Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&version=Tumbleweed&build=20250114 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: MozillaFirefox (133.0.3 -> 134.0) dhcp ed (1.20.2 -> 1.21) git (2.47.1 -> 2.48.0) kernel-firmware (20241220 -> 20250111) kernel-source (6.12.8 -> 6.12.9) kexec-tools libjxl libjxl-gtk libstorage-ng (4.5.222 -> 4.5.223) libvirt ncurses (6.5.20250104 -> 6.5.20250111) openSUSE-release (20250113 -> 20250114) perl-CGI (4.660.0 -> 4.670.0) python-Pillow (11.0.0 -> 11.1.0) python-httpcore (1.0.6 -> 1.0.7) raptor shadow (4.17.1 -> 4.17.2) suse-module-tools (16.0.54 -> 16.0.55) tiff yast2-bootloader (5.0.13 -> 5.0.14) === Details === ==== MozillaFirefox ==== Version update (133.0.3 -> 134.0) Subpackages: MozillaFirefox-branding-upstream - Mozilla Firefox 134.0 https://www.mozilla.org/en-US/firefox/134.0/releasenotes * Firefox now supports touchpad hold gestures on Linux. This means that kinetic (momentum) scrolling can now be interrupted by placing two fingers on the touchpad * Ecosia's availability has been expanded to all languages in the German region along with Austria, Belgium, Italy, Netherlands, Spain, Sweden and Switzerland MFSA 2025-01 (bsc#1234991) * CVE-2025-0244 (bmo#1929584) Address bar spoofing using an invalid protocol scheme on Firefox for Android * CVE-2025-0245 (bmo#1895342) Lock screen setting bypass in Firefox Focus for Android * CVE-2025-0246 (bmo#1912709) Address bar spoofing using an invalid protocol scheme on Firefox for Android * CVE-2025-0237 (bmo#1915257) WebChannel APIs susceptible to confused deputy attack * CVE-2025-0238 (bmo#1915535) Use-after-free when breaking lines in text * CVE-2025-0239 (bmo#1929156) Alt-Svc ALPN validation failure when redirected * CVE-2025-0240 (bmo#1929623) Compartment mismatch when parsing JavaScript JSON module * CVE-2025-0241 (bmo#1933023) Memory corruption when using JavaScript Text Segmentation * CVE-2025-0242 (bmo#1874523, bmo#1926454, bmo#1931873, bmo#1932169) Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6 * CVE-2025-0243 (bmo#1827142, bmo#1932783) Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6 * CVE-2025-0247 (bmo#1835193, bmo#1910021, bmo#1919803, bmo#1931576, bmo#1931948, bmo#1932173) Memory safety bugs fixed in Firefox 134 and Thunderbird 134 - requires NSS 3.107 NSPR 4.36 (since FF 133 already) - rebased patches ==== dhcp ==== Subpackages: dhcp-client dhcp-relay dhcp-server - Remove obsolete migration from dhcp-server post scriptlet [bsc#1235447] ==== ed ==== Version update (1.20.2 -> 1.21) - GNU ed 1.21 * 'r !command' and 'w !command' ignore again the exit status of 'command' * The messages "Newline inserted" and "Newline appended" are now suppressed in scripted mode (-s) * documentation updates and portqability fixes ==== git ==== Version update (2.47.1 -> 2.48.0) Subpackages: git-core git-email git-svn git-web perl-Git - update to 2.48.0 * Reference consistency checks: git refs verify * Reflogs can now be migrated with git refs migrate * git is free of memory leaks as covered by the test suite * Performance improvements * Other improvements, UI changes, options extensions and largely compatible behavior changes as listed in https://raw.githubusercontent.com/git/git/refs/tags/v2.48.0/Documentation/RelNotes/2.48.0.txt ==== kernel-firmware ==== Version update (20241220 -> 20250111) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20250111 (git commit b3049665a5d0): * amdgpu: DMCUB updates for various AMDGPU ASICs * amdgpu: update sdma 6.0.3 firmware * amdgpu: update psp 13.0.10 firmware * amdgpu: update gc 11.0.3 firmware * amdgpu: update sdma 4.4.5 firmware * amdgpu: update psp 13.0.14 firmware * amdgpu: update gc 9.4.4 firmware * amdgpu: update psp 13.0.5 firmware * amdgpu: update vega20 firmware * amdgpu: update vega12 firmware * amdgpu: update vega10 firmware * amdgpu: update vcn 4.0.0 firmware * amdgpu: update psp 13.0.0 