audit-secondary
- Update audit-secondary.spec: create symbolic link from
  /sbin/audisp-syslog to /usr/sbin/audisp-syslog (bsc#1201519).

- Fix rules not loaded when restarting auditd.service(bsc#1204844)
ca-certificates-mozilla
- Updated to 2.62 state of Mozilla SSL root CAs (bsc#1214248)
  Added:
  - Atos TrustedRoot Root CA ECC G2 2020
  - Atos TrustedRoot Root CA ECC TLS 2021
  - Atos TrustedRoot Root CA RSA G2 2020
  - Atos TrustedRoot Root CA RSA TLS 2021
  - BJCA Global Root CA1
  - BJCA Global Root CA2
  - LAWtrust Root CA2 (4096)
  - Sectigo Public Email Protection Root E46
  - Sectigo Public Email Protection Root R46
  - Sectigo Public Server Authentication Root E46
  - Sectigo Public Server Authentication Root R46
  - SSL.com Client ECC Root CA 2022
  - SSL.com Client RSA Root CA 2022
  - SSL.com TLS ECC Root CA 2022
  - SSL.com TLS RSA Root CA 2022
  Removed CAs:
  - Chambers of Commerce Root
  - E-Tugra Certification Authority
  - E-Tugra Global Root CA ECC v3
  - E-Tugra Global Root CA RSA v3
  - Hongkong Post Root CA 1
crypto-policies
- Update the update-crypto-policies(8) man pages and README.SUSE
  to mention the supported back-end policies. [bsc#1209998]
docker
- update to Docker 24.0.5-ce. See upstream changelong online at
  <https://docs.docker.com/engine/release-notes/24.0/#2405>. bsc#1213229

- Update to Docker 24.0.4-ce. See upstream changelog online at
  <https://docs.docker.com/engine/release-notes/24.0/#2404>. bsc#1213500

- Update to Docker 24.0.3-ce. See upstream changelog online at
  <https://docs.docker.com/engine/release-notes/24.0/#2403>. bsc#1213120
- Rebase patches:
  * cli-0001-docs-include-required-tools-in-source-tree.patch

- Recommend docker-rootless-extras instead of Require(ing) it, given
  it's an additional functionality and not inherently required for
  docker to function.

- Add docker-rootless-extras subpackage
  (https://docs.docker.com/engine/security/rootless)

