Packages changed: MozillaFirefox (147.0.2 -> 147.0.3) aaa_base (84.87+git20260112.8f614f3 -> 84.87+git20260210.ecce285) audit audit-secondary bash ca-certificates-mozilla (2.74 -> 2.84) checkpolicy (3.9 -> 3.10) coreutils coreutils-systemd createrepo_c (1.2.1 -> 1.2.2) ddcutil (2.2.1 -> 2.2.5) dos2unix (7.5.2 -> 7.5.4) dracut (059+suse.787.gfb86123e -> 109+suse.37.geed860c2) ed (1.22.4 -> 1.22.5) ell (0.80 -> 0.81) emacs fcitx5-gtk (5.1.4 -> 5.1.5) gnome-desktop (44.4 -> 44.5) gnome-remote-desktop gnome-shell (49.3 -> 49.4) gnutls (3.8.11 -> 3.8.12) gpg2 graphviz (14.0.0 -> 14.1.2) grub2 gspell gstreamer (1.26.10 -> 1.28.0) gstreamer-plugins-bad (1.26.10 -> 1.28.0) gstreamer-plugins-base (1.26.10 -> 1.28.0) gstreamer-plugins-good (1.26.10 -> 1.28.0) gstreamer-plugins-rs (1.26.10 -> 1.28.0) gstreamer-plugins-ugly (1.26.10 -> 1.28.0) hplip hwinfo (25.1 -> 25.2) irqbalance (1.9.5.0.git+cf76396 -> 1.9.5.3.git+48ab93a) kernel-source (6.18.8 -> 6.18.9) less (685 -> 692) libX11 (1.8.12 -> 1.8.13) libXfixes libblockdev (3.3.1 -> 3.4.0) libfontenc (1.1.8 -> 1.1.9) libfprint (1.94.9+tod1 -> 1.94.10+tod1) libfyaml (0.9.3 -> 0.9.4) libnfs libosinfo libp11 (0.4.16 -> 0.4.17) libphonenumber (9.0.21 -> 9.0.23) libpng16 (1.6.54 -> 1.6.55) libselinux (3.9 -> 3.10) libselinux-bindings (3.9 -> 3.10) libsemanage (3.9 -> 3.10) libsepol (3.9 -> 3.10) libsoup2 liburing (2.13 -> 2.14) libwacom (2.17.0 -> 2.18.0) libxml2 m4 (1.4.20 -> 1.4.21) mcelog (207 -> 210) mutter (49.3 -> 49.4) nvidia-open-driver-G07-signed (590.48.01_k6.18.7_1 -> 590.48.01_k6.18.9_1) nvidia-open-driver-G07-signed-cuda (590.48.01_k6.18.7_1 -> 590.48.01_k6.18.9_1) openSUSE-release (20260207 -> 20260212) p11-kit (0.26.1 -> 0.26.2) perl-Authen-SASL (2.190.0 -> 2.200.0) perl-DB_File (1.859.0 -> 1.860) plocate (1.1.23 -> 1.1.24) policycoreutils (3.9 -> 3.10) postfix python-argcomplete (3.6.2 -> 3.6.3) python-argparse-manpage python-packaging python-semanage (3.9 -> 3.10) sdbootutil (1+git20260206.54f4a16 -> 1+git20260210.81c4815) sdl12_compat sqlite3 (3.51.1 -> 3.51.2) systemd-presets-branding-Aeon thunar tree (2.2.1 -> 2.3.1) tuned (2.26.0.0+git.181472a -> v2.26.1+git.d6ff925) upower virtualbox (7.2.4 -> 7.2.6) virtualbox-kmp (7.2.4_k6.18.7_1 -> 7.2.6_k6.18.9_1) vlc xorg-x11-fonts yast2-bootloader (5.0.32 -> 5.0.33) yast2-security (5.0.3 -> 5.0.4) yast2-trans (84.87.20260125.b09c7f793f -> 84.87.20260208.9d67813d4c) === Details === ==== MozillaFirefox ==== Version update (147.0.2 -> 147.0.3) Subpackages: MozillaFirefox-branding-upstream MozillaFirefox-translations-common - Mozilla Firefox 147.0.3 * Interoperability improvements for the CSS anchor positioning and Navigation web APIs * Fix a regression where `position: sticky` elements on some webpages could appear stuck or fail to update while mousewheel-scrolling after certain `:hover` interactions (bmo#2010481) * Fix an issue where the Firefox Developer Tools could fail to re-open after using the Inspector’s node picker and reloading a page containing cross-origin iframes (bmo#2003810) * Fix an issue where the DNS over HTTPS provider settings section could appear as a blank box, preventing users from seeing the current setting or changing it (bmo#2010501) ==== aaa_base ==== Version update (84.87+git20260112.8f614f3 -> 84.87+git20260210.ecce285) Subpackages: aaa_base-extras - Update to version 84.87+git20260210.ecce285: * For boo#1257875 get intrinsic DEFAULT_WM back * DIR_COLORS: add vt220 and .jxl ==== audit ==== Subpackages: libaudit1 libaudit1-32bit libauparse0 - Configure runstatedir as "/run" to get rid of systemd deprecation warnings. ==== audit-secondary ==== Subpackages: audit audit-rules python3-audit system-group-audit - Configure runstatedir as "/run" to get rid of systemd deprecation warnings. ==== bash ==== Subpackages: bash-lang bash-loadables bash-sh - Remove obsolete qemu workaround ==== ca-certificates-mozilla ==== Version update (2.74 -> 2.84) - Updated to 2.84 state (bsc#1258002) - Removed: - Baltimore CyberTrust Root - CommScope Public Trust ECC Root-01 - CommScope Public Trust ECC Root-02 - CommScope Public Trust RSA Root-01 - CommScope Public Trust RSA Root-02 - DigiNotar Root CA - Added: - e-Szigno TLS Root CA 2023 - OISTE Client Root ECC G1 - OISTE Client Root RSA G1 - OISTE Server Root ECC G1 - OISTE Server Root RSA G1 - SwissSign RSA SMIME Root CA 2022 - 1 - SwissSign RSA TLS Root CA 2022 - 1 - TrustAsia SMIME ECC Root CA - TrustAsia SMIME RSA Root CA - TrustAsia TLS ECC Root CA - TrustAsia TLS RSA Root CA ==== checkpolicy ==== Version update (3.9 -> 3.10) - Update to version 3.10 https://github.com/SELinuxProject/selinux/releases/tag/3.10 - Fix problem with bounds statements in optional blocks - Provide a better error message for implicit role and user bounds - Allow type attributes to be associated with other type attributes - checkpolicy/tests: Modify tests to check handling of initial sids - keyring: Add key of Jason Zaman * added 63191CE94183098689CAB8DB7EF137EC935B0EAF [expires: 2026-02-08] ==== coreutils ==== Subpackages: coreutils-lang - Skip env-signal-handler test in qemu emulation ==== coreutils-systemd ==== - Skip env-signal-handler test in qemu emulation ==== createrepo_c ==== Version update (1.2.1 -> 1.2.2) Subpackages: libcreaterepo_c1 python3-createrepo_c - Update to version 1.2.2: + Don't try to use imported targets of turned-off dependencies + cmake: Allow builds without Doxygen being present with CMake 4+ + Use RPMTAG_SHA1HEADER instead of RPMTAG_HDRID + Do not build python docs unless python is enabled - Drop createrepo_c-1.2.1-cmake4.patch: fixed upstream. ==== ddcutil ==== Version update (2.2.1 -> 2.2.5) Subpackages: ddcutil-i2c-udev-rules libddcutil5 - Update to 2.2.5 * Bugfixes - Fixes FTBFS on aarch64 * Changes - Updates related to detecting and reporting display connection and disconnection - 2.2.3 -> 2.2.4 * Bugfixes - Display selection has been reworked to be more flexible, while also simpler internally - "eDP" is once again an (almost) absolute indicator or a laptop display which can be excluded from further processing. To handle the error case where "eDP" is in the name for an external display, option --edp-ambiguous has been added - Segfault in the capabilities command when parsing a malformed capabilities string returned by a monitor. - Very slow response when the EDID is obtained from /sys but is not readable using I2C. * Changes - Option --edid. If the value given starts with "...", the remainder of the value is some number of hex digits. - Added option --ignore-bus. Specifies the number of a /dev/i2c bus that should be completely ignored, providing a workaround for obscure bugs. - 2.2.1 -> 2.2.3 * Bugfixes - Starting with release 2.2.0, verification on command setvcp and API functions that set a feature value did not not occur, even if option --verify was explicitly given. As a result of this fix, scripts and applications that hitherto appeared to succeed when setting a feature value