Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&version=Tumbleweed&build=20251028 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: Mesa (25.2.4 -> 25.2.5) Mesa-drivers (25.2.4 -> 25.2.5) apache2-mod_php8 (8.4.13 -> 8.4.14) bind (9.20.13 -> 9.20.15) busybox-links dejavu-fonts file-roller (44.5 -> 44.6) gcc15 gdk-pixbuf (2.44.3 -> 2.44.4) glib2 (2.86.0 -> 2.86.1) glycin-loaders (2.0.3 -> 2.0.4) gnome-tour (49.0.openSUSE+git20251016.669c499 -> 49.0.openSUSE+git20251020.478f3eb) gnome-weather google-noto-coloremoji-fonts (20250622 -> 20250916) gpg2 (2.5.12 -> 2.5.13) graphviz (12.2.1 -> 14.0.0) grub2 ipw-firmware kdbg (3.1.0 -> 3.2.0) kernel-firmware-amdgpu (20251004 -> 20251024) kernel-firmware-bluetooth (20251010 -> 20251024) kernel-firmware-intel (20251018 -> 20251024) kernel-firmware-iwlwifi (20250903 -> 20251024) kernel-firmware-mediatek (20250926 -> 20251024) kernel-firmware-qcom (20251010 -> 20251024) kernel-firmware-sound (20251018 -> 20251024) kernel-source (6.17.4 -> 6.17.5) lapack lcms2 (2.16 -> 2.17) libevdev (1.13.4 -> 1.13.5) libffi libglycin (2.0.3 -> 2.0.4) libinput (1.28.1 -> 1.29.2) libphonenumber libplacebo librsvg (2.61.1 -> 2.61.2) libxkbcommon (1.11.0 -> 1.12.2) llvm21 (21.1.3 -> 21.1.4) luajit (5.1.2.1.0+git.1741730670.538a821 -> 2.1.20250826) mariadb mutter (49.1 -> 49.1.1) openSUSE-release (20251022 -> 20251028) pciutils pcre2 (10.46 -> 10.47) perl-HTTP-Message (7.0.0 -> 7.10.0) perl-IO-String (1.08 -> 1.80.0) perl-Net-Patricia (1.230.0 -> 1.240.0) perl-TimeDate (2.33 -> 2.330.0) perl-URI (5.320.0 -> 5.340.0) perl-libwww-perl (6.800.0 -> 6.810.0) php8 (8.4.13 -> 8.4.14) python-Pygments python-certifi (2025.6.15 -> 2025.10.5) python-gobject (3.54.3 -> 3.54.5) python-psutil (7.1.0 -> 7.1.1) python-pyOpenSSL python-setuptools python313-setuptools qt6-base qt6-declarative raspberrypi-firmware-dt selinux-policy (20251016 -> 20251021) snapshot sqlite3 suitesparse (7.10.3 -> 7.11.0) un-fonts unbound (1.24.0 -> 1.24.1) xfdesktop yast2 (5.0.16 -> 5.0.17) yast2-trans (84.87.20251018.189b3dd61e -> 84.87.20251021.5e431d2e7b) === Details === ==== Mesa ==== Version update (25.2.4 -> 25.2.5) Subpackages: Mesa-libEGL1 Mesa-libGL1 libgbm1 - Update to release 25.2.5 - -> https://docs.mesa3d.org/relnotes/25.2.5 ==== Mesa-drivers ==== Version update (25.2.4 -> 25.2.5) Subpackages: Mesa-dri Mesa-libva Mesa-vulkan-device-select libvulkan_lvp - Update to release 25.2.5 - -> https://docs.mesa3d.org/relnotes/25.2.5 ==== apache2-mod_php8 ==== Version update (8.4.13 -> 8.4.14) - version update to 8.4.14 Core: Fixed bug GH-19765 (object_properties_load() bypasses readonly property checks). Fixed hard_timeout with --enable-zend-max-execution-timers. Fixed bug GH-19792 (SCCP causes UAF for return value if both warning and exception are triggered). Fixed bug GH-19653 (Closure named argument unpacking between temporary closures can cause a crash). Fixed bug GH-19839 (Incorrect HASH_FLAG_HAS_EMPTY_IND flag on userland array). Fixed bug GH-19480 (error_log php.ini cannot be unset when open_basedir is configured). Fixed bug GH-20002 (Broken build on *BSD with MSAN). CLI: Fix useless "Failed to poll event" error logs due to EAGAIN in CLI server with PHP_CLI_SERVER_WORKERS. Curl: Fix cloning of CURLOPT_POSTFIELDS when using the clone operator instead of the curl_copy_handle() function to clone a CurlHandle. Fix curl build and test failures with version 8.16. Date: Fixed GH-17159: "P" format for ::createFromFormat swallows string literals. DOM: Fix macro name clash on macOS. Fixed bug GH-20022 (docker-php-ext-install DOM failed). GD: Fixed GH-19955 (imagefttext() memory leak). MySQLnd: Fixed bug #67563 (mysqli compiled with mysqlnd does not take ipv6 adress as parameter). Opcache: Fixed bug GH-19669 (assertion failure in zend_jit_trace_type_to_info_ex). Fixed bug GH-19831 (function JIT may not deref property value). Fixed bug GH-19889 (race condition in zend_runtime_jit(), zend_jit_hot_func()). Phar: Fix memory leak and invalid continuation after tar header writing fails. Fix memory leaks when creating temp file fails when applying zip signature. SimpleXML: Fixed bug GH-19988 (zend_string_init with NULL pointer in simplexml (UB)). Soap: Fixed bug GH-19784 (SoapServer memory leak). Fixed bug GH-20011 (Array of SoapVar of unknown type causes crash). Standard: Fixed bug GH-12265 (Cloning an object breaks serialization recursion). Fixed bug GH-19701 (Serialize/deserialize loses some data). Fixed bug GH-19801 (leaks in var_dump() and debug_zval_dump()). Fixed bug GH-20043 (array_unique assertion failure with RC1 array causing an exception on sort). Fixed bug GH-19926 (reset internal pointer earlier while splicing array while COW violation flag is still set). Fixed bug GH-19570 (unable to fseek in /dev/zero and /dev/null). Streams: Fixed bug GH-19248 (Use strerror_r instead of strerror in main). Fixed bug GH-17345 (Bug #35916 was not completely fixed). Fixed bug GH-19705 (segmentation when attempting to flush on non seekable stream. XMLReader: Fixed bug GH-20009 (XMLReader leak on RelaxNG schema failure). Zip: Fixed bug GH-19688 (Remove pattern overflow in zip addGlob()). Fixed bug GH-19932 (Memory leak in zip setEncryptionName()/setEncryptionIndex()). ==== bind ==== Version update (9.20.13 -> 9.20.15) Subpackages: bind-doc bind-utils - Upgrade to release 9.20.15 Security Fixes: * DNSSEC validation fails if matching but invalid DNSKEY is found. [CVE-2025-8677, bsc#1252378] * Address various spoofing attacks. [CVE-2025-40778, bsc#1252379] * Cache-poisoning due to weak pseudo-random number generator. [CVE-2025-40780, bsc#1252380] New Features: * Add dnssec-policy keys configuration check to named-checkconf. Bug Fixes: * Missing DNSSEC information when CD bit is set in query. * rndc sign during ZSK rollover will now replace signatures. * Use signer name when disabling DNSSEC algorithms. * Preserve cache when reload fails and reload the server again. ==== busybox-links ==== Subpackages: busybox-coreutils busybox-diffutils busybox-ed busybox-findutils busybox-gawk busybox-grep busybox-gzip busybox-psmisc busybox-sed busybox-which busybox-xz - Add conflicts of busybox-misc to ascii ==== dejavu-fonts ==== - use %license tag [bsc#1252142] ==== file-roller ==== Version update (44.5 -> 44.6) - Update to version 44.6: + LHA: parse lha list output correctly + RAR: fixed error when the archive contains big files + 7zip: fixed âfollow linksâ flag + unarchiver: allow unar to open StuffIt archives + New Archive: fixed options sensitivity after changing extension + Extract: make âselected filesâ sensitive when there is a selection + One directory is interpreted as single file on compression dialog + Updated translations. ==== gcc15 ==== Subpackages: cpp15 libasan8 libatomic1 libgcc_s1 libgccjit0 libgfortran5 libgomp1 libhwasan0 libitm1 liblsan0 libobjc4 libstdc++6 libstdc++6-pp libtsan2 libubsan1 - Add gcc15-pr120424.patch to backport fix that cures a miscompile of libgo on arm. [bsc#1252306] ==== gdk-pixbuf ==== Version update (2.44.3 -> 2.44.4) Subpackages: gdk-pixbuf-query-loaders libgdk_pixbuf-2_0-0 typelib-1_0-GdkPixbuf-2_0 - Update to version 2.44.4: + glycin: - Make svgz work - Support saving avif + docs: Add deprecation tags for GdkPixbufAnimation + bmp: Fix loading of bottom-up images ==== glib2 ==== Version update (2.86.0 -> 2.86.1) Subpackages: glib2-tools libgio-2_0-0 libgirepository-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 libgthread-2_0-0 typelib-1_0-GIRepository-3_0 typelib-1_0-GLib-2_0 typelib-1_0-GModule-2_0 typelib-1_0-GObject-2_0 typelib-1_0-Gio-2_0 - Update to version 2.86.1: + Bugs fixed: - GIRepository: union fields offsets for compiled typelibs all have offset 0xffff - `gio/tests/socket-listener` requires dlsym - GLib.OptionContext's get_help() includes width of invisible options - Memory leak related to g_get_home_dir - Gio.AppInfo.launch_default_for_uri_async crashes with non-existent paths - GNetworkMonitor's netlink backend doesn't notify connectivity change - ghash: Fix entry_is_big for CHERI architecture - ghash: Handle all table sizes in iterator - gbookmarkfile: Escape icon href and mime-type - docs: Add Luca Bacci as a co-maintainer of the Windows code - tests: Fix clang compilation warnings - gmem: Replace SIZE_OVERFLOWS with g_size_checked_mul - gstrfuncs: Check string length in g_strescape - gutils: Improve load_user_special_dirs' user-dirs.dirs parser - gutils: Handle singletons in unlocked functions - ghostutils: Treat 0x80 (and above) as non-ASCII - various fixes to user-dirs.dirs handling in gutils - girnode: Fix computation of union member offsets - gopenuriportal: Fix a crash when the file canât be opened - gtype: Use transfer none for types (un)ref functions - gnetworkmonitorbase: Add missing notify::connectivity signal + Updated translations. ==== glycin-loaders ==== Version update (2.0.3 -> 2.0.4) - Update to version 2.0.4: + This release contains the following new component versions: - glycin-heif 2.0.4 - glycin-image-rs 2.0.4 - glycin-jpeg2000 2.0.4 - glycin-jxl 2.0.4 - glycin-raw 2.0.4 - glycin-svg 2.0.4 - glycin-utils 4.0.4 - glycin 3.0.4 - libglycin 2.0.4 - libglycin-gtk4 2.0.4 + Fixed: - D-Bus connections were never completely closed, causing a memory and FD leak. - Default to loop for animations if no explicit value is set. This fixed as backward compatibility issue when glycin/libglycin is not a .3 or later. - Support having symlinks in a directory that is already a symlink and both a explicitly picked up by fontconfig. ==== gnome-tour ==== Version update (49.0.openSUSE+git20251016.669c499 -> 