Packages changed: NetworkManager (1.54.3 -> 1.56.1) NetworkManager-openvpn (1.12.3 -> 1.12.5) bind (9.20.23 -> 9.20.24) checkmedia (6.6 -> 7.0) gnome-settings-daemon (50.1 -> 50.1+6) gtkmm3 (3.24.10 -> 3.24.11) kernel-firmware-amdgpu (20260519 -> 20260614) kernel-firmware-ath10k (20260206 -> 20260610) kernel-firmware-ath11k (20260327 -> 20260610) kernel-firmware-ath12k (20260421 -> 20260610) kernel-firmware-atheros (20250206 -> 20260610) kernel-firmware-bluetooth (20260505 -> 20260618) kernel-firmware-bnx2 (20250627 -> 20260610) kernel-firmware-brcm (20250623 -> 20260610) kernel-firmware-chelsio (20250627 -> 20260610) kernel-firmware-dpaa2 (20250206 -> 20260610) kernel-firmware-i915 (20260514 -> 20260610) kernel-firmware-intel (20260519 -> 20260610) kernel-firmware-iwlwifi (20260331 -> 20260610) kernel-firmware-liquidio (20250206 -> 20260610) kernel-firmware-marvell (20250206 -> 20260610) kernel-firmware-media (20260505 -> 20260610) kernel-firmware-mediatek (20260519 -> 20260619) kernel-firmware-mwifiex (20250206 -> 20260610) kernel-firmware-network (20260327 -> 20260610) kernel-firmware-nfp (20250206 -> 20260610) kernel-firmware-nvidia (20260408 -> 20260610) kernel-firmware-platform (20260514 -> 20260610) kernel-firmware-qcom (20260519 -> 20260619) kernel-firmware-qlogic (20250926 -> 20260610) kernel-firmware-radeon (20250627 -> 20260610) kernel-firmware-realtek (20260214 -> 20260614) kernel-firmware-serial (20260327 -> 20260610) kernel-firmware-sound (20260519 -> 20260618) kernel-firmware-ti (20250206 -> 20260610) kernel-firmware-ueagle (20251004 -> 20260610) kernel-firmware-usb-network (20250717 -> 20260610) kquickimageeditor6 (0.6.1 -> 0.6.2) libidn (1.43 -> 1.44) liblognorm (2.0.9 -> 2.1.0) liblouis (3.37.0 -> 3.38.0) libssh2_org lsof (4.99.4 -> 4.99.7) mariadb-connector-c (3.4.8 -> 3.4.9) mozjs140 (140.10.1 -> 140.12.0) openSUSE-release (20260622 -> 20260623) openconnect (9.12 -> 9.21) postfix (3.11.3 -> 3.11.4) vim (9.2.0398 -> 9.2.0530) virtualbox (7.2.8 -> 7.2.10) virtualbox-kmp (7.2.8_k7.0.12_1 -> 7.2.10_k7.0.12_1) vmaf (3.1.0 -> 3.2.0) xkeyboard-config (2.47 -> 2.48) yast2-storage-ng (5.0.48 -> 5.0.49) yelp (49.1 -> 49.1+3) === Details === ==== NetworkManager ==== Version update (1.54.3 -> 1.56.1) Subpackages: NetworkManager-bluetooth NetworkManager-lang NetworkManager-tui NetworkManager-wwan libnm0 typelib-1_0-NM-1_0 - Drop initrd specific services, following debians workaround. - Update to version 1.56.1: + Add support for GENEVE interface. + Allow persisting the managed state across reboots from nmcli and the D-Bus API. + Allow changing the device's administrative state in the kernel at the same time as a change to the managed state from nmcli and the D-Bus API. - Backport upstream fix for bsc#1246627 to enable and respect the connection.auth-retry option for WPA-PSK secured connections: * Add patch 2308.patch from https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2308 - Migrate to xz compression and manual service run - Update to version 1.56.0: + Unify the versioning to use everywhere the scheme with the -rcX or -dev suffixes when appropriate. This affects, for example, the URL and filename of the release tarball and the version reported by nmcli and the daemon. As an exception, the C API will continue to use the 90+ scheme for RC versions. + nmcli now supports viewing and managing WireGuard peers. + Support reapplying the "sriov.vfs" property as long as "sriov.total-vfs" is not changed. + Support reapplying "bond-port.vlans". + Accept hostnames longer than 64 characters from DNS lookup. + Make that global-dns configuration overwrites DNS searches and options from connections, instead of merging all together. + Add support for a new rd.net.dhcp.client-id option in nm-initrd-generator. + Add gsm device-uid setting to restrict the devices the connection applies to. + Support configuring the HSR protocol version via the "hsr.protocol-version" property. + Fix a bug that makes broadband connections auto-connect getting blocked if the connection tries to reconnect when modem status is "disconnecting" / "disconnected". + Treat modem connection not having an operator code available as a recoverable error. + Add support for configuring systemd-resolved's DNSSEC option per-connection via the "connection.dnssec" connection property. + Support configuring the HSR interlink port via the "hsr.interlink" property. + Fix some connection properties not being applied to vpn connections (connection.mdns, connection.llmnr, connection.dns-over-tls, connection.mptcp-flags, ipv6.ip6-privacy) + Update