Packages changed:
  gnome-control-center (47.1.1+9 -> 47.2)
  gnome-online-accounts (3.52.1 -> 3.52.2)
  gnome-terminal (3.54.1 -> 3.54.2)
  gnome-user-share (47.0+0 -> 47.2)
  gtk4 (4.16.6 -> 4.16.7)
  kdump (2.0.11 -> 2.0.12)
  libadwaita (1.6.1 -> 1.6.2)
  libnetfilter_conntrack
  libnvme
  libsoup (3.6.0 -> 3.6.1)
  passt (20241030.ee7d0b6 -> 20241121.238c69f)
  podman (5.3.0 -> 5.3.1)
  python-tornado6 (6.4.1 -> 6.4.2)
  vte (0.78.1 -> 0.78.2)
  xdm
  xen (4.19.0_04 -> 4.19.0_06)

=== Details ===

==== gnome-control-center ====
Version update (47.1.1+9 -> 47.2)
Subpackages: gnome-control-center-color gnome-control-center-goa

- Update to version 47.2:
  + Accessibility: Remove "screen" labels that take too much space
  + Appearance: Fix accidental reset of accent colors config
  + Apps: Fix some memory leaks
  + Color: Ensure profiles are connected before operating on them
  + Mobile Networks: Fix alignment of status pages
  + Mouse:
  - Fix illustration assets requiring gstreamer-plugins-bad
  - Update illustration assets
  + Printers: Remove wrong tooltip in the "Add Printer" button
  + Updated translations.

==== gnome-online-accounts ====
Version update (3.52.1 -> 3.52.2)
Subpackages: libgoa-1_0-0 libgoa-backend-1_0-2

- Update to version 3.52.2:
  + Bugs fixed:
  - goadavclient.c: add WebDAV default candidate to test
  - goafedoraprovider: fix use-after-free
  + Updated translations.

==== gnome-terminal ====
Version update (3.54.1 -> 3.54.2)
Subpackages: nautilus-extension-terminal

- Update to version 3.54.2:
  + Updated translations.

==== gnome-user-share ====
Version update (47.0+0 -> 47.2)

- Adjust _service definition: upstream has changed their tag format
  to be a simple VERSION tag.
- Update to version 47.2:
  + Fix a compiling issue for non-gnu C toolchain.

==== gtk4 ====
Version update (4.16.6 -> 4.16.7)
Subpackages: gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0

- Update to version 4.16.7:
  + Text: Reduce the size of error underlines.
  + Accessibility:
  - Fix a wrong return value type.
  - Fix an invalid free call.

==== kdump ====
Version update (2.0.11 -> 2.0.12)

- upgrade to version 2.0.12
  * fadump: pass additional parameters for capture kernel (jsc#PED-9889)

==== libadwaita ====
Version update (1.6.1 -> 1.6.2)
Subpackages: libadwaita-1-0 typelib-1_0-Adw-1

- Update to version 1.6.2:
  + AdwDialog: Fix accessible role critical when using
    window-backed dialogs.
  + AdwHeaderBar: Fix a typo in docs.
  + AdwMessageDialog: Fix a typo in adw_message_dialog_response()
    deprecation message.
  + AdwStyleManager: Fix initial color scheme value on Windows.
  + Updated translations.

==== libnetfilter_conntrack ====

- Specfile modernization

==== libnvme ====
Subpackages: libnvme-mi1 libnvme1

- Fix tests on s390
  * add 0002-test-mock-pass-thru-unknown-ioctls.patch

==== libsoup ====
Version update (3.6.0 -> 3.6.1)
Subpackages: libsoup-3_0-0 typelib-1_0-Soup-3_0

- Update to version 3.6.1:
  + Fix `soup_uri_copy()` reading port as a long instead of an int
  + Fix possible NULL deref in `soup_uri_decode_data_uri()`
  + Fix possible overflow in `SoupContentSniffer`
  + Fix assertion in `soup_uri_decode_data_uri()` on URLs with a
    path starting with `//`
  + headers: Be more robust against invalid input when parsing
    params
  + websocket: Fix possibility of being stuck in a read loop
- Drop patches fixed upstream:
  + 6adc0e3e.patch
  + 29b96fab.patch
  + a35222dd.patch
  + 4c9e75c6.patch

==== passt ====
Version update (20241030.ee7d0b6 -> 20241121.238c69f)
Subpackages: passt-selinux

