Packages changed: PackageKit amarok exiv2 gptfdisk hplip libbluray (1.3.2 -> 1.3.3) libcap (2.65 -> 2.66) libglvnd (1.4.0 -> 1.5.0) libopenmpt (0.6.4 -> 0.6.6) libpng16 (1.6.37 -> 1.6.38) libreoffice libva (2.15.0 -> 2.16.0) libva-gl (2.15.0 -> 2.16.0) libverto (0.3.1 -> 0.3.2) libyuv links (2.27 -> 2.28) lttng-modules (2.13.4_k5.19.12_1 -> 2.13.7_k5.19.12_1) osinfo-db (20220727 -> 20220830) patterns-kde (20220215 -> 20221001) perl-IO-Socket-SSL (2.074 -> 2.075) permissions popt (1.18 -> 1.19) pragha python-cryptography (37.0.4 -> 38.0.1) python-pyspnego (0.4.0 -> 0.5.0) python-pyudev (0.23.2+14 -> 0.24.0) python-requests-toolbelt tdb (1.4.6 -> 1.4.7) xapian-core (1.4.20 -> 1.4.21) yast2-network (4.5.7 -> 4.5.8) === Details === ==== PackageKit ==== Subpackages: PackageKit-backend-zypp PackageKit-gstreamer-plugin PackageKit-gtk3-module PackageKit-lang libpackagekit-glib2-18 typelib-1_0-PackageKitGlib-1_0 - Add PackageKit-zypp-dont-remove-locked-packages.patch: zypp: Check if packages are locked before removing (gh#PackageKit/PackageKit/commit/8649a07bc, bsc#1199895). - Add PackageKit-zypp-add-repo-in-packageid.patch: zypp: add repository data in package id (gh#PackageKit/PackageKit/commit/8eb2ef0ae, bsc#1202585). - Remove PackageKit-zypp-locked-packages.patch: reverted upstream (gh#PackageKit/PackageKit/commit/ed3e38043). ==== amarok ==== - Use FFmpeg 4 to build amarok on Tumbleweed. The FFmpeg 5 port needs more work. ==== exiv2 ==== - add tracker for SLE (jsc#PED-1393) ==== gptfdisk ==== - Add patch to fix sgdisk with popt 1.19: * 0001-Fix-failure-crash-of-sgdisk-when-compiled-with-lates.patch ==== hplip ==== Subpackages: hplip-hpijs hplip-sane - Move the hplip-udev-rules requirement from hplip to hplip-hpijs. The main package will get it via indirect dependencies then. - Split off hplip-udev-rules hplip-udev-rules so that you can install hplip-sane only and scan as a normal user, fixes boo#1203811 ==== libbluray ==== Version update (1.3.2 -> 1.3.3) - update to 1.3.3: * Initial support for Java 18. * Add support for OpenBSD operating system. * Improve support for FreeBSD, NetBSD and DragonFlyBSD * Improve Java 17 support. ==== libcap ==== Version update (2.65 -> 2.66) Subpackages: libcap2 libcap2-32bit - update to 2.66: * Fix documentation typos in cap_from_text.3 * Some getpcaps code clean up and a fix for PID argument parsing from Jakub Wilk. * Slightly more robust Makefiles to address an error with make -j48 test observed * Include a simple Go program, captrace, to trace kernel capability validation checks * This program can be used to figure out what capabilities a program needs to operate. * captrace (a wrapper for bpftrace) uses BPF kprobes to monitor the kernel for capability checks and whether or not they succeed for the system, a specific PID or a program's direct execution. * Trim down the default file capabilities for contrib/sucap/su to those actually needed and set USER and HOME environment variables so bash doesn't complain about a sourcing error. ==== libglvnd ==== Version update (1.4.0 -> 1.5.0) Subpackages: libglvnd-32bit - update to 1.5.0: * Add BTI landing pads for aarch64 * Set current thread state to NULL in teardown * Moving setspecific to before DestroyThreadState * Fix a memory leak in libGLdispatch * Use assembly stubs on armv6 - drop libglvnd-add-bti.patch (upstream) ==== libopenmpt ==== Version update (0.6.4 -> 0.6.6) - Update to 0.6.6 * [Sec] Possible crash when playing manipulated IT / MPTM files with a T00 command. * MTM: In MultiTracker, setting speed and tempo are mutually exclusive commands. Still, some MultiTracker modules were made to be played with external players such as DMP, so they actually rely on “standard” speed / tempo behaviour. Decide which behaviour to use by checking of speed and tempo commands are found on the same row. * MTM: Ignore sample loops if the loop end is <= 2. * Echo DMO: Migrate left and right delay values in modules made with OpenMPT versions between 1.27.01.00 and 1.30.05.00 to the correct interpretation. - Changes in 0.6.5: * [Bug] Makefile now also uses CC, CXX, LD, and AR when set as environment variables. * [New] Makefile now uses PKG_CONFIG as path to pkg-config. * DBM: Sample middle-C