Packages changed:
  apr-util
  bubblewrap (0.10.0 -> 0.11.0)
  ipmitool
  java-21-openjdk (21.0.4.0 -> 21.0.5.0)
  libgit2 (1.8.3 -> 1.8.4)
  libnftnl (1.2.7 -> 1.2.8)
  libnvme (1.10+0.gdd51fa8 -> 1.11)
  librsvg
  libzip (1.10.1 -> 1.11.1)
  mc
  nvme-cli (2.10 -> 2.11)
  openSUSE-release (20241031 -> 20241102)
  patterns-base
  patterns-gnome
  python-M2Crypto (0.42.0 -> 0.43.0)
  python-mysqlclient (2.2.4 -> 2.2.5)
  python-pycups
  python-service_identity (24.1.0 -> 24.2.0)
  python-zope.interface (7.1.0 -> 7.1.1)
  rasqal
  redland
  samba (4.21.1+git.367.e1da597d86e -> 4.21.1+git.372.cb50f2d0a68)
  selinux-policy (20241021 -> 20241031)
  xfce4-branding-openSUSE (4.18.0+git4.79f6d44 -> 4.18.0+git5.88e05bf)

=== Details ===

==== apr-util ====

- Fix dependency on libapr: in 2021, libapr1 was renamed to
  libapr1-0, conforming to the shared library packaging policy.
  requires_eq silently dropped the dependency, as the packahe name,
  libapr1, does not exist.

==== bubblewrap ====
Version update (0.10.0 -> 0.11.0)
Subpackages: bubblewrap-zsh-completion

- update to 0.11.0:
  * New --overlay, --tmp-overlay, --ro-overlay and --overlay-src
    options allow creation of overlay mounts. This feature is not
    available when bubblewrap is installed setuid.
  * New --level-prefix option produces output that can be parsed
    by tools like logger --prio-prefix and
    systemd-cat --level-prefix=1
  * bug fixes and developer visible changes
- add upstream signing key and validate source signature

==== ipmitool ====

- Drop rcFOO symlinks (PED-266).
- To create rcipmievd, the service binary is required at
  build time. This binary is provided by aaa_base. Make sure this
  package is available during build.

==== java-21-openjdk ====
Version update (21.0.4.0 -> 21.0.5.0)
Subpackages: java-21-openjdk-headless

