Packages changed:
  chromaprint
  clamav (0.103.9 -> 0.103.11)
  fftw3
  gpgme (1.22.0 -> 1.23.0)
  gpgmeqt (1.22.0 -> 1.23.0)
  kdump (1.9.6 -> 1.9.7)
  libp11
  llvm17 (17.0.2 -> 17.0.3)
  net-snmp
  openssl-1_1
  policycoreutils
  postgresql
  postgresql16
  python-M2Crypto (0.39.0 -> 0.40.0)
  python-httpcore (0.17.3 -> 0.18.0)
  python-httpx (0.24.1 -> 0.25.0)
  python-psutil
  python-pycairo (1.24.0 -> 1.25.1)
  qemu (8.1.0 -> 8.1.2)
  qt6-base
  rsyslog
  systemd
  systemd-default-settings (0.7 -> 0.8)
  vlan
  vlc (3.0.18 -> 3.0.19)
  webkit2gtk3
  webkit2gtk3-soup2
  xfce4-session
  yast2-country (5.0.1 -> 5.0.2)

=== Details ===

==== chromaprint ====

- Drop unused libtag-devel BuildRequires.
- Use cmake_build macro.

==== clamav ====
Version update (0.103.9 -> 0.103.11)
Subpackages: libclamav9 libfreshclam2

- Update to 0.103.11
  * Upgrade the bundled UnRAR library (libclamunrar) to version 6.2.12.
  * Windows: libjson-c 0.17 compatibility fix. with ssize_t type definition.
  * Windows: Update build system to use OpenSSL 3 and PThreads-Win32 v3.
- Update to 0.103.10
  * Upgrade the bundled UnRAR library (libclamunrar) to version 6.2.10.

==== fftw3 ====

- Disable HPC flavors on %ix86
- Drop support for obsolete openmpi[123]
- Prepare support for openmpi5

==== gpgme ====
Version update (1.22.0 -> 1.23.0)
Subpackages: libgpgme11 libgpgmepp6

- Update to 1.23.0:
  * Support GPGME_ENCRYPT_ALWAYS_TRUST also for S/MIME. [T6559]
  * New keylist mode GPGME_KEYLIST_MODE_WITH_V5FPR. [T6705]
  * New key capability flags has_*. [T6748]
  * gpgme-tool: Support use of Windows HANDLE. [T6634]
  * qt: Support refreshing keys via WKD. [T6672]
  * qt: Handle cancel in changeexpiryjob. [T6754]
  * Remove patches fixed upstream:
  - gpgme-qt-tests-Fix-build-in-source-directory.patch
  - gpgme-build-Suggest-out-of-source-build.patch

==== gpgmeqt ====
Version update (1.22.0 -> 1.23.0)

- Update to 1.23.0:
  * Support GPGME_ENCRYPT_ALWAYS_TRUST also for S/MIME. [T6559]
  * New keylist mode GPGME_KEYLIST_MODE_WITH_V5FPR. [T6705]
  * New key capability flags has_*. [T6748]
  * gpgme-tool: Support use of Windows HANDLE. [T6634]
  * qt: Support refreshing keys via WKD. [T6672]
  * qt: Handle cancel in changeexpiryjob. [T6754]
  * Remove patches fixed upstream:
  - gpgme-qt-tests-Fix-build-in-source-directory.patch
  - gpgme-build-Suggest-out-of-source-build.patch

==== kdump ====
Version update (1.9.6 -> 1.9.7)

- upgrade to version 1.9.7
  * prevent dracut emergency shell
  * s390: consolidate low-level network configuration with zdev
  * s390: Explicitly request zFCP devices

==== libp11 ====

- Replace openssl-ibmpkcs11 with openssl-engine-libp11 (jsc#PED-3327)
  Add Obsoletes: openssl-ibmpkcs11 <= 1.0.1
  and Provides: openssl-ibmpkcs11 = 1.0.1

==== llvm17 ====
Version update (17.0.2 -> 17.0.3)

- Update to version 17.0.3.
  * This release contains bug-fixes for the LLVM 17.0.0 release.
    This release is API and ABI compatible with 17.0.0.
- Rebase llvm-do-not-install-static-libraries.patch.
- Disable zstd support for now regardless of whether libzstd-devel
  is installed. (boo#1216121)
- Limit number of LTO threads on 32-bit architectures to prevent
  out-of-memory during linking.

