Packages changed:
  SVT-AV1 (1.6.0 -> 1.7.0)
  dnf (4.14.0 -> 4.18.0)
  fwupd (1.8.17 -> 1.9.7)
  gdm
  git (2.42.0 -> 2.42.1)
  installation-images-MicroOS (17.100 -> 17.103)
  json-c (0.16 -> 0.17)
  keylime (7.6.0 -> 7.7.0)
  libdnf (0.70.2 -> 0.72.0)
  libmodulemd (2.14.0 -> 2.15.0)
  librepo (1.15.1 -> 1.17.0)
  openldap2 (2.6.4 -> 2.6.6)
  openldap2-contrib-src (2.6.4 -> 2.6.6)
  p11-kit (0.25.1 -> 0.25.2)
  polkit-default-privs (1550+20231006.28f05f1 -> 1550+20231103.3b4a82f)
  redis (7.2.2 -> 7.2.3)
  rust-keylime (0.2.2+git.1689256829.3d2b627 -> 0.2.2+git.1697658634.9c7c6fa)
  webkit2gtk3
  webkit2gtk4

=== Details ===

==== SVT-AV1 ====
Version update (1.6.0 -> 1.7.0)

- Update to release 1.7.0
  * Encoder:
  * Improve the tradeoffs for the random access mode across
    presets MR-M13
  * Quality improvements across all presets and metrics ranging
    from 0.3% to 4.5% in BD-rate
  * Added an experimental tune SSIM mode yielding ~3-4%
    additional SSIM BD-rate gains

==== dnf ====
Version update (4.14.0 -> 4.18.0)

- Update to 4.18.0
  + Add reboot option to DNF Automatic (rh#2124793)
  + Add support for rollback of group upgrade rollback (rh#2016070)
  + Omit src RPMs from check-update (rh#2151910)
  + repoquery: Properly sanitize queryformat strings (rh#2140884)
  + Don't double-encode RPM URLs passed on CLI (rh#2103015)
  + Allow passing CLI options when loading remote cfg (rh#2060127)
  + Ignore processing variable files with unsupported encoding (rh#2141215)
  + Fix AttributeError when IO busy and press ctrl+c (rh#2172433)
  + cli: Allow = in setopt values
  + Mark strftime format specifiers for translation
  + Unload plugins upon their deletion
  + Fixes in docs and help command
  + Fix plugins unit tests
  + Add unit tests for dnf mark
  + smtplib: catch OSError, not SMTPException
  + automatic: Fix online detection with proxy (rh#2022440)
  + automatic: Return an error when transaction fails (rh#2170093)
  + repoquery: Allow uppercased query tags (rh#2185239)
  + Update repo metadata cache pattern to include zstd
  + Add provide exception handling
  + When parsing over a KVP list, do not return till the whole list is parsed
  + Provide /usr/bin/dnf4 symlink to /usr/bin/dnf-3
  + Document the symbols in the output of `dnf history list` (rh#2172067)
  + crypto: Use libdnf crypto API instead of using GnuPG/GpgME
  + Block signals during RPM transaction processing (rh#2133398)
  + Fix bash completion due to sqlite changes (rh#2232052)
  + automatic: allow use of STARTTLS/TLS
  + automatic: use email_port specified in config
  + base: Add obsoleters of only latest versions (rh#2183279, rh#2176263)
  + comps: Fix marking a group package as installed (rh#2066638)
  + distro-sync: Print better info message when no match (rh#2011850)
  + Include dist-info for python3-dnf (rh#2239323)
  + Revert "Block signals during RPM transaction processing" (rh#2133398)
  + Do not print details of verifying (rh#1908253)
  + conf: Split $releasever to $releasever_major and $releasever_minor (rh#1789346)
  + Update translations

==== fwupd ====
Version update (1.8.17 -> 1.9.7)
Subpackages: fwupd-bash-completion fwupd-lang libfwupd2 typelib-1_0-Fwupd-2_0

- Disable passim support for now. For openSUSE users this is likely
  less intereting that it would be for enterprise customers.
- Update to versrion 1.9.7:
  + This release adds the following features:
  - Add support for child device requirements in metadata.
  - Allow to have more than one host BKC.
  - Delete BootNext as a post-reboot action to work around broken
    firmware.
  - Parse cabinet archives internally without libgcab.
  - Use close-ended mode for eMMC FFU to speed up firmware
    updates.
  + This release adds support for the following hardware:
  - Logitech Rally System devices.
  - More PixartRF HPAC devices.
  - More Synaptics Prometheus fingerprint readers.
  - Some Western Digital eMMC devices.
  - VIA VL830 and VL832.
- Update to version 1.9.6:
  + This release adds the following features:
  - Add a launchd agent for macOS.
  - Add a new security attribute for BIOS capsule updates to be
    enabled.
  - Add functionality to fix specific host security attributes.
  - Add global information from the context into the report data.
  - Add support for coSWID payload sections.
  - Add support for parsing the EDID.
  - Allow adding only-quirk instance IDs from quirk files.
  - Install a sysusers.d systemd file when using
  - Dsystemd_unit_user.
  + For The changes of 1.9.0…1.9.5, please consult
    https://github.com/fwupd/fwupd/releases
- Add pkgconfig(passim) BuildRequires: new dependency.
- Pass -Dplugin_amdgpu=disabled to meson: not buildable just yet.
- Pass -Dlaunchd=disabled to meson: launched is MacOS only.
- Drop -Dplugin_dell=enabled meson parameter: no longer supported.
- Drop fwupd-bsc1130056-change-shim-path.patch: no longer
  applicable.

