Packages changed:
 SDL3
 cryptsetup
 exempi
 ffmpeg-7
 glibc
 glslang (15.1.0 -> 15.2.0)
 grub2
 gstreamer-plugins-bad
 kernel-firmware-realtek (20250224 -> 20250313)
 kmod
 libxslt (1.1.42 -> 1.1.43)
 openblas_openmp
 podman (5.4.0 -> 5.4.1)
 shaderc
 spirv-tools
 systemd (257.3 -> 257.4)
 vulkan-loader (1.4.304 -> 1.4.309)
 vulkan-tools (1.4.304 -> 1.4.309)
 webkit2gtk3
 webkit2gtk4
 zypper (1.14.87 -> 1.14.88)

=== Details ===

==== SDL3 ====

- Trim extraneous X11 dependencies from SDL3-devel [boo#1239635]

==== cryptsetup ====
Subpackages: libcryptsetup12

- Set pbkdf2 as the default PBKDF algorithm in LUKS2 format.
 [bsc#1236375, bsc#1236164]
 * The default PBKDF algorithm in the LUKS2 format is now Argon2id
   but its not FIPS compliant. A system would be unbootable if using
   Argon2id or Argon2i for disk encryption and then switching to
   kernel FIPS mode. This can be avoided by setting pbkdf2 as default.
 * Build using the configure option --with-luks2-pbkdf=pbkdf2.
 * Remove the dependency on libargon2 as is now provided by openssl.

==== exempi ====

- Ignore testcore test failure on s390x. It is known to fail on
 big endian architectures.

==== ffmpeg-7 ====
Subpackages: libavcodec61 libavfilter10 libavformat61 libavutil59 libpostproc58 libswresample5 libswscale8

- Add 0001-avcodec-libsvtav1-unbreak-build-with-latest-svtav1.patch
 to build with SVT-AV1 3.0.0.

==== glibc ====
Subpackages: glibc-locale glibc-locale-base

- Do not build libnsl1 (bsc#1239459)

==== glslang ====
Version update (15.1.0 -> 15.2.0)

- Update to release 15.2
 * Emit error if using in/out with struct pointer
 * Emit SPV_EXT_opacity_micromap if GL extension is present
 * Support GL_NV_linear_swept_spheres, GLSL_EXT_nontemporal_keyword,
   GL_NV_cluster_acceleration_structure, GL_NV_cooperative_vector,
   GL_EXT_texture_offset_non_const, EXT_integer_dot_product
 * Check SparseTextureOffset non-const parameters
 * Revert cross-stage check for missing outputs
 * Add support for OpTypeRayQueryKHR and
   OpTypeAccelerationStructureKHR to SPVRemapper
- Make build recipe POSIX sh compatible
- Switch Leap compiler to gcc 13 following the rest of the
 Vulkan stack

==== grub2 ====
Subpackages: grub2-common grub2-i386-efi grub2-i386-efi-bls grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi grub2-x86_64-efi-bls

- Update the patch to fix "SRK not matched" errors when unsealing
 the key (bsc#1232411)
 * 0001-tpm2-Add-extra-RSA-SRK-types.patch

==== gstreamer-plugins-bad ====
Subpackages: libgstadaptivedemux-1_0-0 libgstanalytics-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstinsertbin-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstmse-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0

- Disable nvcodec/cuda on aarch64 and %arm as it fails to build

==== kernel-firmware-realtek ====
Version update (20250224 -> 20250313)

- Update to version 20250313 (git commit 1d4c88ee96ec):
 * rtw88: Add firmware v33.6.0 for RTL8814AE/RTL8814AU
 * rtw89: 8922a: update fw to v0.35.64.0
 * rtw89: 8922a: update fw to v0.35.63.0
 * rtw89: 8852c: update fw to v0.27.125.0

==== kmod ====
Subpackages: libkmod2

- tests: drop ppc64 workaround, print failed test results if any

==== libxslt ====
Version update (1.1.42 -> 1.1.43)
Subpackages: libexslt0 libxslt-tools libxslt1

