Removed rpms
============

 - Mesa-libEGL1-32bit
 - Mesa-libGL-devel-32bit
 - Mesa-libd3d-32bit
 - Mesa-libglapi0-32bit
 - blas-devel-32bit
 - blas-man
 - command-not-found
 - corepack18
 - gedit-plugin-code-assistance
 - glibc-locale-32bit
 - gnome-passwordsafe
 - gnome-passwordsafe-lang
 - grub2-powerpc-ieee1275-debug
 - gstreamer-32bit
 - gstreamer-plugins-bad-fluidsynth-32bit
 - gstreamer-plugins-good-jack-32bit
 - Mesa-vulkan-device-select-32bit
 - gstreamer-plugins-good-extra-32bit
 - gstreamer-plugins-ugly-32bit
 - krb5-32bit
 - lapacke-devel-32bit
 - libgcrypt20-32bit
 - libgcrypt20-hmac-32bit
 - libgstmpegts-1_0-0-32bit
 - libgstplay-1_0-0-32bit
 - libgstplayer-1_0-0-32bit
 - libgsttag-1_0-0-32bit
 - liblapack3-32bit
 - liblapacke3-32bit
 - libnettle-devel-32bit
 - libnettle8-32bit
 - libopenblas-pthreads_0_3_21-gnu-hpc-32bit
 - libopenblas-pthreads_0_3_21-gnu-hpc-devel-32bit
 - libopenblas_0_3_21-gnu-hpc-32bit
 - libopenblas_0_3_21-gnu-hpc-devel-32bit
 - libopenblas_serial0-32bit
 - libopenssl1_1-hmac-32bit
 - libpipewire-0_3-0-32bit
 - libpolkit-gobject-1-0-32bit
 - libpython3_6m1_0-32bit
 - libsmartcols-devel-32bit
 - libsystemd0-32bit
 - libtss2-fapi1-32bit
 - libtss2-mu0-32bit
 - libtss2-sys1-32bit
 - libtss2-tcti-device0-32bit
 - libuuid-devel-32bit
 - libvulkan_intel-32bit
 - libwebkit2gtk-4_0-37-32bit
 - libz1-32bit
 - nss-myhostname-32bit
 - pipewire-alsa-32bit
 - pipewire-libjack-0_3-32bit
 - samba-client-32bit
 - samba-devel-32bit
 - samba-libs-python3-32bit
 - systemd-32bit
 - wine-32bit
 - wine-nine-standalone-32bit
 - zlib-devel-32bit
 - glibc-locale-32bit
 - qemu-ipxe
 - janus-gateway
 - janus-gateway-devel
 - kicad-doc-pdf-ru
 - krb5-devel-32bit
 - libLLVM15-32bit
 - libOSMesa8-32bit
 - libfdisk1-32bit
 - libfwupdplugin5
 - libgbm-devel-32bit
 - libgnutls30-32bit
 - libgranite5
 - libgstadaptivedemux-1_0-0-32bit
 - libgstbadaudio-1_0-0-32bit
 - libgstcodecs-1_0-0-32bit
 - libgstpbutils-1_0-0-32bit
 - libgstrtp-1_0-0-32bit
 - libgstrtsp-1_0-0-32bit
 - libgstsctp-1_0-0-32bit
 - libgsturidownloader-1_0-0-32bit
 - libhogweed6-32bit
 - libnco-5_1_0
 - libnco_c++-5_1_0
 - libnice10-32bit
 - libopenblas_openmp-devel-32bit
 - libopenblas_pthreads-devel-32bit
 - libopenblas_pthreads0-32bit
 - libopenssl1_1-32bit
 - libportmidi2
 - libpython3_11-1_0-32bit
 - libraft2
 - librem3
 - libsqlcipher-3_39_2-0
 - libswitchboard-2_0-0
 - libtss2-tcti-cmd0-32bit
 - libtss2-tcti-mssim0-32bit
 - libudev1-32bit
 - libuhd4_3_0
 - libwebkit2gtk-4_1-0-32bit
 - libxslt1-32bit
 - nodejs18
 - nodejs18-devel
 - nodejs18-docs
 - npm18
 - perl-Gnome2-GConf
 - pipewire-modules-0_3-32bit
 - pipewire-spa-plugins-0_2-32bit
 - python3-git-pw
 - samba-client-libs-32bit
 - samba-libs-32bit
 - samba-winbind-libs-32bit
 - sssd-common-32bit
 - switchboard
 - switchboard-devel
 - switchboard-lang
 - typelib-1_0-FwupdPlugin-1_0
 - typelib-1_0-Gst-1_0-32bit
 - xen-libs-32bit

Added rpms
==========

 - Font-Downloader
 - Font-Downloader-lang
 - Mesa-vulkan-device-select-32bit
 - audaspace-plugin-ffmpeg
 - audaspace-plugin-jack
 - audaspace-plugin-openal
 - audaspace-plugin-pulse
 - audaspace-plugin-sdl2
 - audaspace-plugin-sndfile
 - bpfmon
 - cblas-devel-32bit
 - clap-lsp-plugins
 - consoleet-utils
 - criterion
 - criterion-lang
 - deepin-wayland-protocols
 - dqlite-devel
 - dwayland-devel
 - fwupd-bash-completion
 - fwupd-doc
 - grub2-arm64-efi-extras
 - grub2-i386-efi-extras
 - grub2-i386-pc-extras
 - grub2-i386-xen-extras
 - grub2-s390x-emu-extras
 - grub2-x86_64-efi-extras
 - grub2-x86_64-xen-extras
 - gstreamer-plugins-good-extra-32bit
 - gstreamer-plugins-ugly-32bit
 - gtk4-metatheme-greybird-geeko
 - Mesa-libEGL1-32bit
 - Mesa-libGL-devel-32bit
 - Mesa-libd3d-32bit
 - Mesa-libglapi0-32bit
 - blas-devel-32bit
 - gstreamer-32bit
 - gstreamer-plugins-bad-fluidsynth-32bit
 - gstreamer-plugins-good-jack-32bit
 - krb5-devel-32bit
 - libLLVM15-32bit
 - libOSMesa8-32bit
 - libcblas3-32bit
 - libfdisk1-32bit
 - libgbm-devel-32bit
 - libgnutls30-32bit
 - libgstadaptivedemux-1_0-0-32bit
 - libgstbadaudio-1_0-0-32bit
 - libgstcodecs-1_0-0-32bit
 - libgstpbutils-1_0-0-32bit
 - libgstrtp-1_0-0-32bit
 - libgstrtsp-1_0-0-32bit
 - libgstsctp-1_0-0-32bit
 - libgsturidownloader-1_0-0-32bit
 - libgstwebrtcnice-1_0-0-32bit
 - libhogweed6-32bit
 - libnice10-32bit
 - libopenblas_openmp-devel-32bit
 - libopenblas_pthreads-devel-32bit
 - libopenblas_pthreads0-32bit
 - libopenssl1_1-32bit
 - libpython3_11-1_0-32bit
 - libtss2-tcti-cmd0-32bit
 - libtss2-tcti-mssim0-32bit
 - libudev1-32bit
 - libwebkit2gtk-4_1-0-32bit
 - libxslt1-32bit
 - pipewire-modules-0_3-32bit
 - pipewire-spa-plugins-0_2-32bit
 - samba-client-libs-32bit
 - samba-libs-32bit
 - samba-winbind-libs-32bit
 - sssd-common-32bit
 - typelib-1_0-Gst-1_0-32bit
 - xen-libs-32bit
 - grub2-powerpc-ieee1275-debug
 - grub2-powerpc-ieee1275-extras
 - kicad-lang
 - krb5-32bit
 - lapacke-devel-32bit
 - libDWaylandClient5
 - libDWaylandServer5
 - libaudaspace-c1_4
 - libaudaspace-py1_4
 - libaudaspace1_4
 - libcbor-doc
 - libcbor0_10
 - libcriterion3
 - libcriterion3-devel
 - libdav1d6
 - libdav1d6-32bit
 - libdqlite0
 - libgcrypt20-32bit
 - libgcrypt20-hmac-32bit
 - libgranite6
 - libgstcuda-1_0-0
 - libgstcuda-1_0-0-32bit
 - libgstmpegts-1_0-0-32bit
 - libgstplay-1_0-0-32bit
 - libgstplayer-1_0-0-32bit
 - libgsttag-1_0-0-32bit
 - libgstwebrtcnice-1_0-0
 - liblapack3-32bit
 - liblapacke3-32bit
 - libnco-5_1_4
 - libnco_c++-5_1_4
 - libnettle-devel-32bit
 - libnettle8-32bit
 - libopenblas-gnu12-hpc
 - libopenblas-gnu12-hpc-devel
 - libopenblas-pthreads-gnu12-hpc
 - libopenblas-pthreads-gnu12-hpc-devel
 - libopenblas-pthreads_0_3_21-gnu12-hpc
 - libopenblas-pthreads_0_3_21-gnu12-hpc-devel
 - libopenblas_0_3_21-gnu12-hpc
 - libopenblas_0_3_21-gnu12-hpc-devel
 - libopenblas_serial0-32bit
 - libopenssl1_1-hmac-32bit
 - libpipewire-0_3-0-32bit
 - libpolkit-gobject-1-0-32bit
 - libportmidi0
 - libpython3_6m1_0-32bit
 - libraft3
 - librem4
 - libsmartcols-devel-32bit
 - libsqlcipher-3_39_4-0
 - libsystemd0-32bit
 - libtss2-fapi1-32bit
 - libtss2-mu0-32bit
 - libtss2-sys1-32bit
 - libtss2-tcti-device0-32bit
 - libuhd4_4_0
 - libuuid-devel-32bit
 - libvulkan_intel-32bit
 - libwebkit2gtk-4_0-37-32bit
 - libyascreen0
 - libz1-32bit
 - nss-myhostname-32bit
 - openblas-pthreads_0_3_21-gnu12-hpc-devel-static
 - openblas_0_3_21-gnu12-hpc-devel-static
 - pgloader
 - php7-phpunit
 - php8-phpunit
 - pipewire-alsa-32bit
 - pipewire-libjack-0_3-32bit
 - portmidi-java
 - postgresql12-orafce
 - postgresql13-orafce
 - postgresql14-orafce
 - postgresql15-orafce
 - python3-pvirsh
 - qemu-ipxe
 - salt-tests
 - samba-client-32bit
 - samba-devel-32bit
 - samba-libs-python3-32bit
 - scout-command-not-found
 - systemd-32bit
 - typelib-1_0-CudaGst-1_0
 - typelib-1_0-GstCuda-1_0
 - typelib-1_0-GstVa-1_0
 - wine-32bit
 - wine-nine-standalone-32bit
 - yascreen-devel
 - zlib-devel-32bit

Package Source Changes
======================

Catch2-2
+- Update to version 2.13.10:
+  * Fixed issue with catch_discover_tests when there is multiple of
+    256 tests (gh#catchorg/Catch2#2401, gh#catchorg/Catch2#2503).
+  * Catch2-provided main and wmain are explicitly marked as __cdecl
+    when compiled with MSVC (gh#catchorg/Catch2#2486,
+    gh#catchorg/Catch2#2487).
+  * Replaced deprecated std::aligned_storage
+    (gh#catchorg/Catch2#2419, gh#catchorg/Catch2#2420).
+- Minor rebase of fix-pragmas-old-gcc.patch to apply cleanly.
+
Mesa
+- U_ReturnME.patch
+  * fixes blackscreen in Return To Monkey Island on Intel graphics
+    (boo#1208145)
+
+- Update to version 22.3.5
+  * bug fix release which fixes bugs found since Mesa 22.3.4
+  * see https://docs.mesa3d.org/relnotes/22.3.5.html for more
+    details
+- refreshed u_dep_xcb.patch
+
+- Don't enable rusticl without opencl
+
-  video_codecs should be built (these were never needed and used
+  video_codecs should be built (these were never needed nor used
Mesa:drivers
+- U_ReturnME.patch
+  * fixes blackscreen in Return To Monkey Island on Intel graphics
+    (boo#1208145)
+
+- Update to version 22.3.5
+  * bug fix release which fixes bugs found since Mesa 22.3.4
+  * see https://docs.mesa3d.org/relnotes/22.3.5.html for more
+    details
+- refreshed u_dep_xcb.patch
+
+- Don't enable rusticl without opencl
+
-  video_codecs should be built (these were never needed and used
+  video_codecs should be built (these were never needed nor used
MirrorCache
+- Update to version 1.052:
+  * Detect redirects with remote root (#336)
+  * Add json parsing to FolderSync task (#337)
+  * Redirect Current.iso when no nfs mount (#339)
+  * Improve sorting of files in JavaScript (#340)
+  * Redirect huge files (#342)
+  * Secure last_id for jobs monitoring stat (#341)
+
+- Update to version 1.051:
+  * Add P/GLOB and REGEX parameters to file listing  (#334)
+  * ui: Move mirrorlist url to size/mtime column (#335)
+  * Improve url escaping in ui and redirects (#335)
+
+- Update to version 1.050:
+  * Show description of top level folders for openSUSE (#333)
+  * Do not access DB in local render for / (#333)
+  * Improve layout for small screen size (#333)
+  * Implement realpath for remote root with nfs (#331)
+
+- Update to version 1.049:
+  * Unify display of current path in /browse /download and .mirrorlist (#327)
+  * Show only hostname in mirrorlist url (#329)
+  * Set content-type for zsync (#328)
+  * Discover folders using realpath (#330)
+
+- Update to version 1.048:
+  * Fix sorting by size in /report/download (#324)
+  * Change page size in /report/download (#324)
+  * Improve sorting in /browse (#324)
+  * Fix map icon not shown properly in .mirrorlist (#324)
+
+- Update to version 1.047:
+  * Add /browse route to navigate folders with ajax (#322)
+  * Render TOP_FOLDER with /browse if browser (#322)
+  * Add ajax table for the one dimension download reports (#318)
+  * Cleanup stat older than STAT_KEEP_DAYS (8) (#319)
+  * Fix db password from ini file wasnt taken in all places (#323)
+  * Add option for enabling Mojo Status Plugin (#318)
+
MozillaFirefox
+- Firefox Extended Support Release 102.8.0 ESR
+  Placeholder changelog-entry (bsc#1208144)
+
-  Placeholder changelog-entry (bsc#1207119)
+  * Fixed: Various stability, functionality, and security fixes.
+  MFSA 2023-02 (bsc#1207119)
+  * CVE-2022-46871 (bmo#1795697)
+    libusrsctp library out of date
+  * CVE-2023-23598 (bmo#1800425)
+    Arbitrary file read from GTK drag and drop on Linux
+  * CVE-2023-23599 (bmo#1777800)
+    Malicious command could be hidden in devtools output on
+    Windows
+  * CVE-2023-23601 (bmo#1794268)
+    URL being dragged from cross-origin iframe into same tab
+    triggers navigation
+  * CVE-2023-23602 (bmo#1800890)
+    Content Security Policy wasn't being correctly applied to
+    WebSockets in WebWorkers
+  * CVE-2022-46877 (bmo#1795139)
+    Fullscreen notification bypass
+  * CVE-2023-23603 (bmo#1800832)
+    Calls to <code>console.log</code> allowed bypasing Content
+    Security Policy via format directive
+  * CVE-2023-23605 (bmo#1764921, bmo#1802690, bmo#1806974)
+    Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7
MozillaThunderbird
+- Mozilla Thunderbird 102.8.0
+  * new: Added option to build RNP library with OpenSSL backend
+    (use "--with-librnp-backend=openssl" configure option)
+    (bmo#1799123,bmo#1805215)
+  * changed: Thunderbird now warns user that OpenPGP is disabled
+    if RNP library is outdated or missing (bmo#1799874)
+  * fixed: "Get Messages" did not retrieve messages from Gmail
+    accounts using a local folder as a deferred inbox
+    (bmo#1799106)
+  * fixed: Various visual and UX improvements
+    (bmo#1777788,bmo#1790278)
+  * unresolved: Source strings for localized builds not uploaded
+    to FTP as expected (bmo#1817086)
+  * fixed: Various security fixes
+  MFSA 2023-07 (bsc#1208144)
+  * CVE-2023-0616 (bmo#1806507)
+    User Interface lockup with messages combining S/MIME and
+    OpenPGP
+  * CVE-2023-25728 (bmo#1790345)
+    Content security policy leak in violation reports using
+    iframes
+  * CVE-2023-25730 (bmo#1794622)
+    Screen hijack via browser fullscreen mode
+  * CVE-2023-0767 (bmo#1804640)
+    Arbitrary memory write via PKCS 12 in NSS
+  * CVE-2023-25735 (bmo#1810711)
+    Potential use-after-free from compartment mismatch in
+    SpiderMonkey
+  * CVE-2023-25737 (bmo#1811464)
+    Invalid downcast in SVGUtils::SetupStrokeGeometry
+  * CVE-2023-25738 (bmo#1811852)
+    Printing on Windows could potentially crash Thunderbird with
+    some device drivers
+  * CVE-2023-25739 (bmo#1811939)
+    Use-after-free in
+    mozilla::dom::ScriptLoadContext::~ScriptLoadContext
+  * CVE-2023-25729 (bmo#1792138)
+    Extensions could have opened external schemes without user
+    knowledge
+  * CVE-2023-25732 (bmo#1804564)
+    Out of bounds memory write from EncodeInputStream
+  * CVE-2023-25734 (bmo#1784451, bmo#1809923, bmo#1810143,
+    bmo#1812338)
+    Opening local .url files could cause unexpected network loads
+  * CVE-2023-25742 (bmo#1813424)
+    Web Crypto ImportKey crashes tab
+  * CVE-2023-25746 (bmo#1544127, bmo#1762368, bmo#1789449,
+    bmo#1803628, bmo#1810536)
+    Memory safety bugs fixed in Thunderbird 102.8
+
+- Mozilla Thunderbird 102.7.2
+  * fixed: Various crash fixes (bmo#1806245,bmo#1806247)
+
RemoteBox
+- Update to 3.2
+  - RemoteBox now requires VirtualBox 7.0.x
+  - Started the process of moving away from Glade and implementing
+    GUI code natively. This is significant effort and involves a
+    large amount of code churn which will span many releases.
+  - Added option to attach an ISO when creating a new guest
+  - Added support for setting the TPM (Trusted Platform Module) types
+    TPM v1.2
+    TPM v2.0
+  - Added support for setting Secure Boot (where supported)
+  - Added support for the following network cards:
+    Novell NE2000
+    Novell NE1000
+    WD/SMC EtherCard Plus 16
+    WD/SMC EtherCard Plus
+    3Com EtherLink II
+    3Com EtherLink
+  - Added support for the Windows Audio System (WAS)
+  - Added support for USB Multi-Touch screen and pad
+  - Added ability to edit an IPv4 Port Forwarding rule
+  - Added ability to edit an IPv6 Port Forwarding rule
+  - Added 'Devices' menu with items orignally in the 'Machine' menu
+  - Added 'Actions' menu with items orignally in the 'Machine' menu
+  - Added 'New Floppy Disk Image' to the 'Change Floppy' menu
+  - Added 'Add Floppy Disk Image' to the 'Change Floppy' menu
+  - Added 'Add Floppy Disk Image' to the menus when editing storage
+    menu when attaching storage in
+  - Added 'Add Optical Disc Image' to the 'Change Optical Disc' menu
+  - Added 'Add Optical Disc Image' to the menus when editing storage
+  - The 'Devices' menu now pops up instead of the 'Machine' menu on
+    an RMB event on the guest list
+  - The 'Change Floppy' and 'Change Optical Disc' menus are now
+    usable with guests that are powered off
+  - Updated many operating system icons
+  - Added several new dialog motifs
+  - Various minor GUI tweaks
+
Srain
+- Update to version 1.5.0
+  Features:
+  * Able to identify Nordic GTK Theme as dark theme
+  * Activate the corresponding buffer to a response user query
+  Changes:
+  * Suppress error message when connection keeps failing
+  Bug fixes:
+  * Fix SASL authentication error when connecting to Soju
+- Update to version 1.4.0
+  Features:
+  * Add support for IRCv3 standard-replies
+  * Add support for SASL EXTERNAL, invite-notify, server-time
+  * Add conf item server-visibility for setting default server visiblity
+  * Add /clear command for clearing messages of current buffer
+
VirtualGL
+- update to 3.0.2:
+  1. Support for transparent overlay visuals has been retired in this version of
+  VirtualGL.  That feature will continue to be maintained in the 2.6.x branch on
+  a break/fix basis only.  Most applications that once used transparent overlay
+  visuals used them with color index rendering, which was removed in OpenGL 3.1
+  in 2009.  Thus, almost all applications that render overlays now do so using
+  other mechanisms.  Furthermore, the need for VirtualGL to hand off the
+  rendering of transparent overlay visuals to the 2D X server has always limited
+  the usefulness of the feature, and the discontinuation of the VirtualGL Client
+  for Exceed relegated the feature to Un*x clients (with workstation-class GPUs)
+  and the VGL Transport only.  Given that nVidia's implementation of transparent
+  overlay visuals requires disabling the X Composite extension, which cannot be
+  done in many modern Linux distributions, that further limited the feature to
+  the point of uselessness.
+  2. The VirtualGL Faker now assigns various permutations of common OpenGL
+  rendering attributes to the available 2D X server visuals.  This maximizes the
+  chances that "visual hunting" 3D applications (applications that use X11
+  functions to obtain a list of 2D X server visuals, then iterate through the
+  list with `glXGetConfig()` until they find a visual with a desired set of
+  OpenGL rendering attributes) will find a suitable visual.
+  `VGL_DEFAULTFBCONFIG` can still be used to assign a specified set of OpenGL
+  rendering attributes to all 2D X server visuals, although the usefulness of
+  that feature is now very limited.
+  3. The VirtualGL Faker now includes an EGL back end that optionally emulates
+  the GLX API using a combination of the EGL API (with the
+  `EGL_EXT_platform_device` extension) and OpenGL renderbuffer objects (RBOs.)
+  On supported platforms, the EGL back end allows the VirtualGL Faker to be used
+  without a 3D X server.  The EGL back end can be activated by setting the
+  `VGL_DISPLAY` environment variable to the path of a DRI device, such as
+  * */dev/dri/card0**, or by passing that device path to `vglrun` using the `-d`
+  argument.  Some obsolete OpenGL and GLX features are not supported by the EGL
+
+- update to 3.0.2
+  * Now supports use of EGL as well as GLX
+
act
+- Spec file:
+  Fix bsc#1207021 to report the correct version when calling "act --version"
+  Wrong version is fixed with sed in act-0.2.34/main.go
+  Reported upstream as GH://nektos/act#1555
+
adwaita-xfce-icon-theme
+- Dependency adwaita-icon-theme needs to be explicit
+
+- Update to version 0.0.3+git0.e0f73b9:
+  * Add properly scaled phone icon
+  * Fix up entries in index.theme
+
amsynth
+- Switch to the full source code archive to get the missing
+  data files for amsynth.lv2
+
+- Update to version 1.13.1:
+  * Fixed a crash when parsing XSettings on some systems
+    (gh#amsynth/amsynth#221).
+
android-udev-rules
+- Update to version 20230104
+  Features
+  * Add RMX3231 - RealmeC11 2021 (#237)
+  * Add support for Vivo devices (#238)
+  * Add Meizu M1 E (#246)
+  * Add support for Polar vendor
+  Miscellaneous Tasks
+  * Add OnePlus 8T PTP and MTP support (close #240) (#245)
+
apptainer
+- update to 1.1.6 with following changes:
+  * Included a fix for CVE-2022-23538 which potentially leaked user credentials
+    to a third-party S3 storage service when using the library:// protocol. See
+    the https://github.com/sylabs/scs-library-client/security/advisories/GHSA-7p8m-22h4-9pj7
+    for details.
+  * Make PS1 environment variable changeable via %environment section on
+    definition file that used to be only changeable via APPTAINERENV_PS1
+    outside of container. This makes the container's prompt customizable.
+  * Fix the passing of nested bind mounts when there are multiple binds
+    separated by commas and some of them have colons separating sources and
+    destinations.
+  * Hide messages about SINGULARITY variables if corresponding APPTAINER
+    variables are defined. Fixes a regression introduced in 1.1.4.
+  * Print a warning if extra arguments are given to a shell action, and show in
+    the run action usage that arguments may be passed.
+  * Check for the existence of the runtime executable prefix, to avoid issues
+    when running under Slurm's srun. If it doesn't exist, fall back to the
+    compile-time prefix.
+  * Increase the timeout on image driver (that is, FUSE) mounts from 2 seconds
+    to 10 seconds. Instead, print an INFO message if it takes more than 2
+    seconds.
+  * If a remote is defined both globally (i.e. system-wide) and individually,
+    change apptainer remote commands to print an info message instead of
+    exiting with a fatal error and to give precedence to the individual
+    configuration.
+
+- Update to 1.1.5 with following changes:
+  * Fix the use of fakeroot, faked, and libfakeroot.so if they are not suffixed
+    by -sysv, as is for instance the case on Gentoo Linux.
+  * Prevent the use of a --libexecdir or --bindir mconfig option from making
+    apptainer think it was relocated and so preventing use of suid mode. The
+    bug was introduced in v1.1.4.
+  * Add helpful error message for build --remote option.
+  * Add more helpful error message when no library endpoint found.
+  * Avoid cleanup errors on exit when mountpoints are busy by doing a lazy
+    unmount if a regular unmount doesn't work after 10 tries.
+  * Make messages about using SINGULARITY variables less scary.
+
armadillo
+- Update to version 11.4.3:
+  * Undocumented bug fixes.
+- Update source URL.
+
audaspace
+- Update to release 1.4.0
+  * Support for OS specific/native audio devices/backends has been
+    added, that is PulseAudio (Linux), WASAPI (Windows) and
+    CoreAudio (MacOS).
+  * New sound effects have been added, namely Modulator and
+    Equalizer. Thanks to Marcos Perez for contributing the
+    Equalizer.
+  * File stream info: if an audio file contains multiple streams
+    you can choose which one to process instead of taking the first
+    one (this feature is only supported by ffmpeg, not libsndfile).
+  * API Change: double instead of float for time values for more
+    precise timing control.
+  * There have been lots of bugfixes, which are basically the
+    majority of all changes.
+  * And some other minor improvements were implemented as well.
+- Drop upstream patches:
+  * audaspace-gcc7.patch
+  * audaspace-plugin-build-options.patch
+  * audaspace-support-ffmpeg4.patch
+  * 034645c883a51dfc8897dccce15aa8ee4a9d5c8c.patch
+- Add pkgconfig(pulse) to allow audio via pulseaudio/pipewire
+- Use pkgconfig(jack), let distro select jack implementation
+- Split plugins packages to avoid pulling in excessive
+  dependencies, and recommend at least one device plugin from
+  the library.
+
awesome-vicious
+- update to 2.6.0:
+  * Added AMD GPU widget type for Linux.
+  * Fixed typos in contrib widgets documentation.
+
-- Update to git201201201335
-  * Created AUTHORS and removed the names from spec
-
binwalk
+- add CVE-2022-4510 patch file: CVE-2022-4510.patch
+
bird
+- Update to version 2.0.12
+  * Filter: New 'onlink' route attribute.
+  * Compile-time option to use 4-way tries instead of 16-way ones.
+  * Important bugfixes.
+
bowtie2
+- Update to version 2.5.1:
+  * Fixed an issue affecting bowtie2 alignment accuracy.
+  * Updated the versions of the NCBI NGS and VDB libraries used by
+    bowtie2.
+  * Fixed a segmentation fault that would occur while aligning SRA
+    data.
+  * Fixed an issue preventing --un-mates from properly saving
+    unaligned mates.
+
build
-- regression fix for Debian Source format 3.0 (quilt), also adding
-  changelog modification now
+- CycloneDX SBOM support added
+
+- added support for generating VCS url information into rpms
+
+- SPDX SBOM generation for container and product builds
+- Revert & Redo "Better filetype detection for temp changes files"
+- Fix typo in glibc hwcaps supplements
+- Implement lua string macros
+
+- configure mkbaselibs to create glibc-hwcaps baselibs as well
+- Better filetype detection for temp changes files
+- Add hook to run checks after mkbaselibs run
+- Delete leftover multilinedefine variable definition
+- Support multiline macros in the config's macro sections
+- Support #!BuildConstraint lines
+- Support #!BuildTarget in spec files to set the build target
+  (as workaround of broken BuildArch in rpm since 2001)
+- Support a regexp for file renames
+- Set home to /root when running build time services
+
+- INCOMPATIBLE CHANGE: get rid off the power8 cpu limitation (#889) on powerpc
+- Add handling of non-compressed tar when creating Debian archive for DSC 3.0
+- Add automatic build-in-place detection
+- Support dist/package subdir builds in pbuild
+- Skip iothreads on QEMU 7.1.0
+- Fix permissions of /dev/pts/ptmx
+- Add license to container package list output
+- initial SP5 build configurations
+- vm-type:qemu use virtio on x86_64
+- Improve installation of obs-docker-support for multi-stage builds
+- Tweak ARG handling in dockerfile parser
+- fixed Undefined subroutine &PBuild::Job::ls issue
+- Add missing dependencies from vc as Recommends
+
+- fix build of testsuite spec file
+
+- sync factory build config
+- build-recipe-livebuild: run as root
+- vm_kill_kvm: Use SIGKILL after 3 minutes if the kvm process is not going away
+- Zip: Allow extraction of symlink targets
+- Convert obsolete egrep/fgrep calls to grep -E/-F
+- Add RemoteAsset support for Dockerfile based builds
+- new image format: mkosi
+- Support stacked container builds
+- Revert "build-vm-kvm: enable l3-cache on i386/x86_64 builds"
+- handling of non-compressed tar when creating Debian archive for DSC 3.0
+
+- kvm: exclude powerpc from io_uring, enable iothreads always (#829)
+- kvm: enable more performant I/O also for s390(x) (#828)
+- Changelog patching when building DSC format 3.0. (#831)
+- support for building from slsa provenance files
build-compare
+- Trim "PROVIDES" from source rpms (#59, bsc#1205998)
+
+- move license to licensedir
+- spec file cleanups
+
+- fix compatibility with older sed (#55)
+
+- handle more setuid/setgid ELF variants (#54)
+
+- fix objdump parsing for non-executable sections (#53)
+
+- fix objdump parsing (#52)
+
+- handle -a also in same-build-result.sh
+- Find rpmlint.log in more places
+- fix logic error in appstream comparison
+- rework exit handling in same-build-result.sh
+- Fix result in case no rpmlint.log exist
+- remove count of checks and packages from rpmlint.log
+- remove Check time report from rpmlint.log
+- ELF diffing performance improvements
+- unpack packages in parallel
+- Add zstd handling
+
+- Add extra handling for KMP versions
+
+- Fix build-compare for shadow package
+
+- Properly drop another duration from rpmlint.log
+
+- Drop another duration from rpmlint.log
+
+- Handle another Date: variant in DocBook generated man pages
+
+- Make output more diffable and readable
+- Fix regression in compare_archive
+- Fix unit tests
+
+- Remove usage of readarray to remain compatible with bash3
+
-- Remove warning about python mtime mismatch, a republish will not help
+- Remove warning about python mtime mismatch, a republish will not help (bsc#915948)
c-ares
+- Update to version 1.19.0
+  Security:
+  * Low. Stack overflow in ares_set_sortlist() which is used
+    during c-ares initialization and typically provided by an
+    administrator and not an end user.
+    (bsc#1208067, CVE-2022-4904)
+  Changes:
+  * Add ARES_OPT_HOSTS_FILE similar to ARES_OPT_RESOLVCONF for
+    specifying a custom hosts file location.
+  Bug fixes:
+  * Fix memory leak in reading /etc/hosts when using localhost
+    fallback.
+  * Fix chain building c-ares when libresolv is already included by
+    another project.
+  * File lookup should not immediately abort as there may be other
+    tries due to search criteria.
+  * Asterisks should be allowed in host validation as CNAMEs may
+    reference wildcard domains.
+  * AutoTools build system referenced bad STDC_HEADERS macro.
+  * Even if one address class returns a failure for
+    ares_getaddrinfo() we should still return the results we have.
+  * Fix ares_getaddrinfo() numerical address resolution with
+    AF_UNSPEC
+  * Fix tools and help information.
+  * Various documentation fixes and cleanups.
+  * Add include guards to ares_data.h
+  * c-ares could try to exceed maximum number of iovec entries
+    supported by system.
+  * The RFC6761 6.3 states localhost subdomains must be offline too
+
+- update to 1.18.1. Changes since 1.17.2:
+  * Allow '/' as a valid character for a returned name for
+    CNAME in-addr.arpa delegation
+  * no longer forwards requests for localhost resolution per RFC6761
+  * During a domain search, treat ARES_ENODATA as ARES_NXDOMAIN so
+    that the search process will continue to the next domain
+    in the search.
+  * Provide ares_nameser.h as a public interface as needed by NodeJS
+  * Add support for URI(Uniform Resource Identifier) records via
+    ares_parse_uri_reply()
+- disable unit tests for SLE12 since GCC compiler too old to build
+  unit tests
+- 5c995d5.patch: upstreamed
+- disable-live-tests.patch: refreshed
+
+- new upstream website
+- drop multibuild - tests do not require static library anymore
+- spec file cleanup
+- drop sources that were re-added to upstream distibution
+  (c-ares-config.cmake.in ares_dns.h libcares.pc.cmake)
+
-- Version update to git snapshot 1.17.1+20200724:
-  * fixes missing input validation on hostnames returned by DNS
-    servers (bsc#1188881, CVE-2021-3672)
+- update to 1.17.2:
+  Security:
+  * When building c-ares with CMake, the RANDOM_FILE would not be set
+    and therefore downgrade to the less secure random number generator
-    it would cause crash
+    it would cause a crash
-  * Expand number of escaped characters in DNS replies as
-    per RFC1035 5.1 to prevent spoofing
-  * Use unbuffered /dev/urandom for random data to prevent early startup
-    performance issues
-- missing_header.patch: upstreamed
+  * Expand number of escaped characters in DNS replies as per
+    RFC1035 5.1 to prevent spoofing follow-up
+    (bsc#1188881, CVE-2021-3672)
+  * Perform validation on hostnames to prevent possible XSS
+    due to applications not performing valiation themselves
+  Changes:
+  * ares_malloc(0) is now defined behavior (returns NULL) rather than system-specific to catch edge cases
+  Bug fixes:
+  * Building tests should not force building of static libraries except on Windows
+  * Relative headers must use double quotes to prevent pulling in a system library
+  for details see,
+  https://c-ares.haxx.se/changelog.html#1_17_2
+
+- update to 1.17.1:
+    Travis: add iOS target built with CMake (#378)
+    Issue #377 suggested that CMake builds for iOS with c-ares were broken. This PR adds an automatic Travis build for iOS CMake.
+  - fix build
+    External projects were using non-public header ares_dns.h, make public again (#376)
+    It appears some outside projects were relying on macros in ares_dns.h, even
+    though it doesn't appear that header was ever meant to be public.  That said,
+    we don't want to break external integrators so we should distribute this header
+    again.
+  - note that so versioning has moved to configure.ac
+  - note about 1.17.1
+  - fix sed gone wrong
+    autotools cleanup (#372)
+  * buildconf: remove custom logic with autoreconf
+- remove missing_header.patch (upstream)
capnet-assist
+- Update to 2.4.2:
+  * Update to elementary runtime 7
+  * Updated translations
+- Changes from 2.4.1:
+  * Update to elementary runtime 6.1
+  * Updated translation
+- Changes from 2.4.0:
+  * New icon
+  * Updated translations
+- Changes from 2.3.0:
+  * Dark style support
+  * Updated translations
+- New build dependency: pkgconfig(libhandy-1)
+
+- Update to 2.2.5:
+  * Replace Granite.Services.Settings with GLib.Settings (#51)
+
+- Update to 2.2.4:
+  * Travis: Downgrade node to 10 to fix CI
+  * Add Gettext Updates to Actions
+  * README: Fix weblate badge
+  * Delete AUTHORS
+  * Add Release to Actions
+  * AppData: Add releases info
+  * Add Lint to CI (#49)
+  * Fix code style issues
+  * Delete CODE_OF_CONDUCT.md
+  * Fix wrong merge
+  * Merge remote-tracking branch 'weblate/master'
+  * Application.vala: Replace "the following URL" with "this
+    address" (#46)
+
+- Update to 2.2.3:
+  * Spelling: following URL in, + Copyright year updated (#43)
+  * Travis: Use Houston CI (#41)
+
cargo-c
+- Update to version 0.9.15~git0.2d3044b:
+  * Prepare for release
+  * Update to cargo-0.67 and clap-4
+  * macos: Allow larger install_name entries
+  * Fix the new clippy lints
+  * Don't include version in soname ELF header if versioning is disabled
+  * Use get_many instead of values_of_lossy
+  * Use macos-12 for the macos runner
+  * Add job deps
+  * Generate paths relative to ${prefix} in the pkg-config file even if --libdir or --includedir are given
+  * Compact the main CI
+  * Fix more warnings in the main CI
+  * Use a custom release profile to strip binaries
+  * ci(deploy): Use musl abi for aarch64 linux binary, add i686 linux
+  * Remove msys2 test
+  * Update the example-project CI
+  * Make sure the supported rustc version is evident
+  * Use the default compiler to build a static binary for musl
+  * Save all the linux binaries
+  * Prepare for release
+  * Add pre-built ppc64le and aarch64 linux binaries
+  * Simplify the deploy script
+  * Fix new clippy lints
+  * Update to cargo-0.66
+  * Use dtolnay/rust-toolchain
+  * Remove actions-rs/cargo
+  * Prepare for release
+  * add support for illumos
+  * Bump cargo version
+  * Prepare for release
+  * Bump cargo to 0.64
+  * Install the windows DLL in the libdir if it is custom
+  * Fix typo on readme
+  * Bump the codecov action
+  * Add sonames on musl
+
+- Update to version 0.9.11~git0.41f5562:
+  * Prepare for release
+  * Fix clippy warnings
+  * Versions bump
+  * Add back the deps.rs badge
+  * Increase the regex requirement
+  * Prepare for release
+  * Bump cargo
+  * Add support for Haiku Operating System
+  * Add udbserver to users
+  * Extend the coverage further
+  * Fix the code coverage script
+  * Fix subcommand fallback support
+  * Print the issued commands
+  * Fix testing cross compilation
+  * Bump cargo-metadata
+  * Bump cbindgen
+  * Support rustc-1.60 and following
+  * Update to clap-3.1 and cargo-0.61
+  * Prepare for release
+  * Do not use the patch version in macOS -install_name
+  * Add Android to the build targets supported by LibType
+  * Make nightly clippy happy
+  * Simplify a writln
+  * Prepare for release
+  * Bump cargo version
+  * Remove newlines from the description
+  * Make the default destdir None
+  * CI: use MSYS2 cargo package for example project
+  * Print the PKG_CONFIG_PATH in verbose mode
+
+- Update vendored libraries to resolve security issues.
+
cglm
+- update to v0.8.8:
+  New features:
+  * new abs functions for vec2, ivec2, ivec3, ivec4
+  Bugfixes and Improvements:
+  * fix assertion in test_clamp on x86
+  * fix missing abs declaration on Emscripten
+  * switch CMAKE_BINARY_DIR to CMAKE_CURRENT_BINARY_DIR for cmake.pc
+  * see previous releases for more
+
chromium
+- Chromium 110.0.5481.177 (boo#1208589)
+  * CVE-2023-0927: Use after free in Web Payments API
+  * CVE-2023-0928: Use after free in SwiftShader
+  * CVE-2023-0929: Use after free in Vulkan
+  * CVE-2023-0930: Heap buffer overflow in Video
+  * CVE-2023-0931: Use after free in Video
+  * CVE-2023-0932: Use after free in WebRTC
+  * CVE-2023-0933: Integer overflow in PDF
+  * CVE-2023-0941: Use after free in Prompts
+  * Various fixes from internal audits, fuzzing and other initiatives
+
+- Chromium 110.0.5481.100
+  * fix regression on SAP Business Objects web UI
+  * fix date formatting behavior change from ICU 72
+
cinnamon-session
+- Fix Meson build flags for the newer Meson from SLE15(0.61.x)
+
clamav
+- Update to 0.103.8
+  * CVE-2023-20032: Fixed a possible remote code execution vulnerability
+    in the HFS+ file parser. Issue affects versions 1.0.0 and earlier,
+    0.105.1 and earlier, and 0.103.7 and earlier. (bsc#1208363)
+  * CVE-2023-20052: Fixed a possible remote information leak
+    vulnerability in the DMG file parser. Issue affects versions 1.0.0
+    and earlier, 0.105.1 and earlier, and 0.103.7 and earlier.
+    (bsc#1208365)
+  * Update vendored libmspack library to version 0.11alpha.
+
clamav-database
+- database refresh on 2023-02-27 (bsc#1084929)
+
+- database refresh on 2023-02-20 (bsc#1084929)
+
cli11
+- Update to version 2.3.2:
+  * Bugfix: Consistently use ADL for lexical_cast, making it easier to extend for custom template types #820
+  * Bugfix: Tweak the parsing of files for flags with disable_flag_override #800]
+  * Bugfix: Handle out of bounds long long #807
+  * Bugfix: Spacing of make_description min option output #808
+  * Bugfix: Print last parsed subcommand's help message #822
+  * Bugfix: Avoid floating point warning in GCC 12 #803
+  * Bugfix: Fix a few gcc warnings #813
+  * Backend: Max CMake tested 3.22 -> 3.24 #823
+- Update to version 2.3.1:
+  * Bugfix: App::get_option_group implementation missing #793
+  * Bugfix: Fix spacing when setting an empty footer #796
+  * Bugfix: Address Klocwork static analysis checking issues #785
+
clinfo
+- Update to version 3.0.23.01.25
+  * No upstream release notes.
+
cluster-glue
+- ibmhmc stonith needs to be aware of HMC version - ref:_00D1igLOd._5005qAMc5b:ref
+  (bsc#1203635)
+  * Add upstream patch:
+    38.patch
+
colordiff
+- update to 1.0.21:
+  * Support for Windows C:\ProgramData instead of /etc,
+  * improved documentation for command-line options
+
-- updated to 1.0.9 version
-  - Fix for Debian bug 513313 incorporated.
-- set /etc/colordiffrc as config file in spec
-
crmsh
+- Update to version 4.4.1+20230224.498677ab:
+  * Dev: upgradeutil: do upgrade silently (bsc#1208327, bsc#1206183)
+  * Fix: bootstrap: `crm cluster join ssh` raises TypeError (bsc#1208327)
+  * Dev: utils: Change the way to get pacemaker's version (bsc#1208216)
+
+- Update to version 4.4.1+20230217.7fe11a5c:
+  * Dev: report: Enable crm report for sudoer user
+  * Dev: bootstrap: allow the cluster to operate with ssh session under non-root sudoer (jsc#PED-290)
+  * Dev: utils: Add sudo for the commands in user hints
+  * Fix: hawk fails to parse the slash (bsc#1206217)
+  * Fix: extra logs while configuring passwordless (bsc#1207720)
+
cvise
+- Update to version 2.7.0+git.20221223.d9e4a50:
+  * Bump to 2.7.0.
+  * Fix build error with LLVM 16.
+  * enable debuginfo in CMAKE_CXX_FLAGS_RELWITHDEBINFO build type
+  * Remove extra symlink in LLVM nightly build.
+
dMagnetic
+- update to 0.35:
+  * Lots of cleanup.
+  * The memory consumption was reduced
+  * the interface between the frontend and the engine has gotten cleaner
+  * more stable savegame for Atari and Apple
+
+- Update to 0.34
+  * moved man page to section 6
+  * bugfixes and documentation update
+
dav1d
+- Drop _lto_cflags define, current version supports lto build.
+- Drop unneeded rpm BuildRequires.
+- Add pkgconfig(libxxhash) BuildRequires and stop passing
+  xhash_muxer=disabled to meson, build hash_muxer support.
+- Add check section and meson_test macro, run tests during build.
+
+- Update to version 1.0.0
+  * Automatic thread management.
+  * Add support for AVX-512 acceleration.
+  * x86 code speedup (from SSE2 to AVX2).
+  * New grain API to ease acceleration on the GPU.
+  * New API call to get information of which frame failed to
+    decode, in error cases.
+  * Numerous small bug fixes.
+- Bump soversion to 6
+
deepin-compressor
+- update to 5.12.12:
+  * see https://github.com/linuxdeepin/deepin-compressor/compare/5.12.8...5.12.12
+
deepin-editor
-- Update version tp 5.10.35
+- Update version to 5.10.40
+  * Fix bugs
+
+- Update version to 5.10.35
deepin-image-viewer
+- Add update-libraw-api.patch, update api for libraw
+
+- Update version to 5.9.9
+  * Fix bugs
+
+- Update version to 5.9.7
+  * Fix bugs
+- Drop fix-library-link.patch
+
deepin-screen-recorder
+- Use BuildRequires: libimagevisualresult-devel on Leap 15
+  * deepin-image-editor doesn't generated pkg-config file on Leap 15
+    therefore pkgconfig(libimagevisualresult) would not work
+
desktop-translations
+- Update to version 84.87.20230128.350400f:
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Finnish)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Russian)
+
desktopfolder
+- Add 002-drop-deprecated-arguments.patch
+
+- Add 000-drop-gsettings-schema.patch
+- Add 001-dark-mode-support.patch
+- Spec file cleanup
+
+- Update to 1.1.3:
+  * fix: removed ubuntu installations post scripts
+  * fix: houston ci node version
+  * fix: transparent icons on changing desktops
+  * fix: fast double click (issue #293)
+  * fix: black backdrop on Fedora (issue #297)
+  * Translations Added and Updated
+
dfu-util
+- Add dfuse-pack tool to package
+
distrobox
+- Use tubleweed:latest as the default image
+  instead of, hardcoded in 'distrobox-create', fedora:toolbox.
+
+- Update to latest version (1.4.2.1). Some changes:
+  * all: fix setting up default images and names
+  * compatibility: add gentoo docker image
+  * compatibility: change debian 8 image
+  * completion: Remove shebangs from bash completions
+  * completion: add compatibility list flag, add image name
+    autocompletion
+  * create/enter/export: Add home prefix
+  * create: Fix using --home with space in path
+  * create: use --entrypoint to override entrypoint defined by
+    image
+  * distrobox: remove trap from the wrapper
+  * docs: Add resource limitation tips
+  * docs: Fix example configuration file
+  * docs: Update handler function to support bash scripts
+  * enter/export: handle quotes in arguments in a better way
+  * enter: exclude LANG environment variables
+  * enter: remove detach-keys, work on #398
+  * export/enter: inject container ID at enter-time, in order to be
+    used in export
+  * export: fix variable declaration
+  * export: look at global user services while trying to export a
+    service
+  * export: use realpath on icons
+  * init: Add init and pre-init hook defaults as supported config
+    options
+  * init: add missing findmnt in OpenSUSE
+  * init: better systemd unit cleanup
+  * init: copy skel files only if using custom home
+  * init: fix overriding of SHELL at each start, override default
+    SHELL only the first time
+  * init: fix sudoers spam (missing " in check)
+  * init: fix void-linux package incompatibility error
+  * init: fix vte installation; add --noreplace to prevent repeated
+    builds
+  * init: integrate with kerberos host only if it is installed on
+    the host.
+  * init: skip external mounts when searching for sockets
+  * init: specify package for gentoo
+  * init: use container's path for SHELL instead of host's one
+  * init: use findmnt instead of mountpoint, fixing compatibility
+    with old distributions
+  * install-podman: Fix cni_plugin_dirs
+  * install: do not use scraping, use fixed version
+  * main: Do not open manpager automatically
+  Full list available at: https://github.com/89luca89/distrobox/releases/tag/1.4.2.1
+
dkms
+- Update to version 2.8.8
+  * Drop old kernel 2.x checks
+  * Drop modules.conf handling
+  * Fix kernel removing.
+- Update to version 2.8.7
+  * Fix kernel `prerm.d` for new output in `dkms status`
+- Update to version 2.8.6
+  * Fix installation of configuration files
+  * Use more condensed output for commands, print when invoking
+    the signing hook
+- Update to version 2.8.5
+  * Simplify function for correct kernel using the modules folder
+    and not the configuration files in /boot.
+  * Simplify function to detect newer kernels
+
-- Add trailing newlines.
-
dnscrypt-proxy
+- Update to version 2.1.4
+  * Fixes a regression from version 2.1.3: when cloaking was enabled,
+    blocked responses were returned for records that were not A/AAAA/PTR
+    even for names that were not in the cloaked list.
+
+- Update to version 2.1.3
+  * DNS-over-HTTP/3 (QUIC) should be more reliable. In particular,
+    version 2.1.2 required another (non-QUIC) resolver to be present for
+    bootstrapping, or the resolver's IP address to be present in the
+    stamp. This is not the case any more.
+  * dnscrypt-proxy is now compatible with Go 1.20+
+  * Commands (-check, -show-certs, -list, -list-all) now ignore log
+    files and directly output the result to the standard output.
+  * The "cert_ignore_timestamp" configuration switch is now documented.
+    It allows ignoring timestamps for DNSCrypt certificate verification,
+    until a first server is available. This should only be used on devices
+    that don't have any ways to set the clock before DNS service is up.
+    However, a safer alternative remains to use an NTP server with a fixed
+    IP address (such as time.google.com), configured in the captive portals
+    file.
+  * Cloaking: when a name is cloaked, unsupported record types now
+    return a blocked response rather than the actual records.
+  * systemd: report Ready earlier as dnscrypt-proxy can itself manage
+    retries for updates/refreshes.
+  * vendored dependencies updated
+
domination
+- update to 1.2.7:
+  * Fix for online games over 1MB not loading
+  * Much faster startup time (6 seconds faster on mac)
+  * MapEditor: Fill Shapes right click option added to allow filling holes in countries
+  * SwingGUI: fix for online lobby sometimes not repainting when tabs switched
+  * Lobby: when player resigns, the player is converted to easy AI instead of crap AI
+  * New field in game engine for maxCardsPerPlayer
+  * Fix grasshopper error on java 1.8 on mac when appending to log from interrupted thread
+  * Show connection errors in Lobby
+  * Fix error in replay when user has made invalid commands (e.g. tried to place 10 armies when they only have 9)
+  * SwingUI on macOS use native file chooser for selecting files (fix for Documents folder not showing files)
+  * Game engine supports over 9 players if configured with "game.players.max" in game.ini
+  * SwingGUI: can select 3 defending dice in any game mode
+  * Fix for lobby failed to launch when javax.crypto.JceSecurity not found
+  * New field in game for minimumNewArmies that can be set depending on the game options
+  * New Italian rules: no minimum armies, if you have less than 3 counties, you get 0 armies
+  * New Italian rules: during trade get 2 extra armies for each country, and can place them anywhere
+  * New Italian rules: game engine/network play version now 14
+
-- Initial package creation
-
drbd-utils
+- drbd.service fails to load - incorrect path to executable (bsc#1206754)
+  * use %suse_version to replace %UsrMerge
+  * modify drbd-utils.spec for create symbolic folder "/lib/drbd"
+
dtb-aarch64
+- powerpc/64s: Make POWER10 and later use pause_short in cpu_relax
+  loops (bsc#1208376 ltc#201076).
+- powerpc: add ISA v3.0 / v3.1 wait opcode macro (bsc#1208376
+  ltc#201076).
+- commit 2a06230
+
+- ibmvnic: Assign XPS map to correct queue index (bsc#1208757
+  ltc#201720 jsc#PED-2322 git-fixes).
+- commit be76316
+
+- Update
+  patches.suse/usb-dwc3-dwc3-qcom-Add-missing-platform_device_put-i.patch
+  (bsc#1208741 CVE-2023-22995).
+  Added CVE reference for fix already present
+- commit 80a158a
+
+- loop: fix ioctl calls using compat_loop_info (bsc#1207333).
+- commit 11a60da
+
+- Add missing s390 vfio patch hunk (bsc#1208565 ltc#201535).
+- Refresh patches.suse/vfio-simplify-iommu-group-allocation-for-mediated-devices.
+- Refresh patches.suse/s390-vfio-ap-prepare-for-dynamic-update-of-guest-s-APCB-on-queue.
+- Refresh patches.suse/s390-vfio-ap-rename-matrix_dev-lock-mutex-to-matrix_dev-mdevs_lo.
+- commit 43ce0be
+
+- Update kabi files.
+  Based on PublicBeta-202302 ISO, kernel 5.14.21-150500.40.1
+- commit 2b36ed6
+
+- Update
+  patches.suse/usb-rndis_host-Secure-rndis_query-check-against-int-.patch
+  (CVE-2023-23559 bsc#1207051).
+  Added CVE reference to existing fix
+- commit af8ad62
+
+- Update kabi files.
+  Add arm64 64kb flavor, based on daily build 5.14.21-150500.9.1.g9b76281.aarch64.rpm
+- commit 2a6f1f8
+
+- Fix page corruption caused by racy check in __free_pages
+  (bsc#1208149).
+- commit 4cd4141
+
+- ipmi:ssif: Add a timer between request retries (bsc#1206459).
+- ipmi:ssif: Remove rtc_us_timer (bsc#1206459).
+- ipmi_ssif: Rename idle state and check (bsc#1206459).
+- ipmi:ssif: resend_msg() cannot fail (bsc#1206459).
+- commit b0ebf1b
+
+- Delete
+  patches.suse/ipmi-ssif-Add-60ms-time-internal-between-write-retri.patch.
+- commit 8704cd7
+
+- drm/i915/dg2: Drop force_probe requirement (bsc#1208203
+  jsc#PED-1218).
+- commit 4a027ed
+
+- module: Don't wait for GOING modules (bsc#1196058, bsc#1186449,
+  bsc#1204356, bsc#1204662).
+- commit 4544b7b
+
dumpzilla
+- Update to version 0.0.0+git.20210311:
+  * Removed related db query from domain filters.
+  * Resolves #4.
+- use proper python3-magic module
+
dunst
+- update to 1.9.0:
+  * `override_dbus_timeout` setting to override the notification timeout set
+    via dbus.
+  * Support notification gaps via the `gap_size` setting. Note that since
+    the notifications are not separate windows, you cannot click in between the
+    notifications.
+  * Make `min_icon_size` and `max_icon_size` a rule for even more
+    flexibility
+  * The window offset is now scaled according to `scale` as well. This way
+    notification stay visually in the same place on higher DPI screens.
+  * For the recursive icon lookup, revert to using `min_icon_size` and
+    `max_icon_size` instead of `icon_size`. `min_icon_size` is used as the size to
+    look for in icon themes.
+  * Recursive icon lookup is no longer experimental.
+  * Recursive icon lookup is enabled in the default dunstrc. This does not
+    change your settings when you have a custom dunstrc.
+  * Added back the `action_name` setting that was accidentally dropped.
+  * Broken `dunstctl history`.
+  * Merged a few wayland fixes from mako (https://github.com/emersion/mako)
+  * `follow=keyboard`: Fix regression where we don't fall back to mouse
+  * Raw icons not being scaled according to icon size
+  * Notifications not disappearing. For some people notifications would
+    sometimes stay on screen until a new notification appeared. This should
+    not happen anymore
+
dynamips
+- Update to version 0.2.23
+  * Add Command line option to configure console binding for
+    TCP/AUX console.
+
-- Removed some fedora code from spec file, moved to project conf
-
emacs
+- Add upstream commit/patches
+  * 01a4035c.patch
+    Fix etags local command injection vulnerability (CVE-2022-48337, bsc#1208515)
+  * CVE-2022-48338.patch
+    Fix ruby-mode.el local command injection vulnerability (CVE-2022-48338, bsc#1208514)
+  * CVE-2022-48339.patch
+    Fix htmlfontify.el command injection vulnerability (CVE-2022-48339 bsc#1208512)
+
exo
+- Update to version 4.18.0
+  * Bump requirements for Xfce 4.18
+  * Translation Updates
+
firectl
+- Update to version 0.2.0:
+  * Upgraded to v1.0.0 of the firecracker-go-sdk
+  * Added initrd option
+  * Added read-only option for rootfs
+  * Added jailer support
+  * Added option to configure multiple NICs
+- Note - Although still compatible, this release does not provide full feature parity with firecracker v1.0.0.
+  Majors features that are not included in this release are:
+    Creating and loading snapshots
+    Setting drive IO engine type
+    Pause/Resume VM
+    MMDS version 2
+
flare
+- update to v1.14:
+  Engine features
+  * Added 'loot.requires_status' and 'status_loot' properties to loot table
+    definitions.
+  * Support '/' as shorthand for 'exec' in the dev console. A space is not
+    required after the slash.
+  * Added 'spawn_level' property to map enemies. This follows the same
+    syntax as the Power property of the same name.
+  * Add XP scaling tables for scaling enemy reward XP based on enemy level.
+  * Replace 'immunity' effects with percentage-based resistances.
+  * Added 'mouse_move_deadzone' property to engine/misc.txt to help
+    alleviate erratic mouse-move behavior when the cursor is near the
+    player.
+  * Alternative tab UI for when tabs exceed the available space.
+  * Added keybind for cycling equipment sets in reverse.
+  * Refactored stats and stat bonuses to use floats for fractional values.
+  * Support fractional values in the following:
+  * Added 'resource_round_method' property to engine/combat.txt.
+  * Support arbitrary "MP-like" resources:
+  * Configuration file: engine/resource_stats.txt
+  * Added 'requires_resource_stat' and 'resource_steal' properties to
+    Powers.
+  * Added 'requires_resource_stat_state' and
+    'requires_resource_stat_state_mode' properties to Powers.
+  * Added 'enabled' property to MenuStatBar definitions.
+  Engine fixes
+  * Fixed set item tooltips showing incorrect number of equipped items if a
+    set item was on an inactive loadout.
+  * Fixed dev console commands not working if they were preceded by
+    whitespace.
+  * Fixed spawning entities not counting towards summoned entity count.
+  * Fix broken gamepad navigation after closing Powers menu while on a non-
+    default tab.
+  * Removed hard-coded minimum values for HP/MP steal and damage return.
+  * Fixed "activate" message incorrectly showing in MenuPowers tooltips.
+  * Fix some cases where 'min' damage/absorb could be greater than the
+    cooresponding 'max' value.
+  * Fixed text input issues with deleting text on Android.
+  Game updates
+  * Fireball and Ice Bolt scrolls now give the player a 10 second period in
+    which their basic attacks (Swing, Shoot, Channel) are replaced with the
+    scroll power.
+  * Fixed the naming of scroll damage as it appears in power description
+    tooltips.
+  * Lowered Lezaith's slow resistance to 50%, down from 100%
+  * Lowered Lezaith's stun resistance to 90%, down from 100%
+  * Translation updates
+
flare-game
+- Version update to 1.14
+  * Fireball and Ice Bolt scrolls now give the player a 10 second
+    period in which their basic attacks (Swing, Shoot, Channel)
+    are replaced with the scroll power.
+  * Fixed the naming of scroll damage as it appears in power
+    description tooltips.
+  * Lowered Lezaith's slow resistance to 50%, down from 100%
+  * Lowered Lezaith's stun resistance to 90%, down from 100%
+  Translation updates
+  * German (de) update
+  * Scottish Gaelic (gd) update
+  * Indonesian (id) update
+  * Italian (it) update
+  * Japanese (ja) update
+  * Korean (ko) update
+  * Polish (pl) update
+  * Russian (ru) update
+  * Chinese (zh) update
+
focuswriter
+- Update to 1.8.4:
+  * FIXED: Did not ignore user input when force processing events
+  * FIXED: Did not compile on macOS
+  * FIXED: Did not compile on OS/2
+  * Disabled typewriter sounds on OS/2
+  * Replaced deprecated code
+
fwts
+- Update to version 23.01.00:
+  * lib: fwts_version.h - update to V23.01.00
+  * debian: update changelog
+  * fwts-test: sync up with the fix of passed reserved value
+  * Update copyright year to 2023
+  * lib: fwts_acpi_tables: fix the passed reserved value
+  * fwts-test: add regression tests for AEST
+  * acpi: aest: add tests for ACPI AEST table
+
+- Update to version 22.11.00:
+  * tpmevlog: add tests for checking the UEFI_IMAGE_LOAD_EVENT Structure
+  * acpi: s3: fix the issue for determining time to resume
+
fwupd
-- Add fwupd-bsc1193921-nvme-ignore-non-PCI-NVMe-devices.patch
-  to ignore non-PCI NVMe devices (bnc#1193921)
+- For pushing fwupd-1.8.6 to 15-SP5 (fwupd-1.7.3), sync change log:
+  (jsc#PED-1232)
+  - fwupd-bsc1193921-nvme-ignore-non-PCI-NVMe-devices.patch
+    be merged to fwupd-1.7.3
+
+- Update to version 1.8.6:
+  + This release adds the following features:
+  - Reduce the installed package size by more than 30%
+  - Translate more interactive messages
+  + This release fixes the following bugs:
+  - Allow disabling a DFU device when required
+  - Fix a regression when getting the i2c bus number
+  - Fix a small memory leak when reloading the parade-lspcon
+    device
+  - Fix installing the dbx update when using fwupdtool
+  - Improve writing CoSWID and uSWID metadata
+  - Only include the last 5 releases in the installed metainfo
+    file
+  - Only request the BOS descriptor for newer libgusb versions
+  - Prevent high memory usage when loading corrupt SREC files
+  - Try harder when trying to find the default ESP volume
+  - Use a higher compression preset for the UEFI splash images
+  + This release adds support for the following hardware:
+  - Focaltech touchpads
+  - FPC fingerprint readers
+  - Supermicro machines using Redfish
+- Drop plugin_sover define, and sub-packages libfwupdplugin7 and
+  typelib-1_0-FwupdPlugin-1_0 following upstream changes.
+
+- Update to version 1.8.5:
+  + This release adds the following features:
+  - Add a new android-boot plugin to update specific block
+    devices
+  - Add new plugin to display SMU firmware version on AMD APU/CPU
+  - Add support for platform capability descriptors so devices
+    can set quirks
+  - Move the generic Intel Goshen Ridge code out to a new plugin
+  + This release fixes the following bugs:
+  - Allow specifying the ESP when applying the dbx update
+  - Always check the BDP partitions when getting all the possible
+    ESPs
+  - Correctly update Wacom AES devices
+  - Disable changing sleep mode on Ryzen 6000 systems
+  - Do not show the 'may not be usable while updating' message
+    for DBX updates
+  - Expose Pine64 PinePhone Pro MTD as Tow-Boot
+  - Fix a critical warning when issuing Secure Boot modem AT
+    commands
+  - Fix a fuzzing crash when parsing malicious FDT data
+  - Fix aligning up addresses greater than 4GB
+  - Fix a possible crash when dumping VBE firmware
+  - Fix a possible critical warning when parsing cabinet archives
+  - Fix a regression when parsing pixart-rf firmware
+  - Fix a small memory leak when parsing UF2 files
+  - Fix checking for invalid depth requirements
+  - Fix parsing the coSWID firmware ID when encoded as a UUID
+  - Fix parsing uSWID uncompressed metadata
+  - Fix uploading to DFU-CSR devices
+  - Limit the archive size to 25% of the RAM, or 4G
+  - Load coSWID metadata from a uSWID MTD block device
+  - Never save the Redfish auto-generated password to a
+    user-readable file
+  - Only create users using IPMI when we know it's going to work
+  - Write all the CCGX metadata block as intended
+  + This release adds support for the following hardware:
+  - Corsair SABRE RGB PRO Gaming mouse
+  - More Sonix CAM devices
+  - More Intel Goshen Ridge USB-4 docks
+- Changes from version 1.8.4:
+  + This release adds the following features:
+  - Add a translated title and long description for HSI security
+    attributes
+  - Add support for loading a machine-default BIOS settings
+    policy
+  - Add support for reading and writing BIOS settings
+  - Allow loading BIOS settings for host emulation
+  - Prompt users to fix some BIOS configuration issues
+  + This release fixes the following bugs:
+  - Actually show provided AppStream security issues
+  - Add Quectel secure boot status AT commands
+  - Correctly detect CET IBT
+  - Do not assert when running with no plugins
+  - Do not require UEFI capsule updates for checking TPM PCR0
+  - Do not show HSI events where we changed the spec result value
+  - Fix applying the latest DBX update
+  - Include vfat in the list of possible BDP partition types
+  - Install all devices with the same composite id in fwupdtool
+  - Only fail the kernel HSI test for specific taint reasons
+  - Only show changed events in fwupdmgr security
+  - Update vulnerable CMSE versions from CSMEVDT data
+  + This release adds support for the following hardware:
+  - Elan non-HID touchpads
+  - Google Prism
+  - LabTop Mk III
+  - ThinkPad Thunderbolt 4 Dock
+  - ThinkPad Universal Smart Dock
+- Changes from version 1.8.3:
+  + This release adds the following features:
+  - Add resolution flags to each security attribute failures for
+    the user
+  - Allow loading in emulated host profiles for debugging
+  - Check if Intel TME has been disabled by the firmware or
+    platform
+  - Wait for the system to acquiesce after doing each update
+  + This release fixes the following bugs:
+  - Do not use CoD even when advertized on non-aarch64 platforms
+  - Fix a crash when updating the Logitech Bolt radio device
+  - Fix a critical warning when parsing an invalid PHAT record
+  - Fix a critical warning when parsing invalid FDT firmware
+  - Fix fwupdmgr security when plugins are added to the blocklist
+  - Fix parsing SMBIOS data to correct the device hardware IDs
+  - Fix uploading signed reports by sending the correct checksum
+  - Use the correct protocol attribute name when exporting to
+    JSON
+  + This release adds support for the following hardware:
+  - Additional Startech devices
+  - Additional Elan fingerprint readers
+- Changes from version 1.8.2:
+  + This release adds the following features:
+  - Add startup profiling which allowed us to speed up daemon
+    startup considerably
+  - Add support for OptionROM, CPD and FPT firmware formats for
+    future hardware
+  - Add the HostVendor to the D-Bus interface
+  - Break some internal ABI and add a conversion helper for
+    out-of-tree plugins
+  - Optionally build the quirk files into the daemon binary to
+    reduce installed size
+  + This release fixes the following bugs:
+  - Allow front-end clients to read the percentage property
+  - Allow more quirk entries to add multiple items
+  - Allow to force install Genesys firmware even if the
+    public-key does not match
+  - Allow UFS disks to define the signed status in metadata
+  - Autoconnect the Redfish network device when rebooting the BMC
+  - Copy the instance ID strings when incorporating devices
+  - Do not generate a capsule header for the FMP GUID
+  - Ensure more firmware formats can round-trip to and from XML
+  - Fix a regression for devices using the Atmel FLIP Bootloader
+  - Fix running fwupdtool security with a user-specified plugin
+    allowlist
+  - Handle ENOTTY with the correct error code for ioctl calls
+  - Increase the self tests coverage substantially
+  - Modernize the AMT plugin and split out common MEI
+    functionality
+  - Only move the logitech-bulkcontroller progressbar forwards
+    when writing
+  - Set the device ID on the FwupdRequest to allow better UX
+  - Show the get-details output when the device requirements fail
+  - Simply quirk matching for i2c devices to speed up daemon
+    startup
+  - Support SHA256 fastboot hashes if specified
+  - Use force-detach to bypass the DFU streaming check for camera
+    devices
+  - Use the SCSI target to correctly set the physical ID
+  - Wait for the System76 launch device to re-enumerate if
+    already unlocked
+  + This release adds support for the following hardware:
+  - Corsair HARPOON RGB Wireless mouse
+  - U-Boot devices writing simple FIT images
+  - Genesys M27fd AIM101
+  - More PixArt wireless devices
+  - More Steelseries HID, Sonic and Fizz devices
+  - System76 launch_2
+- Changes from version 1.8.1:
+  + This release adds the following features:
+  - Add archive writing support for devices with composite
+    firmware
+  - Add a way to read device composite firmware in fwupdtool
+  - Allow clients to opt-in to showing updates with user-solvable
+    problems
+  - Allow the device to pause polling when writing firmware
+  - Export the system and device battery levels on the D-Bus
+    interface
+  - Log errors and warnings to the win32 eventlog when required
+  - Add X-UsbReceiver as an update category with icon
+    usb-receiver
+  + This release fixes the following bugs:
+  - Accurately return the last-set status to client tools
+  - Allow dumping flashrom firmware using fwupdtool
+  - Allow specifying a non-file D-Bus transport
+  - Allow to request post actions from fwupdtool
+  - Always be arch-explicit when installing OS deps
+  - Be more resilient when restarting the Redfish BMC
+  - Do not mark all Redfish updates as UPDATABLE
+  - Do not use 'dongle' to describe USB receiver hardware
+  - Download in-process when using fwupdtool
+  - Fix a critical warning on failed modem update
+  - Fix regression when probing PS175 devices
+  - Hardcode the Redfish filedata name to firmware.bin
+  - Set the Bluetooth version if REV has been set
+  - Switch the Windows installer from NSIS to MSI
+  - Use StartServiceCtrlDispatcherA for the daemon on Windows
+  - Use the native certificate store on Windows
+  + This release adds support for the following hardware:
+  - Corsair KATAR PRO XT, SABRE PRO and KATAR PRO Wireless
+  - HP Thunderbolt Dock G4
+  - Lenovo ThinkPad Universal USB-C Dock
+  - More PixArt wireless devices
+  - More SunplusIT USB cameras
+  - Some UFS devices
+  - Steelseries Aerox 3 Wireless and Rival 3 Wireless
+- Changes from version 1.8.0:
+  + This release adds the following features:
+  - Add a new attribute for CPUs supported by HSI
+  - Add coSWID and uSWID parsers to libfwupdplugin for initial
+    SBoM support
+  - Add new HSI attributes for the AMD PSP and various other
+    system protections
+  - Add the runtime fwupd-efi version as a firmware requirement
+  - Allow 'fwupdmgr install' to install a specified firmware
+    version
+  - Allow overriding the detected machine type for debugging and
+    development
+  - Restart the BMC after installing BCM updates
+  - Show the device serial number and instance IDs by default
+  - Support dumping the MTD image to a firmware blob
+  - Take a device inhibit when updating a device
+  - Use the CFI manufacturer ID to set the vendor
+  - Use the correct icon automatically for more hardware
+  + This release fixes the following bugs:
+  - Add signed-payload metadata for more devices
+  - Allow Capsule-on-Disk to work in more cases
+  - Allow quirking the detected flashrom flash size
+  - Check for os-release on FWUPD_SYSCONFDIR
+  - Check the alignment when parsing raw firmware
+  - Check the update protocol exists when checking requirements
+  - Convert the build system to use meson tristate features
+  - Correctly probe USB-2 hubs with more than 7 ports
+  - Do not add the Windows compatibility ID to capsule devices
+  - Do not allow the DBX update for specific motherboards
+  - Do not expect KernelCmdline on Windows
+  - Do not export USB4 host controllers as updatable if they
+    don't have unique GUIDs
+  - Do not fallback to audio-card and use a more suitable icon
+    for USB hubs
+  - Do not hardcode the libexecdir to /usr/libexec
+  - Do not leak child processes when canceling
+  - Do not show unconnected or unreachable devices in the client
+    tools
+  - Do not throw away the TPM eventlog when uploading to the LVFS
+  - Do not use /var/run for the socket
+  - Export the version_lowest_raw value correctly
+  - Fix build for MacOS and add to the CI matrix
+  - Fix eventlog replay for Intel TXT machines
+  - Fix several small memory leaks
+  - Fix writing large mtd images than 10kb
+  - Ignore MTD devices that report EPERM on open
+  - Mark the ME region device locked if it is read only
+  - Never send the DeviceChanged signal with old data
+  - Only show the CLI time remaining for predictable status
+    phases
+  - Respect the NO_COLOR env variable
+  - Return the correct error when there is no GPIO device to open
+  - Support the new UPower PENDING device states
+  + This release adds support for the following hardware:
+  - CH341A SPI programmer
+  - Corsair Sabre RGB PRO and Slipstream USB receiver
+  - Genesys GL3521 and GL3590 hubs
+  - Google Servo Dock
+  - Logitech M550, M650 and K650
+  - More ELAN fingerprint readers
+  - More integrated Wacom panels
+  - More NovaCustom machines
+  - More StaLabs StarLite machines
+  - More Tuxedo laptops
+  - Quectel EM05
+  - FlatFrog devices
+  - System76 launch_lite_1
+- Rebase patches with quilt.
+- Use ldconfig_scriptlets macro for post(un) handling.
+- Add shlib_sover define and set it to 2, ease future updates.
+- Add plugin_sover define and set it to 7, ease future updates, and
+  rename libfwupdplugin5 to libfwupdplugin7 following upstream
+  changes.
+- Drop gtk-doc and pkgconfig(gtk-doc) BuildRequires: No longer
+  needed nor used. Following this, stop passing docs=gtkdoc to
+  meson, no longer recognized.
+- Add pkgconfig(gi-docgen), pkgconfig(libcbor), pkgconfig(mm-glib),
+  pkgconfig(mbim-glib), pkgconfig(qmi-glib) and
+  pkgconfig(umockdev-1.0) BuildRequires, and conditional
+  pkgconfig(flashrom) BuildRequires: New dependencies.
+- Update options passed to meson following upstream changes.
+- Replace false for plugin_nvme and plugin_redfish with enabled,
+  build nvme and redfish plugins.
+- Split out developer/api docs in new doc sub-package, add fdupes
+  BuildRequires and macros, remove duplicates.
+
+- Update to version 1.7.10 (CVE-2022-3287, boo#1203852):
+  + Always check the BDP partitions when getting all the possible
+    ESPs
+  + Correctly detect CET IBT
+  + Do not show HSI events where we changed the spec result value
+  + Fix aligning up addresses greater than 4GB
+  + Fix applying the latest DBX update on machines with
+    20200729.x64 installed
+  + Fix checking for invalid depth requirements
+  + Fix getting the new version number of the USI docking hardware
+  + Fix HSI prefix for invalid chassis
+  + Never save the Redfish auto-generated password to a
+    user-readable file (CVE-2022-3287, boo#1203852).
+  + Only create users using IPMI when we've tested the hardware
+  + Only fail the kernel tainted HSI test for specific taint
+    reasons
+  + Only show changed events in the fwupdmgr security output
+  + Recognize CSME version 16 and update vulnerable versions from
+    CSMEVDT data
+  + Write all the CCGX metadata block as intended
+
+- Update to version 1.7.9 (boo#1201311):
+  + Do not generate a capsule header for the FMP GUID.
+  + Do not use CoD even when advertized on non-aarch64 platforms.
+  + Fix a critical warning when parsing an invalid PHAT record.
+  + Fix a regression for devices using the Atmel FLIP Bootloader.
+  + Fix parsing SMBIOS data.
+  + Set the device ID on the FwupdRequest.
+  + Use the correct protocol member when converting to JSON.
+  + Wait for the system76-launch device to re-enumerate if unlocked
+    and reset.
+- Changes from version 1.7.8:
+  + Add the bootloader VID/PID used for the first batch of ColorHug
+    devices.
+  + Also check for os-release in SYSCONFDIR.
+  + Export the version lowest raw value correctly.
+  + Fix a Wacom timeout when parsing very corrupt firmware.
+  + Fix Genesys device enumeration failure by not claiming the
+    interface.
+  + Hardcode the Redfish filedata name to firmware.bin.
+  + Install D-Bus introspection data even if introspection is
+    disabled.
+  + Only set the flashrom BIOS size if not already quirked.
+  + Read the SynapticsMST firmware size in a more safe way.
+  + Restart the BMC after installing BCM updates.
+
+- Update to version 1.7.7:
+  * This release adds the following features:
+    + Add CCGX trigger code to support future hardware
+    + Add signed and unsigned payload metadata to more devices
+    + Allow overriding the detected machine type
+    + Allow quirking the flashrom flash size
+    + Do not allow the DBX update for broken firmware versions
+  * This release fixes the following bugs:
+    + Do not add the backup BMC device as it shares the same GUIDs
+    + Do not hardcode the libexecdir to /usr/libexec
+    + Do not leak child processes when canceling
+    + Do not throw away the TPM eventlog when uploading reports to
+    the LVFS
+    + Don't export USB4 host controllers if they do not have unique
+    GUIDs
+    + Fix build for MacOS
+    + Fix the TPM eventlog replay for Intel TXT machines
+    + Fix writing large MTD images
+    + Never send the DeviceChanged signal with invalid data
+    + Return the correct error when there is no GPIO device to open
+    + Show the update message and update image in front end tools
+    + Support the new PENDING upower device states
+  * This release adds support for the following hardware:
+    + Logitech M550, M650 and K650
+    + More Elan fingerprint readers
+    + More Star Labs StarLite laptops
+    + More Wacom panels found on Lenovo laptops
+- Split bash and fish completions to separate subpackages
+- Remove un-needed BRP_PESIGN_FILES
+- Set GNU_SOURCE so meson detects F_OFD_SETLK in fnctl.h support
+
+- Update to version 1.7.6:
+  * This release adds the following features:
+    + Add a flag for UEFI devices that never want a capsule header
+    auto-added
+    + Add a flag to indicate the device has a signed or unsigned
+    payload
+    + Add a plugin to set a GPIO pin for the duration of an update
+    + Add a simple plugin to enumerate (but not update) SCSI
+    hardware
+    + Add two more instance IDs to the MTD devices
+    + Add X-BaseboardManagementController as an update category
+    + Allow assigning issues to devices for known high priority
+    problems
+    + Parse the MTD firmware version using the defined GType
+  * This release fixes the following bugs:
+    + Check the IFD sections have non-zero data length to fix a
+    critical warning
+    + Modify the AT retry behavior to fix getting the firmware
+    branch
+    + Do not run fwupd-refresh automatically in containers
+    + Do not show a warning if the TPM eventlog does not exist
+    + Do not show TSS2 warning messages by default
+    + Fix a critical warning when loading an empty TPM eventlog
+    item
+    + Fix a logic error when adding the community warning in
+    fwupdmgr
+    + Fix loading flashrom devices in coreboot mode
+    + Fix the error handling when updating USB4 retimers
+    + Show the user when devices are not updatable due to inhibits
+    + Skip probing the Dell DA300 device to avoid a warning
+    + Try harder to convert to a version into a correct semver
+    + Use multiple checksums when there are no provided artifacts
+  * This release adds support for the following hardware:
+    + HP M2xfd monitors
+    + Star Lite Mk III
+
+- Update to version 1.7.5:
+  * This release adds the following features:
+    + Add a flag to indicate the firmware is not provided by the
+    vendor
+    + Add support for showing dependency versions in JSON format
+    + Allow fwupd to operate in socket mode without a D-Bus daemon
+    + Allow marking a device as End-of-Life by the OEM vendor
+    + Allow specifying the machine Best Known Configuration locally
+    + Fall back to the ARM Device Tree 'compatible' data when
+    required
+  * This release fixes the following bugs:
+    + Be more robust by retrying IPMI transactions on servers
+    + Change the expired Redfish password when required
+    + Fix a ModemManager segfault on startup for some MBIM-QDU
+    devices
+    + Fix a possible dell-dock segfault at startup
+    + Fix compiling with new versions of efivar
+    + Fix the Nordic bootloader type detection
+    + Fix USB4 retimer enumeration
+    + Get the SMBIOS table and host machine ID when running on
+    Windows
+    + Show results when calling get-details if failing requirements
+    + Uninhibit the modem using ModemManager after upgrade
+  * This release adds support for the following hardware:
+  + Future Analogix devices
+  + NovaCustom NV4x
+- Changes from version 1.7.4:
+  * This release adds the following features:
+    + Add firmware branch support for ModemManager devices
+    + Allow firmware engineers to patch files at known offsets
+    + Show why more devices are not marked as updatable
+  * This release fixes the following bugs:
+    + Allow fwupdtool to be run as the non-root user in more cases
+    + Assign the Logitech bulkcontroller update interface correctly
+    + Do not allow UEFI updates when the laptop lid is closed
+    + Do not autoload ipmi-si to avoid warning on non-server
+    hardware
+    + Do not show a critical warning for a weird TPM event log
+    + Fix waiting for USB devices when using Windows
+    + Ignore non-PCI NVMe devices
+  * This release adds support for the following hardware:
+    + HP USB-C G2 Dock
+    + Many UF2 devices, experimentally
+    + More PixArt devices
+    + Nordic HID devices using MCUBoot
+    + Quectel EG25-G LTE Modem
+    + ThinkPad Thunderbolt 4 Dock
ghc-foundation
+- Update foundation to version 0.0.28.
+  Upstream does not provide a change log file.
+
ghc-hledger-lib
+- Update hledger-lib to version 1.26.1.
+  Upstream's change log file format is strange (too much unmodified
+  text at at the top). The automatic updater cannot extract the
+  relevant additions. You can find the file at:
+  http://hackage.haskell.org/package/hledger-lib-1.26.1/src/CHANGES.md
+
+- Update hledger-lib to version 1.26.
+  Upstream's change log file format is strange (too much unmodified
+  text at at the top). The automatic updater cannot extract the
+  relevant additions. You can find the file at:
+  http://hackage.haskell.org/package/hledger-lib-1.26/src/CHANGES.md
+
+- Update hledger-lib to version 1.25.
+  Upstream's change log file format is strange (too much unmodified
+  text at at the top). The automatic updater cannot extract the
+  relevant additions. You can find the file at:
+  http://hackage.haskell.org/package/hledger-lib-1.25/src/CHANGES.md
+
ghc-mustache
+- Update mustache to version 2.4.1.
+  [#]# v2.4.1
+  - Compatibility with `containers >= 0.2.17`
+
+- Update mustache to version 2.4.0 revision 1.
+  Upstream has revised the Cabal build instructions on Hackage.
+
glab
+- Update to version 1.25.3:
+  * Update .gitlab-ci.yml file
+  * Update .gitlab-ci.yml file
+  * chore: better omit test and chores from changelog
+  * fix: Adding git name/email for homebrew
+  * docs: update installation instructions for windows
+  * test(project): add missing project tests
+  * fix(project): fixes issue with filtering with starred and membership
+  * fix(mr): Fixed EOF error when todo is called multiple times
+
gnome-font-viewer
+- Add 218166246e29a39e2eac8d3f06976038571b0603.patch: Fix build
+  with meson 0.61 and newer.
+
gnome-settings-daemon
+- Add patch to fix build with meson >0.60.0 which now fails if a
+  positional argument is used in i18n.merge_file instead of
+  ignoring it:
+  * fix-meson-i18n.patch
+
gnonograms
+- Update to version 2.0.0:
+  + Restyled headerbar
+  + New app icon
+  + Responds to user's prefers-dark setting
+  + Updated translations.
+- Add pkgconfig(libhandy-1) BuildRequires: new dependency.
+- Add gnonograms-meson-0.61.patch: Fix build with meson 0.61.
+
gnuhealth
-- Version 4.0.5
-  * health_crypto: Fix bug #63558: Fault: 'NoneType' object has no attribute 'name'
-  * Fix bug #63557: Missing view architecture for ('calendar.category', None, 'tree')
-  * Fix bug #63533: Model 'gnuhealth.pol' is missing a default access
-  * Fix bug #63532: health_caldav misses requiremnt vobject in setup.py
-  * Fix bug #63517: Fault: 'webdav' is not in list
-  * Fix bug #62777: The term health prof used for both initiating and signing professional in patient evaluation
-  * Fix bug #62634: Missing Spanish Translations
+- version 4.2.0
+  * Enhanced Medical Imaging functionality and ergonomics.
+  * Introduced GNU Health "Focus on" section on patient main form.
+  * Surgery package has been vastly revised and enhanced in collaboration
+    with our colleagues from Cirugia Solidaria
+  * Enhanced Insurance and billing functionality.
+  * The Vital Record System (VRS) can now issue reports on birth and
+    death certificates.
+  * Demographics can now accept entering estimate age / DoB.
+  * Health services has now the functionality of "grouping" all the tests
+    from a single order - lab and medical imaging.
+  * Improved Patient encounter / evaluation.
+  * Weblate translations holds 35 languages
+  * On the technical side, we have improved unit testing on each package,
+    speedup load times on large datafiles and using python-sql for most
+    queries.
+  * GNU Health is now REUSE (Free Software Foundation Europe) compliant.
gnuhealth-client
+- verion 4.2.0
+  * Instance and connection information visible at the GTK client title
+  * Add GNUHEalth scalable icon - svg - for desktop menu and panel entries
+  * see Changelog for full description
+  * separate gnuhalth-client.desktop file removed
+
gnutls
+- FIPS: Make the jitterentropy calls thread-safe [bsc#1208146]
+  * Add gnutls-FIPS-jitterentropy-threadsafe.patch
+
+- FIPS: GnuTLS DH/ECDH PCT public key regeneration [bsc#1207183]
+  * Rebase patches with the version submitted upstream.
+  * Avoid copying the key material: gnutls-FIPS-PCT-DH.patch
+  * Improve logic around memory release: gnutls-FIPS-PCT-ECDH.patch
+
+- Security Fix: [bsc#1208143, CVE-2023-0361]
+  * Bleichenbacher oracle in TLS RSA key exchange
+  * Add gnutls-CVE-2023-0361.patch
+
godot
+- Do not have the main package recommend the bash-completion
+  sub-package, but rather have the subpackage supplement the
+  combination of godot and bash-completion (already in place).
+
google-guest-agent
+- Bump go API version to 1.18 (bsc#1208723)
+  + Address CVE-2021-38297 and CVE-2022-23806
+
+- Update to version 20230221.00
+  * Allow a comment part of a pub ssh key to have an arbitrary format (#198)
+    + Split GetUserKey() into two functions: get and validate
+    + Correct the name of ValidateUser func as it validates only users
+    + Update tests
+  * Update OWNERS (#201)
+- from version  20230207.00
+  * Update OWNERS file (#199)
+
+- Update to version 20230112.00
+  * Updating logging module so cloud logs are flushed prior to exit (#196)
+  * Windows: retry adding MDS route (#194)
+
+- Update to version 20221109.00
+  * Validate user key for whitespace chars (#188)
+- from version 20221107.00
+  * Fix typo with wsfc agent (#189)
+- from version 20221104.00
+  * Updates to gce-workload-cert-refresh (#186)
+- from version 20221025.00
+  * Add workload cert refresh to preset (#185)
+
+- Update to version 20221018.00
+  * Write workload cert status file (#184)
+- from version 20221017.00
+  * Update workload_cert permissions (#180)
+
+- Update to version 20220927.00
+  * Workload certificate refresh (#182)
+
+- Update to version 20220824.00
+  * Workload certs (#177)
+- from version 20220823.00
+  * add members to OWNERS (#178)
+  * Expired key tests (#176)
+  * correct expired key handling (#175)
+
+- avoid bashism in post-install scripts (bsc#1195391)
+
google-guest-configs
+- Add nvme-cli to Requires (bsc#1204068, bsc#1204091)
+
+- Update to version 20220211.00 (bsc#1195437, bsc#1195438)
+  * Set NVMe-PD IO timeout to 4294967295. (#32)
+
google-osconfig-agent
+- Bump go API version to 1.18 (bsc#1208723)
+  + Address CVE-2021-38297 and CVE-2022-23806
+
+- Update to version 20230222.00
+  * Remove Debian 9 from e2e tests image list (#460)
+- from version 20230217.00
+  * Update OWNERS (#458)
+- from version 20230208.00
+  * Fix the error in the `copy_file_from_bucket.yaml` example. (#456)
+- from version 20230202.00
+  * Update owners file. (#455)
+- from version 20230123.00
+  * Call FQDN (#454)
+
+- Update to version 20221214.00
+  * Close clients that are not passed anywhere (#450)
+
+- Update to version 20221013.01
+  * Don't print raw pointer data. (#446)
+- from version 20221013.00
+  * Delete yum transaction files if created. (#445)
+
+- Update to version 20220829.00
+  * Fix exclude packages field processing (#440)
+- from version 20220824.00
+  * Check for exclusive patches. (#442)
+
granite
+- Update to 6.2.0:
+  * min_length property for Granite.ValidatedEntry
+  * Granite.HyperTextView for navigatable URLs in text views
+  * Updated translations
+  * Prevent crashing on environments without dark style
+  * Use values from the Settings Portal when possible
+  * Disable horizontal scrolling by default in SettingsPage
+
+- Update to 6.1.1:
+- Fixes:
+  * Ensure accel_to_string works with multiple modifiers
+  * Fix locale issues in Flatpaks
+  * Updated translations
+- Additions:
+  * TRANSITION_DURATION_IN_PLACE for consistent in-place widget
+    transformations
+- Other Changes:
+  * accel_to_string handles accel markup without modifiers or
+    that are only modifiers
+  * Granite.Dialog replaces Gtk.Dialog for consistent styling
+  * Granite.SwitchModelButton for use in Gtk.Popover menus
+  * Granite.ValidatedEntry for client-side verification in forms
+- New Constants:
+  * TOOLTIP_SECONDARY_TEXT_MARKUP for smaller second line text in
+    Gtk.Tooltips
+  * SMALL_LABEL for smaller Gtk.Labels without Pango
+  * STYLE_CLASS_WARMTH and STYLE_CLASS_TEMPERATURE for scales
+  * STYLE_CLASS_DEFAULT_DECORATION for slim headerbars
+  * TRANSITION_DURATION_OPEN and TRANSITION_DURATION_CLOSE for
+    consistent animations
+- Removals:
+  * Granite.Widgets.AboutDialog. Provide AppStream metadata
+    instead.
+  * Granite.Widgets.AppMenu. Use Gtk.MenuButton instead.
+- Deprecations:
+  * Granite.Widgets.Avatar. Use Hdy.Avatar instead
+  * Toasts now reset their timeout when sending a new
+    notification and the timeout is stopped while hovering
+  * Backslash, Right Control, and Left Control are now handled by
+    accel_to_string
+  * Make tab tooltips of DynamicNotebook settable
+  * Timepicker corrrectly fires time_changed when AM and PM
+    buttons are selected
+  * Granite.MessageDialog now uses the messagedialog CSS name
+  * Visible child name is now properly synced in
+    Granite.SettingsSidebar
+  * Status can be set in Granite.AbstractSettingsPage on
+    construct
+
+- Update to 5.5.0:
+  * Update granite.appdata.xml.in
+  * SourceList: Rewrite default style (#411)
+  * Deprecate get_button_layout_schema (#403)
+  * Deprecate Utils.set_theming (#404)
+  * Deprecate CollapsiblePaned (#402)
+  * Deprecate get_default_close_button_position (#407)
+  * Deprecate set_theming_for_screen (#408)
+  * SourceList: move only usage of is_left_to_right (#406)
+  * Deprecate get_css_provider (#405)
+  * Deprecate Granite.Services.Paths (#401)
+  * Deprecate Composited Window (#400)
+  * SimpleCommand: Mark as deprecated (#397)
+  * StyleClass: Add color-button (#393)
+  * StyleClass: Add .rounded style constant (#392)
+  * DynamicNotebook: Get rid of the big spinner (#391)
+
greybird-geeko-theme
+- Make "*:link:selected" optional to work around too old gtk4 libs
+  on Leap 15.5, too.
+
+- Make "*:link:selected" optional to work around too old gtk4 libs
+  on Leap 15.4; add link-selected-is-optional.patch
+
+- Prevent Unity desktop theme from being installed
+  Added disable-unity_v3.23.1.patch
+
+- Update to version 3.23.1+git1.77c0887:
+  * Cleanup leftovers and correct emerald file mistakinly being renamed
+
+- Update to version 3.23.1+git0.a96e825:
+  * Sync with Greybird 3.23.1
+  * Add initial support for Gtk4 and libhandy
+  * Fix dark xfwm4-a11y install path
+  * Fix xfwm4-a11y and xfwm4-compact install path
+  * Fix: GtkLabel: Backdropped selection color adjusted
+  * Fix: Backdropped selection: GtkListBoxes weren't grey
+  * Hotfix: removed background color for non-bg items
+  * Gtk3: Adjusted selected backdrop fg/bg colors: shades of grey.
+  * Changes the xfwm4 border colors
+  * build: refactor meson
+  * Correct gradients for horizontal scrollbars
+  * Reduce messagedialog buttonbox size
+  * Make CSD titlebars slimmer
+  * Correct gradients for horizontal scrollbars (shimmerproject/Greybird#288)
+  * Greybird-Dark titlebar decorations now match their CSD counterparts (shimmerproject/Greybird#301)
+  * Background selection colors are now grey instead of blue for better readability
+  * Add initial support for Gtk4 and libhandy
+  * Install index.theme
+
grub2
+- Move unsupported zfs modules into 'extras' packages
+  (bsc#1205554) (PED-2947)
+
+- Fix out of memory error on lpar installation from virtual cdrom (bsc#1208024)
+  * 0001-ieee1275-Further-increase-initially-allocated-heap-f.patch
+  * 0002-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch
+- Fix lpar got hung at grub after inactive migration (bsc#1207684)
+  * 0002-ieee1275-implement-vec5-for-cas-negotiation.patch
+
gssntlmssp
+- Adapt license changes from upstream
+  * LGPL-3.0-or-later -> ISC
+- Upstream moved to github
+- Update to version 1.2.0
+  * Implement gss_set_cred_option.
+  * Allow to gss_wrap even if NEGOTIATE_SEAL is not negotiated.
+  * Move HMAC code to OpenSSL EVP API.
+  * Fix crash bug when acceptor credentials are NULL.
+  * Translations update from Fedora Weblate.
+  Fix CVE:
+  * CVE-2023-25563 (boo#1208278): multiple out-of-bounds read
+    when decoding NTLM fields.
+  * CVE-2023-25564 (boo#1208279): memory corruption when decoding
+    UTF16 strings.
+  * CVE-2023-25565 (boo#1208280): incorrect free when decoding
+    target information.
+  * CVE-2023-25566 (boo#1208281): memory leak when parsing
+    usernames.
+  * CVE-2023-25567 (boo#1208282): out-of-bounds read when
+    decoding target information.
+- Update to version 1.1
+  * various build fixes and better compatibility when a MIC is
+    requested.
+- Update to version 1.0
+  * Fix test_gssapi_rfc5587.
