Packages changed: SDL3 (3.2.12 -> 3.2.14) aalib checkmedia (6.3 -> 6.4) iputils kernel-firmware-intel (20250419 -> 20250512) kernel-firmware-sound (20250502 -> 20250512) kf6-kirigami libguestfs (1.55.10 -> 1.55.11) libyui (4.6.3 -> 4.7.1) libyui-ncurses (4.6.3 -> 4.7.1) libyui-ncurses-pkg (4.6.3 -> 4.7.1) libyui-qt (4.6.3 -> 4.7.1) libyui-qt-graph (4.6.3 -> 4.7.1) libyui-qt-pkg (4.6.3 -> 4.7.1) m4 mpdecimal open-vm-tools (12.5.0 -> 12.5.2) openSUSE-build-key openSUSE-release (20250514 -> 20250522) openssh ovmf patterns-server pcr-oracle (0.5.5 -> 0.5.6) pipewire polkit-default-privs (1550+20250407.fdb02a6 -> 1550+20250514.1208790) python-Pygments python-argon2-cffi-bindings python-cached-property python-packaging python-setuptools (78.1.0 -> 78.1.1) python313-setuptools (78.1.0 -> 78.1.1) quota (4.09 -> 4.10) rlwrap (0.46.1 -> 0.46.2) rsyslog ruby3.4 (3.4.3 -> 3.4.4) sqlite3 (3.49.1 -> 3.49.2) thunar (4.20.2 -> 4.20.3) usb_modeswitch wireplumber xen (4.20.0_10 -> 4.20.0_12) xfce4-dict (0.8.8 -> 0.8.9) === Details === ==== SDL3 ==== Version update (3.2.12 -> 3.2.14) - Update to release 3.2.14 * Fixed crash querying the name of logical audio devices. * Fixed thread-local storage related black screen issue when pulseaudio audio output is active. * Reverted dead key reporting on X11, which introduced bugs with IME handling. * Fixed incorrect destination usage mode for storage buffer read/write bindings on Vulkan. ==== aalib ==== - FIx changelog format: the dashed indicates the beginning of a change, thus there is content supposed to follow. ==== checkmedia ==== Version update (6.3 -> 6.4) Subpackages: libmediacheck6 - merge gh#openSUSE/checkmedia#20 - added --[no-]signature-tag options for explicit handling of the 'signature' tag (bsc#1243125) - 6.4 ==== iputils ==== - Security fix [bsc#1242300, CVE-2025-47268] * integer overflow in RTT calculation can lead to undefined behavior * Add iputils-CVE-2025-47268.patch ==== kernel-firmware-intel ==== Version update (20250419 -> 20250512) - Update to version 20250512 (git commit 9f8e520fd736): * intel_vpu: Update NPU firmware ==== kernel-firmware-sound ==== Version update (20250502 -> 20250512) - Update to version 20250512 (git commit 9f8e520fd736): * intel: avs: Update topology file for Digital Microphone Array (bsc#1243030) ==== kf6-kirigami ==== Subpackages: kf6-kirigami-imports libKirigamiPlatform6 - Add upstream changes: * 0001-WheelHandler-remove-std-clamp-assert-crash.patch * 0002-WheelHandler-Only-apply-scrollview-event-filtering-t.patch * 0004-WheelHandler-remove-std-clamp-assert-crash-part-2.patch * 0005-WheelHandler-use-std-min-and-std-max-instead-of-qMin.patch ==== libguestfs ==== Version update (1.55.10 -> 1.55.11) Subpackages: libguestfs-appliance libguestfs-winsupport libguestfs-xfs libguestfs0 - Update to version 1.55.11 (jsc#PED-12706) * daemon/fstrim.c: Run the fstrim command twice * lib/create.c: Fix check after BLKDISCARD * daemon: inspect: Remove duplicate root mountpoints in /etc/fstab ==== libyui ==== Version update (4.6.3 -> 4.7.1) - Fix build failure with gcc-15: Don't build libyui-rest-api with -Werror to complain about wstring_convert that was deprecated without any replacement (bsc#1241933) - 4.7.1 - Bump version to 4.7.0 to avoid conflicts with the SLE15-SP6 version ==== libyui-ncurses ==== Version update (4.6.3 -> 4.7.1) - Fix build failure with gcc-15: Don't build libyui-rest-api with -Werror to complain about wstring_convert that was deprecated without any replacement (bsc#1241933) - 4.7.1 - Bump version to 4.7.0 to avoid conflicts with the SLE15-SP6 version ==== libyui-ncurses-pkg ==== Version update (4.6.3 -> 4.7.1) - Fix build failure with gcc-15: Don't build libyui-rest-api with -Werror to complain about wstring_convert that was deprecated without any replacement (bsc#1241933) - 4.7.1 - Bump version to 4.7.0 to avoid conflicts with the SLE15-SP6 version ==== libyui-qt ==== Version update (4.6.3 -> 4.7.1) - Fix build failure with gcc-15: Don't build libyui-rest-api with -Werror to complain about wstring_convert that was deprecated without any replacement (bsc#1241933) - 4.7.1 - Bump version to 4.7.0 