Packages changed: alsa apparmor at-spi2-core (2.40.1 -> 2.40.2) avahi baloo5-widgets (21.04.1 -> 21.04.2) compat-usrmerge cups distribution-logos-openSUSE dolphin (21.04.1 -> 21.04.2) gobject-introspection gpsd gupnp (1.2.6 -> 1.2.7) kaccounts-integration (21.04.1 -> 21.04.2) kate (21.04.1 -> 21.04.2) kde-print-manager (21.04.1 -> 21.04.2) kdialog (21.04.1 -> 21.04.2) kio-extras5 (21.04.1 -> 21.04.2) konsole (21.04.1 -> 21.04.2) kwalletmanager5 (21.04.1 -> 21.04.2) libX11 (1.7.1 -> 1.7.2) libapparmor libgnomekbd libnettle (3.7.2 -> 3.7.3) librsvg (2.50.6 -> 2.50.7) linux-atm mpg123 (1.27.2 -> 1.28.0) openSUSE-build-key pam-config plasma5-workspace polkit python-attrs (20.3.0 -> 21.2.0) python-idna (3.1 -> 3.2) python-more-itertools (8.7.0 -> 8.8.0) python-oauthlib (3.1.0 -> 3.1.1) python38 python38-core setools u-boot-rpiarm64 === Details === ==== alsa ==== - Fix regression in config read and UCM handling on pipewire and pulseaudio (boo#1187079, boo#1187033): 0001-conf-fix-load_for_all_cards.patch 0002-ucm-add-_alibpref-to-get-the-private-device-prefix.patch 0003-ucm-fix-_alibpref-string-add-.-delimiter-to-the-end.patch ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor - move Requires: python3 back to the python3-apparmor subpackage - readline usage is in the python modules, not in apparmor-utils - Remove python symbols (python means currently python2), work only with python3 ones (fallout from bsc#1185588). ==== at-spi2-core ==== Version update (2.40.1 -> 2.40.2) Subpackages: libatspi0 typelib-1_0-Atspi-2_0 - Update to version 2.40.2: + README: Remove outdated links. + Key grab fixes for the new API. + registryd: Add a missing call to va_end. ==== avahi ==== Subpackages: libavahi-client3 libavahi-common3 libavahi-core7 - Fix libavahi-devel requirements. The devel package installs libavahi-libevent.so but didn't require the library it's pointing to. ==== baloo5-widgets ==== Version update (21.04.1 -> 21.04.2) - Update to 21.04.2 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/21.04.2 - No code change since 21.04.1 ==== compat-usrmerge ==== - early exit in case of overlayfs (boo#1187027) - Avoid dependency on mountpoint from util-linux - Also check for availability of find - fix conversion with split /usr (boo#1186781) - exit early if one of the affected directories has mountpoint beneath it - add fallback for filesystems without renameat2 (boo#1186637) ==== cups ==== Subpackages: cups-client cups-config libcups2 libcupsimage2 - Provide /usr/share/cups/ppdc/ in the "cups" main package to avoid that "lpinfo -m" results in /var/log/cups/error_log things like "ppdc: Unable to find include file font.defs" or "ppdc: Unable to find include file hp.h" and then "Bad driver information file /usr/share/cups/drv/sample.drv" (bsc#1186843) ==== distribution-logos-openSUSE ==== - Add icons package to handle systemd branding better ==== dolphin ==== Version update (21.04.1 -> 21.04.2) Subpackages: dolphin-part libdolphinvcs5 - Update to 21.04.2 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/21.04.2 - Changes since 21.04.1: * Fix crash on Wayland when closing the mainwindow while another dialog is open * [contextmenusettingspage] Fix Crash because of nullptr (kde#437539) * search/facetswidget: Check for protocol before trying to fetch tags (kde#435586) ==== gobject-introspection ==== Subpackages: girepository-1_0 libgirepository-1_0-1 - gi-find-deps.sh: on Tumbleweed, HOSTTYPE on ppc64/ppc64le reports powerpc64 and powerpc64le: accept those strings as 64bit archs. ==== gpsd ==== - disable lto on aarch64 for now (bsc#1187089) ==== gupnp ==== Version update (1.2.6 -> 1.2.7) - Update to version 1.2.7: + Fix build with -Wformat-security=error + Bump required GLib version to 2.66 + Fix some introspection annotations + Add missing varargs functions to vapi + Revert fix from 1.2.5 which causes managed control points to live too long ==== kaccounts-integration ==== Version update (21.04.1 -> 21.04.2) - Update to 21.04.2 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/21.04.2 - No code change since 21.04.1 ==== kate ==== Version update (21.04.1 -> 21.04.2) Subpackages: kate-plugins - Update to 21.04.2 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/21.04.2 - Changes since 21.04.1: * Prevent crash in git-blame for HUGE git commits (kde#437683) * Fix crash when turning on "bg shading" for Documents plugin * deactivate Kate command bar if KXMLGui command bar is there ==== kde-print-manager ==== Version update (21.04.1 -> 21.04.2) - Update to 21.04.2 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/21.04.2 - No code change since 21.04.1 ==== kdialog ==== Version update (21.04.1 -> 21.04.2) - Update to 21.04.2 