Packages changed:
  bluez (5.70 -> 5.71)
  ell (0.60 -> 0.61)
  mozilla-nss
  plasma-branding-Kalpa (20231218 -> 20231227)
  poppler (23.11.0 -> 23.12.0)
  poppler-qt5 (23.11.0 -> 23.12.0)
  postfix
  protobuf-c (1.4.1 -> 1.5.0)
  python-Babel (2.13.1 -> 2.14.0)
  python-alembic (1.13.0 -> 1.13.1)
  python-importlib-metadata (7.0.0 -> 7.0.1)
  python-jsonschema-specifications (2023.11.2 -> 2023.12.1)
  python-psutil (5.9.6 -> 5.9.7)
  qpdf (11.6.4 -> 11.7.0)
  timezone (2023c -> 2023d)
  tpm2.0-tools (5.5 -> 5.6)

=== Details ===

==== bluez ====
Version update (5.70 -> 5.71)
Subpackages: bluez-auto-enable-devices bluez-cups libbluetooth3

- update to 5.71:
  * Fix issue with not registering CSIS service.
  * Fix issue with registering pairing callbacks.
  * Fix issue with corruption during discovery filter parsing.
- drop CVE-2023-45866.patch,
  Fix-.device_probe-failing-if-SDP-record-is-not.patch: upstream
- update bluez-disable-broken-tests.diff: disable failing vcp test

==== ell ====
Version update (0.60 -> 0.61)

- Update to release 0.61
  * netconfig: Always set DHCP MAC address on start
  * netlink: Add workaround for missing NLM_F_ACK_TLVS
    and NLM_F_CAPPED

==== mozilla-nss ====
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs

- add nss-allow-slow-tests-s390x.patch: "certutil dump keys with
  explicit default trust flags" test needs longer than the allowed
  6 seconds on s390x

==== plasma-branding-Kalpa ====
Version update (20231218 -> 20231227)

- Added eval to kalpa-firstboot and kalpa-firstboot-aarch64
  (boo#1218367)
- Updated to 20231227
- Fixed typos in kalpa-firstboot and kalpa-firstboot-aarch64
  (boo#1218367)
  * Removed improper "" around $dbusRef
  * Corrected PATH for flathub remote
  * Removed installation of kwrite flatpak, GUI text editor is
    being provided via RPM in the pattern

==== poppler ====
Version update (23.11.0 -> 23.12.0)
Subpackages: libpoppler-cpp0 libpoppler-glib8 libpoppler133 poppler-tools

- version update to 23.12.0
    core:
  * Rewrite FoFiType1::parse to be more flexible
  * Small internal code refactoring

==== poppler-qt5 ====
Version update (23.11.0 -> 23.12.0)

- version update to 23.12.0
    core:
  * Rewrite FoFiType1::parse to be more flexible
  * Small internal code refactoring

==== postfix ====

- update default configuration to enable the long-term fix for
  bsc#1218304, CVE-2023-51764, SMTP smuggling attack:
  * smtpd_forbid_bare_newline = yes
  * smtpd_forbid_bare_newline_exclusions = $mynetworks

==== protobuf-c ====
Version update (1.4.1 -> 1.5.0)

- update to 1.5.0:
  * Use CMAKE_CURRENT_BINARY_DIR instead of CMAKE_BINARY_DIR
  * remove deprecated functionality
  * Avoid "unused variable" compiler warning
  * Update autotools
  * Support for new Google protobuf 22.x, 23.x releases
  * Remove protobuf 2.x support

==== python-Babel ====
Version update (2.13.1 -> 2.14.0)

- update to 2.14.0:
  * ``Locale.number_symbols`` will now have first-level keys for
    each numbering system.
  * Babel no longer directly depends on either ``distutils`` or
    ``setuptools``; if you had been using the Babel setuptools
    command extensions, you would need explicitly depend on
    ``setuptools``
  * CLDR/Numbers: Add support of local numbering systems for
    number symbols
  * CLDR: Upgrade to CLDR 43
  * Frontend: Allow last_translator to be passed as an option to
    extract_message
  * Frontend: Decouple `pybabel` CLI frontend from
    distutils/setuptools
  * Numbers: Improve parsing of malformed decimals

==== python-alembic ====
Version update (1.13.0 -> 1.13.1)

