Packages changed: at avahi avahi-glib2 ethtool (6.19 -> 7.0) gnome-session kernel-firmware-amdgpu (20260427 -> 20260505) kernel-firmware-bluetooth (20260423 -> 20260505) kernel-firmware-i915 kernel-firmware-intel (20260408 -> 20260505) kernel-firmware-media (20260414 -> 20260505) kernel-firmware-mediatek kernel-firmware-platform (20260416 -> 20260505) kernel-firmware-qcom (20260423 -> 20260505) kernel-firmware-realtek kernel-source (7.0.2 -> 7.0.3) kexec-tools (2.0.30 -> 2.0.32+git15.g677dd2f) libksysguard6 libvirt (12.2.0 -> 12.3.0) nvidia-settings (580.142 -> 580.159.03) openSUSE-release (20260505 -> 20260506) ovmf postfix (3.11.1 -> 3.11.2) sord (0.16.20 -> 0.16.22) sqlite3 (3.53.0 -> 3.53.1) sysconfig (0.90.4 -> 0.90.5) tree (2.3.1 -> 2.3.2) tree-sitter === Details === ==== at ==== - Use systemd-tmpfiles to create spool structure [jsc#PED-14783] - Added sources * at-tmpfiles.conf ==== avahi ==== Subpackages: avahi-lang libavahi-client3 libavahi-client3-32bit libavahi-common3 libavahi-common3-32bit libavahi-core7 - Add avahi-CVE-2026-24401.patch: Fix unsolicited mDNS response containing a recursive CNAME record (bsc#1257235). ==== avahi-glib2 ==== - Add avahi-CVE-2026-24401.patch: Fix unsolicited mDNS response containing a recursive CNAME record (bsc#1257235). ==== ethtool ==== Version update (6.19 -> 7.0) - update to upstream release 7.0 * Feature: support MSE display (--show-mse) * Feature: add 2 new link_ext_state names * Fix: fix index calculation in ixgbe register dump (-d) * Fix: cmis wavelength tolerance output (-m) * Fix: duplicate sfpid Active Cu compliance output (-m) ==== gnome-session ==== Subpackages: gnome-session-lang - Eliminate usage of update-alternatives on suse_version >= 1610 (jsc#PED-15674): GNOME-Session was the only one installng that handler into the wayland-sessions directory, and apparently nothing is reading it. GNOME does not have the X-Session anymore, making the step out easy at this time. ==== kernel-firmware-amdgpu ==== Version update (20260427 -> 20260505) - Update to version 20260505 (git commit 027be1e3d201): * amdgpu: DMCUB updates for various ASICs ==== kernel-firmware-bluetooth ==== Version update (20260423 -> 20260505) - Update to version 20260505 (git commit 027be1e3d201): * rtl_bt: Add missing rtl8761a_config.bin for RTL8761AU ==== kernel-firmware-i915 ==== - Update aliases from 7.1-rc1 ==== kernel-firmware-intel ==== Version update (20260408 -> 20260505) - Update to version 20260505 (git commit 027be1e3d201): * Linux-firmware: Add Dell ISH firmware 581.7783.0 for Intel Panther Lake systems. ==== kernel-firmware-media ==== Version update (20260414 -> 20260505) - Update to version 20260505 (git commit 027be1e3d201): * qcom: vpu: add Gen2 firmware binary for Agatti ==== kernel-firmware-mediatek ==== - Update aliases from 7.1-rc1 ==== kernel-firmware-platform ==== Version update (20260416 -> 20260505) - Update to version 20260505 (git commit 027be1e3d201): * linux-firmware:Add firmware for Lontium LT7911EXC bridge ==== kernel-firmware-qcom ==== Version update (20260423 -> 20260505) - Update to version 20260505 (git commit 027be1e3d201): * qcom: update ADSP firmware for x1e80100 platform * qcom: Update CDSP firmware for Kaanapali platform ==== kernel-firmware-realtek ==== - Update aliases from 7.1-rc1 ==== kernel-source ==== Version update (7.0.2 -> 7.0.3) - Update patches.kernel.org/7.0.1-001-nfc-llcp-add-missing-return-after-LLCP_CLOSED-c.patch (bsc#1012628 CVE-2026-31629). - Update patches.kernel.org/7.0.1-002-x86-CPU-Fix-FPDSS-on-Zen1.patch (bsc#1012628 CVE-2026-31628). - Update