Packages changed:
  ImageMagick (7.1.0.37 -> 7.1.0.44)
  cockpit
  codec2 (1.0.3 -> 1.0.5)
  curl (7.83.1 -> 7.84.0)
  gpg2 (2.3.6 -> 2.3.7)
  kdump (1.0.2+git13.ge715180 -> 1.0.2+git17.g491c742)
  kernel-firmware (20220622 -> 20220714)
  libcap (2.64 -> 2.65)
  libdmtx (0.7.5 -> 0.7.7)
  libnettle (3.8 -> 3.8.1)
  libstorage-ng (4.5.31 -> 4.5.33)
  libuv (1.44.1 -> 1.44.2)
  perl
  polkit
  poppler (22.06.0 -> 22.07.0)
  poppler-qt5 (22.06.0 -> 22.07.0)
  redis (7.0.3 -> 7.0.4)
  yast2-bootloader (4.5.1 -> 4.5.2)
  yast2-trans (84.87.20220709.5ead98f887 -> 84.87.20220729.608d4643aa)

=== Details ===

==== ImageMagick ====
Version update (7.1.0.37 -> 7.1.0.44)
Subpackages: ImageMagick-config-7-SUSE libMagickCore-7_Q16HDRI10 libMagickWand-7_Q16HDRI10

- version update to 7.1.0.44
  upstream changelog:
  https://github.com/ImageMagick/Website/blob/main/ChangeLog.md
- modified patches
  % ImageMagick-library-installable-in-parallel.patch (refreshed)
- update to 7.1.0.42:
  * incorrect pointer update when computing median @ ImageMagick/ImageMagick#5298
  * Added extra check because the flag was removed in 0.21-Beta1.
  * the -transparent-color option accepts colornames @ ImageMagick/ImageMagick#5297
  * fix MVG stroke-opacity issues
  * map channel parameter to pixel channel offset @ ImageMagick/ImageMagick#5308
  * beta release
  * preserve input depth @ ImageMagick/ImageMagick6#188
  * update to latest automake/autoconf release
  * recognize SVG file if it starts with whitespace @ ImageMagick/ImageMagick#5294
  * Removed unused stealth flag.
  * Removed used path field.
  * Removed unused target field.
  * Removed unused exempt field.
  * Added extra option to the skip spaces to the MagicInfo.
  * Always start at the start of the string when comparing the magic value.
  * cosmetic
  * avoid OMP deadlock @ ImageMagick/ImageMagick#5301
  * prevent undefined shift
  * prevent possible buffer overflow
  * correct copy/paste error
  * We need to free the stream ourselves when the call to FT_Open_Face fails.
  * Added missing call to DestroyString.
  * MVG requires seekable stream
  * Added extra malloc method to avoid early calls to the policy checks on Windows.
  * Removed defines.
  * Only check for dll's in non static build.
  * Set the client name and path earlier.
  * fix background opacity rounding @ ImageMagick/ImageMagick#5264
  * empty result on conversion from tiff to pdf @ ImageMagick/ImageMagick#5256
  * Corrected patch that was made for #5256.
  * Pass negative interline_spacing to pango
  * Also check extension to fix possible stack overflow.
  * eliminate possible buffer overflow
  * set group 4 photometric to min-is-white
  * dasharray requires non-zero values
  * eliminate compiler warning
  * only permit one rows/columns keyword
  * Moved allocation back to the correct spot to avoid bypassing SetImageExtent.
  * Also restore setting quantum_info to null.
  * eliminate uninitialized value warning
  * Make sure all text strings are freed when realloc fails.
  * Reset primitive_info inside RenderMVGContent because this address could point to another address.
  * Always check if .text is set instead.
  * eliminate uninitialized alpha pixel
  * recognize read-mask & write-mask for -channel option
  * eliminate compiler warning
  * fix scrambled image @ ImageMagick/ImageMagick#5291
  * yikes, misspelled 'level'
  * Fixed possible memory leak.
  * support floating point formats
  * initialize date:precision in private TimerComponentGenesis() method
  * check for -1 is not required
  * refactor date:precision flow
  * eliminate compiler warning
  * correct formulation of the phash normalization
  * phash normalization is conventional RMS calculation
  * only check shread count once
  * add private ShredMagickMemory() method to hide contents of memory buffers
    before they are relinquished
  * system:shred value has precedence over MAGICK_SHRED_PASSES
  * support shredding memory pools
  * update memory pointer
  * Silenced warning.
  * Corrected documentation.
  * first pass is fast for performance, second is crytographically strong
  * recommend shred value of 1 for performance reasons
  * only set the # of shred passes one time
  * if enabled, shred streams
  * unmap mapped pixels
  * default mapped member to false
  * don't shred streaming pixels
  * rework shred passes
  * optimize performance
  * change per lint advisement
  * typecast per lint advisement
  * eliminate compiler warning
  * eliminate lint warnings
  * eliminate lint warnings
  * support date:timestamp property
  * eliminate lint warnings
  * set timestamp from image->timestamp member
  * eliminate lint warnings
  * support MAGICK_DATE_PRECISION and registrydateprecision defines
  * support registry:precision define
  * need at least one policy defined
  * eliminate lint warnings
  * note, system:precision is deprecated
  * eliminate icc compiler warnings
  * eliminate icc compiler warnings
  * eliminate compiler warning
  * Reverted incorrect patch when doing auto-orient of an image that is
    right-top or left-bottom.#
  * Corrected conversion from flip to Orientation.
    ... changelog too long, skipping 22 lines ...
  * Also remove date:timestamp when stripping the image.

