Packages changed: MozillaFirefox (116.0.2 -> 116.0.3) bash-completion bluez ceph libimobiledevice (1.3.0+179git.20230430 -> 1.3.0+190git.20230705) mozc openvpn (2.6.5 -> 2.6.6) perl-Authen-SASL (2.16 -> 2.170.0) procps4 python-SQLAlchemy python-gssapi python-numpy (1.24.2 -> 1.25.2) sac shadow (4.13 -> 4.14.0) smartmontools (7.3 -> 7.4) === Details === ==== MozillaFirefox ==== Version update (116.0.2 -> 116.0.3) Subpackages: MozillaFirefox-translations-common - Mozilla Firefox 116.0.3 * Fixed an issue for OPFS users that broke access to files that were locally cached in a previous version (bmo#1847989, bmo#1847619) * Fixed an issue that was breaking screensharing for some users on Wayland (bmo#1841851) * Fixed an issue where a fullscreen notification was persistently being shown to a user, even after disabling it (bmo#1847901) * Fixed an issue where Firefox would hang when doing a Google search (bmo#1847066) - After further testing on memory consumption during linking, it's safe to remove most of the memory reducing options for ix86 linker. A combination of these actually resulted in the OOM condition. It's even possible to add basic debugging info while keeping linker memory consumption at about 2GB ==== bash-completion ==== - Modify patches * ls-completion-boo889319.patch * rm-completion-smart-boo958462.patch to avoid skipping spaces after last word on command line (boo#1210974) - Add patch fix_quote_readline_by_ref.patch * Do not escape leading ~ nor backslash and avoid empty quoting ==== bluez ==== Subpackages: bluez-auto-enable-devices bluez-cups bluez-zsh-completion libbluetooth3 - For pushing bluez 5.68 to 15-SP6 (bluez-5.65), sync change log: (jsc#PED-5599) - RPi-Move-the-43xx-firmware-into-lib-firmware.patch be removed by Stefan Seyfried since updating to bluez-5.66. (bsc#995059)(bsc#1094902) Because the header file has "#ifndef FIRMWARE_DIR...#define FIRMWARE_DIR /etc/firmare" instead of patching. So we just supply FIRMWARE_DIR on compiler's command line in bluez.spec: export CPPFLAGS="$CPPFLAGS -DFIRMWARE_DIR='\"/lib/firmware\"' ==== ceph ==== Subpackages: librados2 librbd1 - restrict to older Cython ==== libimobiledevice ==== Version update (1.3.0+179git.20230430 -> 1.3.0+190git.20230705) - Update to version 1.3.0+190git.20230705: * tools/idevicecrashreport: Silence compiler warning * Silence (v)asprintf related compiler warnings * Updated OpenSSL-specific code to use OpenSSL 3.0+ API * 3rd_party/libsrp6a-sha512: Updated to work with OpenSSL 3.0+ API * 3rd_party/libsrp6a-sha512: Update function definitions to modern style * 3rd_party/ed25519: Silence compiler warning about missing return value for fread * tools/idevicedebug: Add missing default case for switch statement * tools/idevicedevmodectl: Add missing include * idevice: Add missing include for Windows * idevice: Fix network address handling in other code paths too * idevice: Use network addresses as is from what we get from (lib)usbmuxd - restrict to Cython < 3 ==== mozc ==== Subpackages: fcitx-mozc ibus-mozc ibus-mozc-candidate-window mozc-gui-tools - Fix build without %jobs ==== openvpn ==== Version update (2.6.5 -> 2.6.6) - update to 2.6.6: * configure.ac: fix typ0 in LIBCAPNG_CFALGS * Avoid unused function warning/error on FreeBSD (and potientially others) * fix warning with gcc 12.2.0 (compiler bug?) * Fix CR_RESPONSE mangaement message using wrong key_id * Print a more user-friendly error when tls-crypt-v2 client auth fails * Ignore Ipv6 route delete request on Android and set ipv4 verbosity to 7 * Revert commit 423ced962d * Implement using --peer-fingerprint without CA certificates * show extra info for OpenSSL errors * dist: add more missing files only used in the MSVC build * dist: Include all documentation in distribution * unit_tests: Add missing cert_data.h to source list for unit tests * test_tls_crypt: Improve mock() usage to be more portable * Remove old Travis CI related files * options: Do not hide variables from parent scope * pkcs11_openssl: Disable unused code * route: Fix overriding return value of add_route3 ==== perl-Authen-SASL ==== Version update (2.16 -> 2.170.0) - Remove perl526.path (not needed anymore) - updated to 2.1700 see /usr/share/doc/packages/perl-Authen-SASL/Changes 2.1700 2023-08-09 [Fixed] - Version numbering (released as 2.1700, because 2.17 < 2.1401) - POD errors - Typos - Minimum Perl version 5.005 -> 5.6.0 - Kwalitee errors * Accidentally packaged MYMETA.* * 'use warnings;' added in all modules * Synchronized versions in all modules - Out of bounds substr() (RT 85294) [Added] - README - More tests [Changed] - Release switched from EUMM to D::Z [Removed] - Authen::SASL::Cyrus is no longer loaded as an implementation; Authen::SASL::XS has been the successor for more than a decade ==== procps4 ==== Subpackages: libproc2-0 procps4-lang - Modify patch procps-ng-3.3.9-w-notruncate.diff to real to not truncate output of w with option -n - procps-ng-4.0.3-logind.patch: Backport from 4.x git, prefer logind over utmp (jsc#PED-3144) - procps-ng-3.3.9-w-notruncate.diff: Rebase ==== python-SQLAlchemy ==== - use generic Cython >= 3 buildrequires ==== python-gssapi ==== - add d9200d1018ac916b30433da23898c8c5fbde0f28.patch to improve cython 3.x interoperability ==== python-numpy ==== Version update (1.24.2 -> 1.25.2) - Use %pyproject_wheel and %pyproject_install macros - Disable broken tests in armv7l (bsc#1212710) - limit to Cython < 3 - update to 1.25.2: * Upgrade various build dependencies. * use ``-ftrapping-math`` with Clang on macOS * properly handle negative indexes in ufunc_at fast path * PyObject_IsTrue and PyObject_Not error handling in setflags * histogram small range robust * Update meson.build files from main branch * exclude min, max and round from ``np.