Packages changed: MozillaFirefox (124.0.2 -> 125.0.2) dracut (059+suse.563.g4900899a -> 059+suse.581.g19b7c06c) ffmpeg-4 ffmpeg-6 google-noto-coloremoji-fonts (20230315 -> 20240424) libupnp (1.14.18 -> 1.14.19) openSUSE-release (20240425 -> 20240426) pcsc-lite (2.0.3 -> 2.1.0) sqlite3 (3.45.2 -> 3.45.3) systemd-presets-branding-Aeon thin-provisioning-tools tracker (3.7.1 -> 3.7.2) tracker-miners (3.7.1 -> 3.7.2) yast2-storage-ng (5.0.12 -> 5.0.13) === Details === ==== MozillaFirefox ==== Version update (124.0.2 -> 125.0.2) Subpackages: MozillaFirefox-translations-common - Mozilla Firefox 125.0.2 * The 125.0 and 125.0.1 releases were skipped due to problems with a feature that proactively blocked downloads from potentially untrustworthy URLs * New: Firefox now supports the AV1 codec for Encrypted Media Extensions (EME), enabling higher-quality playback from video streaming providers * New: The Firefox PDF viewer now supports text highlighting. * New: Firefox View now displays pinned tabs in the Open tabs section. Tab indicators have also been added to Open tabs, so users can do things like see which tabs are playing media and quickly mute or unmute across windows. Indicators were also added for bookmarks, tabs with notifications, and more! their addresses upon submitting an address form, allowing Firefox to autofill stored address information in the future. * New: The URL Paste Suggestion feature provides a convenient way for users to quickly visit URLs copied to the clipboard in the address bar of Firefox. When the clipboard contains a URL and the URL bar is focused, an autocomplete result appears automatically. Activating the clipboard suggestion will navigate the user to the URL with 1 click. * New: Users of tab-specific Container add-ons can now search in the Address Bar for tabs that are open in different containers. Special thanks to volunteer contributor atararx for kicking off the work on this feature! * New: Firefox now provides an option to enable Web Proxy Auto- Discovery (WPAD) while configured to use system proxy settings. * Changed: In a group of radio buttons where no option is selected, the tab key now only reaches the first option rather than cycling through all available options. The arrow keys navigate between options as they do when there is a selected option. This makes keyboard navigation more efficient and consistent * HTML5: Firefox now supports the `popover` global attribute used for designating an element as a popover element. The element won't be rendered until it is made visible, after which it will appear on top of other page content. * HTML5: WebAssembly multi-memory is now enabled by default. Wasm multi-memory allows wasm modules to use and import multiple independent linear memories. This enables more efficient interoperability between modules and provides better polyfills for upcoming wasm standards, such as the component model. * HTML5: Added support for Unicode Text Segmentation to JavaScript. * HTML5: Added support for `contextlost` and `contextrestored` events on HTMLCanvasElement and OffscreenCanvas to allow user code to recover from context loss with hardware accelerated 2d canvas. * HTML5: Firefox now supports the `navigator.clipboard.readText()` web API. A paste context menu will appear for the user to confirm when attempting to read clipboard data not provided by the same-origin page. * HTML5: Added support for the `content-box` and `stroke-box` keywords of the `transform-box` CSS property. * HTML5: The `align-content` property now works in block layout, allowing block direction alignment without needing a flex or grid container. * HTML5: Support for `SVGAElement.text` was removed in favor of the more widely-implemented `SVGAElement.textContent` method. * Developer: Following several requests, we have reintroduced the option to disable the Pause Debugger Overlay (`devtools.debugger.features.overlay`). This overlay appears over the page content when the debugger pauses JavaScript execution. In certain scenarios, the overlay can be intrusive, making it challenging to interact with the page, for instance, evaluating shades of color underneath. * Developer: We've added a new drop-down menu button at the bottom of the source view in the Debugger panel, specifically designed for Source Map related actions. Users can now easily disable or enable Source Maps support, open the Source Map file in a new tab, switch between the original source and the generated bundle, toggle the "open original source by default" option, and view the Source Map status such as errors, loading status, etc. MFSA 2024-18 (bsc#1221327) * CVE-2024-3852 (bmo#1883542) GetBoundName in the JIT returned the wrong object * CVE-2024-3853 (bmo#1884427) Use-after-free if garbage collection runs during realm initialization * CVE-2024-3854 (bmo#1884552) Out-of-bounds-read after mis-optimized switch statement * CVE-2024-3855 (bmo#1885828) Incorrect JIT optimization of MSubstr leads to out-of-bounds reads * CVE-2024-3856 (bmo#1885829) Use-after-free in WASM garbage collection * CVE-2024-3857 (bmo#1886683) Incorrect JITting of arguments led to use-after-free during garbage collection * CVE-2024-3858 (bmo#1888892) Corrupt pointer dereference in js::CheckTracedThing * CVE-2024-3859 (bmo#1874489) Integer-overflow led to out-of-bounds-read in the OpenType sanitizer * CVE-2024-3860 (bmo#1881417) Crash when tracing empty shape lists * CVE-2024-3861 (bmo#1883158) Potential use-after-free due to AlignedBuffer self-move ... changelog too long, skipping 16 lines ... - add mozilla-libproxy-fix.patch to fix with-libproxy build variant ==== dracut ==== Version update (059+suse.563.g4900899a -> 059+suse.581.g19b7c06c) - Update to version 059+suse.581.g19b7c06c: * fix(dracut): move hooks directory from /usr/lib to /var/lib (bsc#1218068) * feat(tpm2-tss): add tpm2.target and systemd-tpm2-generator * fix(systemd): explicitly install some libs that will not be statically included * fix(dracut-lib): only remove initqueue/finished scripts, not the hook dir * fix(dracut-util): avoid memory leak * fix(dracut-install): memory leak in two `hashmap_put` calls if key exists * fix(dracut-install): release memory allocated for regular expressions * fix(dracut-install): memory leak in `--modalias` option * refactor(dracut-install): strerror(errno) -> %m * perf(dracut-install): don't strdup() environment block * perf(dracut-install): don't reallocate {src,dst}path in hmac_install() * perf(dracut-install): don't strdup() excessively for dracut_install() * perf(dracut-install): stat() w/unused buf -> access(F_OK) in dracut-install * perf(dracut-install): multiple single-character strstr()s -> strpbrk() ==== ffmpeg-4 ==== Subpackages: libavcodec58_134 libavformat58_76 libavutil56_70 libpostproc55_9 libswresample3_9 libswscale5_9 - Add ffmpeg-CVE-2023-51793.patch: Backporting 0ecc1f0e from upstream, Fix odd height handling. (CVE-2023-51793 bsc#1223272) - Add ffmpeg-CVE-2023-49502.patch: Backporting 737ede40 from upstream, account for chroma sub-sampling in min size calculation. (CVE-2023-49502 bsc#1223235) - Address boo#1223304/CVE-2023-51798: add patch 0001-avfilter-vf_minterpolate-Check-pts-before-division.patch ==== ffmpeg-6 ==== Subpackages: libavcodec60 libavfilter9 libavformat60 libavutil58 libpostproc57 libswresample4 libswscale7 - Add ffmpeg-CVE-2023-50008.patch: Backporting 5f87a68c from upstream, Fix memory leaks. (CVE-2023-50008 bsc#1223254) - Add ffmpeg-CVE-2023-50007.patch: Backporting b1942734 from upstream, Fix crash with EOF handling. (CVE-2023-50007 bsc#1223253) ==== google-noto-coloremoji-fonts ==== Version update (20230315 -> 20240424) - Update to v2.042 * Unicode 15.1 update ==== libupnp ==== Version update (1.14.18 -> 1.14.19) Subpackages: libixml11 libupnp17 - Update to release 1.14.19 * Fix some memory allocations in the "TvDevice" example ==== openSUSE-release ==== Version update (20240425 -> 20240426) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== pcsc-lite ==== Version update (2.0.3 -> 2.1.0) Subpackages: libpcsclite1 - Update the spec for building with version 2.1.0 - version 2.1.0 * LIBPCSCLITE_DELEGATE is used to redirect to another libpcsclite library * setup_spy.sh displays the LIBPCSCLITE_DELEGATE value to use for spying * provides libfake.c as a sample source code * Some other minor improvements- ==== sqlite3 ==== Version update (3.45.2 -> 3.45.3) Subpackages: libsqlite3-0 libsqlite3-0-x86-64-v3 sqlite3-tcl - Update to release 3.45.3: * Fix a long-standing bug (going back to version 3.24.0) that might (rarely) cause the "old.*" values of an UPDATE trigger to be incorrect if that trigger fires in response to an UPSERT. * Reduce the scope of the NOT NULL strength reduction optimization that was added as item 8e in version 3.35.0. The optimization was being attempted in some contexts where it did not work, resulting in incorrect query results. - Add SQLITE_STRICT_SUBTYPE=1 as recommended by upstream. ==== systemd-presets-branding-Aeon ==== - Remove redundant services formerly from MicroOS - Remove sshd from presets (we're a desktop OS) ==== thin-provisioning-tools ==== - Update vendored dependencies ==== tracker ==== Version update (3.7.1 -> 3.7.2) Subpackages: libtracker-sparql-3_0-0 tracker-data-files tracker-lang typelib-1_0-Tracker-3_0 - Update to version 3.7.2: + Fix runtime issue introduced by SQLite 3.45.3. + Fix possible inconsistency in the handling of DELETE WHERE queries. + Updated translations. ==== tracker-miners ==== Version update (3.7.1 -> 3.7.2) Subpackages: tracker-miner-files tracker-miners-lang - Update to version 3.7.2: + Fixes to data deletion after removing an indexed folder from configuration. + Fixed glib/inotify based monitors to not follow symlinks in some circumstances. + Added a build-time option for fanotify. + Fix build with musl libc. + Updated translations. ==== yast2-storage-ng ==== Version update (5.0.12 -> 5.0.13) - GuidedProposal: refine the :bigger_resize SpaceMaker strategy (gh#openSUSE/agama#1164). - Fixed a bug related to the calculation of partitions required for booting when RAID is involved. - 5.0.13