Packages changed: aalib atftp (0.7.5 -> 0.8.0) cryptsetup ffmpeg-5 (5.1 -> 5.1.1) glibc gnutls hwdata (0.361 -> 0.362) icewm (2.9.8 -> 2.9.9) mythes (1.2.4 -> 1.2.5) netpbm openssl-3 plymouth (22.02.122+73.9826df5 -> 22.02.122+75.6f5dc63) publicsuffix (20220805 -> 20220903) python-greenlet (1.1.2 -> 1.1.3) python-psutil (5.9.1 -> 5.9.2) rdma-core (38.1 -> 42.0) rsync (3.2.5 -> 3.2.6) sudo vym (2.8.8 -> 2.8.41) xdm === Details === ==== aalib ==== - avoid ffast-math (ggo#55522) ==== atftp ==== Version update (0.7.5 -> 0.8.0) - Update to version 0.8.0 * test.sh: add MTFTP tests * Fix MTFTP support for atftp * Fix multicast download. * Fix algorithm in case of packet loss in the last window. * Improve the robustness of the atftp-client in case of package loss or duplication * Implement PCRE tests. * Improve upstream test script. Include tests for windowsize option. * Fix/update minor issues in upstream * Fix the 'windowsize' option for write requests * FAQ INSTALL README.CVS README.PCRE: cosmetic and spelling fixes * *.h: cosmetic and spelling fixes * configure.ac: more fixes, also for libpcre2 detection * Port to maintained PCRE2 API * Changelog: update the recent changes * autoconf: modify autogen.sh * atftp.1: add more examples for options * Add a simple congestion control * Do some cosmetic changes * Add windowsize option as described in RFC7440 ==== cryptsetup ==== Subpackages: cryptsetup-doc cryptsetup-lang libcryptsetup12 libcryptsetup12-32bit libcryptsetup12-hmac - Add virtual provides for 'integritysetup' and 'veritysetup' to match package names provided by Fedora/RHEL, to allow the same set of dependencies to be used across all RPM distributions. ==== ffmpeg-5 ==== Version update (5.1 -> 5.1.1) Subpackages: libavcodec59 libavdevice59 libavfilter8 libavformat59 libavutil57 libpostproc56 libswresample4 libswscale6 - Update to release 5.1.1 * avformat/asfdec_o: limit recursion depth in asf_read_unknown() * libavformat/iff: Check for overflow in body_end calculation * avformat/avidec: Prevent entity expansion attacks * avcodec/h263dec: Sanity check against minimal I/P frame size * avcodec/libvpx: fix assembling vp9 packets with alpha channel * avcodec/libspeexdec: Fix use of uninitialized value * avcodec/alac: don't fail if channels aren't set during init() when extradata is valid * avformat/mov: Check count sums in build_open_gop_key_points() [CVE-2022-2566] [boo#1203441] ==== glibc ==== Subpackages: glibc-32bit glibc-devel glibc-extra glibc-lang glibc-locale glibc-locale-base nscd - errlist-edeadlock.patch: errlist: add missing entry for EDEADLOCK (BZ [#29545]) ==== gnutls ==== Subpackages: libgnutls-dane0 libgnutls30 libgnutls30-32bit libgnutls30-hmac - FIPS: Run the CFB8 cipher selftest without offset [bsc#1203245] * CFB8 list of ciphers: GNUTLS_CIPHER_AES_{128,192,256}_CFB8 * Add gnutls-FIPS-Run-CFB8-without-offset.patch - provide a libgnutls30-hmac-32bit to avoid uninstallable wine when pattern-base-fips is installed [boo#1203353] - FIPS: Additional modifications to the SLI. [bsc#1190698] * Mark CMAC and GMAC and non-approved in gnutls_pbkfd2(). * Mark HMAC keylength less than 112 bits as non-approved in gnutls_pbkfd2(). * Adapt the pbkdf2 selftest and the regression tests accordingly. * Add gnutls-FIPS-SLI-pbkdf2-verify-keylengths-only-SHA.patch - FIPS: Port GnuTLS to use jitterentropy [bsc#1202146, jsc#SLE-24941] * Add new dependency on jitterentropy * Add gnutls-FIPS-jitterentropy.patch ==== hwdata ==== Version update (0.361 -> 0.362) - update to 0.362: + Updated pci, usb and vendor ids. ==== icewm ==== Version update (2.9.8 -> 2.9.9) Subpackages: icewm-config-upstream icewm-default icewm-lang icewm-lite - update to 2.9.9: * Permit percentages to have comma's in icesh. * Keep accurate track of window changes in workspace buttons for PagerShowPreview. Only redraw affected workspace buttons, which reduces the total number of workspace button redraws, especially for larges number of workspace buttons. * Add key bindings for single window tiling operations for issues bbidulock/icewm#335, ice-wm/icewm#74 and ice-wm/icewm#84. * Complete -e option. * WindowMaker dock apps are supported. * Support more HTML entities in