Packages changed:
Mesa
Mesa-drivers
apache2-mod_php8
avahi
avahi-glib2
kf6-ksvg
openSUSE-release (20240620 -> 20240621)
pam-config (2.11+git.20240527 -> 2.11+git.20240620)
php8
python-dnspython (2.4.2 -> 2.6.1)
python311-packaging (24.0 -> 24.1)
setserial
shadow (4.15.1 -> 4.16.0)
tftp
vinagre
virt-manager
wayland (1.22.0 -> 1.23.0)
wicked
=== Details ===
==== Mesa ====
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- Disable LTO on %ix86/x86_64 due to rendering bugs on Radeon
graphics (boo#1226462)
==== Mesa-drivers ====
Subpackages: Mesa-dri Mesa-gallium Mesa-libva libxatracker2
- Disable LTO on %ix86/x86_64 due to rendering bugs on Radeon
graphics (boo#1226462)
==== apache2-mod_php8 ====
- drop unmaintained apache-rex usage
==== avahi ====
Subpackages: avahi-lang libavahi-client3 libavahi-client3-32bit libavahi-common3 libavahi-common3-32bit libavahi-core7
- Add avahi-filter-bogus-services.patch: no longer supply bogus
services to callbacks (bsc#1226586).
==== avahi-glib2 ====
Subpackages: libavahi-glib1 libavahi-gobject0 libavahi-ui-gtk3-0
- Add avahi-filter-bogus-services.patch: no longer supply bogus
services to callbacks (bsc#1226586).
==== kf6-ksvg ====
Subpackages: kf6-ksvg-imports libKF6Svg6
- Add upstream fix (kde#488295):
* 0001-Restore-proper-devicepixelratio-when-extracting-from.patch
- Rebase 0001-Revert-Support-for-fractional-scaling.patch
==== openSUSE-release ====
Version update (20240620 -> 20240621)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== pam-config ====
Version update (2.11+git.20240527 -> 2.11+git.20240620)
- Update to version 2.11+git.20240620:
* Call pam_fscrypt/pam_ecryptfs as first session module
[bsc#1226452]
==== php8 ====
Subpackages: php8-ctype php8-dom php8-iconv php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter
- drop unmaintained apache-rex usage
==== python-dnspython ====
Version update (2.4.2 -> 2.6.1)
- Update to version 2.6.1
* The Tudoor fix ate legitimate Truncated exceptions, preventing
the resolver from failing over to TCP and causing the query to
timeout.
- Update to version 2.6.0
* As mentioned in the “TuDoor†paper and the associated
CVE-2023-29483, the dnspython stub resolver is vulnerable to a
potential DoS if a bad-in-some-way response from the right
address and port forged by an attacker arrives before a
legitimate one on the UDP port dnspython is using for that
query.
This release addresses the issue by adopting the recommended
mitigation, which is ignoring the bad packets and continuing to
listen for a legitimate response until the timeout for the
query has expired.
* Added support for the NSID EDNS option.
* Dnspython now looks for version metadata for optional packages
and will not use them if they are too old. This prevents
possible exceptions when a feature like DoH is not desired in
dnspython, but an old httpx is installed along with
dnspython for some other purpose.
* The DoHNameserver class now allows GET to be used instead of
the default POST, and also passes source and source_port
correctly to the underlying query methods.
- Update to version 2.5.0
* Dnspython now uses hatchling for builds.
* Cython is no longer supported due to various typing issues.
* Dnspython now explicitly canonicalizes IPv4 and IPv6 addresses.
Previously it was possible for non-canonical IPv6 forms to be
stored in a AAAA address, which would work correctly but
possibly cause problmes if the address were used as a key in a
dictionary.
* The number of messages in a section can be retrieved with
section_count().
* Truncation preferences for messages can be specified.
* The length of a message can be automatically prepended when
rendering.
* dns.message.create_response() automatically adds padding when
required by RFC 8467.
* The TLS verify parameter is now supported by dns.query.tls(),
and the DoH and DoT Nameserver subclasses.
* The MutableMapping used to store content in a zone may now be
specified by a factory when subclassing. Factories may also be
provided for writable verisons and immutable versions.
* dns.name.Name now has predecessor() and successor() methods
implementing RFC 4471.
* QUIC has had a number of bug fixes and also now supports
session tickets for faster session resumption.
* The NSEC3 class now has a next_name() method for retrieving the
next name as a dns.name.Name.
==== python311-packaging ====
Version update (24.0 -> 24.1)
- update to 24.1:
* No unreleased changes.
==== setserial ====
- Add setserial-2.17-C99.diff to fix C99 viloation in the configure
script which prevents building with GCC 14 [boo#1225927].
==== shadow ====
Version update (4.15.1 -> 4.16.0)
Subpackages: login_defs
- Update to 4.16.0:
* The shadow implementations of id(1) and groups(1) are deprecated
in favor of the GNU coreutils and binutils versions.
They will be removed in 4.17.0.
* The rlogind implementation has been removed.
* The libsubid major version has been bumped, since it now requires
specification of the module's free() implementation.
- Update shadow-login_defs-suse.patch
- Add shadow-4.16.0-econf.patch:
Replace deprecated econf_readDirs with econf_readConfig
==== tftp ====
- Add tftp-c99.patch to avoid calling undeclaed function and thus make
the package buildable with GCC 14 [boo#1225935]
==== vinagre ====
Subpackages: vinagre-lang
- Add -fpermissive to compiler options to work around GCC 14 not allowing
some violations of the C99 standard. [boo#1225951]
==== virt-manager ====
Subpackages: virt-install virt-manager-common
- Skip some tests that fail under Pytest 8.x.
==== wayland ====
Version update (1.22.0 -> 1.23.0)
Subpackages: libwayland-client0 libwayland-cursor0 libwayland-egl1 libwayland-server0
- Update to release 1.23.0
* A mechanism to set the size of the internal connection buffer used by
libwayland
* An enum-header mode for wayland-scanner to generate headers with only enums
* wayland-scanner now generates validator functions for enums on the server
side
* Protocols can now indicate with a "deprecated-since" XML attribute that a
request, event or enum entry is deprecated
* An API to set a name for a queue to aid debugging
* wl_client_get_user_data() and wl_client_set_user_data() to more easily attach
custom data to a client
* OpenBSD support
* A wl_shm.release request for proper cleanup of this global
==== wicked ====
Subpackages: wicked-service
- arp: increase arp-send retry value to avoid address configuration
failure due to ENOBUF reported by kernel while duplicate address
detection with underlying bonding in 802.3ad mode reporting link
"up & running" too early (bsc#1218668, gh#openSUSE/wicked#1020,
gh#openSUSE/wicked#1022).
[+ 0002-increase-arp-retry-attempts-on-sending-bsc1218668.patch]