Packages changed: apr-util bubblewrap (0.10.0 -> 0.11.0) ipmitool java-21-openjdk (21.0.4.0 -> 21.0.5.0) libgit2 (1.8.3 -> 1.8.4) libnftnl (1.2.7 -> 1.2.8) libnvme (1.10+0.gdd51fa8 -> 1.11) librsvg libzip (1.10.1 -> 1.11.1) mc nvme-cli (2.10 -> 2.11) openSUSE-release (20241031 -> 20241102) patterns-base patterns-gnome python-M2Crypto (0.42.0 -> 0.43.0) python-mysqlclient (2.2.4 -> 2.2.5) python-pycups python-service_identity (24.1.0 -> 24.2.0) python-zope.interface (7.1.0 -> 7.1.1) rasqal redland samba (4.21.1+git.367.e1da597d86e -> 4.21.1+git.372.cb50f2d0a68) selinux-policy (20241021 -> 20241031) xfce4-branding-openSUSE (4.18.0+git4.79f6d44 -> 4.18.0+git5.88e05bf) === Details === ==== apr-util ==== - Fix dependency on libapr: in 2021, libapr1 was renamed to libapr1-0, conforming to the shared library packaging policy. requires_eq silently dropped the dependency, as the packahe name, libapr1, does not exist. ==== bubblewrap ==== Version update (0.10.0 -> 0.11.0) Subpackages: bubblewrap-zsh-completion - update to 0.11.0: * New --overlay, --tmp-overlay, --ro-overlay and --overlay-src options allow creation of overlay mounts. This feature is not available when bubblewrap is installed setuid. * New --level-prefix option produces output that can be parsed by tools like logger --prio-prefix and systemd-cat --level-prefix=1 * bug fixes and developer visible changes - add upstream signing key and validate source signature ==== ipmitool ==== - Drop rcFOO symlinks (PED-266). - To create rcipmievd, the service binary is required at build time. This binary is provided by aaa_base. Make sure this package is available during build. ==== java-21-openjdk ==== Version update (21.0.4.0 -> 21.0.5.0) Subpackages: java-21-openjdk-headless - Update to upstream tag jdk-21.0.5+13 (October 2024 CPU) * Security fixes + JDK-8307383: Enhance DTLS connections + JDK-8311208: Improve CDS Support + JDK-8328286, CVE-2024-21208, bsc#1231702: Enhance HTTP client + JDK-8328544, CVE-2024-21210, bsc#1231711: Improve handling of vectorization + JDK-8328726: Better Kerberos support + JDK-8331446, CVE-2024-21217, bsc#1231716: Improve deserialization support + JDK-8332644, CVE-2024-21235, bsc#1231719: Improve graph optimizations + JDK-8335713: Enhance vectorization analysis * Other changes + JDK-6355567: AdobeMarkerSegment causes failure to read valid JPEG + JDK-6967482: TAB-key does not work in JTables after selecting details-view in JFileChooser + JDK-7022325: TEST_BUG: test/java/util/zip/ZipFile/ /ReadLongZipFileName.java leaks files if it fails + JDK-8051959: Add thread and timestamp options to java.security.debug system property + JDK-8073061: (fs) Files.copy(foo, bar, REPLACE_EXISTING) deletes bar even if foo is not readable + JDK-8166352: FilePane.createDetailsView() removes JTable TAB, SHIFT-TAB functionality + JDK-8170817: G1: Returning MinTLABSize from unsafe_max_tlab_alloc causes TLAB flapping + JDK-8211847: [aix] java/lang/ProcessHandle/InfoTest.java fails: "reported cputime less than expected" + JDK-8211854: [aix] java/net/ServerSocket/ /AcceptInheritHandle.java fails: read times out + JDK-8222884: ConcurrentClassDescLookup.java times out intermittently + JDK-8238169: BasicDirectoryModel getDirectories and DoChangeContents.run can deadlock + JDK-8241550: [macOS] SSLSocketImpl/ReuseAddr.java failed due to "BindException: Address already in use" + JDK-8242564: javadoc crashes:: class cast exception com.sun.tools.javac.code.Symtab$6 + JDK-8260633: [macos] java/awt/dnd/MouseEventAfterStartDragTest/ /MouseEventAfterStartDragTest.html test failed + JDK-8261433: Better pkcs11 performance for libpkcs11:C_EncryptInit/libpkcs11:C_DecryptInit + JDK-8269428: java/util/concurrent/ConcurrentHashMap/ /ToArray.java timed out + JDK-8269657: Test java/nio/channels/DatagramChannel/ /Loopback.java failed: Unexpected message + JDK-8280120: [IR