Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&version=Tumbleweed&build=20260310 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: GraphicsMagick MozillaFirefox (147.0.4 -> 148.0) gcc16 (15.2.1+git10776 -> 16.0.1+git7922) lightdm ncurses (6.6.20260301 -> 6.6.20260307) nvidia-open-driver-G07-signed nvidia-open-driver-G07-signed-cuda (590.48.01_k6.19.6_1 -> 595.45.04_k6.19.6_1) openSUSE-release (20260308 -> 20260310) pipewire (1.6.0 -> 1.6.1) postfix (3.10.8 -> 3.11.0) python-jmespath (1.0.1 -> 1.1.0) python-numpy (2.4.2 -> 2.4.3) python-psutil (7.1.3 -> 7.2.2) python311 (3.11.14 -> 3.11.15) python311-core (3.11.14 -> 3.11.15) ristretto (0.13.4 -> 0.14.0) selinux-policy (20260303 -> 20260310) systemd (258.5 -> 259.3) xfce4-terminal (1.1.5 -> 1.2.0) xfsprogs xorg-x11-server yast2-trans (84.87.20260222.1fea9d3cc7 -> 84.87.20260308.fd00aeb5d4) === Details === ==== GraphicsMagick ==== Subpackages: libGraphicsMagick++-Q16-12 libGraphicsMagick-Q16-3 libGraphicsMagick3-config - security update - added patches CVE-2026-25799 [bsc#1258786], Division-by-Zero in YUV sampling factor validation leads to crash * GraphicsMagick-CVE-2026-25799.patch ==== MozillaFirefox ==== Version update (147.0.4 -> 148.0) Subpackages: MozillaFirefox-branding-upstream - Mozilla Firefox 148.0 * https://www.firefox.com/en-US/firefox/148.0/releasenotes MFSA 2026-13 (bsc#1258568) * CVE-2026-2757 (bmo#2001637) Incorrect boundary conditions in the WebRTC: Audio/Video component * CVE-2026-2794 (bmo#2008365) Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android * CVE-2026-2758 (bmo#2009608) Use-after-free in the JavaScript: GC component * CVE-2026-2759 (bmo#2010933) Incorrect boundary conditions in the Graphics: ImageLib component * CVE-2026-2795 (bmo#2010940) Use-after-free in the JavaScript: GC component * CVE-2026-2760 (bmo#2011062) Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component * CVE-2026-2761 (bmo#2011063) Sandbox escape in the Graphics: WebRender component * CVE-2026-2762 (bmo#2011649) Integer overflow in the JavaScript: Standard Library component * CVE-2026-2763 (bmo#2012018) Use-after-free in the JavaScript Engine component * CVE-2026-2764 (bmo#2012608) JIT miscompilation, use-after-free in the JavaScript Engine: JIT component * CVE-2026-2796 (bmo#2013165) JIT miscompilation in the JavaScript: WebAssembly component * CVE-2026-2797 (bmo#2013561) Use-after-free in the JavaScript: GC component * CVE-2026-2765 (bmo#2013562) Use-after-free in the JavaScript Engine component * CVE-2026-2766 (bmo#2013583) Use-after-free in the JavaScript Engine: JIT component * CVE-2026-2767 (bmo#2013741) Use-after-free in the JavaScript: WebAssembly component * CVE-2026-2768 (bmo#2014101) Sandbox escape in the Storage: IndexedDB component * CVE-2026-2798 (bmo#2014136) Use-after-free in the DOM: Core & HTML component * CVE-2026-2769 (bmo#2014550) Use-after-free in the Storage: IndexedDB component * CVE-2026-2799 (bmo#2014551) Use-after-free in the DOM: Core & HTML component * CVE-2026-2770 (bmo#2014585) Use-after-free in the DOM: Bindings (WebIDL) component * CVE-2026-2771 (bmo#2014593) Undefined behavior in the DOM: Core & HTML component * CVE-2026-2772 (bmo#2014827) Use-after-free in the Audio/Video: Playback component * CVE-2026-2773 (bmo#2014832) Incorrect boundary conditions in the Web Audio component * CVE-2026-2774 (bmo#2014883) Integer overflow in the Audio/Video component * CVE-2026-2775 (bmo#2015199) Mitigation bypass in the DOM: HTML Parser component * CVE-2026-2776 (bmo#2015266) Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software * CVE-2026-2777 (bmo#2015305) Privilege escalation in the Messaging System component * CVE-2026-2778 (bmo#2016358) Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component * CVE-2026-2779 (bmo#1164141) Incorrect