==== cockpit ====
Subpackages: cockpit-bridge cockpit-packagekit cockpit-system

- Update suse-microos-branding.patch for new /etc/os-release ID.
- Add storage-btrfs.patch to enable BTRFS use in cockpit-storage.

==== codec2 ====
Version update (1.0.3 -> 1.0.5)

- Update to version 1.0.5
  * Bump version to 1.0.5 to clearly delineate from various 1.0.4
    tags, otherwise the same as 1.0.4_rc2
- Update to version 1.0.4
  * 2020B,
  * build system and tools maintenance.
  * This RC fixes FreeDV API backwards compatibility issue in v1.0.4

==== curl ====
Version update (7.83.1 -> 7.84.0)
Subpackages: libcurl4

- add tests-for-32bit.patch to fix testsuite on 32bit platforms
- Update to 7.84.0:
  * Security fixes:
  - (bsc#1200737, CVE-2022-32208): FTP-KRB bad message verification
  - (bsc#1200736, CVE-2022-32207): Unpreserved file permissions
  - (bsc#1200735, CVE-2022-32206): HTTP compression denial of service
  - (bsc#1200734, CVE-2022-32205): Set-Cookie denial of service
  * Changes:
  - curl: add --rate to set max request rate per time unit
  - curl: deprecate --random-file and --egd-file
  - curl_version_info: add CURL_VERSION_THREADSAFE
  - CURLINFO_CAPATH/CAINFO: get the default CA paths from libcurl
  - lib: make curl_global_init() threadsafe when possible
  - libssh2: add CURLOPT_SSH_HOSTKEYFUNCTION
  - opts: deprecate RANDOM_FILE and EGDSOCKET
  - socks: support unix sockets for socks proxy
  * Bugfixes:
  - aws-sigv4: fix potentional NULL pointer arithmetic
  - bindlocal: don't use a random port if port number would wrap
  - c-hyper: mark status line as status for Curl_client_write()
  - ci: avoid `cmake -Hpath`
  - CI: bump FreeBSD 13.0 to 13.1
  - ci: update github actions
  - cmake: add libpsl support
  - cmake: do not add libcurl.rc to the static libcurl library
  - cmake: enable curl.rc for all Windows targets
  - cmake: fix detecting libidn2
  - cmake: support adding a suffix to the OS value
  - configure: skip libidn2 detection when winidn is used
  - configure: use the SED value to invoke sed
  - configure: warn about rustls being experimental
  - content_encoding: return error on too many compression steps
  - cookie: address secure domain overlay
  - cookie: apply limits
  - copyright.pl: parse and use .reuse/dep5 for skips
  - copyright: make repository REUSE compliant
  - curl.1: add a few see also --tls-max
  - curl.1: mention exit code zero too
  - curl: re-enable --no-remote-name
  - curl_easy_pause.3: remove explanation of progress function
  - curl_getdate.3: document that some illegal dates pass through
  - Curl_parsenetrc: don't access local pwbuf outside of scope
  - curl_url_set.3: clarify by default using known schemes only
  - CURLOPT_ALTSVC.3: document the file format
  - CURLOPT_FILETIME.3: fix the protocols this works with
  - CURLOPT_HTTPHEADER.3: improve comment in example
  - CURLOPT_NETRC.3: document the .netrc file format
  - CURLOPT_PORT.3: We discourage using this option
  - CURLOPT_RANGE.3: remove ranged upload advice
  - digest: added detection of more syntax error in server headers
  - digest: tolerate missing "realm"
  - digest: unquote realm and nonce before processing
  - DISABLED: disable 1021 for hyper again
  - docs/cmdline-opts: add copyright and license identifier to each file
  - docs/CONTRIBUTE.md: document the 'needs-votes' concept
  - docs: clarify data replacement policy for MIME API
  - doh: remove UNITTEST macro definition
  - examples/crawler.c: use the curl license
  - examples: remove fopen.c and rtsp.c
  - FAQ: Clarify Windows double quote usage
  - fopen: add Curl_fopen() for better overwriting of files
  - ftp: restore protocol state after http proxy CONNECT
  - ftp: when failing to do a secure GSSAPI login, fail hard
  - GHA/hyper: enable debug in the build
  - gssapi: improve handling of errors from gss_display_status
  - gssapi: initialize gss_buffer_desc strings
  - headers api: remove EXPERIMENTAL tag
  - http2: always debug print stream id in decimal with %u
  - http2: reject overly many push-promise headers
  - http: restore header folding behavior
  - hyper: use 'alt-used'
  - krb5: return error properly on decode errors
  - lib: make more protocol specific struct fields #ifdefed
  - libcurl-security.3: add "Secrets in memory"
  - libcurl-security.3: document CRLF header injection
  - libssh: skip the fake-close when libssh does the right thing
  - links: update dead links to the curl-wiki
  - log2changes: do not indent empty lines [ci skip]
  - macos9: remove partial support
  - Makefile.am: fix portability issues
  - Makefile.m32: delete obsolete options, improve -On [ci skip]
  - Makefile.m32: delete two obsolete OpenSSL options [ci skip]
  - Makefile.m32: stop forcing XP target with ipv6 enabled [ci skip]
  - max-time.d: clarify max-time sets max transfer time
  - mprintf: ignore clang non-literal format string
  - netrc: check %USERPROFILE% as well on Windows
  - netrc: support quoted strings
  - ngtcp2: allow curl to send larger UDP datagrams
  - ngtcp2: correct use of ngtcp2 and nghttp3 signed integer types
  - ngtcp2: enable Linux GSO
  - ngtcp2: extend QUIC transport parameters buffer
  - ngtcp2: fix alert_read_func return value
  - ngtcp2: fix typo in preprocessor condition
  - ngtcp2: handle error from ngtcp2_conn_submit_crypto_data
  - ngtcp2: send appropriate connection close error code
  - ngtcp2: support boringssl crypto backend
  - ngtcp2: use helper funcs to simplify TLS handshake integration
  - ntlm: provide a fixed fake host name
  - projects: fix third-party SSL library build paths for Visual Studio
    ... changelog too long, skipping 40 lines ...
  - x509asn1: mark msnprintf return as unchecked

