Packages changed:
  augeas (1.12.0 -> 1.13.0)
  firewalld (1.2.0 -> 1.2.1)
  python-cryptography (38.0.1 -> 38.0.3)
  python310
  python310-core
  sg3_utils (1.47+5.d13bc56 -> 1.48~20221101.6d3bd26)
  sudo
  suse-module-tools (16.0.23 -> 16.0.26)

=== Details ===

==== augeas ====
Version update (1.12.0 -> 1.13.0)
Subpackages: augeas-lenses libaugeas0 libfa1

- Update to 1.13.0
  * Fixes bsc#1204554
  * Added augeas-1.13.0-replace_security_context_t-patch to fix a
    syntax error.
  * Rebased gcc9-disable-broken-test.patch
  * Dropped the following patches since they are now upstreamed:
  - augeas-new_options_for_chrony.patch
  - augeas-allow_printable_ASCII.patch
  - remove-unportable-tests.patch
  * General changes/additions
  - Add Dockerfile (Nicolas Gif) (Issue #650)
  - augtool: Improved readline integration to handle quoting
    issues (Pino Toscano)
  - typechecker: Allow including '/' in keys and labels. Thanks
    to felixdoerre for pointing out that this restriction was
    unnecessary. See issue #668 for the discussion.
  - Add function modified() to select nodes which are marked as
    dirty (George Hansper) (Issue #691)
  - Add CLI command 'preview' and API 'aug_preview' to preview
    file contents (George Hansper) (#690)
  - Add "else" operator to augeas path-filter expressions
    (priority selector) (George Hansper) (#692)
  - Add new axis 'seq' to allow /path/seq::*[expr] to match and
    create numeric nodes, as idempotent alternative to
    /path/*[expr] (George Hansper) (#706)
  * Lens changes/additions
  - Authinfo2: new lens to parse Authinfo2 format (Nicolas Gif)
    (Issue #649)
  - Chrony: add new options (Miroslav Lichvar) (Issue #698)
  - Cmdline: New lens to parse /proc/cmdline (Thomas Weißschuh)
  - Crypttab: support UUID in device and / in opt (Raphaël
    Pinson) (#713)
  - Fail2ban: new lens to parse Fail2ban format (Nicolas Gif)
    (Issue #651)
  - Grub: support '+' in kernel command line option names (Pino
    Toscano) (Issue #647)
  - Krb5: handle [plugins] subsection (Pino Toscano) (Issue #663)
  - Limits: support colons in the domain pattern of the limits
    lens (Xavier Mol) (Issue #645)
  - Logrotate: add hourly schedule (Jason A. Smith) (Issue #655)
  - Mke2fs: parse more common entries between [defaults] and the
    tags in [fs_types], fix the type of few entries, handle the
    [options] stanza (Pino Toscano) (Issue #642)
  - support quoted values (Pino Toscano) (Issue #661)
  - NetworkManager: allow # in values (mfilka) (#723)
  - Opendkim: update to match current conffile format (Issue #644)
  - Postfix_Master: Allow unix-dgram as type (Issue #635)
  - Postfix_transport: Allow underscore (Anton Baranov) (Issue #678)
  - Postgresql: Allow hyphen '-' in values that don't require quotes
    (Marcin Barczyński) (Issues #700 #701)
  - Properties: Allow "/" in property names (felixdoerre) (Issue #680)
  - Redis: add incl path /etc/redis.conf (Raphaël Pinson) (#726)
  - support "replicaof" (Raphaël Pinson) (#727)
  - fix support for "sentinel" (Raphaël Pinson) (#728)
  - Resolv: Support new options (Trevor Vaughan) (Issues #707 #708)
  - Rsyslog: support multiple actions in filters and selectors (Issue
    [#653])
  - Shellvars: exclude more tcsh profile scripts (Pino Toscano) (Issue
    [#627])
  - Simplevars: add ocsinventory-agent.cfg (Pat Riehecky) (Issue #637)
  - Sudoers: support new @include/@includedir directives (Pino
    Toscano) (Issue #693)
  - Sudoers: Allow AD groups (luchihoratiu) (Issue #696)
  - Support negative integers (Ando David Roots) (#724)
  - Ssh: add Match keyword support (granquet) (Issue #695)
  - Sshd: support quotes in Match conditions (Issue #739)
  - Systemd: fix parsing of envvars with spaces (Pino Toscano) (#659)
  - Add incl paths according to 'systemd.network(5)' (chruetli) (#683)
  - Tinc: new lens for Tinc VPN configuration files (Thomas Weißschuh)
    (#718)
  - Toml: support arrays (norec) in inline tables (Raphaël Pinson)
    (#703)
  - Tmpfiles: improvements to the types specification (Pino Toscano)
    (Issue #694)