many now fail the operation because of verification. - Command getvcp --verbose: output was partially in a format intended for syslog. - Fix permission denied errors and incorrectly formed path name for examining /sys/class/drm with environment --verbose - Fix out-of-tree build reference to generated file /src/base/build_details.h (gh#rockowitz/ddcutil#544) - Fix FTBFS when --disable-drm set - configure option --disable-drm forces --disable-watch-displays * Changes - Relax the check of the device class when determining if a device is a video controller (gh#rockowitz/ddcutil#530) - Additional messages reporting configuration file errors - If possible, obtain the list of PNP ids from /usr/share/hwdata/pnp.ids instead of using a hardcoded list. Affects output of command detect. - Reword the parser explanation of options --verify and - -noverify for clarity. ==== dos2unix ==== Version update (7.5.2 -> 7.5.4) - update to 7.5.4: * Don't return an error code if a binary file is skipped - includes changes from 7.5.3: * Exit with non-zero code if the conversion is aborted due to a binary file * Fix: Exit with zero code when an unicode conversion error occurs in quiet mode * Updated translations ==== dracut ==== Version update (059+suse.787.gfb86123e -> 109+suse.37.geed860c2) - Update to version 109+suse.37.geed860c2: * fix(dracut): remove wrong auto-detection logic for output file (bsc#1258071) * feat(dracut-install): do not return non-zero if a dependency cannot be resolved (bsc#1258038) - Update to version 109+suse.35.g1fdbb27e: Switch from https://github.com/dracutdevs/dracut to https://github.com/dracut-ng/dracut-ng Full list of changes: * https://github.com/dracut-ng/dracut-ng/releases/tag/109 * https://github.com/dracut-ng/dracut-ng/releases/tag/108 * https://github.com/dracut-ng/dracut-ng/releases/tag/107 * https://github.com/dracut-ng/dracut-ng/releases/tag/106 * https://github.com/dracut-ng/dracut-ng/releases/tag/105 * https://github.com/dracut-ng/dracut-ng/releases/tag/104 * https://github.com/dracut-ng/dracut-ng/releases/tag/103 * https://github.com/dracut-ng/dracut-ng/releases/tag/102 * https://github.com/dracut-ng/dracut-ng/releases/tag/101 * https://github.com/dracut-ng/dracut-ng/releases/tag/100 * https://github.com/dracut-ng/dracut-ng/releases/tag/060 The most important ones had already been backported to 059, see: * https://github.com/openSUSE/dracut/blob/SUSE/059/suse/README.susemaint Additional openSUSE-specific changes and post-release fixes: * fix(systemd-networkd): check if units exist before enabling them * feat(systemd-import): introducing the systemd-import module * fix(systemd-networkd): install and enable systemd-networkd-resolve-hook.socket * feat(systemd): install new dlopened libraries * fix(dracut-systemd): do not error out with new root= options handled by systemd * fix(systemd-pcrphase): do not print an error if an optional binary is not found * fix(dracut): avoid calling dwarning before dracut-logger is sourced * chore(suse): accommodate to the new Git workflow * fix(dracut.spec): switch to tmpfiles based file creation * fix(nfs): do not execute logic in nfs hooks if netroot is not nfs * feat(dracut): print $initrdname with --printconfig * fix(dracut): --printconfig does not work without --force * feat(network-manager): add systemd generator if available * fix(nfs): set the default group of the rpcbind user to the state dir * perf(nfs): remove references to old rpcbind state dir * fix(dracut-systemd): use expected PS1 in the emergency shell * feat(dracut-systemd): add back and fix printing fs help in the emergency shell * fix(qemu-net): in hostonly mode, only install if network is needed * feat(resume): add openSUSE-specific sanity check * perf(resume): do not search cmdline options in /etc/cmdline{,.d} * perf(resume): do not attempt to install systemd-hibernate-resume@.service * fix(rngd): revert changes that removed the custom systemd service * chore(suse): add openSUSE-specific spec, conf and doc * fix(systemd-pcrphase): revert changes related to inclusion and dependencies * fix(plymouth): avoid warning if /etc/plymouth/plymouthd.conf is not present * fix(lsinitrd, dracut-initramfs-restore): detect initrd for BLS Type #1 entries * ci: change openSUSE code owners * fix(dracut.sh): improve detection of installed kernel versions * feat: add openSUSE-specific code related to networking * feat(tpm2-tss): add openSUSE support * feat(pcsc): add openSUSE support * feat(convertfs): add openSUSE-specific code * feat(fips): add openSUSE-specific code * chore(suse): add openSUSE-specific modules ==== ed ==== Version update (1.22.4 -> 1.22.5) - GNU ed 1.22.5: * Use 'sizeof active_list[0]' instead of 'sizeof (line_node **)' * A file name ending in slash '/' is now diagnosed as 'Invalid filename'instead of 'Is a directory' ==== ell ==== Version update (0.80 -> 0.81) - Update to version 0.81 * Fix issue with systemd watchdog protocol handling. ==== emacs ==== Subpackages: emacs-el emacs-eln emacs-info emacs-nox etags - Add patch emacs-30.2-fix-zoom.patch * Avoid the currently broken zoom test - Clarify when bubblewrap is required at runtime - Make %check work again - Enable %check again ==== fcitx5-gtk ==== Version update (5.1.4 -> 5.1.5) - update to 5.1.5 * Remove Gtk2 from deps ==== gnome-desktop ==== Version update (44.4 -> 44.5) Subpackages: gnome-desktop-lang libgnome-desktop-3-20 libgnome-desktop-3_0-common libgnome-desktop-4-2 typelib-1_0-GnomeBG-4_0 typelib-1_0-GnomeDesktop-4_0 - Update to version 44.5: + thumbnail: support %m expansion + Update seccomp filters from flatpak-run.c + Fix various memory leaks + Run tests again by default + Updated translations. - Add check section and meson_test macro, run upstreams default tests during build. ==== gnome-remote-desktop ==== Subpackages: gnome-remote-desktop-lang - Backport connection throttling (bsc#1244053 CVE-2025-5024 glgo#GNOME/gnome-desktop!321): + 0001-control-Allow-controlling-all-daemon-types.patch + 0002-daemon-Use-GError-auto-pointer.patch + 0004-rdp-sam-Dup-fd-kept-in-struct.patch + 0005-rdp-server-Set-socket-backlog-count-to-5.patch + 0006-utils-Add-some-time-conversion-helpers.patch + 0007-utils-Add-helper-to-close-connection-and-notify.patch + 0008-Introduce-throttler-class.patch + 0009-rdp-server-Throttle-connections-using-GrdThrottler.patch + 0010-throttler-Introduce-limits-struct.patch + 0011-vnc-server-Hook-up-VNC-server-to-the-throttler.patch + 0013-throttler-Allow-overriding-hard-coded-parallel-conne.patch ==== gnome-shell ==== Version update (49.3 -> 49.4) Subpackages: gnome-extensions gnome-shell-calendar gnome-shell-lang - Update to version 49.4: + Fix screen time tracking with idle inhibitors + Do not recreate default folders after they were removed + Fix tab focus behavior in quick settings menu + Do not expose password text in IM pre-edits + Plugged leak + Misc. bug fixes and cleanups + Updated translations. - Update libgnome-volume-control (gvc) tarball following upstreams changes. - Following the above, drop 31.patch and 32.patch, merged upstream. ==== gnutls ==== Version update (3.8.11 -> 3.8.12) Subpackages: libgnutls-dane0 libgnutls30 libgnutls30-32bit - Update to 3.8.12: * Security fixes: - CVE-2026-1584: NULL pointer dereference in PSK binder verification (bsc#1257978) - CVE-2025-14831: Fix name constraint processing performance issue (bsc#1257960) * libgnutls: Fix NULL pointer dereference in PSK binder verification A TLS 1.3 resumption attempt with an invalid PSK binder value in ClientHello could lead to a denial of service attack via crashing the server. The updated code guards against the problematic dereference. [Fixes: GNUTLS-SA-2026-02-09-1, CVSS: high] [CVE-2026-1584] * libgnutls: Fix name constraint processing performance issue Verifying certificates with pathological amounts of name constraints could lead to a denial of service attack via resource exhaustion. Reworked processing algorithms exhibit better performance characteristics. [Fixes: GNUTLS-SA-2026-02-09-2, CVSS: medium] [CVE-2025-14831] * libgnutls: Fix multiple unexploitable overflows (#1783, #1786). * libgnutls: Fall back to thread-unsafe module initialization Improve fallback handling for PKCS#11 modules that don't support thread-safe initialization (#1774). Also return filename from p11_kit_module_get_name() for unconfigured modules. * libgnutls: Accept NULL as digest argument for gnutls_hash_output The accelerated implementation of gnutls_hash_output() now properly accepts NULL as the digest argument, matching the behavior of the reference implementation (#1769). * srptool: Avoid a stack buffer overflow when processing large SRP groups (#1777). * Rebase patches: - gnutls-FIPS-jitterentropy.patch - gnutls-FIPS-140-3-references.patch ==== gpg2 ==== Subpackages: dirmngr gpg2-lang - Fix Y2K38 FTBFS: * gpg2 quick-key-manipulation test FTBFS-2038 (bsc#1251214) * Upstream issue: dev.gnupg.org/T8096 * Add gnupg-gpgscm-New-operator-long-time-t-to-detect-proper-tim.patch ==== graphviz ==== Version update (14.0.0 -> 14.1.2) Subpackages: libcdt6 libcgraph8 libgvc7 libpathplan4 libxdot4 - Update to 14.1.2 * The `colorscheme` attribute when applied to edge labels works once again. - Update to 14.1.1 * When seeding random number generators with `time(NULL)`, the result of `getpid()` is no longer also mixed in. Previously this was the case on non-Windows platforms, impeding reproducibility and portability - Update to 14.1.0 * Added option `neato -n3` for fit ends of edges to nodes' borders when edge trajectory is set. * Orthogonal edges now support rounded corners via the `radius` edge attribute. - Update to 14.0.5 * When filtering attribute lists, Smyrna no longer accesses out of bounds memory * osage should now handle clusters that become empty when nodes are incorrectly assigned to sibling clusters. - Update to 14.0.4 * Internal timing operations now use `clock()` on all platforms * `diffimg` now notices failures when calling Ghostscript * `dtstat` no longer reads/writes out of bounds memory * A null pointer dereference in edge pair analysis within the circo algorithm has been fixed. - Update to 14.0.2 * Memory corruption when using the Java bindings to render to a string has been corrected - Update to 14.0.1 * Points generated as curves by the dot layout algorithm are once again placed correctly. - Refresh graphviz-smyrna-link_against_glu.patch - Added Fix-build-with-non-standard-python-binary.patch - On SLE 15 build with GCC 13 and python 3.11 ==== grub2 ==== Subpackages: grub2-common grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-efi-bls - Fix error "grub-core/script/lexer.c:352:out of memory" after PowerPC CAS Reboot (bsc#1254299) * 0001-Fix-PowerPC-CAS-reboot-to-evaluate-menu-context.patch - Fix screen flickering in BLS due to rendering graphical and text terminals at the same time (bsc#1256480) - Add automatic fwsetup menu entry in BLS * 0001-bls-Allow-configuration-of-active-console-type.patch * 0002-grubbls-Add-automatic-fwsetup-menu-entry.patch - Add efifwsetup module to EFI BLS image ==== gspell ==== Subpackages: gspell-lang libgspell-1-3 - Remove unsued dependency on valgrind ==== gstreamer ==== Version update (1.26.10 -> 1.28.0) Subpackages: gstreamer-lang gstreamer-utils libgstreamer-1_0-0 typelib-1_0-Gst-1_0 - Update to version 1.28.0: + Highlights: - AMD HIP plugin and integration helper library - Vulkan Video AV1 and VP9 decoding, H.264 encoding, and 10-bit support for H.265 decoder - waylandsink: Parse and set the HDR10 metadata and other color management improvements - Audio source separation element based on demucs in Rust - Analytics combiner and splitter elements plus batch meta to batch buffers from one or more streams - LiteRT inference element; move modelinfo to analytics lib; add script to help with modelinfo generation and upgrade - Add general classifier tensor-decoder, facedetector, and more analytics convenience API - New tensordecodebin element to auto-plug compatible tensor decoders based on their caps and many other additions and improvements - Add a burn-based YOLOX inference element and a YOLOX tensor decoder in Rust - applemedia: VideoToolbox VP9 and AV1 hardware-accelerated decoding support, and 10-bit HEVC encoding - Add new GIF decoder element in Rust with looping support - input-selector: implements a two-phase sinkpad switch now to avoid races when switching input pads - The inter wormhole sink and source elements gained a way to forward upstream events to the producer as well as new fine-tuning properties - webrtcsink: add renegotiation support and support for va hardware encoders - webrtc WHEP client and server signaller - New ST-2038 ancillary data combiner and extractor elements - fallbacksrc gained support for encoded streams - flv: enhanced rtmp H.265 video support, and support for multitrack audio - glupload: Implement udmabuf uploader to share buffers between software decoders/sources and GPUs, display engines (wayland), and other dma devices - video: Add crop, scale, rotate, flip, shear and more GstMeta transformation - New task pool GstContext to share a thread pool amongst elements for better resource management and performance, especially for video conversion and compositing - New Deepgram speech-to-text transcription plugin and many other translation and transcription improvements - Speech synthesizers: expose new "compress" overflow mode that can speed up audio while preserving pitch - ElevenLabs voice cloning element and support for Speechmatics speaker identification API - textaccumulate: new element for speech synthesis or translation preprocessing - New vmaf element to calculate perceptual video quality assessment scores using Netflix's VMAF framework - decodebin3: expose KLV, ID3 PES and ST-2038 ancillary data streams with new metadata GstStream type - New MPEG-H audio decoding plugin plus MP4 demuxing support - LCEVC: Add autoplugging decoding