Packages changed:
  bind (9.20.1 -> 9.20.2)
  ibus-libpinyin (1.15.7 -> 1.15.8)
  kernel-source (6.10.9 -> 6.10.11)
  libdovi (3.2.0 -> 3.3.1)
  nbdkit (1.40.2 -> 1.40.3)
  openSUSE-release (20240919 -> 20240920)
  osinfo-db
  swtpm

=== Details ===

==== bind ====
Version update (9.20.1 -> 9.20.2)
Subpackages: bind-doc bind-utils

- Update to release 9.20.2
  New Features:
  * Support for Offline KSK implemented.
  * Add a new configuration option offline-ksk to enable Offline
    KSK key management. Signed Key Response (SKR) files created
    with dnssec-ksr (or other programs) can now be imported into
    named with the new rndc skr -import command. Rather than
    creating new DNSKEY, CDS, and CDNSKEY records and generating
    signatures covering these types, these records are loaded from
    the currently active bundle from the imported SKR.
  * The implementation is loosely based on
    draft-icann-dnssec-keymgmt-01.txt.
  * Print the full path of the working directory in startup log
    messages.
  * named now prints its initial working directory during startup,
    and the changed working directory when loading or reloading its
    configuration file, if it has a valid directory option defined.
  * Support a restricted key tag range when generating new keys.
  * When multiple signers are being used to sign a zone, it is
    useful to be able to specify a restricted range of key tags to
    be used by an operator to sign the zone. The range can be
    specified with tag-range in dnssec-policy’s keys (for named and
    dnssec-ksr) and with the new options dnssec-keyfromlabel -M and
    dnssec-keygen -M.
  Feature Changes:
  * Exempt prefetches from the fetches-per-zone and
    fetches-per-server quotas.
  * Fetches generated automatically as a result of prefetch are now
    exempt from the fetches-per-zone and fetches-per-server quotas.
    This should help in maintaining the cache from which query
    responses can be given.
  * Follow the number of CPUs set by taskset/cpuset.
  * Administrators may wish to constrain the set of cores that
    named runs on via the taskset, cpuset, or numactl programs (or
    equivalents on other OSes).
  * If the admin has used taskset, named now automatically uses the
    given number of CPUs rather than the system-wide count.
  Bug Fixes:
  * Delay the release of root privileges until after configuring
    controls.
  * Delay relinquishing root privileges until the control channel
    has been configured, for the benefit of systems that require
    root to use privileged port numbers. This mostly affects
    systems without fine- grained privilege systems (i.e., other
    than Linux).
  * Fix a rare assertion failure when shutting down incoming
    transfer.
  * A very rare assertion failure could be triggered when the
    incoming transfer was either forcefully shut down, or it
    finished during the printing of the details about the
    statistics channel. This has been fixed.
  * Fix algorithm rollover bug when there are two keys with the
    same keytag.
  * If there was an algorithm rollover and two keys of different
    algorithms shared the same keytags, there was the possibility
    that the check of whether the key matched a specific state
    could be performed against the wrong key. This has been fixed
    by not only checking for the matching key tag but also the key
    algorithm.
  * Fix an assertion failure in validate_dnskey_dsset_done().
  * Under rare circumstances, named could terminate unexpectedly
    when validating a DNSKEY resource record if the validation had
    been canceled in the meantime. This has been fixed.
  Known Issues:
  * Long-running tasks in offloaded threads (e.g. the loading of
    RPZ zones or processing zone transfers) may block the
    resolution of queries during these operations and cause the
    queries to time out. To work around the issue, the
    UV_THREADPOOL_SIZE environment variable can be set to a larger
    value before starting named. The recommended value is the
    number of RPZ zones (or number of transfers) plus the number of
    threads BIND should use, which is typically the number of CPUs.

