Packages changed:
  apr (1.7.4 -> 1.7.5)
  libeconf (0.7.2 -> 0.7.3)
  patterns-media
  shim-leap
  tiff (4.6.0 -> 4.7.0)
  virt-manager
  yast2-kdump (5.0.1 -> 5.0.2)

=== Details ===

==== apr ====
Version update (1.7.4 -> 1.7.5)

- version update to 1.7.5 [bsc#1229783] CVE-2023-49582
  * ) Unix: Implement apr_shm_perms_set() for the "POSIX shm_open()"
    and "classic mmap" shared memory implementations.  [Joe Orton,
    Ruediger Pluem]
  * ) Fix missing ';' for XML/HTML hex entities from apr_escape_entity().
    [Yann Ylavic]
  * ) Fix crash in apr_pool_create() with --enable-pool-debug=all|owner.
    [Yann Ylavic]
  * ) Improve platform detection by updating config.guess and config.sub.
    [Rainer Jung]
  * ) CMake: Add support for CMAKE_WARNING_AS_ERROR. [Ivan Zhakov]
  * ) CMake: Enable support for MSVC runtime library selection by abstraction.
    [Ivan Zhakov]
  * ) CMake: Export installed targets (libapr-1, apr-1, libaprapp-1, aprapp-1)
    to apr:: namespace. [Ivan Zhakov]
- modified patches
  % apr-visibility.patch (refreshed)
  % reproducible.patch (refreshed)

==== libeconf ====
Version update (0.7.2 -> 0.7.3)
Subpackages: libeconf0 libeconf0-32bit

- Update to version 0.7.3:
  * Groups handled in an own list (#218)
  * Add econftool as dependency of its tests
  * Simplify snprintf call
  * Remove unused functions and reduce variable visibility (#213)
  * Fix typos (#212)

==== patterns-media ====
Subpackages: patterns-media-rest_cd_core patterns-media-rest_dvd

- pam-extra needs to be present for upgraders, as pam_limits.so
  moved from pam to pam-extra. Ensure it's added to the DVD.

==== shim-leap ====

- RelEng emergency fix: fux source number to install shim-install.
- Update shim version for aarch64 to shim-15.8-lp155.8.8.aarch64.rpm
  coming from openSUSE secure-boot 15.5
  + To avoid failure check by robot, SOURCEs in spec file are redefined.
  + Version: 15.8, "Jan 23 2024"
  + Include the bug fixes for bsc#1215099,bsc#1215098,bsc#1215100,bsc#1215101,
    bsc#1215102, and bsc#1215103.

==== tiff ====
Version update (4.6.0 -> 4.7.0)