- Update to Docker 24.0.2-ce. See upstream changelog online at
  <https://docs.docker.com/engine/release-notes/24.0/#2402>. bsc#1212368
  * Includes the upstreamed fix for the mount table pollution issue.
    bsc#1210797
- Add Recommends for docker-buildx, and add /usr/lib/docker/cli-plugins as
  being provided by this package.
- Rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  * cli-0001-docs-include-required-tools-in-source-tree.patch
dracut
- Update to version 055+suse.369.gde6c81bf:
  * fix(dracut-install): protect against broken links pointing to themselves
  * fix(dracut.sh): exit if resolving executable dependencies fails (bsc#1214081)
gawk
- format-tree-positional-arg.patch: Validate index into argument list
  (CVE-2023-4156, bsc#1214025)
lvm2
- blkdeactivate calls wrong mountpoint cmd (bsc#1214071)
  + bug-1214071-blkdeactivate_calls_wrong_mountpoint.patch
freetype2
- Added patch:
  * CVE-2023-2004.patch
    + fixes bsc#1210419, CVE-2023-2004: Integer overflow
liblognorm
- Upgrade to liblognorm v2.0.6 (jsc#PED-4883)
  * 2018-11-02: nitfixes: issues deteced by CodeFactor.com
  * 2018-11-01: more cleanup of shell scripting
  * 2018-10-31: cleanup shell scripting
  * 2018-10-26: implement Checkpoint LEA transfer format
  * 2018-10-31: fix mising shebangs in test scripts
  * 2018-10-30: fix some bash style nits
  * 2018-07-15: fix very theoretic misadressing (gcc-8 warning)
  * 2018-06-26: string parser: add "lazy" matching mode
  * 2018-05-30: Update lognormalizer.c
  * 2018-05-30: Update lognormalizer.c to support case fallthrough
  * 2018-05-30: Update README
  * 2018-05-10: Fix for #229 (cisco-interface-spec at end of line)
  * 2018-03-21: Suppress invalid param error for name to fix #270
- Upgrade to liblognorm v2.0.5
  * 2018-04-25: fix potential NULL pointer addressing
  * 2018-04-07: Add test for nested user types
  * 2018-04-07: Fix use after free with nested user types (#235)
  * 2018-04-25: build system: fix gcc warning
  * 2018-04-25: make "make check" "succeed" on solaris 10
  * 2018-04-16: fix build warnings with some newer compilers
  * 2018-04-16: remove dead code
  * 2018-04-16: fix potential memory leaks during config processing
  * 2018-04-16: fix memory leak during config processing
  * 2018-04-16: csv encoder: fix format error when processing arrays
  * 2018-03-29: Explicitly list supported whitespace characters
  * 2018-03-28: "fix" return type of unused dummy function
  - replaces liblognorm-2.0.4-no-return-in-nonvoid-function.patch
  * 2018-03-21: Suppress invalid param error for name to fix #270
  * 2018-03-19: fix header guard
  * 2018-03-06: Correct CLI options in the docs
  * 2018-01-13: AIX port : added compatibility and modified lognormalizer for AIX.
  * 2017-11-29: codestyle: correct line length to 120
  * 2017-11-29: codestyle: set max line length to 120
  * 2017-11-25: fix some very bad line length violations
  * 2017-11-25: travis: temporarily permit longer line length
  * 2017-10-19: make build with gcc7
  * 2017-10-05: es_str2cstr leak in string-to v1 parse
parted
- fix null pointer dereference (bsc#1193412)
  - add: parted-fix-check-diskp-in-do_name.patch
- update mkpart options in manpage (bsc#1182142)
  - add: parted-mkpart-manpage.patch
procps
- Add patch CVE-2023-4016.patch
  * CVE-2023-4016: ps buffer overflow (bsc#1214290)
protobuf-c
- Add missing Provides/Obsoletes after package merge (bsc#1214006)
systemd
- Import commit b473c02cc08e093e370034425671cbc001c6748e
  02caac7973 units/initrd-parse-etc.service: Conflict with emergency.target
  70b3bff9f8 sd-device-monitor: dynamically allocate receive buffer (bsc#1213873)
  e2e1fbba2b sd-device: change type of properties nulstr from uint8_t* to char*
  c9d3dd5954 udev: set description for device monitor
  3f07f44fde test: use sd_device_monitor_set_description()
  b304a1e1a2 sd-device-monitor: logs description for device monitor
  929d4066c5 sd-device-monitor: introduce sd_device_monitor_{set,get}_description()
  340e523048 sd-device-monitor: fix inversed condition
  02659c7b67 tree-wide: port various places over to new stat_inode_same() helper
  b35a4b042a stat-util: add helper stat_inode_same() for comparing stat's st_dev/st_ino in one
  d25219cbe3 libsystemd: ignore both EINTR and EAGAIN
  648a151313 errno-util: introduce ERRNO_IS_TRANSIENT()

- Import commit 155fe1917157bdeecf7e28ef0ea9f62084f27f14
  3b8c671f90 detach-md: similar to the DM case, also don't try to detach MD device backing /usr/ (bsc#1211576)
  6da5d2d1fc shutdown: don't attempt to detach DM volume backing /usr/ (bsc#1211576)
  37178881c1 udev: decrease devlink priority for iso disks (bsc#1213185)
  02ede28319 shutdown: get only active md arrays. (bsc#1212434 bsc#1213575 bsc#1211576)
  412b8dbb32 umount: /usr/ should never be unmounted regardless of HAVE_SPLIT_USR or not (bsc#1211576)
  16f897570a units: remove the restart limit on the modprobe@.service
  e4e85b08bd tests: add test case for long unit names
  3f84b06f9d core: shorten long unit names that are based on paths and append path hash at the end (bsc#1208194)

