Packages changed: MicroOS-release (20260216 -> 20260217) cockpit-podman (119.1 -> 120) ddcutil dracut (109+suse.37.geed860c2 -> 109+suse.39.g53459763) kernel-firmware-amdgpu (20260130 -> 20260214) kernel-firmware-ath10k (20251205 -> 20260206) kernel-firmware-ath11k (20251202 -> 20260202) kernel-firmware-ath12k (20250919 -> 20260202) kernel-firmware-bluetooth (20260116 -> 20260206) kernel-firmware-i915 (20260114 -> 20260214) kernel-firmware-media (20251228 -> 20260207) kernel-firmware-mediatek (20260119 -> 20260203) kernel-firmware-qcom (20260128 -> 20260214) kernel-firmware-realtek (20260130 -> 20260214) kernel-firmware-sound (20260130 -> 20260214) kernel-source (6.18.9 -> 6.19.2) libxml2 libxmlb (0.3.24 -> 0.3.25) ncurses (6.6.20260131 -> 6.6.20260207) pam-config (2.14+git.20260120 -> 2.14+git.20260216) python-alembic (1.17.2 -> 1.18.4) qpdf (12.2.0 -> 12.3.2) run0-wrappers (0.4+git20260109.43967c3 -> 0.4+git20260203.bbbfcf8) vim (9.1.2132 -> 9.2.0010) === Details === ==== MicroOS-release ==== Version update (20260216 -> 20260217) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== cockpit-podman ==== Version update (119.1 -> 120) - Update to 120 * Packaging fixes and translation updates - Fix esbuild for ppc64le bsc#1257698 * Include esbuild-ppc64.patch * Update update_version.sh ==== ddcutil ==== - Add 0001-fix-freezes-on-laptops.patch (boo#1257873) * Reverts 642ddd5 and 316fcb9 ==== dracut ==== Version update (109+suse.37.geed860c2 -> 109+suse.39.g53459763) Subpackages: dracut-ima - Update to version 109+suse.39.g53459763: * feat(virtfs, virtiofs): auto-add dracut module if qemu included (bsc#1258314) * fix(systemd-tmpfiles): do not include tmpfiles configured in /etc (bsc#1258186) ==== kernel-firmware-amdgpu ==== Version update (20260130 -> 20260214) - Update to version 20260214 (git commit 3a0e2a540dca): * amdgpu: DMCUB updates for various ASICs - Update to version 20260207 (git commit 9ccffb608733): * amdgpu: DMCUB updates for various ASICs ==== kernel-firmware-ath10k ==== Version update (20251205 -> 20260206) - Update to version 20260206 (git commit f2dbd7a7a74b): * ath10k: WCN3990 hw1.0: update board-2.bin ==== kernel-firmware-ath11k ==== Version update (20251202 -> 20260202) - Update to version 20260202 (git commit 40c017e718f9): * ath11k: WCN6855 hw2.0: update board-2.bin * ath11k: QCA6698AQ hw2.1: update board-2.bin ==== kernel-firmware-ath12k ==== Version update (20250919 -> 20260202) - Update to version 20260202 (git commit 40c017e718f9): * ath12k: WCN7850 hw2.0: update board-2.bin * ath12k: QCN9274 hw2.0: update to WLAN.WBE.1.6-01243-QCAHKSWPL_SILICONZ-1 ==== kernel-firmware-bluetooth ==== Version update (20260116 -> 20260206) - Update to version 20260206 (git commit f2dbd7a7a74b): * Bluetooth: Add symbolic links for Intel Solar JfP2/1 firmware variants * Bluetooth: Add symbolic links for Intel Solar firmware variants * Bluetooth: Add symbolic links for Intel Pulsar firmware variants * Bluetooth: Add symbolic links for Intel AX201 firmware variants - Update to version 20260203 (git commit ce97e4b1cb87): * linux-firmware: Update firmware file for Intel Solar core * rtl_bt: Update RTL8822C BT USB and UART firmware to 0x0673 ==== kernel-firmware-i915 ==== Version update (20260114 -> 20260214) - Update to version 20260214 (git commit 3a0e2a540dca): * xe: Update GUC to v70.58.0 for LNL, BMG, PTL ==== kernel-firmware-media ==== Version update (20251228 -> 20260207) - Update to version 20260207 (git commit 9ccffb608733): * qcom: vpu: add video firmware for Glymur ==== kernel-firmware-mediatek ==== Version update (20260119 -> 20260203) - Update to version 20260203 (git commit ce97e4b1cb87): * mediatek MT7921: update bluetooth firmware to 20251223091725 ==== kernel-firmware-qcom ==== Version update (20260128 -> 20260214) - Update to version 20260214 (git