Packages changed:
  PackageKit
  exiv2
  gptfdisk
  hplip
  libbluray (1.3.2 -> 1.3.3)
  libcap (2.65 -> 2.66)
  libglvnd (1.4.0 -> 1.5.0)
  libopenmpt (0.6.4 -> 0.6.6)
  libpng16 (1.6.37 -> 1.6.38)
  libreoffice
  libva (2.15.0 -> 2.16.0)
  libva-gl (2.15.0 -> 2.16.0)
  libverto (0.3.1 -> 0.3.2)
  libyuv
  osinfo-db (20220727 -> 20220830)
  patterns-kde (20220215 -> 20221001)
  perl-IO-Socket-SSL (2.074 -> 2.075)
  permissions
  popt (1.18 -> 1.19)
  python-Mako (1.2.2 -> 1.2.3)
  python-cryptography (37.0.4 -> 38.0.1)
  python-pymongo (4.1.1 -> 4.2.0)
  python-pyudev (0.23.2+14 -> 0.24.0)
  python-requests-toolbelt
  python-wrapt (1.13.3 -> 1.14.1)
  tdb (1.4.6 -> 1.4.7)
  xapian-core (1.4.20 -> 1.4.21)
  yast2-network (4.5.7 -> 4.5.8)

=== Details ===

==== PackageKit ====
Subpackages: PackageKit-backend-dnf PackageKit-backend-zypp PackageKit-gstreamer-plugin PackageKit-gtk3-module PackageKit-lang libpackagekit-glib2-18 typelib-1_0-PackageKitGlib-1_0

- Add PackageKit-zypp-dont-remove-locked-packages.patch: zypp:
  Check if packages are locked before removing
  (gh#PackageKit/PackageKit/commit/8649a07bc, bsc#1199895).
- Add PackageKit-zypp-add-repo-in-packageid.patch: zypp: add
  repository data in package id
  (gh#PackageKit/PackageKit/commit/8eb2ef0ae, bsc#1202585).
- Remove PackageKit-zypp-locked-packages.patch: reverted upstream
  (gh#PackageKit/PackageKit/commit/ed3e38043).

==== exiv2 ====

- add tracker for SLE (jsc#PED-1393)

==== gptfdisk ====

- Add patch to fix sgdisk with popt 1.19:
  * 0001-Fix-failure-crash-of-sgdisk-when-compiled-with-lates.patch

==== hplip ====

- Move the hplip-udev-rules requirement from hplip to hplip-hpijs.
  The main package will get it via indirect dependencies then.
- Split off hplip-udev-rules hplip-udev-rules so that you can install
  hplip-sane only and scan as a normal user, fixes boo#1203811

==== libbluray ====
Version update (1.3.2 -> 1.3.3)

- update to 1.3.3:
  * Initial support for Java 18.
  * Add support for OpenBSD operating system.
  * Improve support for FreeBSD, NetBSD and DragonFlyBSD
  * Improve Java 17 support.

==== libcap ====
Version update (2.65 -> 2.66)

- update to 2.66:
  * Fix documentation typos in cap_from_text.3
  * Some getpcaps code clean up and a fix for PID argument parsing from Jakub
    Wilk.
  * Slightly more robust Makefiles to address an error with make -j48 test observed
  * Include a simple Go program, captrace, to trace kernel capability validation
    checks
  * This program can be used to figure out what capabilities a program needs to
    operate.
  * captrace (a wrapper for bpftrace) uses BPF kprobes to monitor the kernel for
    capability checks and whether or not they succeed for the system, a specific
    PID or a program's direct execution.
  * Trim down the default file capabilities for contrib/sucap/su to those actually
    needed and set USER and HOME environment variables so bash doesn't complain
    about a sourcing error.

