Packages changed:
  AppStream
  Mesa
  Mesa-drivers
  PackageKit
  SDL2 (2.26.3 -> 2.26.4)
  branding-openSUSE (84.87.20210910 -> 84.87.20230227)
  ffmpeg-5
  flac
  git (2.39.2 -> 2.40.0)
  grub2
  iso-codes (4.12.0 -> 4.13.0)
  kbd (2.4.0 -> 2.5.1)
  kernel-firmware (20230210 -> 20230313)
  keylime (6.6.0 -> 6.7.0)
  lame
  libcamera
  libjpeg-turbo
  libstorage-ng (4.5.83 -> 4.5.85)
  libvorbis
  microos-tools (2.18 -> 2.19)
  mozilla-nss (3.87 -> 3.88.1)
  mozjs102 (102.8.0 -> 102.9.0)
  mutter
  ncurses (6.4.20230225 -> 6.4.20230311)
  nftables (1.0.6 -> 1.0.7)
  openexr (3.1.5 -> 3.1.6)
  osinfo-db (20221130 -> 20230308)
  pam-config (1.8 -> 1.9)
  pam_kwallet
  python-cryptography (39.0.1 -> 39.0.2)
  python310
  python310-core
  sqlite3
  vim
  xz
  yast2-add-on (4.6.0 -> 4.6.1)
  yast2-installation (4.6.0 -> 4.6.1)
  yast2-storage-ng (4.6.0 -> 4.6.1)
  yast2-trans (84.87.20230306.ba31ff5670 -> 84.87.20230312.2a5006f40f)
  zvbi (0.2.39 -> 0.2.41)

=== Details ===

==== AppStream ====
Subpackages: AppStream-lang libAppStreamQt2 libappstream4

- Add upstream fix for new glib-2.76:
  * bfa8fa6ac4ef645368a93384a6c16ac551a40922.patch

==== Mesa ====
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1

- U_glx-Remove-pointless-GLX_INTEL_swap_event-paranoia.patch
  * reverse apply this patch to fix a regression caused by this
    commit, which resulted in gnome-shell constantly crashing, which
    is making a GNOME/X11 session impossible (boo#1209005)

==== Mesa-drivers ====
Subpackages: Mesa-dri Mesa-gallium Mesa-libva

- U_glx-Remove-pointless-GLX_INTEL_swap_event-paranoia.patch
  * reverse apply this patch to fix a regression caused by this
    commit, which resulted in gnome-shell constantly crashing, which
    is making a GNOME/X11 session impossible (boo#1209005)

==== PackageKit ====
Subpackages: PackageKit-backend-dnf PackageKit-backend-zypp PackageKit-gstreamer-plugin PackageKit-gtk3-module PackageKit-lang libpackagekit-glib2-18 typelib-1_0-PackageKitGlib-1_0

- Add PackageKit-fix-pkcon-permission.patch: trivial: Drop
  unnecessary x permission
  (gh#PackageKit/PackageKit/commit/47b7f97bc, bsc#1209138)

==== SDL2 ====
Version update (2.26.3 -> 2.26.4)

- Update to release 2.26.4
  * Fixed using older game controller mappings on Linux

==== branding-openSUSE ====
Version update (84.87.20210910 -> 84.87.20230227)
Subpackages: grub2-branding-openSUSE libreoffice-branding-openSUSE plymouth-branding-openSUSE wallpaper-branding-openSUSE yast2-qt-branding-openSUSE

- Make title QToolButton backgrounds transparent
- Drop optipng requirement

==== ffmpeg-5 ====
Subpackages: libavcodec59 libavfilter8 libavformat59 libavutil57 libpostproc56 libswscale6

- Add soname.diff to get libswresample4 nonconflicting with ffmpeg-6.
- Actually enable libjxl backend

==== flac ====

- Build AVX2 enabled hwcaps library for x86_64-v3

==== git ====
Version update (2.39.2 -> 2.40.0)

- git 2.40.0:
  * backward incompatible change: The format.attach configuration
    variable lacked a way to override a value defined in a
    lower-priority configuration file (e.g. the system one) by
    redefining it in a higher-priority configuration file. Now,
    setting format.attach to an empty string means show the patch
    inline in the e-mail message, without using MIME attachment.
  * multiple commands and workflows gained additional options,
    compatible functionality, or more helpful output
  * "grep -P" learned to use Unicode Character Property to grok
    character classes when processing \b and \w etc.
  * under-the-hood improvements and bug fixes
- The scripted "git add -p/-i" implementation was removed upstream.
  The openSUSE package already preferred the C implementation.

