Packages changed: MicroOS-release (20240419 -> 20240421) NetworkManager (1.44.2 -> 1.44.4) gcc14 (14.0.1+git9885 -> 14.0.1+git10008) glibc gtk2 gtk4 (4.14.2 -> 4.14.3) kernel-firmware (20240322 -> 20240419) libxml2 (2.11.6 -> 2.12.6) libzypp (17.32.4 -> 17.32.5) llvm18 (18.1.3 -> 18.1.4) python-numpy (1.26.2 -> 1.26.4) python311 (3.11.8 -> 3.11.9) python311-core (3.11.8 -> 3.11.9) xfsprogs (6.6.0 -> 6.7.0) === Details === ==== MicroOS-release ==== Version update (20240419 -> 20240421) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== NetworkManager ==== Version update (1.44.2 -> 1.44.4) Subpackages: NetworkManager-bluetooth NetworkManager-wwan libnm0 typelib-1_0-NM-1_0 - Update to version 1.44.4: + Add the 'dns-change' dispatcher event. + Various fixed related to IPv4 duplicate address detection. + Fix support for OVS netdev datapath + Fix handling of IPv6 hop limit ==== gcc14 ==== Version update (14.0.1+git9885 -> 14.0.1+git10008) Subpackages: libatomic1 libgcc_s1 libgfortran5 libgomp1 libquadmath0 libstdc++6 libubsan1 - Update to trunk head, 7c2a9dbcc2c1cb1563774068c59d5e09e, git10008 ==== glibc ==== Subpackages: glibc-locale glibc-locale-base - iconv-iso-2022-cn-ext.patch: iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961, bsc#1222992) ==== gtk2 ==== Subpackages: gtk2-tools libgtk-2_0-0 - Do not recommend the variuos -immodule-*: they have locale based provides which makes zypper install them when the locales are requested. ==== gtk4 ==== Version update (4.14.2 -> 4.14.3) Subpackages: gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0 - Update to version 4.14.3: + GtkShortcutManager: Track the propagation phase of added controllers. + Accessibility: Implement GtkAccessibleRange for scrollbars. + X11: - Fix some confusing debug messages - Drop a no-longer-relevant optimization that was interfering with getting the current window manager capabilities. + Tools: Support generating pdf in gtk4-rendernode-tool. + Updated translations. ==== kernel-firmware ==== Version update (20240322 -> 20240419) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd - Update to version 20240419 (git commit 7eab37522984): * Montage: update firmware for Mont-TSSE * linux-firmware: Add tuning parameter configs for CS35L41 Firmware * linux-firmware: Fix firmware names for Laptop SSID 104316a3 * linux-firmware: Add CS35L41 HDA Firmware for Lenovo Legion Slim 7 16ARHA7 * linux-firmware: update firmware for mediatek bluetooth chip (MT7922) * linux-firmware: update firmware for MT7922 WiFi device * iwlwifi: add gl FW for core87-44 release * iwlwifi: add ty/So/Ma firmwares for core87-44 release * iwlwifi: update cc/Qu/QuZ firmwares for core87-44 release * nvidia: Update Tegra210 XUSB firmware to v50.29 * amdgpu: update beige goby firmware * amdgpu: update dimgrey cavefish firmware * amdgpu: update psp 13.0.11 firmware * amdgpu: update gc 11.0.4 firmware * amdgpu: update navy flounder firmware * amdgpu: update renoir firmware * amdgpu: update vcn 4.0.2 firmware * amdgpu: update sdma 6.0.1 firmware * amdgpu: update psp 13.0.4 firmware * amdgpu: update gc 11.0.1 firmware * amdgpu: update sienna cichlid firmware * amdgpu: update vega20 firmware * amdgpu: update yellow carp firmware * amdgpu: update green sardine firmware * amdgpu: update vega12 firmware * amdgpu: update raven2 firmware * amdgpu: update vcn 4.0.4 firmware * amdgpu: update smu 13.0.7 firmware * amdgpu: update sdma 6.0.2 firmware * amdgpu: update ipsp 13.0.7 firmware * amdgpu: update gc 11.0.2 firmware * amdgpu: update vega10 firmware * amdgpu: update raven firmware * amdgpu: update navi14 firmware * amdgpu: update smu 13.0.10 firmware * amdgpu: update sdma 6.0.3 firmware * amdgpu: update psp 13.0.10 firmware * amdgpu: update gc 11.0.3 firmware * amdgpu: update vcn 3.1.2 firmware * amdgpu: update psp 13.0.5 firmware * amdgpu: update gc 10.3.6 firmware * amdgpu: update navi12 firmware * amdgpu: update arcturus firmware * amdgpu: update vangogh firmware * amdgpu: update navi10 firmware * amdgpu: update vcn 4.0.3 firmware * amdgpu: update smu 13.0.6 firmware * amdgpu: update psp 13.0.6 firmware * amdgpu: update gc 9.4.3 firmware * amdgpu: update vcn 4.0.0 firmware * amdgpu: update