Packages changed:
 MicroOS-release (20250410 -> 20250411)
 cyrus-sasl
 docker
 ethtool (6.11 -> 6.14)
 iproute2 (6.13 -> 6.14)
 libalternatives (1.2+30.a5431e9 -> 1.2+31.da24cd4)
 libgpg-error (1.51 -> 1.53)
 mjpegtools
 python-MarkupSafe
 python-PyJWT
 runc (1.2.5 -> 1.2.6)
 selinux-policy (20250403 -> 20250410)
 systemd (257.4 -> 257.5)

=== Details ===

==== MicroOS-release ====
Version update (20250410 -> 20250411)
Subpackages: MicroOS-release-appliance MicroOS-release-dvd

- automatically generated by openSUSE-release-tools/pkglistgen

==== cyrus-sasl ====
Subpackages: cyrus-sasl-gssapi libsasl2-3

- add -std=gnu11 to CFLAGS to fix gcc15 compile time error, and to
 still allow build on Leap 15.6

==== docker ====
Subpackages: docker-buildx docker-rootless-extras

- Update to docker-buildx v0.22.0. Upstream changelog:
 <https://github.com/docker/buildx/releases/tag/v0.22.0>
 * Includes fixes for CVE-2025-0495. bsc#1239765
- Disable transparent SUSEConnect support for SLE-16. PED-12534
 When this patchset was first added in 2013 (and rewritten over the years),
 there was no upstream way to easily provide SLE customers with a way to build
 container images based on SLE using the host subscription. However, with
 docker-buildx you can now define secrets for builds (this is not entirely
 transparent, but we can easily document this new requirement for SLE-16).
 Users should use
   RUN --mount=type=secret,id=SCCcredentials zypper -n ...
 in their Dockerfiles, and
   docker buildx build --secret id=SCCcredentials,src=/etc/zypp/credentials.d/SCCcredentials,type=file .
 when doing their builds.
- Now that the only blocker for docker-buildx support was removed for SLE-16,
 enable docker-buildx for SLE-16 as well. PED-8905
- Don't use the new container-selinux conditional requires on SLE-12, as the
 RPM version there doesn't support it. Arguably the change itself is a bit
 suspect but we can fix that later. bsc#1237367
- Add backport for golang.org/x/oauth2 CVE-2025-22868 fix. bsc#1239185
 + 0006-CVE-2025-22868-vendor-jws-split-token-into-fixed-num.patch
- Add backport for golang.org/x/crypto CVE-2025-22869 fix. bsc#1239322
 + 0007-CVE-2025-22869-vendor-ssh-limit-the-size-of-the-inte.patch
- Refresh patches:
 * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
 * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
 * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
 * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
 * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch

==== ethtool ====
Version update (6.11 -> 6.14)

- update to upstream release 6.14
 * Feature: list PHYs (--show-phys)
 * Feature: target a specific PHY with some commands (--phy)
 * Feature: more attributes for C33 PSE (--show-pse, --set-pse)
 * Feature: source information for cable tests (--cable-test[-tdr])
 * Feature: JSON output for module info (-m)
 * Feature: misc RSS hash info improvements (-x)
 * Feature: tsinfo hwtstamp provider (--{get,set}-hwtimestamp-cfg)
 * Fix: fix wrong auto-negotiation state (no option)
 * Fix: more explicit RSS context action (-n)
 * Fix: print PHY address as decimal (no option)
 * Fix: fix return value on flow hashing error (-N)
 * Fix: fix JSON output for IRQ coalescing
 * Fix: fix MDI-X info output (no option)
 * Misc: add '-j' alias for --json
 * Misc: provide AppStream metainfo XML

==== iproute2 ====
Version update (6.13 -> 6.14)

- Update to release 6.14
 * Add IPv6 flow label support to `ip route` and `ip rule`
 * Add `ip monitor maddress` support
 * ss: Display seq counters as decimal for mptcp subflows

==== libalternatives ====
Version update (1.2+30.a5431e9 -> 1.2+31.da24cd4)
Subpackages: alts libalternatives1

- Update to version v1.2+31.da24cd4:
 * utils: better handle case of unknown option

==== libgpg-error ====
Version update (1.51 -> 1.53)

