Packages changed: ImageMagick (7.1.0.33 -> 7.1.0.35) MozillaFirefox (100.0 -> 100.0.2) NetworkManager (1.36.4 -> 1.38.0) aaa_base (84.87+git20220419.bf51b75 -> 84.87+git20220518.dc83f4e) adobe-sourcecodepro-fonts (2.030 -> 2.038) at (3.2.4 -> 3.2.5) autofs autotrace aws-cli (1.23.11 -> 1.24.1) bubblewrap (0.6.1 -> 0.6.2) cifs-utils (6.14 -> 6.15) csmash elfutils-debuginfod gimp glibc gucharmap (13.0.0 -> 14.0.3) hplip imlib2 jfsutils kernel-64kb (5.17.7 -> 5.17.9) kernel-firmware (20220509 -> 20220516) kernel-source (5.17.7 -> 5.17.9) libass (0.15.2 -> 0.16.0) libbpf (0.7.0 -> 0.8.0) libcap-ng (0.7.11 -> 0.8.3) libdv libinput libreoffice librsvg (2.54.1 -> 2.54.3) libxfce4ui libyui (4.4.0 -> 4.4.1) libyui-ncurses (4.4.0 -> 4.4.1) libyui-ncurses-pkg (4.4.0 -> 4.4.1) libyui-qt (4.4.0 -> 4.4.1) libyui-qt-graph (4.4.0 -> 4.4.1) libyui-qt-pkg (4.4.0 -> 4.4.1) lttng-ust (2.13.0 -> 2.13.2) mjpegtools mozjs91 (91.7.0 -> 91.9.0) multipath-tools (0.8.8+64+suse.f265f7e0 -> 0.8.9+90+suse.71a70fb) okteta (0.26.7 -> 0.26.8) orca (42.0 -> 42.1) pam_ssh parted pcre pentobi (20.0 -> 21.0) perl (5.34.0 -> 5.34.1) python-boto3 (1.22.11 -> 1.23.1) python-botocore (1.25.11 -> 1.26.1) transactional-update (4.0.0~rc2 -> 4.0.0~rc4) yast2-packager (4.5.3 -> 4.5.4) === Details === ==== ImageMagick ==== Version update (7.1.0.33 -> 7.1.0.35) Subpackages: ImageMagick-config-7-SUSE ImageMagick-extra libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10 - version update to 7.1.0.35 see the upstream changelog: * https://github.com/ImageMagick/Website/blob/main/ChangeLog.md ==== MozillaFirefox ==== Version update (100.0 -> 100.0.2) Subpackages: MozillaFirefox-translations-common - Mozilla Firefox 100.0.2 MFSA 2022-19 (bsc#1199768) * CVE-2022-1802 (bmo#1770137) Prototype pollution in Top-Level Await implementation * CVE-2022-1529 (bmo#1770048) Untrusted input used in JavaScript object indexing, leading to prototype pollution - Mozilla Firefox 100.0.1: * Fixed: Fixed an issue with subtitles in Picture-in-Picture mode while using Netflix (bmo#1768818) * Fixed: Fixed an issue where some commands were unavailable in the Picture-in-Picture window (bmo#1768201) ==== NetworkManager ==== Version update (1.36.4 -> 1.38.0) Subpackages: NetworkManager-pppoe libnm0 typelib-1_0-NM-1_0 - Update to version 1.38.0: + Add support for route type "throw". + Fix bug setting priority for IP addresses. + Static IPv6 addresses from "ipv6.addresses" are now preferred over addresses from DHCPv6, which are preferred over addresses from autoconf. This affects IPv6 source address selection, if the rules from RFC 6724, section 5 don't give a exhaustive match. + Static IPv6 addresses from "ipv6.addresses" are now interpreted with first address being preferred. Their order got inverted. This is now consistent with IPv4. + Wi-Fi hotspots will use a (stable) random channel number unless one is chosen manually. + Don't use unsupported SAE/WPA3 mode for AP mode. + NetworkManager will no longer advertise frequencies as supported when they're disallowed in configured regulatory domain. + Attempt to connect to WEP-encrypted Wi-Fi network will now fail gracefully with a recent version of wpa_supplicant when built without WEP support. As long as wpa_supplicant supports WEP, NetworkManager will continue to work. + Disable WPA3 transition mode for wifi.key-mgmt=wpa-psk if the NIC does not support PMF. This is known to cause problems in some setups. It is still possible to explicitly configure wifi.key-mgmt=sae for WPA3. + Add new dummy crypto backend "null" that does nothing. NetworkManager uses the crypto library when handling certificates for 802.1x profiles. + Veth devices with name "eth*" are now managed by default via the udev rule. This is to support managing the network in LXD containers. + The hostname received from DHCP is now shortened to the first dot (or to 64 characters, whatever comes first) if it's too long. + As the insecure WEP encryption for Wi-Fi network is phased out, nmcli now discourages its use when activating or modifying a profile. + Fix connectivity checks in case the check endpoint address resolves to multiple addresses. + Workaround libcurl blocking NetworkManager while resolving DNS names. + nmcli: indicate missing Wi-Fi hardware when showing rfkill setting. + nmcli: add connection migrate command to move a profile to a specified settings plugin. This allows to convert profiles in the deprecated ifcfg-rh format to keyfile. + Set "src" attribute for routes from DHCPv4 to the leased address. This helps with source address selection. + Various bugfixes and internal improvements. + Updated translations. - Recommend NetworkNanager-wifi from the main package: after the split, there is currently nothing pulling in NM-wifi. Preferably this would happen based on wifi chips prsence, but that is not yet done (boo#1199550). - Modify NetworkManager.spec: Split into a few small subpackages (bsc#1198128). ==== aaa_base ==== Version update (84.87+git20220419.bf51b75 -> 84.87+git20220518.dc83f4e) Subpackages: aaa_base-extras - Update to version 84.87+git20220518.dc83f4e: * Also in /etc/profile, rootsh is not restricted - Update to version 84.87+git20220518.78b2a0b: * The wrapper rootsh is not a restricted shell ==== adobe-sourcecodepro-fonts ==== Version update (2.030 -> 2.038) - Update to version 2.038 ( roman fonts ) / 1.058 ( italic fonts ) ==== at ==== Version update (3.2.4 -> 3.2.5) - Update to version 3.2.5: + Fix: atd forgets to run a job in the queue (deb#1004972). - Switch to dynamic UIDs instead of hardcoding 25 ==== autofs ==== - Use OPTIONS instead of AUTOFS_OPTIONS in /etc/sysconfig/autofs (bsc#1199027) ==== autotrace ==== Subpackages: libautotrace3 - biWidth*biBitCnt integer overflow fix (bsc#1182158, CVE-2019-19004, CVE-2019-19004.patch). - Bitmap double free fix (bsc1182159, CVE-2019-19005, CVE-2017-9182, CVE-2017-9190, CVE-2019-19005.patch). ==== aws-cli ==== Version update (1.23.11 -> 1.24.1) - Update to version 1.24.1 + For detailed changes see https://github.com/aws/aws-cli/blob/1.24.1/CHANGELOG.rst - Update Requires in spec file from setup.py ==== bubblewrap ==== Version update (0.6.1 -> 0.6.2) Subpackages: bubblewrap-zsh-completion - Update to version 0.6.2: + New features in Meson build: - Auto-detect whether the man page can be generated. - -Dbwrapdir=... changes the installation directory (useful when being used as a subproject). - -Dtests=false disables unit tests. + Bug fixes: - Add --add-seccomp-fd to shell completions - Document --add-seccomp-fd, --json-status-fd and --share-net in the man page - Add attributes to silence various compiler warnings - Allow compilation of tests with musl on mips architectures - Allow compilation with older glibc - Disable sanitizers for a test helper whose seccomp profile breaks the instrumentation - Disable AddressSanitizer leak detection where it interferes with unit testing ==== cifs-utils ==== Version update (6.14 -> 6.15) - Update to version 6.15 * CVE-2022-27239: mount.cifs: fix length check for ip option parsing Previous check was true whatever the length of the input string was, leading to a buffer overflow in the subsequent strcpy call. * mount.cifs: fix verbose messages on option parsing ==== csmash ==== - Build with to pkgconfig(sdl) so we can use sdl12_compat. ==== elfutils-debuginfod ==== - Add config-Move-the-2-dev-null-inside-the-sh-c-quotes-fo.patch in order to fix boo#1199265. ==== gimp ==== Subpackages: gimp-plugin-aa gimp-plugins-python libgimp-2_0-0 libgimpui-2_0-0 - Add gimp-CVE_2022-30067.patch: fix out of memory when reading XCF (boo#1199653 CVE-2022-30067). ==== glibc ==== Subpackages: glibc-devel glibc-extra glibc-locale glibc-locale-base nscd - nptl-spurious-eintr.patch: nptl: Handle spurious EINTR when thread cancellation is disabled (BZ #29029) - Follow the distro default gcc version to build the cross bootstrap packages. - switched to https urls ==== gucharmap ==== Version update (13.0.0 -> 14.0.3) Subpackages: libgucharmap_2_90-7 - Update to version 14.0.3: + Classify characters without script name properly + all: Use PCRE2 instead of GRegex + build: - Enforce required unicode data version - Fix build with meson 0.60 - Fix warning about incompatible pointer return type - Fix warning about unused variable 'priv' - Remove unwanted warning + charmap: Search in details by default + chartable: - Improve Korean Hanja Pronunciations property - Mark special script and block names in italic - Use device scale for character popup + help: Remove duplicate entry + lib: - Enable alphabetical sorting of the Unicode blocks - Remove bogus volatile from type builtins code + unicode: - Add strings to prepare unicode 14 update - Update for unicode 14.0.0 + Updated translations. - Drop a8ee037f8cf151b8b65354bc93c56953e41f5a22.patch: fixed upstream. ==== hplip ==== Subpackages: hplip-hpijs hplip-sane - Add rebased hplip-3.20.6-python-includes.patch to fix the non- functional scanning: libsane-hpaio.so.1: undefined symbol: _DBG (fixes boo#1198794) ==== imlib2 ==== Subpackages: imlib2-loaders libImlib2-1 - declare counter in for loop for big endian to unsignedint (loader_ico.c) bigendian.patch ==== jfsutils ==== - add jfsutils_format-security_ftbs.patch ==== kernel-64kb ==== Version update (5.17.7 -> 5.17.9) - Linux 5.17.9 (bsc#1012628). - batman-adv: Don't skb_split skbuffs with frag_list (bsc#1012628). - iwlwifi: iwl-dbg: Use del_timer_sync() before freeing (bsc#1012628). - hwmon: (tmp401) Add OF device ID table (bsc#1012628). - mac80211: Reset MBSSID parameters upon connection (bsc#1012628). - net: rds: use maybe_get_net() when acquiring refcount on TCP sockets (bsc#1012628). - net: Fix features skip in for_each_netdev_feature() (bsc#1012628). - net: mscc: ocelot: fix last VCAP IS1/IS2 filter persisting in hardware when deleted (bsc#1012628). - net: mscc: ocelot: fix VCAP IS2 filters matching on both lookups (bsc#1012628). - net: mscc: ocelot: restrict tc-trap actions to VCAP IS2 lookup 0 (bsc#1012628). - net: mscc: ocelot: avoid corrupting hardware counters when moving VCAP filters (bsc#1012628). - fbdev: simplefb: Cleanup fb_info in .fb_destroy rather than .remove (bsc#1012628). - fbdev: efifb: Cleanup fb_info in .fb_destroy rather than .remove (bsc#1012628). - fbdev: vesafb: Cleanup fb_info in .fb_destroy rather than .remove (bsc#1012628). - platform/surface: aggregator: Fix initialization order when compiling as builtin module (bsc#1012628). - ice: Fix race during aux device (un)plugging (bsc#1012628). - ice: clear stale Tx queue settings before configuring (bsc#1012628). - ice: fix PTP stale Tx timestamps cleanup (bsc#1012628). - ipv4: drop dst in multicast routing path (bsc#1012628). - drm/nouveau: Fix a potential theorical leak in nouveau_get_backlight_name() (bsc#1012628). - netlink: do not reset transport header in netlink_recvmsg() (bsc#1012628). - net: chelsio: cxgb4: Avoid potential negative array offset (bsc#1012628). - fbdev: efifb: Fix a use-after-free due early fb_info cleanup (bsc#1012628). - net: sfc: fix memory leak due to ptp channel (bsc#1012628). - fanotify: do not allow setting dirent events in mask of non-dir (bsc#1012628). - mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection (bsc#1012628). - nfs: fix broken handling of the softreval mount option (bsc#1012628). - ionic: fix missing pci_release_regions() on error in ionic_probe() (bsc#1012628). - dim: initialize all struct fields (bsc#1012628). - hwmon: (ltq-cputemp) restrict it to SOC_XWAY (bsc#1012628). - procfs: prevent unprivileged processes accessing fdinfo dir (bsc#1012628). - selftests: vm: Makefile: rename TARGETS to VMTARGETS (bsc#1012628). - net: dsa: flush switchdev workqueue on bridge join error path (bsc#1012628). - arm64: vdso: fix makefile dependency on vdso.so (bsc#1012628). - virtio: fix virtio transitional ids (bsc#1012628). - s390/ctcm: fix variable dereferenced before check (bsc#1012628). - s390/ctcm: fix potential memory leak (bsc#1012628). - s390/lcs: fix variable dereferenced before check (bsc#1012628). - net/sched: act_pedit: really ensure the skb is writable (bsc#1012628). - net: ethernet: mediatek: ppe: fix wrong size passed to memset() (bsc#1012628). - net: bcmgenet: Check for Wake-on-LAN interrupt probe deferral (bsc#1012628). - drm/vc4: hdmi: Fix build error for implicit function declaration (bsc#1012628). - mlxsw: Avoid warning during ip6gre device removal (bsc#1012628). - net: dsa: bcm_sf2: Fix Wake-on-LAN with mac_link_down() (bsc#1012628). - net/smc: non blocking recvmsg() return -EAGAIN when no data and signal_pending (bsc#1012628). - net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe() (bsc#1012628). - tls: Fix context leak on tls_device_down (bsc#1012628). - drm/vmwgfx: Fix fencing on SVGAv3 (bsc#1012628). - gfs2: Fix filesystem block deallocation for short writes (bsc#1012628). - hwmon: (asus_wmi_sensors) Fix CROSSHAIR VI HERO name (bsc#1012628). - hwmon: (f71882fg) Fix negative temperature (bsc#1012628). - RDMA/irdma: Fix deadlock in irdma_cleanup_cm_core() (bsc#1012628). - iommu: arm-smmu: disable large page mappings for Nvidia arm-smmu (bsc#1012628). - ASoC: max98090: Reject invalid values in custom control put() (bsc#1012628). - ASoC: max98090: Generate notifications on changes for custom control (bsc#1012628). - ASoC: ops: Validate input values in snd_soc_put_volsw_range() (bsc#1012628). - s390: disable -Warray-bounds (bsc#1012628). - ASoC: SOF: Fix NULL pointer exception in sof_pci_probe callback (bsc#1012628). - io_uring: assign non-fixed early for async work (bsc#1012628). - net: emaclite: Don't advertise 1000BASE-T and do auto negotiation (bsc#1012628). - net: sfp: Add tx-fault workaround for Huawei MA5671A SFP ONT (bsc#1012628). - secure_seq: use the 64 bits of the siphash for port offset calculation (bsc#1012628). - tcp: use different parts of the port_offset for index and offset (bsc#1012628). - tcp: resalt the secret every 10 seconds (bsc#1012628). - tcp: add small random increments to the source port (bsc#1012628). - tcp: dynamically allocate the perturb table used by source ports (bsc#1012628). - tcp: increase source port perturb table to 2^16 (bsc#1012628). - tcp: drop the hash_32() part from the index calculation (bsc#1012628). - block: Do not call folio_next() on an unreferenced folio (bsc#1012628). - interconnect: Restore sync state by ignoring ipa-virt in provider count (bsc#1012628). - perf tests: Fix coresight `perf test` failure (bsc#1012628). - firmware_loader: use kernel credentials when reading firmware (bsc#1012628). - KVM: PPC: Book3S PR: Enable MSR_DR for switch_mmu_context() (bsc#1012628). - usb: xhci-mtk: fix fs isoc's transfer error (bsc#1012628). - x86/mm: Fix marking of unused sub-pmd ranges (bsc#1012628). - tty/serial: digicolor: fix possible null-ptr-deref in digicolor_uart_probe() (bsc#1012628). - tty: n_gsm: fix buffer over-read in gsm_dlci_data() (bsc#1012628). - tty: n_gsm: fix mux activation issues in gsm_config() (bsc#1012628). - tty: n_gsm: fix invalid gsmtty_write_room() result (bsc#1012628). - usb: gadget: uvc: allow for application to cleanly shutdown (bsc#1012628). - usb: cdc-wdm: fix reading stuck on device close (bsc#1012628). - usb: typec: tcpci: Don't skip cleanup in .remove() on error (bsc#1012628). - usb: typec: tcpci_mt6360: Update for BMC PHY setting (bsc#1012628). - USB: serial: pl2303: add device id for HP LM930 Display (bsc#1012628). - USB: serial: qcserial: add support for Sierra Wireless EM7590 (bsc#1012628). - USB: serial: option: add Fibocom L610 modem (bsc#1012628). - USB: serial: option: add Fibocom MA510 modem (bsc#1012628). - slimbus: qcom: Fix IRQ check in qcom_slim_probe (bsc#1012628). - fsl_lpuart: Don't enable interrupts too early (bsc#1012628). - genirq: Remove WARN_ON_ONCE() in generic_handle_domain_irq() (bsc#1012628). - serial: 8250_mtk: Fix UART_EFR register address (bsc#1012628). - serial: 8250_mtk: Fix register address for XON/XOFF character (bsc#1012628). - ceph: fix setting of xattrs on async created inodes (bsc#1012628). - Revert "mm/memory-failure.c: skip huge_zero_page in memory_failure()" (bsc#1012628). - mm/huge_memory: do not overkill when splitting huge_zero_page (bsc#1012628). - mm: mremap: fix sign for EFAULT error return value (bsc#1012628). - drm/vmwgfx: Disable command buffers on svga3 without gbobjects (bsc#1012628). - drm/nouveau/tegra: Stop using iommu_present() (bsc#1012628). - i40e: i40e_main: fix a missing check on list iterator (bsc#1012628). - net: phy: Fix race condition on link status change (bsc#1012628). - writeback: Avoid skipping inode writeback (bsc#1012628). - cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp() (bsc#1012628). - ping: fix address binding wrt vrf (bsc#1012628). - ath11k: reduce the wait time of 11d scan and hw scan while add interface (bsc#1012628). - arm[64]/memremap: don't abuse pfn_valid() to ensure presence of linear map (bsc#1012628). - net: phy: micrel: Do not use kszphy_suspend/resume for KSZ8061 (bsc#1012628). - net: phy: micrel: Pass .probe for KS8737 (bsc#1012628). - SUNRPC: Ensure that the gssproxy client can start in a connected state (bsc#1012628). - drm/vmwgfx: Initialize drm_mode_fb_cmd2 (bsc#1012628). - Revert "drm/amd/pm: keep the BACO feature enabled for suspend" (bsc#1012628). - dma-buf: call dma_buf_stats_setup after dmabuf is in valid list (bsc#1012628). - mm/hwpoison: use pr_err() instead of dump_page() in get_any_page() (bsc#1012628). - net: phy: micrel: Fix incorrect variable type in micrel (bsc#1012628). - mm/kfence: reset PG_slab and memcg_data before freeing __kfence_pool (bsc#1012628). - commit eab1a2c - Linux 5.17.8 (bsc#1012628). - mm: fix invalid page pointer returned with FOLL_PIN gups (bsc#1012628). - mm,migrate: fix establishing demotion target (bsc#1012628). - mm/mlock: fix potential imbalanced rlimit ucounts adjustment (bsc#1012628). - mm/hwpoison: fix error page recovered but reported "not recovered" (bsc#1012628). - mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and __mcopy_atomic() (bsc#1012628). - mm: shmem: fix missing cache flush in shmem_mfill_atomic_pte() (bsc#1012628). - mm: hugetlb: fix missing cache flush in hugetlb_mcopy_atomic_pte() (bsc#1012628). - mm: hugetlb: fix missing cache flush in copy_huge_page_from_user() (bsc#1012628). - mm: fix missing cache flush for all tail pages of compound page (bsc#1012628). - udf: Avoid using stale lengthOfImpUse (bsc#1012628). - rfkill: uapi: fix RFKILL_IOCTL_MAX_SIZE ioctl request definition (bsc#1012628). - Bluetooth: Fix the creation of hdev->name (bsc#1012628). - commit 718e8e9 ==== kernel-firmware ==== Version update (20220509 -> 20220516) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20220516 (git commit 251d29004ffc): * amdgpu: update beige goby firmware for 22.10 * amdgpu: update renoir firmware for 22.10 * amdgpu: update dimgrey cavefish firmware for 22.10 * amdgpu: update vega20 firmware for 22.10 * amdgpu: update yellow carp firmware for 22.10 * amdgpu: update vega12 firmware for 22.10 * amdgpu: update navy flounder firmware for 22.10 * amdgpu: update vega10 firmware for 22.10 * amdgpu: update raven2 firmware for 22.10 * amdgpu: update raven firmware for 22.10 * amdgpu: update sienna cichlid firmware for 22.10 * amdgpu: update green sardine firmware for 22.10 * amdgpu: update PCO firmware for 22.10 * amdgpu: update vangogh firmware for 22.10 * amdgpu: update navi14 firmware for 22.10 * amdgpu: update navi12 firmware for 22.10 * amdgpu: update navi10 firmware for 22.10 * amdgpu: update aldebaran firmware for 22.10 * linux-firmware: Update firmware file for Intel Bluetooth 9462 * linux-firmware: Update firmware file for Intel Bluetooth 9462 * linux-firmware: Update firmware file for Intel Bluetooth 9560 * linux-firmware: Update firmware file for Intel Bluetooth 9560 * linux-firmware: Update firmware file for Intel Bluetooth AX201 * linux-firmware: Update firmware file for Intel Bluetooth AX201 * linux-firmware: Update firmware file for Intel Bluetooth AX211 * linux-firmware: Update firmware file for Intel Bluetooth AX211 * linux-firmware: Update firmware file for Intel Bluetooth AX210 * linux-firmware: Update firmware file for Intel Bluetooth AX200 * linux-firmware: Update firmware file for Intel Bluetooth AX201 * mediatek: Update mt8192 SCP firmware ==== kernel-source ==== Version update (5.17.7 -> 5.17.9) - Linux 5.17.9 (bsc#1012628). - batman-adv: Don't skb_split skbuffs with frag_list (bsc#1012628). - iwlwifi: iwl-dbg: Use del_timer_sync() before freeing (bsc#1012628). - hwmon: (tmp401) Add OF device ID table (bsc#1012628). - mac80211: Reset MBSSID parameters upon connection (bsc#1012628). - net: rds: use maybe_get_net() when acquiring refcount on TCP sockets (bsc#1012628). - net: Fix features skip in for_each_netdev_feature() (bsc#1012628). - net: mscc: ocelot: fix last VCAP IS1/IS2 filter persisting in hardware when deleted (bsc#1012628). - net: mscc: ocelot: fix VCAP IS2 filters matching on both lookups (bsc#1012628). - net: mscc: ocelot: restrict tc-trap actions to VCAP IS2 lookup 0 (bsc#1012628). - net: mscc: ocelot: avoid corrupting hardware counters when moving VCAP filters (bsc#1012628). - fbdev: simplefb: Cleanup fb_info in .fb_destroy rather than .remove (bsc#1012628). - fbdev: efifb: Cleanup fb_info in .fb_destroy rather than .remove (bsc#1012628). - fbdev: vesafb: Cleanup fb_info in .fb_destroy rather than .remove (bsc#1012628). - platform/surface: aggregator: Fix initialization order when compiling as builtin module (bsc#1012628). - ice: Fix race during aux device (un)plugging (bsc#1012628). - ice: clear stale Tx queue settings before configuring (bsc#1012628). - ice: fix PTP stale Tx timestamps cleanup (bsc#1012628). - ipv4: drop dst in multicast routing path (bsc#1012628). - drm/nouveau: Fix a potential theorical leak in nouveau_get_backlight_name() (bsc#1012628). - netlink: do not reset transport header in netlink_recvmsg() (bsc#1012628). - net: chelsio: cxgb4: Avoid potential negative array offset (bsc#1012628). - fbdev: efifb: Fix a use-after-free due early fb_info cleanup (bsc#1012628). - net: sfc: fix memory leak due to ptp channel (bsc#1012628). - fanotify: do not allow setting dirent events in mask of non-dir (bsc#1012628). - mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection (bsc#1012628). - nfs: fix broken handling of the softreval mount option (bsc#1012628). - ionic: fix missing pci_release_regions() on error in ionic_probe() (bsc#1012628). - dim: initialize all struct fields (bsc#1012628). - hwmon: (ltq-cputemp) restrict it to SOC_XWAY (bsc#1012628). - procfs: prevent unprivileged processes accessing fdinfo dir (bsc#1012628). - selftests: vm: Makefile: rename TARGETS to VMTARGETS (bsc#1012628). - net: dsa: flush switchdev workqueue on bridge join error path (bsc#1012628). - arm64: vdso: fix makefile dependency on vdso.so (bsc#1012628). - virtio: fix virtio transitional ids (bsc#1012628). - s390/ctcm: fix variable dereferenced before check (bsc#1012628). - s390/ctcm: fix potential memory leak (bsc#1012628). - s390/lcs: fix variable dereferenced before check (bsc#1012628). - net/sched: act_pedit: really ensure the skb is writable (bsc#1012628). - net: ethernet: mediatek: ppe: fix wrong size passed to memset() (bsc#1012628). - net: bcmgenet: Check for Wake-on-LAN interrupt probe deferral (bsc#1012628). - drm/vc4: hdmi: Fix build error for implicit function declaration (bsc#1012628). - mlxsw: Avoid warning during ip6gre device removal (bsc#1012628). - net: dsa: bcm_sf2: Fix Wake-on-LAN with mac_link_down() (bsc#1012628). - net/smc: non blocking recvmsg() return -EAGAIN when no data and signal_pending (bsc#1012628). - net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe() (bsc#1012628). - tls: Fix context leak on tls_device_down (bsc#1012628). - drm/vmwgfx: Fix fencing on SVGAv3 (bsc#1012628). - gfs2: Fix filesystem block deallocation for short writes (bsc#1012628). - hwmon: (asus_wmi_sensors) Fix CROSSHAIR VI HERO name (bsc#1012628). - hwmon: (f71882fg) Fix negative temperature (bsc#1012628). - RDMA/irdma: Fix deadlock in irdma_cleanup_cm_core() (bsc#1012628). - iommu: arm-smmu: disable large page mappings for Nvidia arm-smmu (bsc#1012628). - ASoC: max98090: Reject invalid values in custom control put() (bsc#1012628). - ASoC: max98090: Generate notifications on changes for custom control (bsc#1012628). - ASoC: ops: Validate input values in snd_soc_put_volsw_range() (bsc#1012628). - s390: disable -Warray-bounds (bsc#1012628). - ASoC: SOF: Fix NULL pointer exception in sof_pci_probe callback (bsc#1012628). - io_uring: assign non-fixed early for async work (bsc#1012628). - net: emaclite: Don't advertise 1000BASE-T and do auto negotiation (bsc#1012628). - net: sfp: Add tx-fault workaround for Huawei MA5671A SFP ONT (bsc#1012628). - secure_seq: use the 64 bits of the siphash for port offset calculation (bsc#1012628). - tcp: use different parts of the port_offset for index and offset (bsc#1012628). - tcp: resalt the secret every 10 seconds (bsc#1012628). - tcp: add small random increments to the source port (bsc#1012628). - tcp: dynamically allocate the perturb table used by source ports (bsc#1012628). - tcp: increase source port perturb table to 2^16 (bsc#1012628). - tcp: drop the hash_32() part from the index calculation (bsc#1012628). - block: Do not call folio_next() on an unreferenced folio (bsc#1012628). - interconnect: Restore sync state by ignoring ipa-virt in provider count (bsc#1012628). - perf tests: Fix coresight `perf test` failure (bsc#1012628). - firmware_loader: use kernel credentials when reading firmware (bsc#1012628). - KVM: PPC: Book3S PR: Enable MSR_DR for switch_mmu_context() (bsc#1012628). - usb: xhci-mtk: fix fs isoc's transfer error (bsc#1012628). - x86/mm: Fix marking of unused sub-pmd ranges (bsc#1012628). - tty/serial: digicolor: fix