+  * Actually run tests with make check.
+  * Add two tests around NTLMSSP_NEGOTIATE_LMKEY.
+  * Refine LM compatibility level logic.
+  * Refactor the gssntlm_required_security function.
+  * Implement reading LM/NT hashes.
+  * Add test for smpasswd-like user files.
+  * Return confidentiality status.
+  * Fix segfault in sign/seal functions.
+  * Fix dummy signature generation.
+  * Use UCS16LE instead of UCS-2LE.
+  * Provide a zero lm key if the password is too long.
+  * Completely omit CBs AV pairs when no CB provided.
+  * Change license to the more permissive ISC.
+  * Do not require cached users with winbind.
+  * Add ability to pass keyfile via cred store.
+  * Remove unused parts of Makefile.am.
+  * Move attribute names to allocated strings.
+  * Adjust serialization for name attributes.
+  * Fix crash in acquiring credentials.
+  * Fix fallback to external_creds interface.
+  * Introduce parse_user_name() function.
+  * Add test for parse_user_name.
+  * Change how we assemble user names in ASC.
+  * Use thread local storage for winbind context.
+  * Make per thread winbind context optional.
+  * Fixed memleak of usr_cred.
+  * Support get_sids request via name attributes.
+  * Fixed memory leaks found by valgrind.
+- Update to version 0.9
+  * add support for getting session key.
+  * Add gss_inquire_attrs_for_mech().
+  * Return actual data for RFC5587 API.
+  * Add new Windows version flags.
+  * Add Key exchange also when wanting integrity only.
+  * Drop support for GSS_C_MA_NOT_DFLT_MECH.
+
-- Backport patch that fixes failures with gss_set_neg_mechs() calls.
-
gstreamer
+- Add fix using sed to find gst-plugin-scanner-%{_target_cpu}
+  program (boo#1207908).
+
+- Add patch to reduce the required meson version to 0.61.0 since
+  that's what we have in SLE 15:
+  * reduce-required-meson.patch
+- Probably because of a problem in SLE's meson, the generated
+  pkgconfig files are missing some variables that are needed by
+  rpm to generate the pkgconfig(...) provides correctly. In order
+  to fix this, we now check for those variables and insert them
+  in the pc files before installation if they're missing.
+
+- Update to version 1.22.0:
+  + AV1 video codec support improvements
+  + New HLS, DASH and Microsoft Smooth Streaming adaptive streaming
+    clients
+  + Qt6 support for rendering video inside a QML scene
+  + Minimal builds optimised for binary size, including only the
+    individual elements needed
+  + Playbin3, Decodebin3, UriDecodebin3, Parsebin enhancements and
+    stabilisation
+  + WebRTC simulcast support and support for Google Congestion
+    Control
+  + WebRTC-based media server ingestion/egress (WHIP/WHEP) support
+  + New easy to use batteries-included WebRTC sender plugin
+  + Easy RTP sender timestamp reconstruction for RTP and RTSP
+  + ONVIF timed metadata support
+  + New fragmented MP4 muxer and non-fragmented MP4 muxer
+  + New plugins for Amazon AWS storage and audio transcription
+    services
+  + New gtk4paintablesink and gtkwaylandsink renderers
+  + New videocolorscale element that can convert and scale in one
+    go for better performance
+  + High bit-depth video improvements
+  + Touchscreen event support in navigation API
+  + Rust plugins now shipped in macOS and Windows/MSVC binary
+    packages
+  + H.264/H.265 timestamp correction elements for PTS/DTS
+    reconstruction before muxers
+  + Improved design for DMA buffer sharing and modifier handling
+    for hardware-accelerated video decoders/encoders/filters and
+    capturing/rendering on Linux
+  + Video4Linux2 hardware accelerated decoder improvements
+  + CUDA integration and Direct3D11 integration and plugin
+    improvements
+  + New H.264 / AVC, H.265 / HEVC and AV1 hardware-accelerated
+    video encoders for AMD GPUs using the Advanced Media Framework
+    (AMF) SDK
+  + applemedia: H.265 / HEVC video encoding + decoding support
+  + androidmedia: H.265 / HEVC video encoding support
+  + New "force-live" property for audiomixer, compositor,
+    glvideomixer, d3d11compositor etc.
+  + Lots of new plugins, features, performance improvements and bug
+    fixes
+- Rebase patches with quilt.
+
+- update to 1.20.5:
+  + This release only contains bugfixes and it should be safe to
+    upgrade from 1.20.x.
+  + systemclock waiting fixes for certain 32-bit platforms/libcs
+  + alphacombine: robustness improvements for corner case scenarios
+  + avfvideosrc: Report latency when doing screen capture
+  + d3d11videosink: various thread-safety and stability fixes
+  + decklink: fix performance issue when HDMI signal has been lost
+    for a long time
+  + flacparse: Fix handling of headers advertising 32 bits per
+    sample
+  + mpegts: Handle when iconv doesn't support ISO 6937 (e.g. musl
+    libc)
+  + opengl: fix automatic dispmanx detection for rpi4 and fix usage
+    of eglCreate/DestroyImage
+  + opusdec: Various channel-related fixes
+  + textrender: event handling fixes, esp. for GAP event
+  + subparse: Fix non-closed tag handling
+  + videoscale: fix handling of unknown buffer metas
+  + videosink: reverse playback handling fixes
+  + qtmux: Prefill mode fixes, especially for raw audio
+  + multiudpsink: allow binding to IPv6 address
+  + rtspsrc:
+  - Fix usage of IPv6 connections in SETUP
+  - Only EOS on timeout if all streams are timed out/EOS
+  + splitmuxsrc: fix playback stall if there are unlinked pads
+  + v4l2: Fix SIGSEGV on state change during format changes
+  + wavparse robustness fixes
+  + Fix static linking on macOS (opengl, vulkan)
+  + gstreamer-vaapi: fix headless build against mesa >= 22.3.0
+  + GStreamer Editing Services library: Fix build with tools
+    disabled
+  + webrtc example/demo fixes
+  + unit test fixes for aesdec and rtpjitterbuffer
+  + Cerbero: Fix ios cross-compile with cmake on M1; some recipe
+    updates and other build fixes
+  + Miscellaneous bug fixes, memory leak fixes, and other stability
+    and reliability improvements
+  + Performance improvements
+  + Changes in gstreamer base package:
+  - allocator: Copy allocator name in gst_allocator_register()
+  - concat: Properly propagate EOS seqnum
+  - fakesrc: avoid time overflow with datarate
+  - Fix build of 1.20 branch with Meson 0.64.1 for those who have
+    hotdoc installed on their system.
+  - gst-inspect: Don't leak list
+  - meson: fix check for pthread_setname_np()
+  - miniobject: support higher refcount values
+  - pads: Fix non-serialized sticky event push, e.g. instant
+    change rate events
+  - padtemplate: Fix annotations
+  - systemclock: Use futex_time64 syscall on x32 and other
+    platforms that always...
+  - -Wimplicit-function-declaration in pthread_setname_np check
+    (missing GNUSOURCE)
+
+- Update to version 1.20.4:
+  + Highlighted bugfixes in 1.20.4:
+  - avaudiodec: fix playback issue with WMA files, would throw an
+    error at EOS with FFmpeg 5.x
+  - Fix deadlock when loading gst-editing-services plugin
+  - Fix input buffering capacity in live mode for aggregator,
+    video/audio aggregator subclasses, muxers
+  - glimagesink: fix crash on Android
+  - subtitle handling and subtitle overlay fixes
+  - matroska-mux: allow width + height changes for
+    avc3|hev1|vp8|vp9
+  - rtspsrc: fix control url handling for spec compliant servers
+    and add fallback for incompliant servers
+  - WebRTC fixes
+  - RTP retransmission fixes
+  - video: fixes for formats with 4x subsampling and horizontal
+    co-sited chroma (Y41B, YUV9, YVU9 and IYU9)
+  - Fix consuming of the macOS package as a framework in XCode
+  - Performance improvements
+  - Miscellaneous bug fixes, memory leak fixes, and other
+    stability and reliability improvements
+  + gstreamer:
+  - buffer: drop parent meta in deep copy/foreach_metadata
+  - devicemonitor: Use a sync bus handler for the provider to
+    avoid accumulating all messages until the provider is stopped
+  - element: Fix requesting of pads with string templates
+  - gst:
+    . Protect initialization state with a recursive mutex
+    . Add missing define guard for build without gstreamer debug
+    logging support
+  - gst_init: Initialize static plugins just before dynamic plugins
+  - info: Parse "NONE" as a valid level name
+  - meta: Set the parent refcount of the GstStructure correctly
+  - pluginloader: Don't hang on short reads/writes
+  - tracers: leaks:
+    . Fix potentially invalid memory access when trying to detect
+    object type
+    . Fix object-refings.class flags
+  - uri: When setting the same string again do nothing
+  - value: Don't loop forever when serializing invalid flag
+  + Base Libraries:
+  - aggregator:
+    . Fix input buffering in live mode (was too low before in
+    many cases)
+    . Fix reversed active/flushing arguments in debug log output
+    . Reset EOS flag after receiving a stream-start event
+  + Core Elements: queue2:
+  - Hold the lock when modifying sinkresult
+  - Fix deadlock when deactivate is called in pull mode
+
+- Update to version 1.20.3
+  + Highlighted bugfixes:
+  - Security fixes in Matroska, MP4 and AVI demuxers
+  - Fix scrambled video playback with hardware-accelerated
+    VA-API decoders on certain Intel hardware
+  - playbin3/decodebin3 regression fix for unhandled streams
+  - Fragmented MP4 playback fixes
+  - Android H.265 encoder mapping
+  - Playback of MXF files produced by FFmpeg before March 2022
+  - Fix rtmp2sink crashes on 32-bit platforms
+  - WebRTC improvements
+  - D3D11 video decoder and screen recorder fixes
+  - Performance improvements
+  - Support for building against OpenCV 4.6 and other build fixes
+  - Miscellaneous bug fixes, memory leak fixes, and other
+    stability and reliability improvements
+  + gstreamer:
+  - clock: Avoid creating a weakref with every entry
+    (performance improvement)
+  - plugin: add Apache 2 license to list of known licenses to avoid
+    warning
+  - gst_plugin_load_file: force plugin reload if filename differs
+    Add support for LoongArch
+
+- Enable use of libunwind on riscv64
+
+- Update to version 1.20.2
+  + Highlighted bugfixes:
+  - avviddec: Remove vc1/wmv3 override and fix crashes on WMV
+    files with FFMPEG 5.0+
+  - macOS: fix plugin discovery for GStreamer installed via brew
+    and fix loading of Rust plugins
+  - rtpbasepayload: various header extension handling fixes
+  - rtpopusdepay: fix regression in stereo input handling if
+    sprop-stereo is not advertised
+  - rtspclientsink: fix possible shutdown deadlock
+  - mpegts: gracefully handle "empty" program maps and fix AC-4
+    detection
+  - mxfdemux: Handle empty VANC packets and fix EOS handling
+  - playbin3: various playbin3, uridecodebin3, and playsink fixes
+  - ptpclock: fix initial sync-up with certain devices
+  - gltransformation: let graphene alloc its structures memory
+    aligned
+  - webrtcbin fixes and webrtc sendrecv example improvements
+  - video4linux2: various fixes including some fixes for
+    Raspberry Pi users
+  - videorate segment handling fixes and other fixes
+  - nvh264dec, nvh265dec: Fix broken key-unit trick modes and
+    reverse playback
+  - wpe: Reintroduce persistent WebContext
+  - cerbero: Make it easier to consume 1.20.1 macOS GStreamer
+    .pkgs
+  - build fixes and gobject annotation fixes
+  - bug fixes, security fixes, memory leak fixes, and other
+    stability and reliability improvements
+  + gstreamer:
+  - devicemonitor: clean up signal handlers and hidden providers
+    list
+  - Leaks tracer: fix pthread_atfork return value check leading
+    to bogus warning in log
+  - Rust plugins: Not picked up by the plugin loader on macOS
+  - Failed to use plugins of latest GStreamer version 1.20.x
+    installed by brew on macOS
+  - ptpclock: Allow at least 100ms delay between Sync/Follow_Up
+    and Delay_Req/Delay_Resp messages. Fixes problems acquiring
+    initial sync with certain devices
+  - meson: Add -Wl,-rpath,${libdir} on macOS
+  - registry: skip Rust dep builddirs when searching for plugins
+    recursively
+
gstreamer-plugins-bad
+- Disable zxing in Leap
+  * Leap 15.5 can not provide zxing >= 1.4.0, zxing is a SLE built
+    which was version 1.2.0, Factory do have zxing-cpp 2.0.0 but it
+    doesn't an API compatible version, and looks it's too late to
+    update it to SLE15 because LO might be affected.
+
+- Remove sys/decklink since that contains a non-standard license
+  and disable the decklink plugin
+
+- Stop building openh264 by default even on 3'rd party
+  buildservices, do this via bcond. Codec now available via a
+  special repo.
+
+- Enable zxing again, now that the updated version have landed.
+
+- Temporarily disable zxing, waiting for updated version to land
+  in Factory.
+
+- Add patch to reduce the required meson version to 0.61.0 since
+  that's what we have in SLE 15:
+  * reduce-required-meson.patch
+- Probably because of a problem in SLE's meson, the generated
+  pkgconfig files are missing some variables that are needed by
+  rpm to generate the pkgconfig(...) provides correctly. In order
+  to fix this, we now check for those variables and insert them
+  in the pc files before installation if they're missing.
+- Only build the microdns plugin in TW since SLE is missing the
+  required dependencies.
+
+- Add new shared libs libgstcuda-1_0-0 and libgstwebrtcnice-1_0-0
+  to baselibs.conf.
+
+- Update to version 1.22.0:
+  + Please see changes in gstreamer main package, major version
+    bump.
+- Pass amfcodec=disabled and directshow=disabled to meson, not
+  supported on linux (yet?).
+- Build qsv plugin only for supported targets via passing
+  conditional qsv=disabled/enabled to meson.
+- Add pkgconfig(gtk+-3.0) BuildRequires: New dependency.
+- Package new sub-packages
+  + libgstcuda-1_0-0
+  + libgstwebrtcnice-1_0-0
+  + typelib-1_0-CudaGst-1_0
+  + typelib-1_0-GstCuda-1_0
+  + typelib-1_0-GstVa-1_0
+
+- Update to version 1.20.5:
+  + aesdec:
+  - Fix padding removal for per-buffer-padding=FALSE
+  - Fix test failing in gst-plugins-bad
+  + alphacombine: Add missing query handler for gaps
+  + avfdeviceprovider: do not leak the properties
+  + avfvideosrc: Report latency when doing screen capture
+  + d3d11screencapturesrc: Specify PAR 1/1 to template caps
+  + d3d11videosink:
+  - Fixing focus lost on desktop layout change
+  - Call ShowWindow() from window thread
+  - Fix deadlock when parent window is busy
+  - Always clear back buffer on resize
+  + decklink: reset calculation of time_mapping to fix clipping
+    HDMI video
+  + directshow: Fix build error with glib 2.75 and newer
+  + dvbsubenc:
+  - Forward GAP events as-is if we wouldn't produce an end packet
+  - Write Display Definition Segment if a non-default
+    width/height is used
+  + h265decoder: Do not abort when failed to prepare ref pic set
+  + h264parser: Fix a typo in pred_weight_table parsing.
+  + mediafoundation, d3d11: Fix memory leak and make leak tracer
+    happy
+  + mpegts:
+  - Handle when iconv doesn't support ISO 6937 (e.g. musl libc)
+  - Check continuity counter on section streams
+  + mpegtsdemux: Always clear packetizer on DISCONT push mode
+  + srt: various fixes - improve stats and error handling
+  + rtmp2: Improve error messages
+  + rtmp2sink: Correctly return GST_FLOW_ERROR on error
+  + vulkan: Fix static linking on macOS
+  + webrtcbin: also add rtcp-fb ccm fir for video mlines by default
+  + webrtc/nice: fix small leak of split strings
+
+- Update to version 1.20.4:
+  + amcvideodec: fix GstAmcSurfaceTexture segfault.
+  + audiobuffersplit: Fix drift that was introduced by wrong
+    calculations in gapless mode.
+  + audiovisualizer: fix buffer mapping to not increase refcount.
+  + avfvideosrc: Fix wrong default framerate value.
+  + d3d11decoder: Check 16K resolution support.
+  + d3d11videosink: Fix for force-aspect-ratio setting when
+    rendering on shared texture.
+  + GstPlay: missing cleanup for g_autoptr.
+  + mxfdemux: Always calculate BlockAlign of raw audio to work
+    around files with broken BlockAlign field in the headers.
+  + nvdec: Fix for HEVC decoding when coded resolution is larger
+    than display resolution.
+  + openh264enc: Fix constrained-high encoding.
+  + openh264: Register debug categories earlier.
+  + openmpt: update from now deprecated api.
+  + player/play: Fix object construction and various leaks.
+  + player: Plug a memory leak.
+  + proxysink: Make sure stream-start and caps events are
+    forwarded, and fix memory leak.
+  + tests: skip unit tests for dependency-less elements that have
+    been disabled.
+  + tsdemux: Don't trigger a program change when falling back to
+    ignore-pcr behaviour.
+  + va:
+  - allocator: Fix translation of VADRMPRIMESurfaceDescriptor.
+  - h265dec: Fix a crash because of missing reference frame.
+  - vah265dec: Decoder segfaults on seek.
+  + wasapi2: Fix initial mute/volume setting.
+  + wasapi: Implement default audio channel mask.
+  + webrtcbin:
+  - Fix pointer dereference before null check.
+  - Limit sink query to sink pads.
+  + webrtc: Make sure to return NULL when validating TURN server
+    fails.
+- Drop va-allocator-fix.patch: fixed upstream.
+
+- Build microdns support. Following this add pkgconfig(microdns)
+  BuildRequires and pass microdns=enabled to meson.
+
+- Add va-allocator-fix.patch: va: allocator: Fix translation of
+  VADRMPRIMESurfaceDescriptor + va: allocator: Use always lseek to
+  get dmabuf size.
+  https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/2657
+
+- Update to version 1.20.3:
+  + GstPlay: Fix new error + warning parsing API (was unusuable
+    before)
+  + av1parse: let the parser continue on verbose OBUs
+  + d3d11converter: Fix RGB to GRAY conversion, broken debug
+    messages, and add missing GRAY conversion
+  + gs: look for google_cloud_cpp_storage.pc
+  + ipcpipeline: fix crash and error on windows with SOCKET or
+    _pipe()
+  + ivfparse: Don't set zero resolution on caps
+  + mpegtsdemux: Handle PES headers bigger than a mpeg-ts packet;
+    fix locking in error code path; handle more program updates
+  + mpegtsmux: Start last_ts with GST_CLOCK_TIME_NONE to fix VBR
+    muxing behaviour
+  + mpegtsmux: Thread safety fixes: lock mux->tsmux, the programs
+    hash table, and pad streams
+  + mpegtsmux: Skip empty buffers
+  + osxaudiodeviceprovider: Add initial support for duplex devices
+    on OSX
+  + rtpldacpay: Fix missing payload information
+  + sdpdemux: add media attributes to caps, fixes ptp clock
+    handling
+  + mfaudioenc: Handle empty IMFMediaBuffer
+  + nvdecoder: Various fixes for 4:4:4 and high-bitdepth decoding
+  + nvenc: Fix deadlock because of too strict buffer pool size
+  + va: fix library build issues, caps leaks in the vpp transform
+    function, and add vaav1dec to documentation
+  + v4l2codecs: vp9: Minor fixes
+  + v4l2codecs: h264: Correct scaling matrix ABI check
+  + dtlstransport: Notify ICE transport property changes
+  + webrtc: Various fixes to the webrtc-sendrecv python example
+  + webrtc-ice: Fix memory leaks in gst_webrtc_ice_add_candidate()
+  + Support build against libfreeaptx in openaptx plugin
+  + Fix linking issues on Illumos distros
+
+- removed libkms BuildRequires, since it has been dropped from
+  libdrm
+
+- Update to version 1.20.2:
+  + av1parse: Fix several issues about the colorimetry.
+  + av1parse: fix up various possible logic errors
+  + dashsink: fix missing mutex unlock in error code path when
+    failing to get content
+  + d3d11videosink: Fix for unhandled mouse double click events
+  + interlace: Also handle a missing "interlace-mode" field as
+    progressive
+  + msdk: fix build with MSVC
+  + mxfdemux: Fix issues at EOS
+  + mxfdemux: Handle empty VANC packets
+  + nvh264dec, nvh265dec: Fix broken key-unit trick and reverse
+    playback
+  + nvvp9sldec: Increase DPB size to cover render delay
+  + rvsg: fix cairo include
+  + tsdemux: Fix AC-4 detection in MPEG-TS
+  + tsdemux: Handle "empty" PMT gracefully
+  + va: pool: don't advertise the
+    GST_BUFFER_POOL_OPTION_VIDEO_ALIGNMENT option any more
+  + v4l2codecs: Fix memory leak
+  + v4l2videodec: set frame duration according to framerate
+  + webrtcbin: Update documentation of 'get-stats' action signal
+  + webrtcbin: Check data channel transport for notifying
+    'ice-gathering-state'
+  + webrtcbin: Avoid access of freed memory
+  + wpe: Reintroduce persistent WebContext
+  + Build: use CMake to find some openssl and exr deps
+  + Fix multiple "unused-but-set variable" compiler warnings
+- Drop patch already included in 1.20.2:
+  + 8440e2a373e5ce681d15f5880cb2f2562be332cf.patch
+
+- Disable ldacBT on ppc64: ldacBT is not available there.
+
+- Add spandsp3.patch: Fix build with spandsp 3.x by including
+  private headers.
+
gstreamer-plugins-base
+- Add patch to reduce the required meson version to 0.61.0 since
+  that's what we have in SLE 15:
+  * reduce-required-meson.patch
+- Probably because of a problem in SLE's meson, the generated
+  pkgconfig files are missing some variables that are needed by
+  rpm to generate the pkgconfig(...) provides correctly. In order
+  to fix this, we now check for those variables and insert them
+  in the pc files before installation if they're missing.
+
+- Update to version 1.22.0:
+  + Please see changes in gstreamer main package, major version
+    bump.
+- Rebase patches with quilt.
+- Add pkgconfig(xi) BuildRequires: New dependency.
+
+- Update to version 1.20.5:
+  + audioconvert, audioresample, audiofilter: fix divide by 0 for
+    input buffer without caps
+  + cdparanoia: Ignore compiler warning coming from the cdparanoia
+    header
+  + oggdemux, parsebin: More leak fixes
+  + opengl:
+  - Fix automatic dispmanx detection for rpi4
+  - Fix usage of eglCreate/DestroyImage
+  - Fix static linking on macOS
+  + Bump core requirement in 1.20 branch to 1.20.4
+  + oggdemux: Don't leak incoming EOS event
+  + opusdec: Various channel-related fixes
+  + subparse: Fix non-closed tag handling.
+  + textrender:
+  - Don't blindly forward all events and don't blindly forward
+    all events
+  - Negotiate caps on a GAP event if none were negotiated yet
+  + timeoverlay: fix pad leak
+  + videodecoder: Only post latency message if it changed
+  + videoscale: buffer meta handling fixes (NULL-terminate array of
+    valid meta tags)
+  + videosink: Don't return unknown end-time from get_times()
+
+- Update to version 1.20.4:
+  + decodebin3:
+  - Fix mutex leaks
+  - Fix memory issues with active selection list
+  - uridecodebin3, urisourcebin: Event handling fixes
+  - Fix EOS event sequence
+  + parsebin:
+  - Avoid crash with unknown streams
+  - SIGSEGV during HLS stream using souphttpsrc
+  + glimagesink:
+  - Only allow setting the GL display/context if it is a valid
+    value
+  - Segfault on android devices
+  + gstgl: Fix several memory leaks in macOS
+  + opusenc: improve inband-fec property documentation
+  + playsink: Hold a reference to the soft volume element
+  + pbutils: descriptions: fix
+    gst_pb_utils_get_caps_description_flags()
+  + rtspurl: Use gst_uri_join_strings() in
+    gst_rtsp_url_get_request_uri_with_control() instead of a
+    hand-crafted, wrong version
+  + rtspconnection: protect cancellable by a mutex
+  + sdpmessage: Don't set SDP medias from caps without
+    media/payload/clock-rate fields
+  + samiparse: fix handling of self-closing tags
+  + ssaparse: include required system headers for isspace() and
+    sscanf() functions
+  + subparse: fix crash when parsing invalid timestamps in mpl2
+  + subparse fixes
+  + textoverlay: Don't miscalculate text running times
+  + videoaggregator: always convert when user provides
+    converter-config
+  + video: Fix scaling in 4x horizontal co-sited chroma (Y41B,
+    YUV9, YVU9 and IYU9)
+  + xmptag: register musicbrainz tags during init to fix critical
+    in jpegparse
+  + xvimagesink: fix image leaks in error code path
+  + tests: skip unit tests for dependency-less elements that have
+    been disabled
+
+- Update to version 1.20.3:
+  + typefindfunctions: Fix WebVTT format detection for very short
+    files
+  + gldisplay: Reorder GST_GL_WINDOW check for egl-device
+  + rtpbasepayload: Copy all buffer metadata instead of just
+    GstMetas for the input meta buffer
+  + codec-utils: Avoid out-of-bounds error
+  + navigation: Fix Since markers for mouse scroll events
+  + videoaggregator: Fix for unhandled negative rate
+  + videoaggregator: Use floor() to calculate current position
+  + video-color: Fix for missing clipping in PQ EOTF function
+  + gst-play-1.0: Fix trick-mode handling in keyboard shortcut
+  + audiovisualizer: shader: Fix out of bound write
+
+- Update to version 1.20.2:
+  + appsrc: Clarify buffer ref semantics in signals documentation
+  + appsrc: fix annotations for bindings
+  + typefind: Skip extension parsing for data:// URIs, fixing
+    regression with mp4 files serialised to data uris
+  + playbin3: various fixes
+  + playbin3: fix missing lock when unknown stream type in
+    pad-removed cb
+  + decodebin3: fix collection leaks
+  + decodebin3: Don't duplicate stream selections
+  + discoverer: chain up to parent finalize methods in all our
+    types to fix memory leaks
+  + glmixerbin: slightly better pad/element creation
+  + gltransformation: let graphene alloc its structures memory
+    aligned
+  + ogg: fix possible buffer overrun
+  + rtpbasepayload: Don't write header extensions if there's no
+    corresponding...
+  + rtpbasepayload: always store input buffer meta before
+    negotiation
+  + rtpbasepayload: fix transfer annotation for push and push_list
+  + subparse: don't try to index string with -1
+  + riff-media: fix memory leak after usage for g_strjoin()
+  + playbin/playbin3: Allow setting a NULL URI
+  + playsink: Complete reconfiguration on pad release.
+  + parsebin: Expose streams of unknown type
+  + pbutils: Fix wmv screen description detection
+  + subparse: don't deref a potentially NULL variable
+  + rawvideoparse: set format from caps in
+    gst_raw_video_parse_set_config_from_caps
+  + videodecoder: release stream lock after handling gap events
+  + videorate: fix assertion when pushing last and only buffer
+    without duration
+  + videorate: Revert "don't reset on segment update" to fix
+    segment handling regressions
+  + gst-play-1.0, gst-launch-1.0: Enable win32 high-resolution
+    timer also for MinGW build
+- Drop patch already included in 1.20.2:
+  + 5a074a11f90e3d70b24bf0c535ab0480fad9e701.patch
+
gstreamer-plugins-good
-- Add gstreamer-CVE-2022-1920.patch: avoid integer overflow in
-  WavPack header handling code (boo#1201688 CVE-2022-1920).
-- Add gstreamer-CVE-2022-1921.patch: fix integer overflow resulting
-  in heap corruption (boo#1201693 CVE-2022-1921).
-- Add gstreamer-CVE-2022-1922-matroska.patch and
-  gstreamer-CVE_2022-1922-qt.patch: fix integer overflows in
-  zlib/bz2/etc. decompression (boo#1201702 boo#1201704 boo#1201706
-  boo#1201707 boo#1201708 CVE-2022-1922 CVE-2022-1923 CVE-2022-1924
-  CVE-2022-1925 CVE-2022-2122).
+- Add patch to reduce the required meson version to 0.61.0 since
+  that's what we have in SLE 15:
+  * reduce-required-meson.patch
+
+- Update to version 1.22.0:
+  + Please see changes in gstreamer main package, major version
+    bump.
+- Add disabled pkgconfig(Qt6Core), pkgconfig(Qt6Gui),
+  pkgconfig(Qt6Qml), pkgconfig(Qt6Quick) and
+  pkgconfig(Qt6WaylandClient) BuildRequires and pass Dqt6=disabled
+  to meson, do not build qt6 support yet.
+- Fixed in 1.21.1:
+  + avoid integer overflow in WavPack header handling code
+    (boo#1201688 CVE-2022-1920).
+  + fix integer overflow resulting in heap corruption
+    (boo#1201693 CVE-2022-1921).
+  + fix integer overflows in zlib/bz2/etc. decompression
+    (boo#1201702 boo#1201704 boo#1201706 boo#1201707 boo#1201708
+    CVE-2022-1922 CVE-2022-1923 CVE-2022-1924 CVE-2022-1925
+    CVE-2022-2122).
+
+- Update to version 1.20.5:
+  + flacparse: Fix handling of headers advertising 32bps
+  + multiudpsink: allow binding to IPv6 address
+  + oss4: Fix debug category initialization
+  + qt5:
+  - Deactivate context if fill_info fails
+  - Initialize GError properly in gst_qt_get_gl_wrapcontext()
+  + qtdemux:
+  - Check return value from gst_structure_get in PIFF box
+  - Use unsigned int types to store result of QT_UINT32
+  - Prefill mode fixes
+  + rtpjitterbuffer tests: Cast drop-messages-interval type
+    properly (fixing it on 32-bit architectures)
+  + rtspsrc:
+  - Don't replace 404 errors with "no auth protocol found"
+  - Fix seek event leaks
+  - Fix usage of IPv6 connections in SETUP
+  - Only EOS on timeout if all streams are timed out/EOS
+  + splitmuxsrc: don't queue data on unlinked pads
+  + v4l2: Fix SIGSEGV on 'change state' during 'format change'
+  + v4l2videodec: Fix activation of internal pool
+  + wavparse:
+  - Avoid occasional crash due to referencing freed buffer.
+  - Fix crash that occurs in push mode when header chunks are
+    corrupted in certain ways.
+
+- Update to version 1.20.4:
+  + alpha: fix stride issue when out buffer has padding on right
+  + isoff: Fix earliest pts field parse issue
+  + matroska-mux: allow width + height changes for
+    avc3|hev1|vp8|vp9
+  + qt: Fix another instance of Qt/GStreamer both defining GLsync differently
+  + qtdemux:
+  - Avoid crash on reconfiguring.
+  - Guard against timestamp calculation overflow in gap event loop
+  - Don't use invalid values from failed trex parsing
+  - Possible endless loop
+  + rtpjitterbuffer:
+  - Only unschedule timers for late packets if they're not RTX
+    packets and only once
+  - Remove lost timer for out of order packets
+  + rtspsrc:
+  - SETUP generates 400 Bad Request
+  - Retry SETUP with non-compliant URL resolution on "Bad
+    Request" and "Not found"
+  + rtpst2022-1-fecenc: Drain column packets on EOS
+  + rtpvp8depay: If configured to wait for keyframes after packet
+    loss, also do that if incomplete frames are detected
+  + splitmuxsink: Don't crash on EOS without buffer
+  + splitmuxsrc:
+  - Stop pad task before cleanup
+  - Don't consider unlinked pads when deactivating part
+  + soup: libsoup3 makes audio streaming stop
+  + v4l2: fix critical when unreferencign buffer with no data
+  + v4l2bufferpool: Fix debug trace
+  + v4l2object: Add support for Apple's full-range bt709 colorspace
+    variant 1:3:5:1
+  + v4l2videocodec: workaround for failure to fully drain frames
+    preceding MIDSTREAM renegotiation
+  + v4l2allocator: Fix invalid imported dmabuf fd
+  + videoflip: Fix caps negotiation when method is selected
+  + build failure trying to build jack examples
+  + examples: don't try and build jack examples if jack was
+    disabled
+  + tests: skip unit tests for dependency-less elements that have
+    been disabled
+
+- Update to version 1.20.3:
+  + deinterlace: various bug fixes for yadif method
+  + deinterlace: Refactor greedyh and fix planar formats
+  + deinterlace: Prevent race between method configuration and
+    latency query
+  + gtk video sink: Fix rotation not being applied when paused
+  + jpegdec: fix RGB conversion handling
+  + matroskademux: improved ProRes video handling
+  + matroskamux: Handle multiview-mode/flags/pixel-aspect-ratio
+    caps fields correctly when checking caps equality on
+    input caps changes
+  + rtprtx: don't access type-system per buffer
+    (performance optimisation); code cleanups
+  + rtpulpfecenc: fix unmatched g_slice_free()
+  + rtpvp8depay: fix crash when making GstRTPPacketLost custom
+    event
+  + qtmux: Don't post an error message if pushing a sample failed
+    with FLUSHING (e.g. on pipeline shutdown)
+  + soup: Lookup libsoup dylib files on Apple platforms & fix
+    Cerbero static build on Android and iOS
+  + souphttpsrc: element not present on iOS after 1.20.0 update
+  + v4l2tuner: return NULL if no norm set
+  + v4l2bufferpool: Fix race condition between qbuf and pool
+    streamoff
+  + meson: Don't build lame plugin with -Dlame=disabled
+
+- Update to version 1.20.2:
+  + deinterlace: silence unused-but-set werror from imported code
+  + qtdemux: fix leak of channel_mapping
+  + rtpopusdepay: missing sprop-stereo should not assume mono
+  + rtpjitterbuffer: Fix invalid memory access in
+    rtp_jitter_buffer_pop()
+  + rtpptdemux: fix leak of caps when ignoring a pt
+  + rtpredenc: quieten warning about ignoring header extensions
+  + soup: Fix pre-processor macros in souploader for libsoup-3.0
+  + twcc: Note that twcc-stats packet loss counts reordering as
+    loss + add some logging
+  + video4linux2: Manual backports for RPi users
+  + wavparse: handle URI query in any parse state, fixing audio
+    track selection issue in GES
+  + wavparse: Unset DISCONT buffer flag for divided into multiple
+    buffers in push mode
gstreamer-plugins-rs
+- Add BuildRequires: zstd so it build in SLE/Leap now that the
+  sources are compressed with zstd
+
+- Update to version 0.10.1+git20230213.9cd68ff:
+  * rtpav1pay: Fix calculation of Leb128 size size to work
+    correctly with streams from certain encoders.
+- Changes from version 0.10.0:
+  * Fixed:
+  - audiornnoise: Use correct value range for the samples
+  - awss3sink: Treat stopping without EOS as an error for
+    multipart upload
+  - awss3hlssink:
+    . Fix the name of the hlssink child element
+    . Fix deadlock on EOS
+  - dav1d: Various fixes to improve performance, to handle
+    decoding errors more gracefully and to make sure all frames
+    are output in the end
+  - fmp4mux: Various fixes to fragment splitting behaviour,
+    output formatting and header generation
+  - gtk4: Various stability and rendering fixes
+  - meson: Various fixes and improvements to the meson-based
+    build system
+  - ndi: provide non-Linux/macOS UNIX fallback for the soname
+  - ndisrc: Use default channel mask for audio output to allow >2
+    channels to work better
+  - rav1e: Correctly enable threading support
+  - rtpav1: Various fixes to the payloader and depayloader to
+    handle streams more correctly and to handle errors more
+    cleanly
+  - rtpav1depay: Set caps on the source pad
+  - spotify: fix "start a runtime from within a runtime" with
+    static link
+  - textahead: fix previous buffers
+  - textwrap: Don't panic on empty buffers
+  - tttocea608: Don't fail if a GAP event contains no duration
+  - webrtchttp: whipsink: construct TURN URL correctly
+  - webrtcsink: fix panic on pre-bwe request error
+  - whipsink:
+    . Send ICE candidates together with the offer
+    . Various cleanups and minor fixes
+  * Added:
+  - audiornnoise: Add voice detection threshold property
+  - awss3hlssink: Add stats property
+  - awss3sink: Add properties to set Content-Type and
+    Content-Disposition
+  - fmp4mux:
+    . Add 'offset-to-zero' property
+    . Add support for CMAF-style chunking, e.g. low-latency / LL
+    HLS and DASH
+  - fmp4mux/mp4mux:
+    . Add support for muxing Opus, VP8, VP9 and AV1 streams
+    . Make media/track timescales configurable
+  - gtk4: Support for rendering GL textures on X11/EGL, X11/GLX,
+    Wayland and macOS
+  - hlssink3: Allow generating i-frame-only playlist
+  - livesync: New element that alllows maintaining a contiguous
+    live stream without gaps from a potentially unstable source.
+  - mp4mux: New non-fragmented MP4 muxer element
+  - spotifyaudiosrc: Support configurable bitrate
+  - textahead: add settings to display previous buffers
+  - threadshare: Introduce new ts-audiotestsrc
+  - webrtcsink: Support nvv4l2vp9enc
+  - whepsource: Add a WebRTC WHEP source element
+  * Changed:
+  - audiofx: Derive from AudioFilter where possible
+  - dav1ddec: Lower rank to primary to allow usage of hardware
+    decoders with higher ranks
+  - fmp4mux: Only push fragment_offset if write-mfra is true to
+    reduce memory usage
+  - webrtcsink:
+    . Make the turn-server property a turn-servers list
+    . Move from async-std to tokio
+
+- Update to version 0.9.8+git20230124.d9e9468:
+  * aws: Update to AWS SDK 0.53/0.23
+  * dav1d:
+  - Don't flush the decoder when draining
+  - Don't treat any kind of bitstream error immediately as fatal
+  - Get rid of some unnecessary `unwrap()`s
+  - Only drain at most one decoded frame per input frame unless
+    the decoder requires more before accepting new data
+  - Remove unnecessary frame dropping loop
+  * Downgrade clap dependency to 4.0
+  * gtk4:
+  - Asynchronously flush frames from GDK
+  - Keep `GstGLMemory` alive as long as it is used inside GDK
+  - Make no caps in the allocation query a non-error
+  - Only provide a buffer pool to upstream if it requested one
+  * livesync: fix late-threshold property min value
+  * meson:
+  - Only enable cargo features when options are enabled (bis)
+  - Update version to 0.9.8
+
+- Update to version 0.9.5+git20230111.df3b908:
+  * awss3hlssink: Add stats property.
+  * aws:
+  - Update to AWS SDK 0.52/0.22
+  - Update to test-with 0.9
+  * cargo_wrapper:
+  - Fix setting of PKG_CONFIG_PATH and CARGO_TARGET_DIR
+  - Handle windows paths for depfiles
+  - Write to log with line-buffering
+  * deny:
+  - Ignore duplicated base64 dependency for now
+  - Remove duplicated windows dependencies
+  - Update
+  * fmp4mux:
+  - Only push fragment_offset if write_mfra is true
+  - Remove obsolete comment
+  * gtk4:
+  - Add support for GL on macOS
+  - Don't error out when the main context channel does not exist
+    anymore when rendering
+  - Don't try to use GL mapped video frames as raw RGB memory
+  - Flush frames from the paintable when shutting down the sink
+  - Handle more GL context creation failures gracefully
+  - Propagate the GL display to the remainder of the pipeline
+  - Reduce number of unwraps during GL context creation and query
+    handling
+  - Release GStreamer GL context and display when going back to
+    NULL state
+  - Remove 'gst' from gtksink debug category name
+  - Remove 'gst' prefix from another debug category
+  - Rename a variable to make more sense
+  - Reset app context and display if GL context creation fails
+  - Update dependencies to releases
+  - Use `glib::ThreadGuard` instead of the fragile crate
+  - Use GL implicitly without the gst_gl feature on macOS
+  * meson:
+  - Add an option to build examples
+  - Add options for all plugins
+  - Disable webp plugin on Windows and macOS
+  - Do not serialize env, use env: kwarg
+  - Enable gstreamer-gl-1.0 features in gtk4 plugin
+  - Fix pkgconfig detection when specified in machine file
+  - Handle windows path separator correctly
+  - Only enable cargo features when options are enabled
+  - Require gstreamer-gl-1.0 for gtkpaintablesink
+  - Require tomllib / tomli python modules explicitly
+  * rav1e: Enable threading support
+  * Revert "Revert "rav1e: Update to rav1e 0.6""
+  * rtpav1depay: Implement srcpad set_caps
+  * textahead: fix previous buffers
+  * Update Cargo.lock
+  * video/gtk4: Fix typo in info logs
+  * webrtcsink: fix panic on pre-bwe request error
+- Pass sodium=enabled instead of sodium=system to meson following
+  upstream changes.
+
+- Update to version 0.9.3+git20221216.b701003:
+  * Add a WebRTC WHEP source element
+  * Add livesync plugin
+  * audiornnoise:
+  - Add debug output for voice activity to help you choose a
+    threshold
+  - Add voice detection threshold
+  - Use correct value range for the samples
+  * aws:
+  - s3sink: Treat stopping without EOS as an error for multipart
+    upload
+  - Update to env_logger 0.10 for the tests
+  * ci: Disable gst-build job for now
+  * dav1ddec: Lower rank to primary
+  * deny:
+  - Remove another dependency that is not duplicated anymore
+  - Remove dependencies that are not duplicated anymore
+  - Update
+  * Fix various new clippy warnings
+  * fmp4mux:
+  - Crank clock for the first fragment in more tests
+  - For video with N/1001 framerates use N as timescale
+  - Handle EOS correctly if it happens before a fragment start
+    time was determined
+  - Re-work buffer dequeueing and calculations of timestamps
+  - Skip gap buffers earlier to consider them for the sample
+    durations and fragment start durations
+  * gif: Update to gif 0.12
+  * gst-plugin-mp4: Add new MP4 plugin with a non-fragmented MP4
+    muxer
+  * gtk4:
+  - Deactivate application GL context again after `fill_info()`
+  - Deactivate the context if we fail to fill_info
+  - example: Use a bin with a `videoconvert` in the non-GL case
+  - Make GL support fully optional
+  - Only require GTK 4.6 if GL support is enabled
+  * livesync:
+  - Add missing version to the gst-plugin-gtk4 /
+    gst-plugin-version-helper dependencies
+  - Fix version
+  - Use release versions of the GLib/GStreamer bindings
+  * meson: Fix build of static plugins
+  * mp4:
+  - Add ONVIF non-fragmented MP4 muxer
+  - Add version to gst-plugin-version-helper dependency
+  - Remove unneeded cast in tests
+  - Update to url 2
+  * mp4mux:
+  - Adjust durations and possibly stream start time on
+    encountering a gap buffer
+  - Don't write empty chunks at the end if the last buffer of a
+    stream started a new chunk and happened to be a from a gap
+    event
+  - Don't write gap edit lists if their duration would be zero
+  - Factor out running time to UTC time calculation into a
+    function
+  - Fix edit list shift for streams with initial DTS smaller
+    earliest PTS but initial DTS positive
+  - For video with N/1001 framerates use N as timescale
+  - Remove unnecessary error case of negative PTS when doing the
+    ONVIF UTC time calculations
+  - Skip gap buffers instead of writing empty samples
+  * mux/{mp4, fmp4}: Hard depend on feature v1_18
+  * ndisrc:
+  - Use actual number of channels in positions_from_mask
+  - Use default channel mask for audio output
+  * net/ndi: fix build with --no-default-features
+  * net: Update to async-tungstenite 0.19
+  * Provide explicit type to `Iterator::sum()` calls to avoid
+    ambiguity
+  * spotify: fix "start a runtime from within a runtime" with
+    static link
+  * textahead: add settings to display previous buffers
+  * textwrap: Don't panic on empty buffers
+  * threadshare: Update to concurrent-queue 2
+  * tttocea608: Don't fail if a gap event contains no duration
+  * Update Cargo.lock
+  * video/gtk4:
+  - Implement support for GLTextures when possible.
+  - Rename Object types and struct to something simpler
+  - Restrict visibility of struct related to the Frame
+  * webrtchttp:
+  - Do not block webrtcbin signal handlers for sending candidates
+  - Do not import element_imp_error
+  - Don't use let-else for now
+  - Drop unused dependencies
+  - Factor out the common bits for WHIP and WHEP
+  - Fix documentation JSON
+  - Fix formatting
+  - Fix missing import for docs build
+  - Implement timeout for waiting on futures
+  - Remove unnecessary clippy warning override
+  - Use a proper Rust type name for ICE transport policy
+  - Use tokio runtime for spawning thread used for candidate
+    offer
+  - whipsink:
+    . Add candidates when sending the offer
+    . Construct TURN URL correctly
+    . Miscellaneous clean up
+  * webrtc/README: update command to run the signalling server
+  * webrtcsink: Support nvv4l2vp9enc
+  * whipsink: Handle offer creation errors more gracefully
+
+- Update to version 0.9+git20221113.274e57a:
+  * Update Cargo.lock
+  * Update versions to 0.9.1
+  * closedcaption: Update for deprecated chrono functions
+  * version-helper: Update for deprecated chrono functions
+  * Update Cargo.lock
+  * webrtc: README: fix couple of links
+  * webrtcsink: improve debug
+  * ci: add trigger job and only run documentation job post-merge
+  * ci: add integration stage and move documentation job to that
+  * ts/udpsink: handle items in the PadSinkHandler
+  * ts: introduce ts-audiotestsrc
+  * ts/standalone: add new Sinks
+  * ts/standalone: move current sink under task_sink
+  * deny: Update
+  * Add missing `doc` features to WebRTC plugins
+  * fmp4mux: Make media/trak timescales configurable
+  * ci: Update to cargo-c 0.9.14
+  * meson: optionalize pango dependency used by net/onvif
+  * ndi: provide Unix fallback after 3fe9e4a207f8
+  * fmp4mux: Don't allow VP9 for CMAF
+  * fmp4mux: Add initial Opus support
+  * docs: Remove some stale entries of renamed elements
+  * aws: Skip s3 test on Windows until we figure out why it times
+    out
+  * Fix various new clippy warnings
+  * fmp4mux: For VP9, write resolution into the tkhd and include a
+    stss box to signal that not all frames are sync samples
+  * webrtc: Update to human_bytes 0.4
+  * aws: Update to aws 0.21/0.51
+  * fmp4mux: Remove unused uuid dependency
+  * Update Cargo.lock
+  * fmp4mux: Clip negative PTS to zero/last PTS instead of erroring
+    out
+  * fmp4mux: Send force-keyunit events for now if the ideal
+    position has already passed
+  * fmp4mux: Add debug log when writing the mfra box
+  * fmp4mux: Reset timing infos to None if a stream only contained
+    gap events for a whole fragment
+  * fmp4mux: If a stream is longer than the main stream at EOS,
+    simply include all of its buffers in the last fragment
+    nonetheless
+  * whipsink: Add object to debug logs
+  * fmp4mux: don't require dts for predictive-only formats like vp9
+  * aws: fix title in README
+  * deny: Update
+  * fmp4: add support for muxing VP9 streams in cmaf, dash and iso
+    fmp4
+  * Add Cargo.lock
+  * Update to release versions of gtk-rs and gstreamer-rs
+  * Update versions to 0.9.0
+  * Update to async-tungstenite 0.18
+  * pngenc: Encode every frame individually
+  * ts/pad: use `gst::Pad` in handlers trait functions...
+  * ts/pad: don't pass self as ref in remaining handler traits
+    functions
+  * textwrap: Update to textwrap 0.16
+  * Move from `imp.instance()` to `imp.obj()`
+  * Remove `&` for `obj` in log macros
+  * Update docs
+  * Add all missing plugins/elements to the README.md
+  * Fix GObject type names, GStreamer debug category names and
+    element factory names
+  * Add new mux subdirectory for container formats
+  * rtp: Move GCC bandwidth estimation element from webrtc to rtp
+    plugin
+  * Make GStreamer plugin/crate/library/directory names and
+    descriptions consistent
+  * Rename rtpav1 plugin to just rtp
+  * videocompare: Update README with reference
+  * Sort members in Cargo.toml and meson.build alphabetically and
+    the same in both files
+  * Various minor cleanups
+  * meson: Fix warning
+  * videocompare: Fix warning
+  * Take advantage of `Into<Option<_>>` args
+  * onvifmetadatacombiner: On timeout don't wait for metadata to
+    arrive anymore but output the current video frame
+  * onvifmetadatacombiner: Add a lot of trace debug output
+  * spotifyaudiosrc: convert to PushSrc
+
+- Update to version 0.9.alpha.1+git20221020.5c89c3d:
+  * meson: add plugins list to summary
+  * fallbacksrc: Don't configure conversion elements for normal
+    stream
+  * webrtc:
+  - Rename and add to meson build the signalling server
+  - Enhance documentation
+  - Minor cleanup
+  - Rename signaller and protocol crates
+  - Update and unify rust-version and edition
+  - Uniformise GType names
+  - Port to new ElementBuilder API
+- Add ppc ppc64 ppc64le s390 ExcludeArch: Current versions of
+  gstreamer-plugins-rs depends on rs-ring, and rs-ring does not yet
+  support building on these targets.
+
+- Update to version 0.9.alpha.1+git20221010.b1b7070:
+  * Change *Impl trait methods to only take &self and not
+    Self::Type in addition
+  * fallbacksrc:
+  - Always restart the fallback stream on EOS and make sure to
+    EOS all streams if the main stream is EOS
+  - Retry fallback stream on errors too
+  * jsontovtt:
+  - Add timeout property
+  - Print object information to debug message
+  * Update for glib::Object::new() API changes
+  * update-version.sh: Also update version in meson.build
+  * Use `GFV::none_for_format` where applicable
+
+- Update to version 0.9.alpha.1+git20221005.0b13bfe:
+  * Add missing Since markers to new plugins
+  * Add RTP de/payloader elements for AV1
+  * Allow "unused_doc_comments" as we use hotdoc and not rustdoc
+  * awstranscriber:
+  - fix set_property for language-code
+  - only set vocabulary filter when vocabulary is set
+  * aws: Update to aws 0.48/0.18
+  * build: Update versions to be 0.9.0-alpha.1
+  * cargo:
+  - Sort members and default-members lists
+  - Update default-members list
+  * cea608tojson: Clip column number if it exceeds allowed value
+  * csound: Fix score-offset getter
+  * dav1ddec: Require dav1d 1.0.0 in meson
+  * dav1d: Update to dav1d 0.9
+  * doc: Mark request::user-agent as doc show default
+  * docs: Remove cruft
+  * examples: Update to clap 4
+  * fallbacksrc:
+  - Always restart the fallback stream on EOS and make sure to
+    EOS all streams if the main stream is EOS
+  - Implement support for fallback streams
+  - Retry fallback stream on errors too
+  * fallbackswitch:
+  - Fix lock order problem between state and stream lock
+  - Flush and deactivate pads before releasing them
+  - Make sure to flush/reset pads during pad (de)activation
+  - Port the example to GTK 4
+  * Fixes for removal of SpecificFormattedValues ops on ref
+  * Fix missing pkgconfig requires
+  * fmp4mux:
+  - Drop GAP buffers before doing ONVIF UTC time re-timestamping
+  - Drop gap buffers before further processing
+  - Implement a better strategy for splitting fragments and
+    deciding which buffers go into which fragment
+  - Split huge drain function into separate functions
+  * Generate plugins documentation using hotdoc
+  * jitterbuffer: fix typo when calculating max_misorder_time
+  * jsontovtt: Don't push zero-duration cue data
+  * meson:
+  - Blacklist csound and threadshare plugins for gst-full
+  - Define gst_plugins with list of dependencies
+  - Fix deprecation warning
+  - Fix directory/plugin name mapping for new webrtchttp plugin
+  - Fix gstwebrtc/gstsdp subproject usage
+  - Fix usage of python3 variable which was renamed recently
+  - Import python module only once
+  - Use workspace Cargo.toml to find crates path
+  * net/onvif: update with new `gst::Signed` features
+  * onvif:
+  - Fix for `gst::meta::CustomMeta::register()` API change
+  - Rename onvif(de)pay to rtponvifmetadata(de)pay and include
+    the metadata specifier in the other element names too
+  * onvifmetadatacombiner:
+  - Do not classify as Muxer
+  - Drop gap metadata buffers
+  * onvifmetadataparse:
+  - Drop initial buffers if their UTC time would be negative
+  - Drop initial buffers until an UTC/running time mapping can be
+    established
+  - Handle negative running times in debug output
+  - Pass through other XML as is with the UTC times based on the
+    buffer PTSs
+  - Push buffers from a separate source pad task to guarantee
+    latency and generally improve correctness
+  - Refactor clock/condvar waiting
+  - Schedule EOS events after the last currently queued up frame
+  - Simplify some code
+  - Start source pad task on StreamStart if needed
+  * pngenc: Allow using deprecated compression levels
+  * rav1e: Pin `v_frame` dependency to version 0.2.5 for now
+  * rtpav1depay: Don't unnecessary map RTP payload a second time
+  * rtpav1pay: Don't push buffers downstream while holding mutexes
+  * rtpav1:
+  - Remove some unneeded lifetime annotations
+  - Reset state on FlushStop/Eos in all conditions and reset all
+    of the state
+  - Specify version helper dependency by path
+  - Use GStreamer types by namespace instead of importing dozens
+    of types directly into the scope
+  * s3sink: Dont set call_timeout,call_attempt_timeout is enough
+    with retry.
+  * s3sink, s3src: Max 1 (re)try when retry-duration <
+    request_timeout.
+  * text/json:
+  - hard depend on ser_de feature of gst crate
+  - use renamed gst feature 'serde'
+  * threadshare: disable tests that can't work on windows
+  * togglerecord: Port example to GTK 4
+  * tracers:
+  - Fix documentation comment using gtk-doc style
+  - queue-levels: Update for `gst::TracerImpl` API changes
+  * ts: add feature to add counters for performance evaluation
+  * ts/executor: clear the reactor instead of closing it...
+  * ts-jitterbuffer:
+  - Declare `request-pt-map` signal
+  - extra robustness for Windows CI
+  - Fix latency type when getting property
+  * ts/scheduler:
+  - fix shutdown
+  - improve tasks / io & timers polling  balance
+  * ts/standalone: multiple improvements
+  * ts/Task: don't drain sub tasks after state transition and
+    iteration
+  * ts/timers: multiple improvements
+  * Update for GLib ParamSpec builder API changes
+  * Update minimum supported Rust version to 1.63
+  * update-version.sh: Also update version in meson.build
+  * uriplaylistbin: Port example from structopt to clap
+  * video/rspng: add missing doc feature gate
+  * whipsink: A GstBin implementation for WHIP
+- Add python3-tomli and pkgconfig(gstreamer-webrtc-1.0)
+  BuildRequires: New dependencies.
+- Pass default-library=shared and doc=disabled to meson, ensure we
+  build the shared lib as default and disable build of docs.
+
+- Update constraints for i586, bump to 22 G here too.
+
+- Update to version 0.8.4+git20220824.052092cd:
+  * Add RaptorQ RTP FEC plugins
+  * audioloudnorm: Drain on segment event
+  * audio: Use gst_audio::AudioCapsBuilder in some plugins
+  * audio, video: Use AudioCapsBuilder::new_interleaved where
+    applicable
+  * aws: Document the s3hlssink element in README
+  * aws: s3sink: Add a deprecation warning for retry duration
+    properties
+  * aws: s3sink,s3src,transcriber: Add property to set temporary
+    credentials
+  * aws_transcriber: expose filtering related properties
+  * aws_transcriber: Fix regression with credentials mechanism
+  * aws: Update to aws 0.17/0.47
+  * ci: Update image version
+  * ci: Update to cargo-c 0.9.11
+  * deny: Update
+  * fallbackswitch: fix gap processing regression
+  * fallbackswitch: Remove unused libc dependency/feature
+  * Fix a couple of new 1.62 clippy warnings
+  * Fix build after glib SignalBuilder::param_types() API change
+  * Fix/silence a couple new clippy warnings
+  * fmp4mux: Add debug output for each fragment's start PTS
+  * fmp4mux: Consider invalid running times as zero and before
+    anything else
+  * fmp4mux: Dequeue as many buffers as are available in each
+    aggregate call
+  * fmp4mux: Dequeue the earliest buffer from any pad first instead
+    of dequeueing up to a whole fragment from the same pad
+  * fmp4mux: Ensure that DTS (or PTS for intra-only streams) are
+    monotonically increasing
+  * fmp4mux: Fix draining if there are no GOPs for a stream
+  * fmp4mux: Fix some clippy warnings
+  * fmp4mux: Fix usage of first_sample_flags/default_sample_flags
+  * fmp4mux: Handle PTS<segment.start when requesting keyframes
+  * fmp4mux: Refactor timestamp handling for writing out data
+  * fmp4mux: Remove obsolete `#[allow(clippy::too_many_arguments)]`
+  * fmp4mux: Require parsed ONVIF timed metadata
+  * fmp4mux: Use UTC times from reference timestamp meta in ONVIF
+    mode
+  * fmp4mux: Write header as late as possible
+  * fmp4mux: Write ONVIF Export File Format CorrectStartTime box
+    for ONVIF variant
+  * fmp4mux: Write `tref` box for ONVIF timed metadata tracks to
+    reference the first video track
+  * fmp4: Update to m3u8-rs 5
+  * generic/fmp4: update Signed return type
+  * generic/fmp4: use opt_ops
+  * hlssink3: convert playlist type to an enum
+  * hlssink3: Dont reset end_list after stop is called.
+  * hlssink3: Put EXT-X-ENDLIST for vod playlist-type.
+  * hlssink3: Update to m3u8-rs 5
+  * Migrate s3src and s3sink to use AWS SDK
+  * Migrate transcriber to aws sdk
+  * net/aws: Add support for S3 HLS sink
+  * net/aws: Add support for specifying endpoint
+  * net/aws/aws_transcriber: Fix clippy warning
+  * net/aws: Clean up pending rusoto references
+  * net/rusoto: Drop rusoto crates
+  * net/rusoto: Rename to aws
+  * onvif: Add onvifmetadataparse element
+  * onvifaggregator: Add support for UNIX reference timestamp
+    metadata
+  * onvifaggregator: refactor, expect parsed metadata
+  * onvif: Disable default features for the chrono dependency
+  * onvifmetadataparse: Only define the namespace prefix once for
+    the top-level element
+  * onvifmetadataparse: use NTP epoch everywhere instead of mixing
+    UNIX/NTP epochs
+  * onvifmetadataparse: Use NTP reference timestamp meta
+  * onvifmetadata: removing encoding field
+  * onvifoverlay: render polygons when present
+  * onvif: Update to minidom 0.15
+  * plugins: Simplify code using ParamSpecBuilder
+  * raptorq: Derive `Eq` for some more structs
+  * README.md: Add various new plugins
+  * README: mention cargo update to resolve dep issues after git
+    updates
+  * Remove unnecessary `unsafe` blocks for `Buffer::as_ptr()`
+  * Rename rusoto to aws
+  * Revert "fmp4mux: Dequeue as many buffers as are available in
+    each aggregate call"
+  * roundedcorners: Ensure alpha_mem is mutable when updating
+    radius
+  * roundedcorners: Logging improvement
+  * Simplify Formatted value handling
+  * sodium: Update to no-deprecated clap 3.2 API
+  * textahead: generate a buffer with ahead text at segment start
+  * threadshare: Fix some new clippy beta warnings
+  * tracers: Add new tracer for logging the lateness of each buffer
+    when it leaves a pad
+  * tracers: Add queue levels tracer and Python script for plotting
+  * tracers: buffer_lateness: log when file is being written
+  * tracers: buffer_lateness.py: cycle colors
+  * tracers: Enable PipelineSnapshot only for unix target
+  * tracers: queue-levels: Add support for multiqueue and queue2
+  * tracers: queue-levels: Fix analysis script if only a single
+    plot should be created
+  * tracers: queue_levels: log when file is being written
+  * tracers: queue-levels: Output bytes/buffers/time graphs in
+    separate plots
+  * tracers: queue_levels.py: cycle colors
+  * transcriberbin: remove print statement
+  * ts: add test pipeline::socket_play_null_play
+  * ts/appsrc: reduce sync primitives in async hot path
+  * ts/async_wrapper: remove fd from reactor before dropping its
+    handle
+  * ts/examples: introduce a standalone pipeline test
+  * ts: migrate elements to try_next / handle_item
+  * ts: Queue & Proxy: minor cleanups
+  * ts/runtime: slight optimizations for sub tasks related
+    operations
+  * ts/scheduler: rename awake / wake_up as unpark
+  * ts/Task: return a future for state transitions
+  * ts/Task: spawn StateMachine on ts Context
+  * ts/Task: split iterate into try_next and handle_item
+  * ts/Task: wake up after the triggering event is pushed
+  * ts/tcpclientsrc: reduce sync primitives in async hot path
+  * ts/tests/pad: minor ckeanups
+  * ts/udpsink: fix default clients not leading to socket
+    configuration
+  * ts/udpsink: move sync on buffer to try_next
+  * ts/udpsink: reduce sync primitives in async hot path
+  * ts-udpsrc: align default port with C counterpart
+  * ts/udpsrc: reduce sync primitives in async hot path
+  * ts: update elements for new TransitionStatus
+  * Update per glib::SignalBuilder changes
+  * video: Use gst_video::VideoCapsBuilder in some plugins
+- Add define _lto_cflags {nil}, disable LTO for now. The port to
+  aws-sdk from rusoto causes the build to fail with LTO.
+- Bump minimum hdd in _costraints to 22G.
+- Modernize _service, use obs_scm and add cargo_audit.
+
+- Move the service to use the main git branch, explicit commit.
+- Update to version0.8.4+git20220607.b1b3930e:
+  * add snapshotting tracer
+  * Add SPDX-License-Identifier to all file headers
+  * audiofx:
+  - Update nnoiseless dependency to 0.4
+  - Update to nnnoiseless 0.5
+  * awstranscribe - increase presisigned url duration to 5 mins
+    from 60s
+  * Bump hrtf to version 0.8
+  * cargo_wrapper.py: added python3 version check for right usage
+    of shutil.move(..)
+  * cdg: update image and cdg_renderer
+  * cea608overlay: handle CLEAR status
+  * cea608tott: Don't zero-pad SRT indices but zero-pad hours to at
+    least two digits
+  * Change default branch from master to main
+  * ci:
+  - cargo test --all-features too...
+  - Fix syntax for coverage reports to the new format
+  - Generate coverage report also for crates with external
+    dependencies
+  - Rebuild image and move coverage job to the stable image
+  - Remove the david checkot after install
+  - Run tests with RUST_BACKTRACE
+  * closedcaption: Update to uuid 1.0
+  * colordetect: Update to color-thief release
+  * Correctly check for the `DISCONT` buffer flag to be set
+  * dav1ddec:
+  - Add 8/16 bit grayscale support
+  - Bump dependency for dav1d 1.0.0
+  - Clean up state tracking a bit
+  - Deal with the possibilty of 0/1 fps in latency math
+  - Don't consider decoding errors as fatal
+  - Expose a couple of decoder settings as properties
+  - Fix compilation after some API changes
+  - Move decoder init from start() to set_format()
+  - Move state to Mutex from Arc
+  - Pass element instance to debug logs
+  - Release input frames that immediately caused a decoding error
+  - Report latency based on frame delay
+  - Require correct alignment and stream format when running with
+    GStreamer 1.20
+  - Switch to dav1d 0.7
+  - Update for fixed dav1d-rs API
+  - Use `AtomicRefCell` instead of `Mutex` for the state
+  - Use sink_pad() convenience accessor
+  - Write src_query() in match syntax for easier extensibility
+  * deny:
+  - Ignore duplicated wasi dependency
+  - Remove duplicated `nom` dependency and add `env_logger`
+  - Remove now unneeded miniz_oxide override
+  - Remove num-rational override
+  - Update for removed duplicated dependencies
+  - Update for tokio-util
+  * fallbacksrc:
+  - Add fallback-{audio,video}-caps properties
+  - Changing the URI of the video fallback is supported in NULL
+    state
+  - Connect to `notify::active-pad` after requesting pads
+  - Disconnect signals on ReadyToNull
+  - Don't forward manual flush events to downstream
+  - Don't panic when shutting down the source and there are
+    source pad blocks but no actual source pads
+  - Flush source before restarting on errors
+  - Remove imagefreeze if it becomes unneeded
+  - Request the main pad first from fallbackswitch
+  - Reset state in fallbacksrc custom source also if changing the
+    state to READY before failed
+  - Unflush downstream pads of the source after shutting down
+    everything
+  * fallbackswitch:
+  - Add missing requires_private
+  - add support for buffers without pts
+  - Clip buffers against the segment
+  - Don't configure a framerate in the test
+  - Explictly set priority of pads in the test
+  - export GEnum used in properties
+  - factor out handle_main_timed_item()
+  - Fix clipping of buffers against the output running time
+  - Fix racy manual switching test
+  - Forward custom downstream events from active sinkpad
+  - Improve debug output of clock times and simplify some code
+  - Improve some debug outputs
+  - Log affected pad when scheduling buffer waiting for it
+  - Minor cleanup in get_sync_time
+  - Move active_sinkpad out of State into its own Mutex
+  - Notify active-pad without state lock held
+  - Only drop raw audio/video buffers if they're trailing
+  - Only notify active-pad property on state changes if it
+    actually changed
+  - Only update the output running time if it's increasing
+  - properly handle GAP events
+  - Recheck active_sinkpad after schedule_timeout
+  - Remove a redundant pad state unlock/lock
+  - Rename debug category from fallback-switch to fallbackswitch
+  - Replace with priorityswitch
+  - Reset timeout_clock_id on timeout
+  - Set end running time as current running time once a buffer
+    has passed
+  - Use cancel_timeout in schedule_timeout
+  * fmp4mux:
+  - adding headers when data resumes after EOS
+  - Add ONVIF variant with support for additional codecs
+  - Add support for multiple input streams
+  - Add support for ONVIF timed XML metadata
+  - Add support for writing out multiple tracks in the
+    serialization code
+  - Add test for muxing of multiple streams
+  - Add to default workspace members
+  - Check for force-keyunit events on both pads in the
+    multistream test
+  - HLS live example
+  - HLS VOD example
+  - Implement handling of GAP events
+  - Implement interleaving based on start timestamps instead of
+    accumulated durations
+  - In live pipelines use the current fragment end time as
+    timeout
+  - Port to aggregator as base class as preparation for
+    supporting multiple streams
+  - Use saturing_sub() in more places
+  - Use saturing subtraction to calculate sample durations
+  - Write sample flags in `tfhd` if there's only a single sample
+  * generic/threadshare: fix for nightly build
+  * .gitlab-ci.yml: Fix deprecated -Zinstrument-coverage switch
+  * gtk4:
+  - Attach main context receiver from the main context's thread
+  - Implement Default for PaintableSink
+  * hlssink3:
+  - Fix version
+  - `PadTemplate::name_template()` returns a `&str` now instead
+    of `Option<String>`
+  * hrtfrender: Switch back to hrtf 0.7
+  * m3u8-rs: Depend on version exactly 3.0.0
+  * mccparse/sccparse: Don't log gst::FlowError::Flushing or Eos as
+    error to the debug logs
+  * meson:
+  - Cleanup our meson integration
+  - Fix building when git isn't available
+  * net/onvif: implement ONVIF metadata processing elements
+  * onvifaggregator:
+  - always push current media buffer on timeout
+  - implement proper EOS support
+  - refactor to support duration-less media buffers
+  - Update for minor `PadTemplate` API changes
+  * rav1enc:
+  - Use `AtomicRefCell` instead of `Mutex` for the state
+  - Don't handle `NeedMoreData` as "soft" error
+  - Expose various new settings
+  - Include stream-format and alignment in the caps
+  - Put container sequence header into the caps
+  - Set mastering display info, content light level and HDR
+    related colorimetry
+  - Simplify code
+  - Support 8 bit grayscale input
+  - Switch from speed preset 5 to 6 as default
+  * README: Mention the colordetect element
+  * Re-license LGPL-2.1 plugins to MPL-2
+  * Remove now unnecessary `Send+Sync` impls for element/etc
+    subclasses
+  * Rename `self_` variables to `imp` for consistency
+  * Replace `Foo::from_instance(foo)` with `foo.imp()`
+  * reqwest: Don't unnecessarily borrow dereferenced values
+    explicitly
+  * Revert
+  - "fallbackswitch: Forward custom downstream events from active
+    sinkpad"
+  - "Revert "uriplaylistbin: disable test deadlocking""
+  - "uriplaylistbin: disable test deadlocking"
+  * rtponvifdepay: Set caps on the source pad
+  * rusoto:
+  - Add missing license file
+  - Export AwsTranscriberResultStability enum
+  - s3sink: Expose property to control all timeout/retry
+    durations
+  - s3sink: Implement timeout/retry for part uploads
+  - s3sink: Make remaining requests bounded in time
+  - s3sink, s3src: Retry on server errors
+  - s3src: Implement timeout and retries
+  - Update async-tungstenite dependency to 0.17
+  - Update to crc 3 and rusoto 0.48
+  * rustfmt.toml: Add file
+  * s3src: Consolidate stream reading into get object retries
+  * Simplify some code around event/query views
+  * spotifyaudiosrc: Update to librespot 0.4
+  * textahead: `PadTemplate::caps()` returns a caps reference now
+  * textwrap: Update for textwrap 0.15 API changes
+  * threadshare:
+  - fix build on Windows
+  - Remove glib::SendUnique usage
+  - Use `into_glib_ptr()` instead of `into_ptr()`
+  * transcriberbin:
+  - Add caption-source property
+  - Don't notify signal inside lock
+  - Fix deadlock
+  - make audioqueue leaky
+  - Protect runtime "passthrough=false" change
+  * ts/examples: add rtp mode with jitter-buffer & trace stop
+    duration
+  * ts/jitterbuffer:
+  - don't wake up immediately...
+  - set jbuf delay when instantiating it
+  * ts: log max throttling when creating Context
+  * ts/rt/Task:
+  - awake the iteration loop when it needs to be aborted
+  - use light weight executor blocking on ack or join handle
+  * tttocea608: expose roll-up timeout property
+  * tutorial/sinesrc: Use pushsrc as direct superclass in the
+    glib::wrapper macro too
+  * Update for event/message/query view API changes
+  * Update license text in the README.md
+  * Update minimum supported GStreamer version to 1.14
+  * Update minimum supported Rust version to 1.57
+  * Update README.md with all the new plugins/elements
+  * Update to gst::_log_macro_
+  * Update to m3u8-rs 4.0
+  * Update to parking_lot 0.12 and hrtf 0.8
+  * Update versions to 0.9.0
+  * uridecodebin: stop using crossbeam_channel
+  * uriplaylistbin:
+  - add Status::ShuttingDown
+  - break reference cycle
+  - disable more tests
+  - disable more tests
+  - disable test deadlocking
+  - display invalid state when panicing
+  - fix deadlock when shutting down
+  - fix number of streaming items
+  - fix race when handling topology change
+  - handle waiting items no longer being set
+  - implement Debug on State
+  - remove pad probe when shutting down
+  - remove useless uridecodebin clone
+  - replace errored with Status enum
+  - skip missing_http test
+  - Update to more-asserts 0.3
+  * Use SPDX license format in Cargo.toml
+  * videofx: Add colordetect video filter
+
+- Update to version 0.8.4:
+  * audiofx: Update nnoiseless dependency to 0.4
+  * awstranscribe: increase presisigned url duration to 5 mins from
+    60s
+  * cea608tott: Don't zero-pad SRT indices but zero-pad hours to at
+    least two digits
+  * ci: cargo test --all-features too...
+  * ci: run tests with RUST_BACKTRACE
+  * closedcaption: Update to uuid 1.0
+  * Correctly check for the `DISCONT` buffer flag to be set
+  * deny: Ignore duplicated wasi dependency
+  * fallbacksrc:
+  - Changing the URI of the video fallback is supported in NULL
+    state
+  - Disconnect signals on ReadyToNull
+  - Flush source before restarting on errors
+  * fallbackswitch:
+  - Add missing requires_private
+  - add support for buffers without pts
+  - export GEnum used in properties
+  - factor out handle_main_timed_item()
+  - properly handle GAP events
+  * generic/threadshare: fix for nightly build
+  * meson:
+  - Cleanup our meson integration
+  - Fix building when git isn't available
+  * rusoto: s3sink:
+  - Expose property to control all timeout/retry durations
+  - Implement timeout/retry for part uploads
+  - Make remaining requests bounded in time
+  - s3src: Retry on server errors
+  * rusoto: s3src: Implement timeout and retries
+  * rusoto:
+  - Update async-tungstenite dependency to 0.17
+  - Update to crc 3 and rusoto 0.48
+  * rustfmt.toml: Add file
+  * s3src: Consolidate stream reading into get object retries
+  * textwrap: Update for textwrap 0.15 API changes
+  * transcriberbin:
+  - Add caption-source property
+  - Don't notify signal inside lock
+  - Fix deadlock
+  - make audioqueue leaky
+  - Protect runtime "passthrough=false" change
+  * ts/examples: add rtp mode with jitter-buffer & trace stop
+    duration
+  * ts/jitterbuffer: don't wake up immediately...
+  * ts: log max throttling when creating Context
+  * ts/rt/Task:
+  - awake the iteration loop when it needs to be aborted
+  - use light weight executor blocking on ack or join handle
+  * Update Cargo.lock
+  * Update license text in the README.md
+  * Update to m3u8-rs 4.0
+  * uridecodebin: stop using crossbeam_channel
+  * uriplaylistbin:
+  - add Status::ShuttingDown
+  - break reference cycle
+  - disable more tests
+  - disable test deadlocking
+  - display invalid state when panicing
+  - fix deadlock when shutting down
+  - fix number of streaming items
+  - fix race when handling topology change
+  - handle waiting items no longer being set
+  - implement Debug on State
+  - remove pad probe when shutting down
+  - remove useless uridecodebin clone
+  - replace errored with Status enum
+  - skip missing_http test
+  * Use SPDX license format in Cargo.toml
+
+- Update constraints for riscv64
+
gstreamer-plugins-ugly
+- Add patch to reduce the required meson version to 0.61.0 since
+  that's what we have in SLE 15:
+  * reduce-required-meson.patch
+
+- Update to version 1.22.0:
+  + Please see changes in gstreamer main package, major version
+    bump.
+
+- Update to version 1.20.5:
+  + No changes, version bump only.
+
+- Update to version 1.20.4:
+  + tests: skip unit tests for dependency-less elements that have
+    been disabled.
+
+- Update to version 1.20.3:
+  + x264enc: fix plugin long-name and description
+
+- Update to version 1.20.2:
+  + x264enc: Don't try to fixate ANY allowed caps
+
gtranslator
+- Update to version 41.0:
+  + Allow adding comments when uploading to l10n.gnome.org.
+  + Updated translations.
+- Drop patch fixed upstream: libgda-6.patch
+
+- Add 7ac572cc8c8c37ca3826ecf0d395edd3c38e8e22.patch: Fix build
+  with meson 0.61 and newer.
+- Drop update-desktop-files BuildRequires and macro, no longer
+  needed.
+
haruna
+- update to 0.10.3:
+  * mpvitem: use loadFile() method on PlayListModel::playingItemChanged() signal
+  * only link the KIO libs that are actualy used
+  * Fix relative M3U loading
+  * HProgressBar: refactor chapters menu into a popup with a listview
+  * HProgressBar: add tooltip for 'Skip Chapter' checkbox in chapters popup
+  * playlistmodel: getSiblingItems: use percent-encoded path with QUrl
+
+- No need to BuildRequire yt-dlp/youtube-dl: this is only a
+  runtime dependency.
+
+- Update to version 0.10.2
+  Bugfixes:
+  * Fixed crash when "Maximum recent files" setting was set to
+    zero.
+
+- Update to version 0.10.1
+  Bugfixes:
+  * Fixed not auto playing next file in playlist, when current
+    file ends
+  * Fixed opened file not playing when "Auto load videos from
+    same folder" setting is disabled
+
+- Update to version 0.10.0
+  Features:
+  * Playlist: added options to open m3u files (without support
+    for extended attributes), add files and urls (only the url
+    path will be displayed, no title and no duration), sort,
+    clear and save the playlist
+  * Playlist: added context menu for the playlist items
+  * Playlist: added setting to remember playlist state
+  * Subtitles: added setting to render subtitle in black borders
+  * Video: added setting to set a default cover for music files
+  * Added command line option to override the ytdl format
+    selection setting (this option is overwritten if the GUI
+    setting is changed)
+  * Added MPRIS thumbnail
+  Bugfixes:
+  * Recent files: fixed ordering, showing duplicates, clearing
+    and adding when list is full
+  * Fixed OSD showing without text
+  * Playlist: fixed "Increase font size when fullscreen" setting
+    not working
+  * Playlist: removed rowHeight setting
+
hdf5:openmpi3
+- Fix CVE-2021-37501 - overflow in calculation of data buffer due to bogus
+  input file (bsc#1207973).
+  https://github.com/HDFGroup/hdf5/issues/2458
+  https://github.com/HDFGroup/hdf5/pull/2459
+  Check-for-overflow-when-calculating-on-disk-attribute-data-size-2459.patch
+  Remove-duplicate-code.patch
+
+- Fix CVEs:
+  * CVE-2021-46244 (bsc#1195215)
+    Compound-datatypes-may-not-have-members-of-size-0.patch
+  * CVE-2018-13867 (bsc#1101906)
+    Validate-location-offset-of-the-accumulated-metadata-when-comparing.patch
+  * CVE-2018-16438 (bsc#1107069)
+    Make-sure-info-block-for-external-links-has-at-least-3-bytes.patch
+  * CVE-2020-10812 (bsc#1167400)
+    Hot-fix-for-CVE-2020-10812.patch
+  * CVE-2021-45830 (bsc#1194375)
+    H5O_fsinfo_decode-Make-more-resilient-to-out-of-bounds-read.patch
+  * CVE-2019-8396 (bsc#1125882)
+    H5O__pline_decode-Make-more-resilient-to-out-of-bounds-read.patch
+  * CVE-2018-11205 (bsc#1093663)
+    Pass-compact-chunk-size-info-to-ensure-requested-elements-are-within-bounds.patch
+  * CVE-2021-46242 (bsc#1195212)
+    When-evicting-driver-info-block-NULL-the-corresponding-entry.patch
+  * CVE-2021-45833 (bsc#1194366)
+    Report-error-if-dimensions-of-chunked-storage-in-data-layout-2.patch
+  * CVE-2018-14031 (bsc#1101475)
+    H5O_dtype_decode_helper-Parent-of-enum-needs-to-have-same-size-as-enum-itself.patch
+  * CVE-2018-17439 (bsc#1111598)
+    H5IMget_image_info-H5Sget_simple_extent_dims-does-not-exceed-array-size.patch
+- Fix an error message:
+    Fix-error-message-not-the-name-but-the-link-information-is-parsed.patch
+
hdf5:openmpi4
+- Fix CVE-2021-37501 - overflow in calculation of data buffer due to bogus
+  input file (bsc#1207973).
+  https://github.com/HDFGroup/hdf5/issues/2458
+  https://github.com/HDFGroup/hdf5/pull/2459
+  Check-for-overflow-when-calculating-on-disk-attribute-data-size-2459.patch
+  Remove-duplicate-code.patch
+
+- Fix CVEs:
+  * CVE-2021-46244 (bsc#1195215)
+    Compound-datatypes-may-not-have-members-of-size-0.patch
+  * CVE-2018-13867 (bsc#1101906)
+    Validate-location-offset-of-the-accumulated-metadata-when-comparing.patch
+  * CVE-2018-16438 (bsc#1107069)
+    Make-sure-info-block-for-external-links-has-at-least-3-bytes.patch
+  * CVE-2020-10812 (bsc#1167400)
+    Hot-fix-for-CVE-2020-10812.patch
+  * CVE-2021-45830 (bsc#1194375)
+    H5O_fsinfo_decode-Make-more-resilient-to-out-of-bounds-read.patch
+  * CVE-2019-8396 (bsc#1125882)
+    H5O__pline_decode-Make-more-resilient-to-out-of-bounds-read.patch
+  * CVE-2018-11205 (bsc#1093663)
+    Pass-compact-chunk-size-info-to-ensure-requested-elements-are-within-bounds.patch
+  * CVE-2021-46242 (bsc#1195212)
+    When-evicting-driver-info-block-NULL-the-corresponding-entry.patch
+  * CVE-2021-45833 (bsc#1194366)
+    Report-error-if-dimensions-of-chunked-storage-in-data-layout-2.patch
+  * CVE-2018-14031 (bsc#1101475)
+    H5O_dtype_decode_helper-Parent-of-enum-needs-to-have-same-size-as-enum-itself.patch
+  * CVE-2018-17439 (bsc#1111598)
+    H5IMget_image_info-H5Sget_simple_extent_dims-does-not-exceed-array-size.patch
+- Fix an error message:
+    Fix-error-message-not-the-name-but-the-link-information-is-parsed.patch
+
heaptrack
+- Try another way to ignore the GLIBC_PRIVATE requirement
+
+- Add upstream change:
+  * 0001-Return-early-when-__libc_dlopen_mode-is-detected.patch
+- Define _filter_GLIBC_PRIVATE to fix installation on Leap
+
+- Add GCC 13 and boost 1.81 compatibility patches:
+  * 0001-Fix-build-with-gcc-13-by-including-cstdint.patch
+  * 0001-Add-missing-include.patch
+
+- Update to 1.4.0
+  * Pass client exit code in heaptrack.sh
+  * Leverage non-deprecated mallinfo2
+  * Add support for the mimalloc allocator
+  * Explicitly encode which hooks are required and which are
+    optional
+  * Make mi_* symbols truly optional by usig weak symbols for them
+  * Prevent malloc from disappearing in inlining example
+  * handle calling heaptrack_stop() without debuginfo
+  * Ensure we don't try to overwrite invalid tables
+  * Make elf_symbol_table a view of const Elf::Sym
+  * Ensure we don't read outside the string table for symbol names
+  * Silence -Wuse-after-free for realloc call
+
helvum
+- update to 0.4.0
+  - Improvements
+  - The graphview no longer renders content outside the visible area and uses
+    less CPU drawing, which should improve performance greatly.
+  - The graphview can now be zoomed. Zooming is possible via
+    two-finger-gesture, CTRL+Scrolling, and a zoom widget in the header bar.
+  - The graphview now has a fixed size, and the view is initially centered in
+    middle.
+  - Labels on nodes and ports now may use multiple lines when too long, and
+    very long labels will be ellipsized. A new tooltip is displayed when
+    hovering a label, which displays the full name and is never ellipsized.
+  - The label for a node now prefers displaying the node.description property
+    over the node.nick property of a pipewire node, which is usually more
+    human-readable and helpful, and also matches the behaviour of other tools.
+  - Fixes
+  - Helvum should build again with pipewire versions 0.3.64 and 0.3.65 due to
+    an updated pipewire dependency.
+
hledger
+- Update hledger to version 1.26.1.
+  Upstream's change log file format is strange (too much unmodified
+  text at at the top). The automatic updater cannot extract the
+  relevant additions. You can find the file at:
+  http://hackage.haskell.org/package/hledger-1.26.1/src/CHANGES.md
+
+- Update hledger to version 1.26.
+  Upstream's change log file format is strange (too much unmodified
+  text at at the top). The automatic updater cannot extract the
+  relevant additions. You can find the file at:
+  http://hackage.haskell.org/package/hledger-1.26/src/CHANGES.md
+
+- Update hledger to version 1.25.
+  Upstream's change log file format is strange (too much unmodified
+  text at at the top). The automatic updater cannot extract the
+  relevant additions. You can find the file at:
+  http://hackage.haskell.org/package/hledger-1.25/src/CHANGES.md
+
hledger-interest
+- Update hledger-interest to version 1.6.4.
+  Upstream does not provide a change log file.
+
+- Update hledger-interest to version 1.6.3 revision 2.
+  Upstream has revised the Cabal build instructions on Hackage.
+
hledger-ui
+- Update hledger-ui to version 1.26.1.
+  Upstream's change log file format is strange (too much unmodified
+  text at at the top). The automatic updater cannot extract the
+  relevant additions. You can find the file at:
+  http://hackage.haskell.org/package/hledger-ui-1.26.1/src/CHANGES.md
+
+- Update hledger-ui to version 1.26 revision 1.
+  Upstream's change log file format is strange (too much unmodified
+  text at at the top). The automatic updater cannot extract the
+  relevant additions. You can find the file at:
+  http://hackage.haskell.org/package/hledger-ui-1.26/src/CHANGES.md
+
+- Update hledger-ui to version 1.25.
+  Upstream's change log file format is strange (too much unmodified
+  text at at the top). The automatic updater cannot extract the
+  relevant additions. You can find the file at:
+  http://hackage.haskell.org/package/hledger-ui-1.25/src/CHANGES.md
+
hourglass
+- Update to 2.0.2:
+  * Fix a regression that the app don't launch if you create a
+    repeated alarm, close the app, and try to reopen it
+  * AlarmView: Organize displayed information
+- This release contains small bug fixes and improvements:
+  * Strict on sandbox permission
+  * Rounded window corners and flat titlebar
+  * NewAlarmDialog: Add placeholder text for title entry
+  * Set shorter summary text in appdata
+  * Use palette of elementary for branding color
+  * Make sure to select an alarm on removing/adding/editing it
+    and startup
+  * Clean code
+
+- Update to 2.0.0:
+  * This release comes with numerous bug fixes &amp;
+    improvements!
+- Changes in Alarm:
+  * Refresh weekday toggle activity when opening popover
+  * Notify on every 0 second
+  * Keep repeated alarms on and turn off one-time alarms after
+    ringing
+  * Now alarm date is optional; if you don't specify date of the
+    alarm, it will be notified at that time of today
+  * Remove unused "update-frequency" gsettings key
+  * Fix repeating alarms can't be disabled
+  * Explicitly set the year
+- Changes in Timer:
+  * Add Reset button
+  * Support setting purpose of a timer
+  * Lessen damages to your storage
+  * Restore started time on end
+  * Make sure to iconify always when the timer is active
+- Other changes:
+  * Fix a regression that any key input no longer accepted
+  * Lessen window width by default
+  * Fix the app exits if the window has been iconified
+  * Code refactoring
+  * Update translations
+  * Publish the app to the new AppCenter on elementary OS 6 with
+    the Flatpak manifest
+  * Respect an elementary OS-wide dark preference
+  * Now you can close the window with the shortcut key Ctrl+Q,
+    while the daemon stays running in the background
+  * Fix unreadable font size in the Alarm view
+  * Fix wrong OARS data
+  * Move the delete button in the action bar
+  * Redesign app icons (big thanks to @Fatih20)
+  * Update Brazilian Portuguese translation (by @gfavaro)
+
+- Update to 1.2.3:
+  * StopWatch: Rewrite for efficiency and visibility
+  * Add :disabled pseudo-class to the .round-button class
+  * Fix a fatal regression that timer does not stop on 00:00:00
+  * Use icons for add/remove buttons
+  * Update .desktop comment to be consistent with HIG (by
+    @aljelly)
+  * Change shortened format of weekdays (by @NathanBnm)
+  * Improve look of create/edit alarm dialog
+  * Don't reset repeat setting on closing popover
+  * Fix DBus error at the first launch
+  * Fix notification icon is not set
+  * Fix left time shows unexpected values if set time is too big
+  * Improve saving window state
+  * Add French translation (by @NathanBnm)
+  * Update Spanish translation (by @CCaroV)
+  * Add Japanese translation
+  * Add Portuguese-Portugal translation (by @rottenpants466)
+  * Various l10n and coding improvements to the project thanks to
+    @NathanBnm
+
+- Update to 1.2.1:
+  * Merge pull request #58 from ryonakano/add-meson
+  * Remove no longer used config data element
+  * Use GResource to load CSS
+  * README: Add installation instruction
+  * Tweak line breaks
+  * DRY meson project name
+  * Remove unnecessary files
+  * Remove overkilling or unnecessary configs/files
+  * Complete RDNN
+  * Revert unwanted change
+  * Tab to 4 spaces
+  * Add meson
+  * fixed the notification going off again when you open the app
+  * Merge branch 'master' of github.com:sgpthomas/hourglass
+  * fixed what happens when the app closes and there is a timer
+    running
+  * Merge pull request #45 from danrabbit/patch-1
+  * Remove "." from appdata summary
+  * Merge pull request #41 from Allen-B1/patch-1
+  * Add the Get it on AppCenter button
+  * hourglass finally knows how to keep time, closes #34
+  * Merge pull request #39 from welaq/master
+  * Added Lithuanian to .desktop
+  * Added Lithuanian comment
+  * fixed #35 by disallowing multiple windows
+- Switch to meson
+- Spec file cleanup
+
imgui
+- update to v1.89.2:
+  * Tables, Nav, Scrolling: fixed scrolling functions and focus tracking
+    with frozen rows and frozen columns. Windows now have a better
+    understanding of outer/inner decoration sizes, which should later lead
+    us toward more flexible uses of menu/status bars. (#5143, #3692)
+  * Tables, Nav: frozen columns are not part of menu layer and can be
+    crossed over. (#5143, #3692)
+  * Tables, Columns: fixed cases where empty columns may lead to empty
+    ImDrawCmd. (#4857, #5937)
+  * Tables: fixed matching width of synchronized tables (multiple tables
+    with same id) when only some instances have a vertical scrollbar and not
+    all. (#5920)
+  * Fixed cases where CTRL+Tab or Modal can occasionally lead to the
+    creation of ImDrawCmd with zero triangles, which would makes the render
+    loop of some backends assert (e.g. Metal with debugging, Allegro).
+    (#4857, #5937)
+  * Inputs, IO: reworked ImGuiMod_Shortcut to redirect to Ctrl/Super at
+    runtime instead of compile-time, being consistent with our support for
+    io.ConfigMacOSXBehaviors and making it easier for bindings generators to
+    process that value. (#5923, #456)
+  * Inputs, Scrolling: better selection of scrolling window when hovering
+    nested windows and when backend/OS is emitting dual-axis wheeling inputs
+    (typically touch pads on macOS). We now select a primary axis based on
+    recent events, and select a target window based on it. We expect this
+    behavior to be further improved/tweaked. (#3795, #4559) [@ocornut,
+    @folays]
+  * InputText: fixed cursor navigation when pressing Up Arrow on the last
+    character of a multi-line buffer which doesn't end with a carriage
+    return. (#6000)
+  * Text: fixed layouting of wrapped-text block when the last source line is
+    above the clipping region. Regression added in 1.89. (#5720, #5919)
+  * Misc: added GetItemID() in public API. It is not often expected that you
+    would use this, but it is useful for Shortcut() and upcoming owner-aware
+    input functions which wants to be implemented with public API.
+  * Fonts: imgui_freetype: fixed a packing issue which in some occurrences
+    would prevent large amount of glyphs from being packed correctly.
+    (#5788, #5829)
+  * Fonts: added a void* UserData field in ImFontAtlas, as a convenience for
+    use by applications using multiple font atlases.
+  * Demo: simplified "Inputs" section, moved contents to Metrics->Inputs.
+  * Debug Tools: Metrics: added "Inputs" section, moved from Demo for
+    consistency.
+  * Misc: fixed parameters to IMGUI_DEBUG_LOG() not being dead-stripped when
+    building with IMGUI_DISABLE_DEBUG_TOOLS is used. (#5901) [@Teselka]
+  * Misc: fixed compile-time detection of SSE features on MSVC 32-bits
+    builds. (#5943) [@TheMostDiligent]
+  * Examples: DirectX10, DirectX11: try WARP software driver if hardware
+    driver is not available. (#5924, #5562)
+  * Backends: GLFW: Fixed mods state on Linux when using Alt-GR text input
+    (e.g. German keyboard layout), which could lead to broken text input.
+    Revert a 2022/01/17 change were we resumed using mods provided by GLFW,
+    turns out they are faulty in this specific situation. (#6034)
+  * Backends: Allegro5: restoring using al_draw_indexed_prim() when Allegro
+    version is >= 5.2.5. (#5937) [@Espyo]
+  * Backends: Vulkan: Fixed sampler passed to ImGui_ImplVulkan_AddTexture()
+    not being honored as we were using an immutable sampler. (#5502, #6001,
+    [#914]) [@martin-ejdestig, @rytisss]
+
influxdb
+- Replace pwdutils with shadow (pwdutils was dropped ages ago)
+- Don't require systemd, it's only optional
+
java-1_8_0-openjdk
-- Update to version jdk8u362 (icedtea-3.26.0)
-  * January 2023 CPU
-  * CVEs
-    + CVE-2023-21830, bsc#1207249
-    + CVE-2023-21843, bsc#1207248
-  * Security fixes
-    + JDK-8285021: Improve CORBA communication
-    + JDK-8286496: Improve Thread labels
-    + JDK-8288516: Enhance font creation
-    + JDK-8289350: Better media supports
-    + JDK-8293554: Enhanced DH Key Exchanges
-    + JDK-8293598: Enhance InetAddress address handling
-    + JDK-8293717: Objective view of ObjectView
-    + JDK-8293734: Improve BMP image handling
-    + JDK-8293742: Better Banking of Sounds
-    + JDK-8295687: Better BMP bounds
-  * New features
-    + Support for building with autoconf 2.71
-  * Import of OpenJDK 8 u362 build 09
-    + JDK-6885993: Named Thread: introduce print() and
-    print_on(outputStream* st) methods
-    + JDK-7124218: [TEST_BUG] [macosx] Space should select cell in
-    the JTable
-    + JDK-8054066: com/sun/jdi/DoubleAgentTest.java fails with
-    timeout
-    + JDK-8067941: [TESTBUG] Fix tests for OS with 64K page size.
