Removed rpms
============

 - bumblebee
 - bumblebee-status
 - bumblebee-status-module-cmus
 - bumblebee-status-module-dnf
 - bumblebee-status-module-mocp
 - bumblebee-status-module-mpd
 - bumblebee-status-module-redshift
 - liboqs3
 - liboqs3-32bit
 - libre12
 - primus

Added rpms
==========

 - amber-cli
 - firewalld-bash-completion
 - firewalld-test
 - firewalld-zsh-completion
 - gvisor-tap-vsock
 - ibus-gtk4
 - jnr-a64asm
 - jnr-a64asm-javadoc
 - jnr-constants
 - jnr-constants-javadoc
 - jnr-ffi
 - jnr-ffi-javadoc
 - jnr-posix
 - jnr-posix-javadoc
 - jnr-x86asm
 - jnr-x86asm-javadoc
 - libopencc1_1
 - liboqs4
 - liboqs4-32bit
 - libpinyin15
 - libpinyin15-32bit
 - libre16
 - libuninameslist1
 - libzhuyin15
 - libzhuyin15-32bit
 - nvidia-open-driver-G06-signed-64kb-devel
 - nvidia-open-driver-G06-signed-azure-devel
 - nvidia-open-driver-G06-signed-default-devel
 - python3-extras
 - rime-schema-custom
 - rime-schema-essay-simp
 - sysctl-logger

Package Source Changes
======================

MozillaFirefox
-- Mozilla Firefox ESR 115.3.1 ESR
+- Firefox Extended Support Release 115.4.0 ESR
+  Placeholder changelog-entry (bsc#1216338)
+- Removed upstreamed patch mozilla-fix-broken-ffmpeg.patch
+
+- Firefox Extended Support Release 115.3.1 ESR
+  * Fixed: Security fix.
-  * CVE-2023-5217: Heap buffer overflow in libvpx
+  * CVE-2023-5217 (bmo#1855550)
+    Heap buffer overflow in libvpx
-  Placeholder changelog-entry
-- Mozilla Firefox ESR 115.3
+  * Fixed: Various security fixes and other quality improvements.
-  * CVE-2023-5168: (bmo#1846683)
+  * CVE-2023-5168 (bmo#1846683)
-  * CVE-2023-5169: (bmo#1846685)
+  * CVE-2023-5169 (bmo#1846685)
-  * CVE-2023-5171: (bmo#1851599)
+  * CVE-2023-5171 (bmo#1851599)
-  * CVE-2023-5174: (bmo#1848454)
+  * CVE-2023-5174 (bmo#1848454)
-  * CVE-2023-5176: (bmo#1836353, bmo#1842674, bmo#1843824,
+  * CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824,
-  * CVE-2023-4863 (bmo#https://bugs.chromium.org/p/chromium/issue
-    s/detail?id=1479274,
-    bmo#https://bugzilla.mozilla.org/show_bug.cgi?id=1852649)
+  * CVE-2023-4863 (bmo#1852649)
MozillaThunderbird
+- Mozilla Thunderbird 115.4.1
+  * new: "Manage Newsgroups Subscription" now displayed on
+    Account Central when using newsgroups (bmo#1847428)
+  * fixed: Manually configured authentication methods on accounts
+    did no always persist (bmo#1855515)
+  * fixed: "Send Autocrypt key in header" preference was
+    available on accounts with no encryption key (bmo#1857541)
+  * fixed: SHA-1 certificates were not accepted in Thunderbird
+    115; acceptance of SHA-1 messages can now be enabled via
+    optional preference (bmo#1854592)
+  * fixed: Various Flatpak enhancements
+    (bmo#1843110,bmo#1845495,bmo#1850013)
+  * fixed: Opening folder in new tab by clicking scroll
+    wheel/middle mouse button did not work in Folder Pane
+    (bmo#1836853)
+  * fixed: Message list did not automatically scroll to new
+    messages when switching folders (bmo#1850190)
+  * fixed: "Move/Copy to <folder> again" was sometimes displayed
+    in the folder context menu when it should not have been
+    (bmo#1855160)
+  * fixed: Multiple message drafts or message templates could not
+    be opened simultaneously for editing (bmo#1853558)
+  * fixed: Tools > Filters dialog did not open in Unified Folder
+    view if no messages were selected (bmo#1844341)
+  * fixed: Printing dialog could be opened, even with no messages
+    selected (bmo#1846190)
+  * fixed: "From" address was editable when creating a new
+    message from a template if the account identity contained
+    Unicode characters (bmo#1850055)
+  * fixed: Opening a saved .eml file in compose window did not
+    preserve message subject from file (bmo#1856166)
+  * fixed: Replying to some plaintext messages with desired quote
+    selected in original message did not preserve formatting of
+    quote (bmo#1839226)
+  * fixed: "Edit as New", "Reply", and "Redirect" could not be
+    used on multiple messages simultaneously (bmo#1855065)
+  * fixed: "Reply to List" option was always enabled, even with
+    no list to reply to (bmo#1851971)
+  * fixed: "Archive" button in message pane was enabled on
+    messages that could not be archived (bmo#1856315)
+  * fixed: "Followup-To" label was incorrectly labeled as
+    "Newsgroups" (bmo#1854801)
+  * fixed: "Save image as" option did not work for RSS feed items
+    displayed as a webpage (bmo#1853498)
+  * fixed: OTR verification dialog was blank, preventing
+    verification of OTR chat sessions (bmo#1852030)
+  * fixed: Calendar ICS parser improvements for more reliable
+    event import (bmo#1857196)
+  * fixed: Permission description strings were missing from Add-
+    Ons Manager (bmo#1842490)
+  * fixed: Various visual fixes
+    (bmo#1855033,bmo#1855204,bmo#1858942,bmo#1857504)
+  * fixed: Security fixes
+  MFSA 2023-47 (bsc#1216338)
+  * CVE-2023-5721 (bmo#1830820)
+    Queued up rendering could have allowed websites to clickjack
+  * CVE-2023-5732 (bmo#1690979, bmo#1836962)
+    Address bar spoofing via bidirectional characters
+  * CVE-2023-5724 (bmo#1836705)
+    Large WebGL draw could have led to a crash
+  * CVE-2023-5725 (bmo#1845739)
+    WebExtensions could open arbitrary URLs
+  * CVE-2023-5726 (bmo#1846205)
+    Full screen notification obscured by file open dialog on
+    macOS
+  * CVE-2023-5727 (bmo#1847180)
+    Download Protections were bypassed by .msix, .msixbundle,
+    .appx, and .appxbundle files on Windows
+  * CVE-2023-5728 (bmo#1852729)
+    Improper object tracking during GC in the JavaScript engine
+    could have led to a crash.
+  * CVE-2023-5730 (bmo#1836607, bmo#1840918, bmo#1848694,
+    bmo#1848833, bmo#1850191, bmo#1850259, bmo#1852596,
+    bmo#1853201, bmo#1854002, bmo#1855306, bmo#1855640,
+    bmo#1856695)
+    Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4,
+    and Thunderbird 115.4.1
+- Removed upstreamed patch mozilla-fix-broken-ffmpeg.patch
+- Mozilla Thunderbird 115.4.0
+  * pulled and replaced by 115.4.1
+- Mozilla Thunderbird 115.3.3
+  * fixed: Modifier keys did not work as expected when dragging a
+    message over the folder tree on macOS (bmo#1847791)
+  * fixed: "Folder Location" toolbar button did not work for
+    local folders (bmo#1843979)
+  * fixed: "Copy to <folder name> again" option disappeared from
+    context menu after copying to Gmail folder with non-ASCII
+    name (bmo#1856712)
+  * fixed: Default reply identity did not use "Delivered-To"
+    address when catch-all was active (bmo#1815559)
+  * fixed: "View Headers All" did not work when selected in
+    standalone message window (bmo#1855316)
+  * fixed: Viewing the mail filter log displayed an error if no
+    log file was present (bmo#1789244)
+
+- Mozilla Thunderbird 115.3.2
+  * fixed: "Open in conversation" did not open messages in a
+    thread view (bmo#1849374)
+  * fixed: News messsage with non-ASCII author name were
+    incorrectly canceled (bmo#1854023)
+  * fixed: Localized "Re: " prefix was not stripped from news
+    messages (bmo#1845155)
+  * fixed: Thunderbird attempted to load accounts missing server
+    hostname, causing blank 3-pane window (bmo#1854064)
+  * fixed: Permission description strings were missing from Add-
+    Ons Manager (bmo#1842490)
+  * fixed: Card View displayed incorrect recipient name for mail
+    and news accounts, depending on folder (bmo#1851955)
+  * fixed: Spell check dictionary dialog sometimes pushed Close
+    button out of view (bmo#1856152)
+  * fixed: Importing calendars from iCal files did not work under
+    certain circumstances (bmo#1854422)
+  * fixed: Calendar invitations were not sent to event
+    participants, only organizer (bmo#1847658)
+  * fixed: Calendar alarm dialogs with lengthy descriptions
+    pushed buttons out of view (bmo#1852682)
+  * fixed: Various visual fixes (bmo#1854836)
+
anthy
+- add anthy-set-face-underline-p.patch
+  * set-face-underline-p is an alias for set-face-underline
+    and was dreprecated since emacs 24.3
+
apptainer
+- removed CRYPTOGAMS license as not known in OBS and OpenSSL is
+  also valid
+
+- updated to 1.2.3 with following changes:
+  * The apptainer push/pull commands now show a progress bar for the oras
+    protocol like there was for docker and library protocols.
+  * The --nv and --rocm flags can now be used simultaneously.
+  * Fix the use of APPTAINER_CONFIGDIR with apptainer instance start and action
+    commands that refer to instance://.
+  * Fix the issue that apptainer would not read credentials from the Docker
+    fallback path ~/.docker/config.json if missing in the apptainer
+    credentials.
+
+- Update license for the package to cover also OpenSSL and CRYPTOGAMS
+  part of chacha_ppc64le.s
+
autoyast2
+- Added several LUKS-related elements to the partitioning schema
+  (jsc#PED-3878, jsc#PED-5518).
+- 4.6.4
+
+- Branch package for SP6 (bsc#1208913)
+- 4.6.3
+
-- 4.6.2
+- 4.5.14
-- 4.6.1
-
-- Bump version to 4.6.0 (bsc#1208913)
+- 4.5.13
bpftool
+- Update bpftool align with v6.4-based kernel
+  + Support for KIND_RESTRICT in gen min_core_btf command
+  + Support BPF_MAP_TYPE_USER_RINGBUF map type
+  + Support new cgroup local storage
+  + Support printing opcodes and source file references in CFG
+  + Probe for memcg-based accounting and bump rlimit only if needed
+  + Allow toggling autoattach for bpf prog load|loadall
+  + Remove support of --legacy option for bpftool
+  + Remove BPF_OBJ_NAME_LEN restriction when looking up bpf program by name
+
clamav-database
+- database refresh on 2023-10-30 (bsc#1084929)
+
cloud-regionsrv-client
+- Update to version 10.1.3 (bsc#1214801)
+  + Add a warning if we detect a Python package cert bundle for certifi
+    This will help with debugging and point to potential issues when
+    using SUSE images in AWS, Azure, and GCE
+
containerized-data-importer
+- Update to version 1.57.0
+  Release notes https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.57.0
+
+- Update to version 1.56.0
+  Release notes https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.56.0
+
dqlite
+- Update to 1.16.0:
+  * expose one new API, dqlite_node_set_auto_recovery
+
firewalld
+- update to v2.0.1 (jsc#PED-5597)
+  * fix(cli): all --list-all-zones output identical (d30bc61)
+  * fix(cli): properly show default zone attribute (ea8d9a8)
+  * fix(cli): properly show active attribute for zones and policies (b202403)
+  * fix(cli): --get-active-zones should include the default zone (dae9112)
+  * fix(nftables): always flush main table on start (cd20981)
+  * fix(runtimeToPermanent): deepcopy settings before mangling (9c53639)
+  * docs: fix reference to lockdown-whitelist.xml in SYNOPSIS section (1c77205)
+  * fix(firewall-config): escape markup stored in bindings store (c876fd0)
+  * fix(tests): avoid deprecated assertRaisesRegexp for assertRaisesRegex (2935119)
+  * fix(icmp): fix check_icmpv6_name() to use correct IPv6 names (af3c35b)
+  * fix(ipset): fix configuring IP range for ipsets with nftables (6a050ec)
+  * fix(ipset): fix configuring "timeout","maxelem" values for ipsets with nftables (7d3340c)
+  * fix(core): fix exception while parsing invalid "tcp-mss-clamp" in policy (ff61209)
+  * docs(policy): fix wrong documentation of in man firewalld.policy (21026d9)
+  * Correct Requires, python3-slip-dbus -> python3-dbus-python
+  * This is a major release. The major version is being bumped symbolically
+    to reflect significant changes done in commit f4d2b80 ("fix(policy):
+    disallow zone drifting"). It does not contain any deliberate breaking changes
+  * fix(reload): restore policy for old backend if it changed (de85849)
+  * fix(io): rich: tcp mss: handle value=None (8016f10)
+  * fix(firewall-config): rich: set destination address (f6641a9)
+  * fix(policy): mixed IP families in ingress/egress (69ed4d6)
+- removed following patches:
+  [- 0001-chore-fw_zone-call-permanent-config-checks-at-runtim.patch]
+  [- 0003-firewall-offline-cmd-fail-fix.patch]
+  [- 0004-fix_rich_source_address_with_netmask.patch]
+  [- feature-upstream-new-check-config-1.patch]
+  [- feature-upstream-new-check-config-2.patch]
+
gnu-compilers-hpc
+- Create correct links for cc and c++ and make sure failure of last
+  test in %posttrans is not returned as status of scriptlet
+  (bsc#1214816).
+
ibus
-- Fix boo#1211977: ibus is not started automatically by KDE Plasma
-  * Remove "-d" when ibus-autostart is executed under KDE
-  * Remove X-GNOME-* from ibus-autostart.desktop
+- Fix key typing order
+  * This prevents that keys get stuck in games with wine/proton (steam)
+  * Added ibus-fix-key-release.patch
+
+- Update version to 1.5.28
+  * Implement new process_key_event for ibus-x11
+  * Convert internal EN compose table to GResource
+  * Enhance surrounding text
+  * Enhance CI
+  * Update ibusunicodegen.h with Unicode 15.0.0
+  * Update simple.xml with xkeyboard-config 2.38-1
+  * Fix SEGVs
+
+- Switch to use systemd service file to start ibus daemon
+  * Fix boo#1201421
+  * Add ibus-ui-gtk3-restart-via-systemd.patch
+  * Enable ibus-autostart for xdg-autostart-generator
+
+- Do not run ibus-autostart with xdg-autostart-generator (KDE etc.)
+  * A workaround for boo#1202841
+  * Please use org.freedesktop.IBus.session.generic.service instead
+    (See boo#1201421)
+
+- Upstream update to 1.5.27
+  * Disable XKB engines in Plasma Wayland
+  * ibusimcontext keycode - 8 for gtk3 keycode generation
+  * client/gtk2: Revert CCedilla change for pt-BR
+  * Add IBUS_CAP_OSK to IBusCapabilite
+  * Enable ibus restart in GNOME desktop
+  * Add ibus im-module command
+  * Implement new process_key_event for GTK4
+  * src/ibusengine: Add focus_in_id()/focus_out_id() class methods
+  * Delete xkb:latam:: in denylist.txt
+  * Enhance Xutf8TextListToTextProperty
+  * Revert Emoji shoftcut key to Super-space
+  * Update simple.xml with xkeyboard-config 2.36
+  * Fix refcounting issues
+  * Drop ibus-fix-refcounting-issues.patch
+  * Fix bashisms in org.freedesktop.IBus.session.GNOME.service
+  * Update xkb-latin-layouts in gschema
+  * Use our own prefix to look up systemd user services dir
+  * Add functionality to change IBus panel themes with available GTK themes
+  * Update translation
+- Refresh im-engines-precede-xkb.patch
+- Add pkgconfig(libnotify) for the GTK4 flavor
+
+- Fix ibus-setup to support python3 (boo#1202063)
+  * Update setup-switch-im.patch
+- Remove X-GNOME-* from ibus-autostart.desktop
+  (boo#1201421, boo#1201728)
+  * ibus-autostart still does not work with
+    systemd-xdg-autostart-generator
+
+- Add patch ibus-fix-refcounting-issues.patch:
+  This addresses the possible GLib warnings, fixes the possible
+  double unrefs happening on IBusText used in signals, and fixes
+  the missing unrefs on IBusText objects created from static
+  strings (gh#ibus/ibus#2387, gh#ibus/ibus#2393).
