Removed rpms ============ - busybox - busybox-coreutils - busybox-findutils - busybox-grep - busybox-gzip - busybox-psmisc - busybox-sed - busybox-util-linux - busybox-xz - kernel-64kb - kernel-64kb-extra - kernel-64kb-optional - libmms0 Added rpms ========== - kernel-kvmsmall - libgstplay-1_0-0 - libgstva-1_0-0 Package Source Changes ====================== alsa-oss -- Add upstream patch to fix build with current glibc: - * alsa-drop-libio.patch +- use https for urls + +- Drop the superfluous buildreq alsa-topology-devel again; + it's no longer mandatory + +- Fix build breakage by the new alsa update; now it requires + alsa-topology-devel + +- Avoid repetition of name in summary. Update description. + +- Update to alsa-oss 1.1.8 (bsc#1181571): + Fix the build with the recent glibc +- Remove obsoleted patch: + remove-libio.patch: + +- remove-libio.patch: don't use obsolete + +- Remove old kludges +- Run spec-cleaner + +- Update to alsa-oss 1.1.6: + * Change FSF address (Franklin Street) +- Use %license file tag -- Revert 0001-Fix-path-to-libaoss.so.patch, as this causes - regressions on multi-arch (bnc#874331) - -- Backport upstream fixes: - 0001-Fix-path-to-libaoss.so.patch - 0002-Add-AM_MAINTAINER_MODE-enable-to-configure.in.patch - -- stop recommending alsa-oss-32bit - -- updated to version 1.0.25; - pcm: check for XRUN state for GETxSPACE and GETxPTR ioctls - select: better check for null bit arrays - -- add libtool as buildrequire to make the spec file more reliable - -- Remove redundant tags/sections from specfile -- Use %_smp_mflags for parallel build - -- package baselibs.conf - bluedevil5 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + breeze +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- Changes since 5.24.3: + * Fix build without QtQuick and QtX11Extras + breeze-gtk +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + btrfsprogs +- Ignore multipath devices when probing devices for a btrfs filesystem (bsc#1192983) + * 0001-btrfs-progs-Add-optional-dependency-on-libudev.patch + * 0002-btrfs-progs-Ignore-devices-representing-paths-in-mul.patch + * 0003-btrfs-progs-Add-fallback-code-for-path-device-ignore.patch + chrony +- Fix config file handling in the spec file and remove "ntsdumpdir" + from default config, because augeas-lenses cannot parse it during + installation of SLE Micro on SLE-15-SP3 (bsc#1194220). + discover +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- Changes since 5.24.3: + * Fix searchfield focus on touch launch + drkonqi5 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + expat +- Security fixes: + * (CVE-2022-25236, bsc#1196784) [>=2.4.5] Fix to CVE-2022-25236 + breaks biboumi, ClairMeta, jxmlease, libwbxml, + openleadr-python, rnv, xmltodict + - Added expat-CVE-2022-25236-relax-fix.patch + +- Security fixes: + * (CVE-2022-25236, bsc#1196025) Expat before 2.4.5 allows + attackers to insert namespace-separator characters into + namespace URIs + - Added expat-CVE-2022-25236.patch + * (CVE-2022-25235, bsc#1196026) xmltok_impl.c in Expat before + 2.4.5 does not check whether a UTF-8 character is valid in a + certain context. + - Added expat-CVE-2022-25235.patch + * (CVE-2022-25313, bsc#1196168) Stack exhaustion in + build_model() via uncontrolled recursion + - Added expat-CVE-2022-25313.patch + - The fix upstream introduced a regression that was later + amended in 2.4.6 version + + Added expat-CVE-2022-25313-fix-regression.patch + * (CVE-2022-25314, bsc#1196169) Integer overflow in copyString + - Added expat-CVE-2022-25314.patch + * (CVE-2022-25315, bsc#1196171) Integer overflow in storeRawNames + - Added expat-CVE-2022-25315.patch + firewalld +- Provide dummy firewalld-prometheus-config package (bsc#1197042) + +- Add patch which fixes the zone configuration (bsc#1191837) + * 0001-chore-fw_zone-call-permanent-config-checks-at-runtim.patch + gstreamer +- Update to version 1.20.1: + + deinterlace: various bug fixes for yadif, greedy and scalerbob + methods + + gtk video sink: Fix rotation not being applied when paused + + gst-play-1.0: Fix trick-mode handling in keyboard shortcut + + jpegdec: fix RGB conversion handling + + matroskademux: improved ProRes video handling + + matroskamux: Handle multiview-mode/flags/pixel-aspect-ratio + caps fields correctly when checking caps equality on input caps + changes + + videoaggregator fixes (negative rate handling, current position + rounding) + + soup http plugin: Lookup libsoup dylib files on Apple + platforms; fix Cerbero static build on Android and iOS + + Support build against libfreeaptx in openaptx plugin + + Fix linking issues on Illumos distros + + GstPlay: Fix new error + warning parsing API (was unusuable + before) + + mpegtsmux: VBR muxing fixes + + nvdecoder: Various fixes for 4:4:4 and high-bitdepth decoding + + Support build against libfreeaptx in openaptx plugin + + webrtc: Various fixes to the webrtc-sendrecv python example + + macOS: support a relocatable `GStreamer.framework` on macOS + + macOS: fix applemedia plugin failing to load on ARM64 macOS + + windows: ship wavpack library + + gst-python: Fix build with Python 3.11 + + various bug fixes, memory leak fixes, and other stability and + reliability improvements + + plugin loader: show the reason when spawning of + gst-plugin-scanner fails + + registry, plugin loading: fix dynamic relocation if + GST_PLUGIN_SUBDIR (libdir) is not a single subdirectory; + improve GST_PLUGIN_SUBDIR handling + + context: fix transfer annotation on + gst_context_writable_structure() for bindings + + baseparse: Don't truncate the duration to milliseconds in + gst_base_parse_convert_default() + + bufferpool: Deactivate pool and get rid of references to other + objects from dispose instead of finalize + +- Update to version 1.20.0: + + Development in GitLab was switched to a single git repository + containing all the modules + + GstPlay: new high-level playback library, replaces GstPlayer + + WebM Alpha decoding support + + Encoding profiles can now be tweaked with additional + application-specified element properties + + Compositor: multi-threaded video conversion and mixing + + RTP header extensions: unified support in RTP depayloader and + payloader base classes + + SMPTE 2022-1 2-D Forward Error Correction support + + Smart encoding (pass through) support for VP8, VP9, H.265 in + encodebin and transcodebin + + Runtime compatibility support for libsoup2 and libsoup3 + (libsoup3 support experimental) + + Video decoder subframe support + + Video decoder automatic packet-loss, data corruption, and + keyframe request handling for RTP / WebRTC / RTSP + + mp4 and Matroska muxers now support profile/level/resolution + changes for H.264/H.265 input streams (i.e. codec data changing + on the fly) + + mp4 muxing mode that initially creates a fragmented mp4 which + is converted to a regular mp4 on EOS + + Audio support for the WebKit Port for Embedded (WPE) web page + source element + + CUDA based video color space convert and rescale elements and + upload/download elements + + NVIDIA memory:NVMM support for OpenGL glupload and gldownload + elements + + Many WebRTC improvements + + The new VA-API plugin implementation fleshed out with more + decoders and new postproc elements + + AppSink API to retrieve events in addition to buffers and + buffer lists + + AppSrc gained more configuration options for the internal queue + (leakiness, limits in buffers and time, getters to read current + levels) + + Updated Rust bindings and many new Rust plugins + + Improved support for custom minimal GStreamer builds + + Support build against FFmpeg 5.0 + + Linux Stateless CODEC support gained MPEG-2 and VP9 + + Windows Direct3D11/DXVA decoder gained AV1 and MPEG-2 support + + Lots of new plugins, features, performance improvements and bug + fixes +- Use ldconfig_scriptlets macro for post(un) handling where + possible. +- Update Source url. + gstreamer-plugins-bad +- Add 8440e2a373e5ce681d15f5880cb2f2562be332cf.patch: + nvh264dec,nvh265dec: Fix broken key-unit trick and reverse + playback. +- Quiet setup, we do not need to see the unpacking of the tarball. + +- Add patch to support building with srt 1.3.4 in SLE + * fix-build-with-srt-1.3.4.patch +- Do not build the gstldac plugin in s390x where + pkgconfig(ldacBT-enc) is not available. + +- Update to version 1.20.1: + + GstPlay: Fix new error + warning parsing API (was unusuable + before) + + av1parse: let the parser continue on verbose OBUs + + d3d11converter: Fix RGB to GRAY conversion, broken debug + messages, and add missing GRAY conversion + + gs: look for google_cloud_cpp_storage.pc + + ipcpipeline: fix crash and error on windows with SOCKET or + _pipe() + + ivfparse: Don't set zero resolution on caps + + mpegtsdemux: Handle PES headers bigger than a mpeg-ts packet; + fix locking in error code path; handle more program updates + + mpegtsmux: Start last_ts with GST_CLOCK_TIME_NONE to fix VBR + muxing behaviour + + mpegtsmux: Thread safety fixes: lock mux->tsmux, the programs + hash table, and pad streams + + mpegtsmux: Skip empty buffers + + osxaudiodeviceprovider: Add initial support for duplex devices + on OSX + + rtpldacpay: Fix missing payload information + + sdpdemux: add media attributes to caps, fixes ptp clock + handling + + mfaudioenc: Handle empty IMFMediaBuffer + + nvdecoder: Various fixes for 4:4:4 and high-bitdepth decoding + + nvenc: Fix deadlock because of too strict buffer pool size + + va: fix library build issues, caps leaks in the vpp transform + function, and add vaav1dec to documentation + + v4l2codecs: vp9: Minor fixes + + v4l2codecs: h264: Correct scaling matrix ABI check + + dtlstransport: Notify ICE transport property changes + + webrtc: Various fixes to the webrtc-sendrecv python example + + webrtc-ice: Fix memory leaks in gst_webrtc_ice_add_candidate() + + Support build against libfreeaptx in openaptx plugin + + Fix linking issues on Illumos distros +- Drop patch already included upstream: + + 1634.patch + +- Update to version 1.20.0: + + Development in GitLab was switched to a single git repository + containing all the modules + + GstPlay: new high-level playback library, replaces GstPlayer + + WebM Alpha decoding support + + Encoding profiles can now be tweaked with additional + application-specified element properties + + Compositor: multi-threaded video conversion and mixing + + RTP header extensions: unified support in RTP depayloader and + payloader base classes + + SMPTE 2022-1 2-D Forward Error Correction support + + Smart encoding (pass through) support for VP8, VP9, H.265 in + encodebin and transcodebin + + Runtime compatibility support for libsoup2 and libsoup3 + (libsoup3 support experimental) + + Video decoder subframe support + + Video decoder automatic packet-loss, data corruption, and + keyframe request handling for RTP / WebRTC / RTSP + + mp4 and Matroska muxers now support profile/level/resolution + changes for H.264/H.265 input streams (i.e. codec data changing + on the fly) + + mp4 muxing mode that initially creates a fragmented mp4 which + is converted to a regular mp4 on EOS + + Audio support for the WebKit Port for Embedded (WPE) web page + source element + + CUDA based video color space convert and rescale elements and + upload/download elements + + NVIDIA memory:NVMM support for OpenGL glupload and gldownload + elements + + Many WebRTC improvements + + The new VA-API plugin implementation fleshed out with more + decoders and new postproc elements + + AppSink API to retrieve events in addition to buffers and + buffer lists + + AppSrc gained more configuration options for the internal queue + (leakiness, limits in buffers and time, getters to read current + levels) + + Updated Rust bindings and many new Rust plugins + + Improved support for custom minimal GStreamer builds + + Support build against FFmpeg 5.0 + + Linux Stateless CODEC support gained MPEG-2 and VP9 + + Windows Direct3D11/DXVA decoder gained AV1 and MPEG-2 support + + Lots of new plugins, features, performance improvements and bug + fixes +- Add explicit pkgconfig(libva) BuildRequires: meson checks for it. +- Go back to using tarball from upstream, remove service. +- Drop 2564.patch: Fixed upstream. +- Add disabled pkgconfig(storage_client) and + pkgconfig(webrtc-audio-coding-1) BuildRequires and pass + gs=disabled, isac=disabled and onnx=disabled to meson, we do not + have the dependencies in openSUSE yet. +- Add explicit BuildRequires: pkgconfig(libsoup-2.4), meson checks + for it. +- Add pkgconfig(json-glib-1.0), pkgconfig(ldacBT-enc) and + pkgconfig(libqrencode) BuildRequires, new dependencies. +- Add pkgconfig(libopenaptx) BuildRequires in build_orig section + and pass openaptx=disabled to meson, do not build this in distro + by default. +- Drop mms and ofa plugins, removed upstream. Drop + pkgconfig(libmms) and pkgconfig(libofa) BuildRequires following + the removal. +- Add new sub-packages libgstplay-1_0-0, typelib-1_0-GstPlay-1_0 + and libgstva-1_0-0, also add libgstva-1_0-0 and libgstplay-1_0-0 + to baselibs.conf. +- Tweak/fix and drop some Obsoletes. +- Drop old conditionals for versions of openSUSE out of support. +- Add 1634.patch -- AV1 playback fixes. +- Use ldconfig_scriptlets macro for post(un) handling. +- Drop explicit gstreamer-devel Requires from devel sub-package, + not needed as this is added via pkgconfig any way. + gstreamer-plugins-base +- Add 5a074a11f90e3d70b24bf0c535ab0480fad9e701.patch: playsink: + Complete reconfiguration on pad release. +- Use ldconfig_scriptlets macro for post(un) handling. + +- Update to version 1.20.1: + + typefindfunctions: Fix WebVTT format detection for very short + files + + gldisplay: Reorder GST_GL_WINDOW check for egl-device + + rtpbasepayload: Copy all buffer metadata instead of just + GstMetas for the input meta buffer + + codec-utils: Avoid out-of-bounds error + + navigation: Fix Since markers for mouse scroll events + + videoaggregator: Fix for unhandled negative rate + + videoaggregator: Use floor() to calculate current position + + video-color: Fix for missing clipping in PQ EOTF function + + gst-play-1.0: Fix trick-mode handling in keyboard shortcut + + audiovisualizer: shader: Fix out of bound write + +- Update to version 1.20.0: + + Development in GitLab was switched to a single git repository + containing all the modules + + GstPlay: new high-level playback library, replaces GstPlayer + + WebM Alpha decoding support + + Encoding profiles can now be tweaked with additional + application-specified element properties + + Compositor: multi-threaded video conversion and mixing + + RTP header extensions: unified support in RTP depayloader and + payloader base classes + + SMPTE 2022-1 2-D Forward Error Correction support + + Smart encoding (pass through) support for VP8, VP9, H.265 in + encodebin and transcodebin + + Runtime compatibility support for libsoup2 and libsoup3 + (libsoup3 support experimental) + + Video decoder subframe support + + Video decoder automatic packet-loss, data corruption, and + keyframe request handling for RTP / WebRTC / RTSP + + mp4 and Matroska muxers now support profile/level/resolution + changes for H.264/H.265 input streams (i.e. codec data changing + on the fly) + + mp4 muxing mode that initially creates a fragmented mp4 which + is converted to a regular mp4 on EOS + + Audio support for the WebKit Port for Embedded (WPE) web page + source element + + CUDA based video color space convert and rescale elements and + upload/download elements + + NVIDIA memory:NVMM support for OpenGL glupload and gldownload + elements + + Many WebRTC improvements + + The new VA-API plugin implementation fleshed out with more + decoders and new postproc elements + + AppSink API to retrieve events in addition to buffers and + buffer lists + + AppSrc gained more configuration options for the internal queue + (leakiness, limits in buffers and time, getters to read current + levels) + + Updated Rust bindings and many new Rust plugins + + Improved support for custom minimal GStreamer builds + + Support build against FFmpeg 5.0 + + Linux Stateless CODEC support gained MPEG-2 and VP9 + + Windows Direct3D11/DXVA decoder gained AV1 and MPEG-2 support + + Lots of new plugins, features, performance improvements and bug + fixes +- Rebase add_wayland_dep_to_tests.patch. +- Drop gstreamer-plugins-base-gl-deps.patch: Fixed upstream +- Stop using service due to upstreams new mono-repo, just use + tarballs for now. + gstreamer-plugins-good +- Update to version 1.20.1: + + deinterlace: various bug fixes for yadif method + + deinterlace: Refactor greedyh and fix planar formats + + deinterlace: Prevent race between method configuration and + latency query + + gtk video sink: Fix rotation not being applied when paused + + jpegdec: fix RGB conversion handling + + matroskademux: improved ProRes video handling + + matroskamux: Handle multiview-mode/flags/pixel-aspect-ratio + caps fields correctly when checking caps equality on input caps + changes + + rtprtx: don't access type-system per buffer (performance + optimisation); code cleanups + + rtpulpfecenc: fix unmatched g_slice_free() + + rtpvp8depay: fix crash when making GstRTPPacketLost custom + event + + qtmux: Don't post an error message if pushing a sample failed + with FLUSHING (e.g. on pipeline shutdown) + + soup: Lookup libsoup dylib files on Apple platforms & fix + Cerbero static build on Android and iOS + + souphttpsrc: element not present on iOS after 1.20.0 update + + v4l2tuner: return NULL if no norm set + + v4l2bufferpool: Fix race condition between qbuf and pool + streamoff + + meson: Don't build lame plugin with -Dlame=disabled + +- Update to version 1.20.0: + + Development in GitLab was switched to a single git repository + containing all the modules + + GstPlay: new high-level playback library, replaces GstPlayer + + WebM Alpha decoding support + + Encoding profiles can now be tweaked with additional + application-specified element properties + + Compositor: multi-threaded video conversion and mixing + + RTP header extensions: unified support in RTP depayloader and + payloader base classes + + SMPTE 2022-1 2-D Forward Error Correction support + + Smart encoding (pass through) support for VP8, VP9, H.265 in + encodebin and transcodebin + + Runtime compatibility support for libsoup2 and libsoup3 + (libsoup3 support experimental) + + Video decoder subframe support + + Video decoder automatic packet-loss, data corruption, and + keyframe request handling for RTP / WebRTC / RTSP + + mp4 and Matroska muxers now support profile/level/resolution + changes for H.264/H.265 input streams (i.e. codec data changing + on the fly) + + mp4 muxing mode that initially creates a fragmented mp4 which + is converted to a regular mp4 on EOS + + Audio support for the WebKit Port for Embedded (WPE) web page + source element + + CUDA based video color space convert and rescale elements and + upload/download elements + + NVIDIA memory:NVMM support for OpenGL glupload and gldownload + elements + + Many WebRTC improvements + + The new VA-API plugin implementation fleshed out with more + decoders and new postproc elements + + AppSink API to retrieve events in addition to buffers and + buffer lists + + AppSrc gained more configuration options for the internal queue + (leakiness, limits in buffers and time, getters to read current + levels) + + Updated Rust bindings and many new Rust plugins + + Improved support for custom minimal GStreamer builds + + Support build against FFmpeg 5.0 + + Linux Stateless CODEC support gained MPEG-2 and VP9 + + Windows Direct3D11/DXVA decoder gained AV1 and MPEG-2 support + + Lots of new plugins, features, performance improvements and bug + fixes +- Stop using service for tarball, use upstream url. +- Drop old obsolete conditionals. +- Add BuildRequires: pkgconfig(libsoup-3.0) + gstreamer-plugins-ugly +- Update to version 1.20.1: + + x264enc: fix plugin long-name and description + +- Update to version 1.20.0: + + Development in GitLab was switched to a single git repository + containing all the modules + + GstPlay: new high-level playback library, replaces GstPlayer + + WebM Alpha decoding support + + Encoding profiles can now be tweaked with additional + application-specified element properties + + Compositor: multi-threaded video conversion and mixing + + RTP header extensions: unified support in RTP depayloader and + payloader base classes + + SMPTE 2022-1 2-D Forward Error Correction support + + Smart encoding (pass through) support for VP8, VP9, H.265 in + encodebin and transcodebin + + Runtime compatibility support for libsoup2 and libsoup3 + (libsoup3 support experimental) + + Video decoder subframe support + + Video decoder automatic packet-loss, data corruption, and + keyframe request handling for RTP / WebRTC / RTSP + + mp4 and Matroska muxers now support profile/level/resolution + changes for H.264/H.265 input streams (i.e. codec data changing + on the fly) + + mp4 muxing mode that initially creates a fragmented mp4 which + is converted to a regular mp4 on EOS + + Audio support for the WebKit Port for Embedded (WPE) web page + source element + + CUDA based video color space convert and rescale elements and + upload/download elements + + NVIDIA memory:NVMM support for OpenGL glupload and gldownload + elements + + Many WebRTC improvements + + The new VA-API plugin implementation fleshed out with more + decoders and new postproc elements + + AppSink API to retrieve events in addition to buffers and + buffer lists + + AppSrc gained more configuration options for the internal queue + (leakiness, limits in buffers and time, getters to read current + levels) + + Updated Rust bindings and many new Rust plugins + + Improved support for custom minimal GStreamer builds + + Support build against FFmpeg 5.0 + + Linux Stateless CODEC support gained MPEG-2 and VP9 + + Windows Direct3D11/DXVA decoder gained AV1 and MPEG-2 support + + Lots of new plugins, features, performance improvements and bug + fixes +- Stop using service, use upstream url for tarball. +- Drop obsolete and unused experimental define. +- Pass gpl=enabled to meson, now needed to build a52 support. + java-11-openjdk +- Update to upstream tag jdk-11.0.14.1+1 + * Changes: + + JDK-8280786: Build failure on Solaris after 8262392 + + JDK-8218546: Unable to connect to https://google.com using + java.net.HttpClient + + JDK-8281324: Bump update version for OpenJDK: jdk-11.0.14.1 + - + JDK-8264934, CVE-2022-21248, bnc#1194926: Enhance cross VM - serialization + + JDK-8264934, CVE-2022-21248, bnc#1194926: Enhance cross VM serialization - + JDK-8268813, CVE-2022-21283, bnc#1194937: Better String - matching + + JDK-8268813, CVE-2022-21283, bnc#1194937: Better String matching kactivitymanagerd +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + kcm_sddm +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + kde-cli-tools5 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + kde-gtk-config5 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + kernel-preempt +- Revert "rpm/kernel-source.spec.in: call fdupes per subpackage" + This reverts commit 1da843983718d4cfdd652a76e428abee98e37450. +- commit f349b81 + +- Revert "build initrd without systemd" (bsc#1197300) + This reverts commit ef4c569b998635a9369390d4e9cfe3a922815c76. + It seems to be the cause of a stall in OBS build that resulted in + the failure with obs-build-qa (and possibly others). +- commit ff2b28e + +- Update patch reference for USB gadget fix (CVE-2022-27223 bsc#1197245) +- commit fd3b6e8 + +- Rename colliding patches before the next cve/linux-5.3 -> SLE15-SP3 merge +- commit 891ddc4 + +- sr9700: sanity check for packet length (bsc#1196836 + CVE-2022-26966). +- commit edaafdd + +- blacklist.conf: prerequisites break kABI +- commit d0b972b + +- rpm: SC2006: Use $(...) notation instead of legacy backticked `...`. +- commit f0d0e90 + +- usb: dwc2: gadget: Fix GOUTNAK flow for Slave mode (git-fixes). +- commit 3863766 + +- usb: dwc2: Fix Stalling a Non-Isochronous OUT EP (git-fixes). +- commit 9d7504f + +- aio: fix use-after-free due to missing POLLFREE handling + (CVE-2021-39698 bsc#1196956). +- aio: keep poll requests on waitqueue until completed + (CVE-2021-39698 bsc#1196956). +- signalfd: use wake_up_pollfree() (CVE-2021-39698 bsc#1196956). +- binder: use wake_up_pollfree() (CVE-2021-39698 bsc#1196956). +- wait: add wake_up_pollfree() (CVE-2021-39698 bsc#1196956). +- commit b026506 + +- usb: dwc2: gadget: Fix kill_all_requests race (git-fixes). +- commit 5ad82f7 + +- usb: dwc3: meson-g12a: Disable the regulator in the error + handling path of the probe (git-fixes). +- commit 6109544 + +- mmc: meson: Fix usage of meson_mmc_post_req() (git-fixes). +- drm/sun4i: mixer: Fix P010 and P210 format numbers (git-fixes). +- commit 44ceec6 + +- rpm/kernel-source.spec.in: call fdupes per subpackage + It is a waste of time to do a global fdupes when we have + subpackages. +- commit 1da8439 + +- af_unix: fix garbage collect vs MSG_PEEK (CVE-2021-0920 + bsc#1193731). +- commit 7040fdd + +- Refresh patches.suse/xfrm-fix-mtu-regression.patch. +- commit 8d867d6 + +- bpf, selftests: Add test case trying to taint map value pointer + (bsc#1196130,CVE-2021-45402). +- bpf: Make 32->64 bounds propagation slightly more robust + (bsc#1196130,CVE-2021-45402). +- bpf: Fix signed bounds propagation after mov32 + (bsc#1196130,CVE-2021-45402). +- commit 63a6298 + +- net: phy: DP83822: clear MISR2 register to disable interrupts + (git-fixes). +- gianfar: ethtool: Fix refcount leak in gfar_get_ts_info + (git-fixes). +- NFC: port100: fix use-after-free in port100_send_complete + (git-fixes). +- ax25: Fix NULL pointer dereference in ax25_kill_by_device + (git-fixes). +- staging: gdm724x: fix use after free in gdm_lte_rx() + (git-fixes). +- gpio: ts4900: Do not set DAT and OE together (git-fixes). +- gpiolib: acpi: Convert ACPI value of debounce to microseconds + (git-fixes). +- usb: hub: Fix locking issues with address0_mutex (git-fixes). +- commit ea6e976 + +- EDAC: Fix calculation of returned address and next offset in + edac_align_ptr() (bsc#1178134). +- commit c292d6b + +- xen/netfront: react properly to failing + gnttab_end_foreign_access_ref() (bsc#1196488, XSA-396, + CVE-2022-23042). +- commit fe0a923 + +- xen/gnttab: fix gnttab_end_foreign_access() without page + specified (bsc#1196488, XSA-396, CVE-2022-23041). +- commit 58c801b + +- xen/pvcalls: use alloc/free_pages_exact() (bsc#1196488, + XSA-396, CVE-2022-23041). +- commit afb2dba + +- xen/9p: use alloc/free_pages_exact() (bsc#1196488, XSA-396, + CVE-2022-23041). +- commit cee63b9 + +- xen/usb: don't use gnttab_end_foreign_access() in + xenhcd_gnttab_done() (bsc#1196488, XSA-396). +- commit b1d434d + +- xen/gntalloc: don't use gnttab_query_foreign_access() + (bsc#1196488, XSA-396, CVE-2022-23039). +- commit a4ec4aa + +- xen/scsifront: don't use gnttab_query_foreign_access() for + mapped status (bsc#1196488, XSA-396, CVE-2022-23038). +- commit fd9cb30 + +- xen/netfront: don't use gnttab_query_foreign_access() for + mapped status (bsc#1196488, XSA-396, CVE-2022-23037). +- commit 4e33999 + +- xen/blkfront: don't use gnttab_query_foreign_access() for + mapped status (bsc#1196488, XSA-396, CVE-2022-23036). +- commit 4334af7 + +- xen/grant-table: add gnttab_try_end_foreign_access() + (bsc#1196488, XSA-396, CVE-2022-23036, CVE-2022-23038). +- commit 19b769a + +- xen/xenbus: don't let xenbus_grant_ring() remove grants in + error case (bsc#1196488, XSA-396, CVE-2022-23040). +- commit 5aacf1f + +- EDAC/altera: Fix deferred probing (bsc#1178134). +- commit 13cc9b2 + +- rpm/arch-symbols,guards,*driver: Replace Novell with SUSE. +- commit 174a64f + +- nvme-rdma: fix possible use-after-free in transport + error_recovery work (git-fixes). +- commit f4a5de3 + +- usb: host: xen-hcd: add missing unlock in error path + (git-fixes). +- commit daa9ea7 + +- Refresh + patches.suse/0002-usb-Introduce-Xen-pvUSB-frontend-xen-hcd.patch. +- commit d9066f6 + +- Refresh + patches.suse/0001-usb-Add-Xen-pvUSB-protocol-description.patch. +- commit 