Packages changed: MozillaFirefox (122.0.1 -> 123.0) apache2 apache2-manual apache2-prefork apache2-utils apparmor c-ares (1.26.0 -> 1.27.0) cdparanoia chrony (4.4 -> 4.5) clamav cpio cronie cups delayacct-utils dhcp distribution-logos-openSUSE dmidecode docbook-xsl docbook_4 dracut (059+suse.554.g6144bf71 -> 059+suse.557.g8a62bf73) drbd drbd-utils dump emacs-jinx (1.2 -> 1.3) file fltk freecell-solver fwupd (1.9.13 -> 1.9.14) gcc12 gdb giflib (5.2.1 -> 5.2.2) git (2.43.2 -> 2.44.0) gle glyr gnutls gpsd greybird-geeko-theme gsl guile icewm icewm-theme-branding kplotting (5.114.0 -> 5.115.0) libapparmor libgpg-error (1.47 -> 1.48) libimobiledevice-glue (1.0.0+git3.20230513 -> 1.1.0+git0.20240222) libixion (0.18.1 -> 0.19.0) libksba (1.6.5 -> 1.6.6) liborcus (0.18.1 -> 0.19.2) libstorage-ng (4.5.191 -> 4.5.193) libunistring (1.1 -> 1.2) mokutil mozilla-nss multipath-tools (0.9.8~1+82+suse.dcd98a3 -> 0.9.8+83+suse.bcae610) ncurses (6.4.20240210 -> 6.4.20240224) npth (1.6 -> 1.7) nvidia-open-driver-G06-signed open-vm-tools openssh (9.3p2 -> 9.6p1) openssh-askpass-gnome (9.3p2 -> 9.6p1) openvpn python-PyYAML rubygem-airbrussh (1.5.0 -> 1.5.1) rubygem-attr_required (1.0.1 -> 1.0.2) rubygem-bootsnap (1.17.0 -> 1.17.1) rubygem-childprocess (4.1.0 -> 5.0.0) rubygem-concurrent-ruby (1.2.2 -> 1.2.3) rubygem-debase-ruby_core_source (3.2.3 -> 3.3.1) rubygem-debug_inspector (1.1.0 -> 1.2.0) rubygem-domain_name (0.6.20231109 -> 0.6.20240107) rubygem-excon (0.104.0 -> 0.109.0) rubygem-fog-core (2.3.0 -> 2.4.0) rubygem-google-protobuf (3.25.1 -> 3.25.2) rubygem-googleapis-common-protos-types (1.10.0 -> 1.11.0) rubygem-haml (6.2.3 -> 6.3.0) rubygem-hashdiff (1.0.1 -> 1.1.0) rubygem-hoe (4.1.0 -> 4.2.0) rubygem-importmap-rails (1.2.3 -> 2.0.1) rubygem-json (2.6.3 -> 2.7.1) rubygem-json-jwt (1.16.3 -> 1.16.5) rubygem-json_pure (2.6.3 -> 2.7.1) rubygem-mime-types (3.5.1 -> 3.5.2) rubygem-mime-types-data (3.2023.1003 -> 3.2023.1205) rubygem-net-ldap (0.18.0 -> 0.19.0) rubygem-net-ssh (7.2.0 -> 7.2.1) rubygem-nio4r (2.6.1 -> 2.7.0) rubygem-omniauth (2.1.1 -> 2.1.2) rubygem-parallel (1.23.0 -> 1.24.0) rubygem-parallel_tests (4.3.0 -> 4.4.0) rubygem-passenger (6.0.18 -> 6.0.20) rubygem-pdf-reader (2.11.0 -> 2.12.0) rubygem-pg (1.4.5 -> 1.5.4) rubygem-pry-doc (1.4.0 -> 1.5.0) rubygem-public_suffix (5.0.3 -> 5.0.4) rubygem-puma-5 (5.6.7 -> 5.6.8) rubygem-puma (6.4.0 -> 6.4.2) rubygem-rack-2.2 (2.2.8 -> 2.2.8.1) rubygem-rack (3.0.8 -> 3.0.9.1) rubygem-rack-oauth2 (2.2.0 -> 2.2.1) rubygem-rack-protection (3.1.0 -> 4.0.0) rubygem-rake-compiler (1.2.5 -> 1.2.6) rubygem-regexp_parser (2.8.2 -> 2.9.0) rubygem-rice (4.1.0 -> 4.2.1) rubygem-rspec-rails (6.1.0 -> 6.1.1) rubygem-ruby_parser (3.20.3 -> 3.21.0) rubygem-sexp_processor (4.17.0 -> 4.17.1) rubygem-slim (5.2.0 -> 5.2.1) rubygem-sshkit (1.21.6 -> 1.22.0) rubygem-stimulus-rails (1.3.0 -> 1.3.3) rubygem-swd (2.0.2 -> 2.0.3) rubygem-tzinfo-data (1.2023.3 -> 1.2023.4) rubygem-webfinger (2.1.2 -> 2.1.3) salt sbl sendmail setserial sha1collisiondetection slang sord soundtouch spamassassin speex splix spu-tools susepaste switcheroo-control syslogd system-config-printer sysvinit thin-provisioning-tools (1.0.11 -> 1.0.12) tigervnc transfig upower (1.90.2 -> 1.90.2+15) usbutils virtiofsd vlc xauth xdm xf86-input-evdev xf86-input-wacom xf86-video-mga xf86-video-nouveau xf86-video-nv xf86-video-vesa xfsdump xinetd xinit xkeyboard-config xmlsec1 xorg-x11-server xrandr yast2-trans (84.87.20240219.f6e4117fe0 -> 84.87.20240224.f7ab2886c1) zlib (1.3 -> 1.3.1) === Details === ==== MozillaFirefox ==== Version update (122.0.1 -> 123.0) - Mozilla Firefox 123.0 https://www.mozilla.org/en-US/firefox/123.0/releasenotes/ MFSA 2024-05 (bsc#1220048) * CVE-2024-1546 (bmo#1843752) Out-of-bounds memory read in networking channels * CVE-2024-1547 (bmo#1877879) Alert dialog could have been spoofed on another site * CVE-2024-1554 (bmo#1816390) fetch could be used to effect cache poisoning * CVE-2024-1548 (bmo#1832627) Fullscreen Notification could have been hidden by select element * CVE-2024-1549 (bmo#1833814) Custom cursor could obscure the permission dialog * CVE-2024-1550 (bmo#1860065) Mouse cursor re-positioned unexpectedly could have led to unintended permission grants * CVE-2024-1551 (bmo#1864385) Multipart HTTP Responses would accept the Set-Cookie header in response parts * CVE-2024-1555 (bmo#1873223) SameSite cookies were not properly respected when opening a website from an external browser * CVE-2024-1556 (bmo#1870414) Invalid memory access in the built-in profiler * CVE-2024-1552 (bmo#1874502) Incorrect code generation on 32-bit ARM devices * CVE-2024-1553 (bmo#1855686, bmo#1867982, bmo#1871498, bmo#1872296, bmo#1873521, bmo#1873577, bmo#1873597, bmo#1873866, bmo#1874080, bmo#1874740, bmo#1875795, bmo#1875906, bmo#1876425, bmo#1878211, bmo#1878286) Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8 * CVE-2024-1557 (bmo#1746471, bmo#1848829, bmo#1864011, bmo#1869175, bmo#1869455, bmo#1869938, bmo#1871606) Memory safety bugs fixed in Firefox 123 - requires NSS 3.97 ==== apache2 ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN. ==== apache2-manual ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN. ==== apache2-prefork ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN. ==== apache2-utils ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN. ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-docs apparmor-parser apparmor-profiles apparmor-utils python3-apparmor - Fix systemd userdb access in unix-chkpwd ==== c-ares ==== Version update (1.26.0 -> 1.27.0) - c-ares 1.27.0 Security: * Moderate. CVE-2024-25629. Reading malformatted /etc/resolv.conf, /etc/nsswitch.conf or the HOSTALIASES file could result in a crash. GHSA-mg26-v6qh-x48q (CVE-2024-25629, bsc#1220279) Features: * New function ares_queue_active_queries() to retrieve number of in-flight queries. PR #712 * New function ares_queue_wait_empty() to wait for the number of in-flight queries to reach zero. PR #710 * New ARES_FLAG_NO_DEFLT_SVR for ares_init_options() to return a failure if no DNS servers can be found rather than attempting to use 127.0.0.1. This also introduces a new ares status code of ARES_ENOSERVER. PR #713 Changes: * EDNS Packet size should be 1232 as per DNS Flag Day. PR #705 Bugfixes: * Fix warning due to ignoring return code of write(). PR #709 * CMake: don't override target output locations if not top-level. Issue #708 * Fix building c-ares without thread support. PR #700 ==== cdparanoia ==== Subpackages: libcdda_interface0 libcdda_paranoia0 - Use %patch -P N instead of deprecated %patchN. ==== chrony ==== Version update (4.4 -> 4.5) Subpackages: chrony-pool-openSUSE - Use %patch -P N instead of deprecated %patchN. - Update to version 4.5: * Add support for AES-GCM-SIV in GnuTLS * Add support for corrections from PTP transparent clocks * Add support for systemd socket activation * Fix presend in interleaved mode * Fix reloading of modified sources from sourcedir ==== clamav ==== Subpackages: libclamav9 libfreshclam2 - Use %patch -P N instead of deprecated %patchN. ==== cpio ==== Subpackages: cpio-mt - Use %autopatch instead of deprecated %patchN. ==== cronie ==== Subpackages: cron - Use %patch -P N instead of deprecated %patchN. ==== cups ==== Subpackages: cups-client cups-config libcups2 libcupsimage2 - Use %patch -P N instead of deprecated %patchN. ==== delayacct-utils ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== dhcp ==== Subpackages: dhcp-relay dhcp-server - Use %patch -P N instead of deprecated %patchN. ==== distribution-logos-openSUSE ==== Subpackages: distribution-logos-openSUSE-Aeon distribution-logos-openSUSE-Tumbleweed distribution-logos-openSUSE-icons - Add handling for Leap Micro 6.X and Leap 16.X ==== dmidecode ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== docbook-xsl ==== - Use %patch -P N instead of deprecated %patchN. ==== docbook_4 ==== - Use %patch -P N instead of deprecated %patchN. ==== dracut ==== Version update (059+suse.554.g6144bf71 -> 059+suse.557.g8a62bf73) - Update to version 059+suse.557.g8a62bf73: * fix(zfcp_rules): correct shellcheck regression when parsing ccw args (bsc#1220485) ==== drbd ==== Subpackages: drbd-kmp-default - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== drbd-utils ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== dump ==== - Use %patch -P N instead of deprecated %patchN. ==== emacs-jinx ==== Version update (1.2 -> 1.3) - Depend on emacs-devel to make sure Emacs packaging macros are installed when not building with emacs-eln - Update to version 1.3: * jinx-mode: hack-local-variables - ignore mode variables * README: List packages needed on OpenSUSE * Fix interaction bug with the newest version of AUCTeX, where the major mode got changed unexpectedly. * No need to use hashed symbol as argument for derived-mode-p * Fix deadlock on macOS during Jinx startup (Fix #91, #113) * Revert "Simplify rescheduling" * timer-activate-when-idle: Pass DONT-WAIT=t ==== file ==== Subpackages: file-magic libmagic1 - Prepare for RPM 4.20 ==== fltk ==== - Use %patch -P N instead of deprecated %patchN. ==== freecell-solver ==== Subpackages: freecell-solver-presets libfreecell-solver0 - Set CMAKE_INSTALL_DOCDIR to work around incompatible changes added to macros.cmake. ==== fwupd ==== Version update (1.9.13 -> 1.9.14) Subpackages: fwupd-bash-completion libfwupd2 typelib-1_0-Fwupd-2_0 - Update to version 1.9.14: * Correctly detect ARM32 and RISC-V UEFI binaries. * Correctly migrate the database schema from very old fwupd versions. * Fix DS-20 descriptors by opening the GUsbDevice earlier. * Fix updating the fingerprint reader on the Framework 13 and 16 laptop. * Fix warning when probing devices using the metadata allowlist. * Only recover the version format for specific devices. ==== gcc12 ==== - Use %patch -P N instead of deprecated %patchN. ==== gdb ==== - Use %patch -P N instead of deprecated %patchN. - Maintenance script qa.sh: * Add PR31214 kfail. * Add kfail for fails in gdb.reverse/solib-precsave.exp / gdb.reverse/solib-reverse.exp fixed by commit fe6356def67 ("PowerPC and aarch64: Fix reverse stepping failure"). * Extend PR31004 kfail. - Don't require %{python}-base for gdb-testresults package. - Fix debuginfod handling: * Enable for sle_version >= 150400 (bsc#1185605, jsc#PED-1149, jsc#PED-1138), SLE15-SP4 and later. * Enable for suse_version >= 1600, ALP and Tumbleweed. * Add back "BuildRequires: libdebuginfod1" to prevent selecting dummy variant. * Add "BuildRequires: debuginfod-client" to prevent unresolved due to conflict with dummy variant. * Add --with-debuginfod=yes to prevent silently dropping support. - Patches added (backport from master): * gdb-testsuite-add-missing-no-prompt-anchor-in-gdb.ba.patch * gdb-testsuite-remove-spurious-in-save_vars.patch ==== giflib ==== Version update (5.2.1 -> 5.2.2) - Update to version 5.2.2 * Fixes for CVE-2023-48161 (bsc#1217390), CVE-2022-28506 (bsc#1198880) * Address SF issue #138 Documentation for obsolete utilities still installed * Address SF issue #139: Typo in "LZW image data" page ("110_2 = 4_10") * Address SF issue #140: Typo in "LZW image data" page ("LWZ") * Address SF issue #141: Typo in "Bits and bytes" page ("filed") * Note as already fixed SF issue #143: cannot compile under mingw * Address SF issue #144: giflib-5.2.1 cannot be build on windows and other platforms using c89 * Address SF issue #145: Remove manual pages installation for binaries that are not installed too * Address SF issue #146: [PATCH] Limit installed man pages to binaries, move giflib to section 7 * Address SF issue #147 [PATCH] Fixes to doc/whatsinagif/ content * Address SF issue #148: heap Out of Bound Read in gif2rgb.c:298 DumpScreen2RGB * Declared no-info on SF issue #150: There is a denial of service vulnerability in GIFLIB 5.2.1 * Declared Won't-fix on SF issue 149: Out of source builds no longer possible * Address SF issue #151: A heap-buffer-overflow in gif2rgb.c:294:45 * Address SF issue #152: Fix some typos on the html documentation and man pages * Address SF issue #153: Fix segmentation faults due to non correct checking for args * Address SF issue #154: Recover the giffilter manual page * Address SF issue #155: Add gifsponge docs * Address SF issue #157: An OutofMemory-Exception or Memory Leak in gif2rgb * Address SF issue #158: There is a null pointer problem in gif2rgb * Address SF issue #159 A heap-buffer-overflow in GIFLIB5.2.1 DumpScreen2RGB() in gif2rgb.c:298:45 * Address SF issue #163: detected memory leaks in openbsd_reallocarray giflib/openbsd-reallocarray.c * Address SF issue #164: detected memory leaks in GifMakeMapObject giflib/gifalloc.c * Address SF issue #166: a read zero page leads segment fault in getarg.c and memory leaks in gif2rgb.c and gifmalloc.c * Address SF issue #167: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function at Line 321 of gif2rgb.c - Added patch: * giflib-5.2.2-no-imagemagick.patch + do not use ImageMagick to resize one gif file. It creates a build cycle. * 0001-Clean-up-memory-better-at-end-of-run-CVE-2021-40633.patch + upstream fix for CVE-2021-40633 (bsc#1200551) - Modified patches: * PIE.patch * reproducible.patch + rediff to changed context ==== git ==== Version update (2.43.2 -> 2.44.0) Subpackages: git-core git-email git-web perl-Git - update to 2.44.0: * "git checkout -B " now longer allows switching to a branch that is in use on another worktree. The users need to use "--ignore-other-worktrees" option. * Faster server-side rebases with git replay * Faster pack generation with multi-pack reuse * rebase auto-squashing now works in non-interactive mode * pathspec now understands attr, e.g. ':(attr:~binary) for selecting non-binaries, or builtin_objectmode for selecting items by file mode or other properties * Many other cli UI and internal improvements and extensions ==== gle ==== - Use SRPM base name for subpackages like -devel. - Delete old specfile constructs. - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN. ==== glyr ==== - Use %patch -P N instead of deprecated %patchN. ==== gnutls ==== Subpackages: libgnutls-dane0 libgnutls30 - Remove some if..endif that do not affect any result - Split documentation (some 1100 files) to separate subpackage ==== gpsd ==== - Use %patch -P N instead of deprecated %patchN. ==== greybird-geeko-theme ==== Subpackages: gtk2-metatheme-greybird-geeko gtk3-metatheme-greybird-geeko gtk4-metatheme-greybird-geeko metatheme-greybird-geeko-common - Use %patch -P N instead of deprecated %patchN. ==== gsl ==== Subpackages: libgsl27 libgslcblas0 - Use %patch -P N instead of deprecated %patchN. ==== guile ==== Subpackages: guile-modules-3_0 libguile-3_0-1 - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN. ==== icewm ==== Subpackages: icewm-config-upstream icewm-default icewm-lang icewm-lite - Use %patch -P N instead of deprecated %patchN. ==== icewm-theme-branding ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN - Add fix-web-browser-icon.patch: The Adwaita theme does not provide much legacy apps icon now, redirect icewm web-browser icon to the right place. See: https://gitlab.gnome.org/GNOME/adwaita-icon-theme/-/issues/163 https://gitlab.gnome.org/GNOME/adwaita-icon-theme/-/merge_requests/34/ ==== kplotting ==== Version update (5.114.0 -> 5.115.0) - Update to 5.115.0 * New feature release * For more details please see: * https://kde.org/announcements/frameworks/5/5.115.0 - No code change since 5.114.0 ==== libapparmor ==== - Fix systemd userdb access in unix-chkpwd ==== libgpg-error ==== Version update (1.47 -> 1.48) - Update to 1.48: * New configure option --with-libtool-modification. [T6619] * New option parser flag to detect commands given without a double dash. There is also the new meta command "command-mode" to set this flag via a config file. [T6978] * Added an es_fopen mode flag "sequential" with support on Windows. [rE7a42ff0ec9] * Added an es_fopen mode flag "wipe" to cleanup internal buffers at close time. [T6954] * New function gpgrt_wipememory. [T6964] * Improvements to setenv on Windows. [rE89e53ad90f] * Fixed call to estream-printf string filters. [T6737] * Many improvements to the yat2m tool. * Updates to the build system. * Interface changes relative to the 1.47 release: - ARGPARSE_FLAG_COMMAND NEW. - gpgrt_wipememory NEW. * Release-info: https://dev.gnupg.org/T6441 * Update upstream libgpg-error.keyring ==== libimobiledevice-glue ==== Version update (1.0.0+git3.20230513 -> 1.1.0+git0.20240222) - Update to version 1.1.0+git0.20240222: - Changes: * socket: Use poll() - when available - instead of select() * socket: Allow NULL as address for socket_create() and socket_connect() * win32: Remove windows.h from public headers * Add version function to interface - Bugfixes: * opack: Fixed 32bit buffer overflow * opack: Fix parsing of 32 and 64 bit packed values - Internal: * Move LIMD_GLUE_API definitions to public headers * socket: Conditionally compile using poll or select based on availability * socket: Fix select failing when the process has many file descriptors by using poll instead * win32: Fix external compilation using libimobiledevice-glue/thread.h ==== libixion ==== Version update (0.18.1 -> 0.19.0) - Update to 0.19.0: * C++ API * added support for renaming sheets after they have been created. * formula interpreter * added support for inline arrays. ==== libksba ==== Version update (1.6.5 -> 1.6.6) - Update to 1.6.6: * Fix a possible wrong error return from the DER builder. [T6992] * Release-info: https://dev.gnupg.org/T7009 * Update upstream libksba.keyring ==== liborcus ==== Version update (0.18.1 -> 0.19.2) - Update to orcus 0.19.2: * fixed a build issue with gcc 14 due to a missing include for std::find_if and std::for_each. * fixed a segmentation fault with the orcus-test-xml-mapped test which manifested on hppa hardware, as originally reported on https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054376. * fixed a crash when loading a document that includes a style record referencing an unnamed style record as its parent. In Excel-generated documents, styles only reference named styles as their parents. But in 3rd-party generated documents, styles referencing unnamed styles as their parents can occur. * fixed a crash when the document model returned a null pointer when a reference resolver interface was requested. - Update to orcus 0.19.1: * implemented orcus::create_filter() which instantiates a filter object of specified type. The returned object is of type orcus::iface::import_filter. * moved test cases for format detection to the respective filter test files. * fixed a bug where the import filter did not set the formula grammer prior to importing. - Update to orcus 0.19.0: * added support for allowing use of std::filesystem, std::experimental::filesystem or boost::filesystem per build configuration. * refactored styles import to use style indices returned by the document model implementer rather than using the indices stored in the file. This allows the implementer to aggregate some style records and re-use the same index for records that are stored as different records in the original file. * fixed a bug where column styles were not applied to the correct columns when the starting column index was not 0. * overhauled the Gnumeric import filter to fix many bugs and support many missing features relative to the other filters included in orcus. Most notable mentions are: * cell styles * rich-text strings * named ranges * row heights and column widths * merged cells * added partial support for Apache Parquet import filter. This is still heavily experimental. - Remove patches: * 0001-Possibility-to-build-against-a-host-of-filesystem-im.patch (upstreamed) * 0002-Allow-using-older-boost-filesystem.patch ==== libstorage-ng ==== Version update (4.5.191 -> 4.5.193) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#988 - allow more control of environment in SystemCmd class - 4.5.193 - merge gh#openSUSE/libstorage-ng#987 - fixed check in testsuite - 4.5.192 ==== libunistring ==== Version update (1.1 -> 1.2) - update to 1.2: * Support Unicode 15.1.0 * Improve UTF-8 decoder Unicode Standard compliance * The *printf functions no longer support the %n directive, for security reasons. * Fixed a bug in the *printf functions: In the %U, %lU, %llU directives, a negative width given as an argument did not trigger left-justification. * The functions u16_strstr and u32_strstr now operate in worst-case linear time. * Useful API function extensions ==== mokutil ==== - Use %patch -P N instead of deprecated %patchN. ==== mozilla-nss ==== Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs mozilla-nss-sysinit mozilla-nss-tools - Use %patch -P N instead of deprecated %patchN. ==== multipath-tools ==== Version update (0.9.8~1+82+suse.dcd98a3 -> 0.9.8+83+suse.bcae610) Subpackages: kpartx libmpath0 - Remove libmpathpersist-example-old.c, which has been obsolete since multipath-tools 0.8.6. - Update to version 0.9.8+83+suse.bcae610 (bsc#1220374) * multipath-tools: added NEWS.md ==== ncurses ==== Version update (6.4.20240210 -> 6.4.20240224) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20240217 + add vt100+noapp, vt100+noapp+pc, xterm+app+pc, xterm+decedit from xterm #389 -TD + fix inconsistent description of wmouse_trafo() (Debian #1059778). + modify wenclose() to handle pads (Debian #1059783). + improve manpage discussion of mouseinterval() (Debian #1058560). - Add ncurses patch 20240224 + improve man/curs_mouse.3x style (Brandon Robinson, Sven Joachim). + provide for CCHARW_MAX greater than 1 + eliminate use of PATH_MAX in lib_trace.c + work around misconfiguration of MacPorts gcc13, which exposes invalid definition of MB_LEN_MAX in gcc's fallback copy of limits.h (MacPorts [#69374]). ==== npth ==== Version update (1.6 -> 1.7) - Update to 1.7: * The npth-config command is not installed by default, because it is now replaced by use of pkg-config/gpgrt-config with npth.pc. Supply --enable-install-npth-config configure option, if needed. * Support for legacy systems w/o pthread_rwlock_t support. [T4306] * New