boundary conditions in the Networking: JAR component * CVE-2026-2800 (bmo#1988145) Spoofing issue in the WebAuthn component in Firefox for Android * CVE-2026-2780 (bmo#2007829) Privilege escalation in the Netmonitor component * CVE-2026-2781 (bmo#2009552) Integer overflow in the Libraries component in NSS * CVE-2026-2801 (bmo#2009901) Incorrect boundary conditions in the JavaScript: WebAssembly component * CVE-2026-2782 (bmo#2010743) Privilege escalation in the Netmonitor component * CVE-2026-2783 (bmo#2010943) Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component * CVE-2026-2802 (bmo#2011069) Race condition in the JavaScript: GC component * CVE-2026-2803 (bmo#2012012) Information disclosure, mitigation bypass in the Settings UI component * CVE-2026-2784 (bmo#2012984) Mitigation bypass in the DOM: Security component * CVE-2026-2785 (bmo#2013549) Invalid pointer in the JavaScript Engine component * CVE-2026-2804 (bmo#2013584) Use-after-free in the JavaScript: WebAssembly component * CVE-2026-2786 (bmo#2013612) Use-after-free in the JavaScript Engine component * CVE-2026-2805 (bmo#2014549) Invalid pointer in the DOM: Core & HTML component * CVE-2026-2787 (bmo#2014560) Use-after-free in the DOM: Window and Location component * CVE-2026-2788 (bmo#2014824) Incorrect boundary conditions in the Audio/Video: GMP component ... changelog too long, skipping 18 lines ... - added mozilla-breakpad.patch to fix build ==== gcc16 ==== Version update (15.2.1+git10776 -> 16.0.1+git7922) Subpackages: libasan8 libatomic1 libgcc_s1 libgccjit0 libgfortran5 libgomp1 libhwasan0 libitm1 liblsan0 libobjc4 libstdc++6 libstdc++6-pp libtsan2 libubsan1 - Update to 16.0.1+git7922 - Disable rust build for Factory by default again as it still requires cargo for building. Add %bcond_with gcc_rust to allow override. - Add gcc15-Wtime_t-conversion.patch, filter out -Wtime_t conversion from D build flags. - Bump disk requirement to 32gb to cater for armv7l. - Update to 16.0.1+git7751 - Package libcaf_shmem.a ==== lightdm ==== Subpackages: liblightdm-gobject-1-0 lightdm-bash-completion lightdm-lang - No longer rely on gdmflexiserver: this no longer exists with GNOME 50. lightdm has its own implementation anyway. - Drop lightdm-set-gdmflexiserver-envvar.patch ==== ncurses ==== Version update (6.6.20260301 -> 6.6.20260307) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20260307 + add tic checks for pairs of user-caps strings which are listed in Caps-ncurses. + fix a few gcc warnings. + fix inconsistent checks for expanding special characters with infocmp - L option (report by Stephane Chazelas). ==== nvidia-open-driver-G07-signed ==== Subpackages: nvidia-open-driver-G07-signed-kmp-64kb nvidia-open-driver-G07-signed-kmp-default - update CUDA variant to 595.45.04 - supersedes kernel-6.19.patch - kernel-5.14.patch: fixed build of 595.45.04 driver on SP4 ==== nvidia-open-driver-G07-signed-cuda ==== Version update (590.48.01_k6.19.6_1 -> 595.45.04_k6.19.6_1) Subpackages: nvidia-open-driver-G07-signed-cuda-kmp-64kb nvidia-open-driver-G07-signed-cuda-kmp-default - update CUDA variant to 595.45.04 - supersedes kernel-6.19.patch - kernel-5.14.patch: fixed build of 595.45.04 driver on SP4 ==== openSUSE-release ==== Version update (20260308 -> 20260310) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== pipewire ==== Version update (1.6.0 -> 1.6.1) Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Update to version 1.6.1: * This is a bugfix release that is API and ABI compatible with the previous 1.6.x releases. * Highlights - Fix socket activation, which could cause a failure to start PipeWire in some setups. - Fix crashes in many JACK apps when nodes/ports are quickly added/removed such as when there are notifications (like when changing the volume in KDE). - Fix playback