Packages changed: MicroOS-release (20250522 -> 20250531) NetworkManager aardvark-dns (1.14.0 -> 1.15.0) apparmor avahi avahi-glib2 biosdevname cairo cockpit (334.1 -> 338) cockpit-podman (102 -> 104) cockpit-tukit (0.1.3~git0.41f9fbc -> 0.1.4~git0.6eacfc1) containerd (1.7.23 -> 1.7.27) curl (8.13.0 -> 8.14.0) ddcutil (2.1.4 -> 2.2.0) evolution-data-server (3.56.1 -> 3.56.2) file flatpak (1.16.0 -> 1.16.1) fwupd (2.0.9 -> 2.0.10) gcc14 (14.2.1+git11702 -> 14.3.0+git11799) gcr gcr3 glib2 (2.84.1 -> 2.84.2) gnome-control-center (48.1+15 -> 48.2) gnome-keyring gnome-menus gnome-online-accounts (3.54.2 -> 3.54.3) gnome-shell (48.1 -> 48.2) gnome-shell-extensions (48.1 -> 48.2) gnome-terminal (3.56.1 -> 3.56.2) gnome-user-docs (48.1 -> 48.2) gpg2 gpgme (1.24.2 -> 1.24.3) gpsd (3.25 -> 3.26) grub2 gstreamer-plugins-base harfbuzz (11.1.0 -> 11.2.1) hwdata (0.394 -> 0.395) jq kdegraphics-mobipocket kernel-firmware-ath12k (20250424 -> 20250523) kernel-firmware-bluetooth (20250425 -> 20250516) kernel-firmware-brcm (20250428 -> 20250516) kernel-firmware-platform (20250508 -> 20250516) kernel-firmware-realtek (20250502 -> 20250516) kernel-firmware-sound (20250512 -> 20250521) kf6-kwallet kirigami-addons6 (1.7.0 -> 1.8.1) libadwaita (1.7.2 -> 1.7.4) libapparmor libbpf (1.5.0 -> 1.5.1) libcanberra libgexiv2 (0.14.3 -> 0.14.5) libgsf libjansson (2.14 -> 2.14.1) libmbim (1.30.0 -> 1.32.0) libqmi (1.34.0 -> 1.36.0) libqt5-qtbase (5.15.16+kde130 -> 5.15.17+kde122) libqt5-qtdeclarative (5.15.16+kde22 -> 5.15.17+kde21) libqt5-qtgraphicaleffects (5.15.16+kde0 -> 5.15.17+kde0) libqt5-qtimageformats (5.15.16+kde2 -> 5.15.17+kde2) libqt5-qtmultimedia (5.15.16+kde2 -> 5.15.17+kde2) libqt5-qtquickcontrols (5.15.16+kde0 -> 5.15.17+kde0) libqt5-qtquickcontrols2 (5.15.16+kde5 -> 5.15.17+kde5) libqt5-qtspeech (5.15.16+kde1 -> 5.15.17+kde1) libqt5-qtsvg (5.15.16+kde5 -> 5.15.17+kde5) libqt5-qtwayland (5.15.16+kde59 -> 5.15.17+kde57) libqt5-qtx11extras (5.15.16+kde0 -> 5.15.17+kde0) libsoup libtheora libunwind (1.8.1 -> 1.8.2) libxkbcommon (1.9.2 -> 1.10.0) libzypp (17.36.7 -> 17.37.2) llvm20 (20.1.4 -> 20.1.5) lsof mdadm mozjs128 (128.9.0 -> 128.10.1) mutter (48.2 -> 48.3) nautilus (48.1 -> 48.2) ncurses (6.5.20250510 -> 6.5.20250524) netavark (1.14.1 -> 1.15.0) openssl-3 osinfo-db pipewire (1.4.2 -> 1.4.4) podman (5.4.2 -> 5.5.0) policycoreutils polkit-gnome python-dbus-python python-decorator (5.1.1 -> 5.2.1) python-tornado6 (6.4.2 -> 6.5) python-typing_extensions (4.13.0 -> 4.13.2) python-urllib3 (2.2.3 -> 2.4.0) python313 python313-core qemu qt6-tools rpm samba (4.22.0+git.379.98f46fb51c -> 4.22.1+git.393.a3fcbaec1e5) selinux-policy (20250512 -> 20250528) sessreg (1.1.3 -> 1.1.4) skopeo (1.18.0 -> 1.19.0) suse-module-tools (16.0.59 -> 16.0.60) systemd systemd-presets-branding-MicroOS systemd-presets-common-SUSE tcpd vim (9.1.1330 -> 9.1.1406) vte (0.80.1 -> 0.80.2) vulkan-loader (1.4.309 -> 1.4.313) vulkan-tools (1.4.309 -> 1.4.313) webkit2gtk3 (2.48.1 -> 2.48.2) webkit2gtk4 (2.48.1 -> 2.48.2) wireplumber (0.5.8 -> 0.5.10) xdg-desktop-portal (1.20.0 -> 1.20.3) xorg-x11-fonts yelp yelp-xsl zypp-boot-plugin (0.0.12 -> 0.0.13) zypper (1.14.89 -> 1.14.90) === Details === ==== MicroOS-release ==== Version update (20250522 -> 20250531) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== NetworkManager ==== Subpackages: NetworkManager-bluetooth NetworkManager-tui NetworkManager-wwan libnm0 typelib-1_0-NM-1_0 - Stop relying on the UsrMerge symlinks and ensure we look directly in /usr: + Use _firmwaredir for kernel_firmware_dir + Use /usr/sbin/modprobe (was /sbin/modprobe) ==== aardvark-dns ==== Version update (1.14.0 -> 1.15.0) - Update to version 1.15.0: * release v1.15.0 * release notes for v1.15.0 * github: add automatic release action * deps: update nix to 0.30.1 * fix(deps): update rust crate tokio to 1.45.0 * fix(deps): update hickory-dns monorepo to 0.25.2 * Makefile: use cargo --locked in CI * ci: ensure tree is clean after build * fix(deps): update rust crate clap to ~4.5.37 * chore(deps): update rust crate chrono to 0.4.41 * chore(deps): update dependency containers/automation_images to v20250422 * fix(deps): update rust crate libc to 0.2.172 * .github: check_cirrus_cron work around github bug * fix(deps): update rust crate tokio to 1.44.2 * update hickory to 0.25.1 * fix(deps): update rust crate clap to ~4.5.34 * Add link to c/common contributor's guide * chore(deps): update dependency containers/automation_images to v20250324 * update log to 0.4.27 * fix(deps): update rust crate tokio to 1.44.1 * test: use ncat not nc * fix(deps): update rust crate libc to 0.2.171 * fix(deps): update rust crate tokio to 1.44.0 * .github: remove cirrus rerun action * fix(deps): update rust crate clap to ~4.5.31 * [skip-ci] RPM: fix gating.yaml * chore(deps): update rust crate chrono to 0.4.40 * fix(deps): update rust crate log to 0.4.26 * fix(deps): update rust crate libc to 0.2.170 * fix(deps): update hickory-dns monorepo to 0.24.4 * [skip-ci] RPM/TMT: use tests subpackage * RPM: include empty check section to silence rpmlint * test: do not force nftables * fix(deps): update hickory-dns monorepo to 0.24.3 * Bump to v1.15.0-dev - spec: require cargo instead of rust+cargo; drop redundant comment ==== apparmor ==== - Purge potentially stale profile cache during rpm posttrans via "apparmor_parser --purge-cache" (boo#1242553) ==== avahi ==== Subpackages: libavahi-client3 libavahi-common3 libavahi-core7 - Drop obsolete update-desktop-files BuildRequires and macro. Replace with desktop-file-utils BuildRequires. - Drop unneeded update_spec.pl source, not needed since change to proper multibuild. ==== avahi-glib2 ==== - Drop obsolete update-desktop-files BuildRequires and macro. Replace with desktop-file-utils BuildRequires. - Drop unneeded update_spec.pl source, not needed since change to proper multibuild. ==== biosdevname ==== - Fix changelog format: the line immediately after the dashed line is supposed to be the header with date/author info. ==== cairo ==== Subpackages: libcairo-gobject2 libcairo-script-interpreter2 libcairo2 - Switch back to using source service. ==== cockpit ==== Version update (334.1 -> 338) Subpackages: cockpit-bridge cockpit-networkmanager cockpit-packagekit cockpit-system cockpit-ws - Update branding patch for micro and sle - Bug fixes - Update theme for patternfly 6 - Update spec from upstream - Change when selinux policies are installed - update to 338: Upstream Changes: - Translation updates - Bug fixes - Add check_cockpit_users and add_preexec_cockpit.patch to ensure manually created users and groups are removed. Also check systemd support is in nsswitch - Update cockpit to 337 Upstream Changes: 337: - Upgraded to Patternfly 6 - Support dnf needs-restarting 336.2: - storage: Revert "Use mdraid metadata version 1.0 when in Anaconda mode" - Translation updates 336.1: - storage: Fix passphrase remembering with "Reuse encryption" - Translation updates 336: - storage: Implement deletion of multi-device btrfs - storage: Use mdraid metadata version 1.0 when in Anaconda mode - Add a channel capabilities system 335: storage: SMART support - update various patches to apply on 337 ==== cockpit-podman ==== Version update (102 -> 104) - New version 104, updates since 102: * drop correct-container-search.patch: upstreamed * Upgraded to Patternfly 6 * Link service containers to service pages * Connect to other accounts * Translation updates * Bug fixes ==== cockpit-tukit ==== Version update (0.1.3~git0.41f9fbc -> 0.1.4~git0.6eacfc1) - Update to version 0.1.4~git0.6eacfc1: * Display message for user if they aren't superuser (bsc#1242139) * UI Fixes * FEAT: Patternfly 6 support * BUMP deps to patternfly-6 and update COCKPIT_REPO_COMMIT * fix: Properly handle superuser.allowed * Bump @typescript-eslint/eslint-plugin in the types group * Bump qunit from 2.19.4 to 2.24.1 * Bump the stylelint group across 1 directory with 2 updates * Bump ts-loader from 9.4.4 to 9.5.2 * Bump glob from 11.0.1 to 11.0.2 * Bump the stylelint group with 2 updates * Bump @typescript-eslint/eslint-plugin in the types group * Bump @babel/preset-typescript from 7.22.5 to 7.27.1 * Chore: With dependabot now enabled, lets update insecure npm packages * Bump the react group with 2 updates * Bump esbuild from 0.25.2 to 0.25.4 in the esbuild group * ci: Add in dependabot and automated updates to cockpit-lib * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Spanish) * Translated using Weblate (Czech) * Translated using Weblate (Italian) * Translated using Weblate (Portuguese) * Translated using Weblate (Portuguese) * Translated using Weblate (Swedish) * Translated using Weblate (Swedish) * Translated using Weblate (Georgian) * Translated using Weblate (Georgian) * Translated using Weblate (Chinese (Traditional Han script)) * Translated using Weblate (Chinese (China) (zh_CN)) * Translated using Weblate (Chinese (China) (zh_CN)) * Translated using Weblate (French) * Translated using Weblate (Polish) * Translated using Weblate (Polish) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (Chinese (China) (zh_CN)) * Translated using Weblate (Chinese (China) (zh_CN)) * Translated using Weblate (Italian) * Translated using Weblate (Swedish) * Translated using Weblate (Swedish) * Translated using Weblate (Czech) * Translated using Weblate (Chinese (Traditional Han script)) * Translated using Weblate (French) * Translated using Weblate (Japanese) * Translated using Weblate (Japanese) * Translated using Weblate (Polish) * Translated using Weblate (Polish) * Translated using Weblate (Georgian) * Translated using Weblate (Georgian) * Translated using Weblate (Portuguese) * Translated using Weblate (Portuguese) * Translated using Weblate (Spanish) * Update tukit.pot * Added translation using Weblate (Italian) * Added translation using Weblate (French) * Added translation using Weblate (Spanish) * Translated using Weblate (German) * Added translation using Weblate (Chinese (Traditional Han script)) ==== containerd ==== Version update (1.7.23 -> 1.7.27) - Update to containerd v1.7.27. Upstream release notes: bsc#1239749 CVE-2024-40635 - Rebase patches: * 0001-BUILD-SLE12-revert-btrfs-depend-on-kernel-UAPI-inste.patch - Update to containerd v1.7.26. Upstream release notes: - Rebase patches: * 0001-BUILD-SLE12-revert-btrfs-depend-on-kernel-UAPI-inste.patch - Update to containerd v1.7.25. Upstream release notes: - Rebase patches: * 0001-BUILD-SLE12-revert-btrfs-depend-on-kernel-UAPI-inste.patch ==== curl ==== Version update (8.13.0 -> 8.14.0) Subpackages: libcurl4 - Update to 8.14.0: * Security fixes: - [CVE-2025-4947, bsc#1243397] QUIC certificate check skip with wolfSSL - [CVE-2025-5025, bsc#1243706] No QUIC certificate pinning with wolfSSL * Changes: - mqtt: send ping at upkeep interval - schannel: handle pkcs12 client certificates containing CA certificates - TLS: add CURLOPT_SSL_SIGNATURE_ALGORITHMS and --sigalgs - vquic: ngtcp2 + openssl support - wcurl: import v2025.04.20 script + docs - websocket: add option to disable auto-pong reply * Bugfixes: - asny-thrdd: fix detach from running thread - async-threaded resolver: use ref counter - async: DoH improvements - build: enable gcc-12/13+, clang-10+ picky warnings - build: enable gcc-15 picky warnings - certs: drop unused `default_bits` from `.prm` files - cf-https-connect: use the passed in dns struct pointer - cf-socket: fix FTP accept connect - cfilters: remove assert - cmake: fix nghttp3 static linking with `USE_OPENSSL_QUIC=ON` - cmake: prefer `COMPILE_OPTIONS` over `CMAKE_C_FLAGS` for custom C options - cmake: revert `CURL_LTO` behavior for multi-config generators - configure: fix --disable-rt - CONTRIBUTE: add project guidelines for AI use - cpool/cshutdown: force close connections under pressure - curl: fix memory leak when -h is used in config file - curl_get_line: handle lines ending on the buffer boundary - headers: enforce a max number of response header to accept - http: fix HTTP/2 handling of TE request header using "trailers" - lib: include files using known path - lib: unify conversions to/from hex - libssh: add NULL check for Curl_meta_get() - libssh: fix memory leak - mqtt: use conn/easy meta hash - multi: do transfer book keeping using mid - multi: init_do(): check result - netrc: avoid NULL deref on weird input - netrc: avoid strdup NULL - netrc: deal with null token better - openssl-quic: avoid potential `-Wnull-dereference`, add assert - openssl-quic: fix shutdown when stream not open - openssl: enable builds for *both* engines and providers - openssl: set the cipher string before doing private cert - progress: avoid integer overflow when gathering total transfer size - rand: update comment on Curl_rand_bytes weak random - rustls: make max size of cert and key reasonable - smb: avoid integer overflow on weird input date - urlapi: redirecting to "" is considered fine * Remove curl-8.13.0-CloseSocket.patch upstream * Rebase libcurl-ocloexec.patch ==== ddcutil ==== Version update (2.1.4 -> 2.2.0) - Update to 2.2.0: * ddcutil 2.2.0 is a major new release * Detecting and reporting display connection and disconnection has been reworked and enhanced, making libddcutil more useful to applications such as KDE PowerDevil, vdu_controls, and ddcutil-service. * Other enhancements include : - support for DisplayLink devices using driver evince - more consistent and extensive use of the system log - additional facilities for remote problem diagnosis - changes in building, installation, and packaging * And, of course, there's a year's accumulation of bug fixes and minor enhancements. * Shared library libddcutil is backwardly compatible with that release 2.1.4. It contains some minor changes and additional API functions for display change detection. The SONAME is unchanged as libddcutil.so.5. The release library file is libddcutil.so.5.2.0 * Detailed information about the changes can be found in file CHANGELOG.md in the source tree, and on pages ddcutil 2.2.0 Release Notes (https://www.ddcutil.com/release_notes_220/) and Shared Library Changes for Release 2.2.0 (https://www.ddcutil.com/c_api_220/) on the web site. ==== evolution-data-server ==== Version update (3.56.1 -> 3.56.2) Subpackages: libcamel-1_2-64 libebackend-1_2-11 libebook-1_2-21 libebook-contacts-1_2-4 libecal-2_0-3 libedata-book-1_2-27 libedata-cal-2_0-2 libedataserver-1_2-27 libedataserverui-1_2-4 - Update to version 3.56.2: + Bug Fixes: - Handle changed server pool in WebDAV collection sources ][ - CamelDataWrapper: Correct return value of size calculate functions - GOA EWS: Fallback to likely EWS host URL when autodicovery fails ==== file ==== Subpackages: file-magic libmagic1 - Add file-zipdata.patch * Fix "Some zip files are misclassified as data" see https://bugs.astron.com/view.php?id=571 based on https://github.com/file/file/commit/60b2032b96fc185b37fb0f2152e834efb2edad6e ==== flatpak ==== Version update (1.16.0 -> 1.16.1) Subpackages: flatpak-selinux libflatpak0 system-user-flatpak - Update to version 1.16.1: + Bug fixes: - Fix intermittent flatpak-portal crashes by avoiding unnecessary multi-threading - Don't show a confusing confirmation prompt when flatpak remove --unused removes autoprune-unless extensions that are no longer needed, such as older Nvidia drivers - Don't propagate $PYTHONPYCACHEPREFIX from host into sandbox - Don't propagate $WAYLAND_DISPLAY, $WAYLAND_SOCKET from host into sandbox if access to the Wayland socket has been denied - When discovering the AT-SPI bus, treat $AT_SPI_BUS_ADDRESS as higher-priority than GetAddress(), more closely matching the behaviour of AT-SPI itself - Fix a memory leak when installing extra-data - Don't show fatal transaction errors twice - Fix the build with -Ddefault_library=static - Fix incorrect error reporting - When using FLATPAK_TTY_PROGRESS, terminate OSC escape sequence with standard ST sequence instead of xterm-specific BEL - Include all options in shell completion for flatpak search + Enhancements: - When using parental controls, allow a child account to update existing apps by default, to ensure that security and bugfix updates can be installed. This can be overridden by setting polkit policy rules for the new org.freedesktop.Flatpak.override-parental-controls-update action if necessary - Make systemd scopes easier to match to Flatpak app instances, by using the instance ID instead of the top-level process ID in the scope name - Access to --device=dri now includes /dev/udmabuf - Improve the error message for an invalid parameter to flatpak-spawn --sandbox-a11y-own-name - Speed up flatpak prune --dry-run by not calculating potential freed space and avoiding operations that would need to hold a lock - Speed up flatpak permission-reset by only writing entries that have actually changed - Documentation improvements - Look for TLS certificates at /etc/containers/certs.d when interacting with OCI registries + Updated translations. ==== fwupd ==== Version update (2.0.9 -> 2.0.10) Subpackages: libfwupd3 typelib-1_0-Fwupd-2_0 - Update to version 2.0.10: + This release adds the following features: - Include the AGESA version as the summary of the AMD secure processor device - Include the UEFI PK certificate key ID in the uploaded problem report - Provide a way for the client to restrict the GUID list to an emulated device + This release fixes the following bugs: - Do not allow dbx updates on the HP Elitebook 845 Gen10 - Do not warn about BIOS bugs we can easily work around - Fix a regression in fwupdmgr emulation-save when recording some devices - Fix a regression preventing installation of KEKs - Fix a small memory leak when getting security attributes - Never write a UX capsule when using Capsule-On-Disk - Use the 'OnBattery' property from upower to tell if plugged in + This release adds support for the following hardware: - Lenovo Legion Touchpad - Logitech MX Mechanical - Poly Studio V72 and V12 ==== gcc14 ==== Version update (14.2.1+git11702 -> 14.3.0+git11799) - Disable build of glibc cross to loongarch64 and hppa in SLFO and SLE15. - Update to GCC 14.3 release, bb24b4c804f3d95b0ba95b7496, git11799 - Remove gcc14-pr120061.patch which is now included upstream. - Add gcc14-pr120061.patch to fix the PR108900 fix instead of reverting it. - Remove gcc14-pr108900.patch ==== gcr ==== Subpackages: gcr-ssh-askpass libgck-2-2 libgcr-4-4 typelib-1_0-Gck-2 typelib-1_0-Gcr-4 - Drop obsolete update-desktop-files BuildRequires. ==== gcr3 ==== Subpackages: gcr3-data gcr3-prompter gcr3-ssh-askpass libgck-1-0 libgcr-3-1 - Drop obsolete update-desktop-files BuildRequires and macro. - Use ldconfig_scriptlets macro for post(un) handling. ==== glib2 ==== Version update (2.84.1 -> 2.84.2) Subpackages: glib2-tools libgio-2_0-0 libgirepository-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 typelib-1_0-GLib-2_0 typelib-1_0-GModule-2_0 typelib-1_0-GObject-2_0 typelib-1_0-Gio-2_0 - Update to version 2.84.2: + Bugs fixed: - gclosure: fix ATOMIC_CHANGE_FIELD to read vint atomically - Windows: fix wrong typelib path - gstring: carefully handle gssize parameters - Update macOS job for new CI runner - gdate: Call tzset before localtime_r - Backport -Wsign-conversion fixes for g_get_locale_variants() - glocalfile: Disable faccessat()-based query_exists on Android ==== gnome-control-center ==== Version update (48.1+15 -> 48.2) Subpackages: gnome-control-center-color gnome-control-center-goa - Update to version 48.2: + Wrap settings panel names in small window sizes + Call g_type_ensure for a custom class + Add rounded borders to illustrations + About: Fix multiple GPU name display with NVIDIA GPU on Desktop PC + Apps: - Set bold style to the app name - Hide preference group if no permissions are shown + Notifications: Fix crash when modifying app settings multiple times + Power: Change power saver icon to leaf (matching