Packages changed:
 MozillaFirefox (138.0.4 -> 139.0.1)
 gsasl
 gtk-layer-shell (0.9.1 -> 0.9.2)
 kernel-source (6.14.6 -> 6.15.0)
 llvm20 (20.1.5 -> 20.1.6)
 openSUSE-release (20250601 -> 20250602)
 ovpn-dco (0.2.20241216~git0.a08b2fd_k6.14.6_2 -> 0.2.20241216~git0.a08b2fd_k6.15.0_1)
 patterns-media
 python-rich (13.9.4 -> 14.0.0)
 python311
 python311-core
 tuned

=== Details ===

==== MozillaFirefox ====
Version update (138.0.4 -> 139.0.1)
Subpackages: MozillaFirefox-branding-upstream MozillaFirefox-translations-common

- Mozilla Firefox 139.0.1
 https://www.mozilla.org/en-US/firefox/139.0.1/releasenotes/
 * Fixed graphics corruption with certain NVIDIA graphics adapters
   and multiple monitors running at mixed refresh rates after
   updating to Firefox 139. (bmo#1968876)
- Mozilla Firefox 139.0
 https://www.mozilla.org/en-US/firefox/139.0/releasenotes/
 MFSA 2025-42 (bsc#1243353)
 * MFSA-TMP-2025-0001 (bmo#1962421)
   Double-free in libvpx encoder
 * CVE-2025-5263 (bmo#1960745)
   Error handling for script execution was incorrectly isolated
   from web content
 * CVE-2025-5264 (bmo#1950001)
   Potential local code execution in “Copy as cURL” command
 * CVE-2025-5265 (bmo#1962301)
   Potential local code execution in “Copy as cURL” command
 * CVE-2025-5266 (bmo#1965628)
   Script element events leaked cross-origin resource status
 * CVE-2025-5270 (bmo#1910298)
   SNI was sometimes unencrypted
 * CVE-2025-5271 (bmo#1920348)
   Devtools' preview ignored CSP headers
 * CVE-2025-5267 (bmo#1954137)
   Clickjacking vulnerability could have led to leaking saved
   payment card details
 * CVE-2025-5268 (bmo#1950136, bmo#1958121, bmo#1960499, bmo#1962634)
   Memory safety bugs fixed in Firefox 139, Thunderbird 139,
   Firefox ESR 128.11, and Thunderbird 128.11
 * CVE-2025-5272 (bmo#1726254, bmo#1742738, bmo#1960121)
   Memory safety bugs fixed in Firefox 139 and Thunderbird 139

==== gsasl ====

- Rename patch uninitialized_x.patch to 0001-uninitialized_x.patch
 and update it for version 2.2.1
- Reenable compilation warnings. Add patches
 * 0002-Fix-calloc-transposed-arguments.patch
 * 0003-Fix-more-transposed-calloc-arguments.patch
- Use %autosetup to work with rpm-4.20 (bsc#1240154)

==== gtk-layer-shell ====
Version update (0.9.1 -> 0.9.2)

- Update to 0.9.2:
 * Fix: don't set popup window geometry with no buffer attached, #200
 * Fix: wait for configure event before letting GTK commit a buffer, #202
 * Tests: refactor the mock Wayland compositor used by the tests,
   brings it in line with the version in the gtk4-layer-shell repo
 * Meson: bump required Meson version to 0.54.0
 * Depends: require wayland-protocols >=1.16.0 to build

==== kernel-source ====
Version update (6.14.6 -> 6.15.0)

