Packages changed:
  MozillaFirefox (125.0.3 -> 126.0)
  file-roller (44.2 -> 44.3)
  fwupd (1.9.19 -> 1.9.20)
  grub2
  kirigami-addons6 (1.2.0 -> 1.2.1)
  ktextaddons (1.5.3 -> 1.5.4)
  libgit2 (1.8.0 -> 1.8.1)
  libostree (2024.5 -> 2024.6)
  openSUSE-release (20240520 -> 20240521)
  postfix
  python-attrs
  ruby3.3
  salt
  webkit2gtk3 (2.44.1 -> 2.44.2)
  xdg-desktop-portal (1.18.2 -> 1.18.4)
  xfsprogs (6.7.0 -> 6.8.0)
  yast2-trans (84.87.20240511.9a3bd96575 -> 84.87.20240518.c88399d6be)

=== Details ===

==== MozillaFirefox ====
Version update (125.0.3 -> 126.0)
Subpackages: MozillaFirefox-translations-common

- Mozilla Firefox 126.0
  https://www.mozilla.org/en-US/firefox/126.0/releasenotes
  MFSA 2024-21 (bsc#1224056)
  * CVE-2024-4764 (bmo#1879093)
    Use-after-free when audio input connected with multiple consumers
  * CVE-2024-4367 (bmo#1893645)
    Arbitrary JavaScript execution in PDF.js
  * CVE-2024-4765 (bmo#1871109)
    Web application manifests could have been overwritten via
    hash collision
  * CVE-2024-4766 (bmo#1871214, bmo#1871217)
    Fullscreen notification could have been obscured on Firefox
    for Android
  * CVE-2024-4767 (bmo#1878577)
    IndexedDB files retained in private browsing mode
  * CVE-2024-4768 (bmo#1886082)
    Potential permissions request bypass via clickjacking
  * CVE-2024-4769 (bmo#1886108)
    Cross-origin responses could be distinguished between script
    and non-script content-types
  * CVE-2024-4770 (bmo#1893270)
    Use-after-free could occur when printing to PDF
  * CVE-2024-4771 (bmo#1893891)
    Failed allocation could lead to use-after-free
  * CVE-2024-4772 (bmo#1870579)
    Use of insecure rand() function to generate nonce
  * CVE-2024-4773 (bmo#1875248)
    URL bar could be cleared after network error
  * CVE-2024-4774 (bmo#1886598)
    Undefined behavior in ShmemCharMapHashEntry()
  * CVE-2024-4775 (bmo#1887332)
    Invalid memory access in the built-in profiler
  * CVE-2024-4776 (bmo#1887343)
    Window may remain disabled after file dialog is shown in
    full-screen
  * CVE-2024-4777 (bmo#1878199, bmo#1893340)
    Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11,
    and Thunderbird 115.11
  * CVE-2024-4778 (bmo#1838834, bmo#1889291, bmo#1889595,
    bmo#1890204, bmo#1891545)
    Memory safety bugs fixed in Firefox 126
- requires NSS 3.100
- removed obsolete mozilla-libproxy-fix.patch

==== file-roller ====
Version update (44.2 -> 44.3)
Subpackages: file-roller-lang

- Update to version 44.3:
  + Fixed filename not changed when creating a new archive.
  + 7z: error when creating archives with volumes.

==== fwupd ====
Version update (1.9.19 -> 1.9.20)
Subpackages: fwupd-bash-completion fwupd-lang libfwupd2 typelib-1_0-Fwupd-2_0

- Update to version 1.9.20:
  + This release adds the following features:
  - Add some API to allow uploading reports for use in
    gnome-firmware
  - Allow the user to upload the entire devicelist to the LVFS
  + This release fixes the following bugs:
  - Correctly detect Synaptics Cayenne and Spyder firmware
  - Do not offer the UEFI DBX update on Lenovo ideacentre
    300-20ISH
  - Explicitly enable shadow stack support in fwupd.service
  - Fix a potential buffer overread when reading the algoltek-usb
    version number
  - Fix the CET HSI test by rewriting it in assembly
  - Fix using --verbose in fwupdmgr
  - Ignore --p2p when downloading the metadata signature
  + This release adds support for the following hardware:
  - FPC FF2 fingerprint devices

