Packages changed: ImageMagick (7.1.0.46 -> 7.1.0.47) bluez-firmware ca-certificates-mozilla (2.52 -> 2.56) ethtool (5.18 -> 5.19) ffmpeg-4 fillup glib2 gptfdisk (1.0.8 -> 1.0.9) graphviz graphviz-addons ibus ibus_gtk4 libnvme libqt5-qtstyleplugins librsvg (2.54.4 -> 2.54.5) libwpe (1.12.0 -> 1.12.3) libxml2 (2.9.14 -> 2.10.1) libyui (4.4.3 -> 4.4.4) libyui-ncurses (4.4.3 -> 4.4.4) libyui-ncurses-pkg (4.4.3 -> 4.4.4) libyui-qt (4.4.3 -> 4.4.4) libyui-qt-graph (4.4.3 -> 4.4.4) libyui-qt-pkg (4.4.3 -> 4.4.4) mariadb-connector-c (3.3.1 -> 3.3.2) memcached (1.6.15 -> 1.6.16) openssh python-FontTools (4.33.3 -> 4.37.1) python-zipp (3.8.0 -> 3.8.1) sssd (2.7.3 -> 2.7.4) tcpd userspace-rcu (0.13.1 -> 0.13.2) vim (9.0.0224 -> 9.0.0313) wpebackend-fdo (1.12.0 -> 1.12.1) xen (4.16.2_02 -> 4.16.2_04) yast2 (4.5.10 -> 4.5.11) yast2-core (4.5.2 -> 4.5.3) === Details === ==== ImageMagick ==== Version update (7.1.0.46 -> 7.1.0.47) Subpackages: ImageMagick-config-7-SUSE libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10 - version update to 7.1.0.47 upstream changelog: https://github.com/ImageMagick/Website/blob/main/ChangeLog.md ==== bluez-firmware ==== - modernize specfile ==== ca-certificates-mozilla ==== Version update (2.52 -> 2.56) - Updated to 2.56 state of Mozilla SSL root CAs (bsc#1202868) Added: - Certainly Root E1 - Certainly Root R1 - DigiCert SMIME ECC P384 Root G5 - DigiCert SMIME RSA4096 Root G5 - DigiCert TLS ECC P384 Root G5 - DigiCert TLS RSA4096 Root G5 - E-Tugra Global Root CA ECC v3 - E-Tugra Global Root CA RSA v3 Removed: - Hellenic Academic and Research Institutions RootCA 2011 - Updated to 2.54 state of Mozilla SSL root CAs (bsc#1199079) Added: - Autoridad de Certificacion Firmaprofesional CIF A62634068 - D-TRUST BR Root CA 1 2020 - D-TRUST EV Root CA 1 2020 - GlobalSign ECC Root CA R4 - GTS Root R1 - GTS Root R2 - GTS Root R3 - GTS Root R4 - HiPKI Root CA - G1 - ISRG Root X2 - Telia Root CA v2 - vTrus ECC Root CA - vTrus Root CA Removed: - Cybertrust Global Root - DST Root CA X3 - DigiNotar PKIoverheid CA Organisatie - G2 - GlobalSign ECC Root CA R4 - GlobalSign Root CA R2 - GTS Root R1 - GTS Root R2 - GTS Root R3 - GTS Root R4 ==== ethtool ==== Version update (5.18 -> 5.19) - update to upstream release 5.19 * Feature: get/set tx push (-g and -G) * Feature: register dump support for TI CPSW * Feature: register dump support for lan743x chipset * Fix: fix missing sff-8472 output in netlink path * Fix: fix EEPROM byte write ==== ffmpeg-4 ==== Subpackages: libavcodec58_134 libavfilter7_110 libavformat58_76 libavresample4_0 libavutil56_70 libpostproc55_9 libswresample3_9 libswscale5_9 - Add patch to detect SDL2 >= 2.1.0 (boo#1202848): * ffmpeg-sdl2-detection.patch ==== fillup ==== - Makefile is not parallel-safe ==== glib2 ==== Subpackages: glib2-lang glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 libgthread-2_0-0 - Add 99783e0408f8ae9628d2c7a30eb99806087da711.patch: gsocketclient: Fix passing NULL to g_task_get_cancellable(). Fix a regression from commit abddb42d14, where it could pass `NULL` to `g_task_get_cancellable()`, triggering a critical warning. This could happen because the lifetime of `data->task` is not as long as the lifetime of the `ConnectionAttempt`, but the code assumed it was. Fix the problem by keeping a strong ref to that `GCancellable` around until the `ConnectionAttempt` is finished being destroyed. ==== gptfdisk ==== Version update (1.0.8 -> 1.0.9) - Update to release 1.0.9 * Added support for aligning partitions' end points, as well as their start points. This support affects the default partition size when using 'n' in gdisk; it affects the default partition size in cgdisk; and it is activated by the new `-I` option in sgdisk. * Added check for too-small disks (most likely to be an issue when trying to use a too-small disk image); program now aborts if this happens. * Added new parition type codes. ==== graphviz ==== Subpackages: graphviz-plugins-core libcdt5 libcgraph6 libgvc6 libgvpr2 liblab_gamut1 libpathplan4 - Split the Qt5 dependencies from addons flavor - it's just gvedit ==== graphviz-addons ==== Subpackages: graphviz-gd graphviz-gnome - Split the Qt5 dependencies from addons flavor - it's just gvedit ==== ibus ==== Subpackages: ibus-dict-emoji ibus-gtk ibus-gtk3 ibus-lang libibus-1_0-5 typelib-1_0-IBus-1_0 - Do not run ibus-autostart with xdg-autostart-generator (KDE etc.) * A workaround for boo#1202841 * Please use org.freedesktop.IBus.session.generic.service instead (See boo#1201421) ==== ibus_gtk4 ==== - Do not run ibus-autostart with xdg-autostart-generator (KDE etc.) * A workaround for boo#1202841 * Please use org.freedesktop.IBus.session.generic.service instead (See boo#1201421) ==== libnvme ==== - Fix installation of manual pages to make them accessible ==== libqt5-qtstyleplugins ==== - Edit qtstyleplugins-fix-deprecations.patch to use the older more reliable method for progress bar orientation (boo#1202611) ==== librsvg ==== Version update (2.54.4 -> 2.54.5) Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0 - Update to version 2.54.5: + Accept patterns with userSpaceOnUse units for the stroke of axis-aligned lines. ==== libwpe ==== Version update (1.12.0 -> 1.12.3) - Update to version 1.12.3: + Fix the build when using Clang's libc++ or the Musl libc. - Changes from version 1.12.2: + Fix the build when using CMake to configure it. - Changes from version 1.12.1: + Fix pasteboard to use the generic interface by default. + Fix memory allocation to always abort execution on failure. ==== libxml2 ==== Version update (2.9.14 -> 2.10.1) Subpackages: libxml2-2 libxml2-tools - Update to version 2.10.1: * Regressions: Fix xmlCtxtReadDoc with encoding * Bug fixes: Fix HTML parser with threads and --without-legacy * Build system: + Fix build with Python 3.10 + cmake: Disable version script on macOS + Remove Makefile rule to build testapi.c * Documentation: + Switch back to HTML output for API documentation + Port doc/examples/index.py to Python 3 + Fix order of exports in libxml2-api.xml + Remove libxml2-refs.xml - Update to 2.10.0: * Security + [CVE-2022-2309] Reset nsNr in xmlCtxtReset + Reserve byte for NUL terminator and report errors consistently in xmlBuf and xmlBuffer + Fix missing NUL terminators in xmlBuf and xmlBuffer functions + Fix integer overflow in xmlBufferDump() + xmlBufAvail() should return length without including a byte for NUL terminator + Fix ownership of xmlNodePtr & xmlAttrPtr fields in xmlSetTreeDoc() + Use xmlNewDocText in xmlXIncludeCopyRange + Fix use-after-free bugs when calling xmlTextReaderClose() before xmlFreeTextReader() on post-validating parser + Use UPDATE_COMPAT() consistently in buf.c + fix: xmlXPathParserContext could be double-delete in OOM case. * Removals and deprecations + Disable XPointer location support by default + Remove outdated xml2Conf.sh + Deprecate module init and cleanup functions + Remove obsolete XML Software Autoupdate (XSA) file + Remove DOCBparser + Remove obsolete Python test framework + Remove broken VxWorks support + Remove broken Mac OS 9 support + Remove broken bakefile support + Remove broken Visual Studio 2010 support + Remove broken Windows CE support + Deprecate IDREF-related functions in valid.h + Deprecate legacy functions + Disable legacy support by default + Deprecate all functions in nanoftp.h + Disable FTP support by default + Add XML_DEPRECATED macro + Remove elfgcchack.h * Regressions + Skip incorrectly opened HTML comments + Restore behavior of htmlDocContentDumpFormatOutput() * Bug fixes + Fix memory leak with invalid XSD + Make XPath depth check work with recursive invocations + Fix memory leak in xmlLoadEntityContent error path + Avoid double-free if malloc fails in inputPush + Properly fold whitespace around the QName value when validating an XSD schema. + Add whitespace folding for some atomic data types that it's missing on. + Don't add IDs containing unexpanded entity references * Improvements + Avoid calling xmlSetTreeDoc + Simplify xmlFreeNode + Don't reset nsDef when changing node content + Fix unintended fall-through in xmlNodeAddContentLen + Remove unused xmlBuf functions + Implement xpath1() XPointer scheme + Add configuration flag for XPointer locations support + Fix compiler warnings in Python code + Mark more static data as `const` + Make xmlStaticCopyNode non-recursive + Clean up encoding switching code + Simplify recursive pthread mutex + Use non-recursive mutex in dict.c + Fix parser progress checks + Avoid arithmetic on freed pointers + Improve buffer allocation scheme + Remove unneeded #includes + Add support for some non-standard escapes in regular expressions. + htmlParseComment: handle abruptly-closed comments + Add let variable tag support + Add value-of tag support + Remove useless call to xmlRelaxNGCleanupTypes + Don't include ICU headers in public headers + Update `xmlStrlen()` to use POSIX / ISO C `strlen()` + Fix unused variable warnings with disabled features + Only warn on invalid redeclarations of predefined entities + Remove unneeded code in xmlreader.c + Rework validation context flags * Portability + Use NAN/INFINITY if available to init XPath NaN/Inf + Fix Python tests on macOS + Fix xmlCleanupThreads on Windows + Fix reinitialization of library on Windows + Don't mix declarations and code in runtest.c + Use portable python shebangs + Use critical sections as mutex on Windows + Don't set HAVE_WIN32_THREADS in win32config.h + Use stdint.h with newer MSVC + Remove cruft from win32config.h + Remove isinf/isnan emulation in win32config.h ... changelog too long, skipping 75 lines ... + Add note about optimization flags ==== libyui ==== Version update (4.4.3 -> 4.4.4) - Fixed main window stacking order in YQMainWinDock to avoid unintentional transparency when QSS-styling YQDialogs (bsc#1199020, bsc#1191112) - 4.4.4 ==== libyui-ncurses ==== Version update (4.4.3 -> 4.4.4) - Fixed main window stacking order in YQMainWinDock to avoid unintentional transparency when QSS-styling YQDialogs (bsc#1199020, bsc#1191112) - 4.4.4 ==== libyui-ncurses-pkg ==== Version update (4.4.3 -> 4.4.4) - Fixed main window stacking order in YQMainWinDock to avoid unintentional transparency when QSS-styling YQDialogs (bsc#1199020, bsc#1191112) - 4.4.4 ==== libyui-qt ==== Version update (4.4.3 -> 4.4.4) - Fixed main window stacking order in YQMainWinDock to avoid unintentional transparency when QSS-styling YQDialogs (bsc#1199020, bsc#1191112) - 4.4.4 ==== libyui-qt-graph ==== Version update (4.4.3 -> 4.4.4) - Fixed main window stacking order in YQMainWinDock to avoid unintentional transparency when QSS-styling YQDialogs (bsc#1199020, bsc#1191112) - 4.4.4 ==== libyui-qt-pkg ==== Version update (4.4.3 -> 4.4.4) - Fixed main window stacking order in YQMainWinDock to avoid unintentional transparency when QSS-styling YQDialogs (bsc#1199020, bsc#1191112) - 4.4.4 ==== mariadb-connector-c ==== Version update (3.3.1 -> 3.3.2) - Update to release 3.3.2 * Enhanced mysql_close() and other related parts to prevent memory leaks when terminating an initiated but unestablished connection ==== memcached ==== Version update (1.6.15 -> 1.6.16) - update to 1.6.16: * proxy: add req:flag_token("F") * proxy: mcp.response code and rline API * proxy: add r:has_flag(), fix r:token() length * proxy: mcp.request() improvements * proxy: mcplib_request_token() doesn't delimit the final token in a request * tls: Disable TLS re-negotiation from SSL context * Fix undefined behavior and warning with clang * proxy: fix the hashstring size for evcache ketama * core: Fix FTBFS with GCC 12 on ppc64el * proxy: fix race crash from io obj use-after-free * proxy: fix mcp.await() when using extended args * proxy: add missing errno.h include to proxy.h * proxy: fix potential corruption on partial write * proxy: rework backend buffer handling to fix protocol desync bug * tests: skip whitespace on vendor/* * tls: Add switch to opt-in to kernel TLS on OpenSSL 3.0.0+ * core: checks port number at start time * Add a command to dump keys for memcached-tool * proxy: 'proxyreqs' does not work unless 'proxyuser' also provided * proxy: replace proxycmds stream with proxyreqs * proxy: mcp.log_req* API interface ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - Use %_pam_vendordir ==== python-FontTools ==== Version update (4.33.3 -> 4.37.1) - Update to 4.37.1 * [subset] Fixed regression introduced with v4.37.0 while subsetting the VarStore of HVAR and VVAR tables, whereby an AttributeError: subset_varidxes was thrown because an apparently unused import statement (with the side-effect of dynamically binding that subset_varidxes method to the VarStore class) had been accidentally deleted in an unrelated PR * [pens] Added cairoPen * [gvar] Read gvar more lazily by not parsing all of the glyf table * [ttGlyphSet] Make drawPoints(pointPen) method work for CFF fonts as well via adapter pen * [cff.specializer] Fixed issue in charstring generalizer with the blend operator * [varLib.models] Added support for extrapolation * [ttGlyphSet] Ensure the newly added _TTVarGlyphSet inherits from _TTGlyphSet to keep backward compatibility with existing API * [kern] Allow compiling legacy kern tables with more than 64k entries * [visitor] Added new visitor API to traverse tree of objects and dispatch based on the attribute type: cf. fontTools.misc.visitor and fontTools.ttLib.ttVisitor. Added fontTools.ttLib.scaleUpem module that uses the latter to change a font's units-per-em and scale all the related fields accordingly * Etc. https://github.com/fonttools/fonttools/compare/4.33.3...4.37.1 ==== python-zipp ==== Version update (3.8.0 -> 3.8.1) - Remove deprecated setup.py hack: move to PEP517 build - Fix requirements * Neither jaraco.itertools nor jaraco.tidelift are used outside testing or documentation building - Ignore that upstream requires Python 3.7 or later since version 3.7.0 - update to 3.8.1: * enrolled in tidelift ==== sssd ==== Version update (2.7.3 -> 2.7.4) Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-krb5-common sssd-ldap - Update to release 2.7.4 * Lock-free client support will be only built if libc provides pthread_key_create() and pthread_once(). For glibc this means version 2.34+. ==== tcpd ==== - Makefile is not parallel-safe ==== userspace-rcu ==== Version update (0.13.1 -> 0.13.2) - Update to version 0.13.2: * Revert "Fix: remove type constness in URCU_FORCE_CAST's C++ version". * Fix: futex.h: include headers outside extern C. * Fix: add missing unused attribute to _rcu_dereference. * Fix: change method used by _rcu_dereference to strip type constness. * Fix: remove type constness in URCU_FORCE_CAST's C++ version. * Move extern "C" down in include/urcu/urcu-bp.h. * Fix: ifdef linux specific cpu count compat. * Set git-review branch to stable-0.13. * Fix: sysconf(_SC_NPROCESSORS_CONF) can be less than max cpu id. * Fix: revise obsolete command in README.md. * Fix: workqueue: remove unused variable "ret". * Fix: futex wait: handle spurious futex wakeups. * Fix: Use %lu rather than %ld to print count. ==== vim ==== Version update (9.0.0224 -> 9.0.0313) Subpackages: vim-data vim-data-common vim-small - Updated to version 9.0.0313, fixes the following problems * Using NULL pointer when skipping compiled code. * Using freed memory with multiple line breaks in expression. * job_start() test may fail under valgrind. * Cannot read error message when abort() is called. * Crash when pattern looks below the last line. * Vim9: error message for missing type is not clear. * No error for comma missing in list in :def function. * Expanding "**" may loop forever with directory links. * Test with BufNewFile autocmd is flaky. * Removing multiple text properties takes many calls. * Cannot make difference between the end of :normal and a character in its argument. * 'autoshelldir' does not work with chunked respose. * Popup menu not removed when 'wildmenu' reset while it is visible. * Mac: cannot build if dispatch.h is not available. * Shift-Tab shows matches on cmdline when 'wildmenu' is off. * Build failure without the +wildmenu feature. * Crash when using ":mkspell" with an empty .dic file. * "make install" does not install shared syntax file. (James McCoy) * "make install" still fails. (Wilhelm Payne) * Text properties "below" sort differently on MS-Windows. * Cannot easily get the list of sourced scripts. * Mechanism to