- Revert "x86/smp: Eliminate mwait_play_dead_cpuid_hint()"
 (bsc#1243907).
- commit 1fa64dc
- Update config files:
 - enable Haoyu Microelectronics HYM8563 module,
 a popular RTC on ARM64, especially on Rockchip SoCs
- commit 6a8b6fb
- Revert "drm/amd/display: more liberal vmin/vmax update for
 freesync" (bsc#1243782).
- commit 9dd7b0d
- series.conf: cleanup
- update upstream references and move into sorted section
 - patches.suse/ACPICA-Apply-ACPI_NONSTRING-in-more-places.patch
 - patches.suse/ACPICA-Apply-ACPI_NONSTRING.patch
 - patches.suse/ACPICA-Introduce-ACPI_NONSTRING.patch
- commit 41d2c18
- ACPICA: Apply ACPI_NONSTRING in more places (acpica-build-fix).
- commit 2d9e662
- ACPICA: Apply ACPI_NONSTRING (acpica-build-fix).
- ACPICA: Introduce ACPI_NONSTRING (acpica-build-fix).
- commit cee5f74
- Revert "Use gcc 13 for now" and "config: Set gcc version (jsc#PED-12251)."
 This reverts commits 1e750ef57517b9a3d42d75065c96ca02b25a7055 and
 45c418b088c1e0f8e34c73c29d52b2707b163d2b.
 gcc 13 is not is factory staging, so the kernel cannot be submitted to
 factory. Let's revert for now and invent something better. I.e. use
 system's unversioned gcc.
- Revert "Use gcc 13 for now"
 This reverts commit 45c418b088c1e0f8e34c73c29d52b2707b163d2b.
 gcc 13 is not is factory staging, so the kernel cannot be submitted to
 factory. Let's revert for now and invent something better.
- commit 9f69fe5
- Delete
 patches.suse/compiler.h-Avoid-the-usage-of-__typeof_unqual__-when.patch.
 Superseded by:
 1013f5636fd8 genksyms: Handle typeof_unqual keyword and __seg_{fs,gs} qualifiers
- commit cd769f1
- update to 6.15 final
- refresh configs (headers only)
- commit ed9faca
- Linux 6.14.8 (bsc#1012628).
- phy: tegra: xusb: remove a stray unlock (bsc#1012628).
- perf tools: Fix build error for LoongArch (bsc#1012628).
- mm/page_alloc: fix race condition in unaccepted memory handling
 (bsc#1012628).
- drm/xe/gsc: do not flush the GSC worker from the reset path
 (bsc#1012628).
- accel/ivpu: Flush pending jobs of device's workqueues
 (bsc#1012628).
- accel/ivpu: Fix missing MMU events if file_priv is unbound
 (bsc#1012628).
- accel/ivpu: Fix missing MMU events from reserved SSID
 (bsc#1012628).
- accel/ivpu: Move parts of MMU event IRQ handling to thread
 handler (bsc#1012628).
- accel/ivpu: Dump only first MMU fault from single context
 (bsc#1012628).
- accel/ivpu: Use workqueue for IRQ handling (bsc#1012628).
- dmaengine: idxd: Refactor remove call with idxd_cleanup()
 helper (bsc#1012628).
- dmaengine: idxd: fix memory leak in error handling path of
 idxd_pci_probe (bsc#1012628).
- dmaengine: idxd: fix memory leak in error handling path of
 idxd_alloc (bsc#1012628).
- dmaengine: idxd: Add missing idxd cleanup to fix memory leak
 in remove call (bsc#1012628).
- dmaengine: idxd: Add missing cleanups in cleanup internals
 (bsc#1012628).
- dmaengine: idxd: Add missing cleanup for early error out in
 idxd_setup_internals (bsc#1012628).
- dmaengine: idxd: fix memory leak in error handling path of
 idxd_setup_groups (bsc#1012628).
- dmaengine: idxd: fix memory leak in error handling path of
 idxd_setup_engines (bsc#1012628).
- dmaengine: idxd: fix memory leak in error handling path of
 idxd_setup_wqs (bsc#1012628).
- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device
 structure instead of a local copy (bsc#1012628).
- dmaengine: ti: k3-udma: Add missing locking (bsc#1012628).
- mm: userfaultfd: correct dirty flags set for both present and
 swap pte (bsc#1012628).
- mm: hugetlb: fix incorrect fallback for subpool (bsc#1012628).
- io_uring/uring_cmd: fix hybrid polling initialization issue
 (bsc#1012628).
- io_uring/memmap: don't use page_address() on a highmem page
 (bsc#1012628).
- net: qede: Initialize qede_ll_ops with designated initializer
 (bsc#1012628).
- ring-buffer: Fix persistent buffer when commit page is the
 reader page (bsc#1012628).
- wifi: mt76: mt7925: fix missing hdr_trans_tlv command for
 broadcast wtbl (bsc#1012628).
- wifi: mt76: disable napi on driver removal (bsc#1012628).
- tpm: Mask TPM RC in tpm2_start_auth_session() (bsc#1012628).
- spi: tegra114: Use value to check for invalid delays
 (bsc#1012628).
- smb: client: fix memory leak during error handling for POSIX
 mkdir (bsc#1012628).
- scsi: sd_zbc: block: Respect bio vector limits for REPORT
   ... changelog too long, skipping 579 lines ...
- commit c1311f9

==== llvm20 ====
Version update (20.1.5 -> 20.1.6)

- Update to version 20.1.6.
 * This release contains bug-fixes for the LLVM 20.1.0 release.
   This release is API and ABI compatible with 20.1.0.
- Rebase llvm-do-not-install-static-libraries.patch.
- Remove obsolete llvm-fix-hexagon-test.patch.
- Use generic python3 for SLES 16 as python 3.11 is dropped there.
 [bsc#1243630]

==== openSUSE-release ====
Version update (20250601 -> 20250602)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd

- automatically generated by openSUSE-release-tools/pkglistgen

==== ovpn-dco ====
Version update (0.2.20241216~git0.a08b2fd_k6.14.6_2 -> 0.2.20241216~git0.a08b2fd_k6.15.0_1)

- add patches for 6.15
 * use-new-timer-api.patch
 * 6.15-newlink-proto.patch

==== patterns-media ====
Subpackages: patterns-media-rest_cd_core patterns-media-rest_dvd

- Drop xen from the DVD.

==== python-rich ====
Version update (13.9.4 -> 14.0.0)

- Update to 14.0.0
 * Added
 - Added env var TTY_COMPATIBLE to override auto-detection of TTY
   support (See console.rst for details). #3675
 * Changed
 - An empty NO_COLOR env var is now considered disabled. #3675
 - An empty FORCE_COLOR env var is now considered disabled. #3675
 - Rich tracebacks will now render notes on Python 3.11 onwards
   (added with Exception.add_note) #3676
 - Indentation in exceptions won't be underlined #3678
 - Rich tracebacks will now render Exception Groups #3677

==== python311 ====
Subpackages: python311-curses python311-dbm python311-x86-64-v3

- Add CVE-2025-4516-DecodeError-handler.patch fixing
 CVE-2025-4516 (bsc#1243273) blocking DecodeError handling
 vulnerability, which could lead to DoS.
- Use extended %autopatch.

==== python311-core ====
Subpackages: libpython3_11-1_0 libpython3_11-1_0-x86-64-v3 python311-base python311-base-x86-64-v3

- Add CVE-2025-4516-DecodeError-handler.patch fixing
 CVE-2025-4516 (bsc#1243273) blocking DecodeError handling
 vulnerability, which could lead to DoS.
- Use extended %autopatch.

==== tuned ====

- Fix newlines in changelog
- Add hardened profile (PED-12781)
 A 0001-hardened-Introduce-hardened-profile.patch

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.