==== gpg2 ====
Version update (2.3.6 -> 2.3.7)
Subpackages: dirmngr gpg2-lang

- GnuPG 2.3.7:
  * CVE-2022-34903: garbled status messages could trick gpgme and
    other parsers to accept faked status lines [boo#1201225]
  * A number of bug fixes to the gpg command line interface
  * gpgsm gained a number of new options and got some rework on
    the PKCS#12 parser to support DFN issues keys
  * The gpg agent got some added options and UI tweaks
  * smart card support got a number of bug fixes, and improved
    support for Technology Nexus cards and Yubikey
  * The Telesec ESIGN application is now supported

==== kdump ====
Version update (1.0.2+git13.ge715180 -> 1.0.2+git17.g491c742)

- fix network-related dracut options handling for fadump case
- drop the elevator=deadline kernel option (bsc#1193211)
- fix broken URL in manpage (bsc#1187312)

==== kernel-firmware ====
Version update (20220622 -> 20220714)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd

- Update to version 20220714 (git commit 84661a3ba62f):
  * amdgpu: update DMCUB firmware for DCN 3.1.6
  * WHENCE: Correct dangling symlinks
  * Correct WHENCE entry for wfx firmware
  * bnx2: Drop unsupported Broadcom NetXtremeII firmware
  * bnx2: drop unsupported firmwares
  * bnx2: sort firmware names in filesystem order
  * Remove old Broadcom Everest (bnx2x) v4/5 firmware
  * drop Token Ring network firmwares
  * Drop TDA7706 radio firmware
  * Drop Intel WiMax firmware
  * Drop Computone IntelliPort Plus serial firmware
  * Drop ATM Ambassador devices firmware
  * brocade: drop old unsupported firmware revs
  * amdgpu: update yellow carp DMCUB firmware
  * linux-firmware: update firmware for MT7622 WiFi device
  * linux-firmware: update firmware for MT7922 WiFi device
  * linux-firmware: update firmware for mediatek bluetooth chip (MT7922)
  * linux-firmware: Update firmware file for Intel Bluetooth 9462
  * linux-firmware: Update firmware file for Intel Bluetooth 9462
  * linux-firmware: Update firmware file for Intel Bluetooth 9560
  * linux-firmware: Update firmware file for Intel Bluetooth 9560
  * linux-firmware: Update firmware file for Intel Bluetooth AX201
  * linux-firmware: Update firmware file for Intel Bluetooth AX201
  * linux-firmware: Update firmware file for Intel Bluetooth AX211
  * linux-firmware: Update firmware file for Intel Bluetooth AX211
  * linux-firmware: Update firmware file for Intel Bluetooth AX210
  * linux-firmware: Update firmware file for Intel Bluetooth AX200
  * linux-firmware: Update firmware file for Intel Bluetooth AX201
  * mediatek: Add SCP firmware for MT8186
  * rtw88: 8822c: Update normal firmware to v9.9.13
  * rtw88: 8822c: Update normal firmware to v9.9.12
- Drop obsoleted temporary patches:
  wfx-WHENCE-fix.diff
  brcm-symlink-fixes.diff
- Minor update of README.build
- Fix missing aliases for qlogic (bsc#1200889)

==== libcap ====
Version update (2.64 -> 2.65)

- update to 2.65:
  * Fix syntax error in DEBUG build of protected code in setcap.c.
  * Prevent bash from reading the wrong startup files when the capsh --user=xxx
    argument is used to invoke a shell as the user xxx. This is done by capsh now
    changing the USER and HOME environment variables when --user is specified.
    The argument --noenv can be used to suppress this behavior to what used to be
