Packages changed:
  Mesa
  Mesa-drivers
  apparmor
  hwinfo (21.80 -> 21.81)
  icu (70.1 -> 71.1)
  installation-images-MicroOS (17.47 -> 17.48)
  kexec-tools
  keylime (6.3.1 -> 6.3.2)
  libapparmor
  libusb-1_0 (1.0.25 -> 1.0.26)
  osinfo-db
  patterns-microos
  perl-HTML-Parser (3.77 -> 3.78)
  perl-libwww-perl (6.61 -> 6.62)
  samba (4.16.0+git.224.70319beb8f8 -> 4.16.0+git.227.931848a12ab)
  vim (8.2.4602 -> 8.2.4745)
  wicked (0.6.68 -> 0.6.69)
  xen (4.16.0_08 -> 4.16.1_02)
  zchunk (1.1.16 -> 1.2.1)

=== Details ===

==== Mesa ====
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1

- use _multibuild

==== Mesa-drivers ====
Subpackages: Mesa-dri Mesa-gallium

- use _multibuild

==== apparmor ====
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor

- Add samba-new-dcerpcd.patch, samba-4.16 has a new dcerpcd daemon
  which now will spawn new additional services on demand. We need to
  modify the existing smbd/winbind profiles and additionally add a
  new set of profiles to cater for the new functionality;
  (bnc#1198309);
- Add samba_deny_net_admin.patch to add new rule to deny
  noisy setsockopt calls from systemd; (bnc#1196850).

==== hwinfo ====
Version update (21.80 -> 21.81)

- merge gh#openSUSE/hwinfo#112
- fix bug in determining serial console device name (bsc#1198043)
- 21.81

==== icu ====
Version update (70.1 -> 71.1)

- update to 71.1:
  * updates to CLDR 41 locale data with various additions and corrections.
  * phrase-based line breaking for Japanese. Existing line breaking methods
    follow standards and conventions for body text but do not work well for
    short Japanese text, such as in titles and headings. This new feature is
    optimized for these use cases.
  * support for Hindi written in Latin letters (hi_Latn). The CLDR data for
    this increasingly popular locale has been significantly revised and
    expanded. Note that based on user expectations, hi_Latn incorporates a
    large amount of English, and can also be referred to as ?Hinglish?.
  * time zone data updated to version 2022a. Note that pre-1970 data for a
    number of time zones has been removed, as has been the case in the upstream
    tzdata release since 2021b.
- drop fix-ucptrietest-golden-diff.patch (upstream)

==== installation-images-MicroOS ====
Version update (17.47 -> 17.48)

- merge gh#openSUSE/installation-images#586
- add xrdb to inst-sys (bsc#1198294)
- 17.48

==== kexec-tools ====

- kexec-tools-print-error-if-kexec_file_load-fails.patch: print
  error if kexec_file_load fails (bsc#1197176).

==== keylime ====
Version update (6.3.1 -> 6.3.2)
Subpackages: keylime-agent keylime-config keylime-firewalld keylime-registrar keylime-tpm_cert_store keylime-verifier python38-keylime

