Packages changed: AppStream AppStream-qt6 MicroOS-release (20240818 -> 20240820) SVT-AV1 (2.1.2 -> 2.2.0) bash (5.2.26 -> 5.2.32) ffado (2.4.7 -> 2.4.9) flatpak (1.15.8 -> 1.15.10) gstreamer-plugins-bad libdeflate (1.20 -> 1.21) libinput (1.26.0 -> 1.26.2) libpng16 librsvg (2.58.2 -> 2.58.3) libwacom (2.11.0 -> 2.12.2) libxmlb (0.3.18 -> 0.3.19) ncurses (6.5.20240810 -> 6.5.20240817) python-SQLAlchemy (2.0.31 -> 2.0.32) readline (8.2.10 -> 8.2.13) selinux-policy (20240814 -> 20240816) systemd (256.4 -> 256.5) tiff === Details === ==== AppStream ==== - BuildRequire gettext-devel instead of gettext: allow OBS to shortcut through gettext-runtime-mini. ==== AppStream-qt6 ==== - BuildRequire gettext-devel instead of gettext: allow OBS to shortcut through gettext-runtime-mini. ==== MicroOS-release ==== Version update (20240818 -> 20240820) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== SVT-AV1 ==== Version update (2.1.2 -> 2.2.0) - Update to release 2.2.0 * Improve the tradeoffs for the random access mode across presets: * Speedup of ~15% across presets M0 - M8 while maintaining similar quality levels * Improve the tradeoffs for the low-delay mode across presets * Increased temporal resolution setting to 6L for 4k resolutions by default * Added ARM optimizations for functions with c_only equivalent yielding an average speedup of ~13% for 4k10bit ==== bash ==== Version update (5.2.26 -> 5.2.32) Subpackages: bash-sh - Add upstream patches * bash52-027 The configure test for the presence of strtoimax(3) is inverted. * bash52-028 A DEBUG trap in an asynchronous process can steal the controlling terminal away from the calling shell, causing it to exit. * bash52-030 `wait -n' can fail to return some jobs if they exit due to signals the shell does not report to the user. * bash52-031 There is a memory leak in the code that implements the optimized $( 2.4.9) - Update to version 2.4.9 * Support compilation against musl libc. * Remove build-time checks for utilities that are not used (pyuic). * Install the ffado-mixer appdata file only if ffado-mixer has been built. * Add a DATADIR option to scons and use it in line with GNU conventions. * Update the AppStream document with more complete information and in line with current best practice. * Rename XDG files to match modern standards. * Install XDG files manually to simplify the build script and avoid depending on xdg-utils. - Changes from version 2.4.8 * Make various mixer modules work under Python 3.10 and later: Presonus Firebox, Presonus FP10, Presonus Inspire1394 and Yamaha Go. * Deal with the removal of SafeConfigParser in Python 3.12. ==== flatpak ==== Version update (1.15.8 -> 1.15.10) Subpackages: flatpak-selinux libflatpak0 system-user-flatpak - Update to version 1.15.10: + Dependencies: In distributions that compile Flatpak to use a separate bubblewrap (bwrap) executable, version 0.10.0 is required. This version adds a new feature which is required by the security fix in this release. + Security fixes: Don't follow symbolic links when mounting persistent directories (--persist option). This prevents a sandbox escape where a malicious or compromised app could edit the symlink to point to a directory that the app should not have been allowed to read or write. (CVE-2024-42472, GHSA-7hgv-f2j8-xw87) + Documentation: Mark the 1.12.x and 1.10.x branches as end-of-life + Other bug fixes: Fix several memory leaks + Internal changes: - Record a log file when running build-time tests with AddressSanitizer - Add initial suppressions file for AddressSanitizer ==== gstreamer-plugins-bad ==== Subpackages: libgstadaptivedemux-1_0-0 libgstanalytics-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstinsertbin-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstmse-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0 - Add 85b4fbf40b1d53a4141941abf70d2d4d83eb140e.patch: msdk: replace strcmp with g_strcmp0. Because strcmp doesn't handle NULL. ==== libdeflate ==== Version update (1.20 -> 1.21) - update to 1.21: * Fixed build error on x86 with gcc 8.1 and gcc 8.2. * Fixed build error on x86 when gcc 11 is paired with a binutils version that doesn't support AVX-VNNI e.g. as it is on RHEL 9. * Fixed build error on arm64 with gcc 6. * Fixed build error on arm64 with gcc 13.1 and later with some - mcpu options. * Enabled detection of dotprod support in Windows ARM64 builds. ==== libinput ==== Version update (1.26.0 -> 1.26.2) - Update to release 1.26.2 * Added quirks for the LG Gram 14 and the Minisvorum V3 ==== libpng16 ==== - Fix missing backslash ==== librsvg ==== Version update (2.58.2 -> 2.58.3) Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0 - Update to version 2.58.3: + A couple of fixes from fuzz testing: - Fix assertion failures with large Hue value in hsl() or hwb() colors. - Limit the baseFrequency for feTurbulence to avoid integer overflow. - Remove an obsolete test. ==== libwacom ==== Version update (2.11.0 -> 2.12.2) Subpackages: libwacom-data libwacom9 - update to 2.12.2 * Device Fixes: - HUION Kamvas 16 2019 - Prefix the kamvas pro 13 with Huion like all other Huion tablets - Fix the Huion Kamvas 12 file * Device Other: - Don't create a default match for fallback devices * Other Fixes: - Fix a memory leak - Set the device name in new_from_path() to override the fallback name * Tests: test: run ruff format over test_svg.py test: add