Packages changed:
  7zip
  ImageMagick (7.1.1.21 -> 7.1.1.25)
  Mesa-demo
  MozillaFirefox (120.0.1 -> 121.0)
  bind (9.18.20 -> 9.18.21)
  bluez (5.70 -> 5.71)
  cockpit (300.1 -> 307)
  cockpit-podman (76 -> 82)
  ell (0.60 -> 0.61)
  evolution-data-server (3.50.2 -> 3.50.3)
  fltk (1.3.8 -> 1.3.9)
  frameworkintegration
  fwupd (1.9.10 -> 1.9.11)
  ghostscript
  gnome-branding-Aeon
  gnome-control-center
  gnome-settings-daemon (45.0 -> 45.1)
  gnustep-base
  gpgme
  grub2
  gstreamer (1.22.7 -> 1.22.8)
  gstreamer-plugins-bad (1.22.7 -> 1.22.8)
  gstreamer-plugins-base (1.22.7 -> 1.22.8)
  gstreamer-plugins-good (1.22.7 -> 1.22.8)
  hplip (3.23.8 -> 3.23.12)
  icewm (3.4.4 -> 3.4.5)
  ima-evm-utils
  inotify-tools (3.22.6.0 -> 4.23.9.0)
  iputils (20221126 -> 20231222)
  kernel-firmware (20231214 -> 20240102)
  kernel-source (6.6.6 -> 6.6.9)
  kmozillahelper
  libarchive (3.7.0 -> 3.7.2)
  libavif (1.0.2 -> 1.0.3)
  libdrm (2.4.118 -> 2.4.119)
  libheif (1.17.5 -> 1.17.6)
  libical (3.0.16 -> 3.0.17)
  libical-glib (3.0.16 -> 3.0.17)
  libjcat (0.1.14 -> 0.2.0)
  libjpeg-turbo (8.2.2 -> 8.3.2)
  libportal
  libqt5-qtbase (5.15.11+kde138 -> 5.15.12+kde147)
  libqt5-qtdeclarative (5.15.11+kde30 -> 5.15.12+kde31)
  libqt5-qtgraphicaleffects (5.15.11+kde0 -> 5.15.12+kde0)
  libqt5-qtimageformats (5.15.11+kde12 -> 5.15.12+kde10)
  libqt5-qtlocation (5.15.11+kde4 -> 5.15.12+kde6)
  libqt5-qtmultimedia (5.15.11+kde2 -> 5.15.12+kde2)
  libqt5-qtquickcontrols (5.15.11+kde0 -> 5.15.12+kde0)
  libqt5-qtquickcontrols2 (5.15.11+kde5 -> 5.15.12+kde5)
  libqt5-qtsensors (5.15.11+kde0 -> 5.15.12+kde0)
  libqt5-qtspeech (5.15.11+kde1 -> 5.15.12+kde1)
  libqt5-qtsvg (5.15.11+kde6 -> 5.15.12+kde6)
  libqt5-qttools (5.15.11+kde3 -> 5.15.12+kde4)
  libqt5-qttranslations (5.15.11+kde0 -> 5.15.12+kde0)
  libqt5-qtvirtualkeyboard (5.15.11+kde0 -> 5.15.12+kde0)
  libqt5-qtwayland (5.15.11+kde59 -> 5.15.12+kde60)
  libqt5-qtwebchannel (5.15.11+kde3 -> 5.15.12+kde3)
  libqt5-qtwebview (5.15.11+kde0 -> 5.15.12+kde0)
  libqt5-qtx11extras (5.15.11+kde0 -> 5.15.12+kde0)
  libqt5-qtxmlpatterns (5.15.11+kde0 -> 5.15.12+kde0)
  libraw (0.21.1 -> 0.21.2)
  librsvg (2.57.0 -> 2.57.1)
  libstorage-ng (4.5.163 -> 4.5.170)
  libxmlb (0.3.14 -> 0.3.15)
  libzypp (17.31.25 -> 17.31.27)
  lsof (4.99.0 -> 4.99.3)
  mozilla-nss
  multipath-tools (0.9.7+76+suse.5f857af -> 0.9.7+93+suse.e2f2272)
  newt (0.52.23 -> 0.52.24)
  nftables
  open-iscsi
  openblas_pthreads
  osinfo-db (20231027 -> 20231215)
  perl-HTTP-Cookies (6.10 -> 6.110.0)
  perl-IO-Socket-SSL
  perl-XML-Parser (2.46 -> 2.470.0)
  plasma-branding-Kalpa (20231218 -> 20231227)
  plasma5-workspace
  podman (4.8.2 -> 4.8.3)
  poppler (23.11.0 -> 23.12.0)
  poppler-qt5 (23.11.0 -> 23.12.0)
  postfix (3.8.3 -> 3.8.4)
  protobuf
  protobuf-c (1.4.1 -> 1.5.0)
  pulseaudio
  python-Babel (2.13.1 -> 2.14.0)
  python-SQLAlchemy (2.0.23 -> 2.0.24)
  python-alembic (1.13.0 -> 1.13.1)
  python-configobj
  python-hiredis
  python-httpx (0.25.2 -> 0.26.0)
  python-importlib-metadata (7.0.0 -> 7.0.1)
  python-jsonschema-specifications (2023.11.2 -> 2023.12.1)
  python-numpy
  python-psutil (5.9.6 -> 5.9.7)
  python-pycryptodome (3.19.0 -> 3.19.1)
  python-pycups
  python-pyrsistent (0.19.3 -> 0.20.0)
  python-pyzmq (25.1.1 -> 25.1.2)
  python-redis
  python-setuptools (68.1.2 -> 69.0.2)
  python-six
  python-tornado6 (6.3.3 -> 6.4)
  python-zope.interface (6.0 -> 6.1)
  qca-qt5 (2.3.7 -> 2.3.7+git12)
  qpdf (11.6.4 -> 11.7.0)
  runc (1.1.10 -> 1.1.11)
  sdbootutil (1+git20231214.b186b2d -> 1+git20231221.42797ab)
  sof-firmware (2023.09.2 -> 2023.12)
  sudo (1.9.15p4 -> 1.9.15p5)
  suse-module-tools (16.0.39 -> 16.0.42)
  timezone (2023c -> 2023d)
  tpm2.0-tools (5.5 -> 5.6)
  traceroute (2.1.3 -> 2.1.5)
  tracker-miners
  vim (9.0.2181 -> 9.1.0000)
  wireless-regdb (20230901 -> 20231201)
  wireplumber (0.4.16 -> 0.4.17)
  xmlsec1 (1.2.37 -> 1.2.38)
  xorg-x11-server
  yast2-installation (5.0.2 -> 5.0.3)
  yast2-journal (5.0.0 -> 5.0.1)

=== Details ===

==== 7zip ====

- Add missing man pages for 7z / 7za / 7zr / 7zz.
  This solves bsc#1204856.

==== ImageMagick ====
Version update (7.1.1.21 -> 7.1.1.25)
Subpackages: ImageMagick-config-7-SUSE libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10

- drop update-alternatives for config; use exactly one of configuration
  package provided
- version update to 7.1.1.25
  https://github.com/ImageMagick/Website/blob/main/ChangeLog.md
- update to 7.1.1.24:
  * Added extra check for rare case when ImageMagick is build without
    any delegates.
  * Corrected order to fix invalid matches.
  * only fill the alpha channel for alpha floodfill
  * Make sure we use the lt_ methods like we do elsewhere.
  * support dng:max-raw-memory define (ImageMagick/ImageMagick#6922)
  * properly export YUV JP2 images (ImageMagick/ImageMagick#6943)
  * use : specifier
  * correct display program name
  * check for corrupt DJVU images
  * support UTF-8 comments (ImageMagick/ImageMagick#6949)
  * do not prefix iTxt key with 'png:'
  * enhance sampling factor parser (ImageMagick/ImageMagick#6943)
  * Switch to ubuntu 20.04 in the app-image build.
  * Corrected packages that need to be install due to ubuntu upgrade.
  * improve accuracy of image statistics
  * fx calculations of skewness and kurtosis
  * Only write comments as itxt when the string contains non ansi
    chars.
  * check if the string contains non-Latin1 characters
  * Corrected patch to check for non-Latin1 characters.
  * invalid JSON with -ping (ImageMagick/ImageMagick#6966)
  * throw exception if # of meta channels exceed max
    https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hx5j-pxvh-rj7r
  * multiplication result converted to larger type
  * invalid HTTPS certificates are no longer ignored
    https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3r24-6m6q-vxmr
  * multiplication result converted to larger type
  * eliminate compiler warning
  * don't include the index channel in the overall image statistics
  * multiplication result converted to larger type
- version update to 7.1.1.23
  https://github.com/ImageMagick/Website/blob/main/ChangeLog.md
- modified patches
  % ImageMagick-library-installable-in-parallel.patch (refreshed)
- deleted patches
  - ImageMagick-infinite-resource-time-limit.patch (upstreamed)

==== Mesa-demo ====
Subpackages: Mesa-demo-egl Mesa-demo-x

- Remove old rpm constructs that are long defaulted.
- Remove legalese from descriptions as per our wiki guidelines.

==== MozillaFirefox ====
Version update (120.0.1 -> 121.0)

- Mozilla Firefox 121.0
  https://www.mozilla.org/en-US/firefox/121.0/releasenotes
  MFSA 2023-56 (bsc#1217974)
  * CVE-2023-6856 (bmo#1843782)
    Heap-buffer-overflow affecting WebGL DrawElementsInstanced
    method with Mesa VM driver
  * CVE-2023-6135 (bmo#1853908)
    NSS susceptible to "Minerva" attack
  * CVE-2023-6865 (bmo#1864123)
    Potential exposure of uninitialized data in EncryptingOutputStream
  * CVE-2023-6857 (bmo#1796023)
    Symlinks may resolve to smaller than expected buffers
  * CVE-2023-6858 (bmo#1826791)
    Heap buffer overflow in nsTextFragment
  * CVE-2023-6859 (bmo#1840144)
    Use-after-free in PR_GetIdentitiesLayer
  * CVE-2023-6866 (bmo#1849037)
    TypedArrays lack sufficient exception handling
  * CVE-2023-6860 (bmo#1854669)
    Potential sandbox escape due to VideoBridge lack of texture
    validation
  * CVE-2023-6867 (bmo#1863863)
    Clickjacking permission prompts using the popup transition
  * CVE-2023-6861 (bmo#1864118)
    Heap buffer overflow affected nsWindow::PickerOpen(void) in
    headless mode
  * CVE-2023-6868 (bmo#1865488)
    WebPush requests on Firefox for Android did not require VAPID key
  * CVE-2023-6869 (bmo#1799036)
    Content can paint outside of sandboxed iframe
  * CVE-2023-6870 (bmo#1823316)
    Android Toast notifications may obscure fullscreen event
    notifications
  * CVE-2023-6871 (bmo#1828334)
    Lack of protocol handler warning in some instances
  * CVE-2023-6872 (bmo#1849186)
    Browsing history leaked to syslogs via GNOME
  * CVE-2023-6863 (bmo#1868901)
    Undefined behavior in ShutdownObserver()
  * CVE-2023-6864 (bmo#1736385, bmo#1810805, bmo#1846328, bmo#1856090,
    bmo#1858033, bmo#1858509, bmo#1862777, bmo#1864015)
    Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6,
    and Thunderbird 115.6
  * CVE-2023-6873 (bmo#1855327, bmo#1862089, bmo#1862723)
    Memory safety bugs fixed in Firefox 121
- requires NSS 3.95

==== bind ====
Version update (9.18.20 -> 9.18.21)

- Update to release 9.18.21
  Removed Features:
  * Support for using AES as the DNS COOKIE algorithm
    (cookie-algorithm aes;) has been deprecated and will be removed
    in a future release. Please use the current default,
    SipHash-2-4, instead.
  * The resolver-nonbackoff-tries and resolver-retry-interval
    statements have been deprecated. Using them now causes a
    warning to be logged.