frequencies were slightly off. laffik_-_marynarze.dbm sounds much more bearable now. * DBM: Fixed pattern break parameter interpretation. * Echo DMO: Setting the delay parameter to 0 yielded a 2-second echo delay instead of 1ms. * Digi Booster Echo: Setting the delay parameter to 0 yielded a 510ms echo delay instead of approximately 334ms. ==== libpng16 ==== Version update (1.6.37 -> 1.6.38) Subpackages: libpng16-16 libpng16-16-32bit - update to 1.6.38: * Added configurations and scripts for continuous integration. * Fixed various errors in the handling of tRNS, hIST and eXIf. * Implemented many stability improvements across all platforms. * Updated the internal documentation. ==== libreoffice ==== Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-en_GB libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-pt_BR libreoffice-l10n-ru libreoffice-l10n-zh_CN libreoffice-l10n-zh_TW libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit - Change egrep/fgrep calls to grep -E/-F, respectively boo#1203092 add libreoffice-7.4.1.2-grep.patch ==== libva ==== Version update (2.15.0 -> 2.16.0) Subpackages: libva-drm2 libva-x11-2 libva2 - update to 2.16.0: * add: Add HierarchicalFlag & hierarchical_level_plus1 for AV1e. * dep: Update README.md to remove badge links * dep: Removed waffle-io badge from README to fix broken link * dep: Drop mailing list, IRC and Slack * autotools: use wayland-scanner private-code * autotools: use the wayland-scanner.pc to locate the prog * meson: use wayland-scanner private-code * meson: request native wayland-scanner * meson: use the wayland-scanner.pc to locate the prog * meson: set HAVE_VA_X11 when applicable * style:Correct slight coding style in several new commits * trace: add Linux ftrace mode for va trace * trace: Add missing pthread_mutex_destroy * drm: remove no-longer needed X == X mappings * drm: fallback to drm driver name == va driver name * drm: simplify the mapping table * x11: simplify the mapping table - No code changes - Update to version 2.15.0 was part of Intel oneVPL GPU Runtime 2022Q2 Release 22.4.4 ==== libva-gl ==== Version update (2.15.0 -> 2.16.0) Subpackages: libva-glx2 libva-wayland2 - update to 2.16.0: * add: Add HierarchicalFlag & hierarchical_level_plus1 for AV1e. * dep: Update README.md to remove badge links * dep: Removed waffle-io badge from README to fix broken link * dep: Drop mailing list, IRC and Slack * autotools: use wayland-scanner private-code * autotools: use the wayland-scanner.pc to locate the prog * meson: use wayland-scanner private-code * meson: request native wayland-scanner * meson: use the wayland-scanner.pc to locate the prog * meson: set HAVE_VA_X11 when applicable * style:Correct slight coding style in several new commits * trace: add Linux ftrace mode for va trace * trace: Add missing pthread_mutex_destroy * drm: remove no-longer needed X == X mappings * drm: fallback to drm driver name == va driver name * drm: simplify the mapping table * x11: simplify the mapping table - No code changes - Update to version 2.15.0 was part of Intel oneVPL GPU Runtime 2022Q2 Release 22.4.4 ==== libverto ==== Version update (0.3.1 -> 0.3.2) Subpackages: libverto1 libverto1-32bit - update to 0.3.2: * Fix use-after-free in verto_reinitialize * Fix use-after-free in verto_free() * Remove broken tevent support ==== libyuv ==== - Use YUV_VERSION for library VERSION and YUV_VER_MAJOR for SOVERSION ==== links ==== Version update (2.27 -> 2.28) - update to 2.28: * Disable cache when following redirects from consent.google.com * Fix a display glitch on framebuffer, if the user doesn't have mouse and if he presses F5, F6, F7 or F8 ==== lttng-modules ==== Version update (2.13.4_k5.19.12_1 -> 2.13.7_k5.19.12_1) - Update to version 2.13.7 (changes since 2.13.4): * Fix: incorrect stub prototypes when CONFIG_HAVE_SYSCALL_TRACEPOINTS=n. * Fix: mm/tracing: add 'accounted' entry into output of allocation tracepoints (v6.0). * Fix: block: remove bdevname (v6.0). * Fix: fs/jbd2: Fix the documentation of the jbd2_write_superblock() callers (v6.0). * Fix: tie compaction probe build to CONFIG_COMPACTION. * Fix: net: skb: introduce kfree_skb_reason() (v5.15.58..v5.16). * Fix: workqueue: Fix type of cpu in trace