GNOME Shell) + System: - Improve password generation logic - Use EFF's Wordlists for Random Passphrases for password generator + Users: Don't crash when failing to crop avatar images + Wacom: Get motion history from tablets in test drawing area + Updated translations. - Fix UI issues in "Identity" tab of a connection setting dialog (bsc#1243127). ==== gnome-keyring ==== Subpackages: gnome-keyring-pam libgck-modules-gnome-keyring - Drop obsolete update-desktop-files BuildRequires and macro. ==== gnome-menus ==== Subpackages: libgnome-menu-3-0 typelib-1_0-GMenu-3_0 - Drop obsolete update-desktop-files BuildRequires and macro. - Use ldconfig_scriptlets macro for post(un) handling. ==== gnome-online-accounts ==== Version update (3.54.2 -> 3.54.3) Subpackages: libgoa-1_0-0 libgoa-backend-1_0-2 - Update to version 3.54.3: + Bugs fixed: - Authentication failure in goa IMAP accounts - Handle unexpected casing in domain names + Updated translations. ==== gnome-shell ==== Version update (48.1 -> 48.2) Subpackages: gnome-shell-calendar - Update to version 48.2: + Only enable surrounding-text IM capability when needed + Fix launching command from terminal in run dialog + Ignore offset changes caused by suspend for screen time + Fix app folders sometimes not closing after outside clicks + Fixed crash + Misc. bug fixes and cleanups + Updated translations. ==== gnome-shell-extensions ==== Version update (48.1 -> 48.2) Subpackages: gnome-shell-classic gnome-shell-extensions-common - Update to version 48.2: + windowsNavigator: Fix handling keyboard shortcuts + build: Allow disabling the X11 session ==== gnome-terminal ==== Version update (3.56.1 -> 3.56.2) Subpackages: nautilus-extension-terminal - Update to version 3.56.2: * client: legacy: Initialise --wait to false ==== gnome-user-docs ==== Version update (48.1 -> 48.2) - Update to version 48.2: + Updated translations. ==== gpg2 ==== - Don't install expired sks certificate [bsc#1243069] * Add patch gnupg-dirmngr-Don-t-install-expired-sks-certificate.patch - Revert old max-cache-ttl behavior [bsc#1241656] * Add patch gnupg-agent-Recover-the-old-behavior-with-max-cache-ttl-0.patch ==== gpgme ==== Version update (1.24.2 -> 1.24.3) Subpackages: libgpgme11 libgpgmepp6 python313-gpg - update to 1.24.3: * cpp: Ensure that all transitions go from one state to a different state * cpp: Ensure correct expiration time on 32-bit arch with 64-bit time_t ==== gpsd ==== Version update (3.25 -> 3.26) - Update to version 3.26 * Handle NTRIPv2 that comes in "chunks". * Add many UBX decodes. Mostly in ubxtool, some in gpsd. * Improve TSIP and UBX intitalization. * Gather Antenna Status (ant_stat) and Jamming (jam) and send to JSON. * Always build u-blox, RTCM104V2, RTCM104V3 drivers. * Add partial support for badly documented ALLYSTAR GNSS messages. * Add minimal support for Unicore GNSS messages. * Add minimal support for CASIC GNSS messages. * Add minimal support for buggy Inertial Sense GNSS messages. * Try to work better as non-root using non-standard "capabilities". * Add SUBSYSTEM=gnss rule to gpsd.rules * Moved ntploggps from NTPSec to GPSD and renamed to gpslogntp. * Fix many build, Coverity, and Codacy warnings. * Improved Python interface for the lexer. * Add support for new BeiDou PRNs and subframes. * Officially deprecate gpsmon. * Improve support for NMEA 4.11 (a stealthy moving target). * Remove Oceanserver IMU support. Never worked well. * Always with build ubx, NMEA 103, rtcm104v2 and rtcm104v3 support. * Add support for jamming detection. * Add Go client example. * Add support for RTCM3.2 - Update gpsd.keyring (0C898D47 -> 4294517B) ==== grub2 ==== Subpackages: grub2-common grub2-i386-efi grub2-i386-efi-bls grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi grub2-x86_64-efi-bls - Use /etc/SUSE-brand to display OS label (bsc#1239169) * 0001-mkconfig-Determine-GRUB_DISTRIBUTOR-from-etc-SUSE-br.patch - Add support for LoaderEntryOneshot * grub2-bls-loader-entry-oneshot.patch - Fix product name missing in snapshot list (bsc#1243162) * grub2-snapper-plugin.sh - Fix incorrect nvme disks and boot order in bootlist output (bsc#1237174) * 0001-ieee1275-support-added-for-multiple-nvme-bootpaths.patch ==== gstreamer-plugins-base ==== Subpackages: libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 - Drop obsolete update-desktop-files BuildRequires. ==== harfbuzz ==== Version update (11.1.0 -> 11.2.1) Subpackages: libharfbuzz-gobject0 libharfbuzz-icu0 libharfbuzz-subset0 libharfbuzz0 typelib-1_0-HarfBuzz-0_0 - Update to version 11.2.1: + Various build improvements. + Fix build with HB_NO_DRAW and HB_NO_PAINT. + Add an optional harfruzz shaper that uses HarfRuzz; an ongoing Rust port of HarfBuzz shaping. This shaper is mainly used for testing the output of the Rust implementation. + Fix regression that caused applying unsafe_to_break() to the whole buffer to be ignored. + Update USE data files. + Fix getting advances of out-of-rage glyph indices in DirectWrite font functions. - Changes from version 11.2.0: + Painting of COLRv1 fonts without clip boxes is now about 10 times faster. + Synthetic bold/slant of a sub font is now respected, instead of using the parent’s. + Glyph extents for fonts synthetic bold/slant are now accurately calculated. + Various build fixes. ==== hwdata ==== Version update (0.394 -> 0.395) - Update to version 0.395: * Update pci and vendor ids ==== jq ==== Subpackages: libjq1 - Add patch CVE-2024-53427.patch (CVE-2024-53427, bsc#1238078) ==== kdegraphics-mobipocket ==== - Drop the KF5 flavor, there are no user left ==== kernel-firmware-ath12k ==== Version update (20250424 -> 20250523) - Update to version 20250523 (git commit f4e75db20a11): * ath12k: WCN7850 hw2.0: update to WLAN.HMT.1.1.c5-00284.1-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3 ==== kernel-firmware-bluetooth ==== Version update (20250425 -> 20250516) - Update to version 20250516 (git commit 759c4acafb4a): * rtl_bt: Update RTL8822C BT USB and UART firmware to 0x7C20 ==== kernel-firmware-brcm ==== Version update (20250428 -> 20250516) - Update to version 20250516 (git commit 759c4acafb4a): * brcmfmac: Add a couple of NanoPi devices ==== kernel-firmware-platform ==== Version update (20250508 -> 20250516) - Update to version 20250516 (git commit 759c4acafb4a): * powervr: add firmware for Imagination Technologies BXS-4-64 GPU * cnm: update chips&media wave521c firmware. ==== kernel-firmware-realtek ==== Version update (20250502 -> 20250516) - Update to version 20250516 (git commit 759c4acafb4a): * rtl_nic: add firmware rtl8127a-1 ==== kernel-firmware-sound ==== Version update (20250512 -> 20250521) - Update to version 20250521 (git commit 3fbaee2775a4): * cirrus: cs35l41: Fix firmware links for several ASUS laptops * cirrus: cs35l41: Add Firmware for various HP Agusta Laptops using CS35L41 HDA * cirrus: cs35l41: Add Firmware for various ACER Laptops using CS35L41 HDA ==== kf6-kwallet ==== Subpackages: kwalletd6 libKF6Wallet6 libKF6WalletBackend6 - Add patch to avoid DBus failures if disabled (kde#504014): * 0001-Don-t-make-clients-hang-if-kwallet-is-disabled.patch ==== kirigami-addons6 ==== Version update (1.7.0 -> 1.8.1) Subpackages: libKirigamiAddonsStatefulApp6 - Update to 1.8.1 * Add check for QDoc target - Update to 1.8.0 https://carlschwan.eu/2025/05/19/kirigami-addons-1.8.0/ * Two new form delegates: FormLinkDelegate and FormIconDelegate * Added a password quality checker * Improved avatar rendering * Fixed several issues when using Kirigami with the QtQuick software rendering backend ==== libadwaita ==== Version update (1.7.2 -> 1.7.4) Subpackages: libadwaita-1-0 typelib-1_0-Adw-1 - Update to version 1.7.4: + Fix a critical when disposing AdwCarousel after scrolling with mouse wheel. - Update to version 1.7.3: + Fix a crash with empty window layouts + AdwExpanderRow: Fix grab_focus() behavior + AdwSettings: Move yellow/green boundary for accent color + Docs: - Fix window radius value - Fix missing AdwCarouselIndicatorLines image + Inspector: Disable markup on window rows + Stylesheet - Fix icon padding for .default-decoration too - Fix .property for expander rows - Fix disabled styles for various .view widgets + Updated translations. ==== libapparmor ==== - Purge potentially stale profile cache during rpm posttrans via "apparmor_parser --purge-cache" (boo#1242553) ==== libbpf ==== Version update (1.5.0 -> 1.5.1) - update to 1.5.1: * Patch release with a single backported change that improves compatibility story of older versions of libbpf-cargo. https://github.com/libbpf/libbpf/commit/ 453601a65a6ebcf523b009585b49ce0ad0adeff1 ==== libcanberra ==== Subpackages: canberra-gtk-play libcanberra-gtk3-0 libcanberra0 - Drop obsolete update-desktop-files BuildRequires and macro. - Use ldconfig_scriptlets macro for post(un) handling. ==== libgexiv2 ==== Version update (0.14.3 -> 0.14.5) - Update to version 0.14.5: + Add a .def file and tool to generate it + Do not return bool for std::string on windows + Change license of GExiv2.py to GPL-2.0-or-later ==== libgsf ==== Subpackages: gsf-office-thumbnailer libgsf-1-114 - Drop obsolete update-desktop-files BuildRequires. - Modernize spec, use modern macros. ==== libjansson ==== Version update (2.14 -> 2.14.1) - Update to 2.14.1: * Fix thread safety of encoding and decoding when uselocale() or newlocale() is used to switch locales inside the threads (#674, #675, #677). * Use David M. Gay’s dtoa() algorithm to avoid misprinting issues of real numbers that are not exactly representable as a double() (#680). ==== libmbim ==== Version update (1.30.0 -> 1.32.0) - Update to version 1.32.0: + New Fibocom service + New Compal service + Extend the Quectel service + New '--sms-read' and '--sms-delete' actions. + New '--compal-query-at-command', '--fibocom-set-at-command', and '--quectel-set-at-command' actions + New MS Basic Connect '--ms-set-lte-attach-configuration' + New Basic Connect '--set-register-state' to allow automatic or manual registration configuration + Renamed Basic Connect '--query-registration-state' to '--query-register-state' to be consistent with other actions. Old name is kept as an alias for compatibility ==== libqmi ==== Version update (1.34.0 -> 1.36.0) - Update to version 1.36.0: * New request/response/indications * New TLVs supported in existing messages * libqmi-glib: * * Fix for 16-bit service indications on big-endian (BE) architectures * * Fix qmi_wwan sysfs attr ownership to match that of the control device - Drop 0001-message-fix-16bit-service-on-big-endian.patch: Fixed upstream. ==== libqt5-qtbase ==== Version update (5.15.16+kde130 -> 5.15.17+kde122) Subpackages: libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 - Update to version 5.15.17+kde122, rebased upstream: * QFileSystemEngine/Win: Use GetTempPath2 when available * XML/QDom: speedup encodeText() * Update Harfbuzz to 8.4.0 * SQLite: Update SQLite to v3.45.3 * Avoid detection of heading in tst_QTextMarkdownImporter::thematicBreaks * Update md4c to 0.5.2 * xcb: Avoid recreating xcb window in QXcbWindow::requestActivateWindow() * QMetaMethod: document that fromSignal(nullptr) is ok * PCRE2: upgrade to 10.43 * SQLite: Update SQLite to v3.45.2 * Update bundled libpng to version 1.6.43 * androiddeployqt: fix QDirIterator::next() usage * SQLite: Update SQLite to v3.45.1 * QDBusUtil: document the D-Bus signature grammar * Windows: clean up System Tray Icon message icon * Windows 7: blacklist tests that fail from low screen resolution * Update bundled libjpeg-turbo to version 3.0.2 * QXcbWindow::handleLeaveNotifyEvent(): Consume when leaving geometry * [docs] Fix C'n'P error in QTRY_VERIFY2 example * tst_bench_QImageReader: add a benchmark for raw QFatoryLoader operations * Update bundled libpng to version 1.6.42 * Update bundled libpng to version 1.6.41 * Fix license header for update_public_suffix_list.sh * PSL: add changelog entry to the suggested commit message * windows: Avoid infinite recursion with certain fonts * SQLite: Update SQLite to v3.45.0 * Update Zlib to 1.3.1 * [docs] QVersionNumber: fix a typo * QTextEngine: also round x-offset for non-subpixel text render * tst_moc: DRY QProcess success verification * [docs] Remove references to C++11 feature availability * Doc: Replace 'saveFile' with 'saveFileContent' * QObject: Make it clear we don't install duplicated event filters * Rename QImageReader benchmark to tst_bench_ * tst_QString: explain TransientDefaultLocale better * SQLite: Update SQLite to v3.44.2 * Fix Japan locale not showing japanese fonts correctly * Bump supported macOS SDK version to version 14 * SQLite: Update SQLite to v3.44.1 * Bump version to 5.15.17 * [doc] QBENCHMARK_ONCE: fix typos * xcb: update WM_TRANSIENT_FOR on transientParent native window recreation * xcb: make QXcbWindow inherit QObject * Upgrade to Harfbuzz 8.3.0 * QStringList: improve benchmark code * Fix compilation with MSVC 17.8 * SQLite: Update SQLite to v3.44.0 * tst_QMetaEnum: add round-trip testing to valueToKeys() ==== libqt5-qtdeclarative ==== Version update (5.15.16+kde22 -> 5.15.17+kde21) - Update to version 5.15.17+kde21, rebased upstream: * Flickable: don't allow dragging with mouse buttons other than left * Fix deadlock in long-running particle system * Increase the timeout for tst_qmlmin * Windows 7: blacklist tests that fail from low screen resolution * QtQml: Clear context objects more thoroughly on destruction * Avoid crashing in the quickwidgets example after closing the subwindow * doc: Fix type of fontInfo.pixelSize property * QtQuick.Shapes: Mark Shape properties as readonly * doc: Mention that Window.visible is false by default * Bump version to 5.15.17 * Add license headers to shader source ==== libqt5-qtgraphicaleffects ==== Version update (5.15.16+kde0 -> 5.15.17+kde0) - Update to version 5.15.17+kde0, rebased upstream: * Bump version to 5.15.17 ==== libqt5-qtimageformats ==== Version update (5.15.16+kde2 -> 5.15.17+kde2) - Update to version 5.15.17+kde2, rebased upstream: * Update bundled libwebp to version 1.4.0 * Bump version to 5.15.17 ==== libqt5-qtmultimedia ==== Version update (5.15.16+kde2 -> 5.15.17+kde2) - Update to version 5.15.17+kde2, rebased upstream: * qmake: Don't add audiocapture directory twice when targeting QNX * Fix device file contention when setting parameters on v4l cameras * Bump version to 5.15.17 ==== libqt5-qtquickcontrols ==== Version update (5.15.16+kde0 -> 5.15.17+kde0) - Update to version 5.15.17+kde0, rebased upstream: * Bump version to 5.15.17 ==== libqt5-qtquickcontrols2 ==== Version update (5.15.16+kde5 -> 5.15.17+kde5) Subpackages: libQt5QuickControls2-5 libQt5QuickTemplates2-5 - Update to version 5.15.17+kde5, rebased upstream: * Bump version to 5.15.17 ==== libqt5-qtspeech ==== Version update (5.15.16+kde1 -> 5.15.17+kde1) - Update to version 5.15.17+kde1, rebased upstream: * Bump version to 5.15.17 ==== libqt5-qtsvg ==== Version update (5.15.16+kde5 -> 5.15.17+kde5) - Update to version 5.15.17+kde5, rebased upstream: * Avoid runtime warnings about negative font sizes * Bump version to 5.15.17 ==== libqt5-qtwayland ==== Version update (5.15.16+kde59 -> 5.15.17+kde57) Subpackages: libQt5WaylandClient5 libQt5WaylandCompositor5 - Update to version 5.15.17+kde57, rebased upstream: * bradient: Use QWaylandWindow actual window title * Revert "Add license headers to shader files" * Only remove initialized extensions in ExtContainer * Doc: Fix license info for Qt Wayland QPA plugin * Bump version to 5.15.17 ==== libqt5-qtx11extras ==== Version update (5.15.16+kde0 -> 5.15.17+kde0) - Update to version 5.15.17+kde0, rebased upstream: * Bump version to 5.15.17 ==== libsoup ==== Subpackages: libsoup-3_0-0 typelib-1_0-Soup-3_0 - Add libsoup-CVE-2025-4969.patch: multipart: verify array bounds before accesing its members (boo#1243423 CVE-2025-4969). - Also rerun tests for ppc64le should they fail. hsts-db-test appears to time out intermittently there (bsc#1243570). - Add libsoup-CVE-2025-4476.patch: fix crash in soup_auth_digest_get_protection_space (boo#1243422 CVE-2025-4476 glgo#GNOME/libsoup!457). - Add libsoup-CVE-2025-4948.patch: verify boundary limits for multipart body (boo#1243332 CVE-2025-4948 glgo#GNOME/libsoup#449). ==== libtheora ==== Subpackages: libtheora1 libtheoradec2 libtheoraenc2 - remove Requires from -devel that are already auto-generated - update description - Fix Leap 15.x build ==== libunwind ==== Version update (1.8.1 -> 1.8.2) - Update to 1.8.2: * Rework inline aarch64 as for setcontext * Fixed miscompilation of unw_getcontext() on ARM * Support -mbranch-protection=pac-ret on aarch64 * Add unw_is_plt_entry() to public API (fixes FTBFS on QNX) * Fix signal handling for QNX aarch64 ==== libxkbcommon ==== Version update (1.9.2 -> 1.10.0) Subpackages: libxkbcommon-x11-0 libxkbcommon0 libxkbregistry0 - Update to release 1.10.0 * Changed Compose behavior so that sequences defined later always override ones defined earlier, even if the new sequence is shorter. * Modifiers masks handling has been refactored to properly handle virtual modifiers. Modifier masks are now always considered as an opaque encoding of the modifiers state: * 1. Modifiers masks should not be interpreted by other means than the provided API. In particular, one should not assume that modifiers masks always denote the modifiers indexes of the keymap. * 2. It enables using virtual modifiers with arbitrary mappings. ==== libzypp ==== Version update (17.36.7 -> 17.37.2) - Add a note to service maintained .repo file entries (fixes #638) - Support using %{url} variable in a RIS service's repo section. - version 17.37.2 (35) - Use a cookie file to validate mirrorlist cache. This patch extends the mirrorlist code to use a cookie file to validate the contents of the cache against the source URL, making sure that we do not accidentially use a old cache when the mirrorlist url was changed. For example when migrating a system from one release to the next where the same repo alias might just have a different URL. - Let Service define and update gpgkey, mirrorlist and metalink. - Preserve a mirrorlist file in the raw cache during refresh. - version 17.37.1 (35) - Code16: Enable curl2 backend and parallel package download by default. In Code15 it's optional. Environment variables ZYPP_CURL2=<0|1> and ZYPP_PCK_PRELOAD=<0|1> can be used to turn the features on or off. - Make gpgKeyUrl the default source for gpg keys. When refreshing zypp now primarily uses gpgKeyUrl information from the repo files and only falls back to a automatically generated key Url if a gpgKeyUrl was not specified. - Introduce mirrors into the Media backends (bsc#1240132) - Drop MediaMultiCurl backend. - Throttle progress updates when preloading packages (bsc#1239543) - Check if request is in valid state in CURL callbacks (fixes openSUSE/zypper#605) - spec/CMake: add conditional build '--with[out] classic_rpmtrans_as_default'. classic_rpmtrans is the current builtin default for SUSE, otherwise it's single_rpmtrans. The `enable_preview_single_rpmtrans_as_default_for_zypper` switch was removed from the spec file. Accordingly the CMake option ENABLE_PREVIEW_SINGLE_RPMTRANS_AS_DEFAULT_FOR_ZYPPER was removed. - version 17.37.0 (35) ==== llvm20 ==== Version update (20.1.4 -> 20.1.5) - Update to version 20.1.5. * This release contains bug-fixes for the LLVM 20.1.0 release. This release is API and ABI compatible with 20.1.0. - Rebase llvm-do-not-install-static-libraries.patch. - Add llvm-fix-hexagon-test.patch to fix failing test. - Enable build of libc++ for ppc64le ==== lsof ==== - Force skip NFS test, as it cannot complete properly in OBS but it can be accidentally triggered there on ppc64. (bsc#1243577, lsof-skip-nfs-test.patch). ==== mdadm ==== - monitor: Add MAILFROM address to email envelope to avoid smtp auth errors (bsc#1241474) * add 