Packages changed: PackageKit (1.3.3 -> 1.3.4) avahi avahi-glib2 canokey-qemu cpio enchant (2.8.14 -> 2.8.15) exiv2 (0.28.3 -> 0.28.8) glib2-branding-openSUSE groff groff-full iio-sensor-proxy (3.8 -> 3.9) iso-codes (4.18.0 -> 4.20.1) jasper (4.2.8 -> 4.2.9) kbd libgedit-amtk (5.9.1 -> 5.9.2) libgedit-gfls (0.3.0 -> 0.3.1) liblouis (3.36.0 -> 3.37.0) libmodulemd (2.15.0 -> 2.15.2) libnotify (0.8.7 -> 0.8.8) openSUSE-release (20260305 -> 20260306) openexr (3.4.5 -> 3.4.6) python-anyio (4.12.0 -> 4.12.1) python-gobject (3.54.5 -> 3.56.0) sonnet unzip vim (9.2.0045 -> 9.2.0110) virtiofsd xdg-desktop-portal (1.20.3 -> 1.21.0) === Details === ==== PackageKit ==== Version update (1.3.3 -> 1.3.4) Subpackages: PackageKit-backend-zypp PackageKit-gstreamer-plugin PackageKit-gtk3-module PackageKit-lang libpackagekit-glib2-18 typelib-1_0-PackageKitGlib-1_0 - Update to version 1.3.4: + This version introduces the new DNF5 backend for distributions that use DNF. + The "pkgctl" utility has been renamed to "pkgcli" to avoid a name clash with an Arch Linux-specific developer tool that has the same binary name. It is also now built by default. + Features: - Build pkgctl by default - pkgctl: Add manual page - pkgctl: Add basic bash-completion support - Rename the pkgctl utility to pkgcli - pkgcli: Autoremove unused dependencies by default - Changes to various backends: alpm, apt, dnf, dnf5, freebsd - Drop PackageKit-1.3.3-Initial-DNF5-Backend.patch: fixed upstream - BuildRequire pkgconfig(jansson): dependency needed for pkgcli. - Add docbook5-xsl-stylesheets BuildRequires: new dependency - Backport upstream patch to fix build: + 11c5f1f34f48b58ee10acec839dd01a31728704b.patch - Pass -dlegacy_tools=true to meson: build the legacy tools (pkcon/pkmon) for the time being. ==== avahi ==== Subpackages: avahi-lang libavahi-client3 libavahi-client3-32bit libavahi-common3 libavahi-common3-32bit libavahi-core7 - Use libalternative instead of update-alternatives in TW and SLFO (jsc#PED-14835). ==== avahi-glib2 ==== - Use libalternative instead of update-alternatives in TW and SLFO (jsc#PED-14835). ==== canokey-qemu ==== - Fix more GCC 16 failures (still in bsc#1256957) * Modifies patch: mbedtls-fix-building-with-GCC-16.patch ==== cpio ==== Subpackages: cpio-lang cpio-mt - Remove update-alternatives %post scripts for SLES 16.x future releases (jsc#PED-15643, bsc#1245890) ==== enchant ==== Version update (2.8.14 -> 2.8.15) Subpackages: enchant-2-backend-hunspell enchant-data libenchant-2-2 - Update to version 2.5.15: + This release fixes two bugs related to personal word lists. - First, removing a word that happens to be at the end of a personal word list file has not worked since 2.7.0. - Secondly, the way that personal word lists are merged with the current session has been changed so that personal word list words now appear in suggestions with providers that support adding words to the current session (Aspell and Hunspell). This previously worked, but hadn’t since at least 2.8.2. Thanks to the users and maintainers of jinx (spelling package for Emacs that uses Enchant) for reporting and helping reproduce this bug. - A little code clean-up was also done. ==== exiv2 ==== Version update (0.28.3 -> 0.28.8) Subpackages: libexiv2-28 libexiv2-28-x86-64-v3 - update to 0.28.8 (bsc#1259083, CVE-2026-25884, bsc#1259085, CVE-2026-27631, bsc#1259084, CVE-2026-27596): * [CVE-2026- 25884](https://github.com/Exiv2/exiv2/security/advisories/GHS A-9mxq-4j5g-5wrp) * [CVE-2026- 27596](https://github.com/Exiv2/exiv2/security/advisories/GHS A-3wgv-fg4w-75x7) * [CVE-2026- 27631](https://github.com/Exiv2/exiv2/security/advisories/GHS A-p2pw-7935-c73j) - Update to 0.28.7: * Reverts an ABI incompatibility that was accidentally introduced in v0.28.6; * Fixes two low-severity vulnerabilities: [CVE-2025-54080](https://github.com/Exiv2/exiv2/security/advisories/GHSA-496f-x7cq-cq39) [CVE-2025-55304](https://github.com/Exiv2/exiv2/security/advisories/GHSA-m54q-mm9w-fp6g) * Fixes a use-after-free vulnerability in `tiffcomposite_int.cpp`: [CVE-2025-26623](https://github.com/Exiv2/exiv2/security/advisories/GHSA-38h4-fx85-qcx7) (CVE-2025-55304, bsc#1248963, CVE-2025-54080, bsc#1248962) ==== glib2-branding-openSUSE ==== - Make the key name and comments for