Packages changed: apache2-mod_php7 autofs binutils (2.36 -> 2.37) btrfsprogs (5.13.1 -> 5.14) cronie curl (7.78.0 -> 7.79.0) drbd-utils elfutils-debuginfod ethtool (5.13 -> 5.14) fwnn gd (2.3.2 -> 2.3.3) gimp glibc (2.33 -> 2.34) gnome-remote-desktop (40.0 -> 40.2) gnome-video-effects gstreamer (1.18.4 -> 1.18.5) gstreamer-plugins-bad (1.18.4 -> 1.18.5) gstreamer-plugins-base (1.18.4 -> 1.18.5) gstreamer-plugins-good (1.18.4 -> 1.18.5) gstreamer-plugins-libav (1.18.4 -> 1.18.5) gstreamer-plugins-ugly (1.18.4 -> 1.18.5) gthumb (3.10.4 -> 3.12.0) guile gzip (1.10 -> 1.11) ibus-libpinyin (1.12.0 -> 1.12.1) java-11-openjdk kbd kernel-source (5.14.2 -> 5.14.5) kmod less libalternatives (1.1 -> 1.2+3.b848aad) libgudev (234 -> 237) libhugetlbfs libinput (1.18.1 -> 1.19.0) libpinyin (2.6.0 -> 2.6.1) libvirt mariadb (10.5.10 -> 10.6.4) ncurses (6.2.20210814 -> 6.2.20210911) nmap ntfs-3g_ntfsprogs (2017.3.23 -> 2021.8.22) pam (1.5.1 -> 1.5.2) php7 pmdk (1.9 -> 1.11.0) qca-qt5 (2.3.3 -> 2.3.4) rygel (0.40.1 -> 0.40.2) salt supermin suse-module-tools (16.0.9 -> 16.0.10+7) vim (8.2.3360 -> 8.2.3408) virt-manager yast2 (4.4.17 -> 4.4.20) yast2-bootloader (4.4.6 -> 4.4.7) yast2-control-center (4.4.2 -> 4.4.3) yast2-online-update (4.4.1 -> 4.4.3) yast2-trans (84.87.20210828.fbeca8288d -> 84.87.20210914.a5d6b81b64) === Details === ==== apache2-mod_php7 ==== - added patches https://github.com/php/php-src/commit/b3646440b1808abf0874b6f89027ce53ec5da03f + php7-gd-removed-unused-constants.patch ==== autofs ==== - autofs-5.1.7-use-default-stack-size-for-threads.patch: Use default stack size for threads (bsc#1189199) ==== binutils ==== Version update (2.36 -> 2.37) Subpackages: libctf-nobfd0 libctf0 - Bump binutils-2.37-branch.diff: fixes PR28138. - Use LTO & PGO build. - Update to binutils 2.37: * The GNU Binutils sources now requires a C99 compiler and library to build. * Support for the arm-symbianelf format has been removed. * Support for Realm Management Extension (RME) for AArch64 has been added. * A new linker option '-z report-relative-reloc' for x86 ELF targets has been added to report dynamic relative relocations. * A new linker option '-z start-stop-gc' has been added to disable special treatment of __start_*/__stop_* references when - -gc-sections. * A new linker options '-Bno-symbolic' has been added which will cancel the '-Bsymbolic' and '-Bsymbolic-functions' options. * The readelf tool has a new command line option which can be used to specify how the numeric values of symbols are reported. - -sym-base=0|8|10|16 tells readelf to display the values in base 8, base 10 or base 16. A sym base of 0 represents the default action of displaying values under 10000 in base 10 and values above that in base 16. * A new format has been added to the nm program. Specifying '--format=just-symbols' (or just using -j) will tell the program to only display symbol names and nothing else. * A new command line option '--keep-section-symbols' has been added to objcopy and strip. This stops the removal of unused section symbols when the file is copied. Removing these symbols saves space, but sometimes they are needed by other tools. * The '--weaken', '--weaken-symbol' and '--weaken-symbols' options supported by objcopy now make undefined symbols weak on targets that support weak symbols. * Readelf and objdump can now display and use the contents of .debug_sup sections. * Readelf and objdump will now follow links to separate debug info files by default. This behaviour can be stopped via the use of the new '-wN' or '--debug-dump=no-follow-links' options for readelf and the '-WN' or '--dwarf=no-follow-links' options for objdump. Also the old behaviour can be restored by the use of the '--enable-follow-debug-links=no' configure time option. The semantics of the =follow-links option have also been slightly changed. When enabled, the option allows for the loading of symbol tables and string tables from the separate files which can be used to enhance the information displayed when dumping other sections, but it does not automatically imply that information from the separate files should be displayed. If other debug section display options are also enabled (eg '--debug-dump=info') then the contents of matching sections in both the main file and the separate debuginfo file *will* be displayed. This is because in most cases the debug section will only be present in one of the files. If however non-debug section display options are enabled (eg '--sections') then the contents of matching parts of the separate debuginfo file will *not* be displayed. This is because in most cases the user probably only wanted to load the symbol information from the separate debuginfo file. In order to change this behaviour a new command line option --process-links can be used. This will allow di0pslay options to applied to both the main file and any separate debuginfo files. * Nm has a new command line option: '--quiet'. This suppresses "no symbols" diagnostic. - Includes fixes for these CVEs: bnc#1181452 aka CVE-2021-20197 aka PR26945 bnc#1183511 aka CVE-2021-20284 aka PR26931 bnc#1184620 aka CVE-2021-3487 aka PR26946 bnc#1184794 aka CVE-2020-35448 aka PR26574 - Rebased patches: binutils-build-as-needed.diff, binutils-fix-abierrormsg.diff, binutils-fix-invalid-op-errata.diff, binutils-fix-relax.diff, binutils-revert-nm-symversion.diff, binutils-revert-plt32-in-branches.diff - Removed patches (are in upstream): ppc-ensure-undef-dynamic-weak-undefined.patch and ppc-use-local-plt.patch. - Add binutils-2.37-branch.diff.gz. ==== btrfsprogs ==== Version update (5.13.1 -> 5.14) Subpackages: btrfsprogs-udev-rules libbtrfs0 - Update to 5.14 * convert: * new option --uuid to copy, generate or set a given uuid * improve output * mkfs: * allow to create degenerate raid0 (on 1 device) and raid10 (on 2 devices) * image: * improved error messages * fix some alignment of restored image * subvol delete: allow to delete by id when path is not resolvable * check: * require alignment of nodesize for 64k page systems * detect and fix invalid block groups * libbtrfs (deprecated): * remove most exported symbols, leave only a few that are used by snapper * no version change (still 0.1) * remove btrfs-list.h, btrfsck.h * fixes: * reset generation of space v1 if v2 is used * fi us: don't wrongly report missing device size when partition is not readable * other: * build: experimental features * build: better detection of 64bit timestamp support for ext4 * corrupt-block: block group items * new and updated tests * refactoring * experimental features: * new image dump format, with data ==== cronie ==== Subpackages: cron - Increase limit of allowed entries in crontab files to fix bsc#1187508 * cronie-1.5.7-increase_crontab_limit.patch - Run spec-cleaner - Remove cronie-rpmlintrc as the filter was unused ==== curl ==== Version update (7.78.0 -> 7.79.0) Subpackages: libcurl4 - Temporarily disable flaky test 1184 * See https://github.com/curl/curl/issues/7725 - Update to 7.79.0: [bsc#1190213, CVE-2021-22945] [bsc#1190373, CVE-2021-22946] [bsc#1190374, CVE-2021-22947] * Changes: - bearssl: support CURLOPT_CAINFO_BLOB - http: consider cookies over localhost to be secure - secure transport: support CURLINFO_CERTINFO * Bugfixes: - CVE-2021-22945: clear the leftovers pointer when sending succeeds - CVE-2021-22946: do not ignore --ssl-reqd - CVE-2021-22947: reject STARTTLS server response pipelining - auth: do not append zero-terminator to authorisation id in kerberos - auth: properly handle byte order in kerberos security message - auth: use sasl authzid option in kerberos - auth: we do not support a security layer after kerberos authentication - c-hyper: deal with Expect: 100-continue combined with POSTFIELDS - c-hyper: handle HTTP/1.1 => HTTP/1.0 downgrade on reused connection - c-hyper: initial step for 100-continue support - c-hyper: initial support for "dumping" 1xx HTTP responses - curl-openssl.m4: show correct output for OpenSSL v3 - docs/MQTT: update state of username/password support - docs: the security list is reached at security at curl.se now - getparameter: fix the --local-port number parser - hostip: Make Curl_ipv6works function independent of getaddrinfo - http_proxy: fix the User-Agent inclusion in CONNECT - http_proxy: fix user-agent and custom headers for CONNECT with hyper - http_proxy: only wait for writable socket while sending request - mailing lists: move from cool.haxx.se to lists.haxx.se - mbedtls: avoid using a large buffer on the stack - mbedTLS: initial 3.0.0 support - ngtcp2: remove the acked_crypto_offset struct field init - ngtcp2: replace deprecated functions with nghttp3_conn_shutdown_stream_read - ngtcp2: reset the oustanding send buffer again when drained - ngtcp2: rework the return value handling of ngtcp2_conn_writev_stream - ngtcp2: stop buffering crypto data - ngtcp2: utilize crypto API functions to simplify - openssl: when creating a new context, there cannot be an old one - scripts: invoke interpreters through /usr/bin/env - tests/runtests.pl: cleanup copy&paste mistakes and unused code - tests: be explicit about using 'python3' instead of 'python' - tool/tests: fix potential year 2038 issues - tool_operate: Fix --fail-early with parallel transfers - x509asn1: fix heap over-read when parsing x509 certificates * Rebase libcurl-ocloexec.patch ==== drbd-utils ==== - bsc#1190591, fail to start due to lack of /usr/var/run/drbd ==== elfutils-debuginfod ==== - Add harden_debuginfod.service.patch as Automatic systemd hardening effort by the security team. ==== ethtool ==== Version update (5.13 -> 5.14) - update to new upstream release 5.14 * Feature: do not silently ignore --json if unsupported * Feature: support new message types in pretty print ==== fwnn ==== - Added hardening to systemd service(s) (bsc#1181400). Modified: * fcwnn.service * fkwnn.service * ftwnn.service * fwnn.service ==== gd ==== Version update (2.3.2 -> 2.3.3) Subpackages: libgd3 - version update to 2.3.3 [bsc#1190400] * update cmake to generate config.h in the build dir * 2.3.3 release * gdPutBuf return value check * HEIF builds fail with latest distros * segfault in heif tests due to missing label.heic * Test failure avif/compare_avif_to_png with libavif-0.8.2 * imagecopyresampled() produce artifacts on transparent PNG * Fixes to build v2.3.0 on Windows with MinGW-w64 * optimize option in gif animation causes segfault * _gdContributionsCalc() always uses DEFAULT_BOX_RADIUS * gdImageRotateInterpolated() converts the source image to truecolor * CMake and Makefiles build broken on Windows * gdImageScaleTwoPass() looses top row and left column ==== gimp ==== Subpackages: gimp-lang gimp-plugin-aa gimp-plugins-python libgimp-2_0-0 libgimpui-2_0-0 - Remove obsolete translation-update-upstream support (jsc#SLE-21105). ==== glibc ==== Version update (2.33 -> 2.34) Subpackages: glibc-32bit glibc-devel glibc-extra glibc-lang glibc-locale glibc-locale-base nscd - Don't create separate debuginfo packages for cross packages - ldconfig-leak-empty-paths.patch: ldconfig: avoid leak on empty paths in config file - gconv-parseconfdir-memory-leak.patch: gconv_parseconfdir: Fix memory leak - gaiconf-init-double-free.patch: gaiconf_init: Avoid double-free in label and precedence lists - copy-and-spawn-sgid-double-close.patch: copy_and_spawn_sgid: Avoid double calls to close() - icon-charmap-close-output.patch: iconv_charmap: Close output file when done - fcntl-time-bits-64-redirect.patch: Linux: Fix fcntl, ioctl, prctl redirects for _TIME_BITS=64 (BZ #28182) - librt-null-pointer.patch: librt: fix NULL pointer dereference (BZ [#28213]) - Add cross development packages for aarch64 and riscv64. - Update to glibc 2.34 Major new features: * When _DYNAMIC_STACK_SIZE_SOURCE or _GNU_SOURCE are defined, PTHREAD_STACK_MIN is no longer constant and is redefined to sysconf(_SC_THREAD_STACK_MIN) * Add _SC_MINSIGSTKSZ and _SC_SIGSTKSZ * The dynamic linker implements the --list-diagnostics option, printing a dump of information related to IFUNC resolver operation and glibc-hwcaps subdirectory selection * On Linux, the function execveat has been added * The ISO C2X function timespec_getres has been added * The feature test macro __STDC_WANT_IEC_60559_EXT__, from draft ISO C2X, is supported to enable declarations of functions defined in Annex F of C2X * Add support for 64-bit time_t on configurations like x86 where time_t is traditionally 32-bit * The main gconv-modules file in glibc now contains only a small set of essential converter modules and the rest have been moved into a supplementary configuration file gconv-modules-extra.conf in the gconv-modules.d directory in the same GCONV_PATH * On Linux, a new tunable, glibc.pthread.stack_cache_size, can be used to configure the size of the thread stack cache * The function _Fork has been added as an async-signal-safe fork replacement since Austin Group issue 62 droped the async-signal-safe requirement for fork (and it will be included in the future POSIX standard) * On Linux, the close_range function has been added * The function closefrom has been added * The posix_spawn_file_actions_closefrom_np function has been added, enabling posix_spawn and posix_spawnp to close all file descriptors great than or equal to a giver integer Deprecated and removed features, and other changes affecting compatibility: * The function pthread_mutex_consistent_np has been deprecated * The function pthread_mutexattr_getrobust_np has been deprecated * The function pthread_mutexattr_setrobust_np has been deprecated * The function pthread_yield has been deprecated * The function inet_neta declared in has been deprecated * Various rarely-used functions declared in and have been deprecated * The pthread cancellation handler is now installed with SA_RESTART and pthread_cancel will always send the internal SIGCANCEL on a cancellation request * The symbols mallwatch and tr_break are now deprecated and no longer used in mtrace * The __morecore and __after_morecore_hook malloc hooks and the default implementation __default_morecore have been removed from the API * Debugging features in malloc such as the MALLOC_CHECK_ environment variable (or the glibc.malloc.check tunable), mtrace() and mcheck() have now been disabled by default in the main C library * The deprecated functions malloc_get_state and malloc_set_state have been moved from the core C library into libc_malloc_debug.so * The deprecated memory allocation hooks __malloc_hook, __realloc_hook, __memalign_hook and __free_hook are now removed from the API Changes to build and runtime requirements: * On Linux, the shm_open, sem_open, and related functions now expect the file shared memory file system to be mounted at /dev/shm Security related changes: CVE-2021-27645: The nameserver caching daemon (nscd), when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system CVE-2021-33574: The mq_notify function has a potential use-after-free issue when using a notification type of SIGEV_THREAD and a thread attribute with a non-default affinity mask - nss-database-check-reload.patch, nss-load-chroot.patch, x86-isa-level.patch, nscd-netgroupcache.patch, nss-database-lookup.patch, select-modify-timeout.patch, nptl-db-libpthread-load-order.patch, rawmemchr-warning.patch, tst-cpu-features-amx.patch, mq-notify-use-after-free.patch: Removed ==== gnome-remote-desktop ==== Version update (40.0 -> 40.2) - Update to version 40.2: + rdp-fuse-clipboard: Handle FUSE lifetime object in FUSE thread + tests: Use bash from environment instead of hardcoded path - Changes from version 40.1: + clipboard-rdp: - Also output client capabilities - Add dummy handling for the Temporary Directory PDU - Advertise clipboard data locking - Adapt to data locking changes - Add APIs to lock/unlock the clients clipboard data - Implement clipboard data locking - clipboard-rdp: Use g_idle_add() instead of g_timeout_add() + rdp: Allow submitting clipDataIds for FileContentsRequests + rdp-fuse-clipboard: - Remove the old API - Use notify_delete() instead of notify_inval_entry() - Be more verbose with file range requests - Read files until the very end - Handle all file lists via clipDataIds + rdp-sam: Remove stray trailing whitespaces + pipewire-stream: Don't leak GSource's + build: - Add missing new line - Explicitly depend on glib >= 2.68 ==== gnome-video-effects ==== - Add frei0r-plugins Recommends: This adds a few filters in Cheese. ==== gstreamer ==== Version update (1.18.4 -> 1.18.5) Subpackages: gstreamer-lang gstreamer-utils libgstreamer-1_0-0 typelib-1_0-Gst-1_0 - Remove obsolete translation-update-upstream and gnome-patch-translation support (PM-2938). - Update to version 1.18.5: + aggregator: - Release the SRC lock while querying latency - Release pads' peeked buffer when removing the pad or finalizing it + basesink: Don't swap rstart/rstop when stepping + basesrc: Print segments with GST_SEGMENT_FORMAT and not GST_PTR_FORMAT + childproxy: init value in gst_child_proxy_get_property() if needed + clocksync: Fix providing system clock by default + concat: - Properly propagate seqnum of segment events - adjust running time offsets on downstream events - fix locking in SEGMENT event handler + downloadbuffer/sparsefile: several fixes for win32 + element: NULL the lists of contexts in dispose() + multiqueue: - Use running time of gap events for wakeups. - Ensure peer pad exists when iterating internal links + pad: - Keep IDLE probe hook alive during immediate callback - Ensure last flow return is set on sink pads in push mode - Don't spam the debug log at INFO level when default-chaining a buffer list - clear probes holding mutex + parse-launch: - Fix a critical when using the : operator. + Don't do delayed property setting for top-level properties. + plugin: load plugins with unknown license strings + ptpclock: Don't leak the GList + queue2: Refuse all serialized queries when posting buffering messages + systemclock: Update monotonic reference time when re-scheduling + High CPU usage in 1.18 (but not master) when pausing playback in gnome-music + Don't use volatile to mean atomic (fixes compiler warnings with gcc 11) ==== gstreamer-plugins-bad ==== Version update (1.18.4 -> 1.18.5) Subpackages: gstreamer-plugins-bad-lang gstreamer-transcoder libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 typelib-1_0-GstTranscoder-1_0 - Update to version 1.18.5: + audiolatency: - Use live mode audiotestsrc - Handle audio buffers with invalid duration + ccconverter: fix framerate caps negotiation from non-cdp to cdp + dashdemux: - Properly initalize GError, remove duplicate logging call - Log protection events on corresponding pad - Fix dash_mpdparser_check_mpd_client_set_methods unit test + h264parse,h265parse: Push parameter set NAL units again per segment-done + h265parse: - Fix a typo in get_compatible_profile_caps() - Don't invalidate the last PPS when parsing a new SPS + h264parse: improve PPS handling + h2645parser: Catch overflows in AVC/HEVC NAL unit length calculations + interlace: - Don't set field-order field for progressive caps, fixes negotiation issues - Fix too small buffer size error + jpegparse: Don't generate timestamp for 0/1 framerates + opencv: fix build error on macOS + openexr: Fix build with OpenEXR 3 + openh264enc: fix broken sps/pps header generation and some minor leaks + mpeg2enc: - Fix interlace-mode detection on input video - Only allow 1 pending frame for encoding (fixes unbound memory usage in case encoder can't keep up with input) + mfvideoenc: Don't pass 0/1 framerate to MFT + mfvideosrc: - Fix for negative MF stride - Fix negotiation when interlace-mode is specified + mxfvanc: Handle empty ANC essence + rtmp2src: workaround a GLib race when destroying a GMainContext/GSource + rtpsrc: Plug leak of rtcp_send_addr and fix