[prev in list] [next in list] [prev in thread] [next in thread]
List: opensuse-factory
Subject: New Tumbleweed snapshot 20231126 released!
From: Dominique Leuenberger <dimstar () suse ! de>
Date: 2023-11-27 14:01:24
Message-ID: 170109368412.15927.14662449779709122247 () localhost
[Download RAW message or body]
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20231126
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
apache2-mod_php8 (8.2.12 -> 8.2.13)
cnf
kded
libbpf (1.2.2 -> 1.3.0)
libqt5-qtwebengine (5.15.15 -> 5.15.16)
libsolv (0.7.26 -> 0.7.27)
php8 (8.2.12 -> 8.2.13)
python-pexpect (4.8.0 -> 4.9.0)
selinux-policy (20231030 -> 20231124)
=== Details ===
==== apache2-mod_php8 ====
Version update (8.2.12 -> 8.2.13)
- version update to 8.2.13
* This is a bug fix release.
https://www.php.net/ChangeLog-8.php#8.2.13
==== cnf ====
Subpackages: cnf-bash cnf-locale
- Enable build on 32-bit arm
==== kded ====
- Pull in kconf_update5
==== libbpf ====
Version update (1.2.2 -> 1.3.0)
- update to 1.3.0:
* support for `netfilter` programs is added
`SEC("netfilter")` is now available
* API function `bpf_program__attach_netfilter()` is now
available
* support for `tcx` BPF programs is added:
* the following new SEC definitions are now available:
SEC("tc/egress"), SEC("tc/ingress"), SEC("tcx/egress"),
SEC("tcx/ingress")
* the following SEC definitions are now considered legacy:
SEC("tc"), SEC("action"), SEC("classifier")
* functions `bpf_prog_attach_opts()` and
`bpf_prog_query_opts()` are extended to work with `tcx`
programs, plus two new API functions are added:
* the following new SEC definitions are now available:
SEC("uprobe.multi"), SEC("uprobe.multi.s"),
SEC("uretprobe.multi"), SEC("uretprobe.multi.s")
* support for section `SEC("usdt.s")` is added for sleepable
`usdt` programs;
* support for Unix domain socket cgroup BPF programs is added
the following new SEC definitions are now available:
SEC("cgroup/connect_unix"),SEC("cgroup/sendmsg_unix"),
SEC("cgroup/recvmsg_unix"), SEC("cgroup/getpeername_unix"),
SEC("cgroup/getsockname_unix")
* new `LIBBPF_OPTS_RESET()` utility macro;
* new `bpf_object__unpin()` function to complement existing
`bpf_object__pin()`;
* new API functions for work with ring buffers
* uprobe SEC matcher extended to allow golang symbols;
* uprobe support for symbols versioning;
* `bpf_map__set_value_size()` can now be used to resize memory
mapped region for memory mapped maps;
* `struct bpf_xdp_query_opts` extended with `xdp_zc_max_segs`
output field;
* basic BTF sanity check pass added to reject bogus BTF.
* fix for btf_dump__dump_type_data() when type contains
bitfields;
* fix for correct work of offsetof() and container_of() macro
with CO-RE;
* no longer attempt to load modules BTF when resolving CO-RE
relocations if CAP_SYS_ADMIN are absent;
* regex based function search for "kprobe.multi/" programs no
longer attempts to trace functions that cannot be traced;
* bpf_program__set_type() no longer resets sec_def if it is set
to a custom fallback SEC handler;
* fix for memory leak possible after
bpf_program__set_attach_target() call;
==== libqt5-qtwebengine ====
Version update (5.15.15 -> 5.15.16)
- Update to version 5.15.16:
* Bump version to 5.15.16
* Add check for system ffmpeg compatibility
* Fix handling of external URLs in PDFs
* Update Chromium:
* [Backport] CVE-2023-5996: Use after free in WebAudio
* [Backport] CVE-2023-5482 and CVE-2023-5849
* [Backport] CVE-2023-45853: Buffer overflow in MiniZip
* [Backport] Security bug 1478470
* [Backport] Security bug 1472365 and 1472366
* [Backport] CVE-2023-5218: Use after free in Site Isolation
* [Backport] Security bug 1486316
* FIXUP: [Backport] [PA] Support 16kb pagesize on Linux+ARM64
* [Backport] Add Intel Meteorlake GPU series type
* [Backport] Add Intel Raptorlake GPU series type
* [Backport] Add a few missing IntelGpuSeriesTypes in
gpu_util.cc
* [Backport] Add Intel Alchemist GPU series type
* [Backport] Add Alderlake to intel_gpu_series field in gpu
control list.
