Packages changed: Mesa Mesa-drivers docbook-xsl (1.79.2.1 -> 1.79.2.2) hwdata (0.373 -> 0.376) libdrm libeconf (0.5.2 -> 0.6.0) libosinfo (1.10.0 -> 1.11.0) libtommath (1.2.0 -> 1.2.1) libxml2 lsof (4.98.0 -> 4.99.0) nfs-utils openvpn (2.6.6 -> 2.6.7) osinfo-db (20230719 -> 20231027) procps procps4 publicsuffix (20231028 -> 20231108) python-alembic (1.12.0 -> 1.12.1) rubygem-fast_gettext (2.2.0 -> 2.3.0) sdbootutil (1+git20231102.beb4c19 -> 1+git20231114.6bcf1d3) sof-firmware thin-provisioning-tools (0.9.0 -> 1.0.7) ucode-intel (20230808 -> 20231114) vim (9.0.2078 -> 9.0.2103) === Details === ==== Mesa ==== Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - build with valgrind only on 64bit platforms ==== Mesa-drivers ==== Subpackages: Mesa-dri Mesa-gallium Mesa-libva - build with valgrind only on 64bit platforms ==== docbook-xsl ==== Version update (1.79.2.1 -> 1.79.2.2) - Raise version to 1.79.2.2 Integrate latest changes from assembly/assemble.xsl and assembly/effectivity.xsl - Remove docbook-xsl-1.79.2-assembly-assemble.xsl.patch We copy the two files directly. These two files contains the following overall changes: - Fix #254: Pass structure/@xml:lang to result doc - Support filterin/filterout elements - Fix problem with resourceref to another structure in assemblies - fix #28 assemble.xsl: imagedata filerefs in assembled output document may be incorrect - Fix #27 to allow merge from resource of titles not inside info because they are equivalent to titles inside info. Also fixe a couple of other problems noticed during testing. For details, see the upstream Git repo and run: $ git diff release/1.79.2..master -- \ xsl/assembly/assemble.xsl xsl/assembly/effectivity.xsl ==== hwdata ==== Version update (0.373 -> 0.376) - update to 0.376: * Update pci, usb and vendor ids ==== libdrm ==== Subpackages: libdrm2 libdrm_amdgpu1 libdrm_intel1 libdrm_nouveau2 libdrm_radeon1 - use valgrind support only on 64bit platforms ==== libeconf ==== Version update (0.5.2 -> 0.6.0) - Update to version 0.6.0: * Supporting Linux Userspace API (UAPI) Group chapter "Configuration Files Specification". See: https://uapi-group.org/specifications/specs/ configuration_files_specification/ - Update to version 0.5.3: * Added bindings for python3 and C# - Update to version 0.5.2: * Add python bindings (#188) * docu version 0.5.2 * Fix test (#185) * Plug memory leak (#186) ==== libosinfo ==== Version update (1.10.0 -> 1.11.0) Subpackages: libosinfo-1_0-0 libosinfo-lang - Update to version 1.11.0 (jsc#PED-2104) Changes in this release include: * Several minor memory leak fixes * Several CI improvements * Several translations improvements - Drop 3a0fef72.patch as it is now part of the tarball ==== libtommath ==== Version update (1.2.0 -> 1.2.1) - Update to version 1.2.1 (bsc#1214927, CVE-2023-36328): + Bugfix release because of potential integer overflow ( CVE-2023-36328). - Drop 546.patch: fixed upstream. - Update libtommath.keyring to contain gpg key 7B24BC73AFEEFA69A5BDE9C53FAA94B3BD9016D9. ==== libxml2 ==== Subpackages: libxml2-2 libxml2-tools - Security fix: CVE-2023-45322 (bsc#1216129) * use-after-free in xmlUnlinkNode() in tree.c * Added file libxml2-CVE-2023-45322.patch ==== lsof ==== Version update (4.98.0 -> 4.99.0) - lsof 4.99.0: * Do not hard-code fd numbers in epoll test * --with-selinux configure option. * Improve performance by using closefrom() * Introduce liblsof for programmatic access over spawning lsof in a subprocess - build with libtirpc - switch to upstream tarball again as it dropped proprietary code ==== nfs-utils ==== Subpackages: libnfsidmap1 nfs-client - Build with --enable-junction so that nfsref is built https://lore.kernel.org/linux-nfs/DFBBA6DD-7F22-4A38-BAA2-DBD40EB81BB9@oracle.com/ ==== openvpn ==== Version update (2.6.6 -> 2.6.7) Subpackages: openvpn-auth-pam-plugin - update to 2.6.7: * CVE-2023-46850 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly use a send buffer after it has been free()d in some circumstances, causing some free()d memory to be sent to the peer. All configurations using TLS (e.g. not using --secret) are affected by this issue. * CVE-2023-46849 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly restore --fragment configuration in some circumstances, leading to a division by zero when --fragment is used. On platforms