Packages changed: MicroOS-release (20260601 -> 20260602) SDL3 (3.4.6 -> 3.4.10) exfatprogs (1.3.2 -> 1.4.1) libunwind libxkbcommon (1.13.1 -> 1.13.2) llvm22 (22.1.5 -> 22.1.6) openjph (0.27.2 -> 0.27.3) openssh plasma-branding-Kalpa (20260530 -> 20260601) xorg-x11-server xwayland === Details === ==== MicroOS-release ==== Version update (20260601 -> 20260602) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== SDL3 ==== Version update (3.4.6 -> 3.4.10) - Update to release 3.4.10 * Allow depth texture arrays in the GPU API * Fixed a crash when copying to the Vulkan swapchain with the GPU API * Added controller sensor support for GameInput v3 * Fixed Ipega controllers being ignored in keyboard mode * Added support for GameCube rumble when the adapter is in PC mode and has the latest firmware * Fixed rumble on the new Steam Controller * Added support for the GameSir Super Nova in Xbox 360 mode * Added support for the PDP Afterglow Wave Wireless Controller for Switch * Fixed several second hang when changing focus on X11 in some situations * Disable the X Synchronization Extension by default, can be enabled with SDL_HINT_VIDEO_X11_ENABLE_XSYNC_EXT * Fixed SDL_HINT_MOUSE_FOCUS_CLICKTHROUGH on X11 * Fixed a rare crash on Raspberry Pi when creating a window - Update to release 3.4.8 * Fixed a crash when showing a dialog on Unix if zenity is not installed ==== exfatprogs ==== Version update (1.3.2 -> 1.4.1) - Update to 1.4.1: * exfatprogs: include missing DOS attribute headers and upcase helper files in release tarballs. - Update to 1.4.0: Features: * mkfs.exfat: add partition table creation support so newly formatted devices are recognized by Windows. * fsck.exfat: add "--put-mbr" and "--clear-mbr" options to add or remove partition table entries for Windows compatibility on existing volumes. * mkfs.exfat: add the "--upcase" option to format with a user-supplied upcase table. * exfatprogs: add example upcase tables and a helper script to generate upcase table binaries for testing. * exfatprogs: add chdosattr and lsdosattr utilities to view and modify DOS file attributes. Changes: * mkfs.exfat: detect foreign filesystems and partition tables before formatting, requiring "-F" for interactive overwrite of non-exFAT volumes. * mkfs.exfat: always clear the first 0x10000 bytes and improve zero-out I/O, verification, and progress logs during formatting. * mkfs.exfat: reduce memory usage when formatting very large devices. * exfatprogs: include the release date in version output. * mkfs.exfat: print the volume UUID after formatting, warn when the "-s" option is used, and default to 512-byte clusters on very small devices. * exfatprogs: recover from short read/write completions during I/O operations. * exfatprogs: refuse to run on pre-2.6 Linux kernels. Bug fixes: * fsck.exfat: fix bitmap bit counting sign extension and handle progress bar overflow on corrupted bitmaps. * mkfs.exfat: fix 32-bit overflow issues that could select a wrong cluster size or fail with "-f". * mkfs.exfat: reject invalid zero or overflowing size arguments and correct the total cluster limit for edge-case large volumes. * mkfs.exfat: fix incorrect volume UUID printing and use safer direct I/O for write verification. * exfatprogs: fix 64-bit LBA sector I/O, integer signedness issues, and memory errors reported by valgrind in several utilities. ==== libunwind ==== - Always disable C++ exception support, which is incompatible with the system unwinder ==== libxkbcommon ==== Version update (1.13.1 -> 1.13.2) Subpackages: libxkbcommon-x11-0 libxkbcommon0 libxkbregistry0 - Update to release 1.13.2 * Added new keysyms: XKB_KEY_dead_apostrophe, XKB_KEY_SSHARP, XKB_KEY_leftsingleanglequotemark, XKB_KEY_rightsingleanglequotemark, XKB_KEY_XF86ElectronicPrivacyScreenOn, XKB_KEY_XF86ElectronicPrivacyScreenOff, XKB_KEY_XF86ActionOnSelection, XKB_KEY_XF86ContextualInsert, XKB_KEY_XF86ContextualQuery. * Changed `ISO_Group_Shift`, which is now