Packages changed: NetworkManager-applet apache2 (2.4.57 -> 2.4.58) apache2-manual (2.4.57 -> 2.4.58) apache2-prefork (2.4.57 -> 2.4.58) apache2-utils (2.4.57 -> 2.4.58) ceph (16.2.13.66+g54799ee0666 -> 16.2.14.66+g7aa6ce9419f) chromaprint dracut (059+suse.501.gc44a365d -> 059+suse.503.g41e99e72) freerdp (2.11.0 -> 2.11.2) kernel-source (6.5.6 -> 6.5.8) libdrm (2.4.116 -> 2.4.117) libstorage-ng (4.5.143 -> 4.5.149) pipewire (0.3.82 -> 0.3.83) xcb-util-cursor (0.1.4 -> 0.1.5) xfce4-terminal (1.1.0 -> 1.1.1) yast2-storage-ng (5.0.1 -> 5.0.3) === Details === ==== NetworkManager-applet ==== Subpackages: NetworkManager-connection-editor NetworkManager-connection-editor-lang - Support build environments like SLE 15 SP5 and Leap 15.5 which had %{_distconfdir) not defined yet. ==== apache2 ==== Version update (2.4.57 -> 2.4.58) - Update to 2.4.58: * ) SECURITY: CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST (cve.mitre.org) When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that. This was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During "normal" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out. Users are recommended to upgrade to version 2.4.58, which fixes the issue. Credits: Will Dormann of Vul Labs * ) SECURITY: CVE-2023-43622: Apache HTTP Server: DoS in HTTP/2 with initial windows size 0 (cve.mitre.org) An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.57. Users are recommended to upgrade to version 2.4.58, which fixes the issue. Credits: Prof. Sven Dietrich (City University of New York) * ) SECURITY: CVE-2023-31122: mod_macro buffer over-read (cve.mitre.org) Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. Credits: David Shoon (github/davidshoon) * ) mod_ssl: Silence info log message "SSL Library Error: error:0A000126: SSL routines::unexpected eof while reading" when using OpenSSL 3 by setting SSL_OP_IGNORE_UNEXPECTED_EOF if available. [Rainer Jung] * ) mod_http2: improved early cleanup of streams. [Stefan Eissing] * ) mod_proxy_http2: improved error handling on connection errors while response is already underway. [Stefan Eissing] * ) mod_http2: fixed a bug that could lead to a crash in main connection output handling. This occured only when the last request on a HTTP/2 connection had been processed and the session decided to shut down. This could lead to an attempt to send a final GOAWAY while the previous write was still in progress. See PR 66646. [Stefan Eissing] * ) mod_proxy_http2: fix `X-Forward-Host` header to carry the correct value. Fixes PR66752. [Stefan Eissing] * ) mod_http2: added support for bootstrapping WebSockets via HTTP/2, as described in RFC 8441. A new directive 'H2WebSockets on|off' has been added. The feature is by default not enabled. As also discussed in the manual, this feature should work for setups using "ProxyPass backend-url upgrade=websocket" without further changes. Special server modules for WebSockets will have to be adapted, most likely, as the handling if IO events is different with HTTP/2. HTTP/2 WebSockets are supported on platforms with native pipes. This excludes Windows. [Stefan Eissing] * ) mod_rewrite: Fix a regression with both a trailing ? and [QSA]. in OCSP stapling. PR 66672. [Frank Meier , covener] * ) mod_http2: fixed a bug in flushing pending data on an already closed connection that could lead to a busy loop, preventing the HTTP/2 session to close down successfully. Fixed PR 66624. [Stefan Eissing] * ) mod_http2: v2.0.15 with the following fixes and improvements - New directive 'H2EarlyHint name value' to add headers to a response, picked up already when a "103 Early Hints" response is sent. 