Packages changed: AppStream Mesa (26.1.1 -> 26.1.2) Mesa-drivers (26.1.1 -> 26.1.2) adwaita-icon-theme (50.0 -> 50.0+2) apache2-mod_php8 (8.5.6 -> 8.5.7) curl dracut (110+suse.31.ga81148a -> 110+suse.32.g36b00ba7) fontconfig (2.17.1 -> 2.18.0) gnome-keyring grub2 harfbuzz (14.2.0 -> 14.2.1) hwdata (0.407 -> 0.408) java-25-openjdk javapackages-tools kernel-source (7.0.10 -> 7.0.11) libavif (1.4.1 -> 1.4.2) libbluray (1.4.0 -> 1.4.1) libgtop libinput (1.31.2 -> 1.31.3) mariadb-connector-c (3.4.5 -> 3.4.8) mozjs140 openSUSE-release (20260603 -> 20260605) ovmf (202602 -> 202605) perl-HTML-Parser (3.830.0 -> 3.850.0) php8 (8.5.6 -> 8.5.7) python-semanage qalculate (5.10.0 -> 5.11.0) sssd tpm2.0-tools xtermset === Details === ==== AppStream ==== Subpackages: AppStream-lang libAppStreamQt3 libappstream5 - Add upstream change: * 0001-Explicitly-add-fcfreetype.h-include-to-asc-font.c.patch ==== Mesa ==== Version update (26.1.1 -> 26.1.2) Subpackages: Mesa-libEGL1 Mesa-libGL1 libgbm1 - Update to 26.1.2 bugfix release - -> https://docs.mesa3d.org/relnotes/26.1.2 ==== Mesa-drivers ==== Version update (26.1.1 -> 26.1.2) Subpackages: Mesa-dri Mesa-libva Mesa-vulkan-device-select libvulkan_lvp - Update to 26.1.2 bugfix release - -> https://docs.mesa3d.org/relnotes/26.1.2 ==== adwaita-icon-theme ==== Version update (50.0 -> 50.0+2) - Update to version 50.0+2: + folder-projects: XDG Projects folder. ==== apache2-mod_php8 ==== Version update (8.5.6 -> 8.5.7) - version update to 8.5.7 CLI: Fixed bug GH-21901 (Stale getopt() optional value). Date: Fixed bug GH-18422 (int overflow in php_date_llabs). DOM: Fixed bug GH-22077 (UAF in custom XPath function). Opcache: Fixed tracing JIT crash when a VM interrupt is handled during an observed user function call. Fixed bug GH-21746 (Segfault with tracing JIT). Fixed bug GH-22004 (Assertion failure at ext/opcache/jit/zend_jit_trace.c). Fixed tailcall VM crash when a VM interrupt is handled from a VM helper. OpenSSL: Fix compatibility issues with OpenSSL 4.0. Standard: Fixed bug GH-21689 (version_compare() incorrectly handles versions ending with a dot). URI: Fixed CVE-2026-44927 (In uriparser before 1.0.2, there is pointer difference truncation to int in various places). (CVE-2026-44927) [bsc#1264578] Fixed CVE-2026-44928 (In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal). (CVE-2026-44928) [bsc#1264579] - remove deprected --enable-inline-optimization ==== curl ==== Subpackages: libcurl4 - Backport fix for issue gh#curl/curl#21547 and gh#Nheko-Reborn/nheko#2054 which caused applications to busy loop with 100% CPU usage * Add libcurl-fix-wakeup-consumption.patch ==== dracut ==== Version update (110+suse.31.ga81148a -> 110+suse.32.g36b00ba7) - Update to version 110+suse.32.g36b00ba7: * fix(systemd-*): add new dlopen dependencies to modules lists ==== fontconfig ==== Version update (2.17.1 -> 2.18.0) Subpackages: fontconfig-lang libfontconfig1 - Update to 2.18.0 * test: Fix a build issue with musl libc * fc-lang: Add suz.orth for Sunuwar * test: add common helper class * test: port basic functionality check to Python * test: update to pass test cases on Win32 * do not mix up a slash and a backslash in file object on Win32 * meson: Add a missing fontconfig architecture test case * Add fontconfig version in FcCache * Improve a warning message * Better error message when missing default config * ci: install before test to avoid