Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&version=Tumbleweed&build=20251127 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: Mesa-demo NetworkManager at-spi2-core (2.58.1 -> 2.58.2) baobab (49.0 -> 49.1) bash breeze6 enchant (2.8.12 -> 2.8.13) evolution (3.58.1 -> 3.58.2) evolution-data-server (3.58.1 -> 3.58.2) evolution-ews (3.58.1 -> 3.58.2) freerdp (3.17.2 -> 3.18.0) gdm (49.1 -> 49.2) glibmm2 gnome-calculator (49.1.1 -> 49.2) gnome-control-center (49.1 -> 49.2.1) gnome-online-accounts (3.56.1 -> 3.56.2) gnome-session (49.1 -> 49.2) gnome-shell (49.1 -> 49.2) gnome-software (49.1 -> 49.2) gnome-user-share (48.1 -> 48.2) gnutls (3.8.10 -> 3.8.11) gpg2 (2.5.13 -> 2.5.14) grub2 gtk4 (4.20.2+11 -> 4.20.3) hplip inkscape inxi (3.3.39 -> 3.3.40) kernel-source (6.17.8 -> 6.17.9) less (676 -> 685) libadwaita (1.8.1 -> 1.8.2) libeconf (0.8.0 -> 0.8.1) libgpod libinput (1.29.2 -> 1.30.0) libplasma6 libproxy-backend (0.5.11 -> 0.5.12) libproxy-client (0.5.11 -> 0.5.12) libsoup libstorage-ng (4.5.278 -> 4.5.279) libwacom (2.16.1 -> 2.17.0) libwmf lightdm-gtk-greeter-settings mdadm (4.4+29.gf8bb524b -> 4.4+30.g9a59bf51) mugshot mutter (49.1.1 -> 49.2) nautilus (49.1 -> 49.2) ncurses (6.5.20251115 -> 6.5.20251123) nss-mdns openSUSE-release (20251121 -> 20251127) orca (49.4 -> 49.5) patterns-base pinentry pinentry-gui plasma6-desktop plasma6-workspace plymouth polkit-default-privs (1550+20251111.84b92d9 -> 1550+20251118.addc6cd) poppler poppler-qt6 postfix (3.10.4 -> 3.10.5) ppp python311 python311-core python313 python313-core qalculate (5.8.1 -> 5.8.2) qca-qt6 qt6-base (6.10.0 -> 6.10.1) qt6-declarative (6.10.0 -> 6.10.1) qt6-imageformats (6.10.0 -> 6.10.1) qt6-location (6.10.0 -> 6.10.1) qt6-multimedia (6.10.0 -> 6.10.1) qt6-networkauth (6.10.0 -> 6.10.1) qt6-positioning (6.10.0 -> 6.10.1) qt6-qt5compat (6.10.0 -> 6.10.1) qt6-quick3d (6.10.0 -> 6.10.1) qt6-quicktimeline (6.10.0 -> 6.10.1) qt6-sensors (6.10.0 -> 6.10.1) qt6-shadertools (6.10.0 -> 6.10.1) qt6-speech (6.10.0 -> 6.10.1) qt6-svg (6.10.0 -> 6.10.1) qt6-tools (6.10.0 -> 6.10.1) qt6-translations (6.10.0 -> 6.10.1) qt6-virtualkeyboard (6.10.0 -> 6.10.1) qt6-wayland (6.10.0 -> 6.10.1) qt6-webchannel (6.10.0 -> 6.10.1) qt6-webengine (6.10.0 -> 6.10.1) qt6-webview (6.10.0 -> 6.10.1) quadrapassel (49.1 -> 49.2.1) raspberrypi-firmware raspberrypi-firmware-config rsyslog sdbootutil (1+git20251119.0bee866 -> 1+git20251126.f7a46a1) snapper tigervnc unbound (1.24.1 -> 1.24.2) vte (0.82.1 -> 0.82.2) webkit2gtk3 (2.50.1 -> 2.50.2) webkit2gtk4 (2.50.1 -> 2.50.2) xfce4-docklike-plugin xfce4-terminal xorg-x11-server (21.1.15 -> 21.1.21) xscreensaver yast2-packager (5.0.8 -> 5.0.9) yast2-trans (84.87.20251109.16a31a6851 -> 84.87.20251120.56464525cf) === Details === ==== Mesa-demo ==== Subpackages: Mesa-demo-egl Mesa-demo-x - Add pkgconfig(libdecor-0), pkgconfig(wayland-client), pkgconfig(wayland-egl), pkgconfig(wayland-protocols) and pkgconfig(wayland-scanner) BuildRequires and pass wayland=enabled to meson setup, build wayland support. ==== NetworkManager ==== Subpackages: NetworkManager-bluetooth NetworkManager-tui NetworkManager-wwan libnm0 typelib-1_0-NM-1_0 - Add patch 2312.patch to fix upstream issue https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/1814, already fixed upstream for the next release via https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2312 ==== at-spi2-core ==== Version update (2.58.1 -> 2.58.2) Subpackages: libatk-1_0-0 libatk-bridge-2_0-0 libatspi0 typelib-1_0-Atk-1_0 typelib-1_0-Atspi-2_0 - Update to version 2.58.2: + python: Speed up __eq__ and __ne__ + collection-adaptor: Correct 'child' reference handling (fixes crashes with evolution and orca). + Fix several memory leaks. ==== baobab ==== Version update (49.0 -> 49.1) - Update to version 49.1: + Bugs fixed: - Right-click menu actions (such as "Move to trash" or "Copy Path") applied to the wrong row when mouse cursor moved around or below the contextual menu - Segfault when mounting android device - Context menu action applied to wrong item (always) + Updated translations. ==== bash ==== Subpackages: bash-loadables bash-sh - Cherry pick from commit 01070d43248fb97f3b2a08d780ae5a392573ce34 two fixes: * boo1254087.patch -- fix for short reads by `source' builtin (boo#1254087) * risc-v.patch -- fix for crash on RISC-V machines ==== breeze6 ==== Subpackages: breeze6-cursors breeze6-decoration breeze6-style - Add patches to fix menus having too much padding: * 0001-Menu-Set-ItemSpacing-to-2.patch * 0002-Menu-Reduce-margins-to-better-match-QQC2-style.patch ==== enchant ==== Version update (2.8.12 -> 2.8.13) Subpackages: enchant-2-backend-hunspell enchant-data libenchant-2-2 - Update to version 2.8.13: + This release fixes a bug in the word division algorithm of enchant(1) introduced in 2.8.4, which itself was attempting to fix bugs introduced in the previous release. This could have caused a crash, but it seems we were saved by careful bounds checking in GLib. Instead, it merely meant that characters not valid at the end of a word were not removed as they should be before spell-checking. Note that this bug only affected users of the enchant(1) program, for example Emacs users using it via Emacsâs âispellâ command. Users using libenchant (i.e. most users) were not affected. ==== evolution ==== Version update (3.58.1 -> 3.58.2) Subpackages: evolution-plugin-spamassassin - Update to version 3.58.2: + Bug Fixes: - mail-vfolder: Correct and speed up setup and update of search folders - Crash when copying multiple lines from âMarkdown as HTMLâ composer + Miscellaneous: shell: Fix a crash on start when app initialization fails + Updated translations. ==== evolution-data-server ==== Version update (3.58.1 -> 3.58.2) Subpackages: libcamel-1_2-66 libebackend-1_2-11 libebook-1_2-21 libebook-contacts-1_2-4 libecal-2_0-3 libedata-book-1_2-27 libedata-cal-2_0-2 libedataserver-1_2-27 libedataserverui-1_2-4 - Update to version 3.58.2: + Bug Fixes: - Camel: Message info changes do not propagate sometimes - CamelSearchFolder: Add "not_all" "match-threads" kind - Crash when reading broken multipart/signed - Calendar: Free/busy not exported without set calendar mail - alarm-notify: Snooze "until X minutes before start" wrongly reminds "X min after start" + Miscellaneous: - Camel: Unread count for virtual Trash/Junk folder not updated properly - CamelStoreSearch: Ignore all errors when a message cannot be opened - CamelStore: Speed up open folders with virtual Trash or Junk folder + Updated translations. ==== evolution-ews ==== Version update (3.58.1 -> 3.58.2) - Update to version 3.58.2: + Bug Fixes: Free/Busy calendar limited by server + Miscellaneous: EWS: Try to extract error information from "Internal Server Error" response + Updated translations. ==== freerdp ==== Version update (3.17.2 -> 3.18.0) Subpackages: libfreerdp3-3 librdtk0-0 libwinpr3-3 - Update to version 3.18.0: + Fix a regression reading passwords from stdin + Fix a timer regression (µs instead of ms) + Improved multitouch support + Fix a bug with PLANAR codec (used with /bpp:32 or sometimes with /gfx) + Better error handling for ARM transport (Entra) + Fix audio encoder lag (microphone/AAC) with FFMPEG + Support for janssen JSON library - Drop 11876.patch: fixed upstream ==== gdm ==== Version update (49.1 -> 49.2) Subpackages: gdm-schema gdm-systemd gdm-xdm-integration gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0 - Update to version 49.2: + Fixed bug that prevented X11 fallback whenever autologin fails + Updated translations. - Drop /usr/bin/dbus-run-session (Build)Requires: no longer needed since version 49.0. ==== glibmm2 ==== Subpackages: libgiomm-2_68-1 libglibmm-2_68-1 - Set executable bits on two perl scripts/modules, and also add global excludes, so we do not export private Perl modules. ==== gnome-calculator ==== Version update (49.1.1 -> 49.2) Subpackages: gnome-shell-search-provider-gnome-calculator - Update to version 49.2: + Make history clickable again + Updated translations. ==== gnome-control-center ==== Version update (49.1 -> 49.2.1) Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-user-faces gnome-control-center-users - Update to version 49.2.1: + Fix libgxdp induced crash of g-c-c-global-shortcuts-provider - Update libgxdp subproject. - Update to version 49.2: + Applications: Fix "Type" being character wrapped in certain locales + Color: - Fix calibration not working - Fix issues when running the calibration multiple times - Fix restarting after calibration + Date and Time: Fix enabling AM/PM mode only when used for times + Keyboard: - Fix translation of keyboard modifier entries - Handle new activities overview shortcut (Super instead of Super_L) + Network: Don't show hyphen in long WiFi passwords in QR code dialog + Users: Ensure info button widget type + Updated translations. ==== gnome-online-accounts ==== Version update (3.56.1 -> 3.56.2) Subpackages: libgoa-1_0-0 libgoa-backend-1_0-2 - Update to version 3.56.2: + Updated translations. ==== gnome-session ==== Version update (49.1 -> 49.2) - Update to version 49.2: + Fixed bug with offline updates that prevented gnome-shell from converting a shutdown into a reboot + Updated translations. - Update to version 49.1+11: + manager: Allow gnome-shell to change logout type. + Updated translations. - Drop custom startup script and xsession file (gnome and gnome.desktop), no longer needed nor wanted. ==== gnome-shell ==== Version update (49.1 -> 49.2) Subpackages: gnome-extensions gnome-shell-calendar - Update to version 49.2: + Fix lock screen notification setting for MPRIS clients without DesktopEntry + Fix wrong network icon on connectivity loss + Sort session list on login screen by display name + Add extended OSK layouts for German and Austrian + Fix leaving VPN auth helper zombie processes + Fix freeze on modifier-only layout switch shortcut + Show OSD for any attempted brightness change + Use slider as bias when auto brightness is being used + Fix glitch in list search results + Fix swipe gestures behaving erroneously in RTL locales + Fix misplaced separator in dash after unpinning running app + Fixed crash + Misc. bug fixes and cleanups + Updated translations. ==== gnome-software ==== Version update (49.1 -> 49.2) Subpackages: gnome-software-plugin-packagekit - Update to version 49.2: + Fixed version history sometimes not showing for flatpak apps + Updated translations. ==== gnome-user-share ==== Version update (48.1 -> 48.2) - Update to version 48.2: + Fixed a bug where the config folder is inaccessible on new installations ==== gnutls ==== Version update (3.8.10 -> 3.8.11) Subpackages: libgnutls-dane0 libgnutls30 - Reduce the number of patches: * Merge gnutls-FIPS-jitterentropy-deinit-threads.patch into the main jitterentropy patch gnutls-FIPS-jitterentropy.patch * Merge the soname gnutls-fips-sonames-check.patch and V3 gnutls-FIPS-HMAC-x86_64-v3-opt.patch patches together into gnutls-FIPS-HMAC-nettle-hogweed-gmp.patch * Remove gnutls-set-cligen-python-interp.patch with a sed command. - Enable back the failing tests that have been fixed upstream: * Remove patches: - gnutls-disable-flaky-test-dtls-resume.patch - gnutls-srp-test-SIGPIPE.patch - gnutls-skip-pqx-test.patch - gnutls-3.8.10-disable-ktls_test.patch - Update to 3.8.11: * libgnutls: Fix stack overwrite in gnutls_pkcs11_token_init Reported by Luigino Camastra from Aisle Research. [GNUTLS-SA-2025-11-18, CVSS: low] [bsc#1254132, CVE-2025-9820] * libgnutls: MAC algorithms for PSK binders is now configurable The previous implementation assumed HMAC-SHA256 to calculate the PSK binders. With the new gnutls_psk_allocate_client_credentials2() and gnutls_psk_allocate_server_credentials2() functions, the application can use other MAC algorithms such as HMAC-SHA384. * libgnutls: Expose a new function to provide the maximum record send size A new function gnutls_record_get_max_send_size() has been added to determine the maximum size of a TLS record to be sent to the peer. * libgnutls: Expose a new function to update keys without sending a KeyUpdate to the peer. A new function gnutls_handshake_update_receiving_key() has been added to allow updating the local receiving key without sending any KeyUpdate messages. * libgnutls: PKCS#11 cryptographic provider configuration takes a token URI instead of a module path. To allow using a PKCS#11 module exposing multiple tokens, the "path" configuration keyword was replaced with the "url" keyword. * libgnutls: Support crypto-auditing probe points crypto-auditing is a project to monitor which cryptographic operations are taking place in the library at run time, through eBPF. This adds necessary probe points for that, in public key cryptography and the TLS use-case. To enable this, run configure with --enable-crypto-auditing. * build: The minimum version of Nettle has been updated to 3.10 Given Nettle 3.10 is ABI compatible with 3.6 and includes several security relevant fixes, the library's minimum requirement of Nettle is updated to 3.10. * build: The default priority file path is now constructed from sysconfdir Previously, the