functions npth_poll and npth_ppoll for Unix. [T5748] * Fixes to improve support for 64 bit Windows. * Fix declaration conflict using newer mingw versions. [T5889] * Fix build problems on Solaris 11. [T4491] * Fix detecting of the pthread library. [rPTH6629a4b801] * Clean up handling of unsafe semaphores on AIX. [T6947] * Link without -flat_namespace to support macOS 11. [T5610] * Release-info: https://dev.gnupg.org/T7010 * Update spec file * Update upstream npth.keyring ==== nvidia-open-driver-G06-signed ==== - let's provide/obsolete nvidia-open-driver-G06 instead of nvidia-open-driver-G06-kmp since older versions still had conflicts to nvidia-open-driver-G06-kmp ... ==== open-vm-tools ==== Subpackages: libvmtools0 open-vm-tools-desktop - Use %patch -P N instead of deprecated %patchN. ==== openssh ==== Version update (9.3p2 -> 9.6p1) Subpackages: openssh-clients openssh-common openssh-server - Update to openssh 9.6p1: = Security * ssh(1), sshd(8): implement protocol extensions to thwart the so-called "Terrapin attack" discovered by Fabian Bäumer, Marcus Brinkmann and Jörg Schwenk. This attack allows a MITM to effect a limited break of the integrity of the early encrypted SSH transport protocol by sending extra messages prior to the commencement of encryption, and deleting an equal number of consecutive messages immediately after encryption starts. A peer SSH client/server would not be able to detect that messages were deleted. * ssh-agent(1): when adding PKCS#11-hosted private keys while specifying destination constraints, if the PKCS#11 token returned multiple keys then only the first key had the constraints applied. Use of regular private keys, FIDO tokens and unconstrained keys are unaffected. * ssh(1): if an invalid user or hostname that contained shell metacharacters was passed to ssh(1), and a ProxyCommand, LocalCommand directive or "match exec" predicate referenced the user or hostname via %u, %h or similar expansion token, then an attacker who could supply arbitrary user/hostnames to ssh(1) could potentially perform command injection depending on what quoting was present in the user-supplied ssh_config(5) directive. = Potentially incompatible changes * ssh(1), sshd(8): the RFC4254 connection/channels protocol provides a TCP-like window mechanism that limits the amount of data that can be sent without acceptance from the peer. In cases where this limit was exceeded by a non-conforming peer SSH implementation, ssh(1)/sshd(8) previously discarded the extra data. From OpenSSH 9.6, ssh(1)/sshd(8) will now terminate the connection if a peer exceeds the window limit by more than a small grace factor. This change should have no effect of SSH implementations that follow the specification. = New features * ssh(1): add a %j token that expands to the configured ProxyJump hostname (or the empty string if this option is not being used) that can be used in a number of ssh_config(5) keywords. bz3610 * ssh(1): add ChannelTimeout support to the client, mirroring the same option in the server and allowing ssh(1) to terminate quiescent channels. * ssh(1), sshd(8), ssh-add(1), ssh-keygen(1): add support for reading ED25519 private keys in PEM PKCS8 format. Previously only the OpenSSH private key format was supported. * ssh(1), sshd(8): introduce a protocol extension to allow renegotiation of acceptable signature algorithms for public key authentication after the server has learned the username being used for authentication. This allows varying sshd_config(5) PubkeyAcceptedAlgorithms in a "Match user" block. * ssh-add(1), ssh-agent(1): add an agent protocol extension to allow specifying certificates when loading PKCS#11 keys. This allows the use of certificates backed by PKCS#11 private keys in all OpenSSH tools that support ssh-agent(1). Previously only ssh(1) supported this use-case. = Bugfixes * ssh(1): when deciding whether to enable the keystroke timing obfuscation, enable it only if a channel with a TTY is active. * ssh(1): switch mainloop from poll(3) to ppoll(3) and mask signals before checking flags set in signal handler. Avoids potential race condition between signaling ssh to exit and polling. bz3531 * ssh(1): when connecting to a destination with both the AddressFamily and CanonicalizeHostname directives in use, the AddressFamily directive could be ignored. bz5326 * sftp(1): correct handling of the limits@openssh.com option when the server returned an unexpected message. * A number of fixes to the PuTTY and Dropbear regress/integration tests. * ssh(1): release GSS OIDs only at end of authentication, avoiding unnecessary init/cleanup cycles. bz2982 * ssh_config(5): mention "none" is a valid argument to IdentityFile in the manual. bz3080 * scp(1): improved debugging for paths from the server rejected for not matching the client's glob(3) pattern in old SCP/RCP protocol mode. * ssh-agent(1): refuse signing operations on destination-constrained keys if a previous session-bind operation has failed. This may prevent a fail-open situation in future if a user uses a mismatched ssh(1) client and ssh-agent(1) where the client supports a key type that the agent does not support. - Update to openssh 9.5p1: = Potentially incompatible changes * ssh-keygen(1): generate Ed25519 keys by default. Ed25519 public keys are very convenient due to their small size. Ed25519 keys are specified in RFC 8709 and OpenSSH has supported them since version 6.5 (January 2014). * sshd(8): the Subsystem directive now accurately preserves quoting of subsystem commands and arguments. This may change behaviour for exotic configurations, but the most common subsystem configuration (sftp-server) is unlikely to be affected. = New features * ssh(1): add keystroke timing obfuscation to the client. This attempts to hide inter-keystroke timings by sending interactive traffic at fixed intervals (default: every 20ms) when there is only a small amount of data being sent. It also sends fake "chaff" keystrokes for a random interval after the last real keystroke. These are controlled by a new ssh_config ObscureKeystrokeTiming keyword. * ssh(1), sshd(8): Introduce a transport-level ping facility. This adds a pair of SSH transport protocol messages SSH2_MSG_PING/PONG to implement a ping capability. These messages use numbers in the "local extensions" number space and are advertised using a "ping@openssh.com" ext-info message with a string version number of "0". ... changelog too long, skipping 104 lines ... * openssh-8.0p1-gssapi-keyex.patch ==== openssh-askpass-gnome ==== Version update (9.3p2 -> 9.6p1) - Update to openssh 9.6p1: * No changes for askpass, see main package changelog for details. ==== openvpn ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== python-PyYAML ==== - Switch to pyproject and autosetup macros. - Drop patch setuptools.patch, we can now cope. ==== rubygem-airbrussh ==== Version update (1.5.0 -> 1.5.1) - 1.5.1: This is a gem housekeeping release. No user-facing changes. [#]# 🏠 Housekeeping - Add Ruby 3.3 to CI matrix (#154) @mattbrictson * *Full Changelog:** https://github.com/mattbrictson/airbrussh/compare/v1.5.0...v1.5.1 ==== rubygem-attr_required ==== Version update (1.0.1 -> 1.0.2) - New upstream release 1.0.2, no changelog found ==== rubygem-bootsnap ==== Version update (1.17.0 -> 1.17.1) - New upstream release 1.17.1, see bundled CHANGELOG.md ==== rubygem-childprocess ==== Version update (4.1.0 -> 5.0.0) - ### Version 5.0.0 / 2024-01-06 * [#175](https://github.com/enkessler/childprocess/pull/175): Replace all backends by `Process.spawn` for portability, reliability and simplicity. * [#185](https://github.com/enkessler/childprocess/pull/185): Add support for Ruby 3.x ==== rubygem-concurrent-ruby ==== Version update (1.2.2 -> 1.2.3) - ## Release v1.2.3 (16 Jan 2024) * See [the GitHub release](https://github.com/ruby-concurrency/concurrent-ruby/releases/tag/v1.2.3) for details. ==== rubygem-debase-ruby_core_source ==== Version update (3.2.3 -> 3.3.1) - ## [3.3.1](https://github.com/ruby-debug/debase-ruby_core_source/compare/3.3.0...3.3.1) * prism headers added for ruby-3.3.0 [#]# [3.3.0](https://github.com/ruby-debug/debase-ruby_core_source/compare/3.2.3...3.3.0) * ruby-3.3.0-preview3 sources removed * ruby-3.3.0 sources added ==== rubygem-debug_inspector ==== Version update (1.1.0 -> 1.2.0) - 1.2.0: [#]# What's Changed * Fix CI: MiniTest is no longer defined in minitest 5.20.0 by @eregon in https://github.com/banister/debug_inspector/pull/38 * Rename RubyVM::DebugInspector to DebugInspector and add support for truffleruby by @eregon in https://github.com/banister/debug_inspector/pull/37 * Add MIT license file. by @junaruga in https://github.com/banister/debug_inspector/pull/39 [#]# New Contributors * @eregon made their first contribution in https://github.com/banister/debug_inspector/pull/38 * *Full Changelog**: https://github.com/banister/debug_inspector/compare/v1.1.0...v1.2.0 ==== rubygem-domain_name ==== Version update (0.6.20231109 -> 0.6.20240107) - New upstream release 0.6.20240107, see bundled CHANGELOG.md ==== rubygem-excon ==== Version update (0.104.0 -> 0.109.0) - New upstream release 0.109.0, no changelog found ==== rubygem-fog-core ==== Version update (2.3.0 -> 2.4.0) - 2.4.0 01/03/2024 - fixes for caching/restoring collection attributes - add explicit CRUD methods to models, make returns more consistent - add filter_attributes method - allow cache loading with aliases - update rubocop config and apply styles/fixes - fix minitest compatibility - remove coveralls - fixes for method delegation for ruby 3.x - update ruby versions in test matrix ==== rubygem-google-protobuf ==== Version update (3.25.1 -> 3.25.2) - New upstream release 3.25.2, no changelog found ==== rubygem-googleapis-common-protos-types ==== Version update (1.10.0 -> 1.11.0) - ### 1.11.0 (2023-12-04) [#]### Features * Automated update of googleapis-common-protos-types ([#217](https://github.com/googleapis/common-protos-ruby/issues/217)) ==== rubygem-haml ==== Version update (6.2.3 -> 6.3.0) - ## 6.3.0 * Remove `Haml::RailsTemplate#default_format` that was added in v6.1.3 for Turbo [#1152](https://github.com/haml/haml/issues/1152), [#1154](https://github.com/haml/haml/issues/1154) ([discussion](https://github.com/haml/haml/pull/1144#issuecomment-1755088572)) * See [the reference](https://github.com/haml/haml/blob/v6.3.0/REFERENCE.md#turbo) for suggested alternatives. [#]# 6.2.5 * Deprecate `Haml::RailsTemplate#default_format` that was added in v6.1.3 for Turbo ([discussion](https://github.com/haml/haml/pull/1144#issuecomment-1755088572)) * See [the reference](https://github.com/haml/haml/blob/v6.2.5/REFERENCE.md#turbo) for suggested alternatives. [#]# 6.2.4 * Support case-in statement [#1155](https://github.com/haml/haml/issues/1155) ==== rubygem-hashdiff ==== Version update (1.0.1 -> 1.1.0) - ## v1.1.0 2020-02-25 * Add ignore_keys option (#86 @Matzfan) * Remove pinned version of rake < 11 * Bump rspec dep ~> 3.5 * Bump rubocop dep >= 1.52.1 * Bump rubocop-rspec dep > 1.16.0 ==== rubygem-hoe ==== Version update (4.1.0 -> 4.2.0) - New upstream release 4.2.0, see bundled History.rdoc ==== rubygem-importmap-rails ==== Version update (1.2.3 -> 2.0.1) - 2.0.1: [#]# What's Changed * Ensure update only runs when there are outdated packages by @dhh * *Full Changelog**: https://github.com/rails/importmap-rails/compare/v2.0.0...v2.0.1 2.0.0: [#]# What's Changed This major release includes two potentially backwards-incompatible changes: * The compatibility shim is no longer included, since [all major browsers now natively support import maps](https://caniuse.com/import-maps). But if you need to support old browsers, like Safari 15, Firefox 75, Chrome 88, you should continue using the 1.x series of this gem. * Preloading is now the default. So if you have pins that you intend to lazy load, you need to specifically call `preload: false` as part of the pin. All changes: * Drop the bundled shim by @dhh in https://github.com/rails/importmap-rails/pull/216 * Pinning should just always download by @dhh in https://github.com/rails/importmap-rails/pull/217 * Preload all by default by @dhh in https://github.com/rails/importmap-rails/pull/218 * Update Impoortmaps::Command#puts_table to be markdown compatible by @faqndo97 in https://github.com/rails/importmap-rails/pull/222 * bin/importmap update by @botandrose in https://github.com/rails/importmap-rails/pull/214 * *Full Changelog**: https://github.com/rails/importmap-rails/compare/v1.2.3...v2.0.0 ==== rubygem-json ==== Version update (2.6.3 -> 2.7.1) - 2.7.1: [#]# What's Changed [#]## Improved * [DOC] RDoc for additions by @BurdetteLamar in https://github.com/flori/json/pull/557 [#]## Fixed * JSON.dump: handle unenclosed hashes regression by @casperisfine in https://github.com/flori/json/pull/554 * Overload kwargs in JSON.dump by @k0kubun in https://github.com/flori/json/pull/556 * Fix JSON.dump overload combination by @tompng in https://github.com/flori/json/pull/558 [#]## Misc * Remove needless encodings by @hsbt in https://github.com/flori/json/pull/559 * Unify versions by @hsbt in https://github.com/flori/json/pull/560 [#]# New Contributors * @k0kubun made their first contribution in https://github.com/flori/json/pull/556 * @tompng made their first contribution in https://github.com/flori/json/pull/558 * *Full Changelog**: https://github.com/flori/json/compare/v2.7.0...v2.7.1 2.7.0: [#]# What's Changed [#]## Improved * Perf. improvements to Hash#to_json in pure implementation generator. by @vipulnsward in https://github.com/flori/json/pull/203 * Remove unnecessary initialization of create_id in JSON.parse() by @Watson1978 in https://github.com/flori/json/pull/454 [#]## Added * Call `super` in `included` hook by @paracycle in https://github.com/flori/json/pull/486 * Rename escape_slash in script_safe and also escape E+2028 and E+2029 by @casperisfine in https://github.com/flori/json/pull/525 * Add a `strict` option to Generator by @casperisfine in https://github.com/flori/json/pull/519 [#]## Fixed * Fix homepage url in gemspec by @unasuke in https://github.com/flori/json/pull/508 * Fix dead link to Ragel in README by @okuramasafumi in https://github.com/flori/json/pull/509 * [DOC] Fix yet another dead link to Ragel by @nobu in https://github.com/flori/json/pull/510 * Fix "unexpected token" offset for Infinity by @jhawthorn in https://github.com/flori/json/pull/507 * Use ruby_xfree to free buffers by @casperisfine in https://github.com/flori/json/pull/518 [#]## Compatibility changes * JRuby requires a minimum of Java 8 by @headius in https://github.com/flori/json/pull/516 * Rename JSON::ParseError to JSON:ParserError by @dalizard in https://github.com/flori/json/pull/530 * Removed