possible null-ptr-deref in digicolor_uart_probe() (bsc#1012628). - tty: n_gsm: fix buffer over-read in gsm_dlci_data() (bsc#1012628). - tty: n_gsm: fix mux activation issues in gsm_config() (bsc#1012628). - tty: n_gsm: fix invalid gsmtty_write_room() result (bsc#1012628). - usb: gadget: uvc: allow for application to cleanly shutdown (bsc#1012628). - usb: cdc-wdm: fix reading stuck on device close (bsc#1012628). - usb: typec: tcpci: Don't skip cleanup in .remove() on error (bsc#1012628). - usb: typec: tcpci_mt6360: Update for BMC PHY setting (bsc#1012628). - USB: serial: pl2303: add device id for HP LM930 Display (bsc#1012628). - USB: serial: qcserial: add support for Sierra Wireless EM7590 (bsc#1012628). - USB: serial: option: add Fibocom L610 modem (bsc#1012628). - USB: serial: option: add Fibocom MA510 modem (bsc#1012628). - slimbus: qcom: Fix IRQ check in qcom_slim_probe (bsc#1012628). - fsl_lpuart: Don't enable interrupts too early (bsc#1012628). - genirq: Remove WARN_ON_ONCE() in generic_handle_domain_irq() (bsc#1012628). - serial: 8250_mtk: Fix UART_EFR register address (bsc#1012628). - serial: 8250_mtk: Fix register address for XON/XOFF character (bsc#1012628). - ceph: fix setting of xattrs on async created inodes (bsc#1012628). - Revert "mm/memory-failure.c: skip huge_zero_page in memory_failure()" (bsc#1012628). - mm/huge_memory: do not overkill when splitting huge_zero_page (bsc#1012628). - mm: mremap: fix sign for EFAULT error return value (bsc#1012628). - drm/vmwgfx: Disable command buffers on svga3 without gbobjects (bsc#1012628). - drm/nouveau/tegra: Stop using iommu_present() (bsc#1012628). - i40e: i40e_main: fix a missing check on list iterator (bsc#1012628). - net: phy: Fix race condition on link status change (bsc#1012628). - writeback: Avoid skipping inode writeback (bsc#1012628). - cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp() (bsc#1012628). - ping: fix address binding wrt vrf (bsc#1012628). - ath11k: reduce the wait time of 11d scan and hw scan while add interface (bsc#1012628). - arm[64]/memremap: don't abuse pfn_valid() to ensure presence of linear map (bsc#1012628). - net: phy: micrel: Do not use kszphy_suspend/resume for KSZ8061 (bsc#1012628). - net: phy: micrel: Pass .probe for KS8737 (bsc#1012628). - SUNRPC: Ensure that the gssproxy client can start in a connected state (bsc#1012628). - drm/vmwgfx: Initialize drm_mode_fb_cmd2 (bsc#1012628). - Revert "drm/amd/pm: keep the BACO feature enabled for suspend" (bsc#1012628). - dma-buf: call dma_buf_stats_setup after dmabuf is in valid list (bsc#1012628). - mm/hwpoison: use pr_err() instead of dump_page() in get_any_page() (bsc#1012628). - net: phy: micrel: Fix incorrect variable type in micrel (bsc#1012628). - mm/kfence: reset PG_slab and memcg_data before freeing __kfence_pool (bsc#1012628). - commit eab1a2c - Linux 5.17.8 (bsc#1012628). - mm: fix invalid page pointer returned with FOLL_PIN gups (bsc#1012628). - mm,migrate: fix establishing demotion target (bsc#1012628). - mm/mlock: fix potential imbalanced rlimit ucounts adjustment (bsc#1012628). - mm/hwpoison: fix error page recovered but reported "not recovered" (bsc#1012628). - mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and __mcopy_atomic() (bsc#1012628). - mm: shmem: fix missing cache flush in shmem_mfill_atomic_pte() (bsc#1012628). - mm: hugetlb: fix missing cache flush in hugetlb_mcopy_atomic_pte() (bsc#1012628). - mm: hugetlb: fix missing cache flush in copy_huge_page_from_user() (bsc#1012628). - mm: fix missing cache flush for all tail pages of compound page (bsc#1012628). - udf: Avoid using stale lengthOfImpUse (bsc#1012628). - rfkill: uapi: fix RFKILL_IOCTL_MAX_SIZE ioctl request definition (bsc#1012628). - Bluetooth: Fix the creation of hdev->name (bsc#1012628). - commit 718e8e9 ==== libass ==== Version update (0.15.2 -> 0.16.0) - Update to version 0.16.0: + Fix crashes with fonts missing Postscript names and without one being synthesised by the font provider. + Fix crashes on negative fontsizes and some overflows. + Fix a rare memory leak introduced in 0.13.0. + x86: Fix potential buffer over-read by 16 bytes with AVX2 assembly when large tiles are not enabled (the default). + x86: Fix PIC flags not being interpreted by the assembler, breaking the asm-enabled build setup on NetBSD and OpenBSD. On 32-bit x86, if the toolchain requires PIC objects and relies on compiler defaults to get PIC implicitly, you need to pass - -with-pic to configure to ensure NASM always produces PIC objects. + x86: Fix AVX support not being detected on non-Intel CPUs and some VMs. + x86: Fix CPUID being used on CPUs not supporting the instruction (<= i486) and the way it is used for CPUs with less than 7 CPUID-leafs which could lead to crashes due to illegal instructions. ==== libbpf ==== Version update (0.7.0 -> 0.8.0) - Update to release 0.8.0 * New features and APIs: - support auto-resolution of binaries and shared libraries from PATH, if necessary; - support attaching by function names (only by IP was supported before); - support attaching to USDTs (SEC("usdt/...") and bpf_program__attach_usdt()) with initially supported architectures: x86-64 (amd64); x86 (i386); s390x; ARM64 (aarch64); RISC V (riscv); - improved BPF verifier log reporting for CO-RE relocation failures (no more obscure "invalid func unknown#195896080" errors); - auto-adjust BPF ringbuf size according to host kernel's page size requirements; - high-level BPF map APIs: bpf_map__lookup_elem(), bpf_map__update_elem(), etc that validate key/value buffer sizes; - bpf_link_create() can create all bpf_link-based (including raw_tp, fentry/fexit, etc), falling back to bpf_raw_tracepoint_open() on old kernels transparently; - support opting out from auto-loading BPF programs declaratively with SEC("?..."); - support opting out from auto-creation of declarative BPF maps with bpf_map__set_autocreate(); - support multi-kprobes (SEC("kprobe.multi/...") and bpf_program__attach_kprobe_multi_opts()); - support target-less SEC() programs (e.g., SEC("kprobe"), SEC("tp"), etc); - support BPF sub-skeletons for "incomplete" BPF object files (requires matching bpftool to generate .subskel.h); - BPF cookie support for fentry/fexit/fmod_ret BPF programs (bpf_program__attach_trace_opts()); - support for custom SEC() handlers (libbpf_register_prog_handler()). * BPF-side API - BPF-side USDT APIs. See new usdt.bpf.h header: * BPF_USDT() program wrapper