Packages changed: MozillaFirefox (103.0.2 -> 104.0) apparmor glibc (2.35 -> 2.36) libapparmor libcbor libheif manpages-l10n nfs-utils open-vm-tools (12.0.0 -> 12.1.0) osinfo-db python-hatchling (1.8.0 -> 1.8.1) rubygem-faraday (2.4.0 -> 2.5.2) rubygem-faraday-net_http (2.1.0 -> 3.0.0) rubygem-msgpack (1.5.4 -> 1.5.6) rubygem-parser (3.1.2.0 -> 3.1.2.1) rubygem-puma (5.6.4 -> 5.6.5) rubygem-rubocop (1.33.0 -> 1.35.1) rubygem-rubocop-ast (1.19.1 -> 1.21.0) === Details === ==== MozillaFirefox ==== Version update (103.0.2 -> 104.0) Subpackages: MozillaFirefox-translations-common - Mozilla Firefox 104.0 * https://www.mozilla.org/en-US/firefox/104.0/releasenotes MFSA 2022-33 (bsc#1202645) * CVE-2022-38472 (bmo#1769155) Address bar spoofing via XSLT error handling * CVE-2022-38473 (bmo#1771685) Cross-origin XSLT Documents would have inherited the parent's permissions * CVE-2022-38474 (bmo#1719511) Recording notification not shown when microphone was recording on Android * CVE-2022-38475 (bmo#1773266) Attacker could write a value to a zero-length array * CVE-2022-38477 (bmo#1760611, bmo#1770219, bmo#1771159, bmo#1773363) Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2 * CVE-2022-38478 (bmo#1770630, bmo#1776658) Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2, and Firefox ESR 91.13 - requires NSPR 4.34.1 NSS 3.81 rust 1.62 ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-docs apparmor-parser apparmor-parser-lang apparmor-profiles apparmor-utils apparmor-utils-lang pam_apparmor pam_apparmor-32bit python3-apparmor - add profiles-permit-php-fpm-pid-files-directly-under-run.patch https://gitlab.com/apparmor/apparmor/-/merge_requests/914 (bsc#1202344) ==== glibc ==== Version update (2.35 -> 2.36) Subpackages: glibc-32bit glibc-devel glibc-extra glibc-lang glibc-locale glibc-locale-base nscd - glibcextract-compile-c-snippet.patch: glibcextract.py: Add compile_c_snippet - sys-mount-kernel-definition.patch: linux: Mimic kernel definition for BLOCK_SIZE - sys-mount-usage.patch: linux: Fix sys/mount.h usage with kernel headers - Update to glibc 2.36 Major new features: * Support for DT_RELR relative relocation format has been added to glibc * On Linux, the pidfd_open, pidfd_getfd, and pidfd_send_signal functions have been added * On Linux, the process_madvise function has been added * On Linux, the process_mrelease function has been added * The “no-aaaa” DNS stub resolver option has been added * On Linux, the fsopen, fsmount, move_mount, fsconfig, fspick, open_tree, and mount_setattr have been added * localedef now accepts locale definition files encoded in UTF-8 * Support for the mbrtoc8 and c8rtomb multibyte/UTF-8 character conversion functions has been added per the ISO C2X N2653 and C++20 P0482R6 proposals * The functions arc4random, arc4random_buf, and arc4random_uniform have been added Deprecated and removed features, and other changes affecting compatibility: * Support for prelink will be removed in the next release * The Linux kernel version check has been removed along with the LD_ASSUME_KERNEL environment variable * On Linux, The LD_LIBRARY_VERSION environment variable has been removed - get-nprocs-sched-uninit-read.patch, get-nprocs-inaccurate.patch, strcmp-rtm-fallback.path, pt-load-invalid-hole.patch, localedef-ld-monetary.patch, nptl-spurious-eintr.patch, strncpy-power9-vsx.patch, nptl-cleanup-async-restore.patch, read-chk-cancel.patch, wcrtomb-fortify.patch, nptl-cleanup-async-restore-2.patch: Removed ==== libapparmor ==== Subpackages: libapparmor1 libapparmor1-32bit - add profiles-permit-php-fpm-pid-files-directly-under-run.patch https://gitlab.com/apparmor/apparmor/-/merge_requests/914 (bsc#1202344) ==== libcbor ==== - Install manual page in the correct man section ==== libheif ==== Subpackages: gdk-pixbuf-loader-libheif libheif1 - Support version 1.0.0 of dav1d - Added 0f8496f22d284e1a69df12fe0b72f375aed31315.patch ==== manpages-l10n ==== Subpackages: man-pages-cs man-pages-da man-pages-de man-pages-el man-pages-es man-pages-fr man-pages-hu man-pages-it man-pages-pl man-pages-pt_BR - Add manpages-l10n-4.15.0-fix-links.patch: Fix incorrect links in man2 (boo#1202798). ==== nfs-utils ==== Subpackages: libnfsidmap1 nfs-client nfs-kernel-server - sysconfig.nfs, nfs.conf: allow NFSv4 grace time to be set via sysconfig. SLE12 allowed this, SLE15 lost the ability. Add it back with the name NFSV4GRACETIME. Also improve description for NFSV4LEASETIME. (bsc#1202592) ==== open-vm-tools ==== Version update (12.0.0 -> 12.1.0) Subpackages: libvmtools0 open-vm-tools-desktop - Update to 12.1.0 (build 20219665) (boo#1202733) + New/Updated features: - Contains security update fix for (bsc#1202657) - (CVE-2022-31676) VUL-0: CVE-2022-31676: open-vm-tools: local privilege escalation vulnerability + A number of Coverity reported issues have been addressed. + [FTBFS] Fix the build of the ContainerInfo plugin for a 32-bit Linux release: https://github.com/vmware/open-vm-tools/pull/588 + Make HgfsConvertFromNtTimeNsec aware of 64-bit time_t on i386 (32-bit) This change incorporates the support of 64 bit time epoch conversion from Windows NT time to Unix Epoch time on i386. https://github.com/vmware/open-vm-tools/pull/387 - Drop patch now contained in 12.1.0: + gcc_size_t.patch ==== osinfo-db ==== - Add support for openSUSE Leap 15.5, SLES 15.5, and SLE Micro 5.3 add-opensuse-leap-15.5-support.patch add-sle15sp5-support.patch add-slem5.3-support.patch ==== python-hatchling ==== Version update (1.8.0 -> 1.8.1) - update to version 1.8.1: * Fixed: + Fix default file inclusion for wheel build targets when both the project name and package directory name are not normalized ==== rubygem-faraday ==== Version update (2.4.0 -> 2.5.2) - updated to version 2.5.2 see installed CHANGELOG.md ==== rubygem-faraday-net_http ==== Version update (2.1.0 -> 3.0.0) - updated to version 3.0.0 * Add support for the new Faraday streaming API by @iMacTia in #26 ==== rubygem-msgpack ==== Version update (1.5.4 -> 1.5.6) - updated to version 1.5.6 * No actual code change, just re-release the `java` version properly. ==== rubygem-parser ==== Version update (3.1.2.0 -> 3.1.2.1) - updated to version 3.1.2.1 Bugs fixed: * ruby31.y: fix preparing the state for one-line patterns without braces (#864) (Vladimir Dementyev) ==== rubygem-puma ==== Version update (5.6.4 -> 5.6.5) - updated to version 5.6.5 * Bugfixes * NullIO#closed should return false ([#2883]) * Puma::ControlCLI - allow refork command to be sent as a request ([#2868], [#2866]) * [jruby] Fix TLS verification hang ([#2890], [#2729]) * extconf.rb - don't use pkg_config('openssl') if '--with-openssl-dir' is used ([#2885], [#2839]) * MiniSSL - detect SSL_CTX_set_dh_auto ([#2864], [#2863]) * Fix rack.after_reply exceptions breaking connections ([#2861], [#2856]) * Escape SSL cert and filenames ([#2855]) * Fail hard if SSL certs or keys are invalid ([#2848]) * Fail hard if SSL certs or