Packages changed: ImageMagick NetworkManager-dns-dnsmasq dav1d (1.5.0 -> 1.5.1) dracut (059+suse.672.gcd143fd0 -> 059+suse.679.g7559201e) kirigami-addons6 (1.6.0 -> 1.7.0) libimobiledevice-glue (1.1.0+git0.20240222 -> 1.3.1+git11.20241227) libstorage-ng (4.5.223 -> 4.5.225) libxml2 (2.12.9 -> 2.13.5) libxml2-python (2.12.9 -> 2.13.5) libzypp (17.35.16 -> 17.35.18) ncurses (6.5.20250111 -> 6.5.20250118) openSUSE-release (20250120 -> 20250121) perl-XML-LibXML permissions (1699_20241029 -> 1699_20250120) python-zope.interface (7.1.1 -> 7.2) qt6-declarative selinux-policy (20250109 -> 20250121) shadow spamassassin update-bootloader (1.21 -> 1.23) yast2-trans (84.87.20250103.9ee56288d5 -> 84.87.20250117.b10e829e7f) zypper (1.14.79 -> 1.14.80) === Details === ==== ImageMagick ==== Subpackages: ImageMagick-config-7-SUSE libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10 - fix [bsc#1235113]: https://github.com/ImageMagick/Usage/issues/8 https://github.com/ImageMagick/Usage/issues/9 - added patches fix https://github.com/ImageMagick/ImageMagick/commit/be3b73da674520ad3eab52ade2a3cda62af66d15 + ImageMagick-0-1-are-special-cases-for-pow.patch fix https://github.com/ImageMagick/ImageMagick/commit/1afa38ae2fa87cf4eb48040e47d410aa729ce21e + ImageMagick-check-for-pow-zero.patch fix https://github.com/ImageMagick/ImageMagick/commit/056ccdbeac41c9b24b625e0139cd25a4cdffb22a + ImageMagick-gamma-should-call-GammaImage.patch ==== NetworkManager-dns-dnsmasq ==== - Require dnsmasq and sysconfig: the script explicitly targets integration between NetworkManager and dnsmasq, so it makes sense to require both components. Additionally, sysconfig is used to detect if the configuration is done properly for this (boo#1236047). ==== dav1d ==== Version update (1.5.0 -> 1.5.1) - Update to version 1.5.1 * Rewrite of the looprestoration (SGR, wiener) to reduce stack usage * Rewrite of {put,prep}_scaled functions * Improvements on the SSSE3 SGR * Improvements on ARM32/ARM64 looprestoration optimizations * RISC-V: blend optimizations for high bitdepth * Power9: blend optimizations for 8bpc * Port RISC-V to POSIX/non-Linux OS * AArch64: Add Neon implementation of load_tmvs * Fix a rare, but possible deadlock, in flush() ==== dracut ==== Version update (059+suse.672.gcd143fd0 -> 059+suse.679.g7559201e) - Update to version 059+suse.679.g7559201e: Fixes for booting from iSCSI offload with bnx2i (bsc#1228086, bsc#1234134): * fix(iscsi): attempt iSCSI login before all interfaces are up * fix(iscsi): don't require network setup for bnx2i Other: * feat(livenet): get live image size from TFTP servers ==== kirigami-addons6 ==== Version update (1.6.0 -> 1.7.0) Subpackages: kirigami-addons6-lang libKirigamiAddonsStatefulApp6 - Update to 1.7.0 https://carlschwan.eu/2025/01/16/kirigami-addons-1.7.0/ * New component: ConvergentContextMenu * Kirigami Addons’ shortcut editor can now be embedded in normal ConfigurationView via a new ConfigurationModule: ShortcutsConfigurationModule * The FormCardPage now uses a slighly less grey to get more contrasts with the sidebar ==== libimobiledevice-glue ==== Version update (1.1.0+git0.20240222 -> 1.3.1+git11.20241227) - Update to version 1.3.1+git11.20241227: * Add extern "C" guards to public headers * [github-actions] Bump dawidd6/action-download-artifact from 3 to 6 * configure: Remove unused check * [github-actions] Run build workflow on pull_request * Fix unrecognized \e escape sequence * Fix compilation on MSVC * Switch to better initializer strategy * Change WIN32 to _WIN32 to check if running on Windows * socket.c: define AI_NUMERICSERV if undefined * socket/win32: Use calloc where applicable in getifaddrs implementation * sha1: Remove old commented-out code * Updated NEWS for release * Updated README * Update soversion for release * socket: Remove greater-than check for scope_id since