49.0.openSUSE+git20251020.478f3eb) Subpackages: gnome-tour-data opensuse-welcome - Replace appstream-glib with AppStream BuildRequires, meson setup checks for it, and it was already pulled in via other dependencies. - Use custom icon and destop name in opensuse-welcome bsc#1252287 ==== gnome-weather ==== Subpackages: gnome-shell-search-provider-gnome-weather - Replace appstream-glib with AppStream BuildRequires, meson setup checks for it, and it was already pulled in via other dependencies. ==== google-noto-coloremoji-fonts ==== Version update (20250622 -> 20250916) - Update to v2.051 * Unicode 17.0 update mk1 ==== gpg2 ==== Version update (2.5.12 -> 2.5.13) Subpackages: dirmngr - Update to 2.5.13: * gpg: Fix de-vs compliance with OCB and additional password. [T7804] * gpg: Detect duplicate keys with --add-recipients. [T1825] * gpg: Take care about the prefix for cv25519 encryption. [T7649] * gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures. [rGdb9705ef59] * gpg: Error out on unverified output for non-detached signatures. [rG8abc320f2a] * gpgsm: Use KEM interface for en- and decryption. [T7811,T7845] * gpgsm: Fix delete and store certificate locking glitches. [T7855] * gpg,gpgsm: Run keybox compression only when there are no other users. [T7855] * gpg,gpgsm: Improve keybox closing and locking order on read and write. [T7855] * gpg,gpgsm: Always use share mode read-write for the keybox file access. [T7829] * scd:openpgp: Fix an oddity in changing the PIN. [T7840] * dirmngr: New LDAP keyserver flag "upload". [T7866] * agent: Retry private key deletion in case of sharing violations for up to 400ms. [T7863] * Release-info: https://dev.gnupg.org/T7801 ==== graphviz ==== Version update (12.2.1 -> 14.0.0) Subpackages: libpathplan4 libxdot4 - Update to 14.0.0 * Changes see ChangeLog.md - Remove unneeded patches (fixed mainline): D graphviz-array_overflow.patch D graphviz-no_php_extra_libs.patch D graphviz-useless_warnings.patch D swig-4.1.0.patch - Remove old, unneeded condition: if 0%{?suse_version} == 1315 ==== grub2 ==== Subpackages: grub2-arm64-efi grub2-arm64-efi-bls grub2-common grub2-snapper-plugin grub2-systemd-sleep-plugin - Fix "sparse file not allowed" error after grub2-reboot (bsc#1245738) * grub2-grubenv-in-btrfs-header.patch - Fix PowerPC network boot prefix to correctly locate grub.cfg (bsc#1249385) * 0001-ieee1275-Use-net-config-for-boot-location-instead-of.patch ==== ipw-firmware ==== - properly install license files ==== kdbg ==== Version update (3.1.0 -> 3.2.0) - Update to 3.2.0 * KDbg can be built for KDE Frameworks 6/Qt6 * XSL debugging support was removed - Drop patch: * kdbg-cmake4.patch ==== kernel-firmware-amdgpu ==== Version update (20251004 -> 20251024) - Update to version 20251024 (git commit 9b899c779b8a): * amdgpu: DMCUB updates for various ASICs * amdgpu: DMCUB updates for various ASICs - Update aliases ==== kernel-firmware-bluetooth ==== Version update (20251010 -> 20251024) - Update to version 20251024 (git commit 9b899c779b8a): * QCA: Update Bluetooth WCN6856 firmware 2.1.0-00653 to 2.1.0-00659 ==== kernel-firmware-intel ==== Version update (20251018 -> 20251024) - Update to version 20251024 (git commit 9b899c779b8a): * linux-firmware: Renaming the file to cover a wide range of HP Lunar Lake system. * intel: qat: Fix missing link ==== kernel-firmware-iwlwifi ==== Version update (20250903 -> 20251024) - Update to version 20251024 (git commit 9b899c779b8a): * iwlwifi: add Bz/Fm and gl FW for core98-161 release * iwlwifi: update Bz/Hr and Bz/Gf firmwares for core98-161 release * iwlwifi: update ty/So/Ma firmwares for core98-161 release * iwlwifi: update cc/Qu/QuZ firmwares for core98-161 release ==== kernel-firmware-mediatek ==== Version update (20250926 -> 20251024) - Update to version 20251024 (git commit 9b899c779b8a): * mediatek MT7920: update bluetooth firmware to 20251020151255 * linux-firmware: update firmware for MT7922 WiFi device * linux-firmware: update firmware for MT7920 WiFi device * mediatek MT7922: update bluetooth firmware to 20251020143443 * Revert "linux-firmware: update firmware for MT7922 WiFi device" ==== kernel-firmware-qcom ==== Version update (20251010 -> 20251024) - Update to version 20251024 (git commit 9b899c779b8a): * qcom: add ADSP firmware for kaanapali platform ==== kernel-firmware-sound ==== Version update (20251018 -> 20251024) - Update to version 20251024 (git commit 9b899c779b8a): * cirrus: cs35l41: Rename various Asus Laptop firmware files to not have Speaker ID ==== kernel-source ==== Version update (6.17.4 -> 6.17.5) Subpackages: kernel-64kb kernel-default - expfs: Fix exportfs_can_encode_fh() for EXPORT_FH_FID (bsc#1252541). - commit 00da826 - Linux 6.17.5 (bsc#1012628). - vfs: Don't leak disconnected dentries on umount (bsc#1012628). - ata: libata-core: relax checks in ata_read_log_directory() (bsc#1012628). - arm64/sysreg: Fix GIC CDEOI instruction encoding (bsc#1012628). - drm/xe/guc: Check GuC running state before deregistering exec queue (bsc#1012628). - ixgbevf: fix getting link speed data for E610 devices (bsc#1012628). - ixgbevf: fix mailbox API compatibility by negotiating supported features (bsc#1012628). - rust: cfi: only 64-bit arm and x86 support CFI_CLANG (bsc#1012628). - smb: client: Fix refcount leak for cifs_sb_tlink (bsc#1012628). - x86/CPU/AMD: Prevent reset reasons from being retained across reboot (bsc#1012628). - slab: reset slab->obj_ext when freeing and it is OBJEXTS_ALLOC_FAIL (bsc#1012628). - io_uring: protect mem region deregistration (bsc#1012628). - Revert "drm/amd/display: Only restore backlight after amdgpu_dm_init or dm_resume" (bsc#1012628). - r8152: add error handling in rtl8152_driver_init (bsc#1012628). - net: usb: lan78xx: Fix lost EEPROM write timeout error(-ETIMEDOUT) in lan78xx_write_raw_eeprom (bsc#1012628). - KVM: arm64: Prevent access to vCPU events before init (bsc#1012628). - f2fs: fix wrong block mapping for multi-devices (bsc#1012628). - gve: Check valid ts bit on RX descriptor before hw timestamping (bsc#1012628). - jbd2: ensure that all ongoing I/O complete before freeing blocks (bsc#1012628). - ext4: wait for ongoing I/O to complete before freeing blocks (bsc#1012628). - ext4: detect invalid INLINE_DATA + EXTENTS flag combination (bsc#1012628). - btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running (bsc#1012628). - btrfs: fix memory leak on duplicated memory in the qgroup assign ioctl (bsc#1012628). - btrfs: only set the device specific options after devices are opened (bsc#1012628). - btrfs: fix incorrect readahead expansion length (bsc#1012628). - btrfs: fix memory leaks when rejecting a non SINGLE data profile without an RST (bsc#1012628). - btrfs: do not assert we found block group item when creating free space tree (bsc#1012628). - can: gs_usb: gs_make_candev(): populate net_device->dev_port (bsc#1012628). - can: gs_usb: increase max interface to U8_MAX (bsc#1012628). - cifs: parse_dfs_referrals: prevent oob on malformed input (bsc#1012628). - cxl/acpi: Fix setup of memory resource in cxl_acpi_set_cache_size() (bsc#1012628). - ALSA: hda/intel: Add MSI X870E Tomahawk to denylist (bsc#1012628). - ALSA: hda/realtek: Add quirk entry for HP ZBook 17 G6 (bsc#1012628). - ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_get_acpi_mute_state() (bsc#1012628). - ALSA: hda: Fix missing pointer check in hda_component_manager_init function (bsc#1012628). - drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies (bsc#1012628). - drm/amdgpu: use atomic functions with memory barriers for vm fault info (bsc#1012628). - drm/amdgpu: fix gfx12 mes packet status return check (bsc#1012628). - drm/xe: Increase global invalidation timeout to 1000us (bsc#1012628). - perf/core: Fix address filter match with backing files (bsc#1012628). - perf/core: Fix MMAP event path names with backing files (bsc#1012628). - perf/core: Fix MMAP2 event device with backing files (bsc#1012628). - drm/amd: Check whether secure display TA loaded successfully (bsc#1012628). - PM: hibernate: Add pm_hibernation_mode_is_suspend() (bsc#1012628). - drm/amd: Fix hybrid sleep (bsc#1012628). - media: nxp: imx8-isi: m2m: Fix streaming cleanup on release (bsc#1012628). - usb: gadget: Store endpoint pointer in usb_request (bsc#1012628). - usb: gadget: Introduce free_usb_request helper (bsc#1012628). - usb: gadget: f_rndis: Refactor bind path to use __free() (bsc#1012628). - usb: gadget: f_acm: Refactor bind path to use __free() (bsc#1012628). - usb: gadget: f_ecm: Refactor bind path to use __free() (bsc#1012628). - usb: gadget: f_ncm: Refactor bind path to use __free() (bsc#1012628). - HID: multitouch: fix sticky fingers (bsc#1012628). - dax: skip read lock assertion for read-only filesystems (bsc#1012628). ... changelog too long, skipping 244 lines ... - commit 60fe5ed ==== lapack ==== Subpackages: libblas3 libcblas3 liblapack3 - Do not install spurious noname man page. ==== lcms2 ==== Version update (2.16 -> 2.17) - Enable threads support * Drop lcms2-visibility.patch as it was causing linker errors when enabling threads - Update to 2.17: * Add fuzzers foundation. Many thanks to Amir Montazery and Open-Source Technology Improvement Fund (ostif.org), Google, for funding that. * Add ability to disable building tests in meson * Fixed gamut warning not working on certain conditions * Mac sequoia added to test beds * Add the possibility of duplicating a NULL context for cloning defaults. * Small cleanup of CGATS parser. * Change computation of profile ID to follow actual ICC spec (yes, they changed the spec!) * Allow to apply color management on memory