Packages changed:
  Mesa
  Mesa-drivers
  calligra
  cryptsetup (2.4.1 -> 2.4.3)
  dhcp
  exim
  fdk-aac-free
  ffmpeg-4
  gstreamer-plugins-rs
  kernel-source (5.16.0 -> 5.16.1)
  libfido2
  libndp (1.7 -> 1.8)
  librdkafka (1.8.0 -> 1.8.2)
  libreoffice
  libsmi
  openSUSE-build-key
  perl-MRO-Compat (0.13 -> 0.15)
  pipewire
  python-pyudev (0.22.0 -> 0.22.0+git.1642212208.d5630bf)
  ristretto (0.12.1 -> 0.12.2)
  simple-scan
  sqlite3 (3.37.1 -> 3.37.2)
  yast2-bootloader (4.4.11 -> 4.4.13)
  yast2-trans (84.87.20220109.a8187edd75 -> 84.87.20220116.6b981cb0d7)

=== Details ===

==== Mesa ====
Subpackages: Mesa-dri-devel Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1

- using memory-constraints on ppc64 for trying to avoid OOM during
  build (boo#1194739)

==== Mesa-drivers ====
Subpackages: Mesa-dri Mesa-gallium Mesa-libva libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libvulkan_intel libvulkan_radeon libxatracker2

- using memory-constraints on ppc64 for trying to avoid OOM during
  build (boo#1194739)

==== calligra ====

- Add Set-CXX_STANDARD-to-17.patch to set language standard to
  C++17, poppler 22.01.0 needs that
- Add Fix-some-more-warnings.patch to fix build failures with C++17

==== cryptsetup ====
Version update (2.4.1 -> 2.4.3)
Subpackages: cryptsetup-lang libcryptsetup12 libcryptsetup12-32bit libcryptsetup12-hmac

- cryptsetup 2.4.3:
  * Fix possible attacks against data confidentiality through
    LUKS2 online reencryption extension crash recovery
    CVE-2021-4122, boo#1194469
  * Add configure option --disable-luks2-reencryption to completely
    disable LUKS2 reencryption code.
  * Improve internal metadata validation code for reencryption
    metadata
  * Add updated documentation for LUKS2 On-Disk Format
    Specification version 1.1.0
  * Fix support for bitlk (BitLocker compatible) startup key with
    new  metadata entry introduced in Windows 11
  * Fix space restriction for LUKS2 reencryption with data shift
- cryptsetup 2.4.2:
  * Fix possible large memory allocation if LUKS2 header size is
    invalid.
  * Fix memory corruption in debug message printing LUKS2
    checksum.
  * veritysetup: remove link to the UUID library for the static
    build.
  * Remove link to pwquality library for integritysetup and
    veritysetup. These tools do not read passphrases.
  * OpenSSL3 backend: avoid remaining deprecated calls in API.
    Crypto backend no longer use API deprecated in OpenSSL 3.0
  * Check if kernel device-mapper create device failed in an early
    phase. This happens when a concurrent creation of device-mapper
    devices meets in the very early state.
  * Do not set compiler optimization flag for Argon2 KDF if the
    memory wipe is implemented in libc.
  * Do not attempt to unload LUKS2 tokens if external tokens are
    disabled. This allows building a static binary with
  - -disable-external-tokens.
  * LUKS convert: also check sysfs for device activity.
    If udev symlink is missing, code fallbacks to sysfs scan to
    prevent data corruption for the active device.

==== dhcp ====
Subpackages: dhcp-client dhcp-doc dhcp-relay dhcp-server

- Drop PrivateDevices and ProtectClock hardenings. They clash with
  the chroot logic (bsc#1194722)
- Add now working CONFIG parameter to sysusers generator

==== exim ====

- disable ProtectHome=, it prevents local delivery (bsc#1194810)

==== fdk-aac-free ====

- Add baselibs.conf file since pipewire uses it and fdk-aac-free
  is a dependency.

