- Update to current 2.43.1 branch [PED-10474]:
  * PR32109 - fuzzing problem
  * PR32083 - LTO vs overridden common symbols
  * PR32067 - crash with LTO-plugin and --oformat=binary
  * PR31956 - LTO vs wrapper symbols
  * riscv - add Zimop and Zcmop extensions
- Adjusted binutils-2.43-branch.diff.gz.

- Update to version 2.43:
  * new .base64 pseudo-op, allowing base64 encoded data as strings
  * Intel APX: add support for CFCMOV, CCMP, CTEST, zero-upper, NF
    (APX_F now fully supported)
  * x86 Intel syntax now warns about more mnemonic suffixes
  * macros and .irp/.irpc/.rept bodies can use \+ to get at number
    of times the macro/body was executed
  * aarch64: support 'armv9.5-a' for -march, add support for LUT
    and LUT2
  * s390: base register operand in D(X,B) and D(L,B) can now be
    omitted (ala 'D(X,)'); warn when register type doesn't match
    operand type (use option
    'warn-regtype-mismatch=[strict|relaxed|no]' to adjust)
  * riscv: support various extensions: Zacas, Zcmp, Zfbfmin,
    Zvfbfmin, Zvfbfwma, Smcsrind/Sscsrind, XCvMem, XCvBi, XCvElw,
    XSfCease, all at version 1.0;
    remove support for assembly of privileged spec 1.9.1 (linking
    support remains)
  * arm: remove support for some old co-processors: Maverick and FPA
  * mips: '--trap' now causes either trap or breakpoint instructions
    to be emitted as per current ISA, instead of always using trap
    insn and failing when current ISA was incompatible with that
  * LoongArch: accept .option pseudo-op for fine-grained control
    of assembly code options; add support for DT_RELR
  * readelf: now displays RELR relocations in full detail;
    add -j/--display-section to show just those section(s) content
    according to their type
  * objdump/readelf now dump also .eh_frame_hdr (when present) when
    dumping .eh_frame
  * gprofng: add event types for AMD Zen3/Zen4 and Intel Ice Lake
    processors; add minimal support for riscv
  * linker:
  - put .got and .got.plt into relro segment
  - add -z isa-level-report=[none|all|needed|used] to the x86 ELF
    linker to report needed and used x86-64 ISA levels
  - add --rosegment option which changes the -z separate-code
    option so that only one read-only segment is created (instead
    of two)
  - add --section-ordering-file <FILE> option to add extra
    mapping of input sections to output sections
  - add -plugin-save-temps to store plugin intermediate files
    permanently
- Removed binutils-2.42.tar.bz2, binutils-2.42-branch.diff.gz.
- Added binutils-2.43.tar.bz2, binutils-2.43-branch.diff.gz.
- Removed upstream patch riscv-no-relax.patch.
- Rebased ld-relro.diff and binutils-revert-rela.diff.

- binutils-pr22868.diff: Remove obsolete patch
- Undefine _FORTIFY_SOURCE when running checks

- Allow to disable profiling

- Use %patch -P N instead of deprecated %patchN.

- riscv-no-relax.patch: RISC-V: Don't generate branch/jump relocation if
  symbol is local when no-relax

- Add binutils-disable-code-arch-error.diff to demote an
  error about swapped .arch/.code directives to a warning.
  It happens in the wild.