+
+- Add install/uninstall scripts for the user service files
+- Drop ibus-missing-include.patch
+  * fix build error under Leap 15.4
+
+- Update version to 1.5.26
+  * Enhance compose keys
+  * Enhance Emoji features
+  * Implement clear preedit for GTK4
+  * Calculate keycode from keysym in GTK3 forward-key-event
+  * Fix to send char position at update_preedit_text
+  * Deprecate gettext.bind_textdomain_codeset() since Python 3.8
+  * Fix ibus_key_event_from_string for gobject-introspection
+  * Fix a key event loop with forwarding keys
+  * Delete gnome-autogen dependency
+  * Change XKB layout string color in panel
+  * Add IBUS_INPUT_HINT_PRIVATE for browser private mode
+  * mkdir socket dirs instead of socket paths
+  * Add org.freedesktop.IBus.session.generic.service
+  * Check XDG_SESSION_DESKTOP for Plasma desktop
+  * Update simple.xml with xkeyboard-config 2.35.1
+  * Update ibusunicodegen.h with unicode-ucd 14.0.0
+  * Enhance CI
+  * Fix typos
+  * Fix wrong cursor location in gtk3 apps
+  * Update URLS
+  * invalidate cache based on symlink mtime too
+  * Fix unref problems with floating references
+  * Update man page for Emoji shortcut key
+  * Add systemd unit file
+  * Fix forward key keycode for GTK4
+- Drop ibus-fix-wrong-cursor-location.patch, merged by upstream
+
+- Do not introduce ibus-gtk4-32bit unless there will be demand for
+  it: drop its definition from baselibs.conf.
+
+- Fix name of gtk4 flavor generated packages (was ibus-gtk4-gtk4).
+
+- Split build of gtk4 module into an own flavor, allowing us to
+  break a build cycle.
+
+- Enable GTK 4 IM Module for Leap 15.4 and Tumbleweed
+- Remove ibus-python-install-dir.patch
+  * Not used for build anymore
ibus-anthy
+- Update to version 1.5.14
+  * data: Update era.t with 2021
+  * tests: Check python3-pycotap.rpm in Fedora instead of pip
+  * travis: git config pull.rebase false
+  * Update translations
+- Release 1.5.13
+  * tests: Output info to stderr instead of StringIO
+  * Fix covscan result
+  * data/gschema: Remove Ctrl+period in circle_kana_mode (#23)
+- Remove obsolete build dependency on python3-gobject2 but declare
+  the forgotten runtime dependency on python3-gobject >= 3
+
--update to 1.5.6
-  * Remove references to deprecated GTK classes
-  * Replace FileNotFoundError with IOError for Python 2
-    (Fix bnc#898849)
-  * Change fequencies of symbols from 500 to 0
-  * Add emojis to the dictionary
-  * Set preview_lines to -1 for zip code
-  * Add search entry in the view dictionary dialog
-
ibus-hangul
+- update to 1.5.5:
+  * Use synchronous key event processing if possible (since ibus
+    1.5.28) (#114 )
+  * Update SVG icons
+
ibus-libpinyin
+- Update version to 1.15.3
+  * Fix English mode in Full Pinyin
+
+- Update version to 1.15.2
+  * Fix bugs
+- Drop fix-sqlite-3_41_0-support.patch, merged
+
+- Add fix-sqlite-3_41_0-support.patch, fix build on sqlite 3.41.0
+
+- Update version to 1.15.1
+  * Require libpinyin 2.7.91
+  * Improve suggestion candidates
+  * Improve English candidates
+  * Support longer candidates
+  * Support Legacy mode
+  * Fix bugs
+
+- update to 1.13.1:
+  * fix setup dialog
+
+- Update version to 1.13.0
+  * Fix bugs
+
+- Update version to 1.12.91
+  * Enhance English input mode
+  * Enhance Table input mode
+  * Update setup dialog
+
ibus-libzhuyin
+- Do not BuildRequire libzhuyin13: that's the responsibility of the
+  respective devel package.
+
+- update to 1.10.2:
+  * bug fixes
+
+- update to 1.10.1:
+  * fix setup dialog
+
ibus-m17n
+- Update to 1.4.20
+  * Reduce preedit flicker
+  * Remove xml:lang="en" from the screenshot in appdata.xml
+  * Use ibus_text_new_from_string (string) instead of ibus_text_new_from_static_string (string) in ibus_m17n_engine_commit_string()
+  * Add missing g_free (buf) in ibus_m17n_mtext_to_utf8()
+
+update: 1.4.17 -> 1.4.19
+- Added weblate translations to Sinhala
+- Add parrot icon emoji
+
+update: 1.4.13 -> 1.4.17
+- Fix problem that sa-IAST input method cannot be activated and make settings of sa-IAST work
+  * https://github.com/ibus/ibus-m17n/issues/52
+- Let IBusM17nEngine inherit from IBusEngineSimple to enable compose support
+  * https://github.com/ibus/ibus-m17n/issues/51
+
+update: 1.4.11 -> 1.4.13
+- Added translations using Weblate (Arabic updated, Georgian added)
+
+update: 1.4.10 -> 1.4.11
+- Added translation using Weblate (Arabic, 100%)
+- Add 256x256 icon to m17n.appdata.xml
+
+feat: use _service files to automate fetching sources
+  update: 1.4.9 -> 1.4.10
+- Add language to longname in --xml output to make engines which have exactly
+  the same icon distinguishable in the engine switcher
+- Make the icon of the current engine appear at the left of floating panel of ibus.
+  And also show the full engine name as a tooltip on that icon
+  Before only a generic gear wheel ⚙️ was shown, the same for
+  all engines, so one could not distinguish which engine was
+  selected in the floating panel.
+- Show also the engine name in the title of the setup tool window.
+  I.e. instead of just “Preferences” show something like
+  “Preferences m17n:t:latn-post”.
+- Better icon and a screenshot which can be shown in gnome-software
+- Improvements in m17n.appdata.xml
+
+update: 1.4.6 -> 1.4.9
+- Allow use of kbd engines gh#ibus/ibus-m17n#32
+- Assign symbols to all the new inscript2 engines (and add some other missing symbols)
+  * gh#ibus/ibus-m17n#37
+- Remove gnome-common requirement and re-write autogen.sh (by Parag Nemade)
+  * gh#ibus/ibus-m17n#37
+- Update weblate translation for Sinhala
+- Free lang and name after engine_name is built gh#ibus/ibus-m17n#39
+- Just return from ibus_m17n_engine_callback with nullable m17n
+- Hide status from the panel if status == title (by Daiki Ueno)
+
-- Remove the following languages
-  (cs,da,de,el,en,es,fi,fr,hr,it,nb,nn,pa,pl,sk,sv) from
-  locale-specific provides tag, to prevent ibus/ibus-m17n to be
-  installed by default for those languages.
-
-- Add ibus as Requires
-
-- update to 1.3.4
-
ibus-table
+- Update version to 1.17.1
+  * Fix mypy warnings
+  * Return empty program_name and window_title in get_active_window_xprop() when
+    xprop results are unexpected (Resolves:
+    https://bugzilla.redhat.com/show_bug.cgi?id=2215466)
+  * Translation update from Weblate
+
+update: 1.16.14 -> 1.17.0
+- New option commit_invalid_mode: Choose what happens when a character not in
+  valid input characters is typed
+- More translations
+
+update: 1.16.13 -> 1.16.14
+- Fix a problem in C/POSIX and invalid locales: Use lower() on LC_MESSAGES only
+  if it is a string and not None
+
+update: 1.16.12 -> 1.16.13
+- Get program name of focused window also when ibus cannot get it
+- Use focus id if available (it is available for ibus >= 1.5.27)
+- Use IBus.PreeditFocusMode.COMMIT and make sure the input is cleared and the UI
+  updated when the focus changes
+- Do not reset input purpose on focus out
+- Do not commit by index when OSK is visible
+
+update: 1.16.11 -> 1.16.12
+- Stop using locale.getdefaultlocale() because it is deprecated in Python 3.11
+  and will be removed in Python 3.13
+- Add 128x128, 256x256, and svg (remote) icons to ibus-table.appdata.xml
+
+update: 1.16.10 -> 1.16.11
+- Remove hashbang from chinese_variants.py and tabcreatedb.py
+  * gh#mike-fabian/ibus-table#118
+
+update: 1.16.9 -> 1.6.10
+- Add png versions of the ibus-table.svg icon
+- Add (remote) icon to ibus-table.appdata.xml
+- Add screenshot to ibus-table.appdata.xml
+
+feat: use _service files to automate fetching sources
+
+update: 1.13.3 -> 1.16.9
+- Now requires Python >= 3.6 to build
+- Update Unihan_Variants.txt to "2022-04-26 Unicode 15.0.0 draft"
+- Update weblate translations
+- Add option to set dynamic adjust at runtime gh#mike-fabian/ibus-table#70
+- Add button to forget all data learned by typing and selecting candidates
+  * gh#kaio/ibus-table#75
+- Fix problems with goucima for erbi-qs table gh#kaio/ibus-table#77
+- Fix gh#mike-fabian/ibus-table#85
+- æ — U+6817 is used in Traditional Chinese as well gh#mike-fabian/ibus-table#95
+- Ignore MOD3_MASK (Scroll Lock) when matching key bindings gh#mike-fabian/ibus-table#102
+- When a Modifier key release matches a hotkey command, return False not True
+  * gh#mike-fabian/ibus-table#102
+
-- update to 1.8.11
-  * Fix typo in variable name self_onechar -> self._onechar
-  * Disable “onechar” (Phrase mode/Single char mode) option for non-CJK
-    databases
-  * Disable auto_commit option for tables which do not have RULES
-  * Resolves: rhbz#1135759 - The rusle is broken with "Normal commit mode"
-    See: https://bugzilla.redhat.com/show_bug.cgi?id=1135759
-  * Pass IBus.KEY_KP_Enter to the application if the preedit is empty
-  * Resolves: rhbz#1133424 - With the new "rusle" table in ibus-table-cyrillic,
-    Keypad Enter problem
-    See: https://bugzilla.redhat.com/show_bug.cgi?id=1133424
-  * Ignore Shift+Space hotkey to switch fullwidth/halfwidth if the database
-    is not for CJK
-  * Move some options into a new tab “Details”
-  * Disable properties related to fullwidth/halfwidth for non-CJK tables
-  * Remove “Hide Candidates/Display Candidates” from the properties menu
-  * Show keyboard shortcuts also in the property menu entries
-  * Use the “notify::text” signal instead of “activate” on GtkEntry widget
-  * Update Chinese .po files
-  * Update German translation
-  * Move the “Restore all defaults” button into the GtkButtonBox at bottom
-  * Apply fix for 同 again to Unihan_Variants.txt, it is both simplified *and*
-    traditional Chinese
-  * And regenerate engine/chinese_variants.py.
-  * Escape % and _ if they are not intended as wildcards
-  * Require Python >= 3.3
-
-- update version 1.8.5
-  * Always write xml output in UTF-8 encoding, not in the encoding
-    of the current locale
-- changes since 1.8.4
-  * Tweak defaults for Chinese mode taken from the locale
-  * Fix prompts for array30 table and don’t use prompts in pinyin mode
-  * Make it possible to use select keys like F1, F2, F3 ...
-  * For cangjie* and quick* tables: Use big5 order if the freq from
-    the table is the same
-- add ibus-table-python3.patch
-  * replace file() to open()
-
-- Switch python to python3
-
ibus-table-chinese
+- Update version to 1.8.12
+  * Add appdata.xml files
+  * Convert license tags to SPDX format
+  * Add .svg icon files for use in appdata.xml files
+
+update: 1.8.9 -> 1.8.11
+- Improve punctuation support in cangjie5.txt, cangjie3.txt, cangjie-big.txt, quick5.txt, quick3.txt, quick-classic.txt
+- Improve punctuation support in jyutping.txt, cantonese.txt, cantonhk.txt, cantonyale.txt
+- Improve “improve_jyutping.py” to allow comments in the table
+- Update of jyutping.txt for Unicode 15.0.0 final release
+
+feat: use _service files to automate fetching sources
+
+update: 1.8.8 -> 1.8.9
+- Add tones to Jyutping.txt table (gh#mike-fabian/ibus-table-chinese#6)
+  * Tonal markers according to
+  https://github.com/rime/rime-cantonese/blob/main/README-en.md#tonal-markers
+  were added:
+  1   v: High level, e.g. siv → 詩; High level checked, e.g. sikv → 色
+  2   x: Medium rising, e.g. six → 史
+  3   q: Medium level, e.g. siq→ 試; Medium level checked, e.g. sekq → 錫
+  4   vv: Low falling, e.g. sivv → 時
+  5   xx: Low rising, e.g. sixx → 市
+  6   qq: Low level, e.g. siqq→ 事; Low level checked, e.g. sikqq → 食
+  fix: CMake warning about no source or binary directory provided
+
+update: 1.8.3 -> 1.8.8
+- Move source to mike-fabian's repo as previous repo is now deprecated
+  * https://github.com/definite/ibus-table-chinese/blob/master/README
+- Simplify CMakeLists.txt to avoid requiring cmake-fedora
+- cangjie5.txt improvement gh#mike-fabian/ibus-table-chinese#87
+- quick5.txt improvement gh#mike-fabian/ibus-table-chinese#4
+- Add table_extra tag gh#definite/ibus-table-chinese#18
+- "Traditional Chinese only" is now the default for cangjie5 and quick5
+  * gh#mike-fabian/ibus-table-chinese#2
+- Build outside of source tree gh#mike-fabian/ibus-table-chinese#2
+  chore: clean up specfile
+
-- fix for factory: BuildRequires: python-ibus
-
ibus-table-others
+- Update to 1.3.16
+  * feat: several improvements to Old Hungarian
+  * fix: remove { and } from VALID_INPUT_CHARS in LaTeX table
+
+feat: use _service files to automate fetching sources
+
+update: 1.3.12 -> 1.3.13
+- Improvements in the latex.txt table gh#mike-fabian/ibus-table-others#24
+
-- Add locale-specific provides tags for automatic installation
-
-- Moved from ibus-table package for ibus-1.3.x;
-  this is a compound package of non-Chinese input method tables
-
java-17-openjdk
+- Update to upstream tag jdk-17.0.9+9 (October 2023 CPU)
+  * Security fixes
+    + JDK-8286503, JDK-8312367: Enhance security classes
+    + JDK-8296581: Better system proxy support
+    + JDK-8297856: Improve handling of Bidi characters
+    + JDK-8305815, JDK-8307278: Update Libpng to 1.6.39
+    + JDK-8306881, JDK-8307286: Update FreeType to 2.13.0
+    + JDK-8309966, CVE-2023-22081, bsc#1216374: Enhanced TLS
+    connections
+    + JDK-8312248: Enhanced archival support redux
+    + JDK-8314649: Enhanced archival support redux
+    + JDK-8317121, CVE-2023-22025, bsc#1216339: vector_masked_load
+    instruction is moved too early after JDK-8286941
+  * New features
+    + JDK-8276799: Implementation of JEP 422: Linux/RISC-V Port
+  * Other changes
+    + JDK-6176679: Application freezes when copying an animated gif
+    image to the system clipboard
+    + JDK-6381945: (cal) Japanese calendar unit test system should
+    avoid multiple static imports
+    + JDK-8040793: vmTestbase/nsk/monitoring/stress/lowmem fails on
+    calling isCollectionUsageThresholdExceeded()
+    + JDK-8153837: AArch64: Handle special cases for MaxINode &
+    MinINode
+    + JDK-8156889: ListKeychainStore.sh fails in some virtualized
+    environments
+    + JDK-8171221: Remove -XX:+CheckMemoryInitialization
+    + JDK-8180266: Convert sun/security/provider/KeyStore/DKSTest.sh
+    to Java Jtreg Test
+    + JDK-8195589: T6587786.java failed after JDK-8189997
+    + JDK-8209398: sun/security/pkcs11/KeyStore/SecretKeysBasic.sh
+    failed with "PKCS11Exception: CKR_ATTRIBUTE_SENSITIVE"
+    + JDK-8225012: sanity/client/SwingSet/src/ToolTipDemoTest.java
+    fails on Windows
+    + JDK-8229147: Linux os::create_thread() overcounts guardpage
+    size with newer glibc (>=2.27)
+    + JDK-8252713: jtreg time out of CtrlASCII.java seems to hang
+    the Xserver.