blocks > 4Gb. * Get rid of samples on meson compilation * Increase coverage of pre-multiplied alpha. * Bug fixing and cosmetical work. - Refresh lcms2-ocloexec.patch ==== libevdev ==== Version update (1.13.4 -> 1.13.5) - Update to 1.14.5 * include: sync event codes with kernel 6.16 and kernel 6.17 * util: change the bit to shift to ULL ==== libffi ==== - Add upstream patch to fix GCS on aarch64: * 943.patch ==== libglycin ==== Version update (2.0.3 -> 2.0.4) - Update to version 2.0.4: + This release contains the following new component versions: - glycin-heif 2.0.4 - glycin-image-rs 2.0.4 - glycin-jpeg2000 2.0.4 - glycin-jxl 2.0.4 - glycin-raw 2.0.4 - glycin-svg 2.0.4 - glycin-utils 4.0.4 - glycin 3.0.4 - libglycin 2.0.4 - libglycin-gtk4 2.0.4 + Fixed: - D-Bus connections were never completely closed, causing a memory and FD leak. - Default to loop for animations if no explicit value is set. This fixed as backward compatibility issue when glycin/libglycin is not a .3 or later. - Support having symlinks in a directory that is already a symlink and both a explicitly picked up by fontconfig. ==== libinput ==== Version update (1.28.1 -> 1.29.2) Subpackages: libinput-udev libinput10 - Update to release 1.29.2 * A potential crasher caused by abort if the dial/ring/strip pad mode group was not found, was fixed. * A zero delta timestamp caused the custom pointer acceleration to jump to 0/0 when clicking a button. * A missing forced proximity out event could cause two tablet tools to be in proximity at the same time. This could cause GTK applications to crash. - Update to release 1.29 * High-resolution scroll wheels have better heuristics to avoid inadvertent scrolls. This should also help with lesser-resolution scroll wheels which can skip those heuristics now, resulting in better responsiveness. * Virtual devices (e.g. uinput) are now detected in libinput and some internal heuristics are disabled for those (e.g. tablet smoothing). * Tablet tools with an fixed eraser button (almost all these days) can now configure that eraser button to be a regular button instead. * Jumping cursors on Asus "ASUE..." touchpads have lost their excitement and are no longer jumping. * libinput debug-tablet-pad is a new tool for interactive tablet pad debugging. - Delete pkgconf.patch (merged) ==== libphonenumber ==== - Fix libphonenumber-devel dependencies. libphonenumber::phonenumber-shared's INTERFACE_LINK_LIBRARIES contains Boost::date_time and Boost::thread ==== libplacebo ==== - Grab 12509c0f1ee8c22ae163017f0a5e7b8a9d983a17.patch from upstream repository Drops 12509c0f.patch - Drop Leap < 16 (does not meet libplacebo build requirements) - Use RPM 4.20 BuildSystem declaration - Clean up spec file ==== librsvg ==== Version update (2.61.1 -> 2.61.2) Subpackages: librsvg-2-2 typelib-1_0-Rsvg-2_0 - Update to version 2.61.2: + librsvg crate version 2.61.2 + librsvg-rebind crate version 0.2.1 + Disable compilation of the gdk-pixbuf loader module by default. It used to be that if meson detected that gdk-pixbuf-query-loaders(1) is available, then it would build the gdk-pixbuf loader module. Now that GNOME has switched to glycin loaders for images, which are sandboxed, gdk-pixbuf loaders are deprecated. You can still compile the gdk-pixbuf loader in librsvg by using the "-Dpixbuf-loader=enabled" option when invoking meson. + Reduce stack usage with deeply nested layers. This should be of interest especially for users of Alpine or musl-libc. Librsvg should hopefully no longer require users of musl-libc to increase the stack size for it; please tell the maintainer if that is the case! + "rsvg-convert --version" now also outputs the versions of the C library dependencies being used at runtime. + The build process now checks the version of cargo-cbuild, as it needs to be coordinated with the minimum supported Rust version. The minimum cargo-cbuild for this release is 0.10.10. + Compiling rsvg-convert is now optional, via the "-Drsvg-convert=disabled" option for Meson. + Update Rust dependencies. - Run test suite for all non 32bit targets. ==== libxkbcommon ==== Version update (1.11.0 -> 1.12.2) Subpackages: libxkbcommon-x11-0 libxkbcommon0 libxkbregistry0 - Update to release 1.12.2 * About 1.6Ã speedup at serializing with default options. * About 1.7Ã speedup at parsing keymaps serialized by libxkbcommon, otherwise aruond 1.1Ã. * Added fallback to the legacy X11 path for misconfigured setups where the canonical XKB root is not available. ==== llvm21 ==== Version update (21.1.3 -> 21.1.4) - Update to version 21.1.4. * This release contains bug-fixes for the LLVM 21.1.0 release. This release is API and ABI compatible with 21.1.0. - Simplify script for building documentation. - Use %ldconfig_scriptlets to automatically generate post scriptlets. This doesn't