Packages changed: Mesa (21.1.1 -> 21.1.2) Mesa-drivers (21.1.1 -> 21.1.2) cni (0.8.0 -> 0.8.1) grub2 hwdata (0.347 -> 0.348) installation-images-MicroOS (17.5 -> 17.6) libinput (1.17.3 -> 1.18.0) libxml2 (2.9.10 -> 2.9.12) libxslt libzypp (17.25.10 -> 17.26.0) patterns-base systemd-presets-common-SUSE zypper (1.14.44 -> 1.14.45) === Details === ==== Mesa ==== Version update (21.1.1 -> 21.1.2) Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 - update to 21.1.2 * second bugfix * mostly AMD and Intel changes as usual, but also a decent amount of ARM fixes and more. - no longer autoselect Mesa-dri-nouveau at all; autoselect libvdpau_nouveau depending on PCI ID (boo#1186721) ==== Mesa-drivers ==== Version update (21.1.1 -> 21.1.2) Subpackages: Mesa-dri Mesa-gallium - update to 21.1.2 * second bugfix * mostly AMD and Intel changes as usual, but also a decent amount of ARM fixes and more. - no longer autoselect Mesa-dri-nouveau at all; autoselect libvdpau_nouveau depending on PCI ID (boo#1186721) ==== cni ==== Version update (0.8.0 -> 0.8.1) - Update to version 0.8.1: * This is a security release that fixes a single bug: - Tighten up plugin-finding logic (#811). ==== grub2 ==== Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi - Fix crash in launching gfxmenu without theme file (bsc#1186481) * grub2-gfxmenu-support-scrolling-menu-entry-s-text.patch ==== hwdata ==== Version update (0.347 -> 0.348) - Update to version 0.348 (bsc#1186749): + Updated pci, usb and vendor ids. ==== installation-images-MicroOS ==== Version update (17.5 -> 17.6) - merge gh#openSUSE/installation-images#513 - Keep /usr/lib/ld-* also if lib64 exists - Use ld*so* as glob for the runtime linker - Keep /usr/lib/ld*so* also if lib64 exists - 17.6 ==== libinput ==== Version update (1.17.3 -> 1.18.0) - Update to release 1.18 * Gestures' unaccelerated motion now matches the accelerated motion (without accel, obviously). * Better gesture detection should reduce the amount of pinch gestures detected as two-finger scrolling. * Pressing the wheel button down now suppresses accidental scroll wheel events. * Reworked clickpad detection means we should be more robust for devices with broken firmware. ==== libxml2 ==== Version update (2.9.10 -> 2.9.12) Subpackages: libxml2-2 libxml2-tools - Fix python-lxml regression with libxml2 2.9.12: * Work around lxml API abuse: gitlab.gnome.org/GNOME/libxml2/issues/255 - Add upstream patches: * libxml2-fix-lxml-corrupted-subtree-structures.patch * libxml2-fix-regression-in-xmlNodeDumpOutputInternal.patch - Update to version 2.9.12 * Fix CVE-2021-3541, CVE-2021-3537, CVE-2021-3518, CVE-2021-3517, CVE-2021-3516, CVE-2020-7595, CVE-2019-20388, CVE-2020-24977, and CVE-2019-19956 * Fix null deref in legacy SAX1 parser * Fix handling of unexpected EOF in xmlParseContent * Fix user-after-free * Validate UTF8 in xmlEncodeEntities * Fix memory leak in xmlParseElementMixedContentDecl * Fix integer overflow in xmlSchemaGetParticleTotalRangeMin * Fix SEGV in xmlSAXParseFileWithData * Don't process siblings of root in xmlXIncludeProcess * Full changes: http://xmlsoft.org/news.html - Drop upstream fixed * libxml2-CVE-2021-3541.patch * libxml2-CVE-2021-3537.patch * libxml2-CVE-2021-3518.patch * libxml2-CVE-2021-3517.patch * libxml2-CVE-2021-3516.patch * libxml2-CVE-2020-7595.patch * libxml2-CVE-2019-20388.patch * libxml2-CVE-2020-24977.patch * libxml2-CVE-2019-19956.patch * libxml2-python39.patch * libxml2-Avoid-quadratic-checking-of-identity-constraints.patch - Drop since 2.9.10 merged libxml2-xmlFreeNodeList-recursive.patch - Drop since 2.8.0 merged fix-perl.diff - Refresh libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch - Security fix: [bsc#1186015, CVE-2021-3541] * Exponential entity expansion attack bypasses all existing protection mechanisms. - Add libxml2-CVE-2021-3541.patch ==== libxslt ==== Subpackages: libxslt-tools libxslt1 - Fix build with libxml2 2.9.12 that removes maxParserDepth XPath limit - Add upstream patches: * libxslt-Stop-using-maxParserDepth-XPath-limit.patch * libxslt-Do-not-set-maxDepth-in-XPath-contexts.patch ==== libzypp ==== Version update (17.25.10 -> 17.26.0) - Work around download.o.o broken https redirects. - Allow trusted repos to add additional signing keys (bsc#1184326) Repositories signed with a trusted gpg key may import additional package signing keys. This is needed if different keys were used to sign the the packages shipped by the repository. - MediaCurl: Fix logging of redirects. - Use 15.3 resolver problem and solution texts on all distros. - $ZYPP_LOCK_TIMEOUT: Let negative values wait forever for the zypp lock (bsc#1184399) Helps boot time services like 'zypper purge-kernels' to wait for the zypp lock until other services using zypper have completed. - Fix purge-kernels is broken in Leap 15.3 (bsc#1185325) Leap 15.3 introduces a new kernel package called kernel-flavour-extra, which contain kmp's. Currently kmp's are detected by name ".*-kmp(-.*)?" but this does not work which those new packages. This patch fixes the problem by checking packages for kmod(*) and ksym(*) provides and only falls back to name checking if the package in question does not provide one of those. - Introduce zypp-runpurge, a tool to run purge-kernels on testcases. - version 17.26.0 (22) ==== patterns-base ==== Subpackages: patterns-base-base patterns-base-bootloader patterns-base-minimal_base patterns-base-x11 - Suggest kernel-default from patterns-base-base ==== systemd-presets-common-SUSE ==== - When installing the systemd-presets-common-SUSE package for the first time in a new system, it might happen that some services are installed before systemd so the %systemd_pre/post macros would not work. This is handled by enabling all preset services in this package's %posttrans section but it wasn't enabling user services, just system services. Now it enables also the user services installed before this package, thus fixing boo#1186561 ==== zypper ==== Version update (1.14.44 -> 1.14.45) Subpackages: zypper-needs-restarting - Add hints to 'trust GPG key' prompt. - Add report when receiving new package signing keys from a trusted repo (bsc#1184326) - Added translation using Weblate (Kabyle) - version 1.14.45