fontconfig error * Fix regex to pick up libtool version * Improve performance in FcConfigAdd * Improve log header in FcConfigSubstituteWithPat * meson: Update WrapDB files for v2 format migration * ci: add an option for the address sanitizer * Fix "UBSAN null pointer passed" to qsort * ci: Enable ASAN and UBSAN * Add genericfamily object in FcPattern * Add xsi:nil attribute support to limited elements * Get out from FcConfigAdd immediately if no valid pointer given * Bump the cache version again * fc-case: Update CaseFolding.txt to Unicode 17 * Add obvious namespace to macros for FC_SPACING * Improve handling of constant name * test: fix pytest error when running on the top project directory * meson: Update wrapdb for expat to the latest * Use FcStrCopy instead of strdup * Fix -Wpointer-sign warnings * Do not store duplicate object name into FcObjectSet * Fix unused variable warning when iconv support disabled * doc: Fix a typo in FcPatternAdd description * Add fc-genconf the configuration generator tool * test-conf: Correct test results to display at the proper place * Fix unexpected priority change when looking up by specific family name * Return error code if FcPatternFormat failed * Add const converter for pattern format * fc-genconf: Add scan pattern to update genericfamily with commandline option * Fix dereferencing a null pointer of FcConfig in FcFontSetSort * conf.d: Fix a typo in 65-khmer.conf * Update doc for xsi:nil attribute support * test: add more conditional for bwrap sandbox test cases * meson: add tests-bwrap option * Avoid locale-dependent float-to-string * test-conf: add wrapper setenv for Win32 * Fix invalid memory access on Win32 * More fixes for locale-dependent float-to-string conversion * Replace strtod() with FcStrtod() * Explicitly declare FcPatternObjectCount as a public function * Update meson dependency to 1.11.0 - modified patches * skip-network-test.patch (refreshed) ==== gnome-keyring ==== Subpackages: gnome-keyring-32bit gnome-keyring-lang gnome-keyring-pam gnome-keyring-pam-32bit libgck-modules-gnome-keyring - Add 04a6bc68ff4350676c5fc55d1b244a17224fbea2.patch: Fix: avoid potential FD leak in gkm_rpc_layer_startup. - Rebase gnome-keyring-pam-auth-prompt-password.patch with quilt. - Use autosetup/patch macros. ==== grub2 ==== Subpackages: grub2-common grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-efi-bls - Fix build with GCC 16 * gcc16.patch * 0001-add-support-for-UEFI-network-protocols.patch ==== harfbuzz ==== Version update (14.2.0 -> 14.2.1) Subpackages: libharfbuzz-gobject0 libharfbuzz-icu0 libharfbuzz-subset0 libharfbuzz0 typelib-1_0-HarfBuzz-0_0 - Update to version 14.2.1: + Various AAT shaping fixes: legacy mort contextual offsets (which could produce out-of-font glyph IDs), in-place deleted-glyph replacements, and overflow in obsolete offset math. + Fix Arabic PUA fallback shaping for the isolated lam-alef-maksura ligature. + Fix float-to-int overflow in avar2 mapping with malformed fonts. + Harden buffer verification after detecting non-monotone clusters. + Various COLR v1 fixes: fix handling of .notdef without paint, round alpha consistently, and report the root clip under the font transform. + Various Glyph-extents fixes: inclusive rounding, and floating-point scaling before rounding so the reported box always covers the glyph. + Various Subsetting fixes: keep the palt spacing feature by default, raise