Packages changed:
  curl (7.80.0 -> 7.81.0)
  dnf
  fwupd-efi
  gupnp (1.4.1 -> 1.4.2)
  keylime (6.2.0 -> 6.2.1)
  libcamera (0.0.0+g3076.d79b4120 -> 0.0.0+g3381.1db1e31e)
  logrotate (3.18.1 -> 3.19.0)
  mutter
  noto-coloremoji-fonts (20200916 -> 20211101)
  pipewire (0.3.42 -> 0.3.43)
  system-config-printer
  wireplumber (0.4.5 -> 0.4.6)
  wpa_supplicant

=== Details ===

==== curl ====
Version update (7.80.0 -> 7.81.0)
Subpackages: libcurl4

- update to 7.81.0:
  * mime: use percent-escaping for multipart form field and file names
  * asyn-ares: ares_getaddrinfo needs no happy eyeballs timer
  * azure: make the "w/o HTTP/SMTP/IMAP" build disable SSL proper
  * BINDINGS: add cURL client for PostgreSQL
  * BINDINGS: add one from Everything curl and update a link
  * checksrc: detect more kinds of NULL comparisons we avoid
  * CI: build examples for additional code verification
  * CI: bump job to use mbedtls 3.1.0
  * cmake: don't set _USRDLL on a static Windows build
  * cmake: prevent dev warning due to mismatched arg
  * cmake: private identifiers use CURL_ instead of CMAKE_ prefix
  * config.d: update documentation to match the path search
  * configure: add -lm to configure for rustls build.
  * configure: better diagnostics if hyper is built wrong
  * configure: don't enable TLS when --without-* flags are used
  * configure: fix runtime-lib detection on macOS
  * curl.1: require "see also" for every documented option
  * curl: improve error message for --head with -J
  * curl_easy_cleanup.3: remove from multi handle first
  * curl_easy_escape.3: call curl_easy_cleanup in example
  * curl_easy_unescape.3: call curl_easy_cleanup in example
  * curl_multi_init.3: fix EXAMPLE formatting
  * curl_multi_perform/socket_action.3: clarify what errors mean
  * curl_share_setopt.3: split out options into their own manpages
  * CURLOPT_STDERR.3: does not work with libcurl as a win32 DLL
  * digest: compute user:realm:pass digest w/o userhash
  * docs/checksrc: Add documentation for STRERROR
  * docs/cmdline-opts: do not say "protocols: all"
  * docs/examples: workaround broken -Wno-pedantic-ms-format
  * docs/HTTP3: describe how to setup a h3 reverse-proxy for testing
  * docs/INSTALL.md: typo fix : added missing "get" verb
  * docs/URL-SYNTAX.md: space is not fine in a given URL
  * docs: add known bugs list to HTTP3.md
  * docs: address proselint nits
  * docs: consistent manpage SYNOPSIS
  * docs: fix dead links, remove ECH.md
  * docs: fix typo in OpenSSL 3 build instructions
  * docs: Update the Reducing Size section
  * example/progressfunc: remove code for old libcurls
  * examples/multi-single.c: remove WAITMS()
  * FAQ: typo fix : "yout" ? "your"
  * ftp: disable warning 4706 in MSVC
  * gen.pl: improve example output format
  * github workflow: add wolfssl (removed from zuul)
  * github/workflows: add mbedtls and mbedtls-clang (removed from zuul)
  * gtls: check return code for gnutls_alpn_set_protocols
  * hash: lazy-alloc the table in Curl_hash_add()
  * http2:set_transfer_url() return early on OOM
  * HTTP3: update quiche build instructions
  * http: enable haproxy support for hyper backend
  * http: Fix CURLOPT_HTTP200ALIASES
  * http_proxy: don't close the socket (too early)
  * insecure.d: detail its use for SFTP and SCP as well
  * insecure.d: expand and clarify
  * libcurl-multi.3: "SOCKS proxy handshakes" are not blocking
  * libcurl-security.3: mention address and URL mitigations
  * libssh2: fix error message for sha256 mismatch
  * libtest: avoid "assignment within conditional expression"
  * lift: ignore is a deprecated config option, use ignoreRules
  * linkcheck.yml: add CI job that checks markdown links
  * m4/curl-compilers: tell clang -Wno-pointer-bool-conversion
  * Makefile.m32: rename -winssl option to -schannel and tidy up
  * mbedTLS: add support for CURLOPT_CAINFO_BLOB
