Packages changed: MicroOS-release (20240418 -> 20240423) NetworkManager (1.44.2 -> 1.44.4) docker-buildx (0.13.1 -> 0.14.0) gcc14 (14.0.1+git9885 -> 14.0.1+git10008) gdk-pixbuf glib2 glibc gtk2 gtk4 (4.14.2 -> 4.14.3) kernel-firmware (20240322 -> 20240419) kernel-source (6.8.6 -> 6.8.7) kf6-solid libxml2 (2.11.6 -> 2.12.6) libzypp (17.32.4 -> 17.32.5) llvm18 (18.1.3 -> 18.1.4) mozjs115 podman (5.0.1 -> 5.0.2) python-numpy (1.26.2 -> 1.26.4) python-pycparser (2.21 -> 2.22) python-pycups (2.0.1 -> 2.0.4) python311 (3.11.8 -> 3.11.9) python311-core (3.11.8 -> 3.11.9) setools (4.4.4 -> 4.5.0) transactional-update (4.6.5 -> 4.6.6) xfsprogs (6.6.0 -> 6.7.0) === Details === ==== MicroOS-release ==== Version update (20240418 -> 20240423) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== NetworkManager ==== Version update (1.44.2 -> 1.44.4) Subpackages: NetworkManager-bluetooth NetworkManager-wwan libnm0 typelib-1_0-NM-1_0 - Update to version 1.44.4: + Add the 'dns-change' dispatcher event. + Various fixed related to IPv4 duplicate address detection. + Fix support for OVS netdev datapath + Fix handling of IPv6 hop limit ==== docker-buildx ==== Version update (0.13.1 -> 0.14.0) - Update to version 0.14.0: Notable changes * build: set record provenance in metadata file #2280 * bake: add git authentication support for remote definitions [#2363] * driver: add ephemeral-storage and scheduler name options to kubernetes driver #2370 #2415 * new default-load driver-opt can be set for container and k8s instances on buildx create to load build results to Docker by default #2259 * build: printing with --print=lint uses BuildKit formatter #2404 [#2406] #2417 * build: allow status code responses for --print that set exit code for process #2408 * bake: add indexof hcl func #2384 * build: metrics now measure idle time, export image, run operations, image transfers for image source operations during build #2402 #2373 #2298 #2317 #2316 #2271 * build: metrics to the docker context endpoint does not require experimental anymore #2344 * compose spec support has been updated to v2.0.2 #2391 * build: builds with --print are now marked as internal and don't get recorded in build history #2416 * fix --load flag used together output definitions from file with bake #2336 * fix build from stdin when experimental mode enabled #2394 * fix possible issue where delegated traces could be duplicated [#2362] * fix JSON formatting for custom build --print commands #2374 ==== gcc14 ==== Version update (14.0.1+git9885 -> 14.0.1+git10008) Subpackages: libgcc_s1 libgfortran5 libgomp1 libstdc++6 libubsan1 - Update to trunk head, 7c2a9dbcc2c1cb1563774068c59d5e09e, git10008 ==== gdk-pixbuf ==== Subpackages: gdk-pixbuf-query-loaders gdk-pixbuf-thumbnailer libgdk_pixbuf-2_0-0 typelib-1_0-GdkPixbuf-2_0 - Fix path to gdk-pixbuf-query-loader in pkg-config file: we rename the loader to be multi-arch compatible and thus also need to adjust the .pc file to have build-systems find it. ==== glib2 ==== Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 typelib-1_0-GLib-2_0 typelib-1_0-GModule-2_0 typelib-1_0-GObject-2_0 typelib-1_0-Gio-2_0 - require dbus-launch only if dbus-service is wanted. This helps with stripping down container-only builds ==== glibc ==== Subpackages: glibc-locale glibc-locale-base - iconv-iso-2022-cn-ext.patch: iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961, bsc#1222992) ==== gtk2 ==== Subpackages: gtk2-tools libgtk-2_0-0 - Do not recommend the variuos -immodule-*: they have locale based provides which makes zypper install them when the locales are requested. ==== gtk4 ==== Version update (4.14.2 -> 4.14.3) Subpackages: gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0 - Update to version 4.14.3: + GtkShortcutManager: Track the propagation phase of added controllers. + Accessibility: Implement GtkAccessibleRange for scrollbars. + X11: - Fix some confusing debug messages - Drop a no-longer-relevant optimization that was interfering with getting the current window manager capabilities. + Tools: Support generating pdf in gtk4-rendernode-tool. + Updated translations. ==== kernel-firmware ==== Version update (20240322 -> 20240419) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20240419 (git commit 7eab37522984): * Montage: update firmware for Mont-TSSE * linux-firmware: Add tuning parameter configs for CS35L41 Firmware * linux-firmware: Fix firmware names for Laptop SSID 104316a3 * linux-firmware: Add CS35L41 HDA Firmware for Lenovo Legion Slim 7 16ARHA7 * linux-firmware: update firmware for mediatek bluetooth chip (MT7922) * linux-firmware: update firmware for MT7922 WiFi device * iwlwifi: add gl FW for core87-44 release * iwlwifi: add ty/So/Ma firmwares for core87-44 release * iwlwifi: update cc/Qu/QuZ firmwares for core87-44 release * nvidia: Update Tegra210 XUSB firmware to v50.29 * amdgpu: update beige goby firmware * amdgpu: update dimgrey cavefish firmware * amdgpu: update psp 13.0.11 firmware * amdgpu: update gc 11.0.4 firmware * amdgpu: update navy flounder firmware * amdgpu: update renoir firmware * amdgpu: update vcn 4.0.2 firmware * amdgpu: update sdma 6.0.1 firmware * amdgpu: update psp 13.0.4 firmware * amdgpu: update gc 11.0.1 firmware * amdgpu: update sienna cichlid firmware * amdgpu: update vega20 firmware * amdgpu: update yellow carp firmware * amdgpu: update green sardine firmware * amdgpu: update vega12 firmware * amdgpu: update raven2 firmware * amdgpu: update vcn 4.0.4 firmware * amdgpu: update smu 13.0.7 firmware * amdgpu: update sdma 6.0.2 firmware * amdgpu: update ipsp 13.0.7 firmware * amdgpu: update gc 11.0.2 firmware * amdgpu: update vega10 firmware * amdgpu: update raven firmware * amdgpu: update navi14 firmware * amdgpu: update smu 13.0.10 firmware * amdgpu: update sdma 6.0.3 firmware * amdgpu: update psp 13.0.10 firmware * amdgpu: update gc 11.0.3 firmware * amdgpu: update vcn 3.1.2 firmware * amdgpu: update psp 13.0.5 firmware * amdgpu: update gc 10.3.6 firmware * amdgpu: update navi12 firmware * amdgpu: update arcturus firmware * amdgpu: update vangogh firmware * amdgpu: update navi10 firmware * amdgpu: update vcn 4.0.3 firmware * amdgpu: update smu 13.0.6 firmware * amdgpu: update psp 13.0.6 firmware * amdgpu: update gc 9.4.3 firmware * amdgpu: update vcn 4.0.0 firmware * amdgpu: update smu 13.0.0 firmware * amdgpu: update sdma 6.0.0 firmware * amdgpu: update psp 13.0.0 firmware * amdgpu: update gc 11.0.0 firmware * amdgpu: update firmware * amdgpu: update aldebaran firmware * amdgpu: update psp 13.0.8 firmware * amdgpu: update gc 10.3.7 firmware * linux-firmware: mediatek: Update MT8173 VPU firmware to v1.1.9 * ath10k: WCN3990: hw1.0: add qcm2290 firmware API file * ath10k: WCN3990: hw1.0: move firmware back from qcom/ location * i915: Add DG2 HuC 7.10.15 * amdgpu: DMCUB updates for various AMDGPU ASICs * linux-firmware: update firmware for en8811h 2.5G ethernet phy * rtw89: 8852c: update fw to v0.27.56.14 * rtw89: 8922a: add firmware v0.35.18.0 * rtw88: Add RTL8703B firmware v11.0.0 ==== kernel-source ==== Version update (6.8.6 -> 6.8.7) - Linux 6.8.7 (bsc#1012628). - drm/amd/display: fix disable otg wa logic in DCN316 (bsc#1012628). - drm/amd/display: always reset ODM mode in context when adding first plane (bsc#1012628). - drm/amd/display: Return max resolution supported by DWB (bsc#1012628). - drm/amd/display: Do not recursively call manual trigger programming (bsc#1012628). - drm/amd/display: Set VSC SDP Colorimetry same way for MST and SST (bsc#1012628). - drm/amd/display: Program VSC SDP colorimetry for all DP sinks >= 1.4 (bsc#1012628). - drm/amdgpu: differentiate external rev id for gfx 11.5.0 (bsc#1012628). - drm/amdgpu: fix incorrect number of active RBs for gfx11 (bsc#1012628). - drm/amdgpu: always force full reset for SOC21 (bsc#1012628). - drm/amdgpu: Reset dGPU if suspend got aborted (bsc#1012628). - drm/i915: Disable live M/N updates when using bigjoiner (bsc#1012628). - drm/i915: Disable port sync when bigjoiner is used (bsc#1012628). - drm/i915/psr: Disable PSR when bigjoiner is used (bsc#1012628). - drm/i915/cdclk: Fix CDCLK programming order when pipes are active (bsc#1012628). - commit a2ed3b5 - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (bsc#1012628 bsc#1217339 CVE-2024-2201). - Update config files. - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (bsc#1012628). - x86/bugs: Clarify that syscall hardening isn't a BHI mitigation (bsc#1012628). - x86/bugs: Fix BHI handling of RRSBA (bsc#1012628). - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (bsc#1012628). - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (bsc#1012628). - x86/bugs: Fix BHI documentation (bsc#1012628). - x86/bugs: Fix return type of spectre_bhi_state() (bsc#1012628). - kernfs: annotate different lockdep class for of->mutex of writable files (bsc#1012628). - selftests: kselftest: Fix build failure with NOLIBC (bsc#1012628). - irqflags: Explicitly ignore lockdep_hrtimer_exit() argument (bsc#1012628). - x86/apic: Force native_apic_mem_read() to use the MOV instruction (bsc#1012628). - selftests: kselftest: Mark functions that unconditionally call exit() as __noreturn (bsc#1012628). - selftests: timers: Fix abs() warning in posix_timers test (bsc#1012628). - selftests: timers: Fix posix_timers ksft_print_msg() warning (bsc#1012628). - selftests/timers/posix_timers: Reimplement check_timer_distribution() (bsc#1012628). - x86/cpu: Actually turn off mitigations by default for SPECULATION_MITIGATIONS=n (bsc#1012628). - perf/x86: Fix out of range data (bsc#1012628). - vhost: Add smp_rmb() in vhost_enable_notify() (bsc#1012628). - vhost: Add smp_rmb() in vhost_vq_avail_empty() (bsc#1012628). - arm64: dts: imx8-ss-dma: fix spi lpcg indices (bsc#1012628). - arm64: dts: imx8-ss-lsio: fix pwm lpcg indices (bsc#1012628). - arm64: dts: imx8-ss-dma: fix pwm lpcg indices (bsc#1012628). - arm64: dts: imx8-ss-conn: fix usb lpcg indices (bsc#1012628). - arm64: dts: imx8-ss-dma: fix adc lpcg indices (bsc#1012628). - arm64: dts: imx8-ss-dma: fix can lpcg indices (bsc#1012628). - arm64: dts: imx8qm-ss-dma: fix can lpcg indices (bsc#1012628). - drm/amdgpu/umsch: reinitialize write pointer in hw init (bsc#1012628). - drm/msm/dp: fix runtime PM leak on connect failure (bsc#1012628). - drm/msm/dp: fix runtime PM leak on disconnect (bsc#1012628). - drm/client: Fully protect modes[] with dev->mode_config.mutex (bsc#1012628). - drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() (bsc#1012628). - drm/ast: Fix soft lockup (bsc#1012628). - drm/amdkfd: Reset GPU on queue preemption failure (bsc#1012628). - drm/i915/vrr: Disable VRR when using bigjoiner (bsc#1012628). - drm/vmwgfx: Enable DMA mappings with SEV (bsc#1012628). - accel/ivpu: Fix deadlock in context_xa (bsc#1012628). - accel/ivpu: Return max freq for DRM_IVPU_PARAM_CORE_CLOCK_RATE (bsc#1012628). - accel/ivpu: Put NPU back to D3hot after failed resume (bsc#1012628). - accel/ivpu: Fix PCI D0 state entry in resume (bsc#1012628). - accel/ivpu: Check return code of ipc->lock init (bsc#1012628). - scsi: sg: Avoid race in error handling & drop bogus warn (bsc#1012628). - scsi: sg: Avoid sg device teardown race (bsc#1012628). - fs/proc: Skip bootloader comment if no embedded kernel parameters (bsc#1012628). - fs/proc: remove redundant comments from /proc/bootconfig (bsc#1012628). - kprobes: Fix possible use-after-free issue on kprobe registration (bsc#1012628). ... changelog too long, skipping 198 lines ... - commit 5c0cf23 ==== kf6-solid ==== Subpackages: libKF6Solid6 - Add patch to fix mounting encrypted drives (kde#485507, boo#1222980): * 0001-udisks-Return-empty-string-for-root-clearTextPath.patch ==== libxml2 ==== Version update (2.11.6 -> 2.12.6) Subpackages: libxml2-2 libxml2-tools - Update to version 2.12.6 * Regressions - parser: Fix detection of duplicate attributes in XML namespace - xmlreader: Fix xmlTextReaderConstEncoding - html: Fix htmlCreatePushParserCtxt with encoding - xmllint: Return error code if XPath returns empty nodeset - Update to version 2.12.5 * Security - [CVE-2024-25062] xmlreader: Don't expand XIncludes when backtracking * Regressions - parser: Fix crash in xmlParseInNodeContext with HTML documents - Update to version 2.12.4 * Regressions - parser: Fix regression parsing standalone declarations - autotools: Readd --with-xptr-locs configuration option - parser: Fix build --without-output - parser: Don't grow or shrink pull parser memory buffers - io: Fix memory lifetime issue with input buffers - Update to version 2.12.3 * Regressions - parser: Fix namespaces redefined from default attributes * Build fixes - include: Rename XML_EMPTY helper macro - include: Move declaration of xmlInitGlobals - include: Add missing includes - include: Move globals from xmlsave.h to parser.h - include: Readd circular dependency between tree.h and parser.h - Drop libxml2-CVE-2024-25062.patch as it is part of upstream ==== libzypp ==== Version update (17.32.4 -> 17.32.5) - Don't try to refresh volatile media as long as raw metadata are present (bsc#1223094) - version 17.32.5 (32) ==== llvm18 ==== Version update (18.1.3 -> 18.1.4) - Update to version 18.1.4. * Fixes an issue with Arm64EC code generation where calls to some intrinsics implemented in compiler-rt used the wrong name mangling, eventually resulting in unresolved symbol errors during linking. * Fixed an incorrect poison-generating flag preservation in `InstSimplify`. It will fix a miscompilation on RISCV, which turns the incorrect `or disjoint` into an `add`. * Save/restore routines for RV32E/RV64E are added to compiler-rt. * Fix regressions introduced in LLVM 18.1.3 in MIPS atomicrmw min/max codegen. - Include module files for libc++ in libc++-devel. - Rebase llvm-do-not-install-static-libraries.patch. ==== mozjs115 ==== - Properly tag patches. ==== podman ==== Version update (5.0.1 -> 5.0.2) - spec: Fix incorrect conditional that included TW while requiring the legacy network backend for podman, meant only for SP5 and below. - Update to version 5.0.2: * Bump to v5.0.2 * Update release notes for v5.0.2 * Emergency fix (well, skip) for failing bud tests * swagger fix infinitive recursion on some types * install swagger from source * Update go-swagger version * [v5.0] Bump c/common to v0.58.2 * fix "concurrent map writes" in network ls compat endpoint * Fix relabeling failures with Z/z volumes on Mac * Packit: Enable CentOS Stream 10 update job * Bump to v5.0.2-dev ==== python-numpy ==== Version update (1.26.2 -> 1.26.4) - Update to 1.26.4 * NumPy 1.26.4 is a maintenance release that fixes bugs and regressions discovered after the 1.26.3 release. The Python versions supported by this release are 3.9-3.12. This is the last planned release in the 1.26.x series. * BUG: Restore missing asstr import * MAINT: prepare 1.26.x for further development * BUG: numpy.array_api: fix linalg.cholesky upper decomp... * MAINT, BLD: Fix unused inline functions warnings on clang * TST: Fix test_numeric on riscv64 * MAINT: add newaxis to __all__ in numpy.array_api * BUG: Use large file fallocate on 32 bit linux platforms * TST: Fix test_warning_calls on Python 3.12 * TST: Bump pytz to 2023.3.post1 * BUG: Fix AVX512 build flags on Intel Classic Compiler * BLD: fix potential issue with escape sequences in __config__.py * BLD: unvendor meson-python on 1.26.x and upgrade to meson-python... * MAINT: Include header defining backtrace * BUG: Fix np.quantile([Fraction(2,1)], 0.5) (#24711) - Release 1.26.3 [#]# Compatibility * f2py will no longer accept