+    + JDK-8255548: Missing coverage for
+    javax.xml.crypto.dom.DOMCryptoContext
+    + JDK-8263044: jdk/jfr/jvm/TestDumpOnCrash.java timed out
+    + JDK-8267188: gc/stringdedup/
+    /TestStringDeduplicationInterned.java fails with Shenandoah
+    + JDK-8267341: macos attempt_reserve_memory_at(arg1, arg2,
+    true) failure
+    + JDK-8267517: async logging for stdout and stderr
+    + JDK-8267860: Off-by-one bug when searching arrays in
+    AlpnGreaseTest
+    + JDK-8268852: AsyncLogWriter should not overide
+    is_Named_thread()
+    + JDK-8269091: javax/sound/sampled/Clip/SetPositionHang.java
+    failed with ArrayIndexOutOfBoundsException: Array index out of
+    range: -4
+    + JDK-8269466: Factor out the common code for initializing and
+    starting internal VM JavaThreads
+    + JDK-8270331: [TESTBUG] Error: Not a test or directory
+    containing tests: java/awt/print/PrinterJob/InitToBlack.java
+    + JDK-8270794: Avoid loading Klass* twice in
+    TypeArrayKlass::oop_size()
+    + JDK-8270894: Use acquire semantics in
+    ObjectSynchronizer::read_stable_mark()
+    + JDK-8271707: migrate tests to use jdk.test.whitebox.WhiteBox
+    + JDK-8271898: disable os.release_multi_mappings_vm on macOS-X64
+    + JDK-8272586: emit abstract machine code in hs-err logs
+    + JDK-8272654: Mark word accesses should not use Access API
+    + JDK-8273092: Sort classlist in JDK image
+    + JDK-8273803: Zero: Handle "zero" variant in
+    CommandLineOptionTest.java
+    + JDK-8274986: max code printed in hs-err logs should be
+    configurable
+    + JDK-8275031: runtime/ErrorHandling/
+    /MachCodeFramesInErrorFile.java fails when hsdis is present
+    + JDK-8275303: sun/java2d/pipe/InterpolationQualityTest.java
+    fails with D3D basic render driver
+    + JDK-8275415: Prepare Leak Profiler for Lilliput
+    + JDK-8275662: remove test/lib/sun/hotspot
+    + JDK-8276333: jdk/jfr/event/oldobject/TestLargeRootSet.java
+    failed "assert(!contains(edge->reference())) failed:
+    invariant"
+    + JDK-8276651: java/lang/ProcessHandle tests fail with
+    "RuntimeException: Input/output error" in
+    java.lang.ProcessHandleImpl$Info.info0
+    + JDK-8276696: ParallelObjectIterator freed at the wrong time
+    in VM_HeapDumper
+    + JDK-8277102: Dubious PrintCompilation output
+    + JDK-8277353: java/security/MessageDigest/ThreadSafetyTest.java
+    test times out
+    + JDK-8277417: C1 LIR instruction for load-klass
+    + JDK-8277427: Update jib-profiles.js to use JMH 1.33 devkit
+    + JDK-8277654: Shenandoah: Don't produce new memory state in C2
+    LRB runtime call
+    + JDK-8277860: PPC: Remove duplicate info != NULL check
+    + JDK-8278141: LIR_OpLoadKlass::_info shadows the field of the
+    same name from LIR_Op
+    + JDK-8278456: Define jtreg jdk_desktop test group time-based
+    sub-tasks for use by headful testing.
+    + JDK-8279545: Buffer overrun in reverse_words of
+    sharedRuntime_x86_64.cpp:3517
+    + JDK-8280032: Update jib-profiles.js to use JMH 1.34 devkit
+    + JDK-8280396: G1: Full gc mark stack draining should prefer to
+    make work available to other threads
+    + JDK-8280885: Shenandoah: Some tests failed with "EA: missing
+    allocation reference path"
+    + JDK-8281507: Two javac tests have bad jtreg `@clean` tags
+    + JDK-8281717: Cover logout method for several LoginModule
+    + JDK-8282404: DrawStringWithInfiniteXform.java failed with
+    "RuntimeException: drawString with InfiniteXform transform
+    takes long time"
+    + JDK-8282651: ZGC: vmTestbase/gc/ArrayJuggle/ tests fails
+    intermittently with exit code 97
+    + JDK-8282665: [REDO] ByteBufferTest.java: replace endless
+    recursion with RuntimeException in void ck(double x, double y)
+    + JDK-8283056: show abstract machine code in hs-err for all VM
+    crashes
+    + JDK-8283276: java/io/ObjectStreamClass/
+    /ObjectStreamClassCaching.java fails with various GCs
+    + JDK-8283326: Implement SafeFetch statically
+    + JDK-8283724: Incorrect description for jtreg-failure-handler
+    option
+    + JDK-8283756: (zipfs) ZipFSOutputStreamTest.testOutputStream
+    should only check inflated bytes
+    + JDK-8283865: riscv: Break down -XX:+UseRVB into seperate
+    options for each bitmanip extension
+    + JDK-8283929: GHA: Add RISC-V build config
+    + JDK-8284068: riscv: should call Atomic::release_store in
+    JavaThread::set_thread_state
+    + JDK-8284090: com/sun/security/auth/module/AllPlatforms.java
+    fails to compile
+    + JDK-8284273: Early crashes in os::print_context on AArch64
+    + JDK-8284760: Correct type/array element offset in
+    LibraryCallKit::get_state_from_digest_object()
+    + JDK-8284772: GHA: Use GCC Major Version Dependencies Only
+    + JDK-8284910: Buffer clean in PasswordCallback
+    + JDK-8284937: riscv: should not allocate special register for
+    temp
+    + JDK-8284997: arm32 build crashes since JDK-8283326
+    + JDK-8285303: riscv: Incorrect register mask in
+    call_native_base
+    + JDK-8285437: riscv: Fix MachNode size mismatch for
+    MacroAssembler::verify_oops*
+    + JDK-8285630: Fix a configure error in RISC-V cross build
+    + JDK-8285675: Temporary fix for arm32 SafeFetch
+    + JDK-8285699: riscv: Provide information when hitting a
+    HaltNode
+    + JDK-8285711: riscv: RVC: Support disassembler show-bytes
+    option
+    + JDK-8285756: clean up use of bad arguments for `@clean` in
+    langtools tests
+    + JDK-8285980: Several tests in compiler/c2/irTests miss
+    @requires vm.compiler2.enabled
+    + JDK-8286481: Exception printed to stdout on Windows when
+    storing transparent image in clipboard
+    + JDK-8286620: Create regression test for verifying setMargin()
+    of JRadioButton
+    + JDK-8286623: Bundle zlib by default with JDK on macos aarch64
+    + JDK-8287227: Shenandoah: A couple of virtual thread tests
+    failed with iu mode even without Loom enabled.
+    + JDK-8287418: riscv: Fix correctness issue of
+    MacroAssembler::movptr
+    + JDK-8287552: riscv: Fix comment typo in li64
+    + JDK-8287970: riscv: jdk/incubator/vector/*VectorTests failing
+    + JDK-8288719: [arm32] SafeFetch32 thumb interleaving causes
+    random crashes
+    + JDK-8289077: Add manual tests to open
+    + JDK-8289238: Refactoring changes to PassFailJFrame Test
+    Framework
+    + JDK-8289510: Improve test coverage for XPath Axes: namespace
+    + JDK-8289512: Fix GCC 12 warnings for adlc output_c.cpp
+    + JDK-8289547: Update javax/swing/Popup/TaskbarPositionTest.java
+    + JDK-8289646: configure script failed on WSL
+    + JDK-8289688: jfr command hangs when it processes invalid file
+    + JDK-8289748: C2 compiled code crashes with SIGFPE with
+  - XX:+StressLCM and -XX:+StressGCM
+    + JDK-8289797: tools/launcher/I18NArgTest.java fails on
+    Japanese Windows environment
+    + JDK-8289917: Metadata for regionsRefilled of
+    G1EvacuationStatistics event is wrong
+    + JDK-8290137: riscv: small refactoring for add_memory_int32/64
+    + JDK-8290164: compiler/runtime/TestConstantsInError.java fails
+    on riscv
+    + JDK-8290464: Optimize ResourceArea zapping on ResourceMark
+    release
+    + JDK-8290469: Add new positioning options to PassFailJFrame
+    test framework
+    + JDK-8290496: riscv: Fix build warnings-as-errors with GCC 11
+    + JDK-8291444: GHA builds/tests won't run manually if disabled
+    from automatic running
+    + JDK-8291830: jvmti/RedefineClasses/StressRedefine failed:
+    assert(!is_null(v)) failed: narrow klass value can never be zero
+    + JDK-8291893: riscv: remove fence.i used in user space
+    + JDK-8291947: riscv: fail to build after JDK-8290840
+    + JDK-8291952: riscv: Remove PRAGMA_NONNULL_IGNORED
+    + JDK-8292182: [TESTLIB] Enhance JAXPPolicyManager to setup
+    required permissions for jtreg version 7 jar
+    + JDK-8292315: Tests should not rely on specific JAR file names
+    (hotspot)
+    + JDK-8292316: Tests should not rely on specific JAR file names
+    (jpackage)
+    + JDK-8292683: Remove BadKeyUsageTest.java from Problem List
+    + JDK-8292698: Improve performance of DataInputStream
+    + JDK-8292716: Configure should check that jtreg is of the
+    required version
+    + JDK-8292763: JDK-8292716 breaks configure without jtreg
+    + JDK-8292867: RISC-V: Simplify weak CAS return value handling
+    + JDK-8293012: ConstantPool::print_on can crash if _cache is
+    NULL
+    + JDK-8293050: RISC-V: Remove redundant non-null assertions
+    about macro-assembler
+    + JDK-8293098: GHA: Harmonize GCC version handling for host and
+    cross builds
+    + JDK-8293100: RISC-V: Need to save and restore callee-saved
+    FloatRegisters in StubGenerator::generate_call_stub
+    + JDK-8293107: GHA: Bump to Ubuntu 22.04
+    + JDK-8293114: JVM should trim the native heap
+    + JDK-8293166: jdk/jfr/jvm/TestDumpOnCrash.java fails on Linux
+    ppc64le and Linux aarch64
+    + JDK-8293177: Verify version numbers in legal files
+    + JDK-8293180: JQuery UI license file not updated
+    + JDK-8293252: Shenandoah: ThreadMXBean synchronizer tests
+    crash with aggressive heuristics
+    + JDK-8293361: GHA: dump config.log in case of configure failure
+    + JDK-8293474: RISC-V: Unify the way of moving function pointer
+    + JDK-8293524: RISC-V: Use macro-assembler functions as
+    appropriate
+    + JDK-8293566: RISC-V: Clean up push and pop registers
+    + JDK-8293811: Provide a reason for PassFailJFrame.forceFail
+    + JDK-8293851: hs_err should print more stack in hex dump
+    + JDK-8294012: RISC-V: get/put_native_u8 missing the case when
+    address&7 is 6
+    + JDK-8294083: RISC-V: Minimal build failed with
+  - -disable-precompiled-headers
+    + JDK-8294086: RISC-V: Cleanup InstructionMark usages in the
+    backend
+    + JDK-8294087: RISC-V: RVC: Fix a potential alignment issue and
+    add more alignment assertions for the patchable calls/nops
+    + JDK-8294149: JMH 1.34 and later requires jopt-simple 5.0.4
+    + JDK-8294187: RISC-V: Unify all relocations for the backend
+    into AbstractAssembler::relocate()
+    + JDK-8294366: RISC-V: Partially mark out incompressible regions
+    + JDK-8294430: RISC-V: Small refactoring for movptr_with_offset
+    + JDK-8294492: RISC-V: Use li instead of patchable movptr at
+    non-patchable callsites
+    + JDK-8294679: RISC-V: Misc crash dump improvements
+    + JDK-8294941: GHA: Cut down cross-compilation sysroots
+    + JDK-8294956: GHA: qemu-debootstrap is deprecated, use the
+    regular one
+    + JDK-8295110: RISC-V: Mark out relocations as incompressible
+    + JDK-8295213: Run GHA manually with user-specified make and
+    configure arguments
+    + JDK-8295270: RISC-V: Clean up and refactoring for assembler
+    functions
+    + JDK-8295396: RISC-V: Cleanup useless CompressibleRegions
+    + JDK-8295657: SA: Allow larger object alignments
+    + JDK-8295737: macOS: Print content cut off when width > height
+    with portrait orientation
+    + JDK-8295811: serviceability/sa/TestObjectAlignment.java fails
+    on x86_32
+    + JDK-8295812: Skip the "half float" support in LittleCMS
+    during the build
+    + JDK-8295894: Remove SECOM certificate that is expiring in
+    September 2023
+    + JDK-8295926: RISC-V: C1: Fix LIRGenerator::do_LibmIntrinsic
+    + JDK-8295968: RISC-V: Rename some assembler intrinsic
+    functions for RVV 1.0
+    + JDK-8296384: [TESTBUG] sun/security/provider/SecureRandom/
+    /AbstractDrbg/SpecTest.java intermittently timeout
+    + JDK-8296435: RISC-V: Small refactoring for increment/decrement
+    + JDK-8296447: RISC-V: Make the operands order of
+    vrsub_vx/vrsub_vi consistent with RVV 1.0 spec
+    + JDK-8296448: RISC-V: Fix temp usages of heapbase register
+    killed by MacroAssembler::en/decode_klass_not_null
+    + JDK-8296602: RISC-V: improve performance of copy_memory stub
+    + JDK-8296771: RISC-V: C2: assert(false) failed: bad AD file
+    + JDK-8296796: Provide clean, platform-agnostic interface to
+    C-heap trimming
+    + JDK-8296916: RISC-V: Move some small macro-assembler
+    functions to header file
+    + JDK-8297350: Update JMH devkit to 1.36
+    + JDK-8297359: RISC-V: improve performance of floating Max Min
+    intrinsics
+    + JDK-8297476: Increase InlineSmallCode default from 1000 to
+    2500 for RISC-V
+    + JDK-8297644: RISC-V: Compilation error when shenandoah is
+    disabled
+    + JDK-8297681: Unnecessary color conversion during
+    4BYTE_ABGR_PRE to INT_ARGB_PRE blit
+    + JDK-8297697: RISC-V: Add support for SATP mode detection
+    + JDK-8297715: RISC-V: C2: Use single-bit instructions from the
+    Zbs extension
+    + JDK-8297887: Update Siphash
+    + JDK-8297923: java.awt.ScrollPane broken after multiple scroll
+    up/down
+    + JDK-8298138: Shenandoah: HdrSeq asserts "sub-bucket index
+    (512) overflow for value (    1.00)"
+    + JDK-8298921: Create a regression test for JDK-8139581
+    + JDK-8298974: Add ftcolor.c to imported freetype sources
+    + JDK-8299158: Improve MD5 intrinsic on AArch64
+    + JDK-8299168: RISC-V: Fix MachNode size mismatch for
+    MacroAssembler::_verify_oops*
+    + JDK-8299330: Minor improvements in MSYS2 Workflow handling
+    + JDK-8299617: CurrencySymbols.properties is missing the
+    copyright notice
+    + JDK-8299658: C1 compilation crashes in
+    LinearScan::resolve_exception_edge
+    + JDK-8299713: Test javax/swing/JTableHeader/6889007/
+    /bug6889007.java failed: Wrong type of cursor
+    + JDK-8299827: Add resolved IP address in connection exception
+    for sockets
+    + JDK-8299847: RISC-V: Improve PrintOptoAssembly output of
+    CMoveI/L nodes
+    + JDK-8299962: Speed up compiler/intrinsics/unsafe/
+    /DirectByteBufferTest.java and HeapByteBufferTest.java
+    + JDK-8300053: Shenandoah: Handle more GCCauses in
+    ShenandoahControlThread::request_gc
+    + JDK-8300098: java/util/concurrent/ConcurrentHashMap/
+    /ConcurrentAssociateTest.java fails with internal timeout when
+    executed with TieredCompilation1/3
+    + JDK-8300109: RISC-V: Improve code generation for MinI/MaxI
+    nodes
+    + JDK-8300405: Screen capture for test
+    JFileChooserSetLocationTest.java, failure case
+    + JDK-8300584: Accelerate AVX-512 CRC32C for small buffers
+    + JDK-8300659: Refactor TestMemoryAwareness to use WhiteBox api
+    for host values
+    + JDK-8300693: Lower the compile threshold and reduce the
+    iterations of warmup loop in VarHandles tests
+    + JDK-8301033: RISC-V: Handle special cases for MinI/MaxI nodes
+    for Zbb
+    + JDK-8301036: RISC-V: Factor out functions baseOffset &
+    baseOffset32 from MacroAssembler
+    + JDK-8301067: RISC-V: better error message when reporting
+    unsupported satp modes
+    + JDK-8301074: Replace NULL with nullptr in share/opto/
+    + JDK-8301097: Update GHA XCode to 12.5.1
+    + JDK-8301153: RISC-V: pipeline class for several instructions
+    is not set correctly
+    + JDK-8301167: Update VerifySignedJar to actually exercise and
+    test verification
+    + JDK-8301187: Memory leaks in OopMapCache
+    + JDK-8301269: Update Commons BCEL to Version 6.7.0
+    + JDK-8301313: RISC-V: C2: assert(false) failed: bad AD file
+    due to missing match rule
+    + JDK-8301367: Add exception handler method to the
+    BaseLdapServer
+    + JDK-8301628: RISC-V: c2 fix pipeline class for several
+    instructions
+    + JDK-8301700: Increase the default TLS Diffie-Hellman group
