Packages changed: 389-ds (3.1.2~git90.2bc7250be -> 3.1.3~git106.bea5091e3) AppStream (1.1.0 -> 1.1.1) Mesa (25.2.3 -> 25.2.4) Mesa-demo Mesa-drivers (25.2.3 -> 25.2.4) MozillaFirefox (143.0.1 -> 143.0.3) SDL3 (3.2.22 -> 3.2.24) apache2 apache2-manual apache2-prefork apache2-utils cheese (44.1 -> 44.1+12) frameworkintegration fwupd gedit geoclue2 (2.7.2 -> 2.8.0) gnome-chess (49.0 -> 49.2) gnome-menus (3.36.0 -> 3.38.1) gspell (1.14.0 -> 1.14.1) gstreamer-plugins-libav (1.26.5 -> 1.26.6) gstreamer-plugins-ugly (1.26.5 -> 1.26.6) gtk4 (4.20.1 -> 4.20.2) harfbuzz (11.5.1 -> 12.1.0) jq kernel-source kirigami-addons6 (1.9.0 -> 1.10.0) libstorage-ng (4.5.275 -> 4.5.276) mokutil netpbm (11.11.0 -> 11.12.0) nfs-utils open-vm-tools (13.0.0 -> 13.0.5) openSUSE-release (20251001 -> 20251005) opencv p11-kit (0.25.5 -> 0.25.10) pam-config (2.13+git.20250827 -> 2.13+git.20251003) perl-XML-LibXML permissions (1699_20250120 -> 1699_20251002) pipewire (1.4.8+git4.8f35e18d1 -> 1.4.8+git68.636cbae9b) polkit-default-privs (1550+20250904.99b438e -> 1550+20251002.f34bfbd) pulseaudio python-M2Crypto (0.45.1 -> 0.46.2) python-requests (2.32.4 -> 2.32.5) python-simplejson (3.20.1 -> 3.20.2) python311 python311-core rpcbind salt sdbootutil (1+git20250917.7aab076 -> 1+git20251003.f402058) simple-scan (49.0 -> 49.0.1) snapper strace (6.16 -> 6.17) virglrenderer (1.0.1 -> 1.1.1) wsdd xmlsec1 (1.2.41 -> 1.2.42) yast2-auth-client (5.0.2 -> 5.0.3) === Details === ==== 389-ds ==== Version update (3.1.2~git90.2bc7250be -> 3.1.3~git106.bea5091e3) Subpackages: lib389 libsvrcore0 - Update to version 3.1.3~git106.bea5091e3: * Issue 6660 - UI - Improve replication log analysis charts and usability (#6968) * Issue 6753 - Removing ticket 47653MMR test and porting to DSLdapObject (#6926) * Issue 7021 - Units for changing MDB max size are not consistent across different tools (#7022) * Issue 6753 - Removing ticket 49463 test and porting to DSLdapObject (#6899) * Issue 6954 - do not delete referrals on chain_on_update backend * Issue 6982 - UI - MemberOf shared config does not validate DN properly (#6983) * Issue 6740 - Fix FIPS mode test failures in syncrepl, mapping tree, and resource limits (#6993) * Issue 7018 - BUG - prevent stack depth being hit (#7019) * Issue 7014 - memberOf - ignored deferred updates with LMDB * Issue 7002 - restore is failing. (#7003) * Issue 6758 - Fix WebUI monitoring test failure due to FormSelect component deprecation (#7004) * Issue 6753 - Removing ticket 47869 test and porting to DSLdapObject (#7001) * Issue 6753 - Port ticket 49073 test (#7005) * Issue 7016 - fix NULL deref in send_referrals_from_entry() (#7017) * Issue 6753 - Port ticket 47815 test (#7000) * Issue 7010 - Fix certdir underflow in slapd_nss_init() (#7011) * Issue 7012 - improve dscrl dbverify result when backend does not exists (#7013) * Issue 6753 - Removing ticket 477828 test and porting to DSLdapObject (#6989) * Issue 6753 - Removing ticket 47721 test and porting to DSLdapObject (#6973) * Issue 6992 - Improve handling of mismatched ldif import (#6999) * Issue 6997 - Logic error in get_bdb_impl_status prevents bdb2mdb execution (#6998) * Issue 6810 - Deprecate PAM PTA plugin configuration attributes in base entry - fix memleak (#6988) * Issue 6971 - bundle-rust-npm.py: TypeError: argument of type 'NoneType' is not iterable (#6972) * Fix overflow in certmap filter/DN buffers (#6995) * Issue 6753 - Port ticket 49386 test (#6987) * Issue 6753 - Removing ticket 47787 test and porting to DSLdapObject (#6976) * Issue 6753 - Port ticket 49072 test (#6984) * Issue 6990 - UI - Replace deprecated Select components with new TypeaheadSelect (#6996) * Issue 6990 - UI - Fix typeahead Select fields losing values on Enter keypress (#6991) * Issue 6887 - Enhance logconv.py to add support for JSON access logs (#6889) * Issue 6985 - Some logconv CI tests fail with BDB (#6986) * Issue 6891 - JSON logging - add wrapper function that checks for NULL * Issue 4835 - dsconf display an incomplete help with changelog setting (#6769) * Issue 6753 - Port ticket 47963 & 49184 tests (#6970) * Issue 6753 - Port ticket 47829 & 47833 tests * Issue 6977 - UI - Show error message when trying to use unavailable ports (#6978) * Issue 6956 - More UI fixes * Issue 6626 - Fix version * Issue 6900 - Rename test files for proper pytest discovery (#6909) * Issue 6947 - Revise time skew check in healthcheck tool and add option to exclude checks * Issue 6805 - RFE - Multiple backend entry cache tuning * Issue 6753 - Port and fix ticket 47823 tests * Issue 6843 - Add CI tests for logconv.py (#6856) * Issue 6933 - When deferred memberof update is enabled after the server crashed it should not launch memberof fixup task by default (#6935) * Issue - UI - update Radio handlers and LDAP entries last modified time * Issue 6810 - Deprecate PAM PTA plugin configuration attributes in base entry (#6832) * Issue 6660 - UI - Fix minor typo (#6955) * Issue 6753 - Port ticket 47808 test * Issue 6910 - Fix latest coverity issues * Issue 6753 - Removing ticket 50232 test and porting to DSLdapObject (#6861) * Issue 6919 - numSubordinates/tombstoneNumSubordinates are inconsisten… (#6920) * Issue 6430 - Fix build with bundled libdb * Issue 6342 - buffer owerflow in the function parseVariant (#6927) * Issue 6940 - dsconf monitor server fails with ldapi:// due to absent server ID (#6941) * Issue 6936 - Make user/subtree policy creation idempotent (#6937) - Update python packaging to adhere to pyproject and newer guidelines - Update to version 3.1.3~git51.e14e23e0f: * Migrate from PR_Poll to epoll and timerfd. (#6924) * Issue 6928 - The parentId attribute is indexed with improper matching rule * Issue 6753 - Removing ticket 49540 test and porting to DSLdapObject (#6877) * Issue 6904 - Fix config_test.py::test_lmdb_config * Issue 5120 - Fix compilation error * Issue 6929 - Compilation failure with rust-1.89 on Fedora ELN * Issue 6922 - AddressSanitizer: leaks found by acl test suite * Issue 6519 - Add basic dsidm account tests * Issue 6753 - Port ticket test 47573 * Issue 6875 - Fix dsidm tests * Issues 6913, 6886, 6250 - Adjust xfail marks (#6914) * Issue 6768 - ns-slapd crashes when a referral is added (#6780) * Issue 6468 - CLI - Fix default error log level * Issue 6181 - RFE - Allow system to manage uid/gid at startup * Issue 6901 - Update changelog trimming logging - fix tests * Issue 6778 - Memory leak in roles_cache_create_object_from_entry part 2 * Issue 6897 - Fix disk monitoring test failures and improve test maintainability (#6898) * Issue 6884 - Mask password hashes in audit logs (#6885) * Issue 6594 - Add test for numSubordinates replication consistency with tombstones (#6862) * Issue 6250 - Add test for entryUSN overflow on failed add operations (#6821) * Issue 6895 - Crash if repl keep alive entry can not be created * Issue 6663 - Fix NULL subsystem crash in JSON error logging (#6883) * Issue 6430 - implement read-only bdb (#6431) * Issue 6901 - Update changelog trimming logging * Issue 6880 - Fix ds_logs test suite failure * Issue 6352 - Fix DeprecationWarning * Issue 6800 - Rerun the check in verbose mode on failure * Issue 6893 - Log user that is updated during password modify extended operation * Issue 6772 - dsconf - Replicas with the "consumer" role allow for viewing and modification of their changelog. (#6773) * Issue 6829 - Update parametrized docstring for tests * Issue 6888 - Missing access JSON logging for TLS/Client auth * Issue 6878 - Prevent repeated disconnect logs during shutdown (#6879) * Issue 6872 - compressed log rotation creates files with world readable permission * Issue 6859 - str2filter is not fully applying matching rules * Issue 5733 - Remove outdated Dockerfiles * Issue 6800 - Check for minimal supported Python version * Issue 6868 - UI - schema attribute table expansion break after moving to a new page * Issue 6865 - AddressSanitizer: leak in agmt_update_init_status * Issue 6848 - AddressSanitizer: leak in do_search * Issue 6850 - AddressSanitizer: memory leak in mdb_init * Issue 6854 - Refactor for improved data management (#6855) ... changelog too long, skipping 34 lines ... * Issue 5120 - ns-slapd doesn't start in referral mode (#6763) ==== AppStream ==== Version update (1.1.0 -> 1.1.1) Subpackages: libAppStreamQt3 libappstream5 - Update to version 1.1.1: + Features: Add option to disable man page creation + Bugfixes: - Add explicit UTF-8 tests to check for libfyaml's unicode handling - yaml: Drop implicit string quoting, make it explicit + Mscellaneous: qt: Drop support