support for LCEVC H265 and H266 video streams and LCEVC H.265 and H.266 encoders - RTP "robust MPEG audio", raw audio (L8, L16, L24), and SMPTE ST291 ancillary metadata payloaders/depayloaders in Rust - Add a Rust-based icecastsink element with AAC support - The Windows IPC plugin gained support for passing generic data in addition to raw audio/video, and various properties - New D3D12 interlace and overlay compositor elements, plus many other D3D12 improvements - Blackmagic Decklink elements gained support for capturing and outputting all types of VANC via GstAncillaryMeta - GstLogContext API to reduce log spam in several components and `GST_DEBUG_ONCE` (etc) convenience macros to log things only once - hlssink3, hlscmafsink: Support the use of a single media file, plus I-frame only playlist support - Webkit: New wpe2 plugin making use of the "WPE Platform API" - MPEG-TS demuxer can now disable skew corrections - New Qt6 QML render source element - qml6gloverlay: support directly passing a QQuickItem for QML the render tree - unifxfdsink: Add a property to allow copying to make sink usable with more upstream elements - dots-viewer: Improve dot file generation and interactivity - Python bindings: more syntactic sugar, analytics API improvements and type annotations - cerbero: add support for Python wheel packaging, Windows ARM64, new iOS xcframework, Gtk4 on macOS and Windows, and more plugins - Smaller binary sizes of Rust plugins in Windows and Android binary packages - Peel: New C++ bindings for GStreamer - Lots of new plugins, features, performance improvements and bug fixes - Countless bug fixes, build fixes, memory leak fixes, and other stability and reliability improvements ==== gstreamer-plugins-bad ==== Version update (1.26.10 -> 1.28.0) Subpackages: gstreamer-plugins-bad-lang libgstadaptivedemux-1_0-0 libgstanalytics-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstinsertbin-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstmse-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstsctp-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0 - Also build libgsthip-1_0-0 as biarch -32bit library. - Update to version 1.28.0: + Please see changes in gstreamer main package. - Pass mpeghdec=disabled to meson setup, mpeghdec dependency is not yet available in openSUSE. - Pass tflite=disabled meson setup, tflite dependency is not yet available in openSUSE. - Pass wpe2=disabled to meson setup, dependencies only partly available in openSUSE so far. - Add new sub-packages: libgsthip-1_0-0, typelib-1_0-GstHip-1_0 and typelib-1_0-GstHipGL-1_0 ==== gstreamer-plugins-base ==== Version update (1.26.10 -> 1.28.0) Subpackages: gstreamer-plugins-base-lang libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstAudio-1_0 typelib-1_0-GstPbutils-1_0 typelib-1_0-GstTag-1_0 typelib-1_0-GstVideo-1_0 - Update to version 1.28.0: + Please see changes in gstreamer main package. ==== gstreamer-plugins-good ==== Version update (1.26.10 -> 1.28.0) Subpackages: gstreamer-plugins-good-gtk gstreamer-plugins-good-lang - Update to version 1.28.0: + Please see changes in gstreamer main package. ==== gstreamer-plugins-rs ==== Version update (1.26.10 -> 1.28.0) - Update to version 1.28.0: + Please see changes in gstreamer main package. - Drop 0001-cargo_wrapper-deduplicate-Libs_private.patch: Rejected upstream, and no longer applies. - Add pkgconfig(gstreamer-validate-1.0) BuildRequires: New dependency. ==== gstreamer-plugins-ugly ==== Version update (1.26.10 -> 1.28.0) Subpackages: gstreamer-plugins-ugly-lang - Update to version 1.28.0: + Please see changes in gstreamer main package. ==== hplip ==== Subpackages: hplip-base hplip-common hplip-cups hplip-driver-hpcups hplip-sane libhplip0 - Fix PPD lookup by moving PPDs from manufacturer-PPDs/hplip-fax to manufacturer-PPDs/hplip/fax etc (boo#1257529) ==== hwinfo ==== Version update (25.1 -> 25.2) Subpackages: libhd25 - merge gh#openSUSE/hwinfo#176 - fix compiler warnings (bsc#1257658) - 25.2 - merge gh#openSUSE/hwinfo#174 - docs: Updates source repository URL to GitHub(#131) - merge gh#openSUSE/hwinfo#173 - fix: incorrect format specifier for sizeof in logging(#140) - merge gh#openSUSE/hwinfo#172 - fix: file descriptor not closes after WLAN scan(#166) - merge gh#openSUSE/hwinfo#171 - resolve memory leaks in net, monitor and hddb ==== irqbalance ==== Version update (1.9.5.0.git+cf76396 -> 1.9.5.3.git+48ab93a) Subpackages: irqbalance-ui - Update to version 1.9.5.3.git+48ab93a: * Change warnings about un-affine-able irqs to LOG_DEBUG * Fix irqbalance for Xen virtual event interrupts ==== kernel-source ==== Version update (6.18.8 -> 6.18.9) - mm, shmem: prevent infinite loop on truncate race (git-fixes). - commit 6d9f8a8 - Linux 6.18.9 (bsc#1012628). - readdir: require opt-in for d_type flags (bsc#1012628). - btrfs: zlib: fix the folio leak on S390 hardware acceleration (bsc#1012628). - can: at91_can: Fix memory leak in at91_can_probe() (bsc#1012628). - Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work (bsc#1012628). - Bluetooth: MGMT: Fix memory leak in set_ssp_complete (bsc#1012628). - net/mlx5: Fix memory leak in esw_acl_ingress_lgcy_setup() (bsc#1012628). - can: gs_usb: gs_usb_receive_bulk_callback(): fix error message (bsc#1012628). - net: bcmasp: fix early exit leak with fixed phy (bsc#1012628). - octeon_ep: Fix memory leak in octep_device_setup() (bsc#1012628). - bonding: annotate data-races around slave->last_rx (bsc#1012628). - sfc: fix deadlock in RSS config read (bsc#1012628). - net: mvpp2: cls: Fix memory leak in mvpp2_ethtool_cls_rule_ins() (bsc#1012628). - ipv6: use the right ifindex when replying to icmpv6 from localhost (bsc#1012628). - net: wwan: t7xx: fix potential skb->frags overflow in RX path (bsc#1012628). - net/mlx5: Fix return type mismatch in mlx5_esw_vport_vhca_id() (bsc#1012628). - rocker: fix memory leak in rocker_world_port_post_fini() (bsc#1012628). - mptcp: fix race in mptcp_pm_nl_flush_addrs_doit() (bsc#1012628). - net: spacemit: Check for netif_carrier_ok() in emac_stats_update() (bsc#1012628). - nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame() (bsc#1012628). - bonding: fix use-after-free due to enslave fail after slave array update (bsc#1012628). - ixgbe: fix memory leaks in the ixgbe_recovery_probe() path (bsc#1012628). - ixgbe: don't initialize aci lock in ixgbe_recovery_probe() (bsc#1012628). - ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues (bsc#1012628). - ice: stop counting UDP csum mismatch as rx_errors (bsc#1012628). - net/mlx5e: TC, delete flows only for existing peers (bsc#1012628). - net/mlx5e: Account for netdev stats in ndo_get_stats64 (bsc#1012628). - nfc: nci: Fix race between rfkill and nci_unregister_device() (bsc#1012628). - net: bridge: fix static key check (bsc#1012628). - net/mlx5e: don't assume psp tx skbs are ipv6 csum handling (bsc#1012628). - net: phy: micrel: fix clk warning when removing the driver (bsc#1012628). - net/mlx5: fs, Fix inverted cap check in tx flow table root disconnect (bsc#1012628). - net/mlx5: Initialize events outside devlink lock (bsc#1012628). - net/mlx5: Fix vhca_id access call trace use before alloc (bsc#1012628). - net/mlx5e: Skip ESN replay window setup for IPsec crypto offload (bsc#1012628). - wifi: mac80211: parse all TTLM entries (bsc#1012628). - wifi: mac80211: apply advertised TTLM from association response (bsc#1012628). - wifi: mac80211: correctly decode TTLM with default link map (bsc#1012628). - scsi: firewire: sbp-target: Fix overflow in sbp_make_tpg() (bsc#1012628). - ASoC: soc-acpi-intel-ptl-match: fix name_prefix of rt1320-2 (bsc#1012628). - drm/xe: Skip address copy for sync-only execs (bsc#1012628). - ASoC: Intel: sof_es8336: fix headphone GPIO logic inversion (bsc#1012628). - gpiolib: acpi: use BIT_ULL() for u64 mask in address space handler (bsc#1012628). - gpio: virtuser: fix UAF in configfs release path (bsc#1012628). - drm/amd/pm: fix race in power state check before mutex lock (bsc#1012628). - gpio: brcmstb: correct hwirq to bank map (bsc#1012628). - kbuild: rpm-pkg: Generate debuginfo package manually (bsc#1012628). - kbuild: Fix permissions of modules.builtin.modinfo (bsc#1012628). - of/reserved_mem: Simplify the logic of fdt_scan_reserved_mem_reg_nodes() (bsc#1012628). - of: reserved_mem: Allow reserved_mem framework detect "cma=" kernel param (bsc#1012628). - bcache: fix improper use of bi_end_io (bsc#1012628). - bcache: use bio cloning for detached device requests (bsc#1012628). - bcache: fix I/O accounting leak in detached_dev_do_request (bsc#1012628). - dma/pool: distinguish between missing and exhausted atomic pools (bsc#1012628). - drm/xe/configfs: Fix is_bound() pci_dev lifetime (bsc#1012628). - drm/xe/nvm: Manage nvm aux cleanup with devres (bsc#1012628). ... changelog too long, skipping 122 lines ... - commit 3cd0051 ==== less ==== Version update (685 -> 692) - update to 692: * Revert HOME key to scroll to beginning of file and END key to scroll to end of file (#658) * Configure tty to leave CR and NL unmodified (#703) * Add commands to lesskey parser (forw-bell-hilite, goto-pos and osc8-jump) * Add key sequences to lesskey parser (\kE, \kF, \kH, \kI, \kM, and \kS) * Fix bug using negative value with -z option (#709) * Fix bug handling empty terminfo capabilties (#710) * Fix memory leak in setupterm (#707) * Make lesstest ignore system locale (nl_langinfo) (#708) - includes 691: * Add --autosave option (#678) * Add ESC-f command (#680) * Add column number to long prompt and = message. * Add prompt prototype sequences %C, %W, %Q and ?Q (#685) * Map keypad keys, and use terminfo rather than termcap since keypad definitions don't exist in termcap (#650) * Change HOME key to scroll fully left and END key to scroll fully right. Add shift-HOME and ctrl-HOME to scroll left and jump to top, and add shift-END and ctrl-END to scroll right and jump to end (#658) * Add LESSNOCONFIG environment variable. * Add --without-termlib to configure (#701) * When setting line number colors (-DN), don't force bold attribute. To set bold, you must append "d" or "*" to the color string (#684) * While waiting for file data, only ^C or ^X will interrupt, not any command. This reverts to behavior that existed before less-670 (#700) * When --save-marks is not used, retain any marks saved in the history file (#662) * Defer sending the terminal init string until the first char is read from the input file (#682) * Make SIGHUP do an orderly exit like SIGTERM. * Implement modeline handling in Windows build. * Fix bugs and improve behavior of screen resize on Windows. * Fix bug when entering search modifier key at start of non- empty search string (#668) * Fix bug repainting screen with --form-feed (#672) * Fix bugs passing invalid negative values to some command line options (#675) * Fix incorrect display of Lit indicator (#670) * Fix incorrect display when returning to a mark after resizeing window (#681) * Fix bug using --pattern with --incsearch (#696) * Disallow mouse click to open OSC8 link in SECURE mode (#676) * Add SECURE_COMPILE environment variable for Windows builds. * Update Unicode tables. - don't autoreconf again - explicitly list files - remove chmod hack - remove funcs.h rebuild ==== libX11 ==== Version update (1.8.12 -> 1.8.13) Subpackages: libX11-6 libX11-data libX11-xcb1 - Update to 1.8.13; this release includes * Ignore XkbMapNotify events that don't belong to the core keyboard (!293) * xkb: Fix invalid level names count for key types without level names (!292) * xkb: Fix default key types (!292) * xkb: fix include of config.h and drop unused DEBUG check (!290) * xcb_io: fix build with configure --disable-xthreads (#232, !289) * Improve man page formatting (!286) * imDefIc: Clear fabricated state on unfocus. (!283) * Avoid memory leak in XKeysymToString (!282) - supersedes libX11-ignore-incompatible-XkbMapNotify.patch ==== libXfixes ==== - re-added tarball signature and keyring ==== libblockdev ==== Version update (3.3.1 -> 3.4.0) Subpackages: libbd_btrfs3 libbd_crypto3 libbd_fs3 libbd_loop3 libbd_lvm3 libbd_mdraid3 libbd_nvme3 libbd_part3 libbd_smart3 libbd_swap3 libbd_utils3 libblockdev3 - Update to version 3.4.0: + bd_nvme_connect() now defaults to port 4420 or 8009 for discovery NQN respectively when the transport_svcid argument is not specified. ==== libfontenc ==== Version update (1.1.8 -> 1.1.9) - update to 1.1.9 * configure: Use pkg-config to handle zlib dependency if possible * meson: Add option to build with meson * gitlab CI: drop the ci-fairy check-mr job - switch to meson ==== libfprint ==== Version update (1.94.9+tod1 -> 1.94.10+tod1) - Fix compilation error with meson < 14 + libfprint-old-meson.patch - Enclose the spurious code after case statement in curly braces instead of extracting the declarations into outer scope and fix similar problem in one more source file % label-can-only-be-part-of-a-statement.patch - update to 1.94.10+tod1 * synaptics: Add USB reset in probe to recover stall condition * synaptics: New PIDs 0x0169, 0x019F, 0x00E9, 0x01A0, 0x0109, 0x010A * goodixmoc: New PID 0x66A9 * goodixmoc: Fix crash in exit callback handler * fpcmoc: New PID 0xA306 * fpcmoc: Fix interrupt cancellable leak * elanmoc: New PIDs 0x0CA7, 0x0CA8, 0x0CB0 * egismoc: New PIDs 0x0584, 0x0588 * focaltech_moc: New PIDs 0xA27A, 0x1579 * realtek: New PID 0xFA03 * fp-device: Clarify getter for open property * libfprint: Use fatal-warnings on g-i-scanner ==== libfyaml ==== Version update (0.9.3 -> 0.9.4) - Update to 0.9.4 * Major: Full Windows Support * Major: Comment Support Now Stable * API Additions: + fy_node_set_style(): Set the style of a node (block, flow, plain, etc.) - Fixes #78 + fy_token_set_comment(): Attach comments to tokens programmatically + fy_event_to_string(): Convert events to string representation + fy_diag_get_collect_errors(): Query if error collection is enabled + fy_atom_lines_containing(): Get