Packages changed: Mesa (20.1.6 -> 20.1.7) Mesa-drivers (20.1.6 -> 20.1.7) brotli (1.0.7 -> 1.0.9) gpg2 (2.2.21 -> 2.2.23) patterns-microos pipewire (0.3.9 -> 0.3.10) podman (2.0.5 -> 2.0.6) read-only-root-fs vulkan-loader (1.2.148 -> 1.2.151) xen === Details === ==== Mesa ==== Version update (20.1.6 -> 20.1.7) Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - update to 20.1.7 * seventh bugfix release for the 20.1 branch - switched to llvm9 usage for Leap/SLE15 since llvm10 is not (yet) in Leap/SLE15 - version 20.1.6 needed for jira#SLE/SLE-12880, jira#SLE/SLE-12882 - use again /etc/OpenCL/vendors for openSUSE Leap, i.e. use /usr/etc/OpenCL/vendors only for Tumbleweed ==== Mesa-drivers ==== Version update (20.1.6 -> 20.1.7) Subpackages: Mesa-dri Mesa-gallium - update to 20.1.7 * seventh bugfix release for the 20.1 branch - switched to llvm9 usage for Leap/SLE15 since llvm10 is not (yet) in Leap/SLE15 - version 20.1.6 needed for jira#SLE/SLE-12880, jira#SLE/SLE-12882 - use again /etc/OpenCL/vendors for openSUSE Leap, i.e. use /usr/etc/OpenCL/vendors only for Tumbleweed ==== brotli ==== Version update (1.0.7 -> 1.0.9) Subpackages: libbrotlicommon1 libbrotlidec1 - Add 0001-Revert-Add-runtime-linker-path-to-pkg-config-files-7.patch - Update to 1.0.9 * Fix integer overflow when input chunk is longer than 2GiB [boo#1175825] * `brotli -v` now reports raw / compressed size * decoder: minor speed / memory usage improvements * encoder: fix rare access to uninitialized data in ring-buffer - Drop brotli_Ensure-decompression-consumes-all-input.patch, brotli_Verbose-CLI+Shared-Brotli.patch (merged) ==== gpg2 ==== Version update (2.2.21 -> 2.2.23) - GnuPG 2.2.23: * gpg: fix AHEAD preference list overflow boo#1176034 / CVE-2020-25125 * gpg: fix possible segv in the key cleaning code * gpgsm: fix a minor RFC2253 parser gub * scdaemon: Fix a PIN verify failure on certain OpenPGP card implementations - GnuPG 2.2.22: * gpg: Change the default key algorithm to rsa3072 * gpg: Add regular expression support for Trust Signatures on all platforms * gpg: Ignore --personal-digest-prefs for ECDSA keys * gpgsm: Make rsaPSS a de-vs compliant scheme * gpgsm: Show also the SHA256 fingerprint in key listings * gpgsm: Do not require a default keyring for --gpgconf-list * gpg-agent: Default to extended key format and record the creation time of keys Add new option --disable-extended-key-format * gpg-agent: Support the WAYLAND_DISPLAY envvar * gpg-agent: Allow using --gpgconf-list even if HOME does not exist * gpg-agent: Make the Pinentry work even if the envvar TERM is set to the empty string * scdaemon: Add a workaround for Gnuk tokens <= 2.15 which wrongly incremented the error counter when using the "verify" command of "gpg --edit-key" with only the signature key being present * dirmngr: Better handle systems with disabled IPv6 * gpgpslit: Install tool. It was not installed in the past to avoid conflicts with the version installed by GnuPG 1.4 * gpgtar: Make --files-from and --null work as documented - drop gnupg-gpgme-t-encrypt-sym.patch, upstream ==== patterns-microos ==== Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-basesystem patterns-microos-cloud patterns-microos-defaults patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-selinux patterns-microos-sssd_ldap - Remove vim as we use now vim-small - Add lvm2 and nvme-cli to the medium as YaST may need them [bsc#1175841] ==== pipewire ==== Version update (0.3.9 -> 0.3.10) Subpackages: libpipewire-0_3-0 pipewire-modules pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Update to version 0.3.10: * Many improvements to the pulse layer. + GStreamer pulsesink element now works. + Fixes some segfaults. + Enable rtkit for client threads. + fixes capture of monitor stream by name + implement some more extensions, this makes paman work and removes some warnings. * Many improvements to the GStreamer elements + negotiation rework, avoid calling GStreamer methods from the PipeWire callbacks because they might block and cause deadlocks. + Add support for non-string property values. + improve stability after buffer and format renegotiation. + Rework the device provider. + pipewiresink can now provide a stream that can be consumed by apps like cheese. * Many improvements to the JACK layer: + Rework the buffer_size callbacks. Make sure we call the callback from a 'safe' thread and that we don't call the process callback while the application is handling the callback. This improves stability in apps like Carla when PipeWire dynamically changes the buffer size. + Improve compatibility with apps that call get_buffer_frames() with a 0 size (calfjackrack) + JACK can now create nodes that can be set as a sink/source in PulseAudio/ALSA apps (you can make an effects rack and set that as default sink for apps). * Added a group id property for nodes. This makes it possible to schedule nodes with the same driver even when they are otherwise not linked together. To make this work well a new flag needed to be added to nodes to signal when they are ready for processing. Together with the GStreamer fixes, this makes things like: gst-launch-1.0 -v pipewiresrc path=51 stream-properties="props,node.group=1" ! audio/x-raw ! pipewiresink stream-properties="props,node.group=1" work as expected with PipeWire managing the resampling to keep the clocks of the devices in sync. This can later also be used to force devices to be grouped together to create a JACK-like scheduling group. * Streams and filter now use PIPEWIRE_NODE and PIPEWIRE_LATENCY env variables as fallback. * ACP add per device port list. This makes UCM devices expose the right ports. * Fix some segfaults in ACP and UCM. * make pw-cat use the metadata to find default devices. * The media session can now save and load audio device Profiles and Routes (volumes), stream volumes and the default sink and sources. ==== podman ==== Version update (2.0.5 -> 2.0.6) Subpackages: podman-cni-config - Update to v2.0.6 * Fixed a bug where running systemd in a container on a cgroups v1 system would fail. * Fixed a bug where /etc/passwd could be re-created every time a container is restarted if the container's /etc/passwd did not contain an entry for the user the container was started as. * Fixed a bug where containers without an /etc/passwd file specifying a non-root user would not start. * Fixed a bug where the --remote flag would sometimes not make remote connections and would instead attempt to run Podman locally. ==== read-only-root-fs ==== - Adjust btrfsmaintenance sysconfig to not use the read-only root filesystem [bsc#1176052] ==== vulkan-loader ==== Version update (1.2.148 -> 1.2.151) - Update to release 1.2.151 * Fixed crash in device enumeration ==== xen ==== - Fix build on aarch64 with gcc10 - Package xenhypfs for aarch64