Packages changed:
  MozillaFirefox (107.0.1 -> 108.0.1)
  NetworkManager (1.40.6 -> 1.40.8)
  avahi
  avahi-glib2
  cairomm1_0
  enchant-1
  ethtool (6.0 -> 6.1)
  glib2-branding-openSUSE
  gnome-menus
  imlib2 (1.9.1 -> 1.10.0)
  libcloudproviders
  libdmapsharing
  libglade2
  libgtop
  mpc (1.3.0 -> 1.3.1)
  pangomm1_4
  rpm
  xz (5.2.8 -> 5.2.10)

=== Details ===

==== MozillaFirefox ====
Version update (107.0.1 -> 108.0.1)
Subpackages: MozillaFirefox-translations-common

- Mozilla Firefox 108.0.1 (boo#1206507)
  * Fixes the default search engine being reset on upgrade for
    profiles which were previously copied from a different location
- Mozilla Firefox 108.0
  https://www.mozilla.org/en-US/firefox/108.0/releasenotes/
  MFSA 2022-51 (bsc#1206242)
  * CVE-2022-46871 (bmo#1795697)
    libusrsctp library out of date
  * CVE-2022-46872 (bmo#1799156)
    Arbitrary file read from a compromised content process
  * CVE-2022-46873 (bmo#1644790)
    Firefox did not implement the CSP directive unsafe-hashes
  * CVE-2022-46874 (bmo#1746139)
    Drag and Dropped Filenames could have been truncated to
    malicious extensions
  * CVE-2022-46875 (bmo#1786188)
    Download Protections were bypassed by .atloc and .ftploc
    files on Mac OS
  * CVE-2022-46877 (bmo#1795139)
    Fullscreen notification bypass
  * CVE-2022-46878 (bmo#1782219, bmo#1797370, bmo#1797685,
    bmo#1801102, bmo#1801315, bmo#1802395)
    Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6
  * CVE-2022-46879 (bmo#1736224, bmo#1793407, bmo#1794249, bmo#1795845,
    bmo#1797682, bmo#1797720, bmo#1798494, bmo#1799479)
    Memory safety bugs fixed in Firefox 108
- requires
  NSS >= 3.85
  rustc/cargo 1.65
- added translations to .desktop file.

==== NetworkManager ====
Version update (1.40.6 -> 1.40.8)
Subpackages: NetworkManager-bluetooth NetworkManager-lang NetworkManager-pppoe NetworkManager-tui NetworkManager-wwan libnm0 typelib-1_0-NM-1_0

- Update to version 1.40.8:
  + Fixed a bug that caused devices (MACsec in particular) to be
    stuck in UNAVAILABLE state and not transition to DISCONNECTED
    if the carrier was ready too early.
  + Improved interoperability of MACsec with some Aruba switches by
    allowing CKN shorter than 64 characters.
  + Fixed an assertion failure when restarting NetworkManager with
    MACsec links configured.
  + Fixed a possible DHCP helper crash when handling failure to
    connect to D-Bus.
  + Corrected calculation of expiration time for items configured
    from IPv6 neighbor discovery messages.
  + Various fixes for platforms that don't allow unaligned memory
    access.
- Drop iptables BuildRequires and -Diptables meson parameter:
  iptables is legacy (obsoleted in favor of nft). Additionally.
  meson has proper fallback detection to assume the correct path,
  should it need to use iptables.
- Recommend nftables instead of iptables.

==== avahi ====
Subpackages: avahi-lang libavahi-client3 libavahi-client3-32bit libavahi-common3 libavahi-common3-32bit libavahi-core7

- Drop %{_sysconfdir}/sysconfig/network/if-{up,down}.d scripts:
  they are not used, or supported, in a while already.

==== avahi-glib2 ====
Subpackages: libavahi-glib1 libavahi-gobject0 libavahi-ui-gtk3-0

- Drop %{_sysconfdir}/sysconfig/network/if-{up,down}.d scripts:
  they are not used, or supported, in a while already.

==== cairomm1_0 ====

- Drop baselibs.conf: there is no known consumer of the -32bit
  package.

==== enchant-1 ====
Subpackages: enchant-1-backends libenchant1

- Drop baselibs.conf: there is no known consumer of the -32bit
  package.

==== ethtool ====
Version update (6.0 -> 6.1)

- update to upstream release 6.1
  * Feature: update link mode tables
  * Feature: register dump for NXP ENETC driver (-d)
  * Feature: report TCP header-data split (-g)
  * Feature: support new message types in pretty print
  * Fix: man page syntax fixes

==== glib2-branding-openSUSE ====

- Prefer file-roller over nautilus for archives.

==== gnome-menus ====
Subpackages: gnome-menus-lang libgnome-menu-3-0 typelib-1_0-GMenu-3_0

- Drop baselibs.conf: there is no known consumer of the -32bit
  package.