n-acd to always compile with eBPF enabled, as support for eBPF is now detected at run time. + Add new MPTCP 'laminar' endpoint type, and set it by default alongside the 'subflow' one. + For private connections (the ones that specify a user in the "connection.permissions" property), verify that the user can access the 802.1X certificates and keys set in the connection. + Introduce a libnm function that can be used by VPN plugins to check user permissions on certificate and keys. ==== NetworkManager-openvpn ==== Version update (1.12.3 -> 1.12.5) Subpackages: NetworkManager-applet-openvpn NetworkManager-openvpn-lang - Update to version 1.12.5: + Don't use NM_VERSION_MIN_REQUIRED and MAX_ALLOWED to fix build compilation failure with libnm 1.52.2. + Updated translations - Changes from version 1.12.4: + Add tmpfiles.d and sysusers.d files so that systemd creates automatically the required tmp file and user + Verify file permissions for private connections to prevent unprivileged user from using other user's certs (CVE-2025-9615) + Updated translations - Enable test suite in %check section ==== bind ==== Version update (9.20.23 -> 9.20.24) Subpackages: bind-doc bind-utils - Upgrade to release 9.20.24 Removed Features: * Remove ineffective TCP fallback after repeated UDP timeouts. Feature Changes: * Fall back to TCP on receipt of a UDP response with a mismatched query ID. * Limit the number of glue records cached from a referral. * Fix a resolver stall on a CNAME response to a DS query. Bug Fixes: * The resolver now removes other RRsets at the same name when caching a CNAME. * Fix nxdomain-redirect combined with dns64. * Fix DNS64 owner case after DNAME restart. * Clear REDIRECT flag when it isn't needed. * Disable output escaping in bind9.xsl. * Fix crash on badly configured secondary signer. * Fix a possible crash on concurrent TKEY DELETE for the same key. * Reject RRSIG records covering meta-types. ==== checkmedia ==== Version update (6.6 -> 7.0) - merge gh#openSUSE/checkmedia#24 - fix compiler warning and make fragment calculation more efficient - use libcrypto for digest calculation (bsc#1268746) - adjust spec file - 7.0 ==== gnome-settings-daemon ==== Version update (50.1 -> 50.1+6) Subpackages: gnome-settings-daemon-lang - Update to version 50.1+6: + Updated translations. ==== gtkmm3 ==== Version update (3.24.10 -> 3.24.11) - Update to version 3.24.11: + Gdk: - Pixbuf: Ignore deprecation of gdk_pixbuf_new_from_xpm_data() - Ignore deprecation of GdkPixbufAnimation and GdkPixbufAnimationIter. They are deprecated since gdk-pixbuf 2.44. + Documentation: - Remove obsolete FSF (Free Software Foundation) address - Gtk::GestureSingle: Update class description - README.win32.md: Mention Visual Studio 2026 - MSVC_NMake/info-msvc.mak, README.win32.md: Update build info - Gtk::GestureMultiPress: Improve the class description + Build: - NMake, gendef.cc: Filter out Avx2WmemEnabledWeakValue - Meson and NMake builds: Distinguish Visual Studio 2026 builds from Visual Studio 2022 builds - NMake Makefiles: Consolidate items and add flexibility - NMake Makefiles: Make build process more robust - Meson build: Don't require the 'dot' command to build the documentation - Fix build with build-deprecated-api=false. ==== kernel-firmware-amdgpu ==== Version update (20260519 -> 20260614) - Update to version 20260614 (git commit 8d7543434b2d): * amdgpu: DMCUB updates for various ASICs - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory - Update to version 20260605 (git commit 230073b14d6c): * amdgpu: Update DMCUB fw for DCN314 * amdgpu: revert yellow carp VCN firmware * amdgpu: revert vangogh VCN firmware * amdgpu: revert sienna cichlid VCN firmware * amdgpu: revert navy flounder VCN firmware * amdgpu: revert dimgrey cavefish VCN firmware * amdgpu: revert beige_goby VCN firmware * amdgpu: DMCUB updates for various ASICs - Update to version 20260522 (git commit adb6dceb45b9): * amdgpu: Update gc 11.0.1 microcode ==== kernel-firmware-ath10k ==== Version update (20260206 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-ath11k ==== Version update (20260327 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-ath12k ==== Version update (20260421 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-atheros ==== Version update (20250206 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * LICENSES: update GPL-2.0 text and references * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-bluetooth ==== Version update (20260505 -> 20260618) - Update to version 20260618 (git commit a8f9ebbaa645): * QCA: Add bluetooth firmware nvm files for USI/NFA725B * linux-firmware: Add firmware file for Intel BlazarIW * linux-firmware: Update firmware file for Intel BlazarU core * linux-firmware: Update firmware file for Intel BlazarI core * linux-firmware: Update firmware file for Intel Scorpius core - Update to version 20260614 (git commit 8d7543434b2d): * rtl_bt: Update RTL8852A BT USB firmware to 0x244F_91B6 * QCA: Update Bluetooth WCN3950 firmware 1.3.0-00108 to 1.3.0-00184 - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory * QCA: Update Bluetooth WCN6856 firmware 2.1.0-00666 to 2.1.0-00669 - Update to version 20260605 (git commit 230073b14d6c): * QCA: Add BCS calibration binary for QCC2072 * QCA: Update Bluetooth firmware for QCC2072 UART interface ==== kernel-firmware-bnx2 ==== Version update (20250627 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-brcm ==== Version update (20250623 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * LICENSES: update GPL-2.0 text and references * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-chelsio ==== Version update (20250627 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-dpaa2 ==== Version update (20250206 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-i915 ==== Version update (20260514 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory - Update to version 20260522 (git commit adb6dceb45b9): * i915: Xe3LPD DMC v2.36 * i915: Xe3LPD_3002 DMC v2.31 * i915: Xe3p_LPD DMC v2.37 ==== kernel-firmware-intel ==== Version update (20260519 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * LICENSES: update GPL-2.0 text and references * Move firmware licenses to a LICENSES/ directory - Update to version 20260605 (git commit 230073b14d6c): * intel_vpu: Update NPU firmware ==== kernel-firmware-iwlwifi ==== Version update (20260331 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-liquidio ==== Version update (20250206 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-marvell ==== Version update (20250206 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-media ==== Version update (20260505 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * LICENSES: update GPL-2.0 text and references * LICENSES: rename GPL-3 to GPL-3.0-only * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-mediatek ==== Version update (20260519 -> 20260619) - Update to version 20260619 (git commit 37976b9ded44): * linux-firmware: update firmware for MT7986 * linux-firmware: update firmware for MT7981 * linux-firmware: update firmware for MT7996 * linux-firmware: update firmware for MT7992 * linux-firmware: update firmware for MT7990 - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-mwifiex ==== Version update (20250206 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-network ==== Version update (20260327 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-nfp ==== Version update (20250206 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-nvidia ==== Version update (20260408 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-platform ==== Version update (20260514 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * LICENSES: update GPL-2.0 text and references * LICENSES: rename GPL-3 to GPL-3.0-only * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-qcom ==== Version update (20260519 -> 20260619) - Update to version 20260619 (git commit 37976b9ded44): * qcom: Add qdsp6sw firmware for shikra platform * qcom: Update ADSP firmware for Kaanapali platform * qcom: update ADSP firmware for glymur platform - Update to version 20260618 (git commit a8f9ebbaa645): * qcom: update CDSP firmware for glymur platform * qcom: update ADSP firmware for qcs615 platform - Update to version 20260614 (git commit 8d7543434b2d): * qcom: update CDSP firmware for shikra platform - Update to version 20260610 (git commit e7eb98afc667): * qcom: Update ADSP firmware for Glymur platform * Move firmware licenses to a LICENSES/ directory * qcom: update ADSP firmware for sm8750 platform * qcom: Update DSP firmware for qcs8300 platform * qcom: Update DSP firmware for sa8775p platform - Update to version 20260605 (git commit 230073b14d6c): * qcom: update CDSP firmware for x1e80100 platform - Update to version 20260522 (git commit adb6dceb45b9): * qcom: Add gpu firmwares for Shikra chipset ==== kernel-firmware-qlogic ==== Version update (20250926 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-radeon ==== Version update (20250627 