Packages changed:
  SDL2 (2.30.7 -> 2.30.8)
  apparmor (4.0.2 -> 4.0.3)
  autoyast2 (5.0.2 -> 5.0.3)
  branding-openSUSE
  glibc
  grub2
  libapparmor (4.0.2 -> 4.0.3)
  libarchive (3.7.4 -> 3.7.6)
  mozjs115
  openSUSE-release (20241001 -> 20241002)
  opensc
  python-PyYAML (6.0.1 -> 6.0.2)
  systemd-presets-common-SUSE
  virtualbox
  virtualbox-kmp
  yast2 (5.0.9 -> 5.0.10)
  yast2-iscsi-client (5.0.2 -> 5.0.3)
  yast2-security (5.0.1 -> 5.0.2)
  yast2-users (5.0.2 -> 5.0.3)

=== Details ===

==== SDL2 ====
Version update (2.30.7 -> 2.30.8)

- Update to release 2.30.8
  * Fixed a crash in XInput code at startup
  * Fixed flooding the OS with I/O when a PS4/PS5 controller is
    disconnected
  * Added SDL_VIDEO_DOUBLE_BUFFER support to the Wayland backend
  * SDL_WINDOWEVENT_EXPOSED is sent appropriately when using
    Wayland
  * Fixed hang at startup in audio code when the application has
    large stack usage on Linux
  * Fixed initializing KMSDRM on older Linux systems

==== apparmor ====
Version update (4.0.2 -> 4.0.3)
Subpackages: apparmor-abstractions apparmor-docs apparmor-parser apparmor-parser-lang apparmor-profiles apparmor-utils apparmor-utils-lang python3-apparmor

- add mesa-cachedir.diff: new cachedir in Mesa 24.2.2
- update to AppArmor 4.0.3
  - several small bugfixes
  - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_4.0.3
    for the full release notes

==== autoyast2 ====
Version update (5.0.2 -> 5.0.3)
Subpackages: autoyast2-installation

- Removed obsolete USERADD_CMD, USERDEL_PRECMD, USERDEL_POSTCMD
  (bsc#1231006)
- 5.0.3

==== branding-openSUSE ====
Subpackages: grub2-branding-openSUSE libreoffice-branding-openSUSE plymouth-branding-openSUSE wallpaper-branding-openSUSE yast2-qt-branding-openSUSE

- Install the grub2 branding if grub2-common is present

==== glibc ====
Subpackages: glibc-32bit glibc-devel glibc-extra glibc-gconv-modules-extra glibc-gconv-modules-extra-32bit glibc-lang glibc-locale glibc-locale-base nscd

- langpacks are no more used. Drop glibc-2.3.90-langpackdir.diff.
- gen-tempname-randomness.patch: Fix missing randomness in __gen_tempname
  (bsc#1230965, BZ #32214)
- Use nss-systemd by default also in SLE (bsc#1230638)

==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-xen

- Introduces a new package, grub2-x86_64-efi-bls, which includes a
  straightforward grubbls.efi file. This file can be copied to the EFI System
  Partition (ESP) along with boot fragments in the Boot Loader Specification
  (BLS) format
  * 0001-Streamline-BLS-and-improve-PCR-stability.patch
- Fix crash in bli module (bsc#1226497)
  * 0001-bli-Fix-crash-in-get_part_uuid.patch
- Rework package dependencies: grub2-common now includes common userland
  utilities and is required by grub2 platform packages. grub2 is now a meta
  package that pulls in the default platform package.

==== libapparmor ====
Version update (4.0.2 -> 4.0.3)

- add mesa-cachedir.diff: new cachedir in Mesa 24.2.2
- update to AppArmor 4.0.3
  - several small bugfixes
  - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_4.0.3
    for the full release notes

==== libarchive ====
Version update (3.7.4 -> 3.7.6)

- Update to 3.7.6:
  * tar: clean up linkpath between entries
  * tar: fix memory leaks when processing symlinks or parsing pax headers
  * iso: be more cautious about parsing ISO-9660 timestamps
- Version 3.7.5 changes:
  * fix multiple vulnerabilities identified by SAST
  * cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing
  * lzop: prevent integer overflow
  * rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696, bsc#1225971)
  * rar4: fix CVE-2024-26256 (CVE-2024-26256, bsc#1225972)
  * rar4: fix OOB in delta and audio filter
  * rar4: fix out of boundary access with large files
  * rar4: add boundary checks to rgb filter
  * rar4: fix OOB access with unicode filenames
  * rar5: clear 'data ready' cache on window buffer reallocs
  * rpm: calculate huge header sizes correctly
  * unzip: unify EOF handling
  * util: fix out of boundary access in mktemp functions
  * uu: stop processing if lines are too long
  * 7zip: fix issue when skipping first file in 7zip archive that is a multiple
    of 65536 bytes
  * ar: fix archive entries having no type
  * lha: do not allow negative file sizes
  * lha: fix integer truncation on 32-bit systems
  * shar: check strdup return value
  * rar5: don't try to read rediculously long names
  * xar: fix another infinite loop and expat error handling
  * many Windows fixes, cleanups and improvements
- Drop fix-soversion.patch, fix-bsdunzip-test.patch
  * Fixed upstream