- Add 5001-sleep-don-t-init-sys-power-resume-if-resume-option-i.patch (bsc#1186606)

- Make sure to pre-install the groups systemd and udev rely on. This is needed
  when the tmpfiles are run at package installation time (i.e. when
  file-triggers are disabled).

- Move more packaging fixups in the fixlet script.

- Move the persistent net rule fix in udev fixlet script.

- Rather than having one script per fix, use a single script (or "fixlet") per
  (sub) package that contains all the fixups relative to a (sub) package. This
  has the advantage to limit the number of scripts but more importantly it will
  ease the sharing of the spec file between TW and SLE. We should also be able
  to compare the fixlets of two distros even if the spec files have diverged.
  Note that all the fixups are run just once now.

- kbd-model-map.legacy:: add 'ara' which should replace 'arabic' in the long
  term (bsc#1210702)

- kbd-model-map.legacy: drop some entries no longer needed by YaST
  Related to bsc#1194609.

- Include pam_keyinit.so in our systemd-user PAM service (bsc#1209741)
  That way "systemd --user" instances get their own session keyring instead of
  the user default session keyring. For some reasons cifscreds refuses to work
  with the latter. That's what is expected for every PAM session anyway.
libzypp
- Fixup changes for 17.31.16. Remove faulty reference to a bug
  actually fixed in 2019.
- version 17.31.20 (22)

- Fix zypp-tui/output/Out.h to build with clang.
- Fix zypp/Arch.h for clang (fixes #478)
  Clang seems to have issues with picking the overload in
  std::men_fn if there is a static overload of a member function.
  We need to explicitely specify the correct type of the function
  pointer. To make sure this would not break compiling a
  application with clang that builds against libzypp this patch
  works around the problem.
- version 17.31.19 (22)

- SINGLE_RPMTRANS: Respect ZYPP_READONLY_HACK when checking the
  zypp-rpm lock (fixes openSUSE/openSUSE-repos#29)
- version 17.31.18 (22)

- Fix wrong filesize exceeded dl abort in zyppng::Downloader
  (bsc#1213673)
  In some cases when downloading very small files we can run into
  issues when the URL is protected by credentials.
- version 17.31.17 (22)

- Fix negative ZYPP_LOCK_TIMEOUT not waiting forever (bsc#1213231)
- Don't cleanup orphaned dirs if read-only mode was promised
  (bsc#1210740)
- version 17.31.16 (22)

