Packages changed: PackageKit baloo-widgets (24.08.0 -> 24.08.1) bluez (5.77 -> 5.78) crun (1.16.1 -> 1.17) dolphin (24.08.0 -> 24.08.1) ffmpegthumbs (24.08.0 -> 24.08.1) kaccounts-integration (24.08.0 -> 24.08.1) kaccounts-integration-kf5 (24.08.0 -> 24.08.1) kaccounts-providers (24.08.0 -> 24.08.1) kate (24.08.0 -> 24.08.1) kdegraphics-mobipocket (24.08.0 -> 24.08.1) kdegraphics-thumbnailers (24.08.0 -> 24.08.1) kdenetwork-filesharing (24.08.0 -> 24.08.1) kdialog (24.08.0 -> 24.08.1) kio-extras (24.08.0 -> 24.08.1) kio-gdrive (24.08.0 -> 24.08.1) konsole (24.08.0 -> 24.08.1) kpmcore (24.08.0 -> 24.08.1) kwalletmanager (24.08.0 -> 24.08.1) libkdcraw-qt6 (24.08.0 -> 24.08.1) libkexiv2-qt6 (24.08.0 -> 24.08.1) libkgapi6 (24.08.0 -> 24.08.1) libzypp (17.35.10 -> 17.35.11) openssh partitionmanager (24.08.0 -> 24.08.1) passt pipewire python-configobj qemu (9.0.2 -> 9.1.0) signon-kwallet-extension (24.08.0 -> 24.08.1) spectacle (24.08.0 -> 24.08.1) ucode-intel (20240813 -> 20240910) webkit2gtk3 (2.44.3 -> 2.44.4) webkit2gtk4 (2.44.3 -> 2.44.4) wget wpa_supplicant (2.10 -> 2.11) === Details === ==== PackageKit ==== Subpackages: PackageKit-backend-dnf libpackagekit-glib2-18 typelib-1_0-PackageKitGlib-1_0 - Add PackageKit-zypp-dont-install-updateCandidateObj.patch: zypp: Mark the correct packages to-be-installed (bsc#1227389, gh#PackageKit/PackageKit/commit/209aa6295). ==== baloo-widgets ==== Version update (24.08.0 -> 24.08.1) - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - No code change since 24.08.0 ==== bluez ==== Version update (5.77 -> 5.78) Subpackages: bluez-auto-enable-devices bluez-cups libbluetooth3 - Mark the configuration files as 'noreplace'. - Update to 5.78: * Fix issue with handling notification of scanned BISes to BASS * Fix issue with handling checking BIS caps against peer caps. * Fix issue with handling MGMT Set Device Flags overwrites. * Fix issue with handling ASE notification order. * Fix issue with handling BIG Info report events. * Fix issue with handling PACS Server role. * Fix issue with registering UHID_START multiple times. * Fix issue with pairing method not setting auto-connect. - Fix 3 rpmlint warnings, some configuration files were not marked as so. ==== crun ==== Version update (1.16.1 -> 1.17) - update to 1.17: * Add --log-level option. It accepts error, warning and error. * Add debug logs for container creation. * Fix double-free in crun exec code that could lead to a crash. * Allow passing an ID to the journald log driver. * Report "executable not found" errors after tty has been setup. * Do not treat EPIPE from hooks as an error. * Make sure DefaultDependencies is correctly set in the systemd scope. * Improve the error message when the container process is not found. * Improve error handling for the mnt namespace restoration. * Fix error handling for getpwuid_r, recvfrom and libcrun_kill_linux. * Fix handling of device paths with trailing slashes. - add url for keyring - enable leap by disabling wasmedge (not packaged for leap) ==== dolphin ==== Version update (24.08.0 -> 24.08.1) Subpackages: dolphin-part libdolphinvcs6 - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - Changes since 24.08.0: * settings: Fix the Use Current Location button (kde#491753) * KItemListRoleEditor: minimize resize() occurences (kde#479695) * Update .gitlab-ci.yml file ==== ffmpegthumbs ==== Version update (24.08.0 -> 24.08.1) - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - No code change since 24.08.0 ==== kaccounts-integration ==== Version update (24.08.0 -> 24.08.1) Subpackages: libkaccounts6-2 - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - No code change since 24.08.0 ==== kaccounts-integration-kf5 ==== Version update (24.08.0 -> 24.08.1) - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - No code change since 24.08.0 ==== kaccounts-providers ==== Version update (24.08.0 -> 24.08.1) - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - No code change since 24.08.0 ==== kate ==== Version update (24.08.0 -> 24.08.1) Subpackages: kate-plugins - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - Changes since 24.08.0: * snapcraft: Fix typo.. * snapcraft: Actually add the neon packages. * snapcraft: Use neon packages to simplify