Packages changed:
  Mesa (25.0.1 -> 25.0.2)
  Mesa-drivers (25.0.1 -> 25.0.2)
  autoyast2 (5.0.4 -> 5.0.5)
  crypto-policies (20230920.570ea89 -> 20250124.4d262e7)
  ebook-tools
  gdm
  openSUSE-release (20250321 -> 20250324)
  python-bcrypt (4.2.1 -> 4.3.0)
  shadow (4.17.3 -> 4.17.4)
  sushi
  threadweaver
  time

=== Details ===

==== Mesa ====
Version update (25.0.1 -> 25.0.2)
Subpackages: Mesa-libEGL1 Mesa-libGL1 libgbm1

- Update to release 25.0.2
  - -> https://docs.mesa3d.org/relnotes/25.0.2

==== Mesa-drivers ====
Version update (25.0.1 -> 25.0.2)
Subpackages: Mesa-dri Mesa-gallium Mesa-libva libxatracker2

- Update to release 25.0.2
  - -> https://docs.mesa3d.org/relnotes/25.0.2

==== autoyast2 ====
Version update (5.0.4 -> 5.0.5)
Subpackages: autoyast2-installation

- Allow skipping profile fetch errors by setting
  YAST_SKIP_PROFILE_FETCH_ERROR=1 (see gh#agama-project/agama#2180).
- 5.0.5

==== crypto-policies ====
Version update (20230920.570ea89 -> 20250124.4d262e7)
Subpackages: crypto-policies-scripts

- Allow sshd in FIPS mode when using the DEFAULT policy [bsc#1227370]
  * Add crypto-policies-Allow-sshd-in-FIPS-mode-using-DEFAULT.patch
- Enable SHA1 sigver in the DEFAULT policy.
  * Add crypto-policies-enable-SHA1-sigver-in-DEFAULT.patch
- Fix fips-mode-setup in EFI or Secure Boot mode. [bsc#1227637]
  * Rebase crypto-policies-FIPS.patch
- Remove dangling symlink for the libreswan config [bsc#1236858]
- Remove also sequoia config and generator files
- Remove not needed fips bind mount service
- Update to version 20250124.4d262e7: [bsc#1239009, bsc#1236165]
  * openssl: stricter enabling of Ciphersuites
  * openssl: make use of -CBC and -AESGCM keywords
  * openssl: add TLS 1.3 Brainpool identifiers
  * fix warning on using experimental key_exchanges
  * update-crypto-policies: don't output FIPS warning in fips mode
  * openssh: map mlkem768x25519-sha256 to KEM-ECDH & MLKEM768-X25519 & SHA2-256
  * openssh, libssh: refactor kx maps to use tuples
  * alg_lists: mark MLKEM768/SNTRUP kex experimental
  * nss: revert enabling mlkem768secp256r1
  * nss: add mlkem768x25519 and mlkem768secp256r1, remove xyber
  * gnutls: add GROUP-X25519-MLKEM768 and GROUP-SECP256R1-MLKEM768
  * openssl: use both names for SecP256r1MLKEM768 / X25519MLKEM768
  * openssh, TEST-PQ: rename MLKEM key_exchange to MLKEM768
  * openssh: add support for sntrup761x25519-sha512 and mlkem768x25519-sha256
  * openssl: map NULL to TLS_SHA256_SHA256:TLS_SHA384_SHA384...
  * python/update-crypto-policies: pacify pylint
  * fips-mode-setup: tolerate fips dracut module presence w/o FIPS
  * fips-mode-setup: small Argon2 detection fix
  * SHA1: add __openssl_block_sha1_signatures = 0
  * fips-mode-setup: block if LUKS devices using Argon2 are detected
  * update-crypto-policies: skip warning on --set=FIPS if bootc
  * fips-setup-helper: skip warning, BTW
  * fips-mode-setup: force --no-bootcfg when UKI is detected
  * fips-setup-helper: add a libexec helper for anaconda
  * fips-crypto-policy-overlay: automount FIPS policy
  * openssh: make dss no longer enableble, support is dropped