org.gnome.settings-daemon.plugins.power Leap and SLE specific. - Make SUSE Mono font default for GNOME in SLE and Leap from 16.1 (jsc#PED-13370). ==== groff ==== Subpackages: soelim-common - Remove update-alternatives %post scripts for SLES 16.x future releases (jsc#PED-15656, bsc#1245900) ==== groff-full ==== Subpackages: gxditview - Remove update-alternatives %post scripts for SLES 16.x future releases (jsc#PED-15656, bsc#1245900) ==== iio-sensor-proxy ==== Version update (3.8 -> 3.9) - Update to version 3.9: + SSC sensors are now supported through libssc. Light and compass sensor are enabled by default. Accelerometer and proximity remain experimental, but can be enabled through udev rules. + SSC sensor support. + Logging improvements for sensor discovery. + Fix race condition during startup. - Pass ssc-support=disabled to meson setup, libssc is not available in any current versions of openSUSE. ==== iso-codes ==== Version update (4.18.0 -> 4.20.1) - Update to version 4.20.1: + Install symlinks for obsolete .po filenames - Changes from version 4.20.0: + Switch from autotools to meson build system + The project is now fully compliant with version 3.3 of the REUSE specification + Updated translations. - Follow upstream, switch to meson build system: + Add meson remove pkgconfig BuildRequires + use meson/meson_build/meson_install macros instead of configure/make_build/make_install. ==== jasper ==== Version update (4.2.8 -> 4.2.9) - Update to 4.2.9: * Fix a bug in the JP2 encoder that caused incorrect handling of opacity components in some cases. (#392) ==== kbd ==== Subpackages: libkbdfile1 libkeymap1 libkfont0 - Implement setfont --quiet to suppress warning from systemd-vconsole-setup (boo#1212970, kbd-setfont-quiet.patch). ==== libgedit-amtk ==== Version update (5.9.1 -> 5.9.2) Subpackages: libgedit-amtk-5-0 libgedit-amtk-5-lang typelib-1_0-Amtk-5 - Update to version 5.9.2: + Updated translations. ==== libgedit-gfls ==== Version update (0.3.0 -> 0.3.1) Subpackages: libgedit-gfls-1-0 libgedit-gfls-lang - Update to version 0.3.1: + Updated translations. ==== liblouis ==== Version update (3.36.0 -> 3.37.0) Subpackages: liblouis-data liblouis20 python3-louis - Update to version 3.37.0: + The nice thing about creating a release is that you get to bring in all these wonderful contributions that people have provided. This time we have new and improved braille tables for Danish, Devanagari, English grade 3, Estonian 6-dot, Hungarian, Italian 6-dot, Norwegian and UK 8-dot computer. Anthony has done incredible work to fix obscure opcode bugs. XANOY and PGZXB have patched many security problems and finally Benedict Carling has improved typeform handling for back-translation so that it is finally usable. ==== libmodulemd ==== Version update (2.15.0 -> 2.15.2) - Update to version 2.15.2: + module_index test now passes if RPM library is built without bzip2 or xx compression support and libmodulemd is configured to support decompression using the RPM library. - Changes from version 2.15.1: + A new g_variant_store: assertion 'data != NULL' failed warning added to GLib 2.84.1 when processing modulemd YAML documents with /data/xmd field with an empty flow map ({}) value was fixed. + Building documentation now works with GLib 2.80.1 at the expense of missing cross links from libmodulemd to GLib. If it still fails you, you can disable building the documentation with -Dwith_docs=false meson option. + A number of warnings printed by recent Meson was reduced. - Add 89d4afb3.patch: tests: Adapt to glib 2.87.0 - Add e33ecf1c.patch: tests: Adapt to pygobject 3.55.0 - Drop upstream merged patches: + 29c339a3.patch + 9d280909.patch + glib-2.80.2-glibdoc-path.patch ==== libnotify ==== Version update (0.8.7 -> 0.8.8) Subpackages: libnotify-tools libnotify4 typelib-1_0-Notify-0_7 - Update to version 0.8.8: + This release contains various fixes to have better handing for icons, addressing issues due to recent changes, as well with improvements and new features for notify-send. + Added a fully-functional notify-send test suite, thus we encourage distributors to run the tests through meson. + notification-hints: Define notification hints with constant values + notification: - Use better URI parsing for icons - Improve property changes