smu 13.0.0 firmware * amdgpu: update sdma 6.0.0 firmware * amdgpu: update psp 13.0.0 firmware * amdgpu: update gc 11.0.0 firmware * amdgpu: update firmware * amdgpu: update aldebaran firmware * amdgpu: update psp 13.0.8 firmware * amdgpu: update gc 10.3.7 firmware * linux-firmware: mediatek: Update MT8173 VPU firmware to v1.1.9 * ath10k: WCN3990: hw1.0: add qcm2290 firmware API file * ath10k: WCN3990: hw1.0: move firmware back from qcom/ location * i915: Add DG2 HuC 7.10.15 * amdgpu: DMCUB updates for various AMDGPU ASICs * linux-firmware: update firmware for en8811h 2.5G ethernet phy * rtw89: 8852c: update fw to v0.27.56.14 * rtw89: 8922a: add firmware v0.35.18.0 * rtw88: Add RTL8703B firmware v11.0.0 ==== libxml2 ==== Version update (2.11.6 -> 2.12.6) Subpackages: libxml2-2 libxml2-tools - Update to version 2.12.6 * Regressions - parser: Fix detection of duplicate attributes in XML namespace - xmlreader: Fix xmlTextReaderConstEncoding - html: Fix htmlCreatePushParserCtxt with encoding - xmllint: Return error code if XPath returns empty nodeset - Update to version 2.12.5 * Security - [CVE-2024-25062] xmlreader: Don't expand XIncludes when backtracking * Regressions - parser: Fix crash in xmlParseInNodeContext with HTML documents - Update to version 2.12.4 * Regressions - parser: Fix regression parsing standalone declarations - autotools: Readd --with-xptr-locs configuration option - parser: Fix build --without-output - parser: Don't grow or shrink pull parser memory buffers - io: Fix memory lifetime issue with input buffers - Update to version 2.12.3 * Regressions - parser: Fix namespaces redefined from default attributes * Build fixes - include: Rename XML_EMPTY helper macro - include: Move declaration of xmlInitGlobals - include: Add missing includes - include: Move globals from xmlsave.h to parser.h - include: Readd circular dependency between tree.h and parser.h - Drop libxml2-CVE-2024-25062.patch as it is part of upstream ==== libzypp ==== Version update (17.32.4 -> 17.32.5) - Don't try to refresh volatile media as long as raw metadata are present (bsc#1223094) - version 17.32.5 (32) ==== llvm18 ==== Version update (18.1.3 -> 18.1.4) - Update to version 18.1.4. * Fixes an issue with Arm64EC code generation where calls to some intrinsics implemented in compiler-rt used the wrong name mangling, eventually resulting in unresolved symbol errors during linking. * Fixed an incorrect poison-generating flag preservation in `InstSimplify`. It will fix a miscompilation on RISCV, which turns the incorrect `or disjoint` into an `add`. * Save/restore routines for RV32E/RV64E are added to compiler-rt. * Fix regressions introduced in LLVM 18.1.3 in MIPS atomicrmw min/max codegen. - Include module files for libc++ in libc++-devel. - Rebase llvm-do-not-install-static-libraries.patch. ==== python-numpy ==== Version update (1.26.2 -> 1.26.4) - Update to 1.26.4 * NumPy 1.26.4 is a maintenance release that fixes bugs and regressions discovered after the 1.26.3 release. The Python versions supported by this release are 3.9-3.12. This is the last planned release in the 1.26.x series. * BUG: Restore missing asstr import * MAINT: prepare 1.26.x for further development * BUG: numpy.array_api: fix linalg.cholesky upper decomp... * MAINT, BLD: Fix unused inline functions warnings on clang * TST: Fix test_numeric on riscv64 * MAINT: add newaxis to __all__ in numpy.array_api * BUG: Use large file fallocate on 32 bit linux platforms * TST: Fix test_warning_calls on Python 3.12 * TST: Bump pytz to 2023.3.post1 * BUG: Fix AVX512 build flags on Intel Classic Compiler * BLD: fix potential issue with escape sequences in __config__.py * BLD: unvendor meson-python on 1.26.x and upgrade to meson-python... * MAINT: Include header defining backtrace * BUG: Fix np.quantile([Fraction(2,1)], 0.5) (#24711) - Release 1.26.3 [#]# Compatibility * f2py will no longer accept ambiguous -m and .pyf CLI combinations. When more than one .pyf file is passed, an error is raised. When both -m and a .pyf is passed, a warning is emitted and the -m provided name is ignored. [#]# Improvements * f2py now handles common blocks which have kind specifications from modules. This