of encoded formats in pw-cat again. - Some other smaller fixes and improvements. * Modules - Fix socket activation. (#5140 (closed)) - Remove node.link-group from driver nodes. * SPA - Fix the libcamera stop sequence. * JACK - Never return NULL from jack_port_by_id(). (#3512 (closed)) * GStreamer - Improve the timestamps on buffers. * Tools - Fix playback of encoded formats. (#5155 (closed)) - Remove patch which is already merged in 1.6.1: * 0002-module-protocol-native-Fix-socket-activation.patch ==== postfix ==== Version update (3.10.8 -> 3.11.0) - update to 3.11.0 * Some (Linux) distributions are removing support for BerkeleyDB databases (In Postfix, this means we lose support for the hash: and btree: lookup tables). See NON_BERKELEYDB_README for manual and partially automatic migration from btree: to lmdb:, and from hash: to lmdb: or cdb:. * The loss of BerkeleyDB affects Mailman versions that want to execute commands like "postmap hash:/path/to/file" when a mailing list is added or removed. Postfix provides a way to redirect such commands to a supported database type. * You don't have to wait until BerkeleyDB support is removed. It can make sense to migrate while BerkeleyDB support is still available (mainly, less downtime). * Default TLS security. The Postfix SMTP client smtp_tls_security_level default value is "may" if Postfix was built with TLS support, and the compatibility_level is 3.11 or higher. * Support for the RFC 8689 "REQUIRETLS" verb in ESMTP. This requires that every SMTP (and LMTP) server in the forward path is strongly authenticated with DANE, STS, or equivalent, and that every server announces REQUIRETLS support. * Logging the TLS security level. This shows the desired and actual TLS security level enforcement status and, if a message requests REQUIRETLS, the REQUIRETLS policy enforcement status. For a list of examples see smtp_log_tls_feature_status * Workaround for an interface mismatch between the Postfix SMTP client and MTA-STS policy plugins. This introduces a new parameter smtp_tls_enforce_sts_mx_patterns (default: "yes"). The MTA-STS plugin configuration needs to enable TLSRPT support, so that it forwards STS policy attributes to Postfix. Both postfix-tlspol and postfix-mta-sts-resolver have been updated accordingly. * Post-quantum cryptography support. With OpenSSL 3.5 and later, change the tls_eecdh_auto_curves default value to avoid problems with network infrastructure that mishandles TLS hello messages larger than one (Ethernet) TCP segment. This problem is more generally known as "protocol ossification". * Deprecation of obsolete parameters. Postfix programs log a warning that these parameters will be removed. See DEPRECATION_README for a list of deprecated parameters. * JSON output support with "postconf -j|-jM|-jF|-jP", "postalias - jq|-js", "postmap -jq|-js", and "postmulti -jl". No support is planned for JSON input support. * Milter support: improved Milter error handling for messages that arrive over a long-lived SMTP connection, by changing the default milter_default_action from "tempfail" to the new "shutdown" action (i.e. disconnect the remote SMTP client). This was already back-ported to earlier stable releases. - refreshed patches % postfix-linux45.patch % set-default-db-type.patch ==== python-jmespath ==== Version update (1.0.1 -> 1.1.0) - Update to 1.1.0 * Fix concurrency issue with cache * Added support for Python 3.12-3.14 * Removed support for Python 3.7-3.8 - Rename LICENSE.txt to LICENSE in %license section ==== python-numpy ==== Version update (2.4.2 -> 2.4.3) Subpackages: python311-numpy python313-numpy - update to 2.4.3: * Prepare 2.4.x for further development * Fix some leaks found via LeakSanitizer (#30756) * Synchronize 2.4.x submodules with main * missing extended precision imports * Fix weak hash function in np.isin(). (#30840) * fix infinite recursion in np.ma.flatten_structured_array... * Fix buffer overrun in CPU baseline validation (#30877) * Fix busdaycalendar's handling of a bool array weekmask.... * Fix reference leaks and NULL pointer dereferences (#30908) * fix two minor issues noticed when touching the C API setup * Test .kind not .char in np.testing.assert_equal (#30879) * fix type issues in uses if PyDataType macros * Don't use vulture 2.15, it has false positives * update openblas (#30961) ==== python-psutil ==== Version update (7.1.3 -> 7.2.2) Subpackages: python311-psutil python313-psutil - Update to 7.2.2: * Process.wait() now uses pidfd_open() + poll() for waiting, resulting in no busy loop and faster response times. Requires Linux >= 5.3 and Python >= 3.9. Falls back to traditional polling if unavailable. * new heap_info() and heap_trim() functions, providing direct access to the platform's native C heap allocator (glibc, mimalloc, libmalloc). * unit tests are no longer installed / part of the distribution. They now live under tests/ instead of psutil/tests. - Drop patch pytest9.patch, merged upstream. ==== python311 ==== Version update (3.11.14 -> 3.11.15) Subpackages: python311-curses python311-dbm - Update to 3.11.15: - Security - gh-144125: BytesGenerator will now refuse to serialize (write) headers that are unsafely folded or delimited; see verify_generated_headers. (Contributed by Bas Bloemsaat and Petr Viktorin in gh-121650). - gh-143935: Fixed a bug in the folding of comments when flattening an email message using a modern email policy. Comments consisting of a very long sequence of non-foldable characters could trigger a forced line wrap that omitted the required leading space on the continuation line, causing the remainder of the comment to be interpreted as a new header field. This enabled header injection with carefully crafted inputs (bsc#1257029 CVE-2025-11468). - gh-143925: Reject control characters in data: URL media types (bsc#1257046, CVE-2025-15282). - gh-143919: Reject control characters in http.cookies.Morsel fields and values (bsc#1257031, CVE-2026-0672). - gh-143916: Reject C0 control characters within wsgiref.headers.Headers fields, values, and parameters (bsc#1257042, CVE-2026-0865). - gh-142145: Remove quadratic behavior in xml.minidom node ID cache clearing. In order to do this without breaking existing users, we also add the ownerDocument attribute to xml.dom.minidom elements and attributes created by directly instantiating the Element or Attr class. Note that this way of creating nodes is not supported; creator functions like xml.dom.Document.documentElement() should be used instead (bsc#1254997, CVE-2025-12084). - gh-137836: Add support of the âplaintextâ element, RAWTEXT elements âxmpâ, âiframeâ, ânoembedâ and ânoframesâ, and optionally RAWTEXT element ânoscriptâ in html.parser.HTMLParser. - gh-136063: email.message: ensure linear complexity for legacy HTTP parameters parsing. Patch by Bénédikt Tran. - gh-136065: Fix quadratic complexity in os.path.expandvars() (bsc#1252974, CVE-2025-6075). - gh-119451: Fix a potential memory denial of service in the http.client module. When connecting to a malicious server, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes (CVE-2025-13836, bsc#1254400). - gh-119452: Fix a potential memory denial of service in the http.server module. When a malicious user is connected to the CGI server on Windows, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes. - gh-119342: Fix a potential memory denial of service in the plistlib module. When reading a Plist file received from untrusted source, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes (bsc#1254401, CVE-2025-13837). - Library - gh-144833: Fixed a use-after-free in ssl when