Packages changed:
  bind (9.18.27 -> 9.20.0)
  emacs
  gnutls (3.8.5 -> 3.8.6)
  kdump (2.0.7 -> 2.0.9)
  lua54 (5.4.6 -> 5.4.7)
  ncurses (6.5.20240629 -> 6.5.20240713)
  openSUSE-release (20240725 -> 20240726)
  openssl-3
  powerdevil6
  python-pyOpenSSL (24.1.0 -> 24.2.1)
  qemu (9.0.1 -> 9.0.2)
  rsyslog (8.2306.0 -> 8.2406.0)
  salt
  xdg-utils
  xfce4-screenshooter (1.10.6 -> 1.11.0)
  yast2-kdump (5.0.0 -> 5.0.1)

=== Details ===

==== bind ====
Version update (9.18.27 -> 9.20.0)
Subpackages: bind-doc bind-utils

- Update to new major version 9.20.0
  For a complete list of all changes see:
  * https://bind9.readthedocs.io/en/v9.20.0/notes.html
  * The CHANGES file in the source RPM
  Some noteworthy changes:
  * Added new BuildRequires liburcu for lock free data structures.
  * A new DNSSEC tool dnssec-ksr has been added to create Key
    Signing Request (KSR) and Signed Key Response (SKR) files.
  * /etc/bind.keys and /var/lib/named/named.root.key have been
    removed as the correct defaults are pre-compiled and there is
    no need to configure bind.keys manually.
  * The functions that were in the libbind9 shared library have
    been moved to the libisc and libisccfg libraries. The now-empty
    libbind9 has been removed and is no longer installed.
  * The irs_resconf module has been moved to the libdns shared
    library. The now-empty libirs library has been removed and is
    no longer installed.
  Security Fixes:
  * A malicious DNS client that sent many queries over TCP but
    never read the responses could cause a server to respond slowly
    or not at all for other clients. This has been fixed.
    (CVE-2024-0760)
    [bsc#1228255]
  * It is possible to craft excessively large resource records
    sets, which have the effect of slowing down database
    processing. This has been addressed by adding a configurable
    limit to the number of records that can be stored per name and
    type in a cache or zone database. The default is 100, which can
    be tuned with the new max-records-per-type option.
  * It is possible to craft excessively large numbers of resource
    record types for a given owner name, which has the effect of
    slowing down database processing. This has been addressed by
    adding a configurable limit to the number of records that can
    be stored per name and type in a cache or zone database. The
    default is 100, which can be tuned with the new
    max-types-per-name option. (CVE-2024-1737)
    [bsc#1228256]
  * Validating DNS messages signed using the SIG(0) protocol (RFC
    2931) could cause excessive CPU load, leading to a
    denial-of-service condition. Support for SIG(0) message
    validation was removed from this version of named.
    (CVE-2024-1975)
    [bsc#1228257]
  * Due to a logic error, lookups that triggered serving stale data
    and required lookups in local authoritative zone data could
    have resulted in an assertion failure. This has been fixed.
  * Potential data races were found in our DoH implementation,
    related to HTTP/2 session object management and endpoints set
    object management after reconfiguration. These issues have been
    fixed.
  * When looking up the NS records of parent zones as part of
    looking up DS records, it was possible for named to trigger an
    assertion failure if serve-stale was enabled. This has been
    fixed. (CVE-2024-4076)
    [bsc#1228258]

==== emacs ====
Subpackages: emacs-el emacs-eln emacs-info emacs-nox etags

- Use simple trusted members of the group games (boo#1228058)
- Split off the emacs-games package for score handling (boo#1227737)
- Implement setgid based score handling
- The xauth patch should ignore any locking at read time
  as otherwise emacs server might hang
- Provide support of ELPA systemwide installations to OBS

==== gnutls ====
Version update (3.8.5 -> 3.8.6)
Subpackages: libgnutls-dane0 libgnutls30 libgnutls30-32bit

- Update to 3.8.6:
  * libgnutls: PBMAC1 is now supported as a MAC mechanism for PKCS#12
    To be compliant with FIPS 140-3, PKCS#12 files with MAC based on
    PBKDF2 (PBMAC1) is now supported, according to the specification
    proposed in draft-ietf-lamps-pkcs12-pbmac1.
  * libgnutls: SHA3 extendable output functions (XOF) are now supported
    SHA3 XOF, SHAKE128 and SHAKE256, are now usable through a new
    public API gnutls_hash_squeeze.
  * API and ABI modifications:
  - gnutls_pkcs12_generate_mac3: New function
  - gnutls_pkcs12_flags_t: New enum
  - gnutls_hash_squeeze: New function
  * Rebase patches:
  - gnutls-FIPS-140-3-references.patch
  - gnutls-FIPS-jitterentropy.patch