further expands the usability of intrinsics like iso_fortran_env and iso_c_binding. [#]# Pull requests merged * MAINT: prepare 1.26.x for further development * TYP: add None to __getitem__ in numpy.array_api * BLD,BUG: quadmath required where available [f2py] * BUG: alpha doesn't use REAL(10) * BUG: Fix FP overflow error in division when the divisor is scalar * MAINT: Pin scipy-openblas version. * BUG: Fix f2py to enable use of string optional inout argument * BUG: Fix -fsanitize=alignment issue in numpy/_core/src/multiarray/arraytypes.c.src * TST: Explicitly pass NumPy path to cython during tests (also... * BUG: fix issues with newaxis and linalg.solve in numpy.array_api * BUG: Disallow shadowed modulenames * BUG: Handle common blocks with kind specifications from modules * BUG: Fix moving compiled executable to root with f2py -c on Windows * BUG: Fix single to half-precision conversion on PPC64/VSX3 * TST: f2py: fix issue in test skip condition * Revert "MAINT: Pin scipy-openblas version." * MAINT: do not use long type * TST: PyPy needs another gc.collect on latest versions * MAINT: Bump conda-incubator/setup-miniconda from 2.2.0 to 3.0.1 * BLD: update vendored Meson for AIX shared library fix * MAINT: Init base in cpu_avx512_kn * BUG: Fix failing test_features on SapphireRapids * BUG: Fix non-contiguous memory load when ARM/Neon is enabled * MAINT,BUG: Never import distutils above 3.12 [f2py] * MAINT: make the import-time check for old Accelerate more specific * MAINT: Bump actions/setup-node and larsoner/circleci-artifacts-redirector-action * BUG: avoid seg fault from OOB access in RandomState.set_state() * BUG: Fix two errors related to not checking for failed allocations * BUG: Fix regression with f2py wrappers when modules and subroutines... * BUG: Fix build issues on SPR * BLD: fix uninitialized variable warnings from simd/neon/memory.h * BUG: Handle iso_c_type mappings more consistently * BUG: Fix module name bug in signature files [urgent] [f2py] * BUG: Handle .pyf.src and fix SciPy [urgent] * DOC: f2py rewrite with meson details * BUG: Add external library handling for meson [f2py] * MAINT: Run f2py's meson backend with the same python that ran... * MAINT: Update numpy/f2py/_backends from main. * MAINT: Easy updates of f2py/*.py from main. * MAINT: Update crackfortran.py and f2py2e.py from main ==== python311 ==== Version update (3.11.8 -> 3.11.9) - Add CVE-2023-52425-libexpat-2.6.0-backport.patch to fix tests with patched libexpat below 2.6.0 that doesn't update the version number, just in SLE. - Remove not needed upstream patches: * libexpat260.patch * CVE-2023-6597-TempDir-cleaning-symlink.patch, bsc#1219666 - Update to 3.11.9: * Security - gh-115398: Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425, bsc#1219559) by adding five new methods: xml.etree.ElementTree.XMLParser.flush() xml.etree.ElementTree.XMLPullParser.flush() xml.parsers.expat.xmlparser.GetReparseDeferralEnabled() xml.parsers.expat.xmlparser.SetReparseDeferralEnabled() xml.sax.expatreader.ExpatParser.flush() - gh-115399: Update bundled libexpat to 2.6.0 - gh-115243: Fix possible crashes in collections.deque.index() when the deque is concurrently modified. - gh-114572: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads. * Core and Builtins - gh-116296: Fix possible refleak in object.__reduce__() internal error handling. - gh-116034: Fix location of the error on a failed assertion. - gh-115823: Properly calculate error ranges in the parser when raising SyntaxError exceptions caused by invalid byte sequences. Patch by Pablo Galindo - gh-112087: For an empty reverse iterator for list will be reduced to reversed(). Patch by Donghee Na. - gh-115011: Setters for members with an unsigned integer type now support the same range of valid values for objects that has a __index__() method as for int. - gh-96497: Fix incorrect resolution of mangled class variables used in assignment expressions in comprehensions. * Library - gh-117310: Fixed an unlikely early & extra Py_DECREF triggered crash in ssl when creating a new _ssl._SSLContext if CPython was built implausibly such that the default cipher list is empty or the SSL library it was linked against