Packages changed: MicroOS-release (20250822 -> 20250825) PackageKit harfbuzz (11.4.1 -> 11.4.3) kdump (2.1.5 -> 2.1.6) net-snmp opencv patterns-base ucode-intel (20250512 -> 20250812) vlc === Details === ==== MicroOS-release ==== Version update (20250822 -> 20250825) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== PackageKit ==== Subpackages: PackageKit-backend-dnf libpackagekit-glib2-18 typelib-1_0-PackageKitGlib-1_0 - Add PackageKit-zypp-parallel-package-downloads.patch: zypp: Implement parallel downloading (gh#PackageKit/PackageKit/commit/dd39d2982, bsc#1244920). ==== harfbuzz ==== Version update (11.4.1 -> 11.4.3) Subpackages: libharfbuzz-gobject0 libharfbuzz-subset0 libharfbuzz0 typelib-1_0-HarfBuzz-0_0 - Update to version 11.4.3: + Make shaping fail much faster for certain malformed fonts (e.g., those that trigger infinite recursion). + Fix undefined behaviour introduced in 11.4.2. + Fix detection of the “Cambria Math” font when fonts are scaled, so the workaround for the bad MATH table constant is applied. - Update to version 11.4.2: + Various performance and memory usage improvements. + The hb-shape command line tool can now be built with the amalgamated harfbuzz.cc source. + Fix regression in handling version 2 of avar table. + Increase various buffer length limits for better handling of fonts that generate huge number of glyphs per codepoint (e.g. Noto Sans Duployan). + Improvements to the harfrust shaper for more accurate testing. ==== kdump ==== Version update (2.1.5 -> 2.1.6) - upgrade to version 2.1.6 * drop broken option KDUMP_NETCONFIG="" from manpage * prevent NetworkManager from overwriting resolv.conf (bsc#1247848) * fix KDUMP_NETCONFIG=auto for NetworkManager (bsc#1247848) * exclude kernel.panic_on_warn sysctl (bsc#1247355) ==== net-snmp ==== Subpackages: libsnmp40 snmp-mibs - Use pyproject macros to build and install. - Add patch net-snmp-5.9.4-setup.py-basedir-environ.patch: * Also use environment variables to set the basedir. - Specify directories explicitly in %files. ==== opencv ==== - Add opencv-ppc64le-power9.patch, fix missing vec_cvfo on POWER9 due to unavailable VSX float64 conversion ==== patterns-base ==== Subpackages: patterns-base-base patterns-base-bootloader patterns-base-minimal_base patterns-base-x11 - clean up recommends: no longer recommend inexitsing packages: + ifplugd: Removed from Tumbleweed in January 2020 + providers: Removed from Tumbleweed in July 2017 + translation-update: Removed from Tumbleweed in July 2024 + openssh-askpass: removed in favor of the openssh internal provided askpass ==== ucode-intel ==== Version update (20250512 -> 20250812) - Intel CPU Microcode was updated to the 20250812 release (bsc#1248438) - Security updates for INTEL-SA-01249 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01249.html - CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable escalation of privilege via local access. - Security updates for INTEL-SA-01308 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01308.html - CVE-2025-22840: Sequence of processor instructions leads to unexpected behavior for some Intel Xeon 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access - Security updates for INTEL-SA-01310 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01310.html - CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM for some Intel Xeon 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access. - Security updates for INTEL-SA-01311 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01311.html - CVE-2025-22889: Improper handling of overlap between protected memory ranges for some Intel Xeon 6 processor with Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access. - Security updates for INTEL-SA-01313 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html - CVE-2025-20053: Improper buffer restrictions for some Intel Xeon Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access. - Security updates for INTEL-SA-01367 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01367.html - CVE-2025-26403: Out-of-bounds write in the memory subsystem for some Intel Xeon 6 processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access. - CVE-2025-32086: Improperly implemented security check for standard in the DDRIO configuration for some Intel Xeon 6 Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access. - Update for functional issues. Refer to 13th/14th Gen Intel Core Processor Specification Update for details. - Update for functional issues. Refer to 3rd Gen Intel Xeon Processor Scalable Family Specification Update for details. - Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors Specification Update for details. - Update for functional issues. Refer to 5th Gen Intel Xeon Scalable Processors Specification Update for details. - Update for functional issues. Refer to 6th Gen Intel Xeon Scalable Processors Specification Update for details. - Update for functional issues. Refer to Intel Core Ultra 200 V Series Processor for details. - Update for functional issues. Refer to Intel Core Ultra Processor for details. - Update for functional issues. Refer to Intel Core Ultra Processor (Series 2) for details. - Update for functional issues. Refer to Intel Xeon 6700-Series Processor Specification Update for details. - Update for functional issues. Refer to Intel Xeon D-2700 Processor Specification Update for details. - Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ARL-H | A1 | 06-c5-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2) | ARL-S/HX (8P) | B0 | 06-c6-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2) | EMR-SP | A1 | 06-cf-02/87 | 210002a9 | 210002b3 | Xeon Scalable Gen5 | GNR-AP/SP | B0 | 06-ad-01/95 | 010003a2 | 010003d0 | Xeon Scalable Gen6 | GNR-AP/SP | H0 | 06-ad-01/20 | 0a0000d1 | 0a000100 | Xeon Scalable Gen6 | ICL-D | B0 | 06-6c-01/10 | 010002d0 | 010002e0 | Xeon D-17xx, D-27xx | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d000404 | 0d000410 | Xeon Scalable Gen3 | LNL | B0 | 06-bd-01/80 | 0000011f | 00000123 | Core Ultra 200 V Series Processor | MTL | C0 | 06-aa-04/e6 | 00000024 | 00000025 | Core™ Ultra Processor | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004128 | 00004129 | Core Gen13 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004128 | 00004129 | Core Gen13 | SPR-HBM | Bx | 06-8f-08/10 | 2c0003f7 | 2c000401 | Xeon Max | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4 | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4 | SRF-SP | C0 | 06-af-03/01 | 03000341 | 03000362 | Xeon 6700-Series Processors with E-Cores New Disclosures Updated in Prior Releases: All ADL, RPL, SPR, EMR, MTL, ARL Microcode patches previously released in May 2025. ==== vlc ==== Subpackages: libvlc5 libvlccore9 vlc-noX vlc-qt - Port to current ffmpeg-7: Remove version constraints on ffmpeg BuildRequires, add upstream patches and pass disable-vdpau to configure, this disables build/shipping of vdpau subpackage. Patches added: 5574.patch, 6168.patch, 6273.patch, 6606.patch and 6527.patch. - Add missing vlc Requires to devel sub-package, previously pulled in via vlc-vdpau package.