==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi

- Discard cached key from grub shell and editor mode
  * 0001-clean-up-crypttab-and-linux-modules-dependency.patch
  * 0002-discard-cached-key-before-entering-grub-shell-and-ed.patch
- Make grub more robust against storage race condition causing system boot
  failures (bsc#1189036)
  * 0001-ieee1275-ofdisk-retry-on-open-and-read-failure.patch

==== iso-codes ====
Version update (4.12.0 -> 4.13.0)
Subpackages: iso-codes-lang

- update to version 4.13.0:
  + ISO 3166-1: Add missing common names for Laos, Iran, and Syria.
  + ISO 3166-3: Fix withdrawal dates of AN, CS and YU.
  + Updated translations.

==== kbd ====
Version update (2.4.0 -> 2.5.1)
Subpackages: kbd-legacy

- Update to version 2.5.1
  - Add Irish keyboard map
  - Add PinePhone keyboard keymap
  - Added braces to IT keyboard map
  - Add Euro at Portuguese keyboards
  - Fix incorrect acentuation pt-latin9
  - fa.map: drop high codepoint character that chokes loadkeys
  - data/keymaps/i386/neo: use Delete instead of Backspace
  - Fix documentation for a few program options
  - Fix some memory leaks
  - Update translations
  - autogen.sh missing from release tarball, copy from git
  - Remove upstreamed patches
  - 0001-libkfont-Initialize-kfont_context-options.patch
  - kbd-1.15.2-dumpkeys-C-opt.patch
  - kbd-2.0.2-comment-typo-qwerty.patch

==== kernel-firmware ====
Version update (20230210 -> 20230313)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd

- Update to version 20230313 (git commit 5bc279fb161d):
  * iwlwifi: update core69 and core72 firmwares for So device
  * qat: update licence text
  * rtl_bt: Update RTL8822C BT USB firmware to 0x0CC6_D2E3
  * rtl_bt: Update RTL8822C BT UART firmware to 0x05C6_D2E3
  * WHENCE: remove duplicate File entries
  * WHENCE: remove trailing white space
  * linux-firmware: add fw for qat_4xxx (jsc#PED-3699)
  * Fix symlinks for Intel firmware
  * linux-firmware: update firmware for mediatek bluetooth chip (MT7921)
  * linux-firmware: update firmware for MT7921 WiFi device
  * iwlwifi: update core69 and core72 firmwares for Ty device
  * rtlwifi: Add firmware v16.0 for RTL8710BU aka RTL8188GU
  * brcm: Add nvram for the Lenovo Yoga Book X90F / X90L convertible
  * brcm: Fix Xiaomi Inc Mipad2 nvram/.txt file macaddr
  * brcm: Add nvram for the Advantech MICA-071 tablet
  * rtl_bt: Update RTL8852C BT USB firmware to 0xD7B8_FABF
  * rtl_bt: Add firmware and config files for RTL8821CS
  * rtw89: 8852b: update fw to v0.29.29.0
  * rtw89: 8852b: update fw to v0.29.26.0
  * liquidio: remove lio_23xx_vsw.bin
  * intel: avs: Add AudioDSP base firmware for CNL-based platforms
  * intel: avs: Add AudioDSP base firmware for APL-based platforms
  * intel: avs: Add AudioDSP base firmware for SKL-based platforms
  * ath11k: WCN6855 hw2.0: update to WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.23
  * ath11k: WCN6855 hw2.0: update board-2.bin
  * ath11k: WCN6750 hw1.0: update board-2.bin
  * ath11k: IPQ5018 hw1.0: add to WLAN.HK.2.6.0.1-00861-QCAHKSWPL_SILICONZ-1
  * ath11k: IPQ5018 hw1.0: add board-2.bin
  * ath10k: QCA6174 hw3.0: update firmware-sdio-6.bin to version WLAN.RMH.4.4.1-00174
  * ath10k: WCN3990 hw1.0: update board-2.bin
  * cnm: update chips&media wave521c firmware.
  * amdgpu: Update GC 11.0.1 firmware
  * intel: catpt: Add AudioDSP base firmware for BDW platforms
- Update topics for catpt/avs
- Update aliases
- Update spec template