patches.kernel.org/7.0.1-003-can-raw-fix-ro-uniq-use-after-free-in-raw_rcv.patch (bsc#1012628 CVE-2026-31532 bsc#1262757). - Update patches.kernel.org/7.0.1-004-i2c-s3c24xx-check-the-size-of-the-SMBUS-message.patch (bsc#1012628 CVE-2026-31627). - Update patches.kernel.org/7.0.1-005-staging-rtl8723bs-initialize-le_tmp64-in-rtw_BI.patch (bsc#1012628 CVE-2026-31626). - Update patches.kernel.org/7.0.1-006-HID-alps-fix-NULL-pointer-dereference-in-alps_r.patch (bsc#1012628 CVE-2026-31625 bsc#1263030). - Update patches.kernel.org/7.0.1-007-HID-core-clamp-report_size-in-s32ton-to-avoid-u.patch (bsc#1012628 CVE-2026-31624 bsc#1263657). - Update patches.kernel.org/7.0.1-008-net-usb-cdc-phonet-fix-skb-frags-overflow-in-rx.patch (bsc#1012628 CVE-2026-31623). - Update patches.kernel.org/7.0.1-009-NFC-digital-Bounds-check-NFC-A-cascade-depth-in.patch (bsc#1012628 CVE-2026-31622). - Update patches.kernel.org/7.0.1-011-bnge-return-after-auxiliary_device_uninit-in-er.patch (bsc#1012628 CVE-2026-31621). - Update patches.kernel.org/7.0.1-012-ALSA-usx2y-us144mkii-fix-NULL-deref-on-missing-.patch (bsc#1012628 CVE-2026-31620 bsc#1263029). - Update patches.kernel.org/7.0.1-013-ALSA-fireworks-bound-device-supplied-status-bef.patch (bsc#1012628 CVE-2026-31619). - Update patches.kernel.org/7.0.1-014-fbdev-tdfxfb-avoid-divide-by-zero-on-FBIOPUT_VS.patch (bsc#1012628 CVE-2026-31618). - Update patches.kernel.org/7.0.1-015-usb-gadget-f_ncm-validate-minimum-block_len-in-.patch (bsc#1012628 CVE-2026-31617). - Update patches.kernel.org/7.0.1-016-usb-gadget-f_phonet-fix-skb-frags-overflow-in-p.patch (bsc#1012628 CVE-2026-31616). - Update patches.kernel.org/7.0.1-017-usb-gadget-renesas_usb3-validate-endpoint-index.patch (bsc#1012628 CVE-2026-31615). - Update patches.kernel.org/7.0.1-018-smb-client-fix-off-by-8-bounds-check-in-check_w.patch (bsc#1012628 CVE-2026-31614). - Update patches.kernel.org/7.0.1-019-smb-client-fix-OOB-reads-parsing-symlink-error-.patch (bsc#1012628 CVE-2026-31613). - Update patches.kernel.org/7.0.1-020-ksmbd-validate-EaNameLength-in-smb2_get_ea.patch (bsc#1012628 CVE-2026-31612). - Update patches.kernel.org/7.0.1-021-ksmbd-require-3-sub-authorities-before-reading-.patch (bsc#1012628 CVE-2026-31611). - Update patches.kernel.org/7.0.1-022-ksmbd-fix-mechToken-leak-when-SPNEGO-decode-fai.patch (bsc#1012628 CVE-2026-31610 bsc#1263046). - Update patches.kernel.org/7.0.1-023-smb-client-avoid-double-free-in-smbd_free_send_.patch (bsc#1012628 CVE-2026-31609 bsc#1263663). - Update patches.kernel.org/7.0.1-024-smb-server-avoid-double-free-in-smb_direct_free.patch (bsc#1012628 CVE-2026-31608 bsc#1263664). - Update patches.kernel.org/7.0.1-025-usbip-validate-number_of_packets-in-usbip_pack_.patch (bsc#1012628 CVE-2026-31607 bsc#1263600). - Update patches.kernel.org/7.0.1-029-usb-gadget-f_hid-don-t-call-cdev_init-while-cde.patch (bsc#1012628 CVE-2026-31606 bsc#1263591). - Update patches.kernel.org/7.0.1-031-fbdev-udlfb-avoid-divide-by-zero-on-FBIOPUT_VSC.patch (bsc#1012628 CVE-2026-31605 bsc#1263493). - Update patches.kernel.org/7.0.1-034-wifi-rtw88-fix-device-leak-on-probe-failure.patch (bsc#1012628 CVE-2026-31604 bsc#1263045). - Update patches.kernel.org/7.0.1-035-staging-sm750fb-fix-division-by-zero-in-ps_to_h.patch (bsc#1012628 CVE-2026-31603 bsc#1263491). - Update patches.kernel.org/7.0.1-040-ALSA-ctxfi-Limit-PTP-to-a-single-page.patch (bsc#1012628 CVE-2026-31602 bsc#1263723). - Update patches.kernel.org/7.0.1-042-vfio-xe-Reorganize-the-init-to-decouple-migrati.patch (bsc#1012628 CVE-2026-31601 bsc#1263722). - Update patches.kernel.org/7.0.1-043-arm64-mm-Handle-invalid-large-leaf-mappings-cor.patch (bsc#1012628 CVE-2026-31600 bsc#1263721). - Update patches.kernel.org/7.0.1-044-media-vidtv-fix-NULL-pointer-dereference-in-vid.patch (bsc#1012628 CVE-2026-31599 bsc#1263031). - Update patches.kernel.org/7.0.1-045-ocfs2-fix-possible-deadlock-between-unlink-and-.patch (bsc#1012628 CVE-2026-31598 bsc#1263718). ... changelog too long, skipping 90 lines ... - commit 086d181 ==== kexec-tools ==== Version update (2.0.30 -> 2.0.32+git15.g677dd2f) - update to 2.0.32+git15.g677dd2f: * x86_64: Support UKI image format * pe-zboot: Truncate the trailing zero if Image is signed * kexec: Enable zstd in kexec decompression paths * x86_64: Use the x86-64 level for purgatory * RISC-V: Enable kexec_file_load syscall * RISC-V: Support loading Image binary file * kexec/zboot: Add boundary check on PE header offset * LoongArch: Change COMMAND_LINE_SIZE to 4096 * kexec: Handle removal of multiple 'crashkernel' parameters * LoongArch: Enforce relocatable kernel check for crash dump * LoongArch: Change initrd allocation to top-down * LoongArch: Add kexec_file_load syscall * LoongArch: Remove 'kexec_file' cmdline parameters when using --reuse-cmdline option * kexec/ifdown.c: Use AF_NETLINK instead of AF_INET * ppc64: ensure /memreserve/ sections exist in user-provided FDT * ppc64: handle reboot CPU in case of user provided DTB * ppc64: lift the dtb and initrd restriction * kexec: add kexec flag to support debug printing * UKI: Fix the size of real payload * ppc64: Reserve FDT memory for full elfcorehdr memory size * LoongArch: Increase MAX_MEMORY_RANGES to 1024 - drop outdated patches: * kexec-tools-SYS_getrandom.patch * kexec-tools-riscv64.patch * kexec-tools-riscv-hotplug.patch ==== libksysguard6 ==== Subpackages: ksysguardsystemstats6-data libKSysGuardSystemStats2 libksysguard6-imports libksysguard6-lang libksysguard6-plugins - Add missing %verify(not caps) (boo#1263098) ==== libvirt ==== Version update (12.2.0 -> 12.3.0) Subpackages: libvirt-client libvirt-daemon-common libvirt-daemon-config-network libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lock libvirt-daemon-log libvirt-daemon-plugin-lockd libvirt-daemon-qemu libvirt-libs - Update to libvirt 12.3.0 - bsc#1251789, bsc#1263564 - Many incremental improvements and bug fixes, see https://libvirt.org/news.html#v12-3-0-2026-05-02 ==== nvidia-settings ==== Version update (580.142 -> 580.159.03) - update to version 580.159.03 (boo#1262749) ==== openSUSE-release ==== Version update (20260505 -> 20260506) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== ovmf ==== Subpackages: qemu-ovmf-x86_64 - Replace 'Support multiple entries' patch with 'drop GCD system memory check' patches because the fix was merged upstream (bsc#1259640) - Remove ovmf-ArmPkg-CpuDxe-Support-multiple-entries-in-RegionIsSy.patch - Add backported patch drop GCD system memory check from MemoryAttribute protocol - ovmf-ArmPkg-CpuDxe-Drop-GCD-system-memory-check-from-Memo.patch 99d8c3710a0f ArmPkg/CpuDxe: Drop GCD system memory check from MemoryAttribute protocol - ovmf-ArmPkg-CpuDxe-Refuse-to-clear-XN-from-device-memory-.patch c00c1216ce7f ArmPkg/CpuDxe: Refuse to clear XN from device memory mappings - Update OVMF descriptors - Set priority for qcow2 over raw format images. - Lower the priority of the CoCo OVMF descriptor. ==== postfix ==== Version update (3.11.1 -> 3.11.2) - update to 3.11.2 * Bugfix (defect introduced: Postfix 3.11): the proxymap(8) daemon dereferenced an uninitialized pointer after a request protocol error. This daemon is not exposed to local or remote users. Found by Claude Opus 4.6. * Bugfix (defect introduced: 