Packages changed: cups kernel-source (6.0.10 -> 6.0.12) libpaper (2.0.3 -> 2.0.4) pam pam-full-src perl-Net-Server (2.010 -> 2.013) python-psutil python-pycairo (1.22.0 -> 1.23.0) python-pycares supermin systemd (252.2 -> 252.3) vim (9.0.0978 -> 9.0.1040) wavpack (5.5.0 -> 5.6.0) xen (4.16.2_04 -> 4.17.0_02) xorg-x11-fonts xorg-x11-fonts-converted yast2-kdump (4.5.6 -> 4.5.7) === Details === ==== cups ==== Subpackages: cups-client cups-config libcups2 libcups2-32bit libcupsimage2 - Migration PAM settings to /usr/etc: Saving user changed configuration files in /etc and restoring them while an RPM update. ==== kernel-source ==== Version update (6.0.10 -> 6.0.12) - Linux 6.0.12 (bsc#1012628). - btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() (bsc#1012628). - drm/amdgpu: move setting the job resources (bsc#1012628). - drm/amdgpu: cleanup error handling in amdgpu_cs_parser_bos (bsc#1012628). - drm/amdgpu: fix userptr HMM range handling v2 (bsc#1012628). - drm/amd/pm: add smu_v13_0_10 driver if version (bsc#1012628). - drm/amd/pm: update driver-if header for smu_v13_0_10 (bsc#1012628). - drm/amd/pm: update driver if header for smu_13_0_7 (bsc#1012628). - clk: samsung: exynos7885: Correct "div4" clock parents (bsc#1012628). - clk: qcom: gdsc: add missing error handling (bsc#1012628). - clk: qcom: gdsc: Remove direct runtime PM calls (bsc#1012628). - iio: health: afe4403: Fix oob read in afe4403_read_raw (bsc#1012628). - iio: health: afe4404: Fix oob read in afe4404_[read|write]_raw (bsc#1012628). - iio: light: rpr0521: add missing Kconfig dependencies (bsc#1012628). - libbpf: Use correct return pointer in attach_raw_tp (bsc#1012628). - bpf, perf: Use subprog name when reporting subprog ksymbol (bsc#1012628). - scripts/faddr2line: Fix regression in name resolution on ppc64le (bsc#1012628). - ARM: at91: rm9200: fix usb device clock id (bsc#1012628). - libbpf: Handle size overflow for ringbuf mmap (bsc#1012628). - hwmon: (ltc2947) fix temperature scaling (bsc#1012628). - hwmon: (ina3221) Fix shunt sum critical calculation (bsc#1012628). - hwmon: (i5500_temp) fix missing pci_disable_device() (bsc#1012628). - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails (bsc#1012628). - clocksource/drivers/arm_arch_timer: Fix XGene-1 TVAL register math error (bsc#1012628). - bpf: Do not copy spin lock field from user in bpf_selem_alloc (bsc#1012628). - nvmem: rmem: Fix return value check in rmem_read() (bsc#1012628). - of: property: decrement node refcount in of_fwnode_get_reference_args() (bsc#1012628). - clk: qcom: gcc-sc8280xp: add cxo as parent for three ufs ref clks (bsc#1012628). - ixgbevf: Fix resource leak in ixgbevf_init_module() (bsc#1012628). - i40e: Fix error handling in i40e_init_module() (bsc#1012628). - fm10k: Fix error handling in fm10k_init_module() (bsc#1012628). - iavf: Fix error handling in iavf_init_module() (bsc#1012628). - e100: Fix possible use after free in e100_xmit_prepare (bsc#1012628). - net/mlx5: DR, Fix uninitialized var warning (bsc#1012628). - net/mlx5: E-switch, Destroy legacy fdb table when needed (bsc#1012628). - net/mlx5: E-switch, Fix duplicate lag creation (bsc#1012628). - net/mlx5: Fix uninitialized variable bug in outlen_write() (bsc#1012628). - net/mlx5e: Fix use-after-free when reverting termination table (bsc#1012628). - can: sja1000_isa: sja1000_isa_probe(): add missing free_sja1000dev() (bsc#1012628). - can: cc770: cc770_isa_probe(): add missing free_cc770dev() (bsc#1012628). - can: etas_es58x: es58x_init_netdev(): free netdev when register_candev() (bsc#1012628). - can: m_can: pci: add missing m_can_class_free_dev() in probe/remove methods (bsc#1012628). - can: m_can: Add check for devm_clk_get (bsc#1012628). - vfs: fix copy_file_range() averts filesystem freeze protection (bsc#1012628). - qlcnic: fix sleep-in-atomic-context bugs caused by msleep (bsc#1012628). - aquantia: Do not purge addresses when setting the number of rings (bsc#1012628). - wifi: cfg80211: fix buffer overflow in elem comparison (bsc#1012628). - wifi: cfg80211: don't allow multi-BSSID in S1G (bsc#1012628). - wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration (bsc#1012628). - net: phy: fix null-ptr-deref while probe() failed (bsc#1012628). - net: ethernet: ti: am65-cpsw: fix error handling in am65_cpsw_nuss_probe() (bsc#1012628). - net: net_netdev: Fix error handling in ntb_netdev_init_module() (bsc#1012628). - net/9p: Fix a potential socket leak in p9_socket_open (bsc#1012628). - net: ethernet: nixge: fix NULL dereference (bsc#1012628). - net: wwan: iosm: fix kernel test robot reported error (bsc#1012628). - net: wwan: iosm: fix dma_alloc_coherent incompatible pointer type (bsc#1012628). - net: wwan: iosm: fix crash in peek throughput test (bsc#1012628). - net: wwan: iosm: fix incorrect skb length (bsc#1012628). - dsa: lan9303: Correct stat name (bsc#1012628). - mptcp: don't orphan ssk in mptcp_close() (bsc#1012628). ... changelog too long, skipping 606 lines ... - commit e554413 ==== libpaper ==== Version update (2.0.3 -> 2.0.4) Subpackages: libpaper-tools libpaper2 - update to 2.0.4: * don't hardcode make binary name in tests ==== pam ==== Subpackages: pam-32bit pam_unix - pam_pwhistory-docu.patch, docbook5.patch: convert docu to docbook5 - pam-git.diff: update to current git - obsoletes pam-hostnames-in-access_conf.patch - obsoletes tst-pam_env-retval.c - pam_env_econf.patch refresh ==== pam-full-src ==== - pam_pwhistory-docu.patch, docbook5.patch: convert docu to docbook5 - pam-git.diff: update to current git - obsoletes pam-hostnames-in-access_conf.patch - obsoletes tst-pam_env-retval.c - pam_env_econf.patch refresh ==== perl-Net-Server ==== Version update (2.010 -> 2.013) - updated to 2.013 see /usr/share/doc/packages/perl-Net-Server/Changes 2.013 Dec 03 2022 - Update MANIFEST for missing file 2.012 Dec 02 2022 - More code/documentation typo fixes - Add /simple routes to HTTP and PSGI echo handlers for doing static request samples. - Fix PSGI header handling that was broken in 2.011 2.011 Dec 01 2022 - Default to IO::Socket::IP with continued fallback to IO::Socket::INET6 - Add double_reverse_lookups configuration and code - Cleanup hostname lookup under both IO::Socket::IP and IO::Socket::INET6 - Change SSL to use IO::Socket::SSL SSL_startHandshake - Fix semaphore release - Update various POD issues - Finally add register_child method called if a child process is started. - Bugfix Net::Server::PSGI - Allow groups to be separated by , - Allow . in usernames and groups - Allow space in config file values - Retro-actively acknowlege that 2.008 changed default Net::Server::HTTP type to PreFork (and update docs) - Fix Location bounce with other status set - Return status 400 under request_denied_hook in Net::Server::HTTP ==== python-psutil ==== - Require unittest2 only for python2: make this suitable for the 15.4_py39 target in devel:languages:python:backports. - Merge skip-obs.patch into skip_failing_tests.patch and add test_linux.py::test_cpu_affinity because it depends on the obs vm-type or worker CPU. ==== python-pycairo ==== Version update (1.22.0 -> 1.23.0) - Update to version 1.23.0 * Reminder to distro packagers: Building/installing pycairo using setup.py is deprecated, please use meson instead. * git: changed default branch from “master” to “main” * Windows: Update the cairo version included in the wheels from 1.17.2 to 1.17.6 #pr-243 * docs: Document how to look up pycairo headers without loading the module #pr-300 * tests: don’t error out if cairo wasn’t built with all features #pr-293 New APIs: * Status.DWRITE_ERROR #pr-294 * Format.RGB96F, Format.RGBA128F #pr-295 * PDFVersion.VERSION_1_6, PDFVersion.VERSION_1_7 #pr-296 * HAS_DWRITE_FONT #pr-297 * Context.set_hairline(), Context.get_hairline() #pr-298 * PDFSurface.set_custom_metadata() #pr-299 ==== python-pycares ==== - Add cleanup_tests.patch to make the test suite slightly more sane. - No, the test suite is just broken, and the upstream doesn't care. ==== supermin ==== - Include sysconfig-netconfig only until SLE15, newer versions don't use it anymore [jsc#PED-1734] ==== systemd ==== Version update (252.2 -> 252.3) Subpackages: libsystemd0 libsystemd0-32bit libudev1 libudev1-32bit systemd-32bit systemd-container systemd-devel systemd-lang udev - Import commit bf3fef99886bd977a1c7a51d20087bc8977fff44 6372fb0cc4 btrfs-util: convert O_PATH if necessary, in btrfs quota call (bsc#1205560) 12e68eb0e5 blockdev-util: move O_PATH fd