Packages changed:
  firewalld (1.3.0 -> 1.3.1)
  glib2-branding-openSUSE
  gnome-settings-daemon (44.0 -> 44.1)
  grub2
  gtk4
  libXft (2.3.7 -> 2.3.8)
  libXpm (3.5.15 -> 3.5.16)
  libopenmpt (0.6.9 -> 0.6.10)
  libstorage-ng (4.5.95 -> 4.5.96)
  libyui (4.5.0 -> 4.5.1)
  libyui-ncurses (4.5.0 -> 4.5.1)
  libyui-ncurses-pkg (4.5.0 -> 4.5.1)
  libyui-qt (4.5.0 -> 4.5.1)
  libyui-qt-graph (4.5.0 -> 4.5.1)
  libyui-qt-pkg (4.5.0 -> 4.5.1)
  open-iscsi
  openexr (3.1.6 -> 3.1.7)
  podman (4.4.4 -> 4.5.0)
  powerdevil5
  publicsuffix (20230226 -> 20230414)
  python-redis (4.3.3 -> 4.5.4)
  redis (7.0.8 -> 7.0.11)
  snapper

=== Details ===

==== firewalld ====
Version update (1.3.0 -> 1.3.1)
Subpackages: firewalld-bash-completion firewalld-lang python3-firewall

- update to 1.3.1:
  * fix(fw_nm): use IP interface names for connection lookup (18c8b81)
  * fix(fw_policy): raise exceptions (5ae9322)
  * fix(service): include: when used with rich rule (986f0be)
  * fix(nftables): rich: log: limit was not taking effect (0dc0575)
  * fix(build): rpm must build all as prerequisite (6896748)
  * fix: use error codes for FirewallError instances (370e5f2)
  * fix(ipset): chunk entries when restoring set (8a88855)
  * fix(applet): allows using KDE network connection editor (29c8ef6)

==== glib2-branding-openSUSE ====

- prefer org.gnome.TextEditor.desktop instead of gedit.
  patterns-gnome was changed to install TextEditor (boo#1210648).

==== gnome-settings-daemon ====
Version update (44.0 -> 44.1)
Subpackages: gnome-settings-daemon-lang

- Update to version 44.1:
  + Build improvements
  + Power:
  - Connect to light sensor asynchronously
  - Initialize check for VM environment earlier
  + Rfkill: Monitor WwanEnabled property changes properly
  + Smartcards: Check for the addition of new smartcard readers
  + Xsettings: Do not force deprecated High Contrast icon theme
  + Updated translations.
- Use autopatch.

==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi

- Fix no prep partition error on non-PReP architectures by making the
  prep_loadenv module exclusive to powerpc_ieee1275 platform (bsc#1210489)
  * 0004-Introduce-prep_load_env-command.patch
- Fix the issue of freeing an uninitialized pointer
  * 0002-prep_loadenv-Fix-regex-for-Open-Firmware-device-spec.patch
- Rediff
  * 0005-export-environment-at-start-up.patch
  * 0009-Add-crypttab_entry-to-obviate-the-need-to-input-pass.patch

==== gtk4 ====
Subpackages: gtk4-lang gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0

- Place English translations in the tools sub-package instead of
  lang. This should offer translations for the main English locales
  without the need to install any additional package by default.
- Add "file-not-in-%lang" RPM Lint warning to rpmlintrc file for
  the reason above.
- Drop "shlib-policy-name-error" unused filter from rpmlintrc.

==== libXft ====
Version update (2.3.7 -> 2.3.8)

- Updat to version 2.3.8
  * configure: Use LT_INIT from libtool 2 instead of deprecated
    AC_PROG_LIBTOOL
  * add check for missing glyph in XftFontCheckGlyph()
  * issue 17: libxft-2.3.7: Bold fonts in urxvt missing leftmost pixels
  * issue 18: Problems with rotated text (monospace font only)

==== libXpm ====
Version update (3.5.15 -> 3.5.16)

