Packages changed: MicroOS-release (20260623 -> 20260701) aurorae6 (6.7.0 -> 6.7.1) bluedevil6 (6.7.0 -> 6.7.1) breeze6 (6.7.0 -> 6.7.1) breeze6-gtk (6.7.0 -> 6.7.1) btrfsprogs coreutils coreutils-systemd discover6 (6.7.0 -> 6.7.1) docker faad2 (2.11.2 -> 2.11.2.git13) flatpak-kcm6 (6.7.0 -> 6.7.1) fwupd giflib glib2 (2.88.1 -> 2.88.2) glibc gpgme (2.1.0 -> 2.1.1) gvfs (1.60.0 -> 1.60.1) jq (1.8.1 -> 1.8.2) kactivitymanagerd6 (6.7.0 -> 6.7.1) kde-cli-tools6 (6.7.0 -> 6.7.1) kde-gtk-config6 (6.7.0 -> 6.7.1) kdecoration6 (6.7.0 -> 6.7.1) kdeplasma6-addons (6.7.0 -> 6.7.1) kgamma6 (6.7.0 -> 6.7.1) kglobalacceld6 (6.7.0 -> 6.7.1) kinfocenter6 (6.7.0 -> 6.7.1) kmenuedit6 (6.7.0 -> 6.7.1) knighttime6 (6.7.0 -> 6.7.1) kpipewire6 (6.7.0 -> 6.7.1) kscreen6 (6.7.0 -> 6.7.1) kscreenlocker6 (6.7.0 -> 6.7.1) ksshaskpass6 (6.7.0 -> 6.7.1) ksystemstats6 (6.7.0 -> 6.7.1) kwayland-integration6 (6.7.0 -> 6.7.1) kwayland6 (6.7.0 -> 6.7.1) kwin6 (6.7.0 -> 6.7.1) layer-shell-qt6 (6.7.0 -> 6.7.1) ldacBT (2.0.2.3 -> 2.0.2.5) libass (0.17.4 -> 0.17.5) libcamera libkscreen6 (6.7.0 -> 6.7.1) libksysguard6 (6.7.0 -> 6.7.1) libpisp (1.3.0 -> 1.6.0) libplasma6 (6.7.0 -> 6.7.1) libslirp (4.9.1+1 -> 4.9.3+4) libzio (1.14 -> 1.15) milou6 (6.7.0 -> 6.7.1) ncurses (6.6.20260608 -> 6.6.20260613) nftables nghttp2 openSUSE-build-key pango (1.57.1 -> 1.58.0) patterns-kde plasma5support6 (6.7.0 -> 6.7.1) plasma6-activities (6.7.0 -> 6.7.1) plasma6-activities-stats (6.7.0 -> 6.7.1) plasma6-browser-integration (6.7.0 -> 6.7.1) plasma6-desktop (6.7.0 -> 6.7.1) plasma6-integration (6.7.0 -> 6.7.1) plasma6-nm (6.7.0 -> 6.7.1) plasma6-openSUSE plasma6-pa (6.7.0 -> 6.7.1) plasma6-print-manager (6.7.0 -> 6.7.1) plasma6-systemmonitor (6.7.0 -> 6.7.1) plasma6-workspace (6.7.0 -> 6.7.1) podman (5.8.2 -> 5.8.3) polkit-default-privs (1550+20260616.1f348eb -> 1550+20260623.563df94) polkit-kde-agent-6 (6.7.0 -> 6.7.1) powerdevil6 (6.7.0 -> 6.7.1) python-SQLAlchemy (2.0.50 -> 2.0.51) python-greenlet (3.5.0 -> 3.5.3) qqc2-breeze-style6 (6.7.0 -> 6.7.1) raspberrypi-firmware-dt runc (1.4.1 -> 1.4.2) sddm-kcm6 (6.7.0 -> 6.7.1) selinux-policy setools (4.6.0 -> 4.7.0) shim-leap spectacle (6.7.0 -> 6.7.1) systemd systemsettings6 (6.7.0 -> 6.7.1) tar tesseract-ocr thin-provisioning-tools (1.3.2 -> 1.3.3) upower (1.91.1 -> 1.91.2) vim (9.2.0530 -> 9.2.0725) xdg-desktop-portal-kde6 (6.7.0 -> 6.7.1) zlib === Details === ==== MicroOS-release ==== Version update (20260623 -> 20260701) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== aurorae6 ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== bluedevil6 ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== breeze6 ==== Version update (6.7.0 -> 6.7.1) Subpackages: breeze6-cursors breeze6-decoration breeze6-style breeze6-wallpapers - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== breeze6-gtk ==== Version update (6.7.0 -> 6.7.1) Subpackages: gtk3-metatheme-breeze6 metatheme-breeze6-common - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== btrfsprogs ==== Subpackages: btrfsprogs-udev-rules libbtrfs0 libbtrfsutil1 - Modernize building of Python bindings, to generate binary subpackages for each Python interpreter in the distro. ==== coreutils ==== - Switch coreutils-single to build as hardlinks ==== coreutils-systemd ==== - Switch coreutils-single to build as hardlinks ==== discover6 ==== Version update (6.7.0 -> 6.7.1) Subpackages: discover6-backend-flatpak discover6-backend-fwupd discover6-notifier - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 * rpm-ostree: Wait for 60 seconds before looking at deployments * rpm-ostree: Limit filesystem watcher triggers (kde#519672) * appiumtests: fix removeButton click * Generate valid appstream:// URLs for Flatpak apps ==== docker ==== Subpackages: docker-buildx docker-rootless-extras - Ensure correct certificate is used for TSA auth (bsc#1262346, CVE-2026-39984) * 0007-CVE-2026-39984-Ensure-correct-certificate-is-used-fo.patch - http2: prevent hanging Transport due to bad SETTINGS (bsc#1265782, CVE-2026-33814) * 0008-CVE-2026-33814-http2-prevent-hanging-Transport-due-t.patch - idna: update from x/text, fix ToUnicode and all-ASCII xn-- labels (bsc#1266625, CVE-2026-39821) * 0009-CVE-2026-39821-idna-update-from-x-text-fix-ToUnicode.patch - daemon: Decompress archives before entering container filesystem (bsc#1267827, CVE-2026-41567) * 0010-CVE-2026-41567-daemon-Decompress-archives-before-ent.patch ==== faad2 ==== Version update (2.11.2 -> 2.11.2.git13) - Update to version 2.11.2.git13: * fix out-of-bounds X underflow in SBR low-power QMF assembly * fix out-of-bounds Xsbr write in hf_assembly sinusoid addition * update to Visual Studio 18 * prevent length_of_rvlc_sf underflow in rvlc_scale_factor_data * fix out-of-bounds iq_table read in iquant for -32768 * bound sscanf field width in option parsing * fix integer