==== ffmpeg-4 ====
Subpackages: libavcodec58_134 libavdevice58_13 libavfilter7_110 libavformat58_76 libavresample4_0 libavutil56_70 libpostproc55_9 libswresample3_9 libswscale5_9

- Add ffmpeg-chromium.patch: makes packaging Chromium easier and
  will allow for an easier migration for Chromium to FFmpeg 5

==== gstreamer-plugins-rs ====

- Add a BuildRequires: pkgconfig(libwebp) to fix loading
  libgstrswebp.so which was failing with an `undefined symbol:
  WebPAnimDecoderDelete` error.

==== kernel-source ====
Version update (5.16.0 -> 5.16.1)
Subpackages: kernel-default kernel-docs

- Linux 5.16.1 (bsc#1012628).
- workqueue: Fix unbind_workers() VS wq_worker_running() race
  (bsc#1012628).
- workqueue: Fix unbind_workers() VS wq_worker_sleeping() race
  (bsc#1012628).
- staging: r8188eu: switch the led off during deinit
  (bsc#1012628).
- bpf: Fix out of bounds access from invalid *_or_null type
  verification (bsc#1012628).
- Bluetooth: btusb: Add one more Bluetooth part for the Realtek
  RTL8852AE (bsc#1012628).
- Bluetooth: btusb: Fix application of sizeof to pointer
  (bsc#1012628).
- Bluetooth: btusb: fix memory leak in
  btusb_mtk_submit_wmt_recv_urb() (bsc#1012628).
- Bluetooth: btusb: enable Mediatek to support AOSP extension
  (bsc#1012628).
- Bluetooth: btusb: Add the new support IDs for WCN6855
  (bsc#1012628).
- Bluetooth: btusb: Add one more Bluetooth part for WCN6855
  (bsc#1012628).
- Bluetooth: btusb: Add two more Bluetooth parts for WCN6855
  (bsc#1012628).
- Bluetooth: btusb: Add support for Foxconn MT7922A (bsc#1012628).
- Bluetooth: btintel: Fix broken LED quirk for legacy ROM devices
  (bsc#1012628).
- Bluetooth: btusb: Add support for Foxconn QCA 0xe0d0
  (bsc#1012628).
- Bluetooth: bfusb: fix division by zero in send path
  (bsc#1012628).
- ARM: dts: exynos: Fix BCM4330 Bluetooth reset polarity in I9100
  (bsc#1012628).
- USB: core: Fix bug in resuming hub's handling of wakeup requests
  (bsc#1012628).
- USB: Fix "slab-out-of-bounds Write" bug in
  usb_hcd_poll_rh_status (bsc#1012628).
- ath11k: Fix buffer overflow when scanning with extraie
  (bsc#1012628).
- mmc: sdhci-pci: Add PCI ID for Intel ADL (bsc#1012628).
- Bluetooth: add quirk disabling LE Read Transmit Power
  (bsc#1012628).
- Bluetooth: btbcm: disable read tx power for some Macs with
  the T2 Security chip (bsc#1012628).
- Bluetooth: btbcm: disable read tx power for MacBook Air 8,1
  and 8,2 (bsc#1012628).
- veth: Do not record rx queue hint in veth_xmit (bsc#1012628).
- mfd: intel-lpss: Fix too early PM enablement in the ACPI
  - >probe() (bsc#1012628).
- mfd: intel-lpss-pci: Fix clock speed for 38a8 UART
  (bsc#1012628).
- can: gs_usb: fix use of uninitialized variable, detach device
  on reception of invalid USB data (bsc#1012628).
- can: isotp: convert struct tpcon::{idx,len} to unsigned int
  (bsc#1012628).
- can: gs_usb: gs_can_start_xmit(): zero-initialize
  hf->{flags,reserved} (bsc#1012628).
- random: fix data race on crng_node_pool (bsc#1012628).
- random: fix data race on crng init time (bsc#1012628).
- platform/x86/intel: hid: add quirk to support Surface Go 3
  (bsc#1012628).
- drm/i915: Avoid bitwise vs logical OR warning in
  snb_wm_latency_quirk() (bsc#1012628).
- staging: greybus: fix stack size warning with UBSAN
  (bsc#1012628).
- parisc: Fix pdc_toc_pim_11 and pdc_toc_pim_20 definitions
  (bsc#1012628).
  Disabled:
  patches.suse/Bluetooth-Apply-initial-command-workaround-for-more-.patch
  as it conflicts with 95655456e7ce. Asked in bsc#1193124.
- commit 13f032a
- Update patches.suse/vfs-add-super_operations-get_inode_dev
  Copy an updated version from SLE15-SP4 with one minor refresh.
- commit c02e2ab
- Refresh
  patches.suse/0001-usb-Add-Xen-pvUSB-protocol-description.patch.
- Refresh
  patches.suse/0002-usb-Introduce-Xen-pvUSB-frontend-xen-hcd.patch.
- commit 8950040
- update patches metadata
- update upstream references
  - patches.suse/media-Revert-media-uvcvideo-Set-unique-vdev-name-bas.patch
  - patches.suse/mwifiex-Fix-skb_over_panic-in-mwifiex_usb_recv.patch
  - patches.suse/random-fix-crash-on-multiple-early-calls-to-add_bootloader_randomness.patch
- commit 949bbaa

