Packages changed:
  dracut (059+suse.538.ge7a5cff9 -> 059+suse.549.gc9f63878)
  gcc13 (13.2.1+git8250 -> 13.2.1+git8285)
  glibc
  gtk4 (4.12.4 -> 4.12.5)
  ibus
  ibus_gtk4
  installation-images-MicroOS (17.113 -> 17.114)
  pam
  pam-full-src
  python311 (3.11.7 -> 3.11.8)
  python311-core (3.11.7 -> 3.11.8)

=== Details ===

==== dracut ====
Version update (059+suse.538.ge7a5cff9 -> 059+suse.549.gc9f63878)
Subpackages: dracut-ima

- Update to version 059+suse.549.gc9f63878:
  * fix(overlayfs): split overlayfs mount in two steps (bsc#1219778)
  * fix(dracut-init.sh): handle decompress with `--sysroot`
  * fix(i18n): handle keymap includes with `--sysroot`
  * fix(dracut-systemd): replace `rd.udev.log-priority` with `rd.udev.log_level`
  * fix(i18n): handle symlinked keymap

==== gcc13 ====
Version update (13.2.1+git8250 -> 13.2.1+git8285)
Subpackages: cpp13 libatomic1 libgcc_s1 libgfortran5 libgomp1 libobjc4 libquadmath0 libstdc++6 libstdc++6-locale libstdc++6-pp libubsan1

- Add gcc13-sanitizer-remove-crypt-interception.patch to remove
  crypt and crypt_r interceptors.  The crypt API change in SLE15 SP3
  breaks them.  [bsc#1219520]
- Update to gcc-13 branch head, 67ac78caf31f7cb3202177e642, git8285
- Add gcc13-pr88345-min-func-alignment.diff to add support for
  - fmin-function-alignment.  [bsc#1214934]

==== glibc ====
Subpackages: glibc-extra glibc-lang glibc-locale glibc-locale-base

- Add libnsl1 to baselibs.conf (bsc#1219640)
- arm-dl-start-user.patch: arm: Remove wrong ldr from _dl_start_user (BZ
  [#31339])

==== gtk4 ====
Version update (4.12.4 -> 4.12.5)
Subpackages: gtk4-lang gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0

- Update to version 4.12.5:
  + GtkColumnView: Fix a crash on dispose.
  + GtkEmojiChooser:
  - Update to CLDR v44.
  - Add more translations.
  + GtkFileDialog:
  - Return an error if no file is selected.
  - Make closing the portal file chooser work.
  + GtkDropDown: Fix display of the initial checkmark.
  + GtkShortcutsWindow: Reduce the minimum width.
  + GDK: Make the png loader safer against overflow.
  + Wayland: Fix cursor handling with graphics tablets.

==== ibus ====
Subpackages: ibus-dict-emoji ibus-gtk ibus-gtk3 ibus-lang libibus-1_0-5 typelib-1_0-IBus-1_0

- Fix dead keys with non-English keyboard in some applications
  (MAME, Wine) (boo#1218135)
  ibus-complete-preedit-signals-for-postprocesskeyevent.patch
  ibus-enginesimple-dont-commit-any-characters.patch

==== ibus_gtk4 ====

- Fix dead keys with non-English keyboard in some applications
  (MAME, Wine) (boo#1218135)
  ibus-complete-preedit-signals-for-postprocesskeyevent.patch
  ibus-enginesimple-dont-commit-any-characters.patch

==== installation-images-MicroOS ====
Version update (17.113 -> 17.114)

- merge gh#openSUSE/installation-images#693
- remove explicit dependency on libopenssl*-hmac (bsc#1219762)
- 17.114

==== pam ====

- pam.tmpfiles: Make sure the content of the /run directories get
  removed in case of a soft-reboot

==== pam-full-src ====

- pam.tmpfiles: Make sure the content of the /run directories get
  removed in case of a soft-reboot

==== python311 ====
Version update (3.11.7 -> 3.11.8)
Subpackages: python311-curses python311-dbm