==== keylime ====
Version update (6.6.0 -> 6.7.0)
Subpackages: keylime-config keylime-firewalld keylime-logrotate keylime-registrar keylime-tenant keylime-tpm_cert_store keylime-verifier python310-keylime

- Update to version v6.7.0:
  * codestyle: Define RuntimePolicyType and use it
  * ima: Move type defitions from ima_dm.py to types.py
  * docs: fix docs
  * End of term for @mpeters + propose @maugustosilva
  * verifier: Activate every m-th agent starting at the n-th agent on a worker
  * verifier: Read list of agents early on
  * create_policy: read the hashes from filelists-ext
  * tests: remove restful test and simplify test scripts
  * tests: config move agent config example to verifier
  * Update source code mapping in codecov.yml
  * ima: do not validate against the allowlist if signature was already validated
  * Disable e2e on Rawhide due to RHBZ#2171376
  * roadmap: update for 2023
  * readme: remove installation instructions, update outdated information
  * db: switch to pessimistic disconnect handling
  * Add timestamp of last successful attestation to verifier API
  * tpm: improve logging for tpm and measured boot policy
  * da: fixes for breakages on durable Attestation
  * codestyle: Fully annotate cloud_verifier_tornado and add to mypy
  * create_policy: clarify IMA on links
  * create_policy: be explicit on opening binary files
  * create_policy: use public variants for RPM flags
  * create_policy: remote repository IMA extraction
  * create_policy: local RPM repository IMA extraction
  * create_policy: remove the experimental status
  * create_policy: print into stderr
  * signing: small refactor on the code
  * Add missing e2e tests and reordering tests based on alphabetical order
  * verifier,tenant : fix IMA runtime policy bug (issue #1306)
  * e2e tests: Fix test name (#1307)
  * verifier: fixing type issues (#1272)
  * config: improve support for (log-based) debugging
  * Fix stray references to "IMA policies" in conversion script
  * tests: only keep test specific packages in test-requirements.txt
  * codestyle: Have pyright ignore assignments of values to DB columns
  * codestyle: Call type conversion functions on agent's DB columns
  * codestyle: Fully annotate cloud_verifier_common.py and add to mypy
  * codestyle: Have pyright ignore the parameter passed to the update() function
  * codestyle: Have pyright ignore fields used to select columns to load
  * codestyle: Add an assert to the returned update_agent to avoid pyright errors
  * codesyle: Fix annotations of notify functions in revocation_notifier.py

==== lame ====

- Build AVX2 enabled hwcaps library for x86_64-v3

==== libcamera ====
Subpackages: libcamera-base0_0_4 libcamera0_0_4

- Disable warning in silent-Werror_dangling-reference.patch based
  compiler version.
- Add silent-Werror_dangling-reference.patch that addressed a false-positive
  warning in GCC: https://bugs.libcamera.org/show_bug.cgi?id=185.

==== libjpeg-turbo ====

- Build AVX2 enabled hwcaps library for x86_64-v3

==== libstorage-ng ====
Version update (4.5.83 -> 4.5.85)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1

- merge gh#openSUSE/libstorage-ng#918
- allow trailing space when parsing btrfs version (bsc#1209252)
- 4.5.85
- merge gh#openSUSE/libstorage-ng#917
- extended error logging
- 4.5.84

==== libvorbis ====
Subpackages: libvorbis0 libvorbisenc2 libvorbisfile3

- Build AVX2 enabled hwcaps library for x86_64-v3
- Small spec file cleanup

==== microos-tools ====
Version update (2.18 -> 2.19)

- Update URL
- Update to version 2.19:
  - configure.ac: Run autoupdate to fix some deprecation warnings
  - Clean up selinux-autorelabel-generator and make it compatible with systemd 253

==== mozilla-nss ====
Version update (3.87 -> 3.88.1)
Subpackages: libfreebl3 libfreebl3-hmac libsoftokn3 libsoftokn3-hmac mozilla-nss-certs

