Packages changed: ImageMagick (7.1.0.22 -> 7.1.0.23) MozillaFirefox (96.0.3 -> 97.0) accountsservice acpica augeas autoyast2 (4.4.28 -> 4.4.29) dolphin (21.12.2 -> 21.12.2.1) fwupd (1.7.3 -> 1.7.5) gedit gjs (1.70.0 -> 1.70.1) gnome-disk-utility gnome-maps gnome-settings-daemon gnome-shell gnome-shell-extensions gobject-introspection graphviz graphviz-addons groff groff-full gstreamer (1.18.5 -> 1.18.6) gstreamer-plugins-bad (1.18.5 -> 1.18.6) gstreamer-plugins-base (1.18.5 -> 1.18.6) gstreamer-plugins-good (1.18.5 -> 1.18.6) gstreamer-plugins-libav (1.18.5 -> 1.18.6) gstreamer-plugins-rs (0.8.0 -> 0.8.1) gstreamer-plugins-ugly (1.18.5 -> 1.18.6) gvfs harfbuzz (3.2.0 -> 3.3.2) libguestfs libreoffice libstorage-ng (4.4.79 -> 4.4.81) libvirt libzypp (17.29.3 -> 17.29.4) multipath-tools (0.8.8+45+suse.628d603e -> 0.8.8+57+suse.dfb672fe) nautilus-sendto opensuse-welcome (0.1.8+git.40.95061c3 -> 0.1.8+git.44.7923e16) pam-config (1.5 -> 1.6) patterns-base perl-CGI (4.53 -> 4.54) plasma5-pk-updates (0.3.2 -> 0.3.2+git67) python python-Pygments (2.9.0 -> 2.11.2) python-base python-beautifulsoup4 (4.9.3 -> 4.10.0) python-gmpy python-numexpr (2.7.3 -> 2.8.1) python-prompt_toolkit (3.0.8 -> 3.0.26) python-pyOpenSSL (21.0.0 -> 22.0.0) python-pyparsing (3.0.6 -> 3.0.7) python-service_identity (18.1.0 -> 21.1.0) python-setuptools (57.4.0 -> 58.3.0) python-xarray (0.20.2 -> 0.21.1) qtkeychain-qt5 remmina (1.4.23 -> 1.4.24) squid (5.3 -> 5.4) totem webkit2gtk3 (2.34.4 -> 2.34.5) webkit2gtk3-soup2 (2.34.4 -> 2.34.5) wireplumber (0.4.7 -> 0.4.8) wpa_supplicant xdmbgrd (0.6 -> 0.7) xtables-addons (3.18_k5.16.5_1 -> 3.19_k5.16.5_1) yast2-network (4.4.36 -> 4.4.37) yast2-packager (4.4.21 -> 4.4.22) yast2-ruby-bindings (4.4.7 -> 4.4.8) yast2-trans (84.87.20220131.0700dd3449 -> 84.87.20220206.a953ff83bc) === Details === ==== ImageMagick ==== Version update (7.1.0.22 -> 7.1.0.23) Subpackages: ImageMagick-config-7-SUSE ImageMagick-extra libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10 - version update to 7.1.0.23 * limit recursion when reading the VID image format. * improperly resizing memory due to errant check (reference https://github.com/ImageMagick/ImageMagick/issues/4807). * https://github.com/ImageMagick/ImageMagick/issues/4790 [bsc#1195321] ==== MozillaFirefox ==== Version update (96.0.3 -> 97.0) Subpackages: MozillaFirefox-translations-common - Mozilla Firefox 97.0 MFSA 2022-04 (bsc#1195682) * CVE-2022-22753 (bmo#1732435) Privilege Escalation to SYSTEM on Windows via Maintenance Service * CVE-2022-22754 (bmo#1750565) Extensions could have bypassed permission confirmation during update * CVE-2022-22755 (bmo#1309630) XSL could have allowed JavaScript execution after a tab was closed * CVE-2022-22756 (bmo#1317873) Drag and dropping an image could have resulted in the dropped object being an executable * CVE-2022-22757 (bmo#1720098) Remote Agent did not prevent local websites from connecting * CVE-2022-22758 (bmo#1728742) tel: links could have sent USSD codes to the dialer on Firefox for Android * CVE-2022-22759 (bmo#1739957) Sandboxed iframes could have executed script if the parent appended elements * CVE-2022-22760 (bmo#1740985, bmo#1748503) Cross-Origin responses could be distinguished between script and non-script content-types * CVE-2022-22761 (bmo#1745566) frame-ancestors Content Security Policy directive was not enforced for framed extension pages * CVE-2022-22762 (bmo#1743931) JavaScript Dialogs could have been displayed over other domains on Firefox for Android * CVE-2022-22764 (bmo#1742682, bmo#1744165, bmo#1746545, bmo#1748210, bmo#1748279) Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6 * CVE-2022-0511 (bmo#1713579, bmo#1735448, bmo#1743821, bmo#1746313, bmo#1746314, bmo#1746316, bmo#1746321, bmo#1746322, bmo#1746323, bmo#1746412, bmo#1746430, bmo#1746451, bmo#1746488, bmo#1746875, bmo#1746898, bmo#1746905, bmo#1746907, bmo#1746917, bmo#1747128, bmo#1747137, bmo#1747331, bmo#1747346, bmo#1747439, bmo#1747457, bmo#1747870, bmo#1749051, bmo#1749274, bmo#1749831) Memory safety bugs fixed in Firefox 97 - requires NSS 3.74 - requires rust 1.57 - remove memoryperjob and use %limit instead. this allows to adapt to more worker types, and lowers the time the package is stuck in "scheduling". raising memory above 8 to lower risk for LTO jobs to run OOM - add hack to disable -Wl,--gc-section which avoids a binutils segfault on x86 - change mozilla-reduce-rust-debuginfo.patch: use -g1 everywhere - disable ccache, this adds about 1 minute of build time and over 2 GB of disk space usage without benefit on OBS builds - build with rust-simd like upstream does - use -g1 for debuginfo generation as this is what upstream does as well and it saves ~ 2GB of writes - use %limit on x86_64 to scale down to less capable workers - disable install stripping so that debuginfo is useful - use autopatch - cleanup constraints to specify only jobs, physicalmemory and memoryperjob to be more flexible on which host to build on ==== accountsservice ==== Subpackages: accountsservice-lang libaccountsservice0 typelib-1_0-AccountsService-1_0 - Add ac9b14f1c1bbca413987d0bbfeaad05804107e9a.patch: Fix build with meson 0.61.0. ==== acpica ==== - The package build fine on arches different than x86 and ARM. Drop the ExclusiveArch. ==== augeas ==== Subpackages: augeas-lenses libaugeas0 - testsuite requires glibc-locale, buildrequire it ==== autoyast2 ==== Version update (4.4.28 -> 4.4.29) Subpackages: autoyast2-installation - Fix the profile update when using an element (boo#1195630). - Run the network client when listed in the semi-automatic section. - 4.4.29 ==== dolphin ==== Version update (21.12.2 -> 21.12.2.1) Subpackages: dolphin-part dolphin-part-lang libdolphinvcs5 - Update to 21.12.2.1 * Fix opening FTP files in their preferred app * Use the CDN based endpoint rather than the legacy endpoint ==== fwupd ==== Version update (1.7.3 -> 1.7.5) Subpackages: fwupd-lang libfwupd2 libfwupdplugin5 typelib-1_0-Fwupd-2_0 - Update to version 1.7.5: * This release adds the following features: + Add a flag to indicate the firmware is not provided by the vendor + Add support for showing dependency versions in JSON format + Allow fwupd to operate in socket mode without a D-Bus daemon + Allow marking a device as End-of-Life by the OEM vendor + Allow specifying the machine Best Known Configuration locally + Fall back to the ARM Device Tree 'compatible' data when required * This release fixes the following bugs: + Be more robust by retrying IPMI transactions on servers + Change the expired Redfish password when required + Fix a ModemManager segfault on startup for some MBIM-QDU devices + Fix a possible dell-dock segfault at startup + Fix compiling with new versions of efivar + Fix the Nordic bootloader type detection + Fix USB4 retimer enumeration + Get the SMBIOS table and host machine ID when running on Windows + Show results when calling get-details if failing requirements + Uninhibit the modem using ModemManager after upgrade * This release adds support for the following hardware: + Future Analogix devices + NovaCustom NV4x - Changes from version 1.7.4: * This release adds the following features: + Add firmware branch support for ModemManager devices + Allow firmware engineers to patch files at known offsets + Show why more devices are not marked as updatable * This release fixes the