- update to 3.5.16:
  * test: skip compressed file tests when --disable-open-zfile is used
  * gitlab CI: build with each of --enable-open-zfile & --disable-open-zfile
  * configure: correct error message to suggest --disable-open-zfile
  * open-zfile: Make compress & uncompress commands optional
  * Require LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL
  * XpmCreateDataFromXpmImage: Fix misleading indentation
  * parse.c: Wrap FREE_CIDX definition in do { ... } while(0)
  * parse.c: remove unused function xstrlcpy()
  * test: Use PACKAGE_BUGREPORT instead of hard-coded URL's
  * test: Add simple test cases for functions in src/rgb.c
  * xpmReadRgbNames: constify filename argument
  * Fix a memleak in ParsePixels error code path

==== libopenmpt ====
Version update (0.6.9 -> 0.6.10)

- Update to 0.6.10
  * [Bug] File probing and loading results could be inconsistent
    for SFX files, so that probing could claim that a file is
    definitely not playable even if it would be.
  * MOD: VBlank heuristics are now applied to MOD files with M!K!
    signature. Fixes mod.siedler ii.
  * NoiseTracker MODs are now always played with VBlank timing.
  * MED: Add support for default instrument pitch.
  * MED: Global play transpose value was not considered for MMD0
    files.
  * 669: Reject files with lots of control characters in song
    message.
  * mpg123: Update to v1.31.3 (2023-03-19).

==== libstorage-ng ====
Version update (4.5.95 -> 4.5.96)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1

- Translated using Weblate (Georgian) (bsc#1149754)
- 4.5.96

==== libyui ====
Version update (4.5.0 -> 4.5.1)

- Qt UI: Fixed loading icons from an absolute path (bsc#1210591)
  https://github.com/libyui/libyui/pull/94
- 4.5.1

==== libyui-ncurses ====
Version update (4.5.0 -> 4.5.1)

- Qt UI: Fixed loading icons from an absolute path (bsc#1210591)
  https://github.com/libyui/libyui/pull/94
- 4.5.1

==== libyui-ncurses-pkg ====
Version update (4.5.0 -> 4.5.1)

- Qt UI: Fixed loading icons from an absolute path (bsc#1210591)
  https://github.com/libyui/libyui/pull/94
- 4.5.1

==== libyui-qt ====
Version update (4.5.0 -> 4.5.1)

- Qt UI: Fixed loading icons from an absolute path (bsc#1210591)
  https://github.com/libyui/libyui/pull/94
- 4.5.1

==== libyui-qt-graph ====
Version update (4.5.0 -> 4.5.1)

- Qt UI: Fixed loading icons from an absolute path (bsc#1210591)
  https://github.com/libyui/libyui/pull/94
- 4.5.1

==== libyui-qt-pkg ====
Version update (4.5.0 -> 4.5.1)

- Qt UI: Fixed loading icons from an absolute path (bsc#1210591)
  https://github.com/libyui/libyui/pull/94
- 4.5.1

==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0

- Remove "--strip" in SPEC file for meson build, so that
  debuginfo is generated. (from mwilck) (bsc#1210536)

==== openexr ====
Version update (3.1.6 -> 3.1.7)
Subpackages: libIex-3_1-30 libIlmThread-3_1-30 libOpenEXR-3_1-30

- update to 3.1.7:
  * Patch release that fixes a build regression on ARMv7, and
    fixes a build issue with zlib.