+    size from 1024-bit to 2048-bit
+    + JDK-8301818: RISC-V: Factor out function mvw from
+    MacroAssembler
+    + JDK-8301852: RISC-V: Optimize class atomic when order is
+    memory_order_relaxed
+    + JDK-8301959: Compile command in
+    compiler.loopopts.TestRemoveEmptyCountedLoop does not work
+    + JDK-8302114: RISC-V: Several foreign jtreg tests fail with
+    debug build after JDK-8301818
+    + JDK-8302150: Speed up compiler/codegen/Test7100757.java
+    + JDK-8302161: Upgrade jQuery UI to version 1.13.2
+    + JDK-8302182: Update Public Suffix List to 88467c9
+    + JDK-8302289: RISC-V: Use bgez instruction in
+    arraycopy_simple_check when possible
+    + JDK-8302736: Major performance regression in Math.log on
+    aarch64
+    + JDK-8302776: RISC-V: Fix typo CSR_INSTERT to CSR_INSTRET
+    + JDK-8303047: avoid NULL after 8301661
+    + JDK-8303154: Investigate and improve instruction cache
+    flushing during compilation
+    + JDK-8303215: Make thread stacks not use huge pages
+    + JDK-8303279: C2: crash in SubTypeCheckNode::sub() at IGVN
+    split if
+    + JDK-8304293: RISC-V: JDK-8276799 missed atomic intrinsic
+    support for C1
+    + JDK-8304314: StackWalkTest.java fails after CODETOOLS-7903373
+    + JDK-8304353: Add lib-test tier1 testing in GHA
+    + JDK-8304725: AsyncGetCallTrace can cause SIGBUS on M1
+    + JDK-8304845: Update PCSC-Lite for Suse Linux to 1.9.9 and fix
+    incomplete license wording
+    + JDK-8304976: Optimize
+    DateTimeFormatterBuilder.ZoneTextPrinterParser.getTree()
+    + JDK-8305006: Use correct register in riscv_enc_fast_unlock()
+    + JDK-8305008: RISC-V: Factor out immediate checking functions
+    from assembler_riscv.inline.hpp
+    + JDK-8305112: RISC-V: Typo fix for RVC description
+    + JDK-8305236: Some LoadLoad barriers in the interpreter are
+    unnecessary after JDK-8220051
+    + JDK-8305421: Work around JDK-8305420 in CDSJDITest.java
+    + JDK-8305425: Thread.isAlive0 doesn't need to call into the VM
+    + JDK-8305512: RISC-V: Enable RVC extension by default on
+    supported hardware
+    + JDK-8305670: Performance regression in LockSupport.unpark
+    with lots of idle threads
+    + JDK-8305728: RISC-V: Use bexti instruction to do single-bit
+    testing
+    + JDK-8305763: Parsing a URI with an underscore goes through a
+    silent exception, negatively impacting performance
+    + JDK-8305766: ProblemList runtime/CompressedOops/
+    /CompressedClassPointers.java
+    + JDK-8305858: Resolve multiple definition of
+    'handleSocketError' when statically linking with JDK native
+    libraries
+    + JDK-8305950: Have -XshowSettings option display tzdata version
+    + JDK-8305995: Footprint regression from JDK-8224957
+    + JDK-8306060: Open source few AWT Insets related tests
+    + JDK-8306076: Open source AWT misc tests
+    + JDK-8306134: Open source some AWT tests relating to Button
+    and a few other classes
+    + JDK-8306135: Clean up and open source some AWT tests
+    + JDK-8306137: Open source several AWT ScrollPane related tests
+    + JDK-8306281: function isWsl() returns false on WSL2
+    + JDK-8306372: Open source AWT CardLayout and Checkbox tests
+    + JDK-8306428: RunThese30M.java crashed with
+    assert(early->flag() == current->flag() || early->flag() ==
+    mtNone)
+    + JDK-8306430: Open source some AWT tests related to
+    TextComponent and Toolkit
+    + JDK-8306435: Juggle04/TestDescription.java should be a
+    booleanArr test and not a byteArr one
+    + JDK-8306484: Open source several AWT Choice jtreg tests
+    + JDK-8306566: Open source several clipboard AWT tests
+    + JDK-8306575: Clean up and open source four Dialog related
+    tests
+    + JDK-8306636: Disable compiler/c2/Test6905845.java with
+  - XX:TieredStopAtLevel=3
+    + JDK-8306638: Open source some AWT tests related to
+    datatransfer and Toolkit
+    + JDK-8306667: RISC-V: Fix storeImmN0 matching rule by using zr
+    register
+    + JDK-8306682: Open source a few more AWT Choice tests
+    + JDK-8306718: Optimize and opensource some old AWT tests
+    + JDK-8306738: Select num workers for safepoint
+    ParallelCleanupTask
+    + JDK-8306765: Some client related jtreg problem list entries
+    are malformed
+    + JDK-8306812: Open source several AWT Miscellaneous tests
+    + JDK-8307067: remove broken EnableThreadSMRExtraValidityChecks
+    option
+    + JDK-8307068: store a JavaThread* in the java.lang.Thread
+    object after the JavaThread* is added to the main ThreadsList
+    + JDK-8307078: Opensource and clean up five more AWT Focus
+    related tests
+    + JDK-8307079: Update test java/awt/Choice/DragOffNoSelect.java
+    + JDK-8307083: Open source some drag and drop tests 3
+    + JDK-8307147: [x86] Dangling pointer warning for
+    Assembler::_attributes
+    + JDK-8307150: RISC-V: Remove remaining StoreLoad barrier with
+    UseCondCardMark for Serial/Parallel GC
+    + JDK-8307156: native_thread not protected by TLH
+    + JDK-8307165: java/awt/dnd/NoFormatsDropTest/
+    /NoFormatsDropTest.java timed out
+    + JDK-8307299: Move more DnD tests to open
+    + JDK-8307301: Update HarfBuzz to 7.2.0
+    + JDK-8307348: Parallelize heap walk for ObjectCount(AfterGC)
+    JFR event collection
+    + JDK-8307395: Add missing STS to Shenandoah
+    + JDK-8307446: RISC-V: Improve performance of floating point to
+    integer conversion
+    + JDK-8307526: [JFR] Better handling of tampered JFR repository
+    + JDK-8307555: Reduce memory reads in x86 MD5 intrinsic
+    + JDK-8307569: Build with gcc8 is broken after JDK-8307301
+    + JDK-8307572: AArch64: Vector registers are clobbered by some
+    macroassemblers
+    + JDK-8307603: [AIX] Broken build after JDK-8307301
+    + JDK-8307604: gcc12 based Alpine build broken build after
+    JDK-8307301
+    + JDK-8307651: RISC-V: stringL_indexof_char instruction has
+    wrong format string
+    + JDK-8307653: Adjust delay time and gc log argument in
+    TestAbortOnVMOperationTimeout
+    + JDK-8307683: Loop Predication should not hoist range checks
+    with trap on success projection by negating their condition
+    + JDK-8307766: Linux: Provide the option to override the timer
+    slack
+    + JDK-8308089: [riscv-port-jdk17u] Intrinsify
+    Unsafe.storeStoreFence
+    + JDK-8308090: Add container tests for on-the-fly resource
+    quota updates
+    + JDK-8308152: PropertyDescriptor should work with overridden
+    generic getter method
+    + JDK-8308156: VerifyCACerts.java misses blank in error output
+    + JDK-8308192: Error in parsing replay file when staticfield is
+    an array of single dimension
+    + JDK-8308232: nsk/jdb tests don't pass -verbose flag to the
+    debuggee
+    + JDK-8308277: RISC-V: Improve vectorization of Match.sqrt() on
+    floats
+    + JDK-8308283: Build failure with GCC12 & GCC13
+    + JDK-8308300: enhance exceptions in MappedMemoryUtils.c
+    + JDK-8308643: Incorrect value of 'used' jvmstat counter
+    + JDK-8308766: TLAB initialization may cause div by zero
+    + JDK-8308803: Improve java/util/UUID/UUIDTest.java
+    + JDK-8308872: enhance logging and some exception in
+    krb5/Config.java
+    + JDK-8308997: RISC-V: Sign extend when comparing 32-bit value
+    with zero instead of testing the sign bit
+    + JDK-8309088: security/infra/java/security/cert/
+    /CertPathValidator/certification/AmazonCA.java fails
+    + JDK-8309095: Remove UTF-8 character from
+    TaskbarPositionTest.java
+    + JDK-8309107: Bump update version for OpenJDK: jdk-17.0.9
+    + JDK-8309119: [17u/11u] Redo JDK-8297951: C2: Create skeleton
+    predicates for all If nodes in loop predication
+    + JDK-8309138: Fix container tests for jdks with symlinked conf
+    dir
+    + JDK-8309228: Clarify EXPERIMENTAL flags comment in
+    hotspot/share/runtime/globals.hpp
+    + JDK-8309254: Implement fast-path for ASCII-compatible
+    CharsetEncoders on RISC-V
+    + JDK-8309266: C2: assert(final_con == (jlong)final_int)
+    failed: final value should be integer
+    + JDK-8309297: Adjust ShenandoahHeap print_heap_regions_on
+    + JDK-8309340: Provide sctpHandleSocketErrorWithMessage
+    + JDK-8309427: [riscv-port-jdk17u] Remove unused
+    RoundDoubleModeV C2 node
+    + JDK-8309550: jdk.jfr.internal.Utils::formatDataAmount method
+    should gracefully handle amounts equal to Long.MIN_VALUE
+    + JDK-8309591: Socket.setOption(TCP_QUICKACK) uses wrong level
+    + JDK-8309613: [Windows] hs_err files sometimes miss
+    information about the code containing the error
+    + JDK-8309746: Reconfigure check should include
+    make/conf/version-numbers.conf
+    + JDK-8309862: Unsafe list operations in JfrStringPool
+    + JDK-8309956: Shenandoah: Strengthen the mark word check in
+    string dedup
+    + JDK-8309959: JFR: Display N/A for missing data amount
+    + JDK-8310054: ScrollPane insets are incorrect
+    + JDK-8310126: C1: Missing receiver null check in
+    Reference::get intrinsic
+    + JDK-8310259: Pin msys2/setup-msys2 github action to a
+    specific commit
+    + JDK-8310549: avoid potential leaks in KeystoreImpl.m related
+    to JNU_CHECK_EXCEPTION early returns
+    + JDK-8310551: vmTestbase/nsk/jdb/interrupt/interrupt001/
+    /interrupt001.java timed out due to missing prompt
+    + JDK-8310873: Re-enable locked_create_entry symbol check in
+    runtime/NMT/CheckForProperDetailStackTrace.java for RISC-V
+    + JDK-8311033: [macos] PrinterJob does not take into account
+    Sides attribute
+    + JDK-8311249: Remove unused MemAllocator::obj_memory_range
+    + JDK-8311285: report some fontconfig related environment
+    variables in hs_err file
+    + JDK-8311689: Wrong visible amount in Adjustable of ScrollPane
+    + JDK-8311862: RISC-V: small improvements to shift immediate
+    instructions
+    + JDK-8311923: TestIRMatching.java fails on RISC-V
+    + JDK-8312029: Add CriticalNative tests to ProblemList for
+    8312028
+    + JDK-8312511: GHA: Bump cross-compile runner to Ubuntu 22.04
+    + JDK-8312525: New test runtime/os/TestTrimNative.java#trimNative
+    is failing: did not see the expected RSS reduction
+    + JDK-8312555: Ideographic characters aren't stretched by
+    AffineTransform.scale(2, 1)
+    + JDK-8313262: C2:  Sinking node may cause required cast to be
+    dropped
+    + JDK-8313402: C1: Incorrect LoadIndexed value numbering
+    + JDK-8313428: GHA: Bump GCC versions for July 2023 updates
+    + JDK-8313576: GCC 7 reports compiler warning in bundled
+    freetype 2.13.0
+    + JDK-8313676: Amend TestLoadIndexedMismatch test to target
+    intrinsic directly
+    + JDK-8313678: SymbolTable can leak Symbols during cleanup
+    + JDK-8313701: GHA: RISC-V should use the official repository
+    for bootstrap
+    + JDK-8313707: GHA: Bootstrap sysroots with --variant=minbase
+    + JDK-8313796: AsyncGetCallTrace crash on unreadable
+    interpreter method pointer
+    + JDK-8313815: The exception messages printed by jcmd
+    ManagementAgent.start are corrupted on Japanese Windows
+    + JDK-8313874: JNI NewWeakGlobalRef throws exception for null
+    arg
+    + JDK-8314020: Print instruction blocks in byte units
+    + JDK-8314117: RISC-V: Incorrect VMReg encoding in
+    RISCV64Frame.java
+    + JDK-8314118: Update JMH devkit to 1.37
+    + JDK-8314262: GHA: Cut down cross-compilation sysroots deeper
+    + JDK-8314426: runtime/os/TestTrimNative.java is failing on
+    slow machines
+    + JDK-8314501: Shenandoah: sun/tools/jhsdb/heapconfig/
+    /JMapHeapConfigTest.java fails
+    + JDK-8314517: some tests fail in case ipv6 is disabled on the
+    machine
+    + JDK-8314552: Fix javadoc tests to work with jtreg 7
+    + JDK-8314658: [17u] GHA: Sync up debian-version for
+    cross-builds
+    + JDK-8314730: GHA: Drop libfreetype6-dev transitional package
+    in favor of libfreetype-dev
+    + JDK-8314960: Add Certigna Root CA - 2
+    + JDK-8317040: Exclude cleaner test failing on older releases
+    + JDK-8317643: [17u] Remove designator
+    DEFAULT_PROMOTED_VERSION_PRE=ea for release 17.0.9
+- Modified patches:
+  * nss-security-provider.patch
+  * fips.patch
+    + rediff
+
+- Enable JIT on riscv64
+
+- Compiler flags to realign stack on ix86 (bsc#1214790)
+
+- Added patch:
+  * reproducible-properties.patch
+    + use SOURCE_DATE_EPOCH for timestamp in the generated
+    properties files
+
jetty-minimal
+- Upgrade to version 9.4.53.v20231009
+  * Fixes of 9.4.53.v20231009
+    + CVE-2023-44487, bsc#1216169
+    + CVE-2023-36478, bsc#1216162
+    + #10679 - backport HTTP/2 rate control from Jetty 10.0.x
+    + #10573 - backport hpack improvements from Jetty 10.0.x
+    + #10546 - backport jetty-http Huffman encoders/decoders from
+    Jetty 10.0.x
+  * Fixes of 9.4.52.v20230823
+    + #10352 - Jetty accepts "+" prefixed value in Content-Length
+    (CVE-2023-40167, bsc#1215417)
+    + #10337 - SizeLimitHandler does not enforce 0 responseLimit
+    + #10169 - make sure that a ServiceLoader is retrieved before
+    iterating
+    + #10066 - Allow SAXParserFactory or SAXParser to be configured
+    in Jetty's XmlParser class - Allows for GHSA-58qw-p7qm-5rvh
+    workaround
+    + #9887 - Deprecate CGI Servlet (CVE-2023-36479, bsc#1215415)
+    + #9716 - Deprecate PushSessionCacheFilter
+    + #9660 - OpenId Revoked authentication allows one request
+    (CVE-2023-41900, bsc#1215416)
+    + #9476 - onCompleteFailure called multiple times
+
+- Reproducible builds: use SOURCE_DATE_EPOCH for timestamp
+
kernel-firmware-nvidia-gspx-G06
+- update firmware to version 535.113.01
+
kubevirt
+- Update to version 1.0.1
+  Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.0.1
+- Drop patches:
+  0001-guestfs-flag-to-set-uid-and-gid.patch
+  0002-network-Use-JSON-syntax-for-slirp-device.patch
+  0003-Vulnerability-fix-limit-operator-secrets-permission.patch
+  0004-TSC-frequencies-add-250PPM-tolerance.patch
+- Add patches:
+  0001-Fix-qemu-system-lookup.patch
+  0003-Virtiofs-Remove-duplicated-functional-tests.patch
+  0005-Support-multiple-watchdogs-in-the-domain-schema.patch
+
libbpf
+- update to v1.2.2:
+  * fix a regression in perf tool caused by libbpf resetting its custom
+    catch-all SEC() handler on explicit bpf_program__set_type() call
+  * fix possible double-free in USDT-related libbpf code, which happens when
+    libbpf runs out of space in __bpf_usdt_specs map due to having too many
+    unique USDT specs
+
+- update to 1.2.0:
+  * completely overhauled "Libbpf overview" landing documentation
+    page;
+  * support for BPF link-based `struct_ops` programs:
+  * `SEC(".struct_ops.link")` annotations;
+  * `bpf_map__attach_struct_ops()` attach API;
+  * `bpf_link__update_map()` link update API;
+  * support sleepable `SEC("struct_ops.s")` programs
+  * improved thread-safety of libbpf print callbacks and
+    `libbpf_set_print()`
+  * improve handling and reporting of missing BPF kfuncs
+  * `bpf_{btf,link,map,prog}_get_info_by_fd()` APIs
+  * `bpf_xdp_query_opts()` supports fetching XDP/XSK supported
+    features;
+  * `perf_buffer__new()` allows customizing notification/sampling
+    period now;
+  * BPF verifier logging improvements:
+  * pass-through BPF verifier log level and flags to kernel as
+    is
+  * support `log_true_size` for getting required log buffer size
+    to fit BPF verifier log completely;
+  * allow precise control over kprobe/uprobe attach mode: legacy,
+    perf-based, link-based.
