Removed rpms ============ - ibus-libpinyin - libpinyin13 - libzhuyin13 - python3-slip - python3-slip-dbus Added rpms ========== - firewalld-bash-completion - ibus-gtk4 - libopencc1_1 - libpinyin15 - libzhuyin15 Package Source Changes ====================== MozillaFirefox -- Mozilla Firefox ESR 115.3.1 ESR +- Firefox Extended Support Release 115.4.0 ESR + Placeholder changelog-entry (bsc#1216338) +- Removed upstreamed patch mozilla-fix-broken-ffmpeg.patch + +- Firefox Extended Support Release 115.3.1 ESR + * Fixed: Security fix. - * CVE-2023-5217: Heap buffer overflow in libvpx + * CVE-2023-5217 (bmo#1855550) + Heap buffer overflow in libvpx - Placeholder changelog-entry -- Mozilla Firefox ESR 115.3 + * Fixed: Various security fixes and other quality improvements. - * CVE-2023-5168: (bmo#1846683) + * CVE-2023-5168 (bmo#1846683) - * CVE-2023-5169: (bmo#1846685) + * CVE-2023-5169 (bmo#1846685) - * CVE-2023-5171: (bmo#1851599) + * CVE-2023-5171 (bmo#1851599) - * CVE-2023-5174: (bmo#1848454) + * CVE-2023-5174 (bmo#1848454) - * CVE-2023-5176: (bmo#1836353, bmo#1842674, bmo#1843824, + * CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824, - * CVE-2023-4863 (bmo#https://bugs.chromium.org/p/chromium/issue - s/detail?id=1479274, - bmo#https://bugzilla.mozilla.org/show_bug.cgi?id=1852649) + * CVE-2023-4863 (bmo#1852649) autoyast2 +- Added several LUKS-related elements to the partitioning schema + (jsc#PED-3878, jsc#PED-5518). +- 4.6.4 + +- Branch package for SP6 (bsc#1208913) +- 4.6.3 + -- 4.6.2 +- 4.5.14 -- 4.6.1 - -- Bump version to 4.6.0 (bsc#1208913) +- 4.5.13 firewalld +- update to v2.0.1 (jsc#PED-5597) + * fix(cli): all --list-all-zones output identical (d30bc61) + * fix(cli): properly show default zone attribute (ea8d9a8) + * fix(cli): properly show active attribute for zones and policies (b202403) + * fix(cli): --get-active-zones should include the default zone (dae9112) + * fix(nftables): always flush main table on start (cd20981) + * fix(runtimeToPermanent): deepcopy settings before mangling (9c53639) + * docs: fix reference to lockdown-whitelist.xml in SYNOPSIS section (1c77205) + * fix(firewall-config): escape markup stored in bindings store (c876fd0) + * fix(tests): avoid deprecated assertRaisesRegexp for assertRaisesRegex (2935119) + * fix(icmp): fix check_icmpv6_name() to use correct IPv6 names (af3c35b) + * fix(ipset): fix configuring IP range for ipsets with nftables (6a050ec) + * fix(ipset): fix configuring "timeout","maxelem" values for ipsets with nftables (7d3340c) + * fix(core): fix exception while parsing invalid "tcp-mss-clamp" in policy (ff61209) + * docs(policy): fix wrong documentation of in man firewalld.policy (21026d9) + * Correct Requires, python3-slip-dbus -> python3-dbus-python + * This is a major release. The major version is being bumped symbolically + to reflect significant changes done in commit f4d2b80 ("fix(policy): + disallow zone drifting"). It does not contain any deliberate breaking changes + * fix(reload): restore policy for old backend if it changed (de85849) + * fix(io): rich: tcp mss: handle value=None (8016f10) + * fix(firewall-config): rich: set destination address (f6641a9) + * fix(policy): mixed IP families in ingress/egress (69ed4d6) +- removed following patches: + [- 0001-chore-fw_zone-call-permanent-config-checks-at-runtim.patch] + [- 0003-firewall-offline-cmd-fail-fix.patch] + [- 0004-fix_rich_source_address_with_netmask.patch] + [- feature-upstream-new-check-config-1.patch] + [- feature-upstream-new-check-config-2.patch] + ibus -- Fix boo#1211977: ibus is not started automatically by KDE Plasma - * Remove "-d" when ibus-autostart is executed under KDE - * Remove X-GNOME-* from ibus-autostart.desktop +- Fix key typing order + * This prevents that keys get stuck in games with wine/proton (steam) + * Added ibus-fix-key-release.patch + +- Update version to 1.5.28 + * Implement new process_key_event for ibus-x11 + * Convert internal EN compose table to GResource + * Enhance surrounding text + * Enhance CI + * Update ibusunicodegen.h with Unicode 15.0.0 + * Update simple.xml with xkeyboard-config 2.38-1 + * Fix SEGVs + +- Switch to use systemd service file to start ibus daemon + * Fix boo#1201421 + * Add ibus-ui-gtk3-restart-via-systemd.patch + * Enable ibus-autostart for xdg-autostart-generator + +- Do not run ibus-autostart with xdg-autostart-generator (KDE etc.) + * A workaround for boo#1202841 + * Please use org.freedesktop.IBus.session.generic.service instead + (See boo#1201421) + +- Upstream update to 1.5.27 + * Disable XKB engines in Plasma Wayland + * ibusimcontext keycode - 8 for gtk3 keycode generation + * client/gtk2: Revert CCedilla change for pt-BR + * Add IBUS_CAP_OSK to IBusCapabilite + * Enable ibus restart in GNOME desktop + * Add ibus im-module command + * Implement new process_key_event for GTK4 + * src/ibusengine: Add focus_in_id()/focus_out_id() class methods + * Delete xkb:latam:: in denylist.txt + * Enhance Xutf8TextListToTextProperty + * Revert Emoji shoftcut key to Super-space + * Update simple.xml with xkeyboard-config 2.36 + * Fix refcounting issues + * Drop ibus-fix-refcounting-issues.patch + * Fix bashisms in org.freedesktop.IBus.session.GNOME.service + * Update xkb-latin-layouts in gschema + * Use our own prefix to look up systemd user services dir + * Add functionality to change IBus panel themes with available GTK themes + * Update translation +- Refresh im-engines-precede-xkb.patch +- Add pkgconfig(libnotify) for the GTK4 flavor + +- Fix