Packages changed:
MicroOS-release (20240419 -> 20240421)
NetworkManager (1.44.2 -> 1.44.4)
gcc14 (14.0.1+git9885 -> 14.0.1+git10008)
glibc
gtk2
gtk4 (4.14.2 -> 4.14.3)
kernel-firmware (20240322 -> 20240419)
libxml2 (2.11.6 -> 2.12.6)
libzypp (17.32.4 -> 17.32.5)
llvm18 (18.1.3 -> 18.1.4)
python-numpy (1.26.2 -> 1.26.4)
python311 (3.11.8 -> 3.11.9)
python311-core (3.11.8 -> 3.11.9)
xfsprogs (6.6.0 -> 6.7.0)
=== Details ===
==== MicroOS-release ====
Version update (20240419 -> 20240421)
Subpackages: MicroOS-release-appliance MicroOS-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== NetworkManager ====
Version update (1.44.2 -> 1.44.4)
Subpackages: NetworkManager-bluetooth NetworkManager-wwan libnm0 typelib-1_0-NM-1_0
- Update to version 1.44.4:
+ Add the 'dns-change' dispatcher event.
+ Various fixed related to IPv4 duplicate address detection.
+ Fix support for OVS netdev datapath
+ Fix handling of IPv6 hop limit
==== gcc14 ====
Version update (14.0.1+git9885 -> 14.0.1+git10008)
Subpackages: libatomic1 libgcc_s1 libgfortran5 libgomp1 libquadmath0 libstdc++6 libubsan1
- Update to trunk head, 7c2a9dbcc2c1cb1563774068c59d5e09e, git10008
==== glibc ====
Subpackages: glibc-locale glibc-locale-base
- iconv-iso-2022-cn-ext.patch: iconv: ISO-2022-CN-EXT: fix out-of-bound
writes when writing escape sequence (CVE-2024-2961, bsc#1222992)
==== gtk2 ====
Subpackages: gtk2-tools libgtk-2_0-0
- Do not recommend the variuos -immodule-*: they have locale based
provides which makes zypper install them when the locales are
requested.
==== gtk4 ====
Version update (4.14.2 -> 4.14.3)
Subpackages: gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0
- Update to version 4.14.3:
+ GtkShortcutManager: Track the propagation phase of added
controllers.
+ Accessibility: Implement GtkAccessibleRange for scrollbars.
+ X11:
- Fix some confusing debug messages
- Drop a no-longer-relevant optimization that was interfering
with getting the current window manager capabilities.
+ Tools: Support generating pdf in gtk4-rendernode-tool.
+ Updated translations.
==== kernel-firmware ====
Version update (20240322 -> 20240419)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd
- Update to version 20240419 (git commit 7eab37522984):
* Montage: update firmware for Mont-TSSE
* linux-firmware: Add tuning parameter configs for CS35L41 Firmware
* linux-firmware: Fix firmware names for Laptop SSID 104316a3
* linux-firmware: Add CS35L41 HDA Firmware for Lenovo Legion Slim 7 16ARHA7
* linux-firmware: update firmware for mediatek bluetooth chip (MT7922)
* linux-firmware: update firmware for MT7922 WiFi device
* iwlwifi: add gl FW for core87-44 release
* iwlwifi: add ty/So/Ma firmwares for core87-44 release
* iwlwifi: update cc/Qu/QuZ firmwares for core87-44 release
* nvidia: Update Tegra210 XUSB firmware to v50.29
* amdgpu: update beige goby firmware
* amdgpu: update dimgrey cavefish firmware
* amdgpu: update psp 13.0.11 firmware
* amdgpu: update gc 11.0.4 firmware
* amdgpu: update navy flounder firmware
* amdgpu: update renoir firmware
* amdgpu: update vcn 4.0.2 firmware
* amdgpu: update sdma 6.0.1 firmware
* amdgpu: update psp 13.0.4 firmware
* amdgpu: update gc 11.0.1 firmware
* amdgpu: update sienna cichlid firmware