the repacker MAX_SPACES limit, fix a repacker crash on shared LigatureSet nodes, guard gvar size overflow on 32-bit, and fix the post glyph-name sort comparator on macOS. + Replace std::sort with an internal quicksort, removing leaked std:: symbols from the libharfbuzz ABI. + Harden size computations with saturating arithmetic against 32-bit overflow. + Various improvements to the experimental Rust shaper (HarfRust) and font functions (fontations): honor custom font funcs, key shape plans on features, faster buffer handling, and update to HarfRust 0.8. + Various fixes to the experimental harfbuzz-gpu and harfbuzz-vector libraries, including a harfbuzz-vector heap buffer overflow and Windows build fixes. + Map the Hrkt (Katakana or Hiragana) script tag to the kana OpenType tag. + Build configuration: new HB_CONFIG_OVERRIDE_LAST_H override header, decouple HB_NO_DRAW from HB_NO_CFF, and an optional hb-allocator Cargo feature. + Various build, CI, and fuzzing fixes. ==== hwdata ==== Version update (0.407 -> 0.408) - Update to version 0.408: * Update pci and vendor ids ==== java-25-openjdk ==== Subpackages: java-25-openjdk-headless - Make post scripts less noisy (bsc#1267355) ==== javapackages-tools ==== Subpackages: javapackages-filesystem - Outside of the ancient distros (< SLE-15-SP5) for the Python packaging use the modern style of %pyproject_* macros (soo#python/_ObsPrj#491). ==== kernel-source ==== Version update (7.0.10 -> 7.0.11) - Update patches.kernel.org/7.0.10-0148-bpf-fix-end-of-list-detection-in-cgroup_stora.patch (bsc#1012628 CVE-2026-45838 bsc#1266396). - Update patches.kernel.org/7.0.10-0155-bpf-reject-negative-CO-RE-accessor-indices-in.patch (bsc#1012628 CVE-2026-45839 bsc#1266399). - Update patches.kernel.org/7.0.10-0802-openvswitch-cap-upcall-PID-array-size-and-pre.patch (bsc#1012628 CVE-2026-45840 bsc#1266397). - Update patches.kernel.org/7.0.10-0805-netfilter-nfnetlink_osf-fix-divide-by-zero-in.patch (bsc#1012628 CVE-2026-45841 bsc#1266390). - Update patches.kernel.org/7.0.10-0812-slip-reject-VJ-receive-packets-on-instances-w.patch (bsc#1012628 CVE-2026-45842 bsc#1266400). - Update patches.kernel.org/7.0.10-0813-slip-bound-decode-reads-against-the-compresse.patch (bsc#1012628 CVE-2026-45843 bsc#1266395). - Update patches.kernel.org/7.0.10-0860-eventpoll-fix-ep_remove-struct-eventpoll-stru.patch (bsc#1012628 CVE-2026-46242). - Update patches.kernel.org/7.0.10-0888-netfilter-arp_tables-fix-IEEE1394-ARP-payload.patch (bsc#1012628 CVE-2026-45844 bsc#1266392). - Update patches.kernel.org/7.0.10-0939-net-sched-taprio-fix-NULL-pointer-dereference.patch (bsc#1012628 CVE-2026-45845 bsc#1266393). - Update patches.kernel.org/7.0.10-0981-bareudp-fix-NULL-pointer-dereference-in-bareu.patch (bsc#1012628 CVE-2026-45846 bsc#1266394). - Update patches.kernel.org/7.0.10-1139-net-rds-reset-op_nents-when-zerocopy-page-pin.patch (bsc#1012628 CVE-2026-43494 bsc#1265626). - Update patches.kernel.org/7.0.10-1142-net-skbuff-preserve-shared-frag-marker-during.patch (bsc#1012628 CVE-2026-46300 bsc#1265209). - Update patches.kernel.org/7.0.10-1143-net-skbuff-propagate-shared-frag-marker-throu.patch (bsc#1012628 CVE-2026-43503 bsc#1266229). - Update patches.kernel.org/7.0.11-004-smb-client-reject-userspace-cifs.spnego-descri.patch (bsc#1012628 CVE-2026-46243). - Update patches.kernel.org/7.0.4-001-ALSA-usb-audio-stop-parsing-UAC2-rates-at-MAX_N.patch (bsc#1012628 