keys cannot be read by user ([#2847]) * Fix build with Opaque DH in LibreSSL 3.5. ([#2838]) * Pre-existing socket file removed when TERM is issued after USR2 (if puma is running in cluster mode) ([#2817]) * Fix Puma::StateFile#load incompatibility ([#2810]) ==== rubygem-rubocop ==== Version update (1.33.0 -> 1.35.1) - updated to version 1.35.0 [#]# 1.35.1 (2022-08-22) [#]## Bug fixes * [#10926](https://github.com/rubocop/rubocop/issues/10926): Make `Style/SafeNavigation` aware of a redundant nil check. ([@koic][]) * [#10944](https://github.com/rubocop/rubocop/issues/10944): Fix an incorrect autocorrect for `Lint/LiteralInInterpolation` when using `"#{nil}"`. ([@koic][]) * [#10921](https://github.com/rubocop/rubocop/issues/10921): Fix an error when ERB pre-processing of the configuration file. ([@koic][]) * [#10936](https://github.com/rubocop/rubocop/issues/10936): Fix an error for `Lint/NonAtomicFileOperation` when using `FileTest.exist?` as a condition for `elsif`. ([@koic][]) * [#10920](https://github.com/rubocop/rubocop/issues/10920): Fix an incorrect autocorrect for `Style/SoleNestedConditional` when using nested conditional and branch contains a comment. ([@koic][]) * [#10939](https://github.com/rubocop/rubocop/issues/10939): Fix an error for `Style/Next` when line break before condition. ([@koic][]) [#]# 1.35.0 (2022-08-12) [#]## New features * [#9364](https://github.com/rubocop/rubocop/pull/9364): Add `Style/MagicCommentFormat` cop. ([@dvandersluis][], [@mattbearman][]) * [#10776](https://github.com/rubocop/rubocop/pull/10776): New option (`consistent`) for `EnforcedShorthandSyntax` in `Style/HashSyntax` to avoid mixing shorthand and non-shorthand hash keys in ruby 3.1. ([@h-lame][]) [#]## Bug fixes * [#10899](https://github.com/rubocop/rubocop/issues/10899): Fix an error for `Lint/ShadowingOuterLocalVariable` when the same variable name as a block variable is used in return value assignment of `if`. ([@koic][]) * [#10916](https://github.com/rubocop/rubocop/pull/10916): Fix an error when .rubocop.yml is empty. ([@koic][]) * [#10915](https://github.com/rubocop/rubocop/pull/10915): Fix numblock support to `Layout/BlockAlignment`, `Layout/BlockEndNewline`, `Layout/EmptyLinesAroundAccessModifier`, `Layout/EmptyLinesAroundBlockBody`, `Layout/IndentationWidth`, `Layout/LineLength`, `Layout/MultilineBlockLayout`, `Layout/SpaceBeforeBlockBraces`, `Lint/NextWithoutAccumulator`, `Lint/NonDeterministicRequireOrder`, `Lint/RedundantWithIndex`, `Lint/RedundantWithObject`, `Lint/UnreachableLoop`, `Lint/UselessAccessModifier`, `Lint/Void`, `Metrics/AbcSize`, `Metrics/CyclomaticComplexity`, `Style/CollectionMethods`, `Style/CombinableLoops`, `Style/EachWithObject`, `Style/For`, `Style/HashEachMethods`, `Style/InverseMethods`, `Style/MethodCalledOnDoEndBlock`, `Style/MultilineBlockChain`, `Style/Next`, `Style/ObjectThen`, `Style/Proc`, `Style/RedundantBegin`, `Style/RedundantSelf`, `Style/RedundantSortBy` and `Style/TopLevelMethodDefinition`. ([@gsamokovarov][]) * [#10895](https://github.com/rubocop/rubocop/issues/10895): Fix incorrect autocomplete in `Style/RedundantParentheses` when a heredoc is used in an array. ([@dvandersluis][]) * [#10909](https://github.com/rubocop/rubocop/pull/10909): Fix loading behavior on running without `bundle exec`. ([@r7kamura][]) * [#10913](https://github.com/rubocop/rubocop/issues/10913): Make `Style/ArgumentsForwarding` aware of anonymous block