Packages changed:
  SDL3 (3.4.0 -> 3.4.2)
  certmonger
  ding-libs
  file (5.46 -> 5.47)
  libqmi (1.36.0 -> 1.38.0)
  openSUSE-release (20260331 -> 20260402)
  opensc (0.26.1 -> 0.27.1)
  ovmf
  python-requests (2.33.0 -> 2.33.1)
  python311
  python311-core
  python313
  python313-core
  setools
  sssd
  texinfo (7.2 -> 7.3)

=== Details ===

==== SDL3 ====
Version update (3.4.0 -> 3.4.2)

- Update to release 3.4.2
  * Added SDL_HINT_OPENGL_FORCE_SRGB_FRAMEBUFFER to force specific
    sRGB behavior for OpenGL and OpenGL ES
  * Fixed long startup time on Windows when some non-compliant input
    devices are present
  * Added support for the Razer Raiju V5 Pro
  * Fixed a divide by zero when using Nintendo Switch 2 controllers
  * Fixed handling GameCube adapters in PC mode

==== certmonger ====

- Fix immutable mode support issues; (jsc#PED-14766).
  * patch tmpfiles_var_lib_certmonger.patch

==== ding-libs ====

- Update to release 0.7.0
  * INI: make 'ini_*_serialize' API private
  * INI: don't expose "ini_valueobj.h" API

==== file ====
Version update (5.46 -> 5.47)
Subpackages: file-magic libmagic1

- Add patch file-5.47-regression.dif (boo#1261199)
  * Fix regression in detection of magics in a buffer
- Add patch file-5.47-fdf.dif
  * Use tabs instead of normal white spaces in description of %FDF
- Port patches
  * file-4.20-ssd.dif
  * file-4.21-xcursor.dif
  * file-5.19-clicfs.dif
  * file-5.19-solv.dif
  * file-5.19-zip2.0.dif
  * file-5.28-btrfs-image.dif
- Remove patches now upstream or solved by upstream
  * file-4.20-xen.dif
  * file-4.21-scribus.dif
  * file-5.14-tex.dif
  * file-5.19-cromfs.dif
- Update to 5.47:
  * Better multi-compound document identification by following the
    order of the directories entries. (Thomas Ledoux)
  * if stat fails, don't attempt to restore times (Steven Grubb)
  * PR/622: Odd_Bloke: Handle negative offsets in file_buffer(),
    when fd is not available.
  * PR/655: jsummers: Obey str_flags in strings like we do for search
    and regex
  * PR/659: Pitzl: Apply MAGIC_CONTINUE to annotations; i.e. print
    only the first, unless -k is specified.
  * PR/592: allow + in format strings
  * PR/592: signed operations should be done in signed context
  * PR/578: jsummers: Don't crash on cygwin when tm_mon == -1
  * PR/579: net147: Fix stack overrun.
- Remove patches now upstream
  * file-zipdata.patch
  * boo1237209.patch
  * file-seccomp.patch
  * file-seccomp-ppc.patch
  * file-5.46-tcgets2.patch
- Port and rename patch file-5.46.dif which becomes now file-5.47.dif

==== libqmi ====
Version update (1.36.0 -> 1.38.0)
Subpackages: libqmi-glib5 libqmi-tools

- Update to version 1.38.0
  New services:
  * New 'IMSDCM' service to support baseband requests for packet
    data connections initiated by the host.
  New request/response/indications:
  * wms: added "Network Registration Status" request and indication
    "Set Broadcast Activation" request, "Set Broadcast Config"
    request, "Get Broadcast Config" request, "Indication Register"
    request, "Get Transport Network Registration Status" request,
    and "Transport Network Registration Status" indication.
  * ims: added "Set IMS Services Enabled Setting" request and
    "Services Enabled Setting" indication.
  * uim: added "Write Record" request.
  * qos: added "Bind Mux Data Port", "Bind Subscription", and
    "Get Bind Subscription" requests.
  * wds: added "Bind Subscription" and "Get Bind Subscription"
    requests.
  * loc: added "Inject Position" request, "Inject Time Request"
    indication, "Inject Predicted Orbits Request" indication,
    "Inject Position Request" indication, "Inject UTC Time"
    request, and "Get Predicted Orbits Data Validity" request.
  * pbm: added "Get Emergency List" request.
  * nas: added "Get ENDC Config" and "Incremental Network Scan".
  New TLVs supported in existing messages:
  * wms: added the "Call Mode Preference" TLV in the "Set IMS
    Services Enabled Setting" request.
  libqmi-glib:
  * Allow to decode IMS/IMSA/IMSP messages.
  * nas: added QMI_NAS_RADIO_INTERFACE_NO_CHANGE value to
    QmiNasRadioInterface.
  * loc: use QmiLocReliability instead of guint32 for Vertical
    Reliability value in position report.
  * Device open timeout increased to 10 seconds.
  * Fixed an issue preventing QMI message parsing on big-endian
    (BE) arches.
  qmi-proxy:
  * Don't mistakenly delete qmi-proxy binary when run from same
    directory.
  qmicli:
  * Added capability to inject positions and time into the GNSS
    engine to speed up initial fix.
  * Added "--loc-get-predicted-orbits-data-validity",
    "--loc-inject-position-latitude",
    "--loc-inject-position-longitude",
    "--fox-set-fcc-authentication", "--loc-inject-time",
    "--loc-get-predicted-orbits-data-source",
    "--pbm-get-emergency-list",
    "--nas-incremental-network-scan",
    "--wms-set-cbs-channels", "--wms-get-cbs-channels"
  * Added support for "--initial-mux-id=<x>" to the "link-add"
    command.