- Update to 3.11.8:
  - Security
  - gh-113659: Skip .pth files with names starting with a dot or
    hidden file attribute.
  - Core and Builtins
  - gh-114887: Changed socket type validation in
    create_datagram_endpoint() to accept all non-stream sockets.
    This fixes a regression in compatibility with raw sockets.
  - gh-114388: Fix a RuntimeWarning emitted when assign an
    integer-like value that is not an instance of int to an
    attribute that corresponds to a C struct member of type T_UINT
    and T_ULONG. Fix a double RuntimeWarning emitted when assign a
    negative integer value to an attribute that corresponds to a C
    struct member of type T_UINT.
  - gh-89811: Check for a valid tp_version_tag before performing
    bytecode specializations that rely on this value being usable.
  - gh-113602: Fix an error that was causing the parser to try to
    overwrite existing errors and crashing in the process. Patch by
    Pablo Galindo
  - gh-113566: Fix a 3.11-specific crash when the repr of a Future
    is requested after the module has already been
    garbage-collected.
  - gh-106905: Use per AST-parser state rather than global state to
    track recursion depth within the AST parser to prevent potential
    race condition due to simultaneous parsing.
  - The issue primarily showed up in 3.11 by multithreaded users of
    ast.parse(). In 3.12 a change to when garbage collection can be
    triggered prevented the race condition from occurring.
  - gh-112716: Fix SystemError in the import statement and in
    __reduce__() methods of builtin types when __builtins__ is not a
    dict.
  - gh-105967: Workaround a bug in Apple’s macOS platform zlib
    library where zlib.crc32() and binascii.crc32() could produce
    incorrect results on multi-gigabyte inputs. Including when using
    zipfile on zips containing large data.
  - gh-94606: Fix UnicodeEncodeError when
    email.message.get_payload() reads a message with a Unicode
    surrogate character and the message content is not well-formed
    for surrogateescape encoding. Patch by Sidney Markowitz.
  - Library
  - gh-114965: Update bundled pip to 24.0
  - gh-114959: tarfile no longer ignores errors when trying to
    extract a directory on top of a file.
  - gh-109475: Fix support of explicit option value “–” in argparse
    (e.g. --option=--).
  - gh-110190: Fix ctypes structs with array on Windows ARM64
    platform by setting MAX_STRUCT_SIZE to 32 in stgdict. Patch by
    Diego Russo
  - gh-113280: Fix a leak of open socket in rare cases when error
    occurred in ssl.SSLSocket creation.
  - gh-77749: email.policy.EmailPolicy.fold() now always encodes
    non-ASCII characters in headers if utf8 is false.
  - gh-114492: Make the result of termios.tcgetattr() reproducible
    on Alpine Linux. Previously it could leave a random garbage in
    some fields.
  - gh-75128: Ignore an OSError in
    asyncio.BaseEventLoop.create_server() when IPv6 is available but
    the interface cannot actually support it.
  - gh-114257: Dismiss the FileNotFound error in
    ctypes.util.find_library() and just return None on Linux.
  - gh-101438: Avoid reference cycle in ElementTree.iterparse. The
    iterator returned by ElementTree.iterparse may hold on to a file
    descriptor. The reference cycle prevented prompt clean-up of the
    file descriptor if the returned iterator was not exhausted.
  - gh-104522: OSError raised when run a subprocess now only has
    filename attribute set to cwd if the error was caused by a
    failed attempt to change the current directory.
  - gh-109534: Fix a reference leak in
    asyncio.selector_events.BaseSelectorEventLoop when SSL
    handshakes fail. Patch contributed by Jamie Phan.
  - gh-114077: Fix possible OverflowError in
    socket.socket.sendfile() when pass count larger than 2 GiB on
    32-bit platform.
  - gh-114014: Fixed a bug in fractions.Fraction where an invalid
    string using d in the decimals part creates a different error
    compared to other invalid letters/characters. Patch by Jeremiah
    Gabriel Pascual.
  - gh-113951: Fix the behavior of tag_unbind() methods of
    tkinter.Text and tkinter.Canvas classes with three arguments.
    Previously, widget.tag_unbind(tag, sequence, funcid) destroyed
    the current binding for sequence, leaving sequence unbound, and
    deleted the funcid command. Now it removes only funcid from the
    binding for sequence, keeping other commands, and deletes the
    funcid command. It leaves sequence unbound only if funcid was
    the last bound command.
  - gh-113877: Fix tkinter method winfo_pathname() on 64-bit
    Windows.
  - gh-113781: Silence unraisable AttributeError when warnings are
    emitted during Python finalization.
  - gh-113594: Fix UnicodeEncodeError in email when re-fold lines
    that contain unknown-8bit encoded part followed by
    non-unknown-8bit encoded part.
  - gh-113538: In asyncio.StreamReaderProtocol.connection_made(),
    there is callback that logs an error if the task wrapping the
    “connected callback” fails. This callback would itself fail if
    the task was cancelled. Prevent this by checking whether the
    task was cancelled first. If so, close the transport but don’t
    log an error.
  - gh-85567: Fix resource warnings for unclosed files in pickle and
    ... changelog too long, skipping 159 lines ...
  - support-expat-CVE-2022-25236-patched.patch

==== python311-core ====
Version update (3.11.7 -> 3.11.8)
Subpackages: libpython3_11-1_0 python311-base