-    + JDK-8071530: Update OS detection code to reflect Windows 10
-    version change
-    + JDK-8073464: GC workers do not have thread names
-    + JDK-8079255: [TEST_BUG] [macosx] Test closed/java/awt/Robot/
-    /RobotWheelTest/RobotWheelTest fails for Mac only
-    + JDK-8129827: [TEST_BUG] Test java/awt/Robot/RobotWheelTest/
-    /RobotWheelTest.java fails
-    + JDK-8148005: One byte may be corrupted by
-    get_datetime_string()
-    + JDK-8159599: [TEST_BUG] java/awt/Modal/ModalInternalFrameTest/
-    /ModalInternalFrameTest.java
-    + JDK-8159720: Failure of C2 compilation with tiered prevents
-    some C1 compilations
-    + JDK-8197859: VS2017 Complains about UINTPTR_MAX definition in
-    globalDefinitions_VisCPP.hpp
-    + JDK-8206456: [TESTBUG] docker jtreg tests fail on systems
-    without cpuset.effective_cpus / cpuset.effective_mems
-    + JDK-8221529: [TESTBUG] Docker tests use old/deprecated image
-    on AArch64
-    + JDK-8224506: [TESTBUG] TestDockerMemoryMetrics.java fails
-    with exitValue = 137
-    + JDK-8233551: [TESTBUG] SelectEditTableCell.java fails on MacOS
-    + JDK-8241086: Test runtime/NMT/HugeArenaTracking.java is
-    failing on 32bit Windows
-    + JDK-8253702: BigSur version number reported as 10.16, should
-    be 11.nn
-    + JDK-8255559: Leak File Descriptors Because of
-    ResolverLocalFilesystem#engineResolveURI()
-    + JDK-8265527: tools/javac/diags/CheckExamples.java fails after
-    JDK-8078024 8u backport
-    + JDK-8269039: Disable SHA-1 Signed JARs
-    + JDK-8269850: Most JDK releases report macOS version 12 as
-    10.16 instead of 12.0
-    + JDK-8270344: Session resumption errors
-    + JDK-8271459: C2: Missing NegativeArraySizeException when
-    creating StringBuilder with negative capacity
-    + JDK-8273176: handle latest VS2019 in abstract_vm_version
-    + JDK-8274563: jfr/event/oldobject/TestClassLoaderLeak.java
-    fails when GC cycles are not happening
-    + JDK-8274840: Update OS detection code to recognize Windows 11
-    + JDK-8275887: jarsigner prints invalid digest/signature
-    algorithm warnings if keysize is weak/disabled
-    + JDK-8280890: Cannot use '-Djava.system.class.loader' with
-    class loader in signed JAR
-    + JDK-8283277: ISO 4217 Amendment 171 Update
-    + JDK-8283903: GetContainerCpuLoad does not return the correct
-    result in share mode
-    + JDK-8284389: Improve stability of GHA Pre-submit testing by
-    caching cygwin installer
-    + JDK-8284622: Update versions of some Github Actions used in
-    JDK workflow
-    + JDK-8286582: Build fails on macos aarch64 when using
-  - -with-zlib=bundled
-    + JDK-8288928: Incorrect GPL header in pnglibconf.h (backport
-    of JDK-8185041)
-    + JDK-8289549: ISO 4217 Amendment 172 Update
-    + JDK-8292762: Remove .jcheck directories from jdk8u
-    subcomponents
-    + JDK-8293181: Bump update version of OpenJDK: 8u362
-    + JDK-8293461: Add a test for JDK-8290832
-    + JDK-8293828: JFR: jfr/event/oldobject/TestClassLoaderLeak.java
-    still fails when GC cycles are not happening
-    + JDK-8294307: ISO 4217 Amendment 173 Update
-    + JDK-8294357: (tz) Update Timezone Data to 2022d
-    + JDK-8294863: Enable partial tier1 testing in GHA for JDK8
-    + JDK-8295164: JDK 8 jdi tests should not use tasklist command
-    on Windows
-    + JDK-8295173: (tz) Update Timezone Data to 2022e
-    + JDK-8295288: Some vm_flags tests associate with a wrong BugID
-    + JDK-8295714: GHA ::set-output is deprecated and will be
-    removed
-    + JDK-8295723: security/infra/wycheproof/RunWycheproof.java
-    fails with Assertion Error
-    + JDK-8295915: Problemlist compiler/rtm failures specific to 8u
-    + JDK-8295950: Enable langtools/tier1 in GHA for 8u
-    + JDK-8296108: (tz) Update Timezone Data to 2022f
-    + JDK-8296239: ISO 4217 Amendment 174 Update
-    + JDK-8296555: Enable hotspot/tier1 for 64-bit builds in GHA
-    for 8u
-    + JDK-8296715: CLDR v42 update for tzdata 2022f
-    + JDK-8296959: Fix hotspot shell tests of 8u on multilib systems
-    + JDK-8297141: Fix hotspot/test/runtime/SharedArchiveFile/
-    /DefaultUseWithClient.java for 8u
-    + JDK-8297804: (tz) Update Timezone Data to 2022g
-    + JDK-8299439: java/text/Format/NumberFormat/CurrencyFormat.java
-    fails for hr_HR
-    + JDK-8299483: ProblemList java/text/Format/NumberFormat/
-    /CurrencyFormat.java
-    + JDK-8300178: JDK-8286496 causes build failure on older GCC
-    + JDK-8300225: JDK-8288516 causes build failure on Windows +
-    VS2010
-  * Bug fixes
-    + Don't run check-aes on Zero builds (pointless and slow)
-- Removed patch:
-  * java-1_8_0-openjdk-autoconf27.patch
-    + fixed upstream
-
kdump
+- revert back to using rd.neednet=1 to enable network (bsc#1206015)
+- kdumptool calibrate: add even more margin to reservation
+  calculations (bsc#1207061)
+- run kdump.service only after kdump-early.service (bsc#1196335)
+- don't skip infiniband interfaces (bsc#1186745)
+  (not a complete fix, requires a patch in dracut as well)
+
kernel-64kb
+- powerpc/64s: Make POWER10 and later use pause_short in cpu_relax
+  loops (bsc#1208376 ltc#201076).
+- powerpc: add ISA v3.0 / v3.1 wait opcode macro (bsc#1208376
+  ltc#201076).
+- commit 2a06230
+
+- ibmvnic: Assign XPS map to correct queue index (bsc#1208757
+  ltc#201720 jsc#PED-2322 git-fixes).
+- commit be76316
+
+- Update
+  patches.suse/usb-dwc3-dwc3-qcom-Add-missing-platform_device_put-i.patch
+  (bsc#1208741 CVE-2023-22995).
+  Added CVE reference for fix already present
+- commit 80a158a
+
+- loop: fix ioctl calls using compat_loop_info (bsc#1207333).
+- commit 11a60da
+
+- Add missing s390 vfio patch hunk (bsc#1208565 ltc#201535).
+- Refresh patches.suse/vfio-simplify-iommu-group-allocation-for-mediated-devices.
+- Refresh patches.suse/s390-vfio-ap-prepare-for-dynamic-update-of-guest-s-APCB-on-queue.
+- Refresh patches.suse/s390-vfio-ap-rename-matrix_dev-lock-mutex-to-matrix_dev-mdevs_lo.
+- commit 43ce0be
+
+- Update kabi files.
+  Based on PublicBeta-202302 ISO, kernel 5.14.21-150500.40.1
+- commit 2b36ed6
+
+- Update
+  patches.suse/usb-rndis_host-Secure-rndis_query-check-against-int-.patch
+  (CVE-2023-23559 bsc#1207051).
+  Added CVE reference to existing fix
+- commit af8ad62
+
+- Update kabi files.
+  Add arm64 64kb flavor, based on daily build 5.14.21-150500.9.1.g9b76281.aarch64.rpm
+- commit 2a6f1f8
+
+- Fix page corruption caused by racy check in __free_pages
+  (bsc#1208149).
+- commit 4cd4141
+
+- ipmi:ssif: Add a timer between request retries (bsc#1206459).
+- ipmi:ssif: Remove rtc_us_timer (bsc#1206459).
+- ipmi_ssif: Rename idle state and check (bsc#1206459).
+- ipmi:ssif: resend_msg() cannot fail (bsc#1206459).
+- commit b0ebf1b
+
+- Delete
+  patches.suse/ipmi-ssif-Add-60ms-time-internal-between-write-retri.patch.
+- commit 8704cd7
+
+- drm/i915/dg2: Drop force_probe requirement (bsc#1208203
+  jsc#PED-1218).
+- commit 4a027ed
+
+- module: Don't wait for GOING modules (bsc#1196058, bsc#1186449,
+  bsc#1204356, bsc#1204662).
+- commit 4544b7b
+
kernel-azure
+- Update kabi files.
+  Add arm64 64kb flavor, based on daily build 5.14.21-150500.9.1.g9b76281.aarch64.rpm
+- commit 2a6f1f8
+
+- Fix page corruption caused by racy check in __free_pages
+  (bsc#1208149).
+- commit 4cd4141
+
+- ipmi:ssif: Add a timer between request retries (bsc#1206459).
+- ipmi:ssif: Remove rtc_us_timer (bsc#1206459).
+- ipmi_ssif: Rename idle state and check (bsc#1206459).
+- ipmi:ssif: resend_msg() cannot fail (bsc#1206459).
+- commit b0ebf1b
+
+- Delete
+  patches.suse/ipmi-ssif-Add-60ms-time-internal-between-write-retri.patch.
+- commit 8704cd7
+
+- drm/i915/dg2: Drop force_probe requirement (bsc#1208203
+  jsc#PED-1218).
+- commit 4a027ed
+
+- module: Don't wait for GOING modules (bsc#1196058, bsc#1186449,
+  bsc#1204356, bsc#1204662).
+- commit 4544b7b
+
+- aquantia: Do not purge addresses when setting the number of
+  rings (jsc#PED-1530).
+- commit 39a03b2
+
+- net: atlantic: macsec: clear encryption keys from the stack
+  (jsc#PED-1530).
+- commit 643f719
+
+- atlantic: fix deadlock at aq_nic_stop (jsc#PED-1530).
+- commit 4a9a64f
+
+- net: atlantic: fix potential memory leak in aq_ndev_close()
+  (jsc#PED-1530).
+- commit 719db2f
+
+- net: atlantic: remove aq_nic_deinit() when resume
+  (jsc#PED-1530).
+- commit ff2f581
+
+- net: atlantic: remove deep parameter on suspend/resume functions
+  (jsc#PED-1530).
+- commit 9e96b4d
+
+- net: atlantic:fix repeated words in comments (jsc#PED-1530).
+- commit d6d4ffb
+
+- net: atlantic: verify hw_head_ lies within TX buffer ring
+  (jsc#PED-1530).
+- commit 7059ede
+
+- net: atlantic: add check for MAX_SKB_FRAGS (jsc#PED-1530).
+- commit e719b81
+
+- net: atlantic: reduce scope of is_rsc_complete (jsc#PED-1530).
+- commit b04c254
+
+- net: atlantic: fix "frag[0] not initialized" (jsc#PED-1530).
+- commit 0263576
+
+- Update
+  patches.suse/net-sched-cbq-dont-intepret-cls-results-when-asked-t.patch
+  (bsc#1207361 bsc#1207036 CVE-2023-23454).
+- commit 521fdca
+
+- Update
+  patches.suse/net-sched-atm-dont-intepret-cls-results-when-asked-t.patch
+  (bsc#1207361 bc#1207125 CVE-2023-23455).
+- commit c8b6243
+
+- io_uring/poll: fix poll_refs race with cancelation (bsc#1207511
+  CVE-2023-0468).
+- io_uring: make poll refs more robust (bsc#1207511
+  CVE-2023-0468).
+- io_uring: cmpxchg for poll arm refs release (bsc#1207511
+  CVE-2023-0468).
+- io_uring: fix tw losing poll events (bsc#1207511 CVE-2023-0468).
+- io_uring: update res mask in io_poll_check_events (bsc#1207511
+  CVE-2023-0468).
+- commit 4fe9bfe
+
+- io_uring: pass in EPOLL_URING_WAKE for eventfd signaling and
+  wakeups (bsc#1207100).
+- eventfd: provide a eventfd_signal_mask() helper (bsc#1207100).
+- eventpoll: add EPOLL_URING_WAKE poll wakeup flag (bsc#1207100).
+- commit 9e5a117
+
+- fbdev: Fix invalid page access after closing deferred I/O
+  devices (bsc#1207284).
+- commit 6a8d940
+
+- ipmi:ssif: Add 60ms time internal between write retries
+  (bsc#1206459).
+- ipmi:ssif: Increase the message retry time (bsc#1206459).
+- commit 14626c0
+
+- ibmvnic: Toggle between queue types in affinity mapping
+  (jsc#PED-2322).
+- commit 03b696f
+
+- Update config files.
+  New config option CONFIG_CACHEFILES_ONDEMAND.
+- commit ef23649
+
+- fs: change test in inode_insert5 for adding to the sb list
+  (jsc#SES-1880).
+- commit 6570d82
+
+- fscache: Fix oops due to race with cookie_lru and use_cookie
+  (jsc#SES-1880).
+- fscache: fix OOB Read in __fscache_acquire_volume
+  (jsc#SES-1880).
+- ceph: fix NULL pointer dereference for req->r_session
+  (jsc#SES-1880).
+- ceph: fix a NULL vs IS_ERR() check when calling
+  ceph_lookup_inode() (jsc#SES-1880).
+- ceph: fix incorrectly showing the .snap size for stat
+  (jsc#SES-1880).
+- ceph: fail the open_by_handle_at() if the dentry is being
+  unlinked (jsc#SES-1880).
+- ceph: increment i_version when doing a setattr with caps
+  (jsc#SES-1880).
+- ceph: Use kcalloc for allocating multiple elements
+  (jsc#SES-1880).
+- ceph: no need to wait for transition RDCACHE|RD -> RD
+  (jsc#SES-1880).
+- ceph: fail the request if the peer MDS doesn't support getvxattr
+  op (jsc#SES-1880).
+- ceph: wake up the waiters if any new caps comes (jsc#SES-1880).
+- libceph: drop last_piece flag from ceph_msg_data_cursor
+  (jsc#SES-1880).
+- fscrypt: add fscrypt_context_for_new_inode (jsc#SES-1880).
+- fscrypt: export fscrypt_fname_encrypt and
+  fscrypt_fname_encrypted_size (jsc#SES-1880).
+- commit 941f30a
+
+- blacklist: remove ceph commits from the list
+  aa1d627207ca ("ceph: Use kcalloc for allocating multiple elements")
+  5bd76b8de5b7 ("ceph: fix NULL pointer dereference for req->r_session")
+- commit 54964bf
+
+- x86/hyperv: Add constant HV_ISOLATION_TYPE_TDX (related to bug 1206453 and PED-3247).
+- commit a452b5e
+
+- cachefiles: make on-demand request distribution fairer
+  (jsc#SES-1880).
+- cachefiles: fix error return code in cachefiles_ondemand_copen()
+  (jsc#SES-1880).
+- fscache: fix misdocumented parameter (jsc#SES-1880).
+- libceph: clean up ceph_osdc_start_request prototype
+  (jsc#SES-1880).
+- libceph: fix ceph_pagelist_reserve() comment typo
+  (jsc#SES-1880).
+- ceph: remove useless check for the folio (jsc#SES-1880).
+- ceph: make f_bsize always equal to f_frsize (jsc#SES-1880).
+- ceph: flush the dirty caps immediatelly when quota is
+  approaching (jsc#SES-1880).
+- libceph: print fsid and epoch with osd id (jsc#SES-1880).
+- libceph: check pointer before assigned to "c->rules"
+  (jsc#SES-1880).
+- ceph: don't get the inline data for new creating files
+  (jsc#SES-1880).
+- ceph: update the auth cap when the async create req is forwarded
+  (jsc#SES-1880).
+- ceph: make change_auth_cap_ses a global symbol (jsc#SES-1880).
+- ceph: fix incorrect old_size length in ceph_mds_request_args
+  (jsc#SES-1880).
+- ceph: call netfs_subreq_terminated with was_async == false
+  (jsc#SES-1880).
+- ceph: convert to generic_file_llseek (jsc#SES-1880).
+- ceph: fix the incorrect comment for the ceph_mds_caps struct
+  (jsc#SES-1880).
+- ceph: prevent a client from exceeding the MDS maximum xattr size
+  (jsc#SES-1880).
+- ceph: choose auth MDS for getxattr with the Xs caps
+  (jsc#SES-1880).
+- ceph: add session already open notify support (jsc#SES-1880).
+- commit f01bb22
+
+- ceph: wait for the first reply of inflight async unlink
+  (jsc#SES-1880).
+- Refresh
+  patches.suse/ceph-don-t-truncate-file-in-atomic_open.patch.
+- commit 6774969
+
+- fs/dcache: export d_same_name() helper (jsc#SES-1880).
+- ceph: remove useless CEPHFS_FEATURES_CLIENT_REQUIRED
+  (jsc#SES-1880).
+- fscache: add tracepoint when failing cookie (jsc#SES-1880).
+- fscache: don't leak cookie access refs if invalidation is in
+  progress or failed (jsc#SES-1880).
+- docs: filesystems: update netfs-api.rst reference
+  (jsc#SES-1880).
+- commit d147e79
+
+- fscrypt: add new helper functions for test_dummy_encryption
+  (jsc#SES-1880).
+- fscrypt: factor out fscrypt_policy_to_key_spec() (jsc#SES-1880).
+- commit 5ea3f64
+
+- netfs: do not unlock and put the folio twice (jsc#SES-1880).
+- fscache: Fix invalidation/lookup race (jsc#SES-1880).
+- cachefiles: narrow the scope of flushed requests when releasing
+  fd (jsc#SES-1880).
+- fscache: Introduce fscache_cookie_is_dropped() (jsc#SES-1880).
+- fscache: Fix if condition in fscache_wait_on_volume_collision()
+  (jsc#SES-1880).
+- ceph: wait on async create before checking caps for syncfs
+  (jsc#SES-1880).
+- 9p: fix EBADF errors in cached mode (jsc#SES-1880).
+- netfs: Rename the netfs_io_request cleanup op and give it an
+  op pointer (jsc#SES-1880).
+- ceph: fix decoding of client session messages flags
+  (jsc#SES-1880).
+- ceph: switch TASK_INTERRUPTIBLE to TASK_KILLABLE (jsc#SES-1880).
+- ceph: remove redundant variable ino (jsc#SES-1880).
+- ceph: try to queue a writeback if revoking fails (jsc#SES-1880).
+- ceph: fix statfs for subdir mounts (jsc#SES-1880).
+- ceph: fix possible deadlock when holding Fwb to get inline_data
+  (jsc#SES-1880).
+- ceph: redirty the page for writepage on failure (jsc#SES-1880).
+- ceph: try to choose the auth MDS if possible for getattr
+  (jsc#SES-1880).
+- ceph: disable updating the atime since cephfs won't maintain it
+  (jsc#SES-1880).
+- ceph: flush the mdlog for filesystem sync (jsc#SES-1880).
+- ceph: rename unsafe_request_wait() (jsc#SES-1880).
+- libceph: use swap() macro instead of taking tmp variable
+  (jsc#SES-1880).
+- ceph: fix statx AT_STATX_DONT_SYNC vs AT_STATX_FORCE_SYNC check
+  (jsc#SES-1880).
+- ceph: no need to invalidate the fscache twice (jsc#SES-1880).
+- ceph: replace usage of found with dedicated list iterator
+  variable (jsc#SES-1880).
+- ceph: use dedicated list iterator variable (jsc#SES-1880).
+- ceph: update the dlease for the hashed dentry when removing
+  (jsc#SES-1880).
+- ceph: stop retrying the request when exceeding 256 times
+  (jsc#SES-1880).
+- ceph: stop forwarding the request when exceeding 256 times
+  (jsc#SES-1880).
+- ceph: remove unused CEPH_MDS_LEASE_RELEASE related code
+  (jsc#SES-1880).
+- cachefiles: add tracepoints for on-demand read mode
+  (jsc#SES-1880).
+- cachefiles: enable on-demand read mode (jsc#SES-1880).
+- cachefiles: implement on-demand read (jsc#SES-1880).
+- cachefiles: notify the user daemon when withdrawing cookie
+  (jsc#SES-1880).
+- cachefiles: unbind cachefiles gracefully in on-demand mode
+  (jsc#SES-1880).
+- cachefiles: notify the user daemon when looking up cookie
+  (jsc#SES-1880).
+- cachefiles: extract write routine (jsc#SES-1880).
+- netfs: Eliminate Clang randstruct warning (jsc#SES-1880).
+- commit ce95c8d
+
+- blacklist: removed 1b2ba3c5616e ("ceph: flush the mdlog for filesystem sync")
+- commit 559d59c
+
+- libceph: fix misleading ceph_osdc_cancel_request() comment
+  (jsc#SES-1880).
+- ceph: fix possible NULL pointer dereference for req->r_session
+  (jsc#SES-1880).
+- ceph: remove incorrect session state check (jsc#SES-1880).
+- ceph: get snap_rwsem read lock in handle_cap_export for
+  ceph_add_cap (jsc#SES-1880).
+- libceph: disambiguate cluster/pool full log message
+  (jsc#SES-1880).
+- fscache: remove FSCACHE_OLD_API Kconfig option (jsc#SES-1880).
+- fscache: Use wrapper fscache_set_cache_state() directly when
+  relinquishing (jsc#SES-1880).
+- fscache: Move fscache_cookies_seq_ops specific code under
+  CONFIG_PROC_FS (jsc#SES-1880).
+- fscache: Remove the cookie parameter from
+  fscache_clear_page_bits() (jsc#SES-1880).
+- cachefiles: Fix KASAN slab-out-of-bounds in
+  cachefiles_set_volume_xattr (jsc#SES-1880).
+- cachefiles: unmark inode in use in error path (jsc#SES-1880).
+- netfs: Keep track of the actual remote file size (jsc#SES-1880).
+- netfs: Split some core bits out into their own file
+  (jsc#SES-1880).
+- netfs: Split fs/netfs/read_helper.c (jsc#SES-1880).
+- netfs: Rename read_helper.c to io.c (jsc#SES-1880).
+- netfs: Prepare to split read_helper.c (jsc#SES-1880).
+- netfs: Add a function to consolidate beginning a read
+  (jsc#SES-1880).
+- commit 759f021
+
+- blacklist: removed 7acae6183cf3 ("ceph: fix possible NULL pointer dereference for req->r_session")
+- commit 91f76f5
+
+- netfs: Add a netfs inode context (jsc#SES-1880).
+- Refresh
+  patches.suse/cifs-fix-potential-deadlock-in-direct-reclaim.patch.
+- commit fa3a76d
+
+- ceph: Make ceph_init_request() check caps on readahead
+  (jsc#SES-1880).
+- netfs: Change ->init_request() to return an error code
+  (jsc#SES-1880).
+- netfs: Refactor arguments for netfs_alloc_read_request
+  (jsc#SES-1880).
+- netfs: Adjust the netfs_failure tracepoint to indicate
+  non-subreq lines (jsc#SES-1880).
+- netfs: Trace refcounting on the netfs_io_subrequest struct
+  (jsc#SES-1880).
+- netfs: Trace refcounting on the netfs_io_request struct
+  (jsc#SES-1880).
+- netfs: Adjust the netfs_rreq tracepoint slightly (jsc#SES-1880).
+- netfs: Split netfs_io_* object handling out (jsc#SES-1880).
+- netfs: Finish off rename of netfs_read_request to
+  netfs_io_request (jsc#SES-1880).
+- netfs: Rename netfs_read_*request to netfs_io_*request
+  (jsc#SES-1880).
+- netfs: Generate enums from trace symbol mapping lists
+  (jsc#SES-1880).
+- fscache: export fscache_end_operation() (jsc#SES-1880).
+- afs: Sort out symlink reading (jsc#SES-1880).
+- commit f1d9e86
+
+- ceph: uninitialized variable in debug output (jsc#SES-1880).
+- ceph: use tracked average r/w/m latencies to display metrics
+  in debugfs (jsc#SES-1880).
+- ceph: include average/stdev r/w/m latency in mds metrics
+  (jsc#SES-1880).
+- ceph: track average r/w/m latency (jsc#SES-1880).
+- ceph: use ktime_to_timespec64() rather than
+  jiffies_to_timespec64() (jsc#SES-1880).
+- ceph: assign the ci only when the inode isn't NULL
+  (jsc#SES-1880).
+- commit 7f5eb5f
+
+- ceph: misc fix for code style and logs (jsc#SES-1880).
+- Refresh
+  patches.suse/ceph-avoid-putting-the-realm-twice-when-decoding-snaps-fails.patch.
+- commit 915976e
+
+- ceph: allocate capsnap memory outside of ceph_queue_cap_snap()
+  (jsc#SES-1880).
+- ceph: do not release the global snaprealm until unmounting
+  (jsc#SES-1880).
+- ceph: remove incorrect and unused CEPH_INO_DOTDOT macro
+  (jsc#SES-1880).
+- ceph: eliminate the recursion when rebuilding the snap context
+  (jsc#SES-1880).
+- ceph: zero the dir_entries memory when allocating it
+  (jsc#SES-1880).
+- ceph: move to a dedicated slabcache for ceph_cap_snap
+  (jsc#SES-1880).
+- ceph: add getvxattr op (jsc#SES-1880).
+- libceph: drop else branches in prepare_read_data{,_cont}
+  (jsc#SES-1880).
+- ceph: fix comments mentioning i_mutex (jsc#SES-1880).
+- ceph: fail the request directly if handle_reply gets an ESTALE
+  (jsc#SES-1880).
+- ceph: wake waiters after failed async create (jsc#SES-1880).
+- ceph: wait for async create reply before sending any cap
+  messages (jsc#SES-1880).
+- ceph: eliminate req->r_wait_for_completion from ceph_mds_request
+  (jsc#SES-1880).
+- ceph: uninline the data on a file opened for writing
+  (jsc#SES-1880).
+- ceph: make ceph_netfs_issue_op() handle inlined data
+  (jsc#SES-1880).
+- commit 4f1bb1d
+
+- cifs: Fix the readahead conversion to manage the batch when
+  reading from cache (jsc#SES-1880).
+- cifs: Implement cache I/O by accessing the cache directly
+  (jsc#SES-1880).
+- commit aeedd18
+
+- cifs: Transition from ->readpages() to ->readahead()
+  (jsc#SES-1880).
+- Refresh patches.suse/Adjust-cifssb-maximum-read-size.patch.
+- commit 9ab1e02
+
+- Update config files.
+  New config option CONFIG_CACHEFILES_ERROR_INJECTION.
+- commit c7f3506
+
+- cifs: Support fscache indexing rewrite (jsc#SES-1880).
+- Refresh
+  patches.suse/cifs-Add-constructor-destructors-for-tcon-cfid.patch.
+- Refresh
+  patches.suse/cifs-Make-tcon-contain-a-wrapper-structure-cached_fids-instead-of-c.patch.
+- Refresh
+  patches.suse/cifs-Move-cached-dir-functions-into-a-separate-file.patch.
+- Refresh
+  patches.suse/cifs-remove-cifs_-prefix-from-init-destroy-mids-functions.patch.
+- Refresh
+  patches.suse/cifs-replace-kfree-with-kfree_sensitive-for-sensitive-data.patch.
+- Refresh
+  patches.suse/cifs-split-out-ses-and-tcon-retrieval-from-mount_get_conns-.patch.
+- Refresh
+  patches.suse/cifs-when-insecure-legacy-is-disabled-shrink-amount-of-SMB1-code.patch.
+- Refresh patches.suse/cifs-writeback-fix.patch.
+- Refresh
+  patches.suse/smb3-add-dynamic-trace-points-for-tree-disconnect.patch.
+- commit aba9248
+
+- cachefiles: Fix volume coherency attribute (jsc#SES-1880).
+- cachefiles: Fix incorrect length to fallocate() (jsc#SES-1880).
+- libceph: optionally use bounce buffer on recv path in crc mode
+  (jsc#SES-1880).
+- libceph: make recv path in secure mode work the same as send
+  path (jsc#SES-1880).
+- netfs, cachefiles: Add a method to query presence of data in
+  the cache (jsc#SES-1880).
+- ceph: put the requests/sessions when it fails to alloc memory
+  (jsc#SES-1880).
+- netfs: Make ops->init_rreq() optional (jsc#SES-1880).
+- fscache: Add a comment explaining how page-release optimisation
+  works (jsc#SES-1880).
+- cachefiles: Check that the backing filesystem supports tmpfiles
+  (jsc#SES-1880).
+- cachefiles: Explain checks in a comment (jsc#SES-1880).
+- cachefiles: Trace active-mark failure (jsc#SES-1880).
+- cachefiles: Make some tracepoint adjustments (jsc#SES-1880).
+- cachefiles: set default tag name if it's unspecified
+  (jsc#SES-1880).
+- cachefiles: Calculate the blockshift in terms of bytes, not
+  pages (jsc#SES-1880).
+- fscache: Fix the volume collision wait condition (jsc#SES-1880).
+- ceph: move CEPH_SUPER_MAGIC definition to magic.h
+  (jsc#SES-1880).
+- ceph: remove redundant Lsx caps check (jsc#SES-1880).
+- ceph: add new "nopagecache" option (jsc#SES-1880).
+- ceph: don't check for quotas on MDS stray dirs (jsc#SES-1880).
+- ceph: drop send metrics debug message (jsc#SES-1880).
+- rbd: make const pointer spaces a static const array
+  (jsc#SES-1880).
+- ceph: Fix incorrect statfs report for small quota
+  (jsc#SES-1880).
+- ceph: mount syntax module parameter (jsc#SES-1880).
+- ceph: record updated mon_addr on remount (jsc#SES-1880).
+- ceph: new device mount syntax (jsc#SES-1880).
+- libceph: rename parse_fsid() to ceph_parse_fsid() and export
+  (jsc#SES-1880).
+- libceph: generalize addr/ip parsing based on delimiter
+  (jsc#SES-1880).
+- 9p: fix enodata when reading growing file (jsc#SES-1880).
+- 9p, afs, ceph, nfs: Use current_is_kswapd() rather than
+  gfpflags_allow_blocking() (jsc#SES-1880).
+- fscache: Add a tracepoint for cookie use/unuse (jsc#SES-1880).
+- ceph: add fscache writeback support (jsc#SES-1880).
+- ceph: conversion to new fscache API (jsc#SES-1880).
+- nfs: Implement cache I/O by accessing the cache directly
+  (jsc#SES-1880).
+- commit 74173ff
+
+- blacklist: drop ceph commit
+- commit ba2e082
+
+- nfs: Convert to new fscache volume/cookie API (jsc#SES-1880).
+- Refresh
+  patches.suse/0001-NFS-flush-out-dirty-data-on-file-fput.patch.
+- commit afbd263
+
+- 9p: Copy local writes to the cache when writing to the server
+  (jsc#SES-1880).
+- commit 505ae37
+
+- 9p: Use fscache indexing rewrite and reenable caching
+  (jsc#SES-1880).
+- afs: Skip truncation on the server of data we haven't written
+  yet (jsc#SES-1880).
+- afs: Copy local writes to the cache when writing to the server
+  (jsc#SES-1880).
+- afs: Convert afs to use the new fscache API (jsc#SES-1880).
+- fscache, cachefiles: Display stat of culling events
+  (jsc#SES-1880).
+- fscache, cachefiles: Display stats of no-space events
+  (jsc#SES-1880).
+- cachefiles: Allow cachefiles to actually function
+  (jsc#SES-1880).
+- fscache, cachefiles: Store the volume coherency data
+  (jsc#SES-1880).
+- cachefiles: Implement the I/O routines (jsc#SES-1880).
+- cachefiles: Implement cookie resize for truncate (jsc#SES-1880).
+- cachefiles: Implement begin and end I/O operation
+  (jsc#SES-1880).
+- cachefiles: Implement backing file wrangling (jsc#SES-1880).
+- cachefiles: Implement culling daemon commands (jsc#SES-1880).
+- cachefiles: Mark a backing file in use with an inode flag
+  (jsc#SES-1880).
+- cachefiles: Implement metadata/coherency data storage in xattrs
+  (jsc#SES-1880).
+- cachefiles: Implement key to filename encoding (jsc#SES-1880).
+- cachefiles: Implement object lifecycle funcs (jsc#SES-1880).
+- cachefiles: Add tracepoints for calls to the VFS (jsc#SES-1880).
+- cachefiles: Implement volume support (jsc#SES-1880).
+- cachefiles: Implement cache registration and withdrawal
+  (jsc#SES-1880).
+- cachefiles: Implement a function to get/create a directory in
+  the cache (jsc#SES-1880).
+- vfs, cachefiles: Mark a backing file in use with an inode flag
+  (jsc#SES-1880).
+- cachefiles: Provide a function to check how much space there is
+  (jsc#SES-1880).
+- cachefiles: Register a miscdev and parse commands over it
+  (jsc#SES-1880).
+- cachefiles: Add security derivation (jsc#SES-1880).
+- cachefiles: Add cache error reporting macro (jsc#SES-1880).
+- cachefiles: Add a couple of tracepoints for logging errors
+  (jsc#SES-1880).
+- cachefiles: Add some error injection support (jsc#SES-1880).
+- cachefiles: Define structs (jsc#SES-1880).
+- cachefiles: Introduce rewritten driver (jsc#SES-1880).
+- fscache: Provide a function to resize a cookie (jsc#SES-1880).
+- fscache: Provide a function to note the release of a page
+  (jsc#SES-1880).
+- vfs, fscache: Implement pinning of cache usage for writeback
+  (jsc#SES-1880).
+- fscache: Implement higher-level write I/O interface
+  (jsc#SES-1880).
+- fscache: Implement raw I/O interface (jsc#SES-1880).
+- netfs: Pass more information on how to deal with a hole in
+  the cache (jsc#SES-1880).
+- fscache: Provide a function to let the netfs update its
+  coherency data (jsc#SES-1880).
+- fscache: Provide read/write stat counters for the cache
+  (jsc#SES-1880).
+- fscache: Count data storage objects in a cache (jsc#SES-1880).
+- fscache: Provide a means to begin an operation (jsc#SES-1880).
+- fscache: Implement cookie invalidation (jsc#SES-1880).
+- fscache: Implement cookie user counting and resource pinning
+  (jsc#SES-1880).
+- fscache: Implement simple cookie state machine (jsc#SES-1880).
+- fscache: Add a function for a cache backend to note an I/O error
+  (jsc#SES-1880).
+- fscache: Provide and use cache methods to lookup/create/free
+  a volume (jsc#SES-1880).
+- fscache: Implement functions add/remove a cache (jsc#SES-1880).
+- fscache: Implement cookie-level access helpers (jsc#SES-1880).
+- fscache: Implement volume-level access helpers (jsc#SES-1880).
+- fscache: Implement cache-level access helpers (jsc#SES-1880).
+- fscache: Implement cookie registration (jsc#SES-1880).
+- fscache: Implement volume registration (jsc#SES-1880).
+- fscache: Implement cache registration (jsc#SES-1880).
+- fscache: Implement a hash function (jsc#SES-1880).
+- fscache: Introduce new driver (jsc#SES-1880).
+- netfs: Pass a flag to ->prepare_write() to say if there's no
+  alloc'd space (jsc#SES-1880).
+- netfs: Display the netfs inode number in the netfs_read
+  tracepoint (jsc#SES-1880).
+- fscache: Remove the contents of the fscache driver, pending
+  rewrite (jsc#SES-1880).
+- cachefiles: Delete the cachefiles driver pending rewrite
+  (jsc#SES-1880).
+- fscache, cachefiles: Disable configuration (jsc#SES-1880).
+- fs: add is_idmapped_mnt() helper (jsc#SES-1880).
+- NFS: Remove unnecessary TRACE_DEFINE_ENUM()s (jsc#SES-1880).
+- NFS: Always provide aligned buffers to the RPC read layers
+  (jsc#SES-1880).
+- commit 50c0425
+
+- 9p: Convert to using the netfs helper lib to do reads and
+  caching (jsc#SES-1880).
+- commit 9285dce
+
+- ceph: initialize i_size variable in ceph_sync_read
+  (jsc#SES-1880).
+- netfs: fix parameter of cleanup() (jsc#SES-1880).
+- netfs: Fix lockdep warning from taking sb_writers whilst
+  holding mmap_lock (jsc#SES-1880).
+- ceph: add a new metric to keep track of remote object copies
+  (jsc#SES-1880).
+- libceph, ceph: move ceph_osdc_copy_from() into cephfs code
+  (jsc#SES-1880).
+- ceph: clean-up metrics data structures to reduce code
+  duplication (jsc#SES-1880).
+- ceph: split 'metric' debugfs file into several files
+  (jsc#SES-1880).
+- ceph: return the real size read when it hits EOF (jsc#SES-1880).
+- ceph: shut down mount on bad mdsmap or fsmap decode
+  (jsc#SES-1880).
+- ceph: fix mdsmap decode when there are MDS's beyond max_mds
+  (jsc#SES-1880).
+- ceph: ignore the truncate when size won't change with Fx caps
+  issued (jsc#SES-1880).
+- ceph: don't rely on error_string to validate blocklisted session
+  (jsc#SES-1880).
+- ceph: just use ci->i_version for fscache aux info
+  (jsc#SES-1880).
+- ceph: shut down access to inode when async create fails
+  (jsc#SES-1880).
+- ceph: refactor remove_session_caps_cb (jsc#SES-1880).
+- ceph: fix auth cap handling logic in remove_session_caps_cb
+  (jsc#SES-1880).
+- ceph: drop private list from remove_session_caps_cb
+  (jsc#SES-1880).
+- ceph: don't use -ESTALE as special return code in
+  try_get_cap_refs (jsc#SES-1880).
+- ceph: print inode numbers instead of pointer values
+  (jsc#SES-1880).
+- ceph: enable async dirops by default (jsc#SES-1880).
+- libceph: drop ->monmap and err initialization (jsc#SES-1880).
+- ceph: convert to noop_direct_IO (jsc#SES-1880).
+- fscache_cookie_enabled: check cookie is valid before accessing
+  it (jsc#SES-1880).
+- commit f5f0829
+
+- blacklist: remove 89d43d0551a8 ("ceph: put the requests/sessions when it fails to alloc memory")
+- commit 46eecd9
+
+- ceph: fix off by one bugs in unsafe_request_wait()
+  (jsc#SES-1880).
+- ceph: drop the mdsc_get_session/put_session dout messages
+  (jsc#SES-1880).
+- ceph: don't WARN if we're forcibly removing the session caps
+  (jsc#SES-1880).
+- ceph: don't WARN if we're force umounting (jsc#SES-1880).
+- ceph: reconnect to the export targets on new mdsmaps
+  (jsc#SES-1880).
+- ceph: print more information when we can't find snaprealm
+  (jsc#SES-1880).
+- ceph: add ceph_change_snap_realm() helper (jsc#SES-1880).
+- ceph: remove redundant initializations from mdsc and session
+  (jsc#SES-1880).
+- ceph: add a new vxattr to return auth mds for an inode
+  (jsc#SES-1880).
+- ceph: remove some defunct forward declarations (jsc#SES-1880).
+- ceph: flush the mdlog before waiting on unsafe reqs
+  (jsc#SES-1880).
+- ceph: flush mdlog before umounting (jsc#SES-1880).
+- ceph: make iterate_sessions a global symbol (jsc#SES-1880).
+- ceph: make ceph_create_session_msg a global symbol
+  (jsc#SES-1880).
+- ceph: fix comment about short copies in ceph_write_end
+  (jsc#SES-1880).
+- commit 4e12f60
+
+- fscache: Remove an unused static variable (jsc#SES-1880).
+- fscache: Fix some kerneldoc warnings shown up by W=1
+  (jsc#SES-1880).
+- cachefiles: Use file_inode() rather than accessing ->f_inode
+  (jsc#SES-1880).
+- netfs: Move cookie debug ID to struct netfs_cache_resources
+  (jsc#SES-1880).
+- fscache: Select netfs stats if fscache stats are enabled
+  (jsc#SES-1880).
+- commit bbdc82f
+
kernel-debug
+- powerpc/64s: Make POWER10 and later use pause_short in cpu_relax
+  loops (bsc#1208376 ltc#201076).
+- powerpc: add ISA v3.0 / v3.1 wait opcode macro (bsc#1208376
+  ltc#201076).
+- commit 2a06230
+
+- ibmvnic: Assign XPS map to correct queue index (bsc#1208757
+  ltc#201720 jsc#PED-2322 git-fixes).
+- commit be76316
+
+- Update
+  patches.suse/usb-dwc3-dwc3-qcom-Add-missing-platform_device_put-i.patch
+  (bsc#1208741 CVE-2023-22995).
+  Added CVE reference for fix already present
+- commit 80a158a
+
+- loop: fix ioctl calls using compat_loop_info (bsc#1207333).
+- commit 11a60da
+
+- Add missing s390 vfio patch hunk (bsc#1208565 ltc#201535).
+- Refresh patches.suse/vfio-simplify-iommu-group-allocation-for-mediated-devices.
+- Refresh patches.suse/s390-vfio-ap-prepare-for-dynamic-update-of-guest-s-APCB-on-queue.
+- Refresh patches.suse/s390-vfio-ap-rename-matrix_dev-lock-mutex-to-matrix_dev-mdevs_lo.
+- commit 43ce0be
+
+- Update kabi files.
+  Based on PublicBeta-202302 ISO, kernel 5.14.21-150500.40.1
+- commit 2b36ed6
+
+- Update
+  patches.suse/usb-rndis_host-Secure-rndis_query-check-against-int-.patch
+  (CVE-2023-23559 bsc#1207051).
+  Added CVE reference to existing fix
+- commit af8ad62
+
+- Update kabi files.
+  Add arm64 64kb flavor, based on daily build 5.14.21-150500.9.1.g9b76281.aarch64.rpm
+- commit 2a6f1f8
+
+- Fix page corruption caused by racy check in __free_pages
+  (bsc#1208149).
+- commit 4cd4141
+
+- ipmi:ssif: Add a timer between request retries (bsc#1206459).
+- ipmi:ssif: Remove rtc_us_timer (bsc#1206459).
+- ipmi_ssif: Rename idle state and check (bsc#1206459).
+- ipmi:ssif: resend_msg() cannot fail (bsc#1206459).
+- commit b0ebf1b
+
+- Delete
+  patches.suse/ipmi-ssif-Add-60ms-time-internal-between-write-retri.patch.
+- commit 8704cd7
+
+- drm/i915/dg2: Drop force_probe requirement (bsc#1208203
+  jsc#PED-1218).
+- commit 4a027ed
+
+- module: Don't wait for GOING modules (bsc#1196058, bsc#1186449,
+  bsc#1204356, bsc#1204662).
+- commit 4544b7b
+
kernel-default
+- powerpc/64s: Make POWER10 and later use pause_short in cpu_relax
+  loops (bsc#1208376 ltc#201076).
+- powerpc: add ISA v3.0 / v3.1 wait opcode macro (bsc#1208376
+  ltc#201076).
+- commit 2a06230
+
+- ibmvnic: Assign XPS map to correct queue index (bsc#1208757
+  ltc#201720 jsc#PED-2322 git-fixes).
+- commit be76316
+
+- Update
+  patches.suse/usb-dwc3-dwc3-qcom-Add-missing-platform_device_put-i.patch
+  (bsc#1208741 CVE-2023-22995).
+  Added CVE reference for fix already present
+- commit 80a158a
+
+- loop: fix ioctl calls using compat_loop_info (bsc#1207333).
+- commit 11a60da
+
+- Add missing s390 vfio patch hunk (bsc#1208565 ltc#201535).
+- Refresh patches.suse/vfio-simplify-iommu-group-allocation-for-mediated-devices.
+- Refresh patches.suse/s390-vfio-ap-prepare-for-dynamic-update-of-guest-s-APCB-on-queue.
+- Refresh patches.suse/s390-vfio-ap-rename-matrix_dev-lock-mutex-to-matrix_dev-mdevs_lo.
+- commit 43ce0be
+
+- Update kabi files.
+  Based on PublicBeta-202302 ISO, kernel 5.14.21-150500.40.1
+- commit 2b36ed6
+
+- Update
+  patches.suse/usb-rndis_host-Secure-rndis_query-check-against-int-.patch
+  (CVE-2023-23559 bsc#1207051).
+  Added CVE reference to existing fix
+- commit af8ad62
+
+- Update kabi files.
+  Add arm64 64kb flavor, based on daily build 5.14.21-150500.9.1.g9b76281.aarch64.rpm
+- commit 2a6f1f8
+
+- Fix page corruption caused by racy check in __free_pages
+  (bsc#1208149).
+- commit 4cd4141
+
+- ipmi:ssif: Add a timer between request retries (bsc#1206459).
+- ipmi:ssif: Remove rtc_us_timer (bsc#1206459).
+- ipmi_ssif: Rename idle state and check (bsc#1206459).
+- ipmi:ssif: resend_msg() cannot fail (bsc#1206459).
+- commit b0ebf1b
+
+- Delete
+  patches.suse/ipmi-ssif-Add-60ms-time-internal-between-write-retri.patch.
+- commit 8704cd7
+
+- drm/i915/dg2: Drop force_probe requirement (bsc#1208203
+  jsc#PED-1218).
+- commit 4a027ed
+
+- module: Don't wait for GOING modules (bsc#1196058, bsc#1186449,
+  bsc#1204356, bsc#1204662).
+- commit 4544b7b
+
kernel-docs
+- powerpc/64s: Make POWER10 and later use pause_short in cpu_relax
+  loops (bsc#1208376 ltc#201076).
+- powerpc: add ISA v3.0 / v3.1 wait opcode macro (bsc#1208376
+  ltc#201076).
+- commit 2a06230
+
+- ibmvnic: Assign XPS map to correct queue index (bsc#1208757
+  ltc#201720 jsc#PED-2322 git-fixes).
+- commit be76316
+
+- Update
+  patches.suse/usb-dwc3-dwc3-qcom-Add-missing-platform_device_put-i.patch
+  (bsc#1208741 CVE-2023-22995).
+  Added CVE reference for fix already present
+- commit 80a158a
+
+- loop: fix ioctl calls using compat_loop_info (bsc#1207333).
+- commit 11a60da
+
+- Add missing s390 vfio patch hunk (bsc#1208565 ltc#201535).
+- Refresh patches.suse/vfio-simplify-iommu-group-allocation-for-mediated-devices.
+- Refresh patches.suse/s390-vfio-ap-prepare-for-dynamic-update-of-guest-s-APCB-on-queue.
+- Refresh patches.suse/s390-vfio-ap-rename-matrix_dev-lock-mutex-to-matrix_dev-mdevs_lo.
+- commit 43ce0be
+
+- Update kabi files.
+  Based on PublicBeta-202302 ISO, kernel 5.14.21-150500.40.1
+- commit 2b36ed6
+
+- Update
+  patches.suse/usb-rndis_host-Secure-rndis_query-check-against-int-.patch
+  (CVE-2023-23559 bsc#1207051).
+  Added CVE reference to existing fix
+- commit af8ad62
+
+- Update kabi files.
+  Add arm64 64kb flavor, based on daily build 5.14.21-150500.9.1.g9b76281.aarch64.rpm
+- commit 2a6f1f8
+
+- Fix page corruption caused by racy check in __free_pages
+  (bsc#1208149).
+- commit 4cd4141
+
+- ipmi:ssif: Add a timer between request retries (bsc#1206459).
+- ipmi:ssif: Remove rtc_us_timer (bsc#1206459).
+- ipmi_ssif: Rename idle state and check (bsc#1206459).
+- ipmi:ssif: resend_msg() cannot fail (bsc#1206459).
+- commit b0ebf1b
+
+- Delete
+  patches.suse/ipmi-ssif-Add-60ms-time-internal-between-write-retri.patch.
+- commit 8704cd7
+
+- drm/i915/dg2: Drop force_probe requirement (bsc#1208203
+  jsc#PED-1218).
+- commit 4a027ed
+
+- module: Don't wait for GOING modules (bsc#1196058, bsc#1186449,
+  bsc#1204356, bsc#1204662).
+- commit 4544b7b
+
kernel-firmware
+- Update to version 20230210 (git commit bf4115c1aa2b):
+  * linux-firmware: Update AMD cpu microcode
+  * brcm: revert firmware files for Cypress devices
+  * brcm: restore previous firmware file for BCM4329 device
+  * rtw88: 8822c: Update normal firmware to v9.9.14
+  * i915: Add DMC v2.11 for MTL (jsc#PED-1225)
+  * linux-firmware: Add firmware for Cirrus CS35L41 on UM3402 ASUS Laptop
+  * linux-firmware: Add missing tuning files for HP Laptops using Cirrus Amps (bsc#1203699)
+  * i915: Add DMC v2.18 for ADLP (jsc#PED-1225)
+
+- Update to version 20230125 (git commit 5c11a3742947):
+  (jsc#PED-1167, jsc#PED-1169, jsc#PED-1171)
+  * amdgpu: Add VCN 4.0.2 firmware
+  * amdgpu: Add PSP 13.0.4 firmware
+  * amdgpu: Add SDMA 6.0.1 fimware
+  * amdgpu: Add GC 11.0.1 firmware
+  * amdgpu: Add DCN 3.1.4 firmware
+  * iwlwifi: remove old intermediate 5.15+ firmwares
+  * iwlwifi: remove 5.10 and 5.15 intermediate old firmwares
+  * iwlwifi: remove 5.4 and 5.10 intermediate old firmwares
+  * iwlwifi: remove 4.19 and 5.4 intermediate old firmwares
+  * iwlwifi: remove old unsupported older than 4.14 LTS
+  * linux-firmware: update firmware for MT7921 WiFi device
+  * linux-firmware: update firmware for mediatek bluetooth chip (MT7921)
+  * amdgpu: update vangogh firmware
+  * linux-firmware: Update firmware file for Intel Bluetooth AX201
+  * linux-firmware: Update firmware file for Intel Bluetooth AX201
+  * linux-firmware: Update firmware file for Intel Bluetooth AX211
+  * linux-firmware: Update firmware file for Intel Bluetooth AX211
+  * linux-firmware: Update firmware file for Intel Bluetooth AX210
+  * linux-firmware: Update firmware file for Intel Bluetooth AX200
+  * linux-firmware: Update firmware file for Intel Bluetooth AX201
+  * linux-firmware: Update firmware file for Intel Bluetooth 9560
+  * linux-firmware: Update firmware file for Intel Bluetooth 9260
+  * brcm: add configuration files for CyberTan WC121
+  * qcom: add firmware files for Adreno A200
+  * rtw89: 8852c: update fw to v0.27.56.10
+  * QCA: Add Bluetooth firmware for QCA2066
+
kernel-firmware-nvidia-gsp-G06
+- update firmware to version 525.89.02
+
kernel-firmware:compressed
+- Update to version 20230210 (git commit bf4115c1aa2b):
+  * linux-firmware: Update AMD cpu microcode
+  * brcm: revert firmware files for Cypress devices
+  * brcm: restore previous firmware file for BCM4329 device
+  * rtw88: 8822c: Update normal firmware to v9.9.14
+  * i915: Add DMC v2.11 for MTL (jsc#PED-1225)
+  * linux-firmware: Add firmware for Cirrus CS35L41 on UM3402 ASUS Laptop
+  * linux-firmware: Add missing tuning files for HP Laptops using Cirrus Amps (bsc#1203699)
+  * i915: Add DMC v2.18 for ADLP (jsc#PED-1225)
+
+- Update to version 20230125 (git commit 5c11a3742947):
+  (jsc#PED-1167, jsc#PED-1169, jsc#PED-1171)
+  * amdgpu: Add VCN 4.0.2 firmware
+  * amdgpu: Add PSP 13.0.4 firmware
+  * amdgpu: Add SDMA 6.0.1 fimware
+  * amdgpu: Add GC 11.0.1 firmware
+  * amdgpu: Add DCN 3.1.4 firmware
+  * iwlwifi: remove old intermediate 5.15+ firmwares
+  * iwlwifi: remove 5.10 and 5.15 intermediate old firmwares
+  * iwlwifi: remove 5.4 and 5.10 intermediate old firmwares
+  * iwlwifi: remove 4.19 and 5.4 intermediate old firmwares
+  * iwlwifi: remove old unsupported older than 4.14 LTS
+  * linux-firmware: update firmware for MT7921 WiFi device
+  * linux-firmware: update firmware for mediatek bluetooth chip (MT7921)
+  * amdgpu: update vangogh firmware
+  * linux-firmware: Update firmware file for Intel Bluetooth AX201
+  * linux-firmware: Update firmware file for Intel Bluetooth AX201
+  * linux-firmware: Update firmware file for Intel Bluetooth AX211
+  * linux-firmware: Update firmware file for Intel Bluetooth AX211
+  * linux-firmware: Update firmware file for Intel Bluetooth AX210
+  * linux-firmware: Update firmware file for Intel Bluetooth AX200
+  * linux-firmware: Update firmware file for Intel Bluetooth AX201
+  * linux-firmware: Update firmware file for Intel Bluetooth 9560
+  * linux-firmware: Update firmware file for Intel Bluetooth 9260
+  * brcm: add configuration files for CyberTan WC121
+  * qcom: add firmware files for Adreno A200
+  * rtw89: 8852c: update fw to v0.27.56.10
+  * QCA: Add Bluetooth firmware for QCA2066
+
kernel-kvmsmall
+- powerpc/64s: Make POWER10 and later use pause_short in cpu_relax
+  loops (bsc#1208376 ltc#201076).
+- powerpc: add ISA v3.0 / v3.1 wait opcode macro (bsc#1208376
+  ltc#201076).
+- commit 2a06230
+
+- ibmvnic: Assign XPS map to correct queue index (bsc#1208757
+  ltc#201720 jsc#PED-2322 git-fixes).
+- commit be76316
+
+- Update
+  patches.suse/usb-dwc3-dwc3-qcom-Add-missing-platform_device_put-i.patch
+  (bsc#1208741 CVE-2023-22995).
+  Added CVE reference for fix already present
+- commit 80a158a
+
+- loop: fix ioctl calls using compat_loop_info (bsc#1207333).
+- commit 11a60da
+
+- Add missing s390 vfio patch hunk (bsc#1208565 ltc#201535).
+- Refresh patches.suse/vfio-simplify-iommu-group-allocation-for-mediated-devices.
+- Refresh patches.suse/s390-vfio-ap-prepare-for-dynamic-update-of-guest-s-APCB-on-queue.
+- Refresh patches.suse/s390-vfio-ap-rename-matrix_dev-lock-mutex-to-matrix_dev-mdevs_lo.
+- commit 43ce0be
+
+- Update kabi files.
+  Based on PublicBeta-202302 ISO, kernel 5.14.21-150500.40.1
+- commit 2b36ed6
+
+- Update
+  patches.suse/usb-rndis_host-Secure-rndis_query-check-against-int-.patch
+  (CVE-2023-23559 bsc#1207051).
+  Added CVE reference to existing fix
+- commit af8ad62
+
+- Update kabi files.
+  Add arm64 64kb flavor, based on daily build 5.14.21-150500.9.1.g9b76281.aarch64.rpm
+- commit 2a6f1f8
+
+- Fix page corruption caused by racy check in __free_pages
+  (bsc#1208149).
+- commit 4cd4141
+
+- ipmi:ssif: Add a timer between request retries (bsc#1206459).
+- ipmi:ssif: Remove rtc_us_timer (bsc#1206459).
+- ipmi_ssif: Rename idle state and check (bsc#1206459).
+- ipmi:ssif: resend_msg() cannot fail (bsc#1206459).
+- commit b0ebf1b
+
+- Delete
+  patches.suse/ipmi-ssif-Add-60ms-time-internal-between-write-retri.patch.
+- commit 8704cd7
+
+- drm/i915/dg2: Drop force_probe requirement (bsc#1208203
+  jsc#PED-1218).
+- commit 4a027ed
+
+- module: Don't wait for GOING modules (bsc#1196058, bsc#1186449,
+  bsc#1204356, bsc#1204662).
+- commit 4544b7b
+
kernel-obs-build
+- powerpc/64s: Make POWER10 and later use pause_short in cpu_relax
+  loops (bsc#1208376 ltc#201076).
+- powerpc: add ISA v3.0 / v3.1 wait opcode macro (bsc#1208376
+  ltc#201076).
+- commit 2a06230
+
+- ibmvnic: Assign XPS map to correct queue index (bsc#1208757
+  ltc#201720 jsc#PED-2322 git-fixes).
+- commit be76316
+
+- Update
+  patches.suse/usb-dwc3-dwc3-qcom-Add-missing-platform_device_put-i.patch
+  (bsc#1208741 CVE-2023-22995).
+  Added CVE reference for fix already present
+- commit 80a158a
+
+- loop: fix ioctl calls using compat_loop_info (bsc#1207333).
+- commit 11a60da
+
+- Add missing s390 vfio patch hunk (bsc#1208565 ltc#201535).
+- Refresh patches.suse/vfio-simplify-iommu-group-allocation-for-mediated-devices.
+- Refresh patches.suse/s390-vfio-ap-prepare-for-dynamic-update-of-guest-s-APCB-on-queue.
+- Refresh patches.suse/s390-vfio-ap-rename-matrix_dev-lock-mutex-to-matrix_dev-mdevs_lo.
+- commit 43ce0be
+
+- Update kabi files.
+  Based on PublicBeta-202302 ISO, kernel 5.14.21-150500.40.1
+- commit 2b36ed6
+
+- Update
+  patches.suse/usb-rndis_host-Secure-rndis_query-check-against-int-.patch
+  (CVE-2023-23559 bsc#1207051).
+  Added CVE reference to existing fix
+- commit af8ad62
+
+- Update kabi files.
+  Add arm64 64kb flavor, based on daily build 5.14.21-150500.9.1.g9b76281.aarch64.rpm
+- commit 2a6f1f8
+
+- Fix page corruption caused by racy check in __free_pages
+  (bsc#1208149).
+- commit 4cd4141
+
+- ipmi:ssif: Add a timer between request retries (bsc#1206459).
+- ipmi:ssif: Remove rtc_us_timer (bsc#1206459).
+- ipmi_ssif: Rename idle state and check (bsc#1206459).
+- ipmi:ssif: resend_msg() cannot fail (bsc#1206459).
+- commit b0ebf1b
+
+- Delete
+  patches.suse/ipmi-ssif-Add-60ms-time-internal-between-write-retri.patch.
+- commit 8704cd7
+
+- drm/i915/dg2: Drop force_probe requirement (bsc#1208203
+  jsc#PED-1218).
+- commit 4a027ed
+
+- module: Don't wait for GOING modules (bsc#1196058, bsc#1186449,
+  bsc#1204356, bsc#1204662).
+- commit 4544b7b
+
kernel-obs-qa
+- powerpc/64s: Make POWER10 and later use pause_short in cpu_relax
+  loops (bsc#1208376 ltc#201076).
+- powerpc: add ISA v3.0 / v3.1 wait opcode macro (bsc#1208376
+  ltc#201076).
+- commit 2a06230
+
+- ibmvnic: Assign XPS map to correct queue index (bsc#1208757
+  ltc#201720 jsc#PED-2322 git-fixes).
+- commit be76316
+
+- Update
+  patches.suse/usb-dwc3-dwc3-qcom-Add-missing-platform_device_put-i.patch
+  (bsc#1208741 CVE-2023-22995).
+  Added CVE reference for fix already present
+- commit 80a158a
+
+- loop: fix ioctl calls using compat_loop_info (bsc#1207333).
+- commit 11a60da
+
+- Add missing s390 vfio patch hunk (bsc#1208565 ltc#201535).
+- Refresh patches.suse/vfio-simplify-iommu-group-allocation-for-mediated-devices.
+- Refresh patches.suse/s390-vfio-ap-prepare-for-dynamic-update-of-guest-s-APCB-on-queue.
+- Refresh patches.suse/s390-vfio-ap-rename-matrix_dev-lock-mutex-to-matrix_dev-mdevs_lo.
+- commit 43ce0be
+
+- Update kabi files.
+  Based on PublicBeta-202302 ISO, kernel 5.14.21-150500.40.1
+- commit 2b36ed6
+
+- Update
+  patches.suse/usb-rndis_host-Secure-rndis_query-check-against-int-.patch
+  (CVE-2023-23559 bsc#1207051).
+  Added CVE reference to existing fix
+- commit af8ad62
+
+- Update kabi files.
+  Add arm64 64kb flavor, based on daily build 5.14.21-150500.9.1.g9b76281.aarch64.rpm
+- commit 2a6f1f8
+
+- Fix page corruption caused by racy check in __free_pages
+  (bsc#1208149).
+- commit 4cd4141
+
+- ipmi:ssif: Add a timer between request retries (bsc#1206459).
+- ipmi:ssif: Remove rtc_us_timer (bsc#1206459).
+- ipmi_ssif: Rename idle state and check (bsc#1206459).
+- ipmi:ssif: resend_msg() cannot fail (bsc#1206459).
+- commit b0ebf1b
+
+- Delete
+  patches.suse/ipmi-ssif-Add-60ms-time-internal-between-write-retri.patch.
+- commit 8704cd7
+
+- drm/i915/dg2: Drop force_probe requirement (bsc#1208203
+  jsc#PED-1218).
+- commit 4a027ed
+
+- module: Don't wait for GOING modules (bsc#1196058, bsc#1186449,
+  bsc#1204356, bsc#1204662).
+- commit 4544b7b
+
kernel-rt
+- Add missing s390 vfio patch hunk (bsc#1208565 ltc#201535).
+- Refresh patches.suse/vfio-simplify-iommu-group-allocation-for-mediated-devices.
+- Refresh patches.suse/s390-vfio-ap-prepare-for-dynamic-update-of-guest-s-APCB-on-queue.
+- Refresh patches.suse/s390-vfio-ap-rename-matrix_dev-lock-mutex-to-matrix_dev-mdevs_lo.
+- commit 43ce0be
+
+- Update kabi files.
+  Based on PublicBeta-202302 ISO, kernel 5.14.21-150500.40.1
+- commit 2b36ed6
+
+- Update
+  patches.suse/usb-rndis_host-Secure-rndis_query-check-against-int-.patch
+  (CVE-2023-23559 bsc#1207051).
+  Added CVE reference to existing fix
+- commit af8ad62
+
+- Update kabi files.
+  Add arm64 64kb flavor, based on daily build 5.14.21-150500.9.1.g9b76281.aarch64.rpm
+- commit 2a6f1f8
+
+- Fix page corruption caused by racy check in __free_pages
+  (bsc#1208149).
+- commit 4cd4141
+
+- ipmi:ssif: Add a timer between request retries (bsc#1206459).
+- ipmi:ssif: Remove rtc_us_timer (bsc#1206459).
+- ipmi_ssif: Rename idle state and check (bsc#1206459).
+- ipmi:ssif: resend_msg() cannot fail (bsc#1206459).
+- commit b0ebf1b
+
+- Delete
+  patches.suse/ipmi-ssif-Add-60ms-time-internal-between-write-retri.patch.
+- commit 8704cd7
+
+- drm/i915/dg2: Drop force_probe requirement (bsc#1208203
+  jsc#PED-1218).
+- commit 4a027ed
+
+- module: Don't wait for GOING modules (bsc#1196058, bsc#1186449,
+  bsc#1204356, bsc#1204662).
+- commit 4544b7b
+
+- aquantia: Do not purge addresses when setting the number of
+  rings (jsc#PED-1530).
+- commit 39a03b2
+
+- net: atlantic: macsec: clear encryption keys from the stack
+  (jsc#PED-1530).
+- commit 643f719
+
+- atlantic: fix deadlock at aq_nic_stop (jsc#PED-1530).
+- commit 4a9a64f
+
+- net: atlantic: fix potential memory leak in aq_ndev_close()
+  (jsc#PED-1530).
+- commit 719db2f
+
+- net: atlantic: remove aq_nic_deinit() when resume
+  (jsc#PED-1530).
+- commit ff2f581
+
+- net: atlantic: remove deep parameter on suspend/resume functions
+  (jsc#PED-1530).
+- commit 9e96b4d
+
+- net: atlantic:fix repeated words in comments (jsc#PED-1530).
+- commit d6d4ffb
+
+- net: atlantic: verify hw_head_ lies within TX buffer ring
+  (jsc#PED-1530).
+- commit 7059ede
+
+- net: atlantic: add check for MAX_SKB_FRAGS (jsc#PED-1530).
+- commit e719b81
+
+- net: atlantic: reduce scope of is_rsc_complete (jsc#PED-1530).
+- commit b04c254
+
+- net: atlantic: fix "frag[0] not initialized" (jsc#PED-1530).
+- commit 0263576
+
+- Update
+  patches.suse/net-sched-cbq-dont-intepret-cls-results-when-asked-t.patch
+  (bsc#1207361 bsc#1207036 CVE-2023-23454).
+- commit 521fdca
+
+- Update
+  patches.suse/net-sched-atm-dont-intepret-cls-results-when-asked-t.patch
+  (bsc#1207361 bc#1207125 CVE-2023-23455).
+- commit c8b6243
+
+- io_uring/poll: fix poll_refs race with cancelation (bsc#1207511
+  CVE-2023-0468).
+- io_uring: make poll refs more robust (bsc#1207511
+  CVE-2023-0468).
+- io_uring: cmpxchg for poll arm refs release (bsc#1207511
+  CVE-2023-0468).
+- io_uring: fix tw losing poll events (bsc#1207511 CVE-2023-0468).
+- io_uring: update res mask in io_poll_check_events (bsc#1207511
+  CVE-2023-0468).
+- commit 4fe9bfe
+
+- io_uring: pass in EPOLL_URING_WAKE for eventfd signaling and
+  wakeups (bsc#1207100).
+- eventfd: provide a eventfd_signal_mask() helper (bsc#1207100).
+- eventpoll: add EPOLL_URING_WAKE poll wakeup flag (bsc#1207100).
+- commit 9e5a117
+
+- fbdev: Fix invalid page access after closing deferred I/O
+  devices (bsc#1207284).
+- commit 6a8d940
+
+- ipmi:ssif: Add 60ms time internal between write retries
+  (bsc#1206459).
+- ipmi:ssif: Increase the message retry time (bsc#1206459).
+- commit 14626c0
+
+- ibmvnic: Toggle between queue types in affinity mapping
+  (jsc#PED-2322).
+- commit 03b696f
+
+- Update config files.
+  New config option CONFIG_CACHEFILES_ONDEMAND.
+- commit ef23649
+
+- fs: change test in inode_insert5 for adding to the sb list
+  (jsc#SES-1880).
+- commit 6570d82
+
+- fscache: Fix oops due to race with cookie_lru and use_cookie
+  (jsc#SES-1880).
+- fscache: fix OOB Read in __fscache_acquire_volume
+  (jsc#SES-1880).
+- ceph: fix NULL pointer dereference for req->r_session
+  (jsc#SES-1880).
+- ceph: fix a NULL vs IS_ERR() check when calling
+  ceph_lookup_inode() (jsc#SES-1880).
+- ceph: fix incorrectly showing the .snap size for stat
+  (jsc#SES-1880).
+- ceph: fail the open_by_handle_at() if the dentry is being
+  unlinked (jsc#SES-1880).
+- ceph: increment i_version when doing a setattr with caps
+  (jsc#SES-1880).
+- ceph: Use kcalloc for allocating multiple elements
+  (jsc#SES-1880).
+- ceph: no need to wait for transition RDCACHE|RD -> RD
+  (jsc#SES-1880).
+- ceph: fail the request if the peer MDS doesn't support getvxattr
+  op (jsc#SES-1880).
+- ceph: wake up the waiters if any new caps comes (jsc#SES-1880).
+- libceph: drop last_piece flag from ceph_msg_data_cursor
+  (jsc#SES-1880).
+- fscrypt: add fscrypt_context_for_new_inode (jsc#SES-1880).
+- fscrypt: export fscrypt_fname_encrypt and
+  fscrypt_fname_encrypted_size (jsc#SES-1880).
+- commit 941f30a
+
+- blacklist: remove ceph commits from the list
+  aa1d627207ca ("ceph: Use kcalloc for allocating multiple elements")
+  5bd76b8de5b7 ("ceph: fix NULL pointer dereference for req->r_session")
+- commit 54964bf
+
+- x86/hyperv: Add constant HV_ISOLATION_TYPE_TDX (related to bug 1206453 and PED-3247).
+- commit a452b5e
+
+- cachefiles: make on-demand request distribution fairer
+  (jsc#SES-1880).
+- cachefiles: fix error return code in cachefiles_ondemand_copen()
+  (jsc#SES-1880).
+- fscache: fix misdocumented parameter (jsc#SES-1880).
+- libceph: clean up ceph_osdc_start_request prototype
+  (jsc#SES-1880).
+- libceph: fix ceph_pagelist_reserve() comment typo
+  (jsc#SES-1880).
+- ceph: remove useless check for the folio (jsc#SES-1880).
+- ceph: make f_bsize always equal to f_frsize (jsc#SES-1880).
+- ceph: flush the dirty caps immediatelly when quota is
+  approaching (jsc#SES-1880).
+- libceph: print fsid and epoch with osd id (jsc#SES-1880).
+- libceph: check pointer before assigned to "c->rules"
+  (jsc#SES-1880).
+- ceph: don't get the inline data for new creating files
+  (jsc#SES-1880).
+- ceph: update the auth cap when the async create req is forwarded
+  (jsc#SES-1880).
+- ceph: make change_auth_cap_ses a global symbol (jsc#SES-1880).
+- ceph: fix incorrect old_size length in ceph_mds_request_args
+  (jsc#SES-1880).
+- ceph: call netfs_subreq_terminated with was_async == false
+  (jsc#SES-1880).
+- ceph: convert to generic_file_llseek (jsc#SES-1880).
+- ceph: fix the incorrect comment for the ceph_mds_caps struct
+  (jsc#SES-1880).
+- ceph: prevent a client from exceeding the MDS maximum xattr size
+  (jsc#SES-1880).
+- ceph: choose auth MDS for getxattr with the Xs caps
+  (jsc#SES-1880).
+- ceph: add session already open notify support (jsc#SES-1880).
+- commit f01bb22
+
+- ceph: wait for the first reply of inflight async unlink
+  (jsc#SES-1880).
+- Refresh
+  patches.suse/ceph-don-t-truncate-file-in-atomic_open.patch.
+- commit 6774969
+
+- fs/dcache: export d_same_name() helper (jsc#SES-1880).
+- ceph: remove useless CEPHFS_FEATURES_CLIENT_REQUIRED
+  (jsc#SES-1880).
+- fscache: add tracepoint when failing cookie (jsc#SES-1880).
+- fscache: don't leak cookie access refs if invalidation is in
+  progress or failed (jsc#SES-1880).
+- docs: filesystems: update netfs-api.rst reference
+  (jsc#SES-1880).
+- commit d147e79
+
+- fscrypt: add new helper functions for test_dummy_encryption
+  (jsc#SES-1880).
+- fscrypt: factor out fscrypt_policy_to_key_spec() (jsc#SES-1880).
+- commit 5ea3f64
+
+- netfs: do not unlock and put the folio twice (jsc#SES-1880).
+- fscache: Fix invalidation/lookup race (jsc#SES-1880).
+- cachefiles: narrow the scope of flushed requests when releasing
+  fd (jsc#SES-1880).
+- fscache: Introduce fscache_cookie_is_dropped() (jsc#SES-1880).
+- fscache: Fix if condition in fscache_wait_on_volume_collision()
+  (jsc#SES-1880).
+- ceph: wait on async create before checking caps for syncfs
+  (jsc#SES-1880).
+- 9p: fix EBADF errors in cached mode (jsc#SES-1880).
+- netfs: Rename the netfs_io_request cleanup op and give it an
+  op pointer (jsc#SES-1880).
+- ceph: fix decoding of client session messages flags
+  (jsc#SES-1880).
+- ceph: switch TASK_INTERRUPTIBLE to TASK_KILLABLE (jsc#SES-1880).
+- ceph: remove redundant variable ino (jsc#SES-1880).
+- ceph: try to queue a writeback if revoking fails (jsc#SES-1880).
+- ceph: fix statfs for subdir mounts (jsc#SES-1880).
+- ceph: fix possible deadlock when holding Fwb to get inline_data
+  (jsc#SES-1880).
+- ceph: redirty the page for writepage on failure (jsc#SES-1880).
+- ceph: try to choose the auth MDS if possible for getattr
+  (jsc#SES-1880).
+- ceph: disable updating the atime since cephfs won't maintain it
+  (jsc#SES-1880).
+- ceph: flush the mdlog for filesystem sync (jsc#SES-1880).
+- ceph: rename unsafe_request_wait() (jsc#SES-1880).
+- libceph: use swap() macro instead of taking tmp variable
+  (jsc#SES-1880).
+- ceph: fix statx AT_STATX_DONT_SYNC vs AT_STATX_FORCE_SYNC check
+  (jsc#SES-1880).
+- ceph: no need to invalidate the fscache twice (jsc#SES-1880).
+- ceph: replace usage of found with dedicated list iterator
+  variable (jsc#SES-1880).
+- ceph: use dedicated list iterator variable (jsc#SES-1880).
+- ceph: update the dlease for the hashed dentry when removing
+  (jsc#SES-1880).
+- ceph: stop retrying the request when exceeding 256 times
+  (jsc#SES-1880).
+- ceph: stop forwarding the request when exceeding 256 times
+  (jsc#SES-1880).
+- ceph: remove unused CEPH_MDS_LEASE_RELEASE related code
+  (jsc#SES-1880).
+- cachefiles: add tracepoints for on-demand read mode
+  (jsc#SES-1880).
+- cachefiles: enable on-demand read mode (jsc#SES-1880).
+- cachefiles: implement on-demand read (jsc#SES-1880).
+- cachefiles: notify the user daemon when withdrawing cookie
+  (jsc#SES-1880).
+- cachefiles: unbind cachefiles gracefully in on-demand mode
+  (jsc#SES-1880).
+- cachefiles: notify the user daemon when looking up cookie
+  (jsc#SES-1880).
+- cachefiles: extract write routine (jsc#SES-1880).
+- netfs: Eliminate Clang randstruct warning (jsc#SES-1880).
+- commit ce95c8d
+
+- blacklist: removed 1b2ba3c5616e ("ceph: flush the mdlog for filesystem sync")
+- commit 559d59c
+
+- libceph: fix misleading ceph_osdc_cancel_request() comment
+  (jsc#SES-1880).
+- ceph: fix possible NULL pointer dereference for req->r_session
+  (jsc#SES-1880).
+- ceph: remove incorrect session state check (jsc#SES-1880).
+- ceph: get snap_rwsem read lock in handle_cap_export for
+  ceph_add_cap (jsc#SES-1880).
+- libceph: disambiguate cluster/pool full log message
+  (jsc#SES-1880).
+- fscache: remove FSCACHE_OLD_API Kconfig option (jsc#SES-1880).
+- fscache: Use wrapper fscache_set_cache_state() directly when
+  relinquishing (jsc#SES-1880).
+- fscache: Move fscache_cookies_seq_ops specific code under
+  CONFIG_PROC_FS (jsc#SES-1880).
+- fscache: Remove the cookie parameter from
+  fscache_clear_page_bits() (jsc#SES-1880).
+- cachefiles: Fix KASAN slab-out-of-bounds in
+  cachefiles_set_volume_xattr (jsc#SES-1880).
+- cachefiles: unmark inode in use in error path (jsc#SES-1880).
+- netfs: Keep track of the actual remote file size (jsc#SES-1880).
+- netfs: Split some core bits out into their own file
+  (jsc#SES-1880).
+- netfs: Split fs/netfs/read_helper.c (jsc#SES-1880).
+- netfs: Rename read_helper.c to io.c (jsc#SES-1880).
+- netfs: Prepare to split read_helper.c (jsc#SES-1880).
+- netfs: Add a function to consolidate beginning a read
+  (jsc#SES-1880).
+- commit 759f021
+
+- blacklist: removed 7acae6183cf3 ("ceph: fix possible NULL pointer dereference for req->r_session")
+- commit 91f76f5
+
+- netfs: Add a netfs inode context (jsc#SES-1880).
+- Refresh
+  patches.suse/cifs-fix-potential-deadlock-in-direct-reclaim.patch.
+- commit fa3a76d
+
+- ceph: Make ceph_init_request() check caps on readahead
+  (jsc#SES-1880).
+- netfs: Change ->init_request() to return an error code
+  (jsc#SES-1880).
+- netfs: Refactor arguments for netfs_alloc_read_request
+  (jsc#SES-1880).
+- netfs: Adjust the netfs_failure tracepoint to indicate
+  non-subreq lines (jsc#SES-1880).
+- netfs: Trace refcounting on the netfs_io_subrequest struct
+  (jsc#SES-1880).
+- netfs: Trace refcounting on the netfs_io_request struct
+  (jsc#SES-1880).
+- netfs: Adjust the netfs_rreq tracepoint slightly (jsc#SES-1880).
+- netfs: Split netfs_io_* object handling out (jsc#SES-1880).
+- netfs: Finish off rename of netfs_read_request to
+  netfs_io_request (jsc#SES-1880).
+- netfs: Rename netfs_read_*request to netfs_io_*request
+  (jsc#SES-1880).
+- netfs: Generate enums from trace symbol mapping lists
+  (jsc#SES-1880).
+- fscache: export fscache_end_operation() (jsc#SES-1880).
+- afs: Sort out symlink reading (jsc#SES-1880).
+- commit f1d9e86
+
+- ceph: uninitialized variable in debug output (jsc#SES-1880).
+- ceph: use tracked average r/w/m latencies to display metrics
+  in debugfs (jsc#SES-1880).
+- ceph: include average/stdev r/w/m latency in mds metrics
+  (jsc#SES-1880).
+- ceph: track average r/w/m latency (jsc#SES-1880).
+- ceph: use ktime_to_timespec64() rather than
+  jiffies_to_timespec64() (jsc#SES-1880).
+- ceph: assign the ci only when the inode isn't NULL
+  (jsc#SES-1880).
+- commit 7f5eb5f
+
+- ceph: misc fix for code style and logs (jsc#SES-1880).
+- Refresh
+  patches.suse/ceph-avoid-putting-the-realm-twice-when-decoding-snaps-fails.patch.
+- commit 915976e
+
+- ceph: allocate capsnap memory outside of ceph_queue_cap_snap()
+  (jsc#SES-1880).
+- ceph: do not release the global snaprealm until unmounting
+  (jsc#SES-1880).
+- ceph: remove incorrect and unused CEPH_INO_DOTDOT macro
+  (jsc#SES-1880).
+- ceph: eliminate the recursion when rebuilding the snap context
+  (jsc#SES-1880).
+- ceph: zero the dir_entries memory when allocating it
+  (jsc#SES-1880).
+- ceph: move to a dedicated slabcache for ceph_cap_snap
+  (jsc#SES-1880).
+- ceph: add getvxattr op (jsc#SES-1880).
+- libceph: drop else branches in prepare_read_data{,_cont}
+  (jsc#SES-1880).
+- ceph: fix comments mentioning i_mutex (jsc#SES-1880).
+- ceph: fail the request directly if handle_reply gets an ESTALE
+  (jsc#SES-1880).
+- ceph: wake waiters after failed async create (jsc#SES-1880).
+- ceph: wait for async create reply before sending any cap
+  messages (jsc#SES-1880).
+- ceph: eliminate req->r_wait_for_completion from ceph_mds_request
+  (jsc#SES-1880).
+- ceph: uninline the data on a file opened for writing
+  (jsc#SES-1880).
+- ceph: make ceph_netfs_issue_op() handle inlined data
+  (jsc#SES-1880).
+- commit 4f1bb1d
+
+- cifs: Fix the readahead conversion to manage the batch when
+  reading from cache (jsc#SES-1880).
+- cifs: Implement cache I/O by accessing the cache directly
+  (jsc#SES-1880).
+- commit aeedd18
+
+- cifs: Transition from ->readpages() to ->readahead()
+  (jsc#SES-1880).
+- Refresh patches.suse/Adjust-cifssb-maximum-read-size.patch.
+- commit 9ab1e02
+
+- Update config files.
+  New config option CONFIG_CACHEFILES_ERROR_INJECTION.
+- commit c7f3506
+
+- cifs: Support fscache indexing rewrite (jsc#SES-1880).
+- Refresh
+  patches.suse/cifs-Add-constructor-destructors-for-tcon-cfid.patch.
+- Refresh
+  patches.suse/cifs-Make-tcon-contain-a-wrapper-structure-cached_fids-instead-of-c.patch.
+- Refresh
+  patches.suse/cifs-Move-cached-dir-functions-into-a-separate-file.patch.
+- Refresh
+  patches.suse/cifs-remove-cifs_-prefix-from-init-destroy-mids-functions.patch.
+- Refresh
+  patches.suse/cifs-replace-kfree-with-kfree_sensitive-for-sensitive-data.patch.
+- Refresh
+  patches.suse/cifs-split-out-ses-and-tcon-retrieval-from-mount_get_conns-.patch.
+- Refresh
+  patches.suse/cifs-when-insecure-legacy-is-disabled-shrink-amount-of-SMB1-code.patch.
+- Refresh patches.suse/cifs-writeback-fix.patch.
+- Refresh
+  patches.suse/smb3-add-dynamic-trace-points-for-tree-disconnect.patch.
+- commit aba9248
+
+- cachefiles: Fix volume coherency attribute (jsc#SES-1880).
+- cachefiles: Fix incorrect length to fallocate() (jsc#SES-1880).
+- libceph: optionally use bounce buffer on recv path in crc mode
+  (jsc#SES-1880).
+- libceph: make recv path in secure mode work the same as send
+  path (jsc#SES-1880).
+- netfs, cachefiles: Add a method to query presence of data in
+  the cache (jsc#SES-1880).
+- ceph: put the requests/sessions when it fails to alloc memory
+  (jsc#SES-1880).
+- netfs: Make ops->init_rreq() optional (jsc#SES-1880).
+- fscache: Add a comment explaining how page-release optimisation
+  works (jsc#SES-1880).
+- cachefiles: Check that the backing filesystem supports tmpfiles
+  (jsc#SES-1880).
+- cachefiles: Explain checks in a comment (jsc#SES-1880).
+- cachefiles: Trace active-mark failure (jsc#SES-1880).
+- cachefiles: Make some tracepoint adjustments (jsc#SES-1880).
+- cachefiles: set default tag name if it's unspecified
+  (jsc#SES-1880).
+- cachefiles: Calculate the blockshift in terms of bytes, not
+  pages (jsc#SES-1880).
+- fscache: Fix the volume collision wait condition (jsc#SES-1880).
+- ceph: move CEPH_SUPER_MAGIC definition to magic.h
+  (jsc#SES-1880).
+- ceph: remove redundant Lsx caps check (jsc#SES-1880).
+- ceph: add new "nopagecache" option (jsc#SES-1880).
+- ceph: don't check for quotas on MDS stray dirs (jsc#SES-1880).
+- ceph: drop send metrics debug message (jsc#SES-1880).
+- rbd: make const pointer spaces a static const array
+  (jsc#SES-1880).
+- ceph: Fix incorrect statfs report for small quota
+  (jsc#SES-1880).
+- ceph: mount syntax module parameter (jsc#SES-1880).
+- ceph: record updated mon_addr on remount (jsc#SES-1880).
+- ceph: new device mount syntax (jsc#SES-1880).
+- libceph: rename parse_fsid() to ceph_parse_fsid() and export
+  (jsc#SES-1880).
+- libceph: generalize addr/ip parsing based on delimiter
+  (jsc#SES-1880).
+- 9p: fix enodata when reading growing file (jsc#SES-1880).
+- 9p, afs, ceph, nfs: Use current_is_kswapd() rather than
+  gfpflags_allow_blocking() (jsc#SES-1880).
+- fscache: Add a tracepoint for cookie use/unuse (jsc#SES-1880).
+- ceph: add fscache writeback support (jsc#SES-1880).
+- ceph: conversion to new fscache API (jsc#SES-1880).
+- nfs: Implement cache I/O by accessing the cache directly
+  (jsc#SES-1880).
+- commit 74173ff
+
+- blacklist: drop ceph commit
+- commit ba2e082
+
+- nfs: Convert to new fscache volume/cookie API (jsc#SES-1880).
+- Refresh
+  patches.suse/0001-NFS-flush-out-dirty-data-on-file-fput.patch.
+- commit afbd263
+
+- 9p: Copy local writes to the cache when writing to the server
+  (jsc#SES-1880).
+- commit 505ae37
+
+- 9p: Use fscache indexing rewrite and reenable caching
+  (jsc#SES-1880).
+- afs: Skip truncation on the server of data we haven't written
+  yet (jsc#SES-1880).
+- afs: Copy local writes to the cache when writing to the server
+  (jsc#SES-1880).
+- afs: Convert afs to use the new fscache API (jsc#SES-1880).
+- fscache, cachefiles: Display stat of culling events
+  (jsc#SES-1880).
+- fscache, cachefiles: Display stats of no-space events
+  (jsc#SES-1880).
+- cachefiles: Allow cachefiles to actually function
+  (jsc#SES-1880).
+- fscache, cachefiles: Store the volume coherency data
+  (jsc#SES-1880).
+- cachefiles: Implement the I/O routines (jsc#SES-1880).
+- cachefiles: Implement cookie resize for truncate (jsc#SES-1880).
+- cachefiles: Implement begin and end I/O operation
+  (jsc#SES-1880).
+- cachefiles: Implement backing file wrangling (jsc#SES-1880).
+- cachefiles: Implement culling daemon commands (jsc#SES-1880).
+- cachefiles: Mark a backing file in use with an inode flag
+  (jsc#SES-1880).
+- cachefiles: Implement metadata/coherency data storage in xattrs
+  (jsc#SES-1880).
+- cachefiles: Implement key to filename encoding (jsc#SES-1880).
+- cachefiles: Implement object lifecycle funcs (jsc#SES-1880).
+- cachefiles: Add tracepoints for calls to the VFS (jsc#SES-1880).
+- cachefiles: Implement volume support (jsc#SES-1880).
+- cachefiles: Implement cache registration and withdrawal
+  (jsc#SES-1880).
+- cachefiles: Implement a function to get/create a directory in
+  the cache (jsc#SES-1880).
+- vfs, cachefiles: Mark a backing file in use with an inode flag
+  (jsc#SES-1880).
+- cachefiles: Provide a function to check how much space there is
+  (jsc#SES-1880).
+- cachefiles: Register a miscdev and parse commands over it
+  (jsc#SES-1880).
+- cachefiles: Add security derivation (jsc#SES-1880).
+- cachefiles: Add cache error reporting macro (jsc#SES-1880).
+- cachefiles: Add a couple of tracepoints for logging errors
+  (jsc#SES-1880).
+- cachefiles: Add some error injection support (jsc#SES-1880).
+- cachefiles: Define structs (jsc#SES-1880).
+- cachefiles: Introduce rewritten driver (jsc#SES-1880).
+- fscache: Provide a function to resize a cookie (jsc#SES-1880).
+- fscache: Provide a function to note the release of a page
+  (jsc#SES-1880).
+- vfs, fscache: Implement pinning of cache usage for writeback
+  (jsc#SES-1880).
+- fscache: Implement higher-level write I/O interface
+  (jsc#SES-1880).
+- fscache: Implement raw I/O interface (jsc#SES-1880).
+- netfs: Pass more information on how to deal with a hole in
+  the cache (jsc#SES-1880).
+- fscache: Provide a function to let the netfs update its
+  coherency data (jsc#SES-1880).
+- fscache: Provide read/write stat counters for the cache
+  (jsc#SES-1880).
+- fscache: Count data storage objects in a cache (jsc#SES-1880).
+- fscache: Provide a means to begin an operation (jsc#SES-1880).
+- fscache: Implement cookie invalidation (jsc#SES-1880).
+- fscache: Implement cookie user counting and resource pinning
+  (jsc#SES-1880).
+- fscache: Implement simple cookie state machine (jsc#SES-1880).
+- fscache: Add a function for a cache backend to note an I/O error
+  (jsc#SES-1880).
+- fscache: Provide and use cache methods to lookup/create/free
+  a volume (jsc#SES-1880).
+- fscache: Implement functions add/remove a cache (jsc#SES-1880).
+- fscache: Implement cookie-level access helpers (jsc#SES-1880).
+- fscache: Implement volume-level access helpers (jsc#SES-1880).
+- fscache: Implement cache-level access helpers (jsc#SES-1880).
+- fscache: Implement cookie registration (jsc#SES-1880).
+- fscache: Implement volume registration (jsc#SES-1880).
+- fscache: Implement cache registration (jsc#SES-1880).
+- fscache: Implement a hash function (jsc#SES-1880).
+- fscache: Introduce new driver (jsc#SES-1880).
+- netfs: Pass a flag to ->prepare_write() to say if there's no
+  alloc'd space (jsc#SES-1880).
+- netfs: Display the netfs inode number in the netfs_read
+  tracepoint (jsc#SES-1880).
+- fscache: Remove the contents of the fscache driver, pending
+  rewrite (jsc#SES-1880).
+- cachefiles: Delete the cachefiles driver pending rewrite
+  (jsc#SES-1880).
+- fscache, cachefiles: Disable configuration (jsc#SES-1880).
+- fs: add is_idmapped_mnt() helper (jsc#SES-1880).
+- NFS: Remove unnecessary TRACE_DEFINE_ENUM()s (jsc#SES-1880).
+- NFS: Always provide aligned buffers to the RPC read layers
+  (jsc#SES-1880).
+- commit 50c0425
+
+- 9p: Convert to using the netfs helper lib to do reads and
+  caching (jsc#SES-1880).
+- commit 9285dce
+
+- ceph: initialize i_size variable in ceph_sync_read
+  (jsc#SES-1880).
+- netfs: fix parameter of cleanup() (jsc#SES-1880).
+- netfs: Fix lockdep warning from taking sb_writers whilst
+  holding mmap_lock (jsc#SES-1880).
+- ceph: add a new metric to keep track of remote object copies
+  (jsc#SES-1880).
+- libceph, ceph: move ceph_osdc_copy_from() into cephfs code
+  (jsc#SES-1880).
+- ceph: clean-up metrics data structures to reduce code
+  duplication (jsc#SES-1880).
+- ceph: split 'metric' debugfs file into several files
+  (jsc#SES-1880).
+- ceph: return the real size read when it hits EOF (jsc#SES-1880).
+- ceph: shut down mount on bad mdsmap or fsmap decode
+  (jsc#SES-1880).
+- ceph: fix mdsmap decode when there are MDS's beyond max_mds
+  (jsc#SES-1880).
+- ceph: ignore the truncate when size won't change with Fx caps
+  issued (jsc#SES-1880).
+- ceph: don't rely on error_string to validate blocklisted session
+  (jsc#SES-1880).
+- ceph: just use ci->i_version for fscache aux info
+  (jsc#SES-1880).
+- ceph: shut down access to inode when async create fails
+  (jsc#SES-1880).
+- ceph: refactor remove_session_caps_cb (jsc#SES-1880).
+- ceph: fix auth cap handling logic in remove_session_caps_cb
+  (jsc#SES-1880).
+- ceph: drop private list from remove_session_caps_cb
+  (jsc#SES-1880).
+- ceph: don't use -ESTALE as special return code in
+  try_get_cap_refs (jsc#SES-1880).
+- ceph: print inode numbers instead of pointer values
+  (jsc#SES-1880).
+- ceph: enable async dirops by default (jsc#SES-1880).
+- libceph: drop ->monmap and err initialization (jsc#SES-1880).
+- ceph: convert to noop_direct_IO (jsc#SES-1880).
+- fscache_cookie_enabled: check cookie is valid before accessing
+  it (jsc#SES-1880).
+- commit f5f0829
+
+- blacklist: remove 89d43d0551a8 ("ceph: put the requests/sessions when it fails to alloc memory")
+- commit 46eecd9
+
+- ceph: fix off by one bugs in unsafe_request_wait()
+  (jsc#SES-1880).
+- ceph: drop the mdsc_get_session/put_session dout messages
+  (jsc#SES-1880).
+- ceph: don't WARN if we're forcibly removing the session caps
+  (jsc#SES-1880).
+- ceph: don't WARN if we're force umounting (jsc#SES-1880).
+- ceph: reconnect to the export targets on new mdsmaps
+  (jsc#SES-1880).
+- ceph: print more information when we can't find snaprealm
+  (jsc#SES-1880).
+- ceph: add ceph_change_snap_realm() helper (jsc#SES-1880).
+- ceph: remove redundant initializations from mdsc and session
+  (jsc#SES-1880).
+- ceph: add a new vxattr to return auth mds for an inode
+  (jsc#SES-1880).
+- ceph: remove some defunct forward declarations (jsc#SES-1880).
+- ceph: flush the mdlog before waiting on unsafe reqs
+  (jsc#SES-1880).
+- ceph: flush mdlog before umounting (jsc#SES-1880).
+- ceph: make iterate_sessions a global symbol (jsc#SES-1880).
+- ceph: make ceph_create_session_msg a global symbol
+  (jsc#SES-1880).
+- ceph: fix comment about short copies in ceph_write_end
+  (jsc#SES-1880).
+- commit 4e12f60
+
+- fscache: Remove an unused static variable (jsc#SES-1880).
+- fscache: Fix some kerneldoc warnings shown up by W=1
+  (jsc#SES-1880).
+- cachefiles: Use file_inode() rather than accessing ->f_inode
+  (jsc#SES-1880).
+- netfs: Move cookie debug ID to struct netfs_cache_resources
+  (jsc#SES-1880).
+- fscache: Select netfs stats if fscache stats are enabled
+  (jsc#SES-1880).
+- commit bbdc82f
+
kernel-rt_debug
+- Add missing s390 vfio patch hunk (bsc#1208565 ltc#201535).
+- Refresh patches.suse/vfio-simplify-iommu-group-allocation-for-mediated-devices.
+- Refresh patches.suse/s390-vfio-ap-prepare-for-dynamic-update-of-guest-s-APCB-on-queue.
+- Refresh patches.suse/s390-vfio-ap-rename-matrix_dev-lock-mutex-to-matrix_dev-mdevs_lo.
+- commit 43ce0be
+
+- Update kabi files.