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-realtek ==== Version update (20260214 -> 20260614) - Update to version 20260614 (git commit 8d7543434b2d): * realtek: rt1321: Update the patch code to v1.10 - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory - Update to version 20260605 (git commit 230073b14d6c): * rtl_nic: add firmware rtl8261c.bin for RTL8261c - Update to version 20260522 (git commit adb6dceb45b9): * rtw89: 8852b: update fw to v0.29.29.18 * rtw89: 8852bt: update fw to v0.29.122.2 ==== kernel-firmware-serial ==== Version update (20260327 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * Remove any files with unknown licenses * LICENSES: update GPL-2.0 text and references * LICENSES: rename GPL-3 to GPL-3.0-only * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-sound ==== Version update (20260519 -> 20260618) - Update to version 20260618 (git commit a8f9ebbaa645): * cirrus: cs42l45: Update CS42L45 SDCA codec firmware for Dell laptops - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory - Update to version 20260605 (git commit 230073b14d6c): * cirrus: cs35l56: Add firmware for Cirrus Amps for a Dell laptop * linux-firmware: Add RCA firmware files for tas257x projects * cirrus: cs35l63: Add Cirrus CS35L63 firmware mappings for various Dell laptops * cirrus: cs35l56: Update firmware for Cirrus Amps for a couple of Lenovo laptops * cirrus: cs35l56: Add firmware for Cirrus Amps for a Lenovo laptop * cirrus: cs35l56: Add Cirrus CS35L56 firmware mappings for two Dell laptops - Update to version 20260522 (git commit adb6dceb45b9): * cirrus: cs35l56: Add firmware for Cirrus Amps for some Lenovo laptops * cirrus: cs42l45: Update CS42L45 SDCA codec firmware for Lenovo laptops * cirrus: cs42l45: Add CS42L45 SDCA codec firmware for Lenovo laptops * cirrus: cs35l56: Update firmware for Cirrus Amps for some Dell laptops ==== kernel-firmware-ti ==== Version update (20250206 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-ueagle ==== Version update (20251004 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * Move firmware licenses to a LICENSES/ directory ==== kernel-firmware-usb-network ==== Version update (20250717 -> 20260610) - Update to version 20260610 (git commit e7eb98afc667): * LICENSES: update GPL-2.0 text and references * LICENSES: rename GPL-3 to GPL-3.0-only * Move firmware licenses to a LICENSES/ directory ==== kquickimageeditor6 ==== Version update (0.6.1 -> 0.6.2) Subpackages: kquickimageeditor6-imports libKQuickImageEditor1 - Update to 0.6.2 * Fix blur cache being recreated every time * Traits::ImageEffects::Blur::image: Remove unnecessary format conversion * Add alpha channel support with non-OpenCV stack blur (kde#519107) * Add option to build with OpenCV (kde#519107) * Reset crop rectangle on canvasRectChanged * {annotation/image}document: Use QImageReader to respect image transformation (kde#516546) ==== libidn ==== Version update (1.43 -> 1.44) - update to 1.44: * Fix read-out-of-bounds error in ToUnicode APIs * Fix strcpy buffer overflow in examples ==== liblognorm ==== Version update (2.0.9 -> 2.1.0) - version update to 2.1.0: * add TurboVM bytecode engine for high-performance log parsing Compiles rulebases into optimized bytecode executed by a linear VM with SIMD-accelerated parsing primitives (SSE4.2 on x86-64, NEON on ARM64, scalar fallback for other architectures). Key features: - arena-based allocation (single malloc per message, O(1) reset) - fast result structure (typed fields, zero JSON overhead) - snapshot support for async consumers (rsyslog worker queues) - automatic fallback to recursive walker on compilation failure New API: ln_turbo_normalize(), ln_fast_result_get_string/int(), ln_turbo_snapshot_result(). New context option: LN_CTXOPT_TURBO. Enabled via: ./configure --enable-turbo Contributed by Jérémie Jourdin / Advens. * pcre2 used instead of pcre (which is no longer supported) * add a parameter skipempty to the json field type. If skipempty is set as follows, empty json objects are dropped from the parsed result. %field_name:json:skipempty% If any parameter other than "skipempty" is given ("bogus" in this example), an error message "invalid flag for JSON parser: bogus" is issued. Thanks to Noriko Hosoi for the patch. * json parser: add optional "skipempty" flag This removes empty strings, empty arrays and empty objects from parsed JSON content before it is attached to the result tree. Thanks to Noriko Hosoi for the original patch. Follow-up work to rebase, document, and align