prevent recursive screen updating is incomplete. * Using freed memory when 'tagfunc' deletes the buffer. * Cannot add padding to virtual text without highlight. * Duplicate code in finding a script in the execution stack. * No test for what 9.0.0234 fixes. * Slightly inconsistent error messages. * Test output shows up in git. * Cursor in wrong place after virtual text. * A symlink to an autoload script results in two entries in the list of scripts, items expected in one are actually in the other. * Typo in function name. * Build failure without the eval feature. * Compiler warning for uninitialized variables. * "->" in ":scriptnames" output not tested yet. * Crash with mouse click when not initialized. * Using freed memory when using 'quickfixtextfunc' recursively. * bufload() reads a file even if the name is not a file name. (Cyker Way) * Build failure without the +quickfix feature. * Too many #ifdefs. * No good reason why the "gf" command is not in the tiny version. * Compiler warning for unused argument. * Build error without the +eval feature. * getscriptinfo() does not include the version. Cannot select entries by script name. * Some values of 'path' and 'tags' do not work in the tiny version. * Using INIT() in non-header files. * BufReadCmd not triggered when loading a "nofile" buffer. (Maxim Kim) * Konsole termresponse not recognized. * Netrw plugin does not show remote files. * BufEnter not triggered when using ":edit" in "nofile" buffer. * 'buftype' values not sufficiently tested. * Coverity CI: update-alternatives not needed with Ubuntu 20.04. * The +wildignore feature is nearly always available. * The tiny version has the popup menu but not 'wildmenu'. * The builtin termcap list depends on the version. * Build failure without the +eval feature. * A nested timout stops the previous timeout. * Cannot complete "syn list @cluster". * Using static buffer for multiple completion functions. * It is not easy to change the command line from a plugin. * Using freed memory when location list changed in autocmd. * Irix systems no longer exist. * When 'cmdheight' is zero some messages are not displayed. * Invalid memory write. * Compiler warning for variable set but not used. * Test failing. * Test causes another test to fail. * Messages window not hidden when starting a command line. * Crash when 'cmdheight' is 0 and popup_clear() used. * GUI drop files test sometimes fails. * Message in popup is shortened unnecessary. * Cursor position wrong after right aligned virtual text. (Iizuka Masashi) * Compiler warning for size_t to int conversion. * Error messages for setcmdline() could be better. * 'cpoptions' tests are flaky. * The message window popup is delayed after an error message. * CI for Coverity is bothered by deprecation warnings. * It is not easy to get information about a script. * WinScrolled is not triggered when only skipcol changes. * CI lists useless deprecation warnings. * Buffer write message is two lines in message popup window. * :echomsg doesn't work properly with cmdheight=0. * When cmdheight is zero the attention prompt doesn't show. * Invalid memory access when cmdheight is zero. * Output of :messages dissappears when cmdheight is zero. * Test for hit-Enter prompt fails. * Test for cmdheight zero fails. * Using common name in tests leads to flaky tests. ==== wpebackend-fdo ==== Version update (1.12.0 -> 1.12.1) - Update to version 1.12.1: + Fixed a crash caused by trying to deallocate already freed graphics buffers in certain situations. ==== xen ==== Version update (4.16.2_02 -> 4.16.2_04) - bsc#1201994 - Xen DomU unable to emulate audio device 62fde97e-tools-libxl-Replace-deprecated-soundhw-on-QEMU-command-line.patch - Things are compiling fine now with gcc12. Drop gcc12-fixes.patch ==== yast2 ==== Version update (4.5.10 -> 4.5.11) Subpackages: yast2-logs - On transactional systems, inform the user that packages are required to be installed manually (related to bsc#1199840) - 4.5.11 ==== yast2-core ==== Version update (4.5.2 -> 4.5.3) - Fix a test that would fail in the year 2038 (gh#yast/yast-core#160) - 4.5.3