==== libglvnd ====
Version update (1.4.0 -> 1.5.0)

- update to 1.5.0:
  * Add BTI landing pads for aarch64
  * Set current thread state to NULL in teardown
  * Moving setspecific to before DestroyThreadState
  * Fix a memory leak in libGLdispatch
  * Use assembly stubs on armv6
- drop libglvnd-add-bti.patch (upstream)

==== libopenmpt ====
Version update (0.6.4 -> 0.6.6)

- Update to 0.6.6
  * [Sec] Possible crash when playing manipulated IT / MPTM files
    with a T00 command.
  * MTM: In MultiTracker, setting speed and tempo are mutually
    exclusive commands. Still, some MultiTracker modules were made
    to be played with external players such as DMP, so they
    actually rely on “standard” speed / tempo behaviour. Decide
    which behaviour to use by checking of speed and tempo commands
    are found on the same row.
  * MTM: Ignore sample loops if the loop end is <= 2.
  * Echo DMO: Migrate left and right delay values in modules made
    with OpenMPT versions between 1.27.01.00 and 1.30.05.00 to the
    correct interpretation.
- Changes in 0.6.5:
  * [Bug] Makefile now also uses CC, CXX, LD, and AR when set as
    environment variables.
  * [New] Makefile now uses PKG_CONFIG as path to pkg-config.
  * DBM: Sample middle-C frequencies were slightly off.
    laffik_-_marynarze.dbm sounds much more bearable now.
  * DBM: Fixed pattern break parameter interpretation.
  * Echo DMO: Setting the delay parameter to 0 yielded a 2-second
    echo delay instead of 1ms.
  * Digi Booster Echo: Setting the delay parameter to 0 yielded a
    510ms echo delay instead of approximately 334ms.

==== libpng16 ====
Version update (1.6.37 -> 1.6.38)

- update to 1.6.38:
  * Added configurations and scripts for continuous integration.
  * Fixed various errors in the handling of tRNS, hIST and eXIf.
  * Implemented many stability improvements across all platforms.
  * Updated the internal documentation.

==== libreoffice ====
Subpackages: libreoffice-base libreoffice-branding-upstream libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-en_GB libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-pt_BR libreoffice-l10n-ru libreoffice-l10n-zh_CN libreoffice-l10n-zh_TW libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit

- Change egrep/fgrep calls to grep -E/-F, respectively boo#1203092
  add libreoffice-7.4.1.2-grep.patch

==== libva ====
Version update (2.15.0 -> 2.16.0)
Subpackages: libva-drm2 libva-x11-2 libva2

- update to 2.16.0:
  * add: Add HierarchicalFlag & hierarchical_level_plus1 for AV1e.
  * dep: Update README.md to remove badge links
  * dep: Removed waffle-io badge from README to fix broken link
  * dep: Drop mailing list, IRC and Slack
  * autotools: use wayland-scanner private-code
  * autotools: use the wayland-scanner.pc to locate the prog
  * meson: use wayland-scanner private-code
  * meson: request native wayland-scanner
  * meson: use the wayland-scanner.pc to locate the prog
  * meson: set HAVE_VA_X11 when applicable
  * style:Correct slight coding style in several new commits
  * trace: add Linux ftrace mode for va trace
  * trace: Add missing pthread_mutex_destroy
  * drm: remove no-longer needed X == X mappings
  * drm: fallback to drm driver name == va driver name
  * drm: simplify the mapping table
  * x11: simplify the mapping table
- No code changes
- Update to version 2.15.0 was part of Intel oneVPL GPU Runtime
  2022Q2 Release 22.4.4

==== libva-gl ====
Version update (2.15.0 -> 2.16.0)