lines containing an atom (useful for diagnostics) * Critical Fixes: + Token creation now properly clears memory (prevents UB on invalid input) + Reference loop nesting now respected when checking link validity + Fixed crash when setting document root to NULL; input size clamping fix + Walk expression bugs with improved debug infrastructure + Early error on FYECF_EXTENDED_CFG with helper emit methods + Walk double-free on node delete + Walk error path handling for recursive alias resolution + Off-by-one error in fy_accel_grow + Parser crash on corrupted UTF-8 at end of file + Superfluous document end marker with version/tag directives + Depth limit for node copy (prevents stack overflow) * Other Fixes: + Document root now correctly marked as attached + Emit state reset at end of document (fixes multi-document streams) + Flow quoting error on ANY style + Empty file/stream handling on various platforms + Removed notice for multiple alias declarations (valid YAML) ==== libnfs ==== - fix build with glibc 2.43 boo#1257260 add libnfs-5.0.3-glibc-2_43.patch ==== libosinfo ==== Subpackages: libosinfo-1_0-0 libosinfo-lang - jsc#PED-14636 - UEFI as default for new VMs Add-osinfo_firmware_is_recommended.patch ==== libp11 ==== Version update (0.4.16 -> 0.4.17) - update to 0.4.17: * Ed25519 and Ed448 support (PKCS#11 v3.2) * Fixed OPENSSL_NO_EC builds * Reverted RSA public exponent change * Fixed crash on module initialization failures * Ignoring trailing newlines in pin-source files * Initial build fixes for the upcoming OpenSSL 4.x - package license files ==== libphonenumber ==== Version update (9.0.21 -> 9.0.23) - update to 9.0.23: * Updated alternate formatting data for country calling code(s): 595 * Updated phone metadata for region code(s): AS, BE, CD, EH, GY, IR, JM, MA, MU, PY, SA, US * Updated short number metadata for region code(s): PY * Updated carrier data for country calling code(s): 98 (en, fa), 243 (en), 357 (en), 966 (en), 1658 (en) - includes changes from 9.0.22: * Updated phone metadata for region code(s): AE, AG, AI, AS, BB, BM, BS, CA, DM, DO, GD, GU, HK, JM, KN, KR, KY, LC, MA, MP, MS, PR, SG, SX, TC, TT, UG, US, VC, VG, VI * Updated geocoding data for country calling code(s): 1305 (en) * Updated carrier data for country calling code(s): 33 (en), 34 (en), 39 (en), 41 (en), 65 (en), 81 (en), 255 (en), 256 (en), 852 (en, zh, zh_Hant), 971 (en) ==== libpng16 ==== Version update (1.6.54 -> 1.6.55) Subpackages: libpng16-16 libpng16-16-x86-64-v3 - version update to 1.6.55: * Fixed CVE-2026-25646 (high severity): Heap buffer overflow in `png_set_quantize`. (Reported and fixed by Joshua Inscoe.) * Resolved an oss-fuzz build issue involving nalloc. (Contributed by Philippe Antoine.) - fixes [bsc#1258020] ==== libselinux ==== Version update (3.9 -> 3.10) Subpackages: libselinux1 libselinux1-32bit selinux-tools - Update to version 3.10 https://github.com/SELinuxProject/selinux/releases/tag/3.10 * libselinux: fix parsing of the enforcing kernel cmdline parameter * libselinux: remove out2 labels * libselinux: refactor selinux_getenforcemode * libselinux: load_policy: log using selinux_log instead of fprintf * libselinux: refactor selinux_check_securetty_context * libselinux: Ignore files removed during relabeling * libselinux/src/Makefile: build python module without isolation - keyring: Add key of Jason Zaman * added 63191CE94183098689CAB8DB7EF137EC935B0EAF [expires: 2026-02-08] ==== libselinux-bindings ==== Version update (3.9 -> 3.10) - Update to version 3.10 https://github.com/SELinuxProject/selinux/releases/tag/3.10 * libselinux: fix parsing of the enforcing kernel cmdline parameter * libselinux: remove out2 labels * libselinux: refactor selinux_getenforcemode * libselinux: load_policy: log using selinux_log instead of fprintf * libselinux: refactor selinux_check_securetty_context * libselinux: Ignore files removed during relabeling * libselinux/src/Makefile: build python module without isolation - keyring: Add key of Jason Zaman * added 63191CE94183098689CAB8DB7EF137EC935B0EAF [expires: 2026-02-08] ==== libsemanage ==== Version update (3.9 -> 3.10) Subpackages: libsemanage-conf libsemanage2 - Update to version 3.10 https://github.com/SELinuxProject/selinux/releases/tag/3.10 * libsemanage: get_home_dirs: cleanup parsing of values from conf files * libsemanage: semanage_store: recursively create SEMANAGE_ROOT - keyring: Add key of Jason Zaman * added 63191CE94183098689CAB8DB7EF137EC935B0EAF [expires: 2026-02-08] ==== libsepol ==== Version update (3.9 -> 3.10) - Update to version 3.10 https://github.com/SELinuxProject/selinux/releases/tag/3.10 * libsepol: fix TARGET and LIBSO on Darwin * libsepol: add bpf_token_perms polcap * libsepol: Fix erroneous genfscon asterisks * libsepol: Fix sid handling when writing out policy from binary * libsepol: Fix an error in the policyd validation of user datums * libsepol: Fix processing of levels for user rule in an optional block * libsepol: Fix problem with handling type attributes in role-types rule * libsepol: Expand role attributes when expanding instead of when linking * libsepol: Fix expand_role_attributes_in_attributes() * libsepol: Allow type attributes to be associated with other type attributes * libsepol: Tighten checks on MLS range and level when validating * libsepol: Check for an unset sensitivity in module_to_cil * libsepol: Handled required users in module_to_cil * libsepol: Fix potential NULL dereference in policydb_read() * libsepol: Fix potential use of an uninitialized value in link.c * libsepol: Fix possible use-after-free when expanding attributes * libsepol: Support functionfs_seclabel policycap * libsepol: add memfd_class capability - keyring: Add key of Jason Zaman * added 63191CE94183098689CAB8DB7EF137EC935B0EAF [expires: 2026-02-08] ==== libsoup2 ==== Subpackages: libsoup-2_4-1 libsoup2-lang - Add libsoup2-CVE-2025-4476.patch: fix crash in soup_auth_digest_get_protection_space (bsc#1243422 CVE-2025-4476 glgo#GNOME/libsoup#440). - Add libsoup2-CVE-2026-0716.patch: Fix out-of-bounds read for websocket (bsc#1256418, CVE-2026-0716, glgo#GNOME/libsoup!494). - Add libsoup2-CVE-2026-1761.patch: multipart: check length of bytes read soup_filter_input_stream_read_until() (bsc#1257598, CVE-2026-1761, glgo#GNOME/libsoup!496). - Refresh ef6c4bf6.patch, 04df03bc.patch, 29b96fab.patch, 48b3b611.patch, 4d12c3e5.patch, 96c22b67.patch and ced3c5d8.patch from upstream git. ==== liburing ==== Version update (2.13 -> 2.14) - update to 2.14: * updates to man pages, the entire liburing API is now documented * updates to tests * various bug fixes ==== libwacom ==== Version update (2.17.0 -> 2.18.0) Subpackages: libwacom-data libwacom9 - Update to version 2.18.0 * New devices: - Added Lenovo ThinkVision M14t Gen2 - XP Pen Deco02 - Huion Kamvas Pro 19 (4K) (GT1902) * Device fixes: - drop the firmware match for the Huion Kamvas 13 GS1333 - fix the Huion Inspiroy Q620M layout - add bluetooth match