where division by zero is fatal, this will cause an OpenVPN crash. * DCO: warn if DATA_V1 packets are sent by the other side - this a hard incompatibility between a 2.6.x client connecting to a 2.4.0-2.4.4 server, and the only fix is to use --disable-dco. * Remove OpenSSL Engine method for loading a key. This had to be removed because the original author did not agree to relicensing the code with the new linking exception added. This was a somewhat obsolete feature anyway as it only worked with OpenSSL 1.x, which is end-of-support. * add warning if p2p NCP client connects to a p2mp server - this is a combination that used to work without cipher negotiation (pre 2.6 on both ends), but would fail in non-obvious ways with 2.6 to 2.6. * add warning to --show-groups that not all supported groups are listed (this is due the internal enumeration in OpenSSL being a bit weird, omitting X448 and X25519 curves). * --dns: remove support for exclude-domains argument (this was a new 2.6 option, with no backend support implemented yet on any platform, and it turns out that no platform supported it at all - so remove option again) * warn user if INFO control message too long, do not forward to management client (safeguard against protocol-violating server implementations) * DCO-WIN: get and log driver version (for easier debugging). * print "peer temporary key details" in TLS handshake * log OpenSSL errors on failure to set certificate, for example if the algorithms used are in acceptable to OpenSSL (misleading message would be printed in cryptoapi / pkcs11 scenarios) * add CMake build system for MinGW and MSVC builds * remove old MSVC build system * improve cmocka unit test building for Windows ==== osinfo-db ==== Version update (20230719 -> 20231027) - Update to database version 20231027 (jsc#PED-2104) osinfo-db-20231027.tar.xz ==== procps ==== Subpackages: libprocps8 procps-lang - procps-ng-3.3.17-logind.patch: Fix crash of "w -s -h" ==== procps4 ==== Subpackages: libproc2-0 procps4-lang - Remove duplicate BuildRequires ==== publicsuffix ==== Version update (20231028 -> 20231108) - Update to version 20231108: * Update public_suffix_list.dat (#1848) * util: gTLD data autopull updates for 2023-11-03T15:13:18 UTC (#1887) * Add `torun.pl` (#1684) ==== python-alembic ==== Version update (1.12.0 -> 1.12.1) - update to 1.12.1: * Fixed regression caused by :ticket:`879` released in 1.7.0 where the ".info" dictionary of ``Table`` would not render in autogenerate create table statements. This can be useful for custom create table DDL rendering schemes so it is restored. * Improved typing in the :paramref:`.EnvironmentContext.configure.process_revision_dir ectives` callable to better indicate that the passed-in type is :class:`.MigrationScript`, not the :class:`.MigrationOperation` base class, and added typing to the example at :ref:`cookbook_no_empty_migrations` to illustrate. * Repaired :class:`.ExecuteSQLOp` so that it can participate in "diff" operations; while this object is typically not present in a reflected operation stream, custom hooks may be adding this construct where it needs to have the correct ``to_diff_tuple()`` method. * Improved the ``op.execute()`` method to correctly accept the * ``Executable`` type that is the same which is used in SQLAlchemy ``Connection.execute()``. * Improve typing of the revision parameter in various command functions. * Fixed autogen render issue where expressions inside of indexes for PG need to be double-parenthesized, meaning a single parens must be present within the generated ``text()`` construct. * Alembic now accommodates for Sequence and Identity that support dialect kwargs. This is a change that will be added to SQLAlchemy v2.1. ==== rubygem-fast_gettext ==== Version update (2.2.0 -> 2.3.0) - New upstream release 2.3.0, see bundled CHANGELOG ==== sdbootutil ==== Version update (1+git20231102.beb4c19 -> 1+git20231114.6bcf1d3) Subpackages: sdbootutil-rpm-scriptlets sdbootutil-snapper - Update to version 1+git20231114.6bcf1d3: * Fix quoting when calling dracut ==== sof-firmware ==== - Update Supplements for new modules like AMD ACP ==== thin-provisioning-tools ==== Version update (0.9.0 -> 1.0.7) - Update to version 1.0.7: * v1.0.7 * [thin_generate_metadata] Fix command line parsing * [tests] Introduce era_generate_metadata * [era] Factor out MetadataGenerator * [era_invalidate] Fix missing value_parser for the --written-since option * [tests] Support additional program-specific arguments in IO tests * [examples] Add a custom emitter examples * Remove unnecesary type casting * [file_utils] Verify ioctl request code in tests * [file_utils] Fix the ioctl request code for the powerpc architecture * bump version to 1.0.6 * [build] Update dependencies * [thin_delta] Remove redundant code * [thin_delta] Fix range mappings construction * [thin_delta] Fix command line parsing * [pack/unpack] Fix clippy lints * Bump version to v1.05 * Add some test cases to delta_list * [pack/unpack] Fix some wrapping issues * [tests] Ensure the scope of thin_check --super-block-only * [tests] Test repairing thin metadata with stale superblock * [thin_generate_damage] Support overriding superblock fields * [tests] Validate more fields in repaired thin superblock * [thin_explore] Fix visiting empty leaves * [xml] Improve xml value parsing and error handling * [all] Update error messages for xml parsers * [build] Update quick-xml to v0.29 * [build] Update clap to v4.3 * [build] Update dependencies * [thin_rmap] Check the input ranges * [thin_dump/repair] Fix the ordering of found empty roots * [report] Fix stderr redirection * [thin_dump/repair] Ensure the tools never fail with repairable metadata * [build] allow overriding PDATA_TOOLS in Makefile * [build] fix build on musl * [thin_stat] Display column headers and further statistics * [thin_stat] Display data run length statistics for measuring data locality * [thin_explore] Fix unit conversion for data block size * [thin_explore] Display space maps usage and roots * [thin_stat] Fix opening read-only files * [thin_dump] Fix a regression that cannot keep shared defs with only one predecessor * [commands] Print out error root cause if available - Update to version 1.0.4: * Bump version to 1.0.4 * [build] Update dependencies * [all] Fix clippy lints for Rust 1.69.0 * [build] Drop the nix crate * [file_utils] Fix the BLKGETSIZE64 ioctl for 32-bit platoforms * [file_utils] Use stat64 explicitly to handle large files on 32-bit systems * [write_batcher] Fix compilation error on 32-bit platforms ==== ucode-intel ==== Version update (20230808 -> 20231114) - Updated to Intel CPU Microcode 20231114 release. (bsc#1215278) - Security updates for [INTEL-SA-00950](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.html) - CVE-2023-23583: Fixed potential CPU deadlocks or privilege escalation (bsc#1215278) - Update for functional issues. Refer to [13th Generation Intel® Core™ Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/740518) for details. - Update for functional issues. Refer to [12th Generation Intel® Core™ Processor Family](https://cdrdv2.intel.com/v1/dl/getContent/682436) for details. - Update for functional issues. Refer to [11th Gen Intel® Core™ Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/631123) for details. - Update for functional issues. Refer to [10th Gen Intel® Core™ Processor Families Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/341079) for details. - Update for functional issues. Refer to [4th Gen Intel® Xeon® Scalable Processors Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/772415) for details. - Update for functional issues. Refer to [3rd Generation Intel® Xeon® Scalable Processors Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/634897) for details. - Update for functional issues. Refer to [Intel® Processors and Intel® Core™ i3 N-Series](https://cdrdv2.intel.com/v1/dl/getContent/764616) for details. - Update for functional issues. Refer to [Intel® Xeon® D-2700 Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/714071) for details. - Update for functional issues. Refer to [Intel® Xeon® E-2300 Processor Specification Update ](https://cdrdv2.intel.com/v1/dl/getContent/709192) for details. [#]## Updated Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ADL | C0 | 06-97-02/07 | 0000002e | 00000032 | Core Gen12 | ADL | H0 | 06-97-05/07 | 0000002e | 00000032 | Core Gen12 | ADL | L0 | 06-9a-03/80 | 0000042c | 00000430 | Core Gen12 | ADL | R0 | 06-9a-04/80 | 0000042c | 00000430 | Core Gen12 | ADL-N | N0 | 06-be-00/11 | 00000011 | 00000012 | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E | AZB | A0 | 