ambiguous -m and .pyf CLI combinations. When more than one .pyf file is passed, an error is raised. When both -m and a .pyf is passed, a warning is emitted and the -m provided name is ignored. [#]# Improvements * f2py now handles common blocks which have kind specifications from modules. This further expands the usability of intrinsics like iso_fortran_env and iso_c_binding. [#]# Pull requests merged * MAINT: prepare 1.26.x for further development * TYP: add None to __getitem__ in numpy.array_api * BLD,BUG: quadmath required where available [f2py] * BUG: alpha doesn't use REAL(10) * BUG: Fix FP overflow error in division when the divisor is scalar * MAINT: Pin scipy-openblas version. * BUG: Fix f2py to enable use of string optional inout argument * BUG: Fix -fsanitize=alignment issue in numpy/_core/src/multiarray/arraytypes.c.src * TST: Explicitly pass NumPy path to cython during tests (also... * BUG: fix issues with newaxis and linalg.solve in numpy.array_api * BUG: Disallow shadowed modulenames * BUG: Handle common blocks with kind specifications from modules * BUG: Fix moving compiled executable to root with f2py -c on Windows * BUG: Fix single to half-precision conversion on PPC64/VSX3 * TST: f2py: fix issue in test skip condition * Revert "MAINT: Pin scipy-openblas version." * MAINT: do not use long type * TST: PyPy needs another gc.collect on latest versions * MAINT: Bump conda-incubator/setup-miniconda from 2.2.0 to 3.0.1 * BLD: update vendored Meson for AIX shared library fix * MAINT: Init base in cpu_avx512_kn * BUG: Fix failing test_features on SapphireRapids * BUG: Fix non-contiguous memory load when ARM/Neon is enabled * MAINT,BUG: Never import distutils above 3.12 [f2py] * MAINT: make the import-time check for old Accelerate more specific * MAINT: Bump actions/setup-node and larsoner/circleci-artifacts-redirector-action * BUG: avoid seg fault from OOB access in RandomState.set_state() * BUG: Fix two errors related to not checking for failed allocations * BUG: Fix regression with f2py wrappers when modules and subroutines... * BUG: Fix build issues on SPR * BLD: fix uninitialized variable warnings from simd/neon/memory.h * BUG: Handle iso_c_type mappings more consistently * BUG: Fix module name bug in signature files [urgent] [f2py] * BUG: Handle .pyf.src and fix SciPy [urgent] * DOC: f2py rewrite with meson details * BUG: Add external library handling for meson [f2py] * MAINT: Run f2py's meson backend with the same python that ran... * MAINT: Update numpy/f2py/_backends from main. * MAINT: Easy updates of f2py/*.py from main. * MAINT: Update crackfortran.py and f2py2e.py from main ==== python-pycparser ==== Version update (2.21 -> 2.22) - update to 2.22: * Add missing SCHAR limit defines * Use proper SPDX identifier * Add Python 3.11 as a supported version * Fix multi-pragma/single statement blocks (#479) * Add an encoding parameter to parse_file * Feature/add pragma support * Set up permissions to ci.yml * _build_tables: Invalidate cache before importing generated modules * Upgrade GitHub Actions * Create a Security Policy * New example to generate AST from scratch * Add support for Python 3.12 * ply: Make generated lextab.py deterministic - drop fix-lexer-build.patch (upstream) ==== python-pycups ==== Version update (2.0.1 -> 2.0.4) - update to 2.0.4: * remove the install_requires from setup.py * removed shebang from example/cupstree.py * ignore driverless utilities for postscriptdriver tags creation (Fedora bug #1873385) * remove epydoc from Makefile (#27) * fix invalid delete of pointer (#11) * Makefile uses wrong Python (#32) * define PY_SSIZE_T_CLEAN in cupsipp.h - fixes traceback during IPPRequest.writeIO with Python 3.10 * fix the test.py when there is no printer installed (#46) * Use PyObject_Call() instead of deprecated PyEval ==== python311 ==== Version update (3.11.8 -> 3.11.9) - Add