Packages changed: ImageMagick SDL3 (3.2.18 -> 3.2.20) at-spi2-core (2.56.3 -> 2.56.4) autofs busybox busybox-links container-selinux (2.239.0 -> 2.240.0) firewalld gdm ghostscript (10.05.0 -> 10.05.1) glycin-loaders (1.2.2 -> 1.2.3) gnome-control-center (48.3 -> 48.4) gnome-maps (48.5 -> 48.6) gnome-online-accounts (3.54.4 -> 3.54.5) gnome-shell (48.3 -> 48.4) gnome-software (48.3 -> 48.4) google-noto-coloremoji-fonts (20240424 -> 20250622) gpg2 (2.5.9 -> 2.5.11) jasper (4.2.5 -> 4.2.8) lensfun libadwaita (1.7.5 -> 1.7.6) libaom (3.11.0 -> 3.12.1) libpng16 (1.6.44 -> 1.6.50) libstorage-ng (4.5.271 -> 4.5.272) libwebp (1.5.0 -> 1.6.0) lua53 lua54 openSUSE-release (20250805 -> 20250806) pinentry pinentry-gui poppler (25.07.0 -> 25.08.0) poppler-qt6 (25.07.0 -> 25.08.0) qgpgme sdbootutil (1+git20250731.055e2fe -> 1+git20250804.8dccab3) spice (0.15.2 -> 0.16.0) systemd tiff vmaf webkit2gtk3 (2.48.4 -> 2.48.5) yast2-trans (84.87.20250727.0ccf40f675 -> 84.87.20250730.0e8917982d) === Details === ==== ImageMagick ==== Subpackages: ImageMagick-config-7-SUSE libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10 - added patches [bsc#1247475] + ImageMagick-filename-placeholder-regression-1.patch + ImageMagick-filename-placeholder-regression-2.patch + ImageMagick-filename-placeholder-regression-3.patch ==== SDL3 ==== Version update (3.2.18 -> 3.2.20) - Update to release 3.2.20 * Fixed a crash when passing large invalid coordinates to SDL_BlitSurfaceScaled() * Fixed doubled mouse wheel events on X11 * Fixed doubled SDL_EVENT_GAMEPAD_ADDED events for controllers with automatic gamepad mappings ==== at-spi2-core ==== Version update (2.56.3 -> 2.56.4) Subpackages: at-spi2-core-lang libatk-1_0-0 libatk-bridge-2_0-0 libatspi0 typelib-1_0-Atk-1_0 typelib-1_0-Atspi-2_0 - Update to version 2.56.4: + Fix key grabs when num lock or caps lock are on under Wayland. + atk-bridge: Don't crash when requesting a plug if not activated. + Add sanity checks for child indices received via DBus. - Drop patches fixed upstream: + at-spi2-core-grab-memory-leak.patch + at-spi2-core-key-grabs.patch + at-spi2-core-plug-crash.patch ==== autofs ==== - Fix autofs-5.1.1-dbus-udisks-monitor.patch (bsc#1246612) to account for: * d2feac6784b6 autofs-5.1.6 - make autofs.a a shared library * bcd8e1b642e9 autofs-5.0.7 - use LIBS for link libraries ==== busybox ==== Subpackages: busybox-static - revert the change to busybox.install.patch below. The logic will be needed only in busybox-links package when generating file lists. - fix mkdir path to point to /usr/bin instead of /bin ==== busybox-links ==== Subpackages: busybox-coreutils busybox-diffutils busybox-ed busybox-gawk busybox-grep busybox-gzip busybox-procps busybox-psmisc busybox-sed busybox-sendmail busybox-which busybox-xz - fix generation of file lists via Dockerfile - add copy of busybox.links from the container to catch changes to busybox config ==== container-selinux ==== Version update (2.239.0 -> 2.240.0) - Update to version 2.240.0: * Dontaudit dac_override for iptables_t * dropping rootless-docker_iptables.patch is upstream * Don't allow containers by default setexec setfscreate * Containers need to use hsa devices for ROCM ==== firewalld ==== Subpackages: firewalld-bash-completion firewalld-lang python313-firewall - Call autopoint when building against gettext-runtime 0.25 or newer. (boo#1246967) ==== gdm ==== Subpackages: gdm-lang gdm-schema gdm-xdm-integration gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0 - Ensure migration to gdm.service also happens during upgrade when gdm is installed first and we thus lose the updte-alternative link which would be part of tgdm-xdm-integration (boo#1247418). ==== ghostscript ==== Version update (10.05.0 -> 10.05.1) Subpackages: ghostscript-x11 - Version upgrade to 10.05.1 See 'Recent Changes in Ghostscript' at Ghostscript upstream https://ghostscript.readthedocs.io/en/gs10.05.1/News.html * This release addresses CVEs: + CVE-2025-46646 + CVE-2025-48708 (bsc#1243701) * The 10.05.1 patch release addresses: + An overflow issue in Freetype on platforms where long is a 4 byte (rather than 8 byte) type (Microsoft Windows, for