commit 3a0e2a540dca): * qcom: Update DSP firmware for qcs8300 platform * qcom: Update DSP firmware for sa8775p platform - Update to version 20260209 (git commit d87f4693ed96): * qcom: Add gpu firmwares for Glymur chipset - Update to version 20260206 (git commit f2dbd7a7a74b): * qcom: add QUPv3 firmware for x1e80100 platform * qcom: add ADSP, CDSP firmware for glymur platform ==== kernel-firmware-realtek ==== Version update (20260130 -> 20260214) - Update to version 20260214 (git commit 3a0e2a540dca): * rtw89: 8851b: add format-1 for fw v0.29.41.5 with fw elements * rtw89: 8852a: add format-1 for fw v0.13.36.2 with fw elements * rtw89: 8852bt: add regd and diag_mac and update txpwr to R09 * rtw89: 8852b: update txpwr element to R43 ==== kernel-firmware-sound ==== Version update (20260130 -> 20260214) - Update to version 20260214 (git commit 3a0e2a540dca): * cirrus: cs35l41: Add Firmware for ASUS Zenbook Laptop using CS35L41 HDA - Update to version 20260203 (git commit ce97e4b1cb87): * ASoC: tas2783: Add Firmware files for tas2783A ==== kernel-source ==== Version update (6.18.9 -> 6.19.2) - iommu/arm-smmu-qcom: do not register driver in probe() (git-fixes). - commit 7b303f4 - Linux 6.19.2 (bsc#1012628). - Revert "driver core: enforce device_lock for driver_match_device()" (bsc#1012628). - commit 57aa524 - Linux 6.19.1 (bsc#1012628). - smb: client: split cached_fid bitfields to avoid shared-byte RMW races (bsc#1012628). - ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths (bsc#1012628). - ksmbd: add chann_lock to protect ksmbd_chann_list xarray (bsc#1012628). - smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection() (bsc#1012628). - smb: smbdirect: introduce smbdirect_socket.recv_io.credits.available (bsc#1012628). - smb: smbdirect: introduce smbdirect_socket.send_io.bcredits.* (bsc#1012628). - smb: server: make use of smbdirect_socket.recv_io.credits.available (bsc#1012628). - smb: server: let recv_done() queue a refill when the peer is low on credits (bsc#1012628). - smb: server: make use of smbdirect_socket.send_io.bcredits (bsc#1012628). - smb: server: fix last send credit problem causing disconnects (bsc#1012628). - smb: server: let send_done handle a completion without IB_SEND_SIGNALED (bsc#1012628). - smb: client: make use of smbdirect_socket.recv_io.credits.available (bsc#1012628). - smb: client: let recv_done() queue a refill when the peer is low on credits (bsc#1012628). - smb: client: let smbd_post_send() make use of request->wr (bsc#1012628). - smb: client: remove pointless sc->recv_io.credits.count rollback (bsc#1012628). - smb: client: remove pointless sc->send_io.pending handling in smbd_post_send_iter() (bsc#1012628). - smb: client: port and use the wait_for_credits logic used by server (bsc#1012628). - smb: client: split out smbd_ib_post_send() (bsc#1012628). - smb: client: introduce and use smbd_{alloc, free}_send_io() (bsc#1012628). - smb: client: use smbdirect_send_batch processing (bsc#1012628). - smb: client: make use of smbdirect_socket.send_io.bcredits (bsc#1012628). - smb: client: fix last send credit problem causing disconnects (bsc#1012628). - smb: client: let smbd_post_send_negotiate_req() use smbd_post_send() (bsc#1012628). - smb: client: let send_done handle a completion without IB_SEND_SIGNALED (bsc#1012628). - driver core: enforce device_lock for driver_match_device() (bsc#1012628). - Bluetooth: btusb: Add USB ID 7392:e611 for Edimax EW-7611UXB (bsc#1012628). - ALSA: hda/conexant: Add quirk for HP ZBook Studio G4 (bsc#1012628). - crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode (bsc#1012628). - crypto: octeontx - Fix length check to avoid truncation in ucode_load_store (bsc#1012628). - crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly (bsc#1012628). - crypto: virtio - Add spinlock protection with virtqueue