ibus-setup to support python3 (boo#1202063) + * Update setup-switch-im.patch +- Remove X-GNOME-* from ibus-autostart.desktop + (boo#1201421, boo#1201728) + * ibus-autostart still does not work with + systemd-xdg-autostart-generator + +- Add patch ibus-fix-refcounting-issues.patch: + This addresses the possible GLib warnings, fixes the possible + double unrefs happening on IBusText used in signals, and fixes + the missing unrefs on IBusText objects created from static + strings (gh#ibus/ibus#2387, gh#ibus/ibus#2393). + +- Add install/uninstall scripts for the user service files +- Drop ibus-missing-include.patch + * fix build error under Leap 15.4 + +- Update version to 1.5.26 + * Enhance compose keys + * Enhance Emoji features + * Implement clear preedit for GTK4 + * Calculate keycode from keysym in GTK3 forward-key-event + * Fix to send char position at update_preedit_text + * Deprecate gettext.bind_textdomain_codeset() since Python 3.8 + * Fix ibus_key_event_from_string for gobject-introspection + * Fix a key event loop with forwarding keys + * Delete gnome-autogen dependency + * Change XKB layout string color in panel + * Add IBUS_INPUT_HINT_PRIVATE for browser private mode + * mkdir socket dirs instead of socket paths + * Add org.freedesktop.IBus.session.generic.service + * Check XDG_SESSION_DESKTOP for Plasma desktop + * Update simple.xml with xkeyboard-config 2.35.1 + * Update ibusunicodegen.h with unicode-ucd 14.0.0 + * Enhance CI + * Fix typos + * Fix wrong cursor location in gtk3 apps + * Update URLS + * invalidate cache based on symlink mtime too + * Fix unref problems with floating references + * Update man page for Emoji shortcut key + * Add systemd unit file + * Fix forward key keycode for GTK4 +- Drop ibus-fix-wrong-cursor-location.patch, merged by upstream + +- Do not introduce ibus-gtk4-32bit unless there will be demand for + it: drop its definition from baselibs.conf. + +- Fix name of gtk4 flavor generated packages (was ibus-gtk4-gtk4). + +- Split build of gtk4 module into an own flavor, allowing us to + break a build cycle. + +- Enable GTK 4 IM Module for Leap 15.4 and Tumbleweed +- Remove ibus-python-install-dir.patch + * Not used for build anymore ibus-hangul +- update to 1.5.5: + * Use synchronous key event processing if possible (since ibus + 1.5.28) (#114 ) + * Update SVG icons + ibus-libzhuyin +- Do not BuildRequire libzhuyin13: that's the responsibility of the + respective devel package. + +- update to 1.10.2: + * bug fixes + +- update to 1.10.1: + * fix setup dialog + ibus-m17n +- Update to 1.4.20 + * Reduce preedit flicker + * Remove xml:lang="en" from the screenshot in appdata.xml + * Use ibus_text_new_from_string (string) instead of ibus_text_new_from_static_string (string) in ibus_m17n_engine_commit_string() + * Add missing g_free (buf) in ibus_m17n_mtext_to_utf8() + +update: 1.4.17 -> 1.4.19 +- Added weblate translations to Sinhala +- Add parrot icon emoji + +update: 1.4.13 -> 1.4.17 +- Fix problem that sa-IAST input method cannot be activated and make settings of sa-IAST work + * https://github.com/ibus/ibus-m17n/issues/52 +- Let IBusM17nEngine inherit from IBusEngineSimple to enable compose support + * https://github.com/ibus/ibus-m17n/issues/51 + +update: 1.4.11 -> 1.4.13 +- Added translations using Weblate (Arabic updated, Georgian added) + +update: 1.4.10 -> 1.4.11 +- Added translation using Weblate (Arabic, 100%) +- Add 256x256 icon to m17n.appdata.xml + +feat: use _service files to automate fetching sources + update: 1.4.9 -> 1.4.10 +- Add language to longname in --xml output to make engines which have exactly + the same icon distinguishable in the engine switcher +- Make the icon of the current engine appear at the left of floating panel of ibus. + And also show the full engine name as a tooltip on that icon + Before only a generic gear wheel ⚙️ was shown, the same for + all engines, so one could not distinguish which engine was + selected in the floating panel. +- Show also the engine name in the title of the setup tool window. + I.e. instead of just “Preferences” show something like + “Preferences m17n:t:latn-post”. +- Better icon and a screenshot which can be shown in gnome-software +- Improvements in m17n.appdata.xml + +update: 1.4.6 -> 1.4.9 +- Allow use of kbd engines gh#ibus/ibus-m17n#32 +- Assign symbols to all the new inscript2 engines (and add some other missing symbols) + * gh#ibus/ibus-m17n#37 +- Remove gnome-common requirement and re-write autogen.sh (by Parag Nemade) + * gh#ibus/ibus-m17n#37 +- Update weblate translation for Sinhala +- Free lang and name after engine_name is built gh#ibus/ibus-m17n#39 +- Just return from ibus_m17n_engine_callback with nullable m17n +- Hide status from the panel if status == title (by Daiki Ueno) + -- Remove the following languages - (cs,da,de,el,en,es,fi,fr,hr,it,nb,nn,pa,pl,sk,sv) from - locale-specific provides tag, to prevent ibus/ibus-m17n to be - installed by default for those languages. - -- Add ibus as Requires - -- update to 1.3.4 - ibus-table +- Update version to 1.17.1 + * Fix mypy warnings + * Return empty program_name and window_title in get_active_window_xprop() when + xprop results are unexpected (Resolves: + https://bugzilla.redhat.com/show_bug.cgi?id=2215466) + * Translation update from Weblate + +update: 1.16.14 -> 1.17.0 +- New option commit_invalid_mode: Choose what happens when a character not in + valid input characters is typed +- More translations + +update: 1.16.13 -> 1.16.14 +- Fix a problem in C/POSIX and invalid