==== kdump ====
Version update (2.0.7 -> 2.0.9)

- upgrade to version 2.0.9
  * start kdump-early earlier using DefaultDependencies=no
  * fadump: avoid re-registration if kernel is hotplug ready
  * mkdumprd: use pbl to get default kernel version (boo#1226676)

==== lua54 ====
Version update (5.4.6 -> 5.4.7)

- Update to version 5.4.7:
  * Fixed 11 bugs from 5.4.6
  * Tests now run on shared libraries
- Removed skip-tests_big-endian.patch: fixed upstream

==== ncurses ====
Version update (6.5.20240629 -> 6.5.20240713)
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen

- Add ncurses patch 20240713
  + modify misc/ncurses-config.in, improved match with pkg-config output.
- Add ncurses patch 20240706
  + update configure script to use macro changes from dialog.
  + modify CF_NCURSES_PTHREADS to avoid equating package and library
    names.

==== openSUSE-release ====
Version update (20240725 -> 20240726)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd

- automatically generated by openSUSE-release-tools/pkglistgen

==== openssl-3 ====
Subpackages: libopenssl3 libopenssl3-32bit libopenssl3-x86-64-v3

- Build with no-afalgeng [bsc#1226463]
- Security fix: [bsc#1227138, CVE-2024-5535]
  * SSL_select_next_proto buffer overread
  * Add openssl-CVE-2024-5535.patch
- Build with enabled sm2 and sm4 support [bsc#1222899]

==== powerdevil6 ====
Subpackages: powerdevil6-lang

- Add patch to fix crash on display wake up (kde#490356, kde#490421):
  * 0001-daemon-Don-t-leave-dangling-Action-pointers-in-idle-.patch

==== python-pyOpenSSL ====
Version update (24.1.0 -> 24.2.1)

- 24.2.1:
  * Deprecated OpenSSL.crypto.X509Req,
    OpenSSL.crypto.load_certificate_request,
    OpenSSL.crypto.dump_certificate_request.
    Instead, cryptography.x509.CertificateSigningRequest,s
    cryptography.x509.CertificateSigningRequestBuilder,s
    cryptography.x509.load_der_x509_csr,s
    or cryptography.x509.load_pem_x509_csr should be used.
  * Added type hints for the SSL module. #1308.
  * Changed OpenSSL.crypto.PKey.from_cryptography_key to accept public and private EC, ED25519, ED448 keys

==== qemu ====
Version update (9.0.1 -> 9.0.2)
Subpackages: qemu-accel-tcg-x86 qemu-audio-spice qemu-block-curl qemu-block-nfs qemu-block-rbd qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-host qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-img qemu-ipxe qemu-ksm qemu-lang qemu-microvm qemu-pr-helper qemu-seabios qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios qemu-x86

- roms: Build ipxe with NO_WERROR=1 (bsc#1227960)
- Update to version 9.0.2:
  Full list of backports here:
  https://lore.kernel.org/qemu-devel/1718081053.366429.1238758.nullmailer@tls.msk.ru/
  A selection of them is reported here too:
  hw/nvme: fix number of PIDs for FDP RUH update
  sphinx/qapidoc: Fix to generate doc for explicit, unboxed arguments
  char-stdio: Restore blocking mode of stdout on exit
  virtio: remove virtio_tswap16s() call in vring_packed_event_read()
  virtio-pci: Fix the failure process in kvm_virtio_pci_vector_use_one()
  tcg/optimize: Fix TCG_COND_TST* simplification of setcond2
  block: Parse filenames only when explicitly requested
  iotests/270: Don't store data-file with json: prefix in image
  iotests/244: Don't store data-file with protocol in image
  qcow2: Don't open data_file with BDRV_O_NO_IO
  tests: add testing of parameter=3D1 for SMP topology (bsc#1228169)
  hw/core: allow parameter=3D1 for SMP topology on any machine
  ...

==== rsyslog ====
Version update (8.2306.0 -> 8.2406.0)