==== podman ====
Version update (4.4.4 -> 4.5.0)
Subpackages: podman-cni-config

- Update to version 4.5.0:
  * Release v4.5.0
  * [CI:DOCS] Final release notes for v4.5.0
  * Quadlet - do not set log-driver by default
  * Return title fields as a list
  * Bump to v4.5.0-dev
  * Bump to v4.5.0-RC2
  * Final release notes for v4.5.0-RC2
  * test/e2e: remove unnecessary SkipIfNetavark() calls
  * test/e2e: deduplicated network test
  * docs: update podman-network-create.1
  * network create: add --interface-name
  * test/system/252-quadlet.bats: fix flake
  * Read kube_generate_type from containers.conf
  * Debian setup: workaround for runc /dev/char/10:200 bug
  * pkg/rootless: use catatonit from /usr/libexec/podman
  * rootless: make sure we only use a single pause process
  * Use atomic config writing strategy for podman machine config files
  * Add remaining release notes for v4.5.0-RC2
  * GHA: Use version instead of SHA for actions
  * chore(deps): update dependency containers/automation_images to v20230405
  * build: pass env by reference
  * test: retrofit error message
  * test/system: expect 12 char for short id
  * vendor: bump containers/(storage, common, buildah, image)
  * [skip-ci] Update actions/upload-artifact action to v3
  * [skip-ci] Update actions/stale action to v8
  * [skip-ci] Update actions/setup-go action to v4
  * [skip-ci] Update github/issue-labeler action to v2.6
  * Fix up codespell errors
  * Capitalize all uid,gid and id words that are not options in docs
  * build(deps): bump golang.org/x/tools from 0.7.0 to 0.8.0 in /test/tools
  * Properly remove the service container during kube down
  * quadlet: add `UserNS` option key
  * [CI:DOCS] Release notes for 4.5.0 Part 1
  * "podman pull by digest and list --all" test: untag instead of rmi
  * build(deps): bump golang.org/x/text from 0.8.0 to 0.9.0
  * Add renovate.json configuration
  * CI: postbuild step: skip under nightly treadmill
  * The `--ulimit` option accepts the name with an `RLIMIT_` prefix both upper and lower case
  * test/e2e: use custom network config dir where needed
  * chore: replace `github.com/ghodss/yaml` with `sigs.k8s.io/yaml`
  * update completion scripts for cobra v1.7.0
  * libpod.storageService.CreateContainerStorage(): retrieve ID maps
  * Fix invalid pod name and hostname during kube generate
  * e2e tests: fix racy flakes
  * Cirrus: Enable labeling of EC2 VMs
  * Cirrus: Fix aarch64 clone_script 404 errors
  * e2e: GinkgoParallelNode() -> ...Process()
  * build(deps): bump github.com/spf13/cobra from 1.6.1 to 1.7.0
  * build(deps): bump golang.org/x/sys from 0.6.0 to 0.7.0
  * [CI:DOCS] --creds and registries
  * Copr: fix build deps for /usr/bin/envsubst
  * Don't error when removing non-existant env vars
  * e2e: healthcheck on stopped container: fix flake
  * test/apiv2/80-kube.at
  * test/apiv2/80-kube.at
  * system service: do not close Body
  * rm `hack/release.sh`
  * build(deps): bump github.com/onsi/gomega from 1.27.5 to 1.27.6
  * add `quadlet -version` flag
  * add version/rawversion package
  * quadlet: use `Flag` suffix for variables
  * quadlet: implement `Tmpfs` option
  * Bump to v4.5.0-dev
  * Bump to 4.5.0-rc1
  * Update release notes from 4.4 branch
  * rootless netns: recover from invalid netns
  * System tests: unverbosify a flake log
  * Add support for secret exists
  * Fix Win install task failures with large PR bodies
  * docs: add `starting` to `HealthCheckResults.Status`
  * Add support for cgroup_config from containers.conf
  * libpod: mount safely subpaths
  * Support Deployment generation with kube generate
  * Use secret.items to create volume mounts if present
  * [CI:DOCS] fix typo in --systemd option
  * rootless: drop preexec hook error message
  * Edit the docker wrapper to use the install prefix
  * Update podman-for-windows.md
  * Quadlet: RemapUsers documentation fixes
  * speed up image listing
  * vendor containers/common@e27c30ee9b1b
  * fix volume-plugin-test flake
  * Document building Podman remote on Windows hosts
  * test/e2e: gpg keep stdout/err attached
  * auto-update: stop+start instead of restart sytemd units
  * [CI:DOCS] Improve basic tutorial
  * Update docs/source/markdown/podman-network.1.md
  * Add debug to --wait test
  * fix slirp4netns resolv.conf ip with a userns
  * Quadlet: add support for keep-id with mapping values
  * Quadlet E2E test - run quadlet as user generator
  * sqlite: do not `Ping()` after connecting
  * Quadlet - treat paths starting with systemd specifiers as absolute
  * Update docs/source/markdown/podman-kube-play.1.md.in
  * system tests: use CONTAINERS_CONF_OVERRIDE
  * implement podman machine set for hyperv
  * [CI:DOCS] Add network subnets info to network man page
    ... changelog too long, skipping 332 lines ...
- Don't build against EoL go versions, fixes bsc#1210299

==== powerdevil5 ====
Subpackages: powerdevil5-lang

- Cleanup build dependencies:
  * Remove unused KDELibs4Support and KF5Wayland
  * Explicitly add KF5Crash, KF5DocTools and KF5Notifications
  * Update required versions.