- Update to 1.53:
 * Fix regression in 1.52.
 * Rebase libgpg-error-nobetasuffix.patch
- Update to 1.52:
 * The KEY_WOW64_xxKEY flags can now be passed to the Registry read
   functions. [rE652328c786]
 * In the spawn functions care about closefrom/close call is
   interrupted. [T7478]
 * New simple string list API. [rE47097806f1]
 * New API for name value files. [rE7ec1f27b60]
 * Interface changes relative to the 1.51 release:
 - gpgrt_w32_reg_query_string          NEW (Windows only).
 - gpgrt_strlist_t                     NEW type.
 - gpgrt_strlist_free                  NEW.
 - gpgrt_strlist_add                   NEW.
 - gpgrt_strlist_tokenize              NEW.
 - gpgrt_strlist_copy                  NEW.
 - gpgrt_strlist_rev                   NEW.
 - gpgrt_strlist_prev                  NEW.
 - gpgrt_strlist_last                  NEW.
 - gpgrt_strlist_pop                   NEW.
 - gpgrt_strlist_find                  NEW.
 - GPGRT_STRLIST_APPEND                NEW const.
 - GPGRT_STRLIST_WIPE                  NEW const.
 - gpgrt_nvc_t                         NEW type.
 - gpgrt_nve_t                         NEW type.
 - gpgrt_nvc_new                       NEW.
 - gpgrt_nvc_release                   NEW.
 - gpgrt_nvc_get_flag                  NEW.
 - gpgrt_nvc_add                       NEW.
 - gpgrt_nvc_set                       NEW.
 - gpgrt_nve_set                       NEW.
 - gpgrt_nvc_delete                    NEW.
 - gpgrt_nvc_lookup                    NEW.
 - gpgrt_nvc_parse                     NEW.
 - gpgrt_nvc_write                     NEW.
 - gpgrt_nve_next                      NEW.
 - gpgrt_nve_name                      NEW.
 - gpgrt_nve_value                     NEW.
 - gpgrt_nvc_get_string                NEW.
 - gpgrt_nvc_get_bool                  NEW.
 - GPGRT_NVC_WIPE                      NEW const.
 - GPGRT_NVC_PRIVKEY                   NEW const.
 - GPGRT_NVC_SECTION                   NEW const.
 - GPGRT_NVC_MODIFIED                  NEW const.

==== mjpegtools ====
Subpackages: libmjpegutils-2_2-0 libmpeg2encpp-2_2-0 libmplex2-2_2-0

- add patches from upstream to fix gcc15 compile time errors and
 some warnings:  mjpegtools-gcc15.patch, mjpegtools-lto.patch,
 mjpegtools-c99-configure.patch
- add patch mjpegtools-c++-17.patch (from gentoo) to silence
 std=c++17 warnings

==== python-MarkupSafe ====

- Make the dist-info name case-insensitive
- Lowercase metadata directory name.

==== python-PyJWT ====

- Just use a wildcard for the dist-info metadata to make it
 properly work on all setuptools versions.
- Wrap the metadata directory name in a distro-based conditional
- Lowercase metadata directory name.

==== runc ====
Version update (1.2.5 -> 1.2.6)

- Update to runc v1.2.6. Upstream changelog is available from
 <https://github.com/opencontainers/runc/releases/tag/v1.2.6>.

==== selinux-policy ====
Version update (20250403 -> 20250410)
Subpackages: selinux-policy-targeted

- Update to version 20250410:
 * Allow login to podman container from tty (bsc#1238709)
 * Add an rpmbuild test to the gitlab-ci
- Add ugly workaround for semodule removal issues
 (bsc#1221342 bsc#1238062 bsc#1230643 bsc#1230938)
 Can be dropped when PED-12491 is done.

==== systemd ====
Version update (257.4 -> 257.5)
Subpackages: libsystemd0 libudev1 systemd-boot systemd-experimental udev

- Import commit c10a66fb4dd34b86d42fa92501bd88db63df479a (merge of v257.5)
 This merge includes the following fix:
   9b52c10986 test-network: replace symlink to 99-default.link with a copy
   d7577221b8 man/pstore.conf: pstore.conf template is not always installed in /etc
   62071a984d man: coredump.conf template is not always installed in /etc (bsc#1237496)
 For a complete list of changes, visit:
 https://github.com/openSUSE/systemd/compare/f133e5974e69708d7491d4823780690c913f7bda...c10a66fb4dd34b86d42fa92501bd88db63df479a

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.