Packages changed: e2fsprogs (1.46.4 -> 1.46.5) libgcrypt libgudev lua54 (5.4.3 -> 5.4.4) ncurses (6.3.20220115 -> 6.3.20220129) openssl-1_1 rpm vim (8.2.4186 -> 8.2.4286) === Details === ==== e2fsprogs ==== Version update (1.46.4 -> 1.46.5) Subpackages: libcom_err2 libext2fs2 - Update to 1.46.5: * better handling for resizing to fs sizes which would exceed inode limits * fix crash in e2fsck fastcommit handling * fix possibly lost quota limits when e2fsck corrects quota files * fix tune2fs to properly transfer quota limits when convertion quota files * add support for handling of version 0 quota files in tune2fs * teach libss to use libreadline.so.8 * optimize resize2fs cpu usage for large filesystems * teach libuuid to use getrandom() or getentropy() if available - libss-add-newer-libreadline.so.8-to-dlopen-path.patch: Remove, merged upstream - quota-Add-support-to-version-0-quota-format.patch: Remove, merged upstream - quota-Fold-quota_read_all_dquots-into-quota_update_l.patch: Remove, merged upstream - quota-Rename-quota_update_limits-to-quota_read_all_d.patch: Remove, merged upstream - tune2fs-Fix-conversion-of-quota-files.patch: Remove, merged upstream - e2fsck-Do-not-trash-user-limits-when-processing-orph.patch: Remove, merged upstream - debugfs-Fix-headers-for-quota-commands.patch: Remove, merged upstream - quota-Drop-dead-code.patch: Remove, merged upstream ==== libgcrypt ==== - FIPS: Disable DSA in FIPS mode [bsc#1195385] * Upstream task: https://dev.gnupg.org/T5710 * Add libgcrypt-FIPS-disable-DSA.patch - FIPS: Service level indicator [bsc#1190700] * Provide an indicator to check wether the service utilizes an approved cryptographic algorithm or not. * Add patches: - libgcrypt-FIPS-service-indicators.patch - libgcrypt-FIPS-verify-unsupported-KDF-test.patch - libgcrypt-FIPS-HMAC-short-keylen.patch ==== libgudev ==== - add explicit glibc-locale buildrequires for passing the testsuite (bsc#1195390) ==== lua54 ==== Version update (5.4.3 -> 5.4.4) - Ensure shared library is installed with executable bit set - Update to Lua 5.4.4: * fixes all bugs found in Lua 5.4.3 - Removed upstream-bugs.patch: new release (no bugs found yet) - Removed upstream-bugs-test.patch: new release (no bugs found yet) ==== ncurses ==== Version update (6.3.20220115 -> 6.3.20220129) Subpackages: libncurses6 ncurses-utils terminfo-base - Do not remove detection of getttynam() to avoid fallback as with patch 6.3 20211204 this is obsolete - Add ncurses patch 20220129 + minor updates for test-packages + improve handling of --with-pkg-config-libdir option, allowing for the case where either $PKG_CONFIG_LIBDIR or the option value has a colon-separated list of directories (report by Rudi Heitbaum, cf: 20211113). + update kitty -TD - Add ncurses patch 20220122 + add ABI 7 defaults to configure script. + add warning in configure script if file specified for "--with-caps" does not exist. + use fix for CF_FIX_WARNINGS from cdk-perl, ignoring error-exit on format-warnings. + improve readability of long parameterized expressions with the infocmp "-f" option by allowing split before a "%p" marker. - Correct offsets of patch ncurses-6.3.dif - use bash everywhere, the scripts are not posix shell compatible (bsc#1195391) ==== openssl-1_1 ==== Subpackages: libopenssl1_1 - Enable zlib compression support [bsc#1195149] - Backport cryptographic improvements from OpenSSL 3 [jsc#SLE-19742] * Optimize RSA on armv8: openssl-1_1-Optimize-RSA-armv8.patch * Optimize AES-XTS mode for aarch64: openssl-1_1-Optimize-AES-XTS-aarch64.patch * Optimize AES-GCM for uarchs with unroll and new instructions: openssl-1_1-Optimize-AES-GCM-uarchs.patch - POWER10 performance enhancements for cryptography [jsc#SLE-18136] * openssl-1_1-Optimize-ppc64.patch ==== rpm ==== - invoke find-lang.sh with bash, it is a bash script (bsc#1195391) - switch to glibc-locale-base to reduce system installation size by ~220MB (bsc#1195390) - Update OCaml requires/provides generators to ignore cmxs new patch: ocaml-cmxs.diff ==== vim ==== Version update (8.2.4186 -> 8.2.4286) Subpackages: vim-data-common vim-small - fixes boo#1195509 CVE-2022-0443 - Updated to version 8.2.4286, fixes the following problems * Compiler warning for uninitialized variable. * Unused entry in keymap enum. * CI log output is long. * Coverity warns for using a NULL pointer. * Generating nv_cmdidxs.h requires building Vim twice. * Vim9 expr test fails without the channel