they might not be in order * Update soversion for release * Updated NEWS for release * Add SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512 functions to interface * socket: Create an IPv4 compatible IPv6 socket when NULL is passed to socket_create * Revert "Use updated libplist 2.5.0 API" * socket: Haiku compilation fixes * Use updated libplist 2.5.0 API * automake: Prevent `dist` or `distcheck` when uncommitted changes are present * Update NEWS for release * Update soversion for release * Add helper code to deal with NSKeyedArchiver plist data * [github-actions] Updated build workflow to use v3 for download-artifact * [github-actions] Updated build workflow to use v4 for checkout and upload-artifact * socket: Make sure errno is always set on error, and always return a meaningful error code ==== libstorage-ng ==== Version update (4.5.223 -> 4.5.225) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#1007 - avoid deprecated functions in testsuite - 4.5.225 - merge gh#openSUSE/libstorage-ng#1006 - added include statements (for gcc15) - 4.5.224 ==== libxml2 ==== Version update (2.12.9 -> 2.13.5) Subpackages: libxml2-2 libxml2-tools - Update to 2.13.5: * Regressions: - xmlIO: Fix reading from non-regular files like pipes - xmlreader: Fix return value of xmlTextReaderReadString - parser: Fix loading of parameter entities in external DTDs - parser: Fix downstream code that swaps DTDs - parser: Fix detection of duplicate attributes - string: Fix va_copy fallback * Bug fixes: - xpath: Fix parsing of non-ASCII names - Update to 2.13.4: * Regressions: - parser: Make unsupported encodings an error in declarations - io: don't set the executable bit when creating files - xmlcatalog: Improved fix for #699 - Revert "catalog: Fetch XML catalog before dumping" - io: Add missing calls to xmlInitParser - tree: Restore return value of xmlNodeListGetString with NULL list - parser: Fix error handling after reaching limit - parser: Make xmlParseChunk return an error if parser was stopped * Bug fixes: - python: Fix SAX driver with character streams * Improvements: - xpath: Make recursion check work with xmlXPathCompile - parser: Report at least one fatal error - Update to 2.13.3: * Security: - [bsc#1234812, CVE-2024-40896] Fix XXE protection in downstream code * Regressions: - autotools: Use AC_CHECK_DECL to check for getentropy - xinclude: Fix fallback for text includes - io: Don't call getcwd in xmlParserGetDirectory - io: Fix return value of xmlFileRead - parser: Fix error return of xmlParseBalancedChunkMemory * Improvements: - xinclude: Set error handler when parsing text - Undeprecate xmlKeepBlanksDefault - Update to 2.13.2: * Regressions: - tree: Fix handling of empty strings in xmlNodeParseContent - valid: Restore ID lookup - parser: Reenable ctxt->directory - uri: Handle filesystem paths in xmlBuildRelativeURISafe - encoding: Make xmlFindCharEncodingHandler return UTF-8 handler - encoding: Fix encoding lookup with xmlOpenCharEncodingHandler - include: Define ATTRIBUTE_UNUSED for clang - uri: Fix xmlBuildURI with NULL base * Regressions: - parser: Selectively reenable reading from "-" - reader: Fix xmlTextReaderReadString - xinclude: Set XPath context doc - xinclude: Load included documents with XML_PARSE_DTDLOAD - include: Don't redefine ATTRIBUTE_UNUSED - include: Readd circular dependency between tree.h and parser.h - xinclude: Add missing include - xinclude: Don't raise error on empty nodeset - parser: Make failure to load main document a warning - tree: Fix freeing entities via xmlFreeNode - parser: Pass global object to sax->setDocumentLocator * Improvements: - io: Fix resetting xmlParserInputBufferCreateFilename hook * Documentation: - Fix typo in NEWS (--with-html -> --with-http) - doc: Don't mention xmlNewInputURL - Update to 2.13.0: * Major changes: - Most of the core code should now