Packages changed: 7zip elfutils-debuginfod gcc13 (12.2.1+git537 -> 13.0.0+git197351) mozilla-nss (3.84 -> 3.85) mozjs102 (102.5.0 -> 102.6.0) python-lark (1.1.4 -> 1.1.5) python-pycares (4.2.2 -> 4.3.0) selinux-policy speech-dispatcher (0.10.2 -> 0.11.4) xorg-x11-server xwayland xz yast2-packager (4.5.8 -> 4.5.9) yast2-trans (84.87.20221203.a7355e12ff -> 84.87.20221210.680714a939) zlib === Details === ==== 7zip ==== - build for x86_64 subarchs the same way like for baseline ==== elfutils-debuginfod ==== Subpackages: debuginfod-profile libdebuginfod1 - Remove dependency to not used sysconfig package - Weaken systemd dependency, no hard requires necessary ==== gcc13 ==== Version update (12.2.1+git537 -> 13.0.0+git197351) Subpackages: libatomic1 libgcc_s1 libgfortran5 libgomp1 libobjc4 libquadmath0 libstdc++6 libstdc++6-locale libstdc++6-pp libubsan1 - Bump to 0a43f7b1a73c8e3b9cefffe430274d0a3d6d3291, git197351. - Bump libgo SONAME to libgo22. - Do not package libhwasan for biarch (32-bit architecture) as the extension depends on 64-bit pointers. - Sync cross.spec.in changes from gcc12 package. - Bump to 380d62c14c99d8df13b7a86660e7ee67d01ad827, git197210. - Adjust floatn fixincludes guard to work with SLE12 and earlier SLE15. - Bump to de144fdab17dbbb64ccb540056ab78b4ffb3fbbc, git197173. - Depend on at least LLVM 13 for GCN cross compiler. - Bump to 4304e09a1617bcf1c87f5bc96017ae5017379d75, git197155. - Rebase gcc44-rename-info-files.patch. - Bump to d13c359a49291f0a1206adbad4065677010b7e4b, git197143. - Sync changes from gcc12 package - Update embedded newlib to version 4.2.0 * includes newlib-4.1.0-aligned_alloc.patch - Allow cross-pru-gcc12-bootstrap for armv7l architecture. PRU architecture is used for real-time MCUs embedded into TI armv7l and aarch64 SoCs. We need to have cross-pru-gcc12 for armv7l in order to build both host applications and PRU firmware during the same build. - Bump to 2b0ae7fb91f64fb005abf7d7903fd4c0764bb45c, git197102. - Handle new libstdc++exp.a lib. - Bump to 5c0d171f67d082c353ddc319859111d3b9126c17, git196938. - Add 2 new headers. - Bump to b457b779427b0f7b3fbac447811c9c52db5bc79e, git196485. ==== mozilla-nss ==== Version update (3.84 -> 3.85) Subpackages: libfreebl3 libfreebl3-hmac libsoftokn3 libsoftokn3-hmac mozilla-nss-certs - update to NSS 3.85 * bmo#1792821 - Modification of the primes.c and dhe-params.c in order to have better looking tables * bmo#1796815 - Update zlib in NSS to 1.2.13 * bmo#1796504 - Skip building modutil and shlibsign when building in Firefox * bmo#1796504 - Use __STDC_VERSION__ rather than __STDC__ as a guard * bmo#1796407 - Fix -Wunused-but-set-variable warning from clang 15 * bmo#1796308 - Fix -Wtautological-constant-out-of-range-compare and -Wtype-limits warnings * bmo#1796281 - Followup: add missing stdint.h include * bmo#1796281 - Fix -Wint-to-void-pointer-cast warnings * bmo#1796280 - Fix -Wunused-{function,variable,but-set-variable} warnings on Windows * bmo#1796079 - Fix -Wstring-conversion warnings * bmo#1796075 - Fix -Wempty-body warnings * bmo#1795242 - Fix unused-but-set-parameter warning * bmo#1795241 - Fix unreachable-code warnings * bmo#1795222 - Mark _nss_version_c unused on clang-cl * bmo#1795668 - Remove redundant variable definitions in lowhashtest * Add note about python executable to build instructions. ==== mozjs102 ==== Version update (102.5.0 -> 102.6.0) - Update to version 102.6.0: + Various stability, functionality, and security fixes. + CVE-2022-46880: Use-after-free in WebGL. + CVE-2022-46872: Arbitrary file read from a compromised content process. + CVE-2022-46881: Memory corruption in WebGL. + CVE-2022-46874: Drag and Dropped Filenames could have been truncated to malicious extensions. + CVE-2022-46875: Download Protections were bypassed by .atloc and .ftploc files on Mac OS. + CVE-2022-46882: Use-after-free in WebGL. + CVE-2022-46878: Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6. ==== python-lark ==== Version update (1.1.4 -> 1.1.5) - Update to v1.1.5 * What's Changed setup.cfg: Replace deprecated license_file with license_files by @mgorny in #1209 Fix Github shenanigans by @erezsh in #1220 Fix AmbiguousExpander (Issue #1214) by @chanicpanic in #1216 Fix EOF line information in InteractiveParser.resume_parse() by @erezsh in #1224 Use generator instead of list expand or add method by @jmishra01 in #1225 ==== python-pycares ==== Version update (4.2.2 -> 4.3.0) - Update to version 4.3.0 * Bump cibuildwheel to build for Python 3.11 + CI total time speedups by @Jackenmen in #174 Fix tests that depended on external sites by @Jackenmen in #180 Complete the Python 3.11 support by @Jackenmen in #179 Drop CPython 3.6 by @saghul in #181 Improve test compatibility with pytest by @saghul in #182 Update c-ares submodule to 1.18.1 by @saghul in #183 ==== selinux-policy ==== Subpackages: selinux-policy-targeted - Added policy for wicked scripts under /etc/sysconfig/network/scripts (bnc#1205770) - Add fix_sendmail.patch * fix context of custom sendmail startup helper * fix context of /var/run/sendmail and add necessary rules to manage content in there ==== speech-dispatcher ==== Version update (0.10.2 -> 0.11.4) Subpackages: libspeechd2 python3-speechd - Update to version 