Packages changed:
  bolt (0.9.7 -> 0.9.8)
  gdk-pixbuf (2.42.11 -> 2.42.12)
  git (2.45.0 -> 2.45.1)
  glib2 (2.80.0 -> 2.80.2)
  grub2
  hwdata (0.380 -> 0.382)
  iproute2 (6.8 -> 6.9)
  libbpf (1.4.1 -> 1.4.2)
  libmodulemd
  libressl (3.9.1 -> 3.9.2)
  libxml2 (2.12.6 -> 2.12.7)
  libxml2-python (2.12.6 -> 2.12.7)
  makedumpfile (1.7.4 -> 1.7.5)
  mozilla-nss (3.99 -> 3.100)
  openSUSE-release (20240515 -> 20240516)
  ovmf (202308 -> 202311)
  patterns-base
  perl-Crypt-OpenSSL-Random (0.15 -> 0.160.0)
  perl-GD (2.78 -> 2.810.0)
  perl-Net-DNS (1.420.0 -> 1.450.0)
  perl-URI (5.270.0 -> 5.280.0)
  pipewire
  powerdevil6
  python-pyudev (0.24.1 -> 0.24.3)
  python-zope.interface (6.2 -> 6.3)
  sdbootutil (1+git20240506.573a6a4 -> 1+git20240514.56dc89c)
  soundtouch (2.3.2 -> 2.3.3)
  strace (6.8 -> 6.9)
  wicked
  xwayland (23.2.6 -> 24.1.0)

=== Details ===

==== bolt ====
Version update (0.9.7 -> 0.9.8)

- update to 0.9.8:
  * A new NHI for REMBRANDT.
  * CI fixes.
  * Don't install an empty DB directory.
  * Fixed: Determine the string length before writing file.
  * Fixed: Free on error to prevent resource leak.

==== gdk-pixbuf ====
Version update (2.42.11 -> 2.42.12)
Subpackages: gdk-pixbuf-lang gdk-pixbuf-query-loaders gdk-pixbuf-thumbnailer libgdk_pixbuf-2_0-0 typelib-1_0-GdkPixbuf-2_0

- Update to version 2.42.12:
  + Fix a build failure,
  + Fix occasional build failures,
  + ani: Reject files with multiple INA or IART chunks,
  + ani: Reject files with multiple anih chunks (CVE-2022-48622),
  + ani: validate chunk size,
  + Updated translations.
- Drop 238893d8cd6f9c2616a05ab521a29651a17a38c2.patch: fixed
  upstream.

==== git ====
Version update (2.45.0 -> 2.45.1)
Subpackages: git-core git-email git-svn git-web perl-Git

- update to 2.45.1:
  * CVE-2024-32002: recursive clones on case-insensitive
  filesystems that support symbolic links are susceptible to case
  confusion (boo#1224168)
  * CVE-2024-32004: arbitrary code execution during local clones
  (boo#1224170)
  * CVE-2024-32020: file overwriting vulnerability during local
  clones (boo#1224171)
  * CVE-2024-32021: git may create hardlinks to arbitrary user-
  readable files (boo#1224172)
  * CVE-2024-32465: arbitrary code execution during clone operations
  (boo#1224173)

==== glib2 ====
Version update (2.80.0 -> 2.80.2)
Subpackages: glib2-lang glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 libgthread-2_0-0 typelib-1_0-GLib-2_0 typelib-1_0-GModule-2_0 typelib-1_0-GObject-2_0 typelib-1_0-Gio-2_0

- Update to version 2.80.2:
  + Fix a regression with IBus caused by the fix for
    CVE-2024-34397.
  + Fix installation directory of the GVariant specification.
  + Bugs fixed:
  - GVariant specification installed in wrong directory.
  - Backport "gdbusconnection: Fix test signal subscription
    ordering" to glib-2-80.
  - Backport “Correct installation directory of GVariant
    specification” to glib-2-80.
  - Backport “gdbusconnection: Allow name owners to have the
    syntax of a well-known name” to glib-2-80.
- Changes from version 2.80.1
  + Fix CVE-2024-34397: GDBus signal subscriptions for well-known
    names are vulnerable to unicast spoofing.
  + Updated translations.