overflow in stszin/stscin allocation size checks * fix off-by-one frame index check in mp4read_seek * SBR: prevent heap overflow in channel-pair reconstruction * fix typo - Drop patches fixed upstream: * bc5de3ac7264f7a232951d06150ec1fcd4a20f6c.patch * 2653c918d788c5dc83826c97aaa4de4dd8931a8b.patch ==== flatpak-kcm6 ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - No code changes since 6.7.0 ==== fwupd ==== Subpackages: libfwupd3 typelib-1_0-Fwupd-2_0 - Migrate to manual service run ==== giflib ==== - Added patch: * 0001-Fix-CVE-2026-26740-heap-OOB-write-in-EGifGCBToSavedE.patch + fixing bsc#1259836 (CVE-2026-26740): heap out-of-bounds read when processing a specially crafted GIF file containing a GCE block with a truncated extension byte count ==== glib2 ==== Version update (2.88.1 -> 2.88.2) Subpackages: glib2-tools libgio-2_0-0 libgirepository-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 typelib-1_0-GLib-2_0 typelib-1_0-GLibUnix-2_0 typelib-1_0-GModule-2_0 typelib-1_0-GObject-2_0 typelib-1_0-Gio-2_0 - Update to version 2.88.2: + gnulib: Fix unused flags variable warning + CI: set msys2-clang64 as default job for merges + Updated translations. ==== glibc ==== Subpackages: glibc-locale glibc-locale-base - resolv-sprintrrf-unkown-types.patch: resolv: More types as unknown in ns_sprintrrf (CVE-2026-5435, bsc#1263656, BZ #34033) - resolv-sprintrrf-inet-ntop-check.patch: resolv: Check for inet_ntop failure in ns_sprintrrf - resolv-sprintrrf-buffer-overreads.patch: resolv: Fix buffer overreads in ns_sprintrrf (CVE-2026-6238, bsc#1263658, BZ #34069) - fma-shift-ub.patch: math: Fix fma alignment when exponent difference is exactly 64 (BZ #34183) - struct-reserved-members.patch: Rename __unused fields to __glibc_reserved - iconv-translit-intermediate-errors.patch: iconv: Suppress intermediate errors with //TRANSLIT (BZ #34236) - arm-vfp-plt-trampoline.patch: arm: Save/restore VFP registers in PLT trampolines (BZ #34144, BZ #15792) - filter use of -fhardened (gcc switch that selects multiple hardening options) ==== gpgme ==== Version update (2.1.0 -> 2.1.1) - Update to 2.1.1: * gpgme_op_export now also returns operational errors ==== gvfs ==== Version update (1.60.0 -> 1.60.1) Subpackages: gvfs-backends - Update to version 1.60.1: + smb: Fix authentication fallback broken with Samba 4.24 + dav: Fix redirect handling to prevent HTTPS downgrade and credential leakage + Some other fixes + Updated translations. - Drop gvfs-fix-udisks2-crash.patch: Fixed upstream. ==== jq ==== Version update (1.8.1 -> 1.8.2) Subpackages: libjq1 - Update to version 1.8.2 Security fixes * CVE-2026-32316: Fix heap buffer overflow in jvp_string_append and jvp_string_copy_replace_bad. * CVE-2026-33947: Limit path depth to prevent stack overflow in jv_setpath, jv_getpath, jv_delpaths. * CVE-2026-33948: Fix NUL truncation in the JSON parser. * CVE-2026-39956: Fix _strindices missing runtime type checks. * CVE-2026-39979: Fix out-of-bounds read in jv_parse_sized(). * CVE-2026-40164: Randomize hash seed to mitigate hash collision DoS attacks. * CVE-2026-40612: Limit containment check depth to prevent stack overflow in contains. * CVE-2026-41256: Fix NUL truncation in program files loaded with -f. * CVE-2026-41257: Fix signed-int overflow in stack_reallocate. * CVE-2026-43894: Reject numeric literals longer than DEC_MAX_DIGITS (999999999). * CVE-2026-43895: Reject embedded NUL bytes in module import paths. * CVE-2026-43896: Limit recursive object merge depth to prevent stack overflow. * CVE-2026-44777: Detect circular module imports to prevent stack overflow. * CVE-2026-47770: Guard deep structural equality and comparison recursion. * CVE-2026-49839: Fix heap-buffer-overflow in raw file loading. * CVE-2026-54679: Tighten string length bounds and propagate invalid jv in implode. * GHSA-gf4g-95wj-4q4r: Fix use-after-free in args2obj() array argument path. * GHSA-hj52-j2c9-r8r4: Fix signed-int overflow in tokenadd to prevent buffer overflow. * Limit the number of function parameters and definitions to prevent SEGV. * Pre-allocate tokenbuf for string parser to avoid undefined behavior. * Avoid stack overflow when freeing deeply nested values. * Fix memory leaks and double frees. Releasing * Update GPG signing key. CLI changes * Improve error message truncation with closing delimiters. * Remove extra space from die function output. * Fix raw input flag not to corrupt multi-byte characters. * Fix crash when importing a module with errors twice. * Increase the maximum printing depth from 256 to 10000. Changes to existing functions * Fix rtrimstr("") always outputting "". * Fix infinite loop and undefined behavior in del(.