Packages changed: 389-ds (2.1.1~git13.beb382e1b -> 2.1.1~git22.faef73366) dmraid (1.0.0.rc16 -> 1.0.0.rc16.3) gnome-remote-desktop (42.1.1 -> 42.2) gnutls (3.7.4 -> 3.7.6) libdvdread (6.1.2 -> 6.1.3) libheif libmbim (1.26.2 -> 1.26.4) libstorage-ng (4.5.14 -> 4.5.16) ntfs-3g_ntfsprogs (2021.8.22 -> 2022.5.17) python-fs (2.4.15 -> 2.4.16) python-zipp (3.7.0 -> 3.8.0) systemd virt-manager yast2-trans (84.87.20220520.670357a704 -> 84.87.20220527.e399b59cf0) === Details === ==== 389-ds ==== Version update (2.1.1~git13.beb382e1b -> 2.1.1~git22.faef73366) Subpackages: lib389 libsvrcore0 - bsc#1199889 - CVE-2022-1949 - full access control bypass with simple crafted query, resolved by Issue 5170. - Update to version 2.1.1~git22.faef73366: * Issue 5302 - Release tarballs don't contain cockpit webapp * Issue 5237 - audit-ci: Cannot convert undefined or null to object * Issue 5170 - BUG - ldapsubentries were incorrectly returned (#5285) * Issue 4970 - Add support for recursively deleting subentries * Issue 5284 - Replication broken after password change (#5286) * Issue 5291 - Harden ReplicationManager.wait_for_replication (#5292) * Issue 5170 - RFE - Filter optimiser (#5171) * Issue 5276 - CLI - improve task handling * Issue 5273 - CLI - add arg completer for instance name * Issue 2893 - CLI - dscreate - add options for setting up replication ==== dmraid ==== Version update (1.0.0.rc16 -> 1.0.0.rc16.3) - Update to 1.0.0.rc16 patch level 3 - Drop upstream fixed and resolved dmraid-destdir.patch, dmraid-1.0.0.rc16-cvs-2010-02-02.patch, lib-install.patch, fix-return-function-type.patch and handle_spaces - Drop remove_trylock, only required for very old glibc versions (openSUSE 11.x) ==== gnome-remote-desktop ==== Version update (42.1.1 -> 42.2) Subpackages: gnome-remote-desktop-lang - Update to version 42.2: + rdp-graphics-pipeline: Measure bandwidth when sending frame updates. + session-rdp: Handle queued bandwidth measure stop operations. + rdp/nw-auto: Add APIs for bandwidth measurement. + rdp/nw-auto: Also notify client about network characteristics results. + rdp/nw-auto: Turn ping info condition into assertion. + rdp/nw-auto: Assert RTT consumer != NONE, when removing RTT consumer. + rdp/nw-auto: Remove superfluous if condition. + rdp/nw-auto: Fix initial ping source not being created. + rdp/rdpgfx: Create RTT pause source while GFX mutex is locked. + Updated translations. ==== gnutls ==== Version update (3.7.4 -> 3.7.6) Subpackages: libgnutls-dane0 libgnutls30 libgnutls30-32bit libgnutls30-hmac - Update to version 3.7.6: * libgnutls: Fixed invalid write when gnutls_realloc_zero() is called with new_size < old_size. This bug caused heap corruption when gnutls_realloc_zero() has been set as gmp reallocfunc. * Remove gnutls-3.7.5-fix-gnutls_realloc_zero.patch: Fixed upstream. - Add gnutls-3.7.5-fix-gnutls_realloc_zero.patch: Fix memory corruption in gnutls_realloc_zero (gl#gnutls/gnutls#1367, boo#1199929). - update to 3.7.5: * add options disable session ticket usage in TLS 1.2 because it does not provide forward secrecy * For TLS 1.3 where session tickets do provide forward secrecy, the PFS priority string now only disables session tickets in TLS 1.2. * Future backward incompatibility: in the next major release of GnuTLS those flag and modifier are planned to be removed * gnutls-cli, gnutls-serv: Channel binding for printing information has been changed from tls-unique to tls-exporter as tls-unique is not supported in TLS 1.3. * Certificate