event (v5.19). * Fix: fs: Remove flags parameter from aops->write_begin (v5.19). * Fix: mm/page_alloc: fix tracepoint mm_page_alloc_zone_locked() (v5.19). * Fix: bytecode validator: reject specialised load field/context ref instructions. * Fix: bytecode validator: reject specialised load instructions. * Fix: honour "user" attribute for array/sequence of user integers. * wrapper: powerpc64: fix kernel crash caused by do_get_kallsyms. * Fix: event notification: Remove duplicate event enabled check. * Fix: event notification capture: validate buffer length. * Fix: handle capture page faults as skip field. * Fix: event notification capture error handling. * Fix: capture_sequence_element_{un,}signed: handle user-space input. * Fix: notification capture: handle userspace strings. * Implement lttng_msgpack_write_user_str. * Fix: bytecode interpreter: LOAD_FIELD: handle user fields. * Fix: move "user" attribute from field to type. * Introduce lttng_copy_from_user_check_nofault. * Fix: adjust range v5.10.137 in block probe. * Fix: handle integer capture page faults as skip field. - Drop lttng-modules-2.13.4-linux-5.19.patch: merged upstream. ==== osinfo-db ==== Version update (20220727 -> 20220830) - Update to database version 20220830 osinfo-db-20220830.tar.xz ==== patterns-kde ==== Version update (20220215 -> 20221001) Subpackages: patterns-kde-kde patterns-kde-kde_edutainment patterns-kde-kde_games patterns-kde-kde_ide patterns-kde-kde_imaging patterns-kde-kde_internet patterns-kde-kde_multimedia patterns-kde-kde_office patterns-kde-kde_pim patterns-kde-kde_plasma patterns-kde-kde_utilities patterns-kde-kde_utilities_opt patterns-kde-kde_yast - Update the Qt6 pattern for the 6.4.0 release - Remove obsolete or missing packages from KDE patterns ==== perl-IO-Socket-SSL ==== Version update (2.074 -> 2.075) - updated to 2.075 see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes 2.075 - treat SSL_write returning 0 same as previously -1, as suggested by both OpenSSL and LibreSSL documentation - propagate error from SSL_shutdown, but if the shutdown is caused by an outer SSL error keep the original error - small tests fixes ==== permissions ==== Subpackages: chkstat permissions-config - skip tests on qemu user builds ==== popt ==== Version update (1.18 -> 1.19) Subpackages: libpopt0 libpopt0-32bit popt-lang - popt 1.19: * various build system fixes * various developer visible fixes * Fix the handling of superfluous args passed with = * Fix multiple resource and memory leaks * Fix '=' getting shown for short options * Improve random number handling * translation updates and documentation improvements - refresh spec file, run tests, package license in every package, and treat all compiler warnings and errors ==== pragha ==== Subpackages: pragha-lang - Bump gupnp version requirement to fix Tumbleweed build ==== python-cryptography ==== Version update (37.0.4 -> 38.0.1) - update to 38.0.1: * Fixed parsing TLVs in ASN.1 with length greater than 65535 bytes (typically seen in large CRLs). * Final deprecation of OpenSSL 1.1.0. The next release of ``cryptography`` will drop support. * We no longer ship ``manylinux2010`` wheels. Users should upgrade to the latest ``pip`` to ensure this doesn't cause issues downloading wheels on their platform. We now ship ``manylinux_2_28`` wheels for users on new enough platforms. * Updated the minimum supported Rust version (MSRV) to 1.48.0, from 1.41.0. Users with the latest ``pip`` will typically get a wheel and not need Rust installed, but check :doc:`/installation` for documentation on installing a newer ``rustc`` if required. * :meth:`~cryptography.fernet.Fernet.decrypt` and related methods now accept both ``str`` and ``bytes`` tokens. * Parsing ``CertificateSigningRequest`` restores the behavior of enforcing that the ``Extension`` ``critical`` field must be correctly encoded DER. See `the issue `_ for complete details. * Added two new OpenSSL functions to the bindings to support an upcoming ``pyOpenSSL`` release. * When parsing :class:`~cryptography.x509.CertificateRevocationList` and :class:`~cryptography.x509.CertificateSigningRequest` values, it is now enforced that the ``version`` value in the input must be valid according