==== ibus-libpinyin ====
Version update (1.15.7 -> 1.15.8)

- Update version to 1.15.8:
  GtkDialog "type-hint" changed to dialog;
  Fix lua plugin;
  Update the Copyright year in setup dialog;
  Update opencc-config to use s2tw.json;

==== kernel-source ====
Version update (6.10.9 -> 6.10.11)

- Linux 6.10.11 (bsc#1012628).
- usb: typec: ucsi: Always set number of alternate modes
  (bsc#1012628).
- usb: typec: ucsi: Fix cable registration (bsc#1012628).
- drm/mediatek: Set sensible cursor width/height values to fix
  crash (bsc#1012628).
- ksmbd: override fsids for share path check (bsc#1012628).
- ksmbd: override fsids for smb2_query_info() (bsc#1012628).
- usbnet: ipheth: remove extraneous rx URB length check
  (bsc#1012628).
- usbnet: ipheth: drop RX URBs with no payload (bsc#1012628).
- usbnet: ipheth: do not stop RX on failing RX callback
  (bsc#1012628).
- usbnet: ipheth: fix carrier detection in modes 1 and 4
  (bsc#1012628).
- net: ethernet: use ip_hdrlen() instead of bit shift
  (bsc#1012628).
- drm: panel-orientation-quirks: Add quirk for Ayn Loki Zero
  (bsc#1012628).
- drm: panel-orientation-quirks: Add quirk for Ayn Loki Max
  (bsc#1012628).
- net: phy: vitesse: repair vsc73xx autonegotiation (bsc#1012628).
- powerpc/mm: Fix boot warning with hugepages and
  CONFIG_DEBUG_VIRTUAL (bsc#1012628).
- wifi: mt76: mt7921: fix NULL pointer access in
  mt7921_ipv6_addr_change (bsc#1012628).
- drm/amdgpu: Update kmd_fw_shared for VCN5 (bsc#1012628).
- net: hns3: use correct release function during uninitialization
  (bsc#1012628).
- btrfs: update target inode's ctime on unlink (bsc#1012628).
- Input: ads7846 - ratelimit the spi_sync error message
  (bsc#1012628).
- Input: synaptics - enable SMBus for HP Elitebook 840 G2
  (bsc#1012628).
- hid-asus: add ROG Ally X prod ID to quirk list (bsc#1012628).
- HID: multitouch: Add support for GT7868Q (bsc#1012628).
- Input: edt-ft5x06 - add support for FocalTech FT8201
  (bsc#1012628).
- cgroup/cpuset: Eliminate unncessary sched domains rebuilds in
  hotplug (bsc#1012628).
- scripts: kconfig: merge_config: config files: add a trailing
  newline (bsc#1012628).
- platform/x86: asus-wmi: Add quirk for ROG Ally X (bsc#1012628).
- platform/surface: aggregator_registry: Add Support for Surface
  Pro 10 (bsc#1012628).
- platform/surface: aggregator_registry: Add support for Surface
  Laptop Go 3 (bsc#1012628).
- platform/surface: aggregator_registry: Add support for Surface
  Laptop Studio 2 (bsc#1012628).
- platform/surface: aggregator_registry: Add fan and thermal
  sensor support for Surface Laptop 5 (bsc#1012628).
- platform/surface: aggregator_registry: Add support for Surface
  Laptop 6 (bsc#1012628).
- spi: zynqmp-gqspi: Scale timeout by data size (bsc#1012628).
- drm/msm/adreno: Fix error return if missing firmware-name
  (bsc#1012628).
- Input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table
  (bsc#1012628).
- drm/xe/xe2lpm: Extend Wa_16021639441 (bsc#1012628).
- drm/xe: fix WA 14018094691 (bsc#1012628).
- drm/xe: use devm instead of drmm for managed bo (bsc#1012628).
- s390/mm: Pin identity mapping base to zero (bsc#1012628).
- smb/server: fix return value of smb2_open() (bsc#1012628).
- NFSv4: Fix clearing of layout segments in layoutreturn
  (bsc#1012628).
- NFS: Avoid unnecessary rescanning of the per-server delegation
  list (bsc#1012628).
- platform/x86: panasonic-laptop: Fix SINF array out of bounds
  accesses (bsc#1012628).
- platform/x86: panasonic-laptop: Allocate 1 entry extra in the
  sinf array (bsc#1012628).
- mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1012628).
- selftests: mptcp: join: restrict fullmesh endp on 1st sf
  (bsc#1012628).
- arm64: dts: rockchip: fix eMMC/SPI corruption when audio has
  been used on RK3399 Puma (bsc#1012628).
- arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO
  hog on RK3399 Puma (bsc#1012628).
- minmax: reduce min/max macro expansion in atomisp driver
  (bsc#1012628).
- net: tighten bad gso csum offset check in virtio_net_hdr
  (bsc#1012628).
- net: libwx: fix number of Rx and Tx descriptors (bsc#1012628).
- dm-integrity: fix a race condition when accessing recalc_sector
  (bsc#1012628).
- clocksource: hyper-v: Use lapic timer in a TDX VM without
  paravisor (bsc#1012628).
- x86/hyperv: fix kexec crash due to VP assist page corruption
  (bsc#1012628).
- mm: avoid leaving partial pfn mappings around in error case
  (bsc#1012628).
- bcachefs: Fix bch2_extents_match() false positive (bsc#1012628).
- bcachefs: Revert lockless buffered IO path (bsc#1012628).
- bcachefs: Don't delete open files in online fsck (bsc#1012628).
- arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for
  ROCK Pi E (bsc#1012628).
- firmware: qcom: uefisecapp: Fix deadlock in qcuefi_acquire()
  (bsc#1012628).
- riscv: dts: starfive: jh7110-common: Fix lower rate of CPUfreq
    ... changelog too long, skipping 766 lines ...
- commit e9c5fe9

