Packages changed:
ImageMagick (7.1.2.0 -> 7.1.2.1)
bind (9.20.11 -> 9.20.12)
blueman
fuse3 (3.17.3 -> 3.17.4)
gettext-runtime (0.25.1 -> 0.26)
git
kernel-firmware-amdgpu (20250811 -> 20250815)
kernel-firmware-ath11k (20250808 -> 20250820)
kernel-firmware-bluetooth (20250808 -> 20250820)
kernel-firmware-intel (20250718 -> 20250821)
kernel-firmware-iwlwifi (20250609 -> 20250818)
kernel-firmware-media (20250804 -> 20250820)
kernel-firmware-qcom (20250808 -> 20250820)
kernel-firmware-realtek (20250814 -> 20250820)
kernel-firmware-sound (20250721 -> 20250821)
kwin6
libnftnl (1.2.9 -> 1.3.0)
libspelling (0.4.8 -> 0.4.9)
man-pages-zh_CN (1.6.4.2 -> 1.6.4.3)
nftables (1.1.3 -> 1.1.4)
openSUSE-release (20250820 -> 20250822)
python-markdown-it-py
python-netaddr
python313 (3.13.5 -> 3.13.7)
python313-core (3.13.5 -> 3.13.7)
sdbootutil (1+git20250812.13f4562 -> 1+git20250820.077bd8b)
tiff
xf86-video-vmware
xfdesktop
yast2-iscsi-client (5.0.9 -> 5.0.10)
=== Details ===
==== ImageMagick ====
Version update (7.1.2.0 -> 7.1.2.1)
Subpackages: ImageMagick-config-7-SUSE libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10
- version update to 7.1.2.1
* Add support for Simple File Format Family (SF3) images by @Shinmera in #8243
* Fix validation issues in SF3 by @Shinmera in #8252
* Fix compressed exr reading by @Hadsen in #8285
* Use OpenMP in ashlar by @yerlotic in #8288
* Bump actions/download-artifact from 4 to 5 by @dependabot[bot] in #8296
- modified patches
% ImageMagick-library-installable-in-parallel.patch
- removed patches
- ImageMagick-filename-placeholder-regression-1.patch (upstreamed)
- ImageMagick-filename-placeholder-regression-2.patch (upstreamed)
- ImageMagick-filename-placeholder-regression-3.patch (upstreamed)
- fixes
CVE-2025-55160 [bsc#1248079], CVE-2025-55004 [bsc#1248076]
CVE-2025-55154 [bsc#1248078], CVE-2025-55005 [bsc#1248077]
==== bind ====
Version update (9.20.11 -> 9.20.12)
Subpackages: bind-doc bind-utils
- Upgrade to release 9.20.12
New Features:
* Support for parsing DSYNC records has been added.
Feature Changes:
* Add deprecation warnings for RSASHA1, RSASHA1-NSEC3SHA1, and DS
digest type 1.
Bug Fixes:
* Stale RRsets in a CNAME chain were not always refreshed.
* Add RPZ extended DNS error for zones with a CNAME override
policy configured.
* Fix dig +keepopen option.
* Log dropped or slipped responses in the query-errors category.
* Fix synth-from-dnssec not working in some scenarios.
* Clean enough memory when adding new ADB names/entries under
memory pressure.
* Prevent spurious validation failures.
==== blueman ====
Subpackages: blueman-lang thunar-sendto-blueman
- Fix build on Leap 16.0 that has no nemo-extensions package
(bsc#1247915)
==== fuse3 ====
Version update (3.17.3 -> 3.17.4)
Subpackages: libfuse3-4
- Update to release 3.17.4
* detect mount-utils by checking for /run/mount/utab
==== gettext-runtime ====
Version update (0.25.1 -> 0.26)
Subpackages: envsubst libtextstyle0
- Update to version 0.26:
* C, C++, Python, JavaScript, EmacsLisp, librep, Go, Ruby, awk, D, Tcl,
Perl, PHP:
- xgettext's heuristic recognition of format strings has been improved:
strings like "100% complete" (with a space flag in a format directive)
are no longer flagged as format strings by default, unless they occur
in a context that requires a format string. You can override this
heuristic by using a comment of the form /* xgettext: c-format */.
* Shell:
- The documentation now mentions two other approaches for
internationalizing messages with parameters in shell scripts.