- Update to version 2.42:
  * Add support for many aarch64 extensions: SVE2.1, SME2.1, B16B16,
  RASv2, LSE128, GCS, CHK, SPECRES2, LRCPC3, THE, ITE, D128, XS and
  flags to enable them: '+fcma', '+jscvt', '+frintts', '+flagm2',
  '+rcpc2' and '+wfxt'
  * Add experimantal support for GAS to synthesize call-frame-info for
  some hand-written asm (--scfi=experimental) on x86-64.
  * Add support for more x86-64 extensions: APX: 32 GPRs, NDD, PUSH2/POP2,
  PUSHP/POPP; USER_MSR, AVX10.1, PBNDKB, SM4, SM3, SHA512, AVX-VNNI-INT16.
  * Add support for more RISC-V extensions: T-Head v2.3.0, CORE-V v1.0,
  SiFive VCIX v1.0.
  * BPF assembler: ';' separates statements now, and does not introduce
  line comments anymore (use '#' or '//' for this).
  * x86-64 ld: Add '-z mark-plt/-z nomark-plt' to mark PLT entries with
  dynamic tags.
  * risc-v ld: Add '--[no-]check-uleb128'.
  * New linker script directive: REVERSE, to be combined with SORT_BY_NAME
  or SORT_BY_INIT_PRIORITY, reverses the generated order.
  * New linker options --warn-execstack-objects (warn only about execstack
  when input object files request it), and --error-execstack plus
  - -error-rxw-segments to convert the existing warnings into errors.
  * objdump: Add -Z/--decompress to be used with -s/--full-contents to
  decompress section contents before displaying.
  * readelf: Add --extra-sym-info to be used with --symbols (currently
  prints section name of references section index).
  * objcopy: Add --set-section-flags for x86_64 to include
  SHF_X86_64_LARGE.
  * s390 disassembly: add target-specific disasm option 'insndesc',
  as in "objdump -M insndesc" to display an instruction description
  as comment along with the disassembly.
- Add binutils-2.42-branch.diff.gz.
- Rebased s390-biarch.diff.
- Adjusted binutils-revert-hlasm-insns.diff,
  binutils-revert-plt32-in-branches.diff and binutils-revert-rela.diff
  for upstream changes.
- Removed binutils-2.41-branch.diff.gz, binutils-2.41.tar.bz2,
  binutils-2.41-branch.diff.gz.
- Removed binutils-use-less-memory.diff, binutils-old-makeinfo.diff
  and riscv-relro.patch (all upstreamed).
- Removed add-ulp-section.diff, we use a different mechanism
  for live patching since a long time.

- Add binutils-use-less-memory.diff to be a little nicer to 32bit
  userspace and huge links.  [bsc#1216908]

- riscv-relro.patch: RISC-V: Protect .got with relro

- Add libzstd-devel to Requires of binutils-devel. (bsc#1215341)

- Update to 10.3.4
  + Modify the message when network access over a specific IP version does
    not work. This is an informational message and should not look like
    an error
  + Inform the user that LTSS registration takes a little longer
  + Add fix-for-sles12-no-trans_update.patch
    + SLE 12 family has no products with transactional-update we do not
    need to look for this condition
- From 10.3.3 (bsc#1229472)
  + Handle changes in process structure to properly identify the running
    zypper parent process and only check for 1 PID
- From 10.3.2
  + Remove rgnsrv-clnt-fix-docker-setup.patch included upstream
- From 10.3.1 (jsc#PCT-400)
  + Add support for LTSS registration
  + Add fix-for-sles12-disable-registry.patch
    ~ No container support in SLE 12

- Update to containerd v1.7.21. Upstream release notes:
  <https://github.com/containerd/containerd/releases/tag/v1.7.21>
  Fixes CVE-2023-47108. bsc#1217070
  Fixes CVE-2023-45142. bsc#1228553
- Rebase patches:
  * 0001-BUILD-SLE12-revert-btrfs-depend-on-kernel-UAPI-inste.patch

- Security fix: [bsc#1230093, CVE-2024-8096]
  * curl: OCSP stapling bypass with GnuTLS
  * Add curl-CVE-2024-8096.patch

- Security fix: [bsc#1228535, CVE-2024-7264]
  * curl: ASN.1 date parser overread
  * Add curl-CVE-2024-7264.patch

- update to deltarpm-3.6.4
  * support for threaded zstd
  * use a tmp file instead of memory to hold the incore data
    [bsc#1228948]
- dropped patches:
  * deltarpm-b7987f6aa4211df3df03dcfc55a00b2ce7472e0a.patch

- deltarpm-b7987f6aa4211df3df03dcfc55a00b2ce7472e0a.patch: fixed
  some C bugs ( incorrect sized memset() , memcpy instead of strcpy,
  unsigned int)

