Packages changed: apache2-mod_php8 (8.4.13 -> 8.4.14) gdk-pixbuf (2.44.3 -> 2.44.4) glib2 (2.86.0 -> 2.86.1) glycin-loaders (2.0.3 -> 2.0.4) gnome-tour (49.0.openSUSE+git20251016.669c499 -> 49.0.openSUSE+git20251020.478f3eb) graphviz (12.2.1 -> 14.0.0) grub2 java-21-openjdk (21.0.8.0 -> 21.0.9.0) kdbg (3.1.0 -> 3.2.0) kernel-source (6.17.4 -> 6.17.5) lcms2 (2.16 -> 2.17) libglycin (2.0.3 -> 2.0.4) librsvg (2.61.1 -> 2.61.2) llvm21 (21.1.3 -> 21.1.4) luajit (5.1.2.1.0+git.1741730670.538a821 -> 2.1.20250826) mutter (49.1 -> 49.1.1) openSUSE-release (20251024 -> 20251027) perl-HTTP-Message (7.0.0 -> 7.10.0) perl-libwww-perl (6.800.0 -> 6.810.0) php8 (8.4.13 -> 8.4.14) python-gobject (3.54.3 -> 3.54.5) xen (4.20.1_04 -> 4.20.1_06) xfdesktop yast2-trans (84.87.20251018.189b3dd61e -> 84.87.20251021.5e431d2e7b) === Details === ==== apache2-mod_php8 ==== Version update (8.4.13 -> 8.4.14) - version update to 8.4.14 Core: Fixed bug GH-19765 (object_properties_load() bypasses readonly property checks). Fixed hard_timeout with --enable-zend-max-execution-timers. Fixed bug GH-19792 (SCCP causes UAF for return value if both warning and exception are triggered). Fixed bug GH-19653 (Closure named argument unpacking between temporary closures can cause a crash). Fixed bug GH-19839 (Incorrect HASH_FLAG_HAS_EMPTY_IND flag on userland array). Fixed bug GH-19480 (error_log php.ini cannot be unset when open_basedir is configured). Fixed bug GH-20002 (Broken build on *BSD with MSAN). CLI: Fix useless "Failed to poll event" error logs due to EAGAIN in CLI server with PHP_CLI_SERVER_WORKERS. Curl: Fix cloning of CURLOPT_POSTFIELDS when using the clone operator instead of the curl_copy_handle() function to clone a CurlHandle. Fix curl build and test failures with version 8.16. Date: Fixed GH-17159: "P" format for ::createFromFormat swallows string literals. DOM: Fix macro name clash on macOS. Fixed bug GH-20022 (docker-php-ext-install DOM failed). GD: Fixed GH-19955 (imagefttext() memory leak). MySQLnd: Fixed bug #67563 (mysqli compiled with mysqlnd does not take ipv6 adress as parameter). Opcache: Fixed bug GH-19669 (assertion failure in zend_jit_trace_type_to_info_ex). Fixed bug GH-19831 (function JIT may not deref property value). Fixed bug GH-19889 (race condition in zend_runtime_jit(), zend_jit_hot_func()). Phar: Fix memory leak and invalid continuation after tar header writing fails. Fix memory leaks when creating temp file fails when applying zip signature. SimpleXML: Fixed bug GH-19988 (zend_string_init with NULL pointer in simplexml (UB)). Soap: Fixed bug GH-19784 (SoapServer memory leak). Fixed bug GH-20011 (Array of SoapVar of unknown type causes crash). Standard: Fixed bug GH-12265 (Cloning an object breaks serialization recursion). Fixed bug GH-19701 (Serialize/deserialize loses some data). Fixed bug GH-19801 (leaks in var_dump() and debug_zval_dump()). Fixed bug GH-20043 (array_unique assertion failure with RC1 array causing an exception on sort). Fixed bug GH-19926 (reset internal pointer earlier while splicing array while COW violation flag is still set). Fixed bug GH-19570 (unable to fseek in /dev/zero and /dev/null). Streams: Fixed bug GH-19248 (Use strerror_r instead of strerror in main). Fixed bug GH-17345 (Bug #35916 was not completely fixed). Fixed bug GH-19705 (segmentation when attempting to flush on non seekable stream. XMLReader: Fixed bug GH-20009 (XMLReader leak on RelaxNG schema failure). Zip: Fixed bug GH-19688 (Remove pattern overflow in zip addGlob()). Fixed bug GH-19932 (Memory leak in zip setEncryptionName()/setEncryptionIndex()). ==== gdk-pixbuf ==== Version update (2.44.3 -> 2.44.4) Subpackages: gdk-pixbuf-lang gdk-pixbuf-query-loaders libgdk_pixbuf-2_0-0 