Packages changed:
 MicroOS-release (20250205 -> 20250206)
 apparmor
 distribution-logos-openSUSE (20241022 -> 20250203)
 krb5
 libapparmor
 python-cryptography (43.0.3 -> 44.0.0)
 sssd (2.10.1 -> 2.10.2)
 tiff

=== Details ===

==== MicroOS-release ====
Version update (20250205 -> 20250206)
Subpackages: MicroOS-release-appliance MicroOS-release-dvd

- automatically generated by openSUSE-release-tools/pkglistgen

==== apparmor ====
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor

- add python313.patch to fix build with python 3.13

==== distribution-logos-openSUSE ====
Version update (20241022 -> 20250203)
Subpackages: distribution-logos-openSUSE-MicroOS distribution-logos-openSUSE-icons

- Update to version 20250203:
 * Kalpa: Add Distribution Logos

==== krb5 ====

- Prevent overflow when calculating ulog block size. An authenticated
 attacker can cause kadmind to write beyond the end of the mapped
 region for the iprop log file, likely causing a process crash;
 (CVE-2025-24528); (bsc#1236619).
- Add patch 0010-CVE-2025-24528.patch

==== libapparmor ====

- add python313.patch to fix build with python 3.13

==== python-cryptography ====
Version update (43.0.3 -> 44.0.0)

- Update to version 44.0.0:
 * BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.9.
 * Deprecated Python 3.7 support. Python 3.7 is no longer supported by
   the Python core team. Support for Python 3.7 will be removed in a future
   cryptography release.
 * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.
 * macOS wheels are now built against the macOS 10.13 SDK. Users on older
   versions of macOS should upgrade, or they will need to build cryptography
   themselves.
 * Enforce the RFC 5280 requirement that extended key usage extensions must not be empty.
 * Added support for timestamp extraction to the :class:`~cryptography.fernet.MultiFernet` class.
 * Relax the Authority Key Identifier requirements on root CA certificates
   during X.509 verification to allow fields permitted by RFC 5280 but
   forbidden by the CA/Browser BRs.
 * Added support for
   :class:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id` when using
   OpenSSL 3.2.0+.
 * Added support for the :class:`~cryptography.x509.Admissions` certificate extension.
 * Added basic support for PKCS7 decryption (including S/MIME 3.2) via
   :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der`,
   :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem`,
   and :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime`.
- Update specfile to accommodate new project structure at version 44.0.0
- Update no-pytest_benchmark.patch

==== sssd ====
Version update (2.10.1 -> 2.10.2)
Subpackages: libsss_certmap0 libsss_idmap0 sssd-krb5-common sssd-ldap

- Update to release 2.10.2
 * If the ssh responder is not running, sss_ssh_knownhosts will
   not fail (but it will not return the keys).
 * SSSD is now capable of handling multiple services associated
   with the same port.
 * sssd_pam, being a privileged binary, now clears the
   environment and does not allow configuration of the
   PR_SET_DUMPABLE flag as a precaution.

==== tiff ====

- Update test/test_directory.c not to fail on big-endian machines.
 * Add tiff-4.7.0-test_directory.patch
   Fix memory leaks (fixes issue #652)
 * Resolves bsc#1236834
   fix build fail on s390x

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.