for the XP-Pen Deco MW - Update huion-hs611.tablet - Update huion-inspiroy-q620m.tablet * Device other: - libwacom_stylus_is_generic() to detect generic styli ==== libxml2 ==== Subpackages: libxml2-16 libxml2-tools - security update - added patches CVE-2026-1757 [bsc#1257593], memory leak in the `xmllint` interactive shell * libxml2-CVE-2026-1757.patch - security update - added patches CVE-2025-10911 [bsc#1250553], use-after-free with key data stored cross-RVT * libxml2-CVE-2025-10911.patch ==== m4 ==== Version update (1.4.20 -> 1.4.21) - update to 1.4.21: * Fix the `eval' builtin compatibility with C * Fix the `define' and `pushdef' builtins portability * Fix build with glibc 2.43 - drop obsolete texinfo spec macros - restrict upstream signing key, using the GNU group is discouraged ==== mcelog ==== Version update (207 -> 210) - Remove not mainlined email notification feature for sle_version above 1600 This removes these dependencies: BuildRequires: libesmtp-devel Requires(pre): %fillup_prereq - Adopt for logrotate for /usr/etc changes - Set file attributes for /run/mcelog ghost file - Update to version 210 (jsc#PED-14429, jsc#PED-14285): * mcelog: Add new model numbers for Nova Lake * mcelog: Improve cache-error-trigger script * mcelog: New model number for Wildcat Lake ==== mutter ==== Version update (49.3 -> 49.4) Subpackages: mutter-lang - Update to version 49.4: + Fix applying initial display scaling on xorg + Disable tone mapping with HDR + Allow creating uninhibitable idle watches + Fix screen sharing of monitors with no framerate + Fixed crashes + Misc. bug fixes and cleanups + Updated translations. ==== nvidia-open-driver-G07-signed ==== Version update (590.48.01_k6.18.7_1 -> 590.48.01_k6.18.9_1) - kernel-6.19.patch: fixes build against kernel 6.19 ==== nvidia-open-driver-G07-signed-cuda ==== Version update (590.48.01_k6.18.7_1 -> 590.48.01_k6.18.9_1) - kernel-6.19.patch: fixes build against kernel 6.19 ==== openSUSE-release ==== Version update (20260207 -> 20260212) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== p11-kit ==== Version update (0.26.1 -> 0.26.2) Subpackages: libp11-kit0 libp11-kit0-32bit p11-kit-server p11-kit-tools - Update to 0.26.2 rpc: CVE-2026-2100: NULL dereference via C_DeriveKey with specific NULL parameters (bsc#1257820) ==== perl-Authen-SASL ==== Version update (2.190.0 -> 2.200.0) - updated to 2.200.0 (2.2000) see /usr/share/doc/packages/perl-Authen-SASL/Changes 2.2000 2026-01-28 [Added] - Documentation for the security layer [Fixed] - Several public functions missing from the API documentation ==== perl-DB_File ==== Version update (1.859.0 -> 1.860) - updated to 1.860 see /usr/share/doc/packages/perl-DB_File/Changes 1.860 1 February 2026 * Add automation to the workflows to detect and use all the available versions of perl available. Sun Feb 1 16:12:39 2026 +0000 b7ccaa172ae2d844b7bae7a9829bcaee463ad186 * Update to version 1.860 Sun Feb 1 16:05:15 2026 +0000 9f759912ce94924c64c933f9586fc6fb50eb4b35 * Update copyright date to 2026 Thu Jan 1 15:33:59 2026 +0000 8fac218ef6f153294ab3bdba2742210950c751a7 * Bump actions/cache from 4 to 5 Thu Jan 1 15:30:37 2026 +0000 8ee97cff1e0d237682558b8be3e2fbfeb385ac1f * Bump actions/checkout from 5 to 6 Mon Dec 1 14:20:34 2025 +0000 ebdcc8e2a307ab5ad1b0487c93fa41e7fa643ee0 * Add dependabot.yml to police workflow files Thu Sep 4 17:33:28 2025 +0100 ba0fc74444a846a76eb670daf1b87cfa0ac2f215 * Fix links to dbopen manpage (#17) Thu Apr 10 11:53:24 2025 +0100 06ea397e5d654ebeb9d22a6993c8aaebf710ce9b ==== plocate ==== Version update (1.1.23 -> 1.1.24) Subpackages: plocate-apparmor - spec file: add %attr statement to %ghost declaration to placate rpmlint - remove patch disable-visibility.patch and provide the same functionality by invoking updatedb with "--require-visibility 0" and subsequent invocation of "chmod 644" to gain flexibility for different usage patterns Additionally, database is now owned by root, as nobody should not own any files. - update to version 1.1.24: * Improve error handling on synchronous reads * Remove ConditionACPower=true from the systemd unit file * Add a new option --config-file for changing the path of updatedb.conf ==== policycoreutils ==== Version update (3.9 -> 3.10) Subpackages: policycoreutils-lang policycoreutils-python-utils python313-policycoreutils - Update to version 3.10 https://github.com/SELinuxProject/selinux/releases/tag/3.10 * setfiles: Add -A option to disable SELINUX_RESTORECON_ADD_ASSOC * semanage: Reset active value when deleting boolean customizations * python/sepolicy: Add support for DNF5 * Man page improvments - keyring: Add key of Jason Zaman * added 63191CE94183098689CAB8DB7EF137EC935B0EAF [expires: 2026-02-08] - Move /var/lib/sepolgen/perm_map to /usr/share/sepolgen and create a symlink instead (boo#1233024) ==== postfix ==== - (bsc#1257523) [QE][Build 20260129] postfix: missing tmpfiles configuration for /var/spool/postfix/trace - (bsc#1257199) [SELinux] postalias denied - fatal: open database /etc/aliases.lmdb: Permission denied Add proposed ExecStartPre. - (jsc#PED-14859) Fix packages for Immutable Mode - postfix Pack /var/spool/postfix/* /var/lib/postfix using tmpfiles.d ==== python-argcomplete ==== Version update (3.6.2 -> 3.6.3) - Update to 3.6.3: * Make RE PCRE compatible. Fixes #539 * Only execute Python interpreters (#536) * fish: set variable scope to local to avoid clobbering global or universal variables (#534) * Documentation and help improvements - Add %pythons_for_pypi macro ==== python-argparse-manpage ==== - Do not test examples, they are difficult to install in isolated environments. ==== python-packaging ==== - Add pythons_for_pypi macro. This macro will help to build the python minimal stack for different python versions. ==== python-semanage ==== Version update (3.9 -> 3.10) - Update to version 3.10 https://github.com/SELinuxProject/selinux/releases/tag/3.10 * libsemanage: get_home_dirs: cleanup parsing of values from conf files * libsemanage: semanage_store: recursively create SEMANAGE_ROOT - keyring: Add key of Jason Zaman * added 63191CE94183098689CAB8DB7EF137EC935B0EAF [expires: 2026-02-08] ==== sdbootutil ==== Version update (1+git20260206.54f4a16 -> 1+git20260210.81c4815) Subpackages: sdbootutil-dracut-measure-pcr sdbootutil-snapper - Update to version 1+git20260210.81c4815: * Recover old predictions if service fails - Update to version 1+git20260210.1bc4b9e (bsc#1257612): * Limit kernel measures because combinatorial explosion ==== sdl12_compat ==== - Update license tag to Zlib AND (Unlicense OR MIT-0) AND MIT: * Main project is licensed as Zlib * include/SDL/SDL_opengl.h is licensed as Zlib and MIT * src/dr_mp3.h is Unlicense OR MIT-0 ==== sqlite3 ==== Version update (3.51.1 -> 3.51.2) Subpackages: libsqlite3-0 libsqlite3-0-x86-64-v3 sqlite3-tcl - Update to version 3.51.2: * Fix an obscure deadlock in the new broken-posix-lock detection logic. * Fix multiple problems in the EXISTS-to-JOIN