Packages changed: bluez (5.56 -> 5.58) curl (7.75.0 -> 7.76.0) ell (0.38 -> 0.39) fwupd (1.5.7 -> 1.5.8) hwdata (0.345 -> 0.346) icu installation-images-MicroOS (16.56 -> 16.62) libinput (1.17.0 -> 1.17.1) libopenmpt (0.5.5 -> 0.5.7) libva (2.10.0 -> 2.11.0) libxkbcommon (1.1.0 -> 1.2.0) makedumpfile (1.6.7 -> 1.6.8) ncurses (6.2.20210313 -> 6.2.20210327) openssl (1.1.1j -> 1.1.1k) openssl-1_1 (1.1.1j -> 1.1.1k) rav1e (0.4.0 -> 0.4.1) systemd (246.11 -> 246.13) vim (8.2.2607 -> 8.2.2725) xf86-input-libinput (0.30.0 -> 1.0.0) === Details === ==== bluez ==== Version update (5.56 -> 5.58) Subpackages: libbluetooth3 - update to 5.58: * Fix issue with usage of deprecated GLib functions. - version 5.57: * Fix issue with handling GATT notification PDU parsing. * Fix issue with registering DIS without a valid source. * Fix issue with removing remote SEPs when loading from cache. - remove upstreamed bluez-avdtp-Fix-removing-all-remote-SEPs-when-loading-from.patch - add bluez-avdtp-Fix-removing-all-remote-SEPs-when-loading-from.patch Fix Bluetooth headphones disconnect periodically(bsc#1183821) ==== curl ==== Version update (7.75.0 -> 7.76.0) Subpackages: libcurl4 - Update to 7.76.0 * Security fixes: - [bsc#1183933, CVE-2021-22876]: strip credentials from the auto-referer header field - [bsc#1183934, CVE-2021-22890]: add 'isproxy' argument to Curl_ssl_get/addsessionid() * Changes: - cookies: Support multiple -b parameters - curl: add --fail-with-body - doh: add options to disable ssl verification - http: add support to read and store the referrer header - sasl: support SCRAM-SHA-1 and SCRAM-SHA-256 via libgsasl - vtls: initial implementation of rustls backend * Bugfixes: - CVE-2021-22876: strip credentials from the auto-referer header field - CVE-2021-22890: add 'isproxy' argument to Curl_ssl_get/addsessionid() - c-hyper: support automatic content-encoding - configure: only add OpenSSL paths if they are defined - configure: provide Largefile feature for curl-config - curl: set CURLOPT_NEW_FILE_PERMS if requested - doh: Fix sharing user's resolve list with DOH handles - doh: Inherit CURLOPT_STDERR from user's easy handle - dynbuf: bump the max HTTP request to 1MB - ftp: add 'list_only' to the transfer state struct - ftp: add 'prefer_ascii' to the transfer state struct - ftp: allow SIZE to fail when doing (resumed) upload - ftp: avoid SIZE when asking for a TYPE A file - ftp: fix memory leak in ftp_done - ftp: never set data->set.ftp_append outside setopt - gnutls: assume nettle crypto support - http2: don't set KEEP_SEND when there's no more data to be sent - http2: fail if connection terminated without END_STREAM - http: do not add a referrer header with empty value - http: strip default port from URL sent to proxy - http: use credentials from transfer, not connection - lib: remove 'conn->data' completely - multi: close the connection when h2=>h1 downgrading - multi: do once-per-transfer inits in before_perform in DID state - multi: rename the multi transfer states - multi: update pending list when removing handle - ngtcp2: adapt to the new recv_datagram callback - ngtcp2: clarify calculation precedence - ngtcp2: sync with recent API updates - openssl: adapt to v3's new const for a few API calls - openssl: ensure to check SSL_CTX_set_alpn_protos return values - openssl: remove get_ssl_version_txt in favor of SSL_get_version - parse_proxy: fix a memory leak in the OOM path - url: fix memory leak if OOM in the HSTS handling - url: fix possible use-after-free in default protocol - urldata: don't touch data->set.httpversion at run-time - urldata: merge "struct DynamicStatic" into "struct UrlState" - urldata: remove the 'rtspversion' field - urldata: remove the _ORIG suffix from string names - wolfssl: don't store a NULL sessionid ==== ell ==== Version update (0.38 -> 0.39) - update to 0.39: * Add support for serialized test execution framework ==== fwupd ==== Version update (1.5.7 -> 1.5.8) Subpackages: libfwupd2 libfwupdplugin1 typelib-1_0-Fwupd-2_0 - Remove valgrind from BuildRequires