==== bluez ====
Version update (5.70 -> 5.71)
Subpackages: bluez-auto-enable-devices bluez-cups libbluetooth3

- add fix-link-key-address-type.patch - thanks to
  pallaswept for identifying the right patch for the pairing
  regression
- update to 5.71:
  * Fix issue with not registering CSIS service.
  * Fix issue with registering pairing callbacks.
  * Fix issue with corruption during discovery filter parsing.
- drop CVE-2023-45866.patch,
  Fix-.device_probe-failing-if-SDP-record-is-not.patch: upstream
- update bluez-disable-broken-tests.diff: disable failing vcp test

==== cockpit ====
Version update (300.1 -> 307)
Subpackages: cockpit-bridge cockpit-packagekit cockpit-system

- new version 307:
  https://cockpit-project.org/blog/cockpit-307.html
  https://cockpit-project.org/blog/cockpit-306.html
  https://cockpit-project.org/blog/cockpit-305.html
  https://cockpit-project.org/blog/cockpit-304.html
  https://cockpit-project.org/blog/cockpit-303.html
  https://cockpit-project.org/blog/cockpit-302.html
  https://cockpit-project.org/blog/cockpit-301.html
- css-overrides.patch, storage-btrfs.patch: refreshed

==== cockpit-podman ====
Version update (76 -> 82)

- New version 82:
  * Validate fields in "Create container" dialog
  * Label Toolbox and Distrobox containers
  * Performance and stability improvements

==== ell ====
Version update (0.60 -> 0.61)

- Update to release 0.61
  * netconfig: Always set DHCP MAC address on start
  * netlink: Add workaround for missing NLM_F_ACK_TLVS
    and NLM_F_CAPPED

==== evolution-data-server ====
Version update (3.50.2 -> 3.50.3)
Subpackages: libcamel-1_2-64 libebackend-1_2-11 libebook-1_2-21 libebook-contacts-1_2-4 libecal-2_0-2 libedata-book-1_2-27 libedata-cal-2_0-2 libedataserver-1_2-27 libedataserverui-1_2-4

- Update to version 3.50.3:
  + Camel: Ignore errors about missing messages during filtering.
  + Bug Fixes:
  - sqlite3_enable_shared_cache is deprecated
  - Camel: Hide errors from for-offline download
  - IMAP: Copy/move messages in smaller batches
  + Updated translations.

==== fltk ====
Version update (1.3.8 -> 1.3.9)

- update to 1.3.9:
  * Support macOS up to macOS 14 "Sonoma".
  * Update bundled libraries to current versions (see below).
  * Introduce bundled image library "prefixing" to avoid
    conflicts with system libraries.
  * Bundled library versions (see also README.bundled-libs.txt):
  * Library       Version            Release date
  * jpeg          jpeg-9e            2022-01-16
  * png           libpng-1.6.40      2023-06-21
  * zlib          zlib-1.3           2023-08-18
  * Backport X11 INCR protocol fixes from 1.4.0 (issue #451)
  * X11: Suppress compiler warnings when using gcc or clang
  * Fix crash if a program exits before it opens a window
  * Fix compilation error with current Visual Studio 2022
  * Backport warning fixes from 1.4.0 in src/fl_draw.cxx
  * Fix compiler warning as pointed out in PR #693
  * Fix another compiler warning (#693)
  * Remove unused variable, fix "type issue" (#445, part 2)
  * Fix stack buffer overflow found by address sanitizer
  * Fix "gtk+ rendering" (GitHub Issue #443)
  * Fix doxygen warnings
  * Bump version numbers, prepare release 1.3.9
  * Fix several compiler warnings
  * Update bundled image libraries and zlib to current
    versions
  * Update README, README.CMake.txt, and some support files
  * Fix compiler warnings: backported from 1.4 (git 'master')
  * CMake/MSVC: remove confusing recommendation to rerun
  * Documentation: remove dark color on title page
  * Raise CMake minimum required version to 3.15 and more
  * macOS platform: Issue #325 "Disabling IM disables Greek
    and Cyrillic layouts"
  * Fix fullscreen window level corner cases on macOS
  * Fix issue #373 apparent with macOS platform and SDK ≤
  * Issue #452: Fl::get_font_name failure on OS-X.
  * Issue #454: crash in Fl::get_font_name().
  * Issue #469: Fl_Sys_Menu_Bar menu item shortcuts using Esc
    Tab don't work on Mac
  * Fix "Focus is lost leaving full screen on macOS 13"
  * Add support of macOS Ventura 13.0 and macOS Sonoma 14.0
  * macOS: remove configure option --enable-x11 and CMake
    OPTION_APPLE_X11; this functionality remains in FLTK 1.4.
  * configure.ac: make sure local-png and local-zlib always
    run together
  * Remove the -mwindows argument from CFLAGS and CXXFLAGS

==== frameworkintegration ====
Subpackages: frameworkintegration-plugin libKF5Style5

- Update appstream build requirement for compatibility with 1.0.0

==== fwupd ====
Version update (1.9.10 -> 1.9.11)
Subpackages: fwupd-bash-completion libfwupd2 typelib-1_0-Fwupd-2_0

- Update to version 1.9.11:
  + This release adds the following features:
  - Allow exporting 'offline' reports for manual upload
  + This release fixes the following bugs:
  - Add some recovery partition names to ignore for ESP selection
  - Check for CET and SMAP on non-Intel x86 processors too
  - Correctly mark the CPU as supported in the HSI tests
  - Do not fail on probing downstream Synaptics MST ports
  - Do not offer to change BIOS settings that are already set
  - Do not prefer msftdata when choosing the default ESP
  - Do not show spurious device request flags
  - Fix a missing build dependency to fwupdplugin-self-test
  - Fix a segfault when using zlib-ng instead of zlib
  - Fix updating Jabra 410, 510, 710 and 810 devices
  - Match more community-supported branches
  - Remove the Intel SPIBAR proxy support as the mtd module works
  - Show a better error when the ESP is missing
  - Show an error if the post-update version does not match exactly
  - Speed up Synaptics MST device enumeration
  + This release adds support for the following hardware:
  - Algoltek USB devices
  - Luxshare Quad USB4 Dock

==== ghostscript ====
Subpackages: ghostscript-x11

- CVE-2023-46751.patch is
  https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=dcdbc595c13
  adapted for Ghostscript-9.56.1 that fixes
  https://bugs.ghostscript.com/show_bug.cgi?id=707264
  which includes a fix for CVE-2023-46751
  "dangling pointer in gdev_prn_open_printer_seekable()"
  (bsc#1217871)

==== gnome-branding-Aeon ====

- Use cURL instead of ping for online check

==== gnome-control-center ====
Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-user-faces

- Add gnome-control-center-fix-region-preview-crash.patch:
  nl_langinfo's returned pointer could be invalid after switching
  locale, so we have to save the result before switch locale to
  prevent the crash (bsc#1218528,
  glgo#GNOME/gnome-control-center!2122).

==== gnome-settings-daemon ====
Version update (45.0 -> 45.1)

- Update to version 45.1:
  + Power: Compiler warning fixes.
  + Smartcard: Error handling fix.
  + USB Protection: Comment clean up.
  + Updated translations.
- Drop upstream fixed patches:
  + 41d0dc1db4d75c37ba67fe903105b4e162d42f1a.patch
  + 538816ff42f682fc4b541810ca107486abab9976.patch
  + a059909d62da0c11774f1089d02937699fabf150.patch

==== gnustep-base ====

- Add 295.patch: Fix build with libxml2 2.11.0+.

==== gpgme ====
Subpackages: libgpgme11 libgpgmepp6 python311-gpg

- Python 3.12 has dropped distutils
  * Build require python-setuptools instead
  * Drop old gpgme-D545-python310.patch
  * Replace with gpgme-D545-obsolete-distutils.patch

==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin grub2-systemd-sleep-plugin

- grub2.spec: Add ofnet to signed grub.elf to support powerpc net boot
  installation when secure boot is enabled (bsc#1217761)
- Improved check for disk device when looking for PReP partition
  * 0004-Introduce-prep_load_env-command.patch

==== gstreamer ====
Version update (1.22.7 -> 1.22.8)
Subpackages: libgstreamer-1_0-0 typelib-1_0-Gst-1_0

- Update to version 1.22.8:
  + Highlighted bugfixes in 1.22.8
  - Security fixes for the AV1 video codec parser
  - avdec video decoder: fix another possible deadlock with
    FFmpeg 6.1
  - qtdemux: reverse playback and seeking fixes for files with
    raw audio streams
  - v4l2: fix "newly allocated buffer ... is not free" warning
    log flood
  - GstPlay + GstPlayer library fixes
  - dtls: Fix build failure on Windows when compiling against
    OpenSSL 3.2.0
  - d3d11screencapturesrc: Fix wrong color with HDR enabled
  - Cerbero build tool: More python 3.12 string escape warning
    fixes; make sure to bundle build tools as well
  - various bug fixes, build fixes, memory leak fixes, and other
    stability and reliability improvements
  + gstreamer
  - buffer: Unref memories before metas
  - pad: Recheck pads when linking after temporary unlock
  - baseparse: Fixes to buffers extracted from adapter
- Rebase reduce-required-meson.patch

==== gstreamer-plugins-bad ====
Version update (1.22.7 -> 1.22.8)
Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0

- Update to version 1.22.8:
  + aesenc: Fix IV length addition to output buffer length
  + av1parser: Fix array sizes in scalability structure
    (ZDI-CAN-22300  bsc#1218534)
  + camerabin: Fix source updates with user filters
  + codecparsers: av1: Clip max tile rows and cols values
  + dtlscertificate: Define WINSOCKAPI before including windows.h
  + d3d11: fix building with address sanitizer
  + d3d11screencapturesrc: Fix wrong color with HDR enabled
  + h264decoder: Fix GstVideoCodecFrame leak
  + ladspa: Make RDF parsing truly optional
  + rtponviftimestamp: Fix drop-out-of-segment=false mode
  + qsvdecoder: Fix stream format detection
  + webrtcsdp: Remove fingerprint validation that doesn't make
    sense
  + GstPlay: Automatically flush the bus when disposing the
    signal adapter
  + GstPlayer: Without dispatcher emit signals directly instead
    of via the default main context
- Rebase reduce-required-meson.patch

==== gstreamer-plugins-base ====
Version update (1.22.7 -> 1.22.8)
Subpackages: libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 typelib-1_0-GstTag-1_0

- Update to version 1.22.8:
  + appsrc: Fix flow return when buffer is dropped
  + audioringbuffer: Don't try to map MONO channel
  + encoding-target: Properly free when missing type field in
    parse_encoding_profile
  + pbutils: Don't include default vp9 parameters in resulting
    codec mime string
  + videorate: Don't forget last_ts on caps changes
- Rebase reduce-required-meson.patch

==== gstreamer-plugins-good ====
Version update (1.22.7 -> 1.22.8)
Subpackages: gstreamer-plugins-good-gtk

- Update to version 1.22.8:
  + dcaparse: keep upstream buffer meta
  + rtpklvdepay: Recover after invalid fragmented KLV unit
  + matroska-demux: fix accumulated base offset in segment seeks
  + qtdemux: fix bug report URL
  + qtdemux: Don't overflow sample index
  + qtdemux: Fix reverse playback for pcm audio stream
  + qtdemux: Ignore raw audio streams when adjusting seek
  + qtdemux: Under-seeking to a key unit in certain (encoded by
    Adobe products) ProRes movies (macOS x86_64 & arm64,
    Windows x86_64, ...)
  + rtpac3depay: should output audio/x-ac3 not audio/ac3
  + rtp: Fix incorrect RTP channel order lookup by name
  + v4l2bufferpool: add lock as atomic operation for seek
- Rebase reduce-required-meson.patch

==== hplip ====
Version update (3.23.8 -> 3.23.12)
Subpackages: hplip-hpijs hplip-udev-rules

- Update to hplip 3.23.12
  * del fix-printer-attributes-parsing.patch (merged upstream)
  * del hppsfilter-booklet-printing-change-insecure-fixed-tm.patch
    (merged upstream)
- Added support for new printers:
  * HP OfficeJet Pro 9130b series
  * HP OfficeJet Pro 9120b series
  * HP OfficeJet Pro 9110b series
  * HP Color LaserJet Enterprise Flow MFP X58045z
  * HP Color LaserJet Enterprise Flow MFP X58045zs
  * HP Color LaserJet Enterprise MFP X58045dn 
  * HP Color LaserJet Enterprise MFP X58045
  * HP LaserJet Pro P1106 plus
  * HP LaserJet Pro P1108 plus

==== icewm ====
Version update (3.4.4 -> 3.4.5)
Subpackages: icewm-config-upstream icewm-default icewm-lang

- Update to 3.4.5:
  * Fix for centering the clock LED digits vertically
  * Fix the KeyWinTile commands for multi-mon setups
  * Fix the workspace buttons for right-to-left languages

==== ima-evm-utils ====
Subpackages: evmctl libimaevm4

- Update download url.

==== inotify-tools ====
Version update (3.22.6.0 -> 4.23.9.0)
Subpackages: libinotifytools0

- update to 4.23.9.0:
  * support cross compile for Android
  * libinotifytools: Rename init variable to fix conflict with
    entry point
  * Add CodeQL workflow for GitHub code scanning
  * Fix build with musl and add Alpine buildnode to CI
  * Update Cirrus CI FreeBSD images
  * Fix enabling of fanotify/fsnotify.
  * Fix fanotify_supported()
  * Combine to one build machine, reduce test iteration to 64
  * Add -fanalyzer to build
  * Enable CentOS Stream 9 build
  * Add debian 12
  * Ensure C++ libraries are not linked in

==== iputils ====
Version update (20221126 -> 20231222)

- Update to version 20231222
  https://github.com/iputils/iputils/releases/tag/20231222
- Use tar.xz instead of tar.gz
- Update source URL

==== kernel-firmware ====
Version update (20231214 -> 20240102)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network

- Update to version 20240102 (git commit b83108216200):
  * linux-firmware: add firmware for mediatek bluetooth chip (MT7925)
  * linux-firmware: add firmware for MT7925
  * ASoC: tas2563: Add dsp firmware for laptops or other mobile devices
  * QCA: Add bluetooth firmware nvm files for QCA2066
  * QCA: Update Bluetooth QCA2066 firmware to 2.1.0-00629
- Update aliases
- Update to version 20231226 (git commit abfcad8b1405):
  * rtl_bt: Add firmware and config files for RTL8852BT/RTL8852BE-VT
  * ASoC: tas2781: Add dsp firmware for different laptops
  * ath11k: WCN6855 hw2.0: update to WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.36
  * ath11k: WCN6855 hw2.0: update board-2.bin
  * ath11k: WCN6750 hw1.0: update board-2.bin
  * ath11k: IPQ8074 hw2.0: update board-2.bin
  * ath10k: WCN3990 hw1.0: update board-2.bin
  * ath10k: QCA9888 hw2.0: update board-2.bin
  * ath10k: QCA4019 hw1.0: update board-2.bin
  * ath10k: QCA6174 hw3.0: update firmware-6.bin to WLAN.RM.4.4.1-00309-
  * ath12k: add new driver and firmware for WCN7850
  * iwlwifi: update gl FW for core80-165 release
  * intel: vsc: Add firmware for Visual Sensing Controller
  * cirrus: Add CS35L41 firmware and tunings for ASUS Zenbook 2023 Models
  * cirrus: Add CS35L41 firmware and tunings for ASUS Zenbook 2022 Models
  * amdgpu: DMCUB updates for various AMDGPU ASICs
- New subpackag kernel-firmware-ath12k
- Update aliases

==== kernel-source ====
Version update (6.6.6 -> 6.6.9)

- Linux 6.6.9 (bsc#1012628).
- bpf: Fix prog_array_map_poke_run map poke update (bsc#1012628).
- mm/damon/core: use number of passed access sampling as a timer
  (bsc#1012628).
- mm/damon/core: make damon_start() waits until kdamond_fn()
  starts (bsc#1012628).
- btrfs: qgroup: iterate qgroups without memory allocation for
  qgroup_reserve() (bsc#1012628).
- btrfs: qgroup: use qgroup_iterator in qgroup_convert_meta()
  (bsc#1012628).
- btrfs: free qgroup pertrans reserve on transaction abort
  (bsc#1012628).
- drm/amd/display: fix hw rotated modes when PSR-SU is enabled
  (bsc#1012628).
- drm/i915: Fix FEC state dump (bsc#1012628).
- drm/i915: Introduce crtc_state->enhanced_framing (bsc#1012628).
- drm/i915/edp: don't write to DP_LINK_BW_SET when using rate
  select (bsc#1012628).
- drm: Update file owner during use (bsc#1012628).
- drm: Fix FD ownership check in drm_master_check_perm()
  (bsc#1012628).
- spi: spi-imx: correctly configure burst length when using dma
  (bsc#1012628).
- arm64: dts: allwinner: h616: update emac for Orange Pi Zero 3
  (bsc#1012628).
- ARM: dts: dra7: Fix DRA7 L3 NoC node register size
  (bsc#1012628).
- ARM: OMAP2+: Fix null pointer dereference and memory leak in
  omap_soc_device_init (bsc#1012628).
- reset: Fix crash when freeing non-existent optional resets
  (bsc#1012628).
- s390/vx: fix save/restore of fpu kernel context (bsc#1012628).
- platform/x86/intel/pmc: Fix hang in pmc_core_send_ltr_ignore()
  (bsc#1012628).
- SUNRPC: Revert 5f7fc5d69f6e92ec0b38774c387f5cf7812c5806
  (bsc#1012628).
- wifi: ieee80211: don't require protected vendor action frames
  (bsc#1012628).
- wifi: iwlwifi: pcie: add another missing bh-disable for
  rxq->lock (bsc#1012628).
- wifi: mac80211: check if the existing link config remains
  unchanged (bsc#1012628).
- wifi: mac80211: don't re-add debugfs during reconfig
  (bsc#1012628).
- wifi: mac80211: check defragmentation succeeded (bsc#1012628).
- wifi: mac80211: mesh: check element parsing succeeded
  (bsc#1012628).
- wifi: mac80211: mesh_plink: fix matches_local logic
  (bsc#1012628).
- ice: fix theoretical out-of-bounds access in ethtool link modes
  (bsc#1012628).
- bpf: syzkaller found null ptr deref in unix_bpf proto add
  (bsc#1012628).
- Revert "net/mlx5e: fix double free of encap_header in update
  funcs" (bsc#1012628).
- Revert "net/mlx5e: fix double free of encap_header"
  (bsc#1012628).
- net/mlx5e: Fix slab-out-of-bounds in
  mlx5_query_nic_vport_mac_list() (bsc#1012628).
- net/mlx5e: Fix a race in command alloc flow (bsc#1012628).
- net/mlx5e: fix a potential double-free in fs_udp_create_groups
  (bsc#1012628).
- net/mlx5e: Fix overrun reported by coverity (bsc#1012628).
- net/mlx5e: Decrease num_block_tc when unblock tc offload
  (bsc#1012628).
- net/mlx5e: XDP, Drop fragmented packets larger than MTU size
  (bsc#1012628).
- net/mlx5: Fix fw tracer first block check (bsc#1012628).
- net/mlx5: Refactor mlx5_flow_destination->rep pointer to vport
  num (bsc#1012628).
- net/mlx5e: Fix error code in mlx5e_tc_action_miss_mapping_get()
  (bsc#1012628).
- net/mlx5e: Fix error codes in alloc_branch_attr() (bsc#1012628).
- net/mlx5e: Correct snprintf truncation handling for fw_version
  buffer (bsc#1012628).
- net/mlx5e: Correct snprintf truncation handling for fw_version
  buffer used by representors (bsc#1012628).
- net: mscc: ocelot: fix eMAC TX RMON stats for bucket 256-511
  and above (bsc#1012628).
- net: mscc: ocelot: fix pMAC TX RMON stats for bucket 256-511
  and above (bsc#1012628).
- octeontx2-pf: Fix graceful exit during PFC configuration failure
  (bsc#1012628).
- net: Return error from sk_stream_wait_connect() if
  sk_wait_event() fails (bsc#1012628).
- net: sched: ife: fix potential use-after-free (bsc#1012628).
- ethernet: atheros: fix a memleak in atl1e_setup_ring_resources
  (bsc#1012628).
- net/rose: fix races in rose_kill_by_device() (bsc#1012628).
- Bluetooth: Fix not notifying when connection encryption changes
  (bsc#1012628).
- Bluetooth: Fix deadlock in vhci_send_frame (bsc#1012628).
- Bluetooth: hci_event: shut up a false-positive warning
  (bsc#1012628).
- Bluetooth: hci_core: Fix hci_conn_hash_lookup_cis (bsc#1012628).
- bnxt_en: do not map packet buffers twice (bsc#1012628).
- net: phy: skip LED triggers on PHYs on SFP modules
  (bsc#1012628).
- ice: stop trashing VF VSI aggregator node ID information
    ... changelog too long, skipping 898 lines ...
- commit 59f1683

==== kmozillahelper ====

- BuildRequire rpm_macro(cmake_kf5): we call cmake_kf5 to build and
  thus need to ensure the macro to be known.
- Add extra-cmake-modules BuildRequires: fix build after recent KDE
  Frameworks update.

==== libarchive ====
Version update (3.7.0 -> 3.7.2)

- skip write tests on 32bit, they OOM
- update to 3.7.2:
  * Multiple vulnerabilities have been fixed in the PAX writer
  * bsdunzip(1) now correctly handles arguments following an
  - x after the zipfile
  * zstd filter now supports the "long" write option
  * SEGV and stack buffer overflow in verbose mode of cpio
  * bsdunzip updated to match latest upstream code
  * miscellaneous functional bugfixes

==== libavif ====
Version update (1.0.2 -> 1.0.3)

- update to 1.0.3:
  * Rewrite the fix for memory errors fixed in 1.0.2
  * CVE-2023-6704: Fix use-after-free errors (boo#1218303)
  * src/reformat.c: Allocate the threadData array directly

==== libdrm ====
Version update (2.4.118 -> 2.4.119)
Subpackages: libdrm2 libdrm_amdgpu1 libdrm_nouveau2 libdrm_radeon1

- update to 2.4.119:
  * add amdgpu_va_get_start_addr

==== libheif ====
Version update (1.17.5 -> 1.17.6)
Subpackages: gdk-pixbuf-loader-libheif libheif-aom libheif-dav1d libheif-ffmpeg libheif-jpeg libheif-openjpeg libheif-rav1e libheif1

- update to 1.17.6:
  * A couple of build fixes and bug fixes detected by fuzzing.
  * Corrects these issues:
  * CVE-2023-49462 - #1043
  * CVE-2023-49463 - #1042
- drop libheif-CVE-2023-49462.patch,
  libheif-CVE-2023-49464.patch,
  libheif-CVE-2023-49460.patch: upstream
- security update
- added patches
  fix CVE-2023-49460 [bsc#1217902], segmentation violation in decode_uncompressed_image()
  + libheif-CVE-2023-49460.patch
- sync ExclusiveArch with SVT-AV1
- move HEIF plugins from examples to separate package
- make sure all subpackages use the same libheif1 ABI

==== libical ====
Version update (3.0.16 -> 3.0.17)

- update to 3.0.17:
  * Escape commas in x-property TEXT values
  * Built-in timezones updated to tzdata2023c
  * icalparser_ctrl setting defines how to handle invalid CONTROL
    characters during parsing
  * New publicly available functions:
    + get_zone_directory()
    + icalparser_get_ctrl
    + icalparser_set_ctrl

==== libical-glib ====
Version update (3.0.16 -> 3.0.17)

- update to 3.0.17:
  * Escape commas in x-property TEXT values
  * Built-in timezones updated to tzdata2023c
  * icalparser_ctrl setting defines how to handle invalid CONTROL
    characters during parsing
  * New publicly available functions:
    + get_zone_directory()
    + icalparser_get_ctrl
    + icalparser_set_ctrl

==== libjcat ====
Version update (0.1.14 -> 0.2.0)

- Update to version 0.2.0:
  + New Features:
  - Add support for verifying firmware transparency checkpoints
  - Add various bitcounting functions for future use
  - Allow creating and validating SHA512 checksums
  - Allow verifying the checksum of a payload
  + Bugfixes:
  - Sprinkle attribute((nonnull)) to give a little more
    compile-time safety

==== libjpeg-turbo ====
Version update (8.2.2 -> 8.3.2)

- update to 3.0.1 (bsc#1211542, CVE-2023-2804):
  * The x86-64 SIMD functions now use a standard stack frame,
    prologue, and epilogue so that debuggers and profilers can
    reliably capture backtraces from within the functions.
  * Fixed two minor issues in the interblock smoothing algorithm
    that caused mathematical (but not necessarily perceptible)
    edge block errors when decompressing progressive JPEG images
    exactly two MCU blocks in width or that use vertical
    chrominance subsampling.
  * The TurboJPEG API now supports 4:4:1 (transposed 4:1:1)
    chrominance subsampling, which allows losslessly transposed or
    rotated 4:1:1 JPEG images to be losslessly cropped, partially
    decompressed, or decompressed to planar YUV images.
  * Fixed various segfaults and buffer overruns (CVE-2023-2804)
  * that occurred when attempting to decompress various
    specially-crafted malformed 12-bit-per-component and
    16-bit-per-component lossless JPEG images using color
    quantization or merged chroma upsampling/color conversion.  The
    underlying cause of these issues was that the color
    quantization and merged chroma upsampling/color conversion
    algorithms were not designed with lossless decompression
    in mind.  Since libjpeg-turbo explicitly does not support color
    conversion when compressing or decompressing lossless JPEG
    images, merged chroma upsampling/color conversion never should
    have been enabled for such images.  Color quantization is a
    legacy feature that serves little or no purpose with lossless
    JPEG images, so it is also now disabled when decompressing such
    images.  (As a result, djpeg can no longer decompress a
    lossless JPEG image into a GIF image.)
  * Fixed an oversight in 1.4 beta1[8] that caused various
    segfaults and buffer overruns when attempting to decompress
    various specially-crafted malformed 12-bit-per-component JPEG
    images using djpeg with both color quantization and RGB565
    color conversion enabled.
  * Fixed an issue whereby `jpeg_crop_scanline()` sometimes
    miscalculated the downsampled width for components with 4x2 or
    2x4 subsampling factors if decompression scaling was enabled.
    This caused the components to be upsampled incompletely, which
    caused the color converter to read from uninitialized memory.
    With 12-bit data precision, this caused a buffer overrun or
    underrun and subsequent segfault if the sample value read from
    uninitialized memory was outside of the valid sample range.
  * Fixed a long-standing issue whereby the `tj3Transform()`
    function, when used with the `TJXOP_TRANSPOSE`,
    `TJXOP_TRANSVERSE`, `TJXOP_ROT90`, or `TJXOP_ROT270` transform
    operation and without automatic JPEG destination buffer
    (re)allocation or lossless cropping, computed the worst-case
    transformed JPEG image size based on the source image
    dimensions rather than the transformed image dimensions.  If a
    calling program allocated the JPEG destination buffer based on
    the transformed image dimensions, as the API documentation
    instructs, and attempted to transform a specially-crafted
    4:2:2, 4:4:0, 4:1:1, or 4:4:1 JPEG source image containing a
    large amount of metadata, the issue caused `tj3Transform()` to
    overflow the JPEG destination buffer rather than fail
    gracefully.  The issue could be worked around by setting
    `TJXOPT_COPYNONE`.  Note that, irrespective of this issue,
    `tj3Transform()` cannot reliably transform JPEG source images
    that contain a large amount of metadata unless automatic JPEG
    destination buffer (re)allocation is used or `TJXOPT_COPYNONE`
    is set.
  * Significantly sped up the computation of optimal Huffman
    tables. This speeds up the compression of tiny images by as
    much as 2x and provides a noticeable speedup for images as
    large as 256x256 when using optimal Huffman tables.
  * All deprecated fields, constructors, and methods in the
    TurboJPEG Java API have been removed.
  * Arithmetic entropy coding is now supported with
    12-bit-per-component JPEG images.
  * Overhauled the TurboJPEG API to address long-standing
    limitations and to make the API more extensible and intuitive.

==== libportal ====
Subpackages: libportal-gtk3-1 libportal-gtk4-1 libportal1

- Replace copypasted summaries by something more concrete

==== libqt5-qtbase ====
Version update (5.15.11+kde138 -> 5.15.12+kde147)
Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5 libqt5-qtbase-platformtheme-gtk3

- Update to version 5.15.12+kde147:
  * Http2: fix potential overflow in assemble_hpack_block()
    (bsc#1218413, CVE-2023-51714)
  * HPack: fix incorrect integer overflow check
  * HPack: fix a Yoda Condition
- Update to version 5.15.12+kde144, rebased upstream:
  * QMimeDatabase: handle buggy type definitions with circular inheritance
  * xcb: only set base size when it's valid
  * QPixmapCache: fix leaking of QStrings and Keys on clear()
  * OpenFile portal: do not use O_PATH fds
  * QSystemTrayIcon: properly disconnect old menu in setContextMenu()
  * Guard QTabBar against nested event processing during moving tabs
  * QDial: don't crash when min==max and setting a value != min & max
  * QStandardItemModel: don't leak in mimeData()
  * SQL/MySQL: properly initialize variable
  * QWidgetTextControl: ignore invalid input method event
  * Update the LGPL license header
  * SQL/MySQL: fix handling of json column
  * Remove QMAKE_RANLIB and QMAKE_LINK_SHLIB from android/default_pre.prf
  * macOS: Fix less common writing systems on Catalina and later
  * Blacklist 1 tests in tst_QFtp on ubuntu-20.04
  * Update bundled libpng to version 1.6.39
  * Android: Fix signing of APKs that are generated when an AAB is also built
  * Update bundled zlib to version 1.2.13
  * doc: update the limitation of QSystemTrayIcon on X11
  * Blacklist 1 tests in tst_QTimer on ubuntu-20.04
  * Add benchmarks for QLocale number parsing
  * Add benchmarks for QString number parsing
  * Android: Fix incorrect fullscreen dimensions
  * Gtk3Theme: set XCURSOR_SIZE and XCURSOR_THEME for wayland sessions
  * xcb: Flush Display when processing xcb events
  * xcb: Add xlib wrapper for XFlush()
  * QHostAddress: Fix incorrect comparison against 'Any'
  * QSsl[OpenSSL/Android]: Fix hardcoded 1_1 suffix
  * BLACKLIST: tst_QApplication::sendEventsOnProcessEvents for RHEL 9.0
  * QMacStyle: do not set white color for grayed out button
  * Work round macOS's omission of en_DE from its own uiLanguages()
  * Suppress a deprecation warning in tst_QDateTime::toString_enumformat()
  * QJsonValue: fix incorrect to{Array,Object} when the value is empty
  * QGtk3Dialog: remove the #include for empty moc
  * Remove unneeded QWindow from QGtk3Dialog
  * tst_QSslSocket: Delete sslOptions
  * tst_QSslServer: Make the in-process server use TLS1.2
  * Android: fix Gradle warning about using enableUncompressedNativeLibs
  * Mention  limitation of QDir::drives() on Windows
  * QFileSystemEngine/Win: fix incorrect buffer size in currentPath()
  * Android: properly retrieve mime type of uri to for openUrl()
  * Android: Fix clipboard issue with urls
  * Android: Add a way to disable accessibility via an environment var
  * Update bundled libpng to version 1.6.38
  * QIOSMessageDialog::exec - work around 'windowsless' exec
  * QIosScreen: retain the right window
  * tst_Q{BitArray,ContiguousCache}: check not only count(), but size(), too
  * QIosTextResponder: stop using deprecated constants and type
  * qcompilerdetection.h: detect Coverity
  * Android: Fix Display.getRealMetrics deprecation
  * Fix broken Text rendering when noantialiased NativeRendering is used
  * forkfd: fix Clang 15 ATOMIC_VAR_INIT deprecation warning
  * eglfs: Add env.var. to disable the dedicated drmHandleEvent thread
  * doc: Don't put strings into QVector<double>
  * Remove focusProxyAndInputMethods from tst_QWidget
  * Bump version to 5.15.12
  * Update documentation of qWaitForWindowActive / qWaitForWindowExposed
  * QtHttp: Lower the severity of some log output
  * StyleSheetStyle: Fix color of placeholder texts in text edits
  * Android: Fix flickering on split screen mode
  * Update url to IAccessible2 Specification