1008-mdmonitor-use-MAILFROM-to-set-sendmail-envelope-send.patch ==== mozjs128 ==== Version update (128.9.0 -> 128.10.1) - Update to version 128.10.1: + MFSA 2025-37: - CVE-2025-4920 (bmo#1966612): Out-of-bounds access when resolving Promise objects - CVE-2025-4921 (bmo#1966614): Out-of-bounds access when optimizing linear sums ==== mutter ==== Version update (48.2 -> 48.3) - Update to version 48.3: + Use opaque dma-buf formats substitutes for scanout + Restore tiled/maximized windows to the correct monitor + Do not leak session manager file to launched processes + Use frame-sync candidate that likely matches scanout candidate + Propagate all touchpad gesture events to apps + Update window decorations on override-redirect attribute + Load initial _NET_WM_FULLSCREEN_MONITORS value + Fix race when registering implicit grab + Skip multiple refresh intervals if necessary + box-layout: Update actor-request-mode on orientation changes + Do not take control of logind session on Xorg + Fixed crashes + Plugged leaks + Misc. bug fixes and cleanups + Updated translations. ==== nautilus ==== Version update (48.1 -> 48.2) Subpackages: gnome-shell-search-provider-nautilus libnautilus-extension4 - Update to version 48.2: + Bugfixes: - Load directory before thumbnail attributes are ready - Fix trash banner visibiltiy - Fix sporadic crash when loading new view - Improve container-related media property handling + Updated translations. ==== ncurses ==== Version update (6.5.20250510 -> 6.5.20250524) Subpackages: libncurses6 ncurses-utils terminfo-base - Add ncurses patch 20250524 + correct option-name used in configure script, which resulted in size change for cchar_t (cf: 20250517). - Add ncurses patch 20250517 + initial changes for some ABI 7 features: + disable wgetch-events + add feature for extending mouse-buttons + add feature for extending direct-color support + use bracketed+paste in nsterm, rlogin-color, screen, terminology -TD - First steps to support ABI 7 - Update to tack-1.11-20250503 * 2025/04/29 Add checks for RV/rv and XR/xr - Avoid expanding %jobs in comment (boo#1237231) ==== netavark ==== Version update (1.14.1 -> 1.15.0) - Update to version 1.15.0: * release v1.15.0 * release notes for v1.15.0 * update release notes from v1.14.1 * update nftables to 0.6.2 * run cargo update * chore(deps): update rust crate tempfile to 3.20.0 * chore(deps): update rust crate chrono to 0.4.41 * fix(deps): update rust crate tokio to 1.45.0 * fix(deps): update tonic monorepo to 0.13.1 * fix(deps): update rust crate zbus to 5.6.0 * fix(deps): update rust crate sha2 to 0.10.9 * fix(deps): update rust crate clap to ~4.5.37 * aardvark: handle names more safely * aardvark: use one buffer for commit_entry() * don't clone container_names in AardvarkEntry * Makefile: correctly set SOURCES * remove some unused deps * Makefile: use cargo --locked in CI * chore(deps): update dependency containers/automation_images to v20250422 * ci: ensure tree is clean after build * fix(deps): update rust crate rand to 0.9.1 * .github: check_cirrus_cron work around github bug * Cargo.lock: fix desync with Cargo.toml * fix(deps): update rust crate netlink-packet-utils to 0.6.0 * firewalld_reload: share connection * fix new rust 1.86 lint errors * ignore SIGTERM and SIGINT on teardown * fix(deps): update rust crate tokio to 1.44.2 * Release GHA: Automatically publish crate * test: use ncat not nc * update CI image 2025-03-24 * fix new clippy lint errors * fix(deps): update rust crate env_logger to 0.11.8 * fix(deps): update rust crate clap to ~4.5.34 * chore(deps): update rust crate once_cell to 1.21.3 * fix(deps): update rust crate hyper-util to 0.1.11 * GHA: Automate release * remove search domain from response * chore(deps): update rust crate once_cell to 1.21.2 * fix(deps): update tonic monorepo to 0.13.0 * Add link to c/common contributor's guide * fix(deps): update rust crate log to 0.4.27 * chore(deps): update rust crate tempfile to 3.19.1 * fix(deps): update rust crate nispor to 1.2.23 * fix(deps): update rust crate netlink-packet-route to 0.22.0 * Fix detect of Firewalld's StrictForwardPorts property * chore(deps): update rust crate tempfile to 3.19.0 * chore(deps): update rust crate once_cell to 1.21.1 * fix(deps): update rust crate tokio to 1.44.1 * chore(deps): update rust crate once_cell to 1.21.0 * fix(deps): update rust crate env_logger to 0.11.7 * fix(deps): update rust crate tokio to 1.44.0 * test/001-basic: Make commit test optional * .github: remove cirrus rerun action * chore(deps): update rust crate tempfile to 3.18.0 * fix(deps): update rust crate clap to ~4.5.31 * chore(deps): update rust crate chrono to 0.4.40 * fix(deps): update rust crate zbus to v5 * Bump MSRV to v1.77 * Update Rust crate log to 0.4.26 * cirrus: do not build debug bins * Makefile: do not rebuild if nothing changed * Makefile: uninstall netavark-firewalld-reload.service * docs/Makefile: several fixes * Makefile: build docs by default * Makefile: do not build twice * chore(deps): update rust crate tempfile to 3.17.1 * chore(deps): update rust crate tempfile to 3.17.0 * fix(deps): update rust crate prost to 0.13.5 * Bump to v1.15.0-dev ==== openssl-3 ==== Subpackages: libopenssl3 - Fix P-384 curve on lower-than-P9 PPC64 targets [bsc#1243014] * Add openssl-Fix-P384-on-P8-targets.patch [a72f753c] - Security fix: [bsc#1243564, CVE-2025-4575] * Fix the x509 application adding trusted use instead of rejected use * Add openssl-CVE-2025-4575.patch - FIPS: Fix the speed command in FIPS mode for KMAC * Add openssl-FIPS-Fix-openssl-speed-KMAC.patch - FIPS: Restore the check to deny SHA1 signatures in FIPS mode and the functionality to allow/deny via crypto-policies. [jsc#PED-12224] * Remove openssl-rh-allow-sha1-signatures.patch * Add patches: - openssl-Allow-disabling-of-SHA1-signatures.patch - openssl-FIPS-Deny-SHA-1-sigver-in-FIPS-provider.patch - openssl-FIPS-Allow-SHA1-in-seclevel-2-if-rh-allow-sha1-signatures.patch ==== osinfo-db ==== - bsc#1243296 - What version of virt-manager-common supports SLES16 ISO layout add-sles16-support.patch ==== pipewire ==== Version update (1.4.2 -> 1.4.4) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Update to version 1.4.4: * Highlights - Provide better compatibility with 1.2 for MIDI. - Fix mpv buffer negotiation regression. - Improve GStreamer compatibility with libcamera. * SPA - Provide conversions to old style midi in the ALSA sequencer. - Negotiate only to UMP when using a newer library. - Fix negotiation direction for buffers, prefer the converter suggestion instead of the application until we can be sure applications make good suggestions. * GStreamer - Allow a minimum of 1 buffers again instead of 8. libcamera will allocate only 4 buffers so we need to support this. - Update to version 1.4.3: * Highlights - Many netjack2 improvements. The driver/manager roles were fixed, MIDI is written correctly and errors are handled better. - Improvements to UMP sysex handling. - More small bug fixes and improvements. * PipeWire - Let all commands go to the node. This makes it possible to send custom commands. * Modules - Many netjack2 improvements. The driver/manager roles were fixed, MIDI is written correctly and errors are handled better. - Improve the filter-graph state management in filter-chain. * SPA - Use default value of filter. (#4619) - Fix UMP program change conversion to MIDI 1.0. (#4664) - Skip only the first buffer for raw formats in v4l2 to avoid dropping important headers when dealing with encoded formats. - Fix ebur128 port name. (#4667) - Only convert UMP/MIDI, pass other controls. Fixes OSC and other control types in the mixer. (#4692) - Improve UMP sysex handling in alsa seq. - Improve ALSA audio.channels support. Only use this when the value is within the valid range. * Tools - debug UMP SysRT messages correctly in pw-mididump. * JACK - Handle sysex in UMP better by appending the converted midi1 sysex ==== podman ==== Version update (5.4.2 -> 5.5.0) - Update to version 5.5.0: Big update, see the full changelog here: https://github.com/containers/podman/releases/tag/v5.5.0 * Breaking Changes - Due to changes in Docker API types, two small breaking changes have been made in the Go bindings for the REST API. The containers.Commit() function now returns a new struct (types.IDResponse) with identical contents, and the containers.ExecCreate function's handlers.ExecCreateConfig parameter now contains a different embedded struct, potentially requiring changes to how it is assigned to. * Dependencies - fix(deps): update module github.com/docker/docker to v28.1.1+incompatible - fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.28 - fix(deps): update module github.com/docker/docker to v28.1.1+incompatible - chore(deps): update dependency setuptools to v79 - fix(deps): update module github.com/docker/docker to v28.1.0+incompatible - chore(deps): update dependency golangci/golangci-lint to v2.1.2 - fix(deps): update module golang.org/x/net to v0.39.0 - fix(deps): update module golang.org/x/crypto to v0.37.0 - fix(deps): update module github.com/onsi/ginkgo/v2 to v2.23.4 - fix(deps): update module golang.org/x/term to v0.31.0 - fix(deps): update module github.com/moby/sys/user to v0.4.0 - fix(deps): update module github.com/onsi/gomega to v1.37.0 - fix(deps): update module github.com/shirou/gopsutil/v4 to v4.25.3 - fix(deps): update github.com/openshift/imagebuilder digest to e87e4e1 - fix(deps): update github.com/opencontainers/runtime-tools digest to 260e151 - chore(deps): update dependency setuptools to v78 - fix(deps): update module golang.org/x/net to v0.38.0 - fix(deps): update module github.com/containers/gvisor-tap-vsock to v0.8.5 - fix(deps): update module github.com/onsi/gomega to v1.36.3 - chore(deps): update dependency setuptools to v77 - chore(deps): update dependency setuptools to ~=76.1.0 - fix(deps): update module github.com/opencontainers/runc to v1.2.6 - fix(deps): update module