  * mbedtls: fix CURLOPT_SSLCERT_BLOB
  * mbedtls: fix private member designations for v3.1.0
  * misc: remove unused doh flags when CURL_DISABLE_DOH is defined
  * misc: s/e-mail/email
  * multi: cleanup the socket hash when destroying it
  * multi: handle errors returned from socket/timer callbacks
  * multi: shut down CONNECT in Curl_detach_connnection
  * netrc.d: edit the .netrc example to look nicer
  * ngtcp2: verify the server cert on connect (quictls)
  * ngtcp2: verify the server certificate for the gnutls case
  * nss:set_cipher don't clobber the cipher list
  * openldap: implement STARTTLS
  * openldap: process search query response messages one by one
  * openldap: several minor improvements
  * openldap: simplify ldif generation code
  * openssl: check the return value of BIO_new()
  * openssl: define HAVE_OPENSSL_VERSION for OpenSSL 1.1.0+
  * openssl: remove `RSA_METHOD_FLAG_NO_CHECK` handling if unavailable
  * openssl: remove usage of deprecated `SSL_get_peer_certificate`
  * openssl: use non-deprecated API to read key parameters
  * page-footer: add a mention of how to report bugs to the man page
  * page-footer: document more environment variables
  * request.d: refer to 'method' rather than 'command'
  * retry-all-errors.d: make the example complete
  * runtests: make the SSH library a testable feature
  * rustls: read of zero bytes might be okay
  * rustls: remove comment about checking handshaking
  * rustls: remove incorrect EOF check
  * sha256/md5: return errors when init fails
  * socks5: use appropriate ATYP for numerical IP address host names
  * test1156: enable for hyper
  * test1156: fixup the stdout check for Windows
  * test1525: tweaked for hyper
  * test1526: enable for hyper
  * test1527: enable for hyper
  * test1528: enable for hyper
  * test1554: adjust for hyper
  * test1556: adjust for hyper
  * test302[12]: run only with the libssh2 backend
  * test661: enable for hyper
  * tests/CI.md: add more information on CI environments
  * tests/data/test302[12]: fix MSYS2 path conversion of hostpubsha256
  * tftp: mark protocol as not possible to do over CONNECT
  * tool_findfile: updated search for a file in the homedir
  * tool_operate: only set SSH related libcurl options for SSH URLs
  * tool_operate: warn if too many output arguments were found
  * url.c: fix the SIGPIPE comment for Curl_close
  * url: check ssl_config when re-use proxy connection
  * url: reduce ssl backend count for CURL_DISABLE_PROXY builds
  * urlapi: accept port number zero
  * urlapi: if possible, shorten given numerical IPv6 addresses
  * urlapi: provide more detailed return codes
  * urlapi: reject short file URLs
  * version_win32: Check build number and platform id
  * vtls/rustls: adapt to the updated rustls_version proto
  * writeout: fix %{http_version} for HTTP/3
  * x509asn1: return early on errors
  * zuul.d: update rustls-ffi to version 0.8.2
  * zuul: fix quiche build pointing to wrong Cargo

==== dnf ====

- Add /etc/dnf/modules.d directory to -data subpackage (boo#1193706)

==== fwupd-efi ====

- Re-add fwupdx64.efi.signed symlink (boo#1192206)

==== gupnp ====
Version update (1.4.1 -> 1.4.2)

- Update to version 1.4.2:
  + Context: Fix a memory leak if ACL was used
  + RootDevice: Deprecate get_relative_location call
  + RootDevice, Device & Service: Fix use-after-free if Service
    lives longer than RootDevice
  + Service: Declare _valist functions deprecated
  + ServiceAction: Deprecate _return() call
  + ServiceProxy:
  - Fix re-queueing the message if POST fails
  - Fix double-free on ProxyAction
  + ServiceProxyAction: add _set() to the public API
  + ControlPoint: Deprecate get_context() call
  + Doc:
  - Add missing ContextFilter description
  - Add note regarding ACL and host_path()
  - Add note regarding error handling of call API
- Add gupnp-build-man-pages.patch: Build and install the manpage.