06-9a-04/40 | 00000004 | 00000005 | Intel(R) Atom(R) C1100 | AZB | R0 | 06-9a-04/40 | 00000004 | 00000005 | Intel(R) Atom(R) C1100 | ICL-D | B0 | 06-6c-01/10 | 01000230 | 01000268 | Xeon D-17xx, D-27xx | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003a5 | 0d0003b9 | Xeon Scalable Gen3 | ICL-U/Y | D1 | 06-7e-05/80 | 000000bc | 000000c2 | Core Gen10 Mobile | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004119 | 0000411c | Core Gen13 | RPL-S | B0 | 06-b7-01/32 | 00000119 | 0000011d | Core Gen13 | RKL-S | B0 | 06-a7-01/02 | 00000059 | 0000005d | Core Gen11 | RPL-S | H0 | 06-bf-05/07 | 0000002e | 00000032 | Core Gen12 | RPL-S/HX | C0 | 06-bf-02/07 | 0000002e | 00000032 | Core Gen12 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004119 | 0000411c | Core Gen13 | SPR-SP | E5/S3 | 06-8f-08/87 | 2b0004b1 | 2b0004d0 | Xeon Scalable Gen4 | SPR-SP | E4/S2 | 06-8f-07/87 | 2b0004b1 | 2b0004d0 | Xeon Scalable Gen4 | SPR-SP | E3 | 06-8f-06/87 | 2b0004b1 | 2b0004d0 | Xeon Scalable Gen4 | SPR-SP | E2 | 06-8f-05/87 | 2b0004b1 | 2b0004d0 | Xeon Scalable Gen4 | SPR-SP | E0 | 06-8f-04/87 | 2b0004b1 | 2b0004d0 | Xeon Scalable Gen4 | SPR-HBM | Bx | 06-8f-08/10 | 2c000271 | 2c000290 | Xeon Max | TGL | B0/B1 | 06-8c-01/80 | 000000ac | 000000b4 | Core Gen11 Mobile | TGL-H | R0 | 06-8d-01/c2 | 00000046 | 0000004e | Core Gen11 Mobile | TGL-R | C0 | 06-8c-02/c2 | 0000002c | 00000034 | Core Gen11 Mobile - Updated to Intel CPU Microcode 20231114 pre-release (labeled 20231113). (bsc#1215278) - CVE-2023-23583: Fixed potential CPU deadlocks or privilege escalation (bsc#1215278) ==== vim ==== Version update (9.0.2078 -> 9.0.2103) Subpackages: vim-data vim-data-common vim-small xxd - Update to version 9.0.2103 - drop vim-changelog.sh * recursive callback may cause issues on some archs * matchparen highlight not cleared in completion mode * improve the breakpoint sign label (#13525) * Improve CONTRIBUTING.md * Renamed "makefile_*.mak" for Vim documentation (#13517) * Update for Lynx 2.8.9 (#13510) * Improve :let-heredoc syntax highlighting (#12923) * clarify when formatoptions applies * Update for i3 4.23 (#13522) * Update usr_51.txt to be more inclusive (#13496) * Add missing null_ help tags (#13498) * labeler.yml use all instead of any for doc detection (#13507) * No filetype support for xcompose files * clarify `:help inclusion` section * labeler.yml: Add some more component detection rules (#13511) * No support for cypher files * Vim9: confusing usage of private * labeler.yml: add documentation label (#13506) * fix grammar in termdebug doc, remove trailing spaces (#13505) * improve window handling, shorten var types * handle buffer-local mappings properly * statusline may look different than expected * Vim9: need more assignment tests * Update for Wget2 2.1.0 (#13497) * Unsupported option causes skipping of modeline test * tests: failure in test_arabic * Switch Hindu-Arabic to Arabic numerals in arabic keymap (#13430) * Update the translation of Russian messages to Vim 9.0.2091 (#13490) * improve the error detection * document vim-script library function * Make dist/vim.vim work properly when lacking vim9script support (#13487) * Vim9: cannot convert list to string using += * add legacy version for central vim library * centralize safe executable check and add vim library (#13413) * clarify terminal capabilities for focus reporting * complete_info() skips entries with 'noselect' * Add Makefile for the Vim documentation on Windows (#13467) * sound_playfile() fails when using powershell * Vim9: still allows abstract static methods * Update sh syntax and add shDerefOffset to shDerefVarArray for bash (#13480) * make strace ft check less strict (#13482) * build-failure in vim9class * code cleanup for option callbacks needed * Vim9: abstract can be used in interface * Vim9: abstract static methods are possible * runtime(sh) Update sh syntax and add shDblParen to shCaseList (#13469) * Perl: xsubpp may be in non-standard location * Add noble (24.04 LTS) as Ubuntu release name (#13472) * test_channel may fail because of IPv6 config issue * smoothscroll may result in wrong cursor position * add shDblParen to shLoopList for bash (#13445) * vim9_script test too large * all secure options should note this restriction in the documentation (#13448) * Not all Dart files detected