Packages changed:
MozillaFirefox (128.0.3 -> 129.0)
NetworkManager (1.48.6 -> 1.48.8)
binutils (2.42 -> 2.43)
curl (8.9.0 -> 8.9.1)
ethtool (6.9 -> 6.10)
gegl
gnome-bluetooth (46.0 -> 46.1)
gnome-control-center (46.3 -> 46.4)
gnome-remote-desktop (46.3 -> 46.4)
gnome-software (46.3 -> 46.4)
gnome-user-docs (46.1 -> 46.4)
gom (0.5.2 -> 0.5.3)
gpg2
intel-vaapi-driver
kexec-tools (2.0.28 -> 2.0.29)
lib2geom
libadwaita (1.5.2 -> 1.5.3)
libei (1.2.1 -> 1.3.0)
libqt5-qtwebengine
libshumate (1.2.2 -> 1.2.3)
liburing
makedumpfile
mutter
openSUSE-release (20240812 -> 20240813)
ovmf
qt6-webengine
rdma-core (52.0 -> 53.0)
shadow
totem-pl-parser (3.26.6 -> 3.26.6+30)
xdm
=== Details ===
==== MozillaFirefox ====
Version update (128.0.3 -> 129.0)
Subpackages: MozillaFirefox-translations-common
- Mozilla Firefox 129.0
https://www.mozilla.org/en-US/firefox/129.0/releasenotes
MFSA 2024-33 (bsc#1228648))
* CVE-2024-7518 (bmo#1875354)
Fullscreen notification dialog can be obscured by document content
* CVE-2024-7519 (bmo#1902307)
Out of bounds memory access in graphics shared memory handling
* CVE-2024-7520 (bmo#1903041)
Type confusion in WebAssembly
* CVE-2024-7521 (bmo#1904644)
Incomplete WebAssembly exception handing
* CVE-2024-7522 (bmo#1906727)
Out of bounds read in editor component
* CVE-2024-7523 (bmo#1908344)
Document content could partially obscure security prompts
* CVE-2024-7524 (bmo#1909241)
CSP strict-dynamic bypass using web-compatibility shims
* CVE-2024-7525 (bmo#1909298)
Missing permission check when creating a StreamFilter
* CVE-2024-7526 (bmo#1910306)
Uninitialized memory used by WebGL
* CVE-2024-7527 (bmo#1871303)
Use-after-free in JavaScript garbage collection
* CVE-2024-7528 (bmo#1895951)
Use-after-free in IndexedDB
* CVE-2024-7529 (bmo#1903187)
Document content could partially obscure security prompts
* CVE-2024-7530 (bmo#1904011)
Use-after-free in JavaScript code coverage collection
* CVE-2024-7531 (bmo#1905691)
PK11_Encrypt using CKM_CHACHA20 can reveal plaintext on Intel
Sandy Bridge machines
- removed obsolete patches
mozilla-bmo1905018.patch
mozilla-bmo1504834-part3.patch
mozilla-bmo1512162.patch
mozilla-bmo1822730.patch
mozilla-fix-aarch64-libopus.patch
mozilla-partial-revert-1768632.patch
- requires NSS 3.102.1
- extended mozilla-silence-no-return-type.patch
==== NetworkManager ====
Version update (1.48.6 -> 1.48.8)
Subpackages: NetworkManager-bluetooth NetworkManager-lang NetworkManager-tui NetworkManager-wwan libnm0 typelib-1_0-NM-1_0
- Update to version 1.48.8:
+ ovs: fix triggering stage3 activation without DHCP client
initialized
+ config: parse autoconnect-ports value on config
+ ndisc: preserve router preferences
==== binutils ====
Version update (2.42 -> 2.43)
Subpackages: libctf-nobfd0 libctf0
- Update to version 2.43:
* new .base64 pseudo-op, allowing base64 encoded data as strings
* Intel APX: add support for CFCMOV, CCMP, CTEST, zero-upper, NF
(APX_F now fully supported)
* x86 Intel syntax now warns about more mnemonic suffixes
* macros and .irp/.irpc/.rept bodies can use \+ to get at number
of times the macro/body was executed
* aarch64: support 'armv9.5-a' for -march, add support for LUT
and LUT2
* s390: base register operand in D(X,B) and D(L,B) can now be
omitted (ala 'D(X,)'); warn when register type doesn't match
operand type (use option