locales: Use lower() on LC_MESSAGES only + if it is a string and not None + +update: 1.16.12 -> 1.16.13 +- Get program name of focused window also when ibus cannot get it +- Use focus id if available (it is available for ibus >= 1.5.27) +- Use IBus.PreeditFocusMode.COMMIT and make sure the input is cleared and the UI + updated when the focus changes +- Do not reset input purpose on focus out +- Do not commit by index when OSK is visible + +update: 1.16.11 -> 1.16.12 +- Stop using locale.getdefaultlocale() because it is deprecated in Python 3.11 + and will be removed in Python 3.13 +- Add 128x128, 256x256, and svg (remote) icons to ibus-table.appdata.xml + +update: 1.16.10 -> 1.16.11 +- Remove hashbang from chinese_variants.py and tabcreatedb.py + * gh#mike-fabian/ibus-table#118 + +update: 1.16.9 -> 1.6.10 +- Add png versions of the ibus-table.svg icon +- Add (remote) icon to ibus-table.appdata.xml +- Add screenshot to ibus-table.appdata.xml + +feat: use _service files to automate fetching sources + +update: 1.13.3 -> 1.16.9 +- Now requires Python >= 3.6 to build +- Update Unihan_Variants.txt to "2022-04-26 Unicode 15.0.0 draft" +- Update weblate translations +- Add option to set dynamic adjust at runtime gh#mike-fabian/ibus-table#70 +- Add button to forget all data learned by typing and selecting candidates + * gh#kaio/ibus-table#75 +- Fix problems with goucima for erbi-qs table gh#kaio/ibus-table#77 +- Fix gh#mike-fabian/ibus-table#85 +- 栗 U+6817 is used in Traditional Chinese as well gh#mike-fabian/ibus-table#95 +- Ignore MOD3_MASK (Scroll Lock) when matching key bindings gh#mike-fabian/ibus-table#102 +- When a Modifier key release matches a hotkey command, return False not True + * gh#mike-fabian/ibus-table#102 + -- update to 1.8.11 - * Fix typo in variable name self_onechar -> self._onechar - * Disable “onechar” (Phrase mode/Single char mode) option for non-CJK - databases - * Disable auto_commit option for tables which do not have RULES - * Resolves: rhbz#1135759 - The rusle is broken with "Normal commit mode" - See: https://bugzilla.redhat.com/show_bug.cgi?id=1135759 - * Pass IBus.KEY_KP_Enter to the application if the preedit is empty - * Resolves: rhbz#1133424 - With the new "rusle" table in ibus-table-cyrillic, - Keypad Enter problem - See: https://bugzilla.redhat.com/show_bug.cgi?id=1133424 - * Ignore Shift+Space hotkey to switch fullwidth/halfwidth if the database - is not for CJK - * Move some options into a new tab “Details” - * Disable properties related to fullwidth/halfwidth for non-CJK tables - * Remove “Hide Candidates/Display Candidates” from the properties menu - * Show keyboard shortcuts also in the property menu entries - * Use the “notify::text” signal instead of “activate” on GtkEntry widget - * Update Chinese .po files - * Update German translation - * Move the “Restore all defaults” button into the GtkButtonBox at bottom - * Apply fix for 同 again to Unihan_Variants.txt, it is both simplified *and* - traditional Chinese - * And regenerate engine/chinese_variants.py. - * Escape % and _ if they are not intended as wildcards - * Require Python >= 3.3 - -- update version 1.8.5 - * Always write xml output in UTF-8 encoding, not in the encoding - of the current locale -- changes since 1.8.4 - * Tweak defaults for Chinese mode taken from the locale - * Fix prompts for array30 table and don’t use prompts in pinyin mode - * Make it possible to use select keys like F1, F2, F3 ... - * For cangjie* and quick* tables: Use big5 order if the freq from - the table is the same -- add ibus-table-python3.patch - * replace file() to open() - -- Switch python to python3 - ibus-table-chinese +- Update version to 1.8.12 + * Add appdata.xml files + * Convert license tags to SPDX format + * Add .svg icon files for use in appdata.xml files + +update: 1.8.9 -> 1.8.11 +- Improve punctuation support in cangjie5.txt, cangjie3.txt, cangjie-big.txt, quick5.txt, quick3.txt, quick-classic.txt +- Improve punctuation support in jyutping.txt, cantonese.txt, cantonhk.txt, cantonyale.txt +- Improve “improve_jyutping.py” to allow comments in the table +- Update of jyutping.txt for Unicode 15.0.0 final release + +feat: use _service files to automate fetching sources + +update: 1.8.8 -> 1.8.9 +- Add tones to Jyutping.txt table (gh#mike-fabian/ibus-table-chinese#6) + * Tonal markers according to + https://github.com/rime/rime-cantonese/blob/main/README-en.md#tonal-markers + were added: + 1 v: High level, e.g. siv → 詩; High level checked, e.g. sikv → 色 + 2 x: Medium rising, e.g. six → 史 + 3 q: Medium level, e.g. siq→ 試; Medium level checked, e.g. sekq → 錫 + 4 vv: Low falling, e.g. sivv → 時 + 5 xx: Low rising, e.g. sixx → 市 + 6 qq: Low level, e.g. siqq→ 事; Low level checked, e.g. sikqq → 食 + fix: CMake warning about no source or binary directory provided + +update: 1.8.3 -> 1.8.8 +- Move source to mike-fabian's repo as previous repo is now deprecated + * https://github.com/definite/ibus-table-chinese/blob/master/README +- Simplify CMakeLists.txt to avoid requiring cmake-fedora +- cangjie5.txt improvement gh#mike-fabian/ibus-table-chinese#87 +- quick5.txt improvement gh#mike-fabian/ibus-table-chinese#4 +- Add table_extra tag gh#definite/ibus-table-chinese#18 +- "Traditional Chinese only" is now the default for cangjie5 and quick5 + * gh#mike-fabian/ibus-table-chinese#2 +- Build outside of source tree gh#mike-fabian/ibus-table-chinese#2 + chore: clean up specfile + -- fix for factory: BuildRequires: python-ibus - ibus-table-others +- Update