location of the default priority file was hard-coded to be /etc/gnutls/config. Now it takes into account of the --sysconfdir option given to the configure script. * API and ABI modifications: (New functions) - gnutls_psk_allocate_client_credentials2 - gnutls_psk_allocate_server_credentials2 - gnutls_record_get_max_send_size - gnutls_handshake_update_receiving_key - gnutls_audit_push_context - gnutls_audit_pop_context - gnutls_audit_current_context * Rebased patches: - gnutls-FIPS-140-3-references.patch - gnutls-FIPS-TLS_KDF_selftest.patch - gnutls-skip-pqx-test.patch ==== gpg2 ==== Version update (2.5.13 -> 2.5.14) Subpackages: dirmngr - Update to 2.5.14: * gpg: Fix possible memory corruption in the armor parser. [T7906] * gpgsm: Fix output of card serial number in colon listing. [T7914] * agent:ssh: Fix RSA signature handling for newer spec. [T7882] * gpg: Improve/relax the checking of preference options. [rG6570700fdd] * gpg: Fix the check for the END armor line. [rG62b8bf2f39] * gpg: Do not present a default when asking for another output filename. [T7908] * gpg: Include ADSK keys in key listings specified by fingerprints. [T7892] * agent: Fix a decryption failures if the pinentry dialog for the first tried recipient is canceled. Regression since 2.5.7. [T7893, T7649] * keyboxd: Fix schema of the fingerprint table. [T7892] * dirmngr: Fix OCSP next-update check. [rG9ef87bcdb0] * gpg: New "pfc" record in colons key listings. [T7897] * gpg: Allow import and export of Kyber secret keys. [T7315] * gpg: Escape characters with the high bit set in NOTATION status lines. [T7896] * gpg: New import option "force-update". [T7892,rGf6237ccd31] * agent: Accept a trustlist with a missing LF at the end. [rG1b4ac98de7] * agent: Support protection for Kyber keys. [T6638,rGaea62817f3] * scd:nks: Make newer TCOS signature cards work. [rG17596e830f] * Release-info: https://dev.gnupg.org/T7869 * Rebase gnupg-revert-rfc4880bis.patch ==== grub2 ==== Subpackages: grub2-arm64-efi grub2-arm64-efi-bls grub2-common grub2-snapper-plugin grub2-systemd-sleep-plugin - Rename sysfb patch file to match purpose * grub2-simplefb.patch * grub2-sysfb.patch - Set 'gfxpayload=keep' for DRM sysfb drivers (bsc#1253721) * grub2-sysfb.patch ==== gtk4 ==== Version update (4.20.2+11 -> 4.20.3) Subpackages: gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0 - Update to version 4.20.3: + Bugs fixed: - Change in scrolling behavior - Unaligned access in gdk/gdkmemoryformat.c causes testsuite crashes on SPARC - Shaper: Cannot parse SVG - svg not scaled with display scale since switch to librsvg - GTK 4.18: Default GdkDisplay gets unreferenced when offscreen rendering via secondary display, causing crash - Feature: Add Win32 impl for gtk_file_launcher_open_containing_folder() - Vulkan: Validation: vkQueuePresentKHR(): PRESENT_AFTER_WRITE hazard detected - ModelButton: Increasingly long hang when switching AdwMultiLayoutView + Changes: - vulkan: Disable YCbCr to RGB conversions for fallback formats - Backport non-smooth scrolling fixes to 4.20 - vulkan: Fix YUYV values when uploading images - Fix touch dropdown selection - emoji: Update data to CLDR 48 + Updated translations. ==== hplip ==== Subpackages: hplip-base hplip-common hplip-cups hplip-driver-hpcups hplip-sane libhplip0 - Remove unused BuildRequires: update-desktop-files. ==== inkscape ==== Subpackages: inkscape-extensions-extra inkscape-extensions-gimp - Remove unused BuildRequires: update-desktop-files. ==== inxi ==== Version update (3.3.39 -> 3.3.40) - Update to version 3.3.40: * This is a quick release to get the bug fix out for <https://codeberg.org/smxi/inxi/issues/347>. * Refactor and updated of the Battery item. * This release is highlighted by a long overdue rewrite of the - b, -e, and -v[x] man page and help options. * Renamed to inxi.metainfo.xml * Changed id to org.smxi.inxi * Added inxi.metadata.xml. Your welcome. * Phase 2 of the big CPU upgrade a few years back is now done. * Added more Wayland wm/de updates: wm, tools, lockers, etc. - Setup service file for manual run. ==== kernel-source ==== Version update (6.17.8 -> 6.17.9) Subpackages: kernel-64kb kernel-default - kernel-binary: Support building gendwarfksyms on SLE/Leap 15 - commit 940a186 - Linux 6.17.9 (bsc#1012628). - iommufd/selftest: Fix ioctl return value in _test_cmd_trigger_vevents() (bsc#1012628). - drm/mediatek: Add pm_runtime support for GCE power control (bsc#1012628). - drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD (bsc#1012628). - drm/i915: Fix conversion between clock ticks and nanoseconds (bsc#1012628). - drm/amdgpu: set default gfx reset masks for gfx6-8 (bsc#1012628). - drm/amd/display: Don't stretch non-native images by default in eDP (bsc#1012628). - smb: client: fix refcount leak in smb2_set_path_attr (bsc#1012628). - iommufd: Make vfio_compat's unmap succeed if the range is already empty (bsc#1012628). - futex: Optimize per-cpu reference counting (bsc#1012628). - drm/amd: Fix suspend failure with secure display TA (bsc#1012628). - drm/xe/guc: Synchronize Dead CT worker with unbind (bsc#1012628). - drm/xe: Move declarations under conditional branch (bsc#1012628). - drm/xe: Do clean shutdown also when using flr (bsc#1012628). - drm/amd/display: Add pixel_clock to amd_pp_display_configuration (bsc#1012628). - drm/amd/pm: Use pm_display_cfg in legacy DPM (v2) (bsc#1012628). - drm/amd/display: Disable fastboot on DCE 6 too (bsc#1012628). - drm/amd/pm: Disable MCLK switching on SI at high pixel clocks (bsc#1012628). - drm/amd: Disable ASPM on SI (bsc#1012628). - arm64: kprobes: check the return value of set_memory_rox() (bsc#1012628). - compiler_types: Move unused static inline functions warning to W=2 (bsc#1012628). - riscv: Build loader.bin exclusively for Canaan K210 (bsc#1012628). - RISC-V: clear hot-unplugged cores from all task mm_cpumasks to avoid rfence errors (bsc#1012628). - riscv: acpi: avoid errors caused by probing DT devices when ACPI is used (bsc#1012628). - ASoC: nau8821: Avoid unnecessary blocking in IRQ handler (bsc#1012628). - drm/amdgpu: remove two invalid BUG_ON()s (bsc#1012628). - drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM (bsc#1012628). - drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices (bsc#1012628). - NFS4: Fix state renewals missing after boot (bsc#1012628). - drm/amdkfd: fix suspend/resume all calls in mes based eviction path (bsc#1012628). - NFS4: Apply delay_retrans to async operations (bsc#1012628). - HID: intel-thc-hid: intel-quickspi: Add ARL PCI Device Id's (bsc#1012628). - HID: quirks: avoid Cooler Master MM712 dongle wakeup bug (bsc#1012628). - ixgbe: handle IXGBE_VF_GET_PF_LINK_STATE mailbox operation (bsc#1012628). - HID: nintendo: Wait longer for initial probe (bsc#1012628). - NFS: check if suid/sgid was cleared after a write as needed (bsc#1012628). - HID: quirks: Add ALWAYS_POLL quirk for VRS R295 steering wheel (bsc#1012628). - exfat: fix improper check of dentry.stream.valid_size (bsc#1012628). - io_uring: fix unexpected placement on same size resizing (bsc#1012628). - smb/server: fix possible memory leak in smb2_read() (bsc#1012628). - smb/server: fix possible refcount leak in smb2_sess_setup() (bsc#1012628). - HID: logitech-hidpp: Add HIDPP_QUIRK_RESET_HI_RES_SCROLL (bsc#1012628). - ASoC: max98090/91: fixed max98091 ALSA widget powering up/down (bsc#1012628). - ALSA: hda/realtek: Fix mute led for HP Omen 17-cb0xxx (bsc#1012628). - ixgbe: handle IXGBE_VF_FEATURES_NEGOTIATE mbox cmd (bsc#1012628). - wifi: ath11k: zero init info->status in wmi_process_mgmt_tx_comp() (bsc#1012628). - erofs: avoid infinite loop due to incomplete zstd-compressed data (bsc#1012628). - selftests: net: local_termination: Wait for interfaces to come up (bsc#1012628). - net: fec: correct rx_bytes statistic for the case SHIFT16 is set (bsc#1012628). - net: phy: micrel: Introduce lanphy_modify_page_reg (bsc#1012628). - net: phy: micrel: Replace hardcoded pages with defines (bsc#1012628). - net: phy: micrel: lan8814 fix reset of the QSGMII interface (bsc#1012628). - rust: Add -fno-isolate-erroneous-paths-dereference to bindgen_skip_c_flags (bsc#1012628). - NFSD: Skip close replay processing if XDR encoding fails ... changelog too long, skipping 356 lines ... - commit 5d803de ==== less ==== Version update (676 -> 685) - update to 685: * Add LESS_TERMCAP_SUSPEND and LESS_TERMCAP_RESUME (github [#654]). * Change --incsearch so that after typing each character of the pattern, the search begins at the position where the search command was invoked, not the current position (github #640). * Allow mixing of option arguments and filename arguments on the command line unless POSIXLY_CORRECT is set (github #653). * Don't output U+00AD and U+200D, and fix some bugs handling emoji modifier characters (github #637). * Fix hang if a search using ^S modifier matches empty string * Fix bug using -g and -J (github #636). * Fix bug when pasting a search pattern while --incsearch is active (github #635). * Fix bug in Windows build when autorepeating a search pattern * Fix lesskey bug using #stop directive. * Fix lesskey bug using "invalid" action (github #643). * Fix bug causing file to appear to end prematurely if an input command was received during a file read (github #649). * Fix performance issue in & filtering (github #638). * Fix some problems reported by valgrind (github #659, github [#660], github #661). * Fix bad parsing of lesskey file an env var is a prefix of another env var (github #626). * Fix unexpected exit using -K if a key press is received while reading the input file (github #628). ==== libadwaita ==== Version update (1.8.1 -> 1.8.2) Subpackages: libadwaita-1-0 typelib-1_0-Adw-1 - Update to version 1.8.2: + Build: Fix gen-public-types.py encoding + AdwActionRow: Fix subtitle comparison + AdwComboRow: - Revert touchscreen fix from 1.8.1, since it's been fixed in GTK - Update selection when the expression changes + AdwHeaderBar: Report back button context menu to screen reader + AdwPreferencesDialog: Allow to go from the first search result to header bar by pressing up + AdwPreferencesGroup: Fix title and description getters + AdwPreferencesPage: - Fix description getter - Warn when trying to add incompatible children + AdwShortcutLabel: - Make accessible - Flip arrows for RTL - Add focused styles + AdwShortcutsDialog: Allow to go from the first search result to header bar by pressing up + AdwTabBar/AdwTabOverview: Report context menu to screen reader + Updated translations. ==== libeconf ==== Version update (0.8.0 -> 0.8.1) - Update to version 0.8.1: * Set default parameter in econf_get<type>ValueDef to "const" ==== libgpod ==== Subpackages: libgpod-tools libgpod4 - Remove unused BuildRequires: update-desktop-files. ==== libinput ==== Version update (1.29.2 -> 1.30.0) Subpackages: libinput-udev libinput10 - Update to release 1.30 * touchpad: allow disabling the touchpad jumping cursor detection, touchpad hysteresis, and palm dectection as a whole. * Add quirks for Microsoft Surface Keyboard BTN_0, TongFang GX4 (X4SP4NAL) touchpad, the RazerBlade162025 keyboard, HP OmniBook Ultra Flip Laptop 14-fh0xxx, GPD MicroPC 2 touchpad, ROG Flow Z13 2025 (GZ302EA) keyboard, Nulea M501 thumb trackball, Dell laptops, Google Chromebook Roric/Rull, MX Master 4. ==== libplasma6 ==== Subpackages: libPlasma6 libplasma6-components libplasma6-desktoptheme - Pass '-DQT_QML_NO_CACHEGEN:BOOL=TRUE' to CMake to make builds reproducible (related: boo#1248369) ==== libproxy-backend ==== Version update (0.5.11 -> 0.5.12) - Update to version 0.5.12: + Add static library generation + CI: Remove js / ts check + xdp: Fix missing dispose chain up + xdp: Reduce bus access error log level to debug ==== libproxy-client ==== Version update (0.5.11 -> 0.5.12) - Update to version 0.5.12: + Add static library generation + CI: Remove js / ts check + xdp: Fix missing dispose chain up + xdp: Reduce bus access error log level to debug ==== libsoup ==== Subpackages: libsoup-3_0-0 typelib-1_0-Soup-3_0 - Add libsoup-CVE-2025-12105.patch: fix use after free caused by 'finishing' queue item twice (bsc#1252555 CVE-2025-12105 glgo#GNOME/libsoup!481). - Add i586 to the list of architectures where we re-run tests; hsts-db-test is timing out there as well. ==== libstorage-ng ==== Version update (4.5.278 -> 4.5.279) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#1042 - added bcachefs to used features names - added testcase - fixed comment - 4.5.279 ==== libwacom ==== Version update (2.16.1 -> 2.17.0) Subpackages: libwacom-data libwacom9 - Update to version 2.17.0 * Dell Inspiron 14 7445 2-in-1. * Wacom One 14. * Huion Kamvas 13 (Gen 3), Kamvas 16 (Gen 3). * Waltop Batteryless Tablet. * XP-Pen Deco Pro LW (Gen 2). * Wacom styli IDs updated and aliased in preparation for upcoming kernel changes. ==== libwmf ==== - Remove unused BuildRequires: update-desktop-files. ==== lightdm-gtk-greeter-settings ==== Subpackages: lightdm-gtk-greeter-settings-lang - Remove unused BuildRequires: update-desktop-files. - Explicitly add desktop-file-utils to BuildRequires. ==== mdadm ==== Version update (4.4+29.gf8bb524b -> 4.4+30.g9a59bf51) - Update to version 4.4+30.g9a59bf51: * mdcheck: work around bash 5.3 bug (bsc#1254087) ==== mugshot ==== - Remove unused BuildRequires: update-desktop-files. ==== mutter ==== Version update (49.1.1 -> 49.2) - Update to version 49.2: + Fix delay in applying KMS property changes + Handle ignored modifiers when grabbing keys and buttons on X11 + Improve tiled monitor handling + Improve sticky keys handling + Fix global shortcut keys getting stuck in Xwayland windows + Fixed crashes + Misc. bug fixes and cleanups + Updated translations. - Update to version 49.1.1+14: * x11: Handle ignored modifiers when grabbing keys and buttons * kms-connector: Only trigger a connector update on disconnect timeout * backends/native/kms-connector: - Do not assume !connected == disconnected - Notify disconnect events after a timeout - Initialize the connection as disconnected * kms: Add debug logging in on_udev_hotplug & hotplug_timeout * backends/native/kms: Use a more generic name for resource update function * Updated translations. ==== nautilus ==== Version update (49.1 -> 49.2) Subpackages: gnome-shell-search-provider-nautilus libnautilus-extension4 - Update to version 49.2: + Bugfixes: - Fix handling of unset XDG directories - Reduce memory usage of thumbnails by correct scaling - Fix potential rescaling of item when switching to cut icon - Fix crash on empty file lists in drops - Correct sorting of loopback devices - Don't skip the first file from operation progress monitoring + Updated translations. ==== ncurses ==== Version update (6.5.20251115 -> 6.5.20251123) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20251123 + revert change using NCURSES_SBOOL in tic.h which interfered with sign-extension in tigetflag (Debian #1121191, cf: 20251101). - Add ncurses patch 20251122 + in-progress work to merge MinGW/Windows port. + correct expression for TINFO_LIB variable in misc/ncurses-config.in (Debian #1121208, cf: 20251004). ==== nss-mdns ==== - Using nsswitch-config for setting nsswitch.conf (jsc#PED-13807) ==== openSUSE-release ==== Version update (20251121 -> 20251127) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== orca ==== Version update (49.4 -> 49.5) - Update to version 49.2: + Web: - Fix double prsentation of lines with new line characters. - Fix several chattiness issues. + General: - Treat space as a printable character during password input. - Don't say "grayed" in editable table cells regardless of state. - Fall back on descendants when presenting editable table cell content. + Updated translations. ==== patterns-base ==== Subpackages: patterns-base-apparmor patterns-base-base patterns-base-basesystem patterns-base-basic_desktop patterns-base-console patterns-base-enhanced_base patterns-base-minimal_base patterns-base-selinux patterns-base-sw_management patterns-base-x11 patterns-base-x11_enhanced - remove yast2-logs from transactional base - rename the systemd-presets-branding to -SLE_transactional - Drop biosdevname, this is being replaced by systemd predictable network interface naming (jsc#PED-262). ==== pinentry ==== - Remove unused BuildRequires: update-desktop-files. ==== pinentry-gui ==== Subpackages: pinentry-gnome3 pinentry-gtk2 pinentry-qt6 - Remove unused BuildRequires: update-desktop-files. ==== plasma6-desktop ==== Subpackages: plasma6-desktop-emojier - Remove unused BuildRequires: update-desktop-files. ==== plasma6-workspace ==== Subpackages: plasma6-session plasma6-session-x11 plasma6-workspace-libs sddm-qt6-branding-openSUSE - Remove unused BuildRequires: update-desktop-files. ==== plymouth ==== Subpackages: libply-splash-core5 libply-splash-graphics5 libply5 plymouth-dracut plymouth-lang plymouth-plugin-label plymouth-plugin-two-step plymouth-scripts plymouth-theme-bgrt plymouth-theme-spinner - Remove unused BuildRequires: update-desktop-files. ==== polkit-default-privs ==== Version update (1550+20251111.84b92d9 -> 1550+20251118.addc6cd) - Update to version 1550+20251118.addc6cd: * profiles: add snapd (bsc#1248682) * profiles: add lightdm-kde-greeter (bsc#1249146) - Update to version 1550+20251114.b0f300e: * profiles: system v258 mountfsd and nsresourced actions (bsc#1247556) ==== poppler ==== Subpackages: libpoppler-cpp2 libpoppler-glib8 libpoppler153 poppler-tools - Remove unused BuildRequires: update-desktop-files. ==== poppler-qt6 ==== - Remove unused BuildRequires: update-desktop-files. ==== postfix ==== Version update (3.10.4 -> 3.10.5) - update to 3.10.5 * Workaround for an interface mis-match between the Postfix SMTP client and MTA-STS policy plugins. * The existing behavior is to connect to any MX host listed in DNS, and to match the server certificate against any STS policy MX host pattern. * The corrected behavior is to connect to an MX host only if its name matches any STS policy MX host pattern, and to match the server certificate against the MX hostname. The corrected behavior must be enabled in two places: in Postfix with a new parameter "smtp_tls_enforce_sts_mx_patterns" (default: "yes") and in an MTA-STS plugin by enabling TLSRPT support, so that the plugin forwards STS policy attributes to Postfix. This works even if Postfix TLSRPT support is disabled at build time or at runtime. * TLSRPT Workaround: when a TLSRPT policy-type value is "no-policy-found", pretend that the TLSRPT policy domain value is equal to the recipient domain. This ignores that different policy types (TLSA, STS) use different policy domains. But this is what Microsoft does, and therefore, what other tools expect. * Bugfix (defect introduced: Postfix 3.0): the Postfix SMTP client's connection reuse logic did not distinguish between sessions that require SMTPUTF8 support, and sessions that do not. The solution is 1) to store sessions with different SMTPUTF8 requirements under distinct connection cache storage keys, and 2) to not cache a connection when SMTPUTF8 is required but the server does not support that feature. * Bugfix (defect introduced: Postfix 3.0, date 20140731): the smtpd 'disconnect' command statistics did not count commands with "bad syntax" and "bad UTF-8 syntax" errors. * Bugfix: the August 2025 patch broke DBM library support which is still needed on Solaris; and the same change could result in warnings with "database X is older than source file Y". * Postfix 3.11 forward compatibility: to avoid ugly warnings when Postfix 3.11 is rolled back to an older version, allow a preliminary 'size' record in maildrop queue files created with Postfix 3.11 or later. * Bugfix (defect introduced: Postfix 3.8, date 20220128): non-reproducible build, because the 'postconf -e' output order for new main.cf entries was no longer deterministic. Problem reported by Oleksandr Natalenko, diagnosis by Eray Aslan. * To make builds predictable, add missing meta_directory and shlib_directory settings to the stock main.cf file. Problem diagnosed by Eray Aslan. * Bugfix (defect introduced: Postfix 3.9, date 20230517): posttls-finger(1) logged an incorrectly-formatted port number. Viktor Dukhovni. - rebase postfix-main.cf.patch - adapt rpmlint o dir-or-file-outside-snapshot ==== ppp ==== - boo#1253325: Fix the path of the generated resolv.conf file. - Use the systemd tmpfiles mechanism to create the /run/pppd/ dir. ==== python311 ==== Subpackages: python311-curses python311-dbm - Add CVE-2025-6075-expandvars-perf-degrad.patch avoid simple quadratic complexity vulnerabilities of os.path.expandvars() (CVE-2025-6075, bsc#1252974). - Readjusted patches: - CVE-2023-52425-libexpat-2.6.0-backport.patch - CVE-2023-52425-remove-reparse_deferral-tests.patch - fix_configure_rst.patch - skip_if_buildbot-extend.patch ==== python311-core ==== Subpackages: libpython3_11-1_0 python311-base - Add CVE-2025-6075-expandvars-perf-degrad.patch avoid simple quadratic complexity vulnerabilities of os.path.expandvars() (CVE-2025-6075, bsc#1252974). - Readjusted patches: - CVE-2023-52425-libexpat-2.6.0-backport.patch - CVE-2023-52425-remove-reparse_deferral-tests.patch - fix_configure_rst.patch - skip_if_buildbot-extend.patch ==== python313 ==== Subpackages: python313-curses python313-dbm python313-tk - Add pass-test_write_read_limited_history.patch: Fix readline history truncation when length is reduced The `readline.set_history_length()` function did not previously truncate the in-memory history when the new length was set to a value smaller than the current number of history items. This could lead to unexpected behavior where `get_history_length()` would still report the old length and writing the history to a file would write more entries than the new limit. This patch modifies `set_history_length()` to explicitly remove the oldest history entries using `remove_history()` when the length is decreased, ensuring the in-memory history is correctly truncated to the new limit. This brings the function's behavior in line with expectations and fixes failures in `test_write_read_limited_history`. ==== python313-core ==== Subpackages: libpython3_13-1_0 python313-base python313-devel - Add pass-test_write_read_limited_history.patch: Fix readline history truncation when length is reduced The `readline.set_history_length()` function did not previously truncate the in-memory history when the new length was set to a value smaller than the current number of history items. This could lead to unexpected behavior where `get_history_length()` would still report the old length and writing the history to a file would write more entries than the new limit. This patch modifies `set_history_length()` to explicitly remove the oldest history entries using `remove_history()` when the length is decreased, ensuring the in-memory history is correctly truncated to the new limit. This brings the function's behavior in line with expectations and fixes failures in `test_write_read_limited_history`. ==== qalculate ==== Version update (5.8.1 -> 5.8.2) Subpackages: libqalculate23 qalculate-data - Update to version 5.8.2 * New functions: reshape(), circshift(), replacePart(). * Functions mergevectors() and area() renamed to slice() and part(). * v[i, ...]=... syntax for assignment of part of matrix/vector variable. * Improve language handling for functions, units, and variables * Limit the range of supported arguments in bessely, besselj, binomial, and igamma functions (to avoid segfault and very slow unabortable calculations). * Do not try to calculate exact result with automatic approximation for expressions with iterative functions. * Fix compilation without Readline * Fix segfault with entrywise operation on column vector and an empty vector. * Fix handling of single quotation marks. * Fix use of options "ignore locale" and "language" in command line arguments. * Option to change the default currency. * Limit time used for dual calculation with time command line argument to same limit as without. * Fix use of options "ignore locale" and "language" in command line arguments. * Minor bug fixes and feature enhancements ==== qca-qt6 ==== Subpackages: libqca-qt6-2 qca-qt6-plugins - Remove unused BuildRequires: update-desktop-files. ==== qt6-base ==== Version update (6.10.0 -> 6.10.1) Subpackages: libQt6Concurrent6 libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6OpenGLWidgets6 libQt6PrintSupport6 libQt6Sql6 libQt6Test6 libQt6WaylandClient6 libQt6Widgets6 libQt6WlShellIntegration6 libQt6Xml6 qt6-network-tls qt6-networkinformation-glib qt6-networkinformation-nm qt6-platformtheme-gtk3 qt6-printsupport-cups qt6-sql-mysql qt6-sql-sqlite qt6-wayland - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released ==== qt6-declarative ==== Version update (6.10.0 -> 6.10.1) Subpackages: libQt6LabsAnimation6 libQt6LabsFolderListModel6 libQt6LabsPlatform6 libQt6LabsQmlModels6 libQt6LabsSettings6 libQt6LabsSharedImage6 libQt6LabsSynchronizer6 libQt6LabsWavefrontMesh6 libQt6Qml6 libQt6QmlCore6 libQt6QmlLocalStorage6 libQt6QmlMeta6 libQt6QmlModels6 libQt6QmlNetwork6 libQt6QmlWorkerScript6 libQt6QmlXmlListModel6 libQt6Quick6 libQt6QuickControls2-6 libQt6QuickControls2Impl6 libQt6QuickDialogs2-6 libQt6QuickDialogs2QuickImpl6 libQt6QuickDialogs2Utils6 libQt6QuickEffects6 libQt6QuickLayouts6 libQt6QuickParticles6 libQt6QuickShapes6 libQt6QuickTemplates2-6 libQt6QuickTest6 libQt6QuickVectorImage6 libQt6QuickWidgets6 qt6-declarative-imports - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released - Drop patch: * 0001-QmlCompiler-Fix-write-access-to-QVariantMap.patch ==== qt6-imageformats ==== Version update (6.10.0 -> 6.10.1) - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released ==== qt6-location ==== Version update (6.10.0 -> 6.10.1) Subpackages: libQt6Location6 - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released ==== qt6-multimedia ==== Version update (6.10.0 -> 6.10.1) Subpackages: libQt6Multimedia6 libQt6MultimediaQuick6 libQt6MultimediaWidgets6 libQt6Quick3DSpatialAudio6 libQt6SpatialAudio6 qt6-multimedia-imports - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released ==== qt6-networkauth ==== Version update (6.10.0 -> 6.10.1) - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released ==== qt6-positioning ==== Version update (6.10.0 -> 6.10.1) Subpackages: libQt6Positioning6 libQt6PositioningQuick6 qt6-positioning-imports - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released ==== qt6-qt5compat ==== Version update (6.10.0 -> 6.10.1) Subpackages: libQt6Core5Compat6 qt6-qt5compat-imports - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released ==== qt6-quick3d ==== Version update (6.10.0 -> 6.10.1) Subpackages: libQt6Quick3D6 libQt6Quick3DAssetImport6 libQt6Quick3DAssetUtils6 libQt6Quick3DEffects6 libQt6Quick3DHelpers6 libQt6Quick3DHelpersImpl6 libQt6Quick3DParticleEffects6 libQt6Quick3DParticles6 libQt6Quick3DRuntimeRender6 libQt6Quick3DUtils6 libQt6Quick3DXr6 qt6-quick3d-imports - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released ==== qt6-quicktimeline ==== Version update (6.10.0 -> 6.10.1) - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released ==== qt6-sensors ==== Version update (6.10.0 -> 6.10.1) Subpackages: libQt6Sensors6 - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released ==== qt6-shadertools ==== Version update (6.10.0 -> 6.10.1) - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released ==== qt6-speech ==== Version update (6.10.0 -> 6.10.1) Subpackages: libQt6TextToSpeech6 qt6-texttospeech - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released ==== qt6-svg ==== Version update (6.10.0 -> 6.10.1) Subpackages: libQt6Svg6 libQt6SvgWidgets6 - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released ==== qt6-tools ==== Version update (6.10.0 -> 6.10.1) Subpackages: libQt6Designer6 libQt6UiTools6 qt6-tools-qdbus - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released ==== qt6-translations ==== Version update (6.10.0 -> 6.10.1) - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released ==== qt6-virtualkeyboard ==== Version update (6.10.0 -> 6.10.1) Subpackages: libQt6HunspellInputMethod6 libQt6VirtualKeyboard6 libQt6VirtualKeyboardQml6 qt6-virtualkeyboard-imports - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released ==== qt6-wayland ==== Version update (6.10.0 -> 6.10.1) - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released ==== qt6-webchannel ==== Version update (6.10.0 -> 6.10.1) Subpackages: libQt6WebChannel6 libQt6WebChannelQuick6 qt6-webchannel-imports - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released ==== qt6-webengine ==== Version update (6.10.0 -> 6.10.1) Subpackages: libQt6WebEngineCore6 libQt6WebEngineQuick6 libQt6WebEngineWidgets6 qt6-webengine-imports - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released Based on Chromium version: 134.0.6998.208 Patched with security patches up to Chromium version: 142.0.7444.162 - Drop patches: * 0001-webrtc-IWYU-modules-video_capture.patch * 0002-webrtc-IWYU-modules-desktop_capture-and-modules-video_captu.patch ==== qt6-webview ==== Version update (6.10.0 -> 6.10.1) - Update to 6.10.1 https://www.qt.io/blog/qt-6.10.1-released ==== quadrapassel ==== Version update (49.1 -> 49.2.1) - Update to version 49.2.1: + Replaced the user help docs with a 'Game Rules' dialog - Update to version 49.2: + Made the 'P' key pause the game + Replaced the user help docs with a 'Rules' dialog + Stopped the menu button taking focus + Removed the libgee dependency & updated libgnome-games-support + Fixed a bug where the game's score would not be recorded when the app was quit + Added total rows and level information to scores + Updated translations. ==== raspberrypi-firmware ==== - Do not load "upstream" overlay anymore. Recent build fixes for overlay_map.dtb in raspberrypi-firmware-dt package (r127) exposed latent bug related to "upstream" overlay, which start to actually auto loaded for RPi4 devices. The issue is manifested as RPi4 devices unable to boot from USB media. Fixes boo#1253082 - Do not let firmware do multiplexing for default debug UART (enable_uart=0). It has its own connector. Fixes boo#1251192. ==== raspberrypi-firmware-config ==== - Do not load "upstream" overlay anymore. Recent build fixes for overlay_map.dtb in raspberrypi-firmware-dt package (r127) exposed latent bug related to "upstream" overlay, which start to actually auto loaded for RPi4 devices. The issue is manifested as RPi4 devices unable to boot from USB media. Fixes boo#1253082 ==== rsyslog ==== - Fix SELinux context of rsyslog run directory (bsc#1253261) ==== sdbootutil ==== Version update (1+git20251119.0bee866 -> 1+git20251126.f7a46a1) Subpackages: sdbootutil-dracut-measure-pcr sdbootutil-snapper - Update to version 1+git20251126.f7a46a1: * Improve error messages ==== snapper ==== Subpackages: libsnapper8 snapper-lang snapper-zypp-plugin - add CAP_MKNOD in snapper-backup.service (gh#openSUSE/snapper#1067) - handle DBus connection error in snapper-zypp-plugin - redesigned target snapshot detection in snbk (gh#openSUSE/snapper#1061) - support sending compressed data in snbk (gh#openSUSE/snapper#1059) ==== tigervnc ==== Subpackages: libXvnc1 tigervnc-selinux xorg-x11-Xvnc xorg-x11-Xvnc-module - Remove dbus-launch requires, dbus-launch is no longer used and incompatible with dbus-broker. - Update SELinux module dir as macro to allow root path move from /var/lib/selinux to /etc/selinux (bsc#1221342) ==== unbound ==== Version update (1.24.1 -> 1.24.2) Subpackages: libunbound8 unbound-anchor - Update to 1.24.2: Bug Fixes: * Additional fix for CVE-2025-11411 (possible domain hijacking attack), to include YXDOMAIN and non-referral nodata answers in the mitigation as well, reported by TaoFei Guo from Peking University, Yang Luo and JianJun Chen from Tsinghua University. ==== vte ==== Version update (0.82.1 -> 0.82.2) - Update to version 0.82.2: * vte: bail from pty_io_write()/io_write_cb() on error conditions * lib: Add missing nullable annotation * docs: Fix section name * build: - Add install tags to the vte application desktop files - Add option to not show the vte application's desktop file - Add option to not build the vte application - Skip test depending on gdk when building without gtk3 and gtk5 * widget: Fix scrollback-lines value for infinite scrollback ==== webkit2gtk3 ==== Version update (2.50.1 -> 2.50.2) Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Add webkit2gtk3-undefined-symbol.patch: fix a build failure. - Update to version 2.50.2 (bsc#1254165 bsc#1254166 bsc#1254167 bsc#1254168 bsc#1254169 bsc#1254170 bsc#1254171 bsc#1254172 bsc#1254174 bsc#1254176 bsc#1254177 bsc#1254179): + Prevent unsafe URI schemes from participating in media playback. + Make jsc_value_array_buffer_get_data() function