reports a failure from its C SSL_CTX_set_cipher_list() API. - gh-117178: Fix regression in lazy loading of self-referential modules, introduced in gh-114781. - gh-117084: Fix zipfile extraction for directory entries with the name containing backslashes on Windows. - gh-117110: Fix a bug that prevents subclasses of typing.Any to be instantiated with arguments. Patch by Chris Fu. - gh-90872: On Windows, subprocess.Popen.wait() no longer calls WaitForSingleObject() with a negative timeout: pass 0 ms if the timeout is negative. Patch by Victor Stinner. - gh-116957: configparser: Don’t leave ConfigParser values in an invalid state (stored as a list instead of a str) after an earlier read raised DuplicateSectionError or DuplicateOptionError. - gh-90095: Ignore empty lines and comments in .pdbrc - gh-116764: Restore support of None and other false values in urllib.parse functions parse_qs() and parse_qsl(). Also, they now raise a TypeError for non-zero integers and non-empty sequences. - gh-116811: In PathFinder.invalidate_caches, delegate to MetadataPathFinder.invalidate_caches. - gh-116600: Fix repr() for global Flag members. - gh-116484: Change automatically generated tkinter.Checkbutton widget names to avoid collisions with automatically generated tkinter.ttk.Checkbutton widget names within the same parent widget. - gh-116401: Fix blocking os.fwalk() and shutil.rmtree() on opening named pipe. - gh-116143: Fix a race in pydoc _start_server, eliminating a window in which _start_server can return a thread that is “serving” but without a docserver set. - gh-116325: typing: raise SyntaxError instead of AttributeError on forward references as empty strings. - gh-90535: Fix support of interval values > 1 in logging.TimedRotatingFileHandler for when='MIDNIGHT' and when='Wx'. - gh-115978: Disable preadv(), readv(), pwritev(), and writev() on WASI. - Under wasmtime for WASI 0.2, these functions don’t pass test_posix (https://github.com/bytecodealliance/wasmtime/issues/7830). - gh-88352: Fix the computation of the next rollover time in the logging.TimedRotatingFileHandler handler. computeRollover() now always returns a timestamp larger than the specified time and works correctly during the DST change. doRollover() no longer overwrite the already rolled over file, saving from data loss when run at midnight or during repeated time at the DST change. - gh-87115: Set __main__.__spec__ to None when running a script with pdb - gh-76511: Fix UnicodeEncodeError in email.Message.as_string() that results when a message that claims to be in the ascii character set actually has non-ascii characters. Non-ascii characters are now replaced with the U+FFFD replacement character, like in the replace error handler. - gh-75988: Fixed unittest.mock.create_autospec() to pass the call through to the wrapped object to return the real result. - gh-115881: Fix issue where ast.parse() would incorrectly flag conditional context managers (such as with (x() if y else z()): ... changelog too long, skipping 156 lines ... 64-bit platforms. ==== python311-core ==== Version update (3.11.8 -> 3.11.9) Subpackages: libpython3_11-1_0 python311-base - Add CVE-2023-52425-libexpat-2.6.0-backport.patch to fix tests with patched libexpat below 2.6.0 that doesn't update the version number, just in SLE. - Remove not needed upstream patches: * libexpat260.patch * CVE-2023-6597-TempDir-cleaning-symlink.patch, bsc#1219666 - Update to 3.11.9: * Security - gh-115398: Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425, bsc#1219559) by adding five new methods: xml.etree.ElementTree.XMLParser.flush() xml.etree.ElementTree.XMLPullParser.flush() xml.parsers.expat.xmlparser.GetReparseDeferralEnabled() xml.parsers.expat.xmlparser.SetReparseDeferralEnabled() xml.sax.expatreader.ExpatParser.flush() - gh-115399: Update bundled libexpat to 2.6.0 - gh-115243: Fix possible crashes in collections.deque.index() when the deque is concurrently modified. - gh-114572: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads. * Core and Builtins - gh-116296: Fix possible refleak in object.