- Upgrade to rsyslog 8.2406.0
-patches replaced by upgrade (see details in upgrade logs below)
    0001-use-logind-instead-of-utmp-for-wall-messages-with-sy.patch
  * 2023-11-29: Revert "Update omlibdbi.c"
  * 2023-11-21: imkmsg: add params "readMode" and "expectedBootCompleteSeconds"
  * 2023-11-10: testbench: fix "typo" in test case
  * 2023-11-08: omazureeventhubs: Corrected handling of transport closed failures
  * 2023-10-31: imkmsg: add module param parseKernelTimestamp
  * 2023-11-03: imfile: remove state file on file delete fix
  * 2023-10-30: imklog bugfix: keepKernelTimestamp=off config param did not work
  * 2023-10-30: Netstreamdriver: deallocate certificate related resources
  * 2023-10-20: TLS subsystem: add remote hostname to error reporting
  * 2023-10-21: Fix forking issue do to close_range call
  * 2023-10-23: replace debian sample systemd service file by readme
  * 2023-10-20: testbench: bump zookeeper version to match current offering
  * 2023-10-20: Update rsyslog.service sample unit to the latest version used in Debian Trixie
  * 2023-10-20: Only keep a single rsyslog.service for Debian
  * 2023-10-20: Remove no longer used --with-systemdsystemunitdir configure switch
  * 2023-10-18: use logind instead of utmp for wall messages with systemd
  - replaces 0001-use-logind-instead-of-utmp-for-wall-messages-with-sy.patch
  * 2023-10-11: Typo fixes
  * 2023-10-11: Drop CAP_IPC_LOCK capability
  * 2023-10-04: Add CAP_NET_RAW capability due to the omudpspoof module
  * 2023-10-03: Add new global config option "libcapng.enable"
  * 2023-10-02: tcp net subsystem: handle data race gracefully
  * 2023-08-31: Avoid crash on restart in imrelp SIGTTIN handler
  * 2023-09-26: fix startup issue on modern systemd systems
  * 2023-09-14: Fix misspeling in message.
  * 2023-09-13: tcpflood bugfix: plain tcp send error not properly reported
  * 2023-09-12: omprog bugfix: Add CAP_DAC_OVERRIDE to the bounding set
  * 2023-08-02: testbench: cleanup and improve some more imfile tests
  * 2023-08-02: lookup tables: fix static analyzer issue
  * 2023-08-02: lookup tables bugfix: reload on HUP did not work when backgrounded
  * 2023-07-28: CI: fix and cleaup github workflow
  * 2023-03-07: imjournal: Support input module
  * 2023-07-28: testbench: make test more reliable
  * 2023-07-28: tcpflood: add -A option to NOT abort when sending fails
  * 2023-07-28: tcpflood: fix today's programming error
  * 2023-07-28: openssl: Replaced depreceated method SSLv23_method with TLS_method
  * 2023-07-27: testbench improvement: define state file directories for imfile tests
  * 2023-07-28: testbench: cleanup a test and some nitfixes to it
  * 2023-07-27: tcpflood bugfix: TCP sending was not implemented properly
  * 2023-07-26: testbench: make waiting for HUP processing more reliable
  * 2023-07-25: build system: make rsyslogd execute when --disable-inet is configured
  * 2023-07-25: CI: update zookeper download to newer version
  * 2023-07-10: ossl driver: Using newer INIT API for OpenSSL 1.1+ Versions
  * 2023-07-11: ossl: Fix CRL File Expire from 1 day to 100 years.
  * 2023-07-06: PR5175: Add TLS CRL Support for GnuTLS driver and OpenSSL 1.0.2+
  * 2022-05-13: omazureeventhubs: Initial implementation of new output module
  * 2023-07-03: TLS CRL Support Issue 5081
  * 2023-06-29: action.resumeintervalmax: the parameter was not respected
  * 2023-06-28: IMHIREDIS::FIXED:: Restore compatiblity with hiredis < v1.0.0
  * 2023-05-15: Add the 'batchsize' parameter to imhiredis
  * 2023-06-28: Clear undefined behavior in libgcry.c (GH #5167)
  * 2023-06-22: Do not try to drop capabilities when we don't have any
  * 2023-06-22: testbench: use newer zookeeper version in tests
  * 2023-06-22: build system: more precise error message on too-old lib
  * 2023-05-17: Fix quoting for omprog, improg, mmexternal

==== salt ====
Subpackages: python3-salt salt-master salt-minion salt-transactional-update

- Fix rich rule comparison in firewalld module (bsc#1222684)
- Added:
  * firewalld-normalize-new-rich-rules-before-comparing-.patch

==== xdg-utils ====

- Separate xdg-screensaver into a subpackage to isolate Perl
  dependency (bsc#1216537).

==== xfce4-screenshooter ====
Version update (1.10.6 -> 1.11.0)
Subpackages: xfce4-screenshooter-lang xfce4-screenshooter-plugin

- Add BuildRequires to enable Wayland support.
- Update to 1.11.0
  * Drop built-in support for imgur
  * Drop jobs-related code
  * Drop libsoup dependency
  * Use XDG_DATA_HOME in imgur-upload.sh
  * Make sure screenshot is copied to clipboard before closing (!56)
  * Add more tests
  * build: clang: Silence -Wcast-align
  * Translation Updates

==== yast2-kdump ====
Version update (5.0.0 -> 5.0.1)

- Do not suggest Kdump if Systemd-Boot is used. Kdump is not stable
  if Systemd-Bootloader is used. (bsc#1226676, bsc#1228242)
- 5.0.1