    the problematic default. (Bug: 215926)
  * Improved documentation

==== libdmtx ====
Version update (0.7.5 -> 0.7.7)

- update to 0.7.7:
  * bug 9: Prevent edifact barcode encoding '31' from user input
  * fix compiler warnings and build errors
  * properly handle error when decoding Base256 scheme
  * remove dead and irrelevant links in the README
  * Add validity checks in DecodeSchemeAscii()
  * Declare variables in DecodeSchemeAscii() locally.
  * Implement RsFindErrorLocatorPoly fix from shm0nya
-  drop libdmtx-DmtxPropRowPadBytes.patch (upstream)#

==== libnettle ====
Version update (3.8 -> 3.8.1)
Subpackages: libhogweed6 libnettle8

- update to 3.8.1:
  * Avoid non-posix m4 argument references in the chacha
    implementation for arm64, powerpc64 and s390x. Reported by
    Christian Weisgerber, fix contributed by Mamone Tarsha.
  * Use explicit .machine pseudo-ops where needed in s390x
    assembly files. Bug report by Andreas K. Huettel, fix
    contributed by Mamone Tarsha.

==== libstorage-ng ====
Version update (4.5.31 -> 4.5.33)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1

- merge gh#openSUSE/libstorage-ng#892
- continue flushing pending holders if a device cannot be found
  (see bsc#1201880)
- coding style
- removed unneeded mockups
- 4.5.33
- Translated using Weblate (Czech) (bsc#1149754)
- 4.5.32

==== libuv ====
Version update (1.44.1 -> 1.44.2)

- update to 1.44.2:
  * Add SHA to ChangeLog
  * aix, ibmi: handle server hang when remote sends TCP RST
  * process: reset the signal mask if the fork fails
  * zos: implement cmpxchgi() using assembly
  * ibmi: Implement UDP disconnect
  * unix: simplify getpwuid call
  * process,iOS: fix build breakage in process.c
  * test: remove unused declarations in tcp_rst test
  * core: add thread-safe strtok implementation
  * test: fix flaky file watcher test
  * unix,win: fix UV_RUN_ONCE + uv_idle_stop loop hang
  * win: fix unexpected ECONNRESET error on TCP socket
  * doc: make sample cross-platform build
  * test: separate some static variables by test cases
  * sunos: fs-event callback can be called after uv_close()
  * uv: re-register interest in a file after change
  * uv: register UV_RENAME event for _RFIM_UNLINK
  * uv: register __rfim_event 156 as UV_RENAME
  * release: check versions of autogen scripts are newer
  * test: rewrite embed test
  * unix: use MSG_CMSG_CLOEXEC where supported
  * test: remove disabled callback_order test
  * kqueue: skip EVFILT_PROC when invalidating fds
  * zos: don't err when killing a zombie process
  * zos: avoid fs event callbacks after uv_close()
  * zos: correctly format interface addresses names
  * zos: add uv_interface_addresses() netmask support
  * zos: improve memory management of ip addresses
  * tcp,pipe: fail `bind` or `listen` after `close`
  * zos: implement uv_available_parallelism()
  * udp,win: fix UDP compiler warning
  * zos: fix early exit of epoll_wait()
  * unix,tcp: fix errno handling in uv__tcp_bind()
  * shutdown,unix: reduce code duplication
  * unix: fix c99 comments
  * unix: retry tcgetattr/tcsetattr() on EINTR
  * unix,stream: optimize uv_shutdown() codepath
  * unix,tcp: allow EINVAL errno from setsockopt in uv_tcp_close_reset()
  * win,shutdown: improve how shutdown is dispatched