5c41eb3 + +- rpm/kernel-docs.spec.in: use %%license for license declarations + Limited to SLE15+ to avoid compatibility nightmares. +- commit 73d560e + +- rpm/*.spec.in: Use https:// urls +- commit 77b5f8e + +- nvme-multipath: use vmalloc for ANA log buffer (bsc#1193787). +- commit 8823060 + +- Bluetooth: btusb: Add missing Chicony device for Realtek + RTL8723BE (bsc#1196779). +- commit 504b440 + +- ixgbe: xsk: change !netif_carrier_ok() handling in + ixgbe_xmit_zc() (git-fixes). +- selftests: mlxsw: tc_police_scale: Make test more robust + (bsc#1176774). +- net: fix up skbs delta_truesize in UDP GRO frag_list + (bsc#1176447). +- igc: igc_write_phy_reg_gpy: drop premature return (git-fixes). +- igc: igc_read_phy_reg_gpy: drop premature return (git-fixes). +- iavf: Fix missing check for running netdev (git-fixes). +- RDMA/cma: Do not change route.addr.src_addr outside state checks + (bsc#1181147). +- RDMA/ib_srp: Fix a deadlock (git-fixes). +- RDMA/rtrs-clt: Fix possible double free in error case + (jsc#SLE-15176). +- net/mlx5e: TC, Reject rules with forward and drop actions + (git-fixes). +- net/mlx5e: TC, Reject rules with drop and modify hdr action + (git-fixes). +- net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded + packets (jsc#SLE-15172). +- net/mlx5e: Fix wrong return value on ioctl EEPROM query failure + (git-fixes). +- net/mlx5: Fix possible deadlock on rule deletion (git-fixes). +- net/mlx5: Fix wrong limitation of metadata match on ecpf + (git-fixes). +- net/mlx5: Update the list of the PCI supported devices + (git-fixes). +- netfilter: nf_tables: fix memory leak during stateful obj update + (bsc#1176447). +- bnxt_en: Fix incorrect multicast rx mask setting when not + requested (git-fixes). +- bnxt_en: Fix occasional ethtool -t loopback test failures + (git-fixes). +- bnxt_en: Fix offline ethtool selftest with RDMA enabled + (git-fixes). +- bnxt_en: Fix active FEC reporting to ethtool (jsc#SLE-16649). +- ice: initialize local variable 'tlv' (jsc#SLE-12878). +- nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac() + (git-fixes). +- net/sched: act_ct: Fix flow table lookup after ct clear or + switching zones (jsc#SLE-15172). +- bonding: force carrier update when releasing slave (git-fixes). +- RDMA/mlx4: Don't continue event handler after memory allocation + failure (git-fixes). +- RDMA/siw: Fix broken RDMA Read Fence/Resume logic (git-fixes). +- IB/rdmavt: Validate remote_addr during loopback atomic tests + (git-fixes). +- RDMA/cxgb4: Set queue pair state when being queried (git-fixes). +- RDMA/rxe: Fix a typo in opcode name (git-fixes). +- RDMA/cma: Let cma_resolve_ib_dev() continue search even after + empty entry (git-fixes). +- RDMA/core: Let ib_find_gid() continue search even after empty + entry (git-fixes). +- RDMA/uverbs: Remove the unnecessary assignment (git-fixes). +- RDMA/cma: Remove open coding of overflow checking for + private_data_len (git-fixes). +- RDMA/hns: Validate the pkey index (git-fixes). +- RDMA/bnxt_re: Scan the whole bitmap when checking if "disabling + RCFW with pending cmd-bit" (git-fixes). +- RDMA/core: Don't infoleak GRH fields (git-fixes). +- RDMA/uverbs: Check for null return of kmalloc_array (git-fixes). +- IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr (git-fixes). +- IB/hfi1: Fix early init panic (git-fixes). +- IB/hfi1: Insure use of smp_processor_id() is preempt disabled + (git-fixes). +- IB/hfi1: Correct guard on eager buffer deallocation (git-fixes). +- net/mlx5: Update the list of the PCI supported devices + (git-fixes). +- commit 5d0d3c3 + +- asix: fix uninit-value in asix_mdio_read() (git-fixes). +- commit 954cba8 + +- usb: hub: Fix usb enumeration issue due to address0 race + (git-fixes). +- commit 831632a + +- USB: hub: Clean up use of port initialization schemes and + retries (git-fixes). +- commit 39e09e3 + +- powerpc/powernv/memtrace: Fix dcache flushing (bsc#1196433 + ltc#196449). +- commit 5cf33af + +- mask out added spinlock in rndis_params (git-fixes). +- commit cf77fd5 + +- usb: gadget: rndis: add spinlock for rndis response list + (git-fixes). +- commit 6500e0b + +- HID: add mapping for KEY_ALL_APPLICATIONS (git-fixes). +- HID: add mapping for KEY_DICTATE (git-fixes). +- Input: elan_i2c - fix regulator enable count imbalance after + suspend/resume (git-fixes). +- Input: elan_i2c - move regulator_[en|dis]able() out of + elan_[en|dis]able_power() (git-fixes). +- arm64: dts: rockchip: Switch RK3399-Gru DP to SPDIF output + (git-fixes). +- dmaengine: shdma: Fix runtime PM imbalance on error (git-fixes). +- i2c: bcm2835: Avoid clock stretching timeouts (git-fixes). +- Input: clear BTN_RIGHT/MIDDLE on buttonpads (git-fixes). +- ASoC: rt5682: do not block workqueue if card is unbound + (git-fixes). +- ASoC: rt5668: do not block workqueue if card is unbound + (git-fixes). +- net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 + (git-fixes). +- mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work + (git-fixes). +- mac80211_hwsim: report NOACK frames in tx_status (git-fixes). +- hamradio: fix macro redefine warning (git-fixes). +- commit add4eb4 + +- scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe (git-fixes). +- scsi: bnx2fc: Flush destroy_work queue before calling + bnx2fc_interface_put() (git-fixes). +- scsi: nsp_cs: Check of ioremap return value (git-fixes). +- scsi: qedf: Fix potential dereference of NULL pointer + (git-fixes). +- scsi: ufs: Fix race conditions related to driver data + (git-fixes). +- scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() + (git-fixes). +- commit 2185cf5 + +- Add SCSI git-fix to blacklist: too pervasive +- commit 3f4a3f6 + +- blacklist.conf: Add 05c7b7a92cc8 cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug +- commit 511f680 + +- cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning + (bsc#1196868). +- commit 30013c2 + +- cpuset: Fix the bug that subpart_cpus updated wrongly in + update_cpumask() (bsc#1196866). +- commit 8ee9c97 + +- blacklist.conf: prerequisites break kABI +- commit 88b00ea + +- blacklist.conf: kABI +- commit 11980b2 + +- blacklist.conf: patch not applicable due to missing infrastructure +- commit be9f64f + +- usb: dwc2: use well defined macros for power_down (git-fixes). +- commit 781db9c + +- ename colliding patches before the next cve/linux-5.3 -> SLE15-SP3 merge +- commit 59d5e34 + +- Hand over the maintainership to SLE15-SP3 maintainers +- commit 0c92742 + +- SUNRPC: avoid race between mod_timer() and del_timer_sync() + (bnc#1195403). +- commit f6cf219 + +- cputime, cpuacct: Include guest time in user time in (git-fixes) +- commit b360f79 + +- sched/core: Mitigate race (git-fixes) +- commit d6e526f + +- cpufreq: schedutil: Use kobject release() method to free (git-fixes) +- commit 3b82dc0 + +- blacklist.conf: Blacklist uclamp related fixes +- commit af69679 + +- sr9700: sanity check for packet length (bsc#1196836). +- commit 558034f + +- tracing: Fix return value of __setup handlers (git-fixes). +- commit 184ff86 + +- exfat: fix i_blocks for files truncated over 4 GiB (git-fixes). +- exfat: fix incorrect loading of i_blocks for large files + (git-fixes). +- commit f1e7b8d + +- nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION + (CVE-2022-26490 bsc#1196830). +- commit fd10ace + +- nvme-tcp: fix possible use-after-free in transport + error_recovery work (git-fixes). +- nvme: fix a possible use-after-free in controller reset during + load (git-fixes). +- commit 8b4713c + +- Update patches.suse/0001-mmc-moxart_remove-Fix-UAF.patch + (bsc#1194516 CVE-2022-0487). +- Update + patches.suse/NFSv4-Handle-case-where-the-lookup-of-a-directory-fa.patch + (bsc#1195612 CVE-2022-24448). +- Update + patches.suse/udf-Fix-NULL-ptr-deref-when-converting-from-inline-f.patch + (bsc#1196079 CVE-2022-0617). +- Update + patches.suse/udf-Restore-i_lenAlloc-when-inode-expansion-fails.patch + (bsc#1196079 CVE-2022-0617). +- Update + patches.suse/vfs-check-fd-has-read-access-in-kernel_read_file_from_fd.patch + (bsc#1194888 CVE-2022-0644 bsc#1196155). +- commit 096ea36 + +- ALSA: intel_hdmi: Fix reference to PCM buffer address + (git-fixes). +- ASoC: cs4265: Fix the duplicated control name (git-fixes). +- ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min + (git-fixes). +- commit 46ecf36 + +- scsi: smartpqi: Add PCI IDs (bsc#1196627). +- commit 0f3e3c7 + +- vrf: Fix fast path output packet handling with async Netfilter + rules (git-fixes). +- commit 4dafe3d + +- net/mlx5e: Fix modify header actions memory leak (git-fixes). +- commit 2d08f14 + +- net: ethernet: ti: cpsw: disable PTPv1 hw timestamping + advertisement (git-fixes). +- commit 644c57f + +- net: hns3: Clear the CMDQ registers before unmapping BAR region + (git-fixes). +- commit 09653f6 + +- netsec: ignore 'phy-mode' device property on ACPI systems + (git-fixes). +- commit b2241ca + +- net: sfc: Replace in_interrupt() usage (git-fixes). +- commit 254377d + +- gtp: remove useless rcu_read_lock() (git-fixes). +- commit 2588833 + +- net: dsa: mv88e6xxx: MV88E6097 does not support jumbo + configuration (git-fixes). +- commit 28ecaea + +- Refresh + patches.suse/ibmvnic-Allow-queueing-resets-during-probe.patch. +- Refresh + patches.suse/ibmvnic-clear-fop-when-retrying-probe.patch. +- Refresh + patches.suse/ibmvnic-complete-init_done-on-transport-events.patch. +- Refresh + patches.suse/ibmvnic-define-flush_reset_queue-helper.patch. +- Refresh + patches.suse/ibmvnic-don-t-release-napi-in-__ibmvnic_open.patch. +- Refresh + patches.suse/ibmvnic-free-reset-work-item-when-flushing.patch. +- Refresh patches.suse/ibmvnic-init-init_done_rc-earlier.patch. +- Refresh + patches.suse/ibmvnic-initialize-rc-before-completing-wait.patch. +- Refresh + patches.suse/ibmvnic-register-netdev-after-init-of-adapter.patch. +- Refresh + patches.suse/ibmvnic-schedule-failover-only-if-vioctl-fails.patch. +- Refresh + patches.suse/scsi-lpfc-Fix-pt2pt-NVMe-PRLI-reject-LOGO-loop.patch. +- Refresh patches.suse/xfrm-fix-mtu-regression.patch. +- commit 25457d5 + +- netfilter: nf_tables_offload: incorrect flow offload action + array size (bsc#1196299 CVE-2022-25636). +- commit 30b89a9 + +- batman-adv: Don't expect inter-netns unique iflink indices + (git-fixes). +- batman-adv: Request iflink once in batadv_get_real_netdevice + (git-fixes). +- batman-adv: Request iflink once in batadv-on-batadv check + (git-fixes). +- nl80211: Handle nla_memdup failures in handle_nan_filter + (git-fixes). +- mac80211: fix forwarded mesh frames AC & queue selection + (git-fixes). +- can: gs_usb: change active_channels's type from atomic_t to u8 + (git-fixes). +- commit 1c8fa49 + +- cgroup-v1: Correct privileges check in release_agent writes + (bsc#1196723). +- commit 3d0b2e2 + +- blacklist.conf: Add 51e50fbd3efc psi: fix "no previous prototype" warnings when CONFIG_CGROUPS=n +- commit 2727993 + +- ARM: 9182/1: mmu: fix returns from early_param() and __setup() + functions (git-fixes). +- ARM: Fix kgdb breakpoint for Thumb2 (git-fixes). +- ntb: intel: fix port config status offset for SPR (git-fixes). +- USB: serial: option: add Telit LE910R1 compositions (git-fixes). +- USB: serial: option: add support for DW5829e (git-fixes). +- USB: gadget: validate endpoint index for xilinx udc (git-fixes). +- xhci: re-initialize the HC during resume if HCE was set + (git-fixes). +- drm/amdgpu: disable MMHUB PG for Picasso (git-fixes). +- USB: zaurus: support another broken Zaurus (git-fixes). +- USB: gadget: validate interface OS descriptor requests + (git-fixes). +- commit a54291e + +- Update patches.suse/ibmvnic-don-t-stop-queue-in-xmit.patch + (bsc#1192273 ltc#194629 bsc#1191428 ltc#193985). +- commit 59ca885 + +- net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468). +- commit 6dcfd65 + +- blk-mq: don't free tags if the tag_set is used by other device + in queue initialztion (bsc#1193787). +- commit 5b79ad2 + +- kernel-binary.spec: Also exclude the kernel signing key from devel package. + There is a check in OBS that fails when it is included. Also the key is + not reproducible. + Fixes: bb988d4625a3 ("kernel-binary: Do not include sourcedir in certificate path.") +- commit 68fa069 + +- powerpc/fadump: register for fadump as early as possible + (bsc#1179439 ltc#190038). +- commit 3f54d95 + +- rpm/check-for-config-changes: Ignore PAHOLE_VERSION. +- commit 88ba5ec + +- powerpc/pseries/iommu: Fix window size for direct mapping with + pmem (bsc#1196472 ltc#192278). +- powerpc/dma: Fallback to dma_ops when persistent memory present + (bsc#1196472 ltc#192278). + Update config files. +- dma-mapping: Allow mixing bypass and mapped DMA operation + (bsc#1196472 ltc#192278). +- dma-direct: Fix potential NULL pointer dereference (bsc#1196472 + ltc#192278). +- commit a04953d + +- soc: fsl: qe: Check of ioremap return value (git-fixes). +- soc: fsl: Correct MAINTAINERS database (SOC) (git-fixes). +- soc: fsl: Correct MAINTAINERS database (QUICC ENGINE LIBRARY) + (git-fixes). +- firmware: arm_scmi: Remove space in MODULE_ALIAS name + (git-fixes). +- efivars: Respect "block" flag in efivar_entry_set_safe() + (git-fixes). +- gpio: tegra186: Fix chip_data type confusion (git-fixes). +- gpio: rockchip: Reset int_bothedge when changing trigger + (git-fixes). +- spi: spi-zynq-qspi: Fix a NULL pointer dereference in + zynq_qspi_exec_mem_op() (git-fixes). +- iio: Fix error handling for PM (git-fixes). +- iio: adc: men_z188_adc: Fix a resource leak in an error handling + path (git-fixes). +- iio: adc: ad7124: fix mask used for setting AIN_BUFP & AIN_BUFM + bits (git-fixes). +- tty: n_gsm: fix proper link termination after failed open + (git-fixes). +- tty: n_gsm: fix encoding of control signal octet bit DV + (git-fixes). +- Revert "USB: serial: ch341: add new Product ID for CH341A" + (git-fixes). +- usb: dwc3: gadget: Let the interrupt handler disable bottom + halves (git-fixes). +- usb: dwc3: pci: Fix Bay Trail phy GPIO mappings (git-fixes). +- xhci: Prevent futile URB re-submissions due to incorrect return + value (git-fixes). +- ata: pata_hpt37x: disable primary channel on HPT371 (git-fixes). +- clk: jz4725b: fix mmc0 clock gating (git-fixes). +- drm/edid: Always set RGB444 (git-fixes). +- commit c381750 + +- powerpc/mm: Remove dcache flush from memory remove (bsc#1196433 + ltc#196449). +- commit 72793cf + +- udf: Restore i_lenAlloc when inode expansion fails (bsc#1196079 + CVE-2022-0617). +- commit a1deb2a + +- udf: Fix NULL ptr deref when converting from inline format + (bsc#1196079 CVE-2022-0617). +- commit 43cd4ed + +- usb: gadget: rndis: check size of RNDIS_MSG_SET command + (CVE-2022-25375 bsc#1196235). +- commit 4e7d746 + +- Update patch reference for vfs fix (CVE-2022-0644 bsc#1196155) +- commit 900b4f0 + +- USB: gadget: validate interface OS descriptor requests + (CVE-2022-25258 bsc#1196095). +- commit 4c69367 + +- f2fs: fix to do sanity check on inode type during garbage + collection (CVE-2021-44879 bsc#1195987). +- commit 139271b + +- yam: fix a memory leak in yam_siocdevprivate() (CVE-2022-24959 + bsc#1195897). +- commit 60220af + +- usb: gadget: clear related members when goto fail + (CVE-2022-24958 bsc#1195905). +- usb: gadget: don't release an existing dev->buf (CVE-2022-24958 + bsc#1195905). +- commit 96dda76 + +- Update patches.suse/0001-mmc-moxart_remove-Fix-UAF.patch + (bsc#1194516 CVE-2022-0487). +- commit f68f189 + +- kernel-binary: Do not include sourcedir in certificate path. + The certs macro runs before build directory is set up so it creates the + aggregate of supplied certificates in the source directory. + Using this file directly as the certificate in kernel config works but + embeds the source directory path in the kernel config. + To avoid this symlink the certificate to the build directory and use + relative path to refer to it. + Also fabricate a certificate in the same location in build directory + when none is provided. +- commit bb988d4 + +- constraints: Also adjust disk requirement for x86 and s390. +- commit 9719db0 + +- constraints: Increase disk space for aarch64 +- commit 09c2882 + +- drm/i915: Remove memory frequency calculation (bsc#1195211). +- commit ea4d32b + +- drm/i915: Rename is_16gb_dimm to wm_lv_0_adjust_needed + (bsc#1195211). +- drm/i915/gen11+: Only load DRAM information from pcode + (bsc#1195211). +- drm/i915: Nuke not needed members of dram_info (bsc#1195211). +- drm/i915/dg1: Wait for pcode/uncore handshake at startup + (bsc#1195211). +- commit d7995a2 + +- NFSv4: Handle case where the lookup of a directory fails + (bsc#1195612 CVE-2022-24448). +- commit 1023a28 + +- scsi: ufs: Correct the LUN used in eh_device_reset_handler() + callback (bsc#1193864 CVE-2021-39657). +- commit 5ec67f9 + +- kernel-obs-build: include 9p (boo#1195353) + To be able to share files between host and the qemu vm of the build + script, the 9p and 9p_virtio kernel modules need to be included in + the initrd of kernel-obs-build. +- commit 0cfe67a + +- net: tipc: validate domain record count on input (bsc#1195254). +- commit 96de11b + +- kernel-binary.spec.in: Move 20-kernel-default-extra.conf to the correctr + directory (bsc#1195051). +- commit c80b5de + +- kernel-binary.spec: Do not use the default certificate path (bsc#1194943). + Using the the default path is broken since Linux 5.17 +- commit 68b36f0 + +- fix rpm build warning + tumbleweed rpm is adding these warnings to the log: + It's not recommended to have unversioned Obsoletes: Obsoletes: microcode_ctl +- commit 3ba8941 + +- build initrd without systemd + This reduces the size of the initrd by over 25%, which + improves startup time of the virtual machine by 0.5-0.6s on + very fast machines, more on slower ones. +- commit ef4c569 + kgamma5 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + khotkeys5 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + kinfocenter5 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + kmenuedit5 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + kscreen5 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- Changes since 5.24.3: + * KCM: Center Orientation label when there's no automatic options + * X11: align touchscreen to internal display (kde#415683) +- Drop code for obsolete versions + kscreenlocker +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + ksshaskpass5 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + ksystemstats5 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + kwayland-integration +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + kwayland-server +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- Changes since 5.24.3: + * outputchangeset: set default values for vrr policy and rgb range (kde#442520) + kwin5 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- Changes