Packages changed:
  busybox (1.33.0 -> 1.33.1)
  gstreamer-plugins-bad
  gstreamer-plugins-base
  libbytesize (2.4 -> 2.5)
  libwpe (1.8.0 -> 1.10.0)
  microos-tools (2.9 -> 2.10)
  net-snmp
  patterns-kde
  pipewire (0.3.26 -> 0.3.27)
  python-six (1.15.0 -> 1.16.0)
  python38 (3.8.9 -> 3.8.10)
  python38-core (3.8.9 -> 3.8.10)

=== Details ===

==== busybox ====
Version update (1.33.0 -> 1.33.1)

- update to 1.33.1:
  * httpd: fix sendfile
  * ash: fix HISTFILE corruptio
  * ash: fix unset variable pattern expansion
  * traceroute: fix option parsing
  * gunzip: fix for archive corruption
- drop update_passwd_selinux_fix.patch, included upstream
- add upstream signing key and verify source signature

==== gstreamer-plugins-bad ====
Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstplayer-1_0-0 libgstsctp-1_0-0 libgsturidownloader-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0

- don't own appdata dir - is provided by filesystem

==== gstreamer-plugins-base ====
Subpackages: libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0

- don't own appdata dir - comes from filesystem rpm

==== libbytesize ====
Version update (2.4 -> 2.5)

- update to 2.5:
  * translation updates
  * tools: Read input from stdin when not running in a tty
  * Add support to ppc64le for debian build
  * testsuite fixes

==== libwpe ====
Version update (1.8.0 -> 1.10.0)

- update to 1.10.0:
  - New API to explicitly deinitialize an EGL renderer target, which allows
    implementors of the wpe_renderer_backend_egl_target_interface
  - build system improvements

==== microos-tools ====
Version update (2.9 -> 2.10)

- Update to version 2.10
  - Fixes and improvements for SELinux support
  - Add devel tools

==== net-snmp ====
Subpackages: libsnmp30 snmp-mibs

- Can't assume non-existence of python38 macros in Leap.
  gh#openSUSE/python-rpm-macros#107
  Test for suse_version instead. Only Tumbleweed has and needs the
  python_subpackage_only support.

==== patterns-kde ====

- Require qqc2-desktop-style in kde_plasma

==== pipewire ====
Version update (0.3.26 -> 0.3.27)
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-modules pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools

- Add %bcond_with aac conditional to let 3rd parties to enable
  AAC support.
- Update to 0.3.27
  * Highlights
  - Fix bug that caused bluetooth devices to stop working.
  - Fix session-manager crash when switching users caused by
    the DBus plugin cleanup errors.
  - Improve volume handling of monitor ports.
  - Fix GStreamer v4l2 support.
  - Implement module-remap-sink and module-remap-source in
    pipewire-pulse.
  - More fixes and improvements.
  * PipeWire
  - Move the loopback code into a module. Use this in pw-loopback
    and pipewire-pulse. Fix some cleanup crashes.
  - A dummy echo-cancel module was added. Later versions will
    include the webrtc echo-canceler.
  - State files don't have the X permission anymore.
  - Move i18n core into a private header file.
  - Stream can now advertize properties and receive property
    updates.
  - Fix an issue where the wrong index was used to address a port.
    It caused Bluetooth devices to stop working.
  * SPA plugins
  - Only do LFE filtering on channels we created.
  - Improve name and description of devices.
  - Improve cleanup in DBus connections and sources to avoid crash
    when destroying.
  - Improved volume handling. Hardware, Software and Monitor
    volumes are now properly separated and handled.
  - Support for S8 and S8P formats was added.
  * Tools
  - pw-cli can now also create Struct from JSON arrays.
  * Session-manager
  - The session manager can now also create passive links. This
    makes is possible to suspend effect chains together with the
    sinks when not in use.
  - Match rules now check the complete property value instead of
    only the start.
  - Handle multiple pending param enumerations, take only last
    result. This fixes some volume update issues.
  * GStreamer plugins
  - GStreamer plugins now advertize handling DMABUF explicitly. This
    is currently the only way to avoid a memcpy for v4l2 devices.
  * Device support
  - sync ACP with pulseaudio, merge upstream patch instead of our
    hack to workaround missing duplex devices.
  - V4l2 devices don't expose their fd anymore. Previously the fd
    and mmap offsets were passed to the client to access the buffer
    memory but that could create security issues.
  * Bluetooth
  - Don't unregister the profiles on shutdown because this can cause
    delay, just close the dbus connection.
  - Bluetooth devices now try to use the global samplerate from the
    graph.
  * PulseAudio server
  - Implement remap-sink and remap-source modules using the
    new loopback module.

