Packages changed: crun (1.18.2 -> 1.19) gstreamer (1.24.9 -> 1.24.10) gstreamer-plugins-bad (1.24.9 -> 1.24.10) gstreamer-plugins-base (1.24.9 -> 1.24.10) gstreamer-plugins-good (1.24.9 -> 1.24.10) json-glib (1.10.0 -> 1.10.6) localsearch (3.8.1 -> 3.8.2) mutter (47.2 -> 47.3) nautilus (47.0+14 -> 47.1) netavark (1.13.0 -> 1.13.1) pixman suse-module-tools (16.0.53 -> 16.0.54) === Details === ==== crun ==== Version update (1.18.2 -> 1.19) - Update crun.keyring to point to primary key. The original packaging of crun.keyring used the subkey 0xAF60FCA3CDAA6DEAD157EA3A67E38F7A8BA21772 as the key to verify against, rather than the primary key 0xAC404C1C0BF735C63FF4D562263D6DF2E163E1EA. If/when upstream rotates their signing keys, the old key verification would start to fail. ==== gstreamer ==== Version update (1.24.9 -> 1.24.10) Subpackages: libgstreamer-1_0-0 typelib-1_0-Gst-1_0 - Update to version 1.24.10: + Highlighted bugfixes: - More than 40 security fixes across a wide range of elements following an audit by the GitHub Security Lab, including the MP4, Matroska, Ogg and WAV demuxers, subtitle parsers, image decoders, audio decoders and the id3v2 tag parser. - avviddec: Fix regression that could trigger assertions about width/height mismatches. - appsink and appsrc fixes. - closed caption handling fixes. - decodebin3 and urisourcebin fixes. - glupload: dmabuf: Fix emulated tiled import. - level: fix LevelMeta values outside of the stated range. - mpegtsmux, flvmux: fix potential busy looping with high cpu usage in live mode. - pipeline dot file graph generation improvements. - qt(6): fix criticals with multiple qml(6)gl{src,sink}. - rtspsrc: Optionally timestamp RTP packets with their receive times in TCP/HTTP mode to enable clock drift handling. - splitmuxsrc: reduce number of file descriptors used. - systemclock: locking order fixes. - v4l2: fix possible v4l2videodec deadlock on shutdown; 8-bit bayer format fixes. - x265: Fix build with libx265 version >= 4.1 after masteringDisplayColorVolume API change. - macOS: fix rendering artifacts in retina displays, plus ptp clock fixes. - cargo: Default to thin lto for the release profile (for faster builds with lower memory requirements). - Various bug fixes, build fixes, memory leak fixes, and other stability and reliability improvements. - Updated translations. + gstreamer: - allocator: Avoid integer overflow when allocating sysmem and avoid integer overflow in qtdemux theora extension parsing. - deviceprovider: fix leaking hidden providers. - gstreamer: prefix debug dot node names to prevent splitting. - pad: Never push sticky events in response to a FLUSH_STOP. - systemclock: Fix lock order violation and some cleanup. - utils: improve gst_util_ceil_log2(). - ptp: use ip_mreq instead of ip_mreqn for macos. - tracers: unlock leaks tracer if already tracking. ==== gstreamer-plugins-bad ==== Version update (1.24.9 -> 1.24.10) Subpackages: libgstadaptivedemux-1_0-0 libgstanalytics-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstinsertbin-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstmse-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0 - Update to version 1.24.10: + ccconverter: Don't override in_fps_entry when trying to take output. + ccutils fixes. + kmssink: Add mediatek auto-detection + mpegtsmux: Don't time out in live mode if no timestamped next buffer is available (fixes busy loop with high cpu usage). + mpegvideoparse: do not set delta unit flag on unknown frame type. + mxfmux: Fix off-by-one in the month when generating a timestamp for now. + timecodestamper: Don't fail the latency query in LTC mode if we have no framerate. + webrtc: don't crash on invalid bundle id. + x265: Allow building with x265-4.1 (after masteringDisplayColorVolume API change). + meson: Don't unconditionally invoke the libsoup subproject for tests. ==== gstreamer-plugins-base ==== Version update (1.24.9 -> 1.24.10) Subpackages: libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 - Update to version 1.24.10: + appsink: fix timeout logic for gst_app_sink_try_pull_sample(). + appsrc: Fix use-after-free when making buffer / buffer-lists writable. + audiostreamalign: Don't report disconts for every buffer if alignment-threshold is too small. + decodebin3: Unify collection switching checks. + discoverer: - Don't print channel layout for more than 64 channels. - Make sure the missing elements details array is NULL-terminated in a thread-safe way. - Fix segfault in race condition adding a new uri. + id3v2: Don't try parsing extended header if not enough data is available. + glupload: dmabuf: Fix emulated tiled import. + gl: - cocoa: fix rendering artifacts in retina displays. - meson: Don't use libdrm_dep in cc.has_header(). + oggstream: fix invalid ogg_packet->packet accesses, address invalid writes CVE. + opusdec: Set at most 64 channels to NONE position. + playbin: Fix caps leak in get_n_common_capsfeatures(). + playbin3: ERROR when setting new HLS URI with instant-uri=true. + sdp: Add debug categories for message and mikey modules. + ssaparse: Search for closing brace after opening