==== libdovi ====
Version update (3.2.0 -> 3.3.1)

- Update to 3.3.1:
  * Changed AV1 function signatures to take slices as input and
    return a Vec.
  * Added write_av1_rpu_metadata_obu_t35_complete function to encode
    RPUs in complete metadata OBU payloads.
  * XML parser: support decimals when parsing Level6 MaxCLL/MaxFALL
    values.
  * Added DoviRpu::parse_itu_t35_dovi_metadata_obu and deprecated
    av1::parse_itu_t35_dovi_metadata_obu.
  * Fixed encoding AV1 payloads with trailing bytes. They are now
    discarded.
  * Added dovi_write_av1_rpu_metadata_obu_t35_{payload,complete}
    functions.
  * Added dovi_parse_itu_t35_dovi_metadata_obu function.
  * Added support for parsing ext_mapping_idc in RpuDataHeader.

==== nbdkit ====
Version update (1.40.2 -> 1.40.3)
Subpackages: nbdkit-basic-filters nbdkit-basic-plugins nbdkit-curl-plugin nbdkit-nbd-plugin nbdkit-python-plugin nbdkit-server nbdkit-ssh-plugin nbdkit-vddk-plugin

- Update to version 1.40.3:
  * Version 1.40.3.
  * ip: Do late filtering in list_exports as well as open
  * docs/nbdkit_shutdown.pod: Minor copyediting
  * docs/nbdkit_error.pod: Typo 'thre' -> 'there'
  * podwrapper: Check cross-references to C API pages
  * docs: Fix cross-reference to nbdkit_stdio_safe(3)
  * ocaml: Use thread-local key to register & unregister the thread
  * ocaml: Reinitialize the OCaml runtime after fork
  * tests: Refactor ocaml errorcodes plugin used in testing
- Move nbdkit-null-plugin to the nbdkit-server package

==== openSUSE-release ====
Version update (20240919 -> 20240920)
Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd

- automatically generated by openSUSE-release-tools/pkglistgen

==== osinfo-db ====

- Add support for SLE Micro 6.1 (jsc#PED-8910)
  add-slem6.1-support.patch
- Drop support for Leap 15.7. Next major version is Leap 16
  add-opensuse-leap-15.7-support.patch
- Adjust place holder release-date for sle15sp7
  add-sle15sp7-support.patch

==== swtpm ====
Subpackages: swtpm-selinux

- Fix swtpm custom module (bsc#1229131)
  - Add patch: 1229131-fix-swtpm-selinux-policy-mismatch.patch
  - this can be removed once swtpm upstream sorts out their custom selinux module.
    see: https://github.com/stefanberger/swtpm/issues/885
    there were a couple changes in the selinux-policy libvirt handling
    which causes the logfile in /var/log/swtpm/libvirt/qemu/*.log to be labeled
    virt_log_t instead of var_log_t. this patch allows swtpm_t to open the virt_log_t