the canonical name of the corresponding keysym. Previously it was `Mode_switch`, which refers to a core X group mechanism obsoleted by XKB. * Added new tool `xkbcli info` to print information about libxkbcommon configuration, for debugging purposes. ==== llvm22 ==== Version update (22.1.5 -> 22.1.6) - Update to version 22.1.6. * This release contains bug-fixes for the LLVM 22.1.0 release. This release is API and ABI compatible with 22.1.0. ==== openjph ==== Version update (0.27.2 -> 0.27.3) - Update to 0.27.3: * Changed how the QCC marker is created. * Add OSS fuzz corpus for ojph_compress_fuzz_target #271 ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - Update patch to fix a possible information disclosure or denial of service due to uninitialized variables in gssapi patches (CVE-2026-3497, bsc#1259642) : * openssh-8.0p1-gssapi-keyex.patch - Add patch to fix a potential issue when validating mac or ciphers (bsc#1264568): * fix-mac-validation-strsep-logic-bug.patch ==== plasma-branding-Kalpa ==== Version update (20260530 -> 20260601) - Version 20260601 * Removes aarch64 specific firstboot handling. Flathub now publishes an aarch64 build of Firefox, making it un-necessary ==== xorg-x11-server ==== Subpackages: xorg-x11-server-Xvfb - bsc1266294_CVE-2026-XXXX1_0007-dix-increase-XLFDMAXFONTNAMELEN-to-match-libXfont2-s.patch * Font Alias Stack-based Buffer Overflow (ZDI-CAN-30136, bsc#1266294) - bsc1266295_CVE-2026-XXXX2_0001-sync-fix-deletion-of-counters-and-fences.patch * XSYNC Use-After-Free in miSyncDestroyFence() (ZDI-CAN-30159, ZDI-CAN-30163, bsc#1266295, bsc#1266298) - bsc1266296_CVE-2026-XXXX3_0003-xkb-reject-key-types-with-num_levels-exceeding-XkbMa.patch * XKB Key Types Stack-based Buffer Overflow (ZDI-CAN-30160, bsc#1266296) - bsc1266297_CVE-2026-XXXX4_0004-xkb-clamp-nMaps-to-mapWidths-buffer-size-in-CheckKey.patch * XKB SetMap Request Stack-based Buffer Overflow (ZDI-CAN-30161, bsc#1266297) - bsc1266299_CVE-2026-XXXX6_0002-sync-restart-trigger-list-iteration-in-SyncChangeCou.patch * XSYNC Use-After-Free in SyncChangeCounter() (ZDI-CAN-30164, bsc#1266299) - bsc1266300_CVE-2026-XXXX7_0005-glx-fix-reversed-length-check-in-ChangeDrawableAttri.patch * GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write (ZDI-CAN-30165, bsc#1266300) - bsc1266301_CVE-2026-XXXX8_0006-saver-re-fetch-screen-private-after-CheckScreenPriva.patch * CreateSaverWindow Use-After-Free Information Disclosure (ZDI-CAN-30168, bsc#1266301) - bsc1266302_CVE-2026-XXXX9_0001-dri2-Use-booleans-for-fake-front-buffer-tracking-in-.patch bsc1266302_CVE-2026-XXXX9_0002-dri2-Deduplicate-attachments-in-do_get_buffer.patch * DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write (CVE-2026-XXXX9, bsc#1266302) ==== xwayland ==== - bsc1266294_CVE-2026-XXXX1_0007-dix-increase-XLFDMAXFONTNAMELEN-to-match-libXfont2-s.patch * Font Alias Stack-based Buffer Overflow (ZDI-CAN-30136, bsc#1266294) - bsc1266295_CVE-2026-XXXX2_0001-sync-fix-deletion-of-counters-and-fences.patch * XSYNC Use-After-Free in miSyncDestroyFence() (ZDI-CAN-30159, ZDI-CAN-30163, bsc#1266295, bsc#1266298) - bsc1266296_CVE-2026-XXXX3_0003-xkb-reject-key-types-with-num_levels-exceeding-XkbMa.patch * XKB Key Types Stack-based Buffer Overflow (ZDI-CAN-30160, bsc#1266296) - bsc1266297_CVE-2026-XXXX4_0004-xkb-clamp-nMaps-to-mapWidths-buffer-size-in-CheckKey.patch * XKB SetMap Request Stack-based Buffer Overflow (ZDI-CAN-30161, bsc#1266297) - bsc1266299_CVE-2026-XXXX6_0002-sync-restart-trigger-list-iteration-in-SyncChangeCou.patch * XSYNC Use-After-Free in SyncChangeCounter() (ZDI-CAN-30164, bsc#1266299) - bsc1266300_CVE-2026-XXXX7_0005-glx-fix-reversed-length-check-in-ChangeDrawableAttri.patch * GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write (ZDI-CAN-30165, bsc#1266300) - bsc1266301_CVE-2026-XXXX8_0006-saver-re-fetch-screen-private-after-CheckScreenPriva.patch * CreateSaverWindow Use-After-Free Information Disclosure (ZDI-CAN-30168, bsc#1266301)