to 1.3.16 + * feat: several improvements to Old Hungarian + * fix: remove { and } from VALID_INPUT_CHARS in LaTeX table + +feat: use _service files to automate fetching sources + +update: 1.3.12 -> 1.3.13 +- Improvements in the latex.txt table gh#mike-fabian/ibus-table-others#24 + -- Add locale-specific provides tags for automatic installation - -- Moved from ibus-table package for ibus-1.3.x; - this is a compound package of non-Chinese input method tables - libbpf +- update to v1.2.2: + * fix a regression in perf tool caused by libbpf resetting its custom + catch-all SEC() handler on explicit bpf_program__set_type() call + * fix possible double-free in USDT-related libbpf code, which happens when + libbpf runs out of space in __bpf_usdt_specs map due to having too many + unique USDT specs + +- update to 1.2.0: + * completely overhauled "Libbpf overview" landing documentation + page; + * support for BPF link-based `struct_ops` programs: + * `SEC(".struct_ops.link")` annotations; + * `bpf_map__attach_struct_ops()` attach API; + * `bpf_link__update_map()` link update API; + * support sleepable `SEC("struct_ops.s")` programs + * improved thread-safety of libbpf print callbacks and + `libbpf_set_print()` + * improve handling and reporting of missing BPF kfuncs + * `bpf_{btf,link,map,prog}_get_info_by_fd()` APIs + * `bpf_xdp_query_opts()` supports fetching XDP/XSK supported + features; + * `perf_buffer__new()` allows customizing notification/sampling + period now; + * BPF verifier logging improvements: + * pass-through BPF verifier log level and flags to kernel as + is + * support `log_true_size` for getting required log buffer size + to fit BPF verifier log completely; + * allow precise control over kprobe/uprobe attach mode: legacy, + perf-based, link-based. + * fix legacy kprobe events names sanitization; + * fix clobbering errno in some cases; + * fix BPF map's `BPF_F_MMAPABLE` flag sanitization; + * fix BPF-side USDT support code on s390x architecture; + * fix `BPF_PROBE_READ{_STR}_INTO()` on s390x architecture; + * fix kernel version setting for Debian kernels; + * fix netlink protocol handling in some cases; + * improve robustness of attaching to legacy kprobes and + uprobes; + * fix double-free during static linking empty ELF sections; + * a bunch of other small fixes here and there. + libhangul +- Update to version 0.1.1~git20180606.42f7640: + * no english changelog + -- fix -devel package dependencies -- add missing %clean section to the spec file - libnbd +- Update to version 1.18.1: + * Version 1.18.1. + * rust: Use string_starts_with instead of String.starts_with + * rust: Build the examples + * rust: Write a custom translator from POD to rustdoc + * rust: Add overview documentation + * rust: Annotate 'endif' with corresponding label + * utils: Slightly simplify human_size() + * docs: Assign CVE-2023-5215 to nbd_get_size negative result issue + +- Update to version 1.18.0: + * CVE-2023-5215 (bsc#1215799) + * docs: Add link to nbd_get_size announcement in release notes + * docs: Add URL to list post on nbd_get_size security + * docs: Update release notes for nbd_get_size backport to 1.16.5 + * docs: Finalize release notes for release tomorrow + * dump: Add more examples of running subprocesses from nbddump + * info: Tolerate missing size + * block_status: Fix assertion on bad 64-bit block status reply + * block_status: Fix assertion with large server size + * api: Sanitize sizes larger than INT64_MAX + +- spec: Don't set tls priority to unavailable crypto policy + + * jsc#ECO-3633 libpcap +- update to 1.10.4: + * rpcap: Fix name of launchd service. + * documentation updates and build system tweaks + +- update to 1.10.3: + * Sort the PUBHDR variable in Makefile.in in "ls" order. + * Fix typo in comment in pflog.h. + * Remove two no-longer-present files from .gitignore. + * Update code and comments for handling failure to set promiscuous + mode based on new information. + +- update to 1.10.2: + * Build system updates + * Developer visible fixes + * Fix some formatting string issues found by cppcheck + * "Dead" pcap_ts from pcap_open_dead() and ..._with_tstamp_precision(): + Don't crash if pcap_breakloop() is called. + * Savefiles: multiple bug fixes handling files + * Capture: Never process more than INT_MAX packets in a + pcap_dispatch() call, to avoid integer overflow + * Packet filtering: PFLOG bug fixes and improvements + * Fix memory leak in capture device open + * Fix detection of CAN/CAN FD packets in direction check + * Fix double-free crashes on errors such as running on a kernel + with CONFIG_PACKET_MMAP not configured + * Multiple CANbus bug fixes + * Fix pcap_findalldevs() to find usbmon devices + * Fix handling of VLAN tagged packets if the link-layer type is + changed from DLT_LINUX_SLL to DLT_LINUX_SLL2 + * Always turn on PACKET_AUXDATA + * Correctly compute the "real" length for isochronous USB transfers + libpinyin +- Update version to 2.8.1 + * Fix bugs + * Improve suggestion candidates + * Support longer candidates + +- Update version to 2.6.2 + * Fix libzhuyin linkage when using LLVM linker + * Switch from GrassDB to ProtoTreeDB + libsndfile +- Fix signed integers overflows in au_read_header() + (bsc#1213451, CVE-2022-33065): + libsndfile-CVE-2022-33065.patch + libtirpc +- update to 1.3.4 (bsc#1199467) + * binddynport.c honor ip_local_reserved_ports + - replaces: binddynport-honor-ip_local_reserved_ports.patch + * gss-api: expose gss major/minor error in authgss_refresh() + * rpcb_clnt.c: Eliminate double frees in delete_cache() + * rpcb_clnt.c: memory leak in destroy_addr + * portmapper: allow TCP-only portmapper + * getnetconfigent: avoid potential DoS issue by removing unnecessary sleep + * clnt_raw.c: fix a possible null pointer dereference + * bindresvport.c: fix a potential resource leakage +- update to 1.3.3 (bsc#1201680, CVE-2021-46828): + * Fix DoS vulnerability in libtirpc + - replaces: 0001-Fix-DoS-vulnerability-in-libtirpc.patch + * _rpc_dtablesize: use portable system call + * libtirpc: Fix use-after-free accessing the error number + * Fix potential memory leak of parms.r_addr + - replaces 0001-fix-parms.r_addr-memory-leak.patch + * rpcb_clnt.c add mechanism to try v2 protocol first + - preplaces: 0001-rpcb_clnt.c-config-to-try-protocolversion-2-first.patch + * Eliminate deadlocks in connects with an MT environment + * clnt_dg_freeres() uncleared set active state may deadlock + * thread safe clnt destruction + * SUNRPC: mutexed access blacklist_read state variable + * SUNRPC: MT-safe overhaul of address cache management in rpcb_clnt.c +- drop 0001-Fix-DoS-vulnerability-in-libtirpc.patch (upstream) +- update to 1.3.2: + * Replace the final SunRPC licenses with BSD licenses + * blacklist: Add a few more well known ports + * libtirpc: disallow calling auth_refresh from clnt_call with RPCSEC_GSS +- Update to libtirpc 1.3.1 + * Remove AUTH_DES interfaces from auth_des.h + The unsupported AUTH_DES authentication has be + compiled out since commit d918e41d889 (Wed Oct 9 2019) + replaced by API routines that return errors. + * svc_dg: Free xp_netid during destroy + * Fix memory management issues of fd locks + * libtirpc: replace array with list for per-fd locks + * __svc_vc_dodestroy: fix double free of xp_ltaddr.buf + * __rpc_dtbsize: rlim_cur instead of rlim_max + * pkg-config: use the correct replacements for libdir/includedir + Patches replaced by update: + binddynport-honor-ip_local_reserved_ports.patch (bsc#1199467) + 0001-Fix-DoS-vulnerability-in-libtirpc.patch (bsc#1201680) + 0001-fix-parms.r_addr-memory-leak.patch (bsc#1198752) + 0001-rpcb_clnt.c-config-to-try-protocolversion-2-first.patch + (bsc#1196647), (bsc#1200800), (bsc#1198176) + * replaces /etc/netconfig-try-2-first by the environment variable + RPCB_V2FIRST + libxkbcommon +- Update to release 1.5.0 + * Fix crash in `xkbcli interactive-wayland` under a compositor + which supports new versions of the xdg-shell protocol. + * New API: XKB_CONTEXT_NO_SECURE_GETENV, + RXKB_CONTEXT_NO_SECURE_GETENV + +- Update to release 1.4.1 + * Fix compose sequence overriding (common prefix) not working + correctly. Regressed in 1.2.0. + * Remove various bogus currency sign (particulary Euro and + Korean Won) entries from the keysym <-> Unicode mappings. + They prevented the real keysyms/codepoints for these from + mapping correctly. + +- Update to release 1.4.0 + * In libxkbregistry, variants now inherit iso639, iso3166 and + brief from parent layout if omitted. + * In libxkbregistry, skip over invalid ISO-639 or ISO-3166 + entries. + +- Update to release 1.3.1 + * In `xkbcli interactive-x11`, use the Esc keysym instead of + the Esc keycode for quitting. + * In `xkbcli how-to-type`, add `--keysym` argugment for how to + type a keysym instead of a Unicode codepoint. + * Fix a crash in `xkb_x11_keymap_new_from_device` error + handling given some invalid keymaps. Had regressed in 1.2.0. + nbdkit +- Update to version 1.36.1: + * Version 1.36.1. + * python: Document nbdkit.disconnect(force) helper function + * python: List helper functions in alphabetical order + * python: Clarify possible handle values returned by open() method + * tests: Fix incorrect comment in tests + * docs: Remove references to -U - when it is implicit + +- Update to version 1.36.0: + * Version 1.36.0. + * evil: Fix typo in man page + * tests: Rename test-curl-options.sh and add more tests + * docs: Finalize release notes for release tomorrow + * curl: Use new curl_multi_get_handles API to simplify code + * curl: Store pointer from curl easy handle to our struct curl_handle + * README: Recommend new syntax for ASAN_OPTIONS + * fuzzing/README: Remove advice to set ASAN_OPTIONS + * docs: Small tweaks to the release notes + * docs: Add outline release notes for forthcoming nbdkit 1.36 + * tests: Add some consistency checks of the tests themselves + * tests/test-evil-cosmic.sh: Use requires_nbdcopy + * tests/test-nozero.sh: Test uses nbdsh -u but does not declare requirement + * tests: Fix a couple more tests that are missing requires_run + * docs: Expand Network Block Device (for NBD) in title + +- spec: Don't set tls priority to unavailable crypto policy + opencc +- update to 1.1.6: + * FTBFS for MacOS w/ Python 3.11 + * Support Python 3.11 + * Automatically name SO files + * Add support for Apple silicon build tag + * other minor fixes + +- update to 1.1.4: + * Add python 3.10 support + * remove support for python < 3.7 and node 10.x + * small bugfixes +- add fix-soversion.patch for fixing the leftover .so version tag + +- update to 1.1.3: + * Fix some header files cannot be used alone (#550). + * Fix the method of introducing system pybind11 (#566). + * Support Node.js 16 (#597). + * Support Python 3.9 (#603). + * Fixed conversion errors. + * Several other small fixes. + +- update to 1.1.2: + * Added Hong Kong Traditional Chinese conversion. + * Fix the compilation compatibility problem, including parallel compilation. + * Fixed the serious performance degradation problem introduced since 