[nan]). * Refactor @uri and @urid to fix multi-byte UTF-8 corruption. * Fix tonumber and toboolean to reject strings with embedded null bytes. * Fix undefined behavior in modulo operator. * Fix reversed pointer subtraction in f_env bounds check. * Fix missing validity check in f_strflocaltime after f_localtime. * Fix year 2038 problem on 32-bit platforms. * Use // instead of //= in from_entries definition. Build and test changes * Drop strptime test using non-portable %F. * Limit oniguruma depth to 1024 in jq_fuzz_execute. * Fix localization test for time formatting functions. * Fix expected value assertion. * Fix typo in tests/jq.test. * Refactor tm2jv to handle fractional seconds. * Fix jq_fuzz_parse_stream: use iterative parser API for streaming mode. * Fix crashes and resource leaks in jq_testsuite. * Support building with --disable-maintainer-mode and source != build dir. * Respect SOURCE_DATE_EPOCH while generating man page. * Fix undefined pointer arithmetic in UTF-8 helpers. * Fix one-byte over-read in BASE64_DECODE_TABLE. - Drop not longer needed patches: * CVE-2026-32316.patch * CVE-2026-33947.patch * CVE-2026-33948.patch * CVE-2026-39956.patch * CVE-2026-39979.patch * CVE-2026-40164.patch * CVE-2026-40612.patch * CVE-2026-41256.patch * CVE-2026-41257.patch * CVE-2026-43894.patch * CVE-2026-43895.patch * CVE-2026-43896.patch * CVE-2026-44777_0.patch * CVE-2026-44777_1.patch ==== kactivitymanagerd6 ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== kde-cli-tools6 ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== kde-gtk-config6 ==== Version update (6.7.0 -> 6.7.1) Subpackages: kde-gtk-config6-gtk3 - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== kdecoration6 ==== Version update (6.7.0 -> 6.7.1) Subpackages: libkdecorations3-6 libkdecorations3private2 - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== kdeplasma6-addons ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== kgamma6 ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== kglobalacceld6 ==== Version update (6.7.0 -> 6.7.1) Subpackages: libKGlobalAccelD6-0 - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== kinfocenter6 ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 * kcms/samba: Port to Kirigami.StyleHints for framed backgrounds ==== kmenuedit6 ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== knighttime6 ==== Version update (6.7.0 -> 6.7.1) Subpackages: libKNightTime0 - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== kpipewire6 ==== Version update (6.7.0 -> 6.7.1) Subpackages: kpipewire6-imports libKPipeWire6 libKPipeWireDmaBuf6 libKPipeWireRecord6 - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== kscreen6 ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== kscreenlocker6 ==== Version update (6.7.0 -> 6.7.1) Subpackages: libKScreenLocker6 - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== ksshaskpass6 ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== ksystemstats6 ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== kwayland-integration6 ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== kwayland6 ==== Version update (6.7.0 -> 6.7.1) Subpackages: libKWaylandClient6 - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== kwin6 ==== Version update (6.7.0 -> 6.7.1) Subpackages: libkwin6 - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Too many changes to list here - Drop patches, now upstream: * 0001-core-drmdevice-correct-the-virtio-driver-name.patch ==== layer-shell-qt6 ==== Version update (6.7.0 -> 6.7.1) Subpackages: libLayerShellQtInterface6 - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== ldacBT ==== Version update (2.0.2.3 -> 2.0.2.5) - Update to version 2.0.2.5: + Allow build with CMake 4.0.0 + Drop patch version in soname, built libraries will only have .so.2.0.2 suffix at most. This is to distinguish between library version and build script version. + Pin version to 2.0.2.3 in pkgconfig file for compatibility. - Modernize spec: use cmake_build and ldconfig_scriptlets macros. - Switch to source service, upstream no longer includes upstream libldac bundled tarball, so we now need to clone the git repo ourselves. ==== libass ==== Version update (0.17.4 -> 0.17.5) - Update to 0.17.5: * Fix limited OOB read and write in wrap_lines_measure * Fix OOB bit clears for negative Matroska ReadOrder fields * Fix \fay with glyph clusters * Fix small alpha changes not always splitting runs when combined with fade * Fades are now applied to BorderStyle=4 boxes too * Fonts using legacy arabic Windows charmaps are now supported * ass_render_frame no longer returns fully transparent images * Avoid SSE instructions if compiler baseline already includes AVX - Remove d013d97631bf86577e7eb44941b2b7b9cf4192d0.patch: included in upstream release ==== libcamera ==== Subpackages: libcamera-base0_7 libcamera0_7 - Be explicit about not using libunwind to address a s390x build failure. ==== libkscreen6 ==== Version update (6.7.0 -> 6.7.1) Subpackages: libKF6Screen8 libKF6ScreenDpms8 