validation tests was done by Adiscon. NOTE: This is a potential backward-compatibility change for malformed rulebases that used extra json parser flags such as "%field:json:bogus%". Such invalid flags were previously ignored and are now rejected during rule loading. * Op-quoted-string : Add support for escaped characters Thanks to Kevin Guillemot for the patch. Some follow up work was done by Adiscon. * parser(quoted-string): return the extracted value without the surrounding quote characters. * parser(name-value-list): add ignore_whitespaces option and accept trailing empty trimmed values. * parser(repeat): allow one named dot among unnamed parsers. * fixed error callback cookie - the wrong one was provided * hardening: fix empty-tag rulebase crash, repeat while validation crash, parser EOF handling, and harden GitHub Actions security. * improved CI with additional checks, including sanitizers and an rsyslog integration test * introduced doc for AI agents, e.g. AGENTS.md - deleted patches * liblognorm-2.0.6-pcre2.patch (upstreamed) ==== liblouis ==== Version update (3.37.0 -> 3.38.0) Subpackages: liblouis-data liblouis20 python3-louis - Update to version 3.38.0: + This release is highlighted by a new Norwegian grade 3 contraction table, the result of Lars Bjørndal's work implementing the revised Braille Authority rules. The Swedish tables have been thoroughly renewed and now also cover Sami and Elfdalian. Malayalam has been updated to comply with the new Bharati Braille 2026 rules. Several security vulnerabilities were fixed, and the documentation was improved. ==== libssh2_org ==== - CVE-2026-55199: pre-Authentication DoS via SSH_MSG_EXT_INFO Handler (boo#1268530) libssh2-1.11.1-CVE-2026-55199.patch - CVE-2026-55200: out-of-Bounds write via Unchecked packet_length in transport.c (boo#1268531) libssh2-1.11.1-CVE-2026-55200.patch - CVE-2026-7598: integer overflow in function userauth_password of file src/userauth.c (boo#1263890) libssh2-1.11.1-CVE-2026-7598.patch - CVE-2025-15661: out-of-bounds heap read vulnerability in the sftp_symlink() function in src/sftp.c (boo#1268546) libssh2-1.11.1-CVE-2025-15661.patch ==== lsof ==== Version update (4.99.4 -> 4.99.7) - update to 4.99.7: * lsof_free_result(): handle result == NULL by @neek78 * [linux] Fix missing parenthesis in lstat error message format by @cuiweixie * Fix use-after-free in lsof_select_process_regex * Fix truncated fd numbers in -F field output * Add -J/-j options for JSON and JSON Lines output format. -J outputs a JSON envelope with process and file information; -j outputs JSON Lines format where each line is a JSON object representing a file descriptor * Document non-UTF-8 encoding behavior in JSON output by @kurok * Follow autoconf conventions for --enable/--disable help output * Skip building liblsof when --disable-liblsof is given * [linux] Display connection state for UDP sockets with -T option * Add more information to the tutorial about debugging busy mounts * Fix case sensitivity in INSTALL commands by @AngelofVerdant - update to 4.99.6: * [linux] Treat NFS ESTALE fds as unlinked for +L selection by @x-lugoo * [solaris] Update dlsof.h for Solaris NFS rnode4.h issues by @nic-kulowiec * [doc] fix minor doc errors in 00README by @nic-kulowiec * Fix null pointer exception by @admardare-cyber - update to 4.99.5: * [linux] fix legacy linux kernel compatibility due to missing /proc/self/ns * [linux] fix potential null pointer deference, reported by @mono-trip ==== mariadb-connector-c ==== Version update (3.4.8 -> 3.4.9) - Update to release 3.4.9 * private_library.patch rebased onto the restructured libmariadb install block (NAMELINK_COMPONENT) - Drop patches fixed/superseded upstream: * mariadb-connector-c-3.4.5-const-correctness.patch * mariadb-connector-c-3.4.5-const-correctness-2.patch (upstream now uses a mutable copy instead of casting strchr) * mariadb-connector-c-2.3.1_unresolved_symbols.patch (upstream links the dialog plugin against ${CMAKE_DL_LIBS}) ==== mozjs140 ==== Version update (140.10.1 -> 140.12.0) - Update to 140.12.0: + Various security fixes + See https://www.firefox.com/en-US/firefox/140.12.0/releasenotes/ https://www.firefox.com/en-US/firefox/140.11.0/releasenotes/ ==== openSUSE-release ==== Version update (20260622 -> 20260623) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== openconnect ==== Version update (9.12 -> 9.21) Subpackages: libopenconnect5 openconnect-bash-completion openconnect-lang - Update to release 9.21: * Fix infinite loop in buf_append() when output