notifications - Replace actions added with an existing name - Fail on invalid action invocation - Simplify the logic to support the legacy hints names - Use the icon as icon-name, not as app-icon - Improve reading images when inside a portal + notify-send: - Support parsing hex byte hints - Set both the image path and the app-icon - Add an option to override the app-icon on notification - Add support to write the notification ID to a FD - Add support to write the activated action to a FD - Add support to write the activation token to a FD + tests: Add exensive notify-send test suite and coverage check + Bugs fixed: - The closed signal only fires once - Icon handling requires call to notify_get_server_info - Drop pkgconfig(gtk+-3.0) BuildRequires: No longer needed. ==== openSUSE-release ==== Version update (20260305 -> 20260306) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== openexr ==== Version update (3.4.5 -> 3.4.6) Subpackages: libIex-3_4-33 libIex-3_4-33-x86-64-v3 libIlmThread-3_4-33 libIlmThread-3_4-33-x86-64-v3 libOpenEXR-3_4-33 libOpenEXR-3_4-33-x86-64-v3 libOpenEXRCore-3_4-33 libOpenEXRCore-3_4-33-x86-64-v3 - version update to 3.4.6 * :bug: A limit of ``UINT_MAX`` deep samples per pixel is now enforced, which prevents an integer overflow when using the `CompositeDeepScanLine` API to combine multiple deep parts. * :bug: `IlmThread` now builds properl with glibc 2.43. * :wrench: In `IlmThreadPool`, replace deprecated `std::atomic_load / std::atomic_exchange` overloads for `std::shared_ptr` with the C++20 `std::atomic>` interface when available. * :bug: The ``ZIP`` and ``ZIPS`` Compressor objects had incorrect compression types set, although the ill effects were miminal as the value is seldom used. * :bug: Enable SSE2 on 32-bit x86 builds to fix test failures - fixes CVE-2026-27622 (bsc#1259177) ==== python-anyio ==== Version update (4.12.0 -> 4.12.1) - update to 4.12.1: * Changed all functions currently raising the private NoCurrentAsyncBackend exception (since v4.12.0) to instead raise the public NoEventLoopError exception * Fixed anyio.functools.lru_cache not working with instance methods ==== python-gobject ==== Version update (3.54.5 -> 3.56.0) Subpackages: python311-gobject python311-gobject-Gdk python311-gobject-cairo python313-gobject python313-gobject-Gdk python313-gobject-cairo - Update to version 3.56.0: + Handle caller-allocated fixed-size C-Arrays + Fix reading array length on big-endian + Invoke `do_constructed` for object constructed by GObject directly + events: fix main context iteration without thread default - Update to version 3.55.3: + Add typing annotations to `GLib` and `GObject` overrides + Do not allow `__slots__` in GObject subclasses + Documentation updates + overrides/GLib: Add wrappers for `GLibUnix` split + Fix leak in object initialization + asyncio support without EventLoopPolicy + Fix crash in string/array marshalling + Update class type on wrapper destruction - Changes from version 3.55.2: + Use cache logic for field/property/constant/signal closure marshalling + Refactor struct and object marshaller code + Remove wrappers for `GLib.OptionContext` and `GLib.OptionGroup` + Fix issue when Python objects are garbage collected + Windows build failure with Python 3.13 + Refactoring - Changes from version 3.55.1: + Enable `-Wswitch-enum` compiler option + Pass `GIArgument` as value argument + Support unichar properties + Minimum supported Python version is 3.10 + docs: Add conda and pixi to getting started + Fix a few memory leaks, refactorings and cleanup + docs: Website updates + Add backwards compatibility for `Gdk.PaintableFlags.SIZE`/`CONTENTS` + Fix missing instance variables when objects are garbage collected + Use a (temporary) object to make sure `do_dispose()` is called + Call `do_constructed()` at the end of object initialization - Changes from version 3.55.0: + Most notable changes are the removal of toggle references. If you use python weakrefs to track PyGObjects, you should change that to `GObject.Object.weak_ref()`. + An environment variable `PYGI_OVERRIDES_PATH` can be set to add additional override paths (especially for testing). + Remove `GLib.options` module + Support generic parameters for `Gio.ListStore` + Cleanup: replace arguments in cache