'name' and 'value' must comply to the HTTP field restrictions. This directive can be repeated several times and header fields of the same names add. Sending a 'Link' header with 'preload' relation will also cause a HTTP/2 PUSH if enabled and supported by the client. - Fixed an issue where requests were not logged and accounted in a timely fashion when the connection returns to "keepalive" handling, e.g. when the request served was the last outstanding one. This led to late appearance in access logs with wrong duration times reported. - Accurately report the bytes sent for a request in the '%O' Log format. This addresses #203, a long outstanding issue where mod_h2 has reported numbers over-eagerly from internal buffering and not what has actually been placed on the connection. The numbers are now the same with and without H2CopyFiles enabled. [Stefan Eissing] * ) mod_proxy_http2: fix retry handling to not leak temporary errors. On detecting that that an existing connection was shutdown by the other side, a 503 response leaked even though the request was retried on a fresh connection. [Stefan Eissing] * ) mod_rewrite: Add server directory to include path as mod_rewrite requires test_char.h. PR 66571 [Valeria Petrov ] * ) mod_http2: new directive `H2ProxyRequests on|off` to enable handling of HTTP/2 requests in a forward proxy configuration. ... changelog too long, skipping 85 lines ... for async MPMs. PR 63300. [Rainer Jung] ==== apache2-manual ==== Version update (2.4.57 -> 2.4.58) - Update to 2.4.58: * ) SECURITY: CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST (cve.mitre.org) When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that. This was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During "normal" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out. Users are recommended to upgrade to version 2.4.58, which fixes the issue. Credits: Will Dormann of Vul Labs * ) SECURITY: CVE-2023-43622: Apache HTTP Server: DoS in HTTP/2 with initial windows size 0 (cve.mitre.org) An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.57. Users are recommended to upgrade to version 2.4.58, which fixes the issue. Credits: Prof. Sven Dietrich (City University of New York) * ) SECURITY: CVE-2023-31122: mod_macro buffer over-read (cve.mitre.org) Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. Credits: David Shoon (github/davidshoon) * ) mod_ssl: Silence info log message "SSL Library Error: error:0A000126: SSL routines::unexpected eof while reading" when using OpenSSL 3 by setting SSL_OP_IGNORE_UNEXPECTED_EOF if available. [Rainer Jung] * ) mod_http2: improved early cleanup of streams. [Stefan Eissing] * ) mod_proxy_http2: improved error handling on connection errors while response is already underway. [Stefan Eissing] * ) mod_http2: fixed a bug that could lead to a crash in main connection output handling. This occured only when the last request on a HTTP/2 connection had been processed and the session decided to shut down. This could lead to an attempt to send a final GOAWAY while the previous write was still in progress. See PR 66646. [Stefan Eissing] * ) mod_proxy_http2: fix `X-Forward-Host` header to carry the correct value. Fixes PR66752. [Stefan Eissing] * ) mod_http2: added support for bootstrapping WebSockets via HTTP/2, as described in RFC 8441. A new directive 'H2WebSockets on|off' has been added. The feature is by default not enabled. As also discussed in the manual, this feature should work for setups using "ProxyPass backend-url upgrade=websocket" without further changes. Special server modules for WebSockets will have to be adapted, most likely, as the handling if IO events is different with HTTP/2. HTTP/2 WebSockets are supported on platforms with native pipes. This excludes Windows. [Stefan Eissing] * ) mod_rewrite: Fix a regression with both a trailing ? and [QSA]. in OCSP stapling. PR 66672. [Frank Meier , covener] * ) mod_http2: fixed a bug in flushing pending data on an already closed connection that could lead to a busy loop, preventing the HTTP/2 session to close down successfully. Fixed PR 66624. [Stefan Eissing] * ) mod_http2: v2.0.15 with the following fixes and improvements - New directive 'H2EarlyHint name value' to add headers to a response, picked up already when a "103 Early Hints" response is sent. 