typelib-1_0-GdkPixbuf-2_0 - Update to version 2.44.4: + glycin: - Make svgz work - Support saving avif + docs: Add deprecation tags for GdkPixbufAnimation + bmp: Fix loading of bottom-up images ==== glib2 ==== Version update (2.86.0 -> 2.86.1) Subpackages: glib2-lang glib2-tools libgio-2_0-0 libgirepository-2_0-0 libglib-2_0-0 libglib-2_0-0-32bit libgmodule-2_0-0 libgobject-2_0-0 libgthread-2_0-0 typelib-1_0-GIRepository-3_0 typelib-1_0-GLib-2_0 typelib-1_0-GModule-2_0 typelib-1_0-GObject-2_0 typelib-1_0-Gio-2_0 - Update to version 2.86.1: + Bugs fixed: - GIRepository: union fields offsets for compiled typelibs all have offset 0xffff - `gio/tests/socket-listener` requires dlsym - GLib.OptionContext's get_help() includes width of invisible options - Memory leak related to g_get_home_dir - Gio.AppInfo.launch_default_for_uri_async crashes with non-existent paths - GNetworkMonitor's netlink backend doesn't notify connectivity change - ghash: Fix entry_is_big for CHERI architecture - ghash: Handle all table sizes in iterator - gbookmarkfile: Escape icon href and mime-type - docs: Add Luca Bacci as a co-maintainer of the Windows code - tests: Fix clang compilation warnings - gmem: Replace SIZE_OVERFLOWS with g_size_checked_mul - gstrfuncs: Check string length in g_strescape - gutils: Improve load_user_special_dirs' user-dirs.dirs parser - gutils: Handle singletons in unlocked functions - ghostutils: Treat 0x80 (and above) as non-ASCII - various fixes to user-dirs.dirs handling in gutils - girnode: Fix computation of union member offsets - gopenuriportal: Fix a crash when the file can’t be opened - gtype: Use transfer none for types (un)ref functions - gnetworkmonitorbase: Add missing notify::connectivity signal + Updated translations. ==== glycin-loaders ==== Version update (2.0.3 -> 2.0.4) - Update to version 2.0.4: + This release contains the following new component versions: - glycin-heif 2.0.4 - glycin-image-rs 2.0.4 - glycin-jpeg2000 2.0.4 - glycin-jxl 2.0.4 - glycin-raw 2.0.4 - glycin-svg 2.0.4 - glycin-utils 4.0.4 - glycin 3.0.4 - libglycin 2.0.4 - libglycin-gtk4 2.0.4 + Fixed: - D-Bus connections were never completely closed, causing a memory and FD leak. - Default to loop for animations if no explicit value is set. This fixed as backward compatibility issue when glycin/libglycin is not a .3 or later. - Support having symlinks in a directory that is already a symlink and both a explicitly picked up by fontconfig. ==== gnome-tour ==== Version update (49.0.openSUSE+git20251016.669c499 -> 49.0.openSUSE+git20251020.478f3eb) Subpackages: gnome-tour-data gnome-tour-lang opensuse-welcome opensuse-welcome-lang - Replace appstream-glib with AppStream BuildRequires, meson setup checks for it, and it was already pulled in via other dependencies. - Use custom icon and destop name in opensuse-welcome bsc#1252287 ==== graphviz ==== Version update (12.2.1 -> 14.0.0) Subpackages: libpathplan4 libxdot4 - Update to 14.0.0 * Changes see ChangeLog.md - Remove unneeded patches (fixed mainline): D graphviz-array_overflow.patch D graphviz-no_php_extra_libs.patch D graphviz-useless_warnings.patch D swig-4.1.0.patch - Remove old, unneeded condition: if 0%{?suse_version} == 1315 ==== grub2 ==== Subpackages: grub2-common grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-efi-bls - Fix "sparse file not allowed" error after grub2-reboot (bsc#1245738) * grub2-grubenv-in-btrfs-header.patch - Fix PowerPC network boot prefix to correctly locate grub.cfg (bsc#1249385) * 0001-ieee1275-Use-net-config-for-boot-location-instead-of.patch ==== java-21-openjdk ==== Version update (21.0.8.0 -> 21.0.9.0) Subpackages: java-21-openjdk-headless - Update to upstream tag jdk-21.0.9+10 (October 2025 CPU) * Security