Removed rpms ============ - libaom0 - libwebkit2gtk3-lang Added rpms ========== - libaom3 - libavif13 - librav1e0 Package Source Changes ====================== PackageKit +- Apply all patches unconditonally: PackageKit-zypp-c++17.patch is + merged in upstream git and thus does not justify to be + conditionally applied. +- Switching back to autosetup, as this works without conditional + patches. + +- Rewrite prep phase to not use autopatch -M: SLE15/Leap15's RPM + version does not support that syntax yet. + +- Update to version 1.2.4: + + Libraries: + - Add specific error code when user declined interaction + - Avoid spurious GObject::notify signal emissions + - Correct 'cancellable' use in pk_client_repair_system_async() + - Fix a leak on calling set_locale() a second time + - Fix a possible use-after-free under pk_client_cancel_cb() + - Improve thread safety on an operation cancellation + + Backends: + - dnf: + . Read update information also when getting list of updates + . Honor install_weak_deps=False if it is there + . Use 'hy_query_get_advisory_pkgs', if available + + New Features: + - PkDetails: Add 'download-size' property + - PkPackage: Add update severity property + + Bugfixes: + - Let the finish understand the 'cancelled' exit code + - Make backends that use pk-backend-spawn work (#477) + - Only set polkit interactive flag if method call has too +- Changes from version 1.2.3: + + Backends: + - alpm: + . Add post transaction hook + . Rename errno to alpm_err to avoid name clashes + - aptcc: Auto-remove old kernels, unless configured otherwise + - dnf: Add support for coercing upgrade to distupgrade + - zypp: + . Make sure pool is initialized at the beginning of some + methods + . Reset update mode after getting updates + + Bugfixes: + - Append to cron log instead of overwriting it + - Cancel a transaction if calling Cancel fails or the daemon + disappears + - Do not crash when calling pk_dbus_get_uid() before D-Bus is + setup + - Fix all compiler warnings + - Fix multilib conflicts in generated pk-enum-types.h + - Free scheduler array correctly again + - Remove large transaction size sanity check +- Drop patches fixed upstream: + + PackageKit-zypp-cleanup-tmp-files.patch + + PackageKit-zypp-reset-update-mode-after-get-updates.patch + + PackageKit-dnf-Add-support-for-coercing-upgrade-to-distupgrade.patch + + PackageKit-zypp-initialize-pool.patch + + PackageKit-remove-transaction-size-limit.patch + + PackageKit-cancel-transaction-if-daemon-disappears.patch + + PackageKit-dnf-ignore-weak-deps.patch +- Add 505.patch: pk-offline: Add flags to D-Bus invoking methods. + That's currently to be able to set whether the method should be + interactive or not. The old functions call the methods as + non-interactive. + accountsservice +- Stop passing the no longer used nor recognized option + user-heuristics=true to meson. + cairo +- Add upstream patch + + cairo-do-not-override-explicitly-requested-grayscale-aa.patch + Do not replace explicitly set applications settings by user + settings for font antialiasing. + See: https://gitlab.freedesktop.org/cairo/cairo/-/merge_requests/114 + gdk-pixbuf +- Stop passing no longer used nor recognized options jasper=false + and x11=false to meson, fails the build when using meson 0.60.x. + glib2 +- Update to version 2.70.1: + + Fix network changes not being signalled from NetworkManager. + + Fix build when building with --fatal-meson-warnings. + + Bugs fixed: glgo#GNOME/GLib#2505, glgo#GNOME/GLib!2245, + glgo#GNOME/GLib!2253, glgo#GNOME/GLib!2256, + glgo#GNOME/GLib!2259, glgo#GNOME/GLib!2262, + glgo#GNOME/GLib!2271, glgo#GNOME/GLib!2276, + glgo#GNOME/GLib!2300, glgo#GNOME/GLib!2301, + glgo#GNOME/GLib!2302, glgo#GNOME/GLib!2304. +- Refresh patches with quilt. + gobject-introspection +- Add explicit libgirepository-1_0-1 Requires to devel subpackage, + it was already pulled in via the main package, so no real change. +- Use ldconfig_scriptlets macro for post(un) handling. + harfbuzz +- Update to version 3.1.1: + + Work around GCC cast-align error/warning on some platforms. + + Documentation improvements. +- Drop patch fixed upstream: + + harfbuzz-3.1.0-work-around-GCC-cast-align-error-warning.patch + +- harfbuzz 3.1.0: + * Better offset-overflow handling in the subsetter library + * Improved Unicode 14 properties in the USE shaper, and various + other USE shaper fixes + * MATH and COLR v1 tables subsetting support, and various other + subsetter fixes + * Support for Pwo Karen / Ason Chin medial la. (Simon Cozens) + * Apply GPOS positioning when substituting with morx table, if + kerx is missing + * Apply calt and clig features