+  Based on PublicBeta-202302 ISO, kernel 5.14.21-150500.40.1
+- commit 2b36ed6
+
+- Update
+  patches.suse/usb-rndis_host-Secure-rndis_query-check-against-int-.patch
+  (CVE-2023-23559 bsc#1207051).
+  Added CVE reference to existing fix
+- commit af8ad62
+
+- Update kabi files.
+  Add arm64 64kb flavor, based on daily build 5.14.21-150500.9.1.g9b76281.aarch64.rpm
+- commit 2a6f1f8
+
+- Fix page corruption caused by racy check in __free_pages
+  (bsc#1208149).
+- commit 4cd4141
+
+- ipmi:ssif: Add a timer between request retries (bsc#1206459).
+- ipmi:ssif: Remove rtc_us_timer (bsc#1206459).
+- ipmi_ssif: Rename idle state and check (bsc#1206459).
+- ipmi:ssif: resend_msg() cannot fail (bsc#1206459).
+- commit b0ebf1b
+
+- Delete
+  patches.suse/ipmi-ssif-Add-60ms-time-internal-between-write-retri.patch.
+- commit 8704cd7
+
+- drm/i915/dg2: Drop force_probe requirement (bsc#1208203
+  jsc#PED-1218).
+- commit 4a027ed
+
+- module: Don't wait for GOING modules (bsc#1196058, bsc#1186449,
+  bsc#1204356, bsc#1204662).
+- commit 4544b7b
+
+- aquantia: Do not purge addresses when setting the number of
+  rings (jsc#PED-1530).
+- commit 39a03b2
+
+- net: atlantic: macsec: clear encryption keys from the stack
+  (jsc#PED-1530).
+- commit 643f719
+
+- atlantic: fix deadlock at aq_nic_stop (jsc#PED-1530).
+- commit 4a9a64f
+
+- net: atlantic: fix potential memory leak in aq_ndev_close()
+  (jsc#PED-1530).
+- commit 719db2f
+
+- net: atlantic: remove aq_nic_deinit() when resume
+  (jsc#PED-1530).
+- commit ff2f581
+
+- net: atlantic: remove deep parameter on suspend/resume functions
+  (jsc#PED-1530).
+- commit 9e96b4d
+
+- net: atlantic:fix repeated words in comments (jsc#PED-1530).
+- commit d6d4ffb
+
+- net: atlantic: verify hw_head_ lies within TX buffer ring
+  (jsc#PED-1530).
+- commit 7059ede
+
+- net: atlantic: add check for MAX_SKB_FRAGS (jsc#PED-1530).
+- commit e719b81
+
+- net: atlantic: reduce scope of is_rsc_complete (jsc#PED-1530).
+- commit b04c254
+
+- net: atlantic: fix "frag[0] not initialized" (jsc#PED-1530).
+- commit 0263576
+
+- Update
+  patches.suse/net-sched-cbq-dont-intepret-cls-results-when-asked-t.patch
+  (bsc#1207361 bsc#1207036 CVE-2023-23454).
+- commit 521fdca
+
+- Update
+  patches.suse/net-sched-atm-dont-intepret-cls-results-when-asked-t.patch
+  (bsc#1207361 bc#1207125 CVE-2023-23455).
+- commit c8b6243
+
+- io_uring/poll: fix poll_refs race with cancelation (bsc#1207511
+  CVE-2023-0468).
+- io_uring: make poll refs more robust (bsc#1207511
+  CVE-2023-0468).
+- io_uring: cmpxchg for poll arm refs release (bsc#1207511
+  CVE-2023-0468).
+- io_uring: fix tw losing poll events (bsc#1207511 CVE-2023-0468).
+- io_uring: update res mask in io_poll_check_events (bsc#1207511
+  CVE-2023-0468).
+- commit 4fe9bfe
+
+- io_uring: pass in EPOLL_URING_WAKE for eventfd signaling and
+  wakeups (bsc#1207100).
+- eventfd: provide a eventfd_signal_mask() helper (bsc#1207100).
+- eventpoll: add EPOLL_URING_WAKE poll wakeup flag (bsc#1207100).
+- commit 9e5a117
+
+- fbdev: Fix invalid page access after closing deferred I/O
+  devices (bsc#1207284).
+- commit 6a8d940
+
+- ipmi:ssif: Add 60ms time internal between write retries
+  (bsc#1206459).
+- ipmi:ssif: Increase the message retry time (bsc#1206459).
+- commit 14626c0
+
+- ibmvnic: Toggle between queue types in affinity mapping
+  (jsc#PED-2322).
+- commit 03b696f
+
+- Update config files.
+  New config option CONFIG_CACHEFILES_ONDEMAND.
+- commit ef23649
+
+- fs: change test in inode_insert5 for adding to the sb list
+  (jsc#SES-1880).
+- commit 6570d82
+
+- fscache: Fix oops due to race with cookie_lru and use_cookie
+  (jsc#SES-1880).
+- fscache: fix OOB Read in __fscache_acquire_volume
+  (jsc#SES-1880).
+- ceph: fix NULL pointer dereference for req->r_session
+  (jsc#SES-1880).
+- ceph: fix a NULL vs IS_ERR() check when calling
+  ceph_lookup_inode() (jsc#SES-1880).
+- ceph: fix incorrectly showing the .snap size for stat
+  (jsc#SES-1880).
+- ceph: fail the open_by_handle_at() if the dentry is being
+  unlinked (jsc#SES-1880).
+- ceph: increment i_version when doing a setattr with caps
+  (jsc#SES-1880).
+- ceph: Use kcalloc for allocating multiple elements
+  (jsc#SES-1880).
+- ceph: no need to wait for transition RDCACHE|RD -> RD
+  (jsc#SES-1880).
+- ceph: fail the request if the peer MDS doesn't support getvxattr
+  op (jsc#SES-1880).
+- ceph: wake up the waiters if any new caps comes (jsc#SES-1880).
+- libceph: drop last_piece flag from ceph_msg_data_cursor
+  (jsc#SES-1880).
+- fscrypt: add fscrypt_context_for_new_inode (jsc#SES-1880).
+- fscrypt: export fscrypt_fname_encrypt and
+  fscrypt_fname_encrypted_size (jsc#SES-1880).
+- commit 941f30a
+
+- blacklist: remove ceph commits from the list
+  aa1d627207ca ("ceph: Use kcalloc for allocating multiple elements")
+  5bd76b8de5b7 ("ceph: fix NULL pointer dereference for req->r_session")
+- commit 54964bf
+
+- x86/hyperv: Add constant HV_ISOLATION_TYPE_TDX (related to bug 1206453 and PED-3247).
+- commit a452b5e
+
+- cachefiles: make on-demand request distribution fairer
+  (jsc#SES-1880).
+- cachefiles: fix error return code in cachefiles_ondemand_copen()
+  (jsc#SES-1880).
+- fscache: fix misdocumented parameter (jsc#SES-1880).
+- libceph: clean up ceph_osdc_start_request prototype
+  (jsc#SES-1880).
+- libceph: fix ceph_pagelist_reserve() comment typo
+  (jsc#SES-1880).
+- ceph: remove useless check for the folio (jsc#SES-1880).
+- ceph: make f_bsize always equal to f_frsize (jsc#SES-1880).
+- ceph: flush the dirty caps immediatelly when quota is
+  approaching (jsc#SES-1880).
+- libceph: print fsid and epoch with osd id (jsc#SES-1880).
+- libceph: check pointer before assigned to "c->rules"
+  (jsc#SES-1880).
+- ceph: don't get the inline data for new creating files
+  (jsc#SES-1880).
+- ceph: update the auth cap when the async create req is forwarded
+  (jsc#SES-1880).
+- ceph: make change_auth_cap_ses a global symbol (jsc#SES-1880).
+- ceph: fix incorrect old_size length in ceph_mds_request_args
+  (jsc#SES-1880).
+- ceph: call netfs_subreq_terminated with was_async == false
+  (jsc#SES-1880).
+- ceph: convert to generic_file_llseek (jsc#SES-1880).
+- ceph: fix the incorrect comment for the ceph_mds_caps struct
+  (jsc#SES-1880).
+- ceph: prevent a client from exceeding the MDS maximum xattr size
+  (jsc#SES-1880).
+- ceph: choose auth MDS for getxattr with the Xs caps
+  (jsc#SES-1880).
+- ceph: add session already open notify support (jsc#SES-1880).
+- commit f01bb22
+
+- ceph: wait for the first reply of inflight async unlink
+  (jsc#SES-1880).
+- Refresh
+  patches.suse/ceph-don-t-truncate-file-in-atomic_open.patch.
+- commit 6774969
+
+- fs/dcache: export d_same_name() helper (jsc#SES-1880).
+- ceph: remove useless CEPHFS_FEATURES_CLIENT_REQUIRED
+  (jsc#SES-1880).
+- fscache: add tracepoint when failing cookie (jsc#SES-1880).
+- fscache: don't leak cookie access refs if invalidation is in
+  progress or failed (jsc#SES-1880).
+- docs: filesystems: update netfs-api.rst reference
+  (jsc#SES-1880).
+- commit d147e79
+
+- fscrypt: add new helper functions for test_dummy_encryption
+  (jsc#SES-1880).
+- fscrypt: factor out fscrypt_policy_to_key_spec() (jsc#SES-1880).
+- commit 5ea3f64
+
+- netfs: do not unlock and put the folio twice (jsc#SES-1880).
+- fscache: Fix invalidation/lookup race (jsc#SES-1880).
+- cachefiles: narrow the scope of flushed requests when releasing
+  fd (jsc#SES-1880).
+- fscache: Introduce fscache_cookie_is_dropped() (jsc#SES-1880).
+- fscache: Fix if condition in fscache_wait_on_volume_collision()
+  (jsc#SES-1880).
+- ceph: wait on async create before checking caps for syncfs
+  (jsc#SES-1880).
+- 9p: fix EBADF errors in cached mode (jsc#SES-1880).
+- netfs: Rename the netfs_io_request cleanup op and give it an
+  op pointer (jsc#SES-1880).
+- ceph: fix decoding of client session messages flags
+  (jsc#SES-1880).
+- ceph: switch TASK_INTERRUPTIBLE to TASK_KILLABLE (jsc#SES-1880).
+- ceph: remove redundant variable ino (jsc#SES-1880).
+- ceph: try to queue a writeback if revoking fails (jsc#SES-1880).
+- ceph: fix statfs for subdir mounts (jsc#SES-1880).
+- ceph: fix possible deadlock when holding Fwb to get inline_data
+  (jsc#SES-1880).
+- ceph: redirty the page for writepage on failure (jsc#SES-1880).
+- ceph: try to choose the auth MDS if possible for getattr
+  (jsc#SES-1880).
+- ceph: disable updating the atime since cephfs won't maintain it
+  (jsc#SES-1880).
+- ceph: flush the mdlog for filesystem sync (jsc#SES-1880).
+- ceph: rename unsafe_request_wait() (jsc#SES-1880).
+- libceph: use swap() macro instead of taking tmp variable
+  (jsc#SES-1880).
+- ceph: fix statx AT_STATX_DONT_SYNC vs AT_STATX_FORCE_SYNC check
+  (jsc#SES-1880).
+- ceph: no need to invalidate the fscache twice (jsc#SES-1880).
+- ceph: replace usage of found with dedicated list iterator
+  variable (jsc#SES-1880).
+- ceph: use dedicated list iterator variable (jsc#SES-1880).
+- ceph: update the dlease for the hashed dentry when removing
+  (jsc#SES-1880).
+- ceph: stop retrying the request when exceeding 256 times
+  (jsc#SES-1880).
+- ceph: stop forwarding the request when exceeding 256 times
+  (jsc#SES-1880).
+- ceph: remove unused CEPH_MDS_LEASE_RELEASE related code
+  (jsc#SES-1880).
+- cachefiles: add tracepoints for on-demand read mode
+  (jsc#SES-1880).
+- cachefiles: enable on-demand read mode (jsc#SES-1880).
+- cachefiles: implement on-demand read (jsc#SES-1880).
+- cachefiles: notify the user daemon when withdrawing cookie
+  (jsc#SES-1880).
+- cachefiles: unbind cachefiles gracefully in on-demand mode
+  (jsc#SES-1880).
+- cachefiles: notify the user daemon when looking up cookie
+  (jsc#SES-1880).
+- cachefiles: extract write routine (jsc#SES-1880).
+- netfs: Eliminate Clang randstruct warning (jsc#SES-1880).
+- commit ce95c8d
+
+- blacklist: removed 1b2ba3c5616e ("ceph: flush the mdlog for filesystem sync")
+- commit 559d59c
+
+- libceph: fix misleading ceph_osdc_cancel_request() comment
+  (jsc#SES-1880).
+- ceph: fix possible NULL pointer dereference for req->r_session
+  (jsc#SES-1880).
+- ceph: remove incorrect session state check (jsc#SES-1880).
+- ceph: get snap_rwsem read lock in handle_cap_export for
+  ceph_add_cap (jsc#SES-1880).
+- libceph: disambiguate cluster/pool full log message
+  (jsc#SES-1880).
+- fscache: remove FSCACHE_OLD_API Kconfig option (jsc#SES-1880).
+- fscache: Use wrapper fscache_set_cache_state() directly when
+  relinquishing (jsc#SES-1880).
+- fscache: Move fscache_cookies_seq_ops specific code under
+  CONFIG_PROC_FS (jsc#SES-1880).
+- fscache: Remove the cookie parameter from
+  fscache_clear_page_bits() (jsc#SES-1880).
+- cachefiles: Fix KASAN slab-out-of-bounds in
+  cachefiles_set_volume_xattr (jsc#SES-1880).
+- cachefiles: unmark inode in use in error path (jsc#SES-1880).
+- netfs: Keep track of the actual remote file size (jsc#SES-1880).
+- netfs: Split some core bits out into their own file
+  (jsc#SES-1880).
+- netfs: Split fs/netfs/read_helper.c (jsc#SES-1880).
+- netfs: Rename read_helper.c to io.c (jsc#SES-1880).
+- netfs: Prepare to split read_helper.c (jsc#SES-1880).
+- netfs: Add a function to consolidate beginning a read
+  (jsc#SES-1880).
+- commit 759f021
+
+- blacklist: removed 7acae6183cf3 ("ceph: fix possible NULL pointer dereference for req->r_session")
+- commit 91f76f5
+
+- netfs: Add a netfs inode context (jsc#SES-1880).
+- Refresh
+  patches.suse/cifs-fix-potential-deadlock-in-direct-reclaim.patch.
+- commit fa3a76d
+
+- ceph: Make ceph_init_request() check caps on readahead
+  (jsc#SES-1880).
+- netfs: Change ->init_request() to return an error code
+  (jsc#SES-1880).
+- netfs: Refactor arguments for netfs_alloc_read_request
+  (jsc#SES-1880).
+- netfs: Adjust the netfs_failure tracepoint to indicate
+  non-subreq lines (jsc#SES-1880).
+- netfs: Trace refcounting on the netfs_io_subrequest struct
+  (jsc#SES-1880).
+- netfs: Trace refcounting on the netfs_io_request struct
+  (jsc#SES-1880).
+- netfs: Adjust the netfs_rreq tracepoint slightly (jsc#SES-1880).
+- netfs: Split netfs_io_* object handling out (jsc#SES-1880).
+- netfs: Finish off rename of netfs_read_request to
+  netfs_io_request (jsc#SES-1880).
+- netfs: Rename netfs_read_*request to netfs_io_*request
+  (jsc#SES-1880).
+- netfs: Generate enums from trace symbol mapping lists
+  (jsc#SES-1880).
+- fscache: export fscache_end_operation() (jsc#SES-1880).
+- afs: Sort out symlink reading (jsc#SES-1880).
+- commit f1d9e86
+
+- ceph: uninitialized variable in debug output (jsc#SES-1880).
+- ceph: use tracked average r/w/m latencies to display metrics
+  in debugfs (jsc#SES-1880).
+- ceph: include average/stdev r/w/m latency in mds metrics
+  (jsc#SES-1880).
+- ceph: track average r/w/m latency (jsc#SES-1880).
+- ceph: use ktime_to_timespec64() rather than
+  jiffies_to_timespec64() (jsc#SES-1880).
+- ceph: assign the ci only when the inode isn't NULL
+  (jsc#SES-1880).
+- commit 7f5eb5f
+
+- ceph: misc fix for code style and logs (jsc#SES-1880).
+- Refresh
+  patches.suse/ceph-avoid-putting-the-realm-twice-when-decoding-snaps-fails.patch.
+- commit 915976e
+
+- ceph: allocate capsnap memory outside of ceph_queue_cap_snap()
+  (jsc#SES-1880).
+- ceph: do not release the global snaprealm until unmounting
+  (jsc#SES-1880).
+- ceph: remove incorrect and unused CEPH_INO_DOTDOT macro
+  (jsc#SES-1880).
+- ceph: eliminate the recursion when rebuilding the snap context
+  (jsc#SES-1880).
+- ceph: zero the dir_entries memory when allocating it
+  (jsc#SES-1880).
+- ceph: move to a dedicated slabcache for ceph_cap_snap
+  (jsc#SES-1880).
+- ceph: add getvxattr op (jsc#SES-1880).
+- libceph: drop else branches in prepare_read_data{,_cont}
+  (jsc#SES-1880).
+- ceph: fix comments mentioning i_mutex (jsc#SES-1880).
+- ceph: fail the request directly if handle_reply gets an ESTALE
+  (jsc#SES-1880).
+- ceph: wake waiters after failed async create (jsc#SES-1880).
+- ceph: wait for async create reply before sending any cap
+  messages (jsc#SES-1880).
+- ceph: eliminate req->r_wait_for_completion from ceph_mds_request
+  (jsc#SES-1880).
+- ceph: uninline the data on a file opened for writing
+  (jsc#SES-1880).
+- ceph: make ceph_netfs_issue_op() handle inlined data
+  (jsc#SES-1880).
+- commit 4f1bb1d
+
+- cifs: Fix the readahead conversion to manage the batch when
+  reading from cache (jsc#SES-1880).
+- cifs: Implement cache I/O by accessing the cache directly
+  (jsc#SES-1880).
+- commit aeedd18
+
+- cifs: Transition from ->readpages() to ->readahead()
+  (jsc#SES-1880).
+- Refresh patches.suse/Adjust-cifssb-maximum-read-size.patch.
+- commit 9ab1e02
+
+- Update config files.
+  New config option CONFIG_CACHEFILES_ERROR_INJECTION.
+- commit c7f3506
+
+- cifs: Support fscache indexing rewrite (jsc#SES-1880).
+- Refresh
+  patches.suse/cifs-Add-constructor-destructors-for-tcon-cfid.patch.
+- Refresh
+  patches.suse/cifs-Make-tcon-contain-a-wrapper-structure-cached_fids-instead-of-c.patch.
+- Refresh
+  patches.suse/cifs-Move-cached-dir-functions-into-a-separate-file.patch.
+- Refresh
+  patches.suse/cifs-remove-cifs_-prefix-from-init-destroy-mids-functions.patch.
+- Refresh
+  patches.suse/cifs-replace-kfree-with-kfree_sensitive-for-sensitive-data.patch.
+- Refresh
+  patches.suse/cifs-split-out-ses-and-tcon-retrieval-from-mount_get_conns-.patch.
+- Refresh
+  patches.suse/cifs-when-insecure-legacy-is-disabled-shrink-amount-of-SMB1-code.patch.
+- Refresh patches.suse/cifs-writeback-fix.patch.
+- Refresh
+  patches.suse/smb3-add-dynamic-trace-points-for-tree-disconnect.patch.
+- commit aba9248
+
+- cachefiles: Fix volume coherency attribute (jsc#SES-1880).
+- cachefiles: Fix incorrect length to fallocate() (jsc#SES-1880).
+- libceph: optionally use bounce buffer on recv path in crc mode
+  (jsc#SES-1880).
+- libceph: make recv path in secure mode work the same as send
+  path (jsc#SES-1880).
+- netfs, cachefiles: Add a method to query presence of data in
+  the cache (jsc#SES-1880).
+- ceph: put the requests/sessions when it fails to alloc memory
+  (jsc#SES-1880).
+- netfs: Make ops->init_rreq() optional (jsc#SES-1880).
+- fscache: Add a comment explaining how page-release optimisation
+  works (jsc#SES-1880).
+- cachefiles: Check that the backing filesystem supports tmpfiles
+  (jsc#SES-1880).
+- cachefiles: Explain checks in a comment (jsc#SES-1880).
+- cachefiles: Trace active-mark failure (jsc#SES-1880).
+- cachefiles: Make some tracepoint adjustments (jsc#SES-1880).
+- cachefiles: set default tag name if it's unspecified
+  (jsc#SES-1880).
+- cachefiles: Calculate the blockshift in terms of bytes, not
+  pages (jsc#SES-1880).
+- fscache: Fix the volume collision wait condition (jsc#SES-1880).
+- ceph: move CEPH_SUPER_MAGIC definition to magic.h
+  (jsc#SES-1880).
+- ceph: remove redundant Lsx caps check (jsc#SES-1880).
+- ceph: add new "nopagecache" option (jsc#SES-1880).
+- ceph: don't check for quotas on MDS stray dirs (jsc#SES-1880).
+- ceph: drop send metrics debug message (jsc#SES-1880).
+- rbd: make const pointer spaces a static const array
+  (jsc#SES-1880).
+- ceph: Fix incorrect statfs report for small quota
+  (jsc#SES-1880).
+- ceph: mount syntax module parameter (jsc#SES-1880).
+- ceph: record updated mon_addr on remount (jsc#SES-1880).
+- ceph: new device mount syntax (jsc#SES-1880).
+- libceph: rename parse_fsid() to ceph_parse_fsid() and export
+  (jsc#SES-1880).
+- libceph: generalize addr/ip parsing based on delimiter
+  (jsc#SES-1880).
+- 9p: fix enodata when reading growing file (jsc#SES-1880).
+- 9p, afs, ceph, nfs: Use current_is_kswapd() rather than
+  gfpflags_allow_blocking() (jsc#SES-1880).
+- fscache: Add a tracepoint for cookie use/unuse (jsc#SES-1880).
+- ceph: add fscache writeback support (jsc#SES-1880).
+- ceph: conversion to new fscache API (jsc#SES-1880).
+- nfs: Implement cache I/O by accessing the cache directly
+  (jsc#SES-1880).
+- commit 74173ff
+
+- blacklist: drop ceph commit
+- commit ba2e082
+
+- nfs: Convert to new fscache volume/cookie API (jsc#SES-1880).
+- Refresh
+  patches.suse/0001-NFS-flush-out-dirty-data-on-file-fput.patch.
+- commit afbd263
+
+- 9p: Copy local writes to the cache when writing to the server
+  (jsc#SES-1880).
+- commit 505ae37
+
+- 9p: Use fscache indexing rewrite and reenable caching
+  (jsc#SES-1880).
+- afs: Skip truncation on the server of data we haven't written
+  yet (jsc#SES-1880).
+- afs: Copy local writes to the cache when writing to the server
+  (jsc#SES-1880).
+- afs: Convert afs to use the new fscache API (jsc#SES-1880).
+- fscache, cachefiles: Display stat of culling events
+  (jsc#SES-1880).
+- fscache, cachefiles: Display stats of no-space events
+  (jsc#SES-1880).
+- cachefiles: Allow cachefiles to actually function
+  (jsc#SES-1880).
+- fscache, cachefiles: Store the volume coherency data
+  (jsc#SES-1880).
+- cachefiles: Implement the I/O routines (jsc#SES-1880).
+- cachefiles: Implement cookie resize for truncate (jsc#SES-1880).
+- cachefiles: Implement begin and end I/O operation
+  (jsc#SES-1880).
+- cachefiles: Implement backing file wrangling (jsc#SES-1880).
+- cachefiles: Implement culling daemon commands (jsc#SES-1880).
+- cachefiles: Mark a backing file in use with an inode flag
+  (jsc#SES-1880).
+- cachefiles: Implement metadata/coherency data storage in xattrs
+  (jsc#SES-1880).
+- cachefiles: Implement key to filename encoding (jsc#SES-1880).
+- cachefiles: Implement object lifecycle funcs (jsc#SES-1880).
+- cachefiles: Add tracepoints for calls to the VFS (jsc#SES-1880).
+- cachefiles: Implement volume support (jsc#SES-1880).
+- cachefiles: Implement cache registration and withdrawal
+  (jsc#SES-1880).
+- cachefiles: Implement a function to get/create a directory in
+  the cache (jsc#SES-1880).
+- vfs, cachefiles: Mark a backing file in use with an inode flag
+  (jsc#SES-1880).
+- cachefiles: Provide a function to check how much space there is
+  (jsc#SES-1880).
+- cachefiles: Register a miscdev and parse commands over it
+  (jsc#SES-1880).
+- cachefiles: Add security derivation (jsc#SES-1880).
+- cachefiles: Add cache error reporting macro (jsc#SES-1880).
+- cachefiles: Add a couple of tracepoints for logging errors
+  (jsc#SES-1880).
+- cachefiles: Add some error injection support (jsc#SES-1880).
+- cachefiles: Define structs (jsc#SES-1880).
+- cachefiles: Introduce rewritten driver (jsc#SES-1880).
+- fscache: Provide a function to resize a cookie (jsc#SES-1880).
+- fscache: Provide a function to note the release of a page
+  (jsc#SES-1880).
+- vfs, fscache: Implement pinning of cache usage for writeback
+  (jsc#SES-1880).
+- fscache: Implement higher-level write I/O interface
+  (jsc#SES-1880).
+- fscache: Implement raw I/O interface (jsc#SES-1880).
+- netfs: Pass more information on how to deal with a hole in
+  the cache (jsc#SES-1880).
+- fscache: Provide a function to let the netfs update its
+  coherency data (jsc#SES-1880).
+- fscache: Provide read/write stat counters for the cache
+  (jsc#SES-1880).
+- fscache: Count data storage objects in a cache (jsc#SES-1880).
+- fscache: Provide a means to begin an operation (jsc#SES-1880).
+- fscache: Implement cookie invalidation (jsc#SES-1880).
+- fscache: Implement cookie user counting and resource pinning
+  (jsc#SES-1880).
+- fscache: Implement simple cookie state machine (jsc#SES-1880).
+- fscache: Add a function for a cache backend to note an I/O error
+  (jsc#SES-1880).
+- fscache: Provide and use cache methods to lookup/create/free
+  a volume (jsc#SES-1880).
+- fscache: Implement functions add/remove a cache (jsc#SES-1880).
+- fscache: Implement cookie-level access helpers (jsc#SES-1880).
+- fscache: Implement volume-level access helpers (jsc#SES-1880).
+- fscache: Implement cache-level access helpers (jsc#SES-1880).
+- fscache: Implement cookie registration (jsc#SES-1880).
+- fscache: Implement volume registration (jsc#SES-1880).
+- fscache: Implement cache registration (jsc#SES-1880).
+- fscache: Implement a hash function (jsc#SES-1880).
+- fscache: Introduce new driver (jsc#SES-1880).
+- netfs: Pass a flag to ->prepare_write() to say if there's no
+  alloc'd space (jsc#SES-1880).
+- netfs: Display the netfs inode number in the netfs_read
+  tracepoint (jsc#SES-1880).
+- fscache: Remove the contents of the fscache driver, pending
+  rewrite (jsc#SES-1880).
+- cachefiles: Delete the cachefiles driver pending rewrite
+  (jsc#SES-1880).
+- fscache, cachefiles: Disable configuration (jsc#SES-1880).
+- fs: add is_idmapped_mnt() helper (jsc#SES-1880).
+- NFS: Remove unnecessary TRACE_DEFINE_ENUM()s (jsc#SES-1880).
+- NFS: Always provide aligned buffers to the RPC read layers
+  (jsc#SES-1880).
+- commit 50c0425
+
+- 9p: Convert to using the netfs helper lib to do reads and
+  caching (jsc#SES-1880).
+- commit 9285dce
+
+- ceph: initialize i_size variable in ceph_sync_read
+  (jsc#SES-1880).
+- netfs: fix parameter of cleanup() (jsc#SES-1880).
+- netfs: Fix lockdep warning from taking sb_writers whilst
+  holding mmap_lock (jsc#SES-1880).
+- ceph: add a new metric to keep track of remote object copies
+  (jsc#SES-1880).
+- libceph, ceph: move ceph_osdc_copy_from() into cephfs code
+  (jsc#SES-1880).
+- ceph: clean-up metrics data structures to reduce code
+  duplication (jsc#SES-1880).
+- ceph: split 'metric' debugfs file into several files
+  (jsc#SES-1880).
+- ceph: return the real size read when it hits EOF (jsc#SES-1880).
+- ceph: shut down mount on bad mdsmap or fsmap decode
+  (jsc#SES-1880).
+- ceph: fix mdsmap decode when there are MDS's beyond max_mds
+  (jsc#SES-1880).
+- ceph: ignore the truncate when size won't change with Fx caps
+  issued (jsc#SES-1880).
+- ceph: don't rely on error_string to validate blocklisted session
+  (jsc#SES-1880).
+- ceph: just use ci->i_version for fscache aux info
+  (jsc#SES-1880).
+- ceph: shut down access to inode when async create fails
+  (jsc#SES-1880).
+- ceph: refactor remove_session_caps_cb (jsc#SES-1880).
+- ceph: fix auth cap handling logic in remove_session_caps_cb
+  (jsc#SES-1880).
+- ceph: drop private list from remove_session_caps_cb
+  (jsc#SES-1880).
+- ceph: don't use -ESTALE as special return code in
+  try_get_cap_refs (jsc#SES-1880).
+- ceph: print inode numbers instead of pointer values
+  (jsc#SES-1880).
+- ceph: enable async dirops by default (jsc#SES-1880).
+- libceph: drop ->monmap and err initialization (jsc#SES-1880).
+- ceph: convert to noop_direct_IO (jsc#SES-1880).
+- fscache_cookie_enabled: check cookie is valid before accessing
+  it (jsc#SES-1880).
+- commit f5f0829
+
+- blacklist: remove 89d43d0551a8 ("ceph: put the requests/sessions when it fails to alloc memory")
+- commit 46eecd9
+
+- ceph: fix off by one bugs in unsafe_request_wait()
+  (jsc#SES-1880).
+- ceph: drop the mdsc_get_session/put_session dout messages
+  (jsc#SES-1880).
+- ceph: don't WARN if we're forcibly removing the session caps
+  (jsc#SES-1880).
+- ceph: don't WARN if we're force umounting (jsc#SES-1880).
+- ceph: reconnect to the export targets on new mdsmaps
+  (jsc#SES-1880).
+- ceph: print more information when we can't find snaprealm
+  (jsc#SES-1880).
+- ceph: add ceph_change_snap_realm() helper (jsc#SES-1880).
+- ceph: remove redundant initializations from mdsc and session
+  (jsc#SES-1880).
+- ceph: add a new vxattr to return auth mds for an inode
+  (jsc#SES-1880).
+- ceph: remove some defunct forward declarations (jsc#SES-1880).
+- ceph: flush the mdlog before waiting on unsafe reqs
+  (jsc#SES-1880).
+- ceph: flush mdlog before umounting (jsc#SES-1880).
+- ceph: make iterate_sessions a global symbol (jsc#SES-1880).
+- ceph: make ceph_create_session_msg a global symbol
+  (jsc#SES-1880).
+- ceph: fix comment about short copies in ceph_write_end
+  (jsc#SES-1880).
+- commit 4e12f60
+
+- fscache: Remove an unused static variable (jsc#SES-1880).
+- fscache: Fix some kerneldoc warnings shown up by W=1
+  (jsc#SES-1880).
+- cachefiles: Use file_inode() rather than accessing ->f_inode
+  (jsc#SES-1880).
+- netfs: Move cookie debug ID to struct netfs_cache_resources
+  (jsc#SES-1880).
+- fscache: Select netfs stats if fscache stats are enabled
+  (jsc#SES-1880).
+- commit bbdc82f
+
kernel-source
+- powerpc/64s: Make POWER10 and later use pause_short in cpu_relax
+  loops (bsc#1208376 ltc#201076).
+- powerpc: add ISA v3.0 / v3.1 wait opcode macro (bsc#1208376
+  ltc#201076).
+- commit 2a06230
+
+- ibmvnic: Assign XPS map to correct queue index (bsc#1208757
+  ltc#201720 jsc#PED-2322 git-fixes).
+- commit be76316
+
+- Update
+  patches.suse/usb-dwc3-dwc3-qcom-Add-missing-platform_device_put-i.patch
+  (bsc#1208741 CVE-2023-22995).
+  Added CVE reference for fix already present
+- commit 80a158a
+
+- loop: fix ioctl calls using compat_loop_info (bsc#1207333).
+- commit 11a60da
+
+- Add missing s390 vfio patch hunk (bsc#1208565 ltc#201535).
+- Refresh patches.suse/vfio-simplify-iommu-group-allocation-for-mediated-devices.
+- Refresh patches.suse/s390-vfio-ap-prepare-for-dynamic-update-of-guest-s-APCB-on-queue.
+- Refresh patches.suse/s390-vfio-ap-rename-matrix_dev-lock-mutex-to-matrix_dev-mdevs_lo.
+- commit 43ce0be
+
+- Update kabi files.
+  Based on PublicBeta-202302 ISO, kernel 5.14.21-150500.40.1
+- commit 2b36ed6
+
+- Update
+  patches.suse/usb-rndis_host-Secure-rndis_query-check-against-int-.patch
+  (CVE-2023-23559 bsc#1207051).
+  Added CVE reference to existing fix
+- commit af8ad62
+
+- Update kabi files.
+  Add arm64 64kb flavor, based on daily build 5.14.21-150500.9.1.g9b76281.aarch64.rpm
+- commit 2a6f1f8
+
+- Fix page corruption caused by racy check in __free_pages
+  (bsc#1208149).
+- commit 4cd4141
+
+- ipmi:ssif: Add a timer between request retries (bsc#1206459).
+- ipmi:ssif: Remove rtc_us_timer (bsc#1206459).
+- ipmi_ssif: Rename idle state and check (bsc#1206459).
+- ipmi:ssif: resend_msg() cannot fail (bsc#1206459).
+- commit b0ebf1b
+
+- Delete
+  patches.suse/ipmi-ssif-Add-60ms-time-internal-between-write-retri.patch.
+- commit 8704cd7
+
+- drm/i915/dg2: Drop force_probe requirement (bsc#1208203
+  jsc#PED-1218).
+- commit 4a027ed
+
+- module: Don't wait for GOING modules (bsc#1196058, bsc#1186449,
+  bsc#1204356, bsc#1204662).
+- commit 4544b7b
+
kernel-source-azure
+- Update kabi files.
+  Add arm64 64kb flavor, based on daily build 5.14.21-150500.9.1.g9b76281.aarch64.rpm
+- commit 2a6f1f8
+
+- Fix page corruption caused by racy check in __free_pages
+  (bsc#1208149).
+- commit 4cd4141
+
+- ipmi:ssif: Add a timer between request retries (bsc#1206459).
+- ipmi:ssif: Remove rtc_us_timer (bsc#1206459).
+- ipmi_ssif: Rename idle state and check (bsc#1206459).
+- ipmi:ssif: resend_msg() cannot fail (bsc#1206459).
+- commit b0ebf1b
+
+- Delete
+  patches.suse/ipmi-ssif-Add-60ms-time-internal-between-write-retri.patch.
+- commit 8704cd7
+
+- drm/i915/dg2: Drop force_probe requirement (bsc#1208203
+  jsc#PED-1218).
+- commit 4a027ed
+
+- module: Don't wait for GOING modules (bsc#1196058, bsc#1186449,
+  bsc#1204356, bsc#1204662).
+- commit 4544b7b
+
+- aquantia: Do not purge addresses when setting the number of
+  rings (jsc#PED-1530).
+- commit 39a03b2
+
+- net: atlantic: macsec: clear encryption keys from the stack
+  (jsc#PED-1530).
+- commit 643f719
+
+- atlantic: fix deadlock at aq_nic_stop (jsc#PED-1530).
+- commit 4a9a64f
+
+- net: atlantic: fix potential memory leak in aq_ndev_close()
+  (jsc#PED-1530).
+- commit 719db2f
+
+- net: atlantic: remove aq_nic_deinit() when resume
+  (jsc#PED-1530).
+- commit ff2f581
+
+- net: atlantic: remove deep parameter on suspend/resume functions
+  (jsc#PED-1530).
+- commit 9e96b4d
+
+- net: atlantic:fix repeated words in comments (jsc#PED-1530).
+- commit d6d4ffb
+
+- net: atlantic: verify hw_head_ lies within TX buffer ring
+  (jsc#PED-1530).
+- commit 7059ede
+
+- net: atlantic: add check for MAX_SKB_FRAGS (jsc#PED-1530).
+- commit e719b81
+
+- net: atlantic: reduce scope of is_rsc_complete (jsc#PED-1530).
+- commit b04c254
+
+- net: atlantic: fix "frag[0] not initialized" (jsc#PED-1530).
+- commit 0263576
+
+- Update
+  patches.suse/net-sched-cbq-dont-intepret-cls-results-when-asked-t.patch
+  (bsc#1207361 bsc#1207036 CVE-2023-23454).
+- commit 521fdca
+
+- Update
+  patches.suse/net-sched-atm-dont-intepret-cls-results-when-asked-t.patch
+  (bsc#1207361 bc#1207125 CVE-2023-23455).
+- commit c8b6243
+
+- io_uring/poll: fix poll_refs race with cancelation (bsc#1207511
+  CVE-2023-0468).
+- io_uring: make poll refs more robust (bsc#1207511
+  CVE-2023-0468).
+- io_uring: cmpxchg for poll arm refs release (bsc#1207511
+  CVE-2023-0468).
+- io_uring: fix tw losing poll events (bsc#1207511 CVE-2023-0468).
+- io_uring: update res mask in io_poll_check_events (bsc#1207511
+  CVE-2023-0468).
+- commit 4fe9bfe
+
+- io_uring: pass in EPOLL_URING_WAKE for eventfd signaling and
+  wakeups (bsc#1207100).
+- eventfd: provide a eventfd_signal_mask() helper (bsc#1207100).
+- eventpoll: add EPOLL_URING_WAKE poll wakeup flag (bsc#1207100).
+- commit 9e5a117
+
+- fbdev: Fix invalid page access after closing deferred I/O
+  devices (bsc#1207284).
+- commit 6a8d940
+
+- ipmi:ssif: Add 60ms time internal between write retries
+  (bsc#1206459).
+- ipmi:ssif: Increase the message retry time (bsc#1206459).
+- commit 14626c0
+
+- ibmvnic: Toggle between queue types in affinity mapping
+  (jsc#PED-2322).
+- commit 03b696f
+
+- Update config files.
+  New config option CONFIG_CACHEFILES_ONDEMAND.
+- commit ef23649
+
+- fs: change test in inode_insert5 for adding to the sb list
+  (jsc#SES-1880).
+- commit 6570d82
+
+- fscache: Fix oops due to race with cookie_lru and use_cookie
+  (jsc#SES-1880).
+- fscache: fix OOB Read in __fscache_acquire_volume
+  (jsc#SES-1880).
+- ceph: fix NULL pointer dereference for req->r_session
+  (jsc#SES-1880).
+- ceph: fix a NULL vs IS_ERR() check when calling
+  ceph_lookup_inode() (jsc#SES-1880).
+- ceph: fix incorrectly showing the .snap size for stat
+  (jsc#SES-1880).
+- ceph: fail the open_by_handle_at() if the dentry is being
+  unlinked (jsc#SES-1880).
+- ceph: increment i_version when doing a setattr with caps
+  (jsc#SES-1880).
+- ceph: Use kcalloc for allocating multiple elements
+  (jsc#SES-1880).
+- ceph: no need to wait for transition RDCACHE|RD -> RD
+  (jsc#SES-1880).
+- ceph: fail the request if the peer MDS doesn't support getvxattr
+  op (jsc#SES-1880).
+- ceph: wake up the waiters if any new caps comes (jsc#SES-1880).
+- libceph: drop last_piece flag from ceph_msg_data_cursor
+  (jsc#SES-1880).
+- fscrypt: add fscrypt_context_for_new_inode (jsc#SES-1880).
+- fscrypt: export fscrypt_fname_encrypt and
+  fscrypt_fname_encrypted_size (jsc#SES-1880).
+- commit 941f30a
+
+- blacklist: remove ceph commits from the list
+  aa1d627207ca ("ceph: Use kcalloc for allocating multiple elements")
+  5bd76b8de5b7 ("ceph: fix NULL pointer dereference for req->r_session")
+- commit 54964bf
+
+- x86/hyperv: Add constant HV_ISOLATION_TYPE_TDX (related to bug 1206453 and PED-3247).
+- commit a452b5e
+
+- cachefiles: make on-demand request distribution fairer
+  (jsc#SES-1880).
+- cachefiles: fix error return code in cachefiles_ondemand_copen()
+  (jsc#SES-1880).
+- fscache: fix misdocumented parameter (jsc#SES-1880).
+- libceph: clean up ceph_osdc_start_request prototype
+  (jsc#SES-1880).
+- libceph: fix ceph_pagelist_reserve() comment typo
+  (jsc#SES-1880).
+- ceph: remove useless check for the folio (jsc#SES-1880).
+- ceph: make f_bsize always equal to f_frsize (jsc#SES-1880).
+- ceph: flush the dirty caps immediatelly when quota is
+  approaching (jsc#SES-1880).
+- libceph: print fsid and epoch with osd id (jsc#SES-1880).
+- libceph: check pointer before assigned to "c->rules"
+  (jsc#SES-1880).
+- ceph: don't get the inline data for new creating files
+  (jsc#SES-1880).
+- ceph: update the auth cap when the async create req is forwarded
+  (jsc#SES-1880).
+- ceph: make change_auth_cap_ses a global symbol (jsc#SES-1880).
+- ceph: fix incorrect old_size length in ceph_mds_request_args
+  (jsc#SES-1880).
+- ceph: call netfs_subreq_terminated with was_async == false
+  (jsc#SES-1880).
+- ceph: convert to generic_file_llseek (jsc#SES-1880).
+- ceph: fix the incorrect comment for the ceph_mds_caps struct
+  (jsc#SES-1880).
+- ceph: prevent a client from exceeding the MDS maximum xattr size
+  (jsc#SES-1880).
+- ceph: choose auth MDS for getxattr with the Xs caps
+  (jsc#SES-1880).
+- ceph: add session already open notify support (jsc#SES-1880).
+- commit f01bb22
+
+- ceph: wait for the first reply of inflight async unlink
+  (jsc#SES-1880).
+- Refresh
+  patches.suse/ceph-don-t-truncate-file-in-atomic_open.patch.
+- commit 6774969
+
+- fs/dcache: export d_same_name() helper (jsc#SES-1880).
+- ceph: remove useless CEPHFS_FEATURES_CLIENT_REQUIRED
+  (jsc#SES-1880).
+- fscache: add tracepoint when failing cookie (jsc#SES-1880).
+- fscache: don't leak cookie access refs if invalidation is in
+  progress or failed (jsc#SES-1880).
+- docs: filesystems: update netfs-api.rst reference
+  (jsc#SES-1880).
+- commit d147e79
+
+- fscrypt: add new helper functions for test_dummy_encryption
+  (jsc#SES-1880).
+- fscrypt: factor out fscrypt_policy_to_key_spec() (jsc#SES-1880).
+- commit 5ea3f64
+
+- netfs: do not unlock and put the folio twice (jsc#SES-1880).
+- fscache: Fix invalidation/lookup race (jsc#SES-1880).
+- cachefiles: narrow the scope of flushed requests when releasing
+  fd (jsc#SES-1880).
+- fscache: Introduce fscache_cookie_is_dropped() (jsc#SES-1880).
+- fscache: Fix if condition in fscache_wait_on_volume_collision()
+  (jsc#SES-1880).
+- ceph: wait on async create before checking caps for syncfs
+  (jsc#SES-1880).
+- 9p: fix EBADF errors in cached mode (jsc#SES-1880).
+- netfs: Rename the netfs_io_request cleanup op and give it an
+  op pointer (jsc#SES-1880).
+- ceph: fix decoding of client session messages flags
+  (jsc#SES-1880).
+- ceph: switch TASK_INTERRUPTIBLE to TASK_KILLABLE (jsc#SES-1880).
+- ceph: remove redundant variable ino (jsc#SES-1880).
+- ceph: try to queue a writeback if revoking fails (jsc#SES-1880).
+- ceph: fix statfs for subdir mounts (jsc#SES-1880).
+- ceph: fix possible deadlock when holding Fwb to get inline_data
+  (jsc#SES-1880).
+- ceph: redirty the page for writepage on failure (jsc#SES-1880).
+- ceph: try to choose the auth MDS if possible for getattr
+  (jsc#SES-1880).
+- ceph: disable updating the atime since cephfs won't maintain it
+  (jsc#SES-1880).
+- ceph: flush the mdlog for filesystem sync (jsc#SES-1880).
+- ceph: rename unsafe_request_wait() (jsc#SES-1880).
+- libceph: use swap() macro instead of taking tmp variable
+  (jsc#SES-1880).
+- ceph: fix statx AT_STATX_DONT_SYNC vs AT_STATX_FORCE_SYNC check
+  (jsc#SES-1880).
+- ceph: no need to invalidate the fscache twice (jsc#SES-1880).
+- ceph: replace usage of found with dedicated list iterator
+  variable (jsc#SES-1880).
+- ceph: use dedicated list iterator variable (jsc#SES-1880).
+- ceph: update the dlease for the hashed dentry when removing
+  (jsc#SES-1880).
+- ceph: stop retrying the request when exceeding 256 times
+  (jsc#SES-1880).
+- ceph: stop forwarding the request when exceeding 256 times
+  (jsc#SES-1880).
+- ceph: remove unused CEPH_MDS_LEASE_RELEASE related code
+  (jsc#SES-1880).
+- cachefiles: add tracepoints for on-demand read mode
+  (jsc#SES-1880).
+- cachefiles: enable on-demand read mode (jsc#SES-1880).
+- cachefiles: implement on-demand read (jsc#SES-1880).
+- cachefiles: notify the user daemon when withdrawing cookie
+  (jsc#SES-1880).
+- cachefiles: unbind cachefiles gracefully in on-demand mode
+  (jsc#SES-1880).
+- cachefiles: notify the user daemon when looking up cookie
+  (jsc#SES-1880).
+- cachefiles: extract write routine (jsc#SES-1880).
+- netfs: Eliminate Clang randstruct warning (jsc#SES-1880).
+- commit ce95c8d
+
+- blacklist: removed 1b2ba3c5616e ("ceph: flush the mdlog for filesystem sync")
+- commit 559d59c
+
+- libceph: fix misleading ceph_osdc_cancel_request() comment
+  (jsc#SES-1880).
+- ceph: fix possible NULL pointer dereference for req->r_session
+  (jsc#SES-1880).
+- ceph: remove incorrect session state check (jsc#SES-1880).
+- ceph: get snap_rwsem read lock in handle_cap_export for
+  ceph_add_cap (jsc#SES-1880).
+- libceph: disambiguate cluster/pool full log message
+  (jsc#SES-1880).
+- fscache: remove FSCACHE_OLD_API Kconfig option (jsc#SES-1880).
+- fscache: Use wrapper fscache_set_cache_state() directly when
+  relinquishing (jsc#SES-1880).
+- fscache: Move fscache_cookies_seq_ops specific code under
+  CONFIG_PROC_FS (jsc#SES-1880).
+- fscache: Remove the cookie parameter from
+  fscache_clear_page_bits() (jsc#SES-1880).
+- cachefiles: Fix KASAN slab-out-of-bounds in
+  cachefiles_set_volume_xattr (jsc#SES-1880).
+- cachefiles: unmark inode in use in error path (jsc#SES-1880).
+- netfs: Keep track of the actual remote file size (jsc#SES-1880).
+- netfs: Split some core bits out into their own file
+  (jsc#SES-1880).
+- netfs: Split fs/netfs/read_helper.c (jsc#SES-1880).
+- netfs: Rename read_helper.c to io.c (jsc#SES-1880).
+- netfs: Prepare to split read_helper.c (jsc#SES-1880).
+- netfs: Add a function to consolidate beginning a read
+  (jsc#SES-1880).
+- commit 759f021
+
+- blacklist: removed 7acae6183cf3 ("ceph: fix possible NULL pointer dereference for req->r_session")
+- commit 91f76f5
+
+- netfs: Add a netfs inode context (jsc#SES-1880).
+- Refresh
+  patches.suse/cifs-fix-potential-deadlock-in-direct-reclaim.patch.
+- commit fa3a76d
+
+- ceph: Make ceph_init_request() check caps on readahead
+  (jsc#SES-1880).
+- netfs: Change ->init_request() to return an error code
+  (jsc#SES-1880).
+- netfs: Refactor arguments for netfs_alloc_read_request
+  (jsc#SES-1880).
+- netfs: Adjust the netfs_failure tracepoint to indicate
+  non-subreq lines (jsc#SES-1880).
+- netfs: Trace refcounting on the netfs_io_subrequest struct
+  (jsc#SES-1880).
+- netfs: Trace refcounting on the netfs_io_request struct
+  (jsc#SES-1880).
+- netfs: Adjust the netfs_rreq tracepoint slightly (jsc#SES-1880).
+- netfs: Split netfs_io_* object handling out (jsc#SES-1880).
+- netfs: Finish off rename of netfs_read_request to
+  netfs_io_request (jsc#SES-1880).
+- netfs: Rename netfs_read_*request to netfs_io_*request
+  (jsc#SES-1880).
+- netfs: Generate enums from trace symbol mapping lists
+  (jsc#SES-1880).
+- fscache: export fscache_end_operation() (jsc#SES-1880).
+- afs: Sort out symlink reading (jsc#SES-1880).
+- commit f1d9e86
+
+- ceph: uninitialized variable in debug output (jsc#SES-1880).
+- ceph: use tracked average r/w/m latencies to display metrics
+  in debugfs (jsc#SES-1880).
+- ceph: include average/stdev r/w/m latency in mds metrics
+  (jsc#SES-1880).
+- ceph: track average r/w/m latency (jsc#SES-1880).
+- ceph: use ktime_to_timespec64() rather than
+  jiffies_to_timespec64() (jsc#SES-1880).
+- ceph: assign the ci only when the inode isn't NULL
+  (jsc#SES-1880).
+- commit 7f5eb5f
+
+- ceph: misc fix for code style and logs (jsc#SES-1880).
+- Refresh
+  patches.suse/ceph-avoid-putting-the-realm-twice-when-decoding-snaps-fails.patch.
+- commit 915976e
+
+- ceph: allocate capsnap memory outside of ceph_queue_cap_snap()
+  (jsc#SES-1880).
+- ceph: do not release the global snaprealm until unmounting
+  (jsc#SES-1880).
+- ceph: remove incorrect and unused CEPH_INO_DOTDOT macro
+  (jsc#SES-1880).
+- ceph: eliminate the recursion when rebuilding the snap context
+  (jsc#SES-1880).
+- ceph: zero the dir_entries memory when allocating it
+  (jsc#SES-1880).
+- ceph: move to a dedicated slabcache for ceph_cap_snap
+  (jsc#SES-1880).
+- ceph: add getvxattr op (jsc#SES-1880).
+- libceph: drop else branches in prepare_read_data{,_cont}
+  (jsc#SES-1880).
+- ceph: fix comments mentioning i_mutex (jsc#SES-1880).
+- ceph: fail the request directly if handle_reply gets an ESTALE
+  (jsc#SES-1880).
+- ceph: wake waiters after failed async create (jsc#SES-1880).
+- ceph: wait for async create reply before sending any cap
+  messages (jsc#SES-1880).
+- ceph: eliminate req->r_wait_for_completion from ceph_mds_request
+  (jsc#SES-1880).
+- ceph: uninline the data on a file opened for writing
+  (jsc#SES-1880).
+- ceph: make ceph_netfs_issue_op() handle inlined data
+  (jsc#SES-1880).
+- commit 4f1bb1d
+
+- cifs: Fix the readahead conversion to manage the batch when
+  reading from cache (jsc#SES-1880).
+- cifs: Implement cache I/O by accessing the cache directly
+  (jsc#SES-1880).
+- commit aeedd18
+
+- cifs: Transition from ->readpages() to ->readahead()
+  (jsc#SES-1880).
+- Refresh patches.suse/Adjust-cifssb-maximum-read-size.patch.
+- commit 9ab1e02
+
+- Update config files.
+  New config option CONFIG_CACHEFILES_ERROR_INJECTION.
+- commit c7f3506
+
+- cifs: Support fscache indexing rewrite (jsc#SES-1880).
+- Refresh
+  patches.suse/cifs-Add-constructor-destructors-for-tcon-cfid.patch.
+- Refresh
+  patches.suse/cifs-Make-tcon-contain-a-wrapper-structure-cached_fids-instead-of-c.patch.
+- Refresh
+  patches.suse/cifs-Move-cached-dir-functions-into-a-separate-file.patch.
+- Refresh
+  patches.suse/cifs-remove-cifs_-prefix-from-init-destroy-mids-functions.patch.
+- Refresh
+  patches.suse/cifs-replace-kfree-with-kfree_sensitive-for-sensitive-data.patch.
+- Refresh
+  patches.suse/cifs-split-out-ses-and-tcon-retrieval-from-mount_get_conns-.patch.
+- Refresh
+  patches.suse/cifs-when-insecure-legacy-is-disabled-shrink-amount-of-SMB1-code.patch.
+- Refresh patches.suse/cifs-writeback-fix.patch.
+- Refresh
+  patches.suse/smb3-add-dynamic-trace-points-for-tree-disconnect.patch.
+- commit aba9248
+
+- cachefiles: Fix volume coherency attribute (jsc#SES-1880).
+- cachefiles: Fix incorrect length to fallocate() (jsc#SES-1880).
+- libceph: optionally use bounce buffer on recv path in crc mode
+  (jsc#SES-1880).
+- libceph: make recv path in secure mode work the same as send
+  path (jsc#SES-1880).
+- netfs, cachefiles: Add a method to query presence of data in
+  the cache (jsc#SES-1880).
+- ceph: put the requests/sessions when it fails to alloc memory
+  (jsc#SES-1880).
+- netfs: Make ops->init_rreq() optional (jsc#SES-1880).
+- fscache: Add a comment explaining how page-release optimisation
+  works (jsc#SES-1880).
+- cachefiles: Check that the backing filesystem supports tmpfiles
+  (jsc#SES-1880).
+- cachefiles: Explain checks in a comment (jsc#SES-1880).
+- cachefiles: Trace active-mark failure (jsc#SES-1880).
+- cachefiles: Make some tracepoint adjustments (jsc#SES-1880).
+- cachefiles: set default tag name if it's unspecified
+  (jsc#SES-1880).
+- cachefiles: Calculate the blockshift in terms of bytes, not
+  pages (jsc#SES-1880).
+- fscache: Fix the volume collision wait condition (jsc#SES-1880).
+- ceph: move CEPH_SUPER_MAGIC definition to magic.h
+  (jsc#SES-1880).
+- ceph: remove redundant Lsx caps check (jsc#SES-1880).
+- ceph: add new "nopagecache" option (jsc#SES-1880).
+- ceph: don't check for quotas on MDS stray dirs (jsc#SES-1880).
+- ceph: drop send metrics debug message (jsc#SES-1880).
+- rbd: make const pointer spaces a static const array
+  (jsc#SES-1880).
+- ceph: Fix incorrect statfs report for small quota
+  (jsc#SES-1880).
+- ceph: mount syntax module parameter (jsc#SES-1880).
+- ceph: record updated mon_addr on remount (jsc#SES-1880).
+- ceph: new device mount syntax (jsc#SES-1880).
+- libceph: rename parse_fsid() to ceph_parse_fsid() and export
+  (jsc#SES-1880).
+- libceph: generalize addr/ip parsing based on delimiter
+  (jsc#SES-1880).
+- 9p: fix enodata when reading growing file (jsc#SES-1880).
+- 9p, afs, ceph, nfs: Use current_is_kswapd() rather than
+  gfpflags_allow_blocking() (jsc#SES-1880).
+- fscache: Add a tracepoint for cookie use/unuse (jsc#SES-1880).
+- ceph: add fscache writeback support (jsc#SES-1880).
+- ceph: conversion to new fscache API (jsc#SES-1880).
+- nfs: Implement cache I/O by accessing the cache directly
+  (jsc#SES-1880).
+- commit 74173ff
+
+- blacklist: drop ceph commit
+- commit ba2e082
+
+- nfs: Convert to new fscache volume/cookie API (jsc#SES-1880).
+- Refresh
+  patches.suse/0001-NFS-flush-out-dirty-data-on-file-fput.patch.
+- commit afbd263
+
+- 9p: Copy local writes to the cache when writing to the server
+  (jsc#SES-1880).
+- commit 505ae37
+
+- 9p: Use fscache indexing rewrite and reenable caching
+  (jsc#SES-1880).
+- afs: Skip truncation on the server of data we haven't written
+  yet (jsc#SES-1880).
+- afs: Copy local writes to the cache when writing to the server
+  (jsc#SES-1880).
+- afs: Convert afs to use the new fscache API (jsc#SES-1880).
+- fscache, cachefiles: Display stat of culling events
+  (jsc#SES-1880).
+- fscache, cachefiles: Display stats of no-space events
+  (jsc#SES-1880).
+- cachefiles: Allow cachefiles to actually function
+  (jsc#SES-1880).
+- fscache, cachefiles: Store the volume coherency data
+  (jsc#SES-1880).
+- cachefiles: Implement the I/O routines (jsc#SES-1880).
+- cachefiles: Implement cookie resize for truncate (jsc#SES-1880).
+- cachefiles: Implement begin and end I/O operation
+  (jsc#SES-1880).
+- cachefiles: Implement backing file wrangling (jsc#SES-1880).
+- cachefiles: Implement culling daemon commands (jsc#SES-1880).
+- cachefiles: Mark a backing file in use with an inode flag
+  (jsc#SES-1880).
+- cachefiles: Implement metadata/coherency data storage in xattrs
+  (jsc#SES-1880).
+- cachefiles: Implement key to filename encoding (jsc#SES-1880).
+- cachefiles: Implement object lifecycle funcs (jsc#SES-1880).
+- cachefiles: Add tracepoints for calls to the VFS (jsc#SES-1880).
+- cachefiles: Implement volume support (jsc#SES-1880).
+- cachefiles: Implement cache registration and withdrawal
+  (jsc#SES-1880).
+- cachefiles: Implement a function to get/create a directory in
+  the cache (jsc#SES-1880).
+- vfs, cachefiles: Mark a backing file in use with an inode flag
+  (jsc#SES-1880).
+- cachefiles: Provide a function to check how much space there is
+  (jsc#SES-1880).
+- cachefiles: Register a miscdev and parse commands over it
+  (jsc#SES-1880).
+- cachefiles: Add security derivation (jsc#SES-1880).
+- cachefiles: Add cache error reporting macro (jsc#SES-1880).
+- cachefiles: Add a couple of tracepoints for logging errors
+  (jsc#SES-1880).
+- cachefiles: Add some error injection support (jsc#SES-1880).
+- cachefiles: Define structs (jsc#SES-1880).
+- cachefiles: Introduce rewritten driver (jsc#SES-1880).
+- fscache: Provide a function to resize a cookie (jsc#SES-1880).
+- fscache: Provide a function to note the release of a page
+  (jsc#SES-1880).
+- vfs, fscache: Implement pinning of cache usage for writeback
+  (jsc#SES-1880).
+- fscache: Implement higher-level write I/O interface
+  (jsc#SES-1880).
+- fscache: Implement raw I/O interface (jsc#SES-1880).
+- netfs: Pass more information on how to deal with a hole in
+  the cache (jsc#SES-1880).
+- fscache: Provide a function to let the netfs update its
+  coherency data (jsc#SES-1880).
+- fscache: Provide read/write stat counters for the cache
+  (jsc#SES-1880).
+- fscache: Count data storage objects in a cache (jsc#SES-1880).
+- fscache: Provide a means to begin an operation (jsc#SES-1880).
+- fscache: Implement cookie invalidation (jsc#SES-1880).
+- fscache: Implement cookie user counting and resource pinning
+  (jsc#SES-1880).
+- fscache: Implement simple cookie state machine (jsc#SES-1880).
+- fscache: Add a function for a cache backend to note an I/O error
+  (jsc#SES-1880).
+- fscache: Provide and use cache methods to lookup/create/free
+  a volume (jsc#SES-1880).
+- fscache: Implement functions add/remove a cache (jsc#SES-1880).
+- fscache: Implement cookie-level access helpers (jsc#SES-1880).
+- fscache: Implement volume-level access helpers (jsc#SES-1880).
+- fscache: Implement cache-level access helpers (jsc#SES-1880).
+- fscache: Implement cookie registration (jsc#SES-1880).
+- fscache: Implement volume registration (jsc#SES-1880).
+- fscache: Implement cache registration (jsc#SES-1880).
+- fscache: Implement a hash function (jsc#SES-1880).
+- fscache: Introduce new driver (jsc#SES-1880).
+- netfs: Pass a flag to ->prepare_write() to say if there's no
+  alloc'd space (jsc#SES-1880).
+- netfs: Display the netfs inode number in the netfs_read
+  tracepoint (jsc#SES-1880).
+- fscache: Remove the contents of the fscache driver, pending
+  rewrite (jsc#SES-1880).
+- cachefiles: Delete the cachefiles driver pending rewrite
+  (jsc#SES-1880).
+- fscache, cachefiles: Disable configuration (jsc#SES-1880).
+- fs: add is_idmapped_mnt() helper (jsc#SES-1880).
+- NFS: Remove unnecessary TRACE_DEFINE_ENUM()s (jsc#SES-1880).
+- NFS: Always provide aligned buffers to the RPC read layers
+  (jsc#SES-1880).
+- commit 50c0425
+
+- 9p: Convert to using the netfs helper lib to do reads and
+  caching (jsc#SES-1880).
+- commit 9285dce
+
+- ceph: initialize i_size variable in ceph_sync_read
+  (jsc#SES-1880).
+- netfs: fix parameter of cleanup() (jsc#SES-1880).
+- netfs: Fix lockdep warning from taking sb_writers whilst
+  holding mmap_lock (jsc#SES-1880).
+- ceph: add a new metric to keep track of remote object copies
+  (jsc#SES-1880).
+- libceph, ceph: move ceph_osdc_copy_from() into cephfs code
+  (jsc#SES-1880).
+- ceph: clean-up metrics data structures to reduce code
+  duplication (jsc#SES-1880).
+- ceph: split 'metric' debugfs file into several files
+  (jsc#SES-1880).
+- ceph: return the real size read when it hits EOF (jsc#SES-1880).
+- ceph: shut down mount on bad mdsmap or fsmap decode
+  (jsc#SES-1880).
+- ceph: fix mdsmap decode when there are MDS's beyond max_mds
+  (jsc#SES-1880).
+- ceph: ignore the truncate when size won't change with Fx caps
+  issued (jsc#SES-1880).
+- ceph: don't rely on error_string to validate blocklisted session
+  (jsc#SES-1880).
+- ceph: just use ci->i_version for fscache aux info
+  (jsc#SES-1880).
+- ceph: shut down access to inode when async create fails
+  (jsc#SES-1880).
+- ceph: refactor remove_session_caps_cb (jsc#SES-1880).
+- ceph: fix auth cap handling logic in remove_session_caps_cb
+  (jsc#SES-1880).
+- ceph: drop private list from remove_session_caps_cb
+  (jsc#SES-1880).
+- ceph: don't use -ESTALE as special return code in
+  try_get_cap_refs (jsc#SES-1880).
+- ceph: print inode numbers instead of pointer values
+  (jsc#SES-1880).
+- ceph: enable async dirops by default (jsc#SES-1880).
+- libceph: drop ->monmap and err initialization (jsc#SES-1880).
+- ceph: convert to noop_direct_IO (jsc#SES-1880).
+- fscache_cookie_enabled: check cookie is valid before accessing
+  it (jsc#SES-1880).
+- commit f5f0829
+
+- blacklist: remove 89d43d0551a8 ("ceph: put the requests/sessions when it fails to alloc memory")
+- commit 46eecd9
+
+- ceph: fix off by one bugs in unsafe_request_wait()
+  (jsc#SES-1880).
+- ceph: drop the mdsc_get_session/put_session dout messages
+  (jsc#SES-1880).
+- ceph: don't WARN if we're forcibly removing the session caps
+  (jsc#SES-1880).
+- ceph: don't WARN if we're force umounting (jsc#SES-1880).
+- ceph: reconnect to the export targets on new mdsmaps
+  (jsc#SES-1880).
+- ceph: print more information when we can't find snaprealm
+  (jsc#SES-1880).
+- ceph: add ceph_change_snap_realm() helper (jsc#SES-1880).
+- ceph: remove redundant initializations from mdsc and session
+  (jsc#SES-1880).
+- ceph: add a new vxattr to return auth mds for an inode
+  (jsc#SES-1880).
+- ceph: remove some defunct forward declarations (jsc#SES-1880).
+- ceph: flush the mdlog before waiting on unsafe reqs
+  (jsc#SES-1880).
+- ceph: flush mdlog before umounting (jsc#SES-1880).
+- ceph: make iterate_sessions a global symbol (jsc#SES-1880).
+- ceph: make ceph_create_session_msg a global symbol
+  (jsc#SES-1880).
+- ceph: fix comment about short copies in ceph_write_end
+  (jsc#SES-1880).
+- commit 4e12f60
+
+- fscache: Remove an unused static variable (jsc#SES-1880).
+- fscache: Fix some kerneldoc warnings shown up by W=1
+  (jsc#SES-1880).
+- cachefiles: Use file_inode() rather than accessing ->f_inode
+  (jsc#SES-1880).
+- netfs: Move cookie debug ID to struct netfs_cache_resources
+  (jsc#SES-1880).
+- fscache: Select netfs stats if fscache stats are enabled
+  (jsc#SES-1880).
+- commit bbdc82f
+
kernel-source-rt
+- Add missing s390 vfio patch hunk (bsc#1208565 ltc#201535).
+- Refresh patches.suse/vfio-simplify-iommu-group-allocation-for-mediated-devices.
+- Refresh patches.suse/s390-vfio-ap-prepare-for-dynamic-update-of-guest-s-APCB-on-queue.
+- Refresh patches.suse/s390-vfio-ap-rename-matrix_dev-lock-mutex-to-matrix_dev-mdevs_lo.
+- commit 43ce0be
+
+- Update kabi files.
+  Based on PublicBeta-202302 ISO, kernel 5.14.21-150500.40.1
+- commit 2b36ed6
+
+- Update
+  patches.suse/usb-rndis_host-Secure-rndis_query-check-against-int-.patch
+  (CVE-2023-23559 bsc#1207051).
+  Added CVE reference to existing fix
+- commit af8ad62
+
+- Update kabi files.
+  Add arm64 64kb flavor, based on daily build 5.14.21-150500.9.1.g9b76281.aarch64.rpm
+- commit 2a6f1f8
+
+- Fix page corruption caused by racy check in __free_pages
+  (bsc#1208149).
+- commit 4cd4141
+
+- ipmi:ssif: Add a timer between request retries (bsc#1206459).
+- ipmi:ssif: Remove rtc_us_timer (bsc#1206459).
+- ipmi_ssif: Rename idle state and check (bsc#1206459).
+- ipmi:ssif: resend_msg() cannot fail (bsc#1206459).
+- commit b0ebf1b
+
+- Delete
+  patches.suse/ipmi-ssif-Add-60ms-time-internal-between-write-retri.patch.
+- commit 8704cd7
+
+- drm/i915/dg2: Drop force_probe requirement (bsc#1208203
+  jsc#PED-1218).
+- commit 4a027ed
+
+- module: Don't wait for GOING modules (bsc#1196058, bsc#1186449,
+  bsc#1204356, bsc#1204662).
+- commit 4544b7b
+
+- aquantia: Do not purge addresses when setting the number of
+  rings (jsc#PED-1530).
+- commit 39a03b2
+
+- net: atlantic: macsec: clear encryption keys from the stack
+  (jsc#PED-1530).
+- commit 643f719
+
+- atlantic: fix deadlock at aq_nic_stop (jsc#PED-1530).
+- commit 4a9a64f
+
+- net: atlantic: fix potential memory leak in aq_ndev_close()
+  (jsc#PED-1530).
+- commit 719db2f
+
+- net: atlantic: remove aq_nic_deinit() when resume
+  (jsc#PED-1530).
+- commit ff2f581
+
+- net: atlantic: remove deep parameter on suspend/resume functions
+  (jsc#PED-1530).
+- commit 9e96b4d
+
+- net: atlantic:fix repeated words in comments (jsc#PED-1530).
+- commit d6d4ffb
+
+- net: atlantic: verify hw_head_ lies within TX buffer ring
+  (jsc#PED-1530).
+- commit 7059ede
+
+- net: atlantic: add check for MAX_SKB_FRAGS (jsc#PED-1530).
+- commit e719b81
+
+- net: atlantic: reduce scope of is_rsc_complete (jsc#PED-1530).
+- commit b04c254
+
+- net: atlantic: fix "frag[0] not initialized" (jsc#PED-1530).
+- commit 0263576
+
+- Update
+  patches.suse/net-sched-cbq-dont-intepret-cls-results-when-asked-t.patch
+  (bsc#1207361 bsc#1207036 CVE-2023-23454).
+- commit 521fdca
+
+- Update
+  patches.suse/net-sched-atm-dont-intepret-cls-results-when-asked-t.patch
+  (bsc#1207361 bc#1207125 CVE-2023-23455).
+- commit c8b6243
+
+- io_uring/poll: fix poll_refs race with cancelation (bsc#1207511
+  CVE-2023-0468).
+- io_uring: make poll refs more robust (bsc#1207511
+  CVE-2023-0468).
+- io_uring: cmpxchg for poll arm refs release (bsc#1207511
+  CVE-2023-0468).
+- io_uring: fix tw losing poll events (bsc#1207511 CVE-2023-0468).
+- io_uring: update res mask in io_poll_check_events (bsc#1207511
+  CVE-2023-0468).
+- commit 4fe9bfe
+
+- io_uring: pass in EPOLL_URING_WAKE for eventfd signaling and
+  wakeups (bsc#1207100).
+- eventfd: provide a eventfd_signal_mask() helper (bsc#1207100).
+- eventpoll: add EPOLL_URING_WAKE poll wakeup flag (bsc#1207100).
+- commit 9e5a117
+
+- fbdev: Fix invalid page access after closing deferred I/O
+  devices (bsc#1207284).
+- commit 6a8d940
+
+- ipmi:ssif: Add 60ms time internal between write retries
+  (bsc#1206459).
+- ipmi:ssif: Increase the message retry time (bsc#1206459).
+- commit 14626c0
+
+- ibmvnic: Toggle between queue types in affinity mapping
+  (jsc#PED-2322).
+- commit 03b696f
+
+- Update config files.
+  New config option CONFIG_CACHEFILES_ONDEMAND.
+- commit ef23649
+
+- fs: change test in inode_insert5 for adding to the sb list
+  (jsc#SES-1880).
+- commit 6570d82
+
+- fscache: Fix oops due to race with cookie_lru and use_cookie
+  (jsc#SES-1880).
+- fscache: fix OOB Read in __fscache_acquire_volume
+  (jsc#SES-1880).
+- ceph: fix NULL pointer dereference for req->r_session
+  (jsc#SES-1880).
+- ceph: fix a NULL vs IS_ERR() check when calling
+  ceph_lookup_inode() (jsc#SES-1880).
+- ceph: fix incorrectly showing the .snap size for stat
+  (jsc#SES-1880).
+- ceph: fail the open_by_handle_at() if the dentry is being
+  unlinked (jsc#SES-1880).
+- ceph: increment i_version when doing a setattr with caps
+  (jsc#SES-1880).
+- ceph: Use kcalloc for allocating multiple elements
+  (jsc#SES-1880).
+- ceph: no need to wait for transition RDCACHE|RD -> RD
+  (jsc#SES-1880).
+- ceph: fail the request if the peer MDS doesn't support getvxattr
+  op (jsc#SES-1880).
+- ceph: wake up the waiters if any new caps comes (jsc#SES-1880).
+- libceph: drop last_piece flag from ceph_msg_data_cursor
+  (jsc#SES-1880).
+- fscrypt: add fscrypt_context_for_new_inode (jsc#SES-1880).
+- fscrypt: export fscrypt_fname_encrypt and
+  fscrypt_fname_encrypted_size (jsc#SES-1880).
+- commit 941f30a
+
+- blacklist: remove ceph commits from the list
+  aa1d627207ca ("ceph: Use kcalloc for allocating multiple elements")
+  5bd76b8de5b7 ("ceph: fix NULL pointer dereference for req->r_session")
+- commit 54964bf
+
+- x86/hyperv: Add constant HV_ISOLATION_TYPE_TDX (related to bug 1206453 and PED-3247).
+- commit a452b5e
+
+- cachefiles: make on-demand request distribution fairer
+  (jsc#SES-1880).
+- cachefiles: fix error return code in cachefiles_ondemand_copen()
+  (jsc#SES-1880).
+- fscache: fix misdocumented parameter (jsc#SES-1880).
+- libceph: clean up ceph_osdc_start_request prototype
+  (jsc#SES-1880).
+- libceph: fix ceph_pagelist_reserve() comment typo
+  (jsc#SES-1880).
+- ceph: remove useless check for the folio (jsc#SES-1880).
+- ceph: make f_bsize always equal to f_frsize (jsc#SES-1880).
+- ceph: flush the dirty caps immediatelly when quota is
+  approaching (jsc#SES-1880).
+- libceph: print fsid and epoch with osd id (jsc#SES-1880).
+- libceph: check pointer before assigned to "c->rules"
+  (jsc#SES-1880).
+- ceph: don't get the inline data for new creating files
+  (jsc#SES-1880).
+- ceph: update the auth cap when the async create req is forwarded
+  (jsc#SES-1880).
+- ceph: make change_auth_cap_ses a global symbol (jsc#SES-1880).
+- ceph: fix incorrect old_size length in ceph_mds_request_args
+  (jsc#SES-1880).
+- ceph: call netfs_subreq_terminated with was_async == false
+  (jsc#SES-1880).
+- ceph: convert to generic_file_llseek (jsc#SES-1880).
+- ceph: fix the incorrect comment for the ceph_mds_caps struct
+  (jsc#SES-1880).
+- ceph: prevent a client from exceeding the MDS maximum xattr size
+  (jsc#SES-1880).
+- ceph: choose auth MDS for getxattr with the Xs caps
+  (jsc#SES-1880).
+- ceph: add session already open notify support (jsc#SES-1880).
+- commit f01bb22
+
+- ceph: wait for the first reply of inflight async unlink
+  (jsc#SES-1880).
+- Refresh
+  patches.suse/ceph-don-t-truncate-file-in-atomic_open.patch.
+- commit 6774969
+
+- fs/dcache: export d_same_name() helper (jsc#SES-1880).
+- ceph: remove useless CEPHFS_FEATURES_CLIENT_REQUIRED
+  (jsc#SES-1880).
+- fscache: add tracepoint when failing cookie (jsc#SES-1880).
+- fscache: don't leak cookie access refs if invalidation is in
+  progress or failed (jsc#SES-1880).
+- docs: filesystems: update netfs-api.rst reference
+  (jsc#SES-1880).
+- commit d147e79
+
+- fscrypt: add new helper functions for test_dummy_encryption
+  (jsc#SES-1880).
+- fscrypt: factor out fscrypt_policy_to_key_spec() (jsc#SES-1880).
+- commit 5ea3f64
+
+- netfs: do not unlock and put the folio twice (jsc#SES-1880).
+- fscache: Fix invalidation/lookup race (jsc#SES-1880).
+- cachefiles: narrow the scope of flushed requests when releasing
+  fd (jsc#SES-1880).
+- fscache: Introduce fscache_cookie_is_dropped() (jsc#SES-1880).
+- fscache: Fix if condition in fscache_wait_on_volume_collision()
+  (jsc#SES-1880).
+- ceph: wait on async create before checking caps for syncfs
+  (jsc#SES-1880).
+- 9p: fix EBADF errors in cached mode (jsc#SES-1880).
+- netfs: Rename the netfs_io_request cleanup op and give it an
+  op pointer (jsc#SES-1880).
+- ceph: fix decoding of client session messages flags
+  (jsc#SES-1880).
+- ceph: switch TASK_INTERRUPTIBLE to TASK_KILLABLE (jsc#SES-1880).
+- ceph: remove redundant variable ino (jsc#SES-1880).
+- ceph: try to queue a writeback if revoking fails (jsc#SES-1880).
+- ceph: fix statfs for subdir mounts (jsc#SES-1880).
+- ceph: fix possible deadlock when holding Fwb to get inline_data
+  (jsc#SES-1880).
+- ceph: redirty the page for writepage on failure (jsc#SES-1880).
+- ceph: try to choose the auth MDS if possible for getattr
+  (jsc#SES-1880).
+- ceph: disable updating the atime since cephfs won't maintain it
+  (jsc#SES-1880).
+- ceph: flush the mdlog for filesystem sync (jsc#SES-1880).
+- ceph: rename unsafe_request_wait() (jsc#SES-1880).
+- libceph: use swap() macro instead of taking tmp variable
+  (jsc#SES-1880).
+- ceph: fix statx AT_STATX_DONT_SYNC vs AT_STATX_FORCE_SYNC check
+  (jsc#SES-1880).
+- ceph: no need to invalidate the fscache twice (jsc#SES-1880).
+- ceph: replace usage of found with dedicated list iterator
+  variable (jsc#SES-1880).
+- ceph: use dedicated list iterator variable (jsc#SES-1880).
+- ceph: update the dlease for the hashed dentry when removing
+  (jsc#SES-1880).
+- ceph: stop retrying the request when exceeding 256 times
+  (jsc#SES-1880).
+- ceph: stop forwarding the request when exceeding 256 times
+  (jsc#SES-1880).
+- ceph: remove unused CEPH_MDS_LEASE_RELEASE related code
+  (jsc#SES-1880).
+- cachefiles: add tracepoints for on-demand read mode
+  (jsc#SES-1880).
+- cachefiles: enable on-demand read mode (jsc#SES-1880).
+- cachefiles: implement on-demand read (jsc#SES-1880).
+- cachefiles: notify the user daemon when withdrawing cookie
+  (jsc#SES-1880).
+- cachefiles: unbind cachefiles gracefully in on-demand mode
+  (jsc#SES-1880).
+- cachefiles: notify the user daemon when looking up cookie
+  (jsc#SES-1880).
+- cachefiles: extract write routine (jsc#SES-1880).
+- netfs: Eliminate Clang randstruct warning (jsc#SES-1880).
+- commit ce95c8d
+
+- blacklist: removed 1b2ba3c5616e ("ceph: flush the mdlog for filesystem sync")
+- commit 559d59c
+
+- libceph: fix misleading ceph_osdc_cancel_request() comment
+  (jsc#SES-1880).
+- ceph: fix possible NULL pointer dereference for req->r_session
+  (jsc#SES-1880).
+- ceph: remove incorrect session state check (jsc#SES-1880).
+- ceph: get snap_rwsem read lock in handle_cap_export for
+  ceph_add_cap (jsc#SES-1880).
+- libceph: disambiguate cluster/pool full log message
+  (jsc#SES-1880).
+- fscache: remove FSCACHE_OLD_API Kconfig option (jsc#SES-1880).
+- fscache: Use wrapper fscache_set_cache_state() directly when
+  relinquishing (jsc#SES-1880).
+- fscache: Move fscache_cookies_seq_ops specific code under
+  CONFIG_PROC_FS (jsc#SES-1880).
+- fscache: Remove the cookie parameter from
+  fscache_clear_page_bits() (jsc#SES-1880).
+- cachefiles: Fix KASAN slab-out-of-bounds in
+  cachefiles_set_volume_xattr (jsc#SES-1880).
+- cachefiles: unmark inode in use in error path (jsc#SES-1880).
+- netfs: Keep track of the actual remote file size (jsc#SES-1880).
+- netfs: Split some core bits out into their own file
+  (jsc#SES-1880).
+- netfs: Split fs/netfs/read_helper.c (jsc#SES-1880).
+- netfs: Rename read_helper.c to io.c (jsc#SES-1880).
+- netfs: Prepare to split read_helper.c (jsc#SES-1880).
+- netfs: Add a function to consolidate beginning a read
+  (jsc#SES-1880).
+- commit 759f021
+
+- blacklist: removed 7acae6183cf3 ("ceph: fix possible NULL pointer dereference for req->r_session")
+- commit 91f76f5
+
+- netfs: Add a netfs inode context (jsc#SES-1880).
+- Refresh
+  patches.suse/cifs-fix-potential-deadlock-in-direct-reclaim.patch.
+- commit fa3a76d
+
+- ceph: Make ceph_init_request() check caps on readahead
+  (jsc#SES-1880).
+- netfs: Change ->init_request() to return an error code
+  (jsc#SES-1880).
+- netfs: Refactor arguments for netfs_alloc_read_request
+  (jsc#SES-1880).
+- netfs: Adjust the netfs_failure tracepoint to indicate
+  non-subreq lines (jsc#SES-1880).
+- netfs: Trace refcounting on the netfs_io_subrequest struct
+  (jsc#SES-1880).
+- netfs: Trace refcounting on the netfs_io_request struct
+  (jsc#SES-1880).
+- netfs: Adjust the netfs_rreq tracepoint slightly (jsc#SES-1880).
+- netfs: Split netfs_io_* object handling out (jsc#SES-1880).
+- netfs: Finish off rename of netfs_read_request to
+  netfs_io_request (jsc#SES-1880).
+- netfs: Rename netfs_read_*request to netfs_io_*request
+  (jsc#SES-1880).
+- netfs: Generate enums from trace symbol mapping lists
+  (jsc#SES-1880).
+- fscache: export fscache_end_operation() (jsc#SES-1880).
+- afs: Sort out symlink reading (jsc#SES-1880).
+- commit f1d9e86
+
+- ceph: uninitialized variable in debug output (jsc#SES-1880).
+- ceph: use tracked average r/w/m latencies to display metrics
+  in debugfs (jsc#SES-1880).
+- ceph: include average/stdev r/w/m latency in mds metrics
+  (jsc#SES-1880).
+- ceph: track average r/w/m latency (jsc#SES-1880).
+- ceph: use ktime_to_timespec64() rather than
+  jiffies_to_timespec64() (jsc#SES-1880).
+- ceph: assign the ci only when the inode isn't NULL
+  (jsc#SES-1880).
+- commit 7f5eb5f
+
+- ceph: misc fix for code style and logs (jsc#SES-1880).
+- Refresh
+  patches.suse/ceph-avoid-putting-the-realm-twice-when-decoding-snaps-fails.patch.
+- commit 915976e
+
+- ceph: allocate capsnap memory outside of ceph_queue_cap_snap()
+  (jsc#SES-1880).
+- ceph: do not release the global snaprealm until unmounting
+  (jsc#SES-1880).
+- ceph: remove incorrect and unused CEPH_INO_DOTDOT macro
+  (jsc#SES-1880).
+- ceph: eliminate the recursion when rebuilding the snap context
+  (jsc#SES-1880).
+- ceph: zero the dir_entries memory when allocating it
+  (jsc#SES-1880).
+- ceph: move to a dedicated slabcache for ceph_cap_snap
+  (jsc#SES-1880).
+- ceph: add getvxattr op (jsc#SES-1880).
+- libceph: drop else branches in prepare_read_data{,_cont}
+  (jsc#SES-1880).
+- ceph: fix comments mentioning i_mutex (jsc#SES-1880).
+- ceph: fail the request directly if handle_reply gets an ESTALE
+  (jsc#SES-1880).
+- ceph: wake waiters after failed async create (jsc#SES-1880).
+- ceph: wait for async create reply before sending any cap
+  messages (jsc#SES-1880).
+- ceph: eliminate req->r_wait_for_completion from ceph_mds_request
+  (jsc#SES-1880).
+- ceph: uninline the data on a file opened for writing
+  (jsc#SES-1880).
+- ceph: make ceph_netfs_issue_op() handle inlined data
+  (jsc#SES-1880).
+- commit 4f1bb1d
+
+- cifs: Fix the readahead conversion to manage the batch when
+  reading from cache (jsc#SES-1880).
+- cifs: Implement cache I/O by accessing the cache directly
+  (jsc#SES-1880).
+- commit aeedd18
+
+- cifs: Transition from ->readpages() to ->readahead()
+  (jsc#SES-1880).
+- Refresh patches.suse/Adjust-cifssb-maximum-read-size.patch.
+- commit 9ab1e02
+
+- Update config files.
+  New config option CONFIG_CACHEFILES_ERROR_INJECTION.
+- commit c7f3506
+
+- cifs: Support fscache indexing rewrite (jsc#SES-1880).
+- Refresh
+  patches.suse/cifs-Add-constructor-destructors-for-tcon-cfid.patch.
+- Refresh
+  patches.suse/cifs-Make-tcon-contain-a-wrapper-structure-cached_fids-instead-of-c.patch.
+- Refresh
+  patches.suse/cifs-Move-cached-dir-functions-into-a-separate-file.patch.
+- Refresh
+  patches.suse/cifs-remove-cifs_-prefix-from-init-destroy-mids-functions.patch.
+- Refresh
+  patches.suse/cifs-replace-kfree-with-kfree_sensitive-for-sensitive-data.patch.
+- Refresh
+  patches.suse/cifs-split-out-ses-and-tcon-retrieval-from-mount_get_conns-.patch.
+- Refresh
+  patches.suse/cifs-when-insecure-legacy-is-disabled-shrink-amount-of-SMB1-code.patch.
+- Refresh patches.suse/cifs-writeback-fix.patch.
+- Refresh
+  patches.suse/smb3-add-dynamic-trace-points-for-tree-disconnect.patch.
+- commit aba9248
+
+- cachefiles: Fix volume coherency attribute (jsc#SES-1880).
+- cachefiles: Fix incorrect length to fallocate() (jsc#SES-1880).
+- libceph: optionally use bounce buffer on recv path in crc mode
+  (jsc#SES-1880).
+- libceph: make recv path in secure mode work the same as send
+  path (jsc#SES-1880).
+- netfs, cachefiles: Add a method to query presence of data in
+  the cache (jsc#SES-1880).
+- ceph: put the requests/sessions when it fails to alloc memory
+  (jsc#SES-1880).
+- netfs: Make ops->init_rreq() optional (jsc#SES-1880).
+- fscache: Add a comment explaining how page-release optimisation
+  works (jsc#SES-1880).
+- cachefiles: Check that the backing filesystem supports tmpfiles
+  (jsc#SES-1880).
+- cachefiles: Explain checks in a comment (jsc#SES-1880).
+- cachefiles: Trace active-mark failure (jsc#SES-1880).
+- cachefiles: Make some tracepoint adjustments (jsc#SES-1880).
+- cachefiles: set default tag name if it's unspecified
+  (jsc#SES-1880).
+- cachefiles: Calculate the blockshift in terms of bytes, not
+  pages (jsc#SES-1880).
+- fscache: Fix the volume collision wait condition (jsc#SES-1880).
+- ceph: move CEPH_SUPER_MAGIC definition to magic.h
+  (jsc#SES-1880).
+- ceph: remove redundant Lsx caps check (jsc#SES-1880).
+- ceph: add new "nopagecache" option (jsc#SES-1880).
+- ceph: don't check for quotas on MDS stray dirs (jsc#SES-1880).
+- ceph: drop send metrics debug message (jsc#SES-1880).
+- rbd: make const pointer spaces a static const array
+  (jsc#SES-1880).
+- ceph: Fix incorrect statfs report for small quota
+  (jsc#SES-1880).
+- ceph: mount syntax module parameter (jsc#SES-1880).
+- ceph: record updated mon_addr on remount (jsc#SES-1880).
+- ceph: new device mount syntax (jsc#SES-1880).
+- libceph: rename parse_fsid() to ceph_parse_fsid() and export
+  (jsc#SES-1880).
+- libceph: generalize addr/ip parsing based on delimiter
+  (jsc#SES-1880).
+- 9p: fix enodata when reading growing file (jsc#SES-1880).
+- 9p, afs, ceph, nfs: Use current_is_kswapd() rather than
+  gfpflags_allow_blocking() (jsc#SES-1880).
+- fscache: Add a tracepoint for cookie use/unuse (jsc#SES-1880).
+- ceph: add fscache writeback support (jsc#SES-1880).
+- ceph: conversion to new fscache API (jsc#SES-1880).
+- nfs: Implement cache I/O by accessing the cache directly
+  (jsc#SES-1880).
+- commit 74173ff
+
+- blacklist: drop ceph commit
+- commit ba2e082
+
+- nfs: Convert to new fscache volume/cookie API (jsc#SES-1880).
+- Refresh
+  patches.suse/0001-NFS-flush-out-dirty-data-on-file-fput.patch.
+- commit afbd263
+
+- 9p: Copy local writes to the cache when writing to the server
+  (jsc#SES-1880).
+- commit 505ae37
+
+- 9p: Use fscache indexing rewrite and reenable caching
+  (jsc#SES-1880).
+- afs: Skip truncation on the server of data we haven't written
+  yet (jsc#SES-1880).
+- afs: Copy local writes to the cache when writing to the server
+  (jsc#SES-1880).
+- afs: Convert afs to use the new fscache API (jsc#SES-1880).
+- fscache, cachefiles: Display stat of culling events
+  (jsc#SES-1880).
+- fscache, cachefiles: Display stats of no-space events
+  (jsc#SES-1880).
+- cachefiles: Allow cachefiles to actually function
+  (jsc#SES-1880).
+- fscache, cachefiles: Store the volume coherency data
+  (jsc#SES-1880).
+- cachefiles: Implement the I/O routines (jsc#SES-1880).
+- cachefiles: Implement cookie resize for truncate (jsc#SES-1880).
+- cachefiles: Implement begin and end I/O operation
+  (jsc#SES-1880).
+- cachefiles: Implement backing file wrangling (jsc#SES-1880).
+- cachefiles: Implement culling daemon commands (jsc#SES-1880).
+- cachefiles: Mark a backing file in use with an inode flag
+  (jsc#SES-1880).
+- cachefiles: Implement metadata/coherency data storage in xattrs
+  (jsc#SES-1880).
+- cachefiles: Implement key to filename encoding (jsc#SES-1880).
+- cachefiles: Implement object lifecycle funcs (jsc#SES-1880).
+- cachefiles: Add tracepoints for calls to the VFS (jsc#SES-1880).
+- cachefiles: Implement volume support (jsc#SES-1880).
+- cachefiles: Implement cache registration and withdrawal
+  (jsc#SES-1880).
+- cachefiles: Implement a function to get/create a directory in
+  the cache (jsc#SES-1880).
+- vfs, cachefiles: Mark a backing file in use with an inode flag
+  (jsc#SES-1880).
+- cachefiles: Provide a function to check how much space there is
+  (jsc#SES-1880).
+- cachefiles: Register a miscdev and parse commands over it
+  (jsc#SES-1880).
+- cachefiles: Add security derivation (jsc#SES-1880).
+- cachefiles: Add cache error reporting macro (jsc#SES-1880).
+- cachefiles: Add a couple of tracepoints for logging errors
+  (jsc#SES-1880).
+- cachefiles: Add some error injection support (jsc#SES-1880).
+- cachefiles: Define structs (jsc#SES-1880).
+- cachefiles: Introduce rewritten driver (jsc#SES-1880).
+- fscache: Provide a function to resize a cookie (jsc#SES-1880).
+- fscache: Provide a function to note the release of a page
+  (jsc#SES-1880).
+- vfs, fscache: Implement pinning of cache usage for writeback
+  (jsc#SES-1880).
+- fscache: Implement higher-level write I/O interface
+  (jsc#SES-1880).
+- fscache: Implement raw I/O interface (jsc#SES-1880).
+- netfs: Pass more information on how to deal with a hole in
+  the cache (jsc#SES-1880).
+- fscache: Provide a function to let the netfs update its
+  coherency data (jsc#SES-1880).
+- fscache: Provide read/write stat counters for the cache
+  (jsc#SES-1880).
+- fscache: Count data storage objects in a cache (jsc#SES-1880).
+- fscache: Provide a means to begin an operation (jsc#SES-1880).
+- fscache: Implement cookie invalidation (jsc#SES-1880).
+- fscache: Implement cookie user counting and resource pinning
+  (jsc#SES-1880).
+- fscache: Implement simple cookie state machine (jsc#SES-1880).
+- fscache: Add a function for a cache backend to note an I/O error
+  (jsc#SES-1880).
+- fscache: Provide and use cache methods to lookup/create/free
+  a volume (jsc#SES-1880).
+- fscache: Implement functions add/remove a cache (jsc#SES-1880).
+- fscache: Implement cookie-level access helpers (jsc#SES-1880).
+- fscache: Implement volume-level access helpers (jsc#SES-1880).
+- fscache: Implement cache-level access helpers (jsc#SES-1880).
+- fscache: Implement cookie registration (jsc#SES-1880).
+- fscache: Implement volume registration (jsc#SES-1880).
+- fscache: Implement cache registration (jsc#SES-1880).
+- fscache: Implement a hash function (jsc#SES-1880).
+- fscache: Introduce new driver (jsc#SES-1880).
+- netfs: Pass a flag to ->prepare_write() to say if there's no
+  alloc'd space (jsc#SES-1880).
+- netfs: Display the netfs inode number in the netfs_read
+  tracepoint (jsc#SES-1880).
+- fscache: Remove the contents of the fscache driver, pending
+  rewrite (jsc#SES-1880).
+- cachefiles: Delete the cachefiles driver pending rewrite
+  (jsc#SES-1880).
+- fscache, cachefiles: Disable configuration (jsc#SES-1880).
+- fs: add is_idmapped_mnt() helper (jsc#SES-1880).
+- NFS: Remove unnecessary TRACE_DEFINE_ENUM()s (jsc#SES-1880).
+- NFS: Always provide aligned buffers to the RPC read layers
+  (jsc#SES-1880).