'name' and 'value' must comply to the HTTP field restrictions. This directive can be repeated several times and header fields of the same names add. Sending a 'Link' header with 'preload' relation will also cause a HTTP/2 PUSH if enabled and supported by the client. - Fixed an issue where requests were not logged and accounted in a timely fashion when the connection returns to "keepalive" handling, e.g. when the request served was the last outstanding one. This led to late appearance in access logs with wrong duration times reported. - Accurately report the bytes sent for a request in the '%O' Log format. This addresses #203, a long outstanding issue where mod_h2 has reported numbers over-eagerly from internal buffering and not what has actually been placed on the connection. The numbers are now the same with and without H2CopyFiles enabled. [Stefan Eissing] * ) mod_proxy_http2: fix retry handling to not leak temporary errors. On detecting that that an existing connection was shutdown by the other side, a 503 response leaked even though the request was retried on a fresh connection. [Stefan Eissing] * ) mod_rewrite: Add server directory to include path as mod_rewrite requires test_char.h. PR 66571 [Valeria Petrov ] * ) mod_http2: new directive `H2ProxyRequests on|off` to enable handling of HTTP/2 requests in a forward proxy configuration. ... changelog too long, skipping 85 lines ... for async MPMs. PR 63300. [Rainer Jung] ==== apache2-prefork ==== Version update (2.4.57 -> 2.4.58) - Update to 2.4.58: * ) SECURITY: CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST (cve.mitre.org) When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that. This was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During "normal" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out. Users are recommended to upgrade to version 2.4.58, which fixes the issue. Credits: Will Dormann of Vul Labs * ) SECURITY: CVE-2023-43622: Apache HTTP Server: DoS in HTTP/2 with initial windows size 0 (cve.mitre.org) An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.57. Users are recommended to upgrade to version 2.4.58, which fixes the issue. Credits: Prof. Sven Dietrich (City University of New York) * ) SECURITY: CVE-2023-31122: mod_macro buffer over-read (cve.mitre.org) Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. Credits: David Shoon (github/davidshoon) * ) mod_ssl: Silence info log message "SSL Library Error: error:0A000126: SSL routines::unexpected eof while reading" when using OpenSSL 3 by setting SSL_OP_IGNORE_UNEXPECTED_EOF if available. [Rainer Jung] * ) mod_http2: improved early cleanup of streams. [Stefan Eissing] * ) mod_proxy_http2: improved error handling on connection errors while response is already underway. [Stefan Eissing] * ) mod_http2: fixed a bug that could lead to a crash in main connection output handling. This occured only when the last request on a HTTP/2 connection had been processed and the session decided to shut down. This could lead to an attempt to send a final GOAWAY while the previous write was still in progress. See PR 66646. [Stefan Eissing] * ) mod_proxy_http2: fix `X-Forward-Host` header to carry the correct value. Fixes PR66752. [Stefan Eissing] * ) mod_http2: added support for bootstrapping WebSockets via HTTP/2, as described in RFC 8441. A new directive 'H2WebSockets on|off' has been added. The feature is by default not enabled. As also discussed in the manual, this feature should work for setups using "ProxyPass backend-url upgrade=websocket" without further changes. Special server modules for WebSockets will have to be adapted, most likely, as the handling if IO events is different with HTTP/2. HTTP/2 WebSockets are supported on platforms with native pipes. This excludes Windows. [Stefan Eissing] * ) mod_rewrite: Fix a regression with both a trailing ? and [QSA]. in OCSP stapling. PR 66672. [Frank Meier , covener] * ) mod_http2: fixed a bug in flushing pending data on an already closed connection that could lead to a busy loop, preventing the HTTP/2 session to close down successfully. Fixed PR 66624. [Stefan Eissing] * ) mod_http2: v2.0.15 with the following fixes and improvements - New directive 'H2EarlyHint name value' to add headers to a response, picked up already when a "103 Early Hints" response is sent. 