libkscreen6-plugin - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== libksysguard6 ==== Version update (6.7.0 -> 6.7.1) Subpackages: ksysguardsystemstats6-data libKSysGuardSystemStats2 libksysguard6-imports - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== libpisp ==== Version update (1.3.0 -> 1.6.0) - Update to version 1.6.0 * backend: Allow offsets to be specified as pixels or bytes. * backend: Add output image offset parameters. - Update to version 1.5.0 * utils: test_convert: Fix GStreamer pipeline colorimetry and byte ordering. * libpisp: Switch to C++20 standard. - Update to version 1.4.0 * helpers: Fix incorrect header in media_device.cpp. * Adding gst pispconvert component. * helpers: dma_heap: Fix clang compile error. ==== libplasma6 ==== Version update (6.7.0 -> 6.7.1) Subpackages: libPlasma7 libplasma6-components libplasma6-desktoptheme - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 - Add provides for libPlasma6 to fix pulling in libPlasma6-lang (boo#1268766) ==== libslirp ==== Version update (4.9.1+1 -> 4.9.3+4) - Update to version 4.9.3+4: * Add CVE information * slirp: permit guestfwd to vhost_addr/vnameserver_addr * Test qemu migration support * Release v4.9.3 * slirp: Fix migration break on incorrect vmstate retcode * Add missing diff url * Release v4.9.2 * tcp_sockclosed: Set linger timer on remaining closing states * oob: cap urgent data count to what is actually available * bootp: allow https for UEFI HTTP boot * ncsi: Document the Get Version ID (GVI) packet handler * ncsi: Document why we fix memory alignment by adding 2-byte padding * ncsi: add documentation comments to the packet handler table for improved readability * Fix byte order * SO_ERROR: take the errno as error hint * vmstate: pass on read/write errors for state * cope with SO_ERROR possibly failing * Move the modified 3-Clause BSD text into LICENSE * fix: honor dns server port number on macos - fixes CVE-2026-9539 [bsc#1268903] ==== libzio ==== Version update (1.14 -> 1.15) - Update to version 1.15 Refactored zio.c as well as optimized - Functional Verification: All compression formats (gzip, bzip2, lzma, xz, zstd) were validated via the test loop. - Static Analysis & Bugfixes: - Fixed a memory leak and uninitialized value in autodetect and fzopen. - Fixed Double-Free vulnerabilities in zio_open_gzip_pipe and zio_open_bzip2_pipe. - Compatibility: Verified the HAS_LZMADEC_H path with the legacy lzmadec.h. - Optimizations: Replaced heap allocation for the check buffer with a stack-based buffer in fzopen and _knowntype_fdzopen to reduce overhead. ==== milou6 ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 * lib/ResultsView: consider all data changes results (kde#521598) ==== ncurses ==== Version update (6.6.20260608 -> 6.6.20260613) Subpackages: libncurses6 ncurses-utils terminfo-base - Mark build recipe as requiring bash - Modernize specfile/drop old constructs - Add ncurses patch 20260613 + add ich/ich1 to putty -TD + reorder %i's in some capabilities for better matching of blocks -TD + add sc/rc to ti928 -TD + add rin to ncr260vt300an and ncr260vt100an, matching the AT&T ind/indn -TD + add rwidm, kdch1 to att730 -TD + change %2d and %3d to %02d and %03d to match original termcaps -TD + reduce unnecessary %2d and %3d to just %d -TD + correct conversion of termcap %2 and %3 to terminfo in _nc_captoinfo. ==== nftables ==== Subpackages: libnftables1 python313-nftables - add support-reproducible-build.patch: this is a cherry pick of four unreleased upstream commits which are needed to properly backport the reproducible build feature. ==== nghttp2 ==== - stricter validation for HTTP CONNECT and Upgrade requests across HTTP/1, HTTP/2, and HTTP/3 upstreams, specifically rejecting requests that incorrectly include Content-Length or Transfer-Encoding headers * Add 0001-nghttpx-Tighten-up-CONNECT-and-HTTP-Upgrade-handling.patch CVE-2026-58055, bsc#1269489 ==== openSUSE-build-key ==== - do not include the projects _pubkey if we have it already. - use the modification time for key2rpname ==== pango ==== Version update (1.57.1 -> 1.58.0) Subpackages: libpango-1_0-0 typelib-1_0-Pango-1_0 - Update to version 1.58.0: + PangoFontDescription has a new width attribute, which is like stretch, but allows intermediate values + PangoRenderer has gained the ability to render only certain components of a layout (such overlines, underlines, text,...) ==== patterns-kde ==== - Disambiguate kde_utilities and kde_utilities_opt pattern summaries (bsc#1267854) ==== plasma5support6 ==== Version update (6.7.0 -> 6.7.1) Subpackages: libPlasma5Support6 - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== plasma6-activities ==== Version update (6.7.0 -> 6.7.1) Subpackages: libPlasmaActivities7 plasma6-activities-imports - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== plasma6-activities-stats ==== Version update (6.7.0 -> 6.7.1) Subpackages: libPlasmaActivitiesStats1 - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== plasma6-browser-integration ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== plasma6-desktop ==== Version update (6.7.0 -> 6.7.1) Subpackages: plasma6-desktop-emojier - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 * applets/kickoff: show sidebar highlight with switch on hover (kde#521558) * applets/kickoff: explicitly set implicit sizes for fullRep StackView (kde#521383) * kcms/gamecontroller: Disable gamepad input emulation by default * applets/taskmanager: fix badge overflow at extreme margins of usage (kde#521562) * kcms/keyboard: Ensure that keyboards without variant info don't show "undefined" as variant ==== plasma6-integration ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== plasma6-nm ==== Version update (6.7.0 -> 6.7.1) Subpackages: plasma6-nm-openconnect plasma6-nm-openvpn - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 * Fix showing network details (kde#521415) * Fix tray icon for virtual wired devices (kde#516709) ==== plasma6-openSUSE ==== - Update to 6.7.1 ==== plasma6-pa ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== plasma6-print-manager ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 * set selected: property on ItemDelegates's contentItem stuff ==== plasma6-systemmonitor ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 * table: Do nothing if data() functions are passed an invalid index * table: Make sure to cleanup sorted columns when using "hide column" on table * table: Explicitly remove duplicate entries from sortedColumns in ColumnSFModel (kde#518073) ==== plasma6-workspace ==== Version update (6.7.0 -> 6.7.1) Subpackages: plasma6-session plasma6-workspace-libs - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 * applets/kicker: return empty string for computermodel description (kde#521799) * startplasma: Tweak the time when global themes are switched * scripting: Read/write panel alignment from correct config * plasma-apply-lookandfeel: Optionally blend changes when changing color scheme * Klipper: reset search field on popup close (kde#504658) * wallpapers/image: fix heap-use-after-free in SlideFilterModel::invalidate() * libtaskmanager: Fix missing argument for QString::arg * wallpapers/image: fix flaky testCustomAccentColorFromWallpaperMetaData test * wallpapers/image: fix flaky SlideFilterModelTest from QFuture synchronous continuation * components/calendar: fix today-highlight showing wrong day for UTC+x timezones before UTC midnight (kde#521114) * applets/notifications: Explicitly set rotation in the unread state (kde#458156) * 🍒 kcms/wallpaper: Avoid storing screen as raw pointer (kde#521078) ==== podman ==== Version update (5.8.2 -> 5.8.3) - Update to version 5.8.3: * Bump to v5.8.3 * Update release notes for v5.8.3 * Bump to gvisor-tap-vsock v0.8.9 * [v5.8] Bump Buildah to v1.43.2 * ci: fix validate-source checks vs stale labels * Release automation: update org location * ci: use env vars to avoid template expansion in code contexts * ci: use --sandbox for dynamically generated sed scripts * Update gh org from which releases are pulled in pswh scripts * pkg/machine/e2e: set XDG_CONFIG_HOME * Set permissions for win installer CI job * ci: delete netavark v2 * ci: fix storage.conf composefs setup * Update release ID in win-installer-main.ps1 * Use GH token to download Podman release in utils.ps1 * validate ci.yml file * ci: add path-filter to success job * CI: Adjust Mac tmpdir * ci: fix validate job to actually work on push * ci: skip validate-source on push * ci: add GITHUB_TOKEN to win installer test * test/python/docker/compat: skip test_search_image * ci.yml: add macos jobs * ci.yml: add windows jobs * New GHA lima ci testing setup * Run 'make swagger' in the validate-source GHA job * Migrate 'build each commit' check from Cirrus to GHA * Migrate validate-source from Cirrus to GitHub Actions * Rename contrib/cirrus to hack/ci * .cirrus.yml: do not run golangci-lint for freebsd and mac * Makefile: run golangci-lint for all supported OSes * hack/golangci-lint.sh: fix binary lookup order * pkg/bindings/generator: fall back to golangci-lint from $PATH * hack: reuse already installed golangci-lint * ci: replace git-validation with a small shell script * .editorconfig: add indentation rule for shell files * ci: rm contrib/cirrus/check_go_changes.sh * .golangci.yml: deny using obsoleted os.Is... checks * Remove unused nolint annotations * Replace os.Is* error checks with errors.Is * Fix compilation of tests without CGo * test/system: fix "quadlet kube - start error" flake * test/system: fix can trap signal flake * test/system: do not use image mount as rootfs source * test/system: fix "podman kill - concurrent stop" * test/system: use DISABLE_HC_SYSTEMD for 2 tests * test/e2e: deduplicate some network subnets * test/system: bump "unlock while waiting for timeout" timeout * test/system: do not run "podman pause/unpause" in parallel * test/system: fix "stop container when healthcheck runs" flake * test/system: fix "podman stop - unlock while waiting for timeout" * test/e2e: fix static port assignment * test/system: skip one new pasta flake * test/e2e: fix some duplciated network subnets * test/e2e: skip "podman run --shm-size-systemd" as root * test/e2e: skip "sshd and API services required" * test/system: fix "add username to /etc/passwd if --userns=keep-id" * test/system: skip "IPv6 default address assignment" * test/system: fix quadlet - rootfs on kernel 7.1 * Cite go module change * Install WiX v5.0.2 to build the Windows installer * Bump Podman to v5.8.3-dev ==== polkit-default-privs ==== Version update (1550+20260616.1f348eb -> 1550+20260623.563df94) - Update to version 1550+20260623.563df94: * profiles: added kdeplasma6-addons kameleon.qmk (bsc#1267818) ==== polkit-kde-agent-6 ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== powerdevil6 ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== python-SQLAlchemy ==== Version update (2.0.50 -> 2.0.51) - update to 2.0.51: * https://docs.sqlalchemy.org/en/21/changelog/changelog_20.html#change-2.0.51 ==== python-greenlet ==== Version update (3.5.0 -> 3.5.3) - Add build-Cpp-linking.patch fixing linking C++ problems with Python 3.14.6 (see https://discuss.python.org/t/c-linking-in-3-14-6-is-there-a-regression/107932) - update to 3.5.3: * Fix a crash on free-threaded builds when multiple greenlets were holding a critical section on an object and the GIL for the thread was dropped. See issue 513. Thanks to ddorian. - Update to 3.5.2 * The minimum supported version of Python 3.15 is now 3.15b2. * Fix some garbage-collection related crashes on free-threaded Python 3.15. Thanks to Kumar Aditya in PR #511. * Improve garbage collection of greenlets. This mostly applies to Python 3.15. Thanks to Kumar Aditya in PR #512. - Update to 3.5.1 * Add preliminary support for Python 3.15b1. This has not been reviewed by CPython core developers, but all tests pass. Binary wheels of this version won't work on earlier Python 3.15 builds and may not work on later 3.15 builds. * Fix the discrepancy in the way the two ``getcurrent`` APIs behave during greenlet teardown. One API (the C API used by, e.g., gevent raised a ``RuntimeError``; the other (the Python ``greenlet.getcurrent`` API) returned ``None``. This second way is incompatible with greenlet's type annotations, so ``greenlet.getcurrent`` now raises a ``RuntimeError`` as well. ==== qqc2-breeze-style6 ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== raspberrypi-firmware-dt ==== - Drop RP1 hog gpio node 0001-arm64-dts-bcm2712-Remove-rp1-hog-gpio-node.patch- ==== runc ==== Version update (1.4.1 -> 1.4.2) - Update to runc v1.4.2. Upstream changelog is available from . - runc.keyring has been updated to match the new version from upstream. ==== sddm-kcm6 ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== selinux-policy ==== Subpackages: selinux-policy-targeted - fixed text output during package instalation (bnc#1268009) - enhance migration marker cleanup in /etc/selinux to properly delete markers when removing selinux-policy-FLAVOUR package - Mark all bash-using sections as requiring bash - Delete old %defattr, it's the default now anyway - Reduce %if BUILD_xxx to span just %files and triggers, that's all it needs - Fix syntax in scriptlets ==== setools ==== Version update (4.6.0 -> 4.7.0) - Fix setools test package - Update to version 4.7.0: - Add MCP server to provide LLMs the ability to analyze policy. - Internal changes: - The source distribution is now a Python sdist. - The policyrep C extension is cythonized, so cython is an optional build dependency now. Still keeping it in, might be good to still rebuild it ourselves. ==== shim-leap ==== - Apply nx-shim, create non-nx shim boot entry: shim-16.1-lp156.7.1.aarch64.rpm shim-16.1-lp156.7.1.x86_64.rpm RPMs are coming from openSUSE secure-boot shim 15.6: https://build.opensuse.org/projects/openSUSE:Factory:secure-boot/packages/shim/repositories/15.6/binaries - Version: 16.1, "Aug 14 2025" - Include the bug fixes for bsc#1205588 - Use nx shim as the default shim binary. Add Microsoft-signed nx-shim: Source40 shim-opensuse.nx.x86.efi Source41 shim-opensuse.nx.aarch64.efi - Use ms-signed nx shim when the version equals with the version of newly built shim - Version mismatch indicates development of a new shim. - Create non-nx shim boot entry as a fallback option Because we apply nx shim as the default shim binary in /boot/efi/EFI/opensuse/shim.efi /boot/efi/EFI/boot/bootx64.efi or bootaa64.efi In case that user got any problem