20260309) a change, to set the service_name default value to "amnesiac", violated a test that parameter names in postconf output must match 1:1 with parameter names in the postlink script. * Portability: support for recent FreeBSD, NetBSD, and OpenBSD versions. * Bugfix (defect introduced: Postfix 2.2, date 20041207): When truncating a database file, the cdb: database client looked at the file size from before requesting an exclusive lock on a database file, instead of the file size after the exclusive lock was granted. Found by Claude Opus 4.6. * Bugfix (defect introduced: Postfix alpha, date 19980309): file descriptor leak after fork() failure. Found by Claude Opus 4.6. * Mistakes in debug logging. Found by Claude Opus 4.6. This affected two files in Postfix 3.8 and 3.9, three files in Postfix 3.10 and 3.11. * Unchecked null pointer results after an out-of-memory condition in a library dependency. Found by Claude Opus 4.6. The fix is to return an error status or to log a fatal error. This affected three source files. * Missing or incomplete guards for ssize_t or int overflow, found by Claude Opus 4.6. This affected three source files. These limits are unlikely to be exceeded because the size of in-memory objects is limited by design (the number of in-memory objects is also limited). ==== sord ==== Version update (0.16.20 -> 0.16.22) - update to 0.16.22: * Add clang nullability annotations * Address new warnings in clang and clang-tidy 21 * Make more API functions tolerate NULL ==== sqlite3 ==== Version update (3.53.0 -> 3.53.1) Subpackages: libsqlite3-0 libsqlite3-0-x86-64-v3 sqlite3-tcl - Update to version 3.53.1: * Fixes for problems in 3.53.0 reported by users. * See the check-in timeline for details: https://sqlite.org/src/timeline?from=version-3.53.0&to=version-3.53.1 ==== sysconfig ==== Version update (0.90.4 -> 0.90.5) Subpackages: sysconfig-netconfig - version 0.90.5 * netconfig: Do not remove custom /etc/{resolv,yp}.conf on uninstall of sysconfig-netconfig, but only the symlinks to /run/netconfig files created by netconfig or tmpfiles.d(5) (bsc#1263889). ==== tree ==== Version update (2.3.1 -> 2.3.2) - update to 2.3.2: * Whitelist characters instead of blacklisting (had an incomplete blacklist somehow,) in url_encode() (M. Richardson) * Wrong path was being used to allocate a path string. * Symbolic link name might be printed incorrectly when -f and - l were used at the same time. (Masaki Hasegawa) * Use EXIT_FAILURE / EXIT_SUCCESS instead of 1 / 0 in exit(), supposedly more portable, but I am not sure I'm convinced. * Fix regression (maybe) in --gitignore for paths that are relative to the .gitignore file broken by using realpath to ==== tree-sitter ==== Subpackages: libtree-sitter0_26 libtree-sitter0_26-x86-64-v3 Review corrections: 1. Fixed SLPP violation: Moved tree-sitter-load-path.el and the grammar directory from the shared library package (libtree-sitter0_26) to the main tree-sitter package. This allows different library versions to be installed in parallel. 2. Removed legacy transition logic: Deleted the Provides and Obsoletes for older library versions (0_22 and 0_25) that were causing hard-dependency conflicts during upgrades. 3. Eliminated conflicting symlink: Added a command in the %install section to remove the unused libtree-sitter.so.0 symlink, preventing potential file conflicts. 4. Verified configuration: Confirmed baselibs.conf correctly references the current library package. - Add `Provides: lib%{name}%{somajor} = %{version}-%{release}` to the definition of `lib%{name}%{somajor}` subpackage. - Correct changelog.