code for Ruby 1.8 by @hsbt in https://github.com/flori/json/pull/540 * alias_method is private on Ruby 2.3 and 2.4 by @hsbt in https://github.com/flori/json/pull/541 * remove_method of Module is private at Ruby 2.3 and 2.4 by @hsbt in https://github.com/flori/json/pull/544 * [jruby] avoid using deprecated BigDecimal.new by @kares in https://github.com/flori/json/pull/546 * Always indent even if empty by @headius in https://github.com/flori/json/pull/517 [#]## Misc * Update CI matrix by @hsbt in https://github.com/flori/json/pull/521 * Add missing changelog entries for 1.8.5 and 1.8.6 by @r7kamura in https://github.com/flori/json/pull/520 * Actions workflow - Add new OS's, Ruby 3.1, Ruby master, Windows by @MSP-Greg in https://github.com/flori/json/pull/491 * Skip unsupported test on JRuby by @nobu in https://github.com/flori/json/pull/532 * Skip BigDecimal tests when it's missing to load by @hsbt in https://github.com/flori/json/pull/533 * Simplify by @nobu in https://github.com/flori/json/pull/531 * Load extension ('json/ext') consistently in test_ext by @aeroastro in https://github.com/flori/json/pull/536 * Use test-unit-ruby-core gem by @hsbt in https://github.com/flori/json/pull/539 * [CI] Add Windows mswin job by @MSP-Greg in https://github.com/flori/json/pull/545 * Exclude truffleruby-head from Actions by @hsbt in https://github.com/flori/json/pull/551 * tests/ractor_test.rb: make assert_separately available by @lucaskanashiro in https://github.com/flori/json/pull/506 * Added changes for 2.7.0 and restore entries to 2.6.3 and 2.6.2 by @hsbt in https://github.com/flori/json/pull/552 [#]# New Contributors * @unasuke made their first contribution in https://github.com/flori/json/pull/508 * @okuramasafumi made their first contribution in https://github.com/flori/json/pull/509 * @r7kamura made their first contribution in https://github.com/flori/json/pull/520 * @MSP-Greg made their first contribution in https://github.com/flori/json/pull/491 * @paracycle made their first contribution in https://github.com/flori/json/pull/486 * @dalizard made their first contribution in https://github.com/flori/json/pull/530 * @aeroastro made their first contribution in https://github.com/flori/json/pull/536 * @jhawthorn made their first contribution in https://github.com/flori/json/pull/507 * @lucaskanashiro made their first contribution in https://github.com/flori/json/pull/506 * @Watson1978 made their first contribution in https://github.com/flori/json/pull/454 * *Full Changelog**: https://github.com/flori/json/compare/v2.6.3...v2.7.0 ==== rubygem-json-jwt ==== Version update (1.16.3 -> 1.16.5) - New upstream release 1.16.5, see bundled CHANGELOG.md ==== rubygem-json_pure ==== Version update (2.6.3 -> 2.7.1) - 2.7.1: [#]# What's Changed [#]## Improved * [DOC] RDoc for additions by @BurdetteLamar in https://github.com/flori/json/pull/557 [#]## Fixed * JSON.dump: handle unenclosed hashes regression by @casperisfine in https://github.com/flori/json/pull/554 * Overload kwargs in JSON.dump by @k0kubun in https://github.com/flori/json/pull/556 * Fix JSON.dump overload combination by @tompng in https://github.com/flori/json/pull/558 [#]## Misc * Remove needless encodings by @hsbt in https://github.com/flori/json/pull/559 * Unify versions by @hsbt in https://github.com/flori/json/pull/560 [#]# New Contributors * @k0kubun made their first contribution in https://github.com/flori/json/pull/556 * @tompng made their first contribution in https://github.com/flori/json/pull/558 * *Full Changelog**: https://github.com/flori/json/compare/v2.7.0...v2.7.1 2.7.0: [#]# What's Changed [#]## Improved * Perf. improvements to Hash#to_json in pure implementation generator. by @vipulnsward in https://github.com/flori/json/pull/203 * Remove unnecessary initialization of create_id in JSON.parse() by @Watson1978 in https://github.com/flori/json/pull/454 [#]## Added * Call `super` in `included` hook by @paracycle in https://github.com/flori/json/pull/486 * Rename escape_slash in script_safe and also escape E+2028 and E+2029 by @casperisfine in https://github.com/flori/json/pull/525 * Add a `strict` option to Generator by @casperisfine in https://github.com/flori/json/pull/519 [#]## Fixed * Fix homepage url in gemspec by @unasuke in https://github.com/flori/json/pull/508 * Fix dead link to Ragel in README by @okuramasafumi in https://github.com/flori/json/pull/509 * [DOC] Fix yet another dead link to Ragel by @nobu in https://github.com/flori/json/pull/510 * Fix "unexpected token" offset for Infinity by @jhawthorn in https://github.com/flori/json/pull/507 * Use ruby_xfree to free buffers by @casperisfine in https://github.com/flori/json/pull/518 [#]## Compatibility changes * JRuby requires a minimum of Java 8 by @headius in https://github.com/flori/json/pull/516 * Rename JSON::ParseError to JSON:ParserError by @dalizard in https://github.com/flori/json/pull/530 * Removed code for Ruby 1.8 by @hsbt in https://github.com/flori/json/pull/540 * alias_method is private on Ruby 2.3 and 2.4 by @hsbt in https://github.com/flori/json/pull/541 * remove_method of Module is private at Ruby 2.3 and 2.4 by @hsbt in https://github.com/flori/json/pull/544 * [jruby] avoid using deprecated BigDecimal.new by @kares in https://github.com/flori/json/pull/546 * Always indent even if empty by @headius in https://github.com/flori/json/pull/517 [#]## Misc * Update CI matrix by @hsbt in https://github.com/flori/json/pull/521 * Add missing changelog entries for 1.8.5 and 1.8.6 by @r7kamura in https://github.com/flori/json/pull/520 * Actions workflow - Add new OS's, Ruby 3.1, Ruby master, Windows by @MSP-Greg in https://github.com/flori/json/pull/491 * Skip unsupported test on JRuby by @nobu in https://github.com/flori/json/pull/532 * Skip BigDecimal tests when it's missing to load by @hsbt in https://github.com/flori/json/pull/533 * Simplify by @nobu in https://github.com/flori/json/pull/531 * Load extension ('json/ext') consistently in test_ext by @aeroastro in https://github.com/flori/json/pull/536 * Use test-unit-ruby-core gem by @hsbt in https://github.com/flori/json/pull/539 * [CI] Add Windows mswin job by @MSP-Greg in https://github.com/flori/json/pull/545 * Exclude truffleruby-head from Actions by @hsbt in https://github.com/flori/json/pull/551 * tests/ractor_test.rb: make assert_separately available by @lucaskanashiro in https://github.com/flori/json/pull/506 * Added changes for 2.7.0 and restore entries to 2.6.3 and 2.6.2 by @hsbt in https://github.com/flori/json/pull/552 [#]# New Contributors * @unasuke made their first contribution in https://github.com/flori/json/pull/508 * @okuramasafumi made their first contribution in https://github.com/flori/json/pull/509 * @r7kamura made their first contribution in https://github.com/flori/json/pull/520 * @MSP-Greg made their first contribution in https://github.com/flori/json/pull/491 * @paracycle made their first contribution in https://github.com/flori/json/pull/486 * @dalizard made their first contribution in https://github.com/flori/json/pull/530 * @aeroastro made their first contribution in https://github.com/flori/json/pull/536 * @jhawthorn made their first contribution in https://github.com/flori/json/pull/507 * @lucaskanashiro made their first contribution in https://github.com/flori/json/pull/506 * @Watson1978 made their first contribution in