==== net-snmp ====
Subpackages: libsnmp40 perl-SNMP snmp-mibs

- net-snmp-5.9.4-systemd-no-utmp.patch: prefer systemd-logind over
  utmp to count number of logged in users, utmp is not reliable for
  this and has a Y2038 problem (jsc#PED-3144)

==== openssl-1_1 ====
Subpackages: libopenssl1_1

- Performance enhancements for cryptography from OpenSSL 3.x
  [jsc#PED-5086, jsc#PED-3514]
  * Add patches:
  - openssl-ec-Use-static-linkage-on-nistp521-felem_-square-mul-.patch
  - openssl-ec-56-bit-Limb-Solinas-Strategy-for-secp384r1.patch
  - openssl-ec-powerpc64le-Add-asm-implementation-of-felem_-squa.patch
  - openssl-ecc-Remove-extraneous-parentheses-in-secp384r1.patch
  - openssl-powerpc-ecc-Fix-stack-allocation-secp384r1-asm.patch
  - openssl-Improve-performance-for-6x-unrolling-with-vpermxor-i.patch

==== policycoreutils ====
Subpackages: policycoreutils-lang policycoreutils-python-utils python3-policycoreutils

- Add reproducible-build.patch to make the output of "sepolicy manpage"
  deterministic (bsc#1216452)

==== postgresql ====
Subpackages: postgresql-contrib postgresql-server

- Interlock version and release of all noarch packages except for
  the postgresql-docs.

==== postgresql16 ====
Subpackages: libpq5 postgresql16-contrib postgresql16-server

- boo#1216022: Call install-alternatives from the devel subpackage
  as well, otherwise the symlink for ecpg might be missing.

==== python-M2Crypto ====
Version update (0.39.0 -> 0.40.0)

- Update to 0.40.0:
  - OK, SO NOT THIS RELEASE, BUT IN THE NEXT RELEASE PYTHON2 WILL
    TRULY GO!
  - BREAKING CHANGES:
  - There are no SWIG generated files (src/SWIG/_m2crytpo_wrap.c)
    included anymore, so swig must be installed, no
    exceptions! Also, for compatibility with Python 3.12+, swig
    4.0+ is required.
  - All support for asyncore has been removed, as it has been
    removed in Python 3.12 as well (which means also removal of
    contrib/dispatcher.py, M2Crypto/SSL/ssl_dispatcher.py,
    ZServerSSL).
  - All use of distutils (including the bundled ones in
    setuptools) has been removed, so `setup.py clean` is no
    more.
  - Excessively complicated and error-prone __init__py has been
    cleaned and `import M2Crypto` doesn’t include everything
    anymore. Imports should specified as for example with `from
    M2Crypto import foo`.
  - ASN1_Time handling has been mostly rewritten and it almost
    works even on Windows.
  - All tests in Gitlab CI (with exceptions of some skipped tests
    especially on Windows) are now green, tests of Python 2.7 on
    CentOS 7 have been included.
  - Introduce m2.err_clear_error()
  - Make X509_verify_cert() accessible as m2.x509_verify_cert
- Add 32bit_ASN1_Time.patch to quench errors on 32bit archs.

==== python-httpcore ====
Version update (0.17.3 -> 0.18.0)

- Update to 0.18.0:
  - Add support for HTTPS proxies.
  - Handle sni_hostname extension with SOCKS proxy.
  - Change the type of Extensions from Mapping[Str, Any] to
    MutableMapping[Str, Any].
  - Handle HTTP/1.1 half-closed connections gracefully.
  - Drop Python 3.7 support.
- Update httpcore-allow-deprecationwarnings-test.patch
- Skip failing tests test_ssl_request and test_extra_info
  (gh#encode/httpcore!832)

==== python-httpx ====
Version update (0.24.1 -> 0.25.0)

- Update to 0.25.0:
  - Drop support for Python 3.7.
  - Support HTTPS proxies.
  - Change the type of Extensions from Mapping[Str, Any] to
    MutableMapping[Str, Any].
  - Add socket_options argument to httpx.HTTPTransport and
    httpx.AsyncHTTPTransport classes.
  - The Response.raise_for_status() method now returns
    the response instance. For example: data =
    httpx.get('...').raise_for_status().json().
  - Return 500 error response instead of exceptions when
    raise_app_exceptions=False is set on ASGITransport.
  - Ensure all WSGITransport environs have a SERVER_PROTOCOL.
  - Always encode forward slashes as %2F in query parameters
  - Use Mozilla documentation instead of httpstatuses.com for
    HTTP error reference
- Requires higher version of httpcore.

==== python-psutil ====

- Rebase logind_y2038.patch based on the reviewed code

==== python-pycairo ====
Version update (1.24.0 -> 1.25.1)

- update to 1.25.1:
  * fix a crash in pypy3.10
  * Fix the build with CPython 3.13.0a1
- introduced from 1.25.0:
  * update to cairo 1.18.0 (for windows only)
  * new apis:
  - Status.SVG_FONT_ERROR
  - FontOptions.get_color_mode(), FontOptions.set_color_mode(), ColorMode
  - FontOptions.set_color_palette(), FontOptions.get_color_palette(), COLOR_PALETTE_DEFAULT
  - FontOptions.set_custom_palette_color(), FontOptions.get_custom_palette_color()
  - TAG_CONTENT, TAG_CONTENT_REF
  - Pattern.get_dither(), Pattern.set_dither(), Dither

==== qemu ====
Version update (8.1.0 -> 8.1.2)
Subpackages: qemu-accel-tcg-x86 qemu-audio-spice qemu-block-curl qemu-block-nfs qemu-block-rbd qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-host qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-img qemu-ipxe qemu-ksm qemu-lang qemu-microvm qemu-pr-helper qemu-seabios qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios qemu-x86

- [openSUSE] supportconfig: Adapt plugin to modern supportconfig
- [openSUSE] Add -p1 to autosetup in spec files
  * So patches can be applied easily (might be useful for development)
- Update to version 8.1.2:
  This fixes the following upstream issues:
  * https://gitlab.com/qemu-project/qemu/-/issues/1826
  * https://gitlab.com/qemu-project/qemu/-/issues/1834
  * https://gitlab.com/qemu-project/qemu/-/issues/1846
  It also contains a fix for:
  * CVE-2023-42467
  As well as several upstream backports (list available at:
  https://lore.kernel.org/qemu-devel/24dfb1c2-dc40-4841-893d-5d530638b684@tls.msk.ru/)
- Update to version 8.1.1:
  Upstream backports and bugfixes, among which:
  * tpm: fix crash when FD >= 1024 and unnecessary errors due to EINTR (Marc-Andr303251 Lureau)
  * meson: Fix targetos match for illumos and Solaris. (Jonathan Perkin)
  * s390x/ap: fix missing subsystem reset registration (Janosch Frank)
  * ui: fix crash when there are no active_console (Marc-Andr303251 Lureau)
  * virtio-gpu/win32: set the destroy function on load (Marc-Andr303251 Lureau)
  * target/riscv: Allocate itrigger timers only once (Akihiko Odaki)
  * target/riscv/pmp.c: respect mseccfg.RLB for pmpaddrX changes (Leon Schuermann)
  * target/riscv: fix satp_mode_finalize() when satp_mode.supported = 0 (Daniel Henrique Barboza)
  * hw/riscv: virt: Fix riscv,pmu DT node path (Conor Dooley)
  * [...]
  * target/arm: Fix 64-bit SSRA (Richard Henderson)
  * target/arm: Fix SME ST1Q (Richard Henderson)
  * accel/kvm: Specify default IPA size for arm64 (Akihiko Odaki)
  * kvm: Introduce kvm_arch_get_default_type hook (Akihiko Odaki)
  * include/hw/virtio/virtio-gpu: Fix virtio-gpu with blob on big endian hosts (Thomas Huth)
  * target/s390x: Check reserved bits of VFMIN/VFMAX's M5 (Ilya Leoshkevich)
  * target/s390x: Fix VSTL with a large length (Ilya Leoshkevich)
  * target/s390x: Use a 16-bit immediate in VREP (Ilya Leoshkevich)
  * target/s390x: Fix the "ignored match" case in VSTRS (Ilya Leoshkevich)
  Full list available at:
  * https://lore.kernel.org/qemu-devel/d0d2ac8f-313a-c937-dc3a-88e45fce933c@tls.msk.ru/
- Fix (bsc#1215486):
  * [openSUSE][RPM] spec: enable the Pipewire audio backend (bsc#1215486)
- (Properly) fix: bsc#1213210
  * linux-user/elfload: Enable vxe2 on s390x
- Fix: bsc#1215677
  * optionrom: Remove build-id section

==== qt6-base ====
Subpackages: libQt6Core6 libQt6DBus6 libQt6Gui6 libQt6Network6 libQt6OpenGL6 libQt6Sql6 libQt6Test6 libQt6Widgets6 qt6-network-tls qt6-platformtheme-gtk3

- Add upstream change:
  * 0001-xkb-fix-build-with-libxkbcommon-1.6.0-and-later.patch

==== rsyslog ====

- trigger daemon restart after modules packages have been updated
  (bsc#1214996)

==== systemd ====
Subpackages: libsystemd0 libsystemd0-32bit libudev1 systemd-32bit systemd-boot systemd-container systemd-coredump systemd-lang udev

- Import commit b53f364c264cd598d4210b64285a55d362b47b89
  b53f364c26 test: install af_packet kernel module on openSUSE
  86b7521a3c shared/wall: use logind if build without utmp support
  65aac5858f errno-util: allow ERRNO_IS_* to accept types wider than int
  8f93b89db4 basic/errno-util: add wrappers which only accept negative errno
  1b815b3e76 Introduce RET_GATHER and use it in src/shared/
- Drop 0001-conf-parser-introduce-early-drop-ins.patch
  The usage of drop-ins is now the official way for configuring systemd and its
  various daemons on Factory/ALP.
  See: https://lists.opensuse.org/archives/list/factory@lists.opensuse.org/thread/KWRBTAVQ6MGHVAHKDZZ6GIRX4RMHKHQ6/
- Ship the main configuration files in /usr/lib/
  Besides the fact that shipping files in /etc is not recommended anymore, this
  change will hopefully encourage users to customize the defaults via the mean
  of drop-ins hence removing the risk of conflicts with downstream
  customization.
  In contrary, shipping empty directories *.conf.d/ in /etc is not a concern and
  should suggest users to create drop-ins (bsc#1207056).
- systemd.spec: add files.portable and files.journal-remote
- Don't include entries listed in kbd-model-map.xkb-generated (provided by kbd
  package) in kbd-model-map anymore. Yast, the only user of these entries,
  directly parses kbd-model-map.xkb-generated now (bsc#1211104).
- tmpfiles-suse.conf: drop entries for /run/lock and /var/log/wtmp
  /run/lock is now defined by filesystem package and wtmp has been replaced by
  wtmpdb on TW.

==== systemd-default-settings ====
Version update (0.7 -> 0.8)
Subpackages: systemd-default-settings-branding-SLE systemd-default-settings-branding-openSUSE

- The usage of drop-ins is now the official way for configuring systemd and its
  various daemons on Factory/ALP. Hence the early drop-ins SUSE specific
  "feature" has been abandoned.
- Import 0.8
  f34372f User priority '26' for SLE-Micro
  c8b6f0a Revert "Convert more drop-ins into early ones"

==== vlan ====

- Drop url for sources, they are no longer valid.

==== vlc ====
Version update (3.0.18 -> 3.0.19)
Subpackages: libvlc5 libvlccore9 vlc-codec-gstreamer vlc-lang vlc-noX vlc-qt vlc-vdpau

-  Update to version 3.0.19
-  Remove 104-playback-bar.patch, as it's no longer needed.
  + Core:
  - Fix next-frame freezing in most scenarios
  + Demux:
  - Support RIFF INFO tags for Wav files
  - Fix AVI files with flipped RAW video planes
  - Fix duration on short and small Ogg/Opus files
  - Fix some HLS/TS streams with ID3 prefix
  - Fix some HLS playlist refresh drift
  - Fix for GoPro MAX spatial metadata
  - Improve FFmpeg-muxed MP4 chapters handling
  - Improve playback for QNap-produced AVI files
  - Improve playback of some old RealVideo files
  - Fix duration probing on some MP4 with missing information
  + Decoders:
  - Multiple fixes on AAC handling
  - Activate hardware decoding of AV1 on Windows (DxVA)
  - Improve AV1 HDR support with software decoding
  - Fix some AV1 GBRP streams, AV1 super-resolution streams and monochrome ones
  - Fix black screen on poorly edited MP4 files on Android Mediacodec
  - Fix rawvid video in NV12
  - Fix several issues on Windows hardware decoding (including "too large resolution in DxVA")
  - Improve crunchyroll-produced SSA rendering
  + Video Output:
  - Super Resolution scaling with nVidia and Intel GPUs
  - Fix for an issue when cropping on Direct3D9
  - Multiple fixes for hardware decoding on D3D11 and OpenGL interop
  - Fix an issue when playing -90°rotated video
  - Fix subtitles rendering blur on recent macOS
  + Input:
  - Improve SMB compatibility with Windows 11 hosts
  + Contribs:
  - Update of fluidlite, fixing some MIDI rendering on Windows
  - Update of zlib to 1.2.13 (CVE-2022-37434)
  - Update of FFmpeg, vpx (CVE-2023-5217), ebml, dav1d, libass
  + Misc:
  - Improve muxing timestamps in a few formats (reset to 0)
  - Fix some rendering issues on Linux with the fullscreen controller
  - Fix GOOM visualization
  - Fixes for Youtube playback
  - Fix some MPRIS inconsistencies that broke some OS widgets on Linux
  - Implement MPRIS TrackList signals
  - Fix opening files in read-only mode
  - Fix password search using the Kwallet backend
  - Fix some crashes on macOS when switching application
  - Fix 5.1/7.1 output on macOS and tvOS
  - Fix several crashes and bugs in the macOS preferences panel
  - Improvements on the threading of the MMDevice audio output on Windows
  - Fix a potential security issue on the uninstaller DLLs
  - Fix memory leaks when using the media_list_player libVLC APIs
  + Translations:
  - Update of most translations
  - New translations to Esperanto, Interlingue, Lao, Macedonian, Burmese, Odia, Samoan and Swahili

==== webkit2gtk3 ====
Subpackages: WebKitGTK-4.1-lang libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles

- Add webkit2gtk3-create-destroy-egl-image.patch: fix "No provider
  of EglDestroyImage Found" (boo#1216483).

==== webkit2gtk3-soup2 ====
Subpackages: WebKitGTK-4.0-lang libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles

- Add webkit2gtk3-create-destroy-egl-image.patch: fix "No provider
  of EglDestroyImage Found" (boo#1216483).

==== xfce4-session ====
Subpackages: xfce4-session-lang

- Added xfce-portals.conf file. XDP 0.18.0 requires desktop and other
  environments to have their own portals.conf drop in file and this
  is a workaround until a better fix lands (boo#1215641)
- Added xdg-current-desktop-xfce.desktop to autostart to ensure variable
  XDG_CURRENT_DESKTOP variable is properly exposed to systemd (boo#1215641)
- Relax requirement of branding package version to prevent
  xfce4-branding-openSUSE breaking on Leap due to repos being out of sync
  (boo#1216470)

==== yast2-country ====
Version update (5.0.1 -> 5.0.2)
Subpackages: yast2-country-data

- BuildRequire kbd to fix the build (bsc#1211104)
- 5.0.2