- Update to upstream tag jdk-21.0.5+13 (October 2024 CPU)
  * Security fixes
    + JDK-8307383: Enhance DTLS connections
    + JDK-8311208: Improve CDS Support
    + JDK-8328286, CVE-2024-21208, bsc#1231702: Enhance HTTP client
    + JDK-8328544, CVE-2024-21210, bsc#1231711: Improve handling of
    vectorization
    + JDK-8328726: Better Kerberos support
    + JDK-8331446, CVE-2024-21217, bsc#1231716: Improve
    deserialization support
    + JDK-8332644, CVE-2024-21235, bsc#1231719: Improve graph
    optimizations
    + JDK-8335713: Enhance vectorization analysis
  * Other changes
    + JDK-6355567: AdobeMarkerSegment causes failure to read valid
    JPEG
    + JDK-6967482: TAB-key does not work in JTables after selecting
    details-view in JFileChooser
    + JDK-7022325: TEST_BUG: test/java/util/zip/ZipFile/
    /ReadLongZipFileName.java leaks files if it fails
    + JDK-8051959: Add thread and timestamp options to
    java.security.debug system property
    + JDK-8073061: (fs) Files.copy(foo, bar, REPLACE_EXISTING)
    deletes bar even if foo is not readable
    + JDK-8166352: FilePane.createDetailsView() removes JTable TAB,
    SHIFT-TAB functionality
    + JDK-8170817: G1: Returning MinTLABSize from
    unsafe_max_tlab_alloc causes TLAB flapping
    + JDK-8211847: [aix] java/lang/ProcessHandle/InfoTest.java
    fails: "reported cputime less than expected"
    + JDK-8211854: [aix] java/net/ServerSocket/
    /AcceptInheritHandle.java fails: read times out
    + JDK-8222884: ConcurrentClassDescLookup.java times out
    intermittently
    + JDK-8238169: BasicDirectoryModel getDirectories and
    DoChangeContents.run can deadlock
    + JDK-8241550: [macOS] SSLSocketImpl/ReuseAddr.java failed due
    to "BindException: Address already in use"
    + JDK-8242564: javadoc crashes:: class cast exception
    com.sun.tools.javac.code.Symtab$6
    + JDK-8260633: [macos] java/awt/dnd/MouseEventAfterStartDragTest/
    /MouseEventAfterStartDragTest.html test failed
    + JDK-8261433: Better pkcs11 performance for
    libpkcs11:C_EncryptInit/libpkcs11:C_DecryptInit
    + JDK-8269428: java/util/concurrent/ConcurrentHashMap/
    /ToArray.java timed out
    + JDK-8269657: Test java/nio/channels/DatagramChannel/
    /Loopback.java failed: Unexpected message
    + JDK-8280120: [IR Framework] Add attribute to @IR to
    enable/disable IR matching based on the architecture
    + JDK-8280392: java/awt/Focus/NonFocusableWindowTest/
    /NonfocusableOwnerTest.java failed with "RuntimeException:
    Test failed."
    + JDK-8280988: [XWayland] Click on title to request focus test
    failures
    + JDK-8280990: [XWayland] XTest emulated mouse click does not
    bring window to front
    + JDK-8283223: gc/stringdedup/TestStringDeduplicationFullGC.java
    [#]Parallel failed with "RuntimeException: String verification
    failed"
    + JDK-8287325: AArch64: fix virtual threads with
  - XX:UseBranchProtection=pac-ret
    + JDK-8291809: Convert compiler/c2/cr7200264/TestSSE2IntVect.java
    to IR verification test
    + JDK-8294148: Support JSplitPane for instructions and test UI
    + JDK-8299058: AssertionError in sun.net.httpserver.ServerImpl
    when connection is idle
    + JDK-8299487: Test java/net/httpclient/whitebox/
    /SSLTubeTestDriver.java timed out
    + JDK-8299790: os::print_hex_dump is racy
    + JDK-8299813: java/nio/channels/DatagramChannel/Disconnect.java
    fails with jtreg test timeout due to lost datagram
    + JDK-8301686: TLS 1.3 handshake fails if server_name doesn't
    match resuming session
    + JDK-8303920: Avoid calling out to python in
    DataDescriptorSignatureMissing test
    + JDK-8305072: Win32ShellFolder2.compareTo is inconsistent
    + JDK-8305825: getBounds API returns wrong value resulting in
    multiple Regression Test Failures on Ubuntu 23.04
    + JDK-8307193: Several Swing jtreg tests use class.forName on
    L&F classes
    + JDK-8307352: AARCH64: Improve itable_stub
    + JDK-8307778: com/sun/jdi/cds tests fail with jtreg's Virtual
    test thread factory
    + JDK-8307788: vmTestbase/gc/gctests/LargeObjects/large003/
    /TestDescription.java timed out
    + JDK-8308286: Fix clang warnings in linux code
    + JDK-8308660: C2 compilation hits 'node must be dead' assert
    + JDK-8309067: gtest/AsyncLogGtest.java fails again in
    stderrOutput_vm
    + JDK-8309621: [XWayland][Screencast] screen capture failure
    with sun.java2d.uiScale other than 1
    + JDK-8309685: Fix -Wconversion warnings in assembler and
    register code
    + JDK-8309894: compiler/vectorapi/
    /VectorLogicalOpIdentityTest.java fails on SVE system with
    UseSVE=0
    + JDK-8310072: JComboBox/DisabledComboBoxFontTestAuto: Enabled
    and disabled ComboBox does not match in these LAFs: GTK+
    ... changelog too long, skipping 570 lines ...
    + JDK-8341989: [21u] Back out JDK-8327501 and JDK-8328366

==== libgit2 ====
Version update (1.8.3 -> 1.8.4)

- update to 1.8.4:
  * Actually includes the pre-1.8.0 commit constness behavior fix

==== libnftnl ====
Version update (1.2.7 -> 1.2.8)

- Update to release 1.2.8
  * Fixes for incorrect validation of dynset netlink attributes
    from the kernel

==== libnvme ====
Version update (1.10+0.gdd51fa8 -> 1.11)
Subpackages: libnvme-mi1 libnvme1