- Fix build against protobuf >= 22 (fixes #465, closes #466)
  Port away from protobuf_generate_cpp. Upstream protobuf does not
  export protobuf_generate_cpp by default anymore.
  Use protobuf_generate instead, which is also available on older
  versions.
- Remove SUSE < SLE11 constructs (fixes #464).
- version 17.31.15 (22)
python-configobj
- Add CVE-2023-26112.patch (bsc#1210070)
rsyslog
-patches replaced by upgrade (see details in upgrade logs below)
  0001-fixing-the-deleteStateOnFileDelete-option.patch
  0001-imfile-Remove-inotify-watch-descriptor-on-inode-chan.patch
  0001-queue-Add-NULL-check-in-qDeqLinkedList.patch
  0001-testbench-add-test-for-legacy-permittedPeer-statemen.patch
  0002-imtcp-bugfix-legacy-config-directives-did-no-longer-.patch
  CVE-2022-24903.patch
- Upgrade to rsyslog 8.2306.0 (jsc#PED-4883)
  * 2023-06-09: mmnormalize bugfix: if msg cannot be parsed, parser chain is stopped
  * 2023-06-08: Add new global config option "libcapng.default"
  * 2023-06-08: imjournal: Add FileCreateMode module parameter
  * 2023-04-17: core bugfix: potential segfault on busy systems
  * 2023-05-11: GNUTls Driver: Fix memory leaks in gtlsInitCred
  * 2023-05-24: CI: update base ubuntu image for github actions
  * 2023-05-16: OMHIREDIS::ADDED:: New support for 'stream' mode
  * 2023-05-17: OMHIREDIS::ADDED:: new tests for existing functionalities
  * 2023-04-25: OMHIREDIS::FIXED:: Correctly suspend module in case of failure
  * 2023-05-17: OMHIREDIS::FIXED:: Synchronously try to authenticate
  * 2023-04-25: IMHIREDIS::ADDED:: New support for 'stream' mode
  * 2023-04-25: REDIS::ADDED:: Implement tests for imhiredis module
  * 2023-04-12: IMHIREDIS::CLEAN:: various improvements and fixes
    [#]## CHANGED
  - [IMHIREDIS] factorize code for different modes
  - [IMHIREDIS] Clean and improve logging lines
  - [IMHIREDIS] Poll extinction state less frequently for main thread (less aggresive)
  - [IMHIREDIS] Set 'key' action parameter to REQUIRED
  - [IMHIREDIS] Use known message length instead of calculating it when
    enqueuing message
    [#]## ADDED
  - [IMHIREDIS] Missing redis replies' types in enumeration
    [#]## FIXED
  - [IMHIREDIS] Correctly initialize instance object, especially for redisNodesList
  - [IMHIREDIS] Correctly print input mode's value in logs when set incorrectly
  * 2023-05-17: tests: mmexternal-SegFault-empty-jroot-vg.sh: fix typo
  * 2023-03-21: modify testbench test to detect wrong imptcp truncation
  * 2023-03-21: imptcp bugfix: spam log on oversize message
  * 2023-03-23: core/bugfix: using $uuid msg prop can deadlock rsyslog on shutdown
  * 2023-03-13: Remove halted LGTM badges on README
  * 2023-02-16: Do not preserve capabilities when changing credentials
  * 2023-01-23: CI/QA: do compile test both with NDEBUG set/unset
  * 2023-01-23: Fixed wrong type conversion in cstrLen() for debug mode as well
  * 2023-01-18: core/template: implement negative position.to
  * 2023-01-18: CI: fix github CodeQL settings
  * 2023-01-17: Remove CAP_DAC_OVERRIDE if privileges dropped
  * 2023-01-17: Adjust the capability set
  * 2023-01-13: substring function: enhancement and hardening
  * 2023-01-11: omfile: add action parameters "rotation.*"
  * 2023-01-11: CI: use newer version of zookeeper
  * 2023-01-09: ffaup fix : memory corruption with concurrent workers
  * 2023-01-02: openssl: fix undefined reference to CRYPTO_set_id_callback
  * 2022-12-30: testbench: add test for invalid json template generation
  * 2022-12-30: core bugfix: template system may generate invalid json
  * 2022-12-28: Fixed wrong type conversion in cstrLen()
  * 2022-12-08: Add CodeQL workflow for GitHub code scanning
- Upgrade to rsyslog 8.2212.0
  * 2022-12-05: testbench: make python http server based tests more reliable
  * 2022-12-05: omprog bugfix: invalid status handling at called program startup
  * 2022-11-29: testbench bugfix: wrong message injection object of instance 1
  * 2022-11-21: rsyslog.conf man page bugfix: description of selectors
  * 2022-11-18: imtcp bugfix: legacy config directives did no longer work
  - replaces 0002-imtcp-bugfix-legacy-config-directives-did-no-longer-.patch
  * 2022-11-16: ksi bugfix: sending of too many signing requests fixed.
  * 2022-11-14: bugfix: prevent potential segfault when switchung to queue emergency mode
  * 2022-11-02: imjournal: add second fallback to _COMM