1.1.0. +- drop opencc-1.1.1-missing-builtin-types.patch: upstream + +- add opencc-1.1.1-missing-builtin-types.patch + * SimpleConverter.hpp missed "#include " that breaks pyzy + +- update to 1.1.1 + * Officially provide interface and TypeScript type annotations. + * Update the dynamic link library `SOVERSION` to `1.1`, due to + changes in the internal interface of C++. + * Simplify the header file structure and speed up compilation. Remove + unnecessary `using`. Repair some Hong Kong standard characters. + * The new dictionary format `ocd2`, based on Marisa Trie 0.2.5. The + dictionary size is greatly reduced. + * Change the default conversion of "Yong/Yong" and modify multiple + phrase conversions. + * Add benchmark test results. + * Officially supports Japanese new font conversion. + * Upgrade Node.js dependency and improve compatibility. + * Fix multiple multi-platform compilation and compatibility issues. + * Correct a large number of conversion errors. + -- update version 0.4.3 - * add interface: `opencc_convert_utf8_free` - * fix memeory leak problem for nodejs plugin - -- split a data package to be required by library. - fix a conversion crash bug in fcitx. - -- fix fedora builds. - -- fix sles builds. - -- trigger the service so it's true - -- initial package 0.3.0 - pciutils +- Apply "lspci-Fixed-buffer-overflows-in-ls-tree.c.patch" to fix a + buffer overflow error that would cause lspci to crash on systems + with complex topologies. [bsc#1215265] +- Add "pciutils.keyring" so that the tarball's signature can be + verified at build time. +- Use "%license" tag instead of "%doc" to install the package's + license file. + poppler +- security update +- added patches + fix CVE-2023-34872 [bsc#1213888], remote denial-of-service in OutlineItem::open in Outline.cc + + poppler-CVE-2023-34872.patch + smartmontools +- Do not quit with an error when no drives to monitor are available (bsc#990406 bsc#1167051). +- Add smartd_service_dont_quit.patch +- Refresh harden_smartd.service.patch +- Run through spec-cleaner, use autosetup + +- Update to version 7.4: + * See NEWS and ChangeLog files for full details +- Drop smartmontools-smartctl-NVMe-big-endian.patch (upstreamed) +- Refresh smartmontools-suse-default.patch + +- smartmontools.generate_smartd_opts.in: Fix generated options when + SMARTD_SAVESTATES or SMARTD_ATTRLOG are set to "no" (bsc#1207461). + +- Catch another invalid state in %post: DRIVEDB_H_RELEASE_SAVED + might end up empty + +- refresh keyring with new signing key + +- update to version 7.3 + - see NEWS and ChangeLog file for full details +- Remove smartmontools-drivedb.h. Up to date version is included + in release tarball +- packaging: try to fix smartmontools-drivedb_h-update.sh + +- Added hardening to systemd service(s) (bsc#1181400). Added patch(es): + * harden_smartd.service.patch + Modified: + * smartd_generate_opts.service + tlp +- Update to 1.6.1 18.09.2023 + * Bugfixes: + Battery: + - LG Gram laptops: ensure lg-legacy is used for kernel <= 5.17 (Issue #708) + General: + - tlp-stat -s: report manual mode despite restrictive umask (Issue #702) + +- Update to 1.6.0 24.08.2023 + * Features + Battery: + - LG Gram laptops: + - Use standard sysfs attribute 'charge_control_end_threshold' + provided by kernel 5.18 and newer + - Restore threshold after hibernate + - System76 laptops with open source EC firmware: + start and stop threshold + - System76: default start threshold set to 90% (due to EC firmware change) + - ThinkPads: model detection adapted for Libreboot (Issue #679) + - Toshiba/Dynabook laptops: stop threshold 80/100% + Configuration: + - Allow comments (#) after parameters (Issue #598) + - tlp-stat -c/--cdiff: append a notice to deprecated or removed + parameters + Disks: + - SATA_LINKPWR_ON_AC/BAT: remove fallbacks for outdated kernels + before 4.15 from defaults (still available via explicit configuration) + General: + - Allow coexistence with power-profiles-daemon: do not apply + PLATFORM_PROFILE_ON_AC/BAT, CPU_ENERGY_PERF_POLICY_ON_AC/BAT and + CPU_BOOST_ON_BAT/BAT when it is running + - MEM_SLEEP_ON_AC/BAT: change system suspend mode + - Add ZSH command completion + - tlp-stat -s: + - Silence warnings about unmasked systemd-rfkill.service/.socket + when DEVICES_TO_ENABLE/DISABLE_ON_STARTUP is actually unconfigured + - Show EC firmware version + - Show system suspend mode + - Show proper ThinkPad model string with Libreboot (Issue #679) + PCI(e) devices: + - RUNTIME_PM_ENABLE/DISABLE: apply even when RUNTIME_PM_ON_AC/BAT + is disabled (Issue #614) + Processor: + - CPU_DRIVER_OPMODE_ON_AC/BAT: set CPU scaling driver operation mode + (active, guided, passive); amd-pstate/intel_pstate driver required + - CPU_DRIVER_OPMODE_ON_AC/BAT: check if operation mode is actually + supported by the current CPU driver + - CPU_ENERGY_PERF_POLICY_ON_AC/BAT: support AMD Zen 2 or newer CPUs; + kernel 6.3 with amd-pstate driver in active mode required + - CPU_HWP_DYN_BOOST_ON_AC/BAT: *EXPERIMENTAL* support AMD Zen 2 or + newer CPUs; yet unreleased kernel 6.x and amd-pstate driver + in active mode required + - SCHED_POWERSAVE_ON_AC/BAT removed (unavailable since kernel 3.5) + - tlp-stat -p: + - Show amd-pstate operation mode, dynamic boost and performance + attributes + - Show min/max operating frequency the processor can run at + (cpuinfo_min/max_freq) and limit imposed by the BIOS (bios_limit) + - (-v) Show acpi_cppc performance and frequency attributes + Radio Devices: + - Support Thunderbolt docks to switch