across syllable boundaries in + Indic shaper + * Meson option for enabling Graphite 2 has been renamed to + graphite2 + * Build and documentation fixes +- add harfbuzz-3.1.0-work-around-GCC-cast-align-error-warning.patch + iso-codes +- update to 4.8.0: + * ISO 3166-1: Add flag emoji to countries. Thanks to Pander + for the suggestion. Fixes #19 + * ISO 639-5: New translation for Chinese (Simplified) + * ISO 3166-2: Major update of data. + Thanks to the script of Kevin Kaiser, which enables + the download of ISO pages and parses the data. + Fixes #15, #16, #27 + * Rename ChangeLog.md to CHANGELOG.md and follow the suggestions + from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) + * Move all CHANGELOG entries from versions before 4.0 to an + archive file (CHANGELOG-PRE-4.0.md) in order to reduce the + massive size of this CHANGELOG. + * Translation updates for ISO 3166-1 + * Translation updates for ISO 3166-2 + * Translation updates for ISO 639-2 + * Translation updates for ISO 639-3 + * Translation updates for ISO 639-5 + * Translation updates for ISO 15924 + libXfixes +- update to version 6.0 is needed for GNOME41, particularly the + gnome-settings-daemon's new feature to disconnect from Xwayland + (JIRA #SLE-22829) + +- Update to version 6.0.0 + * The big new feature here is support for the new + ClientDisconnectMode. From the corresponding + xorgproto announcement: + An X server that is started on demand (Xwayland) should ideally + also terminate when the last client disconnects. However, some + X11 clients that provide system services will linger around + forever, preventing that shutdown. + * With the new XFixes request, a client can designate itself as + to-be-terminated and the X server can ignore those clients when + counting the number of remaining clients. If no other clients + are left, the server can shut down. + * Note that this requires changes to the X server and each + client to work. + -- bumped version number to 7.6_4.0.5 - -- update to release 4.0.5 -- bumped version number to 7.5_4.0.5 -- fixed Summary/Group entries in -devel package - -- libXfixes 4.0.4 -- bumped version number to 7.5 - -- add baselibs.conf as a source - -- revert static library and .la file removal - for SUSE versions <= 11.1. - -- remove static libraries and "la" files - libaom +- Update to version 3.2.0: + * This release includes compression efficiency and perceptual + quality improvements, speedup and memory optimizations, as well + as some new features. + * New Features: + + Introduced speeds 7, 8, and 9 for all intra mode. + + Introduced speed 10 for real time mode. + + Introduced an API that allows external partition decisions. + + SVC: added support for compound prediction. + + SVC: added support for fixed SVC modes. + * Compression Efficiency Improvements: + + Intra-mode search improvement. + + Improved real time (RT) mode BDrate savings by ~5% (RT speed + 5) and ~12% (RT speed 6). The improvement was measured on the + video conference set. + + Improved real time mode for nonrd path (speed 7, 8, 9): + BDrate gains of ~3-5%. + + Rate control and RD adjustments based on ML research in VP9. + Gains of ~0.5-1.0% for HD. + * Perceptual Quality Improvements: + + Added a new mode --deltaq-mode=3 to improve perceptual + quality based on a differential contrast model for still + images. + + Added a new mode –deltaq-mode=4 to improve perceptual quality + based on user rated cq_level data set for still images. + + Weighting of some intra mode and partition size choices to + better manage and retain texture. + * Speedup and Memory Optimizations: + + Further improved 2-pass good quality encoder speed: + . Speed 2 speedup: 18% + . Speed 3 speedup: 22% + . Speed 4 speedup: 37% + . Speed 5 speedup: 30% + . Speed 6 speedup: 20% + + Optimized the real time encoder (measured on the video + conference set): + . RT speed 5 speedup: 110% + . RT speed 6 speedup: 77% + * Bug Fixes + + Issue 3069: Fix one-pass mode keyframe placement off-by-one + error. + + Issue 3156: Fix a bug in av1_quantize_lp AVX2 optimization. +- Drop libaom-CVE-2021-30474.patch: Fixed upstream. +- Drop libaom-CVE-2021-30475.patch: Fixed upstream. +- Remove changesgenerate option from _service file, use data from + CHANGELOG to fill .changes instead as it it much nicer and human + readable than just a list of commit messages. + +- fix service data + +- Update to version 3.1.3: + * Update CHANGELOG for v3.1.3-rc2 + * Detect chroma subsampling more directly + * Detect chroma subsampling more directly + * image2yuvconfig() should calculate uv_crop_width + * aom/aom_encoder.h: remove configure option reference + * aom_encoder.h: fix rc_overshoot_pct range + * Update AUTHORS,CHANGELOG,CMakeLists.txt for v3.1.3 + * aom_install: don't exclude msvc from install + * aom_install: use relpath for install + * aom_install: Install lib dlls to bindir + +- Update to version 3.1.2: + * Update AUTHORS,CHANGELOG,CMakeLists.txt for v3.1.2 + * Avoid chroma resampling for 420mpeg2 input + * Check array has two elements before using index 1 + * Fix DecodeScalabilityTest failure in realtime only + * Store temporal_id and spatial_id of decoded frame + * exports.cmake: use APPLE and WIN32 and use def for mingw-w64 + +- Update to version 3.1.1 + * Fix vmaf model initialization error when not set to tune=vmaf + * Fix consistent crash on near-static screen content, keyframe + related + * Fix tune=butteraugli mode +- Disable NEON on arm where not available. + +- Update to version 3.1.0 (bsc#1185843): + https://aomedia.googlesource.com/aom/+/refs/tags/v3.1.0 + This release adds an "all intra" mode to the encoder, which significantly + speeds up the encoding of AVIF still images at speed 6. + - Upgrading: + All intra mode for encoding AVIF still images and AV1 all intra videos: + AOM_USAGE_ALL_INTRA (2) can be passed as the 'usage' argument to + aom_codec_enc_config_default(). + New encoder control IDs added: + - AV1E_SET_ENABLE_DIAGONAL_INTRA: Enable diagonal (D45 to D203) intra + prediction modes (0: false, 1: true (default)). Also available as + "enable-diagonal-intra" for the aom_codec_set_option() function. + New aom_tune_metric enum value: AOM_TUNE_BUTTERAUGLI. The new aomenc option + - -tune=butteraugli was added to optimize the encoder’s perceptual quality by + optimizing the Butteraugli metric. Install libjxl (JPEG XL) and then pass + - DCONFIG_TUNE_BUTTERAUGLI=1 to the cmake command to enable it. +- Includes 3.0 + https://aomedia.googlesource.com/aom/+/refs/tags/v3.0.0 + This release includes compression efficiency improvement, speed improvement + for realtime mode, as well as some new APIs. + - Upgrading: + Support for PSNR calculation based on stream bit-depth. + New encoder control IDs added: + - AV1E_SET_ENABLE_RECT_TX + - AV1E_SET_VBR_CORPUS_COMPLEXITY_LAP + - AV1E_GET_BASELINE_GF_INTERVAL + - AV1E_SET_ENABLE_DNL_DENOISING + New decoder control IDs added: + - AOMD_GET_FWD_KF_PRESENT + - AOMD_GET_FRAME_FLAGS + - AOMD_GET_ALTREF_PRESENT + - AOMD_GET_TILE_INFO + - AOMD_GET_SCREEN_CONTENT_TOOLS_INFO + - AOMD_GET_STILL_PICTURE + - AOMD_GET_SB_SIZE + - AOMD_GET_SHOW_EXISTING_FRAME_FLAG + - AOMD_GET_S_FRAME_INFO + New aom_tune_content enum value: AOM_CONTENT_FILM + New aom_tune_metric enum value: AOM_TUNE_VMAF_NEG_MAX_GAIN + Coefficient and mode update can be turned off via + AV1E_SET_{COEFF/MODE}_COST_UPD_FREQ. + New key & value API added, available with aom_codec_set_option() function. + Scaling API expanded to include 1/4, 3/4 and 1/8. + - Enhancements: + Better multithreading performance with realtime mode. + New speed 9 setting for faster realtime encoding. + Smaller binary size with low bitdepth and realtime only build. + Temporal denoiser and its optimizations on x86 and Neon. + Optimizations for scaling. + Faster encoding with speed settings 2 to 6 for good encoding mode. + Improved documentation throughout the library, with function level + documentation, tree view and support for the dot tool. + - Bug fixes: + Aside from those mentioned in v2.0.1 and v2.0.2, this release includes the + following bug fixes: + Issue 2940: Segfault when encoding with --use-16bit-internal and --limit > 1 + Issue 2941: Decoder mismatch with --rt --bit-depth=10 and --cpu-used=8 + Issue 2895: mingw-w64 i686 gcc fails to build + Issue 2874: Separate ssse3 functions from sse2 file. + +- Update to version 2.0.2: + * Prepare for the libaom v2.0.2 release + * Call av1_setup_frame_size() when dropping a frame + * Avoid memset in filter_intra_predictor module + * Fix a typo bug in apply_temporal_filter_planewise + * Modify the assertion in temporal filter intrinsics + * Fix unit test ThreadTestLarge.EncoderResultTest/49 + * Add -Wimplicit-function-declaration as C flag only + * Update CHANGELOG for libaom v2.0.1 + * Set allow_screen_content_tools to 0 in rt mode + * chroma_check: don't access UV planes if monochrome + +- Update to version 2.0.0 "Applejack": + This is the first official release of libaom. It has real-time + mode and SVC support, as well as substantial documentation + improvement and clean-ups. + Important changes: + * Decouple library version and so version. + * Move functions into a header file + * Remove av1_ prefix from static functions + * Remove aom_ prefix from static functions + * Remove aom_ prefix for static functions + * Remove av1_ prefix for a static function +- Drop libaom-0002-link-threading-lib-with-shared-library.patch and + libaom-0003-update-CHANGELOG.patch + libgnomesu +- Add missing explicit libgnomesu0 Requires to devel package. +- Use ldconfig_scriptlets macro for post(un) handling. +- Modernize spec, use autosetup and make_build macro, update + Supplements to current standard. + librsvg +- Remove librsvg-s390x-cairo-has-current-point.patch - it is included + in the upstream tarball now. + +- Disable testsuite for now, let upstream figure out the issue with + harfbuzz 3.1.1. + +- Update to version 2.52.4: + + New features: + - Support the isolation property from the Compositing and + Blending Level 1 specification. + - Support Visual Studio 2022. + + Bug fixes: + - The opacity and mix-blend-mode properties were not being + applied when an element has a mask. + - Fix panic when an empty group has a pattern fill and filters. + - Fix the tests on Windows; the still only work when Fontconfig + is present. + - Work around a bug in the cairo-rs bindings in the test suite, + that only manifests itself in s/390x due to its calling + convention. See + https://github.com/gtk-rs/gtk-rs-core/issues/335 + +- Add cargo audit obs service + libsoup2 +- Update to version 2.74.2: + + Error when libsoup3 is already loaded before libsoup2. + +- Update to version 2.74.1: + + Fix support for older versions of Vala. + + Fix trying to build sysprof as a subproject on Windows. + + Fix missing `extern "C"` in an installed header. + + Improve `gssapi` dependency handling. + + Fix `libsoup-doc` build target. + + Updated translations. + libwpe +- Update to version 1.12.0: + + New API to handle requests initiated by web content to + (un)fullscreen web views. + polkit-gnome +- Disable agent startup on Pantheon desktop + -- added supplements for xfce4-session and lxsession so polkit-gnome - gets installed by default for LXDE/XFCE - pulseaudio +- Revert last change and BuildIgnore user(pulse) instead. + +- Use system-user-pulse instead of user(pulse) for PreReq; + otherwise a new project can't resolve + +- Make system-user-pulse noarch + +- Split sysusers.d file to separate package as needed by brltty + (bsc#1191465) + +- Remove obsolete translation-update-upstream support + (jsc#SLE-21105). +- Require perl-XML-Parser explicitly, it's needed by build. + +- Drop SDL_AUDIODRIVER override, as SDL already prefers PA as + default; this also fixes the recent breakage with SDL2 (bsc#1189778) + +- Update to PulseAudio 15 + - drop esound compat support + - drop gconf support + - convert to mason build system + - disable doxygen doc generation + - droped patches: + drop bluetooth patches integrated in release: + 0001-bluetooth-use-consistent-profile-names.patch + 0002-bluetooth-separate-HSP-and-HFP.patch + 0003-bluetooth-add-correct-HFP-rfcomm-negotiation.patch + 0004-bluetooth-make-native-the-default-backend.patch + 0005-bluetooth-enable-module-bluez5-discover-argument-ena.patch + 0006-bluetooth-fix-headset-auto-ofono-handover.patch + 0007-bluetooth-prefer-headset-HFP-HF-connection-with-nati.patch + 0008-bluetooth-complete-bluetooth-profile-separation.patch + 0009-bluetooth-use-device-flag-to-prevent-assertion-failu.patch + 0010-bluetooth-rename-enable_hs_role-to-enable_shared_pro.patch + 0011-bluetooth-clean-up-rfcomm_write-usage.patch + drop parecord patches integrated in release + parecord-fix-Failed-to-open-audio-file-for-FLAC-and-.patch + parecord-really-fix-recording-OGG.patch + - refresh disabled-start.diff patch + - new features: + * Support for LDAC and AptX bluetooth codecs, plus "SBC XQ" (SBC with higher-quality parameters) + * Support for HFP bluetooth profiles + * Support for Bluetooth A2DP AVRCP Absolute Volume + * ALSA path configuration files can now be placed in user home directory + * module-virtual-surround-sink rewritten + * More options for module-jackdbus-detect + * Improved hardware support + * SteelSeries Arctis 9 + * HP Thunderbolt Dock 120W G2 + * Behringer U-Phoria UMC22 + * OnePlus Type-C Bullets + * Sennheiser GSX 1000/1200 PRO + * New udev variable: PULSE_MODARGS + * max_latency_msec argument added to module-null-source + * module-filter-apply can take filter parameters from device properties + * module-match can now be loaded multiple times + * Improvements to FreeBSD support + * Windows support added to Meson + * Additional commands for pactl + * Card profiles can be set to sticky + * The startup script can now read additional configuration from the /etc/pulse/default.pa.d/ directory + * * Notes for application developers + * New