Packages changed: MozillaFirefox NetworkManager (1.42.2 -> 1.42.4) NetworkManager-pptp (1.2.10 -> 1.2.12) apache2 (2.4.55 -> 2.4.56) apache2-manual (2.4.55 -> 2.4.56) apache2-prefork (2.4.55 -> 2.4.56) apache2-utils (2.4.55 -> 2.4.56) babl boost-base boost-extra ceph (16.2.11.58+g38d6afd3b78 -> 16.2.11.62+gce6291a3463) drbd emacs freetype2 (2.12.1 -> 2.13.0) fwupd (1.8.9 -> 1.8.12) gtk4 ibus (1.5.27 -> 1.5.28) ibus_gtk4 (1.5.27 -> 1.5.28) libmng libnettle libnftnl (1.2.4 -> 1.2.5) libqt5-qtwebengine (5.15.12 -> 5.15.13) libreoffice (7.4.4.2 -> 7.5.1.2) libstorage-ng (4.5.76 -> 4.5.82) libtommath messagelib patterns-kde perl-CGI (4.55 -> 4.56) perl-libwww-perl (6.67 -> 6.68) pipewire (0.3.65 -> 0.3.66) python-base qemu re2 subversion sudo (1.9.13p2 -> 1.9.13p3) transactional-update (4.1.3 -> 4.1.4) xen yast2-ruby-bindings (4.6.0 -> 4.6.1) === Details === ==== MozillaFirefox ==== Subpackages: MozillaFirefox-translations-common - Cherry-pick upstream changes for GCC 13 in gcc13-fix.patch. ==== NetworkManager ==== Version update (1.42.2 -> 1.42.4) Subpackages: NetworkManager-bluetooth NetworkManager-lang NetworkManager-pppoe NetworkManager-tui NetworkManager-wwan libnm0 typelib-1_0-NM-1_0 - Update to version 1.42.4: + Fix a possible crash when [global-dns] is used and improve the documentation. + Documentation improvements. ==== NetworkManager-pptp ==== Version update (1.2.10 -> 1.2.12) Subpackages: NetworkManager-pptp-gnome NetworkManager-pptp-lang - Update to version 1.2.12: + Dropped the libnm-glib support (obsolete since 2014). + Add support for building with upcoming pppd version (2.5.0). + Improvement to the build & test system. + Updated translations. ==== apache2 ==== Version update (2.4.55 -> 2.4.56) - This update fixes the following security issues: * CVE-2023-27522 [bsc#1209049]: mod_proxy_uwsgi HTTP response splitting * CVE-2023-25690 [bsc#1209047]: HTTP request splitting with mod_rewrite and mod_proxy - Update to 2.4.56: * ) rotatelogs: Add -T flag to allow subsequent rotated logfiles to be truncated without the initial logfile being truncated. [Eric Covener] * ) mod_ldap: LDAPConnectionPoolTTL should accept negative values in order to allow connections of any age to be reused. Up to now, a negative value was handled as an error when parsing the configuration file. PR 66421. [nailyk , Christophe Jaillet] * ) mod_proxy_ajp: Report an error if the AJP backend sends an invalid number of headers. [Ruediger Pluem] * ) mod_md: - Enabling ED25519 support and certificate transparency information when building with libressl v3.5.0 and newer. Thanks to Giovanni Bechis. - MDChallengeDns01 can now be configured for individual domains. Thanks to Jérôme Billiras (@bilhackmac) for the initial PR. - Fixed a bug found by Jérôme Billiras (@bilhackmac) that caused the challenge teardown not being invoked as it should. [Stefan Eissing] * ) mod_http2: client resets of HTTP/2 streams led to unwanted 500 errors reported in access logs and error documents. The processing of the reset was correct, only unneccesary reporting was caused. [Stefan Eissing] * ) mod_proxy_uwsgi: Stricter backend HTTP response parsing/validation. [Yann Ylavic] ==== apache2-manual ==== Version update (2.4.55 -> 2.4.56) - This update fixes the following security issues: * CVE-2023-27522 [bsc#1209049]: mod_proxy_uwsgi HTTP response splitting * CVE-2023-25690 [bsc#1209047]: HTTP request splitting with mod_rewrite and mod_proxy - Update to 2.4.56: * ) rotatelogs: Add -T flag to allow subsequent rotated logfiles to be truncated without the initial logfile being truncated. [Eric Covener] * ) mod_ldap: LDAPConnectionPoolTTL should accept negative values in order to allow connections of any age to be reused. Up to now, a negative value was handled as an error when parsing the configuration file. PR 66421. [nailyk , Christophe Jaillet] * ) mod_proxy_ajp: Report an error if the AJP backend sends an invalid number of headers. [Ruediger Pluem] * ) mod_md: - Enabling ED25519 support and certificate transparency information when building with libressl v3.5.0 and newer. Thanks to Giovanni Bechis. - MDChallengeDns01 can now be configured for individual domains. Thanks to Jérôme Billiras (@bilhackmac) for the initial PR. - Fixed a bug found by Jérôme Billiras (@bilhackmac) that caused the challenge teardown not being invoked as it should. [Stefan Eissing] * ) mod_http2: client resets of HTTP/2 streams led to unwanted 500 errors reported in access logs and error documents. The processing of the reset was correct, only unneccesary reporting was caused. [Stefan Eissing] * ) mod_proxy_uwsgi: Stricter backend HTTP response parsing/validation. [Yann Ylavic] ==== apache2-prefork ==== Version update (2.4.55 -> 2.4.56) - This update fixes the following security issues: * CVE-2023-27522 [bsc#1209049]: mod_proxy_uwsgi HTTP response splitting * CVE-2023-25690 [bsc#1209047]: HTTP request splitting with mod_rewrite and mod_proxy - Update to 2.4.56: * ) rotatelogs: Add -T flag to allow subsequent rotated logfiles to be truncated without the initial logfile being truncated. [Eric Covener] * ) mod_ldap: LDAPConnectionPoolTTL should accept negative values in order to allow connections of any age to be reused. Up to now, a negative value was handled as an error when parsing the configuration file. PR 66421. [nailyk , Christophe Jaillet] * ) mod_proxy_ajp: Report an error if the AJP backend sends an invalid number of headers. [Ruediger Pluem] * ) mod_md: - Enabling ED25519 support and certificate transparency information when building with libressl v3.5.0 and newer. Thanks to Giovanni Bechis. - MDChallengeDns01 can now be configured for individual domains. Thanks to Jérôme Billiras (@bilhackmac) for the initial PR. - Fixed a bug found by Jérôme Billiras (@bilhackmac) that caused the challenge teardown not being invoked as it should. [Stefan Eissing] * ) mod_http2: client resets of HTTP/2 streams led to unwanted 500 errors reported in access logs and error documents. The processing of the reset was correct, only unneccesary reporting was caused. [Stefan Eissing] * ) mod_proxy_uwsgi: Stricter backend HTTP response parsing/validation. [Yann Ylavic] ==== apache2-utils ==== Version update (2.4.55 -> 2.4.56) - This update fixes the following security issues: * CVE-2023-27522 [bsc#1209049]: mod_proxy_uwsgi HTTP response splitting * CVE-2023-25690 [bsc#1209047]: HTTP request splitting with mod_rewrite and mod_proxy - Update to 2.4.56: * ) rotatelogs: Add -T flag to allow subsequent rotated logfiles to be truncated without the initial logfile being truncated. [Eric Covener] * ) mod_ldap: LDAPConnectionPoolTTL should accept negative values in order to allow connections of any age to be reused. Up to now, a negative value was handled as an error when parsing the configuration file. PR 66421. [nailyk , Christophe Jaillet] * ) mod_proxy_ajp: Report an error if the AJP backend sends an invalid number of headers. [Ruediger Pluem] * ) mod_md: - Enabling ED25519 support and certificate transparency information when building with libressl v3.5.0 and newer. Thanks to Giovanni Bechis. - MDChallengeDns01 can now be configured for individual domains. Thanks to Jérôme Billiras (@bilhackmac) for the initial PR. - Fixed a bug found by Jérôme Billiras (@bilhackmac) that caused the challenge teardown not being invoked as it should. [Stefan Eissing] * ) mod_http2: client resets of HTTP/2 streams led to unwanted 500 errors reported in access logs and error documents. The processing of the reset was correct, only unneccesary reporting was caused. [Stefan Eissing] * ) mod_proxy_uwsgi: Stricter backend HTTP response parsing/validation. [Yann Ylavic] ==== babl ==== - Build AVX2 enabled hwcaps library for x86_64-v3 ==== boost-base ==== Subpackages: boost-license1_81_0 libboost_date_time1_81_0 libboost_filesystem1_81_0 libboost_iostreams1_81_0 libboost_locale1_81_0 libboost_program_options1_81_0 libboost_thread1_81_0 - Build AVX2 enabled hwcaps library for x86_64-v3 ==== boost-extra ==== - Build AVX2 enabled hwcaps library for x86_64-v3 ==== ceph ==== Version update (16.2.11.58+g38d6afd3b78 -> 16.2.11.62+gce6291a3463) Subpackages: librados2 librbd1 - Update to 16.2.11-62-gce6291a3463: + (bsc#1201088) fix FTBFS on gcc 13 ==== drbd ==== - drbd: fix build error against kernel v6.2.1 (bsc#1209168) * update patch + bsc-1206791-05-prandom_u32_max.patch ==== emacs ==== Subpackages: emacs-el emacs-eln emacs-info emacs-nox emacs-x11 etags - Add patch d3209119.patch boo#1209089,CVE-2023-27985: Fix shell command injection in emacsclient-mail.desktop - Add patch 3c1693d0.patch boo#1209090,CVE-2023-27986: Fix Emacs Lisp code injection in emacsclient-mail.desktop ==== freetype2 ==== Version update (2.12.1 -> 2.13.0) Subpackages: libfreetype6 libfreetype6-32bit - update to 2.13.0: * The 'COLR' v1 API is now considered as stable. https://learn.microsoft.com/en-us/typography/opentype/spec/colr * For OpenType Variable Fonts, `avar` table format 2.0 is now supported. The code was contributed by Behdad Esfahbod. Note that this is an extension supported on recent Apple platforms and by HarfBuzz, but not yet in the OpenType standard! See https://github.com/harfbuzz/boring-expansion-spec/blob/main/avar2.md for the specification. To deactivate it, define the configuration macro 'TT_CONFIG_OPTION_NO_BORING_EXPANSION'. * A new API `FT_GlyphSlot_Slant` to slant a glyph by a given angle has been added. Note that this function is part of `ftsynth.h`, which is still considered to be in alpha stage. * TrueType interpreter version 38 (also known as 'Infinality') that was first introduced about 10 years ago in FreeType 2.4.11 is now deprecated and slated to be removed in the next version. TrueType interpreter version 40 has been FreeType's default version for six years now and provides an excellent alternative. This is the last FreeType version with TT_INTERPRETER_VERSION_38 and TT_INTERPRETER_VERSION_40 treated differently. * The only referenced but never documented configuration macro `FT_CONFIG_OPTION_NO_GLYPH_NAMES` has been removed. * To avoid reserved identifiers that are globally defined, the auto-hinter debugging macros (which are only available if `FT_DEBUG_AUTOFIT` is defined) ``` _af_debug_disable_horz_hints _af_debug_disable_vert_hints _af_debug_disable_blue_hints _af_debug_hints ``` have been renamed to ``` af_debug_disable_horz_hints_ af_debug_disable_vert_hints_ af_debug_disable_blue_hints_ af_debug_hints_ ``` ==== fwupd ==== Version update (1.8.9 -> 1.8.12) Subpackages: fwupd-bash-completion fwupd-lang libfwupd2 typelib-1_0-Fwupd-2_0 - Introduce docs flag, set to 0: do not build documentation using pandoc: ghc is not part of the rings and we don't want this there. - Update to version 1.8.12: + Allow setting the package user agent before the client has connected. + Fix a small memory leak when refreshing metadata. - Changes from version 1.8.11: + Add support for replaying USB devices so they can be emulated in CI. + Allow desktop software to inhibit the system to prevent updates. + Allow using requirements with depth=0 and no parent. + Auto-set the CCGX remove-delay now we parse DMC subcomponents. + Detect and warn users with the broken NVMe firmware 3B2QGXA7. + Print errors as JSON objects when using fwupdmgr --json. - Changes from version 1.8.10: + Add a PE/COFF firmware parser to allow reading coSWID SBoM data. + Allow dumping CFI SPI chips using devices like CH341a. + Refactor the HWIDs functionality to include FDT data. - Rebase fwupd-bsc1130056-change-shim-path.patch. - Drop uefi-capsule-Do-not-call-grub2-probe-without-argumen.patch: fixed upstream. - Add -Dcompat_cli=true meson parameter: keep compat binaries for the time being. - Add xz-devel BuildRequires: needed to link liblzma. ==== gtk4 ==== Subpackages: gtk4-lang gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0 - Add 3e3158ce12741b58ce53f132b48f26438094886d.patch: widget: Use the correct template in dispose_template(). Fixes crashes in various apps. - Refresh patches with quilt. - Add 0001-combobox-Avoid-extra-queue_resize.patch: Fix combobox not showing (bsc#1209043 glgo#GNOME/gtk!5608). ==== ibus ==== Version update (1.5.27 -> 1.5.28) Subpackages: ibus-dict-emoji ibus-gtk ibus-gtk-32bit ibus-gtk3 ibus-lang libibus-1_0-5 libibus-1_0-5-32bit typelib-1_0-IBus-1_0 - Update version to 1.5.28 * Implement new process_key_event for ibus-x11 * Convert internal EN compose table to GResource * Enhance surrounding text * Enhance CI * Update ibusunicodegen.h with Unicode 15.0.0 * Update simple.xml with xkeyboard-config 2.38-1 * Fix SEGVs ==== ibus_gtk4 ==== Version update (1.5.27 -> 1.5.28) - Update version to 1.5.28 * Implement new process_key_event for ibus-x11 * Convert internal EN compose table to GResource * Enhance surrounding text * Enhance CI * Update ibusunicodegen.h with Unicode 15.0.0 * Update simple.xml with xkeyboard-config 2.38-1 * Fix SEGVs ==== libmng ==== - Build AVX2 enabled hwcaps library for x86_64-v3 - Modernise spec file ==== libnettle ==== Subpackages: libhogweed6 libhogweed6-32bit libnettle8 libnettle8-32bit - Build AVX2 enabled hwcaps library for x86_64-v3 ==== libnftnl ==== Version update (1.2.4 -> 1.2.5) - Update to release 1.2.5 * expr: add inner support ==== libqt5-qtwebengine ==== Version update (5.15.12 -> 5.15.13) - Update to version 5.15.13: * Force to disable IPC logging * Move out GetInProcessGpuShareGroup form content browser client * Fix probabilistic signature scheme * Bump version to 5.15.13 * Recreate response head objects on multiple redirect * Add checksum to mailbox name in Release build too * Drop dependency on content/public/browser in content gpu * FIXUP: Mark Node::opcode() and Operator::opcode() as constexpr * [Backport] Add missing include for std::begin and std::end in SkParseColor.cpp * [Backport] CVE-2022-4179: Use after free in Audio * [Backport] CVE-2022-4437: Use after free in Mojo IPC * [Backport] CVE-2022-4438: Use after free in Blink Frames * [Backport] CVE-2023-0129: Heap buffer overflow in Network Service * [Backport] CVE-2023-0472: Use after free in WebRTC * [Backport] CVE-2023-0698: Out of bounds read in WebRTC * [Backport] CVE-2023-0931: Use after free in Video * [Backport] CVE-2023-0933: Integer overflow in PDF * [Backport] Disable ABSL_HAVE_STD_IS_TRIVIALLY_ASSIGNABLE for clang-cl * [Backport] Fix more clang deprecated builtins * [Backport] Map the absl::is_trivially_* functions to their std impl * [Backport] Mark Node::opcode() and Operator::opcode() as constexpr * [Backport] Security bug 1393384 * [Backport] Security bug 1394382 * [Backport] Security bug 1399424 * [Backport] Security bug 1406115 * [Backport][Windows] Remove unused sidestep intercepts - Update 0001-skia-Some-includes-to-fix-build-with-GCC-12.patch - Use gcc12 for openSUSE:Factory as workaround for boo#1207469. ==== libreoffice ==== Version update (7.4.4.2 -> 7.5.1.2) Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-en_GB libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-pt_BR libreoffice-l10n-ru libreoffice-l10n-zh_CN libreoffice-l10n-zh_TW libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit - Update to 7.5.1.2: https://wiki.documentfoundation.org/ReleaseNotes/7.5 https://wiki.documentfoundation.org/Releases/7.5.1/RC2 https://wiki.documentfoundation.org/Releases/7.5.1/RC1 https://wiki.documentfoundation.org/Releases/7.5.0/RC3 https://wiki.documentfoundation.org/Releases/7.5.0/RC2 https://wiki.documentfoundation.org/Releases/7.5.0/RC1 - Add fix-sdk-idl.patch - Update bundled dependencies: * pdfium-5058.tar.bz2 -> pdfium-5408.tar.bz2 - Refreshed patches: * fix_math_desktop_file.patch * use-fixmath-shared-library.patch - Removed patches: * Remove_dependency_on_BitArray_h.patch * boost-181.patch * bsc1204825.patch * bsc1205866.patch * libreoffice-7.4.1.2-grep.patch * riscv64-support.patch ==== libstorage-ng ==== Version