Packages changed:
  bash
  busybox
  gpg2 (2.3.7 -> 2.3.8)
  kernel-source (6.0.1 -> 6.0.2)
  libffi
  libksba (1.6.1 -> 1.6.2)
  libsoup (3.2.0 -> 3.2.1)
  libxcrypt (4.4.27 -> 4.4.28)
  libxml2 (2.10.2 -> 2.10.3)
  libzypp (17.31.3 -> 17.31.4)
  netcfg
  plasma5-workspace
  postfix (3.7.2 -> 3.7.3)
  python-incremental (21.3.0 -> 22.10.0)
  python-pytz (2022.2.1 -> 2022.4)
  qalculate (4.2.0 -> 4.3.0)
  tcpd
  tiff
  timezone (2022d -> 2022e)
  timezone-java (2022d -> 2022e)
  xdg-user-dirs-gtk (0.10+13 -> 0.11)
  xf86-input-vmmouse (13.1.0 -> 13.2.0)
  yast2-network (4.5.8 -> 4.5.9)
  yast2-trans (84.87.20221009.3d63202666 -> 84.87.20221016.284cfa770d)
  zenity

=== Details ===

==== bash ====
Subpackages: bash-doc bash-lang bash-sh

- Don't strip binaries
- Work around a signal mask issue with qemu linux-user emulation
- Remove backup of patched tests

==== busybox ====
Subpackages: busybox-static

- Annotate CVEs already fixed in upstream, but not mentioned in .changes:
  * CVE-2014-9645 (bsc#914660):  strips of / in module names that can lead to loading unwanted modules

==== gpg2 ====
Version update (2.3.7 -> 2.3.8)
Subpackages: dirmngr gpg2-lang

- GnuPG 2.3.8:
  * gpg: Do not consider unknown public keys as non-compliant while
    decrypting.
  * gpg: Avoid to emit a compliance mode line if Libgcrypt is
    non-compliant.
  * gpg: Improve --edit-key setpref command to ease c+p.
  * gpg: Emit an ERROR status if --quick-set-primary-uid fails and
    allow to pass the user ID by hash.
  * gpg: Actually show symmetric+pubkey encrypted data as de-vs
    compliant.  Add extra compliance checks for symkey_enc packets.
  * gpg: In de-vs mode use SHA-256 instead of SHA-1 as implicit
    preference.
  * gpgsm: Fix reporting of bad passphrase error during PKCS#11
    import.
  * agent: Fix a regression in "READKEY --format=ssh".
  * agent: New option --need-attr for KEYINFO.
  * agent: New attribute "Remote-list" for use by KEYINFO.
  * scd: Fix problem with Yubikey 5.4 firmware.
  * dirmngr: Fix CRL Distribution Point fallback to other schemes.
  * dirmngr: New LDAP server flag "areconly" (A-record-only).
  * dirmngr: Fix upload of multiple keys for an LDAP server specified
    using the colon format.
  * dirmngr: Use LDAP schema v2 when a Base DN is specified.
  * dirmngr: Avoid caching expired certificates.
  * wkd: Fix path traversal attack in gpg-wks-server. Add the mail
    address to the pending request data.
  * wkd: New command --mirror for gpg-wks-client.
  * gpg-auth: New tool for authentication.
  * New common.conf option no-autostart.
  * Silence warnings from AllowSetForegroundWindow unless
    GNUPG_EXEC_DEBUG_FLAGS is used.
  * Rebase gnupg-detect_FIPS_mode.patch
  * Remove patch upstream:
  - gnupg-2.3.7-scd-openpgp-Fix-workaround-for-Yubikey-heuristics.patch

==== kernel-source ====
Version update (6.0.1 -> 6.0.2)

