Packages changed: containerd (1.6.16 -> 1.6.19) drkonqi5 glslang (12.0.0 -> 12.1.0) hplip kernel-default-base libopenmpt (0.6.8 -> 0.6.9) runc (1.1.4 -> 1.1.5) shaderc (2022.4 -> 2023.2) xorg-x11-server yast2 (4.6.1 -> 4.6.2) yast2-country (4.6.0 -> 4.6.1) === Details === ==== containerd ==== Version update (1.6.16 -> 1.6.19) - Update to containerd v1.6.19 for Docker v23.0.2-ce. Upstream release notes: <https://github.com/containerd/containerd/releases/tag/v1.6.19> Includes fixes for: - CVE-2023-25153 bsc#1208423 - CVE-2023-25173 bsc#1208426 ==== drkonqi5 ==== Subpackages: drkonqi5-lang - Replace '%service_del_postun -n' with '%service_del_postun_without_restart' ==== glslang ==== Version update (12.0.0 -> 12.1.0) - Update to release 12.1.0: * Reject non-float inputs/outputs for version less than 120 * Fix invalid BufferBlock decoration for SPIR-V 1.3 and above * Add HLSL relaxed-precision float/int matrix expansions * Block decorate Vulkan structs with RuntimeArrays * Support InterlockedAdd on float types - Delete 0001-build-set-SOVERSION-on-all-libraries.patch: fixed upstream - Split part of glslang-devel to glslang-nonstd-devel. ==== hplip ==== Subpackages: hplip-hpijs hplip-udev-rules - Add patch to fix hplip applying printf string format parsing to printer attributes returned from CUPS (such as "dnssd://foo%20series._ipp._tcp.local/?uuid=...") which results in a segfault (boo#1209866, lp#2013185): * fix-printer-attributes-parsing.patch ==== kernel-default-base ==== - Add exfat (boo#1208822) ==== libopenmpt ==== Version update (0.6.8 -> 0.6.9) - Update to 0.6.9 * [Bug] An exception could be thrown during rendering when trying to access the release node of an empty envelope. * The fix for the OPL cutoff bug introduced in libopenmpt 0.6.7 was incomplete. * ULT: Offset commands exceeding 65535 samples were sometimes not imported correctly even if there was room for them. * After seeking with seek.sync_samples=1, the filter settings of playing notes were not updated since libopenmpt 0.6.7. * Loading of and seeking inside (malformed) modules with thousands of short sub-songs has been sped up. ==== runc ==== Version update (1.1.4 -> 1.1.5) - Update to runc v1.1.5. Upstream changelog is available from <https://github.com/opencontainers/runc/releases/tag/v1.1.5>. Includes fixes for the following CVEs: - CVE-2023-25809 bsc#1209884 - CVE-2023-27561 bsc#1208962 - CVE-2023-28642 bsc#1209888 * Fix the inability to use `/dev/null` when inside a container. * Fix changing the ownership of host's `/dev/null` caused by fd redirection (a regression in 1.1.1). bsc#1168481 * Fix rare runc exec/enter unshare error on older kernels. * nsexec: Check for errors in `write_log()`. - Drop version-specific Go requirement. ==== shaderc ==== Version update (2022.4 -> 2023.2) - Update to release 2023.2 * Fix C++20 compatibility: explicitly construct string_piece when comparing to `char *` ==== xorg-x11-server ==== Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra - U_xserver-composite-Fix-use-after-free-of-the-COW.patch * overlay window use-after-free (CVE-2023-1393, ZDI-CAN-19866, bsc#1209543) ==== yast2 ==== Version update (4.6.1 -> 4.6.2) Subpackages: yast2-logs - Replace calls to mkinitrd with dracut as mkinitrd will be dropped (bsc#1203019) - 4.6.2 ==== yast2-country ==== Version update (4.6.0 -> 4.6.1) Subpackages: yast2-country-data - Replace call to mkinitrd with dracut (bsc#1203019) - 4.6.1