+  * fix legacy kprobe events names sanitization;
+  * fix clobbering errno in some cases;
+  * fix BPF map's `BPF_F_MMAPABLE` flag sanitization;
+  * fix BPF-side USDT support code on s390x architecture;
+  * fix `BPF_PROBE_READ{_STR}_INTO()` on s390x architecture;
+  * fix kernel version setting for Debian kernels;
+  * fix netlink protocol handling in some cases;
+  * improve robustness of attaching to legacy kprobes and
+    uprobes;
+  * fix double-free during static linking empty ELF sections;
+  * a bunch of other small fixes here and there.
+
libhangul
+- Update to version 0.1.1~git20180606.42f7640:
+  * no english changelog
+
-- fix -devel package dependencies
-- add missing %clean section to the spec file
-
libkkc
+- Update to version 0.3.6~git20200818.e33e7fb:
+  * travis: Enable SYS_PTRACE in Docker
+  * build: Bump valadoc pkgconfig name
+  * Update README.md
+  * travis: Use python3 in coverage build
+  * build: Bump valadoc pkgconfig name
+  * build: Declare creation methods of abstract classes as protected
+  * build: Enable python3
+  * README.md: Link to the API references
+  * travis: Deploy documentation
+  * user-sentence-dictionary: Fix memleak
+
-- update version 0.2.4
-  * see git commit log for details
-  * http://gitorious.org/libkkc/libkkc/commits/master
-
libnbd
+- Update to version 1.18.1:
+  * Version 1.18.1.
+  * rust: Use string_starts_with instead of String.starts_with
+  * rust: Build the examples
+  * rust: Write a custom translator from POD to rustdoc
+  * rust: Add overview documentation
+  * rust: Annotate 'endif' with corresponding label
+  * utils: Slightly simplify human_size()
+  * docs: Assign CVE-2023-5215 to nbd_get_size negative result issue
+
+- Update to version 1.18.0:
+  * CVE-2023-5215 (bsc#1215799)
+  * docs: Add link to nbd_get_size announcement in release notes
+  * docs: Add URL to list post on nbd_get_size security
+  * docs: Update release notes for nbd_get_size backport to 1.16.5
+  * docs: Finalize release notes for release tomorrow
+  * dump: Add more examples of running subprocesses from nbddump
+  * info: Tolerate missing size
+  * block_status: Fix assertion on bad 64-bit block status reply
+  * block_status: Fix assertion with large server size
+  * api: Sanitize sizes larger than INT64_MAX
+
+- spec: Don't set tls priority to unavailable crypto policy
+
+  * jsc#ECO-3633
liboqs
+- updated to 0.9.0
+  This release features an update to the Classic McEliece KEM, bringing it
+  in line with NIST Round 4. It also adds or updates ARM implementations
+  for Kyber,   Dilithium, and Falcon.
+- major library version 4
+
libpcap
+- update to 1.10.4:
+  * rpcap: Fix name of launchd service.
+  * documentation updates and build system tweaks
+
+- update to 1.10.3:
+  * Sort the PUBHDR variable in Makefile.in in "ls" order.
+  * Fix typo in comment in pflog.h.
+  * Remove two no-longer-present files from .gitignore.
+  * Update code and comments for handling failure to set promiscuous
+    mode based on new information.
+
+- update to 1.10.2:
+  * Build system updates
+  * Developer visible fixes
+  * Fix some formatting string issues found by cppcheck
+  * "Dead" pcap_ts from pcap_open_dead() and ..._with_tstamp_precision():
+    Don't crash if pcap_breakloop() is called.
+  * Savefiles: multiple bug fixes handling files
+  * Capture: Never process more than INT_MAX packets in a
+    pcap_dispatch() call, to avoid integer overflow
+  * Packet filtering: PFLOG bug fixes and improvements
+  * Fix memory leak in capture device open
+  * Fix detection of CAN/CAN FD packets in direction check
+  * Fix double-free crashes on errors such as running on a kernel
+    with CONFIG_PACKET_MMAP not configured
+  * Multiple CANbus bug fixes
+  * Fix pcap_findalldevs() to find usbmon devices
+  * Fix handling of VLAN tagged packets if the link-layer type is
+    changed from DLT_LINUX_SLL to DLT_LINUX_SLL2
+  * Always turn on PACKET_AUXDATA
+  * Correctly compute the "real" length for isochronous USB transfers
+
libpinyin
+- Update version to 2.8.1
+  * Fix bugs
+  * Improve suggestion candidates
+  * Support longer candidates
+
+- Update version to 2.6.2
+  * Fix libzhuyin linkage when using LLVM linker
+  * Switch from GrassDB to ProtoTreeDB
+
libsndfile
+- Fix signed integers overflows in au_read_header()
+  (bsc#1213451, CVE-2022-33065):
+  libsndfile-CVE-2022-33065.patch
+
libtirpc
+-  update to 1.3.4 (bsc#1199467)
+  * binddynport.c honor ip_local_reserved_ports
+  - replaces: binddynport-honor-ip_local_reserved_ports.patch
+  * gss-api: expose gss major/minor error in authgss_refresh()
+  * rpcb_clnt.c: Eliminate double frees in delete_cache()
+  * rpcb_clnt.c: memory leak in destroy_addr
+  * portmapper: allow TCP-only portmapper
+  * getnetconfigent: avoid potential DoS issue by removing unnecessary sleep
+  * clnt_raw.c: fix a possible null pointer dereference
+  * bindresvport.c: fix a potential resource leakage
+- update to 1.3.3 (bsc#1201680, CVE-2021-46828):
+  * Fix DoS vulnerability in libtirpc
+  - replaces: 0001-Fix-DoS-vulnerability-in-libtirpc.patch
+  * _rpc_dtablesize: use portable system call
+  * libtirpc: Fix use-after-free accessing the error number
+  * Fix potential memory leak of parms.r_addr
+  - replaces 0001-fix-parms.r_addr-memory-leak.patch
+  * rpcb_clnt.c add mechanism to try v2 protocol first
+  - preplaces: 0001-rpcb_clnt.c-config-to-try-protocolversion-2-first.patch
+  * Eliminate deadlocks in connects with an MT environment
+  * clnt_dg_freeres() uncleared set active state may deadlock
+  * thread safe clnt destruction
+  * SUNRPC: mutexed access blacklist_read state variable
+  * SUNRPC: MT-safe overhaul of address cache management in rpcb_clnt.c
+- drop 0001-Fix-DoS-vulnerability-in-libtirpc.patch (upstream)
+- update to 1.3.2:
+  * Replace the final SunRPC licenses with BSD licenses
+  * blacklist: Add a few more well known ports
+  * libtirpc: disallow calling auth_refresh from clnt_call with RPCSEC_GSS
+- Update to libtirpc 1.3.1
+  * Remove AUTH_DES interfaces from auth_des.h
+    The unsupported  AUTH_DES authentication has be
+    compiled out since commit d918e41d889 (Wed Oct 9 2019)
+    replaced by API routines that return errors.
+  * svc_dg: Free xp_netid during destroy
+  * Fix memory management issues of fd locks
+  * libtirpc: replace array with list for per-fd locks
+  * __svc_vc_dodestroy: fix double free of xp_ltaddr.buf
+  * __rpc_dtbsize: rlim_cur instead of rlim_max
+  * pkg-config: use the correct replacements for libdir/includedir
+  Patches replaced by update:
+  binddynport-honor-ip_local_reserved_ports.patch (bsc#1199467)
+  0001-Fix-DoS-vulnerability-in-libtirpc.patch (bsc#1201680)
+  0001-fix-parms.r_addr-memory-leak.patch (bsc#1198752)
+  0001-rpcb_clnt.c-config-to-try-protocolversion-2-first.patch
+  (bsc#1196647), (bsc#1200800), (bsc#1198176)
+  * replaces /etc/netconfig-try-2-first by the environment variable
+  RPCB_V2FIRST
+
libuninameslist
+- update to 20230523:
+  * This release is marked as 15.0b for testing purposes and
+    contains 608 new characters.
+  * If you have comments about this library, please create an
+  * The French libuninameslist-fr is also now updated from 14.0
+    to 15.0.
+  * Users who do not have 'autoconf' or 'automake' (or cannot run
+    them), should choose the -dist- release version included here
+    which skips these steps (you then start at ./configure).
+
+- update to 20221022:
+  * This release contains source code to build libuninameslist (with
+    NamesList.txt 15.0), libuninameslist-fr (with ListeDesNoms 14.0), and
+    Python wrapper uninameslist.py (ver0.2).
+
+- update to 20220701:
+  * Unicode 15.0_Beta (Nameslist.txt 15_Beta for review until Jul12).
+  * Biswapriyo Nath added Windows MSYS2 build (used by github tests),
+  this also helped identify some more nameslist-dll.h clang fixes.
+  * orbea fixed Makefile.am bug fixing Gentoo Bugs 779670 and 792474.
+
+- update to 20211114:
+  * Version 1.10, Unicode 14.0 and French version 1.5 now is at 14.0.
+  * Gentoo Bug 781716 & Debian Bug 989173, -O0 patch by Naohiro Aota.
+
+- update to 20210917:
+  * Version 1.9, Unicode 14.0. French version 1.4 is at Unicode 13.1.
+    Unicode has changed cadence to release later for this year. This
+    contains Official 14.0 NamesList.txt codes released on 2021sep14.
+    Unicode 14.0 adds 838 characters for total of 144,697 characters.
+    Several edits, and improvements were added to the French library.
+  * Unicode 14.0_Beta (Nameslist.txt 14_Beta for review until Jul08).
+  * PR#24 "Remove .libs from linker paths". Bug found using slibtool.
+  * Add code to reduce need for 'make clean' after ./configure steps.
+
+- update to 20200505:
+  * Version 1.7, Unicode 13.0, French version 1.3 is at Unicode 13.0,
+    and including python library wrapper 'uninameslist', version 0.2.
+    The French version was updated from version 10.0 to 13.0 shortly
+    after Unicode's release - this is a big effort and congratulation
+    to the French team! This version updates the main library to also
+    include access to libuninameslist-fr. To include this access, you
+    need to use './configure --enable-frenchlib'
+    This is the first step in adding other languages if anyone wants
+    to add more languages.
+    The default functions remain as English to retain common grounds
+    which is necessary for scripting, and/or file-sharing purposes.
+  * Version 1.5, Unicode 12.1, French version 1.2 is at Unicode 10.0.
+    Contains Official 12.1 codes.
+  * Version 1.4, Unicode 12.1, French version 1.2 is at Unicode 10.0.
+    Not completely 12.1.0, created too early before official version
+    was announced later in month. This version contains beta 12.1.0d1
+  * Version 1.3, Unicode 11.0, French version 1.2 is at Unicode 10.0.
+  * Library internal definitions personalized to allow more than one
+    library to be loaded at a time. Base library maintains same names
+    for backwards compatibility with older programs.
+  * Optional python wrapper available for directly accessing library.
+    Use python's pip to install wrapper (requires pip and wheel).
+  * Unicode 11.0_Beta (Nameslist.txt 11_Beta for review until Apr23).
+  * Added Python wrapper and names2 functions.
+  * Version 1.2, Unicode 10.0, French version is now also 10.0.0.
+  * Added function calls to French version to allow use of one or more
+    libraries at the same (Dynamic library linking needs testing since
+    added 'FR' may be issue with older programs expecting same name).
+  * Added more "make check" to include checking French library.
+  * Version 1.1, Unicode 10.0, French version is 7.0(2014-06-22).
+  * Added "make check" to allow for automatic library test and verify.
+  * Unicode 10.0_Beta (Nameslist.txt 10_Beta for review until Apr30).
+  * Version 1.0, Unicode 9.0, French version is 7.0(2014-06-22).
+  * Corrected library to report correctly as next version up. This is
+    probably a significant change, therefore bumped both libraries to
+    start at 1.0 even though backwards compatibility remains the same,
+    otherwise would have become version_0.6 (and French version_0.4).
+  * Removed the excessively long package name, which you'll note as a
+    so-bump change with Fedora and also Debian in naming this package.
+  * Version 0.5. Unicode 8.0. French version is 7.0(2014-06-22).
+
libxkbcommon
+- Update to release 1.5.0
+  * Fix crash in `xkbcli interactive-wayland` under a compositor
+    which supports new versions of the xdg-shell protocol.
+  * New API: XKB_CONTEXT_NO_SECURE_GETENV,
+    RXKB_CONTEXT_NO_SECURE_GETENV
+
+- Update to release 1.4.1
+  * Fix compose sequence overriding (common prefix) not working
+    correctly. Regressed in 1.2.0.
+  * Remove various bogus currency sign (particulary Euro and
+    Korean Won) entries from the keysym <-> Unicode mappings.
+    They prevented the real keysyms/codepoints for these from
+    mapping correctly.
+
+- Update to release 1.4.0
+  * In libxkbregistry, variants now inherit iso639, iso3166 and
+    brief from parent layout if omitted.
+  * In libxkbregistry, skip over invalid ISO-639 or ISO-3166
+    entries.
+
+- Update to release 1.3.1
+  * In `xkbcli interactive-x11`, use the Esc keysym instead of
+    the Esc keycode for quitting.
+  * In `xkbcli how-to-type`, add `--keysym` argugment for how to
+    type a keysym instead of a Unicode codepoint.
+  * Fix a crash in `xkb_x11_keymap_new_from_device` error
+    handling given some invalid keymaps. Had regressed in 1.2.0.
+
log4j
+- Build also taglib, jmx-gui, bom, nosql and web modules, on
+  platforms where we have the dependencies
+
mbpoll
+- Update to version 1.5.2
+  * Cosmetic fixes
+- Update to version 1.5
+  * Enhanced options -r (list of addresses) and -t (new data
+    types: int16, string).
+  * Writing single register with 0x10 function code.
+
mupdf
+- Update to 1.23.4:
+  * Fix bug causing a crash when cleaning up Android draw device upon destroy.
+  * Fix bug where bitmaps were reused after being recycled in Android.
+  * Add fixed padding to ink annotation to avoid unselectable bboxes for tiny strokes.
+  * Add API for checking if an annotation has a Rect property.
+  * Fix bug where cycles in structure trees caused eternal loops.
+  * Fix bug where colorspaces were not retained for in-linee images during filtering.
+  * Change default to use CropBox rather than MediaBox.
+
-- Update to 1.22.1:
+- Update to 1.22.1 (bsc#1216728, CVE-2023-31794):
nbdkit
+- Update to version 1.36.1:
+  * Version 1.36.1.
+  * python: Document nbdkit.disconnect(force) helper function
+  * python: List helper functions in alphabetical order
+  * python: Clarify possible handle values returned by open() method
+  * tests: Fix incorrect comment in tests
+  * docs: Remove references to -U - when it is implicit
+
+- Update to version 1.36.0:
+  * Version 1.36.0.
+  * evil: Fix typo in man page
+  * tests: Rename test-curl-options.sh and add more tests
+  * docs: Finalize release notes for release tomorrow
+  * curl: Use new curl_multi_get_handles API to simplify code
+  * curl: Store pointer from curl easy handle to our struct curl_handle
+  * README: Recommend new syntax for ASAN_OPTIONS
+  * fuzzing/README: Remove advice to set ASAN_OPTIONS
+  * docs: Small tweaks to the release notes
+  * docs: Add outline release notes for forthcoming nbdkit 1.36
+  * tests: Add some consistency checks of the tests themselves
+  * tests/test-evil-cosmic.sh: Use requires_nbdcopy
+  * tests/test-nozero.sh: Test uses nbdsh -u but does not declare requirement
+  * tests: Fix a couple more tests that are missing requires_run
+  * docs: Expand Network Block Device (for NBD) in title
+
+- spec: Don't set tls priority to unavailable crypto policy
+
nvidia-open-driver-G06-signed
+- cleanup: get rid of possibiliy to hardcode pci list; it's no
+  longer required anyway; secureboot signing has been fixed ...
