Packages changed: Mesa (24.3.4 -> 25.0.0) Mesa-drivers (24.3.4 -> 25.0.0) MicroOS-release (20250219 -> 20250302) NetworkManager (1.50.0 -> 1.50.3) apparmor bash bash-completion bluedevil6 (6.3.0 -> 6.3.2) bluez breeze6 (6.3.0 -> 6.3.2) breeze6-gtk (6.3.0 -> 6.3.2) cockpit conmon (2.1.12 -> 2.1.13) discover6 (6.3.0 -> 6.3.2) docker (27.4.1_ce -> 27.5.1_ce) ffmpeg-4 ffmpeg-7 fftw3 file flatpak-kcm6 (6.3.0 -> 6.3.2) gcc gcc14 (14.2.1+git10750 -> 14.2.1+git11321) glib2 (2.82.4 -> 2.82.5) glibc (2.40 -> 2.41) gmp gnutls (3.8.8 -> 3.8.9) gpg2 (2.5.3 -> 2.5.4) gpgme grub2 gvfs harfbuzz (10.2.0 -> 10.3.0) json-c (0.17 -> 0.18) kactivitymanagerd6 (6.3.0 -> 6.3.2) kde-cli-tools6 (6.3.0 -> 6.3.2) kde-gtk-config6 (6.3.0 -> 6.3.2) kdecoration6 (6.3.0 -> 6.3.2) kdeplasma6-addons (6.3.0 -> 6.3.2) kernel-default-base (6.13.3 -> 6.13.5) kernel-firmware-amdgpu (20250206 -> 20250219) kernel-firmware-ath10k kernel-firmware-ath11k (20250206 -> 20250227) kernel-firmware-bluetooth (20250208 -> 20250219) kernel-firmware-mediatek (20250206 -> 20250220) kernel-firmware-network (20250206 -> 20250219) kernel-firmware-platform (20250206 -> 20250220) kernel-firmware-qcom (20250206 -> 20250219) kernel-firmware-realtek (20250206 -> 20250224) kernel-firmware-sound (20250217 -> 20250219) kernel-source (6.13.3 -> 6.13.5) kgamma6 (6.3.0 -> 6.3.2) kglobalacceld6 (6.3.0 -> 6.3.2) kinfocenter6 (6.3.0 -> 6.3.2) kmenuedit6 (6.3.0 -> 6.3.2) kmod (33 -> 34) kpipewire6 (6.3.0 -> 6.3.2) kscreen6 (6.3.0 -> 6.3.2) kscreenlocker6 (6.3.0 -> 6.3.2) ksshaskpass6 (6.3.0 -> 6.3.2) ksystemstats6 (6.3.0 -> 6.3.2) kwayland-integration6 (6.3.0 -> 6.3.2) kwayland6 (6.3.0 -> 6.3.2) kwin6 (6.3.0 -> 6.3.2.1) layer-shell-qt6 (6.3.0 -> 6.3.2) libX11 libXt libaccounts-glib (1.26 -> 1.27) libapparmor libarchive libassuan (3.0.1 -> 3.0.2) libcaca libdisplay-info libkscreen6 (6.3.0 -> 6.3.2) libksysguard6 (6.3.0 -> 6.3.2) libnotify (0.8.3 -> 0.8.4) libostree libplasma6 (6.3.0 -> 6.3.2) libplist (2.3.0 -> 2.6.0) libsecret libssh libwacom (2.12.2 -> 2.14.0) libxcb libxkbfile libxml2 (2.13.5 -> 2.13.6) libxmlb (0.3.19 -> 0.3.21) libzip (1.11.2 -> 1.11.3) libzypp (17.36.1 -> 17.36.4) llvm19 lvm2 lvm2-device-mapper makedumpfile (1.7.5 -> 1.7.6) microos-tools (4.0+git6 -> 4.0+git7) milou6 (6.3.0 -> 6.3.2) ncurses (6.5.20250201 -> 6.5.20250222) open-vm-tools openssh passt (20250121.4f2c8e7 -> 20250217.a1e48a0) patterns-base patterns-gnome patterns-microos pcr-oracle pipewire (1.3.82 -> 1.3.83) plasma5support6 (6.3.0 -> 6.3.2) plasma6-activities (6.3.0 -> 6.3.2) plasma6-activities-stats (6.3.0 -> 6.3.2) plasma6-browser-integration (6.3.0 -> 6.3.2) plasma6-desktop (6.3.0 -> 6.3.2) plasma6-integration (6.3.0 -> 6.3.2) plasma6-nm (6.3.0 -> 6.3.2) plasma6-openSUSE plasma6-pa (6.3.0 -> 6.3.2) plasma6-print-manager (6.3.0 -> 6.3.2) plasma6-systemmonitor (6.3.0 -> 6.3.2) plasma6-workspace (6.3.0 -> 6.3.2) podman polkit-default-privs (1550+20250217.25d4aef -> 1550+20250225.49f846d) polkit-kde-agent-6 (6.3.0 -> 6.3.2) poppler (25.01.0 -> 25.02.0) poppler-qt6 (25.01.0 -> 25.02.0) powerdevil6 (6.3.0 -> 6.3.2) pulseaudio-qt6 (1.6.1 -> 1.7.0) python-MarkupSafe python-cryptography (44.0.0 -> 44.0.1) python311-setuptools (75.6.0 -> 75.8.0) qemu (9.2.1 -> 9.2.2) qqc2-breeze-style6 (6.3.0 -> 6.3.2) qt6-tools sdbootutil (1+git20250219.a796c24 -> 1+git20250225.b78f812) sddm-kcm6 (6.3.0 -> 6.3.2) selinux-policy (20250218 -> 20250224) shadow (4.17.2 -> 4.17.3) shim-leap sof-firmware (2024.09.2 -> 2025.01) spectacle (24.12.2 -> 6.3.2) speech-dispatcher (0.12.0~rc4 -> 0.12.0) sqlite3 (3.49.0 -> 3.49.1) systemsettings6 (6.3.0 -> 6.3.2) tiff util-linux util-linux-systemd vim (9.1.1101 -> 9.1.1134) xdg-desktop-portal (1.19.4 -> 1.20.0) xdg-desktop-portal-kde6 (6.3.0 -> 6.3.2) xdm xinit xorg-x11-server xterm xwayland (24.1.5 -> 24.1.6) yast2 (5.0.11 -> 5.0.12) zstd (1.5.6 -> 1.5.7) zypper (1.14.84 -> 1.14.87) === Details === ==== Mesa ==== Version update (24.3.4 -> 25.0.0) Subpackages: Mesa-libEGL1 Mesa-libGL1 libgbm1 - Add explanation for the "CM" in "GLESv1_CM". - Drop idempotent %if..%endif guards that do nothing. - Combine some rm calls in the build recipe. - Add -v argument to all rm calls to see the result of the deletion in the build log. - Update to release 25.0.0 - -> https://docs.mesa3d.org/relnotes/25.0.0 - adjusted u_dep_xcb.patch - supersedes U_radeonsi-disallow-compute-queues-on-Raven-Raven2-due.patch - libglapi merged into libgallium - add patches to fix compilation with Python 3.6 (SLE15 SP7, SLE16, Leap 15.6) * u_intel-drop-annotations-from-spv2hex.patch * u_meson-lower-python-version-requirement.patch - -> credits go to "Mikhail Paulyshka" ==== Mesa-drivers ==== Version update (24.3.4 -> 25.0.0) Subpackages: Mesa-dri Mesa-gallium - Add explanation for the "CM" in "GLESv1_CM". - Drop idempotent %if..%endif guards that do nothing. - Combine some rm calls in the build recipe. - Add -v argument to all rm calls to see the result of the deletion in the build log. - Update to release 25.0.0 - -> https://docs.mesa3d.org/relnotes/25.0.0 - adjusted u_dep_xcb.patch - supersedes U_radeonsi-disallow-compute-queues-on-Raven-Raven2-due.patch - libglapi merged into libgallium - add patches to fix compilation with Python 3.6 (SLE15 SP7, SLE16, Leap 15.6) * u_intel-drop-annotations-from-spv2hex.patch * u_meson-lower-python-version-requirement.patch - -> credits go to "Mikhail Paulyshka" ==== MicroOS-release ==== Version update (20250219 -> 20250302) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== NetworkManager ==== Version update (1.50.0 -> 1.50.3) Subpackages: NetworkManager-bluetooth NetworkManager-tui NetworkManager-wwan libnm0 typelib-1_0-NM-1_0 - Update to version 1.50.3: + Wait configuring MPTCP endpoints until DAD has completed. + Properly autoconnect OVS ports at boot. + Allow configuring "shared" IPv6 method in nmtui. - Changes from version 1.50.2: + Fix potential crash when the property "ipv4.dhcp-send-release" is enabled. + Support routing rules for VPN connections. + Place the route to the VPN gateway into the table defined by the "ipv{4,6}.route-table" properties- + Fix error handling rp_filter when kernel don't support MPTCP. + Fix configuration of VLAN QoS mappings. - Changes from version 1.50.1: + nmcli: fix handling of connection.down-on-poweroff property + sriov: only validate sriov capacity when enabled + wwan: fix crash with IPv4 and method=auto + dns: fix deleting internal global DNS configuration + wifi: fix list corruption when scanning with explicit SSID + bonding: steer IGMP queries to the active bond balance-slb primary port + Remove routes added by NM on reapply + Never retry ACD on NOARP interfaces + Support IPv6 EUI64 link-local address for ipv6 tunnels ==== apparmor ==== - add py313-aa-notify.patch to adapt the last bits to python 3.13 - Fix commented out macros ==== bash ==== Subpackages: bash-sh - Explicitly specify that the build recipe needs bash ==== bash-completion ==== - Drop completions for kmod; kmod>=34 provides its own now. ==== bluedevil6 ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== bluez ==== Subpackages: bluez-auto-enable-devices bluez-cups libbluetooth3 - Add supplements bluedevil6 for bluez-obexd * In Plasma 6 bluedevil5 got renamed to bluedevil6. While bluedevil6 provides bluedevil5 on Tumbleweed it's a good idea to add it for future proofing. ==== breeze6 ==== Version update (6.3.0 -> 6.3.2) Subpackages: breeze6-cursors breeze6-decoration breeze6-style breeze6-wallpapers - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * Fix crash in some non-KDE apps (kde#499960) * update version for new release ==== breeze6-gtk ==== Version update (6.3.0 -> 6.3.2) Subpackages: gtk2-metatheme-breeze6 gtk3-metatheme-breeze6 gtk4-metatheme-breeze6 metatheme-breeze6-common - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== cockpit ==== Subpackages: cockpit-bridge cockpit-networkmanager cockpit-packagekit cockpit-system cockpit-ws - fix build with latest local-npm-registry - Always apply 0007-Remove-DynamicUser-setting-as-these-conflict-with-re.patch for every build system. Fixes bsc#1237451 - Add functionality to cockpit-packagekit that allows selecting what updates should be applied - Added packagekit-single-install.patch file that adds this functionality ==== conmon ==== Version update (2.1.12 -> 2.1.13) - New upstream release 2.1.13 [#]## Bug fixes * Make timestamp generation never fail. * Change permissions of logs from 0600 to 0640 * Avoid bogus journal filling errors * Fix typos and clarify man page. * conmon: do not create oom file under cwd * logging: remove unuseful fsync ==== discover6 ==== Version update (6.3.0 -> 6.3.2) Subpackages: discover6-backend-flatpak discover6-backend-fwupd discover6-notifier - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release * Fix nonfree app license name colors * Clear the transactions job together with the SNI * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release * updatemodel: collate names (kde#499638) * update version for new release ==== docker ==== Version update (27.4.1_ce -> 27.5.1_ce) Subpackages: docker-buildx docker-rootless-extras - Update to Docker 27.5.1-ce. See upstream changelog online at bsc#1237335 - Rebase patches: * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch * cli-0001-docs-include-required-tools-in-source-tree.patch - Update to docker-buildx 0.20.1. See upstream changelog online at ==== ffmpeg-4 ==== Subpackages: libavcodec58_134 libavformat58_76 libavutil56_70 libpostproc55_9 libswresample3_9 libswscale5_9 - Add ffmpeg-7-CVE-2025-22921.patch: Backporting 7f9c7f98 from upstream, clear array length when freeing it. (CVE-2025-22921, bsc#1237382) - Add ffmpeg-7-CVE-2025-25473.patch: Backporting c08d3004 from upstream, clear FFFormatContext packet. When packet_buffer is used in mux.c, and if a muxing process fails at a point where packets remained in said queue. (CVE-2025-25473, bsc#1237351) - Add ffmpeg-7-CVE-2025-0518.patch: Backporting b5b6391d from upstream, fixes memory data leak when use sscanf(). (CVE-2025-0518, bsc#1236007) - Add ffmpeg-7-CVE-2025-22919.patch: Backporting 1446e37d from upstream, check for valid sample rate As the sample rate <= 0 is invalid. (CVE-2025-22919, bsc#1237371) - Add ffmpeg-4-CVE-2024-12361.patch: Backporting 4065ff69 from upstream, add check for av_packet_new_side_data() to avoid null pointer dereference if allocation fails. (CVE-2024-12361, bsc#1237358) - Add ffmpeg-4-CVE-2024-35368.patch: Backporting 45133009 from upstream, After having created the AVBuffer that is put into frame->buf[0], ownership of several objects Fix double-free on the AVFrame is unreferenced. (CVE-2024-35368, bsc#1234028) ==== ffmpeg-7 ==== Subpackages: libavcodec61 libavfilter10 libavformat61 libavutil59 libpostproc58 libswresample5 libswscale8 - Add ffmpeg-7-CVE-2025-22921.patch: Backporting 7f9c7f98 from upstream, clear array length when freeing it. (CVE-2025-22921, bsc#1237382) - Add ffmpeg-7-CVE-2025-25473.patch: Backporting c08d3004 from upstream, clear