example) causing corrupted glyph rendering at higher resolutions + An issue with embedded files, affecting Zugferd format PDF creation. + Broken logic in PDF Optional Content processing + Potential slow down due to searching for identifiable font files + A small number of extreme edge case segmentation faults. ==== glycin-loaders ==== Version update (1.2.2 -> 1.2.3) - Update to version 1.2.3: + This release contains the following new component versions: - glycin-image-rs 1.2.3 + Fixed: image-rs: Force at least zune-jpeg 0.4.19 to fix a JPEG loading issues for images with extra data at the end. ==== gnome-control-center ==== Version update (48.3 -> 48.4) Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-lang gnome-control-center-user-faces gnome-control-center-users - Update to version 48.4: + Online Accounts: Disable markup in toasts for displaying URLs properly + Power: Move general section above "Power Saving" + Updated translations. ==== gnome-maps ==== Version update (48.5 -> 48.6) Subpackages: gnome-maps-lang - Update to version 48.6: + Updated translations. ==== gnome-online-accounts ==== Version update (3.54.4 -> 3.54.5) Subpackages: gnome-online-accounts-lang libgoa-1_0-0 libgoa-backend-1_0-2 - Update to version 3.54.5: + Bugs fixed: - Adding GOA account fails with sonic.net IMAP service - Cannot add a ProtonMail bridge with IMAP + TLS - Nextcloud login does not work anymore due to OPTIONS /login request - Linked online accounts no longer work - Invalid URI when adding Google account - goamsgraphprovider: ensure a valid PresentationIdentity - goadaemon: complete GTasks to avoid a scary debug warning ==== gnome-shell ==== Version update (48.3 -> 48.4) Subpackages: gnome-extensions gnome-shell-calendar gnome-shell-lang - Update to version 48.4: + Fix taking interactive screenshots via D-Bus. + Fix pointer scaling glitches in magnifier. + Fix drawing glitch in sliders in RTL locales. + Misc. bug fixes and cleanups. + Updated translations. ==== gnome-software ==== Version update (48.3 -> 48.4) Subpackages: gnome-software-lang gnome-software-plugin-packagekit - Update to version 48.4: + Improve update notifications. + Updated translations. ==== google-noto-coloremoji-fonts ==== Version update (20240424 -> 20250622) - Update to v2.048 * Unicode 16.0 update ==== gpg2 ==== Version update (2.5.9 -> 2.5.11) Subpackages: dirmngr gpg2-lang - Update to 2.5.11: * gpg: Fix a segv in key signing with notations introduced in 2.5.10 * agent: Fix for smartcard decryption with Brainpool keys - includes changes from 2.5.10: * gpg: Add a notation with version information to signatures * gpgv: New option --print-notation * gpgsm: Fix caching of the trustlist's flags * agent: Fix for smartcard decryption returning x-coordinate only * agent: Another fix for a regression with unknown curves and ssh * dirmngr: Implement command KS_DEL for ldap servers - fail build upon test failures ==== jasper ==== Version update (4.2.5 -> 4.2.8) - Update to 4.2.8: * Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set sufficiently high (#402, #403). - Update to 4.2.7: * Added some missing range checking on several coding parameters in the JPC encoder (#401). - Update to 4.2.6: * Added a check for a missing color component in the jas_image_chclrspc function (#400). * Fixed a minor build problem related to the use of -Wstrict-prototypes with Clang. ==== lensfun ==== Subpackages: lensfun-data liblensfun1 - Add upstream change (boo#1247449) * lensfun-python314.patch - Update lens database ==== libadwaita ==== Version update (1.7.5 -> 1.7.6) Subpackages: libadwaita-1-0 libadwaita-lang typelib-1_0-Adw-1 - Update to version 1.7.6: + AdwAlertDialog/AdwMessageDialog: Emit ::response when cancelled after calling choose() + AdwDialog: - Fix widget activation in window-backed dialogs - Fix set_focus() in window-backed dialogs + AdwLayoutSlot: Error out if ID is not set + AdwNavigationView: Defer swipe start to ::begin-swipe + AdwTabOverview: Make button hitboxes larger + AdwWrapLayout: Fix a memory leak + Various fixes ==== libaom ==== Version update (3.11.0 -> 3.12.1) - Update to version 3.12.1: * This release includes new codec