==== firewalld ====
Version update (1.2.0 -> 1.2.1)
Subpackages: firewalld-bash-completion firewalld-lang python3-firewall

- Update to 1.2.1:
  * fix(modules): don't error if /proc/modules is missing (a1f091d)
  * fix(readme): format optional <ver> (03e61f2)
  * docs: add protocols to rich and zones (191cea4)
  * docs(policy): add priority attribute to rule (616ed7c)
  * fix(runtimeToPermanent): errors for interfaces not in zone (6b5a70b)
  * fix(failsafe): log exception on fatal failure (af1b8f0)
  * fix(ipset): defer native ipset creation if nftables (ae0ded4)
  * fix(nftables): drop invalid packets before zone dispatch (dc972ae)
  * fix(iptables): drop invalid packets before zone dispatch (83a4608)
  * fix(policies): Splitting interfaces with wildcards (3806e79)
  * fix(ipset): exception on overlap checking empty set (bfe827f)
  * fix(bash): fix ipset commands autocompletion (742669b)
  * docs(README): fix typo (e40b100)
  * fix(treewide): misc typos (d121f0c)
  * fix: firewalld.conf: trim trailing whitespace (21809ed)

==== python-cryptography ====
Version update (38.0.1 -> 38.0.3)

- update to 38.0.3:
  - Updated Windows, macOS, and Linux wheels to be compiled
    with OpenSSL 3.0.7, which resolves CVE-2022-3602 and
    CVE-2022-3786.

==== python310 ====
Subpackages: python310-curses python310-dbm

- Add CVE-2022-42919-loc-priv-mulitproc-forksrv.patch to avoid
  CVE-2022-42919 (bsc#1204886) avoiding Linux specific local
  privilege escalation via the multiprocessing forkserver start
  method.

==== python310-core ====
Subpackages: libpython3_10-1_0 python310-base

- Add CVE-2022-42919-loc-priv-mulitproc-forksrv.patch to avoid
  CVE-2022-42919 (bsc#1204886) avoiding Linux specific local
  privilege escalation via the multiprocessing forkserver start
  method.

==== sg3_utils ====
Version update (1.47+5.d13bc56 -> 1.48~20221101.6d3bd26)

- Update to new upstream version 1.48~20221101.6d3bd26:
  (pre-release sg3_utils-1.48 [20221101] [svn: r978])
  * sg_read_block_limits: fix granularity value, add --mloi option; sg_lib: add sg_ll_read_block_limits_v2(); sg_logs: json work
  * sg_stream_ctl: --get fix better; sg_rem_rest_elem: cleanup
  * sg_stream_ctl: fix --get indexing; fix some './configure --enable-debug' issues
  * sg_inq+sg_vpd: JSON updates
  * rescan-scsi-bus: speed large multipath scans
  * rescan-scsi-bus.sh speed testonline()
  * rescan-scsi-bus.sh: add option --no-lip-scan
  * rescan-scsi-bus: sgdevice26: do not traverse sg class if scsi_device isnot added
  * rescan-scsi-bus.sh: fix handling of '-I <secs>' option
  * Prepare for removing /proc/scsi from the Linux kernel
  * sg_inq+sg_vpd: merge VPD page processing
  * sg_get_elem_status: change '--maxlen=' option default to 1056 (was 32), other cleanups
  * sg_rep_zones: add experimental --json[=JO] option and generation
  * sg_logs: add --exclude and --undefined options
  * zoned disk man page improvements
  * sg_rep_zones: add --statistics option
  * sg_read_buffer: add --eh_code= and --no_output options
  * sg_format: allow disk formats on ZBC (zoned) disks
  * sg_rep_zones: add --brief option and --find ZT option
  * sg_rep_density: new utility for decoding the response of Report density support command [ssc (tape)]
  * Zoned block device characteristics VPD page support

==== sudo ====
Subpackages: sudo-plugin-python

- Added sudo-CVE-2022-43995.patch
  * CVE-2022-43995
  * bsc#1204986
  * Fixed a potential heap-based buffer over-read when entering a password
    of seven characters or fewer and using the crypt() password backend.

==== suse-module-tools ====
Version update (16.0.23 -> 16.0.26)

* Revert "Split kernel scriptlets into separate sub-package"
  (that change broke some package builds on OBS)
- Update to version 16.0.25:
  * 80-hotplug-cpu-mem.rules: restrict cpu rule to x86_64 (bsc#1204423)
- Update to version 16.0.24:
  * Split kernel scriptlets into separate sub-package
    "suse-module-tools-scriptlets" on Tumbleweed
    (gh#openSUSE/suse-module-tools#64)