- Update to version v6.3.2:
  * general: bump Keylime version to 6.3.2
  * tpm_main: flush transient objects
  * pypi: add notice that the Python API is unstable
  * installer: use OpenSSL by default
  * Avoid mounting secdir while unmounting it
  * remove TPM, VTPM and IMA stubbing support
  * archive: remove all archive files
  * Change GH reviewers to be from developer group
  * added suse / opensuse support with zypper
  * Fix tpm import in test_tpm.py
  * Fix cfssl configuration in run_tests.sh
  * tpm_emulator: improve TPM emulator installation
  * config: Add option to enable DB debugging via DEBUG_DB env var
  * Enable SQL query cache for JSONPickleType
  * tpm_emulator: move everything into systemd services
  * Implement broader key support for Keylime's signing mechanisms
  * tenant: Use exponential backoff on key verification retries
  * tenant: Move JSON parsing to capture possible exceptions
  * tenant: Move verifier stop from do_quote to do_verify
  * pylint: Fix issues related to W0602 global-variable-not-assigned
  * tenant: Handle 404 error from registrar gracefully
  * pylint: Fix remaining code with issue R1732 consider-using-with
  * pylint: Fix R1732 consider-using-with
  * pylint: Fix issue detected by pylint-2.13.0
  * pylint: Fix issue detected by pylint-2.13.0
  * tenant: verify agent quote before adding to verifier
  * README: remove tpm2-abrmd and OSX sections
  * pylint: Fix issues related to W0102 dangerous-default-value
  * pylint: Fix R0201 no-self-use
  * pylint: remove W1203 logging-format-interpolation from ignore list
  * pylint: remove R1729 use-a-generator from ignore list
  * pylint: remove E1120 no-value-for-parameter from ignore list
  * pylint: remove W1201 logging-not-lazy from ignore list
  * pylint: fix C0209 consider-using-f-string
  * pylint: fix C0201 consider-iterating-dictionary
  * pylint: fix W1509 subprocess-popen-preexec-fn
  * keylime_tenant non-zero exit code on error
  * Fix prepare step adjustments in packit-ci.fmf plan
  * failure: fix Pattern type hint
  * mypy: add initial Mypy configuration
  * ima_ast: add type hints
  * failure: add type hints
  * logging, config: add type hints for logging module
  * algorithms: add type hints
  * json: add type hints and add JSONType as custom type
  * Full allowlist processing when not adding host
  * provider, vTPM: remove vTPM manager and provider code
  * tpm: fix that the set of missing PCRs is not serializable in failure
  * Restores the option to use keylime agents without mTLS
  * services: make the services run as keylime user instead of root
  * State in --help that SHA-256 is used for --allowlist-checksum
  * config: change cacert.pem to cacert.crt
  * registrar_client: validate connections against registrar ca certificate
  * tenant: validate connections against verifier ca certificate
  * request_client: only add custom adapter if TLS is enabled
  * setup: add static assets for webapp
  * Add TESTING.md describing testing details
  * Fix some remaining log format strings
  * Fix for database_url parameter with sqlite
  * Enable test basic-attestation-with-unpriviledged-agent in Packit CI
  * Use lazy string formatting when logging (#535)
  * Make Packit CI plan more resource-saving
  * keylime.conf: Document setting ownership in WORK_DIR (/var/lib/keylime)
  * agent: Make sure tmpfs is empty even if not mounted or cannot unmount
  * agent: Drop privileges by switching to normal user and group
  * agent: Move mounting of tmpfs towards beginning of main()
  * agent: Read measured boot log near process start
  * agent: Open file for IMA log file near process start
  * ima: Refactor read_measurement_list() to take file as argument
  * Add the policy name to failure event
  * tpm_main: Check if tpm_cert_store exists (#553)
  * Remove tag input from container build workflow
  * Push container images to quay.io/keylime org
  * Enable code coverage measurement for e2e tests in Packit CI
  * config: fix config search order
  * Add defaults for ephemeral keys for agent records
  * Update outdated greetings Github messages
  * services: add keylime_agent_secure.mount service
  * installer.sh: updated tpm2-{tools, tss}, use system packages if possible
  * revocation_notifier: convert the data to str in the notifiers
  * revocation_notifier: mark webhook threads as daemon and add timeout
  * Fix Packit CI test plan Summary
  * Enable Packit CI testing on CentOS Stream 8
  * Enable Packit CI testing on Fedora Rawhide
  * Remove last trace of TPM 1.2 (hopefully)
  * verifier: remove start_tornado() function
  * verifier: wait for connections to be closed before stopping ioloop
  * revocation_notifier: kill ZeroMQ broker if it blocks more than 5s
  * Add more e2e tests to Packit CI
  * Enable EPEL repo on CentOS Stream in packit.yaml
- Drop already merged patches
  * drop_privileges_of_agent_process_after_startup.patch
  * config_fix_config_search_order.patch
  * services_add_keylime_agent_secure_mount_service.patch

==== libapparmor ====

- Add samba-new-dcerpcd.patch, samba-4.16 has a new dcerpcd daemon
  which now will spawn new additional services on demand. We need to
  modify the existing smbd/winbind profiles and additionally add a
  new set of profiles to cater for the new functionality;
  (bnc#1198309);
- Add samba_deny_net_admin.patch to add new rule to deny
  noisy setsockopt calls from systemd; (bnc#1196850).