FFFormatContext packet. When packet_buffer is used in mux.c, and if a muxing process fails at a point where packets remained in said queue. (CVE-2025-25473, bsc#1237351) - Add ffmpeg-7-CVE-2025-0518.patch: Backporting b5b6391d from upstream, fixes memory data leak when use sscanf(). (CVE-2025-0518, bsc#1236007) - Add ffmpeg-7-CVE-2025-22919.patch: Backporting 1446e37d from upstream, check for valid sample rate As the sample rate <= 0 is invalid. (CVE-2025-22919, bsc#1237371) ==== fftw3 ==== - Disable openmpi for 32b non-hpc builds as OpenMPI >= 5 has no support for these architectures. - Cleanup flags handling mpi with s390/s390x ==== file ==== Subpackages: file-magic libmagic1 - Add patch boo1237209.patch temporary * Fix stack overrun (boo#1237209) ==== flatpak-kcm6 ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - No code changes since 6.3.1 - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - No code changes since 6.3.0 ==== gcc ==== - Check is_opensuse for whether plugins are enabled. ==== gcc14 ==== Version update (14.2.1+git10750 -> 14.2.1+git11321) Subpackages: cpp14 libgcc_s1 libgfortran5 libgomp1 libstdc++6 libubsan1 - Update to gcc-14 branch head, 9ffecde121af883b60bbe60d0, git11321 * fixes reported ICE in [bsc#1237442] - Drop gcc14-pr116629.patch now backported to the branch. - Adjust cross compiler requirements to use %requires_ge - Fix condition on whether to enable plugins or JIT support to not check sle_version which is not defined in SLFO but to check is_opensuse and suse_version instead. - Add gcc14-pr118780.patch to make the SLFO config work. - For cross compilers require the same or newer binutils, newlib or cross-glibc that was used at build time. [bsc#1232526] - Define ALT_CC_UNDER_TEST and ALT_CXX_UNDER_TEST for compat tests - Switch to glibc based cross-compiler for target hppa - disable go on loongarch64 for now - Add loongarch64 to asan_arch, atomic_arch, itm_arch, lsan_arch, tsan_arch and ubsan_arch - Add larchintrin.h, lasxintrin.h and lsxintrin.h headers to gccXY main package in %files section - Set build_primary_64bit to 1 for loongarch64 - Add loongarch64 as new target ==== glib2 ==== Version update (2.82.4 -> 2.82.5) Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 typelib-1_0-GLib-2_0 typelib-1_0-GModule-2_0 typelib-1_0-GObject-2_0 typelib-1_0-Gio-2_0 - Update to version 2.82.5: + Bugs fixed: - gosxappinfo: Correctly launch list of files - Don't mark test setups as default in subprojects - gdatetime: Fix integer overflow when parsing very long ISO8601 inputs ==== glibc ==== Version update (2.40 -> 2.41) Subpackages: glibc-locale glibc-locale-base - Bump minimal kernel version to 4.3 to enable use of direct socketcalls on x86-32 and s390x (bsc#1234713) - Build cross-hppa and cross-loongarch64 only with gcc >= 14 - round-log10p1f.patch: math: Fix log10p1f internal table value (BZ [#32626]) - round-sinhf.patch: math: Fix sinhf for some inputs (BZ #32627) - nptl-stack-size-up.patch: nptl: Correct stack size attribute when stack grows up (BZ #32574) - round-tanf.patch: math: Fix tanf for some inputs (BZ 32630) - tst-aarch64-pkey.patch: Fix tst-aarch64-pkey to handle ENOSPC as not supported - float128-sycl.patch: x86 (__HAVE_FLOAT128): Defined to 0 for Intel SYCL compiler (BZ #32723) - Remove nis from nsswitch.conf (bsc#1237210) - Use rpm.execute when available (bsc#1236869) - Update to glibc 2.41 * In /etc/resolv.conf and the RES_OPTIONS environment variable, option flags can now be prefixed with “-” to clear previously set flags * The DNS stub resolver now supports the strict-error option * On Linux, the sched_setattr and sched_getattr functions have been added * The iconv program now supports converting files in place * Character encoding, character type info, and transliteration tables have been updated to Unicode 16.0.0 * The following ISO C23 function families (introduced in TS 18661-4:2015) are now supported in : - Trigonometric functions: acospi, asinpi, atan2pi, atanpi, cospi, sinpi, tanpi. * The GNU C Library now supports a feature test macro _ISOC2Y_SOURCE to enable features from the draft ISO C2Y standard * Optimized and correctly rounded exp10m1f, exp2m1f, expm1f, log10f, log2p1f, log1pf, log10p1f, cbrtf, erff, erfcf, lgammaf, tgammaf, tanf, acosf, acoshf, asinf, asinhf, atanf, atan2f, atanhf, coshf, sinhf, and tanhf functions have been added from the CORE-MATH project * A new tunable, glibc.rtld.execstack, can be used to control whether an executable stack is allowed from the main program, either implicitly due to a mising GNU_STACK ELF header or explicit explicitly because of the executable bit in GNU_STACK * Support for the extensible rseq ABI introduced in the Linux kernel version 6.3 has been added * The GNU C Library now supports the Guarded Control Stack extension that allows to use shadow stacks on AArch64 systems that support this extension * Significant effort has been put into improving the code generation and speed of mathematical functions in the vector mathematics library on AArch64, with regard to the Scalable Vector Extension (SVE) and Advanced SIMD (Neon) intrinsics * Support for memory protection keys on AArch64 systems with enabled Stage 1 permission overlays feature as introduced in Armv8.9 / 9.4 has been added * On PowerPC64, support for the return-oriented programming protection instructions added in ISA 3.1 (Power10) has been added, as well as function optimizations for Power10 * A new architecture type has been introduced internally to better support Hygon x86-64 processors * abort is now async-signal-safe and its implementation makes longjmp from the SIGABRT handler always abort if set up with setjmp * dlopen and dlmopen no longer make the stack executable if a shared library requires it, either implicitly because of a missing GNU_STACK ELF header (and default ABI permission having the executable bit set) or explicitly because of the executable bit in GNU_STACK, and the stack is not already executable * On recent Linux kernels with vDSO getrandom support, getrandom does not act as a "shall occur" cancellation point, in which case it might not issue a syscall or trigger a deferred cancellation event * GLIBC-SA-2025-0001: assert: Buffer overflow when printing assertion failure message (CVE-2025-0395) - Add cross-hppa and cross-loongarch64 packages - gen-tempname-randomness.patch: Removed - ulp-prologue-into-asm-functions.patch: Rebase ==== gmp ==== - Manually select the z13/z14 architecture level specific assembly routines for s390x and SLFO since GMP lacks fat binary support there and also lacks a way to auto-detect the architecture level used at compile-time. [jsc#PED-3270] ==== gnutls ==== Version update (3.8.8 -> 3.8.9) - Update to 3.8.9 - libgnutls: leancrypto was added as an interim option for PQC The library can now be built with leancrypto instead of liboqs for post-quantum cryptography (PQC), when configured with - -with-leancrypto option instead of --with-liboqs. - libgnutls: Experimental support for ML-DSA signature algorithm The library and certtool now support ML-DSA signature algorithm as defined in FIPS 204 and based on draft-ietf-lamps-dilithium-certificates-04. This feature is currently marked as experimental and can only be enabled when compiled with --with-leancrypto or --with-liboqs. Contributed by David Dudas. - libgnutls: Support for ML-KEM-1024 key encapsulation mechanism The support for ML-KEM post-quantum key encapsulation mechanisms has been extended to cover ML-KEM-1024, in addition to ML-KEM-768. MLKEM1024 is only offered as SecP384r1MLKEM1024 hybrid as per draft-kwiatkowski-tls-ecdhe-mlkem-03. - libgnutls: Fix potential DoS in handling certificates with numerous name constraints, as a follow-up of CVE-2024-12133 in libtasn1. The bundled copy of libtasn1 has also been updated to the latest 4.20.0 release to complete the fix. Reported by Bing Shi (#1553). [GNUTLS-SA-2025-02-07, CVSS: medium] [bsc#1236974, CVE-2024-12243 - Licensing information moved to REAMDE.md, COPYING, COPYING.LESSERv2 * Rebased gnutls-FIPS-140-3-references.patch * Rebased gnutls-FIPS-TLS_KDF_selftest.patch * Rebased gnutls-FIPS-jitterentropy.patch * Rebased gnutls-disable-flaky-test-dtls-resume.patch * Rebased gnutls-srp-test-SIGPIPE.patch * Rebased gnutls-3.5.11-skip-trust-store-tests.patch * Add gnutls-set-cligen-python-interp.patch * Add gnutls-skip-pqx-test.patch ==== gpg2 ==== Version update (2.5.3 -> 2.5.4) - Fixing gpg-agent integration by changing --supervised to - -deprecated-supervised in service files. - Update to 2.5.4: * gpg: New option --disable-pqc-encryption. [rG00c31f8b04] * gpg: Fix --quick-add-key for Weierstrass ECC with usage given. [T7506] * gpg: Fix handling with no CRC armor. [T7071] * gpg: New private Kyber keys are now cross-referenced using a new Link attribute. [T6638] * gpg: Fix an import problem with keys having another primary key as a subkey. [T7527] * gpgsm: Allow unattended PKCS#12 export without passphrase. [rG159e801043] * gpgsm: Allow CSR generation with an unprotected key. [rG89055f24f4] * agent: New option --change-std-env-name. [T7522] * agent: Fix ssh-agent's request_identities for skipped Brainpool keys. [rG2469dc5aae] * Do not package zlib and bzip2 object files in a speedo release build. [T7442] * Rebase patches: - gnupg-add_legacy_FIPS_mode_option.patch - gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch - gnupg-revert-rfc4880bis.patch ==== gpgme ==== Subpackages: libgpgme11 libgpgmepp6 python311-gpg - Don't own content of all common-lisp directories, just own the directories themselves (adding %dir in front of them). Prevents duplicate ownership of the Common Lisp files. ==== grub2 ==== Subpackages: grub2-arm64-efi grub2-common grub2-snapper-plugin - Make SLFO/SLE-16 and openSUSE have identical package structures - Provide grub2--efi-bls for SLFO/SLE-16 - Fix grub-bls does not rollback via setting new default (bsc#1237198) * 0001-bls-Accept-.conf-suffix-in-setting-default-entry.patch ==== gvfs ==== Subpackages: gvfs-backend-afc gvfs-backend-goa gvfs-backend-samba gvfs-backends gvfs-fuse - add README.SUSE about security concerns in gvfs (bsc#1205607) ==== harfbuzz ==== Version update (10.2.0 -> 10.3.0) Subpackages: libharfbuzz-gobject0 libharfbuzz-icu0 libharfbuzz-subset0 libharfbuzz0 typelib-1_0-HarfBuzz-0_0 - Update to version 10.3.0: + Vastly improved “AAT” shaping performance. LucidaGrande benchmark-shape before: 14.6ms after: 5.9ms. + Improved OpenType shaping performance (kerning / ligature), at the expense of ~1kb per face allocated cache memory. Roboto-Regular benchmark-shape before: 10.3ms after: 9.4ms. + Improved “COLRv1” benchmark-font paint performance. Before: 7.85ms after 4.85ms. + Don’t apply glyph substitutions in “morx” table of a font with known broken “morx” table (AALMAGHRIBI.ttf font). + Update IANA and OT language registries. + Various documentation updates. + Various build improvements, and test speed-ups. + The “hb_face_reference_blob()” API now works for faces created with “hb_face_create_for_tables()” if the face sets “get_table_tags” callback. This constructs a new face blob from individual table blobs. + Various fixes to how “trak” table is handled to bring it closer to Core Text behaviour. Particularly, the tracking values for sizes not explicitly set in the table are now properly interpolated, and the tracking is applied to glyph advances when they are returned by ot-font functions, instead of applying them during shaping. The “trak” pseudo OpenType feature that could be used to disable “trak” table application have been dropped. + Core Text font functions now support non-BMP code points. + The drawing algorithm used by hb-draw for “glyf” table now match the algorithm used by FreeType and Core Text. + The “hb_coretext_font_create()” API now copy font variations from Core Text font to the created HarfBuzz font. + Add an API to get the feature tags enabled on a given shape-plan after executing it, which can be used to applications to show in the UI what features are applied by default (which can vary based on the font, the script, the language, and the direction set on the buffer). + Add APIs to created HarfBuzz font from DirectWrite font, and copy the font variations. + New API: hb_directwrite_font_create() hb_directwrite_font_get_dw_font() hb_ot_shape_plan_get_feature_tags() ==== json-c ==== Version update (0.17 -> 0.18) - update to 0.18: * Clean up pre-3.9 CMake support in CMakeLists.txt * Build pkg-config for msvc as well * Critical fix for binary compatibility with 0.16: Move the json_tokener_error_memory entry to the end of enum json_tokener_error. * Issue #829: attempt to detect clang-cl.exe and pass MSVC- compatile command line arguments. * PR #831 - rename WIN32 to _WIN32 * PR #839 - Fix gcc 5 "may be used uninitialized" failure in json_pointer.c * PR #849 - random_seed.c: add a Coverity Scan suppression * Issue #854: Set error=json_tokener_error_memory in json_tokener_parser_verbose() when allocating the tokener fails. * Issue #857: fix a few places where json_tokener should have been returning json_tokener_error_memory but wasn't. * Handle yet another out-of-memory condition in json_tokener, duplocate can return NULL. * Various fixes in the fuzzers * A few minor doc fixes ==== kactivitymanagerd6 ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== kde-cli-tools6 ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== kde-gtk-config6 ==== Version update (6.3.0 -> 6.3.2) Subpackages: kde-gtk-config6-gtk3 - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== kdecoration6 ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * Expose application menu dbus interface info * update version for new release - Fix libkdecorations3private1 package name: * SOVER is 1, not 11 * Add Obsoletes to replace the broken package * Mention sover in %files to prevent this in the future - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== kdeplasma6-addons ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release * applets/weather: Fix layout for large station names * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release * applets/colorpicker: fix RadioButton * applets/colorpicker: fix tooltips * applets/katesessions: fix keyboard activation * runners/datetime: Fix datetimerunnertest * applets/weather: Promote bbcukmet quality * wallpapers/potd: fix typo * update version for new release ==== kernel-default-base ==== Version update (6.13.3 -> 6.13.5) - Add 9p with support for virtio and xen ==== kernel-firmware-amdgpu ==== Version update (20250206 -> 20250219) - Update to version 20250219 (git commit 5faab136de1a): * amdgpu: Update ISP FW for isp v4.1.1 ==== kernel-firmware-ath10k ==== - Don't install superfluous info texts to firmware directory - Update license entry ==== kernel-firmware-ath11k ==== Version update (20250206 -> 20250227) - Update to version 20250227 (git commit 30f36b8b9053): * ath11k: QCN9074 hw1.0: update to WLAN.HK.2.9.0.1-02175-QCAHKSWPL_SILICONZ-2 * ath11k: QCA6698AQ hw2.1: update to WLAN.HSP.1.1-04604-QCAHSPSWPL_V1_V2_SILICONZ_IOE-1 * ath11k: QCA6698AQ hw2.1: update board-2.bin - Don't install superfluous info files to firmware directory ==== kernel-firmware-bluetooth ==== Version update (20250208 -> 20250219) - Update to version 20250219 (git commit 5faab136de1a): * qca: update WCN3988 firmware ==== kernel-firmware-mediatek ==== Version update (20250206 -> 20250220) - Update to version 20250220 (git commit 6cf959daab2a): * linux-firmware: update firmware for MT7920 WiFi device ==== kernel-firmware-network ==== Version update (20250206 -> 20250219) - Update to version 20250219 (git commit 5faab136de1a): * linux-firmware: update firmware for en8811h 2.5G ethernet phy ==== kernel-firmware-platform ==== Version update (20250206 -> 20250220) - Update to version 20250220 (git commit 6cf959daab2a): * linux-firmware: Update AMD SEV firmware ==== kernel-firmware-qcom ==== Version update (20250206 -> 20250219) - Update to version 20250219 (git commit 5faab136de1a): * qcom: add firmware for Adreno A225 ==== kernel-firmware-realtek ==== Version update (20250206 -> 20250224) - Update to version 20250224 (git commit 1a1470d90de2): * rtw89: 8852bt: update fw to v0.29.122.0 and BB parameter to 07 ==== kernel-firmware-sound ==== Version update (20250217 -> 20250219) - Update to version 20250219 (git commit 5faab136de1a): * cirrus: cs35l56: Add and update firmware for Cirrus CS35L56 for two HP laptops * cirrus: cs35l56: Add firmware for Cirrus Amps for some ASUS laptops * cirrus: cs35l56: Add and update firmware for Cirrus CS35L56 for various Lenovo laptops * cirrus: cs35l56: Update firmware for Cirrus Amps for some Dell laptops ==== kernel-source ==== Version update (6.13.3 -> 6.13.5) Subpackages: kernel-64kb kernel-default - Linux 6.13.5 (bsc#1012628). - drm/amdgpu: bump version for RV/PCO compute fix (bsc#1012628). - drm/amdgpu/gfx9: manually control gfxoff for CS on RV (bsc#1012628). - net: pse-pd: Fix deadlock in current limit functions (bsc#1012628). - tracing: Fix using ret variable in tracing_set_tracer() (bsc#1012628). - drm: select DRM_KMS_HELPER from DRM_GEM_SHMEM_HELPER (bsc#1012628). - ftrace: Do not add duplicate entries in subops manager ops (bsc#1012628). - ftrace: Fix accounting of adding subops to a manager ops (bsc#1012628). - ftrace: Correct preemption accounting for function tracing (bsc#1012628). - EDAC/qcom: Correct interrupt enable register configuration (bsc#1012628). - smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1012628). - irqchip/gic-v3: Fix rk3399 workaround when secure interrupts are enabled (bsc#1012628). - perf/x86/intel: Fix event constraints for LNC (bsc#1012628). - mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (bsc#1012628). - mtd: rawnand: cadence: use dma_map_resource for sdma address (bsc#1012628). - mtd: rawnand: cadence: fix error code in cadence_nand_init() (bsc#1012628). - mtd: spi-nor: sst: Fix SST write failure (bsc#1012628). - mm,madvise,hugetlb: check for 0-length range after end address adjustment (bsc#1012628). - acct: block access to kernel internal filesystems (bsc#1012628). - acct: perform last write from workqueue (bsc#1012628). - ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close (bsc#1012628). - ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (bsc#1012628). - ALSA: hda: Add error check for snd_ctl_rename_id() in snd_hda_create_dig_out_ctls() (bsc#1012628). - ASoC: fsl_micfil: Enable default case in micfil_set_quality() (bsc#1012628). - ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (bsc#1012628). - gve: set xdp redirect target only when it is available (bsc#1012628). - nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1012628). - mm/zswap: fix inconsistency when zswap_store_page() fails (bsc#1012628). - smb: client: fix chmod(2) regression with ATTR_READONLY (bsc#1012628). - lib/iov_iter: fix import_iovec_ubuf iovec management (bsc#1012628). - xfs: fix online repair probing when CONFIG_XFS_ONLINE_REPAIR=n (bsc#1012628). - s390/boot: Fix ESSA detection (bsc#1012628). - soc: loongson: loongson2_guts: Add check for devm_kstrdup() (bsc#1012628). - gpio: vf610: add locking to gpio direction functions (bsc#1012628). - arm64: dts: rockchip: Disable DMA for uart5 on px30-ringneck (bsc#1012628). - arm64: dts: rockchip: Move uart5 pin configuration to px30 ringneck SoM (bsc#1012628). - arm64: dts: rockchip: Fix broken tsadc pinctrl names for rk3588 (bsc#1012628). - arm64: dts: rockchip: change eth phy mode to rgmii-id for orangepi r1 plus lts (bsc#1012628). - mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() (bsc#1012628). - drop_monitor: fix incorrect initialization order (bsc#1012628). - tee: optee: Fix supplicant wait loop (bsc#1012628). - gpiolib: protect gpio_chip with SRCU in array_info paths in multi get/set (bsc#1012628). - io_uring: prevent opcode speculation (bsc#1012628). - io_uring/rw: forbid multishot async reads (bsc#1012628). - drm/i915/dsi: Use TRANS_DDI_FUNC_CTL's own port width macro (bsc#1012628). - drm/i915/gt: Use spin_lock_irqsave() in interruptible context (bsc#1012628). - drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (bsc#1012628). - drm/i915/dp: Fix error handling during 128b/132b link training (bsc#1012628). - drm/i915: Make sure all planes in use by the joiner have their crtc included (bsc#1012628). - drm/msm/dpu: Disable dither in phys encoder cleanup (bsc#1012628). - drm/msm/dp: account for widebus and yuv420 during mode validation (bsc#1012628). - drm: panel: jd9365da-h3: fix reset signal polarity (bsc#1012628). - sched: Compact RSEQ concurrency IDs with reduced threads and affinity (bsc#1012628). - irqchip/jcore-aic, clocksource/drivers/jcore: Fix jcore-pit interrupt request (bsc#1012628). - drm/nouveau/pmu: Fix gp10b firmware guard (bsc#1012628). - bpf: skip non exist keys in generic_map_lookup_batch (bsc#1012628). ... changelog too long, skipping 605 lines ... - commit a27f785 ==== kgamma6 ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== kglobalacceld6 ==== Version update (6.3.0 -> 6.3.2) Subpackages: libKGlobalAccelD6-0 - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== kinfocenter6 ==== Version update (6.3.0 -> 6.3.2) - Downgrade dmidecode (not available on all archs) and /usr/bin/eglinfo (boo#1238199) to recommends again - Update spec to the current state of things: * Requires aha if fwupd * Requires clinfo if OpenCL is installed * Requires dmidecode to show device Product Name, Serial Number and information on system memory * Recommends libdisplay-info-tools (/usr/bin/di-edid-decode) for EDID kcm. * Requires /usr/bin/eglinfo, instead of Recommends. * Deprecate update-desktop-files (https://en.opensuse.org/openSUSE:Update-desktop-files_deprecation) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release * about: align gpu pills more neatly (kde#500355) * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release * kcms/energy: Fix page size flickering (kde#480804) ==== kmenuedit6 ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== kmod ==== Version update (33 -> 34) Subpackages: libkmod2 - Update to release 34 * modinfo now dlopens compression libraries, and only if needed. (insmod/modprobe exercises the kernel's built-in decompression anyway, so is unaffected). * depmod: add -m option for overriding the module directory at runtime. * depmod: deleted deprecated options --unresolved-error, --quiet, - root and --map. * rmmod: deleted deprecated option -w. * insmod: deleted deprecated options -p, -s. - Delete 0001-testsuite-fix-path-for-test-user.patch (obsolete) ==== kpipewire6 ==== Version update (6.3.0 -> 6.3.2) Subpackages: kpipewire6-imports libKPipeWire6 libKPipeWireDmaBuf6 libKPipeWireRecord6 - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * Use malloc to create AVDRMFrameDescriptor * update version for new release ==== kscreen6 ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release * kcm: Support scaling with denominator of 120 (kde#500531) * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release * kcm: re-enable revert message for color power preference ==== kscreenlocker6 ==== Version update (6.3.0 -> 6.3.2) Subpackages: libKScreenLocker6 - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== ksshaskpass6 ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== ksystemstats6 ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== kwayland-integration6 ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== kwayland6 ==== Version update (6.3.0 -> 6.3.2) Subpackages: libKWaylandClient6 - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== kwin6 ==== Version update (6.3.0 -> 6.3.2.1) Subpackages: libkwin6 - Update to 6.3.2.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2.1 - Changes since 6.3.2: * Revert "workspace: better deal with having more outputs than the GPU can drive" * kcms/rules: Fix showing selected VD on X11 (kde#484165) * autotests: Fix testInputCapture with libei 1.4.0 - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * workspace: don't set brightness to the display value on every startup (kde#494408) * workspace: better deal with having more outputs than the GPU can drive * backends/drm: reject output configurations that can't be powered at all (kde#500031) * update version for new release * Workaround hard freeze during interactive move * input: remove check for touch sequence (kde#500557) * Fix build compat with Qt 6.7 * workspace: use frameGeometry for findWindowToActivate (kde#500529) * core/renderloop: use PreciseTimer for render loop. * killer: take abort result into consideration * backends/drm: log when link training is necessary * core/renderloop: take vrr into account for output layer repaints (kde#499848) * backends/libinput: confine TabletToolEvent to output (kde#480658) * Prevent virtual input devices from blocking tablet mode (kde#500025) * backends/drm: use a shadow buffer with "prefer color accuracy" if night light is enabled (kde#500404) * autotests/test_colorspaces: add some real-world validity check test cases * core/colorspace: relax validity check (kde#500295) * backends/drm: reimplement software brightness for ICC profiles (kde#500210) * Factor out {previousRestricted,restricted}MoveArea calls out of loops (kde#500310) * Implement KDecoration3::DecoratedWindow::applicationMenu{ServiceName,ObjectPath} * wayland: make the fallback for broken HDR metadata less strict (kde#500144) * core/colorspace: improve formatting of logging functions * wayland: switch to the upstream color management protocol * Round native geometry in InternalWindow * Fix overlooked frameRectToClientRect() in InternalWindow * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Too many changes to list here - Drop patch, now upstream: * 0001-core-outputlayer-guard-against-null-m_output.patch ==== layer-shell-qt6 ==== Version update (6.3.0 -> 6.3.2) Subpackages: libLayerShellQtInterface6 - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== libX11 ==== Subpackages: libX11-6 libX11-data libX11-xcb1 - U_CVE-2025-26597-0001-xkb-Fix-buffer-overflow-in-XkbChangeTypesOfKey.patch * Buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597, bsc#1237431) ==== libXt ==== - u_pkgconfig-file-move-sm-from-private-to-public-Requir.patch * pkgconfig file: move 'sm' from private to public Requires Since includes 'sm' should be a public Requires in xt.pc. (boo#1237276) ==== libaccounts-glib ==== Version update (1.26 -> 1.27) - Update to 1.27 * Do not install python gobject introspection files by default. If they are needed, build with `-Dinstall-py-overrides=true`. * Lib: do not attempt to terminate the GTask twice * Fix memory leak on provider tags * Do not emit misleading enabled signals on account services * Fix incorrect cleanup in ag_account_finalize - Drop patches, merged upstream: * 0001-ag-account-fix-incorrect-cleanup-in-ag_account_final.patch * 0002-Build-Don-t-install-Python-overrides-by-default.patch * 0003-Lib-do-not-attempt-to-terminate-the-GTask-twice.patch * 0004-ag-provider-fix-memory-leak-on-provider-tags.patch * 0006-ag-account-do-not-emit-misleading-enabled-signals-on.patch ==== libapparmor ==== - add py313-aa-notify.patch to adapt the last bits to python 3.13 - Fix commented out macros ==== libarchive ==== - Fix CVE-2024-57970, heap-based buffer over-read in header_gnu_longlink because it mishandles truncation (CVE-2024-57970, bsc#1237233) * CVE-2024-57970.patch ==== libassuan ==== Version update (3.0.1 -> 3.0.2) - Update to 3.0.2: * Fix for FreeBSD to set the pid of assuan_peercred_t. [rAdfa5e6532d] * Use socklen_t for the length of socket address. [T5924] * Fix errno setting on Windows for assuan_sock_bind failure. [T7456] * New assuan_sock_get_flag "w32_error" to get the actual Windows error after a system call and not just the mapped errno. [T7456] ==== libcaca ==== - Drop pkgconfig(ftgl) BuildRequires: ftgl is unmaintained and libcaca does not actually link to it, despite configure checking for it and finding it. This was originally added to configure in 2008 (commit 9752e82) to be used 'later'. ==== libdisplay-info ==== - Create package libdisplay-info-tools for di-edid-decode - Remode BuildRequires cmake in favour of c_compiler ==== libkscreen6 ==== Version update (6.3.0 -> 6.3.2) Subpackages: libKF6Screen8 libKF6ScreenDpms8 libkscreen6-plugin - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * doctor: match the minimum allowed SDR luminance to what the GUI allows * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release * doctor: fix dpms mode output ==== libksysguard6 ==== Version update (6.3.0 -> 6.3.2) Subpackages: ksysguardsystemstats6-data libKSysGuardSystemStats2 libksysguard6-imports - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * Add missing totalSwapMemory implementations * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== libnotify ==== Version update (0.8.3 -> 0.8.4) Subpackages: libnotify4 typelib-1_0-Notify-0_7 - Update to version 0.8.4: + notification: - Set the icon-name property as image hint instead of as app-icon - Modernize the NotifyNotification class definition (and add support for auto-pointers) + notify-send: - Require valid UTF-8 for Summary and Body - Allow sending an empty summary - Flush stdout after printing notification ID + build: Improve mapfile and support building in solaris + Bugs fixed: - notify-send dumps core if notification message is invalid UTF-8 - libnotify should be quiet - fdo documentation link outdated in README.md - Replace docbook5-xsl-stylesheets with docbook-xsl-stylesheets BuildRequires: Following upstream changes. ==== libostree ==== Subpackages: libostree-1-1 - enable building with composefs, as bootc needs libostree with composefs compiled, which allows us to enable another way of spinning an immutable distribution. ==== libplasma6 ==== Version update (6.3.0 -> 6.3.2) Subpackages: libPlasma6 libplasma6-components libplasma6-desktoptheme - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release * WindowThumbnail: remove uncategorized debug message * Applet: possibility to cleanup transient applets (kde#498175,kde#404641) * Add bool immutable() shortcut * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== libplist ==== Version update (2.3.0 -> 2.6.0) - Fix Cython version requirement: Version 3.0 is required. - Fix python singlespec usage: python_moudle should only ever be used in BuildRequires statements. - Build a proper python subpackage using python-rpm-macros * uses python3 on Factory and python311 on SLE-15 derivatives - Update to version 2.6.0: - Changes: * Revert back API change around PLIST_DATA to use char* again * Change API around PLIST_DATA to use uint8_t* instead of char* * Add PLIST_DICT helper functions for different operations * Require Cython 3.0 for python bindings * Add a PLIST_OPT_NONE value to plist_write_options_t * autoconf: Allow disabling build of test suite * Update doxygen config and document undocumented macros * Add an explicit PLIST_FORMAT_NONE value * Add a libplist_version() function to the interface * docs: Use README.md to generate mainpage with doxygen - Bugfixes: * Several compiler-related fixes and code improvements * Plug memory leak in plist_write_to_stream() * Prevent adding NULL items to array/dictionary nodes * Fix parallel running of test suite * Fix cython bindings * Fix OOB read in plist_from_memory() ==== libsecret ==== Subpackages: libsecret-1-0 typelib-1_0-Secret-1 - Merge secret-tool-bash-completions into main package; the overhead for the small *-completions package outweighs the one file. ==== libssh ==== Subpackages: libssh-config libssh4 - Move global config dir to /usr/etc/libssh (bsc#1222716) * Add patch libssh-cmake-Add-option-WITH_HERMETIC_USR.patch ==== libwacom ==== Version update (2.12.2 -> 2.14.0) Subpackages: libwacom-data libwacom9 - update to 2.14.0 * Extended Lenovo Yoga X1 Gen5 support, improved the Huion mini keydial (KD100) * Fixed missing Strip in the Huion Kamvas Pro 16 * Corrected entry for Elan 5515 * Fixed outdated properties for Lenovo Yoga 9 14IAP7 * Add support for Dial status LEDs * .tablet files shadow any ones with the same name * New XP Pen devices supported: Artist 22R Pro, 24 Pro, Deco Fun L, ACK05 Remote, Pro Pen 3E * New Lenovo device ssupported: Yoga 9 14IAP7, Active Pen 3 (2023), Digital Pen 2, X1 Fold 16 Gen1, Precision Pen 2 (2023) stylus * New ELAN devices supported: ELAN-2514 variant 04f3:2f9d, ELAN 9008 and 9009 (Asus Zenbook Duo UX8406MA 1200p), ELAN 2F2A and 41A1 (ZenBook Pro Duo UX8402VV) * New Wacom devices supported: HID 5214 (IdeaPad Flex 5 14ARE05 rev.81X2), HID 52C6 Pen. * New HP devices supported: Spectre x360, Elite Chromebook C1030 * Other devices supported: StarLite Mk V; HP Spectre x360 13-aw0020ng; Huion RTP-700, Huion KeyDial K20 * Database: support $XDG_CONFIG_HOME/libwacom as additional path * tools/clean_svg: allow passing in a .tablet file * tools/list-local-devices: print the vid/pid if available * tools/debug-device: print the device class too ==== libxcb ==== Subpackages: libxcb-composite0 