fixes: + JDK-8352637: Enhance bytecode verification + JDK-8356294, CVE-2025-53066, bsc#1252417: Enhance Path Factories + JDK-8359454, CVE-2025-61748, bsc#1252418: Enhance String handling + JDK-8360937, CVE-2025-53057, bsc#1252414: Enhance certificate handling * Other fixes: + JDK-7036144: GZIPInputStream readTrailer uses faulty available() test for end-of-stream + JDK-8079786: [macosx] Test java/awt/Frame/DisposeParentGC/ /DisposeParentGC.java fails for Mac only + JDK-8167252: Some of Charset.availableCharsets() does not contain itself + JDK-8185429: [macos] After a modal dialog is closed, no window becomes active + JDK-8203867: Delete test java/awt/TrayIcon/ /DblClickActionEventTest/DblClickActionEventTest.html + JDK-8217914: java/net/httpclient/ /ConnectTimeoutHandshakeSync.java failed on connection refused while doing POST + JDK-8226919: attach in linux hangs due to permission denied accessing /proc/pid/root + JDK-8249825: Tests sun/security/ssl/SSLSocketImpl/ /SetClientMode.java and NonAutoClose.java marked with @ignore + JDK-8259540: MissingResourceException for key cvc-complex-type.2.4.d.1 + JDK-8261242: [Linux] OSContainer::is_containerized() returns true when run outside a container + JDK-8279005: sun/tools/jstat tests do not check for test case exit codes after JDK-8245129 + JDK-8280818: Expand bug8033699.java to iterate over all LaFs + JDK-8293713: java/net/httpclient/BufferingSubscriberTest.java fails in timeout, blocked in submission publisher + JDK-8302293: jar --create fails with IllegalArgumentException if archive name is shorter than 3 characters + JDK-8302744: Refactor Hotspot container detection code + JDK-8304674: File java.c compile error with - fsanitize=address -O0 + JDK-8308633: Increase precision of timestamps in g1 log + JDK-8309238: jdk/jfr/tool/TestView.java failed with "exitValue = 134" + JDK-8309627: Incorrect sorting of DirtyCardQueue buffers + JDK-8309899: Rename PtrQueueSet::buffer_size() + JDK-8310264: In PhaseChaitin::Split defs and phis are leaked + JDK-8310974: NMT: Arena diffs miss the scale + JDK-8311644: Server should not send bad_certificate alert when the client does not send any certificates + JDK-8313083: Print 'rss' and 'cache' as part of the container information + JDK-8313355: javax/management/remote/mandatory/notif/ /ListenerScaleTest.java failed with "Exception: Failed: ratio=792.2791601423487" + JDK-8313367: SunMSCAPI cannot read Local Computer certs w/o Windows elevation + JDK-8314166: Update googletest to v1.14.0 + JDK-8314611: Provide more explicative error message parsing Currencies + JDK-8314978: Multiple server call from connection failing with expect100 in getOutputStream + JDK-8319067: ProblemList serviceability/AsyncGetCallTrace/ /MyPackage/ASGCTBaseTest.java on linux-aarch64 in Xcomp mode + JDK-8319174: Enhance robustness of some j.m.BigInteger constructors + JDK-8319598: SMFParser misinterprets interrupted running status + JDK-8319932: [JVMCI] class unloading related tests can fail on libgraal + JDK-8320189: vmTestbase/nsk/jvmti/scenarios/bcinstr/BI02/ /bi02t001 memory corruption when using -Xcheck:jni + JDK-8320769: Remove ill-adviced "make install" target + JDK-8320858: Move jpackage tests to tier3 + JDK-8320859: gtest high malloc footprint caused by BufferNodeAllocator stress test + JDK-8322420: [Linux] cgroup v2: Limits in parent nested control groups are not detected + JDK-8322992: Javac fails with StackOverflowError when compiling deeply nested synchronized blocks + JDK-8325397: sun/java2d/Disposer/TestDisposerRace.java fails in linux-aarch64 + JDK-8326606: Test javax/swing/text/BoxView/6494356/ /bug6494356.java performs a synchronization on a value based class + JDK-8326705: Test CertMsgCheck.java