CVE-2023-52425-libexpat-2.6.0-backport.patch to fix tests with patched libexpat below 2.6.0 that doesn't update the version number, just in SLE. - Remove not needed upstream patches: * libexpat260.patch * CVE-2023-6597-TempDir-cleaning-symlink.patch, bsc#1219666 - Update to 3.11.9: * Security - gh-115398: Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425, bsc#1219559) by adding five new methods: xml.etree.ElementTree.XMLParser.flush() xml.etree.ElementTree.XMLPullParser.flush() xml.parsers.expat.xmlparser.GetReparseDeferralEnabled() xml.parsers.expat.xmlparser.SetReparseDeferralEnabled() xml.sax.expatreader.ExpatParser.flush() - gh-115399: Update bundled libexpat to 2.6.0 - gh-115243: Fix possible crashes in collections.deque.index() when the deque is concurrently modified. - gh-114572: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads. * Core and Builtins - gh-116296: Fix possible refleak in object.__reduce__() internal error handling. - gh-116034: Fix location of the error on a failed assertion. - gh-115823: Properly calculate error ranges in the parser when raising SyntaxError exceptions caused by invalid byte sequences. Patch by Pablo Galindo - gh-112087: For an empty reverse iterator for list will be reduced to reversed(). Patch by Donghee Na. - gh-115011: Setters for members with an unsigned integer type now support the same range of valid values for objects that has a __index__() method as for int. - gh-96497: Fix incorrect resolution of mangled class variables used in assignment expressions in comprehensions. * Library - gh-117310: Fixed an unlikely early & extra Py_DECREF triggered crash in ssl when creating a new _ssl._SSLContext if CPython was built implausibly such that the default cipher list is empty or the SSL library it was linked against reports a failure from its C SSL_CTX_set_cipher_list() API. - gh-117178: Fix regression in lazy loading of self-referential modules, introduced in gh-114781. - gh-117084: Fix zipfile extraction for directory entries with the name containing backslashes on Windows. - gh-117110: Fix a bug that prevents subclasses of typing.Any to be instantiated with arguments. Patch by Chris Fu. - gh-90872: On Windows, subprocess.Popen.wait() no longer calls WaitForSingleObject() with a negative timeout: pass 0 ms if the timeout is negative. Patch by Victor Stinner. - gh-116957: configparser: Don’t leave ConfigParser values in an invalid state (stored as a list instead of a str) after an earlier read raised DuplicateSectionError or DuplicateOptionError. - gh-90095: Ignore empty lines and comments in .pdbrc - gh-116764: Restore support of None and other false values in urllib.parse functions parse_qs() and parse_qsl(). Also, they now raise a TypeError for non-zero integers and non-empty sequences. - gh-116811: In PathFinder.invalidate_caches, delegate to MetadataPathFinder.invalidate_caches. - gh-116600: Fix repr() for global Flag members. - gh-116484: Change automatically generated tkinter.Checkbutton widget names to avoid collisions with automatically generated tkinter.ttk.Checkbutton widget names within the same parent widget. - gh-116401: Fix blocking os.fwalk() and shutil.rmtree() on opening named pipe. - gh-116143: Fix a race in pydoc _start_server, eliminating a window in which _start_server can return a thread that is “serving” but without a docserver set. - gh-116325: typing: raise SyntaxError instead of AttributeError on forward references as empty strings. - gh-90535: Fix support of interval values > 1 in logging.TimedRotatingFileHandler for when='MIDNIGHT' and when='Wx'. - gh-115978: Disable preadv(), readv(), pwritev(), and writev() on WASI. - Under wasmtime for WASI 0.2, these functions don’t pass test_posix (https://github.com/bytecodealliance/wasmtime/issues/7830). - gh-88352: Fix the computation of the next rollover time in the logging.TimedRotatingFileHandler handler. computeRollover() now always returns a timestamp larger than the specified time and works correctly during the DST change. doRollover() no longer overwrite the already rolled over file, saving from data loss when run at midnight or during repeated time at the DST change. - gh-87115: Set __main__.