Packages changed: baloo5-widgets (22.04.1 -> 22.04.2) dbus-1 dolphin (22.04.1 -> 22.04.2) glibc kaccounts-integration (22.04.1 -> 22.04.2) kate (22.04.1 -> 22.04.2) kde-print-manager (22.04.1 -> 22.04.2) kdialog (22.04.1 -> 22.04.2) kio-extras5 (22.04.1 -> 22.04.2) konsole (22.04.1 -> 22.04.2) kwalletmanager5 (22.04.1 -> 22.04.2) libqt5-qtwebengine (5.15.9 -> 5.15.10) mobipocket (22.04.1 -> 22.04.2) openvpn (2.5.6 -> 2.5.7) python-gobject python-importlib-metadata (4.11.3 -> 4.11.4) python-jsonpointer (2.2 -> 2.3) runc (1.1.2 -> 1.1.3) timezone udisks2 === Details === ==== baloo5-widgets ==== Version update (22.04.1 -> 22.04.2) - Update to 22.04.2 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/22.04.2/ ==== dbus-1 ==== Subpackages: libdbus-1-3 - version provides - add split provides - remove unused/obsolete pre_checkin.sh - The great dbus package split of 22, in preperation for replacing dbus-daemon with dbus-broker currently there is no functional difference that will change later, this follows a similar setup to RedHat and Debian. * dbus-daemon is now in its own separate package * Create a dbus-1-common package with all the files and config that are shared between the dbus-daemon and dbus-broker implementations. * Create a dbus-1-tools package with the tools eventually we will likely want to move to only recommending this package Redhat and Debian have both already gone down this path. ==== dolphin ==== Version update (22.04.1 -> 22.04.2) Subpackages: dolphin-part libdolphinvcs5 - Update to 22.04.2 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/22.04.2/ ==== glibc ==== Subpackages: glibc-locale glibc-locale-base - Set SUSE_ZNOW=0 - strncpy-power9-vsx.patch: powerpc: Fix VSX register number on __strncpy_power9 (BZ #29197) - nptl-cleanup-async-restore.patch: nptl: Fix __libc_cleanup_pop_restore asynchronous restore (bsc#1200093, BZ #29214) ==== kaccounts-integration ==== Version update (22.04.1 -> 22.04.2) - Update to 22.04.2 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/22.04.2/ ==== kate ==== Version update (22.04.1 -> 22.04.2) Subpackages: kate-plugins - Update to 22.04.2 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/22.04.2/ ==== kde-print-manager ==== Version update (22.04.1 -> 22.04.2) - Update to 22.04.2 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/22.04.2/ ==== kdialog ==== Version update (22.04.1 -> 22.04.2) - Update to 22.04.2 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/22.04.2/ ==== kio-extras5 ==== Version update (22.04.1 -> 22.04.2) Subpackages: libkioarchive5 - Update to 22.04.2 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/22.04.2/ ==== konsole ==== Version update (22.04.1 -> 22.04.2) Subpackages: konsole-part - Update to 22.04.2 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/22.04.2/ ==== kwalletmanager5 ==== Version update (22.04.1 -> 22.04.2) - Update to 22.04.2 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/22.04.2/ ==== libqt5-qtwebengine ==== Version update (5.15.9 -> 5.15.10) - Update to version 5.15.10: * Fix top level build with no widget * Fix read-after-free on EGL extensions * Update Chromium * Add workaround for unstable gn on macOS in ci * Pass archiver to gn build * Fix navigation to non-local URLs * Add support for universal builds for qtwebengine and qtpdf * Enable Apple Silicon support * Fix cross compilation x86_64->arm64 on mac * Bump version to 5.15.10 * CustomDialogs: Make custom input fields readable in dark mode * CookieBrowser: Make alternating rows readable in dark mode * Update Chromium: * Bump V8_PATCH_LEVEL * Fix clang set-but-unused-variable warning * Fix mac toolchain python linker script call * Fix missing dependency for gpu sources * Fix python calls * Fix undefined symbol for