Packages changed: MozillaFirefox alsa (1.2.8 -> 1.2.9) alsa-ucm-conf (1.2.8 -> 1.2.9) alsa-utils (1.2.8 -> 1.2.9) chromaprint freerdp gcc12 (12.2.1+git749 -> 12.3.0+git1204) gdm (44.0 -> 44.1) gtk4 gupnp gupnp-av harfbuzz (7.1.0 -> 7.2.0) lapack libavif libbytesize (2.7 -> 2.8) libgexiv2 (0.14.0 -> 0.14.1) liblc3 (1.0.2 -> 1.0.3) libselinux libselinux-bindings libsndfile libssh (0.10.4 -> 0.10.5) libvorbis open-vm-tools openconnect (9.01 -> 9.10) python-Babel (2.11.0 -> 2.12.1) python-argcomplete (2.0.0 -> 3.0.8) python-certifi (2022.12.7 -> 2023.5.7) python-charset-normalizer python-click python-configobj (5.0.6 -> 5.0.8) python-distro python-httpx (0.23.3 -> 0.24.0) python-importlib-metadata (6.3.0 -> 6.6.0) python-importlib-resources (5.10.2 -> 5.12.0) python-lxml python-msgpack python-pyasn1 (0.4.8 -> 0.5.0) python-pyasn1-modules (0.2.8 -> 0.3.0) python-requests-toolbelt (0.9.1 -> 1.0.0) python-rich (12.6.0 -> 13.3.5) python-simplejson (3.18.1 -> 3.19.1) python-six python-zope.interface (5.5.2 -> 6.0) ruby-common strace (6.2 -> 6.3) systemd (253.3 -> 253.4) xen (4.17.0_06 -> 4.17.1_02) xf86-video-dummy (0.4.0 -> 0.4.1) xf86-video-i128 (1.4.0 -> 1.4.1) xz (5.4.2 -> 5.4.3) yast2-bootloader (4.6.0 -> 4.6.1) yast2-network (4.6.1 -> 4.6.2) yast2-trans (84.87.20230428.0cbac11ad7 -> 84.87.20230507.125aa699e6) zlib === Details === ==== MozillaFirefox ==== - Fix i586 build by reducing debug info to -g1. (boo#1210168) ==== alsa ==== Version update (1.2.8 -> 1.2.9) Subpackages: libasound2 libatopology2 - Update to version 1.2.9: * Versioned symbol updates * Various fixes for building on *BSD and Android * Fixes and enhancements of auto silencing and playback drain * Add SND_CTL_EINTR open mode at PCM * Avoid endless loop in snd_pcm_sw_params_default() * Fixes in PCM rate, route/softvol plugins * Fixes in topology API parser, cleanups * Enhancements in latency test program * Minor code cleanup and memory leak fixes in UCM API * emu10k1 config cleanup For details, see: https://www.alsa-project.org/wiki/Changes_v1.2.8_v1.2.9#alsa-lib ==== alsa-ucm-conf ==== Version update (1.2.8 -> 1.2.9) - Update to version 1.2.9: various profile updates for USB-audio, SOF and others. For details, see: https://www.alsa-project.org/wiki/Changes_v1.2.8_v1.2.9#alsa-ucm-conf ==== alsa-utils ==== Version update (1.2.8 -> 1.2.9) - Update to alsa-utils 1.2.9: BSD build fix, and various updates for alsactl, amidi, axfer, alsa-info.sh, alsaloop, alsatplg, alsaucm, aplay, abat. For details, see: https://www.alsa-project.org/wiki/Changes_v1.2.8_v1.2.9#alsa-utils ==== chromaprint ==== - Drop 8ccad69.patch and 82781d02.patch, and add back pkgconfig(libavresample) BuildRequires. Also limit package to build against ffmpeg-4 and older. ==== freerdp ==== Subpackages: libfreerdp2-2 libwinpr2-2 - Add Update_h264_to_use_new_FFMPEG_API.patch: Update h264 to use new FFMPEG API. ==== gcc12 ==== Version update (12.2.1+git749 -> 12.3.0+git1204) - Update to GCC 12.3 release, 0c61aa720e62f1baf0bfd178e283, git1204 * includes regression bug fixes ==== gdm ==== Version update (44.0 -> 44.1) Subpackages: gdm-schema gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0 - Update to version 44.1: + Fix blown assertion log spew. + Updated translations. ==== gtk4 ==== Subpackages: gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0 - Add 966a2350.patch: css: Don't transition to currentColor. Transition to the color that is in use instead. Fixes crashes because currentColor is not an RGBA color and therefor could not be queried later (glgo#GNOME/gtk#5798). ==== gupnp ==== - Add upstream patch: 80e68995.patch: all: Drop xmlRecoverMemory. Use xmlReadMemory, also use NONET flat. ==== gupnp-av ==== Subpackages: libgupnp-av-1_0-3 - Add patch "gupnp-av-libxml2.11-support.patch": Use xmlReadMemory instead of xmlRecoverMemory, as it's been deprecated in libxml2 2.11.0. - Use autosetup and ldconfig_scriptlets macros. ==== harfbuzz ==== Version update (7.1.0 -> 7.2.0) Subpackages: libharfbuzz-gobject0 libharfbuzz-icu0 libharfbuzz-subset0 libharfbuzz0 typelib-1_0-HarfBuzz-0_0 - update to version 7.2.0: + Improve Tifinagh glyph positioning + Fix 4.2.0 regression in applying across syllables in syllabic scripts. + Add flag to avoid glyph substitution closure during subsetting, and the corresponding “--no-layout-closure” option to “hb-subset” command line tool. + Support instancing COLRv1 table + Optimize handling of “gvar” table + Various subsetter bug fixes and improvements, documentation ==== lapack ==== Subpackages: libblas3 libcblas3 liblapack3 - Add _multibuild to define 2nd spec file as additional flavor. Eliminates the need for source package links in OBS. ==== libavif ==== - Add BuildRequires pkgconfig(libwebp) to enable libsharpyuv ==== libbytesize ==== Version update (2.7 -> 2.8) - Drop lang sub-package recommendation. It's not needed anymore now that lang packages provide package supplementation instead. - Make bscalc sub-package 'noarch', since it doesn't contain any binaries, only a Python script and its manpage. - update to 2.8: * Added translation using Weblate * configure.ac: Remove invalid email address for bug reports * spec: Bump release to 21 for Packit daily builds * spec: Fix source archive URL * Make use of error optional * Replace C++ style comments with C style * Various docstring fixes * docs: Remove information about Python 2 support * Remove unused test dependencies variables from Makefile * Do not hardcode pylint executable name in Makefile ==== libgexiv2 ==== Version update (0.14.0 -> 0.14.1) - Update to version 0.14.1: + Clean-up python support + Drop python2 support + Add option for building tests + Only run python tests when python is enabled + Fix get_gps_info() return data with unset altitude + Fix generate_xmp_packet() ignoring its parameters + Fix gexiv2-tool to call initialize() - Use ldconfig_scriptlets macro. ==== liblc3 ==== Version update (1.0.2 -> 1.0.3) - Update to version 1.0.3: + Enhancements: - C++ interface - Remove 1 multiply by samples (when not using upsampling/downsampling feature) - Declare liblc3 as dependency in meson (helps using as meson subproject) - Make encoder/decoder states relocatable + Improve portability: - Enable -pedantic compilation flag - Remove VLA to support compilation with MSVC - Remove use of deprecated int numpy attribute + Fixes: Fix undefined behaviors on integer shifting ==== libselinux ==== Subpackages: libselinux1 selinux-tools - Add _multibuild to define additional spec files as additional flavors. Eliminates the need for source package links in OBS. - Add -ffat-lto-objects to CFLAGS to prevent rpmlint errors because of LTO - Enable LTO as it works fine now. ==== libselinux-bindings ==== - Add python-wheel build dependency to build correctly with latest python-pip version. - Add _multibuild to define additional spec files as additional flavors. Eliminates the need for source package links in OBS. - Enable LTO as it works fine now. ==== libsndfile ==== - Add _multibuild to define 2nd spec file as additional flavor. Eliminates the need for source package links in OBS. ==== libssh ==== Version update (0.10.4 -> 0.10.5) Subpackages: libssh-config libssh4 - update to 0.10.5: * Fix CVE-2023-1667: a NULL dereference during rekeying with algorithm guessing * Fix CVE-2023-2283: a possible authorization bypass in pki_verify_data_signature under low-memory conditions. * Fix several memory leaks in GSSAPI handling code * Escape braces in ProxyCommand created from ProxyJump options for zsh compatibility. * Fix pkg-config path relocation for MinGW * Improve doxygen documentation * Fix build with cygwin due to the glob support * Do not enqueue outgoing packets after sending SSH2_MSG_NEWKEYS * Add support for SSH_SUPPRESS_DEPRECATED * Avoid functions declarations without prototype to build with clang 15 * Fix spelling issues * Avoid expanding KnownHosts, ProxyCommands and IdentityFiles repetitively * Add support sk-* keys through configuration * Improve checking for Argp library * Log information about received extensions * Correctly handle rekey with delayed compression * Move the EC keys handling to OpenSSL 3.0 API * Record peer