'name' and 'value' must comply to the HTTP field restrictions. This directive can be repeated several times and header fields of the same names add. Sending a 'Link' header with 'preload' relation will also cause a HTTP/2 PUSH if enabled and supported by the client. - Fixed an issue where requests were not logged and accounted in a timely fashion when the connection returns to "keepalive" handling, e.g. when the request served was the last outstanding one. This led to late appearance in access logs with wrong duration times reported. - Accurately report the bytes sent for a request in the '%O' Log format. This addresses #203, a long outstanding issue where mod_h2 has reported numbers over-eagerly from internal buffering and not what has actually been placed on the connection. The numbers are now the same with and without H2CopyFiles enabled. [Stefan Eissing] * ) mod_proxy_http2: fix retry handling to not leak temporary errors. On detecting that that an existing connection was shutdown by the other side, a 503 response leaked even though the request was retried on a fresh connection. [Stefan Eissing] * ) mod_rewrite: Add server directory to include path as mod_rewrite requires test_char.h. PR 66571 [Valeria Petrov ] * ) mod_http2: new directive `H2ProxyRequests on|off` to enable handling of HTTP/2 requests in a forward proxy configuration. ... changelog too long, skipping 85 lines ... for async MPMs. PR 63300. [Rainer Jung] ==== apache2-utils ==== Version update (2.4.57 -> 2.4.58) - Update to 2.4.58: * ) SECURITY: CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST (cve.mitre.org) When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that. This was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During "normal" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out. Users are recommended to upgrade to version 2.4.58, which fixes the issue. Credits: Will Dormann of Vul Labs * ) SECURITY: CVE-2023-43622: Apache HTTP Server: DoS in HTTP/2 with initial windows size 0 (cve.mitre.org) An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.57. Users are recommended to upgrade to version 2.4.58, which fixes the issue. Credits: Prof. Sven Dietrich (City University of New York) * ) SECURITY: CVE-2023-31122: mod_macro buffer over-read (cve.mitre.org) Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. Credits: David Shoon (github/davidshoon) * ) mod_ssl: Silence info log message "SSL Library Error: error:0A000126: SSL routines::unexpected eof while reading" when using OpenSSL 3 by setting SSL_OP_IGNORE_UNEXPECTED_EOF if available. [Rainer Jung] * ) mod_http2: improved early cleanup of streams. [Stefan Eissing] * ) mod_proxy_http2: improved error handling on connection errors while response is already underway. [Stefan Eissing] * ) mod_http2: fixed a bug that could lead to a crash in main connection output handling. This occured only when the last request on a HTTP/2 connection had been processed and the session decided to shut down. This could lead to an attempt to send a final GOAWAY while the previous write was still in progress. See PR 66646. [Stefan Eissing] * ) mod_proxy_http2: fix `X-Forward-Host` header to carry the correct value. Fixes PR66752. [Stefan Eissing] * ) mod_http2: added support for bootstrapping WebSockets via HTTP/2, as described in RFC 8441. A new directive 'H2WebSockets on|off' has been added. The feature is by default not enabled. As also discussed in the manual, this feature should work for setups using "ProxyPass backend-url upgrade=websocket" without further changes. Special server modules for WebSockets will have to be adapted, most likely, as the handling if IO events is different with HTTP/2. HTTP/2 WebSockets are supported on platforms with native pipes. This excludes Windows. [Stefan Eissing] * ) mod_rewrite: Fix a regression with both a trailing ? and [QSA]. in OCSP stapling. PR 66672. [Frank Meier , covener] * ) mod_http2: fixed a bug in flushing pending data on an already closed connection that could lead to a busy loop, preventing the HTTP/2 session to close down successfully. Fixed PR 66624. [Stefan Eissing] * ) mod_http2: v2.0.15 with the following fixes and improvements - New directive 'H2EarlyHint name value' to add headers to a response, picked up already when a "103 Early Hints" response is sent. 