  * 2022-10-25: core bugfix: local hostname invalid if no global() config object given
  * 2022-10-25: testbench bugfix: fixed timing issue that sometimes lead to test failure
- Upgrade to rsyslog 8.2208.0
  * 2022-08-09: ksi bugfix: request cache size and send timeout issue fixed.
  * 2022-08-09: imjournal bugfix: segmentation fault in close journal
  * 2022-08-09: net subsystem: support sha256 for StreamDriverAuthMode="x509/fingerprint"
  * 2022-08-05: imfile bugfix: message loss/duplication when monitored file is rotated
  * 2022-08-05: ksi bugfix: optimize processing of signer queue to fix delays.
  * 2022-08-04: ksi bugfix: possible crash fixed when several log files are opened.
  * 2022-08-04: openssl: add support to split tls commands by semicolon
  * 2022-08-04: openssl subsystem bugfix: build issue on Solaris
  * 2022-08-04: openssl: add more details to error messages
  * 2022-08-04: omclickhouse: capture additional exceptions
  * 2022-08-04: mmanon bugfix: Simplified and fixed IPv4 digit detection.
  * 2022-07-21: imptcp: slight tuning
  * 2022-07-20: template procesing/json: performance optimization
  * 2022-07-19: core bugfix: memory leak when free action worker data table
  * 2022-07-13: omfile: support for zstd compression
  * 2022-07-07: stream cleanup: move error message to debug log, only
  * 2022-07-04: mmdblookup bugfix: Don't crash Rsyslog on mmdb file errors
  * 2022-06-28: build error fix: libbson requires out-of-date language constructs
  * 2022-06-27: OpenSSL: fix depreacted API issues for OpenSSL 3.x
- Upgrade to rsyslog 8.2206.0
  * 2022-05-25: omelastisearch: allow omitting _type field
  * 2022-05-18: tcpsrv/imtcp: slight performance improvements
  * 2022-05-12: imptcp bugfix: worker thread starvation on extreme traffic
  * 2022-05-11: omelasticsearch: several support option for ElasticSearch 8
  - config params searchIndex and documentType can be empty
  - support for Data Stream API
  - new config param esVersion.major
  * 2022-05-09: tcp receiver bugfix: delay/potential hang on some error conditions
  * 2022-05-05: net bugfix: potential buffer overrun
  - replaces CVE-2022-24903.patch
    Advisory:
    https://github.com/rsyslog/rsyslog/security/advisories/GHSA-ggw7-xr6h-mmr8#advisory-comment-72243
  * 2022-05-05: imptcp: set OS worker thread name
  * 2022-04-26: mmanon bugfix: shortened IPv6 form not always anonymized
  * 2022-04-22: mmdblookup fix: wrong copy of buffer
  * 2022-04-22: mmdblookup: several enhancements
  - support arrays in MMDB entry
  - support escaped quotes '"' in MMDB entry
  - support '<' characters in MMDB entry, when in a field
  - support '}' characters in MMDB entry, when in a field
- Upgrade to rsyslog 8.2204.0
  * 2022-04-18: gnutls bugfix: possibility of infinite loop
  * 2022-04-17: core/bugfix: errorfile could grow over max configures size
  * 2022-04-17: omkafka bugfix: potential misadressing
  * 2022-04-06: added new "FullJSONFmt" standard template (with addtl fields)
  * 2022-04-04: imfile: potential processing delay
  * 2022-04-04: bugfix: cosmetic data races
  * 2022-04-01: add property options to support ISO week/year number
  * 2022-04-01: core bugfix: "action suspended" message was emitted even when turned off
  * 2022-03-31: testbench: add more tests for rscript comparison operations
  * 2022-03-31: core bugfix: make internal logs emitted during HUP procesing appear quicker
  * 2022-03-20: refactor: Move the parser directive to the main config
  * 2022-03-16: refactor: ake the main message queue part of the config
  * regression bugfix: rsyslog may segfault during startup
  * regression fix: script string comparison did not work correctly
- Upgrade to rsyslog 8.2202.0
  * 2022-02-11: Make action counter part of the config
  * 2022-02-09: imfile: Remove inotify watch descriptor on inode change detected
  - replaces 0001-imfile-Remove-inotify-watch-descriptor-on-inode-chan.patch
  * 2022-02-03: omelasticsearch: Fix indexSuccess impstats counter in bulkmode
  * 2022-01-28: rscript: literal numbers were not compared correctly
  * 2022-01-17: ompgsql: PGsslInUse not supported on old distros
  * 2021-12-31: ompgsql: allow connection params via connection string
  * 2022-01-17: CI: remove fedora 33 based testing
  * 2022-01-14: Terminate all tcpsrv threads properly
  * 2022-01-04: Move timezone specific variables to rsconf