SSL_new() returns NULL in newPySSLSocket(). The error was reported via a dangling pointer after the object had already been freed. - gh-144363: Update bundled libexpat to 2.7.4 - gh-90949: Add SetAllocTrackerActivationThreshold() and SetAllocTrackerMaximumAmplification() to xmlparser objects to prevent use of disproportional amounts of dynamic memory from within an Expat parser. Patch by Bénédikt Tran. - Core and Builtins - gh-120384: Fix an array out of bounds crash in list_ass_subscript, which could be invoked via some specificly tailored input: including concurrent modification of a list object, where one thread assigns a slice and another clears it. - gh-120298: Fix use-after free in list_richcompare_impl which can be invoked via some specificly tailored evil input. Remove upstreamed patches: - CVE-2025-11468-email-hdr-fold-comment.patch - CVE-2025-12084-minidom-quad-search.patch - CVE-2025-13836-http-resp-cont-len.patch - CVE-2025-13837-plistlib-mailicious-length.patch - CVE-2025-6075-expandvars-perf-degrad.patch - CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch - CVE-2026-0865-wsgiref-ctrl-chars.patch - CVE-2025-15282-urllib-ctrl-chars.patch ==== python311-core ==== Version update (3.11.14 -> 3.11.15) Subpackages: libpython3_11-1_0 python311-base - Update to 3.11.15: - Security - gh-144125: BytesGenerator will now refuse to serialize (write) headers that are unsafely folded or delimited; see verify_generated_headers. (Contributed by Bas Bloemsaat and Petr Viktorin in gh-121650). - gh-143935: Fixed a bug in the folding of comments when flattening an email message using a modern email policy. Comments consisting of a very long sequence of non-foldable characters could trigger a forced line wrap that omitted the required leading space on the continuation line, causing the remainder of the comment to be interpreted as a new header field. This enabled header injection with carefully crafted inputs (bsc#1257029 CVE-2025-11468). - gh-143925: Reject control characters in data: URL media types (bsc#1257046, CVE-2025-15282). - gh-143919: Reject control characters in http.cookies.Morsel fields and values (bsc#1257031, CVE-2026-0672). - gh-143916: Reject C0 control characters within wsgiref.headers.Headers fields, values, and parameters (bsc#1257042, CVE-2026-0865). - gh-142145: Remove quadratic behavior in xml.minidom node ID cache clearing. In order to do this without breaking existing users, we also add the ownerDocument attribute to xml.dom.minidom elements and attributes created by directly instantiating the Element or Attr class. Note that this way of creating nodes is not supported; creator functions like xml.dom.Document.documentElement() should be used instead (bsc#1254997, CVE-2025-12084). - gh-137836: Add support of the âplaintextâ element, RAWTEXT elements âxmpâ, âiframeâ, ânoembedâ and ânoframesâ, and optionally RAWTEXT element ânoscriptâ in html.parser.HTMLParser. - gh-136063: email.message: ensure linear complexity for legacy HTTP parameters parsing. Patch by Bénédikt Tran. - gh-136065: Fix quadratic complexity in os.path.expandvars() (bsc#1252974, CVE-2025-6075). - gh-119451: Fix a potential memory denial of service in the http.client module. When connecting to a malicious server, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes (CVE-2025-13836, bsc#1254400). - gh-119452: Fix a potential memory denial of service in the http.server module. When a malicious user is connected to the CGI server on Windows, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes. - gh-119342: Fix a potential memory denial of service in the plistlib module. When reading a Plist file received from untrusted source, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes (bsc#1254401, CVE-2025-13837). - Library - gh-144833: Fixed a