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/21.04.2 - No code change since 21.04.1 ==== kio-extras5 ==== Version update (21.04.1 -> 21.04.2) Subpackages: libkioarchive5 - Update to 21.04.2 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/21.04.2 - Changes since 21.04.1: * thumbnail: Check shm size before writing to it ==== konsole ==== Version update (21.04.1 -> 21.04.2) Subpackages: konsole-part - Update to 21.04.2 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/21.04.2 - Changes since 21.04.1: * Allow /bin/sh as a profile command (kde#436242) * Fix alpha channel of scrollbar colors (kde#437223) * Don't override profile icon in "New Tab" menu (kde#437200) * Fix crash when using a color scheme with random colors (kde#434892) * Fix type of randomSeed parameter - Drop upstream patch: * 0001-Fix-alpha-channel-of-scrollbar-colors.patch ==== kwalletmanager5 ==== Version update (21.04.1 -> 21.04.2) - Update to 21.04.2 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/21.04.2 - No code change since 21.04.1 ==== libX11 ==== Version update (1.7.1 -> 1.7.2) Subpackages: libX11-6 libX11-data libX11-xcb1 - Update to version 1.7.2 * bug fix release, correcting a regression introduced by and improving the checks from the fix for CVE-2021-31535. - supersedes U_Check-for-NULL-strings-before-getting-their-lengths.patch ==== libapparmor ==== - move Requires: python3 back to the python3-apparmor subpackage - readline usage is in the python modules, not in apparmor-utils - Remove python symbols (python means currently python2), work only with python3 ones (fallout from bsc#1185588). ==== libgnomekbd ==== Subpackages: gnomekbd-tools libgnomekbd8 - Add libgnomekbd_avoid_implicit_definition.patch: Add string.h into include files to avoid inplicit definition warning in building. This change is to meet the needs of the inspection of maintaince build checking script(bnc#1160963, bnc#1034390, glgo#GNOME/libgnomekbd!7) - Add libgnomekbd-set-default-indicator.patch: set the common keyboard layout indicator as "default" to avoid misleading (bnc#1034390). ==== libnettle ==== Version update (3.7.2 -> 3.7.3) Subpackages: libhogweed6 libnettle8 - GNU Nettle 3.7.3: [CVE-2021-3580, bsc#1187060] * Fix crash for zero input to rsa_sec_decrypt and rsa_decrypt_tr. Potential denial of service vector. * Ensure that all of rsa_decrypt_tr and rsa_sec_decrypt return failure for out of range inputs, instead of either crashing, or silently reducing input modulo n. Potential denial of service vector. * Ensure that rsa_decrypt returns failure for out of range inputs, instead of silently reducing input modulo n. * Ensure that rsa_sec_decrypt returns failure if the message size is too large for the given key. Unlike the other bugs, this would typically be triggered by invalid local configuration, rather than by processing untrusted remote data. ==== librsvg ==== Version update (2.50.6 -> 2.50.7) Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0 - Update to version 2.50.7: + Two cairo-related bug fixes: - glgo#GNOME/librsvg#745: Fix mismatched cairo_save/restore when running in inside the Cairo test suite. - glgo#GNOME/librsvg#746: Possible cairo_save() without cairo_restore() in render_layer(). ==== linux-atm ==== - Use %_firmwaredir ==== mpg123 ==== Version update (1.27.2 -> 1.28.0) - Update to version 1.28.0 build: * Fix up the build to actually build all library objects with libtool consistently, also ensuring no pointless static archives for output modules. * Adapted things to autoconf 2.71, requiring 2.69 now * Improved configure to be more useful --with-default-audio to define the search order, fix static build for --with-audio being a list (just choosing the first one). * Ensure consistent use of LINK_MPG123_DLL in headers. build (ports/cmake): * Hardcode ports/cmake CPU detection for x64 and ARM as CMAKE_SYSTEM_PROCESSOR is useless crap (bug 298 for real). * Added JACK output, fixed handling of compat_str there libsyn123: * Fix syn123_mix() to actually do intermediate conversion when input and output encoding are the same but non-float. This makes out123 --mix work with s16 input and output, which is not that special! libmpg123: * Fix misguided handling of part2_3_length checks in III_get_scale_factors_1() and III_get_scale_factors_2() which invalidated decoding of a mono source encoded as ms+i-stereo (bug 312). This was a regression introduced with version 1.25.7. libout123: * Print basic module loading errors only for last one in list. This enables use of an output module search list that anticipates module files not installed with the main package. ==== openSUSE-build-key ==== - remove dumpsigs, unused since SLE12+ (rpm 4.x) (bsc#1186827) - add URL - spec-cleaner