to avoid conflicts with the SLE15-SP6 version ==== libyui-qt-graph ==== Version update (4.6.3 -> 4.7.1) - Fix build failure with gcc-15: Don't build libyui-rest-api with -Werror to complain about wstring_convert that was deprecated without any replacement (bsc#1241933) - 4.7.1 - Bump version to 4.7.0 to avoid conflicts with the SLE15-SP6 version ==== libyui-qt-pkg ==== Version update (4.6.3 -> 4.7.1) - Fix build failure with gcc-15: Don't build libyui-rest-api with -Werror to complain about wstring_convert that was deprecated without any replacement (bsc#1241933) - 4.7.1 - Bump version to 4.7.0 to avoid conflicts with the SLE15-SP6 version ==== m4 ==== - Drop -std=gnu17 from CFLAGS as 1.4.20 supports C23 ==== mpdecimal ==== - Fix LDXXFLAGS (thank you Stefan Krah for providing the patch) ==== open-vm-tools ==== Version update (12.5.0 -> 12.5.2) Subpackages: libvmtools0 open-vm-tools-desktop - update to 12.5.2 (bsc#1243106): https://github.com/vmware/open-vm-tools/blob/stable-12.5.2/ReleaseNotes.md https://github.com/vmware/open-vm-tools/blob/stable-12.5.2/open-vm-tools/ChangeLog This release resolves CVE-2025-22247. For more information on this vulnerability and its impact on Broadcom products, see VMSA-2025-0007 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25683 ==== openSUSE-build-key ==== - added gpg-pubkey-25db7ae0-645bae34.asc: RSA 4k SLE15 Backports key. - removed gpg-pubkey-65176565-61a0ee8f.asc: old RSA 2k Backports key. (bsc#1243135) ==== openSUSE-release ==== Version update (20250514 -> 20250522) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - Enable --with-logind to call the SetTTY dbus method in systemd in SLE15 too. This allows "wall" to print messages in ssh ttys (bsc#1239671) - Small fixes to unref the dbus session when any error occurs: * logind_set_tty.patch ==== ovmf ==== Subpackages: qemu-uefi-aarch64 - Add patchset to enable SVSM vTPM support in OVMF (jsc#PED-12743, jsc#PED-12767) - 9bceb1600005 ovmf-Maintainers.txt-Add-reviewer-for-SVSM-vTPM-related-m.patch - 87d4cdd09e4d ovmf-UefiCpuPkg-AmdSvsmLib-Stub-the-SVSM-vTPM-protocol-fo.patch - 40b4e190d37d ovmf-OvmfPkg-AmdSvsmLib-Add-the-SVSM-vTPM-protocol.patch - 06b2f9dc4385 ovmf-OvmfPkg-Use-Tpm2Device-lib-with-SVSM-vTPM-support.patch - 458198aa49c3 ovmf-OvmfPkg-AmdSvmLib-Use-named-protocol-and-call-consta.patch - fa74200c9269 ovmf-MdePkg-AmdSev-Add-SVSM-protocol-call-numbers.patch - 70f806ec23fb ovmf-MdePkg-AmdSev-Add-SVSM-protocol-vTPM-call-numbers.patch - edf5e365c104 ovmf-SecurityPkg-Tpm2DeviceLibDTpm-Add-header-file-for-Tp.patch - e868ece3c7d1 ovmf-SecurityPkg-Tpm2DeviceLibDTpm-Add-TPM2-lib-supportin.patch - 87f454532a61 ovmf-SecurityPkg-Tpm2DeviceLibDTpm-Improve-spelling-gramm.patch - c2d8e9236787 ovmf-SecurityPkg-Tpm2DeviceLibDTpm-Check-SNP-enabled-prio.patch - Remove non-unified SEV/TDX images due to potential security risks. (bsc#1232762) - ovmf-x86_64-sev-code.bin - ovmf-x86_64-sev-vars.bin - ovmf-x86_64-tdx-code.bin - ovmf-x86_64-tdx-vars.bin ==== patterns-server ==== Subpackages: patterns-server-dhcp_dns_server patterns-server-directory_server patterns-server-file_server patterns-server-kvm_server patterns-server-kvm_tools patterns-server-lamp_server patterns-server-mail_server patterns-server-printing - Merge enterprise patterns into this package but only build them on SLE. ==== pcr-oracle ==== Version update (0.5.5 -> 0.5.6) - Update to 0.5.6 + rsa: adopt OpenSSL 3.0 API to generate RSA key + Drop the code for openSSL < 3.0.0 + Look for signing authority in alternative database (bsc#1241957) - Bump the requirement of libopenssl-devel to 3.0.0 ==== pipewire ==== Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Better use "Suggests" instead of Recommends otherwise wireplumber-video-only-provides gets pulled in when libjack0 is already installed. - Don't use wireplumber-audio in Recommend package expression since the wireplumber-audio doesn't exist anymore and wireplumber (which now provides it) is expected to be installed in all cases. ==== polkit-default-privs ==== Version update (1550+20250407.fdb02a6 -> 1550+20250514.1208790) - Update to version 1550+20250514.1208790: * profiles: add flatpak override-parental-controls-update (bsc#1243046) ==== python-Pygments ==== - Redownload source file to have the same version released in pypi. ==== python-argon2-cffi-bindings ==== - Convert to pip-based build ==== python-cached-property ==== - Convert to pip-based build ==== python-packaging ==== - skip primary build only for Tumbleweed (adjust version) ==== python-setuptools ==== Version update (78.1.0 -> 78.1.1) - update to 78.1.1: * More fully sanitized the filename in PackageIndex._download. - switch build-exclusion to be tumbleweed only ==== python313-setuptools ==== Version update (78.1.0 -> 78.1.1) - update to 78.1.1: * More fully sanitized the filename in PackageIndex._download. - switch build-exclusion to be tumbleweed only ==== quota ==== Version update (4.09 -> 4.10) Subpackages: quota-nfs - Update to 4.10: * Update Polish translation (Jan Kara) * quotasys: Make detection of QF_META format work for bcachefs (Jan Kara) * quotaio_xfs: Fix memory leak (Pavel Reichl) * setproject: Add support for bcachefs REINHERIT_ATTRS ioctl (Kent Overstreet) * setproject: Simple utility for setting projects on files/directories (Kent Overstreet) * Move user/group/project name translation into common.[ch] (Jan Kara) * Add support for bcachefs (Jan Kara) * Fix building on musl (Brahmajit Das) * quotaio_xfs: Convert remaining quotactl(2) calls to quotactl_handle() (Jan Kara) * quotaio_xfs: Fix quota-tools on XFS (Jan Kara) * quotaio_xfs: Fix error handling in xfs_read_dquot() (Jan Kara) * Disable BSD_BEHAVIOUR by default (Jan Kara) * quotaops: Checking egid with BSD_BEHAVIOR (Jan Kara) * Enable support for tmpfs quotas (Carlos Maiolino) * Add quotactl_fd() support (Carlos Maiolino) * Rename searched_dir->sd_dir to sd_isdir (Carlos Maiolino) * quota-nld: fix open PID file failed when systemd read it (lihaoxiang (F)) * edquota: Fix editing of individual user grace times (Jan Kara) * setquota: Avoid false error messages when setting grace times (Jan Kara) * Make configure.ac POSIX compliant (Sam James) * Update required gettext version (Jan Kara) ==== rlwrap ==== Version update (0.46.1 -> 0.46.2) - Update to 0.46.2 * Bug fix - python filters would cause "invalid escape sequence" SyntaxWarnings with python 3.12 or newer. - --skip-ctty option skips making slave pty a controlling terminal - warn (don't die) when a specified completion file is not found - configure will bail out (not just warn) when no termcap -like library is found. - additionally check for TERM when INSIDE_EMACS is set (allowing the use of rlwrap within shells run by emacs) - gcc -Wformat-security would warn about rl_message() being used in an unsafe manner. - silence unhelpful input/output error messages at command exit ==== rsyslog ==== - select modules for SLFO (jsc#PED-12783) ==== ruby3.4 ==== Version update (3.4.3 -> 3.4.4) Subpackages: libruby3_4-3_4 - Update to 3.4.4 This release includes a fix for a YJIT bug related to local variables and addresses a build issue on Windows when using GCC 15. It was released ahead of schedule to make these fixes available as soon as possible. A few other bug fixes are also included. https://github.com/ruby/ruby/releases/tag/v3_4_4 - adjust requirement on valgrind to match SLFO ==== sqlite3 ==== Version update (3.49.1 -> 3.49.2) Subpackages: libsqlite3-0 sqlite3-tcl - Update to release 3.49.2: * Fix a bug in the NOT NULL optimization of version 3.40.0 that can lead to a memory error if abused. * Fix the count-of-view optimization so that it does not give an incorrect answer for a DISTINCT query. * Fix a possible incorrect answer that can result if a UNIQUE constraint of a table contains the PRIMARY KEY column and that UNIQUE constraint is used by an IN operator. * Fix obscure problems with the generate_series() extension function. * Incremental improvements to the configure/make. ==== thunar ==== Version update (4.20.2 -> 4.20.3) Subpackages: libthunarx-3-0 thunar-lang - Update to 4.20.3 * Always warn user before permanent deleting files * Fix string leaks when UCAs use a submenu * Fix a potential leak in thunar_action_manager_append_custom_actions * Fix leaks with