macro; bpf_usdt_arg(), bpf_usdt_arg_cnt(), * bpf_usdt_cookie() helpers; - new bpf_core_field_offset() CO-RE helper and support bpf_core_field_size(type, field) forms; - barrier() and barrier_var() macros for improving BPF code generation; - __kptr and __kptr_ref tags added; - ARC architecture support in bpf_tracing.h header; - new BPF helpers: * bpf_skb_set_tstamp(); * bpf_ima_file_hash(); * bpf_kptr_xchg(); * bpf_map_lookup_percpu_elem(). * Bug fixes - netlink bug fixes; - libbpf.pc fixes to support patch releases properly; - BPF_MAP_TYPE_PERF_EVENT_ARRAY map auto-pinning fix; - minor CO-RE fixes and improvements for some corner cases; - various other small fixes and improvements. ==== libcap-ng ==== Version update (0.7.11 -> 0.8.3) - Update to 0.8.3: * Add vararg support to python bindings for capng_updatev * Add support for ambient capabilities * Add support for V3 filesystem capabilities * If procfs is not available, leave last_cap as CAP_LAST_CAP * If bounding and ambient not found in status, try prctl method * In capng_apply, move ambient caps to the end of the transaction * In capng_apply, return errors more aggressively. * In capng_apply, if the action includes the bounding set,resync with the kernel * Fix signed/unsigned warning in cap-ng.c * In capng_apply, return a unique error code to diagnose any failure * In capng_have_capability, return 0 for failure * Add the libdrop_ambient admin tool * In capng_apply, if we blew up in bounding set, allow setting capabilities * If PR_CAP_AMBIENT is not available, do not build libdrop_ambient * Improve last_cap check * Fix parameters to capng_updatev python bindings to be signed * Detect capability options at runtime to make containerization easier (ntkme) * Initialize the library when linked statically * Add gcc function attributes for deallocation ==== libdv ==== - Replace SDL-devel BuildRequires with pkgconfig(sdl): allow to use sdl12_compat as an alternative. ==== libinput ==== Subpackages: libinput-udev libinput10 - Enable building libinput-replay [boo#1190065] ==== libreoffice ==== Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-en libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit - Fix bsc#1197497 - LO-L3: Loading XLSX with 1M rows is ultra slow (or crashes Calc) * bsc1197497.patch ==== librsvg ==== Version update (2.54.1 -> 2.54.3) Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0 - Update to version 2.54.3: + Fix detection of gi-docgen. + Install the generated documentation in the correct place so that Devhelp can find it. - Changes from version 2.54.2: + Fix regressions when computing element geometries. + Add a --disable-gtk-doc option for the configure script, so people can disable generating documentation for cross-compiling. + MSVC: Support generating documentation, and passing introspection paths. ==== libxfce4ui ==== Subpackages: libxfce4ui-2-0 libxfce4ui-lang libxfce4ui-tools typelib-1_0-Libxfce4ui-2_0 - Resolve rpmlint report "libxfce4ui-2-0.x86_64: E: shlib-policy-name-error SONAME: libxfce4kbd-private-3.so.0, expected package suffix: 3-0" - Move documentation to -devel package ==== libyui ==== Version update (4.4.0 -> 4.4.1) - Added a custom QTranslator for translations support for Qt Designer .ui files (bsc#1198097) - Renamed .ui files and toplevel classes in .ui files to conform to our naming standards (QY2*, YQ*) to avoid ambiguities with predefined Qt classes to work with our new custom QTranslator - Added TEXTDOMAIN file to support .ui files in y2makepot (@lslezak) - 4.4.1 ==== libyui-ncurses ==== Version update (4.4.0 -> 4.4.1) - Added a custom QTranslator for translations support for Qt Designer .ui files (bsc#1198097) - Renamed .ui files and toplevel classes in .ui files to conform to our naming standards (QY2*, YQ*) to avoid ambiguities with predefined Qt classes to work with our new custom QTranslator - Added TEXTDOMAIN file to support .ui files in y2makepot (@lslezak) - 4.4.1 ==== libyui-ncurses-pkg ==== Version update (4.4.0 -> 4.4.1) - Added a custom QTranslator for translations support for Qt Designer .ui files (bsc#1198097) - Renamed .ui files and toplevel classes in .ui files to conform to our naming standards (QY2*, YQ*) to avoid ambiguities with predefined Qt classes to work with our new custom QTranslator - Added TEXTDOMAIN file to support .ui files in y2makepot (@lslezak) - 4.4.1 ==== libyui-qt ==== Version update (4.4.0 -> 4.4.1) - Added a custom QTranslator for translations support for Qt Designer .ui files (bsc#1198097) - Renamed .ui files and toplevel classes in .ui files to conform to our naming standards (QY2*, YQ*) to avoid ambiguities with predefined Qt classes to work with our new custom QTranslator - Added TEXTDOMAIN file to support .ui files in y2makepot (@lslezak) - 4.4.1 ==== libyui-qt-graph ==== Version update (4.4.0 -> 4.4.1) - Added a custom QTranslator for translations support for Qt Designer .ui files (bsc#1198097) - Renamed .ui files and toplevel classes in .ui files to conform to our naming standards (QY2*, YQ*) to avoid ambiguities with predefined Qt classes to work with our new custom QTranslator - Added TEXTDOMAIN file to support .ui files in y2makepot (@lslezak) - 4.4.1 ==== libyui-qt-pkg ==== Version update (4.4.0 -> 4.4.1) - Added a custom QTranslator for translations support for Qt Designer .ui files (bsc#1198097) - Renamed .ui files and toplevel classes in .ui files to conform to our naming standards (QY2*, YQ*) to avoid ambiguities with predefined Qt classes to work with our new custom QTranslator - Added TEXTDOMAIN file to support .ui files in y2makepot (@lslezak) - 4.4.1 ==== lttng-ust ==== Version update (2.13.0 -> 2.13.2) - Update to version 2.13.2 (changes since 2.13.0): * Fix: ust-compiler: constructor/destructor build on g++ 4.8. * ust-compiler: constructor/destructor whitespaces layout and macro dependency. * Fix: ust-cancelstate: include string.h for strerror. * Fix: libnuma is prepended to LIBS. * Fix: Allow disabling some abi compat tests. * Fix: generate probe registration constructor as a C++ constuctor. * Fix: nestable pthread cancelstate. * Fix: abort on decrement_sem_count during concurrent tracing start and teardown. * Fix: allocating C++ compound literal on heap with Clang. * Check for C++11 when building C++ probe providers. * fix: liblttng-ust-fd async-signal-safe close(). * tracepoints: print debug message when lttng-ust-tracepoint.so is not found. * Fix: static_assert unavailable with glibc < 2.16. * Fix: combined tracing of lttng-ust 2.12/2.13 generates corrupted traces. * doc/man: Document LTTNG_UST_ABORT_ON_CRITICAL variable. * Fix: remove autoconf features default value in help message. * Fix: add extern "C" to two header files. * Fix: __STDC_VERSION__ can be undefined in C++. * Fix: sample discarded events count before reserve. * Fix: ring buffer event counter. * Fix: concurrent exec(2) file descriptor leak. * Add "domain" parameter to the Log4j 2.x agent. * Fix: Convert custom loglevels in Log4j 2.x agent. * Fix: coverity reported null returns in Log4j2 agent. * Add a Log4j 2.x Java agent. * Fix: may be used uninitialised on powerpc. * Fix: doc/examples/java-log4j: fix paths to directories. * Fix: doc/examples/java-jul: fix paths to directories. ==== mjpegtools ==== Subpackages: liblavfile-2_2-0 liblavjpeg-2_2-0 liblavplay-2_2-0 liblavrec-2_2-0 libmjpegutils-2_2-0 libmpeg2encpp-2_2-0 libmplex2-2_2-0 - mjpegtools's Makefiles try to use -lX11, but there is no BuildRequire for it - add it. ==== mozjs91 ==== Version update (91.7.0 -> 91.9.0) - Update to version 91.9.0: + Various stability, functionality, and security fixes. ==== multipath-tools ==== Version update (0.8.8+64+suse.f265f7e0 -> 0.8.9+90+suse.71a70fb) Subpackages: kpartx libmpath0 - Update to version 0.8.9+90+suse.71a70fb: * support overriding -D_FORTIFY_SOURCE in OPTFLAGS * add -U_FORTIFY_SOURCE to optflags to avoid compilation errors on old distros - Update to version 0.8.9+87+suse.a1eb122: * add ability to autodetect support for -D_FORTIFY_SOURCE=3 - Update to version 0.8.9+85+suse.a9da21c: * This is a pre-release of multipath-tools 0.9.0 * multipath.conf: add "protocol" subsection in "overrides" section This allows to set "dev_loss_tmo", "fast_io_fail_tmo", and "eh_deadline" on a per-protocol basis rather than per storage * multipath.conf: drop support for deprecated options: getuid_callout, pg_timeout, config_dir, multipath_dir * multipathd: don't switch to DAEMON_IDLE during startup (bsc#1199346, bsc#1197570) * multipathd: avoid delays during uevent processing (bsc#1199347) * Fixes for minor issues reported by coverity * Fix for memory leak with uid_attrs * Fix possibility to redefine -D_FORTIFY_SOURCE macro. * Updates for built in hardware db - Update to version 0.8.9+42+suse.45974f11: * Logging improvements * Fix busy loop with delayed_reconfigure (bsc#1199342) * multipathd: use remove_map_callback for delayed reconfigure * multipathd: Don't keep starting TUR threads, if they always hang. (bsc#1199345) * Fix handling of path addition in read-only arrays on NVMe * Updates of built-in hardware database - Update to upstream 0.8.9 * libmultipath: only warn once about unsupported dev_loss_tmo * Otherwise code-identical to 0.8.8+64 ==== okteta ==== Version update (0.26.7 -> 0.26.8) Subpackages: libKasten4 libOkteta3 libkasten-lang libokteta-lang okteta-data okteta-lang - Update to 0.26.8 * Fixed: Float 32-bit editor in decoding table tool no longer rejects negative values & decimal places (kde#453819) * Fixed: PNG structure definition example now ensures use of big endianness (kde#452362) * Improved: translations * Improved: have more text vertically centered in lists in tool views * Changed: no more use of fixed font type for any list headers in tool views ==== orca ==== Version update (42.0 -> 42.1) - Update to version 42.1: + Web (Chromium + Gecko): - Fix several performance issues impacting Google Docs. - Fix bug in which Orca failed to speak when clicking on a line. + WebKitGtk: Handle WebKitGtk's change in toolkit name casing so that older versions of Orca continue to work with newer versions of WebKitGtk. + Updated translations. ==== pam_ssh ==== - use pam macros [bsc#1190960] ==== parted ==== Subpackages: libparted-fs-resize0 libparted2 - add new type command from upstream added patches: - type-command.patch ==== pcre ==== Subpackages: libpcre1 libpcreposix0 - Added pcre-8.45-bsc1199232-unicode-property-matching.patch * bsc#1199232 * Fixes unicode property matching issue ==== pentobi ==== Version update (20.0 -> 21.0) - Update to version 21.0 * New help viewer implementation, which includes DocBook files in the resources. This avoids using an external browser, which did not work with all installation directories on Ubuntu 21.10 because Firefox and Chromium have restricted access to local files, or using WebView, which is not supported on all Linux architectures or in Qt 6.0/6.1. * Fixed visibility of labels on Callisto 1x1-piece in dark theme. * Fixed rendering issues on Android with Qt 6.3.0. * Fixed detection of loaded files or autosaved games modified by another application. ==== perl ==== Version update (5.34.0 -> 5.34.1) Subpackages: perl-base perl-doc - Update to 5.34.1 - maintenance release B::Deparse has been upgraded from version 1.56 to 1.57. Encode has been upgraded from version 3.08 to 3.08_01. GDBM_File has been upgraded from version 1.19 to 1.19_01. Module::CoreList has been upgraded from version 5.20210520 to 5.20220313. perl5db.pl has been upgraded from version 1.60 to 1.60_01. - Drop c029d660f2fe60699cf64bbb3fa9f671a1a370d5.patch (upstream) - Don't install anything in testsuite build - Run testsuite also in qemu build - posix-sigaction.patch: remove, this has been fixed properly in commit 19c9c2ee4a ==== python-boto3 ==== Version update (1.22.11 -> 1.23.1) - Update to version 1.23.1 * api-change:``resiliencehub``: [``botocore``] In this release, we are introducing support for Amazon Elastic Container Service, Amazon Route 53, AWS Elastic Disaster Recovery, AWS Backup in addition to the existing supported Services. This release also supports Terraform file input from S3 and scheduling daily assessments * api-change:``servicecatalog``: [``botocore``] Updated the descriptions for the ListAcceptedPortfolioShares API description and the PortfolioShareType parameters. * api-change:``discovery``: [``botocore``] Add Migration Evaluator Collector details to the GetDiscoverySummary API response * api-change:``sts``: [``botocore``] Documentation updates for AWS Security Token Service. * api-change:``workspaces-web``: [``botocore``] Amazon WorkSpaces Web now supports Administrator timeout control * api-change:``rekognition``: [``botocore``] Documentation updates for Amazon Rekognition. * api-change:``cloudfront``: [``botocore``] Introduced a new error (TooLongCSPInResponseHeadersPolicy) that is returned when the value of the Content-Security-Policy header in a response