for Qt5 - Remove multibuild setup and drop all traces of qt5 from the spec file: Qt5 is no longer supported ==== Mesa ==== Version update (25.2.3 -> 25.2.4) Subpackages: Mesa-libEGL1 Mesa-libGL1 libgbm1 - Update to release 25.2.4 - -> https://docs.mesa3d.org/relnotes/25.2.4 ==== Mesa-demo ==== Subpackages: Mesa-demo-egl Mesa-demo-x - redefine %meson_build/%meson_install on Leap 15.6 in order to fix build ==== Mesa-drivers ==== Version update (25.2.3 -> 25.2.4) Subpackages: Mesa-dri Mesa-libva Mesa-vulkan-device-select libvulkan_lvp - Update to release 25.2.4 - -> https://docs.mesa3d.org/relnotes/25.2.4 ==== MozillaFirefox ==== Version update (143.0.1 -> 143.0.3) Subpackages: MozillaFirefox-branding-upstream - Mozilla Firefox 143.0.3 https://www.firefox.com/en-US/firefox/143.0.3/releasenotes MFSA 2025-80 (bsc#1250678 * CVE-2025-11152 (bmo#1987246) Sandbox escape due to integer overflow in the Graphics: Canvas2D component * CVE-2025-11153 (bmo#1987481) JIT miscompilation in the JavaScript Engine: JIT component ==== SDL3 ==== Version update (3.2.22 -> 3.2.24) - Update to release 3.2.24 * Fixed a crash when enumerating Steam Controllers. * Fixed rumble strength on DualSense Edge and Bluetooth connected controllers. * Fixed the HP Deluxe Webcam KQ246AA being detected as joystick. * Fixed VMware not capturing the mouse when relative mode is enabled. * Increased the maximum color target bindings from 4 to 8 in the GPU API. * When using SDL_SetRenderLogicalPresentation(), letterboxing now uses the clear color instead of black. * Fixed crash at startup when redirecting X11 output over ssh. * Fixed a memory leak when using detached threads. ==== apache2 ==== - httpd testsuite of svn revision 1928711, fixes the failure caused by libxml2 version update to 2.14 ==== apache2-manual ==== - httpd testsuite of svn revision 1928711, fixes the failure caused by libxml2 version update to 2.14 ==== apache2-prefork ==== - httpd testsuite of svn revision 1928711, fixes the failure caused by libxml2 version update to 2.14 ==== apache2-utils ==== - httpd testsuite of svn revision 1928711, fixes the failure caused by libxml2 version update to 2.14 ==== cheese ==== Version update (44.1 -> 44.1+12) Subpackages: libcheese-common libcheese8 typelib-1_0-Cheese-3_0 - Update to version 44.1+12: * libcheese: Add GtkWidget cast to avoid an incompatible-pointer-types error * Fix JSON validation * Set prgname to application ID * Apply 1 suggestion(s) to 1 file(s) * appdata: Fix appdata papercuts * Updated translations. - Drop patches merged upstream: * 73.patch * cheese-c99.patch - Switch to current HEAD via source service. ==== frameworkintegration ==== - Drop optional kpackage install handler support. AppStream 1.1.1 no longer supports Qt 5. ==== fwupd ==== Subpackages: fwupd-bash-completion libfwupd3 typelib-1_0-Fwupd-2_0 - Fix file list ==== gedit ==== - Add AppStream BuildRequires and check section with meson_test macro, run tests during build. ==== geoclue2 ==== Version update (2.7.2 -> 2.8.0) Subpackages: system-user-srvGeoClue typelib-1_0-Geoclue-2_0 - Delete 0001-ichnaea-include-ssid.patch, 0002-ichnaea-replace-user-agent.patch, 0003-user-agent-os-info.patch: upstreamed - Remove set default to BeaconDB: now default in upstream - Update to version 2.8.0: * Add comment for the Positon location service in default config * Include the SSID in queries to the Ichnaea server to support BeaconDB * Set User-Agent in web source queries and add OS info to it * Allow disabling WiFi source and static source during compilation * Show default Wifi URLs set on compile time in comments in the default config * Add BeaconDB URLs to comments in the default config * Add a separate GeoIP location source: + Add an 'ip' config section with selectable backend methods: - ichnaea, gmaps, reallyfreegeoip + Allow overriding URL and accuracy in ip methods with values from config + Use BeaconDB as the backup GeoIP URL, if URLs are not defined in ip or web source configs + Remove the GeoIP functionality from the web source, it now only handles queries with Wifi and 3G data * Install sysusers.d file for the geoclue user * Use BeaconDB as the compiled-in default server for locate and submit queries in the web source * Forward xdp location start errors in the GClueSimple