==== openSUSE-release ====
Version update (20260331 -> 20260402)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd

- automatically generated by openSUSE-release-tools/pkglistgen

==== opensc ====
Version update (0.26.1 -> 0.27.1)
Subpackages: opensc-bash-completion

- Update to version 0.27.1
  * Bugfix release to fix up infrastructure issues.
- Update to version 0.27.0
  Security
  * Fix CVE-2025-13763: Several uses of potentially uninitialized
    memory detected by fuzzers.
  * Fix CVE-2025-49010: Possible write beyond buffer bounds during
    processing of GET RESPONSE APDU (bsc#1261214)
  * Fix CVE-2025-66215: Possible write beyond buffer bounds in
    oberthur driver (bsc#1261220)
  * Fix CVE-2025-66038: Possible read beyond buffer bounds when
    parsing historical bytes in PIV driver (bsc#1261219)
  * Fix CVE-2025-66037: Possible buffer overrun while parsing SPKI
    (bsc#1261218)
  * More low-severity data handling issues when parsing profile
    configuration
  General improvements
  * Added support for PKCS#11 3.2 in tools and pkcs11-spy and
    p11test.
  * Added support for Ed448, X448 mechanisms and improve support
    for.
  * Edwards and montgomery keys in general.
  * Support CKA_PUBKEY_KEY_INFO PKCS#11 attribute.
  * Various refactoring of autotools build system.
  * Remove obsolete tokend support.
  * Run tests against different software PKCS#11 tokens kryoptic
    and NSS softokn.
  * Removed internal caching for current EF/DF.
  * Correctly detect OS-level FIPS mode in OpenSSL automatically
    or through custom configuration file.
  * Added support for Brainpool twisted curves to pkcs11-tool and
    SC-HSM.
  PC/SC
  * Handle case when smart card is removed and inserted between
    two subsequent calls to refresh_attributes().
  EsteID
  * Add support for EstEID 2025.
  * Implement FinEID 4.0/4.1 support.
  * Add Latvian IDEMIA Cosmo X card support.
  * Check if PIN is locked and hint CKF_USER_PIN_TO_BE_CHANGED.
  * Remove obsolete FinEID cards.
  * Add Latvian Cosmo 8.2 card support.
  D-Trust
  * Prevent unncecessary pin prompts on pinpad readers.
  * Support for D-Trust Card 5.1 & 5.4.
  * Implement PIN change and unblock in dtrust-tool.
  Belpic
  * Add supports for belpic applet version 1.8.
  OpenPGP
  * Implement key derived PIN format (KDF-DO) as per OpenPGP card
    spec v3.3.
  IDPrime
  * Implement 5110+ FIPS and 5110 CC (940) derive support.
  pkcs11-tool
  * Added support for ML-DSA, ML-KEM, SLH-DSA keys from PKCS#11
    3.2.
  * Improve support for Edwards and montgomery keys and.
  * add derive key support for CKK_MONTGOMERY.
  * Add support for ChaCha20 and Poly1305.
  * Add support for AES CTR in decrypt_data() and encrypt_data().
  * Add initial support for PKCS#11 URIs.
  * Print more information about RSA keys.
- Drop patch:
  * opensc-gcc15.patch (not longer needed)

==== ovmf ====
Subpackages: qemu-ovmf-x86_64

- Update ovmf descriptors
  - Remove 2MB OVMF descriptor.
  - Remove IA32 and AArch32 OVMF descriptors.
  - Align feature tags for libvirt parsing.

==== python-requests ====
Version update (2.33.0 -> 2.33.1)
Subpackages: python311-requests python313-requests

- update to 2.33.1:
  * Fixed test cleanup for CVE-2026-25645 to avoid leaving
    unnecessary files in the tmp directory.
  * Fixed Content-Type header parsing for malformed values.
  * Improved error consistency for malformed header values.