https://github.com/flori/json/pull/454 * *Full Changelog**: https://github.com/flori/json/compare/v2.6.3...v2.7.0 ==== rubygem-mime-types ==== Version update (3.5.1 -> 3.5.2) - New upstream release 3.5.2, see bundled History.md ==== rubygem-mime-types-data ==== Version update (3.2023.1003 -> 3.2023.1205) - New upstream release 3.2023.1205, see bundled History.md ==== rubygem-net-ldap ==== Version update (0.18.0 -> 0.19.0) - New upstream release 0.19.0, see bundled History.rdoc ==== rubygem-net-ssh ==== Version update (7.2.0 -> 7.2.1) - === 7.2.1 rc1 * feat: allow load of certkey from string [#926] * fix: fix for Socket#recv returning nil on ruby 3.3.0 [#928] ==== rubygem-nio4r ==== Version update (2.6.1 -> 2.7.0) - ## 2.6.2 * Convert NIO objects to TypedData API. [#]# 2.6.1 * Don't update `io` which is subsequently stored. Retain the original. [#]# 2.6.0 * Fix conversion loses int precision. * Avoid direct access to IO internals. * Resolve issue loading both nio and nio4r gems. ==== rubygem-omniauth ==== Version update (2.1.1 -> 2.1.2) - New upstream release 2.1.2, no changelog found ==== rubygem-parallel ==== Version update (1.23.0 -> 1.24.0) - New upstream release 1.24.0, no changelog found ==== rubygem-parallel_tests ==== Version update (4.3.0 -> 4.4.0) - New upstream release 4.4.0, no changelog found ==== rubygem-passenger ==== Version update (6.0.18 -> 6.0.20) Subpackages: ruby3.3-rubygem-passenger rubygem-passenger-apache2 - New upstream release 6.0.20, see bundled CHANGELOG ==== rubygem-pdf-reader ==== Version update (2.11.0 -> 2.12.0) - v2.12.0 (26th December 2023) - Fix a sorbet method signature (http://github.com/yob/pdf-reader/pull/512) - Reduce allocations when parsing PDFs with hex strings (http://github.com/yob/pdf-reader/pull/528) - Fix text extraction of some rare unicode codepoints (http://github.com/yob/pdf-reader/pull/529) ==== rubygem-pg ==== Version update (1.4.5 -> 1.5.4) - New upstream release 1.5.4, see bundled History.md ==== rubygem-pry-doc ==== Version update (1.4.0 -> 1.5.0) - New upstream release 1.5.0, see bundled CHANGELOG.md ==== rubygem-public_suffix ==== Version update (5.0.3 -> 5.0.4) - ## 5.0.4 [#]## Changed - Reduced .gem file size (GH-259). [Thanks @ybiquitous] - Updated definitions. ==== rubygem-puma-5 ==== Version update (5.6.7 -> 5.6.8) - New upstream release 5.6.8, see bundled History.md ==== rubygem-puma ==== Version update (6.4.0 -> 6.4.2) - 6.4.1: * Bugfixes * DSL#warn_if_in_single_mode - fixup when workers set via CLI ([#3256]) * Fix `idle-timeout` not working in cluster mode ([#3235], [#3228], [#3282], [#3283]) * Fix worker 0 timing out during phased restart ([#3225], [#2786]) * context_builder.rb - require openssl if verify_mode != 'none' ([#3179]) * Make puma cluster process suitable as PID 1 ([#3255]) * Improve Puma::NullIO consistency with real IO ([#3276]) * extconf.rb - fixup to detect openssl info in Ruby build ([#3271], [#3266]) * MiniSSL.java - set serialVersionUID, fix RaiseException deprecation ([#3270]) * dsl.rb - fix warn_if_in_single_mode when WEB_CONCURRENCY is set ([#3265], [#3264]) * Maintenance * LOTS of test refactoring to make tests more stable and easier to write - thanks to @MSP-Greg! * Fix bug in tests re: TestPuma::HOST4 ([#3254]) * Dockerfile for minimal repros: use Ruby 3.2, expect bundler installed ([#3245]) * fix define_method calls, use Symbol parameter instead of String ([#3293]) * Docs * README.md - add the puma-acme plugin ([#3301]) * Remove `--keep-file-descriptors` flag from systemd docs ([#3248]) * Note symlink mechanism in restart documentation for hot restart ([#3298]) ==== rubygem-rack-2.2 ==== Version update (2.2.8 -> 2.2.8.1) - update to version 2.2.8.1 * Fixed ReDoS in Accept header parsing [CVE-2024-26146] * Fixed ReDoS in Content Type header parsing [CVE-2024-25126] * Reject Range headers which are too large [CVE-2024-26141] ==== rubygem-rack ==== Version update (3.0.8 -> 3.0.9.1) - version update to 3.0.9.1 * Fixed ReDoS in Accept header parsing [CVE-2024-26146][bsc#1220248] * Fixed ReDoS in Content Type header parsing [CVE-2024-25126][bsc#1220239] * Reject Range headers which are too large [CVE-2024-26141][bsc#1220242] * Fix content-length calcuation in Rack:Response#write #2150 ==== rubygem-rack-oauth2 ==== Version update (2.2.0 -> 2.2.1) - ## [2.2.0] - 2022-10-11 [#]## Changed - automatic json response decoding, and remove legacy token support by @nov in https://github.com/nov/rack-oauth2/pull/95 ==== rubygem-rack-protection ==== Version update (3.1.0 -> 4.0.0) - New upstream release 4.0.0, no changelog found ==== rubygem-rake-compiler ==== Version update (1.2.5 -> 1.2.6) - New upstream release 1.2.6, see bundled History.md ==== rubygem-regexp_parser ==== Version update (2.8.2 -> 2.9.0) - New upstream release 2.9.0, no changelog found ==== rubygem-rice ==== Version update (4.1.0 -> 4.2.1) - ## 4.2.1 * Support systems who use `#include ` over `#include`. See [#197](https://github.com/jasonroelofs/rice/issues/197) and [#201](https://github.com/jasonroelofs/rice/pull/201) [#]# 4.2 * Support Ruby 3.3.0. * Split Object.call to an explicit Object.call_kw for calling methods expecting keyword arguments. * Previously, if a wrapper used `keepAlive` on an argument or return value that was itself a Rice type, calling said method would segfault. We've now added an explicit exception to be thrown in this case, prevending the segfault and providing guidance on what was wrong and how to fix it. See [#193](https://github.com/jasonroelofs/rice/pull/193) and [#194](https://github.com/jasonroelofs/rice/pull/194) * Fix wrapping of std::shared_ptr to properly take default arguments into account. ==== rubygem-rspec-rails ==== Version update (6.1.0 -> 6.1.1) - New upstream release 6.1.1, see bundled Changelog.md ==== rubygem-ruby_parser ==== Version update (3.20.3 -> 3.21.0) - New upstream release 3.21.0, see bundled History.rdoc ==== rubygem-sexp_processor ==== Version update (4.17.0 -> 4.17.1) - New upstream release 4.17.1, see bundled History.rdoc ==== rubygem-slim ==== Version update (5.2.0 -> 5.2.1) - 5.2.1 (2024-01-20) * Support Ruby 3.3 * Update Gem metadata ==== rubygem-sshkit ==== Version update (1.21.6 -> 1.22.0) - New upstream release 1.22.0, see bundled CHANGELOG.md ==== rubygem-stimulus-rails ==== Version update (1.3.0 -> 1.3.3) - 1.3.3: [#]# What's Changed * Fix syntax error in stimulus_with_node.rb by @euxx in https://github.com/hotwired/stimulus-rails/pull/134 * *Full Changelog**: https://github.com/hotwired/stimulus-rails/compare/v1.3.2...v1.3.3 1.3.2: [#]# What's Changed * Support for dasherized controller filenames by @adrienpoly in https://github.com/hotwired/stimulus-rails/pull/126 * Describe the two options under stimulus:manifest so they can be found in a rails -T listing (closes #128) by @walterdavis in https://github.com/hotwired/stimulus-rails/pull/129 * Fix duplicate controllers in manifest on update by @nachiket87 in https://github.com/hotwired/stimulus-rails/pull/132 * Rely on import map-rails using preload by default by @dhh * Improve Bun support by @rubys in https://github.com/hotwired/stimulus-rails/pull/127 * *Full Changelog**: https://github.com/hotwired/stimulus-rails/compare/v1.3.0...v1.3.2 ==== rubygem-swd ==== Version update (2.0.2 -> 2.0.3) - ## [2.0.2] - 2022-10-09 [#]## Changed * convert Faraday::Error to SWD::Exception