Packages changed: libgphoto2 (2.5.33 -> 2.5.34) libsolv (0.7.38 -> 0.7.39) libsoup2 libzypp (17.38.10 -> 17.38.11) re2c (4.5 -> 4.5.1) util-linux (2.41.3 -> 2.42.1) util-linux-systemd (2.41.3 -> 2.42.1) === Details === ==== libgphoto2 ==== Version update (2.5.33 -> 2.5.34) Subpackages: libgphoto2-6 libgphoto2-6-lang libgphoto2_port12 - libgphoto2 2.5.34 release ptp2: * new Canon EOS SDRAM capture method added * new Nikon Z series property code list method added * Sony generation 2 vs 3 handling enhanced * Security issues fixed: * CVE-2026-40333: information disclosure and denial of service via unbounded reads in ptp unpack EOS events (bsc#1262445) * CVE-2026-40334: information disclosure and denial of service via missing null terminator ptp_unpack_Canon_FE (bsc#1262446) * CVE-2026-40335: information disclosure via out-of-bounds read in ptp_unpack_DPV (bsc#1262447) * CVE-2026-40336: memory leak in ptp_unpack_Sony_DPD() can lead to denial of service (bsc#1262448) * CVE-2026-40338: information disclosure and denial of service via out-of-bounds read in the PTP_DPFF_Enumeration case of ptp_unpack_Sony_DPD() (bsc#1262449) * CVE-2026-40339: information disclosure via out-of-bounds read in ptp_unpack_Sony_DPD() (bsc#1262450) * CVE-2026-40340: information disclosure and denial of service via out-of-bounds read in ptp_unpack_OI() (bsc#1262452) * CVE-2026-40341: denial of service via out-of-bounds read from untrusted USB devices in ptp_unpack_EOS_FocusInfoEx (bsc#1262454) * chdk: several bugfixes for liveview * configs: * nikon: flashready, infodisperrstatus added * sony: exposureprogram mode3, focusdistancemeters, shutter lag timing, focus indication, shutter type, drange optimizer added, silent mode * canon eos: remoterelease config values changed * panasonic: bulb added * leica: detect not yet listed leicas better in generic mode * added ids: * Sony: ILCE-1M2 * Nikon: CoolPix P1100, S3500, Z50_2, * Canon: EOS R1, R6 Mark III * Fuji Finepix S4200, X-E5, * Leica SL3 jd11: * allow TIFF / DNG export * needs libtiff library to work all: * some bugfixes * replaced various strcpy with strncpy translations: * updated gregorian, spanish * added arabic ==== libsolv ==== Version update (0.7.38 -> 0.7.39) Subpackages: libsolv-tools-base libsolv1 ruby-solv - fix solv_chksum_free segfault when called with a NULL pointer - bump version to 0.7.39 ==== libsoup2 ==== Subpackages: libsoup-2_4-1 libsoup2-lang - Add libsoup2-CVE-2026-1801.patch: Use CRLF as line boundary when parsing chunk encoding data (bsc#1257649 CVE-2026-1801 glgo#GNOME/libsoup#481). ==== libzypp ==== Version update (17.38.10 -> 17.38.11) - Fix potential crash on malformed or malicious repository metadata (fixes #740) - version 17.38.11 (35) ==== re2c ==== Version update (4.5 -> 4.5.1) - Fix License tag to SUSE-Public-Domain (the previous LicenseRef-SUSE-Public-Domain form was invalid and caused the Factory submission to be declined) - Spec cleanup: * Add missing BuildRequires: make * Drop spurious executable permission from the bundled examples/*/__run_all.sh helper scripts - Update to version 4.5.1 * Add missing include files to the distribution (#573). ==== util-linux ==== Version update (2.41.3 -> 2.42.1) Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 util-linux-lang - Update to version 2.42.1: * agetty: Always call chdir after chroot * bits: * use getline() to avoid stdin input truncation * prevent unsigned integer underflow and long-lived loop * cfdisk: fix memory leak of original_layout table * chrt: * Fix confusing error messages when priority argument is required * Only show current scheduling policy when pid is given * pass correct integer types to printf * column: fix missing out-of-bounds check in table reordering * dmesg: fix out-of-bounds read when parsing malformed kmsg file * eject: tolerate ILLEGAL REQUEST on ALLOW_MEDIUM_REMOVAL * fdisk: fix trailing whitespace in user reply from readline completion * flock: re-enable the initial shell selection logic * hardlink: avoid format string error for dev_t * ipcutils: use memset explicitly to fill bpf_attr with zero * irqtop/lsirq: Handle EOF in get_irqinfo * last: fix phantom detection for unset loginuid and X11 sessions * libblkid: * Fix typo in probe_zfs * Fix type access in zfs_extract_guid_name * Fix debug OOB read in zfs_process_value * Fix parse_dev debug output * Ignore secondary LUKS2 header in blkid_do_safeprobe() * reiserfs add block size validation for reiser4 * erofs validate blkszbits before checksum calculation * exfs avoid 32-bit overflow in rextsize validation * solaris use 64-bit for partition offset calculations * bsd use 64-bit for partition offset calculations * mac use 64-bit for partition offset calculations * dos use 64-bit for partition offset calculations * udf avoid 32-bit overflow in offset calculations * vfat avoid 32-bit overflow in offset calculations * ubi fix probe return values * f2fs tighten log_blocksize validation * nilfs fix byte order and block size validation * gpt fix wiper offset to use sector size * udf cap descriptor sequence iteration count * bcache add missing NULL check * bsd read enough data to cover disklabel struct * befs improve bounds checking in B+ tree search * ntfs improve integer overflow checks * introduce sysfs_devno_is_dm_hidden() for pre-open check * liblastlog2: wait on busy SQLite connections * libmount: * return btrfs rootfs from get_btrfs_fs_root() * use match_source for mountinfo comparison * libuser: * fix misleading error message * login: * Clean