==== libfido2 ====

- Use BuildRequires: openssl-devel instead of forcing 1.1 since 3.x
  is now supported.

==== libndp ====
Version update (1.7 -> 1.8)

- update to 1.8:
  * libndp,ndptool: use poll() instead of select()
  * ndptool: avoid static buffer for string in ndptool
  * libndp: avoid static buffer for debug string in ndp_sock_recv()
  * libndp: use thread local variables for static return arguments
  * ndptool: fix printing dnssl lifetime in ndptool
  * ndptool: fix potential memory leak caused by strdup
  * libndp: close sockfd after using to avoid handle leak

==== librdkafka ====
Version update (1.8.0 -> 1.8.2)

- update to 1.8.2:
  * Added ssl.ca.pem to add CA certificate by PEM string
  * Upon quick repeated leader changes the transactional producer could receive
    an OUT_OF_ORDER_SEQUENCE error from the broker
  * The transactional producer could stall during a transaction if the transaction
    coordinator changed

==== libreoffice ====
Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-en_GB libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-pt_BR libreoffice-l10n-ru libreoffice-l10n-zh_CN libreoffice-l10n-zh_TW libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit

- Fix bsc#1183308: LO-L3: Simple, seven page slide deck of 3.7MB takes
  looong to open, start presentation mode, or move back to slide 1
  * bsc1183308.patch

==== libsmi ====
Subpackages: libsmi2

- spec file cleanup

==== openSUSE-build-key ====

- refresh the openSUSE Backports key (bsc#1193092)
  - gpg-pubkey-65176565-59787af5.asc
  + gpg-pubkey-65176565-61a0ee8f.asc
- removed old security key
- updated security key to 2020 version

==== perl-MRO-Compat ====
Version update (0.13 -> 0.15)

- updated to 0.15
  see /usr/share/doc/packages/perl-MRO-Compat/Changes
  0.15 - 2022-01-06
  - fix function prototypes to match core functions
  0.14_01 - 2020-11-16
  - optimize pure perl DFS inheritance calculation on perl 5.8
  - pod formatting fix

==== pipewire ====
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-lang pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools

- Add several more patches from upstream
- BlueZ may be missing adapter information for devices in some cases.
  Ignore devices without specified adapter:
  * 0001-bluez5-dont-create-device-if-adapter-is-missing.patch
- Fix a case when pipewwire could never call callbacks or even
  block forever when loop is not running:
  * 0001-loop-invoke-immediately-when-loop-is-not-running.patch
- Reconfigure when monitor changes
  * 0001-merger-also-reconfigure-when-monitor-changes.patch
- Handle NULL props from metadata object
  * 0001-pw-metadata-handle-NULL-props-from-metadata-object.patch
- Improve rate selection so we don't select an invalid rate when
  the default is set or the card is already opened in an
  unsupported rate:
  * 0001-alsa-improve-rate-selection.patch
- Add several patches from upstream
- Avoid an infinite loop when enumerating params of the converter:
  * 0001-audioconvert-avoid-infinite-loop.patch
- When the device or adapter is NULL, skip the quirk checks instead
  of crashing:
  * 0001-bluez5-handle-missing-device-and-adapter-in-quirks.patch
- Remember the last returned value from jack_get_buffer_size and
  only emit a buffersize change event when something new is
  configured. This fixes startup of jconvolver.
  * 0001-jack-remember-last-return-from-jack_get_buffer_size.patch
- Better emulation of pulseaudio which shows monitor sources with
  device.class=monitor so now pipewire does that too:
  * 0001-pulse-server-show-monitor-sources-with-device_class_monitor.patch
- Fix an errno check:
  * 0001-raop-fix-errno-check.patch
- Added more baselibs packages and their dependencies

