Packages changed:
  apache2 (2.4.58 -> 2.4.59)
  apache2-manual (2.4.58 -> 2.4.59)
  apache2-prefork (2.4.58 -> 2.4.59)
  apache2-utils (2.4.58 -> 2.4.59)
  f2fs-tools (1.15.0 -> 1.16.0)
  gnome-text-editor (46.0 -> 46.1)
  gom (0.5.0 -> 0.5.1)
  grep
  gupnp
  jack
  kernel-source (6.8.4 -> 6.8.5)
  lensfun
  liblouis
  miniupnpc (2.2.5 -> 2.2.6)
  openSUSE-build-key
  openSUSE-release (20240411 -> 20240412)
  ovmf
  pam (1.6.0 -> 1.6.1)
  pam-config (2.11 -> 2.11+git.20240411)
  pam-full-src (1.6.0 -> 1.6.1)
  postfix
  python-Pillow
  update-alternatives (1.22.5 -> 1.22.6)

=== Details ===

==== apache2 ====
Version update (2.4.58 -> 2.4.59)

- Update to 2.4.59:
  * ) mod_deflate: Fixes and better logging for handling various
    error and edge cases. [Eric Covener, Yann Ylavic, Joe Orton,
    Eric Norris <enorris etsy.com>]
  * ) Add CGIScriptTimeout to mod_cgi. [Eric Covener]
  * ) mod_xml2enc: Tolerate libxml2 2.12.0 and later.  PR 68610
    [ttachi <tachihara AT hotmail.com>]
  * ) mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable.
    [Jean-Frederic Clere]
  * ) mod_ssl: Use OpenSSL-standard functions to assemble CA
    name lists for SSLCACertificatePath/SSLCADNRequestPath.
    Names will now be consistently sorted. PR 61574.
    [Joe Orton]
  * ) mod_xml2enc: Update check to accept any text/ media type
    or any XML media type per RFC 7303, avoiding
    corruption of Microsoft OOXML formats.  PR 64339.
    [Joseph Heenan <joseph.heenan fintechlabs.io>, Joe Orton]
  * ) mod_http2: v2.0.26 with the following fixes:
  - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes
    <https://github.com/icing/mod_h2/issues/272>.
  - Fixed small memory leak in h2 header bucket free. Thanks to
    Michael Kaufmann for finding this and providing the fix.
  * ) htcacheclean: In -a/-A mode, list all files per subdirectory
    rather than only one. PR 65091.
    [Artem Egorenkov <aegorenkov.91 gmail.com>]
  * ) mod_ssl: SSLProxyMachineCertificateFile/Path may reference files
    which include CA certificates; those CA certs are treated as if
    configured with SSLProxyMachineCertificateChainFile.  [Joe Orton]
  * ) htpasswd, htdbm, dbmmanage: Update help&docs to refer to
    "hashing", rather than "encrypting" passwords.
    [Michele Preziuso <mpreziuso kaosdynamics.com>]
  * ) mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047.
    [Giovanni Bechis, Yann Ylavic]
  * ) htpasswd: Add support for passwords using SHA-2.  [Joe Orton,
    Yann Ylavic]
  * ) core: Allow mod_env to override system environment vars. [Joe Orton]
  * ) Allow mod_dav_fs to tolerate race conditions between PROPFIND and an
    operation which removes a directory/file between apr_dir_read() and
    apr_stat(). Current behaviour is to abort the connection which seems
    inferior to tolerating (and logging) the error. [Joe Orton]
  * ) mod_ldap: HTML-escape data in the ldap-status handler.
    [Eric Covener, Chamal De Silva]
  * ) mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set.
    Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available,
    notably with OpenSSL >= 3.  PR 68080.  [Yann Ylavic, Joe Orton]
  * ) mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about
    deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting
    to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice).
    [Yann Ylavic]
  * ) mod_ssl: release memory to the OS when needed. [Giovanni Bechis]
  * ) mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when
    some dollar substitution (backreference) happens in the hostname or port
    part of the URL.  [Yann Ylavic]
  * ) mod_proxy: Allow to set a TTL for how long DNS resolutions to backend
    systems are cached. [Yann Ylavic]
  * ) mod_proxy: Add optional third argument for ProxyRemote, which
    configures Basic authentication credentials to pass to the remote
    proxy.  PR 37355.  [Joe Orton]