==== libusb-1_0 ====
Version update (1.0.25 -> 1.0.26)

- Update to version 1.0.26
  * Fix regression with transfer free's after closing device
  * Fix regression with destroyed context if API is misused
  * Workaround for applications using missing default context
  * Fix hotplog enumeration regression
  * Build fixes for various platforms and configurations
  * Add interface bound checking for broken devices
  * Add umockdev tests on Linux

==== osinfo-db ====

- bsc#1197958 - request support for SLE15-SP4 in the osinfo database
- Add support for SUSE linux Enterprise Micro 5.2
  add-slem5.2-support.patch

==== patterns-microos ====
Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-base-microdnf patterns-microos-base-packagekit patterns-microos-base-zypper patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-desktop-common patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-ra_agent patterns-microos-ra_verifier patterns-microos-selinux patterns-microos-sssd_ldap

- Revert "Remove requirement of pattern-bootloader". Containers
  should not be using pattern-microos-base. MicroOS needs pattern
  for having a branded bootloader
- Ensure bluez-auto-enable-devices is required for GNOME desktop
  (glgo#GNOME/gnome-bluetooth#110).

==== perl-HTML-Parser ====
Version update (3.77 -> 3.78)

- updated to 3.78
  see /usr/share/doc/packages/perl-HTML-Parser/Changes
  3.78      2022-03-28
  * Remove unused variable (GH#26) (Michal Josef ?pa?ek)

==== perl-libwww-perl ====
Version update (6.61 -> 6.62)

- updated to 6.62
  see /usr/share/doc/packages/perl-libwww-perl/Changes
  6.62      2022-04-05 01:04:17Z
  - Allow downloading to a filehandle (GH#400) (Andrew Fresh)

==== samba ====
Version update (4.16.0+git.224.70319beb8f8 -> 4.16.0+git.227.931848a12ab)
Subpackages: samba-client samba-client-libs samba-libs

- Fix update-apparmor-samba-profile script, sed doesn't like
  multibyte separators; (bsc#1198309).

==== vim ====
Version update (8.2.4602 -> 8.2.4745)
Subpackages: vim-data-common vim-small

