Packages changed:
  amarok
  bind (9.18.6 -> 9.18.7)
  drbd-utils
  freecell-solver
  libreoffice (7.4.1.1 -> 7.4.1.2)
  lvm2
  lvm2-device-mapper
  net-snmp (5.9.2 -> 5.9.3)
  nodejs-common
  nvme-cli
  rpm-config-SUSE (20220421 -> 20220921)
  simple-scan (42.1 -> 42.5)
  systemd
  unzip
  yast2-bootloader (4.5.4 -> 4.5.6)

=== Details ===

==== amarok ====

- Don't require QtWebEngine unconditionally

==== bind ====
Version update (9.18.6 -> 9.18.7)
Subpackages: bind-doc bind-utils

- Update to bind release 9.18.7
  Security Fixes:
  * Previously, there was no limit to the number of database lookups
    performed while processing large delegations, which could be
    abused to severely impact the performance of named running as a
    recursive resolver. This has been fixed. (CVE-2022-2795)
  * When an HTTP connection was reused to request statistics from the
    stats channel, the content length of successive responses could
    grow in size past the end of the allocated buffer.
    This has been fixed. (CVE-2022-2881)
  * Memory leaks in code handling Diffie-Hellman (DH) keys were fixed
    that could be externally triggered, when using TKEY records in DH
    mode with OpenSSL 3.0.0 and later versions. (CVE-2022-2906)
  * named running as a resolver with the stale-answer-client-timeout
    option set to 0 could crash with an assertion failure, when there
    was a stale CNAME in the cache for the incoming query.
    This has been fixed. (CVE-2022-3080)
  * Memory leaks were fixed that could be externally triggered in the
    DNSSEC verification code for the EdDSA algorithm. (CVE-2022-38178)
  Feature Changes:
  * Response Rate Limiting (RRL) code now treats all QNAMEs that are
    subject to wildcard processing within a given zone as the same
    name, to prevent circumventing the limits enforced by RRL.
  * Zones using dnssec-policy now require dynamic DNS or
    inline-signing to be configured explicitly.
  * When reconfiguring dnssec-policy from using NSEC with an NSEC-only
    DNSKEY algorithm (e.g. RSASHA1) to a policy that uses NSEC3,
    BIND 9 no longer fails to sign the zone; instead, it keeps using
    NSEC until the offending DNSKEY records have been removed from the
    zone, then switches to using NSEC3.
  * A backward-compatible approach was implemented for encoding
    internationalized domain names (IDN) in dig and converting the
    domain to IDNA2008 form; if that fails, BIND tries an IDNA2003
    conversion.
  Bug Fixes:
  * A serve-stale bug was fixed, where BIND would try to return stale
    data from cache for lookups that received duplicate queries or
    queries that would be dropped. This bug resulted in premature
    SERVFAIL responses, and has now been resolved.
  This obsoletes the following patch:
  * bind-fix-mysql-bindings.patch
  [bsc#1203614, bsc#1203615, bsc#1203616, bsc#1203618, bsc#1203620]

==== drbd-utils ====

- drbd-utils.spec force _localstatedir to use /var/lib in runtime (bsc#1203220)

==== freecell-solver ====
Subpackages: freecell-solver-presets libfreecell-solver0

- Add missing runtime requirements
- skip python dependencies as they're only for the testsuite

==== libreoffice ====
Version update (7.4.1.1 -> 7.4.1.2)
Subpackages: libreoffice-base libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-en_GB libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-pt_BR libreoffice-l10n-ru libreoffice-l10n-zh_CN libreoffice-l10n-zh_TW libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-writer libreofficekit

- Revert changes that cause problems with the libreoffice window
  in KDE, bsc#1203502
  * bsc1203502.patch
- Update to 7.4.1.2:
  https://wiki.documentfoundation.org/Releases/7.4.1/RC2
- Fix build on SLE-15-SP3
- Fix build with poppler 22.09 on TW
  * poppler-22.09.0.patch

==== lvm2 ====
Subpackages: liblvm2cmd2_03

- lvmlockd is not supporting sanlock (bsc#1203482)
  - set 1 for _supportsanlock in lvm2.spec for enabling sanlock.

==== lvm2-device-mapper ====
Subpackages: device-mapper libdevmapper-event1_03 libdevmapper1_03 libdevmapper1_03-32bit

- lvmlockd is not supporting sanlock (bsc#1203482)
  - set 1 for _supportsanlock in lvm2.spec for enabling sanlock.

==== net-snmp ====
Version update (5.9.2 -> 5.9.3)
Subpackages: perl-SNMP snmp-mibs

- update to 5.9.3:
  - Fixed library versioning bug found in 5.9.2.
  - Library version change to libsnmp40.
- Migration to /usr/etc: Saving user changed configuration files
  in /etc and restoring them while an RPM update.

==== nodejs-common ====

- Use NodeJS 18 as default for TW and for SLE15 SP5

==== nvme-cli ====
Subpackages: nvme-cli-bash-completion nvme-cli-zsh-completion

- Support auto discovery, add %systemd_ordering to spec file (bsc#1186399)
- Mark no binaries rpms as noarch

==== rpm-config-SUSE ====
Version update (20220421 -> 20220921)

- Update to version 20220921:
  * Fix kernel builds after #59
- Update to version 20220919:
  * Redefine %__debug_install_post to simplify debuginfo setup
  * Fix bug not using custom name for summary and description in language packages (boo#1137381)

==== simple-scan ====
Version update (42.1 -> 42.5)
Subpackages: simple-scan-lang

- Update to version 42.5:
  + Updated translations.

==== systemd ====
Subpackages: libsystemd0 libsystemd0-32bit libudev1 libudev1-32bit systemd-32bit systemd-container systemd-lang udev

- Drop the old band aid used during the breakage introduced by the switch of
  /tmp to tmpfs
  This was done to address the regression reported in boo#1175779 but shouldn't
  be necessary anymore since the (few) affected users should have updated
  systemd during the last 2 years.
- Move nss-systemd and nss-myhostname NSS modules into the main package
- Give the instructions to create a home directory with systemd-homed in the
  description of the systemd-experimental sub-package

==== unzip ====
Subpackages: unzip-doc

- Fix CVE-2022-0530, SIGSEGV during the conversion of an utf-8 string
  to a local string (CVE-2022-0530, bsc#1196177)
  * CVE-2022-0530.patch
- Fix CVE-2022-0529, Heap out-of-bound writes and reads during
  conversion of wide string to local string (CVE-2022-0529, bsc#1196180)
  * CVE-2022-0529.patch

==== yast2-bootloader ====
Version update (4.5.4 -> 4.5.6)

- write stage1 location on transactional systems (bsc#1128853)
- 4.5.6
- bsc#1203418
  - added default proposal for hidden timeout
- 4.5.5