interfaces, compression efficiency and perceptual improvements, speedup and memory optimizations, and bug fixes. - See https://aomedia.googlesource.com/aom/+/refs/tags/v3.12.1/CHANGELOG for detailed changes since version 3.11.0 - Updated patches ==== libpng16 ==== Version update (1.6.44 -> 1.6.50) Subpackages: libpng16-16 libpng16-16-x86-64-v3 - version update to 1.6.50: * Improved the detection of the RVV Extension on the RISC-V platform. (Contributed by Filip Wasil) * Replaced inline ASM with C intrinsics in the RVV code. (Contributed by Filip Wasil) * Fixed a decoder defect in which unknown chunks trailing IDAT, set to go through the unknown chunk handler, incorrectly triggered out-of-place IEND errors. (Contributed by John Bowler) * Fixed the CMake file for cross-platform builds that require `libm`. - version update to 1.6.49: * Added SIMD-optimized code for the RISC-V Vector Extension (RVV). (Contributed by Manfred Schlaegl, Dragos Tiselice and Filip Wasil) * Added various fixes and improvements to the build scripts and to the sample code. - version update to 1.6.48: * Fixed the floating-point version of the mDCv setter `png_set_mDCv`. (Reported by Mohit Bakshi; fixed by John Bowler) * Added #error directives to discourage the inclusion of private libpng implementation header files in PNG-supporting applications. * Added the CMake build option `PNG_LIBCONF_HEADER`, to be used as an alternative to `DFA_XTRA`. * Removed the Travis CI configuration files, with heartfelt thanks for their generous support of our project over the past five years! - version update to 1.6.47: * Modified the behaviour of colorspace chunks in order to adhere to the new precedence rules formulated in the latest draft of the PNG Specification. (Contributed by John Bowler) * Fixed a latent bug in `png_write_iCCP`. This would have been a read-beyond-end-of-malloc vulnerability, introduced early in the libpng-1.6.0 development, yet (fortunately!) it was inaccessible before the above-mentioned modification of the colorspace precedence rules, due to pre-existing colorspace checks. (Reported by Bob Friesenhahn; fixed by John Bowler) - version update to 1.6.46: * Added support for the mDCV and cLLI chunks. (Contributed by John Bowler) * Fixed a build issue affecting C89 compilers. This was a regression introduced in libpng-1.6.45. (Contributed by John Bowler) * Added makefile.c89, specifically for testing C89 compilers. * Cleaned up contrib/pngminus: corrected an old typo, removed an old workaround, and updated the CMake file. - version update to 1.6.45: * Added support for the cICP chunk. (Contributed by Lucas Chollet and John Bowler) * Adjusted and improved various checks in colorspace calculations. (Contributed by John Bowler) * Rearranged the write order of colorspace chunks for better conformance with the PNG v3 draft specification. (Contributed by John Bowler) * Raised the minimum required CMake version from 3.6 to 3.14. * Forked off a development branch for libpng version 1.8. ==== libstorage-ng ==== Version update (4.5.271 -> 4.5.272) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#1036 - added function Md::is_valid_name - moved code to Impl classes - 4.5.272 ==== libwebp ==== Version update (1.5.0 -> 1.6.0) Subpackages: libsharpyuv0 libwebp-tools libwebp7 libwebpdemux2 libwebpmux3 - Update to release 1.6.0 * API changes: libwebp: WebPValidateDecoderConfig * Additional x86 (AVX2, SSE2), general optimizations and compression improvements for lossless * `-mt` returns same results as single-threaded lossless * Tool updates: * cwebp can restrict the use of `-resize` with `-resize_mode` ==== lua53 ==== - interpreter should only provide, not conflict lua symbol (bsc#1247521) ==== lua54 ==== - interpreter should only provide, not conflict lua symbol (bsc#1247521) ==== openSUSE-release ==== Version update (20250805 -> 20250806) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== pinentry ==== - Fix build of :gui flavor on openSUSE Leap 15.6 (Qt6 needs higher C++ standard) - drop obsolete texinfo macros ==== pinentry-gui ==== Subpackages: pinentry-gnome3 pinentry-gtk2 pinentry-qt6 - Fix build of :gui flavor on openSUSE Leap 