Packages changed: MozillaFirefox (96.0.1 -> 96.0.2) alsa-ucm-conf alsa-utils bind (9.16.24 -> 9.16.25) codec2 (1.0.1 -> 1.0.3) iso-codes (4.8.0 -> 4.9.0) kconfigwidgets kdump (0.9.2 -> 1.0) kernel-firmware (20211123 -> 20220119) libchamplain libglvnd libnma (1.8.32 -> 1.8.34) python-async_timeout (4.0.1 -> 4.0.2) python-google-resumable-media (2.0.0 -> 2.1.0) python-s3fs (2021.7.0 -> 2021.11.1) python-tqdm samba (4.15.2+git.193.a4d6307f1fd -> 4.15.3+git.219.40cc1cd8591) virglrenderer virt-manager virtualbox (6.1.30 -> 6.1.32) virtualbox-kmp (6.1.30_k5.16.1_1 -> 6.1.32_k5.16.1_1) webkit2gtk3 (2.34.3 -> 2.34.4) webkit2gtk3-soup2 (2.34.3 -> 2.34.4) === Details === ==== MozillaFirefox ==== Version update (96.0.1 -> 96.0.2) Subpackages: MozillaFirefox-translations-common - Mozilla Firefox 96.0.2 * Fix an issue that caused tab height to display inconsistently on Linux when audio was played (bmo#1714276) * Fix an issue that caused Lastpass dropdowns to appear blank in Private Browsing mode (bmo#1748158) * Fix a crash encountered when resizing a Facebook app (bmo#1746084) ==== alsa-ucm-conf ==== - Fix regression for AMD ACP LED control: 0002-HDA-acp-avoid-to-create-Mic-ACP-LED-control-for-the-.patch ==== alsa-utils ==== - Fix alsamixer color config regression: 0001-alsamixer-Fix-regression-in-color-setup.patch ==== bind ==== Version update (9.16.24 -> 9.16.25) Subpackages: bind-doc bind-utils python3-bind - Upgrade to release 9.16.25 This upgrade fixes the following bugs: * Enforce enqueuing TCP resumeread to prevent the next read callback from being executed before the current read callback has finished, and the worker receive buffer has been marked as "freed". * Allow replacing expired zone signatures with signatures created by the KSK. * An assertion could occur if a catalog zone event was scheduled while the task manager was being shut down. * Defer detaching from zone->raw in zone_shutdown() if the zone is in the process of being dumped to disk, to ensure that the unsigned serial number information is always written in the raw-format header of the signed version on an inline-signed zone. * named could leak memory when two dnssec-policy clauses had the same name. named failed to log this error. * Add a missing isc_condition_destroy() for nmsocket condition variable and add missing isc_mutex_destroy() for nmworker lock. [bind-9.16.25.tar.xz, bind-9.16.25.tar.xz.sha512.asc] - Added /var/log to the ReadWritePaths as some log files are written there: * dump-file "/var/log/named_dump.db" * statistics-file "/var/log/named.stats" [bsc#1194721, vendor-files.tar.bz2] ==== codec2 ==== Version update (1.0.1 -> 1.0.3) - Update to version 1.0.3: * Internal changes only - Drop no longer needed patches: * moved-freedv_callback_rx_sym-into-internal-header.patch * codec2-no_return_random.patch - Disable unit tests as they were not run anyways and require octave ==== iso-codes ==== Version update (4.8.0 -> 4.9.0) Subpackages: iso-codes-lang - update to 4.9.0: * ISO 639-3: New translation for Friulian * ISO 639-5: New translations for Esperanto, Hindi, Russian * ISO 4217: New translation for Esperanto * Translation updates for ISO 3166-1 * Translation updates for ISO 3166-2 * Translation updates for ISO 639-2 * Translation updates for ISO 639-3 * Translation updates for ISO 639-5 ==== kconfigwidgets ==== Subpackages: libKF5ConfigWidgets5 libKF5ConfigWidgets5-lang - Add patch to fix deprecation-induced ABI mismatch (kde#448680): * 0001-Use-BUILD-deprecation-wrapper-for-virtual-method.patch ==== kdump ==== Version update (0.9.2 -> 1.0) - kdump-calibrate-Ignore-malformed-VMCOREINFO.patch: calibrate: Ignore