Packages changed:
  accountsservice
  kernel-firmware
  kernel-source (6.4.8 -> 6.4.9)
  libreoffice-share-linker
  patterns-microos
  pentaho-libxml (1.1.3 -> 1.1.6)
  procmail (3.22 -> 3.24)
  python-certifi (2023.5.7 -> 2023.7.22)
  qemu (8.0.3 -> 8.0.4)
  tracker-miners
  ucode-intel (20230613 -> 20230808)
  wtmpdb (0.7.1 -> 0.8.0)
  zxing-cpp

=== Details ===

==== accountsservice ====
Subpackages: accountsservice-lang libaccountsservice0 typelib-1_0-AccountsService-1_0

- Rebase as-fate318433-prevent-same-account-multi-logins.patch:
  (bsc#1213884).

==== kernel-firmware ====
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd

- Update AMD 19h ucode for "Inception" (bsc#1213287, CVE-2023-20569)
  amd-ucode-CVE-2023-20569.patch

==== kernel-source ====
Version update (6.4.8 -> 6.4.9)

- Linux 6.4.9 (bsc#1012628).
- Update config files.
  Set:
  * CONFIG_GDS_FORCE_MITIGATION=n
  * CONFIG_CPU_SRSO=y
  as per default.
- x86: fix backwards merge of GDS/SRSO bit (bsc#1012628).
- xen/netback: Fix buffer overrun triggered by unusual packet
  (bsc#1012628).
- x86/srso: Tie SBPB bit setting to microcode patch detection
  (bsc#1012628).
- x86/srso: Add a forgotten NOENDBR annotation (bsc#1012628).
- x86/srso: Fix return thunks in generated code (bsc#1012628).
- x86/srso: Add IBPB on VMEXIT (bsc#1012628).
- x86/srso: Add IBPB (bsc#1012628).
- x86/srso: Add SRSO_NO support (bsc#1012628).
- x86/srso: Add IBPB_BRTYPE support (bsc#1012628).
- x86/srso: Add a Speculative RAS Overflow mitigation (bsc#1012628
  bsc#1213287 CVE-2023-20569).
- x86/bugs: Increase the x86 bugs vector size to two u32s
  (bsc#1012628).
- Documentation/x86: Fix backwards on/off logic about YMM support
  (bsc#1012628).
- x86/xen: Fix secondary processors' FPU initialization
  (bsc#1012628).
- x86/mem_encrypt: Unbreak the AMD_MEM_ENCRYPT=n build
  (bsc#1012628).
- KVM: Add GDS_NO support to KVM (bsc#1012628).
- x86/speculation: Add Kconfig option for GDS (bsc#1012628).
- x86/speculation: Add force option to GDS mitigation
  (bsc#1012628).
- x86/speculation: Add Gather Data Sampling mitigation
  (bsc#1012628 bsc#1206418 CVE-2022-40982).
- x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
  (bsc#1012628).
- x86/fpu: Mark init functions __init (bsc#1012628).
- x86/fpu: Remove cpuinfo argument from init functions
  (bsc#1012628).
- x86/init: Initialize signal frame size late (bsc#1012628).
- init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
  (bsc#1012628).
- init: Invoke arch_cpu_finalize_init() earlier (bsc#1012628).
- init: Remove check_bugs() leftovers (bsc#1012628).
- um/cpu: Switch to arch_cpu_finalize_init() (bsc#1012628).
- sparc/cpu: Switch to arch_cpu_finalize_init() (bsc#1012628).
- sh/cpu: Switch to arch_cpu_finalize_init() (bsc#1012628).
- mips/cpu: Switch to arch_cpu_finalize_init() (bsc#1012628).
- m68k/cpu: Switch to arch_cpu_finalize_init() (bsc#1012628).
- loongarch/cpu: Switch to arch_cpu_finalize_init() (bsc#1012628).
- ia64/cpu: Switch to arch_cpu_finalize_init() (bsc#1012628).
- ARM: cpu: Switch to arch_cpu_finalize_init() (bsc#1012628).
- x86/cpu: Switch to arch_cpu_finalize_init() (bsc#1012628).
- init: Provide arch_cpu_finalize_init() (bsc#1012628).
- commit 5b9ad20
- tpm/tpm_tis: Disable interrupts for Lenovo Thinkpad E14 Gen
  2 and 13s-IML (bsc#1213779).
- commit c4adffc
- drm/amd/display: Fix a regression on Polaris cards
  (bsc#1212874).
- commit 9764e05
- rpm/config.sh: remove IBS repos completely
  The commit 21cafd1f (rpm/config.sh: switch to openSUSE.org repos for
  IBS) duplicated the OBS repos in openSUSE.org: space. But this is done
  automatically in MyBS.pm. So drop all of them instead of duplicating.
- commit 294d541
- rpm/config.sh: switch to openSUSE.org repos for IBS
  SUSE:Factory:HEAD is currently (and often) broken. Switch to
  openSUSE.org: repositories. They are up-to-date and provide the same
  archs plus armv6.
- commit 21cafd1

