Packages changed:
  MozillaFirefox (115.0.1 -> 115.0.2)
  audacity
  audit (3.0.9 -> 3.1.1)
  audit-secondary (3.0.9 -> 3.1.1)
  bind
  cryptsetup
  glibc
  iproute2 (6.3 -> 6.4)
  kernel-source (6.4.2 -> 6.4.3)
  libHX (4.13 -> 4.14)
  libbpf (1.2.0 -> 1.2.2)
  libguestfs
  libnftnl (1.2.5 -> 1.2.6)
  libshumate (1.0.3 -> 1.0.4)
  libvirt (9.4.0 -> 9.5.0)
  python-libvirt-python (9.4.0 -> 9.5.0)
  python311-pyparsing (3.0.9 -> 3.1.0)
  qpdf (11.4.0 -> 11.5.0)
  redis (7.0.11 -> 7.0.12)
  rpm-config-SUSE (20220926 -> 20230712)
  snapper
  texlive
  unixODBC
  util-linux
  util-linux-systemd

=== Details ===

==== MozillaFirefox ====
Version update (115.0.1 -> 115.0.2)

- Mozilla Firefox 115.0.2
  * Fixed a bug with displaying a caret in the text editor on some websites
    (bmo#1840804)
  * Fixed a bug with broken audio rendering on some websites (bmo#1841982)
  * Fixed a bug with patternTransform translate using the wrong units
    (bmo#1840746)
  MFSA 2023-26 (bsc#1213230)
  * CVE-2023-3600 (bmo#1839703)
    Use-after-free in workers

==== audacity ====
Subpackages: audacity-lang

- Update constraints for riscv64

==== audit ====
Version update (3.0.9 -> 3.1.1)
Subpackages: libaudit1 libauparse0

- Update to 3.1.1:
  * Add user friendly keywords for signals to auditctl
  * In ausearch, parse up URINGOP and DM_CTRL records
  * Harden auparse to better handle corrupt logs
  * Fix a CFLAGS propogation problem in the common directory
  * Move the audispd af_unix plugin to a standalone program
- Add _multibuild to define additional spec files as additional
  flavors.
  Eliminates the need for source package links in OBS.
- Enable livepatching on main library on x86_64.
- Update to 3.1:
  * Disable ProtectControlGroups in auditd.service by default
  * Fix rule checking for exclude filter
  * Make audit_rule_syscallbyname_data work correctly outside of auditctl
  * Add new record types
  * Add io_uring support
  * Add support for new FANOTIFY record fields
  * Add keyword, this-hour, to ausearch/report start/end options
  * Add Requires.private to audit.pc file
  * Try to interpret OPENAT2 fields correctly

==== audit-secondary ====
Version update (3.0.9 -> 3.1.1)
Subpackages: audit python3-audit system-group-audit

- Update to 3.1.1:
  * Add user friendly keywords for signals to auditctl
  * In ausearch, parse up URINGOP and DM_CTRL records
  * Harden auparse to better handle corrupt logs
  * Fix a CFLAGS propogation problem in the common directory
  * Move the audispd af_unix plugin to a standalone program
- Add _multibuild to define additional spec files as additional
  flavors.
  Eliminates the need for source package links in OBS.
- Update to 3.1:
  * Disable ProtectControlGroups in auditd.service by default
  * Fix rule checking for exclude filter
  * Make audit_rule_syscallbyname_data work correctly outside of auditctl
  * Add new record types
  * Add io_uring support
  * Add support for new FANOTIFY record fields
  * Add keyword, this-hour, to ausearch/report start/end options
  * Add Requires.private to audit.pc file
  * Try to interpret OPENAT2 fields correctly

==== bind ====
Subpackages: bind-doc bind-utils

- Enable dnstap support

==== cryptsetup ====
Subpackages: cryptsetup-doc libcryptsetup12

- luksFormat: Handle system with low memory and no swap space [bsc#1211079]
  * Check for physical memory available also in PBKDF benchmark.
  * Try to avoid OOM killer on low-memory systems without swap.
  * Use only half of detected free memory on systems without swap.
  * Add patches:
  - cryptsetup-Check-for-physical-memory-available-also-in-PBKDF-be.patch
  - cryptsetup-Try-to-avoid-OOM-killer-on-low-memory-systems-withou.patch
  - cryptsetup-Use-only-half-of-detected-free-memory-on-systems-wit.patch