- Linux 6.0.2 (bsc#1012628).
- nilfs2: fix NULL pointer dereference at
  nilfs_bmap_lookup_at_level() (bsc#1012628).
- nilfs2: fix use-after-free bug of struct nilfs_root
  (bsc#1012628).
- nilfs2: fix leak of nilfs_root in case of writer thread creation
  failure (bsc#1012628).
- nilfs2: replace WARN_ONs by nilfs_error for checkpoint
  acquisition failure (bsc#1012628).
- nvme-pci: set min_align_mask before calculating max_hw_sectors
  (bsc#1012628).
- random: restore O_NONBLOCK support (bsc#1012628).
- random: clamp credited irq bits to maximum mixed (bsc#1012628).
- ALSA: hda: Fix position reporting on Poulsbo (bsc#1012628).
- efi: Correct Macmini DMI match in uefi cert quirk (bsc#1012628).
- scsi: qla2xxx: Revert "scsi: qla2xxx: Fix response queue
  handler reading stale packets" (bsc#1012628).
- scsi: qla2xxx: Fix response queue handler reading stale packets
  (bsc#1012628).
- scsi: stex: Properly zero out the passthrough command structure
  (bsc#1012628).
- USB: serial: qcserial: add new usb-id for Dell branded EM7455
  (bsc#1012628).
- Revert "USB: fixup for merge issue with "usb: dwc3: Don't
  switch OTG -> peripheral if extcon is present"" (bsc#1012628).
- Revert "usb: dwc3: Don't switch OTG -> peripheral if extcon
  is present" (bsc#1012628).
- Revert "powerpc/rtas: Implement reentrant rtas call"
  (bsc#1012628).
- Revert "crypto: qat - reduce size of mapped region"
  (bsc#1012628).
- random: avoid reading two cache lines on irq randomness
  (bsc#1012628).
- random: use expired timer rather than wq for mixing fast pool
  (bsc#1012628).
- wifi: cfg80211: fix u8 overflow in
  cfg80211_update_notlisted_nontrans() (bsc#1012628).
- wifi: cfg80211/mac80211: reject bad MBSSID elements
  (bsc#1012628).
- wifi: mac80211: fix MBSSID parsing use-after-free (bsc#1012628).
- wifi: cfg80211: ensure length byte is present before access
  (bsc#1012628).
- wifi: cfg80211: fix BSS refcounting bugs (bsc#1012628).
- wifi: cfg80211: avoid nontransmitted BSS list corruption
  (bsc#1012628).
- wifi: mac80211_hwsim: avoid mac80211 warning on bad rate
  (bsc#1012628).
- wifi: mac80211: fix crash in beacon protection for P2P-device
  (bsc#1012628).
- wifi: cfg80211: update hidden BSSes to avoid WARN_ON
  (bsc#1012628).
- mctp: prevent double key removal and unref (bsc#1012628).
- Input: xpad - add supported devices as contributed on github
  (bsc#1012628).
- Input: xpad - fix wireless 360 controller breaking after suspend
  (bsc#1012628).
- misc: pci_endpoint_test: Aggregate params checking for xfer
  (bsc#1012628).
- misc: pci_endpoint_test: Fix
  pci_endpoint_test_{copy,write,read}() panic (bsc#1012628).
- commit 7fb6561
- Refresh
  patches.suse/ACPI-resource-Add-ASUS-model-S5402ZA-to-quirks.patch.
- Refresh
  patches.suse/ACPI-resource-Skip-IRQ-override-on-Asus-Vivobook-K34.patch.
  Update upstream status. They were merged already.
- commit 098c340
- ACPI: resource: do IRQ override on LENOVO IdeaPad (bsc#1203794).
- ACPI: resource: Add ASUS model S5402ZA to quirks (bsc#1203794).
- ACPI: resource: Skip IRQ override on Asus Vivobook
  K3402ZA/K3502ZA (bsc#1203794).
- commit c7a2f55

==== libffi ====

- add riscv64-handle-big-structures.patch

==== libksba ====
Version update (1.6.1 -> 1.6.2)

- libksba 1.6.2: [bsc#1204357, CVE-2022-3515]
  * Fix integer overflow in the CRL parser.

==== libsoup ====
Version update (3.2.0 -> 3.2.1)
Subpackages: libsoup-3_0-0 libsoup-lang typelib-1_0-Soup-3_0

- Update to version 3.2.1:
  + When built against nghttp2 1.50.0+ be relaxed about header
    whitespace.
  + Fix possible crash when cancelling an HTTP/2 message.
  + Fix regresion where soup_server_message_get_socket() could
    return NULL.
  + Fix minor memory leak.
- Disable tests on 32-bit while waiting for
  https://gitlab.gnome.org/GNOME/libsoup/-/issues/309

==== libxcrypt ====
Version update (4.4.27 -> 4.4.28)

- update to 4.4.28:
  * Add glibc-on-or1k (OpenRISC 1000) entry to libcrypt.minver.
  This was added in GNU libc 2.35.

==== libxml2 ====
Version update (2.10.2 -> 2.10.3)
Subpackages: libxml2-2 libxml2-tools

- Update to version 2.10.3 (bsc#1204366, CVE-2022-40303, bsc#1204367, CVE-2022-40304):
  + Security:
  - [CVE-2022-40304] Fix dict corruption caused by entity
    reference cycles
  - [CVE-2022-40303] Fix integer overflows with XML_PARSE_HUGE
  - Fix overflow check in SAX2.c
  + Build system: cmake: Set SOVERSION
- Rebase patches with quilt.

==== libzypp ====
Version update (17.31.3 -> 17.31.4)

- Do not clean up MediaSetAccess before using the geoip file
  (fixes #424)
- version 17.31.4 (22)

==== netcfg ====

- Remove hosts.allow and hosts.deny config files as they are only
  used by tcpd, which is not installed by default, bsc#1099755

==== plasma5-workspace ====
Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-lang plasma5-workspace-libs xembedsniproxy

- Use appmenu-gtk-module instead of unity-gtk-module on Leap 15.2+
  (boo#1108846)

==== postfix ====
Version update (3.7.2 -> 3.7.3)

- update to 3.7.3
  * Fixed a bug where some messages were not delivered after
    "warning: Unexpected record type 'X'.
  * Workaround: in a TLS server disable Postfix's 1-element internal session
    cache, to work around an OpenSSL 3.0 regression that broke TLS handshakes.
  * Code health: the fix for milter_header_checks (3.7.1, 3.6.6, 3.5.16, 3.4.26)
    introduced a missing msg_panic() argument (in code that never executes).
  * Code health: Postfix 3.3.0 introduced an uninitialized verify_append()
    request status in case of a null original recipient address.
  * Postfix 3.5.0 introduced debug logging noise in map_search_create().
- own /var/spool/mail (boo#1179574)