+- removed pci-table.patch
+
+- Add a devel package so other modules can be built against this
+  one. [jira#PED-4964]
+
+- disabled build of nvidia-peermem module; it's no longer needed
+  and never worked anyway (it was only a stub) [boo#1211892]
+
+- preamble: added conflict to nvidia-gfxG05-kmp to prevent users
+  from accidently installing conflicting proprietary kernelspace
+  drivers from CUDA repository
+
+- Update to version 535.113.01
+
+- kmp-post.sh/kmp-postun.sh:
+  * add/remove nosimplefb=1 kernel option in order to fix Linux
+    console also on sle15-sp6/Leap 15.6 kernel, which will come
+    with simpledrm support
+
ocserv
+- Update to version 1.2.2
+  * Fix session and accounting data tracking of ocserv. This
+  reverts fix for #444 (#541)
+  * No longer account ICMP and IGMP data for idle session detection
+- Update URL
+
+- Update to version 1.2.1
+  * Accept the Clavister OneConnect VPN Android client.
+  * No longer require to set device name per vhost.
+  * Account the correct number of points when proxyproto is in use
+  * nuttcp tests were replaced with iperf3 that is available
+    in more environments
+  * occtl: fix duplicate key in `occtl --json show users` output
+- Update to version 1.2.0
+  * Add support for Cisco Enterprise phones to authenticate via
+    the /svc endpoint and the 'cisco-svc-client-compat' config
+    option.
+  * Enhanced radius group support to enable radius servers send
+    multiple group class attributes
+    See doc/README-radius.md for more information.
+  * Enhanced the seccomp filters to open files related to FIPS
+    compliance on SuSe.
+  * Added "Camouflage" functionality that makes ocserv look like a
+    web server to unauthorized parties.
+  * Avoid login failure when the end point of server URI
+    contains a query string.
+  * Make sure we print proper JSON with `occtl --debug --json`
+  * Eliminated the need for using the gnulib portability library.
+- Update to version 1.1.7
+  * Emit a LOG_ERR error message with plain authentication fails
+  * The bundled inih was updated to r56.
+  * The bundled protobuf-c was updated to 1.4.1.
+  * Enhanced the seccomp filters for ARMv7 compatibility and musl
+    libc
+  * HTTP headers always capitalised as in RFC 9110
+
+- add ocserv-forwarding.sh: replace the sysctl drop-in file which was wrongly
+  installed into /etc by a more tailored mechanism. Enabling IP routing
+  globally and permanently, just because the package is installed is quite
+  invasive. This new script will be invoked before and after the ocserv
+  service to switch on and off forwarding, if necessary (bsc#1174722).
+
open-vm-tools
+- Fix (bsc#1216432) - VUL-0: CVE-2023-34058: open-vm-tools: SAML token
+  signature bypass vulnerability.
+- Fix (bsc#1216433) - VUL-0: : CVE-2023-34059: open-vm-tools: file
+  descriptor hijack vulnerability
+  + Add patch:
+  - CVE-2023-34058.patch
+  - CVE-2023-34059.patch
+
opencc
+- update to 1.1.6:
+  * FTBFS for MacOS w/ Python 3.11
+  * Support Python 3.11
+  * Automatically name SO files
+  * Add support for Apple silicon build tag
+  * other minor fixes
+
+- update to 1.1.4:
+  * Add python 3.10 support
+  * remove support for python < 3.7 and node 10.x
+  * small bugfixes
+- add fix-soversion.patch for fixing the leftover .so version tag
+
+- update to 1.1.3:
+  * Fix some header files cannot be used alone (#550).
+  * Fix the method of introducing system pybind11 (#566).
+  * Support Node.js 16 (#597).
+  * Support Python 3.9 (#603).
+  * Fixed conversion errors.
+  * Several other small fixes.
+
+- update to 1.1.2:
+  * Added Hong Kong Traditional Chinese conversion.
+  * Fix the compilation compatibility problem, including parallel compilation.
+  * Fixed the serious performance degradation problem introduced since 1.1.0.
+- drop opencc-1.1.1-missing-builtin-types.patch: upstream
+
+- add opencc-1.1.1-missing-builtin-types.patch
+  * SimpleConverter.hpp missed "#include <string>" that breaks pyzy
+
+- update to 1.1.1
+  * Officially provide interface and TypeScript type annotations.
+  * Update the dynamic link library `SOVERSION` to `1.1`, due to
+  changes in the internal interface of C++.
+  * Simplify the header file structure and speed up compilation. Remove
+  unnecessary `using`.  Repair some Hong Kong standard characters.
+  * The new dictionary format `ocd2`, based on Marisa Trie 0.2.5. The
+  dictionary size is greatly reduced.
+  * Change the default conversion of "Yong/Yong" and modify multiple
+  phrase conversions.
+  * Add benchmark test results.
+  * Officially supports Japanese new font conversion.
+  * Upgrade Node.js dependency and improve compatibility.
+  * Fix multiple multi-platform compilation and compatibility issues.
+  * Correct a large number of conversion errors.
+
-- update version 0.4.3
-  * add interface: `opencc_convert_utf8_free`
-  * fix memeory leak problem for nodejs plugin
-
-- split a data package to be required by library.
-  fix a conversion crash bug in fcitx.
-
-- fix fedora builds.
-
-- fix sles builds.
-
-- trigger the service so it's true
-
-- initial package 0.3.0
-
opendkim
+- Add fix-RSA_sign-call.patch
+  * Fix bsc#1216117
+  * Fix call of RSA sign on big endian systems, patch origin:
+    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012506
+
openfortivpn
+- Compile with support for systemd (sd_notify)
+
parsec
+- Update to 1.3.0:
+  * Full changelog:  https://github.com/parallaxsecond/parsec/compare/1.3.0-rc1...1.3.0
+
-- Update to 1.3.0-rc1
+- Update to 1.3.0-rc1:
+  * Changelog: https://github.com/parallaxsecond/parsec/compare/1.2.0...1.3.0-rc1
parsec-tool
+- Update to 0.7.0:
+  * No real changes since rc1
+
+- Update to 0.7.0-rc1:
+  * Changelog: https://github.com/parallaxsecond/parsec-tool/compare/0.6.0...0.7.0-rc1
+
pciutils
+- Apply "lspci-Fixed-buffer-overflows-in-ls-tree.c.patch" to fix a
+  buffer overflow error that would cause lspci to crash on systems
+  with complex topologies. [bsc#1215265]
+- Add "pciutils.keyring" so that the tarball's signature can be
+  verified at build time.
+- Use "%license" tag instead of "%doc" to install the package's
+  license file.
+
poppler
+- security update
+- added patches
+  fix CVE-2023-34872 [bsc#1213888], remote denial-of-service in OutlineItem::open in Outline.cc
+  + poppler-CVE-2023-34872.patch
+
ppc64-diag
+- Light path diagnostics: Support Enclosure Fault LEDs on new enclosures (bsc#1216074 ltc#201656)
+  + 0001-ppc64-diag-Move-trim_trail_space-function-to-common-.patch
+  + 0002-ppc64-diag-lp_diag-Utilize-trim_trail_space-function.patch
+  + 0003-ppc64-diag-lp_diag-Enable-light-path-diagnostics-for.patch
+
-  + 0001-rtas_errd-Handle-multiple-platform-dumps.patch
+  + rtas_errd-Handle-multiple-platform-dumps.patch
python-Werkzeug
+- Add patch CVE-2023-46136-slow-multipart-parsing.patch:
+  * Stop slow multipart parsing with large files. (CVE-2023-46136, bsc#1216581)
+
python-kiwi
+- Fixed linter errors
+  Fixed white space issues now reported by flake8
+
+- Fixed unit tests
+
+- Temporary disable mypy checking
+  The current code base is not mypy clean when called on newer
+  versions of mypy. This will be fixed with the next full
+  upstream port
+
+- Update CI workflows
+  Update tox and workflow files to run with a newer tox version
+  as it's been used upstream
+
+- Cleanup condition for SECURE_BOOT=yes|no
+  The statement serves the purpose for an if/else construction
+  to become a better read. In addition delete the probably
+  left-over print statement from the test
+
+- Add SECURE_BOOT no when the firmware is efi
+  This Fixes bsc#1211102
+
python-yamllint
+- Add python-setuptools requirement needed for entrypoints
+  (boo#1151703, boo#1216677)
+
qclib
+- Applied a patch(bsc#1216212,bsc#1214466)
+  * qclib-sys-kernel-security-lockdown-enabled.patch
+
re
+- Update to 3.4.0:
+  * rtpext: uniform parameter name fixes doxygen warning
+  * mk: add rem to doxygen inputs
+  * vidmix: allow different pixel format
+  * ajb doxygen
+  * aes: correct parameters for stub
+  * ci/build: fail on cmake and compile warnings
+  * fmt: fix format string in fmt_timestamp()
+  * hmac,md5,sha: add mbedtls backend
+  * test: no need to rewind freshly allocated mbuf
+  * httpauth: basic challenge creation and verification functions
+  * Fix include of re_thread.h in re_tmr.h
+  * btrace: fix WIN32_LEAN_AND_MEAN macro redefine
+  * aumix: add record sum handler
+  * ci/win: disable x86 testing
+  * sipsess: allow UPDATE and INFO in early dialog
+  * prefix macro VERSION
+  * main: use HAVE_SIGNAL in init.c
+  * test: change to ASSERT_XXX macros, remove EXPECT_XXX macros
+  * fmt: handy functions for pointer-length objects
+  * test: add TWCC test from Chrome 114 packet
+  * sipsess/listen: Fix target_refresh_handler
+  * ci/mingw: downgrade cmake
+  * cmake: fix target include path for subdir projects
+
+- Update to 3.3.0:
+  Breaking changes:
+  * librem is now merged with libre
+  Changes:
+  * https://github.com/baresip/re/releases/tag/v3.3.0
+  * https://github.com/baresip/re/releases/tag/v3.2.0
+  * https://github.com/baresip/re/releases/tag/v3.1.0
+  * https://github.com/baresip/re/releases/tag/v3.0.0
+
-- Initial build
-
re2
+- update to 2023-11-01:
+  * Update Unicode date to 15.1.0
+  * Use Abseil's character class functions that are locale-agnostic
+  * Set SOURCE_DATE_EPOCH for reproducible builds
+
redis
+- Fix CVE-2023-45145, race condition during UNIX socket creation
+  leads to permission bypass, bsc#1216376
+  * redis-CVE-2023-45145.patch
+
rshim
+- Update to 2.0.12.1
+  * Display uptime in seconds for BF3
+  * Add fuse3 support
+
rubygem-yast-rake
+- Adapt "sle15sp6" to GA as it is still in development and it is
+  now based on previous SP and not on git master (bsc#1213989)
+- 0.2.50
+
+- Move the "sle_latest" build target to SLE15-SP6 (bsc#1213989)
+- Added "sle15sp6" and future "sle15sp7" build targets
+- 0.2.49
+
+- Allow overriding the submit target using YAST_SUBMIT also
+  when the target is set in the Rakefile (related to bsc#1208913)
+- Removed support for the yast-rake-ci gem, it is not used anymore
+- 0.2.48
+
+- Mention YAST_SUBMIT in the 'rake -T' task list (bsc#1199371)
+- 0.2.47
+
+- Move the "sle_latest" build target to SLE15-SP5 (bsc#1198977)
+- 0.2.46
+
slurm
+- Updated to version 23.02.5 with the following changes:
+  * Bug Fixes:
+    + Revert a change in 23.02 where `SLURM_NTASKS` was no longer set in the
+    job's environment when `--ntasks-per-node` was requested.
+    The method that is is being set, however, is different and should be more
+    accurate in more situations.
+    + Change pmi2 plugin to honor the `SrunPortRange` option. This matches the
+    new behavior of the pmix plugin in 23.02.0. Note that neither of these
+    plugins makes use of the `MpiParams=ports=` option, and previously
+    were only limited by the systems ephemeral port range.
+    + Fix regression in 23.02.2 that caused slurmctld -R to crash on startup if
+    a node features plugin is configured.
+    + Fix and prevent reoccurring reservations from overlapping.
+    + `job_container/tmpfs` - Avoid attempts to share BasePath between nodes.
+    + With `CR_Cpu_Memory`, fix node selection for jobs that request gres and
+    `--mem-per-cpu`.
+    + Fix a regression from 22.05.7 in which some jobs were allocated too few
+    nodes, thus overcommitting cpus to some tasks.
+    + Fix a job being stuck in the completing state if the job ends while the
+    primary controller is down or unresponsive and the backup controller has
+    not yet taken over.
+    + Fix `slurmctld` segfault when a node registers with a configured
+    `CpuSpecList` while `slurmctld` configuration has the node without
+    `CpuSpecList`.
+    + Fix cloud nodes getting stuck in `POWERED_DOWN+NO_RESPOND` state after
+    not registering by `ResumeTimeout`.
+    + `slurmstepd` - Avoid cleanup of `config.json-less` containers spooldir
+    getting skipped.
+    + Fix scontrol segfault when 'completing' command requested repeatedly in
+    interactive mode.
+    + Properly handle a race condition between `bind()` and `listen()` calls
+    in the network stack when running with SrunPortRange set.
+    + Federation - Fix revoked jobs being returned regardless of the
+    `-a`/`--all` option for privileged users.
+    + Federation - Fix canceling pending federated jobs from non-origin
+    clusters which could leave federated jobs orphaned from the origin
+    cluster.
+    + Fix sinfo segfault when printing multiple clusters with `--noheader`
+    option.
+    + Federation - fix clusters not syncing if clusters are added to a
+    federation before they have registered with the dbd.
+    + `node_features/helpers` - Fix node selection for jobs requesting
+    changeable.
+    features with the `|` operator, which could prevent jobs from
+    running on some valid nodes.
+    + `node_features/helpers` - Fix inconsistent handling of `&` and `|`,
+    where an AND'd feature was sometimes AND'd to all sets of features
+    instead of just the current set. E.g. `foo|bar&baz` was interpreted
+    as `{foo,baz}` or `{bar,baz}` instead of how it is documented:
+    `{foo} or {bar,baz}`.
+    + Fix job accounting so that when a job is requeued its allocated node
+    count is cleared. After the requeue, sacct will correctly show that
+    the job has 0 `AllocNodes` while it is pending or if it is canceled
+    before restarting.
+    + `sacct` - `AllocCPUS` now correctly shows 0 if a job has not yet
+    received an allocation or if the job was canceled before getting one.
+    + Fix intel OneAPI autodetect: detect the `/dev/dri/renderD[0-9]+` GPUs,
+    and do not detect `/dev/dri/card[0-9]+`.
+    + Fix node selection for jobs that request `--gpus` and a number of
+    tasks fewer than GPUs, which resulted in incorrectly rejecting these
+    jobs.
+    + Remove `MYSQL_OPT_RECONNECT` completely.
+    + Fix cloud nodes in `POWERING_UP` state disappearing (getting set
+    to `FUTURE`)
+    when an `scontrol reconfigure` happens.
+    + `openapi/dbv0.0.39` - Avoid assert / segfault on missing coordinators
+    list.
+    + `slurmrestd` - Correct memory leak while parsing OpenAPI specification
+    templates with server overrides.
+    + Fix overwriting user node reason with system message.
+    + Prevent deadlock when `rpc_queue` is enabled.
+    + `slurmrestd` - Correct OpenAPI specification generation bug where
+    fields with overlapping parent paths would not get generated.
+    + Fix memory leak as a result of a partition info query.
+    + Fix memory leak as a result of a job info query.
+    + For step allocations, fix `--gres=none` sometimes not ignoring gres
+    from the job.
+    + Fix `--exclusive` jobs incorrectly gang-scheduling where they shouldn't.
+    + Fix allocations with `CR_SOCKET`, gres not assigned to a specific
+    socket, and block core distribion potentially allocating more sockets
+    than required.
+    + Revert a change in 23.02.3 where Slurm would kill a script's process
+    group as soon as the script ended instead of waiting as long as any
+    process in that process group held the stdout/stderr file descriptors
+    open. That change broke some scripts that relied on the previous
+    behavior. Setting time limits for scripts (such as
+    `PrologEpilogTimeout`) is strongly encouraged to avoid Slurm waiting
+    indefinitely for scripts to finish.
+    + Fix `slurmdbd -R` not returning an error under certain conditions.
+    + `slurmdbd` - Avoid potential NULL pointer dereference in the mysql
+    plugin.
+    + Fix regression in 23.02.3 which broken X11 forwarding for hosts when
+    MUNGE sends a localhost address in the encode host field. This is caused
+    when the node hostname is mapped to 127.0.0.1 (or similar) in
+    `/etc/hosts`.
+    + `openapi/[db]v0.0.39` - fix memory leak on parsing error.
