Packages changed:
  NetworkManager
  gnome-keyring (40.0 -> 42.1)
  keylime (6.3.2 -> 6.4.0)
  mobile-broadband-provider-info (20220315 -> 20220511)
  polkit-default-privs (1550+20220404.7b4bea2 -> 1550+20220524.0345bd9)
  python-cryptography (36.0.2 -> 37.0.2)
  yast2 (4.5.3 -> 4.5.4)

=== Details ===

==== NetworkManager ====
Subpackages: NetworkManager-wwan libnm0 typelib-1_0-NM-1_0

- Fold NetworkManager-wifi back into the main package: The dep
  chain is not really different and it causes too many problems for
  users having that split. Not worth the pain (boo#1199710,
  boo#1199706).
- As a consequence, also drop the recommends fro the main package
  to -wifi.

==== gnome-keyring ====
Version update (40.0 -> 42.1)
Subpackages: gnome-keyring-pam libgck-modules-gnome-keyring

- Update to version 42.1:
  + daemon: Add files to EXTRA_DIST to fix distcheck.
- Changes from version 42.0:
  + secret-portal: Properly check the default keyring.
  + Build fixes.
  + ssh-agent: Fix crash by uninitialized GMutex.
  + fix looping off the end of the operations array.
  + readme: Mention libsecret instead of deprecated
    libgnome-keyring.
  + daemon: Make it systemd-activatable through the control socket.
  + Updated translations.
- Add pkgcondfig(systemd) and pkgconfig(libsystemd) BuildRequires:
  new dependencies.

==== keylime ====
Version update (6.3.2 -> 6.4.0)
Subpackages: keylime-agent keylime-config keylime-firewalld keylime-registrar keylime-tpm_cert_store keylime-verifier python38-keylime

- Update to version v6.4.0 (CVE-2022-1053, boo#1199253):
  * general: bump Keylime version to 6.4.0
  * tests: adjust tests to reflect latest API changes
  * api: bump version to 2.1
  * config: remove unused registrar mTLS options in cloud_verifier section
  * tenant, verifier: let the tenant provide the AK and mTLS certificate
  * Fix exit call in scripts/download_packit_coverage.sh
  * Added codecov.io description to TESTING.md
  * ci: only run CodeQL on the keylime directory and disable it for the webapp
  * Enable GitHub workflow integrating codecov.io
  * README: Fix and cleanup the install instructions
  * ima: add backport for dataclasses support for Python 3.6
  * ima: add info that device mapper validation is still experimental
  * add lark as a dependency
  * ima: integrate dm validator into gernal IMA validation
  * agentstates: add the option to load and store dm validator state
  * ima: add parser and validator for device mapper entries
  * ima_file_signatures: rename to file_signatures
  * ima_ast: rename to ast
  * ima: move IMA components into their own module
  * failure: add function to get current event ids
  * config: add more details for tpm_cert_store option
  * Deprecate API version 1.0
  * config, webapp: remove tls_check_hostnames option
  * ci: add CodeQL analysis
  * agent, tpm: remove is_vtpm() check
  * tests: update to reflect vTPM removal
  * remove vTPM related helper files and documentation
  * config: remove vTPM related options
  * tenant: remove vtpm_policy
  * verifier: remove vtpm_policy
  * remove REQUIRE_ROOT environment option
  * Remove Testing farm tag-repository
  * Bump required packaging module version to 20.0
  * Remove last traces of M2Crypto
  * Workaround for mock_open not supporting iteration in Python 3.6
- Fix "run_as" configuration parameter and set it to keylime:tss
- Improve downgrade user migration during package update

==== mobile-broadband-provider-info ====
Version update (20220315 -> 20220511)

- Update to version 20220511:
  * us: update verizon MCCMNC
  * us: Verizon Wirleess had been awarded 301 012
  * us: Verizon Wireless MMS settings
  * us: declare AT&T MCC MNC
  * at: declare lyca mobile MMS config
  * al: add AMC internet APN config
  * af: add MMS settings for AWCC
  * ad: add andorra telecom MMS settings
  * za: mtn mms
  * za: cell-c MMS setting
  * es: Add Euskaltel MMS settings
  * il: youphone mms (same APN for data and mms)
  * il: cellcom balance test
  * il: Rami Levi MMS settings
  * serviceproviders: fix indentation
  * il: Partner (previously known as Orange) MMS config

==== polkit-default-privs ====
Version update (1550+20220404.7b4bea2 -> 1550+20220524.0345bd9)

- Update to version 1550+20220524.0345bd9:
  * Add kinfocenter5 whitelisting (bsc#1199735).
  * gconf: cleanup rules used by dropped gconf2 package

==== python-cryptography ====
Version update (36.0.2 -> 37.0.2)