disconnect message * Avoid deadlock when write buffering occurs and we call poll recursively to flush the output buffer * Disable preauthentication compression by default * Add accidentally removed default compile flags * Solve incorrect parsing of ProxyCommand option ==== libvorbis ==== Subpackages: libvorbis0 libvorbisenc2 libvorbisfile3 - Add _multibuild to define 2nd spec file as additional flavor. Eliminates the need for source package links in OBS. ==== open-vm-tools ==== Subpackages: libvmtools0 open-vm-tools-desktop - Add 0001-build-put-l-specifiers-into-LIBADD-not-LDFLAGS.patch, 0002-build-use-grpc-pkgconfig-to-retrieve-flags-libraries.patch [boo#1210695] - Reduce generated script size by coalescing multiple %service_* ==== openconnect ==== Version update (9.01 -> 9.10) Subpackages: libopenconnect5 openconnect-bash-completion - Update to release 9.10: * Fix external browser authentication with KDE plasma-nm < 5.26. * Always redirect stdout to stderr when spawning external browser. * Increase default queue length to 32 packets. * Fix receiving multiple packets in one TLS frame, and single packets split across multiple TLS frames, for Array. * Handle idiosyncratic variation in search domain separators for all protocols * Support region selection field for Pulse authentication * Support modified configuration packet from Pulse 9.1R16 servers * Allow hidden form fields to be populated or converted to text fields on the command line * Support yet another strange way of encoding challenge-based 2FA for GlobalProtect * Add --sni option (and corresponding C and Java API functions) to allow domain-fronting connections in censored/filtered network environments * Parrot a GlobalProtect server's software version, if present, as the client version (!333) * Fix NULL pointer dereference that has left Android builds broken since v8.20 (!389). * Fix Fortinet authentication bug where repeated SVPNCOOKIE causes segfaults (#514, !418). * Support F5 VPNs which encode authentication forms only in JSON, not in HTML. * Support simultaneous IPv6 and Legacy IP ("dual-stack") for Fortinet . * Support "FTM-push" token mode for Fortinet VPNs . * Send IPv6-compatible version string in Pulse IF/T session establishment * Add --no-external-auth option to not advertise external-browser authentication * Many small improvements in server response parsing, and better logging messages and documentation. ==== python-Babel ==== Version update (2.11.0 -> 2.12.1) - Add fix-tests.patch to make tests work with EST/EDT swap, gh#python-babel/babel#988 - Update to 2.12.1: * Include py.typed file in wheels by @AlexWaygood in #975 * Become 2.12.1 by @akx in #976 - 2.12.0: * docs(changes): Fix broken issue links by @DenverCoder1 in #922 * Update docs build configuration by @akx in #924 * feat: Adds Format.compact_decimal utility by @DenverCoder1 in #921 * Remove vestigial Python 2 long check by @akx in #925 * feat: Support for short compact currency formats by @DenverCoder1 in #926 * Drop support for EOL Python 3.6 by @akx in #919 * Cast number to Decimal in _get_compact_format by @DenverCoder1 in #930 * Replace %/.format/concatenation with f-strings where feasible by @akx in #927 * ci: Fix testing dependencies by @DenverCoder1 in #936 * javascript extract improvements by @johanneswilm in #939 * Fix compact singular formats and patterns with no numbers by @DenverCoder1 in #932 * fix typo by @uniontech-lilinjie in #941 * Enable pre-commit by @akx in #943 * Added inline type annotations to Babel by @DenverCoder1 in #934 * Implement zoneinfo support and make pytz optional by @ds-cbo in #940 * Unify datetime imports by @akx in #945 * Minor cleanups by @akx in #948 * Renovate formatting in test_checkers and test_frontend by @akx in #950 * Add ruff for linting by @akx in #949 * Upgrade to CLDR 42 by @akx in #951 * Update test dependencies (tox v4) by @DenverCoder1 in #953 * Remove redundant tests for babel.support by @akx in #954 * Support for formatting NaN, Infinity by @DenverCoder1 in #955 * Clean up babel.localtime by @akx in #952 * Use standard library UTC