Framework] Add attribute to @IR to enable/disable IR matching based on the architecture + JDK-8280392: java/awt/Focus/NonFocusableWindowTest/ /NonfocusableOwnerTest.java failed with "RuntimeException: Test failed." + JDK-8280988: [XWayland] Click on title to request focus test failures + JDK-8280990: [XWayland] XTest emulated mouse click does not bring window to front + JDK-8283223: gc/stringdedup/TestStringDeduplicationFullGC.java [#]Parallel failed with "RuntimeException: String verification failed" + JDK-8287325: AArch64: fix virtual threads with - XX:UseBranchProtection=pac-ret + JDK-8291809: Convert compiler/c2/cr7200264/TestSSE2IntVect.java to IR verification test + JDK-8294148: Support JSplitPane for instructions and test UI + JDK-8299058: AssertionError in sun.net.httpserver.ServerImpl when connection is idle + JDK-8299487: Test java/net/httpclient/whitebox/ /SSLTubeTestDriver.java timed out + JDK-8299790: os::print_hex_dump is racy + JDK-8299813: java/nio/channels/DatagramChannel/Disconnect.java fails with jtreg test timeout due to lost datagram + JDK-8301686: TLS 1.3 handshake fails if server_name doesn't match resuming session + JDK-8303920: Avoid calling out to python in DataDescriptorSignatureMissing test + JDK-8305072: Win32ShellFolder2.compareTo is inconsistent + JDK-8305825: getBounds API returns wrong value resulting in multiple Regression Test Failures on Ubuntu 23.04 + JDK-8307193: Several Swing jtreg tests use class.forName on L&F classes + JDK-8307352: AARCH64: Improve itable_stub + JDK-8307778: com/sun/jdi/cds tests fail with jtreg's Virtual test thread factory + JDK-8307788: vmTestbase/gc/gctests/LargeObjects/large003/ /TestDescription.java timed out + JDK-8308286: Fix clang warnings in linux code + JDK-8308660: C2 compilation hits 'node must be dead' assert + JDK-8309067: gtest/AsyncLogGtest.java fails again in stderrOutput_vm + JDK-8309621: [XWayland][Screencast] screen capture failure with sun.java2d.uiScale other than 1 + JDK-8309685: Fix -Wconversion warnings in assembler and register code + JDK-8309894: compiler/vectorapi/ /VectorLogicalOpIdentityTest.java fails on SVE system with UseSVE=0 + JDK-8310072: JComboBox/DisabledComboBoxFontTestAuto: Enabled and disabled ComboBox does not match in these LAFs: GTK+ ... changelog too long, skipping 570 lines ... + JDK-8341989: [21u] Back out JDK-8327501 and JDK-8328366 ==== libgit2 ==== Version update (1.8.3 -> 1.8.4) - update to 1.8.4: * Actually includes the pre-1.8.0 commit constness behavior fix ==== libnftnl ==== Version update (1.2.7 -> 1.2.8) - Update to release 1.2.8 * Fixes for incorrect validation of dynset netlink attributes from the kernel ==== libnvme ==== Version update (1.10+0.gdd51fa8 -> 1.11) Subpackages: libnvme-mi1 libnvme1 - Update to version 1.11: * prefix: Use Request or Response Length in DLEN and DOFF for MI * types: Add ETPVDS and SSI fields of sanitize status log * json: do not escape strings when printing the configuration * tree: do no export tls keys when not provided by user * types: add struct nvme_id_ctrl_nvm ver and lbamqf member variables * types: add NVMe 2.1 get log page LIDs * type: Added enums for ANSAN and RGCNS bit of OAES field * linux: fixup PSK HMAC type '0' handling * util: added error code for ENOKEY * fabrics: fix map error level in __nvmf_add_ctrl * fabrics: add ctrl connect interface * fabrics: use hex numbers when generating command line options * fabrics: rename first argument for argument macros * linux: handle key import correctly * linux: export keys to config * tree: read tls_configured_key and tls_keyring from sysfs * tree: move dhchap and tls sysfs parser into separate functions * json: move keystore operations out of the JSON parser * tree: add getter/setters for TLS PSK * linux: add import/export function for TLS pre-shared keys * linux: only return the description of a key * linux: use ssize_t as return type for nvme_identity_len * linux: reorder variable declarations * types: Added enum for SMVES event of PEL log * libnvme: add lockdown log page support(LID : 0x14) * libnvme: add EMVS support to sanitize command * types: Add TP4159 PCIe Infrastructure for Live Migration definitions * types: add NVME_CTRL_OAES get macro definitions * types: add NVME_CTRL_OAES_TTHR definition * types: add NVME_CTRL_FNA definitions to get field values * types: add NVME_VAL() definition * tree: fix tls key mem leak (bsc#1231668) * tree: fix dhchap_ctrl_key mem leak (bsc#1231668) * tree: fix dhchap_key mem leak (bsc#1231668) * types: add NVME_CHECK() definition to check nvme register field value * types: add kv opcodes * types: added new fields in nvme_nvme_id_ns * types: Add enum for Completion Condition of Get LBA status command * ioctl: refactoring set_features * types: add new fields added in TP4142 * mi: add control primitive command * linux: Correct error handling for derive_psk_digest (bsc#1228376) * types: Added new field CSER in enum as per TP4167 - build fix for OpenSSL 1.1 * add 0001-linux-fix-derive_psk_digest-OpenSSL-1.1-version.patch ==== librsvg ==== Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0 - Change license to LGPL-2.1-or-later AND MIT. ==== libzip ==== Version update (1.10.1 -> 1.11.1) - version update to 1.11.1 * Fix zipconf.h for version number with missing third component. * Stop searching after finding acceptable central directory, even if it contains inconsistencies. * Only write Zip64 EOCD if fields don't fit in normal EOCD. Previously libzip also wrote it when any directory entry required Zip64. * Allow bytes from 0x00-0x1F as UTF-8. * Add new error code ZIP_ER_TRUNCATED_ZIP for files that start with a valid local header signature. * `zipcmp`: add -T option for comparing timestamps. * `zip_file_replace` now removes the target's extra field information. ==== mc ==== Subpackages: mc-lang - Added patch 4575-fix-wrapper.patch - fixes boo#1203617 ==== nvme-cli ==== Version update (2.10 -> 2.11) Subpackages: nvme-cli-bash-completion nvme-cli-zsh-completion - Update to version 2.11: * docs: update check-tls-key arguments * nvme: add support to append TLS PSK to keyfile for check-tls-key * nvme: return correct error code in append_keyfile * docs: nvme-id-doman: dom{ia => ai}n * ocp: fix latency monitoring data structure entry endian * ocp: fix TCG configuration log endian * ocp: fix firmware activation history entry endian * docs: update gen-tls-key arguments * nvme: add support to add derive TLS PSK to keyfile * nvme: rename identity to version * nvme: set file permission for keyfile to owner only * nvme: export tls keys honoring version and hmac * nvmf-keys: add udev rule to import tls keys * docs: update TLS options * fabrics: add support to connect to accept a PSK command line * fabrics: add support to connect to accept a configuration * nvme: use unsigned char for hmac and identity * nvme-print: Add Sanitize Media Verification Event in PEL log * netapp-ontapdev: add err msg for no ontapdevices * netapp-smdev: add err msg for no smdevices * doc: Add sanitize command emvs option * ocp: combine to use GUID length definitions * nvme: update tls_key() handling * nvme-print-stdout: print VERS bit of SANICAP field * nvme: add EMVS support to sanitize command * ocp: remove callback function cast * doc: added commit conventions to contribution guidelines * ocp: fix ocp-print-stdout.c indentation error * ocp: fix ocp-nvme.c indentation errors * ocp: build ocp-nvme.c and ocp-telemetry-decode.c without json * ocp: split TCG configuration log print codes * ocp: split telemetry string log print codes * ocp: split device capabilities log print codes * ocp: split error recovery log print codes * ocp: split unsupported requirement log print codes * ocp: split latency