- Update to version 20241121.238c69f:
  * tcp: Acknowledge keep-alive segments, ignore them for the rest
  * tcp: Reset ACK_TO_TAP_DUE flag whenever an ACK isn't needed anymore
  * ndp: Don't send unsolicited RAs if NDP is disabled
  * ndp: Don't send unsolicited router advertisement if we can't, yet
  * selinux: Use auth_read_passwd() interface for all our getpwnam() needs
  * ndp: Send unsolicited Router Advertisements
  * passt: Seed libc's pseudo random number generator
  * util: Add general low-level random bytes helper
  * ndp: Make route lifetime a #define
  * ndp: Use struct assignment in preference to memcpy() for IPv6 addresses
  * ndp: Split out helpers for sending specific NDP message types
  * ndp: Add ndp_send() helper
  * ndp: Remove redundant update to addr_seen
  * cppcheck: Don't check the system headers
  * linux_dep: Fix CLOSE_RANGE_UNSHARE availability handling
  * linux_dep: Move close_range() conditional handling to linux_dep.h
  * log: Only check for FALLOC_FL_COLLAPSE_RANGE availability at runtime
  * tap, tcp, util: Add some missing SOCK_CLOEXEC flags
  * passt: Use NOLINT clang-tidy block instead of NOLINTNEXTLINE
  * util: Define small and big thresholds for socket buffers as unsigned long long
  * tap: Cast TAP_BUF_BYTES - ETH_MAX_MTU to ssize_t, not TAP_BUF_BYTES
  * dhcpv6: Turn some option headers pointers to const
  * dhcpv6: Use for loop instead of goto to avoid false positive cppcheck warning
  * tcp: unify payload and flags l2 frames array
  * test: Improve test for NDP assigned prefix
  * test: Don't require 64-bit prefixes in perf tests
  * test: Make nstool hold robust against interruptions to control clients
  * test: Rename propagating signal handler
  * util: Work around cppcheck bug 6936
  * udp: Don't dereference uflow before NULL check in udp_reply_sock_handler()
  * ndp: Use const pointer for ndp_ns packet
  * linux_dep: Generalise tcp_info.h to handling Linux extension compatibility
  * fwd: Squash different-signedness comparison warning
  * util: Remove unused ffsl() function
  * clang: Add rudimentary clangd configuration
  * Makefile: Don't attempt to auto-detect stack size
  * Makefile: Use -DARCH for qrap only
  * seccomp: Simplify handling of AUDIT_ARCH
  * Makefile: Move NETNS_RUN_DIR definition to C code
  * netlink: RTA_PAYLOAD() returns int, not size_t
  * flow: Correct type of flowside_at_sidx()
  * arch: Avoid explicit access to 'environ'
  * clang: Move clang-tidy configuration from Makefile to .clang-tidy
  * Makefile: Simplify exclusion of qrap from static checks
  * clang: Add .clang-format file
  * test: Adjust misplaced sleeps in two_guests code
  * tap: Explicitly cast TUNSETIFF to fix build warning with musl on ppc64le
  * tcp: Fix build against musl, __sum16 comes from linux/types.h

==== podman ====
Version update (5.3.0 -> 5.3.1)

- Update to version 5.3.1:
  * Bump to v5.3.1
  * Update release notes for v5.3.1
  * Update windows installer tests
  * Windows: don't install WSL/HyperV on update
  * Switch to non-installing WSL by default
  * docs: add 5.3 as Reference version
  * only read ssh_config for non machine connections
  * ssh_config: allow IdentityFile file with tilde
  * ssh_config: do not overwrite values from config file
  * connection: ignore errors when parsing ssh_config
  * spec: clamp rlimits in a userns
  * cirrus: set proper DEST_BRANCH for 5.3
  * libpod: addHosts() prevent nil deref
  * Bump bundled krunkit to 0.1.4
  * fix podman machine init --ignition-path
  * Bump to v5.3.1-dev

==== python-tornado6 ====
Version update (6.4.1 -> 6.4.2)

- Update to 6.4.2:
  + Security Improvements:
  * Parsing of the cookie header is now much more efficient. The older
    algorithm sometimes had quadratic performance which allowed for a
    denial-of-service attack in which the server would spend excessive
    CPU time parsing cookies and block the event loop.
    (CVE-2024-52804, bsc#1233668)

==== vte ====
Version update (0.78.1 -> 0.78.2)

- Update to version 0.78.2:
  + build: Fix typo in pread check
  + emulation: Use U+2426 for SUB
  + lib: Remove an unnecessary move
  + widget:
  - Use correct type for out param
  - Use correct termprop name

==== xdm ====

- tweak the login screen:
  * use sans serif font
  * use branding wallpaper and colors
  * do not require xli, recommend feh

==== xen ====
Version update (4.19.0_04 -> 4.19.0_06)

- bsc#1232622 - VUL-0: CVE-2024-45818: xen: Deadlock in x86 HVM
  standard VGA handling (XSA-463)
  xsa463-01.patch
  xsa463-02.patch
  xsa463-03.patch
  xsa463-04.patch
  xsa463-05.patch
  xsa463-06.patch
  xsa463-07.patch
  xsa463-08.patch
  xsa463-09.patch
- bsc#1232624 - VUL-0: CVE-2024-45819: xen: libxl leaks data to PVH
  guests via ACPI tables (XSA-464)
  xsa464.patch
- Drop stdvga-cache.patch
- bsc#1232542 - remove usage of net-tools-deprecated from supportconfig plugin