universal link * Quick fix for regression in service workers by reverting backports * [Backport] CVE-2022-0797: Out of bounds memory access in Mojo * [Backport] CVE-2022-1125 * [Backport] CVE-2022-1138: Inappropriate implementation in Web Cursor. * [Backport] CVE-2022-1305: Use after free in storage * [Backport] CVE-2022-1310: Use after free in regular expressions * [Backport] CVE-2022-1314: Type Confusion in V8 * [Backport] CVE-2022-1493: Use after free in Dev Tools * [Backport] On arm64 hosts, set host_cpu to 'arm64', not 'arm' * [Backport] Security Bug 1296876 * [Backport] Security bug 1269999 * [Backport] Security bug 1280852 * [Backport] Security bug 1292905 * [Backport] Security bug 1304659 * [Backport] Security bug 1306507 ==== mobipocket ==== Version update (22.04.1 -> 22.04.2) - Update to 22.04.2 * New bugfix release * For more details please see: * https://kde.org/announcements/gear/22.04.2/ ==== openvpn ==== Version update (2.5.6 -> 2.5.7) - update to 2.5.7: * Limited OpenSSL 3.0 support * print OpenSSL error stack if decoding PKCS12 file fails * fix omission of cipher-negotiation.rst in tarballs * fix errno handling on Windows (Windows has different classes of error codes, GetLastError() and C runtime errno, these should now be handled correctly) * fix PATH_MAX build failure in auth-pam.c * fix t_net.sh self-test leaving around stale "ovpn-dummy0" interface * fix overlong path names, leading to missing pkcs11-helper patch in tarball ==== python-gobject ==== Subpackages: python38-gobject python38-gobject-Gdk python38-gobject-cairo - Add dependency on python-cairo to python-gobject-cairo: The introspection wrapper needs the actual pycairo underneath (boo#1179584). ==== python-importlib-metadata ==== Version update (4.11.3 -> 4.11.4) - update to 4.11.4: * #379: In ``PathDistribution._name_from_stem``, avoid including parts of the extension in the result. * #381: In ``PathDistribution._normalized_name``, ensure names loaded from the stem of the filename are also normalized, ensuring duplicate entry points by packages varying only by non-normalized name are hidden. ==== python-jsonpointer ==== Version update (2.2 -> 2.3) - update to 2.3: * Support setting - for arrays * Add join and / operator * Fix invalid escape sequences ==== runc ==== Version update (1.1.2 -> 1.1.3) - Update to runc v1.1.3. Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.1.3. (Includes a fix for bsc#1200088.) * Our seccomp `-ENOSYS` stub now correctly handles multiplexed syscalls on s390 and s390x. This solves the issue where syscalls the host kernel did not support would return `-EPERM` despite the existence of the `-ENOSYS` stub code (this was due to how s390x does syscall multiplexing). * Retry on dbus disconnect logic in libcontainer/cgroups/systemd now works as intended; this fix does not affect runc binary itself but is important for libcontainer users such as Kubernetes. * Inability to compile with recent clang due to an issue with duplicate constants in libseccomp-golang. * When using systemd cgroup driver, skip adding device paths that don't exist, to stop systemd from emitting warnings about those paths. * Socket activation was failing when more than 3 sockets were used. * Various CI fixes. * Allow to bind mount /proc/sys/kernel/ns_last_pid to inside container. * runc static binaries are now linked against libseccomp v2.5.4. - Remove upstreamed patches: - bsc1192051-0001-seccomp-enosys-always-return-ENOSYS-for-setup-2-on-s390x.patch ==== timezone ==== - switch to _multibuild - refresh keyring, enable keyring validation ==== udisks2 ==== Subpackages: libudisks2-0 - Added hardening to systemd service(s) (bsc#1181400). Added patch(es): * harden_udisks2-zram-setup@.service.patch * harden_udisks2.service.patch