sanity checks has been enhanced to make gnutls more RFC 5280 compliant: * Removed 3DES from FIPS approved algorithms * Optimized support for AES-SIV-CMAC algorithms * libgnutls: HKDF and AES-GCM algorithms are now approved in FIPS-140 mode when used in TLS ==== libdvdread ==== Version update (6.1.2 -> 6.1.3) - update to 6.1.3: * Improvements for OpenBSD * Fix crashes on some DVD (0 PCGI SRP) * Misc source fixes and cleanups, including fixes for recent toolchains ==== libheif ==== - Add missing gdk-pixbuf loader scriptlets (bsc#1199987). - Recommend gdk-pixbuf-loader-libheif whenever both related packages are installed. ==== libmbim ==== Version update (1.26.2 -> 1.26.4) Subpackages: libmbim-glib4 mbimcli-bash-completion - update to 1.26.4: * meson: force building doc on normal builds, not only during install. * meson: fix 'export_packages' in GIR setup. * compat: deprecate the MbimLteAttachStatus type. * net-port-manager: use unaligned netlink attribute length. * include MBIM proxy control service in docs. * codegen: add section doc for each service. * utils: add missing short description in section. * compat: add missing MbimLteAttachStatus doc. * device: add missing mbim_device_list_links() doc. * device: fix MbimDevice 'device-in-session' property doc. * version: add missing MBIM_CHECK_VERSION() documentation. * device: fix wrong reference to QmiDevice * Several other minor improvements and fixes. ==== libstorage-ng ==== Version update (4.5.14 -> 4.5.16) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#881 - increase disk size requirement in obs to avoid build failures - 4.5.16 - merge gh#openSUSE/libstorage-ng#880 - added partition id for linux-server-data - 4.5.15 ==== ntfs-3g_ntfsprogs ==== Version update (2021.8.22 -> 2022.5.17) Subpackages: libntfs-3g89 ntfs-3g ntfsprogs - update to 2022.5.17 (bsc#1199978): * Improved defence against maliciously tampered NTFS partitions * Improved defence against improper use of options * Updated the documentation * CVE-2022-30783, CVE-2022-30785, CVE-2022-30787 * CVE-2021-46790, CVE-2022-30784, CVE-2022-30786, * CVE-2022-30788, CVE-2022-30789 ==== python-fs ==== Version update (2.4.15 -> 2.4.16) - update to 2.4.16: * Make `fs.zipfs._ZipExtFile` use the seeking mechanism implemented in the Python standard library in Python version 3.7 and later * Mark `fs.zipfs.ReadZipFS` as a case-sensitive filesystem * Optimized moving files between filesystems with syspaths. * Fixed `fs.move.move_file` to clean up the copy on the destination in case of errors. * `fs.opener.manage_fs` with `writeable=True` will now raise a `ResourceReadOnly` exception if the managed filesystem is not writeable. * Marked filesystems wrapped with `fs.wrap.WrapReadOnly` as read-only. ==== python-zipp ==== Version update (3.7.0 -> 3.8.0) - update to 3.8.0: * Removed compatibility code. ==== systemd ==== Subpackages: libsystemd0 libsystemd0-32bit libudev1 libudev1-32bit systemd-32bit systemd-container systemd-devel systemd-lang udev - Update rpmlintrc for shlib-policy-name-error/multibuild case. ==== virt-manager ==== Subpackages: virt-install virt-manager-common - Change dependency on package xorriso to Requires from Recommends virt-manager.spec ==== yast2-trans ==== Version update (84.87.20220520.670357a704 -> 84.87.20220527.e399b59cf0) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20220527.e399b59cf0: * New POT for text domain 'registration'. * New POT for text domain 'packager'. * New POT for text domain 'storage'.