Packages changed:
  haveged (1.9.13 -> 1.9.14)
  keyutils (1.6 -> 1.6.3)
  libusb-1_0 (1.0.23 -> 1.0.24)
  nghttp2 (1.41.0 -> 1.42.0)
  podman (2.2.0 -> 2.2.1)
  polkit
  wget (1.20.3 -> 1.21)
  zchunk
  zstd (1.4.5 -> 1.4.8)

=== Details ===

==== haveged ====
Version update (1.9.13 -> 1.9.14)
Subpackages: libhavege2

- Update to 1.9.14:
  * made enttest configurable
  * havegecmd.c - new command added to close the communication socket
- Drop haveged-conditional-enttest.patch

==== keyutils ====
Version update (1.6 -> 1.6.3)
Subpackages: libkeyutils1

- the license of the library and -devel package is LGPL only, the
  tools are GPL.
- update to 1.6.3:
  * Revert the change notifications that were using /dev/watch_queue.
  * Apply the change notifications that use pipe2(O_NOTIFICATION_PIPE).
  * Allow "keyctl supports" to retrieve raw capability data.
  * Allow "keyctl id" to turn a symbolic key ID into a numeric ID.
  * Allow "keyctl new_session" to name the keyring.
  * Allow "keyctl add/padd/etc." to take hex-encoded data.
  * Add "keyctl watch*" to expose kernel change notifications on keys.
  * Add caps for namespacing and notifications.
  * Set a default TTL on keys that upcall for name resolution.
  * Explicitly clear memory after it's held sensitive information.
  * Various manual page fixes.
  * Fix C++-related errors.
  * Add support for keyctl_move().
  * Add support for keyctl_capabilities().
  * Make key=val list optional for various public-key ops.
  * Fix system call signature for KEYCTL_PKEY_QUERY.
  * Fix 'keyctl pkey_query' argument passing.
  * Use keyctl_read_alloc() in dump_key_tree_aux().
  * Various manual page fixes.
- spec-cleaner run (fixup failing homepage url)

==== libusb-1_0 ====
Version update (1.0.23 -> 1.0.24)

- Update to version 1.0.24
  * Add new platform abstraction (#252).
  * Add Null POSIX backend.
  * Add support for eventfd.
  * New API libusb_hotplug_get_user_data().
  * Linux: Drop support for kernel older than 2.6.32.
  * Linux: Provide an event thread name. (#689).
  * Linux: Wait until all USBs have been reaped before freeing
    them. (#607)
  * Documentation fixes and improvements.
  * Various other bug fixes and improvements.

==== nghttp2 ====
Version update (1.41.0 -> 1.42.0)

- update to 1.42.0:
  * lib: fix ubsan errors (Patch from Asra Ali) (GH-1468)
  * lib: Don't send RST_STREAM to idle stream (GH-1477)
  * lib: nghttp2_map backed by nghttp2_ksl
  * doc: Update sphinx_rtd_theme
  * doc: nghttp2_session_send is also affected by max concurrent streams (Patch from Tomas Krizek) (GH-1489)
  * doc: clarify flow control behaviour for nghttp2_session_send() (Patch from Tomas Krizek) (GH-1488)
  * build: Add missing cmake/FindSystemd.cmake to dist (GH-1526)
  * third-party: Bump llhttp to 2.2.0
  * third-party: Bump mruby to 2.1.2
  * nghttpx: Deal with the case when h2 backend is retired before it is initialized
  * nghttpx: Add accesslog variables to record request path without query (GH-1511)
  * nghttpx: Fix stall when TLS follows after proxy protocol
  * nghttpx: Fix logging integer

