Packages changed: Mesa Mesa-drivers bind (9.18.7 -> 9.18.8) dnsmasq (2.86 -> 2.87) drbd-utils gedit (43.alpha -> 43.1) git (2.38.0 -> 2.38.1) glib-networking gnome-packagekit (3.32.0 -> 43.0) gnome-shell (43.0 -> 43.1) gnome-shell-extensions (43.0 -> 43.1) gtksourceview4 (4.8.3 -> 4.8.4) irqbalance (1.9.1 -> 1.9.2) libmfx libpaper (1.2.2 -> 2.0.3) libsoup (3.2.1 -> 3.2.2) lvm2 lvm2-device-mapper mutter (43.0 -> 43.1) nodejs19 (19.0.0 -> 19.0.1) openexr perl-Clone (0.45 -> 0.46) perl-Mojolicious (9.27 -> 9.28) python-argparse-manpage (3 -> 4) python-filetype (1.0.10 -> 1.2.0) texlive texlive-specs-n (2022.195.2.005svn61719 -> 2022.196.2.005svn61719) virt-manager vym (2.8.41 -> 2.8.43) === Details === ==== Mesa ==== Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - Release 22.2.2 covers bugfixes for bsc#1197045,bsc#1197046,bsc#1200965,bsc#1202850 ==== Mesa-drivers ==== Subpackages: Mesa-dri Mesa-gallium Mesa-libva libxatracker2 - Release 22.2.2 covers bugfixes for bsc#1197045,bsc#1197046,bsc#1200965,bsc#1202850 ==== bind ==== Version update (9.18.7 -> 9.18.8) Subpackages: bind-doc bind-utils - Update to bind release 9.18.8 New Features: * Support for parsing and validating the dohpath service parameter in SVCB records was added. * named now logs the supported cryptographic algorithms during startup and in the output of named -V. * The recursion not available and query (cache) '...' denied log messages were extended to include the name of the ACL that caused a given query to be denied. Bug Fixes: * An assertion failure was fixed in named that was caused by aborting the statistics channel connection while sending statistics data to the client. * Changing just the TSIG key names for primaries in catalog zones’ member zones was not effective. This has been fixed. Known Issues: * Upgrading from BIND 9.16.32, 9.18.6, or any older version may require a manual configuration change. The following configurations are affected: - type primary zones configured with dnssec-policy but without either allow-update or update-policy, - type secondary zones configured with dnssec-policy. In these cases please add inline-signing yes; to the individual zone configuration(s). Without applying this change, named will fail to start. For more details, see https://kb.isc.org/docs/dnssec-policy-requires-dynamic-dns-or-inline-signing * BIND 9.18 does not support dynamic update forwarding (see allow-update-forwarding) in conjuction with zone transfers over TLS (XoT). This obsoletes the following patch: * fix_documentation-Sphinx.patch ==== dnsmasq ==== Version update (2.86 -> 2.87) - update to 2.87 (bsc#1197872, CVE-2022-0934): * Allow arbitrary prefix lengths in --rev-server and - -domain=....,local * Replace --address=/#/..... functionality which got missed in the 2.86 domain search rewrite. * Add --nftset option, like --ipset but for the newer nftables. * Add --filter-A and --filter-AAAA options, to remove IPv4 or IPv6 addresses from DNS answers. * Fix crash doing netbooting when --port is set to zero to disable the DNS server. Thanks to Drexl Johannes for the bug report. * Generalise --dhcp-relay. Sending via broadcast/multicast is now supported for both IPv4 and IPv6 and the configuration syntax made easier (but backwards compatible). * Add snooping of IPv6 prefix-delegations to the DHCP-relay system. * Finesse parsing of --dhcp-remoteid and --dhcp-subscrid. To be treated as hex, the pattern must consist of only hex digits AND contain at least one ':'. Thanks to Bengt-Erik Sandstrom who tripped over a pattern consisting of a decimal number which was interpreted surprisingly. * Include client address in TFTP file-not-found error reports. Thanks to Stefan Rink for the initial patch, which has been re-worked by me (srk). All bugs mine. * Note in manpage the change in behaviour of -address. This behaviour actually changed in v2.86, but was undocumented