- Update to 3.11.8:
  - Security
  - gh-113659: Skip .pth files with names starting with a dot or
    hidden file attribute.
  - Core and Builtins
  - gh-114887: Changed socket type validation in
    create_datagram_endpoint() to accept all non-stream sockets.
    This fixes a regression in compatibility with raw sockets.
  - gh-114388: Fix a RuntimeWarning emitted when assign an
    integer-like value that is not an instance of int to an
    attribute that corresponds to a C struct member of type T_UINT
    and T_ULONG. Fix a double RuntimeWarning emitted when assign a
    negative integer value to an attribute that corresponds to a C
    struct member of type T_UINT.
  - gh-89811: Check for a valid tp_version_tag before performing
    bytecode specializations that rely on this value being usable.
  - gh-113602: Fix an error that was causing the parser to try to
    overwrite existing errors and crashing in the process. Patch by
    Pablo Galindo
  - gh-113566: Fix a 3.11-specific crash when the repr of a Future
    is requested after the module has already been
    garbage-collected.
  - gh-106905: Use per AST-parser state rather than global state to
    track recursion depth within the AST parser to prevent potential
    race condition due to simultaneous parsing.
  - The issue primarily showed up in 3.11 by multithreaded users of
    ast.parse(). In 3.12 a change to when garbage collection can be
    triggered prevented the race condition from occurring.
  - gh-112716: Fix SystemError in the import statement and in
    __reduce__() methods of builtin types when __builtins__ is not a
    dict.
  - gh-105967: Workaround a bug in Apple’s macOS platform zlib
    library where zlib.crc32() and binascii.crc32() could produce
    incorrect results on multi-gigabyte inputs. Including when using
    zipfile on zips containing large data.
  - gh-94606: Fix UnicodeEncodeError when
    email.message.get_payload() reads a message with a Unicode
    surrogate character and the message content is not well-formed
    for surrogateescape encoding. Patch by Sidney Markowitz.
  - Library
  - gh-114965: Update bundled pip to 24.0
  - gh-114959: tarfile no longer ignores errors when trying to
    extract a directory on top of a file.
  - gh-109475: Fix support of explicit option value “–” in argparse
    (e.g. --option=--).
  - gh-110190: Fix ctypes structs with array on Windows ARM64
    platform by setting MAX_STRUCT_SIZE to 32 in stgdict. Patch by
    Diego Russo
  - gh-113280: Fix a leak of open socket in rare cases when error
    occurred in ssl.SSLSocket creation.
  - gh-77749: email.policy.EmailPolicy.fold() now always encodes
    non-ASCII characters in headers if utf8 is false.
  - gh-114492: Make the result of termios.tcgetattr() reproducible
    on Alpine Linux. Previously it could leave a random garbage in
    some fields.
  - gh-75128: Ignore an OSError in
    asyncio.BaseEventLoop.create_server() when IPv6 is available but
    the interface cannot actually support it.
  - gh-114257: Dismiss the FileNotFound error in
    ctypes.util.find_library() and just return None on Linux.
  - gh-101438: Avoid reference cycle in ElementTree.iterparse. The
    iterator returned by ElementTree.iterparse may hold on to a file
    descriptor. The reference cycle prevented prompt clean-up of the
    file descriptor if the returned iterator was not exhausted.
  - gh-104522: OSError raised when run a subprocess now only has
    filename attribute set to cwd if the error was caused by a
    failed attempt to change the current directory.
  - gh-109534: Fix a reference leak in
    asyncio.selector_events.BaseSelectorEventLoop when SSL
    handshakes fail. Patch contributed by Jamie Phan.
  - gh-114077: Fix possible OverflowError in
    socket.socket.sendfile() when pass count larger than 2 GiB on
    32-bit platform.
  - gh-114014: Fixed a bug in fractions.Fraction where an invalid
    string using d in the decimals part creates a different error
    compared to other invalid letters/characters. Patch by Jeremiah
    Gabriel Pascual.
  - gh-113951: Fix the behavior of tag_unbind() methods of
    tkinter.Text and tkinter.Canvas classes with three arguments.
    Previously, widget.tag_unbind(tag, sequence, funcid) destroyed
    the current binding for sequence, leaving sequence unbound, and
    deleted the funcid command. Now it removes only funcid from the
    binding for sequence, keeping other commands, and deletes the
    funcid command. It leaves sequence unbound only if funcid was
    the last bound command.
  - gh-113877: Fix tkinter method winfo_pathname() on 64-bit
    Windows.
  - gh-113781: Silence unraisable AttributeError when warnings are
    emitted during Python finalization.
  - gh-113594: Fix UnicodeEncodeError in email when re-fold lines
    that contain unknown-8bit encoded part followed by
    non-unknown-8bit encoded part.
  - gh-113538: In asyncio.StreamReaderProtocol.connection_made(),
    there is callback that logs an error if the task wrapping the
    “connected callback” fails. This callback would itself fail if
    the task was cancelled. Prevent this by checking whether the
    task was cancelled first. If so, close the transport but don’t
    log an error.
  - gh-85567: Fix resource warnings for unclosed files in pickle and
    ... changelog too long, skipping 159 lines ...
  - support-expat-CVE-2022-25236-patched.patch