- Updated to version 8.2.4745, fixes the following problems
  * Vim9: not enough test coverage for executing :def function.
  * Sourcing buffer lines is too complicated.
  * Error for redefining a script item may be confusing.
  * Error for arguments of remote_expr() even when the +clientserver feature
  is not included.
  * Test fails because of changed error message.
  * Sourcing buffer lines may lead to errors for conflicts.
  * getcompletion() does not work properly when 'wildoptions contains "fuzzy".
  * :unhide does not check for failing to close a window.
  * Some conditions are always true.
  * Typos in tests; one lua line not covered by test.
  * Vim9: cannot use a recursive call in a nested function. (Sergey Vlasov)
  * Return type of swapfile_unchanged() is wrong.
  * Redrawing too much when 'cursorline' is set and jumping around.
  * Mapping with escaped bar does not work in :def function. (Sergey Vlasov)
  * Vim9: Declarations in a {} block of a user command do not use Vim9 rules
  if defined in a legacy script. (Yegappan Lakshmanan)
  * No completion for :scriptnames.
  * Command line completion does not recognize single letter commands.
  * Mapping is cancelled when mouse moves and popup is visible.
  * Two letter substitute commands don't work. (Yegappan Lakshmanan)
  * Crash when using the tabline right-click menu.
  * Vim9: Crash with :execute and :finish. (Sergey Vlasov)
  * Coverity warns for using uninitialized field.
  * Old Coverity warning for resource leak.
  * Old Coverity warning for resource leak.
  * Visual area not fully updated when removing sign in Visual mode while
  scrolling.
  * flatten() does not use maxdepth correctly.
  * Not enough testing for 2/3 letter substitute commands.
  * flattennew() makes a deep copy unnecessarily.
  * 'cursorline' not always updated with 'cursorlineopt' is "screenline".
  * Crash when switching window in BufWipeout autocommand.
  * Using freed memory in flatten().
  * Visual range does not work before command modifiers.
  * Vim9: cannot initialize a variable to null_list.
  * Tests using null list or dict fail.
  * Not using Visual range.
  * Warning for using uninitialized variable. (Tony Mechelynck)
  * Superfluous check if a redraw is needed for 'cursorline'.
  * Not sufficient parenthesis in preprocessor macros.
  * Some boolean options use "long" instead of "int".
  * May mark the wrong window for redrawing.
  * Vim9: in :def function script var cannot be null.
  * Vim9: variable may be locked unintentionally.
  * Redrawing too often when 'relativenumber' is set.
  * 'shortmess' changed when session does not store options.
  * Using buffer line after it has been freed in old regexp engine.
  * "source" can read past end of copied line.
  * Handling LSP messages is a bit slow.
  * Various formatting problems.
  * "import autoload" only works with using 'runtimepath'.
  * Test fails because path differs.
  * Leaking memory if assignment fails.
  * "import autoload" does not check the file name.
  * Missing changes for import check.
  * Command line completion popup menu positioned wrong when using a terminal
  window.
  * Vim9: can't use items from "import autoload" with autoload directory name.
  * Errors for functions are sometimes hard to read.
  * Org-mode files are not recognized.
  * Invalid memory access when using printable function name.
  * Cursorcolumn is sometimes not correct.
  * Coverity warning for using uninitialized variable.
  * No error for using out of range list index.
  * Occasional crash when running the GUI tests.
  * Elvish files are not recognized.
  * Popup with "minwidth" and scrollbar not updated properly.
  * Vim9: assignment not recognized in skipped block.
  * expandcmd() fails on an error.
  * Buffer allocation failures insufficiently tested.
  * In compiled code len('string') is not inlined.
  * Memory allocation failures for new tab page not tested.
  * 'wildignorecase' is sometimes not used for glob().
  * Using :normal with Ex mode may make :substitute hang.
  * Redrawing a vertically split window is slow when using CTRL-F and CTRL-B.
  * Cannot force getting MouseMove events.
  * No error for missing expression after :elseif. (Ernie Rael)
  * Test fails with different error.
  * Vim9: not all code is tested.
  * Cannot have expandcmd() give an error message for mistakes.
  * Build failure without +postscript.
  * Build fails with a combination of features.
  * Vim9: can use :unlockvar for const variable. (Ernie Rael)
  * Verbose check with dict_find() to see if a key is present.
  * Cannot open a channel on a Unix domain socket.
  * When a swap file is found for a popup there is no dialog and the buffer
  is loaded anyway.
  * Configure doesn't find the Motif library with Cygwin.
  * "vimgrep /\%v/ *" may cause a crash.
  * New regexp engine does not give an error for "\%v".
  * Using <Cmd> in a mapping does not work for mouse keys in Insert
  mode. (Sergey Vlasov)
  * Channel tests fail on MS-Windows.
  * Solution for <Cmd> in a mapping causes trouble.
  * No test for what 8.2.4691 fixes.
  * new regexp does not accept pattern "\%>0v".
  * Avoidance of #elif causes more preproc nesting.
  * JSON encoding could be faster.
  * delete() with "rf" argument does not report a failure.
  * Vim9: crash when adding a duplicate key to a dictionary.
  * Vim9: script variable has no flag that it was set.
  * Hard to reproduce hang when reading from a channel.
  * Buffer remains active if a WinClosed event throws an exception.
  * Kuka Robot Language files not recognized.
  * C++ scope labels are hard-coded.
  * Memory leak in handling 'cinscopedecls'.
  * Using "else" after return or break increases indent.
  * Jump list marker disappears.
  * Buffer remains active if a WinClosed event throws an exception when
  there are multiple tabpages.
  * Redrawing could be a bit more efficient.
  * PHP test files are not recognized.
  * After :redraw the statusline highlight might be used.
  * Smart indenting does not work after completion.
  * When 'insermode' is set :edit from <Cmd> mapping misbehaves.
  * Only get profiling information after exiting.
  * Plugins cannot track text scrolling.
  * Using g:filetype_dat and g:filetype_src not tested.
  * Vagrantfile not recognized.
  * Memory allocation failure not tested when defining a function.
  * For TextYankPost v:event does not contain information about the operation
  being inclusive or not.
  * @@@ in the last line sometimes drawn in the wrong place.
  * ">" marker sometimes not displayed in the jumplist.
  * ABB Rapid files are not recognized properly.
  * Cooklang files are not recognized.
  * When a recording is ended with a mapped key that key is also recorded.
  * The ModeChanged autocmd event is inefficient.
  * Current instance of last search pattern not easily spotted.
  * Unused variable in tiny build.
  * Cannot use expand() to get the script name.
  * Unused code.
  * No test that v:event cannot be modified.
  * HEEx and Surface templates do not need a separate filetype.
  * The changelist index is not remembered per buffer.
  * Duplicate code to free fuzzy matches.
  * HEEx and Surface do need a separate filetype.
  * getcharpos() may change a mark position.
  * Quickfix tests can be a bit hard to read.
  * Build problem for Cygwin with Motif.
  * // in JavaScript string recognized as comment.
  * Esc on commandline executes command instead of abandoning it.
  * Accessing freed memory after WinScrolled autocmd event.
  * When expand() fails there is no error message.
  * Startup test fails.
  * There is no way to start logging very early in startup.
  * A terminal window can't use the bell.
  * Using wrong flag for using bell in the terminal.