CVE-2026-46018 bsc#1266751). - Update patches.kernel.org/7.0.4-008-LoongArch-Add-spectre-boundry-for-syscall-dispa.patch (bsc#1012628 CVE-2026-45993). - Update patches.kernel.org/7.0.4-009-drm-nouveau-fix-u32-overflow-in-pushbuf-reloc-b.patch (bsc#1012628 CVE-2026-46006). - Update patches.kernel.org/7.0.4-012-greybus-gb-beagleplay-fix-sleep-in-atomic-conte.patch (bsc#1012628 CVE-2026-46041). - Update patches.kernel.org/7.0.4-013-misc-ibmasm-fix-OOB-MMIO-read-in-ibmasm_handle_.patch (bsc#1012628 CVE-2026-46022). - Update patches.kernel.org/7.0.4-014-ibmasm-fix-OOB-reads-in-command_file_write-due-.patch (bsc#1012628 CVE-2026-45994). - Update patches.kernel.org/7.0.4-015-ibmasm-fix-heap-over-read-in-ibmasm_send_i2o_me.patch (bsc#1012628 CVE-2026-46064). - Update patches.kernel.org/7.0.4-022-fs-afs-revert-mmap_prepare-change.patch (bsc#1012628 CVE-2026-46100). - Update patches.kernel.org/7.0.4-029-mm-fix-deferred-split-queue-races-during-migrat.patch (bsc#1012628 CVE-2026-46017 bsc#1267241). - Update patches.kernel.org/7.0.4-030-ocfs2-split-transactions-in-dio-completion-to-a.patch (bsc#1012628 CVE-2026-46080). - Update patches.kernel.org/7.0.4-031-Input-edt-ft5x06-fix-use-after-free-in-debugfs-.patch (bsc#1012628 CVE-2026-46097). - Update patches.kernel.org/7.0.4-032-zram-do-not-forget-to-endio-for-partial-discard.patch (bsc#1012628 CVE-2026-46089). - Update patches.kernel.org/7.0.4-033-wifi-rtw88-check-for-PCI-upstream-bridge-existe.patch (bsc#1012628 CVE-2026-46092). - Update patches.kernel.org/7.0.4-034-wifi-mwifiex-fix-use-after-free-in-mwifiex_adap.patch (bsc#1012628 CVE-2026-46069). - Update patches.kernel.org/7.0.4-038-vfio-cdx-Serialize-VFIO_DEVICE_SET_IRQS-with-a-.patch (bsc#1012628 CVE-2026-46036). - Update patches.kernel.org/7.0.4-039-vfio-cdx-Fix-NULL-pointer-dereference-in-interr.patch (bsc#1012628 CVE-2026-46034 bsc#1266757). - Update patches.kernel.org/7.0.4-041-thermal-core-Fix-thermal-zone-governor-cleanup-.patch (bsc#1012628 CVE-2026-46021 bsc#1267220). - Update patches.kernel.org/7.0.4-042-spi-imx-fix-use-after-free-on-unbind.patch (bsc#1012628 CVE-2026-45996). - Update patches.kernel.org/7.0.4-043-spi-ch341-fix-memory-leaks-on-probe-failures.patch (bsc#1012628 CVE-2026-46074). ... changelog too long, skipping 1593 lines ... - commit fc624df ==== libavif ==== Version update (1.4.1 -> 1.4.2) - update to 1.4.2: * Added since 1.4.1 - Add --jobs flag to avifgainmaputil to use multiple worker threads when reading/writing AVIF files. * Changed since 1.4.1 - Require C11 for compilation. Public headers will remain C99. - Add --jobs flag to avifgainmaputil and enable auto tiling. - Use AOM_TUNE_IQ for layered image inter-frame encoding. - Update aom.cmd/LocalAom.cmake: v3.14.1 - Update LocalAvm.cmake: research-v15.0.0 - Update libjpeg.cmd/LocalJpeg.cmake: 3.1.4.1 - Update libxml2.cmd/LocalLibXml2.cmake: v2.15.3 - Update libyuv.cmd/LocalLibyuv.cmake: 644251f25 (1924) - Update svt.cmd/svt.sh/LocalSvt.cmake: v4.1.0 - Update zlibpng.cmd/LocalZlibpng.cmake: libpng 1.6.58 - Fix memory leak of altICC if avifDecoderFindGainMapItem returns early. - Avoid MT loop restoration crash in libaom < 3.13.3 - Fix decoding layered image with multiple scaled alpha layers - Fix NaN bypass of AVIF_CLAMP in gain map tone mapping (use fminf/fmaxf) - Fix null pointer dereference in avifImageCopy() when avifImageCreateEmpty() fails to allocate the destination gain