- Update to version 1.11:
  * prefix: Use Request or Response Length in DLEN and DOFF for MI
  * types: Add ETPVDS and SSI fields of sanitize status log
  * json: do not escape strings when printing the configuration
  * tree: do no export tls keys when not provided by user
  * types: add struct nvme_id_ctrl_nvm ver and lbamqf member variables
  * types: add NVMe 2.1 get log page LIDs
  * type: Added enums for ANSAN and RGCNS bit of OAES field
  * linux: fixup PSK HMAC type '0' handling
  * util: added error code for ENOKEY
  * fabrics: fix map error level in __nvmf_add_ctrl
  * fabrics: add ctrl connect interface
  * fabrics: use hex numbers when generating command line options
  * fabrics: rename first argument for argument macros
  * linux: handle key import correctly
  * linux: export keys to config
  * tree: read tls_configured_key and tls_keyring from sysfs
  * tree: move dhchap and tls sysfs parser into separate functions
  * json: move keystore operations out of the JSON parser
  * tree: add getter/setters for TLS PSK
  * linux: add import/export function for TLS pre-shared keys
  * linux: only return the description of a key
  * linux: use ssize_t as return type for nvme_identity_len
  * linux: reorder variable declarations
  * types: Added enum for SMVES event of PEL log
  * libnvme: add lockdown log page support(LID : 0x14)
  * libnvme: add EMVS support to sanitize command
  * types: Add TP4159 PCIe Infrastructure for Live Migration definitions
  * types: add NVME_CTRL_OAES get macro definitions
  * types: add NVME_CTRL_OAES_TTHR definition
  * types: add NVME_CTRL_FNA definitions to get field values
  * types: add NVME_VAL() definition
  * tree: fix tls key mem leak (bsc#1231668)
  * tree: fix dhchap_ctrl_key mem leak (bsc#1231668)
  * tree: fix dhchap_key mem leak (bsc#1231668)
  * types: add NVME_CHECK() definition to check nvme register field value
  * types: add kv opcodes
  * types: added new fields in nvme_nvme_id_ns
  * types: Add enum for Completion Condition of Get LBA status command
  * ioctl: refactoring set_features
  * types: add new fields added in TP4142
  * mi: add control primitive command
  * linux: Correct error handling for derive_psk_digest (bsc#1228376)
  * types: Added new field CSER in enum as per TP4167
- build fix for OpenSSL 1.1
  * add 0001-linux-fix-derive_psk_digest-OpenSSL-1.1-version.patch

==== librsvg ====
Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0

- Change license to LGPL-2.1-or-later AND MIT.

==== libzip ====
Version update (1.10.1 -> 1.11.1)

- version update to 1.11.1
  * Fix zipconf.h for version number with missing third component.
  * Stop searching after finding acceptable central directory, even if it contains inconsistencies.
  * Only write Zip64 EOCD if fields don't fit in normal EOCD. Previously libzip also wrote it when any directory entry required Zip64.
  * Allow bytes from 0x00-0x1F as UTF-8.
  * Add new error code ZIP_ER_TRUNCATED_ZIP for files that start with a valid local header signature.
  * `zipcmp`: add -T option for comparing timestamps.
  * `zip_file_replace` now removes the target's extra field information.

==== mc ====
Subpackages: mc-lang

- Added patch 4575-fix-wrapper.patch - fixes boo#1203617

==== nvme-cli ====
Version update (2.10 -> 2.11)
Subpackages: nvme-cli-bash-completion nvme-cli-zsh-completion