build and runtime. * snapcraft: New upstream release. Refresh prime cleanup. * back to normal konsole * Remove unneeded search result expanding limit (kde#491890) * KateBuildView: Remove close button entirely * Formatter: add formatting for Odin language * Change the default LSP client for GLSL language to glsl_analyzer * Fix tooltip hides on scrolling using scrollbar (kde#492092) * Tooltip: Only highlight blocks that are marked BlockCodeLanguage (kde#492076) * Dont insert line breaks in tooltip (kde#492062) * Fix crash on window close * Build release branch. ==== kdegraphics-mobipocket ==== Version update (24.08.0 -> 24.08.1) - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - No code change since 24.08.0 ==== kdegraphics-thumbnailers ==== Version update (24.08.0 -> 24.08.1) - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - No code change since 24.08.0 ==== kdenetwork-filesharing ==== Version update (24.08.0 -> 24.08.1) - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - No code change since 24.08.0 ==== kdialog ==== Version update (24.08.0 -> 24.08.1) - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - No code change since 24.08.0 ==== kio-extras ==== Version update (24.08.0 -> 24.08.1) Subpackages: libkioarchive6-6 trash_kcm - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - No code change since 24.08.0 ==== kio-gdrive ==== Version update (24.08.0 -> 24.08.1) - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - No code change since 24.08.0 ==== konsole ==== Version update (24.08.0 -> 24.08.1) Subpackages: konsole-part - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - No code change since 24.08.0 ==== kpmcore ==== Version update (24.08.0 -> 24.08.1) Subpackages: libkpmcore12 - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - No code change since 24.08.0 ==== kwalletmanager ==== Version update (24.08.0 -> 24.08.1) - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - Changes since 24.08.0: * Fix service file name (kde#492138) - Drop patch, merged upstream: * 0001-Fix-service-file-name.patch ==== libkdcraw-qt6 ==== Version update (24.08.0 -> 24.08.1) Subpackages: libKDcrawQt6-5 - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - No code change since 24.08.0 ==== libkexiv2-qt6 ==== Version update (24.08.0 -> 24.08.1) Subpackages: libKExiv2Qt6-0 - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - No code change since 24.08.0 ==== libkgapi6 ==== Version update (24.08.0 -> 24.08.1) Subpackages: libKPim6GAPICore6 libKPim6GAPIDrive6 libkgapi6-sasl2-kdexoauth2 - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - No code change since 24.08.0 ==== libzypp ==== Version update (17.35.10 -> 17.35.11) - Deprecate librpmDb::db_const_iterator default ctor (bsc#1230267) It's preferred to explicitly tell the root directory of the system whose database you want to query. - version 17.35.11 (35) ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - Drop most of openssh-6.6p1-keycat.patch (actually, it was just commented out). The keycat binary isn't really installed nor supported, so we can drop it, except for the code that is used by other SELinux patches, which is what I kept from that patch (boo#1229072). - Add patch submitted to upstream to fix RFC4256 implementation so that keyboard-interactive authentication method can send instructions and sshd shows them to users even before a prompt is requested. This fixes MFA push notifications (boo#1229010). * 0001-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch ==== partitionmanager ==== Version update (24.08.0 -> 24.08.1) - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - No code change since 24.08.0 ==== passt ==== Subpackages: passt-selinux - Fix passt-selinux to use selinux macros instead of calling semodule by hand, which leads to unwanted policy reload on Micro (bsc#1229132) ==== pipewire ==== Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Add %{_pam_secdistconfdir}/limits.d to filelist ==== python-configobj ==== - Refresh CVE-2023-26112.patch according to the last state of gh#DiffSK/configobj!236. ==== qemu ==== Version update (9.0.2 -> 9.1.0) - Re-enable vhdx support in qemu-img: * [openSUSE][RPM] explicitly enable qemu-img support for vhdx and vpc - Spec file fixing (for properly building 9.1) and improvements: * [openSUSE][RPM] Consolidate disabling all features during 'configure' in a macro * [openSUSE][RPM] Consolidate handling of conditional features * [openSUSE][RPM] (commented out) services for qemu-pr-helper * [openSUSE][RPM] package qemu-vmsr-helper * [openSUSE][RPM] configure: Fix with-pkgversion option * [openSUSE][RPM] Exclude riscv edk2 files * [openSUSE][RPM] Remove nios2 * [openSUSE][RPM] Update tests acpi path * [openSUSE][RPM] configure: remove options for removed features - Update to version 9.1.0: Full changelog here: https://wiki.qemu.org/ChangeLog/9.1 Some of the most notable features: * migration: compression offload support via Intel In-Memory Analytics Accelerator (IAA) or User Space Accelerator Development Kit (UADK), along with enhanced support for postcopy failure recovery * virtio: support for VIRTIO_F_NOTIFICATION_DATA, allowing guest drivers to provide additional data as part of sending device notifications for performance/debug purposes * guest-agent: support for guest-network-get-route command on linux, guest-ssh-* commands on Windows, and enhanced CLI support for configuring allowed/blocked commands * block: security fixes for QEMU NBD server and NBD TLS encryption * ARM: emulation support for FEAT_NMI, FEAT_CSV2_3, FEAT_ETS2, FEAT_Spec_FPACC, FEAT_WFxT, FEAT_Debugv8p8 architecture features * ARM: nested/two-stage page table support for emulated SMMUv3 * ARM: xilinx_zynq board support for cache controller and multiple CPUs, and B-L475E-IOT01A board support for a DM163 display * LoongArch: support for directly booting an ELF kernel and for running up to 256 vCPUs via extioi virt extension * LoongArch: enhanced debug/GDB support * RISC-V: support for version 1.13 of privileged architecture specification * RISC-V: support for Zve32x, Zve64x, Zimop, Zcmop, Zama16b, Zabha, Zawrs, and Smcntrpmf extensions * RISC-V: enhanced debug/GDB support and general fixes * SPARC: emulation support for FMAF, IMA, VIS3, and VIS4 architecture features * x86: KVM support for running AMD SEV-SNP guests * x86: CPU emulation support for Icelake-Server-v7, SapphireRapids-v3, and SierraForest ==== signon-kwallet-extension ==== Version update (24.08.0 -> 24.08.1) - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - No code change since 24.08.0 ==== spectacle ==== Version update (24.08.0 -> 24.08.1) - Update to 24.08.1 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/24.08.1/ - Changes since 24.08.0: * Set fallback icon theme (kde#492824) * Fix InlineMessage headers/appearance on "no screenshot" dialog * Set suggested filename for copied images * Go back to copying images with setImageData (kde#485096) ==== ucode-intel ==== Version update (20240813 -> 20240910) - Intel CPU Microcode was updated to the 20240910 release (bsc#1230400) - CVE-2024-23984: Observable discrepancy in RAPL interface for some Intel Processors may allow a privileged user to potentially enable information disclosure via local access. [INTEL-SA-01103](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01103.html) - CVE-2024-24968: Improper finite state machines (FSMs) in hardware logic in some Intel Processors may allow an privileged user to potentially enable a denial of service via local access [INTEL-SA-01097](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01097.html) - Update for functional issues. Refer to [Intel® Core™ Ultra Processor](https://cdrdv2.intel.com/v1/dl/getContent/792254) for details. - Update for functional issues. Refer to [13th Generation Intel® Core™ Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/740518) for details. - Update for functional issues. Refer to [12th Generation Intel® Core™ Processor Family](https://cdrdv2.intel.com/v1/dl/getContent/682436) for details. - Update for functional issues. Refer to [Intel® Processors and Intel® Core™ i3 N-Series](https://cdrdv2.intel.com/v1/dl/getContent/764616) for details. [#]## New Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | TWL | N0 | 06-be-00/19 | | 0000001a | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E [#]## Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ADL | C0 | 06-97-02/07 | 00000035 | 00000036 | Core Gen12 | ADL | H0 | 06-97-05/07 | 00000035 | 00000036 | Core Gen12 | ADL | L0 | 06-9a-03/80 | 00000433 | 00000434 | Core Gen12 | ADL | R0 | 06-9a-04/80 | 00000433 | 00000434 | Core Gen12 | ADL-N | N0 | 06-be-00/11 | 00000017 | 0000001a | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E | MTL | C0 | 06-aa-04/e6 | 0000001e | 0000001f | Core™ Ultra Processor | RPL-E/HX/S | B0 | 06-b7-01/32 | 00000123 | 00000129 | Core Gen13/Gen14 | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004121 | 00004122 | Core Gen13 | RPL-HX/S | C0 | 06-bf-02/07 | 00000035 | 00000036 | Core Gen13/Gen14 | RPL-S | H0 | 06-bf-05/07 | 00000035 | 00000036 | Core Gen13/Gen14 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004121 | 00004122 | Core Gen13 ==== webkit2gtk3 ==== Version update (2.44.3 -> 2.44.4) Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 webkit2gtk-4_1-injected-bundles - Update to version 2.44.4: + Add quirk to allow totale.rosettastone.com to load properly. + Fix webkit_web_resource_get_data() not working properly in some sites. + Fix not being able to jump-to-source in Web Inspector canvas traces. + Fix not being able to scroll list of WebGL shader programs in the Web Inspector. + Fix linker relocation errors on Debug/RelWithDebInfo builds. + Fix crashes when built with Clang with Link-Time Optimization (LTO). + Fix several crashes and rendering issues. - Drop revert-271175.patch: Fixed upstream. - Enable LTO again, pass define _lto_cflags for only select targets ==== webkit2gtk4 ==== Version update (2.44.3 -> 2.44.4) Subpackages: libjavascriptcoregtk-6_0-1 libwebkitgtk-6_0-4 webkitgtk-6_0-injected-bundles - Update to version 2.44.4: + Add quirk to allow totale.rosettastone.com to load properly. + Fix webkit_web_resource_get_data() not working properly in some sites. + Fix not being able to jump-to-source in Web Inspector canvas traces. + Fix not being able to scroll list of WebGL shader programs in the Web Inspector. + Fix linker relocation errors on Debug/RelWithDebInfo builds. + Fix crashes when built with Clang with Link-Time Optimization (LTO). + Fix several crashes and rendering issues. - Drop revert-271175.patch: Fixed upstream. - Enable LTO again, pass define _lto_cflags for only select targets ==== wget ==== - Update wget.keyring: use release-team keyring - Don't reference source URL when the linked sources change over time ==== wpa_supplicant ==== Version update (2.10 -> 2.11) - update to v2.11: * Wi-Fi Easy Connect - add support for DPP release 3 - allow Configurator parameters to be provided during config exchange * HE/IEEE 802.11ax/Wi-Fi 6 - various fixes * EHT/IEEE 802.11be/Wi-Fi 7 - add preliminary support * SAE: add support for fetching the password from a RADIUS server * support OpenSSL 3.0 API changes * support background radar detection and CAC with some additional drivers * support RADIUS ACL/PSK check during 4-way handshake (wpa_psk_radius=3) * EAP-SIM/AKA: support IMSI privacy * improve 4-way handshake operations - use Secure=1 in message 3 during PTK rekeying * OCV: do not check Frequency Segment 1 Channel Number for 160 MHz cases to avoid interoperability issues * support new SAE AKM suites with variable length keys * support new AKM for 802.1X/EAP with SHA384 * extend PASN support for secure ranging * FT: Use SHA256 to derive PMKID for AKM 00-0F-AC:3 (FT-EAP) - this is based on additional details being added in the IEEE 802.11 standard - the new implementation is not backwards compatible * improved ACS to cover additional channel types/bandwidths * extended Multiple BSSID support * fix beacon protection with FT protocol (incorrect BIGTK was provided) * support unsynchronized service discovery (USD) * add preliminary support for RADIUS/TLS * add support for explicit SSID protection in 4-way handshake (a mitigation for CVE-2023-52424; disabled by default for now, can be enabled with ssid_protection=1) * fix SAE H2E rejected groups validation to avoid downgrade attacks * use stricter validation for some RADIUS messages * a large number of other fixes, cleanup, and extensions - refresh patches: wpa_supplicant-dump-certificate-as-PEM-in-debug-mode.diff wpa_supplicant-sigusr1-changes-debuglevel.patch - drop patches: CVE-2023-52160.patch dbus-Fix-property-DebugShowKeys-and-DebugTimestamp.patch