golang.org/x/net to v0.37.0 - chore(deps): update dependency setuptools to v76 - fix(deps): update module golang.org/x/net to v0.36.0 [security] - chore(deps): update dependency setuptools to ~=75.9.1 - fix(deps): update module github.com/containers/buildah to v1.39.2 - fix(deps): update module github.com/opencontainers/image-spec to v1.1.1 - fix(deps): update module github.com/shirou/gopsutil/v4 to v4.25.2 - chore(deps): update dependency pytest to v8.3.5 - fix(deps): update github.com/vishvananda/netlink digest to 0af3215 - fix(deps): update github.com/digitalocean/go-qemu digest to ee9b066 - fix(deps): update module github.com/opencontainers/runtime-spec to v1.2.1 - fix(deps): update module github.com/containers/libhvee to v0.10.0 - fix(deps): update module github.com/containers/buildah to v1.39.1 - chore(deps): update module github.com/go-jose/go-jose/v4 to v4.0.5 [security] - fix(deps): update module github.com/vbatts/git-validation to v1.2.2 - fix(deps): update module github.com/vbauerster/mpb/v8 to v8.9.3 - fix(deps): update module tags.cncf.io/container-device-interface to v0.8.1 - fix(deps): update github.com/containers/storage digest to b6f6fb2 - fix(deps): update module github.com/opencontainers/runc to v1.2.5 - chore(deps): update docker.io/library/golang docker tag to v1.24 - fix(deps): update github.com/hugelgupf/p9 digest to 6f4f11e - fix(deps): update module golang.org/x/tools to v0.30.0 - fix(deps): update module golang.org/x/net to v0.35.0 - fix(deps): update module golang.org/x/crypto to v0.33.0 - fix(deps): update module github.com/vbauerster/mpb/v8 to v8.9.2 - fix(deps): update module google.golang.org/protobuf to v1.36.5 - fix(deps): update module golang.org/x/sync to v0.11.0 - fix(deps): update module golang.org/x/term to v0.29.0 - fix(deps): update module golang.org/x/sys to v0.30.0 - fix(deps): update module github.com/shirou/gopsutil/v4 to v4.25.1 - fix(deps): update golang.org/x/exp digest to e0ece0d - fix(deps): update github.com/vishvananda/netlink digest to 7c2350b - fix(deps): update module github.com/spf13/pflag to v1.0.6 - fix(deps): update module google.golang.org/protobuf to v1.36.4 - remove 0001-CVE-2025-22869-ssh-limit-the-size-of-the-internal-pa.patch ==== policycoreutils ==== Subpackages: policycoreutils-python-utils python313-policycoreutils - Remove misleading comment from spec file about reuqires for policycoreutils-devel - Improve policycoreutils-devel package dependencies (bsc#1236193). - Change Recommends for policycoreutils-devel to the gui package to Requires. This causees some system bloat for people that only want to use the config GUI, but prevents errors when building policy packages - Properly exclude gui.py file (bsc#1242096) - Added Recommends for policycoreutils-devel to the gui package - Move gui.py file to gui sub-package to prevent policycoreutil python packages from having excessive requirements ==== polkit-gnome ==== - Drop obsolete update-desktop-files BuildRequires and macro. - Use make_build macro. ==== python-dbus-python ==== - Remove require on dbus-1. This library is pulled in by dnf, which normally works inside WSL1, but installing dbus-1 makes WSL1 unusable (bsc#1215538) ==== python-decorator ==== Version update (5.1.1 -> 5.2.1) - Update to 5.2.1 * Updated CHANGES.md * Update Makefile [ci skip] * Include tests and documentation in sdist * Managed functions without __name__ - from version 5.2.0 * Replace deprecated logging.warn with logging.warning * Add support for Python 3.11 * Update download links * Fix codespell errors * Add support for decorative partial functions * Replace 'bytecode' by 'binary' in LICENSE.txt to align with BSD-2-Clause * Add support for Python 3.12 * Stop testing EOL Python 3.5 and 3.6 due to CI unavailability * Requiring Python >= 3.7 * Dropped support for Python <= 3.6 * Use SPDX license identifier * Add support for Python 3.13 * codespell: assertIn is not a typo * Testing only Python >= 3.8 * Using asyncio.run * Replaced setup.py with pyproject * Updated copyright * Moved tests outside of src - Switch package to modern Python Stack on SLE-15 * Use Python 3.11 on SLE-15 by default * Drop support for older Python versions - Switch build system from setuptools to pyproject.toml * Add python-pip and python-wheel to BuildRequires * Replace %python_build with %pyproject_wheel * Replace %python_install with %pyproject_install * Update name for dist directory in %files section ==== python-tornado6 ==== Version update (6.4.2 -> 6.5) - Update to 6.5.0 (CVE-2025-47287, bsc#1243268): * Security Improvements: - Previously, malformed multipart-form-data requests could log multiple warnings and constitute a denial-of-service attack. Now an exception is raised at the first error, so there is only one log message per request. This fixes CVE-2025-47287. * General Changes: - Python 3.14 is now supported. Older versions of Tornado will work on Python 3.14 but may log deprecation warnings. - The free-threading mode of Python 3.13 is now supported on an experimental basis. Prebuilt wheels are not yet available for this configuration, but it can be built from source. - The minimum supported Python version is 3.9. * Deprecation Notices: - Support for obs-fold continuation lines in HTTP headers is deprecated and will be removed in Tornado 7.0, as is the use of carriage returns without line feeds as header separators. - The callback argument to websocket_connect is deprecated and will be removed in Tornado 7.0. Note that on_message_callback is not deprecated. - The log_message and args attributes of tornado.web.HTTPError are deprecated. Use the new get_message method instead. ==== python-typing_extensions ==== Version update (4.13.0 -> 4.13.2) - Update to 4.13.2 * Fix `TypeError` when taking the union of `typing_extensions.TypeAliasType` and a `typing.TypeAliasType` on Python 3.12 and 3.13. * Backport from CPython PR #132160) to avoid having user arguments shadowed in generated `__new__` by `@typing_extensions.deprecated`. - from version 4.13.1 * Fix regression in 4.13.0 on Python 3.10.2 causing a `TypeError` when using `Concatenate`. * Fix `TypeError` when using `evaluate_forward_ref` on Python 3.10.1-2 and 3.9.8-10. ==== python-urllib3 ==== Version update (2.2.3 -> 2.4.0) - Update to 2.4.0 * Applied PEP 639 by specifying the license fields in pyproject.toml. (#3522) * Updated exceptions to save and restore more properties during the pickle/serialization process. (#3567) * Added verify_flags option to create_urllib3_context with a default of VERIFY_X509_PARTIAL_CHAIN and VERIFY_X509_STRICT for Python 3.13+. (#3571) * Fixed a bug with partial reads of streaming data in Emscripten. (#3555) * Switched to uv for installing development dependecies. (#3550) * Removed the multiple.intoto.jsonl asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (#3566) - 2.3.0: * Added HTTPResponse.shutdown() to stop any ongoing or future reads for a specific response. It calls shutdown(SHUT_RD) on the underlying socket. This feature was sponsored by LaunchDarkly. (#2868) * Added support for JavaScript Promise Integration on Emscripten. This enables more efficient WebAssembly requests and streaming, and makes it possible to use in Node.js if you launch it as node - -experimental-wasm-stack-switching. (#3400) * Added the proxy_is_tunneling property to HTTPConnection and HTTPSConnection. (#3285) * Added pickling support to NewConnectionError and NameResolutionError. (#3480) * Fixed an issue in debug logs where the HTTP version was rendering as "HTTP/11" instead of "HTTP/1.1". (#3489) * Removed support for Python 3.8. (#3492) - Skip test_close_after_handshake flaky test, it fails sometimes in ppc64le and s390x architectures, bsc#1243583 ==== python313 ==== - Add CVE-2025-4516-DecodeError-handler.patch fixing CVE-2025-4516 (bsc#1243273) blocking DecodeError handling vulnerability, which could lead to DoS. ==== python313-core ==== Subpackages: libpython3_13-1_0 python313-base - Add CVE-2025-4516-DecodeError-handler.patch fixing CVE-2025-4516 (bsc#1243273) blocking DecodeError handling vulnerability, which could lead to DoS. ==== qemu ==== - Fix building opensbi with gcc-15: * [openSUSE] Fix bsc#1241473 (in opensbi) - Fixes for bsc#1241240 and bsc#1243585: * vfio/spapr: Fix L2 crash with PCI device passthrough and memory > 128G (bsc#1241240) * vfio/spapr: Enhance error handling in vfio_spapr_create_window() (bsc#1241240) * tests/functional: Use -no-shutdown in the hppa_seabios test (bsc#1243585) ==== qt6-tools ==== Subpackages: libQt6UiTools6 qt6-tools-qdbus - Add patch from upstream to fix qdoc reproducibility issues (bsc#1243434): * 0001-QDoc-Sort-non-function-nodes-by-name-then-erase-duplicates.patch ==== rpm ==== - fix posttrans scriptlet argument in the update case [bsc#1243279] * updated patch: posttrans.diff - fix postuntrans scriptlets not being run if dump_posttrans is set ==== samba ==== Version update (4.22.0+git.379.98f46fb51c -> 4.22.1+git.393.a3fcbaec1e5) Subpackages: libldb2 samba-ad-dc-libs samba-client samba-client-libs samba-dcerpc samba-libs - Update and rename update-apparmor-samba-profile script to update-samba-security-profile. It additionally now caters for selinux (if selinux is used); (bsc#1241391); - Update smb.conf to enable SMB3 unix extensions - Update to 4.22.1 * Running "gpo manage motd set" twice fails with backtrace; (bso#15774). * samba-tool gpo backup creates entity backups it can't read; (bso#15829). * gp_cert_auto_enroll_ext.py has problem unpacking GUIDs with prepended 0's; (bso#15839). * Deadlock between two smbd processes; (bso#15767). * Subnet based interfaces definition not listening on all covered IP addresses; (bso#15823). * PANIC: assert failed at source3/smbd/smb2_oplock.c(156): sconn->oplocks.exclusive_open>=0; (bso#15836). * net ad join fails with "Failed to join domain: failed to create kerberos keytab"; (bso#15727). * Enable support for cephfs case insensitive