following bugs: + Allow fwupdtool to be run as the non-root user in more cases + Assign the Logitech bulkcontroller update interface correctly + Do not allow UEFI updates when the laptop lid is closed + Do not autoload ipmi-si to avoid warning on non-server hardware + Do not show a critical warning for a weird TPM event log + Fix waiting for USB devices when using Windows + Ignore non-PCI NVMe devices * This release adds support for the following hardware: + HP USB-C G2 Dock + Many UF2 devices, experimentally + More PixArt devices + Nordic HID devices using MCUBoot + Quectel EG25-G LTE Modem + ThinkPad Thunderbolt 4 Dock ==== gedit ==== Subpackages: gedit-lang python3-gedit - Add 124.patch: Fix build with meson 0.61.0 and newer. ==== gjs ==== Version update (1.70.0 -> 1.70.1) Subpackages: libgjs0 typelib-1_0-GjsPrivate-1_0 - Update to version 1.70.1: + Build and crash fixes backported from the development branch. + Closed bugs and merge requests: - Handle optional out parameters in callbacks - Link fails on Debian armel|mipsel|powerpc: needs more - latomic - gjs/jsapi-util.cpp: fix build on gcc-12 - Drop patches fixed upstream: + b9e122044a7ccc1e2a3374c680b6ea82066bfa59.patch + 62025d4a2738a36ea5f1a7cebef08b22b5eef613.patch ==== gnome-disk-utility ==== Subpackages: gnome-disk-utility-lang - Add 60.patch: Fix build with meson 0.61 and newer. ==== gnome-maps ==== Subpackages: gnome-maps-lang - Add def20cbb26e59e5023fe157e691de48d7afe7210.patch: Fix build with meson 0.61 and newer. Backported to apply on stable version. ==== gnome-settings-daemon ==== Subpackages: gnome-settings-daemon-lang - Add 283.patch: Fix build with meson 0.60.0 and newer. - Renumber SLE/LEAP only patches to 1000+ range, make the separation of appliance more clear. ==== gnome-shell ==== Subpackages: gnome-extensions gnome-shell-calendar gnome-shell-lang - Update gs-fate318433-prevent-same-account-multi-logins.patch: Fix the JS ERR: Error: Wrong type number; string expected (bsc#1195179 bsc#1195141). - Add 2078.patch: Fix build with meson 0.61 and newer. ==== gnome-shell-extensions ==== Subpackages: gnome-shell-classic gnome-shell-extensions-common gnome-shell-extensions-common-lang - Add cdaa837d48894737ca0b4e7d2dfb365119e53759.patch: Fix build with meson 0.61 and newer. Backported to apply on stable version. ==== gobject-introspection ==== Subpackages: girepository-1_0 libgirepository-1_0-1 - Add upstream patches to fix build with meson 0.61.0 and newer: + 7c1178069f1c58a05ec56a94ca6ba124215a947b.patch + effb1e09dee263cdac4ec593e8caf316e6f01fe2.patch + 827494d6415b696a98fa195cbd883b50cc893bfc.patch ==== graphviz ==== Subpackages: graphviz-plugins-core libcdt5 libcgraph6 libgvc6 libgvpr2 liblab_gamut1 libpathplan4 - Remove pointless libgraphviz6 subpackage only containing broken and unnecessary ld.so.conf.d dropin. - Add required Provides and Obsoletes for library package split. - Remove unversioned symlinks for plugins, breaking shared library policy. - Remove duplicate python3 bindings in wrong directory (again). - Add missing post scriptlet for webp plugin. - Fix postun scriptlets for all plugins (be silent when graphviz gets removed completely, report errors otherwise). - Cleanup spec file. - Disable Java bindings, as unused/untested, and packaging is quite broken. ==== graphviz-addons ==== Subpackages: graphviz-gd graphviz-gnome - Remove pointless libgraphviz6 subpackage only containing broken and unnecessary ld.so.conf.d dropin. - Add required Provides and Obsoletes for library package split. - Remove unversioned symlinks for plugins, breaking shared library policy. - Remove duplicate python3 bindings in wrong directory (again). - Add missing post scriptlet for webp plugin. - Fix postun scriptlets for all plugins (be silent when graphviz gets removed completely, report errors otherwise). - Cleanup spec file. - Disable Java bindings, as unused/untested, and packaging is quite broken. ==== groff ==== - Do not fail with rpm --excludedocs (bsc#1192195). ==== groff-full ==== Subpackages: gxditview - Do not fail with rpm --excludedocs (bsc#1192195). ==== gstreamer ==== Version update (1.18.5 -> 1.18.6) Subpackages: gstreamer-lang gstreamer-utils libgstreamer-1_0-0 typelib-1_0-Gst-1_0 - Update to version 1.18.6: + gstplugin: Fix for UWP build + gst-ptp-helper: Do not disable multicast loopback + concat: fix qos event handling + pluginfeature: Fix object leak + baseparse: fix invalid avg_bitrate after reset + multiqueue: Fix query unref race on flush + gst: Initialize optional event/message fields when parsing + bitwriter: Fix the trailing bits lost when getting its data + multiqueue: never consider a queue that is not waiting + input-selector: Use proper segments when cleaning cached buffers ==== gstreamer-plugins-bad ==== Version update (1.18.5 -> 1.18.6) Subpackages: gstreamer-plugins-bad-lang libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsturidownloader-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 - Update to version 1.18.6: + interlace: Fix a double-unref on shutdown + webrtcbin: Chain up to parent constructed method + webrtc: fix log error message in function gst_webrtc_bin_set_local_description + mxfdemux: don't error out if VANC track only contains packets we don't handle + av1parser: Fix data type of film grain param + assrender: Support RFC8081 mime types + pitch: Specify layout as required for negotiation + magicleap: update lumin_rt libraries names to the latest official version + codecs: h265decoder: Fix per-slice leak + mpeg4videoparse: fix criticals trying to insert configs that don't exist yet + webrtcbin: Always set SINK/SRC flags + mpegtspacketizer: memcmp potentially seen_before data + zxing: update to support version 1.1.1 - Drop service, use source url, upstream changes in git. ==== gstreamer-plugins-base ==== Version update (1.18.5 -> 1.18.6) Subpackages: gstreamer-plugins-base-lang libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstAudio-1_0 typelib-1_0-GstPbutils-1_0 typelib-1_0-GstTag-1_0 typelib-1_0-GstVideo-1_0 - Update to version 1.18.6: + tagdemux: Fix crash when presented with malformed files (security fix) + videoencoder: make sure the buffer is writable before modifying metadata + video-converter: Fix for broken gamma remap with high bitdepth YUV output + sdpmessage: fix mapping single char fmtp params + oggdemux: fix a race in push mode when performing the duration seek + uridecodebin: Fix critical warnings + audio-converter: Fix resampling when there's nothing to output + tcp: fix build on Solaris + uridecodebin3: Nullify current item after all play items are freed. + audio-resampler: Fix segfault when we can't output any frames + urisourcebin: Handle sources with dynamic pads and pads already present + playbin2/3: autoplug/caps: don't expand caps to ANY + uridecodebin3/urisourcebin: Reusability fixes + rtspconnection: Only reset timeout when socket is unused + gstvideoaggregator.c: fix build with gcc 4.8 - Drop service, use source url, upstream changes in git. ==== gstreamer-plugins-good ==== Version update (1.18.5 -> 1.18.6) Subpackages: gstreamer-plugins-good-extra gstreamer-plugins-good-gtk gstreamer-plugins-good-jack gstreamer-plugins-good-lang gstreamer-plugins-good-qtqml - Update to version 1.18.6: + rtspsrc: Fix critical while serializing timeout element message + multifilesrc: fix caps leak + shout2: Add