conversion into btrfs_get_block_device_fd() to shorten things bb2bafdc9d btrfs-util: convert to fd_reopen_condition() 1323232948 fd-util: add new helper fd_reopen_conditional() - Drop 6000-Revert-tmpfiles-whenever-creating-an-inode-immediate.patch It's no more needed as a fix for bsc#1205560 has been queued, see above. - Import commit 82898a14f5b0a965ba9c1efc1913fcdf29d446a8 (merge of v252.3) It includes the following fixes: 9410eb20eb cryptsetup: retry TPM2 unseal operation if it fails with TPM2_RC_PCR_CHANGED (bsc#1204944) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/e7e931b07edd786dc6ca1dae6c23ff7b785f8efd...82898a14f5b0a965ba9c1efc1913fcdf29d446a8 Additionally, it also includes the following backports: - 17b2f9f196 utmp-wtmp: fix error in case isatty() fails - 8d5c487c87 sd-bus: handle -EINTR return from bus_poll() (bsc#1201982) - 2dd217c8b5 tree-wide: modernizations with RET_NERRNO() ==== vim ==== Version update (9.0.0978 -> 9.0.1040) Subpackages: gvim vim-data vim-data-common - Updated to version 9.0.1040, fixes the following problems * Build errors without the +channel feature. (John Marriott) * ch_log() text can be hard to find in the log file. * The keyboard state response may end up in a shell command. * Build error in tiny version. * 'cursorline' not drawn before virtual text below. * Stray characters displayed when starting the GUI. * GUI: remote_foreground() does not always work. (Ron Aaron) * When using kitty keyboard protocol function keys may not work. (Kovid Goyal) * Build failure with tiny version. * File missing from list of distributed files. * Using feedkeys() does not show up in a channel log. * Popupwin test is more flaky on MacOS. * Callback name argument is changed by setqflist(). * Crash when reading help index with various options set. (Marius Gedminas) * Vim9 script: get E1096 when comment follows return. * Display errors when adding or removing text property type. * Tests for empty prop type name fail. * Padding before virtual text below is highlighted when 'number' and 'nowrap' are set. * If 'keyprotocol' is empty "xterm" still uses modifyOtherKeys. * Coverity warns for dead code. * "gk" may reset skipcol when not needed. * Memory may leak. * With 'smoothscroll' skipcol may be reset unnecessarily. * Classes are not documented or implemented yet. * Command list test fails. * Tiny build fails. * Suspend test sometimes fails on MacOS. * A failed test may leave a swap file behind. * Suspend test still sometimes fails on MacOS. * There is no way to get a list of swap file names. * Test for swapfilelist() fails on MS-Windows. * Test for catch after interrupt is flaky on MS-Windows. * Stray warnings for existing swap files. * ml_get error when using screenpos(). * Tests may get stuck in buffer with swap file. * Suspend test often fails on Mac OS. * Zir files are not recognized. * Without /dev/urandom srand() seed is too predictable. * screenpos() does not count filler lines for diff mode. * 'smoothscroll' and virtual text above don't work together. (Yee Cheng Chin) * Tests call GetSwapFileList() before it is defined. * Test trips over g:name. * Suspend test fails on Mac OS when suspending Vim. * WinScrolled is not triggered when filler lines change. * type of w_last_topfill is wrong. * LGTM is soon shutting down. * Mouse shape test is flaky, especially on Mac OS. * Autoload directory missing from distribution. * Using freed memory with the cmdline popup menu. * Vim9 class is not implemented yet. * Test fails when terminal feature is missing. * Tiny build fails because of conflicting typedef. * Reporting swap file when windows are split. * Object members are not being marked as used, garbage collection may free them. * Undo misbehaves when writing from an insert mode mapping. * lalloc(0) error for a class without members. * Function name does not match what it is used for. * Using a mapping CmdlineChanged may be triggered twice. * Test for mapping with CmdlineChanged fails. ==== wavpack ==== Version update (5.5.0 -> 5.6.0) - update to 5.6.0: * added: AIFF file import/export support * added: WATCOM compiler and OS/2 support * added: cmake support for mingw, builds Cooledit + Winamp plugins * added: --force-even-byte-depth option