- xgettext now recognizes format strings in the 'printf' command syntax.
They are marked as 'sh-printf-format' in POT and PO files.
- Two new programs 'printf_gettext' and 'printf_ngettext' are provided,
that do formatted output with a localized format string in a more
efficient way (without spawning a subshell).
- xgettext now recognizes the \c, \u, and \U escape sequences in dollar-
single-quoted strings $'...'.
[#] Improvements for maintainers:
* xgettext:
- When extracting a message with plural that is some format string,
xgettext now verifies that the msgid and msgid_plural are compatible
as format strings. For most format string types, this still allows
omitting from msgid a placeholder that is used in msgid_plural. But
when a placeholder is used in both msgid and msgid_plural, its type
must be the same in both.
- xgettext now suggests a refactoring when a translatable string
contains an URL or email address.
[#] Improvements for translators:
* msggrep:
- msggrep accepts two new options -W/--workflow-flags and -S/--sticky-flags
that allow to select only messages that have a specified flag.
- Refresh patches.
==== git ====
Subpackages: git-core git-email git-gui git-web gitk perl-Git
- Use zlib instead of zlib-ng for SLES16
==== kernel-firmware-amdgpu ====
Version update (20250811 -> 20250815)
- Update to version 20250815 (git commit 07ed893df57c):
* amdgpu: DMCUB updates for various ASICs
==== kernel-firmware-ath11k ====
Version update (20250808 -> 20250820)
- Update to version 20250820 (git commit 70dda28e5098):
* ath11k: WCN6855 hw2.0@nfa765: add to WLAN.HSP.1.1-04685-QCAHSPSWPL_V1_V2_SILICONZ_IOE-1
==== kernel-firmware-bluetooth ====
Version update (20250808 -> 20250820)
- Update to version 20250820 (git commit 70dda28e5098):
* Link rtl8723b_config.bin to rtl8723bs
==== kernel-firmware-intel ====
Version update (20250718 -> 20250821)
- Update to version 20250821 (git commit c88f7d064603):
* intel/ish: Add firmware for LENOVO THINKPAD X1 2-in-1 Gen 10
==== kernel-firmware-iwlwifi ====
Version update (20250609 -> 20250818)
- Update to version 20250818 (git commit 72a326cda491):
* iwlwifi: add Bz/gl FW for core97-84 release
* iwlwifi: update ty/So/Ma firmwares for core97-84 release
* iwlwifi: update cc/Qu/QuZ firmwares for core97-84 release
==== kernel-firmware-media ====
Version update (20250804 -> 20250820)
- Update to version 20250820 (git commit 70dda28e5098):
* qcom: Add firmware binary for SM8650.
==== kernel-firmware-qcom ====
Version update (20250808 -> 20250820)
- Update to version 20250820 (git commit 70dda28e5098):
* qcom: add CDSP firmware for x1e80100 platform
==== kernel-firmware-realtek ====
Version update (20250814 -> 20250820)
- Update to version 20250820 (git commit 70dda28e5098):
* rtw89: 8922a: update fw to v0.35.80.3
* rtw89: 8852c: update fw to v0.27.129.4
* rtw89: 8852c: update fw to v0.27.129.3
==== kernel-firmware-sound ====
Version update (20250721 -> 20250821)
- Update to version 20250821 (git commit c88f7d064603):
* cirrus: cs35l41: Move entries to correct driver section in WHENCE
* cirrus: cs35l56: Update firmware for Cirrus Amps for some Lenovo laptops
- Update to version 20250820 (git commit 70dda28e5098):
* cirrus: cs35l56: Add firmware for Cirrus Amps for some Lenovo laptops
==== kwin6 ====
Subpackages: kwin6-lang libkwin6
- Add patch to avoid flicker due to amdgpu driver bug (kde#508350):
* 0001-backends-drm-work-around-amdgpu-applying-GAMMA_LUT-i.patch
==== libnftnl ====
Version update (1.2.9 -> 1.3.0)
- Update to release 1.3.0
* set: dump set backend name (hash, rbtree...) and elem count,
if available
==== libspelling ====
Version update (0.4.8 -> 0.4.9)
Subpackages: libspelling-lang libspelling1-2
- Update to version 0.4.9:
+ Improve discovery of no-spell-check tags
+ Fix various leaks in the testsuite which CI now tests for
+ Improve life-cycle tracking of text-region from SpellingEngine
+ CI now runs ASAN/LSAN/UBSAN and others on every commit
+ Updated translations.