malformed VMCOREINFO lines (address occasional OBS build failures). - Update to 1.0 * Estimate kdump memory requirements at build time (jsc#SLE-18441). - Remove patches that have been upstreamed: * kdump-0.9.2-mkdumprd-properly-pass-compression-params.patch ==== kernel-firmware ==== Version update (20211123 -> 20220119) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd - Update to version 20220119 (git commit 0c6a7b3bf728): * linux-firmware: Update firmware file for Intel Bluetooth 9260 * linux-firmware: Update firmware file for Intel Bluetooth 9462 * linux-firmware: Update firmware file for Intel Bluetooth 9462 * linux-firmware: Update firmware file for Intel Bluetooth 9560 * linux-firmware: Update firmware file for Intel Bluetooth 9560 * linux-firmware: Update firmware file for Intel Bluetooth AX201 * linux-firmware: Update firmware file for Intel Bluetooth AX201 * linux-firmware: Update firmware file for Intel Bluetooth AX211 * linux-firmware: Update firmware file for Intel Bluetooth AX211 * linux-firmware: Update firmware file for Intel Bluetooth AX210 * linux-firmware: Update firmware file for Intel Bluetooth 9560 * linux-firmware: Update firmware file for Intel Bluetooth AX200 * linux-firmware: Update firmware file for Intel Bluetooth AX201 * linux-firmware: update firmware for mediatek bluetooth chip(MT7921) * linux-firmware: update firmware for MT7921 WiFi device * Mellanox: Add new mlxsw_spectrum firmware xx.2010.1232 * linux-firmware: add marvell CPT firmware images * QCA: Add Bluetooth nvm file for WCN685x * QCA: Update Bluetooth WCN685x 2.1 firmware to 2.1.0-00324 * QCA: Update Bluetooth WCN685x 2.0 firmware to 2.0.0-00609 * i915: Add GuC v69.0.3 for all platforms - Add entry for rvu_cptpf - Update to version 20220111 (git commit 13dca280f760): * linux-firmware: update firmware for MT7915 * iwlwifi: add new FWs from core63-136 release * iwlwifi: add new FWs from core66-88 release * iwlwifi: update 9000-family firmwares to core66-88 * linux-firmware: add firmware for MT7916 * linux-firmware: Update firmware file for Intel Bluetooth 9462 * linux-firmware: Update firmware file for Intel Bluetooth 9462 * linux-firmware: Update firmware file for Intel Bluetooth 9560 * linux-firmware: Update firmware file for Intel Bluetooth 9560 * linux-firmware: Update firmware file for Intel Bluetooth AX201 * linux-firmware: Update firmware file for Intel Bluetooth AX201 * linux-firmware: Update firmware file for Intel Bluetooth AX211 * linux-firmware: Update firmware file for Intel Bluetooth AX211 * linux-firmware: Update firmware file for Intel Bluetooth AX210 * WHENCE: add missing symlink for NanoPi R1 * amdgpu: update yellow carp dmcub firmware * cxgb4: Update firmware to revision 1.26.6.0 - update aliases from 5.16 final - Update to version 20211229 (git commit 57d6b9507e28): * cnm: add chips&media wave521c firmware. * linux-firmware: update firmware for MT7921 WiFi device * linux-firmware: update firmware for mediatek bluetooth chip (MT7921) * rtw88: 8822c: Update normal firmware to v9.9.11 * QCA: Update Bluetooth WCN685x firmware to 2.1.0-00298 * amdgpu: update green sardine PSP firmware * bnx2x: Add FW 7.13.21.0 * linux-firmware: update frimware for mediatek bluetooth chip (MT7921) * linux-firmware: wilc1000: update WILC1000 firmware to v15.4.1 * rtl_bt: Update RTL8761B BT UART firmware to 0x0CA9_8A6B * rtl_bt: Update RTL8761B BT USB firmware to 0x09A9_8A6B * cxgb4: Update firmware to revision 1.26.4.0 * rtw89: 8852a: update fw to v0.13.33.0 * i915: Add DMC firmware v2.14 for ADL-P * QCA: Add Bluetooth default nvm file for WCN685x ==== libchamplain ==== Subpackages: libchamplain-0_12-0 