map image. - avifenc: reject mismatched --depth for Y4M input - Use libaom AOMD_SET_FRAME_SIZE_LIMIT if available - Fix bug in transfer function 11 (used for gain map creation/tone mapping) ==== libbluray ==== Version update (1.4.0 -> 1.4.1) - version update to 1.4.1 * Fix linking on Windows with Freetype enabled * Improve compilation with MSVC * Cleaning and improvements in Meson build files * Fix build with Java 23 for BD-J * Add SSIF files support to bd_open_file_dec() * Add player setting for UO restriction level * Add all UOs to BD_EVENT_UO_MASK_CHANGED * Improve resilence against invalid input * Fix memory leak in UHD playlists * BD-J: Implement TVTimer, TVTimerSpec * BD-J: Improve Java 1.4 compatibility * BD-J: Fix MediaPresentedEvent event emission on start * BD-J: Fix filesystem hooking in Java 25 * BD-J: Fix locators from org.bluray.ti.[PlayItemImpl,TitleComponentImpl] * BD-J: Multiple compability and performance improvements - deleted patches * libbluray-java25.patch (upstreamed) ==== libgtop ==== Subpackages: libgtop-2_0-11 libgtop-lang - Add missing %verify(not mode) (boo#1263098). ==== libinput ==== Version update (1.31.2 -> 1.31.3) Subpackages: libinput-udev libinput10 - Update to release 1.31.3 * libinput-device-group now sanitizes the PHYS value which prevents local privilege escalation through udev property injection. * `libinput record`: the --autorestart interval handling was broken for intervals 5s and higher * `libinput recor`: added a convenience fix for running with - -autorestart. * Eraser buttons can now be mapped to any button (previously only BTN_STYLUS, BTN_STYULUS2 and BTN_STYLUS3 were permitted). ==== mariadb-connector-c ==== Version update (3.4.5 -> 3.4.8) - Update to release 3.4.8: * Fix compilation with GCC 15 * CONC-762: always set is_null and length in the bind structure to avoid msan errors * CONC-763: add MySQL collation ID 309 (utf8mb4_0900_bin) * CONC-764: fix build of ma_context.c on Android (X18 is a platform-reserved register) * CONC-766: disable clang -Wcast-function-type-strict for makecontext - Drop patches now included upstream: * mariadb-connector-c-3.4.5-gcc15.patch * mariadb-connector-c-3.4.5-gcc15-part2.patch - Update mariadb.keyring with the MariaDB Signing Key (signing-key@mariadb.org); upstream now signs the connector-c release tarballs with it - Fetch sources from archive.mariadb.org ==== mozjs140 ==== - Add mozjs140-CVE-2025-70103.patch: libjxl: take EC into account when checking required PNM input length (bsc#1266463 CVE-2025-70103). ==== openSUSE-release ==== Version update (20260603 -> 20260605) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== ovmf ==== Version update (202602 -> 202605) Subpackages: qemu-ovmf-x86_64 - Update to edk2-stable202605 - Patches (git log --oneline --date-order edk2-stable202602..edk2-stable202605) b03a21a63e3b UefiCpuPkg: Remove the absolute address jump in LoongArch exception handler e6863d9cb987 MdePkg: Disable AuditOnly Mode for Spell Check 6f73fbea9778 MdePkg: Fix Spelling Errors in Comments 27f83abf1b65 .pytool: Update cspell Allowed Words b5d4a2c4789d MdePkg,MdeModulePkg: Fix Spelling Error in Udf Definitions 1efbb315fd43 MdePkg: Fix Spelling Errors in CXL Definitions 627860407ae1 MdePkg: Fix Spelling Errors in HiiImageDecoder Definitions 4da6018ffe6e MdePkg: Fix Spelling Errors in IPMI Definitions 5981dfcb5f49 MdePkg: Fix Spelling Error in DriverConfiguration2 