==== man-pages-zh_CN ====
Version update (1.6.4.2 -> 1.6.4.3)
- version update to 1.6.4.3:
* Full translation of xargs(1) from findutils v4.10.0.
==== nftables ====
Version update (1.1.3 -> 1.1.4)
Subpackages: libnftables1 python313-nftables
- Add json.patch
- Update to release 1.1.4
* Add conntrack information to monitor trace command.
* Add a 'check' fib result to check for routes.
* Better error reporting with re-declarations set/map with
different types.
* Restore meta hour matching on ranges spanning date boundaries,
e.g. `... meta hour "21:00"-"02:00"`
* Display number of set elements in rule listings.
* Allow deleting maps via their handle.
==== openSUSE-release ====
Version update (20250820 -> 20250822)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== python-markdown-it-py ====
- Convert to libalternatives on SLE-16-based and newer systems only
==== python-netaddr ====
- Convert to libalternatives on SLE-16-based and newer systems only
==== python313 ====
Version update (3.13.5 -> 3.13.7)
Subpackages: python313-curses python313-dbm python313-tk python313-x86-64-v3
- Update to 3.13.7:
- gh-137583: Fix a deadlock introduced in 3.13.6 when a call
to ssl.SSLSocket.recv was blocked in one thread, and then
another method on the object (such as ssl.SSLSocket.send) was
subsequently called in another thread.
- gh-137044: Return large limit values as positive integers
instead of negative integers in resource.getrlimit().
Accept large values and reject negative values (except
RLIM_INFINITY) for limits in resource.setrlimit().
- gh-136914: Fix retrieval of doctest.DocTest.lineno
for objects decorated with functools.cache() or
functools.cached_property.
- gh-131788: Make ResourceTracker.send from multiprocessing
re-entrant safe
- gh-136155: We are now checking for fatal errors in EPUB
builds in CI.
- gh-137400: Fix a crash in the free threading build when
disabling profiling or tracing across all threads with
PyEval_SetProfileAllThreads() or PyEval_SetTraceAllThreads()
or their Python equivalents threading.settrace_all_threads()
and threading.setprofile_all_threads().
- Remove upstreamed patch:
- gh137583-only-lock-SSL-context.patch
- Add gh137583-only-lock-SSL-context.patch fixing the
regression in 3.13.6 by breaking non-blocking TLS connections
(gh#python/cpython#137583).
- Update to 3.13.6:
- Security
- gh-135661: Fix parsing start and end tags in
html.parser.HTMLParser according to the HTML5 standard.
- Whitespaces no longer accepted between </ and the tag
name. E.g. </ script> does not end the script section.
- Vertical tabulation (\v) and non-ASCII whitespaces no
longer recognized as whitespaces. The only whitespaces
are \t\n\r\f and space.
- Null character (U+0000) no longer ends the tag name.
- Attributes and slashes after the tag name in end tags
are now ignored, instead of terminating after the first
> in quoted attribute value. E.g. </script/foo=">"/>.
- Multiple slashes and whitespaces between the last
attribute and closing > are now ignored in both start
and end tags. E.g. <a foo=bar/ //>.
- Multiple = between attribute name and value are no
longer collapsed. E.g. <a foo==bar> produces attribute
“foo” with value “=bar”.
- gh-102555: Fix comment parsing in html.parser.HTMLParser
according to the HTML5 standard. --!> now ends the comment.
- - > no longer ends the comment. Support abnormally ended
empty comments <--> and <--->.
- gh-135462: Fix quadratic complexity in processing specially
crafted input in html.parser.HTMLParser. End-of-file errors
are now handled according to the HTML5 specs – comments and
declarations are automatically closed, tags are ignored
(CVE-2025-6069, bsc#1244705).
- gh-118350: Fix support of escapable raw text mode (elements
“textarea” and “title”) in html.parser.HTMLParser.
- Core and Builtins
- gh-58124: Fix name of the Python encoding in Unicode errors
of the code page codec: use “cp65000” and “cp65001” instead
of “CP_UTF7” and “CP_UTF8” which are not valid Python code
names. Patch by Victor Stinner.
