Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&version=Tumbleweed&build=20231120 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: dracut (059+suse.511.g0bdb16ac -> 059+suse.522.g0fc72191) drbd gnutls (3.8.1 -> 3.8.2) hplip inkscape (1.3 -> 1.3.1) libksba (1.6.4 -> 1.6.5) libreoffice (7.6.2.1 -> 7.6.3.1) libsolv (0.7.25 -> 0.7.26) libxml2 (2.11.5 -> 2.11.6) libxml2-python (2.11.5 -> 2.11.6) rubygem-google-protobuf (3.23.1 -> 3.25.1) rubygem-rgl (0.5.10 -> 0.6.6) rubygem-webrick (1.7.0 -> 1.8.1) sssd texlive virglrenderer === Details === ==== dracut ==== Version update (059+suse.511.g0bdb16ac -> 059+suse.522.g0fc72191) - Update to version 059+suse.522.g0fc72191: * fix(install.d): do not create rescue entry when working with UKIs * fix(install.d): skip if $KERNEL_INSTALL_INITRD_GENERATOR is set otherwise * feat(resume): do not attempt to install [email protected] * feat(install.d): add sort-key field to rescue BLS entries * fix(install.d): do not generate a new initrd if any INITRD_FILE is provided * fix(install.d): do not create initramfs if the supplied image is UKI * feat(install.d): allow using dracut in combination with ukify * fix(resume): add new systemd-hibernate-resume.service * feat(systemd): install systemd-executor ==== drbd ==== - drbd: fix build error against kernel v6.6.1 (boo#1217078) * add upstream patches + 0021-compat-sock-Remove-sendpage-in-favour-of-sendmsg-MSG.patch + 0022-compat-block-replace-fmode_t-with-a-block-specific-t.patch + 0023-compat-genetlink-remove-userhdr-from-struct-genl_inf.patch * remove patch which are already included in upstream patches: - bsc-1215699_fix-build-error-against-kernel-v6.5.4.patch ==== gnutls ==== Version update (3.8.1 -> 3.8.2) Subpackages: libgnutls-dane0 libgnutls30 - Update to 3.8.2: [bsc#1217277, CVE-2023-5981] * libgnutls: Fix timing side-channel inside RSA-PSK key exchange. [GNUTLS-SA-2023-10-23, CVSS: medium] [CVE-2023-5981] * libgnutls: Add API functions to perform ECDH and DH key agreement The functionality has been there for a long time though they were not available as part of the public API. This enables applications to implement custom protocols leveraging non-interactive key agreement with ECDH and DH. * libgnutls: Added support for AES-GCM-SIV ciphers (RFC 8452) The new algorithms GNUTLS_CIPHER_AES_128_SIV_GCM and GNUTLS_CIPHER_AES_256_SIV_GCM have been added to be used through the AEAD interface. Note that, unlike GNUTLS_CIPHER_AES_{128,256}_SIV_GCM, the authentication tag is appended to the ciphertext, not prepended. * libgnutls: transparent KTLS support is extended to FreeBSD kernel The kernel TLS feature can now be enabled on FreeBSD as well as Linux when compiled with the --enable-ktls configure option. * gnutls-cli: New option --starttls-name Depending on deployment, application protocols such as XMPP may require a different origin address than the external address to be presented prior to STARTTLS negotiation. The --starttls-name can be used to specify specify the addresses separately. * API and ABI modifications: - gnutls_pubkey_import_dh_raw: New function - gnutls_privkey_import_dh_raw: New function - gnutls_pubkey_export_dh_raw: New function - gnutls_privkey_export_dh_raw: New function - gnutls_x509_privkey_import_dh_raw: New function - gnutls_privkey_derive_secret: New function - GNUTLS_KEYGEN_DH: New enum member of gnutls_keygen_types_t - GNUTLS_CIPHER_AES_128_SIV_GCM: Added - GNUTLS_CIPHER_AES_256_SIV_GCM: Added * Rebase gnutls-FIPS-140-3-references.patch * Remove upstream: gnutls-GNUTLS_NO_EXTENSIONS-compatibility.patch ==== hplip ==== Subpackages: hplip-hpijs hplip-sane hplip-udev-rules - hppsfilter: booklet printing: change insecure fixed /tmp file paths (bsc#1214399) * add hppsfilter-booklet-printing-change-insecure-fixed-tm.patch ==== inkscape ==== Version update (1.3 -> 1.3.1) Subpackages: inkscape-extensions-extra inkscape-extensions-fig inkscape-extensions-gimp - Update to version 1.3.1: + more than 30 crash/freeze fixes + a new feature to disable snapping to grid lines + a new feature to split text into its letters + the Shape Builder tool now creates an appropriate number of nodes + PDF files that could not be opened with Inkscape 1.3 can now be opened / imported again + See the full release notes https://inkscape.org/doc/release_notes/1.3.1/Inkscape_1.3.1.html ==== libksba ==== Version update (1.6.4 -> 1.6.5) - Update to 1.6.5: * Add Brainpool curve detection using parameters with compressed base point. [rKeb23f853f178] * New configure option --with-libtool-modification. [T6619] * Release-info: https://dev.gnupg.org/T6822 ==== libreoffice ==== Version update (7.6.2.1 -> 7.6.3.1) Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-en libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit - Update to 7.6.3.1: https://wiki.documentfoundation.org/Releases/7.6.3/RC1 https://wiki.documentfoundation.org/Releases/7.6.2/RC2 - Update bundled dependencies: libcmis-0.5.2.tar.xz -> libcmis-0.6.0.tar.xz poppler-23.06.0.tar.xz -> poppler-23.09.0.tar.xz - Add bundled() markers ==== libsolv ==== Version update (0.7.25 -> 0.7.26) Subpackages: libsolv-tools python3-solv ruby-solv - fix evr roundtrip in testcases - do not use deprecated headerUnload with newer rpm versions - bump version to 0.7.26 ==== libxml2 ==== Version update (2.11.5 -> 2.11.6) Subpackages: libxml2-2 libxml2-tools - Update to version 2.11.6: * Regressions: - threads: Fix --with-thread-alloc - xinclude: Fix âlastâ pointer in xmlXIncludeCopyNode * Bug fixes: parser: Fix potential use-after-free in xmlParseCharDataInternal ==== libxml2-python ==== Version update (2.11.5 -> 2.11.6) - Update to version 2.11.6: * Regressions: - threads: Fix --with-thread-alloc - xinclude: Fix âlastâ pointer in xmlXIncludeCopyNode * Bug fixes: parser: Fix potential use-after-free in xmlParseCharDataInternal ==== rubygem-google-protobuf ==== Version update (3.23.1 -> 3.25.1) - New upstream release 3.25.1 - Add 0001-ruby-return-0-from-shared_convert.c-shared_message.c.patch to fix build failures with -Werror=return-type - Fix spurious +x permissions in the sources ==== rubygem-rgl ==== Version update (0.5.10 -> 0.6.6) - New upstream release 0.6.6, see bundled CHANGELOG.md ==== rubygem-webrick ==== Version update (1.7.0 -> 1.8.1) - New upstream release 1.8.1, no changelog found ==== sssd ==== Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-krb5-common sssd-ldap - Fix spec file for Leap - /usr/etc migration, restore /etc/sssd/sssd.conf.rpmsave after update (bsc#1216865) - Do not install the KRB5 IDP plugin, it is useless without the OIDC child - Drop no longer valid --without-secrets configure switch ==== texlive ==== Subpackages: libkpathsea6 libsynctex2 - Silent some rpmlint errors - Catch all lua based binaries for boo#1216650 - texlive-latex-bin-bin: Ensure the same version of libz1 is installed in system as against what texlive was compiled (boo#1216650). ==== virglrenderer ==== - Add pkgconfig(libva) BuildRequires: Enable support for hardware video acceleration - Add pkgconfig(vulkan) BuildRequires: Enable support for venus on Tumbleweed (build failed on leap)
