Packages changed:
  audit (3.0.3 -> 3.0.5)
  audit-secondary (3.0.3 -> 3.0.5)
  codec2 (1.0.0 -> 1.0.1)
  crypto-policies (20210225.05203d2 -> 20210917.c9d86d1)
  diffutils
  ffmpeg-4
  gd
  libmtp (1.1.18 -> 1.1.19)
  mozjs78 (78.13.0 -> 78.14.0)
  openSUSE-build-key
  perl-libwww-perl (6.56 -> 6.57)
  selinux-policy

=== Details ===

==== audit ====
Version update (3.0.3 -> 3.0.5)
Subpackages: libaudit1 libauparse0

- Update to version 3.0.5:
  * In auditd, flush uid/gid caches when user/group added/deleted/modified
  * Fixed various issues when dealing with corrupted logs
  * In auditd, check if log_file is valid before closing handle
- Include fixed from 3.0.4:
  * Apply performance speedups to auparse library
  * Optimize rule loading in auditctl
  * Fix an auparse memory leak caused by glibc-2.33 by replacing realpath
  * Update syscall table to the 5.14 kernel
  * Fixed various issues when dealing with corrupted logs

==== audit-secondary ====
Version update (3.0.3 -> 3.0.5)
Subpackages: audit python3-audit system-group-audit

- Fix hardened auditd.service (bsc#1181400)
  * add fix-hardened-service.patch
    Make /etc/audit read-write from the service.
    Remove PrivateDevices=true to expose /dev/* to auditd.service.
- Enable stop rules for audit.service (cf. bsc#1190227)
  * add enable-stop-rules.patch
- Change default log_format from ENRICHED to RAW (bsc#1190500):
  * add change-default-log_format.patch (SUSE-specific patch)
- Update to version 3.0.5:
  * In auditd, flush uid/gid caches when user/group added/deleted/modified
  * Fixed various issues when dealing with corrupted logs
  * In auditd, check if log_file is valid before closing handle
- Include fixed from 3.0.4:
  * Apply performance speedups to auparse library
  * Optimize rule loading in auditctl
  * Fix an auparse memory leak caused by glibc-2.33 by replacing realpath
  * Update syscall table to the 5.14 kernel
  * Fixed various issues when dealing with corrupted logs

==== codec2 ====
Version update (1.0.0 -> 1.0.1)

- Update to version 1.0.1:
  * Release to support freedv-gui 1.6.1

==== crypto-policies ====
Version update (20210225.05203d2 -> 20210917.c9d86d1)

- Remove the scripts and documentation regarding
  fips-finish-install and test-fips-setup
  * Add crypto-policies-FIPS.patch
- Update to version 20210917.c9d86d1:
  * openssl: fix disabling ChaCha20
  * pacify pylint 2.11: use format strings
  * pacify pylint 2.11: specify explicit encoding
  * fix minor things found by new pylint
  * update-crypto-policies: --check against regenerated
  * update-crypto-policies: fix --check's walking order
  * policygenerators/gnutls: revert disabling DTLS0.9...
  * policygenerators/java: add javasystem backend
  * LEGACY: bump 1023 key size to 1024
  * cryptopolicies: fix 'and' in deprecation warnings
  * *ssh: condition ecdh-sha2-nistp384 on SECP384R1
  * nss: hopefully the last fix for nss sigalgs check
  * cryptopolicies: Python 3.10 compatibility
  * nss: postponing check + testing at least something
  * Rename 'policy modules' to 'subpolicies'
  * validation.rules: fix a missing word in error
  * cryptopolicies: raise errors right after warnings
  * update-crypto-policies: capitalize warnings
  * cryptopolicies: syntax-precheck scope errors
  * .gitlab-ci.yml, Makefile: enable codespell
  * all: fix several typos
  * docs: don't leave zero TLS/DTLS protocols on
  * openssl: separate TLS/DTLS MinProtocol/MaxProtocol
  * alg_lists: order protocols new-to-old for consistency
  * alg_lists: max_{d,}tls_version
  * update-crypto-policies: fix pregenerated + local.d
  * openssh: allow validation with pre-8.5
  * .gitlab-ci.yml: run commit-range against upstream
  * openssh: Use the new name for PubkeyAcceptedKeyTypes
  * sha1_in_dnssec: deprecate
  * .gitlab-ci.yml: test commit ranges
  * FIPS:OSPP: sign = -*-SHA2-224
  * scoped policies: documentation update
  * scoped policies: use new features to the fullest...
  * scoped policies: rewrite + minimal policy changes
  * scoped policies: rewrite preparations
  * nss: postponing the version check again, to 3.64
- Remove patches fixed upstream: crypto-policies-typos.patch
- Rebase: crypto-policies-test_supported_modules_only.patch
- Merge crypto-policies-asciidoc.patch into
    crypto-policies-no-build-manpages.patch

==== diffutils ====

- Skip stack overflow tests under qemu emulation (bsc#1190046)

==== ffmpeg-4 ====
Subpackages: libavcodec58_134 libavformat58_76 libavutil56_70 libswresample3_9

- Add ffmpeg-CVE-2020-22037.patch: Backport from upstream to fix
  denial of service vulnerability exists due to a memory leak in
  avcodec_alloc_context3 at options.c (bsc#1186756).

==== gd ====

- reenable gd/gd2 legacy formats, was disabled by upstream by
  default [bsc#1190762]

==== libmtp ====
Version update (1.1.18 -> 1.1.19)
Subpackages: libmtp-udev libmtp9

- updated to 1.1.19 release
  - Lots of USB ids added, especially Garmin devices
  - use a local libusb context, not the global one
  - various bugfixes

==== mozjs78 ====
Version update (78.13.0 -> 78.14.0)

- Update to version 78.14.0esr.

==== openSUSE-build-key ====

- Only add openSUSE Backports key when building for a Leap system
  (sle_version > 0). Tumbleweed does not use Backports.

==== perl-libwww-perl ====
Version update (6.56 -> 6.57)

- updated to 6.57
  see /usr/share/doc/packages/perl-libwww-perl/Changes
  6.57      2021-09-20 20:20:14Z
  - Update docs for protocols_allowed and protocols forbidden (GH#386) (Olaf Alders)

==== selinux-policy ====
Subpackages: selinux-policy-targeted

- Fix auditd service start with systemd hardening directives (boo#1190918)
  * add fix_auditd.patch