==== python-incremental ====
Version update (21.3.0 -> 22.10.0)

- update to 22.10.0:
  * Incremental now supports type-checking with Mypy (#69)

==== python-pytz ====
Version update (2022.2.1 -> 2022.4)

- update to 2022.4

==== qalculate ====
Version update (4.2.0 -> 4.3.0)
Subpackages: libqalculate22 qalculate-data

- Update to 4.3.0:
  * Fix handling of Unicode powers for units in denominator, with
    adaptive parsing enabled (e.g. parse 10m/s² the same as 10m/s^2)
  * Fix "+" ignored after "E" in number bases where "E" is a digit
  * Fix scientific E notation with sign in argument when function
    is used without parentheses
  * Fix lambertw() for values very close to zero
  * Fix a × b^x + cx = d when a and c have different signs and d
    is non-zero
  * Fix a^x × b^x = c when a and b is negative, and c is positive
  * Fix segfaults in some corner cases
  * Fix potential issues in handling of leap seconds (e.g. during
    subtraction of seconds from date)
  * var=a syntax for variable assignment with calculated expression
  * Replace ounce with fluid ounce during conversion to volume unit
  * Solve a^x + b^x + … = c in more cases
  * Improve remainder/modulus for numerators with large exponents
  * Truncate number in output of parsed expression and end with
    ellipsis if unable to display all decimals
  * Improved floating point calculation and output speed,
    particularly for simple expressions with very high precision
  * New functions: clip(), qFormat(), qError()
  * "clear history" command and option to clear (not save) history
    on exit (CLI)
  * Replace selection (instead of wrap in parentheses) on operator
    input if selection ends with operator (GTK, Qt)
  * Act as if two arguments are required when applying base-N
    logarithm to expression (GTK, Qt)
  * When applying function to expression, exclude to/where
    expression and place cursor before closing parenthesis if
    operator is last in selection (GTK)
  * Show padlock (or "[P]") after protected expression (Qt)
  * Fix name field not working in argument edit dialog (Qt)
  * Minor bug fixes and feature enhancements

==== tcpd ====

- Add hosts.allow and hosts.deny config files from the netcfg package,
  as they are tcpd specific, bsc#1099755

==== tiff ====

- security update:
  * CVE-2022-2519 [bsc#1202968]
  * CVE-2022-2520 [bsc#1202973]
  * CVE-2022-2521 [bsc#1202971]
    + tiff-CVE-2022-2519,CVE-2022-2520,CVE-2022-2521.patch

==== timezone ====
Version update (2022d -> 2022e)

- timezone update 2022e:
  * Jordan and Syria switch from +02/+03 with DST to year-round +03

==== timezone-java ====
Version update (2022d -> 2022e)

- timezone update 2022e:
  * Jordan and Syria switch from +02/+03 with DST to year-round +03

==== xdg-user-dirs-gtk ====
Version update (0.10+13 -> 0.11)
Subpackages: xdg-user-dirs-gtk-lang

- Update to version 0.11:
  + Updated translations.

==== xf86-input-vmmouse ====
Version update (13.1.0 -> 13.2.0)

- xf86-input-vmmouse 13.2.0:
  * Update "See Also" list in vmmouse_detect man page
  * Update configure.ac bug URL for gitlab migration
  * gitlab CI: add a basic build test
  * autogen.sh: Implement GNOME Build API
  * autogen.sh: use quoted string variables
  * tools: Fix declaration of xf86EnableIO()
  * autogen: add default patch prefix
  * Drop maintainer mode from autogen.sh
  * autogen.sh: use exec instead of waiting for configure to finish
  * Replace unportable test(1) operator.
  * Add NetBSD/amd64 support for iopl calls.

==== yast2-network ====
Version update (4.5.8 -> 4.5.9)

- Do not assume wicked will be installed by default anymore and
  return the needed packages by the selected backend when them
  are not installed (bsc#1201235, bsc#1201435)
- 4.5.9

==== yast2-trans ====
Version update (84.87.20221009.3d63202666 -> 84.87.20221016.284cfa770d)
Subpackages: yast2-trans-cs yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-fr yast2-trans-hu yast2-trans-it yast2-trans-ja yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ru yast2-trans-zh_CN yast2-trans-zh_TW

- Update to version 84.87.20221016.284cfa770d:
  * Translated using Weblate (Russian)
  * Translated using Weblate (Italian)
  * Translated using Weblate (Italian)
  * Translated using Weblate (Italian)
  * Translated using Weblate (Italian)
  * Translated using Weblate (Italian)
  * Translated using Weblate (Italian)

==== zenity ====
Subpackages: zenity-lang

- Drop pkgconfig(libnotify) and pkgconfig(webkit2gtk-4.1)
  BuildRequires: Upstream disabled building of libnotify and html
  support by default more than a year ago, and we have not been
  building that support in this time, so lets drop the unused
  dependencies.