work with %{multisource} in Leap 15.6 though, so we leave a fallback for that. - Drop post scriptlets for gold and polly, which provide only plugin libraries that ldconfig doesn't care about. - Rebase llvm-do-not-install-static-libraries.patch. ==== luajit ==== Version update (5.1.2.1.0+git.1741730670.538a821 -> 2.1.20250826) - Add Provides: Lua(API) - Donât Conflict with lua51 directly. - Donât provide _bindir/lua5.1 - Rewrite SPEC file to work with other Lua interpreters and packages. - Replace the implementation of LuaJIT of the original implementation of Mike Pall with the OpenResty fork. - Just to make rpmlint happy, I have to mention that we removed these patches: - 0003-Get-rid-of-LUAJIT_VERSION_SYM-that-changes-ABI-on-ev.patch - 0002-Enable-debugging-symbols-in-the-build.patch - Reapply patches to avoid fuzz and long-term maintenance: - loong64-support.patch - riscv64-support.patch - Updated to 2.1.20250826 (1756211046) * FFI: Fix dangling CType references (again). * Avoid out-of-range PC for stack overflow error from snapshot restore. * x86/x64: Don't use undefined MUL/IMUL zero flag. * Windows: Add lua52compat option to msvcbuild.bat. - Cherry-pick riscv64-support.patch to add RISC-V support - Cherry-pick loong64-support.patch to add LoongArch support - Increase _default_patch_fuzz to 2 to allow patches to apply - Updated to 2.1.20250529 (1748495995). * https://github.com/openresty/luajit2/compare/v2.1-20250117...v2.1-20250529 ==== mariadb ==== Subpackages: libmariadbd19 mariadb-client mariadb-errormessages - disable pcre2 tests boo#1252518 ==== mutter ==== Version update (49.1 -> 49.1.1) - Update to version 49.1.1: + Fix broken menus in some Xwayland clients + Avoid processing the same key event twice during keybindings + Fixed crash + Misc. bug fixes and cleanups + Updated translations. - Drop mutter-fix-xwayland-dnd-crash.patch: Fixed upstream. ==== openSUSE-release ==== Version update (20251022 -> 20251028) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== pciutils ==== Subpackages: libpci3 - pciutils.spec: Add a strict dependency to libpci. [bsc#1252338] Mixing different versions of pciutils and libpci could result in a segmentation fault due to incompatible ABI. ==== pcre2 ==== Version update (10.46 -> 10.47) Subpackages: libpcre2-16-0 libpcre2-32-0 libpcre2-8-0 libpcre2-posix3 - Update to 10.47: * Pattern recursion of the form (?1(GROUP_NAME_OR_NUM,...)) acts as a subroutine call which additionally returns the listed capturing groups to the calling context. * Fixed a crash in pcre2_callout_enumerate() which is easily reachable on any pattern that contains a Unicode character class. If your application uses this function, please read the details for this change and evaluate its severity for your application. * Support symbol versioning * Add pcre2_next_match() for iterating over all matches * Add the PCRE2_CONFIG_EFFECTIVE_LINKSIZE option to pcre2_config() * Add support for $+ replacement to pcre2_substitute() ==== perl-HTTP-Message ==== Version update (7.0.0 -> 7.10.0) - updated to 7.10.0 (7.01) see /usr/share/doc/packages/perl-HTTP-Message/Changes 7.01 2025-10-19 17:22:21Z - Fix HTTP::Response and HTTP::Request as_string/parse commutativity issue [#62959] (GH#212) (Copilot) - Fix few minor typos (GH#202) (Yoshikazu Sawa) ==== perl-IO-String ==== Version update (1.08 -> 1.80.0) - Normalize CPAN version See https://github.com/openSUSE/cpanspec/issues/47 for details - Add cpanspec.yml to override description length ==== perl-Net-Patricia ==== Version update (1.230.0 -> 1.240.0) - updated to 1.240.0 (1.24) see /usr/share/doc/packages/perl-Net-Patricia/Changes 1.24 2025-10-05 09:32:28 CEST - update the COPYING file - add a license heading to the documentation - fix the POD encoding - remove a test that fails in certain DNS setups ==== perl-TimeDate ==== Version update (2.33 -> 2.330.0) - Normalize CPAN version See https://github.com/openSUSE/cpanspec/issues/47 for details ==== perl-URI ==== Version update (5.320.0 -> 5.340.0) - updated to 5.340.0 (5.34) see /usr/share/doc/packages/perl-URI/Changes 5.34 2025-09-17 11:00:27Z - Add WebSocket (ws, wss) URI (GH#158) (david-dick) 5.33 2025-09-17 03:23:13Z - Add smtp scheme (GH#156) (SineSwiper) ==== perl-libwww-perl ==== Version update (6.800.0 -> 6.810.0) - updated to 6.810.0 (6.81) see /usr/share/doc/packages/perl-libwww-perl/Changes 6.81 2025-10-22 17:04:53Z - Add Security Policy file SECURITY.md (GH#475) (Mikko Koivunalho) - Update test expectations for HTTP-Message 7.01+ trailing newline fix (GH#492) (Copilot) ==== php8 ==== Version update (8.4.13 -> 8.4.14) Subpackages: php8-ctype php8-dom php8-iconv php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter - version update to 8.4.14 Core: Fixed bug GH-19765 (object_properties_load() bypasses readonly