==== libreoffice-share-linker ====

- Do not format using f-strings, since it is python 3.6+ feature
  and SLE12-SP5 has python 3.4

==== patterns-microos ====
Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-base-microdnf patterns-microos-base-packagekit patterns-microos-base-zypper patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-desktop-common patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-ra_agent patterns-microos-ra_verifier patterns-microos-selinux patterns-microos-sssd_ldap

- Add ucode-{amd,intel} to the hardware pattern

==== pentaho-libxml ====
Version update (1.1.3 -> 1.1.6)

- Update to upstream version 1.1.6.
  * no structured changelog available starting from 2008
- Rebased and updated patches:
  * libxml-1.1.2-build.patch -> pentaho-libxml-1.1.6-build.patch
  * pentaho-libxml-1.1.3-sourcetarget.patch -> pentaho-libxml-1.1.6-sourcetarget.patch

==== procmail ====
Version update (3.22 -> 3.24)

- Update to procmail 3.24 (New Upstream)
  - Don't coredump in comsat code if interrupted early
  - Correctly handle COMSAT=on
  - Once used, the 'H' and 'r' flags would never be cleared
  - Fix possible buffer overflow in variable-capture actions
  - Fix up the parsing of variable-capture actions
  - LMTP code assumed sizeof(long)==sizeof(int)
  - SHELL is now always preset to /bin/sh.  USER_SHELL contains
    the shell from the user's passwd entry
  - When HOST is mismatched, reset it for the next rcfile
  - Always read in a new, global rcfile (/etc/procmail.conf)
    to allow runtime configuration of variables like DEFAULT.
    This rcfile cannot deliver or filter messages
  - Mismatched HOST in /etc/procmailrc didn't discard the message
  - backquote expansion in a condition disabled header
    concatenation for that condition
  - LMTP didn't correctly handle quoted localparts
  - Removed SIZE extension from LMTP (unsupportable semantics)
  - Don't coredump if unable to exec /bin/sh
  - Enable "+detail" processing in LMTP mode by passing the
    delimiter (e.g., "+") as an optional argument after -z
  - In LMTP mode, save the domain of the recipient in
    PROCMAIL_DOMAIN
  - Set PROCMAIL_MODE to one of "d", "m", "z", or "" to reflect
    the mode option it was invoked with, if any
  - Fixed all bugs collected by Debian and others
    during the past 21 years.  See the git commit history
    for detailed descriptions.
- Port patches
  * procmail-3.22-autoconf.dif
  * procmail-3.22-headerconcat.dif
  * procmail-3.22-ipv6.patch
  * procmail-3.22-mailstat.patch
  * procmail-3.22-owl-truncate.dif
  * procmail-3.22.dif
  * procmail-cflags.dif
- Remove former Debian and SUSE patches from procmail-3.22-patches.tar.bz2
  * 04
  * 06
  * 10
  * 11
  * 12
  * 13
  * 14
  * 15
  * 16
  * 17
  * 18
  * 19
  * 22
  * 23
  * 24
  * 25
  * 26
  * 27
  * 28
  * 29
  * 30
- Collect and port our patches from old procmail-3.22-patches.tar.bz2
  into new procmail-3.24-patches.tar.bz2
  * 01
  * 02
  * 03
  * 05
  * 07
  * 08
  * 09
  * 20
  * 21

