Packages changed:
  ImageMagick
  bolt (0.9.10 -> 0.9.11)
  dracut (110+suse.18.g5a7a17b3 -> 110+suse.23.g5d9502c7)
  ell (0.81 -> 0.83)
  expat (2.7.4 -> 2.7.5)
  gegl (0.4.68 -> 0.4.70)
  ldns
  libmaxminddb (1.12.2 -> 1.13.3)
  lzlib (1.15 -> 1.16)
  openSUSE-release (20260330 -> 20260331)
  ovmf
  pipewire
  polkit
  python-attrs (25.4.0 -> 26.1.0)
  python-cryptography
  quota (4.10 -> 4.11)
  tigervnc
  v4l-utils (1.28.1 -> 1.32.0)
  wireless-regdb (20251007 -> 20260318)

=== Details ===

==== ImageMagick ====
Subpackages: ImageMagick-config-7-SUSE libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10

- modified patches
  * ImageMagick-configuration-SUSE.patch (refreshed)
- readd still usefull ImageMagick-s390x-disable-tests.patch

==== bolt ====
Version update (0.9.10 -> 0.9.11)

- update to 0.9.11:
  * Updated NHI PCI IDs: added Maple Ridge, ADL, TGL-H, RPL, MTL, and
    AMD Strix Point USB4 Routers

==== dracut ====
Version update (110+suse.18.g5a7a17b3 -> 110+suse.23.g5d9502c7)

- Update to version 110+suse.23.g5d9502c7:
  NVMeoF boot: avoid network interface renaming (jsc#PED-14341):
  * feat(nvmf): set rd.nvmf.nm=1 if NetworkManager 1.54 is detected
  * feat(nvmf): allow using system interface naming policy
  * feat(nvmf): add dracut.conf option nvmf_nbft_mode
  * feat(nvmf): enable adapting to NBFT reconfiguration
  * fix(dracut.conf.5): move fstab/chroot warning to hostonly_mode section

==== ell ====
Version update (0.81 -> 0.83)

- Update to release 0.83
  * Fix compilation issues with -std=c23 mode.
  * Add additional test vectors for AES-CCM.

==== expat ====
Version update (2.7.4 -> 2.7.5)
Subpackages: libexpat1

- version update to 2.7.5 (bsc#1259711, bsc#1259729, bsc#1259726)
  * CVE-2026-32776 -- Fix NULL function pointer dereference for
    empty external parameter entities; it takes use of both
    functions XML_ExternalEntityParserCreate and
    XML_SetParamEntityParsing for an application to be
    vulnerable.
  * CVE-2026-32777 -- Protect from XML_TOK_INSTANCE_START
    infinite loop in function entityValueProcessor; it takes
    use of both functions XML_ExternalEntityParserCreate and
    XML_SetParamEntityParsing for an application to be
    vulnerable.
  * CVE-2026-32778 -- Fix NULL dereference in function setContext
    on retry after an earlier ouf-of-memory condition; it takes
    use of function XML_ParserCreateNS or XML_ParserCreate_MM
    for an application to be vulnerable.
  * See full changelog here:
    https://github.com/libexpat/libexpat/blob/R_2_7_5/expat/Changes

==== gegl ====
Version update (0.4.68 -> 0.4.70)
Subpackages: gegl-0_4 gegl-0_4-lang libgegl-0_4-0 typelib-1_0-Gegl-0_4

- Update to version 0.4.70:
  - Core:
  - GeglPath: avoid overflows when serializing paths with large
    coordinates
  - GeglPath: avoid hang on parsing malformed paths.
  - Ops:
  - png-save: avoid integer overflow when computing row_size
  - exr-save: avoid integer overflow when computing width*height
  - Build:
  - Improvements to defcheck,
  - More efforts to get rid of compiler warnings.

