Packages changed: bash (5.1.12 -> 5.1.16) installation-images-MicroOS (17.36 -> 17.38) libqt5-qtbase (5.15.2+kde268 -> 5.15.2+kde294) libqt5-qtdeclarative (5.15.2+kde36 -> 5.15.2+kde43) libqt5-qtquickcontrols2 (5.15.2+kde8 -> 5.15.2+kde10) libqt5-qtsvg (5.15.2+kde13 -> 5.15.2+kde16) libqt5-qtvirtualkeyboard (5.15.2+kde4 -> 5.15.2+kde6) libqt5-qtwayland (5.15.2+kde37 -> 5.15.2+kde44) libqt5-qtwebchannel (5.15.2+kde2 -> 5.15.2+kde5) readline yast2 (4.4.36 -> 4.4.39) === Details === ==== bash ==== Version update (5.1.12 -> 5.1.16) Subpackages: bash-sh - Update bash 5.1 to patch level 16 * Add official patch bash51-013 Bash did not always perform tilde expansion following an unquoted colon on the rhs of an assignment statement in posix mode. * Add official patch bash51-014 Bash may produce corrupted input if a multibyte character spans a 512-byte boundary while reading the output of a command substitution. * Add official patch bash51-015 There are some characters (e.g., cyrillic) that can't be displayed using certain single-byte encodings (e.g., cp1251) because the negative signed int is interpreted as EOF and not displayed. * Add official patch bash51-016 Multiple `!' tokens should toggle negation of an expression in a [[ conditional command, instead of simply negating the expression. ==== installation-images-MicroOS ==== Version update (17.36 -> 17.38) - merge gh#openSUSE/installation-images#569 - re-add mount.nfs (bsc#1195035) - fix locale handling - 17.38 - merge gh#openSUSE/installation-images#568 - etc: update module.config to match 5.17 - 17.37 ==== libqt5-qtbase ==== Version update (5.15.2+kde268 -> 5.15.2+kde294) Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5OpenGL5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 - Update to version 5.15.2+kde294: * QTzTimeZonePrivate::init(): fix handling of empty ID * Restore support for reading /etc/timezone for system zone name * QPathEdge: Fix array initialization * QTzTimeZonePrivate: fix UB (data race on m_icu) * Don't access QObject::objectName during QThread start * Restore C++11 compatibility after e8b9f4c28d3ab5e960dc54f2dc0c4b749b0b50e0 * QVarLengthArray: fix size update on failed append() * Call statx() with AT_NO_AUTOMOUNT * QThread: Remove superfluous initialization of threadId on Unix * QThread: Reset the system thread ID when thread exits on Unix * Add missing macOS header file that was indirectly included before * QXcb: don't dereference pointer before checking * xcb: avoid to use invalid pointers * QVarLengthArray: fix insert() type/alias mismatch between decl and impl * Use qint64 to replace int while qt_transform_image_rasterize * QVarLengthArray: assert that the range passed to erase() is valid * Fix pattern type matching * QThread: fix UB (invalid enum value) on Private::Priority * Use block char format to render list item bullets and numbers * QDateTime: Don't require c++17 * QVariantAnimation: fix UB (FP 0/0) in interpolated() arg calculation * QDateTime: fix UB (signed overflow) in addDays() * QString: fix UB (pointer arithmetic on nullptr) in qLastIndexOf * tst_QIODevice: fix UB (precondition violation) in SequentialReadBuffer::readData() * QVarLengthArray: fix UB (precondition violation) in range-erase() * Fix segmentation fault in QObject::dumpObjectInfo ==== libqt5-qtdeclarative ==== Version update (5.15.2+kde36 -> 5.15.2+kde43) - Update to version 5.15.2+kde43: * QQmlJs::FixedPoolArray: fix UB (precondition violation) in allocate() * Fix crash during model reset * QQuickWindow: don't leak old screenChanged connections * qqmldelegatemodel: Fix out of bounds cache removal * QQuickItemAnimation: close potential memory leak ==== libqt5-qtquickcontrols2 ==== Version update (5.15.2+kde8 -> 5.15.2+kde10) Subpackages: libQt5QuickControls2-5 libQt5QuickTemplates2-5 - Update to version 5.15.2+kde10: * QQuickAction: don't grab the same shortcut multiple times * Ensure we don't crash when changing sizes after cleanup ==== libqt5-qtsvg ==== Version update (5.15.2+kde13 -> 5.15.2+kde16) - Update to version 5.15.2+kde16: * Unconditionally stop parsing after the svg end tag * SVG Image reading: Reject oversize svgs as corrupt * Do stricter error checking when parsing path nodes ==== libqt5-qtvirtualkeyboard ==== Version update (5.15.2+kde4 -> 5.15.2+kde6) Subpackages: libQt5VirtualKeyboard5 - Update to version 5.15.2+kde6: * Fix processing of hard Qt::Key_Backspace and Qt::Key_Delete * Fix high CPU utilization caused by key repeat timer ==== libqt5-qtwayland ==== Version update (5.15.2+kde37 -> 5.15.2+kde44) Subpackages: libQt5WaylandClient5 libQt5WaylandCompositor5 - Update to version 5.15.2+kde44: * Move the wayland socket polling to a separate event thread * Connect flushRequest after forceRoundTrip * Handle registry_global out of constructor * Client: Avoid processing of events when showing windows * Client: Delay deletion of QDrag object until after we're done with it * Client: Implement DataDeviceV3 * Set preedit cursor when cursor equals to 0 - Drop patches, now upstream: * 0001-Client-Avoid-processing-of-events-when-showing-windo.patch ==== libqt5-qtwebchannel ==== Version update (5.15.2+kde2 -> 5.15.2+kde5) Subpackages: libQt5WebChannel5 libQt5WebChannel5-imports - Update to version 5.15.2+kde5: * QMetaObjectPublisher: Never send stale queued messages * Handle per-transport client idle status * Handle signals in the registered object's thread ==== readline ==== - Add official patch readline81-002 and its signature * There are some characters (e.g., cyrillic) that can't be displayed using certain single-byte encodings (e.g., cp1251) because the negative signed int is interpreted as EOF and not displayed. ==== yast2 ==== Version update (4.4.36 -> 4.4.39) - Preload libsuseconnect.so if avaiable. On aarch64 installer/YaST sometimes failed to load libsuseconnect.so with "cannot allocate memory in static TLS block" error. Loading the library before others solves the problem until a better solution is found (bsc#1194996). - 4.3.39 - Unify Package, PackageSystem and PackageAI. Now the Package module is the entry point. PackageSystem and PackageAI implement specific logic and they should not be referenced from outside (bsc#1194886). - 4.3.38 - Fix CWM dialog: argument delegation is handled differently in ruby 2.6 and before (bsc#1194984). - 4.4.37