==== python-certifi ====
Version update (2023.5.7 -> 2023.7.22)

- update to 2023.7.22:
  Added certs:
  [#] CN=Sectigo Public Server Authentication Root E46 O=Sectigo Limited
  [#] CN=Sectigo Public Server Authentication Root R46 O=Sectigo Limited
  [#] CN=SSL.com TLS RSA Root CA 2022 O=SSL Corporation
  [#] CN=SSL.com TLS ECC Root CA 2022 O=SSL Corporation
  [#] CN=Atos TrustedRoot Root CA ECC TLS 2021 O=Atos
  [#] CN=Atos TrustedRoot Root CA RSA TLS 2021 O=Atos
  Removed certs:
  [#] CN=Hongkong Post Root CA 1 O=Hongkong Post
  [#] CN=E-Tugra Certification Authority O=E-Tu\u011fra EBG Bili\u015fim
    Teknolojileri ve Hizmetleri A.\u015e. OU=E-Tugra Sertifikasyon Merkezi
  [#] CN=E-Tugra Global Root CA RSA v3 O=E-Tugra EBG A.S. OU=E-Tugra Trust Center
  [#] CN=E-Tugra Global Root CA ECC v3 O=E-Tugra EBG A.S. OU=E-Tugra Trust Center

==== qemu ====
Version update (8.0.3 -> 8.0.4)

- perl-Text-Markdown is not available in all distros and for all
  arch-es. Use discount instead
- Patches added:
  * [openSUSE][spec] Use discount instead of perl-Text-Markdown
- Update to version 8.0.4:
  * Official changelog not released on the mailing list yet
  * Security issues fixed:
  - bsc#1212850 (CVE-2023-3354)
  - bsc#1213001 (CVE-2023-3255)
  - bsc#1213925 (CVE-2023-3180)
  - bsc#1207205 (CVE-2023-0330)

==== tracker-miners ====
Subpackages: tracker-miner-files tracker-miners-lang

-Rebase patch: tracker-miners-drop-syscalls-in-seccomp.patch.

==== ucode-intel ====
Version update (20230613 -> 20230808)

- Updated to Intel CPU Microcode 20230808 release. (bsc#1214099)
  Security issues fixed:
  - CVE-2022-40982: Security updates for [INTEL-SA-00828](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html) (bsc#1206418)
  - CVE-2023-23908: Security updates for [INTEL-SA-00836](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html)
  - CVE-2022-41804: Security updates for [INTEL-SA-00837](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00837.html)
  Functional issues fixed:
  - Update for functional issues. Refer to [13th Generation Intel® Core™ Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/740518) for details.
  - Update for functional issues. Refer to [12th Generation Intel® Core™ Processor Family](https://cdrdv2.intel.com/v1/dl/getContent/682436) for details.
  - Update for functional issues. Refer to [11th Gen Intel® Core™ Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/631123) for details.
  - Update for functional issues. Refer to [10th Gen Intel® Core™ Processor Families Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/341079) for details.
  - Update for functional issues. Refer to [8th and 9th Generation Intel® Core™ Processor Family Spec Update](https://cdrdv2.intel.com/v1/dl/getContent/337346) for details.
  - Update for functional issues. Refer to [8th Generation Intel® Core™ Processor Families Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338025) for details.
  - Update for functional issues. Refer to [7th and 8th Generation Intel® Core™ Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/334663) for details.
  - Update for functional issues. Refer to [Intel® Processors and Intel® Core™ i3 N-Series](https://cdrdv2.intel.com/v1/dl/getContent/764616) for details.
  - Update for functional issues. Refer to [4th Gen Intel® Xeon® Scalable Processors Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/772415) for details.
  - Update for functional issues. Refer to [3rd Generation Intel® Xeon® Scalable Processors Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/634897) for details.
  - Update for functional issues. Refer to [2nd Generation Intel® Xeon® Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.
  - Update for functional issues. Refer to [Intel® Xeon® Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.
  - Update for functional issues. Refer to [3rd Generation Intel® Xeon® Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780) for details.
  - Update for functional issues. Refer to [Intel® Xeon® E-2300 Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/709192) for details.
  - Update for functional issues. Refer to [Intel® Xeon® D-2700 Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/714071) for details.
  - Update for functional issues. Refer to [Intel® Xeon® D-2100 Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338854) for details.
  New Platforms:
  | Processor      | Stepping | F-M-S/PI    | Old Ver  | New Ver  | Products
  |:---------------|:---------|:------------|:---------|:---------|:---------
  | ADL-N          | A0       | 06-be-00/11 |          | 00000011 | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E
  | RPL-H/P/PX 6+8 | J0       | 06-ba-02/e0 |          | 00004119 | Core Gen13
  Updated Platforms:
  | Processor      | Stepping | F-M-S/PI    | Old Ver  | New Ver  | Products
  |:---------------|:---------|:------------|:---------|:---------|:---------
  | CML-U62 V2     | K1       | 06-a6-01/80 | 000000f6 | 000000f8 | Core Gen10 Mobile
  | SKX-D          | H0       | 06-55-04/b7 | 02006f05 | 02007006 | Xeon D-21xx
  | SKX-SP         | H0/M0/U0 | 06-55-04/b7 | 02006e05 | 02007006 | Xeon Scalable
  | KBL-G/H/S/X/E3 | B0       | 06-9e-09/2a | 000000f2 | 000000f4 | Core Gen7; Xeon E3 v6
  | ADL            | L0       | 06-9a-03/80 | 0000042a | 0000042c | Core Gen12
  | ADL            | L0       | 06-9a-04/80 | 0000042a | 0000042c | Core Gen12
  | ICX-SP         | Dx/M1    | 06-6a-06/87 | 0d000390 | 0d0003a5 | Xeon Scalable Gen3