==== python-six ====
Version update (1.15.0 -> 1.16.0)

- update to 1.16.0:
- Port _SixMetaPathImporter to Python 3.10.

==== python38 ====
Version update (3.8.9 -> 3.8.10)

- Update to 3.8.10:
  - Security
  - bpo-43434: Creating a sqlite3.Connection object now also
    produces a sqlite3.connect auditing event. Previously this
    event was only produced by sqlite3.connect() calls. Patch
    by Erlend E. Aasland.
  - bpo-43472: Ensures interpreter-level audit hooks receive
    the cpython.PyInterpreterState_New event when called
    through the _xxsubinterpreters module.
  - bpo-43075: Fix Regular Expression Denial of Service (ReDoS)
    vulnerability in urllib.request.AbstractBasicAuthHandler.
    The ReDoS-vulnerable regex has quadratic worst-case
    complexity and it allows cause a denial of service when
    identifying crafted invalid RFCs. This ReDoS issue is on
    the client side and needs remote attackers to control the
    HTTP server.
  - Core and Builtins
  - bpo-43105: Importlib now resolves relative paths when
    creating module spec objects from file locations.
  - bpo-42924: Fix bytearray repetition incorrectly copying
    data from the start of the buffer, even if the data is
    offset within the buffer (e.g. after reassigning a slice at
    the start of the bytearray to a shorter byte string).
  - Library
  - bpo-43993: Update bundled pip to 21.1.1.
  - bpo-43937: Fixed the turtle module working with non-default
    root window.
  - bpo-43930: Update bundled pip to 21.1 and setuptools to
    56.0.0
  - bpo-43920: OpenSSL 3.0.0: load_verify_locations() now
    returns a consistent error message when cadata contains no
    valid certificate.
  - bpo-43607: urllib can now convert Windows paths with \\?\
    prefixes into URL paths.
  - bpo-43284: platform.win32_ver derives the windows version
    from sys.getwindowsversion().platform_version which in turn
    derives the version from kernel32.dll (which can be of
    a different version than Windows itself). Therefore change
    the platform.win32_ver to determine the version using the
    platform module?s _syscmd_ver private function to return an
    accurate version.
  - bpo-42248: [Enum] ensure exceptions raised in _missing__
    are released
  - bpo-43799: OpenSSL 3.0.0: define OPENSSL_API_COMPAT 1.1.1
    to suppress deprecation warnings. Python requires OpenSSL
    1.1.1 APIs.
  - bpo-43794: Add ssl.OP_IGNORE_UNEXPECTED_EOF constants
    (OpenSSL 3.0.0)
  - bpo-43789: OpenSSL 3.0.0: Don?t call the password callback
    function a second time when first call has signaled an
    error condition.
  - bpo-43788: The header files for ssl error codes are now
    OpenSSL version-specific. Exceptions will now show correct
    reason and library codes. The make_ssl_data.py script has
    been rewritten to use OpenSSL?s text file with error codes.
  - bpo-43655: tkinter dialog windows are now recognized as
    dialogs by window managers on macOS and X Window.
  - bpo-43534: turtle.textinput() and turtle.numinput() create
    now a transient window working on behalf of the canvas