API for sending messages from clients to PulseAudio objects + * New mechanism for applications to disable shared memory on their connection to PulseAudio + ( https://www.freedesktop.org/wiki/Software/PulseAudio/Notes/15.0/ ) + +- Remove unneeded shadow dependency, no longer required due to + systemd-sysusers + +- Change to using systemd-sysusers +- Remove old SUSE RPM constructs + +- Really fix recording OGG with parecord (bsc#1183546) + parecord-really-fix-recording-OGG.patch + qemu +- Fix testsuite failures by not using modules when building tests + (and some other, also testsuite related, spec file problems) + +- [JIRA] (SLE-20965) Make QEMU guests more failsafe when resizing + SCSI passthrough disks + * Patches added: + scsi-generic-replace-logical-block-count.patch + +- Add an audio-oss sub-package + +- Add some new (mostly documentation) files in the package + +- Remove option --audio-drv-list because audio is detected by + meson automatically in latest version. + +- Remove options --disable-jemalloc and --disable-tcmalloc + which are changed in v6.2.0. + +- Update to v 6.2.0. For full release notese, see: + * https://wiki.qemu.org/ChangeLog/6.2. + Be sure to also check the following pages: + * https://qemu-project.gitlab.io/qemu/about/removed-features.html + * https://qemu-project.gitlab.io/qemu/about/deprecated.html + Some notable changes: + * virtio-mem: guest memory dumps are now fully supported, along + with pre-copy/post-copy migration and background guest snapshots + * QMP: support for nw DEVICE_UNPLUG_GUEST_ERROR to detect + guest-reported hotplug failures + * TCG: improvements to TCG plugin argument syntax, and multi-core + support for cache plugin + * 68k: improved support for Apple’s NuBus, including ability to + load declaration ROMs, and slot IRQ support + * ARM: macOS hosts with Apple Silicon CPUs now support ‘hvf’ + accelerator for AArch64 guests + * ARM: emulation support for Fujitsu A64FX processor model + * ARM: emulation support for kudo-mbc machine type + * ARM: M-profile MVE extension is now supported for Cortex-M55 + * ARM: ‘virt’ machine now supports an emulated ITS (Interrupt + Translation Service) and supports more than 123 CPUs in + emulation mode + * ARM: xlnx-zcu102 and xlnx-versal-virt machines now support + BBRAM and eFUSE devices + * PowerPC: improved POWER10 support for the ‘powernv’ machine type + * PowerPC: initial support for POWER10 DD2.0 CPU model + * PowerPC: support for FORM2 PAPR NUMA descriptions for ‘pseries’ machine type + * RISC-V: support for Zb[abcs] instruction set extensions + * RISC-V: support for vhost-user and numa mem options across all boards + * RISC-V: SiFive PWM support + * x86: support for new Snowridge-v4 CPU model + * x86: guest support for Intel SGX + * x86: AMD SEV guests now support measurement of kernel binary when doing + direct kernel boot (not using a bootloader) + * Patches dropped: + 9pfs-fix-crash-in-v9fs_walk.patch + block-introduce-max_hw_iov-for-use-in-sc.patch + hmp-Unbreak-change-vnc.patch + hw-acpi-ich9-Add-compat-prop-to-keep-HPC.patch + hw-i386-acpi-build-Deny-control-on-PCIe-.patch + i386-cpu-Remove-AVX_VNNI-feature-from-Co.patch + net-vmxnet3-validate-configuration-value.patch + pcie-rename-native-hotplug-to-x-native-h.patch + plugins-do-not-limit-exported-symbols-if.patch + plugins-execlog-removed-unintended-s-at-.patch + qemu-nbd-Change-default-cache-mode-to-wr.patch + qemu-sockets-fix-unix-socket-path-copy-a.patch + target-arm-Don-t-skip-M-profile-reset-en.patch + target-i386-add-missing-bits-to-CR4_RESE.patch + tcg-arm-Fix-tcg_out_vec_op-function-sign.patch + uas-add-stream-number-sanity-checks.patch + vhost-vsock-fix-migration-issue-when-seq.patch + virtio-balloon-don-t-start-free-page-hin.patch + virtio-mem-pci-Fix-memory-leak-when-crea.patch + virtio-net-fix-use-after-unmap-free-for-.patch + +- Reinstate Lin Ma's fixes for bsc#1192147 as they were + submitted only to IBS. + * Patches added: + hw-acpi-ich9-Add-compat-prop-to-keep-HPC.patch + hw-i386-acpi-build-Deny-control-on-PCIe-.patch + pcie-rename-native-hotplug-to-x-native-h.patch + +- Rename the Guest Agent service qemu-guest-agent, like in other + distros (and upstream). bsc#1185543 + +- disable QOM cast debug outside the testsuite as the corresponding + asserts show up occassionally as top #1 in perf(1) traces under + heavy virtio load +- enable LTO when we'd like to use LTO + +* Patches added (bsc#1186256): + qemu-binfmt-conf.sh-allow-overriding-SUS.patch + +- cross-i386-binutils and cross-i386-gcc are not needed and were + dropped from Factory - boo#1193424 + +- qemu: virtio-net: heap use-after-free in