for rounding up bit depths * fixed: detect and report PCM files having non-zero padding bits * fixed: possible crash when displaying long channel assignments * fixed: big-endian-sourced "raw" files gave big-endian "wav"s * fixed: numerous minor issues ==== xen ==== Version update (4.16.2_04 -> 4.17.0_02) Subpackages: xen-libs xen-tools xen-tools-domU - Update to Xen 4.17.0 FCS release (jsc#PED-1858) xen-4.17.0-testing-src.tar.bz2 * On x86 "vga=current" can now be used together with GrUB2's gfxpayload setting. Note that this requires use of "multiboot2" (and "module2") as the GrUB commands loading Xen. * The "gnttab" option now has a new command line sub-option for disabling the GNTTABOP_transfer functionality. * The x86 MCE command line option info is now updated. * Out-of-tree builds for the hypervisor now supported. * __ro_after_init support, for marking data as immutable after boot. * The project has officially adopted 4 directives and 24 rules of MISRA-C, added MISRA-C checker build integration, and defined how to document deviations. * IOMMU superpage support on x86, affecting PV guests as well as HVM/PVH ones when they don't share page tables with the CPU (HAP / EPT / NPT). * Support for VIRT_SSBD and MSR_SPEC_CTRL for HVM guests on AMD. * Improved TSC, CPU, and APIC clock frequency calibration on x86. * Support for Xen using x86 Control Flow Enforcement technology for its own protection. Both Shadow Stacks (ROP protection) and Indirect Branch Tracking (COP/JOP protection). * Add mwait-idle support for SPR and ADL on x86. * Extend security support for hosts to 12 TiB of memory on x86. * Add command line option to set cpuid parameters for dom0 at boot time on x86. * Improved static configuration options on Arm. * cpupools can be specified at boot using device tree on Arm. * It is possible to use PV drivers with dom0less guests, allowing statically booted dom0less guests with PV devices. * On Arm, p2m structures are now allocated out of a pool of memory set aside at domain creation. * Improved mitigations against Spectre-BHB on Arm. * Support VirtIO-MMIO devices device-tree binding creation in toolstack on Arm. * Allow setting the number of CPUs to activate at runtime from command line option on Arm. * Grant-table support on Arm was improved and hardened by implementing "simplified M2P-like approach for the xenheap pages" * Add Renesas R-Car Gen4 IPMMU-VMSA support on Arm. * Add i.MX lpuart and i.MX8QM support on Arm. * Improved toolstack build system. * Add Xue - console over USB 3 Debug Capability. * gitlab-ci automation: Fixes and improvements together with new tests. * dropped support for the (x86-only) "vesa-mtrr" and "vesa-remap" command line options - Drop patches contained in new tarball or invalid 62fde97e-tools-libxl-Replace-deprecated-soundhw-on-QEMU-command-line.patch xsa410-01.patch xsa410-02.patch xsa410-03.patch xsa410-04.patch xsa410-05.patch xsa410-06.patch xsa410-07.patch xsa410-08.patch xsa410-09.patch xsa410-10.patch xsa411.patch - bsc#1203806 - VUL-0: CVE-2022-33746: xen: P2M pool freeing may take excessively long (XSA-410) xsa410-01.patch xsa410-02.patch xsa410-03.patch xsa410-04.patch xsa410-05.patch xsa410-06.patch xsa410-07.patch xsa410-08.patch xsa410-09.patch xsa410-10.patch - bsc#1203807 - VUL-0: CVE-2022-33748: xen: lock order inversion in transitive grant copy handling (XSA-411) xsa411.patch ==== xorg-x11-fonts ==== Subpackages: xorg-x11-fonts-core xorg-x11-fonts-legacy - Do not ever use "%setup -n .": rpm 4.18 tries to be cleaner and remove stuff it extraced, which would lead to 'rm -rf .', which rm does not like. Use "%setup -c" instead, which creates the appropriate %{name}-%{version} directory expected. ==== xorg-x11-fonts-converted ==== - Do not ever use "%setup -n .": rpm 4.18 tries to be cleaner and remove stuff it extraced, which would lead to 'rm -rf .', which rm does not like. Use "%setup -c" instead, which creates the appropriate %{name}-%{version} directory expected. ==== yast2-kdump ==== Version update (4.5.6 -> 4.5.7) - Support fadump values in output of kdumptools calibrate (jsc#PED-1927) - drop support for older kdumptools - remove limits when kdumptools calibrate failed to allow user enter anything - 4.5.7