behavior; (bso#15822). * Remove of file or directory not possible with vfs_acl_tdb; (bso#15791). * Wide link issue in samba 4.22; (bso#15841). * NT_STATUS_INVALID_PARAMETER: Can't create folders on share of an exfat file system; (bso#15845). * Lease code is not endian-safe; (bso#15849). * vfs_ceph_new module does not work with other modules for snapshot management; (bso#15818). * vfs_ceph_new: Add path based fallback for SMB_VFS_FCHOWN, SMB_VFS_FCHMOD and SMB_VFS_FNTIMES; (bso#15834). * Add async io API from libcephfs to ceph_new VFS module; (bso#15810). ==== selinux-policy ==== Version update (20250512 -> 20250528) Subpackages: selinux-policy-targeted - Update to version 20250528: * Move 'logging_mounton_syslog_pid_socket' to end of file * Revert "Allow init_t create syslog files (bsc#1230134)" * Allow mdadm nosuid_transition * Label plasma user service files as xdm_unit_file_t. * Revert "Allow systemd-homed to start services." * Allow virtstoraged write qemu runtime files * Allow virtqemud read/write/setattr input event devices * Allow systemd create journal pid files * Allow networkmanager send a general signal to iptables * Allow syslogd watch syslog_conf_t directories * Allow systemd-machined work with its private tmp and tmpfs files * Allow geoclue read virt lib files * Fix files_dontaudit_delete_all_files() * Label /run/polkit-1 with policykit_var_run_t * Label /dev/diag as diagnostic_device_t * Allow systemd-homed to start services. * Allow named_t to read NetworkManager's runtime files * Improve README* documentation * Add missing permissions for ftpd_anon_write to manage NFS directories * Add missing permissions for ftpd_anon_write to manage CIFS directories * Allow nut-upsmon write systemd inhibit pipes * Allow systemd-user-runtime-dir connect to systemd-userdbd over a unix socket * Remove permissive domain for systemd_vsftpd_generator_t * Change generator-specific rules to apply to systemd_generator * Define file equivalency for /var/etc * Allow tuned-ppd create ppd_base_profile with a file transition * Allow lldpd connect to systemd-homed over a unix socket * Allow sysadm_sudo_t signal rpm script * Fix the "/var/cache/systemd/home(/.*)?" regex - Syncing with upstream rawhide selinux-policy up to: * 45d07f4abe86d31efabdff15ed3c99645f5ccefd - Improve selinux-policy-devel dependencies and add post script to improve experience when debugging (bsc#1236193). ==== sessreg ==== Version update (1.1.3 -> 1.1.4) - Update to version 1.1.4 * Remove "All rights reserved" from Oracle copyright notices * meson: Add option to build with meson * Add --help and --version options * Improve man page formatting * man pages: fix warnings from `mandoc -T lint` and `groff -rCHECKSTYLE=10` - switch to meson build ==== skopeo ==== Version update (1.18.0 -> 1.19.0) - Update to version 1.19.0: * Bump to v1.19.0 * fix(deps): update module github.com/containers/common to v0.63.0 * fix(deps): update module github.com/containers/image/v5 to v5.35.0 * Disable Packit builds on ELN * [skip-ci] Packit: set fedora-all after F40 EOL * [CI:DOCS] README.md: Add openssf passing badge * proxy: Move defer() higher up * proxy: Add GetRawBlob * [CI:DOCS] README.md: Add badges * [CI:DOCS] CONTRIBUTING.md: Update communication channels * fix(deps): update module golang.org/x/term to v0.32.0 * chore(deps): update dependency golangci/golangci-lint to v2.1.6 * chore(deps): update dependency golangci/golangci-lint to v2.1.5 * chore(deps): update dependency containers/automation_images to v20250422 * chore(deps): update module golang.org/x/net to v0.38.0 [security] * Stop setting libdm_no_deferred_remove * Stop setting btrfs_noversion * Don't require BUILDTAGS to be non-empty * fix(deps): update module github.com/containers/storage to v1.58.0 * chore(deps): update dependency golangci/golangci-lint to v2.1.2 * Makefile: add linting with --tests=false * Remove hack/validate-lint.sh wrapper * integration: add unix tag to non-windows tests * integration: add _test suffix to files * chore(deps): update dependency golangci/golangci-lint to v2.1.1 * .github: check_cirrus_cron work around github bug * GHA: remove .github/labeler.yaml * .golangci.yml: simplify * Add MAINTAINERS.md and Governance, update OWNERS * fix(deps): update module golang.org/x/term to v0.31.0 * chore: fix some function names in comment * fix(deps): update module github.com/containers/common to v0.62.3 * chore(deps): update dependency golangci/golangci-lint to v2.0.2 * [skip-ci] TMT: keep PR-label independent tests * chore(deps): update dependency golangci/golangci-lint to v2 * Rely on golangci-lint exit code instead of expecting empty output * Satisfy staticcheck * chore(deps): update dependency containers/automation_images to v20250324 * Remove obsolete build tag syntax * Use the new maps.Keys and slices.Sorted * Use slices.Backward * proxy: Add GetLayerInfoPiped * Update github.com/hashicorp/go-multierror * Update github.com/dsnet/compress * Complete paths for some transports * Don't complete a space after ':' * In (skopeo inspect), validate the manifest against a digest reference * In (skopeo layers), validate the blob against the expected digest * Always close the blob we are reading from a registry * fix(deps): update module golang.org/x/term to v0.30.0 * chore(deps): update dependency golangci/golangci-lint to v1.64.8 * ROADMAP: new file * chore(deps): update module golang.org/x/net to v0.36.0 [security] * Update to Go 1.23 * fix(deps): update module github.com/containers/common to v0.62.2 * chore(deps): update dependency golangci/golangci-lint to v1.64.7 * fix(deps): update module github.com/containers/image/v5 to v5.34.2 * fix(deps): update module github.com/containers/storage to v1.57.2 * .github: remove cirrus rerun action * fix(deps): update module github.com/opencontainers/image-spec to v1.1.1 * chore(deps): update dependency golangci/golangci-lint to v1.64.6 * chore(deps): update module github.com/go-jose/go-jose/v4 to v4.0.5 [security] * chore(deps): update module github.com/go-jose/go-jose/v3 to v3.0.4 [security] * fix(deps): update module github.com/containers/common to v0.62.1 * fix(deps): update module github.com/containers/image/v5 to v5.34.1 * Update for cobra API change * fix(deps): update module github.com/spf13/cobra to v1.9.1 * chore(deps): update dependency golangci/golangci-lint to v1.64.5 * chore(deps): update dependency golangci/golangci-lint to v1.64.4 * chore(deps): update dependency golangci/golangci-lint to v1.64.3 * [skip-ci] Packit/TMT: Run system tests * PR Labels: apply release label to release- branch PRs * chore(deps): update dependency golangci/golangci-lint to v1.64.2 * Bump Skopeo to v1.19.0-dev ==== suse-module-tools ==== Version update (16.0.59 -> 16.0.60) Subpackages: suse-module-tools-scriptlets - Update to version 16.0.60: * spec file: add missing util-linux requirement (bsc#1241465) * kernel-scriptlets: enable tracing with KERNEL_PACKAGE_SCRIPT_TRACE=1 ==== systemd ==== Subpackages: libsystemd0 libudev1 systemd-boot systemd-experimental udev - Import commit 8e9840a2897e36ae3f926f8d10a2b0d7e4102c67 (bsc#1243280) 8e9840a289 bless-boot: never try to rename an entry file onto itself 5b5cde8866 bless-boot: in "status" output report bad state from prev boot as "dirty" 49949fa9fb bless-boot: switch from last_path_component() to path_find_last_component() - systemd-update-helper: Fix invalid use of "break" in case statement ==== systemd-presets-branding-MicroOS ==== - Enable import-pubring-from-rpmdb.* to import keyrings from rpmdb to allow systemd tools access to OBS to fetch images. ==== systemd-presets-common-SUSE ==== - Create devel subpackage: * Add RPM macros file * Package to be used to develop preset packages (distro, display manager etc.) - Move specfile scriptlets to the ones in macros.systemd-preset ==== tcpd ==== - remove safe_finger as it calls dropped figner [bsc#1241401] ==== vim ==== Version update (9.1.1330 -> 9.1.1406) Subpackages: vim-data-common vim-small - Update to 9.1.1406. * 9.1.1406: crash when importing invalid tuple * 9.1.1405: tests: no test for mapping with special keys in session file * 9.1.1404: wrong link to Chapter 2 in new-tutor * 9.1.1403: expansion of 'tabpanelopt' value adds wrong values * 9.1.1402: multi-byte mappings not properly stored in session file * 9.1.1401: list not materialized in prop_list() * 9.1.1400: [security]: use-after-free when evaluating tuple fails * 9.1.1399: tests: test_codestyle fails for auto-generated files * 9.1.1398: completion: trunc does not follow Pmenu highlighting attributes * 9.1.1397: tabpanel not correctly updated on :tabonly * 9.1.1396: 'errorformat' is a global option * 9.1.1395: search_stat not reset when pattern differs in case * 9.1.1394: tabpanel not correctly redrawn on tabonly * 9.1.1393: missing test for switching buffers and reusing curbuf * 9.1.1392: missing patch number * 9.1.1391: Vim does not have a vertical tabpanel * 9.1.1390: style: more wrong indentation * 9.1.1389: completion: still some issue when 'isexpand' contains a space * 9.1.1388: Scrolling one line too far with 'nosmoothscroll' page scrolling * 9.1.1387: memory leak when buflist_new() fails to reuse curbuf * 9.1.1386: MS-Windows: some minor problems building on AARCH64 * 9.1.1385: inefficient loop for 'nosmoothscroll' scrolling * 9.1.1384: still some problem with the new tutors filetype plugin * 9.1.1383: completion: 'isexpand' option does not handle space char correct * 9.1.1382: if_ruby: unused compiler warnings from ruby internals * 9.1.1381: completion: cannot return to original text * 9.1.1380: 'eventignorewin' only checked for current buffer * 9.1.1379: MS-Windows: error when running evim when space in path * 9.1.1378: sign without text overwrites number option * 9.1.1377: patch v9.1.1370 causes some GTK warning messages * 9.1.1376: quickfix dummy buffer may remain as dummy buffer * 9.1.1375: [security]: possible heap UAF with quickfix