monitor log print codes * ocp: move ocp telemetry log print function into ocp-print * ocp: split smart extended log print codes * ocp: split ocp-fw-activation-history print codes * plugins: update meson.build file to always build ocp plugin * ocp-print: move json code into separate files * nvme-print-json: display only verbose output * ocp-nvme: ocp plugin version update * nvme-print: print KV command set page header * doc: show where self-test results can be found * plugins/memblaze: fix a wrong id on smart-log-add * plugins/dapustor: smart-log-add fix * plugins/sed: add sid password change (bsc#1229677) * plugins/solidigm: Automatic retry smaller log chunk size. * ocp-nvme: Add LMDATA-37 for Latency Monitor Log * ocp-nvme: remove ocp log page version checking * wdc: Fix for Reading WDC C2 Vendor Unique Log Page * ocp: Fixes for OCP 2.5 Telemetry DA1 FIFO Event Parsing * nvme-print-json: update JSON verbose output for nvm-id-ctrl (bsc#1231668) * wdc: Add Support for SN5100S * nvme: Support show-regs for nvmeof * ocp: fix option handling in internal-log * Documentation: Added solidigm plugin commands * wdc: add support for SNTMP drive * nvme-print: print NSSES field of CAP register * ocp: fix GUID output * nvme-print-json: print controller register values in offset order * nvme-print-json: print CMBEBS and CMBSWTP in json format * nvme-print-stdout: update changed-ns-list-log output (bsc#1231668) * nvme: fix uninitialized value in error-log (bsc#1231668) * nvme: fix to convert metadata size to native byte order * nvme-print: fix error information log page endianness error * completions: add get-feature command changed option * doc: add get-feature command changed option * nvme: separate get NVME_GET_FEATURES_SEL_CHANGED definition * nvme: use NVME_GET_FEATURES_SEL definitions * nvme-print-stdout: use NVME_CTRL_OAES definitions * completion: add ocp set-telemetry-profile to zsh * completion: add solidgm work-tracker binding * plugins/solidigm: Added Workload Tracker Triggers and Wall Time * ocp: include util/types.h to use nvme_uint128_t * ocp: fix to set log data pointer allocated * nvme: use NVME_CHECK() to check get features select field value * ocp: split ocp-hwcomp log * completions: add ocp hardware-component-log command * doc: add ocp hardware-component-log command * ocp: add hwcomp log json output * ocp: add hwcomp log command list option * ocp: add hwcomp log command comp-id option * ocp: add hwcomp dummy definition * ocp: add support for hwcomp log page * nvme: use NVME_CTRL_FNA definitions * netapp-smdevices: print single device output too (bsc#1231668) * netapp-smdevices: segregate print routines (bsc#1231668) * Add Support for new SN655 PCI Device ID * nvme-print-json: extern json object add functions * ocp: add SMART / health information extended log page version 4 * ocp: add error recovery log page version 3 * ocp: add get-enable-ieee1667-silo command * fabrics: fix incorrect access filename check (bsc#1231668) * nvme: use NVME_GET_FEATURES_SEL_SUPPORTED definition * nvme-print-json: use _cleanup_free_ * plugins/solidigm: fix use after free. ... changelog too long, skipping 32 lines ... - Install 70-nvmf-keys.rules to the default udev rules directory ==== openSUSE-release ==== Version update (20241031 -> 20241102) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== patterns-base ==== Subpackages: patterns-base-apparmor patterns-base-base patterns-base-basesystem patterns-base-basic_desktop patterns-base-console patterns-base-enhanced_base patterns-base-minimal_base patterns-base-selinux patterns-base-sw_management patterns-base-transactional_base patterns-base-x11 patterns-base-x11_enhanced - Agama does not install chrony, add it to the pattern like on all other products, so that it is always there, including on images. ==== patterns-gnome ==== Subpackages: patterns-gnome-gnome