  * gnutls: wire GROUP-X25519-KYBER768 to X25519-KYBER768
  * DEFAULT: switch to rh-allow-sha1-signatures = no...
  * java: drop unused javasystem backend
  * java: stop specifying jdk.tls.namedGroups in javasystem
  * ec_min_size: introduce and use in java, default to 256
  * java: use and include jdk.disabled.namedCurves
  * BSI: Update BSI policy for new 2024 minimum recommendations
  * fips-mode-setup: flashy ticking warning upon use
  * fips-mode-setup: add another scary "unsupported"
  * CONTRIBUTING.md: add a small section on updating policies
  * CONTRIBUTING.md: remove trailing punctuation from headers
  * BSI: switch to 3072 minimum RSA key size
  * java: make hash, mac and sign more orthogonal
  * java: specify jdk.tls.namedGroups system property
  * java: respect more key size restrictions
  * java: disable anon ciphersuites, tying them to NULL...
  * java: start controlling / disable DTLSv1.0
  * nss: wire KYBER768 to XYBER768D00
  * nss: unconditionally load p11-kit-proxy.so
  * gnutls: make DTLS0.9 controllable again
  * gnutls: retire GNUTLS_NO_TLS_SESSION_HASH
  * openssh: remove OPENSSH_MIN_RSA_SIZE / OPENSSH_MIN_RSA_SIZE_FORCE
  * gnutls: remove extraneous newline
  * sequoia: move away from subprocess.getstatusoutput
  * python/cryptopolicies/cryptopolicies.py: add trailing commas
  * python, tests: rename MalformedLine to MalformedLineError
  * Makefile: introduce SKIP_LINTING flag for packagers to use
  * Makefile: run ruff
  * tests: use pathlib
  * tests: run(check=True) + CalledProcessError where convenient
  * tests: use subprocess.run
  * tests/krb5.py: check all generated policies
  * tests: print to stderr on error paths
  * tests/nss.py: also use encoding='utf-8'
  * tests/nss.py: also use removesuffix
  * tests/nss.py: skip creating tempfiles
  * tests/java.pl -> tests/java.py
  * tests/gnutls.pl -> tests/gnutls.py
  * tests/openssl.pl -> tests/openssl.py
  * tests/verify-output.pl: remove
  * libreswan: do not use up pfs= / ikev2= keywords for default behaviour
  * Rebase patches:
  - crypto-policies-no-build-manpages.patch
  - crypto-policies-policygenerators.patch
  - crypto-policies-supported.patch
  - crypto-policies-nss.patch
- Update to version 20241010.5930b9a:
  * LEGACY: enable 192-bit ciphers for nss pkcs12/smime
  * nss: be stricter with new purposes
  * nss: rewrite backend for 3.101
  * cryptopolicies: parent scopes for dumping purposes
  * policygenerators: move scoping inside generators
  * TEST-PQ: disable pure Kyber768
  * nss: wire XYBER768D00 to X25519-KYBER768
  * TEST-PQ: update
  * TEST-PQ: also enable sntrup761x25519-sha512@openssh.com
  * TEST-PQ, alg_lists, openssl: enable more experimental `sign` values
  * TEST-PQ, python: add more groups, mark experimental
  * openssl: mark liboqsprovider groups optional with ?
  * Remove patches:
  - crypto-policies-revert-rh-allow-sha1-signatures.patch
- Update to version 20240201.9f501f3:
  * .gitlab-ci.yml: install sequoia-policy-config
    ... changelog too long, skipping 21 lines ...
  * pylintrc: use-implicit-booleaness-not-comparison-to-*