by @akx in #957 * Fix unbound exc in babel.dates by @akx in #959 * Finally remove get_next_timezone_transition by @akx in #958 * More fixes and modernization by @akx in #960 * Keep @modifiers when parsing locales by @madduck in #947 * Add two new options in cmdline.rst docs by @m-aciek in #963 * Numbers and core type fixes by @DenverCoder1 in #966 * Use lru_cache where suitable by @akx in #967 * Fix two issues with fuzzy matching by @jeanas in #970 * Renovate CI tools a bit by @akx in #972 * Tox: also test with pytz installed by @akx in #974 * Become 2.12.0 by @akx in #973 ==== python-argcomplete ==== Version update (2.0.0 -> 3.0.8) - Add without_zsh.patch - Delete skip_tcsh_tests.patch - Delete without_fish.patch - Update to 3.0.8: * Test suite shell wrapper: Accept OSError on exit - 3.0.7: * Test suite: Use general regex to cut zsh reset ANSI sequences (#425) - 3.0.6: * Allow importlib-metadata 6.x; skip test failures on Python 3.7 (#420, #424) * Note completers can return iterables of strings, not just lists (#422) * Documentation and test improvements - 3.0.5: * Call _default as fallback in zsh global completion hook * Begin support for mapping-emitting completers - 3.0.4: * activate-global-python-argcomplete: do not overwrite existing dotfile in user directory * Add NOTICE file * Establish long term name for split_line as argcomplete.lexers.split_line - 3.0.3: * Re-add split_line to API (#419) - 3.0.2: * Fix zsh default completion issues - 3.0.1: * Fix zsh autoload issues - 3.0.0: * Fully support zsh. Argcomplete now supports completion descriptions and global completion in zsh. * Clean up top level namespace. * Documentation and test improvements. - 2.1.2: * Test infrastructure improvements * Indicate that there is no support commitment for fish and tcsh shells - 2.1.1: * Documentation and test improvements - 2.1.0: * Remove scripts for contrib-supported shells from global namespace - 2.0.6: * setup.py: exclude test.* subpackages from find_packages (#406) * Support PowerShell (#405) * CI updates - 2.0.5: * Revert "Support powershell (#392)" ==== python-certifi ==== Version update (2022.12.7 -> 2023.5.7) - update to 2023.5.7: Added certs: * CN=BJCA Global Root CA1 O=BEIJING CERTIFICATE AUTHORITY ==== python-charset-normalizer ==== - add sle15_python_module_pythons (jsc#PED-68) ==== python-click ==== - add fix-tests.patch to fix tests with new versions of python packages ==== python-configobj ==== Version update (5.0.6 -> 5.0.8) - update to 5.0.8: * 5.0.7 originally did this work, but 5.0.8 fixes a regression * update testing to validate against python version 2.7 and 3.5-3.11 * update broken links / non-existent services and references ==== python-distro ==== - add sle15_python_module_pythons ==== python-httpx ==== Version update (0.23.3 -> 0.24.0) - update to 0.24.0: * The logging behaviour has been changed to be more in-line with other standard Python logging usages. We no longer have a custom `TRACE` log level, and we no longer use the `HTTPX_LOG_LEVEL` environment variable to auto-configure logging. We now have a significant amount of `DEBUG` logging available at the network level. Full documentation is available at https://www.python-httpx.org/logging/ (#2547, encode/httpcore#648) * The `Response.iter_lines()` method now matches the stdlib behaviour and does not include the newline characters. It also resolves a performance issue. (#2423) * Query parameter encoding switches from using + for spaces and %2F for forward slash, to instead using %20 for spaces and treating forward slash as a safe, unescaped character. This differs from `requests`, but is in line with browser behavior in Chrome, Safari, and Firefox. Both options are RFC valid. (#2543) * NetRC authentication is no longer automatically handled, but is instead supported by an explicit `httpx.NetRCAuth()` authentication class. See the documentation at https://www.python-httpx.org/advanced/#netrc-support (#2525) * The `rfc3986` dependancy has been removed. (#2252) ==== python-importlib-metadata ==== Version update (6.3.0 -> 6.6.0) - update to 6.6.0: * Expanded type annotations. * python/cpython#103661: Removed excess error suppression in ``_read_files_egginfo_installed`` and fixed path handling on Windows. * #422: Removed ABC metaclass from ``Distribution`` and instead deprecated construction of ``Distribution`` objects without concrete methods. * Updated docs with tweaks from upstream CPython. * Consolidated some behaviors in tests around ``_path``. * Added type annotation for ``Distribution.read_text``. ==== python-importlib-resources ==== Version update (5.10.2 -> 5.12.0) - add sle15_python_module_pythons - update to 5.12.0: * importlib_resources (backport) now gives precedence to built-in readers (file system, zip, namespace packages), providing forward-compatibility of behaviors like ``MultiplexedPath``. * #280: Fixed one more ``EncodingWarning`` in test suite. * #265: ``MultiplexedPath`` now honors multiple subdirectories in ``iterdir`` and ``joinpath``. * Packaging refresh, including fixing EncodingWarnings and some tests cleanup. ==== python-lxml ==== - Add patch skip-test-under-libxml2-2.11.1.patch: * Skip a test if using libxml2 >= 2.11.1 ==== python-msgpack ==== - add sle15_python_module_pythons ==== python-pyasn1 ==== Version update (0.4.8 -> 0.5.0) - update to 0.5.0: * Change `RealEncoder.supportIndefLenMode` type to a boolean * Fix CI for py39 test environment * Replace all snmplabs.com links * Use correct SPDX identifier for the license * Re-add ``tagMap`` and ``typeMap`` module level attributes to all encoder and decoder modules. They are aliases for ``TAG_MAP`` and ``TYPE_MAP`` * Restore API for passing for ``tagMap`` and ``typeMap`` arguments to ``Encoder`` and ``Decoder`` classes by name and position, * Re-add ``tagMap`` and ``typeMap`` module level attributes to all encoder and decoder modules. They are aliases for ``TAG_MAP`` and ``TYPE_MAP`` * Restore API for passing for ``tagMap`` and ``typeMap`` arguments to ``Encoder`` and ``Decoder`` classes by name and position, * Make BER/CER/DER decoders streaming and suspendible ==== python-pyasn1-modules ==== Version update (0.2.8 -> 0.3.0) - update to 0.3.0: * Added support for Python 3.8, 3.9, 3.10, 3.11 * Removed support for EOL Pythons 2.4, 2.5, 2.6, 3.2, 3.3, 3.4, 3.5 * Added support for PyPy 3.7, 3.8, 3.9 * Modernized packaging and testing. pyasn1-modules now uses ``setup.cfg``, ``pyproject.toml``, * PyPI package ownership for `pyasn1` and `pyasn1-module` has been transfered to *Christian Heimes* and *Simon Pichugin* in * The upstream repositories for `pyasn1` and `pyasn1-modules` are now in the GitHub organization https://github.com/pyasn1/. * Added tox runner with a handful of basic jobs * Add RFC3125 providing Electronic Signature Policies * Add RFC5126 providing CMS Advanced Electronic Signatures * Improve test routines for RFC5126 * Add RFC4387 providing Certificate Store Access via HTTP * Changed assertion in unit tests from Python built-in to `unittest` provided * Add RFC8692 providing Algorithm Identifiers for RSASSA-PSS and ECDSA Using SHAKEs * Add RFC5753 providing CMS Elliptic Curve Cryptography Algorithms * Add RFC3820 providing Proxy Certificates * Add RFC3370 providing Cryptographic Message Syntax (CMS) Algorithms * Add RFC3537 providing HMAC Key Wrapping * Add RFC3739 providing Qualified Certificates * Add RFC2876 providing KEA and SKIPJACK for CMS * Add RFC3058 providing IDEA Encryption Algorithm for CMS * Add RFC3657 providing Camellia Encryption Algorithm for CMS * Add RFC4010 providing SEED Encryption Algorithm for CMS * Add RFC4357 providing Additional Cryptographic Algorithms for * Add RFC4490 providing GOST 28147-89, GOST R 34.11-94, GOST R 34.10-94, and GOST R 34.10-2001 Algorithms for CMS * Add RFC4491 providing GOST R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94 Algorithms for certificates and CRLs * Add RFC8696 providing using Pre-Shared Key (PSK) in the CMS * Add RFC5639 providing identifiers for the Brainpool curves in Elliptic Curve Cryptography * Add RFC5697 providing Other Certificates Extension * Add RFC4683 providing Subject Identification Method (SIM) * Add RFC4476 providing Attribute Certificate Policies Extension * Add RFC5636 providing Traceable Anonymous Certificate * Add RFC5752 providing Multiple Signatures attribute for CMS * Add RFC5275 providing CMS Symmetric Key Management and Distribution * Add RFC8702 providing SHAKE One-way Hash Functions in the CMS * Add RFC8708 providing HSS/LMS Hash-based Signature Algorithm for CMS * Advance copyright statement to year 2020 * Add RFC8769 providing CBOR and CBOR Sequence content types for CMS ==== python-requests-toolbelt ==== Version update (0.9.1 -> 1.0.0) - Upgrade to 1.0.0: - Breaking Changes - Removed Google App Engine support to allow using urllib3 2.0 - New Features - Add support for preparing requests in BaseUrlSession - Fixed Bugs - Ensured the test suite no longer reaches the Internet - Fix urllib3 warning to only emit on X509Adapter usage - Fixing missing newline in dump utility - Miscellaneous - Added explicit support for Python 3.11 - Remove upstreamed patches: - fix-tests.patch - remove_mock.patch - requests-toolbelt-pr246-collections.abc.patch - Add 356-add-missing-casette-files.patch which adds missing casette test files (gh#requests/toolbelt!356). ==== python-rich ==== Version update (12.6.0 -> 13.3.5) - update to 13.3.5: * Fixed italic indent guides in SVG output * Fixed for `is_terminal` ignoring FORCE_COLOR https://github.com/Textualize/rich/pull/2923 * Added Style.clear_meta_and_links * Reversed `pre` and `code` tags in base HTML format * Fix syntax error when building with nuitka * Fixed pretty printing of empty dataclass * Use `Console(stderr=True)` in `rich.traceback.install` to support io redirection. * Fixes superfluous spaces in html output * Fixed duplicate output in Jupyter * Filter ANSI character-encoding-change codes in `Text.from_ansi` parser * Fixes traceback failing when a frame filename is unreadable * Fix for live update rendering console markup * `rich.progress.track()` will now show the elapsed time after finishing the task * Fixed truecolor to eight bit color conversion * Fixed failing tests due to Pygments dependency * Relaxed ipywidgets * v13.2.0 replaces the unmaintained `commonmark` library with `markdown-it-py`. This new parser has a lot more capabilities and will allow us to implement a number of additional Markdown features in the future. * Switch Markdown parsing from commonmark to markdown-it-py * Fixed wrong filenames in Jupyter tracebacks * Added locals_hide_dunder and locals_hide_sunder to Tracebacks, to hide double underscore and single underscore * Tracebacks will now hide double underscore names from locals by default. Set `locals_hide_dunder=False` to restore previous behaviour. * Fixed issue with Segment.split_cells for mixed single and double cell widths * Some relatively minor fixes and improvements. The most significant update (and the reason for the major version bump) is that Rich has dropped Python3.6 support. * Reversed `pre` and `code` tags in base HTML format * Improved detection of `attrs` library, that isn't confused by the presence of the `attr` library. * Fixed issue with `locals_max_length` parameter not being respected in Traceback * Handling of broken `fileno` made more robust. Fixes * Fixed missing `fileno` on FileProxy * Bumped minimum Python version to 3.7 * Pretty-printing of "tagged" `__repr__` results is now greedy when matching tags * `progress.track` now supports deriving total from `__length_hint__` * Add type annotation for key_separator of pretty.Node ==== python-simplejson ==== Version update (3.18.1 -> 3.19.1) - update to 3.19.1: * This release contains security hardening measures based on recommendations by a security audit sponsored by OSTIF and conducted by X41 D-Sec GmbH. Several of these measures include changing defaults to be more strict, by default simplejson will now only consume and produce compliant JSON, but the flags still exist for any backwards compatibility needs. No high priority issues were discovered, the reference count leak is thought to be unreachable since the digits of the float are checked before