firmware * amdgpu: update gc 11.0.0 firmware * amdgpu: update picasso firmware * amdgpu: update beige goby firmware * amdgpu: update vangogh firmware * amdgpu: update dimgrey cavefish firmware * amdgpu: update navy flounder firmware * amdgpu: update psp 13.0.11 firmware * amdgpu: update gc 11.0.4 firmware * amdgpu: update vcn 4.0.2 firmware * amdgpu: update psp 13.0.4 firmware * amdgpu: update gc 11.0.1 firmware * amdgpu: update sienna cichlid firmware * amdgpu: update vcn 4.0.6 firmware * amdgpu: update psp 14.0.1 firmware * amdgpu: update vcn 4.0.5 firmware * amdgpu: update gc 11.5.0 firmware * amdgpu: update vcn 5.0.0 firmware * amdgpu: update smu 14.0.3 firmware * amdgpu: update psp 14.0.3 firmware * amdgpu: update gc 12.0.1 firmware * amdgpu: update navi14 firmware * amdgpu: update arcturus firmware * amdgpu: update renoir firmware * amdgpu: update smu 14.0.2 firmware * amdgpu: update psp 14.0.2 firmware * amdgpu: update gc 12.0.0 firmware * amdgpu: update navi12 firmware * amdgpu: update vcn 4.0.3 firmware * amdgpu: update sdma 4.4.2 firmware * amdgpu: update psp 13.0.6 firmware * amdgpu: update gc 9.4.3 firmware * amdgpu: update yellow carp firmware * amdgpu: update vcn 4.0.4 firmware * amdgpu: update psp 13.0.7 firmware * amdgpu: update gc 11.0.2 firmware * amdgpu: update navi10 firmware * amdgpu: update aldebaran firmware * cirrus: cs35l56: Correct some links to address the correct amp instance * linux-firmware: Update firmware file for Intel Bluetooth Magnetar core * linux-firmware: Update firmware file for Intel BlazarU core * linux-firmware: Update firmware file for Intel Bluetooth Solar core * cirrus: cs35l41: Add Firmware for Ayaneo system 1f660105 * Fix has_gnu_parallel function - Update to version 20250106 (git commit e39831b1a9d7): * rtl_bt: Add separate config for RLT8723CS Bluetooth part * amdgpu: revert VCN 3.1.2 firmware * amdgpu: revert yellow carp VCN firmware * amdgpu: revert sienna cichlid VCN firmware * amdgpu: revert navy flounder VCN firmware * amdgpu: revert dimgrey cavefish VCN firmware * WHENCE: Link the Raspberry Pi CM5 and 500 to the 4B * copy-firmware.sh: Fix typo in error message. * Add support to install files/symlinks in parallel. * Makefile: Remove obsolete/broken reference. * check_whence.py: Use a more portable shebang. * rtl_bt: Update RTL8852B BT USB FW to 0x04BE_1F5E ==== kernel-source ==== Version update (6.12.8 -> 6.12.9) Subpackages: kernel-64kb kernel-default - Linux 6.12.9 (bsc#1012628). - platform/x86: mlx-platform: call pci_dev_put() to balance the refcount (bsc#1012628). - platform/x86: thinkpad-acpi: Add support for hotkey 0x1401 (bsc#1012628). - platform/x86: hp-wmi: mark 8A15 board for timed OMEN thermal profile (bsc#1012628). - selinux: ignore unknown extended permissions (bsc#1012628). - mmc: sdhci-msm: fix crypto key eviction (bsc#1012628). - pmdomain: imx: gpcv2: fix an OF node reference leak in imx_gpcv2_probe() (bsc#1012628). - pmdomain: core: add dummy release function to genpd device (bsc#1012628). - block: lift bio_is_zone_append to bio.h (bsc#1012628). - btrfs: use bio_is_zone_append() in the completion handler (bsc#1012628). - RDMA/bnxt_re: Remove always true dattr validity check (bsc#1012628). - sched_ext: fix application of sizeof to pointer (bsc#1012628). - RDMA/mlx5: Enforce same type port association for multiport RoCE (bsc#1012628). - RDMA/bnxt_re: Fix max SGEs for the Work Request (bsc#1012628). - RDMA/bnxt_re: Avoid initializing the software queue for user queues (bsc#1012628). - RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (bsc#1012628). - RDMA/core: Fix ENODEV error for iWARP test over vlan (bsc#1012628). - nvme-pci: 512 byte aligned dma pool segment quirk (bsc#1012628). - wifi: iwlwifi: fix CRF name for Bz (bsc#1012628). - RDMA/bnxt_re: Fix the check for 9060 condition (bsc#1012628). - RDMA/bnxt_re: Add check for path mtu in modify_qp (bsc#1012628). - RDMA/bnxt_re: Fix reporting hw_ver in query_device (bsc#1012628). - RDMA/nldev: Set error code in rdma_nl_notify_event (bsc#1012628). - RDMA/siw: Remove direct link to net_device (bsc#1012628). - RDMA/bnxt_re: Fix max_qp_wrs reported (bsc#1012628). - RDMA/bnxt_re: Disable use of reserved wqes (bsc#1012628). - RDMA/bnxt_re: Add send queue size check for variable wqe (bsc#1012628). - RDMA/bnxt_re: Fix MSN table size for variable wqe mode (bsc#1012628). - RDMA/bnxt_re: Fix the locking while accessing the QP table (bsc#1012628). - net: phy: micrel: Dynamically control external clock of KSZ PHY (bsc#1012628). - drm/bridge: adv7511_audio: Update Audio InfoFrame properly (bsc#1012628). - net: dsa: microchip: Fix KSZ9477 set_ageing_time function (bsc#1012628). - net: dsa: microchip: Fix LAN937X set_ageing_time function (bsc#1012628). - selftests: net: local_termination: require mausezahn (bsc#1012628). - netdev-genl: avoid empty messages in napi get (bsc#1012628). - RDMA/hns: Fix mapping error of zero-hop WQE buffer (bsc#1012628). - RDMA/hns: Fix accessing invalid dip_ctx during destroying QP (bsc#1012628). - RDMA/hns: Fix warning storm caused by invalid input in IO path (bsc#1012628). - RDMA/hns: Fix missing flush CQE for DWQE (bsc#1012628). - drm/xe: Revert some changes that break a mesa debug tool (bsc#1012628). - drm/xe/pf: Use correct function to check LMEM provisioning (bsc#1012628). - drm/xe: Fix fault on fd close after unbind (bsc#1012628). - net: stmmac: restructure the error path of stmmac_probe_config_dt() (bsc#1012628). - net: fix memory leak in tcp_conn_request() (bsc#1012628). - net: Fix netns for ip_tunnel_init_flow() (bsc#1012628). - netrom: check buffer length before accessing it (bsc#1012628). - net: pse-pd: tps23881: Fix power on/off issue (bsc#1012628). - net/mlx5: DR, select MSIX vector 0 for completion queue creation (bsc#1012628). - net/mlx5e: macsec: Maintain TX SA from encoding_sa (bsc#1012628). - net/mlx5e: Skip restore TC rules for vport rep without loaded flag (bsc#1012628). - net/mlx5e: Keep netdev when leave switchdev for devlink set legacy only (bsc#1012628). - RDMA/rxe: Remove the direct link to net_device (bsc#1012628). - drm/i915/cx0_phy: Fix C10 pll programming sequence (bsc#1012628). - drm/i915/dg1: Fix power gate sequence (bsc#1012628). - workqueue: add printf attribute to __alloc_workqueue() (bsc#1012628). - netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext (bsc#1012628). - net: llc: reset skb->transport_header (bsc#1012628). - nvmet: Don't overflow subsysnqn (bsc#1012628). - ALSA: usb-audio: US16x08: Initialize array before use (bsc#1012628). - eth: bcmsysport: fix call balance of priv->clk handling routines (bsc#1012628). - net: mv643xx_eth: fix an OF node reference leak (bsc#1012628). - net: wwan: t7xx: Fix FSM command timeout issue (bsc#1012628). - RDMA/rtrs: Ensure 'ib_sge list' is accessible (bsc#1012628). ... changelog too long, skipping 171 lines ... - commit f9a9c0d ==== kexec-tools ==== - force -std=gnu99 because C99 because the code uses features ==== libjxl ==== - Disable gimp plugin on SLFO. Gimp is currently unavailable there. - Re-add lcms2 dependency for s390x. It is used instead of skcms on big-endian architectures. ==== libjxl-gtk ==== Subpackages: gdk-pixbuf-loader-jxl gimp-plugin-jxl - Disable gimp plugin on SLFO. Gimp is currently unavailable there. - Re-add lcms2 dependency for s390x. It is used instead of skcms on big-endian architectures. ==== libstorage-ng ==== Version update (4.5.222 -> 4.5.223) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#1005 - added provides with explicit ruby version (bsc#1235598) - 4.5.223 ==== libvirt ==== Subpackages: libvirt-client libvirt-daemon-common libvirt-daemon-config-network libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lock libvirt-daemon-log libvirt-daemon-plugin-lockd libvirt-daemon-qemu libvirt-libs - Convert from tar_scm to