==== python-pyudev ====
Version update (0.22.0 -> 0.22.0+git.1642212208.d5630bf)

- Update to version 0.22.0+git.1642212208.d5630bf (bsc#1194613):
  * Remove another flakey test
  * Remove all traces of tox
  * Update next Fedora to 35
  * Delete a test which is probably flakey for real
  * Bump recommended development environment to fedora 34
  * Use yamllint on all the configuration files
  * Add annotations to GitHub workflows
  * No longer use --recursive for isort
  * Update formatting for new black
  * Establish a weekly task for future fedora
- Remove upstreamed patches:
  - remove_mock.patch

==== ristretto ====
Version update (0.12.1 -> 0.12.2)
Subpackages: ristretto-lang

- Update to version 0.12.2
  * Add support for shared thumbnail repositories
    (gxo#apps/ristretto#82)
  * Add thumbnail flavor support (gxo#apps/ristretto#81)
  * Use TreeModel IFace to walk the image list
  * Add index and list link to RsttoImageListIter
  * Switch to GQueue in RsttoImageList
  * Cleanup and simplifications around thumbnail size
  * Redistribute thumbnail sizes uniformly
  * Disable debug checks in release mode
  * Remove unused APIs in RsttoImageList
  * Fix and complete file change monitoring
  * Thumbnailer: Rework queue management
  * Thumbnailer: Properly set the number of visible items
  * Take the device scale into account to limit rendering quality
  * Avoid multi-threading issue with X11 (gxo#apps/ristretto#76)
  * Translation Updates

==== simple-scan ====
Subpackages: simple-scan-lang

- Add 200.patch: Fix accessibility conflict of constant and its
  value. Fixes build with vala 0.55.x.

==== sqlite3 ====
Version update (3.37.1 -> 3.37.2)

- update to 3.37.2:
  * Fix a bug introduced in version 3.35.0 (2021-03-12) that can
    cause database corruption if a SAVEPOINT is rolled back while
    in PRAGMA temp_store=MEMORY mode, and other changes are made,
    and then the outer transaction commits
  * Fix a long-standing problem with ON DELETE CASCADE and ON
    UPDATE CASCADE in which a cache of the bytecode used to
    implement the cascading change was not being reset following a
    local DDL change

==== yast2-bootloader ====
Version update (4.4.11 -> 4.4.13)

- Autoyast: add support for password protection (jsc#SLE-20928)
- 4.4.13
- Add support for powerpc secure boot (bsc#1192764 jsc#SLE-18271).
- 4.4.12

==== yast2-trans ====
Version update (84.87.20220109.a8187edd75 -> 84.87.20220116.6b981cb0d7)
Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu

- Update to version 84.87.20220116.6b981cb0d7:
  * Translated using Weblate (Ukrainian)
  * Translated using Weblate (Russian)
  * Translated using Weblate (Italian)
  * Translated using Weblate (Italian)
  * Translated using Weblate (Italian)
  * New POT for text domain 'autoinst'.
  * Translated using Weblate (Italian)
  * Translated using Weblate (Italian)
  * New POT for text domain 'packager'.
  * New POT for text domain 'dhcp-server'.
  * Translated using Weblate (Slovak)
  * Translated using Weblate (Dutch)
  * Translated using Weblate (Japanese)
  * Translated using Weblate (Catalan)
  * New POT for text domain 'storage'.
  * New POT for text domain 'packager'.
  * New POT for text domain 'installation'.
  * New POT for text domain 'bootloader'.
  * New POT for text domain 'base'.
  * Translated using Weblate (Indonesian)
  * Translated using Weblate (Indonesian)
  * Translated using Weblate (Slovak)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Catalan)