- Update to version 2.11:
  * docs: update check-tls-key arguments
  * nvme: add support to append TLS PSK to keyfile for check-tls-key
  * nvme: return correct error code in append_keyfile
  * docs: nvme-id-doman: dom{ia => ai}n
  * ocp: fix latency monitoring data structure entry endian
  * ocp: fix TCG configuration log endian
  * ocp: fix firmware activation history entry endian
  * docs: update gen-tls-key arguments
  * nvme: add support to add derive TLS PSK to keyfile
  * nvme: rename identity to version
  * nvme: set file permission for keyfile to owner only
  * nvme: export tls keys honoring version and hmac
  * nvmf-keys: add udev rule to import tls keys
  * docs: update TLS options
  * fabrics: add support to connect to accept a PSK command line
  * fabrics: add support to connect to accept a configuration
  * nvme: use unsigned char for hmac and identity
  * nvme-print: Add Sanitize Media Verification Event in PEL log
  * netapp-ontapdev: add err msg for no ontapdevices
  * netapp-smdev: add err msg for no smdevices
  * doc: Add sanitize command emvs option
  * ocp: combine to use GUID length definitions
  * nvme: update tls_key() handling
  * nvme-print-stdout: print VERS bit of SANICAP field
  * nvme: add EMVS support to sanitize command
  * ocp: remove callback function cast
  * doc: added commit conventions to contribution guidelines
  * ocp: fix ocp-print-stdout.c indentation error
  * ocp: fix ocp-nvme.c indentation errors
  * ocp: build ocp-nvme.c and ocp-telemetry-decode.c without json
  * ocp: split TCG configuration log print codes
  * ocp: split telemetry string log print codes
  * ocp: split device capabilities log print codes
  * ocp: split error recovery log print codes
  * ocp: split unsupported requirement log print codes
  * ocp: split latency monitor log print codes
  * ocp: move ocp telemetry log print function into ocp-print
  * ocp: split smart extended log print codes
  * ocp: split ocp-fw-activation-history print codes
  * plugins: update meson.build file to always build ocp plugin
  * ocp-print: move json code into separate files
  * nvme-print-json: display only verbose output
  * ocp-nvme: ocp plugin version update
  * nvme-print: print KV command set page header
  * doc: show where self-test results can be found
  * plugins/memblaze: fix a wrong id on smart-log-add
  * plugins/dapustor: smart-log-add fix
  * plugins/sed: add sid password change (bsc#1229677)
  * plugins/solidigm: Automatic retry smaller log chunk size.
  * ocp-nvme: Add LMDATA-37 for Latency Monitor Log
  * ocp-nvme: remove ocp log page version checking
  * wdc: Fix for Reading WDC C2 Vendor Unique Log Page
  * ocp: Fixes for OCP 2.5 Telemetry DA1 FIFO Event Parsing
  * nvme-print-json: update JSON verbose output for nvm-id-ctrl (bsc#1231668)
  * wdc: Add Support for SN5100S
  * nvme: Support show-regs for nvmeof
  * ocp: fix option handling in internal-log
  * Documentation: Added solidigm plugin commands
  * wdc: add support for SNTMP drive
  * nvme-print: print NSSES field of CAP register
  * ocp: fix GUID output
  * nvme-print-json: print controller register values in offset order
  * nvme-print-json: print CMBEBS and CMBSWTP in json format
  * nvme-print-stdout: update changed-ns-list-log output (bsc#1231668)
  * nvme: fix uninitialized value in error-log (bsc#1231668)
  * nvme: fix to convert metadata size to native byte order
  * nvme-print: fix error information log page endianness error
  * completions: add get-feature command changed option
  * doc: add get-feature command changed option
  * nvme: separate get NVME_GET_FEATURES_SEL_CHANGED definition
  * nvme: use NVME_GET_FEATURES_SEL definitions
  * nvme-print-stdout: use NVME_CTRL_OAES definitions
  * completion: add ocp set-telemetry-profile to zsh
  * completion: add solidgm work-tracker binding
  * plugins/solidigm: Added Workload Tracker Triggers and Wall Time
  * ocp: include util/types.h to use nvme_uint128_t
  * ocp: fix to set log data pointer allocated
  * nvme: use NVME_CHECK() to check get features select field value
  * ocp: split ocp-hwcomp log
  * completions: add ocp hardware-component-log command
  * doc: add ocp hardware-component-log command
  * ocp: add hwcomp log json output
  * ocp: add hwcomp log command list option
  * ocp: add hwcomp log command comp-id option
  * ocp: add hwcomp dummy definition
  * ocp: add support for hwcomp log page
  * nvme: use NVME_CTRL_FNA definitions
  * netapp-smdevices: print single device output too (bsc#1231668)
  * netapp-smdevices: segregate print routines (bsc#1231668)
  * Add Support for new SN655 PCI Device ID
  * nvme-print-json: extern json object add functions
  * ocp: add SMART / health information extended log page version 4
  * ocp: add error recovery log page version 3
  * ocp: add get-enable-ieee1667-silo command
  * fabrics: fix incorrect access filename check (bsc#1231668)
  * nvme: use NVME_GET_FEATURES_SEL_SUPPORTED definition
  * nvme-print-json: use _cleanup_free_
  * plugins/solidigm: fix use after free.
    ... changelog too long, skipping 32 lines ...
- Install 70-nvmf-keys.rules to the default udev rules directory

==== openSUSE-release ====
Version update (20241031 -> 20241102)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd

- automatically generated by openSUSE-release-tools/pkglistgen

==== patterns-base ====
Subpackages: patterns-base-apparmor patterns-base-base patterns-base-basesystem patterns-base-basic_desktop patterns-base-console patterns-base-enhanced_base patterns-base-minimal_base patterns-base-selinux patterns-base-sw_management patterns-base-transactional_base patterns-base-x11 patterns-base-x11_enhanced

- Agama does not install chrony, add it to the pattern like on all
  other products, so that it is always there, including on images.