property checks). Fixed hard_timeout with --enable-zend-max-execution-timers. Fixed bug GH-19792 (SCCP causes UAF for return value if both warning and exception are triggered). Fixed bug GH-19653 (Closure named argument unpacking between temporary closures can cause a crash). Fixed bug GH-19839 (Incorrect HASH_FLAG_HAS_EMPTY_IND flag on userland array). Fixed bug GH-19480 (error_log php.ini cannot be unset when open_basedir is configured). Fixed bug GH-20002 (Broken build on *BSD with MSAN). CLI: Fix useless "Failed to poll event" error logs due to EAGAIN in CLI server with PHP_CLI_SERVER_WORKERS. Curl: Fix cloning of CURLOPT_POSTFIELDS when using the clone operator instead of the curl_copy_handle() function to clone a CurlHandle. Fix curl build and test failures with version 8.16. Date: Fixed GH-17159: "P" format for ::createFromFormat swallows string literals. DOM: Fix macro name clash on macOS. Fixed bug GH-20022 (docker-php-ext-install DOM failed). GD: Fixed GH-19955 (imagefttext() memory leak). MySQLnd: Fixed bug #67563 (mysqli compiled with mysqlnd does not take ipv6 adress as parameter). Opcache: Fixed bug GH-19669 (assertion failure in zend_jit_trace_type_to_info_ex). Fixed bug GH-19831 (function JIT may not deref property value). Fixed bug GH-19889 (race condition in zend_runtime_jit(), zend_jit_hot_func()). Phar: Fix memory leak and invalid continuation after tar header writing fails. Fix memory leaks when creating temp file fails when applying zip signature. SimpleXML: Fixed bug GH-19988 (zend_string_init with NULL pointer in simplexml (UB)). Soap: Fixed bug GH-19784 (SoapServer memory leak). Fixed bug GH-20011 (Array of SoapVar of unknown type causes crash). Standard: Fixed bug GH-12265 (Cloning an object breaks serialization recursion). Fixed bug GH-19701 (Serialize/deserialize loses some data). Fixed bug GH-19801 (leaks in var_dump() and debug_zval_dump()). Fixed bug GH-20043 (array_unique assertion failure with RC1 array causing an exception on sort). Fixed bug GH-19926 (reset internal pointer earlier while splicing array while COW violation flag is still set). Fixed bug GH-19570 (unable to fseek in /dev/zero and /dev/null). Streams: Fixed bug GH-19248 (Use strerror_r instead of strerror in main). Fixed bug GH-17345 (Bug #35916 was not completely fixed). Fixed bug GH-19705 (segmentation when attempting to flush on non seekable stream. XMLReader: Fixed bug GH-20009 (XMLReader leak on RelaxNG schema failure). Zip: Fixed bug GH-19688 (Remove pattern overflow in zip addGlob()). Fixed bug GH-19932 (Memory leak in zip setEncryptionName()/setEncryptionIndex()). ==== python-Pygments ==== - Build tests with _multibuild to avoid cycles with pytest dependency. ==== python-certifi ==== Version update (2025.6.15 -> 2025.10.5) Subpackages: python311-certifi python313-certifi - Update to 2025.10.15 * Bump actions/download-artifact from 4.3.0 to 5.0.0 * Bump actions/checkout from 4.2.2 to 5.0.0 * Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.13.0 (#366) * Bump actions/setup-python from 5.6.0 to 6.0.0 (#367) * Add Python 3.14 classifier in setup.py - from version 2025.08.03 * No changes recorded - from version 2025.07.14 * No changes recorded - from version 2025.07.09 * No changes recorded ==== python-gobject ==== Version update (3.54.3 -> 3.54.5) Subpackages: python311-gobject python311-gobject-Gdk python311-gobject-cairo python313-gobject python313-gobject-Gdk python313-gobject-cairo - Update to version 3.54.5: + Backport: GLib 2.86/GioUnix compatibility ==== python-psutil ==== Version update (7.1.0 -> 7.1.1) Subpackages: python311-psutil python313-psutil - Exclude tests to mutibuild due to dependency cycle with python-xdist - Update to 7.1.1 * SunOS 10 is no longer supported. * Tests that needs UNIX sockets should be properly marked for skip - Run tests with pytest (recommended by upstream) ==== python-pyOpenSSL ==== Subpackages: python311-pyOpenSSL python313-pyOpenSSL - Skip test_client_receives_servers_data failing with openssl 3.6.0 and rewrite tests exclusion to be more atomic ==== python-setuptools ==== - Remove not needed update-alternatives BuildRequires ==== python313-setuptools ==== - Remove not needed update-alternatives BuildRequires ==== qt6-base ==== Subpackages: libQt6Concurrent6 libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6OpenGLWidgets6 libQt6PrintSupport6 libQt6Sql6 libQt6Test6 libQt6WaylandClient6 libQt6Widgets6 libQt6WlShellIntegration6 libQt6Xml6 qt6-network-tls qt6-networkinformation-glib qt6-networkinformation-nm qt6-platformtheme-gtk3 qt6-printsupport-cups qt6-sql-mysql qt6-sql-sqlite qt6-wayland - Fix slow scrolling on Wayland (bsc#1249117). - This patch relates to QTBUG-138706 and QTBUG-139231. - Add patch: * 0001-fix-slow-scrolling-on-wayland.patch ==== qt6-declarative ==== Subpackages: libQt6LabsAnimation6 libQt6LabsFolderListModel6 libQt6LabsPlatform6 libQt6LabsQmlModels6 libQt6LabsSettings6 libQt6LabsSharedImage6 libQt6LabsSynchronizer6 libQt6LabsWavefrontMesh6 libQt6Qml6 libQt6QmlCore6 libQt6QmlLocalStorage6 libQt6QmlMeta6 libQt6QmlModels6 libQt6QmlNetwork6 libQt6QmlWorkerScript6 libQt6QmlXmlListModel6 libQt6Quick6 libQt6QuickControls2-6 libQt6QuickControls2Impl6 libQt6QuickDialogs2-6 libQt6QuickDialogs2QuickImpl6 libQt6QuickDialogs2Utils6 libQt6QuickEffects6 libQt6QuickLayouts6 libQt6QuickParticles6 libQt6QuickShapes6 libQt6QuickTemplates2-6 libQt6QuickTest6 libQt6QuickVectorImage6 libQt6QuickWidgets6 qt6-declarative-imports - Add upstream change (kde#509804) * 0001-QmlCompiler-Fix-write-access-to-QVariantMap.patch ==== raspberrypi-firmware-dt ==== - Adjust RPi5 overlays 0001-dts-overlays-Adjust-them-for-RPi5.patch * Add 64 bit size CMA overlay Compared to older devices RPi5 uses #size-cells=<2>. Create new overlay and add it to overlay_map so it could automagicaly loaded by the firmware. * Add map for enabling Bluetooth on RPi5 Bluetooth on RPi5 do not need to be enabled, but because we unconditionally enable-bt for all devices create similar overlay for RPi5 and add it to overlay_map. * Add map for upstream overlay on RPi5 Create empty upstream overlay to silence firmware warnings. ==== selinux-policy ==== Version update (20251016 -> 20251021) Subpackages: selinux-policy-targeted - Update to version 20251021: * Allow snapper sdbootutil plugin read emmc devices (bsc#1231354) * Allow pcrlock to delete pid entries * Allow systemd_pcrlock_t to manage its pid files * Mark snapper_sdbootutil_plugin_t as permissive * Drop unnamed filetrans, should be done upstream (bsc#1241964) * Label pcrlock pid file correctly (bsc#1241964) * Allow snapper sdbootutil plugin send msg to system bus (bsc#1241964) * snapper takes output from stdout/err, allow pcrlock to write * Add tpm2_getcap permissions to snapper sdbootutil (bsc#1244573) * Allow snapper sdbootutil plugin to read snapper data and conf * Allow snapper sdbootutil plugin to grep /proc/stat (bsc#1241964) * Replace snapper tmp file access for pcrlock (bsc#1241964) * Allow snapper sdbootutil read kernel module dirs (bsc#1241964) * Allow snapper sdbootutil plugin use bootctl (bsc#1241964) * Allow snapper sdbootutil plugin to list and read sysfs (bsc#1241964) * Allow snapper sdbootutil sys_admin (bsc#1241964) * Allow snapper sdbootutils plugin to findmnt (bsc#1241964) * Allow snapper sdbootutil plugin rw tpm (bsc#1233358) * Move manage dos permissions and dontaudit execmem to snapper sdbootutils plugin (bsc#1241964) * Move snapper domtrans to sdbootutil to plugin (bsc#1241964) * Revert snapper access to keys, move to sdbootutils plugin policy (bsc#1241964) * Add initial seperate policy for sdbootutil called by snapper (bsc#1233358) * Allow sort in snapper_grub_plugin_t read cpu.max (bsc#1252095) ==== snapshot ==== - Replace appstream-glib with AppStream BuildRequires and command called in check section, use the more modern tool. ==== sqlite3 ==== Subpackages: libsqlite3-0 sqlite3-tcl - bsc#1252217: Add a %license file. ==== suitesparse ==== Version update (7.10.3 -> 7.11.0) Subpackages: libamd3 libcamd3 libccolamd3 libcholmod5 libcolamd3 libsuitesparseconfig7 libumfpack6 - Update to 7.11.0 * LAGraph v1.2: many new experimental algorithms, LAGraph_Random in src/ * GraphBLAS v10.1.1: risc-V vectorization, GRAPHBLAS_VANILLA (optional; to disable GxB extensions), and workaround for gcc compiler bug on Power and s390x processors. ==== un-fonts ==== - Stop marking un-fonts as essential for the Korean locale (and thus essential enough to be on the openSUSE DVD) ==== unbound ==== Version update (1.24.0 -> 1.24.1) Subpackages: libunbound8 unbound-anchor - Add patch to fix build issue with swig 4.4.0 [unbound-swig-4.4.0-compat.patch] - Update to 1.24.1: Security Fixes: * Fix CVE-2025-11411 (possible domain hijacking attack) [bsc#1252525] ==== xfdesktop ==== Subpackages: xfdesktop-lang - Switch to using meson for building; this allows building this package even in the upcoming development release Xfce-4.21 - Refresh 0002-relax-libyaml-version.patch - Remove bcond_with git and related items - Ensure installed icon files land in _datadir/wallpapers/xfce, not in _datadir/backgrounds/xfce which is used by meson ==== yast2 ==== Version update (5.0.16 -> 5.0.17) Subpackages: yast2-logs - Checking for TPM version. TPM2 < 1.38 will not be supported (bsc#1250403). - 5.0.17 ==== yast2-trans ==== Version update (84.87.20251018.189b3dd61e -> 84.87.20251021.5e431d2e7b) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20251021.5e431d2e7b: * Translated using Weblate (Indonesian) * Translated using Weblate (Indonesian) * Added translation using Weblate (Indonesian)
