Packages changed: Mesa Mesa-drivers gnome-sudoku (43.0 -> 43.1) icewm (3.3.0 -> 3.3.1) kernel-source (6.1.7 -> 6.1.8) libpcap (1.10.1 -> 1.10.3) libvirt (8.10.0 -> 9.0.0) nano (7.1 -> 7.2) python-libvirt-python (8.10.0 -> 9.0.0) samba (4.17.4+git.303.89e23854eb7 -> 4.17.4+git.314.7b07e3c51a6) sendmail squid systemd virtualbox (7.0.4 -> 7.0.6) virtualbox-kmp (7.0.4_k6.1.7_1 -> 7.0.6_k6.1.8_1) vlgothic-fonts xf86-video-qxl (0.1.5 -> 0.1.6) zeromq === Details === ==== Mesa ==== Subpackages: Mesa-dri-devel Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - force usage of gcc 12 only on Leap 15.5; there is no gcc12 on Leap 15.4 - Add BuildRequires for x264 and x265 in case video_codecs should be built. - re-enable build on Leap, but only for 15.5; there is no gcc12 on Leap 15.4, which is now officially required by Mesa 22.3 ==== Mesa-drivers ==== Subpackages: Mesa-dri Mesa-gallium Mesa-libva libxatracker2 - force usage of gcc 12 only on Leap 15.5; there is no gcc12 on Leap 15.4 - Add BuildRequires for x264 and x265 in case video_codecs should be built. - re-enable build on Leap, but only for 15.5; there is no gcc12 on Leap 15.4, which is now officially required by Mesa 22.3 ==== gnome-sudoku ==== Version update (43.0 -> 43.1) Subpackages: gnome-sudoku-lang - Update to version 43.1: + Revert "Fix redundant undo stack entries for earmarks". + Warnings when solution to puzzle is violated no longer consider earmarks. + Updated translations. ==== icewm ==== Version update (3.3.0 -> 3.3.1) Subpackages: icewm-config-upstream icewm-default icewm-lang icewm-lite - Update to 3.3.1: * Fully support nanosvg as an alternative to librsvg. * Rolled up windows can now be moved vertically with icesh. * Fix multi-monitor when primary monitor is right-below of secondary. * Don't resize when a client adjusts its WM_NORMAL_HINTS increments. * Report the audio interface in the configure summary. * Consider that the keyboard may have been changed externally. * Increase the timeout for the dynamic menu generator to 2 seconds. * Don't reactivate a focused window when RaiseOnClick is guaranteed. * Let the winoption "ignorePositionHint" also ignore the USPosition. * Fix the "ignoreOverrideRedirect" winoption. * Let icesh also spy on RandR monitor configuration events. ==== kernel-source ==== Version update (6.1.7 -> 6.1.8) - Linux 6.1.8 (bsc#1012628). - dma-buf: fix dma_buf_export init order v2 (bsc#1012628). - btrfs: fix trace event name typo for FLUSH_DELAYED_REFS (bsc#1012628). - wifi: iwlwifi: fw: skip PPAG for JF (bsc#1012628). - pNFS/filelayout: Fix coalescing test for single DS (bsc#1012628). - selftests/bpf: check null propagation only neither reg is PTR_TO_BTF_ID (bsc#1012628). - net: ethernet: marvell: octeontx2: Fix uninitialized variable warning (bsc#1012628). - tools/virtio: initialize spinlocks in vring_test.c (bsc#1012628). - vdpa/mlx5: Return error on vlan ctrl commands if not supported (bsc#1012628). - vdpa/mlx5: Avoid using reslock in event_handler (bsc#1012628). - vdpa/mlx5: Avoid overwriting CVQ iotlb (bsc#1012628). - virtio_pci: modify ENOENT to EINVAL (bsc#1012628). - vduse: Validate vq_num in vduse_validate_config() (bsc#1012628). - vdpa_sim_net: should not drop the multicast/broadcast packet (bsc#1012628). - net/ethtool/ioctl: return -EOPNOTSUPP if we have no phy stats (bsc#1012628). - r8169: move rtl_wol_enable_rx() and rtl_prepare_power_down() (bsc#1012628). - r8169: fix dmar pte write access is not set error (bsc#1012628). - bpf: keep a reference to the mm, in case the task is dead (bsc#1012628). - RDMA/srp: Move large values to a new enum for gcc13 (bsc#1012628). - selftests: net: fix cmsg_so_mark.sh test hang (bsc#1012628). - btrfs: always report error in run_one_delayed_ref() (bsc#1012628). - x86/asm: Fix an assembler warning with current binutils (bsc#1012628). - f2fs: let's avoid panic if extent_tree is not created (bsc#1012628). - perf/x86/rapl: Treat Tigerlake