virtio_net_receive_rcu + (bsc#1189938 CVE-2021-3748) + solved by virtio-net-fix-use-after-unmap-free-for-.patch +- kvm,qemu: out-of-bounds write in UAS (USB Attached SCSI) device emulation + (bsc#1189702 CVE-2021-3713) + * Patches added: + uas-add-stream-number-sanity-checks.patch + +- Stable fixes from upstream + * Patches added: + block-introduce-max_hw_iov-for-use-in-sc.patch + hmp-Unbreak-change-vnc.patch + qemu-nbd-Change-default-cache-mode-to-wr.patch + target-arm-Don-t-skip-M-profile-reset-en.patch + vhost-vsock-fix-migration-issue-when-seq.patch + virtio-mem-pci-Fix-memory-leak-when-crea.patch + virtio-net-fix-use-after-unmap-free-for-.patch + +- Fix testsuite dependencies (bsc#1190573) + * Patches added: + modules-quick-fix-a-fundamental-error-in.patch + +- Replace patch to fix hardcoded binfmt handler + (bsc#1186256) + * Patches dropped: + qemu-binfmt-conf.sh-allow-overriding-SUS.patch + * Patches added: + qemu-binfmt-conf.sh-should-use-F-as-shor.patch +- Stable fixes from upstream + * Patches added: + 9pfs-fix-crash-in-v9fs_walk.patch + i386-cpu-Remove-AVX_VNNI-feature-from-Co.patch + plugins-do-not-limit-exported-symbols-if.patch + plugins-execlog-removed-unintended-s-at-.patch + qemu-sockets-fix-unix-socket-path-copy-a.patch + target-i386-add-missing-bits-to-CR4_RESE.patch + virtio-balloon-don-t-start-free-page-hin.patch + +- Fix qemu build on ARMv7 (bsc#1190211) + * Patches added: + tcg-arm-Fix-tcg_out_vec_op-function-sign.patch + +- Update supported file for ARM machines. + +- Keep qemu-img without backing format still deprecated + (bsc#1190135) + * Patches added: + Revert-qemu-img-Improve-error-for-rebase.patch + Revert-qemu-img-Require-F-with-b-backing.patch +- Update the support files to reflect the deprecation. + +- Update build dependencies versions: libgcrypt >= 1.8.0, + gnutls >= 3.5.18, glib >= 2.56, libssh >= 0.8.7 + +- Fix hardcoded binfmt handler doesn't play well with containers + (bsc#1186256) + * Patches added: + qemu-binfmt-conf.sh-allow-overriding-SUS.patch + - * Replace patch to fix hardcoded binfmt handler (bsc#1186256) - * Fix testsuite dependencies (bsc#1190573) - * Patches added: - modules-quick-fix-a-fundamental-error-in.patch - Revert-qemu-img-Improve-error-for-rebase.patch - Revert-qemu-img-Require-F-with-b-backing.patch - qemu-binfmt-conf.sh-should-use-F-as-shor.patch - tcg-arm-Fix-tcg_out_vec_op-function-sign.patch - 9pfs-fix-crash-in-v9fs_walk.patch - i386-cpu-Remove-AVX_VNNI-feature-from-Co.patch - plugins-do-not-limit-exported-symbols-if.patch - plugins-execlog-removed-unintended-s-at-.patch - qemu-sockets-fix-unix-socket-path-copy-a.patch - target-i386-add-missing-bits-to-CR4_RESE.patch - virtio-balloon-don-t-start-free-page-hin.patch - pc-bios-s390-ccw-don-t-try-to-read-the-n.patch -- Update to v6.0: see https://wiki.qemu.org/ChangeLog/6.0 - For a full list of formely deprecated features that are removed now, - consult: https://qemu-project.gitlab.io/qemu/system/removed-features.html. - For a list of new deprecated features, consult: - https://qemu-project.gitlab.io/qemu/system/deprecated.html - Some noteworthy changes: - * Removed tileGX CPU (linux-user mode). - * Removed ide-drive device (use ide-hd or ide-cd instead). - * Removed scsi-disk device (use scsi-hd or scsi-cd instead). - * Removed pc-1.0, pc-1.1, pc-1.2, and pc-1.3 machine types. - * Added emulation of Arm-v8.1M arch and Cortex-M55 CPU. - * Added boards mps3-an524 (Cortex-M33) and mps3-an547 (Cortex-M55). - * x86: Support for running SEV-ES encrypted guests; TCG can emulate - the PKS feature; WHPX accelerator supports accelerated APIC. - * ARM: ARMv8.4-TTST, ARMv8.4-SEL2, FEAT_SSBS, and ARMv8.4-DIT emulation - are now supported; Added ARMv8.5-MemTag extension is now supported formely - linux-user. Additional device emulation support for xlnx-zynqmp, xlnx-versal, - sbsa-ref, npcm7xx, and sabrelite board models. - * PowerPC: powernv now allows external BMC; pseries can send QAPI message - if it detects a memory hotplug failure; CPU unplug request can be retried. - * s390: TCG works with Linux kernels built with clang-11 and clang12. - * RISC-V: OpenSBI upgraded to v0.9; Support the QMP dump-guest-memory - command; Add support for the SiFive SPI controller (sifive_u); Add QSPI - NOR flash to Microchip PFSoC. - * Misc doc improvements. - * Multiprocess: Add experimental options to support out-of-process device - emulation. - * ACPI: support for assigning NICs to known names in guest OS independently of - PCI slot placement. - * NVMe: new emulation support for v1.4 spec with many new features, experimental - support for Zoned Namespaces, multipath I/O, and