  | CML-S102       | Q0       | 06-a5-05/22 | 000000f6 | 000000f8 | Core Gen10
  | CFL-U43e       | D0       | 06-8e-0a/c0 | 000000f2 | 000000f4 | Core Gen8 Mobile
  | KBL-R U        | Y0       | 06-8e-0a/c0 | 000000f2 | 000000f4 | Core Gen8 Mobile
  | CFL-H          | R0       | 06-9e-0d/22 | 000000f8 | 000000fa | Core Gen9 Mobile
  | RKL-S          | B0       | 06-a7-01/02 | 00000058 | 00000059 | Core Gen11
  | ICL-U/Y        | D1       | 06-7e-05/80 | 000000ba | 000000bc | Core Gen10 Mobile
  | TGL-H          | R0       | 06-8d-01/c2 | 00000044 | 00000046 | Core Gen11 Mobile
  | SPR-SP         | E5/S3    | 06-8f-08/87 | 2b000461 | 2b0004b1 | Xeon Scalable Gen4
  | SPR-SP         | E4/S2    | 06-8f-07/87 | 2b000461 | 2b0004b1 | Xeon Scalable Gen4
  | SPR-SP         | E3       | 06-8f-06/87 | 2b000461 | 2b0004b1 | Xeon Scalable Gen4
  | SPR-SP         | E2       | 06-8f-05/87 | 2b000461 | 2b0004b1 | Xeon Scalable Gen4
  | SPR-SP         | E0       | 06-8f-04/87 | 2b000461 | 2b0004b1 | Xeon Scalable Gen4
  | CML-S62        | G1       | 06-a5-03/22 | 000000f6 | 000000f8 | Core Gen10
  | AML-Y22        | H0       | 06-8e-09/10 | 000000f0 | 000000f4 | Core Gen8 Mobile
  | RPL-S          | B0       | 06-b7-01/32 | 00000113 | 00000119 | Core Gen13
  | CML-U62 V1     | A0       | 06-a6-00/80 | 000000f6 | 000000f8 | Core Gen10 Mobile
  | ADL-N          | A0       | 06-be-00/11 |          | 00000011 | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E
  | CPX-SP         | A1       | 06-55-0b/bf | 07002601 | 07002703 | Xeon Scalable Gen3
  | CLX-SP         | B0       | 06-55-06/bf | 04003501 | 04003604 | Xeon Scalable Gen2
  | CFL-H/S/E3     | U0       | 06-9e-0a/22 | 000000f2 | 000000f4 | Core Gen8 Desktop, Mobile, Xeon E
  | SPR-HBM        | Bx       | 06-8f-08/10 | 2c0001d1 | 2c000271 | Xeon Max
  | WHL-U          | W0       | 06-8e-0b/d0 | 000000f2 | 000000f4 | Core Gen8 Mobile
  | CLX-SP         | B1       | 06-55-07/bf | 05003501 | 05003604 | Xeon Scalable Gen2
  | CFL-S          | B0       | 06-9e-0b/02 | 000000f2 | 000000f4 | Core Gen8
  | TGL-R          | C0       | 06-8c-02/c2 | 0000002a | 0000002c | Core Gen11 Mobile
  | KBL-U/Y        | H0       | 06-8e-09/c0 | 000000f2 | 000000f4 | Core Gen7 Mobile
  | KBL-U23e       | J1       | 06-8e-09/c0 | 000000f2 | 000000f4 | Core Gen7 Mobile
  | AML-Y42        | V0       | 06-8e-0c/94 | 000000f6 | 000000f8 | Core Gen10 Mobile
  | CML-U42        | V0       | 06-8e-0c/94 | 000000f6 | 000000f8 | Core Gen10 Mobile
  | CML-Y42        | V0       | 06-8e-0c/94 | 000000f6 | 000000f8 | Core Gen10 Mobile
  | WHL-U          | V0       | 06-8e-0c/94 | 000000f6 | 000000f8 | Core Gen8 Mobile
  | SKX-SP         | B1       | 06-55-03/97 | 01000171 | 01000181 | Xeon Scalable
  | CFL-H/S        | P0       | 06-9e-0c/22 | 000000f2 | 000000f4 | Core Gen9
  | CFL-S          | P0       | 06-9e-0c/22 | 000000f2 | 000000f4 | Core Gen9 Desktop
  | TGL            | B0/B1    | 06-8c-01/80 | 000000aa | 000000ac | Core Gen11 Mobile
  | ADL            | C0       | 06-97-02/07 | 0000002c | 0000002e | Core Gen12
  | ADL            | C0       | 06-97-05/07 | 0000002c | 0000002e | Core Gen12
  | ADL            | C0       | 06-bf-02/07 | 0000002c | 0000002e | Core Gen12
  | ADL            | C0       | 06-bf-05/07 | 0000002c | 0000002e | Core Gen12
  | CML-H          | R1       | 06-a5-02/20 | 000000f6 | 000000f8 | Core Gen10 Mobile
  | RPL-H/P/PX 6+8 | J0       | 06-ba-02/e0 |          | 00004119 | Core Gen13
  | RPL-U 2+8      | Q0       | 06-ba-03/e0 |          | 00004119 | Core Gen13

==== wtmpdb ====
Version update (0.7.1 -> 0.8.0)
Subpackages: libwtmpdb0

- Update to version 0.8.0
  - wtmpdb boottime: print boot time

==== zxing-cpp ====

- Restore support for building on SLE12
- Build with gcc7-c++ or gcc-c++ >= 7 because of C++17 requirements
- Added patch:
  * cmake.patch
    + allow building with cmake 3.5 on SLE12SP5