- update to 37.0.2:
  * Fixed an issue where parsing an encrypted private key with the public
    loader functions would hang waiting for console input on OpenSSL 3.0.x rather
    than raising an error.
  * Restored some legacy symbols for older ``pyOpenSSL`` users. These will be
    removed again in the future, so ``pyOpenSSL`` users should still upgrade
    to the latest version of that package when they upgrade ``cryptography``.
  * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.2.
  * **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL 2.9.x and 3.0.x.
    The new minimum LibreSSL version is 3.1+.
  * **BACKWARDS INCOMPATIBLE:** Removed ``signer`` and ``verifier`` methods
    from the public key and private key classes. These methods were originally
    deprecated in version 2.0, but had an extended deprecation timeline due
    to usage. Any remaining users should transition to ``sign`` and ``verify``.
  * Deprecated OpenSSL 1.1.0 support. OpenSSL 1.1.0 is no longer supported by
    the OpenSSL project. The next release of ``cryptography`` will be the last
    to support compiling with OpenSSL 1.1.0.
  * Deprecated Python 3.6 support. Python 3.6 is no longer supported by the
    Python core team. Support for Python 3.6 will be removed in a future
    ``cryptography`` release.
  * Deprecated the current minimum supported Rust version (MSRV) of 1.41.0.
    In the next release we will raise MSRV to 1.48.0. Users with the latest
    ``pip`` will typically get a wheel and not need Rust installed, but check
    :doc:`/installation` for documentation on installing a newer ``rustc`` if
    required.
  * Deprecated
    :class:`~cryptography.hazmat.primitives.ciphers.algorithms.CAST5`,
    :class:`~cryptography.hazmat.primitives.ciphers.algorithms.SEED`,
    :class:`~cryptography.hazmat.primitives.ciphers.algorithms.IDEA`, and
    :class:`~cryptography.hazmat.primitives.ciphers.algorithms.Blowfish` because
    they are legacy algorithms with extremely low usage. These will be removed
    in a future version of ``cryptography``.
  * Added limited support for distinguished names containing a bit string.
  * We now ship ``universal2`` wheels on macOS, which contain both ``arm64``
    and ``x86_64`` architectures. Users on macOS should upgrade to the latest
    ``pip`` to ensure they can use this wheel, although we will continue to
    ship ``x86_64`` specific wheels for now to ease the transition.
  * This will be the final release for which we ship ``manylinux2010`` wheels.
    Going forward the minimum supported ``manylinux`` ABI for our wheels will
    be ``manylinux2014``. The vast majority of users will continue to receive
    ``manylinux`` wheels provided they have an up to date ``pip``. For PyPy
    wheels this release already requires ``manylinux2014`` for compatibility
    with binaries distributed by upstream.
  * Added support for multiple
    :class:`~cryptography.x509.ocsp.OCSPSingleResponse` in a
    :class:`~cryptography.x509.ocsp.OCSPResponse`.
  * Restored support for signing certificates and other structures in
    :doc:`/x509/index` with SHA3 hash algorithms.
  * :class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES` is
    disabled in FIPS mode.
  * Added support for serialization of PKCS#12 CA friendly names/aliases in
    :func:`~cryptography.hazmat.primitives.serialization.pkcs12.serialize_key_and_certificates`
  * Added support for 12-15 byte (96 to 120 bit) nonces to
    :class:`~cryptography.hazmat.primitives.ciphers.aead.AESOCB3`. This class
    previously supported only 12 byte (96 bit).
  * Added support for
    :class:`~cryptography.hazmat.primitives.ciphers.aead.AESSIV` when using
    OpenSSL 3.0.0+.
  * Added support for serializing PKCS7 structures from a list of
    certificates with
    :class:`~cryptography.hazmat.primitives.serialization.pkcs7.serialize_certificates`.
  * Added support for parsing :rfc:`4514` strings with
    :meth:`~cryptography.x509.Name.from_rfc4514_string`.
  * Added :attr:`~cryptography.hazmat.primitives.asymmetric.padding.PSS.AUTO` to
    :class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS`. This can
    be used to verify a signature where the salt length is not already known.
  * Added :attr:`~cryptography.hazmat.primitives.asymmetric.padding.PSS.DIGEST_LENGTH`
    to :class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS`. This
    constant will set the salt length to the same length as the ``PSS`` hash
    algorithm.
  * Added support for loading RSA-PSS key types with
    :func:`~cryptography.hazmat.primitives.serialization.load_pem_private_key`
    and
    :func:`~cryptography.hazmat.primitives.serialization.load_der_private_key`.
    This functionality is limited to OpenSSL 1.1.1e+ and loads the key as a
    normal RSA private key, discarding the PSS constraint information.

==== yast2 ====
Version update (4.5.3 -> 4.5.4)

- Added experimental infrastructure for managing system in
  a chroot (bsc#1199840)
- 4.5.4