* amdgpu: update vega20 firmware
* amdgpu: update yellow carp firmware
* amdgpu: update green sardine firmware
* amdgpu: update vega12 firmware
* amdgpu: update raven2 firmware
* amdgpu: update vcn 4.0.4 firmware
* amdgpu: update smu 13.0.7 firmware
* amdgpu: update sdma 6.0.2 firmware
* amdgpu: update ipsp 13.0.7 firmware
* amdgpu: update gc 11.0.2 firmware
* amdgpu: update vega10 firmware
* amdgpu: update raven firmware
* amdgpu: update navi14 firmware
* amdgpu: update smu 13.0.10 firmware
* amdgpu: update sdma 6.0.3 firmware
* amdgpu: update psp 13.0.10 firmware
* amdgpu: update gc 11.0.3 firmware
* amdgpu: update vcn 3.1.2 firmware
* amdgpu: update psp 13.0.5 firmware
* amdgpu: update gc 10.3.6 firmware
* amdgpu: update navi12 firmware
* amdgpu: update arcturus firmware
* amdgpu: update vangogh firmware
* amdgpu: update navi10 firmware
* amdgpu: update vcn 4.0.3 firmware
* amdgpu: update smu 13.0.6 firmware
* amdgpu: update psp 13.0.6 firmware
* amdgpu: update gc 9.4.3 firmware
* amdgpu: update vcn 4.0.0 firmware
* amdgpu: update smu 13.0.0 firmware
* amdgpu: update sdma 6.0.0 firmware
* amdgpu: update psp 13.0.0 firmware
* amdgpu: update gc 11.0.0 firmware
* amdgpu: update firmware
* amdgpu: update aldebaran firmware
* amdgpu: update psp 13.0.8 firmware
* amdgpu: update gc 10.3.7 firmware
* linux-firmware: mediatek: Update MT8173 VPU firmware to v1.1.9
* ath10k: WCN3990: hw1.0: add qcm2290 firmware API file
* ath10k: WCN3990: hw1.0: move firmware back from qcom/ location
* i915: Add DG2 HuC 7.10.15
* amdgpu: DMCUB updates for various AMDGPU ASICs
* linux-firmware: update firmware for en8811h 2.5G ethernet phy
* rtw89: 8852c: update fw to v0.27.56.14
* rtw89: 8922a: add firmware v0.35.18.0
* rtw88: Add RTL8703B firmware v11.0.0
==== libxml2 ====
Version update (2.11.6 -> 2.12.6)
Subpackages: libxml2-2 libxml2-tools
- Update to version 2.12.6
* Regressions
- parser: Fix detection of duplicate attributes in XML namespace
- xmlreader: Fix xmlTextReaderConstEncoding
- html: Fix htmlCreatePushParserCtxt with encoding
- xmllint: Return error code if XPath returns empty nodeset
- Update to version 2.12.5
* Security
- [CVE-2024-25062] xmlreader: Don't expand XIncludes when backtracking
* Regressions
- parser: Fix crash in xmlParseInNodeContext with HTML documents
- Update to version 2.12.4
* Regressions
- parser: Fix regression parsing standalone declarations
- autotools: Readd --with-xptr-locs configuration option
- parser: Fix build --without-output
- parser: Don't grow or shrink pull parser memory buffers
- io: Fix memory lifetime issue with input buffers
- Update to version 2.12.3
* Regressions
- parser: Fix namespaces redefined from default attributes
* Build fixes
- include: Rename XML_EMPTY helper macro
- include: Move declaration of xmlInitGlobals
- include: Add missing includes
- include: Move globals from xmlsave.h to parser.h
- include: Readd circular dependency between tree.h and parser.h
- Drop libxml2-CVE-2024-25062.patch as it is part of upstream
==== libzypp ====
Version update (17.32.4 -> 17.32.5)
- Don't try to refresh volatile media as long as raw metadata are
present (bsc#1223094)
- version 17.32.5 (32)
==== llvm18 ====
Version update (18.1.3 -> 18.1.4)
- Update to version 18.1.4.
