Packages changed: fetchmail (6.4.31 -> 6.4.32) libgsm (1.0.19 -> 1.0.20) mozilla-nss (3.79 -> 3.80) nano tmux (3.2a -> 3.3a) xen (4.16.1_02 -> 4.16.1_06) === Details === ==== fetchmail ==== Version update (6.4.31 -> 6.4.32) Subpackages: fetchmailconf - Update to 6.4.32: * Use configure to find rst2html, some systems install it only with .py suffix, others only without, and some install both. * Update README.maintainer * Translations updated. - Reapplied patches - Add 44-uncorrupt_runfetchmail.patch to clean up some contrib/ scripts (gl#fetchmail/fetchmail#44). ==== libgsm ==== Version update (1.0.19 -> 1.0.20) - Update to 1.0.20: * Use $(RMFLAGS) with the rms in the Makefile; add -f to $(RMFLAGS) to avoid spurious error messages during build. - Rebase and rename libgsm-1.0.20.patch from libgsm-1.0.13.patch. - Rebase libgsm-include.patch. ==== mozilla-nss ==== Version update (3.79 -> 3.80) Subpackages: libfreebl3 libfreebl3-hmac libsoftokn3 libsoftokn3-hmac mozilla-nss-certs mozilla-nss-tools - update to NSS 3.80 * bmo#1774720 - Fix SEC_ERROR_ALGORITHM_MISMATCH entry in SECerrs.h. * bmo#1617956 - Add support for asynchronous client auth hooks. * bmo#1497537 - nss-policy-check: make unknown keyword check optional. * bmo#1765383 - GatherBuffer: Reduced plaintext buffer allocations by allocating it on initialization. Replaced redundant code with assert. Debug builds: Added buffer freeing/allocation for each record. * bmo#1773022 - Mark 3.79 as an ESR release. * bmo#1764206 - Bump nssckbi version number for June. * bmo#1759815 - Remove Hellenic Academic 2011 Root. * bmo#1770267 - Add E-Tugra Roots. * bmo#1768970 - Add Certainly Roots. * bmo#1764392 - Add DigitCert Roots. * bmo#1759794 - Protect SFTKSlot needLogin with slotLock. * bmo#1366464 - Compare signature and signatureAlgorithm fields in legacy certificate verifier. * bmo#1771497 - Uninitialized value in cert_VerifyCertChainOld. * bmo#1771495 - Unchecked return code in sec_DecodeSigAlg. * bmo#1771498 - Uninitialized value in cert_ComputeCertType. * bmo#1760998 - Avoid data race on primary password change. * bmo#1769063 - Replace ppc64 dcbzl intrinisic. * bmo#1771036 - Allow LDFLAGS override in makefile builds. ==== nano ==== Subpackages: nano-lang - Added obs-channel-and-patchinfo-syntax.patch to support syntax highlighting for _channel and _patchinfo files used by OBS ==== tmux ==== Version update (3.2a -> 3.3a) - switch to screen-256color as default terminal to fix incompatibility with yast2-ruby-testsuite - update to 3.3a: * Do not crash when run-shell produces output from a config file. * Do not unintentionally turn off all mouse mode when button mode is also present. - update to 3.3: * Add an ACL list for users connecting to the tmux socket. Users may be forbidden from attaching, forced to attach read-only, or allowed to attach read-write. A new command, server-access, configures the list. File system permissions must still be configured manually. * Emit window-layout-changed on swap-pane. * Better error reporting when applying custom layouts. * Handle ANSI escape sequences in run-shell output. * Add pane_start_path to match start_command. * Set PWD so shells have a hint about the real path. * Do not allow pipe-pane on dead panes. * Do not report mouse positions (incorrectly) above the maximum of 223 in normal mouse mode. * Add an option (default off) to control the passthrough escape sequence. * Support more mouse buttons when the terminal sends them. * Add a window-resized hook which is fired when the window is actually resized which may be later than the client resize. * Add next_session_id format with the next session ID. * Add formats for client and server UID and user. * Add argument to refresh-client -l to forward clipboard to a pane. * Add remain-on-exit-format to set text shown when pane is dead. * With split-window -f use percentages of window size not pane size. * Add an option (fill-character) to set the character used for unused areas of a client. * Add an option (scroll-on-clear) to control if tmux scrolls into history on clear. * Add a capability for OSC 7 and use it similarly to how the title is set (and controlled by the same set-titles option). * Add support for systemd socket activation (where systemd creates the Unix domain socket for tmux rather than tmux creating it). Build with - -enable-systemd. * Add an option (pane-border-indicators) to select how the active pane is shown on the pane border (colour, arrows or both). * Support underscore styles with capture-pane -e. * Make pane-border-format a pane option rather than window. * Respond to OSC 4 queries * Fix g/G keys in modes to do the same thing as copy mode (and vi). * Bump the time terminals have to respond to device attributes queries to three seconds. * If automatic-rename is off, allow the rename escape sequence to set an empty name. * Trim menu item text more intelligently. * Add cursor-style and cursor-colour options to set the default cursor style and colour. * Accept some useful and non-conflicting emacs keys in vi normal mode at the command prompt. * Add a format