API * Stricter NMEA coordinate parsing: Ignore NMEA coordinates without degree digits, reject coordinates with incorrect range etc. * where-am-i: Output accuracy without unnecessary decimals * Don't crash when running without enabled location sources but warn that location is not available * Fix crash on removing a modem without location capabilities * Make SOUP_STATUS_OK as the only successful response code from Ichnaea servers * Gracefully handle empty response from Ichnaea server * Add more details for network-nmea in the manpage ==== gnome-chess ==== Version update (49.0 -> 49.2) - Update to version 49.2: + Actually for real this time fix: Opponent must be switched off and then to human for the opponent to be a human. - Update to version 49.1: + Bugs fixed: Opponent must be switched off and then to human for the opponent to be a human. + Updated translations. ==== gnome-menus ==== Version update (3.36.0 -> 3.38.1) Subpackages: libgnome-menu-3-0 typelib-1_0-GMenu-3_0 - Update to version 3.38.1: + No functional changes - Changes from version 3.38.0: + Add GioUnix-2.0 dependency to introspect libmenu + Updated translations ==== gspell ==== Version update (1.14.0 -> 1.14.1) - Update to version 1.14.1: + Documentation: update some URLs. + Updated translations. - Update URL to new home. - Switch to source service for tarball. ==== gstreamer-plugins-libav ==== Version update (1.26.5 -> 1.26.6) - Update to version 1.26.6: + No changes, stable versionbump only. ==== gstreamer-plugins-ugly ==== Version update (1.26.5 -> 1.26.6) - Update to version 1.26.6: + No changes, stable bump only. ==== gtk4 ==== Version update (4.20.1 -> 4.20.2) Subpackages: gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0 - Update to version 4.20.2: + Bugs fixed: - Only the first text-shadow value gets applied when there are multiple (regression) - Make sense of AtkHyperlink - Opening Clipboard Demo triggers abort + Changes: - surface: Mark region as nullable in set_input_region - settings: Call g_value_unset() after _gtk_settings_parse_convert() - wayland: Invert flipped transforms - Fix upright text carets - gsk: Drop an unused private flag - Some small gsk fixes - text: Apply all text shadows - Backports for 4.20 - Add GtkAccessibleHypertext + Updated translations. ==== harfbuzz ==== Version update (11.5.1 -> 12.1.0) Subpackages: libharfbuzz-gobject0 libharfbuzz-icu0 libharfbuzz-subset0 libharfbuzz0 typelib-1_0-HarfBuzz-0_0 - Update to version 12.1.0: + Build fixes with GCC 15 on some 32 bit platforms. + Fix misaligned pointer use. + New API, hb_ot_layout_lookup_collect_glyph_alternates(), to collect glyph substitutions from single and alternate substitution lookups in one call, instead of getting substitutions one by one using hb_ot_layout_lookup_get_glyph_alternates(). + New API: +hb_ot_layout_lookup_collect_glyph_alternates() - Update to version 12.0.0: + The major feature of this release is that the Variable Composites / Components (VARC table) addition to the ISO OpenFontFormat has graduated from experimental, and is now enabled by default. It can be disabled at compile time by defining the HB_NO_VAR_COMPOSITESz macro. + VARC table is a new way to store glyph outlines, that allows for better shape reuse, and can reduce font file size for Chinese, Japanese, Korean, and some other scripts drastically. Some font design tools provide a similar feature to designers, known as "smart components". This technology brings the same idea to the compiled font file. + The Fontra font editor already supports this technology. Note that this new format involves just the HarfBuzz draw API and does not affect shaping. + Correctly handle markFilteringSet lookup field during subsetting. + Deduplicate features during subsetting. + Disable “more” buffer messages that give more verbose output when using buffer messages callbacks, as it has a performance overhead. Users/tools that need the more verbose messages should define HB_BUFFER_MESSAGE_MORE to 1 when building HarfBuzz. + Shaping and instancing optimizations. + Fix subsetting issues when building with GCC 12. ==== jq ==== Subpackages: libjq1 - Enable valgrind on riscv64 ==== kernel-source ==== Subpackages: kernel-64kb kernel-default - Revert "crypto: testmgr - desupport SHA-1 for FIPS 