Packages changed: apparmor bluez c-ares (1.29.0 -> 1.30.0) cups (2.4.7 -> 2.4.8) docker-buildx (0.14.1 -> 0.15.0) glib2 (2.80.2 -> 2.80.3) libapparmor ncurses (6.5.20240601 -> 6.5.20240608) ntfs-3g_ntfsprogs pciutils (3.10.0 -> 3.12.0) sensors (3.6.0 -> 3.6.2) vte (0.76.2 -> 0.76.3) === Details === ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor - add logprof-mount-empty-source.diff: add support for mount rules with quoted paths and empty source (boo#1226031) ==== bluez ==== Subpackages: bluez-auto-enable-devices bluez-cups libbluetooth3 - Fix python3 shebang from test files (bsc#1212476) ==== c-ares ==== Version update (1.29.0 -> 1.30.0) - c-ares 1.30.0 Features: * Basic support for SIG RR record (RFC 2931 / RFC 2535) [PR #773] Changes: * Validation that DNS strings can only consist of printable ascii characters otherwise will trigger a parse failure. [75de16c] and [40fb125] Bugfixes: * QueryCache: Fix issue where purging on server changes wasn't working. [a6c8fe6] - updated dowload URLs to point to github - updated keyring to include Brad House DA7D64E4C82C6294CB73A20E22E3D13B5411B7CA ==== cups ==== Version update (2.4.7 -> 2.4.8) Subpackages: cups-client cups-config libcups2 libcupsimage2 - cups-2.4.8-CVE-2024-35235.patch is derived from the upstream patch against master (CUPS 2.5) to apply to CUPS 2.4.8 in openSUSE Factory to fix CVE-2024-35235 "cupsd Listen port arbitrary chmod 0140777" https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f bsc#1225365 - Update to version 2.4.8: See https://github.com/openprinting/cups/releases CUPS 2.4.8 brings many bug fixes which aggregated over the last half a year. It brings the important fix for race conditions and errors which can happen when installing permanent IPP Everywhere printer, support for PAM modules password-auth and system-auth and new option for lpstat which can show only the successful jobs. Detailed list (from CHANGES.md): * Added warning if the device has to be asked for 'all,media-col-database' separately (Issue #829) * Added new value for 'lpstat' option '-W' - successfull - for getting successfully printed jobs (Issue #830) * Added support for PAM modules password-auth and system-auth (Issue #892) * Updated IPP Everywhere printer creation error reporting (Issue #347) * Updated and documented the MIME typing buffering limit (Issue #925) * Raised 'cups_enum_dests()' timeout for listing available IPP printers (Issue #751) * Now report an error for temporary printer defaults with lpadmin (Issue #237) * Fixed mapping of PPD InputSlot, MediaType, and OutputBin values (Issue #238) * Fixed "document-unprintable-error" handling (Issue #391) * Fixed the web interface not showing an error for a non-existent printer (Issue #423) * Fixed printing of jobs with job name longer than 255 chars on older printers (Issue #644) * Really backported fix for Issue #742 * Fixed 'cupsCopyDestInfo' device connection detection (Issue #586) * Fixed "Upgrade" header handling when there is no TLS support (Issue #775) * Fixed memory leak when unloading a job (Issue #813) * Fixed memory leak when creating color profiles (Issue #815) * Fixed a punch finishing bug in the IPP Everywhere support (Issue #821) * Fixed crash in 'scan_ps()' if incoming argument is NULL (Issue #831) * Fixed setting job state reasons for successful jobs (Issue #832) * Fixed infinite loop in IPP backend if hostname is IP address with Kerberos (Issue #838) * Added additional check on socket if 'revents' from 'poll()' returns POLLHUP together with POLLIN or POLLOUT in 'httpAddrConnect2()' (Issue #839) * Fixed crash in 'ppdEmitString()' if 'size' is NULL (Issue #850) * Fixed reporting 'media-source-supported' when sharing printer which has numbers as strings instead of keywords as 'InputSlot' values (Issue #859) * Fixed IPP backend to support the "print-scaling" option with IPP printers (Issue #862) * Fixed potential race condition for the creation of temporary queues (Issue #871) * Fixed 'httpGets' timeout handling (Issue #879) * Fixed checking for required attributes during PPD generation (Issue #890) * Fixed encoding of IPv6 addresses in HTTP requests (Issue #903) * Fixed sending response headers to client (Issue #927) * Fixed CGI program initialization and validation of form checkbox and text fields. Issues are those at https://github.com/OpenPrinting/cups/issues - Adapted downgrade-autoconf-requirement.patch for CUPS 2.4.8 ==== docker-buildx ==== Version update (0.14.1 -> 0.15.0) - Update to version 0.15.0: * New --call option allows setting evaluation method for a build, replacing the previous experimental --print flag. #2498 #2487 [#2513] In addition to default "build", the following methods are implemented by Dockerfile frontend: - check - Run validation routines for your build configuration. These are the same validations that would show up as warnings during build. There is also shortcut flag --check for this option. - outline - Show configuration that would be used by current build, including all the build-args, secrets, SSH etc that your build would use. - targets- Show all available targets and their descriptions. * New --prefer-index flag has been added to imagetools create command to control the behavior of creating image out of one single-platform image manifest. #2482 * Kubernetes driver allows configuring deployment timeout #2492 * New metrics definitions have been added for build warning types [#2482] #2507 * Prune and Disk usage commands now support negative and prefix filters #2473 * Building Compose files with Bake now supports passing SSH forwarding configuration #2445 * Compose compatibility has been updated to