Packages changed:
  apparmor
  autoyast2 (4.4.25 -> 4.4.26)
  cifs-utils (6.13 -> 6.14)
  expat (2.4.2 -> 2.4.3)
  fcitx
  gstreamer-editing-services
  gstreamer-plugins-bad
  ldb
  libapparmor
  nvme-cli (1.16 -> 2.0~0)
  psmisc (23.3 -> 23.4)
  python-ipython (7.30.1 -> 8.0.1)
  rpm-config-SUSE (0.g89 -> 0.g93)
  spamassassin
  sssd
  systemd-rpm-macros (14 -> 15)

=== Details ===

==== apparmor ====
Subpackages: apparmor-abstractions apparmor-docs apparmor-parser apparmor-parser-lang apparmor-profiles apparmor-utils apparmor-utils-lang pam_apparmor pam_apparmor-32bit python3-apparmor

- add update-samba-abstractions-ldb2.diff: Cater for changes to ldb
  packaging to allow parallel installation with libldb;
  (bsc#1192684).

==== autoyast2 ====
Version update (4.4.25 -> 4.4.26)
Subpackages: autoyast2-installation

- Fix handling of add-on signature settings, introduced when fixing
  bsc#1192437 (bsc#1194881).
- 4.4.26

==== cifs-utils ====
Version update (6.13 -> 6.14)

- Update cifs-utils.spec:
  * Remove unused
    !BuildIgnore: samba-client
    BuildRequires: libwbclient-devel
- Update to cifs-utils 6.14
  * smbinfo is enhanced with capability to display alternate data streams
  * setcifsacl is improved to optionally reorder ACEs in preferred order
  * cifs.upcall regression in kerberos mount is fixed
  * remove cifs-utils-6.13.tar.bz2
  * remove cifs-utils-6.13.tar.bz2.asc
  * add    cifs-utils-6.14.tar.bz2
  * add    cifs-utils-6.14.tar.bz2.asc
- Drop upstream fixed patches:
  * 0001-cifs.upcall-fix-regression-in-kerberos-mount.patch

==== expat ====
Version update (2.4.2 -> 2.4.3)
Subpackages: libexpat-devel libexpat1 libexpat1-32bit

- update to 2.4.3 (bsc#1194251, bsc#1194362, bsc#1194474,
    bsc#1194476, bsc#1194477, bsc#1194478, bsc#1194479, bsc#1194480):
  * CVE-2021-45960 -- Fix issues with left shifts by >=29 places
    resulting in
    a) realloc acting as free
    b) realloc allocating too few bytes
    c) undefined behavior
    depending on architecture and precise value
    for XML documents with >=2^27+1 prefixed attributes
    on a single XML tag a la
    "<r xmlns:a='[..]' a:a123='[..]' [..] />"
    where XML_ParserCreateNS is used to create the parser
    (which needs argument "-n" when running xmlwf).
    Impact is denial of service, or more.
  * CVE-2021-46143 (ZDI-CAN-16157) -- Fix integer overflow
    on variable m_groupSize in function doProlog leading
    to realloc acting as free.
    Impact is denial of service or more.
  * CVE-2022-22822 to CVE-2022-22827 -- Prevent integer overflows
    near memory allocation at multiple places.  Mitre assigned
    a dedicated CVE for each involved internal C function:
  - CVE-2022-22822 for function addBinding
  - CVE-2022-22823 for function build_model
  - CVE-2022-22824 for function defineAttribute
  - CVE-2022-22825 for function lookup
  - CVE-2022-22826 for function nextScaffoldPart
  - CVE-2022-22827 for function storeAtts
    Impact is denial of service or more.

==== fcitx ====
Subpackages: fcitx-branding-openSUSE fcitx-gtk2 fcitx-gtk3 fcitx-pinyin fcitx-table fcitx-table-cn-wubi fcitx-table-cn-wubi-pinyin libfcitx-4_2_9

- Fix xim.d script for KDE Plasma (boo#1194916);
  $WINDOWMANAGER check needs to be adjusted

==== gstreamer-editing-services ====
Subpackages: libges-1_0-0 typelib-1_0-GES-1_0

- Fix parameters passed to meson: gtk_doc should be doc. Meson 0.60
  became strict and no longer accepts invalid parameters.
- Drop hotdoc BuildRequires: as we pass -Ddoc=disabled to meson,
  this dependency is not needed.

==== gstreamer-plugins-bad ====
Subpackages: gstreamer-plugins-bad-lang gstreamer-transcoder libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsttranscoder-1_0-0 libgsturidownloader-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0 typelib-1_0-GstTranscoder-1_0

- Drop conditionals for fdk_aac, explicitly add fdk-aac-free-devel
  BuildRequires, and build it for the main package.