obs_scm: allow OBS internal data structure to be more efficient by using .obscpio files ==== ncurses ==== Version update (6.5.20250104 -> 6.5.20250111) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20250111 + add check for infinite loop in tic's use-resolution. + increase limit on use-clauses from 32 to 40, warn but allow entries which exceed the old limit. + add some null-pointer checks after mallocs in test-programs. - Add patch ncurses-6.5-ghostty.dif * Add an alias which causes the link /usr/share/terminfo/x/xterm-ghostty to ../g/ghostty (bug boo#1235689) ==== openSUSE-release ==== Version update (20250113 -> 20250114) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== perl-CGI ==== Version update (4.660.0 -> 4.670.0) - updated to 4.670.0 (4.67) see /usr/share/doc/packages/perl-CGI/Changes 4.67 2025-01-08 [ FIX ] - correctly parse unquoted expires cookie values containing embedded commas (GH #268, thanks to rlauer6 for the patch) ==== python-Pillow ==== Version update (11.0.0 -> 11.1.0) - Update to 11.1.0 * Added release notes for writing XMP bytes to JPEG and MPO #8627 [@radarhere] * Added release notes for using zlib-ng instead of zlib #8599 [@radarhere] * Replace python-pillow.org with python-pillow.github.io #8586 [@hugovk] * ImageFile tile is never None #8582 [@radarhere] * Only use start year in copyright, remove end years #8577 [@hugovk] * Python 3.12 is tested on MinGW #8575 [@radarhere] * Use brew formula to install libraqm #8574 [@radarhere] * Added link to GitHub releases in CHANGES #8571 [@radarhere] * Release drafter: move removals, deprecations, documentation up, and uncategorised changes last #8570 [@hugovk] * Updated macOS tested Pillow versions #8538 [@radarhere] * Use test image filename #8534 [@radarhere] * Update Windows 11 Arm64 tested versions #8523 [@nulano] * Move MPO into "Fully supported formats" #8504 [@radarhere] * Update license to MIT-CMU #8490 [@radarhere] * Update dependency mypy to v1.14.1 #8643 [@renovate] * Update dependency mypy to v1.14.0 #8613 [@renovate] * Updated libwebp to 1.5.0 #8612 [@radarhere] * Updated libXau to 1.0.12 #8598 [@radarhere] * Updated libjpeg-turbo to 3.1.0 #8595 [@radarhere] * Updated harfbuzz to 10.1.0 #8533 [@radarhere] * Updated openjpeg to 2.5.3 #8591 [@radarhere] * Update dependency cibuildwheel to v2.22.0 #8580 [@renovate] * Update codecov/codecov-action action to v5 #8557 [@renovate] * Migrate renovate config #8527 [@renovate] * Update dependency mypy to v1.13.0 #8491 [@renovate] * Update dependency mypy to v1.12.1 #8487 [@renovate] * Added CentOS Stream 10 #8646 [@radarhere] * Use monkeypatch #8628 [@radarhere] * Pass file handle to ContainerIO #8625 [@radarhere] * Use register_handler #8499 [@radarhere] * Use monkeypatch #8626 [@radarhere] * Test libjpeg-turbo on macOS #8596 [@radarhere] * Test 3.13t (free-threaded) from Quansight-Labs/setup-python on Linux and macOS #8565 [@hugovk] * Run gcc problem matcher on Python 3.13 #8541 [@radarhere] * Add trove-classifiers>=2024.10.12 to 'tests' extra and use for Windows CI #8514 [@hugovk] * Apply security fixes to GitHub Actions #8526 [@hugovk] * Remove unused gcov: true for codecov-action@v4 #8521 [@hugovk] * Added Fedora 41 #8520 [@radarhere] * Do not repeatedly save to the same path #8512 [@radarhere] * Use fixture to re-open image for each JPEG2000 test #8484 [@radarhere] * Fixed catching warnings #8505 [@radarhere] * Updated test type hint #8482 [@radarhere] * Removed Fedora 39 #8466 [@radarhere] * Pass file handle to ContainerIO #8625 [@radarhere] * Corrected loadImageSeries type hint #8624 [@radarhere] * Removed quotes after dropping support for Python 3.8 #8544 [@radarhere] * Fixed type hint #8532 [@radarhere] * Updated test type hint #8482 [@radarhere] * Corrected BLP1 alpha depth handling #8651 [@radarhere] * Remove pre-C99 definitions #8644 [@radarhere] * Allow saving as BigTIFF #8642 [@radarhere] * Restored