==== apache2-manual ====
Version update (2.4.58 -> 2.4.59)

- Update to 2.4.59:
  * ) mod_deflate: Fixes and better logging for handling various
    error and edge cases. [Eric Covener, Yann Ylavic, Joe Orton,
    Eric Norris <enorris etsy.com>]
  * ) Add CGIScriptTimeout to mod_cgi. [Eric Covener]
  * ) mod_xml2enc: Tolerate libxml2 2.12.0 and later.  PR 68610
    [ttachi <tachihara AT hotmail.com>]
  * ) mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable.
    [Jean-Frederic Clere]
  * ) mod_ssl: Use OpenSSL-standard functions to assemble CA
    name lists for SSLCACertificatePath/SSLCADNRequestPath.
    Names will now be consistently sorted. PR 61574.
    [Joe Orton]
  * ) mod_xml2enc: Update check to accept any text/ media type
    or any XML media type per RFC 7303, avoiding
    corruption of Microsoft OOXML formats.  PR 64339.
    [Joseph Heenan <joseph.heenan fintechlabs.io>, Joe Orton]
  * ) mod_http2: v2.0.26 with the following fixes:
  - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes
    <https://github.com/icing/mod_h2/issues/272>.
  - Fixed small memory leak in h2 header bucket free. Thanks to
    Michael Kaufmann for finding this and providing the fix.
  * ) htcacheclean: In -a/-A mode, list all files per subdirectory
    rather than only one. PR 65091.
    [Artem Egorenkov <aegorenkov.91 gmail.com>]
  * ) mod_ssl: SSLProxyMachineCertificateFile/Path may reference files
    which include CA certificates; those CA certs are treated as if
    configured with SSLProxyMachineCertificateChainFile.  [Joe Orton]
  * ) htpasswd, htdbm, dbmmanage: Update help&docs to refer to
    "hashing", rather than "encrypting" passwords.
    [Michele Preziuso <mpreziuso kaosdynamics.com>]
  * ) mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047.
    [Giovanni Bechis, Yann Ylavic]
  * ) htpasswd: Add support for passwords using SHA-2.  [Joe Orton,
    Yann Ylavic]
  * ) core: Allow mod_env to override system environment vars. [Joe Orton]
  * ) Allow mod_dav_fs to tolerate race conditions between PROPFIND and an
    operation which removes a directory/file between apr_dir_read() and
    apr_stat(). Current behaviour is to abort the connection which seems
    inferior to tolerating (and logging) the error. [Joe Orton]
  * ) mod_ldap: HTML-escape data in the ldap-status handler.
    [Eric Covener, Chamal De Silva]
  * ) mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set.
    Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available,
    notably with OpenSSL >= 3.  PR 68080.  [Yann Ylavic, Joe Orton]
  * ) mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about
    deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting
    to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice).
    [Yann Ylavic]
  * ) mod_ssl: release memory to the OS when needed. [Giovanni Bechis]
  * ) mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when
    some dollar substitution (backreference) happens in the hostname or port
    part of the URL.  [Yann Ylavic]
  * ) mod_proxy: Allow to set a TTL for how long DNS resolutions to backend
    systems are cached. [Yann Ylavic]
  * ) mod_proxy: Add optional third argument for ProxyRemote, which
    configures Basic authentication credentials to pass to the remote
    proxy.  PR 37355.  [Joe Orton]

==== apache2-prefork ====
Version update (2.4.58 -> 2.4.59)