exactly fills available buffer space * Accept base32 token secrets without trailing = padding * Fix crash on NULL passphrase from TPM2 auth dialog * Fix use of free_pass() on binary oath_secret. * Fix COPR builds for Amazon Linux 2023, EPEL 7/10, and MinGW. * Fix compiler warnings in fortinet.c, tun-win32.c, and compat.c. * Support both old and new pyOpenSSL API in test infrastructure. - Update to release 9.20: * Fix Cisco AnyConnect STRAP channel bindings with TLSv1.3 * Change default user-agent string to be compatible with newer Cisco servers * Support JavaScript redirects from Fortinet 7.4.x. * Fix GlobalProtect config-parsing bug that misidentified IPv6 * split-include routes as split-exclude. * Handle Pulse configuration packets up to 1 MiB * fix short reads during packet reassembly * Support otpauth:// URI format for HOTP/TOTP token secrets * honour non-default TOTP periods from PSKC or otpauth:// * Fix Cisco DTLS MTU detection * Handle additional oNCP framing variations ==== postfix ==== Version update (3.11.3 -> 3.11.4) - update to 3.11.4 * Bug 1 (defect introduced: Postfix 3.1, date 20150607): null pointer read and heap data overread in the Postfix SMTP client's smtp_dns_reply_filter. * Bug 2 (defect introduced: Postfix 3.6, date: 20200710): panic (assertion failure and voluntary crash) while parsing a TLSA reply with length 3. * Bug 3 (Problem introduced: Postfix 2.9, date: 20110205) Robustness: the Postfix SMTP server will no longer receive (and discard) an unlimited amount of text while receiving a long SMTP command line. * Bug 4 Robustness: with the above change the Postfix SMTP client will no longer receive (and discard) an unlimited amount of text while receiving a long SMTP response line. * Bug 5 (Problem introduced: Postfix 3.4, date: 20180825) Robustness: do not receive (and discard) unlimited amounts of data with BDAT commands. ==== vim ==== Version update (9.2.0398 -> 9.2.0530) Subpackages: vim-data vim-data-common xxd - Actually apply vim-9.1.1732-fix-inc-detection.patch (add the missing Patch16 / %patch entries): the patch was committed and documented but never wired into the spec, so the fix for bsc#1262395 (scientific parameter files misdetected as bitbake recipes) was not being built - Update apparmor.vim to latest version (from AppArmor 5.0.1) - several updates for highlighting file rules - Update to v9.2.0530. - Fix for SG#71948, bsc#1262395: * vim-9.1.1732-fix-inc-detection.patch: Fix for incorrectly detecting scientific parameter files as bitbake recipies. - Upstream fixed the following bugs / CVEs: * bsc#1264706 CVE-2026-42307 * bsc#1265360 CVE-2026-46483 * bsc#1264708 CVE-2026-45130 * bsc#1264707 CVE-2026-44656 * bsc#1265349 CVE-2026-43961 - Changes: * 9.2.0530: WinBar row vertical separator not refreshed on window change * 9.2.0529: GTK4: clipboard returns empty after a foreign app takes the selection * 9.2.0528: possible overflow in XIM resource handling * 9.2.0527: Possible double free in fill_partial_and_closure() * 9.2.0526: missing out-of-memory check in ex_substitute() * 9.2.0525: spell: memory leak in spell_read_dic() * 9.2.0524: spell: buffer overflow with many affix or compound flags * 9.2.0523: tests: no test for using shellescape() in combination with :! * 9.2.0522: event_nr2name() in autocmd.c can be improved * 9.2.0521: GTK4: cannot resize shell after the window is shown * 9.2.0520: Reversed text opacity in popup when termguicolor is set * 9.2.0519: GTK4: GUI tabline is not displayed correctly * 9.2.0518: GTK4: input method cannot compose text * 9.2.0517: quickfix: can set quickfixtextfunc in restricted/sandbox mode * 9.2.0516: socketserver: spurious error when servername is taken * 9.2.0515: virtualedit=insert doesn't work during change operation * 9.2.0514: GTK4: build errors when socketserver is enabled * 9.2.0513: [security]: memory safety issues in spellfile.c * 9.2.0512: clientserver uses binary protocol * 9.2.0511: configure: when GTK4 is used also links in X11 libs * 9.2.0510: setline() mapping may trigger autoindent * 9.2.0509: term.c: compile error when LOG_TRN is enabled * 9.2.0508: completion: cannot complete user cmd :K with 'ignorecase' * 9.2.0507: Vim9 class: public/protected member name clash uses same error * 9.2.0506: home_replace() function can be improved * 9.2.0505: GTK4: text looks blurry on HiDPI displays * 9.2.0504: configure: requires X11 libraries for GTK4 build * 9.2.0503: Makefile: Missing dependencies for new GTK4 source files * 9.2.0502: runtime(netrw): bookmark handling can be