    window.
  - bpo-43522: Fix problem with hostname_checks_common_name.
    OpenSSL does not copy hostflags from struct SSL_CTX to
    struct SSL.
  - bpo-42967: Allow bytes separator argument in
    urllib.parse.parse_qs and urllib.parse.parse_qsl when
    parsing str query strings. Previously, this raised
    a TypeError.
  - bpo-43176: Fixed processing of a dataclass that inherits
    from a frozen dataclass with no fields. It is now correctly
    detected as an error.
  - bpo-34463: Fixed discrepancy between traceback and the
    interpreter in formatting of SyntaxError with lineno not
    set (traceback was changed to match interpreter).
  - bpo-41735: Fix thread locks in zlib module may go wrong in
    rare case. Patch by Ma Lin.
  - bpo-26053: Fixed bug where the pdb interactive run command
    echoed the args from the shell command line, even if those
    have been overridden at the pdb prompt.
  - bpo-36470: Fix dataclasses with InitVars and replace().
    Patch by Claudiu Popa.
  - bpo-28577: The hosts method on 32-bit prefix length
    IPv4Networks and 128-bit prefix IPv6Networks now returns
    a list containing the single Address instead of an empty
    list.
  - bpo-32745: Fix a regression in the handling of ctypes?
    ctypes.c_wchar_p type: embedded null characters would cause
    a ValueError to be raised. Patch by Zackery Spytz.
  - Documentation
  - bpo-43959: The documentation on the PyContextVar C-API was
    clarified.
  - bpo-43938: Update dataclasses documentation to express that
    FrozenInstanceError is derived from AttributeError.
  - bpo-43739: Fixing the example code in
    Doc/extending/extending.rst to declare and initialize the
    pmodule variable to be of the right type.
  - Tests
  - bpo-43842: Fix a race condition in the SMTP test of
    test_logging. Don?t close a file descriptor (socket) from
    a different thread while asyncore.loop() is polling the
    file descriptor. Patch by Victor Stinner.
  - bpo-43811: Tests multiple OpenSSL versions on GitHub
    Actions. Use ccache to speed up testing.
  - bpo-43791: OpenSSL 3.0.0: Disable testing of legacy
    protocols TLS 1.0 and 1.1. Tests are failing with
    TLSV1_ALERT_INTERNAL_ERROR.
  - IDLE
  - bpo-43655: IDLE dialog windows are now recognized as
    dialogs by window managers on macOS and X Window.
  - C API
  - bpo-43962: _PyInterpreterState_IDIncref() now calls
    _PyInterpreterState_IDInitref() and always increments
    id_refcount. Previously, calling
    _xxsubinterpreters.get_current() could create an
    id_refcount inconsistency when
    a _xxsubinterpreters.InterpreterID object was deallocated.
    Patch by Victor Stinner.
- Reapplied patches:
  - CVE-2019-5010-null-defer-x509-cert-DOS.patch
  - F00102-lib64.patch
  - SUSE-FEDORA-multilib.patch
  - bpo-31046_ensurepip_honours_prefix.patch
  - python-3.3.0b1-fix_date_time_compiler.patch
- Make sure to close the import_failed.map file after the exception
  has been raised in order to avoid ResourceWarnings when the
  failing import is part of a try...except block.