'name' and 'value' must comply to the HTTP field restrictions. This directive can be repeated several times and header fields of the same names add. Sending a 'Link' header with 'preload' relation will also cause a HTTP/2 PUSH if enabled and supported by the client. - Fixed an issue where requests were not logged and accounted in a timely fashion when the connection returns to "keepalive" handling, e.g. when the request served was the last outstanding one. This led to late appearance in access logs with wrong duration times reported. - Accurately report the bytes sent for a request in the '%O' Log format. This addresses #203, a long outstanding issue where mod_h2 has reported numbers over-eagerly from internal buffering and not what has actually been placed on the connection. The numbers are now the same with and without H2CopyFiles enabled. [Stefan Eissing] * ) mod_proxy_http2: fix retry handling to not leak temporary errors. On detecting that that an existing connection was shutdown by the other side, a 503 response leaked even though the request was retried on a fresh connection. [Stefan Eissing] * ) mod_rewrite: Add server directory to include path as mod_rewrite requires test_char.h. PR 66571 [Valeria Petrov ] * ) mod_http2: new directive `H2ProxyRequests on|off` to enable handling of HTTP/2 requests in a forward proxy configuration. ... changelog too long, skipping 85 lines ... for async MPMs. PR 63300. [Rainer Jung] ==== ceph ==== Version update (16.2.13.66+g54799ee0666 -> 16.2.14.66+g7aa6ce9419f) Subpackages: librados2 librbd1 - Update to 16.2.14-66-g7aa6ce9419f: + (bsc#1207765) rgw/rados: check_quota() uses real bucket owner + (bsc#1212559) pacific: os/bluestore: cumulative bluefs backport This notably includes: * os/bluestore: BlueFS fine grain locking * os/bluestore/bluefs: Fix improper vselector tracking in _flush_special() * os/bluestore: enable 4K allocation unit for BlueFS * os/bluestore/bluefs: Fix sync compactionA + (bsc#1213217) ceph.spec.in: Require fmt-devel < 10 + ceph.spec.in: enable build on riscv64 for openSUSE Factory + ceph.spec.in: Require Cython >= 0.29 but < 3 + cephadm: update to the latest container images: * registry.suse.com/ses/7.1/ceph/prometheus-server:2.37.6 * registry.suse.com/ses/7.1/ceph/prometheus-node-exporter:1.5.0 * registry.suse.com/ses/7.1/ceph/grafana:8.5.22 * registry.suse.com/ses/7.1/ceph/haproxy:2.0.31 - Drop ceph-test.changes (no longer necessary since using _multibuild) ==== chromaprint ==== - Drop fftw3-devel BuildRequires and Requires, pass DFFT_LIB=avfft to cmake, use the already present ffmpeg lib. - Use ldconfig_scriptlets for post(un) handling. ==== dracut ==== Version update (059+suse.501.gc44a365d -> 059+suse.503.g41e99e72) - Update to version 059+suse.503.g41e99e72: * fix(dracut.spec): do not require libgcrypt20-hmac for dracut-fips (bsc#1216059) ==== freerdp ==== Version update (2.11.0 -> 2.11.2) Subpackages: libfreerdp2-2 libwinpr2-2 - Update to 2.11.2 * Backported #9356: Fix issues with order updates * Backported #9378: backported wArrayList (optional) copy on insert * Backported #9360: backported certificate algorithm detection ==== kernel-source ==== Version update (6.5.6 -> 6.5.8) - Linux 6.5.8 (bsc#1012628). - net: stmmac: remove unneeded stmmac_poll_controller (bsc#1012628). - RDMA/cxgb4: Check skb value for failure to allocate (bsc#1012628). - perf/arm-cmn: Fix the unhandled overflow status of counter 4 to 7 (bsc#1012628). - platform/x86: think-lmi: Fix reference leak (bsc#1012628). - drm/i915: Register engines early to avoid type confusion (bsc#1012628). - cpuidle, ACPI: Evaluate LPI arch_flags for broadcast timer (bsc#1012628). - drm/amdgpu: Fix a memory leak (bsc#1012628). - platform/x86: hp-wmi:: Mark driver struct with __refdata to prevent section mismatch warning (bsc#1012628). - media: dt-bindings: imx7-csi: Make power-domains not required for imx8mq (bsc#1012628). - drm/amd/display: implement pipe type definition and adding accessors (bsc#1012628). - drm/amd/display: apply edge-case DISPCLK WDIVIDER changes to master OTG pipes only (bsc#1012628). - scsi: Do not rescan devices with a suspended queue (bsc#1012628). - ata: pata_parport: fix pata_parport_devchk (bsc#1012628). - ata: pata_parport: implement set_devctl (bsc#1012628). - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect (bsc#1012628). - quota: Fix slow quotaoff (bsc#1012628). - dm crypt: Fix reqsize in crypt_iv_eboiv_gen (bsc#1012628). - ASoC: amd: yc: Fix non-functional mic on Lenovo 82YM (bsc#1012628). - ASoC: hdmi-codec: Fix broken channel map reporting (bsc#1012628). - ata: libata-scsi: Disable scsi device manage_system_start_stop (bsc#1012628). - net: prevent address rewrite in kernel_bind() (bsc#1012628). - arm64: dts: qcom: sm8150: extend the size of the PDC resource (bsc#1012628). - dt-bindings: interrupt-controller: renesas,rzg2l-irqc: Update description for '#interrupt-cells' property (bsc#1012628). - irqchip: renesas-rzg2l: Fix logic to clear TINT interrupt source (bsc#1012628). - KEYS: trusted: Remove redundant static calls usage (bsc#1012628). - ALSA: usb-audio: Fix microphone sound on Opencomm2 Headset (bsc#1012628). - ALSA: usb-audio: Fix microphone sound on Nexigo webcam (bsc#1012628). - ALSA: hda: cs35l41: Cleanup and fix double free in firmware request (bsc#1012628). - ALSA: hda/realtek: Change model for Intel RVP board (bsc#1012628). - ASoC: SOF: amd: fix for firmware reload failure after playback (bsc#1012628). - ASoC: simple-card-utils: fixup simple_util_startup() error handling (bsc#1012628). - ASoC: Intel: soc-acpi: fix Dell SKU 0B34 (bsc#1012628). - ASoC: Intel: soc-acpi: Add entry for HDMI_In capture support in MTL match table (bsc#1012628). - ASoC: fsl_sai: Don't disable bitclock for i.MX8MP (bsc#1012628). - ASoC: Intel: sof_sdw: add support for SKU 0B14 (bsc#1012628). - ASoC: Intel: soc-acpi: Add entry for sof_es8336 in MTL match table (bsc#1012628). - ALSA: hda/realtek: Add quirk for HP Victus 16-d1xxx to enable mute LED (bsc#1012628). - ALSA: hda/realtek: Add quirk for mute LEDs on HP ENVY x360 15-eu0xxx (bsc#1012628). - ALSA: hda/realtek - ALC287 I2S speaker platform support (bsc#1012628). - ALSA: hda/realtek - ALC287 merge RTK codec with CS CS35L41 AMP (bsc#1012628). - pinctrl: nuvoton: wpcm450: fix out of bounds write (bsc#1012628). - pinctrl: starfive: jh7110: Fix failure to set irq after CONFIG_PM is enabled (bsc#1012628). - drm/msm/dp: do not reinitialize phy unless retry during link training (bsc#1012628). - drm/msm/dsi: skip the wait for video mode done if not applicable (bsc#1012628). - drm/msm/dsi: fix irq_of_parse_and_map() error checking (bsc#1012628). - drm/msm/dpu: change _dpu_plane_calc_bw() to use u64 to avoid overflow (bsc#1012628). - drm/msm/dp: Add newlines to debug printks (bsc#1012628). - drm/msm/dpu: fail dpu_plane_atomic_check() based on mdp clk limits (bsc#1012628). - phy: lynx-28g: cancel the CDR check work item on the remove path (bsc#1012628). - phy: lynx-28g: lock PHY while performing CDR lock workaround (bsc#1012628). - phy: lynx-28g: serialize concurrent phy_set_mode_ext() calls to shared registers (bsc#1012628). - net: dsa: qca8k: fix regmap bulk read/write methods on big endian systems (bsc#1012628). - net: dsa: qca8k: fix potential MDIO bus conflict when accessing internal PHYs via management frames (bsc#1012628). - can: isotp: isotp_sendmsg(): fix TX state detection and wait behavior (bsc#1012628). - can: sun4i_can: Only show Kconfig if ARCH_SUNXI is set ... changelog too long, skipping 501 lines ... - commit 3169a10 ==== libdrm ==== Version update (2.4.116 -> 2.4.117) Subpackages: libdrm2 libdrm_amdgpu1 libdrm_intel1 libdrm_nouveau2 libdrm_radeon1 - Update to 2.4.117 * modetest: print modifiers in hex as well * modetest: custom mode support * meson: fix intel requirements * meson: Use feature.require() and feature.allowed() * meson: replace deprecated program.path -> program.full_path * modetest: avoid erroring if there's no gamma legacy support * amdgpu: Fix pointer/integer mismatch warning * amdgpu: Use PRI?64 to format uint64_t * util: add NV24 and NV42 frame buffer formats * util: add pattern support for DRM_FORMAT_NV{24,42} * modetest: add support for DRM_FORMAT_NV{24,42} * util: fix grey in YUV SMPTE patterns * modetest: fix mode_vrefresh() for interlace/dblscan/vscan * util: remove unused definitions of RED, GREEN, and BLUE * amdgpu: add marketing names from amd-5.4.6 (22.40.6) * amdgpu: add marketing names from amd-5.5.1 (23.10.1) * amdgpu: add marketing names from PRO Edition 23.Q3 W7000 * amdgpu: add marketing names from Adrenalin 23.7.2 * amdgpu: add marketing names from Adrenalin 23.9.1 * modetest: document why no blob is created for linear gamma LUT * modetest: allocate and commit atomic request around set_property() * modetest: permit -r and -s to work together * modetest: allow using -r and -P * modetest: add support for writeback connector * amdgpu: amdgpu_drm.h for new GPUVM fault ioctl * amdgpu: add support for querying VM faults information * xf86drm: mark DRM_MAX_MINOR as deprecated * ci: bump FreeBSD to 13.2 ==== libstorage-ng ==== Version update (4.5.143 -> 4.5.149) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#955 - use _exit if exec fails - 4.5.149 - merge gh#openSUSE/libstorage-ng#954 - allow to disallow remove actions on some devices - improved tests - removed unneeded include statements - make more use of new SystemCmd interface - increase minor library version - 4.5.148 - merge gh#openSUSE/libstorage-ng#953 - support RAID level LINEAR (bsc#1215022) - 4.5.147 - merge gh#openSUSE/libstorage-ng#952 - extended testsuite - 4.5.146 - merge gh#openSUSE/libstorage-ng#951 - allow SystemCmd to take a vector with command arguments - fixed typo - added integration tests - 4.5.145 - merge gh#openSUSE/libstorage-ng#950 - allow to disable use of key file in commit - added note - 4.5.144 ==== pipewire ==== Version update (0.3.82 -> 0.3.83) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-lang pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Update to version 0.3.83: * Highlights - A quantum change regression was fixed. - Use a 2 socket server now for the manager and the applications with (when wireplumber is updated) different permissions. - Reduce memory usage a little in audioconvert and use fewer buffers. - Some JACK deadlocks were fixed. - More bugfixes and improvements. * PipeWire - Fix quantum change regression. - Use a 2 socket server by default. One for the session-manager and one for applications. - Fix a potential use-after-free in node and device cleanup. * modules - Some hardcoded buffer size limits were removed. - Fix ASYNC flag on combined-streams. - Add support for on-demand combined-streams using metadata. * SPA - alsa-udev will now ignore PCMs with the ACP_IGNORE udev environment variable. - The audioadapter now uses at least 2 buffers when the follower is async. - The number of buffers used by plugins was tweaked a little. Most plugins now only ask 1 buffer. - Memory usage in audioconvert was reduced. - Fix some unaligned reads and writes and undefined left shifts reported by ASAN. - Rework vulkan dependency checking. - Don't try to link ALSA devices when prepare fails. This fixes some crashes. - Fix a stall when the allowed codecs are changed in ALSA. - Improve ALSA rate control for sources to avoid xruns. - Try to fix IEC958 TrueHD and DTS playback. * Bluetooth - Improve fallback SCO mtu when the kernel doesn't tell us. * JACK - The fixed buffer size limit was removed. - Add an option to make input buffers writable (default true). - A potential deadlock was fixed when applications lock the process function. - Use a separate thread to dispatch notifications to avoid deadlocks. - Potentially fix silent export in ardour in some cases. ==== xcb-util-cursor ==== Version update (0.1.4 -> 0.1.5) - Update to version 0.1.5 * This release sets the close-on-exec flag when opening files on platforms that support O_CLOEXEC, and resyncs the _XcursorThemeInherits code with libXcursor, including a fix for an off-by-one error in memory allocation that triggered errors from AddressSanitizer. ==== xfce4-terminal ==== Version update (1.1.0 -> 1.1.1) Subpackages: xfce4-terminal-lang - Update to version 1.1.1 * build: Simplify and clarify X11/Wayland distinction * Fix xfce_titled_dialog_create_action_area() deprecation * build: Define our own windowing macro instead of extending GDK's * wayland: Fix drop-down keep-above for non-prefs dialogs * wayland: Fix drop-down terminal keep-above * wayland: Fix window activation * wayland: Fix drop-down terminal positioning (Fixes #141) * wayland: Fix new window size * Replace XDT_CHECK_LIBX11 and use HAVE_LIBX11 when appropriate * Use the same windowing environment test everywhere * Fix build when X11 is disabled * drop-down: Make settings easier to understand * drop-down: Fix allocation warnings * Apply 7 suggestion(s) to 2 file(s) * Save and restore terminal window workspace in X11 session * doc: Remove reference to terminalrc * app: Put GtkSettings:gtk-menu-bar-accel overwrite back in place * Translation Updates ==== yast2-storage-ng ==== Version update (5.0.1 -> 5.0.3) - GuidedProposal: new internal setting to control how existing swap partitions are reused. Relevant for Agama and related to bsc#1175535 and bsc#1215639. - 5.0.3 - New MdLevel value for linear RAIDs (bsc#1215022) - 5.0.2