Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&version=Tumbleweed&build=20221122 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: Mesa (22.2.3 -> 22.2.4) Mesa-drivers (22.2.3 -> 22.2.4) bind (9.18.8 -> 9.18.9) flatpak (1.14.0 -> 1.14.1) gssdp (1.6.1 -> 1.6.2) gstreamer-plugins-rs (0.9.alpha.1+git20221020.5c89c3d -> 0.9+git20221113.274e57a) gupnp (1.6.1 -> 1.6.2) hplip hxtools (20211204 -> 20221119) ibus libXdmcp (1.1.3 -> 1.1.4) libXpm (3.5.13 -> 3.5.14) libXrandr (1.5.2 -> 1.5.3) make mozjs102 (102.4.0 -> 102.5.0) mpfr python-Twisted python-rich (12.5.1 -> 12.6.0) python-testtools python-typing_extensions raspberrypi-firmware (2022.10.26 -> 2022.11.18) raspberrypi-firmware-config (2022.10.26 -> 2022.11.18) suse-module-tools (16.0.26 -> 16.0.27) xfce4-settings (4.16.4 -> 4.16.5) yast2-ntp-client (4.5.1 -> 4.5.2) yast2-online-update (4.5.1 -> 4.5.2) yast2-storage-ng (4.5.13 -> 4.5.14) === Details === ==== Mesa ==== Version update (22.2.3 -> 22.2.4) Subpackages: Mesa-dri-devel Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - update to 22.2.4: * clover: windows: library filename has \`-1` suffix and a \`lib` prefix when built with mingw * radv, dxvk: Rendering errors in World of Tanks after "Switch to dynamic rendering only" * gen9 gt3e/gt4e skus fail dEQP-VK.pipeline.multisample.sample_locations_ext.* * v3d: Wrong colors (pink) in videos in Firefox (likely YUV->RGB shader issue) * panfrost t860 glmark-es2 regression * radv: Flickering in Spider-Man Remastered (Regression) (Bisected) * radv: Hitman 2 using Direct3D 12 has discolored squares on RDNA2 with DCC enabled * panfrost/midgard - on Duckstation PSX emulator: segfault on GLES 3.0 and bad shader compilations on 3.3 ==== Mesa-drivers ==== Version update (22.2.3 -> 22.2.4) Subpackages: Mesa-dri Mesa-gallium Mesa-libva - update to 22.2.4: * clover: windows: library filename has \`-1` suffix and a \`lib` prefix when built with mingw * radv, dxvk: Rendering errors in World of Tanks after "Switch to dynamic rendering only" * gen9 gt3e/gt4e skus fail dEQP-VK.pipeline.multisample.sample_locations_ext.* * v3d: Wrong colors (pink) in videos in Firefox (likely YUV->RGB shader issue) * panfrost t860 glmark-es2 regression * radv: Flickering in Spider-Man Remastered (Regression) (Bisected) * radv: Hitman 2 using Direct3D 12 has discolored squares on RDNA2 with DCC enabled * panfrost/midgard - on Duckstation PSX emulator: segfault on GLES 3.0 and bad shader compilations on 3.3 ==== bind ==== Version update (9.18.8 -> 9.18.9) Subpackages: bind-doc bind-utils - Update to bind release 9.18.9 Bug Fixes: * A crash was fixed that happened when a dnssec-policy zone that used NSEC3 was reconfigured to enable inline-signing. * In certain resolution scenarios, quotas could be erroneously reached for servers, including any configured forwarders, resulting in SERVFAIL answers being sent to clients. * rpz-ip rules in response-policy zones could be ineffective in some cases if a query had the CD (Checking Disabled) bit set to 1. * Previously, if Internet connectivity issues were experienced during the initial startup of named, a BIND resolver with dnssec-validation set to auto could enter into a state where it would not recover without stopping named, manually deleting the managed-keys.bind and managed-keys.bind.jnl files, and starting named again. * The statistics counter representing the current number of clients awaiting recursive resolution results (RecursClients) could overflow in certain resolution scenarios. * Previously, the port in remote servers such as in primaries and parental-agents could be wrongly configured because of an inheritance bug. * Previously, BIND failed to start on Solaris-based systems with hundreds of CPUs. * When a DNS resource recordâs TTL value was equal to the resolverâs configured prefetch âeligibilityâ value, the record was erroneously not treated as eligible for prefetching. ==== flatpak ==== Version update (1.14.0 -> 1.14.1) Subpackages: flatpak-zsh-completion libflatpak0 system-user-flatpak - Update to version 1.14.1: + New features: Add a httpbackend variable to flatpak.pc, allowing dependent projects like GNOME Software to detect whether they are compatible with libflatpak. + Bugs fixed: - Terminate the flatpak-session-helper and flatpak-portal services when the session ends, so that applications will not inherit outdated Wayland and X11 socket addresses. - When using fish shell, don't overwrite a previously-set XDG_DATA_DIRS. - Don't try to enable HTTP 2 if linked to a libcurl version that doesn't support it. - Stop systemd reporting the session-helper as failed when terminated by a signal. - Fix a warning when listing a document with no permissions. - Fix compilation with GLib 2.66.x (as used in Debian 11). - Fix compilation with GLib 2.58.x (as used in Debian 10). - Fix a compiler warning on 32-bit architectures. - If an app update is blocked by parental controls policies, clean up the temporary deploy directory. - Fix Autotools build with versions of gpgme that no longer provide gpgme-config(1). - When building with Autotools, be more consistent about applying compiler warning flags. - Unset $TEMP, $TEMPDIR and $TMP for apps, the same as $TMPDIR. - Treat /efi the same as /boot/efi. - Make generated files more reproducible. + Updated translations. - Add and recommend a package flatpak-remote-flathub which adds the Flathub repository (boo#1186315) ==== gssdp ==== Version update (1.6.1 -> 1.6.2) - Update to version 1.6.2: + Propagate random port up to client, partial fix for GUPnP/81 + Add manpage for sniffer. - Pass manpages=false to meson, we do not have the needed pandoc BuildRequires available for all arches/buildtargets. ==== gstreamer-plugins-rs ==== Version update (0.9.alpha.1+git20221020.5c89c3d -> 0.9+git20221113.274e57a) - Update to version 0.9+git20221113.274e57a: * Update Cargo.lock * Update versions to 0.9.1 * closedcaption: Update for deprecated chrono functions * version-helper: Update for deprecated chrono functions * Update Cargo.lock * webrtc: README: fix couple of links * webrtcsink: improve debug * ci: add trigger job and only run documentation job post-merge * ci: add integration stage and move documentation job to that * ts/udpsink: handle items in the PadSinkHandler * ts: introduce ts-audiotestsrc * ts/standalone: add new Sinks * ts/standalone: move current sink under task_sink * deny: Update * Add missing `doc` features to WebRTC plugins * fmp4mux: Make media/trak timescales configurable * ci: Update to cargo-c 0.9.14 * meson: optionalize pango dependency used by net/onvif * ndi: provide Unix fallback after 3fe9e4a207f8 * fmp4mux: Don't allow VP9 for CMAF * fmp4mux: Add initial Opus support * docs: Remove some stale entries of renamed elements * aws: Skip s3 test on Windows until we figure out why it times out * Fix various new clippy warnings * fmp4mux: For VP9, write resolution into the tkhd and include a stss box to signal that not all frames are sync samples * webrtc: Update to human_bytes 0.4 * aws: Update to aws 0.21/0.51 * fmp4mux: Remove unused uuid dependency * Update Cargo.lock * fmp4mux: Clip negative PTS to zero/last PTS instead of erroring out * fmp4mux: Send force-keyunit events for now if the ideal position has already passed * fmp4mux: Add debug log when writing the mfra box * fmp4mux: Reset timing infos to None if a stream only contained gap events for a whole fragment * fmp4mux: If a stream is longer than the main stream at EOS, simply include all of its buffers in the last fragment nonetheless * whipsink: Add object to debug logs * fmp4mux: don't require dts for predictive-only formats like vp9 * aws: fix title in README * deny: Update * fmp4: add support for muxing VP9 streams in cmaf, dash and iso fmp4 * Add Cargo.lock * Update to release versions of gtk-rs and gstreamer-rs * Update