since it's not a hard requirement anymore. (bsc#1184248) - Update to version 1.5.8: New features: * Add a new internal flag to opt-in to GUID matching * Add D501 Baklava device support * Add fu_device_set_battery_level() * Add missing uint64 read and write helpers * Add Qubes wrapper source and create packages * Allow enabling plugins only matching a specific HwId * Prompt for unlock keypress if reset command is blocked * Remove obsolete dell-dock non-passive update flow support * Remove the Hughski public key * Show a warning when parsing invalid quirk files * Support for GATT characteristic signals/notifications * Support more than one protocol for a given device Fixes: * Align the CCGX DMC firmware to 64 byte chunks * Be more strict for custom quirk keys * Check pixart firmware compatibility with hardware before flashing * Correct a thunderbolt assertion if kernel failed FW read * Correctly erase STM32 devices when transfer size is less than sector size * Detect SREC overflow to avoid adding ~4GB of 0xFF padding * Do not show a critical error when flashing footer-less binary files * Don't allow device updates while needing activation * Fix a regression in the elantp defined IAP start address * Fix a regression where activate stopped working * Fix firmware update of pointing device on Lenovo ThinkPad Nano * Fix the HSI plugin 'Disabled' state * Fix the quirk key name for the Lenovo HDMI with power * Fix writing to the GD32VF103 bootloader * Only call elantp->detach() when writing a firmware blob * Updated StarLabs GUIDs * Wait a few ms for the Logitech hardware to settle after detach - Remove GPG-KEY-Hughski-Limited from the filelist - Drop upstreamed patch + fwupd-bsc1182057-fix-sbat-section-copy.patch ==== hwdata ==== Version update (0.345 -> 0.346) - Update to version 0.346: + Updated pci, usb and vendor ids. + Resolves boo#1182482 jsc#SLE-13791 bnc#1170160 ==== icu ==== Subpackages: libicu68 libicu68-ledata - Add icu-drop-testTemperature.patch to fix boo#1182645 The test has been dropped in master branch ==== installation-images-MicroOS ==== Version update (16.56 -> 16.62) - merge gh#openSUSE/installation-images#473 - adjust NVME config initialisation (bsc#1183230) - 16.62 - merge gh#openSUSE/installation-images#470 - Fix firmware dir for usrmerge (boo#1029961) - remote_log_setup: support loghost with port - 16.61 - merge gh#openSUSE/installation-images#450 - Add support for riscv64 - 16.60 - merge gh#openSUSE/installation-images#475 - remove bind-libs BuildRequires - 16.59 - merge gh#openSUSE/installation-images#474 - remove changelog file - update git2log script to latest version - clean up VERSION - remove .gitignore - 16.58 - merge gh#openSUSE/installation-images#472 - handle update-alternative symlinks automatically - remove update-alternative hacks - 16.57 ==== libinput ==== Version update (1.17.0 -> 1.17.1) - Update to release 1.17.1 * quirks: add quirks for Apple SPI input devices * Add Lenovo Legion 5 keyboard to 50-system-lenovo.quirks ==== libopenmpt ==== Version update (0.5.5 -> 0.5.7) - Update to 0.5.7: * [Sec] Possible null-pointer dereference read caused by a sequence of openmpt::module::read, openmpt::module::set_position_seconds with a position past the song end, and another openmpt::module::read call. * IT: Instrument / sample panning was reset on note-off / fade commands. * IMF: Set Finetune is now implemented correctly. * Fixed excessive memory consumption with malformed files in various formats. - Update to 0.5.6: * AMS: Avoid allocating excessive amount of memory for compressed song message in malformed files. * S3M: Some samples or OPL patches were imported with a too high sample rate if module was saved with Scream Tracker 3. ==== libva ==== Version update (2.10.0 -> 2.11.0) Subpackages: libva-drm2 libva2 - update to 2.11.0: * add: LibVA Protected Content API * add: Add a configuration attribute to advertise AV1d LST feature * fix: wayland: don't try to authenticate with render nodes * autotools: use shell grouping instead of sed to prepend a line * trace: Add details data dump for mpeg2 IQ matrix. * doc: update docs for VASurfaceAttribPixelFormat * doc: Libva documentation edit for AV1 reference frames * doc: Modify AV1 frame_width_minus1 and frame_height_minus1 comment * doc: Remove tile_rows and tile_cols restriction to match AV1 spec * doc: Format code for doxygen output * doc: AV1 decode documentation edit for superres_scale_denominator * ci: upgrade FreeBSD to 12.2 * ci: disable travis build * ci: update cache before attempting to install packages * ci: avoid running workloads on other workloads changes * ci: enable github actions ==== libxkbcommon ==== Version update (1.1.0 -> 1.2.0) Subpackages: libxkbcommon-x11-0 libxkbcommon0 - Update to release 1.2.0 * `xkb_x11_keymap_new_from_device()` is much faster. It now performs only 2 roundtrips to the X server, instead of dozens (in first-time calls). * Case-sensitive `xkb_keysym_from_name()` is much faster. * Keysym names of the form `0x12AB` and `U12AB` are parsed more strictly. * Compose files now have a size limit (65535 internal nodes). * Compose table loading (`xkb_compose_table_new_from_locale()` and similar) is much faster. ==== makedumpfile ==== Version update (1.6.7 -> 1.6.8) - Support kernel 5.11: * makedumpfile-use-uts_namespace.name-offset-VMCOREINFO.patch: make use of 'uts_namespace.name' offset in VMCOREINFO. - Update upstream project location (URL and Source). - Update to version 1.6.8: * Support newer kernels up to v5.9 * arm64: Add support for ARMv8.2-LPA (52-bit PA support) * Retrieve MAX_PHYSMEM_BITS from vmcoreinfo * sadump, kaslr: fix failure of calculating kaslr_offset * Introduce --check-params option * cope with not-present mem section - Drop upstreamed patches: * makedumpfile-Fix-cd_header-offset-overflow-with-large-pfn.patch * makedumpfile-arm64-Align-PMD_SECTION_MASK-with-PHYS_MASK.patch * makedumpfile-sadump-Fix-failure-of-reading.patch - Allow to read kernel log from the lockless ringbuffer (bsc#1183965): * makedumpfile-printk-add-support-for-lockless-ringbuffer.patch * makedumpfile-printk-use-committed-finalized-state-value.patch ==== ncurses ==== Version update (6.2.20210313 -> 6.2.20210327) Subpackages: libncurses6 ncurses-utils terminfo-base - Disable pcre support for now (boo#1183960, boo#1184083) - Add ncurses patch 20210327 + build-fixes for Solaris10 /bin/sh + fix some cppcheck warnings, mostly style, in ncurses test-programs, form and menu libraries. - Add ncurses patch 20210323 + add configure option --enable-stdnoreturn, making the _Noreturn keyword optional to ease transition (prompted by report by Rajeev V Pillai). - Enhence cursescheck script - Disable _Noreturn usage as it breaks build of e.g. dialog - Add ncurses patch 20210320 + improve parameter-checking in tput by forcing it to analyze any extended string capability, e.g., as used in the Cs and Ms capabilities of the tmux description (report by Brad Town, cf: 20200531). + remove an incorrect free in the fallback (non-checking) version of _nc_free_and_exit (report by Miroslav Lichvar). + correct use-ordering in some xterm-direct flavors -TD + add hterm, hterm-256color (Mike Frysinger) + if the build-time compiler accepts c11's _Noreturn keyword, use that rather than gcc's attribute. + change configure-check for gcc's noreturn attribute to assume it is a prefix rather than suffix, matching c11's _Noreturn convention. + add "lint" rule to c++/Makefile, e.g., with cppcheck. - Port patch ncurses-6.2.dif by correcting offsets ==== openssl ==== Version update (1.1.1j -> 1.1.1k) - Update to 1.1.1k release ==== openssl-1_1 ==== Version update (1.1.1j -> 1.1.1k) Subpackages: libopenssl1_1 - Update to 1.1.1k * Fixed a problem with verifying a certificate chain when using the X509_V_FLAG_X509_STRICT flag. This flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. ([CVE-2021-3450]) * Fixed an issue where an OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. ([CVE-2021-3449]) ==== rav1e ==== Version update (0.4.0 -> 0.4.1) - avoid packaging the pkgconfig dir - it comes from