  * 2022-01-13: Fixes #4395 by correctly checking for EPIPE.
  * 2022-01-12: Move rsyslog global parameters to rsconf_t struct
  * 2022-01-12: cleanup: remove unused variable
  * 2022-01-07: CI: cleanup journal test environment
  * 2022-01-06: CI: remove unnecessary dependency
  * 2022-01-05: Update omlibdbi.c
  * 2022-01-05: omhttp: Fix memory leak in lokirest batchmode
  * 2021-12-15: Clarify meaning of loadConf and RunConf
- Upgrade to rsyslog 8.2112.0
  * 2021-12-14: refactor:Deallocate outchannel resources in rsconf destructor
  * 2021-12-14: refactor: use runConf instead of loadConf in ratelimiting during runtime
  * 2021-11-22: new contribtion: URL parser module function using libfa
  * 2021-11-18: mmanon: relax IPv6 detection - improve anonymization
  * 2021-11-10: ruleset bugfix: ruleset queue was incorrectly named
  * 2021-11-10: omsnmp: update module to current IP best practices
  * 2021-10-27: ommysql: fix threading bug
  * 2021-10-25: testbench: false positive when impstats was not built
  * 2021-10-25: imtcp: add support for permittedPeers setting at input() level
  * 2021-10-25: testbench: add test for legacy permittedPeer statement
  - replaces 0001-testbench-add-test-for-legacy-permittedPeer-statemen.patch
- Upgrade to rsyslog 8.2110.0:
  * 2021-10-13: PrivDropToUser: fix abortOnIDResolutionFail handling #2
  * 2021-10-12: PrivDropToUser: fix abortOnIDResolutionFail handling
  * 2021-09-17: rscript fix: ruleset called async when ruleset had queue.type="direct"
  * 2021-10-07: tcpsrv: fix compilation without exceptions
  * 2021-09-29: build issue: handle undefined MAXPATHLEN, PATH_MAX
  * 2021-10-06: Fix typo in error message.
  * 2021-09-21: mmkubernetes bugfix: no connection retry to kubernetes APP
  * 2021-09-13: use correct api for es 6 and later
  * 2021-09-20: openssl: Correct gnutlsPriorityString (custom ciphers) behaviour
  * 2021-09-20: ksi bugfix: locking bug fixed in rsksiCtxOpenFile
  * 2021-09-13: Fix ElasticSearch Test broken by ES incompatibility
  * 2020-11-21: imhttp updates - query parameter ingestion & basic auth support
  * 2021-09-08: openssl: extended output information on connection failure
  * 2021-09-02: queue: Add NULL check in qDeqLinkedList
  - replaces 0001-queue-Add-NULL-check-in-qDeqLinkedList.patch
  * 2021-09-06: core bugfix: use of property $wday terminates string
  * 2021-09-02: gnutls: Propagate PrioritizeSAN when accepting a new connection
  * 2021-08-24: ratelimit: fix rate limiting for already parsed messages
  * 2021-08-23: config: implement script-equavalent for $PrivDrop* statements
- Upgrade to rsyslog 8.2108.0:
  * 2021-08-16: openssl tls: Improved error message output on tls failures.
  * 2021-07-01: imfile add `ignoreolderthanoption`
  * 2021-08-10: imklog: fix invalid memory adressing, could cause abort
  * 2021-08-09: omelasticsearch: fix incorrect mutex error handling regression
  * 2021-08-09: imfile bugfix: hash char invalidly added in readmode != 0
  * 2021-08-08: imudp: add socket type (IPv4 vs. 6) to input name
  * 2021-07-13: fixing the deleteStateOnFileDelete option
  - replaces 0001-fixing-the-deleteStateOnFileDelete-option.patch
  * 2021-07-07: CI: add test for imtcp not correctly starting up and a Solaris fix
  * 2021-08-05: omfwd: add capability for action-specific TLS certificate settings
  * 2021-07-01: imtcp: permit to use different certificate files per input/action
  * 2021-08-04: debug support: add indication of "being HUPed" to debug log
  * 2021-08-04: imptcp bugfix: keep alive interval was incorrectly set
  * 2021-07-22: Close file descriptor when freshStartTail is turned on
  * 2021-07-22: [omelasticsearch] Improve errorFile mutex handling
  * 2021-07-08: openssl network driver bugfix: small memory leak
  * 2021-07-07: tcpsrv bugfix: abort if no listener could be started
  * 2021-07-01: tcp subsystem: fix cosmetic memory leak on shutdown
  * 2021-07-01: fix typo in error message
  * 2021-06-30: OMMONGODB :: Fixes
  * 2021-06-29: mmkubernetes fix for apiserver error handling
  * 2021-06-21: omkafka updates
  * 2021-06-22: percentile module to track percentile metrics via impstats
  * 2021-06-17: CI: disable Travis CI for the time being
  * 2021-04-15: omhttp: Fix dynrestpath param in batch mode
  * 2021-06-14: add predefined template RSYSLOG_SyslogRFC5424Format
  * 2021-06-10: bugfix: _sender_stats reports integer counter as string

