Packages changed: ImageMagick (7.1.0.60 -> 7.1.0.61) SDL2 (2.26.2 -> 2.26.3) ceph (16.2.9.539+gea74dd900cd -> 16.2.11.58+g38d6afd3b78) fetchmail (6.4.35 -> 6.4.36) grub2 hwdata (0.366 -> 0.367) java-11-openjdk (11.0.17.0 -> 11.0.18.0) libstorage-ng (4.5.69 -> 4.5.71) ncurses (6.4.20230121 -> 6.4.20230128) ovmf texinfo (7.0.1 -> 7.0.2) webkit2gtk3-soup2 (2.38.3 -> 2.38.4) xorg-x11-server (21.1.6 -> 21.1.7) xwayland (22.1.7 -> 22.1.8) === Details === ==== ImageMagick ==== Version update (7.1.0.60 -> 7.1.0.61) Subpackages: ImageMagick-config-7-SUSE ImageMagick-extra libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10 - version update to 7.1.0.61 * https://github.com/ImageMagick/Website/blob/main/ChangeLog.md ==== SDL2 ==== Version update (2.26.2 -> 2.26.3) - Update to release 2.26.3 * Fixed infinite loop shutting down WGI controllers * Fixed centering the D-pad on some Xbox controllers ==== ceph ==== Version update (16.2.9.539+gea74dd900cd -> 16.2.11.58+g38d6afd3b78) Subpackages: librados2 librbd1 - Update to 16.2.11-58-g38d6afd3b78: + test/CMakeLists.txt: move 'APPEND rgw_libs Boost::filesystem' to top level - Update to 16.2.11-57-g9be7fb44a33: + ceph.spec.in: Replace %usrmerged macro with regular version check - checkin.sh: default to ses7p branch - Update to 16.2.11-56-gc067055f8f5: + (bsc#1199183) osd, tools, kv: non-aggressive, on-line trimming of accumulated dups + (bsc#1200262) ceph-volume: fix fast device alloc size on mulitple device + (bsc#1200501) cephadm: update monitoring container images + (bsc#1200978) mgr/dashboard: prevent alert redirect + (bsc#1201797) mgr/volumes: Add subvolumegroup resize cmd + (bsc#1201837) mgr/volumes: Fix subvolume discover during upgrade (CVE-2022-0670) + (bsc#1201976) monitoring/ceph-mixin: add RGW host to label info + (bsc#1202077) mgr/dashboard: enable addition of custom Prometheus alerts + (bsc#1203375) python-common: Add 'KB' to supported suffixes in SizeMatcher + (bsc#1204430) ceph-crash: drop privleges to run as "ceph" user, rather than root (CVE-2022-3650) + (bsc#1205025) rgw: Guard against malformed bucket URLs (CVE-2022-3854) + (bsc#1205436) mgr/dashboard: fix rgw connect when using ssl ==== fetchmail ==== Version update (6.4.35 -> 6.4.36) Subpackages: fetchmailconf - Update to 6.4.36: * TRANSLATIONS: language translations were updated: - cs, es, fr, ja, pl, ro, sq, sv ==== grub2 ==== Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-xen - Fix nvmf boot device setup (bsc#1207811) * 0001-grub2-Can-t-setup-a-default-boot-device-correctly-on.patch - Fix unknown filesystem error on disks with 4096 sector size (bsc#1207064) * 0001-grub-core-modify-sector-by-sysfs-as-disk-sector.patch - Fix GCC 13 build failure (bsc#1201089) * 0002-AUDIT-0-http-boot-tracker-bug.patch ==== hwdata ==== Version update (0.366 -> 0.367) - update to 0.367: * Update pci, usb and vendor ids ==== java-11-openjdk ==== Version update (11.0.17.0 -> 11.0.18.0) Subpackages: java-11-openjdk-headless - Upgrade to upstream tag jdk-11.0.18+10 (January 2023 CPU) * CVEs + CVE-2023-21835, bsc#1207246 + CVE-2023-21843, bsc#1207248 * Security fixes + JDK-8286070: Improve UTF8 representation + JDK-8286496: Improve Thread labels + JDK-8287411: Enhance DTLS performance + JDK-8288516: Enhance font creation + JDK-8289350: Better media supports + JDK-8293554: Enhanced DH Key Exchanges + JDK-8293598: Enhance InetAddress address handling + JDK-8293717: Objective view of ObjectView + JDK-8293734: Improve BMP image handling + JDK-8293742: Better Banking of Sounds + JDK-8295687: Better BMP bounds * Other changes + JDK-4819544: SwingSet2 JTable Demo throws NullPointerException + JDK-6782021: It is not possible to read local