versions to 0.9.0 * Update to async-tungstenite 0.18 * pngenc: Encode every frame individually * ts/pad: use `gst::Pad` in handlers trait functions... * ts/pad: don't pass self as ref in remaining handler traits functions * textwrap: Update to textwrap 0.16 * Move from `imp.instance()` to `imp.obj()` * Remove `&` for `obj` in log macros * Update docs * Add all missing plugins/elements to the README.md * Fix GObject type names, GStreamer debug category names and element factory names * Add new mux subdirectory for container formats * rtp: Move GCC bandwidth estimation element from webrtc to rtp plugin * Make GStreamer plugin/crate/library/directory names and descriptions consistent * Rename rtpav1 plugin to just rtp * videocompare: Update README with reference * Sort members in Cargo.toml and meson.build alphabetically and the same in both files * Various minor cleanups * meson: Fix warning * videocompare: Fix warning * Take advantage of `Into<Option<_>>` args * onvifmetadatacombiner: On timeout don't wait for metadata to arrive anymore but output the current video frame * onvifmetadatacombiner: Add a lot of trace debug output * spotifyaudiosrc: convert to PushSrc ==== gupnp ==== Version update (1.6.1 -> 1.6.2) - Update to version 1.6.2: + Add test for issue 81. + Bugs fixed in this release: - https://gitlab.gnome.org/GNOME/gupnp/issues/81 ==== hplip ==== Subpackages: hplip-hpijs hplip-sane hplip-udev-rules - Update disable_hp-upgrade.patch: Log the 'openSUSE disabled this for security message' is 'info', not 'error'. ==== hxtools ==== Version update (20211204 -> 20221119) Subpackages: fd0ssh ofl - Update to release 20221119 * vfontas: add "copy" operation * smm: new utility "palcomp" * vfontas: implement aspect ratio correction for SFD output ==== ibus ==== Subpackages: ibus-dict-emoji libibus-1_0-5 typelib-1_0-IBus-1_0 - Switch to use systemd service file to start ibus daemon * Fix boo#1201421 * Add ibus-ui-gtk3-restart-via-systemd.patch * Enable ibus-autostart for xdg-autostart-generator ==== libXdmcp ==== Version update (1.1.3 -> 1.1.4) Subpackages: libXdmcp-devel libXdmcp6 - Update to version 1.1.4 * Update configure.ac bug URL for gitlab migration * gitlab CI: add a basic build test * Fix build on Solaris 11.3.0 - 11.3.8 * Fix spelling/wording issues * gitlab CI: enable doc builds in basic build test * Use memcpy() instead of memmove() when buffers are known not to overlap * arc4random_buf: Only declare ret if HAVE_GETENTROPY is defined * XdmcpDisposeARRAYofARRAY8: Reduce scope of i * Only link with libbsd if needed for arc4random_buf() * Switch from libbsd to libbsd-overlay ==== libXpm ==== Version update (3.5.13 -> 3.5.14) Subpackages: libXpm-devel libXpm4 - Update to version 3.5.14 * Fix spelling/wording issues * man: strip trailing whitespace * gitlab CI: add a basic build test * man pages: Make file names consistent with their displayed names * man pages: Fix shadow man pages * man pages: Make function synopses more consistent with other pages * man pages: Add missing word 'function' where needed * man pages: Fix typos * man pages: Correct Copyright/License notices * add man pages based on doc/xpm.PS * update man pages ==== libXrandr ==== Version update (1.5.2 -> 1.5.3) - Update to version 1.5.3 * Fix spelling/wording issues * gitlab CI: add a basic build test * Xrandr.h: remove misleading comment for XRRGetScreenSizeRange() * XRRGetProviderInfo: Remove unneeded ProviderInfoExtra * Variable scope reductions as recommended by cppcheck * Remove unnecessary casts of return values from malloc() ==== make ==== - reset-sigpipe.patch: Removed - sigpipe-fatal.patch: Handle SIGPIPE as a fatal signal ==== mozjs102 ==== Version update (102.4.0 -> 102.5.0) - Update to version 102.5.0: + Various stability, functionality, and security fixes. + CVE-2022-45403: Service Workers might have learned size of cross-origin media files. + CVE-2022-45404: Fullscreen notification