==== python38-core ====
Version update (3.8.9 -> 3.8.10)
Subpackages: libpython3_8-1_0 python38-base

- Update to 3.8.10:
  - Security
  - bpo-43434: Creating a sqlite3.Connection object now also
    produces a sqlite3.connect auditing event. Previously this
    event was only produced by sqlite3.connect() calls. Patch
    by Erlend E. Aasland.
  - bpo-43472: Ensures interpreter-level audit hooks receive
    the cpython.PyInterpreterState_New event when called
    through the _xxsubinterpreters module.
  - bpo-43075: Fix Regular Expression Denial of Service (ReDoS)
    vulnerability in urllib.request.AbstractBasicAuthHandler.
    The ReDoS-vulnerable regex has quadratic worst-case
    complexity and it allows cause a denial of service when
    identifying crafted invalid RFCs. This ReDoS issue is on
    the client side and needs remote attackers to control the
    HTTP server.
  - Core and Builtins
  - bpo-43105: Importlib now resolves relative paths when
    creating module spec objects from file locations.
  - bpo-42924: Fix bytearray repetition incorrectly copying
    data from the start of the buffer, even if the data is
    offset within the buffer (e.g. after reassigning a slice at
    the start of the bytearray to a shorter byte string).
  - Library
  - bpo-43993: Update bundled pip to 21.1.1.
  - bpo-43937: Fixed the turtle module working with non-default
    root window.
  - bpo-43930: Update bundled pip to 21.1 and setuptools to
    56.0.0
  - bpo-43920: OpenSSL 3.0.0: load_verify_locations() now
    returns a consistent error message when cadata contains no
    valid certificate.
  - bpo-43607: urllib can now convert Windows paths with \\?\
    prefixes into URL paths.
  - bpo-43284: platform.win32_ver derives the windows version
    from sys.getwindowsversion().platform_version which in turn
    derives the version from kernel32.dll (which can be of
    a different version than Windows itself). Therefore change
    the platform.win32_ver to determine the version using the
    platform module?s _syscmd_ver private function to return an
    accurate version.
  - bpo-42248: [Enum] ensure exceptions raised in _missing__
    are released
  - bpo-43799: OpenSSL 3.0.0: define OPENSSL_API_COMPAT 1.1.1
    to suppress deprecation warnings. Python requires OpenSSL
    1.1.1 APIs.
  - bpo-43794: Add ssl.OP_IGNORE_UNEXPECTED_EOF constants
    (OpenSSL 3.0.0)
  - bpo-43789: OpenSSL 3.0.0: Don?t call the password callback
    function a second time when first call has signaled an
    error condition.
  - bpo-43788: The header files for ssl error codes are now
    OpenSSL version-specific. Exceptions will now show correct
    reason and library codes. The make_ssl_data.py script has
    been rewritten to use OpenSSL?s text file with error codes.
  - bpo-43655: tkinter dialog windows are now recognized as
    dialogs by window managers on macOS and X Window.
  - bpo-43534: turtle.textinput() and turtle.numinput() create
    now a transient window working on behalf of the canvas
    window.
  - bpo-43522: Fix problem with hostname_checks_common_name.
    OpenSSL does not copy hostflags from struct SSL_CTX to
    struct SSL.
  - bpo-42967: Allow bytes separator argument in
    urllib.parse.parse_qs and urllib.parse.parse_qsl when
    parsing str query strings. Previously, this raised
    a TypeError.
  - bpo-43176: Fixed processing of a dataclass that inherits
    from a frozen dataclass with no fields. It is now correctly
    detected as an error.
  - bpo-34463: Fixed discrepancy between traceback and the
    interpreter in formatting of SyntaxError with lineno not
    set (traceback was changed to match interpreter).
  - bpo-41735: Fix thread locks in zlib module may go wrong in
    rare case. Patch by Ma Lin.
  - bpo-26053: Fixed bug where the pdb interactive run command
    echoed the args from the shell command line, even if those
    have been overridden at the pdb prompt.
  - bpo-36470: Fix dataclasses with InitVars and replace().
    Patch by Claudiu Popa.
  - bpo-28577: The hosts method on 32-bit prefix length
    IPv4Networks and 128-bit prefix IPv6Networks now returns
    a list containing the single Address instead of an empty
    list.
  - bpo-32745: Fix a regression in the handling of ctypes?
    ctypes.c_wchar_p type: embedded null characters would cause
    a ValueError to be raised. Patch by Zackery Spytz.
  - Documentation
  - bpo-43959: The documentation on the PyContextVar C-API was
    clarified.
  - bpo-43938: Update dataclasses documentation to express that
    FrozenInstanceError is derived from AttributeError.
  - bpo-43739: Fixing the example code in
    Doc/extending/extending.rst to declare and initialize the
    pmodule variable to be of the right type.
  - Tests
  - bpo-43842: Fix a race condition in the SMTP test of
    test_logging. Don?t close a file descriptor (socket) from
    a different thread while asyncore.loop() is polling the
    file descriptor. Patch by Victor Stinner.
  - bpo-43811: Tests multiple OpenSSL versions on GitHub
    Actions. Use ccache to speed up testing.
  - bpo-43791: OpenSSL 3.0.0: Disable testing of legacy
    protocols TLS 1.0 and 1.1. Tests are failing with
    TLSV1_ALERT_INTERNAL_ERROR.
  - IDLE
  - bpo-43655: IDLE dialog windows are now recognized as
    dialogs by window managers on macOS and X Window.
  - C API
  - bpo-43962: _PyInterpreterState_IDIncref() now calls
    _PyInterpreterState_IDInitref() and always increments
    id_refcount. Previously, calling
    _xxsubinterpreters.get_current() could create an
    id_refcount inconsistency when
    a _xxsubinterpreters.InterpreterID object was deallocated.
    Patch by Victor Stinner.
- Reapplied patches:
  - CVE-2019-5010-null-defer-x509-cert-DOS.patch
  - F00102-lib64.patch
  - SUSE-FEDORA-multilib.patch
  - bpo-31046_ensurepip_honours_prefix.patch
  - python-3.3.0b1-fix_date_time_compiler.patch
- Make sure to close the import_failed.map file after the exception
  has been raised in order to avoid ResourceWarnings when the
  failing import is part of a try...except block.