Definitions 5aaf451f8b67 MdePkg: Fix Spelling Errors in ACPI Definitions efd3635d901e MdePkg: Fix Spelling Error in ScsiIo Definitions f3b29f03c4d6 MdePkg: Fix Spelling Error in Cper Definitions 2ced4c80342a MdePkg: Fix Spelling Error in Hash Definitions 208454c51def MdePkg: Fix Spelling Error in Nvme Definitions bf5ed9cc551b Global: Fix Spelling Errors in PCI/PCIe Definitions e6f401761a73 MdePkg: Fix Spelling Errors in SmBios Definitions 7c440a7a2b55 MdePkg,MdeModulePkg: Fix Spelling Errors in Atapi Definitions 81b7c2912bd6 MdePkg,SecurityPkg: Fix Spelling Errors in TCG/TPM Definitions 4e5672043bd5 ManageabilityPkg: add configurable KCS status-check timeout PCD 441873c2a987 SecurityPkg/SecureBootVariableLib: Cleanup debug print readability 8add400a8be8 MdeModulePkg: Cleanup debug print readability 5caf4c6aeb4a MdeModulePkg,MdePkg: Send I/O without FUA if necessary ee58614bbbb4 MdeModulePkg/ScsiDiskDxe: Check Write Caching and FUA support b8df7d9c8e1e ArmVirtPkg/ArmPlatformLibQemu: Support early ID map on LPA2 capable CPUs d73615b24ba4 Revert "ArmPlatformPkg,EmbeddedPkg,MdeModulePkg: Move RealTimeClockLib ..." f3d49c80246d MdePkg/Include: Add missing ACPI EINJ structure c00c1216ce7f ArmPkg/CpuDxe: Refuse to clear XN from device memory mappings 99d8c3710a0f ArmPkg/CpuDxe: Drop GCD system memory check from MemoryAttribute protocol 7ab771ddcf8d .github: Remove SignedCapsulePkg 1c1f858a4df0 .pytool: Remove SignedCapsulePkg a3c4fd772a17 .azurepipelines/templates/pr-gate-build-job.yml: Remove SignedCapsulePkg 111a799abd83 Maintainers.txt: Remove SignedCapsulePkg c00e8d0bcddf SignedCapsulePkg: Remove package 6d4e97380784 NetworkPkg/DnsDxe: Refactor answer loop to for in ParseDnsResponse ccc95703cd8b NetworkPkg/Ip4Dxe: Fix missing Status check on Ip4Cfg2->SetData call f1f89f454cd8 ShellPkg/UefiShellLevel3: Lower indentation level in MainCmdXXX() 8b5c970c55a7 ShellPkg/Help: Extract PrintMatchingHelp() function 27c785b0df7f ShellPkg/UefiShellLevel3: Extract ProcessFileList() function 014d8fb941f8 ShellPkg/UefiShellLevel3: Extract MainCmdXXX() function 49ba46ec0ae6 ShellPkg/UefiShellLevel3: Return if ShellCommandLineParse() failed a219f8cfc541 ShellPkg/Help: Free package on all paths 899b8b8550f8 ShellPkg/Type: Factorize character display 680ee2e3e9b1 ShellPkg/Cls: Factorize color parsing 68662fd712b9 ShellPkg: Add 'cxl' command d9c842477ec8 OvmfPkg: Include CxlDxe a87c9f062170 MdeModulePkg: Add CxlDxe driver 6afdf4e7fbff MdeModulePkg: Add CxlIo.h protocol 2a8ba80f276d MdePkg: Add CDAT structure definitions 780a9c2dfccb MdePkg: Add Data Object Exchange interface 50537c6a1171 OvmfPkg/OvmfXen: Remove SEC source level debug for Xen 66820c9ace07 OvmfPkg: FSBClock moved to FixedAtBuild for platforms except Xen c801f959bba9 ShellPkg/UefiShellLevel1: Lower indentation level in MainCmdXXX() c50e5fe946ad ShellPkg/UefiShellLevel1: Extract MainCmdXXX() function e8036a9fbbe4 ShellPkg/UefiShellLevel1: Return if ShellCommandLineParse() failed d8b163508842 DynamicTablesPkg: add Hest table generator d9256a20ffb1 DynamicTablesPkg: add X64 objects for error sources 829c70b9efe0 DynamicTablesPkg: add common objects for common error sources 6bd553cc35fd MdeModulePkg: Remove duplicate library class in dsc file 0bc238d06684 MdePkg/AdapterInformation: Add CDAT adapter information type 3b899d2e586c MdeModulePkg/DxeCapsuleLibFmp: Tolerate EFI_ALREADY_STARTED in LockVariable 5acaac4f322d