like Icelake (bsc#1012628). - cifs: fix race in assemble_neg_contexts() (bsc#1012628). - memblock tests: Fix compilation error (bsc#1012628). - perf/x86/rapl: Add support for Intel Meteor Lake (bsc#1012628). - perf/x86/rapl: Add support for Intel Emerald Rapids (bsc#1012628). - of: fdt: Honor CONFIG_CMDLINE* even without /chosen node, take 2 (bsc#1012628). - fbdev: omapfb: avoid stack overflow warning (bsc#1012628). - Bluetooth: hci_sync: Fix use HCI_OP_LE_READ_BUFFER_SIZE_V2 (bsc#1012628). - Bluetooth: hci_qca: Fix driver shutdown on closed serdev (bsc#1012628). - wifi: brcmfmac: fix regression for Broadcom PCIe wifi devices (bsc#1012628). - wifi: mac80211: fix MLO + AP_VLAN check (bsc#1012628). - wifi: mac80211: reset multiple BSSID options in stop_ap() (bsc#1012628). - wifi: mac80211: sdata can be NULL during AMPDU start (bsc#1012628). - nommu: fix memory leak in do_mmap() error path (bsc#1012628). - nommu: fix do_munmap() error path (bsc#1012628). - nommu: fix split_vma() map_count error (bsc#1012628). - proc: fix PIE proc-empty-vm, proc-pid-vm tests (bsc#1012628). - Add exception protection processing for vd in axi_chan_handle_err function (bsc#1012628). - LoongArch: Add HWCAP_LOONGARCH_CPUCFG to elf_hwcap (bsc#1012628). - zonefs: Detect append writes at invalid locations (bsc#1012628). - nilfs2: fix general protection fault in nilfs_btree_insert() (bsc#1012628). - mm/shmem: restore SHMEM_HUGE_DENY precedence over MADV_COLLAPSE (bsc#1012628). - hugetlb: unshare some PMDs when splitting VMAs (bsc#1012628). - mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma (bsc#1012628). - serial: stm32: Merge hard IRQ and threaded IRQ handling into single IRQ handler (bsc#1012628). - Revert "serial: stm32: Merge hard IRQ and threaded IRQ handling into single IRQ handler" (bsc#1012628). - xhci-pci: set the dma max_seg_size (bsc#1012628). - usb: xhci: Check endpoint is valid before dereferencing it (bsc#1012628). - xhci: Fix null pointer dereference when host dies (bsc#1012628). - xhci: Add update_hub_device override for PCI xHCI hosts (bsc#1012628). - xhci: Add a flag to disable USB3 lpm on a xhci root port level (bsc#1012628). - usb: acpi: add helper to check port lpm capability using acpi _DSM (bsc#1012628). - xhci: Detect lpm incapable xHC USB3 roothub ports from ACPI tables (bsc#1012628). - prlimit: do_prlimit needs to have a speculation check (bsc#1012628). - USB: serial: option: add Quectel EM05-G (GR) modem (bsc#1012628). - USB: serial: option: add Quectel EM05-G (CS) modem (bsc#1012628). - USB: serial: option: add Quectel EM05-G (RS) modem (bsc#1012628). - USB: serial: option: add Quectel EC200U modem (bsc#1012628). - USB: serial: option: add Quectel EM05CN (SG) modem ... changelog too long, skipping 227 lines ... - commit 2ebd33f ==== libpcap ==== Version update (1.10.1 -> 1.10.3) - update to 1.10.3: * Sort the PUBHDR variable in Makefile.in in "ls" order. * Fix typo in comment in pflog.h. * Remove two no-longer-present files from .gitignore. * Update code and comments for handling failure to set promiscuous mode based on new information. - update to 1.10.2: * Build system updates * Developer visible fixes * Fix some formatting string issues found by cppcheck * "Dead" pcap_ts from pcap_open_dead() and ..._with_tstamp_precision(): Don't crash if pcap_breakloop() is called. * Savefiles: multiple bug fixes handling files * Capture: Never process more than INT_MAX packets in a pcap_dispatch() call, to avoid integer overflow * Packet filtering: PFLOG bug fixes and improvements * Fix memory leak in capture device open * Fix detection of CAN/CAN FD packets in direction check * Fix double-free crashes on errors such as running on a kernel with CONFIG_PACKET_MMAP not configured * Multiple CANbus bug fixes * Fix pcap_findalldevs() to find usbmon devices * Fix handling of VLAN tagged packets if the link-layer type is changed from DLT_LINUX_SLL to DLT_LINUX_SLL2 * Always