setting URI back to NULL + rtpsink: Return proper pad from _request_new_pad() + rist: Plug leak of rtcp_send_addr + rtmp2: Use correct size of write macro for param2 + rtmp2/connection: Separate inner from outer cancelling + tsmux: - When selecting random PIDs, name the pads according to those PIDs - Recheck existing pad PIDs when requesting a new pad with a random pid + tsdemux: - Fix seek with stop regression - Clear all streams when rewinding, fixes the case where the demuxer sends out partial invalid data downstream after a seek which causes some decoders (such as dvdlpmdec) to error out + v4l2slh264dec: Fix slice header bit size calculation + videoparseutils: Fix for wrong CEA708 minimum size check + waylandsink: Fix for missing initial configure + wpe: Make threaded view singleton creation thread safe + x265: Fix a deadlock when failing to create the x265enc + Don't use volatile to mean atomic (fixes compiler warnings with gcc 11) - Drop gstreamer-plugins-bad-openexr3.patch: Fixed upstream. - No longer pass nvdec=disabled, nvenc=disabled and vdpau=disabled to meson, no longer needed, nor recognized. ==== gstreamer-plugins-base ==== Version update (1.18.4 -> 1.18.5) Subpackages: gstreamer-plugins-base-lang libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstAudio-1_0 typelib-1_0-GstPbutils-1_0 typelib-1_0-GstTag-1_0 typelib-1_0-GstVideo-1_0 - Remove obsolete translation-update-upstream support (PM-2938). - Update to version 1.18.5: + appsrc: Don't leak buffer list while wrongly unreffing buffer on EOS/flushing + audioaggregator: - Don't overwrite already written samples - Resync on the next buffer when dropping a buffer on discont resyncing + audiobasesink: Fix of double lock release + audiobasesrc: Fix divide by zero assertion + clockoverlay: Fix broken string formatting by strftime() on Windows + compositor: Fix NV12 blend operation + giosrc: Don't leak scheme string in gst_gio_src_query() + giobasesink: Handle incomplete writes in gst_gio_base_sink_render() + gl/wayland: - Use consistent wl_display when creating work queue for proxy wrapper - Provide a dummy global_remove function + gl: Fix build when Meson >= 0.58.0rc1 + playbin2: fix base_time selection when flush seeking live (such as with RTSP) + rtspconnection: - Add IPv6 support for tunneled mode - Consistently translate GIOError to GstRTSPResult (for rtspsrc) + rawbaseparse: check destination format correctly + uridecodebin: Don't force floating reference for future reusable decodebin + parsebin: Put stream flags in GstStream + splitmuxsink: always use factory property when set + video-converter: Set up matrix tables only once. + videoscale: Performance degradation from 1.16.2 -> 1.18.4 + videotestsrc: Fix a leak when computing alpha caps + audio/video-converter: Plug some minor leaks + audio,video-format: Make generate_raw_formats idempotent for assertions + Don't use volatile to mean atomic (fixes compiler warnings with gcc 11) + Fix build issue on MinGW64 - Drop 90903917.patch: Fixed upstream. ==== gstreamer-plugins-good ==== Version update (1.18.4 -> 1.18.5) Subpackages: gstreamer-plugins-good-extra gstreamer-plugins-good-gtk gstreamer-plugins-good-jack gstreamer-plugins-good-lang gstreamer-plugins-good-qtqml - Remove obsolete translation-update-upstream support (PM-2938). - Update to version 1.18.5: + avidemux: Also detect 0x000001 as H264 byte-stream start code in codec_data + deinterlace: - Plug a method subobject leak - Drop field-order field if outputting progressive + jpegdec: Fix crash when interlaced field height is not DCT block size aligned + qmlglsink: Keep old buffers around a bit longer if they were bound by QML + qml: qtitem: don't potentially leak a large number of buffers + qtdemux: Force stream-start push when re-using EOS'd streams + qtmux: - For Apple ProRes, allow overriding pixel bit depth, e.g. when exporting an opaque image, yet with alpha. - Make sure to write 64-bit STCO table when needed. + rtpjpegpay: fix image corruption when compiled with MSVC on Windows + rtpptdemux: Remove pads also in PAUSED->READY + rtph265depay: update codec_data in caps regardless of format + rtspsrc: - Do not overwrite the known duration after a seek - De-dup seek event seqnums to avoid multiple seeks - Fix race saving seek event seqnum - Using multicast UDP has no relation to seekability, also add some logging - Fix more signals - Fix accumulation of before-send signal return values + rtpjitterbuffer: - Fix parsing of the mediaclk:direct= field - Avoid generation of invalid timestamps - Check srcresult before waiting on the condition variable too - More logging when calculating rfc7273 timestamps + souphttpsrc: Always use the content decoder but set `Accept-Encoding:... + udpsrc: Plug leaks of saddr in error cases + multiudpsink: Fix broken SO_SNDBUF get/set on Windows + v4l2object: - Add interlace-mode back to caps for camera - Use default colorimetry if that in caps is unknown - Avoid colorimetry mismatch for streams with invalid colorimetry - Add support for hdr10 stream playback + wavparse: adtl/note/labl chunk parsing fixes + Don't use volatile to mean atomic (fixes compiler warnings with gcc 11) + 1.18.4: build fails with glib 2.67.6 and gcc-11: argument 2 of ?_atomicload? must not be a pointer to a ?volatile? type - Drop 612102fdbc3f813bf9d3406165692b5f742e51a6.patch: Fixed upstream. ==== gstreamer-plugins-libav ==== Version update (1.18.4 -> 1.18.5) - Update to version 1.18.5: + avmux: - Blacklist ttml subtitles (fixes crash with ffmpeg >= 4.4) - Fix segfault when a plugin's long_name is NULL + avviddec: - Fix size of linesize parameter - Take into account coded_height for pool + avdemux: fix build with FFmpeg 4.4 ==== gstreamer-plugins-ugly ==== Version update (1.18.4 -> 1.18.5) Subpackages: gstreamer-plugins-ugly-lang - Update to version 1.18.5: + asfdemux/realmedia: Drop duplicate seek events + Don't use volatile to mean atomic (fixes compiler warnings with gcc 11) ==== gthumb ==== Version update (3.10.4 -> 3.12.0) Subpackages: gthumb-lang - Update to version 3.12.0: + New features and user visible changes: - Added ability to load AVIF/HEIF images using libheif. - Added ability to save images as AVIF. - Add JPEG XL (*.jxl) read support. - File manager: added file actions to the viewer context menu. - Extensions: removed facebook and picasaweb uploaders. - Image viewer: use a proportional zoom increment. - Read color profiles from png files as well. - Media viewer: use accurate seeking when clicking on the progress bar. - Media viewer: show the pointed time when hovering over the progress bar. - Preferences: added option to show/hide the statusbar. - Rename files: added a button to revert to the last used template. - Added configurable shortcuts for Save and Save As. - Media viewer: added keyboard shortcuts. - File list: always allow to use Control-A to select all files. - Allow to set shortcuts to activate filters. - Added a template editor to edit text values with special codes: script commands, rename templates, print header and footer, etc. - Faster navigation when a directory contains thousands of images. - File list: start more thumbnailers in parallel. - Allow to mount unmounted volumes. - Color picker: added other formats: rgb in % and hsl. - Allow to keep browsing while executing long-running external tools. - Status bar: added button to show the progress dialog. - File properties: do not reset the selection after showing another image. - Histogram: show the properties in a single column to save horizontal space. + Bugs fixed: - Install the gThumb import desktop file. - Fix memory leak when loading webp, jxl, avif images. - Check if image is null before using it. - Added a Flatpak manifest. - Contact sheet: fixed themes list always empty. - Raw: Make compatible with LibRaw 0.21 - Folder context menu: do not allow to move if cannot delete. - Folder context menu: do not allow to copy not mounted volumes. - Terminal: enable only for local folders. - Lots of others small fixes. ==== guile ==== Subpackages: guile-modules-3_0 libguile-3_0-1 - gnulib-dynarray.patch: Update gnulib module dynarray to fix use of reserved macros ==== gzip ==== Version update (1.10 -> 1.11) - Update to 1.11: * Performance improvements * Added hardware acceleration for IBM Z - Refresh patches: * manpage-no-date.patch * xz_lzma.patch - Remove upstreamed patches: * gzip-1.10-fix-DFLTCC-segfault.patch * gzip-1.10-fix_count_of_lines_to_skip.patch * gzip-1.10-ibm_dfltcc_support.patch ==== ibus-libpinyin ==== Version update (1.12.0 -> 1.12.1) - Update version to 1.12.1 * support compatibility display style * remember cloud input * bug fixes ==== java-11-openjdk ==== Subpackages: java-11-openjdk-headless - Added patch: * fips.patch + implement FIPS support in OpenJDK - Modified patch: * nss-security-provider.patch + revert recent changes making NSS provider the default one + fixes bsc#1190252 ==== kbd ==== Subpackages: kbd-legacy - Only run kbdsettings.service if /etc/sysconfig/keyboard exists. Necessary for image based installations without admin made changes. ==== kernel-source ==== Version update (5.14.2 -> 5.14.5) Subpackages: kernel-default kernel-docs - Linux 5.14.5 (bsc#1012628). - Revert "posix-cpu-timers: Force next expiration recalc after itimer reset" (bsc#1012628). - Revert "time: Handle negative seconds correctly in timespec64_to_ns()" (bsc#1012628). - Delete patches.suse/posix-cpu-timers-Fix-spuriously-armed-0-value-itimer.patch. - commit 048e6c0 - crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() (bsc#1189884 CVE-2021-3744 bsc#1190534 CVE-2021-3764). - commit e7a1776 - posix-cpu-timers: Fix spuriously armed 0-value itimer (timer breakage). - commit c8203f6 - Revert "rpm: Abolish scritplet templating (bsc#1189841)." This reverts commit e98096d5cf85dbe90f74a930eb1f0e3fe4a70c7f. "nothing provides suse-kernel-rpm-scriptlets". This is provided by