- fix removal of imfile state files (bsc#1213212)
  * add 0001-fixing-the-deleteStateOnFileDelete-option.patch
samba
- Fix DFS not working with widelinks enabled; (bsc#1213607);
  (bso#15435);

- Move libcluster-samba4.so from samba-libs to samba-client-libs;
  (bsc#1213940);

- net ads lookup with unspecified realm fails; (bso#15384);
  (bsc#1213826);
000release-packages:sle-module-basesystem-release
n/a
000release-packages:sle-module-containers-release
n/a
000release-packages:sle-module-public-cloud-release
n/a
000release-packages:sle-module-server-applications-release
n/a
000release-packages:SLES-release
n/a
supportutils-plugin-suse-public-cloud
- Update to version 1.0.8 (bsc#1213951)
  + Capture CSP billing adapter config and log (issue#13)
  + Accept upper case Amazon string in DMI table (issue#12)
sysuser-tools
- Remove all systemd requires, not supported on SLE15 [bsc#1214140]

- Version 3.2
- update sysusers_requires to request sysuser-shadow 3.2
- Use TAB consistently for indention in sysusers2shadow.sh
- This pkg needs to follow behavior which is described in sysusers.d(5).
  Always create a system group of the same name as the system user,
  even if the user already exists. (bsc#1205161, bsc#1207778, bsc#1213240)

- Add "quilt setup" friendly hint to %sysusers_requires usage
  It is not required to have sysuser-tools installed when working
  with a pkg source which uses sysuser-tools at build time.