- Update to 4.7.0:
  * This version restores in the default build the availability of
    the tools that had been dropped in v4.6.0
    See https://libtiff.gitlab.io/libtiff/rfcs/rfc2_restoring_needed_tools.html#rfc2-restoring-needed-tools
  * Software configuration changes:
    + autoconf build: configure.ac: avoid -Werror passed to CFLAGS to interfere with feature detection
    + autoconf build: fix error when running make clean (fixes issue #630)
    + autoconf build: back off the minimum required automake version to 1.11
    + autoconf.ac: fix detection of windows.h for mingw (fixes issue #605)
    + libtiff-4.pc: Fix Requires.private missing Lerc. It provides a .pc file
    starting from version 4 (in autoconf builds, we assume that liblerc is at least version 4)
    + CMake: Fix TIFF_INCLUDE_DIRS
    + CMake: MinGW compilers don't need a .def file for shared library
    + CMake: move libdeflate and Lerc to Requires.private
    + CMake: enable resource compilation on all Windows.
  * Library changes:
    + Add TIFFOpenOptionsSetMaxCumulatedMemAlloc(). This function complements
    TIFFOpenOptionsSetMaxSingleMemAlloc() to define the maximum cumulated memory
    allocations in byte, for a given TIFF handle, that libtiff internal memory
    allocation functions are allowed.
    + TIFFWriteDirectory(): Avoid overwriting following data if an IFD is enlarged.
    + TIFFXYZToRGB: avoid integer overflow (fixes issue #644)
    + uv_decode() and uv_encode(): avoid potential out-of-bounds array index (fixes issue #645)
    + Fix cases where tif_curdir is set incorrectly. Fix cases where the current directory number (tif_curdir)
    is set inconsistently or incorrectly, depending on the previous history.
    + TIFFRead[Scanline/EncodedStrip/EncodeTile]: 0-initialize output buffer if setupdecode fails ;
    most codecs: zero-initialize (not-yet-written parts of) output buffer if failure (fixes issue #375)
    + OJPEG: reset subsampling_convert_state=0 in OJPEGPreDecode (fixes issue #183)
    + ThunderRLE: fix failure when decoding last run. Bug seen with GhostPDL
    + LERC codec: deal with issues with multi-band PlanarConfig=Contig and NaN values
    + tif_fax3.c: error out after a number of times end-of-file has been reached (fixes issue #583)
    + LZW: avoid warning about misaligned address with UBSAN (fixes issue #616)
    + TIFFReadRGBAStrip/TIFFReadRGBATile: add more validation of col/row (fixes issue #622, CVE-2023-52356)
    + tif_dirread.c: only issue TIFFGetFileSize() for large enough RAM requests
    + Avoid FPEs (division by zero) in tif_getimage.c.
    + Avoiding FPE (division by zero) for TIFFhowmany_32() and TIFFhowmany_64() macros by checking for
    denominator not zero before macros are executed. (fixes issue #628)
    + Add non-zero check before division in TIFFComputeStrip()
    + Fix wrong return of TIFFIsBigTIFF() in case byte-swapping is active
    + Setting the TIFFFieldInfo field set_field_type should consider field_writecount not field_readcount
    + Avoid memory leaks when using TIFFCreateDirectory() by releasing the allocated memory in the tif-structure.
    + For non-terminated ASCII arrays, the buffer is first enlarged before a NULL is set at the end to
    avoid deleting the last character. (fixes issue #579)
    + Check return value of _TIFFCreateAnonField(). (fixes issue #624, CVE-2024-7006)
    + Prevent some out-of-memory attacks (https://gitlab.com/libtiff/libtiff/-/issues/614#note_1602683857)
    + Ensure absolute seeking is forced independent of TIFFReadDirectory success. (fixes issue #618)
    + tif_dirinfo.c: re-enable TIFFTAG_EP_CFAREPEATPATTERNDIM and TIFFTAG_EP_CFAPATTERN tags (fixes issue #608)
    + Fix warnings with GCC 14
    + tif_dir.c: Log source file, line number, and input tif for directory count error (fixes issue #627)
    + Last usage of get_field_type of TIFFField structure at TIFFWriteDirectorySec() changed to using set_field_type.
    + tif_jpeg.c/tif_ojpeg.c: remove likely ifdef tricks related to old compilers or unusual setups
    + Remove _TIFFUInt64ToFloat() and _TIFFUInt64ToDouble()
    + Remove support for _MSC_VER < 1500.
    + Use #ifdef _WIN32 to test for Windows, and tiffio.h: remove definition of __WIN32__
  * Documentation:
    + Amend manpages for changes in current directory index behaviour
    + Note on using TIFFFlush() before TIFFClose() to check that the data has been successfully written to the file. (fixes issue #506)
    + Update TIFF documentation about TIFFOpenOptions.rst and TIFFOpenOptionsSetMaxSingleMemAlloc() usage and some other small fixes (relates to CVE-2024-7006)
  * Re-added tools:
    + fax2ps
    + fax2tiff
    + pal2rgb
    + ppm2tiff
    + raw2tiff
    + rgb2ycbcr (not installed)
    + thumbnail (not installed)
    + tiff2bw
    + tiff2rgba
    + tiffcmp
    + tiffcrop
    + tiffdither
    + tiffgt
    + tiffmedian
    + tiff2ps
    + tiff2pdf
  * New/improved functionality:
    + tiff2rgba: Add background gradient option for alpha compositing
    + tiffcp: -i flag restored
  * Bug fixes for tools:
    + tiffcrop: address Coverity scan issues 1605444, 1605445, and 16054
    + tiffcrop: Apply "Fix heap-buffer-overflow in function extractImageSection"
    + tiffcrop: fix buffer overflows, use after free (fixes issue #542, issue #550, issue #552)
    + tiff2pdf: address Coverity scan issues
    + tiff2pdf: fix inconsistent PLANARCONFIG value for the input and output TIFF
    + tiff2pdf: fix issue with JPEG restart-interval marker when converting from JPEG-compressed files (fixes issue #539)
    + tiff2pdf: red and blue were being swapped for RGBA decoding (fixes issue #253)
    + tiff2pdf: fixes issue #596
    + thumbnail: address Coverity scan issues
    + tiffcp: Add check for limitMalloc return to fix Coverity 1603334
    + tiffcp: preserve TIFFTAG_REFERENCEBLACKWHITE when doing YCbCr JPEG -> YCbCr JPEG
    + tiffcp: replace PHOTOMETRIC_YCBCR with PHOTOMETRIC_RGB when outputing to compression != JPEG (refs issue #571)
    + tiffcp: do not copy tags YCBCRCOEFFICIENTS, YCBCRSUBSAMPLING, YCBCRPOSITIONING, REFERENCEBLACKWHITE. Only set YCBCRSUBSAMPLING when generating YCbCr JPEG
    + tiffcp: Check also codec of input image, not only from output image (fixes issue #606)
    + Add some basic sanity checks for tiffcp and tiffcrop RGB->YCbCr JPEG conversions.
    + fax2ps and fax2tiff: memory leak fixes (fixes issue #476)
    + tiffmedian: memory leak fixes (fixes issue #599)
    + fax2tiff: fix EOFB interpretation (fixes issue #191)
    + fax2tiff: fix issue with unreasonable width input (fixes issue #249)
    + tiffcp and tiffcrop: fixes issue #228
    ... changelog too long, skipping 10 lines ...
- Tools are not built for now due to test failure: `FAIL: tiffcp-32bpp-None-jpeg.sh`

==== virt-manager ====
Subpackages: virt-install virt-manager-common

- Fix SUSE SL Micro detection
  virtinst-add-slem60-detection-support.patch
- Solve bsc#1228384 --dry-run creating pools in a different way
  virtinst-dont-create-storage-pool-for-dryrun.patch
- Upstream bug fixes (bsc#1027942) (jsc#PED-8910)
  094-uitests-handle-newer-libvirt-test-driver-UpdateDevice-support.patch
  095-uitests-force-internal-snapshots-in-test_snapshot.py.patch

==== yast2-kdump ====
Version update (5.0.1 -> 5.0.2)

- Don't write empty  fadump=""  kernel parameter (bsc#1230359)
- 5.0.2