suse-module-tools which are not in TW quite yet. See: https://build.opensuse.org/request/show/919012 So revert this temporarily. - commit f924054 - Linux 5.14.4 (bsc#1012628). - locking/mutex: Fix HANDOFF condition (bsc#1012628). - regmap: fix the offset of register error log (bsc#1012628). - regulator: tps65910: Silence deferred probe error (bsc#1012628). - crypto: mxs-dcp - Check for DMA mapping errors (bsc#1012628). - sched/deadline: Fix reset_on_fork reporting of DL tasks (bsc#1012628). - power: supply: axp288_fuel_gauge: Report register-address on readb / writeb errors (bsc#1012628). - crypto: omap-sham - clear dma flags only after omap_sham_update_dma_stop() (bsc#1012628). - sched/deadline: Fix missing clock update in migrate_task_rq_dl() (bsc#1012628). - rcu/tree: Handle VM stoppage in stall detection (bsc#1012628). - EDAC/mce_amd: Do not load edac_mce_amd module on guests (bsc#1012628). - posix-cpu-timers: Force next expiration recalc after itimer reset (bsc#1012628). - hrtimer: Avoid double reprogramming in __hrtimer_start_range_ns() (bsc#1012628). - hrtimer: Ensure timerfd notification for HIGHRES=n (bsc#1012628). - udf: Check LVID earlier (bsc#1012628). - udf: Fix iocharset=utf8 mount option (bsc#1012628). - isofs: joliet: Fix iocharset=utf8 mount option (bsc#1012628). - bcache: add proper error unwinding in bcache_device_init (bsc#1012628). - nbd: add the check to prevent overflow in __nbd_ioctl() (bsc#1012628). - blk-throtl: optimize IOPS throttle for large IO scenarios (bsc#1012628). - nvme-tcp: don't update queue count when failing to set io queues (bsc#1012628). - nvme-rdma: don't update queue count when failing to set io queues (bsc#1012628). - nvmet: pass back cntlid on successful completion (bsc#1012628). - power: supply: smb347-charger: Add missing pin control activation (bsc#1012628). - power: supply: max17042_battery: fix typo in MAx17042_TOFF (bsc#1012628). - s390/cio: add dev_busid sysfs entry for each subchannel (bsc#1012628). - s390/zcrypt: fix wrong offset index for APKA master key valid state (bsc#1012628). - libata: fix ata_host_start() (bsc#1012628). - sched/topology: Skip updating masks for non-online nodes (bsc#1012628). - crypto: omap - Fix inconsistent locking of device lists (bsc#1012628). - crypto: qat - do not ignore errors from enable_vf2pf_comms() (bsc#1012628). - crypto: qat - handle both source of interrupt in VF ISR (bsc#1012628). - crypto: qat - fix reuse of completion variable (bsc#1012628). - crypto: qat - fix naming for init/shutdown VF to PF notifications (bsc#1012628). - crypto: qat - do not export adf_iov_putmsg() (bsc#1012628). - crypto: hisilicon/sec - fix the abnormal exiting process (bsc#1012628). - crypto: hisilicon/sec - modify the hardware endian configuration (bsc#1012628). - crypto: tcrypt - Fix missing return value check (bsc#1012628). - fcntl: fix potential deadlocks for &fown_struct.lock (bsc#1012628). - fcntl: fix potential deadlock for &fasync_struct.fa_lock (bsc#1012628). - udf_get_extendedattr() had no boundary checks (bsc#1012628). - io-wq: remove GFP_ATOMIC allocation off schedule out path (bsc#1012628). - s390/kasan: fix large PMD pages address alignment check (bsc#1012628). - s390/pci: fix misleading rc in clp_set_pci_fn() (bsc#1012628). - s390/debug: keep debug data on resize (bsc#1012628). - s390/debug: fix debug area life cycle (bsc#1012628). - s390/ap: fix state machine hang after failure to enable irq (bsc#1012628). - s390/smp: enable DAT before CPU restart callback is called (bsc#1012628). - sched/debug: Don't update sched_domain debug directories before sched_debug_init() (bsc#1012628). - power: supply: cw2015: use dev_err_probe to allow deferred probe (bsc#1012628). - m68k: emu: Fix invalid free in nfeth_cleanup() (bsc#1012628). - crypto: x86/aes-ni - add missing error checks in XTS code (bsc#1012628). - sched/numa: Fix is_core_idle() (bsc#1012628). - sched: Fix UCLAMP_FLAG_IDLE setting (bsc#1012628). - rcu: Fix to include first blocked task in stall warning (bsc#1012628). - rcu: Fix stall-warning deadlock due to non-release of rcu_node - >lock (bsc#1012628). - m68k: Fix invalid RMW_INSNS on CPUs that lack CAS (bsc#1012628). - block: return ELEVATOR_DISCARD_MERGE if possible (bsc#1012628). - spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config (bsc#1012628). - spi: spi-pic32: Fix issue with uninitialized dma_slave_config (bsc#1012628). - genirq/timings: Fix error return code in irq_timings_test_irqs() (bsc#1012628). - irqchip/loongson-pch-pic: Improve edge triggered interrupt support (bsc#1012628). - lib/mpi: use kcalloc in mpi_resize (bsc#1012628). - clocksource/drivers/sh_cmt: Fix wrong setting if don't request IRQ for clock source channel (bsc#1012628). - nbd: do del_gendisk() asynchronously for NBD_DESTROY_ON_DISCONNECT (bsc#1012628). - block: nbd: add sanity check for first_minor (bsc#1012628). - spi: coldfire-qspi: Use clk_disable_unprepare in the remove function (bsc#1012628). - irqchip/apple-aic: Fix irq_disable from within irq handlers (bsc#1012628). - irqchip/gic-v3: Fix priority comparison when non-secure priorities are used (bsc#1012628). - crypto: qat - use proper type for vf_mask (bsc#1012628). - m68k: Fix asm register constraints for atomic ops (bsc#1012628). - certs: Trigger creation of RSA module signing key if it's not an RSA key (bsc#1012628). - tpm: ibmvtpm: Avoid error message when process gets signal while waiting (bsc#1012628). - EDAC/i10nm: Fix NVDIMM detection (bsc#1012628). - x86/mce: Defer processing of early errors (bsc#1012628). - spi: davinci: invoke chipselect callback (bsc#1012628). - blk-crypto: fix check for too-large dun_bytes (bsc#1012628). - regulator: vctrl: Use locked regulator_get_voltage in probe path (bsc#1012628). - regulator: vctrl: Avoid lockdep warning in enable/disable ops (bsc#1012628). - spi: sprd: Fix the wrong WDG_LOAD_VAL (bsc#1012628). - spi: spi-zynq-qspi: use wait_for_completion_timeout to make zynq_qspi_exec_mem_op not interruptible (bsc#1012628). - drm/panfrost: Fix missing clk_disable_unprepare() on error in panfrost_clk_init() (bsc#1012628). - drm/gma500: Fix end of loop tests for list_for_each_entry (bsc#1012628). - ASoC: mediatek: mt8192:Fix Unbalanced pm_runtime_enable in mt8192_afe_pcm_dev_probe (bsc#1012628). - ASoC: mediatek: mt8183: Fix Unbalanced pm_runtime_enable in mt8183_afe_pcm_dev_probe (bsc#1012628). - ASoC: tlv320aic32x4: Fix TAS2505/TAS2521 channel count (bsc#1012628). - media: atmel: atmel-sama5d2-isc: fix YUYV format (bsc#1012628). - media: TDA1997x: enable EDID support (bsc#1012628). - leds: is31fl32xx: Fix missing error code in is31fl32xx_parse_dt() (bsc#1012628). - soc: rockchip: ROCKCHIP_GRF should not default to y, unconditionally (bsc#1012628). - media: cxd2880-spi: Fix an error handling path (bsc#1012628). - drm/of: free the right object (bsc#1012628). - bpf: Fix a typo of reuseport map in bpf.h (bsc#1012628). - bpf: Fix potential memleak and UAF in the verifier (bsc#1012628). - drm/of: free the iterator object on failure (bsc#1012628). - gve: fix the wrong AdminQ buffer overflow check (bsc#1012628). - libbpf: Fix the possible memory leak on error (bsc#1012628). - ARM: dts: aspeed-g6: Fix HVI3C function-group in pinctrl dtsi (bsc#1012628). - ARM: dts: everest: Add phase corrections for eMMC (bsc#1012628). - arm64: dts: renesas: r8a77995: draak: Remove bogus adv7511w properties (bsc#1012628). - i40e: improve locking of mac_filter_hash (bsc#1012628). - arm64: dts: qcom: sc7180: Set adau wakeup delay to 80 ms (bsc#1012628). - soc: qcom: rpmhpd: Use corner in power_off (bsc#1012628). - libbpf: Fix removal of inner map in bpf_object__create_map (bsc#1012628). - gfs2: Fix memory leak of object lsi on error return path (bsc#1012628). - arm64: dts: qcom: sm8250: fix usb2 qmp phy node (bsc#1012628). - bpf, selftests: Fix test_maps now that sockmap supports UDP (bsc#1012628). - firmware: fix theoretical UAF race with firmware cache and resume (bsc#1012628). - driver core: Fix error return code in really_probe() (bsc#1012628). - ionic: cleanly release devlink instance (bsc#1012628). - media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init (bsc#1012628). - media: dvb-usb: fix uninit-value in vp702x_read_mac_addr (bsc#1012628). - media: dvb-usb: Fix error handling in dvb_usb_i2c_init (bsc#1012628). - net: usb: asix: ax88772: add missing stop (bsc#1012628). - media: go7007: fix memory leak in go7007_usb_probe (bsc#1012628). - media: go7007: remove redundant initialization (bsc#1012628). - media: v4l2-subdev: fix some NULL vs IS_ERR() checks (bsc#1012628). - media: rockchip/rga: fix error handling in probe (bsc#1012628). - media: coda: fix frame_mem_ctrl for YUV420 and YVU420 formats (bsc#1012628). - media: atomisp: fix the uninitialized use and rename "retvalue" (bsc#1012628). - Bluetooth: sco: prevent information leak in sco_conn_defer_accept() (bsc#1012628). - Bluetooth: btusb: Fix a unspported condition to set available debug features (bsc#1012628). - 6lowpan: iphc: Fix an off-by-one check of array index (bsc#1012628). - drm/amdgpu/acp: Make PM domain really work (bsc#1012628). - drm/amd/pm: Fix a bug communicating with the SMU (v5) (bsc#1012628). - tcp: seq_file: Avoid skipping sk during tcp_seek_last_pos (bsc#1012628). - ARM: dts: meson8: Use a higher default GPU clock frequency (bsc#1012628). - ARM: dts: meson8b: odroidc1: Fix the pwm regulator supply properties (bsc#1012628). - ARM: dts: meson8b: mxq: Fix the pwm regulator supply properties (bsc#1012628). - ARM: dts: meson8b: ec100: Fix the pwm regulator supply properties (bsc#1012628). - net/mlx5e: Prohibit inner indir TIRs in IPoIB (bsc#1012628). - net/mlx5e: Block LRO if firmware asks for tunneled LRO (bsc#1012628). - cgroup/cpuset: Fix a partition bug with hotplug (bsc#1012628). - drm: mxsfb: Enable recovery on underflow (bsc#1012628). - drm: mxsfb: Increase number of outstanding requests on V4 and newer HW (bsc#1012628). - drm: mxsfb: Clear FIFO_CLEAR bit (bsc#1012628). - net: cipso: fix warnings in netlbl_cipsov4_add_std (bsc#1012628). - net: ti: am65-cpsw-nuss: fix wrong devlink release order (bsc#1012628). - drm: rcar-du: Don't put reference to drm_device in rcar_du_remove() (bsc#1012628). - Bluetooth: mgmt: Fix wrong opcode in the response for add_adv cmd (bsc#1012628). - drm/amd/pm: Fix a bug in semaphore double-lock (bsc#1012628). - lib/test_scanf: Handle n_bits == 0 in random tests (bsc#1012628). - libbpf: Return non-null error on failures in libbpf_find_prog_btf_id() (bsc#1012628). - tools: Free BTF objects at various locations (bsc#1012628). - arm64: dts: renesas: hihope-rzg2-ex: Add EtherAVB internal rx delay (bsc#1012628). - net/mlx5: Fix missing return value in mlx5_devlink_eswitch_inline_mode_set() (bsc#1012628). - i2c: highlander: add IRQ check (bsc#1012628). - leds: lgm-sso: Put fwnode in any case during ->probe() (bsc#1012628). - leds: lgm-sso: Don't spam logs when probe is deferred (bsc#1012628). - leds: lt3593: Put fwnode in any case during ->probe() (bsc#1012628). - leds: rt8515: Put fwnode in any case during ->probe() (bsc#1012628). - leds: trigger: audio: Add an activate callback to ensure the initial brightness is set (bsc#1012628). - media: em28xx-input: fix refcount bug in em28xx_usb_disconnect (bsc#1012628). - media: omap3isp: Fix missing unlock in isp_subdev_notifier_complete() (bsc#1012628). - media: venus: hfi: fix return value check in sys_get_prop_image_version() (bsc#1012628). - media: venus: venc: Fix potential null pointer dereference on pointer fmt (bsc#1012628). - media: venus: helper: do not set constrained parameters for UBWC (bsc#1012628). - soc: mmsys: mediatek: add mask to mmsys routes (bsc#1012628). - PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently (bsc#1012628). - PCI: PM: Enable PME if it can be signaled from D3cold (bsc#1012628). - bpf, samples: Add missing mprog-disable to xdp_redirect_cpu's optstring (bsc#1012628). - soc: qcom: smsm: Fix missed interrupts if state changes while masked (bsc#1012628). - net: dsa: build tag_8021q.c as part of DSA core (bsc#1012628). - net: dsa: tag_sja1105: optionally build as module when switch driver is module if PTP is enabled (bsc#1012628). - debugfs: Return error during {full/open}_proxy_open() on rmmod (bsc#1012628). - Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow (bsc#1012628). - arm64: dts: qcom: sc7280: Fixup the cpufreq node (bsc#1012628). - arm64: dts: qcom: sm8350: fix IPA interconnects (bsc#1012628). - drm: bridge: it66121: Check drm_bridge_attach retval (bsc#1012628). - net: ti: am65-cpsw-nuss: fix RX IRQ state after .ndo_stop() (bsc#1012628). - net: dsa: stop syncing the bridge mcast_router attribute at join time (bsc#1012628). - net: dsa: mt7530: remove the .port_set_mrouter implementation (bsc#1012628). - net: dsa: don't disable multicast flooding to the CPU even without an IGMP querier (bsc#1012628). - PM: EM: Increase energy calculation precision (bsc#1012628). - selftests/bpf: Fix bpf-iter-tcp4 test to print correctly the dest IP (bsc#1012628). - leds: lgm-sso: Propagate error codes from callee to caller (bsc#1012628). - drm/msm: Fix error return code in msm_drm_init() (bsc#1012628). - drm/msm/mdp4: refactor HW revision detection into read_mdp_hw_revision (bsc#1012628). - drm/msm/mdp4: move HW revision detection to earlier phase (bsc#1012628). - drm/msm/dp: update is_connected status base on sink count at dp_pm_resume() (bsc#1012628). - drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear necessary LMs (bsc#1012628). - arm64: dts: exynos: correct GIC CPU interfaces address range on Exynos7 (bsc#1012628). - counter: 104-quad-8: Return error when invalid mode during ceiling_write (bsc#1012628). - cgroup/cpuset: Miscellaneous code cleanup (bsc#1012628). - cgroup/cpuset: Fix violation of cpuset locking rule (bsc#1012628). - ASoC: Intel: Fix platform ID matching (bsc#1012628). - Bluetooth: fix repeated calls to sco_sock_kill (bsc#1012628). - drm/msm/dsi: Fix some reference counted resource leaks (bsc#1012628). - drm/msm/dp: replug event is converted into an unplug followed by an plug events (bsc#1012628). - net/mlx5: Fix unpublish devlink parameters (bsc#1012628). - ASoC: rt5682: Properly turn off regulators if wrong device ID (bsc#1012628). - usb: dwc3: meson-g12a: add IRQ check (bsc#1012628). - usb: dwc3: qcom: add IRQ check (bsc#1012628). - usb: gadget: udc: at91: add IRQ check (bsc#1012628). - usb: gadget: udc: s3c2410: add IRQ check (bsc#1012628). - mac80211: remove unnecessary NULL check in ieee80211_register_hw() (bsc#1012628). - usb: misc: brcmstb-usb-pinmap: add IRQ check (bsc#1012628). - usb: phy: fsl-usb: add IRQ check (bsc#1012628). - usb: phy: twl6030: add IRQ checks (bsc#1012628). - usb: gadget: udc: renesas_usb3: Fix soc_device_match() abuse (bsc#1012628). - selftests/bpf: Fix test_core_autosize on big-endian machines (bsc#1012628). - devlink: Clear whole devlink_flash_notify struct (bsc#1012628). - samples: pktgen: add missing IPv6 option to pktgen scripts (bsc#1012628). - net: stmmac: fix INTR TBU status affecting irq count statistic (bsc#1012628). - PM: cpu: Make notifier chain use a raw_spinlock_t (bsc#1012628). - usb: host: ohci-tmio: add IRQ check (bsc#1012628). - usb: phy: tahvo: add IRQ check (bsc#1012628). - libbpf: Re-build libbpf.so when libbpf.map changes (bsc#1012628). - mac80211: Fix insufficient headroom issue for AMSDU (bsc#1012628). - locking/local_lock: Add missing owner initialization (bsc#1012628). - lockd: Fix invalid lockowner cast after vfs_test_lock (bsc#1012628). - SUNRPC: Fix a NULL pointer deref in trace_svc_stats_latency() (bsc#1012628). - nfsd4: Fix forced-expiry locking (bsc#1012628). - arm64: dts: marvell: armada-37xx: Extend PCIe MEM space (bsc#1012628). - clk: staging: correct reference to config IOMEM to config HAS_IOMEM (bsc#1012628). - i2c: synquacer: fix deferred probing (bsc#1012628). - hwmon: (pmbus/bpa-rs600) Don't use rated limits as warn limits (bsc#1012628). - hwmon: remove amd_energy driver in Makefile (bsc#1012628). - ASoC: fsl_rpmsg: Check -EPROBE_DEFER for getting clocks (bsc#1012628). - firmware: raspberrypi: Fix a leak in 'rpi_firmware_get()' (bsc#1012628). - usb: gadget: mv_u3d: request_irq() after initializing UDC (bsc#1012628). - mm/swap: consider max pages in iomap_swapfile_add_extent (bsc#1012628). - lkdtm: replace SCSI_DISPATCH_CMD with SCSI_QUEUE_RQ (bsc#1012628). - Bluetooth: add timeout sanity check to hci_inquiry (bsc#1012628). - i2c: iop3xx: fix deferred probing (bsc#1012628). - i2c: s3c2410: fix IRQ check (bsc#1012628). - i2c: hix5hd2: fix IRQ check (bsc#1012628). - gfs2: init system threads before freeze lock (bsc#1012628). - drm/exynos: g2d: fix missing unlock on error in g2d_runqueue_worker() (bsc#1012628). - rsi: fix error code in rsi_load_9116_firmware() (bsc#1012628). - rsi: fix an error code in rsi_probe() (bsc#1012628). - octeontx2-af: cn10k: Fix SDP base channel number (bsc#1012628). - octeontx2-pf: send correct vlan priority mask to npc_install_flow_req (bsc#1012628). - octeontx2-af: Check capability flag while freeing ipolicer memory (bsc#1012628). - octeontx2-pf: Don't install VLAN offload rule if netdev is down (bsc#1012628). - octeontx2-pf: Fix algorithm index in MCAM rules with RSS action (bsc#1012628). - octeontx2-af: cn10k: Use FLIT0 register instead of FLIT1 (bsc#1012628). - m68k: coldfire: return success for clk_enable(NULL) (bsc#1012628). - ASoC: Intel: kbl_da7219_max98927: Fix format selection for max98373 (bsc#1012628). - ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs (bsc#1012628). - ASoC: Intel: Skylake: Fix module resource and format selection (bsc#1012628). - mmc: sdhci: Fix issue with uninitialized dma_slave_config (bsc#1012628). - mmc: dw_mmc: Fix issue with uninitialized dma_slave_config (bsc#1012628). - mmc: moxart: Fix issue with uninitialized dma_slave_config (bsc#1012628). - ASoC: wm_adsp: Put debugfs_remove_recursive back in (bsc#1012628). - bpf: Fix possible out of bound write in narrow load handling (bsc#1012628). - hv_utils: Set the maximum packet size for VSS driver to the length of the receive buffer (bsc#1012628). - CIFS: Fix a potencially linear read overflow (bsc#1012628). - i2c: mt65xx: fix IRQ check (bsc#1012628). - i2c: xlp9xx: fix main IRQ check (bsc#1012628). - octeontx2-pf: cn10k: Fix error return code in otx2_set_flowkey_cfg() (bsc#1012628). - usb: ehci-orion: Handle errors of clk_prepare_enable() in probe (bsc#1012628). - usb: bdc: Fix an error handling path in 'bdc_probe()' when no suitable DMA config is available (bsc#1012628). - usb: bdc: Fix a resource leak in the error handling path of 'bdc_probe()' (bsc#1012628). - tty: serial: fsl_lpuart: fix the wrong mapbase value (bsc#1012628). - ASoC: wcd9335: Fix a double irq free in the remove function (bsc#1012628). - ASoC: wcd9335: Fix a memory leak in the error handling path of the probe function (bsc#1012628). - ASoC: wcd9335: Disable irq on slave ports in the remove function (bsc#1012628). - iwlwifi: skip first element in the WTAS ACPI table (bsc#1012628). - net/mlx5: Lag, fix multipath lag activation (bsc#1012628). - net/mlx5: Remove all auxiliary devices at the unregister event (bsc#1012628). - net/mlx5e: Fix possible use-after-free deleting fdb rule (bsc#1012628). - net/mlx5: E-Switch, Set vhca id valid flag when creating indir fwd group (bsc#1012628). - net/mlx5e: Use correct eswitch for stack devices with lag (bsc#1012628). - misc/pvpanic: fix set driver data (bsc#1012628). - ice: fix Tx queue iteration for Tx timestamp enablement (bsc#1012628). - ice: add lock around Tx timestamp tracker flush (bsc#1012628). - ice: restart periodic outputs around time changes (bsc#1012628). - ice: Only lock to update netdev dev_addr (bsc#1012628). - net: phy: marvell10g: fix broken PHY interrupts for anyone after us in the driver probe list (bsc#1012628). - ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() (bsc#1012628). - ALSA: usb-audio: Add lowlatency module option (bsc#1012628). - atlantic: Fix driver resume flow (bsc#1012628). - bcma: Fix memory leak for internally-handled cores (bsc#1012628). - brcmfmac: pcie: fix oops on failure to resume and reprobe (bsc#1012628). - ipv6: make exception cache less predictible (bsc#1012628). - ipv4: make exception cache less predictible (bsc#1012628). - net: qrtr: make checks in qrtr_endpoint_post() stricter (bsc#1012628). - sch_htb: Fix inconsistency when leaf qdisc creation fails (bsc#1012628). - net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed (bsc#1012628). - net: qualcomm: fix QCA7000 checksum handling (bsc#1012628). - octeontx2-af: Fix loop in free and unmap counter (bsc#1012628). - octeontx2-af: Fix mailbox errors in nix_rss_flowkey_cfg (bsc#1012628). - octeontx2-af: Fix static code analyzer reported issues (bsc#1012628). - octeontx2-af: Set proper errorcode for IPv4 checksum errors (bsc#1012628). - ipv4: fix endianness issue in inet_rtm_getroute_build_skb() (bsc#1012628). - ASoC: rt5682: Remove unused variable in rt5682_i2c_remove() (bsc#1012628). - iwlwifi Add support for ax201 in Samsung Galaxy Book Flex2 Alpha (bsc#1012628). - f2fs: guarantee to write dirty data when enabling checkpoint back (bsc#1012628). - time: Handle negative seconds correctly in timespec64_to_ns() (bsc#1012628). - auxdisplay: hd44780: Fix oops on module unloading (bsc#1012628). - io_uring: limit fixed table size by RLIMIT_NOFILE (bsc#1012628). - io_uring: IORING_OP_WRITE needs hash_reg_file set (bsc#1012628). - io_uring: io_uring_complete() trace should take an integer (bsc#1012628). - io_uring: fail links of cancelled timeouts (bsc#1012628). - bio: fix page leak bio_add_hw_page failure (bsc#1012628). - raid1: ensure write behind bio has less than BIO_MAX_VECS sectors (bsc#1012628). - cifs: Do not leak EDEADLK to dgetents64 for STATUS_USER_SESSION_DELETED (bsc#1012628). - smb3: fix posix extensions mount option (bsc#1012628). - tty: Fix data race between tiocsti() and flush_to_ldisc() (bsc#1012628). - perf/x86/intel/uncore: Fix IIO cleanup mapping procedure for SNR/ICX (bsc#1012628). - Revert "KVM: x86: mmu: Add guest physical address check in translate_gpa()" (bsc#1012628). - KVM: s390: index kvm->arch.idle_mask by vcpu_idx (bsc#1012628). - KVM: x86: Update vCPU's hv_clock before back to guest when tsc_offset is adjusted (bsc#1012628). - KVM: x86: clamp host mapping level to max_level in kvm_mmu_max_mapping_level (bsc#1012628). - KVM: x86/mmu: Avoid collision with !PRESENT SPTEs in TDP MMU lpage stats (bsc#1012628). - KVM: VMX: avoid running vmx_handle_exit_irqoff in case of emulation (bsc#1012628). - KVM: nVMX: Unconditionally clear nested.pi_pending on nested VM-Enter (bsc#1012628). - KVM: arm64: Unregister HYP sections from kmemleak in protected mode (bsc#1012628). - KVM: arm64: vgic: Resample HW pending state on deactivation (bsc#1012628). - ARM: dts: at91: add pinctrl-{names, 0} for all gpios (bsc#1012628). - io-wq: check max_worker limits if a worker transitions bound state (bsc#1012628). - md/raid10: Remove unnecessary rcu_dereference in raid10_handle_discard (bsc#1012628). - char: tpm: Kconfig: remove bad i2c cr50 select (bsc#1012628). - fuse: truncate pagecache on atomic_o_trunc (bsc#1012628). - fuse: flush extending writes (bsc#1012628). - fuse: wait for writepages in syncfs (bsc#1012628). - IMA: remove -Wmissing-prototypes warning (bsc#1012628). - IMA: remove the dependency on CRYPTO_MD5 (bsc#1012628). - fbmem: don't allow too huge resolutions (bsc#1012628). - ACPI: PRM: Find PRMT table before parsing it (bsc#1012628). - RDMA/mlx5: Fix number of allocated XLT entries (bsc#1012628). - bootconfig: Fix missing return check of xbc_node_compose_key function (bsc#1012628). - backlight: pwm_bl: Improve bootloader/kernel device handover (bsc#1012628). - parisc: Fix unaligned-access crash in bootloader (bsc#1012628). - clk: kirkwood: Fix a clocking boot regression (bsc#1012628). - devlink: Break parameter notification sequence to be before/after unload/load driver (bsc#1012628). - Refresh patches.suse/Bluetooth-schedule-SCO-timeouts-with-delayed_work.patch. - Refresh patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch. - Update config files. - commit 8706151 - Bluetooth: Move shutdown callback before flushing tx and rx queue (bsc#1190424). - commit 40ccc64 - fixup "rpm: support gz and zst compression methods" once more (bsc#1190428, bsc#1190358) Fixes: 3b8c4d9bcc24 ("rpm: support gz and zst compression methods") Fixes: 23510fce36ec ("fixup "rpm: support gz and zst compression methods"") - commit 165378a - Linux 5.14.3 (bsc#1012628). - cxl/acpi: Do not add DSDT disabled ACPI0016 host bridge ports (bsc#1012628). - cxl/pci: Fix lockdown level (bsc#1012628). - cxl/pci: Fix debug message in cxl_probe_regs() (bsc#1012628). - PCI: Call Max Payload Size-related fixup quirks early (bsc#1012628). - x86/reboot: Limit Dell Optiplex 990 quirk to early BIOS versions (bsc#1012628). - staging: mt7621-pci: fix hang when nothing is connected to pcie ports (bsc#1012628). - xhci: Fix failure to give back some cached cancelled URBs (bsc#1012628). - xhci: fix unsafe memory usage in xhci tracing (bsc#1012628). - xhci: fix even more unsafe memory usage in xhci tracing (bsc#1012628). - usb: mtu3: fix the wrong HS mult value (bsc#1012628). - usb: mtu3: use @mult for HS isoc or intr (bsc#1012628). - usb: mtu3: restore HS function when set SS/SSP (bsc#1012628). - usb: gadget: tegra-xudc: fix the wrong mult value for HS isoc or intr (bsc#1012628). - usb: cdnsp: fix the wrong mult value for HS isoc or intr (bsc#1012628). - usb: xhci-mtk: fix issue of out-of-bounds array access (bsc#1012628). - usb: host: xhci-rcar: Don't reload firmware after the completion (bsc#1012628). - Bluetooth: btusb: Make the CSR clone chip force-suspend workaround more generic (bsc#1012628). - Bluetooth: Add additional Bluetooth part for Realtek 8852AE (bsc#1012628). - ALSA: usb-audio: Add registration quirk for JBL Quantum 800 (bsc#1012628). - Revert "r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM" (bsc#1012628). - igmp: Add ip_mc_list lock in ip_check_mc_rcu (bsc#1012628). - can: c_can: fix null-ptr-deref on ioctl() (bsc#1012628). - firmware: dmi: Move product_sku info to the end of the modalias (bsc#1012628). - commit 87c3051 - fixup "rpm: support gz and zst compression methods" once more Fixes: 3b8c4d9bcc24 ("rpm: support gz and zst compression methods") Fixes: 23510fce36ec ("fixup "rpm: support gz and zst compression methods"") - commit 34e68f4 - Avoid double printing SUSE specific flags in mod->taint (bsc#1190413). - commit 3b944fc - fixup "rpm: support gz and zst compression methods" Fixes: 3b8c4d9bcc24 ("rpm: support gz and zst compression methods") - commit 23510fc - kernel-cert-subpackage: Fix certificate location in scriptlets (bsc#1189841). Fixes: d9a1357edd73 ("rpm: Define $certs as rpm macro (bsc#1189841).") - commit 8684de8 - kernel-binary.spec.in Stop templating the scriptlets for subpackages (bsc#1190358). The script part for base package case is completely separate from the part for subpackages. Remove the part for subpackages from the base package script and use the KMP scripts for subpackages instead. - commit 5d1f677 - kernel-binary.spec: Do not fail silently when KMP is empty (bsc#1190358). Copy the code from kernel-module-subpackage that deals with empty KMPs. - commit d7d2e6e - Document suse-hv-guest-os-id.patch (bsc#814005, bsc#1189965). - commit 6205661 ==== kmod ==== Subpackages: kmod-bash-completion libkmod2 - Use docbook 4 rather than docbook 5 for building man pages (bsc#1190190). * Refres no-stylesheet-download.patch ==== less ==== - Add missing runtime dependency on which, which it is used by lessopen.sh. Fix bsc#1190552. ==== libalternatives ==== Version update (1.1 -> 1.2+3.b848aad) Subpackages: alts libalternatives1 - Update to version v1.2+3.b848aad: * tests: fix array overrun in unit tests - Update to version v1.2: * Add config option=KeepArgv0 to keep original argument during exec() call ==== libgudev ==== Version update (234 -> 237) - Update to version 237: + Fix reading double precision floats from sysfs attributes in locales that use comma as a separator + Fix compilation warning + Fix headers to help with build reproducibility + Clarify licensing information - Changes from version 236: + Fix meson project name to match autotools. - Changes from version 235: + Port build system to meson and remove autotools + Fix conversion of sysfs attributes to boolean. - Add meson BuildRequires and macros following upstreams port. - Enable pkgconfig(umockdev-1.0) BuildRequires and test macro. - Update Licence tag to LGPL-2.1-or-later. ==== libhugetlbfs ==== - Add glibc-2.34-fix.patch as a fix for upstream issue gh#52: https://github.com/libhugetlbfs/libhugetlbfs/pull/63/commits (boo#1189094). - Update to version 2.23.0.g6b126a4: * Update NEWS for 2.23 release * Wait child with os.wait() * Makefile: add MANDIR variable * Makefile: skip LIB resolve check if NATIVEONLY * Introduce basic riscv64 support * ld.hugetlbfs: fix -Ttext-segment argument on AArch64 * tests: add explicit permissions to open() call * Update NEWS for 2.22 release * Convert setup script to python3 * Clean up error checking in dump_proc_pid_maps() ==== libinput ==== Version update (1.18.1 -> 1.19.0) Subpackages: libinput-udev libinput10 - Update to release 1.19 * Hold gestures are a new type of gestures that are triggered by holding one or more fingers on a touchpad without significant movement. They add to the existing pinch and swipe gestures and allow for the implementation of hold-to-click. * High-resolution wheel scrolling has been long in the making and the solution ends up replacing the existing pointer axis API. Three new events are available: LIBINPUT_EVENT_POINTER_SCROLL_WHEEL, LIBINPUT_EVENT_POINTER_SCROLL_FINGER, and LIBINPUT_EVENT_POINTER_SCROLL_CONTINUOUS. These events replace the existing LIBINPUT_EVENT_POINTER_AXIS events, i.e. if you are processing the new events simply discard the old events. ==== libpinyin ==== Version update (2.6.0 -> 2.6.1) Subpackages: libpinyin-data libpinyin13 libzhuyin13 - Update version to 2.6.1 * bug fixes ==== libvirt ==== Subpackages: libvirt-client libvirt-daemon libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lxc libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs - libxl: Improve reporting of die_id in capabilities b75a16ae-libxl-improve-die-id.patch boo#1190493 - libxl: Fix driver reload 65fab900-libxl-fix-driver-reload.patch, 51eb680b-libxl-dont-autostart-on-reload.patch bsc#1190420 ==== mariadb ==== Version update (10.5.10 -> 10.6.4) Subpackages: libmariadbd19 mariadb-client mariadb-errormessages - Update to 10.6.4 * release notes and changelog: https://mariadb.com/kb/en/library/mariadb-1064-release-notes https://mariadb.com/kb/en/library/mariadb-1064-changelog https://mariadb.com/kb/en/library/mariadb-1063-release-notes https://mariadb.com/kb/en/library/mariadb-1063-changelog https://mariadb.com/kb/en/library/mariadb-1062-release-notes https://mariadb.com/kb/en/library/mariadb-1062-changelog https://mariadb.com/kb/en/library/mariadb-1061-release-notes https://mariadb.com/kb/en/library/mariadb-1061-changelog https://mariadb.com/kb/en/library/mariadb-1060-release-notes https://mariadb.com/kb/en/library/mariadb-1060-changelog * fixes for the following security vulnerabilities: 10.6.4: CVE-2021-2372 CVE-2021-2389 - Removed support to tokudb as it has been removed from upstream - Refresh mariadb-10.2.4-fortify-and-O.patch - Add new systemd socket from upstream ==== ncurses ==== Version update (6.2.20210814 -> 6.2.20210911) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20210911 + adjust ifdef in test_opaque.c to fix build with ncurses 5.7 + add testing note for xterm-{hp|sco|sun} -TD + corrected description for ansi.sys-old -TD + add xterm+nopcfkeys, to fill in keys for xterm-hp, xterm-sun -TD + use hp+arrows in a few places -TD + use hp+pfk-cr in a few places -TD - Correct offsets of patch ncurses-6.2.dif - Add ncurses patch 20210905 + correct logic in filtering of redefinitions (report by Sven Joachim, cf: 20210828). - Add ncurses patch 20210904 + modify linux3.0 entry to reflect default mapping of shift-tab by kbd 1.14 (report by Jan Engelhardt) -TD + add historical note to tput, curses-terminfo and curses-color manpages based on source-code for SVr2, SVr3 and SVr4. + minor grammatical fixes for "it's" vs "its" (report by Nick Black). + amend fix for --disable-root-environ (report by Arnav Singh). + build-fix for compiling link_test + drop symbols GCC_PRINTF and GCC_SCANF from curses.h.in, to simplify use (Debian #993179). - Add ncurses patch 20210828 + correct reversed check for --disable-root-environ (report/analysis by Arnav Singh, cf: 20210626). + apply gcc format attribute to prototypes which use a va_list parameter rather than a "..." variable-length parameter list (prompted by discussion in a tmux pull-request). + modify configure scripts to filter out redefinitions of _XOPEN_SOURCE, e.g., for NetBSD which generally supports 500, but 600 is needed for ncursesw. + improve documentation for tparm and static/dynamic variables. + improve typography in terminfo.5 (patch by Branden Robinson). - Add ncurses patch 20210821 + improve tparm implementation of %P and %g, more closely matching SVr4 terminfo. + move internals of TERMINAL structure to new header term.priv.h + add "check" rule for ncurses/Makefile + corrected tsl capability for terminator -TD + add check in tic to report instances where tparm would detect an error in an expression (cf: 20201010). + correct a few places where SP->_pair_limit was used rather than SP->_pair_alloc (cf: 20170812). + fix missing "%d" for setaf/setab code 8-15 in xterm+direct16 (report by Florian Weimer) -TD + fix some documentation errata from OpenBSD changes. + update config.sub - Correct offsets and dates of patch ncurses-6.2.dif ==== nmap ==== - Tumbleweed is not affected by the following SLE issues: * bsc#1148742 * bsc#1135350 * bsc#1133512 ==== ntfs-3g_ntfsprogs ==== Version update (2017.3.23 -> 2021.8.22) Subpackages: ntfs-3g ntfsprogs - Update to version 2021.8.22 (boo#1189720): * Fixed compile error when building with libfuse < 2.8.0 * Fixed obsolete macros in configure.ac * Signalled support of UTIME_OMIT to external libfuse2 * Fixed an improper macro usage in ntfscp.c * Updated the repository change in the README * Fixed vulnerability threats caused by maliciously tampered NTFS partitions * Security fixes: CVE-2021-33285, CVE-2021-33286, CVE-2021-33287, CVE-2021-33289, CVE-2021-35266, CVE-2021-35267, CVE-2021-35268, CVE-2021-35269, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE_2021-39254, CVE-2021-39255, CVE-2021-39256, CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261, CVE-2021-39262, CVE-2021-39263. - Sover is now 89 - Update URL. - Remove 21-storage-ntfs-3g.fdi; it is no longer used. ==== pam ==== Version update (1.5.1 -> 1.5.2) Subpackages: pam-32bit pam-doc pam_unix - Rename motd.tmpfiles to pam.tmpfiles - Add /run/faillock directory - pam-login_defs-check.sh: adjust for new login.defs variable usages - Update to 1.5.2 Noteworthy changes in Linux-PAM 1.5.2: * pam_exec: implemented quiet_log option. * pam_mkhomedir: added support of HOME_MODE and UMASK from /etc/login.defs. * pam_timestamp: changed hmac algorithm to call openssl instead of the bundled sha1 implementation if selected, added option to select the hash algorithm to use with HMAC. * Added pkgconfig files for provided libraries. * Added --with-systemdunitdir configure option to specify systemd unit directory. * Added --with-misc-conv-bufsize configure option to specify the buffer size in libpam_misc's misc_conv() function, raised the default value for this parameter from 512 to 4096. * Multiple minor bug fixes, portability fixes, documentation improvements, and translation updates. pam_tally2 has been removed upstream, remove pam_tally2-removal.patch pam_cracklib has been removed from the upstream sources. This obsoletes pam-pam_cracklib-add-usersubstr.patch and pam_cracklib-removal.patch. The following patches have been accepted upstream and, so, are obsolete: - pam-bsc1181443-make-nofile-unlimited-mean-nr_open.patch - pam_securetty-don-t-complain-about-missing-config.patch - bsc1184358-prevent-LOCAL-from-being-resolved.patch - revert-check_shadow_expiry.diff [Linux-PAM-1.5.2-docs.tar.xz, Linux-PAM-1.5.2-docs.tar.xz.asc, Linux-PAM-1.5.2.tar.xz, Linux-PAM-1.5.2.tar.xz.asc, pam-pam_cracklib-add-usersubstr.patch, pam_cracklib-removal.patch, pam-bsc1181443-make-nofile-unlimited-mean-nr_open.patch, pam_securetty-don-t-complain-about-missing-config.patch, bsc1184358-prevent-LOCAL-from-being-resolved.patch, revert-check_shadow_expiry.diff] ==== php7 ==== Subpackages: php7-cli php7-ctype php7-dom php7-gd php7-gettext php7-iconv php7-json php7-mbstring php7-mysql php7-openssl php7-pdo php7-sqlite php7-tokenizer php7-xmlreader php7-xmlwriter - added patches https://github.com/php/php-src/commit/b3646440b1808abf0874b6f89027ce53ec5da03f + php7-gd-removed-unused-constants.patch ==== pmdk ==== Version update (1.9 -> 1.11.0) Subpackages: libpmem1 libpmemobj1 - Renamed libpmem2-1-devel to libpmem2-devel - Update to PMDK 1.11.0 * Version 1.11.0 - Adds new APIs for libpmem2, most notably there are new functions to shrink and extend an existing reservation and a new iterator API for mappings contained within an existing reservation. There's also a new function to retrieve a numa node for a source. - Makes the pmemobj_open() and pmemobj_close() functions from libpmemobj thread-safe. It's now easier to correctly manage persistent memory pools in a parallel environment. - Introduces a new API in libpmemobj to globally change the method of assigning arenas to threads. The default is to rely on a OS per-thread key to store arena information. This release introduces an option to avoid the use of thread-local keys by simply using one global arena for all threads in a pool. - pmem2: don't force smaller alignment for fsdax mappings - rpmem: various fixes for powerpc64le - doc: fix documentation of pmem_is_pmem() - common: fix various minor problems found by static analysis - pmem2: arm64: fix possible data loss on ARMv8.2+ (improper flushing) This release introduces no changes to the on-media layout and is fully compatible with the previous version of PMDK. * Version 1.10 - This release introduces a new stable PMDK library, libpmem2, which is the next major release of libpmem. This library has an entirely new, but familiar, API that addresses many shortcomings of the previous version, while retaining all of its functionality. To learn more, see https://pmem.io/pmdk/libpmem2/ or libpmem2(7). The old library, libpmem, is still going to be maintained for the foreseeable future, but we'd like to encourage any new applications to leverage libpmem2. - Update to PMDK 1.9.2 * Version 1.9.2 - This release reverts an incorrect change in SDS handling "pool: disable SDS check if not supported", and introduces a proper fix for the issues that patch attempted to correct. * Version 1.9.1 - common: fix LIBFABRIC flags - common: Add runtime SDS check and disable - pool: disable SDS check if not supported - obj: fix failure atomicity bug in huge allocs - obj: add missing drain after ulog processing - Drop common-fix-LIBFABRIC-flags.patch (now in upstream) - Add a comment to gen-doc.sh ==== qca-qt5 ==== Version update (2.3.3 -> 2.3.4) Subpackages: libqca-qt5-2 qca-qt5-plugins - Run ctest in %check - Add patch to make %check much quicker: * 0001-Make-filewatchunittest-much-quicker.patch - Update to 2.3.4: * OpenSSL 3 support * Don't create pkgconfig files