- gh-137314: Fixed a regression where raw f-strings
incorrectly interpreted escape sequences in format
specifications. Raw f-strings now properly preserve literal
backslashes in format specs, matching the behavior from
Python 3.11. For example, rf"{obj:\xFF}" now correctly
produces '\\xFF' instead of 'ÿ'. Patch by Pablo Galindo.
- gh-136541: Fix some issues with the perf trampolines
on x86-64 and aarch64. The trampolines were not being
generated correctly for some cases, which could lead to
the perf integration not working correctly. Patch by Pablo
Galindo.
- gh-109700: Fix memory error handling in
PyDict_SetDefault().
- gh-78465: Fix error message for cls.__new__(cls, ...) where
cls is not instantiable builtin or extension type (with
tp_new set to NULL).
- gh-135871: Non-blocking mutex lock attempts now return
immediately when the lock is busy instead of briefly
spinning in the free threading build.
- gh-135607: Fix potential weakref races in an object’s
destructor on the free threaded build.
- gh-135496: Fix typo in the f-string conversion type error
(“exclamanation” -> “exclamation”).
- gh-130077: Properly raise custom syntax errors when
incorrect syntax containing names that are prefixes of soft
keywords is encountered. Patch by Pablo Galindo.
- gh-135148: Fixed a bug where f-string debug expressions
(using =) would incorrectly strip out parts of strings
containing escaped quotes and # characters. Patch by Pablo
Galindo.
- gh-133136: Limit excess memory usage in the free threading
build when a large dictionary or list is resized and
accessed by multiple threads.
- gh-132617: Fix dict.update() modification check that could
incorrectly raise a “dict mutated during update” error when
a different dictionary was modified that happens to share
the same underlying keys object.
- gh-91153: Fix a crash when a bytearray is concurrently
... changelog too long, skipping 131 lines ...
- CVE-2025-6069-quad-complex-HTMLParser.patch
==== python313-core ====
Version update (3.13.5 -> 3.13.7)
Subpackages: libpython3_13-1_0 libpython3_13-1_0-x86-64-v3 python313-base python313-base-x86-64-v3
- Update to 3.13.7:
- gh-137583: Fix a deadlock introduced in 3.13.6 when a call
to ssl.SSLSocket.recv was blocked in one thread, and then
another method on the object (such as ssl.SSLSocket.send) was
subsequently called in another thread.
- gh-137044: Return large limit values as positive integers
instead of negative integers in resource.getrlimit().
Accept large values and reject negative values (except
RLIM_INFINITY) for limits in resource.setrlimit().
- gh-136914: Fix retrieval of doctest.DocTest.lineno
for objects decorated with functools.cache() or
functools.cached_property.
- gh-131788: Make ResourceTracker.send from multiprocessing
re-entrant safe
- gh-136155: We are now checking for fatal errors in EPUB
builds in CI.
- gh-137400: Fix a crash in the free threading build when
disabling profiling or tracing across all threads with
PyEval_SetProfileAllThreads() or PyEval_SetTraceAllThreads()
or their Python equivalents threading.settrace_all_threads()
and threading.setprofile_all_threads().
- Remove upstreamed patch:
- gh137583-only-lock-SSL-context.patch
- Add gh137583-only-lock-SSL-context.patch fixing the
regression in 3.13.6 by breaking non-blocking TLS connections
(gh#python/cpython#137583).
- Update to 3.13.6:
- Security
- gh-135661: Fix parsing start and end tags in
html.parser.HTMLParser according to the HTML5 standard.
- Whitespaces no longer accepted between </ and the tag
name. E.g. </ script> does not end the script section.
- Vertical tabulation (\v) and non-ASCII whitespaces no
longer recognized as whitespaces. The only whitespaces
are \t\n\r\f and space.
- Null character (U+0000) no longer ends the tag name.
- Attributes and slashes after the tag name in end tags
are now ignored, instead of terminating after the first
> in quoted attribute value. E.g. </script/foo=">"/>.
- Multiple slashes and whitespaces between the last
attribute and closing > are now ignored in both start
and end tags. E.g. <a foo=bar/ //>.
- Multiple = between attribute name and value are no
longer collapsed. E.g. <a foo==bar> produces attribute
“foo” with value “=bar”.
- gh-102555: Fix comment parsing in html.parser.HTMLParser
according to the HTML5 standard. --!> now ends the comment.