compatibility for libshout >= 2.4.2 shout_open return values + v4l2: Update fmt if padded height is greater than fmt height + v4l2bufferpool: set video alignment of video meta + qtmux: fix deadlock in gst_qt_mux_prepare_moov_recovery + matroska: Add support for muxing/demuxing ffv1 + qtdemux: Try to build AAC codec-data whenever it's possible - Remove service, use source url, upstream changes in git. ==== gstreamer-plugins-libav ==== Version update (1.18.5 -> 1.18.6) - Update to version 1.18.6: + avcodecmap: Add support for GBRA_10LE/BE. ==== gstreamer-plugins-rs ==== Version update (0.8.0 -> 0.8.1) - Update to version 0.8.1: * Update Cargo.lock * Update versions to 0.8.1 * cdg: update image and cdg_renderer * gtk4: Attach main context receiver from the main context's thread * dav1ddec: Add 8/16 bit grayscale support * rav1enc: Support 8 bit grayscale input * dav1ddec: Require correct alignment and stream format when running with GStreamer 1.20 * rav1enc: Include stream-format and alignment in the caps * dav1ddec: Clean up state tracking a bit - Add automatic .changes generation to service, as upstream seems to not want to make release notes or changelogs. ==== gstreamer-plugins-ugly ==== Version update (1.18.5 -> 1.18.6) Subpackages: gstreamer-plugins-ugly-lang - Update to version 1.18.6: + No changes, version bump only. - Drop service, use source url, upstream changes in git. ==== gvfs ==== Subpackages: gvfs-backend-afc gvfs-backend-samba gvfs-backends gvfs-fuse gvfs-lang - Add 17a067b9b823a0d54e061eae45ff8e2c7e4a88d0.patch: Fix build with meson 0.61 and newer. Backported to apply on stable version. ==== harfbuzz ==== Version update (3.2.0 -> 3.3.2) Subpackages: libharfbuzz-gobject0 libharfbuzz-icu0 libharfbuzz-subset0 libharfbuzz0 libharfbuzz0-32bit typelib-1_0-HarfBuzz-0_0 - update to 3.3.2: + Revert splitting of pair positioning values introduced in 3.3.0 as it proved problematic - includes changes from 3.3.1: + Fix heap-use-after-free in harfbuzz-subset introduced in previous release - includes changes from 3.3.0: + Improved documentation, code cleanup + The low 16-bits of face index will be used by hb_face_create() to select a face inside a font collection file format, while the high 16-bits will be used by hb_font_create() to load the named instance + Glyph positions and other font metrics now apply synthetic slant set by hb_font_set_synthetic_slant(), for improved positioning for synthetically slanted fonts + Fixed unintentional locale dependency in hb_variation_to_string() for decimal point representation + When applying pair positioning (kerning) the positioning value is split between the two sides of the pair for improved cursor positioning between such pairs + Introduced new HB_GLYPH_FLAG_UNSAFE_TO_CONCAT, to be used in conjunction with HB_GLYPH_FLAG_UNSAFE_TO_BREAK for optimizing re-shaping during line breaking. Check the documentation for further details + Improved handling of macrolanguages when mapping BCP 47 codes to OpenType tags ==== libguestfs ==== Subpackages: guestfs-data guestfs-tools guestfs-winsupport libguestfs0 perl-Sys-Guestfs - bsc#1195415 - libguestfs: consider dropping build requirement on systemd-sysvinit libguestfs.spec ==== libreoffice ==== Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-en_GB libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-pt_BR libreoffice-l10n-ru libreoffice-l10n-zh_CN libreoffice-l10n-zh_TW libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit - Add 0001-Missing-includes-for-libstdc-12.patch: fix the build with gcc 12. ==== libstorage-ng ==== Version update (4.4.79 -> 4.4.81) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#860 - added integration test - use in-class member initialization - 4.4.81 - merge gh#openSUSE/libstorage-ng#859 - Modify mount point if mount_type changes - Mount/unmount if needed when mount type changes - 4.4.80 ==== libvirt ==== Subpackages: libvirt-client libvirt-daemon libvirt-daemon-config-network libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs - qemu: fix inactive snapshot revert 76deb656-qemu-fix-snapshot-revert.patch boo#1195690 - libxl: Mark auto-allocated graphics ports to used on reconnect e0241f33-libxl-mark-allocated-graphics-ports.patch - libxl: Release all auto-allocated graphics ports 18ec405a-libxl-release-graphics-ports.patch bsc#1191668 ==== libzypp ==== Version update (17.29.3 -> 17.29.4) - Fix handling of redirected command in-/output (bsc#1195326) This fixes delays at the end of zypper operations, where zypper unintentionally waits for appdata plugin scripts to complete. - version 17.29.4 (22) ==== multipath-tools ==== Version update (0.8.8+45+suse.628d603e -> 0.8.8+57+suse.dfb672fe) Subpackages: kpartx libmpath0 - Version 0.8.8+57+suse.dfb672fe * kpartx.rules: skip MD devices (bsc#1195644) * libmultipath: hwtable: use ALUA for all LIO targets (bsc#1195649) * multipathd.service: drop ExecStartPre for loading dm-multipath (bsc#1195397) ==== nautilus-sendto ==== Subpackages: nautilus-sendto-lang - Add nautilus-sendto-fix-meson-061.patch: Fix build with meson 0.61 and newer. - Drop unneeded appstream-glib-devel BuildRequires. ==== opensuse-welcome ==== Version update (0.1.8+git.40.95061c3 -> 0.1.8+git.44.7923e16) Subpackages: opensuse-welcome-lang - Update to version 0.1.8+git.44.7923e16: * Added Lithuanian translation using Weblate ==== pam-config ==== Version update (1.5 -> 1.6) - Update to Version 1.6 - Create /etc/pam.d if not there - Support file option of pam_pwhistory ==== patterns-base ==== Subpackages: patterns-base-apparmor patterns-base-base patterns-base-basesystem patterns-base-basic_desktop patterns-base-console patterns-base-enhanced_base patterns-base-minimal_base patterns-base-selinux patterns-base-sw_management patterns-base-transactional_base patterns-base-x11 patterns-base-x11_enhanced - No longer recommend apparmor pattern by enhanced_base: installations using YaST have the LSM selected during installation. Other setups might just as well pick SELinux. ==== perl-CGI ==== Version update (4.53 -> 4.54) - updated to 4.54 see /usr/share/doc/packages/perl-CGI/Changes 4.54 2022-02-03 [ FIX ] - fix use of cache when calling ->cookie (GH #252) - thanks to Sergey Panteleev for the PR ==== plasma5-pk-updates ==== Version update (0.3.2 -> 0.3.2+git67) Subpackages: plasma5-pk-updates-lang - Use git master directly - Use a complete plasma5-pk-updates-lang.tar.xz - Update to version 0.3.2+git67: * Port config dialog to QtQuick Controls 2 * Lower required QtQuick.Layouts version to 1.12 * Fix expansion handling of PackageDelegate items * Consistent spacing in PackageDelegate * Port completely to PC3 by using PlasmaExtras.ListItem * Don't show "no updates" message when checking failed * Refactor tracking of overall package selection state * Fix state of "Select all packages" checkbox * Port to Layouts and PlaceholderMessage as well to fix layout issues * [applet] Port mostly to PlasmaComponents3 * Also treat ErrorNotAuthorized as temporary * Limit to one automatic check each 10 minutes * Don't refresh the cache forcibly * Accumulate restart requests to show the notification at transaction end (boo#1103679, boo#1174239) * Don't default to showing that the check for updates failed * Don't show an error for a failed automatic refresh * Make action buttons translatable * Add support for license prompts * Port away from