brace. + splitmuxsrc: Convert part reader to a bin with a non-async bus. + subparse: Check for NULL return of strchr() when parsing LRC subtitles. + streamsynchronizer: Only send GAP events out of source pads. + urisourcebin: Also use event probe for HLS use-cases. + video-converter: Set TIME segment format on appsrc. + vorbisdec: Set at most 64 channels to NONE position. + Translation for gst-plugins-base 1.24.0 not sync-ed with Translation Project. + Updated translations. ==== gstreamer-plugins-good ==== Version update (1.24.9 -> 1.24.10) Subpackages: gstreamer-plugins-good-gtk - Update to version 1.24.10: + avisubtitle: Fix size checks and avoid overflows when checking sizes. + flvmux: Don't time out in live mode if no timestamped next buffer is available. + gdkpixbufdec: Check if initializing the video info actually succeeded. + jpegdec: Directly error out on negotiation failures. + level: - Fix integer overflow when filling LevelMeta. - Produces level value outside of Stated Range. + matroskademux: header parsing fixes. + qtdemux: - Header and sample table parsing fixes. - Avoid integer overflow in theora extension parsing. + qt(6)/material: ensure that we always update the context in setBuffer(). + rtspsrc: Optionally timestamp RTP packets with their receive times in TCP/HTTP mode. + rtp: Fix precision loss in gst_rtcp_ntp_to_unix(). + rtpfunnel: Ensure segment events are forwarded after flushs. + rtpmanager: don't map READWRITE in twcc header ext. + rtph264depay, rtph265depay: Fix various OOB reads / NULL pointer dereferences in parameter-set string handling. + shout2send: Unref event at the end of the event function. + udpsrc: protect cancellable from unlock/unlock_stop race. + v4l2object: - Fixed incorrect maximum value for int range. - Remove little endian marker on 8 bit bayer format names. + v4l2videodec: fix freeze race condition. + wavparse: Fix various (missing) size checks and other parsing problems. ==== json-glib ==== Version update (1.10.0 -> 1.10.6) Subpackages: libjson-glib-1_0-0 typelib-1_0-Json-1_0 - Update to version 1.10.6: + Allow single quoted strings when running in non-strict mode. + Allow escaped characters when running in non-strict mode. + Add missing nullable annotation. ==== localsearch ==== Version update (3.8.1 -> 3.8.2) - Update to version 3.8.2: + Fix database inconsistency resulting from some patterns of folder updates, and possible resulting CPU churn. ==== mutter ==== Version update (47.2 -> 47.3) - Update to version 47.3: + Fix maximized X11 when using native xwayland scaling + Fix blank screen in remote headless sessions + Fix touch-triggered popups being cancelled too early + Fix pointer cursor during compositor grabs + Fixed crash ==== nautilus ==== Version update (47.0+14 -> 47.1) Subpackages: gnome-shell-search-provider-nautilus libnautilus-extension4 - Update to version 47.1: + Enhancements: Speed up thumbnail loading. + Bugfixes: - Do not force reload when error is present to avoid showing auth dialog. - Open folder in correct window during a DnD hover. - Show username in file properties if name is an empty string. - Various a11y fixes. - Fix number placement when making new name for directory. - Various pathbar fixes. - Show alert dialog when a symlink is broken. - Fix crashes when opening. - Various sidebar fixes. - Fix ctrl + scroll to zoom in and out of view. + Updated translations. - Drop revert-post-release-bump.patch: No longer needed. - Update to version 47.0+38: * gtk/placessidebar: Fix placeholder sometimes being stuck at the bottom * pathbar: Remove dir separator in front of some schemes * gtk/placessidebar: Don't open insensitive rows * gtk/nautilusgtkplacessidebar: Don't start drag timer if row can't be known * file-chooser: Focus file name entry when cancelling overwrite * list-base: Activate folder to open on drag instead of opening through application * properties: Hide extensions list box when empty * file: Ignore empty strings for owner name * general: Various a11y fixes * files-view: Fix leak * compress-dialog: Fix name entry activation * file-utilities: Ignore extension when making new name for directories * pathbar: Stop adding extra space to buttons * pathbar: Don't show the pathbar button menu in file chooser * ui: Add missing accel labels * preferences: Clear weak pointer * nautilus-mime-actions: Actually report when a symlink is broken * xdp-gnome/externalwindow: Call gtk_init before opening a display * xdp-gnome/externalwindow: Override current session with GDK_BACKEND * nautilus-properties-window: Set use-markup=False in several rows ==== netavark ==== Version update (1.13.0 -> 1.13.1) - Update to version 1.13.1: * Release v1.13.1 * Release notes for v1.13.1 * setup: on av errors cleanup again * nftables: add daddr match to port forward jump rule ==== pixman ==== - Increase test timeout on s390x. Several tests can be slow and sometimes times out in our builds. - Use autosetup macro. ==== suse-module-tools ==== Version update (16.0.53 -> 16.0.54) Subpackages: suse-module-tools-scriptlets * rpm-script: create dangling symlinks in kiwi environments (bsc#1234275)