Packages changed:
  MicroOS-release (20241112 -> 20241113)
  alsa (1.2.12 -> 1.2.13)
  grub2
  libopenmpt (0.7.10 -> 0.7.11)
  libsemanage
  libsoup
  libsoup2
  nghttp2 (1.62.1 -> 1.64.0)
  openssl-3
  qt6-declarative
  sof-firmware (2024.09 -> 2024.09.1)
  wget (1.24.5 -> 1.25.0)

=== Details ===

==== MicroOS-release ====
Version update (20241112 -> 20241113)
Subpackages: MicroOS-release-appliance MicroOS-release-dvd

- automatically generated by openSUSE-release-tools/pkglistgen

==== alsa ====
Version update (1.2.12 -> 1.2.13)

- Update to alsa-lib 1.2.13:
  * static build fixes
  * documentation update for control remap API
  * PCM dmix fixes
  * pcm: implement snd_pcm_hw_params_get_sync() and obsolete snd_pcm_info_get_sync()
  * ump: Add a function to provide the packet word length of a UMP type
  * seq: Add snd_seq_{get|set}_ump_is_midi1() API functions
  * seq: Add API functions to set different tempo base values
  * seq: Add API helper functions for creating UMP Endpoint and Blocks
  * documentation fixes for UMP and sequencer API
  * test: Add an example programs for UMP
  For details, see:
    https://www.alsa-project.org/wiki/Changes_v1.2.12_v1.2.13#alsa-lib
- Conditionally take libtool

==== grub2 ====
Subpackages: grub2-arm64-efi grub2-common grub2-snapper-plugin

- Revert the patches related to BLS support in grub2-mkconfig, as they are not
  relevant to the current BLS integration and cause issues in older KIWI
  versions, which actively force it to be enabled by default (bsc#1233196)
  * 0002-Add-BLS-support-to-grub-mkconfig.patch
  * 0003-Add-grub2-switch-to-blscfg.patch
  * 0007-grub-switch-to-blscfg-adapt-to-openSUSE.patch
  * 0008-blscfg-reading-bls-fragments-if-boot-present.patch
  * 0009-10_linux-Some-refinement-for-BLS.patch
  * 0001-10_linux-Do-not-enable-BLSCFG-on-s390-emu.patch

==== libopenmpt ====
Version update (0.7.10 -> 0.7.11)

- Update to 0.7.11:
  * IT: Don鈥檛 import SAx High Offset command for IT 1.xx modules.
    This feature was added in Impulse Tracker 2.00.
  * IT: Limit Vxx parameter to V80 for files made with old Schism
    Tracker versions.
  * IT / S3M: Impulse Tracker 2.14 patch version information was
    incorrect.
  * S3M: O00 effects are no longer ignored if the tracker version
    in the file header indicates Scream Tracker 3.00 / 3.01,
    but the file was clearly saved with another tool (e.g. UNMO3).
  * S3M: As files made with Scream Tracker 3.20 and 3.21 cannot be
    told apart, both versions are now listed in the tracker
    metadata.
  * ULT: Try to preserve global commands if there鈥檚 e.g. both a
    speed and tempo command in the same cell.
  * STM: Improved tracker identification metadata.
  * SymMOD: When running out of Zxx macros, try to find the closest
    macro to use instead.
  * SymMOD: Ignore unknown hunks instead of rejecting entire file,
    as that鈥檚 what Symphonie does as well.
  * OKT: Disable loop on type 鈥淏鈥� samples if they鈥檙e used on a
    mixed channel.
  * OKT: The last sample slot was never loaded.
  * PTM: Halve offset command strength for 16-bit samples.

==== libsemanage ====
Subpackages: libsemanage-conf libsemanage2

- Not conflict but obsolete libsemanage1 (bsc#1229757)

==== libsoup ====
Subpackages: libsoup-3_0-0 typelib-1_0-Soup-3_0

- Add 6adc0e3e.patch: websocket: Process the frame as soon as we
  read data (boo#1233287 CVE-2024-52532 glgo#GNOME/libsoup#391).
- Add 29b96fab.patch: websocket-test: disconnect error copy after
  the test ends (glgo#GNOME/libsoup#391).
- Add a35222dd.patch: be more robust against invalid input when
  parsing params (boo#1233292 CVE-2024-52531
  glgo#GNOME/libsoup!407).

==== libsoup2 ====

- Add 04df03bc.patch: strictly don't allow NUL bytes in headers
  (boo#1233285 CVE-2024-52530 glgo#GNOME/libsoup#377).
- Add libsoup-CVE-2024-52532.patch: websocket: Process the frame as
  soon as we read data (boo#1233287 CVE-2024-52532).
- Add 29b96fab.patch: websocket-test: disconnect error copy after
  the test ends (glgo#GNOME/libsoup#391).
- Add a35222dd.patch: be more robust against invalid input when
  parsing params (boo#1233292 CVE-2024-52531
  glgo#GNOME/libsoup!407).

==== nghttp2 ====
Version update (1.62.1 -> 1.64.0)

- version update to 1.64.0
  1.64.0
  * Change clang-format options by @tatsuhiro-t in #2240
  * build(deps): bump github.com/quic-go/quic-go from 0.46.0 to 0.47.0 by @dependabot in #2243
  * build(deps): bump golang.org/x/net from 0.28.0 to 0.29.0 by @dependabot in #2244
  * nghttp2_map: Port ngtcp2 changes by @tatsuhiro-t in #2245
  * h2load: Fix UDP datagram send/recv metric by @tatsuhiro-t in #2248
  * build(deps): bump golang.org/x/net from 0.29.0 to 0.30.0 by @dependabot in #2252
  * fix race condition on h1 connection close by @TuxInvader in #2249
  * Gha ubuntu 24.04 by @tatsuhiro-t in #2254
  * GHA: Run tests for i686-w64-mingw32 host by @tatsuhiro-t in #2255
  * cmake: Fix c-ares v1.34.0 version detection failure by @tatsuhiro-t in #2256
  * fix: -Wextra-semi errors in nghttp2_helper.h by @codebytere in #2258
  * clang-format macros that do not need semicolon at the end by @tatsuhiro-t in #2259
  * Remove extra semicolons by @tatsuhiro-t in #2260
  * Bump ngtcp2 and its dependencies by @tatsuhiro-t in #2261
  * Do not allow '@' in :authority or host field values by @tatsuhiro-t in #2262
  * h2load: GRO buffer size should be 64KiB by @tatsuhiro-t in #2263
  * Bump libbpf to v1.4.6 by @tatsuhiro-t in #2264
  * Update nghttp2_check_authority doc by @tatsuhiro-t in #2265
  1.63.0
  * Bump libbpf to v1.4.2 by @tatsuhiro-t in #2191
  * build(deps): bump golang.org/x/net from 0.24.0 to 0.25.0 by @dependabot in #2193
  * nghttpx: Fix batch UDP QUIC packet dropped on GRO read by @tatsuhiro-t in #2196
  * CMakeLists.txt: allow to compile the C only lib without CXX compiler by @ThomasDevoogdt in #2200
  * build(deps): bump github.com/quic-go/quic-go from 0.43.1 to 0.44.0 by @dependabot in #2197
  * Fix compiler versions in readme by @ryandesign in #2203
  * build(deps): bump golang.org/x/net from 0.25.0 to 0.26.0 by @dependabot in #2205
  * build(deps): bump github.com/quic-go/quic-go from 0.44.0 to 0.45.0 by @dependabot in #2206
  * Bump ngtcp2 and its dependencies by @tatsuhiro-t in #2207
  * build(deps): bump docker/build-push-action from 5 to 6 by @dependabot in #2208
  * Add wolfSSL support by @tatsuhiro-t in #2209
  * Append --shallow-submodules to git clone --recursive by @tatsuhiro-t in #2210
  * Always append options to extra options by @tatsuhiro-t in #2211
  * build(deps): bump github.com/quic-go/quic-go from 0.45.0 to 0.45.1 by @dependabot in #2213
  * Disable dependency tracking by @tatsuhiro-t in #2214
  * Fix Dockerfile.android build failure by @tatsuhiro-t in #2215
  * Fix UDP_GRO struct cmsghdr data type by @tatsuhiro-t in #2216
  * GHA: Suppress warnings by @tatsuhiro-t in #2217
  * Fix levenshtein initialization by @tatsuhiro-t in #2218
  * build(deps): bump golang.org/x/net from 0.26.0 to 0.27.0 by @dependabot in #2220
  * Undefine NGHTTP2_NO_SSIZE_T if BUILDING_NGHTTP2 is defined by @tatsuhiro-t in #2224
  * Bump clang format by @tatsuhiro-t in #2226
  * Suppress old compiler error by @tatsuhiro-t in #2228
  * build(deps): bump github.com/quic-go/quic-go from 0.45.1 to 0.45.2 by @dependabot in #2229
  * build(deps): bump golang.org/x/net from 0.27.0 to 0.28.0 by @dependabot in #2231
  * build(deps): bump github.com/quic-go/quic-go from 0.45.2 to 0.46.0 by @dependabot in #2232
  * Bump ngtcp2 and its dependencies by @tatsuhiro-t in #2236
  * Bump libbpf to v1.4.5 by @tatsuhiro-t in #2237
  * Update go by @tatsuhiro-t in #2238
  * levenshtein: Use size_t by @tatsuhiro-t in #2239

==== openssl-3 ====
Subpackages: libopenssl3

- Do not use HASHBANGPERL to avoid introducing a dependency on the
  perl-base package. [bsc#1233235]
- Add missing fixes for SHA3_squeeze and quic_multistream_test on
  pcc64 arch. [jsc#PED-10280]
  * Added openssl-3-fix-sha3-squeeze-ppc64.patch
  * Added openssl-3-fix-quic_multistream_test.patch

==== qt6-declarative ====
Subpackages: libQt6LabsAnimation6 libQt6LabsFolderListModel6 libQt6LabsPlatform6 libQt6LabsQmlModels6 libQt6LabsSettings6 libQt6LabsSharedImage6 libQt6LabsWavefrontMesh6 libQt6Qml6 libQt6QmlCore6 libQt6QmlLocalStorage6 libQt6QmlMeta6 libQt6QmlModels6 libQt6QmlNetwork6 libQt6QmlWorkerScript6 libQt6QmlXmlListModel6 libQt6Quick6 libQt6QuickControls2-6 libQt6QuickControls2Impl6 libQt6QuickDialogs2-6 libQt6QuickDialogs2QuickImpl6 libQt6QuickDialogs2Utils6 libQt6QuickEffects6 libQt6QuickLayouts6 libQt6QuickParticles6 libQt6QuickShapes6 libQt6QuickTemplates2-6 libQt6QuickTest6 libQt6QuickVectorImage6 libQt6QuickWidgets6 qt6-declarative-imports

- Replace 0001-WIP-speculative-gc-fix.patch with newer ones,
  should unbreak spectacle and some others (kde#496139):
  * 0001-Log-state-transitions-for-the-GC.patch
  * 0001-Engine-Mark-created-wrapped-objects-after-GCState-Ma.patch

==== sof-firmware ====
Version update (2024.09 -> 2024.09.1)

- update to v2024.09.1:
  * Add missing links for SOF v2.11.1 signed Intel binaries for ARL
  * fixup the intel-signed/sof-arl.ri link
  * Update v2.2.12 topology files for Intel platforms
  * add new 2.11.2 topology2 production binaries

==== wget ====
Version update (1.24.5 -> 1.25.0)

- GNU wget 1.25.0:
  * New testcase for pathconf truncation
  * Fix libproxy build with --disable-debug
  * [BREAKING CHANGE] Support continious reading from stdin pipes
  * Properly re-implement userinfo parsing (rfc2396)
  * init: fix -Warray-bounds in setval_internal_tilde
  * Fix build error on MingW with `G_GETFL` and `F_SETFL` flags
  * Fix returning uninitialized variable
  * Fix a static analysis false positive
  * [BREAKING CHANGE] Fix CVE-2024-10524 (drop support for shorthand URLs)
    (bsc#1233256)
- Remove committed patches
  * properly-re-implement-userinfo-parsing.patch
- Renumber patches