==== gdm ====
Subpackages: gdm-lang gdm-schema gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0

- Rebase patches for SLE-15-SP6 (bsc#216595):
  + Rebase gdm-add-runtime-option-to-disable-starting-X-server-as-u.patch
  + Rebase gdm-disable-gnome-initial-setup.patch
  + Rebase gdm-restart-session-when-X-server-restart.patch

==== git ====
Version update (2.42.0 -> 2.42.1)

- git 2.24.1:
  * The usual number of bug fixes, including
  * Fix "git diff" exit code handling
  * Various fixes to the behavior of "rebase -i" when the command
    got interrupted by conflicting changes

==== installation-images-MicroOS ====
Version update (17.100 -> 17.103)

- merge gh#openSUSE/installation-images#673
- fix another symlink warning
- 17.103
- merge gh#openSUSE/installation-images#672
- fix dangling symlink detection
- update symlink config
- add missing tpm packages to spec file
- fix typo in early_setup script
- 17.102

==== json-c ====
Version update (0.16 -> 0.17)

- Update to 0.17:
  + New features:
  * json_patch: add first implementation only with patch application
  * Add --disable-static and --disable-dynamic options to the cmake-configure script.
  * Add -DBUILD_APPS=NO option to disable app build
  * Minimum cmake version is now 3.9
  + Significant changes and bug fixes:
  * When serializing with JSON_C_TO_STRING_PRETTY set, keep the opening and
    closing curly or square braces on same line for empty objects or arrays.
  * Disable locale handling when targeting a uClibc system due to problems
    with its duplocale() function.
  * When parsing with JSON_TOKENER_STRICT set, integer overflow/underflow
    now result in a json_tokener_error_parse_number. Without that flag
    values are capped at INT64_MIN/UINT64_MAX.
  * Fix memory leak with emtpy strings in json_object_set_string
  * json_object_from_fd_ex: fail if file is too large (>=INT_MAX bytes)
  * Add back json_number_chars, but only because it's part of the public API.
  * Entirely drop mode bits from open(O_RDONLY) to avoid warnings on certain
    platforms.
  * Specify dependent libraries, including -lbsd, in a more consistent way so
    linking against a static json-c works better
  * Fix a variety of build problems and add & improve tests
  * Update RFC reference to https://www.rfc-editor.org/rfc/rfc8259
- Remove deprecated suse_version checks

==== keylime ====
Version update (7.6.0 -> 7.7.0)
Subpackages: keylime-config keylime-firewalld keylime-logrotate keylime-registrar keylime-tenant keylime-tpm_cert_store keylime-verifier python311-keylime

- Update to version v7.7.0:
  * Monthly release (7.7.0)
  * tpm_cert_store: add the Nationz TPM EK x509 cert
  * codestyle: Have mypy ignore import of PoolManager
  * codestyle: Suppress pyright errors on methods that do exist
  * codestyle: Annotate some string constances (pyright)
  * types: Fix a deprecation warning from recent cryptography
  * create_policy: Set the generator value to LegacyAllowList
  * verifier: Compare generator against enum rather than magic '1'
  * Fix pylint C0103 (naming) errors in some files
  * crypto: Fix a pyright issue
  * test: Fix a pyright issue

==== libdnf ====
Version update (0.70.2 -> 0.72.0)
Subpackages: libdnf-repo-config-zypp libdnf2

- Update to 0.72.0
  + PGP: Use new librepo PGP API, remove gpgme dependency
  + API: Basic support for OpenPGP public keys
  + Avoid using GNU extensions in the dependency splitter regex
  + filterAdvisory: match installed_solvables sort with lower_bound (rh#2212838)
  + Make code C++20 compatible
  + Avoid reinstalling installonly packages marked for ERASE (rh#2163474)
  + transaction: Save the reason for installing (rh#1733274)
  + hawkey.subject: get_best_selectors only obsoleters of latest (rh#2183279, rh#2176263)
  + conf: Add limited shell-style variable expansion (rh#1789346)
  + conf: Add support for $releasever_major, $releasever_minor (rh#1789346)
  + repo: Don't download the repository if the local cache is up to date
  + Allow DNF to be removed by DNF 5 (rh#2221907)
  + Include dist-info for python3-libdnf
  + bindings: Load all modules with RTLD_GLOBAL
  + Update translations
- Fix RHBZ references
- Refresh patch to link with static libsolvext
  + Remove patch: libdnf-0.48.0-with-static-libsolvext.patch
  + Add patch: libdnf-0.72.0-with-static-libsolvext.patch