PyOS_string_to_double is called. * Fix invalid handling of unicode escape sequences in the pure Python implementation of the decoder (SJ-PT-23-01) * Fix missing reference count decrease if PyOS_string_to_double raises an exception in Python 2.x; was probably unreachable (SJ- PT-23-02) * Backport the integer string length limitation from Python 3.11 to limit quadratic number parsing (SJ-PT-23-03) * Fix inconsistencies with error messages between the C and Python implementations (SJ-PT-23-100) * Remove unused unichr import from encoder (SJ-PT-23-101) * Remove unused namedtuple_as_object and tuple_as_array arguments from simplejson.load (SJ-PT-23-102) * Remove vestigial _one_shot code from iterencode (SJ- PT-23-103) * Change default of allow_nan from True to False and add allow_nan to decoder (SJ-PT-23-107) * Test the sdist to prevent future regressions * Fix regression in sdist archive ==== python-six ==== - Switch documentation to be within the main package. - add sle15_python_module_pythons (jsc#PED-68) ==== python-zope.interface ==== Version update (5.5.2 -> 6.0) - update to 6.0: * Build Linux binary wheels for Python 3.11. * Drop support for Python 2.7, 3.5, 3.6. * Fix test deprecation warning on Python 3.11. * Add preliminary support for Python 3.12 as of 3.12a5. * Drop: * + `zope.interface.implements` * + `zope.interface.implementsOnly` * + `zope.interface.classProvides` ==== ruby-common ==== - cleanup irp code - unify error handling using the exit_with_error function - ensure we add generated files - checkin the newly created package - move new tools into a subpackage ruby-packaging-helpers to avoid dependency to /usr/bin/ruby - Add 2 new utilities - irp aka initialize ruby package does exactly what the name says. does all the work to initialize a new ruby package - bundler-dumpdeps: script to generate BR/Requires based on a Gemfile. ==== strace ==== Version update (6.2 -> 6.3) - Update to strace 6.3 * Implemented --trace-fds=set option for filtering only the syscalls that operate on the specified set of file descriptors. * Implemented --decode-fds=signalfd option for decoding of signal masks associated with signalfd file descriptors. * Implemented --syscall-limit option to automatically detach tracees after capturing the specified number of syscalls. * Implemented --argv0 option to set argv[0] of the command being executed. * Implemented decoding of PR_GET_MDWE and PR_SET_MDWE operations of prctl syscall. * Implemented decoding of IP_LOCAL_PORT_RANGE socket option. * Implemented decoding of IFLA_BRPORT_MCAST_N_GROUPS, IFLA_BRPORT_MCAST_MAX_GROUPS, IFLA_GSO_IPV4_MAX_SIZE, IFLA_GRO_IPV4_MAX_SIZE, and TCA_EXT_WARN_MSG netlink attributes. * Updated lists of F_SEAL_*, IFLA_*, IORING_*, MFD_*, NFT_*, TCA_*, and V4L2_PIX_FMT_* constants. * Updated lists of ioctl commands from Linux 6.3. * Fixed --status filtering when -c option is in use. ==== systemd ==== Version update (253.3 -> 253.4) Subpackages: libsystemd0 libudev1 systemd-container systemd-coredump udev - Rather than having one script per fix, use a single script (or "fixlet") per (sub) package that contains all the fixups relative to a (sub) package. This has the advantage to limit the number of scripts but more importantly it will ease the sharing of the spec file between TW and SLE. We should also be able to compare the fixlets of two distros even if the spec files have diverged. Note that all the fixups are run just once now. - Make use of %_systemd_util_dir in the spec file. - Rename the SUSE specific scripts used to fix up the system where systemd is installed on. Also rename the directory where these scripts are stored. - kbd-model-map.legacy: drop entry for 'ruwin_alt-UTF-8' as yast doesn't rely on it anymore, see https://github.com/yast/yast-country/pull/307 - Import commit 25aec157888f7aa9a36726962fcbbf2c74ead440 (merge of v253.4) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/3ce9610975b5239a21c0c886cb893bb172966de7...25aec157888f7aa9a36726962fcbbf2c74ead440 - Import commit 3ce9610975b5239a21c0c886cb893bb172966de7 3ce9610975 test: dont use anchor