==== podman ====
Version update (2.2.0 -> 2.2.1)
Subpackages: podman-cni-config

- Update to v2.2.1
  * Changes
  - Due to a conflict with a previously-removed field, we were forced to
    modify the way image volumes (mounting images into containers using
  - -mount type=image) were handled in the database.
    As a result, containers created in Podman 2.2.0 with image volume
    will not have them in v2.2.1, and these containers will need to be re-created.
  * Bugfixes
  - Fixed a bug where rootless Podman would, on systems without the
    XDG_RUNTIME_DIR environment variable defined, use an incorrect path
    for the PID file of the Podman pause process, causing Podman to fail
    to start (#8539).
  - Fixed a bug where containers created using Podman v1.7 and earlier were
    unusable in Podman due to JSON decode errors (#8613).
  - Fixed a bug where Podman could retrieve invalid cgroup paths, instead
    of erroring, for containers that were not running.
  - Fixed a bug where the podman system reset command would print a warning
    about a duplicate shutdown handler being registered.
  - Fixed a bug where rootless Podman would attempt to mount sysfs in
    circumstances where it was not allowed; some OCI runtimes (notably
    crun) would fall back to alternatives and not fail, but others
    (notably runc) would fail to run containers.
  - Fixed a bug where the podman run and podman create commands would fail
    to create containers from untagged images (#8558).
  - Fixed a bug where remote Podman would prompt for a password even when
    the server did not support password authentication (#8498).
  - Fixed a bug where the podman exec command did not move the Conmon
    process for the exec session into the correct cgroup.
  - Fixed a bug where shell completion for the ancestor option to
    podman ps --filter did not work correctly.
  - Fixed a bug where detached containers would not properly clean themselves
    up (or remove themselves if --rm was set) if the Podman command that
    created them was invoked with --log-level=debug.
  * API
  - Fixed a bug where the Compat Create endpoint for Containers did not
    properly handle the Binds and Mounts parameters in HostConfig.
  - Fixed a bug where the Compat Create endpoint for Containers
    ignored the Name query parameter.
  - Fixed a bug where the Compat Create endpoint for Containers did not
    properly handle the "default" value for NetworkMode (this value is
    used extensively by docker-compose) (#8544).
  - Fixed a bug where the Compat Build endpoint for Images would sometimes
    incorrectly use the target query parameter as the image's tag.
  * Misc
  - Podman v2.2.0 vendored a non-released, custom version of the
    github.com/spf13/cobra package; this has been reverted to the latest
    upstream release to aid in packaging.
  - Updated the containers/image library to v5.9.0

==== polkit ====
Subpackages: libpolkit0

move to libexec dir is still not complete:
- add polkit-adjust-libexec-path.patch: There is another hard coded reference
  of lib/ in the code that this patch addresses.
- also adjust invocation of %set_permissions and %verify_permissions to new
  libexec dir location.
- also set libprivdir during build, otherwhise systemd and D-Bus service files
  contain the wrong path and we'll get runtime errors.
- Install private binaries into libexec instead of into lib. For this an
  override of the custom libprivdir variable is necessary, because upstream
  explicitly moved away from libexecdir via upstram commit
  6fbcc6cd839680fcefd81c4a43676e7c031c9859.

==== wget ====
Version update (1.20.3 -> 1.21)

- GNU wget 1.21:
  * Improve the number of translated strings
  * Remove all uses of alloca
  * Fix buffer overflows in progress bar code in some locales
  * Fix two null pointer accesses
  * Amend cookie file header to be recognized by the 'file' command
  * Post Handshake Authentication for OpenSSL
- drop obsolete texinfo packaging macros

==== zchunk ====

- Add d2eae512bee09a4047cfe586de12f644d73b0736.patch: Fix build
  with zstd 1.4.7+.

==== zstd ====
Version update (1.4.5 -> 1.4.8)

- Update to version 1.4.8 to fix i586+s390x
- Update to version 1.4.7
  * Improved --long mode
  * --long now automatically enabled for any window size >= 128MB
  * Faster decompression of small blocks
  * CLI improvements
    + accept parameter through environment variable ZSTD_NBTHREADS
    + new command --output-dir-mirror
    + more accurate warning and error messages
  * New experimental features
    + Shared Thread Pool
    + Faster Dictionary Compression
    + New Sequence Ingestion API
  * Drop upstream fix-lib-build.patch