Packages changed:
  gcc11 (11.2.1+git1018 -> 11.2.1+git1173)
  glib-networking
  hwdata (0.354 -> 0.355)
  ibus
  libglvnd (1.3.3 -> 1.4.0)
  libgphoto2 (2.5.27 -> 2.5.28)
  libmodulemd
  openexr
  openssl (1.1.1l -> 1.1.1m)
  openssl-1_1 (1.1.1l -> 1.1.1m)
  pkcs11-helper (1.25.1 -> 1.27.0)
  pulseaudio
  python-kiwisolver (1.3.1 -> 1.3.2)
  python-pandas (1.3.4 -> 1.3.5)
  python-requests (2.26.0 -> 2.27.1)
  qpdf (10.4.0 -> 10.5.0)
  systemd
  zstd (1.5.0 -> 1.5.1)

=== Details ===

==== gcc11 ====
Version update (11.2.1+git1018 -> 11.2.1+git1173)
Subpackages: cpp11 libgcc_s1 libgfortran5 libgomp1 libquadmath0 libstdc++6 libubsan1

- Update to gcc-11 branch head (d4a1d3c4b377f1d4acb), git1173
  * Fix D memory corruption in -M output.
  * Fix ICE in is_this_parameter with coroutines.  [boo#1193659]

==== glib-networking ====

- Increase testsuite timeout

==== hwdata ====
Version update (0.354 -> 0.355)

- Update to version 0.355 (bsc#1194338):
  + Updated pci, usb and vendor ids.

==== ibus ====
Subpackages: libibus-1_0-5 typelib-1_0-IBus-1_0

- Do not introduce ibus-gtk4-32bit unless there will be demand for
  it: drop its definition from baselibs.conf.
- Fix name of gtk4 flavor generated packages (was ibus-gtk4-gtk4).
- Split build of gtk4 module into an own flavor, allowing us to
  break a build cycle.
- Enable GTK 4 IM Module for Leap 15.4 and Tumbleweed
- Remove ibus-python-install-dir.patch
  * Not used for build anymore

==== libglvnd ====
Version update (1.3.3 -> 1.4.0)

- update to 1.4.0:
  * tests cleanups
  * Update bin/symbols-check.py from mesa/mesa@6f854145
  * Remove extra paragraph from license text.
  * Add one more missing dep_x11_headers
  * Update uthash to v2.3.0
  * EGL: Add support for eglQueryDisplayAttribKHR and NV.

==== libgphoto2 ====
Version update (2.5.27 -> 2.5.28)
Subpackages: libgphoto2-6 libgphoto2_port12

- updated to 2.5.28 release
  general:
  * OS/2 support removed (broken and unused since at least 2006)
  * remove built-in rpm packaging (use distro packaging instead)
  * remove linux-hotplug rule creation (removed from distros around 2006)
  * remaining text which was iso-8859 is UTF-8 now (except one po file)
  * To override docdir and htmldir, use configure arguments --docdir=
    and --htmldir= instead of --with-doc-dir= and --with-html-dir=
  * some code cleanups, especially handling of include files and i18n handling
  ptp2:
  * wait event
  * property changes now reported with "'name' to 'value'" added
  * object info changes now reported as FILE_CHANGED events (e.g. if you change protection flags)
  * Nikon J1: capture fixed
  * Olympus: fixed that wait time was twice as long as required if no events arrived
  * Sigma Fp: added basic beta support for capture, live view and config.
  * Sony:
  * mark all widgets as read-write again, read-only logic was not 100% correct
  * speed-ups and fixes to the stepping based config setting
  * Canon EOS
  * handle newer EOS R series reporting of configs (ISO, Aperture, Shutterspeed)
  * track UI lock state to avoid device busy reports
  * fixed "zoom" range settings (for lenses with powered zoom, also for today Powershot)
  * Fuji:
  * ptpip improvements
  * bug fixes
  * some Fuji cameras have now liveview only for webcam (need new firmware)
  * various small fixes and code cleanups
  * New ids:
  * Sony Alpha-RX1R II, ILCE-7C, ZV-E10, A6600, DSC HX-80, ILCE-7RM3A, ILCE-7RM4A, DSC-A7S III
  * Nikon Coolpix B500, Zfc
  * Canon EOS M50m2, Digital IXUS 132
  * Fuji X-Pro3, GFX 100S, X100V
  canon:
  * fixed wait event crashes
  * correctly mark read only config widgets as read-only
  pentax:
  * fix PEF raw files for non-K100D
  translations:
  * updated german, french, polish, ukrainian

==== libmodulemd ====

- Drop unknown meson parameters: developer_build,
  with_py2_overrides, with_py3_overrides.