notification (bsc#1012628). - crypto: virtio - Remove duplicated virtqueue_kick in virtio_crypto_skcipher_crypt_req (bsc#1012628). - nilfs2: Fix potential block overflow that cause system hang (bsc#1012628). - hfs: ensure sb->s_fs_info is always cleaned up (bsc#1012628). - wifi: rtw88: Fix alignment fault in rtw_core_enable_beacon() (bsc#1012628). - scsi: qla2xxx: Validate sp before freeing associated memory (bsc#1012628). - scsi: qla2xxx: Allow recovery for tape devices (bsc#1012628). - scsi: qla2xxx: Delay module unload while fabric scan in progress (bsc#1012628). - scsi: qla2xxx: Free sp in error path to fix system crash (bsc#1012628). - scsi: qla2xxx: Query FW again before proceeding with login (bsc#1012628). - sched/mmcid: Don't assume CID is CPU owned on mode switch (bsc#1012628). - bus: fsl-mc: fix use-after-free in driver_override_show() (bsc#1012628). - erofs: fix UAF issue for file-backed mounts w/ directio option (bsc#1012628). - xfs: fix UAF in xchk_btree_check_block_owner (bsc#1012628). - drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables related to memory alloc/free (bsc#1012628). - PCI: endpoint: Avoid creating sub-groups asynchronously (bsc#1012628). - wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add (bsc#1012628). - Rename to patches.kernel.org/6.19.1-001-io_uring-io-wq-add-exit-on-idle-state.patch. ... changelog too long, skipping 55 lines ... - commit 0e2d85d ==== libxml2 ==== Subpackages: libxml2-16 libxml2-tools - CVE-2026-0990: call stack overflow leading to application crash due to infinite recursion in `xmlCatalogXMLResolveURI` (bsc#1256807, bsc#1256811) * Add patch libxml2-CVE-2026-0990.patch - CVE-2026-0992: excessive resource consumption when processing XML catalogs due to exponential behavior when handling `` elements (bsc#1256808, bsc#1256809, bsc#1256812) * Add patch libxml2-CVE-2026-0992.patch - CVE-2025-8732: infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247858, bsc#1247850) * Add patch libxml2-CVE-2025-8732.patch ==== libxmlb ==== Version update (0.3.24 -> 0.3.25) - Update to version 0.3.25: + Correctly decompress heavily compressed zstd streams ==== ncurses ==== Version update (6.6.20260131 -> 6.6.20260207) Subpackages: libncurses6 ncurses-utils terminfo-base - Add ncurses patch 20260207 + improve infocmp "-i" option, to make it easier to see unrecognized escape sequences in initialization strings, as well as extending the tables. + correct DECKPNM in vt220 is2 (Aaro Koskinen) + correct DECSTR in some Wyse terminfo entries -TD ==== pam-config ==== Version update (2.14+git.20260120 -> 2.14+git.20260216) - Update to version 2.14+git.20260216: * Define constructors ordering ==== python-alembic ==== Version update (1.17.2 -> 1.18.4) - update to el_1_18_4: * **[bug] [operations]** Reverted the behavior of `Operations.add_column()` that would automatically render the "PRIMARY KEY" keyword inline when a `Column` with `primary_key=True` is added. * **[bug] [autogenerate]** Fixed regression in version 1.18.0 due to #1771 where autogenerate would raise `NoReferencedTableError` when a foreign key constraint referenced a table that was not part of the initial table load, including tables filtered out by the `EnvironmentContext.configure.include_name` callable or tables in remote schemas that were not included in the initial reflection run. * Changed the minimum requirements to require version 1.4.23 rather than 1.4.0. * **[usecase] [operations]** The `primary_key` parameter on `Column` is now honored when `Operations.add_column()` is used, and will emit the "PRIMARY KEY" keyword inline within the ADD COLUMN directive. This is strictly a syntax enhancement; no attempt is made to reconcile the column's primary key status with any existing primary key constraint or particular backend limitations on adding columns