Update submodules from pool/openqa#9, pool/os-autoinst#4 and create patchinfo.20251017085555481948.93181000773252/_patchinfo

0Backports/Backports.changes

@@ -1,9 +1,3 @@
--------------------------------------------------------------------
-Tue Nov 11 08:48:51 UTC 2025 - Wolfgang Engel <wolfgang.engel@suse.com>
-
-- Backports.productcompose:
-  - switch to version 16.1
-
 -------------------------------------------------------------------
 Fri Oct 10 07:19:41 UTC 2025 - Wolfgang Engel <wolfgang.engel@suse.com>
 

0Backports/Backports.productcompose

@@ -3,7 +3,7 @@ product_compose_schema: 0.2
 vendor: openSUSE
 name: Backports
 version: 16
-update: "16.1"
+update: "16.0"
 product-type: module
 summary: openSUSE Backports
 

_config

@@ -1,8 +1,4 @@
-%if 0%{?is_stage_project}
-Release: <CI_CNT>.<B_CNT> spec:bp161.999999.<CI_CNT>.<B_CNT>
-%else
-Release: <CI_CNT>.<B_CNT> spec:bp161.<CI_CNT>.<B_CNT>
-%endif
+Release: <CI_CNT>.<B_CNT> spec:bp160.<CI_CNT>.<B_CNT>
 
 # 000productcompose experiment
 %if "%_repository" == "product"
@@ -129,6 +125,15 @@ Macros:
 %ffmpeg_pref ffmpeg-7
 :Macros
 
+# BEGIN GIMP STUFF - remove this section when gimp3 is ready
+# %if "%_project" == "openSUSE:Backports:SLE-16.0"
+# Macros:
+# Do not build python plugin in gimp2
+# %_without_python_plugin 1
+# :Macros
+# %endif
+# END GIMP STUFF
+
 # openSUSE -> SLE magic BuildRequires can work then
 Substitute: desktop-data-openSUSE-extra desktop-data-SLE-extra
 Substitute: desktop-data-openSUSE desktop-data-SLE
@@ -159,7 +164,7 @@ Macros:
 
 # Leap specific package list, the same list with excludebuild must add to Backports project
 # Most of package should be built in Backports
-%if "%_project" == "openSUSE:Backports:SLE-16.1"
+%if "%_project" == "openSUSE:Backports:SLE-16.0"
 # we build ffado:ffado-mixer for openSUSE, the main one is built in SLFO
 BuildFlags: excludebuild:ffado
 # build gpgme:qt flavor for qt5 support

_maintainership.json

@@ -1,3 +1,3 @@
 {
-    "": ["packagehub-review"]
+    "": ["maintenance-release-review"]
 }

patchinfo.20251010110535882810.90520734224245/_patchinfo

@@ -0,0 +1,66 @@
+<patchinfo incident="packagehub-1">
+  <issue tracker="bnc" id="1251334">VUL-0: chromium: release 141.0.7390.65</issue>
+  <issue tracker="cve" id="2025-11213">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-11216">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-11207">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-11211">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-11212">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-11210">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="bnc" id="1250780">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-11208">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-10890">VUL-0: chromium: release 140.0.7339.207</issue>
+  <issue tracker="cve" id="2025-11206">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-11460">VUL-0: chromium: release 141.0.7390.65</issue>
+  <issue tracker="cve" id="2025-11219">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="bnc" id="1250472">VUL-0: chromium: release 140.0.7339.207</issue>
+  <issue tracker="cve" id="2025-11205">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-10891">VUL-0: chromium: release 140.0.7339.207</issue>
+  <issue tracker="cve" id="2025-11458"/>
+  <issue tracker="cve" id="2025-11215">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-11209">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-10892">VUL-0: chromium: release 140.0.7339.207</issue>
+  <packager>AndreasStieger</packager>
+  <rating>critical</rating>
+  <category>security</category>
+  <summary>Security update for chromium</summary>
+  <description>This update for chromium fixes the following issues:
+
+Chromium 141.0.7390.76:
+
+  * Do not send URLs as AIM input. This is to resolve a privacy
+    concern, around passing urls to AI Mode.
+
+Chromium 141.0.7390.65 (boo#1251334):
+
+  * CVE-2025-11458: Heap buffer overflow in Sync
+  * CVE-2025-11460: Use after free in Storage
+  * CVE-2025-11211: Out of bounds read in WebCodecs
+
+Chromium 141.0.7390.54 (stable released 2025-09-30) (boo#1250780)
+
+  * CVE-2025-11205: Heap buffer overflow in WebGPU
+  * CVE-2025-11206: Heap buffer overflow in Video
+  * CVE-2025-11207: Side-channel information leakage in Storage
+  * CVE-2025-11208: Inappropriate implementation in Media
+  * CVE-2025-11209: Inappropriate implementation in Omnibox
+  * CVE-2025-11210: Side-channel information leakage in Tab
+  * CVE-2025-11211: Out of bounds read in Media
+  * CVE-2025-11212: Inappropriate implementation in Media
+  * CVE-2025-11213: Inappropriate implementation in Omnibox
+  * CVE-2025-11215: Off by one error in V8
+  * CVE-2025-11216: Inappropriate implementation in Storage
+  * CVE-2025-11219: Use after free in V8
+  * Various fixes from internal audits, fuzzing and other initiatives
+
+Chromium 141.0.7390.37 (beta released 2025-09-24)
+
+Chromium 140.0.7339.207 (boo#1250472)
+
+  * CVE-2025-10890: Side-channel information leakage in V8
+  * CVE-2025-10891: Integer overflow in V8
+  * CVE-2025-10892: Integer overflow in V8
+
+</description>
+  <package>chromium</package>
+  <seperate_build_arch/>
+</patchinfo>

patchinfo.20251017085555481948.93181000773252/_patchinfo

@@ -0,0 +1,103 @@
+<patchinfo>
+  <packager>os-autoinst-obs-workflow</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for openQA, os-autoinst</summary>
+  <description>This update for openQA, os-autoinst fixes the following issues:
+
+openQA:
+
+- Update to version 5.1760245411.e3aeaaec:
+  * Dependency cron 2025-10-12
+
+- Update to version 5.1760108577.fd2f2a48:
+  * Log unavailability due to high load only as warning
+  * Filter job stats of scheduled products also by arch and build
+  * Document how to disable image optimizations
+  * Make image optimization errors stop the job producing an incomplete job
+  * Improve wording in description about job stats API
+  * Run `optipng` for real and handle errors if it fails
+
+- Update to version 5.1759912962.689b31ed:
+  * Avoid failing `obs_rsync_run` jobs when restarting `openqa-gru.service`
+
+- Update to version 5.1759834744.06a7028a:
+  * parser: ktap: Return earlier if subtest result is SKIP
+  * parser: ktap: Fallback to subtest index if name is not available
+
+- Update to version 5.1759440640.bb989cab:
+  * Don't redirect to asset domain via /needles/ID/(image|json) route
+
+- Update to version 5.1759402042.49e912c3:
+  * Introduce array job settings
+  * Retry `obs_rsync_update_*` tasks if Gru service terminates
+
+- Update to version 5.1759329378.3b8e8685:
+  * Reduce the number of required checks for Mergify again
+  * Ensure a failing cache service is seen as such by the worker/scheduler
+
+- Update to version 5.1759248257.70b23b32:
+  * Increase number of successful checks in Mergify config again
+  * Disable Helm Chart CI checks temporarily
+  * Consider all jobs for cleanup, not just jobs that were executed
+  * Verify job deletion when dependent job present
+
+- Update to version 5.1759149505.49c40b0b:
+  * Use always the latest PostgreSQL image in Compose and documentation
+  * Update the PostgreSQL version in the contributing documentation
+  * Update PostgreSQL data path in Docker Compose file after updating to v18
+  * Specify PostgreSQL version in Docker Compose configuration explicitly
+  * mergify: Allow more time for dependabot update reaction
+  * Remove version property from docker-compose
+  * README: Fix openQA badge after switch to UEFI
+  * build(deps-dev): bump eslint from 9.35.0 to 9.36.0
+
+- Update to version 5.1758910696.7549bb98:
+  * Replace argument assignment with signatures on ObsRsync/Task
+  * Enable automatic dependabot updates again after improvements
+  * docs: Add instructions for a continuous dashboard setup
+  * Replace argument assignment with signatures Folders package
+  * Fully cover WebAPI::Plugin::ObsRsync::Controller::Folders
+  * script: Also use OPENQA_WEBUI_MODE for related services
+
+- Update to version 5.1758814503.03d923a4:
+  * Use Mojo::File in Worker for is_qemu_running
+  * Use Mojo::File in Worker for meminfo
+  * Document archiving of important jobs
+
+- Update to version 5.1758729450.b88c0b40:
+  * Reject jobs if worker is broken when receiving a new job
+
+- Update to version 5.1758711845.e5c02221:
+  * script: Allow to configure openQA mode
+  * t: run at least once Memorylimit register with max_rss_limit &gt; 0
+  * Replace argument assignation with signatures on MemoryLimit
+
+os-autoinst:
+
+- Update to version 5.1759328765.e7438f7:
+  * Allow redirects in needle NeedleDownloader
+  * Don't overwrite firewall xml
+  * Add UEFI support for ipxe kernel boot
+  * t: Use consistent Mojo::File in 08-autotest as well
+  * os-autoinst-setup-multi-machine: Simplify determine_ethernet_interface
+
+- Update to version 5.1759134946.e08d7c7:
+  * Add UEFI support for ipxe kernel boot
+  * t: Use consistent Mojo::File in 08-autotest as well
+  * os-autoinst-setup-multi-machine: Simplify determine_ethernet_interface
+  * os-autoinst-setup-multi-machine: Only call zypper when necessary
+  * os-autoinst-setup-multi-machine: Improve network interface check
+
+</description>
+  <package>openQA</package>
+  <package>openQA:openQA-devel-test</package>
+  <package>openQA:openQA-test</package>
+  <package>openQA:openQA-worker-test</package>
+  <package>openQA:openQA-client-test</package>
+  <package>os-autoinst</package>
+  <package>os-autoinst:os-autoinst-test</package>
+  <package>os-autoinst:os-autoinst-devel-test</package>
+  <package>os-autoinst:os-autoinst-openvswitch-test</package>
+  <seperate_build_arch/>
+</patchinfo>