==== python311 ====
Subpackages: python311-curses python311-dbm python311-x86-64-v3

- Add CVE-2026-4519-webbrowser-open-dashes.patch to reject
  leading dashes in webbrowser URLs (bsc#1260026, CVE-2026-4519,
  gh#python/cpython#143930).
- Add CVE-2025-13462-tarinfo-header-parse.patch which skips
  TarInfo DIRTYPE normalization during GNU long name handling
  (bsc#1259611, CVE-2025-13462).
- Add CVE-2026-4224-expat-unbound-C-recursion.patch avoiding
  unbound C recursion in conv_content_model in pyexpat.c
  (bsc#1259735, CVE-2026-4224).
- Add CVE-2026-3644-cookies-Morsel-update-II.patch to reject
  control characters in http.cookies.Morsel.update() and
  http.cookies.BaseCookie.js_output (bsc#1259734, CVE-2026-3644).

==== python311-core ====
Subpackages: libpython3_11-1_0 libpython3_11-1_0-x86-64-v3 python311-base python311-base-x86-64-v3

- Add CVE-2026-4519-webbrowser-open-dashes.patch to reject
  leading dashes in webbrowser URLs (bsc#1260026, CVE-2026-4519,
  gh#python/cpython#143930).
- Add CVE-2025-13462-tarinfo-header-parse.patch which skips
  TarInfo DIRTYPE normalization during GNU long name handling
  (bsc#1259611, CVE-2025-13462).
- Add CVE-2026-4224-expat-unbound-C-recursion.patch avoiding
  unbound C recursion in conv_content_model in pyexpat.c
  (bsc#1259735, CVE-2026-4224).
- Add CVE-2026-3644-cookies-Morsel-update-II.patch to reject
  control characters in http.cookies.Morsel.update() and
  http.cookies.BaseCookie.js_output (bsc#1259734, CVE-2026-3644).

==== python313 ====
Subpackages: python313-curses python313-dbm python313-tk python313-x86-64-v3

- Add CVE-2026-4519-webbrowser-open-dashes.patch to reject
  leading dashes in webbrowser URLs (bsc#1260026, CVE-2026-4519,
  gh#python/cpython#143930).
- Add CVE-2025-13462-tarinfo-header-parse.patch which skips
  TarInfo DIRTYPE normalization during GNU long name handling
  (bsc#1259611, CVE-2025-13462).
- Add CVE-2026-4224-expat-unbound-C-recursion.patch avoiding
  unbound C recursion in conv_content_model in pyexpat.c
  (bsc#1259735, CVE-2026-4224).
- Add CVE-2026-3644-cookies-Morsel-update-II.patch to reject
  control characters in http.cookies.Morsel.update() and
  http.cookies.BaseCookie.js_output (bsc#1259734, CVE-2026-3644).

==== python313-core ====
Subpackages: libpython3_13-1_0 libpython3_13-1_0-x86-64-v3 python313-base python313-base-x86-64-v3 python313-devel

- Add CVE-2026-4519-webbrowser-open-dashes.patch to reject
  leading dashes in webbrowser URLs (bsc#1260026, CVE-2026-4519,
  gh#python/cpython#143930).
- Add CVE-2025-13462-tarinfo-header-parse.patch which skips
  TarInfo DIRTYPE normalization during GNU long name handling
  (bsc#1259611, CVE-2025-13462).
- Add CVE-2026-4224-expat-unbound-C-recursion.patch avoiding
  unbound C recursion in conv_content_model in pyexpat.c
  (bsc#1259735, CVE-2026-4224).
- Add CVE-2026-3644-cookies-Morsel-update-II.patch to reject
  control characters in http.cookies.Morsel.update() and
  http.cookies.BaseCookie.js_output (bsc#1259734, CVE-2026-3644).

==== setools ====
Subpackages: python313-setools setools-console

- Adjust %suse_version to ne scheme (jsc#PED-15790)

==== sssd ====
Subpackages: libnfsidmap-sss libsss_certmap0 libsss_idmap0 sssd-krb5-common sssd-ldap

- Add 0001-Fix-libini_config-related-includes.patch,
  0001-INI-get-rid-of-useless-macros.patch,
  0001-INI-use-proper-deallocators.patch to
  allow build with newer ding-libs >= 0.7.0.