==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-xen

- Only enable grub-protect for EFI systems
  * 0001-util-enable-grub-protect-only-for-EFI-systems.patch

==== kirigami-addons6 ====
Version update (1.2.0 -> 1.2.1)
Subpackages: kirigami-addons6-lang

- Update to 1.2.1
  * Fix regression with double accept
  * Update maintainer name
  * Define minimum requirement on framework

==== ktextaddons ====
Version update (1.5.3 -> 1.5.4)
Subpackages: ktextaddons-lang libKF6TextAddons1

- Update to 1.5.4. No changelog

==== libgit2 ====
Version update (1.8.0 -> 1.8.1)

- update to 1.8.1:
  * In v1.8, libgit2 introduced the `report_unchanged ` member in
    the `git_fetch_options` structure. We mistakenly introduced
    this as a bitfield, which is not suitable for our public API.
    To correct this mistake, we have _removed_ the
    `report_unchanged ` member. To support the report unchanged
    tips option, users can set the `update_fetchhead`
    member to include the `GIT_REMOTE_UPDATE_REPORT_UNCHANGED`
    value.
  * The libgit2 projects regrets the API change, but this was
    required to support cross-platform compatibility.
  * commit: Fix git_commit_create_from_stage without author and
  * committer
  * process.c: fix environ
  * Bounds check for pack index read
  * transport: provide a useful error message during cancellation
  * transport: support sha256 oids
  * Revparse: Correctly accept ref with '@' at the end
  * remote: drop bitfields in git_remote_fetch_options
  * examples: fix memory leak in for-each-ref.c
  * xdiff: use proper free function
  * rand: avoid uninitialized loadavg warnings
  * cli: include alloca on illumos / solaris / sunos
  * Update git_array allocator to obey strict aliasing rules
  * tree: avoid mixed signedness comparison by @ethomson in

==== libostree ====
Version update (2024.5 -> 2024.6)
Subpackages: libostree-1-1

- update to 2024.6:
  + prepare-root: Handle non-AB aboot properly
  + various bug fixes and developer visible fixes
  + ostree-prepare-root.service: add OnFailureJobMode=isolate
  + ostree-sysroot-deploy: check if deployments are in the same
    stateroot

==== openSUSE-release ====
Version update (20240520 -> 20240521)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd

- automatically generated by openSUSE-release-tools/pkglistgen

==== postfix ====

- Update update_chroot.systemd
  * Add missing checks for DKIM (openDKIM)
- keep spec and changes files in sync

==== python-attrs ====

- Add patch pytest8.patch to adapt the tests to the new pytest

==== ruby3.3 ====
Subpackages: libruby3_3-3_3

- Backport for fix segfault caused by stack pointers not
  saved/restored properly when yielding execution from Ruby to C.
  https://bugs.ruby-lang.org/issues/20493
  https://github.com/ruby/ruby/pull/10798
  Adds fix-gvl-save-restore.patch
- fix typo in the macros file. this only affected people building
  without the OBS as this macro was shadowed by the macro that is
  in the prjconf

==== salt ====
Subpackages: python3-salt salt-master salt-minion salt-transactional-update

- Mark python3-CherryPy as recommended package for the testsuite
- Make "man" a recommended package instead of required

==== webkit2gtk3 ====
Version update (2.44.1 -> 2.44.2)
Subpackages: WebKitGTK-4.1-lang libjavascriptcoregtk-4_1-0 libwebkit2gtk-4_1-0 typelib-1_0-JavaScriptCore-4_1 typelib-1_0-WebKit2-4_1 webkit2gtk-4_1-injected-bundles

- Update to version 2.44.2:
  + Make gamepads visible on axis movements, and not only on
    button presses.
  + Disable the gst-libav AAC decoder.
  + Make user scripts and style sheets visible in the Web
    Inspector.
  + Use the geolocation portal where available, with the existing
    geoclue as fallback if the portal is not usable.
  + Use the printing portal when running sandboxed.
  + Use the file transfer portal for drag and drop when running
    sandboxed.
  + Avoid notifying an empty cursor rectangle to input methods.
  + Remove empty bar shown in detached inspector windows.
  + Consider keycode when activating application accelerators.
  + Fix the build with ENABLE_WEBAUDIO disabled.
  + Fix several crashes and rendering issues.
- Update keyring (taken from rawhide).