==== ldns ====
Subpackages: libldns3

- Add 0001-Fix-illegal-redefinition-of-_Bool.patch to fix
  build failure with glibc-2.43 [boo#1257250, boo#1257259]

==== libmaxminddb ====
Version update (1.12.2 -> 1.13.3)

- update to 1.13.3:
  * Fix validation of empty maps and arrays at the end of the
    metadata section
  * MMDB_open would incorrectly reject databases where a 0-element
    map or array was the last field in metadata
- includes changes from 1.13.2:
  * fixes for other platforms
- includes changes from 1.13.1:
  * No code changes
- includes changes from 1.13.0:
  * improved data validation
  * Fixes for integer overflow, undefined behavior, buffer overflow
    and other code correctness issues what could be triggered by
    large or malicously crafted database
  * Prevent stack overflow via unbounded recursion

==== lzlib ====
Version update (1.15 -> 1.16)

- Update to release 1.16
  * An index of functions and constants has been added to the
    manual.

==== openSUSE-release ====
Version update (20260330 -> 20260331)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd

- automatically generated by openSUSE-release-tools/pkglistgen

==== ovmf ====
Subpackages: qemu-ovmf-x86_64

- Add ovmf-Revert-OvmfPkg-X86QemuLoadImageLib-flip-default-for-.patch (bsc#1260358, bsc#1259826)
  - Since d2cbaefc0822 (flip EnableLegacyLoader to false), shim is
  required for direct kernel boot with Secure Boot to avoid CVE-2025-2296.
  - While libvirt >= v11.2.0 and qemu >= 10.0 support the shim option,
  the latest version of virt-install remains incompatible.
  - Upstream plans to remove the legacy loader in 1-2 years (dropping
  X86QemuLoadImageLib in favor of GenericQemuLoadImageLib).
  - Revert this patch as a workaround.
- Add ovmf-ArmPkg-CpuDxe-Support-multiple-entries-in-RegionIsSy.patch (bsc#1259640)
  - The check performed by RegionIsSystemMemory is not necessarily limited to a single entry
  of type EfiGcdSystemMemory in the GCD memory map. For example, when a memory region spans
  multiple contiguous GCD entries, the current implementation returns False even though the
  entire range is system memory.
  - Therefore, this modification expands the RegionIsSystemMemory check to support multiple
  contiguous entries.

==== pipewire ====
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-lang pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools

- Add pipewire-const-correctness-1.patch and pipewire-const-correctness-2.patch
  picking upstream changes to fix build with glibc 2.43

==== polkit ====
Subpackages: libpolkit-agent-1-0 libpolkit-gobject-1-0 pkexec typelib-1_0-Polkit-1_0

- avoid reading endless amounts of memory (CVE-2026-4897 bsc#1260859)
  0001-CVE-2026-4897-getline-string-overflow.patch

==== python-attrs ====
Version update (25.4.0 -> 26.1.0)

- update to 26.1.0:
  * Field aliases are now resolved *before* calling
    `field_transformer`, so transformers receive fully populated
    `Attribute` objects with usable `alias` values instead of
    `None`.
  * The new `Attribute.alias_is_default` flag indicates whether
    the alias was auto-generated (`True`) or explicitly set by
    the user (`False`).
  * Fix type annotations for `attrs.validators.optional()`, so it
    no longer rejects tuples with more than one validator.
  * The `attrs.validators.disabled()` contextmanager can now be
    nested.
  * Frozen classes can set `on_setattr=attrs.setters.NO_OP` in
    addition to `None`.
  * It's now possible to pass *attrs* **instances** in addition
    to *attrs* **classes** to `attrs.fields()`.

==== python-cryptography ====
Subpackages: python311-cryptography python313-cryptography

- Add patch support-maturin-1.12.patch:
  * Correctly deal with maturin bugfix that installs tests and
    docs under sitearch.