icehelp. * Remove dependency on asciidoc and prefer markdown format for the manual. * Prevent warnings. * Also install markdown. * Try srcdir. * Cleanup test and prefer markdown manual. * Cleanup key grabs. * Drop obsolete wmOccupyAll(). * Accept either markdown or asciidoc to generate manual html with CMake. * Add markdown and icesh. * Automatically detect and prevent race conditions in icesh relating to moving and sizing windows for issue #335. Improve the accuracy of the "sizeto" command in icesh for issue #335. Add "extents" command to icesh. Add "workarea" command to icesh. * Get rid of the frameContext. * Prefer findClient in two cases: unmap notify and recv ping. - spec-cleaner run ==== mythes ==== Version update (1.2.4 -> 1.2.5) - Version bump to 1.2.5 * Fix use of deprecated hunspell apis in demo * Fix some compilation warnings ==== netpbm ==== Subpackages: libnetpbm11 - ppmforge-test.patch: fix ppmforge test to avoid float overflow ==== openssl-3 ==== - Do not make libopenssl3-32bit obsolete libopenssl1_1-32bit. They are independent libraries and can be installed simultaneously. ==== plymouth ==== Version update (22.02.122+73.9826df5 -> 22.02.122+75.6f5dc63) Subpackages: libply-splash-core5 libply-splash-graphics5 libply5 plymouth-dracut plymouth-lang plymouth-plugin-label plymouth-plugin-two-step plymouth-scripts plymouth-theme-bgrt plymouth-theme-spinner - Update to version 22.02.122+75.6f5dc63: * Fix build after README changes ==== publicsuffix ==== Version update (20220805 -> 20220903) - Update to version 20220903: * util: gTLD data autopull updates for 2022-09-03T15:15:24 UTC (#1606) * Update public_suffix_list.dat (#1594) * Add streamlitapp.com (#1591) * Update public_suffix_list.dat (#1573) * Add Framer Sites domains to PSL (#1570) * new TLD .ישראל and SLDs for Israel by ISOC-IL (#1595) ==== python-greenlet ==== Version update (1.1.2 -> 1.1.3) - update to 1.1.3: * Add support for Python 3.11. ==== python-psutil ==== Version update (5.9.1 -> 5.9.2) - update to version 5.9.2: * Bug fixes + 2093_, [FreeBSD], **[critical]**: `pids()`_ may fail with ENOMEM. Dynamically increase the "malloc()" buffer size until it's big enough. + 2095_, [Linux]: `net_if_stats()`_ returns incorrect interface speed for 100GbE network cards. + 2113_, [FreeBSD], **[critical]**: `virtual_memory()`_ may raise ENOMEM due to missing "#include " directive. (patch by Peter Jeremy) + 2128_, [NetBSD]: `swap_memory()`_ was miscalculated. (patch by Thomas Klausner) ==== rdma-core ==== Version update (38.1 -> 42.0) Subpackages: libefa1 libibverbs libibverbs1 libmlx4-1 libmlx5-1 librdmacm1 rdma-ndd - Update to v42.0 - Fixes for all providers - Dropped patches merged upstream: - util-Add-barriers-support-for-RISC-V.patch - cmake-Make-modprobe.d-path-configurable.patch - Update gen-pandoc.sh to support python3 ==== rsync ==== Version update (3.2.5 -> 3.2.6) - Use bundled SLP patch now that upstream fixed it: * Remove rsync-3.2.5-slp.patch - update to 3.2.6: * More path-cleaning improvements in the file-list validation code to avoid rejecting of valid args. * A file-list validation fix for a --files-from file that ends without a line-terminating character. * Added a safety check that prevents the sender from removing destination files when a local copy using --remove-source-files has some files that are shared between the sending & receiving hierarchies, including the case where the source dir & destination dir are identical. * Fixed a bug in the internal MD4 checksum code that could cause the digest to be sporadically incorrect (the openssl version was/is fine). * A minor tweak to rrsync added "copy-devices" to the list of known args, but left it disabled by default. - Build SLE version with g++-11 to work around nondeterministic g++-7 (boo#1193895) ==== sudo ==== Subpackages: sudo-plugin-python - Modified sudo-sudoers.patch * bsc#1177578 * Removed redundant and confusing 'secure_path' settings in sudo-sudoers file. ==== vym ==== Version update (2.8.8 -> 2.8.41) - Update to upstream version 2.8.41 - bugfixes, some features - switch to cmake ==== xdm ==== Subpackages: xdm-xsession - Add u_glibc-2.36.patch: use glibc's arc4random instead of libbsd's (bsc#1202222)