==== perl ====
Subpackages: perl-base

- fix build on ppc
  * updated patch: perl_skip_flaky_tests_powerpc.patch

==== polkit ====
Subpackages: libpolkit-agent-1-0 libpolkit-gobject-1-0 typelib-1_0-Polkit-1_0

- split out pkexec into seperate package to make system hardening
  easier (to avoid installing it jsc#PED-132 jsc#PED-148).

==== poppler ====
Version update (22.06.0 -> 22.07.0)
Subpackages: libpoppler-cpp0 libpoppler-glib8 libpoppler122 poppler-tools

- update to 22.07.0:
  * Fix crash when filling in forms in some files. Issue #1258
  * Fix first lines of Annotations sometimes being cut off. Issue #1246
  * Signatures: Don't crash if the signature doesn't have a common name
  * CairoFontEngine: increment font_face reference when retrieving from the cache
  * Add ToUnicode support for lessorequalslant and greaterorequalslant
  glib:
  * Add support for stamp annotation
- add gpg keyring validation for the release tarball
- drop da226d346e691f7545d995d6761d43e08855a3b7.patch (upstream)
- Add da226d346e691f7545d995d6761d43e08855a3b7.patch --
  CairoFontEnginer: increment font_face reference when retrieving
  from the cache; this fixes crashes with certain pdfs
  [glgo#GNOME/evince#1808, glfo#poppler/poppler#1212].

==== poppler-qt5 ====
Version update (22.06.0 -> 22.07.0)

- update to 22.07.0:
  * Fix crash when filling in forms in some files. Issue #1258
  * Fix first lines of Annotations sometimes being cut off. Issue #1246
  * Signatures: Don't crash if the signature doesn't have a common name
  * CairoFontEngine: increment font_face reference when retrieving from the cache
  * Add ToUnicode support for lessorequalslant and greaterorequalslant
  glib:
  * Add support for stamp annotation
- add gpg keyring validation for the release tarball
- drop da226d346e691f7545d995d6761d43e08855a3b7.patch (upstream)
- Add da226d346e691f7545d995d6761d43e08855a3b7.patch --
  CairoFontEnginer: increment font_face reference when retrieving
  from the cache; this fixes crashes with certain pdfs
  [glgo#GNOME/evince#1808, glfo#poppler/poppler#1212].

==== redis ====
Version update (7.0.3 -> 7.0.4)

- Security update to version 7.0.4
  (CVE-2022-31144) A specially crafted XAUTOCLAIM command on a stream
  key in a specific state may result with heap overflow, and potentially
  remote code execution. The problem affects Redis versions 7.0.0 or newer.

==== yast2-bootloader ====
Version update (4.5.1 -> 4.5.2)

- Execute the command grub2-mkpasswd-pbkdf2 in the target system
  so the module can run in a minimal container (bsc#1199840).
- 4.5.2

==== yast2-trans ====
Version update (84.87.20220709.5ead98f887 -> 84.87.20220729.608d4643aa)
Subpackages: yast2-trans-cs yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-fr yast2-trans-hu yast2-trans-it yast2-trans-ja yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ru yast2-trans-zh_CN yast2-trans-zh_TW

- Update to version 84.87.20220729.608d4643aa:
  * Translated using Weblate (Dutch)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Japanese)
  * New POT for text domain 'base'.
  * New POT for text domain 'auth-client'.
  * Translated using Weblate (Czech)
  * Translated using Weblate (Czech)
  * New POT for text domain 'base'.
  * Translated using Weblate (Slovak)
  * Translated using Weblate (Dutch)
  * Translated using Weblate (Catalan)
  * Translated using Weblate (Japanese)
  * New POT for text domain 'journal'.
  * New POT for text domain 'pam'.
  * New POT for text domain 'control'.
  * New POT for text domain 'autoinst'.