Packages changed:
  apache2-mod_php8 (8.3.11 -> 8.3.12)
  atftp
  flashrom (1.3.0 -> 1.4.0)
  libnetfilter_conntrack (1.0.9 -> 1.1.0)
  libopenmpt (0.7.9 -> 0.7.10)
  libreoffice (24.8.1.2 -> 24.8.2.1)
  mariadb
  openSUSE-release (20240927 -> 20240929)
  perl-IO-Socket-SSL (2.88.0 -> 2.89.0)
  php8 (8.3.11 -> 8.3.12)
  python-greenlet (3.1.0 -> 3.1.1)
  ruby-common
  subversion
  tigervnc

=== Details ===

==== apache2-mod_php8 ====
Version update (8.3.11 -> 8.3.12)

- Add /srv/www directories to filelist [bsc#1231027]
- version update to 8.3.12
    CGI:
    Fixed bug GHSA-p99j-rfp4-xqvq (Bypass of CVE-2024-4577, Parameter Injection Vulnerability). (CVE-2024-8926)
    Fixed bug GHSA-94p6-54jq-9mwp (cgi.force_redirect configuration is bypassable due to the environment variable collision). (CVE-2024-8927)
    Core:
    Fixed bug GH-15408 (MSan false-positve on zend_max_execution_timer).
    Fixed bug GH-15515 (Configure error grep illegal option q).
    Fixed bug GH-15514 (Configure error: genif.sh: syntax error).
    Fixed bug GH-15565 (--disable-ipv6 during compilation produces error EAI_SYSTEM not found).
    Fixed bug GH-15587 (CRC32 API build error on arm 32-bit).
    Fixed bug GH-15330 (Do not scan generator frames more than once).
    Fixed uninitialized lineno in constant AST of internal enums.
    Curl:
    Fixed bug GH-15547 (curl_multi_select overflow on timeout argument).
    DOM:
    Fixed bug GH-15551 (Segmentation fault (access null pointer) in ext/dom/xml_common.h).
    Fixed bug GH-15654 (Signed integer overflow in ext/dom/nodelist.c).
    Fileinfo:
    Fixed bug GH-15752 (Incorrect error message for finfo_file with an empty filename argument).
    FPM:
    Fixed bug GHSA-865w-9rf3-2wh5 (Logs from childrens may be altered). (CVE-2024-9026)
    MySQLnd:
    Fixed bug GH-15432 (Heap corruption when querying a vector).
    Opcache:
    Fixed bug GH-15661 (Access null pointer in Zend/Optimizer/zend_inference.c).
    Fixed bug GH-15658 (Segmentation fault in Zend/zend_vm_execute.h).
    SAPI:
    Fixed bug GHSA-9pqp-7h25-4f32 (Erroneous parsing of multipart form data). (CVE-2024-8925)
    Standard:
    Fixed bug GH-15552 (Signed integer overflow in ext/standard/scanf.c).
    Streams:
    Fixed bug GH-15628 (php_stream_memory_get_buffer() not zero-terminated).

==== atftp ====

- Delete /usr/sbin/rc* symlink & specfile housekeeping
- Make atftpd.socket listen on AF_INET6 as well
- Deactivate FORTIFY_SOURCE for the time being due to a glibc bug

==== flashrom ====
Version update (1.3.0 -> 1.4.0)

- Add doc and bash-completion subpackages
- Update to 1.4.0:
  - Full changelog: https://www.flashrom.org/release_notes/v_1_4.html

==== libnetfilter_conntrack ====
Version update (1.0.9 -> 1.1.0)

- Update to release 1.1.0
  * Enhancements for filtering dump and flush commands, see
    struct nfct_filter_dump and nfct_nlmsg_build_filter().
  * ctnetlink event BPF fixes (endianness issue, IPv6 matching)
    and enhancements (zone matching).

==== libopenmpt ====
Version update (0.7.9 -> 0.7.10)

- Update to 0.7.10:
  * [Change] FST was added to the list of supported file extension.
    AMP uses this extension for multichannel MODs.
  * [Bug] The Android NDK build system did not enable C++20 when
    available.
  * Fixed inconsistency in length calculation and actual playback
    length with tempo commands below 32 BPM in various formats
    (MDL, MED among others).
  * MED: Command 09 (set speed) was limited to 20 ticks per row
    instead of 32 ticks per row.
  * MED: Allow tempo parameters < 32 BPM.
  * MED: Disallow free panning if hardware mixing is enabled.
  * For MOD-style vibrato, a speed parameter of 0 was not treated
    as effect memory. Vibrato speed is now correct for both vibrato
    commands.
  * MED: Fix pattern index exhaustion in modules with multiple
    subsongs.
  * OKT: Don't drop global commands when setting paired channel
    volume, and try to write channel volume on the next row in this
    situation.
  * PTM: Use square root pan law, like in XM files.
  * SFX: Ignore unused data at end of oneshot samples which
    sometimes caused clicky noises.
  * SFX: More accurate implementation of arpeggio effect.