filesystem - spec-cleaner run - Update to version 0.4.1 * https://github.com/xiph/rav1e/releases/tag/v0.4.1 ==== systemd ==== Version update (246.11 -> 246.13) Subpackages: libsystemd0 libudev1 systemd-logger systemd-sysvinit udev - Import commit 14581e01203df7aa63c7c8383a12e6ebe258476f (merge of v246.13) 423b1e759c Revert "resolved: gracefully handle with packets with too large RR count" (bsc#1183745) 4723778738 meson.build: make xinitrcdir configurable (bsc#1183408) [...] For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/9753d1c17545a5d46530696cb14254f5f12024f1...14581e01203df7aa63c7c8383a12e6ebe258476f - Drop 0001-Revert-resolved-gracefully-handle-with-packets-with-.patch as it's part of v246.13. - Make use of the new build option to ship xinitrc in /usr/etc/X11/xinit/xinitrc.d (bsc#1183408) - Add 0001-Revert-resolved-gracefully-handle-with-packets-with-.patch Temporary workaround for bsc#1183745 (upstream issue 18917) until an actual fix is found. - Default to the "unified" cgroup hierarchy. At this point, most users of cgroup (such as docker, libvirt, kubernetes) should be ready for this change. It's still possible to switch back to the old "hybrid" hierarchy by passing "systemd.unified_cgroup_hierarchy=0" option to the kernel command line. ==== vim ==== Version update (8.2.2607 -> 8.2.2725) Subpackages: vim-data-common vim-small - Updated to version 8.2.2725, fixes the following problems * strcharpart() cannot include composing characters. * Character input not fully tested. * Test disabled on MS-Windows even though it should work. * Mouse click test fails when using remote connection. * Conditions for startup tests are not exactly right. * col('.') may get outdated column value. * New test throws exception. * Vim9: function is deleted while executing. * Test is sourcing the wrong file. * Vim9: if 'cpo' is changed in Vim9 script it may be restored. * Vim9: script variable in a block scope not found by a nested function. * Vim9: cannot use a normal list name to store function refs. * Vim9: no test for return type of lambda. * Vim9: Using #{ for a dictionary gives strange errors. * typval2type() cannot handle recursive structures. * GTK: error when starting up and -geometry is given. (Dominique Pellé) * Some tests fail when run as root. * Atom files not recognized. * Rss files not recognized. * GTK3: error when starting up and -geometry is given. (Dominique Pellé) * No need to check for BSD after checking for not root. * Vim9: #{ can still be used at the script level. * Vim9: error for #{{ is not desired. * Hard to see where a test gets stuck. * Commands from winrestcmd() do not always work properly. (Leonid V. Fedorenchik) * Not all command line arguments are tested. * Multi-byte 'fillchars' for folding do not show properly. * 'tagfunc' does not indicate using a pattern. * Vim9: cannot define an inline function. * Memory leak when compiling inline function. * prop_remove() causes a redraw even when nothing changed. * Cannot write a message to the terminal from the GUI. * Build failure when fsync() is not available. * screenstring() returns non-existing composing characters. * Display test fails because of lacking redraw. * Vim9: no clear error for wrong inline function. * Various code not covered by tests. * prop_clear() causes a screen update even when nothing changed. * Using inline function is not properly tested. * Vim9: error for not using string doesn't mention argument. * Terminal test sometimes hangs. * Terminal resize test sometimes hangs. * Vim9: some wincmd arguments cause a white space error. * Vim9: command modifiers not handled in nested function. * Vim9: restoring command modifiers happens after jump. * Vim9: can use command modifier without an effect. * Build failure. * Vim9: getting a character from a string can be slow. * The -w command line argument doesn't work. * Some command line arguments and regexp errors not tested. * Vim9: error message for declaring variable in for loop. * :for cannot loop over a string. * Eval test fails because for loop