Packages changed:
  MozillaFirefox (119.0.1 -> 120.0)
  gstreamer-plugins-bad
  icewm (3.4.3 -> 3.4.4)
  inxi (3.3.27 -> 3.3.31)
  kyotocabinet (1.2.77 -> 1.2.80)
  libdrm (2.4.117 -> 2.4.118)
  nghttp2 (1.57.0 -> 1.58.0)
  opencc (1.1.6 -> 1.1.7)
  pam-config (2.9 -> 2.10)
  pipewire (0.3.85 -> 1.0.0)
  policycoreutils
  python-charset-normalizer (3.3.0 -> 3.3.2)
  python-lxml
  python-setproctitle (1.3.2 -> 1.3.3)
  restorecond
  tango-icon-theme
  tpm2-0-tss
  transmission (4.0.3 -> 4.0.4)
  usbutils (015 -> 017)
  wireplumber (0.4.15 -> 0.4.16)
  xwayland

=== Details ===

==== MozillaFirefox ====
Version update (119.0.1 -> 120.0)
Subpackages: MozillaFirefox-translations-common

- Mozilla Firefox 120.0
  https://www.mozilla.org/en-US/firefox/120.0/releasenotes
  MFSA 2023-49 (bsc#1217230)
  * CVE-2023-6204 (bmo#1841050)
    Out-of-bound memory access in WebGL2 blitFramebuffer
  * CVE-2023-6205 (bmo#1854076)
    Use-after-free in MessagePort::Entangled
  * CVE-2023-6206 (bmo#1857430)
    Clickjacking permission prompts using the fullscreen
    transition
  * CVE-2023-6207 (bmo#1861344)
    Use-after-free in ReadableByteStreamQueueEntry::Buffer
  * CVE-2023-6208 (bmo#1855345)
    Using Selection API would copy contents into X11 primary
    selection.
  * CVE-2023-6209 (bmo#1858570)
    Incorrect parsing of relative URLs starting with "///"
  * CVE-2023-6210 (bmo#1801501)
    Mixed-content resources not blocked in a javascript: pop-up
  * CVE-2023-6211 (bmo#1850200)
    Clickjacking to load insecure pages in HTTPS-only mode
  * CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252,
    bmo#1856072, bmo#1856091, bmo#1859030, bmo#1860943,
    bmo#1862782)
    Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5,
    and Thunderbird 115.5
  * CVE-2023-6213 (bmo#1849265, bmo#1851118, bmo#1854911)
    Memory safety bugs fixed in Firefox 120
- rebased patches

==== gstreamer-plugins-bad ====
Subpackages: gstreamer-plugins-bad-lang libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstcuda-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplay-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstva-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 libgstwebrtcnice-1_0-0

- Stop passing sctp=disabled and pass sctp=enabled to meson setup
  instead, enable build of sctp plugin.

==== icewm ====
Version update (3.4.3 -> 3.4.4)
Subpackages: icewm-config-upstream icewm-default icewm-lang icewm-lite

- update to 3.4.4:
  * Use fcsmart for capturing loadText data.
  * Support TIFF and WEBP in icewmbg.
  * More permissive parsing of a PAM image header in icesh.
  * Remove obsolete winoption examples and add one for
    plank.
  * Use --disable-librsvg instead of --disable-rsvg.
  * Add `supportsFormat` to check for support of additional
    image formats.
  * Support JXL, JP2, RAW, SVG, TGA image formats in
    icewmbg.
  * Test if a color can be considered dark for issue #715.
  * Brighten the color of inactive preview icons for dark
    themes for issue
  * Fix a crash when a ping timeout dialog is destroyed for
    issue #729.
  * Let icewmbg interpret command-line arguments relative
    to the current working directory.
  * Clarify prefoverride and closes #750
  * When mapping a client by PID, search for the best
    match.
  * Don't enforce the use of clang++ in the debug build.
  * Fix ordering in the 4th configuration
  * Fix minor warnings from recent CMake and GCC
  * Translated using Weblate (Portuguese (Brazil))

==== inxi ====
Version update (3.3.27 -> 3.3.31)

- Updated to version 3.3.31:
  + /usr/share/doc/packages/inxi/inxi.changelog.
- Updated spec file for new location of inxi at codeberg.org.

==== kyotocabinet ====
Version update (1.2.77 -> 1.2.80)

- update to 1.2.80:
  - configure.in supports strict C99 rules.
  - Fixed errors of kcdirtest on BtrFS.
  - Fixed build warnings.

==== libdrm ====
Version update (2.4.117 -> 2.4.118)
Subpackages: libdrm2 libdrm_amdgpu1 libdrm_intel1 libdrm_nouveau2 libdrm_radeon1

- update to 2.4.118:
  * improve SMPTE color LUT accuracy
  * util: factor out and optimize C8 SMPTE color LUT
  * util: add support for DRM_FORMAT_C[124]
  * util: store number of colors for indexed formats
  * util: add SMPTE pattern support for C4 format
  * util: add SMPTE pattern support for C1 format
  * util: add SMPTE pattern support for C2 format
  * modetest: add support for DRM_FORMAT_C[124]
  * modetest: add SMPTE pattern support for C[124] formats
  * intel: determine target endianness using meson
  * util: fix 32 bpp patterns on big-endian
  * util: fix 16 bpp patterns on big-endian
  * util: add missing big-endian RGB16 frame buffer formats
  * modetest: add support for parsing big-endian formats
  * util: add test pattern support for big-endian XRGB1555/RGB565
  * util: fix pwetty on big-endian
  * util: add pwetty support for big-endian RGB565
  * modetest: add support for big-endian XRGB1555/RGB565
  * modetest: add support for DRM_FORMAT_NV{15,20,30}
  * modetest: switch usage to proper options grammar
  * xf86drm: add drmGetNodeTypeFromDevId
  * Sync headers with drm-next
  * xf86drmMode: add drmModeCloseFB()

==== nghttp2 ====
Version update (1.57.0 -> 1.58.0)

- update to 1.58.0:
  * Update manual pages
  * Bump neverbleed
  * Bump ngtcp2
  * Prefer clock_gettime if __CYGWIN__ defined
  * Do not require strict c++ mode
  * nghttpx: Stricter transfer-encoding checks
  * Refactor character comparison
  * Integration servertester h3
  * integration: Enable http3 test with cmake

==== opencc ====
Version update (1.1.6 -> 1.1.7)
Subpackages: libopencc1_1 opencc-data

- update to 1.1.7:
  * Added python package rebuild on commit to verify package
    generation (#822).
  * Support Python 3.12 and Node 20, remove builds for Python 3.7
    and Node 16 (#820).
  * Add support of CMake config modules (#763).
  * Several other minor fixes.
- drop fix-soversion.patch (obsolete)

==== pam-config ====
Version update (2.9 -> 2.10)

- Update to version 2.10
  - Enable session and account support for kanidm and himmelblau

==== pipewire ====
Version update (0.3.85 -> 1.0.0)
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-lang pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools

- Update to version 1.0.0 (El Presidente):
  * Highlights
  - Fix a memfd/dmabuf leak when uploading buffers while shutting
    down.
  - Handle concurrent jack_port_get_buffer() calls because ardour
    seems to be doing this.
  - Improve time reporting (less jitter) in ALSA when using IRQ.
  - Many doc improvements.
  * PipeWire
  - Respect PIPEWIRE_DLCLOSE everywhere, remove pw_in_valgrind().
  - Remove a warning when a client tries to change ignored
    properties.
  * Modules
  - Fix a memfd/dmabuf leak when uploading buffers while shutting
    down.
  - Fix a potential segfault when copying mix structures. (#3658)
  - Avoid races in setrlimit in module-rt.
  - Fix a memory leak in filter-chain.
  - Set rtp.ptime on senders, not receivers.
  - The ROC modules were ported to ROC 0.3
  * SPA
  - Improve time reporting (less jitter) in ALSA when using IRQ.
    (#3657)
  - Add latency param query in libcamera.
  - Fix some compiler warnings.
  - The EVL plugin was updated.
  * Bluetooth
  - LC3 codec and compatibility improvements.
  * Pulse server
  - Fix emission of events when a sink/source state changes.
    (#3660)
  * JACK
  - Improve transport and time handling. Use unique ids to make
    consistent snapshots of the current time and transport.
  - Avoid enumerating port params that we are not going to use.
  - Optimize buffer reuse.
  - Handle concurrent jack_port_get_buffer() calls because ardour
    seems to be doing this. (#3632)
  * Docs
  - Many doc improvements.
  - Add man pages for pw-dump, pw-loopback, modules,
    pipewire-pulse.
  - Manpages are now made with Doxygen.
  - Add docs for pulse-modules

==== policycoreutils ====
Subpackages: policycoreutils-lang policycoreutils-python-utils python3-policycoreutils

- Change deprecated `%patch1 -p1` syntax to supported `%patch -P1 -p1`
  (bsc#1216669)

==== python-charset-normalizer ====
Version update (3.3.0 -> 3.3.2)

- update to 3.3.2:
  * Unintentional memory usage regression when using large
    payload that match several encoding (#376)
  * Regression on some detection case showcased in the
    documentation (#371)
  * Noise (md) probe that identify malformed arabic
    representation due to the presence of letters in isolated
    form
  * Optional mypyc compilation upgraded to version 1.6.1 for
    Python >= 3.8
  * Improved the general detection reliability based on reports
    from the community

==== python-lxml ====

- Add libxml2212-tests.patch to fix tests with new libxml2

==== python-setproctitle ====
Version update (1.3.2 -> 1.3.3)

- update to 1.3.3:
  * Add support for Python 3.12
  * Fix package metadata to include Python 3.11, 3.12.

==== restorecond ====

- Change deprecated `%patch1 -p1` syntax to supported `%patch -P1 -p1`
  (bsc#1216669)

==== tango-icon-theme ====

- Use %patch -P N instead of deprecated %patchN.

==== tpm2-0-tss ====
Subpackages: libtss2-esys0 libtss2-mu0 libtss2-rc0 libtss2-sys1 libtss2-tctildr0

- libtss2-fapi1 requires system-user-tss for tmpfile creation

==== transmission ====
Version update (4.0.3 -> 4.0.4)
Subpackages: transmission-common transmission-gtk transmission-gtk-lang

- Update to version 4.0.4:
  + Fixed bug in sending torrent metadata to peers.
  + Avoid unnecessary heap memory allocations.
  + Fixed filename collision edge case when renaming files.
  + Fixed locale errors that broke number rounding when displaying
    statistics, e.g. upload / download ratios.
  + Always use a fixed-length key query in tracker announces. This
    isn't required by the spec, but some trackers rely on that
    fixed length because it's common practice by other BitTorrent
    clients.
  + Fixed potential Windows crash when getstdhandle() returns NULL.
  + Fixed 4.0.0 bug where the port numbers in LDP announces are
    sometimes malformed.
  + Fixed a bug that prevented editing the query part of a tracker
    URL.
  + Fixed a bug where Transmission may not announce LPD on its
    listening interface.
  + Made small performance improvements in libtransmission.
  + Qt Client:
  - Fixed torrent name rendering when showing magnet links in
    compact view.
  - Fixed bug that broke the "Move torrent file to trash"
    setting.
  - Fixed Qt 6.4 deprecation warning.
  - Fixed poor resolution of Qt application icon.
  + GTK Client: Fixed missing 'Remove torrent' tooltip.
  + Web Client:
  - Don't show null as a tier name in the inspector's tier list.
  - Fixed truncated play / pause icons.
  - Fixed overflow when rendering peer lists and made speed
    indicators honor prefers-color-scheme media queries.
  - Made the main menu accessible even on smaller displays.
  + transmission-cli:
  - Fixed "no such file or directory" warning when adding a
    magnet link.
  - Fixed bug that caused the wrong decimal separator to be used
    in some locales.
  + transmission-remote: Fixed display bug that failed to show some
    torrent labels.
  + Everything Else:
  - Ran all PNG files through lossless compressors to make them
    smaller.
  - Fixed potential build issue when compiling on macOS with gcc.

==== usbutils ====
Version update (015 -> 017)

- update to 017:
  * lsusb: fix up [unknown] vendor and product strings.
  * lsusb: fix build warning for
    dump_billboard_alt_mode_capability_desc()
  * lsusb: add fallback names for 'lsusb -v' output
  * names: simplify get_vendor_product_with_fallback() a
    bit
  * rezso (1):
  * Honor system libdir and includedir
  * usbutils 016
  * usbutils: lsusb-t: print entries for devices with no
    interfaces
  * Fix a typo in usb-spec.h
  * lsusb.py.in: Display (device) power/wakeup via -w
    option.
  * Fix an incorrect length value in hid descriptor.
  * Fix misalignments in hid device descripptor.
  * Use bigger buffer to place speed value string
  * lsusb -h returns an error
  * lsusb -h fixups
  * lsusb -t: sort in bus order, not reverse order
  * lsusb -t: print ports and busses and devices with same
    width
  * lsusb -t: assign_interface_to_parent() fixups
  * lsusb.8.in: fix up missing '-' in text
  * README.md: add source location
  * lsusb.py: fix up wakeup logic for devices that do not
    support it
  * lsusb.py.in: add another default path for usb.ids
  * names.c: if a string can not be found in the usb.ids
    file, return [unknown]
  * lsusb-t: if a driver is not bound to an interface,
    report "[none]"
  * Generate usbutils.pc pkgconfig file
  * usbreset: Allow idProduct and idVendor to be 0
  * usb-devices: make shellcheck happy
  * lsusb: Add function that sorts the output by device ID.
  * lsusb: Additional sorting by bus number.
  * lsusb: This is a more compact implementation of the
    device list sort implemented within this pull request. The
    output remains the same as the one demonstrated in the
    previous commit.

==== wireplumber ====
Version update (0.4.15 -> 0.4.16)
Subpackages: libwireplumber-0_4-0 wireplumber-audio wireplumber-lang

- Update to version 0.4.16:
  * Additions:
  - Added a new "sm-objects" script that allows loading objects
    on demand via metadata entries that describe the object to
    load; this can be used to load pipewire modules, such as
    filters or network sources/sinks, on demand
  - Added a mechanism to override device profile priorities in
    the configuration, mainly as a way to re-prioritize Bluetooth
    codecs, but this also can be used for other devices
  - Added a mechanism in the endpoints policy to allow connecting
    filters between a certain endpoint's virtual sink and the
    device sink; this is specifically intended to allow plugging
    a filter-chain to act as equalizer on the Multimedia endpoint
  - Added wp_core_get_own_bound_id() method in WpCore
  * Changes:
  - PipeWire 0.3.68 is now required
  - policy-dsp now has the ability to hide hardware nodes behind
    the DSP sink to prevent hardware misuse or damage
  - JSON parsing in Lua now allows keys inside objects to be
    without quotes
  - Added optional argument in the Lua JSON parse() method to
    limit recursions, making it possible to partially parse a
    JSON object
  - It is now possible to pass nil in Lua object constructors
    that expect an optional properties object; previously,
    omitting the argument was the only way to skip the properties
  - The endpoints policy now marks the endpoint nodes as
    "passive" instead of marking their links, adjusting for the
    behavior change in PipeWire 0.3.68
  - Removed the "passive" property from si-standard-link, since
    only nodes are marked as passive now
  * Fixes:
  - Fixed the wpctl clear-default command to completely clear all
    the default nodes state instead of only the last set default
  - Reduced the amount of globals that initially match the
    interest in the object manager
  - Used an idle callback instead of pw_core_sync() in the object
    manager to expose tmp globals
- Remove patches included upstream:
  * 0001-object-manager-reduce-the-amount-of-globals-that-initially.patch
  * 0002-object-manager-use-an-idle-callback-to-expose-tmp-globals.patch
  * 0001-policy-dsp-add-ability-to-hide-parent-nodes.patch
- Update split-config-file.py

==== xwayland ====

- This release contains the following patches mentioned in previous
  sle15 releases
  * U_Xext-fix-invalid-event-type-mask-in-XTestSwapFakeInp.patch:
    fixes regression introduced with security update for
    CVE-2022-46340 (bsc#1205874)
  * U_bsc1216135-Xi-randr-fix-handling-of-PropModeAppend-Prepend.patch:
    fix handling of PropModeAppend/Prepend ((CVE-2023-5367, ZDI-CAN-22153,
    bsc#1216135)
  * U_bsc1216261-0001-mi-fix-CloseScreen-initialization-order.patch,
    U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch:
    Server Damage Object Use-After-Free Local Privilege Escalation
    Vulnerability (CVE-2023-5574, ZDI-CAN-21213, bsc#1216261)
  * U_bsc1216261-0003-dix-always-initialize-pScreen-CloseScreen.patch:
    fixes a regresion, which can trigger a segfault in Xwayland on
    exit, introduced by
    U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch
    (CVE-2023-5574, ZDI-CAN-21213, bsc#1216261)