report malloc failures reliably. Some API functions were extended with versions that report malloc failures. - New API functions for error handling were added: + xmlCtxtSetErrorHandler + xmlXPathSetErrorHandler + xmlXIncludeSetErrorHandler - This makes it possible to register per-context error handlers without resorting to global handlers. - A few error messages were improved and consolidated. Please update downstream test suites accordingly. - A new parser option XML_PARSE_NO_XXE can be used to disable loading of external entities or DTDs. This is most useful in connection with XML_PARSE_NOENT. - Support for HTTP POST was removed. - Support for zlib, liblzma and HTTP is now disabled by default and has to be enabled by passing --with-zlib, --with-lzma or --with-http to configure. In legacy mode (--with-legacy) these options are enabled by default as before. - Support for FTP will be removed in the next release. - Support for the range and point extensions of the xpointer() scheme will be removed in the next release. The rest of the XPointer implementation won't be affected. The xpointer() scheme will behave like the xpath1() scheme. - Several more legacy symbols were deprecated. Users of the old "SAX1" API functions are encouraged to upgrade to the new "SAX2" API, available since version 2.6.0 from 2003. * Some deprecated global variables were made const: - htmlDefaultSAXHandler - oldXMLWDcompatibility - xmlDefaultSAXHandler - xmlDefaultSAXLocator - xmlParserDebugEntities * Deprecations and removals: ... changelog too long, skipping 165 lines ... * Rebase libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch ==== libxml2-python ==== Version update (2.12.9 -> 2.13.5) - Update to 2.13.5: * Regressions: - xmlIO: Fix reading from non-regular files like pipes - xmlreader: Fix return value of xmlTextReaderReadString - parser: Fix loading of parameter entities in external DTDs - parser: Fix downstream code that swaps DTDs - parser: Fix detection of duplicate attributes - string: Fix va_copy fallback * Bug fixes: - xpath: Fix parsing of non-ASCII names - Update to 2.13.4: * Regressions: - parser: Make unsupported encodings an error in declarations - io: don't set the executable bit when creating files - xmlcatalog: Improved fix for #699 - Revert "catalog: Fetch XML catalog before dumping" - io: Add missing calls to xmlInitParser - tree: Restore return value of xmlNodeListGetString with NULL list - parser: Fix error handling after reaching limit - parser: Make xmlParseChunk return an error if parser was stopped * Bug fixes: - python: Fix SAX driver with character streams * Improvements: - xpath: Make recursion check work with xmlXPathCompile - parser: Report at least one fatal error - Update to 2.13.3: * Security: - [bsc#1234812, CVE-2024-40896] Fix XXE protection in downstream code * Regressions: - autotools: Use AC_CHECK_DECL to check for getentropy - xinclude: Fix fallback for text includes - io: Don't call getcwd in xmlParserGetDirectory - io: Fix return value of xmlFileRead - parser: Fix error return of xmlParseBalancedChunkMemory * Improvements: - xinclude: Set error handler when parsing text - Undeprecate xmlKeepBlanksDefault - Update to 2.13.2: * Regressions: - tree: Fix handling of empty strings in xmlNodeParseContent - valid: Restore ID lookup - parser: Reenable ctxt->directory - uri: Handle filesystem paths in xmlBuildRelativeURISafe - encoding: Make xmlFindCharEncodingHandler return UTF-8 handler - encoding: Fix encoding lookup with xmlOpenCharEncodingHandler - include: Define ATTRIBUTE_UNUSED for clang - uri: Fix xmlBuildURI with NULL base * Regressions: - parser: Selectively reenable reading from "-" - reader: Fix xmlTextReaderReadString - xinclude: Set XPath context doc - xinclude: Load included documents with XML_PARSE_DTDLOAD - include: Don't redefine ATTRIBUTE_UNUSED - include: Readd circular dependency between tree.h and parser.h - xinclude: Add missing include - xinclude: Don't raise error on empty nodeset - parser: Make failure to load main document a warning - tree: Fix freeing entities via xmlFreeNode - parser: Pass global object to sax->setDocumentLocator * Improvements: - io: Fix resetting xmlParserInputBufferCreateFilename hook * Documentation: - Fix typo in NEWS (--with-html -> --with-http) - doc: Don't mention xmlNewInputURL - Update to 2.13.0: * Major changes: - Most of the core code should now report malloc failures reliably. Some API functions were extended with versions that report malloc failures. - New API functions for error handling were added: + xmlCtxtSetErrorHandler + xmlXPathSetErrorHandler + xmlXIncludeSetErrorHandler - This makes it possible to register per-context error handlers without resorting to global handlers. - A few error messages were improved and consolidated. Please update downstream test suites accordingly. - A new parser option XML_PARSE_NO_XXE can be used to disable loading of external entities or DTDs. This is most useful in connection with XML_PARSE_NOENT. - Support for HTTP POST was removed. - Support for zlib, liblzma and HTTP is now disabled by default and has to be enabled by passing --with-zlib, --with-lzma or --with-http to configure. In legacy mode (--with-legacy) these options are enabled by default as before. - Support for FTP will be removed in the next release. - Support for the range and point extensions of the xpointer() scheme will be removed in the next release. The rest of the XPointer implementation won't be affected. The xpointer() scheme will behave like the xpath1() scheme. - Several more legacy symbols were deprecated. Users of the old "SAX1" API functions are encouraged to upgrade to the new "SAX2" API, available since version 2.6.0 from 2003. * Some deprecated global variables were made const: - htmlDefaultSAXHandler - oldXMLWDcompatibility - xmlDefaultSAXHandler - xmlDefaultSAXLocator - xmlParserDebugEntities * Deprecations and removals: ... changelog too long, skipping 165 lines ... * Rebase libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch ==== libzypp ==== Version update (17.35.16 -> 17.35.18) - Fix missing UID checks in repomanager workflow (fixes #603) - version 17.35.18 (35) - Move cmake config files to LIB_INSTALL_DIR/cmake/Zypp (fixes #28) - Fix 'zypper ps' when running in incus container (bsc#1229106) Should apply to lxc and lxd containers as well. - Re-enable 'rpm --runposttrans' usage for chrooted systems (bsc#1216091) - version 17.35.17 (35) ==== ncurses ==== Version update (6.5.20250111 -> 6.5.20250118) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20250118 + improve pattern used for configure --with-xterm-kbs option (report by Mingyu Wang) + update configure macros, from work on cdk and dialog. + change a parameter name in curs_sp_funcs.3x, for consistency (patch by "WHR"). > patches by Branden Robinson: + improve formatting/style of manpages + change winwstr() to a generated function, using the macro definition, moving its handling of negative length parameter into winnwstr(). + correct actual-function name in a few trace calls. ==== openSUSE-release ==== Version update (20250120 -> 20250121) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== perl-XML-LibXML ==== - Fix the testsuite with libxml2 version 2.13.0 and up: * github.com/shlomif/perl-XML-LibXML/pull/87 * Add perl-XML-LibXML-fix-testsuite-with-libxml2-2.13.patch ==== permissions ==== Version update (1699_20241029 -> 1699_20250120) Subpackages: permctl permissions-config - Update to version 1699_20250120: * profiles: whitelist nvidia-modprobe (bsc#1230950) ==== python-zope.interface ==== Version update (7.1.1 -> 7.2) - Update to 7.2 * Add preliminary support for Python 3.14a2, this means that ``.common.builtins.IByteString`` and ``.common.collections.IByteString`` are no longer available from this Python version onwards as Python 3.14 dropped ``collections.abc.ByteString``. ==== qt6-declarative ==== Subpackages: libQt6LabsAnimation6 libQt6LabsFolderListModel6 libQt6LabsPlatform6 libQt6LabsQmlModels6 libQt6LabsSettings6 libQt6LabsSharedImage6 libQt6LabsWavefrontMesh6 libQt6Qml6 libQt6QmlCore6 libQt6QmlLocalStorage6 libQt6QmlMeta6 libQt6QmlModels6 libQt6QmlNetwork6 libQt6QmlWorkerScript6 libQt6QmlXmlListModel6 libQt6Quick6 libQt6QuickControls2-6 libQt6QuickControls2Impl6 libQt6QuickDialogs2-6 libQt6QuickDialogs2QuickImpl6 libQt6QuickDialogs2Utils6 libQt6QuickEffects6 libQt6QuickLayouts6 libQt6QuickParticles6 libQt6QuickShapes6 libQt6QuickTemplates2-6 libQt6QuickTest6 libQt6QuickVectorImage6 libQt6QuickWidgets6 qt6-declarative-imports - Add patch to fix qmlsc detection: * 0001-CMake-Fix-find_package-call-in-Qt6QmlFindQmlscIntern.patch ==== selinux-policy ==== Version update (20250109 -> 20250121) Subpackages: selinux-policy-targeted - Update to version 20250121: * wtmpdbd systemd service uses NoNewPrivileges (bsc#1235660) * Transition samba-dcerpcd pid file from smbd_var_run_t to winbind_var_run_t (bsc#1235801) * /run/samba/samba-dcerpcd.pid needs fc type winbind_rpcd_var_run_t (bsc#1235801) * Adjust rpcd_lsad, samba-bgqd, samba-dcerpcd to SUSE-specific part (bsc#1235801) * Transition nmbd pid file from smbd_var_run_t to nmbd_var_run_t (bsc#1235801) - Update to version 20250120: * Allow database rotation for wtmpdbd_t * Allow wtmpdbd to send messages notifications * Introduce policy for wtmpdbd (bsc#1235660) * Label xrdp scripts in /etc as bin_t (bsc#1233738) * introduce unconfined_service_transition_to_unconfined_user boolean (bsc#1233738) * Allow init to manage DOS files (bsc#1232527) ==== shadow ==== Subpackages: libsubid5 login_defs - bsc#1235453: Set SYS_{UID,GID}_MIN to 201: After repeated similar requests to change the ID ranges we set the above mentioned value to 201. The max value will stay at 499. This range should be sufficient and will give us leeway for the future. It's not straightforward to find out which static UIDs/GIDs are used in all packages. Update shadow-login_defs-suse.patch ==== spamassassin ==== Subpackages: perl-Mail-SpamAssassin spamassassin-spamc - drop iXHash plugin (last provider stopped operation) * remove iXhash2-4.00.tar.gz * remove iXhash2-meta-rules.patch ==== update-bootloader ==== Version update (1.21 -> 1.23) - merge gh#openSUSE/perl-bootloader#189 - make update-bootloader an alias for pbl and re-add still in-use legacy options (bsc#1235320) - update tests - 1.23 - merge gh#openSUSE/perl-bootloader#188 - really enforce bash everywhere now (bsc#1231018) - 1.22 ==== yast2-trans ==== Version update (84.87.20250103.9ee56288d5 -> 84.87.20250117.b10e829e7f) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20250117.b10e829e7f: * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (German) * Translated using Weblate (Dutch) * Translated using Weblate (French) * Translated using Weblate (Japanese) * Translated using Weblate (Slovenian) * Translated using Weblate (Slovenian) * Translated using Weblate (Slovenian) * Translated using Weblate (Slovenian) * Translated using Weblate (Slovak) * Translated using Weblate (Catalan) * New POT for text domain 'bootloader'. ==== zypper ==== Version update (1.14.79 -> 1.14.80) Subpackages: zypper-log zypper-needs-restarting - Try to refresh update repos first to have updated GPG keys on the fly (bsc#1234752) An update repo may contain a prolonged GPG key for the GA repo. Refreshing the update repo first updates a trusted key on the fly and avoids a 'key has expired' warning being issued when refreshing the GA repo. - Refresh: restore legacy behavior and suppress Exception reporting as non-root (bsc#1235636) - version 1.14.80