==== keylime ====
Version update (6.2.0 -> 6.2.1)
Subpackages: keylime-agent keylime-config keylime-firewalld keylime-registrar keylime-tpm_cert_store keylime-verifier python38-keylime

- Update to version v6.2.1:
  * Another addition to gitignore
  * Update .gitignore with more Keylime-specific files
  * json: add support for sqlalchemy.engine.row.Row in newer sqlalchemy
  * ima_ast: check if the PCR is the same as in the config
  * Fix permissions issue on volume mount in run_local.sh
  * Make run_local.sh use a local copy of the repo
  * Small updates to GOVERNANCE.md
  * Move cargo-tarpaulin install to separate command
  * config: drop registrar_* TLS options in [registrar] section
  * Fix missing && in Dockerfile
  * Remove simplejson from scripts and docs
  * Replace simplejson with built-in json module
  * Add rust-keylime container dependencies
  * config: fix getboolean with fallback
  * Clean up CI scripts and rewrite run_local.sh
  * ima: for ToMToU errors skip template content validation
  * ima: Use a set of entry numbers and file offsets to remember multiple positions
  * Rename CONTRIBUTORS.md to CONTRIBUTING.md
  * Update GOVERNANCE.md to match MAINTAINERS.md rename
  * Update MAINTAINERS
  * Update README: remove Gitter, Travis CI
  * ca: Use UTC when setting certificate validity
  * Tenant commands return json
  * scripts: Allow passing a base policy to create_policy tool
  * ima: Handle the case of ima-sig with a path with spaces in them
  * add length to string object
  * scripts: Implement create_policy to create the JSON allowlist from files
  * ima: Also add a sha256 default boot_aggregate hash with 64 '0's
  * ima: Use seek() to get to the last known last entry
  * ima: Extend allowlist to be able to handle generic ima-buf entries
  * ima: Extend JSON allowlist with 'ima' entry and 'ignored_keyrings'
  * ima: Populate verifier keyrings with keys taken from ima-buf log line
  * ima: Remove methods from ImaKeyring that are now in ImaKeyrings
  * ima: Start passing ima_keyrings through APIs replacing ima_keyring
  * Extend AgentAttestState with ima_keyrings field and use it
  * ima: Implement ImaKeyrings class to support multiple keyrings
  * verifier: Extend verifier DB to persist learned keyrings
  * Fix a couple of pylint errors
  * ima: Fix spurious attestation failures
  * ima: make ToMToU errors not a failure by default
  * Simple fix for tenant error message printout.
  * pylint: Fix errors related to R1714
  * pylint: Suppress C0201, C0209 and W0602 newly reported errors
  * installer: do not install tpm2-abrmd
  * tpm: by default use /dev/tpmrm0 instead of tpm2-abrmd
  * verifier: add option to send revocation messages via webhook

==== libcamera ====
Version update (0.0.0+g3076.d79b4120 -> 0.0.0+g3381.1db1e31e)

- Update to version 0.0.0+g3381.1db1e31e:
  * No changelog available.