==== imlib2 ====
Version update (1.9.1 -> 1.10.0)
Subpackages: imlib2-loaders libImlib2-1

- update to 1.10.0:
  * Introduce imlib_load_image_fde
    imlib2_load: Tweak load mode handling
    Introduce Imlib2_Loader.h - all that is needed by loaders
    image: Change has alpha flag to separate byte
    loading: Don't look for cached image when not caching
    loading: New loader infrastructure
  * loading: Introduce __imlib_ImageFileContextPush/Pop
    loading: Centralize mmap handling
  * Introduce imlib_load_image_mem
  * imlib2_load: Add option to use imlib_load_image_mem
    api: Remove cast previously dropped everywhere else
    Hide imlib_get/set_color_usage() if no X11
    api: Move X11 related functions to separate file
    api: Move filter functions to separate file
    Enable disabling filter functions
    api: Move text functions to separate file
    Enable disabling text functions
    J2K loader: Drop showing deprecated item in debug message
    image: Fix memory leak when cloning images
    Unify basic X11 functionality in test programs
    Includes tweaks
    test: Re-generate test images with recent tool/library versions
    image: Hide internal ImlibImageFileInfo struct
    image: Don't munmap external memory
  * Introduce imlib_get_error
    api: error_return adjustments
    imlib2_load: Add option to enable image caching
    image: Fix potential use of uninitialized time stamps
    PNG loader: Correct frame delay in zero denominator case
    PNG loader: Cosmetics
    PNG loader: Improved handling of animated PNGs
    multiframe: Support loop count
    PNG loader: Fix animated PNG loading some more
    autofoo: Fix trouble with test subdirectory in distributed source
    autofoo: Rework git tag/release stuff
    test: test_load: Quit when loading primary image fails
    SVG loader: Don't reference multiframe stuff
  * ICO loader: Eliminate ico_load
    autofoo: Use AC_USE_SYSTEM_EXTENSIONS
    imlib2_view: Fix single frame update rendering
    test: test_load_2: Check frame 0/1 loading too
    PNG loader: Cosmetics
    PS loader: Cosmetics
    multiframe: Tweaks around frame number handling
    multiframe: Centralize handling of frame update offsets
    multiframe: Move frame info to allocated record
    multiframe: Allocate frame info only when needed
    PNG loader: Quit scan when target fdAT is seen
    PNG loader: Quit after loading first frame
    PNG loader: Simplify update callback handling
    imlib2_view: Fix multiframe rendering detail
    multiframe: Remove frame offset from updates
    imlib2_view: Fix multiframe after update coordinate change
    imlib2_view: Deal with all pending X events at once
    imlib2_view: Properly handle caching vs progress callbacks
    imlib2_view: Don't load bad images twice if first or last in argument list
    image: Cosmetics
  * image: Introduce __imlib_LoadEmbeddedMem
    Add new ani loader
  * image: Cosmetics
    ANI loader: Disable progress in embed loader
    ANI loader: Multiframe suport
    v1.10.0
    Introduce imlib_load_image_frame_mem
    imlib_load_image_frame_mem(): set nocache
    TGA loader: fix indexing in tgaflip

==== libcloudproviders ====

- Drop baselibs.conf: there is no known consumer of the -32bit
  package.

==== libdmapsharing ====

- Drop baselibs.conf: there is no known consumer of the -32bit
  package.

==== libglade2 ====

- Drop baselibs.conf: there is no known consumer of the -32bit
  package.

==== libgtop ====
Subpackages: libgtop-2_0-11 libgtop-lang

- Drop baselibs.conf: there is no known consumer of the -32bit
  package.

==== mpc ====
Version update (1.3.0 -> 1.3.1)

- Update to version 1.3.1:
  * Bug fix: It is again possible to include mpc.h without
    including stdio.h.
- drop mpc-1.3.0-gmpdep.patch

==== pangomm1_4 ====

- Drop baselibs.conf: there is no known consumer of the -32bit
  package.

==== rpm ====
Subpackages: librpmbuild9

- switch to pkgconfig(zlib) so that alternative providers can be
  used

==== xz ====
Version update (5.2.8 -> 5.2.10)
Subpackages: liblzma5 liblzma5-32bit xz-lang

- update to 5.2.10:
  * xz: Don't modify argv[] when parsing the --memlimit* and
  - -block-list command line options. This fixes confusing
    arguments in process listing (like "ps auxf").
  * GNU/Linux only: Use __has_attribute(__symver__) to detect if
    that attribute is supported. This fixes build on Mandriva where
    Clang is patched to define __GNUC__ to 11 by default (instead
    of 4 as used by Clang upstream).
  * liblzma:
  - Fixed an infinite loop in LZMA encoder initialization
    if dict_size >= 2 GiB.
  - Fixed two cases of invalid free() that can happen if
    a tiny allocation fails in encoder re-initialization
    or in lzma_filters_update(). These bugs had some
    similarities with the bug fixed in 5.2.7.
  - Fixed lzma_block_encoder() not allowing the use of
    LZMA_SYNC_FLUSH with lzma_code() even though it was
    documented to be supported. The sync-flush code in
    the Block encoder was already used internally via
    lzma_stream_encoder(), so this was just a missing flag
    in the lzma_block_encoder() API function.
  - GNU/Linux only: Don't put symbol versions into static
    liblzma as it breaks things in some cases (and even if
    it didn't break anything, symbol versions in static
    libraries are useless anyway). The downside of the fix
    is that if the configure options --with-pic or --without-pic
    are used then it's not possible to build both shared and
    static liblzma at the same time on GNU/Linux anymore;
    with those options --disable-static or --disable-shared
    must be used too.
- drop unused xz-devel-static which is no longer supported when using
  - -with-pic (which is needed for shared libs)