'warn-regtype-mismatch=[strict|relaxed|no]' to adjust)
* riscv: support various extensions: Zacas, Zcmp, Zfbfmin,
Zvfbfmin, Zvfbfwma, Smcsrind/Sscsrind, XCvMem, XCvBi, XCvElw,
XSfCease, all at version 1.0;
remove support for assembly of privileged spec 1.9.1 (linking
support remains)
* arm: remove support for some old co-processors: Maverick and FPA
* mips: '--trap' now causes either trap or breakpoint instructions
to be emitted as per current ISA, instead of always using trap
insn and failing when current ISA was incompatible with that
* LoongArch: accept .option pseudo-op for fine-grained control
of assembly code options; add support for DT_RELR
* readelf: now displays RELR relocations in full detail;
add -j/--display-section to show just those section(s) content
according to their type
* objdump/readelf now dump also .eh_frame_hdr (when present) when
dumping .eh_frame
* gprofng: add event types for AMD Zen3/Zen4 and Intel Ice Lake
processors; add minimal support for riscv
* linker:
- put .got and .got.plt into relro segment
- add -z isa-level-report=[none|all|needed|used] to the x86 ELF
linker to report needed and used x86-64 ISA levels
- add --rosegment option which changes the -z separate-code
option so that only one read-only segment is created (instead
of two)
- add --section-ordering-file <FILE> option to add extra
mapping of input sections to output sections
- add -plugin-save-temps to store plugin intermediate files
permanently
- Removed binutils-2.42.tar.bz2, binutils-2.42-branch.diff.gz.
- Added binutils-2.43.tar.bz2, binutils-2.43-branch.diff.gz.
- Removed upstream patch riscv-no-relax.patch.
- Rebased ld-relro.diff and binutils-revert-rela.diff.
==== curl ====
Version update (8.9.0 -> 8.9.1)
Subpackages: curl-zsh-completion libcurl4
- Fix regression introduced in version 8.9.1:
* sigpipe: init the struct so that first apply ignores
* Add curl-sigpipe.patch
- Update to 8.9.1:
* Security fixes:
- curl: ASN.1 date parser overread [bsc#1228535, CVE-2024-7264]
* Bugfixes:
- cmake: detect 'libssh' via 'pkg-config'
- cmake: detect 'nettle' when building with GnuTLS
- connect: fix connection shutdown for event based processing
- curl: more defensive socket code for --ip-tos
- CURLOPT_SSL_CTX_FUNCTION.md: mention CA caching
- CURLSHOPT_SHARE.md: mention sessions/cookies as not thread-safe
- ftpserver.pl: make POP3 LIST serve content from the test file
- lib: survive some NULL input args
- os400: build cli manual.
- os400: workaround an IBM ASCII run-time library bug
- transfer: speed limiting fix for 32bit systems
- vtls: avoid forward declaration in MultiSSL builds
- x509asn1: unittests and fixes for gtime2str
==== ethtool ====
Version update (6.9 -> 6.10)
Subpackages: ethtool-bash-completion
- update to upstream release 6.10
* Feature: suport for PoE in PSE (--show-pse and --set-pse)
* Feature: add statistics support to tsinfo (-T)
* Feature: add JSON output to base command (no option)
* Feature: add JSON output to EEE info (--show-eee)
* Fix: qsfp: better handling on page 03h read failure (-m)
* Fix: handle zero arguments for module eeprom dump (-m)
* Fix: check for missing arguments in do_srxfh() (-X)
* Misc: more descriptive error when JSON output is not available
==== gegl ====
Subpackages: gegl-0_4 gegl-0_4-lang libgegl-0_4-0
- Add backported 66de8124.patch: Fix build against ffmpeg-7.
