' settings in sudo-sudoers file. ==== vym ==== Version update (2.8.8 -> 2.8.41) - Update to upstream version 2.8.41 - bugfixes, some features - switch to cmake ==== xdm ==== Subpackages: xdm-xsession - Add u_glibc-2.36.patch: use glibc's arc4random instead of libbsd's (bsc#1202222) ==== xfce4-pulseaudio-plugin ==== Version update (0.4.4 -> 0.4.5) Subpackages: xfce4-pulseaudio-plugin-lang - Update to version 0.4.5 * Use Source Output Info for recording indicator to reduce flickering (gxo#panel-plugins/xfce4-pulseaudio-plugin#81) and to hide it with pavucontrol (gxo#panel-plugins/xfce4-pulseaudio-plugin#80) * Display notification on mic volume changes (gxo#panel-plugins/xfce4-pulseaudio-plugin#42) * Fix accidental toggling of the mute switch (gxo#panel-plugins/xfce4-pulseaudio-plugin#64) * Show notification even when volume is already at max/min (gxo#panel-plugins/xfce4-pulseaudio-plugin#52) * Optionally play system sound on volume changes (gxo#panel-plugins/xfce4-pulseaudio-plugin#4) * Fix menu position when panel autohide is enabled * Fix compilation with gcc 10 * about: Bump copyright year * Fix typos * Translation Updates ==== yast2 ==== Version update (4.5.13 -> 4.5.14) Subpackages: yast2-logs - bsc#1200016 - by_pattern moved into http_server moduleas it is the only user - 4.5.14 ==== yast2-http-server ==== Version update (4.5.0 -> 4.5.1) - bsc#1200016 - find out php version dynamically to avoid hardcoded version - 4.5.1 ==== yast2-installation ==== Version update (4.5.5 -> 4.5.7) - Don't set QT_SCALE_FACTOR unless > 1 (bsc#1199020) to avoid forcing QA to recreate all needles for all standard cases - 4.5.7 - Directly calculate the Qt scale factor, no longer rely on the Xft.dpi X resource (bsc#1199020) - Support YAST_MON_WIDTH_MM=xx at installation boot prompt - Support YaST2.call script debugging with FAKE_MON_WIDTH_MM=xx - Support up to 392 dpi (up to scale factor 4.0) More details: https://github.com/yast/yast-installation/pull/1057 - No more console warnings if no EDID (bsc#1203161) - 4.5.6 ==== yast2-network ==== Version update (4.5.6 -> 4.5.7) - Activate s390 devices before importing and reading the network configuration or otherwise the related linux devices will not be present and could be ignored (bsc#1199746) - 4.5.7