- update to 2.16.0:
  * add: Add HierarchicalFlag & hierarchical_level_plus1 for AV1e.
  * dep: Update README.md to remove badge links
  * dep: Removed waffle-io badge from README to fix broken link
  * dep: Drop mailing list, IRC and Slack
  * autotools: use wayland-scanner private-code
  * autotools: use the wayland-scanner.pc to locate the prog
  * meson: use wayland-scanner private-code
  * meson: request native wayland-scanner
  * meson: use the wayland-scanner.pc to locate the prog
  * meson: set HAVE_VA_X11 when applicable
  * style:Correct slight coding style in several new commits
  * trace: add Linux ftrace mode for va trace
  * trace: Add missing pthread_mutex_destroy
  * drm: remove no-longer needed X == X mappings
  * drm: fallback to drm driver name == va driver name
  * drm: simplify the mapping table
  * x11: simplify the mapping table
- No code changes
- Update to version 2.15.0 was part of Intel oneVPL GPU Runtime
  2022Q2 Release 22.4.4

==== libverto ====
Version update (0.3.1 -> 0.3.2)

- update to 0.3.2:
  * Fix use-after-free in verto_reinitialize
  * Fix use-after-free in verto_free()
  * Remove broken tevent support

==== libyuv ====

- Use YUV_VERSION for library VERSION and YUV_VER_MAJOR for
  SOVERSION

==== osinfo-db ====
Version update (20220727 -> 20220830)

- Update to database version 20220830
  osinfo-db-20220830.tar.xz

==== patterns-kde ====
Version update (20220215 -> 20221001)
Subpackages: patterns-kde-kde_plasma patterns-kde-kde_yast

- Update the Qt6 pattern for the 6.4.0 release
- Remove obsolete or missing packages from KDE patterns

==== perl-IO-Socket-SSL ====
Version update (2.074 -> 2.075)

- updated to 2.075
  see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes
  2.075
  - treat SSL_write returning 0 same as previously -1, as suggested by both
    OpenSSL and LibreSSL documentation
  - propagate error from SSL_shutdown, but if the shutdown is caused by an outer
    SSL error keep the original error
  - small tests fixes

==== permissions ====
Subpackages: chkstat permissions-config

- skip tests on qemu user builds

==== popt ====
Version update (1.18 -> 1.19)
Subpackages: libpopt0 popt-lang

- popt 1.19:
  * various build system fixes
  * various developer visible fixes
  * Fix the handling of superfluous args passed with =
  * Fix multiple resource and memory leaks
  * Fix '=' getting shown for short options
  * Improve random number handling
  * translation updates and documentation improvements
- refresh spec file, run tests, package license in every package,
  and treat all compiler warnings and errors

==== python-Mako ====
Version update (1.2.2 -> 1.2.3)

- update to 1.2.3:
  * Fixed issue in lexer in the same category as that of :ticket:`366` where
    the regexp used to match an end tag didn't correctly organize for matching
    characters surrounded by whitespace, leading to high memory / interpreter
    hang if a closing tag incorrectly had a large amount of unterminated space
    in it. Credit to Sebastian Chnelik for locating the issue.
  * As Mako templates inherently render and directly invoke arbitrary Python
    code from the template source, it is **never** appropriate to create
    templates that contain untrusted input.

==== python-cryptography ====
Version update (37.0.4 -> 38.0.1)