up PAM resources on error path * login-utils/auth: * Drop pam_setcred * lsclocks: * add missing newline character in option description * lsfd: * use memset explicitly to fill bpf_attr with zero * mkfs.cramfs: * Consider -i only once * Add -p padding only once * Improve file size check * mkswap: * Fix --file chmod(2) check when file exists * more: * align MORE_SHELL_LINES semantics with less(1) * newgrp: * Correctly handle getline error * nsenter: * Fix AT_HANDLE_FID on musl * script: * fix "--" separator when used as option argument * fix command and command_norm memory leaks * fix backward compatibility for options after non-option args * strutils: * fix printf formats * su: * Clean up PAM resources on all error paths * fix grammar on man page * revert "su pass arguments after to shell" (obsoletes util-linux-su-revert-su-pass-arguments.patch) * tests: (lsfd/*) make UDPLite related test cases skippable * write: * cleanup indentation and whitespace * use mem2strcpy() for utmp strings * always use utmp as fallback * write, mesg: * add S_ISCHR() check for terminal device paths * Misc: * Fix build with libeconf (obsoletes util-linux-fix-build-with-libeconf.patch) * Update translations. - Swith NTFS mounttype from the default "ntfs3" to "ntfs" (boo#1264688). - Add missing python-rpm-macros BR - Rename TS_OPT_misc_setarch_known_fail to TS_OPT_setarch_setarch_known_fail to follow move of setarch test - Temporarily disable following test that do not work properly ... changelog too long, skipping 89 lines ... - Make uuidd compatible with immutable mode (jsc#PED-16165). ==== util-linux-systemd ==== Version update (2.41.3 -> 2.42.1) Subpackages: lastlog2 liblastlog2-2 - Update to version 2.42.1: * agetty: Always call chdir after chroot * bits: * use getline() to avoid stdin input truncation * prevent unsigned integer underflow and long-lived loop * cfdisk: fix memory leak of original_layout table * chrt: * Fix confusing error messages when priority argument is required * Only show current scheduling policy when pid is given * pass correct integer types to printf * column: fix missing out-of-bounds check in table reordering * dmesg: fix out-of-bounds read when parsing malformed kmsg file * eject: tolerate ILLEGAL REQUEST on ALLOW_MEDIUM_REMOVAL * fdisk: fix trailing whitespace in user reply from readline completion * flock: re-enable the initial shell selection logic * hardlink: avoid format string error for dev_t * ipcutils: use memset explicitly to fill bpf_attr with zero * irqtop/lsirq: Handle EOF in get_irqinfo * last: fix phantom detection for unset loginuid and X11 sessions * libblkid: * Fix typo in probe_zfs * Fix type access in zfs_extract_guid_name * Fix debug OOB read in zfs_process_value * Fix parse_dev debug output * Ignore secondary LUKS2 header in blkid_do_safeprobe() * reiserfs add block size validation for reiser4 * erofs validate blkszbits before checksum calculation * exfs avoid 32-bit overflow in rextsize validation * solaris use 64-bit for partition offset calculations * bsd use 64-bit for partition offset calculations * mac use 64-bit for partition offset calculations * dos use 64-bit for partition offset calculations * udf avoid 32-bit overflow in offset calculations * vfat avoid 32-bit overflow in offset calculations * ubi fix probe return values * f2fs tighten log_blocksize validation * nilfs fix byte order and block size validation * gpt fix wiper offset to use sector size * udf cap descriptor sequence iteration count * bcache add missing NULL check * bsd read enough data to cover disklabel struct * befs improve bounds checking in B+ tree search * ntfs improve integer overflow checks * introduce sysfs_devno_is_dm_hidden() for pre-open check * liblastlog2: wait on busy SQLite connections * libmount: * return btrfs rootfs from get_btrfs_fs_root() * use match_source for mountinfo comparison * libuser: * fix misleading error message * login: * Clean up PAM resources on error path * login-utils/auth: * Drop pam_setcred * lsclocks: * add missing newline character in option description * lsfd: * use memset explicitly to fill bpf_attr with zero * mkfs.cramfs: * Consider -i only once * Add -p padding only once * Improve file size check * mkswap: * Fix --file chmod(2) check when file exists * more: * align MORE_SHELL_LINES semantics with less(1) * newgrp: * Correctly handle getline error * nsenter: * Fix AT_HANDLE_FID on musl * script: * fix "--" separator when used as option argument * fix command and command_norm memory leaks * fix backward compatibility for options after non-option args * strutils: * fix printf formats * su: * Clean up PAM resources on all error paths * fix grammar on man page * revert "su pass arguments after to shell" (obsoletes util-linux-su-revert-su-pass-arguments.patch) * tests: (lsfd/*) make UDPLite related test cases skippable * write: * cleanup indentation and whitespace * use mem2strcpy() for utmp strings * always use utmp as fallback * write, mesg: * add S_ISCHR() check for terminal device paths * Misc: * Fix build with libeconf (obsoletes util-linux-fix-build-with-libeconf.patch) * Update translations. - Swith NTFS mounttype from the default "ntfs3" to "ntfs" (boo#1264688). - Add missing python-rpm-macros BR - Rename TS_OPT_misc_setarch_known_fail to TS_OPT_setarch_setarch_known_fail to follow move of setarch test - Temporarily disable following test that do not work properly ... changelog too long, skipping 89 lines ... - Make uuidd compatible with immutable mode (jsc#PED-16165).