objects by functions + Always sink floating objects + Excempt GioPlatform namespaces from require_version check + (backwards compat) Expose platform symbols through Gio module + Update pythoncapi-compat + Add PYGI_OVERRIDES_PATH environment variable + Provide the intended GioUnix API, even on older GLib + Code refactorings + Remove `pygtkcompat` completely + Array improvements + Fix memory leak when array construction fails + Unify properties handling + Replace toggle references ==== sonnet ==== Subpackages: libKF5SonnetCore5 libKF5SonnetCore5-lang libKF5SonnetUi5 sonnet-imports - Added sonnet-spellcheckdecorator.patch (kde#492444 boo#1256892). ==== unzip ==== Subpackages: unzip-doc - Remove update-alternatives %post scripts for SLES 16.x future releases (jsc#PED-15658, jsc#PED-15659, bsc#1245929, bsc#1245930) ==== vim ==== Version update (9.2.0045 -> 9.2.0110) Subpackages: vim-data vim-data-common xxd - update to version 9.2.0110: * patch 9.2.0110: No support for terminal synchronization mode * patch 9.2.0109: VIM_BACKTICK is always defined except for tiny builds * patch 9.2.0108: byteidx_common() and f_utf16idx() call ptr2len() twice * patch 9.2.0107: tests: Test_statuslineopt() is flaky * patch 9.2.0106: memory leak in expand_findfunc() * patch 9.2.0105: memory leak in heredoc_get() in src/evalvars.c * patch 9.2.0104: popup: flickering on opaque popups with overlapping text * patch 9.2.0103: missing FEAT_MENU guard for w_winbar_height in window.c * patch 9.2.0102: 'listchars' "leadtab" not used in :list * patch 9.2.0101: statusline drawing issue for multi-lines * patch 9.2.0100: Using reserved keyword new as function argument * patch 9.2.0099: compiler warning about unused variable * patch 9.2.0098: Coverity: Error handling issue in win_init() * runtime(syntax-tests): regenerate dump files (after v9.2.0093) * patch 9.2.0097: Memory leak in qf_push_dir() * patch 9.2.0096: has() function is slow due to linear feature scan * patch 9.2.0095: keypad keys may shadow normal keys * translation: regenerate po/vim.pot after v9.2.0093 * patch 9.2.0094: popup: concealed text causes incorrect truncation * patch 9.2.0093: Not possible to have window-local highlighting groups * patch 9.2.0092: control flow commands using '|' fail inside a {} block * runtime(nickel): Add filetype plugin with com, cms settings * patch 9.2.0091: missing out-of-memory checks in quickfix.c * runtime(po): Update syntax script * runtime(doc): Tweak doc style in options.txt * patch 9.2.0090: "leadtab" behavior inconsistent on line with only TABs * patch 9.2.0089: netrw: does not take port into account in hostname validation * translation: regenerate po/vim.pot after v9.2.0088 * runtime(osc52): Omit paste from the osc52 provider when g:osc52_disable_paste is enabled * patch 9.2.0088: cannot display tabs for indentation * patch 9.2.0087: popup: redrawing can be improved when moving popups * patch 9.2.0086: Coverity complains that ScreenLines can be NULL * patch 9.2.0085: tests: test_clientserver.vim is flaky * runtime(xkb): Include a simple xkb ftplugin * translation: regenerate po/vim.pot after v9.2.0083 * patch 9.2.0084: Vim9: isn_get_calltype() can be improved * patch 9.2.0083: Cannot have a mutli-line statusline * patch 9.2.0082: Patch v9.2.0052 was wrong * patch 9.2.0081: Failed "z=" does not reset 'nospell' setting * runtime(julia): Update julia ftplugin * patch 9.2.0080: popup: a few redrawing problems * runtime(vim): Update base syntax, improve :syntax group list arg matching * patch 9.2.0079: memory leak in eval_dict() * patch 9.2.0078: [security]: stack-buffer-overflow in build_stl_str_hl() * patch 9.2.0077: [security]: Crash when recovering a corrupted swap file * patch 9.2.0076: [security]: buffer-overflow in terminal handling * patch 9.2.0075: [security]: Buffer underflow with emacs tag file * patch 9.2.0074: [security]: Crash with overlong emacs tag file * patch 9.2.0073: [security]: possible command injection using netrw * patch 9.2.0072: inside_block() uses wrong index in loop * patch 9.2.0071: Vim9: lambda function deleted on re-sourcing * patch 9.2.0070: tests: various tests leave swapfiles around * runtime(env): add ftplugin for env filetype * patch 9.2.0069: highlight: incorrect string length and redundant code * patch 