for Qt 6 builds * Minor test fix ==== rygel ==== Version update (0.40.1 -> 0.40.2) Subpackages: librygel-core-2_6-2 librygel-server-2_6-2 - Update to version 0.40.2: + Disable tracker2 in default build options. + Fixed potential race condition in meson build. + Updated translations. ==== salt ==== Subpackages: python3-salt salt-master salt-minion - Exclude the full path of a download URL to prevent injection of malicious code (bsc#1190265) (CVE-2021-21996) - Added: * exclude-the-full-path-of-a-download-url-to-prevent-i.patch - Fix wrong relative paths resolution with Jinja renderer when importing subdirectories - Added: * templates-move-the-globals-up-to-the-environment-jin.patch - Don't pass shell="/sbin/nologin" to onlyif/unless checks (bsc#1188259) - Add missing aarch64 to rpm package architectures - Backport of upstream PR#59492 - Added: * backport-of-upstream-pr59492-to-3002.2-404.patch * don-t-use-shell-sbin-nologin-in-requisites.patch * add-missing-aarch64-to-rpm-package-architectures-405.patch - Fix failing unit test for systemd - Fix error handling in openscap module (bsc#1188647) - Better handling of bad public keys from minions (bsc#1189040) - Added: * better-handling-of-bad-public-keys-from-minions-bsc-.patch * fix-error-handling-in-openscap-module-bsc-1188647-40.patch * fix-failing-unit-tests-for-systemd.patch - Define license macro as doc in spec file if not existing - Add standalone formulas configuration for salt minion and remove salt-master requirement (bsc#1168327) - Do noop for services states when running systemd in offline mode (bsc#1187787) - transactional_updates: do not execute states in parallel but use a queue (bsc#1188170) - Added: * do-noop-for-services-states-when-running-systemd-in-.patch - Handle "master tops" data when states are applied by "transactional_update" (bsc#1187787) - Enhance openscap module: add "xccdf_eval" call - Added: * enhance-openscap-module-add-xccdf_eval-call-386.patch * handle-master-tops-data-when-states-are-applied-by-t.patch - virt: pass emulator when getting domain capabilities from libvirt - Adding preliminary support for Rocky Linux - Implementation of held/unheld functions for state pkg (bsc#1187813) - Added: * implementation-of-held-unheld-functions-for-state-pk.patch * adding-preliminary-support-for-rocky.-59682-391.patch * virt-pass-emulator-when-getting-domain-capabilities-.patch - Replace deprecated Thread.isAlive() with Thread.is_alive() - Added: * backport-thread.is_alive-fix-390.patch - Fix exception in yumpkg.remove for not installed package - Fix save for iptables state module (bsc#1185131) - Added: * fix-exception-in-yumpkg.remove-for-not-installed-pac.patch * fix-save-for-iptables-state-module-bsc-1185131-372.patch - virt: use /dev/kvm to detect KVM - Added: * virt-use-dev-kvm-to-detect-kvm-383.patch - zypperpkg: improve logic for handling vendorchange flags - Added: * move-vendor-change-logic-to-zypper-class-355.patch - Add bundled provides for tornado to the spec file - Enhance logging when inotify beacon is missing pyinotify (bsc#1186310) - Add "python3-pyinotify" as a recommended package for Salt in SUSE/OpenSUSE distros - Added: * enhance-logging-when-inotify-beacon-is-missing-pyino.patch - Fix tmpfiles.d configuration for salt to not use legacy paths (bsc#1173103) - Check if dpkgnotify is executable (bsc#1186674) - Added: * check-if-dpkgnotify-is-executable-bsc-1186674-376.patch - Detect Python version to use inside container (bsc#1167586) (bsc#1164192) - Handle volumes on stopped pools in virt.vm_info (bsc#1186287) - Drop support for Python2. Obsoletes "python2-salt" package - Added: * handle-volumes-on-stopped-pools-in-virt.vm_info-373.patch * figure-out-python-interpreter-to-use-inside-containe.patch - grains.extra: support old non-intel kernels (bsc#1180650) - Fix missing minion returns in batch mode (bsc#1184659) - Added: * fix-missing-minion-returns-in-batch-mode-360.patch * grains.extra-support-old-non-intel-kernels-bsc-11806.patch - Parsing Epoch out of version provided during pkg remove (bsc#1173692) - Added: * parsing-epoch-out-of-version-provided-during-pkg-rem.patch - Fix issue parsing errors in ansiblegate state module - Added: * fix-issue-parsing-errors-in-ansiblegate-state-module.patch - Prevent command injection in the snapper module (bsc#1185281) (CVE-2021-31607) - transactional_update: detect recursion in the executor - Add subpackage salt-transactional-update (jsc#SLE-18028) - Remove duplicate directories from specfile - Added: * transactional_update-detect-recursion-in-the-executo.patch * prevent-command-injection-in-the-snapper-module-bsc-.patch ==== supermin ==== - Restore ExclusiveArch, continue to follow libguestfs The 'almost' below is the reason. ==== suse-module-tools ==== Version update (16.0.9 -> 16.0.10+7) - Update to version 16.0.10+7: * rpm-script: link config also into /boot (boo#1189879) * weak-modules2: accept modules under /usr/lib/modules on stdin (for support of usr-merged KMPs) * fix scriptlet path (bsc#1189441) - Update to version 16.0.10: * Import kernel scriptlets from kernel-source (bsc#1189441) * README.md: document environment variables for weak-modules2 ==== vim ==== Version update (8.2.3360 -> 8.2.3408) Subpackages: gvim vim-data vim-data-common - Changed used terminal description in %check scriptlet from "linux" to "xterm" as the former does not map to [Z found by a fix in terminfo database of ncurses 6.2 patch 20210904 - Updated to version 8.2.3408, fixes the following problems * User function completion fails with dict function. * Vim9: crash with nested :while. * Buffer overflow when completing long tag name. * When :edit reuses the current buffer the alternate file is set to the same buffer. * Vim9: crash when :for is skipped. * Vim9: cannot use option for all operations. * Vim9: debugging elseif does not stop before condition. * Vim9: :@r executing a register is inconsistent. * Not all Racket files are recognized. * Auto formatting after "cw" leaves cursor in wrong spot. * Vim9: no check for white space before type in declaration. (Naohiro Ono) * Vim9: :$ENV cannot be followed by ->func() in next line. * line2byte() value wrong when adding a text property. (Yuto Kimura) * text property test fails on MS-Windows. * Pyret files are not recognized. * Using uninitialized memory. * Vim9: no warning that "@r" does not do anything. * Vim9: :disass completion does not understand "s:". * Crash when using NULL job. * Crash when using NULL string for funcref(). * Crash when using NULL list with sign functions. * Crash when getting the type of a NULL partial. * Vim9: completion for :disassemble adds parenthesis. * Cannot disable modeline for an individual file. * Escaping for fish shell does not work properly. * Using uninitialized memory. * Compiler warning for non-static function. * fnamemodify('path/..', ':p') differs from using 'path/../'. * Cannot stop insert mode completion without side effects. * Included xdiff code is outdated. * Crash with combination of 'linebreak' and other options. * augroup completion escapes regexp pattern characters. * Escaping for fish shell is skipping some characters. * Filler lines are wrong when changing text in diff mode. * Vim9: expression breakpoint not checked in :def function. * When libcall() fails invalid pointer may be used. * No test for what 8.2.3391 fixes. * Html text objects are not fully tested. * Octave files are not recognized. * ":z!" is not supported. * Vim9: cannot use a negative count with finddir() and findfile(). * Invalid memory access when using :retab with large value. * Memory leak for :retab with invalid argument. * Vim9: no error for white space before "(". * Cannot have a comment line in a {} block of a user command. * On some systems tests fail without _REENTRANT. (Elimar Riesebieter) * Using uninitialized memory with "let g:['bar'] = 2". * Can delete a numbered function. (Naohiro Ono) ==== virt-manager ==== Subpackages: virt-install virt-manager-common - bsc#1190215 - [virt-install] No Support for SUSE Product SLE-HPC virtinst-add-sle-hpc-support.patch ==== yast2 ==== Version update (4.4.17 -> 4.4.20) Subpackages: yast2-logs - Fixed losing the current product and package selection during installation, caused by unnecessary reloading of repositories (bsc#1190228) - 4.4.20 - Added infrastructure for installing missing UI extension plug-ins (jsc#SLE-20346, jsc#SLE-20462) - 4.4.19 - Add Y2Issues::WithIssues mixin to make easier to work with a list of issues (needed for jsc#SLE-20563). - 4.4.18 ==== yast2-bootloader ==== Version update (4.4.6 -> 4.4.7) - Fix calling dracut to regenerate all initrds (bsc#1189915) - 4.4.7 ==== yast2-control-center ==== Version update (4.4.2 -> 4.4.3) Subpackages: yast2-control-center-qt - Avoid creating nohup.out file in the user's home directory (bsc#1189651). - 4.4.3 ==== yast2-online-update ==== Version update (4.4.1 -> 4.4.3) - Check for pkg UI extension (in interactive mode) and offer to install it if not present (jsc#SLE-20346, jsc#SLE-20462) - 4.4.3 - Added recommends to yast2-online-update-frontend in order to install *.desktop file (bsc#1177997). - 4.4.2 ==== yast2-trans ==== Version update (84.87.20210828.fbeca8288d -> 84.87.20210914.a5d6b81b64) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20210914.a5d6b81b64: * New POT for text domain 'control-center'. * Translated using Weblate (Finnish) * Translated using Weblate (Finnish) * Translated using Weblate (Finnish) * New POT for text domain 'installation'. * Translated using Weblate (Czech) * Translated using Weblate (Slovak) * Translated using Weblate (Dutch) * Translated using Weblate (Japanese) * Translated using Weblate (Catalan) * New POT for text domain 'update'. * New POT for text domain 'kdump'. * New POT for text domain 'country'. * New POT for text domain 'services-manager'. * Translated using Weblate (Finnish) * New POT for text domain 'add-on'.