to the rules of :rfc:`2986` and :rfc:`5280`. * Using MD5 or SHA1 in :class:`~cryptography.x509.CertificateBuilder` and other X.509 builders is deprecated and support will be removed in the next version. * Added additional APIs to :class:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp`, including :attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature_hash_algorithm`, :attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature_algorithm`, :attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature`, and :attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.extension_bytes`. * Added :attr:`~cryptography.x509.Certificate.tbs_precertificate_bytes`, allowing users to access the to-be-signed pre-certificate data needed for signed certificate timestamp verification. * :class:`~cryptography.hazmat.primitives.kdf.kbkdf.KBKDFHMAC` and :class:`~cryptography.hazmat.primitives.kdf.kbkdf.KBKDFCMAC` now support :attr:`~cryptography.hazmat.primitives.kdf.kbkdf.CounterLocation.MiddleFixed` counter location. * Fixed :rfc:`4514` name parsing to reverse the order of the RDNs according to the section 2.1 of the RFC, affecting method :meth:`~cryptography.x509.Name.from_rfc4514_string`. * It is now possible to customize some aspects of encryption when serializing private keys, using :meth:`~cryptography.hazmat.primitives.serialization.PrivateFormat.encryption_builder`. * Removed several legacy symbols from our OpenSSL bindings. Users of pyOpenSSL versions older than 22.0 will need to upgrade. * Added :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES128` and :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES256` classes. These classes do not replace :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES` (which allows all AES key lengths), but are intended for applications where developers want to be explicit about key length. ==== python-pyspnego ==== Version update (0.4.0 -> 0.5.0) - update to 0.5.0: * Added the `auth_stage` extra_info for a CredSSP context to give a human friendly indication of what sub auth stage it is up to. * Added the `protocol_version` extra_info for a CredSSP context to return the negotiated CredSSP protocol version. * Added the `credssp_min_protocol` keyword argument for a CredSSP context to set a minimum version the caller will accept of the peer. * This can be set to `5+` to ensure the peer supports and applies the mitigations for CVE-2018-0886. * Added safeguards when trying to retrieve the completed context attributes of `NegotiateProxy` before any contexts have been set up ==== python-pyudev ==== Version update (0.23.2+14 -> 0.24.0) - update to 0.24.0: * Remove six dependency * Drop pylint tasks * Support python 3.9 and 3.10 ==== python-requests-toolbelt ==== - Add patch stop-using-pyopenssl-compat.patch: * Stop importing (and using!) a pyopenssl compatibility module to avoid a DeprecationWarning. ==== tdb ==== Version update (1.4.6 -> 1.4.7) Subpackages: libtdb1 libtdb1-32bit python3-tdb - update to 1.4.7: * configure/Makefile: export PYTHONHASHSEED=1 in all 'configure/Makefile' scripts * lib:tdb: Reformat shell scripts - spec file cleanups ==== xapian-core ==== Version update (1.4.20 -> 1.4.21) - update to 1.4.21: * Stop trying to check for incompatible C++ ABI between the compiler used to build xapian-core and the compiler used to build code using xapian-core. * Fix new warnings from GCC 12. * Avoid undefined value use when unpacking a key in a corrupted glass docdata table. We now skip further checks on the entry in this case. * Merge allocations in MSVC directory reading compatibility code so we can allocate in a single malloc() call. * Add accept() wrapper which checks an assumption that Microsoft's SOCKET type only actually holds 32 bit values even in 64 bit platforms and throws an exception if violated. * Eliminate a use of sprintf. * Squash some unhelpful MSVC deprecation warnings. * Declare dummy invalid parameter handler noexcept to fix a warning from MSVC. * Include in configure check for sys_errlist as that's where it is with mingw and MSVC. ==== yast2-network ==== Version update (4.5.7 -> 4.5.8) - Fixed issue when writing the NetworkManager config without a gateway (bsc#1203866) - 4.5.8