==== publicsuffix ====
Version update (20230226 -> 20230414)

- Update to version 20230414:
  * util: gTLD data autopull updates for 2023-04-14T15:13:16 UTC (#1738)
  * Change - update comments/policy for the French ccTLDs (`.fr`, `.pm`, `.re`, `.tf`, `.wf`, `.yt`) by Administrator (#1732)
  * New policy for .museum, without all the SLD (Second-Level Domains) (#1729)
  * Add ladesk.com (#1538)
  * util: gTLD data autopull updates for 2023-03-18T15:13:12 UTC (#1723)
  * util: gTLD data autopull updates for 2023-03-08T15:15:40 UTC (#1714)
  * Additional ngrok domains - more `ngrok.io` from #48 + `ngrok.app` `ngrok-free.app` `ngrok.dev` `ngrok-free.dev` `ngrok.pizza` (#1653)
  * Add `ie.ua` (#1597)

==== python-redis ====
Version update (4.3.3 -> 4.5.4)

- Update to 4.5.4:
  * Security
    + Cancelling an async future does not, properly trigger, leading to a
    potential data leak in specific cases. (CVE-2023-28858, bsc#1209811)
    + Cancelling an async future does not, properly trigger, leading to a
    potential data leak in specific cases. (CVE-2023-28859, bsc#1209812)
  * New Features
    + Introduce AbstractConnection so that UnixDomainSocketConnection can
    call super().init (#2588)
    + Added queue_class to REDIS_ALLOWED_KEYS (#2577)
    + Made search document subscriptable (#2615)
    + Sped up the protocol parsing (#2596)
    + Use hiredis::pack_command to serialized the commands. (#2570)
    + Add support for unlink in cluster pipeline (#2562)
  * Bug Fixes
    + Fixing cancelled async futures (#2666)
    + Fix: do not use asyncio's timeout lib before 3.11.2 (#2659)
    + Fix UDS in v4.5.2: UnixDomainSocketConnection missing constructor
    argument (#2630)
    + CWE-404 AsyncIO Race Condition Fix (#2624, #2579)
    + Fix behaviour of async PythonParser to match RedisParser as for
    issue #2349 (#2582)
    + Replace async_timeout by asyncio.timeout (#2602)
    + Update json().arrindex() default values (#2611)
    + Fix #2581 UnixDomainSocketConnection object has no attribute
    _command_packer (#2583)
    + Fix issue with pack_commands returning an empty byte sequence (#2416)
    + Async HiredisParser should finish parsing after a
    Connection.disconnect() (#2557)
    + Check for none, prior to raising exception (#2569)
    + Tuple function cannot be passed more than one argument (#2573)
    + Synchronise concurrent command calls to single-client to single-client
    mode (#2568)
    + Async: added 'blocking' argument to call lock method (#2454)
    + Added a replacement for the default cluster node in the event of
    failure. (#2463)
    + Fixed geosearch: Wrong number of arguments for geosearch command (#2464)
- Clean up BuildRequires and Requires.
- Disable broken test test_xautoclaim gh#redis/redis-py#2554
- udpate to 4.3.5:
  * Add support for TIMESERIES 1.8 (#2296)
  * Graph - add counters for removed labels and properties (#2292)
  * Add support for TDIGEST.QUANTILE extensions (#2317)
  * Add TDIGEST.TRIMMED_MEAN (#2300)
  * Add support for async GRAPH module (#2273)
  * Support TDIGEST.MERGESTORE and make compression optional on TDIGEST.CREATE
    (#2319)
  * Adding reserve as an alias for create, so that we have BF.RESERVE and
    CF.RESERVE accuratenly supported (#2331)
  * Fix async connection.is_connected to return a boolean value (#2278)
  * Fix: workaround asyncio bug on connection reset by peer (#2259)
  * Fix crash: key expire while search (#2270)
  * Async cluster: fix concurrent pipeline (#2280)
  * Fix async SEARCH pipeline (#2316)
  * Fix KeyError in async cluster - initialize before execute multi key
    commands (#2439)
  * Supply chain risk reduction: remove dependency on library named deprecated
    (#2386)
  * Search test - Ignore order of the items in the response (#2322)
  * Fix GRAPH.LIST & TDIGEST.QUANTILE tests (#2335)
  * Fix TimeSeries range aggregation (twa) tests (#2358)
  * Mark TOPK.COUNT as deprecated (#2363)
- update to 4.3.4:
  * Fix backward compatibility from 4.3.2 in Lock.acquire()
  * Fix XAUTOCLAIM to return the full response, instead of only keys 2+
  * Added dynamic_startup_nodes configuration to RedisCluster.
  * Fix retries in async mode
  * Async cluster: fix simultaneous initialize
  * Uppercased commands in CommandsParser.get_keys
  * Late eval of the skip condition in async tests
  * Reuse the old nodes' connections when a cluster topology refresh is being done
  * Docs: add pipeline examples
  * Correct retention_msecs value
  * Cluster: use pipeline to execute split commands
  * Docs: Add a note about client_setname and client_name difference