support for testing new_from_path() through uinput - update to 2.12.1 * Device Fixes: - Drop the firmware match from the Huion Inspiroy 2 S * Features: - Fix off-by-one check for stripping the quote from NAME/UNIQ - Use g_clear_pointer() during libwacom_*_unref() - update to 2.12.0 * New Devices: - Huion Kamvas Pro 24 (GT-240, QHD) - Huion WH1409 - Wacom Movink - Wacom HID 49A0 (Dell latitude 5320 2-in-1) - Wacom HID 5334 Pen - XP-PEN Deco Mini 4 * Device Fixes: - Fix tablet file for the Huion Inspiroy 2S - Improve Huion Inspiroy 2 m support - Update the Inspiroy 2L - Add a dial to the Huion Inspiroy 2 L and M - Fix the Inspiroy 2S layout - Set the right PID for the Inpspiroy 2 L and M - Rename second ButtonB id in the DTI-520 svg layout - Fix Huion RTM-500 Support - Added more device names for Kamvas 13 variants - Fix buttons for Huion and Gaomon tablets - Mark huion/gaomon tablets with Dials as such - XP pen tablets have no Rings - Drop accidental comma from the Gaomon/Huion layout files * Device Other: - Auto generated HUION tablet description files - Auto generated GAOMON tablet description files - Remove layout files without buttons/strips/dials - Remove a superfluous rect from the huion mini keydial kd100 - Use NumRings instead of separate Ring/Ring2 - Switch DeviceMatch to use a pipe as separator - Add a firmware string entry to the matches - Skip over empty Layout= assignments * Features: - Rework match_from_string - Rework the match approach to prefer uniq over name - Allow to match by uniq without name - Add Gaomon S620 firmware match - Add support for relative dials - Add libwacom_new_from_builder to construct a new device * Other Fixes: - Fetch the name and uniq from udev properties, not sysfs - Keyboard devices are not ID_INPUT_TABLET_PAD - Don't mark a Mouse device as tablet or pad - Set the bustype in libwacom_new_for_path - Document touch strips * Tests: - Remove the requirement for a Layout file - Replace the SVG validity test with a pytest-based one - Add a test for unnecessary SVGs - Add some tracing to the svg validity test - Svgs for dials need to have CW and CCW labels, not Up/Down - Set proper test names for the hwdb tests - Skip errors in SVGs for autogenerated devices - Check the svg for Dial2 if we have two dials - Skip hwdb tests if the systemd commands fail - Install our hwdb file during the test - Add ids to the parametrized tablet file tests - Add a pytest wrapper for libwacom - Skip/fail with an error if the systemd commands failed - Replace the uinput-based hwdb test with a direct query - Don't reload the udev rules - Move the asan check into meson.build * Build: - Make pytest more verbose - Bump to meson 0.56.0 - More logging of the pytests - Split the pytest invocations into separate ones ==== libxmlb ==== Version update (0.3.18 -> 0.3.19) - update to 0.3.19: * Add xb_version_string() to get the runtime ABI version * - Add the runtime version as the default XMLb invalidation GUID ==== ncurses ==== Version update (6.5.20240810 -> 6.5.20240817) Subpackages: libncurses6 ncurses-utils terminfo-base - Add ncurses patch 20240817 + review/update foot for 1.18.1 -TD + add a note about DomTerm 3.2.0 -TD + add new glob-expressions variables to list in config.status script (patch by Werner Fink). + add --enable-install-prefix to modify behavior of $DESTDIR to merge or replace the value set by --prefix (adapted from suggestion by Eli Zaretskii). - Remove patch fix-20240810.patch as now upstream - Correct offsets of patches * ncurses-5.9-ibm327x.dif * ncurses-6.4.dif ==== python-SQLAlchemy ==== Version update (2.0.31 -> 2.0.32) - update to 2.0.32: * https://docs.sqlalchemy.org/en/20/changelog/changelog_20.html#change-2.0.32 ==== readline ==== Version update (8.2.10 -> 8.2.13) - Add upstream patches * readline82-011 Some systems (e.g., macOS) send signals early on in interactive initialization, so readline should retry a failed open of the init file. * readline82-012 If a user happens to bind do-lowercase-version to something that isn't a capital letter, so _rl_to_lower doesn't change anything and the result is still bound to do-lowercase-version, readline can recurse infinitely. * readline82-013 When readline is accumulating bytes until it reads a complete multibyte character, reading a byte that makes the multibyte character invalid can result in discarding the bytes in the partial character. - Port patch readline-8.2.dif ==== selinux-policy ==== Version update (20240814 -> 20240816) Subpackages: selinux-policy-targeted - Update to version 20240816: * Initial policy for syslog-ng (bsc#1229153) ==== systemd ==== Version update (256.4 -> 256.5) Subpackages: libsystemd0 libudev1 systemd-boot systemd-experimental udev - Import commit bef0958f4db1b774c23505e93537ffe16f1b3894 (merge of v256.5) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/5bba1ebe17564b606cc5d1c07b14123c305019a7...bef0958f4db1b774c23505e93537ffe16f1b3894 - Make the 32bit version of libudev.so available again (bsc#1228223) The symlink for building 32bit applications was mistakenly dropped when the content of libudev-devel was merged into systemd-devel. Provide the 32bit flavor of systemd-devel again, which should restore the plug and play support in Wine for 32bit windows applications. ==== tiff ==== - security update: * CVE-2024-7006 [bsc#1228924] Fix pointer deref in tif_dirinfo.c + tiff-CVE-2024-7006.patch