==== wicked ====
Version update (0.6.68 -> 0.6.69)
Subpackages: wicked-service

- version 0.6.69
- redfish: decode smbios and setup host interface
  Add initial support to decode the SMBIOS Management Controller Host
  Interface (Type 42) structure and expose it as wicked `firmware:redfish`
  configuration to setup a Host Network Interface (to the BMC) using the
  `Redfish over IP` protocol allowing access to the Redfish Service (via
  redfish-localhost in /etc/hosts) used to manage the computer system.
  Tech Preview (jsc#SLE-17762).
- buffer: fix size_t length downcast to uint, add guards to init functions
- wireless: fix to not expect colons in 64byte long wpa-psk hex hash string
- xml-schema: reference counting fix to not crash at exit on schema errors
- compat-suse: match sysctl.d /etc vs. /run read order with systemd-sysctl,
  remove obsolete (sle11/sysconfig) lines about ifup-sysctl from ifsysctl.5.
- compat-suse: fix reading of sysctl addr_gen_mode to wrong variable
- auto6: fix to apply DNS from RA rdnss after ifdown/ifup (bsc#1181429)
- removed obsolete patch included in the master sources (bsc#1194392)
  [- 0001-fsm-fix-device-rename-via-yast-bsc-1194392.patch]

==== xen ====
Version update (4.16.0_08 -> 4.16.1_02)