+    + `data_parser/v0.0.39` - fix updating qos for associations.
+    + `openapi/dbv0.0.39` - fix updating values for associations with null
+    users.
+    + Fix minor memory leak with `--tres-per-task` and licenses.
+    + Fix cyclic socket cpu distribution for tasks in a step where
+    `--cpus-per-task` < usable threads per core.
+    + `slurmrestd` - For `GET /slurm/v0.0.39/node[s]`, change format of
+    node's energy field `current_watts` to a dictionary to account for
+    unset value instead of dumping 4294967294.
+    + `slurmrestd` - For `GET /slurm/v0.0.39/qos`, change format of QOS's
+    field "priority" to a dictionary to account for unset value instead of
+    dumping 4294967294.
+    + slurmrestd - For `GET /slurm/v0.0.39/job[s]`, the 'return code'
+    code field in `v0.0.39_job_exit`_code will be set to -127 instead of
+    being left unset where job does not have a relevant return code.
+  * Other Changes:
+    + Remove --uid / --gid options from salloc and srun commands. These options
+    did not work correctly since the CVE-2022-29500 fix in combination with
+    some changes made in 23.02.0.
+    + Add the `JobId` to `debug()` messages indicating when
+    `cpus_per_task/mem_per_cpu` or `pn_min_cpus` are being automatically
+    adjusted.
+    + Change the log message warning for rate limited users from verbose to
+    info.
+    + `slurmstepd` - Cleanup per task generated environment for containers in
+    spooldir.
+    + Format batch, extern, interactive, and pending step ids into strings that
+    are human readable.
+    + `slurmrestd` - Reduce memory usage when printing out job CPU frequency.
+    + `data_parser/v0.0.39` - Add `required/memory_per_cpu` and
+    `required/memory_per_node` to `sacct --json` and `sacct --yaml` and
+    `GET /slurmdb/v0.0.39/jobs` from slurmrestd.
+    + `gpu/oneapi` - Store cores correctly so CPU affinity is tracked.
+    + Allow `slurmdbd -R` to work if the root assoc id is not 1.
+    + Limit periodic node registrations to 50 instead of the full `TreeWidth`.
+    Since unresolvable `cloud/dynamic` nodes must disable fanout by setting
+    `TreeWidth` to a large number, this would cause all nodes to register at
+    once.
+
-    were present in the log: `"error: Attempt to change gres/gpu Count`".
+    were present in the log: `error: Attempt to change gres/gpu Count`.
-    + Hold the job with "`(Reservation ... invalid)`" state reason if the
+    + Hold the job with `(Reservation ... invalid)` state reason if the
+- Create a macro for upgrade dependency to ensure uniform handling.
+
smartmontools
+- Do not quit with an error when no drives to monitor are available (bsc#990406 bsc#1167051).
+- Add smartd_service_dont_quit.patch
+- Refresh harden_smartd.service.patch
+- Run through spec-cleaner, use autosetup
+
+- Update to version 7.4:
+  * See NEWS and ChangeLog files for full details
+- Drop smartmontools-smartctl-NVMe-big-endian.patch (upstreamed)
+- Refresh smartmontools-suse-default.patch
+
+- smartmontools.generate_smartd_opts.in: Fix generated options when
+  SMARTD_SAVESTATES or SMARTD_ATTRLOG are set to "no" (bsc#1207461).
+
+- Catch another invalid state in %post: DRIVEDB_H_RELEASE_SAVED
+  might end up empty
+
+- refresh keyring with new signing key
+
+- update to version 7.3
+  - see NEWS and ChangeLog file for full details
+- Remove smartmontools-drivedb.h. Up to date version is included
+  in release tarball
+- packaging: try to fix smartmontools-drivedb_h-update.sh
+
+- Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
+  * harden_smartd.service.patch
+  Modified:
+  * smartd_generate_opts.service
+
sngrep
+- Update to version 1.7.0
+  * save: add option --text to save captured data to plain text
+  * capture: fix memory overflows while parsing IP headers
+  * hep: fix hep listener enabled in offline mode
+  * core: stop sngrep when parent process has ended
+  * ssl: fix decrypt with AES256 GCM SHA384 cipher
+
tio
+- Update to 2.7:
+  * Add xmodem and ymodem file send support
+  * fix: support --log-append in cli options
+
tlp
+- Update to 1.6.1 18.09.2023
+  * Bugfixes:
+    Battery:
+  - LG Gram laptops: ensure lg-legacy is used for kernel <= 5.17 (Issue #708)
+    General:
+  - tlp-stat -s: report manual mode despite restrictive umask (Issue #702)
+
+- Update to 1.6.0 24.08.2023
+  * Features
+    Battery:
+  - LG Gram laptops:
+  - Use standard sysfs attribute 'charge_control_end_threshold'
+    provided by kernel 5.18 and newer
+  - Restore threshold after hibernate
+  - System76 laptops with open source EC firmware:
+    start and stop threshold
+  - System76: default start threshold set to 90% (due to EC firmware change)
+  - ThinkPads: model detection adapted for Libreboot (Issue #679)
+  - Toshiba/Dynabook laptops: stop threshold 80/100%
+    Configuration:
+  - Allow comments (#) after parameters (Issue #598)
+  - tlp-stat -c/--cdiff: append a notice to deprecated or removed
+    parameters
+    Disks:
+  - SATA_LINKPWR_ON_AC/BAT: remove fallbacks for outdated kernels
+    before 4.15 from defaults (still available via explicit configuration)
+    General:
+  - Allow coexistence with power-profiles-daemon: do not apply
+    PLATFORM_PROFILE_ON_AC/BAT, CPU_ENERGY_PERF_POLICY_ON_AC/BAT and
+    CPU_BOOST_ON_BAT/BAT when it is running
+  - MEM_SLEEP_ON_AC/BAT: change system suspend mode
+  - Add ZSH command completion
+  - tlp-stat -s:
+  - Silence warnings about unmasked systemd-rfkill.service/.socket
+    when DEVICES_TO_ENABLE/DISABLE_ON_STARTUP is actually unconfigured
+  - Show EC firmware version
+  - Show system suspend mode
+  - Show proper ThinkPad model string with Libreboot (Issue #679)
+    PCI(e) devices:
+  - RUNTIME_PM_ENABLE/DISABLE: apply even when RUNTIME_PM_ON_AC/BAT
+    is disabled (Issue #614)
+    Processor:
+  - CPU_DRIVER_OPMODE_ON_AC/BAT: set CPU scaling driver operation mode
+    (active, guided, passive); amd-pstate/intel_pstate driver required
+  - CPU_DRIVER_OPMODE_ON_AC/BAT: check if operation mode is actually
+    supported by the current CPU driver
+  - CPU_ENERGY_PERF_POLICY_ON_AC/BAT: support AMD Zen 2 or newer CPUs;
+    kernel 6.3 with amd-pstate driver in active mode required
+  - CPU_HWP_DYN_BOOST_ON_AC/BAT: *EXPERIMENTAL* support AMD Zen 2 or
+    newer CPUs; yet unreleased kernel 6.x and amd-pstate driver
+    in active mode required
+  - SCHED_POWERSAVE_ON_AC/BAT removed (unavailable since kernel 3.5)
+  - tlp-stat -p:
+  - Show amd-pstate operation mode, dynamic boost and performance
+    attributes
+  - Show min/max operating frequency the processor can run at
+    (cpuinfo_min/max_freq) and limit imposed by the BIOS (bios_limit)
+  - (-v) Show acpi_cppc performance and frequency attributes
+    Radio Devices:
+  - Support Thunderbolt docks to switch radio devices
+  - DEVICES_TO_ENABLE/DISABLE_ON_SHUTDOWN: *DEPRECATED* feature will be
+    removed in TLP 1.7
+    USB:
+  - USB_AUTOSUSPEND_DISABLE_ON_SHUTDOWN: *DEPRECATED* feature will be
+    removed in TLP 1.7
+  * Bugfixes
+    Configuration:
+  - Strip trailing blanks from unquoted parameter values
+    Operation:
+  - Deactivate AHCI_RUNTIME_PM and PCIE_ASPM before suspend to avoid
+    resume freezes (Issue #593, #606, #698)
+    Processor:
+  - Set governor although not listed in scaling_available_governors
+- Revert moving 99tlp-rdw-nm from user specific directory since 1.6.0 installs
+  it to vendor specific directory /usr/lib/NetworkManager/dispatcher.d
+
tor
+- tor 0.4.8.9:
+  * (onion service, TROVE-2023-006):
+  - Fix a possible hard assert on a NULL pointer
+  * (guard usage):
+  - When Tor excluded a guard due to temporary circuit restrictions,
+    it considered *additional* primary guards for potential usage by
+    that circuit.
+
+- tor 0.4.8.8:
+  * Mitigate an issue when Tor compiled with OpenSSL can crash during
+    handshake with a remote relay. (TROVE-2023-004, boo#1216873)
+  * Regenerate fallback directories generated on November 03, 2023.
+  * Update the geoip files to match the IPFire Location Database, as
+    retrieved on 2023/11/03
+  * directory authority: Look at the network parameter
+    "maxunmeasuredbw" with the correct spelling
+  * vanguards addon support: Count the conflux linked cell as
+    valid when it is successfully processed. This will quiet a
+    spurious warn in the vanguards addon
+
transfig
+- Update to fig2dev version 3.2.9 (Aug 2023)
+  o Write utf8-encoded postscript and tex-outputs.
+    Ticket numbers refer to https://sourceforge.net/p/mcj/tickets/#.
+  o Include sys/wait.h to build on some bsds.
+  o Process crafted input files, tickets #142, #145, #146, #147, #148,
+    and #152.
+  o Correctly scale dxf output, ticket #91.
+  o Correct a typo causing incorrect eps import, ticket #137.
+  o Regression, pass driver names to driver, ticket #139.
+- Port and rename patch transfig-3.2.8.dif which is now transfig-3.2.9.dif
+- Port patches
+  * fig2dev-3.2.6-fig2mpdf.patch
+  * transfig-fix-afl.patch
+- Remove patches now upstream
+  * 0001-Make-ModDate-and-CreationDate-in-PDF-reproducible.patch
+  * 1b09a8.patch
+
+- Drop obsolete fig2dev-3.2.6a-RGBFILE.patch.
+- Set correct path for X11 rgb.txt file (no longer in /etc),
+  recommend rgb package.
+- Fix typo for enable-scale-pict2e option.
+- Remove obsolsete hunks from transfig-3.2.8.dif,
+  rebase fig2dev-3.2.6-fig2mpdf.patch.
+- Avoid epstopdf dependency, add
+  0001-Use-native-fig2dev-pdf-output-instead-of-epstopdf.patch
+  This also fixes unreproducible figures created by fig2mpdf.
+- Fix CFLAGS checks, -Wformat-security requires -Wformat.
+
+- Make PDF output via ghostscript (for large parts) reproducible,
+  add 0001-Make-ModDate-and-CreationDate-in-PDF-reproducible.patch
+
+- Fix fig2mpdf documentation:
+  * rerun latex to get references right.
+  * uudecode images for html documentation.
+- Clean up spec file, remove parts for EOLed SLE 11.
+- Depend on texlive-epstopdf only if texlive is installed.
+- Use weak dependency on ghostscript, vector output formats
+  like EPS, PS and SVG do not depend on it.
+
ugrep
+- update to 4.3.2:
+  * double short option -%% enables both --files --bool (a single
+  - % still enables only --bool) for convenience
+  * updated thread pool scheduling and execution with thread
+    affinity and priority settings
+  * improvements and fixes for minor (mostly cosmetic) issues
+
vlc
-- Do not apply vlc.a52.patch if liba52 is < 0.8.0
+- Update to version 3.0.20:
+  + Video Output:
+  - Fix green line in fullscreen in D3D11 video output
+  - Fix crash with some AMD drivers old versions
+  - Fix events propagation issue when double-clicking with mouse wheel
+  + Decoders:
+  - Fix crash when AV1 hardware decoder fails
+  + Interface:
+  - Fix annoying disappearance of the Windows fullscreen controller
+  + Demuxers:
+  - Fix potential security issue (OOB Write) on MMS:// by checking user size bounds
+
+-  Update to version 3.0.19
+-  Remove 104-playback-bar.patch, as it's no longer needed.
+  + Core:
+  - Fix next-frame freezing in most scenarios
+  + Demux:
+  - Support RIFF INFO tags for Wav files
+  - Fix AVI files with flipped RAW video planes
+  - Fix duration on short and small Ogg/Opus files
+  - Fix some HLS/TS streams with ID3 prefix
+  - Fix some HLS playlist refresh drift
+  - Fix for GoPro MAX spatial metadata
+  - Improve FFmpeg-muxed MP4 chapters handling
+  - Improve playback for QNap-produced AVI files
+  - Improve playback of some old RealVideo files
+  - Fix duration probing on some MP4 with missing information
+  + Decoders:
+  - Multiple fixes on AAC handling
+  - Activate hardware decoding of AV1 on Windows (DxVA)
+  - Improve AV1 HDR support with software decoding
+  - Fix some AV1 GBRP streams, AV1 super-resolution streams and monochrome ones
+  - Fix black screen on poorly edited MP4 files on Android Mediacodec
+  - Fix rawvid video in NV12
+  - Fix several issues on Windows hardware decoding (including "too large resolution in DxVA")
+  - Improve crunchyroll-produced SSA rendering
+  + Video Output:
+  - Super Resolution scaling with nVidia and Intel GPUs
+  - Fix for an issue when cropping on Direct3D9
+  - Multiple fixes for hardware decoding on D3D11 and OpenGL interop
+  - Fix an issue when playing -90°rotated video
+  - Fix subtitles rendering blur on recent macOS
+  + Input:
+  - Improve SMB compatibility with Windows 11 hosts
+  + Contribs:
+  - Update of fluidlite, fixing some MIDI rendering on Windows
+  - Update of zlib to 1.2.13 (CVE-2022-37434)
+  - Update of FFmpeg, vpx (CVE-2023-5217), ebml, dav1d, libass
+  + Misc:
+  - Improve muxing timestamps in a few formats (reset to 0)
+  - Fix some rendering issues on Linux with the fullscreen controller
+  - Fix GOOM visualization
+  - Fixes for Youtube playback
+  - Fix some MPRIS inconsistencies that broke some OS widgets on Linux
+  - Implement MPRIS TrackList signals
+  - Fix opening files in read-only mode
+  - Fix password search using the Kwallet backend
+  - Fix some crashes on macOS when switching application
+  - Fix 5.1/7.1 output on macOS and tvOS
+  - Fix several crashes and bugs in the macOS preferences panel
+  - Improvements on the threading of the MMDevice audio output on Windows
+  - Fix a potential security issue on the uninstaller DLLs
+  - Fix memory leaks when using the media_list_player libVLC APIs
+  + Translations:
+  - Update of most translations
+  - New translations to Esperanto, Interlingue, Lao, Macedonian, Burmese, Odia, Samoan and Swahili
+
+- Update specfile to prevent building with libplacebo v6.292.0 or newer
+
+- If version constraints for ffmpeg are in use,
+  every ffmpeg component must be constrained
+
+- xosd plugin was removed in 5adefde
+
+- Add 104-playback-bar.patch: Backport fix for the playback bar (commit 60771fe7)
+
+- Do not apply vlc.a52.patch if liba52 is > 0.8.0
vorbis-tools
+- Fix buffer overflow vulnerability during the conversion of wav
+  files to ogg files (bsc#1215942, CVE-2023-43361):
+  vorbis-tools-CVE-2023-43361.patch
+
-- Update to version 1.4.0:
-  * Lots of changes (see CHANGES file).
-- Spec file updates:
-  * Changes based on rpmdevtools templates and spec-cleaner run.
-  * Changed License: to GPLv2.
-  * Added description for the patches based on openSUSE Patches Guidelines.
-  * Updates in Buildrequires: and %description sections.
-  * Added a vorbis-tools-lang package (based on rpmlint warning
-    "package-with-huge-translation").
-  * Updates in %build, %install and %files sections.
-- Removed the following patches (fixed upstream):
-  * vorbis-tools-1.1.1-bounds-check-fix.diff
-  * vorbis-tools-1.1.1-curl-7.16.diff
-  * vorbis-tools-config.diff
-  * vorbis-tools-flac-1.1.3.diff
-- Rebased the patch vorbis-tools-1.1.1-warning-fixes.diff (most are fixed
-  upstream and only one change is needed to fix rpm post-build-check failure).
-  Also renamed it to warning-fixes.diff.
-- Rebased the patch for cflags.
-
webkit2gtk3
+- Add webkit2gtk3-create-destroy-egl-image.patch: fix "No provider
+  of EglDestroyImage Found" (boo#1216483).