- Update to 2.4.59:
  * ) mod_deflate: Fixes and better logging for handling various
    error and edge cases. [Eric Covener, Yann Ylavic, Joe Orton,
    Eric Norris <enorris etsy.com>]
  * ) Add CGIScriptTimeout to mod_cgi. [Eric Covener]
  * ) mod_xml2enc: Tolerate libxml2 2.12.0 and later.  PR 68610
    [ttachi <tachihara AT hotmail.com>]
  * ) mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable.
    [Jean-Frederic Clere]
  * ) mod_ssl: Use OpenSSL-standard functions to assemble CA
    name lists for SSLCACertificatePath/SSLCADNRequestPath.
    Names will now be consistently sorted. PR 61574.
    [Joe Orton]
  * ) mod_xml2enc: Update check to accept any text/ media type
    or any XML media type per RFC 7303, avoiding
    corruption of Microsoft OOXML formats.  PR 64339.
    [Joseph Heenan <joseph.heenan fintechlabs.io>, Joe Orton]
  * ) mod_http2: v2.0.26 with the following fixes:
  - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes
    <https://github.com/icing/mod_h2/issues/272>.
  - Fixed small memory leak in h2 header bucket free. Thanks to
    Michael Kaufmann for finding this and providing the fix.
  * ) htcacheclean: In -a/-A mode, list all files per subdirectory
    rather than only one. PR 65091.
    [Artem Egorenkov <aegorenkov.91 gmail.com>]
  * ) mod_ssl: SSLProxyMachineCertificateFile/Path may reference files
    which include CA certificates; those CA certs are treated as if
    configured with SSLProxyMachineCertificateChainFile.  [Joe Orton]
  * ) htpasswd, htdbm, dbmmanage: Update help&docs to refer to
    "hashing", rather than "encrypting" passwords.
    [Michele Preziuso <mpreziuso kaosdynamics.com>]
  * ) mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047.
    [Giovanni Bechis, Yann Ylavic]
  * ) htpasswd: Add support for passwords using SHA-2.  [Joe Orton,
    Yann Ylavic]
  * ) core: Allow mod_env to override system environment vars. [Joe Orton]
  * ) Allow mod_dav_fs to tolerate race conditions between PROPFIND and an
    operation which removes a directory/file between apr_dir_read() and
    apr_stat(). Current behaviour is to abort the connection which seems
    inferior to tolerating (and logging) the error. [Joe Orton]
  * ) mod_ldap: HTML-escape data in the ldap-status handler.
    [Eric Covener, Chamal De Silva]
  * ) mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set.
    Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available,
    notably with OpenSSL >= 3.  PR 68080.  [Yann Ylavic, Joe Orton]
  * ) mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about
    deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting
    to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice).
    [Yann Ylavic]
  * ) mod_ssl: release memory to the OS when needed. [Giovanni Bechis]
  * ) mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when
    some dollar substitution (backreference) happens in the hostname or port
    part of the URL.  [Yann Ylavic]
  * ) mod_proxy: Allow to set a TTL for how long DNS resolutions to backend
    systems are cached. [Yann Ylavic]
  * ) mod_proxy: Add optional third argument for ProxyRemote, which
    configures Basic authentication credentials to pass to the remote
    proxy.  PR 37355.  [Joe Orton]

==== apache2-utils ====
Version update (2.4.58 -> 2.4.59)

- Update to 2.4.59:
  * ) mod_deflate: Fixes and better logging for handling various
    error and edge cases. [Eric Covener, Yann Ylavic, Joe Orton,
    Eric Norris <enorris etsy.com>]
  * ) Add CGIScriptTimeout to mod_cgi. [Eric Covener]
  * ) mod_xml2enc: Tolerate libxml2 2.12.0 and later.  PR 68610
    [ttachi <tachihara AT hotmail.com>]
  * ) mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable.
    [Jean-Frederic Clere]
  * ) mod_ssl: Use OpenSSL-standard functions to assemble CA
    name lists for SSLCACertificatePath/SSLCADNRequestPath.
    Names will now be consistently sorted. PR 61574.
    [Joe Orton]
  * ) mod_xml2enc: Update check to accept any text/ media type
    or any XML media type per RFC 7303, avoiding
    corruption of Microsoft OOXML formats.  PR 64339.
    [Joseph Heenan <joseph.heenan fintechlabs.io>, Joe Orton]
  * ) mod_http2: v2.0.26 with the following fixes:
  - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes
    <https://github.com/icing/mod_h2/issues/272>.
  - Fixed small memory leak in h2 header bucket free. Thanks to
    Michael Kaufmann for finding this and providing the fix.
  * ) htcacheclean: In -a/-A mode, list all files per subdirectory
    rather than only one. PR 65091.
    [Artem Egorenkov <aegorenkov.91 gmail.com>]
  * ) mod_ssl: SSLProxyMachineCertificateFile/Path may reference files
    which include CA certificates; those CA certs are treated as if
    configured with SSLProxyMachineCertificateChainFile.  [Joe Orton]
  * ) htpasswd, htdbm, dbmmanage: Update help&docs to refer to
    "hashing", rather than "encrypting" passwords.
    [Michele Preziuso <mpreziuso kaosdynamics.com>]
  * ) mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047.
    [Giovanni Bechis, Yann Ylavic]
  * ) htpasswd: Add support for passwords using SHA-2.  [Joe Orton,
    Yann Ylavic]
  * ) core: Allow mod_env to override system environment vars. [Joe Orton]
  * ) Allow mod_dav_fs to tolerate race conditions between PROPFIND and an
    operation which removes a directory/file between apr_dir_read() and
    apr_stat(). Current behaviour is to abort the connection which seems
    inferior to tolerating (and logging) the error. [Joe Orton]
  * ) mod_ldap: HTML-escape data in the ldap-status handler.
    [Eric Covener, Chamal De Silva]
  * ) mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set.
    Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available,
    notably with OpenSSL >= 3.  PR 68080.  [Yann Ylavic, Joe Orton]
  * ) mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about
    deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting
    to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice).
    [Yann Ylavic]
  * ) mod_ssl: release memory to the OS when needed. [Giovanni Bechis]
  * ) mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when
    some dollar substitution (backreference) happens in the hostname or port
    part of the URL.  [Yann Ylavic]
  * ) mod_proxy: Allow to set a TTL for how long DNS resolutions to backend
    systems are cached. [Yann Ylavic]
  * ) mod_proxy: Add optional third argument for ProxyRemote, which
    configures Basic authentication credentials to pass to the remote
    proxy.  PR 37355.  [Joe Orton]