typelib-1_0-Champlain-0_12 - Add 91a9e41fed6269637da52d5f88699782a940b198.patch: g-i: Annotate champlain_layer_set_view to allow NULL as view. ==== libglvnd ==== Subpackages: libglvnd-32bit - Re-enable asm on aarch64 - Add patch to fix run with BTI enabled on aarch64: * libglvnd-add-bti.patch - boo#1188928 ==== libnma ==== Version update (1.8.32 -> 1.8.34) Subpackages: libnma-lang libnma0 typelib-1_0-NMA-1_0 - Update to version 1.8.34: + Add possibility of building libnma-gtk4 library with experimental Gtk4 support. - Add pkgconfig(gtk4) BuildRequires and pass libnma_gtk4=true to meson, build the experimental Gtk4 support. - Following the above, package new sub-packages libnma-gtk4-0 and typelib-1_0-NMA4-1_0 and libnma-gtk4-devel. - Use ldconfig_scriptlets for post(un) handling. - Split out documentation files in own docs sub-package. ==== python-async_timeout ==== Version update (4.0.1 -> 4.0.2) - update to 4.0.2: * Fix annotations on __exit__ and __aexit__ * Use stdlib typing.final in Python 3.8+ ==== python-google-resumable-media ==== Version update (2.0.0 -> 2.1.0) - update to 2.1.0: * add support for Python 3.10 * Include ConnectionError and urllib3 exception as retriable ==== python-s3fs ==== Version update (2021.7.0 -> 2021.11.1) - Update to 2021.11.1 * deal with missing ETag (#557) * ClientPayloadError to retryable (#556) * pin aiobotocore (#555) - Release 2021.11.0 * move to fsspec org * doc tweaks (#546, 540) * redondant argument in _rm_versioned_bucket_contents (#439) * allow client_method in url/sign (POST, etc) (#536) * revert list_v2->head for info (#545) - Release 2021.10.1 * allow other methods than GET to url/sign (#536) - Release 2021.10.0 * No changes (just released to keep pin with fsspec) - Release 2021.09.0 * check for bucket also with get_bucket_location (#533) * update versioneer (#531) - Release 2021.08.1 * retry on IncompleteRead (#525) * fix isdir for missing bucket (#522) * raise for glob("*") (#5167) - Release 2021.08.0 * fix for aiobotocore update (#510) ==== python-tqdm ==== Subpackages: python-tqdm-bash-completion python38-tqdm - Ignore deprecation warnings from pytest-asycio for compatibility with 0.17 ==== samba ==== Version update (4.15.2+git.193.a4d6307f1fd -> 4.15.3+git.219.40cc1cd8591) Subpackages: libsamba-policy0-python3 samba-client samba-client-32bit samba-doc samba-gpupdate samba-ldb-ldap samba-libs samba-libs-python3 samba-python3 samba-winbind - Use pkgconfig(krb5) as dependency for the -devel package: allow OBS to pick the right flavor of krb5-devel (full vs mini). - Do not require the 'krb5' symbol by samba-client-libs: this package has an automatic dependency due to linkage on libgssapi_krb5.so.2. Automatic deps are always better. - Do not require the 'krb5' symbol from samba-libs: samba-libs requires samba-client-libs, which in turn requires krb5 libraries. Samba-libs itself has no need for krb5 (but get it indirectly anyway). - Reorganize libs packages. Split samba-libs into samba-client-libs, samba-libs, samba-winbind-libs and samba-ad-dc-libs, merging samba public libraries depending on internal samba libraries into these packages as there were dependency problems everytime one of these public libraries changed its version (bsc#1192684). The devel packages are merged into samba-devel. - Rename package samba-core-devel to samba-devel - Add python-rpm-macros to build requirements - Update the symlink create by samba-dsdb-modules to private samba ldb modules following libldb2 changes from /usr/lib64/ldb/samba to /usr/lib64/ldb2/modules/ldb/samba - Update to 4.15.3 * Recursive directory delete with veto files is broken in 4.15.0; (bso#14878); * A