15.6 (Qt6 needs higher C++ standard) - drop obsolete texinfo macros ==== poppler ==== Version update (25.07.0 -> 25.08.0) Subpackages: libpoppler-cpp2 libpoppler-glib8 poppler-tools - version update to 25.08.0 + core: * FormWidgetSignature::signDocumentWithAppearance: add imagePath parameter * Fix parsing Distinguished Names that end with a hex string * Fix crashes in malformed documents + glib: * Add poppler_page_render_transparent_selection() * Add missing since to the documentation - fixes CVE-2025-50420 [bsc#1247590] ==== poppler-qt6 ==== Version update (25.07.0 -> 25.08.0) - version update to 25.08.0 + core: * FormWidgetSignature::signDocumentWithAppearance: add imagePath parameter * Fix parsing Distinguished Names that end with a hex string * Fix crashes in malformed documents + glib: * Add poppler_page_render_transparent_selection() * Add missing since to the documentation - fixes CVE-2025-50420 [bsc#1247590] ==== qgpgme ==== - Specify version requirement on Qt6 Core Tools - wrap Qt6 build in a conditional and disable on Leap 15.6 ==== sdbootutil ==== Version update (1+git20250731.055e2fe -> 1+git20250804.8dccab3) Subpackages: sdbootutil-dracut-measure-pcr sdbootutil-snapper - Update to version 1+git20250804.8dccab3: * crypttab: do not add/remove parameters for ignored entries ==== spice ==== Version update (0.15.2 -> 0.16.0) - Update to v0.16.0 release * Added DMA-BUF encoder support for GStreamer 1.24+ * Implemented hardware-accelerated encoding for Intel GPUs * Added environment variable SPICE_CONVERTER_PREFERRED_FORMAT to override converter format * Multi-plane GL scanout support (new spice_qxl_gl_scanout2()) * Improved memslot to preserve address bits for ARM64 TBI/AMD UAI/Intel LAM * Optimized BGR24/BGRX32 conversion when JCS_EXTENSIONS is defined * Removed GStreamer 0.10 support * Send real time to client, instead of synchronizing on both ends, attempting to fix latency issue * Fixes a GL_DRAW cookie assertion race * Add SSL_OP_NO_RENEGOTIATION fallback path, fixing w/LibreSSL 3.7.2 builds * Fix Win32 builds * Fix TCP_NOPUSH usage on Darwin - Drop patches contained in new tarball spice-no-six.patch ==== systemd ==== Subpackages: libsystemd0 libsystemd0-32bit libudev1 systemd-32bit systemd-boot systemd-container systemd-experimental systemd-lang udev - Move run0 from the experimental sub-package to the main package - Import commit 835af70f4e4fab4746319145d9fdb1a01e33f4c8 835af70f4e core/cgroup: Properly handle aborting a pending freeze operation 1f96f9da13 detect-virt: add bare-metal support for GCE (bsc#1244449) - Update pam.systemd-run0 (in the experimental sub-package) - Build the experimental package for the mini flavor too Some tools in the experimental sub-package cannot be disabled at compile time. Previously, these tools were manually deleted after installation to prevent rpmbuild from reporting unpackaged files. However, as the number of such tools continues to grow, it's simpler to include them in the mini-experimental sub-package. ==== tiff ==== - bsc#1243503: Fix TIFFMergeFieldInfo() read_count=write_count=0 + tiff-4.7.0-bsc1243503.patch - security update: * CVE-2025-8176 [bsc#1247108] Fix heap use-after-free in tools/tiffmedian.c + tiff-CVE-2025-8176.patch * CVE-2025-8177 [bsc#1247106] Fix possible buffer overflow in tools/thumbnail.c:setrow() + tiff-CVE-2025-8177.patch ==== vmaf ==== - Move vmaf utilities to their own subpackage [boo#1247607] - Make specfile compliant with POSIX sh ==== webkit2gtk3 ==== Version update (2.48.4 -> 2.48.5) Subpackages: WebKitGTK-4.1-lang libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles - Update to version 2.48.5 (boo#1247562 boo#1247563 boo#1247564 boo#1247595 boo#1247596 boo#1247597 boo#1247598 boo#1247599 boo#1247600): + Fix several crashes. + Security fixes: CVE-2025-31273, CVE-2025-31278, CVE-2025-43211, CVE-2025-43212, CVE-2025-43216, CVE-2025-43227, CVE-2025-43228, CVE-2025-43240, CVE-2025-43265, CVE-2025-6558. ==== yast2-trans ==== Version update (84.87.20250727.0ccf40f675 -> 84.87.20250730.0e8917982d) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20250730.0e8917982d: * Translated using Weblate (Portuguese (Brazil))