Packages changed: apparmor bluez bzip2 freetype2 (2.12.0 -> 2.12.1) libapparmor libseccomp (2.5.3 -> 2.5.4) libunwind (1.5.0 -> 1.6.2) libxml2 (2.9.13 -> 2.9.14) rpm snapper === Details === ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor - add php8-fpm-mr876.patch so that php8 php-fpm can read its config (boo#1186267#c11) - parser: add conflict with apparmor-utils < 3.0 to avoid aa-status file conflict on upgrade (boo#1198958) - utils: add missing dependency on apparmor-parser (boo#1198958#c4) ==== bluez ==== - add Requires(post): systemd for bluez-auto-enable-devices * fixes boo#1198906 ==== bzip2 ==== - Port rpmlintrc format to rpmlint 2.x. ==== freetype2 ==== Version update (2.12.0 -> 2.12.1) - drop revert-ft212-subpixel-hinting-change.patch: upstream - Update to 2.12.1: - Loading CFF fonts sometimes made FreeType crash (bug introduced in version 2.12.0) - Loading a fully hinted TrueType glyph a second time (without caching) sometimes yielded different rendering results if TrueType hinting was active (bug introduced in version 2.12.0). - The generation of the pkg-config file `freetype2.pc` was broken if the build was done with cmake (bug introduced in version 2.12.0). - The meson build no longer enforces both static and dynamic versions of the library by default. - The internal zlib library was updated to version 1.2.12. Note, however, that FreeType is *not* affected by CVE-2018-25032 since it only does decompression. - Drop freetype-2.12.0-cff_slot_load-segfault.patch - Drop 079a22da037835daf5be2bd9eccf7bc1eaa2e783.patch ==== libapparmor ==== - add php8-fpm-mr876.patch so that php8 php-fpm can read its config (boo#1186267#c11) - parser: add conflict with apparmor-utils < 3.0 to avoid aa-status file conflict on upgrade (boo#1198958) - utils: add missing dependency on apparmor-parser (boo#1198958#c4) ==== libseccomp ==== Version update (2.5.3 -> 2.5.4) - Deactive python3 by default, it's just not a good idea for ring0. - Update to release 2.5.4 * Update the syscall table for Linux v5.17. * Fix minor issues with binary tree testing and with empty binary trees. * Minor documentation improvements including retiring the mailing list. - buildrequire python-rpm-macros - reenable python bindings at least for the distro default python3 package: - adds make-python-build.patch ==== libunwind ==== Version update (1.5.0 -> 1.6.2) - update to 1.6.2: * Fix off-by-one error in x86_64 stack frames * Fix error in aarch64 unw_sigcontext * resolve possible null pointer dereference * Switch to C11 atomics * RISC-V support * aarch64 getcontext functionality ==== libxml2 ==== Version update (2.9.13 -> 2.9.14) Subpackages: libxml2-2 libxml2-tools - Update to 2.9.14: * Security: + [CVE-2022-29824] Integer overflow in xmlBuf and xmlBuffer + Fix potential double-free in xmlXPtrStringRangeFunction + Fix memory leak in xmlFindCharEncodingHandler + Normalize XPath strings in-place + Prevent integer-overflow in htmlSkipBlankChars() and xmlSkipBlankChars() + Fix leak of xmlElementContent * Bug fixes: + Fix parsing of subtracted regex character classes + Fix recursion check in xinclude.c + Reset last error in xmlCleanupGlobals + Fix certain combinations of regex range quantifiers + Fix range quantifier on subregex * Improvements: + Fix recovery from invalid HTML start tags * Build system, portability: + Define LFS macros before including system headers + Initialize XPath floating-point globals + configure: check for icu DEFS + configure.ac: produce tar.xz only (GNOME policy) + CMakeLists.txt: Fix LIBXML_VERSION_NUMBER + Fix build with older Python versions + Fix --without-valid build ==== rpm ==== Subpackages: librpmbuild9 - update rpm-shorten-changelog.diff: fix shortening of changelog, the non-primary binary packages had the full changelog - update macrosin.diff: remove binarychangelog cutoff setting, this comes from rpm-config-SUSE now ==== snapper ==== Subpackages: libsnapper6 - fixed error handling when reading configs (gh#openSUSE/snapper#715)