NetworkPkg/Ip4Dxe: Reject IPv4 addresses ending with dot 31ea9bcc70b0 ArmVirtPkg: Kvmtool: Init Arm CCA HOBs in PlatformPeim() 9c05ec80a285 ArmVirtPkg: Add a helper function to initialise Arm CCA HOBs f8ca1db593f9 ArmVirtPkg: Add NULL instance of ArmCcaInitPeiLib 15cf30827650 ArmVirtPkg: Add library for Arm CCA initialisation in PEI eee6ed8b117f OvmfPkg/XenBusDxe: Fix an error message 0d6750b88cbc OvmfPkg/XenPlatformPei: Remove call to XenHypercallLibInit c4cdc1794a51 OvmfPkg/XenHypercallLib: Remove unused HobLib b6480f6270b3 ArmVirtPkg: Add a helper to check protected MMIO address 1ae23a7acd13 ArmVirtPkg: Add Null instance of ArmCcaLib 39ff71df13cb ArmVirtPkg: Add library for Arm CCA helper functions 7c0fed45459b ArmVirtPkg: Add GUID HOBs to cache Realm IPA width and execution state 351dfdb3836f MdeModulePkg: Remove duplicate procotols guid in INF files 7d87a9d339c8 UefiPayloadPkg: Remove duplicate library and file name in INF file c86451e79bce UefiCpuPkg: Remove duplicate libraries in INF files 34c7871fec1a SourceLevelDebugPkg/DebugAgent: Remove duplicate library in INF file 25540b069f9f SecurityPkg: Remove duplicate file name in INF file 687d8049f574 ShellPkg/Shell: Remove duplicate Guid in INF file 42364d6c6f94 OvmfPkg/Sec: Remove duplicate PCD in INF file 6d4f24a74900 NetworkPkg/GoogleTest: Remove duplicate file name in INF file 35102d932fef IntelFsp2WrapperPkg: Remove duplicate library class in INF file 1c39524aec65 EmbeddedPkg: Remove duplicate procotol in INF file 482b4bf0a51a EmulatorPkg/Host: Remove duplicate procotol in INF file 71bf0d807dc2 ArmPkg/ArmGicDxe: Remove duplicate library in INF file c8833afa7a46 MdeModulePkg/NvmExpressDxe: Mark CDW10/CDW11 valid for Format and Sanitize ae2d2d76c1b9 ArmPkg,MdePkg,MdeModulePkg: change ArmFfaLibGetVersion() with whole version 50349c5e07e7 ArmPkg/Library: optimise StandaloneMmMmuLib with FF-A v1.3 03a07cb0f5e9 OvmfPkg/IntelTdx: only add UI to NCCFV 99148f1df884 DynamicTablesPkg: AcpiIortLibArm: Support SMMUv3 revision 5 56a250ad9f84 DynamicTablesPkg: AcpiIortLibArm: Support IORT revision 6 112a43a92d92 RedfishPkg/RedfishHttpDxe: Improve RedfishHttpOperation error handling 3449c60bab69 BaseTools: Add GENFWHII_FLAGS to fix VS2026 GenFw build issue 2f3883dd5912 NetworkPkg/HttpBootDxe: Add all events to HttpBootHttpCallback() 0e6f016032ed MdePkg/IndustryStandard: add LoongArch IOVT structures 53783077e291 RedfishPkg/RedfishDiscoverDxe: Do not require TCP6 if IPv6 HTTP off ef745f258c03 .github/workflows: Enable CodeQL on ManageabilityPkg 19d4bdefde67 ManageabilityPkg: Add ManageabilityPkg CI yaml ... changelog too long, skipping 380 lines ... bdadb269e379 BaseTools: Remove previously deprecated GCC48, GCC49 and GCC5 ==== perl-HTML-Parser ==== Version update (3.830.0 -> 3.850.0) - updated to 3.850.0 (3.85) see /usr/share/doc/packages/perl-HTML-Parser/Changes 3.85 2026-05-19 - Replace deprecated uvuni_to_utf8() with uvchr_to_utf8() (GH#50) (GitHub Copilot, reported by James E Keenan) 3.84 2026-05-19 - Fix heap-use-after-free in _decode_entities (CVE-2026-8829) (GH#56) (Paul Johnson) ==== php8 ==== Version update (8.5.6 -> 8.5.7) Subpackages: php8-ctype php8-dom php8-iconv php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter - version update to 8.5.7 CLI: Fixed bug GH-21901 (Stale getopt() optional value). Date: Fixed bug GH-18422 (int overflow in php_date_llabs). DOM: Fixed bug GH-22077 (UAF in