staging.config

@@ -1,4 +1,4 @@
 {
-  "ObsProject": "openSUSE:Backports:SLE-16.1",
-  "StagingProject": "openSUSE:Backports:SLE-16.1:PullRequest"
+  "ObsProject": "openSUSE:Backports:SLE-16.0",
+  "StagingProject": "openSUSE:Backports:SLE-16.0:PullRequest"
 }

workflow.config

@@ -1,23 +1,74 @@
 {
   "Workflows": ["pr"],
-  "GitProjectName": "products/PackageHub#leap-16.1",
+  "GitProjectName": "products/PackageHub#leap-16.0",
   "Organization": "pool",
-  "Branch": "leap-16.1",
+  "Branch": "leap-16.0",
   "ManualMergeProject": true,
+  "NoProjectGitPR": true,
   "Reviewers": [
-    "*packagehub-review",
+    "-maintenance-release-review",
+    "*opensuse-review",
     "+legaldb",
     "-autogits_obs_staging_bot",
+    "-qam-openqa-review"
   ],
   "ReviewGroups": [
     {
-      "Name": "packagehub-review",
+      "Name": "maintenance-release-review",
       "Reviewers": [
+        "abergmann",
+        "amattiazzo",
+        "bfilho",
+        "cmatos",
+        "crazybyte",
+        "emanuelecappello",
+        "gsonnu",
+        "maintenance-robot",
+        "mauriziogalli",
+        "mbozicevic",
+        "mimi_vx",
+        "mschnitzer",
+        "msmeissn",
+        "pluskalm",
+        "rfrohl",
+        "slemke"
+        ],
+      "Silent": true
+    },
+    {
+      "Name": "opensuse-review",
+      "Reviewers": [
+        "alarrosa",
+        "anag",
+        "atartamo",
         "bigironman",
-        "lkocman-factory",
-        "maxlin_factory",
+        "darix",
+        "dimstar",
+        "dmach",
+        "eroca",
+        "jdsn",
+        "jengelh",
+        "mcalabkova",
+        "mstrigl",
+        "nkrapp",
+        "oertel",
+        "RBrownSUSE",
+        "simotek",
         "smithfarm"
-        ]
+      ],
+      "Silent": true
+    },
+    {
+      "Name": "qam-openqa-review",
+      "Reviewers": [
+        "mimi_vx",
+        "mschnitzer",
+        "msmeissn",
+        "openqa-maintenance",
+        "foursixnine-openqa",
+        "szarate"
+        ],
+      "Silent": true
     }
   ]
 }