Packages changed:
  apache2-mod_php8
  brotli
  curl (7.87.0 -> 7.88.1)
  enchant
  ffmpeg-5
  kernel-source (6.1.12 -> 6.2.0)
  kexec-tools
  libcbor (0.10.1 -> 0.10.2)
  libgit2 (1.5.1 -> 1.5.2)
  libheif (1.14.2 -> 1.15.1)
  liburing
  linux-glibc-devel (6.1 -> 6.2)
  make (4.4 -> 4.4.1)
  openexr
  php8
  python-apipkg
  python-pycurl
  qemu
  radvd
  strace (6.1 -> 6.2)
  vim (9.0.1307 -> 9.0.1357)
  vlc

=== Details ===

==== apache2-mod_php8 ====

- change to %bcond conditional build dependencies

==== brotli ====
Subpackages: libbrotlicommon1 libbrotlicommon1-32bit libbrotlidec1 libbrotlidec1-32bit libbrotlienc1

- add 32bit devel package for Wine development.

==== curl ====
Version update (7.87.0 -> 7.88.1)
Subpackages: libcurl4

- Update to 7.88.1:
  * Bugfix release
- Drop upstreamed patch:
  * curl-fix-uninitialized-value-in-tests.patch
- Update to 7.88.0: [bsc#1207990, CVE-2023-23914]
  [bsc#1207991, CVE-2023-23915] [bsc#1207992, CVE-2023-23916]
  * Security fixes:
  - CVE-2023-23914: HSTS ignored on multiple requests
  - CVE-2023-23915: HSTS amnesia with --parallel
  - CVE-2023-23916: HTTP multi-header compression denial of service
  * Changes:
  - curl.h: add CURL_HTTP_VERSION_3ONLY
  - share: add sharing of HSTS cache among handles
  - src: add --http3-only
  - tool_operate: share HSTS between handles
  - urlapi: add CURLU_PUNYCODE
  - writeout: add %{certs} and %{num_certs}
  * Bugfixes:
  - cf-socket: keep sockaddr local in the socket filters
  - cfilters:Curl_conn_get_select_socks: use the first non-connected filter
  - curl.h: allow up to 10M buffer size
  - curl.h: mark CURLSSLBACKEND_MESALINK as deprecated
  - curl/websockets.h: extend the websocket frame struct
  - curl: output warning at --verbose output for debug-enabled version
  - curl_free.3: fix return type of `curl_free`
  - curl_log: for failf/infof and debug logging implementations
  - dict: URL decode the entire path always
  - docs/DEPRECATE.md: deprecate gskit
  - easyoptions: fix header printing in generation script
  - haxproxy: send before TLS handhshake
  - hsts.d: explain hsts more
  - hsts: handle adding the same host name again
  - HTTP/[23]: continue upload when state.drain is set
  - http: decode transfer encoding first
  - http_aws_sigv4: remove typecasts from HMAC_SHA256 macro
  - http_proxy: do not assign data->req.p.http use local copy
  - lib: connect/h2/h3 refactor
  - libssh2: try sha2 algos for hostkey methods
  - md4: fix build with GnuTLS + OpenSSL v1
  - ngtcp2: replace removed define and stop using removed function
  - noproxy: support for space-separated names is deprecated
  - nss: implement data_pending method
  - openldap: fix missing sasl symbols at build in specific configs
  - openssl: adapt to boringssl's error code type
  - openssl: don't ignore CA paths when using Windows CA store (redux)
  - openssl: don't log raw record headers
  - openssl: make the BIO_METHOD a local variable in the connection filter
  - openssl: only use CA_BLOB if verifying peer
  - openssl: remove attached easy handles from SSL instances
  - openssl: store the CA after first send (ClientHello)
  - setopt: use >, not >=, when checking if uarg is larger than uint-max
  - smb: return error on upload without size
  - socketpair: allow localhost MITM sniffers
  - strdup: name it Curl_strdup
  - tool_getparam: fix hiding of command line secrets
  - tool_operate: fix error codes on bad URL & OOM
  - tool_operate: repair --rate
  - transfer: break the read loop when RECV is cleared
  - typecheck: accept expressions for option/info parameters
  - urlapi: avoid Curl_dyn_addf() for hex outputs
  - urlapi: skip path checks if path is just "/"
  - urlapi: skip the extra dedotdot alloc if no dot in path
  - urldata: cease storing TLS auth type
  - urldata: make 'ftp_create_missing_dirs' depend on FTP || SFTP
  - urldata: make set.http200aliases conditional on HTTP being present
  - urldata: move the cookefilelist to the 'set' struct
  - urldata: remove unused struct fields, made more conditional
  - vquic: stabilization and improvements
  - vtls: fix hostname handling in filters
  - vtls: manage current easy handle in nested cfilter calls
  - vtls: use ALPN HTTP/1.0 when HTTP/1.0 is used
  * Rebase libcurl-ocloexec.patch
  * Fix regression tests: f1d09231adfc695d15995b9ef2c8c6e568c28091
  - runtests: fix "uninitialized value $port"
  - Add curl-fix-uninitialized-value-in-tests.patch

==== enchant ====
Subpackages: enchant-2-backend-hunspell enchant-data libenchant-2-2

- Use %bcond_without aspell, ref ALP push for as few mandatory
  dependencies as possible/ability to turn off dependencies.