KDELibs4Support, use Solid::Power interface * Remove explicit initialization of default constructed members * Fix warning, remove unsigned int < 0 check * Fix minor typos * Make the notifications less obtrusive * Use own eventIds and ComponentName instead of generic plasma workspace ones * Fix usage of 0 for null pointer constants * Replace KIconLoader + pixmaps with standard icon names * Don't force a check for updates when the applet runs * Several fixes related to the network state and applet messages/notifications. - Drop all patches, now upstream: * desktop.patch * 0001-Hide-updates-and-checkbox-when-system-is-offline.patch * 0002-Add-its-own-messageChanged-NOTIFY-signal-to-message.patch * 0003-Delay-PkUpdates-checkUpdates-calls-if-the-network-is-offline.patch * 0001-Replace-KIconLoader-pixmaps-with-standard-icon-names.patch * 0002-Fix-usage-of-0-for-null-pointer-constants.patch * 0003-Use-own-eventIds-and-ComponentName-instead-of-generi.patch * 0004-Make-the-notifications-less-obtrusive.patch * 0006-Remove-explicit-initialization-of-default-constructe.patch * 0007-Port-away-from-KDELibs4Support-use-Solid-Power-inter.patch * 0001-Add-support-for-license-prompts.patch * 0001-Don-t-show-an-error-for-a-failed-automatic-refresh.patch * 0001-Limit-to-one-automatic-check-each-10-minutes.patch * 0001-Also-treat-ErrorNotAuthorized-as-temporary.patch ==== python ==== - Add CVE-2021-4189-ftplib-trust-PASV-resp.patch (bsc#1194146, bpo#43285, CVE-2021-4189, gh#python/cpython#24838) make ftplib not trust the PASV response. ==== python-Pygments ==== Version update (2.9.0 -> 2.11.2) - backport elpi_fix_catastrophic_backtracking.patch: fix build getting stuck when running the tests - switch prep stage to autosetup - remove commented-out shebang removal - update to 2.11.2: * Updated lexers: + C-family: Fix incorrect handling of labels (#2022, #1996, [#1182]) + Java: Fixed an issue with record keywords result in Error tokens in some cases (#2018) * Fix links to line numbers not working correctly (#2014) * Remove underline from Whitespace style in the Tango theme (#2020) * Fix IRC and Terminal256 formatters not backtracking correctly for custom token types, resulting in some unstyled tokens (#1986) - Update to 2.11.1: https://github.com/pygments/pygments/blob/master/CHANGES - Remove one test as it requires wcag-contrast-ratio Python package. ==== python-base ==== Subpackages: libpython2_7-1_0 python-xml - Add CVE-2021-4189-ftplib-trust-PASV-resp.patch (bsc#1194146, bpo#43285, CVE-2021-4189, gh#python/cpython#24838) make ftplib not trust the PASV response. - build against openssl 1.1.x (incompatible with openssl 3.0x) for now. ==== python-beautifulsoup4 ==== Version update (4.9.3 -> 4.10.0) - Update to 4.10.0: * This is the first release of Beautiful Soup to only support Python 3. * The behavior of methods like .get_text() and .strings now differs depending on the type of tag. * NavigableString and its subclasses now implement the get_text() method, as well as the properties .strings and .stripped_strings. * The 'html5' formatter now treats attributes whose values are the empty string as HTML boolean attributes. * The 'replace_with()' method now takes a variable number of arguments, and can be used to replace a single element with a sequence of elements. * Corrected output when the namespace prefix associated with a namespaced attribute is the empty string, as opposed to None. * Performance improvement when processing tags that speeds up overall tree construction by 2%. Patch by Morotti. [bug=1899358] * Corrected the use of special string container classes in cases when a single tag may contain strings with different containers; such as the