==== libmodulemd ====
Version update (2.14.0 -> 2.15.0)

- Update to 2.15.0
  + Add support for decompressing Zstandard-compressed YAML files
  + Remove a dependency on "file" library (libmagic)
  + Add a XML specification for in-YUM-repository metadata
  + Deprecate intents in modulemd-defaults specification
  + Fix a crash when converting a modulemd-packager object with a default
  profile and without a module name or stream to a module index
  + Fix parsing empty profiles
  + A specification for modulemd-v2 format was corrected to require a "content"
  license subtree only if the module build contains artifacts.
  + Double-quote strings in scalar YAML values when they look like a number
  + Warnings from g_str_equal() macro of glib2 about passing an unsigned
  char * to strcmp() were fixed

==== librepo ====
Version update (1.15.1 -> 1.17.0)

- Update to 1.17.0
  * lr_gpg_check_signature: Forward PGP error messages from RPM
  * PGP: fix: Support importing binary public keys in librpm backend
  * PGP: Enable creating a UID directory for GnuGP agent socket
    in /run/gnupg/user
  * PGP: Set a default creation SELinux labels on GnuPG directories
  * Update PGP test vectors
  * Implement OpenPGP using librpm API
  * Fixes and optimizations in header files
  * Fix lr_gpg_list_keys function when keys are empty
  * Fix CMake warnings
  * Bump glib version

==== openldap2 ====
Version update (2.6.4 -> 2.6.6)
Subpackages: libldap-data libldap2 openldap2-client

- Update to release 2.6.6
  * Fixed libldap handling of TCP KEEPALIVE options
  * Fixed slapd callback handling with overlays that do extended
    operations

==== openldap2-contrib-src ====
Version update (2.6.4 -> 2.6.6)

- Update to release 2.6.6
  * Fixed libldap handling of TCP KEEPALIVE options
  * Fixed slapd callback handling with overlays that do extended
    operations

==== p11-kit ====
Version update (0.25.1 -> 0.25.2)
Subpackages: libp11-kit0 p11-kit-tools

- Update to 0.25.2:
  * fix error code checking of readpassphrase for --login option [#595]
  * build fixes [#594]
  * test fixes [#596]

==== polkit-default-privs ====
Version update (1550+20231006.28f05f1 -> 1550+20231103.3b4a82f)

- Update to version 1550+20231103.3b4a82f:
  * profiles: fwupd: add host-security-attr actions (bsc#1216832)
  * profiles: remove outdates sysprof2 actions
  * profiles: drop obsolete udisks2 bcache and zram actions

==== redis ====
Version update (7.2.2 -> 7.2.3)

- redis 7.2.3:
  - Fix file descriptor leak preventing deleted files from freeing
    disk space on replicas (#12693)
  - Fix a possible crash after cluster node removal (#12702)

==== rust-keylime ====
Version update (0.2.2+git.1689256829.3d2b627 -> 0.2.2+git.1697658634.9c7c6fa)
Subpackages: keylime-ima-policy

- Update to version 0.2.2+git.1697658634.9c7c6fa:
  * build(deps): bump rustix from 0.37.11 to 0.37.25
  * build(deps): bump tempfile from 3.6.0 to 3.8.0
  * build(deps): bump base64 from 0.21.0 to 0.21.4
  * build(deps): bump serde_json from 1.0.96 to 1.0.107
  * build(deps): bump openssl from 0.10.55 to 0.10.57
  * cargo: Bump serde to version 1.0.188
  * tests: Fix tarpaulin issues with dropped -v option
  * build(deps): bump signal-hook from 0.3.15 to 0.3.17
  * build(deps): bump actix-web from 4.3.1 to 4.4.0
  * build(deps): bump thiserror from 1.0.40 to 1.0.48
  * Remove private_in_public
  * Initial PR to add support for IDevID and IAK
  * build(deps): bump uuid from 1.3.1 to 1.4.1
  * build(deps): bump log from 0.4.17 to 0.4.20
  * build(deps): bump reqwest from 0.11.16 to 0.11.20
  * Do not use too specific version on cargo audit workflow
  * Add workflow to run cargo-audit security audit
  * README: update dependencies for Debian and Ubuntu
  * Use latest versions of checkout/upload-artifacts
  * docker: Add 'keylime' system user
  * Use "currently" for swtpm emulator warning (#632)
  * Update container workflow actions versions
  * Build container image and push to quay.io
  * README: update requirements

==== webkit2gtk3 ====
Subpackages: WebKitGTK-4.1-lang libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles

- Add webkit2gtk3-disable-dmabuf-nvidia.patch: disable DMABuf
  renderer for NVIDIA proprietary drivers (boo#1216778).

==== webkit2gtk4 ====
Subpackages: WebKitGTK-6.0-lang libjavascriptcoregtk6_0-1 libwebkitgtk6_0-4 webkitgtk-6_0-injected-bundles

- Add webkit2gtk3-disable-dmabuf-nvidia.patch: disable DMABuf
  renderer for NVIDIA proprietary drivers (boo#1216778).