* Fixes an issue with Arm64EC code generation where calls to some
intrinsics implemented in compiler-rt used the wrong name
mangling, eventually resulting in unresolved symbol errors
during linking.
* Fixed an incorrect poison-generating flag preservation in
`InstSimplify`. It will fix a miscompilation on RISCV, which
turns the incorrect `or disjoint` into an `add`.
* Save/restore routines for RV32E/RV64E are added to compiler-rt.
* Fix regressions introduced in LLVM 18.1.3 in MIPS atomicrmw
min/max codegen.
- Include module files for libc++ in libc++-devel.
- Rebase llvm-do-not-install-static-libraries.patch.
==== python-numpy ====
Version update (1.26.2 -> 1.26.4)
- Update to 1.26.4
* NumPy 1.26.4 is a maintenance release that fixes bugs and
regressions discovered after the 1.26.3 release. The Python
versions supported by this release are 3.9-3.12. This is the
last planned release in the 1.26.x series.
* BUG: Restore missing asstr import
* MAINT: prepare 1.26.x for further development
* BUG: numpy.array_api: fix linalg.cholesky upper decomp...
* MAINT, BLD: Fix unused inline functions warnings on clang
* TST: Fix test_numeric on riscv64
* MAINT: add newaxis to __all__ in numpy.array_api
* BUG: Use large file fallocate on 32 bit linux platforms
* TST: Fix test_warning_calls on Python 3.12
* TST: Bump pytz to 2023.3.post1
* BUG: Fix AVX512 build flags on Intel Classic Compiler
* BLD: fix potential issue with escape sequences in __config__.py
* BLD: unvendor meson-python on 1.26.x and upgrade to
meson-python...
* MAINT: Include header defining backtrace
* BUG: Fix np.quantile([Fraction(2,1)], 0.5) (#24711)
- Release 1.26.3
[#]# Compatibility
* f2py will no longer accept ambiguous -m and .pyf CLI
combinations. When more than one .pyf file is passed, an error
is raised. When both -m and a .pyf is passed, a warning is
emitted and the -m provided name is ignored.
[#]# Improvements
* f2py now handles common blocks which have kind specifications
from modules. This further expands the usability of intrinsics
like iso_fortran_env and iso_c_binding.
[#]# Pull requests merged
* MAINT: prepare 1.26.x for further development
* TYP: add None to __getitem__ in numpy.array_api
* BLD,BUG: quadmath required where available [f2py]
* BUG: alpha doesn't use REAL(10)
* BUG: Fix FP overflow error in division when the divisor is
scalar
* MAINT: Pin scipy-openblas version.
* BUG: Fix f2py to enable use of string optional inout argument
* BUG: Fix -fsanitize=alignment issue in
numpy/_core/src/multiarray/arraytypes.c.src
* TST: Explicitly pass NumPy path to cython during tests (also...
* BUG: fix issues with newaxis and linalg.solve in
numpy.array_api
* BUG: Disallow shadowed modulenames
* BUG: Handle common blocks with kind specifications from modules
* BUG: Fix moving compiled executable to root with f2py -c on
Windows
* BUG: Fix single to half-precision conversion on PPC64/VSX3
* TST: f2py: fix issue in test skip condition
* Revert "MAINT: Pin scipy-openblas version."
* MAINT: do not use long type
* TST: PyPy needs another gc.collect on latest versions
* MAINT: Bump conda-incubator/setup-miniconda from 2.2.0 to 3.0.1
* BLD: update vendored Meson for AIX shared library fix
* MAINT: Init base in cpu_avx512_kn
* BUG: Fix failing test_features on SapphireRapids
* BUG: Fix non-contiguous memory load when ARM/Neon is enabled
* MAINT,BUG: Never import distutils above 3.12 [f2py]
* MAINT: make the import-time check for old Accelerate more
specific
* MAINT: Bump actions/setup-node and
larsoner/circleci-artifacts-redirector-action
* BUG: avoid seg fault from OOB access in RandomState.set_state()
* BUG: Fix two errors related to not checking for failed
allocations
* BUG: Fix regression with f2py wrappers when modules and
subroutines...
