Packages changed: MozillaFirefox (133.0 -> 133.0.3) libICE (1.1.1 -> 1.1.2) libSM (1.2.4 -> 1.2.5) libXau (1.0.11 -> 1.0.12) libXv (1.0.12 -> 1.0.13) libXxf86vm (1.1.5 -> 1.1.6) libxcvt (0.1.2 -> 0.1.3) libxshmfence (1.3.2 -> 1.3.3) mozjs128 mpg123 (1.32.9 -> 1.32.10) openSUSE-release (20241215 -> 20241216) === Details === ==== MozillaFirefox ==== Version update (133.0 -> 133.0.3) Subpackages: MozillaFirefox-branding-upstream - Mozilla Firefox 133.0.3 * Fixed the missing scrollbar in the Library window, such as when viewing History or Bookmarks. (bmo#1934482) * Fixed blurry line drawing on some Canvas elements when hardware acceleration is enabled. (bmo#1933668) ==== libICE ==== Version update (1.1.1 -> 1.1.2) - update to 1.1.2 * configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL * Set close-on-exec when opening files * gitlab CI: Update to latest CI templates * gitlab CI: add xz-utils to container for "make distcheck" * IceOpenConnection: stop processing messages if connection was closed * ConnectToPeer: return failure if malloc() fails * EXTRACT_STRING: Avoid writing to NULL pointer if malloc fails * _IceAddOpcodeMapping: Avoid writing to NULL pointer if malloc fails * Clear some -Wuseless-cast warnings from gcc 14.1 * IceReadCompleteMessage: callers need to check if malloc() failed * ProcessConnectionSetup: avoid writing to NULL pointer if malloc() failed * ProcessProtocolSetup: return failure if malloc() failed for ProtocolName * IceProtocolSetup: return failure if malloc() failed for authIndices * IceRegisterForProtocolSetup: return failure if malloc() failed * AuthRequired: avoid undefined behavior in memcpy() call * write_counted_string: avoid undefined behavior in fwrite() call * ICElibint.h: add do ... while (0) around macro definitions * ProcessAuthReply: Handle -Wconditional-uninitialized warning * libICE : Dereferencing a possible NULL pointer in error.c ==== libSM ==== Version update (1.2.4 -> 1.2.5) - update to 1.2.5: * Remove "All rights reserved" from Oracle copyright notices * configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL * gitlab CI: add xz-utils to container for "make distcheck" * unifdef __UNIXWARE__ * unifdef MNX_TCPCONN * SmcOpenConnection: remove cast of return value from getenv() * IceReadCompleteMessage callers need to check if malloc() failed ==== libXau ==== Version update (1.0.11 -> 1.0.12) - update to 1.0.12 * This release adds support for building with meson as well as autoconf, thanks to the work of Dylan Baker. - switched to meson build system ==== libXv ==== Version update (1.0.12 -> 1.0.13) - Update to version 1.0.13 * Remove "All rights reserved" from Oracle copyright notices * configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL * Use calloc instead of malloc and manual loops to zero array contents * XvQueryEncodings: avoid NULL deref if length is 0, but num_encodings is not * XvQueryAdaptors: avoid NULL deref if length is 0, but num_adaptors is not ==== libXxf86vm ==== Version update (1.1.5 -> 1.1.6) - Update to version 1.1.6 * Remove "All rights reserved" from Oracle copyright notices * configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL * Add X.Org's standard C warning flags to AM_CFLAGS * Add -no-undefined flag to LDFLAGS to fix Windows builds ==== libxcvt ==== Version update (0.1.2 -> 0.1.3) - Update to version 0.1.3 * cvt: fix -Wmissing-prototypes warning for cvt_is_standard * ci: Update CI and enable static analysis * README: remove double dollar sign * Fix hsync_start computation * Fix too-small back porch at very low resolutions * Rename constant to CVT_MIN_V_PORCH_RND ==== libxshmfence ==== Version update (1.3.2 -> 1.3.3) - update to 1.3.3 * configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL * configure: replace deprecated AC_HELP_STRING with AS_HELP_STRING * configure: replace deprecated AC_TRY_COMPILE with AC_COMPILE_IFELSE * alloc: Allow disabling memfd usage at runtime with XSHMFENCE_NO_MEMFD=1 * src/xshmfence_futex.h: fix build on 32-bit architectures using 64-bit time_t ==== mozjs128 ==== - Add mozjs128-CVE-2024-50602.patch: Backporting 51c70190 from upstream, * lib: Make XML_StopParser refuse to stop/suspend an unstarted parser. * lib: Be explicit about XML_PARSING in XML_StopParser. (CVE-2024-50602, bsc#1232599, bsc#1232602) ==== mpg123 ==== Version update (1.32.9 -> 1.32.10) Subpackages: libmpg123-0 mpg123-openal - Update to version 1.32.10 * scripts/tag_lyrics.py: fix for python3 * libout123: Use strtok_r() to avoid conflicts multithreaded contexts (both sides should avoid plain strtok()! * libmpg123: Un-break DLL builds that need I/O functions defined in libmpg123.c * ports/cmake: More fixup to also produce .pc files with Libs.private. ==== openSUSE-release ==== Version update (20241215 -> 20241216) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen