Packages changed:
  curl (8.4.0 -> 8.5.0)
  gupnp
  gupnp-av
  kernel-firmware (20231128 -> 20231214)
  libheif
  libnbd
  libsoup2
  libstorage-ng (4.5.161 -> 4.5.162)
  libzypp (17.31.23 -> 17.31.25)
  luit (20221028 -> 20230201)
  perl-Bootloader (1.8 -> 1.9)
  procps
  procps4
  python-Babel (2.12.1 -> 2.13.1)
  python-alembic (1.12.1 -> 1.13.0)
  python-argon2-cffi (21.3.0 -> 23.1.0)
  python-ldap (3.4.3 -> 3.4.4)
  python-pycurl
  python-pysmbc (1.0.23 -> 1.0.25.1)
  python-setproctitle
  sdbootutil (1+git20231114.6bcf1d3 -> 1+git20231214.b186b2d)
  sqlite3 (3.44.1 -> 3.44.2)
  suse-module-tools (16.0.38 -> 16.0.39)
  yast2-network (5.0.0 -> 5.0.1)
  zypper (1.14.67 -> 1.14.68)

=== Details ===

==== curl ====
Version update (8.4.0 -> 8.5.0)
Subpackages: libcurl4

- Update to 8.5.0:
  * Security fixes:
  - [bsc#1217573, CVE-2023-46218] cookie mixed case PSL bypass
  - [bsc#1217574, CVE-2023-46219] HSTS long file name clears contents
  * Changes:
  - gnutls: support CURLSSLOPT_NATIVE_CA
  - HTTP3: ngtcp2 builds are no longer experimental
  * Bugfixes:
  - asyn-thread: use pipe instead of socketpair for IPC when available
  - cmake: fix OpenSSL quic detection in quiche builds
  - conncache: use the closure handle when disconnecting surplus connections
  - content_encoding: make Curl_all_content_encodings allocless
  - cookie: lowercase the domain names before PSL checks
  - Curl_http_body: cleanup properly when Curl_getformdata errors
  - CURLMOPT_MAX_CONCURRENT_STREAMS: make sure the set value is within range
  - doh: provide better return code for responses w/o addresses
  - doh: use PIPEWAIT when HTTP/2 is attempted
  - duphandle: also free 'outcurl->cookies' in error path
  - duphandle: make dupset() not return with pointers to old alloced data
  - duphandle: use strdup to clone *COPYPOSTFIELDS if size is not set
  - easy: in duphandle, init the cookies for the new handle
  - easy_lock: add a pthread_mutex_t fallback
  - fopen: create new file using old file's mode
  - fopen: create short(er) temporary file name
  - getenv: PlayStation doesn't have getenv()
  - hostip: show the list of IPs when resolving is done
  - hsts: skip single-dot hostname
  - HTTP/2, HTTP/3: handle detach of onoing transfers
  - http: allow longer HTTP/2 request method names
  - hyper: temporarily remove HTTP/2 support
  - IPFS: fix IPFS_PATH and file parsing
  - multi: during ratelimit multi_getsock should return no sockets
  - multi: use pipe instead of socketpair to *wakeup()
  - ngtcp2: fix races in stream handling
  - ntlm_wb: use pipe instead of socketpair when possible
  - openssl: avoid BN_num_bits() NULL pointer derefs
  - openssl: fix building with v3 `no-deprecated` + add CI test
  - openssl: fix infof() to avoid compiler warning for %s with null
  - openssl: identify the "quictls" backend correctly
  - openssl: include SIG and KEM algorithms in verbose
  - openssl: two multi pointer checks should probably rather be asserts
  - openssl: when a session-ID is reused, skip OCSP stapling
  - quic: make eyeballers connect retries stop at weird replies
  - quic: manage connection idle timeouts
  - setopt: check CURLOPT_TFTP_BLKSIZE range on set
  - socks: better buffer size checks for socks4a user and hostname
  - socks: make SOCKS5 use the CURLOPT_IPRESOLVE choice
  - tool: fix --capath when proxy support is disabled
  - tool_getparam: limit --rate to be smaller than number of ms
  - transfer: abort pause send when connection is marked for closing
  - transfer: avoid calling the read callback again after EOF
  - transfer: only reset the FTP wildcard engine in CLEAR state
  - url: don't touch the multi handle when closing internal handles
  - urlapi: avoid null deref if setting blank host to url encode
  - urlapi: skip appending NULL pointer query
  - urlapi: when URL encoding the fragment, pass in the right length
  - vtls: cleanup SSL config management
  - vtls: consistently use typedef names for OpenSSL structs
  - vtls: late clone of connection ssl config
  - vtls: use ALPN "http/1.1" for HTTP/1.x, including HTTP/1.0
  * Rebase curl-secure-getenv.patch
  * Add curl-tests-errorcodes.patch

==== gupnp ====

- Add 00514fb6.patch: Fix compatibility with libxml2 2.12.x.

==== gupnp-av ====
Subpackages: libgupnp-av-1_0-3

- Add 1e10a41f.patch: Fix compatibility with libxml2 2.12.x.

==== kernel-firmware ====
Version update (20231128 -> 20231214)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network

- Update to version 20231214 (git commit b80907ec3a81):
  * qcom: Add Audio firmware for SM8650 QRD
  * qcom: Add Audio firmware for SM8550 QRD
  * Add rdfind for deb/rpm build jobs
  * wfx: update to firmware 3.17
  * wfx: fix broken firmware
- Update to version 20231205 (git commit bfc33c1e308e):
  * linux-firmware: Update AMD cpu microcode
  * cxgb4: Update firmware to revision 1.27.5.0
  * linux-firmware: add firmware for en8811h 2.5G ethernet phy
  * s5p-mfc: Add MFC v12 Firmware
  * qcom: update qrb4210 firmware
  * qcom: update qcm2290 firmware
  * qcom: update qcm2290/qrb4210 WiFi firmware file
  * qcom: update Venus firmware file for v6.0

==== libheif ====
Subpackages: gdk-pixbuf-loader-libheif libheif-aom libheif-dav1d libheif-ffmpeg libheif-jpeg libheif-openjpeg libheif-rav1e libheif-svtenc libheif1

- remove usage of presets to allow any cmake
- remove plugin conditional, to provide plugins on Leap as well
- remove rav1e conditional, because it is always available

==== libnbd ====

- Use ocaml-rpm-macros to track OCaml ABI

==== libsoup2 ====
Subpackages: libsoup-2_4-1 libsoup2-lang

- Add ced3c5d8.patch: Fix build with libxml2-2.12.0 and clang-17.

==== libstorage-ng ====
Version update (4.5.161 -> 4.5.162)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1

- merge gh#openSUSE/libstorage-ng#969
- factor out common code
- 4.5.162

==== libzypp ====
Version update (17.31.23 -> 17.31.25)

- Fix build issue with zchunk build flags (fixes #500)
- version 17.31.25 (22)
- Open rpmdb just once during execution of %posttrans scripts
  (bsc#1216412)
- Avoid using select() since it does not support fd numbers >
  1024 (fixes #447)
- tools/DownloadFiles: use standard zypp progress bar (fixes #489)
- Revert "Color download progress bar" (fixes #475)
  Cyan is already used for the output of RPM scriptlets. Avoid this
  colorific collision between download progress bar and scriptlet
  output.
- Fix ProgressBar's calculation of the printed tag position (fixes #494)
- Switch zypp::Digest to Openssl 3.0 Provider API (fixes #144)
- Fix usage of deprecated CURL features (fixes #486)
- version 17.31.24 (22)

==== luit ====
Version update (20221028 -> 20230201)

- fixed upstream tarball URL
- Update to version 2.0.20230201
  * correct  conversion  to/from  codes  past  BMP  (patch by Ben Wong,
    Debian #1027414)
  * fix a few compiler-warnings in configure-checks

==== perl-Bootloader ====
Version update (1.8 -> 1.9)

- merge gh#openSUSE/perl-bootloader#159
- rewrite pbl in sh (bsc#1214361)
- adjust Makefile
- add tests
- Makefile cleanup
- 1.9

==== procps ====
Subpackages: libprocps8 procps-lang

- procps-3.3.17-ignore-sysctl_conf.patch: ignore dangling symlink
  to missing /etc/sysctl.conf file [bsc#1217990]

==== procps4 ====
Subpackages: libproc2-0 procps4-lang

- Add patch procps-ng-4.0.4-ignore-sysctl_conf.patch
  * ignore dangling symlink to missing /etc/sysctl.conf file
    [bsc#1217990] (Backport of the patch of Thorsten Kukuk)

==== python-Babel ====
Version update (2.12.1 -> 2.13.1)

- deleted patches
  - fix-tests.patch (upstreamed)
- update to 2.13.1:
  * Fix a typo in ``_locales_to_names``
  * Fix ``setuptools`` dependency for Python 3.12
  * This version, Babel 2.13, is the last version of Babel to
    support Python 3.7.
  * Add flag to ignore POT-Creation-Date for updates
  * Support 't' specifier in keywords
  * Add f-string parsing for Python 3.12 (PEP 701)
  * Various typing-related fixes
  * babel.messages.catalog: deduplicate _to_fuzzy_match_key logic
  * Freeze format_time() tests to a specific date to fix test
    failures
  * Spelling and grammar fixes
  * Renovate lint tools
  * Use SPDX license identifier
  * Use aware UTC datetimes internally

==== python-alembic ====
Version update (1.12.1 -> 1.13.0)

- update to 1.13.0:
  * Fixed issue where the ``alembic check`` command did not
    function correctly with upgrade structures that have multiple,
    top-level elements, as are generated from the "multi-env"
    environment template.
  * Updated logic introduced in :ticket:`151` to allow
    ``if_exists`` and ``if_not_exists`` on index operations also
    on SQLAlchemy  1.4 series. Previously this feature was
    mistakenly requiring the 2.0 series.
  * Replaced ``python-dateutil`` with the standard library module
    zoneinfo.
  * Alembic 1.13 now supports Python 3.8 and above.
  * Fixed autogenerate issue where ``create_table_comment()`` and
    ``drop_table_comment()`` rendering in a batch table modify
    would include the "table" and "schema" arguments, which are
    not accepted in batch as these are already part of the top
    level block.
  * Additional fixes to PostgreSQL expression index compare
    feature. The compare now correctly accommodates casts and
    differences in spacing.
  * Added detection logic for operation clauses inside the
    expression, skipping the compare of these expressions.
  * To accommodate these changes the logic for the comparison of
    the indexes and unique constraints was moved to the dialect
    implementation, allowing greater flexibility.

==== python-argon2-cffi ====
Version update (21.3.0 -> 23.1.0)

- update to 23.1.0:
  * The only new feature is the possibility to pass an own salt
    to `argon2.PasswordHasher.hash()`, however a lot has changed
    around documentation and packaging to make *argon2-cffi*
    maintainable in the future.
  * Python 3.6 is not supported anymore.
  * The `InvalidHash` exception is deprecated in favor of
    `InvalidHashError`. No plans for removal currently exist and
    the names can (but shouldn't) be used interchangeably.
  * `argon2.hash_password()`, `argon2.hash_password_raw()`, and
    `argon2.verify_password()` that have been soft-deprecated
    since 2016 are now hard-deprecated. They now raise
    `DeprecationWarning`s and will be removed in 2024.
  * Official support for Python 3.11 and 3.12. No code changes
    were necessary.
  * `argon2.exceptions.InvalidHashError` as a replacement for
    `InvalidHash`.
  * *salt* parameter to `argon2.PasswordHasher.hash()` to allow
    for custom salts. This is only useful for specialized use-
    cases -- leave it on None unless you know exactly what you
    are doing. \#153

==== python-ldap ====
Version update (3.4.3 -> 3.4.4)

- update to 3.4.4:
  * Reconnect race condition in ReconnectLDAPObject is now fixed
  * Socket ownership is now claimed once we've passed it to
    libldap LDAP_set_option string formats are now compatible
    with Python 3.12

==== python-pycurl ====

- Add patch pause-unpause-xfail.patch:
  * XFAIL a test due to gh#pycurl/pycurl#729 (bsc#1218062)

==== python-pysmbc ====
Version update (1.0.23 -> 1.0.25.1)

- update to 1.0.25.1:
  * Introduced use_kerberos keyword to allow Kerberos authentication
  * Added new test cases to verify setxattr() input and getxattr()
    output
  * smbc/context.c: Fix PY_MAJOR_VERSION define

==== python-setproctitle ====

- Skip testsuite under qemu emulation

==== sdbootutil ====
Version update (1+git20231114.6bcf1d3 -> 1+git20231214.b186b2d)
Subpackages: sdbootutil-rpm-scriptlets sdbootutil-snapper

- Update to version 1+git20231214.b186b2d:
  * Fix exit code
  * Revert "Add pcr predictions to initrd for now"
- Update to version 1+git20231213.2a07af6:
  * Add update-predictions command
  * Predict all the entries
- Update to version 1+git20231211.01c6a76:
  * Add ExclusiveArch for 64-bit EFI architectures
- Update to version 1+git20231129.d7f3909:
  * Add pcr predictions to initrd for now
  * Generate new TPM2 predictions with pcr-oracle
  * Update file triggers
  * Fix exit code of update command
  * Add a %transfiletriggerin to update EFI binaries
  * Update help text

==== sqlite3 ====
Version update (3.44.1 -> 3.44.2)
Subpackages: libsqlite3-0 libsqlite3-0-x86-64-v3 sqlite3-tcl

- Fix Version to advertise as 3.44.2, matching the tarball version.

==== suse-module-tools ====
Version update (16.0.38 -> 16.0.39)
Subpackages: suse-module-tools-scriptlets

- Update to version 16.0.39:
  * Add more modules to file system blacklist (jsc#PED-6167)
    Blacklisted filesystem modules that aren't officially supported
    by SUSE: f2fs, hfsplus, jfss2, kafs, ntfs3, orangefs, pstore, romfs, zonefs.
    As usual, the blacklist entries can be removed by running an
    explicit "modrobe $FS_MODULE" command.

==== yast2-network ====
Version update (5.0.0 -> 5.0.1)

- Read all the driver modules from hwinfo instead of just the first
  driver ones (bsc#1217652).
- 5.0.1

==== zypper ====
Version update (1.14.67 -> 1.14.68)
Subpackages: zypper-log zypper-needs-restarting

- Fix search/info commands ignoring --ignore-unknown (bsc#1217593)
  The switch makes search commands return 0 rather than 104 for
  empty search results.
- version 1.14.68