+- commit 50c0425
+
+- 9p: Convert to using the netfs helper lib to do reads and
+  caching (jsc#SES-1880).
+- commit 9285dce
+
+- ceph: initialize i_size variable in ceph_sync_read
+  (jsc#SES-1880).
+- netfs: fix parameter of cleanup() (jsc#SES-1880).
+- netfs: Fix lockdep warning from taking sb_writers whilst
+  holding mmap_lock (jsc#SES-1880).
+- ceph: add a new metric to keep track of remote object copies
+  (jsc#SES-1880).
+- libceph, ceph: move ceph_osdc_copy_from() into cephfs code
+  (jsc#SES-1880).
+- ceph: clean-up metrics data structures to reduce code
+  duplication (jsc#SES-1880).
+- ceph: split 'metric' debugfs file into several files
+  (jsc#SES-1880).
+- ceph: return the real size read when it hits EOF (jsc#SES-1880).
+- ceph: shut down mount on bad mdsmap or fsmap decode
+  (jsc#SES-1880).
+- ceph: fix mdsmap decode when there are MDS's beyond max_mds
+  (jsc#SES-1880).
+- ceph: ignore the truncate when size won't change with Fx caps
+  issued (jsc#SES-1880).
+- ceph: don't rely on error_string to validate blocklisted session
+  (jsc#SES-1880).
+- ceph: just use ci->i_version for fscache aux info
+  (jsc#SES-1880).
+- ceph: shut down access to inode when async create fails
+  (jsc#SES-1880).
+- ceph: refactor remove_session_caps_cb (jsc#SES-1880).
+- ceph: fix auth cap handling logic in remove_session_caps_cb
+  (jsc#SES-1880).
+- ceph: drop private list from remove_session_caps_cb
+  (jsc#SES-1880).
+- ceph: don't use -ESTALE as special return code in
+  try_get_cap_refs (jsc#SES-1880).
+- ceph: print inode numbers instead of pointer values
+  (jsc#SES-1880).
+- ceph: enable async dirops by default (jsc#SES-1880).
+- libceph: drop ->monmap and err initialization (jsc#SES-1880).
+- ceph: convert to noop_direct_IO (jsc#SES-1880).
+- fscache_cookie_enabled: check cookie is valid before accessing
+  it (jsc#SES-1880).
+- commit f5f0829
+
+- blacklist: remove 89d43d0551a8 ("ceph: put the requests/sessions when it fails to alloc memory")
+- commit 46eecd9
+
+- ceph: fix off by one bugs in unsafe_request_wait()
+  (jsc#SES-1880).
+- ceph: drop the mdsc_get_session/put_session dout messages
+  (jsc#SES-1880).
+- ceph: don't WARN if we're forcibly removing the session caps
+  (jsc#SES-1880).
+- ceph: don't WARN if we're force umounting (jsc#SES-1880).
+- ceph: reconnect to the export targets on new mdsmaps
+  (jsc#SES-1880).
+- ceph: print more information when we can't find snaprealm
+  (jsc#SES-1880).
+- ceph: add ceph_change_snap_realm() helper (jsc#SES-1880).
+- ceph: remove redundant initializations from mdsc and session
+  (jsc#SES-1880).
+- ceph: add a new vxattr to return auth mds for an inode
+  (jsc#SES-1880).
+- ceph: remove some defunct forward declarations (jsc#SES-1880).
+- ceph: flush the mdlog before waiting on unsafe reqs
+  (jsc#SES-1880).
+- ceph: flush mdlog before umounting (jsc#SES-1880).
+- ceph: make iterate_sessions a global symbol (jsc#SES-1880).
+- ceph: make ceph_create_session_msg a global symbol
+  (jsc#SES-1880).
+- ceph: fix comment about short copies in ceph_write_end
+  (jsc#SES-1880).
+- commit 4e12f60
+
+- fscache: Remove an unused static variable (jsc#SES-1880).
+- fscache: Fix some kerneldoc warnings shown up by W=1
+  (jsc#SES-1880).
+- cachefiles: Use file_inode() rather than accessing ->f_inode
+  (jsc#SES-1880).
+- netfs: Move cookie debug ID to struct netfs_cache_resources
+  (jsc#SES-1880).
+- fscache: Select netfs stats if fscache stats are enabled
+  (jsc#SES-1880).
+- commit bbdc82f
+
kernel-syms
+- powerpc/64s: Make POWER10 and later use pause_short in cpu_relax
+  loops (bsc#1208376 ltc#201076).
+- powerpc: add ISA v3.0 / v3.1 wait opcode macro (bsc#1208376
+  ltc#201076).
+- commit 2a06230
+
+- ibmvnic: Assign XPS map to correct queue index (bsc#1208757
+  ltc#201720 jsc#PED-2322 git-fixes).
+- commit be76316
+
+- Update
+  patches.suse/usb-dwc3-dwc3-qcom-Add-missing-platform_device_put-i.patch
+  (bsc#1208741 CVE-2023-22995).
+  Added CVE reference for fix already present
+- commit 80a158a
+
+- loop: fix ioctl calls using compat_loop_info (bsc#1207333).
+- commit 11a60da
+
+- Add missing s390 vfio patch hunk (bsc#1208565 ltc#201535).
+- Refresh patches.suse/vfio-simplify-iommu-group-allocation-for-mediated-devices.
+- Refresh patches.suse/s390-vfio-ap-prepare-for-dynamic-update-of-guest-s-APCB-on-queue.
+- Refresh patches.suse/s390-vfio-ap-rename-matrix_dev-lock-mutex-to-matrix_dev-mdevs_lo.
+- commit 43ce0be
+
+- Update kabi files.
+  Based on PublicBeta-202302 ISO, kernel 5.14.21-150500.40.1
+- commit 2b36ed6
+
+- Update
+  patches.suse/usb-rndis_host-Secure-rndis_query-check-against-int-.patch
+  (CVE-2023-23559 bsc#1207051).
+  Added CVE reference to existing fix
+- commit af8ad62
+
+- Update kabi files.
+  Add arm64 64kb flavor, based on daily build 5.14.21-150500.9.1.g9b76281.aarch64.rpm
+- commit 2a6f1f8
+
+- Fix page corruption caused by racy check in __free_pages
+  (bsc#1208149).
+- commit 4cd4141
+
+- ipmi:ssif: Add a timer between request retries (bsc#1206459).
+- ipmi:ssif: Remove rtc_us_timer (bsc#1206459).
+- ipmi_ssif: Rename idle state and check (bsc#1206459).
+- ipmi:ssif: resend_msg() cannot fail (bsc#1206459).
+- commit b0ebf1b
+
+- Delete
+  patches.suse/ipmi-ssif-Add-60ms-time-internal-between-write-retri.patch.
+- commit 8704cd7
+
+- drm/i915/dg2: Drop force_probe requirement (bsc#1208203
+  jsc#PED-1218).
+- commit 4a027ed
+
+- module: Don't wait for GOING modules (bsc#1196058, bsc#1186449,
+  bsc#1204356, bsc#1204662).
+- commit 4544b7b
+
kernel-syms-azure
+- Update kabi files.
+  Add arm64 64kb flavor, based on daily build 5.14.21-150500.9.1.g9b76281.aarch64.rpm
+- commit 2a6f1f8
+
+- Fix page corruption caused by racy check in __free_pages
+  (bsc#1208149).
+- commit 4cd4141
+
+- ipmi:ssif: Add a timer between request retries (bsc#1206459).
+- ipmi:ssif: Remove rtc_us_timer (bsc#1206459).
+- ipmi_ssif: Rename idle state and check (bsc#1206459).
+- ipmi:ssif: resend_msg() cannot fail (bsc#1206459).
+- commit b0ebf1b
+
+- Delete
+  patches.suse/ipmi-ssif-Add-60ms-time-internal-between-write-retri.patch.
+- commit 8704cd7
+
+- drm/i915/dg2: Drop force_probe requirement (bsc#1208203
+  jsc#PED-1218).
+- commit 4a027ed
+
+- module: Don't wait for GOING modules (bsc#1196058, bsc#1186449,
+  bsc#1204356, bsc#1204662).
+- commit 4544b7b
+
+- aquantia: Do not purge addresses when setting the number of
+  rings (jsc#PED-1530).
+- commit 39a03b2
+
+- net: atlantic: macsec: clear encryption keys from the stack
+  (jsc#PED-1530).
+- commit 643f719
+
+- atlantic: fix deadlock at aq_nic_stop (jsc#PED-1530).
+- commit 4a9a64f
+
+- net: atlantic: fix potential memory leak in aq_ndev_close()
+  (jsc#PED-1530).
+- commit 719db2f
+
+- net: atlantic: remove aq_nic_deinit() when resume
+  (jsc#PED-1530).
+- commit ff2f581
+
+- net: atlantic: remove deep parameter on suspend/resume functions
+  (jsc#PED-1530).
+- commit 9e96b4d
+
+- net: atlantic:fix repeated words in comments (jsc#PED-1530).
+- commit d6d4ffb
+
+- net: atlantic: verify hw_head_ lies within TX buffer ring
+  (jsc#PED-1530).
+- commit 7059ede
+
+- net: atlantic: add check for MAX_SKB_FRAGS (jsc#PED-1530).
+- commit e719b81
+
+- net: atlantic: reduce scope of is_rsc_complete (jsc#PED-1530).
+- commit b04c254
+
+- net: atlantic: fix "frag[0] not initialized" (jsc#PED-1530).
+- commit 0263576
+
+- Update
+  patches.suse/net-sched-cbq-dont-intepret-cls-results-when-asked-t.patch
+  (bsc#1207361 bsc#1207036 CVE-2023-23454).
+- commit 521fdca
+
+- Update
+  patches.suse/net-sched-atm-dont-intepret-cls-results-when-asked-t.patch
+  (bsc#1207361 bc#1207125 CVE-2023-23455).
+- commit c8b6243
+
+- io_uring/poll: fix poll_refs race with cancelation (bsc#1207511
+  CVE-2023-0468).
+- io_uring: make poll refs more robust (bsc#1207511
+  CVE-2023-0468).
+- io_uring: cmpxchg for poll arm refs release (bsc#1207511
+  CVE-2023-0468).
+- io_uring: fix tw losing poll events (bsc#1207511 CVE-2023-0468).
+- io_uring: update res mask in io_poll_check_events (bsc#1207511
+  CVE-2023-0468).
+- commit 4fe9bfe
+
+- io_uring: pass in EPOLL_URING_WAKE for eventfd signaling and
+  wakeups (bsc#1207100).
+- eventfd: provide a eventfd_signal_mask() helper (bsc#1207100).
+- eventpoll: add EPOLL_URING_WAKE poll wakeup flag (bsc#1207100).
+- commit 9e5a117
+
+- fbdev: Fix invalid page access after closing deferred I/O
+  devices (bsc#1207284).
+- commit 6a8d940
+
+- ipmi:ssif: Add 60ms time internal between write retries
+  (bsc#1206459).
+- ipmi:ssif: Increase the message retry time (bsc#1206459).
+- commit 14626c0
+
+- ibmvnic: Toggle between queue types in affinity mapping
+  (jsc#PED-2322).
+- commit 03b696f
+
+- Update config files.
+  New config option CONFIG_CACHEFILES_ONDEMAND.
+- commit ef23649
+
+- fs: change test in inode_insert5 for adding to the sb list
+  (jsc#SES-1880).
+- commit 6570d82
+
+- fscache: Fix oops due to race with cookie_lru and use_cookie
+  (jsc#SES-1880).
+- fscache: fix OOB Read in __fscache_acquire_volume
+  (jsc#SES-1880).
+- ceph: fix NULL pointer dereference for req->r_session
+  (jsc#SES-1880).
+- ceph: fix a NULL vs IS_ERR() check when calling
+  ceph_lookup_inode() (jsc#SES-1880).
+- ceph: fix incorrectly showing the .snap size for stat
+  (jsc#SES-1880).
+- ceph: fail the open_by_handle_at() if the dentry is being
+  unlinked (jsc#SES-1880).
+- ceph: increment i_version when doing a setattr with caps
+  (jsc#SES-1880).
+- ceph: Use kcalloc for allocating multiple elements
+  (jsc#SES-1880).
+- ceph: no need to wait for transition RDCACHE|RD -> RD
+  (jsc#SES-1880).
+- ceph: fail the request if the peer MDS doesn't support getvxattr
+  op (jsc#SES-1880).
+- ceph: wake up the waiters if any new caps comes (jsc#SES-1880).
+- libceph: drop last_piece flag from ceph_msg_data_cursor
+  (jsc#SES-1880).
+- fscrypt: add fscrypt_context_for_new_inode (jsc#SES-1880).
+- fscrypt: export fscrypt_fname_encrypt and
+  fscrypt_fname_encrypted_size (jsc#SES-1880).
+- commit 941f30a
+
+- blacklist: remove ceph commits from the list
+  aa1d627207ca ("ceph: Use kcalloc for allocating multiple elements")
+  5bd76b8de5b7 ("ceph: fix NULL pointer dereference for req->r_session")
+- commit 54964bf
+
+- x86/hyperv: Add constant HV_ISOLATION_TYPE_TDX (related to bug 1206453 and PED-3247).
+- commit a452b5e
+
+- cachefiles: make on-demand request distribution fairer
+  (jsc#SES-1880).
+- cachefiles: fix error return code in cachefiles_ondemand_copen()
+  (jsc#SES-1880).
+- fscache: fix misdocumented parameter (jsc#SES-1880).
+- libceph: clean up ceph_osdc_start_request prototype
+  (jsc#SES-1880).
+- libceph: fix ceph_pagelist_reserve() comment typo
+  (jsc#SES-1880).
+- ceph: remove useless check for the folio (jsc#SES-1880).
+- ceph: make f_bsize always equal to f_frsize (jsc#SES-1880).
+- ceph: flush the dirty caps immediatelly when quota is
+  approaching (jsc#SES-1880).
+- libceph: print fsid and epoch with osd id (jsc#SES-1880).
+- libceph: check pointer before assigned to "c->rules"
+  (jsc#SES-1880).
+- ceph: don't get the inline data for new creating files
+  (jsc#SES-1880).
+- ceph: update the auth cap when the async create req is forwarded
+  (jsc#SES-1880).
+- ceph: make change_auth_cap_ses a global symbol (jsc#SES-1880).
+- ceph: fix incorrect old_size length in ceph_mds_request_args
+  (jsc#SES-1880).
+- ceph: call netfs_subreq_terminated with was_async == false
+  (jsc#SES-1880).
+- ceph: convert to generic_file_llseek (jsc#SES-1880).
+- ceph: fix the incorrect comment for the ceph_mds_caps struct
+  (jsc#SES-1880).
+- ceph: prevent a client from exceeding the MDS maximum xattr size
+  (jsc#SES-1880).
+- ceph: choose auth MDS for getxattr with the Xs caps
+  (jsc#SES-1880).
+- ceph: add session already open notify support (jsc#SES-1880).
+- commit f01bb22
+
+- ceph: wait for the first reply of inflight async unlink
+  (jsc#SES-1880).
+- Refresh
+  patches.suse/ceph-don-t-truncate-file-in-atomic_open.patch.
+- commit 6774969
+
+- fs/dcache: export d_same_name() helper (jsc#SES-1880).
+- ceph: remove useless CEPHFS_FEATURES_CLIENT_REQUIRED
+  (jsc#SES-1880).
+- fscache: add tracepoint when failing cookie (jsc#SES-1880).
+- fscache: don't leak cookie access refs if invalidation is in
+  progress or failed (jsc#SES-1880).
+- docs: filesystems: update netfs-api.rst reference
+  (jsc#SES-1880).
+- commit d147e79
+
+- fscrypt: add new helper functions for test_dummy_encryption
+  (jsc#SES-1880).
+- fscrypt: factor out fscrypt_policy_to_key_spec() (jsc#SES-1880).
+- commit 5ea3f64
+
+- netfs: do not unlock and put the folio twice (jsc#SES-1880).
+- fscache: Fix invalidation/lookup race (jsc#SES-1880).
+- cachefiles: narrow the scope of flushed requests when releasing
+  fd (jsc#SES-1880).
+- fscache: Introduce fscache_cookie_is_dropped() (jsc#SES-1880).
+- fscache: Fix if condition in fscache_wait_on_volume_collision()
+  (jsc#SES-1880).
+- ceph: wait on async create before checking caps for syncfs
+  (jsc#SES-1880).
+- 9p: fix EBADF errors in cached mode (jsc#SES-1880).
+- netfs: Rename the netfs_io_request cleanup op and give it an
+  op pointer (jsc#SES-1880).
+- ceph: fix decoding of client session messages flags
+  (jsc#SES-1880).
+- ceph: switch TASK_INTERRUPTIBLE to TASK_KILLABLE (jsc#SES-1880).
+- ceph: remove redundant variable ino (jsc#SES-1880).
+- ceph: try to queue a writeback if revoking fails (jsc#SES-1880).
+- ceph: fix statfs for subdir mounts (jsc#SES-1880).
+- ceph: fix possible deadlock when holding Fwb to get inline_data
+  (jsc#SES-1880).
+- ceph: redirty the page for writepage on failure (jsc#SES-1880).
+- ceph: try to choose the auth MDS if possible for getattr
+  (jsc#SES-1880).
+- ceph: disable updating the atime since cephfs won't maintain it
+  (jsc#SES-1880).
+- ceph: flush the mdlog for filesystem sync (jsc#SES-1880).
+- ceph: rename unsafe_request_wait() (jsc#SES-1880).
+- libceph: use swap() macro instead of taking tmp variable
+  (jsc#SES-1880).
+- ceph: fix statx AT_STATX_DONT_SYNC vs AT_STATX_FORCE_SYNC check
+  (jsc#SES-1880).
+- ceph: no need to invalidate the fscache twice (jsc#SES-1880).
+- ceph: replace usage of found with dedicated list iterator
+  variable (jsc#SES-1880).
+- ceph: use dedicated list iterator variable (jsc#SES-1880).
+- ceph: update the dlease for the hashed dentry when removing
+  (jsc#SES-1880).
+- ceph: stop retrying the request when exceeding 256 times
+  (jsc#SES-1880).
+- ceph: stop forwarding the request when exceeding 256 times
+  (jsc#SES-1880).
+- ceph: remove unused CEPH_MDS_LEASE_RELEASE related code
+  (jsc#SES-1880).
+- cachefiles: add tracepoints for on-demand read mode
+  (jsc#SES-1880).
+- cachefiles: enable on-demand read mode (jsc#SES-1880).
+- cachefiles: implement on-demand read (jsc#SES-1880).
+- cachefiles: notify the user daemon when withdrawing cookie
+  (jsc#SES-1880).
+- cachefiles: unbind cachefiles gracefully in on-demand mode
+  (jsc#SES-1880).
+- cachefiles: notify the user daemon when looking up cookie
+  (jsc#SES-1880).
+- cachefiles: extract write routine (jsc#SES-1880).
+- netfs: Eliminate Clang randstruct warning (jsc#SES-1880).
+- commit ce95c8d
+
+- blacklist: removed 1b2ba3c5616e ("ceph: flush the mdlog for filesystem sync")
+- commit 559d59c
+
+- libceph: fix misleading ceph_osdc_cancel_request() comment
+  (jsc#SES-1880).
+- ceph: fix possible NULL pointer dereference for req->r_session
+  (jsc#SES-1880).
+- ceph: remove incorrect session state check (jsc#SES-1880).
+- ceph: get snap_rwsem read lock in handle_cap_export for
+  ceph_add_cap (jsc#SES-1880).
+- libceph: disambiguate cluster/pool full log message
+  (jsc#SES-1880).
+- fscache: remove FSCACHE_OLD_API Kconfig option (jsc#SES-1880).
+- fscache: Use wrapper fscache_set_cache_state() directly when
+  relinquishing (jsc#SES-1880).
+- fscache: Move fscache_cookies_seq_ops specific code under
+  CONFIG_PROC_FS (jsc#SES-1880).
+- fscache: Remove the cookie parameter from
+  fscache_clear_page_bits() (jsc#SES-1880).
+- cachefiles: Fix KASAN slab-out-of-bounds in
+  cachefiles_set_volume_xattr (jsc#SES-1880).
+- cachefiles: unmark inode in use in error path (jsc#SES-1880).
+- netfs: Keep track of the actual remote file size (jsc#SES-1880).
+- netfs: Split some core bits out into their own file
+  (jsc#SES-1880).
+- netfs: Split fs/netfs/read_helper.c (jsc#SES-1880).
+- netfs: Rename read_helper.c to io.c (jsc#SES-1880).
+- netfs: Prepare to split read_helper.c (jsc#SES-1880).
+- netfs: Add a function to consolidate beginning a read
+  (jsc#SES-1880).
+- commit 759f021
+
+- blacklist: removed 7acae6183cf3 ("ceph: fix possible NULL pointer dereference for req->r_session")
+- commit 91f76f5
+
+- netfs: Add a netfs inode context (jsc#SES-1880).
+- Refresh
+  patches.suse/cifs-fix-potential-deadlock-in-direct-reclaim.patch.
+- commit fa3a76d
+
+- ceph: Make ceph_init_request() check caps on readahead
+  (jsc#SES-1880).
+- netfs: Change ->init_request() to return an error code
+  (jsc#SES-1880).
+- netfs: Refactor arguments for netfs_alloc_read_request
+  (jsc#SES-1880).
+- netfs: Adjust the netfs_failure tracepoint to indicate
+  non-subreq lines (jsc#SES-1880).
+- netfs: Trace refcounting on the netfs_io_subrequest struct
+  (jsc#SES-1880).
+- netfs: Trace refcounting on the netfs_io_request struct
+  (jsc#SES-1880).
+- netfs: Adjust the netfs_rreq tracepoint slightly (jsc#SES-1880).
+- netfs: Split netfs_io_* object handling out (jsc#SES-1880).
+- netfs: Finish off rename of netfs_read_request to
+  netfs_io_request (jsc#SES-1880).
+- netfs: Rename netfs_read_*request to netfs_io_*request
+  (jsc#SES-1880).
+- netfs: Generate enums from trace symbol mapping lists
+  (jsc#SES-1880).
+- fscache: export fscache_end_operation() (jsc#SES-1880).
+- afs: Sort out symlink reading (jsc#SES-1880).
+- commit f1d9e86
+
+- ceph: uninitialized variable in debug output (jsc#SES-1880).
+- ceph: use tracked average r/w/m latencies to display metrics
+  in debugfs (jsc#SES-1880).
+- ceph: include average/stdev r/w/m latency in mds metrics
+  (jsc#SES-1880).
+- ceph: track average r/w/m latency (jsc#SES-1880).
+- ceph: use ktime_to_timespec64() rather than
+  jiffies_to_timespec64() (jsc#SES-1880).
+- ceph: assign the ci only when the inode isn't NULL
+  (jsc#SES-1880).
+- commit 7f5eb5f
+
+- ceph: misc fix for code style and logs (jsc#SES-1880).
+- Refresh
+  patches.suse/ceph-avoid-putting-the-realm-twice-when-decoding-snaps-fails.patch.
+- commit 915976e
+
+- ceph: allocate capsnap memory outside of ceph_queue_cap_snap()
+  (jsc#SES-1880).
+- ceph: do not release the global snaprealm until unmounting
+  (jsc#SES-1880).
+- ceph: remove incorrect and unused CEPH_INO_DOTDOT macro
+  (jsc#SES-1880).
+- ceph: eliminate the recursion when rebuilding the snap context
+  (jsc#SES-1880).
+- ceph: zero the dir_entries memory when allocating it
+  (jsc#SES-1880).
+- ceph: move to a dedicated slabcache for ceph_cap_snap
+  (jsc#SES-1880).
+- ceph: add getvxattr op (jsc#SES-1880).
+- libceph: drop else branches in prepare_read_data{,_cont}
+  (jsc#SES-1880).
+- ceph: fix comments mentioning i_mutex (jsc#SES-1880).
+- ceph: fail the request directly if handle_reply gets an ESTALE
+  (jsc#SES-1880).
+- ceph: wake waiters after failed async create (jsc#SES-1880).
+- ceph: wait for async create reply before sending any cap
+  messages (jsc#SES-1880).
+- ceph: eliminate req->r_wait_for_completion from ceph_mds_request
+  (jsc#SES-1880).
+- ceph: uninline the data on a file opened for writing
+  (jsc#SES-1880).
+- ceph: make ceph_netfs_issue_op() handle inlined data
+  (jsc#SES-1880).
+- commit 4f1bb1d
+
+- cifs: Fix the readahead conversion to manage the batch when
+  reading from cache (jsc#SES-1880).
+- cifs: Implement cache I/O by accessing the cache directly
+  (jsc#SES-1880).
+- commit aeedd18
+
+- cifs: Transition from ->readpages() to ->readahead()
+  (jsc#SES-1880).
+- Refresh patches.suse/Adjust-cifssb-maximum-read-size.patch.
+- commit 9ab1e02
+
+- Update config files.
+  New config option CONFIG_CACHEFILES_ERROR_INJECTION.
+- commit c7f3506
+
+- cifs: Support fscache indexing rewrite (jsc#SES-1880).
+- Refresh
+  patches.suse/cifs-Add-constructor-destructors-for-tcon-cfid.patch.
+- Refresh
+  patches.suse/cifs-Make-tcon-contain-a-wrapper-structure-cached_fids-instead-of-c.patch.
+- Refresh
+  patches.suse/cifs-Move-cached-dir-functions-into-a-separate-file.patch.
+- Refresh
+  patches.suse/cifs-remove-cifs_-prefix-from-init-destroy-mids-functions.patch.
+- Refresh
+  patches.suse/cifs-replace-kfree-with-kfree_sensitive-for-sensitive-data.patch.
+- Refresh
+  patches.suse/cifs-split-out-ses-and-tcon-retrieval-from-mount_get_conns-.patch.
+- Refresh
+  patches.suse/cifs-when-insecure-legacy-is-disabled-shrink-amount-of-SMB1-code.patch.
+- Refresh patches.suse/cifs-writeback-fix.patch.
+- Refresh
+  patches.suse/smb3-add-dynamic-trace-points-for-tree-disconnect.patch.
+- commit aba9248
+
+- cachefiles: Fix volume coherency attribute (jsc#SES-1880).
+- cachefiles: Fix incorrect length to fallocate() (jsc#SES-1880).
+- libceph: optionally use bounce buffer on recv path in crc mode
+  (jsc#SES-1880).
+- libceph: make recv path in secure mode work the same as send
+  path (jsc#SES-1880).
+- netfs, cachefiles: Add a method to query presence of data in
+  the cache (jsc#SES-1880).
+- ceph: put the requests/sessions when it fails to alloc memory
+  (jsc#SES-1880).
+- netfs: Make ops->init_rreq() optional (jsc#SES-1880).
+- fscache: Add a comment explaining how page-release optimisation
+  works (jsc#SES-1880).
+- cachefiles: Check that the backing filesystem supports tmpfiles
+  (jsc#SES-1880).
+- cachefiles: Explain checks in a comment (jsc#SES-1880).
+- cachefiles: Trace active-mark failure (jsc#SES-1880).
+- cachefiles: Make some tracepoint adjustments (jsc#SES-1880).
+- cachefiles: set default tag name if it's unspecified
+  (jsc#SES-1880).
+- cachefiles: Calculate the blockshift in terms of bytes, not
+  pages (jsc#SES-1880).
+- fscache: Fix the volume collision wait condition (jsc#SES-1880).
+- ceph: move CEPH_SUPER_MAGIC definition to magic.h
+  (jsc#SES-1880).
+- ceph: remove redundant Lsx caps check (jsc#SES-1880).
+- ceph: add new "nopagecache" option (jsc#SES-1880).
+- ceph: don't check for quotas on MDS stray dirs (jsc#SES-1880).
+- ceph: drop send metrics debug message (jsc#SES-1880).
+- rbd: make const pointer spaces a static const array
+  (jsc#SES-1880).
+- ceph: Fix incorrect statfs report for small quota
+  (jsc#SES-1880).
+- ceph: mount syntax module parameter (jsc#SES-1880).
+- ceph: record updated mon_addr on remount (jsc#SES-1880).
+- ceph: new device mount syntax (jsc#SES-1880).
+- libceph: rename parse_fsid() to ceph_parse_fsid() and export
+  (jsc#SES-1880).
+- libceph: generalize addr/ip parsing based on delimiter
+  (jsc#SES-1880).
+- 9p: fix enodata when reading growing file (jsc#SES-1880).
+- 9p, afs, ceph, nfs: Use current_is_kswapd() rather than
+  gfpflags_allow_blocking() (jsc#SES-1880).
+- fscache: Add a tracepoint for cookie use/unuse (jsc#SES-1880).
+- ceph: add fscache writeback support (jsc#SES-1880).
+- ceph: conversion to new fscache API (jsc#SES-1880).
+- nfs: Implement cache I/O by accessing the cache directly
+  (jsc#SES-1880).
+- commit 74173ff
+
+- blacklist: drop ceph commit
+- commit ba2e082
+
+- nfs: Convert to new fscache volume/cookie API (jsc#SES-1880).
+- Refresh
+  patches.suse/0001-NFS-flush-out-dirty-data-on-file-fput.patch.
+- commit afbd263
+
+- 9p: Copy local writes to the cache when writing to the server
+  (jsc#SES-1880).
+- commit 505ae37
+
+- 9p: Use fscache indexing rewrite and reenable caching
+  (jsc#SES-1880).
+- afs: Skip truncation on the server of data we haven't written
+  yet (jsc#SES-1880).
+- afs: Copy local writes to the cache when writing to the server
+  (jsc#SES-1880).
+- afs: Convert afs to use the new fscache API (jsc#SES-1880).
+- fscache, cachefiles: Display stat of culling events
+  (jsc#SES-1880).
+- fscache, cachefiles: Display stats of no-space events
+  (jsc#SES-1880).
+- cachefiles: Allow cachefiles to actually function
+  (jsc#SES-1880).
+- fscache, cachefiles: Store the volume coherency data
+  (jsc#SES-1880).
+- cachefiles: Implement the I/O routines (jsc#SES-1880).
+- cachefiles: Implement cookie resize for truncate (jsc#SES-1880).
+- cachefiles: Implement begin and end I/O operation
+  (jsc#SES-1880).
+- cachefiles: Implement backing file wrangling (jsc#SES-1880).
+- cachefiles: Implement culling daemon commands (jsc#SES-1880).
+- cachefiles: Mark a backing file in use with an inode flag
+  (jsc#SES-1880).
+- cachefiles: Implement metadata/coherency data storage in xattrs
+  (jsc#SES-1880).
+- cachefiles: Implement key to filename encoding (jsc#SES-1880).
+- cachefiles: Implement object lifecycle funcs (jsc#SES-1880).
+- cachefiles: Add tracepoints for calls to the VFS (jsc#SES-1880).
+- cachefiles: Implement volume support (jsc#SES-1880).
+- cachefiles: Implement cache registration and withdrawal
+  (jsc#SES-1880).
+- cachefiles: Implement a function to get/create a directory in
+  the cache (jsc#SES-1880).
+- vfs, cachefiles: Mark a backing file in use with an inode flag
+  (jsc#SES-1880).
+- cachefiles: Provide a function to check how much space there is
+  (jsc#SES-1880).
+- cachefiles: Register a miscdev and parse commands over it
+  (jsc#SES-1880).
+- cachefiles: Add security derivation (jsc#SES-1880).
+- cachefiles: Add cache error reporting macro (jsc#SES-1880).
+- cachefiles: Add a couple of tracepoints for logging errors
+  (jsc#SES-1880).
+- cachefiles: Add some error injection support (jsc#SES-1880).
+- cachefiles: Define structs (jsc#SES-1880).
+- cachefiles: Introduce rewritten driver (jsc#SES-1880).
+- fscache: Provide a function to resize a cookie (jsc#SES-1880).
+- fscache: Provide a function to note the release of a page
+  (jsc#SES-1880).
+- vfs, fscache: Implement pinning of cache usage for writeback
+  (jsc#SES-1880).
+- fscache: Implement higher-level write I/O interface
+  (jsc#SES-1880).
+- fscache: Implement raw I/O interface (jsc#SES-1880).
+- netfs: Pass more information on how to deal with a hole in
+  the cache (jsc#SES-1880).
+- fscache: Provide a function to let the netfs update its
+  coherency data (jsc#SES-1880).
+- fscache: Provide read/write stat counters for the cache
+  (jsc#SES-1880).
+- fscache: Count data storage objects in a cache (jsc#SES-1880).
+- fscache: Provide a means to begin an operation (jsc#SES-1880).
+- fscache: Implement cookie invalidation (jsc#SES-1880).
+- fscache: Implement cookie user counting and resource pinning
+  (jsc#SES-1880).
+- fscache: Implement simple cookie state machine (jsc#SES-1880).
+- fscache: Add a function for a cache backend to note an I/O error
+  (jsc#SES-1880).
+- fscache: Provide and use cache methods to lookup/create/free
+  a volume (jsc#SES-1880).
+- fscache: Implement functions add/remove a cache (jsc#SES-1880).
+- fscache: Implement cookie-level access helpers (jsc#SES-1880).
+- fscache: Implement volume-level access helpers (jsc#SES-1880).
+- fscache: Implement cache-level access helpers (jsc#SES-1880).
+- fscache: Implement cookie registration (jsc#SES-1880).
+- fscache: Implement volume registration (jsc#SES-1880).
+- fscache: Implement cache registration (jsc#SES-1880).
+- fscache: Implement a hash function (jsc#SES-1880).
+- fscache: Introduce new driver (jsc#SES-1880).
+- netfs: Pass a flag to ->prepare_write() to say if there's no
+  alloc'd space (jsc#SES-1880).
+- netfs: Display the netfs inode number in the netfs_read
+  tracepoint (jsc#SES-1880).
+- fscache: Remove the contents of the fscache driver, pending
+  rewrite (jsc#SES-1880).
+- cachefiles: Delete the cachefiles driver pending rewrite
+  (jsc#SES-1880).
+- fscache, cachefiles: Disable configuration (jsc#SES-1880).
+- fs: add is_idmapped_mnt() helper (jsc#SES-1880).
+- NFS: Remove unnecessary TRACE_DEFINE_ENUM()s (jsc#SES-1880).
+- NFS: Always provide aligned buffers to the RPC read layers
+  (jsc#SES-1880).
+- commit 50c0425
+
+- 9p: Convert to using the netfs helper lib to do reads and
+  caching (jsc#SES-1880).
+- commit 9285dce
+
+- ceph: initialize i_size variable in ceph_sync_read
+  (jsc#SES-1880).
+- netfs: fix parameter of cleanup() (jsc#SES-1880).
+- netfs: Fix lockdep warning from taking sb_writers whilst
+  holding mmap_lock (jsc#SES-1880).
+- ceph: add a new metric to keep track of remote object copies
+  (jsc#SES-1880).
+- libceph, ceph: move ceph_osdc_copy_from() into cephfs code
+  (jsc#SES-1880).
+- ceph: clean-up metrics data structures to reduce code
+  duplication (jsc#SES-1880).
+- ceph: split 'metric' debugfs file into several files
+  (jsc#SES-1880).
+- ceph: return the real size read when it hits EOF (jsc#SES-1880).
+- ceph: shut down mount on bad mdsmap or fsmap decode
+  (jsc#SES-1880).
+- ceph: fix mdsmap decode when there are MDS's beyond max_mds
+  (jsc#SES-1880).
+- ceph: ignore the truncate when size won't change with Fx caps
+  issued (jsc#SES-1880).
+- ceph: don't rely on error_string to validate blocklisted session
+  (jsc#SES-1880).
+- ceph: just use ci->i_version for fscache aux info
+  (jsc#SES-1880).
+- ceph: shut down access to inode when async create fails
+  (jsc#SES-1880).
+- ceph: refactor remove_session_caps_cb (jsc#SES-1880).
+- ceph: fix auth cap handling logic in remove_session_caps_cb
+  (jsc#SES-1880).
+- ceph: drop private list from remove_session_caps_cb
+  (jsc#SES-1880).
+- ceph: don't use -ESTALE as special return code in
+  try_get_cap_refs (jsc#SES-1880).
+- ceph: print inode numbers instead of pointer values
+  (jsc#SES-1880).
+- ceph: enable async dirops by default (jsc#SES-1880).
+- libceph: drop ->monmap and err initialization (jsc#SES-1880).
+- ceph: convert to noop_direct_IO (jsc#SES-1880).
+- fscache_cookie_enabled: check cookie is valid before accessing
+  it (jsc#SES-1880).
+- commit f5f0829
+
+- blacklist: remove 89d43d0551a8 ("ceph: put the requests/sessions when it fails to alloc memory")
+- commit 46eecd9
+
+- ceph: fix off by one bugs in unsafe_request_wait()
+  (jsc#SES-1880).
+- ceph: drop the mdsc_get_session/put_session dout messages
+  (jsc#SES-1880).
+- ceph: don't WARN if we're forcibly removing the session caps
+  (jsc#SES-1880).
+- ceph: don't WARN if we're force umounting (jsc#SES-1880).
+- ceph: reconnect to the export targets on new mdsmaps
+  (jsc#SES-1880).
+- ceph: print more information when we can't find snaprealm
+  (jsc#SES-1880).
+- ceph: add ceph_change_snap_realm() helper (jsc#SES-1880).
+- ceph: remove redundant initializations from mdsc and session
+  (jsc#SES-1880).
+- ceph: add a new vxattr to return auth mds for an inode
+  (jsc#SES-1880).
+- ceph: remove some defunct forward declarations (jsc#SES-1880).
+- ceph: flush the mdlog before waiting on unsafe reqs
+  (jsc#SES-1880).
+- ceph: flush mdlog before umounting (jsc#SES-1880).
+- ceph: make iterate_sessions a global symbol (jsc#SES-1880).
+- ceph: make ceph_create_session_msg a global symbol
+  (jsc#SES-1880).
+- ceph: fix comment about short copies in ceph_write_end
+  (jsc#SES-1880).
+- commit 4e12f60
+
+- fscache: Remove an unused static variable (jsc#SES-1880).
+- fscache: Fix some kerneldoc warnings shown up by W=1
+  (jsc#SES-1880).
+- cachefiles: Use file_inode() rather than accessing ->f_inode
+  (jsc#SES-1880).
+- netfs: Move cookie debug ID to struct netfs_cache_resources
+  (jsc#SES-1880).
+- fscache: Select netfs stats if fscache stats are enabled
+  (jsc#SES-1880).
+- commit bbdc82f
+
kernel-syms-rt
+- Add missing s390 vfio patch hunk (bsc#1208565 ltc#201535).
+- Refresh patches.suse/vfio-simplify-iommu-group-allocation-for-mediated-devices.
+- Refresh patches.suse/s390-vfio-ap-prepare-for-dynamic-update-of-guest-s-APCB-on-queue.
+- Refresh patches.suse/s390-vfio-ap-rename-matrix_dev-lock-mutex-to-matrix_dev-mdevs_lo.
+- commit 43ce0be
+
+- Update kabi files.
+  Based on PublicBeta-202302 ISO, kernel 5.14.21-150500.40.1
+- commit 2b36ed6
+
+- Update
+  patches.suse/usb-rndis_host-Secure-rndis_query-check-against-int-.patch
+  (CVE-2023-23559 bsc#1207051).
+  Added CVE reference to existing fix
+- commit af8ad62
+
+- Update kabi files.
+  Add arm64 64kb flavor, based on daily build 5.14.21-150500.9.1.g9b76281.aarch64.rpm
+- commit 2a6f1f8
+
+- Fix page corruption caused by racy check in __free_pages
+  (bsc#1208149).
+- commit 4cd4141
+
+- ipmi:ssif: Add a timer between request retries (bsc#1206459).
+- ipmi:ssif: Remove rtc_us_timer (bsc#1206459).
+- ipmi_ssif: Rename idle state and check (bsc#1206459).
+- ipmi:ssif: resend_msg() cannot fail (bsc#1206459).
+- commit b0ebf1b
+
+- Delete
+  patches.suse/ipmi-ssif-Add-60ms-time-internal-between-write-retri.patch.
+- commit 8704cd7
+
+- drm/i915/dg2: Drop force_probe requirement (bsc#1208203
+  jsc#PED-1218).
+- commit 4a027ed
+
+- module: Don't wait for GOING modules (bsc#1196058, bsc#1186449,
+  bsc#1204356, bsc#1204662).
+- commit 4544b7b
+
+- aquantia: Do not purge addresses when setting the number of
+  rings (jsc#PED-1530).
+- commit 39a03b2
+
+- net: atlantic: macsec: clear encryption keys from the stack
+  (jsc#PED-1530).
+- commit 643f719
+
+- atlantic: fix deadlock at aq_nic_stop (jsc#PED-1530).
+- commit 4a9a64f
+
+- net: atlantic: fix potential memory leak in aq_ndev_close()
+  (jsc#PED-1530).
+- commit 719db2f
+
+- net: atlantic: remove aq_nic_deinit() when resume
+  (jsc#PED-1530).
+- commit ff2f581
+
+- net: atlantic: remove deep parameter on suspend/resume functions
+  (jsc#PED-1530).
+- commit 9e96b4d
+
+- net: atlantic:fix repeated words in comments (jsc#PED-1530).
+- commit d6d4ffb
+
+- net: atlantic: verify hw_head_ lies within TX buffer ring
+  (jsc#PED-1530).
+- commit 7059ede
+
+- net: atlantic: add check for MAX_SKB_FRAGS (jsc#PED-1530).
+- commit e719b81
+
+- net: atlantic: reduce scope of is_rsc_complete (jsc#PED-1530).
+- commit b04c254
+
+- net: atlantic: fix "frag[0] not initialized" (jsc#PED-1530).
+- commit 0263576
+
+- Update
+  patches.suse/net-sched-cbq-dont-intepret-cls-results-when-asked-t.patch
+  (bsc#1207361 bsc#1207036 CVE-2023-23454).
+- commit 521fdca
+
+- Update
+  patches.suse/net-sched-atm-dont-intepret-cls-results-when-asked-t.patch
+  (bsc#1207361 bc#1207125 CVE-2023-23455).
+- commit c8b6243
+
+- io_uring/poll: fix poll_refs race with cancelation (bsc#1207511
+  CVE-2023-0468).
+- io_uring: make poll refs more robust (bsc#1207511
+  CVE-2023-0468).
+- io_uring: cmpxchg for poll arm refs release (bsc#1207511
+  CVE-2023-0468).
+- io_uring: fix tw losing poll events (bsc#1207511 CVE-2023-0468).
+- io_uring: update res mask in io_poll_check_events (bsc#1207511
+  CVE-2023-0468).
+- commit 4fe9bfe
+
+- io_uring: pass in EPOLL_URING_WAKE for eventfd signaling and
+  wakeups (bsc#1207100).
+- eventfd: provide a eventfd_signal_mask() helper (bsc#1207100).
+- eventpoll: add EPOLL_URING_WAKE poll wakeup flag (bsc#1207100).
+- commit 9e5a117
+
+- fbdev: Fix invalid page access after closing deferred I/O
+  devices (bsc#1207284).
+- commit 6a8d940
+
+- ipmi:ssif: Add 60ms time internal between write retries
+  (bsc#1206459).
+- ipmi:ssif: Increase the message retry time (bsc#1206459).
+- commit 14626c0
+
+- ibmvnic: Toggle between queue types in affinity mapping
+  (jsc#PED-2322).
+- commit 03b696f
+
+- Update config files.
+  New config option CONFIG_CACHEFILES_ONDEMAND.
+- commit ef23649
+
+- fs: change test in inode_insert5 for adding to the sb list
+  (jsc#SES-1880).
+- commit 6570d82
+
+- fscache: Fix oops due to race with cookie_lru and use_cookie
+  (jsc#SES-1880).
+- fscache: fix OOB Read in __fscache_acquire_volume
+  (jsc#SES-1880).
+- ceph: fix NULL pointer dereference for req->r_session
+  (jsc#SES-1880).
+- ceph: fix a NULL vs IS_ERR() check when calling
+  ceph_lookup_inode() (jsc#SES-1880).
+- ceph: fix incorrectly showing the .snap size for stat
+  (jsc#SES-1880).
+- ceph: fail the open_by_handle_at() if the dentry is being
+  unlinked (jsc#SES-1880).
+- ceph: increment i_version when doing a setattr with caps
+  (jsc#SES-1880).
+- ceph: Use kcalloc for allocating multiple elements
+  (jsc#SES-1880).
+- ceph: no need to wait for transition RDCACHE|RD -> RD
+  (jsc#SES-1880).
+- ceph: fail the request if the peer MDS doesn't support getvxattr
+  op (jsc#SES-1880).
+- ceph: wake up the waiters if any new caps comes (jsc#SES-1880).
+- libceph: drop last_piece flag from ceph_msg_data_cursor
+  (jsc#SES-1880).
+- fscrypt: add fscrypt_context_for_new_inode (jsc#SES-1880).
+- fscrypt: export fscrypt_fname_encrypt and
+  fscrypt_fname_encrypted_size (jsc#SES-1880).
+- commit 941f30a
+
+- blacklist: remove ceph commits from the list
+  aa1d627207ca ("ceph: Use kcalloc for allocating multiple elements")
+  5bd76b8de5b7 ("ceph: fix NULL pointer dereference for req->r_session")
+- commit 54964bf
+
+- x86/hyperv: Add constant HV_ISOLATION_TYPE_TDX (related to bug 1206453 and PED-3247).
+- commit a452b5e
+
+- cachefiles: make on-demand request distribution fairer
+  (jsc#SES-1880).
+- cachefiles: fix error return code in cachefiles_ondemand_copen()
+  (jsc#SES-1880).
+- fscache: fix misdocumented parameter (jsc#SES-1880).
+- libceph: clean up ceph_osdc_start_request prototype
+  (jsc#SES-1880).
+- libceph: fix ceph_pagelist_reserve() comment typo
+  (jsc#SES-1880).
+- ceph: remove useless check for the folio (jsc#SES-1880).
+- ceph: make f_bsize always equal to f_frsize (jsc#SES-1880).
+- ceph: flush the dirty caps immediatelly when quota is
+  approaching (jsc#SES-1880).
+- libceph: print fsid and epoch with osd id (jsc#SES-1880).
+- libceph: check pointer before assigned to "c->rules"
+  (jsc#SES-1880).
+- ceph: don't get the inline data for new creating files
+  (jsc#SES-1880).
+- ceph: update the auth cap when the async create req is forwarded
+  (jsc#SES-1880).
+- ceph: make change_auth_cap_ses a global symbol (jsc#SES-1880).
+- ceph: fix incorrect old_size length in ceph_mds_request_args
+  (jsc#SES-1880).
+- ceph: call netfs_subreq_terminated with was_async == false
+  (jsc#SES-1880).
+- ceph: convert to generic_file_llseek (jsc#SES-1880).
+- ceph: fix the incorrect comment for the ceph_mds_caps struct
+  (jsc#SES-1880).
+- ceph: prevent a client from exceeding the MDS maximum xattr size
+  (jsc#SES-1880).
+- ceph: choose auth MDS for getxattr with the Xs caps
+  (jsc#SES-1880).
+- ceph: add session already open notify support (jsc#SES-1880).
+- commit f01bb22
+
+- ceph: wait for the first reply of inflight async unlink
+  (jsc#SES-1880).
+- Refresh
+  patches.suse/ceph-don-t-truncate-file-in-atomic_open.patch.
+- commit 6774969
+
+- fs/dcache: export d_same_name() helper (jsc#SES-1880).
+- ceph: remove useless CEPHFS_FEATURES_CLIENT_REQUIRED
+  (jsc#SES-1880).
+- fscache: add tracepoint when failing cookie (jsc#SES-1880).
+- fscache: don't leak cookie access refs if invalidation is in
+  progress or failed (jsc#SES-1880).
+- docs: filesystems: update netfs-api.rst reference
+  (jsc#SES-1880).
+- commit d147e79
+
+- fscrypt: add new helper functions for test_dummy_encryption
+  (jsc#SES-1880).
+- fscrypt: factor out fscrypt_policy_to_key_spec() (jsc#SES-1880).
+- commit 5ea3f64
+
+- netfs: do not unlock and put the folio twice (jsc#SES-1880).
+- fscache: Fix invalidation/lookup race (jsc#SES-1880).
+- cachefiles: narrow the scope of flushed requests when releasing
+  fd (jsc#SES-1880).
+- fscache: Introduce fscache_cookie_is_dropped() (jsc#SES-1880).
+- fscache: Fix if condition in fscache_wait_on_volume_collision()
+  (jsc#SES-1880).
+- ceph: wait on async create before checking caps for syncfs
+  (jsc#SES-1880).
+- 9p: fix EBADF errors in cached mode (jsc#SES-1880).
+- netfs: Rename the netfs_io_request cleanup op and give it an
+  op pointer (jsc#SES-1880).
+- ceph: fix decoding of client session messages flags
+  (jsc#SES-1880).
+- ceph: switch TASK_INTERRUPTIBLE to TASK_KILLABLE (jsc#SES-1880).
+- ceph: remove redundant variable ino (jsc#SES-1880).
+- ceph: try to queue a writeback if revoking fails (jsc#SES-1880).
+- ceph: fix statfs for subdir mounts (jsc#SES-1880).
+- ceph: fix possible deadlock when holding Fwb to get inline_data
+  (jsc#SES-1880).
+- ceph: redirty the page for writepage on failure (jsc#SES-1880).
+- ceph: try to choose the auth MDS if possible for getattr
+  (jsc#SES-1880).
+- ceph: disable updating the atime since cephfs won't maintain it
+  (jsc#SES-1880).
+- ceph: flush the mdlog for filesystem sync (jsc#SES-1880).
+- ceph: rename unsafe_request_wait() (jsc#SES-1880).
+- libceph: use swap() macro instead of taking tmp variable
+  (jsc#SES-1880).
+- ceph: fix statx AT_STATX_DONT_SYNC vs AT_STATX_FORCE_SYNC check
+  (jsc#SES-1880).
+- ceph: no need to invalidate the fscache twice (jsc#SES-1880).
+- ceph: replace usage of found with dedicated list iterator
+  variable (jsc#SES-1880).
+- ceph: use dedicated list iterator variable (jsc#SES-1880).
+- ceph: update the dlease for the hashed dentry when removing
+  (jsc#SES-1880).
+- ceph: stop retrying the request when exceeding 256 times
+  (jsc#SES-1880).
+- ceph: stop forwarding the request when exceeding 256 times
+  (jsc#SES-1880).
+- ceph: remove unused CEPH_MDS_LEASE_RELEASE related code
+  (jsc#SES-1880).
+- cachefiles: add tracepoints for on-demand read mode
+  (jsc#SES-1880).
+- cachefiles: enable on-demand read mode (jsc#SES-1880).
+- cachefiles: implement on-demand read (jsc#SES-1880).
+- cachefiles: notify the user daemon when withdrawing cookie
+  (jsc#SES-1880).
+- cachefiles: unbind cachefiles gracefully in on-demand mode
+  (jsc#SES-1880).
+- cachefiles: notify the user daemon when looking up cookie
+  (jsc#SES-1880).
+- cachefiles: extract write routine (jsc#SES-1880).
+- netfs: Eliminate Clang randstruct warning (jsc#SES-1880).
+- commit ce95c8d
+
+- blacklist: removed 1b2ba3c5616e ("ceph: flush the mdlog for filesystem sync")
+- commit 559d59c
+
+- libceph: fix misleading ceph_osdc_cancel_request() comment
+  (jsc#SES-1880).
+- ceph: fix possible NULL pointer dereference for req->r_session
+  (jsc#SES-1880).
+- ceph: remove incorrect session state check (jsc#SES-1880).
+- ceph: get snap_rwsem read lock in handle_cap_export for
+  ceph_add_cap (jsc#SES-1880).
+- libceph: disambiguate cluster/pool full log message
+  (jsc#SES-1880).
+- fscache: remove FSCACHE_OLD_API Kconfig option (jsc#SES-1880).
+- fscache: Use wrapper fscache_set_cache_state() directly when
+  relinquishing (jsc#SES-1880).
+- fscache: Move fscache_cookies_seq_ops specific code under
+  CONFIG_PROC_FS (jsc#SES-1880).
+- fscache: Remove the cookie parameter from
+  fscache_clear_page_bits() (jsc#SES-1880).
+- cachefiles: Fix KASAN slab-out-of-bounds in
+  cachefiles_set_volume_xattr (jsc#SES-1880).
+- cachefiles: unmark inode in use in error path (jsc#SES-1880).
+- netfs: Keep track of the actual remote file size (jsc#SES-1880).
+- netfs: Split some core bits out into their own file
+  (jsc#SES-1880).
+- netfs: Split fs/netfs/read_helper.c (jsc#SES-1880).
+- netfs: Rename read_helper.c to io.c (jsc#SES-1880).
+- netfs: Prepare to split read_helper.c (jsc#SES-1880).
+- netfs: Add a function to consolidate beginning a read
+  (jsc#SES-1880).
+- commit 759f021
+
+- blacklist: removed 7acae6183cf3 ("ceph: fix possible NULL pointer dereference for req->r_session")
+- commit 91f76f5
+
+- netfs: Add a netfs inode context (jsc#SES-1880).
+- Refresh
+  patches.suse/cifs-fix-potential-deadlock-in-direct-reclaim.patch.
+- commit fa3a76d
+
+- ceph: Make ceph_init_request() check caps on readahead
+  (jsc#SES-1880).
+- netfs: Change ->init_request() to return an error code
+  (jsc#SES-1880).
+- netfs: Refactor arguments for netfs_alloc_read_request
+  (jsc#SES-1880).
+- netfs: Adjust the netfs_failure tracepoint to indicate
+  non-subreq lines (jsc#SES-1880).
+- netfs: Trace refcounting on the netfs_io_subrequest struct
+  (jsc#SES-1880).
+- netfs: Trace refcounting on the netfs_io_request struct
+  (jsc#SES-1880).
+- netfs: Adjust the netfs_rreq tracepoint slightly (jsc#SES-1880).
+- netfs: Split netfs_io_* object handling out (jsc#SES-1880).
+- netfs: Finish off rename of netfs_read_request to
+  netfs_io_request (jsc#SES-1880).
+- netfs: Rename netfs_read_*request to netfs_io_*request
+  (jsc#SES-1880).
+- netfs: Generate enums from trace symbol mapping lists
+  (jsc#SES-1880).
+- fscache: export fscache_end_operation() (jsc#SES-1880).
+- afs: Sort out symlink reading (jsc#SES-1880).
+- commit f1d9e86
+
+- ceph: uninitialized variable in debug output (jsc#SES-1880).
+- ceph: use tracked average r/w/m latencies to display metrics
+  in debugfs (jsc#SES-1880).
+- ceph: include average/stdev r/w/m latency in mds metrics
+  (jsc#SES-1880).
+- ceph: track average r/w/m latency (jsc#SES-1880).
+- ceph: use ktime_to_timespec64() rather than
+  jiffies_to_timespec64() (jsc#SES-1880).
+- ceph: assign the ci only when the inode isn't NULL
+  (jsc#SES-1880).
+- commit 7f5eb5f
+
+- ceph: misc fix for code style and logs (jsc#SES-1880).
+- Refresh
+  patches.suse/ceph-avoid-putting-the-realm-twice-when-decoding-snaps-fails.patch.
+- commit 915976e
+
+- ceph: allocate capsnap memory outside of ceph_queue_cap_snap()
+  (jsc#SES-1880).
+- ceph: do not release the global snaprealm until unmounting
+  (jsc#SES-1880).
+- ceph: remove incorrect and unused CEPH_INO_DOTDOT macro
+  (jsc#SES-1880).
+- ceph: eliminate the recursion when rebuilding the snap context
+  (jsc#SES-1880).
+- ceph: zero the dir_entries memory when allocating it
+  (jsc#SES-1880).
+- ceph: move to a dedicated slabcache for ceph_cap_snap
+  (jsc#SES-1880).
+- ceph: add getvxattr op (jsc#SES-1880).
+- libceph: drop else branches in prepare_read_data{,_cont}
+  (jsc#SES-1880).
+- ceph: fix comments mentioning i_mutex (jsc#SES-1880).
+- ceph: fail the request directly if handle_reply gets an ESTALE
+  (jsc#SES-1880).
+- ceph: wake waiters after failed async create (jsc#SES-1880).
+- ceph: wait for async create reply before sending any cap
+  messages (jsc#SES-1880).
+- ceph: eliminate req->r_wait_for_completion from ceph_mds_request
+  (jsc#SES-1880).
+- ceph: uninline the data on a file opened for writing
+  (jsc#SES-1880).
+- ceph: make ceph_netfs_issue_op() handle inlined data
+  (jsc#SES-1880).
+- commit 4f1bb1d
+
+- cifs: Fix the readahead conversion to manage the batch when
+  reading from cache (jsc#SES-1880).
+- cifs: Implement cache I/O by accessing the cache directly
+  (jsc#SES-1880).
+- commit aeedd18
+
+- cifs: Transition from ->readpages() to ->readahead()
+  (jsc#SES-1880).
+- Refresh patches.suse/Adjust-cifssb-maximum-read-size.patch.
+- commit 9ab1e02
+
+- Update config files.
+  New config option CONFIG_CACHEFILES_ERROR_INJECTION.
+- commit c7f3506
+
+- cifs: Support fscache indexing rewrite (jsc#SES-1880).
+- Refresh
+  patches.suse/cifs-Add-constructor-destructors-for-tcon-cfid.patch.
+- Refresh
+  patches.suse/cifs-Make-tcon-contain-a-wrapper-structure-cached_fids-instead-of-c.patch.
+- Refresh
+  patches.suse/cifs-Move-cached-dir-functions-into-a-separate-file.patch.
+- Refresh
+  patches.suse/cifs-remove-cifs_-prefix-from-init-destroy-mids-functions.patch.
+- Refresh
+  patches.suse/cifs-replace-kfree-with-kfree_sensitive-for-sensitive-data.patch.
+- Refresh
+  patches.suse/cifs-split-out-ses-and-tcon-retrieval-from-mount_get_conns-.patch.
+- Refresh
+  patches.suse/cifs-when-insecure-legacy-is-disabled-shrink-amount-of-SMB1-code.patch.
+- Refresh patches.suse/cifs-writeback-fix.patch.
+- Refresh
+  patches.suse/smb3-add-dynamic-trace-points-for-tree-disconnect.patch.
+- commit aba9248
+
+- cachefiles: Fix volume coherency attribute (jsc#SES-1880).
+- cachefiles: Fix incorrect length to fallocate() (jsc#SES-1880).
+- libceph: optionally use bounce buffer on recv path in crc mode
+  (jsc#SES-1880).
+- libceph: make recv path in secure mode work the same as send
+  path (jsc#SES-1880).
+- netfs, cachefiles: Add a method to query presence of data in
+  the cache (jsc#SES-1880).
+- ceph: put the requests/sessions when it fails to alloc memory
+  (jsc#SES-1880).
+- netfs: Make ops->init_rreq() optional (jsc#SES-1880).
+- fscache: Add a comment explaining how page-release optimisation
+  works (jsc#SES-1880).
+- cachefiles: Check that the backing filesystem supports tmpfiles
+  (jsc#SES-1880).
+- cachefiles: Explain checks in a comment (jsc#SES-1880).
+- cachefiles: Trace active-mark failure (jsc#SES-1880).
+- cachefiles: Make some tracepoint adjustments (jsc#SES-1880).
+- cachefiles: set default tag name if it's unspecified
+  (jsc#SES-1880).
+- cachefiles: Calculate the blockshift in terms of bytes, not
+  pages (jsc#SES-1880).
+- fscache: Fix the volume collision wait condition (jsc#SES-1880).
+- ceph: move CEPH_SUPER_MAGIC definition to magic.h
+  (jsc#SES-1880).
+- ceph: remove redundant Lsx caps check (jsc#SES-1880).
+- ceph: add new "nopagecache" option (jsc#SES-1880).
+- ceph: don't check for quotas on MDS stray dirs (jsc#SES-1880).
+- ceph: drop send metrics debug message (jsc#SES-1880).
+- rbd: make const pointer spaces a static const array
+  (jsc#SES-1880).
+- ceph: Fix incorrect statfs report for small quota
+  (jsc#SES-1880).
+- ceph: mount syntax module parameter (jsc#SES-1880).
+- ceph: record updated mon_addr on remount (jsc#SES-1880).
+- ceph: new device mount syntax (jsc#SES-1880).
+- libceph: rename parse_fsid() to ceph_parse_fsid() and export
+  (jsc#SES-1880).
+- libceph: generalize addr/ip parsing based on delimiter
+  (jsc#SES-1880).
+- 9p: fix enodata when reading growing file (jsc#SES-1880).
+- 9p, afs, ceph, nfs: Use current_is_kswapd() rather than
+  gfpflags_allow_blocking() (jsc#SES-1880).
+- fscache: Add a tracepoint for cookie use/unuse (jsc#SES-1880).
+- ceph: add fscache writeback support (jsc#SES-1880).
+- ceph: conversion to new fscache API (jsc#SES-1880).
+- nfs: Implement cache I/O by accessing the cache directly
+  (jsc#SES-1880).
+- commit 74173ff
+
+- blacklist: drop ceph commit
+- commit ba2e082
+
+- nfs: Convert to new fscache volume/cookie API (jsc#SES-1880).
+- Refresh
+  patches.suse/0001-NFS-flush-out-dirty-data-on-file-fput.patch.
+- commit afbd263
+
+- 9p: Copy local writes to the cache when writing to the server
+  (jsc#SES-1880).
+- commit 505ae37
+
+- 9p: Use fscache indexing rewrite and reenable caching
+  (jsc#SES-1880).
+- afs: Skip truncation on the server of data we haven't written
+  yet (jsc#SES-1880).
+- afs: Copy local writes to the cache when writing to the server
+  (jsc#SES-1880).
+- afs: Convert afs to use the new fscache API (jsc#SES-1880).
+- fscache, cachefiles: Display stat of culling events
+  (jsc#SES-1880).
+- fscache, cachefiles: Display stats of no-space events
+  (jsc#SES-1880).
+- cachefiles: Allow cachefiles to actually function
+  (jsc#SES-1880).
+- fscache, cachefiles: Store the volume coherency data
+  (jsc#SES-1880).
+- cachefiles: Implement the I/O routines (jsc#SES-1880).
+- cachefiles: Implement cookie resize for truncate (jsc#SES-1880).
+- cachefiles: Implement begin and end I/O operation
+  (jsc#SES-1880).
+- cachefiles: Implement backing file wrangling (jsc#SES-1880).
+- cachefiles: Implement culling daemon commands (jsc#SES-1880).
+- cachefiles: Mark a backing file in use with an inode flag
+  (jsc#SES-1880).
+- cachefiles: Implement metadata/coherency data storage in xattrs
+  (jsc#SES-1880).
+- cachefiles: Implement key to filename encoding (jsc#SES-1880).
+- cachefiles: Implement object lifecycle funcs (jsc#SES-1880).
+- cachefiles: Add tracepoints for calls to the VFS (jsc#SES-1880).
+- cachefiles: Implement volume support (jsc#SES-1880).
+- cachefiles: Implement cache registration and withdrawal
+  (jsc#SES-1880).
+- cachefiles: Implement a function to get/create a directory in
+  the cache (jsc#SES-1880).
+- vfs, cachefiles: Mark a backing file in use with an inode flag
+  (jsc#SES-1880).
+- cachefiles: Provide a function to check how much space there is
+  (jsc#SES-1880).
+- cachefiles: Register a miscdev and parse commands over it
+  (jsc#SES-1880).
+- cachefiles: Add security derivation (jsc#SES-1880).
+- cachefiles: Add cache error reporting macro (jsc#SES-1880).
+- cachefiles: Add a couple of tracepoints for logging errors
+  (jsc#SES-1880).
+- cachefiles: Add some error injection support (jsc#SES-1880).
+- cachefiles: Define structs (jsc#SES-1880).
+- cachefiles: Introduce rewritten driver (jsc#SES-1880).
+- fscache: Provide a function to resize a cookie (jsc#SES-1880).
+- fscache: Provide a function to note the release of a page
+  (jsc#SES-1880).
+- vfs, fscache: Implement pinning of cache usage for writeback
+  (jsc#SES-1880).
+- fscache: Implement higher-level write I/O interface
+  (jsc#SES-1880).
+- fscache: Implement raw I/O interface (jsc#SES-1880).
+- netfs: Pass more information on how to deal with a hole in
+  the cache (jsc#SES-1880).
+- fscache: Provide a function to let the netfs update its
+  coherency data (jsc#SES-1880).
+- fscache: Provide read/write stat counters for the cache
+  (jsc#SES-1880).
+- fscache: Count data storage objects in a cache (jsc#SES-1880).
+- fscache: Provide a means to begin an operation (jsc#SES-1880).
+- fscache: Implement cookie invalidation (jsc#SES-1880).
+- fscache: Implement cookie user counting and resource pinning
+  (jsc#SES-1880).
+- fscache: Implement simple cookie state machine (jsc#SES-1880).
+- fscache: Add a function for a cache backend to note an I/O error
+  (jsc#SES-1880).
+- fscache: Provide and use cache methods to lookup/create/free
+  a volume (jsc#SES-1880).
+- fscache: Implement functions add/remove a cache (jsc#SES-1880).
+- fscache: Implement cookie-level access helpers (jsc#SES-1880).
+- fscache: Implement volume-level access helpers (jsc#SES-1880).
+- fscache: Implement cache-level access helpers (jsc#SES-1880).
+- fscache: Implement cookie registration (jsc#SES-1880).
+- fscache: Implement volume registration (jsc#SES-1880).
+- fscache: Implement cache registration (jsc#SES-1880).
+- fscache: Implement a hash function (jsc#SES-1880).
+- fscache: Introduce new driver (jsc#SES-1880).
+- netfs: Pass a flag to ->prepare_write() to say if there's no
+  alloc'd space (jsc#SES-1880).
+- netfs: Display the netfs inode number in the netfs_read
+  tracepoint (jsc#SES-1880).
+- fscache: Remove the contents of the fscache driver, pending
+  rewrite (jsc#SES-1880).
+- cachefiles: Delete the cachefiles driver pending rewrite
+  (jsc#SES-1880).
+- fscache, cachefiles: Disable configuration (jsc#SES-1880).
+- fs: add is_idmapped_mnt() helper (jsc#SES-1880).
+- NFS: Remove unnecessary TRACE_DEFINE_ENUM()s (jsc#SES-1880).
+- NFS: Always provide aligned buffers to the RPC read layers
+  (jsc#SES-1880).
+- commit 50c0425
+
+- 9p: Convert to using the netfs helper lib to do reads and
+  caching (jsc#SES-1880).
+- commit 9285dce
+
+- ceph: initialize i_size variable in ceph_sync_read
+  (jsc#SES-1880).
+- netfs: fix parameter of cleanup() (jsc#SES-1880).
+- netfs: Fix lockdep warning from taking sb_writers whilst
+  holding mmap_lock (jsc#SES-1880).
+- ceph: add a new metric to keep track of remote object copies
+  (jsc#SES-1880).
+- libceph, ceph: move ceph_osdc_copy_from() into cephfs code
+  (jsc#SES-1880).
+- ceph: clean-up metrics data structures to reduce code
+  duplication (jsc#SES-1880).
+- ceph: split 'metric' debugfs file into several files
+  (jsc#SES-1880).
+- ceph: return the real size read when it hits EOF (jsc#SES-1880).
+- ceph: shut down mount on bad mdsmap or fsmap decode
+  (jsc#SES-1880).
+- ceph: fix mdsmap decode when there are MDS's beyond max_mds
+  (jsc#SES-1880).
+- ceph: ignore the truncate when size won't change with Fx caps
+  issued (jsc#SES-1880).
+- ceph: don't rely on error_string to validate blocklisted session
+  (jsc#SES-1880).
+- ceph: just use ci->i_version for fscache aux info
+  (jsc#SES-1880).
+- ceph: shut down access to inode when async create fails
+  (jsc#SES-1880).
+- ceph: refactor remove_session_caps_cb (jsc#SES-1880).
+- ceph: fix auth cap handling logic in remove_session_caps_cb
+  (jsc#SES-1880).
+- ceph: drop private list from remove_session_caps_cb
+  (jsc#SES-1880).
+- ceph: don't use -ESTALE as special return code in
+  try_get_cap_refs (jsc#SES-1880).
+- ceph: print inode numbers instead of pointer values
+  (jsc#SES-1880).
+- ceph: enable async dirops by default (jsc#SES-1880).
+- libceph: drop ->monmap and err initialization (jsc#SES-1880).
+- ceph: convert to noop_direct_IO (jsc#SES-1880).
+- fscache_cookie_enabled: check cookie is valid before accessing
+  it (jsc#SES-1880).
+- commit f5f0829
+
+- blacklist: remove 89d43d0551a8 ("ceph: put the requests/sessions when it fails to alloc memory")
+- commit 46eecd9
+
+- ceph: fix off by one bugs in unsafe_request_wait()
+  (jsc#SES-1880).
+- ceph: drop the mdsc_get_session/put_session dout messages
+  (jsc#SES-1880).
+- ceph: don't WARN if we're forcibly removing the session caps
+  (jsc#SES-1880).
+- ceph: don't WARN if we're force umounting (jsc#SES-1880).
+- ceph: reconnect to the export targets on new mdsmaps
+  (jsc#SES-1880).
+- ceph: print more information when we can't find snaprealm
+  (jsc#SES-1880).
+- ceph: add ceph_change_snap_realm() helper (jsc#SES-1880).
+- ceph: remove redundant initializations from mdsc and session
+  (jsc#SES-1880).
+- ceph: add a new vxattr to return auth mds for an inode
+  (jsc#SES-1880).
+- ceph: remove some defunct forward declarations (jsc#SES-1880).
+- ceph: flush the mdlog before waiting on unsafe reqs
+  (jsc#SES-1880).
+- ceph: flush mdlog before umounting (jsc#SES-1880).
+- ceph: make iterate_sessions a global symbol (jsc#SES-1880).
+- ceph: make ceph_create_session_msg a global symbol
+  (jsc#SES-1880).
+- ceph: fix comment about short copies in ceph_write_end
+  (jsc#SES-1880).
+- commit 4e12f60
+
+- fscache: Remove an unused static variable (jsc#SES-1880).
+- fscache: Fix some kerneldoc warnings shown up by W=1
+  (jsc#SES-1880).
+- cachefiles: Use file_inode() rather than accessing ->f_inode
+  (jsc#SES-1880).
+- netfs: Move cookie debug ID to struct netfs_cache_resources
+  (jsc#SES-1880).
+- fscache: Select netfs stats if fscache stats are enabled
+  (jsc#SES-1880).
+- commit bbdc82f
+
kernel-zfcpdump
+- powerpc/64s: Make POWER10 and later use pause_short in cpu_relax
+  loops (bsc#1208376 ltc#201076).
+- powerpc: add ISA v3.0 / v3.1 wait opcode macro (bsc#1208376
+  ltc#201076).
+- commit 2a06230
+
+- ibmvnic: Assign XPS map to correct queue index (bsc#1208757
+  ltc#201720 jsc#PED-2322 git-fixes).
+- commit be76316
+
+- Update
+  patches.suse/usb-dwc3-dwc3-qcom-Add-missing-platform_device_put-i.patch
+  (bsc#1208741 CVE-2023-22995).
+  Added CVE reference for fix already present
+- commit 80a158a
+
+- loop: fix ioctl calls using compat_loop_info (bsc#1207333).
+- commit 11a60da
+
+- Add missing s390 vfio patch hunk (bsc#1208565 ltc#201535).
+- Refresh patches.suse/vfio-simplify-iommu-group-allocation-for-mediated-devices.
+- Refresh patches.suse/s390-vfio-ap-prepare-for-dynamic-update-of-guest-s-APCB-on-queue.
+- Refresh patches.suse/s390-vfio-ap-rename-matrix_dev-lock-mutex-to-matrix_dev-mdevs_lo.
+- commit 43ce0be
+
+- Update kabi files.
+  Based on PublicBeta-202302 ISO, kernel 5.14.21-150500.40.1
+- commit 2b36ed6
+
+- Update
+  patches.suse/usb-rndis_host-Secure-rndis_query-check-against-int-.patch
+  (CVE-2023-23559 bsc#1207051).
+  Added CVE reference to existing fix
+- commit af8ad62
+
+- Update kabi files.
+  Add arm64 64kb flavor, based on daily build 5.14.21-150500.9.1.g9b76281.aarch64.rpm
+- commit 2a6f1f8
+
+- Fix page corruption caused by racy check in __free_pages
+  (bsc#1208149).
+- commit 4cd4141
+
+- ipmi:ssif: Add a timer between request retries (bsc#1206459).
+- ipmi:ssif: Remove rtc_us_timer (bsc#1206459).
+- ipmi_ssif: Rename idle state and check (bsc#1206459).
+- ipmi:ssif: resend_msg() cannot fail (bsc#1206459).
+- commit b0ebf1b
+
+- Delete
+  patches.suse/ipmi-ssif-Add-60ms-time-internal-between-write-retri.patch.
+- commit 8704cd7
+
+- drm/i915/dg2: Drop force_probe requirement (bsc#1208203
+  jsc#PED-1218).
+- commit 4a027ed
+
+- module: Don't wait for GOING modules (bsc#1196058, bsc#1186449,
+  bsc#1204356, bsc#1204662).
+- commit 4544b7b
+
kicad
-- Use python3 on Leap 15.4
+- update to 6.0.11:
+  See https://www.kicad.org/blog/2023/01/KiCad-6.0.11-Release/ for details.
+
+- update to version 6.0.10:
+  See https://www.kicad.org/blog/2022/12/KiCad-6.0.10-Release/ for details.
+
+- Update to version 6.0.9
+  See https://www.kicad.org/blog/2022/10/KiCad-6.0.9-Release/ for details.
+
+- Update to version 6.0.8
+  See https://www.kicad.org/blog/2022/09/KiCad-6.0.8-Release/ for details.
+
+- Update to version 6.0.7
+  See https://www.kicad.org/blog/2022/07/KiCad-6.0.7-Release/ for details.
+
+- Update to version 6.0.6
+  See https://www.kicad.org/blog/2022/06/KiCad-6.0.6-Release/ for details.
+
+- Update to version 6.0.5
+  See https://www.kicad.org/blog/2022/05/KiCad-6.0.5-Release/ for details.
+- Use Boost >= 1.71 on Leap.
+
+- Update to version 6.0.4
+  See https://www.kicad.org/blog/2022/03/KiCad-6.0.4-Release/ for details.
+
+- Update to version 6.0.2
+  See https://www.kicad.org/blog/2022/02/KiCad-6.0.2-Release/ for details.
+
+- Fix suse_update_desktop_file invocation on Leap (missing new
+  "org.kicad." prefix for desktop file names).
+
+- Update to version 6.0.1
+  See https://www.kicad.org/blog/2022/01/KiCad-6.0.1-Release/ for details.
+
+- Update to version 6.0.0
+  See https://www.kicad.org/blog/2021/12/KiCad-6.0.0-Release/ for details.
+- Drop no longer necessary kicad-suse-help-path.patch
+- Add 0001-Use-library-target-install-for-python-module-to-fix-.patch
+- Adjust disk constraints (now 11G)
+
+- Update to version 5.1.12
+  See https://kicad.org/blog/2021/11/KiCad-5.1.12-Release/ for details.
+
+- Update to version 5.1.11
+  See https://kicad.org/blog/2021/11/KiCad-5.1.11-Release/ for details.
+- Replace references to old domain (hijacked) with kicad.org
+  https://www.kicad.org/blog/2021/10/Avoid-links-to-former-kicad-domain/
+
+- Update to version 5.1.10
+  See https://kicad.org/blog/2021/05/KiCad-5.1.10-Release/ for details.
+
+- Update to version 5.1.9
+  See https://kicad.org/blog/2020/12/KiCad-5.1.9-Release/ for details.
+- On TW, disable XDG category mangling, keep new upstream category
+  Science;Electronics.
kicad-doc:html
+- update to 6.0.11:
+  See https://www.kicad.org/blog/2023/01/KiCad-6.0.11-Release/ for details.
+
+- Update to version 6.0.9
+  See https://www.kicad.org/blog/2022/10/KiCad-6.0.9-Release/ for details.
+
+- Update to version 6.0.8
+  See https://www.kicad.org/blog/2022/09/KiCad-6.0.8-Release/ for details.
+
+- Update to version 6.0.7
+  See https://www.kicad.org/blog/2022/07/KiCad-6.0.7-Release/ for details.
+
+- Update to version 6.0.6
+  See https://www.kicad.org/blog/2022/06/KiCad-6.0.6-Release/ for details.
+
+- Update to version 6.0.5
+  See https://www.kicad.org/blog/2022/05/KiCad-6.0.5-Release/ for details.
+
+- Update to version 6.0.4
+  See https://www.kicad.org/blog/2022/03/KiCad-6.0.4-Release/ for details.
+
+- Update to version 6.0.2
+  See https://www.kicad.org/blog/2022/02/KiCad-6.0.2-Release/ for details.
+
+- Update to version 6.0.1
+  See https://www.kicad.org/blog/2022/01/KiCad-6.0.1-Release/ for details.
+
+- Update to version 6.0.0
+  See https://www.kicad.org/blog/2021/12/KiCad-6.0.0-Release/ for details.
+
+- Update to version 5.1.12
+  See https://kicad.org/blog/2021/11/KiCad-5.1.12-Release/ for details.
+
+- Update to version 5.1.11
+  See https://kicad.org/blog/2021/11/KiCad-5.1.11-Release/ for details.
+- Replace references to old domain (hijacked) with kicad.org
+  https://www.kicad.org/blog/2021/10/Avoid-links-to-former-kicad-domain/
+
+- Update to version 5.1.10
+  See https://kicad.org/blog/2021/05/KiCad-5.1.10-Release/ for details.
+
+- Update to version 5.1.9
+  See https://kicad.org/blog/2020/12/KiCad-5.1.9-Release/ for details.
+
kicad-doc:pdf
+- update to 6.0.11:
+  See https://www.kicad.org/blog/2023/01/KiCad-6.0.11-Release/ for details.
+
+- Update to version 6.0.9
+  See https://www.kicad.org/blog/2022/10/KiCad-6.0.9-Release/ for details.
+
+- Update to version 6.0.8
+  See https://www.kicad.org/blog/2022/09/KiCad-6.0.8-Release/ for details.
+
+- Update to version 6.0.7
+  See https://www.kicad.org/blog/2022/07/KiCad-6.0.7-Release/ for details.
+
+- Update to version 6.0.6
+  See https://www.kicad.org/blog/2022/06/KiCad-6.0.6-Release/ for details.
+
+- Update to version 6.0.5
+  See https://www.kicad.org/blog/2022/05/KiCad-6.0.5-Release/ for details.
+
+- Update to version 6.0.4
+  See https://www.kicad.org/blog/2022/03/KiCad-6.0.4-Release/ for details.
+
+- Update to version 6.0.2
+  See https://www.kicad.org/blog/2022/02/KiCad-6.0.2-Release/ for details.
+
+- Update to version 6.0.1
+  See https://www.kicad.org/blog/2022/01/KiCad-6.0.1-Release/ for details.
+
+- Update to version 6.0.0
+  See https://www.kicad.org/blog/2021/12/KiCad-6.0.0-Release/ for details.
+
+- Update to version 5.1.12
+  See https://kicad.org/blog/2021/11/KiCad-5.1.12-Release/ for details.
+
+- Update to version 5.1.11
+  See https://kicad.org/blog/2021/11/KiCad-5.1.11-Release/ for details.
+- Replace references to old domain (hijacked) with kicad.org
+  https://www.kicad.org/blog/2021/10/Avoid-links-to-former-kicad-domain/
+
+- Update to version 5.1.10
+  See https://kicad.org/blog/2021/05/KiCad-5.1.10-Release/ for details.
+
+- Update to version 5.1.9
+  See https://kicad.org/blog/2020/12/KiCad-5.1.9-Release/ for details.
+
kicad-footprints
+- update to 6.0.11:
+  See https://www.kicad.org/blog/2023/01/KiCad-6.0.11-Release/ for details.
+
+- Set minimum cmake version
+
+- Update to version 6.0.9
+  See https://www.kicad.org/blog/2022/10/KiCad-6.0.9-Release/ for details.
+
+- Update to version 6.0.8
+  See https://www.kicad.org/blog/2022/09/KiCad-6.0.8-Release/ for details.
+
+- Update to version 6.0.7
+  See https://www.kicad.org/blog/2022/07/KiCad-6.0.7-Release/ for details.
+
+- Update to version 6.0.6
+  See https://www.kicad.org/blog/2022/06/KiCad-6.0.6-Release/ for details.
+
+- Update to version 6.0.5
+  See https://www.kicad.org/blog/2022/05/KiCad-6.0.5-Release/ for details.
+
+- Update to version 6.0.4
+  See https://www.kicad.org/blog/2022/03/KiCad-6.0.4-Release/ for details.
+
+- Update to version 6.0.2
+  See https://www.kicad.org/blog/2022/02/KiCad-6.0.2-Release/ for details.
+
+- Update to version 6.0.1
+  See https://www.kicad.org/blog/2022/01/KiCad-6.0.1-Release/ for details.
+
+- Update to version 6.0.0
+  See https://www.kicad.org/blog/2021/12/KiCad-6.0.0-Release/ for details.
+
+- Update to version 5.1.12
+  See https://kicad.org/blog/2021/11/KiCad-5.1.12-Release/ for details.
+
+- Update to version 5.1.11
+  See https://kicad.org/blog/2021/11/KiCad-5.1.11-Release/ for details.
+- Replace references to old domain (hijacked) with kicad.org
+  https://www.kicad.org/blog/2021/10/Avoid-links-to-former-kicad-domain/
+
+- Update to version 5.1.10
+  See https://kicad.org/blog/2021/05/KiCad-5.1.10-Release/ for details.
+
+- Update to version 5.1.9
+  See https://kicad.org/blog/2020/12/KiCad-5.1.9-Release/ for details.
+
kicad-packages3D
+- update to 6.0.11:
+  See https://www.kicad.org/blog/2023/01/KiCad-6.0.11-Release/ for details.
+
+- Set minimum cmake version
+
+- update to 6.0.10:
+  See https://www.kicad.org/blog/2022/12/KiCad-6.0.10-Release/ for details.
+
+- Update to version 6.0.9
+  See https://www.kicad.org/blog/2022/10/KiCad-6.0.9-Release/ for details.
+
+- Update to version 6.0.8
+  See https://www.kicad.org/blog/2022/09/KiCad-6.0.8-Release/ for details.
+
+- Update to version 6.0.7
+  See https://www.kicad.org/blog/2022/07/KiCad-6.0.7-Release/ for details.
+
+- Update to version 6.0.6
+  See https://www.kicad.org/blog/2022/06/KiCad-6.0.6-Release/ for details.
+
+- Update to version 6.0.5
+  See https://www.kicad.org/blog/2022/05/KiCad-6.0.5-Release/ for details.
+
+- Update to version 6.0.4
+  See https://www.kicad.org/blog/2022/03/KiCad-6.0.4-Release/ for details.
+- Fix directory for fdupes call
+
+- Update to version 6.0.2
+  See https://www.kicad.org/blog/2022/02/KiCad-6.0.2-Release/ for details.
+
+- Update to version 6.0.1
+  See https://www.kicad.org/blog/2022/01/KiCad-6.0.1-Release/ for details.
+
+- Update to version 6.0.0
+  See https://www.kicad.org/blog/2021/12/KiCad-6.0.0-Release/ for details.
+
+- Update to version 5.1.12
+  See https://kicad.org/blog/2021/11/KiCad-5.1.12-Release/ for details.
+
+- Update to version 5.1.11
+  See https://kicad.org/blog/2021/11/KiCad-5.1.11-Release/ for details.
+- Replace references to old domain (hijacked) with kicad.org
+  https://www.kicad.org/blog/2021/10/Avoid-links-to-former-kicad-domain/
+
+- Update to version 5.1.10
+  See https://kicad.org/blog/2021/05/KiCad-5.1.10-Release/ for details.
+
+- Update to version 5.1.9
+  See https://kicad.org/blog/2020/12/KiCad-5.1.9-Release/ for details.
+
kicad-symbols
+- update to 6.0.11:
+  See https://www.kicad.org/blog/2023/01/KiCad-6.0.11-Release/ for details.
+
+- Update to version 6.0.9
+  See https://www.kicad.org/blog/2022/10/KiCad-6.0.9-Release/ for details.
+
+- Update to version 6.0.8
+  See https://www.kicad.org/blog/2022/09/KiCad-6.0.8-Release/ for details.
+
+- Update to version 6.0.7
+  See https://www.kicad.org/blog/2022/07/KiCad-6.0.7-Release/ for details.
+
+- Update to version 6.0.6
+  See https://www.kicad.org/blog/2022/06/KiCad-6.0.6-Release/ for details.
+
+- Update to version 6.0.5
+  See https://www.kicad.org/blog/2022/05/KiCad-6.0.5-Release/ for details.
+
+- Update to version 6.0.4
+  See https://www.kicad.org/blog/2022/03/KiCad-6.0.4-Release/ for details.
+
+- Update to version 6.0.2
+  See https://www.kicad.org/blog/2022/02/KiCad-6.0.2-Release/ for details.
+
+- Update to version 6.0.1
+  See https://www.kicad.org/blog/2022/01/KiCad-6.0.1-Release/ for details.
+
+- Update to version 6.0.0
+  See https://www.kicad.org/blog/2021/12/KiCad-6.0.0-Release/ for details.
+
+- Update to version 5.1.12
+  See https://kicad.org/blog/2021/11/KiCad-5.1.12-Release/ for details.
+
+- Update to version 5.1.11
+  See https://kicad.org/blog/2021/11/KiCad-5.1.11-Release/ for details.
+- Replace references to old domain (hijacked) with kicad.org
+  https://www.kicad.org/blog/2021/10/Avoid-links-to-former-kicad-domain/
+
+- Update to version 5.1.10
+  See https://kicad.org/blog/2021/05/KiCad-5.1.10-Release/ for details.
+
+- Update to version 5.1.9
+  See https://kicad.org/blog/2020/12/KiCad-5.1.9-Release/ for details.
+
kicad-templates
+- update to 6.0.11:
+  See https://www.kicad.org/blog/2023/01/KiCad-6.0.11-Release/ for details.
+
+- update to version 6.0.10:
+  See https://www.kicad.org/blog/2022/12/KiCad-6.0.10-Release/ for details.
+
+- Update to version 6.0.9
+  See https://www.kicad.org/blog/2022/10/KiCad-6.0.9-Release/ for details.
+
+- Update to version 6.0.8
+  See https://www.kicad.org/blog/2022/09/KiCad-6.0.8-Release/ for details.
+
+- Update to version 6.0.7
+  See https://www.kicad.org/blog/2022/07/KiCad-6.0.7-Release/ for details.
+
+- Update to version 6.0.6
+  See https://www.kicad.org/blog/2022/06/KiCad-6.0.6-Release/ for details.
+
+- Update to version 6.0.5
+  See https://www.kicad.org/blog/2022/05/KiCad-6.0.5-Release/ for details.
+
+- Update to version 6.0.4
+  See https://www.kicad.org/blog/2022/03/KiCad-6.0.4-Release/ for details.
+
+- Update to version 6.0.2
+  See https://www.kicad.org/blog/2022/02/KiCad-6.0.2-Release/ for details.
+
+- Update to version 6.0.1
+  See https://www.kicad.org/blog/2022/01/KiCad-6.0.1-Release/ for details.
+
+- Update to version 6.0.0
+  See https://www.kicad.org/blog/2021/12/KiCad-6.0.0-Release/ for details.
+
+- Update to version 5.1.12
+  See https://kicad.org/blog/2021/11/KiCad-5.1.12-Release/ for details.
+
+- Update to version 5.1.11
+  See https://kicad.org/blog/2021/11/KiCad-5.1.11-Release/ for details.
+- Replace references to old domain (hijacked) with kicad.org
+  https://www.kicad.org/blog/2021/10/Avoid-links-to-former-kicad-domain/
+
+- Update to version 5.1.10
+  See https://kicad.org/blog/2021/05/KiCad-5.1.10-Release/ for details.
+
+- Update to version 5.1.9
+  See https://kicad.org/blog/2020/12/KiCad-5.1.9-Release/ for details.
+
kiwi-templates-Minimal
+- Add hyper-v for aarch64
+
kraft
+- Update to Kraft version 1.0
+  * Have two new merge modes for the watermark tool
+  * PDF watermark tool can also append PDF files now
+  * Add numbercycle day counter variable (#138)
+  * Test improvements and new tests added
+  * User manual improvements
+  * Localized screenshots in the user manual (Thx Ronald)
+  * Demand and Alternative: Do not overwrite custom prefix
+  * Default Demand and Alternative text configurable in prefix dialog
+  * Add more variables to weasyprint (#166)
+  * Ability to add EPC QR code to invoices (Giro Code)
+  * Maintain users bank account to be included in documents
+  * Add some metadata to the html representation (weasyprint)
+  * Use custom icons for all icons in Krafti (#175)
+  * Experimental: html tags in pre- and post tags and items & catalogs
+  * Add more contrib documents from Achim (BNC)
+  * Database refresh only in readonly mode
+  * Huge improvements to the AppImage build (#191)
+  * Fix: Numbercycle dialog with day counter (#138)
+  * Fix: Strikeout for deleted items working again
+  * Fix: Delete column in sqlite migrations (#162)
+  * Fix: Add -p switch to call of weasyprint (html presentational hints)
+  * Fix: Set reconnect option for MySQL (#183)
+
+- Update to 1.0 RC1
+
krb5
+- Update to 1.20.1; (bsc#1205126); (CVE-2022-42898);
+  * Fix integer overflows in PAC parsing [CVE-2022-42898].
+  * Fix null deref in KDC when decoding invalid NDR.
+  * Fix memory leak in OTP kdcpreauth module.
+  * Fix PKCS11 module path search.
+- update to 1.20.0:
+  * Added a "disable_pac" realm relation to suppress adding PAC authdata
+    to tickets, for realms which do not need to support S4U requests.
+  * Most credential cache types will use atomic replacement when a cache
+    is reinitialized using kinit or refreshed from the client keytab.
+  * kprop can now propagate databases with a dump size larger than 4GB,
+    if both the client and server are upgraded.
+  * kprop can now work over NATs that change the destination IP address,
+    if the client is upgraded.
+  * Updated the KDB interface.  The sign_authdata() method is replaced
+    with the issue_pac() method, allowing KDB modules to add logon info
+    and other buffers to the PAC issued by the KDC.
+  * Host-based initiator names are better supported in the GSS krb5
+    mechanism.
+  * Replaced AD-SIGNEDPATH authdata with minimal PACs.
+  * To avoid spurious replay errors, password change requests will not
+    be attempted over UDP until the attempt over TCP fails.
+  * PKINIT will sign its CMS messages with SHA-256 instead of SHA-1.
+  * Updated all code using OpenSSL to be compatible with OpenSSL 3.
+  * Reorganized the libk5crypto build system to allow the OpenSSL
+    back-end to pull in material from the builtin back-end depending on
+    the OpenSSL version.
+  * Simplified the PRNG logic to always use the platform PRNG.
+  * Converted the remaining Tcl tests to Python.
+- update to 1.19.3 (bsc#1189929, CVE-2021-37750):
+  * Fix a denial of service attack against the KDC [CVE-2021-37750].
+  * Fix KDC null deref on TGS inner body null server
+  * Fix conformance issue in GSSAPI tests
+- Resolve "Credential cache directory /run/user/0/krb5cc does not
+  exist while opening default credentials cache" by using a kernel
+  keyring instead of a dir cache; (bsc#1109830);
+- Added hardening to systemd services; (bsc#1181400);
+- Drop 0009-Fix-KDC-null-deref-on-TGS-inner-body-null-server.patch,
+  fixed in release 1.20.0
+- Drop 0010-Fix-integer-overflows-in-PAC-parsing.patch,
+  fixed in release 1.20.1
+
-    protocol messages.
+    protocol messages; (CVE-2020-28196); (bsc#1178512);
-    cross-realm S4U2Self requests is also now more robust.
+    cross-realm S4U2Self requests is also now more robust
+    (CVE-2018-20217).
lapack
+- Set -mfpmath=sse for the entire build for ix86 platforms
+  on SLE/Leap. Since we build for x86_64, we know that sse
+  is available.
+  This helps to avoid effects from excess precision that
+  can be seen in the test suite.
+  On Factory we leave -ffloat-store for the test suite
+  only as this option comes at a performance penalty.
+  We may see precision related issues in the test suite
+  with future compilers regardless.
+
+- As a configurable option add tmglib code to the LAPACK librarly
+  and enable TMG in LAPACKE as the header files provide its API
+  (boo#1207989 & bsc#1087426).
+- Restore generic link for update-alternatives. This is usually
+  set by the update-alternatives and it is '%ghost'ed but rpmlint
+  complains.
+- Move update-alternatives --remove to %%postun to stop rpmlint
+  from complaining.
+- Removed useless - because never executed - %%postrans scriptlets.
+- Added missing _%%{_arch} to update-alternative names.
+- rpmlint complains anyway - this time about alternative-link-missing
+  - as it does not understand the _%%{_arch} endings: muffle with
+  rpmlintrc.
+- Make arch-dependent generic names conditional.
+
+- Fix missing symbols for deprecated functions in LAPACK, add
+  Restore_missing_deprecated_prototypes.patch
+- Add -Wl,--no-undefined when creating shared libraries,
+  to catch missing symbols during build
+- Test fixes:
+  * Build test binaries during %build, run in %check
+  * Fix incorrect path for test output, to actually catch
+    any test failures
+- Spec file cleanup:
+  * Do not rename blaslib, it is used for test binaries
+  * Use same commands for building lapacke as for other libs
+  * Remove unused FFLAGS_NOOP for test binaries
+
+- Remove unneeded links. These will be taken care of by the
+  update-alternatives. This will bring this package in sync
+  with openblas.
+
+- Build deprecated functions again to avoid breaking the ABI.