9.2.0068: Inefficient use of list_append_string() * patch 9.2.0067: memory leak in dict_extend_func() * patch 9.2.0066: memory leak in build_drop_cmd() * patch 9.2.0065: memory leak in invoke_sync_listeners() * patch 9.2.0064: popup: opacity feature causes flickering * patch 9.2.0063: memory leak in type_name_list_or_dict() * patch 9.2.0062: Using the wrong field with DAP channel mode * patch 9.2.0061: Not possible to know when a session will be loaded * patch 9.2.0060: No support for the DAP channel mode * patch 9.2.0059: memory leak in fill_assert_error * patch 9.2.0058: Compile error in did_set_previewpopup() * patch 9.2.0057: memory leak in exe_newdict() * patch 9.2.0056: memory leak in ex_substitute * patch 9.2.0055: memory leak in ExpandFromContext() * patch 9.2.0054: eval_addblob() is inefficient * patch 9.2.0053: Vims list concatenation is inefficient * patch 9.2.0052: Wayland: hiding lower half of command line in tiny vim * patch 9.2.0051: 'previewpopup' is missing features available in 'completepopup' * patch 9.2.0050: WM_SETFOCUS not handled immediately * patch 9.2.0049: Vim9: typename() wrong for lists/dicts/tuples with shared references * patch 9.2.0048: MS-Windows: ConPTY not yet preferred * patch 9.2.0047: Vim9: Comment parsing error with lambda * runtime(sshconfig): Add 3 additional keywords to syntax script * patch 9.2.0046: filetype: neon files are not recoginzed ==== virtiofsd ==== - Update vendor.tar.xz: Fix CVE-2026-25727 (bsc#1257912). ==== xdg-desktop-portal ==== Version update (1.20.3 -> 1.21.0) Subpackages: xdg-desktop-portal-lang - Update to version 1.21.0: + New Features: - Add the has_current_page and has_selected_pages options to the Print Portal - Allow running the tests with Valgrind's memcheck - Add the ConfigureShortcuts method to the Global Shortcuts Portal - Send activation tokens in the actiavated and deactiavated signals on the Global Shortcuts Portal - Add a new reduced motion setting to the Settings Portal - Support linyaps applications - Add missing cell broadcast severities to the Notification Portal + Enhancements: - Code cleanup - Code refactoring - Documentation improvements - New and updated translations - Improve various permission dialog texts - Release procedure clarifications - Updates to ASAN suppressions - Make XdpAppInfo more testable - Use the new PIDFD_GET_PID_NAMESPACE ioctl to get the pidns - Improvements to the heuristics to translate a path in the sandbox to a path on the host - Improve the mocking of the GeoClue service - Make the camera permissions per-App on the host again - Clean up permissions and desktop IDs usage - Improve PID translations for host Apps - Show an appropriate error when access to remote documents fails - Require a valid AppID from apps in RequestBackground to enable autostart - Require a valid AppID from apps to use the Global Shortcuts Portal - Test and document Notification Portal backward compatibilities - Improve the heuristic to detect the App ID for host apps - Add Merge Requirements documentation - Initialize the Secret Portal asynchronously to avoid blocking when the secret service is not available - Do not allow requesting a zero capability from the Input Capture Portal - Require GLib version 2.76 and drop the related compatibility code + Bug Fixes: - Fix a crash when loading information from Flatpak apps - Fix fd handling to prevent EBADF errors - Add a fallback code path for GLib older than 2.76 - Don't require a .desktop file for Flatpak and Snap apps - Fix a crash when calling GlobalShortcuts.BindShortcuts with an empty list - Fix a crash when passing Request token handles which contain - - Fix tests on systems without access to /proc/cmdline - Stop accidentally running pytests of subprojects - Give up trying to unmount an existing fuse mount when shutting down the Document Portal - Fix compilation on Debian Testing, caused by a wrong cast - Fix ownership of pidfd for XdpAppInfos - Fix uninitialized variables - Do not give access to read-only USB devices when read-write access was requested - Do not kill PID 0 and handle races properly - Fix forwarding the available-source-types and available-cursor-modes from the backend - Ensure valid WAYLAND_DISPLAY/DISPLAY by launching after the graphical session target