libxcb-damage0 libxcb-dpms0 libxcb-dri3-0 libxcb-glx0 libxcb-present0 libxcb-randr0 libxcb-record0 libxcb-render0 libxcb-res0 libxcb-shape0 libxcb-shm0 libxcb-sync1 libxcb-xfixes0 libxcb-xinerama0 libxcb-xinput0 libxcb-xkb1 libxcb-xv0 libxcb1 - Switch bug-262309_xcb-xauthlocalhostname.diff to -p1. - Update descriptions and modernize specfile (%autosetup/%ldconfig_scriptlets). ==== libxkbfile ==== - U_CVE-2025-26595-0001-xkb-Fix-buffer-overflow-in-XkbVModMaskText.patch * Buffer overflow in XkbVModMaskText() (CVE-2025-26595, bsc#1237429) ==== libxml2 ==== Version update (2.13.5 -> 2.13.6) Subpackages: libxml2-2 libxml2-tools - Update to version 2.13.6 ([bsc#1237363], [bsc#1237370], [bsc#1237418]): + Security: - [CVE-2025-24928] Fix stack-buffer-overflow in xmlSnprintfElements - [CVE-2024-56171] Fix use-after-free after xmlSchemaItemListAdd - pattern: Fix compilation of explicit child axis + Regressions: - xmllint: Support compressed input from stdin - uri: Fix handling of Windows drive letters - reader: Fix return value of xmlTextReaderReadString again - SAX2: Fix xmlSAX2ResolveEntity if systemId is NULL + Portability: - dict: Handle ENOSYS from getentropy gracefully - Fix compilation with uclibc (Dario Binacchi) - python: Declare init func with PyMODINIT_FUNC - tests: Fix sanitizer version check on old Apple clang - cmake: Work around broken sys/random.h in old macOS SDKs + Build: - autotools: Set AC_CONFIG_AUX_DIR - cmake: Always build Python module as shared library - cmake: add missing `Bcrypt` link on Windows - cmake: Fix compatibility in package version file - xmlIO: Fix reading from non-regular files like pipes - xmlreader: Fix return value of xmlTextReaderReadString - parser: Fix loading of parameter entities in external DTDs - parser: Fix downstream code that swaps DTDs - parser: Fix detection of duplicate attributes - string: Fix va_copy fallback - xpath: Fix parsing of non-ASCII names - Drop libxml2-support-compressed-input-from-stdin.patch: Fixed upstream. - Also CVE-2025-27113 was assigned to this release. ==== libxmlb ==== Version update (0.3.19 -> 0.3.21) - Update to 0.3.21 * Check for corrupt XbSiloNode values in a smarter way Changes in 0.3.20: * Do not always strip literal text * Do not assume .txt files are application/xml * Fix a crash when loading a corrupt XMLb store ==== libzip ==== Version update (1.11.2 -> 1.11.3) - update to 1.11.3: * Report read error for corrupted encrypted file data * Avoid unnecessary seeks when writing archive * Don't hardcode _Nullable support in zip.h to allow it to be used with different compilers ==== libzypp ==== Version update (17.36.1 -> 17.36.4) - Add a transaction package preloader (fixes openSUSE/zypper#104) This patch adds a preloader that concurrently downloads files during a transaction commit. It's not yet enabled per default. To enable the preview set ZYPP_CURL2=1 and ZYPP_PCK_PRELOAD=1 in the environment. - RpmPkgSigCheck_test: Exchange the test package signingkey (fixes #622) - Exclude MediaCurl tests if DISABLE_MEDIABACKEND_TESTS (fixes #626) - Strip a mediahandler tag from baseUrl querystrings. - version 17.36.4 (35) - Disable zypp.conf:download.use_deltarpm by default (fixes #620) Measurements show that you don't benefit from using deltarpms unless your network connection is very slow. That's why most distributions even stop offering deltarpms. The default remains unchanged on SUSE-15.6 and older. - Make sure repo variables are evaluated in the right context (bsc#1237044) - Introducing MediaCurl2 a alternative HTTP backend. This patch adds MediaCurl2 as a testbed for experimenting with a more simple way to download files. Set ZYPP_CURL2=1 in the environment to use it. - version 17.36.3 (35) - Filesystem usrmerge must not be done in singletrans mode (bsc#1236481, bsc#1189788) Commit will amend the backend in case the transaction would perform a filesystem usrmerge. - Workaround bsc#1216091 on Code16. - version 17.36.2 (35) ==== llvm19 ==== - Build with GCC 13 on Leap/SLES 15 (bsc#1235697) ==== lvm2 ==== Subpackages: liblvm2cmd2_03 - fixing HA16.0 Product building issues for packages: lvm2-lockd, cluster-md, dlm, drbd (bsc#1237701) * update lvm2.spec - system with LVM on iSCSI hangs on shutdown because blk-availability.service is not enabled (bsc#1236788) * update lvm2.spec - remove blk-availability.service from %postun - add new Provides 'dont_stop_blk_availability_service' ==== lvm2-device-mapper ==== Subpackages: device-mapper libdevmapper-event1_03 libdevmapper1_03 - fixing HA16.0 Product building issues for packages: lvm2-lockd, cluster-md, dlm, drbd (bsc#1237701) * update lvm2.spec - system with LVM on iSCSI hangs on shutdown because blk-availability.service is not enabled (bsc#1236788) * update lvm2.spec - remove blk-availability.service from %postun - add new Provides 'dont_stop_blk_availability_service' ==== makedumpfile ==== Version update (1.7.5 -> 1.7.6) - Update to 1.7.5: * Support for kernels up to v6.11 (x86_64) - Drop upstreamed patches: * 0001-PATCH-Fix-failure-of-hugetlb-pages-exclusion-on-Linu.patch * 0002-PATCH-Fix-wrong-exclusion-of-Slab-pages-on-Linux-6.1.patch * make-reserve_diskspace-do-nothing-for-flattened-form.patch - makedumpfile-fix-detection-of-typed-compound-pages-Linux-6.12.patch: Reflect mm changes in kernel v6.12 (bsc#1237269). ==== microos-tools ==== Version update (4.0+git6 -> 4.0+git7) Subpackages: selinux-autorelabel - Update to version 4.0+git7: * Only autorelabel local filesystems with SELinux support (boo#1237202) ==== milou6 ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== ncurses ==== Version update (6.5.20250201 -> 6.5.20250222) Subpackages: libncurses6 ncurses-utils terminfo-base - Add ncurses patch 20250222 + modify treatment of "n" parameter for waddnstr, waddnwstr, and wins_nwstr to return OK when "n" is zero, for consistency with other implementations (report by Benjamin Barenblat, cf: 20231118). + formatting improvements for terminfo.5 (Debian #1096164). - Add ncurses patch 20250216 + add limit-checks in alloc_entry.c and alloc_ttype.c to avoid indexing errors when using infocmp to compare all capabilities when processing a malformed terminfo binary which has a valid header (testcase by "Ekkosun"). - Add ncurses patch 20250215 + add gzip option for suppressing filename/timestamp information to an overlooked case (cf: 20240330). + correct spelling errors found with codespell. + fix some typos in manpages (report by Sven Joachim) + amend change to lib_set_term.c to work with thread configuration (report by Rajeev Pillai, cf: 20250208). - Add ncurses patch 20250208 + change etip.h.in to include either/both of and , needed for another old BSD. + update st (report by Alexander Kashpir) -TD + add note for ghostty 1.1.0 -TD + fix a few issues found with coverity. - Correct offset of patches * ncurses-5.9-ibm327x.dif * ncurses-6.4.dif * ncurses-6.5-ghostty.dif ==== open-vm-tools ==== Subpackages: libvmtools0 - Revert previous change (Thu Feb 20 23:08:43 UTC 2025). The proposed solutions was non-standard. - (bsc#1237180): Ensure vmtoolsd.service, vgauthd.service, and vmblock-fuse.service are set to enabled by default. ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - merge openssh-fips into the main openssh package (bsc#1185116) ==== passt ==== Version update (20250121.4f2c8e7 -> 20250217.a1e48a0) Subpackages: passt-selinux - Update to version 20250217.a1e48a0: * test: Add migration tests * migrate: Migrate TCP flows * repair, passt-repair: Build and warning fixes for musl * tcp_splice: A typo three years ago and SO_RCVLOWAT is gone * tcp_splice: Don't wake up on input data if we can't write it anywhere * vhost_user: Clear ring address on GET_VRING_BASE * tcp, tcp_splice: Don't set SO_SNDBUF and SO_RCVBUF to maximum values * tcp: Keep updating window and checking for socket data after FIN from guest * contrib/selinux: Enable mapping guest memory for libvirt guests * selinux: Add rules needed to run tests * rampstream: Add utility to test for corruption of data streams * tcp: Get bound address for connected inbound sockets too * vhost_user: Make source quit after reporting migration state * Add interfaces and configuration bits for passt-repair * migrate: Migrate guest observed addresses * migrate: Skeleton of live migration logic * passt-repair: Fix off-by-one in check for number of file descriptors * tcp_vu: Fix off-by one in header count array adjustment * tcp: Implement conservative zero-window probe on ACK timeout * tcp: Don't discard window information on keep-alive segments * dhcp, dhcpv6: Add hostname and client fqdn ops * conf: Don't map DNS traffic to host, if host gateway is a resolver * passt-repair: Send one confirmation *per command*, not *per socket* * dhcp: Don't re-use request message for reply * passt-repair: Dodge "structurally unreachable code" warning from Coverity * passt-repair: Fix calculation of payload length from cmsg_len * passt-repair: Don't use perror(), accept ECONNRESET as termination * conf, passt.1: Un-deprecate --host-lo-to-ns-lo * debug: Add tcpdump to mbuto.img * apparmor: Workaround for unconfined libvirtd when triggered by unprivileged user * passt-repair.1: Fix indication of TCP_REPAIR constants * passt-repair: Build fixes for musl * passt-repair: use _exit() over return * treewide: use _exit() over exit() * tcp: Simplify handling of getsockname() * migrate: Fix several errors with passt-repair * doc: Add mock of migration source and target * tcp: Get socket port and address using getsockname() when connecting from guest * Introduce passt-repair * vhost_user: Turn some vhost-user message reports to trace() * util: Add read_remainder() and read_all_buf() * tcp_splice, udp_flow: fcntl64() support on PPC64 depends on glibc version * vhost_user: On 32-bit ARM, mmap() is not available, mmap2() is used instead * tcp: Don't reset outbound connection on SYN retries * pasta.te: fix demo.sh and remove one duplicate rule * tcp: Add HOSTSIDE(x), HOSTFLOW(x) macros * util: Rename and make global vu_remove_watch() * tcp: Always pass NULL event with EPOLL_CTL_DEL * vhost-user: Implement an empty VHOST_USER_SEND_RARP command * netlink: Skip loopback interface while looking for a template ==== patterns-base ==== Subpackages: patterns-base-base patterns-base-bootloader patterns-base-minimal_base patterns-base-x11 - Change some core packages to Requires [bsc#1237513] - Only requires busybox on openSUSE MicroOS, not SL Micro. - Don't build apparmor pattern for SLFO. - Disable 32bit pattern on aarch64 and ppc64le. - Build selinux pattern everywhere and requires targeted policy on SLE. ==== patterns-gnome ==== Subpackages: patterns-gnome-gnome_basic patterns-gnome-gnome_basis - boo#1238067: Recommend opensuse-welcome by patterns-gnome-gnome_basis: this used to be pulled in by gnome_imaging -> imaging -> x11 -> x11_enhanced -> oS-welcome Since imaging was changed to not require the x11 pattern, opensuse-welcome has been lost in some cases. - Move MozillaFirefox from gnome_basis