use-after-free in ssl when SSL_new() returns NULL in newPySSLSocket(). The error was reported via a dangling pointer after the object had already been freed. - gh-144363: Update bundled libexpat to 2.7.4 - gh-90949: Add SetAllocTrackerActivationThreshold() and SetAllocTrackerMaximumAmplification() to xmlparser objects to prevent use of disproportional amounts of dynamic memory from within an Expat parser. Patch by Bénédikt Tran. - Core and Builtins - gh-120384: Fix an array out of bounds crash in list_ass_subscript, which could be invoked via some specificly tailored input: including concurrent modification of a list object, where one thread assigns a slice and another clears it. - gh-120298: Fix use-after free in list_richcompare_impl which can be invoked via some specificly tailored evil input. Remove upstreamed patches: - CVE-2025-11468-email-hdr-fold-comment.patch - CVE-2025-12084-minidom-quad-search.patch - CVE-2025-13836-http-resp-cont-len.patch - CVE-2025-13837-plistlib-mailicious-length.patch - CVE-2025-6075-expandvars-perf-degrad.patch - CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch - CVE-2026-0865-wsgiref-ctrl-chars.patch - CVE-2025-15282-urllib-ctrl-chars.patch ==== ristretto ==== Version update (0.13.4 -> 0.14.0) Subpackages: ristretto-lang - Update to version 0.14.0 * build: Rename POTFILES.in to POTFILES * Autoscale image when printing only when bigger than page size * Improve printing management * image-list: Avoid undefined behavior with zero-length vla * metadata: Add vcs-browser URL * Use CAIRO_FILTER_GOOD instead of BILINEAR when smoothing is enabled * build: Fix typo in optimization level * Set prgname to application ID * ephemeral-file: Don't show directory loading error for non-native filesystems * ephemeral-file: Treating files received via http, https as ephemeral * ephemeral-file: Treating /dev/stdin as an ephemeral file * ephemeral-file: Handling ephemeral files in the interface * ephemeral-file: Added ephemeral flag to RsttoFile * sort-sync: Fix a RsttoFileManagerIntegration leak * preferences: Fix string leak in cb_update_file_manager_buttons * sort-sync: Implementation of integration with Thunar * sort-sync: Infrastructure for integration with a file manager * sort-sync: Sorting by type has a fallback path if the type is the same * sort-sync: Added sorting direction * sort-sync: Added sorting by file size * Fix leaks with GtkRecentFilter objects * README.md: Add uninstall info * Remove autotools build * Fix scan-build job * Add option to shuffle images * Fix a -Wunreachable-code-break warning reported by clang * Fix a -Wduplicated-branches warning with GCC * main_window: Fix -Wcomma warnings * Update README after switchover to meson * flatpak: Drop unused patch * Translation Updates - Remove bcond_with git elements ==== selinux-policy ==== Version update (20260303 -> 20260310) Subpackages: selinux-policy-targeted - Update to version 20260310: * Allow wtmpdbd to read pidfs (bsc#1259444) * Allow systemd-mountfsd the perfmon capability * Allow lttng tracing in default configuration * Allow rtkit-daemon write systemd inhibit pipes * Apply the systemd system generator template to the kdump-dep generator * Apply the systemd system generator template to the anaconda generator * Dontaudit ps permissions that tlp_t does not need (bsc#1257527) * TLP uses ps aux to check for different services (bsc#1257527) * Introduce separate types for generic systemd generators. * Confine system generator nm-initrd-generator.sh (bsc#1257754) * Allow rtkit-daemon dbus chat with systemd-logind * ecryptfs uses /home/.ecryptfs for full homedir encryption (bsc#1258350) * Dontaudit tlshd write generic certificate dirs - Syncing with upstream rawhide selinux-policy up to: * 8507a66c816a382439d4933cfff14c8ee8a83d1e ==== systemd ==== Version