==== quota ====
Version update (4.10 -> 4.11)
Subpackages: quota-nfs

- update to 4.11:
  * rquota_server: Fix group presence checking (Jan Kara)
  * Drop support for V0 and V1 kernel interfaces (Jan Kara)
  * Drop support for old quotactl(2) syscall (Jan Kara)
  * Provide quotactl_mnt() helper and use it where possible (Jan
    Kara)
  * quotaon: Fix handling of filesystems without single device
    (Jan Kara)
  * setproject: Fix openWRT build (Jan Kara)
  * setproject: fix openat() call (Konstantin Demin)

==== tigervnc ====
Subpackages: libXvnc1 tigervnc-selinux xorg-x11-Xvnc xorg-x11-Xvnc-module

- U_Prevent-other-users-reading-x0vncserver-screen.patch
  * Prevent other users from observing the screen, or modifying
    what is sent to the client. Malicious attackers could even
    crash x0vncserver if they timed the modifications right.
    (CVE-2026-34352, bsc#1260871)

==== v4l-utils ====
Version update (1.28.1 -> 1.32.0)
Subpackages: libv4l libv4l1-0 libv4l2-0 libv4lconvert0

- update to 1.32.0:
  * v4l-utils: Add is_compressed_format helper to centralize
    compressed format checks
  * edid-decode: be more relaxed on InfoFrames format
  * edid-decode: allow using stdin for InfoFrame decoding
  * v4l2-compliance: run testBlockingWait when streaming
  * v4l2-ctl: fix string in hdmi-4k-600mhz-with-displayid-eeodb
  * v4l2-compliance: report unsupported devices as such
  * cobalt-ctl: fix search for the mtd device
  * v4l2-ctl: log bitmask control value has hex number
  * edid-decode: add sanity checks for DTD image size
  * v4l2-compliance: fix pix_array control test
  * test-media: add 'date' commands to the vicodec tests
  * test-media: speed up stateful decoder compliance tests
  * v4l-utils: sync with v6.17-rc1
  * v4l-utils: update Hans Verkuil's email addresses
  * cec-ctl: --show-raw should show raw transmit data as well
  * v4l-utils: sync with latest media kernel tree
  * cec-compliance: fix Vendor Command With ID vivid tests
  * v4l2-tracer: fix out of date comment
  * v4l2-ctl: use strtoul instead of strtol where appropriate
  * rds-ctl: use strtoul instead of strtol where appropriate
  * ivtv-ctl: use strtoul instead of strtol where appropriate
  * cx18-ctl: use strtoul instead of strtol where appropriate
  * cec-ctl: use strtoul instead of strtol where appropriate
  * libv4lconvert: use strtoul instead of strtol where
    appropriate
  * capture-example.c: use strtoul instead of strtol for -c
  * libv4l2: prefix HAVE_POSIX_IOCTL with LIBV4L_ for public
    header
  * qv4l2: Fix video capture being transparent on Wayland
  * qvidcap: Fix video capture being transparent on Wayland
  * ir-ctl: remove quirky -rmw command line parsing
  * libv4l2: zero v4l2_buffer
  * media-ctl: libv4l2subdev: Add Y16 format
  * v4l2-ctl: process events before queues in stateful_m2m()
  * v4l2-compliance: Add test for V4L2_FMTDESC_FLAG_ENUM_ALL flag
  * v4l2-ctl-vidcap: Add options to enumerate all pixel formats
  * edid-decode: support parsing EDID-Like Data
  * qvidcap: fix core dump
  * qv4l2: fix crash when disabling openGL

==== wireless-regdb ====
Version update (20251007 -> 20260318)

- Update to version 2026-03-18:
  * db2bin.py: Switch from M2Crypto to python-cryptography.
  * Update regulatory rules for Australia (AU), Canada (CA),
    Greece (GR), Malaysia (MY), and Tunisia (TN).
  * Update documentation URL in regulatory.bin.5.
- Update to version 20260318:
  * wireless-regdb: update regulatory database based on preceding changes
  * wireless-regdb: Update regulatory rules for India (IN) on 6GHz
  * wireless-regdb: Replace M2Crypto with cryptography package
  * wireless-regdb: Fix regulatory.bin signing with new M2Crypto
  * wireless-regdb: update regulatory database based on preceding changes
  * wireless-regdb: Update regulatory info for Canada (CA) for 2025
  * wireless-regdb: Update regulatory info for Tunisia (TN) on 6GHz for 2025
  * wireless-regdb: Update regulatory info for Malaysia (MY) for 2025
  * wireless-regdb: Update regulatory info for Malaysia (MY) for 2024
  * wireless-regdb: Update broken link in regulatory.bin(5) manpage