- update to 1.13.1:
  * Fixed :class:`.Rewriter` so that more than two instances
    could be chained together correctly, also allowing multiple
    ``process_revision_directives`` callables to be chained.
  * Fixed issue where the method
    :meth:`.EnvironmentContext.get_x_argument` using the
    :paramref:`.EnvironmentContext.get_x_argument.as_dictionary`
    parameter would fail if an argument key were passed on the
    command line as a name alone, that is, without an equal sign
    ``=`` or a value. Behavior is repaired where this condition is
    detected and will return a blank string for the given key,
    consistent with the behavior where the ``=`` sign is
    present and no value.
  * Fixed issue where the "unique" flag of an ``Index`` would not
    be maintained when generating downgrade migrations.
  * Fixed bug in versioning model where a downgrade across a
    revision with two down revisions with one down revision
    depending on the other, would produce an erroneous state in
    the alembic_version table, making upgrades impossible
    without manually repairing the table.
  * Updated pep-484 typing to pass mypy "strict" mode, however
    including per-module qualifications for specific typing
    elements not yet complete.
  * This allows us to catch specific typing issues that have been
    ongoing such as import symbols not properly exported.

==== python-importlib-metadata ====
Version update (7.0.0 -> 7.0.1)

- update to 7.0.1:
  * Corrected the interface for SimplePath to encompass the
    expectations of locate_file and PackagePath.
  * Fixed type annotations to allow strings.

==== python-jsonschema-specifications ====
Version update (2023.11.2 -> 2023.12.1)

- update to 2023.12.1:
  * Ignore dotfiles when collectimg schemas

==== python-psutil ====
Version update (5.9.6 -> 5.9.7)

- update to 5.9.7:
  * 2324_: enforce Ruff rule `raw-string-in-exception`, which
    helps providing clearer tracebacks when exceptions are
    raised by psutil.
  * 2325_, [PyPy]: psutil did not compile on PyPy due to missing
    `PyErr_SetExcFromWindowsErrWithFilenameObject` cPython API.
- drop logind_y2038.patch (upstream)

==== qpdf ====
Version update (11.6.4 -> 11.7.0)

- update to 11.7.0:
  * Add QPDFAcroFormDocumentHelper::disableDigitalSignatures,
    which disables any digital signature fields, leaving their
    visual representations intact.
    The --remove-restrictions command-line argument now calls this.
  * Generate a more complete qpdf "man page" from the same source
    as qpdf --help. Fixes #1064.
  * Allow the syntax "--encrypt --user-password=user-password
  - -owner-password=owner-password --bits={40,128,256}" when
    encrypting PDF files. This is an alternative to the syntax
    "--encrypt user-password owner-password {40,128,256}", which
    will continue to be supported. The new syntax works better with
    shell completion and allows creation of passwords that start
    with "-".
  * When setting a check box value, allow any value other than
    /Off to mean checked. This is permitted by the spec.
  * Fix to QPDF JSON: a floating point number that appears in
    scientific notation will be converted to fixed-point notation,
    rounded to six digits after the decimal point.
  * Fix to QPDF JSON: the syntax "n:/pdf-syntax" is now accepted
    as an alternative way to represent names. This can be used for
    any name (e.g. "n:/text#2fplain"), but it is necessary when the
    name contains binary characters.
  * Update code and tests so that qpdf's test suite no longer
    depends on the output of any specific zlib implementation.
    This makes it possible to get a fully passing test suite with any
    API-compatible zlib library. CI tests with the default zlib
    as well as zlib-ng (including verifying that zlib-ng is not the
    default), but any zlib implementation should work. Fixes
    [#774].
  * Bug fix: with --compress-streams=n, don't compress object,
    XRef, or linearization hint streams.
  * Add new C++ functions "qpdf_c_get_qpdf" and "qpdf_c_wrap" to
    qpdf-c.h that make it possible to write your own extern "C"
    functions in C++ that interoperate with the C API. See
    examples/extend-c-api for more information.