==== glibc ====
Subpackages: glibc-devel glibc-extra glibc-locale glibc-locale-base nscd

- gshadow-erange-rhandling.patch: gshadow: Matching sgetsgent, sgetsgent_r
  ERANGE handling (BZ #30151)
- system-sigchld-block.patch: posix: Fix system blocks SIGCHLD erroneously
  (BZ #30163)
- gmon-buffer-alloc.patch: gmon: Fix allocated buffer overflow (BZ #29444)
- check-pf-cancel-handler.patch: __check_pf: Add a cancellation cleanup
  handler (BZ #20975)
- powerpc64-fcntl-lock.patch: io: Fix F_GETLK, F_SETLK, and F_SETLKW for
  powerpc64
- realloc-limit-chunk-reuse.patch: realloc: Limit chunk reuse to only
  growing requests (BZ #30579)
- dl-find-object-return.patch: elf: _dl_find_object may return 1 during
  early startup (BZ #30515)
- Need to build with GCC 12 as minimum
- fix-locking-in-_IO_cleanup.patch: Update to final version

==== iproute2 ====
Version update (6.3 -> 6.4)
Subpackages: iproute2-bash-completion

- Update to release 6.4
  * bridge: mdb: added underlay destination IP support, UDP
    destination port support, destination VNI support, source VNI
    support, outgoing interface support
  * macvlan: added the "bclim" parameter

==== kernel-source ====
Version update (6.4.2 -> 6.4.3)
Subpackages: kernel-64kb kernel-default

- Linux 6.4.3 (bsc#1012628).
- mm: call arch_swap_restore() from do_swap_page() (bsc#1012628).
- bootmem: remove the vmemmap pages from kmemleak in
  free_bootmem_page (bsc#1012628).
- commit 5fb5b21

==== libHX ====
Version update (4.13 -> 4.14)

- Update to release 4.14
  * socket: make HX_addrport_split work on portless bracketed hostspec

==== libbpf ====
Version update (1.2.0 -> 1.2.2)

- update to v1.2.2:
  * fix a regression in perf tool caused by libbpf resetting its custom
    catch-all SEC() handler on explicit bpf_program__set_type() call
  * fix possible double-free in USDT-related libbpf code, which happens when
    libbpf runs out of space in __bpf_usdt_specs map due to having too many
    unique USDT specs

==== libguestfs ====
Subpackages: libguestfs-xfs libguestfs0

- bsc#1212972 - cannot find any suitable libguestfs supermin
  libguestfs.spec

==== libnftnl ====
Version update (1.2.5 -> 1.2.6)

- Update to release 1.2.6
  * expr: meta: introduce broute meta expression

==== libshumate ====
Version update (1.0.3 -> 1.0.4)
Subpackages: libshumate-1_0-1 typelib-1_0-Shumate-1_0

- Update to version 1.0.4:
  + Throttle tile download during animations.

==== libvirt ====
Version update (9.4.0 -> 9.5.0)
Subpackages: libvirt-client libvirt-daemon-common libvirt-daemon-config-network libvirt-daemon-driver-interface libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lock libvirt-daemon-log libvirt-daemon-plugin-lockd libvirt-daemon-proxy libvirt-daemon-qemu libvirt-libs

- libxl: Improve handling of errors across migration phases
  bsc#1213186
- apparmor: Support local overrides in all profiles and abstractions
  spec: Don't replace /etc/apparmor.d/<profile> on package upgrade
  spec: No longer package empty /etc/apparmor.d/local/* files
  bsc#1211472
- Update to libvirt 9.5.0
  - Many incremental improvements and bug fixes, see
    https://libvirt.org/news.html#v9-5-0-2023-07-03
  - Add upstream commit 5f7f6ceb47 to fix builds on Leap 15.x
  - Drop downstream commit adding SUSE-specific migration
    parameters