* [Backport] Add missing Intel GPU series types.
* [Backport] Add Alderlake's GPU to list supporting two NV12
overlay planes.
* [Backport] CVE-2023-5217: Heap buffer overflow in vp8
encoding in libvpx
* [Backport] Security bug 1479104
* [Backport] [PA] Support 16kb pagesize on Linux+ARM64
* [Backport] Replace uses of re2::StringPiece::set().
* Fix build with GCC 13
* Fix errors and warnings for perfetto
* Remove nodiscard attribute from cpwl_combo_box.h
* Bump V8_PATCH_LEVEL
* [Backport] CVE-2023-4762: Type Confusion in V8
* [Backport] CVE-2023-4362: Heap buffer overflow in Mojom IDL
* [Backport] CVE-2023-4354: Heap buffer overflow in Skia
* [Backport] CVE-2023-4351: Use after free in Network
* Disable Windows IME for GPU thread
* [Backport] CVE-2023-4863: Heap buffer overflow in WebP
* [Backport] Security bug 1465224
* [Backport] Dependency for security bug 1465224
* [Backport] CVE-2023-4071: Heap buffer overflow in Visuals
* [Backport] CVE-2023-4076: Use after free in WebRTC
* [Backport] CVE-2023-4074: Use after free in Blink Task
Scheduling
==== libsolv ====
Version update (0.7.26 -> 0.7.27)
Subpackages: libsolv-tools python3-solv ruby-solv
- add zstd support for the installcheck tool
- add putinowndirpool cache to make file list handling in
repo_write much faster
- bump version to 0.7.27
==== php8 ====
Version update (8.2.12 -> 8.2.13)
Subpackages: php8-cli php8-ctype php8-dom php8-gd php8-gettext php8-iconv \
php8-mbstring php8-mysql php8-openssl php8-pdo php8-sqlite php8-tokenizer \
php8-xmlreader php8-xmlwriter
- version update to 8.2.13
* This is a bug fix release.
https://www.php.net/ChangeLog-8.php#8.2.13
==== python-pexpect ====
Version update (4.8.0 -> 4.9.0)
- update to 4.9:
* Add support for Python 3.12 #769.
* Clean up temporary files after UnicodeTests #753.
* Add Python 3.5, 3.6 and 3.12.0-rc.1 to test matrix #763.
* Set prompt correctly for zsh #712.
* Add zsh convenience function to replwrap module #751.
* Rework async unittests to rely on
unittest.IsolatedAsyncioTestCase #764.
* Make test_expect.py work on POSIX systems that are not Linux
based #698.
* Add support for ``socket``, which allows sockets to be used
crossplatform #745.
* Update async to work on newer versions of python #732.
* Remove deprecated RSAAuthentication option (SSHv1) #744.
* Multiple CI fixes #743 #737 #742 #739 #722.
* Use Github Actions for CI #734.
* Remove pytest-capturelog from testing requirements #730.
* Fix usage for Solaris #663 #604 #560.
* Fix threading for new versions of python #684.
* Fix documentation builds for use with Sphinx 3 #638.
* Use ``sys.executable`` for tests and wrapper, allowing the
calling python executable to be used instead #623.
* Update documentation about Wexpect #623.
* Added project urls to ``setup.py`` #620.
* Provide examples for how to use Pexpect and Pyte #587.
* Coerce compiled regex patterns type according to spawn
encoding #560.
* Several doc updates #626 #635 #643 #644 #728.
drop 31fab7b0edbe9b3401507b5dfa4db6aaf3fabca5.patch,
684.patch, 715.patch, 742.patch,
dae602d37493bae239e0e8db5b3dabafebfd59db.patch,
fix-fail-no-alias.patch, no-python-binary.patch: upstream
==== selinux-policy ====
Version update (20231030 -> 20231124)
Subpackages: selinux-policy-targeted
- Update to version 20231124:
* Allow virtnetworkd_t to execute bin_t (bsc#1216903)
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic