Packages changed:
  MicroOS-release (20240904 -> 20240908)
  SDL2 (2.30.6 -> 2.30.7)
  aaa_base (84.87+git20240821.fbabe1d -> 84.87+git20240906.742565b)
  aardvark-dns (1.12.1 -> 1.12.2)
  containerd (1.7.17 -> 1.7.21)
  crun (1.15 -> 1.16.1)
  expat (2.6.2 -> 2.6.3)
  gnome-autoar (0.4.4 -> 0.4.5)
  gnutls (3.8.6 -> 3.8.7)
  iputils (20240117 -> 20240905)
  kernel-firmware (20240826 -> 20240903)
  kernel-source (6.10.7 -> 6.10.8)
  kwalletmanager
  libXi (1.8.1 -> 1.8.2)
  libjxl
  libqt5-qtbase (5.15.14+kde143 -> 5.15.15+kde127)
  libqt5-qtdeclarative (5.15.14+kde28 -> 5.15.15+kde25)
  libqt5-qtgraphicaleffects (5.15.14+kde0 -> 5.15.15+kde0)
  libqt5-qtimageformats (5.15.14+kde7 -> 5.15.15+kde4)
  libqt5-qtmultimedia (5.15.14+kde2 -> 5.15.15+kde2)
  libqt5-qtquickcontrols (5.15.14+kde0 -> 5.15.15+kde0)
  libqt5-qtquickcontrols2 (5.15.14+kde5 -> 5.15.15+kde5)
  libqt5-qtspeech (5.15.14+kde1 -> 5.15.15+kde1)
  libqt5-qtsvg (5.15.14+kde5 -> 5.15.15+kde5)
  libqt5-qtwayland (5.15.14+kde57 -> 5.15.15+kde59)
  libqt5-qtx11extras (5.15.14+kde0 -> 5.15.15+kde0)
  libwebp (1.3.2 -> 1.4.0)
  libzypp (17.35.9 -> 17.35.10)
  llvm18
  mozilla-nss (3.102.1 -> 3.103)
  openssl-3
  osinfo-db
  pam-config (2.11+git.20240620 -> 2.11+git.20240906)
  power-profiles-daemon (0.21 -> 0.22)
  procps
  rsync
  selinux-policy
  timezone
  u-boot-rpiarm64
  vim (9.1.0636 -> 9.1.0718)
  xfsprogs (6.9.0 -> 6.10.1)
  xxhash
  zxing-cpp (2.1.0 -> 2.2.1)
  zypper (1.14.76 -> 1.14.77)

=== Details ===

==== MicroOS-release ====
Version update (20240904 -> 20240908)
Subpackages: MicroOS-release-appliance MicroOS-release-dvd

- automatically generated by openSUSE-release-tools/pkglistgen

==== SDL2 ====
Version update (2.30.6 -> 2.30.7)

- Update to release 2.30.7
  * Added support for the Retro-bit Controller in PS3 mode
  * Fixed the cursor becoming visible when using relative mode
    under XWayland
  * Fixed Direct Rendering Manager initialization failure on some
    Linux systems
  * Fixed a crash when the current mouse capture window is
    destroyed

==== aaa_base ====
Version update (84.87+git20240821.fbabe1d -> 84.87+git20240906.742565b)

- Update to version 84.87+git20240906.742565b:
  * yama-enable-ptrace: enforce changed behavior upon installation (bsc#1221763)
  * Avoid unnecessary /bin/bash dependency
  * sysctl: Fixup of not setting kernel.pid_max on 32b archs (bsc#1227117)

==== aardvark-dns ====
Version update (1.12.1 -> 1.12.2)

- Update to version 1.12.2:
  * Release v1.12.2
  * Update release notes for 1.12.2
  * coredns: work on tcp requests concurrently
  * tcp: add timeout to connection (fixes bsc#1230153 / CVE-2024-8418)
  * cirrus: update branch names

==== containerd ====
Version update (1.7.17 -> 1.7.21)

- Update to containerd v1.7.21. Upstream release notes:
  <https://github.com/containerd/containerd/releases/tag/v1.7.21>
  Fixes CVE-2023-47108. bsc#1217070
  Fixes CVE-2023-45142. bsc#1228553
- Rebase patches:
  * 0001-BUILD-SLE12-revert-btrfs-depend-on-kernel-UAPI-inste.patch

==== crun ====
Version update (1.15 -> 1.16.1)

- new upstream release 1.16.1
  1.16.1:
- fix a regression introduced by 1.16 where using 'rshared' rootfs mount propagation and the rootfs itself is a mountpoint.
- inherit user from original process on exec, if not overridden.
  1.16:
- build: fix build for s390x.
- linux: fix mount of special files with rro.  Open the mount target with O_PATH to prevent open(2) failures with special files like FIFOs or UNIX sockets.
- Fix sd-bus error handling for cpu quota and period props update.
- container: use relative path for rootfs if possible.  If the rootfs cannot be resolved and it is below the current working directory, only use its relative path.
- wasmedge: access container environment variables for the WasmEdge configuration.
- cgroup, systemd: use MemoryMax instead of MemoryLimit.  Fixes a warning for using an old configuration name.
- cgroup, systemd: improve checks for sd_bus_message_append errors

==== expat ====
Version update (2.6.2 -> 2.6.3)

- Update to 2.6.3:
  * Security fixes:
  - CVE-2024-45490, bsc#1229930 -- Calling function XML_ParseBuffer with
    len < 0 without noticing and then calling XML_GetBuffer
    will have XML_ParseBuffer fail to recognize the problem
    and XML_GetBuffer corrupt memory.
    With the fix, XML_ParseBuffer now complains with error
    XML_ERROR_INVALID_ARGUMENT just like sibling XML_Parse
    has been doing since Expat 2.2.1, and now documented.
    Impact is denial of service to potentially artitrary code
    execution.
  - CVE-2024-45491, bsc#1229931 -- Internal function dtdCopy can have an
    integer overflow for nDefaultAtts on 32-bit platforms
    (where UINT_MAX equals SIZE_MAX).
    Impact is denial of service to potentially artitrary code
    execution.
  - CVE-2024-45492, bsc#1229932 -- Internal function nextScaffoldPart can
    have an integer overflow for m_groupSize on 32-bit
    platforms (where UINT_MAX equals SIZE_MAX).
    Impact is denial of service to potentially artitrary code
    execution.
  * Other changes:
  - Autotools: Sync CMake templates with CMake 3.28
  - Autotools: Always provide path to find(1) for portability
  - Autotools: Ensure that the m4 directory always exists.
  - Autotools: Simplify handling of SIZEOF_VOID_P
  - Autotools: Support non-GNU sed
  - Autotools|CMake: Fix main() to main(void)
  - Autotools|CMake: Fix compile tests for HAVE_SYSCALL_GETRANDOM
  - Autotools|CMake: Stop requiring dos2unix
  - CMake: Fix check for symbols size_t and off_t
  - docs|tests: Convert README to Markdown and update
  - Windows: Drop support for Visual Studio <=15.0/2017
  - Drop needless XML_DTD guards around is_param access
  - Fix typo in a code comment
  - Version info bumped from 10:2:9 (libexpat*.so.1.9.2)
    to 10:3:9 (libexpat*.so.1.9.3); see https://verbump.de/
    for what these numbers do

==== gnome-autoar ====
Version update (0.4.4 -> 0.4.5)

- Update to version 0.4.5:
  + mime-types: Add tar variant of bzip2
  + extractor: Fix source string leak

==== gnutls ====
Version update (3.8.6 -> 3.8.7)

- Update to 3.8.7:
  * libgnutls: New configure option to compile out DSA support
    The --disable-dsa configure option has been added to completely
    disable DSA algorithm support.
  * libgnutls: Experimental support for X25519Kyber768Draft00 key
    exchange in TLS. For testing purposes, the hybrid post-quantum
    key exchange defined in draft-tls-westerbaan-xyber768d00 has been
    implemented using liboqs. Since the algorithm is still not finalized,
    the support of this key exchange is disabled by default and can be
    enabled with the --with-liboqs configure option.
  * Rebase patches:
  - gnutls-FIPS-140-3-references.patch
  - gnutls-FIPS-HMAC-nettle-hogweed-gmp.patch

==== iputils ====
Version update (20240117 -> 20240905)

- Update to version 20240905 (mostly ping fixes release)
  https://github.com/iputils/iputils/releases/tag/20240905
- Fix tarball url

==== kernel-firmware ====
Version update (20240826 -> 20240903)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-ath12k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network

- Update to version 20240903 (git commit 96af55bd3d0b):
  * amdgpu: Revert sienna cichlid dmcub firmware update (bsc#1230007)
  * iwlwifi: add Bz FW for core89-58 release
  * rtl_nic: add firmware rtl8126a-3
  * linux-firmware: update firmware for MT7921 WiFi device
  * linux-firmware: update firmware for mediatek bluetooth chip (MT7921)
- Update to version 20240830 (git commit d6c600d46981):
  * amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351
  * qcom: vpu: restore compatibility with kernels before 6.6

==== kernel-source ====
Version update (6.10.7 -> 6.10.8)
Subpackages: kernel-64kb kernel-default

- Linux 6.10.8 (bsc#1012628).
- drm/amdgpu/mes: fix mes ring buffer overflow (bsc#1012628).
- erofs: fix out-of-bound access when z_erofs_gbuf_growsize()
  partially fails (bsc#1012628).
- ALSA: seq: Skip event type filtering for UMP events
  (bsc#1012628).
- ALSA: hda/realtek: Enable mute/micmute LEDs on HP Laptop
  14-ey0xxx (bsc#1012628).
- ALSA: hda/realtek: support HP Pavilion Aero 13-bg0xxx Mute LED
  (bsc#1012628).
- LoongArch: Remove the unused dma-direct.h (bsc#1012628).
- LoongArch: Add ifdefs to fix LSX and LASX related warnings
  (bsc#1012628).
- tpm: ibmvtpm: Call tpm2_sessions_init() to initialize session
  support (bsc#1012628).
- btrfs: fix a use-after-free when hitting errors inside
  btrfs_submit_chunk() (bsc#1012628).
- btrfs: run delayed iputs when flushing delalloc (bsc#1012628).
- smb/client: avoid dereferencing rdata=NULL in
  smb2_new_read_req() (bsc#1012628).
- pinctrl: rockchip: correct RK3328 iomux width flag for GPIO2-B
  pins (bsc#1012628).
- pinctrl: single: fix potential NULL dereference in
  pcs_get_function() (bsc#1012628).
- netfs, ceph: Partially revert "netfs: Replace PG_fscache by
  setting folio->private and marking dirty" (bsc#1012628).
- wifi: wfx: repair open network AP mode (bsc#1012628).
- wifi: mwifiex: duplicate static structs used in driver instances
  (bsc#1012628).
- net: mana: Fix race of mana_hwc_post_rx_wqe and new hwc response
  (bsc#1012628).
- mptcp: close subflow when receiving TCP+FIN (bsc#1012628).
- mptcp: sched: check both backup in retrans (bsc#1012628).
- mptcp: pr_debug: add missing \n at the end (bsc#1012628).
- mptcp: pm: reuse ID 0 after delete and re-add (bsc#1012628).
- mptcp: pm: skip connecting to already established sf
  (bsc#1012628).
- mptcp: pm: reset MPC endp ID when re-added (bsc#1012628).
- mptcp: pm: send ACK on an active subflow (bsc#1012628).
- mptcp: pm: fix RM_ADDR ID for the initial subflow (bsc#1012628).
- mptcp: pm: do not remove already closed subflows (bsc#1012628).
- mptcp: pm: fix ID 0 endp usage after multiple re-creations
  (bsc#1012628).
- mptcp: avoid duplicated SUB_CLOSED events (bsc#1012628).
- mptcp: pm: ADD_ADDR 0 is not a new address (bsc#1012628).
- selftests: mptcp: join: cannot rm sf if closed (bsc#1012628).
- selftests: mptcp: join: check removing ID 0 endpoint
  (bsc#1012628).
- selftests: mptcp: join: no extra msg if no counter
  (bsc#1012628).
- selftests: mptcp: join: check re-re-adding ID 0 endp
  (bsc#1012628).
- binfmt_elf_fdpic: fix AUXV size calculation when ELF_HWCAP2
  is defined (bsc#1012628).
- drm/v3d: Disable preemption while updating GPU stats
  (bsc#1012628).
- drm/i915/dsi: Make Lenovo Yoga Tab 3 X90F DMI match less strict
  (bsc#1012628).
- drm/i915/dp_mst: Fix MST state after a sink reset (bsc#1012628).
- drm/amdgpu: align pp_power_profile_mode with kernel docs
  (bsc#1012628).
- drm/amdgpu/swsmu: always force a state reprogram on init
  (bsc#1012628).
- drm/vmwgfx: Prevent unmapping active read buffers (bsc#1012628).
- drm/vmwgfx: Fix prime with external buffers (bsc#1012628).
- video/aperture: optionally match the device in sysfb_disable()
  (bsc#1012628).
- drm/xe: Prepare display for D3Cold (bsc#1012628).
- drm/xe/display: Make display suspend/resume work on discrete
  (bsc#1012628).
- drm/xe/vm: Simplify if condition (bsc#1012628).
- drm/xe/exec_queue: Rename xe_exec_queue::compute to
  xe_exec_queue::lr (bsc#1012628).
- drm/xe: prevent UAF around preempt fence (bsc#1012628).
- drm/amdgpu: Do not wait for MP0_C2PMSG_33 IFWI init in SRIOV
  (bsc#1012628).
- drm/amdgpu: fix eGPU hotplug regression (bsc#1012628).
- pinctrl: qcom: x1e80100: Update PDC hwirq map (bsc#1012628).
- ASoC: SOF: amd: move iram-dram fence register programming
  sequence (bsc#1012628).
- ASoC: SOF: amd: Fix for incorrect acp error register offsets
  (bsc#1012628).
- ASoC: amd: acp: fix module autoloading (bsc#1012628).
- ASoC: SOF: amd: Fix for acp init sequence (bsc#1012628).
- ALSA: hda: cs35l56: Don't use the device index as a calibration
  index (bsc#1012628).
- ASoC: cs-amp-lib-test: Force test calibration blob entries to
  be valid (bsc#1012628).
- ASoC: cs-amp-lib: Ignore empty UEFI calibration entries
  (bsc#1012628).
- backing-file: convert to using fops->splice_write (bsc#1012628).
- pinctrl: mediatek: common-v2: Fix broken bias-disable for
  PULL_PU_PD_RSEL_TYPE (bsc#1012628).
- pinctrl: qcom: x1e80100: Fix special pin offsets (bsc#1012628).
- pinctrl: starfive: jh7110: Correct the level trigger
  configuration of iev register (bsc#1012628).
- nfsd: prevent panic for nfsv4.0 closed files in nfs4_show_open
  (bsc#1012628).
- mm: Fix missing folio invalidation calls during truncation
    ... changelog too long, skipping 178 lines ...
- commit 64dc967

==== kwalletmanager ====

- Add upstream fix (kde#492138):
  * 0001-Fix-service-file-name.patch

==== libXi ====
Version update (1.8.1 -> 1.8.2)

- Update to version 1.8.2
  * This release includes fixes for malloc failures and a double
    alignment issue on some machines. XFreeDeviceInfo can now be
    called with NULL and XGetFeedbackControl is more robust in
    the face of a malicious X server sending random data. Plus a
    typo fix in the man page.

==== libjxl ====

- Update libjxl.spec:
  Add compiler condition to fix SLE-15-SP7 ppc64le build env.
  (bsc#1229831)

==== libqt5-qtbase ====
Version update (5.15.14+kde143 -> 5.15.15+kde127)
Subpackages: libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5

- Update to version 5.15.15+kde127, rebased upstream:
  * Add LGPL header to qcalendar.cpp
  * Move some flaky text tests into Lancelot
  * Update Harfbuzz to 7.2.0
  * doc: Make docs for ElideNone a bit more precise
  * tst_QImageReader: fix missing checks for "newly"-added ImageOptions
  * tst_QMainWindow: for UB (use of reserved names)
  * Update bundled libjpeg-turbo to version 3.0.0
  * Update to Freetype 2.13.1
  * [docs] Link from QtConcurent::run() to QThreadPool::start(Callable&&)
  * Docs: State that OpenSSL3 is available from 5.15.1
  * Simplify (and fix) initialization of a list of time-zones
  * ODBC/MySQL: fix compilation with MySQL < 5.7.9
  * SQLite: Update SQLite to v3.42.0
  * tst_QHostInfo: fix mem-leaks in threadSafetyAsynchronousAPI()
  * tst_QSortFilterProxyModel: fix mem-leaks II: sortStable()
  * tst_QNetworkDiskCache: fix mem-leak
  * tst_QAbstractItemModelTester: fix mem-leak
  * tst_QSortFilterProxyModel: fix mem-leaks
  * Fix screens not always updating if order changes
  * Update the list of CLDR-based files
  * Return TZ time-zone backend's tranCache() as a const reference
  * tst_QTcpSocket: fix mem-leak
  * tst_QNetworkCookieJar: fix memleak
  * tst_QParallelAnimationGroup: fix memleak
  * tst_QXmlStream::tokenErrorHandling() - register test directory in CMake
  * Fix transparency in 16 bit and 24 bit ico files
  * QVariant: always compare floating point with double precision
  * Doc: Document QMAKE_APPLE_DEVICE_ARCHS
  * Update bundled libpng to version 1.6.40
  * fbconvenience: use smart pointer for QFbCursor
  * Doc: Clarify that the rich text engine has limited support for HTML tags
  * autotest: Blacklist tst_QTableView::columnViewportPosition for winrt
  * autotest: Blacklist QTimeLine::interpolation for winrt
  * QFuture: mention the work-stealing algorithm in the docs
  * QtDoc Global: Add macros for Qt Design Studio in qtdoc
  * Fix specific overflow in qtextlayout
  * Remove QEglFSCursor's inheritance of QOpenGLFunctions
  * tst_QPixmapCache: QVERIFY a failed replace()
  * tst_QPixmapCache: check insert() reports failure
  * QPixmapCache: add a comment on how failed insert() invalidates cacheKey
  * tst_QPixmapCache: rewrite QVERIFY(x != 0) to QVERIFY(x)
  * QVariant: remove outdated docs about reimplementing clear()
  * Bump version to 5.15.15
  * Update The-Qt-Company-Commercial
  * Fix crash on QLocale::monthName().simplified()
  * Android: fix QDir::entryInfoList() with content URIs
  * Android: fix content url handling of filenames with spaces
- Commits dropped by the rebase:
  * tst_QXmlStream: remove unneeded _ba UDLs
  * Fix specific overflow in qtextlayout (CVE-2023-32763)

==== libqt5-qtdeclarative ====
Version update (5.15.14+kde28 -> 5.15.15+kde25)

- Update to version 5.15.15+kde25, rebased upstream:
  * QV4::ArrayData: Fix offset calculation for sort()
  * Fix pointer delivery to child items of items with clip:true
  * doc: Remove Calendar Example link
  * PointerHandler: cancel all grabs when item changes scene
  * qintrusivelvist_p.h: Silence nullpointer subtraction warning
  * Doc: Fix mislabelled diagram for Context2D.arc()
  * Bump version to 5.15.15

==== libqt5-qtgraphicaleffects ====
Version update (5.15.14+kde0 -> 5.15.15+kde0)

- Update to version 5.15.15+kde0, rebased upstream:
  * Bump version to 5.15.15

==== libqt5-qtimageformats ====
Version update (5.15.14+kde7 -> 5.15.15+kde4)

- Update to version 5.15.15+kde4, rebased upstream:
  * Bump version to 5.15.15

==== libqt5-qtmultimedia ====
Version update (5.15.14+kde2 -> 5.15.15+kde2)

- Update to version 5.15.15+kde2, rebased upstream:
  * Bump version to 5.15.15
  * Blacklist tst_qmediaplayerbackend::playlistobjects on openSUSE 15.4
  * Blacklist tst_QAudioDeviceInfo::codecs on openSUSE 15.4

==== libqt5-qtquickcontrols ====
Version update (5.15.14+kde0 -> 5.15.15+kde0)

- Update to version 5.15.15+kde0, rebased upstream:
  * Bump version to 5.15.15

==== libqt5-qtquickcontrols2 ====
Version update (5.15.14+kde5 -> 5.15.15+kde5)
Subpackages: libQt5QuickControls2-5 libQt5QuickTemplates2-5

- Update to version 5.15.15+kde5, rebased upstream:
  * Bump version to 5.15.15
  * RangeSlider: Don't update position only if mouse/touch is grabbed

==== libqt5-qtspeech ====
Version update (5.15.14+kde1 -> 5.15.15+kde1)

- Update to version 5.15.15+kde1, rebased upstream:
  * Bump version to 5.15.15

==== libqt5-qtsvg ====
Version update (5.15.14+kde5 -> 5.15.15+kde5)

- Update to version 5.15.15+kde5, rebased upstream:
  * Bump version to 5.15.15

==== libqt5-qtwayland ====
Version update (5.15.14+kde57 -> 5.15.15+kde59)
Subpackages: libQt5WaylandClient5 libQt5WaylandCompositor5

- Update to version 5.15.15+kde59, rebased upstream:
  * Revert "Client: Send release button event on pointer leave"
  * Fix race condition in drag and drop
  * client: don't cache one type in QWaylandMimeData
  * DefaultCompositor: use explcit lambda captures
  * Fix C++20 deprecated capture of *this in [=]
  * compositor: Unbind display on close in linux-dmabuf and eglstream
  * Client: Send release button event on pointer leave
  * Bump version to 5.15.15

==== libqt5-qtx11extras ====
Version update (5.15.14+kde0 -> 5.15.15+kde0)

- Update to version 5.15.15+kde0, rebased upstream:
  * Bump version to 5.15.15

==== libwebp ====
Version update (1.3.2 -> 1.4.0)
Subpackages: libsharpyuv0 libwebp7 libwebpdemux2 libwebpmux3

- Update to 1.4.0 & fix libwebp.changes header from previous commit:
  * further security related hardening in libwebp & examples
  * some minor optimizations in the lossless encoder
  * added WEBP_NODISCARD to report unused result warnings; enable with
  - DWEBP_ENABLE_NODISCARD=1
  * improvements and corrections in webp-container-spec.txt and
    webp-lossless-bitstream-spec.txt (#611)
  * miscellaneous warning, bug & build fixes
- Remove 0001-Fix-invalid-incremental-decoding-check.patch

==== libzypp ====
Version update (17.35.9 -> 17.35.10)

- API refactoring. Prevent zypper from using now private libzypp
  symbols (bsc#1230267)
- Conflicts: zypper <= 1.14.76
- version 17.35.10 (35)

==== llvm18 ====

- Enable zstd compression support again.

==== mozilla-nss ====
Version update (3.102.1 -> 3.103)
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs

- update to NSS 3.103
  * bmo#1908623 - move list size check after lock acquisition in sftk_PutObjectToList.
  * bmo#1899542: Add fuzzing support for SSL_ENABLE_POST_HANDSHAKE_AUTH,
  * bmo#1909638 - Follow-up to fix test for presence of file nspr.patch.
  * bmo#1903783: Adjust libFuzzer size limits
  * bmo#1899542: Add fuzzing support for SSL_SetCertificateCompressionAlgorithm, SSL_SetClientEchConfigs, SSL_VersionRangeSet and SSL_AddExternalPsk
  * bmo#1899542: Add fuzzing support for SSL_ENABLE_GREASE and SSL_ENABLE_CH_EXTENSION_PERMUTATION
- Add nss-reproducible-builds.patch to make the rpms reproducible,
  by using a hardcoded, static key to generate the checksums (*.chk-files)
- Updated nss-fips-approved-crypto-non-ec.patch to enforce
  approved curves with the CKK_EC_MONTGOMERY key type (bsc#1224113).

==== openssl-3 ====
Subpackages: libopenssl3

- Security fix: [bsc#1229465, CVE-2024-6119]
  * possible denial of service in X.509 name checks
  * openssl-CVE-2024-6119.patch

==== osinfo-db ====

- Add support for openSUSE Leap 15.7 (jsc#PED-8910)
  add-opensuse-leap-15.7-support.patch
- Add support for SLE-15-SP7 (jsc#PED-8910) (bsc#1230160)
  add-sle15sp7-support.patch

==== pam-config ====
Version update (2.11+git.20240620 -> 2.11+git.20240906)

- Update to version 2.11+git.20240906:
  * Move pam_limits before pam_systemd

==== power-profiles-daemon ====
Version update (0.21 -> 0.22)

- Update to version 0.22:
  * power-profiles-daemon is now battery-level aware:
    some drivers use this value for better optimizations
  * AMD p-state improvements:
    + supports core performance boost when not in power-saver mode
    + uses minimum frequency to lowest non-linear frequency
    + more impervious to faulty firmware and kernel bugs
  * support for changing DPM clocks on amdgpu:
    explicitly set the DPM clocks down to "low" when in
    power-saver mode
  * powerprofilesctl can disable logind and upower integration
  * fix handling of turbo_pct, now assumed as not present
    by default
  * power-profiles-daemon.service further lockdown restrictions
  * start power-profiles-daemon.service after
    multi-user.target AND display-manager.target
    to avoid conflicts with module loading

==== procps ====
Subpackages: libproc2-0

- procps-ng-4.0.4-idletime-no-tty.patch: don't print idle time without tty
- procps-ng-4.0.4-w-array-bounds.patch: fix array bounds violation

==== rsync ====

- rsync-gcc14.patch: fixed the ipv6 configure check (bsc#1230156)

==== selinux-policy ====
Subpackages: selinux-policy-targeted

- Fix macros.selinux-policy (bsc#1229132)
  - %selinux_modules_install and %selinux_modules_uninstall will
    now only execute load_policy if $TRANSACTIONAL_UPDATE is not set
    (aka only if they are not in a transactional system)
  - $TRANSACTIONAL_UPDATE is set here:
    https://github.com/openSUSE/transactional-update/blob/bd524d3ddfcd9aeebb7b90d3e0e8eed09b796a86/lib/Transaction.cpp#L428

==== timezone ====

- Split tzselect script into a subpackage to prevent awk getting into minimal
  containers and recommend tzselect by the main package
  Fixes bsc#1230054

==== u-boot-rpiarm64 ====
Subpackages: u-boot-rpiarm64-doc

- Install u-boot-dtb.bin for milkvduo flavor

==== vim ====
Version update (9.1.0636 -> 9.1.0718)
Subpackages: vim-data-common vim-small

- Update to 9.1.0718:
  * v9.1.0718: hard to know the users personal Vim Runtime Directory
  * v9.1.0717: Unnecessary nextcmd NULL checks in parse_command_modifiers()
    Maintainers: fix typo in author name
  * v9.1.0716: resetting setcellwidth( doesn't update the screen
    runtime(hcl,terraform): Add runtime files for HCL and Terraform
    runtime(tmux): Update syntax script
  * v9.1.0715: Not correctly parsing color names (after v9.1.0709)
  * v9.1.0714: GuiEnter_Turkish test may fail
  * v9.1.0713: Newline causes E749 in Ex mode
  * v9.1.0712: missing dependency of Test_gettext_makefile
  * v9.1.0711: test_xxd may file when using different xxd
  * v9.1.0710: popup window may hide part of Command line
    runtime(vim): Update syntax, improve user-command matching
  * v9.1.0709: GUIEnter event not found in Turkish locale
    runtime(sudoers): improve recognized Runas_Spec and Tag_Spec items
  * v9.1.0708: Recursive window update does not account for reset skipcol
    runtime(nu): include filetype plugin
  * v9.1.0707: invalid cursor position may cause a crash
  * v9.1.0706: test_gettext fails when using shadow dir
    CI: Install locales-all package
  * v9.1.0705: Sorting of fuzzy filename completion is not stable
    translation(pt): update Portuguese/Brazilian menu translation
    runtime(vim): Update base-syntax, match bracket mark ranges
    runtime(doc): Update :help :command-complete list
  * v9.1.0704: inserting with a count is inefficient
    runtime(doc): use mkdir -p to save a command
  * v9.1.0703: crash with 2byte encoding and glob2regpat()
    runtime(hollywood): update syn highlight for If-Then statements
    and For-In-Loops
  * v9.1.0702: Patch 9.1.0700 broke CI
  * v9.1.0701: crash with NFA regex engine when searching for
    composing chars
  * v9.1.0700: crash with 2byte encoding and glob2regpat()
  * v9.1.0699: "dvgo" is not always an inclusive motion
    runtime(java): Provide support for syntax preview features
  * v9.1.0698: "Untitled" file not removed when running Test_crash1_3
    alone
  * v9.1.0697: heap-buffer-overflow in ins_typebuf
  * v9.1.0696: installing runtime files fails when using SHADOWDIR
    runtime(doc): fix typo
  * v9.1.0695: test_crash leaves Untitled file around
    translation(br): Update Brazilian translation
    translation(pt): Update menu_pt_br
  * v9.1.0694: matchparen is slow on a long line
  * v9.1.0693: Configure doesn't show result when not using python3
    stable abi
  * v9.1.0692: Wrong patlen value in ex_substitute()
  * v9.1.0691: stable-abi may cause segfault on Python 3.11
    runtime(vim): Update base-syntax, match :loadkeymap after colon and bar
    runtime(mane): Improve <Plug>ManBS mapping
  * v9.1.0690: cannot set special highlight kind in popupmenu
    translation(pt): Revert and fix wrong Portuguese menu translation
    files
    translation(pt): revert Portuguese menu translation
    translation(br): Update Brazilian translations
    runtime(vim): Update base-syntax, improve :let-heredoc highlighting
  * v9.1.0689: buffer-overflow in do_search( with 'rightleft'
    runtime(vim): Improve heredoc handling for all embedded scripts
  * v9.1.0688: dereferences NULL pointer in check_type_is_value()
  * v9.1.0687: Makefile may not install desktop files
    runtime(man): Fix <Plug>ManBS
    runtime(java): Make the bundled &foldtext function optional
    runtime(netrw): Change line on `mx` if command output exists
    runtime(netrw): Fix `mf`-selected entry highlighting
    runtime(htmlangular): add html syntax highlighting
    translation(it): Fix filemode of Italian manpages
    runtime(doc): Update outdated man.vim plugin information
    runtime(zip): simplify condition to detect MS-Windows
  * v9.1.0686: zip-plugin has problems with special characters
    runtime(pandoc): escape quotes in &errorformat for pandoc
    translation(it): updated Italian manpage
  * v9.1.0685: too many strlen( calls in usercmd.c
    runtime(doc): fix grammar in :h :keeppatterns
    runtime(pandoc): refine pandoc compiler settings
  * v9.1.0684: completion is inserted on Enter with "noselect"
    translation(ru): update man pages
  * v9.1.0683: mode( returns wrong value with <Cmd> mapping
    runtime(doc): remove trailing whitespace in cmdline.txt
  * v9.1.0682: Segfault with uninitialized funcref
  * v9.1.0681: Analyzing failed screendumps is hard
    runtime(doc): more clarification for the :keeppatterns needed
  * v9.1.0680: VMS does not have defined uintptr_t
    runtime(doc): improve typedchar documentation for KeyInputPre autocmd
    runtime(dist): verify that executable is in $PATH
    translation(it): update Italian manpages
    runtime(doc): clarify the effect of :keeppatterns after * v9.1.0677
    runtime(doc): update Makefile and make it portable between GNU and BSD
  * v9.1.0679: Rename from w_closing to w_locked is incomplete
    runtime(colors): update colorschemes
    runtime(vim): Update base-syntax, improve :let-heredoc highlighting
    runtime(doc): Updating the examples in the xxd manpage
    translation(ru): Updated uganda.rux
    runtime(yaml): do not re-indent when commenting out lines
  * v9.1.0678: use-after-free in alist_add()
  * v9.1.0677 :keepp does not retain the substitute pattern
    translation(ja): Update Japanese translations to latest release
    runtime(netrw): Drop committed trace lines
    runtime(netrw): Error popup not always used
    ... changelog too long, skipping 97 lines ...
  - add support for "all" and "userns" rules, and new profile flags

==== xfsprogs ====
Version update (6.9.0 -> 6.10.1)

- update to 6.10.1
  - fix C++ compilation errors in xfs_fs.h
  - ------------------------------------------------------------------
- update to 6.10.0
  - debian: enable xfs_scrub_all systemd timer services by default
  - mkfs: set autofsck filesystem property
  - xfs_scrub: use the autofsck fsproperty to select mode
  - xfs_scrub: allow sysadmin to control background scrubs
  - xfs_property: add a new tool to administer fs properties
  - xfs_db: add a command to list xattrs
  - xfs_db: improve getting and setting extended attributes
  - xfs_io: edit filesystem properties
  - xfs_scrub: defer phase5 file scans if dirloop fails
  - xfs_repair: wipe ondisk parent pointers when there are none
  - xfs_scrub: detect and repair directory tree corruptions
  - xfs_repair: update ondisk parent pointer records
  - xfs_spaceman: report directory tree corruption in the health information
  - xfsprogs: support vectored scrub
  - man: document vectored scrub mode
  - man2: update ioctl_xfs_scrub_metadata.2 for parent pointers
  - mkfs: enable formatting with parent pointers
  - mkfs: Add parent pointers during protofile creation
  - xfs_repair: check parent pointers
  - xfs_db: compute hashes of parent pointers
  - xfs_db: add link and unlink expert commands
  - xfs_repair: build a parent pointer index
  - xfs_db: add a parents command to list the parents of a file
  - xfs_db: obfuscate dirent and parent pointer names consistently
  - xfs_db: report parent pointers embedded in xattrs
  - xfs_db: report parent bit on xattrs
  - xfs_db: report parent pointers in version command
  - xfs_scrub: use parent pointers to report lost file data
  - xfs_scrub: use parent pointers when possible to report file operations
  - xfs_logprint: decode parent pointers in ATTRI items fully
  - xfs_io: Add i, n and f flags to parent command
  - xfs_io: adapt parent command to new parent pointer ioctls
  - libfrog: report parent pointers to userspace
  - libfrog: add parent pointer support code
  - man: document the XFS_IOC_GETPARENTS ioctl
  - xfs_logprint: dump new attr log item fields
  - xfs_scrub_all: failure reporting for the xfs_scrub_all job
  - xfs_repair: check free space requirements before allowing upgrades
  - xfs_scrub_all: convert systemctl calls to dbus
  - xfs_scrub_all: trigger automatic media scans once per month
  - xfs_scrub: add an optimization-only mode
  - xfs_scrub_all: add CLI option for easier debugging
  - xfs_scrub_all: enable periodic file data scrubs automatically
  - xfs_scrub: automatic downgrades to dry-run mode in service mode
  - xfs_scrub_all: support metadata+media scans of all filesystems
  - xfs_scrub_all: fail fast on masked units
  - xfs_scrub_all: remove journalctl background process
  - xfs_scrub_all: only use the xfs_scrub@ systemd services in service mode
  - xfs_scrub: tune fstrim minlen parameter based on free space histograms
  - xfs_scrub: improve responsiveness while trimming the filesystem
  - xfs_scrub: tighten up the security on the background systemd service
  - xfs_scrub: don't call FITRIM after runtime errors
  - xfs_scrub: use dynamic users when running as a systemd service
  - xfs_scrub: report FITRIM errors properly
  - xfs_scrub.service: reduce background CPU usage to less than one core if possible
  - xfs_scrub: don't close stdout when closing the progress bar
  - xfs_scrub: fix the work estimation for phase 8
  - libfrog: print cdf of free space buckets
  - libfrog: print wider columns for free space histogram
  - xfs_scrub: ignore phase 8 if the user disabled fstrim
  - xfs_scrub: move FITRIM to phase 8
  - xfs_scrub: improve thread scheduling repair items during phase 4
  - xfs_scrub: avoid potential UAF after freeing a duplicate name entry
  - xfs_scrub: enable users to bump information messages to warnings
  - xfs_scrub: retry incomplete repairs
  - xfs_scrub: warn about difficult repairs to rt and quota metadata
  - xfs_scrub: any inconsistency in metadata should trigger difficulty warnings
  - mkfs: add a formatting option for exchange-range
  - xfs_repair: add exchange-range to file systems
  - xfs_scrub: fix missing scrub coverage for broken inodes
  - xfs_scrub: log when a repair was unnecessary
  - libfrog: advertise exchange-range support
  - xfs_io: create exchangerange command to test file range exchange ioctl
  - xfs_fsr: skip the xattr/forkoff levering with the newer swapext implementations
  - xfs_fsr: convert to bulkstat v5 ioctls
  - xfs_logprint: support dumping exchmaps log items
  - xfs_db: advertise exchange-range in the version command
  - libfrog: add support for exchange range ioctl family
  - libhandle: add support for bulkstat v5
  - man: document XFS_FSOP_GEOM_FLAGS_EXCHRANGE
  - man: document the exchange-range ioctl
  - xfs_repair: don't crash on -vv
  - xfsprogs: Remove support for split-/usr installs
  - libxfs: kernel sync
  - ------------------------------------------------------------------

==== xxhash ====

- Add inline.patch to resolve FTBFS on gcc-14 + -Og.

==== zxing-cpp ====
Version update (2.1.0 -> 2.2.1)

- Update to 2.2.1. Changes:
  * Fix ABI breakage from 2.2.0.
- Changes from 2.2.0:
  * Rename DecodeHints to ReaderOptions. The old name is still available for
    backward API compatibility but deprecated. Since the C-API and the Qt
    wrapper code are not officially part of the library, they changed without
    backward compatibility.
  * WASM: bytes in ReadResult.
  * DataMatrix: use charset for encoding.
  * QRCode: Support QR Code Model1.
  * rMQR Code: Support Rectangular Micro QR Code.
- Refresh patch:
  * cmake.patch

==== zypper ====
Version update (1.14.76 -> 1.14.77)
Subpackages: zypper-needs-restarting

- API refactoring. Prevent zypper from using now private libzypp
  symbols (bsc#1230267)
- BuildRequires:  libzypp-devel >= 17.35.10.
- Fix wrong numbers used in CommitSummary skipped/failed messages.
- version 1.14.77