there. From 2.86 on, (eg) --address=/example.com/1.2.3.4 ONLY applies to A queries. All other types of query will be sent upstream. Pre 2.86, that would catch the whole example.com domain and queries for other types would get a local NODATA answer. The pre-2.86 behaviour is still available, by configuring --address=/example.com/1.2.3.4 --local=/example.com/ * Fix problem with binding DHCP sockets to an individual interface. Despite the fact that the system call tales the interface _name_ as a parameter, it actually, binds the socket to interface _index_. Deleting the interface and creating a new one with the same name leaves the socket bound to the old index. (Creating new sockets always allocates a fresh index, they are not reused). We now take this behaviour into account and keep up with changing indexes. * Add --conf-script configuration option. * Enhance --domain to accept, for instance, - -domain=net2.thekelleys.org.uk,eth2 so that hosts get a domain which relects the interface they are attached to in a way which doesn't require hard-coding addresses. Thanks to Sten Spans for the idea. * Fix write-after-free error in DHCPv6 server code. CVE-2022-0934 refers. * Add the ability to specify destination port in DHCP-relay mode. This change also removes a previous bug where --dhcp-alternate-port would affect the port used to relay _to_ as well as the port being listened on. The new feature allows configuration to provide bug-for-bug compatibility, if required. Thanks to Damian Kaczkowski for the feature suggestion. * Bound the value of UDP packet size in the EDNS0 header of forwarded queries to the configured or default value of edns-packet-max. There's no point letting a client set a larger value if we're unable to return the answer. Thanks to Bertie Taylor for pointing out the problem and supplying the patch. - drop dnsmasq-CVE-2022-0934.patch, dnsmasq-resolv-conf.patch (upstream) ==== drbd-utils ==== - bsc#1204276 remove crm-fence-peer.sh for drbd8 to avoid confusion with v9 ==== gedit ==== Version update (43.alpha -> 43.1) Subpackages: gedit-lang python3-gedit - Update to version 43.1: + Be able to build with Meson >= 0.61 + AppData fix + Add some BuildStream element files in build-aux/buildstream/ - Add api_ver define and set it to 3.38 - Update to version 43.0: + Come back to the source code of gedit 40.0 and continue again from there. It is based on the Tepl and Amtk libraries. The single Open button is again split in two with a drop-down menu for recent files. + Workaround for bug: text cut off at the bottom in certain situations. + Change app name from "Text Editor" back to "gedit". + AppData: some updates, take a new screenshot. + Remove gitlab-ci. + Remove outdated build-aux/osx/ directory (several MB). + Flatpak: generate JSON manifest from YAML manifest. + File browser plugin: more robust check if Nautilus GSettings can be used, even if the key doesn't exist anymore. + Rework the I/O error info bars. + Handle application/x-zerosize mimetype. + Small code maintenance. + Documentation updates. + Updated translations. - Rebase gedit-desktop.patch with quilt. - Add pkgconfig(amtk-5) and pkgconfig(tepl-6) BuildRequires: New dependencies. ==== git ==== Version update (2.38.0 -> 2.38.1) Subpackages: git-core git-email git-gui git-svn git-web gitk perl-Git - disable tests on s390x (check-chainlint) - update to 2.38.1 (bsc#1204455, CVE-2022-39253, bsc#1204456, CVE-2022-39260): * CVE-2022-39253: When relying on the `--local` clone optimization, Git dereferences symbolic links in the source repository before creating hardlinks (or copies) of the dereferenced link in the destination repository. This can lead to surprising behavior where arbitrary files are present in a repository's `$GIT_DIR` when cloning from a malicious repository. Git will no longer dereference symbolic links via the `--local` clone mechanism, and will