fails to find alert certificate_required + JDK-8327125: SpinYield.report should report microseconds + JDK-8327748: Convert javax/swing/JFileChooser/6798062/ /bug6798062.java applet test to main + JDK-8327750: Convert javax/swing/JFileChooser/ /FileFilterDescription/FileFilterDescription.java applet test to main + JDK-8327751: Convert javax/swing/JInternalFrame/6726866/ /bug6726866.java applet test to main + JDK-8327752: Convert javax/swing/JOptionPane/4174551/ /bug4174551.java applet to main + JDK-8327753: Convert javax/swing/JOptionPane/8024926/ /bug8024926.java applet to main ... changelog too long, skipping 421 lines ... + integrated in this version ==== kdbg ==== Version update (3.1.0 -> 3.2.0) Subpackages: kdbg-lang - Update to 3.2.0 * KDbg can be built for KDE Frameworks 6/Qt6 * XSL debugging support was removed - Drop patch: * kdbg-cmake4.patch ==== kernel-source ==== Version update (6.17.4 -> 6.17.5) - expfs: Fix exportfs_can_encode_fh() for EXPORT_FH_FID (bsc#1252541). - commit 00da826 - Linux 6.17.5 (bsc#1012628). - vfs: Don't leak disconnected dentries on umount (bsc#1012628). - ata: libata-core: relax checks in ata_read_log_directory() (bsc#1012628). - arm64/sysreg: Fix GIC CDEOI instruction encoding (bsc#1012628). - drm/xe/guc: Check GuC running state before deregistering exec queue (bsc#1012628). - ixgbevf: fix getting link speed data for E610 devices (bsc#1012628). - ixgbevf: fix mailbox API compatibility by negotiating supported features (bsc#1012628). - rust: cfi: only 64-bit arm and x86 support CFI_CLANG (bsc#1012628). - smb: client: Fix refcount leak for cifs_sb_tlink (bsc#1012628). - x86/CPU/AMD: Prevent reset reasons from being retained across reboot (bsc#1012628). - slab: reset slab->obj_ext when freeing and it is OBJEXTS_ALLOC_FAIL (bsc#1012628). - io_uring: protect mem region deregistration (bsc#1012628). - Revert "drm/amd/display: Only restore backlight after amdgpu_dm_init or dm_resume" (bsc#1012628). - r8152: add error handling in rtl8152_driver_init (bsc#1012628). - net: usb: lan78xx: Fix lost EEPROM write timeout error(-ETIMEDOUT) in lan78xx_write_raw_eeprom (bsc#1012628). - KVM: arm64: Prevent access to vCPU events before init (bsc#1012628). - f2fs: fix wrong block mapping for multi-devices (bsc#1012628). - gve: Check valid ts bit on RX descriptor before hw timestamping (bsc#1012628). - jbd2: ensure that all ongoing I/O complete before freeing blocks (bsc#1012628). - ext4: wait for ongoing I/O to complete before freeing blocks (bsc#1012628). - ext4: detect invalid INLINE_DATA + EXTENTS flag combination (bsc#1012628). - btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running (bsc#1012628). - btrfs: fix memory leak on duplicated memory in the qgroup assign ioctl (bsc#1012628). - btrfs: only set the device specific options after devices are opened (bsc#1012628). - btrfs: fix incorrect readahead expansion length (bsc#1012628). - btrfs: fix memory leaks when rejecting a non SINGLE data profile without an RST (bsc#1012628). - btrfs: do not assert we found block group item when creating free space tree (bsc#1012628). - can: gs_usb: gs_make_candev(): populate net_device->dev_port (bsc#1012628). - can: gs_usb: increase max interface to U8_MAX (bsc#1012628). - cifs: parse_dfs_referrals: prevent oob on malformed input (bsc#1012628). - cxl/acpi: Fix setup of memory resource in cxl_acpi_set_cache_size() (bsc#1012628). - ALSA: hda/intel: Add MSI X870E Tomahawk to denylist (bsc#1012628). - ALSA: hda/realtek: Add quirk entry for HP ZBook 17 G6 (bsc#1012628). - ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_get_acpi_mute_state() (bsc#1012628). - ALSA: hda: Fix missing pointer check in hda_component_manager_init function (bsc#1012628). - drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies (bsc#1012628). - drm/amdgpu: use atomic functions with memory barriers for vm fault info (bsc#1012628). - drm/amdgpu: fix gfx12 mes packet status return check (bsc#1012628). - drm/xe: Increase global invalidation timeout to 1000us (bsc#1012628). - perf/core: Fix address filter match with backing files (bsc#1012628). - perf/core: Fix MMAP event path names with backing files (bsc#1012628). - perf/core: Fix MMAP2 event device with backing files (bsc#1012628). - drm/amd: Check whether secure display TA loaded successfully (bsc#1012628). - PM: hibernate: Add pm_hibernation_mode_is_suspend() (bsc#1012628). - drm/amd: Fix hybrid sleep (bsc#1012628). - media: nxp: imx8-isi: m2m: Fix streaming cleanup on release (bsc#1012628). - usb: gadget: Store endpoint pointer in usb_request (bsc#1012628). - usb: gadget: Introduce free_usb_request helper (bsc#1012628). - usb: gadget: f_rndis: Refactor bind path to use __free() (bsc#1012628). - usb: gadget: f_acm: Refactor bind path to use __free() (bsc#1012628). - usb: gadget: f_ecm: Refactor bind path to use __free() (bsc#1012628). - usb: gadget: f_ncm: Refactor bind path to use __free() (bsc#1012628). - HID: multitouch: fix sticky fingers (bsc#1012628). - dax: skip read lock assertion for read-only filesystems (bsc#1012628). ... changelog too long, skipping 244 lines ... - commit 60fe5ed ==== lcms2 ==== Version update (2.16 -> 2.17) - Enable threads support * Drop lcms2-visibility.patch as it was causing linker errors when enabling threads - Update to 2.17: * Add fuzzers foundation. Many thanks to Amir Montazery and Open-Source Technology Improvement Fund (ostif.org), Google, for funding that. * Add ability to disable building tests in meson * Fixed gamut warning not working on certain conditions * Mac sequoia added to test beds * Add the possibility of duplicating a NULL context for cloning defaults. * Small cleanup of CGATS parser. * Change computation of profile ID to follow actual ICC spec (yes, they changed the spec!) * Allow to apply color management on memory blocks > 4Gb. * Get rid of samples on meson compilation * Increase coverage of pre-multiplied alpha. * Bug fixing and cosmetical work. - Refresh lcms2-ocloexec.patch ==== libglycin ==== Version update (2.0.3 -> 2.0.4) - Update to version 2.0.4: + This release contains the following new component versions: - glycin-heif 2.0.4 - glycin-image-rs 2.0.4 - glycin-jpeg2000 2.0.4 - glycin-jxl 2.0.4 - glycin-raw 2.0.4 - glycin-svg 2.0.4 - glycin-utils 4.0.4 - glycin 3.0.4 - libglycin 2.0.4 - libglycin-gtk4 2.0.4 + Fixed: - D-Bus connections were never completely closed, causing a memory and FD leak. - Default to loop for animations if no explicit value is set. This fixed as backward compatibility issue when glycin/libglycin is not a .3 or later. - Support having symlinks in a directory that is already a symlink and both a explicitly picked up by fontconfig. ==== librsvg ==== Version update (2.61.1 -> 2.61.2) Subpackages: librsvg-2-2 typelib-1_0-Rsvg-2_0 - Update to version 2.61.2: + librsvg crate version 2.61.2 + librsvg-rebind crate version 0.2.1 + Disable compilation of the gdk-pixbuf loader module by default. It used to be that if meson detected that gdk-pixbuf-query-loaders(1) is available, then it would build the gdk-pixbuf loader module. Now that GNOME has switched to glycin loaders for images, which are sandboxed, gdk-pixbuf loaders are deprecated. You can still compile the gdk-pixbuf loader in librsvg by using the "-Dpixbuf-loader=enabled" option when invoking meson. + Reduce stack usage with deeply nested layers. This should be of interest especially for users of Alpine or musl-libc. Librsvg should hopefully no