==== f2fs-tools ====
Version update (1.15.0 -> 1.16.0)

- update to 1.16.0:
  * Various bug fixes in fsck and mkfs for zoned device support.

==== gnome-text-editor ====
Version update (46.0 -> 46.1)
Subpackages: gnome-text-editor-lang

- Update to version 46.1:
  + Remove DBusActicatable=true from the .desktop file to fix an
    issue where you could spawn Text Editor via D-Bus and not have
    the session restored at startup.
  + AppData fixes.
  + Updated translations.
- Drop data-desktop-disable-DBusActivatable.patch: fixed upstream.

==== gom ====
Version update (0.5.0 -> 0.5.1)

- Update to version 0.5.1:
  + Reduce object inflation overhead in GType system usage.
  + Avoid some allocations in hot paths.
  + Avoid hashtables for resourcegroup items.
  + Avoid use of weak pointers when unnecessary.

==== grep ====
Subpackages: grep-lang

- restore texinfo macros for SLE15

==== gupnp ====

- remove dependency on /usr/bin/python3 using
  %python3_fix_shebang macro, [bsc#1212476]

==== jack ====
Subpackages: jack-dbus libjack0

- remove dependency on /usr/bin/python3 using
  %python3_fix_shebang macro, [bsc#1212476]

==== kernel-source ====
Version update (6.8.4 -> 6.8.5)