==== gnome-bluetooth ====
Version update (46.0 -> 46.1)
Subpackages: gnome-bluetooth-lang libgnome-bluetooth-3_0-13 libgnome-bluetooth-ui-3_0-13 typelib-1_0-GnomeBluetooth-3_0
- Update to version 46.1:
+ This version contains translation updates and a bug fix for
some device icons not appearing correctly.
==== gnome-control-center ====
Version update (46.3 -> 46.4)
Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-lang gnome-control-center-user-faces gnome-control-center-users
- Update to version 46.4:
+ Accessibility: Fix enum value for follow centered
+ Apps: Fix memory leak for MMManager object in default apps page
+ Network: Don't set empty ignored hosts
+ Privacy: Fix visibility issue of Bolt settings when Bolt isn't
available
+ Users:
- Avoid accidental mnemonics for user name rows
- Show correctly the remaining list of fingerprints to enroll
+ WWAN: Fix crash on Unlock SIM dialog
==== gnome-remote-desktop ====
Version update (46.3 -> 46.4)
Subpackages: gnome-remote-desktop-lang
- Update to version 46.4:
+ Gracefully handle invalid x224Crq data
+ Fix file descriptor leak
+ Updated translations.
==== gnome-software ====
Version update (46.3 -> 46.4)
Subpackages: gnome-software-lang gnome-software-plugin-packagekit
- Update to version 46.4:
+ Correct broken formatting when using <code> in AppStream
metadata
+ Updated translations.
==== gnome-user-docs ====
Version update (46.1 -> 46.4)
- Update to version 46.4:
+ Updates to GNOME Help.
+ Updated translations.
==== gom ====
Version update (0.5.2 -> 0.5.3)
- Update to version 0.5.3:
+ Automatically ignore read-only properties
+ Add support for GParamSpec which are GBytes
==== gpg2 ====
Subpackages: dirmngr gpg2-lang
- Remove explicit runtime library dependency, pick ease of
maintenance in Tumbleweed over mixed project use runtime bugs.
==== intel-vaapi-driver ====
- add 566.patch: fixed VAAPI Wayland on libva v2.22.0
==== kexec-tools ====
Version update (2.0.28 -> 2.0.29)
- update to 2.0.29:
* update man and --help
* powerpc/kexec_load: add hotplug support
* kexec_load: Use new kexec flag for hotplug support
* x86-linux-setup.c: Use POSIX basename API
* LoongArch: fix load command line segment error
* LoongArch: add multi crash kernel segment support
* LoongArch: fix kernel image size error
* Arm: Fix add_buffer_phys_virt() align issue
* Fix incorrect Free Software Foundation address in the license
* util_lib/elf_info.c: fix a warning
* kexec_file: add kexec_file flag to support debug printing
* workflow: update to use checkout@v4
- drop kexec-dont-use-kexec_file_load-on-xen.patch, upstream
- drop fix-building-on-x86_64-with-binutils-2.41.patch, upstream
- kexec-tools-riscv-hotplug.patch: Fix build for riscv64.
==== lib2geom ====
- Add skip_failing_tests_gcc14.diff to fix more instable
intersection tests. This allows the 32bit version of the package
to be built with GCC14.
==== libadwaita ====
Version update (1.5.2 -> 1.5.3)
Subpackages: libadwaita-1-0 libadwaita-lang typelib-1_0-Adw-1
- Update to version 1.5.3:
+ AdwAlertDialog: Expose body text as a11y description
+ AdwDialog:
- Fix a memory leak
- Speed up switching presentation
+ AdwPreferencesPage: Add an a11y relation to the description
+ AdwSpinRow: Set accessible role to presentation
+ AdwSwitchRow: Set accessible role to switch
+ AdwTabBar/Overview: Fix a use after free when closing tabs
+ Stylesheet: Fix a specificity issue with scrolled windows in
popovers
+ Docs:
- Don't annotate user_data params with closure
- Fix typos in migrating to breakpoints page
+ Updated translations.
==== libei ====
Version update (1.2.1 -> 1.3.0)
- Update to release 1.3.0
* Devices without regions or with multiple regions previously
failed region checks for touch events and absolute pointer
events (now fixed).