to gnome_internet. For the end-user this is a NO-OP, as gnome_internet is recommended by gnome_basis anyway, but it's more accurate. - Drop recommends of no longer exitsing branding packages: gnome-control-center-branding-openSUSE, gnome-panel-branding-openSUSE, libsocialweb-branding-openSUSE. - Lower gdm-branding-openSUSE, gtk2-branding-openSUSE and gtk3-branding-openSUSE from Recommends to Suggests: only use them as hints for the solver, but do not actually trigger installation. This is especially relevant for gtk2-branding-openSUSE. Being recommended means it's auto-installed by default, even if gtk2 would not be needed. - Lower totem from Required to Recommended. - No longer Recommend totem-browser-plugin, which has been removed from the distro in 2014. - Have pattern gnome_basic recommend pattern() = enhanced_base: most users of a desktop will want those tools. They were pulled in before via the recently removed imaging -> x11 -> enahnced_base. As x11 was removed as a dependency from the desktop-imaging pattern, this was lost. ==== patterns-microos ==== Subpackages: patterns-microos-alt_onlyDVD patterns-microos-base patterns-microos-base-microdnf patterns-microos-base-packagekit patterns-microos-base-zypper patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-desktop-common patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-ra_agent patterns-microos-ra_verifier patterns-microos-selinux patterns-microos-sssd_ldap - Add sndiff to default pattern - Remove appamor pattern, replaced by SELinux long ago - Drop crda, obsolete since kernel 4.15 ==== pcr-oracle ==== - Add fix-bsc1230316-predict-sbatlevelrt.patch to predict SbatLevelRT for the next boot (bsc#1230316) - Update the License tag to GPL-2.0-or-later to match the license declaration in the source files ==== pipewire ==== Version update (1.3.82 -> 1.3.83) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - webrtc-audio-processing-2 2.1 is generating a regression and the echo-cancel module doesn't work with it, so let's keep using webrtc-audio-processing-1 for now (boo#1237315) - Update to version 1.3.83 (1.4RC3): * This is the third and hopefully last 1.4 release candidate that is (almost) API and (entirely) ABI compatible with previous 1.2.x and 1.0.x releases. We note that in the 1.3.x series, the API is slighty not backwards compatible because some methods previously used to accept void* as a parameter while they now require the correct type. We think this is however a good kind of API breakage and expect projects to patch their code to get things compiled with newer version (which will also compile for older versions). Note also that this is not an ABI break. * Highlights - Handle JACK transport updates in a better way. - Fix a SAP regression when starting. - Fix regression in rate scaling. - Improve bluetooth source rate handling. - More small bugfixes and improvements. * PipeWire - Handle JACK transport updates in a better way. (#4543) * Modules - Check that the link factory port and nodes match. Deprecate the port.id when making links. - Improve profiler output by scaling the quantum with the node rate so that we don't end up with confusing information. (#4555) - Fix sending of the SAP SDP. Handle some SDP parsing errors. - Add some more options to the ROC source module. (#4516) * SPA - Fix firewire quirks in udev rules. (#4528) - Fix a bug in the rate scaling in some cases that would make things run with the wrong samplerate. - Improve introspection of control types. * Bluetooth - Use the G722 codec from Android instead of FFmpeg for ASHA. - Use the A2DP source rate as the graph rate. (#4555) - Specify the bluetooth source latency property in the rate of the stream to avoid conversions and rounding errors. ==== plasma5support6 ==== Version update (6.3.0 -> 6.3.2) Subpackages: libPlasma5Support6 - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== plasma6-activities ==== Version update (6.3.0 -> 6.3.2) Subpackages: libPlasmaActivities6 plasma6-activities-imports - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== plasma6-activities-stats ==== Version update (6.3.0 -> 6.3.2) Subpackages: libPlasmaActivitiesStats1 - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== plasma6-browser-integration ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release * flatpak-integrator: use more sophisticated code to pass around fds (kde#500000) * update version for new release * Add missing include for flatpak-integrator plugin ==== plasma6-desktop ==== Version update (6.3.0 -> 6.3.2) Subpackages: plasma6-desktop-emojier - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release * applets/kickoff: fix touch scrolling not working (kde#500452) * applets/kickoff: fix `TypeError: Cannot read property 'view' of null` * kcms/touchpad: indent subordinate items in RtL too * kcms/touchpad: respect layoutDirection * applets/kicker: respect layoutDirection in keynav * applets/kickoff: import plasmoid on PlacesPage where it's used * desktop/RenameEditor.qml: fix background * applets/kicker: focus the delegate in all cases * kcms/libkwindevices: put template functions in the header (kde#500345) * folderview: Fix drag selection (kde#499898) * pager: remove onContainsMouseChanged, refresh model after desktopMouseArea.clicked (kde#500236) * update version for new release - Update to 6.3.1.1: * New bugfix release - Changes since 6.3.1: * 6.3.1 reroll * kcms/libkwindevices: put template functions in the header (kde#500345) * folderview: Fix drag selection (kde#499898) * pager: remove onContainsMouseChanged, refresh model after desktopMouseArea.clicked (kde#500236) * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * kcms/tablet: Fix appearance of input area if changing it is unsupported (kde#500052) * update version for new release * applets/kicker: focus correct item on arrow key * applets/kicker: actually select delegate on arrow (kde#499971) * applets/TaskManager: don't set non-existing property * Kickoff: Disable triangle filter when switch-on hover is disabled * applets/kickoff: don't forceActiveFocus nothing (kde#500228) * applets/taskmanager: fix TriangleMouseFiler in RtL * kcms/tablet: Apply calibration matrix immediately * applets/kicker: fix direct activation for other cols * update version for new release * applets/kickoff: fix crash when dragging items not in favorite page on Wayland (kde#449426,kde#450215) * [kcms/touchpad] Make toggle touchpad shortcut consistent with Wayland session * Treat StackingOrder as int instead of list (kde#497506) * kcms/access: fix typo top -> to * Use Image for user-selected non-square Kickoff icons (kde#494389) * applets/taskmanager: guard against null contextMenu ==== plasma6-integration ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release * QPlatformTheme::ShowIconsInMenus was added in Qt 6.7.3 ==== plasma6-nm ==== Version update (6.3.0 -> 6.3.2) Subpackages: plasma6-nm-openconnect plasma6-nm-openvpn - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release * Guard more qcoro usages (kde#499927) * update version for new release ==== plasma6-openSUSE ==== Subpackages: plasma6-branding-openSUSE plasma6-sddm-theme-openSUSE plasma6-theme-openSUSE - Update to 6.3.2 - Update to 6.3.1 ==== plasma6-pa ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release * Revert "Only show osd on global shortcuts or scrolling the applet" (kde#500129) * update version for new release ==== plasma6-print-manager ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== plasma6-systemmonitor ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release * table: Fix row hovering with Qt 6.9+ * update version for new release * faces/applications: Filter out applications with 0 processes * faces/applications: Use the memory column for application details ==== plasma6-workspace ==== Version update (6.3.0 -> 6.3.2) Subpackages: plasma6-session plasma6-workspace-libs - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release * klipper: fix clipboard actions not setting clipboard for the first time (kde#500287) * appiumtests: remove unused import in clipboardtest * applets/notifications: don't read out body as HTML * shell: use QMetaObject::invokeMethod to call QML function * Fixes for respecting immutability * klipper: don't hide popup when action popup shows (kde#500438) * libnotificationmanager: clearing the timer array, when deleting old notifications * klipper: don't cover content with highlight * plasma-windowed: set `QT_WAYLAND_DISABLE_FIXED_POSITIONS` to fix resizing loop * libtaskmanager: make XWindowTasksModelTest::test_modelData less flaky * applets/notifications: fix JobItemIcon context menu (kde#499942) * applets/systemtray: Don't unnecessarily append -symbolic to icon names (kde#500102) * kcms/krdb: Wait until root window cursor is set (kde#499965) * applets/systray: guard pointer to innerContainment * klipper: scroll ListView on keyboard navigation * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release * weather/bbcukmet: Filter out regions from search results (kde#500065) * klipper: also show highlight for currentItem * appmenu: Place appmenu in the top left screen corner (kde#500141) * [kicker] Fix properties dialog for recent files (kde#499845) * applets/digitalclock: only show separator with date (kde#499945) * applets/systemmonitor: Fixed typo causing undefined constant being used * plasma-windowed: adapt to resizeEvent change in Qt 6.9 * weather/dwd: Capitalize letters after slash * update version for new release * Multiply floating panel shadow margin by scale factor on X11 (kde#496928) * panelview: Fix autohide panel hiding while dragging in task manager (kde#495828) * appiumtests: make clipboardtest less flaky * kcms/users: handle non-existing/readable profile img * klipper: Avoid breaking Listview (kde#448833) * applets/notification: make the new indicator 1px taller ==== podman ==== - Register missing podman-clean-transient.service - Deregister podman-user-wait-network-online.service from non-user service registration (bsc#1237261) ==== polkit-default-privs ==== Version update (1550+20250217.25d4aef -> 1550+20250225.49f846d) - Update to version 1550+20250225.49f846d: * profiles: whitelist kio-admin (bsc#1229913) - Update to version 1550+20250224.8d1bf49: * profiles: whitelist apparmor-utils (bsc#1237329) ==== polkit-kde-agent-6 ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== poppler ==== Version update (25.01.0 -> 25.02.0) Subpackages: libpoppler-cpp2 libpoppler-glib8 - Update to version 25.02.0: + core: - cairo: fix issue for images reaching MAX_CAIRO_IMAGE_SIZE - Improve rendering in some malformed documents - Internal code improvements + glib: - Add new api to allow selecting annotations to render - Fix a crash when getting a font description for a free text annotation if it was not set - Bump poppler sover following upstream changes. ==== poppler-qt6 ==== Version update (25.01.0 -> 25.02.0) - Update to version 25.02.0: + core: - cairo: fix issue for images reaching MAX_CAIRO_IMAGE_SIZE - Improve rendering in some malformed documents - Internal code improvements + glib: - Add new api to allow selecting annotations to render - Fix a crash when getting a font description for a free text annotation if it was not set - Bump poppler sover following upstream changes. ==== powerdevil6 ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release * applets/brightness: fix Return press on switch (kde#500702) * actions/screenbrightnesscontrol: Only enable for systems with battery (kde#498771) * actions/screenbrightnesscontrol: More robust against display changes (kde#498771) * daemon/controllers: Introduce DisplayFilter helper class * daemon: Move brightness key handling to ScreenBrightnessAgent * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release * KeyboardBrightnessController: Drop isValid() check for upower interface (kde#486067) * applets/battery: Fix navigation keyboard cycle for the Up key (kde#489099) * kcm: Set buddyFor mnemonics * applets/battery: Fix Space Key on inhibition buttons ==== pulseaudio-qt6 ==== Version update (1.6.1 -> 1.7.0) - Update to 1.7.0 * Remove Qt 5 support * bump compiler setting to 6.0 * bump c++ to 20 * change all dptrs to unique_ptr * debug: correctly mark updates * card: don't mutate the container we iterate on * context: add support for loading and unloading modules * server: consider pipewire/wireplumber the default * Add missing license text - Drop the Qt 5 flavor (but keep the _multibuild setup) ==== python-MarkupSafe ==== - split test dependencies into a multibuild to break cycle with pytest ==== python-cryptography ==== Version update (44.0.0 -> 44.0.1) - update to 44.0.1: * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.1. * We now build armv7l manylinux wheels and publish them to PyPI. * We now build manylinux_2_34 wheels and publish them to PyPI. ==== python311-setuptools ==== Version update (75.6.0 -> 75.8.0) - update to 75.8.0: * Implemented Dynamic field for core metadata (as introduced in PEP 643). The existing implementation is currently experimental and the exact approach may change in future releases. * Synced with pypa/distutils@c97a3db2f including better support for free threaded Python on Windows (pypa/distutils#310), improved typing support, and linter accommodations. * Synced with pypa/distutils@ff11eed0c including bugfix for duplicate CFLAGS and adaption to support Python 3.13 is_abs in the C compiler (#4669). ==== qemu ==== Version update (9.2.1 -> 9.2.2) - Update to latest upstream release, 9.2.2: The full list of changes are available at: https://lore.kernel.org/qemu-devel/3e847ae0-8dfc-440e-92f7-6eaa89818837@tls.msk.ru/ Highlights include: * net/slirp: libslirp 4.9.0 compatibility * target/sparc: Fix gdbstub incorrectly handling registers f32-f62 * target/sparc: Fix register selection for all F*TOx and FxTO* instructions * elfload: Fix alignment when unmapping excess reservation * hw/net/smc91c111: Ignore attempt to pop from empty RX fifo * make-release: don't rely on $CWD when excluding subproject directories * ui/sdl2: reenable the SDL2 Windows keyboard hook procedure * vfio/iommufd: Fix SIGSEV in iommufd_cdev_attach() * gitlab-ci.d/cirrus: Update the FreeBSD job to v14.2 * qmp: update vhost-user protocol feature maps * linux-user: Do not define struct sched_attr if libc headers do * block-backend: Fix argument order when calling 'qapi_event_send_block_io_error()' * block: Fix leak in send_qmp_error_event * rust: add --rust-target option for bindgen * ... - Fix bsc#1237603: * linux-user: Do not define struct sched_attr if libc headers do ==== qqc2-breeze-style6 ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== qt6-tools ==== Subpackages: libQt6UiTools6 qt6-tools-qdbus - Use clang 19 on Leap 15.6. The 15.6 update repo got a new llvm version which causes issues if both llvm 17 and 19 are present ==== sdbootutil ==== Version update (1+git20250219.a796c24 -> 1+git20250225.b78f812) Subpackages: sdbootutil-dracut-measure-pcr sdbootutil-snapper sdbootutil-tukit - Update to version 1+git20250225.b78f812: * Use also cryptenroll key to recover the volume key - Update to version 1+git20250225.292283f: * Support UUID references in crypttab - Update to version 1+git20250224.c9be3b6: * Do not use && when copying signature (bsc#1237505) - Update to version 1+git20250221.19f7d1a: * Reformat the spec file * Rework keyctl calls to keep the session keyring ==== sddm-kcm6 ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== selinux-policy ==== Version update (20250218 -> 20250224) Subpackages: selinux-policy-targeted - Update to version 20250224: * Label /run/systemd/pcrlock.json systemd_pcrlock_var_lib_t * systemd_pcrlock_t needs to filetrans when recreating /var/lib/pcrlock.d * Allow snapper access to keys * Add rules for pcrlock (bsc#1233358) * allow snapper to call pcrlock and manage its files * allow unconfined_t to execute pcrlock * label rules for default systemd_pcrlock_var_lib_t locations * new interfaces: systemd_domtrans_pcrlock and systemd_pcrlock_exec * introduce systemd_pcrlock_var_lib_t and systemd_manage_pcrlock_files * Introduce interfaces snapper_manage_tmp_files and snapper_manage_tmp_dirs - Update to version 20250221: * Allow named_filetrans_domain filetrans raid/mdadm named content (bsc#1236807) * Grant privoxy_t the sys_chroot capability (bsc#1237375) * Allow init_t nnp_transition to tor_t (bsc#1237375) ==== shadow ==== Version update (4.17.2 -> 4.17.3) Subpackages: libsubid5 login_defs - Update to 4.17.3: * chsh: do not warn about blank shell * lib/: Use strisdigit() instead of its pattern * lib/string/ctype/strisascii/: strisdigit(): Add function * lib/string/: Add comments expanding the letter-soup API names * lib/basename.c: Basename(): Use stprcspn() instead of its pattern * lib/string/strspn/, lib/, src/: stprspn(), strrspn_(): Split API into function and macro * lib/string/strspn/, lib/, src/: Move *spn() APIs to separate subdir * lib/string/strchr/: strrcspn(), stprcspn(): Add function and macro * src/useradd.c: Use !strcaseeq() instead of its pattern * lib/, src/: Use strcaseeq() instead of its pattern * lib/string/strcmp/: strcaseeq(): Add function * man/useradd.8.xml: Document new exit code 19 (E_BAD_NAME) * src/useradd.c: E_BAD_NAME: Use a different error code for bad login names * src/useradd.c: create_home(): Use !streq() instead of its pattern * lib/chkname.c: is_valid_name(): Use streq() instead of its pattern * configure.ac, lib/: Use __has_include() instead of HAVE_GSHADOW_H * configure.ac: Remove unused AC_CHECK_HEADERS() checks * configure.ac, lib/: Use __has_include() instead of HAVE_SYS_CAPABILITY_H * lib/idmapping.c: Unconditionally include * lib/: Use __has_include() instead of HAVE_SECURITY_OPENPAM_H * lib/: Use __has_include() instead of HAVE_SECURITY_PAM_MISC_H * configure.ac, lib/: Use __has_include() instead of HAVE_SYS_RANDOM_H * configure.ac, lib/: Use __has_include() instead of HAVE_CRYPT_H * lib/, src/: motd(): Report errors instead of exiting from library code * lib/motd.c: motd(): Invert logic to reduce indentation * lib/, src/, doc/: Remove pw_auth()'s $3 as dead code * lib/pwauth.*: PW_{ADD,CHANGE,DELETE,FTP,REXEC}: Remove dead code * lib/, src/, doc/: Remove dead code * src/vipw.c: Restore the original terminal pgrp after editing * lib/, src/: Use agetgroups() instead of its pattern * lib/shadow/grp/: agetgroups(): Add function * configure.ac, lib/, src/: Use gid_t instead of GETGROUPS_T * lib/adds.h: addslN(): Use QSORT() instead of its pattern * lib/search/sort/: QSORT(): Add macro * lib/addgrps.c: add_groups(): Remove arbitrary limit * lib/, src/: Rename variables * lib/addgrps.c: add_groups(): Reallocate at once * lib/string/strchr/: strchrscnt(): Add function * lib/addgrps.c: add_groups(): Split variable to avoid sign-mismatch diagnostics * lib/, src/: Use LSEARCH() instead of its pattern * lib/search/l/: LSEARCH(): Add macro * lib/, src/: Replace redundant checks by actual error handling * lib/, src/: Unconditionally call setgroups(2) * lib/addgrps.c: add_groups(): Simplify redundant code with a goto * lib/addgrps.c: add_groups(): Allocate earlier * lib/addgrps.c: add_groups(): Remove useless cast * lib/, src/: Use LFIND() instead of open-coded search loops * lib/search/l/: LFIND(): Add macro * lib/search/cmp/, lib/, tests/: CMP(), cmp_*(): Add macro and functions * lib/, src/: Simplify allocation of buffer * lib/, src/: Un-spageticize code * lib/, src/: Reduce scope of variables * lib/gshadow_.h: Fix compatibility with libc's struct sgrp * configure.ac, lib/gshadow.c: Presume working shadow group support in libc * lib/: Include if it's available * configure.ac, lib/: Assume initgroups(3) exists * configure.ac, lib/, src/: Assume setgroups(2) exists * lib/, src/: Turn error counters into flags * src/gpasswd: Use correct preprocessor definition * src/gpasswd: Clear password in more cases * lib/encrypt.c: Do not exit in error case * man/useradd.8.xml: wfix * src/login_nopam.c: list_match(): Use iteration instead of recursion * src/login_nopam.c: list_match(): Remove local variable * src/login_nopam.c: list_match(): Move code around * src/login_nopam.c: list_match(): '(match)' is always true here * src/login_nopam.c: list_match(): Add superfluous else * src/login_nopam.c: list_match(): Refactor conditional * man/passwd.1.xml: -P disables PAM support * chage: Drop PAM support * src/newusers.c: Turn nusers into size_t * src/: Make line number overflows less likely * man/: Install suauth.5 only if feature exists * add and use a login.defs.test with CREATE_HOME set * Revert "etc/login.defs: enable CREATE_HOME" * etc/login.defs: enable CREATE_HOME * Tests: implement system test framework ==== shim-leap ==== - Only copy uncompressed directories. ==== sof-firmware ==== Version update (2024.09.2 -> 2025.01) - Update to v2025.01: * SOF v2.12 firmware and tools * New platforms: NXP IMX95 * Zephyr RTOS support added: AMD ACP6.0, MediaTek 8195/86/88 * HIFI5 optimization added to multiple components: IIR core, ARIA and volume * Zephyr loadable module (LLEXT) support extended in SOF with capability to handle libraries of loadable modules * Support added to mark module functions as "cold", allowing code to be run directly from DRAM and save on SRAM usage on platforms supporting the feature * Topology: support for new product configurations for Intel LNL/ARL/MTL and NXP IMX95 * Topology: microphone (IIR and DRC) and speaker processing (IIR, FIR and DRC) added to Intel DSP topologies with Soundwire codecs. - Update alias for snd-sof-pci-intel-ptl ==== spectacle ==== Version update (24.12.2 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1.2: * update version for new release * Remove 24.12 versions from appstream file (kde#500396) * Revert "reroll" - Update to 6.3.1.2: * New bugfix release * Tarball built from the correct branch now - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - No code changes since 6.3.0 - Update to 6.3.0: * New bugfix release * Now part of Plasma * For more