improved * 9.2.0501: GTK4: there is no GTK4 UI available * 9.2.0500: filetype: some html files wrongly recognized as htmlangular * 9.2.0499: modeline: allow to disable modelines with modelinestrict * 9.2.0498: potential heap buffer overflow in if_xcmdsrv.c * 9.2.0497: Cannot jump to remote tags * 9.2.0496: [security]: Code Injection in cucumber filetype plugin * 9.2.0495: [security]: runtime(netrw): code injection via NetrwBookHistSave() * 9.2.0494: User commands cannot handle single args with spaces * 9.2.0493: popup: missing Popup, PopupBorder and PopupTitle hi groups * 9.2.0492: popup: decoration wrongly drawn with clipping on border * 9.2.0491: VMS: various build issues * 9.2.0490: matchfuzzy() can crash on long multi-word patterns * 9.2.0489: filetype: some Objective-C files are not recognized * 9.2.0488: statusline: status line highlight blends into adjacent vsep cells * 9.2.0487: viminfo: possible signed int overflow in register array * 9.2.0486: out-of-bound read when recovering swap files * 9.2.0485: clipboard provider callback can be called recursively * 9.2.0484: TextPutPre triggers clipboard provider callback twice * 9.2.0483: popup: terminal embedded in an opacity popup freezes Vim on input * 9.2.0482: runtime(osc52): triggered twice with TextPutPoste autocmd * 9.2.0481: runtime(netrw): command injection possible via maps * 9.2.0480: [security]: runtime(netrw): code injection via mf command * 9.2.0479: [security]: runtime(tar): command injection in tar plugin * 9.2.0478: channel: redundant str/length assignments in channel_part_info() * 9.2.0477: popup: leftover content after popup_free under layout change * 9.2.0476: pattern completion leaks memory on alloc failures * 9.2.0475: runtime(netrw): bookmark paths not normalized * 9.2.0474: MS-Windows: hard to tell which Visual Studio version was selected with MSVC * 9.2.0473: Pasting ". register without autocommands breaks TextPut* * 9.2.0472: popup: column jitters when scrolled outside viewport * 9.2.0471: vimvars di_key initialized at runtime * 9.2.0470: No way to hook into put commands * 9.2.0469: popup: textprop-anchored popups bleed past host window edges * 9.2.0468: popups: not correctly updated from a CmdlineChanged autocommand * 9.2.0467: multi-line statusline loses highlighting attributes * 9.2.0466: popup: redraw can use stale blended cells * 9.2.0465: modeline: foldmarker cannot be set with modelinestrict * 9.2.0464: runtime(netrw): bookmarking directory uses current dir * 9.2.0463: Not able to use legacy expression evaluation in a vim9script maps * 9.2.0462: MS-Windows: workaround for assert error on GUI * 9.2.0461: Corrupted undofile causes use-after-free * 9.2.0460: did_set_shellpipe_redir() in wrong file * 9.2.0459: tests: test_termcodes fails (after v9.2.0456) * 9.2.0458: Crash with invalid shellredir/shellpipe value * 9.2.0457: Compile warning about unused variable * 9.2.0456: stray p character displayed on some terms * 9.2.0455: 'findfunc' only allows extra info for cmdline completion * 9.2.0454: tests: no test that "abbr" in customlist completion is shown * 9.2.0453: vertical separator of statusline blend into active statusline * 9.2.0452: screen.c popup opacity blend logic is duplicated * 9.2.0451: 'findfunc' can't return extra info for cmdline completion * 9.2.0450: [security]: heap buffer overflow in spellfile.c read_compound() * 9.2.0449: Make proto fails in non GTK builds ... changelog too long, skipping 63 lines ... runtime(doc): fix :z command description again ==== virtualbox ==== Version update (7.2.8 -> 7.2.10) - User note: Transitioning between virtualbox 7.2.8-or-earlier and 7.2.10-or-newer requires reloading kvm.ko to avoid a kernel panic. Alternatively, reboot the system. - Update to release 7.2.10 * VMM: Fixed issue when CentOS 10 VM was not booting with to the message "Fatal glibc error: CPU does not support x86-64-v3". * Devices/EFI: Fixed booting issue when ARM VM had less than 1024 MiB of RAM assigned. * Storage: Fixed issue when VIRTIO-SCSI device was not recognized as SSD device by guest system. * Network: Fixed issue in E1000 emulation code which triggered debug log creation. * Network: Fixed issue in E1000 emulation code which prevented OS/2 guest from booting. * Linux Host: Fixed issue when VMs could not be started due to kernel oops. * Linux Host and Guest: Fixed issue when kernel modules were failing to build with openSUSE 16.0 kernel. * Linux Host and Guest: Added initial support for kernel 7.1. * Linux Host and Guest: Added extra fixes for RHEL 9.8 