- update to deltarpm-3.6.3
  * support for threaded zstd compression

- Actually enable zstd compression

- update to deltarpm-3.6.2
  * support for zstd compression

- Update to version 055+suse.392.g7930ab23:
  * feat(systemd*): include systemd config files from /usr/lib/systemd (bsc#1228398)
  * fix(convertfs): error in conditional expressions (bsc#1228847)

- Add glib2-gdbusmessage-cache-arg0.patch: cache the arg0 value in
  a dbus message. Fixes a possible use after free (boo#1224044).

- s390x-wcsncmp.patch: s390x: Fix segfault in wcsncmp (bsc#1228043, BZ
  [#31934])

- Security fix (bsc#1229932, CVE-2024-45492): detect integer
  overflow in function nextScaffoldPart
  * Added expat-CVE-2024-45492.patch
- Security fix (bsc#1229931, CVE-2024-45491): detect integer
  overflow in dtdCopy
  * Added expat-CVE-2024-45491.patch
- Security fix (bsc#1229930, CVE-2024-45490): reject negative
  len for XML_ParseBuffer
  * Added expat-CVE-2024-45490.patch

- Security fix: [bsc#1230034, CVE-2024-8006]
  * libpcap: NULL pointer derefence in pcap_findalldevs_ex()
  * Add libpcap-CVE-2024-8006.patch

- Security fix: [bsc#1230020, CVE-2023-7256]
  * libpcap: double free via addrinfo in sock_initaddress()
  * Add libpcap-CVE-2023-7256.patch

- removed dependency on external find program in the repo2solv tool
- bindings: fix return value of repodata.add_solv()
- new SOLVER_FLAG_FOCUS_NEW flag
- bump version to 0.7.30

- Import commit a57a6d239c5d6b91fb3dcd269705e60804a03ae1
  cd0c9ac4f4 unit: drop ProtectClock=yes from systemd-udevd.service (bsc#1226414)
  e1eaa86a49 udev: do not set ID_PATH and by-path symlink for nvmf disks
  a85d211874 man: Document ranges for distributions config files and local config files

- Don't mention any rpm macros inside comments, even if escaped (bsc#1228091)
  Otherwise pesign-obs-integration ends up re-packaging systemd with all macros
  inside comments unescaped leading to unpredictable behavior. Now why rpm
  expands rpm macros inside comments is the question...

- Update 1011-sysv-generator-add-back-support-for-SysV-scripts-for.patch
  Really skip redundant dependencies specified the LSB description that
  references the file name of the service itself for early boot scripts (noticed
  in bsc#1221479).

- Make sure not to statically linked installed tools (bsc#1228787)
- version 17.35.8 (35)

- MediaPluginType must be resolved to a valid MediaHandler
  (bsc#1228208)
- version 17.35.7 (35)

- Export CredentialManager for legacy YAST versions (bsc#1228420)
- version 17.35.6 (35)

- Export asSolvable for YAST (bsc#1228420)
- Fix 4 typos in zypp.conf.
- version 17.35.5 (35)

- Fix typo in the geoip update pipeline (bsc#1228206)
- Export RepoVariablesStringReplacer for yast2 (bsc#1228138)
- version 17.35.4 (35)

- Translation: updated .pot file.
- Conflict with python zypp-plugin < 0.6.4 (bsc#1227793)
  Older zypp-plugins reject stomp headers including a '-'. Like the
  'content-length' header we may send.
- Fix int overflow in Provider (fixes #559)
  This patch fixes an issue in safe_strtonum which caused
  timestamps to overflow in the Provider message parser.
- Fix error reporting on repoindex.xml parse error (bsc#1227625)
- version 17.35.3 (35)

- Keep UrlResolverPlugin API public (fixes #560)
- Blacklist /snap executables for 'zypper ps' (bsc#1226014)
- Fix handling of buddies when applying locks (bsc#1225267)
  Buddy pairs (like -release package and product) internally share
  the same status object. When applying locks from query results
  the locked bit must be set if either item is locked.
- version 17.35.2 (35)