==== redis ====
Version update (7.0.8 -> 7.0.11)

- redis 7.0.11
  - (CVE-2023-28856) Authenticated users can use the HINCRBYFLOAT
    command to create an invalid hash field that will crash Redis
    on access (boo#1210548)
  - Add a missing fsync of AOF file in rare cases
  - Disconnect pub-sub subscribers when revoking allchannels
    permission
  - Fix a compiler fortification induced crash when used with link
    time optimizations
- Drop get-old-size-calculations.patch:
  replaced with proper fix
- Added get-old-size-calculations.patch:
  my workaround for https://github.com/redis/redis/issues/11965
- redis 7.0.10
  * CVE-2023-28425: Specially crafted MSETNX command can lead to
    assertion and denial-of-service (boo#1209528)
  * Large blocks of replica client output buffer may lead to psync
    loops and unnecessary memory usage
  * Fix CLIENT REPLY OFF|SKIP to not silence push notifications
  * Trim excessive memory usage in stream nodes when exceeding
    `stream-node-max-bytes`
  * Fix module RM_Call commands failing with OOM when maxmemory is
    changed to zero
- redis 7.0.9
  * CVE-2023-25155: Specially crafted SRANDMEMBER, ZRANDMEMBER, and
    HRANDFIELD commands can trigger an integer overflow, resulting
    in a runtime assertion and termination of the Redis server
    process. Previously patched, drop
    Integer-Overflow-in-RAND-commands-can-lead-to-assert.patch
  * CVE-2022-36021: String matching commands (like SCAN or KEYS)
    with a specially crafted pattern to trigger a denial-of-service
    attack on Redis, causing it to hang and consume 100% CPU time.
    Previously upatched, drop
    String-pattern-matching-had-exponential-time-complex.patch
  * Fix a crash when reaching the maximum invalidations limit of
    client-side tracking
  * Fix a crash when SPUBLISH is used after passing the
    cluster-link-sendbuf-limit
  * Fix possible memory corruption in FLUSHALL when a client
    watches more than one key
  * Fix cluster inbound link keepalive time
  * Flush propagation list in active-expire of writable replicas to
    fix an assertion
  * Avoid propagating DEL of lazy expire from SCAN and RANDOMKEY as
    MULTI-EXEC
  * Avoid realloc to reduce size of strings when it is unneeded
  * Improve CLUSTER SLOTS reply efficiency for non-continuous slots

==== snapper ====
Subpackages: snapper-zypp-plugin

- allow to show read-only state in list output and allow to
  change read-only state (gh#openSUSE/snapper#804)
- support read-only options for LVM
- allow to set a snapshot as default (gh#openSUSE/snapper#803)
- avoid stale btrfs qgroups on transactional systems (bsc#1210151)