==== libqt5-qtdeclarative ====
Version update (5.15.11+kde30 -> 5.15.12+kde31)

- Update to version 5.15.12+kde31, rebased upstream:
  * QML: Fortify qmlExecuteDeferred some more
  * QV4: Avoid memory corruption in Reflect.apply
  * Blacklist 1 tests in tst_qquickanimations on macos
  * doc: Add note to PinchHandler.translation property about macOS trackpad
  * Revert "masm: Treat Android as generic Posix regarding mmap and friends"
  * QML: Check for stack overflows when creating objects
  * Fix wrong item-sizeHint-cache when StackLayout children were reordered
  * Doc: Add missing QQuickWindow constructor
  * Handle missing stops gracefully in Shape gradients
  * Do not crash if madvise() fails on MADV_WILLNEED
  * Blacklist 1 tests in tst_qquickbehaviors on macos
  * Avoid double applyDelegateChange in QQIV::setDelegate
  * QSGGeometry: add Q_DISABLE_COPY_MOVE
  * Qml: Don't crash on bad grouped properties
  * Fix TypeError in dynamicview1 example
  * Fix broken Text rendering when noantialiased NativeRendering is used
  * Trim file names before adding them to qml components and scripts
  * masm: Treat Android as generic Posix regarding mmap and friends
  * Bump version to 5.15.12
  * Move StackLayout tests from qtquickcontrols.git (5.15)

==== libqt5-qtgraphicaleffects ====
Version update (5.15.11+kde0 -> 5.15.12+kde0)

- Update to version 5.15.12+kde0, rebased upstream:
  * Bump version to 5.15.12

==== libqt5-qtimageformats ====
Version update (5.15.11+kde12 -> 5.15.12+kde10)

- Update to version 5.15.12+kde10, rebased upstream:
  * Bump version to 5.15.12

==== libqt5-qtlocation ====
Version update (5.15.11+kde4 -> 5.15.12+kde6)

- Update to version 5.15.12+kde6, rebased upstream:
  * Fix HereMap plugin not supporting authentication via apiKey
  * Fix build of Qt.labs.location QML plugin
  * PositionSource: fix lastKnownPosition request at startup
  * Bump version to 5.15.12
- Drop patches, now upstream:
  * 0001-Fix-build-of-Qt.labs.location-QML-plugin.patch

==== libqt5-qtmultimedia ====
Version update (5.15.11+kde2 -> 5.15.12+kde2)

- Update to version 5.15.12+kde2, rebased upstream:
  * Fix crash on macos13 with iphone camera
  * VideoOutput: Always update geometry when video surface format changes
  * VideoOutput: fix resize of a finished video
  * Bump version to 5.15.12
  * Windows: Fix cropping for HEVC-encoded videos

==== libqt5-qtquickcontrols ====
Version update (5.15.11+kde0 -> 5.15.12+kde0)

- Update to version 5.15.12+kde0, rebased upstream:
  * Bump version to 5.15.12
  * Remove tests for StackLayout

==== libqt5-qtquickcontrols2 ====
Version update (5.15.11+kde5 -> 5.15.12+kde5)
Subpackages: libQt5QuickControls2-5 libQt5QuickTemplates2-5

- Update to version 5.15.12+kde5, rebased upstream:
  * Bump version to 5.15.12

==== libqt5-qtsensors ====
Version update (5.15.11+kde0 -> 5.15.12+kde0)
Subpackages: libQt5Sensors5 libQt5Sensors5-imports

- Update to version 5.15.12+kde0, rebased upstream:
  * Bump version to 5.15.12

==== libqt5-qtspeech ====
Version update (5.15.11+kde1 -> 5.15.12+kde1)
Subpackages: libQt5TextToSpeech5 libqt5-qtspeech-plugin-speechd

- Update to version 5.15.12+kde1, rebased upstream:
  * Bump version to 5.15.12

==== libqt5-qtsvg ====
Version update (5.15.11+kde6 -> 5.15.12+kde6)

- Update to version 5.15.12+kde6, rebased upstream:
  * Bump version to 5.15.12

==== libqt5-qttools ====
Version update (5.15.11+kde3 -> 5.15.12+kde4)
Subpackages: libqt5-qdbus libqt5-qtpaths

- Update to version 5.15.12+kde4, rebased upstream:
  * qdoc: Ensure the generated temporary header file is closed properly
  * Bump version to 5.15.12

==== libqt5-qttranslations ====
Version update (5.15.11+kde0 -> 5.15.12+kde0)

- Update to version 5.15.12+kde0, rebased upstream:
  * Bump version to 5.15.12

==== libqt5-qtvirtualkeyboard ====
Version update (5.15.11+kde0 -> 5.15.12+kde0)
Subpackages: libQt5HunspellInputMethod5 libQt5VirtualKeyboard5 libqt5-qtvirtualkeyboard-hunspell

- Update to version 5.15.12+kde0, rebased upstream:
  * Doc: Improve locale section of technical guide
  * Fix visible area in the basic example
  * Bump version to 5.15.12

==== libqt5-qtwayland ====
Version update (5.15.11+kde59 -> 5.15.12+kde60)
Subpackages: libQt5WaylandClient5 libQt5WaylandCompositor5

- Update to version 5.15.12+kde60, rebased upstream:
  * Client: Always populate mimedata in drags
  * Client: Honor QGuiApplication::overrideCursor()
  * Always use blocking write for data_source.send
  * client: Mark return values as unused to suppress compiler warnings
  * tests: fix tst_seatv4 to use 24 as default cursor size
  * Bump version to 5.15.12

==== libqt5-qtwebchannel ====
Version update (5.15.11+kde3 -> 5.15.12+kde3)
Subpackages: libQt5WebChannel5 libQt5WebChannel5-imports

- Update to version 5.15.12+kde3, rebased upstream:
  * Bump version to 5.15.12

==== libqt5-qtwebview ====
Version update (5.15.11+kde0 -> 5.15.12+kde0)
Subpackages: libQt5WebView5 libQt5WebView5-imports

- Update to version 5.15.12+kde0, rebased upstream:
  * Bump version to 5.15.12

==== libqt5-qtx11extras ====
Version update (5.15.11+kde0 -> 5.15.12+kde0)

- Update to version 5.15.12+kde0, rebased upstream:
  * Bump version to 5.15.12

==== libqt5-qtxmlpatterns ====
Version update (5.15.11+kde0 -> 5.15.12+kde0)
Subpackages: libQt5XmlPatterns5 libqt5-qtxmlpatterns-imports

- Update to version 5.15.12+kde0, rebased upstream:
  * Bump version to 5.15.12

==== libraw ====
Version update (0.21.1 -> 0.21.2)

- update to 0.21.2:
  * New compile-defined limit LIBRAW_MAX_PROFILE_SIZE_MB:
    limits allocation/read size for embedded color profile
    Embedded color profile allocation/read size: limited by input
    file size.
  * Multiple fixes (mostly inspired by oss-fuzz) to improve
    library stability and/or input checks.
  * raw-identify: use fallback if PATH_MAX not available
  * Disabled color conversion for Canon 16-bit thumbnails
  * docs/changelog: explained the case when no thumbnail is found
    in specific file
  * swapXX renamed to libraw_swapXX to avoid name conflict
  * better striped thumbnails handling
- drop libraw-CVE-2023-1729.patch (upstream)

==== librsvg ====
Version update (2.57.0 -> 2.57.1)
Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0

- Update to version 2.57.1:
  + Fix small-caps and bump the version of Pango required to 1.50.0.
  + Fix panic when using negative scaling transforms on the
    toplevel.
  + Support "var(--foo, #aabbcc)" just for colors.  This is the
    minimum required to render color SVG emoji fonts that provide
    color fallbacks, but it is not yet full support for CSS var().
  + Fix the VS2017 build.
  + Update cairo-rs.
  + Update the project metadata files.