on string works. * Vim9: no error for declaration with trailing text. * Leaking memory when looping over a string. * There is no way to avoid some escape sequences. * Vim9: leaking memory when inline function has an error. * Vim9: not enough function arguments checked for string. * Test failures. * Vim9: not enough function arguments checked for string. * prop_find() cannot find item matching both id and type. * Vim9: omitting "call" for "confirm()" does not give an error. * Command line completion does not work after "vim9". * Vim9: error for append(0, text). * Error for line number in legacy script. * Vim9: cannot use :lockvar and :unlockvar in compiled script. * Vim9: script-local funcref can have lower case name. * Directory change in a terminal window shell is not followed. * Missing error message. * Vim9: cannot use only some of the default arguments. * Test for 'autoshelldir' does not reset the option. * Winbar drawn over status line for non-current window with winbar if frame is zero height. (Leonid V. Fedorenchik) * Vim9: problem defining a script variable from legacy function. * Vim9: test fails for redeclaring script variable. * Vim9: cannot find Name.Func from "import * as Name". (Alexander Goussas) * Build failure without the +eval feature. * Not enough folding code is tested. * Custom statusline not drawn correctly with WinBar. * Status line is not updated when going to cmdline mode. * Vim9: cannot use "const" for global variable in :def function. * Vim9: crash when using s: for script variable. * Tiny build fails. * PowerShell files are not recognized. * Autoconf may mess up compiler flags. * Vim9: locked script variable can be changed. * Vim9: locked script variable can be changed. * When 'matchpairs' is empty every character beeps. (Marco Hinz) * Cursor position reset with nested autocommands. * Lua test fails with Lua 5.4.3 and later. * Function list test fails. * Lua test fails on MS-Windows. * Lua test fails. * Nested autocmd test fails sometimes. * Order of removing FORTIFY_SOURCE is wrong. * Compiler completion test fails when more scripts are added. * Vim9: memory leak when failing on locked variable. * Adding a lot of completions can be a bit slow. * Vim9: misleading reported line number for wrong type. * Vim9: wrong line number reported for boolean operator. * Adding a lot of completions can still be a bit slow. * Test sometimes fails waiting for shell in terminal. * The GTK GUI has a gap next to the scrollbar. * Vim9: not all tests cover script and :def function. * "gj" in a closed fold does not move out of the fold. (Marco Hinz) * Memory leak when adding to a blob fails. * Folding code not sufficiently tested. * Filetype pattern ending in star is too far up. * Vim9: tests fail without the channel feature. (Dominique Pellé) * The equivalent class regexp is missing some characters. * GTK menu items don't show a tooltip. * Vim9: no explicit test for using a global function without the g: prefix. * Vim9: appending to dict item doesn't work in a :def function. * GTK menu tooltip moves the cursor. * Vim9: cannot have a linebreak inside a lambda. * Vim9: crash when using LHS with double index. * Assignment test fails. * Vim9: concatenating to list in dict not tested. * Vim9: message about compiling is wrong when using try/catch. ==== xf86-input-libinput ==== Version update (0.30.0 -> 1.0.0) - Update to version 1.0.0 * The biggest change here is the license change to MIT. Due to an unfortunate copy/paste error, the actual license text used was the Historical Permission Notice and Disclaimer license. With the ack of the various contributors, the driver is now using the MIT license text as intended. The actual impact is low, the HPND is virtually identical to the MIT license anyway (ianal, consult your legal dept if you have one). * The only other notable change: cancelled touch points are now lifted correctly. Where libinput cancels a touch, e.g. in response to a palm being detected, the touch point previously got stuck in the down state. This is fixed now.