==== ffmpeg-5 ====
Subpackages: libavcodec59 libavdevice59 libavfilter8 libavformat59 libavutil57 libpostproc56 libswresample4 libswscale6

- Add ``Requires: this-is-only-for-build-envs`` [boo#1208652]

==== kernel-source ====
Version update (6.1.12 -> 6.2.0)

- Update to 6.2 final
- refresh configs
- commit 28fe266
- Update config files.
  Disable CONFIG_BLK_CGROUP_IOPRIO.
  io.prio.class is a misdesigned mechanism that doesn't fit well with the
  cgroup (especially v2):
- it's not properly hierarchical
  - cgroup-wise: parent cgroup has no contol over child cgroup
  - task-wise: priority impact outside of a cgroup (i.e. affects
    cousins competition)
- it's not device dependent (device oblivious)
  Disable it in openSUSE Tumbleweed (and future products) so that we don't
  teach users to use it and force ourselves to support it.
- commit 35713cd

==== kexec-tools ====

- kexec-bootloader: Add -a argument to load using kexec_load_file() when available (boo#1202820).

==== libcbor ====
Version update (0.10.1 -> 0.10.2)

- Update to 0.10.2:
  * Fixed minor test bug causing failures for x86 Linux
  * Made tests platform-independent

==== libgit2 ====
Version update (1.5.1 -> 1.5.2)

- update to 1.5.2:
  * Improve SSH key handling functionality: examine all keys in
    known_hosts files for matches, to support remote hosts with
    multiple key types

==== libheif ====
Version update (1.14.2 -> 1.15.1)
Subpackages: gdk-pixbuf-loader-libheif libheif1

- update to 1.15.1
  * fix compilation without plugins
- update to 1.15.0
  * codec plugin system now also works with Windows
  * heif_convert: manually choose which decoder should be used
  * support for CLLI (content light level box), MDCV (mastering
    display colour volume), PASP (pixel aspect) information
  * ICC profile support in gdk-pixbuf loader
  * various fixes
- build with plugins enabled on Tumbleweed
- remove upstreamed patches
  - 2ca02a128b2f76f7f293aa86a2ce1e04a8306c65.patch
  - b6812284a2d70f29a5121ec3dbe652da07fdbbb7.patch

==== liburing ====

- add 0001-Do-not-always-expect-multishot-recv-to-stop-posting-.patch
  fixes tests with kernel 6.2

==== linux-glibc-devel ====
Version update (6.1 -> 6.2)

- Update to kernel headers 6.2

==== make ====
Version update (4.4 -> 4.4.1)
Subpackages: make-lang

- Update to make 4.4.1
  * WARNING: Backward-incompatibility!
    In previous releases it was not well-defined when updates to MAKEFLAGS made
    inside a makefile would be visible.  This release ensures they are visible
    immediately, even when invoking $(shell ...) functions.
  * New feature: Parallel builds of archives
    Previously it was not possible to use parallel builds with archives.  It is
    still not possible using the built-in rules, however you can now override
    the built-in rules with a slightly different set of rules and use parallel
    builds with archive creation.
  * Previously target-specific variables would inherit their "export" capability
    from parent target-specific variables even if they were marked private.  Now
    private parent target-specific variables have no affect.
- sigpipe-fatal.patch: removed

==== openexr ====
Subpackages: libIex-3_1-30 libIlmThread-3_1-30 libOpenEXR-3_1-30

- fltk not needed (openexr-3.1.5/ASWF/tsc-meetings/2021-01-14.md)

==== php8 ====
Subpackages: php8-cli php8-ctype php8-dom php8-gd php8-gettext php8-iconv php8-mbstring php8-mysql php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter

- change to %bcond conditional build dependencies

==== python-apipkg ====

- Don't use fdupes -s, it hurts.

==== python-pycurl ====

- Disable http3 tests if it's not supported

==== qemu ====
Subpackages: qemu-accel-tcg-x86 qemu-audio-spice qemu-block-curl qemu-block-nfs qemu-block-rbd qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-host qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-ipxe qemu-ksm qemu-kvm qemu-lang qemu-microvm qemu-seabios qemu-sgabios qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios qemu-x86

- Fix build issue with Linux 6.2's headers (bsc#1208657) by dropping
  linux-user-add-more-compat-ioctl-definit.patch and adding
  Revert-linux-user-fix-compat-with-glibc-.patch
- Patches meson-enforce-a-minimum-Linux-kernel-hea.patch and
  linux-user-drop-conditionals-for-obsolet.patch were added
  as downstream patches as they were part of a series, but
  they never made it upstream, so we don't want them here
  either
  * Patches dropped:
  linux-user-add-more-compat-ioctl-definit.patch
  linux-user-drop-conditionals-for-obsolet.patch
  meson-enforce-a-minimum-Linux-kernel-hea.patch
  * Patches added:
  Revert-linux-user-fix-compat-with-glibc-.patch
- Fixes bsc#1197653, CVE-2022-1050
  * Patches added:
  block-Handle-curl-7.55.0-7.85.0-version-.patch
  hw-pvrdma-Protect-against-buggy-or-malic.patch

==== radvd ====

- /run/radvd/ is owned by the radvd group, not daemon
- Drop redundant directory creation in %post

==== strace ====
Version update (6.1 -> 6.2)

- Update to strace 6.2
  * Implemented collision resolution for overlapping ioctl commands
    from tty and snd subsystems.
  * Implemented decoding of IFLA_BRPORT_MAB and IFLA_DEVLINK_PORT
    netlink attributes.
  * Updated lists of ALG_*, BPF_*, IFLA_*, KEY_*, KVM_*, LANDLOCK_*,
    MEMBARRIER_*, NFT_*, NTF_*, and V4L2_* constants.
  * Updated lists of ioctl commands from Linux 6.2.

==== vim ====
Version update (9.0.1307 -> 9.0.1357)
Subpackages: vim-data vim-data-common

- Updated to version 9.0.1357, fixes the following problems
  * Setting 'formatoptions' with :let doesn't check for errors.
  * The code for setting options is too complicated.
  * Scrolling two lines with even line count and 'scrolloff' set.
  * 'splitkeep' test has failures.
  * Coverity warns for using a NULL pointer.
  * Cursor position wrong when splitting window in insert mode.
  * Some settings use the current codepage instead of 'encoding'.
  * :messages behavior depends on 'fileformat' of current buffer.
  * Escaping for completion of map command not properly tested.
  * Crash when using an unset object variable.
  * Code style test fails.
  * PRQL files are not recognized.
  * Checking the type of a null object causes a crash.
  * vimscript test fails where using {expr} syntax.
  * Crash when indexing "any" which is an object.
  * Build failure with +eval feature.
  * "gj" and "gk" do not move correctly over a closed fold.
  * 'colorcolumn' highlight wrong with virtual text above.
  * Relative line number not updated with virtual text above.
  * Cursor in wrong position below line with virtual text below ending in
  multi-byte character.
  * Error when using "none" for GUI color is confusing.
  * Completion of map includes simplified ones.
  * Handling new value of an option has a long "else if" chain.
  * Illegal memory access when using :ball in Visual mode.
  * Crash when using buffer-local user command in cmdline window. (Karl
  Yngve Lervåg)
  * When redo'ing twice <ScriptCmd> may not get the script ID.
  * Using tt_member for the class leads to mistakes.
  * No test for bad use of spaces in help files.
  * Functions without arguments are not always declared properly.
  * Yuck files are not recognized.
  * :defcompile and :disassemble can't find class method. (Ernie Rael)
  * No test for :disassemble with class function.
  * Coverity warns for using NULL pointer.
  * Build error with mzscheme but without GUI.
  * Check for OSC escape sequence doesn't work.
  * Too many "else if" statements for handling options.
  * Starlark files are not recognized.
  * "gr CTRL-O" stays in Insert mode. (Pierre Ganty)
  * Un-grammar files are not recognized.
  * "gr" with a count fails.
  * CPON files are not recognized.
  * Dhall files are not recognized.
  * "ignore" files are outdated.
  * Too many "else if" statements to handle option values.
  * "gr CTRL-G" stays in virtual replace mode. (Pierre Ganty)
  * No error when declaring a class twice. (Ernie Rael)
  * Cannot cancel "gr" with Esc.
  * Using null_object results in an internal error. (Ernie Rael)

==== vlc ====
Subpackages: libvlc5 libvlccore9 vlc-codec-gstreamer vlc-lang vlc-noX vlc-qt vlc-vdpau

- Add 104-playback-bar.patch: Backport fix for the playback bar (commit 60771fe7)