==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-xen

- Update to the latest upstreaming TPM2 patches
  * 0001-key_protector-Add-key-protectors-framework.patch
  - Replace 0001-protectors-Add-key-protectors-framework.patch
  * 0002-tpm2-Add-TPM-Software-Stack-TSS.patch
  - Merge other TSS patches
  * 0001-tpm2-Add-TPM2-types-structures-and-command-constants.patch
  * 0002-tpm2-Add-more-marshal-unmarshal-functions.patch
  * 0003-tpm2-Implement-more-TPM2-commands.patch
  * 0003-key_protector-Add-TPM2-Key-Protector.patch
  - Replace 0003-protectors-Add-TPM2-Key-Protector.patch
  * 0004-cryptodisk-Support-key-protectors.patch
  * 0005-util-grub-protect-Add-new-tool.patch
  * 0001-tpm2-Support-authorized-policy.patch
  - Replace 0004-tpm2-Support-authorized-policy.patch
  * 0001-tpm2-Add-extra-RSA-SRK-types.patch
  * 0001-tpm2-Implement-NV-index.patch
  - Replace 0001-protectors-Implement-NV-index.patch
  * 0002-cryptodisk-Fallback-to-passphrase.patch
  * 0003-cryptodisk-wipe-out-the-cached-keys-from-protectors.patch
  * 0004-diskfilter-look-up-cryptodisk-devices-first.patch
- Refresh affected patches
  * 0001-Improve-TPM-key-protection-on-boot-interruptions.patch
  * grub2-bsc1220338-key_protector-implement-the-blocklist.patch
- New manpage for grub2-protect
- Fix error in /etc/grub.d/20_linux_xen: file_is_not_sym not found, renamed to
  file_is_not_xen_garbage (bsc#1224226)
  * grub2-fix-menu-in-xen-host-server.patch

==== hwdata ====
Version update (0.380 -> 0.382)

- update to 0.382:
  * Update pci, usb and vendor ids

==== iproute2 ====
Version update (6.8 -> 6.9)
Subpackages: iproute2-bash-completion

- Update to release 6.9
  * ss: add option to suppress queue columns
  * m_mirred: allow mirred to block
  * tc: add NLM_F_ECHO support for actions and filters
  * ip/bond: add coupled_control support
  * ss: add support for BPF socket-local storage
  * ip: ioam6: add monitor command

==== libbpf ====
Version update (1.4.1 -> 1.4.2)

- update to 1.4.2:
  * Another struct_ops-focused bug fix release. It addresses a few more corner
    cases when dealing with SEC("struct_ops") programs.
  * It also improves error messaging around common use case of declaring
    struct_ops BPF program and not referencing it from SEC(".struct_ops")
    variable (backed by struct_ops BPF map).
  * This release should improve overall experience of using BPF struct_ops
    functionality.

==== libmodulemd ====

- Add glib-2.80.2-glibdoc-path.patch: Fix GLib documentation path
  for GLib 2.80.2
  (https://github.com/fedora-modularity/libmodulemd/pull/618).

==== libressl ====
Version update (3.9.1 -> 3.9.2)

- Update to release 3.9.2
  * A missing bounds check could lead to a crash due to
    dereferencing a zero-sized allocation.

==== libxml2 ====
Version update (2.12.6 -> 2.12.7)
Subpackages: libxml2-2 libxml2-tools

- Update to version 2.12.7:
  + Fix buffer overread with `xmllint --htmlout` (CVE-2024-34459).
  + xmllint: Fix --pedantic option.
  + save: Handle invalid parent pointers in xhtmlNodeDumpOutput.

==== libxml2-python ====
Version update (2.12.6 -> 2.12.7)

- Update to version 2.12.7:
  + Fix buffer overread with `xmllint --htmlout` (CVE-2024-34459).
  + xmllint: Fix --pedantic option.
  + save: Handle invalid parent pointers in xhtmlNodeDumpOutput.

==== makedumpfile ====
Version update (1.7.4 -> 1.7.5)

- Update to 1.7.5:
  * Support for kernels up to v6.8 (x86_64)
  * Support for printk caller_id by --dump-dmesg option
  * [PATCH] ppc64: get vmalloc start address from vmcoreinfo
  * [PATCH] ppc64: read cur_mmu_type from vmcoreinfo
  * [PATCH] add PRINTK_CALLER id support to --dump-dmesg option
  * [PATCH v2 2/2] s390x: uncouple virtual and physical address spaces
  * [PATCH 1/2] s390x: fix virtual vs physical address confusion
  Regenerated the content of the makedumpfile-ppc64-VA-range-SUSE.patch
  file based on version 1.7.5 of the code

==== mozilla-nss ====
Version update (3.99 -> 3.100)
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs mozilla-nss-sysinit mozilla-nss-tools

- update to NSS 3.100
  - bmo#1893029 - merge pk11_kyberSlotList into pk11_ecSlotList for
    faster Xyber operations.
  - bmo#1893752 - remove ckcapi.
  - bmo#1893162 - avoid a potential PK11GenericObject memory leak.
  - bmo#671060  - Remove incomplete ESDH code.
  - bmo#215997  - Decrypt RSA OAEP encrypted messages.
  - bmo#1887996 - Fix certutil CRLDP URI code.
  - bmo#1890069 - Don't set CKA_DERIVE for CKK_EC_EDWARDS private keys.
  - bmo#676118  - Add ability to encrypt and decrypt CMS messages using ECDH.
  - bmo#676100  - Correct Templates for key agreement in smime/cmsasn.c.
  - bmo#1548723 - Moving the decodedCert allocation to NSS.
  - bmo#1885404 - Allow developers to speed up repeated local execution
    of NSS tests that depend on certificates.

==== openSUSE-release ====
Version update (20240515 -> 20240516)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd

- automatically generated by openSUSE-release-tools/pkglistgen

==== ovmf ====
Version update (202308 -> 202311)
Subpackages: qemu-ovmf-x86_64

- Removed ovmf-UefiCpuPkg-BaseXApicX2ApicLib-fix-CPUID_V2_EXTENDED_.patch
  file which is merged to edk2-stable202311:
  - 170d4ce8e90a UefiCpuPkg/BaseXApicX2ApicLib: fix CPUID_V2_EXTENDED_TOPOLOGY detection

==== patterns-base ====
Subpackages: patterns-base-apparmor patterns-base-base patterns-base-basesystem patterns-base-basic_desktop patterns-base-console patterns-base-enhanced_base patterns-base-minimal_base patterns-base-selinux patterns-base-sw_management patterns-base-transactional_base patterns-base-x11 patterns-base-x11_enhanced

- add procps into the base pattern as recommended together
  with zypper (which dropped the dependency)

==== perl-Crypt-OpenSSL-Random ====
Version update (0.15 -> 0.160.0)

- updated to 0.16
  see /usr/share/doc/packages/perl-Crypt-OpenSSL-Random/Changes
  0.16  2024-04-13 rurban
  - add github actions, travis and appveyor.
  - Many patches by Takumi Akiyama.
  - Fix broken github image for strawberry perl
    by stripping its PATH. their new mingw is incompatible to their
    old strawberry 5.32
  - minor documentation fixes.

==== perl-GD ====
Version update (2.78 -> 2.810.0)

- updated to 2.81
  see /usr/share/doc/packages/perl-GD/ChangeLog
  2.81    * Change GD::Polygon::transform to match old demos (RT #140043),
    and GD::Polyline.
    Add GD::Polygon::rotate(cw-radian) helper.
    Allow GD::Polygon::scale(2.0).
  2.80    * Fix broken copyTranspose and copyReverseTranspose (RT #153300)
    by Yuriy Yevtukhov.
  * Add transformation tests
  * Fix wrong WBMP name and detection
  * Fix wrong filename extension auto-detection for gd,gd2,wbmp
  * Fix wrong filename extension auto-detection for xpm,
    newFromXpm needs the filename, not handle.
  * Fix wrong libgd doc link (PR #52) by Tsuyoshi Watanabe
  2.79    * Improve image type autodetection (RT #153212), add a test
  * Fix Avif without Heif config
  * Improve gdlib.pc reader for supported library features

==== perl-Net-DNS ====
Version update (1.420.0 -> 1.450.0)

- updated to 1.45
  see /usr/share/doc/packages/perl-Net-DNS/Changes

==== perl-URI ====
Version update (5.270.0 -> 5.280.0)

- updated to 5.28
  see /usr/share/doc/packages/perl-URI/Changes
  5.28      2024-03-27 01:49:44Z
  - Using Scalar::Util::reftype instead of just ref(), but mindful this time
    about definedness to avoid warnings (GH#140) (Jacques Deguest)

==== pipewire ====
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-lang pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools

- Move modules jack-tunnel and jackdbus-detect to the
  pipewire-spa-plugins-0_2-jack since those modules should only
  be used when the real jack server is running. This fixes pipewire
  starting jackdbus on start.

==== powerdevil6 ====
Subpackages: powerdevil6-lang

- Recommend ddcutil-i2c-udev-rules (boo#1224197)

==== python-pyudev ====
Version update (0.24.1 -> 0.24.3)

- Update to 0.24.3:
  * Tidies and Maintenance fixes
- Switch to pyproject macros.
- No more greedy globs in %files.
- Add patch support-pytest-8.patch:
  * Support pytest 8 changes.

==== python-zope.interface ====
Version update (6.2 -> 6.3)

- update to 6.3:
  * Add preliminary support for Python 3.13 as of 3.13a6.

==== sdbootutil ====
Version update (1+git20240506.573a6a4 -> 1+git20240514.56dc89c)
Subpackages: sdbootutil-rpm-scriptlets sdbootutil-snapper

- Update to version 1+git20240514.56dc89c:
  * Add show-entry command
  * Add SYSTEMD_COLORS flag
  * Add byte order mark to boot.csv

==== soundtouch ====
Version update (2.3.2 -> 2.3.3)

- Update to 2.3.3:
  * Fixing compiler warnings, maintenance fixes to make/build files
    for various systems
- Refresh disable-ffast-math.patch

==== strace ====
Version update (6.8 -> 6.9)

- Update to strace 6.9
  * Implemented --always-show-pid option.
  * The --user|-u option has learned to recognize numeric UID:GID pair, allowing
    e.g. statically-built strace to be used without invoking nss plugins.
  * Implemented decoding of IORING_REGISTER_SYNC_CANCEL,
    IORING_REGISTER_FILE_ALLOC_RANGE, IORING_REGISTER_PBUF_STATUS,
    IORING_REGISTER_NAPI, and IORING_UNREGISTER_NAPI opcodes of
    io_uring_register syscall.
  * Implemented decoding of BPF_TOKEN_CREATE bpf syscall command.
  * Updated decoding of io_uring_register and pidfd_send_signal syscalls.
  * Updated lists of BPF_*, CAN_*, IORING_*, KEY_*, LSM_*, MPOL_*, NT_*, RWF_*,
    PIDFD_*, PTP_*, TCP_*, and *_MAGIC constants.
  * Updated lists of ioctl commands from Linux 6.9.

==== wicked ====
Subpackages: wicked-service

- client: fix ifreload to pull UP ports/links again when the config
  of their master/lower changed (bsc#1224100,gh#openSUSE/wicked#1014).
  [+ 0001-ifreload-pull-UP-again-on-master-lower-changes-bsc1224100.patch]

==== xwayland ====
Version update (23.2.6 -> 24.1.0)

- Update to feature release 24.1.0
  * This fixes a couple of regressions introduced in the previous release
    candidate versions along with a fix for XTEST emulation with EI.
    + xwayland: Send ei_device_frame on device_scroll_discrete
    + xwayland: Restore the ResizeWindow handler
    + xwayland: Handle rootful resize in ResizeWindow
    + xwayland: Move XRandR emulation to the ResizeWindow hook
    + xwayland: Use correct xwl_window lookup function in xwl_set_shape
- eglstreams has been dropped
- Update to bug fix relesae 23.2.7
  * m4: drop autoconf leftovers
  * xwayland: Send ei_device_frame on device_scroll_discrete
  * xwayland: Call drmFreeDevice for dma-buf default feedback
  * xwayland: Use drmDevicesEqual in xwl_dmabuf_feedback_tranche_done
  * dri3: Free formats in cache_formats_and_modifiers
  * xwayland/glamor: Handle depth 15 in gbm_format_for_depth
  * Revert "xwayland/glamor: Avoid implicit redirection with depth 32 parent windows"
  * xwayland: Check for outputs before lease devices
  * xwayland: Do not remove output on withdraw if leased