==== libstorage-ng ====
Version update (4.5.163 -> 4.5.170)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1

- merge gh#openSUSE/libstorage-ng#976
- make more use of new SystemCmd interface
- use in-class member initialization
- inhibit colored output from udevadm
- fixed typos
- 4.5.170
- merge gh#openSUSE/libstorage-ng#975
- reduce number of udevadm settle calls during probing
- use in-class member initialization
- proved probe function taking SystemInfo as an additional argument
- fixed typos
- moved code
- 4.5.169
- Translated using Weblate (Slovak) (bsc#1149754)
- 4.5.168
- Translated using Weblate (Dutch) (bsc#1149754)
- Translated using Weblate (Japanese) (bsc#1149754)
- Translated using Weblate (Czech) (bsc#1149754)
- Translated using Weblate (Catalan) (bsc#1149754)
- merge gh#openSUSE/libstorage-ng#974
- updated pot and po files
- 4.5.167
- merge gh#openSUSE/libstorage-ng#973
- fixed typos
- 4.5.166
- merge gh#openSUSE/libstorage-ng#972
- added note about nvme json output
- 4.5.165
- merge gh#openSUSE/libstorage-ng#971
- adapted to changed nvme json output (bsc#1218306)
- 4.5.164

==== libxmlb ====
Version update (0.3.14 -> 0.3.15)

- update to 0.3.15:
  * Sprinkle __attribute__((nonnull)) to give a little more
    compile-time safety
  * Accept text/xml as an alternative to application/xml
  * Do not inline shared code
  * Fix compiling with Visual Studio
  * Fix the exported api test on Windows
  * Generate and use .def file for clang-cl builds
    Fan)
  * Release source file handles early

==== libzypp ====
Version update (17.31.25 -> 17.31.27)

- CheckAccessDeleted: fix 'running in container' filter
  (bsc#1218291)
- version 17.31.27 (22)
- Call zypp commit plugins during transactional update (fixes #506)
- Add support for loongarch64 (fixes #504)
- Teach MediaMultiCurl to download HTTP Multibyte ranges.
- Teach zsync downloads to MultiCurl.
- Expand RepoVars in URLs downloading a .repo file (bsc#1212160)
  Convenient and helps documentation as it may refer to a single
  command for a bunch of distributions. Like e.g. "zypper ar
  'https://server.my/$releasever/my.repo'".
- version 17.31.26 (22)

==== lsof ====
Version update (4.99.0 -> 4.99.3)

- lsof 4.99.3:
  * Fix compilation error when HASIPv6 is not defined
  * Add configure option --disable-liblsof to disable installation
    of liblsof
- add lsof-4.99.3-fix-version-in-configure-ac.patch

==== mozilla-nss ====
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs

- add nss-allow-slow-tests-s390x.patch: "certutil dump keys with
  explicit default trust flags" test needs longer than the allowed
  6 seconds on s390x

==== multipath-tools ====
Version update (0.9.7+76+suse.5f857af -> 0.9.7+93+suse.e2f2272)
Subpackages: kpartx libmpath0

- Update to version 0.9.7+93+suse.e2f2272:
  * fix ANA prioritizer enablement logic (bsc#1218326)
  * avoid setting queue_if_no_path on multipath maps for which the
    no_path_retry timeout has expired
  * the interactive commands "restorequeueing map X" and
    "restorequeing maps" now only affect maps that had queueing
    manually disabled using "disablequeuing maps" or
    "disablequeuing map X" beforehand
  * Spelling fixes

==== newt ====
Version update (0.52.23 -> 0.52.24)

- update to 0.52.24:
  * add support for python3.13
  * fix compiler warnings

==== nftables ====
Subpackages: libnftables1 python311-nftables

- buildrequire setuptools explicitly as pip drops the dependency
- Fix the python bindings subpackages
  * The PEP517 python build requires setuptools
  * Actually use the rpm subpackage definition
  * The version is actually python3dist(nftables) = 0.1
  * is noarch and requires libnftables1 through dlopen, tell
    rpmlint
  * remove unused shebang

==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0

- Updated to latest upstream: two small changes, with no known
  functional changes:
  * Incorrect documentation for `iscsiadm -m session` print level
    (upstream issue #432)
  * Stop using deprecated inet_aton and inet_ntoa (upstream issue
    [#435])
- Also, stopped using pre-prepared tarballs for the build, instead
  now using a service file to get latest SUSE srouces directly.
  This removed these two files:
  * open-iscsi-2.1.9-suse.tar.bz2, and
  * open-iscsi-SUSE-latest.diff.bz2
  whcih were both created by a shell script, and added a service-
  file-generated file of the form:
  * open-iscsi-2.1.9.suse+TAG_OFFSET.tar.xz
  where TAG_OFFSET is of the form "COMMIT_COUNT.HASH", where
  COMMIT_COUNT is the count of commits since 2.1.9-suse (in this
  case), and HASH is the git commit hash being used.

==== openblas_pthreads ====

- add Requires(pre/post): coreutils to the sub-packages that use
  commands like: ln, dirname, mktemp, etc in the pre/post scriptlets

==== osinfo-db ====
Version update (20231027 -> 20231215)

- Update to database version 20231215 (jsc#PED-6305)
  osinfo-db-20231215.tar.xz

==== perl-HTTP-Cookies ====
Version update (6.10 -> 6.110.0)

- updated to 6.11
  see /usr/share/doc/packages/perl-HTTP-Cookies/Changes
  6.11      2023-12-07 16:36:52Z
  - Replace "Test" with "Test::More" (GH#70) (James Raspass)

==== perl-IO-Socket-SSL ====

- Fix the test t/core.t to build with OpenSSL 3.2.0. [bsc#1218342]
  * https://github.com/noxxi/p5-io-socket-ssl/issues/147
  * Add perl-IO-Socket-SSL-Openssl32.patch

==== perl-XML-Parser ====
Version update (2.46 -> 2.470.0)

- updated to 2.47
  see /usr/share/doc/packages/perl-XML-Parser/Changes
  2.47 2023-12-28 (by Todd Rinaldo)
  - #84 use $fh instead of $foo
  - #85 Fix typo in documentation
  - #89 Devel::CheckLib to from 0.99 -> 1.14
  - Devel::CheckLibn 1.16
  - #91 POD fix for verbatim text
  - #97 Add a LICENSE file
  - #94 Don't ship Expat/Makefile
  - Various github workflow improvements. Windows is still not working.

==== plasma-branding-Kalpa ====
Version update (20231218 -> 20231227)

- Use cURL instead of ping for online check
- Added eval to kalpa-firstboot and kalpa-firstboot-aarch64
  (boo#1218367)
- Updated to 20231227
- Fixed typos in kalpa-firstboot and kalpa-firstboot-aarch64
  (boo#1218367)
  * Removed improper "" around $dbusRef
  * Corrected PATH for flathub remote
  * Removed installation of kwrite flatpak, GUI text editor is
    being provided via RPM in the pattern

==== plasma5-workspace ====
Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-libs xembedsniproxy

- Update appstream build requirement for compatibility with 1.0.0

==== podman ====
Version update (4.8.2 -> 4.8.3)

- Update to version 4.8.3:
  * Release v4.8.3
  * Update RELEASE_NOTES.md for v4.8.3
  * update module golang.org/x/crypto to v0.17.0 [security]
  * Error on HyperV VM start when gvproxy has failed to start
  * bump release to v4.8.3-dev

==== poppler ====
Version update (23.11.0 -> 23.12.0)
Subpackages: libpoppler-cpp0 libpoppler-glib8 libpoppler133 poppler-tools

- version update to 23.12.0
    core:
  * Rewrite FoFiType1::parse to be more flexible
  * Small internal code refactoring

==== poppler-qt5 ====
Version update (23.11.0 -> 23.12.0)

- version update to 23.12.0
    core:
  * Rewrite FoFiType1::parse to be more flexible
  * Small internal code refactoring

==== postfix ====
Version update (3.8.3 -> 3.8.4)

- update default configuration to enable the long-term fix for
  bsc#1218304, CVE-2023-51764, SMTP smuggling attack:
  * smtpd_forbid_bare_newline = yes
  * smtpd_forbid_bare_newline_exclusions = $mynetworks
- update to 3.8.4 (bsc#1218304, CVE-2023-51764):
  * Security: this release adds support to defend
    against an email spoofing attack (SMTP smuggling) on
    recipients at a Postfix server. For background, see
    https://www.postfix.org/smtp-smuggling.html

==== protobuf ====
Subpackages: libprotobuf-lite23_4_0 libprotobuf23_4_0 python311-protobuf

- build against modern python on sle15

==== protobuf-c ====
Version update (1.4.1 -> 1.5.0)

- update to 1.5.0:
  * Use CMAKE_CURRENT_BINARY_DIR instead of CMAKE_BINARY_DIR
  * remove deprecated functionality
  * Avoid "unused variable" compiler warning
  * Update autotools
  * Support for new Google protobuf 22.x, 23.x releases
  * Remove protobuf 2.x support

==== pulseaudio ====
Subpackages: libpulse-mainloop-glib0 libpulse0 pulseaudio-setup pulseaudio-utils system-user-pulse

- minor fixes for setup-pulseaudio
  * be sure /etc/profile.d/pulseaudio.sh exists before using grep

==== python-Babel ====
Version update (2.13.1 -> 2.14.0)

- update to 2.14.0:
  * ``Locale.number_symbols`` will now have first-level keys for
    each numbering system.
  * Babel no longer directly depends on either ``distutils`` or
    ``setuptools``; if you had been using the Babel setuptools
    command extensions, you would need explicitly depend on
    ``setuptools``
  * CLDR/Numbers: Add support of local numbering systems for
    number symbols
  * CLDR: Upgrade to CLDR 43
  * Frontend: Allow last_translator to be passed as an option to
    extract_message
  * Frontend: Decouple `pybabel` CLI frontend from
    distutils/setuptools
  * Numbers: Improve parsing of malformed decimals

==== python-SQLAlchemy ====
Version update (2.0.23 -> 2.0.24)

- update to 2.0.24:
  * https://docs.sqlalchemy.org/en/20/changelog/changelog_20.html#change-2.0.24

==== python-alembic ====
Version update (1.13.0 -> 1.13.1)

- update to 1.13.1:
  * Fixed :class:`.Rewriter` so that more than two instances
    could be chained together correctly, also allowing multiple
    ``process_revision_directives`` callables to be chained.
  * Fixed issue where the method
    :meth:`.EnvironmentContext.get_x_argument` using the
    :paramref:`.EnvironmentContext.get_x_argument.as_dictionary`
    parameter would fail if an argument key were passed on the
    command line as a name alone, that is, without an equal sign
    ``=`` or a value. Behavior is repaired where this condition is
    detected and will return a blank string for the given key,
    consistent with the behavior where the ``=`` sign is
    present and no value.
  * Fixed issue where the "unique" flag of an ``Index`` would not
    be maintained when generating downgrade migrations.
  * Fixed bug in versioning model where a downgrade across a
    revision with two down revisions with one down revision
    depending on the other, would produce an erroneous state in
    the alembic_version table, making upgrades impossible
    without manually repairing the table.
  * Updated pep-484 typing to pass mypy "strict" mode, however
    including per-module qualifications for specific typing
    elements not yet complete.
  * This allows us to catch specific typing issues that have been
    ongoing such as import symbols not properly exported.

==== python-configobj ====

- Remove six from the rpm requirements. Why would we have
  remove_six.patch in the first place if we still require it?
- Enable unit tests
- require setuptools
- remove python2 logic, this makes no sense after
  "remove_six.patch"

==== python-hiredis ====

- require setuptools

==== python-httpx ====
Version update (0.25.2 -> 0.26.0)

- update to 0.26.0:
  * The `proxy` argument was added. You should use the `proxy`
    argument instead of the deprecated `proxies`, or use
    `mounts=` for more complex configurations.
  * The `proxies` argument is now deprecated. It will still
    continue to work, but it will be removed in the future.
  * Fix cases of double escaping of URL path components. Allow /
    as a safe character in the query portion.
  * Handle `NO_PROXY` envvar cases when a fully qualified URL is
    supplied as the value.
  * Allow URLs where username or password contains unescaped '@'.
  * Ensure ASGI `raw_path` does not include URL query component.
  * Ensure `Response.iter_text()` cannot yield empty strings.