- gcc-plugins/stackleak: Avoid .head.text section (git-fixes).
- commit 542f698
- Linux 6.8.5 (bsc#1012628).
- x86: set SPECTRE_BHI_ON as default (bsc#1012628).
- KVM: x86: Add BHI_NO (bsc#1012628).
- x86/bhi: Mitigate KVM by default (bsc#1012628).
- x86/bhi: Add BHI mitigation knob (bsc#1012628 bsc#1217339 CVE-2024-2201).
- Update config files (set SPECTRE_BHI_ON=y which is the default later).
- x86/bhi: Enumerate Branch History Injection (BHI) bug
  (bsc#1012628).
- x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1012628).
- x86/bhi: Add support for clearing branch history at syscall
  entry (bsc#1012628).
- x86/syscall: Don't force use of indirect calls for system calls
  (bsc#1012628).
- x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file
  (bsc#1012628).
- x86/efistub: Remap kernel text read-only before dropping NX
  attribute (bsc#1012628).
- x86/sev: Move early startup code into .head.text section
  (bsc#1012628).
- x86/sme: Move early SME kernel encryption handling into
  .head.text (bsc#1012628).
- x86/boot: Move mem_encrypt= parsing to the decompressor
  (bsc#1012628).
- efi/libstub: Add generic support for parsing mem_encrypt=
  (bsc#1012628).
- bpf: support deferring bpf_link dealloc to after RCU grace
  period (bsc#1012628).
- bpf: put uprobe link's path and task in release callback
  (bsc#1012628).
- Revert "x86/mpparse: Register APIC address only once"
  (bsc#1012628).
- drm/xe: Rework rebinding (bsc#1012628).
- drm/xe: Use ring ops TLB invalidation for rebinds (bsc#1012628).
- drm/i915/gt: Enable only one CCS for compute workload
  (bsc#1012628).
- drm/i915/gt: Do not generate the command streamer for all the
  CCS (bsc#1012628).
- drm/i915/gt: Disable HW load balancing for CCS (bsc#1012628).
- drm/i915/dp: Fix the computation for compressed_bpp for DISPLAY
  < 13 (bsc#1012628).
- drm/i915/mst: Reject FEC+MST on ICL (bsc#1012628).
- drm/i915/mst: Limit MST+DSC to TGL+ (bsc#1012628).
- smb: client: fix potential UAF in
  cifs_signal_cifsd_for_reconnect() (bsc#1012628).
- smb: client: fix potential UAF in smb2_is_network_name_deleted()
  (bsc#1012628).
- smb: client: fix potential UAF in is_valid_oplock_break()
  (bsc#1012628).
- smb: client: fix potential UAF in smb2_is_valid_lease_break()
  (bsc#1012628).
- smb: client: fix potential UAF in smb2_is_valid_oplock_break()
  (bsc#1012628).
- smb: client: fix potential UAF in cifs_dump_full_key()
  (bsc#1012628).
- smb: client: fix potential UAF in cifs_stats_proc_show()
  (bsc#1012628).
- smb: client: fix potential UAF in cifs_stats_proc_write()
  (bsc#1012628).
- smb: client: fix potential UAF in cifs_debug_files_proc_show()
  (bsc#1012628).
- smb3: retrying on failed server close (bsc#1012628).
- smb: client: serialise cifs_construct_tcon() with
  cifs_mount_mutex (bsc#1012628).
- smb: client: handle DFS tcons in cifs_construct_tcon()
  (bsc#1012628).
- smb: client: refresh referral without acquiring refpath_lock
  (bsc#1012628).
- smb: client: guarantee refcounted children from parent session
  (bsc#1012628).
- smb: client: fix UAF in smb2_reconnect_server() (bsc#1012628).
- riscv: process: Fix kernel gp leakage (bsc#1012628).
- riscv: Fix spurious errors from __get/put_kernel_nofault
  (bsc#1012628).
- s390/entry: align system call table on 8 bytes (bsc#1012628).
- selftests/mm: include strings.h for ffsl (bsc#1012628).
- mm/secretmem: fix GUP-fast succeeding on secretmem folios
  (bsc#1012628).
- arm64/ptrace: Use saved floating point state type to determine
  SVE layout (bsc#1012628).
- riscv: Fix vector state restore in rt_sigreturn() (bsc#1012628).
- aio: Fix null ptr deref in aio_complete() wakeup (bsc#1012628).
- perf/x86/intel/ds: Don't clear ->pebs_data_cfg for the last
  PEBS event (bsc#1012628).
- x86/coco: Require seeding RNG with RDRAND on CoCo systems
  (bsc#1012628).
- x86/mce: Make sure to grab mce_sysfs_mutex in set_bank()
  (bsc#1012628).
- x86/mm/pat: fix VM_PAT handling in COW mappings (bsc#1012628).
- of: module: prevent NULL pointer dereference in vsnprintf()
  (bsc#1012628).
- of: dynamic: Synchronize of_changeset_destroy() with the
  devlink removals (bsc#1012628).
- driver core: Introduce device_link_wait_removal() (bsc#1012628).
- ASoC: SOF: Intel: hda: Compensate LLP in case it is not reset
  (bsc#1012628).
- ASoC: SOF: ipc4-pcm: Correct the delay calculation
  (bsc#1012628).
    ... changelog too long, skipping 395 lines ...
- commit f362b5c

==== lensfun ====
Subpackages: lensfun-data liblensfun1

- remove dependency on /usr/bin/python3 using
  %python3_fix_shebang macro, [bsc#1212476]

==== liblouis ====
Subpackages: liblouis-data liblouis20 python3-louis

- Run python tests in %check

==== miniupnpc ====
Version update (2.2.5 -> 2.2.6)

- update to 2.2.6:
  * includes charset="utf-8" in Content-Type
  * fix memory allocation error in minissdpc.c
  * Make User-Agent compliant.
  * add new binary listdevices => upnp-listdevices
- added %check section to run unit tests