bypass. + CVE-2022-45405: Use-after-free in InputStream implementation. + CVE-2022-45406: Use-after-free of a JavaScript Realm. + CVE-2022-45408: Fullscreen notification bypass via windowName. + CVE-2022-45409: Use-after-free in Garbage Collection. + CVE-2022-45410: ServiceWorker-intercepted requests bypassed SameSite cookie policy. + CVE-2022-45411: Cross-Site Tracing was possible via non-standard override headers. + CVE-2022-45412: Symlinks may resolve to partially uninitialized buffers. + CVE-2022-45416: Keystroke Side-Channel Leakage. + CVE-2022-45418: Custom mouse cursor could have been drawn over browser UI. + CVE-2022-45420: Iframe contents could be rendered outside the iframe. + CVE-2022-45421: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5. ==== mpfr ==== - package license files correctly ==== python-Twisted ==== Subpackages: python310-Twisted python310-Twisted-tls - Skip rpmlint error python-tests-in-package. ==== python-rich ==== Version update (12.5.1 -> 12.6.0) - change Source URL to https://files.pythonhosted.org - change Upstream URL to https://github.com/Textualize/rich - add _service file to easily download this - remove CHANGELOG.md, as this is not present in the PyPI tarball - Update to 12.6.0: * Added - Parse ANSI escape sequences in pretty repr #2470 - Add support for FORCE_COLOR env var #2449 - Allow a max_depth argument to be passed to the install() hook #2486 - Document using None as name in __rich_repr__ for tuple positional args #2379 - Add font_aspect_ratio parameter in SVG export https://github.com/Textualize/rich/pull/2539/files - Added Table.add_section method. #2544 * Fixed - Handle stdout/stderr being null #2513 - Fix NO_COLOR support on legacy Windows #2458 - Fix pretty printer handling of cyclic references #2524 - Fix missing mode property on file wrapper breaking uploads via requests #2495 - Fix mismatching default value of parameter ensure_ascii #2538 - Remove unused height parameter in Layout class #2540 - Fixed exception in Syntax.rich_measure for empty files * Changed - Removed border from code blocks in Markdown ==== python-testtools ==== - Skip rpmlint error python-tests-in-package. ==== python-typing_extensions ==== - Back to multibuild: remove python-testsuite from buildcycle, because of setuptools_scm closing it at the other end. ==== raspberrypi-firmware ==== Version update (2022.10.26 -> 2022.11.18) - Update to b8a7365 (2022-11-18): * firmware: arm_loader: Improvements to Compute Module audio See: https://forums.raspberrypi.com/viewtopic.php?p=2052680 * firmware: arm_loader: Fix GPIO bank 1 support See: #1756 ==== raspberrypi-firmware-config ==== Version update (2022.10.26 -> 2022.11.18) - Update to b8a7365 (2022-11-18): * firmware: arm_loader: Improvements to Compute Module audio See: https://forums.raspberrypi.com/viewtopic.php?p=2052680 * firmware: arm_loader: Fix GPIO bank 1 support See: #1756 ==== suse-module-tools ==== Version update (16.0.26 -> 16.0.27) - Update to version 16.0.27: * 80-hotplug-cpu-mem.rules: use CONST{arch} (bsc#1204423) ==== xfce4-settings ==== Version update (4.16.4 -> 4.16.5) Subpackages: xfce4-settings-color xfce4-settings-lang - Update to version 4.16.5 * Fix regression introduced in 4.16.4: "exo-open" not working for paths with spaces inside (gxo#xfce/xfce4-settings#403) ==== yast2-ntp-client ==== Version update (4.5.1 -> 4.5.2) - Fix the netconfig executable path using /sbin/netconfig instead of /usr/sbin/netconfig which is not available in SLE-15-SP5 (bsc#1205401) - 4.5.2 ==== yast2-online-update ==== Version update (4.5.1 -> 4.5.2) Subpackages: yast2-online-update-frontend - bsc#1204907 - Dropped old workaround from 2.13.15 with unconditional refresh of all repositories. - 4.5.2 ==== yast2-storage-ng ==== Version update (4.5.13 -> 4.5.14) - GuidedProposal: support for LUKS2 encryption with a configurable PBKDF to be used by D-Installer (related to jsc#PED-2182). - 4.5.14