when the machine boots with nx-shim, so we create a new boot entry for non-nx shim as a fallback option by efibootmgr. - Removed the override shim-install. Let's direct use the shim-install script from shim-16.1*.rpm. ==== spectacle ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 * Set startupId to token received from notification on OpenUrlJob * InlineMessageModel: Support copyToClipboard with QUrl ==== systemd ==== Subpackages: libsystemd0 libudev1 systemd-boot systemd-container udev - Temporarily add 1002-nss-systemd-avoid-ELF-TLS-for-recursion-guard.patch until upstream releases it (bsc#1254924) ==== systemsettings6 ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * Update version for new release 6.7.1 ==== tar ==== - Fix CVE-2026-5704.patch causing errors when extracting certain archives generated by rpm2archive which contain hard links - Refresh fix-dereference.patch - Fix tar changing dir permissions temporarily even when using --no-overwrite-dir * no-overwrite-dir-fix.patch - Fix CVE-2026-5704, crafted archives can be used to to hide file injection (bsc#1261900) * CVE-2026-5704.patch - Fix --dereference/-h not working properly after CVE-2025-45582 fix (bsc#1265450) * fix-dereference.patch - Fix extraction failure for paths like "a/./b" caused by the gnulib openat2 implementation (bsc#1267189) * openat2-fix-dotlike-failure.patch ==== tesseract-ocr ==== Subpackages: libtesseract5 tesseract-ocr-common - Drop the now-unused OpenCL build dependencies opencl-headers and pkgconfig(OpenCL) (boo#1213370): * OpenCL support is experimental and disabled (the --enable-opencl configure flag was already removed); these requires were left behind and only bloated the build. * With OpenCL off, libtesseract no longer links libOpenCL.so.1, so it no longer fails to start with "libOpenCL.so.1: cannot open shared object file" (boo#1232640). ==== thin-provisioning-tools ==== Version update (1.3.2 -> 1.3.3) - Update to version 1.3.3: * thin_explore: fix a panic when navigating an empty top-level tree, and panics when navigating empty btrees * era_invalidate: fix missing era array traversal when no writesets exist * thin_metadata_pack/unpack: flush the output file before returning * update bundled dependencies to their latest patch releases ==== upower ==== Version update (1.91.1 -> 1.91.2) Subpackages: libupower-glib3 - Revert unneeded policy kit rules (mainline git commit d75f2dbee4df2) A policy-org.freedesktop.upower.rules-grant-permission-for-skipping-the-inhibitor.patch - Update to version 1.91.2: + Feature: Skip the systemd inhibitor when performing CriticalPowerAction + Feature: Introduce "Auto" CriticalPowerAction using systemd-logind Sleep() + Fix: Test CanPowerOff() availability before calling PowerOff() + Fix: Add charge limit support for systems providing only charge_control_end_threshold - Add 25303ba52771ee514b70fb1a5318a8313889ac31.patch: up-device-battery: Prefer "Standard" over "Fast" charging ==== vim ==== Version update (9.2.0530 -> 9.2.0725) Subpackages: vim-data-common vim-small - Replace pkgconfig(gtk+-3.0) with pkgconfig(gtk4) and pass - -enable-gui=gtk4 instead of --enable-gui=gtk3 to configure. Build gvim with gtk4 instead of gtk3. - Refresh patches with quilt. - Updated to version 9.2.0725, fixes the following problems: 9.2.0531: tests: Test_cd_completion() fails on MS-Windows with E344 9.2.0532: GTK: preedit font size is wrong for fractional point sizes 9.2.0533: '[ mark moved to end of inserted text after CTRL-R CTRL-P paste 9.2.0534: GTK UI does not support fullscreen mode 9.2.0535: tests: matchit plugin is not tested 9.2.0536: tests: Test_invalid_args() fails on GTK4 without xterm_clipboard 9.2.0537: GTK4: mouse popup menu does not show up at mouse pointer 9.2.0538: Cannot keep leading whitespace in %{} statusline expr 9.2.0539: filetype: too many Bitbake include files are recognized 9.2.0540: tests: Test_mswin_event_mouse is flaky 9.2.0541: Vim9: endclass/endenum/endinterface can give errors 9.2.0542: tests: test_codestyle fails 9.2.0543: Vim9: wrong error when redeclaring a typed variable 9.2.0544: GTK4: window blank after a resize or drag 9.2.0545: popup: blending uses hardcoded fallback colors 9.2.0546: configure: GTK4 build requires GTK >= 4.10 9.2.0547: "%v" in 'errorformat' is affected by 'tabstop' 9.2.0548: GTK4: terminal and pty job output is not processed 9.2.0549: Cursor wrong after autoindent strip is skipped 9.2.0550: GTK4: 'mousehide' unhides cursor when switching tabs 9.2.0551: filetype: Tolk files are not recognized 9.2.0552: GTK4: F10 does nothing when the menubar is hidden 9.2.0553: runtime(netrw): netrw rejects hostnames containing _ 9.2.0554: GTK4: memory leak in free_menu() 9.2.0555: too many strlen() in ex_substitute() 9.2.0556: GTK4: scrollbars not shown and do not respond to clicks 9.2.0557: filetype: Kawasaki