__reduce__() internal error handling. - gh-116034: Fix location of the error on a failed assertion. - gh-115823: Properly calculate error ranges in the parser when raising SyntaxError exceptions caused by invalid byte sequences. Patch by Pablo Galindo - gh-112087: For an empty reverse iterator for list will be reduced to reversed(). Patch by Donghee Na. - gh-115011: Setters for members with an unsigned integer type now support the same range of valid values for objects that has a __index__() method as for int. - gh-96497: Fix incorrect resolution of mangled class variables used in assignment expressions in comprehensions. * Library - gh-117310: Fixed an unlikely early & extra Py_DECREF triggered crash in ssl when creating a new _ssl._SSLContext if CPython was built implausibly such that the default cipher list is empty or the SSL library it was linked against reports a failure from its C SSL_CTX_set_cipher_list() API. - gh-117178: Fix regression in lazy loading of self-referential modules, introduced in gh-114781. - gh-117084: Fix zipfile extraction for directory entries with the name containing backslashes on Windows. - gh-117110: Fix a bug that prevents subclasses of typing.Any to be instantiated with arguments. Patch by Chris Fu. - gh-90872: On Windows, subprocess.Popen.wait() no longer calls WaitForSingleObject() with a negative timeout: pass 0 ms if the timeout is negative. Patch by Victor Stinner. - gh-116957: configparser: Don’t leave ConfigParser values in an invalid state (stored as a list instead of a str) after an earlier read raised DuplicateSectionError or DuplicateOptionError. - gh-90095: Ignore empty lines and comments in .pdbrc - gh-116764: Restore support of None and other false values in urllib.parse functions parse_qs() and parse_qsl(). Also, they now raise a TypeError for non-zero integers and non-empty sequences. - gh-116811: In PathFinder.invalidate_caches, delegate to MetadataPathFinder.invalidate_caches. - gh-116600: Fix repr() for global Flag members. - gh-116484: Change automatically generated tkinter.Checkbutton widget names to avoid collisions with automatically generated tkinter.ttk.Checkbutton widget names within the same parent widget. - gh-116401: Fix blocking os.fwalk() and shutil.rmtree() on opening named pipe. - gh-116143: Fix a race in pydoc _start_server, eliminating a window in which _start_server can return a thread that is “serving” but without a docserver set. - gh-116325: typing: raise SyntaxError instead of AttributeError on forward references as empty strings. - gh-90535: Fix support of interval values > 1 in logging.TimedRotatingFileHandler for when='MIDNIGHT' and when='Wx'. - gh-115978: Disable preadv(), readv(), pwritev(), and writev() on WASI. - Under wasmtime for WASI 0.2, these functions don’t pass test_posix (https://github.com/bytecodealliance/wasmtime/issues/7830). - gh-88352: Fix the computation of the next rollover time in the logging.TimedRotatingFileHandler handler. computeRollover() now always returns a timestamp larger than the specified time and works correctly during the DST change. doRollover() no longer overwrite the already rolled over file, saving from data loss when run at midnight or during repeated time at the DST change. - gh-87115: Set __main__.__spec__ to None when running a script with pdb - gh-76511: Fix UnicodeEncodeError in email.Message.as_string() that results when a message that claims to be in the ascii character set actually has non-ascii characters. Non-ascii characters are now replaced with the U+FFFD replacement character, like in the replace error handler. - gh-75988: Fixed unittest.mock.create_autospec() to pass the call through to the wrapped object to return the real result. - gh-115881: Fix issue where ast.parse() would incorrectly flag conditional context managers (such as with (x() if y else z()): ... changelog too long, skipping 156 lines ... 64-bit platforms. ==== xfsprogs ==== Version update (6.6.0 -> 6.7.0) - update to 6.7.0 - xfsprogs: Several configure script updates - xfs_io: Use system's SEEK_DATA and SEEK_HOLE definition - xfsprogs: Remove platform_defs.h generation on build time - xfs_db: Fix metadata read error due hardcoded initialization of bb_count - xfsprogs: Request 64-bit time_t where possible - xfsprogs: Remove use of LFS64 interfaces