0.11.4: - Update CLDR to version 42 and symbols from NVDA. - Fix audio plugin loading with dlopen. - Fix atomicity of getting reply in threaded mode. - Changes from 0.11.3: - Fix back DefaultModule configuration. - pico: Avoid falling to english when passed a bogus voice name. - espeak: Fix setting voice type. - Changes from 0.11.2: - Fix loading xx-yy locales. - Various memory leaks fixes. - Add mimic3 configuration file. - pico: Fix setting language vs voice. - Make sure that modules report a list of voices. - Update CLDR to version 41, symbols from NVDA and orca. - Allow building without ltdl. - Re-enable SSML in espeak-ng-mbrola module. - Changes from 0.11.1: - Add SPEECHD_PLUGIN_DIR environment variable. - Fix listing voices of the default module. - Changes from 0.11 - Support playing audio through the server. - modules: Add support for loading from user's .local/libexec/speech-dispatcher. - symbols: Process symbols.dic before emojis.dic. - symbols: Enable speechd symbols processing by default. - modules: Moved speech dispatcher modules to /usr/libexec/speech-dispatcher-modules - espeak-ng: Add support for mbrola voices. - mary: Add auto-detection. - mary: Add newer voices. - mary: Add volume, pitch, and rate support. - ivona: Add auto-detection. - festival: Strip head silence. - generic: Add DefaultVoice option. - es_ES: Add some gender neutral rules. - Add SPEECHD_CMD environment variable. - modules: Rewrite main functions with BSD licence, to let proprietary modules easily reuse this as a basis. - modules: Add skeletons ready for use as a basis for new modules. - Add script to run speechd from the build tree. - Update CLDR to version 39, symbols from NVDA and orca. - Add Esperanto translation. - Sort modules by quality, let the best quality module be the default. - Rebase harden_speech-dispatcherd.service.patch. - Migration to /usr/etc: Saving user changed configuration files in /etc and restoring them while an RPM update. - Added hardening to systemd service(s) (bsc#1181400). Added patch(es): * harden_speech-dispatcherd.service.patch ==== xorg-x11-server ==== Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra - U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch * XkbGetKbdByName use-after-free (ZDI-CAN-19530, CVE-2022-4283, bsc#1206017) - U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch * Server XTestSwapFakeInput stack overflow (ZDI-CAN 19265, CVE-2022-46340, bsc#1205874) - U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch * Xi: return an error from XI property changes if verification failed (no ZDI-CAN id, no CVE id, bsc#1205875) - U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch * Server XIChangeProperty out-of-bounds access (ZDI-CAN 19405, CVE-2022-46344, bsc#1205876) - U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch * Server XIPassiveUngrabDevice out-of-bounds access (ZDI-CAN 19381, CVE-2022-46341, bsc#1205877) - U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch * Server ScreenSaverSetAttributes use-after-free (ZDI-CAN 19404, CVE-2022-46343, bsc#1205878) - U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch * Server XvdiSelectVideoNotify use-after-free (ZDI-CAN 19400, CVE-2022-46342, bsc#1205879) ==== xwayland ==== - U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch * XkbGetKbdByName use-after-free (ZDI-CAN-19530, CVE-2022-4283, bsc#1206017) - U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch * Server XTestSwapFakeInput stack overflow (ZDI-CAN 19265, CVE-2022-46340, bsc#1205874) - U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch * Xi: return an error from XI property changes if verification failed (no ZDI-CAN id, no CVE id, bsc#1205875) - U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch * Server XIChangeProperty out-of-bounds access (ZDI-CAN 19405, CVE-2022-46344, bsc#1205876) - U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch * Server XIPassiveUngrabDevice out-of-bounds access (ZDI-CAN 19381, CVE-2022-46341, bsc#1205877) - U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch * Server ScreenSaverSetAttributes use-after-free (ZDI-CAN 19404, CVE-2022-46343, bsc#1205878) - U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch * Server XvdiSelectVideoNotify use-after-free (ZDI-CAN 19400, CVE-2022-46342, bsc#1205879) ==== xz ==== Subpackages: liblzma5 xz-lang - Rename xz-static-devel -> xz-devel-static to follow the general naming used in openSUSE. ==== yast2-packager ==== Version update (4.5.8 -> 4.5.9) - Merged PR https://github.com/yast/yast-packager/pull/623 by Christopher Yeleighton : Do not call [Install done] on aborted packages (boo#1203302) - 4.5.9 ==== yast2-trans ==== Version update (84.87.20221203.a7355e12ff -> 84.87.20221210.680714a939) Subpackages: yast2-trans-cs yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-fr yast2-trans-hu yast2-trans-it yast2-trans-ja yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ru yast2-trans-zh_CN yast2-trans-zh_TW - Update to version 84.87.20221210.680714a939: * New POT for text domain 'kdump'. * New POT for text domain 'users'. * Translated using Weblate (Romanian) * Translated using Weblate (Macedonian) ==== zlib ==== Subpackages: libminizip1 libz1 - build zlib with optflags again