+
+- Update to version 2.42.1 (boo#1215661 boo#1215866 boo#1215867
+  boo#1215868 boo#1215869 boo#1215870):
+  + Fix enable-html5-database setting to properly enable/disable
+    IndexedDB API.
+  + Fix the build with GBM disabled.
+  + Fix several crashes and rendering issues.
+  + Security fixes: CVE-2023-41993.
+  + Changes in version 2.42.0:
+  + New renderer based on DMA-BUF shared buffers.
+  + Add new permission request to handle DOM paste access requests.
+  + Add API to configure experimental features at runtime.
+  + Add API to set the percentage of volume space that can be used
+    for data storage.
+  + GBM is no longer required for WebGL implementation.
+  + Security fixes: CVE-2023-39928, CVE-2023-41074.
+- Disable JPEGXL.
+
-    CVE-2023-40397.
+    CVE-2023-40397, CVE-2023-39434, CVE-2023-40451.
-    CVE-2023-37450, CVE-2023-28198, CVE-2023-32370.
+    CVE-2023-37450, CVE-2023-28198, CVE-2023-32370, CVE-2023-35074.
x3270
+- Upgrade to version 4.3ga4 (jsc#PED-3355)
+  * Added support for minimum and maximum TLS protocol versions, via the tlsMinProtocol resource,
+    tlsMaxProtocol resource, -tlsminprotocol command-line option and -tlsmaxprotocol command-line option.
+  * Added support for miscellaneous IND$FILE options via the otherOptions keyword of the Transfer() action,
+    the ftOtherOptions resource, and extensions to the x3270 file transfer dialog and the c3270 interactive
+    Transfer() action.
+  * Extended the cancel keyword of the Transfer() action so it will interrupt the initial wait for an
+    acknowledgement from the host IND$FILE command.
+  * The Transfer() action now returns a summary on success or a meaningful error message on failure.
+  * Added the Echo() action.
+  * Added support for the NEW-ENVRONMENT variables needed by the IBM Express Logon Feature. (Feature request)
+- Bug fixes
+  * When a font is specified in the wc3270 Session Wizard, it is now actually updated in the desktop shortcut.
+  * Multiple invocations of the Script() or Prompt() actions no longer lead to environment corruption.
+  * When command-line options are given to the Transfer() action at the c3270> prompt, the host session is
+    now resumed so the progress of the transfer can be monitored.
+  * Several missing actions were added to c3270 help.
+
+- Upgrade to version 4.3ga (jsc#PED-3355)
+  * Improvements
+  * 4.3beta2
+  - Builds now work on MSYS2 MinGW.
+  - The ibm_hosts file is now case-insensitive. (Request from Drew Derbyshire)
+  - The underscoreBlankFill resource can now be set to false to prevent trailing
+  underscore characters in a field from being treated like blanks when inserting
+  in blank fill mode.
+  - Changed the keymap for Alt-q in x3270, c3270 and wc3270 to exit the emulator
+  unconditionally, using Quit(-force).
+  * 4.3alpha1
+  - The x3270 Color scheme menu option has been renamed 3279 color scheme, since
+  it only applies to 3279 mode. The green-screen color scheme option has been removed,
+  though the resource behind it (x3270.colorScheme.GreenScreen) remains.
+  The default 3279 color scheme now has a grey10 background to make it easier to see
+  with minimal window frames.
+  - The confDir resource, where the ibm_hosts file is found, can now be displayed by the
+  Set() action.
+  - Added Alt-e to the default wc3270 keymap and Ctrl-a, f to the c3270 default keymap for
+  the EraseEOF() action. This is needed because Windows no longer passes the END key to
+  console applications.
+  - Added the ability to save printer output to a file in a particular directory,
+  either by specifying the directory path as the printer name (on Windows) or
+  by specifying the new prtodir command as the printing command (on POSIX).
+  - Added support for growing or shrinking the x3270 emulator font using Ctrl-+ and Ctrl--.
+  - Added the IBM 3270 fonts from Ricardo Bánffy to the wc3270 installation and added the
+  ability to specify fonts in the wc3270 Session Wizard.
+  - Changed the default behavior of the terminal type reported in TN3270 mode for
+  3279 models 4 and 5. Previous versions reported these as IBM-3279-4-E and
+  IBM-3279-5-E respectively; now they are reported as IBM-3278-4-E and
+  IBM-3278-5-E because the other names are often not recognized by hosts.
+  To restore the previous behavior, set the wrongTerminalName resource to true.
+  (Note that the model resource still refers to these models as 3279-4-E and 3279-5-E;
+  this only changes what is reported to the host.)
+  - Changed the default library for TLS on macOS to OpenSSL.
+  - Added a summary of warnings to the end of the output from the ./configure script.
+  - Added a Python-based test target (documentation coming soon).
+  - Added a BUILDCC variable to the ./configure script, to facilitate cross-compilation.
+  (Original suggested patch by Thorsten Otto.)
+  - The code can now be built on POSIX without the <langinfo.h> header file or the
+  nl_langinfo() library function being present. It will guess the codeset (encoding)
+  from the LC_CTYPE or LANG environment variable if present, or default to ASCII if
+  neither is present or the value is not defined as locale.encoding.
+  (Original suggested patch by Thorsten Otto.)
+  * Bug fixes
+  * 4.3ga3
+  - When there is an error making a connection in s3270, the error message is
+  no longer output on two lines. (Bug report)
+  * 4.3beta2
+  - When using a printer session and TLS, the printer session no longer
+  fails with a host certificate validation error.
+  - When inserting in blank fill mode, trailing underscores are no longer consumed,
+  unless they are at the end of the field. (Bug report)
+
+- Upgrade to version 4.2ga10 (jsc#PED-3355)
+- Bug fixes
+  * 4.2ga10
+  - TN3270E NVT mode now works properly.
+  - TN3270E SSCP-LU mode now works even if BIND-IMAGE has not been
+    negotiated by the host.
+  - When TN3270E is turned off and back on within a session,
+    x3270 now renegotiates functions properly.
+  * 4.2ga9
+  - x3270 mouse selections are much more predictable.
+  - Double- and triple-clicks no longer move the cursor.
+  - x3270 no longer crashes when it is reconfigured
+    (model, font, etc.) while the floating pop-up keypad is visible.
+  - The security indicator in x3270 no longer disappears when it is
+    indicating unverified state and the window is reconfigured.
+  - The ./configure option to give an alternate location for the
+    OpenSSL library (--with-openssl=) works correctly again.
+  * 4.2ga8
+  - When pasting in NVT mode and the text wraps to the next line,
+    the cursor no longer ends up in the wrong location.
+  - The x3270a script no longer causes a spurious Invalid (empty)
+    hostname error pop-up when the display's DPI is other than 96.
+  * 4.2ga7
+  - The wc3270 Session Wizard no longer exits silently when
+    it encounters an error.
+  - x3270 will no longer change fonts unnecessarily when the
+    host code page is changed. (bug report)
+  - The background color is now propagated correctly by the RA order.
+  - In a resource file, a resource value can now end with a
+    properly-quoted backslash, without the backslash being interpreted
+    as a line continuation.
+  - The Transfer() action, when invoked from within a file read by the
+    Source() action, now blocks properly -- it returns once the
+    file transfer is complete.
+  - If the Source() action is aborted, it will no longer leave the
+    keyboard locked.
+  - Typeahead is now processed correctly when the host has
+    negotiated TN3270E Contention Resolution and the unlockDelay
+    resource is set to false.
+
+- x3270 4.2ga6:
+  * many improvements, bug fixes and feature extensions
+  * pr3287 now supports -tracefile
+  * pr3287 can now try more than one address for a host
+  * hostname lookups can now be limited to IPv4/IPv6
+
+- Update to current stable release 4.1 ga13:
+  * Added a macros menu to c3270 and wc3270.
+  * Corrected support for the macros resource without a qualifying host name.
+  * The entire list of command-line options is now displayed only
+    with the --help command-line option, not for every unknown option.
+  * Changed the default for unlockDelay in all emulators from
+    true to false. This is a very significant change.
+  * When input from the String() action overflows a field,
+    the cursor now lands in the correct location.
+  * When a host has multiple addresses, the emulators (except pr3287)
+    will now reliably try up to four of them.
+  * Errors from the OpenSSL library are now displayed correctly.
+  * When a connection fails to a TLS-tunnel host (one specified with
+    the L: prefix), the correct error message is now displayed.
+  * Fixed a c3270 crash when a connection is opened from a remote
+    source (HTTP server or script port) while at the c3270> prompt.
+  * Fixed a c3270 crash when the -secure and -trace command-line
+    options are used together.
+  * A key typed into a full field in insert mode no longer overwrites
+    the character under the cursor.
+- Drop upstream resolved patches:
+  * x3270-missing-file.patch
+  * x3270-missing-include.patch
+
+- Use https for URL and Source
+
+- Update to ga14 of 4.0 series:
+  * The scripting infrastructure has been rewritten and renamed to
+    task engine.
+  * No artificial dependencies between actions initiated by
+    different sources.
+  * Accidental blocking behavior has been eliminated.
+  * Unrelated operations are now properly concurrent
+  * A new emulator has been created, b3270, as a common back-end
+    process that handles the 3270 protocol and host interactions,
+    using a simple XML-based protocol.
+  * The c3270 prompt has been generalized and is available to all
+    of the 3270 emulators as the x3270 prompt.
+  * The prompt now uses color to distinguish error messages.
+  * APL keyboard operation on x3270 has changed, fixed APL keymap
+    was removed in favor of key combination Shift-Escape toggling
+    a new APL mode
+  * Many other bug fixes and features
+- Removed x3270-handle-missing-font.patch, mkversion.patch, and
+  reproducible.patch, merged upstream.
+- Expat added as its BuildRequires
+
xorg-x11-server
+- U_bsc1216261-0003-dix-always-initialize-pScreen-CloseScreen.patch
+  * fixes a regresion, which can trigger a segfault in Xwayland on
+    exit, introduced by
+    U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch
+    (CVE-2023-5574, ZDI-CAN-21213, bsc#1216261)
+
+- U_bsc1216261-0001-mi-fix-CloseScreen-initialization-order.patch
+  U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch
+  * Server Damage Object Use-After-Free Local Privilege Escalation
+    Vulnerability (CVE-2023-5574, ZDI-CAN-21213, bsc#1216261)
+
+- U_bsc1216133-mi-reset-the-PointerWindows-reference-on-screen-swit.patch
+  * Use-after-free bug in DestroyWindow (CVE-2023-5380, ZDI-CAN-21608,
+    bsc#1216133)
+- U_bsc1216135-Xi-randr-fix-handling-of-PropModeAppend-Prepend.patch
+  * fix handling of PropModeAppend/Prepend ((CVE-2023-5367, ZDI-CAN-22153,
+    bsc#1216135)
+
xwayland
+- U_bsc1216261-0001-mi-fix-CloseScreen-initialization-order.patch
+  U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch
+  * Server Damage Object Use-After-Free Local Privilege Escalation
+    Vulnerability (CVE-2023-5574, ZDI-CAN-21213, bsc#1216261)
+- U_bsc1216261-0003-dix-always-initialize-pScreen-CloseScreen.patch
+  * fixes a regresion, which can trigger a segfault in Xwayland on
+    exit, introduced by
+    U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch
+    (CVE-2023-5574, ZDI-CAN-21213, bsc#1216261)
+
+- U_bsc1216135-Xi-randr-fix-handling-of-PropModeAppend-Prepend.patch
+  * fix handling of PropModeAppend/Prepend ((CVE-2023-5367, ZDI-CAN-22153,
+    bsc#1216135)
+
yast2
+- Fix firewalld zones reader adapting it to the new firewall-cmd
+  - -list-all-zones output format (bsc#1216534)
+- 4.6.4
+
+- Branch package for SP6 (bsc#1208913)
+- backport:
+-- Replace calls to mkinitrd with dracut as mkinitrd will be
+  dropped (bsc#1203019)
+- 4.6.3
+
yast2-add-on
+- Branch package for SP6 (bsc#1208913)
+- 4.6.2
+
-- 4.6.1
-
-- Bump version to 4.6.0 (bsc#1208913)
+- 4.5.4
yast2-apparmor
-  - Fixed crash on internal error when scanning audit.log
-- 4.6.2
+  - Backport: Fixed crash on internal error when scanning audit.log
+- 4.6.3
-- Added missing textdomain (bsc#1211980)
-- 4.6.1
+- Branch package for SP6 (bsc#1208913)
-- Bump version to 4.6.0 (bsc#1208913)
+- Added missing textdomain (bsc#1211980)
+- 4.5.1
yast2-country
+- BuildRequire kbd to fix the build (bsc#1211104)
+- 4.6.6
+
+- use also kbd-model-map.xkb-generated (bsc#1211104)
+- sort the selection box of keyboard layouts alphabetically
+- 4.6.5
+
+- Backport:
+-- Allow changing date to a later year than 2032 (bsc#1214144)
+-- Replace call to mkinitrd with dracut (bsc#1203019)
+- 4.6.4
+
+- Branch package for SP6 (bsc#1208913)
+
yast2-dhcp-server
+- Branch package for SP6 (bsc#1208913)
+
yast2-dns-server
+- Branch package for SP6 (bsc#1208913)
+
yast2-drbd
-- Validate DRBD Device name (bsc#1207952)
-- 4.6.1
+- Branch package for SP6 (bsc#1208913)
+- 4.6.2
-- Bump version to 4.6.0 (bsc#1208913)
+- Validate DRBD Device name (bsc#1207952)
+- 4.5.1
yast2-http-server
+- Branch package for SP6 (bsc#1208913)
+
yast2-installation
+- Refresh repositories with changed URL and reload them again
+  to activate the changes (related to bsc#1215884)
+- 4.6.8
+
yast2-iscsi-client
-- Bump version to 4.6.0 (bsc#1208913)
+- Add support packages on demand (bsc#1214273)
+- 4.6.1
+
+- Branch package for SP6 (bsc#1208913)
+- 4.6.0
yast2-network
+- Branch package for SP6 (bsc#1208913)
+- 4.6.6
+
-- 4.6.5
+- 4.5.21
-- 4.6.4
-- 4.6.3
+- 4.5.20
-- 4.6.2
+- 4.5.19
-- 4.6.1
-
-- Bump version to 4.6.0 (bsc#1208913)
+- 4.5.18
yast2-nfs-client
+- Branch package for SP6 (bsc#1208913)
+- 4.6.2
+
-- 4.6.1
-
-- Bump version to 4.6.0 (bsc#1208913)
+- 4.5.2
yast2-online-update
+- Branch package for SP6 (bsc#1208913)
+- 4.6.2
+
-- 4.6.1
-
-- Bump version to 4.6.0 (bsc#1208913)
+- 4.5.3
yast2-schema-default
+- Added several LUKS-related elements to the partitioning schema
+  (jsc#PED-3878, jsc#PED-5518).
+- 4.6.1
+
+- Branch package for SP6 (bsc#1208913)
+
yast2-schema-micro
+- Added several LUKS-related elements to the partitioning schema
+  (jsc#PED-3878, jsc#PED-5518).
+- 4.6.1
+
+- Branch package for SP6 (bsc#1208913)
+
yast2-snapper
+- Branch package for SP6 (bsc#1208913)
+- 4.6.2
+
-- 4.6.1
-
-- Bump version to 4.6.0 (bsc#1208913)
+- 4.5.1
yast2-storage-ng
+- New MdLevel value for linear RAIDs (bsc#1215022)
+- 4.6.14
+
+- AutoYaST: official support for LUKS2 (jsc#PED-3878, jsc#PED-5518)
+- 4.6.13
+
+- Branch package for SP6 (bsc#1208913)
+
yast2-update
-- Rebuild the RPM database during upgrade (--rebuilddb) (bsc#1209565)
+- Drop the previously used repositories when going back to the
+  partition selection at upgrade, this ensures the repositories
+  are correctly reinitialized later (bsc#1215884)
+- 4.6.2
+
+- Branch package for SP6 (bsc#1208913)
-- Bump version to 4.6.0 (bsc#1208913)
+- Rebuild the RPM database during upgrade (--rebuilddb) (bsc#1209565)
+- 4.5.3
yast2-x11
+- Prevent testX from hanging in second stage if no supported WM
+  can be started (bsc#1216197)
+- 4.6.2
+
+- xkbctrl: use also kbd-model-map.xkb-generated (bsc#1211104)
+- 4.6.1
+
+- Branch package for SP6 (bsc#1208913)
+
zchunk
+- Fix CVE-2023-46228, bsc#1216268
+  * Handle overflow errors in malformed zchunk files.
+- Added patch:
+  * CVE-2023-46228.patch
+
zlib
+- Fix CVE-2023-45853, integer overflow and resultant heap-based buffer
+  overflow in zipOpenNewFileInZip4_6, bsc#1216378
+  * CVE-2023-45853.patch
+