turn on PACKET_AUXDATA * Correctly compute the "real" length for isochronous USB transfers ==== libvirt ==== Version update (8.10.0 -> 9.0.0) Subpackages: libvirt-client libvirt-daemon libvirt-daemon-config-network libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs - Update to libvirt 9.0.0 - jsc#PED-620 - Many incremental improvements and bug fixes, see https://libvirt.org/news.html#v9-0-0-2023-01-16 - Added patches: ef482951-apparmor-Allow-umount-dev.patch, d6a8b9ee-qemu-Fix-managed-no-when-creating-ethdev.patch ==== nano ==== Version update (7.1 -> 7.2) Subpackages: nano-lang - update to 7.2: * <Shift+Insert> is prevented from pasting in view mode. ==== python-libvirt-python ==== Version update (8.10.0 -> 9.0.0) - Update to 9.0.0 - Add all new APIs and constants in libvirt 9.0.0 - jsc#PED-620 ==== samba ==== Version update (4.17.4+git.303.89e23854eb7 -> 4.17.4+git.314.7b07e3c51a6) Subpackages: libsamba-policy0-python3 samba-ad-dc-libs samba-ad-dc-libs-32bit samba-client samba-client-32bit samba-client-libs samba-client-libs-32bit samba-gpupdate samba-ldb-ldap samba-libs samba-libs-32bit samba-libs-python3 samba-python3 samba-winbind samba-winbind-libs samba-winbind-libs-32bit - libdsdb-module-samba4 should be packaged as part of samba-libs and not samba-ad-dc-libs. Additionally no need for it to be removed conditionally. - Clean up logic for PAM migration settings in spec file. ==== sendmail ==== Subpackages: libmilter1_0 - Fix source URLs: ftp.sendmail.com was restructured and the pub/sendmail directory is now the root directory. - Switch over to https URLs - Fix wrong "without sysvinit", don't require sysvinit in that case ==== squid ==== - Disable NIS auth module (NIS is deprecated and get's currently removed) ==== systemd ==== Subpackages: libsystemd0 libsystemd0-32bit libudev1 libudev1-32bit systemd-32bit systemd-container systemd-devel systemd-lang udev - Drop 1000-Revert-getty-Pass-tty-to-use-by-agetty-via-stdin.patch It's no more necessary since util-linux 2.38 has been released in Factory. - Make sure we apply the presets on units shipped by systemd package ==== virtualbox ==== Version update (7.0.4 -> 7.0.6) - VirtualBox 7.0.6 (released January 17 2023) This is a maintenance release. The following items were fixed and/or added: [1] - VMM: Fixed guru running the FreeBSD loader on older Intel CPUs without unrestricted guest support (bug #21332) - GUI: Fixed virtual machines grouping when VM was created or modified in command line (bugs #11500, #20933) - GUI: Introduced generic changes in settings dialogs - VirtioNet: Fixed broken network after loading saved state (bug #21172) - Storage: Added support for increasing the size of the following VMDK image variants: monolithicFlat, monolithicSparse, twoGbMaxExtentSparse, twoGbMaxExtentFlat - VBoxManage: Added missing --directory switch for guestcontrol mktemp command - Mouse Integration: Guest was provided with extended host mouse state (bug #21139) - DnD: Introduced generic improvements - Guest Control: Fixed handling creation mode for temporary directories (bug #21394) - Linux Host and Guest: Added initial support for building UEK7 kernel on Oracle Linux 8 - Linux Host and Guest: Added initial support for RHEL 9.1 kernel - Linux Guest Additions: Added initial support for kernel 6.2 for vboxvideo - Audio: The "--audio" option in VBoxManage is now marked as deprecated; please use "--audio-driver" and "--audio-enabled" instead. This will allow more flexibility when changing the driver and/or controlling the audio functionality Additionally, it fixes 6 CVE's: [2] CVE-2023-21886 Oracle VM VirtualBox Core Multiple Yes 8.1 Network High None None Un- changed High High High Prior to 6.1.42, prior to 7.0.6 CVE-2023-21898 Oracle VM VirtualBox Core None No 5.5 Local Low Low None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 See Note 1 CVE-2023-21899 Oracle VM VirtualBox Core None No 5.5 Local Low Low