since 5.24.3: + * backends/drm: attempt a modeset on output disabling (kde#449878) + * plugins/screencast: Fix a glitch in cursor bitmap + * backends/drm: set max bpc in DrmPipeline + * backends/drm: fall back to legacy mode in virtual machines (kde#427060) + * backends/drm: only allow ARGB8888 as the cursor format + * effects/blur: Fix window flickering when the clip intersected with the current blur region. (kde#421135) + * screencast: better solution for missing context on cursor move + * Revert "screencast: make context current in tryEnqueue" + * src/kcmkwin: fix botched indentation code for final checkbox + * backends/drm: don't do direct scanout with software rotation + * screencast: make context current in tryEnqueue + * effects/desktopgrid: don't forget to schedule repaints when timeline is running (kde#444678) + * effects/desktopgrid: register down gesture (kde#444694) + * inputmethod: Do not reset when hiding + * inputmethod: Listen to text-input enablement changes when starting disabled +- Drop patches, now upstream: + * 0001-backends-drm-fall-back-to-legacy-mode-in-virtual-mac.patch + +- Add patch to fix client cursor offset in VMs (kde#427060): + * 0001-backends-drm-fall-back-to-legacy-mode-in-virtual-mac.patch + kwrited5 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + layer-shell-qt +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + libkdecoration2 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- Changes since 5.24.3: + * Add RtL support (kde#432390) + libkscreen2 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + libksysguard5 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + +- Force PIE when building with gcc-10 (boo#1195628, boo#1197641) + libosinfo +- bsc#1197769 - FTBFS: libosinfo won't compile on SP4 + libosinfo.spec + libqt5-qtwebengine +- Add security fixes: + * CVE-2022-0971-qtwebengine-5.15.patch (CVE-2022-0971, boo#1197163) + * CVE-2022-1096-qtwebengine-5.15.patch (CVE-2022-1096, boo#1197552) + +- Add patch to fix build with GCC 12: + * 0001-skia-Some-includes-to-fix-build-with-GCC-12.patch + libsolv +- reworked choice rule generation to cover more usecases +- support SOLVABLE_PREREQ_IGNOREINST in the ordering code + [bsc#1196514] +- support parsing of Debian's Multi-Arch indicator +- bump version to 0.7.22 + libzypp -- Fix package signature check (bsc#184501) +- ZConfig: Update solver settings if target changes (bsc#1196368) +- version 17.30.0 (22) + +- Fix possible hang in singletrans mode (bsc#1197134) +- Do 2 retries if mount is still busy. +- version 17.29.7 (22) + +- Fix package signature check (bsc#1184501) makedumpfile +- makedumpfile-sadump-kaslr-fix-kaslr_offset-calculation.patch: + sadump, kaslr: fix failure of calculating kaslr_offset + (bsc#1196736). + +- Turn on zstd in Tumbleweed. + milou5 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + nvme-cli +- Fix install conflict caused by new bash completion script + location (bsc#1197365). + openblas:openmp +- Build PPC64LE libraries with the lastest gcc available to + take advantage of instruction sets in later CPUs used in + the CPU specific kernels (jsc#SLE-18143, bsc#1197721). + For fortran use the stock compiler to avoid compatibility + issues between different versions of libfortran. + This is relevant for Leap/SLE only. It may be dropped once + gcc < 10 is no longer supported. + openssl-1_1 +- FIPS: Additional PBKDF2 requirements for KAT [bsc#1197280] + * The IG 10.3.A and SP800-132 require some minimum parameters for + the salt length, password length and iteration count. These + parameters should be also used in the KAT. + * Add openssl-1_1-FIPS-PBKDF2-KAT-requirements.patch + +- Security Fix: [bsc#1196877, CVE-2022-0778] + * Infinite loop in BN_mod_sqrt() reachable when parsing certificates + * Add openssl-CVE-2022-0778.patch openssl-CVE-2022-0778-tests.patch + +- Added openssl-1_1-use-include-directive.patch so that the default + /etc/ssl/openssl.cnf file will include any configuration files that + other packages might place into /etc/ssl/engines.d/ and + /etc/ssl/engdef.d/ This is a fix for bsc#1004463 where scripting was + being used to modify the openssl.cnf file. The scripting would fail + if either the default openssl.cnf file, or the sample openssl-ibmca + configuration file would be changed by upstream. +- Updated spec file to create the two new necessary directores for + the above patch. [bsc#1194187, bsc#1004463] + +- FIPS: add openssl-1_1-fips-bsc1190652_release_num_in_version_string.patch + * bsc#1190652 - Provide a service to output module name/identifier + and version + +- Security fix: [bsc#1192820, CVE-2002-20001] + * Fix DHEATER: The Diffie-Hellman Key Agreement Protocol allows + remote attackers (from the client side) to send arbitrary + numbers that are actually not public keys, and trigger + expensive server-side DHE calculation. + * Stop recommending the DHE in SSL_DEFAULT_SUSE_CIPHER_LIST + * Rebase openssl-DEFAULT_SUSE_cipher.patch + +- FIPS: Reintroduce the FFC and ECC checks in openssl-DH.patch + that were removed in the update to 1.1.1l [bsc#1185313] + +- FIPS: Fix sn_objs and ln_objs in crypto/objects/obj_mac.num + * Rebase openssl-DH.patch [bsc#1194327] +- Merge openssl-keep_EVP_KDF_functions_version.patch into + openssl-1.1.1-evp-kdf.patch +- Add function codes for pbkdf2, hkdf, tls and ssh selftests. + Rebase patches: + * openssl-fips-kdf-hkdf-selftest.patch + * openssl-kdf-selftest.patch + * openssl-kdf-ssh-selftest.patch + * openssl-kdf-tls-selftest.patch + +- Pull libopenssl-1_1 when updating openssl-1_1 with the same + version. [bsc#1195792] + +- FIPS: Fix function and reason error codes [bsc#1182959] + * Add openssl-1_1-FIPS-fix-error-reason-codes.patch + +- Enable zlib compression support [bsc#1195149] + +- Remove the openssl-has-RSA_get0_pss_params provides as it is + now fixed in the nodejs16 side [bsc#1192489] + +- FIPS: Move the HMAC-SHA2-256 used for integrity test [bsc#1185320] + * Add openssl-FIPS-KAT-before-integrity-tests.patch + +- FIPS: Add missing KAT for HKDF/TLS 1.3/IPSEC IKEv2 [bsc#1192442] + * Add openssl-fips-kdf-hkdf-selftest.patch + oxygen5 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + pam +- Between allocating the variable "ai" and free'ing them, there are + two "return NO" were we don't free this variable. This patch + inserts freaddrinfo() calls before the "return NO;"s. + [bsc#1197024, pam-bsc1197024-free-addrinfo-before-return.patch] + +- Define _pam_vendordir as "/%{_sysconfdir}/pam.d" + The variable is needed by systemd and others. + [bsc#1196093, macros.pam] + pipewire +- Reorder BuildRequires and space conditions a bit better in the + spec file. + +- Update to version 0.3.49: + * Highlights + - Sample rate switching should work again. + - pw-dot can now use the output of pw-dump to render a graph. + - Bluetooth A2DP streaming was improved that would reduce + stuttering on some devices. + - A JACK bug was fixed that would sometimes make it impossible + to add more tracks in Ardour. (#1714) + - Many bugfixes and improvements. + * PipeWire + - Fix a potential crash when NULL params were configured. + - Add some simple functional tests to avoid some recent + regressions. Improve the test framework for this as well. + - Improvements to the poll loop to avoid some use-after-free + scenarios. + - Fix samplerate switching again. + - setlocale is not called anymore from the pipewire library. + This should be called by the application. (#2223) + - pw_init() and pw_deinit() can now be nested and called + multiple times. + - pw_stream will now report the resampler delay in the + pw_time.queued field. + * modules + - module-filter-chain now supports arbitrary many properties + and will use property hints to assign them the right type. + - The ROC modules now accept a sink/source_properties + parameter. + - The module-rt can now also be built without RT-Kit support. + - module-echo-cancel can now use a fraction to specify the + delay for more precise control. + * SPA + - The channelmixer will now do upmixing by default and will not + use normalization. It will also use a simple upmixing + algorithm that duplicates channels by default. A more + interesting upmix method is also available (PSD) but needs to + be enabled manually. (#861) + - Add SSE optimized (de)interleave functions for 32 bits + samples with and without byteswap. + - JSON parsing of empty strings will now give an invalid number + instead of 0. + - JSON numbers are now parsed and serialized in a locale + independent way so that , and . are not mixed up. + - The resampler will now report the resample delay and queued + samples as the extra delay. + * tools + - pw-cat will read more dsf files correctly and will not crash + at the end. + - pw-top now has a man page. + - pw-dot can now use the output of pw-dump to render a graph. + * bluetooth + - Improve interactions with oFono. + - Fix recovery with slow connections. + - Improve frame size of AptX-ll. + - A2DP can now use any quantum and will flush packets in + smaller chunks when needed to adapt. This improves stuttering + in some cases. + * pulse-server + - The server configuration can now be placed in + pulse.properties section, which also makes it possible to + have custom overrides. + - Implement FIX_ flags for capture as well. + - Small fixes and improvements in module loading. + * JACK + - Clear the last error before executing a new action or else we + could end up with error from a previous action. This causes + some problems in Ardour where adding a track would fail after + some time. (#1714) +- Rebase reduce-meson-dependency.patch. + +- Update to version 0.3.48: + * Highlights + - Fix IEC958 passthrough again. + - Fix pulse-server crashes when playing a sample. + - Support for more a more advanced upmixing algorithm. + - filter-chain now supports arbitrary many ports. + - Fix multichannel support in WINE (with new WirePlumber). + - Many bugfixes and improvements. + * PipeWire + - The work queue is now created in the context so we can fail + early and avoid further error checking in various places. + - Fix a potential use after free with threaded loops. + - The protocol now has a message footer. This is used to pass + around global state such as the last registered object + serial number. This can be used to detect when a client tries + to bind to old (but reused) object ids. This avoids some + races in the session manager but also when binding objects. + - The zero-denormals CPU flag is now not touched anymore unless + explicitly selected by the user. Denormals are avoided in + filter-chain now in software. If the zero-denormals are now + only configured in the data thread. This should fix issues + with luajit. + - Configuration parsing will not actually fail on errors. + - pw-top now correctly clips unicode characters. + - Many places now use a dynamic POD builder to support + arbitrary large property sets. + - pw-stream now support PropInfo parameters so that they can + announce custom properties. + - Serial number are now also set on metadata and + session-manager objects. + * SPA + - audioadapter is now smarter when trying to fixate the format. + It will use the PortConfig format to fill in any wildcards. + This results in the least amount of conversions when the + stream can handle it. It also is part of a fix (also requires + a session manager fix) for WINE multichannel support. + - Fix 5.1 to 2 channels mixing. It was using the volume of the + stereo pair on all channels. + - Fix some weird volume issues when a source is capturing and + channelmixing. + - Add stereo to 7.1 upmixing. + - The channelmix parameters can be changed at runtime now. + - Many improvements to the upmixing algorithms. Rear channels + are now constructed from the ambient sound and can have delay + and phase shift applied to them to improve spacialisation. + The stereo channels can be filtered so that the dialogue is + more concentrated in the centre channel. + * modules + - Module X11 bell received cleanups and improvements. + - The module now has a private method to schedule unload later. + This simplifies cleanup in many modules. + - module-filter-chain now handles arbitrary many ports and + control ports. + - Fix a bug in RAOP where it was reading from the wrong port. + * pulse-server + - Nodes with the DONT_MOVE property should fail with -EINVAL + when they are moved. + - Fix a segfault when playing a sample. + - The _FIX flags in pulse-server also now ignore the configured + sample format, just like pulseaudio does. + - Fix IEC958 passthrough again. It got accidentally broken + since 0.3.45 with a fix for another issue. + - Fix module-null-sink device.description. + * Bluetooth + - Don't try to connect HSP/HFP when no backend is available. +- Drop patches already included upstream: + * 0001-revert-loop-remove-destroy-list.patch + * 0002-pulse-server-free-pending-sample-reply.patch +- Rebase reduce-meson-dependency.patch. +- Enable pulseaudio-setup use on openSUSE Leap 15.4. +- Some spec clean-up. + +- Add 0001-revert-loop-remove-destroy-list.patch: fix MPD crash. +- Add 0002-pulse-server-free-pending-sample-reply.patch: fix + "fast volume change". + +- Update to version 0.3.47: + * Fix a bug in pulse-server that caused cached notifications to + play multiple times. + * Remove a check and warnings to catch leaked listeners on the + proxy. This might access invalid memory and cause infinite + loops in older wireplumber. +- Rebase reduce-meson-dependency.patch. + +- Update to version 0.3.46: + * Highlights: + - Fix a critical bug in pipewire-pulse buffer size handling + that made some apps (MuseScore, ... ) stutter. + - Fix a critical bug where devices would not show when the + kernel was compiled without VERBOSE_PROCSFS. + - JACK clients will now use lock-quantum by default. This + makes sure that all dynamic quantum changes are disabled + while a JACK app is running. The only way to force a + quantum chance is through a JACK app or with the metadata. + - Almost all limits on number of ports, clients and nodes are + removed. + - A Dummy fallback sink is now automatically created when + there are no other sinks. This avoids stalling browsers. + - Sound sharing with Zoom should work better. A new WirePlumber + release might be required. + - Many more fixes and improvements. + * PipeWire + - Update docs with new config overrides. + - The rule matching logic was moved to config and code is now + shared with pulse-server and JACK. + - Add new Romanian translation. + - When a quantum is forced with metadata, any node that asked + to lock-quantum is ignored so that the quantum change can + happen. + - Fix a bug where a mixer was removed twice, leading to + potential memory corruption. + - The port limits on nodes and filters are now removed. + Some code was simplified. + - Fix a potential leak because listeners where removed while + they could be emitted. + - Improve context.exec and avoid zombie processes. + * Modules + - The RAOP module now has a default latency of 2 seconds, + like PulseAudio. + - The echo-cancel module now uses the plugin loader to load + the backends. This makes it possible to add custom, out of + tree, echo cancel plugins. + * Tools + - Improve help of pw-link. + - Output to stdout and error to stderr. Use setlinebuf for + stdout to improve piping between apps. (#2110) + * SPA + - Improve removing sources when dispatching. Also improve + performance now that a destroy loop can be removed. (#2114) + - Fix an fd leak in the logger when logging to a file. + - Improve loop enter/leave checks and support recursive loops. + * pulse-server + - Clamp various buffer attributes to the max length. Fixes some + issues with various applications. (#2100) + - Module properties are now remapped correctly from their + pulseaudio variant to the PipeWire ones. + - Fix module index in introspect. Use the right index when + loaded from our internal modules. (#2101) + - Improve argument parsing and node.description. (#2086) + - The sink-index should now be filled in correctly when playing + a sample. (#2129) + - module-always-sink is now implemented and loaded by default. + (#1838) + - Add support for loading some modules only once. + - Module load and unload now does extra sync to make it appear + synchronous, like in PulseAudio. This improves sounds sharing + in Zoom. + * ALSA + - Fix critical bug where alsa devices would not show when the + kernel was compiled without VERBOSE_PROCFS. + - Some corner cases were fixed in the ALSA timing code. When + the capture node is follower, it will now not try to read too + much data and xrun but it will instead produce a cycle of + silence. + - Various fixes and improvements to make ALSA devices resync to + the driver more quickly and accurately. + * JACK + - Add an option to name the default device as system to improve + compatibility with some applications, + - Use lock-quantum by default. This makes sure that all dynamic + quantum changes are disabled while a JACK app is running. The + only way to force a quantum chance is through a JACK app or + with the metadata. + - It is now possible to do IPC calls from the data thread. Note + that this is a very bad idea but required for compatibility + with JACK2. + * GStreamer + - GStreamer sink will now set a default channelmap to make it + possible to remap to the channel layout of the device. +- Update patch for further uses of "new" meson features used by + upstream: + * reduce-meson-dependency.patch + +- Run ldconfig for pipewire-libjack-0_3 + * The JACK libraries are made available system-wide using + /etc/ld.so.conf.d. Hence, ldconfig should be run to make sure + the dynamic linker picks them up. + plasma-browser-integration +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 +- Drop handling for 0%{?suse_version} < 1330 + plasma-nm5 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + plasma5-addons +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + plasma5-desktop +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- Changes since 5.24.3: + * kcms/componentchooser: unify combobox lengths (kde#451365) + plasma5-disks +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + plasma5-integration +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + plasma5-pa +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + plasma5-systemmonitor +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + plasma5-thunderbolt +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + plasma5-workspace +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- Changes since 5.24.3: + * kcms/users: Adjust for padding in overlay sheet (kde#451031) + * [Media Controller] Explicitly set slider "to" before setting "value" + * [Notifications] Fix implicit size propagation in SelectableLabel + * applets/kicker: Skip creating KService for non-desktop files or folders (kde#442970) + * Fix sleep/suspend sometimes not working ... from ksmserver-logout-greeter, by making the DBus calls synchronous. + * kicker/actionlist: Ensure we parse the args for the jumplist actions (kde#451418) + * libtaskmanager: recompute active task when a task is removed + * sddm/lockscreen: Fix weird behaviour + * [Notifications] Limit notification heading line count + polkit-kde-agent-5 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + powerdevil5 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + protobuf +- Fix incorrect parsing of nullchar in the proto symbol, CVE-2021-22570, + bsc#1195258 + * Add protobuf-CVE-2021-22570.patch + python-rpm -- Add no-hardocded-python2.diff to avoid hardcoding of python2 - (jsc#SLE-16747) - +- update to rpm-4.11.1 + raspberrypi-firmware-dt +- With recent Linux kernel gpio-ranges Device Tree property is now + required. Add following patches to fix immediate issue described + in bsc#1197578. + ARM-dts-gpio-ranges-property-is-now-required.patch + ARM-dts-Add-GPIO-line-names-for-downstream-RPis.patch + We do not update whole package because this will create new + issues like the one described in comment#12 in bsc#1193434 + and comment#2 in bsc#1196632. Once patches referenced in + bsc#1196632 are accepted upstream. _This_ package could be + upgraded too. + rpm +- Revert unwanted /usr/bin/python -> /usr/bin/python2 change we + got with the update to 4.14.3 [bsc#1194968] + new patch: no-python2.diff + +- Backport header check changes so that old rpms get no longer + rejected [bsc#1190824] + updated patch: headerchk3.diff + +- Add explicit requirement on python-rpm-macros to avoid widespread + breakage by package mistakenly ignoring their requirement of + python-rpm-macros (bsc#1180125, bsc#1193711). + +- backport zstd detection fix [bsc#1187670] + new patch: zstddetection.diff +- backport ndb rofs support [bsc#1188548] + new patch: ndbrofs.diff +- backport pgp hardening changes from upstream [bsc#1185299] + new patch: pgpharden.diff +- fix deadlock when multiple rpm processes try tp acquire the + database lock [bsc#1183659] + new patch: deadlock.diff + spice +- Add patch to let spice build with gstreamer 1.20.x + (https://gitlab.freedesktop.org/spice/spice/-/merge_requests/207) + * fix-build-with-gstreamer-1.20.patch + sudo +- Add sudo-1.9.9-honor-T_opt.patch + * the -T option of sudo does nothing even when + 'Defaults user_command_timeouts' is present in the configuration. + * [bsc#1193446] + * Credit to Jaroslav Jindrak + +- Restrict use of sudo -U other -l to people who have permission + to run commands as that user (bsc#1181703, jsc#SLE-22569) + * feature-upstream-restrict-sudo-U-other-l.patch + systemsettings5 +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- Changes since 5.24.3: + * Don't let back arrow be re-colored to monochrome + * systemsettings runner: Ensure that we match keywords case insensitively (kde#451634) + texlive +- Add also a Conflicts for texlive-texconfig-bin in + texlive-scripts-extra-bin (bsc#1197569) + vlc +- Update to version 3.0.17.3: + + This is a fixup release which fixes a regression that could + cause a lack of audio for adaptive streaming playback. It is + identical to 3.0.17.2 otherwise. + + This updates contains various fixes and improvements: + - Major adaptive streaming stack overhaul + - Major codec updates + - Many third party libraries update + - Allow brackets in the path section of URLs + - Better notch support for new macbooks + - Add support for DAV video and Webp image formats + - Improve AV1 live streaming support + - Several SRT support improvements + - Numerous crash fixes + - Update youtube script +- Changes from version 3.0.17.2: + + This is a fixup release which fixes youtube playback and + contextual menus on integrated video for the Qt interface. It + is identical to 3.0.17-1 otherwise. +- Changes from version 3.0.17-1: + + This is a fixup release which bumps libflac to 1.3.4 in order + to fix CVE-2020-0499 and CVE-2021-0561 on platforms for which + we provide binary releases. + +- Disable libnfs and soxr integration on suse_version < 1500 (e.g + SLE12). + +- Update to version 3.0.17: + + Core: + * Fix a regression in parsing secondary source MRLs + * Allow brackets in path part of URLs + + Access: + * Fix support for screen capture on macOS with avcapture + * Fix closing of HTTP 1.x connections + * Improve HTTP2 memory usage + * Improve AVCapture module + * Improve AudioCD support (audio/data mixed mode, musicbrainz) + * Improve SMB compatibility by changing the read size + * Several improvements on the SRT modules (including streamID) + + Decoders/Packetizers: + * Add support for DTS LBR + * Fix some HEVC hardware decoding on Windows and crashes when aspect ratio changes + * Fix hardware decoding for some AMD GPU drivers + * Add support for new Fourcc for E-AC3, AV1, GeoVision + * Fix crashes with VP9 streams + * Fix styling issues with subs tx3g (mp4) tracks + * Fix playback of live AV1 streams + + Audio Output: + * iOS/tvOS: add support for spatial audio + * macOS: fix some channels ordering for > 5.1 channels + * Android: rework audio volume management + + Video Output: + * Fix a D3D11 crash when the stream changes aspect ratio + + Demux: + * Major overhaul of the adaptive streaming stack + * Support for DAV video files + * Add WebP image mapping + * Fix missing audio start of Opus audio in MKV/WebM + * Fix an infinite loop in MP4 + * Fix attachments extractions in ogg files + * Support Uncompressed audio in mp4 (ISO/IEC 23003-5) + * Fix some lip sync issue in rare MPEG-TS streams + + Interface: + * Qt/macOS: Fixup user provided URLs + * Add safe area handling on macOS + * Qt: improve preferences search + * Qt: fix --no-mouse-events option + + Misc: + * Update YouTube script + * Fix Icecast directory parsing which could lead to missing entries + * Improve UPnP compatibility with some servers +- Drop vlc-srto_tsbpddelay.patch: fixed upstream. + +- BuildRequires pkgconfig(smbclient) instead of smbclient-devel: + smbclient-devel was merged into samba-devel, and we do not want + to care for actual package names. + +- Guard --enable-libplacebo configure parameter with is_opensuse: + the buildrequires is also guarded the same way. + wireplumber +- Add patch from upstream to fix no sound on reconnection of + bluetooth device (glfo#pipewire/wireplumber#234): + * 0001-scripts-policy-device-profile-clear-tables-when-devices-removed.patch + +- Add patch from upstream to set locale in apps now that pw_init + doesn't call it by itself anymore in pipewire 0.3.49: + * 0001-src-setlocale-in-main-for-tools-and-the-daemon.patch + +- Make the wireplumber-audio noarch as it just contains a lua + config file. + +- Update to version 0.4.9: + * Fixes: + - restore-stream no longer crashes if properties for it are not + present in the config (#190) + - spa-json no longer crashes on non-x86 architectures + - Fixed a potential crash in the bluetooth auto-switch module + (#193) + - Fixed a race condition that would cause Zoom desktop audio + sharing to fail (#197) + - Surround sound in some games is now exposed properly + (pipewire#876) + - Fixed a race condition that would cause the default source & + sink to not be set at startup + - policy-node now supports the 'target.object' key on streams + and metadata + - Multiple fixes in policy-node that make the logic in some + cases behave more like PulseAudio (regarding nodes with the + dont-reconnect property and regarding following the default + source/sink) + - Fixed a bug with parsing unquoted strings in spa-json + * Misc: + - The policy now supports configuring "persistent" device + profiles. If a device is manually set to one of these + profiles, then it will not be auto-switched to another + profile automatically under any circumstances (#138, #204) + - The device-activation module was re-written in lua + - Brave, Edge, Vivaldi and Telegram were added in the bluetooth + auto-switch applications list + - ALSA nodes now use the PCM name to populate node.nick, which + is useful at least on HDA cards using UCM, where all outputs + (analog, hdmi, etc) are exposesd as nodes on a single profile + - An icon name is now set on the properties of bluetooth devices +- Drop patches already upstream: + * 0001-spa-json-fix-va_list-APIs-for-different-architectures.patch + * 0001-restore-stream-do-not-crash-if-config_properties-is-nil.patch + * 0002-policy-bluetooth-fix-string.find-crash-with-nil-string.patch + * 0003-si-audio-adapter-relax-format-parsing.patch +- Update split-config-file.py script + +- Add patch from upstream to fix a crash on tty switch + (glfo#pipewire/wireplumber#193): + * 0002-policy-bluetooth-fix-string.find-crash-with-nil-string.patch +- Add patch from upstream to fix issues with PulseAudio support with + PipeWire 0.3.48+ (glfo#pipewire/pipewire#2189): + * 0003-si-audio-adapter-relax-format-parsing.patch +- Some spec clean-up. + xdg-desktop-portal-kde +- Update to 5.24.4 + * New bugfix release + * For more details please see: + * https://kde.org/announcements/plasma/5/5.24.4 +- No code changes since 5.24.3 + zlib +- CVE-2018-25032: Fix memory corruption on deflate, bsc#1197459 + * bsc1197459.patch +