https://github.com/nov/SWD/commit/a5bacba3c0fe740b1e36be220980b29dc50de095 [#]## Fixed * SWD::Resource#to_response_object was needed for openid_connect gem https://github.com/nov/SWD/commit/c4d916d3cd8d4fe076bd27a64403d98dea9b00ef [#]# [2.0.1] - 2022-10-08 [#]## Fixed * typo https://github.com/nov/SWD/commit/3fd7a4fbe8fdf586824edc5d2b4222c43e7a9655 ==== rubygem-tzinfo-data ==== Version update (1.2023.3 -> 1.2023.4) - New upstream release 1.2023.4, no changelog found ==== rubygem-webfinger ==== Version update (2.1.2 -> 2.1.3) - ## [2.1.1] - 2022-10-09 [#]## Changed - convert Faraday::Error to WebFinger::Exception https://github.com/nov/webfinger/commit/a0d8da20f6ce819eea8c2d2c81bcc90d3f41df6f ==== salt ==== Subpackages: python3-salt salt-master salt-minion salt-transactional-update - Fix problematic tests and allow smooth tests executions on containers - Added: * fix-problematic-tests-and-allow-smooth-tests-executi.patch - Discover Ansible playbook files as "*.yml" or "*.yaml" files (bsc#1211888) - Added: * discover-both-.yml-and-.yaml-playbooks-bsc-1211888.patch - Extend dependencies for python3-salt-testsuite and python3-salt packages - Improve Salt and testsuite packages multibuild - Enable multibuilld and create test flavor - Additionally we require python-mock just for older Python versions. - Remove python-boto dependency for the python3-salt-testsuite package for Tumbleweed - Rename salt-tests to python3-salt-testsuite ==== sbl ==== - Use %patch -P N instead of deprecated %patchN. ==== sendmail ==== Subpackages: libmilter1_0 - Use %patch -P N instead of deprecated %patchN. ==== setserial ==== - Use %patch -P N instead of deprecated %patchN. ==== sha1collisiondetection ==== - Use %patch -P N instead of deprecated %patchN. ==== slang ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== sord ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== soundtouch ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== spamassassin ==== Subpackages: perl-Mail-SpamAssassin spamassassin-spamc - Use %patch -P N instead of deprecated %patchN. ==== speex ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== splix ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== spu-tools ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== susepaste ==== Subpackages: susepaste-screenshot - Use %patch -P N instead of deprecated %patchN. ==== switcheroo-control ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== syslogd ==== Subpackages: klogd syslog-service - Use %patch -P N instead of deprecated %patchN. ==== system-config-printer ==== Subpackages: python3-cupshelpers system-config-printer-applet system-config-printer-common system-config-printer-dbus-service udev-configure-printer - remove dependency on /usr/bin/python3 using %python3_fix_shebang_path macro, [bsc#1212476] ==== sysvinit ==== Subpackages: sysvinit-tools sysvinit-tools-doc - Use %patch -P N instead of deprecated %patchN. ==== thin-provisioning-tools ==== Version update (1.0.11 -> 1.0.12) - Update to version 1.0.12: * [thin_dump] Do not print error messages on BrokenPipe (EPIPE) * Bump version to 1.0.12 * [build] Update dependencies * [commands] Fix version string compatibility issue with LVM * [thin_dump] Do not print error messages on BrokenPipe (EPIPE) * [build] Update license to SPDX identifier ==== tigervnc ==== Subpackages: libXvnc1 xorg-x11-Xvnc xorg-x11-Xvnc-module - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [bsc#1212476] ==== transfig ==== - Use %patch -P N instead of deprecated %patchN ==== upower ==== Version update (1.90.2 -> 1.90.2+15) Subpackages: libupower-glib3 typelib-1_0-UpowerGlib-1_0 - Update to version 1.90.2+15: * Revert "ci: Update last ABI break" * Revert "build: Bump the library soname after recent changes" * Revert "all: Remove Lid handling" * Revert "lib: Remove deprecated up_client_get_devices()" * dbus: org.freedesktop.UPower: EnergyRate is a positive value * linux: Adjust test_bluetooth_le_device for dbusmock 0.30.1 * linux: stop assuming power supply of unknown type as battery * linux: drop f-literals without format string * linux: prefer is not None over != * build: make 'udevrulesdir' and 'udevhwdbdir' as Linux-only - Introduce _service obs_scm and obsinfo files for automated update service via: osc service mr ==== usbutils ==== - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [bsc#1212476] ==== virtiofsd ==== - Spec: We don't want /usr/libexec to be namespaced like it is with /usr/lib (bsc#1220304) ==== vlc ==== Subpackages: libvlc5 libvlccore9 vlc-codec-gstreamer vlc-lang vlc-noX vlc-qt vlc-vdpau - Add vlc-taglib-2.0.patch: Fix build against taglib 2.0 (based on upstream commit ec29dfca, d2663d6c, ac59d0ba, c404fdb2). - Use %patch -P N instead of deprecated %patchN. ==== xauth ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== xdm ==== Subpackages: xdm-xsession - Use %patch -P N instead of deprecated %patchN. ==== xf86-input-evdev ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== xf86-input-wacom ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== xf86-video-mga ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== xf86-video-nouveau ==== - Use %patch -P N instead of deprecated %patchN. ==== xf86-video-nv ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== xf86-video-vesa ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== xfsdump ==== - Use %patch -P N instead of deprecated %patchN. ==== xinetd ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== xinit ==== - Use %patch -P N instead of deprecated %patchN. - revert previous change; cpp is not needed for xinit, but only for xdm package - since xrdb no longer requires cpp, it needs to be reqired here now ==== xkeyboard-config ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== xmlsec1 ==== Subpackages: libxmlsec1-1 libxmlsec1-nss1 libxmlsec1-openssl1 - Use %patch -P N instead of deprecated %patchN. ==== xorg-x11-server ==== Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra - Use %patch -P N instead of deprecated %patchN. ==== xrandr ==== - Use %autosetup macro. Allows to eliminate the usage of deprecated PatchN. ==== yast2-trans ==== Version update (84.87.20240219.f6e4117fe0 -> 84.87.20240224.f7ab2886c1) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20240224.f7ab2886c1: * Translated using Weblate (Ukrainian) * Translated using Weblate (Ukrainian) * Translated using Weblate (Ukrainian) * Translated using Weblate (Catalan) * Translated using Weblate (Catalan) * Translated using Weblate (Catalan) * Translated using Weblate (Finnish) * Translated using Weblate (Finnish) * Translated using Weblate (Finnish) * Translated using Weblate (Finnish) * Translated using Weblate (Finnish) * Translated using Weblate (Finnish) * Translated using Weblate (Spanish) ==== zlib ==== Version update (1.3 -> 1.3.1) Subpackages: libminizip1 libz1 - Use %autopatch instead of %patch - Update to 1.3.1: * Reject overflows of zip header fields in minizip * Fix bug in inflateSync() for data held in bit buffer * Add LIT_MEM define to use more memory for a small deflate speedup * Fix decision on the emission of Zip64 end records in minizip * Add bounds checking to ERR_MSG() macro, used by zError() * Neutralize zip file traversal attacks in miniunz * Fix a bug in ZLIB_DEBUG compiles in check_match() - Update pacthes: * CVE-2023-45853.patch * zlib-1.3-IBM-Z-hw-accelerated-deflate-s390x.patch