instead refuse to clone repositories that have symbolic links present in the `$GIT_DIR/objects` directory. Additionally, the value of `protocol.file.allow` is changed to be "user" by default. * CVE-2022-39260: An overly-long command string given to `git shell` can result in overflow in `split_cmdline()`, leading to arbitrary heap writes and remote code execution when `git shell` is exposed and the directory `$HOME/git-shell-commands` exists. `git shell` is taught to refuse interactive commands that are longer than 4MiB in size. `split_cmdline()` is hardened to reject inputs larger than 2GiB. ==== glib-networking ==== Subpackages: glib-networking-lang - Fix build with gnutls 3.7.8: * tests: skip tls-exporter test for TLS 1.2 * https://gitlab.gnome.org/GNOME/glib-networking/-/issues/201 * Add glib-networking-gnutls-tls-exporter-tls12.patch ==== gnome-packagekit ==== Version update (3.32.0 -> 43.0) Subpackages: gnome-packagekit-lang - Update to version 43.0: + Add icon for critical updates. + Fix smallscreen support. + Add back logout support. + Automatically remove unused dependencies by default. - Add explicit pkgconfig(gio-2.0) BuildRequires, as meson checks for it. - Drop desktop-file-utils and gnome-menus-devel BuildRequires, no longer needed. - Drop patches fixed upstream: + gnome-packagekit-displaysize.patch + gnome-packagekit-bring-back-logout-support.patch + gnome-packagekit-define-HAVE_SYSTEMD.patch + gnome-packagekit-drop-NEWEST-on-get-updates.patch - Rebase patches with quilt. ==== gnome-shell ==== Version update (43.0 -> 43.1) Subpackages: gnome-extensions gnome-shell-calendar gnome-shell-lang - Update to version 43.1: + Fix default keyboard layout during initial setup. + Show Bluetooth switch in more cases. + Include origin in sound device switcher. + Fix remembering inhibit-shortcut permission for multiple apps. + Forward TERMINAL input purpose to ibus. + Fix style glitches. + Fix tracking of newly installed apps. + Fix space key getting stuck in on-screen keyboard. + Fix showing passwords as on-screen keyboard suggestions. + Fix network portal regression. + Fix possible freeze during initialization. + Misc. bug fixes and cleanups. + Updated translations. ==== gnome-shell-extensions ==== Version update (43.0 -> 43.1) Subpackages: gnome-shell-classic gnome-shell-extensions-common gnome-shell-extensions-common-lang - Update to version 43.1: + Fixed crash. + Misc. bug fixes and cleanups. + Updated translations. ==== gtksourceview4 ==== Version update (4.8.3 -> 4.8.4) Subpackages: gtksourceview4-lang libgtksourceview-4-0 typelib-1_0-GtkSource-4 - Update to version 4.8.4: + Style updates to kate, classic, tango. + Language updates to vala, python3, c, cuda, latex. + Add unit tests for language specs. + Updated translations. ==== irqbalance ==== Version update (1.9.1 -> 1.9.2) Subpackages: irqbalance-ui - update to 1.9.2: * avoid coredump on build_one_dev_entry() * avoid double free on deinit_thermal() * change the log level in thermal.c * fix a minor typo - drop Avoid-double-free-on-deinit_thermal.patch, uninitialized.patch: (upstream) ==== libmfx ==== - needed for jira#PED-1174 (Video decoding/encoding support (VA-API, ...) for Intel GPUs is outside of Mesa) ==== libpaper ==== Version update (1.2.2 -> 2.0.3) Subpackages: libpaper-tools - Update to 2.0.3: * avoid error in paperconfig * paperinit: fix a space leak in case of error parsing paperspecs * paper.c: make unit_list const char *, to fix a warning * paper.c: fix a trivial leak * fix segfault when HOME is unset (thanks, Werner Fink) * fix a segfault in systempapername() (fix from Werner Fink, thanks!) * hardwire papersize configuration filename to ‘papersize’ - Remove upstreamed libpaper-foul.patch ==== libsoup ==== Version update (3.2.1 -> 3.2.2) Subpackages: libsoup-3_0-0 libsoup-lang typelib-1_0-Soup-3_0 - Update to version 3.2.2: + Various HTTP/2 Fixes: - Fix `content-sniffed` not being emitted for resources without content. - Fix leak of SoupServerConnection when stolen. - Enable tests on 32-bit again, fixed upstream. ==== lvm2 ==== Subpackages: liblvm2cmd2_03 - killed lvmlockd doesn't clear/adopt locks leading to inability to start volume group (bsc#1203216) - bug-1203216_lvmlockd-purge-the-lock-resources-left-in-previous-l.patch ==== lvm2-device-mapper ==== Subpackages: device-mapper libdevmapper-event1_03 libdevmapper1_03 libdevmapper1_03-32bit - killed lvmlockd doesn't clear/adopt locks leading to inability to start volume group (bsc#1203216) - bug-1203216_lvmlockd-purge-the-lock-resources-left-in-previous-l.patch ==== mutter ==== Version update (43.0 -> 43.1) Subpackages: mutter-lang - Update to version 43.1: + Add quirk to work around issue with Mali GPUs. + Notify changes to night-light support over D-Bus. + Fix always-on-top windows unexpectedly taking focus. + Fix accidental direct scanout. + Disable client modifiers with amdgpu driver. + Cancel pointer gesture on wl_pointer.leave. + Add black padding to fixed-size wayland fullscreen windows. + Stop sending frame callbacks to minimized clients. + Fix scrolling in clients with no hi-res scroll support in RDP. + Fix skipped low-res scroll events with some high-res mice. + Throttle interactive move and resize updates. + wayland-keyboard: Send pressed keys on enter. + Fix some X11 windows getting unredirected erroneously. + Fix Flatpak applications bypassing X11 permission. + Fix always visible cursor in virtual streams. + Fixed crashes. + Misc. bug fixes and cleanups. + Updated translations. - Drop b81429ac.patch: Fixed upstream. ==== nodejs19 ==== Version update (19.0.0 -> 19.0.1) Subpackages: npm19 - Fix migration to openssl-3 (bsc#1205042) - Update to version 19.0.1: * inspector: DNS rebinding in --inspect via invalid octal IP (bsc#1205119, CVE-2022-43548) ==== openexr ==== Subpackages: libIex-3_1-30 libIlmThread-3_1-30 libOpenEXR-3_1-30 - Add _constraints: 6000 MiB memory ==== perl-Clone ==== Version update (0.45 -> 0.46) - updated to 0.46 see /usr/share/doc/packages/perl-Clone/Changes 0.46 2022-10-18 20:23:00 garu - fix backwards compatibility with older perls (haarg) - bump MANIFEST to include extra tests ==== perl-Mojolicious ==== Version update (9.27 -> 9.28) - updated to 9.28 see /usr/share/doc/packages/perl-Mojolicious/Changes 9.28 2022-09-12 - Fixed a bug where async/await use could result in unhandled promise warnings. (batman) ==== python-argparse-manpage ==== Version update (3 -> 4) - Update to v4 News in v4 The manual page generator logic is now separated from the 'build_manpages' module (which provides setup.py integration helpers). Therefore the argparse-manpage doesn't necessarily have to depend on setuptools. Projects that want to integrate using 'setup.py' should though place a new "extra" named 'argparse-manpage[setuptools]' into their set of build requirements in project.toml file. The old 'build_manpage' command (!= 'build_manpages') is now more isolated from the rest of the code, likely never loaded. the Manpage class API was changed in v3 so it required an additional constructor 'data' argument. This change was reverted, and the only argument is again the ArgumentParser object. The 'version' and 'description' options were fixed. New options 'manual_section' and 'manual_title' were added. The manual page now automatically generates a current date in headers. Several groff escaping issues were fixed. ==== python-filetype ==== Version update (1.0.10 -> 1.2.0) - Update to 1.2.0 * Merge pull request #147 from sayanarijit/fix-146 * Add tests for m4a * Try matching audio before video * Merge pull request #145 from RSabet/master * update README to include avif * added image filetype avif * Update __init__.py * Merge pull request #141 from ferstar/master * test: remove unused imported(F401) * refactor: duck-typing reading magic string and try to restore the reader position if possible * test: fix E275 missing whitespace after keyword * test: Use tox pipeline instead of pytest * test: ignore E501 error for flake8 check * fix: CLI params parser * Merge pull request #137 from ferstar/master * fix: guess ".docx" func and add another doc file test case * fix: guess ".doc" func and add another doc file test case * test: skip benchmark test in tox config * fix: restore reader position after retrieving signature bytes * Merge pull request #136 from ferstar/master * test: no need to skip zstd test case * Merge pull request #135 from ferstar/master * fix: regression for file-like obj file type detection * Merge pull request #134 from babenek/actions * Merge pull request #129 from ferstar/master - Update to 1.1.0 * Merge branch 'master' into master * Merge pull request #133 from magbyr/master * Merge pull request #131 from babenek/master * CI workflow in github actions * Changed to if statements in matching method * Changed return method because of coverage calculation problems * Apply suggestions from code review * README changes * Linter changes * Added document filetypes for doc, docx, odt, xls, xlsx, ods, ppt, pptx and odp. Added tests and sample documents for document filetypes * Fix undocumented exception * style: Simplify binary to integer method * feat: add zstd skippable frames support * test: fix the tox config and missing test sample files * test: fix the zst test sample file * fix(readme): rst syntax wtf - Update to 1.0.13 * feat(history): update changes - Update to 1.0.12 * Merge pull request #127 from ferstar/master * Merge pull request #123 from levrik/patch-1 * Merge pull request #126 from babenek/master * docs: add zstd type * fix: remove unnecessary duck-typing try * feat: add zst(d) type * chore: fix lint errors * test: fix memoryview test cases * BugFix for uncaught exceptions * Support PDF with BOM - Update to 1.0.11 * chore(version): bump patch * chore(version): bump patch * refactor(apng) * refactor(apng) * Merge pull request #120 from CatKasha/apng * fix typo * add APNG support (part 3) * add APNG support (part 2) * add APNG support (part 1) * chore(history): version notes * Merge branch 'master' of https://github.com/h2non/filetype.py * feat: version bump * Merge pull request #118 from smasty/woff-flavors-support * fix(font): minimum length check (woff) * Update __init__.py * Update setup.py * Merge pull request #109 from fraang/master * Add support for more WOFF/WOFF2 flavors * Merge pull request #114 from andersk/m4a * fix(base): remove property decorator * Use correct audio/mp4 type for m4a. ==== texlive ==== Subpackages: libkpathsea6 libsynctex2 - Make it build even ol ppc64le ==== texlive-specs-n ==== Version update (2022.195.2.005svn61719 -> 2022.196.2.005svn61719) - The boldtensors styles should require the bbold fonts - Use https for urls - Update mltex to latest version 4.2svn63213 as upstream has now removed all .dvi, .pdf, and .tex files from doc tree due to the used Creative Commons Attribution-NonCommercial-ShareAlike license ==== virt-manager ==== Subpackages: virt-install virt-manager-common - Refresh test skips - Drop the very old "Obsoletes: python-virtinst <= 0.600.4" virt-manager.spec - Upstream bug fixes (bsc#1027942) 11a887ec-cli-disk-Add-driver.metadata_cache-options.patch 7295ebfb-tests-cli-Fix-test-output-after-previous-commit.patch 58f5e36d-fsdetails-Fix-an-error-with-source.socket-of-virtiofs.patch c22a876e-tests-Add-a-compat-check-for-linux2020-in-amd-sev-test-case.patch fbdf0516-cli-cpu-Add-maxphysaddr.mode-bits-options.patch b0d05167-cloner-Sync-uuid-and-sysinfo-system-uuid.patch 999ccb85-virt-install-unattended-and-cloud-init-conflict.patch ==== vym ==== Version update (2.8.41 -> 2.8.43) - Update to upstream Version 2.8.43 - Bugfix for setting URL after retrieving data from Jira