__all__`` * Dependabot updates * Fix the signature for np.array_api.take * update OpenBLAS to an intermeidate commit * Fix reference count leak in str(scalar). * fix invalid function pointer conversion error * Factor out slow ``getenv`` call used for memory policy warning * correct URL in cirrus.star [skip cirrus] * Fix C types in scalartypes * do not modify the input to ufunc_at * Further fixes to indexing loop and added tests - Update to 1.25.1: * NumPy 1.25.1 is a maintenance release that fixes bugs and regressions discovered after the 1.25.0 release. The Python versions supported by this release are 3.9-3.11. * #23968: MAINT: prepare 1.25.x for further development * #24036: BLD: Port long double identification to C for meson * #24037: BUG: Fix reduction return NULL to be goto fail * #24038: BUG: Avoid undefined behavior in array.astype() * #24039: BUG: Ensure __array_ufunc__ works without any kwargs passed * #24117: MAINT: Pin urllib3 to avoid anaconda-client bug. * #24118: TST: Pin pydantic<2 in Pyodide workflow * #24119: MAINT: Bump pypa/cibuildwheel from 2.13.0 to 2.13.1 * #24120: MAINT: Bump actions/checkout from 3.5.2 to 3.5.3 * #24122: BUG: Multiply or Divides using SIMD without a full vector can... * #24127: MAINT: testing for IS_MUSL closes #24074 * #24128: BUG: Only replace dtype temporarily if dimensions changed * #24129: MAINT: Bump actions/setup-node from 3.6.0 to 3.7.0 * #24134: BUG: Fix private procedures in f2py modules - Skipped 1.25.0: * The NumPy 1.25.0 release continues the ongoing work to improve the handling and promotion of dtypes, increase the execution speed, and clarify the documentation. There has also been work to prepare for the future NumPy 2.0.0 release, resulting in a large number of new and expired deprecation. Highlights are: - Support for MUSL, there are now MUSL wheels. - Support the Fujitsu C/C++ compiler. - Object arrays are now supported in einsum - Support for inplace matrix multiplication (@=). * Full changelog: https://github.com/numpy/numpy/releases/tag/v1.25.0 The Python versions supported in this release are 3.9-3.11. - Remove upstream patch: * remove-deprecated-hypothesis-funcs.patch ==== sac ==== - Clean the spec file a bit to make it more readable ==== shadow ==== Version update (4.13 -> 4.14.0) Subpackages: libsubid4 login_defs - Remove dependency on libbsd: On Tumbleweed we have glibc 2.38 already thus string functions like strlcpy will be present and won't be needed from libbsd. `readpassphrase()` is then the only function from libbsd not present. Upstream shadow has an in tree copy of it, that is used when the `--without-libbsd` flag is passed along. By relying on glibc 2.38 we don't need to add libbsd and libmd to our ring0 but can't easily upgrade on SLE. - Update to 4.14.0: * configure: add with-libbsd option * Code cleanup * Replace utmp interface #757 * new option enable-logind #674 * shadow userdel: add the adaptation to the busybox ps in 01-kill_user_procs.sh * chsh: warn if root sets a shell not listed in /etc/shells #535 * newgrp: fix potential string injection * lastlog: fix alignment of Latest header * Fix yescrypt support #748 * chgpasswd: Fix segfault in command-line options * gpasswd: Fix password leak * Add --prefix to passwd, chpasswd and chage #714 (bsc#1206627) * usermod: fix off-by-one issues #701 * ch(g)passwd: Check selinux permissions upon startup #675 * sub_[ug]id_{add,remove}: fix return values * chsh: Verify that login shell path is absolute #730 * process_prefix_flag: Drop privileges * run_parts for groupadd and groupdel #706 * newgrp/useradd: always set SIGCHLD to default * useradd/usermod: add --selinux-range argument #698 * sssd: skip flushing if executable does not exist #699 * semanage: Do not set default SELinux range #676 * Add control character check #687 * usermod: respect --prefix for --gid option * Fix null dereference in basename * newuidmap and newgidmap: support passing pid as fd * Prevent out of boundary access #633 * Explicitly override only newlines #633 * Correctly handle illegal system file in tz #633 * Supporting vendor given -shells- configuration file #599 * Warn if failed to read existing /etc/nsswitch.conf * chfn: new_fields: fix wrong fields printed * Allow supplementary groups to be added via config file #586 * useradd: check if subid range exists for user #592 (rh#2012929) - Refresh useradd-default.patch - Remove upstreamed patches: * useradd-userkeleton.patch * shadow-audit-no-id.patch * shadow-fix-print-login-timeout.patch * shadow-CVE-2023-29383.patch - Dont build lastlog (lastlog.legacy) anymore since we use lastlog2 by default now. - This release depends either on libbsd or on glibc >= 2.38 which only recently got released. libbsd (and libmd) would be new packages in our ring0 ==== smartmontools ==== Version update (7.3 -> 7.4) - Update to version 7.4: * See NEWS and ChangeLog files for full details - Drop smartmontools-smartctl-NVMe-big-endian.patch (upstreamed) - Refresh smartmontools-suse-default.patch