details see https://kde.org/announcements/plasma/6/6.3.0 - No code changes since 24.12.2 ==== speech-dispatcher ==== Version update (0.12.0~rc4 -> 0.12.0) - Update to version 0.12.0: * Add libspeechd-module library for making it simpler to create external spd modules. * Update CLDR to version 45, symbols from orca 45.2, and symbols from NVDA. * Also support loading symbols from home directory. ==== sqlite3 ==== Version update (3.49.0 -> 3.49.1) - Update to release 3.19.1: * Improve portability of makefiles and configure scripts. * Fix a bug in the concat_ws() function, introduced in version 3.44.0, that could lead to a memory error if the separator string is very large (hundreds of megabytes). * Enhanced the SQLITE_DBCONFIG_LOOKASIDE interface to make it more robust against misuse. ==== systemsettings6 ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release ==== tiff ==== - Use python3-Sphinx instead of %{primary_python}-Sphinx based on recommendation from python maintainers. * Fixes build issue of man flavor on 15.6 ==== util-linux ==== Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 - Delete /usr/sbin/rc* symlinks - Drop bashisms from build recipe ==== util-linux-systemd ==== Subpackages: lastlog2 liblastlog2-2 - Delete /usr/sbin/rc* symlinks - Drop bashisms from build recipe ==== vim ==== Version update (9.1.1101 -> 9.1.1134) Subpackages: vim-data-common vim-small - Version bump to fix bsc#1237359 (fixed as of 9.1.1115). - Update to 9.1.1134. * 9.1.1134: filetype: Guile init file not recognized * 9.1.1133: filetype: xkb files not recognized everywhere * 9.1.1132: Mark positions wrong after triggering multiline completion * 9.1.1131: potential out-of-memory issue in search.c * remove resolved complete item from todo list * 9.1.1130: 'listchars' "precedes" is not drawn on Tabs. * set fileformat=dos in filetype plugin * 9.1.1129: missing out-of-memory test in buf_write() * add commentstring '> %s' to ftplugin * 9.1.1128: 9.1.1119 caused a regression with imports * include simple filetype plugin * 9.1.1127: preinsert text is not cleaned up correctly * 9.1.1126: 9.1.1121 used a wrong way to handle enter * 9.1.1125: cannot loop through pum menu with multiline items * 9.1.1124: No test for 'listchars' "precedes" with double-width char * 9.1.1123: popup hi groups not falling back to defaults * Add support for # comments to ftplugin * 9.1.1122: too many strlen() calls in findfile.c * 9.1.1121: Enter does not insert newline with "noselect" * fix s:NetrwHome() regression * 9.1.1120: tests: Test_registers fails * add reference to extendnew() at extend() * 9.1.1119: Vim9: Not able to use an autoloaded class from another * autoloaded script * 9.1.1118: tests: test_termcodes fails * Update base-syntax, improve performance * 9.1.1117: there are a few minor style issues * 9.1.1116: Vim9: super not supported in lambda expressions * Update the 'specifies' keyword documentation, slightly * reformat * 9.1.1115: [security]: use-after-free in str_to_reg() * 9.1.1114: enabling termguicolors automatically confuses users * Add ukrainian-enhanced keymap * 9.1.1113: tests: Test_terminal_builtin_without_gui waits 2 seconds * 9.1.1112: Inconsistencies in get_next_or_prev_match() * document ComplMatchIns highlight for insert-completion * upstream snapshot of v177 * 9.1.1111: Vim9: variable not found in transitive import * 9.1.1110: Vim tests are slow and flaky * 9.1.1109: cmdexpand.c hard to read * include simple filetype plugin * include simple filetype plugin * 9.1.1108: 'smoothscroll' gets stuck with 'listchars' "eol" * 9.1.1107: cannot loop through completion menu with fuzzy * Update base-syntax, always match continuation comments to EOL * set define option & add matchit config in ftplugin * Update base-syntax, match Vim9 boolean and null literals in * parens * 9.1.1106: tests: Test_log_nonexistent() causes asan failure * 9.1.1105: Vim9: no support for protected new() method * 9.1.1104: CI: using Ubuntu 22.04 Github runners * ci: syntax tests spam output * 9.1.1103: if_perl: still some compile errors with Perl 5.38 * 9.1.1102: tests: Test_WinScrolled_Resized_eiw() uses wrong filename ==== xdg-desktop-portal ==== Version update (1.19.4 -> 1.20.0) - Update to version 1.20.0: + Document how the test suite works. + Improve the test runner script. ==== xdg-desktop-portal-kde6 ==== Version update (6.3.0 -> 6.3.2) - Update to 6.3.2: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.2 - Changes since 6.3.1: * update version for new release - Update to 6.3.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.3.1 - Changes since 6.3.0: * update version for new release * outputsmodel: Handle screens going away (kde#495160) * WaylandIntegration: disconnect from stream after leaving event loop to fix crash ==== xdm ==== Subpackages: displaymanager-sysconfig - display-manager: Do not abort when there is no /usr/bin/X found. Rely on the DM to know how to handle it. E.g gdm could be spawning a wayland-only session. (boo#1237777) ==== xinit ==== - Make build recipe compatible with POSIX sh ==== xorg-x11-server ==== Subpackages: xorg-x11-server-Xvfb - U_CVE-2025-26594-0001-Cursor-Refuse-to-free-the-root-cursor.patch U_CVE-2025-26594-0002-dix-keep-a-ref-to-the-rootCursor.patch * Use-after-free of the root cursor (CVE-2025-26594, bsc#1237427) - U_CVE-2025-26595-0001-xkb-Fix-buffer-overflow-in-XkbVModMaskText.patch * Buffer overflow in XkbVModMaskText() (CVE-2025-26595, bsc#1237429) - U_CVE-2025-26596-0001-xkb-Fix-computation-of-XkbSizeKeySyms.patch * Heap overflow in XkbWriteKeySyms() (CVE-2025-26596, bsc#1237430) - U_CVE-2025-26597-0001-xkb-Fix-buffer-overflow-in-XkbChangeTypesOfKey.patch * Buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597, bsc#1237431) - U_CVE-2025-26598-0001-Xi-Fix-barrier-device-search.patch * Out-of-bounds write in CreatePointerBarrierClient() (CVE-2025-26598, bsc#1237432) - U_CVE-2025-26599-0001-composite-Handle-failure-to-redirect-in-compRedirect.patch U_CVE-2025-26599-0002-composite-initialize-border-clip-even-when-pixmap-al.patch * Use of uninitialized pointer in compRedirectWindow() (CVE-2025-26599, bsc#1237433) - U_CVE-2025-26600-0001-dix-Dequeue-pending-events-on-frozen-device-on-remov.patch * Use-after-free in PlayReleasedEvents() (CVE-2025-26600, bsc#1237434) - U_CVE-2025-26601-0001-sync-Do-not-let-sync-objects-uninitialized.patch U_CVE-2025-26601-0002-sync-Check-values-before-applying-changes.patch U_CVE-2025-26601-0003-sync-Do-not-fail-SyncAddTriggerToSyncObject.patch U_CVE-2025-26601-0004-sync-Apply-changes-last-in-SyncChangeAlarmAttributes.patch * Use-after-free in SyncInitTrigger() (CVE-2025-26601, bsc#1237435) ==== xterm ==== Subpackages: xterm-bin xterm-resize - Trim bashisms from build recipe ==== xwayland ==== Version update (24.1.5 -> 24.1.6) - Update to version 24.1.6: * This release contains the fixes for the issues reported in today's security advisory: https://lists.x.org/archives/xorg-announce/2025-February/003584.html CVE-2025-26594, CVE-2025-26595, CVE-2025-26596, CVE-2025-26597, CVE-2025-26598, CVE-2025-26599, CVE-2025-26600, CVE-2025-26601. * Additionally, it reverts a recent Xkb change to fix an issue with gamescope. - Drop patches fixed upstream: * U_CVE-2025-26594-0001-Cursor-Refuse-to-free-the-root-cursor.patch * U_CVE-2025-26594-0002-dix-keep-a-ref-to-the-rootCursor.patch * U_CVE-2025-26595-0001-xkb-Fix-buffer-overflow-in-XkbVModMaskText.patch * U_CVE-2025-26596-0001-xkb-Fix-computation-of-XkbSizeKeySyms.patch * U_CVE-2025-26597-0001-xkb-Fix-buffer-overflow-in-XkbChangeTypesOfKey.patch * U_CVE-2025-26598-0001-Xi-Fix-barrier-device-search.patch * U_CVE-2025-26599-0001-composite-Handle-failure-to-redirect-in-compRedirect.patch * U_CVE-2025-26599-0002-composite-initialize-border-clip-even-when-pixmap-al.patch * U_CVE-2025-26600-0001-dix-Dequeue-pending-events-on-frozen-device-on-remov.patch * U_CVE-2025-26601-0001-sync-Do-not-let-sync-objects-uninitialized.patch * U_CVE-2025-26601-0002-sync-Check-values-before-applying-changes.patch * U_CVE-2025-26601-0003-sync-Do-not-fail-SyncAddTriggerToSyncObject.patch * U_CVE-2025-26601-0004-sync-Apply-changes-last-in-SyncChangeAlarmAttributes.patch - U_CVE-2025-26594-0001-Cursor-Refuse-to-free-the-root-cursor.patch U_CVE-2025-26594-0002-dix-keep-a-ref-to-the-rootCursor.patch * Use-after-free of the root cursor (CVE-2025-26594, bsc#1237427) - U_CVE-2025-26595-0001-xkb-Fix-buffer-overflow-in-XkbVModMaskText.patch * Buffer overflow in XkbVModMaskText() (CVE-2025-26595, bsc#1237429) - U_CVE-2025-26596-0001-xkb-Fix-computation-of-XkbSizeKeySyms.patch * Heap overflow in XkbWriteKeySyms() (CVE-2025-26596, bsc#1237430) - U_CVE-2025-26597-0001-xkb-Fix-buffer-overflow-in-XkbChangeTypesOfKey.patch * Buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597, bsc#1237431) - U_CVE-2025-26598-0001-Xi-Fix-barrier-device-search.patch * Out-of-bounds write in CreatePointerBarrierClient() (CVE-2025-26598, bsc#1237432) - U_CVE-2025-26599-0001-composite-Handle-failure-to-redirect-in-compRedirect.patch U_CVE-2025-26599-0002-composite-initialize-border-clip-even-when-pixmap-al.patch * Use of uninitialized pointer in compRedirectWindow() (CVE-2025-26599, bsc#1237433) - U_CVE-2025-26600-0001-dix-Dequeue-pending-events-on-frozen-device-on-remov.patch * Use-after-free in PlayReleasedEvents() (CVE-2025-26600, bsc#1237434) - U_CVE-2025-26601-0001-sync-Do-not-let-sync-objects-uninitialized.patch U_CVE-2025-26601-0002-sync-Check-values-before-applying-changes.patch U_CVE-2025-26601-0003-sync-Do-not-fail-SyncAddTriggerToSyncObject.patch U_CVE-2025-26601-0004-sync-Apply-changes-last-in-SyncChangeAlarmAttributes.patch * Use-after-free in SyncInitTrigger() (CVE-2025-26601, bsc#1237435) ==== yast2 ==== Version update (5.0.11 -> 5.0.12) - respect kernel parameter filtering from agama if found (bsc#1237390,bsc#1234678) - 5.0.12 ==== zstd ==== Version update (1.5.6 -> 1.5.7) Subpackages: libzstd1 - update to 1.5.7: * zstd now employs multiple threads by default * Fix a rare bug in 32-bit mode * Enhanced Compression Speed for Small Data Blocks * Substantial --patch-from performance improvements - Drop pzstd.1.patch - not upstream, but also not needed ==== zypper ==== Version update (1.14.84 -> 1.14.87) Subpackages: zypper-needs-restarting - Package preloader that concurrently downloads files. It's not yet enabled per default. To enable the preview set ZYPP_CURL2=1 and ZYPP_PCK_PRELOAD=1 in the environment. (#104) - BuildRequires: libzypp-devel >= 17.36.4. - version 1.14.87 - refresh: add --include-all-archs (fixes #598) Future multi-arch repos may allow to download only those metadata which refer to packages actually compatible with the systems architecture. Some tools however want zypp to provide the full metadata of a repository without filtering incompatible architectures. - info,search: add option to search and list Enhances (bsc#1237949) - version 1.14.86 - Annonunce --root in commands not launching a Target (bsc#1237044) - BuildRequires: libzypp-devel >= 17.36.3. - version 1.14.85