- - > no longer ends the comment. Support abnormally ended
empty comments <--> and <--->.
- gh-135462: Fix quadratic complexity in processing specially
crafted input in html.parser.HTMLParser. End-of-file errors
are now handled according to the HTML5 specs – comments and
declarations are automatically closed, tags are ignored
(CVE-2025-6069, bsc#1244705).
- gh-118350: Fix support of escapable raw text mode (elements
“textarea” and “title”) in html.parser.HTMLParser.
- Core and Builtins
- gh-58124: Fix name of the Python encoding in Unicode errors
of the code page codec: use “cp65000” and “cp65001” instead
of “CP_UTF7” and “CP_UTF8” which are not valid Python code
names. Patch by Victor Stinner.
- gh-137314: Fixed a regression where raw f-strings
incorrectly interpreted escape sequences in format
specifications. Raw f-strings now properly preserve literal
backslashes in format specs, matching the behavior from
Python 3.11. For example, rf"{obj:\xFF}" now correctly
produces '\\xFF' instead of 'ÿ'. Patch by Pablo Galindo.
- gh-136541: Fix some issues with the perf trampolines
on x86-64 and aarch64. The trampolines were not being
generated correctly for some cases, which could lead to
the perf integration not working correctly. Patch by Pablo
Galindo.
- gh-109700: Fix memory error handling in
PyDict_SetDefault().
- gh-78465: Fix error message for cls.__new__(cls, ...) where
cls is not instantiable builtin or extension type (with
tp_new set to NULL).
- gh-135871: Non-blocking mutex lock attempts now return
immediately when the lock is busy instead of briefly
spinning in the free threading build.
- gh-135607: Fix potential weakref races in an object’s
destructor on the free threaded build.
- gh-135496: Fix typo in the f-string conversion type error
(“exclamanation” -> “exclamation”).
- gh-130077: Properly raise custom syntax errors when
incorrect syntax containing names that are prefixes of soft
keywords is encountered. Patch by Pablo Galindo.
- gh-135148: Fixed a bug where f-string debug expressions
(using =) would incorrectly strip out parts of strings
containing escaped quotes and # characters. Patch by Pablo
Galindo.
- gh-133136: Limit excess memory usage in the free threading
build when a large dictionary or list is resized and
accessed by multiple threads.
- gh-132617: Fix dict.update() modification check that could
incorrectly raise a “dict mutated during update” error when
a different dictionary was modified that happens to share
the same underlying keys object.
- gh-91153: Fix a crash when a bytearray is concurrently
... changelog too long, skipping 131 lines ...
- CVE-2025-6069-quad-complex-HTMLParser.patch
==== sdbootutil ====
Version update (1+git20250812.13f4562 -> 1+git20250820.077bd8b)
Subpackages: sdbootutil-dracut-measure-pcr sdbootutil-snapper
- Update to version 1+git20250820.077bd8b:
* Revert "Ignore UPDATE_NVRAM (bsc#1247952)"
* Fix dracut "No '/dev/log' or 'logger'" message
* Don't mount /etc in chroot with btrfs subvolume
* Fix issue template directory name
- Update to version 1+git20250814.85181f6:
* Add issue templates for bugs and feature requests
* Use command line of target snapshot
* Add --no-measure-pcr to opt-out PCR15
* Remove README images
==== tiff ====
- security update:
* CVE-2025-8534 [bsc#1247582]
Fix null pointer dereference in function PS_Lvl2page
+ tiff-CVE-2025-8534.patch
* CVE-2025-9165 [bsc#1248330]
Fix local execution manipulation can lead to memory leak
+ tiff-CVE-2025-9165.patch
* CVE-2024-13978 [bsc#1247581]
Fix null pointer dereference in tiff2pdf
+ tiff-CVE-2024-13978.patch
==== xf86-video-vmware ====
- removed buidrequires to xatracker
==== xfdesktop ====
Subpackages: xfdesktop-lang
- Fix the monitor name pickup on Wayland, which resulted in broken
background picture setup (bsc#1247542):
xfdesktop-wayland-get-proper-monitor-name.patch
- Fix missing backslash for building in non-git mode
==== yast2-iscsi-client ====
Version update (5.0.9 -> 5.0.10)
- Fix the initialization of the valid iscsi offload cards not
bringing up the network cards with an empty iface name
(bsc#1246210).
- 5.0.10