==== python-libvirt-python ====
Version update (9.4.0 -> 9.5.0)

- Update to 9.5.0
  - Add all new APIs and constants in libvirt 9.5.0

==== python311-pyparsing ====
Version update (3.0.9 -> 3.1.0)

- Add upstream patch limit-error-messages.patch as a part of
  a workaround for boo#1213007
- update to 3.1.0
  * API ENHANCEMENT: `Optional(expr)` may now be written as `expr | ""`
  * Added new class property `identifier` to all Unicode set classes in
    `pyparsing.unicode`, using the class's values for `cls.identchars`
    and `cls.identbodychars`.
  * ParseResults` now has a new method `deepcopy()`, in addition to the
    current `copy()` method.
  * Reworked `delimited_list` function into the new `DelimitedList` class.
  * Added new class method `ParserElement.using_each`
  * Added new builtin `python_quoted_string`, which will match any form
    of single-line or multiline quoted strings defined in Python.
  * `ParserElement.validate()` is deprecated.
  * Added bool `embed` argument to `ParserElement.create_diagram()`.
  * Added support for Python 3.12.
  * Updated `create_diagram()` code to be compatible with
    railroad-diagrams package version 3.0.
  * Many other changes, see upstream CHANGES

==== qpdf ====
Version update (11.4.0 -> 11.5.0)

- Update to 11.5.0:
  * When copying the same page more than once, ensure that annotations
    are copied and not shared among multiple pages.
  * Add new method Buffer::copy and deprecate Buffer copy constructor
    and assignment operator. Buffer copies are expensive and should be
    done explicitly.
  * The source code was reformatted to 100 columns instead of 80.
    Numerous cosmetic changes and changes suggested by clang-tidy were made.

==== redis ====
Version update (7.0.11 -> 7.0.12)

- redis 7.0.12:
  * (CVE-2022-24834) A specially crafted Lua script executing in Redis can trigger
    a heap overflow in the cjson and cmsgpack libraries, and result in heap
    corruption and potentially remote code execution. The problem exists in all
    versions of Redis with Lua scripting support, starting from 2.6, and affects
    only authenticated and authorized users. (bsc#1213193)
  * (CVE-2023-36824) Extracting key names from a command and a list of arguments
    may, in some cases, trigger a heap overflow and result in reading random heap
    memory, heap corruption and potentially remote code execution. Specifically:
    using COMMAND GETKEYS* and validation of key names in ACL rules. (bsc#1213249)
  * Re-enable downscale rehashing while there is a fork child
  * Fix possible hang in HRANDFIELD, SRANDMEMBER, ZRANDMEMBER when used with <count>
  * Improve fairness issue in RANDOMKEY, HRANDFIELD, SRANDMEMBER, ZRANDMEMBER,
    SPOP, and eviction
  * Fix WAIT to be effective after a blocked module command being unblocked
  * Avoid unnecessary full sync after master restart in a rare case

==== rpm-config-SUSE ====
Version update (20220926 -> 20230712)

- Update to version 20230712:
  * Add more prjconf macros
  * update comment about _lto_cflags
  * drop %usrmerged macro (boo#1206798)
  * Fix SLE sbat macros used on Leap (bsc#1198458)

==== snapper ====
Subpackages: libsnapper7 snapper-zypp-plugin

- document disadvantage of using network users and order services
  after nss-user-lookup (gh#openSUSE/snapper#823)

==== texlive ====
Subpackages: libkpathsea6 libsynctex2

- The rungs lua script belongs to texlive-scripts(-bin) only

==== unixODBC ====

- Add missing requires for glibc-locale-base, required for utf16 codec
  (bsc#1213242)

==== util-linux ====
Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1

- Add patch to detect MD array as container of LUKS properly
  (boo#1213227, gh#util-linux/util-linux#2373):
  * 0001-Revert-libblkid-try-LUKS2-first-when-probing.patch

==== util-linux-systemd ====

- Add patch to detect MD array as container of LUKS properly
  (boo#1213227, gh#util-linux/util-linux#2373):
  * 0001-Revert-libblkid-try-LUKS2-first-when-probing.patch