__spec__ to None when running a script with pdb - gh-76511: Fix UnicodeEncodeError in email.Message.as_string() that results when a message that claims to be in the ascii character set actually has non-ascii characters. Non-ascii characters are now replaced with the U+FFFD replacement character, like in the replace error handler. - gh-75988: Fixed unittest.mock.create_autospec() to pass the call through to the wrapped object to return the real result. - gh-115881: Fix issue where ast.parse() would incorrectly flag conditional context managers (such as with (x() if y else z()): ... changelog too long, skipping 156 lines ... 64-bit platforms. ==== python311-core ==== Version update (3.11.8 -> 3.11.9) Subpackages: libpython3_11-1_0 python311-base - Add CVE-2023-52425-libexpat-2.6.0-backport.patch to fix tests with patched libexpat below 2.6.0 that doesn't update the version number, just in SLE. - Remove not needed upstream patches: * libexpat260.patch * CVE-2023-6597-TempDir-cleaning-symlink.patch, bsc#1219666 - Update to 3.11.9: * Security - gh-115398: Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425, bsc#1219559) by adding five new methods: xml.etree.ElementTree.XMLParser.flush() xml.etree.ElementTree.XMLPullParser.flush() xml.parsers.expat.xmlparser.GetReparseDeferralEnabled() xml.parsers.expat.xmlparser.SetReparseDeferralEnabled() xml.sax.expatreader.ExpatParser.flush() - gh-115399: Update bundled libexpat to 2.6.0 - gh-115243: Fix possible crashes in collections.deque.index() when the deque is concurrently modified. - gh-114572: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads. * Core and Builtins - gh-116296: Fix possible refleak in object.__reduce__() internal error handling. - gh-116034: Fix location of the error on a failed assertion. - gh-115823: Properly calculate error ranges in the parser when raising SyntaxError exceptions caused by invalid byte sequences. Patch by Pablo Galindo - gh-112087: For an empty reverse iterator for list will be reduced to reversed(). Patch by Donghee Na. - gh-115011: Setters for members with an unsigned integer type now support the same range of valid values for objects that has a __index__() method as for int. - gh-96497: Fix incorrect resolution of mangled class variables used in assignment expressions in comprehensions. * Library - gh-117310: Fixed an unlikely early & extra Py_DECREF triggered crash in ssl when creating a new _ssl._SSLContext if CPython was built implausibly such that the default cipher list is empty or the SSL library it was linked against reports a failure from its C SSL_CTX_set_cipher_list() API. - gh-117178: Fix regression in lazy loading of self-referential modules, introduced in gh-114781. - gh-117084: Fix zipfile extraction for directory entries with the name containing backslashes on Windows. - gh-117110: Fix a bug that prevents subclasses of typing.Any to be instantiated with arguments. Patch by Chris Fu. - gh-90872: On Windows, subprocess.Popen.wait() no longer calls WaitForSingleObject() with a negative timeout: pass 0 ms if the timeout is negative. Patch by Victor Stinner. - gh-116957: configparser: Don’t leave ConfigParser values in an invalid state (stored as a list instead of a str) after an earlier read raised DuplicateSectionError or DuplicateOptionError. - gh-90095: Ignore empty lines and comments in .pdbrc - gh-116764: Restore support of None and other false values in urllib.parse functions parse_qs() and parse_qsl(). Also, they now raise a TypeError for non-zero integers and non-empty sequences. - gh-116811: In