* BUG: Fix build issues on SPR
* BLD: fix uninitialized variable warnings from
simd/neon/memory.h
* BUG: Handle iso_c_type mappings more consistently
* BUG: Fix module name bug in signature files [urgent] [f2py]
* BUG: Handle .pyf.src and fix SciPy [urgent]
* DOC: f2py rewrite with meson details
* BUG: Add external library handling for meson [f2py]
* MAINT: Run f2py's meson backend with the same python that
ran...
* MAINT: Update numpy/f2py/_backends from main.
* MAINT: Easy updates of f2py/*.py from main.
* MAINT: Update crackfortran.py and f2py2e.py from main
==== python311 ====
Version update (3.11.8 -> 3.11.9)
- Add CVE-2023-52425-libexpat-2.6.0-backport.patch to fix tests with
patched libexpat below 2.6.0 that doesn't update the version number,
just in SLE.
- Remove not needed upstream patches:
* libexpat260.patch
* CVE-2023-6597-TempDir-cleaning-symlink.patch, bsc#1219666
- Update to 3.11.9:
* Security
- gh-115398: Allow controlling Expat >=2.6.0 reparse deferral
(CVE-2023-52425, bsc#1219559) by adding five new methods:
xml.etree.ElementTree.XMLParser.flush()
xml.etree.ElementTree.XMLPullParser.flush()
xml.parsers.expat.xmlparser.GetReparseDeferralEnabled()
xml.parsers.expat.xmlparser.SetReparseDeferralEnabled()
xml.sax.expatreader.ExpatParser.flush()
- gh-115399: Update bundled libexpat to 2.6.0
- gh-115243: Fix possible crashes in collections.deque.index()
when the deque is concurrently modified.
- gh-114572: ssl.SSLContext.cert_store_stats() and
ssl.SSLContext.get_ca_certs() now correctly lock access to the
certificate store, when the ssl.SSLContext is shared across
multiple threads.
* Core and Builtins
- gh-116296: Fix possible refleak in object.__reduce__() internal
error handling.
- gh-116034: Fix location of the error on a failed assertion.
- gh-115823: Properly calculate error ranges in the parser when
raising SyntaxError exceptions caused by invalid byte sequences.
Patch by Pablo Galindo
- gh-112087: For an empty reverse iterator for list will be
reduced to reversed(). Patch by Donghee Na.
- gh-115011: Setters for members with an unsigned integer type now
support the same range of valid values for objects that has a
__index__() method as for int.
- gh-96497: Fix incorrect resolution of mangled class variables
used in assignment expressions in comprehensions.
* Library
- gh-117310: Fixed an unlikely early & extra Py_DECREF triggered
crash in ssl when creating a new _ssl._SSLContext if CPython was
built implausibly such that the default cipher list is empty or
the SSL library it was linked against reports a failure from its
C SSL_CTX_set_cipher_list() API.
- gh-117178: Fix regression in lazy loading of self-referential
modules, introduced in gh-114781.
- gh-117084: Fix zipfile extraction for directory entries with the
name containing backslashes on Windows.
- gh-117110: Fix a bug that prevents subclasses of typing.Any to
be instantiated with arguments. Patch by Chris Fu.
- gh-90872: On Windows, subprocess.Popen.wait() no longer calls
WaitForSingleObject() with a negative timeout: pass 0 ms if the
timeout is negative. Patch by Victor Stinner.
- gh-116957: configparser: Don’t leave ConfigParser values in an
invalid state (stored as a list instead of a str) after an
earlier read raised DuplicateSectionError or
DuplicateOptionError.