==== patterns-gnome ====
Subpackages: patterns-gnome-gnome patterns-gnome-gnome_basic patterns-gnome-gnome_basis patterns-gnome-gnome_basis_opt patterns-gnome-gnome_games patterns-gnome-gnome_imaging patterns-gnome-gnome_internet patterns-gnome-gnome_multimedia patterns-gnome-gnome_office patterns-gnome-gnome_utilities patterns-gnome-gnome_x11 patterns-gnome-gnome_yast patterns-gnome-sw_management_gnome

- Drop file-roller Recommends, the built in support in nautilus is
  sufficient.
- Change console to gnome-console Recommends: Use the current app
  name.
- Drop nautilus-extension-terminal Recommends: nautilus supports
  gnome-console nativly.

==== python-M2Crypto ====
Version update (0.42.0 -> 0.43.0)

- Update to 0.43.0:
  - feat[m2]: add m2.time_t_bits to checking for 32bitness.
  - fix[tests]: Use only X509_VERSION_1 (0) as version for CSR.
  - fix[EC]: raise ValueError when load_key_bio() cannot read the
    file (bsc#1231589).
  - ci: use -mpip wheel instead of -mbuild
  - fix: use PyMem_Malloc() instead of malloc()
  - fix[hints]: more work on conversion of type hints to the py3k ones
  - fix: make the package build even on Python 3.6
  - ci[local]: skip freezing local tests
  - fix[hints]: remove AnyStr type
  - test: add suggested test for RSA.{get,set}_ex_data
  - fix: implement interfaces for RSA_{get,set}_ex_new_{data,index}
  - fix: generate src/SWIG/x509_v_flag.h to overcome weaknesses of
    swig
  - fix: replace literal enumeration of all VERIFY_ constants by a
    cycle
  - test: unify various test cases in test_ssl related to ftpslib
  - fix: replace deprecated url keyword in setup.cfg with complete
    project_urls map

==== python-mysqlclient ====
Version update (2.2.4 -> 2.2.5)

- update to 2.2.5:
  * (Windows wheel) Update MariaDB Connector/C to 3.4.1. #726
  * (Windows wheel) Build wheels for Python 3.13. #726

==== python-pycups ====

- fix_shebang on the postscript driver rpmhook

==== python-service_identity ====
Version update (24.1.0 -> 24.2.0)

- update to 24.2.0:
  * Python 3.13 is now officially supported.
  * pyOpenSSL's identity extraction has been reimplemented using
  * cryptography*'s primitives instead of deprecated pyOpenSSL
    APIs.
  * As a result, the oldest supported pyOpenSSL version is now
    17.1.0.

==== python-zope.interface ====
Version update (7.1.0 -> 7.1.1)

- Update to 7.1.1
  * Fix segmentation faults in `weakrefobject.c`
    on Python 3.12 and 3.13. (#323)
- Adjust upstream source name in spec file

==== rasqal ====

- Drop %requires_ge libraptor1: This has been a NOP for the last
  10 years, since we moved to raptor 2.x.

==== redland ====

- Remove the requires_ge against librasqal1: it's been 15 years
  that librasqal1 changed to librasqal2. Due to requires_ge simply
  ignoring the dep if the package cannot be found, this was
  effectively a NOP for the last 15 years - and as nobody seemed to
  miss it, the autodep of RPM seems good enough.

==== samba ====
Version update (4.21.1+git.367.e1da597d86e -> 4.21.1+git.372.cb50f2d0a68)
Subpackages: libldb2 libldb2-32bit python3-ldb samba-ad-dc-libs samba-client samba-client-32bit samba-client-libs samba-client-libs-32bit samba-dcerpc samba-gpupdate samba-ldb-ldap samba-libs samba-libs-python3 samba-python3 samba-winbind samba-winbind-libs samba-winbind-libs-32bit

- Add placeholder changelog for sle15-sp7; (jsc#PED-11210).

==== selinux-policy ====
Version update (20241021 -> 20241031)
Subpackages: selinux-policy-targeted

- Update to version 20241031:
  * Label /var/livepatches as lib_t for ULP on micro (bsc#1228879)

==== xfce4-branding-openSUSE ====
Version update (4.18.0+git4.79f6d44 -> 4.18.0+git5.88e05bf)
Subpackages: libgarcon-branding-openSUSE libxfce4ui-branding-openSUSE thunar-volman-branding-openSUSE xfce4-notifyd-branding-openSUSE xfce4-panel-branding-openSUSE xfce4-power-manager-branding-openSUSE xfce4-session-branding-openSUSE xfce4-settings-branding-openSUSE xfdesktop-branding-openSUSE xfwm4-branding-openSUSE

- Updated Tumbleweed wallpaper symlinks