==== timezone ====
Version update (2023c -> 2023d)

- update to 2023d:
  * Ittoqqortoormiit, Greenland changes time zones on
    2024-03-31.
  * Vostok, Antarctica changed time zones on 2023-12-18.
  * Casey, Antarctica changed time zones five times since
    2020.
  * Code and data fixes for Palestine timestamps starting in
    2072.
  * A new data file zonenow.tab for timestamps starting now.
  * Fix predictions for DST transitions in Palestine in
    2072-2075, correcting a typo introduced in 2023a.
  * Vostok, Antarctica changed to +05 on 2023-12-18.  It had
    been at +07 (not +06) for years.
  * Change data for Casey, Antarctica to agree with
    timeanddate.com, by adding five time zone changes since 2020.
    Casey is now at +08 instead of +11.
  * Much of Greenland, represented by America/Nuuk, changed
    its standard time from -03 to -02 on 2023-03-25, not on
    2023-10-28.
  * localtime.c no longer mishandles TZif files that contain
    a single transition into a DST regime.  Previously,
    it incorrectly assumed DST was in effect before the transition
    too.
  * tzselect no longer creates temporary files.
  * tzselect no longer mishandles the following:
  * Spaces and most other special characters in BUGEMAIL,
    PACKAGE, TZDIR, and VERSION.
  * TZ strings when using mawk 1.4.3, which mishandles
    regular expressions of the form /X{2,}/.
  * ISO 6709 coordinates when using an awk that lacks the
    GNU extension of newlines in -v option-arguments.
  * Non UTF-8 locales when using an iconv command that
    lacks the GNU //TRANSLIT extension.
  * zic no longer mishandles data for Palestine after the
    year 2075.

==== tpm2.0-tools ====
Version update (5.5 -> 5.6)

- Update to version 5.6
  + tpm2_eventlog:
  * add H-CRTM event support
  * add support of efivar versions less than 38
  * Add support to check for efivar/efivar.h manually
  * Minor formatting fixes
  * tpm2_eventlog: add support for replay with different
    StartupLocality
  * Fix pcr extension for EV_NO_ACTION
  * Extend test of yaml string representation
  * Use helper for printing a string dump
  * Fix upper bound on unique data size
  * Fix YAML string formatting
  + tpm2_policy:
  * Add support for parsing forward seal TPM values
  * Use forward seal values in creating policies
  * Move dgst_size in evaluate_populate_pcr_digests()
  * Allow more than 8 PCRs for sealing
  * Move dgst_size in evaluate_populate_pcr_digests
  * Allow more than 8 PCRs for sealing
  * Make __wrap_Esys_PCR_Read() more dynamic to enable testing more
    PCRs
  + tpm2_encryptdecrypt: Fix pkcs7 padding stripping
  + tpm2_duplicate:
  * Support -a option for attributes
  * Add --key-algorithm option
  + tpm2_encodeobject: Use the correct -O option instead of -C
  + tpm2_unseal: Add qualifier static to enhance the privacy of unseal
    function
  + tpm2_sign:
  * Remove -m option which was added mistakenly
  * Revert sm2 sign and verifysignature
  + tpm2_createek:
  * Correct man page example
  * Fix usage of nonce
  * Fix integrating nonce
  + tpm2_clear: add more details about the action
  + tpm2_startauthsession: allow the file attribute for policy
    authorization.
  + tpm2_getekcertificate: Add AMD EK support
  + tpm2_ecdhzgen: Add public-key parameter
  + tpm2_nvreadpublic: Prevent free of unallocated pointers on failure
  + Bug-fixes:
  * The readthedocs build failed with module 'jinja2' has no
    attribute 'contextfilter' a requirement file was added to fix
    this problem
  * An error caused by the flags -flto -_FORTIFY_SOURCE=3 in kdfa
    implementation. This error can be avoided by switching off the
    optimization with pragma
  * Changed wrong function name of "Esys_Load" to "Esys_Load"
  * Function names beginning with Esys_ are wrongly written as Eys_
  * Reading and writing a serialized persistent ESYS_TR handles
  * cirrus-ci update image-family to freebsd-13-2 from 13-1
  + misc:
  * Change the default Python version to Python3 in the helper's
    code
  * Skip test which uses the sign operator for comparison in
    abrmd_policynv.sh
  * tools/tr_encode: Add a tool that can encode serialized ESYS_TR
    for persistent handles from the TPM2B_PUBLIC and the raw
    persistent TPM2_HANDLE
  * Add safe directory in config