argument. ([@koic][]) * [#10911](https://github.com/rubocop/rubocop/pull/10911): Fix Style/ClassMethodsDefinitions for non-self receivers. ([@sambostock][]) [#]## Changes * [#10915](https://github.com/rubocop/rubocop/pull/10915): Depend on rubocop-ast 1.20.1 for numblocks support in #macro?. ([@gsamokovarov][]) [#]# 1.34.1 (2022-08-09) [#]## Bug fixes * [#10893](https://github.com/rubocop/rubocop/issues/10893): Fix an error when running `rubocop` without `bundle exec`. ([@koic][]) [#]# 1.34.0 (2022-08-09) [#]## New features * [#10170](https://github.com/rubocop/rubocop/pull/10170): Add new `InternalAffairs/SingleLineComparison` cop. ([@dvandersluis][]) [#]## Bug fixes * [#10552](https://github.com/rubocop/rubocop/issues/10552): Require RuboCop AST 1.20.0+ to fix a false positive for `Lint/OutOfRangeRegexpRef` when using fixed-encoding regopt. ([@koic][]) * [#10512](https://github.com/rubocop/rubocop/issues/10512): Fix a false positive for `Lint/ShadowingOuterLocalVariable` conditional statement and block variable. ([@ydah][]) * [#10864](https://github.com/rubocop/rubocop/pull/10864): `min` and `max` results in false positives for `Style/SymbolProc` similarly to `select` and `reject`. ([@mollerhoj][]) * [#10846](https://github.com/rubocop/rubocop/issues/10846): Fix a false negative for `Style/DoubleNegation` when there is a hash or an array at return location of method. ([@nobuyo][]) * [#10875](https://github.com/rubocop/rubocop/pull/10875): Fix an obsolete option configuration values are duplicated when generating `.rubocop_todo.yml`. ([@ydah][]) * [#10877](https://github.com/rubocop/rubocop/issues/10877): Fix crash with `Layout/BlockEndNewline` heredoc detection. ([@dvandersluis][]) * [#10859](https://github.com/rubocop/rubocop/issues/10859): Fix `Lint/Debugger` to be able to handle method chains correctly. ([@dvandersluis][]) * [#10883](https://github.com/rubocop/rubocop/issues/10883): Fix `Style/RedundantParentheses` to be able to detect offenses and properly correct when the end parentheses and comma are on their own line. ([@dvandersluis][]) * [#10881](https://github.com/rubocop/rubocop/issues/10881): Fix `Style/SoleNestedConditional` to properly wrap `block` and `csend` nodes when necessary. ([@dvandersluis][]) * [#10867](https://github.com/rubocop/rubocop/pull/10867): Mark autocorrection for `Lint/EmptyConditionalBody` as unsafe. ([@dvandersluis][]) * [#10871](https://github.com/rubocop/rubocop/issues/10871): Restore `RuboCop::ConfigLoader.project_root` as deprecated. ([@koic][]) [#]## Changes * [#10857](https://github.com/rubocop/rubocop/issues/10857): Add `AllowedPatterns` to `Style/NumericLiterals`. ([@dvandersluis][]) * [#10648](https://github.com/rubocop/rubocop/issues/10648): Allow `Style/TernaryParentheses` to take priority over `Style/RedundantParentheses` when parentheses are enforced. ([@dvandersluis][]) * [#10731](https://github.com/rubocop/rubocop/issues/10731): Show tip for suggested extensions that are installed but not loaded in .rubocop.yml. ([@nobuyo][]) * [#10845](https://github.com/rubocop/rubocop/pull/10845): Support Bundler-like namespaced feature on require config. ([@r7kamura][]) * [#10773](https://github.com/rubocop/rubocop/issues/10773): Require Parser 3.1.2.1 or higher. ([@dvandersluis][]) ==== rubygem-rubocop-ast ==== Version update (1.19.1 -> 1.21.0) - updated to version 1.21.0 [#]## New features * [#231](https://github.com/rubocop/rubocop-ast/pull/231): Add a type predicate `dot?` to Token. ([@nobuyo][])