PathFinder.invalidate_caches, delegate to MetadataPathFinder.invalidate_caches. - gh-116600: Fix repr() for global Flag members. - gh-116484: Change automatically generated tkinter.Checkbutton widget names to avoid collisions with automatically generated tkinter.ttk.Checkbutton widget names within the same parent widget. - gh-116401: Fix blocking os.fwalk() and shutil.rmtree() on opening named pipe. - gh-116143: Fix a race in pydoc _start_server, eliminating a window in which _start_server can return a thread that is “serving” but without a docserver set. - gh-116325: typing: raise SyntaxError instead of AttributeError on forward references as empty strings. - gh-90535: Fix support of interval values > 1 in logging.TimedRotatingFileHandler for when='MIDNIGHT' and when='Wx'. - gh-115978: Disable preadv(), readv(), pwritev(), and writev() on WASI. - Under wasmtime for WASI 0.2, these functions don’t pass test_posix (https://github.com/bytecodealliance/wasmtime/issues/7830). - gh-88352: Fix the computation of the next rollover time in the logging.TimedRotatingFileHandler handler. computeRollover() now always returns a timestamp larger than the specified time and works correctly during the DST change. doRollover() no longer overwrite the already rolled over file, saving from data loss when run at midnight or during repeated time at the DST change. - gh-87115: Set __main__.__spec__ to None when running a script with pdb - gh-76511: Fix UnicodeEncodeError in email.Message.as_string() that results when a message that claims to be in the ascii character set actually has non-ascii characters. Non-ascii characters are now replaced with the U+FFFD replacement character, like in the replace error handler. - gh-75988: Fixed unittest.mock.create_autospec() to pass the call through to the wrapped object to return the real result. - gh-115881: Fix issue where ast.parse() would incorrectly flag conditional context managers (such as with (x() if y else z()): ... changelog too long, skipping 156 lines ... 64-bit platforms. ==== setools ==== Version update (4.4.4 -> 4.5.0) - Fix build for 15.4 and 15.5: - Minimum required python version is 3.11, so building only for python311 - Remove dependency for networkx: 0001-Make-networkx-optional-again-Fixes-125.patch - Update to version 4.5.0: - User Visible Changes * Add graphical results for information flow analysis and domain transition analysis, available in apol, sedta, and seinfoflow. * Add tooltips, What's This?, and detail popups in apol to help cross-referencing query and analysis results along with context-sensitive help. - Under The Hood Changes * Rework apol to fully generate the UI programmatically. * Update apol to PyQt6 * Replace deprecated uses of pkg_resources and distutils. * Begin adding unit tests for apol UI. - Updated Dependencies SETools now higher minimum versions of the following dependencies: * Python 3.10 * NetworkX 2.6 * PyQt6 * Cython 0.29.14 - New Dependencies * pygraphviz (for seinfoflow, sedta, apol) ==== transactional-update ==== Version update (4.6.5 -> 4.6.6) Subpackages: dracut-transactional-update libtukit4 transactional-update-zypp-config tukit - Version 4.6.6 - soft-reboot: Fix inverted logic of soft-reboot detection - soft-reboot: Don't use D-Bus for snapper call - it may be shutting down already - soft-reboot: Remove unused variable - doc: Document configuration file snippets for tukit.conf - Remove script to disable soft-reboot support - this is the default for now anyway ==== xfsprogs ==== Version update (6.6.0 -> 6.7.0) - update to 6.7.0 - xfsprogs: Several configure script updates - xfs_io: Use system's SEEK_DATA and SEEK_HOLE definition - xfsprogs: Remove platform_defs.h generation on build time - xfs_db: Fix metadata read error due hardcoded initialization of bb_count - xfsprogs: Request 64-bit time_t where possible - xfsprogs: Remove use of LFS64 interfaces