feature. (Dominique Pellé) * The EBCDIC support is outdated. * Basic and form filetype detection is incomplete. * Cannot use an autoload function from a package under start. * Separate test function for the GUI scrollbar. * Vim9: an import does not shadow a command modifier. * Build with Athena GUI fails. (Elimar Riesebieter) * Vim9: cannot change item type with map() after range(). * list-dict test crashes. * Using freed memory with :lopen and :bwipe. * Restricted mode requires the -Z command line option. * Using a variable for the return value is not needed. * Old mac resources files are no longer used. * Vim9: type of item in for loop not checked properly. * Vim9: strict type checking after copy() and deepcopy(). - fixes boo#1195499 CVE-2022-0417 - fixes boo#1195336 CVE-2022-0393 - Updated to version 8.2.4266, fixes the following problems * Cannot use an import in 'patchexpr'. * Gnuplot file not recognized. * Not all gitconfig files are recognized. * All conceal tests are skipped without the screendumps feature. * json5 files are not recognized. * Cannot use an import in 'printexpr'. * Cannot use an import in 'charconvert'. * Resizing terminal may cause to behave like CTRL-Z. * Various file types not recognized. * Cannot use an import in the "expr" part of 'spellsuggest'. * Vim9: the switch for executing instructions is too long. * Some tests do not clean up properly. * When using the GUI CTRL-Z does not stop gvim. * Vim9: cannot export function that exists globally. * Entering a character with CTRL-V may include modifiers. * screenpos() has non-zero row for invisible text. * The normal_cmd() function is too long. * Condition with many "(" causes a crash. * Recursion test fails with MSVC. * Using setbufvar() may change the window title. * partial in 'opfunc' cannot use an imported function. * Window title test fails in some configurations. * Too much code for supporting old MSVC versions. * Illegal memory access with large 'tabstop' in Ex mode. * Illegal memory access when copying lines in Visual mode. * Vim9: cannot use a function from an autoload import directly. * Illegal memory access when undo makes Visual area invalid. * Illegal memory access with bracketed paste in Ex mode. * Reading before the start of the line. * Some functions in normal.c are very long. * Long/int compiler warnings; function arguments swapped. * Vim9: no error when using a number for map() second argument * Vim9: depth argument of :lockvar not parsed in :def function. * Filter-map test fails. * Vim9: using "lockvar!" in :def function does not work. * No tests for clicking in the GUI tabline. * Possible crash when invoking timer callback fails. * MS-Windows: set_guifontwide() is included but won't work. * Vim9: map() gives type error when type was not declared. * Some compilers don't like a goto label without statement. * Crash when recording and using Select mode. * test_garbagecollect_now() does not check v:testing as documented. * Invalid check for NULL pointer. * Accessing freed memory. * Record buffer wrong if character in Select mode was not typed. * *.tf file could be fileytpe "tf" or "terraform". * Build fails with unusual configuration. * Error for using flatten() in Vim9 script is unclear. * Some type casts are redundant. * Put in Visual mode cannot be repeated. * Lua tests fail with Lua 5.4.4. * ":retab 0" may cause illegal memory access. * One error message not in errors.h. (Antonio Colombo) * Stack corruption when looking for spell suggestions. * No proper test for moving the window separator. * The timeout limit for spell suggestions is always 5000 milli seconds. * Channel out callback test is flaky on Mac. * Vala files are not recognized. * Generating the normal command table at runtime is inefficient. * Using freed memory when substitute uses a recursive function call. * Using short instead of int. * Theoretical computation overflow. * Vim9: finding global function without g: prefix but not finding global variable is inconsistent. * Coverity warns for array overrun. * Number of test functions for GUI events is growing. * Vim9: can still use a global function without g: at the script level. * Accessing invalid memory when a regular expression checks the Visual area while matching in a string. * Some search tests fail. * No test for the GUI find/replace dialog. * Vim9: can use old style autoload function name. * Autoload tests fails. * Compiler warning for uninitialized variable.