- Install zypp/APIConfig.h legacy include (fixes #557)
- version 17.35.1 (35)

- Update soname due to RepoManager refactoring and cleanup.
- version 17.35.0 (35)

- Workaround broken libsolv-tools-base requirements (fixes
  openSUSE/zypper#551)
- Strip ssl_clientkey from repo urls (bsc#1226030)
- Remove protobuf build dependency.
- Lazily attach medium during refresh workflows (bsc#1223094)
- Refactor RepoManager and add Service workflows.
- version 17.34.2 (34)

- Updated nss-fips-approved-crypto-non-ec.patch to enforce
  approved curves with the CKK_EC_MONTGOMERY key type (bsc#1224113).

- Add patch CVE-2024-6345-code-execution-via-download-funcs.patch:
  * Sanitize any VCS URL we download. (CVE-2024-6345, bsc#1228105)

- Version 4.2.0 (jsc#PCT-361)
  + Add IPv6 certs to supprt access of the update infrastructure via
    IPv6 on GCE instances.

- Update to version 4.1.0 (bsc#1217538)
  + Replace 162.222.182.90 and 35.187.193.56 (length 4096):
    rgnsrv-gce-asia-northeast1 -> 162.222.182.90 expires in 9 years
    rgnsrv-gce-us-central1 -> 35.187.193.56 expires in 10 years

[ This was only ever released for SLES and Leap. ]
- Update to runc v1.1.14. Upstream changelog is available from
  <https://github.com/opencontainers/runc/releases/tag/v1.1.14>.
  Includes the patch for CVE-2024-45310. bsc#1230092
- Rebase patches:
  * 0001-bsc1221050-libct-seccomp-patchbpf-rm-duplicated-code.patch
  * 0002-bsc1221050-seccomp-patchbpf-rename-nativeArch-linuxA.patch
  * 0003-bsc1221050-seccomp-patchbpf-always-include-native-ar.patch
  * 0004-bsc1214960-nsenter-cloned_binary-remove-bindfd-logic.patch

n/a

n/a

n/a

n/a

n/a

n/a

n/a

n/a

- Changes to version 3.2.8
  + Avoid getting duplicate kernel verifications in boot.text (pr#190)
  + lvm: suppress file descriptor leak warnings from lvm commands (pr#191)
  + docker_info: Add timestamps to container logs (pr#196)
  + Key value pairs and container log timestamps (bsc#1222021 PED-8211, pr#198)
  + Update supportconfig get pam.d sorted (pr#199)
  + yast_files: Exclude .zcat (pr#201)
  + Sanitize grub bootloader (bsc#1227127, pr#203)
  + Sanitize regcodes (pr#204)
  + Improve product detection (pr#205)
  + Add read_values for s390x (bsc#1228265, pr#206)
  + hardware_info: Remove old alsa ver check (pr#209)
  + drbd_info: Fix incorrect escape of quotes (pr#210)

- extended 2048 bit SUSE SLE 12, 15 GA-SP5 key until 2028. (bsc#1229339)
  - gpg-pubkey-39db7c82-5f68629b.asc
  + gpg-pubkey-39db7c82-66c5d91a.asc

- Use %patch -P N instead of deprecated %patchN.

- Build unzip-rcc using multibuild and update unzip-rcc.spec file

- Don't block in AutoYaST upgrade (bsc#1181625)
- 4.5.20

- Show rpm install size before installing (bsc#1224771)
  If filesystem snapshots are taken before the installation (e.g.
  by snapper) no disk space is freed by removing old packages. In
  this case the install size of all packages is a hint how much
  additional disk space is needed by the new packages static
  content.
- version 1.14.76

- Fix readline setup to handle Ctrl-C and Ctrl-D corrrectly
  (bsc#1227205)
- version 1.14.75

- Let_readline_abort_on_Ctrl-C (bsc#1226493)
- packages: add '--system' to show @System packages (bsc#222971)
- version 1.14.74