- update to 38.0.1:
  * Fixed parsing TLVs in ASN.1 with length greater than 65535 bytes (typically
    seen in large CRLs).
  * Final deprecation of OpenSSL 1.1.0. The next release of ``cryptography``
    will drop support.
  * We no longer ship ``manylinux2010`` wheels. Users should upgrade to the
    latest ``pip`` to ensure this doesn't cause issues downloading wheels on
    their platform. We now ship ``manylinux_2_28`` wheels for users on new
    enough platforms.
  * Updated the minimum supported Rust version (MSRV) to 1.48.0, from 1.41.0.
    Users with the latest ``pip`` will typically get a wheel and not need Rust
    installed, but check :doc:`/installation` for documentation on installing a
    newer ``rustc`` if required.
  * :meth:`~cryptography.fernet.Fernet.decrypt` and related methods now accept
    both ``str`` and ``bytes`` tokens.
  * Parsing ``CertificateSigningRequest`` restores the behavior of enforcing
    that the ``Extension`` ``critical`` field must be correctly encoded DER. See
    `the issue <https://github.com/pyca/cryptography/issues/6368>`_ for complete
    details.
  * Added two new OpenSSL functions to the bindings to support an upcoming
    ``pyOpenSSL`` release.
  * When parsing :class:`~cryptography.x509.CertificateRevocationList` and
    :class:`~cryptography.x509.CertificateSigningRequest` values, it is now
    enforced that the ``version`` value in the input must be valid according to
    the rules of :rfc:`2986` and :rfc:`5280`.
  * Using MD5 or SHA1 in :class:`~cryptography.x509.CertificateBuilder` and
    other X.509 builders is deprecated and support will be removed in the next
    version.
  * Added additional APIs to
    :class:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp`, including
    :attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature_hash_algorithm`,
    :attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature_algorithm`,
    :attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature`, and
    :attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.extension_bytes`.
  * Added :attr:`~cryptography.x509.Certificate.tbs_precertificate_bytes`, allowing
    users to access the to-be-signed pre-certificate data needed for signed
    certificate timestamp verification.
  * :class:`~cryptography.hazmat.primitives.kdf.kbkdf.KBKDFHMAC` and
    :class:`~cryptography.hazmat.primitives.kdf.kbkdf.KBKDFCMAC` now support
    :attr:`~cryptography.hazmat.primitives.kdf.kbkdf.CounterLocation.MiddleFixed`
    counter location.
  * Fixed :rfc:`4514` name parsing to reverse the order of the RDNs according
    to the section 2.1 of the RFC, affecting method
    :meth:`~cryptography.x509.Name.from_rfc4514_string`.
  * It is now possible to customize some aspects of encryption when serializing
    private keys, using
    :meth:`~cryptography.hazmat.primitives.serialization.PrivateFormat.encryption_builder`.
  * Removed several legacy symbols from our OpenSSL bindings. Users of pyOpenSSL
    versions older than 22.0 will need to upgrade.
  * Added
    :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES128` and
    :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES256` classes.
    These classes do not replace
    :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES` (which
    allows all AES key lengths), but are intended for applications where
    developers want to be explicit about key length.

==== python-pymongo ====
Version update (4.1.1 -> 4.2.0)

- update to 4.2.0:
  - Support for MongoDB 6.0.
  - Support for the Queryable Encryption beta with MongoDB 6.0. Note that backwards-breaking
    changes may be made before the final release.  See :ref:`automatic-queryable-client-side-encryption` for example usage.
  - Provisional (beta) support for :func:`pymongo.timeout` to apply a single timeout
    to an entire block of pymongo operations.
  - Added the ``timeoutMS`` URI and keyword argument to :class:`~pymongo.mongo_client.MongoClient`.
  - Added the :attr:`pymongo.errors.PyMongoError.timeout` property which is ``True`` when
    the error was caused by a timeout.
  - Added the ``check_exists`` argument to :meth:`~pymongo.database.Database.create_collection`
    that when True (the default)  runs an additional ``listCollections`` command to verify that the
    collection does not exist already.
  - Added key management APIs to :class:`~pymongo.encryption.ClientEncryption`:
  - Support for the ``crypt_shared`` library to replace ``mongocryptd`` using the new
    ``crypt_shared_lib_path`` and ``crypt_shared_lib_required`` arguments to
    :class:`~pymongo.encryption_options.AutoEncryptionOpts`.
  - Fixed a bug where :meth:`~pymongo.collection.Collection.estimated_document_count`
    would fail with a "CommandNotSupportedOnView" error on views (`PYTHON-2885`_).
  - Fixed a bug where invalid UTF-8 strings could be passed as patterns for :class:`~bson.regex.Regex`
    objects. :func:`bson.encode` now correctly raises :class:`bson.errors.InvalidStringData` (`PYTHON-3048`_).
  - Fixed a bug that caused ``AutoReconnect("connection pool paused")`` errors in the child
    process after fork (`PYTHON-3257`_).
  - Fixed a bug where  :meth:`~pymongo.collection.Collection.count_documents` and
    :meth:`~pymongo.collection.Collection.distinct` would fail in a transaction with
    ``directConnection=True`` (`PYTHON-3333`_).
  - GridFS no longer uploads an incomplete files collection document after encountering an
    error in the middle of an upload fork. This results in fewer
    :class:`~gridfs.errors.CorruptGridFile` errors (`PYTHON-1552`_).
  - Renamed PyMongo's internal C extension methods to avoid crashing due to name conflicts
    with mpi4py and other shared libraries (`PYTHON-2110`_).
  - Fixed tight CPU loop for network I/O when using PyOpenSSL (`PYTHON-3187`_).