None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 See Note 1 CVE-2023-21884 Oracle VM VirtualBox Core None No 4.4 Local Low High None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 CVE-2023-21885 Oracle VM VirtualBox Core None No 3.8 Local Low Low None Changed Low None None Prior to 6.1.42, prior to 7.0.6 See Note 2 CVE-2023-21889 Oracle VM VirtualBox Core None No 3.8 Local Low Low None Changed Low None None Prior to 6.1.42, prior to 7.0.6 Note 1: Applies to VirtualBox VMs running Windows 7 and later. Note 2: Applies to Windows only. Links: [1] https://www.virtualbox.org/wiki/Changelog-7.0#v6 [2] https://www.oracle.com/security-alerts/cpujan2023.html#AppendixOVIR - unify buildrequires to libopenssl-devel to handle openssl 3 transition ==== virtualbox-kmp ==== Version update (7.0.4_k6.1.7_1 -> 7.0.6_k6.1.8_1) - VirtualBox 7.0.6 (released January 17 2023) This is a maintenance release. The following items were fixed and/or added: [1] - VMM: Fixed guru running the FreeBSD loader on older Intel CPUs without unrestricted guest support (bug #21332) - GUI: Fixed virtual machines grouping when VM was created or modified in command line (bugs #11500, #20933) - GUI: Introduced generic changes in settings dialogs - VirtioNet: Fixed broken network after loading saved state (bug #21172) - Storage: Added support for increasing the size of the following VMDK image variants: monolithicFlat, monolithicSparse, twoGbMaxExtentSparse, twoGbMaxExtentFlat - VBoxManage: Added missing --directory switch for guestcontrol mktemp command - Mouse Integration: Guest was provided with extended host mouse state (bug #21139) - DnD: Introduced generic improvements - Guest Control: Fixed handling creation mode for temporary directories (bug #21394) - Linux Host and Guest: Added initial support for building UEK7 kernel on Oracle Linux 8 - Linux Host and Guest: Added initial support for RHEL 9.1 kernel - Linux Guest Additions: Added initial support for kernel 6.2 for vboxvideo - Audio: The "--audio" option in VBoxManage is now marked as deprecated; please use "--audio-driver" and "--audio-enabled" instead. This will allow more flexibility when changing the driver and/or controlling the audio functionality Additionally, it fixes 6 CVE's: [2] CVE-2023-21886 Oracle VM VirtualBox Core Multiple Yes 8.1 Network High None None Un- changed High High High Prior to 6.1.42, prior to 7.0.6 CVE-2023-21898 Oracle VM VirtualBox Core None No 5.5 Local Low Low None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 See Note 1 CVE-2023-21899 Oracle VM VirtualBox Core None No 5.5 Local Low Low None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 See Note 1 CVE-2023-21884 Oracle VM VirtualBox Core None No 4.4 Local Low High None Un- changed None None High Prior to 6.1.42, prior to 7.0.6 CVE-2023-21885 Oracle VM VirtualBox Core None No 3.8 Local Low Low None Changed Low None None Prior to 6.1.42, prior to 7.0.6 See Note 2 CVE-2023-21889 Oracle VM VirtualBox Core None No 3.8 Local Low Low None Changed Low None None Prior to 6.1.42, prior to 7.0.6 Note 1: Applies to VirtualBox VMs running Windows 7 and later. Note 2: Applies to Windows only. Links: [1] https://www.virtualbox.org/wiki/Changelog-7.0#v6 [2] https://www.oracle.com/security-alerts/cpujan2023.html#AppendixOVIR - unify buildrequires to libopenssl-devel to handle openssl 3 transition ==== vlgothic-fonts ==== - spec-cleaner run - fix URL ==== xf86-video-qxl ==== Version update (0.1.5 -> 0.1.6) - Update to version 0.1.6 * This release flushes out the last [checks calendar] ~6 years of patches that have been sitting on the master branch. Please see the git shortlog below for details. - supersedes the following patches * Xspice-python3.patch * n_disable-surfaces-on-kms.patch * n_hardcode_libdrm_cflags.patch * u_fix-build-against-xserver-21_1.patch ==== zeromq ==== Subpackages: libzmq5 zeromq-tools - qemu-user.patch: Fix build with qemu linux-user emulation