Packages changed:
  bluez
  brltty
  kdump (1.9.8 -> 2.0.0)
  kernel-default-base
  kio-fuse (5.0.1 -> 5.1.0)
  libslirp (4.7.0+44 -> 4.7.0+60)
  polkit-default-privs (1550+20231129.269abcd -> 1550+20231213.09963a4)
  python-numpy
  python-pexpect
  susepaste
  xorg-x11-server
  xwayland
  yast2-python-bindings (5.0.1 -> 5.0.2)

=== Details ===

==== bluez ====
Subpackages: bluez-auto-enable-devices bluez-cups libbluetooth3

- add CVE-2023-45866.patch (CVE-2023-45866, bsc#1217877)

==== brltty ====
Subpackages: brltty-driver-at-spi2 brltty-driver-brlapi brltty-driver-speech-dispatcher brltty-driver-xwindow brltty-lang libbrlapi0_8 python3-brlapi system-user-brltty xbrlapi

- README.SUSE: add documentation about the state of security of the brltty
  daemon (bsc#1214158).
- Use ocaml-rpm-macros to track OCaml ABI
- Reduce amount of rpmlint warnings with brltty.rpmlintrc

==== kdump ====
Version update (1.9.8 -> 2.0.0)

- upgrade to version 2.0.0
  * add support for riscv64 (bsc#1204214)
  * mkdumprd: fix the check for updated SSH keys
  * prefer by-path and device-mapper aliases (bsc#1217617)
  * udev: don't reload kdump if kernel handles hotplug (jsc#PED-5077)

==== kernel-default-base ====

- Add macvlan

==== kio-fuse ====
Version update (5.0.1 -> 5.1.0)

- Update to version 5.1.0:
  * Support for building against Qt 6 and KF6
  * Minimum versions of dependencies got raised:
    CMake 3.16, Qt 5.15, KIO 5.96.0
  * Minor bug fixes and optimizations
  * Don't include the password in the generated VFS path
  * Mounting admin: is blocked now
- Drop patch, now upstream:
  * 0001-Initialize-m_lastChildrenRefresh-to-be-really-in-the.patch

==== libslirp ====
Version update (4.7.0+44 -> 4.7.0+60)

- Update to version 4.7.0+60:
  * Avoid including <sys/param.h> on windows
  * Document functions
  * icmp: Handle ICMP packets as IPPROTO_IP on BSD
  * ip: Enforce strict aliasing
  * Fix including BaseTsd.h on mingw
  * Use SSIZE_T from BaseTsd.h on windows
  * Detach UDP socket if errno is ENOTCONN (Socket is not connected)
  * slirp: use localhost as dns when /etc/resolv.conf empty
  * missing semicolon
  * Drop unused UDP_UDPDATALEN macro
  * Reject domain-search when any entry ends with ".."
  * Use target address from Neighbor Advertisement
- removed libslirp-semicolon.patch, now included

==== polkit-default-privs ====
Version update (1550+20231129.269abcd -> 1550+20231213.09963a4)

- Update to version 1550+20231213.09963a4:
  * profiles: add and adjust polkit actions for gamemode (bsc#1217915)

==== python-numpy ====

- Do not attempt to ship numpy.distutils C code in the Python 3.12 -devel
  package, it is not installed.

==== python-pexpect ====

- disable randomly failing tests [bsc#1209560]

==== susepaste ====
Subpackages: susepaste-screenshot

- Fix homepage URL
- Add _service file (use on next release)

==== xorg-x11-server ====
Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra

- U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
  * Out-of-bounds memory write in XKB button actions (CVE-2023-6377,
    ZDI-CAN-22412, ZDI-CAN-22413, bsc#1217765)
- U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch
  * Out-of-bounds memory read in RRChangeOutputProperty and
    RRChangeProviderProperty (CVE-2023-6478, ZDI-CAN-22561,
    bsc#1217766)

==== xwayland ====

- U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch
  * Out-of-bounds memory write in XKB button actions (CVE-2023-6377,
    ZDI-CAN-22412, ZDI-CAN-22413, bsc#1217765)
- U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch
  * Out-of-bounds memory read in RRChangeOutputProperty and
    RRChangeProviderProperty (CVE-2023-6478, ZDI-CAN-22561,
    bsc#1217766)

==== yast2-python-bindings ====
Version update (5.0.1 -> 5.0.2)

- Fix leak when passing Term objects; (bsc#1217075)
- 5.0.2