+  (boo#1207989)
+
+- Make library links in the alternatives directory arch dependent.
+  This avoids conflicts when both 32-bit and 64-bit versions are
+  installed (boo#1207563).
+
-- Build tmglib and fold contents into existing liblapack{.a,.so.3}.
-  [bnc#1087426]
+- Rename conflicting MIN.3 and MAX.3 manpages into lapack-{MAX,MIN}.3
+
+- Do not create the dummy files in /etc/alternatives during
+  %install: managed by update-alternatives and packaged as ghost.
+
+- stop owning directories provided by filesystem (bsc#1184786)
+
+- Update to version 3.9.0:
+  * LAPACK QR-preconditioned QR SVD method - xGESVDQ routines
+  * LAPACK Householder Reconstruction
+- Add Avoid-out-of-bounds-accesses-in-complex-EIG-tests.patch
+- Rebase lapack-3.2.2.patch
+- Drop -std=legacy from fortran flags:
+  * add Fix-MinGW-build-error.patch
+  * add Fix-some-minor-inconsistencies-in-LAPACKE_czgesvdq.patch
+- Remove pre_checkin.sh, remove lapack-man.changes copy
+
+- Build CBLAS from lapack package
+  * update baselibs.conf
+- Clean up spec file:
+  * remove useless make cleanlib
+  * remove ineffective duplicated 'make ..lib' calls with deviating
+    opts, as the object files are not removed (fortuanately) the
+    existing PIC files are used for the static libraries
+  * remove fortran-only -std=legacy opt from CFLAGS
+
+- lapack-man:
+  * Build manpages from same sources as the binaries (3.8.0) instead
+    of old 3.5.0.
+  * Merge blas-man package into lapack-man package. Avoids tedious
+    splitting of the two.
+  * Use fdupes macro instead of trying to deduplicate man pages
+    manually.
+- Cleanup lapack spec:
+  * Remove conditionals for obsolete distro versions
+  * Only use python3-base instead of python3
+  * Drop old copy of lapack_testing.py as separate source
+
+- Add -std=legacy in order to fix boo#1166619.
+
+- Use FAT LTO objects in order to provide proper static library.
+
+- Update to version 3.8.0:
+  * Symmetric-indefinite Factorization: Aasen’s tridiagonalization
+    2 stage.
+  * LAPACKE interfaces.
+- Static -pic libraries are no longer built.
-- Add baselibs.conf to sources
-
-- Include update-alternatives dependency in subpackages that use it
-  to guarantee it will be available.
-
-- Move blas and lapack libraries to subdirectories for fixing
-  update-alternatives [bnc#861081]
-- Add %posttrans scripts for fixing migration problems.
-
lapack-man
+- Set -mfpmath=sse for the entire build for ix86 platforms
+  on SLE/Leap. Since we build for x86_64, we know that sse
+  is available.
+  This helps to avoid effects from excess precision that
+  can be seen in the test suite.
+  On Factory we leave -ffloat-store for the test suite
+  only as this option comes at a performance penalty.
+  We may see precision related issues in the test suite
+  with future compilers regardless.
+
+- As a configurable option add tmglib code to the LAPACK librarly
+  and enable TMG in LAPACKE as the header files provide its API
+  (boo#1207989 & bsc#1087426).
+- Restore generic link for update-alternatives. This is usually
+  set by the update-alternatives and it is '%ghost'ed but rpmlint
+  complains.
+- Move update-alternatives --remove to %%postun to stop rpmlint
+  from complaining.
+- Removed useless - because never executed - %%postrans scriptlets.
+- Added missing _%%{_arch} to update-alternative names.
+- rpmlint complains anyway - this time about alternative-link-missing
+  - as it does not understand the _%%{_arch} endings: muffle with
+  rpmlintrc.
+- Make arch-dependent generic names conditional.
+
+- Fix missing symbols for deprecated functions in LAPACK, add
+  Restore_missing_deprecated_prototypes.patch
+- Add -Wl,--no-undefined when creating shared libraries,
+  to catch missing symbols during build
+- Test fixes:
+  * Build test binaries during %build, run in %check
+  * Fix incorrect path for test output, to actually catch
+    any test failures
+- Spec file cleanup:
+  * Do not rename blaslib, it is used for test binaries
+  * Use same commands for building lapacke as for other libs
+  * Remove unused FFLAGS_NOOP for test binaries
+
+- Remove unneeded links. These will be taken care of by the
+  update-alternatives. This will bring this package in sync
+  with openblas.
+
+- Build deprecated functions again to avoid breaking the ABI.
+  (boo#1207989)
+
+- Make library links in the alternatives directory arch dependent.
+  This avoids conflicts when both 32-bit and 64-bit versions are
+  installed (boo#1207563).
+
+- Consolidate dummy links for update-alternatives bringing them
+  in sync with openblas. Add alternatives for lapacke.
+
+- Add Fix-out-of-bounds-read.patch to fix out of bound reads when
+  user input is not validated properly.  (bsc#1193562, CVE-2021-4048)
+
+- Rename conflicting MIN.3 and MAX.3 manpages into lapack-{MAX,MIN}.3
+
+- Do not create the dummy files in /etc/alternatives during
+  %install: managed by update-alternatives and packaged as ghost.
+
+- stop owning directories provided by filesystem (bsc#1184786)
+
+- Update to version 3.9.0:
+  * LAPACK QR-preconditioned QR SVD method - xGESVDQ routines
+  * LAPACK Householder Reconstruction
+- Add Avoid-out-of-bounds-accesses-in-complex-EIG-tests.patch
+- Rebase lapack-3.2.2.patch
+- Drop -std=legacy from fortran flags:
+  * add Fix-MinGW-build-error.patch
+  * add Fix-some-minor-inconsistencies-in-LAPACKE_czgesvdq.patch
+- Remove pre_checkin.sh, remove lapack-man.changes copy
+
+- Build CBLAS from lapack package
+  * update baselibs.conf
+- Clean up spec file:
+  * remove useless make cleanlib
+  * remove ineffective duplicated 'make ..lib' calls with deviating
+    opts, as the object files are not removed (fortuanately) the
+    existing PIC files are used for the static libraries
+  * remove fortran-only -std=legacy opt from CFLAGS
+
+- lapack-man:
+  * Build manpages from same sources as the binaries (3.8.0) instead
+    of old 3.5.0.
+  * Merge blas-man package into lapack-man package. Avoids tedious
+    splitting of the two.
+  * Use fdupes macro instead of trying to deduplicate man pages
+    manually.
+- Cleanup lapack spec:
+  * Remove conditionals for obsolete distro versions
+  * Only use python3-base instead of python3
+  * Drop old copy of lapack_testing.py as separate source
+
+- Add -std=legacy in order to fix boo#1166619.
+
+- Use FAT LTO objects in order to provide proper static library.
+
+- Update to version 3.8.0:
+  * Symmetric-indefinite Factorization: Aasen’s tridiagonalization
+    2 stage.
+  * LAPACKE interfaces.
+- Static -pic libraries are no longer built.
+
+- Package lapack_testing.py from lapack 3.8.0 with adjusted interpreter
+  and adjust BuildRequires to python3.  [bnc#1075766]
+
-- Add baselibs.conf to sources
-
-- Include update-alternatives dependency in subpackages that use it
-  to guarantee it will be available.
-
-- Move blas and lapack libraries to subdirectories for fixing
-  update-alternatives [bnc#861081]
-- Add %posttrans scripts for fixing migration problems.
-
-- Update to 3.5.0
-  * Added Hermitian LDLT factorization routines with rook pivoting
-    algorithm
-  * 2-by-1 CSD to be used for tall and skinny matrix with orthonormal
-    columns
-  * New stopping criteria for balancing
-  * New complex division algorithm
-  * Various improvements
-- No longer removing files due to license reasons as one file is
-  no longer part of Lapack and the others have been replaced by
-  new ones under the normal LAPACK license
-
-- packaged symlinks created by update-alternative as %ghost files
-- removed quotes from update-alternative command to silence rpmlint warning
-
-- Split devel packages into devel and devel-static
-
-- add update-alternative support to allow user to easily switch
-  between several blas and lapack libraries
-
lbreakouthd
+- Add lbreakouthd-user-hiscoredir.patch: Save hiscores to user
+  config dir instead of global localstatedir; patch sent upstream
+  [https://sourceforge.net/p/lgames/bugs/93/]. This also fixes an
+  issue with openSUSE's pkg where the installed hiscores file was
+  forced to be have '0664' perms instead of '0666', causing high
+  scores to not be saved at all.
+- Drop hiscores.hscr file installed to _localstatedir, as it is no
+  longer used in light of above patch.
+
+- Update to version 1.1.1
+  * added keyboard support for menu
+  * added test functionality to editor
+
libcbor
+- Merge change from SLE15 SP4 made by pgajdos@suse.com on
+  Tue Apr  5 14:36:56 UTC 2022:
-  + libcbor.1
+  + libcbor.3
-- Add libcbor-0.5.0-fix-lib.patch to not build shared lib twice
-  and make package build reproducible (boo#1102408)
+- Update to 0.10.1:
+  * BREAKING: Fix cbor_copy leaking memory and creating invalid items when the allocator fails.
+  * BREAKING: Improved half-float encoding for denormalized numbers. [#208]
+  * Make the buffer_size optional in cbor_serialize_alloc [#205]
+  * Fix a potential memory leak when the allocator fails during array or map decoding [#224]
+  * Fix a memory leak when the allocator fails when adding chunks to indefinite bytestrings.
+  * Fix a memory leak when the allocator fails when adding chunks to indefinite strings
+  * Fix cbor_build_tag illegal memory behavior when the allocator fails
+  * Add a new cbor_serialized_size API
+  * Reworked cbor_serialize_alloc to allocate the exact amount of memory necessary upfront
+
+- Install manual page in the correct man section
+
+- fix duplicate src package name issue on multibuild
+
+- update to 0.9.0:
+  * Improved pkg-config paths handling
+  * Use explicit math.h linkage
+  * BREAKING: Fixed handling of items that exceed the host size_t range
+  * cbor_decode explicitly checks size to avoid overflows (previously broken,
+    potentially resulting in erroneous decoding on affected systems)
+- split docs into multibuild flavor to avoid build cycle via openssh<->
+  python-pyOpenSSL <-> python-cryptography
+
+- Update to version 0.8.0
+  * BREAKING: Fix cbor_tag_item not increasing the reference count
+    on the tagged item reference it returns
+  * BREAKING: CBOR_DECODER_EBUFFER removed from cbor_decoder_status
+    + cbor_stream_decode will set CBOR_DECODER_NEDATA instead if the
+    input buffer is empty
+  * Fix cbor_stream_decode to set cbor_decoder_result.required to
+    the minimum number of input bytes necessary to receive the next
+    callback (as long as at least one byte was passed)
+  * Fixed several minor manpage issue
+
+- Update to version 0.7.0
+  * Too many changes to list, see included CHANGELOG.md file
+- 0.6.0 includes patch by bwiedemann@suse.com to not build shared
+  lib twice and make package build reproducible (boo#1102408,
+  gh#PJK/libcbor#72)
+
+- remove documentation build with doxygen
libdeflate
+- update to 1.17:
+  * Improved the compression ratio at levels 10-12 slightly, mainly
+    levels 11-12. Some inputs (such as certain PNG files) see much
+    improved compression ratios. As a trade-off, compressing at
+    levels 11-12 is now about 5-20% slower.
+  * For consistency with zlib, the decompressor now returns an error
+    on some invalid inputs that were accepted before.
+  * Fixed a build error on arm64 with gcc with certain target CPUs.
+  * Fixed a build error in programs/gzip.c with uClibc.
+
+- update to 1.15:
+  * libdeflate now uses CMake instead of a plain Makefile.
+
libgarcon
+- Update to version 4.18.0
+  * Bump requirements for Xfce 4.18
+  * Translation Updates:
+
libgda
+- Add bebdffb4de586fb43fd07ac549121f4b22f6812d.patch: Fix
+  CVE-2021-39359 by forcing TLS certificate validation
+  (boo#1189849).
+- Add libgda-fix-meson-060.patch: Fix build with meson 0.61.0 and
+  newer.
+
libheimdal
+- replace libheimdal conflicts by obsoletes / provides to provide a
+  smooth update in the new libheimdal-devel.
+
libica
+- Upgrade to version 4.2.1 (jsc#PED-2872)
+  - [PATCH] fix regression opening shared memory
+
libjcat
+- update to 0.1.12:
+  * Correctly export the AliasIds in all cases (Richard Hughes)
+  * Install installed-test firmware.bin.ed25519 (Jan Tojnar)
+  * Predate test cert activation date by 1 day (David Bonner)
+
+- update to 0.1.11:
+  - Allow the user to get the runtime library version (Richard Hughes)
+  - Fix incorrect certtool being called on macOS (Richard Hughes)
+
+- update to 0.1.10:
+  - Add ED25519 support (Richard Hughes)
+  - Define three more types used for the firmware transparency log (Richard Hughes)
+  - Include the pkgconfig variables in the subproject dependency (Richard Hughes)
+  - Drop the use of setuptools in the test script for regenerating ld version file (Eli Schwartz)
+  - Use the correct lookup method for the python3 script interpreter (Eli Schwartz)
+
+- update to 0.1.9:
+  * Set which backends are supported in the pkgconfig file
+  * Use -Dcli=false to reduce the install size
+  * Return an error if we try to self-sign no bytes of data
+  * Show a more accurate output when not all engines are enabled
+
+- update to 0.1.8:
+  * Fix a warning when used in a subproject
+  * Fix compilation on FreeBSD
+  * Do not use help2man to build manual pages
+  * Fall back to the AliasId for validation
+  * Fix jcat_context_verify_blob() to use self verify for checksums
+  * Allow verifying expired certificates with an additional argument
+  * Allow compiling json-glib as a subproject
+  * Export the old JCatEngine property to preserve internal ABI
+  * Do not fail verification if compiled without an engine
+
liblscp
+- update to 0.9.8:
+  * Fixed broken pkg-config file (lscp.pc) generation (thanks
+    to Konstantin Voinov while on OBS multimedia::proaudio).
+
libmediainfo
+- update to 22.12:
+  + WebVTT: more information (duration, start/end timestamp, count of lines...)
+  + MP4/MOV: support of FLAC
+  + MP4/MOV: support of LanguageIETF
+  + ProRes: parse FFmpeg glbl atom for getting color range
+  + AVI/WAV: detection of character set
+  + WAV: display MD5 of raw content
+  + FLAC: display MD5 of unencoded content
+  + USAC: trace of UsacFrame() up to after preroll
+  + MOV/MP4: option for parsing only the header, no parsing of any frame
+  + MXF: option for parsing only the header, no parsing of any frame
+  x MXF: quicker parsing when fast parsing is requested
+  x I662, WAV: fix false-positive detection of DTS in PCM
+  x I1637, MPEG-Audio: proper support of Helix MP3 encoder detection and encoder settings
+  x I661, MXF: fix UKDPP FpaPass value sometimes not outputted
+  x S1182, Teletext subtitle: prioritize subtitle metadata other overs
+  x Matroska: Better handling in case of buggy AVC stream
+  x 22.2 audio: Fix name of 1 channel (Tll --> Tsl)
+  x AAC: fix wrong parsing of some bitstreams
+  x Fix crash with stdin input and ctrl-c
+  x Fix memory leak in JSON output
+
libmodbus
+- update to 3.1.10:
+  * Fix baud rate handling with RTU under Linux
+  * Fix modbus_disable_quirks signature
+  * Move content about migration to libmodbus.org
+  * Avoid negative value in FD_SET call
+  * Test socket against positive value instead of -1
+  * Improvements to autotools by @ndim
+  * Fix doc links by @jordanjohnson56 (#653)
+  * Test the protocol id for 0 by @metapsychologe (#509)
+  * Fix double negative in tests
+  * New quirks handler (closes #38 #533)
+  * Fix bitwise OR in documentation
+  * Improve doc about slave ID in RTU
+  * Add .clang-format and format code (closes #394)
+  * Remove constraints on baud rate values
+  * Accept IP or device in arg of unit test progs
+  * Avoid compilation issue with VS2022 with strdup
+  * Display created files in configure.js
+  * Use strcpy_s under Windows
+  * Replace inet_addr by inet_pton calls
+  * Replace inet_ntoa by inet_ptop
+  * Update configure.ac/config.h.win32 for new inet functions
+  * Instructions to build libmodbus in a VS project
+  * Fix connection check for Windows RTU (closes #660, #662)
+  * Add CIFuzz Github action by @DavidKorczynski (#669)
+  * Convert a few int to unsigned int (#402)
+
libnice
+- Update to version 0.1.21:
+  * Only use `ifr_ifindex` if OS supports it, fixes build on iOS
+    and FreeBSD.
+- Changes from version 0.1.20:
+  * Remove support for GStreamer 0.10 builds.
+  * Add macro to check LIBNICE version.
+  * Added utility function to get the STUN server from a candidate.
+  * Support additional header in built-in HTTP proxy client.
+  * Add boxed type for NiceAddress for bindings.
+  * Add API to get the interface index for a local address.
+  * Explicitly bind to a specific interface when creating UDP
+    sockets.
+  * Limit the number of stored incoming checks based on a property.
+  * Do asynchronous DNS resolution for STUN and TURN servers.
+  * Add introspection friendly API to get an allocated string from
+    a NiceCandidate.
+  * Enable gst-full to link in a single element.
+
+- Update to 0.1.19:
+  * Allow incoming connchecks before remote candidates are set,
+    allows for connection based on received bind requests
+  * Implement RFC 7675 for Consent Freshness
+  * Use a single server reflexive and local relay candidate,
+    reduces useless duplicated local candidates
+  * Improved ICE restart implementation
+  * Use Windows native crypto API, removing the need for OpenSSL
+  * Add bytestream ICE-TCP and improve ICE-TCP
+  * Add API to know if a NiceAddress is link-local
+  * Add API to extact the relay address from a relayed NiceAddress
+  * Improve support for detection addresses on Android, iOS, macOS
+  * A number of bug fixes
+
libraw
+- security update
+- added patches
+  fix CVE-2021-32142 [bsc#1208470], Buffer Overflow in the LibRaw_buffer_datastream:gets function
+  + libraw-CVE-2021-32142.patch
+
librcc
+- update to 0.2.13:
+  * switch to git hub
+  * use pkg-config for libxml support
+  * fix libxml2 initialization and cleanup
+
+- remove aspell support [bsc#1052956]
+
-- Update to 0.2.10.
-  * Fixed bugs.
-- Drop librcc-printf.diff, librcc-0.2.9-suse-lint.diff,
-  librcc-0.2.9-provide_prototype.patch (fixed upstream).
-- Build against libdb (build requires db-devel).
-
-- rename base package to librcc to avoid package renames later
-
libshout
+- Update to 2.4.6
+  * Fixed pkg-config file
+  * Made vorbis an optional codec
+  * Do not pass to small headers to libspeex
+    (see also the same mirror-patch in Icecast)
+  * Updated documentation, mostly in regard of making it clearer
+    which functions are now obsoleted
+  * General code cleanup
+  * Added compiler warnings about obsoleted functions and
+    ignored return values
+  * Replaced old shout_set_metadata() with new shout_set_metadata_utf8()
+  * Added support for plain text streaming
+  * Fixed shout_set_metadata*() sometimes returning SHOUTERR_RETRY
+  * Workaround old clients by emulating SHOUTERR_RETRY with
+    SHOUTERR_BUSY
+  * Remove our re-implementation of X509_check_host()
+  * Allow to disable building tools
+- Spec cleanup
+
+- update to 2.4.5:
+  * Improved shout.h for reading, and understanding.
+  * Marked dumpfile support as obsolete (as SHOUT_PROTOCOL_XAUDIOCAST already is).
+  * Added Support for setting the content language.
+  * Avoid the use of obsolete functions (#2317).
+  * Several small fixes for non-blocking mode (#2321, #2315).
+  * Corrected detection of libogg (mostly for windows targets).
+  * Now accept TLS mode "auto" when build without TLS support.
+  * Added new tool shout(1).
+
+- update to 2.4.4:
+  * Fixed handling of blocking/non-blocking mode
+  * Fixed ICY port increment
+  * Fixed reusing of handles
+  * Fixed error handling of Ogg sync layer
+  * Fixed passing of errors between connection and instance layer
+    (Without this fix, dead connections were not correctly
+    detected)
+  * Fixed and improved build scripts
+
+- Update to release 2.4.3
+  * Fixed building with OpenSSL 1.1.0.
+  * Added support for PUT.
+  * Added support for WebM and Matroska with full timing.
+
+- Fix typographic tidbits in description. Compact filelist.
+- Drop old Obsoletes.
+
-- support speex
-- fix library packaging policy change
-- cleanup unneeded dependencies and pkgconfig script
-
-- follow library packaging policy
-  * move docs to devel package
-  * remove static library
-- added missing ldconfig to post and postun.
-
-- updated to version 2.2.2:
-  * Handle Oggs that don't begin with zero granulepos
-  * Theora memory leak fix
-  * Non-blocking shout_open was failing unnecessarily in the
-    connect_pending state.
-  * Cast some size_ts to ints for display purposes.
-  * Fix error handling while opening a connection, so that shout_open
-    can be retried.
-  * pkgconfig fix for header installation
-  * Fix a memory leak in HTTP authentication
-
-- added libtheora-devel libvorbis-devel to the requires of the
-  devel package.
-
-- converted neededforbuild to BuildRequires
-
libxfce4ui
-- update to 4.18.0:
-  * Update About credits
-  * build: Bump requirements for Xfce 4.18
-  * Translation Updates:
-  Chinese (China), Czech, German, Hungarian, Lithuanian, Norwegian
-  Bokmål, Occitan (post 1500), Portuguese (Brazil), Serbian, Turkish
-  * Added move-window-to-monitor shortcut options
-  * Translation Updates:
-  Albanian, Bulgarian, Chinese (Taiwan), Dutch, Estonian, French,
-  Italian, Japanese, Kazakh, Lithuanian, Polish, Portuguese, Spanish
-  * Bump GObject Introspection minim version to 1.66
-  * Translation Updates:
-  Basque, Kazakh, Occitan (post 1500), Slovenian
+- Update to version 4.18.2
+  * Add XfceScreensaver (!89)
+  * docs: Fix broken links
+  * shortcut-dialog: Use parent window for the grab if possible (Fixes #52)
+  * Fix memory leaks
+
+- Update to version 4.18.1
+  * Enable line wrapping in the XfceFileNameInput widget
+    (gxo#xfce/libxfce4ui#60)
+  * xfce4-about: Removed excess square brackets
+  * Revert "XfceShortcutsGrabber: Detect auto-repeat key press"
+  * Translation Updates
+- Removed unused _service file
+
+- update to 4.18.0:
+  * Bump requirements for Xfce 4.18
+  * `g_once_init_enter()` parameter shouldn't be volatile anymore.
+  * about: Fix invalid length and Zink renderer string
+  * about: Make Close button translateable
+  * about: Replace stock with regular button
+  * Add 4.18 section to docs
+  * Add comment to return gboolean in XfceGtkActionEntry
+  * Add functions for handling accelerators that use the Tab key
+  * Add new function xfce_gtk_toggle_tool_button_new_from_action_entry
+  * Add new method "xfce_gtk_menu_append_separator"
+  * Add xfce_gdk_device_grab
+  * added xfce_gtk_label_set_a11y_relation to be used by various components
+  * Change "Setting System" to "Settings Manager"
+  * Check if pixbuf is valid before unref
+  * Check time.h and sys/time.h for libgtop
+  * Delay whitespace warning in XfceFilenameInput
+  * docs: Add missing deprecation guards
+  * docs: Add missing documentation
-  * libxfce4kbd-private: Reset shortcut recursively
-  * tests: Fix deprecation warning
-  * docs: Fix some broken links
-  * docs: Add missing documentation
-  * docs: Add missing deprecation guards
-  * docs: Update `.gitignore`
-  * Fix titled dialog subtitle when headerbar is not used
-  * xfce-about: Add kernel and gtk version to system tab
-  * titled-dialog: Exclude normal windows from CSD adjustments
-  * xfce-about: Slightly tweak padding
-  * xfce4-about: Add support for 3A5000/loongarch64
-  * titled-dialog: CSD XfceTitledDialog improvements
-  * Shortcuts Editor: Tooltip improvement
+  * docs: Fix some broken links
+  * Don't leak pixbuf
+  * Don't reserve vertical space for subtitles in headerbars
+  * Fix cast alignment warning
-  * xfce-spawn: Do not change DISPLAY on non-X11 displays
-  * xfce-dialogs: Fix a memory leak
-  * Bump minimal required libxfce4util to 4.17.2
-  * Translation Updates:
-  Albanian, Arabic, Azerbaijani, Basque, Bulgarian, Chinese (China),
-  Chinese (Taiwan), Croatian, Czech, Danish, Dutch, Estonian, French,
-  Georgian, German, Greek, Hebrew, Hungarian, Indonesian, Italian,
-  Japanese, Korean, Lithuanian, Norwegian Bokmål, Occitan (post 1500),
-  Polish, Portuguese, Portuguese (Brazil), Romanian, Russian, Serbian,
-  Slovenian, Spanish, Swedish, Turkish, Ukrainian, Welsh
-  * XfceShortcutsEditor: Do not update editor if shortcut change failed
-  * XfceShortcutsEditor: Allow to choose "Space" or "Enter" as shortcut
-  * XfceShortcutDialog: Do not propagate key events
+  * Fix titled dialog subtitle when headerbar is not used
+  * Fix xfce_gdk_screen_get_active to return correct monitor number
-  * Add new function xfce_gtk_toggle_tool_button_new_from_action_entry
-  * XfceShortcutsGrabber: Fix `-Wanalyzer-null-dereference` warning
-  * Secure memory allocations
-  * Update COPYING
-  * XfceShortcutsGrabber: Detect auto-repeat key press
-  * XfceShortcutDialog: Fix a memory leak
-  * XfceShortcutsEditor: Allow NULL for section name and document it
-  * XfceShortcutsEditor: Add new vectorized constructor
-  * XfceShortcutsEditor: Remove label formatting if necessary
-  * Simplify startup notification timeout
-  * XfceShortcutsDialog: center the dialog on the parent window
-  * Translation Updates:
-  Danish, Russian
-  * Replace duplicate logic with xfce_str_replace
-  * Use headerbars for dialogs if Gtk/DialogsUseHeader is enabled
-  * Add new method "xfce_gtk_menu_append_separator"
-  * xfce4-about - improve /etc/os-release value unquoting
-  * Add comment to return gboolean in XfceGtkActionEntry
-  * Translation Updates:
-  Czech, Hebrew, Occitan (post 1500), Romanian, Ukrainian
-  * Add functions for handling accelerators that use the Tab key
-  * Check time.h and sys/time.h for libgtop
-  * `g_once_init_enter()` parameter shouldn't be volatile anymore.
-  * Translation Updates: Croatian
-  * xfce-about: Fix potential NULL pointer access
-  * Introduce a shortcuts editor widget
-  * Translation Updates:
-  Albanian, Amharic, Arabic, Armenian, Armenian (Armenia), Basque,
-  Belarusian, Bengali, Bulgarian, Catalan, Chinese (China), Chinese
-  (Hong Kong), Chinese (Taiwan), Croatian, Czech, Danish, Dutch,
-  Eastern Armenian, English (Australia), English (United Kingdom),
-  Estonian, Finnish, French, Galician, German, Greek, Hebrew,
-  Hungarian, Icelandic, Indonesian, Interlingue, Italian, Japanese,
-  Kazakh, Korean, Latvian, Lithuanian, Malay, Norwegian Bokmål,
-  Norwegian Nynorsk, Occitan (post 1500), Polish, Portuguese,
-  Portuguese (Brazil), Romanian, Russian, Serbian, Slovak, Slovenian,
-  Spanish, Swedish, Telugu, Thai, Turkish, Ukrainian, Uyghur, Welsh
-  * Add xfce_gdk_device_grab
-  * Fix xfce_gdk_screen_get_active to return correct monitor number
-  * Switch keyboard shortcut 'tile-up' with 'tile-down'
-  * Usage of '&lt;' and '&gt;' instead of '<' and '>' in XML
-  * Change "Setting System" to "Settings Manager"
-  * Add 4.18 section to docs
-  * Add 4.16 section to docs
-  * Translation Updates:
-  Albanian, Amharic, Arabic, Armenian, Armenian (Armenia), Basque,
-  Belarusian, Bengali, Bulgarian, Catalan, Chinese (China), Chinese
-  (Hong Kong), Chinese (Taiwan), Croatian, Czech, Danish, Dutch,
-  Eastern Armenian, English (Australia), English (United Kingdom),
-  Estonian, Finnish, French, Galician, German, Greek, Hebrew,
-  Hungarian, Icelandic, Indonesian, Interlingue, Italian, Japanese,
-  Kazakh, Korean, Latvian, Lithuanian, Malay, Norwegian Bokmål,
-  Norwegian Nynorsk, Occitan (post 1500), Polish, Portuguese,
-  Portuguese (Brazil), Romanian, Russian, Serbian, Slovak, Slovenian,
-  Spanish, Swedish, Telugu, Thai, Turkish, Ukrainian, Uyghur, Welsh
-  * added xfce_gtk_label_set_a11y_relation to be used by various components
-  * about: Replace stock with regular button
-  * about: Make Close button translateable
-  * Check if pixbuf is valid before unref
-  * shortcuts: Add Alt+Super+s for orca
+  * Introduce a shortcuts editor widget
+  * libxfce4kbd-private: Reset shortcut recursively
+  * Prevent resizing on message display with XfceFilenameInput
+  * Remove Gtk2 leftovers
+  * Replace duplicate logic with xfce_str_replace
+  * Revamp the documentation to uniformize accross components
+  * Secure memory allocations
+  * Shortcuts Editor: Tooltip improvement
+  * shortcuts-grabber: Record xkb state group
+  * shortcuts: Add Alt+Super+s for orca
-  * shortcuts-grabber: Record xkb state group
-  * about: Fix invalid length and Zink renderer string
-  * Don't leak pixbuf
+  * Simplify startup notification timeout
+  * Switch keyboard shortcut 'tile-up' with 'tile-down'
+  * tests: Fix deprecation warning
+  * titled-dialog: CSD XfceTitledDialog improvements
+  * titled-dialog: Exclude normal windows from CSD adjustments
+  * Update COPYING
+  * Update About credits
+  * Usage of '&lt;' and '&gt;' instead of '<' and '>' in XML
+  * Use headerbars for dialogs if Gtk/DialogsUseHeader is enabled
+  * xfce-about: Add kernel and gtk version to system tab
+  * xfce-about: Fix potential NULL pointer access
+  * xfce-about: Slightly tweak padding
+  * xfce-dialogs: Fix a memory leak
+  * xfce-spawn: Do not change DISPLAY on non-X11 displays
+  * xfce4-about - improve /etc/os-release value unquoting
+  * xfce4-about: Add support for 3A5000/loongarch64
+  * XfceShortcutDialog: Do not propagate key events
+  * XfceShortcutDialog: Fix a memory leak
+  * XfceShortcutsDialog: center the dialog on the parent window
+  * XfceShortcutsEditor: Add new vectorized constructor
+  * XfceShortcutsEditor: Allow NULL for section name and document it
+  * XfceShortcutsEditor: Allow to choose "Space" or "Enter" as shortcut
+  * XfceShortcutsEditor: Do not update editor if shortcut change failed
+  * XfceShortcutsEditor: Remove label formatting if necessary
+  * XfceShortcutsGrabber: Detect auto-repeat key press
+  * XfceShortcutsGrabber: Fix `-Wanalyzer-null-dereference` warning
-  * Revamp the documentation to uniformize accross components
-  * Prevent resizing on message display with XfceFilenameInput
-  * Delay whitespace warning in XfceFilenameInput
-  * Fix cast alignment warning
-  * Remove Gtk2 leftovers
-  * Don't reserve vertical space for subtitles in headerbars
-  * Translation Updates:
-  Albanian, Amharic, Arabic, Armenian, Armenian (Armenia), Basque,
-  Belarusian, Bengali, Bulgarian, Catalan, Chinese (China), Chinese
-  (Hong Kong), Chinese (Taiwan), Croatian, Czech, Danish, Dutch,
-  Eastern Armenian, English (Australia), English (United Kingdom),
-  Estonian, Finnish, French, Galician, German, Greek, Hebrew,
-  Hungarian, Icelandic, Indonesian, Interlingue, Italian, Japanese,
-  Kazakh, Korean, Latvian, Lithuanian, Malay, Norwegian Bokmål,
-  Norwegian Nynorsk, Occitan (post 1500), Polish, Portuguese,
-  Portuguese (Brazil), Romanian, Russian, Serbian, Slovak, Slovenian,
-  Spanish, Swedish, Telugu, Thai, Turkish, Ukrainian, Uyghur, Welsh
+  * Translation Updates
libxfce4util
+- Update to version 4.18.1
+  * Handle remaining escape sequences
+  * Fix desktop entry value escaping
+- Remove unused _service file
+
-  * build: Bump requirements for Xfce 4.18
-  * bump copyright to 2022
-  * docs: Fix return value of xfce_str_replace
-  * Update COPYING
+  * Bump requirements for Xfce 4.18
+  * Bump copyright to 2022
+  * Clean the build system and use the new XDT_VERSION_INIT
+  * Create new function xfce_create_shared_thumbnail_path
+  * doc: Fix typo in `xfce_*_append_quoted()`
-  * docs: Fix broken links
+  * docs: Fix broken links
+  * docs: Fix return value of xfce_str_replace
-  * Remove limit on the size of configuration file line
-  * Fix documentation of 'xfce_str_is_empty'
-  * Clean the build system and use the new XDT_VERSION_INIT
-  * Silence `-Wanalyzer-null-dereference` warnings
-  * doc: Fix typo in `xfce_*_append_quoted()`
-  * xfce-miscutils: Fix `deadcode.DeadStores` warning from `scan-build`
-  * i18n: Make sure to set locale according to environment
-  * Translation Updates:
-  Azerbaijani, Chinese (China), Georgian, Greek
-  * Memo for future devs: Deprecate xfce_str_replace
+  * Fix (some) GObject introspection warnings
-  * Remove duplicate xfce_str_is_empty
-  * Move xfce_append_quoted () to xfce-string
-  * Remove invalid custom ngettext() macro
+  * Fix documentation of 'xfce_str_is_empty'
-  * Add missing G_BEGIN_DECLS and G_END_DECLS
-  * Translation Updates:
-  Catalan, Galician, Italian
-  * Create new function xfce_create_shared_thumbnail_path
-  * usage of g_file_peek_path requires glib 2.56
-  * Add xfce_unescape_desktop_entry_value
-  * xfce-gio-extensions - management of gvfs trusted attribute
+  * i18n: Make sure to set locale according to environment
+  * Move xfce_append_quoted () to xfce-string
-  * Fix (some) GObject introspection warnings
+  * Remove duplicate xfce_str_is_empty
+  * Remove invalid custom ngettext() macro
+  * Remove limit on the size of configuration file line
-  * Translation Updates:
-  Belarusian, Estonian, Norwegian Bokmål, Spanish
+  * Silence `-Wanalyzer-null-dereference` warnings
+  * Translation Updates
+  * Update COPYING
+  * usage of g_file_peek_path requires glib 2.56
+  * xfce-miscutils: Fix `deadcode.DeadStores` warning from `scan-build`
libxslt
-- Backport upstream xsltproc manpage fix
-  f165525f Recreate xsltproc man page with old Docbook stylesheet URL
-  Recreate-xsltproc-man-page-with-old-Docbook-styleshe.patch
-
-- Don't disable testsuite under QEMU
-
-- Move the Copyright file to %_defaultlicensedir
-  Configure.ac replaces the COPYING file with a symlink.
-
-- Fix build with libxml2 2.9.12 that removes maxParserDepth XPath limit
-- Add upstream patches:
-  * libxslt-Stop-using-maxParserDepth-XPath-limit.patch
-  * libxslt-Do-not-set-maxDepth-in-XPath-contexts.patch
-
-- Update to 1.1.34: Oct 30 2019
-  * Documentation:
-  - Fix EXSLT web pages, Regenerate web pages
-  - Fix Git link in news.html
-  - Minor documentation fixes after recent changes
-  - Regenerate symbols and API docs
-  - Regenerate EXSLT website
-  * Portability:
-  - Remove stubs when compiling without debugger or profiler
-  - configure.ac: Invoke PKG_CHECK_MODULES for building shared libraries
-  - configure.ac: Conditionally determine whether xml2-config should pass
-    shared libraries or static libraries
-  - xslt-config.in: Fix broken --prefix=DIR support
-  - libexslt.pc.in: Do not expose private library dependencies unless invoked
-  - libxslt.pc.in: Do not expose private library dependencies unless invoked
-  - Fix -Wformat-overflow warning (GCC 9)
-  - Stop including ansidecl.h
-  - Remove WIN32_EXTRA_* variables
-  - Build without winsock
-  * Bug Fixes:
-  - xsl:template without name and match attributes should not be allowed
-  - Make sure that Python tests exit with error code
-  - Improve handling of invalid UTF-8 in format-number
-  - Fix dangling pointer in xsltCopyText
-  - Fix memory leak in pattern compilation error path
-  - Fix uninitialized read with UTF-8 grouping chars
-  - Fix integer overflow in FORMAT_GYEAR
-  - Fix performance regression with xsl:number
-  - Backup XPath context node in xsltInitCtxtKey
-  - Fix unsigned integer overflow in date.c
-  - Fix insertion of xsl:fallback content
-  - Avoid quadratic behavior in xsltSaveResultTo
-  - Fix numbering in non-Latin scripts
-  - Fix uninitialized read of xsl:number token
-  - Fix integer overflow in _exsltDateDayInWeek
-  - Rework xsltAttrVT allocation
-  - Fix check of xsltTestCompMatch return value
-  - Fix security framework bypass
-  - Use xmlNewTextChild in EXSLT dyn:map
-  - Fix float casts in exsltDateDuration
-  - Always set context node before calling XPath iterators
-  - Fix attribute precedence with xsl:use-attribute-sets
-  - Backup context node in exsltFuncFunctionFunction
-  - Initialize ctxt->output before evaluating global vars
-  - Fix memory leak in EXSLT functions error path
-  * Improvements:
-  - Fix -Wimplicit-fallthrough warnings
-  - Adjust number of API index pages
-  - Make xsltCompileRelativePathPattern non-recursive
-  - Check that crypto:rc4_decrypt produces valid UTF-8
-  - Avoid recursion in keys.c:skipPredicate
-  - xslt-config.in: Simply handling of $all_flags
-  - xslt-config.in: Add a --dynamic option to --libs
-  - xslt-config.in: Simplify basic library handling
-  - xslt-config.in: Remove unused variable
-  - xslt-config: Simply handling of --cflags
-  - Improve fuzzers
-  - Always reuse XPath context
-  - Compile with -Wextra
-  - Make profiler support optional
-  - Hide unused code when compiling without debugger
-  - Reorganize fuzzing code
-  - Optional operation limit
-  - Improve seed corpus and dictionary
-  - Reuse XPath context when compiling stylesheets
-  - Reuse XPath context in dyn:map
-  - Reuse XPath context in saxon:expression
-  - Add libFuzzer targets
-  - Adjust error message in expected test output
-  - Change bug tracker URL
-  - Change git repo URL
-  - Regenerate NEWS
-  - Fix misleading indentation in security.c
-  * Cleanups:
-  - Remove empty TODO file
-  - Remove generated file libxsltclass.txt from version control
-  - Rebuild docs
-- Rebase patch libxslt-config-fixes.patch
-- Remove patches fixed upstream:
-  * libxslt-CVE-2019-11068.patch
-  * libxslt-CVE-2019-13117.patch
-  * libxslt-CVE-2019-13118.patch
-  * libxslt-CVE-2019-18197.patch
-
-- Security fix [bsc#1154609, CVE-2019-18197]
-  * Fix dangling pointer in xsltCopyText
-  * Add libxslt-CVE-2019-18197.patch
-
-- Drop out lilbxslt-python package as it is just py2 based and
-  upstream yet didn't bother to port it to python3.
-  When there is python3 compatible code it should be enabled as
-  multibuild here
-  * Drop now unused libxslt-1.1.24-linkflags.patch and
-    libxslt-do_not_build_doc_nor_xsltproc.patch
-
-- Security fix: [bsc#1140101, CVE-2019-13118]
-  * Fix uninitialized read with UTF-8 grouping chars. Read of
-    uninitialized stack data due to too narrow xsl:number
-    instruction and an invalid character
-  * Added libxslt-CVE-2019-13118.patch
-
-- Security fix: [bsc#1140095, CVE-2019-13117]
-  * Fix uninitialized read of xsl:number token. An xsl number with
-    certain format strings could lead to a uninitialized read in
-    xsltNumberFormatInsertNumbers
-  * Added libxslt-CVE-2019-13117.patch
-
-- Security fix: [bsc#1132160, CVE-2019-11068]
-  * Bypass of a protection mechanism because callers of xsltCheckRead
-    and xsltCheckWrite permit access even upon receiving a -1 error
-    code. xsltCheckRead can return -1 for a crafted URL that is not
-    actually invalid and is subsequently loaded.
-  * Added libxslt-CVE-2019-11068.patch
-
-- Update to version 1.1.33
-  * Portability:
-  - Variables need 'extern' in static lib on Cygwin
-  - Really declare dllexport/dllimport for Cygwin
-  - Fix callback signatures in Python bindings
-  - Fix transform callback signatures
-  - Fix extension callback signatures
-  - Fix deallocator signatures
-  - Fix XPath callback signatures
-  - Fix hash callback signatures
-  * Bug Fixes:
-  - Don't cache direct evaluation of patterns with variables
-  - Move function result RVTs to context variable
-  - Fix EXSLT functions returning RVTs from outer scopes
-  - Fix handling of RVTs returned from nested EXSLT functions
-  - Fix typos
-  * Improvements:
-  - Run Travis ASan tests with "sudo: required"
-  * Cleanups:
-  - Remove doc/libxslt-decl.txt
-  - Docs for 1.1.32 release
-- Cleaned with spec-cleaner
-
-- Update to version 1.1.32
-  * fixes xml-config detection regression (boo#1066525)
-
-- Update to version 1.1.30 [bsc#1063934]
-  * Documentation:
-  - Misc doc fixes
-  * Portability:
-  - Look for libxml2 via pkg-config first
-  * Bug Fixes:
-  - Also fix memory hazards in exsltFuncResultElem
-  - Fix NULL deref in xsltDefaultSortFunction
-  - Fix memory hazards in exsltFuncFunctionFunction
-  - Fix memory leaks in EXSLT error paths
-  - Fix memory leak in str:concat with empty node-set
-  - Fix memory leaks in error paths
-  - Switch to xmlUTF8Strsize in numbers.c
-  - Fix NULL pointer deref in xsltFormatNumberFunction
-  - Fix UTF-8 check in str:padding
-  - Fix xmlStrPrintf argument
-  - Check for overflow in _exsltDateParseGYear
-  - Fix double to int conversion
-  - Check for overflow in exsltDateParseDuration
-  - Change version of xsltMaxVars back to 1.0.24
-  - Disable xsltCopyTextString optimization for extensions
-  - Create DOCTYPE for HTML version 5
-  - Make xsl:decimal-format work with namespaces
-  - Remove norm:localTime extension function
-  - Check for integer overflow in xsltAddTextString
-  - Detect infinite recursion when evaluating function arguments
-  - Fix memory leak in xsltElementAvailableFunction
-  - Fix for pattern predicates calling functions
-  - Fix cmd.exe invocations in Makefile.mingw
-  - Don't try to install index.sgml
-  - Fix symbols.xml
-  - Fix heap overread in xsltFormatNumberConversion
-  - Fix <xsl:number level="any"/> for non-element nodes
-  - Fix unreachable code in xsltAddChild
-  - Change version number in xsl:version warning
-  - Avoid infinite recursion after failed param evaluation
-  - Stop if potential recursion is detected
-  - Consider built-in templates in apply-imports
-  - Fix precedence with multiple attribute sets
-  - Rework attribute set resolution
-  * Improvements:
-  - Silence tests a little
-  - Set LIBXML_SRC to absolute path
-  - Add missing #include
-  - Adjust expected error messages in tests
-  - Make xsltDebug more quiet
-  - New-line terminate error message that missed this convention
-  - Use xmlBuffers in EXSLT string functions
-  - Switch to xmlUTF8Strsize in EXSLT string functions
-  - Check for return value of xmlUTF8Strlen
-  - Avoid double/long round trip in FORMAT_ITEM
-  - Separate date and duration structs
-  - Check for overflow in _exsltDateDifference
-  - Clamp seconds field of durations
-  - Change _exsltDateAddDurCalc parameter types
-  - Fix date:difference with time zones
-  - Rework division/remainder arithmetic in date.c
-  - Remove exsltDateCastDateToNumber
-  - Change internal representation of years
-  - Optimize IS_LEAP
-  - Link libraries with libm
-  - Rename xsltCopyTreeInternal to xsltCopyTree
-  - Update linker version script
-  - Add local wildcard to version script
-  - Make some symbols static
-  - Remove redundant NULL check in xsltNumberComp
-  - Fix forwards compatibility for imported stylesheets
-  - Reduce warnings in forwards-compatible mode
-  - Precompute XSLT elements after preprocessing
-  - Fix whitespace in xsltParseStylesheetTop
-  - Consolidate recursion checks
-  - Treat XSLT_STATE_STOPPED same as errors
-  - Make sure that XSLT_STATE_STOPPED isn't overwritten
-  - Add comment regarding built-in templates and params
-  - Rewrite memory management of local RVTs
-  - Validate QNames of attribute sets
-  - Add xsl:attribute-set regression tests
-  - Ignore imported stylesheets in xsltApplyAttributeSet
-- Dropped patches fixed upstream
-  * libxslt-CVE-2016-4738.patch
-  * libxslt-1.1.28-CVE-2017-5029.patch
-
-- Fix RPM groups. Drop ineffective --with-pic.
-  Trim conjecture from description.
-
-- Add gpg signature
-- Cleanup spec file with spec-cleaner
-
-- Fixed CVE-2017-5029 bcs#1035905
-  * Limit buffer size in xsltAddTextString to INT_MAX
-- Added patch libxslt-1.1.28-CVE-2017-5029.patch
-
-- security update: initialize random generator, CVE-2015-9019
-  [bsc#934119]
-  + libxslt-random-seed.patch
-
-- Added patch libxslt-CVE-2016-4738.patch
-  * Fix heap overread in xsltFormatNumberConversion: An empty
-    decimal-separator could cause a heap overread. This can be
-    exploited to leak a couple of bytes after the buffer that holds
-    the pattern string.
-  * bsc#1005591 CVE-2016-4738
-
-- Update to 1.1.29:
-  * new release after 4 years with few bugfies all around
-- Refresh patch 0009-Make-generate-id-deterministic.patch to apply
-- Remove cve patch that was integrated upstream:
-  libxslt-1.1.28-type_confusion_preprocess_attr.patch
-- Unpack the manpage as the compression is set by buildbot not always gz
-
-- add libxslt-1.1.28-type_confusion_preprocess_attr.patch to fix
-  type confusion in preprocessing attributes [bnc#952474],
-  [CVE-2015-7995]
-
-- fix package with "soname" should obsolete libxslt package on suse < 12.2 (SLE11)
-
-- add 0009-Make-generate-id-deterministic.patch from debian's
-  reproducible builds project to avoid randomness in generated IDs
-
libzen
+- update to 0.4.40:
+  + BitStream_Fast: Resize()
+  + C++11 min everywhere
+  x Remove the bitcode generation in iOS build (no more supported by
+    Apple)
+  x Fix incompatibilities with some compilers
+
-- add autoconf/automake/libtool to buildrequires to fix 12.2 build
-
libzpc
+- Upgrade to version 1.1.0 (jsc#PED-582)
+  * Implements an ECC-KEY API : `zpc/ecc_key.h`.
+  * Implements an ECDSA-CTX API : `zpc/ecdsa_ctx.h`.
+
+- Upgrade to version 1.0.1 (jsc#PED-582)
+  * Updated spec file for rpm build
+- Removed obsolete libzpc-sles15p4-mark-stack-nonexec.patch
+- Updated spec file to use %{name} and %{version} variables in
+  more places.
+
+- use source url
+
libzypp-plugin-appdata
-- 0001-InstallAppdata-use-subprocess.run-instead-of-os.syst.patch:
-  Guard against shell injection which could happen if somebody gets
-  a .repo file with 'funny' repo names.
-- bsc#1206836, CVE-2023-22643
+- Update to version 1.0.1+git.20230117:
+  * InstallAppdata: use subprocess.run instead of os.system
+    (bsc#1206836, CVE-2023-22643)
+
+- Update to version 1.0.1+git.20220909:
+  * Add dist directory, for openSUSE packaging
+
+- Update to version 1.0.1+git.20220816:
+  * Drop call to appstreamcli refresh
+  * Added hardening to systemd service (bsc#1181400)
+  * Typo fix for command help
+- Drop harden_appstream-sync-cache.service.patch: fixed upstream.
+- Drop Appstream recommends: no longer needed, as we no longer call
+  appstreamcli.
linux-glibc-devel
+- Add asm/uvdevice.h to the package (bsc#1207886)
+  + drivers-s390-char-Add-Ultravisor-io-device
+
logfilegen
+- logfilegen 2.3.0:
+  * randomization engine take less resources
+
+- logfilegen 2.2.0:
+  * C++11 compatibility fixes (down from C++17)
+
+- logfilegen 2.1.0:
+  * fix console overflow
+  * ENV variables now in the UPPER CASE only
+
+- logfilegen 2.0.0:
+  * exposes metrics in Prometheus format at
+    http://localhost:8080/metrics and a self-hosted statistics page
+    at http://localhost:8080
+  * can write final statistics to the file or stdout in a
+    configurable format
+
lsp-plugins
+- new clap plugin subpackage
+- Version 1.2.5
+  * Introduced CLAP plugin format support.
+  * Introduced the ‘Override Hydrogen drumkit’ feature for Multisampler plugin series.
+  * Reworked and simplified the behaviour of the parameters that define ‘Stretch’ and
+    ‘Loop’ ranges.
+  * Minimum and maximum values now depend on the sample length for several parameters
+    like ‘Stretch’, ‘Loop’, ‘Fade in’ and ‘Fade out’ in the Sampler and Multisampler
+    plugin series.
+  * Fixed the application menu spam in GNOME environment by reworking the XDG files
+    (contributed by sdwolfz).
+  * Changed VST parameter normalized value mapping for logarithmic parameters.
+  * Added possibility to specify JACK connections that should be estimated by the
+    standalone JACK plugin when the plugin connects to the JACK server.
+  * Implemented plugin metadata validator which runs at the build stage and verifies
+    the consistency of the plugin metadata.
+  * Fixed bug related to modification of cyclic parameters for several plugin formats.
+  * Fixed possible crash when importing configuration data from clipboard.
+  * Added possibility to enable/disable Knob’s scale actions.
+  * Several bugfixes related to the memory access in the lsp-ws-lib.
+
+- remove patch fix-xorg-high-cpu-usage.patch now upstream
+- Version 1.2.4
+  * Implemented Noise Generator plugin series.
+  * Added 'Stretch' and 'Compensate' functions to the sampler plugin (contributed by
+    Vitalius Kuchalskis).
+  * Added support of 'Loop' feature by the Sampler plugin series.
+  * Added audio sample preview feature in the file open dialog for Sampler, Trigger,
+    Impulse Responses and Impulse Reverb plugin series.
+  * Extended LSPC (LSP Chunk) file format to support additional types of chunks.
+  * Added possibility to export Sampler configuration as a single bundle with
+    the configuration and audio files packaged together into the LSPC file format.
+  * Fixed broken configuration save and load operations with relative file paths.
+  * Added 'Min' and 'Max' sidechain sources for single-band and multiband dynamic
+    processing plugins: Compressor, Dynamic Processor, Expander, Gate.
+  * Added possibility to add several filters by performing mouse double click on the
+    graph area for the Parametric Equalizer plugin series.
+  * Added several built-in presets for the Parametric Equalizer plugin series
+    (contributed by Largos @ linuxmusicians).
+  * Fixed performance regression of the UI.
+  * Significant optimizations of CPU consumption by the dspu::Limiter module.
+  * Introduced tab control for the lsp-tk lib and lsp-plugin-fw.
+  * Raised the maximum supported sample rate from 192 kHz to 384 kHz.
+  * Several bug fixes in lsp-dsp-units library.
+  * Several bug fixes in lsp-runtime-lib library.
+  * Several bug fixes in lsp-plugin-fw library.
+  * Several bug fixes in lsp-tk-lib library.
+  * Fixed 32-bit ARM architecture detection under 64-bit CPU in makefiles.
+
lua-lmod
+- Match the Lua version and version name suffix of Lua libraries
+  in Requires: to what has been used for building. Also set the
+  minimal Lua version required by Lmod (bsc#1207970).
+- Do not 'Require:' lua interpreter explicitly: this will be
+  handled by an auto-generated dependency.
+- After a discussion with Dominique (dimstar@opensuse.org)
+  he agreed to define the preferred Lua vesion in %%lua_pref
+  in the ProjConfig of oS:Factory so that it can be used in
+  'BuildRequires:'. Take advantage of this new value (with a
+  fallback).
+
lua-lmod:doc-pdf
+- Match the Lua version and version name suffix of Lua libraries
+  in Requires: to what has been used for building. Also set the
+  minimal Lua version required by Lmod (bsc#1207970).
+- Do not 'Require:' lua interpreter explicitly: this will be
+  handled by an auto-generated dependency.
+- After a discussion with Dominique (dimstar@opensuse.org)
+  he agreed to define the preferred Lua vesion in %%lua_pref
+  in the ProjConfig of oS:Factory so that it can be used in
+  'BuildRequires:'. Take advantage of this new value (with a
+  fallback).
+
lxd
+- Add stop entry to systemd service file so the lxc containers shutdown
+  gracefully
+
mako
+- Removed unknown "tray" option
+
+- Update to 1.7.1:
+  * Fix inverted has_mode condition
+
+- Update to 1.7
+  * Support for multiple modes active at the same time.
+  * A new command to list currently active modes.
+  * Improved HiDPI support.
+  * A new outer-margin option.
+
mdadm
+- mdadm fails to change bitmap type from none to clustered (bsc#1208618)
+  1006-Grow-fix-can-t-change-bitmap-type-from-none-to-clust.patch
+
mediainfo
+- update to 22.12:
+  + WebVTT: more information
+  + MP4/MOV: support of FLAC
+  + MP4/MOV: support of LanguageIETF
+  + ProRes: parse FFmpeg glbl atom for getting color range
+  + AVI/WAV: detection of character set
+  + WAV: display MD5 of raw content
+  + FLAC: display MD5 of unencoded content
+  + USAC: trace of UsacFrame() up to after preroll
+  + MOV/MP4: option for parsing only the header, no parsing of any frame
+  + MXF: option for parsing only the header, no parsing of any frame
+  x MXF: quicker parsing when fast parsing is requested
+  x I662, WAV: fix false-positive detection of DTS in PCM
+  x I1637, MPEG-Audio: proper support of Helix MP3 encoder detection and
+    encoder settings
+  x I661, MXF: fix UKDPP FpaPass value sometimes not outputted
+  x S1182, Teletext subtitle: prioritize subtitle metadata other overs
+  x Matroska: Better handling in case of buggy AVC stream
+  x 22.2 audio: Fix name of 1 channel (Tll --> Tsl)
+  x AAC: fix wrong parsing of some bitstreams
+  x Fix crash with stdin input and ctrl-c
+  x Fix memory leak in JSON output
+
meson
+- Add BuildRequires libstdc++6-devel-gcc11 for SLE 15 SP4 and
+  version above, which is necessary to make clang-tiny unit test
+  run.
+
+- Add 34daa53a.patch: gnome module: properly fallback to
+  gtk-update-icon-cache.
+
+- Update to 0.61.4:
+  * Fixes for the ninja backend
+  * Fixes for the rust module
+  * Fixes for the gnome module: Fix incorrect lookup of nonexistent
+    dependencies
+
+- update to 0.61.3:
+  * fixes for other platform
+  * test updates and developer visible fixes
+
+- Update to 0.61.2:
+  + No changelog provided.
+
+- update to 0.61.1:
+  * add a man page backend to refman
+  * extract_objects() supports generated sources
+  * Python 3.6 support is deprecated
+  * Warning if check kwarg of run_command is missing
+  * meson rewrite can modify extra_files
+  * meson rewrite target <target> info output target's extra_files
+  * Support for CMake <3.15 is now deprecated for CMake subprojects
+  * Add support for sccache
+  * Add install_symlink function
+
+- Update to version 0.60.3:
+  + gnome module: fix install_dir x3, by allowing false *_gir and
+  * _typelib.
+  + iconv dependency: try even harder to find working iconv.
+  + Fix performance regression in build file generation.
+  + add ft32 cpu family.
+  + restore the ability in the backend to silently find a program.
+  + pkgconfig: Fix linking to a custom target.
+- Drop 3074bb14a14c00aeb350bf592acf635a93b52d9a.patch: fixed
+  upstream.
+
+- Update to version 0.60.2:
+  + Fix version requirement on Ninja feature
+  + Fix custom_target with install: true and no install_dir,
+    crashing
+  + Fix regression that broke string.format with list objects
+  + valac dependencies: use the canonical list of vala source names
+  + interpreter: disallow RunTarget in meson.add_install_script
+  + Only pass clang LTO arguments when they are needed
+  + Support ancient (<3.4.0) gcc versions
+  + Only exclude _bootlocale with Python >= 3.10
+  + cmake: Use find_library() on bare library names in cmake
+    dependencies
+  + dependencies/zlib: Allow for generic OS checks
+  + rust: clean up inputs and outputs to bindgen
+  + interpreter: extract_objects provides a valid source
+  + build|backend: Fix some type annotations
+  + backends/backends: recurse when looking for paths in bundled
+    shared libs
+  + shared_module: Add soname when used as a link target
+  + iconv dependency: include header when checking for libc builtin
+- Drop unused python3-setuptools BuildRequires.
+- Add 3074bb14a14c00aeb350bf592acf635a93b52d9a.patch: gnome module:
+  fix install_dir x3, by allowing false *_gir and *_typelib.
+
+- Update to version 0.60.1:
+  + No upstream changes provided.
+- Changes from version 0.60.0:
+  + run_target can now be used as a dependency.
+  + The Python Modules dependency method no longer accepts
+    positional arguments.
+  + Override python installation paths.
+  + New subprojects packagefiles subcommand.
+  + Project options declared in meson_options.txt can now be marked
+    as deprecated.
+  + More efficient static linking of uninstalled libraries.
+  + Cython can now transpile to C++ as an intermediate language.
+  + Unknown options are now always fatal.
+  + Install DESTDIR relative to build directory.
+  + Improvements for the Rustc compiler.
+  + Waf support in external-project module.
+  + Dependencies with multiple names.
+- Add gmock BuildRequires and stop deleting gmock testfiles, run
+  the test suite for it.
+- Update Supplements to current standard.
+
meson:test
+- Add BuildRequires libstdc++6-devel-gcc11 for SLE 15 SP4 and
+  version above, which is necessary to make clang-tiny unit test
+  run.
+
+- Add 34daa53a.patch: gnome module: properly fallback to
+  gtk-update-icon-cache.
+
+- Update to 0.61.4:
+  * Fixes for the ninja backend
+  * Fixes for the rust module
+  * Fixes for the gnome module: Fix incorrect lookup of nonexistent
+    dependencies
+
+- update to 0.61.3:
+  * fixes for other platform
+  * test updates and developer visible fixes
+
+- Update to 0.61.2:
+  + No changelog provided.
+
+- update to 0.61.1:
+  * add a man page backend to refman
+  * extract_objects() supports generated sources
+  * Python 3.6 support is deprecated
+  * Warning if check kwarg of run_command is missing
+  * meson rewrite can modify extra_files
+  * meson rewrite target <target> info output target's extra_files
+  * Support for CMake <3.15 is now deprecated for CMake subprojects
+  * Add support for sccache
+  * Add install_symlink function
+
+- Update to version 0.60.3:
+  + gnome module: fix install_dir x3, by allowing false *_gir and
+  * _typelib.
+  + iconv dependency: try even harder to find working iconv.
+  + Fix performance regression in build file generation.
+  + add ft32 cpu family.
+  + restore the ability in the backend to silently find a program.
+  + pkgconfig: Fix linking to a custom target.
+- Drop 3074bb14a14c00aeb350bf592acf635a93b52d9a.patch: fixed
+  upstream.
+
+- Update to version 0.60.2:
+  + Fix version requirement on Ninja feature
+  + Fix custom_target with install: true and no install_dir,
+    crashing
+  + Fix regression that broke string.format with list objects
+  + valac dependencies: use the canonical list of vala source names
+  + interpreter: disallow RunTarget in meson.add_install_script
+  + Only pass clang LTO arguments when they are needed
+  + Support ancient (<3.4.0) gcc versions
+  + Only exclude _bootlocale with Python >= 3.10
+  + cmake: Use find_library() on bare library names in cmake
+    dependencies
+  + dependencies/zlib: Allow for generic OS checks
+  + rust: clean up inputs and outputs to bindgen
+  + interpreter: extract_objects provides a valid source
+  + build|backend: Fix some type annotations
+  + backends/backends: recurse when looking for paths in bundled
+    shared libs
+  + shared_module: Add soname when used as a link target
+  + iconv dependency: include header when checking for libc builtin
+- Drop unused python3-setuptools BuildRequires.
+- Add 3074bb14a14c00aeb350bf592acf635a93b52d9a.patch: gnome module:
+  fix install_dir x3, by allowing false *_gir and *_typelib.
+
+- Update to version 0.60.1:
+  + No upstream changes provided.
+- Changes from version 0.60.0:
+  + run_target can now be used as a dependency.
+  + The Python Modules dependency method no longer accepts
+    positional arguments.
+  + Override python installation paths.
+  + New subprojects packagefiles subcommand.
+  + Project options declared in meson_options.txt can now be marked
+    as deprecated.
+  + More efficient static linking of uninstalled libraries.
+  + Cython can now transpile to C++ as an intermediate language.
+  + Unknown options are now always fatal.
+  + Install DESTDIR relative to build directory.
+  + Improvements for the Rustc compiler.
+  + Waf support in external-project module.
+  + Dependencies with multiple names.
+- Add gmock BuildRequires and stop deleting gmock testfiles, run
+  the test suite for it.
+- Update Supplements to current standard.
+
mimalloc
+- update to 2.0.9:
+  * support for arbitrary alignment
+  * see https://github.com/microsoft/mimalloc/compare/v2.0.7...v2.0.9
+
minikube
+- update to 1.29.0:
+  * Bump QEMU driver priority from experimental to default
+  * Ability to set static-ip for Docker driver
+  * GCP-Auth Addon: automatically attach credentials to newly created
+    namespaces
+  * Allow forcing 1 CPU on Linux with docker and none driver
+  * Major Improvements:
+  * Large improvements to cgroup detection and CNI and CRI configurations
+  * Prevent redownloading kicbase when already downloaded
+  * Warn when using an old ISO/Kicbase image
+  * Check brew install paths for socket_vmnet
+  * Include gcp-auth logs in 'minikube logs' output
+  * Use absolute path when calling crictl version
+  * Add additional memory overhead for VirtualBox when `--memory=max`
+  * Update Windows installer to create system-wide shortcut
+  * Add `--subnet` validation
+  * Add groups check to SSH driver
+  * Update references to deprecated beta.kubernetes.io
+  * Fix possible race condition when enabling multiple addons #15706
+  * Fix cpus config field not supporting max value #15479
+  * Fix subnet checking failing if IPv6 network found #15394
+  * Fix Docker tunnel failing if too many SSH keys #15560
+  * Fix kubelet localStorageCapacityIsolation option #15336
+  * Fix setting snapshotter to unimplemented fuse-overlayfs #15272
+  * Remove progress bar for kic download with JSON output #15482
+  * Version Upgrades:
+  * Bump default Kubernetes version from 1.25.3 to 1.26.1 #15683
+  * Addons: Update auto-pause from 0.0.2 to 0.0.3 #15331
+  * Addons: Update cloud-spanner from 1.4.6 to 1.5.0 #15440 #15667 #15707
+  * Addons: Update headlamp from 0.13.0 to 0.14.1 #15401 #15515
+  * Addons: Update ingress from 1.2.1 to 1.5.1 #15339
+  * Addons: Update metrics-server from 0.6.1 to 0.6.2 #15411
+  * Addons: Update kubevirt from 1.17 to 1.24.7 #15310
+  * CNI: Update cilium from 1.9.9 to 1.12.3 #15242
+  * Kicbase: Update buildkit from 0.10.3 to v0.11.0 #15630
+  * Kicbase/ISO: Update containerd from 1.6.9 to 1.6.15 #15541
+  * Kicbase/ISO: Update cri-dockerd from 0.2.2 to 0.3.0 #15541
+  * Kicbase/ISO: Update docker from 20.10.20 to 20.10.23 #15341 #15541
+  * Update KVM-docker-machine amd64 base image from Ubuntu 16.04 to 20.04
+  * For a more detailed changelog see CHANGELOG.md.
+
mininet
+- Update to upstream 2.3.0 (yes, 2.3.0 is newer than 2.3.0d6 for upstream):
+  * adds better Python 3 compatibility
+  * updated PIP URL
+  * removed unencrypted git protocol use
+
miniupnpc
+- update to 2.2.4:
+  * upnpc: use of @ to replace local lan address
+  * python module : Allow to specify the root description url
+  * Change directory structure : include/ and src/ directories.
+- drop makefile-deps-fix.patch (upstream)
+
mousepad
+- Update to version 0.6.0
+  * Dependency Changes:
+  - GLib >= 2.56.2
+  * New Features:
+  - Keep saved state in memory to track actual modification state
+  * Appearance Changes / Minor Improvements:
+  - Add "match whole word" toggle to search toolbar (#180, !124)
+  * Code Refactoring:
+  - cleanup: prefs: Reduce the diff from what Glade 3.40.0 would do
+  - cleanup: Use G_DECLARE_FINAL_TYPE
+  - cleanup: Remove dead code
+  - cleanup: Use consistent naming and avoid duplicated code
+  - build: Let xdt-depends.m4 macros set GLib macros
+  - flatpak: Updates from Flathub
+  * Bug Fixes:
+  - Clear undo action list in case of unbuffered modification
+  - Set file properties only for actual changes
+  - Emit "encoding-changed" after setting BOM if needed
+  - Update action states on reload
+  - Mark document as modified if line ending actually changes (Fixes #187)
+  - Do not show the menubar on Alt key release if focus is lost (#185)
+  - plugins: Do not resize unnecessarily the prefs dialog on Wayland
+  - Initialize static variable only once
+  - prefs-dialog: Improve history widget alignment (Fixes #173)
+  * Translation Updates
+
mpc-qt
+- Update to version 23.02
+  Features and/or improvements in this version:
+  * Expose pipewire buffer setting
+  * Sanitize more illegal characters from filenames
+  * Fix compatibility with newer KDE, dropping some UX fixes for
+    older KDE
+  * Fix control area hiding on multiple monitors
+  * Implement copying subtitle text to clipboard with ctrl-s
+  * Turn off prefer forced subs
+  * Better support for ultra-dark themes
+  * Implement basic ricing support
+  In addition, there may be other improvements not listed here.
+
mupdf
+- update to 1.21.1:
+  * Garbage collection problem causing file bloat on clean
+  * Don't assume sorted objects in pdf_objcmp
+  * Don't layout empty documents
+  * Type 3 font char bboxes
+  * Added MOBI input format support
+  * Added Story API for creating PDF documents from formatted text
+  * Added API to create, edit, and delete links
+  * Support custom images for Stamp annotations
+  * Support interior color on Polygon annotations
+  * Support line endings on PolyLine annotations
+  * Improved SVG output
+  * C++/Python/C# binding:
+  * Changes to naming of wrapper functions and classes
+  * Added limited support for callbacks into Python, using SWIG Directors
+
mutter
+- Update to version 41.9:
+  + Fixed crash [Jonas]
+
+- Update to version 41.8:
+  + Fix night light without GAMMA_LUT property [Jonas; !2435]
+  + wayland: Fix rotation transform [Robert; !1055]
+  + Fixed crash [Jonas; !2364]
+  + Misc. bug fixes [Olivier; !2463]
+
+- Update to version 41.7:
+  + KMS: Survive missing GAMMA_LUT property [Daniel; !2360]
+  + Fix --replace again [Jonas; !2432]
+- Update to version 41.6:
+  + Fix missing root window properties after XWayland start [Olivier; !2336]
+
+- Add mutter-crash-meta_context_terminate.patch: Fix SIGSEGV in
+  meta_context_terminate (bsc#1199382 glgo#GNOME/mutter#2267).
+
+- Update to version 41.5:
+  + Fix X11 → wayland drops ending up in the wrong wayland client.
+  + Allow forcing EGLStream backend.
+  + Updated translations.
+
nano
+- update to 7.2:
+  * <Shift+Insert> is prevented from pasting in view mode.
+
nautilus-share
+- Fix `'net usershare' returned error 255`; (bsc#1208375).
+  Add patch Bug1208375.patch.
+
-- Upgraded to version 0.7.2.
-- Removed upstreamed patches:
-  * nautilus-share-183413-restore-write-permissions.diff
-  * nautilus-share-181811-guest-permissions.diff
-  * nautilus-share-170212-restore-modified-permissions.diff
-  * nautilus-share-potfiles.patch
-  * nautilus-share-new-potfiles.patch
-
nco
+- Update to version 5.1.4:
+  * Introduced vertical interpolation for datasets stored on
+    depth/height grids, such as ocean data.
+  * Also fixed a vexing issue that can occur with certain compilers
+    on AMD hardware.
+
+- Update to version 5.1.3:
+  * Improved speed of vertical interpolation for fields whose
+    most-rapidly-varying dimension is the vertical (not horizontal).
+  * Also fixes an issue in using ncremap to invoke the interpolation.
+- Update to version 5.1.2:
+  * Improved support for horizontal regridding, vertical
+    interpolation, or both, on ultra high-resolution model output.
+- Update to version 5.1.1:
+  * Added features for NCZarr, regridding, and interpolation.
+    All operators now support NCZarr I/O and input filenames via
+    stdin.
+  * ncremap supports two new vertical extrapolation methods, 1D
+    files, and allows flexible masking based on external fields
+    such sub-gridscale extent.
+  * ncclimo outputs regional averages.
+  * Numerous minor fixes improve codec support and regridding
+    control.
+
ndctl
+- Merge fixes since v75
+  +  daxctl-Fix-memblock-enumeration-off-by-one.patch
+  +  daxctl-Skip-over-memory-failure-node-status.patch
+  +  meson.build-fix-version-for-v75.patch
+  +  libndctl-msft-Remove-NDN_MSFT_SMART_-_VALID-defines.patch
+  +  libndctl-msft-Replace-nonsense-NDN_MSFT_CMD_SMART-co.patch
+  +  libndctl-msft-Add-custom-cmd_is_supported-method.patch
+  +  libndctl-msft-Improve-smart-state-reporting.patch
+
nfs-utils
+- Rename all drop-in options.conf files as 10-options.conf
+  This makes it easier for other packages to over-ride
+  with a drop-in with a later sequence number.
+  resource-agents does this.
+  (bsc#1207843)
+
+- 0026-modprobe-avoid-error-messages-if-sbin-sysctl-fail.patch
+  Avoid modprobe errors when sysctl is not installed.
+  (bsc#1200710 bsc#1207022 bsc#1206781)
+- 0027-nfsd-allow-server-scope-to-be-set-with-config-or-com.patch
+  Add "-S scope" option to rpc.nfsd to simplify fail-over cluster
+  config.
+  (bsc#1203746)
+
numatop
-- Update to version 2.2
+- update to version 2.3
+  * Add support for SPR CPUs (jsc#PED-2015)
+
+- update to version 2.2
+  * Sources downloaded from git tag, no proper upstream release.
+  * Needs autoreconf.
nvidia-open-driver-G06-signed
+- no longer use %hardcode_pci_list macro on sle15/Leap15, since the
+  issue with generating wrong PCI ID modaliases for Supplements
+  has been fixed meanwhile also in pesign-obs-integration package
+  for sle15/Leap15 (boo#1207520)
+
+- Update to version 525.89.02
+
nvptx-tools
+- Update nvptx-tools tarball from git
+  * includes changes in nvptx-tools.patch
+  * deals with CUDA 11 dropping support for NVIDIA Kepler sm_30 and sm_32
+- Remove nvptx-tools.patch as it is included in the above tarball update
+- Package nvptx-none-run and nvptx-none-run-single tools
+
olm
+- update to 3.2.14:
+  * TypeScript type improvements.
+  * Improvements to Python packaging
+  * Documentation improvements.
+
onedrive
+- Update to version 2.4.23:
+  * Release files for 2.4.23 (#2280)
+  * Update handling of --source-directory and --destination-directory if empty (#2278)
+  * Update Alpine Dockerfile to use Alpine 3.17 (#2277)
+  * Update USAGE.md
+  * Update application-security.md
+  * docs: Fix typos in Docker.md (#2270)
+  * Update version checks (#2269)
+  * Update version release notification handling (#2267)
+  * Update --get-O365-drive-id error handling (#2266)
+  * systemd: disable PrivateUsers (#2265)
+  * Update INSTALL.md
+  * Update RHEL7, RHEL8 and RHEL9 Makefile and SPEC file compatibility (#2256)
+  * Restore RHEL7 spec file compatibility (#2254)
+
openCryptoki
+- Updated package to openCryptoki 3.20 (bsc#1207760,
+    jsc#PED-3376, jsc#PED-2870, jsc#PED-2869 )
+- Removed the following obsolite patches:
+  * ocki-3.19.0-0001-EP11-Unify-key-pair-generation-functions.patch
+  * ocki-3.19.0-0002-EP11-Do-not-report-DSA-DH-parameter-generation-as-be.patch
+  * ocki-3.19.0-0003-EP11-Do-not-pass-empty-CKA_PUBLIC_KEY_INFO-to-EP11-h.patch
+  * ocki-3.19.0-0004-Mechtable-CKM_IBM_DILITHIUM-can-also-be-used-for-key.patch
+  * ocki-3.19.0-0005-EP11-Remove-DSA-DH-parameter-generation-mechanisms-f.patch
+  * ocki-3.19.0-0006-EP11-Pass-back-chain-code-for-CKM_IBM_BTC_DERIVE.patch
+  * ocki-3.19.0-0007-EP11-Supply-CKA_PUBLIC_KEY_INFO-with-CKM_IBM_BTC_DER.patch
+  * ocki-3.19.0-0008-EP11-Supply-CKA_PUBLIC_KEY_INFO-when-importing-priva.patch
+  * ocki-3.19.0-0009-EP11-Fix-memory-leak-introduced-with-recent-commit.patch
+  * ocki-3.19.0-0010-p11sak-Fix-segfault-when-dilithium-version-is-not-sp.patch
+  * ocki-3.19.0-0011-EP11-remove-dead-code-and-unused-variables.patch
+  * ocki-3.19.0-0012-EP11-Update-EP11-host-library-header-files.patch
+  * ocki-3.19.0-0013-EP11-Support-EP11-host-library-version-4.patch
+  * ocki-3.19.0-0014-EP11-Add-new-control-points.patch
+  * ocki-3.19.0-0015-EP11-Default-unknown-CPs-to-ON.patch
+  * ocki-3.19.0-0016-COMMON-Add-defines-for-Dilithium-round-2-and-3-varia.patch
+  * ocki-3.19.0-0017-COMMON-Add-defines-for-Kyber.patch
+  * ocki-3.19.0-0018-COMMON-Add-post-quantum-algorithm-OIDs.patch
+  * ocki-3.19.0-0019-COMMON-Dilithium-key-BER-encoding-decoding-allow-dif.patch
+  * ocki-3.19.0-0020-COMMON-EP11-Add-CKA_VALUE-holding-SPKI-PKCS-8-of-key.patch
+  * ocki-3.19.0-0021-COMMON-EP11-Allow-to-select-Dilithium-variant-via-mo.patch
+  * ocki-3.19.0-0022-EP11-Query-supported-PQC-variants-and-restrict-usage.patch
+  * ocki-3.19.0-0023-POLICY-Dilithium-strength-and-signature-size-depends.patch
+  * ocki-3.19.0-0024-TESTCASES-Test-Dilithium-variants.patch
+  * ocki-3.19.0-0025-COMMON-EP11-Add-Kyber-key-type-and-mechanism.patch
+  * ocki-3.19.0-0026-EP11-Add-support-for-generating-and-importing-Kyber-.patch
+  * ocki-3.19.0-0027-EP11-Add-support-for-encrypt-decrypt-and-KEM-operati.patch
+  * ocki-3.19.0-0028-POLICY-STATISTICS-Check-for-Kyber-KEM-KDFs-and-count.patch
+  * ocki-3.19.0-0029-TESTCASES-Add-tests-for-CKM_IBM_KYBER.patch
+  * ocki-3.19.0-0030-p11sak-Support-additional-Dilithium-variants.patch
+  * ocki-3.19.0-0031-p11sak-Add-support-for-IBM-Kyber-key-type.patch
+  * ocki-3.19.0-0032-testcase-Enhance-p11sak-testcase-to-generate-IBM-Kyb.patch
+  * ocki-3.19.0-0033-EP11-Supply-CKA_PUBLIC_KEY_INFO-with-CKM_IBM_BTC_DER.patch
+  * ocki-3.19.0-0034-EP11-Fix-setting-unknown-CPs-to-ON.patch
+  * ocki-3.19.0-0035-Fix-compile-error-error-initializer-element-is-not-c.patch
+- Reworked ocki-3.19-remove-make-install-chgrp.patch to fit the current version of
+  the package and renamed it to  ocki-3.20-remove-make-install-chgrp.patch.
+
-- Changed spec file to use %autosetup instead of %setup.
+-- Changed spec file to use %autosetup instead of %setup.
openblas:gnu-hpc
+- Recreate old library scheme for existing products:
+  It turned out the new scheme on existing systems has
+  been causing package breakages.
+- Do not generate baselibs.conf for HPC builds.
+- Add support for gcc11 & 12.
+- For SLE/Leap on x86_64 and s390x do not mix compiler versions
+  as this will make the gfortran ABI version inconsistent. Instead
+  use the stock compiler and set the list of kernels for x86_64
+  cores explicitly as Cooperlake requires compiler intrinsics
+  which are not provided by gcc 7.
+- Require at least 7G of disk space for building.
+
+- Make sure pre-existing (arch-independent) update-alternatives
+  are wiped before registering new ones.
+  Since update-alternatives has no reliable way to check if
+  a certain 'generic name' exists, brute-force it and ignore
+  any error (boo#1208248).
+- Remove totally pointless - ie. never executed - %%posttrans
+  script.
+- Restore generic link for update-alternatives. This is usually
+  set by the update-alternatives and it is '%ghost'ed but rpmlint
+  complains.
+- Add rpmlintrc rules to avoid false positives from consistently
+  guessing the update-alternatives generic name wrong.
+- Make arch dependent generic names conditional.
+
+- Do not set LIBNAMESUFFIX to mark different flavors as this causes
+  the SONAME to be different so that different flavors of OpenBLAS
+  cannot serve as plugin replacements of each other (boo#1177260).
+- Fix a fallout of making alternatives directory arch dependent.
+- Remove unneeded links that will be created by update-alternatives.
+  Create remaining links %post scripts properly %ghost-ing the files.
+
+- Make library links in the alternatives directory arch dependent.
+  This avoids conflicts when both 32-bit and 64-bit versions are
+  installed (boo#1207563).
+
openblas:gnu-hpc-pthreads
+- Recreate old library scheme for existing products:
+  It turned out the new scheme on existing systems has
+  been causing package breakages.
+- Do not generate baselibs.conf for HPC builds.
+- Add support for gcc11 & 12.
+- For SLE/Leap on x86_64 and s390x do not mix compiler versions
+  as this will make the gfortran ABI version inconsistent. Instead
+  use the stock compiler and set the list of kernels for x86_64
+  cores explicitly as Cooperlake requires compiler intrinsics
+  which are not provided by gcc 7.
+- Require at least 7G of disk space for building.
+
+- Make sure pre-existing (arch-independent) update-alternatives
+  are wiped before registering new ones.
+  Since update-alternatives has no reliable way to check if
+  a certain 'generic name' exists, brute-force it and ignore
+  any error (boo#1208248).
+- Remove totally pointless - ie. never executed - %%posttrans
+  script.
+- Restore generic link for update-alternatives. This is usually
+  set by the update-alternatives and it is '%ghost'ed but rpmlint
+  complains.
+- Add rpmlintrc rules to avoid false positives from consistently
+  guessing the update-alternatives generic name wrong.
+- Make arch dependent generic names conditional.
+
+- Do not set LIBNAMESUFFIX to mark different flavors as this causes
+  the SONAME to be different so that different flavors of OpenBLAS
+  cannot serve as plugin replacements of each other (boo#1177260).
+- Fix a fallout of making alternatives directory arch dependent.
+- Remove unneeded links that will be created by update-alternatives.
+  Create remaining links %post scripts properly %ghost-ing the files.
+
+- Make library links in the alternatives directory arch dependent.
+  This avoids conflicts when both 32-bit and 64-bit versions are
+  installed (boo#1207563).
+
openblas:openmp
+- Recreate old library scheme for existing products:
+  It turned out the new scheme on existing systems has
+  been causing package breakages.
+- Do not generate baselibs.conf for HPC builds.
+- Add support for gcc11 & 12.
+- For SLE/Leap on x86_64 and s390x do not mix compiler versions
+  as this will make the gfortran ABI version inconsistent. Instead
+  use the stock compiler and set the list of kernels for x86_64
+  cores explicitly as Cooperlake requires compiler intrinsics
+  which are not provided by gcc 7.
+- Require at least 7G of disk space for building.
+
+- Make sure pre-existing (arch-independent) update-alternatives
+  are wiped before registering new ones.
+  Since update-alternatives has no reliable way to check if
+  a certain 'generic name' exists, brute-force it and ignore
+  any error (boo#1208248).
+- Remove totally pointless - ie. never executed - %%posttrans
+  script.
+- Restore generic link for update-alternatives. This is usually
+  set by the update-alternatives and it is '%ghost'ed but rpmlint
+  complains.
+- Add rpmlintrc rules to avoid false positives from consistently
+  guessing the update-alternatives generic name wrong.
+- Make arch dependent generic names conditional.
+
+- Do not set LIBNAMESUFFIX to mark different flavors as this causes
+  the SONAME to be different so that different flavors of OpenBLAS
+  cannot serve as plugin replacements of each other (boo#1177260).
+- Fix a fallout of making alternatives directory arch dependent.
+- Remove unneeded links that will be created by update-alternatives.
+  Create remaining links %post scripts properly %ghost-ing the files.
+
+- Make library links in the alternatives directory arch dependent.
+  This avoids conflicts when both 32-bit and 64-bit versions are
+  installed (boo#1207563).
+
openblas:pthreads
+- Recreate old library scheme for existing products:
+  It turned out the new scheme on existing systems has
+  been causing package breakages.
+- Do not generate baselibs.conf for HPC builds.
+- Add support for gcc11 & 12.
+- For SLE/Leap on x86_64 and s390x do not mix compiler versions
+  as this will make the gfortran ABI version inconsistent. Instead
+  use the stock compiler and set the list of kernels for x86_64
+  cores explicitly as Cooperlake requires compiler intrinsics
+  which are not provided by gcc 7.
+- Require at least 7G of disk space for building.
+
+- Make sure pre-existing (arch-independent) update-alternatives
+  are wiped before registering new ones.
+  Since update-alternatives has no reliable way to check if
+  a certain 'generic name' exists, brute-force it and ignore
+  any error (boo#1208248).
+- Remove totally pointless - ie. never executed - %%posttrans
+  script.
+- Restore generic link for update-alternatives. This is usually
+  set by the update-alternatives and it is '%ghost'ed but rpmlint
+  complains.
+- Add rpmlintrc rules to avoid false positives from consistently
+  guessing the update-alternatives generic name wrong.
+- Make arch dependent generic names conditional.
+
+- Do not set LIBNAMESUFFIX to mark different flavors as this causes
+  the SONAME to be different so that different flavors of OpenBLAS
+  cannot serve as plugin replacements of each other (boo#1177260).
+- Fix a fallout of making alternatives directory arch dependent.
+- Remove unneeded links that will be created by update-alternatives.
+  Create remaining links %post scripts properly %ghost-ing the files.
+
+- Make library links in the alternatives directory arch dependent.
+  This avoids conflicts when both 32-bit and 64-bit versions are
+  installed (boo#1207563).
+
openblas:serial
+- Recreate old library scheme for existing products:
+  It turned out the new scheme on existing systems has
+  been causing package breakages.
+- Do not generate baselibs.conf for HPC builds.
+- Add support for gcc11 & 12.
+- For SLE/Leap on x86_64 and s390x do not mix compiler versions
+  as this will make the gfortran ABI version inconsistent. Instead
+  use the stock compiler and set the list of kernels for x86_64
+  cores explicitly as Cooperlake requires compiler intrinsics
+  which are not provided by gcc 7.
+- Require at least 7G of disk space for building.
+
+- Make sure pre-existing (arch-independent) update-alternatives
+  are wiped before registering new ones.
+  Since update-alternatives has no reliable way to check if
+  a certain 'generic name' exists, brute-force it and ignore
+  any error (boo#1208248).
+- Remove totally pointless - ie. never executed - %%posttrans
+  script.
+- Restore generic link for update-alternatives. This is usually
+  set by the update-alternatives and it is '%ghost'ed but rpmlint
+  complains.
+- Add rpmlintrc rules to avoid false positives from consistently
+  guessing the update-alternatives generic name wrong.
+- Make arch dependent generic names conditional.
+
+- Do not set LIBNAMESUFFIX to mark different flavors as this causes
+  the SONAME to be different so that different flavors of OpenBLAS
+  cannot serve as plugin replacements of each other (boo#1177260).
+- Fix a fallout of making alternatives directory arch dependent.
+- Remove unneeded links that will be created by update-alternatives.
+  Create remaining links %post scripts properly %ghost-ing the files.
+
+- Make library links in the alternatives directory arch dependent.
+  This avoids conflicts when both 32-bit and 64-bit versions are
+  installed (boo#1207563).
+
openssl-1_1
+- FIPS: Serialize jitterentropy calls [bsc#1207994]
+  * Add openssl-1_1-serialize-jitterentropy-calls.patch
+
openssl-1_1-livepatches
+- Create livepatch for CVE-2023-0286 (SLE-15-SP4).
+
opi
+- Version 2.15.0
+- Fix repo name encoding when asking for new key addition
+
orage
+- Update to version 4.18.0
+  * Changed Orage internal time and data strings to GDateTime (MR !20)
+  * In event list, fixed event hiding when event start at 00:00 and
+    end 00:00 in same date (this kind event can be created when
+    creating full day event, save event and then unset full day option).
+    (MR !20)
+  * Removed bundled libical (Issue #5)
+  * Removed panel plugin (Issue #11)
+  * Removed GlobalTime (Issue #12)
+  * Replaced old Orage icons (Issue #16) and removed 160x160 icons
+  * Replaced deprecated dbus-glib with GDBus (Issue #4)
+  * Changed event attach order in day view window (Issue #15)
+  * Added Wayland support (Issue #2)
+  * Fixed orage_persistent_alarms.txt not found messages (MR !35)
+  * Fixed after wakeup tray icon updating (Issue #14)
+  * Changed alarm_structure to reference counted structure. This
+    fixes warnings about memory leaks (MR !38, replaces MR !8)
+  * Changed libnotify minimum version to 0.7.0 (MR !39)
+  * Disabled sound alarm when sound command is not set (MR !40)
+  * Fixed large ical file import (Issue #8)
+  * Translation Updates
+
-- recommend sox so /usr/bin/play can be used to play notification
-  sounds
-
orcania
+- Update to version 2.3.2
+  * Improve cmake script and MSVC support
+  * Build with flag -Wconversion
+
ovmf
+- Add ovmf-Revert-OvmfPkg-OvmfXen-Set-PcdFSBClock.patch to revert
+  71cdb91f313380152d7bf38cfeebe76f5b2d39ac patch (bsc#1205613)
+  - 71cdb91f313380152d7bf38cfeebe76f5b2d39ac OvmfPkg/OvmfXen: Set PcdFSBClock
+  - We are waiting better upsteam patch, revert the issue patch first.
+    Then PcdFSBClock will back to fixed variable.
+  - Reference: https://edk2.groups.io/g/devel/topic/94891128#96077
+  https://bugzilla.tianocore.org/show_bug.cgi?id=4340
+
package-translations
+- Update to version 89.87.20230128.cd224a6:
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Finnish)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Macedonian)
+  * Added translation using Weblate (Macedonian)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Russian)
+  * Added translation using Weblate (Macedonian)
+
+- Update to version 89.87.20220422.ad259799 poo#100104:
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Spanish)
+
pagein
+- update to 0.01.09:
+  * Makefile: bump version
+  * debian/control: update standards version to 4.6.1
+  * Add comm field information in verbose mode, print pids with %jd
+  * Update copyright year
+
papirus-icon-theme
+- update to 20230104:
+  * Komikku
+  * WebCord #3355
+  * Changed Pix symlink target to multimedia-photo-manager
+  * Rename application-dart to text-x-dart
+  * Updated app ids of RSS Guard
+
parsec
+- Add libstdc++6-devel-gcc11 to fix build with GCC11 on
+  Backports SLE15-SP4/5
+
+- Update to 1.1.0:
+  * Main updates:
+  - Add generate random support into TPM and PKCS11 providers
+  - Implement configurable exclusion of deprecated primitives
+  - Allow binary PIN values for PKCS11 provider
+  - Recognise a PKCS11 hardware token with its serial number
+    instead of slot number
+  * Full changelog: https://github.com/parallaxsecond/parsec/releases/tag/1.1.0
+
+- Update to 1.1.0-rc2
+
+- rust-packaging -> cargo-packaging (bsc#1198131)
+
patterns-base
+- Rename command-not-found to scout-command-not-found
+  * command-not-found RPM has showed in pool still, we need to recommands
+    the exact filename to avoid the old one got picked
+
perl-Data-OptList
+- updated to 0.113
+  see /usr/share/doc/packages/perl-Data-OptList/Changes
+  0.113     2022-12-31 21:07:47-05:00 America/New_York
+  - update author contact info
+
-- initial package 0.104
-
perl-Email-Date-Format
+- updated to 1.008
+  see /usr/share/doc/packages/perl-Email-Date-Format/Changes
+  1.008     2023-01-13 21:44:14-05:00 America/New_York
+  - use the version of Time::Local that doesn't guess at whether a year
+    is 99 or 1999 🙂
+  - skip tests on Win32 that never pass
+  - modernize just a bit of code
+
+- updated to 1.007
+  see /usr/share/doc/packages/perl-Email-Date-Format/Changes
+  1.007     2022-12-31 21:19:59-05:00 America/New_York
+  - update author info
+
-- recreated by cpanspec 1.78
-  o fix deps
-- noarch pkg
-- added bcond_with pod
-
-- add perl as explicit buildrequire
-
perl-Geo-IP2Location
+- Update to 8.70
+    Twenty-third release under the Geo::IP2Location
+    Added new function "get_district"
+    Added new function "get_asn"
+    Added new function "get_as"
+
perl-MIME-Types
+- updated to 2.24
+  see /usr/share/doc/packages/perl-MIME-Types/ChangeLog
+  version 2.24: Wed 28 Dec 13:06:23 CET 2022
+  Fixes:
+  - vnd.gentoo officially took 'tar' and 'tbz2', but 'application/
+  x-tar' resp 'x-gtar' prevails.  [Andreas Koenig]
+  version 2.23: Thu 22 Dec 17:20:33 CET 2022
+  Changes:
+  - iana updates
+
pesign
+- Add pesign-bsc1202933-Use-normal-file-permissions-instead-of-ACLs.patch
+  to use the normal file permissions in pesign-authorize to avoid
+  the potential security issue (bsc#1202933, CVE-2022-3560)
+- Set the libexecdir path for "make" to fix the path to
+  pesign-authorize in pesign.service (bsc#1202933)
+
php7
+  fix CVE-2023-0568 [bsc#1208366], NULL byte off-by-one in php_check_specific_open_basedir
+  + php7-CVE-2023-0568.patch
+  fix CVE-2023-0662 [bsc#1208367], DoS vulnerability when parsing multipart request body
+  + php7-CVE-2023-0662.patch
+  https://github.com/php/php-src/commit/a92acbad873a05470af1a47cb785a18eadd827b5, relates to CVE-2023-0567 [bsc#1208388]
+  + php7-crypt-possible-buffer-overread.patch
+
+- security update
+- added patches
php8
+- version update to 8.0.28
+  14 Feb 2023
+    Core:
+    Fixed bug #81744 (Password_verify() always return true with some hash).
+    Fixed bug #81746 (1-byte array overrun in common path resolve code).
+    SAPI:
+    Fixed bug GHSA-54hq-v5wp-fqgv (DOS vulnerability when parsing multipart request body). (CVE-2023-0662)
+    This is a security release that addresses CVE-2023-0567,
+    CVE-2023-0568, and CVE-2023-0662.
+- We are not affected by CVE-2023-0567 (https://github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4)
+  as we build against system libcrypt.
+- See [bsc#1208388], [bsc#1208366], [bsc#1208367].
+
phpMyAdmin
+- Update to 5.2.1
+  This is a security and bufix release.
+  * Security
+  - Fix (PMASA-2023-01, CWE-661, boo#1208186, CVE-2023-25727)
+    Fix an XSS attack through the drag-and-drop upload feature.