computer certificates with the SunMSCAPI provider + JDK-6829250: Reg test: java/awt/Toolkit/ScreenInsetsTest/ScreenInsetsTest.java fails in Windows + JDK-7001973: java/awt/Graphics2D/CopyAreaOOB.java fails + JDK-8022403: sun/java2d/DirectX/OnScreenRenderingResizeTest/ /OnScreenRenderingResizeTest.java fails + JDK-8028998: [TEST_BUG] [macosx] java/awt/dnd/ /DropTargetEnterExitTest/MissedDragExitTest.java failed + JDK-8029633: Raw inner class constructor ref should not perform diamond inference + JDK-8030121: java/awt/dnd/MissingDragExitEventTest/ /MissingDragExitEventTest.java fails + JDK-8079267: [TEST_BUG] Test java/awt/Frame/MiscUndecorated/ /RepaintTest.java fails + JDK-8129827: [TEST_BUG] Test java/awt/Robot/RobotWheelTest/ /RobotWheelTest.java fails + JDK-8159599: [TEST_BUG] java/awt/Modal/ /ModalInternalFrameTest/ModalInternalFrameTest.java + JDK-8169187: [macosx] Aqua: java/awt/image/multiresolution/ /MultiresolutionIconTest.java + JDK-8172269: When checking the default behaviour for a scroll tab layout and checking the 'opaque' checkbox, the area behind tabs is not red. + JDK-8178698: javax/sound/midi/Sequencer/MetaCallback.java failed with timeout + JDK-8193942: Regression automated test '/open/test/jdk/javax/ /swing/JFrame/8175301/ScaledFrameBackgroundTest.java' fails + JDK-8194126: Regression automated Test '/open/test/jdk/javax/ /swing/JColorChooser/Test7194184.java' fails + JDK-8198343: Test java/awt/print/PrinterJob/ /TestPgfmtSetMPA.java may fail w/o printer + JDK-8199290: [TESTBUG] sun.hotspot.WhiteBox$WhiteBoxPermission is not copied + JDK-8202836: [macosx] test java/awt/Graphics/TextAAHintsTest.java fails + JDK-8206125: [windows] cannot pass relative path to - -with-boot-jdk + JDK-8210047: some pages contain content outside of landmark region + JDK-8211002: test/jdk/java/lang/Math/PowTests.java skips testing for non-corner-case values + JDK-8212096: javax/net/ssl/ServerName/ /SSLEngineExplorerMatchedSNI.java failed intermittently due to SSLException: Tag mismatch + JDK-8213239: Configure cannot handle command overrides with arguments + JDK-8215571: jdb does not include jdk.* in the default class filter + JDK-8217032: Check pandoc capabilities in configure + JDK-8222091: Javadoc does not handle package annotations correctly on package-info.java + JDK-8222251: preflow visitor is not visiting lambda expressions + JDK-8226236: win32: gc/metaspace/ /TestCapacityUntilGCWrapAround.java fails + JDK-8227179: Test for new gc+metaspace=info output format + JDK-8227651: Tests fail with SSLProtocolException: Input record too big + JDK-8228672: [TESTBUG] gc/metaspace/TestSizeTransitions.java fails on 32-bit platforms + JDK-8233557: [TESTBUG] DoubleClickTitleBarTest.java fails on macOs + JDK-8233558: [TESTBUG] WindowOwnedByEmbeddedFrameTest.java fails on macos + JDK-8233565: [TESTBUG] NullModalityDialogTest.java fails on MacOS + JDK-8233648: [TESTBUG] DefaultMenuBarTest.java failing on macos + JDK-8239708: Split basics.m4 into basic.m4 and util.m4 + JDK-8240281: Remove failing assertion code when selecting first memory state in SuperWord::co_locate_pack + JDK-8242468: VS2019 build missing vcruntime140_1.dll + JDK-8243565: some gc tests use 'test.java.opts' and not 'test.vm.opts' + JDK-8243568: serviceability/logging/TestLogRotation.java uses 'test.java.opts' and not 'test.vm.opts' + JDK-8244010: Simplify usages of ProcessTools.createJavaProcessBuilder in our tests + JDK-8244557: test/jdk/javax/swing/JTabbedPane/ ... changelog too long, skipping 300 lines ... backport ==== libstorage-ng ==== Version update (4.5.69 -> 4.5.71) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - Translated using Weblate (Chinese (Taiwan) (zh_TW)) (bsc#1149754) - 4.5.71 - Translated using Weblate (Chinese (China) (zh_CN)) (bsc#1149754) - 4.5.70 - Translated using Weblate (Italian) (bsc#1149754) ==== ncurses ==== Version update (6.4.20230121 -> 6.4.20230128) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20230128 + document XF, kxIN and kxOUT -TD + add note on sun/wscons/cmdtool/shelltool -TD + modify configure script check for pkg-config library directory to take into account an older version 0.15.0 which used PKG_CONFIG_PATH but not PKG_CONFIG_LIBDIR - Correct offsets of patches * ncurses-5.9-ibm327x.dif * ncurses-6.4.dif ==== ovmf ==== Subpackages: qemu-ovmf-x86_64 - Add fix-aarch64.patch: this fixes https://bugzilla.suse.com/show_bug.cgi?id=1207095 ==== texinfo ==== Version update (7.0.1 -> 7.0.2) Subpackages: info info-lang - texinfo 7.0.2: * texi2any: do not distribute architecture-dependent files * info: further fix of recoding of UTF-8 files to ASCII * install-info: build fixes ==== webkit2gtk3-soup2 ==== Version update (2.38.3 -> 2.38.4) Subpackages: WebKit2GTK-4.0-lang libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles - Update to version 2.38.4 (boo#1207997): + Improve GStreamer multimedia playback across the board with improved codec selection logic, better handling of latency, and improving frame discard to avoid audio/video desynchronizationg, among other fixes. + Disable HLS media playback by default, which makes web sites use MSE instead. If needed WEBKIT_GST_ENABLE_HLS_SUPPORT=1 can be set in the environment to enable it back. + Disable threaded rendering in GTK4 builds by default, as it was causing crashes. + Fix MediaSession API not showing artwork images. + Fix MediaSession MPRIS usage when running inside a Flatpak sandbox. + Fix input element controls to correctly scale when applying a zoom factor different than the default. + Fix leakage of Web processes in certain situations. + Fix the injected bundle not being found when running inside a sandbox. + Fix the build with ENABLE_INTROSPECTION when cross-compiling. + FIx the build with ENABLE_WEBGL disabled. + Fix the build with GStreamer-based WebRTC enabled. + Fix the build with USE_GTK4 enabled. + Fix several crashes and rendering issues. + Security fixes: CVE-2023-23517, CVE-2023-23518, CVE-2023-42826. ==== xorg-x11-server ==== Version update (21.1.6 -> 21.1.7) Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra - Update to version xorg-server-21.1.7: * This release contains the fix for CVE-2023-0494 in today's security advisory: https://lists.x.org/archives/xorg-announce/2023-February/003320.html It also fixes a second possible OOB access during EnqueueEvent and a crasher caused by ResourceClientBits not correctly honouring the MaxClients value in the configuration file. - supersedes U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch, U_xorg-server-oob-read-enqueue-event.patch - U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch * DeepCopyPointerClasses use-after-free (CVE-2023-0494, ZDI-CAN-19596, bsc#1207783) ==== xwayland ==== Version update (22.1.7 -> 22.1.8) - Update to version 22.1.8 * This release contains the fix for CVE-2023-0494 in today's security advisory: https://lists.x.org/archives/xorg-announce/2023-February/003320.html * It also fixes a second possible OOB access during EnqueueEvent. - supersedes U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch - improved summary and description - added requires to xkeyboard-config - added recommends to xorg-x11-fonts-core - removed unused 'package' section - U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch * DeepCopyPointerClasses use-after-free (CVE-2023-0494, ZDI-CAN-19596, bsc#1207783)