==== mozjs115 ====

- Add mozjs115-CVE-2024-45492.patch:
  Backporting 9bf0f2c1 from libexpat upstream, Detect integer
  overflow in function nextScaffoldPart.
  (CVE-2024-45492, bsc#1230038)
- Add mozjs115-CVE-2024-45491.patch:
  Backporting 8e439a99 from libexpat upstream, Detect integer
  overflow in dtdCopy.
  (CVE-2024-45491, bsc#1230037)
- Add mozjs115-CVE-2024-45490-part01-5c1a3164.patch:
  Backporting 5c1a3164 from libexpat upstream, Reject negative len
  for XML_ParseBuffer.
  CVE-2024-45490's fixes including 3 parts: 5c1a3164 for libexpat
  sources; c12f039b for libexpat tests; 2db23301 for libexpat docs;
  Because mozjs only embeds libexpat sources, so unnecessary to
  port prart02 and part03.
  (CVE-2024-45490, bsc#1230036)

==== openSUSE-release ====
Version update (20241001 -> 20241002)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd

- automatically generated by openSUSE-release-tools/pkglistgen

==== opensc ====
Subpackages: opensc-bash-completion

- - Security fix: [CVE-2024-8443, bsc#1230364]
  * opensc: heap buffer overflow in OpenPGP driver when generating key
  * Added patch: opensc-CVE-2024-8443.patch
- Security fix: [opensc-CVE-2024-45620, bsc#1230076]
- Security fix: [opensc-CVE-2024-45619, bsc#1230075]
- Security fix: [opensc-CVE-2024-45618, bsc#1230074]
- Security fix: [opensc-CVE-2024-45617, bsc#1230073]
- Security fix: [opensc-CVE-2024-45616, bsc#1230072]
- Security fix: [opensc-CVE-2024-45615, bsc#1230071]
  * opensc: pkcs15init: Usage of uninitialized values in libopensc and pkcs15init
  * opensc: Uninitialized values after incorrect check or usage of APDU response values in libopensc
  * opensc: Uninitialized values after incorrect or missing checking return values of functions in libopensc
  * opensc: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init
  * opensc: Incorrect handling length of buffers or files in libopensc
  * opensc: Incorrect handling of the length of buffers or files in pkcs15init
  * Added patches:
  - opensc-CVE-2024-45615.patch
  - opensc-CVE-2024-45616.patch
  - opensc-CVE-2024-45617.patch
  - opensc-CVE-2024-45618.patch
  - opensc-CVE-2024-45619.patch
  - opensc-CVE-2024-45620.patch

==== python-PyYAML ====
Version update (6.0.1 -> 6.0.2)

- Update to 6.0.2
  * Support for Cython 3.x and Python 3.13
- Adjust invocation path for testsuite
- Adjust upstream source name in spec file
- Drop build-with-cython3.patch, merged upstream

==== systemd-presets-common-SUSE ====

- Enable audit-rules: audit-rules has been split form audit with
  version 4.0 in order to be able to load rules earlier.
  From audit changelog: One of the main features is the separation
  of loading rules and logging events into separate services,
  audit-rules.service and auditd.service.

==== virtualbox ====

- Edit cxx17.patch to make the Extension Pack work with our
  compiler flags and RT_NOEXCEPT choices. [boo#1231225]
- Set BuildRequire on glslang to 11.5; this is when it starts to
  recognize GL_EXT_spirv_intrinsics.

==== virtualbox-kmp ====

- Edit cxx17.patch to make the Extension Pack work with our
  compiler flags and RT_NOEXCEPT choices. [boo#1231225]
- Set BuildRequire on glslang to 11.5; this is when it starts to
  recognize GL_EXT_spirv_intrinsics.

==== yast2 ====
Version update (5.0.9 -> 5.0.10)
Subpackages: yast2-logs

- Removed obsolete USERADD_CMD, USERDEL_PRECMD, USERDEL_POSTCMD,
  GROUPADD_CMD (bsc#1231006)
- 5.0.10

==== yast2-iscsi-client ====
Version update (5.0.2 -> 5.0.3)

- Fixes for bsc#1228084:
  - Inst client: Read sessions just after auto login in order to
    enable services at the end of the installation if needed
  - Finish client: enable iscsiuio.service instead of the socket
- Use ip for reading the ip address of a given device instead of
  the deprecated ifconfig command
- 5.0.3

==== yast2-security ====
Version update (5.0.1 -> 5.0.2)

- Drop obsolete USERADD_CMD, USERDEL_PRECMD, USERDEL_POSTCMD in
  /etc/login.defs.d/70-yast.defs (bsc#1231006)
- 5.0.2

==== yast2-users ====
Version update (5.0.2 -> 5.0.3)

- Removed obsolete USERADD_CMD, USERDEL_PRECMD, USERDEL_POSTCMD,
  GROUPADD_CMD (bsc#1231006)
- 5.0.3