+  * Bugfix
+  - issue #17522 Fix case where the routes cache file is invalid
+  - issue #17506 Fix error when configuring 2FA without XMLWriter or Imagick
+  - issue        Fix blank page when some error occurs
+  - issue #17519 Fix Export pages not working in certain conditions
+  - issue #17496 Fix error in table operation page when partitions are broken
+  - issue #17386 Fix system memory and system swap values on Windows
+  - issue #17517 Fix Database Server panel not getting hidden by ShowServerInfo configuration directive
+  - issue #17271 Fix database names not showing on Processes tab
+  - issue #17424 Fix export limit size calculation
+  - issue #17366 Fix refresh rate popup on Monitor page
+  - issue #17577 Fix monitor charts size on RTL languages
+  - issue #17121 Fix password_hash function incorrectly adding single quotes to password before hashing
+  - issue #17586 Fix statistics not showing for empty databases
+  - issue #17592 Clicking on the New index link on the sidebar does not throw an error anymore
+  - issue #17584 It's now possible to browse a database that includes two % in its name
+  - issue        Fix PHP 8.2 deprecated string interpolation syntax
+  - issue        Some languages are now correctly detected from the HTTP header
+  - issue #17617 Sorting is correctly remembered when $cfg['RememberSorting'] is true
+  - issue #17593 Table filtering now works when action buttons are on the right side of the row
+  - issue #17388 Find and Replace using regex now makes a valid query if no matching result set found
+  - issue #17551 Enum/Set editor will not fail to open when creating a new column
+  - issue #17659 Fix error when a database group is named tables, views, functions, procedures or events
+  - issue #17673 Allow empty values to be inserted into columns
+  - issue #17620 Fix error handling at phpMyAdmin startup for the JS SQL console
+  - issue        Fixed debug queries console broken UI for query time and group count
+  - issue        Fixed escaping of SQL query and errors for the debug console
+  - issue        Fix console toolbar UI when the bookmark feature is disabled and sql debug is enabled
+  - issue #17543 Fix JS error on saving a new designer page
+  - issue #17546 Fix JS error after using save as and open page operation on the designer
+  - issue        Fix PHP warning on GIS visualization when there is only one GIS column
+  - issue #17728 Some select HTML tags will now have the correct UI style
+  - issue #17734 PHP deprecations will only be shown when in a development environment
+  - issue #17369 Fix server error when blowfish_secret is not exactly 32 bytes long
+  - issue #17736 Add utf8mb3 as an alias of utf8 on the charset description page
+  - issue #16418 Fix FAQ 1.44 about manually removing vendor folders
+  - issue #12359 Setup page now sends the Content-Security-Policy headers
+  - issue #17747 The Column Visibility Toggle will not be hidden by other elements
+  - issue #17756 Edit/Copy/Delete row now works when using GROUP BY
+  - issue #17248 Support the UUID data type for MariaDB >= 10.7
+  - issue #17656 Fix replace/change/set table prefix is not working
+  - issue        Fix monitor page filter queries only filtering the first row
+  - issue        Fix "Link not found!" on foreign columns for tables having no char column to show
+  - issue #17390 Fix "Create view" modal doesn't show on results and empty results
+  - issue #17772 Fix wrong styles for add button from central columns
+  - issue #17389 Fix HTML disappears when exporting settings to browser's storage
+  - issue #17166 Fix "Warning: #1287 'X' is deprecated [...] Please use ST_X instead." on search page
+  - issue        Use jquery-migrate.min.js (14KB) instead of jquery-migrate.min.js (31KB)
+  - issue #17842 Use jquery.validate.min.js (24 KB) instead of jquery.validate.js (50 KB)
+  - issue #17281 Fix links to databases for information_schema.SCHEMATA
+  - issue #17553 Fix Metro theme unreadable links above navigation tree
+  - issue #17553 Metro theme UI fixes and improvements
+  - issue #17553 Fix Metro theme login form with
+  - issue #16042 Exported gzip file of database has first ~73 kB uncompressed and rest is gzip compressed in Firefox
+  - issue #17705 Fix inline SQL query edit FK checkbox preventing submit buttons from working
+  - issue #17777 Fix Uncaught TypeError: Cannot read properties of null (reading 'inline') on datepickers when re-opened
+  - issue        Fix Original theme buttons style and login form width
+  - issue #17892 Fix closing index edit modal and reopening causes it to fire twice
+  - issue #17606 Fix preview SQL modal not working inside "Add Index" modal
+  - issue        Fix PHP error on adding new column on create table form
+  - issue #17482 Default to "Full texts" when running explain statements
+  - issue        Fixed Chrome scrolling performance issue on a textarea of an "export as text" page
+  - issue #17703 Fix datepicker appears on all fields, not just date
+  - issue        Fix space in the tree line when a DB is expanded
+  - issue #17340 Fix "New Table" page -> "VIRTUAL" attribute is lost when adding a new column
+  - issue #17446 Fix missing option for STORED virtual column on MySQL and PERSISTENT is not supported on MySQL
+  - issue #17446 Lower the check for virtual columns to MySQL>=5.7.6 nothing is supported on 5.7.5
+  - issue        Fix column names option for CSV Export
+  - issue #17177 Fix preview SQL when reordering columns doesn't work on move columns
+  - issue #15887 Fixed DROP TABLE errors ignored on multi table select for DROP
+  - issue #17944 Fix unable to create a view from tree view button
+  - issue #17927 Fix key navigation between select inputs (drop an old Firefox workaround)
+  - issue #17967 Fix missing icon for collapse all button
+  - issue #18006 Fixed UUID columns can't be moved
+  - issue        Add `spellcheck="false"` to all password fields and some text fields to avoid spell-jacking data leaks
+  - issue        Remove non working "Analyze Explain at MariaDB.org" button (MariaDB stopped this service)
+  - issue #17229 Add support for Web Authentication API because Chrome removed support for the U2F API
+  - issue #18019 Fix "Call to a member function fetchAssoc() on bool" with SQL mode ONLY_FULL_GROUP_BY on monitor search logs
+  - issue        Add back UUID and UUID_SHORT to functions on MySQL and all MariaDB versions
+  - issue #17398 Fix clicking on JSON columns triggers update query
+  - issue        Fix silent JSON parse error on upload progress
+  - issue #17833 Fix "Add Parameter" button not working for Add Routine Screen
+  - issue #17365 Fixed "Uncaught Error: regexp too big" on server status variables page
+- Rebase phpMyAdmin-config.patch.
+
pocl
+- Use generic-rv64 cpu on riscv64
+
+- Update to version 3.1
+  * Support CLang/LLVM 15
+  * Much improved SPIR-V support for CPU and CUDA drivers
+  * Major rework of the custom device driver.
+  * Various improvements to the work-in-progress Vulkan driver
+  * Basic implementation of cl_khr_command_buffer
+
portmidi
-- If we don't build the java bindings, we can reduce the minimum
-  cmake version to a level, that allows building for current Leaps
-
-- update to 2.0.4:
-  This release adjusts the data rate limit imposed on MIDI through macOS IAC
-  bus to avoid losing data (this is a macOS limitation, not a PortMidi
-  limitation). Apparently, the limit was significantly dropped somewhere around
-  macOS 12. This release is tested on Apple M2 in addition to Linux, Win32, and
-  macOS Intel. It also includes a working but not complete port to Haiku.
-- drop 0001-Add-missing-return-type.patch,
-  0001-changing-path-to-pm_common-directory-in-file-pm_comm.patch
-  0001-Adding-missing-file-to-repo.patch: upstream
-
-- Disable RPATH in the .spec
-
-- Update to 2.0.3
-  * This version allows multiple hardware devices to have the same
-    name.
-- Add upstream changes:
-  * 0001-Adding-missing-file-to-repo.patch
-  * 0001-changing-path-to-pm_common-directory-in-file-pm_comm.patch
-  * 0001-Add-missing-return-type.patch
-
-- Update to 2.0.2
-  - build system fixes
-- drop 7ed4da65ff67fa2b22eccd88beb743bd2dff6bfb.patch
-- require cmake >= 3.21
-
-- restore the java package with the pmdefaults app
-  7ed4da65ff67fa2b22eccd88beb743bd2dff6bfb.patch
-- restore test tools again
-
-- Update to 2.0.1
-  PortMidi has a new extended API with Pm_CreateVirtualInput(),
-  Pm_CreateVirtualOutput(), and Pm_DeleteVirtualDevice() so we are
-  calling this major version 2. Other changes include:
-  - More careful rate limiting on macOS to allow faster IO to real
-  devices, while still limiting flow through IAC bus and virtual
-  ports that might cause macOS to drop messages.
-  - Many updates to CMake files, including install and package
-  functions.
-  - Elimination of scorealign, portsmf, and PortMidi support for
-  several other languages. (We'll try to maintain links to active
-  projects or host language support in separate repos within this
-  PortMidi project.)
-  - Only basic support for Java and PmDefaults program. Current plan
-  is to eliminate PmDefaults, Pm_GetDefaultInputDeviceID(), and
-  Pm_GetDefaultOutputDeviceID() at the end of 2022, moving
-  jportmidi and pmjni library to another repo unless users
-  complain. Unfortunately, operating systems never introduced
-  preferred MIDI devices analogous to preferred Audio devices.
-  - A few other bug fixes such as Unicode handling are now included.
-- drop patches from upstream:
-  portmidi-fix_build.patch
-  portmidi-fix_java_cmake.patch
-  portmidi-fix_pmdefaults_startup_script.patch
-- drop rpmlintrc as we no longer need it
-- modernize spec file
-- drop java subpackage for now
-
+- fix build on >= 12.1
+
+- update to version 217
+- complete spec file rewrite, moved to cmake
+
+- creating package in OBS
+
+- add -fPIC flag for x86_64 build
+
+- build on fc6
+
+- added patch to link libporttime to the pthreads library, otherwise
+  it can't be loaded independently of libportmidi
+
+- added Debian patches to build shared libraries neede by Common Music
+
postgresql12
+- Update to 12.14:
+  * CVE-2022-41862, bsc#1208102: memory leak in libpq
+  * https://www.postgresql.org/about/news/2592/
+  * https://www.postgresql.org/docs/12/release-12-14.html
+- Bump latest_supported_llvm_ver to 15.
+
postgresql13
+- Update to 13.10:
+  * CVE-2022-41862, bsc#1208102: memory leak in libpq
+  * https://www.postgresql.org/about/news/2592/
+  * https://www.postgresql.org/docs/13/release-13-10.html
+- Bump latest_supported_llvm_ver to 15.
+
postgresql14
+- Update to 14.7:
+  * CVE-2022-41862, bsc#1208102: memory leak in libpq
+  * https://www.postgresql.org/about/news/2592/
+  * https://www.postgresql.org/docs/14/release-14-7.html
+- Bump latest_supported_llvm_ver to 15.
+
postgresql15
+- Update to 15.2:
+  * CVE-2022-41862, bsc#1208102: memory leak in libpq
+  * https://www.postgresql.org/about/news/2592/
+  * https://www.postgresql.org/docs/15/release-15-2.html
+- Bump latest_supported_llvm_ver to 15.
+
product-builder-plugin-SLE_15
+- update to version 1.0.11
+  * final output SBOM filenames following OBS definitions
+  * CycloneDX SBOM support added
+
prometheus-ha_cluster_exporter
+- Release 1.3.1
+  [#]# Changed
+  * Brought GitHub Actions config and Makefile up to speed.
+  * Bump github.com/prometheus/client_golang from 1.12.2 to 1.14.0 by @dependabot in https://github.com/ClusterLabs/ha_cluster_exporter/pull/208
+  * Bump github.com/stretchr/testify from 1.7.1 to 1.8.1 by @dependabot in https://github.com/ClusterLabs/ha_cluster_exporter/pull/211
+  * Bump github.com/prometheus/exporter-toolkit from 0.7.1 to 0.7.3 by @dependabot in https://github.com/ClusterLabs/ha_cluster_exporter/pull/207 (fixes bnc#1208046 CVE-2022-46146)
+  * *Full Changelog**: https://github.com/ClusterLabs/ha_cluster_exporter/compare/1.3.0...1.3.1
+
proteus
+- Version 6.0.8 - Bugfix Release
+
python-pybind11-stubgen
+- Update to version 0.12.0
+  * Added support for @classmethod
+
python-pyglet
+- Drop config(Mesa): it was a random provides from the Mesa package
+  that indicates it ships configuration file. The Mesa package is an
+  empty metadata package.
+
python-tomli
+- Update(back) to 1.2.3 (from 2.0.1) since 2.0.1 needs python 3.7
+
+- Merge base and -test package, there is no extra dependency any
+  more, tests just need the python interpreter
+
python3
+- Add bpo27321-email-no-replace-header.patch to stop
+  email.generator.py from replacing a non-existent header
+  (bsc#1208443, gh#python/cpython#71508).
+
+- Add CVE-2022-45061-DoS-by-IDNA-decode.patch to avoid
+  CVE-2022-45061 (bsc#1205244) allowing DoS by IDNA decoding
+  extremely long domain names.
+
qbittorrent
+- Update to version 4.5.2
+  Bug fixes:
+  * Don't unexpectedly activate queued torrents when prefetching
+    metadata for added magnets
+  * Update the cached torrent state once recheck is started
+  * Be more likely to allow the system to use power saving modes
+  Web UI:
+  * Migrate away from unsafe function
+  * Blacklist bad ciphers for TLS in the server
+  * Allow only TLS 1.2+ in the server
+  * Allow to set read-only directory as torrent location
+  * Reject requests that contain backslash in path
+  RSS:
+  * Prevent RSS folder from being moved into itself
+
+- Update to version 4.5.1
+  New features:
+  * Re-allow to use icons from system theme
+  Bug fixes:
+  * Fix Speed limit icon size
+  * Revise and fix some text colors
+  * Correctly load folder based UI theme
+  * Fix crash due to invalid encoding of tracker URLs
+  * Don't drop !qB extension when renaming incomplete file
+  * Correctly count the number of torrents in subcategories
+  * Use "additional trackers" when metadata retrieving
+  * Apply correct tab order to Category options dialog
+  * Add all torrents passed via the command line
+  * Fix startup performance on Qt5
+  * Automatic move will now overwrite existing files
+  * Some fixes for loading Chinese locales
+  * New Pause icon color for toolbar/menu
+  * Adjust env variable for PDB discovery
+  Web UI:
+  * Fix missing "queued" icon
+  * Return paths using platform-independent separator format
+  * Change order of accepted types of file input
+  * Add missing icons
+  * Add "Resume data storage type" option
+  * Make rename file dialog resizable
+  * Prevent incorrect line breaking
+  * Improve hotkeys
+  * Remove suggestions while searching for torrents
+  * Expose "IS PRIVATE" flag
+  * Return name/hash/infohash_v1/infohash_v2 torrent properties
+  Other:
+  * Fix tray icon issues
+
qemu
+- Fixes: jsc#PED-1716  Add S390 features from IBM requirements
+  * Patches added:
+  dump-Add-architecture-section-and-sectio.patch
+  dump-Refactor-dump_iterate-and-introduce.patch
+  dump-Reintroduce-memory_offset-and-secti.patch
+  dump-Rename-write_elf_loads-to-write_elf.patch
+  dump-Rename-write_elf-_phdr_note-to-prep.patch
+  dump-Reorder-struct-DumpState.patch
+  dump-Replace-opaque-DumpState-pointer-wi.patch
+  dump-Rework-dump_calculate_size-function.patch
+  dump-Rework-filter-area-variables.patch
+  dump-Rework-get_start_block.patch
+  dump-Split-elf-header-functions-into-pre.patch
+  dump-Use-a-buffer-for-ELF-section-data-a.patch
+  dump-Write-ELF-section-headers-right-aft.patch
+  include-elf.h-add-s390x-note-types.patch
+  s390x-Add-KVM-PV-dump-interface.patch
+  s390x-Add-protected-dump-cap.patch
+  s390x-Introduce-PV-query-interface.patch
+  s390x-pv-Add-dump-support.patch
+
+- Fixed: bsc#1205847 (CVE-2022-4172), bsc#1203788 (CVE-2022-3165),
+  bsc#1205808 (CVE-2022-4144), bsc#1206527, bsc#1208139
+- Improved handling of: bsc#1202282 (jsc#PED-2592)
+  * Patches dropped:
+  pc-q35-Bump-max_cpus-to-1024.patch
+  * Patches added:
+  accel-abort-if-we-fail-to-load-the-accel.patch
+  bios-tables-test-add-test-for-number-of-.patch
+  bios-tables-test-teach-test-to-use-smbio.patch
+  dmg-warn-when-opening-dmg-images-contain.patch
+  hw-acpi-erst.c-Fix-memory-handling-issue.patch
+  hw-display-qxl-Avoid-buffer-overrun-in-q.patch
+  hw-display-qxl-Document-qxl_phys2virt.patch
+  hw-display-qxl-Have-qxl_log_command-Retu.patch
+  hw-display-qxl-Pass-requested-buffer-siz.patch
+  hw-smbios-add-core_count2-to-smbios-tabl.patch
+  hw-smbios-support-for-type-8-port-connec.patch
+  module-add-Error-arguments-to-module_loa.patch
+  module-removed-unused-function-argument-.patch
+  module-rename-module_load_one-to-module_.patch
+  openSUSE-pc-q35-Bump-max_cpus-to-1024.patch
+  s390x-tod-kvm-don-t-save-restore-the-TOD.patch
+  tests-acpi-allow-changes-for-core_count2.patch
+  tests-acpi-update-tables-for-new-core-co.patch
+  ui-vnc-clipboard-fix-integer-underflow-i.patch
+
+- Refactor building and installing SeaBIOS docs
+
+- Rename submodule patches so that it's clear which ones
+  are backports and which ones are downstream only fixes;
+- No functional change intended.
+  * Patches dropped:
+  Ignore-spurious-GCC-12-warning.patch
+  roms-sgabios-Fix-csum8-to-be-built-by-ho.patch
+  Makefile-define-endianess-for-cross-buil.patch
+  ipxe-Makefile-fix-issues-of-build-reprod.patch
+  qboot-add-cross.ini-file-to-handle-aarch.patch
+  sgabios-Makefile-fix-issues-of-build-rep.patch
+  Silence-GCC-12-spurious-warnings.patch
+  build-be-explicit-about-mx86-used-note-n.patch
+  enable-cross-compilation-on-ARM.patch
+  stub-out-the-SAN-req-s-in-int13.patch
+  help-compiler-out-by-initializing-array.patch
+  seabios-switch-to-python3-as-needed.patch
+  * Patches added:
+  openSUSE-Basetools-Ignore-spurious-GCC-1.patch
+  openSUSE-Makefile-Fix-csum8-to-be-built-.patch
+  openSUSE-Makefile-define-endianess-for-c.patch
+  openSUSE-Makefile-fix-issues-of-build-re.patch
+  openSUSE-add-cross.ini-file-to-handle-aa.patch
+  openSUSE-build-Makefile-fix-issues-of-bu.patch
+  openSUSE-build-Silence-GCC-12-spurious-w.patch
+  openSUSE-build-be-explicit-about-mx86-us.patch
+  openSUSE-build-enable-cross-compilation-.patch
+  openSUSE-pcbios-stub-out-the-SAN-req-s-i.patch
+  openSUSE-switch-to-python3-as-needed.patch
+  openSUSE-test-help-compiler-out-by-initi.patch
+
qemu:linux-user
+- Fixes: jsc#PED-1716  Add S390 features from IBM requirements
+  * Patches added:
+  dump-Add-architecture-section-and-sectio.patch
+  dump-Refactor-dump_iterate-and-introduce.patch
+  dump-Reintroduce-memory_offset-and-secti.patch
+  dump-Rename-write_elf_loads-to-write_elf.patch
+  dump-Rename-write_elf-_phdr_note-to-prep.patch
+  dump-Reorder-struct-DumpState.patch
+  dump-Replace-opaque-DumpState-pointer-wi.patch
+  dump-Rework-dump_calculate_size-function.patch
+  dump-Rework-filter-area-variables.patch
+  dump-Rework-get_start_block.patch
+  dump-Split-elf-header-functions-into-pre.patch
+  dump-Use-a-buffer-for-ELF-section-data-a.patch
+  dump-Write-ELF-section-headers-right-aft.patch
+  include-elf.h-add-s390x-note-types.patch
+  s390x-Add-KVM-PV-dump-interface.patch
+  s390x-Add-protected-dump-cap.patch
+  s390x-Introduce-PV-query-interface.patch
+  s390x-pv-Add-dump-support.patch
+
+- Fixed: bsc#1205847 (CVE-2022-4172), bsc#1203788 (CVE-2022-3165),
+  bsc#1205808 (CVE-2022-4144), bsc#1206527, bsc#1208139
+- Improved handling of: bsc#1202282 (jsc#PED-2592)
+  * Patches dropped:
+  pc-q35-Bump-max_cpus-to-1024.patch
+  * Patches added:
+  accel-abort-if-we-fail-to-load-the-accel.patch
+  bios-tables-test-add-test-for-number-of-.patch
+  bios-tables-test-teach-test-to-use-smbio.patch
+  dmg-warn-when-opening-dmg-images-contain.patch
+  hw-acpi-erst.c-Fix-memory-handling-issue.patch
+  hw-display-qxl-Avoid-buffer-overrun-in-q.patch
+  hw-display-qxl-Document-qxl_phys2virt.patch
+  hw-display-qxl-Have-qxl_log_command-Retu.patch
+  hw-display-qxl-Pass-requested-buffer-siz.patch
+  hw-smbios-add-core_count2-to-smbios-tabl.patch
+  hw-smbios-support-for-type-8-port-connec.patch
+  module-add-Error-arguments-to-module_loa.patch
+  module-removed-unused-function-argument-.patch
+  module-rename-module_load_one-to-module_.patch
+  openSUSE-pc-q35-Bump-max_cpus-to-1024.patch
+  s390x-tod-kvm-don-t-save-restore-the-TOD.patch
+  tests-acpi-allow-changes-for-core_count2.patch
+  tests-acpi-update-tables-for-new-core-co.patch
+  ui-vnc-clipboard-fix-integer-underflow-i.patch
+
+- Refactor building and installing SeaBIOS docs
+
+- Rename submodule patches so that it's clear which ones
+  are backports and which ones are downstream only fixes;
+- No functional change intended.
+  * Patches dropped:
+  Ignore-spurious-GCC-12-warning.patch
+  roms-sgabios-Fix-csum8-to-be-built-by-ho.patch
+  Makefile-define-endianess-for-cross-buil.patch
+  ipxe-Makefile-fix-issues-of-build-reprod.patch
+  qboot-add-cross.ini-file-to-handle-aarch.patch
+  sgabios-Makefile-fix-issues-of-build-rep.patch
+  Silence-GCC-12-spurious-warnings.patch
+  build-be-explicit-about-mx86-used-note-n.patch
+  enable-cross-compilation-on-ARM.patch
+  stub-out-the-SAN-req-s-in-int13.patch
+  help-compiler-out-by-initializing-array.patch
+  seabios-switch-to-python3-as-needed.patch
+  * Patches added:
+  openSUSE-Basetools-Ignore-spurious-GCC-1.patch
+  openSUSE-Makefile-Fix-csum8-to-be-built-.patch
+  openSUSE-Makefile-define-endianess-for-c.patch
+  openSUSE-Makefile-fix-issues-of-build-re.patch
+  openSUSE-add-cross.ini-file-to-handle-aa.patch
+  openSUSE-build-Makefile-fix-issues-of-bu.patch
+  openSUSE-build-Silence-GCC-12-spurious-w.patch
+  openSUSE-build-be-explicit-about-mx86-us.patch
+  openSUSE-build-enable-cross-compilation-.patch
+  openSUSE-pcbios-stub-out-the-SAN-req-s-i.patch
+  openSUSE-switch-to-python3-as-needed.patch
+  openSUSE-test-help-compiler-out-by-initi.patch
+
qloud
+- update to 1.4.2:
+  * memory leak fixes
+  * bugfixes
+
qsynth
+- update to 0.9.9:
+  * Just bumping into the next develop cycle/season.
+
qt5ct
+- Update to 1.5
+  * fixed cmake support
+  * prepend custom stylesheets to the application stylesheet
+  * updated Catalan translation
+  * updated French translation
+  * added troubleshooting settings
+  * added Japanese translation
+  * updated Dutch translation
+  * updated Spanish translation
+  * updated Russian translation
+  * updated Greek translation
+  * fixed build regression
+- Use CMake for building qt5ct.
+
+- Update to version 1.2:
+  * updated color schemes
+  * updated Spanish translation
+  * updated Dutch translation
+  * updated Chinese (Simplified) translation
+  * updated Dunish translation
+  * updated Italian translation
+
+- Update to 1.1:
+  * fixed issue with custom icon themes
+  * updated Danish translation (scootergrisen)
+
+- Update to 1.0:
+  * added Ia Ora color scheme (from Mandriva default style)
+  * disabled debug messages by default
+  * fixed Qt 5.15 palette
+  * fixed crash on certain applications under Qt 5.15 (boo#1174224)
+
qt5platform-plugins
+- Update version to 5.0.70
+  * Change license to LGPL-3.0+
+  * Fix bugs
+- Fix build on Qt 5.15.7
+
quagga
-- Update to 0.99.23
-  See http://savannah.spinellicreations.com//quagga/quagga-0.99.23.changelog.txt
-  minor fixes:
-    bgpd: Fix condition allowas-in in rsclient code
-    support TTL-security with iBGP, factor out TTL setting
-    factor out eBGP multihop check
-    fix fast external fallover behavior
-    increase TCP socket buffer size
-    fix O_NONBLOCK on outgoing
-    send notify in OpenSent when stopping manually
-    display multipath status in "show ip bgp"
-    track correct originator-id in reflected routes
-    add 'bgp bestpath as-path multipath-relax'
-    fix crash when allowas-in is done on inactive peer
-  efficient NLRI packing for AFs != ipv4-unicast
-  don't compare next-hop to router-id
-  use ATTR_FLAG_BIT() for BGP_ATTR_ values
-  fix some DEFUN definitions
-  bgpd-set-v4-nexthop-for-v6-peering.patch
-  support NEXTHOP_IPV4_IFINDEX in bgp import check
-  honor PEER_FLAG_DISABLE_CONNECTED_CHECK on bgp_scan
-  write NOTIFY non-blockingly
-  prevent double address delete on shutdown
-  stricter packet handling in OpenSent
-  fix lost passwords of grouped neighbors
-  * : nuke ^L (page feed)
-    isisd: ignore the unrecognized TLVs
-    ripd: fix "show ip rip status" documentation
-  avoid the zero interface metric
-  correctly redistribute ifindex routes (BZ#664)
-    zebra: raise the privileges before calling socket()
-    Change the mechanism for comparing route ID's.
-    fix some DEFUN definitions
-    apply syntactic sugar to rib_dump()
-    set metric for directly connected routes via netlink to 0
-    log routes w/o gateway in rib_delete_ipv4
-    match gateway when deleting NEXTHOP_IPV4_IFINDEX routes
-    make rib_dump() compatible with IPv6 RIB
-    apply route-maps for interface routes
-    fix recursive-routes via ifindex routes
-    implement NEXTHOP_FLAG_ONLINK
-    handle blackholes encountered in recursive resolution
-    rework recursive route resolution
-    improve interface shutdown behaviour
-    don't change connected state from zebra/interface.c
-    add ZEBRA_IFC_QUEUED to keep track of kernel state
-  warn if advertising connected with _REAL unset
-  consolidate connected_implicit_withdraw
-  clear ZEBRA_IFC_CONFIGURED on "no ipv6 addr"
-  make if_subnet_delete a bit more strict
-  process information about new addresses (BZ#486)`
-  support NEXTHOP_IPV4_IFINDEX in bgp import check
-  improve display of NEXTHOP_IPV4_IFINDEX in show ip route
-  don't printf to stdout on ZEBRA_IPV6_NEXTHOP_LOOKU
-  use SO_RCVBUFFORCE for netlink socket
-    ospfd: add debug messages for router lsa-generation
-  For an ABR, ensure the right LSID is MaxAge'd
-  clarify indentation and comments in ospf_lsa_maxage_delete
-  fix a reference counting issue introduced by commit 4de8bf0011
-  check the LS-Ack's recentness instead of only comparing the #seq
-  don't allow to set network type on loopback interfaces
-  run DR election prior to LSA regeneration
-  ospfd/ospf_vty.c: use keyword cmd style
-  fix some DEFUN definitions
-  fixup log message in ospf_zebra_delete
-  refactor some common defines
-  protect vs. VU#229804 (malformed Router-LSA)
-  CVE-2013-2236, stack overrun in apiserver
-  fix flooding procedure
-  make ospf_maxage_lsa_remover actually yield
-  restore nexthop IP for p2p interfaces
-  fix LSA initialization for build without opaque LSA
-    lib: use heap to manage timers
-    remove unused thread_master_debug function
-    lib/command.c: rewrite command matching/parsing
-    fix possible off-by-one in stream_put_prefix()
-    fix for dynamically grown hashes
-    fix backtraces broken by 837d16c...
-    unconditionally include stddef.h
-    register vtysh socket in server socket vector (BZ#754)
-    ospf6d: fix refcounting in ospf6_asbr_lsa_remove
-    add "auto-cost reference-bandwidth" command
-    compute interface cost from its bandwidth
-    solve segfaults with ospf6d on FreeBSD
-    Merge volatile/cumulus_ospf6d
-    fix interface_down() stopping hellos
-    clear lsa->refresh before clearing LSAs
-    handle missing link local address more gracefully
-    improve ordered shutdown
-    clear DR info on interface_down
-    set cmsg size correctly
-    don't run DR election early on "ipv6 ospf6 priority"
-    fix integrated config
-    add SPF logs, statistics, and display of SPF parameters
-    add 'log-adjacency-changes [detail]'
-    don't send LSAck on an interface if we've flooded the LSU out that i/f
-    handle Prefix and Router Options bits correctly
-    add LSA payload to show summary output
-    increment dbdesc seqnum on SeqNumberMismatch/BadLsReq event
-    don't change SeqNum on initial DbDesc message
-    handle seqnum wrapping
-    add overload support
-    fix linkdown handling
-    correct nexthop through directly connected networks
-    don't suppress empty router LSA
-    turn off expensive debugging
-    convert LSDB to use route_node, improve performance
-    fix neighbor state machine (faster lsdb sync, RFC compliance)
-    add p2p interface support
-    fix various bugs in installing and flooding LSAs
-    add more details to show ipv6 ospf6 data
-    enable the commands to support detailed debugging of LSAs.
-    remove older version of LSA from neigbor retx list before prematurely aging it.
-    schedule SPF to run on events rather than directly on each event.
-    refactor some common defines
-    security: Fix some typos and potential NULL-deref
-    tests: Add tests for timers
-    add a test program for lib/command.c
-    DejaGNU libzebra bgpd
-    add DejaGNU framework
-    vtysh: don't append superflous spaces (BZ#750)
-  fix false lib path matching in extract.pl.in
-    doc: Modernize INSTALL.quagga.txt.
-    update TODO for ospf6d work & bgp multipath
-    add OSPFv3 homenet to TODO
-    hash: dynamically grow hash table
-  force size to be a power of 2
-    guile: remove
-  build issues:
-    lib: remove redundant and incorrect sys/fcntl.h include
-    vtysh: fix build against readline 6.3
-    tests: fix build & disable testcommands
-    don't build tests unless make check is run
-    fix Makefile.am so it works with BSD make
-    make --disable-bgpd kill bgpd tests too
-    build: remove now-useless --{en, dis}able-tests
-  improve backtrace support/detection
-  reference libcap from libzebra (BZ#393,626)
-  fix minimal mixup in gitinfo suffix
-  Update supported versions.
-  update quagga.spec.in
-    isisd: use bug-report information from autoconf
-    ospf6d: use bug-report information from autoconf
-    doc: fix makeinfo errors and one warning
-
-- Updated to 0.99.23
-  Changed /var/run to /run in .spec file in order to fix rpmlint check failure in Factory
-  Added:
-  quagga-0.99.23.tar.xz
-  quagga-0.99.23.tar.asc
-  Deleted:
-  quagga-0.99.22.1.tar.gz
-  quagga-0.99.22.1.tar.asc
-
-- fixed source url, added tar.asc and keyring url (unchecked)
-
-- Add return value for table_test.c.
-
-- Update to 0.99.22.1
-  major regressions:
-    ospfd: restore nexthop IP for p2p interfaces
-  minor fixes:
-    bgpd: fix lost passwords of grouped neighbors
-    lib/vty: register vtysh socket in server socket vector (BZ#754)
-    ospfd: fix LSA initialization for build without opaque LSA
-    ripd: correctly redistribute ifindex routes (BZ#664)
-  build issues:
-    build: fix minimal mixup in gitinfo suffix
-    build: reference libcap from libzebra (BZ#393,626)
-    build: update quagga.spec.in
-    doc: fix makeinfo errors and one warning
-    tests: make --disable-bgpd kill bgpd tests too
-    vtysh: fix false lib path matching in extract.pl.in
-
-- add makeinfo as explicit buildrequire
-
-- Update to 0.99.21
-  There are some major user-visible changes:
-  [bgpd] BGP multipath support has been merged
-  [bgpd] SAFI (Multicast topology) support has been extended to
-  propagate the topology to zebra.
-  [bgpd] AS path limit functionality has been removed
-  [babeld] a new routing daemon implementing the BABEL ad-hoc mesh
-  routing protocol has been merged.
-  [isisd] a major overhaul has been picked up. Please note that
-  isisd is STILL NOT SUITABLE FOR PRODUCTION USE.
-  [*] a lot of bugs have been fixed, please refer to the git log
-  The number of bugfixes and changes in this release is quite large
-  at 446 commits, though some commits are counted twice due to a
-  merge of Denis
-  Ovsienko's RE branch some time ago. (Previous releases had around
-  50 commits each.)
-- additional changes from 0.99.20.1
-  This is a security-fix release that addresses 3 pending CVEs, one
-  in bgpd and two in ospfd. The CVEs will be linked once released.
-- added quagga-0.99.21_isis_undefined_operations.patch:
-  fix compiler warning about undefined operations
-- a47c5838e9f445ab887ad927706b11ccbb181364.patch
-  Fix typo in isis topology code. Taken from git.
-- drop quagga-0.99.20-fix-bgpd-attr-memleak.patch:
-  Included upstream
-- added options to build tcp-zebra, irdp and pcre:
-  all enabled by default
-  pcre change might cause problems in edge cases with bgp
-  new buildrequires: pcre-devel
-- added option to build with isis and isis-topology:
-  disabled by default
-
-- Update package to quagga-0.99.20, remove stale patches.
-  added upstream patch to resolve a bgpd memleak
-
-- add libtool as buildrequire to avoid implicit dependency
-
-- DoS while decoding EXTENDED_COMMUNITIES in Quagga's BGP
-  [bnc#718062]
-
-- OSPFD DoS while decoding Link State Update [bnc#718061]
-
-- OSPFD DoS while decoding Hello packet [bnc#718059]
-
-- OSPF6D DoS while decoding Database Description packet
-  [bnc#718058]
-
-- OSPF6D buffer overflow while decoding Link State Update with
-  Inter Area Prefix Lsa [bnc#718056]
-
-- Fix bnc#680499, zebro and ripd won't start [bnc#680499]
-
-- fix CVE-2010-1674 and CVE-2010-1675 [bnc#654270]
-
-- mark /var/run/quagga as ghost, create it in initscript
-  [Fate#303793]
-
-- updated to 0.99.17 - fixes [bnc#634300]
-  bgpd:
-    fix handling of AS path data
-    tighten bounds checking in RR ORF msg reader
-  ospfd:
-    Only refresh external default route once.
-    Make sure ospf_distribute_list_update_timer() eventually runs.
-    Make sure all external routes are updated.
-  zebra:
-    fix infinite loop when deleting an interface
-  ospf6d:
-    Fix crash when '[no] ipv6 ospf6 advertise prefix-list' is in startup-config
-  isisd:
-    change ISIS_METHOD to use C preprocessor
-  other:
-    build: ignore mkinstalldirs and texinfo.tex
-    build: Add QuaggaId to README.NetBSD
-    build/extra: Enhance README.NetBSD make/gmake decision.
-    git: add pointers to out-of-tree work
-    git: add (generated) m4 files to .gitignore
-    Update for git and emphasize asking for good reports.
-    doc: fixed spelling in bgpd.texi
-
-- updated to 0.99.16
-  bgpd:
-    use monotonic clock for time of day
-    code cleanup
-    compile warnings cleanup
-    work around warning in assegments_parse()
-  ospfd:
-    fix debug messages that were masked by DISCARD_LSA
-    remove unneeded memset from a very hot function
-    VTY strings cleanup
-    comment out unused function
-    make local functions static
-    enable more OSPF cost command aliases
-  lib:
-    fix memory logging
-    make some structures constant
-    move check_bit into prefix common code
-    fix warning on little endian
-    make match functions take const args
-    remove unused function: route_dump_node()
-    log source of vty connections (bug #566)
-  zebra:
-    change router-id selection algo
-    deal with irdp compile warnings
-    cleanup RIB meta queue code
-    fix more warnings in rtadv
-    fix more compiler warnings
-    remove unused function to fix warning
-    handle RTF_CLONING removal from FreeBSD 8.0
-    fix argument reference in strncpy() call for BSD
-    fix RIB debug message for IPv6
-    make declaration const in rtm_flag_dump()
-    fix router advertisements for non-Ethernet link layer addresses
-  ospf6d:
-    remove dead code
-    fix warnings from recent prefix bit commit
-    review LSA sequence number comparison
-    fix LSA locking in ospf6_new_ls_id()
-  other:
-    ripd: fix compiler warnings
-    ripngd: compiler warnings cleanup
-    isisd: fix --enable-isis-topology for 64-bit Linux
-    isisd: fix BPF ioctl() calls, treat "true" and "false" as reserved
-    configure: fix spelling
-    configure: fix HAVE_CLOCK_MONOTONIC spelling
-
-- updated to 0.99.15
-  * bgpd:
-    fix md5 set on listen sockets
-    missing pieces from listener patch
-    Workaround for invalid MBGP next hop
-    Allow inbound connections to non-default view
-    fd leak in bgpd
-    Delete AS_CONFED_SEQUENCE when prepending an AS_SEQUENCE type segment
-    Implement BGP confederation error handling (RFC5065, Par. 5)
-    start listener on first instance
-    peer action table static/const
-    Restore ability of 'neighbor ... update-source' to take interface name
-  * ospfd:
-    Make sure priority is respected.
-    Tighten up the connected check for redistribution
-    fix performance problem with redistribute delete
-    Make sure route table is recalculated.
-    Make "Packet ... received on wrong link" conditional on debug
-    Change struct ospf_path *oi to ifindex.
-    Discriminate better when selecting links between vertices in SPF
-    Make ospf_if_lookup_recv_if() find the right unnumbered i/f
-    export ospf_if_table_lookup() and use it in ospf_network_run_interface()
-  * ospf6d:
-    bug #529, fix endianness problem in earlier commit
-  * ripd:
-    set IP TOS for control socket
-  * zebra:
-    do not touch socket before pidfile locking
-  * doc:
-    zebra.8 via Christian Hammers (#531)
-
-- updated to 0.99.14
-  * lib:
-    Fix IPv6 normalisation
-    Allow for large-file support, e.g. for log files >2GB
-  * zebra:
-    Silence noisy process_subq
-    RFC 4191 Default Router Preference support for router advertisements
-    linux policy routing support with ipv6
-    Static route does not reach kernel.
-  * bgpd:
-    Fix nexthop reachability check on confederations
-    fix typo made by paul in previous commit
-    Avoid zombie accepted peer entries
-    Small buffer overrun in bgp_clear_node_queue_init
-    Stability fixes including bugs 397, 492
-    Fix compiler warnings related to MD5
-    Bug #533: Fix crash with copy/pasted commands, inc 'no bgp ...'
-    Log a debug/update warning if filters are configured but don't exist
-    Add 'show ip bgp view WORD neighbors IP (advertised|received)-routes'
-    review 32-bit AS-path hotfix for 0.99.12
-    Fix "show ip bgp dampened-paths" garbage output.
-    Fixes to RFC2385/MD5 BGP
-  * ospfd:
-    Do not use stale Network/Router LSAs
-    compare ifIndex too when matching paths
-    external LSA route_unlock_node() fixes
-    Fix a few LSA performance "bugs"
-    discount IP header size from a new LSA pkt
-    cancel OSPF timer hack in nsm_change_state
-  * ospf6d:
-    Fix regression in monotonic time patch - LSA max-aging broke
-  * vtysh:
-    Save vtysh history to a file
-    Fix vtysh based "write term" output.
-  * doc:
-    Add "--disable-doc" to configure
-
-- updated to 0.99.13
-  * build:
-    [configure] fix check for GNU awk/gawk to abort ./configure if missing
-    [configure] add configure support for PCRE Posix library
-    [configure] Detect support for monotonic clock
-  * zebra:
-    [zebra] Force rib_update when connected route deleted
-    [zebra] Only announce connected routes if link is detected
-    [zebra] MTU is unsigned
-    [zebra] remove incorrect debug message
-    [zebra] Cleanup meta-queue code
-    [zebra] netlink interface minor cleanup
-    [zebra] Fix vyatta bug 2814: Add "show ip route summary" command.
-  * bgpd:
-    [bgpd] Fix 'update-source' command: It doesn't accept interface names
-    [bgpd] reference count the BGP instance
-    [bgpd] Add support for the old Linux 2.4, TCP_MD5_AUTH RFC2385 patch
-    [bgpd] Fixed as-path prepend/exclude ASN handling
-    [bgp] Fix crash on SIGHUP, deref of freed workqueues
-    [bgpd] 64-bit bugfix in community_del_val
-  * ospfd:
-    [ospfd] Fix OSPF route refcount leak
-    [ospfd] fix vty ospfd no ospf abr-type standard
-  * ospf6d:
-    Convert ospf6d over to quagga_gettime() wrappers.
-    [ospf6d] Remove 'no router' from OSPF6_NODE
-    [ospf6d] Fix ospf6d crash if removing interface with no area
-    [ospf6d] Fix ospf6d crash in show border routers
-    [ospf6] Add no router ospf6
-    [ospf6d] Fix ospf6d crash if range defined twice
-  * ripd:
-    [ripd] Ignore non-running interfaces in rip status
-    [ripd] Fix metrix in call to rip_zebra_ipv4_delete
-  * vtysh:
-    [vtysh] Add a --noerror option
-    [vtysh] Return non-zero exit code on error.
-    [vtysh] Make vtysh more useable for scripting
-    [vtysh] Force line buffered mode.
-  * misc:
-    [daemons/cleanup] Remove disabled log_mode argument support.
-    [lib] Put symbolic backtrace on system log
-    [lib] sockopt_tcp_signature: sin6 requires HAVE_IPV6
-    [smux] 64-bit fix for lib/smux.h SNMP_INTEGER() macro
-
-- updated to 0.99.12
-  * bgpd:
-    Fix bgp ipv4/ipv6 accept handling
-    [bgpd] AS4 bugfix by Chris Caputo
-    [bgpd] Add 'show bgp views' command
-    [bgpd] Allow accepted peers to progress even if realpeer is in Connect
-  * ospfd:
-    [lib] Move type cast in Fletcher checksum
-    [lib] Switch Fletcher checksum back to old ospfd version
-    Justified OSPF cost function names and added support for:
-    ospf cost <1-65535> A.B.C.D
-    no ospf cost <1-65535>
-  * library:
-    [lib] Fix timer precision.
-    [lib] fix missing sockunion_normalise_mapped
-  * vtysh:
-    [vtysh] Add commands from zebra_routemap.c to vtysh
-  * misc:
-    [build] tools/multiple-bgpd.sh should be in 'make dist'
-- added logrotate to Recommends
-- removed obsoleted patches:
-  * bgpd-asn-dos.patch (mainline)
-
-- fixed crash (DoS) in BGP daemon via an ASN elements
-  (bgpd-asn-dos.patch) [bnc#500540]
-
radamsa
+- Update to 0.6
+- Add ol.c.gz that it is needed to compile the code
+- Removed no more needed files
+
radcli
+- Update to version 1.3.1
+  * Modified the variable names so that they do not conflict with
+    generic and well known libraries.
+
raft
+- raft 0.17.1:
+  * not API compatible
+  * Correct quorum calculation that determines when it's safe to
+    apply a log entry
+  * Ensuring that a "known good" configuration is always available
+    to roll back to when a new configuration can't be committe
+  * Fix potential crashes when a Raft state transition occurs
+    during an asynchronous operation like writing to disk.
+
rem
+- Update to release 2.10.0
+  * draw: add pixel format YUYV422
+  * vidframe_draw_hline: add more formats
+  * vid: add support for YUV422P pixel format
+  * aubuf: avoid underflow of cur_sz
+  * cmake/pkgconfig: fix prefix variable
+
ristretto
+- Update to version 0.13.0
+  * New Features:
+  - Add print support (#1)
+  * Bug Fixes:
+  - editor-chooser: Expand tree view vertically
+  - properties-dialog: Update thumbnail on "ready" signal
+  - Fix remaining blurry icons when UI scale > 1
+  - thumbnailer: Properly support window scaling (#81)
+  - Revert "thumbnailer: Increase thumbnail sizes"
+  * Translation Updates
+
+- Update to version 0.12.4
+  * Bump requirements for Xfce 4.18
+  * Appearance Changes:
+  - thumbnailer: Increase thumbnail sizes (#81)
+  * Code Refactoring:
+  - build: Let xdt-depends.m4 macros set GLib macros
+  - flatpak: Update D-Bus permissions after changing file manager method
+  - flatpak: Updates from Flathub
+  - Remove duplicated RsttoMainWindow:device-scale property
+  * Bug Fixes:
+  - use-thunar-properties: Add & improve comments (!37)
+  - thumbnailer: Add a warning if D-Bus proxy creation failed
+  - Allow Xfconf initialization to fail (#19)
+  - thumbnailer: Add missing sanity checks
+  - Use a better-known bus name and object path for D-Bus proxy (#95, !36)
+  - Properly update iterator when browsing a list containing invalid files (#94)
+  - thumbnailer: Remove invalid files after processing thumbnail queue (#94)
+  * Translation Updates
+
rocksndiamonds
+- Update to version 4.3.4.0:
+  * added optional main menu button to directly show level set info
+  * added new, topic-related headlines for info screens
+  * added support for separate sound and music for info sub-screens
+  * added third tutorial level set “ncrtorial” by ncrecc
+  * improved some game element graphics in the level editor
+  * fixed some bugs
+- Changes in version 4.3.30:
+  * added showing score even if not added to local score file
+  * added CSS to fill browser window for Emscripten (browser) platform
+  * added support for “Home” and “End” keys to text gadgets
+  * added using setup option for displaying overlay touch buttons
+  * added level info config option to disable time limit for all levels
+  * added asking for uploading remaining tapes when enabling score server
+  * added alpha channel for anti-aliasing to element collecting image
+  * added command line option to select display to open program window on
+  * added resizing window instead of recreating it on window size changes
+  * added new animation mode “.global_anim_sync” for game element graphics
+  * added support for custom graphics for many elements of MM game engine
+  * added project files for Windows and Mac platforms
+  * added quality improved sound and music samples
+  * added support for multiple pages (files) for level set info
+  * added drawing sparkles when laser hits mirrors for MM engine
+  * added pausing tape after replaying not only for warp mode
+  * added setup option to continue recording after replaying tape
+  * fixed bug with leaving scores screen on Android platform
+  * fixed continuing from hall of fame after playing on Android platform
+  * fixed bug with broken text area content when editing envelope text
+  * fixed synchronization problem when configuring game controller
+  * fixed synchronization problem when configuring keyboard
+  * fixed bug when using different normal and deadly shield time
+  * fixed crash bugs when accessing invalid data in broken level files
+  * fixed code issues found by Cppcheck (static C/C++ code analysis tool)
+  * fixed code issues found by Clang with option “-fsanitize=undefined”
+  * fixed code issues found by GCC with option “-Wextra”
+  * fixed some bugs with tape handling
+  * Rebase rocksndiamonds-src_libgame_setup.c-CVE-2011-4606.patch
+
+- Update to version 4.3.2.1:
+  + The most important feature of this new release version is a new
+    screen in the “Hall of Fame” that shows some more details for
+    each score entry, together with the possibility to replay the
+    tapes for each score, which are loaded from the score server.
+
-- Add because are added or deleted patches
-
roundcubemail
+- update to 1.6.1
+  * Kill session if refreshing oauth token fails (#8734)
+  * Fix various PHP 8.1 warnings (#8628, #8644, #8667, #8656, #8647)
+  * Password: Remove references to %c variable that has been removed before (#8633)
+  * Fix anchor links in HTML mail (#8632)
+  * Fix bug where config creation in Installer did ignore options in the form (#8634)
+  * Fix bug where renamed options were removed from the config on
+    installto.sh (update.sh) run (#8643)
+  * Fix favicon rewrite rule in .htaccess (#8654)
+  * Fix various PHP 8.2 warnings
+  * Fix bug where it wasn't possible to create more than one response
+    record on SQLite and Postgres (#8664)
+  * Fix support for ManageSieve over implicit SSL (#8670)
+  * Fix bug where "about:blank" page could trigger "load error" (#8554)
+  * Fix bug where setting 'Clear Trash on Logout' to 'all messages'
+    didn't work (#8687)
+  * Fix bug where the attachment menu wouldn't disappear after an action
+    is selected (#8691)
+  * Fix bug where some dialogs in an eml attachment preview would not
+    close on mobile (#8627)
+  * Fix bug where multiline data:image URI's in emails were stripped
+    from the message on display (#8613)
+  * Fix fatal error on identity page if Enigma plugin is misconfigured (#8719)
+  * Fix so N property always exists in a vCard export (#8771)
+  * Fix authenticating to Courier IMAP with passwords containing
+    a '~' character (#8772)
+  * Fix handling of smtp/imap port options on configuration file
+    update (#8756)
+  * Fix bug where array values could not be saved in utils/save_pref
+    action (#8781)
+  * Add workaround for using Roundcube behind a reverse proxy with a
+    subpath: 'request_path' option (#8738, #8770)
+  * Fix bug where "Invalid skin name" error was logged on preferences
+    save if there's only one skin (#8825)
+  * Fix SIGBUS raised in ImageMagick when more than one process tried
+    to generate a thumbnail of the same image attachment (#8511)
+  * Fix bug where updater does not update the vendor packages (#8642)
+  * Fix missing mail composing textarea on reply/draft with a long
+    plain text content (#8866)
+
rpm-repos-openSUSE
+- Refresh GPG key link for Tumbleweed and add 2022 key for Leap (boo#1199184)
+
rubygem-actionpack-5_1
+- Add patch to fix CVE-2023-22795 (bsc#1207451)
+  0007-CVE-2023-22795.patch
+
+- Add patch to fix CVE-2023-22792 (bsc#1207455)
+  0006-CVE-2023-22792.patch
+
rubygem-activerecord-5_1
+- Add patch to fix CVE-2022-44566 (bsc#1207450)
+  CVE-2022-44566.patch
+
s390-tools
+- Applied the following patches (bsc#1208527, bsc#1206173)
+  * s390-tools-sles15sp5-01-zipl-boot-discard-.eh_frame-and-.interp-input-sectio.patch
+  * s390-tools-sles15sp5-02-zipl-boot-declare-that-no-executable-stack-is-requir.patch
+  * s390-tools-sles15sp5-03-zipl-boot-use-no-warn-rwx-segments-linker-flag.patch
+  * s390-tools-sles15sp5-04-zipl-boot-disable-build-id.patch
+  * s390-tools-sles15sp5-05-zipl-boot-simplify-objcopy-commands.patch
+  * s390-tools-sles15sp5-06-zipl-move-STAGE2_MAX_SIZE-and-STAGE1B_LOAD_ADDR-to-l.patch
+  * s390-tools-sles15sp5-07-zipl-boot-use-linker-scripts-for-all-bootloaders.patch
+  * s390-tools-sles15sp5-08-genprotimg-boot-declare-that-no-executable-stack-is-.patch
+  * s390-tools-sles15sp5-09-genprotimg-boot-use-no-warn-rwx-segments-linker-flag.patch
+  * s390-tools-sles15sp5-10-genprotimg-boot-disable-build-id.patch
+  * s390-tools-sles15sp5-11-genprotimg-boot-Makefile-simplify-objcopy-command.patch
+  * s390-tools-sles15sp5-12-genprotimg-boot-improve-linker-scripts.patch
+  * s390-tools-sles15sp5-13-genprotimg-boot-stage3b-add-size-check-to-the-linker.patch
+  * s390-tools-sles15sp5-14-genprotimg-boot-stage3b_reloc.bin-add-linker-script.patch
+  * s390-tools-sles15sp5-15-zipl-Embed-loader-data-directly-into-boot-object.patch
+
+- Implemented read_values -u. The result of -u is a unique identifier composed of:
+  * Machine Serial Number.
+  * LPAR Name.
+  * VM Name (can be optional).
+
safeeyes
+- Update to version 2.1.4:
+  * Simplify Debian installation instructions
+  * Ayatana Appindicator library
+  * Add smartpause support for swaywm
+  * Directly track running swayidle process
+  * Use HTTPS where users potentially open the URL in a browser
+  * check if using wayland via WAYLAND_DISPLAY env variable
+  * add support for python without gettext.bindtextdomain
+
salt
+- Update to Salt release version 3005.1 (jsc#PED-3042)
+- See release notes: https://docs.saltstack.com/en/latest/topics/releases/3005.1.html
+- Allow entrypoint compatibility for "importlib-metadata>=5.0.0" (bsc#1207071)
+- Add missing patch after rebase to fix collections Mapping issues
+- Prevent deadlocks in salt-ssh executions
+- Create new salt-tests subpackage containing Salt tests
+- Added:
+  * allow-entrypoint-compatibility-for-importlib-metadat.patch
+  * use-rlock-to-avoid-deadlocks-in-salt-ssh.patch
+- Modified:
+  * activate-all-beacons-sources-config-pillar-grains.patch
+  * add-amazon-ec2-detection-for-virtual-grains-bsc-1195.patch
+  * add-custom-suse-capabilities-as-grains.patch
+  * add-environment-variable-to-know-if-yum-is-invoked-f.patch
+  * add-migrated-state-and-gpg-key-management-functions-.patch
+  * add-publish_batch-to-clearfuncs-exposed-methods.patch
+  * add-salt-ssh-support-with-venv-salt-minion-3004-493.patch
+  * add-sleep-on-exception-handling-on-minion-connection.patch
+  * add-standalone-configuration-file-for-enabling-packa.patch
+  * add-support-for-gpgautoimport-539.patch
+  * add-support-for-name-pkgs-and-diff_attr-parameters-t.patch
+  * align-amazon-ec2-nitro-grains-with-upstream-pr-bsc-1.patch
+  * allow-vendor-change-option-with-zypper.patch
+  * async-batch-implementation.patch
+  * avoid-excessive-syslogging-by-watchdog-cronjob-58.patch
+  * bsc-1176024-fix-file-directory-user-and-group-owners.patch
+  * change-the-delimeters-to-prevent-possible-tracebacks.patch
+  * clarify-pkg.installed-pkg_verify-documentation.patch
+  * control-the-collection-of-lvm-grains-via-config.patch
+  * debian-info_installed-compatibility-50453.patch
+  * detect-module.run-syntax.patch
+  * dnfnotify-pkgset-plugin-implementation-3002.2-450.patch
+  * do-not-load-pip-state-if-there-is-no-3rd-party-depen.patch
+  * don-t-use-shell-sbin-nologin-in-requisites.patch
+  * drop-serial-from-event.unpack-in-cli.batch_async.patch
+  * early-feature-support-config.patch
+  * enable-passing-a-unix_socket-for-mysql-returners-bsc.patch
+  * enhance-openscap-module-add-xccdf_eval-call-386.patch
+  * fix-bsc-1065792.patch
+  * fixes-for-python-3.10-502.patch
+  * fix-for-suse-expanded-support-detection.patch
+  * fix-issue-2068-test.patch
+  * fix-missing-minion-returns-in-batch-mode-360.patch
+  * fix-ownership-of-salt-thin-directory-when-using-the-.patch
+  * fix-regression-with-depending-client.ssh-on-psutil-b.patch
+  * fix-salt-ssh-opts-poisoning-bsc-1197637-3004-501.patch
+  * fix-salt.states.file.managed-for-follow_symlinks-tru.patch
+  * fix-salt.utils.stringutils.to_str-calls-to-make-it-w.patch
+  * fix-state.apply-in-test-mode-with-file-state-module-.patch
+  * fix-test_ipc-unit-tests.patch
+  * fix-the-regression-for-yumnotify-plugin-456.patch
+  * fix-traceback.print_exc-calls-for-test_pip_state-432.patch
+  * fopen-workaround-bad-buffering-for-binary-mode-563.patch
+  * ignore-erros-on-reading-license-files-with-dpkg_lowp.patch
+  * ignore-extend-declarations-from-excluded-sls-files.patch
+  * ignore-non-utf8-characters-while-reading-files-with-.patch
+  * include-aliases-in-the-fqdns-grains.patch
+  * include-stdout-in-error-message-for-zypperpkg-559.patch
+  * info_installed-works-without-status-attr-now.patch
+  * let-salt-ssh-use-platform-python-binary-in-rhel8-191.patch
+  * make-aptpkg.list_repos-compatible-on-enabled-disable.patch
+  * make-pass-renderer-configurable-other-fixes-532.patch
+  * make-setup.py-script-to-not-require-setuptools-9.1.patch
+  * make-sure-saltcacheloader-use-correct-fileclient-519.patch
+  * normalize-package-names-once-with-pkg.installed-remo.patch
+  * pass-the-context-to-pillar-ext-modules.patch
+  * prevent-affection-of-ssh.opts-with-lazyloader-bsc-11.patch
+  * prevent-pkg-plugins-errors-on-missing-cookie-path-bs.patch
+  * prevent-shell-injection-via-pre_flight_script_args-4.patch
+  * read-repo-info-without-using-interpolation-bsc-11356.patch
+  * restore-default-behaviour-of-pkg-list-return.patch
+  * retry-if-rpm-lock-is-temporarily-unavailable-547.patch
+  * return-the-expected-powerpc-os-arch-bsc-1117995.patch
+  * revert-fixing-a-use-case-when-multiple-inotify-beaco.patch
+  * run-salt-api-as-user-salt-bsc-1064520.patch
+  * run-salt-master-as-dedicated-salt-user.patch
+  * save-log-to-logfile-with-docker.build.patch
+  * set-default-target-for-pip-from-venv_pip_target-envi.patch
+  * state.apply-don-t-check-for-cached-pillar-errors.patch
+  * state.orchestrate_single-does-not-pass-pillar-none-4.patch
+  * switch-firewalld-state-to-use-change_interface.patch
+  * temporary-fix-extend-the-whitelist-of-allowed-comman.patch
+  * update-target-fix-for-salt-ssh-to-process-targets-li.patch
+  * use-adler32-algorithm-to-compute-string-checksums.patch
+  * use-salt-bundle-in-dockermod.patch
+  * x509-fixes-111.patch
+  * zypperpkg-ignore-retcode-104-for-search-bsc-1176697-.patch
+- Removed:
+  * 3003.3-do-not-consider-skipped-targets-as-failed-for.patch
+  * 3003.3-postgresql-json-support-in-pillar-423.patch
+  * add-missing-ansible-module-functions-to-whitelist-in.patch
+  * add-rpm_vercmp-python-library-for-version-comparison.patch
+  * adds-explicit-type-cast-for-port.patch
+  * backport-syndic-auth-fixes.patch
+  * batch.py-avoid-exception-when-minion-does-not-respon.patch
+  * check-if-dpkgnotify-is-executable-bsc-1186674-376.patch
+  * do-not-crash-when-unexpected-cmd-output-at-listing-p.patch
+  * enhance-logging-when-inotify-beacon-is-missing-pyino.patch
+  * fix-62092-catch-zmq.error.zmqerror-to-set-hwm-for-zm.patch
+  * fix-crash-when-calling-manage.not_alive-runners.patch
+  * fixes-56144-to-enable-hotadd-profile-support.patch
+  * fix-exception-in-yumpkg.remove-for-not-installed-pac.patch
+  * fix-for-cve-2022-22967-bsc-1200566.patch
+  * fix-inspector-module-export-function-bsc-1097531-481.patch
+  * fix-ip6_interface-grain-to-not-leak-secondary-ipv4-a.patch
+  * fix-issues-with-salt-ssh-s-extra-filerefs.patch
+  * fix-jinja2-contextfuntion-base-on-version-bsc-119874.patch
+  * fix-multiple-security-issues-bsc-1197417.patch
+  * fix-salt-call-event.send-call-with-grains-and-pillar.patch
+  * fix-the-regression-in-schedule-module-releasded-in-3.patch
+  * fix-wrong-test_mod_del_repo_multiline_values-test-af.patch
+  * force-zyppnotify-to-prefer-packages.db-than-packages.patch
+  * implementation-of-held-unheld-functions-for-state-pk.patch
+  * implementation-of-suse_ip-execution-module-bsc-10999.patch
+  * improvements-on-ansiblegate-module-354.patch
+  * mock-ip_addrs-in-utils-minions.py-unit-test-443.patch
+  * notify-beacon-for-debian-ubuntu-systems-347.patch
+  * refactor-and-improvements-for-transactional-updates-.patch
+  * support-transactional-systems-microos.patch
+  * wipe-notify_socket-from-env-in-cmdmod-bsc-1193357-30.patch
+
sbcl
+- Update to version 2.3.1
+  * sb-graph has been removed. To visualize IR1 in sbcl, it is recommended to
+    use the function IR1-TO-DOT (which only survives the final tree shake if
+    the feature :sb-devel is enabled at build time).
+  * platform support:
+  * * implement some peephole optimizations on arm64;
+  * * support float traps on arm64;
+  * bug fix: package-manipulation operations within fasls work as expected in
+    the absence of explicit block compilation requests.  (lp#2000004, reported
+    by Shubhamkar Ayare)
+  * bug fix: incorrect type simplification of certain CONS types.
+    (lp#1999352, reported by Paul Dietz)
+  * bug fix: method combination group selection interprets the symbol * as
+    a wildcard element within proper qualifier-pattern lists.  (reported by
+    Maciej Katafiasz and by Daniel Kochmański)
+  * bug fix: &WHOLE can be used without error in define-method-combination
+    arguments lambda lists.  (reported by Daniel Kochmański)
+  * bug fix: bogus debug variables generated for closure variables whose value
+    cell had not yet been allocated could cause segfaults and gc crashes
+    (reported by _death on #sbcl)
+  * bug fix: handling of float NaNs in two-arg numeric comparison functions is
+    more consistent with the required semantics in IEEE 754 when comparing
+    with rationals.
+  * bug fix: ensure that the hide-packages test passes even when the system
+    retains internal cross-reference metadata.  (lp#2002896, reported by 3b)
+  * bug fix: don't trip an internal assertion in weak hash tables with
+    finalizers.  (lp#1998064)
+  * optimization: load-time only code is no longer retained at runtime when
+    functions close over top level bindings.
+  * optimization: GO and RETURN-FROM now elide out-of-extent tag checks when
+    the compiler can prove it's safe even on high safety.
+  * optimization: addition of a fixnum to a bignum generates less garbage.
+  * optimization: in many cases, type inference and code generation is
+    improved for and around numerical comparison functions.
+
+- Update to version 2.3.0
+  * enhancement: support for SLOT-VALUE and friends has been extended to
+    structure and condition instances.
+  * enhancement: the error message for invalid array index conditions is clearer.
+    (lp#1999337, reported by Hadrien Lacour)
+  * minor incompatible change: COMPILED-FUNCTION-P now returns false for
+    generic functions.
+  * minor incompatible change: the compiler emit STYLE-WARNING conditions for
+    FIND and POSITION where the item sought can never be present in the
+    sequence.
+  * optimization: support computing the remainder of a constant division by
+    multiplication.
+  * optimization: faster out of line float truncation routines.
+  * optimization: faster RATIONAL on 64-bit platforms.
+  * optimization: more compact testing of widetags on x86-64 and arm64.
+  * bug fix: type intersections of RATIONAL ranges with (NOT INTEGER) are
+    computed more consistently.  (lp#1998008)
+  * bug fix: fix miscompilation of integer/fixnum comparisons where both
+    arguments are on the stack.
+
scap-security-guide
+- updated to 0.1.66 (jsc#ECO-3319)
+   - Ubuntu 22.04 CIS
+   - OL7 stig v2r9 update
+   - Bump OL8 STIG version to V1R4
+   - Update RHEL7 STIG to V3R10
+   - Update RHEL8 STIG to V1R9
+   - Introduce CIS RHEL9 profiles
+- also various SUSE profile fixes were done
+
scintilla
+- Update to version 5.3.2:
+  - Add SCI_REPLACETARGETMINIMAL to change text without causing
+    unchanged prefix and suffix to be marked as modified in change
+    history.
+  - Draw background colour for EOL annotations with standard and
+    boxed visuals.
+  - Add SCI_GETSTYLEDTEXTFULL to support 64-bit document positions
+    on Win32 replacing SCI_GETSTYLEDTEXT which is not safe for
+    huge documents. Feature #1455.
+  - Send SCN_AUTOCCOMPLETED for SCI_AUTOCSHOW triggering insertion
+    because of SCI_AUTOCSETCHOOSESINGLE mode. Feature #1459.
+  - Change 'paragraph up' commands SCI_PARAUP and SCI_PARAUPEXTEND
+    to go to the start position of the paragraph containing the
+    caret. Bug #2363.
+  - Change release compilation optimization option to favour speed
+    over space. -O2 for MSVC and -O3 for gcc and clang.
+  - On Qt, implement SCI_SETRECTANGULARSELECTIONMODIFIER for all
+    platforms.
+  - On Qt, allow string form XPM images for SCI_REGISTERIMAGE.
+- Minor refreshing of scintilla-shared.patch to apply cleanly.
+
scite
+- Update to version 5.3.2:
+  * Change release compilation optimization option to favour speed
+    over space
+- Minor rebase scite-use-system-scintilla.patch for update.
+
scout
+- Update to version 0.2.7+20230124.b4e3468:
+  * Bump version to v0.2.7
+  * allow multiple baseurls in repo file
+  * remove deprecated class
+  * Translated using Weblate (Macedonian, German, Ukrainian)
+
+- Update to version 0.2.6+20211130.022a45c:
+  * Fix finding packages from repo with / in name
+  * Translated using Weblate (French, Slovak, Spanish)
+
+- Update to version 0.2.5+20210424.3bff388:
+  * Work with newer python3-rpm
+
+- Rename command-not-found to scout-command-not-found and add command-not-found provides
+
+- Update to version 0.2.4+20210325.6c2d9f3:
+  * Fix output of cnf ambiguous install (boo#1183980)
+  * Translated using Weblate (Indonesian, Catalan)
+  * Stop ignoring exceptions
+
+- Update to version 0.2.3+20200115.5b1005a:
+  * Bump version to 0.2.3
+  * Return success if found
+  * Update docs
+  * cnf: allow to install found package
+  * Translated using Weblate (Finnish, Estonian, Norwegian Nynorsk)
+
sevctl
+- Set cargo_vendor update param to false to bypass upstream semvar issues
+
shairport-sync
+- update to 4.1.1:
+  * This release consists of enhancements and bug fixes to Version 4.1. For
+    information on the new features of 4.1, including AirPlay 2 support,
+    please refer to the 4.1 Release Note.
+  Enhancements
+  * Use the TCP keepalive facility to close a play session if the client
+    connection drops for a minute.
+  Metadata Enhancements
+  * Add FramePosition (phbt), FirstFramePosition (phb0), OutputRate (ofps),
+    OutputFormat (ofmt), StreamType (styp), ServiceName (svna), ClientName
+    (snam) properties to the D-Bus interface and to the metadata stream
+    (codes in brackets).
+  * FramePosition/FirstFramePosition metadata is generated only if the
+    progress_interval in the metadata section of the configuration file is
+    non-zero. The progress interval can also be set by a new
+    SetFramePositionUpdateInterval method in the D-Bus interface.
+  * FramePosition/FirstFramePosition metadata is of the form <RTP Frame
+    number>/<Local Time> where the local time, in nanoseconds (a 64-bit
+    number), is the precise time that frame should be played. The metadata
+    is generated when the frame is placed in the output buffer, and is thus
+    generated audio_backend_buffer_desired_length_in_seconds (usually 0.2
+    seconds) before the time in question.
+  * Add xesam:albumArtist and xesam:composer metadata (if available) to the
+    metadata bundle presented in the D-Bus interface.
+  * Add a new metadata item: sps:songdatakind, derived from the asdk
+    metadata token, to the metadata bundle presented in the D-Bus interface.
+    If 0 it seems to indicate an item of a specific duration such as an
+    audio track; if 1 it seems to mean the stream is of unknown duration,
+    for example an internet radio stream.
+  Bug Fixes
+  * Fix a bug that prevented multiple classic AirPlay instances being
+    recognised. The bug was that the 12-digit classic AirPlay service name
+    prefixes for each instance were all identically derived from a MAC
+    hardware address. The fix was to modify the generation of  prefixes to
+    depend on the service name as well as the hardware address.
+  * Fix a bug that prevented play to the the PulseAudio backend from
+    resuming after a pause. The bug was due to changes in the way pauses
+    were handled and the fix was to reopen the stream if it is closed
+    whenever a play or latency request was made.
+  * Fix a long-standing bug which didn't close the socket used for the RTSP
+    connection, potentially exhausting the sockets available.
+  * Fix a bug in audio_alsa.c when there is no hardware device name.
+  * Add a configuration check for the xxd program when building for AirPlay
+    2.
+  * Fix a compilation bug on certain platforms by trying to use AC_CHECK_LIB
+    to find libavcodec if the PKG_CHECK_MODULES check fails.
+
+- Update version to 4.1
+  * AirPlay 2 support
+  * Improved libao backend for better compatibility with HomeBrew installations
+  * Improved MQTT and D-Bus facilities
+  * Metadata improvements
+  * Automatically-generated Docker images
+
smpeg
+- Use BuildRequires pkgconfig(sdl), fixes building for openSUSE Leap
+- Run spec-cleaner
+
sof-firmware
+- Update to version 2.2.3:
+  ADL-N FW binary and topology updates for ADL/RPL/ICL
+- Update to version 2.2.4:
+  New topology binaries for RPL/ADL/JSL
+- Fix modalias for ACPI (bsc#1207211)
+
source-highlight
-- Replace ctags hard requirement with a recommendation for
-  libsource-highlight, fixes bsc#1193401
-- Run spec-cleaner
-
-- Add GCC 11 compatibility fix:
-  * 0001-Remove-throw-specifications.patch
-- Update source-highlight-doxygen_disable_timestamp_in_footer.patch
-  to allow using %autosetup
-
-- Do not use keyring for now as key signing key is not properly
-  published
-- Modernise spec-file and simplify depenency conditionals
-
-- restore keyring as sig is available from upstream
-
-- update to 3.1.9:
-  * changed esc.style to work better with dark theme terminals
-  * updated C and C++ to more recent standards
-  * fixed zsh.lang
-  * added new Python keywords
-  * added Rust
-  * added ixpe
-  * added vim
-- remove keyring as sig no longer is available
-
+- Build with graphiz-gnome, needed for png support in dot
+
+- update to 3.1.7:
+  * language definition for Lilypond
+  * language definition for R statistics programming language
+  * language definition for ISLISP
+  * improved Erlang definition file
+  * new output format: ESC 256 ascii code
+
+- remove explicit lib requires that are even wrong in parts
+
+- format sources to readd preamble
+
+- patch license to follow spdx.org standard
+
spi-tools
+- update to 1.0.2:
+  * fix homepage url
+  * Parameter for SPI_IOC_WR_LSB_FIRST ioctl is {0, 1}.
+  * Documentation fixes
+
spice-vdagent
+- Drop allow-enable-on-boot-spice-vdagentd.service.patch. udev takes
+  care of this already.
+- Don't call systemctl enable in %post, that's what presets are for.
+- Add 0001-Switch-to-spice-vdagent.service-by-default.patch to allow
+  use of spice-vdagent.service
+
sqlcipher
+- update to 4.5.3:
+  * Updates baseline to upstream SQLite 3.39.4
+
squirrel
+- update to 3.2 (bsc#1201974, CVE-2021-41556):
+  * added new inline bind env syntax for closures
+  * added sq_tailcall
+  * added rawcall keyword
+  * added post call initializer syntax
+  * added table.keys() and table.values()
+  * added table.filter()
+  * added skipempty in split()
+  * additional parameters in array.map() and array.apply()
+  * additional optional initializer in array.reduce()
+  * added sqstd_pushstringf and sqstd_throwerrorf
+  * closure.call() is now a "native tailcall" and the invoked function can now be suspended
+  * fixed sq_newmember and sq_rawnewmember properly pop parameters
+  * fixed capturing free variable on for loop counter before a break statement
+  * fixed \u in lexer
+  * various bugfixes
+  * sq_gettypetag doesn't set last error(it's treated as SQBool function but keeps a SQRESULT for backward compatibility)
+  * fixed _set method in userdata delegates
+  * fixed some warnings
+- drop squirrel-aliasing.patch, squirrel-ptr_conversion.patch (upstream)
+
-- Add copyright to spec file.
-
sssd
+- Fix build with MIT 1.20; Add patch
+  0004-BUILD-Accept-krb5-1.20-for-building-the-PAC-plugin.patch
+
st
+- update to 0.9:
+  * avoid potential UB when using isprint()
+  * make underlines and strikethroughs respect `chscale`
+  * Delay redrawals on palette changes
+  * 10/SGR mouse: use alt as meta key instead of super/windows key
+  * Fix mousereport
+  * Fix overtyping wide characters.
+  * Fix null pointer access in strhandle
+  * Add support for OSC color sequences
+  * Fix possible rare crash when Xutf8TextPropertyToTextList fails
+  * fix a problem that the standard streams are unexpectedly closed
+  * Add 14th bit to XK_SWITCH_MOD bitmask
+  * fix: correctly encode mouse buttons >= 8 in X10 and SGR mode
+  * ST: Add WM_ICON_NAME property support
+- add compose-buffer-overflow.patch
+
stress-ng
+- update to 0.15.2:
+  * test/test-float.c: Avoid tickling an implicit int error
+  * test-aligned-alloc: Define _GNU_SOURCE for the aligned_alloc prototype
+  * test-fchmodat: Include <sys/stat.h> for the fchmodat prototype
+  * test-pidfd-getfd: Include <syspidfd.h> if available for pidfd_getfd
+  * rework stress_strnrnd()
+  * stress-signest: disable alternative stack before unmap
+  * Makefile: bump verison, update to new code name
+  * stress-forkheavy: cast mmap return to same type as pointer metrics
+  * stress-fp: disable float128 for OpenBSD
+  * stress-fp: disable float80 due to unresolved division by zero SIGFPEs
+  * core-shared-heap: cast void * ptt to uintptr_t to clean up icc build
+    warning
+  * stress-matrix-3d: remove redundant redeclaration of variable j
+  * stress-matrix: remove redundant redeclaration of variable j
+  * stress-efivar: rename varname to get_varname to avoid name shadowing
+  * stress-fp: add fp rates into metrics output, increase metrics to 24
+    slots
+  * stress-fp: only count bogo-ops for float, double, long double
+  * core-helper: silence a spurious gcc warning
+  * stress-str: replace search for _ with +
+  * README.md: update number of stressors
+  * stress-fp: exercise various floating point values with +, *, /
+    operations
+  * stress-branch: add yield call for SH4 to allow it to be interrupted
+  * stress-pci: add locking around PCI memory rate stats
+  * stress-ipsec-mb: add locking around statistics being dumped in debug
+  * core-shared-heap: ensure offset is always aligned to natural pointer
+    alignment
+  * stress-fault: restore signal handlers at end of stressor loop
+  * stress-bad-altstack: replace STRESS_MINSIGSTKSZ with static size_t
+    stress_minsigstksz
+  * core-shared-heap: only report shared heap usage if it has been used
+  * core-mwc: add stress_mwc*modn() functions for modulo'd range
+  * core-builtin.h: convert macros into inline functions
+  * stress-*: voidify return from snprintf
+  * stress-str: fix prototype for test_strcpy_t
+  * stress-list: evaluate entry->value ^ rnd before passing it into a macro
+  * stress-wcs: add missing strdsc for stress_wcscpy testcase
+  * core-shared-heap: add strdup for shared description metrics string
+  * stress-ng: replace size of on index element j with 0
+  * stress-ng.h: divide by size of make allocator bitmap elements instead
+    of 8
+  * stress-cpu: use a clang builtin for reversing bits
+  * core-hash: replace hash_rol_uint32 with shim_rol32n
+  * stress-wcs: remove variable failed, use info.failed instead
+  * stress-str: bundle wcs function args into a struct, improves run time
+  * stress-wcs: bundle wcs function args into a struct, improves run time
+  * core-hash: use builtin rotate macros for rotating values
+  * core-builtin: re-work rotate helpers, add generalised rotate
+    left/right macros
+  * stress-list: use builtin shim_ror64
+  * stress-resources: free resources before child exit
+  * core-helper: fix stack size for non-first calls (incorrect cached value)
+  * stress-pci: print PCI config and resource space read rates
+  * core-helper: fix typo on STRESS_MAXIMUM macro
+  * core-cache: Add 32 bit variants of 64 bit hashes
+  * core-hash: add more comments to explain the nuances of memcpy
+  * core-hash: xorror64: cast len to uint64_t before flipping bits
+  * core-helper: simplify stack size calculations using STRESS_MAXIMUM macro
+  * core-helper: limit iterations on stress_get_prime64
+  * stress-priv-instr: remove extraneous ) for SPARC (again)
+  * stress-priv-instr: remove extraneous ) for SPARC
+  * stress-mlock: fix typo on time function
+  * stress-judy: move judy_ops array to function scope
+  * core-resources: clean up code, voidify, constify, misc cleanups
+  * stress-dirdeep: only report directories being deleted if it is taking
+    a while to complete
+  * stress-dirdeep: remove commented out cruft.
+  * stress-evivar: ignore ioctl FS_IOC_SETFLAGS error return
+  * stress-sigio: use metrics interface to report SIGIOs per sec
+  * stress-malloc: add missing tab
+  * stress-judy: add judy insert/find/delete rate metrics
+
+- update to 0.15.01:
+  * stress-tlb-shootdown: fix missing temporary directory removal
+  * stress-priv-instr: handle SIGBUS as SIGILL for FreeBSD
+  * stress-procfs: rename shadowed variable offset to mem_offset
+  * stress-brk: cast uint8_t ptr to void * for munmap
+  * stress-syscall: remove redundant initialization of variable max
+  * kernel-coverage: add two more stack stressor options
+  * stress-stack: add a new --stack-unmap option to unmap pages in stack
+  * stress-brk: regularly unmap pages in heap to create many heap mappings
+  * stress-pagemove: fix modulo of negative issue causing page check
+    failure
+  * stress-procfs: clean up off_t and ptr cast warnings
+  * stress-priv-instr: add support for aarch64
+  * stress-far-branch: set base to 0, remove mask
+  * stress-priv-instr: fix swapped size and fd args to mmap
+  * stress-priv-instruct: fix typo: HAVE_ASM_S390_PTLV -> HAVE_ASM_S390_PTLB
+  * stress-priv-instr: onlt log unhandled instructions info if any ops are
+    not trapped
+  * stress-priv-instr: add privileged instruction stressor
+  * stress-x86cpuid: fix short help message
+  * stress-*, core-*: Fix uname success check for Solaris/OpenHipster
+  * stress-x86cpuid: stressor does not verify, so set VERIFY_NONE
+  * stress-rdrand: reduce number of loops to avoid timeout overrun
+  * stress-x86cpuid: remove trailing spaces after comments
+  * stress-ng: free names[i] at first opportunity
+  * stress-syscall: clean up some valgrind uninitialized memory warnings
+  * stress-syscall: set threshold based on total available syscall tests
+  * stress-syscall: add restart_syscall system call
+  * stress-x86cpuid: add some more CPUID leaf types
+  * stress-nop: add some more x86 long nops, add metrics
+  * core-thermal-zone: move scope of total and count, add division by zero
+    check
+  * stress-*: add missing space between + operator
+  * Manual: update contributors
+  * stress-x86cpuid: replace ns with nanosecs in metrics
+  * stress-fault: double major faults using madvise PAGE_OUT where
+    possible
+  * stress-fault: triple minor page faults using MADV_DONTNEED where
+    available
+  * stress-tlb-shootdown: double TLB read/writes and misses
+  * stress-x86cpuid: more cpuid method for cpu stressor and make new
+    stressor
+  * stress-touch: add spacing between list of touch opts
+  * stress-softlockup: remove redundant fflush call
+  * stress-open: add open duration metrics
+  * stress-*: use pr_inf_skip for skipped stressor messages
+  * stress-nanosleep: add option --nanosleep-threads
+  * core-hash: align primes lookup table, slight improvement
+  * README.md: add another research paper citation
+  * stress-peterson: add note describing cache alignment optimization
+  * stress-dekker: add note describing cache alignment optimization
+  * stress-*: replace various empty signal handlers with
+    stress_sighandler_nop
+  * stress-page-swap: only define stress_pageswap_count_paged_out when
+    required
+  * stress-far-branch: move #endif to end of correct function
+  * stress-far-branch: only define stress_far_mmap_try32 if required
+  * stress-sysfs: add sys_skip_paths array for paths to skip reading
+  * stress-rdrand: remove metrics from debug, they are in the metrics
+    output
+  * stress-urandom: add random read rate metrics
+  * stress-remap: add remap page metrics
+  * stress-pageswap: add duration per page swapout metrics
+  * stress-mutex: add mutex locking rate metrics
+  * stress-mergesort: style: replace ptr+1 with ptr + 1
+  * stress-memhotplug: add metrics reporting for successful
+    offline/online operations
+  * stress-dekker: add cache friendly padding in mutex and counters
+  * stress-peterson: add cache friendly padding in mutex and counters
+  * stress-peterson: add mutex duration metrics
+  * stress-dekker: add mutex duration metrics
+  * stress-cpu-online: add offline/online duration metrics
+  * stress-munmap: use __builtin_clzl for faster log2(n) calculation
+  * stress-idle-page: fix comment description of stressor
+  * stress-far-branch: report that architecture may not be supported
+  * stress-far-branch: trim stride to minimum size, add ppc6le
+    implementation
+  * stress-dentry: remove empty tabbed line
+  * stress-fifo: add --fifo-data-size option to specify the data
+    read/write size
+  * stress-dup: add dup call duration metrics
+  * stress-dentry: add some dentry create/access/unlink metrics
+  * stress-brk: add sbrk page expand/shrink metrics
+  * stress-binderfs: add mount/umount duration metrics
+  * stress-bind-mount: add mount/umount duration metrics
+  * stress-sockpair: add metrics for socketpair call rate and write rates
+  * stress-sockpair: add potential sockpair sk leak test
+  * stress-vm: add a checkboard method
+  * stress-procfs: make helper function stress_proc_scandir static
+  * stress-stream: remove redundant casts
+  * stress-ng: move declaration of pointer munged
+  * stress_vm: replace stress_vm_popcount with stress_vm_count_bits8
+  * stress-cpu/vm: use builtin popcount where available
+  * stress-ng.h: make ALIGNED macro a no-op for Minix (wrong number of
+  * stress-vm: fill memory from a 32 bit Galois linear feedback shift
+    register
+  * Manual: fix spelling mistake "iterively" -> "iteratively"
+  * stress-far-branch: re-work mmap handling for 32 bit and improved random
+    mmaps
+  * stress-sparsematrix: add a splay tree implementation to the mix
+  * stress-procfs: sanity check /proc/self/mem
+  * stress-mmap: attempt to name VMA using prctl
+  * workflows: unset env for Trivy upload
+  * workflows: set env for Trivy
+  * workflows: set correct name for env
+  * workflows: append env setting into $GITHUB_ENV
+  * workflows: add missing ) at end of expression
+  * workflows: fix IMAGE_REPOSITORY env setting
+  * stress-shm: move /dev/shm check to earlier in the setup phase
+  * stress-shm: skip stressor if /dev/shm is not mounted with tmpfs on
+    linux
+  * stress-sysfs: check for zero sysfs entries after pruning the directory
+
sudo
+- Added sudo-fix_NULL_deref_RunAs.patch
+  * bsc#1206483
+  * Fix a situation where "sudo -U otheruser -l" would dereference
+    a NULL pointer.
+
+- Added sudo-CVE-2023-22809.patch
+  * CVE-2023-22809
+  * bsc#1207082
+  * Prevent '--' in the EDITOR environment variable which can allow
+    users to edit sensitive files as root.
+
surgescript
+- Fix building for openSUSE Leap: using gcc11-c++
+
+- update to 0.5.6.1:
+  * Tweaks to the build system
+
syncthing
+- Update to 1.23.1
+  * Bugfixes:
+    [#8325]: "accept: function not implemented" after upgrading to syncthing v1.20.1
+
+- Update to 1.23.0
+  * Bugfixes:
+    [#8572]: Incorrect rescan interval on auto accepted encrypted folder
+    [#8646]: Perhaps the list of devices contains empty elements
+    [#8686]: Properly indicate whether a connection is "LAN" or not in the GUI
+
systemd
+- Drop a workaround related to systemd-timesyncd that addressed a Factory issue.
+
+- Conditionalize the use of /lib/modprobe.d only on systems with split usr
+  support enabled (i.e. SLE).
+
+- Import commit 119740915155d473de087bd633ba62c1c3e47d36 (merge of v249.15)
+  For a complete list of changes, visit:
+  https://github.com/openSUSE/systemd/compare/1bfa716e7fb6d7169cece864e75dfe9e52914c99...119740915155d473de087bd633ba62c1c3e47d36
+
+- Make use of the %systemd_* rpm macros consistently. Using the upstream
+  variants will ease the backports of Factory changes to SLE since Factory
+  systemd uses the upstream variants exclusively.
+
+- machines.target belongs to systemd-container, do its init/cleanup steps from
+  the scriptlets of this sub-package.
+
+- Make sure we apply the presets on units shipped by systemd package
+
+- systemd-testsuite: move the integration tests in a dedicated sub directory.
+
+- Move systemd-cryptenroll into udev package.
+
systemd-presets-common-SUSE
-- enable ignition-delete-config by default (bsc#1199524)
+- Enable spice-vdagent.service and xdg-user-dirs.service by default
+  (boo#1201728)
+
+- Enable systemd-pstore.service by default (jsc#PED-2663)
+
+- enable user side autostart of drkonqi socket (bsc#1203493).
-- Add the wireplumber user service preset to enable it by default
-  in SLE15-SP4 where it replaced pipewire-media-session, but keep
-  pipewire-media-session preset so we don't have to branch the
-  systemd-presets-common-SUSE package for SP4 (boo#1200485)
+- enable ignition-delete-config by default (bsc#1199524)
+
+- Enable appstream-sync-cache.service by default(bsc#1197684).
+- Replace the pipewire-media-session preset with a wireplumber
+  user service preset to enable it by default (bsc#1200485).
+
+- Haveged as a daemon is no longer required since kernel 5.6
+  do not enable by default.
+
+- To make update of package man work with its new upstream timer
+  and service units both called man-db enable also man-db.timer
+
tar
+- Fix CVE-2022-48303, tar has a one-byte out-of-bounds read that
+  results in use of uninitialized memory for a conditional jump
+  (CVE-2022-48303, bsc#1207753)
+  * fix-CVE-2022-48303.patch
+- Fix hang when unpacking test tarball, bsc#1202436
+  * remove bsc1202436.patch
+  * bsc1202436-1.patch
+  * bsc1202436-1.patch
+
tdom
+- bsc#1207959: Install binaries and scripts under %tcl_archdir
+- Obsoletes install-libraries-libdir.patch
+
telegraf
+- Update to version 1.25.1:
+  * Telegraf v1.25.1
+  * Update changelog for v1.25.1
+  * Update build_version.txt for v1.25.1
+  * fix(inputs.opcua): fix opcua and opcua-listener for servers using password-based auth (#12529)
+  * fix(inputs.prometheus): Set the timeout for slow running API endpoints correctly (#12559)
+  * fix(inputs.exec): restore pre-v1.21 behavior for CSV data_format (#12533)
+  * chore(deps): Bump github.com/kardianos/service from 1.2.1 to 1.2.2 (#12418)
+  * fix(inputs.sqlserver): Suppress error on secondary replicas (#12528)
+  * chore: Fix linter findings for nolintlint (part2) (#12430)
+  * fix(inputs.upsd): Always convert to float (#12516)
+  * chore: Update package repo GPG key (#12546)
+  * chore: Update package repo GPG key (#12544)
+  * chore: fix linter findings for nolintlint part 1 (#12427)
+  * docs(outputs.elasticsearch): detail overriding timezone (#12551)
+  * docs(outputs.mqtt): update readme to match sample config (#12552)
+  * docs(outputs.mqtt): fix incorrect use of brackets (#12539)
+  * fix(agent): catch non-existing commands and error out (#12549)
+  * chore: update package testing from f35 to f37 (#12548)
+  * chore(deps): Bump github.com/karrick/godirwalk from 1.16.1 to 1.17.0 (#12417)
+  * chore(deps): bump github.com/antchfx/jsonquery from 1.3.0 to 1.3.1 (#12511)
+  * chore(deps): Bump github.com/aws/aws-sdk-go-v2/service/ec2 (#12538)
+  * fix(inputs.logstash): Collect opensearch specific stats (#12536)
+  * chore(deps): bump github.com/aws/aws-sdk-go-v2 from 1.17.1 to 1.17.3 (#12420)
+  * fix(inputs.prometheus): correctly track deleted pods (#12522)
+  * chore: update windows signing script (#12524)
+  * chore: Run make docs with various GOOS (#12503)
+  * fix(common.cookie): Allow any 2xx status code (#12515)
+  * test(inputs.snmp): Use random port (#12464)
+  * fix(inputs.upsd): Ensure firmware is always a string (#12486)
+  * docs(inputs.influxdb): Collect v2 with prometheus plugin (#12492)
+  * fix(inputs.cisco_telemetry_mdt): add operation-metric and class-policy prefix (#12240)
+  * fix(json_v2): In case of invalid json, log messsage to debug log (#12440)
+  * chore(deps): update github.com/denisenkom/go-mssqldb from 0.12.0 to 0.12.3 (#12476)
+  * docs(secretstores): document systemd-nspawn requirement (#12494)
+  * chore: update to go1.19.5 (#12498)
+  * fix(secretstores): fix handling of TOML strings (#12490)
+  * fix(agent): handle float time with fractions of seconds correctly (#12491)
+  * fix(agent): Only set default snmp after reading all configs (#12457)
+  * docs(inputs.example): correctly set syntax highlighting and section name (#12471)
+  * docs(inputs.socketstat): fix wrong TOML option name. (#12482)
+  * fix(inputs.win_eventlog): Handle remote events more robustly. (#12375)
+  * fix(inputs.sqlserver): add more precise version check (#12384)
+  * chore(stackdriver): Fix deprecated monitoringpb (#12424)
+  * fix(inputs.gnmi): update configuration documentation (#12415)
+  * fix(secretstores): Fix handling of 'id' and print failing secret-store (#12468)
+  * feat(kafka): Add keep-alive period setting for input and output. (#12459)
+  * fix(agent): Correctly reload configuration files (#12453)
+  * chore: update influxdb-observability to fix statsd bug (#12429)
+  * docs(inputs.postgresql): update readme and samples to note timeout behavior (#12446)
+  * chore: Fix linter findings for makezero (part4) (#12410)
+  * fix(inputs.mysql): Revert slice declarations with non-zero initial length (#12409)
+  * fix: Added own SPID filter to sqlserverqueries.go (#12387)
+  * fix(inputs.sqlserver): SqlRequests include sleeping sessions with open transactions (#12386)
+  * chore(linter): disable linter warning for freeze() in starlark (#12406)
+  * fix(outputs.loki): return response body on error (#12399)
+  * chore: Do not start service on deb install (#12405)
+  * fix(inputs.x509_cert): fix off-by-one when adding intermediate certificates (#12404)
+  * test: Always create test config for package testing (#12390)
+  * fix(secretstores): cleanup duplicate printing (#12401)
+  * chore(deps): Bump cloud.google.com/go/storage from 1.23.0 to 1.28.1 (#12385)
+  * chore(deps): bump github.com/nats-io/nats-server/v2 from 2.9.4 to 2.9.9 (#12379)
+  * chore(deps): bump github.com/eclipse/paho.mqtt.golang (#12378)
+  * chore(deps): bump github.com/hashicorp/consul/api from 1.15.2 to 1.18.0 (#12381)
+
thunar
+- Add switch_pane_shortcut.patch
+  Backport upstream fix for gxo#xfce/thunar#1005
+- Add differentiate_zoom_levels_between_view_modes.patch
+  Backport upstream fix for gxo#xfce/thunar#832
+
+- Update to 4.18.3:
+  * Prevent critical when changing directory (gxo#xfce/thunar#1014)
+  * Keep hidden toolbar hidden after Ctrl+L (gxo#xfce/thunar#1011)
+  * Prevent jumping cursor on file deletion (gxo#xfce/thunar#910)
+  * Prevent Critical when file counting is enabled
+  * Properly handle resident thunar plugins (gxo#xfce/thunar#1007)
+  * Translation Updates
+
+- Update to version 4.18.2:
+  * bulk renamer: Remember LastActiveMode (gxo#xfce/thunar#989)
+  * Dont show toolbar menu for back/forward (gxo#xfce/thunar#983)
+  * Double compact view ellipsization threshold
+  * Few thumbnails missing after scroll (gxo#xfce/thunar#843)
+  * Improve alignment of XfceFileNameInput
+  * Make 'empty trash' sensitive on tab-switch (gxo#xfce/thunar#1001)
+  * Only attach toolbar after toolbar items were set up (gxo#xfce/thunar#927)
+  * Prevent crash after closing windows (gxo#xfce/thunar#995)
+  * Prevent crash for copy+overwrite via DBus (gxo#xfce/thunar#1002)
+  * Prevent rare crash when closing thunar (gxo#xfce/thunar#698)
+  * Prevent segfault for location selector (gxo#xfce/thunar#994)
+  * Re-add symlink target in type column (gxo#xfce/thunar#985)
+  * Revert "Prevent focus stealing of file transfer dialog (gxo#xfce/thunar#643)"
+  * Shrink rename dialog only in height
+  * split-view: prevent losing open tabs (gxo#xfce/thunar#986)
+
+- Update to version 4.18.1:
+  * Fix several thumbnailing issues
+  * 'replace' option fixed for copy with '*.partial~' (gxo#xfce/thunar#974)
+  * Preserve trusted state when launchers are copied
+  * Don't reset zoom-level for directory specific settings (gxo#xfce/thunar#970)
+  * Prevent build failure for NixOS (gxo#xfce/thunar#972)
+  * Prevent location bar crash (gxo#xfce/thunar#968)
+  * Translation Updates
+
+- Update to version 4.18.0:
+  New features: (see https://alexxcons.github.io/blogpost_8.html)
+  - List View
+  - Image Preview
+  - Undo and Redo
+  - File Highlight
+  - Customizable Toolbar
+  - Split View
+  - Statusbar
+  - Recursive Search
+  - Recently used files shown in the side pane
+  - New Bookmark Menu
+  - Trash directory with easy access to `Empty Trash' and `Restore'
+    functionality
+  - Improvements to the Default Applications management
+  - Custom Actions can be arranged in cascading submenus
+  - Preferences dialogs got streamlined
+  Bug fixes:
+  * Dont reset zoom-level for directory specific settings (gxo#xfce/thunar#970)
+  * Prevent build failure for NixOS (gxo#xfce/thunar#972)
+  * Prevent location bar crash (gxo#xfce/thunar#968)
+  * build: Let xdt-depends.m4 macros set GLib macros
+  * Translate the string "Search: " (gxo#xfce/thunar#953)
+  * Fix typo in tooltip
+- Bump build requirements for 4.18.0
+- Remove _service stuff
+
thunar-plugin-media-tags
+- Update to version 0.4.0
+  * build: Add GLib requirement
+  * build: Fix autotools warnings
+  * Replace libexo with libxfce4util
+  * Replace ExoBinding with GBinding
+  * Fix compilation warnings
+  * Adds new README.md and updates
+  * AM_INIT_AUTOMAKE macro with foreign option
+  * A couple of autotools improvements
+  * Translation Updates
+
thunar-plugin-shares
+- Update to version 0.3.2:
+  * Add basic GitLab pipeline
+  * Bump GLib minimum build required to 2.26
+  * configure.ac: use AC_PROG_CC_C99
+  * Create README.md. Update configure.ac.in
+  * Revert "configure.ac: use AC_PROG_CC_C99"
+  * Translation Updates
+  * Use long argument for net usershare to prevent bug (Issue #16)
+
thunar-volman
+- Update to version 4.18.0:
+  * Bump build requirements for Xfce 4.18.0
+- Update to 4.17.1:
+  * bump copyright year
+  * Drop subtitle from settings dialog
+- Update to 4.17.0:
+  * autoconf: Use AC_CONFIG_MACRO_DIRS
+  * build: Fix intltool lock file problem during make distcheck
+  * Update COPYING
+  * Fix compilation warnings
+  * automake: Enable subdir-objects
+  * autoconf: Some updates
+  * Update `.gitignore`
+  * Replace ExoBinding with GBinding
+  * Remove GSourceFunc casts (!5)
+  * Translation Updates:
+    Arabic, Belarusian, Catalan, Croatian, Czech, Estonian, Galician,
+    Greek, Hebrew, Hindi, Norwegian Bokmål, Occitan (post 1500),
+    Romanian, Russian, Spanish, Turkish
+
timeshift
+- update to 22.11.2:
+  * Main.vala: Turn the initial btrfs quota error into a message if we think we
+    know what the error is.