directory containing dangling symlinks cannot be deleted by SMB2 alone when they are the only entry in the directory; (bso#14879); * SIGSEGV in rmdir_internals/synthetic_pathref - dirfsp is used uninitialized in rmdir_internals(); (bso#14892); * MaxQueryDuration not honoured in Samba AD DC LDAP; (bso#14694); * The CVE-2020-25717 username map [script] advice has undesired side effects for the local nt token; (bso#14901); (bsc#1192849); * User with multiple spaces (eg FredNurk) become un-deletable; (bso#14902); * Avoid storing NTTIME_THAW (-2) as value on disk; (bso#14127); * smbXsrv_client_global record validation leads to crash if existing record points at non-existing process; (bso#14882); * Crash in vfs_fruit asking for fsp_get_io_fd() for an XATTR call; (bso#14890); * Samba process doesn't log to logfile; (bso#14897); * set_ea_dos_attribute() fallback calling get_file_handle_for_metadata() triggers locking.tdb assert; (bso#14907); * Kerberos authentication on standalone server in MIT realm broken; (bso#14922); * Segmentation fault when joining the domain; (bso#14923); * Support for ROLE_IPA_DC is incomplete; (bso#14903); * rpcclient cannot connect to ncacn_ip_tcp services anymore; (bso#14767); * winexe crashes since 4.15.0 after popt parsing; (bso#14893); * net ads status -P broken in a clustered environment; (bso#14908); * Memory leak if ioctl(FSCTL_VALIDATE_NEGOTIATE_INFO) fails before smbd_smb2_ioctl_send; (bso#14788); * winbindd doesn't start when "allow trusted domains" is off; (bso#14899); * smbclient login without password using '-N' fails with NT_STATUS_INVALID_PARAMETER on Samba AD DC; (bso#14883); * A schannel client incorrectly detects a downgrade connecting to an AES only server; (bso#14912); * Possible null pointer dereference in winbind; (bso#14921); * Fix -k legacy option for client tools like smbclient, rpcclient, net, etc.; (bso#14846); * Add Debian 11 CI bootstrap support; (bso#14872); * Crash in recycle_unlink_internal(); (bso#14888); - Fix dependency problem upgrading from libndr0 to libndr2 and from libsamba-credentials0 to libsamba-credentials1; (bsc#1192684); ==== virglrenderer ==== - Pick up the full upstream patch for bsc#1194601, so we know from where it comes * No functional change intended - security update - added patches fix CVE-2022-0175 [bsc#1194601], VUL-0: CVE-2022-0175: virglrenderer: Missing initialization of res->ptr + virglrenderer-CVE-2022-0175.patch ==== virt-manager ==== Subpackages: virt-install virt-manager-common - bsc#1194323 - [jsc#SLE-19237][virt-manager] Detected the wrong win2k22 guest system version from the local install media virtinst-windows-server-detection.patch - Upstream bug fixes (bsc#1027942) 8bb64ad5-console-Dont-block-console-reconnect-for-non-error.patch Drop virtman-init-viewer-on-reboot.patch ==== virtualbox ==== Version update (6.1.30 -> 6.1.32) Subpackages: virtualbox-guest-tools virtualbox-guest-x11 - Version bump to 6.1.32 (released January 18 2022 by Oracle) This is a maintenance release. The following items were fixed and/or added: Fix for CVE-2022-21394 (boo#1194924) VMM: Changed the guest RAM management when using Hyper-V to be more compatible with HVCI (bug #20627 and #20694) VMM: Workaround for OS/2 guest unstability on newer AMD CPUs due to a missing TLB flush in OS/2 (bug #20625) GUI: Fixed keyboard focus loss in rare circumstances when using the mini toolbar in fullscreen mode Audio: Fixed accidental creation of empty debug log file when the OSS audio backend was configured E1000: Fix link status reporting for certain Linux kernels (some Oracle Linux ones, probably more) Unattended installation: Fixed