modifier (c) to force a colour to RGB. * Add -s and -S to display-popup to set styles, -b to set lines and -T to set popup title. New popup-border-lines, popup-border-style and popup-style options set the defaults. * Add -e flag to set an environment variable for a popup. * Make send-keys without arguments send the key it is bound to (if bound to a key). * Try to leave terminal cursor at the right position even when tmux is drawing its own cursor or selection (such as at the command prompt and in choose mode) for people using screen readers and similar which can make use of it. * Change so that {} is converted to tmux commands immediately when parsed. This means it must contain valid tmux commands. For commands which expand %% and %%%, this now only happens within string arguments. Use of nested aliases inside {} is now forbidden. Processing of commands given in quotes remains the same. * Disable evports on SunOS since they are broken. * Do not expand the file given with tmux -f so it can contain :s. * Bump FORMAT_LOOP_LIMIT and add a log message when hit. * Add a terminal feature for the mouse (since FreeBSD termcap does not have kmous). * Forbid empty session names. * Improve error reporting when the tmux /tmp directory cannot be created or used. * Give #() commands a one second grace period where the output is empty before telling the user they aren't doing anything ("not ready"). * When building, pick default-terminal from the first of tmux-256color, tmux, screen-256color, screen that is available on the build system (--with-TERM can override). * Do not close popups on resize, instead adjust them to fit. * Add a client-active hook. * Make window-linked and window-unlinked window options. * Do not configure on macOS without the user making a choice about utf8proc (either --enable-utf8proc or --disable-utf8proc). * Do not freeze output in panes when a popup is open, let them continue to redraw. * Add pipe variants of the line copy commands. * Change copy-line and copy-end-of-line not to cancel and add -and-cancel variants, like the other copy commands. * Support the OSC palette-setting sequences in popups. * Add a pane-colours array option to specify the defaults palette. * Add support for Unicode zero-width joiner. * Make newline a style delimiter as well so they can cross multiple lines for readability in configuration files. * Change focus to be driven by events rather than scanning panes so the ordering of in and out is consistent. * Add display-popup -B to open a popup without a border. * Add a menu for popups that can be opened with button three outside the popup or on the left or top border. Resizing now only works on the right and bottom ... changelog too long, skipping 16 lines ... - set default TERM to recommended tmux-256colors ==== xen ==== Version update (4.16.1_02 -> 4.16.1_06) Subpackages: xen-libs xen-tools xen-tools-domU - Added --disable-pvshim when running configure in xen.spec. We have never shipped the shim and don't need to build it. - bsc#1199965 - VUL-0: CVE-2022-26362: xen: Race condition in typeref acquisition 62a1e594-x86-clean-up-_get_page_type.patch 62a1e5b0-x86-ABAC-race-in-_get_page_type.patch - bsc#1199966 - VUL-0: CVE-2022-26363,CVE-2022-26364: xen: Insufficient care with non-coherent mappings 62a1e5d2-x86-introduce-_PAGE_-for-mem-types.patch 62a1e5f0-x86-dont-change-cacheability-of-directmap.patch 62a1e60e-x86-split-cache_flush-out-of-cache_writeback.patch 62a1e62b-x86-AMD-work-around-CLFLUSH-ordering.patch 62a1e649-x86-track-and-flush-non-coherent.patch - bsc#1200549 VUL-0: CVE-2022-21123,CVE-2022-21125,CVE-2022-21166: xen: x86: MMIO Stale Data vulnerabilities (XSA-404) 62ab0fab-x86-spec-ctrl-VERW-flushing-runtime-cond.patch 62ab0fac-x86-spec-ctrl-enum-for-MMIO-Stale-Data.patch 62ab0fad-x86-spec-ctrl-add-unpriv-mmio.patch - bsc#1201469 - VUL-0: CVE-2022-23816,CVE-2022-23825,CVE-2022-29900: xen: retbleed - arbitrary speculative code execution with return instructions (XSA-407) 62cc31ed-x86-honour-spec-ctrl-0-for-unpriv-mmio.patch 62cc31ee-cmdline-extend-parse_boolean.patch 62cc31ef-x86-spec-ctrl-fine-grained-cmdline-subopts.patch 62cd91d0-x86-spec-ctrl-rework-context-switching.patch 62cd91d1-x86-spec-ctrl-rename-SCF_ist_wrmsr.patch 62cd91d2-x86-spec-ctrl-rename-opt_ibpb.patch 62cd91d3-x86-spec-ctrl-rework-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch 62cd91d4-x86-spec-ctrl-IBPB-on-entry.patch 62cd91d5-x86-cpuid-BTC_NO-enum.patch 62cd91d6-x86-spec-ctrl-enable-Zen2-chickenbit.patch 62cd91d7-x86-spec-ctrl-mitigate-Branch-Type-Confusion.patch - Upstream bug fixes (bsc#1027519) 62a99614-IOMMU-x86-gcc12.patch 62bdd840-x86-spec-ctrl-only-adjust-idle-with-legacy-IBRS.patch 62bdd841-x86-spec-ctrl-knobs-for-STIBP-and-PSFD.patch - Drop patches replaced by upstream versions xsa401-1.patch xsa401-2.patch xsa402-1.patch xsa402-2.patch xsa402-3.patch xsa402-4.patch xsa402-5.patch - bsc#1201394 - VUL-0: CVE-2022-33745: xen: insufficient TLB flush for x86 PV guests in shadow mode (XSA-408) xsa408.patch - Fix gcc13 compilation error 62c56cc0-libxc-fix-compilation-error-with-gcc13.patch