v2.1.2 #2502 #2425 * Fix issue with configuring Kubernetes driver with custom TLS certificates #2454 * Fix concurrent kubeconfig access when loading nodes #2497 ==== glib2 ==== Version update (2.80.2 -> 2.80.3) Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 typelib-1_0-GLib-2_0 typelib-1_0-GModule-2_0 typelib-1_0-GObject-2_0 typelib-1_0-Gio-2_0 - Update to version 2.80.3: + Bugs fixed: - g_socket_client_connect_to_host_async leaks memory when target host doesn't respond to ARP. - gi_repository_find_by_gtype is nondeterministic. - Crash in error path of g_dbus_connection_export_menu_model(). - Backport !4057 “gdbusmessage: Clean the cached arg0 when setting the message body” to glib-2-80. - Backport !4058 “Tests: Build fixes when running `meson test` without previous builds“ to glib-2-80 - Partially backport !4059 “tests: Fix various memory leaks and valgrind / ASAN errors” to glib-2-80 - Backport !4066 “Fix several GCC 14 warnings to please msys2-mingw32 CI” to glib-2-80 - Backport !4065 “girepository: Don't assume a bitfield has a fixed size” to glib-2-80 - Backport !4073 “gmenuexporter: Fix a NULL pointer dereference on an error handling path” to glib-2-80 - Backport !4078 “tests: Fix clang compilation failure due to unrecognised option in pragma” to glib-2-80. - Backport !4033 “girepository: Keep an ordered list of the loaded typelibs” to glib-2-80 - Backport !4104 “gsocketclient: Fix a leak of the task data on an error path” to glib-2-80 + Updated translations. ==== libapparmor ==== - add logprof-mount-empty-source.diff: add support for mount rules with quoted paths and empty source (boo#1226031) ==== ncurses ==== Version update (6.5.20240601 -> 6.5.20240608) Subpackages: libncurses6 ncurses-utils terminfo-base - Add ncurses patch 20240608 + change winwstr to return wide character count instead of OK (patch by Branden Robinson). + improve formatting/style of manpages (patches by Branden Robinson). + rename testing dpkg's for ncurses6 to resolve a naming conflict with Debian's ncurses packages. ==== ntfs-3g_ntfsprogs ==== Subpackages: libntfs-3g89 ntfs-3g ntfsprogs - Add ntfs3g-unistr-use-after-free.patch: fix a use after free in ntfs_uppercase_mbs (boo#1226007). - No longer call autoconf; likely not needed anymore. ==== pciutils ==== Version update (3.10.0 -> 3.12.0) Subpackages: libpci3 - update to 3.12.0: * lspci decodes the IDE (Integrity & Data Encryption) and TEE-IO extended capabilities. * Optimization flags used for compiling individual object files should be the same as optimization flags for linking the final executable to make link-time optimization possible. * no longer look up subsystems in the HWDB * Updated pci.ids - include changes from 3.11: * update-pciids now supports XZ compression * update-pciids now sends itself as the User-Agent. * Added a pcilmr utility for PCIe lane margining * ECAM back-end now scans ACPI and BIOS memory faster. * Linux systems without pread/pwrite are no longer supported * Improved decoding of PCIe control and status registers. * Decoding of CXL capabilities now supports up to CXL 3.0. * lspci now displays interrupt message numbers consistently across different capabilities. * Cache of IDs resolved via DNS, which was located in ~/.pci-ids by default, is now stored according to the XDG base directory specification in $XDG_CACHE_HOME/pci-ids. * All source files now have SPDX license identifiers. * various minor bug fixes and updated pci.ids. ==== sensors ==== Version update (3.6.0 -> 3.6.2) - Update to version 3.6.2: * sensor quantitiy and units * new json format * SENSORS_SYSFS_ROOT environment variable * service files updated - Drop upstreamed patches * harden_fancontrol.service.patch * harden_lm_sensors.service.patch * harden_sensord.service.patch * lm_sensors-3.4.0-sensord-service-extra-args.patch * var-run-deprecated.patch * rrd-drop-useless-cast.patch * pwmconfig-raise-fan-threshold.patch * sysfs-Expand-filename-buffer-to-quiet-warning.patch - Run tests - Update to version 3.6.1: * configs: Added a number of new configuration files * fancontrol: Add executable commands as temp sensors * pwmconfig, fancontrol: Allow read-only pwm*_enable * sensors: Handle json trailing ',' when no features are listed Add support for rated values Only do conversion to Fahrenheit on temperatures * sensors-detect: Add support for NCT6687D Add support for AMD CPU Family 19h Add support for FTS Teutates Chip Fix the driver for Nuvoton W83677HG-I * sensord: Add support of emergency alarm Change PIDFile path from /var/run to /run * Allow subfeatures to be ignored too * Flag allow-no-sensors added * Add support for dev_name formatted like "a000000.wifi" * Add ZSH completion for sensors and sensors-detect * Add ISA ACPI sensor driver name support * Add support for static only build * Add SDIO attached sensor support * Add PWM and frequency sensor support - Drop trailing space from hardedning patches * harden_fancontrol.service.patch * harden_lm_sensors.service.patch * harden_sensord.service.patch - Refresh * lm_sensors-3.4.0-sensord-service-extra-args.patch * var-run-deprecated.patch - Add rrd-drop-useless-cast.patch - Drop usptreamed patches * change-pidfile-path-from-var-run-to-run.patch * lm_sensors-3.4.0-sensors-detect-add-ftsteutates-support.patch * lm_sensors-3.6.0-sensors-detect-fix-driver-for-w83677hgi.patch * pwmconfig-handle-fan-input-error.patch - Drop obsolete spec file constructs, use autopatch. ==== vte ==== Version update (0.76.2 -> 0.76.3) - Update to version 0.76.3: * emulation: Restrict resize request to sane numbers * widget: Add safety limit to widget size requests * build: Post release version bump