dummy buffer * 9.1.1374: completion: 'smartcase' not respected when filtering matches * 9.1.1373: 'completeopt' checking logic can be simplified * 9.1.1372: style: braces issues in various files * 9.1.1371: style: indentation and brace issues in insexpand.c * 9.1.1370: CI Tests favor GTK2 over GTK3 * 9.1.1369: configure still using autoconf 2.71 * 9.1.1368: GTK3 and GTK4 will drop numeric cursor support. * 9.1.1367: too many strlen() calls in gui.c - update to 9.1.1366: * patch 9.1.1366: v9.1.1364 unintentionally changed sign.c and sound.c * runtime(lua): update 'path' option in filetype plugin * runtime(sh): Update syntax, match KornShell compound arrays * runtime(doc): Tweak documentation style in develop.txt * runtime(helptoc): the helptoc package can be improved * runtime(spec): add more local macro names according to rpm 4.20 * runtime(sh): Update syntax, fix single-quoted strings in parameter expansions * runtime(new-tutor): Update Serbian translation of chapter 1 * patch 9.1.1365: MS-Windows: compile warnings and too many strlen() calls * patch 9.1.1364: style: more indentation issues * runtime(vim): Update base-syntax, match quote separated numbers * patch 9.1.1363: style: inconsistent indentation in various files * patch 9.1.1362: Vim9: type ignored when adding tuple to instance list var * runtime(tutor): Add Galician language versions of tutor1 and tutor2 * patch 9.1.1361: [security]: possible use-after-free when closing a buffer * runtime(abnf): include ABNF filetype plugin * patch 9.1.1360: filetype: GNU Radio companion files are not recognized * patch 9.1.1359: filetype: GNU Radio config files are not recognized * patch 9.1.1358: if_lua: compile warnings with gcc15 * runtime(vim): Update base-syntax, improve enum highlighting * runtime(doc): update example ctags program and links * patch 9.1.1357: Vim incorrectly escapes tags with "[" in a help buffer * patch 9.1.1356: Vim9: crash when unletting variable * runtime(sh): Update syntax, highlight escaped chars in test expressions * runtime(doc): document that :b cannot handle buffer names starting with "+" * runtime(doc): clarify the use of 'tagfunc', update a comment in tags.c * runtime(doc): tweak documentation style in options.txt * patch 9.1.1355: The pum_redraw() function is too complex * patch 9.1.1354: tests: Test_terminalwinscroll_topline() fails on Windows * patch 9.1.1353: missing change from v9.1.1350 * patch 9.1.1352: style: inconsistent indent in insexpand.c * patch 9.1.1351: Return value of getcmdline() inconsistent in CmdlineLeavePre * patch 9.1.1350: tests: typo in Test_CmdlineLeavePre_cabbr() * runtime(java): Consent to HTML tags folding in Javadoc comments * runtime(syntax-tests): Regenerate changed syntax test pages for vim * patch 9.1.1349: CmdlineLeavePre may trigger twice * runtime(vim): Update base-syntax, fix inline Vim9 dict comments at SOL * patch 9.1.1348: still E315 with the terminal feature * runtime(doc): Fix notation of "Vim script" and "Vim9 script" * patch 9.1.1347: small problems with gui_w32.c * runtime(doc): clarify complete_match() and 'isexpand' option * runtime(vim): Update base-syntax, match continued strings and tail comments * runtime(doc): tagfunc should refer to 'complete' option * patch 9.1.1346: missing out-of-memory check in textformat.c * patch 9.1.1345: tests: Test_xxd_color2() test failure dump diff is misleading * runtime(debversions): Add questing (25.10) as Ubuntu release name * patch 9.1.1344: double free in f_complete_match() (after v9.1.1341) * patch 9.1.1343: filetype: IPython files are not recognized * runtime(groff,nroff): improve ftplugin * patch 9.1.1342: Shebang filetype detection can be improved * patch 9.1.1341: cannot define completion triggers * runtime(gleam): update filetype plugin, include new compiler and syntax script * patch 9.1.1340: cannot complete :filetype arguments * patch 9.1.1339: missing out-of-memory checks for enc_to_utf16()/utf16_to_enc() * patch 9.1.1338: Calling expand() interferes with cmdcomplete_info() * patch 9.1.1337: Undo corrupted with 'completeopt' "preinsert" when switching buffer * runtime(yaml): fix wrong order of undo_ftplugin suboptions ... changelog too long, skipping 9 lines ... * runtime(doc): clarify return type for findfile()/finddir() ==== vte ==== Version update (0.80.1 -> 0.80.2) - Update to version 0.80.2: * emulation: Fix OSC 111 ==== vulkan-loader ==== Version update (1.4.309 -> 1.4.313) - Update to tag SDK-1.4.313.0 * loader: Lazily allocate ICD surface objects ==== vulkan-tools ==== Version update (1.4.309 -> 1.4.313) - Update to tag SDK-1.4.313.0 * vkcubepp: Support protected output * cube: Only count non-minimized frames ==== webkit2gtk3 ==== Version update (2.48.1 -> 2.48.2) Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 webkit2gtk-4_1-injected-bundles - Update to version 2.48.2 (boo#1243282 boo#1243286 boo#1243288 boo#1243289 boo#1243424): + Enable CSS Overscroll Behavior by default. + Change threaded rendering implementation to use Skia API instead of WebCore display list that is not thread safe. + Fix rendering when device scale factor change comes before the web view geometry update. + Fix network process crash on exit. + Fix the build with ENABLE_RESOURCE_USAGE=OFF. + Fix several crashes and rendering issues. + Security fixes: CVE-2025-24223, CVE-2025-31204, CVE-2025-31205, CVE-2025-31206, CVE-2025-31215, CVE-2025-31257. - Drop 8bee9eb9.patch: fixed upstream. ==== webkit2gtk4 ==== Version update (2.48.1 -> 2.48.2) Subpackages: libjavascriptcoregtk-6_0-1 libwebkitgtk-6_0-4 webkitgtk-6_0-injected-bundles - Update to version 2.48.2 (boo#1243282 boo#1243286 boo#1243288 boo#1243289 boo#1243424): + Enable CSS Overscroll Behavior by default. + Change threaded rendering implementation to use Skia API instead of WebCore display list that is not thread safe. + Fix rendering when device scale factor change comes before the web view geometry update. + Fix network process crash on exit. + Fix the build with ENABLE_RESOURCE_USAGE=OFF. + Fix several crashes and rendering issues. + Security fixes: CVE-2025-24223, CVE-2025-31204, CVE-2025-31205, CVE-2025-31206, CVE-2025-31215, CVE-2025-31257. - Drop 8bee9eb9.patch: fixed upstream. ==== wireplumber ==== Version update (0.5.8 -> 0.5.10) Subpackages: libwireplumber-0_5-0 - Update to version 0.5.10: * Fixed a critical crash in linking-utils.haveAvailableRoutes that was introduced accidentally in 0.5.9 and caused loss of audio output on affected systems (#797, #799, #800, !713) - Update to version 0.5.9: * Additions & Enhancements: - Added a new audio node grouping functionality using an external command line tool (!646) - The libcamera monitor now supports devices that are not associated with device ids (!701) - The wireplumber user systemd service is now associated with dbus.service to avoid strange warnings when dbus exits (!702) - Added "SYSLOG_IDENTIFIER", "SYSLOG_FACILITY", "SYSLOG_PID" and "TID" to log messages that are sent to the journal (!709) * Fixes: - Fixed a crash of wpctl set-default on 32-bit architectures (#773) - Fixed a crash when a configuration component had no 'provides' field (#771) - Reduced the log level of some messages that didn't need to be as high (!695) - Fixed another nil reference issue in the alsa.lua monitor script (!704) - Fixed name deduplication of v4l2 and libcamera devices (!705) - Fixed an issue with wpctl not being able to save settings sometimes (!708, #749) - Drop patches that are already included in this version: * 0001-internal-comp-loader-generate-a-provides-for-components.patch * 0002-wpctl-fix-default-device-name-leak.patch * 0003-wpctl-fix-types-in-variadic-arguments.patch * 0004-monitor-utils-Support-devices-without-any-device-ids.patch * 0005-v4l2_monitor-scripts-fix-for-deduplicate-devices-with-the.patch * 0006-monitors_libcamera-fix-deduplicating-devices-with-the-same.patch * 0007-monitors_alsa-fix-nil-table-indexing.patch ==== xdg-desktop-portal ==== Version update (1.20.0 -> 1.20.3) - Update to version 1.20.3: + Bug Fixes: - Add a fallback code path for GLib older than 2.76 - Don't require a .desktop file for Flatpak and Snap apps - Update to version 1.20.2: + Bug Fixes: - Fix a crash when loading information from Flatpak apps. - Fix fd handling to prevent EBADF errors. - Update to version 1.20.1: + Enhancements: - Code cleanups and improvements to app info tracking - Include PID/TID in realtime portal error messages - Search for portal backends in $XDG_DATA_DIRS - Prioritize user portal configs over system ones + Bug Fixes: - Fix race condition in the host registry portal - Avoid spurious warnings when dbus.service stops - Documentation fixes - Fix running tests from /tmp - Fix installing dynamic launcher - Improve error reporting in the document portal - Fix incorrect state tracking in input capture portal ==== xorg-x11-fonts ==== - Disable build of the converted flavor in Tumbleweed and SLE16. It's time to leave those converted fonts behind. ==== yelp ==== Subpackages: libyelp0 - Add 7ecd58d.patch: Initial fix for CVE-2025-3155 from parrot409. (CVE-2025-3155 bsc#1240688) ==== yelp-xsl ==== - Add 6902d74.patch: Initial fix for CVE-2025-3155 from parrot409. (CVE-2025-3155 bsc#1240688) ==== zypp-boot-plugin ==== Version update (0.0.12 -> 0.0.13) - Changed license from AGPL-3.0-or-later to GPL-2.0-or-later. - Update to version 0.0.13: * - fixed build with boost 1.88 (bsc#1242801) ==== zypper ==== Version update (1.14.89 -> 1.14.90) Subpackages: zypper-needs-restarting - BuildRequires: libzypp-devel >= 17.37.0. - Use libzypp improvements for preload and mirror handling. - xmlout.rnc: Update repo-element (bsc#1241463) Add the "metalink" attribute and reflect that the "url" elements list may in fact be empty, if no baseurls are defined in the .repo files. - man: update --allow-unsigned-rpm description. Explain how to achieve the same for packages provided by repositories. - version 1.14.90