==== xdg-desktop-portal ====
Version update (1.18.2 -> 1.18.4)
Subpackages: xdg-desktop-portal-lang

- update to 1.18.4:
  + Don't allow commandline arrays when the first commandline item
    starts with whitespace or hyphen. (CVE-2024-32462, boo#1223110)
  + Do not store device access permission if it returned an error
  + Fix crash with config files without a default backend set
- includes changes from 1.18.3:
  + Don't try to read D-Bus object properties of Request objects on
    construction
  + Fix various memory and file descriptor leaks.
  + Minuscule optimization to the ScreenCast portal so that it
    stores restoration data with a single D-Bus call, instead of two.
  + Fix a crash in the OpenURI file when trying to open a non-
    existing file
  + Fix a bug in PipeWire that prevented cameras from being
    reported reliably.
  + Various smaller bug fixes.

==== xfsprogs ====
Version update (6.7.0 -> 6.8.0)
Subpackages: libhandle1

- update to 6.8.0
  - xfs_repair: Dump both inode details in Phase 6 duplicate file check
  - libxfs: print the device name if flush-on-close fails
  - xfs_db: fix leak in flist_find_ftyp()
  - xfs_repair: support more than INT_MAX block maps
  - xfs_repair: constrain attr fork extent count
  - xfs_repair: support more than 2^32 owners per physical block
  - xfs_repair: support more than 2^32 rmapbt records per AG
  - xfs_db: add a bmbt inflation command
  - xfs_scrub: scan whole-fs metadata files in parallel
  - mkfs: allow sizing internal logs for concurrency
  - mkfs: allow sizing allocation groups for concurrency
  - mkfs: use a sensible log sector size default
  - xfs_io: add linux madvise advice codes
  - xfs_scrub: fix threadcount estimates for phase 6
  - xfs_db: improve number extraction in getbitval
  - xfs_repair: adjust btree bulkloading slack computations to match online repair
  - xfs: make rextslog computation consistent with mkfs
  - mkfs: fix log sunit rounding when external logs are in use
  - libxfs: kernel sync

==== yast2-trans ====
Version update (84.87.20240511.9a3bd96575 -> 84.87.20240518.c88399d6be)
Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu

- Update to version 84.87.20240518.c88399d6be:
  * Translated using Weblate (Slovenian)
  * Translated using Weblate (Slovenian)
  * Translated using Weblate (Slovenian)
  * Translated using Weblate (Slovenian)
  * Translated using Weblate (Slovenian)
  * Translated using Weblate (Slovenian)
  * Translated using Weblate (Lithuanian)
  * Translated using Weblate (Slovenian)
  * Translated using Weblate (Lithuanian)
  * Translated using Weblate (Lithuanian)
  * Translated using Weblate (Lithuanian)
  * Translated using Weblate (Lithuanian)
  * Translated using Weblate (Lithuanian)
  * Translated using Weblate (Lithuanian)
  * Translated using Weblate (Lithuanian)
  * Translated using Weblate (Lithuanian)
  * Translated using Weblate (Lithuanian)
  * Translated using Weblate (Lithuanian)
  * Translated using Weblate (Lithuanian)
  * Translated using Weblate (Slovenian)
  * New POT for text domain 'control'.
  * Translated using Weblate (Romanian)
  * Translated using Weblate (Slovenian)
  * Translated using Weblate (Romanian)
  * Translated using Weblate (Romanian)
  * Translated using Weblate (Romanian)
  * Translated using Weblate (Romanian)