headers policy exceeds the maximum allowed length. - from version 1.23.0 * feature:Loaders: [``botocore``] Support for loading gzip compressed model files. * api-change:``grafana``: [``botocore``] This release adds APIs for creating and deleting API keys in an Amazon Managed Grafana workspace. - from version 1.22.13 * api-change:``ivschat``: [``botocore``] Documentation-only updates for IVS Chat API Reference. * api-change:``lambda``: [``botocore``] Lambda releases NodeJs 16 managed runtime to be available in all commercial regions. * api-change:``kendra``: [``botocore``] Amazon Kendra now provides a data source connector for Jira. For more information, see https://docs.aws.amazon.com/kendra/latest/dg/data-source-jira.html * api-change:``transfer``: [``botocore``] AWS Transfer Family now accepts ECDSA keys for server host keys * api-change:``iot``: [``botocore``] Documentation update for China region ListMetricValues for IoT * api-change:``workspaces``: [``botocore``] Increased the character limit of the login message from 600 to 850 characters. * api-change:``finspace-data``: [``botocore``] We've now deprecated CreateSnapshot permission for creating a data view, instead use CreateDataView permission. * api-change:``lightsail``: [``botocore``] This release adds support to include inactive database bundles in the response of the GetRelationalDatabaseBundles request. * api-change:``outposts``: [``botocore``] Documentation updates for AWS Outposts. * api-change:``ec2``: [``botocore``] This release introduces a target type Gateway Load Balancer Endpoint for mirrored traffic. Customers can now specify GatewayLoadBalancerEndpoint option during the creation of a traffic mirror target. * api-change:``ssm-incidents``: [``botocore``] Adding support for dynamic SSM Runbook parameter values. Updating validation pattern for engagements. Adding ConflictException to UpdateReplicationSet API contract. - from version 1.22.12 * api-change:``secretsmanager``: [``botocore``] Doc only update for Secrets Manager that fixes several customer-reported issues. * api-change:``ec2``: [``botocore``] This release updates AWS PrivateLink APIs to support IPv6 for PrivateLink Services and Endpoints of type 'Interface'. - Update BuildRequires and Requires from setup.py ==== python-botocore ==== Version update (1.25.11 -> 1.26.1) - Update to 1.26.1 * api-change:``resiliencehub``: In this release, we are introducing support for Amazon Elastic Container Service, Amazon Route 53, AWS Elastic Disaster Recovery, AWS Backup in addition to the existing supported Services. This release also supports Terraform file input from S3 and scheduling daily assessments * api-change:``servicecatalog``: Updated the descriptions for the ListAcceptedPortfolioShares API description and the PortfolioShareType parameters. * api-change:``discovery``: Add Migration Evaluator Collector details to the GetDiscoverySummary API response * api-change:``sts``: Documentation updates for AWS Security Token Service. * api-change:``workspaces-web``: Amazon WorkSpaces Web now supports Administrator timeout control * api-change:``rekognition``: Documentation updates for Amazon Rekognition. * api-change:``cloudfront``: Introduced a new error (TooLongCSPInResponseHeadersPolicy) that is returned when the value of the Content-Security-Policy header in a response headers policy exceeds the maximum allowed length. - from version 1.26.0 * feature:Loaders: Support for loading gzip compressed model files. * api-change:``grafana``: This release adds APIs for creating and deleting API keys in an Amazon Managed Grafana workspace. - from version 1.25.13 * api-change:``ivschat``: Documentation-only updates for IVS Chat API Reference. * api-change:``lambda``: Lambda releases NodeJs 16 managed runtime to be available in all commercial regions. * api-change:``kendra``: Amazon Kendra now provides a data source connector for Jira. For more information, see https://docs.aws.amazon.com/kendra/latest/dg/data-source-jira.html * api-change:``transfer``: AWS Transfer Family now accepts ECDSA keys for server host keys * api-change:``iot``: Documentation update for China region ListMetricValues for IoT * api-change:``workspaces``: Increased the character limit of the login message from 600 to 850 characters. * api-change:``finspace-data``: We've now deprecated CreateSnapshot permission for creating a data view, instead use CreateDataView permission. * api-change:``lightsail``: This release adds support to include inactive database bundles in the response of the GetRelationalDatabaseBundles request. * api-change:``outposts``: Documentation updates for AWS Outposts. * api-change:``ec2``: This release introduces a target type Gateway Load Balancer Endpoint for mirrored traffic. Customers can now specify GatewayLoadBalancerEndpoint option during the creation of a traffic mirror target. * api-change:``ssm-incidents``: Adding support for dynamic SSM Runbook parameter values. Updating validation pattern for engagements. Adding ConflictException to UpdateReplicationSet API contract. - from version 1.25.12 * api-change:``secretsmanager``: Doc only update for Secrets Manager that fixes several customer-reported issues. * api-change:``ec2``: This release updates AWS PrivateLink APIs to support IPv6 for PrivateLink Services and Endpoints of type 'Interface'. ==== transactional-update ==== Version update (4.0.0~rc2 -> 4.0.0~rc4) Subpackages: dracut-transactional-update libtukit4 transactional-update-zypp-config tukit tukitd - Version 4.0.0~rc4 - Fix building with GCC 12 - Fix stack overflow with very long commands / ids [bsc#1196149] - Use separate mount namespace for chroot, allowing overwriting the bind mounts from the update environment - this could have lead to data loss of the bind mount previously - Fix C error and exception handling for snapshots - Version 4.0.0~rc3 - Add Snapshot interface - Reworked signal handling: All public signals are sent from the main thread now, keeping the same sender for everything - Implement D-Bus call "Execute" for Transactions - Implement interface for listing Snapshots - Implement Reboot interface - Fix bug when using --continue on old snapshots - Fix hypothetical integer overflow in snapshot list [bsc#1196826] - Fix wrong sort order in status command [gh#openSUSE/transactional-update#80] ==== yast2-packager ==== Version update (4.5.3 -> 4.5.4) - Fix package counters in the installation slideshow (boo#1199621). - 4.5.4