- Update to 1.1.43:
 * Major changes:
 - The non-standard EXSLT crypto extensions and support for dynamically
   loaded plugins are now disabled by default. These features can be
   enabled by passing --with-crypto or --with-plugins to configure.
   In a future release, these features will be removed.
 - Debug output and the debugger are disabled by default and can be
   enabled by passing --with-debug or --with-debugger.
 * Security:
 - [bsc#1239625, CVE-2025-24855] Fix use-after-free of XPath context node
 - [bsc#1239637, CVE-2024-55549] Fix UAF related to excluded namespaces
 * Bug fixes:
 - variables: Fix non-deterministic generated IDs
 * libxml2 related cleanup:
 - python: Don't use removed libxml2 macro
 - tests: Skip test_bad.xsl with libxml2 before 2.13
 - python: Don't include nanoftp.h and nanohttp.h
 - tests: Avoid namespace warning on Windows
 - numbers: Stop using libxml2 XPath axis API
 - numbers: Use private copy of xmlCopyCharMultiByte
 - documents: Use xmlCtxtParseDocument if available
 - tests: Make runtest compile with older libxml2 versions
 - utils: Account for libxml2 change
 - tests: Make bug-219.xsl compatible with older libxml2
 - extensions: always include stdlib.h (Hugo Beauzée-Luyssen)
 - extensions: Don't use libxml2's "modules" feature
 * Code cleanup:
 - numbers: Make static variables const
 - variables: Remove debug code
 * Portability:
 - python: Declare init func with PyMODINIT_FUNC
 - exslt: Use C99 NAN macro
 * Build:
 - cmake: Always build Python module as shared library
 - cmake: Fix compatibility in package version file
 - configure.ac: Find libgcrypt via pkg-config (Alessandro Astone)
 * Remove patches fixed in the update:
 - libxslt-reproducible.patch
 - libxslt-test-compile-with-older-libxml2-versions.patch

==== openblas_openmp ====

- Use upstream patch for bsc#1239134 which is more friendly to the
 non-affected power9 and power10 sub-architectures:
 Replace:
 Revert-ba47c7f4f301aad100ed166de338b86e01da8465.patch
 by:
 Restore-the-non-vectorized-code-from-before-PR4880-for-POWER8.patch

==== podman ====
Version update (5.4.0 -> 5.4.1)

- Update to version 5.4.1:
 * Bugfixes
 - Fixed a bug where volume quotas were not being applied
   (#25368).
 - Fixed a bug where the --pid-limit=-1 option did not function
   properly with containers using the runc OCI runtime.
 - Fixed a bug where the podman artifact pull command did not
   respect the --retry-delay option.
 - Fixed a bug where Podman would leak a file and directory for
   every container created.
 - Fixed a bug where the podman wait command would sometimes
   error when waiting for a container set to auto-remove.
 - Fixed a bug where Quadlet .kube units would not report an
   error (and stay running) even when a pod failed to start
   (#20667).
 * API
 - Fixed a bug where the Compat DF endpoint did not correctly
   report total size of all images.
 * Misc
 - Updated Buildah to v1.39.2
 - Updated the containers/common library to v0.62.1
 - Updated the containers/image library to v5.34.1
- drop patch
 0001-CVE-2025-27144-vendor-don-t-allow-unbounded-amounts-.patch

==== shaderc ====

- Switch Leap build to newer gcc 13

==== spirv-tools ====

- Bump BuildRequires to match spirv-headers

==== systemd ====
Version update (257.3 -> 257.4)
Subpackages: libsystemd0 libudev1 systemd-boot systemd-experimental udev

- triggers.systemd: more posix.fork() conversion (bsc#1238566)
- Import commit f133e5974e69708d7491d4823780690c913f7bda (merge v257.4)
 For a complete list of changes, visit:
 https://github.com/openSUSE/systemd/compare/e03ffd74c4a30c1c75e05874ce18d31e503437b7...f133e5974e69708d7491d4823780690c913f7bda

==== vulkan-loader ====
Version update (1.4.304 -> 1.4.309)

- Update to tag SDK-1.4.309.0
 * Make Xrandr not implicitly required when x11 is used
 * Make emulate_VK_EXT_surface_maintenance1 comply better with
   Vulkan spec
 * Support VK_GOOGLE_surfaceless_query

==== vulkan-tools ====
Version update (1.4.304 -> 1.4.309)

- Update to tag SDK-1.4.309.0
 * vulkaninfo: Add video profiles support
 * cube: Correctly apply sRGB OETF/EOTF
 * icd: Add VkPhysicalDeviceMaintenance3Properties

==== webkit2gtk3 ====
Subpackages: libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 webkit2gtk-4_1-injected-bundles

- Add 7d784721.patch: WebGL context primitive restart can be
 toggled from WebContent process (boo#1239547 CVE-2025-24201).

==== webkit2gtk4 ====
Subpackages: libjavascriptcoregtk-6_0-1 libwebkitgtk-6_0-4 webkitgtk-6_0-injected-bundles

- Add 7d784721.patch: WebGL context primitive restart can be
 toggled from WebContent process (boo#1239547 CVE-2025-24201).

==== zypper ====
Version update (1.14.87 -> 1.14.88)
Subpackages: zypper-needs-restarting

- Do not double encode URL strings passed on the commandline
 (bsc#1237587)
 URLs passed on the commandline must have their special chars
 encoded already. We just want to check and encode forgotten
 unsafe chars like a blank. A '%' however must not be encoded
 again.
- version 1.14.88

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.