==== python-pyudev ====
Version update (0.23.2+14 -> 0.24.0)

- update to 0.24.0:
  * Remove six dependency
  * Drop pylint tasks
  * Support python 3.9 and 3.10

==== python-requests-toolbelt ====

- Add patch stop-using-pyopenssl-compat.patch:
  * Stop importing (and using!) a pyopenssl compatibility module
    to avoid a DeprecationWarning.

==== python-wrapt ====
Version update (1.13.3 -> 1.14.1)

- update to 1.14.1:
  * When the post import hooks mechanism was being used, and a Python package with
    its own custom module importer was used, importing modules could fail if the
    custom module importer didn't use the latest Python import hook finder/loader
    APIs and instead used the deprecated API. This was actually occurring with the
    `zipimporter` in Python itself, which was not updated to use the newer Python
    APIs until Python 3.10.
  * *Bugs Fixed**
  * Python 3.11 dropped ``inspect.formatargspec()`` which was used in creating
    signature changing decorators. Now bundling a version of this function
    which uses ``Parameter`` and ``Signature`` from ``inspect`` module when
    available. The replacement function is exposed as ``wrapt.formatargspec()``
    if need it for your own code.
  * When using a decorator on a class, ``isinstance()`` checks wouldn't previously
    work as expected and you had to manually use ``Type.__wrapped__`` to access
    the real type when doing instance checks. The ``__instancecheck__`` hook is
    now implemented such that you don't have to use ``Type.__wrapped__`` instead
    of ``Type`` as last argument to ``isinstance()``.
  * Eliminated deprecation warnings related to Python module import system, which
    would have turned into broken code in Python 3.12. This was used by the post
    import hook mechanism.

==== tdb ====
Version update (1.4.6 -> 1.4.7)
Subpackages: libtdb1 python3-tdb

- update to 1.4.7:
  * configure/Makefile: export PYTHONHASHSEED=1 in all 'configure/Makefile' scripts
  * lib:tdb: Reformat shell scripts
- spec file cleanups

==== xapian-core ====
Version update (1.4.20 -> 1.4.21)

- update to 1.4.21:
  * Stop trying to check for incompatible C++ ABI between the compiler used to
    build xapian-core and the compiler used to build code using xapian-core.
  * Fix new warnings from GCC 12.
  * Avoid undefined value use when unpacking a key in a corrupted glass docdata
    table.  We now skip further checks on the entry in this case.
  * Merge allocations in MSVC directory reading compatibility code so we can
    allocate in a single malloc() call.
  * Add accept() wrapper which checks an assumption that Microsoft's SOCKET type
    only actually holds 32 bit values even in 64 bit platforms and throws an
    exception if violated.
  * Eliminate a use of sprintf.
  * Squash some unhelpful MSVC deprecation warnings.
  * Declare dummy invalid parameter handler noexcept to fix a warning from MSVC.
  * Include <stdlib.h> in configure check for sys_errlist as that's where it is
    with mingw and MSVC.

==== yast2-network ====
Version update (4.5.7 -> 4.5.8)

- Fixed issue when writing the NetworkManager config without a
  gateway (bsc#1203866)
- 4.5.8