==== openexr ====
Subpackages: libIex-3_1-30 libIlmThread-3_1-30 libOpenEXR-3_1-30

- security update
- added patches
  fix CVE-2021-45942 [bsc#1194333], heap-based buffer overflow in Imf_3_1:LineCompositeTask:execute
  + openexr-CVE-2021-45942.patch

==== openssl ====
Version update (1.1.1l -> 1.1.1m)

- Update to 1.1.1m release

==== openssl-1_1 ====
Version update (1.1.1l -> 1.1.1m)
Subpackages: libopenssl1_1

- Update to 1.1.1m:
  * Avoid loading of a dynamic engine twice.
  * Prioritise DANE TLSA issuer certs over peer certs
- Rebased patches:
  * openssl-1.1.1-evp-kdf.patch
  * openssl-1.1.1-system-cipherlist.patch

==== pkcs11-helper ====
Version update (1.25.1 -> 1.27.0)
Subpackages: libpkcs11-helper1

- update to 1.27.0:
  * core: handle PIN expiration after C_Login as C_Login may take a while
  * core: return explict success when plugin&play and no threading and no
    safefork, thanks to Tunnelblick
  * openssl: build with openssl ec disabled
  * openssl: support RSA_NO_PADDING padding, thanks to Selva Nair
  * core: reduce mutex lock scope of add/remove provider, thanks to Frank Morgner
  * core: improve the fork fixup sequence

==== pulseaudio ====
Subpackages: libpulse-mainloop-glib0 libpulse0 pulseaudio-setup

- Fix parameters passed to meson:
  * access-group, => access_group, system-group => system_group,
    and system-user => system_user for them to actually have an
    effect.

==== python-kiwisolver ====
Version update (1.3.1 -> 1.3.2)

- update to 1.3.2:
  - Add support for Python 3.10, drop official support Python 3.6
  - Remove direct accesses to ob_type in C-API use Py_TYPE instead

==== python-pandas ====
Version update (1.3.4 -> 1.3.5)

- Update to version 1.3.5
  * Fixed regression in Series.equals() when comparing floats with
    dtype object to None (GH44190)
  * Fixed regression in merge_asof() raising error when array was
    supplied as join key (GH42844)
  * Fixed regression when resampling DataFrame with DateTimeIndex
    with empty groups and uint8, uint16 or uint32 columns
    incorrectly raising RuntimeError (GH43329)
  * Fixed regression in creating a DataFrame from a timezone-aware
    Timestamp scalar near a Daylight Savings Time transition
    (GH42505)
  * Fixed performance regression in read_csv() (GH44106)
  * Fixed regression in Series.duplicated() and
    Series.drop_duplicates() when Series has Categorical dtype with
    boolean categories (GH44351)
  * Fixed regression in GroupBy.sum() with timedelta64[ns] dtype
    containing NaT failing to treat that value as NA (GH42659)
  * Fixed regression in RollingGroupby.cov() and
    RollingGroupby.corr() when other had the same shape as each
    group would incorrectly return superfluous groups in the result
    (GH42915)

==== python-requests ====
Version update (2.26.0 -> 2.27.1)

- update to 2.27.1
  * Fixed parsing issue that resulted in the auth component being
    dropped from proxy URLs. (#6028)
- update to 2.27.0:
  * Officially added support for Python 3.10. (#5928)
  * Added a `requests.exceptions.JSONDecodeError` to unify JSON exceptions between
  Python 2 and 3. This gets raised in the `response.json()` method, and is
  backwards compatible as it inherits from previously thrown exceptions.
  Can be caught from `requests.exceptions.RequestException` as well. (#5856)
  * Improved error text for misnamed `InvalidSchema` and `MissingSchema`
  exceptions. This is a temporary fix until exceptions can be renamed
  (Schema->Scheme). (#6017)
  * Improved proxy parsing for proxy URLs missing a scheme. This will address
  recent changes to `urlparse` in Python 3.9+. (#5917)
  * Fixed defect in `extract_zipped_paths` which could result in an infinite loop
  for some paths. (#5851)
  * Fixed handling for `AttributeError` when calculating length of files obtained
  by `Tarfile.extractfile()`. (#5239)
  * Fixed urllib3 exception leak, wrapping `urllib3.exceptions.InvalidHeader` with
  `requests.exceptions.InvalidHeader`. (#5914)
  * Fixed bug where two Host headers were sent for chunked requests. (#5391)
  * Fixed regression in Requests 2.26.0 where `Proxy-Authorization` was
  incorrectly stripped from all requests sent with `Session.send`. (#5924)
  * Fixed performance regression in 2.26.0 for hosts with a large number of
  proxies available in the environment. (#5924)
  * Fixed idna exception leak, wrapping `UnicodeError` with
  `requests.exceptions.InvalidURL` for URLs with a leading dot (.) in the
  domain. (#5414)
  * Requests support for Python 2.7 and 3.6 will be ending in 2022. While we
  don't have exact dates, Requests 2.27.x is likely to be the last release
  series providing support.