==== ldb ====
Subpackages: libldb2 libldb2-32bit python3-ldb

- Modify packaging to allow parallel installation with libldb1
  (bsc#1192684):
  + Private libraries are installed in %{_libdir}/ldb2/
  + Modules are installed in %{_libdir}/ldb2/modules

==== libapparmor ====
Subpackages: libapparmor1 libapparmor1-32bit

- add update-samba-abstractions-ldb2.diff: Cater for changes to ldb
  packaging to allow parallel installation with libldb;
  (bsc#1192684).

==== nvme-cli ====
Version update (1.16 -> 2.0~0)
Subpackages: nvme-cli-bash-completion

- Fix zsh completion package depenedencies.
- Use osc_scm to manage upstream input source.
- Fix version string.
- Update Source URL and introduce a variable for the release canditate
  version string.
- Update to v2.0-rc0
  * Depends on libnvme
  * rename harden_nvmf-connect@.service.patch to 0100-harden_nvmf-connect@.service.patch
  * drop 0102-nvme-cli-Add-script-to-determine-host-NQN.patch

==== psmisc ====
Version update (23.3 -> 23.4)
Subpackages: psmisc-lang

- Update to 23.4:
  * killall: Dynamically link to selinux and use security attributes
  * pstree: Do not crash on missing processes !21
  * pstree: fix layout when using -C !24
  * pstree: add time namespace !25
  * pstree: Dynamically link to selinux and use attr
  * fuser: Get less confused about duplicate dev_id !10
  * fuser: Only check pathname on non-block devices !31
- Rebase 0001-Use-mountinfo-to-be-able-to-use-the-mount-identity.patch
- Rebase 0002-Use-new-statx-2-system-call-to-avoid-hangs-on-NFS.patch
- Port psmisc-22.21-pstree.patch
- Delete psmisc-v23.3-selinux.patch as not needed anymore
- Rename psmisc-v23.3.dif which is now psmisc-v23.4.dif with correct offsets

==== python-ipython ====
Version update (7.30.1 -> 8.0.1)

- Update to 8.0.1
  * Security fix CVE-2022-21699: change some default values in
    order to prevent potential Execution with Unnecessary
    Privileges.
  * Almost all version of IPython looks for configuration and
    profiles in current working directory. Since IPython was
    developed before pip and environments existed it was used a
    convenient way to load code/packages in a project dependant
    way.
  * In 2022, it is not necessary anymore, and can lead to confusing
    behavior where for example cloning a repository and starting
    IPython or loading a notebook from any Jupyter-Compatible
    interface that has ipython set as a kernel can lead to code
    execution.
  * The current working directory is not searched anymore for
    profiles or configurations files.
  * Added a __patched_cves__ attribute (set of strings) to IPython
    module that contain the list of fixed CVE. This is
    informational only.
- Fixes boo#1194936, CVE-2022-21699
- Update requirements.
- Requires the full stdlib including sqlite3
- Revert some spec-cleaner edits
- Update to 8.0.0:
  - Minimum supported traitlets version if now 5+
  - we now require stack_data
  - Minimal Python is now 3.8
  - pytest replaces nose.
  - iptest/iptest3 cli entrypoints do not exists anymore.
  - minimum officially support numpy version has been bumped, but
    this should not have much effect on packaging.
  - Backport some fixes for Python 3.10 (PR #13412)
  - use full-alpha transparency on dvipng rendered LaTeX (PR #13372)
  - Traceback improvements
  - Autosuggestons
  - Show pinfo information in ipdb using ??? and ????
  - Autoreload 3 feature
  - Auto formatting with black in the CLI
  - History Range Glob feature
  - Don?t start a multi line cell with sunken parenthesis
  - IPython shell for ipdb interact
  - Automatic Vi prompt stripping
  - Empty History Ranges
  - Windows time-implementation: Switch to process_time
  - Re-added support for XDG config directories
- Add skip-network-test.patch to skip (gh#ipython/ipython#13468).

==== rpm-config-SUSE ====
Version update (0.g89 -> 0.g93)

- Update to version 0.g93:
  * locale.attr: Match all files inside LC_MESSAGES (boo#1194865)
  * remove leap_version as it's obsolete

==== spamassassin ====
Subpackages: perl-Mail-SpamAssassin spamassassin-spamc

- Drop ProtectHome from spamd.service and spampd.service. Unfortunately
  spamassing writes there, so ProtectHome=read-only doesn't work.
  Whitelisting a specific part has a too high chance of breaking for
  this package (bsc#1193248)

==== sssd ====
Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-32bit sssd-krb5-common sssd-ldap

- Upgrade LDB_DIR shell variable to %ldbdir macro.

==== systemd-rpm-macros ====
Version update (14 -> 15)

- Bump to version 15
- %sysusers_create_inline was wrongly marked as deprecated
- %sysusers_create can be useful in certain cases and won't go away until we'll
  move to file triggers. So don't mark it as deprecated too