==== logrotate ====
Version update (3.18.1 -> 3.19.0)

- update to 3.19.0:
  * continue on EINTR in compressLogFile() (#430)
  * enforce stricter parsing of configuration files (#427, #431)
  * avoid confusing error message in debug mode (#426)
  * fix full_write() on incomplete write (#415)
  * do not use alloca() any more (#412)
  * do not rotate hard links unless allowhardlink is used (#407)
  * change directory after dropping privileges (#397)
  * add defence in depth when dropping privileges (#400)
  * remove invalid configuration on error (#408)
  * do not open symbolic link log files by accident (#399)
  * do not write state if state file is /dev/null (#395)
- rebased logrotate-3.13.0-systemd_add_home_env.patch
  and renamed to logrotate-3.19.0-systemd_add_home_env.patch
- removed obsolete logrotate-dont_warn_on_size=_syntax.patch

==== mutter ====

- Add mutter-initialize-saved_rect_fullscreen.patch: Some
  applications that starts in fullscreen disappear when switching
  back to normal size mode, because mutter forget to initialize
  saved_rect_fullscreen which is used for unfullscreen, this patch
  fixes it (glgo#GNOME/mutter!2210, bsc#1185444).

==== noto-coloremoji-fonts ====
Version update (20200916 -> 20211101)

- Update to v2.034
  * Unicode 14.0 update

==== pipewire ====
Version update (0.3.42 -> 0.3.43)
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools

- Update to version 0.3.43:
  * Highlights:
  - Flatpak apps such as Ardour can now remove links again.
  - Many fixes to pulse-server. Memory usage should be improved.
    Some crashes are fixed. Underrun handling should work better.
    Better compatibility with GStreamer based applications after
    seeking.
  - Many of the samplerate and quantum changes bugs in previous
    releases were fixed. This fixes some issues where the
    microphone would fail to work.
  - Many more small fixes and improvements all over the place.

==== system-config-printer ====
Subpackages: python3-cupshelpers system-config-printer-common system-config-printer-dbus-service udev-configure-printer

- Add python-rpm-macros BuildRequires in case some build
  environment does not pull it automatically. This is needed by
  macros like %{python3_sitelib}.

==== wireplumber ====
Version update (0.4.5 -> 0.4.6)
Subpackages: libwireplumber-0_4-0 wireplumber-audio

- Reformat .changes file to limit lines to 67 chars when possible.
- Update to version 0.4.6:
  * Fix a lot of race condition bugs that would cause strange
    crashes or many log messages being printed when streaming
    clients would connect and disconnect very fast.
  * Improve the logic for selecting a default target device.
  * Fix switching to headphones when the wired headphones are
    plugged in.
  * Fix an issue where "udevadm trigger" would break wireplumber.
  * Fix an issue where switching profiles of a device could kill
    client nodes.
  * Fix briefly switching output to a secondary device when
    switching device profiles (#85)
  * Fix "wpctl status" showing default device selections when
    dealing with module-loopback virtual sinks and sources.
  * WirePlumber now ignores hidden files from the config directory.
  * Fix an interoperability issue with jackdbus.
  * Fix an issue where pulseaudio tcp clients would not have
    permissions to connect to PipeWire.
  * Fix a crash in the journald logger with NULL debug messages.
  * Enable real-time priority for the bluetooth nodes to run in RT.
  * Make the default stream volume configurable.
  * Scripts are now also looked up in
    $XDG_CONFIG_HOME/wireplumber/scripts
  * Update documentation on configuring WirePlumber and fixed some
    more documentation issues.
  * Add support for using strings as log level selectors in
    WIREPLUMBER_DEBUG.
- Drop patches merged upstream:
  * 0001-m-reserve-device-replace-the-hash-table-key-on-new-insert.patch
  * 0002-policy-node-wait-for-nodes-when-we-become-unlinked.patch
- Add patch from upstream to fix a pulse client hanging issue:
  * 0001-policy-node-schedule-rescan-without-timeout-if-defined-target-is-not-found.patch
- Add patch from upstream to fix an issue with
  libpipewire-module-echo-cancel:
  * 0002-policy-node-find-best-linkable-if-default-one-cannot-be-linked.patch

==== wpa_supplicant ====

- Added hardening to systemd service(s) (bsc#1181400). Modified:
  * wpa_supplicant.service