kernel. * Linux Host and Guest: Added possibility to build source code using NASM instead of YASM as the assembler. * Linux Guest Additions: Added initial support for Extended Data Control Protocol for clipboard sharing with Plasma on Wayland guests. * Linux Guest Additions: Added extra fixes for preventing vboxvideo kernel module build with kernel version 7.0 and newer. * OS/2 Guest Additions: Fixed issue when Shared Folders automount and clipboard sharing stopped working. - Delete 0001-7.2-Backported-r173880-Linux-vboxdrv-Add-initial-sup.patch (obsolete), 0001-7.2-Backported-r173857-Additions-Linux-vboxsf-Add-in.patch (merged) ==== virtualbox-kmp ==== Version update (7.2.8_k7.0.12_1 -> 7.2.10_k7.0.12_1) - User note: Transitioning between virtualbox 7.2.8-or-earlier and 7.2.10-or-newer requires reloading kvm.ko to avoid a kernel panic. Alternatively, reboot the system. - Update to release 7.2.10 * VMM: Fixed issue when CentOS 10 VM was not booting with to the message "Fatal glibc error: CPU does not support x86-64-v3". * Devices/EFI: Fixed booting issue when ARM VM had less than 1024 MiB of RAM assigned. * Storage: Fixed issue when VIRTIO-SCSI device was not recognized as SSD device by guest system. * Network: Fixed issue in E1000 emulation code which triggered debug log creation. * Network: Fixed issue in E1000 emulation code which prevented OS/2 guest from booting. * Linux Host: Fixed issue when VMs could not be started due to kernel oops. * Linux Host and Guest: Fixed issue when kernel modules were failing to build with openSUSE 16.0 kernel. * Linux Host and Guest: Added initial support for kernel 7.1. * Linux Host and Guest: Added extra fixes for RHEL 9.8 kernel. * Linux Host and Guest: Added possibility to build source code using NASM instead of YASM as the assembler. * Linux Guest Additions: Added initial support for Extended Data Control Protocol for clipboard sharing with Plasma on Wayland guests. * Linux Guest Additions: Added extra fixes for preventing vboxvideo kernel module build with kernel version 7.0 and newer. * OS/2 Guest Additions: Fixed issue when Shared Folders automount and clipboard sharing stopped working. - Delete 0001-7.2-Backported-r173880-Linux-vboxdrv-Add-initial-sup.patch (obsolete), 0001-7.2-Backported-r173857-Additions-Linux-vboxsf-Add-in.patch (merged) ==== vmaf ==== Version update (3.1.0 -> 3.2.0) - Update to release 3.2.0 * Removed VIF (Visual Information Fidelity) as a core VMAF feature. VIF is computationally complex and did not meaningfully improve accuracy after updating the other features. * Introduced a few CAMBI-specific optimizations, both algorithmic and software. * The single-threaded processing speed improved by 70% and more, and still 44%+ for 16-threaded. * Measured the chroma feature at a lower scale, which does not hurt accuracy. ==== xkeyboard-config ==== Version update (2.47 -> 2.48) Subpackages: xkeyboard-config-lang - update to 2.48 * ca(multix): Fixes to match the standard   * symbols/pl: add colemak_dh_ortho variant   * symbols/es: Better placement for dead_caron/doubleacute   * Add Old Hung. Rudimenta UE to Carpth. Hl. variants   * symbols: add Mara (mrh) keyboard layout   * Add new layout for br thinkpad with nodeadkeys   * ci: Fix xkbcommon job   * inet: Update latest keysyms from xorgproto   * keycodes: Add Linux 7.0 key   * inet: Update latest keysyms from xorgproto   * vt(vt105): Fix mapping   * triage: Use bug report template by default   * triage: Improve issue & MR templates   * triage: Add bugbot tags to handle non-actionable reports   * triage: Close stale “Needs information” report earlier   * triage: Fix default issue template   * triage: Fix tag addition   * rules: Add new generator   * rules: Remove old generator   * build: Drop support for Python 3.9-3.10   * rules: Remove $nonlatin group   * types: Fix default KEYPAD   * types: Make numpad(microsoft) an alias of numpad(pc)   * types: Fix FOUR_LEVEL_X and numpad(shift3)   * types: Fix pc(default)   * types: Fix FOUR_LEVEL_KEYPAD and FOUR_LEVEL_MIXED_KEYPAD   * types: Fix typo   * chore: Remove spaces before `xkb_symbols`   * prerelease for translation updates   * updated translations   * removed whitespace ==== yast2-storage-ng ==== Version update (5.0.48 -> 5.0.49) - Add method to get the required package objects (needed for gh#agama-project/agama#3649). - 5.0.49 ==== yelp ==== Version update (49.1 -> 49.1+3) Subpackages: libyelp-1-0 yelp-lang - Update to version 49.1+3: + build: Remove include of gdkkeysyms.h + Updated translations.