==== libreoffice ====
Version update (24.8.1.2 -> 24.8.2.1)
Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-en_GB libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-pt_BR libreoffice-l10n-ru libreoffice-l10n-zh_CN libreoffice-l10n-zh_TW libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-qt6 libreoffice-writer libreofficekit

- Update to 24.8.2.1 (24.8.2 final)
  * Release notes:
    https://wiki.documentfoundation.org/Releases/24.8.2/RC1
- Update bundled dependencies:
  * curl 8.9.1 -> 8.10.1
  * tiff 4.6.0t -> 4.7.0

==== mariadb ====
Subpackages: libmariadbd19 mariadb-client mariadb-errormessages

- Read defaults during mysql_upgrade to respect client configuration

==== openSUSE-release ====
Version update (20240927 -> 20240929)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd

- automatically generated by openSUSE-release-tools/pkglistgen

==== perl-IO-Socket-SSL ====
Version update (2.88.0 -> 2.89.0)

- updated to 2.89.0 (2.089)
  see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes
  2.089 2024/08/29
  - new option SSL_force_fingerprint to enforce fingerprint matching even if
    certificate validation would be successful without
  - document _get_ssl_object and _get_ctx_object for cases, where direct use of
    Net::SSLeay functions is needed

==== php8 ====
Version update (8.3.11 -> 8.3.12)
Subpackages: php8-ctype php8-dom php8-iconv php8-openssl php8-pdo php8-sqlite php8-tokenizer php8-xmlreader php8-xmlwriter

- Add /srv/www directories to filelist [bsc#1231027]
- version update to 8.3.12
    CGI:
    Fixed bug GHSA-p99j-rfp4-xqvq (Bypass of CVE-2024-4577, Parameter Injection Vulnerability). (CVE-2024-8926)
    Fixed bug GHSA-94p6-54jq-9mwp (cgi.force_redirect configuration is bypassable due to the environment variable collision). (CVE-2024-8927)
    Core:
    Fixed bug GH-15408 (MSan false-positve on zend_max_execution_timer).
    Fixed bug GH-15515 (Configure error grep illegal option q).
    Fixed bug GH-15514 (Configure error: genif.sh: syntax error).
    Fixed bug GH-15565 (--disable-ipv6 during compilation produces error EAI_SYSTEM not found).
    Fixed bug GH-15587 (CRC32 API build error on arm 32-bit).
    Fixed bug GH-15330 (Do not scan generator frames more than once).
    Fixed uninitialized lineno in constant AST of internal enums.
    Curl:
    Fixed bug GH-15547 (curl_multi_select overflow on timeout argument).
    DOM:
    Fixed bug GH-15551 (Segmentation fault (access null pointer) in ext/dom/xml_common.h).
    Fixed bug GH-15654 (Signed integer overflow in ext/dom/nodelist.c).
    Fileinfo:
    Fixed bug GH-15752 (Incorrect error message for finfo_file with an empty filename argument).
    FPM:
    Fixed bug GHSA-865w-9rf3-2wh5 (Logs from childrens may be altered). (CVE-2024-9026)
    MySQLnd:
    Fixed bug GH-15432 (Heap corruption when querying a vector).
    Opcache:
    Fixed bug GH-15661 (Access null pointer in Zend/Optimizer/zend_inference.c).
    Fixed bug GH-15658 (Segmentation fault in Zend/zend_vm_execute.h).
    SAPI:
    Fixed bug GHSA-9pqp-7h25-4f32 (Erroneous parsing of multipart form data). (CVE-2024-8925)
    Standard:
    Fixed bug GH-15552 (Signed integer overflow in ext/standard/scanf.c).
    Streams:
    Fixed bug GH-15628 (php_stream_memory_get_buffer() not zero-terminated).

==== python-greenlet ====
Version update (3.1.0 -> 3.1.1)

- Fix build error under Leap.
- Update to 3.1.1
  * Fix crashes on 32-bit PPC Linux. Note that there is no CI for this,
    and support is best effort; there may be other issues lurking.
  * Remove unnecessary logging sometimes during interpreter shutdown.
  * Fix some crashes on 32-bit PPC MacOS. This is a very old platform,
    and is only known to be tested on beta versions of an operating
    system that was never released, using the GCC 14 only provided by
    MacPorts; it may or may not work on the final MacOS X release that
    supported 32-bit PowerPC. It has the known issue of leaking memory
    when greenlets are used in multiple threads. Help debugging this
    would be appreciated.

==== ruby-common ====

- update gem_packages.spec.erb:
  dont strip the newline at the end of main:filelist output

==== subversion ====
Subpackages: libsvn_auth_gnome_keyring-1-0 libsvn_auth_kwallet-1-0 subversion-bash-completion subversion-perl

- Use strip-nondeterminism to normalize jar mtimes

==== tigervnc ====
Subpackages: libXvnc1 xorg-x11-Xvnc xorg-x11-Xvnc-module

- Added patch:
  * n_tigervnc-reproducible-jar-mtime.patch
    + Use SOURCE_DATE_EPOCH for reproducible jar mtime
    + Applied if building with Java >= 17