introspectable. + Fix logging in to Google accounts that have a WebAuthn second factor configured. + Fix loading webkit://gpu when there are no threads configured for GPU rendering. + Fix rendering gradiants that use the CSS hue interpolation method. + Fix pasting image data from the clipboard. + Fix font-family selection when the font name contains spaces. + Fix the build with standard C libraries that lack execinfo.h, like Musl or uClibc. + Fix capturing canvas snapshots in the Web Inspector. + Fix several crashes and rendering issues. + Security fixes: CVE-2025-43392, CVE-2025-43425, CVE-2025-43427, CVE-2025-43429, CVE-2025-43430, CVE-2025-43431, CVE-2025-43432, CVE-2025-43434, CVE-2025-43440, CVE-2025-43443 ==== webkit2gtk4 ==== Version update (2.50.1 -> 2.50.2) Subpackages: libjavascriptcoregtk-6_0-1 libwebkitgtk-6_0-4 typelib-1_0-JavaScriptCore-6_0 typelib-1_0-WebKit-6_0 webkitgtk-6_0-injected-bundles - Add webkit2gtk3-undefined-symbol.patch: fix a build failure. - Update to version 2.50.2 (bsc#1254165 bsc#1254166 bsc#1254167 bsc#1254168 bsc#1254169 bsc#1254170 bsc#1254171 bsc#1254172 bsc#1254174 bsc#1254176 bsc#1254177 bsc#1254179): + Prevent unsafe URI schemes from participating in media playback. + Make jsc_value_array_buffer_get_data() function introspectable. + Fix logging in to Google accounts that have a WebAuthn second factor configured. + Fix loading webkit://gpu when there are no threads configured for GPU rendering. + Fix rendering gradiants that use the CSS hue interpolation method. + Fix pasting image data from the clipboard. + Fix font-family selection when the font name contains spaces. + Fix the build with standard C libraries that lack execinfo.h, like Musl or uClibc. + Fix capturing canvas snapshots in the Web Inspector. + Fix several crashes and rendering issues. + Security fixes: CVE-2025-43392, CVE-2025-43425, CVE-2025-43427, CVE-2025-43429, CVE-2025-43430, CVE-2025-43431, CVE-2025-43432, CVE-2025-43434, CVE-2025-43440, CVE-2025-43443 ==== xfce4-docklike-plugin ==== Subpackages: xfce4-docklike-plugin-lang - Remove unused BuildRequires: update-desktop-files. ==== xfce4-terminal ==== Subpackages: xfce4-terminal-lang - Remove unused BuildRequires: update-desktop-files. - Explicitly add desktop-file-utils to BuildRequires. ==== xorg-x11-server ==== Version update (21.1.15 -> 21.1.21) Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra - Update to version 21.1.21 * A bug fix release to address a number of regressions reported in the latest releases [1]. The changes being reverted here are part of a series of changes previously backported in the stable branch, yet these are not actual fixes to address bugs found in the stable branch, while those changes introduced regressions with reverse PRIME with the NVIDIA closed-source driver, issues with 10-bit output with the AMDGPU driver and reduced performance with the AMDGPU driver. [1] https://gitlab.freedesktop.org/xorg/xserver/-/issues/1848 - Changes * Revert "glamor: reject configs using unsupported rgbBits size" * Revert "glamor_egl: add support of GlxVendorLibrary option" * Revert "xorg: initialize glamor provider" * Revert "glamor: Lift the GLX EGL backend from Xwayland" * Revert "glamor: add glvnd_vendor private" - supersedes the following patches: * U_CVE-2022-49737-dix-Hold-input-lock-for-AttachDevice.patch * U_CVE-2025-26594-0001-Cursor-Refuse-to-free-the-root-cursor.patch * U_CVE-2025-26594-0002-dix-keep-a-ref-to-the-rootCursor.patch * U_CVE-2025-26595-0001-xkb-Fix-buffer-overflow-in-XkbVModMaskText.patch * U_CVE-2025-26596-0001-xkb-Fix-computation-of-XkbSizeKeySyms.patch * U_CVE-2025-26597-0001-xkb-Fix-buffer-overflow-in-XkbChangeTypesOfKey.patch * U_CVE-2025-26598-0001-Xi-Fix-barrier-device-search.patch * U_CVE-2025-26599-0001-composite-Handle-failure-to-redirect-in-compRedirect.patch * U_CVE-2025-26599-0002-composite-initialize-border-clip-even-when-pixmap-al.patch * U_CVE-2025-26600-0001-dix-Dequeue-pending-events-on-frozen-device-on-remov.patch * U_CVE-2025-26601-0001-sync-Do-not-let-sync-objects-uninitialized.patch * U_CVE-2025-26601-0002-sync-Check-values-before-applying-changes.patch * U_CVE-2025-26601-0003-sync-Do-not-fail-SyncAddTriggerToSyncObject.patch * U_CVE-2025-26601-0004-sync-Apply-changes-last-in-SyncChangeAlarmAttributes.patch * U_CVE-2025-49175-render-Avoid-0-or-less-animated-cursors.patch * U_CVE-2025-49176-os-Check-for-integer-overflow-on-BigRequest-length.patch * U_CVE-2025-49176-os-Do-not-overflow-the-integer-size-with-BigRequest.patch * U_CVE-2025-49177-xfixes-Check-request-length-for-SetClientDisconnectM.patch * U_CVE-2025-49178-os-Account-for-bytes-to-ignore-when-sharing-input-bu.patch * U_CVE-2025-49179-record-Check-for-overflow-in-RecordSanityCheckRegist.patch * U_CVE-2025-49180-randr-Check-for-overflow-in-RRChangeProviderProperty.patch * U_CVE-2025-49180-xfree86-Check-for-RandR-provider-functions.patch * bsc1251958_CVE-2025-62229_0001-present-Fix-use-after-free-in-present_create_notifie.patch * bsc1251959_CVE-2025-62230_0001-xkb-Make-the-RT_XKBCLIENT-resource-private.patch * bsc1251959_CVE-2025-62230_0002-xkb-Free-the-XKB-resource-when-freeing-XkbInterest.patch * bsc1251960_CVE-2025-62231_0001-xkb-Prevent-overflow-in-XkbSetCompatMap.patch * u_fbdevhw_kernel6.9_break_fbdev_open.patch * u_modesetting-Fix-dirty-updates-for-sw-rotation.patch - refreshed patches * N_Install-Avoid-failure-on-wrapper-installation.patch * N_fix-dpi-values.diff * N_zap_warning_xserver.diff * n_raise_default_clients.patch * n_xorg-wrapper-rename-Xorg.patch * u_01-Improved-ConfineToShape.patch * u_Panning-Set-panning-state-in-xf86RandR12ScreenSetSize.patch * u_Use-better-fallbacks-to-generate-cookies-if-arc4rand.patch * u_xf86-Accept-devices-with-the-kernel-s-efidrm-driver.patch * u_xf86-Accept-devices-with-the-kernel-s-vesadrm-driver.patch * u_xfree86-activate-GPU-screens-on-autobind.patch * u_xorg-server-xdmcp.patch * u_xorg-wrapper-build-Build-position-independent-code.patch * xorg-x11-server-byte-order.patch ==== xscreensaver ==== Subpackages: xscreensaver-data xscreensaver-lang - Remove unused BuildRequires: update-desktop-files. ==== yast2-packager ==== Version update (5.0.8 -> 5.0.9) - Do not add the biosdevname package to the list of packages to be installed (bsc#1253690, jsc#PED-262). - 5.0.9 ==== yast2-trans ==== Version update (84.87.20251109.16a31a6851 -> 84.87.20251120.56464525cf) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20251120.56464525cf: * Translated using Weblate (Catalan) * Update translation files * New POT for text domain 'storage'.