140" (bsc#1250804). - commit 190326b ==== kirigami-addons6 ==== Version update (1.9.0 -> 1.10.0) Subpackages: libKirigamiAddonsStatefulApp6 - Update to 1.10.0 https://carlschwan.eu/2025/09/27/kirigami-addons-1.10.0/ * New: KirigamiApp component ==== libstorage-ng ==== Version update (4.5.275 -> 4.5.276) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - Translated using Weblate (Indonesian) (bsc#1149754) - 4.5.276 ==== mokutil ==== - Enable build on riscv64 ==== netpbm ==== Version update (11.11.0 -> 11.12.0) Subpackages: libnetpbm11 - version update to 11.12.0 * pamtris: fix unrecognized command or crash on line with no command. Broken in Netpbm 10.85 (December 2018). * ppmcmap.h: fix C++ compilation. Broken at least since Netpbm 10.35 (August 2006). * Make ppmdfont.h work in C++ compile. Always broken (ppmdfont.h was new some time before Netpbm 10.35 (August 2006)). ==== nfs-utils ==== Subpackages: libnfsidmap1 nfs-client nfs-kernel-server - Drop rcnfs-client/rcnfs-server symlinks [jsc#PED-266] ==== open-vm-tools ==== Version update (13.0.0 -> 13.0.5) Subpackages: libvmtools0 open-vm-tools-desktop - Update to open-vm-tools 13.0.5 based on build 24915695. (boo#1250692): Please refer to the Release Notes at https://github.com/vmware/open-vm-tools/blob/stable-13.0.5/ReleaseNotes.md. The granular changes that have gone into the open-vm-tools 13.0.5 release are in the ChangeLog at https://github.com/vmware/open-vm-tools/blob/stable-13.0.5/open-vm-tools/ChangeLog. There are no new features in the open-vm-tools 13.0.5 release. This is primarily a maintenance release that addresses a security issue. This release resolves and includes the patch for CVE-2025-41244. For more information on this vulnerability and its impact on Broadcom products, see VMSA-2025-0015. A patch to address CVE-2025-41244 on earlier open-vm-tools releases is provided to the Linux community at CVE-2025-41244.patch. A minor enhancement has been made for Guest OS Customization. The DeployPkg plugin has been updated to use "systemctl reboot", if available. For a more complete list of issues addressed in this release, see the What's New and Resolved Issues section of the Release Notes. - Drop patch now contained in 13.0.5: 0001-GOSC-Update-Guest-OS-Customization-to-utilize-system.patch CVE-2025-41244-1240-1300-SDMP.patch - Fix (bsc#1250373 (CVE-2025-41244) - VUL-0: contains a local privilege escalation vulnerability. + Add patch: - CVE-2025-41244-1240-1300-SDMP.patch ==== openSUSE-release ==== Version update (20251001 -> 20251005) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== opencv ==== - Add 86df531.patch: FFmpeg 8.0 support (boo#1249045). ==== p11-kit ==== Version update (0.25.5 -> 0.25.10) Subpackages: libp11-kit0 p11-kit-server p11-kit-tools - Update to 0.25.10: * rpc: Add module configuration option to specify server address [#707] * rpc: Fix empty array attribute handling [#704] * server: Remove libsystemd dependency for socket activation [#685] * Avoid segfault if p11_library_init_impl/p11_library_uninit are called multiple times [#682] * Add zsh completions [#674] * pkcs11: Update pkcs11.h to version 3.1 [#671] * pkcs11: Add IBM specific mechanisms [#669] * server: Check SHELL if (and only if) neither --sh nor --csh is specified [#661] * trust: Don't create file names longer then 255 [#659] * trust: Sort paths for reproducible extract [#656] * Build and test fixes [#647, #653, #654, #657, #660, #667, #673, #681, #683, #688, #694] * Update translations [#663, #701] * Build fixes from tarball with Meson [#714] * subprojects/pkcs11-json: Update git submodule [PR#719] * Disable zsh completions See fullchangelog at: https://github.com/p11-glue/p11-kit/releases ==== pam-config ==== Version update (2.13+git.20250827 -> 2.13+git.20251003) - Update to version 2.13+git.20251003: * pam_sss: add all possible options * Add support for 12 and 13 options ==== perl-XML-LibXML ==== - fix build with libxml2 2.14 - deleted patches * perl-XML-LibXML-fix-testsuite-with-libxml2-2.13.patch (adopted to 2.14) - added patches * perl-XML-LibXML-fix-testsuite-with-libxml2-2.14.patch ==== permissions ==== Version update (1699_20250120 -> 1699_20251002) Subpackages: permctl permissions-config - Update to version 1699_20251002: * profiles: add OpenSMTPD