run - Merge changes from openSUSE Leap 15.3 for rpm-repos-openSUSE (boo#1186593) - Refresh the SLE15 build@suse.de key * Updated gpg-pubkey-39db7c82-5847eb1f.asc ==== pam-config ==== - Add "revoke" to the option list for pam_keyinit (Remove some leftover debugs while we're at it) [pam-config-fix-pam_keyinit-options.patch] - prior to writing an service-specific config file, the main function calls access() on the destination file in /etc/pam.d. This will fail and no config file will be written when the original config file was installed in /usr/etc/pam.d. A similar problem exists when creating the new service file: create_service_file() wants to give the new service file the same user, group and mode as the old one, but the old one may not exist. In that case, set these to 0(root), 0(root), and 0644. [pam-config-remove-bad-access-call.patch] ==== plasma5-workspace ==== Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-libs xembedsniproxy - Add another patch to fix migration of krunner shortcuts from Plasma < 5.17 (boo#1187204): * 0001-krunerglobalshortcuts-Fix-migration-from-old-compone.patch ==== polkit ==== Subpackages: libpolkit0 typelib-1_0-Polkit-1_0 - Fix verifyscript: the path to the binary was wrongly defined as %{_libexecdir}/lib. - CVE-2021-3560: fixed a local privilege escalation using polkit_system_bus_name_get_creds_sync() (bsc#1186497) CVE-2021-3560.patch ==== python-attrs ==== Version update (20.3.0 -> 21.2.0) - update to 21.2.0: * We had to revert the recursive feature for ``attr.evolve()`` because it broke some use-cases -- sorry! * Python 3.4 is now blocked using packaging metadata because ``attrs`` can't be imported on it anymore. * The long-awaited, much-talked-about, little-delivered ``import attrs`` is finally upon us! * The *cmp* argument to ``attr.s()`` and `attr.ib()` has been **undeprecated** It will continue to be supported as syntactic sugar to set *eq* and *order* in one go. * Further smaller changes, see included Changelog.md ==== python-idna ==== Version update (3.1 -> 3.2) - update to 3.2: * Add type hints (Thanks, Seth Michael Larson!) * Remove support for Python 3.4 ==== python-more-itertools ==== Version update (8.7.0 -> 8.8.0) - update to 8.8.0: * :func:`countable` (thanks to krzysieq) * :func:`split_before` was updated to handle empy collections (thanks to TiunovNN) * :func:`unique_everseen` got a performance boost (thanks to Numerlor) * The type hint for :func:`value_chain` was corrected (thanks to vr2262) - %check: use %pyunittest rpm macro ==== python-oauthlib ==== Version update (3.1.0 -> 3.1.1) - update to 3.1.1: * #753: Fix acceptance of valid IPv6 addresses in URI validation * #730: Base OAuth2 Client now has a consistent way of managing the `scope`: it consistently relies on the `scope` provided in the constructor if any, except if overridden temporarily in a method call. Note that in particular providing a non-None `scope` in `prepare_authorization_request` or `prepare_refresh_token` does not override anymore `self.scope` forever, it is just used temporarily. * #726: MobileApplicationClient.prepare_request_uri and MobileApplicationClient.parse_request_uri_response, ServiceApplicationClient.prepare_request_body, and WebApplicationClient.prepare_request_uri now correctly use the default `scope` provided in constructor. * #725: LegacyApplicationClient.prepare_request_body now correctly uses the default `scope` provided in constructor * #711: client_credentials grant: fix log message * #746: OpenID Connect Hybrid - fix nonce not passed to add_id_token * #756: Different prompt values are now handled according to spec (e.g. prompt=none) * #759: OpenID Connect - fix Authorization: Basic parsing * #716: improved skeleton validator for public vs private client * #720: replace mock library with standard unittest.mock * #727: build isort integration * #734: python2 code removal * #735, #750: add python3.8 support * #749: bump minimum versions of pyjwt and cryptography - drop o_switch_to_unitest_mock.patch (upstream) ==== python38 ==== - allow building against sphinx 3.x+ - Stop providing "python" symbol (bsc#1185588), which means python2 currently. ==== python38-core ==== Subpackages: libpython3_8-1_0 python38-base - allow building against sphinx 3.x+ - Stop providing "python" symbol (bsc#1185588), which means python2 currently. ==== setools ==== - Fix dependency of python3-setools: require python3, not python (which is python2). ==== u-boot-rpiarm64 ==== Subpackages: u-boot-rpiarm64-doc Fix Ethernet PHY initialization on OdroidC2 (boo#1187095) Patch queue updated from https://github.com/openSUSE/u-boot.git tumbleweed-2021.04 * Patches added: 0015-arm64-dts-meson-odroidc2-readd-PHY-.patch