radio devices + - DEVICES_TO_ENABLE/DISABLE_ON_SHUTDOWN: *DEPRECATED* feature will be + removed in TLP 1.7 + USB: + - USB_AUTOSUSPEND_DISABLE_ON_SHUTDOWN: *DEPRECATED* feature will be + removed in TLP 1.7 + * Bugfixes + Configuration: + - Strip trailing blanks from unquoted parameter values + Operation: + - Deactivate AHCI_RUNTIME_PM and PCIE_ASPM before suspend to avoid + resume freezes (Issue #593, #606, #698) + Processor: + - Set governor although not listed in scaling_available_governors +- Revert moving 99tlp-rdw-nm from user specific directory since 1.6.0 installs + it to vendor specific directory /usr/lib/NetworkManager/dispatcher.d + vlc -- Do not apply vlc.a52.patch if liba52 is < 0.8.0 +- Update to version 3.0.20: + + Video Output: + - Fix green line in fullscreen in D3D11 video output + - Fix crash with some AMD drivers old versions + - Fix events propagation issue when double-clicking with mouse wheel + + Decoders: + - Fix crash when AV1 hardware decoder fails + + Interface: + - Fix annoying disappearance of the Windows fullscreen controller + + Demuxers: + - Fix potential security issue (OOB Write) on MMS:// by checking user size bounds + +- Update to version 3.0.19 +- Remove 104-playback-bar.patch, as it's no longer needed. + + Core: + - Fix next-frame freezing in most scenarios + + Demux: + - Support RIFF INFO tags for Wav files + - Fix AVI files with flipped RAW video planes + - Fix duration on short and small Ogg/Opus files + - Fix some HLS/TS streams with ID3 prefix + - Fix some HLS playlist refresh drift + - Fix for GoPro MAX spatial metadata + - Improve FFmpeg-muxed MP4 chapters handling + - Improve playback for QNap-produced AVI files + - Improve playback of some old RealVideo files + - Fix duration probing on some MP4 with missing information + + Decoders: + - Multiple fixes on AAC handling + - Activate hardware decoding of AV1 on Windows (DxVA) + - Improve AV1 HDR support with software decoding + - Fix some AV1 GBRP streams, AV1 super-resolution streams and monochrome ones + - Fix black screen on poorly edited MP4 files on Android Mediacodec + - Fix rawvid video in NV12 + - Fix several issues on Windows hardware decoding (including "too large resolution in DxVA") + - Improve crunchyroll-produced SSA rendering + + Video Output: + - Super Resolution scaling with nVidia and Intel GPUs + - Fix for an issue when cropping on Direct3D9 + - Multiple fixes for hardware decoding on D3D11 and OpenGL interop + - Fix an issue when playing -90°rotated video + - Fix subtitles rendering blur on recent macOS + + Input: + - Improve SMB compatibility with Windows 11 hosts + + Contribs: + - Update of fluidlite, fixing some MIDI rendering on Windows + - Update of zlib to 1.2.13 (CVE-2022-37434) + - Update of FFmpeg, vpx (CVE-2023-5217), ebml, dav1d, libass + + Misc: + - Improve muxing timestamps in a few formats (reset to 0) + - Fix some rendering issues on Linux with the fullscreen controller + - Fix GOOM visualization + - Fixes for Youtube playback + - Fix some MPRIS inconsistencies that broke some OS widgets on Linux + - Implement MPRIS TrackList signals + - Fix opening files in read-only mode + - Fix password search using the Kwallet backend + - Fix some crashes on macOS when switching application + - Fix 5.1/7.1 output on macOS and tvOS + - Fix several crashes and bugs in the macOS preferences panel + - Improvements on the threading of the MMDevice audio output on Windows + - Fix a potential security issue on the uninstaller DLLs + - Fix memory leaks when using the media_list_player libVLC APIs + + Translations: + - Update of most translations + - New translations to Esperanto, Interlingue, Lao, Macedonian, Burmese, Odia, Samoan and Swahili + +- Update specfile to prevent building with libplacebo v6.292.0 or newer + +- If version constraints for ffmpeg are in use, + every ffmpeg component must be constrained + +- xosd plugin was removed in 5adefde + +- Add 104-playback-bar.patch: Backport fix for the playback bar (commit 60771fe7) + +- Do not apply vlc.a52.patch if liba52 is > 0.8.0 vorbis-tools +- Fix buffer overflow vulnerability during the conversion of wav + files to ogg files (bsc#1215942, CVE-2023-43361): + vorbis-tools-CVE-2023-43361.patch + -- Update to version 1.4.0: - * Lots of changes (see CHANGES file). -- Spec file updates: - * Changes based on rpmdevtools templates and spec-cleaner run. - * Changed License: to GPLv2. - * Added description for the patches based on openSUSE Patches Guidelines. - * Updates in Buildrequires: and %description sections. - * Added a vorbis-tools-lang package (based on rpmlint warning - "package-with-huge-translation"). - * Updates in %build, %install and %files sections. -- Removed the following patches (fixed upstream): - * vorbis-tools-1.1.1-bounds-check-fix.diff - * vorbis-tools-1.1.1-curl-7.16.diff - * vorbis-tools-config.diff - * vorbis-tools-flac-1.1.3.diff -- Rebased the patch vorbis-tools-1.1.1-warning-fixes.diff (most are fixed - upstream and only one change is needed to fix rpm post-build-check failure). - Also renamed it to warning-fixes.diff. -- Rebased the patch for cflags. - webkit2gtk3 +- Add webkit2gtk3-create-destroy-egl-image.patch: fix "No provider + of EglDestroyImage Found" (boo#1216483). + +- Update to version 2.42.1 (boo#1215661 boo#1215866 boo#1215867 + boo#1215868 boo#1215869 boo#1215870): + + Fix enable-html5-database setting to properly enable/disable + IndexedDB API. + + Fix the build with GBM disabled. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2023-41993. + + Changes in version 2.42.0: + + New renderer based on DMA-BUF shared buffers. + + Add new permission request to handle DOM paste access requests. + + Add API to configure experimental features at runtime. + + Add API to set the percentage of volume space that can be used + for data storage. + + GBM is no longer required for WebGL implementation. + + Security fixes: CVE-2023-39928, CVE-2023-41074. +- Disable JPEGXL. + - CVE-2023-40397. + CVE-2023-40397, CVE-2023-39434, CVE-2023-40451. - CVE-2023-37450, CVE-2023-28198, CVE-2023-32370. + CVE-2023-37450, CVE-2023-28198, CVE-2023-32370, CVE-2023-35074. xorg-x11-server +- U_bsc1216261-0003-dix-always-initialize-pScreen-CloseScreen.patch + * fixes a regresion, which can trigger a segfault in Xwayland on + exit, introduced by + U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch + (CVE-2023-5574, ZDI-CAN-21213, bsc#1216261) + +- U_bsc1216261-0001-mi-fix-CloseScreen-initialization-order.patch + U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch + * Server Damage Object Use-After-Free Local Privilege Escalation + Vulnerability (CVE-2023-5574, ZDI-CAN-21213, bsc#1216261) + +- U_bsc1216133-mi-reset-the-PointerWindows-reference-on-screen-swit.patch + * Use-after-free bug in DestroyWindow (CVE-2023-5380, ZDI-CAN-21608, + bsc#1216133) +- U_bsc1216135-Xi-randr-fix-handling-of-PropModeAppend-Prepend.patch + * fix handling of PropModeAppend/Prepend ((CVE-2023-5367, ZDI-CAN-22153, + bsc#1216135) + xwayland +- U_bsc1216261-0001-mi-fix-CloseScreen-initialization-order.patch + U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch + * Server Damage Object Use-After-Free Local Privilege Escalation + Vulnerability (CVE-2023-5574, ZDI-CAN-21213, bsc#1216261) +- U_bsc1216261-0003-dix-always-initialize-pScreen-CloseScreen.patch + * fixes a regresion, which can trigger a segfault in Xwayland on + exit, introduced by + U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch + (CVE-2023-5574, ZDI-CAN-21213, bsc#1216261) + +- U_bsc1216135-Xi-randr-fix-handling-of-PropModeAppend-Prepend.patch + * fix handling of PropModeAppend/Prepend ((CVE-2023-5367, ZDI-CAN-22153, + bsc#1216135) + yast2 +- Fix firewalld zones reader adapting it to the new firewall-cmd + - -list-all-zones output format (bsc#1216534) +- 4.6.4 + +- Branch package for SP6 (bsc#1208913) +- backport: +-- Replace calls to mkinitrd with dracut as mkinitrd will be + dropped (bsc#1203019) +- 4.6.3 + yast2-add-on +- Branch package for SP6 (bsc#1208913) +- 4.6.2 + -- 4.6.1 - -- Bump version to 4.6.0 (bsc#1208913) +- 4.5.4 yast2-apparmor - - Fixed crash on internal error when scanning audit.log -- 4.6.2 + - Backport: Fixed crash on internal error when scanning audit.log +- 4.6.3 -- Added missing textdomain (bsc#1211980) -- 4.6.1 +- Branch package for SP6 (bsc#1208913) -- Bump version to 4.6.0 (bsc#1208913) +- Added missing textdomain (bsc#1211980) +- 4.5.1 yast2-country +- BuildRequire kbd to fix the build (bsc#1211104) +- 4.6.6 + +- use also kbd-model-map.xkb-generated (bsc#1211104) +- sort the selection box of keyboard layouts alphabetically +- 4.6.5 + +- Backport: +-- Allow changing date to a later year than 2032 (bsc#1214144) +-- Replace call to mkinitrd with dracut (bsc#1203019) +- 4.6.4 + +- Branch package for SP6 (bsc#1208913) + yast2-installation +- Refresh repositories with changed URL and reload them again + to activate the changes (related to bsc#1215884) +- 4.6.8 + yast2-iscsi-client -- Bump version to 4.6.0 (bsc#1208913) +- Add support packages on demand (bsc#1214273) +- 4.6.1 + +- Branch package for SP6 (bsc#1208913) +- 4.6.0 yast2-network +- Branch package for SP6 (bsc#1208913) +- 4.6.6 + -- 4.6.5 +- 4.5.21 -- 4.6.4 -- 4.6.3 +- 4.5.20 -- 4.6.2 +- 4.5.19 -- 4.6.1 - -- Bump version to 4.6.0 (bsc#1208913) +- 4.5.18 yast2-nfs-client +- Branch package for SP6 (bsc#1208913) +- 4.6.2 + -- 4.6.1 - -- Bump version to 4.6.0 (bsc#1208913) +- 4.5.2 yast2-online-update +- Branch package for SP6 (bsc#1208913) +- 4.6.2 + -- 4.6.1 - -- Bump version to 4.6.0 (bsc#1208913) +- 4.5.3 yast2-schema-default +- Added several LUKS-related elements to the partitioning schema + (jsc#PED-3878, jsc#PED-5518). +- 4.6.1 + +- Branch package for SP6 (bsc#1208913) + yast2-snapper +- Branch package for SP6 (bsc#1208913) +- 4.6.2 + -- 4.6.1 - -- Bump version to 4.6.0 (bsc#1208913) +- 4.5.1 yast2-storage-ng +- New MdLevel value for linear RAIDs (bsc#1215022) +- 4.6.14 + +- AutoYaST: official support for LUKS2 (jsc#PED-3878, jsc#PED-5518) +- 4.6.13 + +- Branch package for SP6 (bsc#1208913) + yast2-update -- Rebuild the RPM database during upgrade (--rebuilddb) (bsc#1209565) +- Drop the previously used repositories when going back to the + partition selection at upgrade, this ensures the repositories + are correctly reinitialized later (bsc#1215884) +- 4.6.2 + +- Branch package for SP6 (bsc#1208913) -- Bump version to 4.6.0 (bsc#1208913) +- Rebuild the RPM database during upgrade (--rebuilddb) (bsc#1209565) +- 4.5.3 yast2-x11 +- Prevent testX from hanging in second stage if no supported WM + can be started (bsc#1216197) +- 4.6.2 + +- xkbctrl: use also kbd-model-map.xkb-generated (bsc#1211104) +- 4.6.1 + +- Branch package for SP6 (bsc#1208913) + zchunk +- Fix CVE-2023-46228, bsc#1216268 + * Handle overflow errors in malformed zchunk files. +- Added patch: + * CVE-2023-46228.patch + zlib +- Fix CVE-2023-45853, integer overflow and resultant heap-based buffer + overflow in zipOpenNewFileInZip4_6, bsc#1216378 + * CVE-2023-45853.patch +