==== python-importlib-metadata ====
Version update (7.0.0 -> 7.0.1)

- update to 7.0.1:
  * Corrected the interface for SimplePath to encompass the
    expectations of locate_file and PackagePath.
  * Fixed type annotations to allow strings.

==== python-jsonschema-specifications ====
Version update (2023.11.2 -> 2023.12.1)

- update to 2023.12.1:
  * Ignore dotfiles when collectimg schemas

==== python-numpy ====

- Fix build error for Leap. Need gcc >= 8.5

==== python-psutil ====
Version update (5.9.6 -> 5.9.7)

- update to 5.9.7:
  * 2324_: enforce Ruff rule `raw-string-in-exception`, which
    helps providing clearer tracebacks when exceptions are
    raised by psutil.
  * 2325_, [PyPy]: psutil did not compile on PyPy due to missing
    `PyErr_SetExcFromWindowsErrWithFilenameObject` cPython API.
- drop logind_y2038.patch (upstream)

==== python-pycryptodome ====
Version update (3.19.0 -> 3.19.1)

- update to 3.19.1:
  * Fixed a side-channel leakage with OAEP decryption that could be
    exploited to carry out a Manger attack

==== python-pycups ====

- require setuptools

==== python-pyrsistent ====
Version update (0.19.3 -> 0.20.0)

- update to 0.20.0:
  * Fix #245, never introduce new nodes during discard.
  * Fix #268, do not rely on well implemented __ne__ for keys in
    pmaps, instead do explicit inversion of equality
    comparison when checking for inequality.
  * Officially support Python 3.12.
  * Officially drop support for Python 3.7.
  * Fix #273, build more types of wheels.
  * Fix #282, add generic types to types
  * Fix #281, defaultdict can now be frozen. NB! This is a
    backwards incompatible fix since defaultdict was not
    previously frozen.

==== python-pyzmq ====
Version update (25.1.1 -> 25.1.2)

- update to 25.1.2:
  * Fix builds with some recent compilers and bundled libzmq
  * Fix builds with upcoming Cython 3.1

==== python-redis ====

- Add patch to increase timeouts in s390x where tests take longer
  to run:
  * increase-test-timeout.patch

==== python-setuptools ====
Version update (68.1.2 -> 69.0.2)

- Add patch allow-only-direct-compilation.patch:
  * Allow forcing direct compilation.
- update to 69.0.2:
  * Added missing estimated date for removing
    ``setuptools.dep_util`` (deprecated in v69.0.0).
  * Fixed imports of ``setuptools.dep_util.newer_group``.
  * A deprecation warning is issued instead of a hard failure.
  * Include type information (``py.typed``, ``*.pyi``) by default
    (#3136) -- by :user:`Danie-1`,
  * Exported ``distutils.dep_util`` and ``setuptools.dep_util``
    through ``setuptools.modified``
  * Merged with pypa/distutils@7a04cbda0fc714.
  * Replaced hardcoded numeric values with :obj:`dis.opmap`,
    fixing problem with 3.13.0a1. (#4094)
  * Configuring project ``version`` and ``egg_info.tag_*`` in
    such a way that results in invalid version strings
    (according to :pep:`440`) is no longer permitted. (#4066)
  * Removed deprecated ``egg_base`` option from ``dist_info``.
  * The parsing of the deprecated ``metadata.license_file`` and
    ``metadata.requires`` fields in ``setup.cfg`` is no longer
    supported.
  * Users are expected to move to ``metadata.license_files`` and
    ``options.install_requires`` (respectively). (#4066)
  * Passing ``config_settings`` to ``setuptools.build_meta`` with
    deprecated values for ``--global-option`` is no longer
    allowed. (#4066)
  * Removed deprecated ``namespace-packages`` from
    ``pyproject.toml``.
  * Added strict enforcement for ``project.dynamic`` in
    ``pyproject.toml``.
    This removes the transitional ability of users configuring
    certain parameters via ``setup.py`` without making the
    necessary changes to ``pyproject.toml``
  * Removed handling of ``--config-settings["--build-option"]``
    in ``setuptools.build_meta`` from build-backend API hooks
  * other than* ``build_wheel``.
  * Improve backwards compatibility with deprecated CLI
    practices. (#4048)
  * Avoid using caching attributes in ``Distribution.metadata``
    for requirements. This is done for backwards compatibility
    with customizations that attempt to modify ``install_requires``
    or ``extras_require`` at a late point (still not recommended).
  * Rework how ``setuptools`` internally handles
    ``dependencies/install_requires`` and
    ``optional-dependencies/extras_require``. (#3903)
  * Improve the generated ``PKG-INFO`` files, by adding
    ``Requires-Dist`` fields.
  * Previously, these fields would be omitted in favour of a non-
    standard ``*.egg-info/requires.txt`` file (which is still
    generated for the time being). (#3904)
  * Improve atomicity when writing ``PKG-INFO`` files to avoid
    race conditions with ``importlib.metadata``. (#3904)
  * Fix the name given to the ``*-nspkg.pth`` files in editable
    installs, ensuring they are unique per distribution. (#4041)
  * Workaround some limitations on ``pkg_resources``-style legacy
    namespaces in the meta path finder for editable installations.
- drop sphinx72.patch (upstream)

==== python-six ====

- require setuptools

==== python-tornado6 ====
Version update (6.3.3 -> 6.4)

- update to 6.4:
  * https://www.tornadoweb.org/en/stable/releases/v6.4.0.html
  * Python 3.12 is now supported.
- drop py312-datetime.patch (upstream)

==== python-zope.interface ====
Version update (6.0 -> 6.1)

- remove python2 specific codepaths
- update to 6.1:
  * Add support for Python 3.12.
  * Fix building of the docs for non-final versions.

==== qca-qt5 ====
Version update (2.3.7 -> 2.3.7+git12)
Subpackages: libqca-qt5-2 qca-qt5-plugins

- Update to version 2.3.7+git12:
  * Increase version number
  * Update rootcerts.pem
  * test: add test for EME_PKCS1_OAEP and fix openssl >= 3.2 does not failing anymore when decrypting with the wrong key
  * plugins/qca-ossl: Announce tripledes unconditionally again
- Add a _service to pick up fixes from git
- Update to version 2.3.7+git8:
  * CI: Also verify that presence of the ossl legacy provider impacts qca
  * plugins/qca-ossl: Actually try loading the legacy provider
  * plugins/qca-ossl: Neither PKCS12 nor 3DES are legacy
    (boo#1218254)
  * unittest/keybundle: Regenerate keys and certificates
  * CI: Use clang-format-16
  * GIT_SILENT: Port to new gitlab ci template
  * Replace sys/termios.h include for just termios.h
  * Sign self-signed certs with SHA256

==== qpdf ====
Version update (11.6.4 -> 11.7.0)

- update to 11.7.0:
  * Add QPDFAcroFormDocumentHelper::disableDigitalSignatures,
    which disables any digital signature fields, leaving their
    visual representations intact.
    The --remove-restrictions command-line argument now calls this.
  * Generate a more complete qpdf "man page" from the same source
    as qpdf --help. Fixes #1064.
  * Allow the syntax "--encrypt --user-password=user-password
  - -owner-password=owner-password --bits={40,128,256}" when
    encrypting PDF files. This is an alternative to the syntax
    "--encrypt user-password owner-password {40,128,256}", which
    will continue to be supported. The new syntax works better with
    shell completion and allows creation of passwords that start
    with "-".
  * When setting a check box value, allow any value other than
    /Off to mean checked. This is permitted by the spec.
  * Fix to QPDF JSON: a floating point number that appears in
    scientific notation will be converted to fixed-point notation,
    rounded to six digits after the decimal point.
  * Fix to QPDF JSON: the syntax "n:/pdf-syntax" is now accepted
    as an alternative way to represent names. This can be used for
    any name (e.g. "n:/text#2fplain"), but it is necessary when the
    name contains binary characters.
  * Update code and tests so that qpdf's test suite no longer
    depends on the output of any specific zlib implementation.
    This makes it possible to get a fully passing test suite with any
    API-compatible zlib library. CI tests with the default zlib
    as well as zlib-ng (including verifying that zlib-ng is not the
    default), but any zlib implementation should work. Fixes
    [#774].
  * Bug fix: with --compress-streams=n, don't compress object,
    XRef, or linearization hint streams.
  * Add new C++ functions "qpdf_c_get_qpdf" and "qpdf_c_wrap" to
    qpdf-c.h that make it possible to write your own extern "C"
    functions in C++ that interoperate with the C API. See
    examples/extend-c-api for more information.

==== runc ====
Version update (1.1.10 -> 1.1.11)

- Update to runc v1.1.11. Upstream changelog is available from
  <https://github.com/opencontainers/runc/releases/tag/v1.1.11>.

==== sdbootutil ====
Version update (1+git20231214.b186b2d -> 1+git20231221.42797ab)
Subpackages: sdbootutil-rpm-scriptlets sdbootutil-snapper

- Update to version 1+git20231221.42797ab:
  * Do not fail if LUKS2 section is empty

==== sof-firmware ====
Version update (2023.09.2 -> 2023.12)

- Update to version 2023.12:
  * SOF v2.8 FW binaries: For older Intel platforms, FW from v2.2 stable
  * SOF v2.8 tools: For older Intel platforms, tools from v2.2 stable
  * SOF v2.8 DSP topologies: For older Intel platforms, topologies matching v2.2.8
- add Requires(post): coreutils
  * the macro regenerate_initrd_post creates a post scriptlet that
    uses mkdir and touch

==== sudo ====
Version update (1.9.15p4 -> 1.9.15p5)
Subpackages: sudo-plugin-python

- Update to 1.9.15p5:
  * Fixed evaluation of the lecture, listpw, verifypw, and fdexec sudoers
    Defaults settings when used without an explicit value. Previously, if
    specified without a value they were evaluated as boolean false, even when
    the negation operator ('!') was not present.
  * Fixed a bug introduced in sudo 1.9.14 that prevented LDAP netgroup queries
    using the NETGROUP_BASE setting from being performed.
  * Sudo will now transparently rename a user's lecture file from the older
    name-based path to the newer user-ID-based path. GitHub issue #342.
  * Fixed a bug introduced in sudo 1.9.15 that could cause a memory allocation
    failure if sysconf(_SC_LOGIN_NAME_MAX) fails. Bug #1066.