char '$' to match a part of a string 03ede3eaa2 locale: when no xvariant match select the entry with an empty xvariant f08017efd5 locale: convert generated vconsole keymap to x11 layout automatically e8cf56459b localed-util: make use of strdupcspn() 821c684440 test: use kbd-mode-map we ship in TEST-73-LOCALE ==== xen ==== Version update (4.17.0_06 -> 4.17.1_02) Subpackages: xen-libs xen-tools-domU - bsc#1210570 - gcc-13 realloc use-after-free analysis error 64525c61-tools-libs-guest-assist-gcc13s-realloc-analyzer.patch - bsc#1209237 - xen-syms doesn't contain debug-info 643e3810-CONFIG_DEBUG_INFO-no-EXPERT.patch 643e387f-xen-update-CONFIG_DEBUG_INFO-help-text.patch 6447a8fd-x86-EFI-permit-crash-dump-analysis.patch - Update to Xen 4.17.1 bug fix release (bsc#1027519) xen-4.17.1-testing-src.tar.bz2 * No upstream changelog found in sources or webpage - Dropped patches contained in new tarball 63a03b73-VMX-VMExit-based-BusLock-detection.patch 63a03ba6-VMX-INTR_SHADOW_NMI-helper.patch 63a03bce-VMX-Notify-VMExit.patch 63a03e28-x86-high-freq-TSC-overflow.patch 63c05478-VMX-calculate-model-specific-LBRs-once.patch 63c05478-VMX-support-CPUs-without-model-specific-LBR.patch 63d24e91-tools-xenstore-revert-simplify-loop-handling.patch 63e53ac9-x86-CPUID-leaves-7-1-ecx-edx.patch 63e53ac9-x86-disable-CET-SS-when-fractured-updates.patch 63ebca9c-x86-spec-ctrl-Mitigate-Cross-Thread-Return-Address-Predictions.patch 63f4d045-x86-ucode-AMD-apply-early-on-all-threads.patch 63fe06e0-x86-ucode-AMD-apply-late-on-all-threads.patch 640f3035-x86-altp2m-help-gcc13.patch 641041e8-VT-d-constrain-IGD-check.patch 64104238-bunzip-gcc13.patch 6419697d-AMD-IOMMU-no-XT-x2APIC-phys.patch 64199e0c-x86-shadow-account-for-log-dirty-mode.patch 64199e0d-x86-HVM-bound-number-of-pca-regions.patch 64199e0e-x86-HVM-serialize-pca-list-manipulation.patch 64199e0f-x86-spec-ctrl-defer-CR4_PV32_RESTORE-for-CSTAR.patch libxl.fix-guest-kexec-skip-cpuid-policy.patch xsa430.patch - bsc#1210315 - VUL-0: CVE-2022-42335: xen: x86 shadow paging arbitrary pointer dereference (XSA-430) xsa430.patch - Not building the shim is correctly handled by --disable-pvshim Drop disable-building-pv-shim.patch ==== xf86-video-dummy ==== Version update (0.4.0 -> 0.4.1) - Update to version 0.4.1 * Avoid leaking pixel memory if DUMMYScreenInit fails * gitlab CI: stop requiring Signed-off-by in commits * List argument types in dummyRec->CreateWindow() function declaration ==== xf86-video-i128 ==== Version update (1.4.0 -> 1.4.1) - Update to version 1.4.1 * Fix spelling/wording issues * gitlab CI: add a basic build test * gitlab CI: stop requiring Signed-off-by in commits * Handle -Wunused-const-variable warnings * Handle -Wdiscarded-qualifiers warnings * Handle -Wempty-body warnings ==== xz ==== Version update (5.4.2 -> 5.4.3) Subpackages: liblzma5 - Update to version 5.4.3: * Build system fixes * Translation updates: Croatian - update signing key ==== yast2-bootloader ==== Version update (4.6.0 -> 4.6.1) - Do not overwrite user selection during migration (bsc#1210811) - 4.6.1 ==== yast2-network ==== Version update (4.6.1 -> 4.6.2) - Fix summary crash when there is no interface available (bsc#1209589, bsc#1211161). - 4.6.2 ==== yast2-trans ==== Version update (84.87.20230428.0cbac11ad7 -> 84.87.20230507.125aa699e6) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sr yast2-trans-sv yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20230507.125aa699e6: * Translated using Weblate (Czech) * Translated using Weblate (Czech) * Translated using Weblate (Czech) * Translated using Weblate (Czech) * Translated using Weblate (Czech) * Translated using Weblate (Japanese) * Translated using Weblate (Slovak) * Translated using Weblate (Dutch) * New POT for text domain 'storage'. * New POT for text domain 'network'. * Translated using Weblate (Macedonian) * Translated using Weblate (Macedonian) * Translated using Weblate (Macedonian) * Translated using Weblate (Spanish) ==== zlib ==== Subpackages: libminizip1 libz1 - Fix deflateBound() before deflateInit(), bsc#1210593, bsc#1211005 bsc1210593.patch