ThunarMenuX objects * Fix thunarx_menu_get_items leak when multiple UCAs share a submenu * Fix refresh on row-changed in list view (#1584) * Add missing NULL check before unref call * Fix popup position of DnD menu * UCA: Correct PWD for submenu folder items (#1615) * wayland: Fix popup menu not closing (#1592) * Check if file exists before opening its location (#1257) * Prevent popups on wrong window (#1591) * thunar-tpa: Fix libxfce4panel include * Prevent criticals when switching current view (#1344) * Fix crash when destroying folder in list view (#1330) (#1568) * Fix crash in properties dialog (#1585) * Fix invalid filenames when copying to exFAT FS (#1570) * Fix typo in preferences dialog * Hide shortcuts editor when accel map uninitialized (#1488) * Update statusbar when searching (#1560) * Always update statusbar on file changes in list view (#1560) * Fix item activation on double-click in list view (#1567) * Use 'malloc_trim' after search (#1552) * Fix missing dialog for folder errors in list view (#1538) * Fix leak on search update * Fix missing dialog window icon (#1506) * Fix leaks on "cancel search" * Properly check if a file can be trashed (#1554) * Translation Updates ==== usb_modeswitch ==== Subpackages: usb_modeswitch-data - add usb_modeswitch-c23.patch from upstream to fix gcc15 compile time error ==== wireplumber ==== Subpackages: libwireplumber-0_5-0 - Use Supplements: pulseaudio in wireplumber-video-only-profile to get it automatically installed in systems using pulseaudio. - Add patch and rework how we enable/disable audio support in pipewire/wireplumber to use upstream provided profiles instead of custom config files modifications. We now support audio with the default wireplumber package and only when the wireplumber-video-only-profile package is installed, wireplumber will not use audio (allowing to use pulseaudio instead). This means we now set the profile using an environment variable in the wireplumber user service that has a default value of "main" and is set in /usr/etc/wireplumber.conf to "video-only" by the mentioned package . A user can override the value in /etc/wireplumber.conf. * set-profile-in-service.patch - Add patches from upstream to fix various issues. * 0001-internal-comp-loader-generate-a-provides-for-components.patch * 0002-wpctl-fix-default-device-name-leak.patch * 0003-wpctl-fix-types-in-variadic-arguments.patch * 0004-monitor-utils-Support-devices-without-any-device-ids.patch * 0005-v4l2_monitor-scripts-fix-for-deduplicate-devices-with-the.patch * 0006-monitors_libcamera-fix-deduplicating-devices-with-the-same.patch * 0007-monitors_alsa-fix-nil-table-indexing.patch ==== xen ==== Version update (4.20.0_10 -> 4.20.0_12) Subpackages: xen-libs xen-tools-domU - bsc#1243117 - VUL-0: CVE-2024-28956: xen: Intel CPU: Indirect Target Selection (ITS) (XSA-469) 68221f20-x86-alternative-when-feature-not-present.patch 68221f21-x86-guest-remove-Xen-hypercall_page.patch 68221f22-x86-misalign-__x86_indirect_thunk.patch 68221f23-x86-misalign-RETs-in-clear_bhb_loops.patch 68221f24-x86-stubs-introduce-place_ret.patch 68221f25-x86-build-with-Return-Thunks.patch 68221f26-x86-spec-ctrl-synthesise-ITS_NO.patch - Upstream bug fixes (bsc#1027519) 67dada68-x86-mm-IS_ALIGNED-in-IS_LnE_ALIGNED.patch 67ea4268-x86-P2M-sync-fast-slow-p2m_get_page_from_gfn.patch 67ea428e-percpu-dont-init-on-resume.patch 67f8ecda-rangeset-incorrect-subtraction.patch 6800b54f-x86-HVM-update-repeat-count-upon.patch 68076044-x86emul-clip-rep-count-for-STOS.patch 6808f549-x86-Intel-work-around-MONITOR-MWAIT-errata.patch - Drop build-python3-conversion.patch ==== xfce4-dict ==== Version update (0.8.8 -> 0.8.9) Subpackages: xfce4-dict-lang - Update to version 0.8.9 * Hide web search link in results if not set * Fix enchant binary names * autotools-build: Add missing compile flags * meson-build: Remove --manual-register flag from compile_resources() * Replace deprecated exo with libxfce4ui 4.21.0 * Meson version can be older * build: Automate copyright year management * Add suport to Meson * I18n: Update po/LINGUAS list * Remove x11 includes * Drop libx11 as dependency * Translation Updates