- update to NSS 3.88.1
  * bmo#1804640 - improve handling of unknown PKCS#12 safe bag types
- update to NSS 3.88
  * bmo#1815870 - use a different treeherder symbol for each docker
    image build task
  * bmo#1815868 - pin an older version of the ubuntu:18.04 and
    20.04 docker images
  * bmo#1810702 - remove nested table in rst doc
  * bmo#1815246 - Export NSS_CMSSignerInfo_GetDigestAlgTag.
  * bmo#1812671 - build failure while implicitly casting SECStatus
    to PRUInt32
  * bmo#1212915 - Add check for ClientHello SID max length
  * bmo#1771100 - Added EarlyData ALPN test support to BoGo shim
  * bmo#1790357 - ECH client - Discard resumption TLS < 1.3
    Session(IDs|Tickets) if ECH configs are setup
  * bmo#1714245 - On HRR skip PSK incompatible with negotiated
    ciphersuites hash algorithm
  * bmo#1789410 - ECH client: Send ech_required alert on server
    negotiating TLS 1.2. Fixed misleading Gtest,
    enabled corresponding BoGo test
  * bmo#1771100 - Added Bogo ECH rejection test support
  * bmo#1771100 - Added ECH 0Rtt support to BoGo shim
  * bmo#1747957 - RSA OAEP Wycheproof JSON
  * bmo#1747957 - RSA decrypt Wycheproof JSON
  * bmo#1747957 - ECDSA Wycheproof JSON
  * bmo#1747957 - ECDH Wycheproof JSON
  * bmo#1747957 - PKCS#1v1.5 wycheproof json
  * bmo#1747957 - Use X25519 wycheproof json
  * bmo#1766767 - Move scripts to python3
  * bmo#1809627 - Properly link FuzzingEngine for oss-fuzz.
  * bmo#1805907 - Extending RSA-PSS bltest test coverage
    (Adding SHA-256 and SHA-384)
  * bmo#1804091 - NSS needs to move off of DSA for integrity checks
  * bmo#1805815 - Add initial testing with ACVP vector sets using
    acvp-rust
  * bmo#1806369 - Don't clone libFuzzer, rely on clang instead

==== mozjs102 ====
Version update (102.8.0 -> 102.9.0)

- Update to version 102.9.0:
  + Various security fixes.
  + CVE-2023-25751: Incorrect code generation during JIT
    compilation.
  + CVE-2023-28164: URL being dragged from a removed cross-origin
    iframe into the same tab triggered navigation.
  + CVE-2023-28162: Invalid downcast in Worklets.
  + CVE-2023-25752: Potential out-of-bounds when accessing
    throttled streams.
  + CVE-2023-28163: Windows Save As dialog resolved environment
    variables.
  + CVE-2023-28176: Memory safety bugs fixed in Firefox 111 and
    Firefox ESR 102.9.

==== mutter ====
Subpackages: mutter-lang

- Add mutter-prevent-newly-focused-windows-to-steal-focus-from-shell.patch:
  Revert wrong commit and try a third approach to fix focus
  (bsc#1208494).

==== ncurses ====
Version update (6.4.20230225 -> 6.4.20230311)
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen

- Add ncurses patch 20230311
  + improve manpage description for addch versus unctrl format used for
    non-printable characters.
  + modify version-check for gcc/g++, now works for msys2.
  + modify check in _nc_write_entry() for multiply defined aliases to
    report problems within the current runtime of tic rather than for
    conflicts with pre-existing terminal descriptions.
  + allow for MinGW32-/64-bit configurations to use _DEFAULT_SOURCE
  + clarify interaction of -R option versus -C, -I and -r in infocmp
    manpage.
  + build-fix in lib_win32con.c (cf: 20230211).