End-to-End Data Protection. - * Xen: New guest loader for testing of Xen-like hypervisors booting kernels. - * virtiofs: misc. security fixes and performance improvements. - * Tools: FUSE block exports to allow mounting any QEMU block device node - as a host file. - * Migration: query/info-migrate now display the migration blocker status and - the reasons for blocking. - * User-mode: Added support for the Qualcomm Hexagon processor. - * TCG: Added support for Apple Silicon hosts (macOS). - * QMP: backup jobs now support multiple asynchronous requests in parallel - * VNC: virtio-vga support for scaling resolution based on client window size - * Enabled zstd compression option for qemu-img - * Fixed CVE-2021-3527 in usb/redir - * Disabled sheepdog - dropped upstream - * Improve compatibility with GCC11 - * Fix update-alternative when removing qemu-skiboot bsc#1178678 - * Update qemu-supportconfig - * Disable skiboot building due to issue upstream: - https://github.com/open-power/skiboot/issues/265 - * Several upstream stable patches already applied - * Patches added: - tcg-arm-Fix-tcg_out_op-function-signatur.patch - target-sh4-Return-error-if-CPUClass-get_.patch +- usb: unbounded stack allocation in usbredir + (bsc#1186012, CVE-2021-3527) + hw-usb-Do-not-build-USB-subsystem-if-not.patch + hw-usb-host-stub-Remove-unused-header.patch + usb-hid-avoid-dynamic-stack-allocation.patch + usb-limit-combined-packets-to-1-MiB-CVE-.patch + usb-mtp-avoid-dynamic-stack-allocation.patch + +- usbredir: free call on invalid pointer in bufp_alloc + (bsc#1189145, CVE-2021-3682) + usbredir-fix-free-call.patch + +- Add stable patches from upstream: + +- Disabled skiboot building for PowerPC due to the following issue: + https://github.com/open-power/skiboot/issues/265 + +- Fix possible mremap overflow in the pvrdma + (CVE-2021-3582, bsc#1187499) +- Ensure correct input on ring init + (CVE-2021-3607, bsc#1187539) +- Fix the ring init error flow + (CVE-2021-3608, bsc#1187538) + +- Fix qemu-supportconfig network-manager verification + +- Fix stable issues found in upstream: + +- Update qemu-supportconfig plugin + +- Fix an update-alternative warning when removing qemu-skiboot package + bsc#1178678 + +- Use doc directive to build QEMU documentation + +- Improve compatibility with gcc 11: + target-sh4-Return-error-if-CPUClass-get_.patch + tcg-arm-Fix-tcg_out_op-function-signatur.patch + +- Enable zstd compression option to qcow2 + +- Fix out-of-bounds write in virgl_cmd_get_capset + CVE-2021-3546 bsc#1185981 +- Fix memory leaks found in the virtio vhost-user GPU device + CVE-2021-3544 bsc#1186010 +- Fix information disclosure due to uninitialized memory read + CVE-2021-3545 bsc#1185990 + +- disable sheepdog, it was dropped upstream ( + https://gitlab.com/qemu-project/qemu/-/commit/09ec85176e4095be15f233ebc870d5680123f024) + and fails to build with gcc 11 on non-x86 + +- Fix CVE-2021-3527 in usb/redir: +- Fix issues found upstream: - ui-Fix-memory-leak-in-qemu_xkeymap_mappi.patch + +- Brotli VLA error was already fixed in v5.2 but the patches wasn't + included in v6.0. This change fixed that +- Patches added: + brotli-fix-actual-variable-array-paramet.patch + ui-Fix-memory-leak-in-qemu_xkeymap_mappi.patch + +- For the record, these issues are fixed in this package already. + Most are alternate references to previously mentioned issues: + (CVE-2019-15890, bsc#1149813, CVE-2020-8608, bsc#1163019, + CVE-2020-14364, bsc#1175534, CVE-2020-25707, bsc#1178683, + CVE-2020-25723, bsc#1178935, CVE-2020-29130, bsc#1179477, + CVE-2020-29129, bsc#1179484, CVE-2021-3419, bsc#1182975) + +- Update to v6.0: see https://wiki.qemu.org/ChangeLog/6.0 + For a full list of formely deprecated features that are removed now, + consult: https://qemu-project.gitlab.io/qemu/system/removed-features.html. + For a list of new deprecated features, consult: + https://qemu-project.gitlab.io/qemu/system/deprecated.html + Some noteworthy changes: + * Removed tileGX CPU (linux-user mode). + * Removed ide-drive device (use ide-hd or ide-cd instead). + * Removed scsi-disk device (use scsi-hd or scsi-cd instead). + * Removed pc-1.0, pc-1.1, pc-1.2, and pc-1.3 machine types. + * Added emulation of Arm-v8.1M arch and Cortex-M55 CPU. + * Added boards mps3-an524 (Cortex-M33) and mps3-an547 (Cortex-M55). + * x86: Support for running SEV-ES encrypted guests; TCG can emulate + the PKS feature; WHPX accelerator supports accelerated APIC. + * ARM: ARMv8.4-TTST, ARMv8.4-SEL2, FEAT_SSBS, and ARMv8.4-DIT emulation + are now supported; Added ARMv8.5-MemTag extension is now supported formely + linux-user. Additional device emulation support