longer require users of musl-libc to increase the stack size for it; please tell the maintainer if that is the case! + "rsvg-convert --version" now also outputs the versions of the C library dependencies being used at runtime. + The build process now checks the version of cargo-cbuild, as it needs to be coordinated with the minimum supported Rust version. The minimum cargo-cbuild for this release is 0.10.10. + Compiling rsvg-convert is now optional, via the "-Drsvg-convert=disabled" option for Meson. + Update Rust dependencies. - Run test suite for all non 32bit targets. ==== llvm21 ==== Version update (21.1.3 -> 21.1.4) - Update to version 21.1.4. * This release contains bug-fixes for the LLVM 21.1.0 release. This release is API and ABI compatible with 21.1.0. - Simplify script for building documentation. - Use %ldconfig_scriptlets to automatically generate post scriptlets. This doesn't work with %{multisource} in Leap 15.6 though, so we leave a fallback for that. - Drop post scriptlets for gold and polly, which provide only plugin libraries that ldconfig doesn't care about. - Rebase llvm-do-not-install-static-libraries.patch. ==== luajit ==== Version update (5.1.2.1.0+git.1741730670.538a821 -> 2.1.20250826) - Add Provides: Lua(API) - Don’t Conflict with lua51 directly. - Don’t provide _bindir/lua5.1 - Rewrite SPEC file to work with other Lua interpreters and packages. - Replace the implementation of LuaJIT of the original implementation of Mike Pall with the OpenResty fork. - Just to make rpmlint happy, I have to mention that we removed these patches: - 0003-Get-rid-of-LUAJIT_VERSION_SYM-that-changes-ABI-on-ev.patch - 0002-Enable-debugging-symbols-in-the-build.patch - Reapply patches to avoid fuzz and long-term maintenance: - loong64-support.patch - riscv64-support.patch - Updated to 2.1.20250826 (1756211046) * FFI: Fix dangling CType references (again). * Avoid out-of-range PC for stack overflow error from snapshot restore. * x86/x64: Don't use undefined MUL/IMUL zero flag. * Windows: Add lua52compat option to msvcbuild.bat. - Cherry-pick riscv64-support.patch to add RISC-V support - Cherry-pick loong64-support.patch to add LoongArch support - Increase _default_patch_fuzz to 2 to allow patches to apply - Updated to 2.1.20250529 (1748495995). * https://github.com/openresty/luajit2/compare/v2.1-20250117...v2.1-20250529 ==== mutter ==== Version update (49.1 -> 49.1.1) Subpackages: mutter-lang - Update to version 49.1.1: + Fix broken menus in some Xwayland clients + Avoid processing the same key event twice during keybindings + Fixed crash + Misc. bug fixes and cleanups + Updated translations. - Drop mutter-fix-xwayland-dnd-crash.patch: Fixed upstream. ==== openSUSE-release ==== Version update (20251024 -> 20251027) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== perl-HTTP-Message ==== Version update (7.0.0 -> 7.10.0) - updated to 7.10.0 (7.01) see /usr/share/doc/packages/perl-HTTP-Message/Changes 7.01 2025-10-19 17:22:21Z - Fix HTTP::Response and HTTP::Request as_string/parse commutativity issue [#62959] (GH#212) (Copilot) - Fix few minor typos (GH#202) (Yoshikazu Sawa) ==== perl-libwww-perl ==== Version update (6.800.0 -> 6.810.0) - updated to 6.810.0 (6.81) see /usr/share/doc/packages/perl-libwww-perl/Changes 6.81 2025-10-22 17:04:53Z - Add Security Policy file SECURITY.md (GH#475) (Mikko Koivunalho) - Update test expectations for HTTP-Message 7.01+ trailing newline fix (GH#492) (Copilot) ==== php8 ==== Version update (8.4.13 -> 8.4.14) Subpackages: php8-ctype php8-dom php8-iconv php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter - version update to 8.4.14 Core: Fixed bug GH-19765 (object_properties_load() bypasses readonly property checks). Fixed