==== texinfo ====
Version update (7.2 -> 7.3)
Subpackages: info info-lang

- Update to version 7.3 (02 March 2026):
  * Language
    . new commands for title page creation: @documentinfo, @publication,
    and @maketitle.  you can use these instead of explicit formatting
    inside @titlepage.
    . you can use heading commands such as @heading after @node.  nodes
    defined this way are not part of the chapter structure of the document
    (unlike if @section etc. were used).
    . new command @xrefname can follow @node in place of a heading command.
    this is for when you do not want any heading at all to be displayed.
    . new command @namedanchor for defining text to be used for a cross-
    reference to an anchor (with @xrefautomaticsectiontitle on)
    . new command @thispart to print part name in headings or footings
    . deprecate @clickstyle
    . if there is no @documentlanguage, the language is unspecified, rather
    than en_US.  (texi2any will still use English strings by default,
    but will not put en_US in the output, depending on output format.)
  * texi2any
    . texi2any uses the Perl extensions in C for converters when possible,
    which results in a large speed-up for HTML output.
    set the `TEXINFO_XS_CONVERT' environment variable to 0 for pure Perl.
    . optional experimental texi2any program implementation in C embedding Perl.
    use --enable-using-c-texi2any to prefer the C implementation.
    . report leading directory components of input file names in messages
    (this reverses 6.8 release change, 2021).
    . when CHECK_NORMAL_MENU_STRUCTURE is on, give the line number of the
    problem menu entry
    . DUMP_TREE should now be a file name, or - to output to standard error
    . remove USE_REL_REV variable; former effect is now always on
    . (API only) rename LINKS_BUTTONS customization variable to LINKS_DIRECTIONS
    . (API only) rename space direction ' ' to 'Space'
    . HTML output:
    . the HIGHLIGHT_SYNTAX variable can be used for syntax highlighting
    of code samples.  this feature was present in earlier releases but
    is no longer marked as experimental.
    . do not wrap the contents of <style> elements in an HTML comment,
    as this is no longer needed for browser compatibility
    . the --transliterate-file-names option (which sets the
    TRANSLITERATE_FILE_NAMES variable) is now off by default.
    . when creating redirection files with --node-files (the default),
    ignore the settings of TRANSLITERATE_FILE_NAMES, BASEFILENAME_LENGTH,
    and EXTENSION.
    . likewise, ignore these variables for links to external manuals
    (they are still used for the file names generated for the
    converted manual content).
    . the default setting of WORDS_IN_PAGE has changed from 300 to 200.
    this means that a navigation panel is more likely to be output at
    the bottom of fairly short nodes.
    . use the last @printindex in the input file for the Index direction
    . only output 'accesskey' attributes when splitting by node
    . for locations of external manuals, use files ending with the
    .cnf extension in the htmlxref.d directories (in addition to files
    called htmlxref.cnf).  this should make it easier to combine
    information on HTML cross-references from different sources.
    . in an htmlxref file, you can explicity trigger a link to a local
    manual by using an empty URL
    . you can set FORMAT_MENU to 'menu_no_detailmenu' to omit an
    automatically generated @detailmenu from the Top node
    . info.js (with INFO_JS_DIR) fixes and improvements:
    . avoid pop-up over Top node and display the correct title
    . --internal-links outputs more types of internal link, including
    anchors, sections and floats.  the possible type names reported
    in the second column have changed.
    . USE_NEXT_HEADING_FOR_LONE_NODE removed.  former effect is now
    always on.
    . (API only) remove the buttons specifications with scalar references,
    direction text or functions references should be used instead
    . (API only) remove the Texinfo::TeX4HT customization package
    . Info output:
    . new experimental variable INFO_MATH_IMAGES allows outputting
    images for mathematics notation
    . LaTeX output:
    . use UTF-8 encoding for output by default, regardless of input
    encoding.  override with OUTPUT_ENCODING_NAME.
    . XML output:
    . use HTML entities names for @H and @dotaccent accents types
  * texinfo.tex
    . add entries in PDF outline for index initials
    . use Unicode in PDF outline for input documents encoded in UTF-8
    . '@set xrefautomaticsectiontitle on' does not affect cross-references
    to anchors, matching the HTML output
    . separate adjacent footnote markers with commas, e.g. '1, 2' not '1 2'
  * info
    . you can use hook scripts to handle an info manual not being found.
    these hooks can provide a message to the user with information on
    how to install the manual.
    . when run as 'info TOPIC INDEX-ENTRY', prefer index entries that
    refer to the node that would be loaded by 'info TOPIC'.  this aids
    in retrieving documentation of command-line options when multiple
    programs are documented in the same manual.
    for example, 'info cp -- -s' goes to the documentation of the -s
    option for the cp program in the coreutils manual, rather than the
  - s option of any other program.
    . list all customizable variables in help buffer including how they
    got their values
    . reuse introductory text in dir file rather than supplying our own text,
    as was the case in older version of info and is the case in Emacs
    . removed fallback if a node is not found in a cross-reference to
    searching for a file of the same name.  e.g. "* Foo::" in a menu
    ... changelog too long, skipping 16 lines ...
- Remove patch texinfo-perl-5.42.patch, which is now upstream