==== ebook-tools ====

- Add patch:
  * ebook-tools-cmake4.patch
- Rebase patches
- Drop unneeded baselibs.conf

==== gdm ====
Subpackages: gdm-lang gdm-schema gdm-xdm-integration gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0

- Rebase/fix gdm-switch-to-tty1.patch to fix build against gcc 15.
- Add gdm-settings-utils_rename-variable.patch: Rename variable to
  fix build with gcc 15
  (https://gitlab.gnome.org/GNOME/gdm/-/merge_requests/273).

==== openSUSE-release ====
Version update (20250321 -> 20250324)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd

- automatically generated by openSUSE-release-tools/pkglistgen

==== python-bcrypt ====
Version update (4.2.1 -> 4.3.0)
Subpackages: python311-bcrypt python313-bcrypt

- Update 4.3.0
  * Bump proc-macro2 from 1.0.89 to 1.0.90 in /src/_bcrypt (#916)
  * Bump unicode-ident from 1.0.13 to 1.0.14 in /src/_bcrypt (#915)
  * fixes #917 -- correctly handle a salt that's too short (#918)
  * Bump cpufeatures from 0.2.15 to 0.2.16 in /src/_bcrypt (#919)
  * Bump proc-macro2 from 1.0.90 to 1.0.92 in /src/_bcrypt (#920)
  * Bump syn from 2.0.87 to 2.0.89 in /src/_bcrypt (#921)
  * Fix new ruff warning (#923)
  * Build manylinux 2.34 images (#922)
  * Bump portable-atomic from 1.9.0 to 1.10.0 in /src/_bcrypt (#924)
  * drop py37 (#926)
  * Bump pyo3 from 0.23.1 to 0.23.2 in /src/_bcrypt (#927)
  * Bump libc from 0.2.164 to 0.2.165 in /src/_bcrypt (#928)
  * Bump libc from 0.2.165 to 0.2.166 in /src/_bcrypt (#929)
  * Bump dawidd6/action-download-artifact from 6 to 7 (#932)
  * Bump syn from 2.0.89 to 2.0.90 in /src/_bcrypt (#931)
  * Bump libc from 0.2.166 to 0.2.167 in /src/_bcrypt (#930)
  * Bump pyo3 from 0.23.2 to 0.23.3 in /src/_bcrypt (#933)
  * Bump actions/cache from 4.1.2 to 4.2.0 (#934)
  * Bump libc from 0.2.167 to 0.2.168 in /src/_bcrypt (#935)
  * Bump pypa/gh-action-pypi-publish from 1.12.2 to 1.12.3 (#936)
  * Bump dtolnay/rust-toolchain (#937)
  * Bump actions/upload-artifact from 4.4.3 to 4.5.0 (#938)
  * Bump libc from 0.2.168 to 0.2.169 in /src/_bcrypt (#939)
  * Bump syn from 2.0.90 to 2.0.91 in /src/_bcrypt (#940)
  * Bump quote from 1.0.37 to 1.0.38 in /src/_bcrypt (#942)
  * Bump syn from 2.0.91 to 2.0.92 in /src/_bcrypt (#941)
  * Bump syn from 2.0.92 to 2.0.93 in /src/_bcrypt (#943)
  * Bump syn from 2.0.93 to 2.0.94 in /src/_bcrypt (#944)
  * Bump syn from 2.0.94 to 2.0.95 in /src/_bcrypt (#945)
  * Bump syn from 2.0.95 to 2.0.96 in /src/_bcrypt (#948)
  * Bump actions/upload-artifact from 4.5.0 to 4.6.0 (#947)
  * Bump proc-macro2 from 1.0.92 to 1.0.93 in /src/_bcrypt (#949)
  * Bump pyo3 from 0.23.3 to 0.23.4 in /src/_bcrypt (#950)
  * Support free-threaded Python 3.13 (#925)
  * Switch to nox (#954)
  * use github hosted arm runners in wheel builder (#952)
  * use github hosted arm runners in ci (#951)
  * Bump dawidd6/action-download-artifact from 7 to 8 (#956)
  * Bump pypa/gh-action-pypi-publish from 1.12.3 to 1.12.4 (#957)
  * Bump unicode-ident from 1.0.14 to 1.0.15 in /src/_bcrypt (#958)
  * include matrix.PYTHON.VERSION in CI cache keys (#964)
  * Bump cpufeatures from 0.2.16 to 0.2.17 in /src/_bcrypt (#960)
  * Bump unicode-ident from 1.0.15 to 1.0.16 in /src/_bcrypt (#962)
  * Bump actions/setup-python from 5.3.0 to 5.4.0 (#963)
  * Update getrandom and bcrypt (#966)
  * Bump syn from 2.0.96 to 2.0.98 in /src/_bcrypt (#967)
  * Bump quansight-labs/setup-python from 5.3.1 to 5.4.0 (#968)
  * add support for free-threaded wheels (#955)
  * Bump once_cell from 1.20.2 to 1.20.3 in /src/_bcrypt (#970)
  * Bump unicode-ident from 1.0.16 to 1.0.17 in /src/_bcrypt (#972)
  * Bump typenum from 1.17.0 to 1.18.0 in /src/_bcrypt (#973)
  * Bump actions/cache from 4.2.0 to 4.2.1 (#974)
  * Bump actions/upload-artifact from 4.6.0 to 4.6.1 (#975)
  * Bump libc from 0.2.169 to 0.2.170 in /src/_bcrypt (#976)
  * Bump inout from 0.1.3 to 0.1.4 in /src/_bcrypt (#977)
  * Bump portable-atomic from 1.10.0 to 1.11.0 in /src/_bcrypt (#978)
  * Update PyO3 to 0.23.5 (#980)
  * Bump actions/download-artifact from 4.1.8 to 4.1.9 (#982)
  * Add PyPy 3.11 and armv7l to matrix runner (#983)
  * PyPy 3.11 and armv7l wheels (#984)

==== shadow ====
Version update (4.17.3 -> 4.17.4)
Subpackages: libsubid5 login_defs

- Update to 4.17.4:
  * Revert "lib/, src/: Use local time for human-readable dates"
  * lib/getdate.y: Ignore time-zone information and use UTC
  * src/chfn.c: Partially revert "lib/, src/: Use strsep(3) instead of its pattern"
  * src/chfn.c: Use stpsep() instead of its pattern
  * src/chfn.c: Add local variable to refer to the separated field
  * src/chfn.c: copy_field(): Rename local variable
  * lib/commonio.c: Rely on the POSIX.1-2008 behavior of realpath(3)
  * lib/fs/readlink/: readlinknul(): Use ssize_t to simplify
  * autogen.sh: Promote -Wsign-compare to an error
  * lib/sizeof.h: ssizeof(): Add signed variant of sizeof
  * src/lastlog.c: Use ssizeof() to avoid a -Wsign-compare diagnostic
  * tests/unit/test_xasprintf.c: Fix sign-mismatch diagnostic
  * configure.ac: stop checking for utmp location
  * configure.ac: be deterministic about passwd location
  * lib/, src/: update audit messages
  * lib/: audit function for groups
  * src/: update group audit messages
  * doc/: Remove list of distributions

==== sushi ====
Subpackages: sushi-lang

- Require evince-plugin-pdfdocument to not crash

==== threadweaver ====

- Backport upstream change:
  * threadweaver-cmake4.patch

==== time ====

- Use -std=gnu99 to avoid traps from C23 made default with GCC 15.