hard_timeout with --enable-zend-max-execution-timers. Fixed bug GH-19792 (SCCP causes UAF for return value if both warning and exception are triggered). Fixed bug GH-19653 (Closure named argument unpacking between temporary closures can cause a crash). Fixed bug GH-19839 (Incorrect HASH_FLAG_HAS_EMPTY_IND flag on userland array). Fixed bug GH-19480 (error_log php.ini cannot be unset when open_basedir is configured). Fixed bug GH-20002 (Broken build on *BSD with MSAN). CLI: Fix useless "Failed to poll event" error logs due to EAGAIN in CLI server with PHP_CLI_SERVER_WORKERS. Curl: Fix cloning of CURLOPT_POSTFIELDS when using the clone operator instead of the curl_copy_handle() function to clone a CurlHandle. Fix curl build and test failures with version 8.16. Date: Fixed GH-17159: "P" format for ::createFromFormat swallows string literals. DOM: Fix macro name clash on macOS. Fixed bug GH-20022 (docker-php-ext-install DOM failed). GD: Fixed GH-19955 (imagefttext() memory leak). MySQLnd: Fixed bug #67563 (mysqli compiled with mysqlnd does not take ipv6 adress as parameter). Opcache: Fixed bug GH-19669 (assertion failure in zend_jit_trace_type_to_info_ex). Fixed bug GH-19831 (function JIT may not deref property value). Fixed bug GH-19889 (race condition in zend_runtime_jit(), zend_jit_hot_func()). Phar: Fix memory leak and invalid continuation after tar header writing fails. Fix memory leaks when creating temp file fails when applying zip signature. SimpleXML: Fixed bug GH-19988 (zend_string_init with NULL pointer in simplexml (UB)). Soap: Fixed bug GH-19784 (SoapServer memory leak). Fixed bug GH-20011 (Array of SoapVar of unknown type causes crash). Standard: Fixed bug GH-12265 (Cloning an object breaks serialization recursion). Fixed bug GH-19701 (Serialize/deserialize loses some data). Fixed bug GH-19801 (leaks in var_dump() and debug_zval_dump()). Fixed bug GH-20043 (array_unique assertion failure with RC1 array causing an exception on sort). Fixed bug GH-19926 (reset internal pointer earlier while splicing array while COW violation flag is still set). Fixed bug GH-19570 (unable to fseek in /dev/zero and /dev/null). Streams: Fixed bug GH-19248 (Use strerror_r instead of strerror in main). Fixed bug GH-17345 (Bug #35916 was not completely fixed). Fixed bug GH-19705 (segmentation when attempting to flush on non seekable stream. XMLReader: Fixed bug GH-20009 (XMLReader leak on RelaxNG schema failure). Zip: Fixed bug GH-19688 (Remove pattern overflow in zip addGlob()). Fixed bug GH-19932 (Memory leak in zip setEncryptionName()/setEncryptionIndex()). ==== python-gobject ==== Version update (3.54.3 -> 3.54.5) Subpackages: python311-gobject python311-gobject-Gdk python311-gobject-cairo python313-gobject python313-gobject-Gdk python313-gobject-cairo - Update to version 3.54.5: + Backport: GLib 2.86/GioUnix compatibility ==== xen ==== Version update (4.20.1_04 -> 4.20.1_06) - bsc#1251271 - VUL-0: CVE-2025-58147,CVE-2025-58148: xen: Incorrect input sanitisation in Viridian hypercalls (XSA-475) xsa475-1.patch xsa475-2.patch ==== xfdesktop ==== Subpackages: xfdesktop-lang - Switch to using meson for building; this allows building this package even in the upcoming development release Xfce-4.21 - Refresh 0002-relax-libyaml-version.patch - Remove bcond_with git and related items - Ensure installed icon files land in _datadir/wallpapers/xfce, not in _datadir/backgrounds/xfce which is used by meson ==== yast2-trans ==== Version update (84.87.20251018.189b3dd61e -> 84.87.20251021.5e431d2e7b) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20251021.5e431d2e7b: * Translated using Weblate (Indonesian) * Translated using Weblate (Indonesian) * Added translation using Weblate (Indonesian)