optimization. * Other minor bug fixes. ==== systemd-presets-branding-Aeon ==== - Re-number role/sub-distro preset to 87 (SUSE default is 95, openSUSE sub is 90, display managers will be 85 - systemd counts down regardless of directory) ==== thunar ==== Subpackages: libthunarx-3-0 thunar-lang - Fix Patch numbering. - Update 0001-Detect-CDROM-media-changes-using-ID_FD_UUID-udev-pro.patch to match the version merged by upstream. - Add 0002-Fix-media_fs_uuids-not-being-initialized-with-existi.patch to fix media_fs_uuids hash table not being initialized with existing media at startup. ==== tree ==== Version update (2.2.1 -> 2.3.1) - update to 2.3.1 * Completely #include guard selinux context output for non-Linux as well as the stddata_fd variable declared outside of an include guard. - update to 2.3.0 * Add ACL detection (--acl) and selinux (--selinux) options for Linux only. This should lead to adding support for other xattr attributes in the future, though I will likely re-work the mechanism to be more generic. Support for extended attributes could be added for other operating systems if patches for them are provided. * Adds --condense option to condense directory "singletons" (i.e. directories that contain exactly a single directory) into a single line of output. This should be useful for project directories displayed with -d and such. Note that the meta-data displayed will only be valid for the first directory component of the path that is displayed. (PowerPlop@github / others) * Adds --compress=# option to compress the indentation lines. Positive values between 1-3, 1 being normal, and 3 being lines fully compressed. Negative values from -1 to -3 being the same as positive values, except the space after each indentation level is not printed. Values < -3 or > 3 switch to noindent mode. This also modifies the JSON and XML indentation output instead of being a fixed 2 space indent. There is a possibility that I could modify this function to go in the other direction and allow for even larger indents, so the meaning of # may change. * The above work also resulted in fixing the line drawing for a number of Asian character sets. Also ANSI-lines (-A) now is essentially - -charset=ANSI and uses it's linedraw. * Reworked --gitignore code to properly search up the directory tree for a git root, searching for additional .gitignore files and the git root's .git/info/exclude file. * Fixed --matchdirs to not exclude sub-directories of matched directories. (FloppyDisco@github). I reworked the -P and -I code considerably while working on this and now -I will match directories (even w/o --matchdirs.) This behavior changes established behavior quite a bit and may have to be modified again. * Handle '.' in --fromfile input properly. This should have been in there from day one TBH. It will likely change the expected output, but it should now be correct in my opinion. * Modify gittrim to trim carriage returns for Window borkness. * Fix segmentation fault when attempting to tree a non-existent file with hyperlinks enabled. (Nicolai Dagestad) * Fix broken hyperlink paths where an optional hanging / is present on the directory name given to tree. (Nicolai Dagestad) * Fix possible NULL de-reference in xml.c, exit fillinfo() early if a NULL pointer is past to it. (Ubuntu? - not sure) * Move all flags into a central struct to cut down on namespace pollution, work should continue on this. Remove unused gnu_getcwd() function, moved and added some functionality into a new util.c file and some additional misc code cleanup. ==== tuned ==== Version update (2.26.0.0+git.181472a -> v2.26.1+git.d6ff925) - Update to mainline version v2.27.0-rc.1, but rewrite it to v2.26.1+git.d6ff925 to stay rpm conform (no -rc tag allowed in version) - Correctly mark /var/log and /run log and pid files as ghost with correct attributes (jsc#PED-14850) - Update to version 2.26.0.20+git.cd5e0c0: * ppd: ask tuned recommend for base profile * sap-hana: force latency to 70 us, not to C-states * feat(sysctl): add reapply_sysctl_exclude option * spec: use correct python interpreter for documentation installation * man: fixed instance_acquire_devices example in tuned-adm man * profiles: Set boost=1 in *-performance profiles * feat(openshift): Optimize TCP settings for high throughput and low latency * cpu-partitioning: autodetect dracut hook directory, systemd workaround * Fix doc build * typo: additionaly → additionally ==== upower ==== Subpackages: libupower-glib3 typelib-1_0-UpowerGlib-1_0 upower-lang - Mark /var/lib/upower as ghost (jsc#PED-14851) This is created at runtime via systemd upower.service nowadays - Add NEWS and HACKING.md to %docs - Fix rpmlint warning by correcting changelog: [ 47s] upower.spec:252: W: non-break-space line 252, char 70 ==== virtualbox ==== Version update (7.2.4 -> 7.2.6) - Update to release 7.2.6 * VMM: Fixed issue when VM process was crashing during RHEL5 guest boot * VMM: Fixed issue when VMX nested-guest VM-entry was checking the wrong VM-execution control bit in the virtual VMCS * VMM: Fixed issue when guest process was crashing inside Windows guest on AMD system * The VRDP server, the USB smartcard emulation, the disk/VM encryption features are now in the open source base package - Drop curl-8.16.patch (merged) ==== virtualbox-kmp ==== Version update (7.2.4_k6.18.7_1 -> 7.2.6_k6.18.9_1) - Update to release 7.2.6 * VMM: Fixed issue when VM process was crashing during RHEL5 guest boot * VMM: Fixed issue when VMX nested-guest VM-entry was checking the wrong VM-execution control bit in the virtual VMCS * VMM: Fixed issue when guest process was crashing inside Windows guest on AMD system * The VRDP server, the USB smartcard emulation, the disk/VM encryption features are now in the open source base package - Drop curl-8.16.patch (merged) ==== vlc ==== Subpackages: libvlc5 libvlccore9 vlc-codec-gstreamer vlc-lang vlc-noX vlc-qt - Replace the content of vlc-gstreamer-1.28-build-fix.patch with the upstream proposed variant from https://code.videolan.org/videolan/vlc/-/merge_requests/8479 - Fix build with gstreamer 1.28: vlc-gstreamer-1.28-build-fix.patch - Disable faad support on Leap 15.x, unless in BUILD_ORIG case (3rd party repos): faad2 does not exist in Leap 15.x. ==== xorg-x11-fonts ==== Subpackages: xorg-x11-fonts-core xorg-x11-fonts-legacy - font-alias 1.0.6 * Add a meson build system * gitlab CI: drop the ci-fairy check-mr job ==== yast2-bootloader ==== Version update (5.0.32 -> 5.0.33) - update BLS: Calling "sdbootutil update-all-entries" in order to set kernel params in an installed system (bsc#1257819). - 5.0.33 ==== yast2-security ==== Version update (5.0.3 -> 5.0.4) - write proper /etc/selinux/config according to expected format (bsc#1257752) - 5.0.4 ==== yast2-trans ==== Version update (84.87.20260125.b09c7f793f -> 84.87.20260208.9d67813d4c) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20260208.9d67813d4c: * Translated using Weblate (Danish)