custom XPath function). Opcache: Fixed tracing JIT crash when a VM interrupt is handled during an observed user function call. Fixed bug GH-21746 (Segfault with tracing JIT). Fixed bug GH-22004 (Assertion failure at ext/opcache/jit/zend_jit_trace.c). Fixed tailcall VM crash when a VM interrupt is handled from a VM helper. OpenSSL: Fix compatibility issues with OpenSSL 4.0. Standard: Fixed bug GH-21689 (version_compare() incorrectly handles versions ending with a dot). URI: Fixed CVE-2026-44927 (In uriparser before 1.0.2, there is pointer difference truncation to int in various places). (CVE-2026-44927) [bsc#1264578] Fixed CVE-2026-44928 (In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal). (CVE-2026-44928) [bsc#1264579] - remove deprected --enable-inline-optimization ==== python-semanage ==== - Depend on libso before make pywrap is executed to avoid race conditions (bsc#1266385) - Add patch: 1266385-libsemanage-Require-LIBSO-before-SWIGSO-and-SWIGRUBY.patch - Add CFLAGS to %make_install call for consistency with %make_build ==== qalculate ==== Version update (5.10.0 -> 5.11.0) Subpackages: libqalculate23 qalculate-data - Update to version 5.11 * Add set functions (union, intersect, setdiff, setxor, isMember, isSubset) and operators (∪, ∩, ∖, ⊖, ∈, ⊆, etc.) * Add characters(), count(), digitSum(), and digitalRoot(), find(), popCount(), string(), and while() functions * Support negative row and column values in element(), row(), and column() functions * Support matrix[row][column] syntax * Support text objects in sort() function * Add third optional argument to interval() function to allow exclusion of exact endpoints * Ignore "to" and "where" (and equivalent symbols) inside quotation marks * Ignore dot in front of plus or minus (for consistent behavior in line with entrywise operators) * Show "Division by zero" warning for all divisions by zero * Make display of expressions with time units in time format more consistent * Fix support for vector in argument of many functions (erf, mod, exp, etc.) * Fix explicit conversion to mixed units for year variants * Fix first digit missing in return value of integerDigits() in some cases * Fix segfault when Calculator object is destroyed with uninitialized random state * Fix infinite loop when referencing subfunction in another subfunction * Fix segfault in replace() with variable specified using where expression, e.g. "replace(v, x, 1) where v = x" * Fix segfault when data set function name is followed immediately by a single dot * Fix v[i]=a syntax for vector element assignment * Do not bind escape key (fixes bad behavior with keys that generate escape sequences, e.g function keys) (CLI) * Fix use of x, y, z, without backslash, for arguments when using function command (CLI) * Fix parse status and calculate-as-you-type when "where" expression defines a new symbol (Gtk, Qt) * Convert degree Celsius to Fahrenheit and vice versa in Gnome search provider (Gtk) * Fix compilation on macOS (Gtk) * Minor bug fixes and feature enhancements ==== sssd ==== Subpackages: libnfsidmap-sss libsss_certmap0 libsss_idmap0 sssd-krb5-common sssd-ldap - The logrotate fragment had a wrong systemd service name in it, which was rectified. ==== tpm2.0-tools ==== - Remove dependency to the abrmd broker service ==== xtermset ==== - Modernize spec file: * Drop obsolete Group tag * Use %make_build macro * Use https for URL and Source