* liboeffis's ConnectToEIS dbus call is now async to avoid stalling
the client.
* many clarifications for ambiguity in the protocol documentation.
==== libqt5-qtwebengine ====
- Add ffmpeg 7 compatibility patch (Picked from Arch):
* qt5-webengine-ffmpeg7.patch
==== libshumate ====
Version update (1.2.2 -> 1.2.3)
Subpackages: libshumate-1_0-1 libshumate-lang typelib-1_0-Shumate-1_0
- Update to version 1.2.3:
+ Fix build with -Dvector_renderer=false
==== liburing ====
- Skip test buf-ring-nommap.t if ENOMEM appears (happens in ppc64le arch).
* test-buf-ring-nommap-skip-the-test-on-queue-init-ENO.patch
==== makedumpfile ====
- add (bsc#1226183)
* make-reserve_diskspace-do-nothing-for-flattened-form.patch
==== mutter ====
Subpackages: mutter-lang
- Fix build if sle_version is defined: Patch3 no longer exists, and
add back Patch4 for SLE builds that was mistakenly removed in
last change.
==== openSUSE-release ====
Version update (20240812 -> 20240813)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== ovmf ====
Subpackages: qemu-ovmf-x86_64
- Add ovmf-x86_64-sev flavor to X64 against AMD SEV.
- Moved "-D SECURE_BOOT_ENABLE" from OVMF_FLAGS to EXTRA_FLAGS_X64,
, BUILD_OPTIONS_X86, BUILD_OPTIONS_AA64 and BUILD_OPTIONS_RV64
because SEV can NOT work with secure boot.
- Removed ovmf-Revert-OvmfPkg-PlatformPei-Update-ReserveEmuVariable.patch
because the SEV ovmf be separated from X64 ovmf as an independent flavor.
- The original patch reverts "58eb8517ad OvmfPkg/PlatformPei: Update
ReserveEmuVariableNvStore" which affects all ovmf flavor.
- The secure boot be disabled in SEV flavor, so we do not need revert
58eb8517ad anymore. (bsc#1209266)
- Add 50-ovmf-x86_64-sev.json to descriptors.tar.xz for SEV flavor
- Removed features tag:
"acpi-s3", "requires-smm", "secure-boot", "enrolled-keys"
- Add features tag:
"amd-sev", "amd-sev-es", "amd-sev-snp"
==== qt6-webengine ====
Subpackages: libQt6WebEngineCore6 libQt6WebEngineQuick6 libQt6WebEngineWidgets6 qt6-webengine-imports
- Add patch to build qtwebengine with ffmpeg 7 (picked from Arch)
* qtwebengine-ffmpeg-7.patch
==== rdma-core ====
Version update (52.0 -> 53.0)
Subpackages: libefa1 libhns1 libibverbs libibverbs1 libmana1 libmlx4-1 libmlx5-1 librdmacm1 rdma-ndd
- Update to rdma-core v53.0
- No release notes available
- Remove Added-suffix-libdrm-to-CMakeLists.txt-for-drm.patch
as it was merged upstream.
==== shadow ====
Subpackages: libsubid5 login_defs
- Disable flushing sssd caches. The sssd's files provider is no
longer available.
==== totem-pl-parser ====
Version update (3.26.6 -> 3.26.6+30)
Subpackages: libtotem-plparser-mini18 libtotem-plparser18 totem-pl-parser-lang typelib-1_0-TotemPlParser-1_0
- Update to version 3.26.6+30:
+ plparser:
- Fix guard return type.
- Fix TotemPlParserMetadata in bindings.
- Fix return value from cancelled calls.
- Fix retval when guard are triggered.
+ Various test fixes.
+ Updated translations.
- Add pkgconfig(uchardet) BuildRequires and pass
enable-uchardet=yes to meson, build ucharded support.
- Use ldconfig_scriptlets macro for post(un) handling.
==== xdm ====
- sysconfig/windowmanager is deprecated since 7 years, don't
read it if it does not exist.