Robots files are not recognized 9.2.0558: filetype: Popcap Reanimation files are not recognized 9.2.0559: filetype: Kaitai struct files are not recogonized 9.2.0560: filetype: busybox shebang lines are not recognized 9.2.0561: [security]: possible code execution with python3complete 9.2.0562: filetype: SGF files are not recognized 9.2.0563: GTK3/Wayland: crash with right mouse-button in tabline 9.2.0564: GTK4: tabline does not respond to mouse clicks 9.2.0565: [security]: out-of-bounds read in update_snapshot() 9.2.0566: f duplicates window if do_ecmd() is aborted 9.2.0567: dict function name allocation failure not handled 9.2.0568: pythoncomplete: g:pythoncomplete_allow_import had no effect 9.2.0569: out-of-bounds access in libvterm CSI 8 t resize 9.2.0570: GTK4: mouse wheel scrolling does not work correctly 9.2.0571: Vim9: memory leak in compile_nested_function() on failure 9.2.0572: lines disappear with wrapping virtual text after a double-width char 9.2.0573: Vim9: missing EX_WHOLE on some block keywords 9.2.0574: tests: missing test for v9.2.0572 9.2.0575: tests: filetype test for v9.2.0557 can be improved 9.2.0576: popup_create() not blocked in secure/sandbox 9.2.0577: GTK4: window resizing issues 9.2.0578: GTK4: :unmenu does not remove entries from the menubar 9.2.0579: :mksession, :mkview and :mkvimrc emit legacy Vim script 9.2.0580: xxd: binary output is not colored with -R 9.2.0581: After maximizing and deleting the quickfix buffer, window height is wrong 9.2.0582: GTK4: compile error when XFONTSET is defined 9.2.0583: completion: indent not ignored for fuzzy line completion 9.2.0584: GTK4: missing UI features 9.2.0585: line number wrong after undoing a deletion in quickfix buffer 9.2.0586: Crash with TextPut autocmd when pasting in terminal buffer 9.2.0587: GTK4: left scrollbar overlaps drawarea 9.2.0588: GTK4: drawing area loses focus after closing a menubar popover 9.2.0589: filetype: xinitrc files are not recognized 9.2.0590: GTK4: drawing area loses focus shape on popup menu open 9.2.0591: 'scrolljump' ignored when scrolling up 9.2.0592: Error when restoring session with terminal window 9.2.0593: :wqall ignores term_setkill() on running terminal buffers 9.2.0594: Use-after-free with ":wqall" and a running terminal job 9.2.0595: MS-Windows: Wrong buffer size calculation for gvimext 9.2.0596: cmdline completion popup cannot be scrolled with the mouse 9.2.0597: [security]: possible code execution with python complete 9.2.0598: tests: Test_statusline() is flaky 9.2.0599: popup: title set with popup_setoptions() is not shown 9.2.0600: clientserver method needs to be given as argument 9.2.0601: matchfuzzypos() returns garbage positions for long candidates 9.2.0602: popup: No opacity when background not set for Popup group 9.2.0603: possible heap-buffer-overflow when resizing the GUI 9.2.0604: tests: Test_mswin_event_mouse() is still flaky 9.2.0605: tests: Test_screenpos() is flaky in GUI 9.2.0606: GTK4: does not support all clipboard formats 9.2.0607: GTK4: inputdialog() does not work as expected 9.2.0608: popup_setoptions()/ch_setoptions() does not check secure mode 9.2.0609: completion info popup cannot be scrolled with the keyboard 9.2.0610: cindent: closing brace in a comment affects the next line's indent 9.2.0611: MS-Windows: evim.exe not working with VIMDLL 9.2.0612: Cannot render images in popup windows 9.2.0613: tests: test_xxd_color2() checks for dash but uses sh 9.2.0614: opacity popup leaves stale cells 9.2.0615: sixel encoder drops pixels on the right edge of shapes 9.2.0616: GTK4: use-after-free on clipboard read timeout 9.2.0617: GvimExt: does not support different runtime dirs 9.2.0618: use-after-free in popup_getoptions() on dict_add() failure 9.2.0619: integer overflow in popup image size validation 9.2.0620: runtime(netrw): fix 2match pattern rebuild 9.2.0621: 'autoindent' not stripped with virtualedit=onemore 9.2.0622: str2blob() does not work with wide UTF-16 encoding 9.2.0623: possible integer overflow in spellfile tree bounds check 9.2.0624: C-N/C-P cannot be mapped in complete() completion ... changelog too long, skipping 102 lines ... * vim-9.1.1732-fix-inc-detection.patch ==== xdg-desktop-portal-kde6 ==== Version update (6.7.0 -> 6.7.1) - Update to 6.7.1: * New bugfix release * For more details see https://kde.org/announcements/plasma/6/6.7.1 - Changes since 6.7.0: * clipboard: Check for inputcapture session everywhere * Update version for new release 6.7.1 * clipboard: Fix crash after session is destroyed * accessdialog: Fix body label * settings: Explicitely set delayed reply when sending errors ==== zlib ==== Subpackages: libminizip1 libz1 - drop 0001-Do-not-try-to-store-negative-values-in-unsigned-int.patch * effectively a noop now, as strstart and insert are unsigned, hence the if condition is always true (if not equal).