update (258.5 -> 259.3) Subpackages: libsystemd0 libudev1 systemd-boot systemd-container udev - Import commit 1e9dbf558f2578c5f0a38a20cd93950de5d7b648 (merge of v259.3) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/5f4e99cfd5cc08a0e4daa83e570a9a1bcb28a940...1e9dbf558f2578c5f0a38a20cd93950de5d7b648 - Upgrade to v259.2 (commit 5f4e99cfd5cc08a0e4daa83e570a9a1bcb28a940) See https://github.com/openSUSE/systemd/blob/SUSE/v259/NEWS for details. - Rebase 5001-Revert-udev-update-devlink-with-the-newer-device-nod.patch - libacl, libblkid, libseccomp, libselinux and libmount support are implemented via dlopen(). Although these are technically optional, we still require them to avoid loosing important features. - systemd no longer links against libcap at all. The simple system call wrappers and other APIs it provides have been reimplemented directly in systemd. - Add unpackaged udev files for loongarch64. ==== xfce4-terminal ==== Version update (1.1.5 -> 1.2.0) Subpackages: xfce4-terminal-lang - Update to version 1.2.0 * build: Rename POTFILES.in to POTFILES * build: Make xsltproc dependency optional * Fix previous commit * Delay tab title update on contents changed to avoid high cpu usage * cleanup: Move function and set static qualifier * Do not escape non-ASCII characters in dnded uris * build: Add 'doc' configure option * Escape special characters in dnded uris * build: Fix typo in optimization level * doc: Add "bugs" section to man page * search: Shift+Enter for Next; remove throttling * wayland: dropdown: Handle output disconnection * I18n: Update po/LINGUAS list * Allow handling middle click event by terminal applications * Fix shift + right click propagation to terminal apps * README.md: Add uninstall info * Fix hyperlink-related leaks in terminal_widget_get_link * Remove autotools build * Use XfceNotebook from libxfce4ui * Fix "Copy link address" on kwin_wayland * prefs-dialog: Expose hidden setting 'misc-highlight-urls' * cleanup: Remove '== (TRUE|FALSE)' * Update README after switchover to meson * Adjust include order for FreeBSD * meson-build: Fix manpage install dir * Translation Updates - Remove bcond_with git elements ==== xfsprogs ==== Subpackages: libhandle1 - xfsprogs: move the xfs_scrub_all manpage into the scrub pkg The xfs_scrub_all command and service files are all part of the xfsprogs-scrub package. Move the xfs_scrub_all manpage there to match that. ==== xorg-x11-server ==== Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra - Add u_xf86-Accept-devices-with-the-kernel-s-corebootdrm-dr.patch: Enables Xorg to make use of the kernel's corebootdrm driver. Taken from upstream. (bsc#1258262) ==== yast2-trans ==== Version update (84.87.20260222.1fea9d3cc7 -> 84.87.20260308.fd00aeb5d4) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20260308.fd00aeb5d4: * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Georgian) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Catalan) * Translated using Weblate (Georgian) * Translated using Weblate (Georgian) * Translated using Weblate (Georgian) * Translated using Weblate (Georgian) * Translated using Weblate (Japanese) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Japanese) * Translated using Weblate (Danish) * Translated using Weblate (Danish) * Translated using Weblate (Indonesian) * Translated using Weblate (German) * Translated using Weblate (Slovak) * Translated using Weblate (Greek) * Translated using Weblate (Greek) * Translated using Weblate (Greek) * Translated using Weblate (Greek) * Translated using Weblate (Greek) * Translated using Weblate (Greek) * Translated using Weblate (Greek) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Slovak) * Translated using Weblate (Indonesian) * Translated using Weblate (Indonesian) * Translated using Weblate (Catalan)