update (4.5.76 -> 4.5.82) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - Translated using Weblate (Czech) (bsc#1149754) - 4.5.82 - Translated using Weblate (Catalan) (bsc#1149754) - 4.5.81 - Translated using Weblate (Slovak) (bsc#1149754) - 4.5.80 - Translated using Weblate (Dutch) (bsc#1149754) - 4.5.79 - Translated using Weblate (Japanese) (bsc#1149754) - Translated using Weblate (French) (bsc#1149754) - merge gh#openSUSE/libstorage-ng#916 - updated bindings - extended integration tests - update pot and po files - 4.5.78 - merge gh#openSUSE/libstorage-ng#915 - rename source files with actions - expose some functions of action classes in API - extended commit callbacks to include pointer to action - 4.5.77 ==== libtommath ==== - Build AVX2 enabled hwcaps library for x86_64-v3 ==== messagelib ==== Subpackages: messagelib-lang - Add patch to fix encoding of replies (kde#447297, kde#443009, kde#298349): * 0001-Fix-fallback-path-in-MessageFactoryNG-applyCharset.patch ==== patterns-kde ==== Subpackages: patterns-kde-kde patterns-kde-kde_edutainment patterns-kde-kde_games patterns-kde-kde_ide patterns-kde-kde_imaging patterns-kde-kde_internet patterns-kde-kde_multimedia patterns-kde-kde_office patterns-kde-kde_pim patterns-kde-kde_plasma patterns-kde-kde_utilities patterns-kde-kde_utilities_opt patterns-kde-kde_yast - Recommend pam_kwallet in kde_plasma (boo#1208684) ==== perl-CGI ==== Version update (4.55 -> 4.56) - updated to 4.56 see /usr/share/doc/packages/perl-CGI/Changes 4.56 2023-03-01 [ TESTING ] - add new cookie field 'Priority' to CGI::Cookie code (GH #253, thanks to Pavel) ==== perl-libwww-perl ==== Version update (6.67 -> 6.68) - updated to 6.68 see /usr/share/doc/packages/perl-libwww-perl/Changes 6.68 2023-02-27 19:18:33Z - Remove dynamic dependency on HTTP::Status (GH#419) (Graham Knop) - Raise minimum version of HTML::HeadParser to 3.71 (GH#422) (Olaf Alders) - Apply perlimports to tests (GH#418) (Olaf Alders) ==== pipewire ==== Version update (0.3.65 -> 0.3.66) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-lang pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - add a suggests on the pipewire-jack packages to avoid the jack versions getting picked for dependency resolution - Update to version 0.3.66: * Highlights - Fix a regression in the pulseaudio module-combine-stream because the new module-combine-stream was not installed. - PipeWire can now generate a limits.d config file with our recommended settings for priorities and memlock. - Modules, exec and objects can now be loaded depending on conditions. One example is the X11-bell module that can now be disabled with a custom property override. - Filter-chain has a new mysofa based spacialiser plugin. - Support was added for different clocks that allow the RTP modules to work with a PTP clock, for example. - Many bugfixes and improvements. * PipeWire - Avoid rate switches when the graph is idle. - The rate selection algorithm was improved. This ensures minimal performance and quality loss when resampling. - The default min.quantum was set to 32 again after it got erronously changed to (the too low) 16 in version 0.3.45. - Fix compilation issues with rust bindings because of macros in defines. Work around it for now. - Invalid file mappings are now refused. - Modules, exec and objects can now be loaded depending on conditions. One example is the X11-bell module that can now be disabled with a custom property override. - Filter now also supports _trigger_process() to drive the graph. - TID is now added to the journald log. - PipeWire generates and installs `/etc/security/limits.d/25-pw-rlimits.conf` that by default contains project's recommended settings. Creation of the pipewire group is left to the distro or user ( `groupadd -r pipewire` ). See the rlimits-* Meson options for controlling this behaviour. - Additionally there is now by default disabled Meson option that will install `/etc/security/limits.d/20-pw-defaults.conf` with