- gh-90095: Ignore empty lines and comments in .pdbrc
- gh-116764: Restore support of None and other false values in
urllib.parse functions parse_qs() and parse_qsl(). Also, they
now raise a TypeError for non-zero integers and non-empty
sequences.
- gh-116811: In PathFinder.invalidate_caches, delegate to
MetadataPathFinder.invalidate_caches.
- gh-116600: Fix repr() for global Flag members.
- gh-116484: Change automatically generated tkinter.Checkbutton
widget names to avoid collisions with automatically generated
tkinter.ttk.Checkbutton widget names within the same parent
widget.
- gh-116401: Fix blocking os.fwalk() and shutil.rmtree() on
opening named pipe.
- gh-116143: Fix a race in pydoc _start_server, eliminating a
window in which _start_server can return a thread that is
“serving†but without a docserver set.
- gh-116325: typing: raise SyntaxError instead of AttributeError
on forward references as empty strings.
- gh-90535: Fix support of interval values > 1 in
logging.TimedRotatingFileHandler for when='MIDNIGHT' and
when='Wx'.
- gh-115978: Disable preadv(), readv(), pwritev(), and writev() on
WASI.
- Under wasmtime for WASI 0.2, these functions don’t pass
test_posix
(https://github.com/bytecodealliance/wasmtime/issues/7830).
- gh-88352: Fix the computation of the next rollover time in the
logging.TimedRotatingFileHandler handler. computeRollover() now
always returns a timestamp larger than the specified time and
works correctly during the DST change. doRollover() no longer
overwrite the already rolled over file, saving from data loss
when run at midnight or during repeated time at the DST change.
- gh-87115: Set __main__.__spec__ to None when running a script
with pdb
- gh-76511: Fix UnicodeEncodeError in email.Message.as_string()
that results when a message that claims to be in the ascii
character set actually has non-ascii characters. Non-ascii
characters are now replaced with the U+FFFD replacement
character, like in the replace error handler.
- gh-75988: Fixed unittest.mock.create_autospec() to pass the call
through to the wrapped object to return the real result.
- gh-115881: Fix issue where ast.parse() would incorrectly flag
conditional context managers (such as with (x() if y else z()):
... changelog too long, skipping 156 lines ...
64-bit platforms.
==== python311-core ====
Version update (3.11.8 -> 3.11.9)
Subpackages: libpython3_11-1_0 python311-base
- Add CVE-2023-52425-libexpat-2.6.0-backport.patch to fix tests with
patched libexpat below 2.6.0 that doesn't update the version number,
just in SLE.
- Remove not needed upstream patches:
* libexpat260.patch
* CVE-2023-6597-TempDir-cleaning-symlink.patch, bsc#1219666
- Update to 3.11.9:
* Security
- gh-115398: Allow controlling Expat >=2.6.0 reparse deferral
(CVE-2023-52425, bsc#1219559) by adding five new methods:
xml.etree.ElementTree.XMLParser.flush()
xml.etree.ElementTree.XMLPullParser.flush()
xml.parsers.expat.xmlparser.GetReparseDeferralEnabled()
xml.parsers.expat.xmlparser.SetReparseDeferralEnabled()
xml.sax.expatreader.ExpatParser.flush()
- gh-115399: Update bundled libexpat to 2.6.0
- gh-115243: Fix possible crashes in collections.deque.index()
when the deque is concurrently modified.
- gh-114572: ssl.SSLContext.cert_store_stats() and
ssl.SSLContext.get_ca_certs() now correctly lock access to the
certificate store, when the ssl.SSLContext is shared across
multiple threads.
* Core and Builtins
- gh-116296: Fix possible refleak in object.__reduce__() internal
error handling.
- gh-116034: Fix location of the error on a failed assertion.
- gh-115823: Properly calculate error ranges in the parser when
raising SyntaxError exceptions caused by invalid byte sequences.
Patch by Pablo Galindo
- gh-112087: For an empty reverse iterator for list will be
reduced to reversed(). Patch by Donghee Na.