- Update to Xen 4.16.1 bug fix release (bsc#1027519)
  xen-4.16.1-testing-src.tar.bz2
- Drop patches contained in new tarball
  61b31d5c-x86-restrict-all-but-self-IPI.patch
  61b88e78-x86-CPUID-TSXLDTRK-definition.patch
  61bc429f-revert-hvmloader-PA-range-should-be-UC.patch
  61d5687a-x86-spec-ctrl-opt_srb_lock-default.patch
  61d6ea2d-VT-d-split-domid-map-cleanup-check-into-a-function.patch
  61d6ea7b-VT-d-dont-leak-domid-mapping-on-error-path.patch
  61e0296a-x86-time-calibration-relative-counts.patch
  61e029c8-x86-time-TSC-freq-calibration-accuracy.patch
  61e02a1c-libxl-PCI-PV-hotplug-stubdom-coldplug.patch
  61e98e88-x86-introduce-get-set-reg-infra.patch
  61e98e89-x86-MSR-split-SPEC_CTRL-handling.patch
  61e98e8a-x86-spec-ctrl-drop-ENTRY-EXIT-HVM.patch
  61e98e8b-VT-x-SPEC_CTRL-NMI-race-condition.patch
  61eaaa23-x86-get-set-reg-infra-build.patch
  61efec1d-Arm-P2M-always-clear-entry-on-mapping-removal.patch
  61efec4d-gnttab-only-decrement-refcounter-on-final-unmap.patch
  61efec96-IOMMU-x86-stop-pirq-iteration-immediately-on-error.patch
  61f2d886-x86-CPUID-disentangle-new-leaves-logic.patch
  61f2d887-x86-CPUID-leaf-7-1-EBX-infra.patch
  61f2dd76-x86-SPEC_CTRL-migration-compatibility.patch
  61f7b2af-libxl-dont-touch-nr_vcpus_out-if-listing.patch
  61f933a4-x86-cpuid-advertise-SSB_NO.patch
  61f933a5-x86-drop-use_spec_ctrl-boolean.patch
  61f933a6-x86-new-has_spec_ctrl-boolean.patch
  61f933a7-x86-dont-use-spec_ctrl-enter-exit-for-S3.patch
  61f933a8-x86-SPEC_CTRL-record-last-write.patch
  61f933a9-x86-SPEC_CTRL-use-common-logic-for-AMD.patch
  61f933aa-SVM-SPEC_CTRL-entry-exit-logic.patch
  61f933ab-x86-AMD-SPEC_CTRL-infra.patch
  61f933ac-SVM-enable-MSR_SPEC_CTRL-for-guests.patch
  61f946a2-VMX-drop-SPEC_CTRL-load-on-VMEntry.patch
  6202afa3-x86-clean-up-MSR_MCU_OPT_CTRL-handling.patch
  6202afa4-x86-TSX-move-has_rtm_always_abort.patch
  6202afa5-x86-TSX-cope-with-deprecation-on-WHL-R-CFL-R.patch
  6202afa7-x86-CPUID-leaf-7-2-EDX-infra.patch
  6202afa8-x86-Intel-PSFD-for-guests.patch
  62278667-Arm-introduce-new-processors.patch
  62278668-Arm-move-errata-CSV2-check-earlier.patch
  62278669-Arm-add-ECBHB-and-CLEARBHB-ID-fields.patch
  6227866a-Arm-Spectre-BHB-handling.patch
  6227866b-Arm-allow-SMCCC_ARCH_WORKAROUND_3-use.patch
  6227866c-x86-AMD-cease-using-thunk-lfence.patch
  6229ba46-VT-d-drop-undue-address-of-from-check_cleanup_domid_map.patch
  624ebcef-VT-d-dont-needlessly-look-up-DID.patch
  624ebd3b-VT-d-avoid-NULL-deref-on-dcmo-error-paths.patch
  624ebd74-VT-d-avoid-infinite-recursion-on-dcmo-error-path.patch
  xsa397.patch
  xsa399.patch
  xsa400-01.patch
  xsa400-02.patch
  xsa400-03.patch
  xsa400-04.patch
  xsa400-05.patch
  xsa400-06.patch
  xsa400-07.patch
  xsa400-08.patch
  xsa400-09.patch
  xsa400-10.patch
  xsa400-11.patch
  xsa400-12.patch
- bsc#1197426 - VUL-0: CVE-2022-26358,CVE-2022-26359,
  CVE-2022-26360,CVE-2022-26361: xen: IOMMU: RMRR (VT-d) and unity
  map (AMD-Vi) handling issues (XSA-400)
  624ebcef-VT-d-dont-needlessly-look-up-DID.patch
  624ebd3b-VT-d-avoid-NULL-deref-on-dcmo-error-paths.patch
  624ebd74-VT-d-avoid-infinite-recursion-on-dcmo-error-path.patch

==== zchunk ====
Version update (1.1.16 -> 1.2.1)

- Update to version 1.2.1
  * Better error detection
  * Add support for specifying compression-format in zck
  * zck: add option to select chunk hash
  * Fix testsuite: Add expected sha256sums for zstd 1.5.1+
  * Fix memory leaks
  * Various bug fixes
- Drop upstream merged zstd-1.5.1.patch