SUSE Container Update Advisory: suse/sle-micro/5.5/toolbox ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:2912-1 Container Tags : suse/sle-micro/5.5/toolbox:13.2 , suse/sle-micro/5.5/toolbox:13.2-2.2.266 , suse/sle-micro/5.5/toolbox:latest Container Release : 2.2.266 Severity : important Type : recommended References : 1188441 1222086 1222261 1222343 1222348 1223430 1223766 1224242 ----------------------------------------------------------------- The container suse/sle-micro/5.5/toolbox was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1076-1 Released: Mon Apr 1 10:51:40 2024 Summary: Recommended update for Libreoffice Type: recommended Severity: moderate References: This update for Libreoffice fixes the following issue: libreoffice was updated from version 7.6.2.1 to 24.2.1.2 (jsc#PED-7496, jsc#PED-8096): - Highlights of changes up to version 24.2.1.2 are listed in the following release notes: * https://wiki.documentfoundation.org/ReleaseNotes/24.2 * https://wiki.documentfoundation.org/Releases/24.2.1/RC2 * https://wiki.documentfoundation.org/Releases/24.2.1/RC1 * https://wiki.documentfoundation.org/Releases/7.6.4/RC1 * https://wiki.documentfoundation.org/Releases/7.6.3/RC2 * https://wiki.documentfoundation.org/Releases/7.6.3/RC1 * https://wiki.documentfoundation.org/Releases/7.6.2/RC2 - Update bundled dependencies: * curl version update from 8.2.1 to 8.6.0 * gpgme version update from 1.18.0 to 1.20.0 * harfbuzz version update from 8.0.0 to 8.2.2 * libcmis version update from 0.5.2 to 0.6.1 * libgpg-error version update from 1.43 to 1.47 * pdfium version update from 5778 to 6179 * poppler version update from 23.06.0 to 23.09.0 * skia version from m111-a31e897fb3dcbc96b2b40999751611d029bf5404 to m116-2ddcf183eb260f63698aa74d1bb380f247ad7ccd - New bundled dependencies: * Java-WebSocket-1.5.4.tar.gz * fontconfig-2.14.2.tar.xz * freetype-2.13.0.tar.xz * phc-winner-argon2-20190702.tar.gz * tiff-4.6.0.tar.xz - New required dependencies: * zxcvbn - Build Libreoffice using OpenSSL instead of NSS, since the bundled curl does not support the NSS backend any more abseil-cpp was updated from version 20230802.1 to 20240116.1: * Added absl::NoDestructor to simplify defining static types that do not need to be destructed upon program exit. * Added configurable verbose logging (also known as VLOG). * Added absl::Overload(), which returns a functor that provides overloads based on the functors passed to it. Note that this functionality requires C++17 or newer. * Breaking Changes: + AbslHashValue() no longer accepts C-style arrays as a parameter, caller need to wrap C-string literals in absl::string_view. + absl::weak_equality and absl::strong_equality have been removed. The corresponding std types were removed before C++20 was finalized libixion was updated from version 0.18.1 to 0.19.0: - C++ API: * Added support for renaming sheets after they have been created. - Formula interpreter: * Added support for inline arrays. liborcus was updated from version 0.18.1 to 0.19.2: - Changes in version 0.19.2: * Fixed a build issue with gcc 14 due to a missing include for std::find_if and std::for_each. * Fixed a segmentation fault with the orcus-test-xml-mapped test which manifested on hppa hardware, as originally reported on https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054376. * Fixed a crash when loading a document that includes a style record referencing an unnamed style record as its parent. In Excel-generated documents, styles only reference named styles as their parents. But in 3rd-party generated documents, styles referencing unnamed styles as their parents can occur. * Fixed a crash when the document model returned a null pointer when a reference resolver interface was requested. - Changes in version 0.19.1: * Implemented orcus::create_filter() which instantiates a filter object of specified type. The returned object is of type orcus::iface::import_filter. * Moved test cases for format detection to the respective filter test files. * Fixed a bug where the import filter did not set the formula grammer prior to importing. - Changes in version 0.19.0: * Added support for allowing use of std::filesystem, std::experimental::filesystem or boost::filesystem per build configuration. * Refactored styles import to use style indices returned by the document model implementer rather than using the indices stored in the file. This allows the implementer to aggregate some style records and re-use the same index for records that are stored as different records in the original file. * Fixed a bug where column styles were not applied to the correct columns when the starting column index was not 0. * Overhauled the Gnumeric import filter to fix many bugs and support many missing features relative to the other filters included in orcus. Most notable mentions are: + cell styles + rich-text strings + named ranges + row heights and column widths + merged cells * Added partial support for Apache Parquet import filter. This is still heavily experimental. zxcvbn: - New RPM package zxcvbn implementation needed as dependency for Libreoffice ----------------------------------------------------------------- Advisory ID: 33664 Released: Thu Jun 13 21:03:11 2024 Summary: Recommended update for libsolv, libzypp, zypper, PackageKit-branding-SLE, PackageKit, libyui, yast2-pkg-bindings Type: recommended Severity: important References: 1222086,1223430,1223766,1224242 This update for libsolv, libzypp, zypper, PackageKit-branding-SLE, PackageKit, libyui, yast2-pkg-bindings fixes the following issues: - Fix the dependency for Packagekit-backend-zypp in SUMa 4.3 (bsc#1224242) - Improve updating of installed multiversion packages - Fix decision introspection going into an endless loop in some cases - Split libsolv-tools into libsolv-tools-base [jsc#PED-8153] - Improve checks against corrupt rpm - Fixed check for outdated repo metadata as non-root user (bsc#1222086) - Add ZYPP_API for exported functions and switch to visibility=hidden (jsc#PED-8153) - Dynamically resolve libproxy (jsc#PED-8153) - Fix download from gpgkey URL (bsc#1223430) - Delay zypp lock until command options are parsed (bsc#1223766) - Unify message format ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2086-1 Released: Wed Jun 19 11:48:24 2024 Summary: Recommended update for gcc13 Type: recommended Severity: moderate References: 1188441 This update for gcc13 fixes the following issues: Update to GCC 13.3 release - Removed Fiji support from the GCN offload compiler as that is requiring Code Object version 3 which is no longer supported by llvm18. - Avoid combine spending too much compile-time and memory doing nothing on s390x. [bsc#1188441] - Make requirement to lld version specific to avoid requiring the meta-package. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2176-1 Released: Mon Jun 24 08:55:56 2024 Summary: Recommended update for grpc, libzypp, protobuf, python-grpcio. re2, zypper Type: recommended Severity: moderate References: 1222261,1222343,1222348 This update for grpc, libzypp, protobuf, python-grpcio, re2, zypper fixes the following issues: - rebuild packages using protobuf against newer protobuf and abseil-cpp libraries. (bsc#1222261) The following package changes have been done: - libabsl2401_0_0-20240116.1-150500.13.7.8 added - libgcc_s1-13.3.0+git8781-150000.1.12.1 updated - libprotobuf-lite25_1_0-25.1-150500.12.2.2 updated - libsolv-tools-base-0.7.29-150400.3.22.4 added - libsolv-tools-0.7.29-150400.3.22.4 updated - libstdc++6-13.3.0+git8781-150000.1.12.1 updated - libzypp-17.34.1-150500.6.2.1 updated - zypper-1.14.73-150500.6.2.1 updated - container:sles15-image-15.0.0-36.14.1 updated - libabsl2308_0_0-20230802.1-150400.10.4.1 removed