==== suse-module-tools ====
Version update (16.0.39 -> 16.0.42)
Subpackages: suse-module-tools-scriptlets

- Update to version 16.0.42:
  * 60-io-scheduler.rules: test for "scheduler" sysfs attribute (boo#1216717)
- Update to version 16.0.41:
  * rpm-script: fix issue during installation (bsc#1217775)
  * rpm-script: preun: remove stale .vmlinuz.hmac file
* add blacklist entry for reiserfs (jsc#PED-6167)
  * rpm-script: add symlink /boot/.vmlinuz.hmac (bsc#1217775)
  * Remove kmp-install (boo#1214360)

==== timezone ====
Version update (2023c -> 2023d)

- update to 2023d:
  * Ittoqqortoormiit, Greenland changes time zones on
    2024-03-31.
  * Vostok, Antarctica changed time zones on 2023-12-18.
  * Casey, Antarctica changed time zones five times since
    2020.
  * Code and data fixes for Palestine timestamps starting in
    2072.
  * A new data file zonenow.tab for timestamps starting now.
  * Fix predictions for DST transitions in Palestine in
    2072-2075, correcting a typo introduced in 2023a.
  * Vostok, Antarctica changed to +05 on 2023-12-18.  It had
    been at +07 (not +06) for years.
  * Change data for Casey, Antarctica to agree with
    timeanddate.com, by adding five time zone changes since 2020.
    Casey is now at +08 instead of +11.
  * Much of Greenland, represented by America/Nuuk, changed
    its standard time from -03 to -02 on 2023-03-25, not on
    2023-10-28.
  * localtime.c no longer mishandles TZif files that contain
    a single transition into a DST regime.  Previously,
    it incorrectly assumed DST was in effect before the transition
    too.
  * tzselect no longer creates temporary files.
  * tzselect no longer mishandles the following:
  * Spaces and most other special characters in BUGEMAIL,
    PACKAGE, TZDIR, and VERSION.
  * TZ strings when using mawk 1.4.3, which mishandles
    regular expressions of the form /X{2,}/.
  * ISO 6709 coordinates when using an awk that lacks the
    GNU extension of newlines in -v option-arguments.
  * Non UTF-8 locales when using an iconv command that
    lacks the GNU //TRANSLIT extension.
  * zic no longer mishandles data for Palestine after the
    year 2075.

==== tpm2.0-tools ====
Version update (5.5 -> 5.6)

- Update to version 5.6
  + tpm2_eventlog:
  * add H-CRTM event support
  * add support of efivar versions less than 38
  * Add support to check for efivar/efivar.h manually
  * Minor formatting fixes
  * tpm2_eventlog: add support for replay with different
    StartupLocality
  * Fix pcr extension for EV_NO_ACTION
  * Extend test of yaml string representation
  * Use helper for printing a string dump
  * Fix upper bound on unique data size
  * Fix YAML string formatting
  + tpm2_policy:
  * Add support for parsing forward seal TPM values
  * Use forward seal values in creating policies
  * Move dgst_size in evaluate_populate_pcr_digests()
  * Allow more than 8 PCRs for sealing
  * Move dgst_size in evaluate_populate_pcr_digests
  * Allow more than 8 PCRs for sealing
  * Make __wrap_Esys_PCR_Read() more dynamic to enable testing more
    PCRs
  + tpm2_encryptdecrypt: Fix pkcs7 padding stripping
  + tpm2_duplicate:
  * Support -a option for attributes
  * Add --key-algorithm option
  + tpm2_encodeobject: Use the correct -O option instead of -C
  + tpm2_unseal: Add qualifier static to enhance the privacy of unseal
    function
  + tpm2_sign:
  * Remove -m option which was added mistakenly
  * Revert sm2 sign and verifysignature
  + tpm2_createek:
  * Correct man page example
  * Fix usage of nonce
  * Fix integrating nonce
  + tpm2_clear: add more details about the action
  + tpm2_startauthsession: allow the file attribute for policy
    authorization.
  + tpm2_getekcertificate: Add AMD EK support
  + tpm2_ecdhzgen: Add public-key parameter
  + tpm2_nvreadpublic: Prevent free of unallocated pointers on failure
  + Bug-fixes:
  * The readthedocs build failed with module 'jinja2' has no
    attribute 'contextfilter' a requirement file was added to fix
    this problem
  * An error caused by the flags -flto -_FORTIFY_SOURCE=3 in kdfa
    implementation. This error can be avoided by switching off the
    optimization with pragma
  * Changed wrong function name of "Esys_Load" to "Esys_Load"
  * Function names beginning with Esys_ are wrongly written as Eys_
  * Reading and writing a serialized persistent ESYS_TR handles
  * cirrus-ci update image-family to freebsd-13-2 from 13-1
  + misc:
  * Change the default Python version to Python3 in the helper's
    code
  * Skip test which uses the sign operator for comparison in
    abrmd_policynv.sh
  * tools/tr_encode: Add a tool that can encode serialized ESYS_TR
    for persistent handles from the TPM2B_PUBLIC and the raw
    persistent TPM2_HANDLE
  * Add safe directory in config

==== traceroute ====
Version update (2.1.3 -> 2.1.5)

- update to 2.1.5:
  * Parse interface information (rfc5837) for ICMP extensions
  * Add `fastopen' tcp module option (cookie negotiation only)
  * Complete tcp module option `mss' to discover possible mss
    clamping along the path being traced.
  * Complete tcp module option `info' to print returned tcp header
    options too (all those that can be set or altered by `-O' for
    tcp module).

==== tracker-miners ====
Subpackages: tracker-miner-files

- Rebase tracker-miners-drop-syscalls-in-seccomp.patch

==== vim ====
Version update (9.0.2181 -> 9.1.0000)
Subpackages: vim-data vim-data-common vim-small xxd

- update to 9.1.0000
  add missing help tags
  regenerate synmenu
  proto files need update
  improve filetype detection for *.v (V/Verilog/Coq)
  Update sh syntax and add local keyword for bash
  Update ftplugin and omni-complete
  Update Version9.txt for release 9.1
  Add help tags to items in version9.txt
  Updated German translation
  Improve Turkish documentation
  update syntax and documentation
  Wrong display with 'briopt=sbr' and 'nobreakindent'
  Updates to indent and syntax
  Fix folding of code blocks
  Provide sass_recommended_style option
  Updates to ftplugin and syntax
  Make diffs foldable
  Add small ftplugin
  add Hungarian translation
  Updated Russian translation
  remove coveralls, move runtime/lang/Make_mvc.mak
  correct the :public example
  adjust tutor/README.ru.utf-8.txt
  Update Italian translations
  missing undo_ftplugin for indentkeys
  cursor wrong after { in single line buffer
  Visual not drawn with 'breakindent' when line doesn't fit
  add help tag multiple-constructors.
  fix indentation
  Syntax fix
  LTCG compile error ARM64 for write_chars
  clarify behaviour of ]m and ]M motions
  Update default links
  update ConTeXt keywords and other minor fixes
  Add variable categories and null related documentation
  Update R runtime files and docs
  Update Ukrainian translation
  Coverity complains about not checking return value
  Clarify that new() is not static
  list of new/changed features in version9.txt
  updates to indent, syntax and ftplugin
  Add loong64 arch
  add some error codes to `:help vim9class`
  Vim9: inconsistent :type/:class messages
  add support for matchit plugin
  add variants of opcodes
  Include Vim9 class features in version9.txt
  Maximum callback depth is not configurable
  Update Serbian messages translation
  reformat and align :h ft-c-syntax
  Update syntax file
  Vim9: need a way to reserve future extension
  Add TODO support to syntax script
  Vim9: missing error messages
  update helptags
  POSIX function name in exarg causes issues
  no filetype detection for execline scripts
  reg_executing() wrong for :normal with range
  Wrong cursor position when dragging out of window
  Update Serbian messages translation
  prevent E11 on FocusGained autocommand
  Update Japanese translation
  updated 8th syntax
  change dependabot prefix to "CI"
  Update change.txt
  Compile error with Motif UI + mouse support
  Create Changelog until v9.0.2175
  Update Italian translations
  Update tmux syntax rules
  Update Turkish translations
  Compiler warning for uninitialized var
  update fortran syntax rules and doc notes
  Vim9: segfault when assigning to type
  remove deprecation warning for gdefault
  Vim9: crash when compiling for statement and non-existing type
  Vim9: compiling :defer may fail
  Updated Irish translation
  Update Logtalk runtime files for the latest language spec
  update Racket runtime files
  Update colorschemes
  The options[] array is still not sorted alphabetically
  Vim9: no support for const/final class/objects vars
  Vim9: builtin funcs may accept a non-value
  Moving tabpages on :drop may cause an endless loop
  sync runtime files with upstream
  grammar & typo fixes
  add Tbreak command
  Vim9: not consistently using :var for declarations
  Memory leak in Configure Script when checking GTK
  Vim9: can simplify arg type checking code
  Vim9: can use type a func arg/return value
  escape curdir in BrowseUpDir
  Vim9: type can be assigned to list/dict
  Vim9: type documentation out-dated
  Vim9: not able to use imported interfaces and classes
  Fix i386 build
  instanceof() should use varargs as second arg
  Update syntax file, fix missing for highlight
    ... changelog too long, skipping 30 lines ...
  Type check tests fail without the channel feature

==== wireless-regdb ====
Version update (20230901 -> 20231201)

- Update to version 20231201:
  * wireless-regdb: Update keys and maintainer information

==== wireplumber ====
Version update (0.4.16 -> 0.4.17)
Subpackages: libwireplumber-0_4-0 wireplumber-audio

- Update to version 0.4.17:
  * Fixes:
  - Fix a reference counting issue in the object managers that
    could cause crashes due to memory corruption.
  - Fix an issue with filters linking to wrong targets, often
    with two sets of links.
  - Fix a crash in the endpoints policy that would show up when
    log messages were enabled at level 3 or higher.

==== xmlsec1 ====
Version update (1.2.37 -> 1.2.38)
Subpackages: libxmlsec1-1 libxmlsec1-openssl1

- Update to 1.2.38
  * Have a look at the changelog for the list of changes

==== xorg-x11-server ====
Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra

- n_xserver-optimus-autoconfig-hack.patch
  u_randr-Do-not-crash-if-slave-screen-does-not-have-pro.patch
  u_xfree86-activate-GPU-screens-on-autobind.patch
  * check dixPrivateKeyRegistered(rrPrivKey) before calling
    rrGetScrPriv() to avoid xserver crash when Xinerama is enabled
    (boo#1218240)
  - ------------------------------------------------------------------

==== yast2-installation ====
Version update (5.0.2 -> 5.0.3)

- Enclose IPv6 addresses within square brackets when calling
  the mount command (bsc#1217637).
- 5.0.3

==== yast2-journal ====
Version update (5.0.0 -> 5.0.1)

- Make sure not to get escape sequences (for colors) into the
  output of the 'journalctl --output json' command, even if
  $SYSTEMD_COLORS is set in the environment (bsc#1218106)
- 5.0.1