for xlnx-zynqmp, xlnx-versal, + sbsa-ref, npcm7xx, and sabrelite board models. + * PowerPC: powernv now allows external BMC; pseries can send QAPI message + if it detects a memory hotplug failure; CPU unplug request can be retried. + * s390: TCG works with Linux kernels built with clang-11 and clang12. + * RISC-V: OpenSBI upgraded to v0.9; Support the QMP dump-guest-memory + command; Add support for the SiFive SPI controller (sifive_u); Add QSPI + NOR flash to Microchip PFSoC. + * Misc doc improvements. + * Multiprocess: Add experimental options to support out-of-process device + emulation. + * ACPI: support for assigning NICs to known names in guest OS independently of + PCI slot placement. + * NVMe: new emulation support for v1.4 spec with many new features, experimental + support for Zoned Namespaces, multipath I/O, and End-to-End Data Protection. + * Xen: New guest loader for testing of Xen-like hypervisors booting kernels. + * virtiofs: misc. security fixes and performance improvements. + * Tools: FUSE block exports to allow mounting any QEMU block device node + as a host file. + * Migration: query/info-migrate now display the migration blocker status and + the reasons for blocking. + * User-mode: Added support for the Qualcomm Hexagon processor. + * TCG: Added support for Apple Silicon hosts (macOS). + * QMP: backup jobs now support multiple asynchronous requests in parallel + * VNC: virtio-vga support for scaling resolution based on client window size + * Patches added: - qom-code-hardening-have-bound-checking-w.patch + brotli-fix-actual-variable-array-paramet.patch -- Fix possible mremap overflow in the pvrdma - (CVE-2021-3582, bsc#1187499) - hw-rdma-Fix-possible-mremap-overflow-in-.patch -- Ensure correct input on ring init - (CVE-2021-3607, bsc#1187539) - pvrdma-Ensure-correct-input-on-ring-init.patch -- Fix the ring init error flow - (CVE-2021-3608, bsc#1187538) - pvrdma-Fix-the-ring-init-error-flow-CVE-.patch - -* Fix intel-hda segmentation fault due to stack overflow - (CVE-2021-3611, bsc#1187529) - qom-code-hardening-have-bound-checking-w.patch - -- Enable zstd compression option for qemu-img - -- Fix out-of-bounds write in virgl_cmd_get_capset - CVE-2021-3546 bsc#1185981 - vhost-user-gpu-abstract-vg_cleanup_mappi.patch -- Fix memory leaks found in the virtio vhost-user GPU device - CVE-2021-3544 bsc#1186010 - vhost-user-gpu-fix-leak-in-virgl_cmd_res.patch - vhost-user-gpu-fix-leak-in-virgl_resourc.patch - vhost-user-gpu-fix-memory-disclosure-in-.patch - vhost-user-gpu-fix-memory-leak-in-vg_res.patch - vhost-user-gpu-fix-memory-leak-while-cal.patch - vhost-user-gpu-fix-OOB-write-in-virgl_cm.patch -- Fix information disclosure due to uninitialized memory read - CVE-2021-3545 bsc#1185990 - vhost-user-gpu-fix-resource-leak-in-vg_r.patch - -- QEMU BIOS fails to read stage2 loader (on s390x)(bsc#1186290) - * Patches added: - pc-bios-s390-ccw-don-t-try-to-read-the-n.patch - -- For the record, these issues are fixed in this package already. - Most are alternate references to previously mentioned issues: - (CVE-2019-15890, bsc#1149813, CVE-2020-8608, bsc#1163019, - CVE-2020-14364, bsc#1175534, CVE-2020-25707, bsc#1178683, - CVE-2020-25723, bsc#1178935, CVE-2020-29130, bsc#1179477, - CVE-2020-29129, bsc#1179484, CVE-2021-3419, bsc#1182975) - shared-mime-info +- Add fix-build-meson-0_60.patch: Fix build with meson 0.60 and + newer. +- Add drop-itstool-dep.patch: Drop itstool as it is no longer + needed, upstream was missing this in the patch. Following this: + drop itstool BuildRequires. + wicked +- version 0.6.68 +- sysctl: process sysctl.d directories as in sysctl --system +- sysctl: fix sysctl values for loopback device (bsc#1181163, bsc#1178357) +- dhcp4: add option to set route pref-src to dhcp IP (bsc#1192353) +- cleanup: warnings, time calculations and dhcp fixes (bsc#1188019) +- wireless: reconnect on unexpected wpa_supplicant restart (bsc#1183495) +- tuntap: avoid sysfs attr read error (bsc#1192311) +- ifstatus: fix warning of unexpected interface flag combination (bsc#1192164) + +- dbus: config files in /usr shouldn't be marked as config in spec + wpebackend-fdo +- Update to version 1.12.0: + + Added API to obtain the wl_resource for SHM exported buffers. + + Added unstable DMA-BUF pool API for buffer management. + + Fixed UI process getting stuck when navigating across different + security origins. + + Fixed invalid usage of Wayland client connections in the nested + compositor which caused crashes in some situations. + + Made it easier to override where Meson looks for + wayland-scanner during cross-compilation, using a native + machine file. +