==== openSUSE-build-key ====

- SLM 6.0 key (ALP / SLF1) RSA 4096 bit key
  - gpg-pubkey-09d9ea69-645b99ce.asc
- 2024 SUSE Linux Enterprise 15 SP6 RSA 4096 bit key
  - gpg-pubkey-3fa1d6ce-63c9481c.asc
- SLM 6.0 key (ALP / SLF1) RSA 4096 bit reserve key
  - gpg-pubkey-73f03759-626bd414.asc
- 2024 SUSE Linux Enterprise 15 SP6 RSA 4096 bit reserve key
  - gpg-pubkey-d588dc46-63c939db.asc
- obsoleted a incorrectly used DSA1024 key (used in Slowroll).

==== openSUSE-release ====
Version update (20240411 -> 20240412)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd

- automatically generated by openSUSE-release-tools/pkglistgen

==== ovmf ====
Subpackages: qemu-ovmf-x86_64

- Add ovmf-EmbeddedPkg-Library-Support-SOURCE_DATE_EPOCH-in-Vir.patch
  Support SOURCE_DATE_EPOCH in VirtualRealTimeClockLib for reproducible.
  (bsc#1217704)

==== pam ====
Version update (1.6.0 -> 1.6.1)
Subpackages: pam-32bit

- Update to version 1.6.1
  - pam_env: fixed --disable-econf --enable-vendordir support.
  - pam_unix: do not warn if password aging is disabled.
  - pam_unix: try to set uid to 0 before unix_chkpwd invocation.
  - pam_unix: allow empty passwords with non-empty hashes.
  - Multiple minor bug fixes, build fixes, portability fixes,
    documentation improvements, and translation updates.
- Remove backports:
  - pam_env-fix_vendordir.patch
  - pam_env-fix-enable-vendordir-fallback.patch
  - pam_env-remove-escaped-newlines.patch
  - pam_unix-fix-password-aging-disabled.patch

==== pam-config ====
Version update (2.11 -> 2.11+git.20240411)

- Update to version 2.11+git.20240411:
  * Configure Himmelblau correctly w/ other services present
  * Configure other services correctly w/ Himmelblau present
  * Himmelblau session is only optional

==== pam-full-src ====
Version update (1.6.0 -> 1.6.1)

- Update to version 1.6.1
  - pam_env: fixed --disable-econf --enable-vendordir support.
  - pam_unix: do not warn if password aging is disabled.
  - pam_unix: try to set uid to 0 before unix_chkpwd invocation.
  - pam_unix: allow empty passwords with non-empty hashes.
  - Multiple minor bug fixes, build fixes, portability fixes,
    documentation improvements, and translation updates.
- Remove backports:
  - pam_env-fix_vendordir.patch
  - pam_env-fix-enable-vendordir-fallback.patch
  - pam_env-remove-escaped-newlines.patch
  - pam_unix-fix-password-aging-disabled.patch

==== postfix ====

- Move qshape(1) out of -doc, install it as a binary with the main package

==== python-Pillow ====

- Reenable tests for s390x and ppc, bsc#1222553
  gh#python-pillow/Pillow#1204

==== update-alternatives ====
Version update (1.22.5 -> 1.22.6)

- Update to version 1.22.6.
  The changelog for this version isn't very large, so it's provided in full:
  * dpkg-deb: Fix up compressor parameters for default legacy format.
  * Perl modules:
  - Dpkg::Vendor::Debian: Make it possible to disable qa=-bug-implicit-func.
  - Dpkg::Vendor::Debian: Unconditionally set qa bug-implicit-func.
  * Documentation:
  - man: Document dpkg versions supporting SOURCE_DATE_EPOCH for various
    tools.
  * Code internals:
  - libdpkg: Use array access instead of pointer arithmetic for meminfo
    parser.
  - libdpkg: Use a macro to define the zstd default compression level.
  * Build system:
  - Test with minimal library dependencies in CI.
  - Add gen-release script.
  * Packaging:
  - Fix typo in man page reference in changelog.
  * Test suite:
  - Refactor OpenPGP backend and commands list.
  - Refactor certfile and keyfile filenames for OpenPGP test.
  - Skip OpenPGP tests if the backend does not have a verify command.
  * Localization:
  - Fix typos in Swedish man pages translations.
  - Fix typos in Swedish man pages translations.
  - Update Dutch man pages translations.
  - Update Portuguese man pages translations.
  - Update German man pages translation.