to the primary key. * **[bug] [autogenerate]** Fixed issue in new plugin system where the configured logger was not correctly using the `__name__` token to identify the logger. * **[feature] [operations]** When alembic is run in "verbose" mode, alembic now logs a message to indicate from which file is used to load the configuration. * **[feature] [autogenerate]** Autogenerate reflection sweeps now use the "bulk" inspector methods introduced in SQLAlchemy 2.0, which for selected dialects including PostgreSQL and Oracle use batched queries to reflect whole collections of tables using O(1) queries rather than O(N). ==== qpdf ==== Version update (12.2.0 -> 12.3.2) - Include bash and zsh completions - Update to version 12.3.2: * Full changelog at https://qpdf.readthedocs.io/en/12.3/release-notes.html * Fix bug introduced in 12.3.0. If the --password was specified for the same file multiple times a usage error was thrown * Fix failure of QPDFJob::run and QPDFJob::createQPDF when called with a copy of a destroyed QPDFJob object * Always set the is_different flag in QPDFFormFieldObjectHelper::getTopLevelField * When parsing qpdf JSON input files allow empty name objects, as allowed by the PDF specification * Add QPDFNameTreeObjectHelper and QPDFNumberTreeObjectHelper constructor overloads that allow a function to be passed to validate the values in the tree. * Add new QPDFNameTreeObjectHelper and QPDFNumberTreeObjectHelper validate method to validate and optionally repair the name/number tree. * Add new get and validate methods to all DocumentHelper classes. * Add new Buffer methods move, view, data, size and empty. The new methods present the Buffer as a char container * Add various new functions in the qpdf::`global namespace to access and set/modify global settings and limits. See Global Options and header file qpdf/global.hh * Add new C-API functions qpdf_global_get_uint32 and qpdf_global_set_uint32 to access and set/modify various global settings and limits. * Attempt to detect if any > C++17 changes snuck into any public headers and check all private headers compile stand-alone. * Disallow option --deterministic-id to be used together with the incompatible options --encrypt or --copy-encryption. * Option --check now includes additional basic checks of the AcroForm, Dests, Outlines, and PageLabels structures. * Add new option --global to set or modify various global options and limits. * Fix completion scripts and handling to avoid leaking arguments into the environment during completion and to correctly handle bashcompinit for zsh users. * Add new --remove-acroform option to exclude the AcroForm dictionary from the output PDF. This option can be useful particularly when the --flatten-annotations option is used on damaged PDF files. * Add new inspection mode to help with the inspection and manual repair of damaged PDF files. * QPDFWriter will no longer add filters when writing empty streams. * More sanity checks have been added when files with damaged xref tables are recovered. ==== run0-wrappers ==== Version update (0.4+git20260109.43967c3 -> 0.4+git20260203.bbbfcf8) - Always enable polkit rules - Update to version 0.4+git20260203.bbbfcf8: * Change all upper case variables to internal lowercase ones (#3) * tests: run shellcheck on all scripts * run0-sudo: unset secure_path before calling run0 (test 5) ==== vim ==== Version update (9.1.2132 -> 9.2.0010) Subpackages: vim-data-common vim-small - update to 9.2.0010: * patch 9.2.0010: Using Wayland compositor is still slow * patch 9.2.0009: tests: test_cindent are not ordered * runtime(zip): use system() instead of :! * patch 9.2.0008: MS-Windows: font size calculation may be wrong * patch 9.2.0007: cindent: recognizing labels within commented lines * patch 9.2.0006: powershell commands wrongly wrapped when executed * patch 9.2.0005: Coverity reports unreachable code * runtime(fstab): Add cgroup2 to valid device types * runtime(hare): update syntax script for Hare 0.26.0 * runtime(vim): Error codes should not be highlighed with vim9CommentTitle * runtime(netrw): Use right file system commands initialization for Windows * patch 9.2.0004: Changing hidden prompt buffer cancels :startinsert/:stopinsert * patch 9.2.0003: tests: invalid indent in message.c * Makefile: dosrt target fails because of duplicate lang directories * runtime(sh): fix spurious nextgroup=shComment on shEscape * patch 9.2.0002: str2specialbuf() can be improved * README: Updated version from 91 to 92 in various READMEs * patch 9.1.0001: tests: Test_popup_setbuf() fails * patch 9.2.0: Need a new Vim release * runtime(doc): Update todo.txt and remove solved issues * runtime(doc): Clarify :bd behaviour * patch 9.1.2148: [security]: Buffer overflow in netbeans interface * runtime(doc): Fix typos in version9.txt * runtime(systemverilog): use correct matchit pattern for the covergroup block * runtime(doc): Fix typos in markdown READMEs * runtime(go,gleam): Remove 'formatprg' from ftplugins * runtime(sudoers): highlight usernames with hyphens, digits, underscores * runtime(doc): Use ellipses for overlength example comments at :help vim9.txt * runtime(css): Add missing numeric units * installman: Update the sed patterns in installman.sh * patch 9.1.2147: Compile warning in strings.c * runtime(doc): various netrw related corrections * patch 9.1.2146: filetype: cel files are not recognized * runtime(sh): Fix some ksh-specific deficiencies in syntax script * runtime(sshdconfig): Update syntax * patch 9.1.2145: intstalltutor Makefile target does not create the tutor/sv dir * runtime(django): add syntax support for partial * tests(commondumps): Mark and fold lines in screendump views * runtime(vimgoto): Fix gf in Vim script * runtime(java): Allow for org.TopLevelType.NestedType return types * runtime(doc): Fix typo in runtime/doc/cmdline.txt * runtime(ruby): Update for Vim 9.2 release * runtime(doc): clarify the use of 'iskeyword' option value * patch 9.1.2144: garbage collection may invalidate the recorded buffer changes * runtime(doc): Mark 'scrollfocus' as non-functional * patch 9.1.2143: wrong rendering of popups when overlapping wide char * patch 9.1.2142: MS-Windows: mouse scroll events not handled for popups * runtime(doc): add Swedish entries to Make_all.mak, add conversion rule to Makefile * runtime(nginx): Update nginx syntax script * runtime(nginx): highlight Lua in set_by_lua_block in syntax script * patch 9.1.2141: Truncation when serializing libsodium encryption parameters * runtime(gdb): Update syntax and ftplugin * translation(ru): Update Russian translation and fix typos in tutor * Revert "CI: Manage multibyte characters in syntax tests" * patch 9.1.2140: tests: Test_wayland_protocol_error_overflow() fails * runtime(python3complete): remove trailing white space * runtime(compiler): fix space escape in pyright * patch 9.1.2139: Buffer overflow in :wlrestore command * patch 9.1.2138: win_execute() and 'autochdir' can corrupt buffer name * patch 9.1.2137: test: Update tests for OpenBSD * patch 9.1.2136: :tab sbuffer may close old tabpage * runtime(tar): Make the path traversal detection more robust * runtime(doc): clarify term_cols allowed range in terminal.txt * runtime(doc): Add Swedish to help-translated list * runtime(doc): Remove Swedish translation help.svx * runtime(doc): fix pattern problem in cmdline.txt * patch 9.1.2135: tests: tar plugin does not consider 'nowrapscan' * runtime(lf): update syntax to support lf version r41 * patch 9.1.2134: Terminal doesn't handle split UTF-8 sequence after ASCII * runtime(hare): update to match upstream * patch 9.1.2133: Another case of buffer overflow with 'helpfile'