the current Linux default memlock value. Distros with only kernels >=5.16 or always using systemd v251 or newer do not need this. But all other builds should set the `-Dpam-defaults-install=true` Meson option to ensure that the memlock value is always large enough. * modules - Install module-combine-stream. - RTP source now has support for custom channel names. - RTP source will now stop when inactive. - Filter-chain has a new mysofa based spacializer plugin. - The RTP modules can now use direct clock timestamps to send and receive packets. This makes it possible to synchronise sender and receiver with a PTP clock, for example. - Filter-chain now has an invert plugin to invert the polarity of a signal. * SPA - There is now an option to set the channels used for probing Pro Audio devices. This could unlock more samplerates for some devices when they are probed with fewer channels. - Support was added for other clocks than the MONOTONIC clock in the driver nodes. This can be used to synchronise the graph to a PTP clock, for example. - The ALSA source has some more headroom when rate matching to avoid stuttering when following another driver. - libcamera controls are now mapped to standard PipeWire property values. - The channelmixer has seen some improvements. MONO and undefined channel layouts are now upmixed and downmixed more correctly. * Bluetooth - Many BAP support fixes. * GStreamer - The gstreamer elements now support buffer video metadata so that strides are correctly handled. - pipewiresrc will now error out correctly in more cases. * JACK - The frame to/from time functions are improved to also work with negative time and frame offsets. - Drop patches already included upstream: * 0001-modules-also-install-module-combine-stream.patch ==== python-base ==== Subpackages: libpython2_7-1_0 python-xml - Enable --with-system-ffi for non-standard architectures. ==== qemu ==== Subpackages: qemu-accel-tcg-x86 qemu-audio-spice qemu-block-curl qemu-block-nfs qemu-block-rbd qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-host qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-ipxe qemu-ksm qemu-kvm qemu-lang qemu-microvm qemu-seabios qemu-sgabios qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios qemu-x86 - Disable -Werror as it is very sensitive when one updates a new compiler. -Werror is fine for upstream development, but not when it comes to stability of a package build. ==== re2 ==== - Require GCC 12 on Leap due to code containing speed ups which require newer standards - Allow tests to fail - they fail too often ==== subversion ==== Subpackages: libsvn_auth_gnome_keyring-1-0 libsvn_auth_kwallet-1-0 subversion-bash-completion subversion-perl subversion-server subversion-tools - add swig4.patch for better support with SWIG 4.x (bsc#1209110) ==== sudo ==== Version update (1.9.13p2 -> 1.9.13p3) Subpackages: sudo-plugin-python - Update to 1.9.13p3: Fixed a bug introduced in sudo 1.9.13 that caused a syntax error when list was used as a user or host name. GitHub issue #246. Fixed a bug that could cause sudo to hang when running a command in a pseudo-terminal when there is still input buffered after a command has exited. [bsc#1203201] Fixed sudo -U otheruser -l command. This is a regression in sudo 1.9.13. GitHub issue #248. Fixed sudo -l command args when matching a command in sudoers with command line arguments. This is a regression in sudo 1.9.13. GitHub issue #249. ==== transactional-update ==== Version update (4.1.3 -> 4.1.4) Subpackages: dracut-transactional-update libtukit4 transactional-update-zypp-config tukit tukitd - Version 4.1.4 - Workaround for broken Tumbleweed package libfdisk1 ==== xen ==== Subpackages: xen-libs xen-tools xen-tools-domU - bsc#1208736 - GCC 13: xen package fails bunzip-gcc13.patch altp2m-gcc13.patch - Drop gcc13-fixes.patch ==== yast2-ruby-bindings ==== Version update (4.6.0 -> 4.6.1) - Use ruby-devel versioned to match the gems (bsc#1209098) - 4.6.1