Packages changed:
  apparmor
  expat (2.4.2 -> 2.4.3)
  gstreamer-plugins-bad
  installation-images-MicroOS (17.33 -> 17.36)
  ldb
  libapparmor
  nvme-cli (1.16 -> 2.0~0)
  patterns-microos
  psmisc (23.3 -> 23.4)
  rpm-config-SUSE (0.g89 -> 0.g93)
  sssd
  systemd-rpm-macros (14 -> 15)

=== Details ===

==== apparmor ====
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor

- add update-samba-abstractions-ldb2.diff: Cater for changes to ldb
  packaging to allow parallel installation with libldb;
  (bsc#1192684).

==== expat ====
Version update (2.4.2 -> 2.4.3)
Subpackages: libexpat1

- update to 2.4.3 (bsc#1194251, bsc#1194362, bsc#1194474,
    bsc#1194476, bsc#1194477, bsc#1194478, bsc#1194479, bsc#1194480):
  * CVE-2021-45960 -- Fix issues with left shifts by >=29 places
    resulting in
    a) realloc acting as free
    b) realloc allocating too few bytes
    c) undefined behavior
    depending on architecture and precise value
    for XML documents with >=2^27+1 prefixed attributes
    on a single XML tag a la
    "<r xmlns:a='[..]' a:a123='[..]' [..] />"
    where XML_ParserCreateNS is used to create the parser
    (which needs argument "-n" when running xmlwf).
    Impact is denial of service, or more.
  * CVE-2021-46143 (ZDI-CAN-16157) -- Fix integer overflow
    on variable m_groupSize in function doProlog leading
    to realloc acting as free.
    Impact is denial of service or more.
  * CVE-2022-22822 to CVE-2022-22827 -- Prevent integer overflows
    near memory allocation at multiple places.  Mitre assigned
    a dedicated CVE for each involved internal C function:
  - CVE-2022-22822 for function addBinding
  - CVE-2022-22823 for function build_model
  - CVE-2022-22824 for function defineAttribute
  - CVE-2022-22825 for function lookup
  - CVE-2022-22826 for function nextScaffoldPart
  - CVE-2022-22827 for function storeAtts
    Impact is denial of service or more.

==== gstreamer-plugins-bad ====
Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsturidownloader-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0

- Drop conditionals for fdk_aac, explicitly add fdk-aac-free-devel
  BuildRequires, and build it for the main package.

==== installation-images-MicroOS ====
Version update (17.33 -> 17.36)

- merge gh#openSUSE/installation-images#564
- do not reset standard file descriptors in inst_setup, linuxrc
  takes care (bsc#1193910, jsc#SLE-18632)
- 17.36
- merge gh#openSUSE/installation-images#567
- Add RPi4 arm-trusted-firmware package (bsc#1173489)
- 17.35
- merge gh#openSUSE/installation-images#562
- adjust to recent samba re-packaging
- 17.34

==== ldb ====

- Modify packaging to allow parallel installation with libldb1
  (bsc#1192684):
  + Private libraries are installed in %{_libdir}/ldb2/
  + Modules are installed in %{_libdir}/ldb2/modules

==== libapparmor ====

- add update-samba-abstractions-ldb2.diff: Cater for changes to ldb
  packaging to allow parallel installation with libldb;
  (bsc#1192684).

==== nvme-cli ====
Version update (1.16 -> 2.0~0)

- Fix zsh completion package depenedencies.
- Use osc_scm to manage upstream input source.
- Fix version string.
- Update Source URL and introduce a variable for the release canditate
  version string.
- Update to v2.0-rc0
  * Depends on libnvme
  * rename harden_nvmf-connect@.service.patch to 0100-harden_nvmf-connect@.service.patch
  * drop 0102-nvme-cli-Add-script-to-determine-host-NQN.patch

==== patterns-microos ====
Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-base-microdnf patterns-microos-base-packagekit patterns-microos-base-zypper patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-desktop-common patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-ra_agent patterns-microos-ra_verifier patterns-microos-selinux patterns-microos-sssd_ldap

- added kde-gtk-config5-gtk3 to the KDE pattern, so that System Settings can also change GTK theming, which is generally used for flatpaks.

==== psmisc ====
Version update (23.3 -> 23.4)

- Update to 23.4:
  * killall: Dynamically link to selinux and use security attributes
  * pstree: Do not crash on missing processes !21
  * pstree: fix layout when using -C !24
  * pstree: add time namespace !25
  * pstree: Dynamically link to selinux and use attr
  * fuser: Get less confused about duplicate dev_id !10
  * fuser: Only check pathname on non-block devices !31
- Rebase 0001-Use-mountinfo-to-be-able-to-use-the-mount-identity.patch
- Rebase 0002-Use-new-statx-2-system-call-to-avoid-hangs-on-NFS.patch
- Port psmisc-22.21-pstree.patch
- Delete psmisc-v23.3-selinux.patch as not needed anymore
- Rename psmisc-v23.3.dif which is now psmisc-v23.4.dif with correct offsets

==== rpm-config-SUSE ====
Version update (0.g89 -> 0.g93)

- Update to version 0.g93:
  * locale.attr: Match all files inside LC_MESSAGES (boo#1194865)
  * remove leap_version as it's obsolete

==== sssd ====
Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-krb5-common sssd-ldap

- Upgrade LDB_DIR shell variable to %ldbdir macro.

==== systemd-rpm-macros ====
Version update (14 -> 15)

- Bump to version 15
- %sysusers_create_inline was wrongly marked as deprecated
- %sysusers_create can be useful in certain cases and won't go away until we'll
  move to file triggers. So don't mark it as deprecated too