setuid/setgid binaries (bsc#1247781) * profiles: drop starter-suid since Singularity is no longer packaged ==== pipewire ==== Version update (1.4.8+git4.8f35e18d1 -> 1.4.8+git68.636cbae9b) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Revert change that enables gsettings-pulse-schema. This creates a file conflict with libpulse-mainloop-glib0 because they both try to install the org.freedesktop.pulseaudio.gschema.xml file. - Update to version 1.4.8+git68.636cbae9b: * avahi: handle fd allocation errors * alsa: Use the minimum period size as headroom for SOF cards * adapter: fix Start of adapter * alsa: don't fail if 3 periods_min fails (boo#1250381) * spa: libcamera: source: fix typo in log message * spa: libcamera: source: query frame buffer planes just once * spa: libcamera: source: simplify `spa_libcamera_clear_buffers()` * spa: libcamera: source: keep `libcamera::FrameBufferAllocator` * spa: libcamera: source: clear buffers when format is changed * spa: libcamera: source: handle try-only format unset * spa: libcamera: source: do not emit param change if try-only * spa: libcamera: source: extract presence of `SPA_NODE_PARAM_FLAG_TEST_ONLY` * spa: libcamera: source: remove format config shortcut * spa: libcamera: source: set chunk flags on error * spa: libcamera: source: process requests on data loop * spa: libcamera: source: process all requests in the ring buffer * spa: libcamera: source: reset ring buffer when stopping * spa: libcamera: source: move request completion data to `impl` * spa: libcamera: source: store the request pointer in ring buffer * spa: libcamera: source: remove `impl::pendingRequests` * spa: libcamera: source: persistent requests <-> buffer association * spa: libcamera: source: allocBuffers(): more error checking * spa: libcamera: source: allocBuffers(): restore on failure * spa: libcamera: source: freeBuffers(): call when format is unset * spa: libcamera: source: freeBuffers(): split pending request removal * spa: libcamera: source: propagate error when setting format * spa: libcamera: source: port_set_format(): remove goto * spa: libcamera: source: use dynamic builder for controls * spa: libcamera: source: provide value labels if available * spa: libcamera: source: handle enum controls better * spa: libcamera: source: unify control range logic * spa: libcamera: source: ignore array controls * spa: libcamera: source: rework bool control type info * spa: libcamera: source: move control enumeration to loop * spa: libcamera: source: separate type info generation * spa: libcamera: manager: keep `libcamera::CameraManager` * spa: libcamera: manager: factor out hotplug event submission * spa: libcamera: source: create eventfd before starting camera * spa: libcamera: source: generate camera config right away * spa: libcamera: source: remove `SPA_PROP_device{,Name}` * spa: libcamera: source: do not close fd * spa: libcamera: source: remove unused `enum_fmt` member * spa: libcamera: source: prop_id_to_control(): do range check first * spa: libcamera: source: fix mapping of `libcamera::ColorSpace::TransferFunction::Linear` * spa: libcamera: source: simplify color space conversion * spa: libcamera: source: avoid iterator overrun when enumerating controls * spa: libcamera: manager: fix id allocation * spa: libcamera: use `nullptr` instead of `NULL` * spa: libcamera: use C++ style casts * spa: libcamera: use anon ns instead of `static` * spa: libcamera: device: remove empty line * spa: libcamera: source: inline `mmap_init()` * spa: libcamera: source: set "corrupted" flag if applicable * spa: libcamera: source: use `union` for transferring control value * spa: libcamera: source: simplify control mapping * spa: libcamera: source: do not make expensive queries multiple times * spa: libcamera: source: simplify format lookup * spa: libcamera: source: use enum types * spa: libcamera: source: handle camera acquire failure * spa: libcamera: inline `libcamera-utils.cpp` * spa: libcamera: clean up includes * spa: libcamera: use lock when acquiring `CameraManager` * spa: libcamera: add colorimetry support * libcamera: Default to auto-focus & auto-exposure - Stop passing gsettings-pulse-schema=disabled to meson setup, all buildependencies are in place already, follow upstream default, build gsettings