- gh-115011: Setters for members with an unsigned integer type now
support the same range of valid values for objects that has a
__index__() method as for int.
- gh-96497: Fix incorrect resolution of mangled class variables
used in assignment expressions in comprehensions.
* Library
- gh-117310: Fixed an unlikely early & extra Py_DECREF triggered
crash in ssl when creating a new _ssl._SSLContext if CPython was
built implausibly such that the default cipher list is empty or
the SSL library it was linked against reports a failure from its
C SSL_CTX_set_cipher_list() API.
- gh-117178: Fix regression in lazy loading of self-referential
modules, introduced in gh-114781.
- gh-117084: Fix zipfile extraction for directory entries with the
name containing backslashes on Windows.
- gh-117110: Fix a bug that prevents subclasses of typing.Any to
be instantiated with arguments. Patch by Chris Fu.
- gh-90872: On Windows, subprocess.Popen.wait() no longer calls
WaitForSingleObject() with a negative timeout: pass 0 ms if the
timeout is negative. Patch by Victor Stinner.
- gh-116957: configparser: Don’t leave ConfigParser values in an
invalid state (stored as a list instead of a str) after an
earlier read raised DuplicateSectionError or
DuplicateOptionError.
- gh-90095: Ignore empty lines and comments in .pdbrc
- gh-116764: Restore support of None and other false values in
urllib.parse functions parse_qs() and parse_qsl(). Also, they
now raise a TypeError for non-zero integers and non-empty
sequences.
- gh-116811: In PathFinder.invalidate_caches, delegate to
MetadataPathFinder.invalidate_caches.
- gh-116600: Fix repr() for global Flag members.
- gh-116484: Change automatically generated tkinter.Checkbutton
widget names to avoid collisions with automatically generated
tkinter.ttk.Checkbutton widget names within the same parent
widget.
- gh-116401: Fix blocking os.fwalk() and shutil.rmtree() on
opening named pipe.
- gh-116143: Fix a race in pydoc _start_server, eliminating a
window in which _start_server can return a thread that is
“serving†but without a docserver set.
- gh-116325: typing: raise SyntaxError instead of AttributeError
on forward references as empty strings.
- gh-90535: Fix support of interval values > 1 in
logging.TimedRotatingFileHandler for when='MIDNIGHT' and
when='Wx'.
- gh-115978: Disable preadv(), readv(), pwritev(), and writev() on
WASI.
- Under wasmtime for WASI 0.2, these functions don’t pass
test_posix
(https://github.com/bytecodealliance/wasmtime/issues/7830).
- gh-88352: Fix the computation of the next rollover time in the
logging.TimedRotatingFileHandler handler. computeRollover() now
always returns a timestamp larger than the specified time and
works correctly during the DST change. doRollover() no longer
overwrite the already rolled over file, saving from data loss
when run at midnight or during repeated time at the DST change.
- gh-87115: Set __main__.__spec__ to None when running a script
with pdb
- gh-76511: Fix UnicodeEncodeError in email.Message.as_string()
that results when a message that claims to be in the ascii
character set actually has non-ascii characters. Non-ascii
characters are now replaced with the U+FFFD replacement
character, like in the replace error handler.
- gh-75988: Fixed unittest.mock.create_autospec() to pass the call
through to the wrapped object to return the real result.
- gh-115881: Fix issue where ast.parse() would incorrectly flag
conditional context managers (such as with (x() if y else z()):
... changelog too long, skipping 156 lines ...
64-bit platforms.
==== xfsprogs ====
Version update (6.6.0 -> 6.7.0)
- update to 6.7.0
- xfsprogs: Several configure script updates
- xfs_io: Use system's SEEK_DATA and SEEK_HOLE definition
- xfsprogs: Remove platform_defs.h generation on build time
- xfs_db: Fix metadata read error due hardcoded initialization of bb_count
- xfsprogs: Request 64-bit time_t where possible
- xfsprogs: Remove use of LFS64 interfaces