Makernote as a deprecated enum #8629 [@radarhere] * Use elif #8641 [@radarhere] * Add zizmor to pre-commit and fix potential cache-poisoning in wheels workflow #8638 [@hugovk] * Keep new IFDs when converting EXIF to bytes #8635 [@radarhere] * Added RGBX;16N to RGB unpacker #8637 [@radarhere] * Populate JPEG DPI from JFIF cm density #8633 [@radarhere] * Support saving CMYK JP2 images #8592 [@radarhere] * Added reading of J2K comments #8622 [@radarhere] * Removed variable #8631 [@radarhere] * Do not use temporary file in ImageGrab.grabclipboard() on macOS #8630 [@radarhere] * Fixed connecting discontiguous corners #8620 [@radarhere] * Do not create new image when exif_transpose() is used in place #8555 [@radarhere] * Added default values for _Tile offset and args #8553 [@radarhere] * Platform guessing affects more than just Linux #8551 [@radarhere] * Raise UnidentifiedImageError when opening TIFF without dimensions #8535 [@radarhere] * Pass IFDs to libtiff as TIFF_LONG8 #8529 [@radarhere] * Do not save XMP from JPEG info #8483 [@radarhere] * Include JpegImageFile layers in pickle state #8476 [@radarhere] * Fixed indentation #8623 [@radarhere] * Updated MakerNote capitalization #8615 [@radarhere] * Replace constants with EXIF enums #8611 [@radarhere] * Install libjpeg-turbo8-dev #8610 [@radarhere] * Raise ValueError when WMF inch is zero #8600 [@radarhere] * Extract tar files with "data" filter in Windows build scripts #8606 [@radarhere] * Updated libjpeg-turbo URL #8608 [@radarhere] * Derive dir from filename if root is the same in winbuild #8567 [@radarhere] * Updated libjpeg-turbo and harfbuzz URLs #8604 [@radarhere] * Do not describe raw data as a table #8579 [@radarhere] * Improved handling of RGBA palettes when saving GIF images #8494 [@radarhere] * Use .tar.gz zlib in Windows build to match macOS and Linux #8601 [@radarhere] * Use zlib-ng instead of zlib #8500 [@nulano] * Do not attempt to install cmake if it is already present #8593 [@radarhere] * [pre-commit.ci] pre-commit autoupdate #8578 [@pre-commit-ci] * Updated build option error messages #8576 [@radarhere] * Fix file position desync when calling into libtiff #8560 [@Knio] * Do not attempt to install cmake a second time when building macOS or Linux wheels #8566 [@radarhere] * Do not install Pyroma in MinGW, to use only system packages #8562 [@radarhere] * Isolate macOS wheel builds from Homebrew #8497 [@freakboy3742] * Removed use of os.path.realpath #8545 [@radarhere] * Allow linking to zlib import library on Windows #8519 [@cubanpit] * [pre-commit.ci] pre-commit autoupdate #8531 [@pre-commit-ci] * Detach PyQt6 QPixmap instance before returning #8509 [@radarhere] ... changelog too long, skipping 9 lines ... * Removed unnecessary code #8465 [@radarhere] ==== python-httpcore ==== Version update (1.0.6 -> 1.0.7) - Update to 1.0.7 * Support `proxy=â¦` configuration on `ConnectionPool()`. ==== raptor ==== - add raptor-CVE-2024-57823.patch (bsc#1235673, CVE-2024-57823) ==== shadow ==== Version update (4.17.1 -> 4.17.2) Subpackages: libsubid5 login_defs - Update to 4.17.2: * src/login_nopam.c: Fix compiler warnings #1170 * lib/chkname.c: Put limits for LOGIN_NAME_MAX and sysconf(_SC_LOGIN_NAME_MAX) #1169 * Use HTTPS in link to Wikipedia article on password strength #1164 * lib/attr.h: use C23 attributes only with gcc >= 10 #1172 * login: Fix no-pam authorization regression #1174 * man: Add Portuguese translation #1178 * Update French translation #1177 * Add cheap defense mechanisms #1171 * Add Romanian translation #1176 ==== suse-module-tools ==== Version update (16.0.54 -> 16.0.55) Subpackages: suse-module-tools-scriptlets * regenerate-initrd-posttrans: return error if regenerating all initrds fails (bsc#1234308) ==== tiff ==== - Fix versioning of tiff-docs under Recommends ==== yast2-bootloader ==== Version update (5.0.13 -> 5.0.14) - Added grub2-bls support (jsc#PED-10703). - 5.0.14