patterns-gnome-gnome_basic patterns-gnome-gnome_basis patterns-gnome-gnome_basis_opt patterns-gnome-gnome_games patterns-gnome-gnome_imaging patterns-gnome-gnome_internet patterns-gnome-gnome_multimedia patterns-gnome-gnome_office patterns-gnome-gnome_utilities patterns-gnome-gnome_x11 patterns-gnome-gnome_yast patterns-gnome-sw_management_gnome - Drop file-roller Recommends, the built in support in nautilus is sufficient. - Change console to gnome-console Recommends: Use the current app name. - Drop nautilus-extension-terminal Recommends: nautilus supports gnome-console nativly. ==== python-M2Crypto ==== Version update (0.42.0 -> 0.43.0) - Update to 0.43.0: - feat[m2]: add m2.time_t_bits to checking for 32bitness. - fix[tests]: Use only X509_VERSION_1 (0) as version for CSR. - fix[EC]: raise ValueError when load_key_bio() cannot read the file (bsc#1231589). - ci: use -mpip wheel instead of -mbuild - fix: use PyMem_Malloc() instead of malloc() - fix[hints]: more work on conversion of type hints to the py3k ones - fix: make the package build even on Python 3.6 - ci[local]: skip freezing local tests - fix[hints]: remove AnyStr type - test: add suggested test for RSA.{get,set}_ex_data - fix: implement interfaces for RSA_{get,set}_ex_new_{data,index} - fix: generate src/SWIG/x509_v_flag.h to overcome weaknesses of swig - fix: replace literal enumeration of all VERIFY_ constants by a cycle - test: unify various test cases in test_ssl related to ftpslib - fix: replace deprecated url keyword in setup.cfg with complete project_urls map ==== python-mysqlclient ==== Version update (2.2.4 -> 2.2.5) - update to 2.2.5: * (Windows wheel) Update MariaDB Connector/C to 3.4.1. #726 * (Windows wheel) Build wheels for Python 3.13. #726 ==== python-pycups ==== - fix_shebang on the postscript driver rpmhook ==== python-service_identity ==== Version update (24.1.0 -> 24.2.0) - update to 24.2.0: * Python 3.13 is now officially supported. * pyOpenSSL's identity extraction has been reimplemented using * cryptography*'s primitives instead of deprecated pyOpenSSL APIs. * As a result, the oldest supported pyOpenSSL version is now 17.1.0. ==== python-zope.interface ==== Version update (7.1.0 -> 7.1.1) - Update to 7.1.1 * Fix segmentation faults in `weakrefobject.c` on Python 3.12 and 3.13. (#323) - Adjust upstream source name in spec file ==== rasqal ==== - Drop %requires_ge libraptor1: This has been a NOP for the last 10 years, since we moved to raptor 2.x. ==== redland ==== - Remove the requires_ge against librasqal1: it's been 15 years that librasqal1 changed to librasqal2. Due to requires_ge simply ignoring the dep if the package cannot be found, this was effectively a NOP for the last 15 years - and as nobody seemed to miss it, the autodep of RPM seems good enough. ==== samba ==== Version update (4.21.1+git.367.e1da597d86e -> 4.21.1+git.372.cb50f2d0a68) Subpackages: libldb2 libldb2-32bit python3-ldb samba-ad-dc-libs samba-client samba-client-32bit samba-client-libs samba-client-libs-32bit samba-dcerpc samba-gpupdate samba-ldb-ldap samba-libs samba-libs-python3 samba-python3 samba-winbind samba-winbind-libs samba-winbind-libs-32bit - Add placeholder changelog for sle15-sp7; (jsc#PED-11210). ==== selinux-policy ==== Version update (20241021 -> 20241031) Subpackages: selinux-policy-targeted - Update to version 20241031: * Label /var/livepatches as lib_t for ULP on micro (bsc#1228879) ==== xfce4-branding-openSUSE ==== Version update (4.18.0+git4.79f6d44 -> 4.18.0+git5.88e05bf) Subpackages: libgarcon-branding-openSUSE libxfce4ui-branding-openSUSE thunar-volman-branding-openSUSE xfce4-notifyd-branding-openSUSE xfce4-panel-branding-openSUSE xfce4-power-manager-branding-openSUSE xfce4-session-branding-openSUSE xfce4-settings-branding-openSUSE xfdesktop-branding-openSUSE xfwm4-branding-openSUSE - Updated Tumbleweed wallpaper symlinks