==== qpdf ====
Version update (10.4.0 -> 10.5.0)

- update to 10.5.0:
  * Since qpdf version 8, using object accessor methods on an
    instance of ``QPDFObjectHandle`` may create warnings if the
    object is not of the expected type. These warnings now have an
    error code of ``qpdf_e_object`` instead of
    ``qpdf_e_damaged_pdf``. Also, comments have been added to
    :file:`QPDFObjectHandle.hh` to explain in more detail what the
    behavior is. See :ref:`object-accessors` for a more in-depth
    discussion.
  * Add ``Pl_Buffer::getMallocBuffer()`` to initialize a buffer
    allocated with ``malloc()`` for better cross-language
    interoperability.
  * Overhaul error handling for the object handle functions C API.
    Some rare error conditions that would previously have caused a
    crash are now trapped and reported, and the functions that
    generate them return fallback values. See comments in the
    ``ERROR HANDLING`` section of :file:`include/qpdf/qpdf-c.h` for
    details. In particular, exceptions thrown by the underlying C++
    code when calling object accessors are caught and converted into
    errors. The errors can be checked by calling ``qpdf_has_error``.
    Use ``qpdf_silence_errors`` to prevent the error from being
    written to stderr.
  * Add ``qpdf_get_last_string_length`` to the C API to get the
    length of the last string that was returned. This is needed to
    handle strings that contain embedded null characters.
  * Add ``qpdf_oh_is_initialized`` and
    ``qpdf_oh_new_uninitialized`` to the C API to make it possible
    to work with uninitialized objects.
  * Add ``qpdf_oh_new_object`` to the C API. This allows you to
    clone an object handle.
  * Add ``qpdf_get_object_by_id``, ``qpdf_make_indirect_object``,
    and ``qpdf_replace_object``, exposing the corresponding methods
    in ``QPDF`` and ``QPDFObjectHandle``.
- add build-without-pdf.patch to fix documentation installation
- enable documentation build, enable tests, enable werror

==== systemd ====
Subpackages: libsystemd0 libudev1 systemd-sysvinit udev

- Update systemd-user PAM service again
  Change the default implementation of pam_setcred() again, previously
  customized to run the full "auth" PAM stack and only call pam_deny.so which is
  basically the SUSE default behavior without pam_warn.so.
  This is considered safer, especially on SLE where a regression was spotted by
  QA.
- move files related to static nodes to udev
- Replace S:$n references with SOURCE$n. Makes vim * search work.

==== zstd ====
Version update (1.5.0 -> 1.5.1)
Subpackages: libzstd1

- add noexecstack.patch (bsc#1194337)
- fix pkgconfig pc file settings by passing in right prefix during build
- update to 1.5.1:
  * perf: rebalanced compression levels, to better match the intended speed/level curve
  * perf: faster huffman decoder, using x64 assembly
  * perf: slightly faster high speed modes (strategies fast & dfast)
  * perf: improved binary size and faster compilation times
  * perf: new row64 mode, used notably in level 12
  * perf: faster mid-level compression speed in presence of highly repetitive patterns
  * perf: minor compression ratio improvements for small data at high levels
  * perf: reduced stack usage (mostly useful for Linux Kernel)
  * perf: faster compression speed on incompressible data
  * perf: on-demand reduced ZSTD_DCtx state size, using build macro ZSTD_DECODER_INTERNAL_BUFFER, at a small cost of performance
  * build: allows hiding static symbols in the dynamic library, using build macro
  * build: support for m68k (Motorola 68000's)
  * build: improved AIX support
  * build: improved meson unofficial build
  * cli : custom memory limit when training dictionary (#2925)
  * cli : report advanced parameters information when compressing in very verbose mode (``-vv`)