Packages changed:
curl (8.9.1 -> 8.10.0)
hivex (1.3.23 -> 1.3.24)
libbpf (1.4.5 -> 1.4.6)
openSUSE-release (20240911 -> 20240912)
prctl (1.6 -> 1.7)
python-greenlet (3.0.3 -> 3.1.0)
python-httpx (0.27.0 -> 0.27.2)
selinux-policy (20240905 -> 20240912)
suse-module-tools (16.0.50 -> 16.0.51)
=== Details ===
==== curl ====
Version update (8.9.1 -> 8.10.0)
Subpackages: curl-zsh-completion libcurl4
- Update to version 8.10.0:
* Security fixes:
- [bsc#1230093, CVE-2024-8096] curl: OCSP stapling bypass with GnuTLS
* Changes:
- curl: make --rate accept "number of units"
- curl: make --show-headers the same as --include
- curl: support --dump-header % to direct to stderr
- curl: support embedding a CA bundle and --dump-ca-embed
- curl: support repeated use of the verbose option; -vv etc
- curl: use libuv for parallel transfers with --test-event
- vtls: stop offering alpn http/1.1 for http2-prior-knowledge
* Bugfixes:
- curl: allow 500MB data URL encode strings
- curl: warn on unsupported SSL options
- Curl_rand_bytes to control env override
- curl_sha512_256: fix symbol collisions with nettle library
- dist: fix reproducible build from release tarball
- http2: fix GOAWAY message sent to server
- http2: improve rate limiting of downloads
- INSTALL.md: MultiSSL and QUIC are mutually exclusive
- lib: add eos flag to send methods
- lib: make SSPI global symbols use Curl_ prefix
- lib: prefer `CURL_SHA256_DIGEST_LENGTH` over the unprefixed name
- lib: remove the final strncpy() calls
- lib: remove use of RANDOM_FILE
- Makefile.mk: fixup enabling libidn2
- max-filesize.md: mention zero disables the limit
- mime: avoid inifite loop in client reader
- ngtcp2: use NGHTTP3 prefix instead of NGTCP2 for errors in h3 callbacks
- openssl quic: fix memory leak
- openssl: certinfo errors now fail correctly
- openssl: fix the data race when sharing an SSL session between threads
- openssl: improve shutdown handling
- POP3: fix multi-line responses
- pop3: use the protocol handler ->write_resp
- progress: ratelimit/progress tweaks
- rand: only provide weak random when needed
- sectransp: fix setting tls version
- setopt: make CURLOPT_TFTP_BLKSIZE accept bad values
- sha256: fix symbol collision between nettle (GnuTLS) and OpenSSL
- sigpipe: init the struct so that first apply ignores
- smb: convert superflous assign into assert
- smtp: add tracing feature
- spnego_gssapi: implement TLS channel bindings for openssl
- src: delete `curlx_m*printf()` aliases
- ssh: deduplicate SSH backend includes (and fix libssh cmake unity build)
- tool_operhlp: fix "potentially uninitialized local variable 'pc' used"
- tool_paramhlp: bump maximum post data size in memory to 16GB
- transfer: skip EOS read when download done
- url: fix connection reuse for HTTP/2 upgrades
- urlapi: verify URL *decoded* hostname when set
- urldata: introduce `data->mid`, a unique identifier inside a multi
- vtls: add SSLSUPP_CIPHER_LIST
- vtls: fix static function name collisions between TLS backends
- vtls: init ssl peer only once
- websocket: introduce blocking sends
- ws: flags to opcodes should ignore CURLWS_CONT flag
- x509asn1: raise size limit for x509 certification information
* Remove curl-sigpipe.patch upstream
* Rebase curl-secure-getenv.patch
==== hivex ====
Version update (1.3.23 -> 1.3.24)
- Update hivex to version 1.3.24
* no changelog provided
==== libbpf ====
Version update (1.4.5 -> 1.4.6)
- update to 1.4.6:
* BPF skeleton forward compatibility fix (f6f2402);
* BTF endianness inheritance bug fix (fe28fae).
==== openSUSE-release ====
Version update (20240911 -> 20240912)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd
- automatically generated by openSUSE-release-tools/pkglistgen
==== prctl ====
Version update (1.6 -> 1.7)
- version update to 1.7
* Added missing defines to Makefile.in
* Replace pre-generated configure with configure.ac
* Added missing function types in prctl.c
- deleted patches
- prctl-1.5-Makefile.patch (partially, upstreamed, the rest in)
- prctl-1.5-warnings.patch (upstreamed)
- prctl-gcc14.patch (upstreamed)
- added patches
+ prctl-destdir.patch
==== python-greenlet ====
Version update (3.0.3 -> 3.1.0)
- Update to 3.1.0
* Adds support for Python 3.13.
* Greatly reduce the chances for crashes during interpreter shutdown.
* Support for the following platforms was contributed by the community.
Note that they are untested by this project's continuous integration
services.
+ Hitachi's SuperH CPU
+ NetBSD on PowerPC
+ RISC-V with -fno-omit-frame-pointer
- Drop port-to-python313.patch, merged upstream
==== python-httpx ====
Version update (0.27.0 -> 0.27.2)
- update to 0.27.2:
* Reintroduced supposedly-private `URLTypes` shortcut.
* Support for `zstd` content decoding using the python
`zstandard` package is added. Installable using
`httpx[zstd]`.
* Improved error messaging for `InvalidURL` exceptions.
* Fix `app` type signature in `ASGITransport`.
==== selinux-policy ====
Version update (20240905 -> 20240912)
Subpackages: selinux-policy-targeted
- Update to version 20240912:
* Allow systemd_ibft_rule_generator_t to create udev_rules_t dirs (bsc#1230011)
* Allow systemd_udev_trigger_generator_t list and read sysctls (bsc#1230315)
* Initial policy for udev-trigger-generator (bsc#1230315)
- Update to version 20240910:
* Allow init_t mount syslog socket (bsc#1230134)
* Allow init_t create syslog files (bsc#1230134)
* Introduce initial policy for btrfs-soft-reboot-generator (bsc#1230134)
==== suse-module-tools ====
Version update (16.0.50 -> 16.0.51)
Subpackages: suse-module-tools-scriptlets
- Update to version 16.0.51:
* Improve handling of /boot/vmlinuz and /boot/initrd symlinks
(boo#1207703)
* Add preliminary support for mkosi-initrd
* spec file: remove redundant dependency on sdbootutil