Packages changed: Mesa (23.3.5 -> 23.3.6) Mesa-drivers (23.3.5 -> 23.3.6) acl (2.3.1 -> 2.3.2) apparmor attr (2.5.1 -> 2.5.2) expat (2.5.0 -> 2.6.0) gcc14 (13.2.1+git8285 -> 14.0.1+git8957) ibus-m17n (1.4.27 -> 1.4.28) kernel-source (6.7.4 -> 6.7.5) libapparmor libstorage-ng (4.5.188 -> 4.5.189) python311 python311-core qemu qt6-base (6.6.1 -> 6.6.2) qt6-declarative (6.6.1 -> 6.6.2) qt6-imageformats (6.6.1 -> 6.6.2) qt6-translations (6.6.1 -> 6.6.2) qt6-wayland (6.6.1 -> 6.6.2) rpm-config-SUSE (20240118 -> 20240214) webkit2gtk3 webkit2gtk4 === Details === ==== Mesa ==== Version update (23.3.5 -> 23.3.6) Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - Update to bugfix release 23.3.6 - -> https://docs.mesa3d.org/relnotes/23.3.6.html ==== Mesa-drivers ==== Version update (23.3.5 -> 23.3.6) Subpackages: Mesa-dri Mesa-gallium Mesa-libva - Update to bugfix release 23.3.6 - -> https://docs.mesa3d.org/relnotes/23.3.6.html ==== acl ==== Version update (2.3.1 -> 2.3.2) Subpackages: libacl1 - Update to version 2.3.2: + libobj: declare s_str directly in string_obj_tag. + Use thread-safe getpwnam_r and getgrnam_r. + setfacl: preserve the failed status when processing multiple files. + man: Document pitfall with negative permissions and user namespaces. + tools: mark long_options static & const. ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-parser apparmor-parser-lang apparmor-profiles apparmor-utils apparmor-utils-lang python3-apparmor - Add apparmor-abstractions-openssl-allow-version-specific-en.patch to allow version specific engdef & engines openssl paths (boo#1219571) ==== attr ==== Version update (2.5.1 -> 2.5.2) Subpackages: libattr1 - update to 2.5.2: * attr: eliminate a dead store in attr_copy_action() * libattr: Set symbol versions for legacy syscalls via attribute or asm * exports: use LGPL for library code * documentation updates * translation updates (Polish, Dutch, Gregorian, French) * build system updates ==== expat ==== Version update (2.5.0 -> 2.6.0) Subpackages: libexpat1 - Update keyring automatically from keyserver during OBS service run. - Explicitly use --without-docbook (before it was implicit). - Include missing files for documentation and examples. - Add manpage for xmlwf, which is not available in the release tarball. - Clean the spec file a bit. - Update to 2.6.0: * Security fixes: - CVE-2023-52425 (boo#1219559) - - Fix quadratic runtime issues with big tokens that can cause denial of service, in partial where dealing with compressed XML input. Applications that parsed a document in one go -- a single call to functions XML_Parse or XML_ParseBuffer -- were not affected. The smaller the chunks/buffers you use for parsing previously, the bigger the problem prior to the fix. Backporters should be careful to no omit parts of pull request #789 and to include earlier pull request #771, in order to not break the fix. - CVE-2023-52426 (boo#1219561) - - Fix billion laughs attacks for users compiling *without* XML_DTD defined (which is not common). Users with XML_DTD defined have been protected since Expat >=2.4.0 (and that was CVE-2013-0340 back then). * Bug fixes: - Fix parse-size-dependent "invalid token" error for external entities that start with a byte order mark - Fix NULL pointer dereference in setContext via XML_ExternalEntityParserCreate for compilation with XML_DTD undefined - Protect against closing entities out of order * Other changes: - Improve support for arc4random/arc4random_buf - Improve buffer growth in XML_GetBuffer and XML_Parse - xmlwf: Support --help and --version - xmlwf: Support custom buffer size for XML_GetBuffer and read - xmlwf: Improve language and URL clickability in help output - examples: Add new example "element_declarations.c" - Be stricter about macro XML_CONTEXT_BYTES at build time - Make inclusion to expat_config.h consistent - Autotools: configure.ac: Support --disable-maintainer-mode - Autotools: Sync CMake templates with CMake 3.26 - Autotools: Make installation of shipped man page doc/xmlwf.1 independent of docbook2man availability - Autotools|CMake: Add missing -DXML_STATIC to pkg-config file section "Cflags.private" in order to fix compilation against static libexpat using pkg-config on Windows - Autotools|CMake: Require a C99 compiler (a de-facto requirement already since Expat 2.2.2 of 2017) - Autotools|CMake: Fix PACKAGE_BUGREPORT variable - Autotools|CMake: Make test suite require a C++11 compiler - CMake: Require CMake >=3.5.0 - CMake: Lowercase off_t and size_t to help a bug in Meson - CMake: Sort xmlwf sources alphabetically - CMake|Windows: Fix generation of DLL file version info - CMake: Build tests/benchmark/benchmark.c as well for a build with -DEXPAT_BUILD_TESTS=ON - docs: Document the importance of isFinal + adjust tests accordingly - docs: Improve use of "NULL" and "null" - docs: Be specific about version of XML (XML 1.0r4) and version of C (C99); (XML 1.0r5 will need a sponsor.) - docs: reference.html: Promote function XML_ParseBuffer more - docs: reference.html: Add HTML anchors to XML_* macros - docs: reference.html: Upgrade to OK.css 1.2.0 - docs: Fix typos - docs|CI: Use HTTPS URLs instead of HTTP at various places - Address compiler warnings - Address clang-tidy warnings - Version info bumped from 9:10:8 (libexpat*.so.1.8.10) to 10:0:9 (libexpat*.so.1.9.0); see https://verbump.de/ for what these numbers do ==== gcc14 ==== Version update (13.2.1+git8285 -> 14.0.1+git8957) Subpackages: libatomic1 libgcc_s1 libgfortran5 libgomp1 libobjc4 libquadmath0 libstdc++6 libstdc++6-locale libstdc++6-pp libubsan1 - Update to trunk head, 4a1cd5560b9b545eb848eb1d1e06d345fb, git8957 * bumps libgphobos and libgdrundime SONAME - Use %patch -P N instead of %patchN - Refresh gcc44-rename-info-files.patch ==== ibus-m17n ==== Version update (1.4.27 -> 1.4.28) - Update to 1.4.28 * Add Russian translations ==== kernel-source ==== Version update (6.7.4 -> 6.7.5) - Linux 6.7.5 (bsc#1012628). - ext4: regenerate buddy after block freeing failed if under fc replay (bsc#1012628). - dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools (bsc#1012628). - dmaengine: ti: k3-udma: Report short packet errors (bsc#1012628). - dmaengine: fsl-qdma: Fix a memory leak related to the status queue DMA (bsc#1012628). - dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA (bsc#1012628). - phy: qcom-qmp-usb: fix register offsets for ipq8074/ipq6018 (bsc#1012628). - phy: qcom-qmp-usb: fix serdes init sequence for IPQ6018 (bsc#1012628). - phy: renesas: rcar-gen3-usb2: Fix returning wrong error code (bsc#1012628). - perf tests: Add perf script test (bsc#1012628). - perf test: Fix 'perf script' tests on s390 (bsc#1012628). - perf evlist: Fix evlist__new_default() for > 1 core PMU (bsc#1012628). - dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV (bsc#1012628). - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (bsc#1012628). - cifs: avoid redundant calls to disable multichannel (bsc#1012628). - cifs: failure to add channel on iface should bump up weight (bsc#1012628). - drm/msms/dp: fixed link clock divider bits be over written in BPC unknown case (bsc#1012628). - drm/msm/dp: return correct Colorimetry for DP_TEST_DYNAMIC_RANGE_CEA case (bsc#1012628). - drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup (bsc#1012628). - wifi: iwlwifi: mvm: skip adding debugfs symlink for reconfig (bsc#1012628). - x86/efistub: Give up if memory attribute protocol returns an error (bsc#1012628). - x86/efistub: Avoid placing the kernel below LOAD_PHYSICAL_ADDR (bsc#1012628). - net: stmmac: xgmac: fix handling of DPP safety error for DMA channels (bsc#1012628). - wifi: cfg80211: consume both probe response and beacon IEs (bsc#1012628). - wifi: mac80211: fix RCU use in TDLS fast-xmit (bsc#1012628). - wifi: mac80211: fix unsolicited broadcast probe config (bsc#1012628). - wifi: mac80211: fix waiting for beacons logic (bsc#1012628). - wifi: iwlwifi: exit eSR only after the FW does (bsc#1012628). - wifi: brcmfmac: Adjust n_channels usage for __counted_by (bsc#1012628). - netdevsim: avoid potential loop in nsim_dev_trap_report_work() (bsc#1012628). - net: atlantic: Fix DMA mapping for PTP hwts ring (bsc#1012628). - selftests: net: cut more slack for gro fwd tests (bsc#1012628). - selftests/net: convert unicast_extensions.sh to run it in unique namespace (bsc#1012628). - selftests/net: convert pmtu.sh to run it in unique namespace (bsc#1012628). - selftests/net: change shebang to bash to support "source" (bsc#1012628). - selftests: net: fix tcp listener handling in pmtu.sh (bsc#1012628). - selftests: net: avoid just another constant wait (bsc#1012628). - tsnep: Fix mapping for zero copy XDP_TX action (bsc#1012628). - tunnels: fix out of bounds access when building IPv6 PMTU error (bsc#1012628). - atm: idt77252: fix a memleak in open_card_ubr0 (bsc#1012628). - octeontx2-pf: Fix a memleak otx2_sq_init (bsc#1012628). - hwmon: (aspeed-pwm-tacho) mutex for tach reading (bsc#1012628). - hwmon: (coretemp) Fix out-of-bounds memory access (bsc#1012628). - hwmon: (coretemp) Fix bogus core_id to attr name mapping (bsc#1012628). - inet: read sk->sk_family once in inet_recv_error() (bsc#1012628). - drm/i915/gvt: Fix uninitialized variable in handle_mmio() (bsc#1012628). - x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section (bsc#1012628). - rxrpc: Fix generation of serial numbers to skip zero (bsc#1012628). - rxrpc: Fix delayed ACKs to not set the reference serial number (bsc#1012628). - rxrpc: Fix response to PING RESPONSE ACKs to a dead call (bsc#1012628). - rxrpc: Fix counting of new acks and nacks (bsc#1012628). - selftests: net: let big_tcp test cope with slow env (bsc#1012628). - tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() (bsc#1012628). - af_unix: Call kfree_skb() for dead unix_(sk)->oob_skb in GC (bsc#1012628). - devlink: avoid potential loop in devlink_rel_nested_in_notify_work() (bsc#1012628). - ppp_async: limit MRU to 64K (bsc#1012628). - selftests: cmsg_ipv6: repeat the exact packet (bsc#1012628). - netfilter: nft_compat: narrow down revision to unsigned 8-bits (bsc#1012628). ... changelog too long, skipping 163 lines ... - commit 1dccf2a ==== libapparmor ==== - Add apparmor-abstractions-openssl-allow-version-specific-en.patch to allow version specific engdef & engines openssl paths (boo#1219571) ==== libstorage-ng ==== Version update (4.5.188 -> 4.5.189) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#986 - log textdomain codeset - 4.5.189 ==== python311 ==== Subpackages: python311-curses python311-dbm - Add upstream patch libexpat260.patch, Fix tests for XMLPullParser with Expat 2.6.0, gh#python/cpython#115289 ==== python311-core ==== Subpackages: libpython3_11-1_0 python311-base - Add upstream patch libexpat260.patch, Fix tests for XMLPullParser with Expat 2.6.0, gh#python/cpython#115289 ==== qemu ==== - Update the service file to use OBS-scm (by fvogt) - Various fixes: * [openSUSE][RPM] Fix enabling features on non-x86_64 * [openSUSE][RPM] Disable test-crypto-secret in linux-user build * [openSUSE] Update ipxe submodule reference (bsc#1219733, bsc#1219722) * [openSUSE][RPM] spec: allow building without spice ==== qt6-base ==== Version update (6.6.1 -> 6.6.2) Subpackages: libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6Sql6 libQt6Test6 libQt6Widgets6 qt6-network-tls qt6-networkinformation-glib qt6-networkinformation-nm qt6-platformtheme-gtk3 - Update to 6.6.2 * https://www.qt.io/blog/qt-6.6.2-released - Drop patches, merged upstream: * 0001-QMimeDatabase-handle-buggy-type-definitions.patch * 0001-QMimeDatabase-collect-glob-patterns-from.patch * 0001-HPack-fix-a-Yoda-Condition.patch * 0002-HPack-fix-incorrect-integer-overflow-check.patch * 0001-Http2-fix-potential-overflow-in-assemble_hpack_block.patch ==== qt6-declarative ==== Version update (6.6.1 -> 6.6.2) Subpackages: libQt6LabsAnimation6 libQt6LabsFolderListModel6 libQt6LabsQmlModels6 libQt6LabsSettings6 libQt6LabsSharedImage6 libQt6LabsWavefrontMesh6 libQt6Qml6 libQt6QmlCore6 libQt6QmlLocalStorage6 libQt6QmlModels6 libQt6QmlWorkerScript6 libQt6QmlXmlListModel6 libQt6Quick6 libQt6QuickControls2-6 libQt6QuickControls2Impl6 libQt6QuickDialogs2-6 libQt6QuickDialogs2QuickImpl6 libQt6QuickDialogs2Utils6 libQt6QuickEffects6 libQt6QuickLayouts6 libQt6QuickParticles6 libQt6QuickShapes6 libQt6QuickTemplates2-6 libQt6QuickTest6 qt6-declarative-imports - Update to 6.6.2 * https://www.qt.io/blog/qt-6.6.2-released - Add upstream changes to make build reproducible: * 0001-QuickControls-Link-the-impl-libraries-into-the-base-.patch * 0001-Dialogs-Depend-on-controls-styles-in-QuickDialogs2Qu.patch ==== qt6-imageformats ==== Version update (6.6.1 -> 6.6.2) - Update to 6.6.2 * https://www.qt.io/blog/qt-6.6.2-released ==== qt6-translations ==== Version update (6.6.1 -> 6.6.2) - Update to 6.6.2 * https://www.qt.io/blog/qt-6.6.2-released ==== qt6-wayland ==== Version update (6.6.1 -> 6.6.2) Subpackages: libQt6WaylandClient6 libQt6WaylandCompositor6 libQt6WaylandEglClientHwIntegration6 libQt6WaylandEglCompositorHwIntegration6 libQt6WlShellIntegration6 - Update to 6.6.2 * https://www.qt.io/blog/qt-6.6.2-released - Drop patch, merged upstream: * client-avoid-creating-decorations-in-the-render-thread.patch ==== rpm-config-SUSE ==== Version update (20240118 -> 20240214) - Update to version 20240214: * set_permissions: handle chkstat failure more grateful (bsc#1219736) ==== webkit2gtk3 ==== Subpackages: WebKitGTK-4.1-lang libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Increase mem_per_process again to match what is in SLE. The build was sporadically failing there (bsc#1198743). - Require libwaylandclient0 >= 1.20. 15.4 originally had 1.19.0, but webkitgtk uses a function added in 1.20.0, so we need to ensure that the wayland update is pulled in (bsc#1215072). ==== webkit2gtk4 ==== Subpackages: WebKitGTK-6.0-lang libjavascriptcoregtk-6_0-1 libwebkitgtk-6_0-4 webkitgtk-6_0-injected-bundles - Increase mem_per_process again to match what is in SLE. The build was sporadically failing there (bsc#1198743). - Require libwaylandclient0 >= 1.20. 15.4 originally had 1.19.0, but webkitgtk uses a function added in 1.20.0, so we need to ensure that the wayland update is pulled in (bsc#1215072).