==== nftables ====
Version update (1.0.6 -> 1.0.7)
Subpackages: libnftables1 python3-nftables

- Update to release 1.0.7
  * Support for vxlan/geneve/gre/gretap matching
  * auto-merge support for partial set element deletion
  * Allow for NAT mapping with concatenation and ranges
  * Support for quota in sets

==== openexr ====
Version update (3.1.5 -> 3.1.6)
Subpackages: libIex-3_1-30 libIlmThread-3_1-30 libOpenEXR-3_1-30

- update to 3.1.6:
  * NEON optimizations for ZIP reading
  * Enable fast Huffman & Huffman zig-zag transform for Arm Neon
  * Support relative and absolute libdir/includedir in pkg-config generation
  * Fix for reading memory mapped files with DWA compression
  * Enable SSE4 support on Windows
  * Fast huf decoder
- Drop gcc13-fix.patch

==== osinfo-db ====
Version update (20221130 -> 20230308)

- Update to database version 20230308
  osinfo-db-20230308.tar.xz

==== pam-config ====
Version update (1.8 -> 1.9)

- Update to version 1.9
  - Add support for pam_lastlog2

==== pam_kwallet ====
Subpackages: pam_kwallet-common

- Add patches for handling edge cases and hardening:
  * 0001-Verify-that-XDG_RUNTIME_DIR-is-usable.patch
  * 0002-Don-t-do-anything-if-the-password-is-empty.patch
  * 0003-Exit-early-if-the-target-user-is-root.patch
  * 0004-Don-t-call-pam_sm_open_session-within-pam_sm_authent.patch

==== python-cryptography ====
Version update (39.0.1 -> 39.0.2)

- update to 39.0.2:
  * Fixed a bug where the content type header was not properly
    encoded for PKCS7 signatures when using the ``Text`` option and
    ``SMIME`` encoding.

==== python310 ====
Subpackages: python310-curses python310-dbm

- Add invalid-json.patch fixing invalid JSON in
  Doc/howto/logging-cookbook.rst (somehow similar to
  gh#python/cpython#102582).

==== python310-core ====
Subpackages: libpython3_10-1_0 python310-base

- Add invalid-json.patch fixing invalid JSON in
  Doc/howto/logging-cookbook.rst (somehow similar to
  gh#python/cpython#102582).

==== sqlite3 ====
Subpackages: libsqlite3-0 sqlite3-tcl

- Build AVX2 enabled hwcaps library for x86_64-v3

==== vim ====
Subpackages: vim-data vim-data-common vim-small

- Update spec.skeleton to use autosetup in place of setup macro.

==== xz ====
Subpackages: liblzma5 xz-lang

- Build AVX2 enabled hwcaps library for x86_64-v3

==== yast2-add-on ====
Version update (4.6.0 -> 4.6.1)

- Removed unnecessary executable flag from file add-on-workflow.rb
  (bsc#1209094)
- 4.6.1

==== yast2-installation ====
Version update (4.6.0 -> 4.6.1)

- Removed unnecessary executable flag from file security_proposal.rb
  (bsc#1209094)
- 4.6.1

==== yast2-storage-ng ====
Version update (4.6.0 -> 4.6.1)

- Removed unnecessary executable flags from files (bsc#1209094)
- 4.6.1

==== yast2-trans ====
Version update (84.87.20230306.ba31ff5670 -> 84.87.20230312.2a5006f40f)
Subpackages: yast2-trans-cs yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-fr yast2-trans-hu yast2-trans-it yast2-trans-ja yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ru yast2-trans-zh_CN yast2-trans-zh_TW

- Update to version 84.87.20230312.2a5006f40f:
  * Translated using Weblate (Polish)
  * Translated using Weblate (Polish)
  * Translated using Weblate (Polish)
  * Translated using Weblate (Polish)
  * Translated using Weblate (Polish)
  * Translated using Weblate (Swedish)
  * Translated using Weblate (Swedish)
  * Translated using Weblate (Swedish)
  * Translated using Weblate (Swedish)
  * Translated using Weblate (Swedish)
  * Translated using Weblate (Swedish)
  * Translated using Weblate (Polish)
  * Translated using Weblate (Polish)
  * Translated using Weblate (Polish)
  * New POT for text domain 'online-update'.
  * Translated using Weblate (Javanese)
  * Translated using Weblate (Polish)
  * Translated using Weblate (Polish)
  * Translated using Weblate (Dutch)
  * Translated using Weblate (Dutch)
  * Translated using Weblate (Javanese)
  * Translated using Weblate (Georgian)

==== zvbi ====
Version update (0.2.39 -> 0.2.41)

- update to 0.2.41:
  * src/libzvbi.h: In libzvbi.h, remove #include version.h and replace with version number macros
  * po/*.po: Update Project-Id-Version.