Packages changed: bind clamav (1.3.1 -> 1.4.1) dracut-pcr-signature (0.5+0 -> 0.5+1) dump (0.4b47 -> 0.4b49) eekboard flashrom (1.4.0 -> 1.5.0) fwupd-efi (1.3 -> 1.7) glslang (15.0.0 -> 15.1.0) gnome-calculator (47.0 -> 47.1) meson (1.6.0 -> 1.6.1) mozjs128 openSUSE-release (20241217 -> 20241218) python-urllib3 qalculate (5.2.0 -> 5.4.0) sdbootutil (1+git20241206.dccea55 -> 1+git20241217.5aeb4e9) sendmail === Details === ==== bind ==== Subpackages: bind-doc bind-utils - update root hints file to 2024-11-20 version (boo#1234406) ==== clamav ==== Version update (1.3.1 -> 1.4.1) Subpackages: libclamav12 libclammspack0 libfreshclam3 - fix factory submission (clam.tcl, clamscan.log) - New version 1.4.1: * [CVE-2024-20506, bsc#1230162]: Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with existing access to the 'clamd' or 'freshclam' services from using a symlink to corrupt system files. * [CVE-2024-20505, bsc#1230161]: Fixed a possible out-of-bounds read bug in the PDF file parser that could cause a denial-of-service (DoS) condition. * https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html - New version 1.4.0: * Added support for extracting ALZ archives. * Added support for extracting LHA/LZH archives. * Added the ability to disable image fuzzy hashing, if needed. For context, image fuzzy hashing is a detection mechanism useful for identifying malware by matching images included with the malware or phishing email/document. * https://blog.clamav.net/2024/08/clamav-140-feature-release-and-clamav.html - New version 1.3.2: * CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with existing access to the 'clamd' or 'freshclam' services from using a symlink to corrupt system files. * CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file parser that could cause a denial-of-service condition. * Removed unused Python modules from freshclam tests including deprecated 'cgi' module that is expected to cause test failures in Python 3.13. * Fix unit test caused by expiring signing certificate. * Fixed a build issue on Windows with newer versions of Rust. Also upgraded GitHub Actions imports to fix CI failures. * Fixed an unaligned pointer dereference issue on select architectures. * Fixes to Jenkins CI pipeline. - Remove upstreamed 1305.patch ==== dracut-pcr-signature ==== Version update (0.5+0 -> 0.5+1) - Update to version 0.5+1: * Make the mount do not depend of default service ==== dump ==== Version update (0.4b47 -> 0.4b49) - Update to 0.4b49: * Reworking of regression tests and test harness * Import some patches from the Debian package. * restore -N should never change the fs. Fixes #154 * Support outputting list of files from restore -t with '\0' separator (Patch from debian bug 703564 by Heiko Schlittermann) * Fix reading of QFA file when listing tape. * Support restoring to filesystems with a blocksize that isn't a multiple of TP_BSIZE (debian bug 995992). This is a different fix to the one currently in debian. The advantage of using a common multiple, if available, is that every FS block will only be written to once. Fixed an issue where the alignment between blocksize and writing pos becomes misaligned when a sparse hole doesn't occupy a full fs block (happens when restoring to a FS with a different, larger blocksize than the one the dump was taken on. * Numerous other minor patches from the Debian package * Don't read off end of buffer when restoring symlinks * Fix some weirdness around dumping a subdirectory. Do not include the inodes for all of the items in the subdirectories - which then give a restore error "inode not found on tape" * Fix EA problem when EAs blocks are read immediately before a tape change. * Allow compressed dumps to work when -b blocksize setting is the maximum a tape drive supports. * Remove code added for building on systems other than __linux__ * Major reworking of how reading from disk and tape works. Dump now supports writing a compressed dump to a file and then writing that to tape. There is now only one "read" function. We do not have separate functions for reading tapes, files, compressed tapes, compressed files. * Improve the efficiency of TS_ADDR (and TS_INODE) record for representing larger files. A single TS_ADDR record can now represent up to 4GB of file rather than just 512K. Dumps written by 0.4b49 cannot be restored using 0.4b48 and before. - 0.4b48 changelog: * Handle fs with more than 2^32 blocks (Greg Oster) * Handle EA stored in blocks with address >2^32. * Handle the case were EAs are stored across two blocks. Fixes several reported bugs regarding the restore of directory attributes. Additionally, now restore -C passes too. Originally restore -C was patched for files, but not directories, in debian bug#940473 by Alexander Zangerl. Substantially redone and extended to directory attributes here. * Do not record garbage data in dump for files with EXT2_EXTENT_FLAGS_UNINIT set indicating that the disk block has not been written to and should be assumed to be all zeros. * Dump small files on ext4 partitions with -O inline-data set. * Major performance enhancements on the restoring and verifying of very sparse files. * Handle dumps that are over 2^32 (tape) blocks long (>4T) * Handle restoring sparse files that start with a hole from dump versions 0.4b42/43. Previously they were restored but corrupted as some of the initial hole was moved to the end. * Many cleanups. Move to autoconf v0.71. Remove need to build with - fcommon. Build with -W -Wall and without compiler warnings. Add some compile time checks for structures that are written to tape and must not change. * Extensive regression tests. Every bug fixed by 0.4b48 release is now covered by a regression test along with testing the restore of a historical dump created by the previous versions from 0.4b5 through 0.4b47. - Use autopatch - Refresh patches ==== eekboard ==== - Add fix-compile-on-gcc14.patch. ==== flashrom ==== Version update (1.4.0 -> 1.5.0) - Update to version 1.5.0 * https://www.flashrom.org/release_notes/v_1_5.html * Update flashrom.keyring ==== fwupd-efi ==== Version update (1.3 -> 1.7) - Update to version 1.7: * Fix compilation with GNU-EFI 4.0 - Use upstream tarball: source service isn't useful on this package - Add 106.patch: * Improves ARM32 crt0 by splitting header and code * Use pkgconfig for gnu-efi - fixes RISC-V build * Update lds from gnu-efi 4.0 - Update to version 1.6: * Require gnu-efi 3.0.18 or later * Ship an objcopy capable LDS for ARM64 * Detect gnu-efi via pkgconfig * Backport the ctors and dtors work from gnu-efi upstream * Tidy up crt0 generator * Add RISC-V support * Fix per NX bit and UEFI 2.10 Microsoft requirements - Remove un-needed BRs: * pkgconfig(efiboot) * pkgconfig(efivar) - Remove shim requirement: it doesn't need it, it's a UEFI binary - Restore ix86 and ARM32 support - Add RISC-V support - Remove patches (fixed upstream): * binutils-2.38-arm-objcopy.patch * binutils-2.38-arm-system-crt0.patch * ARM-fixes.patch ==== glslang ==== Version update (15.0.0 -> 15.1.0) - Update to release 15.1 * Add Vulkan 1.4 target and client * Implement GLSL_NV_cooperative_matrix2 * Emit OpModfStruct instead of depracated OpModf ==== gnome-calculator ==== Version update (47.0 -> 47.1) Subpackages: gnome-calculator-lang gnome-shell-search-provider-gnome-calculator - Update to version 47.1: + Announce the calculation result even when done through the buttons. + Set "Insert Character Code" dialog as modal. + Fixed incorrect units in financial mode. + Changed history view default size. + Fixed incorrectly sized text entry. + Updated translations. ==== meson ==== Version update (1.6.0 -> 1.6.1) Subpackages: meson-vim - Update to version 1.6.1: + Handle top level options set in subprojects. + modernize Rust template. + CMakeToolchain: Log output on compiler state failure. + rust: fix computation of library directory. + modules/rust: Add support for autolib field in the Cargo.toml. - Drop 13935.patch: fixed upstream. ==== mozjs128 ==== - Add mozjs128-CVE-2024-11498.patch: Backporting bf4781a2 from upstream, Check height limit in modular trees. Also rewrite the implementation to use iterative checking instead of recursive checking of tree property values, to ensure stack usage is low. Before, it was possible for appropriately-crafted files to use a significant amount of stack. (CVE-2024-11498, bsc#1233786) - Add mozjs128-CVE-2024-11403.patch: Backporting 9cc451b9 from upstream, Port the Huffman lookup table size fix from brunsli. (CVE-2024-11403, bsc#1233766) ==== openSUSE-release ==== Version update (20241217 -> 20241218) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== python-urllib3 ==== - Ignore DeprecationWarning in tests (bsc#1234681) ==== qalculate ==== Version update (5.2.0 -> 5.4.0) Subpackages: libqalculate23 qalculate-data - update to 5.4.0: - Option to continuously display result while editing expression - Option to specify number of displayed significant digits, instead of using precision - New functions: tripleProduct(), multilimit() - Improve decision to automatically convert unchanged quantity with unit - Improve ability to abort matrix functions - Add plot() function example, and support expression in y=f(x) format - Place "approx." on same line as value (instead of as equals sign) in qalc - Display "aborted" for long aborted result in qalc - Updated French translation - Fix case conversion of 碌 to M and similar - Fix segfault with very large integer raised by very large integer - Fix wrong output of converted unit with non-numerical exponent in some cases (e.g. ft^x converted to m without expansion) - Fix "sqrt(x-1/x)+sqrt(1-1/x)-x=0" when approximation is not exact - Fix clear using Ctrl+L when input line is not empty - Minor bug fixes and feature enhancements - update to 5.3.0: - Fix memory leaks - Fix segfault with recursive (self-referencing) function - Fix input of negative exponent in scientific e notation with RPN syntax - Fix parsing of 1掳2'3" as 1掳+2'+3" - Fix definite integral for 1/sqrt(1-x^2), with limits higher/lower than or equal to -1 and 1 - Fix crash with empty vector in plot function, e.g. plot([]) - Fix "did you mean..." warning for two implicitly multiplicated functions without space between (e.g. "atan2(a,b)atan2(c,d)") - Fix inability to abort randpoisson() with very high rate value - Fix Calculator::reset() - Improve handling of "where" expressions with inequalities - Place n and C last in variable isolation priority order - Remove unnecessary calculation for output of integers with non-decimal number base (fixes delay with very high precision) - Add nmi symbol for nautical mile - Add free_thread_caches() function - Add Calculator::parseToExpression() - Disable load() and export() functions when --disable-insecure compile option is enabled - Fix saving of percentage interpretation in qalc - Fix save definitions option in qalc - Fix interpretation of mH鈧侽, and related units with Unicode subscript in qalc - Fix line break for output from command line expression or file, before interactive mode - Avoid asking questions when reading commands/expressions from file before interactive mode - "unkeep" command (reverse of "keep") - Support abbreviations for scientific (sci) and engineering (eng) as options for scientific notation (exp) - Show error for unrecognized command line options when expression is separated from options by "--" - Do not show single input decimal number as fraction by default if small or large enough to be displayed using scientific notation - Minor bug fixes and feature enhancements ==== sdbootutil ==== Version update (1+git20241206.dccea55 -> 1+git20241217.5aeb4e9) Subpackages: sdbootutil-snapper sdbootutil-tukit - Update to version 1+git20241217.5aeb4e9: * Use only the first output line of findmount in free space calc - Update to version 1+git20241217.1370153: * Add trigger for grub2-bls ==== sendmail ==== Subpackages: libmilter1_0 - Add sendmail.8.18.1-reproducibleuname.patch to not embed the build machine's kernel version in debuginfo (boo#1234629)