schema support. ==== polkit-default-privs ==== Version update (1550+20250904.99b438e -> 1550+20251002.f34bfbd) - Update to version 1550+20251002.f34bfbd: * profiles: add systemd-machined v258 register-machine action (bsc#1250893) * profiles: add systemd-homed v258 manage-signing-keys action (bsc#1250884) * profiles: add systemd-resolved v258 addition (bsc#1250880) ==== pulseaudio ==== Subpackages: libpulse-mainloop-glib0 libpulse0 pulseaudio-setup pulseaudio-utils system-user-pulse - Move org.freedesktop.pulseaudio.gschema.xml file to pulseaudio-module-gsettings where it belongs. ==== python-M2Crypto ==== Version update (0.45.1 -> 0.46.2) - Update to 0.46.2: - fix[m2xmlrpclib]: make the module compatible with Python 3.6 - Update to 0.46.1: - M2Crypto closes SSL connection on closing HTTPS Connection, and some other related issues (#203, #278) - Modernize C API by eliminating use of deprecated PyBytes_AsStringAndSize and related functions with Python Buffer Protocol (#375) - Whole project is completely covered with type hints and is checked by mypy (also while doing that, the whole project was blackened) (#344) - Add logging support to C extension code sending messages to the Python logging - Introducing first efforts to support Engine object (#229) - Reworked and fixed M2Crypto.m2xmlrpclib module (#163) - Reverted removal of demo/ subdirectory - Improve SMIME documentation (#377) - Some other minor bugs, improvements, and removal of dead code - Correct license to BSD-2-Clause and update references - Specify in setup.cfg that we require Python >= 3.6 ==== python-requests ==== Version update (2.32.4 -> 2.32.5) Subpackages: python311-requests python313-requests - Update to 2.32.5 * The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration. * Added support for Python 3.14. * Dropped support for Python 3.8 following its end of support. - Drop inject-default-ca-bundles.patch, fixed upstream - Drop revert-caching-default-sslcontext.patch, merged upstream - Update BuildRequires from setup.py ==== python-simplejson ==== Version update (3.20.1 -> 3.20.2) - Update to 3.20.2 * Add a test for the min and max floats * Disable speedups on GraalPy same as on PyPy * Update changelog and version for v3.20.2 ==== python311 ==== Subpackages: python311-curses python311-dbm - Add gh139257-Support-docutils-0.22.patch to fix build with latest docutils (>=0.22) gh#python/cpython#139257 ==== python311-core ==== Subpackages: libpython3_11-1_0 python311-base - Add gh139257-Support-docutils-0.22.patch to fix build with latest docutils (>=0.22) gh#python/cpython#139257 ==== rpcbind ==== - Drop rcrpcbind symlink [jsc:PED-266] ==== salt ==== Subpackages: python311-salt salt-master salt-minion - Add python3.11 as preferable for salt-ssh to avoid tests fails - Added: * add-python3.11-as-preferable-for-salt-ssh-to-avoid-t.patch ==== sdbootutil ==== Version update (1+git20250917.7aab076 -> 1+git20251003.f402058) Subpackages: sdbootutil-dracut-measure-pcr sdbootutil-snapper - Update to version 1+git20251003.f402058: * Do not mount /run/media in the chroot * Normalize how to hide errors * Ask the volume key only if --measure-pcr is set * Abort any updating inside a transaction * Bindmount /var/lib/systemd for tukit * Revert "Do not ask the password while in a transaction" * Only update PCR 15 if --measure-pcr is set * Do not ask the password while in a transaction * Add parameter for code tracing ==== simple-scan ==== Version update (49.0 -> 49.0.1) - Update to version 49.0.1: + Fix CI. + Updated translations. ==== snapper ==== Subpackages: libsnapper8 snapper-lang snapper-zypp-plugin - detect correct path of btrfs binary on Debian and derivatives (gh#openSUSE/snapper#1057) ==== strace ==== Version update (6.16 -> 6.17) - Update to strace 6.17 * Implemented decoding of file_getattr and file_setattr syscalls. * Implemented decoding of SO_INQ socket option. * Updated lists of BPF_*, BTN_*, BTRFS_*, DEVCONF_*, ETHTOOL_*, FALLOC_*, KEXEC_*, KEY_*, KVM_*, NETCONFA_*, NFT_*, PR_*, SCM_*, V4L2_*, and XDP_* constants. * Updated lists of ioctl commands from Linux 6.17. ==== virglrenderer ==== Version update (1.0.1 -> 1.1.1) - version update to 1.1.1 1.1.1 Venus * add support for . VK_EXT_blend_operation_advanced . VK_EXT_host_image_copy . VK_EXT_sample_locations . VK_KHR_acceleration_structure . VK_KHR_dynamic_rendering_local_read . VK_KHR_maintenance6 . VK_KHR_maintenance7 . VK_KHR_ray_query . VK_KHR_ray_tracing_maintenance1 . VK_KHR_ray_tracing_position_fetch . VK_KHR_ray_tracing_pipeline . allow to passthrough Vulkan 1.4 support * make virgl_render_server and venus work also without HAVE_MEMFD_CREATE virgl/vrend fixes and changes: * fix modifier query overflow * support R16G16B16X16_UNORM * don't use resource IDs when checking index buffer update requirement * actually propagate the MAX_VERTEX_OUTPUT_COMPONENTS for GLES>=3.0 * propagate the GL_MAX_stage_SHADER_STORAGE_BLOCKS for each stage * virgl: fix fd leak in resource map * Fix int-conversion fatal build error with GCC-14 * virgl: Add error messages to virgl_renderer_init() * vtest: perfetto tracing support * don't choke when the host driver re-uses OpenGL IDs Improve support on FreeBSD and Android DRM * fence: Clear last fence after submission * msm: . add new caps . update UAPI header . improve error msg . fix fence-sharing * amdgpu: . remove redundant SIZE_MAX checks . return original error code to guest from amdgpu_ccmd_bo_query_info() . relax error handling of libdrm API failures . handle dumb resources gracefully in amdgpu_ccmd_bo_query_info() 1.1.0 Support for amdgpu native contexts (Requires umerged changes to qemu, libdrm, and mesa Venus: * Enable support for new extensions: . EXT_attachment_feedback_loop_layout . VK_KHR_maintenance5 . VK_KHR_fragment_shading_rate support . VK_EXT_external_memory_acquire_unmodified . VK_KHR_format_feature_flags2 * Fixes and improvements: . Fix a prior ring wait seqno validation . handle ring fatal error more robustly . hide priority request logging behind debug build . lock device tracked object list . log more on ring fatal . only set ring thread prio if requested . optimize to avoid locking each encoder write . set forwarded nice priority for ring threads virgl/vrend: * create transient dmabuf in resource_map * fix "error: implicit declaration of function 'close'" for Windows * fix "fatal error: poll.h: No such file or directory" for Windows * Correct error value returned by virgl_fence_set_fd_locked() * virgl_protocol: Use parenthesis in macros * virgl_util: Add hash_table_search() * virgl_util: hide slow trace behind debug build * Require 4-byte alignment for all virglrenderer commands * consider drm_initialized too * Add XRGB2101010 support * Check whether we actually got a valid OpenGL/GLES context * Properly seperate the mirror_clamp feat reporting * Support R16G16B16X16_FLOAT as GBM buffer * Improve interaction between 24 bit formats used with GBM and OpenGL * clean up error reporting in vrend_renderer_init * conditionally build using gbm_bo_get_map_info() * fix incorrect limit sent for max samplers * reset dirty mask after binding samplers * stop clobbering the texture bindings * warn on missing sampler_view.texture * workaround non-conformant sampler view pattern * winsys_gbm: initialize pointer map_data before calling gbm_bo_map * decode: print error if format is not correct * shader: Never return out-of-range from varying_bit_from_semantic_and_index * shader: Remove unnecessary condition * util: Fix compiling set_dmabuf_name() using older kernel headers * renderer: Verify that the iov has enough space for the texture data Improve compatibility with MS Windows: * Fix resource_get_info_ext() failing for d3d resources * Fixed logical operation handling so that the logic-op function is updated whenever needed. * tgsi: fix "error: 'uint' undeclared" for Windows Add a fuzzer that sets up valid states to be able to test more code build changes: * Support Darwin hosts * Disable strict aliasing ==== wsdd ==== - Drop rcwsdd symlink [jsc#PED-266] ==== xmlsec1 ==== Version update (1.2.41 -> 1.2.42) Subpackages: libxmlsec1-1 libxmlsec1-nss1 libxmlsec1-openssl1 - version update to 1.2.42 * (xmlsec-openssl) Ensured that only certificates from XML file are returned after verification. * (xmlsec-core) Fixed includes to support latest LibXML2 / LibXSLT. * Several other small fixes (https://github.com/lsh123/xmlsec/commits/xmlsec-1_2_x). ==== yast2-auth-client ==== Version update (5.0.2 -> 5.0.3) - Add support of sssd Information Pipe (bsc#1246696) - 5.0.3