regression introduced in 6.1.28, causing partitioning failure for Windows XP to 10 (bug #20769) Linux host: Fix access to some USB devices, device class was not correctly handled (bug #20721) Guest: Fixed wrong mouse position if guest is in text mode Guest Control: Fixed folders copying from host to guest and from guest to host Guest Control: Fixes for UNICODE handling Shared Clipboard: Improved HTML content exchange between X11 and Windows guests and hosts OS/2 Additions: Fixed some issues with extended attributes in the shared folders (bug #19453) File "vboxclient-clipboard.service" was removed while the shared clipboard problem with Wayland is further investigated. - Add libnotify-tools to build requirements for virtualbox-guest-x11 (boo#1194128) Add service to start shared clipboard in Wayland sessions (boo#1194126). File "vboxclient-clipboard.service" is added. Thanks to Andrei Borzenkov for providing this file. ==== virtualbox-kmp ==== Version update (6.1.30_k5.16.1_1 -> 6.1.32_k5.16.1_1) - Version bump to 6.1.32 (released January 18 2022 by Oracle) This is a maintenance release. The following items were fixed and/or added: Fix for CVE-2022-21394 (boo#1194924) VMM: Changed the guest RAM management when using Hyper-V to be more compatible with HVCI (bug #20627 and #20694) VMM: Workaround for OS/2 guest unstability on newer AMD CPUs due to a missing TLB flush in OS/2 (bug #20625) GUI: Fixed keyboard focus loss in rare circumstances when using the mini toolbar in fullscreen mode Audio: Fixed accidental creation of empty debug log file when the OSS audio backend was configured E1000: Fix link status reporting for certain Linux kernels (some Oracle Linux ones, probably more) Unattended installation: Fixed regression introduced in 6.1.28, causing partitioning failure for Windows XP to 10 (bug #20769) Linux host: Fix access to some USB devices, device class was not correctly handled (bug #20721) Guest: Fixed wrong mouse position if guest is in text mode Guest Control: Fixed folders copying from host to guest and from guest to host Guest Control: Fixes for UNICODE handling Shared Clipboard: Improved HTML content exchange between X11 and Windows guests and hosts OS/2 Additions: Fixed some issues with extended attributes in the shared folders (bug #19453) File "vboxclient-clipboard.service" was removed while the shared clipboard problem with Wayland is further investigated. - Add libnotify-tools to build requirements for virtualbox-guest-x11 (boo#1194128) Add service to start shared clipboard in Wayland sessions (boo#1194126). File "vboxclient-clipboard.service" is added. Thanks to Andrei Borzenkov for providing this file. ==== webkit2gtk3 ==== Version update (2.34.3 -> 2.34.4) Subpackages: WebKit2GTK-4.1-lang libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Update to version 2.34.4: + Fix several crashes and rendering issues. + This release fixes numerous security issues, including an especially severe issue that allowed websites to read the names of IndexedDB databases created by other websites. - Update _constraints, needs more disk space to build. ==== webkit2gtk3-soup2 ==== Version update (2.34.3 -> 2.34.4) Subpackages: WebKit2GTK-4.0-lang libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 typelib-1_0-JavaScriptCore-4_0 typelib-1_0-WebKit2-4_0 webkit2gtk-4_0-injected-bundles - Update to version 2.34.4: + Fix several crashes and rendering issues. + This release fixes numerous security issues, including an especially severe issue that allowed websites to read the names of IndexedDB databases created by other websites. - Update _constraints, needs more disk space to build.