+
tinyssh
+- update to 20230101:
+  * LICENCE update from  public-domain to CC0,
+  * public domain works differently depending on the country,
+  * to avoid it, set explicitly CC0
+  * fixed sysdep tests, tnx Johannes Nixdorf
+
tio
+- update to 2.5:
+  * Update configuration file documentation
+    Rename .tiorc to .tioconfig, tiorc to config, etc.
+  * Add support for $HOME/.tioconfig
+    Replaces what used to be $HOME/.tiorc
+  * Fix double prefix key regression
+  * Better error checking in config file, rename the file
+    Accept "true", "enable", "on", "yes", "1" as true values, their
+    counterparts as false ones. Check integer values for errors and range.
+    Warn about ignored (e.g. misspelled) options.
+    Check getenv() return value for NULL.
+    Rename "tiorc" to "config", as it's a static INI file, not an executable
+    "run commands".
+
tpm2-0-tss
+- add 0001-tss2_rc-ensure-layer-number-is-in-bounds.patch: fixes
+  CVE-2023-22745 (bsc#1207325): Buffer Overlow in TSS2_RC_Decode. Overly large
+  RC values passed to the TSS2 function could lead to memory overread or
+  memory overread.
+
trivy
+- Update to version 0.37.3 (bsc#1208091, CVE-2023-25165):
+  * chore(helm): update Trivy from v0.36.1 to v0.37.2 (#3574)
+  * chore(deps): bump github.com/spf13/viper from 1.14.0 to 1.15.0 (#3536)
+  * chore(deps): bump golang/x/mod to v0.8.0 (#3606)
+  * chore(deps): bump golang.org/x/crypto from 0.3.0 to 0.5.0 (#3529)
+  * chore(deps): bump helm.sh/helm/v3 from 3.10.3 to 3.11.1 (#3580)
+  * ci: quote pros in c++ for semantic pr (#3605)
+  * fix(image): check proxy settings from env for remote images (#3604)
+
+- Update to version 0.37.2:
+  * BREAKING: use normalized trivy-java-db (#3583)
+  * fix(image): add timeout for remote images (#3582)
+  * chore(deps): bump golang.org/x/mod from 0.6.0 to 0.7.0 (#3532)
+  * chore(deps): bump golang.org/x/text from 0.5.0 to 0.6.0 (#3534)
+  * fix(misconf): handle dot files better (#3550)
+  * chore: bump Go to 1.19 (#3551)
+  * chore(deps): bump alpine from 3.17.0 to 3.17.1 (#3522)
+  * chore(deps): bump docker/build-push-action from 3 to 4 (#3523)
+  * chore(deps): bump actions/cache from 3.2.2 to 3.2.4 (#3524)
+  * chore(deps): bump golangci/golangci-lint-action from 3.3.0 to 3.4.0 (#3525)
+  * chore(deps): bump aquaproj/aqua-installer from 1.2.0 to 2.0.2 (#3526)
+
+- Update to version 0.37.1:
+  * fix(sbom): download the Java DB when generating SBOM (#3539)
+  * fix: use cgo free sqlite driver (#3521)
+  * ci: fix path to dist folder (#3527)
+
+- Update to version 0.37.0:
+  * fix(image): close layers (#3517)
+  * refactor: db client changed (#3515)
+  * feat(java): use trivy-java-db to get GAV (#3484)
+  * docs: add note about the limitation in Rekor (#3494)
+  * docs: aggregate targets (#3503)
+  * deps: updates wazero to 1.0.0-pre.8 (#3510)
+  * docs: add alma 9 and rocky 9 to supported os (#3513)
+  * chore(deps): bump defsec to v0.82.9 (#3512)
+  * chore: add missing target labels (#3504)
+  * docs: add java vulnerability page (#3429)
+  * feat(image): add support for Docker CIS Benchmark (#3496)
+  * feat(image): secret scanning on container image config (#3495)
+  * chore(deps): Upgrade defsec to v0.82.8 (#3488)
+  * feat(image): scan misconfigurations in image config (#3437)
+  * chore(helm): update Trivy from v0.30.4 to v0.36.1 (#3489)
+  * feat(k8s): add node info resource (#3482)
+  * perf(secret): optimize secret scanning memory usage (#3453)
+  * feat: support aliases in CLI flag, env and config (#3481)
+  * fix(k8s): migrate rbac k8s (#3459)
+  * feat(java): add implementationVendor and specificationVendor fields to detect GroupID from MANIFEST.MF (#3480)
+  * refactor: rename security-checks to scanners (#3467)
+  * chore: display the troubleshooting URL for the DB denial error (#3474)
+  * docs: yaml tabs to spaces, auto create namespace (#3469)
+  * docs: adding show-and-tell template to GH discussions (#3391)
+  * fix: Fix a temporary file leak in case of error (#3465)
+  * fix(test): sort cyclonedx components (#3468)
+  * docs: fixing spelling mistakes (#3462)
+  * ci: set paths triggering VM tests in PR (#3438)
+  * docs: typo in --skip-files (#3454)
+  * feat(custom-forward): Extended advisory data (#3444)
+  * docs: fix spelling error (#3436)
+  * refactor(image): extend image config analyzer (#3434)
+  * fix(nodejs): add ignore protocols to yarn parser (#3433)
+  * fix(db): check proxy settings when using insecure flag (#3435)
+  * feat(misconf): Fetch policies from OCI registry (#3015)
+  * ci: downgrade Go to 1.18 and use stable and oldstable go versions for unit tests (#3413)
+  * ci: store URLs to Github Releases in RPM repository (#3414)
+  * feat(server): add support of `skip-db-update` flag for hot db update (#3416)
+  * chore(deps): bump github.com/moby/buildkit from v0.10.6 to v0.11.0 (#3411)
+  * fix(image): handle wrong empty layer detection (#3375)
+  * test: fix integration tests for spdx and cycloneDX (#3412)
+  * feat(python): Include Conda packages in SBOMs (#3379)
+  * feat: add support pubspec.lock files for dart (#3344)
+  * fix(image): parsePlatform is failing with UNAUTHORIZED error (#3326)
+  * fix(license): change normalize for GPL-3+-WITH-BISON-EXCEPTION (#3405)
+  * feat(server): log errors on server side (#3397)
+  * chore(deps): bump defsec to address helm vulnerabilities (#3399)
+  * docs: rewrite installation docs and general improvements (#3368)
+  * chore: update code owners (#3393)
+  * chore: test docs separately from code (#3392)
+  * docs: use the formula maintained by Homebrew (#3389)
+  * docs: add `Security Management` section with SonarQube plugin
+
+- Update to version 0.36.1:
+  * fix(deps): fix errors on yarn.lock files that contain local file reference (#3384)
+  * feat(flag): early fail when the format is invalid (#3370)
+  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.136 to 1.44.171 (#3366)
+  * docs(aws): fix broken links (#3374)
+  * chore(deps): bump actions/stale from 6 to 7 (#3360)
+  * chore(deps): bump helm/kind-action from 1.4.0 to 1.5.0 (#3359)
+  * chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.6.0 to 0.7.0 (#2974)
+  * chore(deps): bump azure/setup-helm from 3.4 to 3.5 (#3358)
+  * chore(deps): bump github.com/moby/buildkit from 0.10.4 to 0.10.6 (#3173)
+  * chore(deps): bump goreleaser/goreleaser-action from 3 to 4 (#3357)
+  * chore(deps): bump github.com/containerd/containerd from 1.6.8 to 1.6.14 (#3367)
+  * chore(go): updates wazero to v1.0.0-pre.7 (#3355)
+  * chore(deps): bump golang.org/x/text from 0.4.0 to 0.5.0 (#3362)
+  * chore(deps): bump actions/cache from 3.0.11 to 3.2.2 (#3356)
+
+- Update to version 0.36.0:
+  * docs: improve compliance docs (#3340)
+  * feat(deps): add yarn lock dependency tree (#3348)
+  * fix: compliance change id and title naming (#3349)
+  * feat: add support for mix.lock files for elixir language (#3328)
+  * feat: add k8s cis bench (#3315)
+  * test: disable SearchLocalStoreByNameOrDigest test for non-amd64 arch (#3322)
+  * revert: cache merged layers (#3334)
+  * feat(cyclonedx): add recommendation (#3336)
+  * feat(ubuntu): added support ubuntu ESM versions (#1893)
+  * fix: change logic to build relative paths for skip-dirs and skip-files (#3331)
+  * chore(deps): bump github.com/hashicorp/golang-lru from 0.5.4 to 2.0.1 (#3265)
+  * feat: Adding support for Windows testing (#3037)
+  * feat: add support for Alpine 3.17 (#3319)
+  * docs: change PodFile.lock to Podfile.lock (#3318)
+  * fix(sbom): support for the detection of old CycloneDX predicate type (#3316)
+  * feat(secret): Use .trivyignore for filtering secret scanning result (#3312)
+  * chore(go): remove experimental FS API usage in Wasm (#3299)
+  * ci: add workflow to add issues to roadmap project (#3292)
+  * fix(vuln): include duplicate vulnerabilities with different package paths in the final report (#3275)
+  * chore(deps): bump github.com/spf13/viper from 1.13.0 to 1.14.0 (#3250)
+  * feat(sbom): better support for third-party SBOMs (#3262)
+  * docs: add information about languages with support for dependency locations (#3306)
+  * feat(vm): add `region` option to vm scan to be able to scan any region's ami and ebs snapshots (#3284)
+  * chore(deps): bump github.com/Azure/azure-sdk-for-go from 66.0.0+incompatible to 67.1.0+incompatible (#3251)
+  * fix(vuln): change severity vendor priority for ghsa-ids and vulns from govuln (#3255)
+  * docs: remove comparisons (#3289)
+  * feat: add support for Wolfi Linux (#3215)
+  * ci: add go.mod to canary workflow (#3288)
+  * feat(python): skip dev dependencies (#3282)
+  * chore: update ubuntu version for Github action runnners (#3257)
+  * fix(go): skip dep without Path for go-binaries (#3254)
+  * feat(rust): add ID for cargo pgks (#3256)
+  * chore(deps): bump github.com/samber/lo from 1.33.0 to 1.36.0 (#3263)
+  * chore(deps): bump github.com/Masterminds/sprig/v3 from 3.2.2 to 3.2.3 (#3253)
+  * feat: add support for swift cocoapods lock files (#2956)
+  * fix(sbom): use proper constants (#3286)
+  * chore(deps): bump golang.org/x/term from 0.1.0 to 0.3.0 (#3278)
+  * test(vm): import relevant analyzers (#3285)
+  * feat: support scan remote repository (#3131)
+  * docs: fix typo in fluxcd (#3268)
+  * docs: fix broken "ecosystem" link in readme (#3280)
+  * feat(misconf): Add compliance check support (#3130)
+  * docs: Adding Concourse resource for trivy (#3224)
+  * chore(deps): change golang from 1.19.2 to 1.19 (#3249)
+  * fix(sbom): duplicate dependson (#3261)
+  * chore(deps): bump alpine from 3.16.2 to 3.17.0 (#3247)
+  * chore(go): updates wazero to 1.0.0-pre.4 (#3242)
+  * feat(report): add dependency locations to sarif format (#3210)
+  * fix(rpm): add rocky to osVendors (#3241)
+  * docs: fix a typo (#3236)
+  * feat(dotnet): add dependency parsing for nuget lock files (#3222)
+  * docs: add pre-commit hook to community tools (#3203)
+  * feat(helm): pass arbitrary env vars to trivy (#3208)
+
+- Update to version 0.35.0:
+  * chore(vm): update xfs filesystem parser for change log (#3230)
+  * feat: add virtual machine scan command (#2910)
+  * docs: reorganize index and readme (#3026)
+  * fix: `slowSizeThreshold` should be less than `defaultSizeThreshold` (#3225)
+  * feat: Export functions for trivy plugin (#3204)
+  * feat(image): add support wildcard for platform os (#3196)
+  * fix: load compliance report from file system (#3161)
+  * fix(suse): use package name to get advisories (#3199)
+  * docs(image): space issues during image scan (#3190)
+  * feat(containerd): scan image by digest (#3075)
+  * fix(vuln): add package name to title (#3183)
+  * fix: present control status instead of compliance percentage in compliance report (#3181)
+  * perf(license): remove go-enry/go-license-detector. (#3187)
+  * fix: workdir command as empty layer (#3087)
+  * docs: reorganize ecosystem section (#3025)
+  * feat(dotnet): add support dependency location for dotnet-core files (#3095)
+  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.114 to 1.44.136 (#3174)
+  * chore(deps): bump github.com/testcontainers/testcontainers-go from 0.13.0 to 0.15.0 (#3109)
+  * feat(dotnet): add support dependency location for nuget lock files (#3032)
+  * chore: update code owners for misconfigurations (#3176)
+  * feat: add slow mode (#3084)
+  * docs: fix typo in enable-builin-rules mentions (#3118)
+  * feat: Add maintainer field to OS packages (#3149)
+  * docs: fix some typo (#3171)
+  * chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.17.8 to 1.18.0 (#3175)
+  * chore(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 (#3112)
+  * docs: fix links on Built-in Policies page (#3124)
+  * chore(deps): bump github.com/go-openapi/runtime from 0.24.1 to 0.24.2 (#3117)
+  * chore(deps): bump github.com/samber/lo from 1.28.2 to 1.33.0 (#3116)
+  * fix: Perform filepath.Clean first and then filepath.ToSlash for skipFile/skipDirs settings (#3144)
+  * chore: use newline for semantic pr (#3172)
+  * chore(deps): bump azure/setup-helm from 3.3 to 3.4 (#3107)
+  * chore(deps): bump sigstore/cosign-installer from 2.7.0 to 2.8.1 (#3106)
+  * chore(deps): bump amannn/action-semantic-pull-request from 4 to 5 (#3105)
+  * chore(deps): bump golangci/golangci-lint-action from 3.2.0 to 3.3.0 (#3104)
+  * fix(spdx): rename describes field in spdx (#3102)
+  * chore: handle GOPATH with several paths in make file (#3092)
+  * docs(flag): add "rego" configuration file options (#3165)
+  * chore(go): updates wazero to 1.0.0-pre.3 (#3090)
+  * chore(deps): bump actions/cache from 3.0.9 to 3.0.11 (#3108)
+  * docs(license): fix typo inside quick start (#3134)
+  * chore: update codeowners for docs (#3135)
+  * fix(cli): exclude --compliance flag from non supported sub-commands (#3158)
+  * fix: remove --security-checks none from image help (#3156)
+  * fix: compliance flag description (#3160)
+  * docs(k8s): fix a typo (#3163)
+  * chore(deps): bump golang from 1.19.1 to 1.19.2 (#3103)
+
+- Update to version 0.34.0:
+  * feat(vuln): support dependency graph for RHEL/CentOS (#3094)
+  * feat(vuln): support dependency graph for dpkg and apk (#3093)
+  * perf(license): enable license classifier only with "--license-full" (#3086)
+  * feat(report): add secret scanning to ASFF template (#2860)
+  * feat: Allow override of containerd namespace (#3060)
+  * fix(vuln): In alpine use Name as SrcName (#3079)
+  * fix(secret): Alibaba AccessKey ID (#3083)
+
+- Update to version 0.33.0:
+  * refactor(k8s): custom reports (#3076)
+  * fix(misconf): Bump in-toto-golang with correct CycloneDX predicate (#3068)
+  * feat(image): add support for passing architecture and OS (#3012)
+  * test: disable containerd integration tests for non-amd64 arch (#3073)
+  * feat(server): Add support for client/server mode to rootfs command (#3021)
+  * feat(vuln): support non-packaged binaries (#3019)
+  * feat: compliance reports (#2951)
+  * fix(flag): disable flag parsing for each plugin command (#3074)
+  * feat(nodejs): add support dependency location for yarn.lock files (#3016)
+  * chore: Switch github.com/liamg dependencies to github.com/aquasecurity (#3069)
+  * feat: add k8s components (#2589)
+  * fix(secret): update the regex for secrets scanning (#2964)
+  * chore(deps): bump github.com/samber/lo from 1.27.1 to 1.28.2 (#2979)
+  * fix: bump trivy-kubernetes (#3064)
+  * docs: fix missing 'image' subcommand (#3051)
+  * chore: Patch golang x/text vulnerability (#3046)
+  * chore: add licensed project logo (#3058)
+  * feat(ubuntu): set Ubuntu 22.10 EOL (#3054)
+  * refactor(analyzer): use strings.TrimSuffix instead of strings.HasSuffix (#3028)
+  * feat(report): Use understandable value for shortDescription in SARIF reports (#3009)
+  * docs(misconf): fix typo (#3043)
+  * feat: add support for scanning azure ARM (#3011)
+  * feat(report): add location.message to SARIF output (#3002) (#3003)
+  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.95 to 1.44.109 (#2980)
+  * feat(nodejs): add dependency line numbers for npm lock files (#2932)
+  * test(fs): add `--skip-files`, `--skip-dirs` (#2984)
+  * docs: add Woodpecker CI integrations example (#2823)
+  * chore(deps): bump github.com/sigstore/rekor from 0.12.0 to 0.12.2 (#2981)
+  * chore(deps): bump github.com/liamg/memoryfs from 1.4.2 to 1.4.3 (#2976)
+  * chore(deps): bump github.com/spf13/viper from 1.12.0 to 1.13.0 (#2975)
+  * chore(deps): bump github.com/caarlos0/env/v6 from 6.10.0 to 6.10.1 (#2982)
+  * fix(sbom): ref generation if serialNumber is empty when input is cyclonedx file (#3000)
+  * fix(java): don't stop parsing jar file when wrong inner jar is found (#2989)
+  * fix(sbom): use nuget purl type for dotnet-core (#2990)
+  * perf: retrieve rekor entries in bulk (#2987)
+  * feat(aws): Custom rego policies for AWS scanning (#2994)
+  * docs: jq cli formatting (#2881)
+  * docs(repo): troubleshooting $TMPDIR customization (#2985)
+  * chore(deps): bump actions/cache from 3.0.8 to 3.0.9 (#2969)
+  * chore(deps): bump actions/stale from 5 to 6 (#2970)
+  * chore(deps): bump sigstore/cosign-installer from 2.5.1 to 2.7.0 (#2971)
+  * chore(deps): bump helm/chart-testing-action from 2.3.0 to 2.3.1 (#2972)
+  * chore(deps): bump helm/kind-action from 1.3.0 to 1.4.0 (#2973)
+  * chore: run `go fmt` (#2897)
+  * chore(go): updates wazero to 1.0.0-pre.2 (#2955)
+  * fix(aws): Less function for slice sorting always returns false #2967
+  * fix(java): fix unmarshal pom exclusions (#2936)
+
+- Update to version 0.32.1:
+  * fix(java): use fields of dependency from dependencyManagement from upper pom.xml to parse deps (#2943)
+  * chore: expat lib and go binary deps vulns (#2940)
+  * wasm: Removes accidentally exported memory (#2950)
+  * fix(sbom): fix package name separation for gradle (#2906)
+  * docs(readme.md): fix broken integrations link (#2931)
+  * fix(image): handle images with single layer in rescan mergedLayers cache (#2927)
+  * fix(cli): split env values with ',' for slice flags (#2926)
+  * fix(cli): config/helm: also take into account files with `.yml` (#2928)
+  * fix(flag): add file-patterns flag for config subcommand (#2925)
+  * chore(deps): bump github.com/open-policy-agent/opa from 0.43.0 to 0.43.1 (#2902)
+
+- Update to version 0.32.0:
+  * docs: add Rekor SBOM attestation scanning (#2893)
+  * chore: narrow the owner scope (#2894)
+  * fix: remove a patch number from the recommendation link (#2891)
+  * fix: enable parsing of UUID-only rekor entry ID (#2887)
+  * docs(sbom): add SPDX scanning (#2885)
+  * docs: restructure docs and add tutorials (#2883)
+  * feat(sbom): scan sbom attestation in the rekor record (#2699)
+  * feat(k8s): support outdated-api (#2877)
+  * chore(deps): bump github.com/moby/buildkit from 0.10.3 to 0.10.4 (#2815)
+  * fix(c): support revisions in Conan parser (#2878)
+  * feat: dynamic links support for scan results (#2838)
+  * chore(deps): bump go.uber.org/zap from 1.22.0 to 1.23.0 (#2818)
+  * docs: update archlinux commands (#2876)
+  * feat(secret): add line from dockerfile where secret was added to secret result (#2780)
+  * feat(sbom): Add unmarshal for spdx (#2868)
+  * chore(deps): bump github.com/aws/aws-sdk-go-v2/config (#2827)
+  * fix: revert asff arn and add documentation (#2852)
+  * docs: batch-import-findings limit (#2851)
+  * chore(deps): bump golang from 1.19.0 to 1.19.1 (#2872)
+  * feat(sbom): Add marshal for spdx (#2867)
+  * build: checkout before setting up Go (#2873)
+  * chore: bump Go to 1.19 (#2861)
+  * docs: azure doc and trivy (#2869)
+  * fix: Scan tarr'd dependencies (#2857)
+  * chore(helm): helm test with ingress (#2630)
+  * feat(report): add secrets to sarif format (#2820)
+  * chore(deps): bump azure/setup-helm from 1.1 to 3.3 (#2807)
+  * refactor: add a new interface for initializing analyzers (#2835)
+  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.77 to 1.44.92 (#2840)
+  * fix: update ProductArn with account id (#2782)
+  * feat(helm): make cache TTL configurable (#2798)
+  * build(): Sign releaser artifacts, not only container manifests (#2789)
+  * chore: improve doc about azure devops (#2795)
+  * chore(deps): bump sigstore/cosign-installer from 2.5.0 to 2.5.1 (#2804)
+  * chore(deps): bump github.com/aws/aws-sdk-go-v2/service/sts (#2825)
+  * docs: don't push patch versions (#2824)
+  * feat: add support for conan.lock file (#2779)
+  * feat: cache merged layers
+  * chore(deps): bump helm/chart-testing-action from 2.2.1 to 2.3.0 (#2805)
+  * chore(deps): bump actions/cache from 3.0.5 to 3.0.8 (#2806)
+  * chore(deps): bump github.com/caarlos0/env/v6 from 6.9.3 to 6.10.0 (#2811)
+  * chore(deps): bump github.com/aquasecurity/table from 1.7.2 to 1.8.0 (#2810)
+  * chore(deps): bump github.com/samber/lo from 1.27.0 to 1.27.1 (#2808)
+  * chore(deps): bump github.com/alicebob/miniredis/v2 from 2.22.0 to 2.23.0 (#2814)
+  * feat: add support for gradle.lockfile (#2759)
+  * chore(mod): updates wazero to 1.0.0-pre.1 #2791
+  * feat: move file patterns to a global level to be able to use it on any analyzer (#2539)
+  * Fix url validaton failures (#2783)
+  * fix(image): add logic to detect empty layers (#2790)
+  * feat(rust): add dependency graph from Rust binaries (#2771)
+
+- Update to version 0.31.3:
+  * fix: handle empty OS family (#2768)
+  * fix: fix k8s summary report (#2777)
+  * fix: don't skip packages that don't contain vulns, when using --list-all-pkgs flag (#2767)
+  * chore: bump trivy-kubernetes (#2770)
+  * fix(secret): Consider secrets in rpc calls (#2753)
+  * fix(java): check depManagement from upper pom's (#2747)
+  * fix(php): skip `composer.lock` inside `vendor` folder (#2718)
+  * fix: fix k8s rbac filter (#2765)
+  * feat(misconf): skipping misconfigurations by AVD ID (#2743)
+  * chore(deps): Upgrade Alpine to 3.16.2 to fix zlib issue (#2741)
+  * docs: add MacPorts install instructions (#2727)
+  * docs: typo (#2730)
+
+- Update to version 0.31.2:
+  * fix: Correctly handle recoverable AWS scanning errors (#2726)
+  * docs: Remove reference to SecurityAudit policy for AWS scanning (#2721)
+
+- Update to version 0.31.1:
+  * fix: upgrade defsec to v0.71.7 for elb scan panic (#2720)
+
+- Update to version 0.31.0:
+  * fix(flag): add error when there are no supported security checks (#2713)
+  * fix(vuln): continue scanning when no vuln found in the first application (#2712)
+  * revert: add new classes for vulnerabilities (#2701)
+  * feat(secret): detect secrets removed or overwritten in upper layer (#2611)
+  * fix(cli): secret scanning perf link fix (#2607)
+  * chore(deps): bump github.com/spf13/viper from 1.8.1 to 1.12.0 (#2650)
+  * feat: Add AWS Cloud scanning (#2493)
+  * docs: specify the type when verifying an attestation (#2697)
+  * docs(sbom): improve SBOM docs by adding a description for scanning SBOM attestation (#2690)
+  * fix(rpc): scanResponse rpc conversion for custom resources (#2692)
+  * feat(rust): Add support for cargo-auditable (#2675)
+  * feat: Support passing value overrides for configuration checks (#2679)
+  * feat(sbom): add support for scanning a sbom attestation (#2652)
+  * chore(image): skip symlinks and hardlinks from tar scan (#2634)
+  * fix(report): Update junit.tpl (#2677)
+  * fix(cyclonedx): add nil check to metadata.component (#2673)
+  * docs(secret): fix missing and broken links (#2674)
+  * refactor(cyclonedx): implement json.Unmarshaler (#2662)
+  * chore(deps): bump github.com/aquasecurity/table from 1.6.0 to 1.7.2 (#2643)
+  * chore(deps): bump github.com/Azure/go-autorest/autorest (#2642)
+  * feat(kubernetes): add option to specify kubeconfig file path (#2576)
+  * docs:  follow Debian's "instructions to connect to a third-party repository" (#2511)
+  * chore(deps): bump github.com/google/licenseclassifier/v2 (#2644)
+  * chore(deps): bump github.com/samber/lo from 1.24.0 to 1.27.0 (#2645)
+  * chore(deps): bump github.com/Azure/go-autorest/autorest/adal (#2647)
+  * chore(deps): bump github.com/cheggaaa/pb/v3 from 3.0.8 to 3.1.0 (#2646)
+  * chore(deps): bump sigstore/cosign-installer from 2.4.1 to 2.5.0 (#2641)
+  * chore(deps): bump actions/cache from 3.0.4 to 3.0.5 (#2640)
+  * chore(deps): bump alpine from 3.16.0 to 3.16.1 (#2639)
+  * chore(deps): bump golang from 1.18.3 to 1.18.4 (#2638)
+  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.48 to 1.44.66 (#2648)
+  * chore(deps): bump github.com/open-policy-agent/opa from 0.42.0 to 0.43.0 (#2649)
+  * chore(deps): bump google.golang.org/protobuf from 1.28.0 to 1.28.1 (#2651)
+  * feat(alma): set AlmaLinux 9 EOL (#2653)
+  * fix(misconf): Allow quotes in Dockerfile WORKDIR when detecting relative dirs (#2636)
+  * test(misconf): add tests for misconf handler for dockerfiles (#2621)
+  * feat(oracle): set Oracle Linux 9 EOL (#2635)
+  * BREAKING: add new classes for vulnerabilities (#2541)
+  * fix(secret): add newline escaping for asymmetric private key (#2532)
+  * docs: improve formatting (#2572)
+  * feat(helm): allows users to define an existing secret for tokens (#2587)
+  * docs(mariner): use tdnf in fs usage example (#2616)
+  * docs: remove unnecessary double quotation marks (#2609)
+  * fix: Fix --file-patterns flag (#2625)
+  * feat(report): add support for Cosign vulnerability attestation (#2567)
+  * docs(mariner): use v2.0 in examples (#2602)
+  * feat(report): add secrets template for codequality report (#2461)
+
tryton
+- Version 6.0.25 - Bugfix Release
+
+- Version 6.0.24 - Bugfix Release
+
+- Version 6.0.23 - Bugfix Release
+
+- Version 6.0.22 - Bugfix Release
+
trytond
+- Version 6.0.28 - Bugfix Release
+
+- Version 6.0.27 - Bugfix Release
+
+- Version 6.0.26 - Bugfix Release
+
+- Version 6.0.25 - Bugfix Release
+
trytond_account
+- Version 6.0.15 - Bugfix Release
+
+- Version 6.0.14 - Bugfix Release
+
trytond_account_invoice
+- Version 6.0.8 - Bugfix Release
+
trytond_purchase_request
+- Version 6.0.4 - Bugfix Release
+
+- Version 6.0.3 - Bugfix Release
+
+- Version 6.0.2 - Bugfix Release
+
trytond_stock_supply
+- Version 6.0.4 - Bugfix Release
+
tumbler
+- Update to version 4.18.0
+  * Bump requirements for Xfce 4.18
+  * Performance improvements for the pixbuf-thumbnailer and the scheduler
+  * Implement multiple overwrite options for the desktop-thumbnailer
+  * Add support for the thumbnail sizes x-large and xx-large, which are
+    very useful for high resolution displays
+  * Tumbler and Thunar now support shared thumbnail repositories, like
+    described in the freedesktop.org thumbnail specification. This feature
+    can be used to produce thumbnails for a folder in advance, directly
+    located near the pictures. Like that, the thumbnails don't need to be
+    re-generated for each individual user.
+  * tumbler.rc: Fix typo in explanatory comment
+  * For the full list of changes from the 4.17 development branch see the
+    packaged NEWS file.
+- Restore RAW tumbnailer as issue with libopenraw 0.3 should be fixed
+
ucode-intel
+- Updated to Intel CPU Microcode 20230214 release.
+  Security issues fixed:
+  - CVE-2022-38090: Security updates for [INTEL-SA-00767](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00767.html) (bsc#1208275)
+  - CVE-2022-33196: Security updates for [INTEL-SA-00738](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00738.html) (bsc#1208276)
+  - CVE-2022-21216: Security updates for [INTEL-SA-00700](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00700.html) (bsc#1208277)
+  New Platforms:
+  | Processor      | Stepping | F-M-S/PI    | Old Ver  | New Ver  | Products
+  |:---------------|:---------|:------------|:---------|:---------|:---------
+  | SPR-SP         | E2       | 06-8f-05/87 |          | 2b000181 | Xeon Scalable Gen4
+  | SPR-SP         | E3       | 06-8f-06/87 |          | 2b000181 | Xeon Scalable Gen4
+  | SPR-SP         | E4       | 06-8f-07/87 |          | 2b000181 | Xeon Scalable Gen4
+  | SPR-SP         | E5       | 06-8f-08/87 |          | 2b000181 | Xeon Scalable Gen4
+  | SPR-HBM        | B3       | 06-8f-08/10 |          | 2c000170 | Xeon Max
+  | RPL-P 6+8      | J0       | 06-ba-02/07 |          | 0000410e | Core Gen13
+  | RPL-H 6+8      | J0       | 06-ba-02/07 |          | 0000410e | Core Gen13
+  | RPL-U 2+8      | Q0       | 06-ba-02/07 |          | 0000410e | Core Gen13
+  Updated Platforms:
+  | Processor      | Stepping | F-M-S/PI    | Old Ver  | New Ver  | Products
+  |:---------------|:---------|:------------|:---------|:---------|:---------
+  | ADL            | C0       | 06-97-02/07 | 00000026 | 0000002c | Core Gen12
+  | ADL            | C0       | 06-97-05/07 | 00000026 | 0000002c | Core Gen12
+  | ADL            | C0       | 06-bf-02/07 | 00000026 | 0000002c | Core Gen12
+  | ADL            | C0       | 06-bf-05/07 | 00000026 | 0000002c | Core Gen12
+  | ADL            | L0       | 06-9a-03/80 | 00000424 | 00000429 | Core Gen12
+  | ADL            | L0       | 06-9a-04/80 | 00000424 | 00000429 | Core Gen12
+  | CLX-SP         | B0       | 06-55-06/bf | 04003302 | 04003303 | Xeon Scalable Gen2
+  | CLX-SP         | B1       | 06-55-07/bf | 05003302 | 05003303 | Xeon Scalable Gen2
+  | CPX-SP         | A1       | 06-55-0b/bf | 07002501 | 07002503 | Xeon Scalable Gen3
+  | GLK            | B0       | 06-7a-01/01 | 0000003c | 0000003e | Pentium Silver N/J5xxx, Celeron N/J4xxx
+  | GLK-R          | R0       | 06-7a-08/01 | 00000020 | 00000022 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
+  | ICL-D          | B0       | 06-6c-01/10 | 01000201 | 01000211 | Xeon D-17xx, D-27xx
+  | ICL-U/Y        | D1       | 06-7e-05/80 | 000000b6 | 000000b8 | Core Gen10 Mobile
+  | ICX-SP         | D0       | 06-6a-06/87 | 0d000375 | 0d000389 | Xeon Scalable Gen3
+  | JSL            | A0/A1    | 06-9c-00/01 | 24000023 | 24000024 | Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105
+  | LKF            | B2/B3    | 06-8a-01/10 | 00000031 | 00000032 | Core w/Hybrid Technology
+  | RKL-S          | B0       | 06-a7-01/02 | 00000056 | 00000057 | Core Gen11
+  | RPL-S          | S0       | 06-b7-01/32 | 0000010e | 00000112 | Core Gen13
+  | SKX-SP         | B1       | 06-55-03/97 | 0100015e | 01000161 | Xeon Scalable
+
udp2raw-tunnel
+- Fix build
+
ugrep
+- update to 3.10.0:
+  * This release adds the option --tree to output directory trees
+    of files for the options -l (--files-with-matches),
+  - L (--files-withou-match), and -c (--count)
+  * The option --pretty was updated to to enable --tree when output
+    is sent to  a terminal. This can be disabled with --no-tree.
+
uhd
+- Update to version 4.4.0.0
+  See: https://github.com/EttusResearch/uhd/releases for all changes
+
ulfius
+- Update to version 2.7.12
+  * Improve cmake script.
+  * Minor bugfixes
+  * Add cmake build flag WITH_WEBSOCKET_MESSAGE_LIST to completely
+    disable message lists storage in websockets.
+
vkmark
+- Drop build requires on deprecated Mesa-libVulkan-devel.
+
voms
+- updated to 2.1.0~rc3
+  - no useful upstream change entry
+- voms-gcc7.patch: upstreamed
+- voms-lib-check-no-macro.patch: upstreamed
+- voms-default-proxyver.patch: upstreamed
+- voms-nid-defined.patch: upstreamed
+- voms-gssapi-header.patch: upstreamed
+- voms-disable-gsoap.patch: upstreamed
+
vtkdata
+- Update to version 9.2.5 - no changelog available.
+
warewulf4
+- added Fix-for-CVE-2022-41723.patch in order to fix CVE-2022-41723
+  (bsc#1208301)
+  Note: an updated vendor.tar.gz is also required
+- use the static dhpd configuration, which means known nodes will not
+  only be static configured, but also get their configured ip address
+  via dhcp
+
+- added CreateMt-Targets.patch
+  which moonts in resolv.conf and files for SCC registration
+- added config-ww4.sh which is used for initial configuration for
+  simple network setups
+
+- Add %sysusers_requires macro to account for missing dependencies
+  (boo#1207802).
+
+- use distro ipxe binaries instead of binaries blobs from the
+  warewulf github repo
wavemon
+- Update to version 0.9.4
+  Enhancements and Fixes:
+  * Info Screen
+    + fix mis-spelled format identifier
+    + add fields for carrier / link mode,
+    + handle (accidentally) positive signal levels
+    + fix display of bonded interfaces
+    + add more network information
+    + add IPv6 support
+    + use error-checking mutexes
+    + display MCS bitrate information
+  * Scan Screen
+    + do not enable scan if rfkill is enabled
+    + unblock data mutex at end (fixing a deadlock condition)
+    + reset filter when there are no results
+  * History Screen
+    + deprecate threshold actions (were not of much use)
+    + remove support for noise levels
+    + add missing #include
+    + add wide-character support
+    + reset data when switching between interfaces
+  * Menu Bar
+    + improve highlighting of selected entries
+  Miscellaneous:
+  * drop dependency on wireless extensions
+  * build uses correct ncurses flags
+  * build now uses -Wextra by default
+  * build now honours configure CFLAGS
+  * update README
+  * document how to use wavemon within screen
+  * list of wireless interfaces is now also populated via
+    nl80211 (no longer ioctl)
+
webkit2gtk3
-- Update to version 2.38.3 (boo#1206474):
+- Update to version 2.38.5 (boo#1208328):
+  + Fix large memory allocation when uploading content.
+  + Fix scrolling after a history navigation with PSON enabled.
+  + Always update the active uri of WebKitFrame.
+  + Fix the build on Ubuntu 20.04.
+  + Fix several crashes and rendering issues.
+  + Security fixes: CVE-2023-23529.
+- Add webkit2gtk3-gtk4-build-fix.patch: fix the build with gtk
+  4.6.0.
+
+- Update to version 2.38.4 (boo#1207997):
+  + Improve GStreamer multimedia playback across the board with
+    improved codec selection logic, better handling of latency, and
+    improving frame discard to avoid audio/video
+    desynchronizationg, among other fixes.
+  + Disable HLS media playback by default, which makes web sites
+    use MSE instead. If needed WEBKIT_GST_ENABLE_HLS_SUPPORT=1 can
+    be set in the environment to enable it back.
+  + Disable threaded rendering in GTK4 builds by default, as it was
+    causing crashes.
+  + Fix MediaSession API not showing artwork images.
+  + Fix MediaSession MPRIS usage when running inside a Flatpak
+    sandbox.
+  + Fix input element controls to correctly scale when applying a
+    zoom factor different than the default.
+  + Fix leakage of Web processes in certain situations.
+  + Fix the injected bundle not being found when running inside a
+    sandbox.
+  + Fix the build with ENABLE_INTROSPECTION when cross-compiling.
+  + FIx the build with ENABLE_WEBGL disabled.
+  + Fix the build with GStreamer-based WebRTC enabled.
+  + Fix the build with USE_GTK4 enabled.
+  + Fix several crashes and rendering issues.
+  + Security fixes: CVE-2023-23517, CVE-2023-23518, CVE-2022-42826.
+
+- Update to version 2.38.3 (boo#1206474 boo#1206750):
-  + Security fixes: CVE-2022-42856.
+  + Security fixes: CVE-2022-42852, CVE-2022-42856, CVE-2022-42867,
+    CVE-2022-46692, CVE-2022-46698, CVE-2022-46699, CVE-2022-46700.
+  + Security fixes: CVE-2022-46691.
-  + Security fixes: CVE-2022-32888, CVE-2022-32923.
+  + Security fixes: CVE-2022-32888, CVE-2022-32923, CVE-2022-42863.
wildmidi
+- Update to version 0.4.5
+  * Fixed MUS drum channels 9 and 15 being swapped if the same file
+    is played twice from the same memory buffer.
+  * Player: Fixed save midi reading wrong argv if there are no path
+    seperators.
+  * Other code and build system clean-ups.
+
wine
+- Updated to 8.0 release
+  - see all lower entries for major changes, also the ANNOUNCE file
+- update staging to 8.0 release
+
+- updated to 8.0 rc5 release candidate
+  - Bug fixes only, we are in code freeze.
+- update staging to 8.0 rc5 release
+
+- updated to 8.0 rc4 release candidate
+  - Bug fixes only, we are in code freeze.
+- update staging to 8.0 rc4 release
+
+- updated to 8.0 rc3 release candidate
+  - Bug fixes only, we are in code freeze.
+- updated to 8.0 rc2 release candidate
+  - Bug fixes only, we are in code freeze.
+- update staging to 8.0 rc3 release
+
+- updated to 8.0 rc1 release candidate
+  - Bundled vkd3d upgraded to version 1.6.
+  - Vulkan and OpenGL thunking optimizations.
+  - More support for print processors.
+  - Improved joystick control panel.
+  - Long types printf format conversion finished.
+  - Various bug fixes.
+- update staging to 8.0 rc1 release
+
+- updated to 7.22 development release
+  - 32-on-64 thunks for both Vulkan and OpenGL.
+  - OpenLDAP library bundled and built as PE.
+  - Support for the RAW print processor in WinPrint.
+  - More progress on the long types printf format conversion.
+  - Various bug fixes.
+- update staging to 7.22 release
+- mark bundled libraries with Provides: bundled(name) = version
+
+- Reenable parallel build again as the buildsystem got fixed
+
+- Fix aarch64 file list
+
+- updated to 7.21 development release
+  - OpenGL library converted to PE.
+  - Support for multi-architecture PE builds.
+  - More preparation work for Vulkan 32-on-64 support.
+  - Support for creating import libraries without dlltool.
+  - Locale data updates.
+  - Various bug fixes.
+- update staging to 7.21 release
+
+- updated to 7.20 development release
+  - Mono engine updated to version 7.4.0.
+  - Font linking improvements.
+  - A number of fixes for exception unwinding.
+  - Support for dumping EMF spool files in WineDump.
+  - Various bug fixes.
+- update staging to 7.20 release
+
+- updated to 7.19 development release
+  - Support for storing DOS attributes on disk.
+  - Bundled vkd3d upgraded to version 1.5.
+  - Support for MPEG-4 audio format.
+  - Various bug fixes.
+- update staging to 7.19 release
+
+- updated to 7.18 development release
+  - Character tables updated to Unicode 15.0.0.
+  - Wow64 support in the macOS driver.
+  - Async reader fixes in GStreamer support.
+  - Various bug fixes.
+- update staging to 7.18 release
+
+- updated to 7.17 development release
+  - High Unicode planes support in DirectWrite.
+  - Some work towards Wow64 support in the Vulkan driver.
+  - Various bug fixes.
+- update staging to 7.17 release
+
+- updated to 7.16 development release
+  - Wow64 support in X11 driver.
+  - Session storage in MSHTML.
+  - Unicode regexp fixes in MSXML.
+  - IME improvements in Edit control.
+  - Various bug fixes.
+- update staging to 7.16 release
+
+- updated to 7.15 development release
+  - Command lists in Direct2D.
+  - RSA encryption.
+  - Initial Wow64 thunking in WIN32U.
+  - Optional support for colors in test output.
+  - Various bug fixes.
+- update staging to 7.15 release
+
+- updated to 7.14 development release
+  - More progress on syscall interface for USER32.
+  - Improved font fallbacks in DirectWrite.
+  - Some fixes for socket shutdowns.
+  - Various bug fixes.
+- update staging to 7.14 release
+
+- updated to 7.13 development release
+  - Gecko engine updated to version 2.47.3.
+  - USB driver converted to PE.
+  - Some theming improvements.
+  - Various bug fixes.
+- update staging to 7.13 release
+
+- libcapi20-devel currently only for tumbleweed
+
+- updated to 7.12 development release
+  - Theming support for Qt5 applications.
+  - Bundled vkd3d upgraded to version 1.4.
+  - Improved effect support in Direct2D.
+  - QWORD support in registry tools.
+  - Various bug fixes.
+- update staging to 7.12 release
+
+- updated to 7.11 development release
+  - Android driver converted to PE.
+  - Zero-copy support with GStreamer.
+  - High Unicode planes support in case mappings.
+  - Various bug fixes.
+- update staging to 7.11 release
+
+- updated to 7.10 development release
+  - macOS driver converted to PE.
+  - Mono engine updated to version 7.3.0.
+  - Windows-compatible Unicode collation.
+  - Wow64 support in SECUR32.
+  - Various bug fixes.
+- update staging to 7.10 release
+
+- updated to 7.9 development release
+  - Preliminary work towards PE conversion of macOS driver.
+  - A number of fixes for test failures on Windows.
+  - Various bug fixes.
+- update staging to 7.9 release
+
+- updated to 7.8 development release
+  - X11 and OSS drivers converted to PE.
+  - WoW64 support in the sound drivers.
+  - Number formatting using the new locale database.
+  - Various bug fixes.
+- update staging to 7.8 release
+
+- updated to 7.7 development release
+  - More progress on the PE conversion of the X11 and OSS drivers.
+  - Support for UTF-8 as default Ansi codepage.
+  - Theming support for control panel applets.
+  - Various bug fixes.
+- update staging to 7.7 release
+
+- Fix build on aarch64 - boo#1197233
+
+- Reenable support for capi
+
+- updated to 7.6 development release
+  - Mono engine updated to version 7.2.0.
+  - More progress on the PE conversion of graphics drivers.
+  - Locale support using the new CLDR-based database.
+  - Various bug fixes.
+- update staging to 7.6 release
+
+- updated to 7.5 development release
+  - ALSA driver converted to PE.
+  - Locale database generated from Unicode CLDR.
+  - HLSL compiler support with the bundled vkd3d.
+  - Initial support for the OCSP protocol.
+  - More cleanups to support 'long' type.
+  - Various bug fixes.
+- update staging to 7.5 release
+
+- updated to 7.4 development release
+  - 'Light' theme enabled by default.
+  - Bundled vkd3d library.
+  - WineD3D, D3D12 and DXGI modules converted to PE.
+  - More large scale cleanups to support 'long' type.
+  - Various bug fixes.
+- update staging to 7.4 release
+
+- updated to 7.3 development release
+  - More large scale cleanups to support 'long' type.
+  - Proper support for API sets.
+  - Progress on the PE conversion of USER32 and WineALSA.
+  - A number of HID joystick fixes.
+  - Various bug fixes.
+- update staging to 7.3 release
+
+- updated to 7.2 development release
+  - Large scale cleanup to support 'long' type with MSVCRT.
+  - Mono engine updated to version 7.1.1.
+  - More theming fixes in common controls.
+  - Beginnings of a WMA decoder.
+  - Support for 64-bit time_t.
+  - Various bug fixes.
+- update staging to 7.2 release
+
+- updated to 7.1 development release
+  - Vulkan 1.3 support.
+  - A number of theming fixes.
+  - WebSocket improvements.
+  - Improved cursor clipping on macOS.
+  - IDL compiler fixes for C++.
+  - Various bug fixes.
+- update staging to 7.1 release
+
wine:staging
+- Updated to 8.0 release
+  - see all lower entries for major changes, also the ANNOUNCE file
+- update staging to 8.0 release
+
+- updated to 8.0 rc5 release candidate
+  - Bug fixes only, we are in code freeze.
+- update staging to 8.0 rc5 release
+
+- updated to 8.0 rc4 release candidate
+  - Bug fixes only, we are in code freeze.
+- update staging to 8.0 rc4 release
+
+- updated to 8.0 rc3 release candidate
+  - Bug fixes only, we are in code freeze.
+- updated to 8.0 rc2 release candidate
+  - Bug fixes only, we are in code freeze.
+- update staging to 8.0 rc3 release
+
+- updated to 8.0 rc1 release candidate
+  - Bundled vkd3d upgraded to version 1.6.
+  - Vulkan and OpenGL thunking optimizations.
+  - More support for print processors.
+  - Improved joystick control panel.
+  - Long types printf format conversion finished.
+  - Various bug fixes.
+- update staging to 8.0 rc1 release
+
+- updated to 7.22 development release
+  - 32-on-64 thunks for both Vulkan and OpenGL.
+  - OpenLDAP library bundled and built as PE.
+  - Support for the RAW print processor in WinPrint.
+  - More progress on the long types printf format conversion.
+  - Various bug fixes.
+- update staging to 7.22 release
+- mark bundled libraries with Provides: bundled(name) = version
+
+- Reenable parallel build again as the buildsystem got fixed
+
+- Fix aarch64 file list
+
+- updated to 7.21 development release
+  - OpenGL library converted to PE.
+  - Support for multi-architecture PE builds.
+  - More preparation work for Vulkan 32-on-64 support.
+  - Support for creating import libraries without dlltool.
+  - Locale data updates.
+  - Various bug fixes.
+- update staging to 7.21 release
+
+- updated to 7.20 development release
+  - Mono engine updated to version 7.4.0.
+  - Font linking improvements.
+  - A number of fixes for exception unwinding.
+  - Support for dumping EMF spool files in WineDump.
+  - Various bug fixes.
+- update staging to 7.20 release
+
+- updated to 7.19 development release
+  - Support for storing DOS attributes on disk.
+  - Bundled vkd3d upgraded to version 1.5.
+  - Support for MPEG-4 audio format.
+  - Various bug fixes.
+- update staging to 7.19 release
+
+- updated to 7.18 development release
+  - Character tables updated to Unicode 15.0.0.
+  - Wow64 support in the macOS driver.
+  - Async reader fixes in GStreamer support.
+  - Various bug fixes.
+- update staging to 7.18 release
+
+- updated to 7.17 development release
+  - High Unicode planes support in DirectWrite.
+  - Some work towards Wow64 support in the Vulkan driver.
+  - Various bug fixes.
+- update staging to 7.17 release
+
+- updated to 7.16 development release
+  - Wow64 support in X11 driver.
+  - Session storage in MSHTML.
+  - Unicode regexp fixes in MSXML.
+  - IME improvements in Edit control.
+  - Various bug fixes.
+- update staging to 7.16 release
+
+- updated to 7.15 development release
+  - Command lists in Direct2D.
+  - RSA encryption.
+  - Initial Wow64 thunking in WIN32U.
+  - Optional support for colors in test output.
+  - Various bug fixes.
+- update staging to 7.15 release
+
+- updated to 7.14 development release
+  - More progress on syscall interface for USER32.
+  - Improved font fallbacks in DirectWrite.
+  - Some fixes for socket shutdowns.
+  - Various bug fixes.
+- update staging to 7.14 release
+
+- updated to 7.13 development release
+  - Gecko engine updated to version 2.47.3.
+  - USB driver converted to PE.
+  - Some theming improvements.
+  - Various bug fixes.
+- update staging to 7.13 release
+
+- libcapi20-devel currently only for tumbleweed
+
+- updated to 7.12 development release
+  - Theming support for Qt5 applications.
+  - Bundled vkd3d upgraded to version 1.4.
+  - Improved effect support in Direct2D.
+  - QWORD support in registry tools.
+  - Various bug fixes.
+- update staging to 7.12 release
+
+- updated to 7.11 development release
+  - Android driver converted to PE.
+  - Zero-copy support with GStreamer.
+  - High Unicode planes support in case mappings.
+  - Various bug fixes.
+- update staging to 7.11 release
+
+- updated to 7.10 development release
+  - macOS driver converted to PE.
+  - Mono engine updated to version 7.3.0.
+  - Windows-compatible Unicode collation.
+  - Wow64 support in SECUR32.
+  - Various bug fixes.
+- update staging to 7.10 release
+
+- updated to 7.9 development release
+  - Preliminary work towards PE conversion of macOS driver.
+  - A number of fixes for test failures on Windows.
+  - Various bug fixes.
+- update staging to 7.9 release
+
+- updated to 7.8 development release
+  - X11 and OSS drivers converted to PE.
+  - WoW64 support in the sound drivers.
+  - Number formatting using the new locale database.
+  - Various bug fixes.
+- update staging to 7.8 release
+
+- updated to 7.7 development release
+  - More progress on the PE conversion of the X11 and OSS drivers.
+  - Support for UTF-8 as default Ansi codepage.
+  - Theming support for control panel applets.
+  - Various bug fixes.
+- update staging to 7.7 release
+
+- Fix build on aarch64 - boo#1197233
+
+- Reenable support for capi
+
+- updated to 7.6 development release
+  - Mono engine updated to version 7.2.0.
+  - More progress on the PE conversion of graphics drivers.
+  - Locale support using the new CLDR-based database.
+  - Various bug fixes.
+- update staging to 7.6 release
+
+- updated to 7.5 development release
+  - ALSA driver converted to PE.
+  - Locale database generated from Unicode CLDR.
+  - HLSL compiler support with the bundled vkd3d.
+  - Initial support for the OCSP protocol.
+  - More cleanups to support 'long' type.
+  - Various bug fixes.
+- update staging to 7.5 release
+
+- updated to 7.4 development release
+  - 'Light' theme enabled by default.
+  - Bundled vkd3d library.
+  - WineD3D, D3D12 and DXGI modules converted to PE.
+  - More large scale cleanups to support 'long' type.
+  - Various bug fixes.
+- update staging to 7.4 release
+
+- updated to 7.3 development release
+  - More large scale cleanups to support 'long' type.
+  - Proper support for API sets.
+  - Progress on the PE conversion of USER32 and WineALSA.
+  - A number of HID joystick fixes.
+  - Various bug fixes.
+- update staging to 7.3 release
+
+- updated to 7.2 development release
+  - Large scale cleanup to support 'long' type with MSVCRT.
+  - Mono engine updated to version 7.1.1.
+  - More theming fixes in common controls.
+  - Beginnings of a WMA decoder.
+  - Support for 64-bit time_t.
+  - Various bug fixes.
+- update staging to 7.2 release
+
+- updated to 7.1 development release
+  - Vulkan 1.3 support.
+  - A number of theming fixes.
+  - WebSocket improvements.
+  - Improved cursor clipping on macOS.
+  - IDL compiler fixes for C++.
+  - Various bug fixes.
+- update staging to 7.1 release
+
wlroots
+- Remove libcap build option. It's not used since 0.11.0:
+  https://github.com/swaywm/wlroots/pull/2140
+- Fix x11 backend option: x11_backend is actually x11-backend
+
wp-cli
+- Update to version 2.7.1
+  * Avoid deleting TinyMCE themes/plugins by using more precise check
+  * Support for docker-compose run
+  * Customizable global parameters
+  * Download WordPress Core files without extracting them
+  * Directly install a specific locale
+  * Clean duplicate meta values
+  * Multiple changes to the i18n support
+  * PHP 8.1 Support
+  * New commands for managing application passwords
+  * New global flag: --context
+  * Configurable WP-CLI cache settings
+  * Use custom names/locations for the wp-config.php file
+  * Generate a dotenv file from your existing wp-config.php file
+  * Allow plugin/theme enumeration without forcing an update check
+  * New flag --strict for adapting the filtering of taxonomies by post type
+
xdg-user-dirs
+- Add patch to provide a systemd user service
+  (gh#systemd/systemd#18791, boo#1201728):
+  * 0001-Add-a-systemd-service-to-run-xdg-user-dirs-update.patch
+
+- update to 0.18:
+  + Fixed minor leak
+  + Updated translations
+  + Documentation fixes
+
+- Remove obsolete translation-update-upstream support
+  (jsc#SLE-21105).
+
+- No longer recommend -lang: supplements are in use.
+
+- update to 0.17:
+  + Respect $HOME in favor of getpwuid()
+  + Updated translations
+  + Documentation spelling fixes
+
-- Update to version 0.14:
-  + Fix permissions of ~/.config if created (should be 0700)
-  + Updated translations
-
-- Added support for translation-update-upstream.
-
-- Update to version 0.13:
-  + Fix a memleak
-  + Updated translations
-
-- Update to version 0.12:
-  + Updated translations
-- Changes from version 0.11:
-  + Switch DOWNLOAD default to "Downloads" instead of "Download" to
-    to match the other names
-  + Fix bashisms in xdg-user-dirs
-  + Updated translations
-- Use spec-cleaner to clean the spec file.
-- Drop sr-latin-rename.diff and instead rename the .mo file after
-  the "make install" call.
-- Do not package empty TODO file.
-
-- sr@Latn -> sr@latin
-
xen
+- bsc#1208286 - VUL-0: CVE-2022-27672: xen: Cross-Thread Return
+  Address Predictions (XSA-426)
+  63ebca9c-x86-spec-ctrl-Mitigate-Cross-Thread-Return-Address-Predictions.patch
+
+- bsc#1205792 - Partner-L3: launch-xenstore error messages show in
+  SLES15 SP4 xen kernel.
+  63e4da00-dont-log-errors-when-trying-to-load-PVH-xenstore-stubdom.patch
+
+- bsc#1026236 - tidy/modernize patch
+  xen.bug1026236.suse_vtsc_tolerance.patch
+
+- Upstream bug fixes (bsc#1027519)
+  63c05478-VMX-calculate-model-specific-LBRs-once.patch
+  63c05478-VMX-support-CPUs-without-model-specific-LBR.patch
+- bsc#1207544 - VUL-0: CVE-2022-42330: xen: Guests can cause
+  Xenstore crash via soft reset (XSA-425)
+  xsa425.patch ->
+  63d24e91-tools-xenstore-revert-simplify-loop-handling.patch
+
+- bsc#1207544 - VUL-0: CVE-2022-42330: xen: Guests can cause
+  Xenstore crash via soft reset (XSA-425)
+  xsa425.patch
+
+- Upstream bug fixes (bsc#1027519)
+  63a03e28-x86-high-freq-TSC-overflow.patch
+
xfce4-datetime-plugin
+- Update to version 0.8.3
+  * Translation Updates
+
-- add dependency on exo-tools since exo-open is used
-
xfce4-notifyd
+- Update to 0.8.0:
+  * Notification windows don't need to be override-redirect
+  * Reposition notifications when workarea changes
+  * Add setting to allow ignoring app-specified expire timeout
+  * Add setting to never expire notifications
+  * Update log viewer in settings when log changes on disk
+  * Fix one more unnecessary full count of unread messages
+  * Update log entry icons when marking all read
+  * Remove unused var
+  * Use new unread emblem for icons in log
+  * Stop checking if there are unread notifications as often
+  * Improve the panel icon when there are unread notifications
+  * Make the log max size a little friendlier
+  * Remove warning about high log size limit
+  * Add ability to mark individual log entries read
+  * Add emblem to icon of unread messages in log
+  * Make migrating the old log file more robust
+  * Remove bool returns from the log write functions
+  * Improve unread handling
+  * Make max-log-size option work again
+  * Add missing finalize for 'delete all' sqlite statement
+  * Implement progressive loading for log viewer
+  * Move log viewer to its own widget/file
+  * Add options for what to do when opening the plugin menu
+  * Add option to only show unread notifications in plugin menu
+  * Reduce some error-checking boilerplate
+  * Glade-ify the plugin settings dialog
+  * Queue writes to sqlite database
+  * settings: don't bail if libnotify init fails
+  * Fix deprecated unitless font-size in ZOMG-PONIES! theme
+  * Rearrange settings dialog
+  * Add ability to delete individual log entries
+  * Update my copyright & email
+  * Add timestamp formatting options
+  * Clean up extraneous things in settings glade file
+  * Add "Mark All Read" button to settings and panel plugin
+  * Move notification log to sqlite
+  * Set default debug based on git/not-git
+  * Remove configure.ac from gitignore
+  * Eliminate need for pre-processed configure.ac.in
+  * Translation Updates
+
+- Update to 0.7.3:
+  * Add timestamp to log entries in settings and plugin menu
+  * Update description text of apps panel in settings
+  * Change text of option to "Allow urgent notifications"
+  * Add panel plugin setting for log icon size in menu
+  * Make it easier to add things to the panel plugin settings
+  * Fix possible segfault when counting apps frequency in log
+  * Clean and DRY up the log population code
+  * Fix panel plugin menu icon blurriness when UI scale > 1
+  * Update XfceNotifyDaemon header comment
+  * Translation Updates
+
+- Update to 0.7.2:
+  * Fix sound proplist memleak when notification isn't shown
+  * Improve sorting in known apps list of settings
+  * Add extra margin in the known app settings
+  * Fix word casing in known app settings
+  * Add ability to exclude specific applications from log
+  * Better, non-quadratic algo for xfce_notify_count_apps_in_log()
+  * Plug memleak in notify_get_from_desktop_file()
+  * Redesign the known apps panel a bit
+  * Remove a few more GTK_CHECK_VERSION call sites
+  * Avoid use-after-free when deleting known app
+  * Improve algo for finding desktop file for known app name
+  * Improve icon loading for known apps list
+  * Don't set invalid icon name in known apps list
+  * Translation Updates
+
+- Update to 0.7.1:
+  * Fix incorrect usage of XDT_CHECK_OPTIONAL_PACKAGE
+  * Properly validate markup
+  * Update glade file to remove use of deprecated properties
+  * Support the 'action-icons' hint
+  * Add support for notification sounds
+  * Clean up notification ID storage
+  * Return replaces_id if provided
+  * Remove xfconf prop name define duplication
+  * Add ability to disallow certain apps to send critical notifications
+  * Add a context menu that allows individual known application deletion
+  * Fix a slide-out loop when the mouse pointer is in the way
+  * Add option to hide panel button when no unread notifications
+  * Remove more pre-GTK-3.22 guards
+  * Bump GTK minimum to 2.22 and remove/ifdef X11-isms
+  * Support Wayland
+  * Don't set a nonsensical icon name
+  * Clean up xfce_notify_window_set_icon_pixbuf()
+  * xfce_notify_window_set_icon_pixbuf() shouldn't take ownership
+  * Move urgency hint fetch inside check for correct type
+  * DRY up the configuration handling
+  * Add pref to show summary & body with gauge values
+  * Update glade file to latest version
+  * settings: Disable single click to mute apps
+    (gxo#apps/xfce4-notifyd#5)
+  * Do not treat zero expiration time as urgent
+  * Add compile_flags.txt generation
+  * Fix incorrect icon name for preview notification
+  * Fix blurry icons when UI scale factor > 1
+  * build: Let xdt-depends.m4 macros set GLib macros
+  * Translation Updates
+
xfce4-panel
+- Ensure statusnotifier plugin is fully usable with appindicators
+
+- Update to version 4.18.2
+  * directorymenu: Add missing sanity check
+  * panel: Properly handle null string as property default value
+  * Revert "Use RGBA visual only if compositing is enabled (Fixes
+    gxo#xfce/xfce4-panel#251)" (gxo#xfce/xfce4-panel#672)
+  * Revert "systray: Do not require compositing to be enabled to
+    use RGBA visual"
+  * systray: Fix blurry icons in prefs dialog when UI scale > 1
+  * launcher: Fix blurry icons in prefs and add dialogs when UI
+    scale > 1
+  * launcher: Use GIcon for the tooltip icon (gxo#xfce/xfce4-panel#674)
+  * pager: Use WnckHandle if available (gxo#xfce/xfce4-panel#695)
+  * Translation Updates
+
+- Update to version 4.18.1
+  * Update copyright year
+  * clock: Add missing sanity check
+  * clock: Do not override custom font formats
+  * clock: Fix sync timeout
+  * docs: Fix version for xfce_panel_set_image_from_source()
+  * libxfce4panel: Deprecate XfcePanelImage
+  * tasklist: Adapt wnck default icon size when UI scale > 1
+    (gxo#xfce/xfce4-panel#681)
+  * tasklist: Do not duplicate menu item activation
+  * tasklist: Fix group button visibility
+  * tasklist: Fix scrolling through window buttons (gxo#xfce/xfce4-panel#692)
+  * tasklist: Fix window count positioning when UI scale > 1
+  * tasklist: Keep icon pixbuf around and use surface also for menu items
+  * windowmenu: Adapt wnck default icon size when UI scale > 1
+    (gxo#xfce/xfce4-panel#682)
+  * Translation Updates
+
+- Update to version 4.18.0
+  * Bump requirements for Xfce 4.18
+  * Translation Updates
+
xfce4-power-manager
+- Update to version 4.18.1
+  * Update copyright year
+  * Use XfceScreensaver from Libxfce4ui (!33)
+  * screensaver: Fall back on lock command if D-Bus call failed (#142, !24)
+  * panel-plugin: Properly disconnect signal handler
+  * build: Fix autotools warnings
+  * Fix management of source ids
+  * panel-plugin: Add missing ref on image
+  * Fix blurriness in icons when UI scale factor > 1 (!30)
+  * Translation Updates
+
+- Update to version 4.18.0
+  * Bump requirements for Xfce 4.18
+  * Translation Updates
+- Remove inhibit_dpms.patch
+- Update to version 4.17.1
+  * Bump copyright year to 2022
+  * Do not include `config.h` in headers
+  * autoconf: Use AC_CONFIG_MACRO_DIRS
+- Update to version 4.17.0
+  * Allocate dynamic memory to `what` so that it can be `g_free`d later
+  * Connect to polkit signal via GDBusProxy generic signal
+  * Do not log a warning about expected behavior
+  * Fix compilation warnings
+  * Fix icon name in autostart launcher
+  * Fix intltool lock file bug in make distcheck
+  * Fix memory corruption due to incorrect g_ptr_array usage
+  * Fix memory leak and make `while` more efficient
+  * Fix missing-prototypes
+  * Fix va_args usage in get_device_icon_name
+  * Free `eggalarm` after its last use
+  * Increase sleep timeout to 6hrs (gxo#xfce/xfce4-settings#80)
+  * Inhibit DPMS when getting power inhibit request.
+  * Lower minimum inactivity to 5 minutes
+  * Remove GSourceFunc casts
+  * Remove a floating reference
+  * Revert "Lower minimum inactivity to 5 minutes"
+  * Translation Updates
+  * automake: Enable subdir-objects
+  * backlight: always update notification
+  * panel-plugin: Switch percentage and time
+  * remove unused variable show_presentation_indicator
+  * settings: Revert type hint change
+
xfce4-screensaver
+- Migration of PAM settings to /usr/lib/pam.d.
+
xfce4-screenshooter
-- update to 1.10.0:
+- Update to 1.10.3
+  * Lower minimal Xfce dependencies back to 4.16
+  * Remove fallback code
+
+- update to 1.10.2:
+  * Fix capture of CSD windows
+  * Fix active window and region capture modes
+  * Consider scale factor while capturing screenshots with cairo
+  * Support libsoup2 and 3 simultaneously
+  * save dialog: show preview of selected file
+  * Save preferences of panel plugin
+  * Translation Updates
+
+- Update to version 1.10.1:
+  * Fixes capture of screenshots after first time (gxo#apps/xfce4-screenshoter#89)
+  * libsoup: Migrate to 3.0 (gxo#apps/xfce4-screenshoter#88)
+  * Fix typo in NEWS file
+  * Translation Updates
+
+- Update to version 1.10.0:
+  * Bump requirements for Xfce 4.18
-  * Bump dependencies
-  * Translation Updates:
-  Albanian, Arabic, Armenian (Armenia), Basque, Belarusian, Bulgarian,
-  Catalan, Chinese (China), Chinese (Taiwan), Croatian, Czech, Danish,
-  Dutch, Eastern Armenian, English (Australia), English (United
-  Kingdom), Estonian, Finnish, French, Galician, Georgian, German,
-  Greek, Hebrew, Hungarian, Icelandic, Indonesian, Interlingue,
-  Italian, Japanese, Kazakh, Korean, Lithuanian, Malay, Norwegian
-  Bokmål, Occitan (post 1500), Persian (Iran), Polish, Portuguese,
-  Portuguese (Brazil), Russian, Serbian, Slovak, Slovenian, Spanish,
-  Swedish, Thai, Turkish, Ukrainian
+  * Translation Updates
xfce4-session
+- Update to version 4.18.1
+  * Update copyright year
+  * Fix bus name acquisition/ownership (#54, !34)
+  * Use XfceScreensaver from Libxfce4ui (!35)
+  * build: Fix previous commit
+  * build: Fix autotools warnings
+  * Avoid duplicating directories in the tail of $XDG_* envs (#111, !21)
+  * settings: Fix memory leak
+  * libxfsm: Fix wrong return value
+  * Fix memory leaks when opening xfce4-session-settings
+  * Fix blurry session snapshots (!33)
+  * Fix blurry icons in autostart tab when UI scale > 1 (!33)
+  * build: Fix GTK deprecation warnings (!32)
+  * build: Fix some other GDK deprecation warnings (!32)
+  * build: Fix gdk_error_trap_push/pop() deprecation warnings (!32)
+  * build: Let xdt-depends.m4 macros set GLib macros (!32)
+  * build: Remove GDK_VERSION_MIN_REQUIRED/MAX_ALLOWED (!32)
+  * Make use of translations for run hooks (Fixes #156)
+  * Translation Updates
+- Regenerate xfce4-session-adapt-session-scripts-git.patch and
+  xfce4-session-adapt-session-scripts.patch
+- Remove two stray comments about add-light-locker-support patches
+
+- Update to version 4.18.0
+  * Bump requirements for Xfce 4.18
+  * Translation Updates
+- Remove add-light-locker-support-git.patch and add-light-locker-support.patch
+- Update to version 4.17.2
+  * logout-dialog: New Xfconf property "ShowSave" (!29)
+  * bump copyright year to 2022
+- Update to version 4.17.1
+  * Translation Updates
+- Update to version 4.17.0
+  * settings: Revert type hint change
+  * Check getgrgid(3) return value to avoid crash
+  * build: Fix intltool lock file problem during make distcheck
+  * Remove pre-defined lockers
+  * Refresh list of screensavers (#17)
+  * Do not mind output of screensaver, if successful
+  * Run custom command in a separate shell
+  * Avoid extra pause by redirecting stdin
+  * Update COPYING
+  * Increase switch user timeout (!25)
+  * xflock4: Apply initial delay before running a screensaver/locker (#29)
+  * xflock4: Update copyrights
+  * xflock4: make the script executable
+  * Add labels to inline toolbar buttons
+  * Use correct icon for Close button
+  * Translation Updates
+
xfce4-settings
+- Update to version 4.18.2
+  * Update copyright year
+  * mime-settings: Increase dialog size (!96)
+  * display: fix blurry 'help' indicator on output (#400, !95)
+  * display: fix blurry icon in profiles treeview
+  * display: fix blurry icons in minimal display settings dialog
+  * mime: fix blurry icons in default app menus
+  * mouse: fix blurriness in cursor theme previews
+  * appearance: fix blurry subpixel antialias icons
+  * appearance: fix blurry icon theme previews
+  * xfsettingsd: Make xsettings.xml well-formed (Fixes #431, !94)
+  * xfsettingsd: Remove duplicated config line (Fixes #425)
+  * Translation Updates
+
+- Update to version 4.18.1
+  * xfsettingsd: Make CSD (client side decorations) for dialogs opt-in
+  * Translation Updates
+
-  * Translation Updates:
-  Hungarian, Lithuanian, Russian, Swedish, Turkish
-  * Translation Updates:
-  * Chinese
-  * Revert "Escape characters which do not belong into an URI/URL (Issue
-  * #390)"
+  * Revert "Escape characters which do not belong into an URI/URL
+    (gxo#xfce/xfce4-settings#390)
-  * Revert "keyboard: Correctly initialize setting (Fixes #310)"
+  * Revert "keyboard: Correctly initialize setting (gxo#xfce/xfce4-settings#310)"
-  * Fix typo
-  * Translation Updates:
-  Albanian, Arabic, Armenian (Armenia), Asturian, Basque, Belarusian,
-  Belarusian (Tarask), Bengali, Bulgarian, Catalan, Chinese (China),
-  Chinese (Hong Kong), Chinese (Taiwan), Croatian, Czech, Danish,
-  Dutch, Eastern Armenian, English (Australia), English (Canada),
-  English (United Kingdom), Estonian, Finnish, French, Galician,
-  Georgian, German, Greek, Hebrew, Hungarian, Icelandic, Indonesian,
-  Interlingue, Italian, Japanese, Kabyle, Kazakh, Korean, Lithuanian,
-  Malay, Norwegian Bokmål, Norwegian Nynorsk, Occitan (post 1500),
-  Polish, Portuguese, Portuguese (Brazil), Romanian, Russian, Serbian,
-  Slovak, Slovenian, Spanish, Swedish, Thai, Turkish, Ukrainian, Uyghur
+  * Translation updates
xfce4-systemload-plugin
+- Add convert-gulong.patch to avoid an otherwise impossible
+  conversion on i586.
+
+- update to 1.3.2:
+  * Remove code obsoleted by libxfce4util-4.17.2
+  * Fix GLib warnings occurring with newer xfce4-dev-tools
+  * Fix intltool lock file bug in make distcheck
+  * Code cleanup: Update variable declarations, extend maximum line length
+  * Code cleanup: Replace gboolean with bool where possible
+  * Code cleanup: Remove void from
+  * Code cleanup: Remove typedef keywords
+  * Add BSD-2 license badge to README
+  * Rename all files from C to C++
+  * Bump required Xfce4 libs from 4.12 to 4.16
+  * Update copyright notices, copyright years and author emails
+  * Cleanup Makefile.am
+  * Update configure.ac.in syntax
+  * Document rgba_equal() function
+  * Don't save default colors to Xfconf configuration file
+  * Move swap to be next to mem
+  * Update default colors
+  * Decouple the program order from the visual order of monitors
+  * Bump required XDT version to 4.14
+  * Avoid G_GNUC_FALLTHROUGH to enable compilation with GLib earlier than
+    2.60
+  * Translation Updates:
+  Albanian, Arabic, Basque, Belarusian, Bulgarian, Catalan, Chinese
+  (China), Chinese (Taiwan), Croatian, Czech, Danish, Dutch, Eastern
+  Armenian, English (Australia), English (Canada), English (United
+  Kingdom), Estonian, Finnish, French, Galician, German, Greek, Hebrew,
+  Hungarian, Icelandic, Indonesian, Interlingue, Italian, Japanese,
+  Korean, Lithuanian, Malay, Norwegian Bokmål, Occitan (post 1500),
+  Polish, Portuguese, Russian, Serbian, Slovak, Slovenian, Spanish,
+  Swedish, Thai, Turkish, Ukrainian, Uyghur
+
-- Add xfce4-panel-plugin-systemload-upower-0.99.patch in order to
-  support upower >= 0.99 (bxo#10923)
-
xfce4-taskmanager
+- Update to version 1.5.5
+  * Bump requirements for Xfce 4.18
+  * Stick process view at the top in the absence of user action
+  * Get rid of GtkHeaderBar
+  * Translation Updates
+
-- update to version 1.0.1
-  - add "Run Task Manager as root" item in "Execute" menu
-  - add a menu position function
-  - fix shell substitution for Korn Shell (ksh)
-  - set monitor's background box use the prelight state
-  - remove quit tool button
-  - OpenBSD removed KERN_PROC2/KINFO_PROC2 some months ago.
-  - translation updates
-
xfce4-whiskermenu-plugin
+- Update to version 2.7.2
+  * Fix missing version number
+  * Fix memory leak when adding launchers to panel
+  * Fix skipping first treeview item when switching modes
+  * Fix clipping when changing application icon size
+  * Fix missing NULL checks with String class
+  * Use Thunar for adding launchers to desktop
+  * Translation Updates
+
xfconf
+- Update to version 4.18.0
+  * Bump requirements for Xfce 4.18
+  * xfconf: Prevent Use-After-Free in GClosureNotify
+
xfdesktop
+- Update to version 4.18.1:
+  * Load removable volume information asynchronously
+  * Fix apps menu not popping up when menu icons disabled
+  * Translation Updates
+
+- Rebase xfdesktop-default-background-image.patch for Xfce 4.18
+- Add *.svg wallpapers to the file list
+
+- Update to version 4.18.0
+  * Bump requirements for Xfce 4.18
+  * Add wallpapers of Xfce 4.18 wallpaper contest
+  * Delete" menu entry in the context menu can now be hidden.
+  * On pressing 'rearrange desktop icons', the user is asked for confirmation
+  * Translation Updates
+  * For the complete list of changes from the development branch 4.17 please
+    see the packaged NEWS file
+- Removed unused _service file
+
xfwm4
+- Update version to 4.18.0
+  * Bump requirements for Xfce 4.18
+  * Added functionality to move window to another monitor
+  * Added radio buttons and checkboxes to window menu
+  * bump copyright to 2022
+  * Change dialog help and close button icons
+  * cleanup: Don't use parenthesis when returning constants
+  * client: Do not hide transients for group if above
+  * client: Fix
+  * client: Get the GdkDisplay from ScreenInfo
+  * client: Handle removal of GTK_FRAME_EXTENTS
+  * client: Move getSizeExcludingMargins()
+  * client: No need to always reconfigure on monitor change
+  * client: Preserve saved position on monitor change
+  * client: Toggle from partial maximization to unmaximize
+  * client: Update workarea only for windows with struts
+  * client.c: fix a little typo
+  * client.h: move STRUTS_SIZE to hints.h
+  * common: xfwm_get_monitor_geometry() report fail via return code, fix potential NULL
+  * compositor: Add support for adaptive vsync with GLX
+  * compositor: Add throttled repaint
+  * compositor: Clear root backing pixmap before use
+  * compositor: Damage window when adding the opaque region
+  * compositor: Disable GLX on mutli-screen (Zaphod)
+  * compositor: Disable GLX vblank with virgl
+  * compositor: Do not clear timeout on retry
+  * compositor: Do not set deprecated compositor selection
+  * compositor: fix ifdef
+  * compositor: fix printf format strings
+  * compositor: Fix repaint timeout
+  * configure.ac.in: configure option to enable poswin
+  * configure.ac.in: drop obsolete check for libSM
+  * configure.ac.in: drop unused HAVE_CYGWIN conditional
+  * configure.ac.in: fix obsolete AC_HEADER_STDC / obsolete checks
+  * configure.ac.in: replace obsolete AC_HELP_STRING
+  * display: check for XResQueryClientIds to enable XRes extension.
+  * drop obsolete and unsupported KDE systray protocol
+  * Drop subtitle and use symbolic close icon
+  * Drop subtitle from workspace settings dialog
+  * Fix build warnings
+  * Fix intltool lock file bug in make distcheck
+  * focus: Check for user focus for when passing focus
+  * focus: Fix focus being lost on workspace switch
+  * gitignore: add files generated by distcheck
+  * icons: Check XGetGeometry() appropriate return value
+  * icons: Gracefully handle non-existent icons
+  * Make workspace setting workable with other window managers
+  * Makefile.am: remove stale intltool-merge lockfile
+  * menu: Small code cleanup
+  * Merge branch 'drsudo/xfwm4-layerRadioBox'
+  * netwm: Do not use _NET_WM_PING in multi-screen
+  * netwm: Fix clientValidateNetStrut()
+  * netwm.c: simplify and optimize struts array
+  * placement: Add new function to compute the max space available
+  * placement: Auto-maximize windows with both width and height
+  * placement: clientMaxSpace() drop unused variable
+  * placement: Compute struts using output scale
+  * placement: Factorize max space computation
+  * placement: Fix the initial position
+  * placement: Ignore struts from windows on other monitors
+  * placement: Remove the "same monitor" param
+  * placement: Restack fullscreen window when necessary
+  * placement: Small cleanup
+  * placement: Use a GdkRectangle instead of multiple coords
+  * placement: Windows on different screens cannot overlap
+  * Post release tag bump
+  * poswin: Fix location with client-side decorations
+  * Remove redundant code
+  * Replace stock icons
+  * screen: Add a new API to get the screen max space
+  * settings-dialogs: Remove ENABLE_NLS ifdefs
+  * settings: Enable either windows wrap or tiling
+  * settings: Fix untranslatable string
+  * stacking: Above goes on top of fullscreen
+  * startup-notification: Fix timeout computation
+  * startup-notification: Reduce timeout to 10 seconds
+  * Translation Updates
+  * ui_style: drop unused getUIPangoContext()
+  * updated NEWS
+  * Use symbolic icons
+  * wireframe: add window class hint to wireframes
+  * workspace: Update maximized on struts change
+  * xfce-wm-menu.png: Fix the 22x22 icon size
+
xlockmore
+- Migration of PAM settings to /usr/lib/pam.d.
+
xreader
+- Update to version 3.4.5
+  * Allow adding Highlight annotations from text selection
+  * Search: Add a close button
+  * l10n: Update translations
+  * epub: Fix index loading for certain documents - look for epub:type instead of epub:id.
+  * epub: Free the document when we leave early because of a bad toc file.
+
+- Update to version 3.3.0
+  * Thumbnailer: Remove epub support, it's handled by xapp-epub-thumbnailer.
+
+- Removed unused -Dbus option.
+
+- Update to version 3.2.2.
+  * l10n: Update translations
+- Update to version 3.2.1
+  * Gsettings: Remove state schema reference
+- Update to version 3.2.0
+  * Add an option to hide the menu bar
+  * Make show-toolbar a global setting
+  * Update the README. (#498)
+  * window: Don't show any toolbar in fullscreen
+  * rtl: Fix arrow key navigation in mangas
+  * metadata: Save the number of pages
+  * Remove landing view
+  * l10n: Update POT
+- Update to version 3.0.2
+  * l10n: Update translations
+- Update to version 3.0.1
+  * annotation icons added (#491)
+  * attachment popup fix (#492)
+  * l10n: Update translations
+
+- Update to version 3.0.0.
+  * Fixes #457. Allows space bar to scroll document forward
+  * Move metadata to non-legacy path
+  * Fixes #463. Moves annotations below the text.
+  * packaging: Fix metadata location.
+  * Fixes #473. Jump to Page functionality
+  * enter event on presentation mode
+  * readme updated
+  * show the total number of words matching the search result
+  * fix segfault in epub backend when opening a filename containing a hash
+  * epub: Fix unescaping of '#' (#487)
+  * control+f and space behaviours fixed in search bar (#488)
+  * Fix grammar error spotted by lintian (#489)
+  * l10n: Don't include gsettings schema in translations
+  * l10n: Update POT
+
xxhash
+- Use gcc9 in SLE since otherwise gcc7 fails to build in ppc64le
+
yast2-packager
+- Fixed a crash when selecting depending products (bsc#1208421)
+- 4.5.16
+
+- Ruby 3.2: Change a test to treat dir:///foo equal to dir:/foo
+  (bsc#1207239)
+- 4.5.15
+
yast2-trans
+- Update to version 84.87.20230211.83e08d8766:
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * New POT for text domain 'iscsi-client'.
+  * New POT for text domain 'control'.
+  * New POT for text domain 'base'.
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (French)
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (Taiwan) (zh_TW))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * New POT for text domain 'control'.
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Chinese (China) (zh_CN))
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Chinese (China) (zh_CN))
+
+- Update to version 84.87.20230202.68f7d5c2e4:
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Portuguese)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Japanese)
+  * New POT for text domain 'samba-client'.
+  * Translated using Weblate (Georgian)
+
+- Update to version 84.87.20230130.b344a57eef:
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * New POT for text domain 'packager'.
+  * New POT for text domain 'control'.
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Japanese)
+  * New POT for text domain 'ntp-client'.
+  * Translated using Weblate (Macedonian)
+  * New POT for text domain 'network'.
+  * New POT for text domain 'control'.
+  * Translated using Weblate (Macedonian)
+
+- Update to version 84.87.20230123.08c503a922:
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Portuguese)
+  * Translated using Weblate (Portuguese)
+  * Translated using Weblate (Portuguese)
+  * Translated using Weblate (Portuguese)
+
+- Update to version 84.87.20230116.80083546af:
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Added translation using Weblate (Georgian)
+  * Added translation using Weblate (Georgian)
+  * Added translation using Weblate (Georgian)
+  * Added translation using Weblate (Georgian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * New POT for text domain 'packager'.
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Georgian)
+
+- Update to version 84.87.20230109.3afefde4ef:
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Added translation using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Added translation using Weblate (Georgian)
+
+- Update to version 84.87.20230101.7fa7ea8642:
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * New POT for text domain 'security'.
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Georgian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+
+- Update to version 84.87.20221218.6fdb651e97:
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Finnish)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Japanese)
+  * New POT for text domain 'add-on'.
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Japanese)
+  * New POT for text domain 'iscsi-lio-server'.
+  * New POT for text domain 'control'.
+
+- Update to version 84.87.20221210.680714a939:
+  * New POT for text domain 'kdump'.
+  * New POT for text domain 'users'.
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Macedonian)
+
+- Update to version 84.87.20221203.a7355e12ff:
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Bulgarian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * New POT for text domain 'autoinst'.
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * New POT for text domain 'pam'.
+  * New POT for text domain 'control'.
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * New POT for text domain 'country'.
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * New POT for text domain 'storage'.
+  * New POT for text domain 'online-update'.
+  * New POT for text domain 'ntp-client'.
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * New POT for text domain 'storage'.
+  * New POT for text domain 'installation'.
+  * New POT for text domain 'autoinst'.
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Macedonian)
+  * New POT for text domain 'update'.
+  * New POT for text domain 'security'.
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Czech)
+
+- Update to version 84.87.20221114.6ac294712f:
+  * New POT for text domain 'qt-pkg'.
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Arabic)
+  * New POT for text domain 'samba-client'.
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+
+- Update to version 84.87.20221106.2505f85442:
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Japanese)
+  * New POT for text domain 'cluster'.
+  * Translated using Weblate (Macedonian)
+  * New POT for text domain 'autoinst'.
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+  * Translated using Weblate (French)
+
+- Update to version 84.87.20221029.429a275094:
+  * Translated using Weblate (Macedonian)
+  * New POT for text domain 'packager'.
+  * New POT for text domain 'firstboot'.
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Macedonian)
+  * New POT for text domain 'registration'.
+  * New POT for text domain 'base'.
+  * New POT for text domain 'add-on'.
+
+- Update to version 84.87.20221023.365770fb5e:
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Catalan)
+  * New POT for text domain 'registration'.
+  * New POT for text domain 'installation'.
+  * New POT for text domain 'firstboot'.
+  * New POT for text domain 'country'.
+  * New POT for text domain 'network'.
+  * New POT for text domain 'autoinst'.
+
+- Update to version 84.87.20221016.284cfa770d:
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+
+- Update to version 84.87.20221009.3d63202666:
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * Translated using Weblate (Italian)
+  * New POT for text domain 'base'.
+  * Translated using Weblate (Russian)
+  * New POT for text domain 'iscsi-client'.
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+
+- Update to version 84.87.20220930.817f83073b:
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * New POT for text domain 'base'.
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Romanian)
+  * Translated using Weblate (Romanian)
+  * New POT for text domain 'journal'.
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (French)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Japanese)
+  * New POT for text domain 'storage'.
+  * New POT for text domain 'ntp-client'.
+
+- Update to version 84.87.20220923.15c6c6ee84:
+  * New POT for text domain 'bootloader'.
+  * New POT for text domain 'bootloader'.
+  * New POT for text domain 'kdump'.
+
+- Update to version 84.87.20220917.4034baecb2:
+  * Translated using Weblate (Spanish)
+  * New POT for text domain 'http-server'.
+  * New POT for text domain 'base'.
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * New POT for text domain 'kdump'.
+  * New POT for text domain 'bootloader'.
+
+- Update to version 84.87.20220910.dcdb12a597:
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (German)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Some egrep occurences are legal
+  * Replaced egrep with grep -E. bsc#1203227
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * New POT for text domain 'vpn'.
+  * New POT for text domain 'base'.
+
+- Update to version 84.87.20220830.ebb7a9eac4:
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Japanese)
+  * New POT for text domain 'base'.
+  * New POT for text domain 'tune'.
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Catalan)
+  * New POT for text domain 'users'.
+
+- Update to version 84.87.20220813.6f83baae14:
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Japanese)
+  * New POT for text domain 'bootloader'.
+  * New POT for text domain 'control'.
+  * Translated using Weblate (Catalan)
+
+- Update to version 84.87.20220807.4697ae62b4:
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Swedish)
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Japanese)
+  * New POT for text domain 'fcoe-client'.
+  * New POT for text domain 'auth-client'.
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Catalan)
+  * New POT for text domain 'kdump'.
+  * New POT for text domain 'authserver'.
+
+- Update to version 84.87.20220730.27a80cdf03:
+  * Translated using Weblate (Slovak)
+
+- Update to version 84.87.20220729.608d4643aa:
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Japanese)
+  * New POT for text domain 'base'.
+  * New POT for text domain 'auth-client'.
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * New POT for text domain 'base'.
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Japanese)
+  * New POT for text domain 'journal'.
+  * New POT for text domain 'pam'.
+  * New POT for text domain 'control'.
+  * New POT for text domain 'autoinst'.
+
+- Update to version 84.87.20220709.5ead98f887:
+  * Translated using Weblate (Macedonian)
+  * Translated using Weblate (Russian)
+
+- Update to version 84.87.20220704.8f5a2d0352:
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Catalan)
+  * New POT for text domain 'control'.
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (French)
+  * Translated using Weblate (Catalan)
+
+- Update to version 84.87.20220627.0d8a465c6b:
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * Translated using Weblate (Spanish)
+  * New POT for text domain 'iscsi-client'.
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (French)
+
+- Update to version 84.87.20220618.9130d4f44b:
+  * New POT for text domain 'country'.
+  * New POT for text domain 'base'.
+
+- Update to version 84.87.20220610.18fe395dc0:
+  * New POT for text domain 'network'.
+  * New POT for text domain 'hana-ha'.
+  * New POT for text domain 'control'.
+  * New POT for text domain 'online-update'.
+  * New POT for text domain 'add-on'.
+
+- Update to version 84.87.20220527.e399b59cf0:
+  * New POT for text domain 'registration'.
+  * New POT for text domain 'packager'.
+  * New POT for text domain 'storage'.
+
+- Update to version 84.87.20220520.670357a704:
+  * New POT for text domain 'packager'.
+
+- Update to version 84.87.20220517.14c54455f9:
+  * New POT for text domain 'qt'.
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Catalan)
+  * New POT for text domain 'qt'.
+  * New POT for text domain 'iscsi-client'.
+
+- Update to version 84.87.20220513.26f6bfaa16:
+  * New POT for text domain 'nfs'.
+  * New POT for text domain 'iscsi-client'.
+  * New POT for text domain 'kdump'.
+
+- Update to version 84.87.20220507.8ff263ce4d:
+  * New POT for text domain 'registration'.
+  * New POT for text domain 'base'.
+  * New POT for text domain 'base'.
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Japanese)
+  * New POT for text domain 'update'.
+  * New POT for text domain 'samba-client'.
+  * New POT for text domain 'packager'.
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+
+- Update to version 84.87.20220429.5e9abe4e41:
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Slovak)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (French)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Polish)
+  * Translated using Weblate (Japanese)
+  * New POT for text domain 'update'.
+  * New POT for text domain 'storage'.
+  * New POT for text domain 'packager'.
+  * Translated using Weblate (Slovenian)
+  * Translated using Weblate (Polish)
+  * Translated using Weblate (Polish)
+  * New POT for text domain 'packager'.
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Czech)
+  * Translated using Weblate (Polish)
+  * Translated using Weblate (Polish)
+  * Translated using Weblate (Polish)
+  * Translated using Weblate (Polish)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Catalan)
+  * Translated using Weblate (Russian)
+  * Translated using Weblate (Dutch)
+  * Translated using Weblate (Japanese)
+  * Translated using Weblate (Catalan)
+  * New POT for text domain 'update'.
+  * New POT for text domain 'firstboot'.
+  * New POT for text domain 'control'.
+  * New POT for text domain 'cc'.
+  * New POT for text domain 'firstboot'.
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Portuguese (Brazil))
+  * Translated using Weblate (Polish)
+
yder
+- Update to version 1.4.19
+  * Improve cmake script and MSVC support
+  * Build with flag -Wconversion
+