- Use append so if a pre file already exists it isn't overridden

- invoke bash for bash scripts (bsc#1195391)
vim
- Use app icon generated from vimlogo.eps in source tarball; add
  higher res icons of sizes 128, 256, and 512px as png sources.
  Our current icons deviate from upstream flatpaks for example.
- Updated to version 9.0 with patch level 1632
- for the complete list of changes see
  https://github.com/vim/vim/compare/v9.0.1443...v9.0.1632

- Updated to version 9.0 with patch level 1572, fixes the following security problems
  * Fixing bsc#1210996 (CVE-2023-2426) - VUL-0: CVE-2023-2426: vim: Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499.
  * Fixing bsc#1211256 (CVE-2023-2609) - VUL-1: CVE-2023-2609: vim: NULL Pointer Dereference prior to 9.0.1531
  * Fixing bsc#1211257 (CVE-2023-2610) - VUL-1: CVE-2023-2610: vim: Integer Overflow or Wraparound prior to 9.0.1532
- for the complete list of changes see
  https://github.com/vim/vim/compare/v9.0.1443...v9.0.1572

- Fixing bsc#1211461 - L3: vim "eats" first character from prompt in xterm
  * Add: reorder-exit-raw-mode.patch
  * Swaps out_str_t_TE() and cursor_on() during exit to prevent missing characters in xterm prompt on exit.
xen
- bsc#1212684 - xentop fails with long interface name
  64d33a57-libxenstat-Linux-nul-terminate-string.patch

- Update to Xen 4.17.2 bug fix release (bsc#1027519)
  xen-4.17.2-testing-src.tar.bz2
  * No upstream changelog found in sources or webpage
- bsc#1214082 - VUL-0: CVE-2023-20569: xen: x86/AMD: Speculative
  Return Stack Overflow (XSA-434)
- bsc#1214083 - VUL-0: CVE-2022-40982: xen: x86/Intel: Gather Data
  Sampling (XSA-435)
- Dropped patches contained in new tarball
  64525c61-tools-libs-guest-assist-gcc13s-realloc-analyzer.patch
  645dec48-AMD-IOMMU-assert-boolean-enum.patch
  64639e84-amd-fix-legacy-setting-of-SSBD-on-AMD-Family-17h.patch
  646b782b-PCI-pci_get_pdev-respect-segment.patch
  647dfb0e-x86-missing-unlock-in-microcode_update_helper.patch
  648863fc-AMD-IOMMU-Invalidate-All-check.patch
  64bea1b2-x86-AMD-Zenbleed.patch

- Handle potential off-by-one errors in libxc-sr-xg_sr_bitmap.patch
  A bit is an index in bitmap, while bits is the allocated size
  of the bitmap.

- Add more debug to libxc-sr-track-migration-time.patch
  This is supposed to help with doing the math in case xl restore
  fails with ERANGE as reported in bug#1209311

- bsc#1213616 - VUL-0: CVE-2023-20593: xen: x86/AMD: Zenbleed
  (XSA-433)
  64bea1b2-x86-AMD-Zenbleed.patch

- Upstream bug fixes (bsc#1027519)
  645dec48-AMD-IOMMU-assert-boolean-enum.patch
  646b782b-PCI-pci_get_pdev-respect-segment.patch
  647dfb0e-x86-missing-unlock-in-microcode_update_helper.patch
  648863fc-AMD-IOMMU-Invalidate-All-check.patch
zypper
- Changed location of bash-complication (bsc#1213854).
  This changes the location of zypper.sh bash completion script
  from /usr/share/bash-completion/completions/.
- version 1.14.63

- man: revised explanation of --force-resolution (bsc#1213557)
  Point out that the option not only allows to remove packages but
  may also violate any other active policy if there is no other way
  to resolve the job.
- Print summary hint if policies were violated due to
  - -force-resolution (bsc#1213557)
- BuildRequires:  libzypp-devel >= 17.31.16 (for zypp-tui)
- version 1.14.62